StartMenuExperienceHost.exe

  • File Path: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Hashes

Type Hash
MD5 5E55DE025E599F7B4BCA7F08E8816B59
SHA1 0694AD44DB7D4C405777635E010CC8714DBFE1C1
SHA256 EC5F923E60D162C48058B7FDE56A85E74E45D979ED923330B07DC32B1ADAD473
SHA384 3F33231DDB83CC624F9A73318C55FA9C48466AC2776B82B6C3E8888402C9740C0CF0AE02D801C3BFA24DFB62FC39BE20
SHA512 083836C40CA3C34BA450FA7BB33AA3EFC66F92F1DBE2C1D69B4FF004516C7955BAF957DAC5084341707EA5CCC4E32988B409FA8C20518344A5AA8C06380D67AB
SSDEEP 12288:YSMiIZLwsYeQiNtbgJaMJrJNBP8jzs2rG/kCd20YG/FrJx:UiOLTbt0J7JrJ3P8jzs2rcYG/pD
IMP 4868D0DDFC825368A966364B34D69B91
PESHA1 518B2B5B2CE4D8326E71509E44A54D1A7C11F506
PE256 604495AEA977F2EBEBF926CD6C0230F0F45EB537B5B427A4000394D52B82C9A7

Runtime Data

Child Processes:

StartMenuExperienceHost.exe WerFault.exe

Open Handles:

Path Type
(RW-) C:\Windows\System32 File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro Section
\Sessions\2\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\Sessions\2\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section

Loaded Modules:

Path
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version:
  • Product Version:
  • Language:
  • Legal Copyright:
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/ec5f923e60d162c48058b7fde56a85e74e45d979ed923330b07dc32b1adad473/detection

MIT License. Copyright (c) 2020-2021 Strontic.