fltLib.dll

  • File Path: C:\Windows\system32\fltLib.dll
  • Description: Filter Library

Hashes

Type Hash
MD5 D41B12437B4E6158248519135CFF36A6
SHA1 FD47943C6ED2898C94EEF2A54E0876DB8CF5C96B
SHA256 22DCA63FF7248D8D37F29D927414F692FB0084ACD1ABE4D63A3442A41300C4EF
SHA384 F89569F4D8E4E577CB91CDE9265DF84DD961604A881D5FF98770AEAAEB8FA301C3C463CC9930693A49ADF2217A891C91
SHA512 6DD80513333AFFF3620B0C08C0B24BDA1FA1CE0DF9F6675AED8FF0051FD49E14306401229E5EC47D17C3966406B42A4D1CC0AC0D107B068220D3C8E7AF604A4D
SSDEEP 768:dgyZy6fX/o2oPU/wWOPbhVmFBA147I1PKye:0U9OPbWFBA6MP/e
IMP 708386A4AFACE0FB31BA7C7F26C6B7F2
PESHA1 2B2C5694421D1ABC171269BED58F8FFDC603CBC7
PE256 448EEB08C1A39A753766D5551B25F0214203A5026356672D4E58314DE6FFE17A

DLL Exports:

Function Name Ordinal Type
FilterReplyMessage 20 Exported Function
FilterSendMessage 21 Exported Function
FilterUnload 22 Exported Function
FilterLoad 19 Exported Function
FilterInstanceFindFirst 16 Exported Function
FilterInstanceFindNext 17 Exported Function
FilterInstanceGetInformation 18 Exported Function
FilterVolumeInstanceFindClose 27 Exported Function
FilterVolumeInstanceFindFirst 28 Exported Function
FilterVolumeInstanceFindNext 29 Exported Function
FilterVolumeFindNext 26 Exported Function
FilterVolumeClose 23 Exported Function
FilterVolumeFindClose 24 Exported Function
FilterVolumeFindFirst 25 Exported Function
FilterInstanceFindClose 15 Exported Function
FilterCreate 5 Exported Function
FilterDetach 6 Exported Function
FilterFindClose 7 Exported Function
FilterConnectCommunicationPort 4 Exported Function
FilterAttach 1 Exported Function
FilterAttachAtAltitude 2 Exported Function
FilterClose 3 Exported Function
FilterGetMessage 12 Exported Function
FilterInstanceClose 13 Exported Function
FilterInstanceCreate 14 Exported Function
FilterGetInformation 11 Exported Function
FilterFindFirst 8 Exported Function
FilterFindNext 9 Exported Function
FilterGetDosName 10 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: filterLib.dll.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/22dca63ff7248d8d37f29d927414f692fb0084acd1abe4d63a3442a41300c4ef/detection/

MIT License. Copyright (c) 2020-2021 Strontic.