File details
File name: snmptrap.exe
Name: SNMP Trap
Description: Microsoft® Windows® Operating System
Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product version: 6.1.7600.16385
Size: 14 KB
Original file name: snmptrap.exe.mui
Windows file protection:
Yes
Resource utilization
 | CPU utilization averages |
Total CPU: 0.0001108839%
Privileged CPU:
0.0000554419%

User CPU:
0.00005544193762%

Privileged CPU time: 5.2 ms
Privileged CPU time /min: 0 ms
CPU cycle count:
713,055,282
CPU cycle count /min: 2,159,243
 | Memory utilization averages |
Committed memory:
35.48 MB
Peak committed memory: 36.23 MB
Paged memory:
3.57 MB
Peak paged memory: 3.65 MB
Paged system memory:
55.77 KB
Non-paged system memory: 13.91 KB
Working set memory:
6.29 MB
Peak working set memory: 6.31 MB
Min working set memory: 6.26 MB
Private memory:
3.57 MB
Page faults:
1,639
Page faults /min: 11
 | Process I/O averages |
Total read operations:
2
Read operations /min: 1
Total read transfer: 8 KB
Read transfer /min: 61 Bytes
Total other operations:
8,805
Other operations /min: 27
Total other transfer: 136.04 KB
Other Transfer /min: 425 Bytes
Resources
Handle count average: 115
Thread count average: 16
Thread resource averages
Total CPU: 0.003975110448%
Privileged CPU: 0.001987555224%
User CPU: 0.001987555224%
CPU Cycle count /sec: 141,675
Module memory size: 124 KB
Process details
Runs as (owner): Local Service
Integrety level: System
Windows platform: 64-bit
Runs as a service: Yes
Parent Process
Process Command
C:\Windows\System32\snmptrap.exe
Service details
Name: Παγίδευση SNMP
Service name: SNMPTRAP
Service type:
Win32OwnProcess
Description: “Παραλαμβάνει μηνύματα παγίδευσης που έχουν δημιουργηθεί από τοπικούς ή απομακρυσμένους παράγοντες SNMP και προωθεί τα μηνύματα σε προγράμματα διαχείρισης SNMP που εκτελούνται σε αυτόν τον υπολογιστή. Αν η υπηρεσία αυτή διακοπεί, τα προγράμματα SNMP σε αυτόν τον υπολογιστή δεν θα λαμβάνουν μηνύματα παγίδευσης SNMP. Αν η υπηρεσία απενεργοποιηθεί, οι υπηρεσίες που εξαρτώνται ρητά από αυτήν δεν θα μπο”
Network connectivity
UDP: LISTENING on port 162
Image hashes
MD5: 6313f223e817cc09aa41811daa7f541d
SHA-1: e82089159a6ed6d11e308c88527ca636c43209af
SHA-256: d787061043beedb9386b048cb9e680e6a88a1cbae9bd4a8c0209155bfb76c630
PE image details
Subsystem: Windows Console
Langauge*: Microsoft Visual C++
File entropy: 5.63683
File packed: No
Import Table
advapi32.dll

SetServiceStatus
FreeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
kernel32.dll

SetEvent
LeaveCriticalSection
CloseHandle
DisconnectNamedPipe
ResetEvent
GetOverlappedResult
GetLastError
WriteFile
EnterCriticalSection
GlobalAlloc
GlobalFree
WaitForSingleObject
GetTickCount
ConnectNamedPipe
CreateNamedPipeA
DeleteCriticalSection
CreateEventA
InitializeCriticalSection
RegisterApplicationRestart
GetCommandLineW
HeapSetInformation
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
msvcrt.dll
ws2_32.dll
