WMIADAP.exe

  • File Path: C:\Windows\SysWOW64\wbem\WMIADAP.exe
  • Description: WMI Reverse Performance Adapter Maintenance Utility

Hashes

Type Hash
MD5 F9BBB6D53ED2EC2929CB58FD3673C1DE
SHA1 6A7AA6B6562EE9CA8C8194B41FC92FC5D3D771B0
SHA256 76243553EFD123F8B1CF97120E8D6F0B9AAB2CBA884045E1CCEF34BD71681828
SHA384 2CFB4B0F82D29F82864176F4A75475B8E1CA1B028E00371A01F6F41631D0EAEBB38CC56506F1E050E69AFDB46D30C0AF
SHA512 EE426B81849FB295BCBD35B2152F3CC785E94943533420923F0566FA4EA9F309E7F63FC99D5D7158B81811F8F8AEE425CA5E6D0E96726ECAC0F3E18AE64E2532
SSDEEP 3072:ki+6k+4VOWQZPOu2qgXRm6kMymZO7fnQ6/W:kir4kWQ9x2qotktmZO7fQsW
IMP 8CFB5725B2F97204F3268EDACE605269
PESHA1 2E14881058AD519798FEE13C1287A8AB80FB94C7
PE256 C1B588EE4D51F7DCCBB695C8AC2F79192CF8508F36B4A8E06673201AC9F2FCF9

Runtime Data

Loaded Modules:

Path
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll
C:\Windows\SysWOW64\wbem\WMIADAP.exe

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: wmicookr.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/76243553efd123f8b1cf97120e8d6f0b9aab2cba884045e1ccef34bd71681828/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\wbem\WMIADAP.exe 85

MIT License. Copyright (c) 2020-2021 Strontic.