MpDlpCmd.exe

  • File Path: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpDlpCmd.exe
  • Description: Microsoft Malware Protection DLP Command Line Utility

Hashes

Type Hash
MD5 DB96C707FEBDFE8B5F6F11C2DD78073C
SHA1 5B497AB1EF4A769061951805A8EA183AA8961152
SHA256 9D5A5D804B4AD306F8F08F1D3CFD1DD80255CD8DB745F648643DC4BADDC5660E
SHA384 228E35671E195E1DD158AB6ED80ED0D9A9103CDFEC2A5ABA5E60B98B9CF4DAC3FBC81CEAE94CB80F38FE2FD41C827A0E
SHA512 557B380D0B8949D970E6987F4DBD96B51D6DE9571ADD1B6F4AC2B4CA1F35CED7808B2FCD7FB7DA0D04197DD8E4FC4710D1676834E73687CA16FFF8BACA179148
SSDEEP 6144:s6UjT4MJM3gOiu0miTVVmVVV8VVNVVVcVVVxVVVPVVlVVVRVVVtVVWV60jVLVVOk:sr4MJM3Diue1
IMP 1AE5F3EDF63DC3F39328634CE0A93C2B
PESHA1 0D91CD2C88BB212A818CB8F68599D5BD038AAB2B
PE256 6F3B997EA130A313C9C9682B40AE5D9D848777EFA164AB168E7EF225C4B8B14C

Runtime Data

Usage (stdout):

MpDlpCmd: Failed with hr = 0x80070667.MpDlpCmd: Invalid command line argument

Usage: MpDlpCmd -<Command>

Loaded Modules:

Path
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpDlpCmd.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 330000024A0E8AFDF15C662D2B00000000024A
  • Thumbprint: 96384A7F5F1C438F32E2454697DC6D312A74517B
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows Publisher, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MpDlpCmd.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 4.18.2008.9 (WinBuild.160101.0800)
  • Product Version: 4.18.2008.9
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/70
  • VirusTotal Link: https://www.virustotal.com/gui/file/9d5a5d804b4ad306f8f08f1d3cfd1dd80255cd8db745f648643dc4baddc5660e/detection/

File Similarity (ssdeep match)

File Score
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpDlpCmd.exe 75
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MpDlpCmd.exe 74
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpDlpCmd.exe 80
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MpDlpCmd.exe 80
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MpDlpCmd.exe 83

MIT License. Copyright (c) 2020-2021 Strontic.