dxdiag.exe

  • File Path: C:\Windows\SysWOW64\dxdiag.exe
  • Description: Microsoft DirectX Diagnostic Tool

Screenshot

dxdiag.exe

Hashes

Type Hash
MD5 11FF96408DD51BF242DD06D19E38A723
SHA1 F934343DB979D5640CD6F8DF884BA094AF5E72FF
SHA256 B0703D68FC7EDB41A99B612E62EFE7ECE347C17E3F875E89E4A2860C258F031B
SHA384 7FBEF11D2C1F1DB894D3BE16FEE27B589FE8F5E54DB536F88A6F945957A5FDD59F2FD8C239784EE10C6D1C95CE965ECE
SHA512 9CE3E87DE7287D1C374632D68576329B3C4401531E96170959C73D189172A9277CDA662237A729EF2E5824277770CA86907A60498A129D2373ABECD396F40114
SSDEEP 3072:Cx/iv5FRt+TjVkNOY1LyyrQ7wIeCDS31PPX519hLT0MF88yBlxDHCmTNmFZrrozA:ia5CVA4MlpTrvGNBiiN6NE0ULXPRV/e

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: dxdiag.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.0 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of dxdiag.exe being misused. While dxdiag.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_persistence_search_order.yml Image: 'C:\WINDOWS\SYSTEM32\dxdiag.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.