CustomShellHost.exe
- File Path:
C:\Windows\system32\CustomShellHost.exe - Description: CustomShellHost
Hashes
| Type | Hash |
|---|---|
| MD5 | 70400E78B71BC8EFDD063570428AE531 |
| SHA1 | CD86ECD008914FDD0389AC2DC00FE92D87746096 |
| SHA256 | 91333F3282A2420359AE9D3ADF537688741D21E964F021E2B152AB293447F289 |
| SHA384 | 0C8BAC654DF535A33C2B3D64534880C8E6A1C01872A00CBA38ECDD69D43C1306B36F0C6FF7FC18D3A296839C76542A95 |
| SHA512 | 53005DDA237FB23AF79F54779C74A09835AD4CAD3CA7B9DCEC80E3793A60DD262F45B910BEF96AB9C8E69D0C6990FEA6CA5FEE85D7F8425DB523AE658372959E |
| SSDEEP | 24576:fQWdeRtyatYX3jkg7wmekaxsp19yrOJWwsS0rG:fQnbg7w9NxspIA5sS0r |
| IMP | 5C22FA37896B238CEB53C03974778C84 |
| PESHA1 | 81A00C8DF217B167E9C791EDDA82CD3810B487FA |
| PE256 | 521C7A5A986292175E749414B0264E10BE6DF0AE039FE650CCC43355B831696B |
Runtime Data
Child Processes:
explorer.exe
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\system32\CustomShellHost.exe |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\IMM32.DLL |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\system32\netutils.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\SYSTEM32\powrprof.dll |
| C:\Windows\system32\PROPSYS.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\SHCORE.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\System32\SHLWAPI.dll |
| C:\Windows\system32\SspiCli.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\system32\USERENV.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\system32\wkscli.dll |
| C:\Windows\system32\WTSAPI32.dll |
| C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.1110_none_792d1c772443f647\COMCTL32.dll |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC - Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: CustomShellHost.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1202 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1202
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/91333f3282a2420359ae9d3adf537688741d21e964f021e2b152ab293447f289/detection
MIT License. Copyright (c) 2020-2021 Strontic.