omadmprc.exe

• File Path: C:\Windows\system32\omadmprc.exe
• Description: Host Process for Push Router Client of OMA-DM

Hashes

Type	Hash
MD5	F06DAF80820426DF0FE3A74FD83EB8C4
SHA1	FCB0DA2DA02F514C5FD6DE1EDE8A88A48E68FDDA
SHA256	0CE7F5311CA53E361A0C8A9DEF0FCCECADEA41BEE0B684BFE662ED9DD93AFCD8
SHA384	E3BC0801317A41FDA750C3FB5C8DA8B561031FC995E88F6D0F13018567A760445E16FE194B9193653017CBD2B0EFFBA1
SHA512	7007E1630F451E0C6C3077AB622C9383442EDE79D68F389AA876D5516E33C41B10056B04E6B62EFEE67FA4E9B2B1C2B61C212BE3A05CD278A8B390D4203449E0
SSDEEP	1536:fI2EsAv0XVxNHP2htmaN23zjIBqHXQJyjF6Vv+iTdTnil4sUDDwl1WGNhCo:fnCcyhoU0zjHHXQJyjF6Z+cdTniuVn0J
IMP	33B843B0DAF2BCAFE24F6EF6B08855DD
PESHA1	871E4DAF87E6702342F9EC530D6849789686F52C
PE256	7A935749C6C30C18FA3F849435CC0CAB22F81C5087757A9AB76DC17437E1DBB6

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\combase.dll
C:\Windows\system32\DMCmnUtils.dll
C:\Windows\system32\DMPushProxy.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\omadmapi.dll
C:\Windows\system32\omadmprc.exe
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll

Signature

• Status: Signature verified.
• Serial: 33000002EC6579AD1E670890130000000002EC
• Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: omadmprc.exe
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.844 (WinBuild.160101.0800)
• Product Version: 10.0.19041.844
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 64-bit

File Scan

• VirusTotal Detections: 0/73
• VirusTotal Link: https://www.virustotal.com/gui/file/0ce7f5311ca53e361a0c8a9def0fccecadea41bee0b684bfe662ed9dd93afcd8/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\omadmprc.exe	35

MIT License. Copyright (c) 2020-2021 Strontic.