audiodg.exe

  • File Path: C:\WINDOWS\system32\audiodg.exe
  • Description: Windows Audio Device Graph Isolation

Hashes

Type Hash
MD5 20613CCB91E7CF480C988A6905B06FFF
SHA1 99A13945576185C1D667739081E27245CE96E548
SHA256 F4DAC9E23D58879A2F5DD909F417C1F7B2B7E6C836F9FFB88FED78D5EC0CB70C
SHA384 AB64054DA8E22ECFE0DE84EE0F883B0D329140CA2FA494D5629C3C309A11ADA2C844125B6FAF554AC0C09B9592AFF510
SHA512 54F96A0EBCE805F51860835391570EB0D06FC0B52D5F17BF4988903633D98FE0FF0DEE018AA306C4C4BB0F03DC5237DAA27F9DBA2B26310A7E71846005CD9FFF
SSDEEP 6144:hn2s/UTgYurF8m7zdV970FtZUQd7fnPNkyq2zJllTdnr1IcbenL0c/PzkEr:LIVUF8ils7UQNnPlq2z1pJpbsfP4Er

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: audioadg.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.1 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of audiodg.exe being misused. While audiodg.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma sysmon_creation_system_file.yml - '*\audiodg.exe' DRL 1.0
sigma win_system_exe_anomaly.yml - '*\audiodg.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.