AuditNativeSnapIn.dll

  • File Path: C:\Windows\system32\AuditNativeSnapIn.dll
  • Description: Audit Policy Group Policy Editor Extension

Hashes

Type Hash
MD5 18F5CAAE7CEFD006F9F35276ECEE4959
SHA1 66823A60770DD7FB37BB88343C1653717D6FE661
SHA256 AA41D177704D55FD22D1745809F75DFA598E60644D7BEA282ECFADFD0E97B654
SHA384 BBF1291C870F82491D4744807B651CF28429F8F2C08351C5C5A457BCE80294548ECCBF324455CB1F8C85C7DA9D55EF91
SHA512 F43CFF6999F02C75179747D1E905FE2EB9DF18AEAE01DF24780D3A34997B89549B912210BB46CDB4D18256E7FEAFF15CE3AE3F5E744804B7D27E14F134B4C2CF
SSDEEP 3072:6en9d7PxB3m10RgFz/4vB1Tn1m9d7PxB3m10RgFz/4vB1Tn1S:6fLATn1VLATn1
IMP 29B0CAEB33609E0D658CECE2B910C6C9
PESHA1 7188B916C46C41F6CE205B50D61F59E529A1341D
PE256 A66C0638D145A569FA1BAFAD8542AB10F6C1B09D4449B173F7B63420663C5957

DLL Exports:

Function Name Ordinal Type
DllGetClassObject 2 Exported Function
DllCanUnloadNow 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: auditgp.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/aa41d177704d55fd22d1745809f75dfa598e60644d7bea282ecfadfd0e97b654/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\auditpolmsg.dll 65
C:\Windows\SysWOW64\AuditNativeSnapIn.dll 94
C:\Windows\SysWOW64\auditpolmsg.dll 65

MIT License. Copyright (c) 2020 Strontic.