SyncHost.exe
- File Path:
C:\Windows\SysWOW64\SyncHost.exe
- Description: Host Process for Windows Sync
Hashes
| Type |
Hash |
| MD5 |
B2716691D5F75F1F2A965923E180CE36 |
| SHA1 |
C4515C49AC4DEE3814458B115CAE6ADB41CC5080 |
| SHA256 |
47EB6D62CC9B494EB451D19A84407A879B0A4A98A46301558F6DA66D5A3CEF84 |
| SHA384 |
EBB55E23DF5C6879A19883155AEE5695026592FDE8C0B12EDA1FAE4BFCBAD7E57BB7F8909BE7C303A327234D574C9545 |
| SHA512 |
8ECFF769DBFD5600D97054D89C61106EE2BDB4CFE9AFB31EAFF6E7106803B05091F87755BEE6C923D3BF6515209083F6D3097E863BE689006513BDC65AB4349C |
| SSDEEP |
768:y5j1FMyTOzZHR5I3w6jJosfM6o3SEUu10+v2werM2HTON:yvqgM5I3w6jJo0do3SS6+GF6N |
| IMP |
DA44A81E79B6C3BEC0D978860B3682DC |
| PESHA1 |
AB9B96272635A971F55E314B1320C0877C157E2B |
| PE256 |
531863E09325AF7A8F1CF6757C301F2D9DE16BABF4C2B39040A1D7A0012F8F1A |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000004.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \RPC Control\DSEC1068 |
Section |
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\SyncHost.exe |
Signature
- Status: Signature verified.
- Serial:
33000001C422B2F79B793DACB20000000001C4
- Thumbprint:
AE9C1AE54763822EEC42474983D8B635116C8452
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: SyncHost.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/47eb6d62cc9b494eb451d19a84407a879b0a4a98a46301558f6da66d5a3cef84/detection/
MIT License. Copyright (c) 2020-2021 Strontic.