wowreg32.exe
- File Path:
C:\Windows\system32\wowreg32.exe
- Description: SetupAPI 64-bit Surrogate
Hashes
| Type |
Hash |
| MD5 |
A94E8C8C8D5D5F7BCD38C9EE5C1C08BF |
| SHA1 |
EBE201223C357174549CDEC945D1897B0BFFFCE4 |
| SHA256 |
FDC250B842E7744BC51D217941465DF1055C9780966E00A701557CCF1F1A6905 |
| SHA384 |
7E1090A676BD7B34812EEFD6F6692ADF0F7FF58175A2136D2297C235BF3C8BC225CD4F1E1E895A1D71DE730C46302288 |
| SHA512 |
04AE579F76325DB9BB37D9B81F7147315A6BD92CF3FCACD40884924CEBCA89FE9BE4BD4879602574DC84AB018B39F6D336948E89A9B1C8322A3EE188C9D041B3 |
| SSDEEP |
384:i//v1X5Ns17zhiel+5Ob+DQ0CxN71ej46KLrWgTZjHW:i//v1DslzhhgI0Cz7PtBZj |
| IMP |
9E395710D74BF587FAC4F5CA37BF2548 |
| PESHA1 |
7B88EA3260AA49D69458AD624FCC57A1E7E759C7 |
| PE256 |
92E01394C55F420BAEECC954B439C7ABCCB32C78FAFB28129A87742479B803CD |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\wowreg32.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WOWREG32.EXE
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.546 (WinBuild.160101.0800)
- Product Version: 10.0.19041.546
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/fdc250b842e7744bc51d217941465df1055c9780966e00a701557ccf1f1a6905/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.