CIDiag.exe
- File Path:
C:\Windows\system32\CIDiag.exe
- Description: CodeIntegrity Diagnostic Tool
Hashes
| Type |
Hash |
| MD5 |
5696CFEF580411AEE71ADFE686CF1499 |
| SHA1 |
1CFF744DE5F685C24365207FC6E10D709852792E |
| SHA256 |
E9E387DB5C134DD7779379F56E0EB4069E4D8196BDFCC6809197DCD3FAAECA40 |
| SHA384 |
7B3F6CB0E3AE8945E9F27B26BDD0CB7B9513D62C507A4D2282BDFA18B2D78A57D6A75A2210C62944E0B21592C53CA3E8 |
| SHA512 |
841E71314EFB57F2CD15DD7BFC30968C7677A7FE703B39B8E0BAAB309D3672D48D4B3F7B8C190D620EB4ED963020468117E9EE998DC98D87F7D80926DCB31BD3 |
| SSDEEP |
768:rDLdzvIt8/0aDYKmavLCevHImDnyz5OkqNYl0ENhsvorBgT8d:rDhzvIt8/0aDYKmavLCCFDnyzDqG+E3V |
| IMP |
792497AF5DD0DF4A915F2F6B0FE22F3D |
| PESHA1 |
9323ABDDCD381082DDB33CBB3428186C4D92EC9A |
| PE256 |
F806BDF33D116D0C9624345335C7DB46D5CBCBB8B9F399EED10EF13EAF9A823E |
Runtime Data
Usage (stdout):
Usage: "CIDiag.exe /start", "CIDiag.exe /stop <outputpath>", or "CIDiag.exe /stop /nologs <outputpath>"
Loaded Modules:
| Path |
| C:\Windows\system32\CIDiag.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: CIDiag.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.985 (WinBuild.160101.0800)
- Product Version: 10.0.19041.985
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/e9e387db5c134dd7779379f56e0eb4069e4d8196bdfcc6809197dcd3faaeca40/detection
MIT License. Copyright (c) 2020-2021 Strontic.