CredentialUIBroker.exe
- File Path:
C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
- Description: Credential Manager UI Host
Hashes
| Type |
Hash |
| MD5 |
4B922F2FF7183746C8D049A08A874DFA |
| SHA1 |
3AE99128304380520145E0E3CA4E01448BB09C53 |
| SHA256 |
D9D6203855CF64F244AEC583D17D80430D248C7349A4C70220DF2A184F780772 |
| SHA384 |
2FE135C8ED61D906E90080BCCAA0C223ECFEFC8B230A8EF83BE2CEC0CF9A2EE7B846FC6BE70302AD31B59AC272BB9BEC |
| SHA512 |
2E053F5FAA4B98037EEC2EF8FEA341022BADE1D1B044E1CE8CB72A52F2723FC2913E5F2E9C20E4D5F33F5E58DCCFD25D351DE30C0A75A28AE3A783ED51858904 |
| SSDEEP |
3072:L7oOPEq6p9AZU6rc72MS93KvTUGVf/FCG58CsiC7G0/H:/yl2JIE96bUGN/FCG58kn0f |
| IMP |
137B297635DFB473EF4709D0F7027B80 |
| PESHA1 |
8673B3A01B22D780D5C837692C10F68D6AEC3F4D |
| PE256 |
5A28BCA1B6EB5F70E910157A19C83F51AB70320112156DB86BF1499A36E06DBE |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Windows |
File |
| (RW-) C:\Windows\SysWOW64 |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\System32\wow64.dll |
| C:\WINDOWS\System32\wow64base.dll |
| C:\WINDOWS\System32\wow64con.dll |
| C:\WINDOWS\System32\wow64cpu.dll |
| C:\WINDOWS\System32\wow64win.dll |
| C:\WINDOWS\SysWOW64\CredentialUIBroker.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: CredentialUIBroker.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/d9d6203855cf64f244aec583d17d80430d248c7349a4c70220df2a184f780772/detection
MIT License. Copyright (c) 2020-2021 Strontic.