hvax64.exe
- File Path:
C:\WINDOWS\system32\hvax64.exe
- Description: Hypervisor V2.0
Hashes
| Type |
Hash |
| MD5 |
9ECF7EC0A53D3C044216CDAF3392D9DF |
| SHA1 |
B67E5CB12CFE4FBC42C8CE7C9858B608BCE1C3B7 |
| SHA256 |
A0C717E20362448DE9BF7CDD44C72F06BE16864D3F1AFFDF6E8BA09E5D6B96D6 |
| SHA384 |
89334C7E528DF71A26F5F8E98D3452979FD02A423487E828677E4E56DCD028EA72A7FFEAF6C6A06858B48982ED870E40 |
| SHA512 |
6ED7DE771D5EE048B81FD23273718035F7DCD523462555D900BCF7FD260D8C99CA7E5174D0081AAEEE4B2365A5A1D957D8B05B32F4C812DDE6AE2D044541528E |
| SSDEEP |
24576:HoIQJqUyRfuMmJU8qYZEEgRIftNh+/dz4iOLA1vhqLXrjdE17K9GJ:IlotuMmJU8qW1MIfYz5oXrxE1YGJ |
| IMP |
D5AEC1C1F764856CFB4155CEE3321234 |
| PESHA1 |
DE080D27AFB10875FE6D90D6D50AEA86E8F13ACC |
| PE256 |
4447A9754C368CD5FEDB500A4AB32D88B4125E5EA866D1B43B7F43A01BFA7247 |
Runtime Data
Child Processes:
conhost.exe hvax64.exe WerFault.exe
Open Handles:
| Path |
Type |
| (RW-) C:\Windows\System32 |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \Sessions\2\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\WINDOWS\system32\hvax64.exe |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: hvax64.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.282 (WinBuild.160101.0800)
- Product Version: 10.0.22000.282
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/a0c717e20362448de9bf7cdd44c72f06be16864d3f1affdf6e8ba09e5d6b96d6/detection
MIT License. Copyright (c) 2020-2021 Strontic.