WerFaultSecure.exe

  • File Path: C:\Windows\SysWOW64\WerFaultSecure.exe
  • Description: Windows Fault Reporting

Hashes

Type Hash
MD5 21EBD9AF6E4426C12278D0EB63DABD34
SHA1 016B79DDAB0B6C6ED4129150BE96B3802CD84058
SHA256 6FE88147901F25F29E4668D1ABF4688D0C9229DC27295012AE0F4E5264186591
SHA384 F4A31186096C486641026F5B849DC84A61708B65AA631926080B0970C6DB4953497407908846F7C4AAEE86D6D455E7D3
SHA512 07037DD03A08FF7E6367B3D1F9B34D9BF3997D978ADFF5786D37EC70D75B9A893BCE88A0974202E5C178BCAA2F261148E766D78828705C0A06C580DDD1364A9B
SSDEEP 3072:qDQquPKORsAsLqWt0wvaBaoFJ+yC3pwRb6JPqB604HHy7hRCd39vhoMq:qcZVRHsLTpagVJyB60OHyLC7v6d

Runtime Data

Open Handles:

Path Type
(R-D) C:\Windows\SysWOW64\dbghelp.dll File
(RW-) C:\Windows File
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WerFaultSecure.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.17763.1339 (WinBuild.160101.0800)
  • Product Version: 10.0.17763.1339
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\system32\Faultrep.dll 43
C:\windows\system32\WerFault.exe 43
C:\Windows\system32\WerFault.exe 35
C:\Windows\system32\WerFault.exe 32
C:\Windows\system32\WerFault.exe 50
C:\Windows\system32\WerFaultSecure.exe 66
C:\Windows\system32\WerFaultSecure.exe 60
C:\WINDOWS\system32\WerFaultSecure.exe 63
C:\Windows\system32\WerFaultSecure.exe 65
C:\Windows\system32\WerFaultSecure.exe 60
C:\Windows\system32\WerFaultSecure.exe 65
C:\Windows\system32\WerFaultSecure.exe 65
C:\Windows\system32\WerFaultSecure.exe 61
C:\WINDOWS\system32\WerFaultSecure.exe 60
C:\Windows\system32\WerFaultSecure.exe 60
C:\Windows\system32\wermgr.exe 49
C:\Windows\system32\wermgr.exe 47
C:\Windows\system32\wermgr.exe 58
C:\WINDOWS\system32\wermgr.exe 49
C:\WINDOWS\system32\wermgr.exe 55
C:\Windows\system32\wermgr.exe 43
C:\Windows\system32\wermgr.exe 58
C:\Windows\system32\wermgr.exe 43
C:\Windows\system32\wermgr.exe 60
C:\Windows\system32\wermgr.exe 50
C:\Windows\system32\wermgr.exe 58
C:\windows\system32\wermgr.exe 65
C:\Windows\system32\werui.dll 49
C:\Windows\SysWOW64\WerFault.exe 54
C:\windows\SysWOW64\WerFault.exe 27
C:\Windows\SysWOW64\WerFaultSecure.exe 57
C:\Windows\SysWOW64\WerFaultSecure.exe 66
C:\Windows\SysWOW64\WerFaultSecure.exe 57
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 61
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 60
C:\Windows\SysWOW64\WerFaultSecure.exe 58
C:\Windows\SysWOW64\WerFaultSecure.exe 93
C:\Windows\SysWOW64\WerFaultSecure.exe 58
C:\Windows\SysWOW64\WerFaultSecure.exe 63
C:\Windows\SysWOW64\wermgr.exe 63
C:\windows\SysWOW64\wermgr.exe 63
C:\Windows\SysWOW64\wermgr.exe 43
C:\Windows\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\wermgr.exe 35
C:\WINDOWS\SysWOW64\wermgr.exe 41
C:\Windows\SysWOW64\wermgr.exe 44
C:\Windows\SysWOW64\wermgr.exe 46
C:\WINDOWS\SysWOW64\wermgr.exe 47
C:\Windows\SysWOW64\wermgr.exe 44
C:\Windows\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\wermgr.exe 38
C:\Windows\SysWOW64\werui.dll 55

MIT License. Copyright (c) 2020-2021 Strontic.