- File Path:
C:\Windows\system32\DataStoreCacheDumpTool.exe
Hashes
| Type |
Hash |
| MD5 |
3A9E15EFCA3C3292016DAB2E2DA1BA2F |
| SHA1 |
14AEA85AE97213E1AF0A83F24583E207E26D9A61 |
| SHA256 |
49B08DCC3302B5E01C24FE3088BA30062C9790C2BFE0E020F5B288301C9F0521 |
| SHA384 |
21A9E8B491775F03F3282C681AA51B73955EF0E74EC2D2E72FD621B0FDF66082332279A9A19EFE31A685A368C70C1851 |
| SHA512 |
049560EF21A57C4F27597D78EC42ACCA26AA4EEF5A671EA5D36E1D98C089143F43F623BA7B6FBD254A4A0931FD6BA45F2CB618B9FB89D0F88BF310D029E4ACDA |
| SSDEEP |
3072:flDDz46SxZtnoXIaDqU1pB2Sab5/pv9bRoHBLpFRyegyaol+nKn:fl3fqZUj1pB2Sab5/+jrmKn |
| IMP |
C491B3BD905877FC1C844F4EF62647C9 |
| PESHA1 |
1402A6B59AB0F9E93182228B61F55336961B76B9 |
| PE256 |
C5D895945208876B0EB050398C932BBE7D8ED33A7A728F15504879055A6BFC0D |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\system32\DataStoreCacheDumpTool.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename:
- Product Name:
- Company Name:
- File Version:
- Product Version:
- Language:
- Legal Copyright:
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/76
- VirusTotal Link: https://www.virustotal.com/gui/file/49b08dcc3302b5e01c24fe3088ba30062c9790c2bfe0e020f5b288301c9f0521/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.