unregmp2.exe
- File Path:
C:\Windows\SysWOW64\unregmp2.exe
- Description: Microsoft Windows Media Player Setup Utility
Hashes
| Type |
Hash |
| MD5 |
33A85B3DCFFEADA67C98EAC342B93DCB |
| SHA1 |
33856AD378DB2ECEAEF0C7F4817995A277F25592 |
| SHA256 |
1DF2F5FC3369F5901068AD9463D7A165FD8E7EE7A12CA6C1A88992BB1484632E |
| SHA384 |
E4DF469FCA2DBAAE1A69BC163519C8DD313E4B0AD2D8060FA98F30966B24432EC08D469F80CF896EF16E5274CCD2DA9E |
| SHA512 |
75F7633CA44E84D58203EF62373BB5911E95738B4D659269BFA3AD222F518AD98802225AB7461048CA9883B39DACCAF0C5C9749FE8AD9B6E434D52B93C3FED73 |
| SSDEEP |
3072:TI/3G2NOfAg0IezJCqk6SRaqprku+k5lzndAUmaH+b9s1:TIL5HeZlzdAkebA |
| IMP |
567DEBB2A156B506ED421C435F1B2E33 |
| PESHA1 |
34E5C7262181A1476F88271FA43385C7BAB7F6CD |
| PE256 |
F78219179657C76950961DE298BE9A5875E7A643646F21DD533DDDA1FA319067 |
Runtime Data
Child Processes:
RdpSa.exe
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\unregmp2.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: unregmp2.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 12.0.17763.1 (WinBuild.160101.0800)
- Product Version: 12.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/1df2f5fc3369f5901068ad9463d7a165fd8e7ee7a12ca6c1a88992bb1484632e/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.