rdpshell.exe
- File Path:
C:\Windows\system32\rdpshell.exe
- Description: RemoteApp Shell
Hashes
| Type |
Hash |
| MD5 |
428066713F225BB8431340FA670671D4 |
| SHA1 |
47F6878FF33317C3FC09C494DF729A463BDA174C |
| SHA256 |
DA6C395A2018D3439AD580A19E6A1CA5FF29EF9074411EE9F9F1B0A6365DFEBD |
| SHA384 |
E0CD27218C0C671FB1D382B61A2A7C06B48521EB933112CF2F8F5F610560D0DC66EA512D910349ED4AC20717D702AD64 |
| SHA512 |
292AAD2762AE4DC519C69411AA114A29894F60FFAC103813DB4946F2FAC4F5A166F66523C421529D6847C0882D8AB467392EE8DA1E3A4FCA0D6D4E6EBDA5B737 |
| SSDEEP |
12288:oh2pMO8Jc53jHw3TRi7SBirofNIcUW0/K:ohbO8JlTRs0i0fNx0/ |
| IMP |
AD95C4DA9263264C4DCD1AA32CACBD56 |
| PESHA1 |
076DECF1505A8BF147D68E7DD80C2F2F3A47A0F9 |
| PE256 |
42D0669B37A52DCF43FAEF68D3A13399F5916F4F2DA96F6B05C92D23E7C5F1CA |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\OLE32.dll |
| C:\Windows\system32\rdpshell.exe |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: rdpshell.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/da6c395a2018d3439ad580a19e6a1ca5ff29ef9074411ee9f9f1b0a6365dfebd/detection
MIT License. Copyright (c) 2020-2021 Strontic.