Microsoft.AAD.BrokerPlugin.exe

File Path: C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
Description: AAD token broker plugin

Hashes

Type	Hash
MD5	`94B216FE659A29BA863672DBD9827128`
SHA1	`C3A8C96906E19C9D66DCDD9440E2ABA757D0EF53`
SHA256	`D658782EB8EBABC7DFD4109E68BD396B521CD0C92775C429B7317C1018ACE75C`
SHA384	`4154376CA469185D95C0DF2A19CB0FCBE758A997C7FA5BAD3367F58CE8E4A971E30EC7B66D0D3539320C74CA36D0D6BA`
SHA512	`E23C216C6995C611DB6D4F2F93253660221B18350E41B8815A2FE0FD29C58D01B2EEC719E22114320EB18836CD3CDEAAB0F50FC42F6BC95E223AD30AE2B1BC0E`
SSDEEP	`3072:O5tbOxdJ28HJh1nTaL03RUkP1uKuJHykAkj+nmThte09J/eqW52wcw7O:O5tiDZ1TaL03RruAk5+naidqg2wc`
IMP	`1C7722EBBDCEE129017E54A6FBAF1A83`
PESHA1	`776B4002E762E18425F512D0CB0AF9CDFAADD0DB`
PE256	`E4886F5181D898F0D9BBC5F4D401628B3EF872EFFCB43CEA2F747F4EEC2C85DD`

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\combase.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\SYSTEM32\wincorlib.DLL
C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: Microsoft.AAD.BrokerPlugin.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.662 (WinBuild.160101.0800)
Product Version: 10.0.19041.662
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/75
VirusTotal Link: https://www.virustotal.com/gui/file/d658782eb8ebabc7dfd4109e68bd396b521cd0c92775c429b7317c1018ace75c/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe	91

MIT License. Copyright (c) 2020-2021 Strontic.