msrating.dll

  • File Path: C:\Windows\system32\msrating.dll
  • Description: “msrating.DYNLINK”

Hashes

Type Hash
MD5 E9C2FB0507A8D8F478030CC4758D1DFB
SHA1 495B8B44EF999B446E090396D7253D42E7715D18
SHA256 D83A2E45C5D59DF3E1CDDF1182AC32114425759E93709FCD5360E572AF079773
SHA384 BB8671DB5BAFC415CC4719DC709A7E0F9B7081C5F1C831150EE6FB56E88CF5F8E6CCE36DC455AA6A49A8C20BE4DB34DA
SHA512 C0AB0821C115EC5D6AED9B9988E577DB9B54E659223F274C17AA4BC4962C11C3BC033AD8A47D89AC3C90D9D75733A3F6FFD6B9521FF31914855926A24FCA936A
SSDEEP 96:jyBxR3BUNK9vs2Qz6IDyB9oLd+cLz+kxakeKvJehpUF9CcZM+elqPznDJ+XMN2D7:jQsUzyyBuLdD+kjr8+MFlhkNWSt3W
IMP 5C317B4785C1C3CE395F95788FB0F892
PESHA1 673AA22AA801183EC161CA23D10416161B3E8182
PE256 9D3A39882ADE013B34AFEE85FE8A490A7B34E1988BCADB0B7A7AE423EA38DBD6

DLL Exports:

Function Name Ordinal Type
RatingEnable 22 Exported Function
RatingCustomSetUserOptions 21 Exported Function
RatingEnableW 23 Exported Function
RatingEnabledQuery 24 Exported Function
RatingCustomInit 18 Exported Function
RatingCustomDeleteCrackedData 17 Exported Function
RatingCustomSetDefaultBureau 20 Exported Function
RatingCustomRemoveRatingHelper 19 Exported Function
RatingSetupUI 30 Exported Function
RatingObtainQueryW 29 Exported Function
VerifySupervisorPassword 32 Exported Function
RatingSetupUIW 31 Exported Function
RatingInit 26 Exported Function
RatingFreeDetails 25 Exported Function
RatingObtainQuery 28 Exported Function
RatingObtainCancel 27 Exported Function
RatingAccessDeniedDialog2W 6 Exported Function
RatingAccessDeniedDialog2 5 Exported Function
RatingAddPropertyPages 8 Exported Function
RatingAccessDeniedDialogW 7 Exported Function
ClickedOnPRF 2 Exported Function
ChangeSupervisorPassword 1 Exported Function
RatingAccessDeniedDialog 4 Exported Function
ClickedOnRAT 3 Exported Function
RatingCustomAddRatingHelper 14 Exported Function
RatingClickedOnRATInternal 13 Exported Function
RatingCustomCrackData 16 Exported Function
RatingCustomAddRatingSystem 15 Exported Function
RatingCheckUserAccess 10 Exported Function
RatingAddToApprovedSites 9 Exported Function
RatingClickedOnPRFInternal 12 Exported Function
RatingCheckUserAccessW 11 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: “msrating.DYNLINK”
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/d83a2e45c5d59df3e1cddf1182ac32114425759e93709fcd5360e572af079773/detection/

File Similarity (ssdeep match)

File Score
C:\Windows\system32\dpnaddr.dll 40
C:\Windows\system32\dpnathlp.dll 40
C:\Windows\system32\dpnet.dll 40
C:\Windows\system32\dpnhpast.dll 40
C:\Windows\system32\dpnhupnp.dll 40
C:\Windows\system32\dpnlobby.dll 40
C:\Windows\system32\dpnsvr.exe 40

MIT License. Copyright (c) 2020-2021 Strontic.