pssuspend.exe
- File Path:
C:\SysinternalsSuite\pssuspend.exe
- Description: Process Suspender
Hashes
| Type |
Hash |
| MD5 |
DF3D77D41EF28027B3069D39F9EE9C79 |
| SHA1 |
0DFCF31AD455ABD48D35B0250B5B03265052FBA6 |
| SHA256 |
02EC8C37DD946A2CD74673993C2108F12FFF3E82019A1590231C4205CCB2F0D4 |
| SHA384 |
47307683DC742244B914E4CA9821568FEA77F888F2A3FEC9456A3E5060EC7F97EE881DB13E54EEDD3212B776CAA3CC9B |
| SHA512 |
FF9168421EA2E0B56ECE4DF777B1FA3605CBB4AC81D1C81CF2491A5C197BAF67C47BA4D1D767C5C272A8F3CFA46B169234D19B98671FF6AD8F7A092F51E9378D |
| SSDEEP |
3072:K/kvkbvka2pVtwouW9+DZUFIPcpGwDmXsBvpRyAHa0MiZUFw/oPACa337yGTkSEh:K/CkboR5INUR94GhnO6g1Co/ |
| IMP |
6E9A261F58F47D82FB85893416A0D9B3 |
| PESHA1 |
DAFF952FB36E60F334521E118F3A2998D8AB9C2D |
| PE256 |
F39BB42710DB502647201A2ACDC05233F07C404845DB63E5A28988E00DF25CC0 |
Runtime Data
Usage (stdout):
PsSuspend v1.07 - Process Suspender
Copyright (C) 2001-2016 Mark Russinovich
Sysinternals
PsSuspend suspends or resumes processes on a local or remote NT system.
Usage: pssuspend [-r] [\\RemoteComputer [-u Username [-p Password]]] <process Id or name>
-r Resume.
-u Specifies optional user name for login to
remote computer.
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
-nobanner Do not display the startup banner and copyright message.
Loaded Modules:
| Path |
| C:\SysinternalsSuite\pssuspend.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
330000010A2C79AED7797BA6AC00010000010A
- Thumbprint:
3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC
- Issuer: CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: pssuspend.exe
- Product Name: Sysinternals PsSuspend
- Company Name: Sysinternals
- File Version: 1.07
- Product Version: 1.07
- Language: English (United States)
- Legal Copyright: Copyright (C) 2001-2016 Mark Russinovich
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/02ec8c37dd946a2cd74673993c2108f12fff3e82019a1590231c4205ccb2f0d4/detection/
Possible Misuse
The following table contains possible examples of pssuspend.exe being misused. While pssuspend.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
MIT License. Copyright (c) 2020-2021 Strontic.