wecapi.dll
- File Path:
C:\Windows\system32\wecapi.dll
- Description: Event Collector Configuration API
Hashes
| Type |
Hash |
| MD5 |
0EE1DC7219F21968B47418B8C33CFBEB |
| SHA1 |
3EF277DEA49E849707F4281898E41D8760A55633 |
| SHA256 |
AE5DD76D77BB5DFEEFB19581498F6E82323D878B64FEABF15C3C479E85BB9751 |
| SHA384 |
DD5946E57A97C90ADD719BD0DB7320B05AC75EA71C93101A839899CB74C7D0B47062DC17D2072619CE9571B32FD24CC5 |
| SHA512 |
8BA6CF76BDDABDBF3191DE16791D425762D47C5C784430D59B9A6AA07F2B1DACCE8B9FF255F4DE5B6C73B5CAF2ADAA056200C0081DB9DA13229CA7CA05B98D6C |
| SSDEEP |
1536:PR4NsKQnVUSLqSu+qdnc5JswX4fOl3PQwla84+Cv8hLnvIOvCe:PR4SBGfnc5JskoOll4L+Cv8hzJ6 |
| IMP |
0DF147F7AD048313F44FF701F475ED98 |
| PESHA1 |
6B9DF2D1EBB610AB41205D4D7E6842190FCE2364 |
| PE256 |
A7DF13958513AF1F69C5521E0695D340CE92F5BCB7E01240CFA82AFE0F6F6D78 |
DLL Exports:
| Function Name |
Ordinal |
Type |
EcQuickConfig |
2 |
Exported Function |
EcRemoveObjectArrayElement |
13 |
Exported Function |
EcOpenSubscription |
11 |
Exported Function |
EcOpenSubscriptionEnum |
12 |
Exported Function |
EcSetObjectArrayProperty |
16 |
Exported Function |
EcSetSubscriptionProperty |
17 |
Exported Function |
EcRetrySubscription |
14 |
Exported Function |
EcSaveSubscription |
15 |
Exported Function |
EcIsConfigRequired |
1 |
Exported Function |
EcEnumNextSubscription |
5 |
Exported Function |
EcGetObjectArrayProperty |
6 |
Exported Function |
EcClose |
3 |
Exported Function |
EcDeleteSubscription |
4 |
Exported Function |
EcGetSubscriptionRunTimeStatus |
9 |
Exported Function |
EcInsertObjectArrayElement |
10 |
Exported Function |
EcGetObjectArraySize |
7 |
Exported Function |
EcGetSubscriptionProperty |
8 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WecApi.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/ae5dd76d77bb5dfeefb19581498f6e82323d878b64feabf15c3c479e85bb9751/detection/
MIT License. Copyright (c) 2020-2021 Strontic.