dwm.exe

  • File Path: C:\Windows\system32\dwm.exe
  • Description: Desktop Window Manager

Hashes

Type Hash
MD5 C89F159A577F19F7F03C73C98D29D841
SHA1 DE60075CB979D655256F2DB447A22BD366AAEB6B
SHA256 B3E37997C1C62DD90D69EF83D6A6FC782BF9A5B8AD04A0D1528A8B7FA31AA408
SHA384 BA97E1D3BC49A4863EAB1D12A44DBDB1E746A0E675FEDB283CBC82088335A46631AC289CB6D36CD0C279789E1D134D73
SHA512 3C7D4A156D926740200A8DA145B1741FA2974D1F76290D3C9DDCCCEC9DB7B192B8D9BDEF1DC318B34EEAC272A08CC7AE48D5B608AA9B34C46517E3825B1F5A53
SSDEEP 768:rXu0S+gTySq24Opa3OXX6pTPBuwsDpCpWxCD6Urgb/ng9h+h4J1xnSVa4:rXu+A1z4negTPxmrb/ng94va4

Signature

  • Status: Signature verified.
  • Serial: 33000000BCE120FDD27CC8EE930000000000BC
  • Thumbprint: E85459B23C232DB3CB94C7A56D47678F58E8E51E
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: dwm.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of dwm.exe being misused. While dwm.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .dwm.exe``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.