ndadmin.exe
- File Path:
C:\Windows\SysWOW64\ndadmin.exe
- Description: Device driver software installation
Hashes
| Type |
Hash |
| MD5 |
330E50BFF5E1E69464EE4EC277631A77 |
| SHA1 |
3BCAAFF904B6F9DBFB3459C66C83E9AD1A5B5A63 |
| SHA256 |
B58000D458791E2C9F0D539267416E73825828DCE1C3A851C245C7BF636DB890 |
| SHA384 |
89862A28303D683440F141E28255F9F8FF972CEE44C210A9EEFB942A3B0129BDBAFC7340384A109BBCB8EF92AF55B8A5 |
| SHA512 |
BBC01F749DB52E9764BB764D363AE86AA2C8F92F00882990D06EA807ACA38FCB4224BE779B217EFCA100CF7D2DA0AADDA6B090B9DE042877C16949EBD256EFEC |
| SSDEEP |
768:xiJh3x8dhJbjQAhtqIrn8+1hrpFIUUUUUUUUUUUUqRcxMm/:xiJhh8dzbjfFrGUUUUUUUUUUUU3+m |
| IMP |
5C2A6BE2FBEA9DDE5E237A67C853D0FA |
| PESHA1 |
49386A67BF732767292BB5FF93D5D2ED9F6D7388 |
| PE256 |
E364F8351CBABF4010439FB0095299D621F43C440CA371997F01513B1109AC43 |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\ndadmin.exe |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: NDAdmin.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 5.2.3668.0
- Product Version: 5.2.3668.0
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/b58000d458791e2c9f0d539267416e73825828dce1c3a851c245c7bf636db890/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.