wevtapi.dll
- File Path:
C:\Windows\SysWOW64\wevtapi.dll
- Description: Eventing Consumption and Configuration API
Hashes
| Type |
Hash |
| MD5 |
242C77077405305295308319527B9EE9 |
| SHA1 |
FF42ADE0170F7B1256AF0DE2425477EC821B951E |
| SHA256 |
76680F5A1166DFF888DA051192C0FC16EDA5CF2CC34B241C3F22A3F14805B6AC |
| SHA384 |
BA3F274B3C0C0FEE54123E304A79B1A9C8BBAEFF983A663B278785770FBDB69FFFDD7ED6A6D1CCAD456A76ACB7034E82 |
| SHA512 |
DC59FA6942D41366FCD1E82532DDE17B8A70414A2B70C6100EC0B76E3200D8DBE8F3EFE6F6DC8C88D5F040D8F273BBD567F3877EA4368F4A3D52825ABF1337AF |
| SSDEEP |
6144:egfjDrdCm3UvBWOyFS5jJ9BtMIWRTGhtJ5foXmT+6s7w2x8v:LjDAm3UkrS59P0T4T5fzT27w2xs |
| IMP |
E3D7AE7AB3152F3647BBFA118EF216E5 |
| PESHA1 |
D20C5CA7F6074BE3FDE3A4249F3E2F9443A21156 |
| PE256 |
3C9C4CE44628440E8CE13A4A230491B37B38FDDB3AAE1989B98B362FA73CE251 |
DLL Exports:
| Function Name |
Ordinal |
Type |
EvtNextPublisherId |
31 |
Exported Function |
EvtNextEventMetadata |
30 |
Exported Function |
EvtOpenChannelConfig |
32 |
Exported Function |
EvtOpenEventMetadataEnum |
34 |
Exported Function |
EvtOpenChannelEnum |
33 |
Exported Function |
EvtNextChannelPath |
29 |
Exported Function |
EvtIntRetractConfig |
26 |
Exported Function |
EvtIntReportEventAndSourceAsync |
25 |
Exported Function |
EvtIntSysprepCleanup |
1 |
Exported Function |
EvtNext |
28 |
Exported Function |
EvtIntWriteXmlEventToLocalLogfile |
27 |
Exported Function |
EvtSeek |
42 |
Exported Function |
EvtSaveChannelConfig |
41 |
Exported Function |
EvtSetChannelConfigProperty |
43 |
Exported Function |
EvtUpdateBookmark |
45 |
Exported Function |
EvtSubscribe |
44 |
Exported Function |
EvtRender |
40 |
Exported Function |
EvtOpenPublisherEnum |
36 |
Exported Function |
EvtOpenLog |
35 |
Exported Function |
EvtOpenPublisherMetadata |
37 |
Exported Function |
EvtQuery |
39 |
Exported Function |
EvtOpenSession |
38 |
Exported Function |
EvtIntReportAuthzEventAndSourceAsync |
24 |
Exported Function |
EvtFormatMessage |
9 |
Exported Function |
EvtExportLog |
8 |
Exported Function |
EvtGetChannelConfigProperty |
10 |
Exported Function |
EvtGetEventMetadataProperty |
12 |
Exported Function |
EvtGetEventInfo |
11 |
Exported Function |
EvtCreateRenderContext |
7 |
Exported Function |
EvtCancel |
3 |
Exported Function |
EvtArchiveExportedLog |
2 |
Exported Function |
EvtClearLog |
4 |
Exported Function |
EvtCreateBookmark |
6 |
Exported Function |
EvtClose |
5 |
Exported Function |
EvtIntCreateBinXMLFromCustomXML |
20 |
Exported Function |
EvtIntAssertConfig |
19 |
Exported Function |
EvtIntCreateLocalLogfile |
21 |
Exported Function |
EvtIntRenderResourceEventTemplate |
23 |
Exported Function |
EvtIntGetClassicLogDisplayName |
22 |
Exported Function |
EvtGetQueryInfo |
18 |
Exported Function |
EvtGetLogInfo |
14 |
Exported Function |
EvtGetExtendedStatus |
13 |
Exported Function |
EvtGetObjectArrayProperty |
15 |
Exported Function |
EvtGetPublisherMetadataProperty |
17 |
Exported Function |
EvtGetObjectArraySize |
16 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wevtapi.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/76680f5a1166dff888da051192c0fc16eda5cf2cc34b241c3f22a3f14805b6ac/detection/
MIT License. Copyright (c) 2020-2021 Strontic.