cofire.exe
- File Path:
C:\WINDOWS\system32\cofire.exe
- Description: Corrupted File Recovery Client
Hashes
| Type |
Hash |
| MD5 |
8ACC026662E51A5B33456B457DB1BC9F |
| SHA1 |
4610DBC020513E34DFD3E08A521C87A13FE750BE |
| SHA256 |
7FAEA0EA3640569C0B95F4F6CA939475873468E9DBCDB5E1CD7849B0F57EA5C6 |
| SHA384 |
FFCF509470DAF7C998A86737C2139D7BC9C4F1FD1E24DA040754D481AA548607DE3897D55E08279CF4AC922C8CE0D82C |
| SHA512 |
483FE6E1D55A472DD2E353D9F7B78C80FF27E86148854A5C71E4463BC98507A9B264EBD6608BD2FEF6458E6EB0DB08AACC1529C6E2F8E59A27D3DF72FC083FC4 |
| SSDEEP |
384:C14TidnL/havrMJ1plno8MOX1DF4B5V66gyG/704qcrgnNimNPEGWbJW:C14Ti6MJ13dX1J40yKknYmFED |
| IMP |
49C319693A3F09328AFCB91C7F2E2CBE |
| PESHA1 |
04A7863DCEE55BFD8CAD83F741A73E018B955BAE |
| PE256 |
29484C751B6F36E8D006CBD0EFE9A8D9207C937A330264EE73C05315B877006C |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\system32\cofire.exe |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: cofire.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/7faea0ea3640569c0b95f4f6ca939475873468e9dbcdb5e1cd7849b0f57ea5c6/detection
MIT License. Copyright (c) 2020-2021 Strontic.