» mediaperfviewpattern.dll
Overview
Analysis
File Details

mediaperfviewpattern.dll

ETW Pattern Library

Microsoft Corporation

File name:

Publisher:

Microsoft Corporation (signed and verified)

Product:

Microsoft® Windows® Operating System

Description:

ETW Pattern Library

Version:

6.2.9200.16384 (win8_rtm.120725-1247)

MD5:

3d5068b821bd2a6f2b14a4e1aaf48228

SHA-1:

4c2bc69c99b62a568087babf344217b168b205be

SHA-256:

e2b6d3e95882836adac9148f4fc4c12d1ce4efb21562b56c840d15b224987e18

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/24/2024 9:17:08 PM UTC (today)

File size:

868.2 KB (889,056 bytes)

Product version:

6.2.9200.16384

Original file name:

ETWPattern.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\windows kits\8.0\assessment and deployment kit\windows assessment toolkit\content based assessments\x86\mediaperfviewpattern.dll

Digital Signature

Signed by:

Microsoft Corporation

Authority:

MSIT Test CodeSign CA 3

Valid from:

4/29/2011 11:31:38 AM

Valid to:

4/28/2013 11:31:38 AM

Subject:

CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=MSIT Test CodeSign CA 3, DC=redmond, DC=corp, DC=microsoft, DC=com

Serial number:

79F4C29400000016D66C

File PE Metadata

Compilation timestamp:

7/25/2012 9:57:10 PM

OS version:

6.2

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.10

CTPH (ssdeep):

24576:hj3bRiKpVIvn8HZrbq9k3wVaXBxhRBxhRBxeMRwgt:hj3bRi3/ErbMaXBxhRBxhRBxeMRwgt

Entry address:

0x8F8A7

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 6A, 10, 00, 00, 5D, E9, 7A, FD, FF, FF, CC, CC, CC, CC, CC, 6A, 0C, 68, D8, 8D, 09, 10, E8, 3E, 04, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7, 8B, 75, 08, 03, F0, 89, 75, 08, 83, 65, FC, 00, 4F, 89, 7D, 10, 78, 0C, 2B, F3, 89, 75, 08, 8B, CE, FF, 55, 14, EB, EE, 33, C0, 40, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 14, 00, 00, 00, E8, 3F, 04, 00, 00, C2, 10, 00, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, 45, E4, 85, C0, 75, 0B, FF, 75... 
[+]

Entropy:

6.2722

Code size:

617 KB (631,808 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.