RunLegacyCPLElevated.exe

  • File Path: C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe
  • Description: Run a legacy CPL elevated

Hashes

Type Hash
MD5 EB57F9EF18CECF674CF1EDCB38D4D3FE
SHA1 EC62089BBC8FCDDB3E5466D02442B30EB612EC5E
SHA256 F4ADB5B5D7AD1624DC30B42D207AD78C57B2D00F247A00E474E05378AD3948D0
SHA384 8BBADC296A4FC037EFEE6B60AC56EEB325FD1802908D0A08135837BEADB4F01F2C91658CE2EE021A7A53A7280110F123
SHA512 3EEB43DDE42C1FAD30657F63CA39895EF16F8DC85B394B4B8E0B58C464D0E0413A80EC957ECC33889EAA7B489FD7BF693F0AC153DD00AE75EF0E61520FDE1105
SSDEEP 384:d689cwjADy7Vo5PIp0cGou9eCrSBjK6kawPNuc048JaFY+wqpHWyPbCqWLYWDVC:d6ecW7Vo5PIp0vtYeLao046V+P2yPbCa
IMP 10C87299D11D29A4096B000A7BC87C4A
PESHA1 D9AD9EC3D2C3E3F44525827CDFAA7C4F41F85382
PE256 224B1D9A82C7EE5A546BC1CB5CA78C0F638102C690D5A26101091A482828B131

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\System32\wow64.dll
C:\WINDOWS\System32\wow64base.dll
C:\WINDOWS\System32\wow64con.dll
C:\WINDOWS\System32\wow64cpu.dll
C:\WINDOWS\System32\wow64win.dll
C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: RunLegacyCPLElevated.EXE
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/f4adb5b5d7ad1624dc30b42d207ad78c57b2d00f247a00e474e05378ad3948d0/detection

MIT License. Copyright (c) 2020-2021 Strontic.