werdiagcontroller.dll
- File Path:
C:\Windows\SysWOW64\werdiagcontroller.dll
- Description: WER Diagnostic Controller
Hashes
| Type |
Hash |
| MD5 |
912074FE512BE4FD11D25F0F9E8A789B |
| SHA1 |
2BB9E289A0532EF6827A89EC8BC3255DD20F6D9D |
| SHA256 |
84A3F1E03068745E8CA4C4D66EDB2C4218B98B92B069DB3B5FF46B9F60637E98 |
| SHA384 |
2B9AA488ACF9D453C314CC77DD07385CE8629BB619C4F3A1CD1F72EF2E9BF3945F7C93F895E61671D347DF2345263948 |
| SHA512 |
E3D76485353C92ED22A07826C4545CD2E5E7AC4BEAE2BE8FACEA62A7FBB77D32A5B3C49A8D2885D83D8A9AA1B363C8E966E4CDF4F1830473417798738425DF50 |
| SSDEEP |
768:frYmKMc0+qFKvE0dS1kpQjhyniSiHfpGW0SF+x7KBoJj35dvQO9vIBi6inEDnVKx:fyvvpenEzpZNkaMg |
| IMP |
BF6A160F5115AF82C6B13566DF9C939D |
| PESHA1 |
BADF6D180ECFF6D6A8315E19073FCCB04C946F77 |
| PE256 |
40C344A118968D4B58E7CB3E36F1F215B923BC8F9E0E562D5635612A12C5C6F2 |
DLL Exports:
| Function Name |
Ordinal |
Type |
StartFDR |
3 |
Exported Function |
StartAppRecorder |
2 |
Exported Function |
QueryOriginalBucket |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WERDiagController.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.423 (WinBuild.160101.0800)
- Product Version: 10.0.19041.423
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/67
- VirusTotal Link: https://www.virustotal.com/gui/file/84a3f1e03068745e8ca4c4d66edb2c4218b98b92b069db3b5ff46b9f60637e98/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.