wmitrace.dll

• File Path: C:\Program Files (x86)\Windows Kits\10\Debuggers\arm\winxp\wmitrace.dll
• Description: Microsoft Kernel Debugger Extensions (WMI Tracing)

Hashes

Type	Hash
MD5	1DCB4CF18241C85B3C49A8F968C9A758
SHA1	FAEECDB0524B24F96911863D80C799283075861E
SHA256	02C4D3FDAC2109DC3560529387DDD208151CBC770C991F0BD8C63AEC85097A00
SHA384	C9F344E406CD4AAF1356BC74328F3353D522F4CCC6AF5432D48C902767C3CFE62FA20F555EEF67D75A568DA447AE47E4
SHA512	7C729E35E81F85103CF5141F4A55D69BA7E07C8073DDB58BF452B953B6DDBFD6AC15FCBC39E4403B531F06CE999314AE87C0DBFEFF12E2A0E5F71308C1668273
SSDEEP	24576:o5m7VRTW3ulFziiSCyuKCyiBxhRBxhRBxtZla:Sm7VRT/liiSCyuKCyiBxhRBxhRBxtZla
IMP	EE55B649CF9C43769D1A5C3B3DC8E1CC
PESHA1	7D0AAC2EE0DCEAB653F040E6E707DDA21AC98927
PE256	1DC264AEE8729ED935D2DA3B85D30A38AC6011D6A97B338ACC0AF7C8B0E0A59D

DLL Exports:

Function Name	Ordinal	Type
regtable	27	Exported Function
ptdump	26	Exported Function
setprefix	29	Exported Function
searchpath	28	Exported Function
manpath	25	Exported Function
logdump	22	Exported Function
kdtracing	21	Exported Function
logsave	24	Exported Function
logger	23	Exported Function
traceoperation	35	Exported Function
Tprint	2	Exported Function
WmiFormatTraceData	3	Exported Function
usermode	36	Exported Function
tmffile	34	Exported Function
stop	31	Exported Function
start	30	Exported Function
systrace	33	Exported Function
strdump	32	Exported Function
DebugExtensionNotify	1	Exported Function
DebugExtensionInitialize	5	Exported Function
disable	11	Exported Function
DebugExtensionUninitialize	6	Exported Function
container	10	Exported Function
bufdump	7	Exported Function
_EFN_wmiLogMiniDump	4	Exported Function
capturestate	9	Exported Function
buffer	8	Exported Function
guidfile	18	Exported Function
guid	17	Exported Function
kd	20	Exported Function
help	19	Exported Function
eventlogdump	16	Exported Function
dumpminievent	13	Exported Function
dumpmini	12	Exported Function
enable	15	Exported Function
dynamicprint	14	Exported Function

Signature

• Status: Signature verified.
• Serial: 33000002B7E8E007A82AEF13150000000002B7
• Thumbprint: 5A68625F1A516670A744F7EF919500A479D32A5B
• Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows Kits Publisher, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: wmiTrace.DLL
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.1 (WinBuild.160101.0800)
• Product Version: 10.0.19041.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 452

File Scan

• VirusTotal Detections: Unknown

MIT License. Copyright (c) 2020-2021 Strontic.