Windows Process name hashes – List 1

accesschk.exe                      = 0x9ee47cc6
accessenum.exe                  = 0x03e17cb7
adexplorer.exe                     = 0x3ee17c67
adinsight.exe                       = 0x9fe67ca6
adrestore.exe                       = 0xbfe5fcce
aircrack-ng gui.exe             = 0x4d4668b4
anubis.exe                           = 0x52d5fa16
apimonitor.exe                   = 0x10ec3c9f
apis32.exe                           = 0x6ed7fb8e
apispy32.exe                       = 0x94d4bd8e
autologon.exe                    = 0xace67d4e
autoruns.exe                      = 0xbed23c1e
autorunsc.exe                    = 0xb0e77dce
avp.exe                               = 0x26cdf916
bdagent.exe                       = 0x85d43a7e
bginfo.exe                          = 0x40d4fa6e
cacheset.exe                      = 0x83d77c26
cain.exe                             = 0x4acdf96e
camrecorder.exe               = 0x1ae33177
camtasiastudio.exe           = 0x12852a34
clockres.exe                       = 0x96d47c76
comview.exe                     = 0x94d73a36
contig.exe                          = 0x42d7ba16
coreinfo.exe                       = 0x9ed0fc4e
ctrl2cap.exe                       = 0xffd17c16
cv.exe                                = 0x25c1d946
dbgview.exe                      = 0x98d43a66
desktops.exe                      = 0x98d0fc06
disk2vhd.exe                     = 0xcdd3fc66
diskext.exe                        = 0x85d73ab6
diskmon.exe                     = 0x88d63aee
diskview.exe                     = 0x80d03c56
drvinst64.exe                    = 0x99e7bc5e
drvloader.exe                    = 0xa8e4bd16
du.exe                               = 0x24c1d95e
dumpcap.exe                    = 0x9dd0fa26
dumper.exe                      = 0x4ad6baf6
dumper64.exe                  = 0x8bd4fdce
efsdump.exe                     = 0x89d6bae6
egui.exe                            = 0x4fcd391e
emmett.exe                      = 0x49d43a76
erdnt.exe                          = 0x57cd7a5e
erunt.exe                          = 0x57cf7a5e
etherd.exe                        = 0x45d43aae
filemon.exe                      = 0x82d63a1e
findlinks.exe                    = 0x90e6fc9e
handle.exe                       = 0x43d73a76
hex2dec.exe                     = 0xced43a96
idag.exe                           = 0x44cd794e
idag64.exe                       = 0x65d77b3e
immunitydebugger.exe  = 0x665c6ac2
iptools.exe                       = 0x9ad07ad6
iris.exe                            = 0x4ecfb96e
irise.exe                           = 0x5fccfa4e
irissvc.exe                       = 0x8ed37a5e
joeboxcontrol.exe           = 0x4f8cf13c
joeboxserver.exe             = 0x32897167
junction.exe                    = 0xb6d73cde
k7emlpxy.exe                  = 0x21d6bcf6
k7fwsrvc.exe                   = 0x32d67c1e
k7pssrvc.exe                    = 0x32d3fc3e
k7rtscan.exe                    = 0x34d17c56
k7sysmon.exe                 = 0x34d0bc0e
k7systry.exe                    = 0x3fd3bc7e
k7tsalrt.exe                     = 0x2bd13c2e
k7tsecurity.exe               = 0x47eeb0e6
k7tsmngr.exe                 = 0x24d17c7e
k9.exe                             = 0x02c1d966
k9filter.exe                     = 0x38d6bca6
k9nt.exe                         = 0x4fc6f976
kasavsrv.exe                  = 0x90d37cbe
kaspersky.exe                = 0xb7e67c5e
kasperskyaveng.exe      = 0x1099a9ac
keyscrambler.exe          = 0x4686b0a7
ldmdump.exe                = 0x99d63a16
listdlls.exe                      = 0x90d0bc06
livekd.exe                       = 0x5bd63a2e
loadord.exe                    = 0x93d7fa0e
logonsessions.exe          = 0x5088713c
mbam.exe                     = 0x45cdb94e
mkisofs.exe                   = 0x8ed6fa1e
movefile.exe                  = 0x95d13c86
netmon.exe                   = 0x5cd7ba5e
netsniffer. exe               = 0x24ed50ef
netstat.exe                     = 0x89d63ae6
npfmsg.exe                    = 0x4ad7ba8e
ntfsinfo.exe                    = 0xaad5fc3e
observer.exe                   = 0x92d3fc86
odb.exe                           = 0x2fcc395e
ollydbg.exe                     = 0x8ad63a2e
outpost.exe                     = 0x8bd17aae
ovftool.exe                      = 0x83d1fa4e
pagedfrg.exe                   = 0x8ad4fd3e
pebrowsedbg.exe            = 0x02e133cf
pendmoves.exe               = 0x96eefc66
petools.exe                      = 0xaad57ad6
pipelist.exe                      = 0x9bd0bd3e
portmon.exe                   = 0xbed7baee
prl_cc.exe                       = 0x42d27ade
prl_tools.exe                   = 0x92eb7de6
procdump.exe                 = 0xa5d4bd76
processmonitor.exe         = 0x98822d1c
procex.exe                       = 0x4dd1fac6
procexp.exe                     = 0xa7d1ba56
procmon.exe                   = 0xa8d0ba0e
psexec.exe                       = 0x4ad2bac6
psfile.exe                         = 0x4bd0bae6
psgetsid.exe                     = 0xbfd67d56
psinfo.exe                        = 0x40d07ace
pskill.exe                         = 0x43d0bae6
pslist.exe                         = 0x49d0ba9e
psloggedon.exe               = 0x56ed3c9f
psloglist.exe                    = 0x93efbd0e
pspasswd.exe                  = 0xb9d3fd0e
psping.exe                       = 0x5cd0baee
psservice.exe                   = 0xbded3dee
psshutdown.exe              = 0x5ae8fd8f
pssuspend.exe                 = 0xbbe8bdde
qemu.exe                        = 0x55cd797e
rammap.exe                   = 0x4bd0ba46
regdelnull.exe                 = 0x41e4bc67
regjump.exe                    = 0xabd63a46
regmon.exe                     = 0x4ed0ba5e
regshot.exe                      = 0xb1d5ba4e
rootkitrevealer.exe          = 0x50782be4
ru.exe                               = 0x24c1d906
sample.exe                       = 0x41d33a76
sandboxiecrypto.exe        = 0x5e68a834
sandboxiedcomlaunch.exe= 0xe8cddc54
sandboxierpcss.exe            = 0x008c6d6c
sandboxieserver.exe          = 0x5a6c68c4
sbiectrl.exe                         = 0x8dd53d1e
sbiesvc.exe                          = 0xacd77a5e
sdelete.exe                          = 0xa7d43a36
sharedintapp.exe               = 0x1d9d3107
shareenum.exe                  = 0x8fe97ca6
shellrunas.exe                    = 0x44e3fc87
sigcheck.exe                       = 0x90d4bd6e
sniff_hit.exe                       = 0x89ecbca6
sniffer.exe                          = 0xa6d6fa16
storepwd.exe                      = 0xa3d43dbe
streams.exe                        = 0xa4d0bae6
strings.exe                          = 0xa8d17ace
superantispyware.exe        = 0x19722c3b
symantec_security2008.exe = 0x6545661e
symantec32.exe                  = 0x6ceafd7f
symrecv.exe                        = 0xb0d33a2e
sync.exe                              = 0x5ccef976
sysanalyzer.exe                  = 0x64ef7247
syser.exe                             = 0x5ecfbac6
tcpdump.exe                      = 0xa9d7baf6
tcpvcon.exe                        = 0xb4d57afe
tcpview.exe                        = 0xb8d43ad6
vba32arkit.exe                   = 0xedf1fc77
vboxservice.exe                 = 0x31e233af
vboxtray.exe                      = 0x91d47df6
virtualbox.exe                   = 0x79e47d4f
vixdiskmountserver.exe   = 0x0b945fe3
vm.exe                              = 0x28c1d916
vm_sti.exe                        = 0x55d27a76
vm303_sti.exe                 = 0x33f87e56
vm305_sti.exe                 = 0x33f87e66
vm331_sti.exe                 = 0x33f8fe46
vmacthlp.exe                   = 0x89d4bd16
vmagic.exe                      = 0x4ed0fa06
vmagicppii.exe                = 0x49e33c67
vmc.exe                           = 0x2fcf397e
vmc_pbstarter.exe          = 0xf687b004
vmconnect.exe                = 0x8ded3cee
vmconsole.exe                 = 0x99ec7cd6
vmcpsms.exe                   = 0xb8d4fa66
vmdfw.exe                       = 0x48cd7aee
vmgateway.exe               = 0x89ecfc36
vmh.exe                           = 0x2acf397e
vmisrv.exe                       = 0x4cd27a6e
vmlib.exe                         = 0x42cc7ad6
vmmap.exe                     = 0x4bcc7af6
vmnat.exe                        = 0x49cc3af6
vmnetcfg.exe                   = 0x82d67d0e
vmnetdhcp.exe                = 0x9dee3c3e
vmodes.exe                      = 0x48d0ba36
vmonitor.exe                   = 0x94d4bd7e
vmotor.exe                       = 0x48d2ba1e
vmount2.exe                    = 0x9cd77a66
vmplayer.exe                   = 0x9cd2bd46
vmpttray.exe                   = 0x8dd3fd96
vmrun.exe                       = 0x44cfbaa6
vmserverdwin32.exe       = 0x2c9dec8c
vmsnap23.exe                 = 0xbcd33c0e
vmsnap3.exe                   = 0x86d6ba96
vmsnap326.exe               = 0x92e7fdde
vmsnap5.exe                   = 0x85d6ba96
vmsrvc.exe                      = 0x5cd27a7e
vmss.exe                          = 0x50cc7906
vmss2core.exe                 = 0xa9eb7e4e
vmstmp.exe                     = 0x55d2ba16
vmtools.exe                      = 0xa6d77ad6
vmtoolsd.exe                    = 0x99d13d0e
vmupdatelauncher.exe    = 0xaa5c2d93
vmusrvc.exe                     = 0xb2d4fabe
vmware-authd.exe           = 0x4f83b0f7
vmware-converter-all.exe= 0xba9f7cfe
vmware-hostd.exe            = 0x558370c7
vmware-remotemks-debug.exe   = 0x60dd2ef7
vmware-remotemks.exe              = 0x54472dfa
vmware-tray.exe                          = 0x05ed70d7
vmware-ufad.exe                         = 0x0beff0d7
vmware-unity-helper.exe            = 0x2dc812ce
vmware-updatemgr.exe               = 0x4447ac8a
vmware-vdiskmanager.exe          = 0xa1c9d2fe
vmware-vmx-debug.exe              = 0x76546d82
vmware-vmx-stats.exe                 = 0x6c542d32
vmware-vmx.exe                         = 0x11e57d27
vmware-vprobe.exe                      = 0x3985727c
vmware.exe                                   = 0x5bd03a6e
vmwareservice.exe                        = 0x8181326c
vmwaretoolsupgrader.exe             = 0x49d012bc
vmwaretoolsupgrader9x.exe        = 0xbf543c5c
vmwaretoolsupgradernt.exe        = 0xb9543d04
vmwaretray.exe                           = 0x49e5fd17
vmwareuser.exe                           = 0x4ce5fd07
vnetlib.exe                                    = 0xb4d7ba46
vnetlib64.exe                                = 0xa7eb7d8e
vnetsniffer.exe                              = 0x1ae473a7
vnetstats.exe                                = 0x98eb3c76
volumeid.exe                               = 0x9fd63db6
vprintproxy.exe                          = 0x4be8f2d7
whois.exe                                    = 0x4ecc3ad6
winapioverride32.exe                 = 0x40492bfb
windbg.exe                                 = 0x42d0ba0e
windump.exe                             = 0xadd53a06
winobj.exe                                  = 0x44d1fa0e
winspy.exe                                  = 0x4dd27a46
wireshark.exe                            = 0xa4ef3c0e
wspass.exe                                 = 0x56d03a9e
zip.exe                                       = 0x26ceb96e
zoomit.exe                                = 0x4bd2ba16
zxsniffer.exe                             = 0xa6eb7d86

Advertisements
This entry was posted in Malware, Malware Analyzer, Reversing, Shellcode, Windows and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s