• File Path: C:\windows\system32\NAPSTAT.EXE
  • Description: Network Access Protection Client UI


Type Hash
MD5 53EBD90F1A3956E1E2C1A68FC45D9590
SHA1 991FE09F275B73832553006FB1DE802A3BC0C345
SHA256 B5B68C60981FF9355A44AC9055C6021F1F5B5B52D1BBFD2F1E1EE1403D97C545
SHA384 038B73699FF0599C25FFD9AC368BFADE18BC23CBB08D148458C3A8A37B5889A6C141E38BF08EC9C2E3B41AFD059622E2
SHA512 65E3AD0334C4817A37BD8B1BDCCE2C6F0D6FC73D63175E65E21B742BC9D135DF9978DE8DD8B28C7C00790EA8F08A72022E5355B2CF8630164947720C86AA3500
SSDEEP 6144:Of7mCYqszK+QBSbiEkM26VWxtoloBV+rLx:qLszKfMVpVJ6BV+rLx


  • Status: The file C:\windows\system32\NAPSTAT.EXE is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: napstat.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\windows\SysWOW64\NAPSTAT.EXE 57

Possible Misuse

The following table contains possible examples of NAPSTAT.EXE being misused. While NAPSTAT.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .napstat.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.