dumpexam.exe
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dumpexam.exe
- Description: Windows Dump File Examiner
Hashes
Type | Hash |
---|---|
MD5 | 9F3B915F04E4F1C060C5EE87C25C74DB |
SHA1 | 82D72556D5BE0030F1426FD9304D92D6D2A6AF5F |
SHA256 | D034C7E7E5A18C42E26AE7914D0049C3C4CF1A7016586CDDD136D99DC810E733 |
SHA384 | 6EF85D7DF1B84F7E79A5481E88D8D08452449A231BCA6A2C18DDE1A6A67A0DFF8BF58524559A658DBA0A95A29B4F51A9 |
SHA512 | D3E16214A0CD3BECF458E286C3DD8F175D076D5E0287325101D06C39F4767A35E550A37E8496D35722725B2AF7801E67BA4C7DADD50740A572F0DA1AD1D90CC0 |
SSDEEP | 192:GcF+TrXEp+IWKsHfsB2n0O6DuxwL/GUFmsGWH4W2WSawTyihVWQ4eWFCikwqnaj0:GchAPa200xWusGWH4WrwGyslI |
IMP | EBF7711815AEA5FEF6E675E749C32D0F |
PESHA1 | 8040C162BF99969AE7AEF88A35BE459723A09B26 |
PE256 | 435199F7289617C6625ADCD3A368E48A5EFD11FE047D477DDF86A87C152F48EB |
Runtime Data
Usage (stderr):
***************************************************************************
***************************************************************************
** **
** This tool is no longer supported. It's functionality has been **
** merged into the kernel debugger. You can examine a dump file by **
** loading it in the kernel debugger **
** **
** kd -z <dump_file_name> -y <symbol_path> [-i <image_path>] **
** **
** and running commands such as !vm, !process, !locks, etc... **
** **
** Please refer to the debugger documentation for more information **
** on analyzing system failures. **
** **
***************************************************************************
***************************************************************************
Loaded Modules:
Path |
---|
C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dumpexam.exe |
C:\Windows\System32\KERNEL32.DLL |
C:\Windows\System32\KERNELBASE.dll |
C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
33000002CF6D2CC57CAA65A6D80000000002CF
- Thumbprint:
1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: dumpexam.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/74
- VirusTotal Link: https://www.virustotal.com/gui/file/d034c7e7e5a18c42e26ae7914d0049c3c4cf1a7016586cddd136d99dc810e733/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.