- File Path:
C:\Windows\system32\WinHvPlatform.dll
- Description: Hyper-V Hypervisor User-Mode API Library
Hashes
| Type |
Hash |
| MD5 |
960AA305FB6AE1A7C522FD1050682106 |
| SHA1 |
7E2ACCACCECFAEC8D8569516E7976CBBABF92D6A |
| SHA256 |
6ADAB2AAA5CE7A227835B3477D532116D5929558F178FB662D607CFF7F4ED861 |
| SHA384 |
0019CF936BABDE23DDA4FADE1164EB5058C59B5C07BB6CFD86CED8DB40C4B492A21029AAA4BE6C38AE1AF455D23DBE9F |
| SHA512 |
ABCDCBEDEAF5B919B5359BC56CC860FBD606B050291B74C4A757D6C54F1F25C781D8A8E1969BB6E18234DE47FDBE79F2EDEC1778F7072AA5571639A19EE89D6B |
| SSDEEP |
3072:VD+Dbz6i0zG9hJnxVZW7ZWLwSfScVzpX9CziYJS:VDcb+FzwhJxrW7Ew/K4iYJ |
| IMP |
64C9FDBC9119671F27649B41ECB9C51F |
| PESHA1 |
E4C882F4212D993AB8CD1218452ADE578B4E8723 |
| PE256 |
ECA8A67A025B82B52356E1DDAEA702E53AF7CABADC2DF82B570EC051511B5F74 |
DLL Exports:
| Function Name |
Ordinal |
Type |
WHvSetPartitionProperty |
20 |
Exported Function |
WHvSetupPartition |
25 |
Exported Function |
WHvSetVirtualProcessorInterruptControllerState |
21 |
Exported Function |
WHvRunVirtualProcessor |
19 |
Exported Function |
WHvRegisterPartitionDoorbellEvent |
16 |
Exported Function |
WHvRequestInterrupt |
17 |
Exported Function |
WHvResumePartitionTime |
18 |
Exported Function |
WHvTranslateGva |
27 |
Exported Function |
WHvUnmapGpaRange |
28 |
Exported Function |
WHvUnregisterPartitionDoorbellEvent |
29 |
Exported Function |
WHvSuspendPartitionTime |
26 |
Exported Function |
WHvSetVirtualProcessorInterruptControllerState2 |
22 |
Exported Function |
WHvSetVirtualProcessorRegisters |
23 |
Exported Function |
WHvSetVirtualProcessorXsaveState |
24 |
Exported Function |
WHvQueryGpaRangeDirtyBitmap |
15 |
Exported Function |
WHvDeleteVirtualProcessor |
5 |
Exported Function |
WHvGetCapability |
6 |
Exported Function |
WHvGetPartitionCounters |
7 |
Exported Function |
WHvDeletePartition |
4 |
Exported Function |
WHvCancelRunVirtualProcessor |
1 |
Exported Function |
WHvCreatePartition |
2 |
Exported Function |
WHvCreateVirtualProcessor |
3 |
Exported Function |
WHvGetVirtualProcessorRegisters |
12 |
Exported Function |
WHvGetVirtualProcessorXsaveState |
13 |
Exported Function |
WHvMapGpaRange |
14 |
Exported Function |
WHvGetVirtualProcessorInterruptControllerState2 |
11 |
Exported Function |
WHvGetPartitionProperty |
8 |
Exported Function |
WHvGetVirtualProcessorCounters |
9 |
Exported Function |
WHvGetVirtualProcessorInterruptControllerState |
10 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WinHvApi.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.264 (WinBuild.160101.0800)
- Product Version: 10.0.19041.264
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/6adab2aaa5ce7a227835b3477d532116d5929558f178fb662d607cff7f4ed861/detection/
MIT License. Copyright (c) 2020-2021 Strontic.