edpnotify.exe
- File Path:
C:\Windows\SysWOW64\edpnotify.exe
- Description: Microsoft Enterpise Data Protection
Hashes
| Type |
Hash |
| MD5 |
B882664AAABD678F3CC399C2980B466E |
| SHA1 |
9B1C151D49E241E410F8BBD9EE88223C106A282A |
| SHA256 |
7CE0D1716206EA262EAC237EDFAD7C98CC0C73ECADDB5F0C307330190A44C5B1 |
| SHA384 |
C78E9911BC06F1DA899058E8E0D904E501D867C55C4520075C37AD07A606E6D61EAFE65E04F63DA857208D70778B0DC3 |
| SHA512 |
3EC75047848DF450D92870679AE990E9AA95F21F07F343B9A5A8F8E4BB19139A06F48CE09D2D35F830B09BAE44C95152EC7653D158DCFFA4DB270FC44852FA3C |
| SSDEEP |
768:mih2lpRKt7hUtQgZnVUOxrhWRRPm67xcuIGE:miklcAQunaKAH/7xc5GE |
| IMP |
A212252AB049E401F16861C6DCD5B30D |
| PESHA1 |
671A676EE6F70308EA0E0AEDED7204750E353231 |
| PE256 |
CA32C1A1E446FB75C3FCC8EA9F8922BF264B3E7D41E674A0A1C11B314C42663F |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000004.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \RPC Control\DSECEBC |
Section |
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\edpnotify.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: EdpNotify.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/7ce0d1716206ea262eac237edfad7c98cc0c73ecaddb5f0c307330190a44c5b1/detection/
MIT License. Copyright (c) 2020-2021 Strontic.