mirror of
https://github.com/LOLBAS-Project/LOLBAS
synced 2024-12-25 14:29:24 +01:00
Create LOLBINS_File_Info
As a security researcher, LOLBINS file information is required while writing rules. I would like to contribute this information to your project in order to add missing data for LOLBIN files. This table doesn't include all LOLBINS, but it's a good start.
This commit is contained in:
parent
9ee5548623
commit
889f26e75f
191
LOLBINS_File_Info
Normal file
191
LOLBINS_File_Info
Normal file
@ -0,0 +1,191 @@
|
||||
| File Name | Internal Name | Original File Name | Product Name | Hash (SHA256) - Can change according to the OS version |
|
||||
|---------------------------------------------------------------------------------------------|---------------------------------------------------------------|---------------------------------------|------------------------------------------------|------------------------------------------------------------------|
|
||||
| cmd.exe | cmd | Cmd.Exe | Microsoft® Windows® Operating System | 265B69033CEA7A9F8214A34CD9B17912909AF46C7A47395DD7BB893A24507E59 |
|
||||
| powershell.exe | POWERSHELL | PowerShell.EXE | Microsoft® Windows® Operating System | 64DD55E1C2373DEED25C2776F553C632E58C45E56A0E4639DFD54EE97EAB9C19 |
|
||||
| pwsh.exe | pwsh.dll | pwsh.dll | PowerShell | A8876DAE24FA8A7FBC2155FDAC0649E9AF02CEABC45C8AE59E916FC0152E52FA |
|
||||
| c:\windows\system32\forfiles.exe | forfiles.exe | forfiles.exe | Microsoft® Windows® Operating System | 9B4886F187489A190BB2C412772C1998539F086C63A4CFD72FF3B107CBC21907 |
|
||||
| c:\windows\syswow64\forfiles.exe | forfiles.exe | forfiles.exe | Microsoft® Windows® Operating System | 7074D2A9C3D669A15D5B3A7BA1226DBBA05888CC537CF055FED6371F32F0C1F5 |
|
||||
| quser.exe | quser | quser.exe | Microsoft® Windows® Operating System | 766C791EDFA6EEEBA0F99D6481BFE23BF59E6ACB81A930B71F3AA33EFBAFE544 |
|
||||
| qprocess.exe | qprocess | qprocess.exe | Microsoft® Windows® Operating System | F71965F45A393E95B8C10B6D8947903BD0F035FC8CA3982D0F1A7D42B23FA315 |
|
||||
| c:\windows\system32\taskkill.exe | taskkill.exe | taskkill.exe | Microsoft® Windows® Operating System | 56F8CC2C1790C389394733B84C3FB55E10977E9F0FE0C08110AC11F0FE47F05E |
|
||||
| c:\windows\syswow64\taskkill.exe | taskkill.exe | taskkill.exe | Microsoft® Windows® Operating System | 4E664B35E8DE6C6B38E3231DFAF00744435FFB806E00355FECE1E0CC1D2121C1 |
|
||||
| tskill.exe | tskill | tskill.exe | Microsoft® Windows® Operating System | 8D9373EBD69F42153B0B47DBDA2174811599DB91630651CA01627AC1795F8D56 |
|
||||
| c:\windows\system32\cscript.exe | cscript.exe | cscript.exe | Microsoft ® Windows Script Host | 588AE8F59371598E379DCDAFDC0E70C66492A1A998A37878A1626637AC1E1049 |
|
||||
| c:\windows\syswow64\cscript.exe | cscript.exe | cscript.exe | Microsoft ® Windows Script Host | D1AB3C18054FB92E0B1AC90EFCCA3E8F448A2A415029DE535DE31FEB707DC931 |
|
||||
| c:\windows\system32\net.exe | net.exe | net.exe | Microsoft® Windows® Operating System | 9F376759BCBCD705F726460FC4A7E2B07F310F52BAA73CAAAAA124FDDBDF993E |
|
||||
| c:\windows\syswow64\net.exe | net.exe | net.exe | Microsoft® Windows® Operating System | 7C4C7725E266F12ABA8C50FD1598D4001201BCA0E7ACA901508307E365AFFF42 |
|
||||
| c:\windows\system32\net1.exe | net1.exe | net1.exe | Microsoft® Windows® Operating System | E62071AA18768DD88ACAF97FA7B1F2FEC9FCCE89736C1EE9A800699328D196EA |
|
||||
| c:\windows\syswow64\net1.exe | net1.exe | net1.exe | Microsoft® Windows® Operating System | B25CF32B7BB76D5A5121919C63E6AE77262347F4AD7B29EE3C43CBAA61F43957 |
|
||||
| c:\windows\system32\ping.exe | ping.exe | ping.exe | Microsoft® Windows® Operating System | 7AF50FA112932EA3284F7821B2EEA2B7582F558DBA897231BB82182003C29F8B |
|
||||
| c:\windows\syswow64\ping.exe | ping.exe | ping.exe | Microsoft® Windows® Operating System | 4AAA74F294C15AEB37ADA8185D0DEAD58BD87276A01A814ABC0C4B40545BF2EF |
|
||||
| nltest.exe | nltestrk.exe | nltestrk.exe | Microsoft® Windows® Operating System | F8D8869F640AF7156984E2D917C0BC101AE0C0823B270D268F074CA8307046BC |
|
||||
| NETDOM.EXE | NETDOM.EXE | NETDOM.EXE | Microsoft® Windows® Operating System | f2caafc70211041e0d4ed16ef6d6478baf97d7c0c366dbfe24756d49f66fceac |
|
||||
| c:\windows\system32\ftp.exe | ftp.exe | ftp.exe | Microsoft® Windows® Operating System | 9728A3B5755A67A4EBE91A04730EFCC2CABEBACBB41FFCA75A71B42502E3D7D5 |
|
||||
| c:\windows\syswow64\ftp.exe | ftp.exe | ftp.exe | Microsoft® Windows® Operating System | 43784D61F7ABA93CBD8127251229C66FE37B3AF0759CA07E70CA7FA96B13CFB1 |
|
||||
| c:\windows\system32\bitsadmin.exe | bitsadmin.exe | bitsadmin.exe | Microsoft® Windows® Operating System | 739B2DD012EA183895CC01116906F339C9AA1C0BAABF6F22C8E59E25A0C12917 |
|
||||
| c:\windows\syswow64\bitsadmin.exe | bitsadmin.exe | bitsadmin.exe | Microsoft® Windows® Operating System | C93B7734470CF96C5170F7B21F361CDF3F74CA819626C83C4B8A68210DEEB35C |
|
||||
| MSBuild.exe | MSBuild.exe | MSBuild.exe | Microsoft® Build Tools® | 091A9A4C63D65CC6066EF5E6D0A2F66ABB512B427258A52328BC89C62D6C69FC |
|
||||
| C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe | InstallUtil.exe | InstallUtil.exe | Microsoft® .NET Framework | DBC0E4628C052F6F61ADA2E8E5E03301FB02D323CB9091FE2C85967B7B9216E2 |
|
||||
| c:\windows\system32\curl.exe | curl | curl.exe | The curl executable | 6CF60C768A7377F7C4842C14C3C4D416480A7044A7A5A72B61FF142A796273EC |
|
||||
| c:\windows\syswow64\curl.exe | curl | curl.exe | The curl executable | EC8BF6762F75FDD8254E8E22FBD3CE9DE6015939D9875160ADA0C00F8374674E |
|
||||
| wget.exe | wget | wget.exe | Wget | CF02B7614FEA863672CCBED7701E5B5A8FAD8ED1D0FAA2F9EA03B9CC9BA2A3BA |
|
||||
| choco.exe | choco.exe | choco.exe | Chocolatey | 463637654593C3AE015F556CCD9427EFC6FEB6AA466A0D29993ACC611ADF19AD |
|
||||
| c:\windows\system32\wmic.exe | wmic.exe | wmic.exe | Microsoft® Windows® Operating System | CD7AB08D987F6A2BFC7AFFA1C43C461CC483D8FBF40BCA0B31A6C6194EA9ABD4 |
|
||||
| c:\windows\syswow64\wmic.exe | wmic.exe | wmic.exe | Microsoft® Windows® Operating System | C2E1760632F117C2180A96CB1FEF7FFD7930D7F0F385B4A3E374370807E20948 |
|
||||
| ssh.exe | - | - | OpenSSH for Windows | 722BEE41CCF54B88660C0E67ADEB2C9612C18D739E5A8EB8C35C3D7066A95871 |
|
||||
| c:\windows\system32\netsh.exe | netsh.exe | netsh.exe | Microsoft® Windows® Operating System | 6B691B06FA865F52C9484EF4F10E2E02ED6D7C3A3F474B8B138A33AF7258B2A9 |
|
||||
| c:\windows\syswow64\netsh.exe | netsh.exe | netsh.exe | Microsoft® Windows® Operating System | 9EFA9DAFA09AE9BA6390A8F0F6751006C18A98B6692667CA08367CDDB47AC634 |
|
||||
| c:\windows\system32\diskpart.exe | diskpart.exe | diskpart.exe | Microsoft® Windows® Operating System | A103F691BF237961408EBAE49412E888C0B39F7FCAD210CAA15E10BC0833205C |
|
||||
| c:\windows\syswow64\diskpart.exe | diskpart.exe | diskpart.exe | Microsoft® Windows® Operating System | 97EC0642D2BD32E218CECB63123083CD0DA167DEBDD7251A5ED3CFADA9967481 |
|
||||
| c:\windows\system32\fltMC.exe | fltMC.exe | fltMC.exe | Microsoft® Windows® Operating System | 20000B0A1588885C712FE7D9B2E3938FC64CAFA47154EBF8E372455F142A676C |
|
||||
| c:\windows\syswow64\fltMC.exe | fltMC.exe | fltMC.exe | Microsoft® Windows® Operating System | CBEF2064CF49B4B27DBF7D0C88C8F7BCDD6A7F25EE9C087BEACB48CDD1B78731 |
|
||||
| c:\windows\system32\schtasks.exe | schtasks.exe | schtasks.exe | Microsoft® Windows® Operating System | 9A80453518078BADF0679B0CF30F50A83163E5264A2665C6052CC27F168C50F2 |
|
||||
| c:\windows\syswow64\schtasks.exe | schtasks.exe | schtasks.exe | Microsoft® Windows® Operating System | 29F6FC1BB0E68CB4FC1EC597604EC5ACA7FCEF7D0D9241218596D941F04F16E7 |
|
||||
| c:\windows\system32\at.exe | AT.EXE | AT.EXE | Microsoft® Windows® Operating System | 5B97C39D87AD627C53023BFEBB0EA1B5227C3F4E86E3BF06B23F3E4B0D6726E2 |
|
||||
| c:\windows\syswow64\at.exe | AT.EXE | AT.EXE | Microsoft® Windows® Operating System | C27460533B663278C2C03CD85384AA2560BC4A8FFA6D7160B070F8BE62839145 |
|
||||
| c:\windows\system32\ntdsutil.exe | ntdsutil.exe | ntdsutil.exe | Microsoft® Windows® Operating System | 08B052934E91C0CF0E4328FAD74BABE3A5CCD95D94C5124C205D4D1957F464A8 |
|
||||
| c:\windows\syswow64\ntdsutil.exe | ntdsutil.exe | ntdsutil.exe | Microsoft® Windows® Operating System | AF6806D6B01A347A996D33354610497EFBCDBD20A435E5336A2C2A99AEAF7986 |
|
||||
| c:\windows\system32\fsutil.exe | fsutil.exe | fsutil.exe | Microsoft® Windows® Operating System | 8767BC230A6928DF40B66A1D127C7DBAEDF70BD18D5C20C094FFC7F23902A7CF |
|
||||
| c:\windows\syswow64\fsutil.exe | fsutil.exe | fsutil.exe | Microsoft® Windows® Operating System | B732E4E29A2D768417BBCD1B18368B1BA9BFECF0EB4AF320C27B5D800D1F8DA2 |
|
||||
| runscripthelper.exe | runscripthelper.exe | runscripthelper.exe | Microsoft® Windows® Operating System | a0651eb2f72ed53e1507a347e93338adf973cbe6083bd1cc0ef4dbe046b38eee |
|
||||
| hh.exe | HH 1.41 | HH.exe | HTML Help | EB63FD45ED7EC773ECCAF0F20D44BC9B4ED0A3E01779D62321B1DA954A0F6EB8 |
|
||||
| c:\windows\system32\mshta.exe | MSHTA.EXE | MSHTA.EXE | Internet Explorer | 90D204CCBD5290C6E4FCC39E9EC05F791300413136EFD5B6B5710EC1347A6E1D |
|
||||
| c:\windows\syswow64\mshta.exe | MSHTA.EXE | MSHTA.EXE | Internet Explorer | 2906DF022502B844DF48A742D8D5418B12DB50F61A8278248A62CBBAEA63B85D |
|
||||
| AddInUtil.exe | AddInUtil.exe | AddInUtil.exe | Microsoft® .NET Framework | 62AE61225ACFB2763E198FB43682A414B3F1DE3FE54DF0794AA5F78CFA65F245 |
|
||||
| c:\windows\system32\ATBroker.exe | ATBroker.exe | ATBroker.exe | Microsoft® Windows® Operating System | B5F3D2FCFFA8F2D23D94317009EBCB66C57542C99711091EB61375F3317F05F9 |
|
||||
| c:\windows\syswow64\ATBroker.exe | ATBroker.exe | ATBroker.exe | Microsoft® Windows® Operating System | EA492CD591836D9F6894EF4686205324F653B4A0BA308BF7AC01889F6D8029DE |
|
||||
| Bash.exe | Bash.exe | Bash.exe | Microsoft® Windows® Operating System | E7FD310E7E8677A8C497EFADD42F2CA67D868CAD07E569E8092B1A1FBA17EC99 |
|
||||
| CertOC.exe | CertOC.exe | CertOC.exe | Microsoft® Windows® Operating System | C57EF8D1D2D494A2E074C6A6621E83CF999D20366EBCEE9ED9837A3580794CD7 |
|
||||
| c:\windows\system32\cmstp.exe | CMSTP | CMSTP.EXE | Microsoft(R) Connection Manager | F2D3905EE38B2B5C0B724D582F14EB1DB7621FFB8F3826DF686A20784341614C |
|
||||
| c:\windows\syswow64\cmstp.exe | CMSTP | CMSTP.EXE | Microsoft(R) Connection Manager | 2EB8278210434CED87711889BA19582B7A104190310D2A06F0855A9CF5772D11 |
|
||||
| conhost.exe | ConHost | CONHOST.EXE | Microsoft® Windows® Operating System | C43CF46192DA061DD6169E55AAC4D2D08A6C33C039A7DAC0D88AA897661CBC87 |
|
||||
| CustomShellHost.exe | CustomShellHost | CustomShellHost.exe | Microsoft® Windows® Operating System | CD47FB5A9717EA4D87F526C2383EEEB023B638494982012D38F5D726A352A181 |
|
||||
| diskshadow.exe | diskshadow.exe | diskshadow.exe | Microsoft® Windows® Operating System | efdba8f93544676733c394c2af7e7cbfb77c526372b4f5ec8f900b785b7ea83d |
|
||||
| dnscmd.exe | dnscmd.exe | dnscmd.exe | Microsoft(R) Windows (R) 2000 Operating System | ca61795c330e01c7d69c0294a693ceda5d721dbe70e50db6a4790b757c7cd5a8 |
|
||||
| C:\Windows\explorer.exe | explorer | EXPLORER.EXE | Microsoft® Windows® Operating System | 81D8EA67D17BF48524C82D576F8DDADDB37A218D0566FD7F0AAB8B8FBD03F193 |
|
||||
| C:\Windows\SysWOW64\explorer.exe | explorer | EXPLORER.EXE | Microsoft® Windows® Operating System | 59AD37D4BBE7E6E257C64EA9FE449E281F1A7B4B852F9C51A0652D1EF9E0CD73 |
|
||||
| C:\Program Files (x86)\Internet Explorer\ExtExport.exe | extexport | extexport.exe | Internet Explorer | D8820E333BE39B27712C42766D1F141CB45FFBE183C43286E55ECC1B9A82FA4B |
|
||||
| C:\Program Files\Internet Explorer\ExtExport.exe | extexport | extexport.exe | Internet Explorer | EDC454BCA93A7D41D193A59953BDE82766FC6874345A71BEA2A8C52E71D06E29 |
|
||||
| c:\windows\system32\gpscript.exe | gpscript | GPSCRIPT.EXE | Microsoft® Windows® Operating System | CC8E7C42270A21829C2DBDF64AED02EE33D5682044785EB79BA3BFC151F55253 |
|
||||
| c:\windows\syswow64\gpscript.exe | gpscript | GPSCRIPT.EXE | Microsoft® Windows® Operating System | DF1C3A64F59163DE23FAB06907F80BA79C4CCFA71C377A8D6E67D28EFD379BF9 |
|
||||
| ie4uinit.exe | IE4UINIT | IE4UINIT.EXE | Internet Explorer | 60271FC88E8A6AF9D96127B57C4F1A8E477C3C0FE580E29FF6B233E9A4AB3ADC |
|
||||
| iediagcmd.exe | IEDiagCmd.exe | IEDiagCmd.exe | Internet Explorer | 753E58A658C285A7895F140B715ED733507949453DE4869CE11307CC7E93F4DE |
|
||||
| IEExec.exe | IEExec.exe | IEExec.exe | Microsoft® .NET Framework | B53ACE238A93AD5A21BBC6094111714DD66D58E4303096F801F60FCF2B68AD0B |
|
||||
| C:\Windows\System32\InfDefaultInstall.exe | InfDefaultInstall.EXE | InfDefaultInstall.EXE | Microsoft® Windows® Operating System | E59127B5FE82714956C7A1F10392A8673086A8E1F609E059935C7DA1FA015A5D |
|
||||
| C:\Windows\SysWOW64\InfDefaultInstall.exe | InfDefaultInstall.EXE | InfDefaultInstall.EXE | Microsoft® Windows® Operating System | 63805BF43B07576C68129B305A8D82E7ADCDFC38812A1515E85D45229D94C26B |
|
||||
| C:\Windows\System32\mavinject.exe | mavinject64.exe | mavinject64.exe | Microsoft® Windows® Operating System | 46A9C5234B3CC5352B5CC562B240AED83040CF993A4625C69174CF746CB1FA8D |
|
||||
| C:\Windows\SysWOW64\mavinject.exe | mavinject32.exe | mavinject32.exe | Microsoft® Windows® Operating System | 3EB188018D938080A747C3F1CF1DFF9970FF371276427C7C46A69819B21BBEB2 |
|
||||
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe | Microsoft.Workflow.Compiler.exe | Microsoft.Workflow.Compiler.exe | Microsoft® .NET Framework | CF359AFBC9F98D710A22BB0CB584F010DBA30CC16A551235AA5EEF39E8C920A8 |
|
||||
| C:\Windows\System32\mmc.exe | mmc.exe | mmc.exe | Microsoft® Windows® Operating System | CEB418CB93957EAE0D4ECFC17455F9677452E752E02D60A9A80F0A48E0AD5AF4 |
|
||||
| C:\Windows\SysWOW64\mmc.exe | mmc.exe | mmc.exe | Microsoft® Windows® Operating System | 59649B11C2F9425D1E458ED1982F8B53C763D0FE63C1D8B3119C6A6F9FD4A26F |
|
||||
| msconfig.exe | msconfig.EXE | msconfig.EXE | Microsoft® Windows® Operating System | 8BEE8EA97039D663208A2C8A209417EE6ADE3F2E11D9AFE6A511AE6CFA5EFCAD |
|
||||
| C:\Windows\System32\msdt.exe | DiagWizard | msdt.exe | Microsoft® Windows® Operating System | 94842FF132A47234F199B80CCF44B1CDEE55E402D8404D8B49255D08FBB8D9D6 |
|
||||
| C:\Windows\SysWOW64\msdt.exe | DiagWizard | msdt.exe | Microsoft® Windows® Operating System | 90D9F0D540DAE73F1F2D2248BF4B26516CE1E1C0C48F229B0906C014E8AA09B7 |
|
||||
| msedge.exe | msedge_exe | msedge.exe | Microsoft Edge | F07136953497833ED29A76CB61AD996A9C297FD3B121C129236E7B1F5EA2C280 |
|
||||
| C:\Windows\System32\msiexec.exe | msiexec | msiexec.exe | Windows Installer - Unicode | 8CA4B8B7A2F8E6E7D1DF1AE46437FC252CD9C4B78CA3C7ADCAB721BD0F68B358 |
|
||||
| C:\Windows\SysWOW64\msiexec.exe | msiexec | msiexec.exe | Windows Installer - Unicode | 445A2E800DC68DF89ABF713F3B4B632D40AE6310EF3660B42D974BB582426BC5 |
|
||||
| C:\Windows\System32\odbcconf.exe | odbcconf.exe | odbcconf.exe | Microsoft® Windows® Operating System | 476346234300504CCCF360EF8172B4E07CCA59B43B7F09818B11B71210DF3481 |
|
||||
| C:\Windows\SysWOW64\odbcconf.exe | odbcconf.exe | odbcconf.exe | Microsoft® Windows® Operating System | 5213C43C38D85BA69B406F27FA1A2505173DEA529010BF6DD34049E9CC9DC01A |
|
||||
| OfflineScannerShell.exe | OfflineScannerShell | OfflineScannerShell.exe | Microsoft® Windows® Operating System | 4821C1A5BAF89F1ECC78A39E8C5493DD1B0177B3309C61F830CB6B436F1B212C |
|
||||
| pcalua.exe | - | - | Microsoft® Windows® Operating System | 884A373AD8B032DBB13ABAB2194DC7D1A4B320EA632F3D64F974C8B3BA2DA681 |
|
||||
| pcwrun.exe | pcwrun.exe | pcwrun.exe | Microsoft® Windows® Operating System | A1A3B5728A6A3A5F059B09CED443007BEE62450BB3773D1FE6C3F5DCF41F0C67 |
|
||||
| pnputil.exe | pnputil.exe | pnputil.exe | Microsoft® Windows® Operating System | AFB26DC39F2E578C33C76456F4B31A2512583A5D458D6791B8B9CAB5BB291FA9 |
|
||||
| C:\Windows\System32\PresentationHost.exe | PresentationHost.exe | PresentationHost.exe | Microsoft® Windows® Operating System | 17D6DCFACED6873A4AC0361FF14F48313F270AC9C465E9F02B5C12B5A5274C48 |
|
||||
| C:\Windows\SysWOW64\PresentationHost.exe | PresentationHost.exe | PresentationHost.exe | Microsoft® Windows® Operating System | D9C533B6109160ABBF139D83C438806563E212D5C877192B64E4304806626C0A |
|
||||
| C:\Windows\System32\provlaunch.exe | provlaunch | provlaunch | Microsoft® Windows® Operating System | FA59827D3DE1C3F4C1CE41AFCD4C9DF0C4245796135FA984D7F5B9B9E82C3603 |
|
||||
| C:\Windows\SysWOW64\provlaunch.exe | provlaunch | provlaunch | Microsoft® Windows® Operating System | BE1628F68CAD19E6DB989634023B0E6D702960B6CD5A9B40065CED4EDEA4EE20 |
|
||||
| C:\Windows\System32\rasautou.exe | rasdlui.exe | rasdlui.exe | Microsoft® Windows® Operating System | 4D45BB9B4E57532A91CDFCD731DCE44460919A910AECDDEE778ABBA28C1A8215 |
|
||||
| C:\Windows\SysWOW64\rasautou.exe | rasdlui.exe | rasdlui.exe | Microsoft® Windows® Operating System | E95429231EA7B603D8F8CB1331C5CA7AB9A227EEF3C93AA16FF9B57777520A2E |
|
||||
| RegAsm.exe | RegAsm.exe | RegAsm.exe | Microsoft® .NET Framework | 7ACD65117EE6AC8BD996562C51B078C6DFA77E83125D948E6CA6418602CBE43C |
|
||||
| C:\Windows\System32\Register-CimProvider.exe | Register-CimProvider2.exe | Register-CimProvider2.exe | Microsoft® Windows® Operating System | 5311C4B92BDA7852580C8DF50922F8328EB5A238012F10DED7B38DC3B9D00D8E |
|
||||
| C:\Windows\SysWOW64\Register-CimProvider.exe | Register-CimProvider2.exe | Register-CimProvider2.exe | Microsoft® Windows® Operating System | 7946DD01FD7A3C2B9F33ECEDF6CE04F04D6F494830900338F4469DE6464CAA0E |
|
||||
| RegSvcs.exe | RegSvcs.exe | RegSvcs.exe | Microsoft® .NET Framework | 392E80F96DD8E817B2DF6BF8F63D82904F7530C3B25B3D447E2E171382E6A093 |
|
||||
| C:\Windows\System32\regsvr32.exe | REGSVR32 | REGSVR32.EXE | Microsoft® Windows® Operating System | 022CB167A29A32DAE848BE91AEF721C74F1975AF151807DAFCC5ED832DB246B7 |
|
||||
| C:\Windows\SysWOW64\regsvr32.exe | REGSVR32 | REGSVR32.EXE | Microsoft® Windows® Operating System | 31AEE70F9705F6578C6B41849EA3B5A948A446F494F24BEFCF5B169A1C2A71D2 |
|
||||
| runexehelper.exe | - | - | - | 2B32A0FA03E45F76AFE44979771EA95C4BBF33477936908C85FA5F22AE2A732E |
|
||||
| C:\Windows\System32\runonce.exe | RunOnce | RUNONCE.EXE | Microsoft® Windows® Operating System | C24886AF476F33CC4B05AD3A3C5C11F0DFE11AB97F37C1ED8024644BD4D23BF6 |
|
||||
| C:\Windows\SysWOW64\runonce.exe | RunOnce | RUNONCE.EXE | Microsoft® Windows® Operating System | DDAF8FEDC360E323F79B45CC1E1EB2F81F11948D567881BC588FEB32E381AC74 |
|
||||
| ScriptRunner.exe | ScriptRunner.exe | ScriptRunner.exe | Microsoft (R) Windows (R) Operating System | 7F930571DEE8BADBC68D4FF78E6891492EB9AC53720B53A5AFBD3A3DDAB49154 |
|
||||
| setres.exe | setres.exe | setres.exe | Microsoft® Windows® Operating System | 5465CA0A2666C2B403359B4238FE649E44B9C3E0C7CC696D872525E018121651 |
|
||||
| C:\Windows\System32\SettingSyncHost.exe | SettingSyncHost | SettingSyncHost.exe | Microsoft® Windows® Operating System | 349FBB1613655AC691A2EF65EF700FAD0C78463120A826A220646B488C2A8472 |
|
||||
| C:\Windows\SysWOW64\SettingSyncHost.exe | SettingSyncHost | SettingSyncHost.exe | Microsoft® Windows® Operating System | 5D8B32B9F7B68ABD21E77BB9F268120F60611FCF72388CCAB9C9DB5F267AF3E1 |
|
||||
| C:\Windows\System32\stordiag.exe | stordiag.exe | stordiag.exe | Microsoft (R) Windows (R) Operating System | 6A13DAC8BD42767DAD55D4C1ED4640F4E7F01ABB08CA05DDCDC2C348FCD6F8B3 |
|
||||
| C:\Windows\SysWOW64\stordiag.exe | stordiag.exe | stordiag.exe | Microsoft (R) Windows (R) Operating System | B812162F140A347EC78756416302CBC9204EF484FEB7623C0FFF8FF7B4B3EC04 |
|
||||
| SyncAppvPublishingServer.exe | syncappvpublishingserver.exe | syncappvpublishingserver.exe | Microsoft® Windows® Operating System | 34D4FBB47B213FE3FB07090108661AE1708A8D298CB73129C847082F8EA0425E |
|
||||
| C:\Windows\System32\ttdinject.exe | TTDInject.EXE | TTDInject.EXE | Microsoft® Windows® Operating System | C079F46E56D8A61C21F819288F4C5EFFFF33FCEA4C0460ACDDA8A1AB2916460A |
|
||||
| C:\Windows\SysWOW64\ttdinject.exe | TTDInject.EXE | TTDInject.EXE | Microsoft® Windows® Operating System | CEE81ADD81169AD97F015A29DD575FAC748E5CE0A2C56E80D840E3D0EFDBC4F6 |
|
||||
| C:\Windows\System32\tttracer.exe | TTTracer.exe | TTTracer.exe | Microsoft® Windows® Operating System | D977E51C5482BC11DEAEFBF0D467B9D804759D3CBAC283A1F6635DABF592D42D |
|
||||
| C:\Windows\SysWOW64\tttracer.exe | TTTracer.exe | TTTracer.exe | Microsoft® Windows® Operating System | BBF7E00FB8D53C0006A51829AF99315F2A97965D594EA64099925FCFAF6443F4 |
|
||||
| C:\Windows\System32\unregmp2.exe | unregmp2.exe | unregmp2.exe | Microsoft® Windows® Operating System | 21F41FEA24DDDC8A32F902AF7B0387A53A745013429D8FD3F5FA6916EADC839D |
|
||||
| C:\Windows\SysWOW64\unregmp2.exe | unregmp2.exe | unregmp2.exe | Microsoft® Windows® Operating System | CC883043ADCCFA1DD61B3DA09D89940F3B97A6E74A09AA32D0D339B0553CD728 |
|
||||
| C:\Windows\System32\verclsid.exe | verclsid.exe | verclsid.exe | Microsoft® Windows® Operating System | AC6E1F614CB902C0ABE4297646E21C70590624B652A080BFBB8407B1AB52609D |
|
||||
| C:\Windows\SysWOW64\verclsid.exe | verclsid.exe | verclsid.exe | Microsoft® Windows® Operating System | 5F6FD0BC72EB2E71918241213E97DCD8FD0DE2887A36BE58B769E8C5A4FF8598 |
|
||||
| C:\Program Files (x86)\Windows Mail\wab.exe | WAB.EXE | WAB.EXE | Microsoft® Windows® Operating System | 2681F9A925AD65714E456CAEF9BC7A61D5206449F7514E9CBC510F63B812F1AD |
|
||||
| C:\Program Files\Windows Mail\wab.exe | WAB.EXE | WAB.EXE | Microsoft® Windows® Operating System | F90571554B32B08C66DD986381DE68F29AF1E8CBB0A1C145AD36FFE2675612C5 |
|
||||
| winget.exe | AppInstallerCLI | winget.exe | Microsoft Appx Click Handler | C2DDE97FBF6059EC73338DD3D477189B28C3AB5EA7C0DBAA94CF066533702035 |
|
||||
| wlrmdr.exe | WLRMNDR.EXE | WLRMNDR.EXE | Microsoft® Windows® Operating System | 2F89115E1081C91BABAF2961CEF0BCF9C8F4EE803D3BE6E88ACE23B383FE7324 |
|
||||
| WorkFolders.exe | Work Folders | WorkFolders.exe | Microsoft® Windows® Operating System | 418512B4980C6758F5BFEFE796A744BA159BAC94A8D175B0FEF07B973C2BAAB8 |
|
||||
| wuauclt.exe | wuauclt.exe | wuauclt.exe | Microsoft® Windows® Operating System | 6DA7048E7428B7DADC46E5AC285A8D6C20E5E7F8D568FE2F2520EF69E78711C3 |
|
||||
| C:\Windows\System32\xwizard.exe | xwizard.exe | xwizard.exe | Microsoft® Windows® Operating System | 4359C82A6760D717EC367BC80B1A70E149BF7E197EA45C1188A4826570B96C50 |
|
||||
| C:\Windows\SysWOW64\xwizard.exe | xwizard.exe | xwizard.exe | Microsoft® Windows® Operating System | 03B63FD1AB52129733F576554DE9540D3F5E224405837A3D1ADF5C0A68B1D21B |
|
||||
| msedge_proxy.exe | msedge_proxy | msedge_proxy.exe | Microsoft Edge | FE124073F511CB6BF52C4C0DDF8E8E7953A8B76C052822A143B59BF12D35B75B |
|
||||
| msedgewebview2.exe | msedgewebview2_exe | msedgewebview2.exe | Microsoft Edge WebView2 | 2D8841E951E0A76BE0A0EDCAAE460EFE33E76FF2231F1C5235A3D97C2C1B9C08 |
|
||||
| wt.exe | wt | wt.exe | Windows Terminal | 67e814f1bfc8b56d2e4996d42782bb84cb265b3b2b6fbd1cc1a7ab1c6a2c1803 |
|
||||
| C:\Users\Mark\AppData\Local\Programs\ Microsoft VS Code\Code.exe | electron.exe | electron.exe | Visual Studio Code | A632FA9D1A2B6E1BFEC57F8D9732A12FB5903F5119870FA1B03618B05095BE43 |
|
||||
| C:\Program Files (x86)\Windows Kits\10\bin\ 10.0.22621.0\x64\AccChecker\AccCheckConsole.exe | AccCheckConsole.exe | AccCheckConsole.exe | Microsoft (R) Windows (R) Operating System | CBAF9EF78FBE1E4BC2BF49F191D0608F9C849FB4302BC12FA76F33A55ED8D770 |
|
||||
| Adplus.exe | Adplus.exe | Adplus.exe | Microsoft (R) Windows (R) Operating System | f2014fc82b04642307fc600a405832ba1bef52ce5014f9a64f4c26cab5c8f479 |
|
||||
| AgentExecutor.exe | AgentExecutor.exe | AgentExecutor.exe | Microsoft® Intune™ | fdc6591d01483887874eef909a7b995b90e0c1fced148d2c9243c139f8b80711 |
|
||||
| appvlp.exe | Microsoft Application Virtualization Virtual Process Launcher | appvlp.exe | Microsoft® Windows® Operating System | B9D464982CA65EBF39EBD0B937DF518BDC586DD6566724B962E6EF0D6E340D2E |
|
||||
| BGInfo.exe | BGInfo | BGInfo.exe | BGInfo | 9EDB2C6F17E4AB3B372C7992F2E33CC010F4540D2585BE5482355DDDF280C22E |
|
||||
| BGInfo64.exe | BGInfo | BGInfo.exe | BGInfo | 99CBD0CE2A5FDEF88F41B47BA07786C641D582D8A0800F39618799AD1425DF82 |
|
||||
| CDB.Exe | CDB.Exe | CDB.Exe | Microsoft® Windows NT(TM) Operating System | 52279ca6831e119f947d59946868dbff07ccc379f03ca6a63e6e2b69a905af22 |
|
||||
| coregen.exe | coregen.exe | coregen.exe | Microsoft® Silverlight | 67c468e5a0a4ec6da80bbb70dd3659f49a0139946bcb3ea8f3c81a3cd7dc84be |
|
||||
| csi.exe | csi.exe | csi.exe | csi | A1C5B8607F97BEEAB7B3C630CD0C8F9BAC05C0AE42673279766D9430E98EEBE3 |
|
||||
| defaultpack.exe | Wextract | WEXTRACT.EXE .MUI | DefaultPack | B5EFB163BC96DF2D132069338A007A4E0F67F37A8BD1601AE5B65C0A72BC6432 |
|
||||
| devinit.exe | DevInit | DevInit.EXE | DevInit Application | b936385a104d052e06087c3b23ec5537423caf008fc941bbc226518fc48a8698 |
|
||||
| DevToolsLauncher.exe | Developer Tools Launcher | DevToolsLauncher.exe | Microsoft® Windows® Operating System | CA67EF48454DACEEC12368FA079EC19142E1A75EEE88B853920326AB11311B6B |
|
||||
| dnx.exe | dnx.exe | dnx.exe | - | 4F0F63321C2FC7B614AA9E2615398C74783345A1D8B58CE200D5E5D36A204EF0 |
|
||||
| dotnet.exe | .NET Host | .NET Host | .NET | B9EACE03C8471717E3F98873527005DBD9A92367B954F8C48484D2B7B78EFBAC |
|
||||
| C:\Windows\System32\DXCap.exe | DXCap.exe | DXCap.exe | Microsoft® Windows® Operating System | DB2040860CBC9CC3E951B9C3835ABC94EA9D074E4A456A704C87785B35B8A0B9 |
|
||||
| C:\Windows\SysWOW64\DXCap.exe | DXCap.exe | DXCap.exe | Microsoft® Windows® Operating System | E29A8BBB4BE984B07B4CA988BA6B868BFA2E0B19AE6AA0F23F227BC632F91D63 |
|
||||
| mftrace.exe | mftrace.exe | mftrace.exe | Media Foundation Tracing Application | 6C3F5B155721DED42A7B3BCA459EE1D8D0433081C93E2011C64BBB5C91F914A2 |
|
||||
| Microsoft.NodejsTools.PressAnyKey.exe | Microsoft.NodejsTools.PressAnyKey.exe | Microsoft.NodejsTools.PressAnyKey.exe | Microsoft® VisualStudio® | 07dd0589963c6bc13bf016f1e32de249e7016dbbb356f19379bdc778d9c0bd5e |
|
||||
| MSDeploy.exe | MSDeploy.exe | MSDeploy.exe | MSDeploy | 0418b1b8f29482da77134fa3a296ae842f87bac07bddeb4011b426ffd942f8f1 |
|
||||
| msxsl.exe | msxsl | msxsl.exe | Command Line XSLT | 35ba7624f586086f32a01459fcc0ab755b01b49d571618af456aa49e593734c7 |
|
||||
| OpenConsole.exe | Host.EXE | OpenConsole.exe | Windows Terminal | 549fe42ea5fe0bcc24cbc9cf13b0ccdbb1a8a59326671fce7872aa82a334e671 |
|
||||
| ProcDump.exe | ProcDump | procdump | ProcDump | 8AE63DDACE21276FA6CB4B2613468E5730FC550A1374543372972E52DC232EC6 |
|
||||
| remote.exe | remote.exe | remote.exe | Microsoft® Windows® Operating System | 49356308C8C80FD01F93734930DCDAABA75784383CEA82A23A832EC8FB0011FC |
|
||||
| sqlps.exe | SQLPS.exe | SQLPS.exe | Microsoft SQL Server | 615F14ECA159504BDC028D9F2EC860F0F8E5EDAD8CB7835E0E2EDA62780F3CF0 |
|
||||
| sqltoolsps.exe | SQLToolsPS.exe | SQLToolsPS.exe | Microsoft SQL Server | 33C98F2EF9651A737472D471CD16D5EF71308B79B1DD1B0F6F84931C970CB29F |
|
||||
| Update.exe (squirrel.exe) | Update.exe | Update.exe | Microsoft Teams | 15dcc8c270a9313aa7f6461ddfd5bf0566cae0ddff52ac88df247bb104145853 |
|
||||
| TE.exe | TE | TE.exe | Test Authoring and Execution Framework | A01DC612833A21C234E01EC3008156C08468C82CA1C81A1AAC6A2A2817D8F762 |
|
||||
| Teams.exe | Teams | Teams.exe | Microsoft Teams | 9c9ea100cc824cf98bb8c600f6d2618615d327e837db2573951d63906d546bee |
|
||||
| Tracker.exe | Tracker.exe | Tracker.exe | Microsoft® Build Tools® | 7F01C5256635D76ECAB039EB2310E52F61E9C1E844996967EF5ED9A5271ADE03 |
|
||||
| VSDiagnostics.exe | VSDiagnostics.exe | VSDiagnostics.exe | Microsoft® Visual Studio® | F5BCB2DF3155E206B412A09C147DD9D4745A502EDCBFC22E57E1B0DE507B0174 |
|
||||
| VSIISExeLauncher.exe | VSIISExeLauncher.exe | VSIISExeLauncher.exe | - | F3A0C8CAD40ADDFE6203D93FA78A4568C96C9779DEF708977EF9BFA5696338CA |
|
||||
| vshadow.exe | vshadow.exe | vshadow.exe | VShadow | E227F93D65FD04F9F94B2BD375AE0E86F94FDD352A88BA744E6D1476CEECDD15 |
|
||||
| VsJITDebugger.exe | VsJITDebugger.exe | VsJITDebugger.exe | Microsoft® Visual Studio® | 01F9F5A4938D59B7E694778F595E042425B899042E780CE609709A1BDDF4F18D |
|
||||
| wsl.exe | wsl.exe | wsl.exe | Microsoft® Windows® Operating System | A4D85E034F314FFC3EBC92508C4EC9BB8BB2BDED2ED8C9FC662D60C7898ED81D |
|
||||
| vsls-agent.exe | vsls-agent.dll | vsls-agent.dll | Visual Studio Live Share Agent | E8C74212CAF26E98825919A0D00E8E0395D34116A7312E5F37E58C5EE942728D |
|
||||
| AppInstaller.exe | AppInstaller | AppInstaller.exe | Microsoft Appx Click Handler | E6D40E1FFEB2B6B5628132B1BF10FCB6354CE656344BB697E37D863B8A4EA18B |
|
||||
| CertReq.exe | CertReq.exe | CertReq.exe | Microsoft® Windows® Operating System | 418D266E41CBC053A1FABA2697E210FCC6963B33C1B40CAB20428EB297F31D02 |
|
||||
| CertUtil.exe | CertUtil.exe | CertUtil.exe | Microsoft® Windows® Operating System | BF072F9A6A15B550B13AE86A4FBD3FA809D2A13236847AE9FA9A68F41386106E |
|
||||
| cmdl32.exe | CMDL32 | CMDL32.EXE | Microsoft(R) Connection Manager | 28A7FF1AE045EB1FE7ED6A7DCD9B2212411C449A8AFE0E652071AF48BEAC610D |
|
||||
| ConfigSecurityPolicy.exe | ConfigSecurityPolicy.exe | ConfigSecurityPolicy.exe | Microsoft® Windows® Operating System | 65FA5DB3C388AAC18E01075A805DAD89B02A4C69297009E9E4BC81D6F66198D0 |
|
||||
| desktopimgdownldr.exe | desktopimgdownldr.exe | desktopimgdownldr.exe | Microsoft® Windows® Operating System | 7C34A4F39247BFB5E542AAF5A62403B67353D6EA9F46A1B0D2D69F258C339A7A |
|
||||
| diantz.exe | diantz.exe | diantz.exe | Microsoft® Windows® Operating System | 36E9F9DFC25C797572058A99C494BA1F1EFC300E52004EEB635862FA05C44991 |
|
||||
| esentutl.exe | esentutl.exe | esentutl.exe | Microsoft® Windows® Operating System | 753FEB8E2BC07B6ED0E3BA836A33EC3C6F097A237FB9D48C23938892C8A16F4A |
|
||||
| expand.exe | expand | expand | Microsoft® Windows® Operating System | 210A43646B58A60035CEDC30281F3414DD6A551A62255AAC7EF828C5D7EA46CE |
|
||||
| extrac32.exe | extrac32.exe | extrac32.exe | Microsoft® Windows® Operating System | A224559FD6621066347A5BA8F4AEECEEA8A0A7A881A71BD36DE69ACEB52E9DF7 |
|
||||
| findstr.exe | findstr | FINDSTR.EXE | Microsoft® Windows® Operating System | B29BE6DA54121F5D9350C545ECECCE26F30A7F209CE0D9AAEA8E00C27DDA27A2 |
|
||||
| finger.exe | finger.exe | finger.exe | Microsoft® Windows® Operating System | D6C52EA560D6009505545E53C481F1D75579E11DADE120CF164EBD196824BA91 |
|
||||
| imewdbld.exe | imewdbld.exe | imewdbld.exe | Microsoft® Windows® Operating System | E41B6E1DC3B77040B10FF3DC3BC54AB528DC0CBBBB9841D3AD05FD2136E542A9 |
|
||||
| ldifde.exe | ldifde.exe | ldifde.exe | Microsoft® Windows® Operating System | 597FCE3A506B2A6E9105EEEA6E13AF62D19BB24ABF20071BFDD07F167E51F07B |
|
||||
| makecab.exe | makecab.exe | makecab.exe | Microsoft® Windows® Operating System | 5AF04D753B84466110F514B7FD9CBA8456AC18076D6A7B6847AFDE1232000C38 |
|
||||
| MpCmdRun.exe | MpCmdRun | MpCmdRun.exe | Microsoft® Windows® Operating System | 4B9ACE449FC8E4A666FD7E1B650D22EC85A0DC405DDF4BA58A2B938C00CB896C |
|
||||
| OneDriveStandaloneUpdater.exe | OneDriveStandaloneUpdater.exe | OneDriveStandaloneUpdater.exe | Microsoft OneDrive | b372c19847567ff93102b6062c7071fc17a6c9abcaad7a072dd7b287e8a908ef |
|
||||
| PrintBrm.exe | PrintBrm.exe | PrintBrm.exe | Microsoft® Windows® Operating System | 5B0024C00DD8729E29C70ADB8B9C3E54D53DC4847F074A19F7F985FA96D596A2 |
|
||||
| replace.exe | replace | REPLACE.EXE | Microsoft® Windows® Operating System | 93428200FE89428D0DBD197FB9A8019ACCEFB0E6BC9D14B856DC8714DE37FB39 |
|
||||
| GfxDownloadWrapper.exe | GfxDownloadWrapper.exe | GfxDownloadWrapper.exe | Intel® Graphics Control Panel | E11BC8F788116AC5F83F5C07C1CA53A0B0D37B48AF2A9CEB50FE2BEFA52C2963 |
|
||||
| MSPUB.EXE | MSPUB | MSPUB.EXE | Microsoft Office | ac52e48209f9fb0e961dd6b7b427f1037df61de3496315293b6b5b268d43ef4c |
|
||||
| rundll32.exe | rundll | RUNDLL32.EXE | Microsoft® Windows® Operating System | 00BE065F405E93233CC2F0012DEFDCBB1D6817B58969D5FFD9FD72FC4783C6F4 |
|
Loading…
Reference in New Issue
Block a user