PsLoggedon.exe
- File Path:
C:\SysinternalsSuite\PsLoggedon.exe
- Description: See who’s logged on
Hashes
| Type |
Hash |
| MD5 |
E3EA271E748CCDAD6A6D3E692D6F337E |
| SHA1 |
F02E06BC439A28AAD6DD957DF8D0022F22798A09 |
| SHA256 |
D689CB1DBD2E4C06CD15E51A6871C406C595790DDCDCD7DC8D0401C7183720EF |
| SHA384 |
0DD8111C74B4FD4C57D76CF2EA80D8B50F80469E80CB9B98D3F9DEDAB83320BCD9F3EBC5DF365361BE9ACC71CA8A94CE |
| SHA512 |
07A47CB6C2663219F0673647ACB01D8D5A702B5E14F40C11B1DCEBB3655C9D1825D9F6F2C23DCE1FC73CD2AB10565FADD19E0B18E63D51C44498B5F159215503 |
| SSDEEP |
3072:GJsH2jYVvmuOPybZUFS37ED65lx50kKXRlED:Ej3wIYZNR |
| IMP |
2D2CEE6D005EEC5676742BA250D53D92 |
| PESHA1 |
4F653993657A1BFD3E63590C7462BDB362CCD31C |
| PE256 |
BC74E7FCFDEE152368D70180CD168002F2EEE15E5EB787762561A576CCB39BCF |
Runtime Data
Usage (stdout):
PsLoggedon v1.35 - See who's logged on
Copyright (C) 2000-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
Usage: C:\SysinternalsSuite\PsLoggedon.exe [-l] [-x] [\\computername]
or C:\SysinternalsSuite\PsLoggedon.exe [username]
-l Show only local logons
-x Don't show logon times
-nobanner Do not display the startup banner and copyright message.
Child Processes:
conhost.exe
Open Handles:
| Path |
Type |
| (RW-) C:\Windows |
File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.19041.488_none_89e6152f0b32762e |
File |
| (RW-) C:\xCyclopedia |
File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\SysinternalsSuite\PsLoggedon.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
330000010A2C79AED7797BA6AC00010000010A
- Thumbprint:
3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC
- Issuer: CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: psloggedon.exe
- Product Name: Sysinternals PsLoggedon
- Company Name: Sysinternals - www.sysinternals.com
- File Version: 1.35
- Product Version: 1.35
- Language: English (United States)
- Legal Copyright: Copyright (C) 2000-2016 Mark Russinovich
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/d689cb1dbd2e4c06cd15e51a6871c406c595790ddcdcd7dc8d0401c7183720ef/detection/
MIT License. Copyright (c) 2020-2021 Strontic.