elastic-ecs mapping: consolidate `dll` attributes into `file` SCO

[Harmedox]

In the elastic_ecs connector mapping, dll attributes currently exist in the x-ecs-dll custom object. With the attributes easily mapping into the file SCO, it is preferred to have a dll-ref attribute in the file object, referencing a secondary file object representing the dll info.

The mapping redesign aims to create a uniform and consistent representation of data/attributes across multiple connectors.