KrnlProv.dll
- File Path:
C:\Windows\system32\wbem\KrnlProv.dll
- Description: WMI
Hashes
| Type |
Hash |
| MD5 |
72B17879A47B162CB3BF56CE748D5C95 |
| SHA1 |
6D72FD456B3831DCA5D895F5D6BBE9222989443C |
| SHA256 |
F387066B90D99986B4E4B26EE261408DDA955572E04D4FAC8CC211509E6A95CD |
| SHA384 |
EA39C282D13FFC0EEBAE7DA11FFCC8BE513A147F0E661FF93CE3A2D09D06174CC73EBCACD86FC67DE90DA5B8F06104A8 |
| SHA512 |
47B171B8814868B677742A2FC2D7D53CFE6F39764EA5567A97562AC26BA11620C070BD0A8F84D1C28F8620E277B3E999CB3DD8ED7C70F9F729B352E473D56261 |
| SSDEEP |
1536:dotEduywEwegME2Cu8zLs//WgZVSMHhvQsX+1joNVPYCewpY:dpduyae9Epus4//WgZsMH9fX+iVPZJu |
| IMP |
DCBD2CB7EB1C63100A5291A64E296B6B |
| PESHA1 |
AA5F9AA4E88986036760217E23BE48197827963A |
| PE256 |
3A4E1018728DFF5744A9BB8C1218E70E5E33B6BA6D1592E7C1C72330E151C7A5 |
DLL Exports:
| Function Name |
Ordinal |
Type |
DllRegisterServer |
3 |
Exported Function |
DllUnregisterServer |
4 |
Exported Function |
DllCanUnloadNow |
1 |
Exported Function |
DllGetClassObject |
2 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: krnlprov.dll.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/f387066b90d99986b4e4b26ee261408dda955572e04d4fac8cc211509e6a95cd/detection/
MIT License. Copyright (c) 2020-2021 Strontic.