eventcls.dll
- File Path:
C:\Windows\system32\eventcls.dll
- Description: Microsoft Volume Shadow Copy Service event class
Hashes
| Type |
Hash |
| MD5 |
21C01D097B8727EE90404951477633D5 |
| SHA1 |
9FB342CE155D4F87E4597484F7B23114671705C4 |
| SHA256 |
BED07C1966CBE2B309F4C6384B9DE374F8297FAB3BB8F24AF78D388325D0670A |
| SHA384 |
BD56D69B8D8B38164F72F38F7079F898EC03952D3BDC162233A75B20D148445C7D6BC2C947F04DCB3930109C22F3144C |
| SHA512 |
0038C649499065A10A395C918C52D75EC6016E2BFF44054EDD5A4675B8930A4B9EEA7670F0C3FF2B210E7109B0419B84A5CA13BB3C6E21D3851D02E7D0AB29EA |
| SSDEEP |
384:XB83XWQvdeZaToBM8hSvnMsSXDyQVWqYpW5R:x8maCmjqyPi |
| IMP |
442C4FB355E9C7E5F4C63AEF4452D640 |
| PESHA1 |
E633C6F0BAA6F0E234720EBF5A6592FC681FC027 |
| PE256 |
FCF15ED70CB31D65689A1619F972637AEE5426DC5C68CC2685C371AFCCF12BA6 |
DLL Exports:
| Function Name |
Ordinal |
Type |
DllRegisterServer |
3 |
Exported Function |
DllUnregisterServer |
4 |
Exported Function |
DllCanUnloadNow |
1 |
Exported Function |
DllGetClassObject |
2 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: EVENTCLS.DLL
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/bed07c1966cbe2b309f4c6384b9de374f8297fab3bb8f24af78d388325d0670a/detection/
MIT License. Copyright (c) 2020-2021 Strontic.