splunk-MonitorNoHandle.exe

  • File Path: C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe
  • Description: SplunkMonNoHandle Control Program

Hashes

Type Hash
MD5 4B5431B14120A7099CF37D73DC2C2579
SHA1 DC7AB3EA20C98F1824C25ADC5CB0A5C02ADFB273
SHA256 534F10C5E9FF0F0F815621A4E432A4559F43434967A49A26CA9BEED7DCD22FD1
SHA384 83014B6A7EAAB7BFCED135D1FE0C492E85A6F1F0981B1589726F27436BEB70EE0D7C3A5CE07C4958E685EBD5E0C2432D
SHA512 D6AAF0A66A51A299EC36A6EB78CAC5E4FD193F0C856A6BA672A825897735058447E730EAAFFA7D78B523D862891F74741EFC927E4D470D2A2620C2E6DC8CB1AA
SSDEEP 196608:WODepgz49jwJ413U1SacoXuLjyRvBoPIunRxUhiUHK:WVi49jZ13U0quLjUupEK
IMP 05D58741E22C6453F52C1A9326FAF02D
PESHA1 33524980C8677073E5EF04000F7103C80CD5F1F2
PE256 6D93F7B855732E633738CB3C2281516365B8240DA84C7B5CAE0030BAFAD36747

Runtime Data

Usage (stderr):

SPLUNK_HOME must be set.  Stopping.

Loaded Modules:

Path
C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 014E132916D610BB301B22ABBD994616
  • Thumbprint: B8B4F0D3FD0571E184DEBB76A1F6DB73F30FA233
  • Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=”Splunk, Inc.”, O=”Splunk, Inc.”, L=San Francisco, S=California, C=US, SERIALNUMBER=4109614, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

File Metadata

  • Original Filename: SplunkMonNoHandle.exe
  • Product Name: Windows (R) Win 7 DDK driver
  • Company Name: Windows (R) Win 7 DDK provider
  • File Version: 10.0.10011.16384
  • Product Version: 10.0.10011.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: Unknown

MIT License. Copyright (c) 2020-2021 Strontic.