Gridinsoft Logo
File Icon

The wermgr.exe (Windows Problem Reporting) File Analysis

Updated 1 year ago
Checked by Malware Check
wermgr.exe

Technical Analysis

File Name wermgr.exe
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.142.174
Database Version 2023-10-09 11:01:54 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
263,552
File Size (bytes)
2023-10-09
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
f2da58afb09045f572aaa1a5338743b5
SHA1
218a551903bf340ea601b390b5ffc9aaf8282539
SHA256
91eacf7c2638f9dc68d477b84f7300b1dd98caf875826a878f998607cd655d38
SHA512
300768b3fa42ec70bfdfa144c92891af59ada4df7926424698d4e1eed3ce27dd9b59fb2e7481a606149425766fdb8735c45032d00b2dbe7e44ac11e04c0d8dc8
ImpHash
71ce23ef1bb6f40f7e9fb4a599d8befe

PE Analysis

Basic Information

Icon
Hash: 92c690912f6e70d06938bcbe9c3e5833
Fuzzy: b836b9d2aac33167978d0ccbb6b58398
dHash: f2c3c3f5c5c8e878
Image Base 0x140000000
Entry Point 0x140019320
Compilation Time 2064-09-06 07:04:28
Checksum 0x0004f4c7 (Actual: 0x0004f4c7)
OS Version 10.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path WerMgr.pdb
Digital Signature OK
Imports 47 libraries
Exports 0 functions
Resources 16 Resources
Sections 8 Sections

Digital Signatures

Microsoft Windows Production PCA 2011 Microsoft Corporation (US)
Microsoft Root Certificate Authority 2010 Microsoft Corporation (US)

Version Information

CompanyName Microsoft Corporation
FileDescription Windows Problem Reporting
FileVersion 10.0.22621.2215 (WinBuild.160101.0800)
InternalName WerMgr
LegalCopyright © Microsoft Corporation. All rights reserved.
OriginalFilename WerMgr
ProductName Microsoft® Windows® Operating System
ProductVersion 10.0.22621.2215
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 106,362 bytes 106,496 bytes 6.30 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 87220FAC6455A7A6E582CE40AC1741CA
.imrsiv 0x0001b000 4 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
.rdata 0x0001c000 40,906 bytes 40,960 bytes 5.00 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9B53F17FA56ADA5E6736C89661F64105
.data 0x00026000 8,352 bytes 4,096 bytes 0.48 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4930C81B98A28E5F6D77500BC1091B65
.pdata 0x00029000 4,356 bytes 8,192 bytes 3.26 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 76A2760C4D1496141241D18EBCA81DEF
.didat 0x0002b000 64 bytes 4,096 bytes 0.07 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DF781B17B75C71D3ED71A8FFE99D3C01
.rsrc 0x0002c000 80,432 bytes 81,920 bytes 7.25 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 32F19B423B06B73723B6C4AB90A3B85F
.reloc 0x00040000 412 bytes 4,096 bytes 0.92 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 0ADB3C349D8039E6BEA270B21DD80CD0
Entropy Analysis Alert

1 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 16 (79,541 bytes)
Resource Type Count Total Size Percentage
RT_ICON 13 77,053 bytes
96.9%
RT_GROUP_ICON 1 188 bytes
0.2%
RT_VERSION 1 912 bytes
1.1%
RT_MANIFEST 1 1,388 bytes
1.7%

Certificate Chain Analysis

Certificate #1
Subject Microsoft Windows
Microsoft Corporation
US
Issuer Microsoft Windows Production PCA 2011
Serial Number 1137338010541636144536853793612014195631457299
Certificate #2
Subject Microsoft Windows Production PCA 2011
Microsoft Corporation
US
Issuer Microsoft Root Certificate Authority 2010
Serial Number 458207203049816025202696
Certificate Verification Status

OK

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware