audit.exe

File Path: C:\Windows\system32\oobe\audit.exe
Description: Audit

Screenshot

audit.exe

Hashes

Type	Hash
MD5	`8AEFDBCD3DD41F92FD7C158EDA53BEF6`
SHA1	`CBB607956A22CA1801FA90E84F4B34D502A84D60`
SHA256	`1B17921ADC27FD0D29F5F1F02A333596FC25CCA27E2AE010F7B42FD8AC9EA80E`
SHA384	`4BB00B57944CD678791FC32F400FB50CDA05925A3BC9820801332103736624915A8AE31E9E157D14650B9E99186C7178`
SHA512	`D59144494952D92012508BB50B78D1EC398D517C5B1FF7C81C2C0D7B62181C972A16B4AD8930401BDFCB06D0C85CDB208A1D8CD98B04C8792B636CE909390787`
SSDEEP	`1536:9rZ3vNrbQBU8aB9Xf7XSB7Oz8jmeBPNNrvrmRzM:9V/NroU8a7Xf7XSB7y+/JNlU`

Runtime Data

Open Handles:

Path	Type
(R-D) C:\Windows\Fonts\StaticCache.dat	File
(R-D) C:\Windows\System32\oobe\en-US\audit.exe.mui	File
(RW-) C:\Users\user\Documents	File
(RW-) C:\Windows\Panther\UnattendGC\diagerr.xml	File
(RW-) C:\Windows\Panther\UnattendGC\diagwrn.xml	File
(RW-) C:\Windows\Panther\UnattendGC\setupact.log	File
(RW-) C:\Windows\Panther\UnattendGC\setuperr.log	File
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section
\BaseNamedObjects\SetupLogSection	Section
\Sessions\2\Windows\Theme4283305886	Section
\Windows\Theme1956823608	Section

Loaded Modules:

Path
C:\Windows\SYSTEM32\ntdll.dll

Signature

Status: Signature verified.
Serial: 330000026551AE1BBD005CBFBD000000000265
Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: AUDIT.EXE.MUI
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.17763.1 (WinBuild.160101.0800)
Product Version: 10.0.17763.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.

MIT License. Copyright (c) 2020-2021 Strontic.