ntmarta.dll

• File Path: C:\Windows\system32\ntmarta.dll
• Description: Windows NT MARTA provider

Hashes

Type	Hash
MD5	D3431A6AE87BAC591A5BB10F2C986FFB
SHA1	1629DFA6338FEE5C09A03C53AEAA0581217C547F
SHA256	ABADDB4C28A8C4BDF55D54FC33D8DBD6A157FEDC3EB8E90326F55798A6CF52F5
SHA384	336DED43C56A7FFA24EF18125D2328148ED65088AD227448519BB1B6B6B487847117CF8E0F5B4A5FA7D2A89489DD695A
SHA512	F5E6909FA5728062AC49731319C40E1618E2767BB67BA88ED4153969B927939DC988FE5AA5995B3735444F8083202A376974C769752E9E86B962ACF57EE423BA
SSDEEP	3072:Szfddsov5vCTJ1icOyKXRyOXlTSfsSdxwlpU5mE9FOveNuQe67M1ElUHQDNR4aP:zC5+BGXlT4QAsE9FO2xvlIQDNRl
IMP	2A82B57D7A2D3136D8E6670296793FB3
PESHA1	59511C9345265B07FAD2CE2DD8BBBBDA06CC354B
PE256	BBBFD484DC076950048A77C56CD994E1D16734625E84AB84BA38BB7E93DB1745

DLL Exports:

Function Name	Ordinal	Type
AccRewriteGetExplicitEntriesFromAcl	35	Exported Function
AccProvSetAccessRights	34	Exported Function
AccProvRevokeAuditRights	33	Exported Function
AccRewriteSetEntriesInAcl	38	Exported Function
AccRewriteGetNamedRights	37	Exported Function
AccRewriteGetHandleRights	36	Exported Function
AccProvHandleSetAccessRights	29	Exported Function
AccProvHandleRevokeAuditRights	28	Exported Function
AccProvHandleRevokeAccessRights	27	Exported Function
AccProvRevokeAccessRights	32	Exported Function
AccProvIsObjectAccessible	31	Exported Function
AccProvIsAccessAudited	30	Exported Function
AccRewriteSetHandleRights	39	Exported Function
GetSecurityInfo	47	Exported Function
GetNamedSecurityInfoW	46	Exported Function
GetMartaExtensionInterface	2	Exported Function
SetSecurityInfo	50	Exported Function
SetNamedSecurityInfoW	49	Exported Function
SetEntriesInAclW	48	Exported Function
AccTreeResetNamedSecurityInfo	42	Exported Function
AccSetEntriesInAList	41	Exported Function
AccRewriteSetNamedRights	40	Exported Function
GetExplicitEntriesFromAclW	45	Exported Function
EventNameFree	44	Exported Function
EventGuidToName	43	Exported Function
AccGetInheritanceSource	11	Exported Function
AccGetExplicitEntries	10	Exported Function
AccGetAccessForTrustee	9	Exported Function
AccLookupAccountTrustee	14	Exported Function
AccLookupAccountSid	13	Exported Function
AccLookupAccountName	12	Exported Function
AccConvertAccessToSecurityDescriptor	5	Exported Function
AccConvertAccessToSD	4	Exported Function
AccConvertAccessMaskToActrlAccess	3	Exported Function
AccFreeIndexArray	8	Exported Function
AccConvertSDToAccess	7	Exported Function
AccConvertAclToAccess	6	Exported Function
AccProvCancelOperation	15	Exported Function
AccProvHandleGetTrusteesAccess	24	Exported Function
AccProvHandleGetAllRights	23	Exported Function
AccProvHandleGetAccessInfoPerObjectType	22	Exported Function
AccProvHandleIsObjectAccessible	26	Exported Function
AccProvHandleIsAccessAudited	25	Exported Function
AccProvHandleGrantAccessRights	1	Exported Function
AccProvGetCapabilities	18	Exported Function
AccProvGetAllRights	17	Exported Function
AccProvGetAccessInfoPerObjectType	16	Exported Function
AccProvGrantAccessRights	21	Exported Function
AccProvGetTrusteesAccess	20	Exported Function
AccProvGetOperationResults	19	Exported Function

Signature

• Status: Signature verified.
• Serial: 3300000266BD1580EFA75CD6D3000000000266
• Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: ntmarta.dll.mui
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.1 (WinBuild.160101.0800)
• Product Version: 10.0.19041.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 64-bit

File Scan

• VirusTotal Detections: 0/71
• VirusTotal Link: https://www.virustotal.com/gui/file/abaddb4c28a8c4bdf55d54fc33d8dbd6a157fedc3eb8e90326f55798a6cf52f5/detection/

MIT License. Copyright (c) 2020-2021 Strontic.