fveprompt.exe

  • File Path: C:\WINDOWS\system32\fveprompt.exe
  • Description: BitLocker Drive Encryption

Hashes

Type Hash
MD5 C34C77567C966CD30CE8274D38BBE7FF
SHA1 DF4FC355E9034A51F8E40E6227759F42D282361C
SHA256 3F7F1C6B2154B2278B7CC1138DBC9F136A6CABC86A27513EAC5921A9ECD72B56
SHA384 798E45C94373EBC05DEA6B90149A4F9E8F7EB3F634DBCB97EF960AF6CD7B2114B589634B26CA93CF71409F4C43845BA1
SHA512 160779D50B3AF53759728A27C2FC666E5F96D3B19F32C500C0CC2A5F9D2B2D56BEF30B42487CB2F010D49B19533DB852BE36CA5F27F15E64AC8CB30169090874
SSDEEP 3072:uYQWAsiunFIssYvk38WmwnVS570M9kdatGCO+xmBc+hMPhPsx:LQWAsiuXssfuVs7nyatGt+SYF
IMP F4EEE32A76D9E4FEE247653CA992EDC4
PESHA1 6F88BB6296FE2B9B3092871B427405D670EFBB40
PE256 BB221ED2FABD4822FE05D7E65AD4C5102F8305AAD6C147C5EEF95199BCD4511E

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\System32\ADVAPI32.dll
C:\WINDOWS\system32\fveprompt.exe
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\System32\msvcrt.dll
C:\WINDOWS\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: FVEPROMPT.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/3f7f1c6b2154b2278b7cc1138dbc9f136a6cabc86a27513eac5921a9ecd72b56/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\baaupdate.exe 74
C:\WINDOWS\system32\baaupdate.exe 72
C:\windows\system32\baaupdate.exe 69
C:\WINDOWS\system32\baaupdate.exe 72
C:\Windows\system32\baaupdate.exe 74
C:\WINDOWS\system32\BdeHdCfg.exe 65
C:\Windows\system32\BdeHdCfg.exe 63
C:\WINDOWS\system32\BdeHdCfg.exe 65
C:\Windows\system32\BdeHdCfg.exe 63
C:\windows\system32\BdeHdCfg.exe 66
C:\Windows\system32\bdeunlock.exe 43
C:\Windows\system32\bdeunlock.exe 44
C:\WINDOWS\system32\bdeunlock.exe 36
C:\WINDOWS\system32\bdeunlock.exe 47
C:\windows\system32\bdeunlock.exe 44
C:\Windows\system32\bdeunlock.exe 46
C:\WINDOWS\system32\BitLockerWizard.exe 75
C:\Windows\system32\BitLockerWizard.exe 74
C:\windows\system32\BitLockerWizard.exe 72
C:\WINDOWS\system32\BitLockerWizard.exe 72
C:\Windows\system32\BitLockerWizard.exe 74
C:\Windows\system32\BitLockerWizard.exe 71
C:\Windows\system32\BitLockerWizardElev.exe 75
C:\Windows\system32\BitLockerWizardElev.exe 71
C:\WINDOWS\system32\BitLockerWizardElev.exe 74
C:\Windows\system32\BitLockerWizardElev.exe 72
C:\windows\system32\BitLockerWizardElev.exe 72
C:\WINDOWS\system32\BitLockerWizardElev.exe 71
C:\Windows\system32\fvecpl.dll 41
C:\Windows\system32\fvenotify.exe 66
C:\WINDOWS\system32\fvenotify.exe 50
C:\windows\system32\fvenotify.exe 65
C:\WINDOWS\system32\fvenotify.exe 66
C:\Windows\system32\fvenotify.exe 60
C:\WINDOWS\system32\fveprompt.exe 68
C:\Windows\system32\fveprompt.exe 66
C:\Windows\system32\fveprompt.exe 65
C:\windows\system32\fveprompt.exe 65
C:\Windows\system32\fveui.dll 47
C:\WINDOWS\system32\manage-bde.exe 44
C:\Windows\system32\manage-bde.exe 44
C:\Windows\system32\manage-bde.exe 50
C:\WINDOWS\system32\manage-bde.exe 40
C:\windows\system32\manage-bde.exe 54
C:\Windows\system32\repair-bde.exe 68
C:\WINDOWS\system32\repair-bde.exe 74
C:\WINDOWS\system32\repair-bde.exe 68
C:\windows\system32\repair-bde.exe 71
C:\Windows\system32\repair-bde.exe 66

MIT License. Copyright (c) 2020-2021 Strontic.