easinvoker.exe

File Path: C:\Windows\system32\easinvoker.exe
Description: Exchange ActiveSync Invoker

Hashes

Type	Hash
MD5	`BEBA5F5A62E1E3A01F1ADB028192E475`
SHA1	`9E22D7A129074E118531BF328E75235FA5135BE4`
SHA256	`D6C7259046E76E147E2D0F40329E0605287C80A51E6417BABCD4B5D9998949CE`
SHA384	`A2B06AC98D3DD403AD51F5B957EA0F09F9916594E2F843F805471C2B58B7CDBB4838C46999A93A71C1120C36AAF4A686`
SHA512	`648F10DC7FFBE660C9BEAB755AABC831299D78AFA70BB94FA89CDE6DD3A1CEFFA567C9509B0045A078D587300034342151E5434FCB8ECBEE44C1FE232FE9856B`
SSDEEP	`1536:TUilM88czDUYbnZl9GRUx996Zu2xXibswbTYJz5R6ZfQ3qpPK:TZDRZl9GRPu2xXibswbUT6RSii`
IMP	`B9666648F462F12EAFF9CE3670385097`
PESHA1	`3F7870F750EE6090F88429254ACA3570C8B18FD9`
PE256	`FC5EB0D00B2004E8C62F800D098BFA32FAB073A0FCCD8E07B242B1C785D7306E`

Signature

Status: Signature verified.
Serial: 33000001C422B2F79B793DACB20000000001C4
Thumbprint: AE9C1AE54763822EEC42474983D8B635116C8452
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: easinvoker.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.17763.1 (WinBuild.160101.0800)
Product Version: 10.0.17763.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/69
VirusTotal Link: https://www.virustotal.com/gui/file/d6c7259046e76e147e2d0f40329e0605287c80a51e6417babcd4b5d9998949ce/detection/

File Similarity (ssdeep match)

File	Score
C:\WINDOWS\system32\easinvoker.exe	40
C:\Windows\system32\easinvoker.exe	47
C:\WINDOWS\system32\easinvoker.exe	43

MIT License. Copyright (c) 2020-2021 Strontic.