xpsrchvw.exe
- File Path:
C:\Windows\system32\xpsrchvw.exe - Description: XPS Viewer
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | A2CC3881C0842B1C4181A6E6FCE6E836 |
| SHA1 | A484ECC2512C3624501A6D6E79A5B6C94947C28C |
| SHA256 | 4F952762181F94C8007EAD69BAC284848DEA839F9BB2A3B64943397190F1F258 |
| SHA384 | 664C61C92EDAD4D8EDA4C17EE0C76A5885FDD39E3FFB83B518781E92673449178FD56CB2A43E4A6581E1C48930F1E09B |
| SHA512 | 58907AC9760255F45F291D20E8CF18886584E620337A08D792430D15CB51854918174CC849E8AC5AA04B8709C803AD56C156C30A6397FFF7018C003641E8AC6E |
| SSDEEP | 49152:HKPn7pZVxibHaSmrIGnpgM4B2dyk8F2dp34epeORN5VPHv2RHQiuKGfS6E1tT6kf:HKP3WM4uyrgb34oPVPHdItaQMw |
Runtime Data
Window Title:
XPS Viewer
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\duser.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\imageres.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\xpsrchvw.exe.mui | File |
| (R-D) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.17763.1397_en-us_f4818e157fed07c9\comctl32.dll.mui | File |
| (RW-) C:\Users\user\Documents | File |
| (RW-) C:\Windows\System32 | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.17763.1397_en-us_f4818e157fed07c9 | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.1397_none_de7645305346d5dc | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17763.1397_none_0f613815add94faa | File |
| \BaseNamedObjects__ComCatalogCache__ | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \RPC Control\DSEC1990 | Section |
| \Sessions\2\Windows\Theme4283305886 | Section |
| \Windows\Theme1956823608 | Section |
Loaded Modules:
| Path |
|---|
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\xpsrchvw.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: xpsrchvw.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
MIT License. Copyright (c) 2020-2021 Strontic.