wksprt.exe
- File Path:
C:\Windows\system32\wksprt.exe
- Description: RemoteApp and Desktop Connection Runtime
Hashes
| Type |
Hash |
| MD5 |
BA81ED5D41505A2311DB75585620A381 |
| SHA1 |
F02403A281B8D80176C37C24B10E53E1A8CBCCE6 |
| SHA256 |
3159D37162E97C34BD7809FA98AAAD1993F2FB72D70806503F808820AD5871D9 |
| SHA384 |
4098E1491B17D226013F903F5E5E511A158190FC4BCD3AB58ACD90302D217E75C14BC155D0871E62E02EDA1DE2254C2C |
| SHA512 |
D8BA2082E48F807C7FB2D6643EF3CFA66F69CAA96338C5CA0FEF9562AC68F4664CCD801872194C14F7C9A0961F46F7F25D9297DB98021F1F8CCA82B765D2D647 |
| SSDEEP |
12288:jBu21sy5Y1mg+vG3tKvA2HdiqZtL9XCXIB7GjFMvT3lxR:jBn1ZYy+3tmA2L9SimI |
| IMP |
88A462E0F580961648CAD58E157C0D43 |
| PESHA1 |
C379922F4D659746EB1A152AC172AA114B9A26CF |
| PE256 |
6F5B6E0072692550F6DBA5D5B7778F168F7D968FAD876D242B0830B5F440D92A |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\wksprt.exe.mui |
File |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21 |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \Sessions\1\Windows\Theme1175649999 |
Section |
| \Windows\Theme601709542 |
Section |
Loaded Modules:
| Path |
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\system32\wksprt.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wksprt.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/3159d37162e97c34bd7809fa98aaad1993f2fb72d70806503f808820ad5871d9/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.