poqexec.exe

  • File Path: C:\Windows\system32\poqexec.exe
  • Description: Primitive Operations Queue Executor

Hashes

Type Hash
MD5 311F9A3A9059EAE049253D3F5A813763
SHA1 1A80BCA7E5A51BA1FCAB8B32873CA889F79103CC
SHA256 719A2F4960E8FD9BB340F9182749E561E0DA3F9F0464D022AC597A3B4B4A350C
SHA384 CD1A6ECCA690C0D55331F589335DB32FD0F61325C0AB03DB5BBCDA5BD6C87F412574B74701FFC837741E846E948B2B00
SHA512 1569D5FC5FF02644756127CBDB074DFF29A3DEB4347ED6C1F92858E7EF8992A0654DE6F76C72A52B692D63439AE1BBCCD4E06B4F050B156FF8CB4A33DC681F47
SSDEEP 12288:Ya08Hr0ycItJ3KEoz8XQ1C+1TEpt9MpkFoxrInyH5q7l:88HrPj3oymC4TGMGmxrL5m

Signature

  • Status: The file C:\Windows\system32\poqexec.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: poqexec.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\system32\poqexec.exe 99
C:\Windows\system32\poqexec.exe 94
C:\Windows\system32\poqexec.exe 99

Possible Misuse

The following table contains possible examples of poqexec.exe being misused. While poqexec.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_asep_reg_keys_modification_common.yml - 'C:\Windows\System32\poqexec.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.