¿Para qué sirve la dll amsi.dll?
Anti-Malware Scan InterfaceDependencias de la dll amsi.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\amsi.dll
File Type: DLL
Image has the following dependencies:
msvcrt.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-eventing-provider-l1-1-0.dll
api-ms-win-eventing-classicprovider-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-core-heap-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-localization-l1-2-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-synch-l1-2-0.dll
api-ms-win-core-rtlsupport-l1-1-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
RPCRT4.dll
api-ms-win-core-registry-l1-1-0.dll
api-ms-win-core-sysinfo-l1-2-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-processthreads-l1-1-1.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-delayload-l1-1-1.dll
api-ms-win-core-delayload-l1-1-0.dll
ntdll.dll
Image has the following delay load dependencies:
api-ms-win-core-com-l1-1-0.dll
api-ms-win-security-cryptoapi-l1-1-0.dll
USERENV.dll
Summary
2000 .data
1000 .didat
1000 .pdata
6000 .rdata
1000 .reloc
2000 .rsrc
B000 .text
Funciones que tiene la dll amsi.dll
1 0 000035C0 AmsiCloseSession
2 1 00003240 AmsiInitialize
3 2 00003560 AmsiOpenSession
4 3 000035E0 AmsiScanBuffer
5 4 000036E0 AmsiScanString
6 5 00003740 AmsiUacInitialize
7 6 000039C0 AmsiUacScan
8 7 00003960 AmsiUacUninitialize
9 8 00003500 AmsiUninitialize
10 9 00001970 DllCanUnloadNow
11 A 000019B0 DllGetClassObject
12 B 00001AF0 DllRegisterServer
13 C 00001AF0 DllUnregisterServer
Información avanzada sobre funciones que tiene la dll amsi.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\amsi.dll
File Type: DLL
Section contains the following exports for Amsi.dll
00000000 characteristics
4EC387E3 time date stamp
0.00 version
1 ordinal base
13 number of functions
13 number of names
ordinal hint RVA name
1 0 000035C0 AmsiCloseSession
2 1 00003240 AmsiInitialize
3 2 00003560 AmsiOpenSession
4 3 000035E0 AmsiScanBuffer
5 4 000036E0 AmsiScanString
6 5 00003740 AmsiUacInitialize
7 6 000039C0 AmsiUacScan
8 7 00003960 AmsiUacUninitialize
9 8 00003500 AmsiUninitialize
10 9 00001970 DllCanUnloadNow
11 A 000019B0 DllGetClassObject
12 B 00001AF0 DllRegisterServer
13 C 00001AF0 DllUnregisterServer
Summary
2000 .data
1000 .didat
1000 .pdata
6000 .rdata
1000 .reloc
2000 .rsrc
B000 .text
Integridad de la dll amsi.dll
Algorithm Hash Path
--------- ---- ----
SHA256 B30A8D422FAA2DAA23EA791F1C49A80BCA6DE815C06356687A7C8ABCBBFD3A68 C:\Windows\System32\amsi.dll
Detalles sobre el fichero dll amsi.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\amsi.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : amsi.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\amsi.dll
InternalName: amsi.dll
OriginalFilename: amsi.dll
FileVersion: 10.0.19041.610 (WinBuild.160101.0800)
FileDescription: Anti-Malware Scan Interface
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.610
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : amsi
Target : {C:\Windows\WinSxS\amd64_microsoft-antimalware-scan-interface_31bf3856ad364e35_10.0.19041.610_none_34c810e835d05
418\amsi.dll}
LinkType : HardLink
Name : amsi.dll
Length : 77824
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\amsi.dll
Extension : .dll
CreationTime : 29/11/2020 11:42:04
CreationTimeUtc : 29/11/2020 10:42:04
LastAccessTime : 03/12/2020 8:26:23
LastAccessTimeUtc : 03/12/2020 7:26:23
LastWriteTime : 29/11/2020 11:42:04
LastWriteTimeUtc : 29/11/2020 10:42:04
Attributes : Archive
Procesos que utilizan la dll amsi.dll
AsusTPCenter
AsusTPLoader
chrome
powershell_ise
powershell_ise
powershell_ise