ScreenClippingHost.exe

  • File Path: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ScreenClipping\ScreenClippingHost.exe

Hashes

Type Hash
MD5 3C4E7F1BF05A5088430FB512081061B2
SHA1 34625F3392E0139D36E33E5DEEFFC3A2DB16B8B6
SHA256 4491E15750B98EC9C920DF79947B9001C5B48F7285E8938051FBFA45F1328507
SHA384 8A08D96B3141202762A496F2795EDD94310F296B6D87FB0CD8EE7B6D37824F77D6E885E3E28BF65D2120918AA2E99909
SHA512 15F66F3397A448A72DD126A2D309DF1BA19750E6AF8E8CFBD93C43AC497985D065D2951811F1CC949CBD3B2A50DFBCD6502E15BDB6D32F7615352AC85DB37332
SSDEEP 192:hs6D+E0TmG7RgafpO59+WZHWxHp0VNxDBQABJ+WcQ2SkqnajKs9hG:q6JRGtXm+WZHWx0xDBRJTcQ3klGs9hG
IMP 44C701AD782D9785365B6D8072B898C8
PESHA1 4ADF3F586A93D9C7966737A2C08DBE7B4E92D390
PE256 6B7C5098E4B16546B21A629F97AF3280DA167E5AB65743170515E64456F0DC1A

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\combase.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ScreenClipping\ScreenClippingHost.exe

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: ScreenClippingHost.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 2001.22012.0.551
  • Product Version: 2001.22012.0.551
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/75
  • VirusTotal Link: https://www.virustotal.com/gui/file/4491e15750b98ec9c920df79947b9001c5b48f7285e8938051fbfa45f1328507/detection

File Similarity (ssdeep match)

File Score
C:\WINDOWS\system32\dllhost.exe 36
C:\Windows\system32\downlevel\api-ms-win-core-threadpool-private-l1-1-0.dll 33
C:\Windows\system32\downlevel\api-ms-win-crt-stdio-l1-1-0.dll 30
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ScreenClipping\ScreenClippingHost.exe 61
C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ScreenClippingHost.exe 60

MIT License. Copyright (c) 2020-2021 Strontic.