storage.dll

  • File Path: C:\Windows\SysWOW64\storage.dll
  • Description: Windows Win16 Application Launcher

Hashes

Type Hash
MD5 9A355B75137E8A5F3C384C999CC6DBBC
SHA1 2BE21636F3C2899F1217C289351B106118A5E197
SHA256 126A00E34A6516C0D382A221071AB4084031C2A89CCB6144CAB960CE1F86EE2C
SHA384 C1ECAB572CB40C36216EE88AE7460B57B32C2A892DBA08B9C1D10E872214DDD4C2989E68A663C25EBDAD451683D89601
SHA512 FCB87C0D0C21EEE8562AA4860BFB63800DC5D4EB1A34F8A4B9A7B14023BDA3E49817F07C13BD32721E0A5D4ECB956E3C791195885382DC46ABE18630064FB268
SSDEEP 192:hYbvzg8JnPUVTccGPsO5vhK2uSVST+hg:hYBmTccGPsO5zFVST+h
PESHA1 2BE21636F3C2899F1217C289351B106118A5E197
PE256 126A00E34A6516C0D382A221071AB4084031C2A89CCB6144CAB960CE1F86EE2C

Signature

  • Status: Signature verified.
  • Serial: 330000026551AE1BBD005CBFBD000000000265
  • Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WOWEXEC.EXE
  • Product Name: Microsoft Windows(TM) Operating System
  • Company Name: Microsoft Corporation
  • File Version: 3.10
  • Product Version: 3.10
  • Language: English (United States)
  • Legal Copyright: Copyright Microsoft Corp. 1981-1996
  • Machine Type: 16-bit

File Scan

  • VirusTotal Detections: 0/66
  • VirusTotal Link: https://www.virustotal.com/gui/file/126a00e34a6516c0d382a221071ab4084031c2a89ccb6144cab960ce1f86ee2c/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\compobj.dll 100
C:\Windows\SysWOW64\ole2.dll 100
C:\Windows\SysWOW64\ole2disp.dll 100
C:\Windows\SysWOW64\ole2nls.dll 100
C:\Windows\SysWOW64\typelib.dll 100

Possible Misuse

The following table contains possible examples of storage.dll being misused. While storage.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma proc_access_win_in_memory_assembly_execution.yml - '\|C:\Windows\SYSTEM32\windows.storage.dll+' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.