fveprompt.exe

  • File Path: C:\Windows\system32\fveprompt.exe
  • Description: BitLocker Drive Encryption

Hashes

Type Hash
MD5 1FDC5C40B2DE4167895EFFCAB0854C0C
SHA1 B89B0EE4A98768353D9B889CF133373DF1B79DD3
SHA256 FE5098923F27EF6055E3343A26AF9BED62EAA9EDDFCB77AB06D2328D8497B112
SHA384 81E0DC75CA7E397712F1EF807A775A43A60D3AB4B18E90DEAE46D9B21CEC3F25723B353B9225813D6FCC2DEA468E6F03
SHA512 B871F2D8E2C2E2F614D0EFE6E31445140CD2783DDAFEC4C8A859C2B0EC2F9BF77C00A34AA1727BD393DC9F7580B59BBB3B894356370A4200B8D3B8537F44EAD7
SSDEEP 3072:mCV4NknUZFc/R/e91WOyvkfQbwnVS570M9kdatGCO+xmBc+hMPhPsx:zFIFm/6MYPVs7nyatGt+SYF
IMP F4EEE32A76D9E4FEE247653CA992EDC4
PESHA1 95DD19CD0DB784F84012CFA1C6914407F7A31BC8
PE256 09F8D0EA706C281DA16FBF46D598BB71DC68A96FA4BC6E9F4642FF9349FF6B9E

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\ADVAPI32.dll
C:\Windows\system32\fveprompt.exe
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\SHELL32.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\System32\win32u.dll
C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21\COMCTL32.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: FVEPROMPT.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/74
  • VirusTotal Link: https://www.virustotal.com/gui/file/fe5098923f27ef6055e3343a26af9bed62eaa9eddfcb77ab06d2328d8497b112/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\baaupdate.exe 68
C:\WINDOWS\system32\baaupdate.exe 69
C:\windows\system32\baaupdate.exe 68
C:\Windows\system32\baaupdate.exe 72
C:\Windows\system32\BdeHdCfg.exe 65
C:\WINDOWS\system32\BdeHdCfg.exe 66
C:\Windows\system32\BdeHdCfg.exe 63
C:\windows\system32\BdeHdCfg.exe 66
C:\Windows\system32\bdeunlock.exe 44
C:\Windows\system32\bdeunlock.exe 40
C:\WINDOWS\system32\bdeunlock.exe 41
C:\windows\system32\bdeunlock.exe 54
C:\Windows\system32\BitLockerWizard.exe 75
C:\windows\system32\BitLockerWizard.exe 75
C:\WINDOWS\system32\BitLockerWizard.exe 71
C:\Windows\system32\BitLockerWizard.exe 74
C:\Windows\system32\BitLockerWizardElev.exe 69
C:\Windows\system32\BitLockerWizardElev.exe 71
C:\WINDOWS\system32\BitLockerWizardElev.exe 72
C:\windows\system32\BitLockerWizardElev.exe 71
C:\Windows\system32\fvecpl.dll 40
C:\Windows\system32\fvenotify.exe 63
C:\windows\system32\fvenotify.exe 66
C:\WINDOWS\system32\fvenotify.exe 63
C:\Windows\system32\fvenotify.exe 60
C:\WINDOWS\system32\fveprompt.exe 65
C:\Windows\system32\fveprompt.exe 66
C:\windows\system32\fveprompt.exe 65
C:\Windows\system32\fveui.dll 46
C:\WINDOWS\system32\manage-bde.exe 52
C:\Windows\system32\manage-bde.exe 47
C:\Windows\system32\manage-bde.exe 54
C:\windows\system32\manage-bde.exe 50
C:\Windows\system32\repair-bde.exe 66
C:\WINDOWS\system32\repair-bde.exe 63
C:\windows\system32\repair-bde.exe 71
C:\Windows\system32\repair-bde.exe 63

MIT License. Copyright (c) 2020-2021 Strontic.