ddodiag.exe
- File Path:
C:\Windows\SysWOW64\ddodiag.exe
- Description: DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it
Hashes
| Type |
Hash |
| MD5 |
B99A1EA960AA12EA6A972335999D2B1F |
| SHA1 |
1E25B7092765A069EEBD3BB2FB9FBF74F0298CF2 |
| SHA256 |
1A40075AE8330D3B2AB1C567B4FD183CFDDA20794015DAB8503A406B58DF9D44 |
| SHA384 |
52BA63988B760F0F70AD7CF3CC2A8D6BCCA0198123A32623C55F038EA1499B3553A527C52CC34B49CFEA329BD99E733E |
| SHA512 |
D022F018906C896CBDE62FECABE6EDDE07B9CC4C01982FC2EB8ABFAC3289201189C9E3B3086B85F7560021E8CF410E05893AFB377D537BA352B5BECA1197015E |
| SSDEEP |
768:Jm6fhsXKZkrWcwMa4uZlqivwTuhLuxhIO+5A:Jm6fhsXKZkrWcwMa4uZlqiw2uxh25A |
| IMP |
C44782044D722D4027BBE52D755A88BB |
| PESHA1 |
6B44FD647760660711A71868E50D9B827477D9E1 |
| PE256 |
C178B15D8FDFF27E23CD5299216DEA7A2ADDB4259BC023EDD5A8428BE9C0AF48 |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\ddodiag.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: DDODiag.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/1a40075ae8330d3b2ab1c567b4fd183cfdda20794015dab8503a406b58df9d44/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.