SPEnroll.exe

One Identity Password Manager

Dell Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SPEnroll’.
Publisher:
Dell Software  (signed by Dell Inc)

Product:
One Identity Password Manager

Version:
5.6.3.6979

MD5:
840d01525d7cbb4b8ca656b7a315974b

SHA-1:
e93defc6280252619d9a8d2ef431d05162ea5e03

SHA-256:
78ff095b6886994a668b32a7a913bf02a21d32d54ec6515a1963352417416910

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:24:30 AM UTC  (today)

File size:
3.4 MB (3,525,536 bytes)

Product version:
5.6.3.6979

Copyright:
© 2016 Dell Inc. ALL RIGHTS RESERVED.

Original file name:
SPEnroll.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\spenroll.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
2/29/2016 7:00:00 PM

Valid to:
3/6/2019 7:00:00 AM

Subject:
CN=Dell Inc, O=Dell Inc, L=Round Rock, S=Texas, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
088F8716C0EBC88C848638BD90B17581

File PE Metadata
Compilation timestamp:
6/28/2016 12:43:40 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:Y9hbYC3srg294D4YfohdRKQkPBIwdEUHXc0dlSJsK02eG38kT4niupl:6hbY2HOGR+sK02r38/ii

Entry address:
0x1B0350

Entry point:
48, 83, EC, 28, E8, EB, C7, 00, 00, 48, 83, C4, 28, E9, 02, 00, 00, 00, CC, CC, 48, 89, 5C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 30, E8, E4, 7F, 00, 00, 0F, B7, F0, B9, 02, 00, 00, 00, E8, 77, C7, 00, 00, B8, 4D, 5A, 00, 00, 48, 8D, 3D, 6F, FC, E4, FF, 66, 39, 05, 68, FC, E4, FF, 74, 04, 33, DB, EB, 31, 48, 63, 05, 97, FC, E4, FF, 48, 03, C7, 81, 38, 50, 45, 00, 00, 75, EA, B9, 0B, 02, 00, 00, 66, 39, 48, 18, 75, DF, 33, DB, 83, B8, 84, 00, 00, 00, 0E, 76, 09, 39, 98, F8, 00, 00, 00, 0F, 95, C3, 89...
 
[+]

Entropy:
5.6734

Code size:
1.9 MB (1,972,736 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SPEnroll

Command:
C:\Windows\System32\spenroll.exe