NetEvtFwdr.exe
- File Path:
C:\Windows\system32\NetEvtFwdr.exe
- Description: Event Forwarder
Hashes
| Type |
Hash |
| MD5 |
10D9999118819AC4C919278186BBA258 |
| SHA1 |
24191CC77B7826C61BF485F5A3EB7234088E535D |
| SHA256 |
C1D31010BB094ED0208E9C177C865B49976F23EC22C67373600746109801EFE8 |
| SHA384 |
1085892EA38B37D8C3CCBD96A425A48139139DF993F6686440E2EAC9021AFE1AC76D42D2CE0D91AC093CB331E13AC8E2 |
| SHA512 |
29F26F2121EA339A1E5B8966FBA93792E9163DE4E9F75A1A42CC464DA78E7E7A004A723534DB448D6E71A31819D51398028B89C7ED195E633FAB1E44B4120074 |
| SSDEEP |
768:IW/IjGpQYmBM3BHn7QI99KdX/qMSbquZTX3K/b20QOQ2R0sCLg40m/uIQBSe:Z/IjGiBqxHVHUXEeqK/y0QOQ2R0sSOms |
| IMP |
67B772554D7527AE78D3651C71F21024 |
| PESHA1 |
45F6172331E27F6500BA5E0E89EB0495BA58A6D9 |
| PE256 |
F935B891DE73FDCCFC112E7C7D54CDAC7CA7C376A3B3492488E447D2FD0FE611 |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\system32\NetEvtFwdr.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000001C422B2F79B793DACB20000000001C4
- Thumbprint:
AE9C1AE54763822EEC42474983D8B635116C8452
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: NetEvtFwdr.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/c1d31010bb094ed0208e9c177c865b49976f23ec22c67373600746109801efe8/detection/
MIT License. Copyright (c) 2020-2021 Strontic.