EtwRundown.dll
- File Path:
C:\Windows\system32\EtwRundown.dll
- Description: Etw Rundown Helper Library
Hashes
| Type |
Hash |
| MD5 |
FF87D34F7D055E8424132A68B1E4F3A2 |
| SHA1 |
31195F03C3CCA9A9AEDB13C1B3A4BCF424D80EFF |
| SHA256 |
1EB48FA0044186D59A6525D0A7D841D7CFF5A7F931393BBCAFBB29792C988B41 |
| SHA384 |
1556E137EA4D7CE93079D94205F856C0CF5113A6DE32678B1D6B06D91C4909618747BDD159761B7DBF212AB2C4B4A294 |
| SHA512 |
ED5D1F194C1C3D3239BE78AD6941E6496B74366F8C08C8827B7CD30514D4892FCEB88AC1A3C583BB5F0D8B17B96D87E4DF31CE10D347ACAE3851361ECA7BB153 |
| SSDEEP |
1536:zmfXYd5rtAE8+4N1EG4zblGikJuwx3yoB9+tiUeSQvO:zmvyr/d4N1EG4zRGik4Yv+toS9 |
| IMP |
D2AB7F62CE046B743B790112F9DCA7F9 |
| PESHA1 |
5FD8D796F62C75CED17489631DD8F8C42B59E232 |
| PE256 |
E5A090A2A31D99633BBE5EA6A88C8078DD75D0B9ADB00C997F8A3D900E5E296D |
DLL Exports:
| Function Name |
Ordinal |
Type |
EtwLogSysConfigRundown |
2 |
Exported Function |
EtwLogHeapRundown |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: etwrundown.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/70
- VirusTotal Link: https://www.virustotal.com/gui/file/1eb48fa0044186d59a6525d0a7d841d7cff5a7f931393bbcafbb29792c988b41/detection/
MIT License. Copyright (c) 2020-2021 Strontic.