mdmregistration.dll

  • File Path: C:\Windows\system32\mdmregistration.dll
  • Description: MDM Registration DLL

Hashes

Type Hash
MD5 740E6727C3559B75B031CCE382C0206E
SHA1 9919021919E92B4103B080ADC8D29D45776ABDA6
SHA256 D0B19C78A8021674F9A2371BD4473350126E330DAA7874E26338C53286887EDB
SHA384 42199FF6D815AC9D852ADA29C059FE5DB4E524CC76A2F0BAF2351674A91C9A32614C3C7ACAD06E435BD3222AE009A7E2
SHA512 7C8E048CDAD27DA6D23B03306FC37336A84098E3ED1C4310972EB19437E4394EF2E5E82048E5353B2B89B8894EA88417AD15802761AB0161F81EDD3C4CB8A8DE
SSDEEP 6144:vLcf0eg2hMvbYV+Dvt1OQdlHXlHplH1lHi8zMeI:Yf0egZk+DvDOwlHXlHplH1lHi8HI
IMP E29FDFF886E21E0AA5ADF85496B71962
PESHA1 F882674140109C97016606FAAAFF8B188E18BCB7
PE256 F314FE0972123D5D777D5EB5EAB14000D0B93780F2F1EC2124F978CC5BF96E43

DLL Exports:

Function Name Ordinal Type
RegisterDeviceWithManagementUsingAADCredentials 11 Exported Function
RegisterDeviceWithManagement 10 Exported Function
IsMdmUxWithoutAadAllowed 9 Exported Function
UnregisterDeviceWithManagement 14 Exported Function
SetManagedExternally 13 Exported Function
RegisterDeviceWithManagementUsingAADDeviceCredentials 12 Exported Function
IsManagementRegistrationAllowed 8 Exported Function
FindDiscoveryService 2 Exported Function
DiscoverManagementServiceEx 4 Exported Function
DiscoverManagementService 3 Exported Function
IsDeviceRegisteredWithManagement 7 Exported Function
GetManagementAppHyperlink 6 Exported Function
GetDeviceRegistrationInfo 5 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: mdmregistration.dll
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.488 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.488
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/66
  • VirusTotal Link: https://www.virustotal.com/gui/file/d0b19c78a8021674f9a2371bd4473350126e330daa7874e26338c53286887edb/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\SysWOW64\dmenrollengine.dll 36
C:\Windows\SysWOW64\mdmregistration.dll 46

MIT License. Copyright (c) 2020-2021 Strontic.