offlinelsa.dll
- File Path:
C:\Windows\system32\offlinelsa.dll
- Description: Windows
Hashes
| Type |
Hash |
| MD5 |
B5F7E1CF470DBB9F30B3D84248FF7774 |
| SHA1 |
0A1CA65C9B5D7FB868686081A78CCDAABDA4101A |
| SHA256 |
C31ECCB6EE829E2866E273587E0545C2C050621192FEF8193CB9694AF0140552 |
| SHA384 |
43F626C5BC4F3FEC83E3541974749EBC02CFA1330924EE490EEA151A908711A5358478BADD0FB296B211C5AD6D7CFBA0 |
| SHA512 |
5D66E0D3A5B224B8579EB6BF980202DC2B38B7EF1B618862016F8D59F68A6204C04142B51A184350C5D4CB509CA0C7636C85CC0D3D410D2C2A9441BEA1262CAB |
| SSDEEP |
3072:qZFlLqj6nv0upWGlfXIXpUBs56jcqf7Dy/izR4YeFmBav:oLdn8uQRpUzQqf7Duiydv |
| IMP |
E64C23E7AD3A77009A50DAAC5AC5DBD6 |
| PESHA1 |
401EDB0DAA7AD5A9E24E022391D97EB6EE938E00 |
| PE256 |
3D4E425DC0E1BC62E4F54CC8E1B1452EA4AC86D43301B90FAEF9A368245160C6 |
DLL Exports:
| Function Name |
Ordinal |
Type |
LsaOfflineOpenPolicyExternal |
13 |
Exported Function |
LsaOfflineOpenPolicyForInstaller |
14 |
Exported Function |
LsaOfflineOpenAccount |
11 |
Exported Function |
LsaOfflineOpenPolicy |
12 |
Exported Function |
LsaOfflineQueryInformationPolicy |
15 |
Exported Function |
LsaOfflineSetSystemAccessAccount |
18 |
Exported Function |
LsaOfflineSyskeyRequest |
19 |
Exported Function |
LsaOfflineRemoveAccountRights |
16 |
Exported Function |
LsaOfflineRemovePrivilegesFromAccount |
17 |
Exported Function |
LsaOfflineGetSystemAccessAccount |
10 |
Exported Function |
LsaOfflineClose |
3 |
Exported Function |
LsaOfflineCreateAccount |
4 |
Exported Function |
LsaOfflineAddAccountRights |
1 |
Exported Function |
LsaOfflineAddPrivilegesToAccount |
2 |
Exported Function |
LsaOfflineDelete |
5 |
Exported Function |
LsaOfflineEnumeratePrivilegesOfAccount |
8 |
Exported Function |
LsaOfflineFreeMemory |
9 |
Exported Function |
LsaOfflineEnumerateAccountRights |
6 |
Exported Function |
LsaOfflineEnumerateAccounts |
7 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: offlinelsa.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.508 (WinBuild.160101.0800)
- Product Version: 10.0.19041.508
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/67
- VirusTotal Link: https://www.virustotal.com/gui/file/c31eccb6ee829e2866e273587e0545c2c050621192fef8193cb9694af0140552/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.