CertEnrollCtrl.exe

  • File Path: C:\Windows\system32\CertEnrollCtrl.exe
  • Description: Certificate Enrollment Control

Hashes

Type Hash
MD5 A5258406C3C926A651A0A9DB93B4E8E3
SHA1 3E5A407DFA4ED557D4E88830504B00A8A3EE0020
SHA256 C180F87DD7F7BD58AD85BE08B0C59F95FA4A5D3EC748931FF4A89D1AFCFE8449
SHA384 1E92C9D7AC14E6337F3942F2D58ACA9CE163594E6054AE713D2DAD7BA42F2C17D4BBC9D99B0E252A7388011CC469E140
SHA512 880B50786528D503348FE156124FFCC0F7922428EA2A1C4BB543CBBFB1FDA2672A434C40AB8F7F8ABBA24A52B40BA97ACD84119A9D8876267837FAAE1F3DBF71
SSDEEP 1536:WM1+cvmDLbfr4xgEGhxuOSaNx6Y4Vrr+BvHuiHgZCCys:23QgEGhVxav+BWnjys
IMP 90691EED0033FC894F22AFCD8DC3AA79
PESHA1 C6C1B27DD97AE5CF001A0C545D705C14BEB976FD
PE256 11F44846E4E07161ED1423538BFF3EDE991362E99E7320812718C28822BB8F18

Runtime Data

Open Handles:

Path Type
(R-D) C:\Windows\System32\en-US\CertEnrollCtrl.exe.mui File
(RW-) C:\Users\user File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section

Loaded Modules:

Path
C:\Windows\System32\advapi32.dll
C:\Windows\System32\bcryptPrimitives.dll
C:\Windows\system32\certca.dll
C:\Windows\system32\certenroll.dll
C:\Windows\system32\CertEnrollCtrl.exe
C:\Windows\System32\clbcatq.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\CRYPT32.dll
C:\Windows\system32\DPAPI.DLL
C:\Windows\system32\DSPARSE.dll
C:\Windows\SYSTEM32\kernel.appcore.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\WLDAP32.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: EnrollComServer.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/c180f87dd7f7bd58ad85be08b0c59f95fa4a5d3ec748931ff4a89d1afcfe8449/detection

MIT License. Copyright (c) 2020-2021 Strontic.