splunk-winhostinfo.exe

  • File Path: C:\Program Files\SplunkUniversalForwarder\bin\splunk-winhostinfo.exe
  • Description: Monitor windows host

Hashes

Type Hash
MD5 C5D5F73FBAFC586E6621BA5F3A8EFDBF
SHA1 2D5629447502CEF09518C7F62946B67F2887E43A
SHA256 9F5F3D12D664A1997A232AFB4BE1816E6DB2093004DF1EE8A3E2BED8CD6D0E09
SHA384 A90DD133C722533257D087DBDE56132320E11BF6924E4B6BA895A5B3AAF4C2759D8BAC3519E084356A6D1C62509C2BC3
SHA512 46F6E1F0B7824429F92219B5EF3788DC88F39938065B9C4F479DE762786F0580C2338E58D6CFB5CA09B56595DF004B355505DABCB14C843CAF6CBFB5B80E8288
SSDEEP 196608:/d9NgR/2L2yr7uLb4kp6tl81ksxNEb5zUyF9UlRwNQ2xp:/baF4r7u/p6tl8NOfUUW2xp
IMP 365969804A191C42BB9F8FDC98C0FB00
PESHA1 FFA5C2E085C8DBE4ADB9D662F1AD9D518872ECF0
PE256 FD21DADC2E91E2ABC7C2C2D88EC0F531EBE3E3490C801FAE0705CF91F8128B0A

Runtime Data

Usage (stderr):

runWinHostMon: SPLUNK_HOME must be set.  Stopping.
SPLUNK_HOME must be set.  Stopping.

Loaded Modules:

Path
C:\Program Files\SplunkUniversalForwarder\bin\splunk-winhostinfo.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 014E132916D610BB301B22ABBD994616
  • Thumbprint: B8B4F0D3FD0571E184DEBB76A1F6DB73F30FA233
  • Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=”Splunk, Inc.”, O=”Splunk, Inc.”, L=San Francisco, S=California, C=US, SERIALNUMBER=4109614, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

File Metadata

  • Original Filename: splunk-winhostmon.exe
  • Product Name: splunk Application
  • Company Name: Splunk Inc.
  • File Version: 8.2.3
  • Product Version: 8.2.3 (Build cd0848707637)
  • Language: English (United States)
  • Legal Copyright: Copyright (C) 2005-2021
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: Unknown

MIT License. Copyright (c) 2020-2021 Strontic.