diagER.dll

File Path: C:\Windows\system32\oobe\diagER.dll
Description: Diagnostic ER Module

Hashes

Type	Hash
MD5	`971972596DCCC4AFDFAB8CC15DAA2F4B`
SHA1	`C27EC45506E7FBF9B92ADDBE54232343F7D23239`
SHA256	`1A4508D2EB062B744AE7CDF0B24D998FAE93756E0BBF1286765A75B5E6930439`
SHA384	`5813E3DB936A9140483DF5F921C82C18F737C2C8FD8C0A9B2E3E87B6B628B2F45255FD1771ED12545344ED128FB745DF`
SHA512	`4C5796B0B4738946BBC029F8D4C4C0A2AC5ACCE7D33DBB3679633E9C6846401CF61E44BB7D4FFEC055D37D66414DB47656A87B5B39153E3D81455A8BE9598B05`
SSDEEP	`768:IBqkR284bz5Su33E3nbox26S8tAnGg4rYuV/Xxt7upIyTr6wD1PFkM:3z5Su33E3nbh6ynG5EuV/Xxt7CjPFV`
IMP	`A6DFAB2F841183F78D7BA325D5888C10`
PESHA1	`2501ACC05AF2330884B8D7AAB39B0616D25B04EB`
PE256	`568909558878C29CB936B177C30A540EC355F325EFD58467B00CA5E0CD96F353`

DLL Exports:

Function Name	Ordinal	Type
`public: virtual __cdecl CWfpER::~CWfpER(void) __ptr64`	8	Exported Function
`public: virtual __cdecl CDwWinER::~CDwWinER(void) __ptr64`	7	Exported Function
`public: virtual __cdecl IDiagER::~IDiagER(void) __ptr64`	9	Exported Function
`CDwWinER::AddFiles`	21	Exported Function
`CDwWinER::AddBucketingParameters`	18	Exported Function
`CDiagERFactory::ReleaseInstance`	35	Exported Function
`CWfpER::operator`	13	Exported Function
`CDwWinER::operator`	12	Exported Function
`IDiagER::operator`	14	Exported Function
`CDiagERFactory::CreateInstance`	24	Exported Function
`CDiagERFactory::GetErrorReporter`	32	Exported Function
`CWfpER::Submit`	40	Exported Function
`CWfpER::SetHeader`	37	Exported Function
`IDiagER::AddBucketingParameters`	20	Exported Function
`IDiagER::SetHeader`	38	Exported Function
`IDiagER::AddFiles`	23	Exported Function
`CWfpER::Initialize`	34	Exported Function
`CDwWinER::SetHeader`	36	Exported Function
`CDwWinER::Initialize`	33	Exported Function
`CDwWinER::Submit`	39	Exported Function
`CWfpER::AddFiles`	22	Exported Function
`CWfpER::AddBucketingParameters`	19	Exported Function
`DiagERSubmit`	29	Exported Function
`DiagERSetHeader`	28	Exported Function
`DiagERSubmitEx`	30	Exported Function
`g_Kernel32`	41	Exported Function
`DiagERTerminate`	31	Exported Function
`DiagERInitialize`	27	Exported Function
`const CWfpER::vftable'`	16	Exported Function
`const CDwWinER::vftable'`	15	Exported Function
`const IDiagER::vftable'`	17	Exported Function
`DiagERAddFiles`	26	Exported Function
`DiagERAddBucketingParameters`	25	Exported Function
`IDiagER::IDiagER`	5	Exported Function
`CWfpER::CWfpER`	4	Exported Function
`IDiagER::IDiagER`	6	Exported Function
`CDiagERFactory::operator`	11	Exported Function
`CDiagERFactory::operator`	10	Exported Function
`CWfpER::CWfpER`	3	Exported Function
`g_WerApi`	43	Exported Function
`g_Shell32`	42	Exported Function
`CDiagERFactory::m_diagER`	44	Exported Function
`CDwWinER::CDwWinER`	2	Exported Function
`CDwWinER::CDwWinER`	1	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: DIAGER.DLL
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.450 (WinBuild.160101.0800)
Product Version: 10.0.19041.450
Language: English (United States)
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/68
VirusTotal Link: https://www.virustotal.com/gui/file/1a4508d2eb062b744ae7cdf0b24d998fae93756e0bbf1286765a75b5e6930439/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\SysWOW64\dllhost.exe	32