PayloadRestrictions.dll
- File Path:
C:\Windows\system32\PayloadRestrictions.dll
- Description: Payload Restrictions Mitigation Provider
Hashes
| Type |
Hash |
| MD5 |
0D9A11D281923E410735B77B7AEF4AB0 |
| SHA1 |
AB719BDBDDEEB716EEB30994BCA48F972E08169E |
| SHA256 |
7BFB1DA601A979F7E9374EA6C0883257F41587D3F666843260FA2C460246B546 |
| SHA384 |
412E04F6EC17BEA5AE331F9F496703D56BEC825B1770793DA6C21DFCC0ED1AD250C7D7444723D28A4400E12BDB5638FD |
| SHA512 |
E7FF1E17B4EC82873896ED9E0CCD69F667091FB2B002B63E4345D85EF021BD42A95A788B2F3636F097485DFC4A79F609E19890346107D2629B47026BF7CFD909 |
| SSDEEP |
12288:zz14Fkxli+qi1NAkLUNABI4STZMs8A8HvVL/olGLzB+CtOxtiz:n1U0li+j97xspEz |
| IMP |
A4D0985B00C63DAF2508E3735B7D59D5 |
| PESHA1 |
1FB351D551826A753A6FF445A4BF61367AD7A5B0 |
| PE256 |
4FE7FFEBFBE9EFE0AF04540A8F9BB9D7E7903653610F17EFE16C23069554095F |
DLL Exports:
| Function Name |
Ordinal |
Type |
MitLibUninitialize |
3 |
Exported Function |
MitLibQueryMitigations |
2 |
Exported Function |
MitLibInitialize |
1 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: PayloadRestrictions.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/7bfb1da601a979f7e9374ea6c0883257f41587d3f666843260fa2c460246b546/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.