prevhost.exe
- File Path:
C:\WINDOWS\SysWOW64\prevhost.exe
- Description: Preview Handler Surrogate Host
Hashes
| Type |
Hash |
| MD5 |
DD0D1A568846DEA373E78A81214694A9 |
| SHA1 |
B4CD2A446EB1208D4477A1FBD90742517ECFF844 |
| SHA256 |
DB2F9819B55B3240A4CA9CB7B8FD9606F0A579BF9DA6A3EDCF7C38599DD06836 |
| SHA384 |
E5233B05426B90B85A3E5967356F79009F2205DB66EEBB26DD5BC470407E15E5E1F16ED5E67FAC773A8188FAB4F65016 |
| SHA512 |
C0A89BE31B179EBD248E4515197BE53F2645D30C556DA9B3E264A4A57B7D66A12ECD6A9294F49F435A3C00FA291C8007504E68B40EC377A9A65B86AF2CE22D2B |
| SSDEEP |
384:82G6g8IpoZRp0ckMod9dAgXPUYSqBTH70lZztXM/5wx0AyPmW2cWt3:8X6gRpoZRp0OHg8IpHgLMBtAyPen |
| IMP |
64AD0500B99B03083D39C3F6AFAF2C66 |
| PESHA1 |
568CAE6B45E2FFA3B03271BFED9299B4F9183D9F |
| PE256 |
2C36B84E3EED119A2F3C830C96CAD9FDDA25AB4B12DD5FBBD3989BAA6B863AD7 |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\System32\wow64.dll |
| C:\WINDOWS\System32\wow64base.dll |
| C:\WINDOWS\System32\wow64con.dll |
| C:\WINDOWS\System32\wow64cpu.dll |
| C:\WINDOWS\System32\wow64win.dll |
| C:\WINDOWS\SysWOW64\prevhost.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: PREVHOST.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/db2f9819b55b3240a4ca9cb7b8fd9606f0a579bf9da6a3edcf7c38599dd06836/detection
MIT License. Copyright (c) 2020-2021 Strontic.