dumpexam.exe
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\dumpexam.exe
- Description: Windows Dump File Examiner
Hashes
Type | Hash |
---|---|
MD5 | BB5B5EF474C3B2C1AFCF9337712B3293 |
SHA1 | 9E07CFA496FD19E43BB8684C4966DBE873DD6474 |
SHA256 | A2D4658B878F6B822D3473FCF4382997A661CB85DA8739B59276FCAF94F76E6D |
SHA384 | 196045AF258B25106C235041DC218C636DF46FF0F5F9ED0C8B6101C8BDD0E98EF0E78994086664C32715778321A11CA7 |
SHA512 | E66348FF7708D8B9DB51884E32763BCFB0DE288B71E9B0EF91AD17E6FFC9ACC00ACCACD063BE8A804CB92CE6DFA8969E9B2DDAB1C3F2FCC44391CC1F10A4F758 |
SSDEEP | 192:bL3qdtLY69qZDNHtH1M0OWH4W5ijSWSawTyihVWQ4eWuoa5M8xOSqnaj3yS:bbGLl9q9+0OWH4WYrwGyaCTlu |
IMP | 3452BF5D29DD034D1C1679E9C024FCB5 |
PESHA1 | 235588E47866BE1F13EE435B4BDC748012A189F0 |
PE256 | 75F6CA728EB5E37C8839A1718E9BF4B8064164C8680815565BBB9BA7364C6D0F |
Runtime Data
Usage (stderr):
***************************************************************************
***************************************************************************
** **
** This tool is no longer supported. It's functionality has been **
** merged into the kernel debugger. You can examine a dump file by **
** loading it in the kernel debugger **
** **
** kd -z <dump_file_name> -y <symbol_path> [-i <image_path>] **
** **
** and running commands such as !vm, !process, !locks, etc... **
** **
** Please refer to the debugger documentation for more information **
** on analyzing system failures. **
** **
***************************************************************************
***************************************************************************
Loaded Modules:
Path |
---|
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\dumpexam.exe |
C:\Windows\SYSTEM32\ntdll.dll |
C:\Windows\System32\wow64.dll |
C:\Windows\System32\wow64cpu.dll |
C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
33000002CF6D2CC57CAA65A6D80000000002CF
- Thumbprint:
1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: dumpexam.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: Unknown
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.