ntsdexts.dll
- File Path:
C:\Program Files (x86)\Windows Kits\10\Debuggers\arm\winxp\ntsdexts.dll
- Description: Symbolic Debugger Extensions
Hashes
| Type |
Hash |
| MD5 |
168BE4F381166226F836DD8C0692599D |
| SHA1 |
A42547E87EB2C7890F5D20824C66B138C266FC60 |
| SHA256 |
59AB2C27697B5106AEEF0CF9F8BFD50B12B17737C1F5719AF0442520B11D4236 |
| SHA384 |
4F99AC4595472542D8B08CF13849A8C5DB291A4A310B5596E2A0445043F443305656673334E54FC9445F872ED8CD3DC3 |
| SHA512 |
3D219EF78263A1F8CE91AC068194F8F179F65A2046090140EA79F4CE921AFB55A91E2F53EFC8047E6AD8B83E4926C73E0C4D781AEDEAB35494757AD93D802D44 |
| SSDEEP |
1536:G00Ou8mRhgfEbLcq02hEbrwQJam7vSKPYQLrdOpkw:5Hu8mmEdgnV9PdOpkw |
| IMP |
A965BDFC116392B8135326A5996C2F67 |
| PESHA1 |
4ED1195A539F34E1CF31BF796299F5C0ABBD3D7E |
| PE256 |
0FD7C2B2032D8676981510B448FE295156A4CFD38FF1261E7236FE0E2433DA0C |
DLL Exports:
| Function Name |
Ordinal |
Type |
hleak |
11 |
Exported Function |
help |
10 |
Exported Function |
handle |
9 |
Exported Function |
htrace |
12 |
Exported Function |
threadtoken |
15 |
Exported Function |
runaway |
14 |
Exported Function |
locks |
13 |
Exported Function |
gatom |
8 |
Exported Function |
DebugExtensionInitialize |
1 |
Exported Function |
critsec |
4 |
Exported Function |
_EFN_GetHandleTrace |
3 |
Exported Function |
DebugExtensionNotify |
2 |
Exported Function |
dt |
7 |
Exported Function |
dreg |
6 |
Exported Function |
dp |
5 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
33000002B7E8E007A82AEF13150000000002B7
- Thumbprint:
5A68625F1A516670A744F7EF919500A479D32A5B
- Issuer: CN=Microsoft Code Signing PCA 2010, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows Kits Publisher, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: ntsdexts
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 452
File Scan
- VirusTotal Detections: Unknown
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.