ncprov.dll

Non-COM WMI Event Provision APIs

Microsoft Corporation

It is installed with the Windows 8 pre-release build (RTM).
Publisher:
Microsoft Corporation

Product:
Microsoft® Windows® Operating System

Description:
Non-COM WMI Event Provision APIs

 
Part of the Windows 8.1 (Blue) Operating System

Version:
6.3.9600.16384 (winblue_rtm.130821-1623)

MD5:
4c1721a3aa3f4db733bb89acf1948442

SHA-1:
beaed44734df143e633893f89dacd1d4c4d79df0

SHA-256:
bb4c14a5b7c72e9a63edc87544ecebdbd8a99bc373d661e550b191e20beceb13

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/5/2016 9:41:59 AM UTC  (today)

File size:
75.5 KB (77,312 bytes)

Product version:
6.3.9600.16384

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
NCObjAPI.DLL.MUI

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Windows\System32\wbem\ncprov.dll

Registration
CLSID:
{29F06F0C-FB7F-44A5-83CD-D41705D5C525}

ProgID:
NCProv.NCProvider.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
5/3/2014 7:32:46 AM

OS version:
6.3

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
1536:92X9/sKvIp+EBlEMPBV5pxww272gv0nkxc9TFuRr4gOmc+Li3:92XxssIp+EPEMdjwl0nVhgPvLS

Entry address:
0x2F36

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 21, E6, FF, FF, 5D, 90, 90, 90, 90, 90, 6A, 2C, 68, 18, 30, 00, 10, E8, 58, E6, FF, FF, C7, 45, E4, 01, 00, 00, 00, 33, F6, 89, 75, FC, 8B, 45, 0C, 83, F8, 01, 77, 05, A3, 84, 00, 01, 10, 83, 7D, 0C, 00, 0F, 84, A6, 1C, 00, 00, 8B, 45, 0C, 83, F8, 01, 0F, 85, 23, 01, 00, 00, A1, 40, 05, 01, 10, 85, C0, 0F, 85, A2, 1C, 00, 00, 83, 7D, E4, 00, 74, 60, C7, 45, FC, 02, 00, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 4C, 18, 00, 00, 89, 45, E4, 89, 75, FC, 83...
 
[+]

Entropy:
6.1346

Code size:
56.5 KB (57,856 bytes)