MpSigStub.exe
- File Path:
C:\WINDOWS\system32\MpSigStub.exe
- Description: Microsoft Malware Protection Signature Update Stub
Hashes
| Type |
Hash |
| MD5 |
01F92DC7A766FF783AE7AF40FD0334FB |
| SHA1 |
45D7B8E98E22F939ED0083FE31204CAA9A72FA76 |
| SHA256 |
FA42B9B84754E2E8368E8929FA045BE86DBD72678176EE75814D2A16D23E5C26 |
| SHA384 |
F3A3A5B518B2F2D94EADF8F80169E4BBDE1F32E7C0B1DCCFB6D33A7E912C4D76D5FD9E6218030A6B0FFDA3E6881093FA |
| SHA512 |
BEA5F3D7FB0984C4A71720F25644CE3151FCDC95586E1E2FFE804D04567AAF30D8678608110E241C7DDF908F94882EDDD84A994573B0C808D1C064F0E135A583 |
| SSDEEP |
24576:Ghj1QlBYDgtUUvie3n+pB3+ojRlcD1VyZTFXk:GhpQlBHtBYla1VyZpU |
| IMP |
17C9015AF786E0332059F422B92FB6BB |
| PESHA1 |
901C66CC65FDE2E5C98B1A5DC438046BC71F7DE8 |
| PE256 |
CA864E9F70CDE9C738020A6E36ECECB3232E2DE4C89BE1E1BAB327AAFE761656 |
Runtime Data
Open Handles:
| Path |
Type |
| (—) C:\ProgramData\Microsoft\Windows\WER\ReportArchive\6a225568-453e-48c9-af0a-11eff4acc657 |
File |
| (—) C:\ProgramData\Microsoft\Windows\WER\ReportQueue\e3e075ff-630e-45c5-972e-d45427427543 |
File |
| (—) C:\ProgramData\Microsoft\Windows\WER\Temp\05c67322-a60a-400d-805b-fb7e8682634a |
File |
| (R–) C:\Windows\Temp\MpSigStub.log |
File |
| (R-D) C:\Windows\System32\en-US\crypt32.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\mswsock.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\wer.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\winnlsres.dll.mui |
File |
| (RW-) C:\Windows\System32 |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.22000.1_none_271a8fad6a2d1b1e |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro |
Section |
| \BaseNamedObjects\F932B6C7-3A20-46A0-B8A0-8894AA421973 |
Section |
| \Sessions\2\BaseNamedObjects\InventorySynchronizationInventoryApplicationFileMemory9640 |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\2\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\WINDOWS\System32\ADVAPI32.dll |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\system32\MpSigStub.exe |
| C:\WINDOWS\System32\msvcrt.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000003F16206E3E7EFDA8ABE0000000003F1
- Thumbprint:
5362FAEB842C236D05A729B7FAC85BAA1B68BDCA
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: MpSigStub.exe
- Product Name: Microsoft Malware Protection
- Company Name: Microsoft Corporation
- File Version: 1.1.18500.10 (bd3bd17b10e8c188734ef863541b1db0d3f8b954)
- Product Version: 1.1.18500.10
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/fa42b9b84754e2e8368e8929fa045be86dbd72678176ee75814d2a16d23e5c26/detection
MIT License. Copyright (c) 2020-2021 Strontic.