RemoveDeviceElevated.dll
- File Path:
C:\Windows\system32\RemoveDeviceElevated.dll
- Description: RemoveDeviceElevated Proxy Dll
Hashes
| Type |
Hash |
| MD5 |
D6EBA5853FBC0D8F3BDD7E95EC8D74D1 |
| SHA1 |
AD2F2A9EACC5E401BBFD43D92B4E60095EF17F6A |
| SHA256 |
6035AB5DB70283C4EC3BAE87DF46430D13415308F4B671AF80C3E310ECBEAB77 |
| SHA384 |
8E49CAF30142B306178248C19100974D02ECC20A276288BF711CAB71F90AB9120F4F6ADFFF6C88EF5D1164B83DDCAD95 |
| SHA512 |
6FD67E505B820FB3A567810FB72A6B3D7CA204B9F1E3C6CB9280C2245A1F809ABB01E1626B2E1381B341EB02312D27478F87F8043139A09C2D9BB1E2549DB616 |
| SSDEEP |
192:Od38LN7ELhgQv2jO7mMD/O9q+YKk5Wa43dVQw+AJ+w7pdr6EcCYGowgYysWZWeJG:koK1gpmmkv+Y8V+wvrfYvpZWeJWDT |
| IMP |
EC671CB20C7062FA83EEC63CBF10CA92 |
| PESHA1 |
83235F9000FFD930363FBED515F7CFA60E5370BD |
| PE256 |
8C92E0A911C562C8BE37E2C8E2DB3A723B9D92A729BF26040F3BF3D4483AE00B |
DLL Exports:
| Function Name |
Ordinal |
Type |
DllUnregisterServer |
4 |
Exported Function |
GetProxyDllInfo |
5 |
Exported Function |
DllRegisterServer |
3 |
Exported Function |
DllCanUnloadNow |
1 |
Exported Function |
DllGetClassObject |
2 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: RemoveDeviceElevated.dll.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/6035ab5db70283c4ec3bae87df46430d13415308f4b671af80c3e310ecbeab77/detection/
MIT License. Copyright (c) 2020-2021 Strontic.