oobeldr.exe
- File Path:
C:\Windows\system32\oobe\oobeldr.exe
- Description: OOBE Loader
Screenshot
Hashes
| Type |
Hash |
| MD5 |
0D283A665FE466BB062B723E35890A7E |
| SHA1 |
344A9E61A659C309553BDCA06AE0F51C7008278C |
| SHA256 |
4F424DC5E0C16CBBAC4A12C3750297F0F58697E102FB2001C655868ED829274F |
| SHA384 |
45377B783AB442E35BE4B37769E3130E672B7D917EA7E1D5517C9AEA9948203B60A4A41D37B858FF6A646C1714A97E34 |
| SHA512 |
58AD182A604F63BEC42AFF3C7019952901EDDD468FD5D9EA84EBFC5E51137118718A2996C5800990EDD736B043054E8D9601AAE590B859E37745785917830012 |
| SSDEEP |
1536:4t43dRI9NpXk7Pb78iMkqppHFMa71M1l9Salw:K4NRIDpX2PH8iWpp774Xm |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\Fonts\StaticCache.dat |
File |
| (R-D) C:\Windows\System32\oobe\en-US\oobeldr.exe.mui |
File |
| (RW-) C:\Users\user\Documents |
File |
| (RW-) C:\Windows\Panther\UnattendGC\diagerr.xml |
File |
| (RW-) C:\Windows\Panther\UnattendGC\diagwrn.xml |
File |
| (RW-) C:\Windows\Panther\UnattendGC\setupact.log |
File |
| (RW-) C:\Windows\Panther\UnattendGC\setuperr.log |
File |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \BaseNamedObjects\SetupLogSection |
Section |
| \Sessions\2\Windows\Theme4283305886 |
Section |
| \Windows\Theme1956823608 |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\bcryptPrimitives.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\oobe\oobeldr.exe |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: OOBELDR.EXE.MUI
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
MIT License. Copyright (c) 2020-2021 Strontic.