user.exe

File Path: C:\Windows\SysWOW64\user.exe
Description: User

Hashes

Type	Hash
MD5	`48D2C346C4875106531F8EE6B81D2C32`
SHA1	`80040DD456E9697BFFDEE946658990F3EBB94B49`
SHA256	`D8D689581E24A07EEC1E7B2A06E494B81509FE7C67F982905AAE8D3D90F4A567`
SHA384	`568FCF91E88EED3DB0DB9541FD3C95C7D72714E2E63A7E0AEF82BCEA8A8A801FB8EFB718B8A00024A107DC2F8B086DEA`
SHA512	`43C56A955A427CF988F3A30B4875C0A847C11EECDA3D3A0043E49B16F79C93CDD6E8CD0498D941E24EEB95E75F7A25AD032420452871E5C00A6BAD08922D60AD`
SSDEEP	`24:e1GS3Y23ddVXHsUjhGKgt46IZW0g5cNDsf2Si35WWdPPYPNS:S3/HOYQtVIZWjgYVo5WwHg`

Signature

Status: Signature verified.
Serial: 33000001733031072665B8B9B3000000000173
Thumbprint: 14590DC5C3AAF238FCFD7785B4B93F4071402C34
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: User.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.14393.0 (rs1_release.160715-1616)
Product Version: 10.0.14393.0
Language: English (United States)

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\advapi32res.dll	47
C:\Windows\system32\asferror.dll	43
C:\Windows\system32\blbres.dll	43
C:\Windows\system32\bridgeres.dll	43
C:\Windows\system32\comres.dll	44
C:\Windows\system32\DMAppsRes.dll	44
C:\Windows\system32\dmdskres.dll	49
C:\Windows\system32\dmdskres2.dll	46
C:\Windows\system32\ETWCoreUIComponentsResources.dll	46
C:\Windows\system32\icmp.dll	52
C:\Windows\system32\imageres.dll	44
C:\Windows\system32\imagesp1.dll	44
C:\Windows\system32\iologmsg.dll	43
C:\Windows\system32\lltdres.dll	44
C:\Windows\system32\MapControlStringsRes.dll	43
C:\Windows\system32\Microsoft-WindowsPhone-SEManagementProvider.dll	41
C:\Windows\system32\moricons.dll	49
C:\Windows\system32\msafd.dll	50
C:\Windows\system32\msprivs.dll	47
C:\Windows\system32\neth.dll	46
C:\Windows\system32\netmsg.dll	46
C:\Windows\system32\normaliz.dll	43
C:\Windows\system32\PhoneServiceRes.dll	49
C:\Windows\system32\PhoneutilRes.dll	47
C:\Windows\system32\qedwipes.dll	49
C:\Windows\system32\rnr20.dll	49
C:\Windows\system32\SensorsCpl.dll	40
C:\Windows\system32\SyncRes.dll	49
C:\Windows\system32\tapiui.dll	43
C:\Windows\system32\TelephonyInteractiveUserRes.dll	44
C:\Windows\system32\TpmCertResources.dll	41
C:\Windows\system32\wbem\WmiApRes.dll	46
C:\Windows\system32\WindowsPowerShell\v1.0\pwrshmsg.dll	49
C:\Windows\system32\winrsmgr.dll	44
C:\Windows\system32\wmerror.dll	41
C:\Windows\system32\wmploc.DLL	43
C:\Windows\system32\XAudio2_8.dll	43
C:\Windows\SysWOW64\advapi32res.dll	47
C:\Windows\SysWOW64\asferror.dll	44
C:\Windows\SysWOW64\comres.dll	47
C:\Windows\SysWOW64\DMAppsRes.dll	44
C:\Windows\SysWOW64\dmdskres.dll	47
C:\Windows\SysWOW64\dmdskres2.dll	52
C:\Windows\SysWOW64\ETWCoreUIComponentsResources.dll	44
C:\Windows\SysWOW64\icmp.dll	50
C:\Windows\SysWOW64\imageres.dll	47
C:\Windows\SysWOW64\imagesp1.dll	49
C:\Windows\SysWOW64\iologmsg.dll	46
C:\Windows\SysWOW64\MapControlStringsRes.dll	44
C:\Windows\SysWOW64\moricons.dll	55
C:\Windows\SysWOW64\msafd.dll	54
C:\Windows\SysWOW64\mscpx32r.dLL	47
C:\Windows\SysWOW64\msorc32r.dll	44
C:\Windows\SysWOW64\neth.dll	50
C:\Windows\SysWOW64\netmsg.dll	43
C:\Windows\SysWOW64\normaliz.dll	46
C:\Windows\SysWOW64\PhoneutilRes.dll	46
C:\Windows\SysWOW64\qedwipes.dll	47
C:\Windows\SysWOW64\rnr20.dll	52
C:\Windows\SysWOW64\SensorsCpl.dll	40
C:\Windows\SysWOW64\SyncRes.dll	49
C:\Windows\SysWOW64\tapiui.dll	43
C:\Windows\SysWOW64\TpmCertResources.dll	44
C:\windows\SysWOW64\user.exe	50
C:\WINDOWS\SysWOW64\user.exe	54
C:\Windows\SysWOW64\user.exe	50
C:\Windows\SysWOW64\user.exe	54
C:\Windows\SysWOW64\user.exe	54
C:\WINDOWS\SysWOW64\user.exe	49
C:\Windows\SysWOW64\user.exe	54
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshmsg.dll	49
C:\Windows\SysWOW64\winrsmgr.dll	49
C:\Windows\SysWOW64\wmerror.dll	46
C:\Windows\SysWOW64\wmploc.DLL	41
C:\Windows\SysWOW64\XAudio2_8.dll	46