UevTemplateConfigItemGenerator.exe

  • File Path: C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
  • Description:

Screenshot

UevTemplateConfigItemGenerator.exe

Hashes

Type Hash
MD5 BF6C2ECA0D2641FD6260146BEBD7A799
SHA1 06088D57FB815C7B69C52D2DAF22B5B92040D09A
SHA256 CE1126E2F236846B632DEFB5CAC7FC4C58F41CCF04BBF59BAB795881E3FF2739
SHA384 A06EE6D21E6A5992F89C38F2F0A380FE00E7B6378DFA61B08D1686C6395DF8BDB6CCB3049F54E3BBF72D2359DCE4971D
SHA512 8B1E2E9BBC39288E5B3C6C619B4B78A412B3E4CA3FD120E45C6E7EC590D2745F2B29B5F560C94B268237F44A13F89F81DE6DCFAAD3CC0C1231F31B4459529C4D
SSDEEP 192:le3TgNRstIygBSlZ1EjGTubagmACdsa/2pjD0XKWp8eMPOHnVWdFWTzv:lguRse618CIbmhdsa/2pjDWp8eXWdFWv
IMP F34D5F2D4577ED6D9CEEC516C1F5A744
PESHA1 CAF71D538A14664752B9ED66A3F438AEB7158316
PE256 F1CBB3141142931F8A9B7F555F8C986D6E61E4F8CEB1A7BF0461F02ABD245F79

Runtime Data

Child Processes:

conhost.exe

Window Title:

UevTemplateConfigItemGenerator.exe - This application could not be started.

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(R-D) C:\Windows\SysWOW64\en-US\user32.dll.mui File
(RW-) C:\Windows File
(RW-) C:\Windows\SysWOW64 File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.22000.1_none_6ec7c6847ea94424 File
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro Section
\Sessions\2\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\Sessions\2\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\2\Windows\Theme1077709572 Section
\Windows\Theme3461253685 Section

Loaded Modules:

Path
C:\WINDOWS\SYSTEM32\ntdll.dll
C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
C:\WINDOWS\System32\wow64.dll
C:\WINDOWS\System32\wow64base.dll
C:\WINDOWS\System32\wow64con.dll
C:\WINDOWS\System32\wow64cpu.dll
C:\WINDOWS\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: UevTemplateConfigItemGenerator.exe
  • Product Name: Microsoft (R) Windows (R) Operating System
  • Company Name: Microsoft Corporation
  • File Version: 0.0.0.0
  • Product Version: 0.0.0.0
  • Language: Language Neutral
  • Legal Copyright: Copyright (c) Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/ce1126e2f236846b632defb5cac7fc4c58f41ccf04bbf59bab795881e3ff2739/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\UevTemplateConfigItemGenerator.exe 61
C:\Windows\system32\UevTemplateConfigItemGenerator.exe 60
C:\Windows\system32\UevTemplateConfigItemGenerator.exe 61
C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe 60

MIT License. Copyright (c) 2020-2021 Strontic.