wmitrace.dll
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\winxp\wmitrace.dll
- Description: Microsoft Kernel Debugger Extensions (WMI Tracing)
Hashes
| Type |
Hash |
| MD5 |
52E2E83458E0D3A27288C82EAA06FF91 |
| SHA1 |
66D2D72BBDB16DAF72A6771FD05E8AFD429E19FB |
| SHA256 |
D5AEB458ADD457ABD031A9C078600A20AAEF972DABF3592B0D3AA4D419DA2A55 |
| SHA384 |
567F5019F86F17DAE4BC979C6437D6662EE632CC215B6DE0A99E245C3ACC4A2610E721FBA8F8922D209419B4FECE37EB |
| SHA512 |
308BC30675D627A14706E34F0EA8EAE2BBCFCC6FEB19BC295CEBDF7211212BCD9BCB6D93055E121123D32C019836CC3F8FF9C16CC0E75AE3C568FA712889826B |
| SSDEEP |
12288:v+E67VRTJkz/wM5rqLiHFaOGaIzyIPRFWvmF4nUwTRrnN4dyiSCyiNJhRBxhRBxc:v567VRTi/lrrQOGnyIPRFWvmF4UcN2y3 |
| IMP |
25A58120CB80200AF48216AEBC42CBB4 |
| PESHA1 |
4FB091EEB5B035D321B2670957024B7E6A175A2F |
| PE256 |
9D57EAE9EAA0A6A31A8D81C8748CD42E4D6464E67CDEB1FFB6A10729BFE7E5D8 |
DLL Exports:
| Function Name |
Ordinal |
Type |
regtable |
27 |
Exported Function |
ptdump |
26 |
Exported Function |
setprefix |
29 |
Exported Function |
searchpath |
28 |
Exported Function |
manpath |
25 |
Exported Function |
logdump |
22 |
Exported Function |
kdtracing |
21 |
Exported Function |
logsave |
24 |
Exported Function |
logger |
23 |
Exported Function |
traceoperation |
35 |
Exported Function |
Tprint |
2 |
Exported Function |
WmiFormatTraceData |
3 |
Exported Function |
usermode |
36 |
Exported Function |
tmffile |
34 |
Exported Function |
stop |
31 |
Exported Function |
start |
30 |
Exported Function |
systrace |
33 |
Exported Function |
strdump |
32 |
Exported Function |
DebugExtensionNotify |
1 |
Exported Function |
DebugExtensionInitialize |
5 |
Exported Function |
disable |
11 |
Exported Function |
DebugExtensionUninitialize |
6 |
Exported Function |
container |
10 |
Exported Function |
bufdump |
7 |
Exported Function |
_EFN_wmiLogMiniDump |
4 |
Exported Function |
capturestate |
9 |
Exported Function |
buffer |
8 |
Exported Function |
guidfile |
18 |
Exported Function |
guid |
17 |
Exported Function |
kd |
20 |
Exported Function |
help |
19 |
Exported Function |
eventlogdump |
16 |
Exported Function |
dumpminievent |
13 |
Exported Function |
dumpmini |
12 |
Exported Function |
enable |
15 |
Exported Function |
dynamicprint |
14 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
33000002CF6D2CC57CAA65A6D80000000002CF
- Thumbprint:
1A221B3B4FEF088B17BA6704FD088DF192D9E0EF
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: wmiTrace.DLL
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: Unknown
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.