wbemcntl.dll

  • File Path: C:\Windows\SysWOW64\wbem\wbemcntl.dll
  • Description: WMI Control

Hashes

Type Hash
MD5 71797B2BDC1615C0546726E2D9120A75
SHA1 6406780E987738506CAB0292CCAA924CC24A3F76
SHA256 E4BFF7DBAE4C585A5A20FC8B77FAB4CC72F685988E170367FB2A4CF59C56B99B
SHA384 166BEDA7818207797D031EC9684013DCD25FC0353F4A08BAC040FEE1F22B3E3B9632BD7F6CE5A05D6E469F5C2FE5A24F
SHA512 84276ED39A437EEC22DF43339B270240F4F836EBFCDE1FE9F56A27266C26BE233237F05B2E238D37C4D18DA3C9DDB800FF23DC9DAE796FEF6C0667E9B5BDC335
SSDEEP 3072:7+XeNl9Zk4JfNnvqZ+SMNdnBwDThhIPFJRAhP2EAeB/0Q1UJMifve3KWfb/rsB7J:7cmvt1lSMNdBwDTODePv0hJM4v1WkB
IMP 8748348CAAD74E0E6F598A70A58B2104
PESHA1 5A14357F832BEBB6DEDB9CDE421D862B2EA8667A
PE256 47A90A9E5537E5140CC88BE21DFAB9B14A3B796693DD9DCA45A87D1003D6BA22

DLL Exports:

Function Name Ordinal Type
DllRegisterServer 3 Exported Function
DllUnregisterServer 4 Exported Function
DllCanUnloadNow 1 Exported Function
DllGetClassObject 2 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: wbemcntl.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/e4bff7dbae4c585a5a20fc8b77fab4cc72f685988e170367fb2a4cf59c56b99b/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\wbem\wbemcntl.dll 50
C:\Windows\system32\wbem\wbemtest.exe 41
C:\Windows\system32\wbem\wbemtest.exe 35
C:\windows\system32\wbem\wbemtest.exe 35
C:\WINDOWS\system32\wbem\wbemtest.exe 30
C:\Windows\system32\wbem\wbemtest.exe 25
C:\windows\system32\wbem\WinMgmt.exe 35
C:\Windows\system32\wbem\WinMgmt.exe 35
C:\WINDOWS\system32\wbem\WinMgmt.exe 36
C:\Windows\system32\wbem\WinMgmt.exe 40
C:\Windows\system32\wbem\WinMgmt.exe 35
C:\WINDOWS\system32\wbem\WinMgmt.exe 35
C:\Windows\system32\wbem\WinMgmt.exe 38
C:\Windows\system32\wbem\WinMgmt.exe 35
C:\Windows\system32\wbem\WinMgmt.exe 35
C:\Windows\SysWOW64\wbem\WinMgmt.exe 35
C:\WINDOWS\SysWOW64\wbem\WinMgmt.exe 38
C:\Windows\SysWOW64\wbem\WinMgmt.exe 36
C:\WINDOWS\SysWOW64\wbem\WinMgmt.exe 40
C:\windows\SysWOW64\wbem\WinMgmt.exe 33
C:\Windows\SysWOW64\wbem\WinMgmt.exe 36

MIT License. Copyright (c) 2020-2021 Strontic.