dialer.exe
- File Path:
C:\Windows\system32\dialer.exe - Description: Microsoft Windows Phone Dialer
Screenshot
Hashes
| Type | Hash |
|---|---|
| MD5 | 03A3A40DCEAF13FDE10ECA591D92DB4B |
| SHA1 | 0197C751EDEA68BD0639E9BC57AC132D707591D2 |
| SHA256 | D628E54194E14F8077B283ADC60EF069B4D43543FA7D7BE55E1A60E65AC52C01 |
| SHA384 | A6A27875898DF0E8CAD823479479CBCB70F29F0E3B91E63B3ADDC9EDDE72EBDAAEB215D07C31E950534B323A1DC6E052 |
| SHA512 | 1DED4CA2A0A3480474DE49D5BD37B3EE01A7B27479B55CF21E5840B459B3EC87A3BEFCA3FA7602696E42A58B52A1AD2AA7CB5204118801704CFC3CF2AA815538 |
| SSDEEP | 768:RCnwJHY47PQznCKSEYp6qN7O7wz59hF7VRI4C3hD7Oi7/d:1YUPR4aOoFTbKhD7F/d |
| IMP | EA84F2A49408D51D324DE27B0D115B5E |
| PESHA1 | 0869C50ABEC9AA2CA89516B42D888DA6B92766F2 |
| PE256 | 838863A45EC412CE864CB5B99E732DFA22F54EAA153A1BC43FCB3A4080239705 |
Runtime Data
Window Title:
Phone Dialer
Open Handles:
| Path | Type |
|---|---|
| (R-D) C:\Windows\Fonts\StaticCache.dat | File |
| (R-D) C:\Windows\System32\en-US\dialer.exe.mui | File |
| (R-D) C:\Windows\System32\en-US\imageres.dll.mui | File |
| (R-D) C:\Windows\System32\en-US\user32.dll.mui | File |
| (RW-) C:\Users\user | File |
| (RW-) C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.1518_none_de6e2bd0534e2567 | File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000004.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000004.db | Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro | Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 | Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 | Section |
| \Sessions\2\Windows\Theme2131664586 | Section |
| \Windows\Theme966197582 | Section |
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\bcryptPrimitives.dll |
| C:\Windows\System32\cfgmgr32.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\cryptsp.dll |
| C:\Windows\system32\dialer.exe |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\kernel.appcore.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\powrprof.dll |
| C:\Windows\System32\profapi.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\System32\SHELL32.dll |
| C:\Windows\System32\shlwapi.dll |
| C:\Windows\system32\TAPI32.dll |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\System32\windows.storage.dll |
Signature
- Status: Signature verified.
- Serial:
33000001C422B2F79B793DACB20000000001C4 - Thumbprint:
AE9C1AE54763822EEC42474983D8B635116C8452 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: DIALER.EXE.MUI
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/d628e54194e14f8077b283adc60ef069b4d43543fa7d7be55e1a60e65ac52c01/detection/
Possible Misuse
The following table contains possible examples of dialer.exe being misused. While dialer.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source | Source File | Example | License |
|---|---|---|---|
| LOLBAS | Rasautou.yml | Description: Windows Remote Access Dialer |
MIT License. Copyright (c) 2020-2021 Strontic.