NgcIso.exe

  • File Path: C:\WINDOWS\system32\NgcIso.exe
  • Description: Windows Hello Security Process

Hashes

Type Hash
MD5 6636EE8778ACC667497D590F30760FF4
SHA1 83F87BBCCCF04535E52BBD51E9738803F5FA1E27
SHA256 D6FCF04F23B92608E2255CF46EDF26B47541435D7E5A8D5AB69B9BFF8F13DF0B
SHA384 C283DBED896E803C0876404DE054212BE2AD1A92C0F86A15D51D9265D2ACF53EE76C52D0C00BC97075DDBCE12341121F
SHA512 2DB1FDC6B69459FE6AE4A5DE2DF61588882B06D3B633FCCE8C7FA48F94067B4FBB377DD1729E56CB799B4066EE76DF8D7F1023799AB18F2F542DAFABFED494DA
SSDEEP 6144:oUjIpvIrpedzxPbdvvaa7yPTyir+HBwWINV0f+FmftaZE+:XEg9wPbdvv4TAhrIzG2m12E+
IMP 289AAEC79DD6936256E511500D187FC3
PESHA1 0ADD0FBD96C9C0AC36E91E02A9AC1D37173BCA73
PE256 B7FE615DFE0372B230029E1EBBB52CFE384EC0D2F40688B2C1F7F9B9117B2E6A

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\system32\NgcIso.exe
C:\WINDOWS\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: NgcIso.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/74
  • VirusTotal Link: https://www.virustotal.com/gui/file/d6fcf04f23b92608e2255cf46edf26b47541435d7e5a8d5ab69b9bff8f13df0b/detection

MIT License. Copyright (c) 2020-2021 Strontic.