amsiproxy.dll

  • File Path: C:\Windows\system32\amsiproxy.dll
  • Description: Anti-Malware Scan Interface proxy

Hashes

Type Hash
MD5 DA4ADA6B745CC35A45665493339D9B74
SHA1 B6E1E4862DC04B6EF691DC192FE136C10E8D7AC7
SHA256 887C5D4AC9903AB6F38EDBB3F96C47867B7FB19B35A708A9FB7543D8A19F5C35
SHA384 A26A189DA9FD565D512C8547967DCD3814752F5E4D5BC670013D73EA4BC598146BFEB48350CB01646D783EE55E2CE3F5
SHA512 B77DB19888259C788B714109D4EA813EC5F23FD7BBD9FE8857470404E84AEC380F89113816556E0D05C77FB4E79195FCB1BC541CD61175E6B069DA95D2342342
SSDEEP 192:xzxZSBzkuxOKIKCuw8KPfUSI0D1bfbAsR7pdrUEcCYsSWrjW+:x8zTxjIfuwNPfUGxRvrNYsSWrjW+
IMP 01ACE9B00300277141032492DC1F3A90
PESHA1 8E2451CB1FAB799E5F177D833347B6FFE3FC42CE
PE256 51AD24C1C4563E8BE6125787775A925E601CFA6CC0B3AAE5964650101C8CA774

DLL Exports:

Function Name Ordinal Type
DllRegisterServer 3 Exported Function
DllUnregisterServer 4 Exported Function
DllCanUnloadNow 1 Exported Function
DllGetClassObject 2 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: amsiproxy.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/70
  • VirusTotal Link: https://www.virustotal.com/gui/file/887c5d4ac9903ab6f38edbb3f96c47867b7fb19b35a708a9fb7543d8a19f5c35/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\cfmifsproxy.dll 38
C:\Windows\system32\UIManagerBrokerps.dll 41

MIT License. Copyright (c) 2020 Strontic.