ktmw32.dll

• File Path: C:\Windows\system32\ktmw32.dll
• Description: Windows KTM Win32 Client DLL

Hashes

Type	Hash
MD5	A7432B9A74FC0EA8A362733C9F3ECDEF
SHA1	0B3129B53D0CE4DAE277FE488AE93E00DC7C8906
SHA256	6CC284E887523BC16616E71FF86C2DE2CD8026A962CF507F8AE14CDCD2CECFAE
SHA384	0DA4C6396950D6CFA877A2BF3A60C50A0B6DBE3FCA7F883ACC1EB4C49083E85D700BE4F2F1FD21451BF5267C51FB987C
SHA512	213C4C174FA76749225B722571C2121FFE6990652C068347D4CF4F322A672154CCC186E4073B36C35D2E38415B543636A92211E5CBF47C8717329B9D0FADE782
SSDEEP	192:9L0cxHBZEC+SxAkKb+F9AfmV+YM8ekPI+LyEtTuKep77WHfW7Z2Sp0ELW:9YurAkKzOV+tGrlT0p77WHfW4Spx
IMP	387008A82F48064617654BFD0C938DE6
PESHA1	13D0FB17F5528008F9E1805CCF182D23AFFB0510
PE256	0A36B6C46952B0FD8F7D2370AF19CBCF73F7FB8FF1A8BC9EBEBCDA0382A61120

DLL Exports:

Function Name	Ordinal	Type
PrivRegisterProtocolAddressInformation	30	Exported Function
PrivPropagationFailed	29	Exported Function
ReadOnlyEnlistment	31	Exported Function
RecoverResourceManager	33	Exported Function
RecoverEnlistment	32	Exported Function
PrivPropagationComplete	28	Exported Function
PrePrepareComplete	22	Exported Function
PrepareEnlistment	25	Exported Function
PrePrepareEnlistment	23	Exported Function
PrivIsLogWritableTransactionManager	27	Exported Function
PrivCreateTransaction	26	Exported Function
SetEnlistmentRecoveryInformation	41	Exported Function
RollforwardTransactionManager	40	Exported Function
SetResourceManagerCompletionPort	42	Exported Function
SinglePhaseReject	44	Exported Function
SetTransactionInformation	43	Exported Function
RollbackTransactionAsync	39	Exported Function
RenameTransactionManager	35	Exported Function
RecoverTransactionManager	34	Exported Function
RollbackComplete	36	Exported Function
RollbackTransaction	38	Exported Function
RollbackEnlistment	37	Exported Function
CreateTransactionManager	8	Exported Function
CreateTransaction	7	Exported Function
GetCurrentClockTransactionManager	9	Exported Function
GetEnlistmentRecoveryInformation	11	Exported Function
GetEnlistmentId	10	Exported Function
CreateResourceManager	6	Exported Function
CommitEnlistment	2	Exported Function
CommitComplete	1	Exported Function
CommitTransaction	3	Exported Function
CreateEnlistment	5	Exported Function
CommitTransactionAsync	4	Exported Function
OpenTransaction	19	Exported Function
OpenResourceManager	18	Exported Function
OpenTransactionManager	20	Exported Function
PrepareComplete	24	Exported Function
OpenTransactionManagerById	21	Exported Function
OpenEnlistment	17	Exported Function
GetNotificationResourceManagerAsync	13	Exported Function
GetNotificationResourceManager	12	Exported Function
GetTransactionId	14	Exported Function
GetTransactionManagerId	16	Exported Function
GetTransactionInformation	15	Exported Function

Signature

• Status: Signature verified.
• Serial: 3300000266BD1580EFA75CD6D3000000000266
• Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: ktmw32
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.1 (WinBuild.160101.0800)
• Product Version: 10.0.19041.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 64-bit

File Scan

• VirusTotal Detections: 0/72
• VirusTotal Link: https://www.virustotal.com/gui/file/6cc284e887523bc16616e71ff86c2de2cd8026a962cf507f8ae14cdcd2cecfae/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\SysWOW64\ktmw32.dll	38

MIT License. Copyright (c) 2020-2021 Strontic.