WMPDMC.exe

File Path: C:\Windows\system32\WMPDMC.exe
Description: Cast to Device

Hashes

Type	Hash
MD5	`209E92EAD1CE8D7ED3F66A33CE3B04F7`
SHA1	`E604FA0300F6189DFEA5E0AC26755557DC3EE252`
SHA256	`D7581B8C82FAF97B9B2049F031D29AAE593AAEB3DA805F5AF14944C0129622EB`
SHA384	`4280E8B3127037C2B1C4D099D363E8F66C71E33F96C258A824D9A564D1420FB8B077B48A2989D5C8C9F0ADA0FC722B83`
SHA512	`1A9BEC23F6901BEC2BE0AF5CB9ECAF6159DB16581C1F87BC2827A91FA73EA3E50BEB41104CB04DFFF04569D4C38B8397269A8C9704782D2E7B76DF51A6663636`
SSDEEP	`24576:s0kbwKYJXtbr9DcuRxQHABbAizBGuP0nmsWmsnQX+TO0EHVJZh/u:sFbwKidftXQStGDn1WmsnJKHVU`
IMP	`4104CF876C2E2570AFB2FF65C56DD170`
PESHA1	`363D2F23EF8D43AF7037664226983ED1DF61324E`
PE256	`C5B2A2EB7922EE0228EDC20F65FEE40657E9B2826C8C929BAB6D22A45613F341`

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\ADVAPI32.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\ole32.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\System32\win32u.dll
C:\Windows\system32\WMPDMC.exe

Signature

Status: Signature verified.
Serial: 330000023241FB59996DCC4DFF000000000232
Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: WMPDMC.exe.mui
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/76
VirusTotal Link: https://www.virustotal.com/gui/file/d7581b8c82faf97b9b2049f031d29aae593aaeb3da805f5af14944c0129622eb/detection

File Similarity (ssdeep match)

File	Score
C:\WINDOWS\system32\WMPDMC.exe	30
C:\Windows\system32\WMPDMC.exe	29
C:\Windows\system32\WMPDMC.exe	32
C:\Windows\system32\WMPDMC.exe	30
C:\Windows\SysWOW64\WMPDMC.exe	30

MIT License. Copyright (c) 2020-2021 Strontic.