EsdSip.dll

File Path: C:\Windows\system32\EsdSip.dll
Description: Crypto SIP provider for signing and verifying .esd Electronic Software Distribution files

Hashes

Type	Hash
MD5	`6E73B470A09C94B6A57B8D921D682F0A`
SHA1	`E520248438FBCEF0FAE66206237251B355998CC3`
SHA256	`2149ED89A8DC033148917E2A7EDFF09648FC23C8F44BE4A8CACFD61EB244A758`
SHA384	`6744D275F878756C557F9D497E456D4F55CEDAA8BFDB180910FA6865CA75954CB82A26E5D8A35F2014984D0AB559E3B4`
SHA512	`0AF029C954CF335A6F2E347526059DAAF1F50025568A642E3C91E19D53DAAD0F31F43C985EDDC449B9027F910A6B8F3327520C51E0E7DACDA85B0D2C1D096832`
SSDEEP	`384:wO2sm91PIeMd4CN7xCNAF76QHUEYHE82ngYJXW7RW:wOy91PPjA5HUvkEYJY`
IMP	`F68894FCF326DDF529AD9CBBB7CCDD8D`
PESHA1	`B7E4A2657567A99B061D0E6ADE65EEAD1953EB65`
PE256	`28EB97BA388D69630A5D96161F1C2702EE47FA1E4285B57634A11EA98A775E7B`

DLL Exports:

Function Name	Ordinal	Type
`EsdSipGetSignature`	4	Exported Function
`EsdSipGetCaps`	3	Exported Function
`EsdSipIsMyFileType`	5	Exported Function
`EsdSipVerifyHash`	7	Exported Function
`EsdSipPutSignature`	6	Exported Function
`EsdSipDelSignature`	2	Exported Function
`DllMain`	9	Exported Function
`DllCanUnloadNow`	8	Exported Function
`DllRegisterServer`	10	Exported Function
`EsdSipCreateHash`	1	Exported Function
`DllUnregisterServer`	11	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: ESDSIP.DLL
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 64-bit

File Scan

VirusTotal Detections: 0/72
VirusTotal Link: https://www.virustotal.com/gui/file/2149ed89a8dc033148917e2a7edff09648fc23c8f44be4a8cacfd61eb244a758/detection/

MIT License. Copyright (c) 2020-2021 Strontic.