- File Path:
C:\Windows\system32\InputSwitchToastHandler.exe
- Description: Input Switch Toast Handler
Hashes
| Type |
Hash |
| MD5 |
B7B0FCB7932E5C90F30ABD807D810616 |
| SHA1 |
1DABF4374D44E531042EDFF4652BF1220D537C1F |
| SHA256 |
2BF6B3E12E08EE322A6C3FD6437E36D2DC8CF3A2C16BBB5A1A30A61626B24123 |
| SHA384 |
D7E2F429929747AC881AC100F2725027ABD479F3397641F4C0F69A773DEBE86A8118171FCA76AC5DDAE1C619EE845751 |
| SHA512 |
3DAA20EAFF8CD5B7F3A4E1EA99C2ACBD0DF4B627FBA66EF4442524904F59DC962731D6C2272E271B39D29C79D9FED07E3D00D8B2EA9F2052E779DC068BB54582 |
| SSDEEP |
1536:KWEXl+E9vPzlUPhJ7j1+3HmzKrHWVoPhoJLi:nEXPkPjj+WQHA++ |
| IMP |
E1D88F4B1D4C6DAE79ADFCF44DF28C32 |
| PESHA1 |
AED58C204E42E593D83BF9BA54511DD31B99E54D |
| PE256 |
44504B25156C408A75D8581B0543139BC9A67097714E15EDA44AD82F78C7FABA |
Runtime Data
Child Processes:
conhost.exe
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\system32\InputSwitchToastHandler.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: InputSwitchToastHandler.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/2bf6b3e12e08ee322a6c3fd6437e36d2dc8cf3a2c16bbb5a1a30a61626b24123/detection
MIT License. Copyright (c) 2020-2021 Strontic.