qwave.dll
- File Path:
C:\Windows\system32\qwave.dll
- Description: Windows NT
Hashes
| Type |
Hash |
| MD5 |
2F3808790D517E5E5E6ABF7177875C02 |
| SHA1 |
5690054FE27264FB5C12592D290F070CA1EC48BE |
| SHA256 |
BE1A79A6498697EB86FC29638324A853197B49BC06AE3EB1130793F710926998 |
| SHA384 |
B30BE1B1D0BCACBADB654C078C5368B6700B59F6622153679C1748B24CD2A5B8E459F69E9E1565AA7A83B6AF88F8A2BE |
| SHA512 |
787F6A8E706F8A9677F1E9E1293AAE54329403111BE3B1CF9D64D6E58A329599629023015EA7C7F691C460CB8B0E8E80A997CE16A3DACD056605EEB2131407CC |
| SSDEEP |
6144:9jRF9HmKA4BSyotU+HKTGym2+KkIsTr5KrWLlJ:R97BaUMKFdsKaLlJ |
| IMP |
7CF129EA31EDC7FD6556FC515B3B1377 |
| PESHA1 |
BA2E2C8B5245CB63A2080D8EF7FC28E1F043B771 |
| PE256 |
F1B5EBF14A062C3BE89986719F77F56D1DCB21940DBB95EBF6A186B007C73F8C |
DLL Exports:
| Function Name |
Ordinal |
Type |
QOSRemoveSocketFromFlow |
10 |
Exported Function |
QOSQueryFlow |
9 |
Exported Function |
QOSNotifyFlow |
8 |
Exported Function |
QOSSetFlow |
11 |
Exported Function |
ServiceMain |
14 |
Exported Function |
QOSStopTrackingClient |
13 |
Exported Function |
QOSStartTrackingClient |
12 |
Exported Function |
QOSAddSocketToFlow |
3 |
Exported Function |
QDLHStartDiagnosingPath |
2 |
Exported Function |
QDLHPathDiagnostics |
1 |
Exported Function |
QOSCancel |
4 |
Exported Function |
QOSEnumerateFlows |
7 |
Exported Function |
QOSCreateHandle |
6 |
Exported Function |
QOSCloseHandle |
5 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: qwave.dll.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/be1a79a6498697eb86fc29638324a853197b49bc06ae3eb1130793f710926998/detection/
MIT License. Copyright (c) 2020-2021 Strontic.