VmComputeAgent.exe

  • File Path: C:\Windows\system32\VmComputeAgent.exe
  • Description: Hyper-V Guest Compute Service

Hashes

Type Hash
MD5 27A860247AA0A240513C743F96053928
SHA1 B26B7D8C944C555326ADDF5F7CD06C88A9C27FF6
SHA256 C900FC9627796F92C3CDCFFFA0B6E7781FC8FFD3DAC04BE32549F34E841C030B
SHA384 C2B32D2E0C0851C007FB304DE8C030E0521E486ADFB1714827FE07FD3DD3A9E87170B948B68A7FA7853098AA018ECFF7
SHA512 5578759DC5C01B85AA6B3E1EB3AE46DC3D040417E772D0B24563EDCC4AAAC1392C38079F409E9028635348DAAEB060E9DAB909A392232648D4591FE53B9C2FC6
SSDEEP 24576:XinN0bjahjFcnroNCfGlo/pY+BVigJ2aZV+6brb9qnF:XiN0bjahj+nroNCfl/pY+VJB+s9qF
IMP 78D6614749B85E892B168EA2E2B6D5ED
PESHA1 66B777CF93D17FDD188B4940506A086DF3A5A7B6
PE256 C3163D5A5D09E8CF343EEC197471616E0761B50CB08A878E2C1873481F4FA4A0

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\advapi32.dll
C:\Windows\System32\bcrypt.dll
C:\Windows\System32\cfgmgr32.dll
C:\Windows\system32\CIMFS.dll
C:\Windows\System32\combase.dll
C:\Windows\system32\container.dll
C:\Windows\system32\DEVOBJ.dll
C:\Windows\system32\DNSAPI.dll
C:\Windows\system32\FirewallAPI.dll
C:\Windows\system32\FLTLIB.DLL
C:\Windows\system32\fwpuclnt.dll
C:\Windows\system32\GNS.dll
C:\Windows\system32\HvSocket.dll
C:\Windows\system32\IPHLPAPI.DLL
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\system32\NetSetupApi.dll
C:\Windows\System32\NSI.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\SYSTEM32\ntmarta.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\system32\VmComputeAgent.exe
C:\Windows\system32\wc_storage.dll
C:\Windows\system32\wevtapi.dll
C:\Windows\System32\WS2_32.dll
C:\Windows\system32\XmlLite.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: VmComputeAgent.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/c900fc9627796f92c3cdcfffa0b6e7781fc8ffd3dac04be32549f34e841c030b/detection

MIT License. Copyright (c) 2020-2021 Strontic.