logagent.exe
- File Path:
C:\Windows\SysWOW64\logagent.exe
- Description: Windows Media Player Logagent
Hashes
| Type |
Hash |
| MD5 |
523A40703DD9E7DA957AA92A204CB1C4 |
| SHA1 |
2A069BFF58A87F7D2B405FDF87634FB2CE213B21 |
| SHA256 |
058E1A4389AE837FAFC6A7BDFCA2ABF33CEB6915410EDBC4B2EBCA052E4F13A6 |
| SHA384 |
3D511B2DD5DF308A81D44ABF545E6F8531D4D834F48776DACB38D00B96D06004F25A407538D11B323B739F682CABE924 |
| SHA512 |
CA5002EBDDB39ACD0DBBEB77297FFB719A36BC8288AD6F2732247A28CBF1A6FE7CD238EF126F6B1CCA3F259CAB55A5C01E3BFCD9BDA3D25097233093BDB940BF |
| SSDEEP |
1536:98KszzXk8CpC4ZgSqnxMlqBiL4vk6i61J+7W3YeWYnXKYCKmyXt4:ZszLkBpC44P1k6iQJhdWYnXvCK9Xt |
| IMP |
B6C7B26AD38A6146C7BB1A6BF5FBAAA8 |
| PESHA1 |
E787B964B518D27BF84D2D32D3A616CC1E04BD56 |
| PE256 |
4C1DF8425C8E17A83EB2328D2C81C8872BD5D24D09CC23AC85D0DB914B584DCB |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\logagent.exe |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: logagent.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 12.0.19041.746
- Product Version: 12.0.19041.746
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/058e1a4389ae837fafc6a7bdfca2abf33ceb6915410edbc4b2ebca052e4f13a6/detection
MIT License. Copyright (c) 2020-2021 Strontic.