WerFaultSecure.exe

  • File Path: C:\Windows\system32\WerFaultSecure.exe
  • Description: Windows Fault Reporting

Hashes

Type Hash
MD5 DE56B2A5785ED06A8D1A6EC23F9FDF37
SHA1 EEE23BC0F845739688BC36B7A4E0C218F918439F
SHA256 B3003748290692E15B176BF54DED2220017E412624D3184CFCBB61216534595E
SHA384 E18B6E764D7ABFF09F0C81ACE94CCE2AB10348866762927CE7B5810A614188F823687AD894289F5D768F81DEC2EEC9E8
SHA512 46AD3CB5FB7B2C3335034EFCFE0D03C3B0C61FE8C0B043D8F501B522FEF48DC13FA2AD2F5D54F58F630AC4ABAFECEDDBD24669FF84B7BA3E28DA757EEB562C40
SSDEEP 3072:iUZH/OJkaZUkkKqj7lQWamHFJ+yC3pwRb6JPqB604HHy7hRCd39vjKdR:iE/OJfUkkKY+OCVJyB60OHyLC7vuj
IMP 238B416AE1929D60DF85CAC4307083D4
PESHA1 8BEE16A7BD1D6FB1936B59B91CCBFB4AFF373696
PE256 03F7150C8B729FD631FDA3E93CF855E710C41D596E88F7DC67F7F5373F8DA725

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WerFaultSecure.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/76
  • VirusTotal Link: https://www.virustotal.com/gui/file/b3003748290692e15b176bf54ded2220017e412624d3184cfcbb61216534595e/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\Faultrep.dll 46
C:\windows\system32\WerFault.exe 40
C:\Windows\system32\WerFault.exe 38
C:\Windows\system32\WerFault.exe 36
C:\Windows\system32\WerFault.exe 49
C:\Windows\system32\WerFaultSecure.exe 61
C:\Windows\system32\WerFaultSecure.exe 83
C:\WINDOWS\system32\WerFaultSecure.exe 58
C:\Windows\system32\WerFaultSecure.exe 63
C:\Windows\system32\WerFaultSecure.exe 61
C:\Windows\system32\WerFaultSecure.exe 65
C:\Windows\system32\WerFaultSecure.exe 65
C:\Windows\system32\WerFaultSecure.exe 74
C:\WINDOWS\system32\WerFaultSecure.exe 60
C:\Windows\system32\wermgr.exe 50
C:\Windows\system32\wermgr.exe 47
C:\Windows\system32\wermgr.exe 66
C:\WINDOWS\system32\wermgr.exe 47
C:\WINDOWS\system32\wermgr.exe 54
C:\Windows\system32\wermgr.exe 43
C:\Windows\system32\wermgr.exe 58
C:\Windows\system32\wermgr.exe 50
C:\Windows\system32\wermgr.exe 57
C:\Windows\system32\wermgr.exe 55
C:\Windows\system32\wermgr.exe 57
C:\windows\system32\wermgr.exe 63
C:\Windows\system32\werui.dll 50
C:\Windows\SysWOW64\WerFault.exe 47
C:\windows\SysWOW64\WerFault.exe 29
C:\Windows\SysWOW64\WerFaultSecure.exe 60
C:\Windows\SysWOW64\WerFaultSecure.exe 57
C:\Windows\SysWOW64\WerFaultSecure.exe 61
C:\Windows\SysWOW64\WerFaultSecure.exe 60
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 61
C:\WINDOWS\SysWOW64\WerFaultSecure.exe 58
C:\Windows\SysWOW64\WerFaultSecure.exe 60
C:\Windows\SysWOW64\WerFaultSecure.exe 60
C:\Windows\SysWOW64\WerFaultSecure.exe 61
C:\Windows\SysWOW64\WerFaultSecure.exe 63
C:\Windows\SysWOW64\wermgr.exe 60
C:\windows\SysWOW64\wermgr.exe 60
C:\Windows\SysWOW64\wermgr.exe 36
C:\Windows\SysWOW64\wermgr.exe 36
C:\Windows\SysWOW64\wermgr.exe 35
C:\WINDOWS\SysWOW64\wermgr.exe 46
C:\Windows\SysWOW64\wermgr.exe 41
C:\Windows\SysWOW64\wermgr.exe 43
C:\WINDOWS\SysWOW64\wermgr.exe 58
C:\Windows\SysWOW64\wermgr.exe 44
C:\Windows\SysWOW64\wermgr.exe 43
C:\Windows\SysWOW64\wermgr.exe 43
C:\Windows\SysWOW64\werui.dll 47

MIT License. Copyright (c) 2020-2021 Strontic.