ChtIME.exe

File Path: C:\Windows\system32\InputMethod\CHT\ChtIME.exe
Description: Microsoft IME

Hashes

Type	Hash
MD5	`E05D1E2C3296BDA6922C7DD41225CF0B`
SHA1	`D3BEBE685436B97E21B08B756CC0E5B4BA441F35`
SHA256	`915E208E33C2518A9B9CE26011DEF37941169E3EBBEA08A5CFB928A49D8EFE68`
SHA384	`031CA58FA97E11BE8625A293AB5A6857B4063F1E745DBC6979BBA7E3BFBFF05B3ABEB746B96FDC34C8019F0707FD10D5`
SHA512	`17BDB897A8699E197E3FECB146EFCA515ABEB27AC297D0975DA982E71CA528508E461E212EF075A27500C79364F5B59CAA30BA389F9910CE3BF6134ADC98A957`
SSDEEP	`3072:ExHvfKKHxfaB+5OlKI72E2VfJVm2nAwi7+WlyXAZIg2Lx:SHXfxfaBtKI7IR7m2nM3C1L`
IMP	`1C137B847577B8F44F2F823B62D4AD5D`
PESHA1	`58455A61803FB40308F46D9AB4901E017FBC67A8`
PE256	`64247D8C07C4D0098F6A0EF3BB398719232EC633A471AE4A0D1A9C4FEFE3DDFB`

Runtime Data

Child Processes:

powershell.exe

Loaded Modules:

Path
C:\Windows\System32\ADVAPI32.dll
C:\Windows\system32\InputMethod\CHT\ChtIME.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\USER32.dll
C:\Windows\System32\win32u.dll

Signature

Status: Signature verified.
Serial: 33000002EC6579AD1E670890130000000002EC
Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: ChtIME.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.746 (WinBuild.160101.0800)
Product Version: 10.0.19041.746
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/72
VirusTotal Link: https://www.virustotal.com/gui/file/915e208e33c2518a9b9ce26011def37941169e3ebbea08a5cfb928a49d8efe68/detection

MIT License. Copyright (c) 2020-2021 Strontic.