DpiScaling.exe

  • File Path: C:\WINDOWS\system32\DpiScaling.exe
  • Description: Display Control Panel

Hashes

Type Hash
MD5 7DA90184E3C85654415CA3FFF9857D51
SHA1 2FC9D9330A3843BC730DEDDDBC9CAB8217CA7EED
SHA256 2C6F019047C7839849048E9ADAA450151B938DCFB9CE530F6274DD97BBA63AE1
SHA384 17D9E37598825EF62FC5B9BA0FB3CABE93DCF79ED03E5032F9148B746D7405166192A15428E9BBFF5C2AA48CF22458C1
SHA512 73D8F18D0DC0D14D38DE6834AF001C09A918BBA4328A93D51933808117D658D0222D6E25E666E1746B1D2433157618794F879A70317925C0CBA8E823AAD8AAE2
SSDEEP 1536:bnD3DE0ZU91OwxgwYfPSqlGv+BNXNvuZS36EDtAZ7jz6dTdMQiMtYwJj7:I+KOwNMSqoKXNvuZAFDqXzlzQH
IMP 79AF10FA7C10573B0B9B52F39C28B0F2
PESHA1 906F247D188CCE3AE4E58E4794A4783DE5273274
PE256 2D30BB26A7F14F648C8FDCFD4D18983ADD35E6E64C01DC8A1367D21493603C40

Runtime Data

Child Processes:

explorer.exe

Loaded Modules:

Path
C:\WINDOWS\System32\bcryptPrimitives.dll
C:\WINDOWS\System32\clbcatq.dll
C:\WINDOWS\System32\combase.dll
C:\WINDOWS\system32\DpiScaling.exe
C:\WINDOWS\System32\GDI32.dll
C:\WINDOWS\System32\gdi32full.dll
C:\WINDOWS\System32\IMM32.DLL
C:\WINDOWS\SYSTEM32\kernel.appcore.dll
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\System32\msvcp_win.dll
C:\WINDOWS\System32\msvcrt.dll
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\System32\ole32.dll
C:\WINDOWS\System32\OLEAUT32.dll
C:\WINDOWS\system32\PROPSYS.dll
C:\WINDOWS\System32\RPCRT4.dll
C:\WINDOWS\System32\sechost.dll
C:\WINDOWS\System32\SHCORE.dll
C:\WINDOWS\System32\SHELL32.dll
C:\WINDOWS\System32\SHLWAPI.dll
C:\WINDOWS\System32\ucrtbase.dll
C:\WINDOWS\System32\USER32.dll
C:\WINDOWS\system32\uxtheme.dll
C:\WINDOWS\System32\win32u.dll
C:\WINDOWS\SYSTEM32\windows.storage.dll
C:\WINDOWS\SYSTEM32\wintypes.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: DPISCALING.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/2c6f019047c7839849048e9adaa450151b938dcfb9ce530f6274dd97bba63ae1/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\DpiScaling.exe 90
C:\Windows\system32\DpiScaling.exe 90
C:\WINDOWS\system32\DpiScaling.exe 90
C:\windows\system32\DpiScaling.exe 90
C:\Windows\system32\DpiScaling.exe 90
C:\windows\SysWOW64\DpiScaling.exe 88
C:\Windows\SysWOW64\DpiScaling.exe 90
C:\WINDOWS\SysWOW64\DpiScaling.exe 90
C:\Windows\SysWOW64\DpiScaling.exe 85
C:\WINDOWS\SysWOW64\DpiScaling.exe 91
C:\Windows\SysWOW64\DpiScaling.exe 90

MIT License. Copyright (c) 2020-2021 Strontic.