ddodiag.exe

File Path: C:\Windows\SysWOW64\ddodiag.exe
Description: DDODiag is a tool that collects Device Display Object (DDO) information from the system and logs it

Hashes

Type	Hash
MD5	`FB0CD493A4A666D652D4468E19008A61`
SHA1	`8767C134E8FA26CCAB6CFD8DE2A4678D98AE4BB8`
SHA256	`B8E52ABD573AF6B8773A567425A5FA667BE939E3BC1E522B0DB388A4F0FA2B5D`
SHA384	`0B417DE83E01E5505B604E38A52217C041A16CBBCF2EE524B17EFCA42FFF86368A3B40923C55AD420890A65FEA02C4E0`
SHA512	`B3A003A6EA19B721C4DFA77126A92C2B5BEB5F3F7851E9B1B2394A4503A6E22519148693212676017A40705854DA05C852E4E8A92A40DDB50233DAB9A793C5BC`
SSDEEP	`768:om6fhsXKZkrWcwMa4uZlqimiST8iOOz6+Db:om6fhsXKZkrWcwMa4uZlqimF8/OBDb`
IMP	`9C77374063C1B46991F749CD1E215781`
PESHA1	`741EF0CBC15F7BF4B21449BBAC719A6891F82CAE`
PE256	`C83B44AB4E73604530E4F22C7FC7CCE98BC38B14DEA30263D3E6E7963AF2328F`

Signature

Status: Signature verified.
Serial: 33000001C422B2F79B793DACB20000000001C4
Thumbprint: AE9C1AE54763822EEC42474983D8B635116C8452
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: DDODiag.exe
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.17763.1 (WinBuild.160101.0800)
Product Version: 10.0.17763.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/69
VirusTotal Link: https://www.virustotal.com/gui/file/b8e52abd573af6b8773a567425a5fa667be939e3bc1e522b0db388a4f0fa2b5d/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\SysWOW64\ddodiag.exe	74
C:\windows\SysWOW64\ddodiag.exe	72
C:\WINDOWS\SysWOW64\ddodiag.exe	74
C:\Windows\SysWOW64\ddodiag.exe	71
C:\WINDOWS\SysWOW64\ddodiag.exe	74

MIT License. Copyright (c) 2020-2021 Strontic.