RelPost.exe
- File Path:
C:\WINDOWS\system32\RelPost.exe - Description: Windows Diagnosis and Recovery
Hashes
| Type | Hash |
|---|---|
| MD5 | FFB8F6B90554E147356415930CEACD95 |
| SHA1 | 0C8EC21969155CA4BA19981404A6AA27418139E2 |
| SHA256 | D4F2B96E50B6A53218056ABFBBA53C1A1C711A0B9C9CE08337E0AA23BE141ABC |
| SHA384 | EF87D712EA781339491846661077B6E69DD52977BD31C356014134F30B9DE68AE6F852D92F44577654292EB3AEFFB00B |
| SHA512 | 4CACBC3D906B9C0C2BF04AF37D2AC5420212F3D4D503F78E613012CB5D9FBDA42AEE4962209E5970D2384DDBF385BC91D26A65FAF5FDDAFE09559E0DB0BC222C |
| SSDEEP | 3072:dvY5UX/q6fs18pxj4ShsAEXnuCISS55SpiJxokdpLGnAuegPO8evTq2V:lIUyT18f8SZEXpnFFegEv+2V |
| IMP | F871B454FA087F522281469CAA76D50B |
| PESHA1 | 4E4BE311B76EEA9AD3C12A468E0EA1C6EFF25B0E |
| PE256 | 921897AB7B99FA5FE74BE9DC1508F4CA70093AFD3C225B36D2513915C23AFBBA |
Runtime Data
Child Processes:
RdpSa.exe
Loaded Modules:
| Path |
|---|
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\system32\RelPost.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED - Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: RelPost.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/d4f2b96e50b6a53218056abfbba53c1a1c711a0b9c9ce08337e0aa23be141abc/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.