wevtapi.dll
- File Path:
C:\Windows\system32\wevtapi.dll
- Description: Eventing Consumption and Configuration API
Hashes
| Type |
Hash |
| MD5 |
2E348C158CFF19C9CE5E79E9B32C3825 |
| SHA1 |
32CC26E16B9D5A90DE232043001862CD4B28116A |
| SHA256 |
2EAA6C7F08331BC24CAE6F68D5E99BA0050AB293D9B8FC935074E1E0D9758F5F |
| SHA384 |
D0B3DC51077258BEB2699176420A66934C3CBD60254934D6F9A93739E7FFCC0102E51DE29CBA100E275D12DA52740168 |
| SHA512 |
F330629A1E5F09068F9B3BAFCD90E0A5C0C44F3ADEC4AEDE340E0944306AD021EFBFFEF00B67C83467AF868ED3BB72AFA4003DCBEB12F9FCEEB66BCBDF91A35B |
| SSDEEP |
12288:VnZzc5OKRG8Sb45I7oqmKHJklpNTxyedsx:VZzeOaSb45IssJklpNTLsx |
| IMP |
3DF6EFE26236BC1B0D866E5BCCEEB49C |
| PESHA1 |
F3ECEEC388F3D4590F4B35C2FEA09316FF806224 |
| PE256 |
87669D18A694B8932C48860B2EDA90775A6354DD33D6D6ECEC627949D44B491C |
DLL Exports:
| Function Name |
Ordinal |
Type |
EvtNextPublisherId |
31 |
Exported Function |
EvtNextEventMetadata |
30 |
Exported Function |
EvtOpenChannelConfig |
32 |
Exported Function |
EvtOpenEventMetadataEnum |
34 |
Exported Function |
EvtOpenChannelEnum |
33 |
Exported Function |
EvtNextChannelPath |
29 |
Exported Function |
EvtIntRetractConfig |
26 |
Exported Function |
EvtIntReportEventAndSourceAsync |
25 |
Exported Function |
EvtIntSysprepCleanup |
1 |
Exported Function |
EvtNext |
28 |
Exported Function |
EvtIntWriteXmlEventToLocalLogfile |
27 |
Exported Function |
EvtSeek |
42 |
Exported Function |
EvtSaveChannelConfig |
41 |
Exported Function |
EvtSetChannelConfigProperty |
43 |
Exported Function |
EvtUpdateBookmark |
45 |
Exported Function |
EvtSubscribe |
44 |
Exported Function |
EvtRender |
40 |
Exported Function |
EvtOpenPublisherEnum |
36 |
Exported Function |
EvtOpenLog |
35 |
Exported Function |
EvtOpenPublisherMetadata |
37 |
Exported Function |
EvtQuery |
39 |
Exported Function |
EvtOpenSession |
38 |
Exported Function |
EvtIntReportAuthzEventAndSourceAsync |
24 |
Exported Function |
EvtFormatMessage |
9 |
Exported Function |
EvtExportLog |
8 |
Exported Function |
EvtGetChannelConfigProperty |
10 |
Exported Function |
EvtGetEventMetadataProperty |
12 |
Exported Function |
EvtGetEventInfo |
11 |
Exported Function |
EvtCreateRenderContext |
7 |
Exported Function |
EvtCancel |
3 |
Exported Function |
EvtArchiveExportedLog |
2 |
Exported Function |
EvtClearLog |
4 |
Exported Function |
EvtCreateBookmark |
6 |
Exported Function |
EvtClose |
5 |
Exported Function |
EvtIntCreateBinXMLFromCustomXML |
20 |
Exported Function |
EvtIntAssertConfig |
19 |
Exported Function |
EvtIntCreateLocalLogfile |
21 |
Exported Function |
EvtIntRenderResourceEventTemplate |
23 |
Exported Function |
EvtIntGetClassicLogDisplayName |
22 |
Exported Function |
EvtGetQueryInfo |
18 |
Exported Function |
EvtGetLogInfo |
14 |
Exported Function |
EvtGetExtendedStatus |
13 |
Exported Function |
EvtGetObjectArrayProperty |
15 |
Exported Function |
EvtGetPublisherMetadataProperty |
17 |
Exported Function |
EvtGetObjectArraySize |
16 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000023241FB59996DCC4DFF000000000232
- Thumbprint:
FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wevtapi.dll.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/2eaa6c7f08331bc24cae6f68d5e99ba0050ab293d9b8fc935074e1e0d9758f5f/detection/
MIT License. Copyright (c) 2020-2021 Strontic.