EditBufferTestHook.dll

  • File Path: C:\Windows\SysWOW64\EditBufferTestHook.dll
  • Description: “EditBufferTestHook.DYNLINK”

Hashes

Type Hash
MD5 CDDB6D34EF0EA61D1B1DC62552D53BD2
SHA1 2A20851E12D5AFD8F65244EE16B5D8F8C43AA75C
SHA256 3788F1FA484D6D0314451ACF2587E732C3CBC58721B451F20034DC929488B4F7
SHA384 40D1FE4BC1AB33FD10CAD3F3D0445CE6074A966F6764CAF05E2C4E7725F27313536321CEE89D7E225F906C1940ADCB82
SHA512 00EF8FB7A5E29B01B49F0A3BE15D21B097DB8D6E336FD1D7CD75789D5AB8D4FF20744FF465ECF940A6F2C83FE73A63C998F0B38D07E3CD76C15C3C8832834DD6
SSDEEP 1536:i8N6c+G9Ao7iQchNYgRNgJyoRXPQVcEgzCCY9IcIP07g5Y1CCswbdt1d:l6c+4rchNYg4Jya4VcbnY1IPeg5Y1CCB
IMP 10E6AF2AE55CB98D6BB10BCE6F0DA8F6
PESHA1 B9DE3B8DF17386FC26CCA5B1D5C801C84832344D
PE256 C1566FFE149F12CAA914C8D9C8499A8BE6DF60B3DC638DBDF368B74D91AC8B99

DLL Exports:

Function Name Ordinal Type
EnableTestHook 3 Exported Function
GetTestHookEnabled 4 Exported Function
CreateEditBufferTestHook 1 Exported Function
CreateEditBufferTestHookClient 2 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: “EditBufferTestHook.DYNLINK”
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.508 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.508
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/70
  • VirusTotal Link: https://www.virustotal.com/gui/file/3788f1fa484d6d0314451acf2587e732c3cbc58721b451f20034dc929488b4f7/detection/

MIT License. Copyright (c) 2020 Strontic.