rtlist.exe

  • File Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\rtlist.exe
  • Description: Microsoft User-Mode Process Server Query Tool

Hashes

Type Hash
MD5 ECF37672B054815EE7CD520B6E4C69C7
SHA1 3543E954B41E82033DE2A669760F3435E7ABAEC2
SHA256 18011587CEB54A206EDB1BE97BEF4583F37C50CD712F3538610DB330E932F38F
SHA384 5348FBB0AAF66294F928AD11D4E4DCF7F1229C63CEB79F9F61AA2CE26ED3690F72C782E20F492522579420BE33BC05CD
SHA512 4A6C53EA8152EE590EF6C82458099EDD59CEC7DD2EF2DD2807690318C16275CEAD149AC9E6A7F1DAC8704FAC89BD623C26286F975DCE517D2CBE4E86922AA765
SSDEEP 384:akRLlbfoLc1I+npPbopWO73ZW3wGyqlN9:aebZ5Pbolk
IMP 48D13898BAEA959F965C45DEFAC97048
PESHA1 D49F5E4D4D7E20487260E0541F88C25A64C3DB09
PE256 8C8DA67363D1423A088A4510A81CC71F4E058B01DA83D2E72AC48772EC2CC403

Runtime Data

Usage (stdout):

Usage: rtlist <Options>
Options are:
    -premote <Options> - Connect to process server
    -pn <Name>         - Look for process name

Loaded Modules:

Path
C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\rtlist.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002CF6D2CC57CAA65A6D80000000002CF
  • Thumbprint: 1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
  • Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: rtlist.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/75
  • VirusTotal Link: https://www.virustotal.com/gui/file/18011587ceb54a206edb1be97bef4583f37c50cd712f3538610db330e932f38f/detection

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Windows Kits\10\Debuggers\arm64\rtlist.exe 33
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\rtlist.exe 43

MIT License. Copyright (c) 2020-2021 Strontic.