winhlp32.exe

  • File Path: C:\WINDOWS\winhlp32.exe
  • Description: Windows Winhlp32 Stub

Hashes

Type Hash
MD5 CAA192BFDFB5F2A131EBD649B7062DE3
SHA1 720FB8AC42F6A86FC06D1CF54F3F9F74F5F0E8DE
SHA256 95EC2D3B4BF074A3540D533A57D616EFFD81C8FC6EC98F704ACBF96B7793634B
SHA384 80A8338CC8EC152C441567208A8E4F626FD75D95F12E77C712AC3F49A4A380A194D05FE1D05F368A9C00C4A9D25BD537
SHA512 22DF4780B41ED63616464AA57910010134FFA76DC9972555926B567FE5C8DBE2178C2BB7A939A3B8F08CF5C6FC6DFBD1B3C817BB5A6164A575F32140FE9E6C8B
SSDEEP 192:Rfq4m+jaCWGEZxyqQ4t5tmXdkLWyeHWnhh4jAr7b:RfCSWG+tnCqLWyeHWnhh4Uf

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WINHLP32.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.1 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\winhlp32.exe 63

Possible Misuse

The following table contains possible examples of winhlp32.exe being misused. While winhlp32.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
signature-base apt_korplug_fast.yar $s4 = “\winhlp32.exe” fullword ascii CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.