Faultrep.dll

  • File Path: C:\Windows\system32\Faultrep.dll
  • Description: Windows User Mode Crash Reporting DLL

Hashes

Type Hash
MD5 AB7462DBE534AA64F8B42445A7DC5A41
SHA1 8824F870D6EBC05A888FA23FC1E7077B72BE9959
SHA256 C0F9FB6F1632B108106B6B66259F295EA745013237318F62489A0CC7C691BDF7
SHA384 02E37233665EFD12E4CED49D63CC1A11BB3D56EFF061C7D15D4DCCD888DFC80F33D09B2FCB298DD9CCCD7BB437E05038
SHA512 A3377DFAD28E420D32BAD73C8DE73E777F1E4126B7BB9FBE5DB7F9300220E2DFE9C06767F5BD12C8A0D4A834E6F2BBD6CA5175226B27A6810E8B750626E886F6
SSDEEP 6144:ipgn0SHQ9oofE/VWE1WMOOooTKWHU9hRFdTzdkWwa6VJyB60OHyLC7vw:D0OQSoMtWaWMOO7Qh9vdMc2HywI
IMP DC1921F8AB88E7EF1205A0A0E1989251
PESHA1 CE44A22E40F2D990DC660159B83256091DEA140F
PE256 FCC680B068C106C862E5FB4F8F72BB090A3031F5B6C8D9A4E298660E0541E660

DLL Exports:

Function Name Ordinal Type
ReportHang 14 Exported Function
UpdatePerUserLastCrossProcessCollectionTime 6 Exported Function
ReportCoreHang 12 Exported Function
ReportFault 13 Exported Function
WerpLaunchAeDebug 18 Exported Function
WerReportHang 15 Exported Function
WerpGetDebugger 16 Exported Function
WerpInitiateCrashReporting 17 Exported Function
BasepReportFault 3 Exported Function
CancelHangReporting 9 Exported Function
AddERExcludedApplicationA 7 Exported Function
AddERExcludedApplicationW 8 Exported Function
DllCanUnloadNow 10 Exported Function
DllGetClassObject 11 Exported Function
CheckForReadOnlyResourceFilter 4 Exported Function
CheckPerUserCrossProcessThrottle 5 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: faultrep.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/70
  • VirusTotal Link: https://www.virustotal.com/gui/file/c0f9fb6f1632b108106b6b66259f295ea745013237318f62489a0cc7c691bdf7/detection/

File Similarity (ssdeep match)

File Score
C:\windows\system32\WerFault.exe 40
C:\Windows\system32\WerFault.exe 38
C:\Windows\system32\WerFault.exe 35
C:\Windows\system32\WerFault.exe 40
C:\Windows\system32\WerFaultSecure.exe 40
C:\Windows\system32\WerFaultSecure.exe 43
C:\WINDOWS\system32\WerFaultSecure.exe 41
C:\Windows\system32\WerFaultSecure.exe 40
C:\Windows\system32\WerFaultSecure.exe 38
C:\Windows\system32\WerFaultSecure.exe 40
C:\Windows\system32\WerFaultSecure.exe 40
C:\Windows\system32\WerFaultSecure.exe 41
C:\WINDOWS\system32\WerFaultSecure.exe 36
C:\Windows\system32\WerFaultSecure.exe 46
C:\Windows\system32\wermgr.exe 41
C:\Windows\system32\wermgr.exe 40
C:\Windows\system32\wermgr.exe 41
C:\WINDOWS\system32\wermgr.exe 41
C:\WINDOWS\system32\wermgr.exe 44
C:\Windows\system32\wermgr.exe 40
C:\Windows\system32\wermgr.exe 36
C:\Windows\system32\wermgr.exe 36
C:\Windows\system32\wermgr.exe 40
C:\Windows\system32\wermgr.exe 38
C:\Windows\system32\wermgr.exe 38
C:\windows\system32\wermgr.exe 41
C:\Windows\system32\werui.dll 38
C:\Windows\SysWOW64\WerFault.exe 41
C:\windows\SysWOW64\WerFault.exe 30
C:\Windows\SysWOW64\WerFaultSecure.exe 43
C:\Windows\SysWOW64\WerFaultSecure.exe 35
C:\Windows\SysWOW64\WerFaultSecure.exe 44
C:\Windows\SysWOW64\WerFaultSecure.exe 33
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 38
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 38
C:\Windows\SysWOW64\WerFaultSecure.exe 40
C:\Windows\SysWOW64\WerFaultSecure.exe 44
C:\Windows\SysWOW64\WerFaultSecure.exe 38
C:\Windows\SysWOW64\WerFaultSecure.exe 40
C:\Windows\SysWOW64\wermgr.exe 43
C:\windows\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\wermgr.exe 38
C:\WINDOWS\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\wermgr.exe 35
C:\WINDOWS\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\wermgr.exe 35
C:\Windows\SysWOW64\wermgr.exe 36
C:\Windows\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\werui.dll 41

MIT License. Copyright (c) 2020-2021 Strontic.