shwebsvc.dll

  • File Path: C:\Windows\system32\shwebsvc.dll
  • Description: Windows Shell Web Services

Hashes

Type Hash
MD5 EB1AC593EA9EB9650BC66622031E0051
SHA1 CCC49052B40F6C98F08580862F7BD92CD3ECCF90
SHA256 2AD592BDFACA8EBCCE11ABCB6475756F80A72883E1DB6C26A49AE787F6404918
SHA384 46C48B70F4A023B036B08455CF92B9136DFE68153554848E12BED9FEB1A84C1BAAC009CFCC61ECED17FE94A78429D3AC
SHA512 DA0286A9AEADA260133DB396FE1BFE398BE44C5353D4A3C132929420404884F3E8CD1C8CF475122CFBC3C11A3948BFD149AED8487DDF69BEB49124780E211C74
SSDEEP 12288:tcx8EcFs4rZ/fCYntPbcTTn7qxerx7wQ:t0xWbtPbcHn7q1
IMP F903EACF77DA189B629AD713682E006A
PESHA1 1190FB8A0AD87A93F0932B56361528E499B5BBE3
PE256 5C78E362729B1B0069C833D2719EE27285019558293E7B8E085F12FB8372B72C

DLL Exports:

Function Name Ordinal Type
DllGetClassObject 4 Exported Function
PublishRunDll 2 Exported Function
AddNetPlaceRunDll 1 Exported Function
DllCanUnloadNow 3 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: SHWEBSVC.DLL.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/68
  • VirusTotal Link: https://www.virustotal.com/gui/file/2ad592bdfaca8ebcce11abcb6475756f80a72883e1db6c26a49ae787f6404918/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\dfrgui.exe 50
C:\windows\system32\dfrgui.exe 57
C:\Windows\system32\dfrgui.exe 50
C:\windows\SysWOW64\dfrgui.exe 50
C:\Windows\SysWOW64\dfrgui.exe 50
C:\Windows\SysWOW64\dfrgui.exe 50
C:\Windows\SysWOW64\shwebsvc.dll 68

MIT License. Copyright (c) 2020-2021 Strontic.