eventcls.dll
- File Path:
C:\Windows\SysWOW64\eventcls.dll
- Description: Microsoft Volume Shadow Copy Service event class
Hashes
| Type |
Hash |
| MD5 |
9C454265A35CCA4E3F17852C3548DC0A |
| SHA1 |
3994DE35CADFC0910E5A0CFE37C59CAD4CD01D52 |
| SHA256 |
A047E468D560FC20A4FCB48A5151DE835F6DD90AA043259FE53C85D46D9A54B4 |
| SHA384 |
646BA8F052738F39B72B66B947F2A2D7C00001AC1A5C8E6E1AA631E1A257F118C68613375136EEF9C697BF038619EE18 |
| SHA512 |
5D8A47CA092F3720264500A7127BFBA8E7B526AF6E3706937F1F1234FEEC362DEA1BA4A2CC25EEC516899BCCB934F2CD8B21F9E581678150F7832C25888F9162 |
| SSDEEP |
192:TbwQ/lv53ovkJ6++I6sW9OAmdhjhXkEccyEWqYpWFpBlI:TnxykJ6++I6sW9S1hXnyEWqYpWllI |
| IMP |
CAA128EDB18F97FAA562148FCAADEE8B |
| PESHA1 |
48F420FA3CF168D7528A4A3A1CC0FD13E36BB287 |
| PE256 |
C62137874B67E691CF51FA02EBDDE176AEAACE3DB5AB786532FD3238BECA2EEC |
DLL Exports:
| Function Name |
Ordinal |
Type |
DllRegisterServer |
3 |
Exported Function |
DllUnregisterServer |
4 |
Exported Function |
DllCanUnloadNow |
1 |
Exported Function |
DllGetClassObject |
2 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: EVENTCLS.DLL
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/a047e468d560fc20a4fcb48a5151de835f6dd90aa043259fe53c85d46d9a54b4/detection/
MIT License. Copyright (c) 2020-2021 Strontic.