MsCtfMonitor.dll
- File Path:
C:\Windows\system32\MsCtfMonitor.dll
- Description: MsCtfMonitor DLL
Hashes
| Type |
Hash |
| MD5 |
3B7C928681C98C6CF44DA5EE7EE92AF8 |
| SHA1 |
5C9185C15FCF22FC8DF5A71CD75B73094E6D54A5 |
| SHA256 |
71B11EC18954B3BA6E48581CF1AF69029438E760EA2550EB963A4FF89E396F96 |
| SHA384 |
44BFF158866C9F6A7885D912ECAB5AD9F51BDBD0C253787AD7AF1A4F4625186AF7FB988AF9598EE093063FC12E6C64F1 |
| SHA512 |
62249398DC833E582B4F07AA781A4E55EFAD3BD3CCA7D5DBCC6426BD67ADD55A3371E433455123BAF447B248478E6D2D569B4413BA9AE0AFC6501CA0B65F71D7 |
| SSDEEP |
1536:fbFoCFE+N5fGYzsy7wBemJLiVAUDuoWv6hng/1mGS5QpPnnd/1mtM2i8H:fBoZQ37wAmJLiT2kQkQhnnDUM2r |
| IMP |
06EDB9209B964ABE61CD9B6942DEA085 |
| PESHA1 |
1C30BF18FD8DADD6252817114D42010E4F040EA2 |
| PE256 |
4E48673F772933367CE69BE6AF585D934EAF14C079B60B494A455D1931183FC0 |
DLL Exports:
| Function Name |
Ordinal |
Type |
DoMsCtfMonitor |
5 |
Exported Function |
InitLocalMsCtfMonitor |
6 |
Exported Function |
UninitLocalMsCtfMonitor |
7 |
Exported Function |
DllUnregisterServer |
4 |
Exported Function |
DllCanUnloadNow |
1 |
Exported Function |
DllGetClassObject |
2 |
Exported Function |
DllRegisterServer |
3 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: MsCtfMonitor.DLL.MUI
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/65
- VirusTotal Link: https://www.virustotal.com/gui/file/71b11ec18954b3ba6e48581cf1af69029438e760ea2550eb963a4ff89e396f96/detection/
Possible Misuse
The following table contains possible examples of MsCtfMonitor.dll being misused. While MsCtfMonitor.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source |
Source File |
Example |
License |
| malware-ioc |
amavaldo |
\| 1D56BAB28793E3AB96E390F09F02425E52E28FFC \| MsCtfMonitor.dll \| Amavaldo injector \| Win32/Spy.Amavaldo.U trojan \| |
© ESET 2014-2018 |
MIT License. Copyright (c) 2020-2021 Strontic.