hvsievaluator.exe

  • File Path: C:\Windows\system32\hvsievaluator.exe
  • Description: Microsoft Defender Application Guard Policy Evaluator

Hashes

Type Hash
MD5 FE0C06BD45CB8E86F045762C075D93F9
SHA1 ACB0DB6D7CDCBC3C2481EE383C891C4D987CDD26
SHA256 EA55DFABB7A47BD450ED3050F88E3B6A64FDC0B918B93211AAF35A430D3648CC
SHA384 D1432E8B6D4DCA28A5FBB93DE72BE9610D7AE1BB4F04285C2CB06A0FE4F839072D8C00F8CD965C5CA471A8347464CCBA
SHA512 A718261E4C689C316B79417905393385822601116F79A7DFFC774C60B6DF93498F860BD75D84D5ABFA03F0EE68848F5B6386A0F8BE5BBEB7448EF7C5B76D1E29
SSDEEP 3072:FreHkNbos3z8e5v8BcxpiShhY4UvkRLu/lMwSKpgBXOB:FqObNIeF8BcfL/Av/lM4pB
IMP CC212F8761E4BA1B24A972424E200D17
PESHA1 3BCD5494B5B25E18E29C0F608D8CED085FC29D59
PE256 651CE18FF6FBF3FB3068C2AD7F043E6E27DAD12401E698C68FB5EDFF1573AABA

Runtime Data

Loaded Modules:

Path
C:\Windows\system32\hvsievaluator.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: HvsiEvaluator.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/ea55dfabb7a47bd450ed3050f88e3b6a64fdc0b918b93211aaf35a430d3648cc/detection

MIT License. Copyright (c) 2020-2021 Strontic.