poqexec.exe

  • File Path: C:\Windows\system32\poqexec.exe
  • Description: Primitive Operations Queue Executor

Hashes

Type Hash
MD5 B9549AAE6F6FE8E4FD5B500515A11AA2
SHA1 B1BEB399E22309919EF68B07F5EDF1FEB66B0B1C
SHA256 6D688E25DCC43B36ED7889C81EA46216928CE90EC56EC30D0110F20C1161BA39
SHA384 F70CDB633087F293288C17D988DBC3965A18556120B0ADB12F14D9AEC29F647FF9CE1AA3EEAB94D4BBF1D4309B784E07
SHA512 87F7523E5E45CE8684A23261A47FBC12EE30C8BF07B79C3CA99983465B3F29B13A7FDB9EE70C00533F250A62F6479ADAE52DDE93E4FAFDB7DCB5BB88A760E318
SSDEEP 12288:xa08Hr0ycItJ3KEoz8XQ1C+1TEpt9MpkFoxrInyH5q7l:H8HrPj3oymC4TGMGmxrL5m

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: poqexec.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\system32\poqexec.exe 99
C:\Windows\system32\poqexec.exe 99
C:\Windows\system32\poqexec.exe 94

Possible Misuse

The following table contains possible examples of poqexec.exe being misused. While poqexec.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_asep_reg_keys_modification_common.yml - 'C:\Windows\System32\poqexec.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.