msinfo32.exe

  • File Path: C:\Windows\SysWOW64\msinfo32.exe
  • Description: System Information

Screenshot

msinfo32.exe

Hashes

Type Hash
MD5 E0A7B839C77497E01864479B70ACB5AE
SHA1 74DBDE5817BBCDCA9DBF81CE24461AC7F6AFFDC0
SHA256 7C9587BAD9050E03F13AB1F46E4F02F350CDD0A6EA893F70D52436E3849B2985
SHA384 0A1C265419CEF0C310DB72E768431A4D2C797B1874B072F5C9E44ACD31693FEA0069505AF7779A33F40AFAE1207193C0
SHA512 6D86476E1F1ADAF493063A4AB52128BCDA6CD0D3EFB4D1BD304D55CC9B3697FAC111D816C8BE3BB0FA872ECEB0356A4B1F415E50D88FFF4B4A187B6FF790DBC4
SSDEEP 6144:8+Curxrt3aOo/8McrIHxKhph5hphcl1oMtSZEOHHrpm1XUZLxEZEOHHrpm1XUZLp:8HuVgD/LmIHxKhph5hphcl1LOtLpm1E0
IMP B82A7325B56EDAACBA365CDE179A07C8
PESHA1 0F79860591C9CB296F3781D49189669320F3D4DF
PE256 EA416041E0D1B4A0F167FCCAC677752C95F1B8869B0845D940D0E7973DFB058C

Runtime Data

Window Title:

System Information

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(R-D) C:\Windows\System32\en-US\MFC42u.dll.mui File
(R-D) C:\Windows\System32\en-US\msinfo32.exe.mui File
(R-D) C:\Windows\System32\en-US\propsys.dll.mui File
(R-D) C:\Windows\System32\en-US\winnlsres.dll.mui File
(R-D) C:\Windows\SysWOW64\en-US\user32.dll.mui File
(RW-) C:\Users\user File
(RW-) C:\Windows File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627 File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\1\Windows\Theme1175649999 Section
\Windows\Theme601709542 Section

Loaded Modules:

Path
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll
C:\Windows\SysWOW64\msinfo32.exe

Signature

  • Status: Signature verified.
  • Serial: 330000026551AE1BBD005CBFBD000000000265
  • Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: msinfo.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/75
  • VirusTotal Link: https://www.virustotal.com/gui/file/7c9587bad9050e03f13ab1f46e4f02f350cdd0a6ea893f70d52436e3849b2985/detection

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 63
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\msinfo32.exe 100
C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe 55
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe 54
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe 54
C:\Program Files\Common Files\microsoft shared\MSInfo\msinfo32.exe 58
C:\Windows\system32\msinfo32.exe 54
C:\Windows\system32\msinfo32.exe 54
C:\Windows\system32\msinfo32.exe 58
C:\WINDOWS\system32\msinfo32.exe 36
C:\windows\system32\msinfo32.exe 57
C:\WINDOWS\system32\msinfo32.exe 55
C:\Windows\system32\msinfo32.exe 57
C:\Windows\SysWOW64\msinfo32.exe 49
C:\WINDOWS\SysWOW64\msinfo32.exe 41
C:\windows\SysWOW64\msinfo32.exe 55
C:\Windows\SysWOW64\msinfo32.exe 63
C:\WINDOWS\SysWOW64\msinfo32.exe 65
C:\Windows\SysWOW64\msinfo32.exe 55

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.

msinfo32

Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Opens the System Information tool to display a comprehensive view of the hardware, system components, and software environment on the local computer.

Some System Information categories contain large amounts of data. You can use the start /wait command to optimize reporting performance for these categories. For more information, see System Information.

Syntax

msinfo32 [/pch] [/nfo <path>] [/report <path>] [/computer <computername>] [/showcategories] [/category <categoryID>] [/categories {+<categoryID>(+<categoryID>)|+all(-<categoryID>)}]

Parameters

Parameter Description
<path> Specifies the file to be opened in the format C:\Folder1\File1.xxx, where C is the drive letter, Folder1 is the folder, File1 is the file name, and xxx is the file name extension.<p>This file can be an .nfo, .xml, .txt, or .cab file.
<computername> Specifies the name of the target or local computer. This can be a UNC name, an IP address, or a full computer name.
<categoryID> Specifies the ID of the category item. You can obtain the category ID by using /showcategories.
/pch Displays the System History view in the System Information tool.
/nfo Saves the exported file as an .nfo file. If the file name that is specified in path does not end in an .nfo extension, the .nfo extension is automatically appended to the file name.
/report Saves the file in path as a text file. The file name is saved exactly as it appears in path. The .txt extension is not appended to the file unless it is specified in path.
/computer Starts the System Information tool for the specified remote computer. You must have the appropriate permissions to access the remote computer.
/showcategories Starts the System Information tool with all available category IDs displayed, rather than displaying the friendly or localized names. For example, the Software Environment category is displayed as the SWEnv category.
/category Starts System Information with the specified category selected. Use /showcategories to display a list of available category IDs.
/categories Starts System Information with only the specified category or categories displayed. It also limits the output to the selected category or categories. Use /showcategories to display a list of available category IDs.
/? Displays help at the command prompt.

Examples

To list the available category IDs, type:

msinfo32 /showcategories

To start the System Information tool with all available information displayed, except Loaded Modules, type:

msinfo32 /categories +all -loadedmodules

To display System Summary information and to create an .nfo file called syssum.nfo, which contains information in the System Summary category, type:

msinfo32 /nfo syssum.nfo /categories +systemsummary

To display resource conflict information and to create an .nfo file called conflicts.nfo, which contains information about resource conflicts, type:

msinfo32 /nfo conflicts.nfo /categories +componentsproblemdevices+resourcesconflicts+resourcesforcedhardware

Additional References

MIT License. Copyright (c) 2020-2021 Strontic.