gmsaclient.dll

  • File Path: C:\Windows\system32\gmsaclient.dll
  • Description: “gmsaclient.DYNLINK”

Hashes

Type Hash
MD5 E0D961AE579723599BD39F37DF1C12BF
SHA1 E6E632911D8868E56FE731B9BC592E694F9EF62D
SHA256 E962E8BEE87435B1B4DBCBE674E655DDFD096B0775E45D25B5BF0F5C6163EEF7
SHA384 693BCB49EAB23D028D171AC6B8740902D00CD88130888F2F0CF0E3F9FF00B23AD2962DD83B5BA55FC1952A8DA607D949
SHA512 1F95FD5DCA7385E5ADC4FB61050EAFE7CA521422E74B3A7F1912C4C2C3152AC4B05F6988183315D13C791AF3EC9850F2555624F989FB7733994CB900043E14CF
SSDEEP 768:TkIVaiTEJ7YxbUoWJ4/uoDXeIdpUEtnHSOIVQdAZ3esw/j4w3a:miLvWJ8DXewJIVkAk/j4/
IMP E94F6394998ABD515E04EA8CD765B229
PESHA1 79A0E3107A0F40722E4F673E39114F124F43C29D
PE256 E0E58F1F98BB82B6D910F0A7EE19DF91BF53B006F0A35CD6B5355F15E6FD0C51

DLL Exports:

Function Name Ordinal Type
GMSAGetPassword 5 Exported Function
GMSAInit 6 Exported Function
GMSARefreshPasswords 7 Exported Function
GMSADelete 4 Exported Function
GMSAAdd 1 Exported Function
GMSACheckIfExistsInAD 2 Exported Function
GMSACleanup 3 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: “gmsaclient.DYNLINK”
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/67
  • VirusTotal Link: https://www.virustotal.com/gui/file/e962e8bee87435b1b4dbcbe674e655ddfd096b0775e45d25b5bf0f5c6163eef7/detection/

MIT License. Copyright (c) 2020-2021 Strontic.