CIDiag.exe

  • File Path: C:\WINDOWS\system32\CIDiag.exe
  • Description: CodeIntegrity Diagnostic Tool

Hashes

Type Hash
MD5 719288CA39F1AF8488FADE3FCDE0FFD4
SHA1 57C894C8D07C5A02E51DA585BA1B0A803680D739
SHA256 C115B25FBA04596C344B100689C723E32998B27B0E42BD41F498B0845A4591E3
SHA384 41BF094ADDD3912BC68E775A75D88FE5CF7A87969D503E36B8EAE4090C040EAB0E27614B5AF9D4E19EC10F21E0049EA5
SHA512 E3534E1E086AD70EF6CC6061D6EF549762D0F700366D0CD9BCCFA28910217C4050F4AA7D8987B358E9C0A420DA9ADBD29EF5BC313FD968169D58F34A06FFA2F7
SSDEEP 768:n2gAkWZJtiOywtq+iO6y9j0S8wrNpDqHPV1M1l0gOEF43bVw8H9Lw:2gAkWY9Rw0S8wrNpDGM1+gOMypw8y
IMP 1AFE1300EA8BC875DFC78D078C5A6448
PESHA1 77831E2D5BB41690E742EC3267A1DBEF0EEBCBCE
PE256 83761C7F7B3E246D64A107B261AB0AF30C3B16A276EBFE16F76037C4EAAA3C8D

Runtime Data

Usage (stdout):

Usage: "CIDiag.exe /start", "CIDiag.exe /stop <outputpath>", or "CIDiag.exe /stop /nologs <outputpath>"

Loaded Modules:

Path
C:\WINDOWS\system32\CIDiag.exe
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: CIDiag.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.1 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/c115b25fba04596c344b100689c723e32998b27b0e42bd41f498b0845a4591e3/detection

MIT License. Copyright (c) 2020-2021 Strontic.