- File Path:
C:\Windows\system32\DataStoreCacheDumpTool.exe
Hashes
| Type |
Hash |
| MD5 |
C4374D34436E1E1F659DC17490310CC9 |
| SHA1 |
6B471E8CFD8AB4E0884905457FAE5573925EA5B6 |
| SHA256 |
A751ED722C10FCF97EE15C98214032C4537929B09CE752A840200E6B6BC9E032 |
| SHA384 |
A04676AB14FF606641BD070BE2AEE27D4E928E9D0266CF4D36F4A25522DF83E442DA097BEC39487E3C686046AB9AA9EA |
| SHA512 |
C8A073F45580F6094F557B3D69805C5C085AB44A705BE685D75D31CC20AD2F2C6D2999D4FE4917B0F8ED6A3CAF7D86A4526290FAC81325A6DB1005B116C1F462 |
| SSDEEP |
3072:uIDclqSx5tkDXI6DqU1Zx2Uab5/5v9rBXnBLpFRyedyRol+2Kn:uIYoq5Ej1Zx2Uab5/RjrXKn |
| IMP |
C491B3BD905877FC1C844F4EF62647C9 |
| PESHA1 |
32172B679D1F443888343AA729063F3A75D05F87 |
| PE256 |
4B662CD0B744D7DC83444FE64C2CB8519E3F7A272F6CF92035E5419C087C80D1 |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\system32\DataStoreCacheDumpTool.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename:
- Product Name:
- Company Name:
- File Version:
- Product Version:
- Language:
- Legal Copyright:
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/a751ed722c10fcf97ee15c98214032c4537929b09ce752a840200e6b6bc9e032/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.