pythonw.exe

  • File Path: C:\Program Files\Python310\Lib\venv\scripts\nt\pythonw.exe
  • Description: Python

Screenshot

pythonw.exe

Hashes

Type Hash
MD5 75513C9847FDFFDDE9323C4CB464E04E
SHA1 05ED1036718618C3A51B2828944324DB19A2E3AD
SHA256 8F67A7AE6F44FA2C2892AD83757BAAF18B5B3BE9F6BECAC66D6D6FEA41C19819
SHA384 E1A082F7D8E9E684BF2258594E1D3EAD3C1B042F0F08305CFD52984D4B870BDDF11BFC92F1EDBF3D8A0CB10656C7506D
SHA512 5A3F5017E104EC766D487C5865EE54BBCB6B77CCAA9C508681A6113F5B52B2F1626DACBA0E92F35F4CB1F197656E561A96CEF7F9F3ABED4974A2974C571BC1DD
SSDEEP 3072:IMFymOYY8ipq8bGgdybZ8pcbBl6XPC2mahdVSwMpdCq/IM8uIGfF/y86:BpippydlicQVSwMd7wvc
IMP 56F9A44F969FD1B8C492CC66D4890EAF
PESHA1 440D03A18C879198B619B077E49CC31EDE86B454
PE256 4F9F7B0EFD328A973C0353155843C9803548FC866FC638125BEE5DBDEDB142B2

Runtime Data

Child Processes:

explorer.exe

Window Title:

Python Launcher is sorry to say …

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(RW-) C:\Users\user File
(RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e File
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\Sessions\1\Windows\Theme449731986 Section
\Windows\Theme1396518710 Section

Loaded Modules:

Path
C:\Program Files\Python310\Lib\venv\scripts\nt\pythonw.exe
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\SYSTEM32\VERSION.dll
C:\Windows\System32\win32u.dll

Signature

  • Status: Signature verified.
  • Serial: 033ED5EDA065D1B8C91DFCF92A6C9BD8
  • Thumbprint: C91DCECB3A92A17B063059200B20F5CE251B5A95
  • Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=Python Software Foundation, O=Python Software Foundation, L=Wolfeboro, S=New Hampshire, C=US

File Metadata

  • Original Filename: py.exe
  • Product Name: Python
  • Company Name: Python Software Foundation
  • File Version: 3.10.0
  • Product Version: 3.10.0
  • Language: Language Neutral
  • Legal Copyright: Copyright 2001-2021 Python Software Foundation. Copyright 2000 BeOpen.com. Copyright 1995-2001 CNRI. Copyright 1991-1995 SMC.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/8f67a7ae6f44fa2c2892ad83757baaf18b5b3be9f6becac66d6d6fea41c19819/detection

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Python310-32\Lib\venv\scripts\nt\pythonw.exe 35
C:\Program Files (x86)\Python310-32\pythonw.exe 44
C:\program files (x86)\Python38-32\pythonw.exe 41
C:\Program Files\Blender Foundation\Blender 2.83\2.83\python\lib\venv\scripts\nt\pythonw.exe 30
C:\program files\Blender Foundation\Blender 2.83\2.83\python\lib\venv\scripts\nt\pythonw.exe 30
C:\Program Files\Blender Foundation\Blender 2.90\2.90\python\lib\venv\scripts\nt\pythonw.exe 30
C:\Program Files\Inkscape\bin\pythonw.exe 40
C:\program files\Inkscape\bin\pythonw.exe 41
C:\Program Files\Python310\pythonw.exe 44
C:\Program Files\Python38\Lib\venv\scripts\nt\pythonw.exe 36
C:\Program Files\Python38\pythonw.exe 44

MIT License. Copyright (c) 2020-2021 Strontic.