bdechangepin.exe
- File Path:
C:\Windows\system32\bdechangepin.exe - Description: BitLocker Drive Encryption: PIN Change Tool
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | 5EEE93027DABB96684475B1041B1CA5D |
| SHA1 | 129C17C49EE5BF6F242769947DD1921A43F8292E |
| SHA256 | D95A9FC4ED07A68F0BFA47D46DA7E5A4E22021312B7B86672F2A1F8094AD368F |
| SHA384 | 6558ADAE6397AC17A12FA7BB5E5F6C5C8837D38BE09FF0BCB34DF33ADC3BF1CFE034D16C5A918F104A586BD0EF21CCF0 |
| SHA512 | 4308D4FB15766671FA20FECB74FF8CABAA9CFF19AC493B2998499F4E20E52414F2694AC79E846067BFA27EF924DA41E4B3233FE252641120110FCA5AC364B416 |
| SSDEEP | 6144:FXrzcsIHVxHEVHHHQVb1kHVqHVqHQQbTuTRTHTfTEHVf2XTQT6TITQT+VyW176e+:pfVH+S+ |
Runtime Data
Window Title:
BitLocker Drive Encryption
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\bdechangepin.exe.mui | File |
| (R-D) C:\Windows\System32\en-US\duser.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\imageres.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\KernelBase.dll.mui | File |
| (R-D) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.17763.1397_en-us_f4818e157fed07c9\comctl32.dll.mui | File |
| (RW-) C:\Users\user\Documents | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.17763.1397_en-us_f4818e157fed07c9 | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.1397_none_de7645305346d5dc | File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \Sessions\2\Windows\Theme4283305886 | Section |
| \Windows\Theme1956823608 | Section |
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\advapi32.dll |
| C:\Windows\System32\bcryptPrimitives.dll |
| C:\Windows\system32\bdechangepin.exe |
| C:\Windows\System32\cfgmgr32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\cryptsp.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\kernel.appcore.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\powrprof.dll |
| C:\Windows\System32\profapi.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\System32\shlwapi.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\System32\windows.storage.dll |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265 - Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: bdechangepin.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.