logagent.exe
- File Path:
C:\Windows\SysWOW64\logagent.exe
- Description: Windows Media Player Logagent
Hashes
| Type |
Hash |
| MD5 |
AA8A67D6FB3A32FCD46078FBE61A5E26 |
| SHA1 |
CF9F4A8BC06F3B03385B4FC60EF38075C4BEF109 |
| SHA256 |
E8B7A1DBCFBBFC948BEB96F4E716CE243BDDB6A2E643C6C180BA54CE529ADEF4 |
| SHA384 |
55823EB48E0D00DC2F34E73122E4809B4266774D7AE1DD2616A44076BB1C3BBCCB7719B399609E6392D05789F494878B |
| SHA512 |
6EE754EF76CCF8DDEBFFCECCC958D332A456488FAFDE2FFE241CBBA441F84829884A0D112D007A23947BAE12E1CF27F202928CA0885024E892631C46AB204649 |
| SSDEEP |
1536:g8EanzTRKTfpChJgUgKaM37iqynweFaf+5pNknbhWduXKvCK7olBoOF:IanzNKTpChgEUFafspA9WduXQCK74Bo |
| IMP |
B6C7B26AD38A6146C7BB1A6BF5FBAAA8 |
| PESHA1 |
44ED9F1B270F880CA7FBCE60BDA5775D011435B0 |
| PE256 |
94F0C5A09FBD0DED19486D7234FCE3F6D52FFE100E9DAA3E73B04D6F4367C119 |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\logagent.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: logagent.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 12.0.19041.1
- Product Version: 12.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/e8b7a1dbcfbbfc948beb96f4e716ce243bddb6a2e643c6c180ba54ce529adef4/detection
MIT License. Copyright (c) 2020-2021 Strontic.