ShapeCollector.exe
- File Path:
C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe - Description: Personalize Handwriting Recognition UI
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | F8510895EF5782FC1DD312D42C45F049 |
| SHA1 | 09CF63CD88D05BD3044A22F7FBE76733B83D7024 |
| SHA256 | 2C0DECB7DF8DF6FF79FF9DE4FEBAE78B4D40A68A2F96D6BEAE5A9C911D56A65E |
| SHA384 | 3281D4B8A3169610B55C812ECE231EB7EBBEC063EEFC6DF157509949A71648D6800D56812EBC393D1BF3D0535C275494 |
| SHA512 | F70E3B12F5AF387F91FA085E120802D276FC65401B2C7A38BBAFFDA0DBA3573C132D99361845566AD2A08E7E87E90BBC71DE74D6F99B3F8A40499E897017699B |
| SSDEEP | 6144:nY87i+HXar0eZ4y0r45r3gyauPjgaG6iJ51bGz/EYuR9gpC1RjDksOoFOkciLktV:Y87i8Ze75r3dauMaG6OMzsbSo5Xw |
| IMP | C09F7C65113D653CCC3D2158B44BE5EC |
| PESHA1 | 6FC1AA1DB9FC722E1A9324D9E613A9F6AC970553 |
| PE256 | E8356BF1FA28214B1474D1F0EC022D523D1029A0502FF9EB07515D08B74D2B4D |
Runtime Data
Child Processes:
explorer.exe
Window Title:
Handwriting Personalization
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Program Files\Common Files\microsoft shared\ink\en-US\ShapeCollector.exe.mui | File |
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\duser.dll.mui | File |
| (R-D) C:\Windows\SystemResources\imageres.dll.mun | File |
| (R-D) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_cb612d02732b0fd9\comctl32.dll.mui | File |
| (RW-) C:\Users\user | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_cb612d02732b0fd9 | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e | File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \Sessions\1\Windows\Theme449731986 | Section |
| \Windows\Theme1396518710 | Section |
Loaded Modules:
| Path |
|---|
| C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED - Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: ShapeCollector.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/2c0decb7df8df6ff79ff9de4febae78b4d40a68a2f96d6beae5a9c911d56a65e/detection
File Similarity (ssdeep match)
| File | Score |
|---|---|
| C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe | 30 |
| C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe | 41 |
MIT License. Copyright (c) 2020-2021 Strontic.