Reason Labs

diagtrackrunner.exe

Microsoft Windows Diagnostics Tracking Runner

Microsoft Corporation

It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Microsoft® Windows® Operating System

Description:
Microsoft Windows Diagnostics Tracking Runner

 
Part of the Windows Operating System

Version:
10.0.10586.8 (th2_release.151109-1754)

MD5:
ccf0eaacc822ec72830ab56ea29d952f

SHA-1:
6b9fa028972e563c7d648b45c039af0732abf898

SHA-256:
67e045fd25809e8ca486b1d17eb33667835fbc04974dd65dc07fcfc7e9a3d254

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/16/2018 12:45:36 PM UTC  (today)

File size:
86.2 KB (88,256 bytes)

Product version:
10.0.10586.8

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
diagtrackrunner.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\compattel\diagtrackrunner.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
6/4/2015 12:42:45 PM

Valid to:
9/4/2016 12:42:45 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
330000010A2C79AED7797BA6AC00010000010A

File PE Metadata
Compilation timestamp:
11/9/2015 9:58:35 PM

OS version:
10.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
12.10

CTPH (ssdeep):
1536:VLrfIoQDQxgs0Y5eDYVAb8KxLQgSSQlKWy/y:VQ2xgs35eDEAb8KxLQgSdcp/y

Entry address:
0x4B80

Entry point:
48, 83, EC, 28, E8, AB, 05, 00, 00, 48, 83, C4, 28, E9, 0E, FE, FF, FF, CC, CC, CC, CC, CC, CC, FF, 25, 82, 16, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, 51, 54, 00, 00, 75, 10, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 01, C3, 48, C1, C9, 10, E9, 22, 01, 00, 00, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8B, F9, 48, 8B, 05, 68, 5D, 00, 00, 48, 89, 44, 24, 38, 48, 83, F8, FF, 75, 17, 48, 8B, 1D, CE, 15, 00, 00, 48, 8B, CB, FF, 15, 5D...
 
[+]

Entropy:
5.5269

Code size:
18.5 KB (18,944 bytes)

Scheduled Task
Task name:
Microsoft Compatibility Appraiser

Path:
\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser

Trigger:
Daily (Runs daily at 4:37 AM)


There are numerous known versions of diagtrackrunner.exe by Microsoft Corporation.

Clean
diagtrackrunner.exe  10.0.10586.8 (th2_release.151109-1754)  (a6e282d7bf645181e57641c216ab8bbff984c5bf)

Clean
diagtrackrunner.exe  10.0.10586.672 (th2_release_sec.161024-1825)  (a6efcce2b4882ef2ed870b2264681ab3ed55b5c5)

Clean
diagtrackrunner.exe  10.0.10586.633 (th2_release.161004-1602)  (33345f1d3f447ae97c5c1e76d43694a57e4df796)

Clean
diagtrackrunner.exe  10.0.10586.117 (th2_release.160212-2359)  (5ea90ab16cb5d2e30857093ebf43a90ffa957e58)

Clean
diagtrackrunner.exe  10.0.10586.117 (th2_release.160212-2359)  (5ea90ab16cb5d2e30857093ebf43a90ffa957e58)

Clean
diagtrackrunner.exe  10.0.10586.11 (th2_release.151112-1900)  (2d8286ba3c348ce4b1675a14e5d9d59e44fceb06)

Clean
diagtrackrunner.exe  10.0.10586.11 (th2_release.151112-1900)  (3b2f7c31d34934cc7f0a858af52e4c0513341578)

Clean
diagtrackrunner.exe  10.0.10586.0 (th2_release.151029-1700)  (162428fb540630add9cd2bf3f6be96b98cadef89)

Clean
diagtrackrunner.exe  10.0.10558.0 (th2_release.150928-1738)  (afb7948cc03710d2fe9cbb7f11f23a951e0afcff)

Clean
diagtrackrunner.exe  10.0.10525.0 (th2_release.150812-1658)  (620227dec12154730750d35aada4765077dd870d)

Clean
diagtrackrunner.exe  10.0.10240.16423 (th1_st1.150731-1741)  (d63a2422c50cfde2e5f300553d277b20cb0edccc)

Clean
diagtrackrunner.exe  10.0.10240.16399 (th1.150722-1625)  (71a5dc55edf5dc034b2d2c00f4af478ab71dbc25)

Clean
diagtrackrunner.exe  10.0.10240.16384 (th1.150709-1700)  (d6a1f700f0a35db29b0fc714a7cceee8d286f7ca)

Clean
diagtrackrunner.exe  10.0.10240.16384 (th1.150709-1700)  (a641024e93834548fb36feec650266d6551bddc8)

Clean
diagtrackrunner.exe  10.0.10102.0 (winmain_prs.150417-2325)  (7b1865af7bdad57d8a7b349222d709acb12d199a)

Clean
ntdll.dll  (3a2bae6036ff2d23309a7b93ab562494c50df236)

Clean
rsaenh.dll  (a1c8e3e6ee44dcb68752d44b3b6f4ecce89c388d)

Clean
bcryptprimitives.dll  (f76bb1b4d0ad47f68f8381281f87839304c252ea)

Clean
sqmapi.dll  (2fcd13bd14c631279ce4c5fd96b448d4dded5b11)

Clean
wuapi.dll  (46eed9639adc4e9cc6e2f5db5edf992b031928d8)

Clean
wuauclt.exe  (883d5312d7f6bf03ab56761ff110784e4ba2edec)

Clean
wups2.dll  (9a68d7eed00c944a51c8c53caeb3c9e23db6106b)

Clean
fveapi.dll  (1700a976565404226ff0704e4e2d9d8410bc6721)

Clean
wuaueng.dll  (64a55a014a2de34f86f17cfa31c727e270fcd83f)

Clean
dssenh.dll  (e395683841b965d1f224413f2e3339091f51add8)

Clean
dxwebsetup.exe  (3c8243734cf43dd7bb2332ba05b58ccacfa4377c)

Clean
portqryui.exe  (aa59ac1f61e87fd08ae371743b9aa12e16cc9d9a)

Clean
acpi.sys  (54fb26c69829d3f1d0774d4e608327ffefa34d76)

Clean
atapi.sys  (954d59eaeadc36cb19a224a5dddfa1edcfdc49ce)

Clean
clfs.sys  (df95d1fe3fcc8417da0ae9479612b7be398b36a4)

Clean
cng.sys  (c0f3a5bc240d2d26fa7e23bf27dc5a4876ff5296)

Download Reason Core Security - Powerful anti-malware software