NetEvtFwdr.exe
- File Path:
C:\Windows\system32\NetEvtFwdr.exe
- Description: Event Forwarder
Hashes
| Type |
Hash |
| MD5 |
BC8AFFBBBB2B7235B206E948373B7D80 |
| SHA1 |
72B2DB0543D7CC10B38C45286AA8D143C32E216D |
| SHA256 |
D0A85D5D71C08149325E4A2D34C5C42DE5505B2790A96880BF839B39F3CAC717 |
| SHA384 |
DCBF84D79B40888732960E31F666DABA09BD16BDB456723118079BC0B8D5CDC684E30CB25CE4681C32834EF738692082 |
| SHA512 |
C96D7AD2FC21A9D5799E9DC8D7642C54F1138673656932024DDD59CD2A9BF906920031293D76E9679EE4FDA412EAE6FAE8F9E7E2208238D2E58F99CC74D7BEEB |
| SSDEEP |
384:2aaKgf1JAxnVAx4OQTDXzPX+YKP7RM4dzt3O6yeY0Hc1/FOIqscW//7F5kNYX7Uk:2TKeAwIP+rzAFd0an/Blobn0h/cx5 |
| IMP |
06F9D15B3947279143A7D5F4DC25306E |
| PESHA1 |
768CA63299566B819DA9BD364611E90974AB5198 |
| PE256 |
37F666CF9856FA975530A08C1F5B22D0388B3B4902E024E04BF824F7108F2221 |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\system32\NetEvtFwdr.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: NetEvtFwdr.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/d0a85d5d71c08149325e4a2d34c5c42de5505b2790a96880bf839b39f3cac717/detection
MIT License. Copyright (c) 2020-2021 Strontic.