SmartTagInstall.exe

File Path: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe
Description: Microsoft Office component

Hashes

Type	Hash
MD5	`632AB2DBE46DE1E9BB0FB7B54B3BB05C`
SHA1	`072344347484CBCE49EEFF9BF2A9751469EFF709`
SHA256	`EE5653A22CD2836FD2CCF1FFA48BF05FA4BF28BDE85E46AB47DE9DC6B2D2AD6E`
SHA384	`C0AA4B71E0B82CA917FE5881DFE51F287603E6BFA102EDFAD3FC52ADC997F0E1BB9092D7AAF3D80D475301416459A6D0`
SHA512	`72389D220977E1BDF9422D81FFE9D2F88DCA9D484F133F89176EA88433A64FDF2C72C153FAF7137E3E6EF61767CF3F5DF83B109CDD412F683C56EA1F81AA1797`
SSDEEP	`384:xWW8wJpSWwjMLw4Gl/yKWhhjWj5Kw8zIwS+klKvbHRN7MzIwS+klKf:xWW8w+Ba1GxOO8zdrbmdb`
IMP	`AFCCD61DA42DAB0BE6BE95FA217B6225`
PESHA1	`92EDFEF9EE2D1EC90137EABFFED59003003D87A8`
PE256	`CAF27869E24940D6AFB625C3784BB6EB38CF9675EAAB4386870602D384CF0866`

Runtime Data

Child Processes:

conhost.exe

Open Handles:

Path	Type
(RW-) C:\Users\user\Documents	File
(RW-) C:\Windows	File
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section

Loaded Modules:

Path
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

Status: Signature verified.
Serial: 33000002CE7C9ACE7D905ED2B70000000002CE
Thumbprint: B10607FB914700B40F794610850C1DE0A21566C1
Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: SmartTagInstall.exe
Product Name: Microsoft Office
Company Name: Microsoft Corporation
File Version: 16.0.12430.20120
Product Version: 16.0.12430.20120
Language: Language Neutral
Legal Copyright:
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/73
VirusTotal Link: https://www.virustotal.com/gui/file/ee5653a22cd2836fd2ccf1ffa48bf05fa4bf28bde85e46ab47de9dc6b2d2ad6e/detection/

File Similarity (ssdeep match)

File	Score
C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x86\pvk2pfx.exe	29
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\convertstore.exe	32
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\KernelDumpDecrypt.exe	30
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\arm\api-ms-win-core-handle-l1-1-0.dll	36
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\arm\api-ms-win-crt-math-l1-1-0.dll	38
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\arm\api-ms-win-crt-runtime-l1-1-0.dll	33
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\x86\api-ms-win-core-console-l1-2-0.dll	36
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\x86\api-ms-win-core-libraryloader-l1-1-0.dll	35
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\x86\api-ms-win-crt-runtime-l1-1-0.dll	33
C:\Windows\system32\downlevel\api-ms-win-core-errorhandling-l1-1-0.dll	33
C:\Windows\system32\downlevel\api-ms-win-core-localization-l1-2-0.dll	33
C:\Windows\system32\downlevel\api-ms-win-core-registry-l1-1-0.dll	33
C:\Windows\system32\downlevel\api-ms-win-core-timezone-l1-1-0.dll	33
C:\Windows\system32\downlevel\api-ms-win-crt-environment-l1-1-0.dll	35
C:\Windows\system32\downlevel\api-ms-win-shcore-stream-l1-1-0.dll	33
C:\Windows\system32\kd.dll	30
C:\Windows\SysWOW64\downlevel\api-ms-win-core-delayload-l1-1-0.dll	33
C:\Windows\SysWOW64\downlevel\api-ms-win-core-fibers-l1-1-1.dll	33
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processenvironment-l1-1-0.dll	38
C:\Windows\SysWOW64\downlevel\api-ms-win-core-realtime-l1-1-0.dll	35
C:\Windows\SysWOW64\downlevel\api-ms-win-core-version-l1-1-0.dll	32
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-filesystem-l1-1-0.dll	33
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-stdio-l1-1-0.dll	32
C:\Windows\SysWOW64\fltLib.dll	29
C:\Windows\SysWOW64\IME\IMETC\IMTCTRLN.DLL	29