WpcMon.exe
- File Path:
C:\Windows\system32\WpcMon.exe
- Description: Family Safety Monitor
Hashes
| Type |
Hash |
| MD5 |
6BC04F955F45ADFC773AAC1E2F85CCAA |
| SHA1 |
38A074247E13CC6D2877A08778706CEBE9C81670 |
| SHA256 |
3B6BC46957D9E3F80B779C49CF7BC3FB4CBE36146846E403FB32D099F9A1377A |
| SHA384 |
75948F84D8204D370705FE9BEE793EA9DB5986F8F39A9E85A62BC942179130CADC91685E0A076B57D1BCE524CF317E35 |
| SHA512 |
19F5D4DB6B7A6E94852166825A7D6B488058D9F95FC69E3D8D30BDA1946C6B1445D18B9EA20944F9F09AE24B92E2C0F951D25D4602D3FDD9F673ECA196943E72 |
| SSDEEP |
12288:4amHqMxasxJYXsWA8rveXjDU93FxCV+cXTIv14H/zKc6kY0TqN5MGF51:OHqMbJYQyveXfU93FJcXeO/zK5ku7MG |
| IMP |
90B627BA14E9505072A4E361848F38B2 |
| PESHA1 |
E50F8558F93B61AAF08C93A9022A69E5A76BCC15 |
| PE256 |
611FE52F5D2CE668A1B5314950A75C215A05CB6D2072823BF4D578152913CD0D |
Runtime Data
Child Processes:
WpcMon.exe WerFault.exe
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\WpcMon.exe.mui |
File |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\System32\SHLWAPI.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\system32\WpcMon.exe |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WpcMon.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.423 (WinBuild.160101.0800)
- Product Version: 10.0.19041.423
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/3b6bc46957d9e3f80b779c49cf7bc3fb4cbe36146846e403fb32d099f9a1377a/detection
MIT License. Copyright (c) 2020-2021 Strontic.