ppcsnap.dll

• File Path: C:\Windows\system32\ppcsnap.dll
• Description: ppcsnap DLL

Hashes

Type	Hash
MD5	EF0AF193CFFD387684860C8C53B836D8
SHA1	6E10EE3AC507C99512B98F7F5F8B42C4B0F9544A
SHA256	E5E98DCD3478DB837F9BF9D4D12E179B6351950A5C8A3E4EB4BA1102F69D3D8B
SHA384	B8B26E3699E6E5BA66217C9931AA29F1C7C056F906C872E1FE08208A1ACCDBB84D0942600A675F05FFDF7F5E41D39733
SHA512	4993C5AD39539DA2E20A97F1DA55716B9997EC8E7FB191296E2CD63767964708E6E1DDD49B0BFBED3E0E3D34A74211EEBCE1D9C8EA8BA7CBE5A23BD97EEABA19
SSDEEP	6144:PvkvQfLrYIcwbUwaVVlZJ20yp/QZgsOK4AHn:3aQwIcIaflZJ20yFQZxy
IMP	4561F2A15DA88257C487C948EAE1D2D2
PESHA1	014A0015B0915E6A06763F1C4DB056F832CC0582
PE256	9CF3283F3AA18ED57C7A876B54793A668FD4056B4C2C49ACFC2F900E663F8FCE

DLL Exports:

Function Name	Ordinal	Type
DllRegisterServer	3	Exported Function
DllUnregisterServer	4	Exported Function
DllCanUnloadNow	1	Exported Function
DllGetClassObject	2	Exported Function

Signature

• Status: Signature verified.
• Serial: 330000023241FB59996DCC4DFF000000000232
• Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
• Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
• Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

• Original Filename: ppcsnap.dll.mui
• Product Name: Microsoft Windows Operating System
• Company Name: Microsoft Corporation
• File Version: 10.0.19041.1 (WinBuild.160101.0800)
• Product Version: 10.0.19041.1
• Language: English (United States)
• Legal Copyright: Microsoft Corporation. All rights reserved.
• Machine Type: 64-bit

File Scan

• VirusTotal Detections: 0/71
• VirusTotal Link: https://www.virustotal.com/gui/file/e5e98dcd3478db837f9bf9d4d12e179b6351950a5c8a3e4eb4ba1102f69d3d8b/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\prnntfy.dll	38
C:\Windows\system32\puiapi.dll	43
C:\Windows\system32\puiobj.dll	30
C:\Windows\SysWOW64\prnntfy.dll	35
C:\Windows\SysWOW64\puiapi.dll	41

MIT License. Copyright (c) 2020-2021 Strontic.