audiodg.exe

  • File Path: C:\Windows\system32\audiodg.exe
  • Description: Windows Audio Device Graph Isolation

Hashes

Type Hash
MD5 B6AD9EA14ECBA405C88628BC78282710
SHA1 87A17FA486A5C143EEB6F1C848E1334ECBB57B55
SHA256 CC23EC7F03AF7C2B27113C71BEB978BBB3C833CC1074478D57852DB21A769AF9
SHA384 A7F0532A2701E563D88CE0D5613DBF6E2E6287D2546B18288F4DA80958718F2C2AC989E411F88EAB5B59EE221718E2CC
SHA512 E50011ACEA13FBD19A78FA0951A8BC5A364B62876748FD99CB2D438570496158891571835D2B62FF06CC53A5FB58E2E8CA6AA54FB6B2908F1BBE001DB87E09B8
SSDEEP 6144:inVW0hJZ8U/7+z5e6JuHspYbrj6T0ThjjhYE+JrJf:4JZ1SM6JuHspYXBKFR

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: audioadg.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of audiodg.exe being misused. While audiodg.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma sysmon_creation_system_file.yml - '*\audiodg.exe' DRL 1.0
sigma win_system_exe_anomaly.yml - '*\audiodg.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.