Elastic Windows Event Explorer


Publisher - Microsoft-Windows-CodeIntegrity

Event ID 3063

Message:

Code Integrity determined that a process (%{ProcessNameBuffer}) attempted to load %{FileNameBuffer} that did not meet the security requirements for %{RequirementType}.

Event Data:

# Name In Type
Out Type
1 FileNameLength win:UInt16 xs:unsignedShort
2 FileNameBuffer win:UnicodeString xs:string
3 ProcessNameLength win:UInt16 xs:unsignedShort
4 ProcessNameBuffer win:UnicodeString xs:string
5 RequirementType win:UInt8 xs:unsignedByte
6 Status win:HexInt32 win:HexInt32

Observed Windows Versions:

Version: 0

Fingerprint: VQHYJB4JVP772