MdSched.exe
- File Path:
C:\WINDOWS\system32\MdSched.exe
- Description: Windows Memory Diagnostics Tool
Hashes
| Type |
Hash |
| MD5 |
F45C2E4A5DAF2E420E6E7DC7A362B395 |
| SHA1 |
FD894D0EBB634D265CEFD211C21283F0DE573CE0 |
| SHA256 |
97B11FAD30D5B0A6930AA1C480D130291BF50272E1AA9113EA422ED7551A341E |
| SHA384 |
997FB08DC0C555324D74DEE7EAED1EA11B1280B1D9296027D219779B3464F031CECD9001A179438976D1B22B665189EF |
| SHA512 |
9C522FC5ECC43A78B86AAB240B346B6FD85DAB90BEC1FB1E32AF6B8CC5A9E01E0AED756C1A9C3EEFBE921D57E8D59A9F7EB1ED28C1C898228CA3CC10B1BD6A04 |
| SSDEEP |
1536:nhYlSvJRVliRYaZJm+65tFI720+VpmDOzc4JNWxwB1MjVJmRc:h1JcYaZJe/FO+VQDUcUNWs+jm6 |
| IMP |
A4BB20AEB8AFA2BF97327D41B25C5C30 |
| PESHA1 |
7783488E7926260A1E1A31D232C39173E71CD4D5 |
| PE256 |
74285B77C3D0B5AB093EDB7D357230E710B00F15DA01C8C5058151B46A942145 |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\system32\MdSched.exe |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: MdSched.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/97b11fad30d5b0a6930aa1c480d130291bf50272e1aa9113ea422ed7551a341e/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.