mssecuser



¿Para qué sirve la dll mssecuser.dll?

Microsoft Security Events Component Library

Dependencias de la dll mssecuser.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\mssecuser.dll

File Type: DLL

  Image has the following dependencies:

    msvcrt.dll
    api-ms-win-security-base-l1-1-0.dll
    api-ms-win-core-errorhandling-l1-1-0.dll
    api-ms-win-core-synch-l1-2-0.dll
    api-ms-win-core-synch-l1-1-0.dll
    api-ms-win-core-handle-l1-1-0.dll
    api-ms-win-core-file-l1-1-0.dll
    FLTLIB.DLL
    api-ms-win-core-heap-l1-1-0.dll
    api-ms-win-core-libraryloader-l1-2-0.dll
    api-ms-win-core-string-l1-1-0.dll
    api-ms-win-core-profile-l1-1-0.dll
    api-ms-win-core-processthreads-l1-1-0.dll
    api-ms-win-core-sysinfo-l1-1-0.dll
    api-ms-win-core-rtlsupport-l1-1-0.dll
    ntdll.dll
    api-ms-win-eventing-provider-l1-1-0.dll
    api-ms-win-core-heap-l2-1-0.dll
    api-ms-win-eventing-classicprovider-l1-1-0.dll
    api-ms-win-core-util-l1-1-0.dll

  Summary

        2000 .data
        1000 .pdata
        8000 .rdata
        1000 .reloc
        1000 .rsrc
        F000 .text

Funciones que tiene la dll mssecuser.dll

1    0 00002F20 SecClearRegistryOperations
2    1 00002650 SecCreateSessionFilter
3    2 00002700 SecDeleteSessionFilter
4    3 00002CA0 SecGetCiInformation
5    4 00002570 SecGetDriverVersion
6    5 00002220 SecGetFileHashes
7    6 00002760 SecGetProcessInfo
8    7 00002620 SecGetUserLibVersion
9    8 000025E0 SecIsKernelIntegrityEnabled
10    9 00001A80 SecRegisterConsumer
11    A 00002BB0 SecRequestOplock
12    B 0000A2C0 SecSetConfiguration
13    C 0000CAC0 SecSetFileMonitorOperations
14    D 00002EC0 SecSetRegistryOperations
15    E 00001BC0 SecUnregisterConsumer
16    F 00002A40 SecWriteFileDlpEA
17   10 00002900 SecWriteFileHashEA

Información avanzada sobre funciones que tiene la dll mssecuser.dll

Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\mssecuser.dll

File Type: DLL

  Section contains the following exports for MSSECUSER.dll

    00000000 characteristics
     119D33E time date stamp
        0.00 version
           1 ordinal base
          17 number of functions
          17 number of names

    ordinal hint RVA      name

          1    0 00002F20 SecClearRegistryOperations
          2    1 00002650 SecCreateSessionFilter
          3    2 00002700 SecDeleteSessionFilter
          4    3 00002CA0 SecGetCiInformation
          5    4 00002570 SecGetDriverVersion
          6    5 00002220 SecGetFileHashes
          7    6 00002760 SecGetProcessInfo
          8    7 00002620 SecGetUserLibVersion
          9    8 000025E0 SecIsKernelIntegrityEnabled
         10    9 00001A80 SecRegisterConsumer
         11    A 00002BB0 SecRequestOplock
         12    B 0000A2C0 SecSetConfiguration
         13    C 0000CAC0 SecSetFileMonitorOperations
         14    D 00002EC0 SecSetRegistryOperations
         15    E 00001BC0 SecUnregisterConsumer
         16    F 00002A40 SecWriteFileDlpEA
         17   10 00002900 SecWriteFileHashEA

  Summary

        2000 .data
        1000 .pdata
        8000 .rdata
        1000 .reloc
        1000 .rsrc
        F000 .text

Integridad de la dll mssecuser.dll

Algorithm       Hash                                                                   Path                                         
---------       ----                                                                   ----                                         
SHA256          214EE8C9A72BB08FAAA12F63E46AA6FD573944E5A8B74028C9C57BC302B967BF       C:\Windows\System32\mssecuser.dll            

Detalles sobre el fichero dll mssecuser.dll

PSPath            : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\mssecuser.dll
PSParentPath      : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName       : mssecuser.dll
PSDrive           : C
PSProvider        : Microsoft.PowerShell.Core\FileSystem
PSIsContainer     : False
Mode              : -a----
VersionInfo       : File:             C:\Windows\System32\mssecuser.dll
                    InternalName:     mssecuser.dll
                    OriginalFilename: mssecuser.dll
                    FileVersion:      10.0.19041.423 (WinBuild.160101.0800)
                    FileDescription:  Microsoft Security Events Component Library
                    Product:          Microsoft® Windows® Operating System
                    ProductVersion:   10.0.19041.423
                    Debug:            False
                    Patched:          False
                    PreRelease:       False
                    PrivateBuild:     False
                    SpecialBuild:     False
                    Language:         Inglés (Estados Unidos)
                    
BaseName          : mssecuser
Target            : {C:\Windows\WinSxS\amd64_windows-secdriver_31bf3856ad364e35_10.0.19041.423_none_9c38155e66d604a5\mssecuser.dll}
LinkType          : HardLink
Name              : mssecuser.dll
Length            : 101888
DirectoryName     : C:\Windows\System32
Directory         : C:\Windows\System32
IsReadOnly        : False
Exists            : True
FullName          : C:\Windows\System32\mssecuser.dll
Extension         : .dll
CreationTime      : 18/09/2020 7:53:18
CreationTimeUtc   : 18/09/2020 5:53:18
LastAccessTime    : 03/12/2020 13:20:53
LastAccessTimeUtc : 03/12/2020 12:20:53
LastWriteTime     : 18/09/2020 7:53:18
LastWriteTimeUtc  : 18/09/2020 5:53:18
Attributes        : Archive

Procesos que utilizan la dll mssecuser.dll