efssvc.dll

  • File Path: C:\Windows\system32\efssvc.dll
  • Description: EFS Service

Hashes

Type Hash
MD5 9948F64DC8C831952EF1C4E84A144D33
SHA1 26B8AC2D840934B1CF4CB124D20A65D73F222171
SHA256 2B96E1724E7783B7AC8F9C17F25D31735C75F6CB9C26E3E7D9A2493EA1952F8B
SHA384 44E90D126056DD7327E1CEA851446B346AC49302870B6155896DA8D7BB9FFF672B1AA6F6690C471818BCB88D9FF98405
SHA512 6EC6EF1B728AA30A08EBF8DEA509CBC1CB5140F999FD8B504929273D3CF42B5D9F84BBF1019E71C41566C2C8F87903255AD8009A7609EFAB8F5F71AD8C1AB1B5
SSDEEP 1536:1HzoxAA5GOcs/B9Ygh9mEiQ6VuXkD2nOu+qvi352rIXG2yotf2e67ub9nCsOAu/k:1ECE6FO9rQ5tf2e67ub9nCsOAu/QmVKt
IMP CBCEDE3D4009D18DDF6949F535ABBF5C
PESHA1 68447206907D07F9642E7A92E82814346F508027
PE256 E372083A61E3AB939494B787ACADF613280ABA654E15009EF7B5AC6E6A3CA4CA

DLL Exports:

Function Name Ordinal Type
EfsServiceMain 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: EFSSVC.DLL.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/2b96e1724e7783b7ac8f9c17f25d31735c75f6cb9c26e3e7d9a2493ea1952f8b/detection/

Possible Misuse

The following table contains possible examples of efssvc.dll being misused. While efssvc.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc nukesped_lazarus .efssvc.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.