EventAggregation.dll
- File Path:
C:\Windows\system32\EventAggregation.dll
- Description: Event Aggregation User Mode Library
Hashes
| Type |
Hash |
| MD5 |
334C85560A446B765CF56BDE471759DD |
| SHA1 |
B2E36F43E6729B09961170A05452B4DB98A9B134 |
| SHA256 |
C3135EAD3A6229FE815DABB6560E529B652E4711FDFD732B39C5970BD023D0B6 |
| SHA384 |
BDC5C9E2B78C2079412E2454E0A3641E8639F8860A5E49CC25E05285F8931CB74660EAC3FCCEDBB10269640B933E52C1 |
| SHA512 |
234167F89FB2C2D78BA3C0361B4352A68015568992E33AB461579E7E59558330949E3A9A85ECB412C65D5C7FE1E74561636A3EB03189ABC85F7F2F6EBD9C4522 |
| SSDEEP |
1536:1ksAW5n7UYKO47TC2t1km92knTn1GhKc86:sW57UYtBm1kmsknTn1kKS |
| IMP |
74742BDAB2F59D103E384D350219AC62 |
| PESHA1 |
1746DD68FA689AE81D7297A1C21D9A0B747FE4FF |
| PE256 |
968880AAF929D896506936C9F86A2FB5159A357CAB55733AFF1132E26C2AF0D2 |
DLL Exports:
| Function Name |
Ordinal |
Type |
EaEncodeBrokeredEvent |
25 |
Exported Function |
EaEnableAggregatedEvent |
24 |
Exported Function |
EaFreeAggregatedEventParameters |
26 |
Exported Function |
EAEnumerateAggregateEvents |
15 |
Exported Function |
EADeleteAggregateEvent |
14 |
Exported Function |
EaDeleteAggregatedEventParameters |
21 |
Exported Function |
EaDisableAggregatedEvent |
23 |
Exported Function |
EaDeleteAggregation |
22 |
Exported Function |
EAQueryAggregateEventData |
16 |
Exported Function |
EaQueryAggregateEventConditionState |
29 |
Exported Function |
EaStoreAggregatedEventParameters |
33 |
Exported Function |
EaSignalAggregatedEvent |
32 |
Exported Function |
EaGetAggregation |
28 |
Exported Function |
EaFreeBuffer |
27 |
Exported Function |
EaQueryAggregatedEventParameters |
31 |
Exported Function |
EaQueryAggregatedEvent |
30 |
Exported Function |
EaDeleteAggregatedEvent |
20 |
Exported Function |
BriFreeRpcBuffer |
6 |
Exported Function |
BriDeleteBrokeredEvent |
5 |
Exported Function |
BriIsBrokerRegistered |
8 |
Exported Function |
BriGetBrokerAvailabilityChangeStamp |
7 |
Exported Function |
BriCleanup |
2 |
Exported Function |
BriAllocateRpcBuffer |
1 |
Exported Function |
BriCreateBrokeredEventEx |
4 |
Exported Function |
BriCreateBrokeredEvent |
3 |
Exported Function |
EACreateAggregateEvent |
13 |
Exported Function |
EaCreateAggregatedEvent |
17 |
Exported Function |
EaDecodeBrokeredEvent |
19 |
Exported Function |
EaCreateAggregation |
18 |
Exported Function |
BriResolveBrokerIdByEventId |
10 |
Exported Function |
BriRegisterToBrokerAvailability |
9 |
Exported Function |
BriUnregisterFromBrokerAvailability |
12 |
Exported Function |
BriSignalBrokeredEvent |
11 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: EventAggregation.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/c3135ead3a6229fe815dabb6560e529b652e4711fdfd732b39c5970bd023d0b6/detection/
MIT License. Copyright (c) 2020-2021 Strontic.