dsregcmd.exe
- File Path:
C:\Windows\system32\dsregcmd.exe - Description: DSREG commandline tool
Hashes
| Type | Hash |
|---|---|
| MD5 | 41354397D7D58FFAA96593FEA1DA43BF |
| SHA1 | 399751716641D7DA21146B4AB3DCB6C27748B4A7 |
| SHA256 | BB2E36193782ED2DE2444309ED95206B8ABBD4665D348C4FAF9EB3E4A7481D3F |
| SHA384 | CEEC2797846602C8F36F42BAE82084FA1C6543C1023C0081DB6AECB7A16E24E4F8E013E07B76EA3C474E9DB642A97AD4 |
| SHA512 | B1241EFC69D6F59FA195489355C2F28849586648B3607DF9379503FB52DE31DCBC52428898AE3C4AA2337EB4D0AAED8CD828DC91A5F9EDB46F1D04D55D563A8F |
| SSDEEP | 12288:bEmIvyopbq5wv7y/7MG1AoFwIMIoDc4PlLFuUytMMivo49:bhm9q5wv7yDN1AoFwl9JlLFuUya9vo |
| IMP | 97281AC8A8D49241F0356DD998A7CE2F |
| PESHA1 | F737E8C9ED064B7262F61A739EA2E9863452C4F3 |
| PE256 | 3445DC1EF58FE6B84096EAC093A9EA4802905A61F603571712A1E2BED51B34B0 |
Runtime Data
Usage (stdout):
DSREGCMD switches
/? : Displays the help message for DSREGCMD
/status : Displays the device join status
/status_old : Displays the device join status in old format
/join : Schedules and monitors the Autojoin task to Hybrid Join the device
/leave : Performs Hybrid Unjoin
/debug : Displays debug messages
Loaded Modules:
| Path |
|---|
| C:\Windows\System32\ADVAPI32.dll |
| C:\Windows\System32\bcrypt.dll |
| C:\Windows\System32\bcryptPrimitives.dll |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\CRYPT32.dll |
| C:\Windows\System32\cryptsp.dll |
| C:\Windows\system32\dsreg.dll |
| C:\Windows\system32\dsregcmd.exe |
| C:\Windows\System32\GDI32.dll |
| C:\Windows\System32\gdi32full.dll |
| C:\Windows\System32\IMM32.DLL |
| C:\Windows\System32\kernel.appcore.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\system32\logoncli.dll |
| C:\Windows\System32\MSASN1.dll |
| C:\Windows\System32\msvcp_win.dll |
| C:\Windows\system32\msvcp110_win.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\system32\ncrypt.dll |
| C:\Windows\system32\netutils.dll |
| C:\Windows\system32\NTASN1.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\ole32.dll |
| C:\Windows\System32\OLEAUT32.dll |
| C:\Windows\System32\profapi.dll |
| C:\Windows\system32\PROPSYS.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\sechost.dll |
| C:\Windows\system32\Secur32.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\system32\SSPICLI.DLL |
| C:\Windows\System32\ucrtbase.dll |
| C:\Windows\System32\USER32.dll |
| C:\Windows\system32\USERENV.dll |
| C:\Windows\System32\win32u.dll |
| C:\Windows\system32\WINHTTP.dll |
| C:\Windows\system32\WININET.dll |
| C:\Windows\system32\wkscli.dll |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: dsregcmd.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/bb2e36193782ed2de2444309ed95206b8abbd4665d348c4faf9eb3e4a7481d3f/detection/
MIT License. Copyright (c) 2020-2021 Strontic.