WerEnc.dll

  • File Path: C:\Windows\SysWOW64\WerEnc.dll
  • Description: Windows Error Reporting Dump Encoding Library

Hashes

Type Hash
MD5 F4C2183256B20B62EBD7C9397F0C5D85
SHA1 2E4B064B0F6962D52916BB6E35FB4113884566DE
SHA256 D3EE1D430EE079304DFE56E786E740426A65E498C0A2AE80804C641208D84C61
SHA384 E4492CA868E55A70B2B414458F81804C13DA31B796D596197ED42B985860AEC9B9E997A6D7413EA0A07950632457E161
SHA512 AD613EDC4752D0D4BD56CD842C9BBB2B39AEB6739FC9ECB49497A0AA012968D9C42EE0BF533A648F7B219D0113563FA3396380E8C63105233906A295F37E69DB
SSDEEP 384:TtWk2+FI/U8Y02pKcWWWZWba7r6wDDBRJMkOimfklypG/d:Q7+g/cuaa7r6wD1PMkQpC
IMP C35F55E3EC7BD75443BB426071F195AB
PESHA1 691500860C25BAAECCC341AA857245A2C778CFE3
PE256 4FAA033671CDEDD64569FA12CB87A613CBB859DE4AAE16183319E0994029222C

DLL Exports:

Function Name Ordinal Type
EncryptDumpStream 2 Exported Function
EncryptDumpFile 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WerEnc.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.388 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.388
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/66
  • VirusTotal Link: https://www.virustotal.com/gui/file/d3ee1d430ee079304dfe56e786e740426a65e498c0a2ae80804c641208d84c61/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll 41
C:\Windows\system32\DeviceCensus.exe 29
C:\Windows\system32\LocationFrameworkPS.dll 44
C:\Windows\system32\migwiz\migres.dll 33
C:\Windows\system32\ResetEngine.exe 32
C:\Windows\system32\ResetEngine.exe 38
C:\Windows\system32\ScriptRunner.exe 38
C:\Windows\system32\ScriptRunner.exe 40
C:\Windows\system32\WerEnc.dll 41
C:\Windows\SystemApps\MicrosoftWindows.UndockedDevKit_cw5n1h2txyewy\UndockedDevKit.exe 30
C:\Windows\SysWOW64\backgroundTaskHost.exe 33
C:\Windows\SysWOW64\dllhost.exe 35

MIT License. Copyright (c) 2020-2021 Strontic.