File details
File name: iexplore.exe
Name: Windows® Internet Explorer
Description: Internet Explorer
Version: 10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
Product version: 10.00.9200.16521
Size: 752.59 KB
Original file name: IEXPLORE.EXE.MUI
Windows file protection:
Yes
Digital certificate
Certificate authority:
Microsoft Corporation
Effective date: 7/19/2010
Expiration date: 10/19/2011
Resource utilization
 | CPU utilization averages |
Total CPU: 0.0814893258%
Privileged CPU:
0.0407867987%

User CPU:
0.04070252710870%

Privileged CPU time: 39627.61 ms
Privileged CPU time /min: 24 ms
CPU cycle count:
346,315,148
CPU cycle count /min: 556,047,247
Context switches /sec:
406
 | Memory utilization averages |
Committed memory:
467.75 MB
Peak committed memory: 491.25 MB
Paged memory:
125.79 MB
Peak paged memory: 131.64 MB
Paged system memory:
478.06 KB
Non-paged system memory: 103.32 KB
Working set memory:
118.37 MB
Peak working set memory: 149.26 MB
Min working set memory: 82 MB
Private memory:
125.79 MB
Page faults:
714,440
Page faults /min: 293
 | Process I/O averages |
Total read operations:
29,021
Read operations /min: 16
Total read transfer: 50.26 MB
Read transfer /min: 18.62 KB
Total write operations:
9,029
Write operations /min: 7
Total write transfer: 88.34 MB
Write transfer /min: 186.46 KB
Total other operations:
355,474
Other operations /min: 640
Total other transfer: 14.92 MB
Other Transfer /min: 12.19 KB
 | GUI Object Averages |
GDI objects:
195
Peak GDI objects: 217
USER objects:
100
Peak USER objects: 140
Resources
Handle count average: 908
Thread count average: 32
Thread resource averages
Total CPU: 0.434035472413%
Privileged CPU: 0.097300555579%
User CPU: 0.336734916834%
CPU Cycle count /sec: 12,162,009
Context switches /sec: 18
Module memory size: 752 KB
wow64win.dll

Total CPU: 0.059986430204%
Privileged CPU: 0.039751497305%
User CPU: 0.020234932899%
CPU Cycle count /sec: 1,296,756
Context switches /sec: 12
Module memory size: 360 KB
wow64.dll

Total CPU: 0.031829748851%
Privileged CPU: 0.012842908568%
User CPU: 0.018986840283%
CPU Cycle count /sec: 1,745,912
Context switches /sec: 12
Module memory size: 252 KB
ntdll.dll

Total CPU: 0.002126439636%
Privileged CPU: 0.000930030219%
User CPU: 0.001196409417%
CPU Cycle count /sec: 39,708
Module memory size: 1.66 MB
Total CPU: 0.001492369332%
Privileged CPU: 0.000699548133%
User CPU: 0.000792821198%
CPU Cycle count /sec: 611,663
Context switches /sec: 18
Module memory size: 368 KB
ntdll.dll

Total CPU: 0.000373092125%
Privileged CPU: 0.000373092125%
User CPU: 0.000000000000%
CPU Cycle count /sec: 6,894
Module memory size: 1.66 MB
Process details
Runs as (owner): User
Integrety level: Low
Windows platform: 64-bit
Parent Process
Child Process
Process Commands
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEC:4576 CREDAC:2102576 /prefetcC:2
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEC:4576 CREDAC:267521 /prefetcC:2
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEC:3096 CREDAC:209921 /prefetcC:2
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEC:6092 CREDAC:529670 /prefetcC:2
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" SCODEC:6092 CREDAC:791844 /prefetcC:2
Shell open command details
Name: gopher
Command: "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
Scheduled task details
CLSID: {DC7ABF42-D45A-4D97-B5A3-E1981D317C8A}
Command: \{DC7ABF42-D45A-4D97-B5A3-E1981D317C8A}
Image hashes
MD5: 7ba1862b8a5698dc5fcfdff3bc359de9
SHA-1: 52ff0b1467033b6fbb36b8848068a2606827c212
SHA-256: 9819113d1d9f9f6640badf0a469eef93426bc690bff983d489ae9b9b7fc0ffb4
PE image details
Subsystem: Windows GUI
Langauge*: Microsoft Visual C++
File entropy: 6.58338
File packed: No
Import Table
advapi32.dll

EventWrite
GetTraceEnableFlags
RegQueryValueExW
EventUnregister
GetTraceLoggerHandle
TraceEvent
UnregisterTraceGuids
RegOpenKeyExW
EventRegister
GetTraceEnableLevel
RegCloseKey
RegisterTraceGuidsW
api-ms-win-downlevel-advapi32-l1-1-0.dll

RegGetValueW
RegOpenKeyExW
EventRegister
RegCloseKey
EventUnregister
EventWrite
RegQueryValueExW
api-ms-win-downlevel-shlwapi-l1-1-0.dll

kernel32.dll

Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
TerminateProcess
CreateFileW
lstrlenW
VerifyVersionInfoW
GetLastError
GetProcAddress
LocalAlloc
IsWow64Process
HeapSetInformation
GetFileTime
DeleteCriticalSection
CloseHandle
GetWindowsDirectoryW
LocalFree
ExpandEnvironmentStringsW
LoadLibraryW
GetModuleHandleW
GetCurrentProcess
VerSetConditionMask
SetDllDirectoryW
CreateProcessW
SetErrorMode
GetCommandLineW
RaiseException
LoadLibraryA
GetSystemDefaultLCID
GetUserDefaultLCID
EnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetVersionExA
FreeLibrary
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentDirectoryW
InitializeCriticalSection
GetVersionExW
SetLastError
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
LoadResource
FindResourceExW
ReleaseMutex
LoadLibraryExA
SetProcessDEPPolicy
VirtualAlloc
GetNativeSystemInfo
msvcrt.dll
ntdll.dll

ole32.dll

CoUninitialize
CoInitialize
shell32.dll

shlwapi.dll

SHGetValueW
SHRegGetValueW
SHSetValueW
UrlApplySchemeW
PathIsURLW
UrlCanonicalizeW
PathFindFileNameW
UrlCreateFromPathW
StrStrW
PathCombineW
PathRemoveFileSpecW
PathAppendW
PathQuoteSpacesW
SHEnumValueW
user32.dll

IsWindowEnabled
LoadStringW
CharNextW
GetWindowThreadProcessId
SendMessageTimeoutW
FindWindowExW
MessageBoxW
IsWindowVisible
AllowSetForegroundWindow