quickstart.exe

  • File Path: C:\program files\LibreOffice\program\quickstart.exe

Hashes

Type Hash
MD5 AF9205A855B9342FBE3EF1C87C3FD4B4
SHA1 38D6BAB8DD000BC703DBE10DE1C7F0AC59036059
SHA256 E367BE3F34CF949E85C8BA1129626342A4D8F45011EEF2472FB38F253052ED7C
SHA384 54397E911C8A442BCA40E3BC3A0524A9DE10C16D85004FAD59BDA85886E1955C36C736B5F459E94428A20007686D8EB3
SHA512 40F869C29453DF4187A3776B9753065DCC924CD8AC6F8B9DCC8F151FFFA29AFF88F21CAE0CDD3D86960AD4E8F0BD4F4F56153C3CCAB08A8F773EBE9B3229C31D
SSDEEP 768:jpTVIq308Pjj2FaPDSswhy70qvurgQmHLU0YJxzUNarSJEhFFldU:jpTVHtxk8rUvzVSJEp3U

Runtime Data

Child Processes:

soffice.exe

Loaded Modules:

Path
C:\program files\LibreOffice\program\quickstart.exe
C:\Windows\System32\GDI32.dll
C:\Windows\System32\gdi32full.dll
C:\Windows\System32\IMM32.DLL
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcp_win.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\System32\USER32.dll
C:\Windows\SYSTEM32\VCRUNTIME140.dll
C:\Windows\System32\win32u.dll

Signature

  • Status: Signature verified.
  • Serial: 049F5EBAA6B29CF6C79003917374242E
  • Thumbprint: 059BD34C72E8BE4FB19A80877268097C87F7D487
  • Issuer: CN=Certum Code Signing CA SHA2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
  • Subject: E=info@documentfoundation.org, C=DE, S=Berlin, L=Berlin, OU=LibreOffice Build Team, O=The Document Foundation, CN=The Document Foundation

File Metadata

  • Original Filename: quickstart.exe
  • Product Name: LibreOffice
  • Company Name: The Document Foundation
  • File Version: 7.0.0.3
  • Product Version: 7.0.0.3
  • Language: English (United States)
  • Legal Copyright: Copyright 2000-2020 by LibreOffice contributors. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\program files\LibreOffice\program\soffice_safe.exe 72

Possible Misuse

The following table contains possible examples of quickstart.exe being misused. While quickstart.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc misp_invisimole.json "https://cloud.google.com/security-command-center/docs/quickstart-scc-dashboard", © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.