MuiUnattend.exe

File Path: C:\Windows\system32\MuiUnattend.exe
Description: MUI unattend action

Hashes

Type	Hash
MD5	`08F54EFA2B636804C85607CE2511D305`
SHA1	`51B783366926E1A7B001D6766E88C8BA915EF8CB`
SHA256	`5EA7389CE3F85FAC577E848B4D47C70B1A169520E466B5B41C2C5C1763C75311`
SHA384	`9CB900FE340F0DF18319E3715F17D405D1975C27D8BC3DC7528B13E850D9BFB8728E5BBFEFB66530379BF277C4E25F2F`
SHA512	`FCCE8612F2D6CE4ACCBBB68A0EEF4E0F3839682553431C6FDCC037B9F2B34C739944117E3687E242E9007B3E98C945C1E81AAE88A97CCAC14ED16FD2ADB5D08D`
SSDEEP	`1536:8s3bs9CtbaEHi3Ll5YBK5bTkNSRjpqlVn+LlM2Huo5lY+KAbDuhrHXtTL:PHi7l5igbTkNSRjpqlFDhQiyED5`
IMP	`8294C508F274BD27CF6CD858E5F05B86`
PESHA1	`AAE3C9B4882D251B0885542130A8AD7EF109D382`
PE256	`CE22735E29A8F739A75C7DCC06D6917981CDC5A181F4162B3DA05E412CB1795C`

Runtime Data

Child Processes:

csrss.exe winlogon.exe

Loaded Modules:

Path
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\system32\MuiUnattend.exe
C:\Windows\SYSTEM32\ntdll.dll

Signature

Status: Signature verified.
Serial: 33000002EC6579AD1E670890130000000002EC
Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: MuiUnattend.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.906 (WinBuild.160101.0800)
Product Version: 10.0.19041.906
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/74
VirusTotal Link: https://www.virustotal.com/gui/file/5ea7389ce3f85fac577e848b4d47c70b1a169520e466b5b41c2c5c1763c75311/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\MuiUnattend.exe	83

MIT License. Copyright (c) 2020-2021 Strontic.