plasrv.exe

  • File Path: C:\WINDOWS\system32\plasrv.exe
  • Description: Performance Logs and Alerts DCOM Server

Hashes

Type Hash
MD5 958C62099D26AB3F79B6DD8A73108E35
SHA1 F86180321ABD94E5EA9AD818AC6E568F8DA05A2F
SHA256 BE3470B470693A544BB3A38AC6F565306B4811E29558C760B2905C861B492904
SHA384 C1EFD604F70C0A08C8B9E2372D82845529CFCE802F673CC19084034FF9E0ECFAFF443A52360DE4F8E9210E325BD4EF82
SHA512 F962B60DA3942BB6097D68BB9A6E10259D5EB4AA082B7244CB0153FD4BD630F54C89C47C2D636987B86FE4DB10D2A49BC62B7324175D0E1312E4BDB5392C6487
SSDEEP 192:o/feVr4m7MI5cRuv1mRZeOxLGTXdTuUQV5GWWXW:o/fE7x6utmyPTXENgWWXW

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: plasrv.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.815 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.815
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\system32\plasrv.exe 69

Possible Misuse

The following table contains possible examples of plasrv.exe being misused. While plasrv.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .plasrv.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.