ndadmin.exe
- File Path:
C:\Windows\SysWOW64\ndadmin.exe
- Description: Device driver software installation
Hashes
| Type |
Hash |
| MD5 |
1890F13BD17570D36EFE9AA192F6CE6E |
| SHA1 |
A718DCF5571EADCBF311322D30077CB95473D929 |
| SHA256 |
46E4B4F4E9B7369DBD24D8BF09B092EDB1A0E051F65467562A8A0FE5E5E988CE |
| SHA384 |
8057E54FE9DF1D4FBAF673FE88E7B90F5C5B225F7CDF465EE2E26A9D6C6F411B14DF741F52C34B204B9E6C8B6B95E56F |
| SHA512 |
D5E411C401D341F5F025ACF2EFB011C38C7980C052A9A46D29E4D485A77D286BF1F743039AD586BA72CF3D76DE0DCC4FE265022390452299B887006CF07885E9 |
| SSDEEP |
768:xilh3x8dsPbjQAhtqIrn8+1hrpFIUUUUUUUUUUUUqRcxMm/:xilhh8dCbjfFrGUUUUUUUUUUUU3+m |
| IMP |
5C2A6BE2FBEA9DDE5E237A67C853D0FA |
| PESHA1 |
85F97516E2742DC7B33F7604343BB030CB6D7061 |
| PE256 |
17FFD2A69A42585CC30CA48B0B014A527385848326F271F9FBDD52A5147A5D8A |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\ndadmin.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: NDAdmin.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 5.2.3668.0
- Product Version: 5.2.3668.0
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/76
- VirusTotal Link: https://www.virustotal.com/gui/file/46e4b4f4e9b7369dbd24d8bf09b092edb1a0e051f65467562a8a0fe5e5e988ce/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.