wevtsvc.dll
- File Path:
C:\Windows\system32\wevtsvc.dll
- Description: Event Logging Service
Hashes
| Type |
Hash |
| MD5 |
E01F46001B2EB16FB51E4E518BC1FABC |
| SHA1 |
88A463DC19FC171C85B59AE329EC52456D2058FD |
| SHA256 |
BCD010D1040BC1F3024EB4B75113C7BB683EEE3B9B7A9B45769356A82C5E2130 |
| SHA384 |
DEC94BE89C821AA52D2FA83C3678386843C4A52E0C2A4A5B43675D33449CFF2926ED669D99B231513FE00D5B84B3904C |
| SHA512 |
7A5C936125C1D6312D60E1AC9F9D3318648F15DF7CB13F2BFF703B99FC42CCAB6A2777AB1F6ABC56053CA0F34AE558E9E8729314591DD749C102AFA9FF3C09D1 |
| SSDEEP |
49152:VneR3P25Au/X2c+eUQrszwc+3LjVv8QqAC2IyiL:YRmmcr5cQqAC2 |
| IMP |
6456D16F0075F3A7E7C0C36EB9BA3E4A |
| PESHA1 |
23AF00EA2CA550E695BFB25A1014A1B0D04DD189 |
| PE256 |
3D53D058C46AD252F8608A6103B342F542B93FCF6C9D7628F0437B59BA972801 |
DLL Exports:
| Function Name |
Ordinal |
Type |
SvchostPushServiceGlobalsEx |
2 |
Exported Function |
ServiceMain |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wevtsvc.dll.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/66
- VirusTotal Link: https://www.virustotal.com/gui/file/bcd010d1040bc1f3024eb4b75113c7bb683eee3b9b7a9b45769356a82c5e2130/detection/
MIT License. Copyright (c) 2020-2021 Strontic.