pacjsworker.exe

File Path: C:\Windows\system32\pacjsworker.exe
Description: HTTP Auto Proxy Detection Worker Process

Hashes

Type	Hash
MD5	`409FA316A3A28C7DC04C30616344BD0A`
SHA1	`0A51883AA42B5249E5E25CD86F1E184784218005`
SHA256	`BF46F21FAC085F697C81121EB68AF6C49F72388F57514EBBBC1DF26FFB303DD7`
SHA384	`9AF00E681086A966B8614191506F18B92B78EC9E61660A665FF5AD4C4615228413412951584D30E62C4826AC16FA1508`
SHA512	`5C57967362F46CE384BF563182357F43F49D8E7A490FCCE1E4A3A18F0D7FC1BE19CB3A13DC1B89958CF08E7AF34FD7C14C11B8E23E74AD2D6F186B35D0913352`
SSDEEP	`192:YydEJy/AuJgXEAVbDW90y4vEWE3c3WatAW:YlogXE0bCpFc3WatAW`
IMP	`687E476BFD1F30A3D4393039D490BFCC`
PESHA1	`09F614A309651807C30E7EF25B2434DA489FE58E`
PE256	`318300EE7DF085FCD9BCB3865F3B125AC1A7755C928A3EEF85995AE1C5038A05`

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\pacjsworker.exe
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\system32\WINHTTP.dll

Signature

Status: Signature verified.
Serial: 33000002EC6579AD1E670890130000000002EC
Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: pacjsworker.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1320 (WinBuild.160101.0800)
Product Version: 10.0.19041.1320
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/73
VirusTotal Link: https://www.virustotal.com/gui/file/bf46f21fac085f697c81121eb68af6c49f72388f57514ebbbc1df26ffb303dd7/detection

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\pacjsworker.exe	69
C:\Windows\system32\pacjsworker.exe	80

MIT License. Copyright (c) 2020-2021 Strontic.