auditpolcore.dll

  • File Path: C:\Windows\system32\auditpolcore.dll
  • Description: Audit Policy Program

Hashes

Type Hash
MD5 88F41835A64A8543E76CB683507656C4
SHA1 DAFF9CF87FA3700E67CAEAFA49E39599F415C8B3
SHA256 4AF8EFA518493025DEDD14B70B1ABFFB0F4B663018A3075F6EDFE1021B8A3E2D
SHA384 BBA2A419D455341B5345161132AF7369608DBDC3BE6C7D6EFBAD0E9EC848CBFB2610B9EE29CD1E1912E4A3431888941B
SHA512 78C31465F179BBD48D07720BEE3D9871EA652B337A361F5F79C540F5F8E84D0E3A153FF98B6742FF5B6D622EF43DAD96BED4C9D773AF80C6180D3E3174C008BA
SSDEEP 1536:UmnqAuWq06BEC+CAa6iRk7K9UTnB5qxt7hS6gnhDgecPr+pGNRgiDsYGzS:bq7rBEC+Ce+2TBwxt7hS6gnhDgecPr+8
IMP 2FDC0CDB8D1D84F9113B3BD8B0360829
PESHA1 4AC2E8FBF4A3FA3A67D5C73E2285E7A6D7466E24
PE256 10DA3B1A5384E0A5C633CC0809847630C3EEF09BC2B462714F2F50087F4A0349

DLL Exports:

Function Name Ordinal Type
AdtRestorePolicyGeneralized 20 Exported Function
AdtSetOption 21 Exported Function
AdtSetPerUserPolicy 22 Exported Function
AdtRestorePolicy 19 Exported Function
AdtParseGuidOrNameArray 16 Exported Function
AdtRemoveAllUsers 17 Exported Function
AdtRemoveBasePolicy 18 Exported Function
GetDisplayPolicy 27 Exported Function
LoadFormatStringAndPrintToConsole 28 Exported Function
SetDisplayPolicy 29 Exported Function
DisplayMessageToSpecificConsoleHandle 26 Exported Function
AdtSetSystemPolicy 23 Exported Function
AuditPolicyData_DeleteAuditDataInstance 24 Exported Function
DisplayMessage 25 Exported Function
AdtParseAuditOptionName 15 Exported Function
AdtConvertGuidStringToGuid 5 Exported Function
AdtConvertGuidToString 6 Exported Function
AdtDisableSinglePrivilege 7 Exported Function
AdtConstructAllCategoryGuids 4 Exported Function
AdtBackupPolicy 1 Exported Function
AdtBackupPolicyGeneralized 2 Exported Function
AdtClearPolicy 3 Exported Function
AdtListCategories 12 Exported Function
AdtListSubCategories 13 Exported Function
AdtLoadStringEx 14 Exported Function
AdtGetSystemPolicy 11 Exported Function
AdtEnableSinglePrivilege 8 Exported Function
AdtGetOption 9 Exported Function
AdtGetPerUserPolicy 10 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: AUDITPOLCORE.DLL.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/4af8efa518493025dedd14b70b1abffb0f4b663018a3075f6edfe1021b8a3e2d/detection/

MIT License. Copyright (c) 2020-2021 Strontic.