WMIADAP.exe

File Path: C:\Windows\system32\wbem\WMIADAP.exe
Description: WMI Reverse Performance Adapter Maintenance Utility

Hashes

Type	Hash
MD5	`44FA781649A564AD9DD8453D14758F96`
SHA1	`F3651B5BCAC5CED5174F43DDC98DDF3BE8616CDD`
SHA256	`9B1F44ED54A0AB6D1A18D113BA3C946D961F4D652FFBA0C3F1B2AA89A6CC7D0E`
SHA384	`4603C8EC84358C290574773638214D59D9C8BB25073DD4582E57D46ACEE235EA1623DE8E72AC9E9615B0E346742E1486`
SHA512	`C4E45384451823375D913C5A74D73858A7D0BAFA84825B56472731700192B16E3CA3B60CED7A79E88DA05B828035ED043266336140F25AEDF0BBF706A879C923`
SSDEEP	`1536:cg5H2POb7l/WO7bMv+MinfDTeuzP0DxPfrkiD9r+vCtrFtwgVeBLbZ1jh1aANQdo:j1JbMvefDF8DNHD9r+qzK1mwUMOofqq`
IMP	`367D299428703C9A9715504BFE071C97`
PESHA1	`1756F43A1467F839F5D6951608CA59F0DE99C108`
PE256	`16B0C87AEFF51A43F5FFE4B5B587446903F2410DBA147C4AB4CD9F4E35B8DB1C`

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\combase.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\system32\wbem\WMIADAP.exe
C:\Windows\SYSTEM32\wbemcomn.dll

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: wmicookr.dll
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.610 (WinBuild.160101.0800)
Product Version: 10.0.19041.610
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/76
VirusTotal Link: https://www.virustotal.com/gui/file/9b1f44ed54a0ab6d1a18d113ba3c946d961f4d652ffba0c3f1b2aa89a6cc7d0e/detection

MIT License. Copyright (c) 2020-2021 Strontic.