¿Para qué sirve la dll wecapi.dll?

Event Collector Configuration API

Dependencias de la dll wecapi.dll


Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\wecapi.dll

File Type: DLL

  Image has the following dependencies:

    msvcrt.dll
    api-ms-win-eventing-classicprovider-l1-1-0.dll
    api-ms-win-core-heap-l1-1-0.dll
    RPCRT4.dll
    api-ms-win-core-errorhandling-l1-1-0.dll
    api-ms-win-core-synch-l1-1-0.dll
    api-ms-win-core-file-l1-1-0.dll
    api-ms-win-service-management-l1-1-0.dll
    api-ms-win-service-management-l2-1-0.dll
    api-ms-win-service-winsvc-l1-1-0.dll
    api-ms-win-core-synch-l1-2-0.dll
    api-ms-win-core-localization-l1-2-0.dll
    api-ms-win-core-profile-l1-1-0.dll
    api-ms-win-core-processthreads-l1-1-0.dll
    api-ms-win-core-sysinfo-l1-1-0.dll
    api-ms-win-core-rtlsupport-l1-1-0.dll
    wevtapi.dll

  Summary

        1000 .data
        1000 .pdata
        7000 .rdata
        1000 .reloc
        1000 .rsrc
        C000 .text

Funciones que tiene la dll wecapi.dll


3    0 00003750 EcClose
4    1 00002B00 EcDeleteSubscription
5    2 00002180 EcEnumNextSubscription
6    3 00002F80 EcGetObjectArrayProperty
7    4 00002C70 EcGetObjectArraySize
8    5 000027B0 EcGetSubscriptionProperty
9    6 00003300 EcGetSubscriptionRunTimeStatus
10    7 000031C0 EcInsertObjectArrayElement
1    8 000038F0 EcIsConfigRequired
11    9 00002360 EcOpenSubscription
12    A 00001ED0 EcOpenSubscriptionEnum
2    B 000038A0 EcQuickConfig
13    C 00003260 EcRemoveObjectArrayElement
14    D 000035E0 EcRetrySubscription
15    E 000029E0 EcSaveSubscription
16    F 00002DE0 EcSetObjectArrayProperty
17   10 00002620 EcSetSubscriptionProperty

Información avanzada sobre funciones que tiene la dll wecapi.dll


Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file C:\Windows\System32\wecapi.dll

File Type: DLL

  Section contains the following exports for WecApi.dll

    00000000 characteristics
    5543F589 time date stamp
        0.00 version
           1 ordinal base
          17 number of functions
          17 number of names

    ordinal hint RVA      name

          3    0 00003750 EcClose
          4    1 00002B00 EcDeleteSubscription
          5    2 00002180 EcEnumNextSubscription
          6    3 00002F80 EcGetObjectArrayProperty
          7    4 00002C70 EcGetObjectArraySize
          8    5 000027B0 EcGetSubscriptionProperty
          9    6 00003300 EcGetSubscriptionRunTimeStatus
         10    7 000031C0 EcInsertObjectArrayElement
          1    8 000038F0 EcIsConfigRequired
         11    9 00002360 EcOpenSubscription
         12    A 00001ED0 EcOpenSubscriptionEnum
          2    B 000038A0 EcQuickConfig
         13    C 00003260 EcRemoveObjectArrayElement
         14    D 000035E0 EcRetrySubscription
         15    E 000029E0 EcSaveSubscription
         16    F 00002DE0 EcSetObjectArrayProperty
         17   10 00002620 EcSetSubscriptionProperty

  Summary

        1000 .data
        1000 .pdata
        7000 .rdata
        1000 .reloc
        1000 .rsrc
        C000 .text

Integridad de la dll wecapi.dll



Algorithm       Hash                                                                   Path                                                           
---------       ----                                                                   ----                                                           
SHA256          AE5DD76D77BB5DFEEFB19581498F6E82323D878B64FEABF15C3C479E85BB9751       C:\Windows\System32\wecapi.dll                                 


Detalles sobre el fichero dll wecapi.dll




PSPath            : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\wecapi.dll
PSParentPath      : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName       : wecapi.dll
PSDrive           : C
PSProvider        : Microsoft.PowerShell.Core\FileSystem
PSIsContainer     : False
Mode              : -a----
VersionInfo       : File:             C:\Windows\System32\wecapi.dll
                    InternalName:     WecApi.dll
                    OriginalFilename: WecApi.dll
                    FileVersion:      10.0.19041.1 (WinBuild.160101.0800)
                    FileDescription:  Event Collector Configuration API
                    Product:          Microsoft® Windows® Operating System
                    ProductVersion:   10.0.19041.1
                    Debug:            False
                    Patched:          False
                    PreRelease:       False
                    PrivateBuild:     False
                    SpecialBuild:     False
                    Language:         Inglés (Estados Unidos)
                    
BaseName          : wecapi
Target            : {C:\Windows\WinSxS\amd64_microsoft-windows-eventcollector_31bf3856ad364e35_10.0.19041.1_none_b0feb06b14107c04\wecapi.dll}
LinkType          : HardLink
Name              : wecapi.dll
Length            : 81408
DirectoryName     : C:\Windows\System32
Directory         : C:\Windows\System32
IsReadOnly        : False
Exists            : True
FullName          : C:\Windows\System32\wecapi.dll
Extension         : .dll
CreationTime      : 07/12/2019 10:09:39
CreationTimeUtc   : 07/12/2019 9:09:39
LastAccessTime    : 03/12/2020 16:43:02
LastAccessTimeUtc : 03/12/2020 15:43:02
LastWriteTime     : 07/12/2019 10:09:39
LastWriteTimeUtc  : 07/12/2019 9:09:39
Attributes        : Archive



Procesos que utilizan la dll wecapi.dll