SystemSettingsRemoveDevice.exe
- File Path:
C:\Windows\system32\SystemSettingsRemoveDevice.exe - Description: SystemSettingsRemoveDevice
Hashes
| Type | Hash |
|---|---|
| MD5 | 6DFE20B7A849D60E580D3BE2FA008C04 |
| SHA1 | F8F68A30518B71AC8D3EFE6D7BBBB8C81E9ED57D |
| SHA256 | 4264902A2BEFCF2A94A3BF5B660837581EB777742AD3BA8D405B67A52EDADFD9 |
| SHA384 | 47C1C35BB95A73DEEBD795A8CAB8E4585B97A0738CE32559F9B8A826009C9EB1A2C4CE00688FC19F5E8CE97B785973AA |
| SHA512 | 5665CC7ECB45EC3F77965CCE0BDB34A82BE783B99E6509F7731E5EA52A7336F9F6E1E8A25A0A982E473DC559EA88F3639E3C8CD96F9A11CEB1726B4C754CF79A |
| SSDEEP | 768:j3batw7cbZaPffKJ1DEjFBfJmsYEby0sOZdrnXETI1PKV5v:DubACXDQPmcbhZdrnbPKV |
| IMP | 9DC9B6E9378726AD78F12FE890DECC7F |
| PESHA1 | 418269821F8E72C2D51A0D0E8663161799753F45 |
| PE256 | 5D7F6FC36D4CC0B1A21602274F225D4644D927F1BB462C25525FA0D57FBBC3B5 |
Runtime Data
Child Processes:
powershell.exe
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\system32\SystemSettingsRemoveDevice.exe |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: SystemSettingsRemoveDevice.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/4264902a2befcf2a94a3bf5b660837581eb777742ad3ba8d405b67a52edadfd9/detection
MIT License. Copyright (c) 2020-2021 Strontic.