nvda_dmp.exe

File Path: C:\Program Files (x86)\NVDA\nvda_dmp.exe
Description: NVDA Diff-match-patch proxy

Hashes

Type	Hash
MD5	`628A5351901FE2EA12A94CD555CAAFE0`
SHA1	`584CFD4F9875C5A2A228C67C5E8B547C533FC573`
SHA256	`48EC60EF02B328806CD6B9674D7BE2E9341F6C56CE1E6A2757BA7E18F837D48F`
SHA384	`27EB59E4DECDDD098A81803C87B2DAEAD4313046CCC3746CE478A692BFF74C02ECC23F6F51866D0E25585829111AC4A9`
SHA512	`6EDD90EB14CE49BBC0731A916F55406CF3B139ABABF15B62E5F64C02C5BC1A56737BBCCDB18B9A0F386C95F69682F44E4029F51AE33050C21F25693C091589A4`
SSDEEP	`768:V3ysBvRF+aiz+twnhJ/HAmZfxKT/ItwyEk5XU9dzrKwBECZNRK8WZz:V3nBvR1z+HzGTg/Ek29hrKkEC/RK8Y`
IMP	`E1C0FBB91BF05B258DCF802D80F64CDF`
PESHA1	`1B1B50052CF6A21B80FAED07173792E1436708CF`
PE256	`B3C849AAE983E126999237677DA7DE8F82B0A7FABE7823793AFC3629D2FE4FDC`

Runtime Data

Child Processes:

conhost.exe

Open Handles:

Path	Type
(R-D) C:\Windows\System32\en-US\kernel32.dll.mui	File
(RW-) C:\Users\user	File
(RW-) C:\Windows	File
\BaseNamedObjects\C:ProgramDataMicrosoftWindowsCaches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db	Section
\BaseNamedObjects\C:ProgramDataMicrosoftWindowsCaches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db	Section
\BaseNamedObjects\C:ProgramDataMicrosoftWindowsCaches*cversions.2	Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section

Loaded Modules:

Path
C:\Program Files (x86)\NVDA\nvda_dmp.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

Status: The file C:\Program Files (x86)\NVDA\nvda_dmp.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170
Serial: ``
Thumbprint: ``
Issuer:
Subject:

File Metadata

Original Filename: nvda_dmp.exe
Product Name: NVDA
Company Name: Bill Dengler, NV Access
File Version: 2021.2.0.23747
Product Version: 2021.2
Language: English (United States)
Legal Copyright: Copyright (C) 2006-2021 NVDA Contributors, Bill Dengler
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/71
VirusTotal Link: https://www.virustotal.com/gui/file/48ec60ef02b328806cd6b9674d7be2e9341f6c56ce1e6a2757ba7e18f837d48f/detection

File Similarity (ssdeep match)

File	Score
C:\Program Files (x86)\NVDA\nvda.exe	44
C:\Program Files (x86)\NVDA\nvda.exe	44
C:\Program Files (x86)\NVDA\nvda_eoaProxy.exe	50
C:\Program Files (x86)\NVDA\nvda_eoaProxy.exe	47
C:\Program Files (x86)\NVDA\nvda_noUIAccess.exe	47
C:\Program Files (x86)\NVDA\nvda_noUIAccess.exe	44
C:\Program Files (x86)\NVDA\nvda_slave.exe	50
C:\Program Files (x86)\NVDA\nvda_slave.exe	47
C:\Program Files (x86)\NVDA\nvda_uiAccess.exe	44
C:\Program Files (x86)\NVDA\nvda_uiAccess.exe	44

MIT License. Copyright (c) 2020-2021 Strontic.