wstraceutil.exe

  • File Path: C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x86\wstraceutil.exe
  • Description: Windows Web Services API Trace Utility Tool

Hashes

Type Hash
MD5 D528C7DC20E6E67B3E940A8E9EEB759C
SHA1 8D3BFBB27EEED59B639253AF03467D2D677CA4C5
SHA256 59472E068E7846264A66C02BBF074369A480CFE0B9FB4739906FE57232C021E6
SHA384 9D5F6D4591529A7B4609FAB6F6558ADA928C1D4631F3C5E65C572855F6006413D3D37DD2E44B538FE6B087D88786065F
SHA512 65A0BCE943AEFF3AEFBB9F4F9A213F6965FFD79655652A14B950BE70FF8D9BCB878CEFF6305663B7BEF5B6FD8EDFCA0B74C774E49EBCB2014B7095247E90A5AF
SSDEEP 1536:mLDCIWCI2XA2WtvIqVskGUggkUzWFoK9nC93sd21r1QLOFL1dqL67EYlCEHB:UCGEAxwgr4K9nQ3sdU/qL67EYlFB
IMP 7CB8195185AE4E01AB936993DD32787C
PESHA1 F0F1E453472E2D22D2B6A964B0E44DD804BDE944
PE256 5909DC13548A37829D173831A67A8257D84F679AF39E25BF4448958A9DCB641E

Runtime Data

Usage (stdout):

Connection-specific - Microsoft (R) Windows Web Services API Trace Viewer Tool version 1.0
Copyright (c) Microsoft Corporation 2009.
All rights reserved.

Usage : WsTraceUtil.exe 
-create [all|verbose|message|info|warning|error] - start trace session with specified verbosity level. The default is info. 
-update [all|verbose|message|info|warning|error] - updates trace verbosity level to specified value. The defaul is info. 
-on                                              - turns the trace session on. 
-off                                             - turns the session off. 
-delete                                          - deletes the session. 
-session name                                    - specifies session name. If the parameter is not used, session name is WsTrace. 
-output [filename]                               - dumps trace. If filename is provided, the trace are written to the file. Otherwise to the console screen. To stop the tool use Crtl-C. 
-convert filename                                - reads trace (*.etl) file.

Loaded Modules:

Path
C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x86\wstraceutil.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002CF6D2CC57CAA65A6D80000000002CF
  • Thumbprint: 1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
  • Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: WsTraceUtil.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: Unknown

MIT License. Copyright (c) 2020-2021 Strontic.