MpDlpCmd.exe

  • File Path: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MpDlpCmd.exe
  • Description: Microsoft Malware Protection DLP Command Line Utility

Hashes

Type Hash
MD5 8552968F117AECCD72B5CCC5C092BD83
SHA1 B6C44F4CC97594244BE4F412D186530836267F84
SHA256 65E60B3657B58AC9D61C67E7AA9160646E8D2FEEE3C998FEF943B365B902718B
SHA384 3F4393F76ADBA89E23676C2BA2BC12D105059109F9EB0F265A6B98BCAA7C37007EBC0D08B0542DFC55F400D8DEDD200B
SHA512 4429FF32905F857511984B29334B80C93BCAE1D3A6EE5DFB33BA70CF1E8DFD65C23755D6C9BE631F031FF763F30402B52D4A0063890833FB1C85EEDAF3BD7035
SSDEEP 6144:HyUbbAMV+L9OiuwmiTVVmVVV8VVNVVVcVVVxVVVPVVlVVVRVVVtVVWV60jVLVVO1:HDAMV+LgiuSk
IMP F15B67A00B2CE6353DCB4070F8E5D10B
PESHA1 097ED9E8C4CCFA290F05D4FF6E2C136501F55A60
PE256 4BA4EF91EBEBB830EFEC63E9FE48FA76F8DA2EA8FBEBEB5CD857018289DE2901

Runtime Data

Usage (stdout):

MpDlpCmd: Failed with hr = 0x80070667.MpDlpCmd: Invalid command line argument

Usage: MpDlpCmd -<Command>

Loaded Modules:

Path
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MpDlpCmd.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 330000024A0E8AFDF15C662D2B00000000024A
  • Thumbprint: 96384A7F5F1C438F32E2454697DC6D312A74517B
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows Publisher, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MpDlpCmd.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 4.18.2009.7 (WinBuild.160101.0800)
  • Product Version: 4.18.2009.7
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/65e60b3657b58ac9d61c67e7aa9160646e8d2feee3c998fef943b365b902718b/detection/

File Similarity (ssdeep match)

File Score
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpDlpCmd.exe 79
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MpDlpCmd.exe 74
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpDlpCmd.exe 82
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MpDlpCmd.exe 77
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpDlpCmd.exe 83
C:\WINDOWS\system32\SecurityHealthSystray.exe 80

MIT License. Copyright (c) 2020-2021 Strontic.