ddodiag.exe
- File Path:
C:\WINDOWS\system32\ddodiag.exe
- Description: DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it
Hashes
| Type |
Hash |
| MD5 |
C03EF94B7B4163746909DD4E53557CAB |
| SHA1 |
F065445F0D000E4FB3CE67056DB2CEA269BD0BEC |
| SHA256 |
E17C631FBC00ED16D86F865ED542F71CDD54A6D6B5B0C02D49315B9D8F220BFB |
| SHA384 |
F5E699BA71D7EABCBCD30E9CE209CC45D20F286946247D522EE45A8A7DB9A747612FF9D673BCE8B7A02E4410FCFAC3B4 |
| SHA512 |
71F3830B5E0BC2E2FA5E968DE672B90574F1A243F6A5E77C8033682EFB96F075A935C96D7A19BCF2269B4BF5C6DB506E0320910835FF61282DF3C1544B2448D4 |
| SSDEEP |
1536:4x/wnyk3dzO8ZXBOGK/hc3aZkLmMgMaouZl6i1Addl+VVH:KkZ7OpP |
| IMP |
835450F6C906DA1E68B05E2C968111E4 |
| PESHA1 |
7F65FDAE902D9FB598938F989BC1FD425BA4F8DA |
| PE256 |
631DC195BE84E189703538DA878EE76A9C6D64E3C6EC4CC55B69116FEF2D5DBC |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\system32\ddodiag.exe |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\System32\msvcrt.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: DDODiag.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.1 (WinBuild.160101.0800)
- Product Version: 10.0.22000.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/e17c631fbc00ed16d86f865ed542f71cdd54a6d6b5b0c02d49315b9d8f220bfb/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.