plasrv.exe

  • File Path: C:\windows\system32\plasrv.exe
  • Description: Performance Logs and Alerts DCOM Server

Hashes

Type Hash
MD5 1AFE32EA863BF62C266B6BC0718EE965
SHA1 FE27351B24055D418AF8CCBB3830EA9D82D724D9
SHA256 78E1E6DD5B4CC1312BCC4C24675378AB1166971064ADC65DE6B57815F3FE3A06
SHA384 AA80F6230F1574144F067E7F12103C23437809E4938AABF1F200C9C63427CD748EC98E57093ECBA4B27075732A31A2A0
SHA512 1DEC426D943CBADEBE9B8AAB40B806A3425DC850AB70159CFF103567C82B69A5FC22A0269027E488635015DA77E324C9995A4ED0B4393BE9E1DA76FE6C997636
SSDEEP 96:8wYVXfPIMkezYBeHt6gLUW2QZM6ioW0LOTbeKlHUhDJfMsjEYEWT0XWwD:83VXfP7M4NUporW0iTbeKl0r5WWAXWy

Signature

  • Status: The file C:\windows\system32\plasrv.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: plasrv.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.17415 (winblue_r4.141028-1500)
  • Product Version: 6.3.9600.17415
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of plasrv.exe being misused. While plasrv.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .plasrv.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.