ntasn1.dll

• File Path: C:\Windows\SysWOW64\ntasn1.dll
• Description: Microsoft ASN.1 API

Hashes

Type	Hash
MD5	1BB153C345622DA4671C8945965CFF2E
SHA1	A5DF0DEDEE0AF857F6FE43B0459712F7A6F4D077
SHA256	20CC8CFFDCEBA3FE8ECFD41338929330AE7EF9ABA12656F999469C73B132AA6E
SHA384	7D0B0682D334D9BA2F75B6DD54E0B10DD36D65DD5E40CF40DF982205CAEAD3CF3535F105CA8BD9B3AB0CD714117BFCD8
SHA512	E1E8B1A65930C59B10305726C6899E67E032E0AD35D4FA5FF57C1D9B1FFA331BD415470BD5F4405B23A79A40BE22471D682FD9CF707A37BD069FC4561583599D
SSDEEP	1536:nN6Q0EBkGDoPctrSpUNE4ycapQarmos972JTu2sNtHexZEQ5Jg1fB1PTuy:N6Q1p5SeNDy2armR72JTu2VNsB1yy
IMP	39136B7E48556C446A45F6FA8D152525
PESHA1	EFB0C82D76A8FBE8DE6D797817D0AD27E08A6FA8
PE256	369136975476262785FB9B50F6D2C5D593D849A4B02A4CFABAB68CC5895153DD

Signature

• Status: Signature verified.
• Serial: 3300000266BD1580EFA75CD6D3000000000266
• Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: ntasn1.dll
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.1 (WinBuild.160101.0800)
• Product Version: 10.0.19041.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 32-bit

File Scan

• VirusTotal Detections: 0/70
• VirusTotal Link: https://www.virustotal.com/gui/file/20cc8cffdceba3fe8ecfd41338929330ae7ef9aba12656f999469c73b132aa6e/detection/

Possible Misuse

The following table contains possible examples of ntasn1.dll being misused. While ntasn1.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
sigma	image_load_mimikatz_inmemory_detection.yml	- 'ntasn1.dll'	DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.