windeploy.exe
- File Path:
C:\Windows\system32\oobe\windeploy.exe
- Description: Windows Deployment Loader
Hashes
| Type |
Hash |
| MD5 |
EA676C04C5C5140D3C838E04AC61E996 |
| SHA1 |
18242272C0F4DD1FC0BE8145ED6406E764022679 |
| SHA256 |
EBF0A6CA1D50F0D8B547D15BEDB495CC3906137FD4597AF1415CD2901F2FCE1F |
| SHA384 |
B1C0A24D5C021F3C6D2990B598361F0798DB9C2DEDF75C21FEFE336D523C26AEDBFF4F9BCE6111BB936A85C211FDF629 |
| SHA512 |
3B043DD533A4C9CEAAA72AFADAC104CD7F0C6F3D1BB9B693813876247D2FC0EED1BF2404E970E0524448AAAB96FE5CF6785F9FEE5162CC4E2C9A1E688C0563AC |
| SSDEEP |
3072:0U09haHT+MmU7l3JWL7oscaRWG8gexF7M5Xl0mh5QF2q2B7F8uKNxNNZx0neWA+:f0A5JaMGwF7M5Xl0mhl7U97x0PA |
| IMP |
E8EFB30246F2B3782F1F608B78A4C5AF |
| PESHA1 |
564E8F2FDB9DCEA6B76EB7642BA3C43A2F2DEBFF |
| PE256 |
33A093E05530C24FE127365B09446C12029D6DC9507AC2DBE812A3266FB60FC4 |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\oobe\en-US\windeploy.exe.mui |
File |
| (RW-) C:\Users\user\Documents |
File |
| (RW-) C:\Windows\Panther\UnattendGC\diagerr.xml |
File |
| (RW-) C:\Windows\Panther\UnattendGC\diagwrn.xml |
File |
| (RW-) C:\Windows\Panther\UnattendGC\setupact.log |
File |
| (RW-) C:\Windows\Panther\UnattendGC\setuperr.log |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \BaseNamedObjects\SetupLogSection |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\oobe\windeploy.exe |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\ucrtbase.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WinDeploy.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/ebf0a6ca1d50f0d8b547d15bedb495cc3906137fd4597af1415cd2901f2fce1f/detection/
MIT License. Copyright (c) 2020-2021 Strontic.