distnoted.exe

  • File Path: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
  • Description: distnoted

Hashes

Type Hash
MD5 899CED92AB6A8B024568572CB2748126
SHA1 ED2BEDB8D11C43E911A678ECD554B90B1C943667
SHA256 876BA2682F1E6B8DCCEAB81D9089411371BD71B0E0D41B2CD98C1D0ADD3BDFB0
SHA384 B4F05C3EAC9D7972EB0D904CBF896BA42FCF945C88FF4FE93F5B1FE87B3ADF7A252CD86AB7152E9F4A8AFED4DA4E5790
SHA512 DD4607277B984358F638C4186F259A842C243C64912DEC4B05B0267D1751E62B41552D85A7392E6D8DE73CD2694EEBE9C607F884D401C1BB29254605BABF8E10
SSDEEP 384:ZjlAvnsJMK/3/ZJ7wWknYPLgCejdPP2cXO8JN77hhaWO:ZjlKns7HZJ7w/pCmd32cXJ3hED
IMP D86FE8F02617C44DE1A1B73918549187
PESHA1 8180BEA9569C3DC773ADF802AC0AE0CC16659147
PE256 3E59533C0C4495BE666D058113E7FF450365E8DB75458184732D192C150C3953

Runtime Data

Child Processes:

conhost.exe

Open Handles:

Path Type
(RW-) C:\Windows File
(RW-) C:\xCyclopedia File
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section

Loaded Modules:

Path
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\distnoted.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 4EF16586A2FF12D69C556EC4C91BAEE1
  • Thumbprint: 634A0D892E72161714861C178015AFE9C1832E14
  • Issuer: CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US
  • Subject: CN=Apple Inc., O=Apple Inc., L=Cupertino, S=California, C=US

File Metadata

  • Original Filename: distnoted.exe
  • Product Name: distnoted
  • Company Name: Apple Inc.
  • File Version: 1,750,441,0
  • Product Version: 1,750,441,0
  • Language: English (United States)
  • Legal Copyright: Copyright (C) 2007-2011, Apple Inc.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/67
  • VirusTotal Link: https://www.virustotal.com/gui/file/876ba2682f1e6b8dcceab81d9089411371bd71b0e0d41b2cd98c1d0add3bdfb0/detection/

File Similarity (ssdeep match)

File Score
C:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe 100
C:\program files (x86)\Common Files\Apple\Apple Application Support\plutil.exe 38
C:\program files (x86)\Common Files\Apple\Apple Application Support\VersionCheckMe.exe 36
C:\program files\Common Files\Apple\Apple Application Support\VersionCheckMe.exe 33
C:\Program Files\Wireshark\dftest.exe 27
C:\Program Files\Wireshark\mmdbresolve.exe 35

MIT License. Copyright (c) 2020-2021 Strontic.