snmptrap.exe

  • File Path: C:\Windows\system32\snmptrap.exe
  • Description: SNMP Trap

Hashes

Type Hash
MD5 1971BBC71602B928CF9257759E3C05E8
SHA1 C4A9C0CC61B0C74043F0C9617EE100A5EE76BAE5
SHA256 9D665698FF26ED333AD385B4B7A6C0F2B6806371D278E281FA4188002A5317E8
SHA384 12D4D4E3B93213B69ED2EE8A9A48CD81EAAAF443069CED799E75BBC75E549048B4AE0B9ACBE571C04A9998F554869FE8
SHA512 9766EEB67BABAD99C45EE6C1E18ED74600C284E6B50DA84D77B485FEFEF1A64595E4D0A74492DE06C75DD14D9EE51C2E2ABD62C41E0D1C9126E364F125570029
SSDEEP 384:t6asNn8aCT/+jUF2d/zrSsOj5/gfnR8WSWlyW:8asNn8aCT/72dx6FgfRpx
IMP C2C94366EB9868AA74167BBE2B51AA0A
PESHA1 B7498B635AF76F6B018FCCC155345B6D2E35E27B
PE256 4FD3CBB7CF34C1ED5821299400DDCB77278C784B8302F90B060B15B745BD9FBF

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\system32\snmptrap.exe

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: snmptrap.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/9d665698ff26ed333ad385b4b7a6c0f2b6806371d278e281fa4188002a5317e8/detection

Possible Misuse

The following table contains possible examples of snmptrap.exe being misused. While snmptrap.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
stockpile 52771610-2322-44cf-816b-a7df42b4c086.yml This is an example technique. snmptrap.exe should be changed in the command Apache-2.0
stockpile 52771610-2322-44cf-816b-a7df42b4c086.yml Copy-Item -Path "C:\Windows\System32\snmptrap.exe" -Destination $path Apache-2.0

MIT License. Copyright (c) 2020-2021 Strontic.