werdiagcontroller.dll
- File Path:
C:\Windows\system32\werdiagcontroller.dll
- Description: WER Diagnostic Controller
Hashes
| Type |
Hash |
| MD5 |
2899F22B142B9B97D829702622B6FBB3 |
| SHA1 |
C67A7F1DE8356B8E7D27246B339F0F02B225C2A0 |
| SHA256 |
8AA3387F18989E2F7027C478945DC22E26E9DC3ED124164720B8F2D1EB0E3884 |
| SHA384 |
A99023F195779E96C8A3649DC36D6897AC86C633FBD768CB5979A82185C6685B0F8E9911D2DBB40662547C22B5443251 |
| SHA512 |
2A050972F7304F32DD21EA544D71E81B7612EF4F7B17E9321BC97761528E515A8E303D45E16631C73E6448B62829B7A9BF696EBC0478A82D324782BBDD3875E2 |
| SSDEEP |
768:KZEBnmmE3BdmGFq8CLxoW63Nz0Fo40S+QDN742KM80+qFKvE0dS1kJwjhyniSinP:Kom3BwGFnLENELYUy |
| IMP |
5E89838B4CF940D7E126150F1E2186B8 |
| PESHA1 |
F966BE89D7C9AF16289C9BCA7AC11CD4BEB10518 |
| PE256 |
DD4E951EAAA7375DBAF23767E4CBF48F629CBCAABF8CAB7AE69F5977FF28D3AD |
DLL Exports:
| Function Name |
Ordinal |
Type |
StartFDR |
3 |
Exported Function |
StartAppRecorder |
2 |
Exported Function |
QueryOriginalBucket |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WERDiagController.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.423 (WinBuild.160101.0800)
- Product Version: 10.0.19041.423
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/8aa3387f18989e2f7027c478945dc22e26e9dc3ed124164720b8f2d1eb0e3884/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.