PolicyRulesFileBuilder.exe
- File Path:
C:\PolicyAnalyzer_40\PolicyRulesFileBuilder.exe
- Description: Utility program used by Policy Analyzer
- Comments: Created by Aaron Margosis
Hashes
| Type |
Hash |
| MD5 |
CF81455C0F00F0A56ED708DB02145772 |
| SHA1 |
A6EE34E04EB36A048076BA4A64E0681620D9D6BE |
| SHA256 |
5AF2BD3FA6C923960A65EB04F0DB15C8EC5DA002C57ED64EC6CBF3AA503F2DA7 |
| SHA384 |
1BF4B8C949219AFCA7C807C4913122F94FD40FD18D1916D9014D7BABD5C48F20A28568C73FCF4332B987AF95CA707883 |
| SHA512 |
EC13C7770B0AFE9E5039DB1821A5E0A98BACC18269D7840A11BD38BBA7407EE3A72F063FA1D208E75A885533B28D56F87AB9EF9B7869D20D69D85B93B9A8EC21 |
| SSDEEP |
6144:6Si5QQ6CJoeavyjXHByNiYY3Pwp3e2a4xa5Wx97W1y8BNCAOUCCjE7Wjn9xQ3x:qQNCJoeav6XhSiYY3Pwp39vx1W1y8BNE |
| IMP |
659A3711DF56CBA76C98EC8D4B7A34A8 |
| PESHA1 |
A0331F217FABB98F1F16DDE1401CC1C599D70D36 |
| PE256 |
1C9F057B8EE1B8CF90B72BDA09B4C9DC05BDCC759315E928B2EAF732BC2C1F47 |
Runtime Data
Window Title:
Policy Rules File Builder
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\Fonts\StaticCache.dat |
File |
| (RW-) C:\Windows |
File |
| (RW-) C:\xCyclopedia |
File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\Windows\Theme2547664911 |
Section |
| \Windows\Theme3854699184 |
Section |
Loaded Modules:
| Path |
| C:\PolicyAnalyzer_40\PolicyRulesFileBuilder.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
33000001519E8D8F4071A30E41000000000151
- Thumbprint:
62009AAABDAE749FD47D19150958329BF6FF4B34
- Issuer: CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: PolicyRulesFileBuilder.exe
- Product Name: Policy Analyzer
- Company Name: Microsoft Corporation
- File Version: 4.0.2004.13001
- Product Version: 4.0.200413001
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/67
- VirusTotal Link: https://www.virustotal.com/gui/file/5af2bd3fa6c923960a65eb04f0db15c8ec5da002c57ed64ec6cbf3aa503f2da7/detection/
MIT License. Copyright (c) 2020-2021 Strontic.