ucsvc.exe

File Path: C:\Windows\system32\ucsvc.exe
Description: Boot File Servicing Utility

Hashes

Type	Hash
MD5	`909E5A293A94055D67AF53A7EDF27D27`
SHA1	`B04D2E846EF7CC1D8D224F07D2F8D7BAE7F2BF6E`
SHA256	`2BFAC411F014D87171CF09B110EC44436F4A0850B8B2CC3A4F72E7412F7A9D39`
SHA384	`F943A5C14E251CA0FF24530FCFDC6BB7F297746616EDF0A5B66889410452AFC44BC8D4F7E9B18AEF63552776CC2F67BC`
SHA512	`33855BEB5BF9A23C2ED2B6C58C6F52E8EC0EB2E5CAC558FD2EA33E5FFE78D021397A055D72739D4374592C15EACAC3E1BBA6DAFDAF36044409CFEB9FCF361455`
SSDEEP	`768:UxjRyM/jOSSwjaV7/hgRHMNM07mqEBNhkW8RYBQOL9czpoJI1PQdOY:UBRtOiIpOr07mqAaPR2L+NoePQQY`
IMP	`0E0328595A346203B68DE1869CCFF8C2`
PESHA1	`B5078D3E8674326EAD5331B9F398D0D579EFE7E8`
PE256	`9BEDFEAD1AA98C577DD9CD1216ACD923FD8E7DA31E690728074B90FC266645E6`

Runtime Data

Loaded Modules:

Path
C:\Windows\System32\advapi32.dll
C:\Windows\System32\combase.dll
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\RPCRT4.dll
C:\Windows\System32\sechost.dll
C:\Windows\System32\shcore.dll
C:\Windows\System32\ucrtbase.dll
C:\Windows\system32\ucsvc.exe

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: bfsvc.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/75
VirusTotal Link: https://www.virustotal.com/gui/file/2bfac411f014d87171cf09b110ec44436f4a0850b8b2cc3a4f72e7412f7a9d39/detection

MIT License. Copyright (c) 2020-2021 Strontic.