Spectrum.exe

File Path: C:\WINDOWS\system32\Spectrum.exe
Description: Windows Perception Service

Hashes

Type	Hash
MD5	`0789BA00D2CCD5EDEFB52A4A4B5DCB4D`
SHA1	`8280043536BDF42C7D2D9BCAA23B56C5BB87E3C3`
SHA256	`F27B5362212ED96EBD361C439ACA1370F418485A84CFB43AD573F56073B8C3CE`
SHA384	`E43B631C786600D0FA8C9618F40F95A1D3B0542FDEA7F8B7A22A56D5BEF5120A9C88281AA4F9C8A4C7A2A634A1624D8F`
SHA512	`F080062063C605494FCA226F2C9B0A4B483C1485B6F56D2664D1EDE7FB2788FAF394B69033AFF5FB95245A59D0115F3F3C32D1D87CBEE699DC4AEE409FE32839`
SSDEEP	`12288:VupR96NgJgp6TJOmPOHBsl218fCYVcgf3nQYt2ZguIGyPsxr5Vin10wAZ:uegJgpwJOmPOHWAKp8ZguIGyPsxr5Viv`
IMP	`7F303219973CFF790A16158E01409AD8`
PESHA1	`D7A1728649D57E9DF33999EB7DDE99FF72758002`
PE256	`FB83E45BD75CE78AFD30A06B1F2B9A898D838D0426065C0172404546DAD0B0C6`

Runtime Data

Usage (stdout):

Unrecognized parameter: --help
Parameters:
 /debug             to run the service executable in debug mode
 /safemode          to set up the service to run in safe mode
 /safemode:off      to disable safe mode if enabled

Loaded Modules:

Path
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\system32\Spectrum.exe

Signature

Status: Signature verified.
Serial: 33000002ED2C45E4C145CF48440000000002ED
Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: Spectrum.exe.mui
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.22000.1 (WinBuild.160101.0800)
Product Version: 10.0.22000.1
Language: English (United States)
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/72
VirusTotal Link: https://www.virustotal.com/gui/file/f27b5362212ed96ebd361c439aca1370f418485a84cfb43ad573f56073b8c3ce/detection