bi.dll

  • File Path: C:\Windows\system32\bi.dll
  • Description: Background Broker Infrastructure Client Library

Hashes

Type Hash
MD5 27F7F3675F965E0F199C64D7643DC85D
SHA1 B1E9A798C03B50CD6A3CEA77BFC70607B542CDD4
SHA256 1F41F656C55923B63DF2F15E39F416F0823C17CADC741B82EAEFEE852A2E8E4C
SHA384 E05AE781BB364EFD058AA114043B5636F612304AEC7FAD2D340ED8B9E98BB1E48093F9E6C4B5770A015095EBDD551886
SHA512 F9BF8D6AE98C10B6E3871695BE0D518C28969AAE2ABFBD4046854D3A6028B7F8A1D70A59140297696D9DF6A4ECC25B9F52C9713F28533D336D0D7CA449815F1B
SSDEEP 768:rP/tHJFa8K0YBS+3xzPKPNoJztpoU9iSKhtcqq:bwzfVXK4
IMP ABD24111697337A3A339D9AE98BA129B
PESHA1 F6D119ED6D41125BAE2242248A56583A6A3FCB70
PE256 CF7AE6C26EF06CC17E59E456382A6BA3A14C2F639217F1AA6348E353698BC071

DLL Exports:

Function Name Ordinal Type
BiQueryUserSession 23 Exported Function
BiQueryUserContext 22 Exported Function
BiQueryWorkItemEx 25 Exported Function
BiQueryWorkItem 24 Exported Function
BiFreeMemory 19 Exported Function
BiEnumerateWorkItemsForPackageNameEx 18 Exported Function
BiQuerySystemStateBroadcastChannels 21 Exported Function
BiQueryBrokeredEvent 20 Exported Function
BiQueryWorkItemStatusStateName 26 Exported Function
BiUpdateEventFlags 32 Exported Function
BiSignalTriggerEventEx 31 Exported Function
BiUpdateEventParameters 34 Exported Function
BiUpdateEventInformation 33 Exported Function
BiSignalEventEx 28 Exported Function
BiSignalEvent 27 Exported Function
BiSignalTriggerEvent 30 Exported Function
BiSignalMultipleEvents 29 Exported Function
BiAssociateApplicationExtensionClass 6 Exported Function
BiAssociateActivationProxy 5 Exported Function
BiCancelWorkItemEx 8 Exported Function
BiCancelWorkItem 7 Exported Function
BiActivateInBackground 2 Exported Function
BiActivateDeferredWorkItem 1 Exported Function
BiActivateWorkItem 4 Exported Function
BiActivateInBackgroundEx 3 Exported Function
BiCreateEvent 9 Exported Function
BiEnumerateUserContexts 15 Exported Function
BiEnumerateBrokeredEvents 14 Exported Function
BiEnumerateWorkItemsForPackageName 17 Exported Function
BiEnumerateUserSessions 16 Exported Function
BiDeleteEvent 11 Exported Function
BiCreateEventForPackageName 10 Exported Function
BiDiscardPendingActivations 13 Exported Function
BiDisassociateWorkItem 12 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 330000026551AE1BBD005CBFBD000000000265
  • Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: bi.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/1f41f656c55923b63df2f15e39f416f0823c17cadc741b82eaefee852a2e8e4c/detection/

MIT License. Copyright (c) 2020-2021 Strontic.