If you need a for educational or defensive purposes (e.g., for a security blog, an alert, or an internal IT document), here is a draft you can use:
The legitimate file is typically found in C:\Windows\ or a subfolder related to hardware drivers (like C:\Windows\System32\ ). If you find it in a temporary folder or Documents , it may be malicious. wind64.exe