splunk-regmon.exe
- File Path:
C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe
- Description: Registry monitor
Hashes
| Type |
Hash |
| MD5 |
C29D0116BEB72B5C54CB2626887C7B8D |
| SHA1 |
18250F9DBA5D02AB348E748FADEDA22AB9A949EF |
| SHA256 |
4AF546AC53465992C0A908FF4B2405B5241AA3ED8E5E83D0D3386377D2B6097B |
| SHA384 |
3A309EE3551B68951D15B83698820696B748914842FDBAFDF0898EB38F5BC424FD0E65FBD3CAC918F322BC2E77A779EA |
| SHA512 |
3C6BD5D348E1AAC2AF6A349A34290E51FA01D8DBFA827D953CF8E7A7981DB85B297300098E4E4A54F71F9F6F329EF6DFA2B67B8DB454B0C335E17E9EA063465F |
| SSDEEP |
196608:Wo0eUuQMsZmo7o3pQ7o3/NQ/a5HnhfRyDJEUT3R5gv2q:fFUusZR7o3/NQ/kUT3gv2q |
| IMP |
5DCBAD7446F97D73DA1DA121D8CD8778 |
| PESHA1 |
584DD24642D5015CF523790CFFC5D734AA7247BF |
| PE256 |
B24DF54215D558502791013F232F2709D181478225C00F1272F9D7C971780B08 |
Runtime Data
Usage (stderr):
SPLUNK_HOME must be set. Stopping.
Loaded Modules:
| Path |
| C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
014E132916D610BB301B22ABBD994616
- Thumbprint:
B8B4F0D3FD0571E184DEBB76A1F6DB73F30FA233
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Splunk, Inc.”, O=”Splunk, Inc.”, L=San Francisco, S=California, C=US, SERIALNUMBER=4109614, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: splunk-regmon.exe
- Product Name: splunk Application
- Company Name: Splunk Inc.
- File Version: 8.2.3
- Product Version: 8.2.3 (Build cd0848707637)
- Language: English (United States)
- Legal Copyright: Copyright (C) 2005-2021
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: Unknown
MIT License. Copyright (c) 2020-2021 Strontic.