coredpussvr.exe
- File Path:
C:\Windows\system32\coredpussvr.exe
- Description: coredpussvr.exe
Hashes
| Type |
Hash |
| MD5 |
701AF7D884B07E69D1FCB75E193C3FB4 |
| SHA1 |
D0A2B7E929AB3CD93E8712EC81F4CF724312908C |
| SHA256 |
3478AD525FE16EF4D7742F547C45D4FCD9046378B19ECCE963606E0392308209 |
| SHA384 |
3900662B457133CE0A689BBE674D17268517D905053AE99E23FDEDCE1A98206451BC7D57F8153346D155198901176494 |
| SHA512 |
BB77A8579C1AF1605157B9471892980FD7F709EB38F3BB087E3992BB9D68A05AD919772ED5362DD1E7FA9470A899EE8F4F28543DE0BFB0CD4D80E627664A1CCA |
| SSDEEP |
1536:QsPD9VTdjy5KbrwHDGj8r37lQU35o942LQm0o+2Q:QsblmKbrNYr37Oiz2LTj+l |
| IMP |
16F602B525E407B740EE990577004CF7 |
| PESHA1 |
BF7FE4747CD426C8604A7C92EBA0D9185773BFCA |
| PE256 |
D9EA9D1446657D0987D9490FCBCA7A91E0EA5417C0D9FC8D00771DA9E30EEEFD |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\combase.dll |
| C:\Windows\system32\coredpussvr.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: coredpussvr.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/76
- VirusTotal Link: https://www.virustotal.com/gui/file/3478ad525fe16ef4d7742f547c45d4fcd9046378b19ecce963606e0392308209/detection
MIT License. Copyright (c) 2020-2021 Strontic.