ifsutilx.dll

File Path: C:\Windows\SysWOW64\ifsutilx.dll
Description: IFS Utility Extension DLL

Hashes

Type	Hash
MD5	`5AF397E2EFC60D018F7B16725F048658`
SHA1	`10F59D41EBF22A5477D68028CC934B1929E3437F`
SHA256	`3E4E9E82040FB177E27DB3C668023547342FDB54286CD3ADC0B59089E2F3DF46`
SHA384	`FECC81018BD6C6D65E5E3567DE89F428938EB81339F42FB1D004E319BE3B8F02F7DB727FEB09666A2AD0D2F7EB33E55A`
SHA512	`698AD67634DAAD27EF254C0B75A3913230BB92D11A44518E33378DFC9167899A93BF89C7CC4ADB47643D45DC63B76A44D629D0A0A0DBE81050E7DC317FB1E157`
SSDEEP	`192:p0n+gRdNYITBGdf9wvD5RiTyGovmC+MUVtEX+YN7EcX2O/tWsZWqIIVr:poRdwmr5RmWmC+MUVtnYNZ2aWsZWVMr`
IMP	`A6D2661F1BEE64CF0B16D732BA19985A`
PESHA1	`A5279FC97DFB4866B69D57DB60D32913586D8749`
PE256	`2AAA6ED4F2A5BB4D79D58BBF0D0F40C70E3E3EFBAE3CB8DB7A60CBA1B1C69120`

DLL Exports:

Function Name	Ordinal	Type
`InitializeCOM`	4	Exported Function
`ReleaseVolumeSnapshot`	5	Exported Function
`UninitializeCOM`	6	Exported Function
`CheckSnapshotPresence`	1	Exported Function
`CreateVolumeSnapshot`	2	Exported Function
`GetSnapshotErrorMessage`	3	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: IFSUtilX.DLL
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/68
VirusTotal Link: https://www.virustotal.com/gui/file/3e4e9e82040fb177e27db3c668023547342fdb54286cd3adc0b59089e2f3df46/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\ifsutilx.dll	33

MIT License. Copyright (c) 2020-2021 Strontic.