EoAExperiences.exe

File Path: C:\Windows\system32\EoAExperiences.exe

Hashes

Type	Hash
MD5	`4D3920C8B3D893CF642042C3600980EC`
SHA1	`D157FD8AB114C818CB3D1B057B43E8785829A7A1`
SHA256	`FA1382EB49B486540639EC75EE60AA83BC09188345C99C7F7E391CFB6A0B3AB1`
SHA384	`3FCABAEC05E17935937C8E8C0292DB212F308CA1A8995803F199B5B211037ED07B9D5A9BBBCD20E63B6E7EFB86D4214E`
SHA512	`ACA85FFDD4FE4D413B6D9E4468B32036C94F560A763518C05FBDC9CFFDE46D69262AFC4949389E3BF0626B7E0E9F044E35EDA6D179F093A30822BBB54807F4AF`
SSDEEP	`1536:gRR73rR1hU8oiRce13TCGrBa/YL5fub56BXa2SZKQ5MFGipZYghqvKqfxqSqJubo:gjNU8NJWGrB3JnMMYixnQaWfSuQ2a`
IMP	`E223031D348C1549903BE6C46E2B185D`
PESHA1	`127FBEBC5FD72026913476618C09BFA802D16608`
PE256	`A4C26C325BF51C45A8BAC61FC11CF473F974CE22CF42248728FEF0A9E5DC86B7`

Runtime Data

Open Handles:

Path	Type
(RW-) C:\Users\user\Documents	File
(RW-) C:\Windows\System32	File
\BaseNamedObjects__ComCatalogCache__	Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section

Loaded Modules:

Path
C:\Windows\System32\combase.dll
C:\Windows\system32\EoAExperiences.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\ucrtbase.dll

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename:
Product Name:
Company Name:
File Version:
Product Version:
Language:
Legal Copyright:
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/67
VirusTotal Link: https://www.virustotal.com/gui/file/fa1382eb49b486540639ec75ee60aa83bc09188345c99c7f7e391cfb6a0b3ab1/detection/

MIT License. Copyright (c) 2020-2021 Strontic.