recdisc.exe
- File Path:
C:\Windows\system32\recdisc.exe
- Description: Microsoft Windows Repair Disc
Hashes
| Type |
Hash |
| MD5 |
18AFEE6824C84BF5115BADA75FF0A3E7 |
| SHA1 |
D10F287A7176F57B3B2B315A5310D25B449795AA |
| SHA256 |
0787B37CF197595B8149FFE3784F9C59EACDE3616011F185513FF5C075A5AC4E |
| SHA384 |
6636DBBF17D0D941B61B121EA2CE0B603A4CF18C9E531791969B87B336F8B41DB98908A6C5CC1223B5E91E9AFC78078C |
| SHA512 |
517356165B401DBEBF15437D3B17746AEF5A6A4CC62A0AFE45966ABC92B4CF377EEE4514A36EE28B1E88E55A22A2F8A6C997DF45971E7F354B66AC7D9E141845 |
| SSDEEP |
3072:ThO2UQCzj0vecS/SBeUzCbQTBQSAuegPO8evTq2Vy:TiQbvnSKeUWQTB9FegEv+2V |
| IMP |
CF2D2E3F19F6703E26A61C456DB6C3F9 |
| PESHA1 |
F362DF04CDC0EEACF53356254E04B86A9DD1B8C0 |
| PE256 |
5215781FCF8C3DA1E1EDA1391A0BCE5E6A3EFA0E572442B0C744B3D414442132 |
Runtime Data
Window Title:
Create a system repair disc
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\Fonts\StaticCache.dat |
File |
| (R-D) C:\Windows\System32\en-US\duser.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\KernelBase.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\ntdll.dll.mui |
File |
| (R-D) C:\Windows\System32\en-US\recdisc.exe.mui |
File |
| (R-D) C:\Windows\SystemResources\imageres.dll.mun |
File |
| (R-D) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_cb612d02732b0fd9\comctl32.dll.mui |
File |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_cb612d02732b0fd9 |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\Windows\Theme449731986 |
Section |
| \Windows\Theme1396518710 |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\system32\recdisc.exe |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: recdisc.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/0787b37cf197595b8149ffe3784f9c59eacde3616011f185513ff5c075a5ac4e/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.