wecapi.dll
- File Path:
C:\Windows\SysWOW64\wecapi.dll
- Description: Event Collector Configuration API
Hashes
| Type |
Hash |
| MD5 |
7224EF4BDD1DD1905B00077412927DC4 |
| SHA1 |
7BD141993864CDF39C45021AC7274E9FFB282CFB |
| SHA256 |
C889F14DF63A6124C18CFF54A93FA4FE2E3C548C442AB53816673A097066E796 |
| SHA384 |
A07A5C0012557A5B8C3AA3A7EE5BBD7DEAAA99BAB3F555CCD7259DA9A0372622842A51FC37DA6FB231A4770731D928B9 |
| SHA512 |
61200326049AF8C98C98B6EA5D11FBB2DA383808A3E9C74D08651FA2ABAC4AD83DF9E3EE89FD79600A200935D79D78F15A015E08CE2966038F7BCE5C1A0ADCFB |
| SSDEEP |
768:MexlUidokhzFbpkacnGtNDKgm7R97b6ovFe3qu619JGK63oaPRl2N5HLcBaZA:B+imwIGnDKgqX/6ovFe6u/ROHLcB |
| IMP |
C071B3D25E5D74D425D9B019CF0600C3 |
| PESHA1 |
6F76C21A98B235A2E69E168C0C740B0D48980E2A |
| PE256 |
66D88B4F39ECCDF480677DA62C83EA76BDF2A2B99265DD965F82592D7160560F |
DLL Exports:
| Function Name |
Ordinal |
Type |
EcQuickConfig |
2 |
Exported Function |
EcRemoveObjectArrayElement |
13 |
Exported Function |
EcOpenSubscription |
11 |
Exported Function |
EcOpenSubscriptionEnum |
12 |
Exported Function |
EcSetObjectArrayProperty |
16 |
Exported Function |
EcSetSubscriptionProperty |
17 |
Exported Function |
EcRetrySubscription |
14 |
Exported Function |
EcSaveSubscription |
15 |
Exported Function |
EcIsConfigRequired |
1 |
Exported Function |
EcEnumNextSubscription |
5 |
Exported Function |
EcGetObjectArrayProperty |
6 |
Exported Function |
EcClose |
3 |
Exported Function |
EcDeleteSubscription |
4 |
Exported Function |
EcGetSubscriptionRunTimeStatus |
9 |
Exported Function |
EcInsertObjectArrayElement |
10 |
Exported Function |
EcGetObjectArraySize |
7 |
Exported Function |
EcGetSubscriptionProperty |
8 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: WecApi.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/c889f14df63a6124c18cff54a93fa4fe2e3c548c442ab53816673a097066e796/detection/
MIT License. Copyright (c) 2020-2021 Strontic.