wscadminui.exe
- File Path:
C:\Windows\SysWOW64\wscadminui.exe
- Description: Windows Security Center Elevated UI App
Hashes
| Type |
Hash |
| MD5 |
6BBE958817164C150231B1711A97E9CA |
| SHA1 |
132875A5D27B43C900EAC3681500310831B4037B |
| SHA256 |
13761247515B436B1CA3C4609EED652351A25F14812559CB266B935A78A06631 |
| SHA384 |
C1908C45EE722AC09F8DDC572138653EC1427CDF08519B2FA5BD6F496FD9DCB68B8D2D20234AC02CC86D046AC8611C49 |
| SHA512 |
8D901CB4BB8E3AC031070860CC8BA7CAA6F61FD22BE07CB0290150E379C73BB9A26D85E89B737483B19D92411FD3822D061A1183FAAAA507E17BCAA947458AFC |
| SSDEEP |
96:equG4XxXXYtsp20nGDrDGjQ5HEJuDWfMG/ALEW1chRWwpERF:KGKxXXYwx7exDWfMG/AQWKhRWXRF |
| IMP |
3D14FF3AED50FB9C7612F737F4A41021 |
| PESHA1 |
8A616A0A6DF9E1CA9C0117FFEF3C0AE9961700FD |
| PE256 |
6E2D981377DF3E208F7D6B70F5878EF73B23D6EE430954074FF3367E72728989 |
Runtime Data
Child Processes:
explorer.exe
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\wscadminui.exe |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wscadminui.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1081 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1081
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/13761247515b436b1ca3c4609eed652351a25f14812559cb266b935a78a06631/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.