ProcessDump.exe
- File Path:
C:\Program Files (x86)\Cisco Systems\Cisco Jabber\x64\ProcessDump.exe
Hashes
| Type |
Hash |
| MD5 |
8E00DFD4152033F4E806AB0E677925A3 |
| SHA1 |
76D0C455083F4E113200B404425E2C4BF0F4D596 |
| SHA256 |
F91F794E351C963971B692656F30200A3A7AF54AF1AFD5383DA74BB393AD96AF |
| SHA384 |
54B4EC35347AC7DB0DB6D2ECEFA6E9A7C1DF830E5EA6262FB401CF88A6E4C8E0F2C5018FA88625D8E0D759CB0B349BAA |
| SHA512 |
8FF050C48568EE975DC7DFDAF013C9E73F0956F00F51C4111FB81A2F74E3576E1A33E851C61819DD41220B6114D5C555566605A005E66FB3DC71DEA4BF722FF0 |
| SSDEEP |
384:S7F5fGFH9miwE/ZUKLLew/4oBiCIFaG1zh1NrZI6iLoAlKvaay6MK6j11M:m+wg4oQCINrZOLXLKg11M |
| IMP |
098A8E203FFEFD6C75B750C36EA20CA6 |
| PESHA1 |
347C7D7AC09B6F2FC51755AE35279705BE86D750 |
| PE256 |
E8B8DC8B07177D4C6A9B823B7CBA417B73CBB444F07CA5FEA413EC84DD6DEF65 |
Runtime Data
Usage (stderr):
Loaded Modules:
| Path |
| C:\Program Files (x86)\Cisco Systems\Cisco Jabber\x64\ProcessDump.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
59C5C9F46EA82C4C743981566B64BD6C
- Thumbprint:
475DAEE5A6CC149389EFDE176DEA526C627D203A
- Issuer: CN=Symantec Class 3 SHA256 Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US
- Subject: CN=Cisco Systems Inc., O=Cisco Systems Inc., L=San Jose, S=California, C=US
- Original Filename:
- Product Name:
- Company Name:
- File Version:
- Product Version:
- Language:
- Legal Copyright:
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/f91f794e351c963971b692656f30200a3a7af54af1afd5383da74bb393ad96af/detection/
Possible Misuse
The following table contains possible examples of ProcessDump.exe being misused. While ProcessDump.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
MIT License. Copyright (c) 2020-2021 Strontic.