prevhost.exe
- File Path:
C:\WINDOWS\system32\prevhost.exe
- Description: Preview Handler Surrogate Host
Hashes
| Type |
Hash |
| MD5 |
221F2B2C75DB5BA2D1E6D7AD49ABF61E |
| SHA1 |
AAB6BB692182E480E2355C757E0D1233E2CE713F |
| SHA256 |
A08B54F33E989959CB4F7FE8D84466112D1DC3E1B865829F1E0928D7A6987B8D |
| SHA384 |
A818181AACFB26764DB3BC2E61984594B4100999960140960DF39FC16D6AD8937EC8C11F11C73800620C61FB7C360A54 |
| SHA512 |
536A4173618F5BC8F4F1E349A4CE8131B6AEE7093EA49D9888831E1508696E31D9D71EDF2D9D1CFE636C815FCAE650F33C9C0288DDA09BCC258BE693BF830169 |
| SSDEEP |
768:fJ2ANw5etUp5IoXe6IjjszA8pCg8Ps1MTSiIOBPGsUNyUB4:R2AyEGpi78pCgesyB5UNyG4 |
| IMP |
14E7A56CE14DAD875047D7EC617BC003 |
| PESHA1 |
B7ADB891F20321F46E14FFEA63BA8FD861A77144 |
| PE256 |
EE0FDE15EFB3885D43DE819AC5625EE5217CD04FDF08710C8AE402E30E8DB9C3 |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\system32\prevhost.exe |
| C:\WINDOWS\System32\USER32.dll |
| C:\WINDOWS\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: PREVHOST.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/a08b54f33e989959cb4f7fe8d84466112d1dc3e1b865829f1e0928d7a6987b8d/detection
MIT License. Copyright (c) 2020-2021 Strontic.