AuditNativeSnapIn.dll

  • File Path: C:\Windows\SysWOW64\AuditNativeSnapIn.dll
  • Description: Audit Policy Group Policy Editor Extension

Hashes

Type Hash
MD5 2D16EA9876A4416759EF0F727F5C548D
SHA1 C5AAA76CB68B9FCFF16903439AA190B93A1B4729
SHA256 FFBB7096593439184A4DE3F6754828DFBF961305EE5D7703447789AE41E4C0F9
SHA384 ACFFEDB4AE677507599CACE063E4DF85F58ADB2C8B2C9CC46B6AEA871309BE17237BE126B87ACA9AC6FB841383EB0895
SHA512 1D54B804D08571D1E427D51097314986A87E9F717A9B92D1FB4EB449CEF80467F76A88293E46CDDA6F327CFDA4377D157192AA094077A0F603BBFA1469F71BB0
SSDEEP 3072:Nv6KYCZon9d7PxB3m10RgFz/4vB1Tn1m9d7PxB3m10RgFz/4vB1Tn1S:Nv6TwJLATn1VLATn1
IMP EF154CC80FF982AEC2AE8B7880140833
PESHA1 10BE4E662CF417BF66788BB0F50D3AA53DF97337
PE256 9278AA0C233D6AEFA9D05217B867AE60F02CF99E5E3D04DF4A64BCC2665752FF

DLL Exports:

Function Name Ordinal Type
DllGetClassObject 2 Exported Function
DllCanUnloadNow 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: auditgp.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/68
  • VirusTotal Link: https://www.virustotal.com/gui/file/ffbb7096593439184a4de3f6754828dfbf961305ee5d7703447789ae41e4c0f9/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\AuditNativeSnapIn.dll 94
C:\Windows\system32\auditpolmsg.dll 60
C:\Windows\SysWOW64\auditpolmsg.dll 60

MIT License. Copyright (c) 2020 Strontic.