ureg.dll
- File Path:
C:\Windows\system32\ureg.dll
- Description: Registry Utility DLL
Hashes
| Type |
Hash |
| MD5 |
BDEDE6BAB31DA696F692C83B3103D55D |
| SHA1 |
9832F19DA8E8DA8E0C4E95D15503F0172B07C523 |
| SHA256 |
CC7126B30F64FC34A926935AE303276D0E729E990F428C667FAC32AF2B67F64F |
| SHA384 |
047FFFD1D41315B9B7BC0F8F967792D16EFD1C86AE6EACF1D0354B57182478F79115E9979177A21D426CA37B02E12717 |
| SHA512 |
A941522C60031D778BB4A36BBDAA236E69355F490D36EC1A87D36EB2A8E956C679ED4896B45915591FF2E22006C4EC7A1679B917CBFFFF759F1F6C15DAA1BB7B |
| SSDEEP |
768:x3ukuHt/hudw7gBWOJQIhm4SJF+10YVb1KCZxd+lm9AR2BqobRZfEQ:8lNA2cBWOJQIhm4yFCS8bnA8BqobXft |
| IMP |
D5D82E33B15E62EBE634510399778633 |
| PESHA1 |
92A35DCCE7E934625767296A289046A5AAAC9827 |
| PE256 |
A6C1C29BA90CF67722DA0206E748BC6CAEC9E846CBB84ED58423975608F82639 |
DLL Exports:
| Function Name |
Ordinal |
Type |
REGISTRY::RestoreKeyFromFile |
23 |
Exported Function |
REGISTRY::SaveKeyToFile |
24 |
Exported Function |
REGISTRY::SetKeySecurity |
25 |
Exported Function |
REGISTRY::QueryKeySecurity |
20 |
Exported Function |
REGISTRY::QuerySubKeysInfo |
21 |
Exported Function |
REGISTRY::QueryValues |
22 |
Exported Function |
REGISTRY::UnLoadHive |
26 |
Exported Function |
public: virtual __cdecl REGISTRY::~REGISTRY(void) __ptr64 |
4 |
Exported Function |
public: virtual __cdecl REGISTRY_KEY_INFO::~REGISTRY_KEY_INFO(void) __ptr64 |
5 |
Exported Function |
public: virtual __cdecl REGISTRY_VALUE_ENTRY::~REGISTRY_VALUE_ENTRY(void) __ptr64 |
6 |
Exported Function |
REGISTRY::UpdateKeyInfo |
27 |
Exported Function |
REGISTRY_KEY_INFO::Initialize |
15 |
Exported Function |
REGISTRY_VALUE_ENTRY::Initialize |
16 |
Exported Function |
REGISTRY::QueryKeyInfo |
19 |
Exported Function |
REGISTRY::AddValueEntry |
7 |
Exported Function |
REGISTRY::CreateKey |
8 |
Exported Function |
REGISTRY::DeleteKey |
9 |
Exported Function |
REGISTRY::REGISTRY |
1 |
Exported Function |
REGISTRY_KEY_INFO::REGISTRY_KEY_INFO |
2 |
Exported Function |
REGISTRY_VALUE_ENTRY::REGISTRY_VALUE_ENTRY |
3 |
Exported Function |
REGISTRY::DeleteValueEntry |
10 |
Exported Function |
REGISTRY::Initialize |
14 |
Exported Function |
REGISTRY::IsAccessAllowed |
17 |
Exported Function |
REGISTRY::LoadHive |
18 |
Exported Function |
REGISTRY::DoesKeyExist |
11 |
Exported Function |
REGISTRY::DoesValueExist |
12 |
Exported Function |
REGISTRY::EnableRootNotification |
13 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: ureg.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/cc7126b30f64fc34a926935ae303276d0e729e990f428c667fac32af2b67f64f/detection/
MIT License. Copyright (c) 2020-2021 Strontic.