metricbeat.exe
- File Path:
C:\Program Files\Elastic\Agent\data\elastic-agent-5ae799\install\metricbeat-7.15.1-windows-x86_64\metricbeat.exe
- Description: Metricbeat is a lightweight shipper for metrics.
- Comments: commit=5ae799cb1c3c490c9a27b14cb463dc23696bc7d3
Hashes
| Type |
Hash |
| MD5 |
6A3693810BCD18A933AAA6EBDDECF4B5 |
| SHA1 |
677CBDF0DE6F8587389D2C2D384F95A123BFD7CC |
| SHA256 |
2A11B2578F599490BF2FF8F86C9442E8541AFA3E53DE04C24190FC55D577F76B |
| SHA384 |
CA8CFA9A522C09D04E4A9A14E94092B0EF596AB0B7FFB40A1A5865C360204C0D9305EFF2A1D0270C10F8341A6092B4DC |
| SHA512 |
DB72690F9EB19B22BAB4A7089E828F19FE3F69C3B5AD11ECF0887803DB92C382A55344E95C61BF29DE3CDAC6ACAE39862E4B6A0609701EEC7E18296CC1A36BF8 |
| SSDEEP |
786432:qmdmV9B8c1RC8nmMhpnpoXQJbtmZR4eu9SfwJyqjSq9avc5b00ENChkhtX3Fg9+M:ozB3Rs1Y/5lyc |
| IMP |
D57849CFBF2281FEF79DD8647DAB7AF9 |
| PESHA1 |
3648C9A8AAB53D44BA5D3E6ECEC782FF167C96CB |
| PE256 |
1871651DF434716B63837CA49A3222CB9BC4944AA768C3EE3A4682A5F6E6E2F8 |
Runtime Data
Child Processes:
conhost.exe
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Program Files\Elastic\Agent\data\elastic-agent-5ae799\install\metricbeat-7.15.1-windows-x86_64\metricbeat.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
0D6AC55C87AAE413A8D7E1303C483495
- Thumbprint:
9F1AE2588723FD3E8F374C688D5A9FCE0EC50F44
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Elasticsearch, Inc.”, O=”Elasticsearch, Inc.”, L=Mountain View, S=California, C=US, SERIALNUMBER=5195380, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: metricbeat.exe
- Product Name: Metricbeat
- Company Name: Elastic
- File Version: 7.15.1
- Product Version: 7.15.1
- Language: Language Neutral
- Legal Copyright: Copyright Elastic, License Elastic License
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/2a11b2578f599490bf2ff8f86c9442e8541afa3e53de04c24190fc55d577f76b/detection
MIT License. Copyright (c) 2020-2021 Strontic.