Spectrum.exe

File Path: C:\Windows\system32\Spectrum.exe
Description: Windows Perception Service

Hashes

Type	Hash
MD5	`18581DEA4C3F92993862605BF2CB537E`
SHA1	`E494E805A03A96AA591F84CCCF83E242D2F69CFA`
SHA256	`85C48785E9B56B51F6F9DA63024C60409E8674EE76D369126FB4AA803501A83D`
SHA384	`7118237A5F96A447F184F014A08729FD1C474A1B4D5F0932EEDB95ED76DD2D67779C8EC3C29D00D3ACDF08F918CD16EB`
SHA512	`15D2C3323B876C73E09D84C82CBB466A503C2A00C3D3585EB6A54C45371114AB210704A26C136C5D7304649E4AF3EF6EFE3DCCA8BCF16D9ED2F2FFD6485ABA49`
SSDEEP	`12288:rYk0sKphzC3gVzq7F2+Iw6+DpB1MPh5hB:9JKzEgc7FPIw6+DpB1MPrh`
IMP	`2D430AF2F5D536907F1205720822457A`
PESHA1	`84E354CE80519A4A6FE43362A3D8E7737B6DEFCA`
PE256	`4BF8583F6FC3B3F44C6EBE5C25E34A0A744FCDDBF4B535B0E06B3D52DD230316`

Runtime Data

Usage (stdout):

Unrecognized parameter: --help
Parameters:
 /debug             to run the service executable in debug mode
 /safemode          to set up the service to run in safe mode
 /safemode:off      to disable safe mode if enabled

Loaded Modules:

Path
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\Spectrum.exe

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: Spectrum.exe.mui
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/68
VirusTotal Link: https://www.virustotal.com/gui/file/85c48785e9b56b51f6f9da63024c60409e8674ee76d369126fb4aa803501a83d/detection/