ndadmin.exe
- File Path:
C:\WINDOWS\SysWOW64\ndadmin.exe
- Description: Device driver software installation
Hashes
| Type |
Hash |
| MD5 |
A83DEBD5DDE6E5F9D7A76AB68DF07D5A |
| SHA1 |
BD79C0F6240F6085CF91ACD12233C36EC6001443 |
| SHA256 |
B1FBAF947170455BFE91C39BB3B1964DB36370F2E57EACCE7DDAB8F613DF2A0B |
| SHA384 |
3E52BE19B847C50CF128460D18CB1DB7A8E5DD9AA928D56E49CA35BF5672FD126B8DF32E356600D819C30C1D820759E8 |
| SHA512 |
09A7A3554A83642B44017FC61EECA8E1B44E40F97C40E0D2798737A06511152189430E47B4A1E54E9515B6E1B081E24F57A931D9D29263F867E42E38185759D0 |
| SSDEEP |
768:GR/M+QoNV3PKXfZbjQAhtqIrn8+1hrpFIUUUUUUUUUUUUqRcxM:4E+QoNlibjfFrGUUUUUUUUUUUU3+ |
| IMP |
5C2A6BE2FBEA9DDE5E237A67C853D0FA |
| PESHA1 |
B0D82870D5AD5A33E173DDE7FD78871BAC089173 |
| PE256 |
BF84635BF2D0B2312C1A61A30F5B4AED7D1B56F7304C3B5E69687AD84B11267B |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\System32\wow64.dll |
| C:\WINDOWS\System32\wow64base.dll |
| C:\WINDOWS\System32\wow64con.dll |
| C:\WINDOWS\System32\wow64cpu.dll |
| C:\WINDOWS\System32\wow64win.dll |
| C:\WINDOWS\SysWOW64\ndadmin.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: NDAdmin.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 5.2.3668.0
- Product Version: 5.2.3668.0
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/b1fbaf947170455bfe91c39bb3b1964db36370f2e57eacce7ddab8f613df2a0b/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.