dwm.exe

  • File Path: C:\windows\system32\dwm.exe
  • Description: Desktop Window Manager

Hashes

Type Hash
MD5 81FC187B779D59E4FD2F646BB03EBF03
SHA1 BEFA5CF53D4C698FEFBB707F23D9C17D742BF0C6
SHA256 E30953278AF244CBF40991A1002F82783ADD42EC13A583C51864C0D8CABD8005
SHA384 9CE8CDF8A04A5392B7BEC301B74AB10D42FE3D2C07C94193E9C938F742F66817F99F316C7CDF07D097DB3CC3ECECB6B8
SHA512 0A17394E7DA0121140C8F030B7504DFFA7A7036B63D6253F34DBD4C71B9EB3FD491B7D1F06109BFC5CE09DFC4DF10A834E23D58F0D480D702180AB175C072226
SSDEEP 1536:EYBrBpOEgfdof1WHH+bUuCb/moJXVjAUkCjLMw0ljJhUYTBUoKs7uO4a9:E2xgfdodWNkUhL2bhsRs4a9

Signature

  • Status: The file C:\windows\system32\dwm.exe is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: dwm.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of dwm.exe being misused. While dwm.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .dwm.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.