weretw.dll

File Path: C:\Windows\SysWOW64\weretw.dll
Description: WERETW.DLL

Hashes

Type	Hash
MD5	`D7C16110F6AF528A52B4C4FCF3136655`
SHA1	`3C030D0F068AE83BAA2B4452C04403A91E8DEF91`
SHA256	`75238FDF19BB451F7676D526570C67E00E39F0A08C350CFC8DA39EE1558AC496`
SHA384	`1EB8E82DFE4468D6EA0B19E2D1FC3CD3E6CCF120AF0A8AB912EA6BAD1B4B4C08D159B01525047E150B2B924FFC0371C8`
SHA512	`57B9CE13A902D5DA670391128EE2BCF9A849DF8011F78317B9CD581FF0E7B5F2D9045C99046F74D05402250DC48F63FBCA27222F59128B639B6D54843F0B0A27`
SSDEEP	`3072:CSqLTMMtQ9oFL4z357Zx4cGpoXMYc9hk6nbZZOXyT+Ls2qqEOUbD:CSqLtQhzJ7ZxFGGX3/6n1ZYyF2QB`
IMP	`C076AF4588C51A3ED467207C3D4D6A8A`
PESHA1	`FDCF15F6EDD85C9491EF50BC138E5FB43E8E23BA`
PE256	`60E387C5F6826D6E09909682D85C8A9F58306E630A3A3099382093EF23355D69`

DLL Exports:

Function Name	Ordinal	Type
`WerMergeEtlEx`	2	Exported Function
`WerMergeEtl`	1	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: WERETW.DLL
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.423 (WinBuild.160101.0800)
Product Version: 10.0.19041.423
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/66
VirusTotal Link: https://www.virustotal.com/gui/file/75238fdf19bb451f7676d526570c67e00e39f0a08c350cfc8da39ee1558ac496/detection/

MIT License. Copyright (c) 2020-2021 Strontic.