user.exe

File Path: C:\WINDOWS\SysWOW64\user.exe
Description: User

Hashes

Type	Hash
MD5	`2D7FE92D519E19374302B72E88ACF56E`
SHA1	`D86FC65DBF73CA8E14B0EC902A33CACF2B0BCD38`
SHA256	`D761C5548CF82B54B4AC4AB6616D1B6EA9AB547613654AA3C1DF78AAD4E6918B`
SHA384	`5A9D7D8AFD7BEB6A90DBE6B9E40D12EDDDB4BBF81FE654FC6794BBB7F452F4C6B143A3BDB7DDD385812EECB7895EEDEB`
SHA512	`240DC12A38C8BD7C8B80E8E7B5FF5D4D3E2F5D003BCD0D1EF01ABAF97C3AF2BC98EF3C28D6E00F1B7998763C50DD94EDF42FA9857DAB80FC22CF8E390A90595C`
SSDEEP	`24:ev1GSFTF5Rm8moj8+FE5VGKGINyPiIZW0gNNzl2Si35WWdPPYPN/:qFTsDojzFEUINbIZWjXzno5WwHg`

Signature

Status: Signature verified.
Serial: 330000023241FB59996DCC4DFF000000000232
Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: User.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.18362.1 (WinBuild.160101.0800)
Product Version: 10.0.18362.1
Language: English (United States)

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\advapi32res.dll	44
C:\Windows\system32\asferror.dll	44
C:\Windows\system32\blbres.dll	41
C:\Windows\system32\bridgeres.dll	43
C:\Windows\system32\comres.dll	43
C:\Windows\system32\DMAppsRes.dll	43
C:\Windows\system32\dmdskres.dll	44
C:\Windows\system32\dmdskres2.dll	47
C:\Windows\system32\ETWCoreUIComponentsResources.dll	41
C:\Windows\system32\icmp.dll	46
C:\Windows\system32\imageres.dll	43
C:\Windows\system32\imagesp1.dll	49
C:\Windows\system32\iologmsg.dll	46
C:\Windows\system32\lltdres.dll	43
C:\Windows\system32\MapControlStringsRes.dll	44
C:\Windows\system32\Microsoft-WindowsPhone-SEManagementProvider.dll	40
C:\Windows\system32\moricons.dll	49
C:\Windows\system32\msafd.dll	44
C:\Windows\system32\msprivs.dll	43
C:\Windows\system32\neth.dll	41
C:\Windows\system32\netmsg.dll	41
C:\Windows\system32\normaliz.dll	52
C:\Windows\system32\PhoneServiceRes.dll	43
C:\Windows\system32\PhoneutilRes.dll	43
C:\Windows\system32\qedwipes.dll	46
C:\Windows\system32\rnr20.dll	44
C:\Windows\system32\SensorsCpl.dll	40
C:\Windows\system32\SyncRes.dll	40
C:\Windows\system32\tapiui.dll	43
C:\Windows\system32\TelephonyInteractiveUserRes.dll	44
C:\Windows\system32\TpmCertResources.dll	38
C:\Windows\system32\wbem\WmiApRes.dll	46
C:\Windows\system32\WindowsPowerShell\v1.0\pwrshmsg.dll	41
C:\Windows\system32\winrsmgr.dll	43
C:\Windows\system32\wmerror.dll	40
C:\Windows\system32\wmploc.DLL	43
C:\Windows\system32\XAudio2_8.dll	41
C:\Windows\SysWOW64\advapi32res.dll	46
C:\Windows\SysWOW64\asferror.dll	47
C:\Windows\SysWOW64\comres.dll	44
C:\Windows\SysWOW64\DMAppsRes.dll	43
C:\Windows\SysWOW64\dmdskres.dll	50
C:\Windows\SysWOW64\dmdskres2.dll	44
C:\Windows\SysWOW64\ETWCoreUIComponentsResources.dll	38
C:\Windows\SysWOW64\icmp.dll	43
C:\Windows\SysWOW64\imageres.dll	43
C:\Windows\SysWOW64\imagesp1.dll	49
C:\Windows\SysWOW64\iologmsg.dll	43
C:\Windows\SysWOW64\MapControlStringsRes.dll	46
C:\Windows\SysWOW64\moricons.dll	50
C:\Windows\SysWOW64\msafd.dll	47
C:\Windows\SysWOW64\mscpx32r.dLL	47
C:\Windows\SysWOW64\msorc32r.dll	40
C:\Windows\SysWOW64\neth.dll	43
C:\Windows\SysWOW64\netmsg.dll	41
C:\Windows\SysWOW64\normaliz.dll	47
C:\Windows\SysWOW64\PhoneutilRes.dll	46
C:\Windows\SysWOW64\qedwipes.dll	49
C:\Windows\SysWOW64\rnr20.dll	52
C:\Windows\SysWOW64\SensorsCpl.dll	43
C:\Windows\SysWOW64\SyncRes.dll	43
C:\Windows\SysWOW64\tapiui.dll	43
C:\Windows\SysWOW64\TpmCertResources.dll	41
C:\windows\SysWOW64\user.exe	55
C:\Windows\SysWOW64\user.exe	54
C:\Windows\SysWOW64\user.exe	52
C:\Windows\SysWOW64\user.exe	65
C:\Windows\SysWOW64\user.exe	60
C:\WINDOWS\SysWOW64\user.exe	58
C:\Windows\SysWOW64\user.exe	54
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshmsg.dll	43
C:\Windows\SysWOW64\winrsmgr.dll	47
C:\Windows\SysWOW64\wmerror.dll	43
C:\Windows\SysWOW64\wmploc.DLL	46
C:\Windows\SysWOW64\XAudio2_8.dll	41