RunLegacyCPLElevated.exe

File Path: C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe
Description: Run a legacy CPL elevated

Hashes

Type	Hash
MD5	`EB57F9EF18CECF674CF1EDCB38D4D3FE`
SHA1	`EC62089BBC8FCDDB3E5466D02442B30EB612EC5E`
SHA256	`F4ADB5B5D7AD1624DC30B42D207AD78C57B2D00F247A00E474E05378AD3948D0`
SHA384	`8BBADC296A4FC037EFEE6B60AC56EEB325FD1802908D0A08135837BEADB4F01F2C91658CE2EE021A7A53A7280110F123`
SHA512	`3EEB43DDE42C1FAD30657F63CA39895EF16F8DC85B394B4B8E0B58C464D0E0413A80EC957ECC33889EAA7B489FD7BF693F0AC153DD00AE75EF0E61520FDE1105`
SSDEEP	`384:d689cwjADy7Vo5PIp0cGou9eCrSBjK6kawPNuc048JaFY+wqpHWyPbCqWLYWDVC:d6ecW7Vo5PIp0vtYeLao046V+P2yPbCa`
IMP	`10C87299D11D29A4096B000A7BC87C4A`
PESHA1	`D9AD9EC3D2C3E3F44525827CDFAA7C4F41F85382`
PE256	`224B1D9A82C7EE5A546BC1CB5CA78C0F638102C690D5A26101091A482828B131`

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\System32\wow64.dll
C:\WINDOWS\System32\wow64base.dll
C:\WINDOWS\System32\wow64con.dll
C:\WINDOWS\System32\wow64cpu.dll
C:\WINDOWS\System32\wow64win.dll
C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe

Signature

Status: Signature verified.
Serial: 33000002ED2C45E4C145CF48440000000002ED
Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: RunLegacyCPLElevated.EXE
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.22000.1 (WinBuild.160101.0800)
Product Version: 10.0.22000.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/73
VirusTotal Link: https://www.virustotal.com/gui/file/f4adb5b5d7ad1624dc30b42d207ad78c57b2d00f247a00e474e05378ad3948d0/detection

MIT License. Copyright (c) 2020-2021 Strontic.