Microsoft.AAD.BrokerPlugin.exe
- File Path:
C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe - Description: AAD token broker plugin
Hashes
| Type | Hash |
|---|---|
| MD5 | 45069EE7925ABC1E9F980376D3C53E97 |
| SHA1 | FA986514A4EBD9843A074E7DE8730111B879C05C |
| SHA256 | 0B9C5BE55849BFDA6886D54DDF422570906DAC32F7CDB7B62AB1140FF7E4D734 |
| SHA384 | 2698AB2CC34853326B3B7DC61695BBF3B46CB4BCF8435530B0B61BC205150E0666A902D3C272C5BC11F6709E66F7BF79 |
| SHA512 | F128D898787BED82D698E92DB99A66384DA7275978D327E964E0D432881DAF51A090BA0650ADC489A8E6D1A61D52D267E6082C7E15D2CCB566F33B6C6DF4CA0D |
| SSDEEP | 3072:X1fiWJjzGZpxu8dn9LMBrZ4JiKwDr5skekjAHLShPnjMMWp3wk510pS:X1f5dN8V9LMBrXDOk7AHGlngMw3wiz |
| IMP | 1C7722EBBDCEE129017E54A6FBAF1A83 |
| PESHA1 | 1D70F2175D7108ADB87251111CD5A5CA10ABDF92 |
| PE256 | 56CDAB71740034907CE33D34A869B57F3109A4094FB2BB88BE9466D44FE24CEA |
Runtime Data
Child Processes:
Microsoft.AAD.BrokerPlugin.exe WerFault.exe
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\bcryptPrimitives.dll |
| C:\Windows\System32\clbcatq.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\SYSTEM32\kernel.appcore.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\SYSTEM32\wincorlib.DLL |
| C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: Microsoft.AAD.BrokerPlugin.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.423 (WinBuild.160101.0800)
- Product Version: 10.0.19041.423
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/0b9c5be55849bfda6886d54ddf422570906dac32f7cdb7b62ab1140ff7e4d734/detection
MIT License. Copyright (c) 2020-2021 Strontic.