bindfltapi.dll

• File Path: C:\Windows\system32\bindfltapi.dll
• Description: BindFlt user mode API

Hashes

Type	Hash
MD5	F3FDA72BD37702193ADDA37FA07761C2
SHA1	DB4B4C6B9A67136EC785A95DDFA2C88FBB442C4E
SHA256	C16C16EA79C7860EE51B43F71E564E971D04C222BD5E8FCF8F4BFC24CD7B87CE
SHA384	21F482045279174F69A10DE2C1F9D1A1113E45DAAB19274E8F32680DD552C602E54281E826CCBEA2E4FFC5B22DCE1992
SHA512	C88A50C4EBE1D68543E2650062D57D73C5F7AC6329216EFFA7919407FE120E8395A35BAF30509573C10050418760B8100BD86EF380ABB65AD30248D14CC06C8F
SSDEEP	1536:5u4tUBci0B3Rw2pHR46LO6Ngt5LkCht1r6EaINH+emsLwXplxp:5hUBgxtHN85LkChtIRk+emDX7xp
IMP	294C0A6626CC39674FD0DDF04ED6205F
PESHA1	3590D89103EB6FD9BE32302918E34BD6ED20AB5C
PE256	26956D46AA891FBA28F1B8E3C8D55B3F107232BAD7B88206FF6F5EA5D3545898

DLL Exports:

Function Name	Ordinal	Type
BfSetupFilterBatched	7	Exported Function
BfSetupFilter	6	Exported Function
BfTrackWritesFromSilo	9	Exported Function
BfSetupFilterEx	8	Exported Function
BfRemoveMappingEx	5	Exported Function
BfGenerateBatchedConfig	2	Exported Function
BfAttachFilter	1	Exported Function
BfRemoveMapping	4	Exported Function
BfGetMappings	3	Exported Function

Signature

• Status: Signature verified.
• Serial: 330000026551AE1BBD005CBFBD000000000265
• Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: BindFltApi.dll
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.292 (WinBuild.160101.0800)
• Product Version: 10.0.19041.292
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 64-bit

File Scan

• VirusTotal Detections: 0/71
• VirusTotal Link: https://www.virustotal.com/gui/file/c16c16ea79c7860ee51b43f71e564e971d04c222bd5e8fcf8f4bfc24cd7b87ce/detection/

MIT License. Copyright (c) 2020-2021 Strontic.