PayloadRestrictions.dll

  • File Path: C:\Windows\system32\PayloadRestrictions.dll
  • Description: Payload Restrictions Mitigation Provider

Hashes

Type Hash
MD5 0D9A11D281923E410735B77B7AEF4AB0
SHA1 AB719BDBDDEEB716EEB30994BCA48F972E08169E
SHA256 7BFB1DA601A979F7E9374EA6C0883257F41587D3F666843260FA2C460246B546
SHA384 412E04F6EC17BEA5AE331F9F496703D56BEC825B1770793DA6C21DFCC0ED1AD250C7D7444723D28A4400E12BDB5638FD
SHA512 E7FF1E17B4EC82873896ED9E0CCD69F667091FB2B002B63E4345D85EF021BD42A95A788B2F3636F097485DFC4A79F609E19890346107D2629B47026BF7CFD909
SSDEEP 12288:zz14Fkxli+qi1NAkLUNABI4STZMs8A8HvVL/olGLzB+CtOxtiz:n1U0li+j97xspEz
IMP A4D0985B00C63DAF2508E3735B7D59D5
PESHA1 1FB351D551826A753A6FF445A4BF61367AD7A5B0
PE256 4FE7FFEBFBE9EFE0AF04540A8F9BB9D7E7903653610F17EFE16C23069554095F

DLL Exports:

Function Name Ordinal Type
MitLibUninitialize 3 Exported Function
MitLibQueryMitigations 2 Exported Function
MitLibInitialize 1 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 330000026551AE1BBD005CBFBD000000000265
  • Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: PayloadRestrictions.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/69
  • VirusTotal Link: https://www.virustotal.com/gui/file/7bfb1da601a979f7e9374ea6c0883257f41587d3f666843260fa2c460246b546/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\PayloadRestrictions.dll 21

MIT License. Copyright (c) 2020 Strontic.