shwebsvc.dll

File Path: C:\Windows\SysWOW64\shwebsvc.dll
Description: Windows Shell Web Services

Hashes

Type	Hash
MD5	`89472631C11DF69989D86BF26B08800A`
SHA1	`78B9806867A5A1F5D513237D4BABC74AABB029CB`
SHA256	`638D47D93F1E91005687DEF590B0B450293121715741AE3294AE01929F00B500`
SHA384	`84F0EC74E68C3C5C833B02A302D144D319526EC7EF575BC90B71353889963D7D0669F0EB0CE143355F28B50E413F0DBA`
SHA512	`7EBE9E6934AA816B0E3EA770B52DED163880A4CE72E99B15B1ED8FD07BCDE34B99D789D844758C167431231056335B7890596A4EC952216947AF0FE5815899E8`
SSDEEP	`6144:3lL430t2r8W6sn9jPbcTU+7grO7AffhLfWa6x1BD0Q:3lLe0t2r8BsntPbcTTn7qxerx7wQ`
IMP	`1636C812C0190AF74DD5955D0B675465`
PESHA1	`CF03F4D63884EDD1DD1BE791DB92D5FC0A172D6A`
PE256	`D30D1CF5D3B9D24A99A5F739732399B8F903091CF05B883C760089F81FA4C4C1`

DLL Exports:

Function Name	Ordinal	Type
`DllGetClassObject`	4	Exported Function
`PublishRunDll`	2	Exported Function
`AddNetPlaceRunDll`	1	Exported Function
`DllCanUnloadNow`	3	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: SHWEBSVC.DLL.MUI
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/71
VirusTotal Link: https://www.virustotal.com/gui/file/638d47d93f1e91005687def590b0b450293121715741ae3294ae01929f00b500/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\dfrgui.exe	50
C:\windows\system32\dfrgui.exe	50
C:\Windows\system32\dfrgui.exe	47
C:\Windows\system32\shwebsvc.dll	68
C:\windows\SysWOW64\dfrgui.exe	46
C:\Windows\SysWOW64\dfrgui.exe	46
C:\Windows\SysWOW64\dfrgui.exe	47

MIT License. Copyright (c) 2020-2021 Strontic.