EtwRundown.dll
- File Path:
C:\Windows\SysWOW64\EtwRundown.dll
- Description: Etw Rundown Helper Library
Hashes
| Type |
Hash |
| MD5 |
0D6E3AE5BB99AF2DAB93E5F668272091 |
| SHA1 |
B580D5606791F4E6D5C6A8E597F814C2E1BCACC8 |
| SHA256 |
7614E95CDB37E74D181603AB09B12F4D721AB1E27867ABADEBD0CA0740B692E5 |
| SHA384 |
984A98787B2D6FE3D0B08B932F1CF5DC2D40FA0E549D1827A4A6736AB38F50399C6D846F1D777A61635DE4FC8B101680 |
| SHA512 |
681B3C63CF1FDBE994FB82DAA4F9616DCFC693F33ED1F0FDD0B4A7A115014B756FF594C3607EC92EFB038E860CEBCEC04B094AA54743722FDA82846266E343EB |
| SSDEEP |
768:SgJr4FIb63lIOLoMjydkcJ6cbD/+vicm2v4Ef5g2wc0xZSQNMqFZGUeShPGeH2B:dyoMjTaPr0g2wdxQQe4eSLH2B |
| IMP |
D20E2ECFFD3819A0D297448009C5E4B5 |
| PESHA1 |
66416426DF7F2E50D8D94BD20ACFC364F8EE82E0 |
| PE256 |
AD18064CDB88DAE1722C322EF4EB745275E80DCFC577561F42535E1186ACC03F |
DLL Exports:
| Function Name |
Ordinal |
Type |
EtwLogSysConfigRundown |
2 |
Exported Function |
EtwLogHeapRundown |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: etwrundown.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/7614e95cdb37e74d181603ab09b12f4d721ab1e27867abadebd0ca0740b692e5/detection/
MIT License. Copyright (c) 2020-2021 Strontic.