dpapimig.exe
- File Path:
C:\WINDOWS\SysWOW64\dpapimig.exe
- Description: DPAPI Key Migration Wizard
Hashes
| Type |
Hash |
| MD5 |
A93AF2B5E8B7BB4E01E4724936792549 |
| SHA1 |
29154EBD1A3325C7F2BD14EE7BC9C40A493181F0 |
| SHA256 |
7454E56AB55F9FE4FBC1985E5050736650C3AE314FC694BA328FF13822500B7F |
| SHA384 |
9B38587D875B35D36A0711F6EAAD488A0529780579800395F577D07A73BD3F36C626472ECD793807E228933EF9506A58 |
| SHA512 |
05CFAA75E25E32B215F53437DA1E3261B72D71C37A5C54DCC07C039CBA95E85FD2139531567759DAD9FFE3D78988953F75DA3FF15F46A0CEA980288DB0C63005 |
| SSDEEP |
1536:ekOd5lUOGuvZKqUZir/QxkvhJ800l3uU1HIED1fCbWpygzUv:kd5lUiKiJrSJj16bE4 |
| IMP |
DA3FB0A7EB3F23A19BB11529165AC3DA |
| PESHA1 |
06CF3CDE983BC0AFA776F28193EA55479DB265D8 |
| PE256 |
20659391B1BC9A80BB93DA6BA06BE93600121C78A964A4A71943E4044325FCE4 |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\System32\wow64.dll |
| C:\WINDOWS\System32\wow64base.dll |
| C:\WINDOWS\System32\wow64con.dll |
| C:\WINDOWS\System32\wow64cpu.dll |
| C:\WINDOWS\System32\wow64win.dll |
| C:\WINDOWS\SysWOW64\dpapimig.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: dpapimig.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/7454e56ab55f9fe4fbc1985e5050736650c3ae314fc694ba328ff13822500b7f/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.