ClusterUpdateUI.exe

  • File Path: C:\Windows\system32\ClusterUpdateUI.exe
  • Description: Cluster-Aware Updating UI

Hashes

Type Hash
MD5 F5F11CAA3DED29E93F4918882B80A682
SHA1 E6D7C03174BF46B1C15A6356D1F90627C9AF27E5
SHA256 DD4016861221C3EC5C1C8FE4E68D7117715BACA3366E8A76A615997AE094085D
SHA384 F087D620169C5D705D2990CE687880FACCAC0E1B6CBBABB06CBB080A36143633CB353944D83C2DB67462A75F0F059CDD
SHA512 AA3E598FCD7A9F884F9F73E200893DBDB2892C34A79A43547981AAABC4F017BB1C82EFC12CF3481F6708C49BFA7B6B43AF892E68A9ADA9AD5D8A7ECFA9D2D660
SSDEEP 6144:mhHRtX5AOCh/K6lCL75gbx5zLWLz+uWbg+b6rCSLQb66xK8:mbXeOCk93uecg+OCD

Runtime Data

Window Title:

Cluster-Aware Updating

Open Handles:

Path Type
(R–) C:\Users\user\AppData\Local\Temp\2\ClusterUpdateUi.log File
(R-D) C:\Windows\Cluster\FailoverClusters.Agent.Interop.dll File
(R-D) C:\Windows\Cluster\FailoverClusters.Common.dll File
(R-D) C:\Windows\Cluster\FailoverClusters.FcAgent.Interop.dll File
(R-D) C:\Windows\Cluster\FailoverClusters.ObjectModel.dll File
(R-D) C:\Windows\Cluster\FailoverClusters.Validation.Common.dll File
(R-D) C:\Windows\Cluster\FailoverClusters.Wizards.dll File
(R-D) C:\Windows\Cluster\Microsoft.FailoverClusters.Framework.dll File
(R-D) C:\Windows\Cluster\Microsoft.FailoverClusters.UI.Common.dll File
(R-D) C:\Windows\Cluster\Microsoft.FailoverClusters.Validation.dll File
(R-D) C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll File
(R-D) C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll File
(R-D) C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll File
(R-D) C:\Windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll File
(R-D) C:\Windows\System32\en-US\crypt32.dll.mui File
(R-D) C:\Windows\System32\en-US\KernelBase.dll.mui File
(R-D) C:\Windows\System32\en-US\msctfui.dll.mui File
(R-D) C:\Windows\System32\en-US\UIAutomationCore.dll.mui File
(R-D) C:\Windows\System32\en-US\winnlsres.dll.mui File
(R-D) C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ClusterAwareUpdating\ClusterAwareUpdating.dll File
(RW-) C:\Users\user\Documents File
(RW-) C:\Windows\System32 File
...\Cor_SxSPublic_IPCBlock Section
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\Cor_Private_IPCBlock_v4_5408 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\RPC Control\DSEC1520 Section
\Sessions\2\BaseNamedObjects\1520HWNDInterface:190322 Section
\Sessions\2\BaseNamedObjects\UrlZonesSM_Administrator Section
\Sessions\2\BaseNamedObjects\windows_shell_global_counters Section
\Sessions\2\Windows\Theme4283305886 Section
\Windows\Theme1956823608 Section

Loaded Modules:

Path
C:\Windows\system32\ClusterUpdateUI.exe
C:\Windows\System32\KERNEL32.dll
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\MSCOREE.DLL
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000001C422B2F79B793DACB20000000001C4
  • Thumbprint: AE9C1AE54763822EEC42474983D8B635116C8452
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: ClusterUpdateUI.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.17763.1 (WinBuild.160101.0800)
  • Product Version: 10.0.17763.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

MIT License. Copyright (c) 2020-2021 Strontic.