dsregcmd.exe

  • File Path: C:\Windows\system32\dsregcmd.exe
  • Description: DSREG commandline tool

Hashes

Type Hash
MD5 866989AA656CF67780143376C12DF510
SHA1 3BACAE009425AB65C13B236469CAF11E8D30F2DD
SHA256 47A44A548C462510301785B3D849E7FA731B911FA0B174574876A1367C88CBD2
SHA384 294CC1A838BBD73AF8155BC7F665834A04A7742816B888E72F1C71BCE36A5025E17EA931AE356D03DD043BCBECA1C5C3
SHA512 CCE269FF5F4BE794CB4EEA0C72BFE11C7C45BF6796839A019B2388692972208B7920CEA8A0B3586A1B0665C674BB6B8EC91A0A60DF47E55D08EF119CDC98743D
SSDEEP 6144:/kNyBXVjI1Aqe1zazlK/BNrS6DyGNwq/yJu5tu9DA5GV7ZZlJMLbxOUX:WOdq46A/BNrzRNwq/sEGV7nYLbQy
IMP C2D1A2C9FFEA6DDBC11DE8E37CF589D3
PESHA1 5B7A6208D86BC61D3B52BA5FCF62247AE735A283
PE256 60CC3A1750D9503BEACFF89EA93257B6A057B3F6ABDB791682B202E783E264F7

Runtime Data

Usage (stdout):

DSREGCMD switches
                        /? : Displays the help message for DSREGCMD
                   /status : Displays the device join status
               /status_old : Displays the device join status in old format
                     /join : Schedules and monitors the Autojoin task to Hybrid Join the device
                    /leave : Performs Hybrid Unjoin
                    /debug : Displays debug messages
               /refreshprt : Refreshes PRT in the CloudAP cache

Loaded Modules:

Path
C:\Windows\system32\dsregcmd.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002EC6579AD1E670890130000000002EC
  • Thumbprint: F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: dsregcmd.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.906 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.906
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/47a44a548c462510301785b3d849e7fa731b911fa0b174574876a1367c88cbd2/detection

MIT License. Copyright (c) 2020-2021 Strontic.