winhlp32.exe

  • File Path: C:\windows\winhlp32.exe
  • Description: Windows Winhlp32 Stub

Hashes

Type Hash
MD5 335C38783B3F1B383ECAC17DB3705895
SHA1 62FEB04D2D7F0201FB8B504F800D8AEE941EF583
SHA256 FA17F4BA95F3A9C109A4479ADAB435587245286B050101CDDC91C0E17EAD09BF
SHA384 03BEAD7A258273C55C1E201CAB744B6E368625FB2655FB34AD4A80FE8E981290E695219E1875DA8B9AE3EDC7D1660D91
SHA512 C86FB05FCB92F8B39D16F2067FAF2FBF1DC25B84FD2D4796BA690C9A7FBDE7C88C79173D7FA8E515DDA7FFD15B06281AD688C684CBA7323177CDC2BF08393D1F
SSDEEP 192:gsmOdb+XliQTMBVlB9Y10F/kjW1eHWThh4jt7p:nOXliKG/hijW1eHWThh43

Signature

  • Status: The file C:\windows\winhlp32.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: WINHLP32.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of winhlp32.exe being misused. While winhlp32.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_korplug_fast.yar $s4 = “\winhlp32.exe” fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.