splunk-admon.exe
- File Path:
C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe
- Description: Active Directory monitor
Hashes
| Type |
Hash |
| MD5 |
0529E2153783017765034205864DAE63 |
| SHA1 |
2D4B4BC03D8AAAC3C05ABB659BD3BC131C9E1211 |
| SHA256 |
CB464CA0168EA9D1B0A2DB48F852EFFD816CB3AB962B6DC37F0294781900EB86 |
| SHA384 |
CFF52101FF0CADE3610AB8E112F6E54C24B1D13AF3B0D7DD67CC1CED9FC325186CB4DC5229E61F4ADB148886B3BD977A |
| SHA512 |
D3F7251E16E80D7408CDC0D3A3264758959CD027AB7E29771D748EAA5E1DEA435CD61D37E3C95697B45542F1365AECFE013A8A7DC8D220590CC9DD064314B6D1 |
| SSDEEP |
196608:nwrCY5ATwi/QabfCnQhQYBC+pX5WaNa48s//dCVPRF5T7:JgAUi/QabhQYBC5aNeVf5v |
| IMP |
A2763C4BA6D4717F662584401724A6B2 |
| PESHA1 |
FE4AD43DB39B9B3CFF8A9475879A4332D93E0388 |
| PE256 |
583C320CBE9444A0245C6C766D6A1C4D3C8BD6733B2D80783B2EC28473F0E9B0 |
Runtime Data
Usage (stderr):
runAdmon: SPLUNK_HOME must be set. Stopping.
Loaded Modules:
| Path |
| C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
014E132916D610BB301B22ABBD994616
- Thumbprint:
B8B4F0D3FD0571E184DEBB76A1F6DB73F30FA233
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Splunk, Inc.”, O=”Splunk, Inc.”, L=San Francisco, S=California, C=US, SERIALNUMBER=4109614, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: splunk-admon.exe
- Product Name: splunk Application
- Company Name: Splunk Inc.
- File Version: 8.2.3
- Product Version: 8.2.3 (Build cd0848707637)
- Language: English (United States)
- Legal Copyright: Copyright (C) 2005-2021
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: Unknown
MIT License. Copyright (c) 2020-2021 Strontic.