nvdaHelperRemoteLoader.exe

  • File Path: C:\Program Files (x86)\NVDA\lib64\2021.2\nvdaHelperRemoteLoader.exe
  • Description: nvdaHelperRemote (injection_terminate) (Window Title)

Hashes

Type Hash
MD5 3D8D7F257AEC5FBA9AF67662776AD5E0
SHA1 DECDFB02DF2C29F88B42DD870FBAA182C3FBC091
SHA256 D3F0489FC1C3F33B323CF58A4E8466C685CC25D735ECC904D52B07ABB1FD0F62
SHA384 D1AF708EF3FC902D25BDF441ECC953658163BDB6E3CECAE9BA03A737B4EAE35E76E7E85B855E1DA70BAA725B2FEDA6D3
SHA512 8800EFA63FEFA3382A27B6D1D543866082E3A12133DD358E34925E90EF5E309C826C2467D1124743ACA5D4C36501D5A371FEAB571CFF59B77C4BA3230B6F5F0A
SSDEEP 1536:+9/95a7/BtWWwaqXmlOySzWJMN1J6GJqNsW7d09dl+LKER2dmP:+9/9Mfvw0JqWJMN1J/AhMULKg2dmP
IMP A0A716584A22145BCF1ABAD1777F1F77
PESHA1 D81A34BD90712060367106FD590DD5FB540E2AF6
PE256 6C32CCF9CAF4440831B066057429ED7E1836B07E53275F97DF63B67A27A47C69

Runtime Data

Window Title:

nvdaHelperRemote (injection_terminate)

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(RW-) C:\Program Files (x86)\NVDA\lib64\2021.2 File
(RW-) C:\Users\user File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\1\Windows\Theme449731986 Section
\Windows\Theme1396518710 Section

Loaded Modules:

Path
C:\Program Files (x86)\NVDA\lib64\2021.2\nvdaHelperRemote.dll
C:\Program Files (x86)\NVDA\lib64\2021.2\nvdaHelperRemoteLoader.exe
C:\Windows\System32\ADVAPI32.dll
C:\Windows\System32\combase.dll
C:\Windows\SYSTEM32\dbgcore.DLL
C:\Windows\SYSTEM32\dbghelp.dll
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\IMM32.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\ole32.dll
C:\Windows\SYSTEM32\OLEACC.dll
C:\Windows\System32\OLEAUT32.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\SHLWAPI.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\SYSTEM32\VERSION.dll
C:\Windows\System32\win32u.dll

Signature

  • Status: Signature verified.
  • Serial: 01F88F85EC0E5501C9810C1D40F77C21
  • Thumbprint: B1CFD0C99D00FC4B8FBCAA1BA24FA48F6770C461
  • Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: E=sysadmin@nvaccess.org, CN=NV Access Limited, O=NV Access Limited, L=Camp Mountain, S=Queensland, C=AU

File Metadata

  • Original Filename:
  • Product Name:
  • Company Name:
  • File Version:
  • Product Version:
  • Language: English (United States)
  • Legal Copyright:
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/d3f0489fc1c3f33b323cf58a4e8466c685cc25d735ecc904d52b07abb1fd0f62/detection

MIT License. Copyright (c) 2020-2021 Strontic.