adhapi.dll
- File Path:
C:\Windows\system32\adhapi.dll
- Description: AD harvest sites and subnets API
Hashes
| Type |
Hash |
| MD5 |
CF88982155D10E9FE3230A61015CC8EC |
| SHA1 |
7FD254481511B9CA827E9AEDECE59D6EA2B06895 |
| SHA256 |
89A363B639B6542E78171A9153C152513EEE92D0D2549A17E25CF9828DC6F030 |
| SHA384 |
1965872F6B9276513084A86DB247E689BDF963CCB39E00D54FDD8EECE2541EBBFB63B4D7011E7947A9417608BD9AD16C |
| SHA512 |
3C60798968E0DC265F6D7555814996915C0E8FE5ECC98FC357CB85748AF843DFBD46F22EDC544ABFCCECDAD38A62A78150FDC6F748880D19F7D10A009904CA7E |
| SSDEEP |
384:j3/xrlbzDZTKL8Fja8xxU5gDO/AYp4bmw1at6WuMW:bZ+oFNxxW/AYp4kt6 |
| IMP |
32958480369CEBB74256D975884CD863 |
| PESHA1 |
6C0D8E069CB78E38C2E0B586130931E7283973C6 |
| PE256 |
D9C359B2761FA284465DB4DE7804B5BC44AF4F5A56441B8876B62FFBCF0092A6 |
DLL Exports:
| Function Name |
Ordinal |
Type |
AdhStatusEventSubscribe |
5 |
Exported Function |
AdhStatusEventUnsubscribe |
6 |
Exported Function |
DllMain |
7 |
Exported Function |
AdhGetEvidenceCollectorResult |
4 |
Exported Function |
AdhEngineClose |
1 |
Exported Function |
AdhEngineOpen |
2 |
Exported Function |
AdhGetConfig |
3 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
330000026551AE1BBD005CBFBD000000000265
- Thumbprint:
E168609353F30FF2373157B4EB8CD519D07A2BFF
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: AdhApi.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/89a363b639b6542e78171a9153c152513eee92d0d2549a17e25cf9828dc6f030/detection/
MIT License. Copyright (c) 2020-2021 Strontic.