ttdloader.dll

  • File Path: C:\Windows\system32\ttdloader.dll
  • Description: Time Travel Debugging Runtime Loader

Hashes

Type Hash
MD5 4A6E1E49B03B6E839A40D743D95A35F1
SHA1 CA8A1E4F17999351DE99CF523E6A80926CE87D29
SHA256 AEDD5F47B9CABFAA279B81B4BC025EF6CF2B29720EB7B5BC5896AAA48DDAB3F0
SHA384 8E86CB7B5C7751C7BC764D2E23C82A3184DDC66DB785059D8A14B50E9F0F0C076475DF57020A3C6DB1691561474C67CE
SHA512 453459B996AB9D0B8A4FDE1C922CEFD09495F555D936EFADA278759E8816653B882532E5B512213ED8A1CEDE6AEA20375523826135524E5ECA90D1304C04EFA9
SSDEEP 192:dlF+5RRQrHbUNbWLMW/D1S8f4DBQABJF+Aw17vJ4qnajlAUIPIi:d3knQbbUdWLMW/D1IDBRJF81x4leVIi
IMP E84ACC723E724F9DA96F31B694E17B16
PESHA1 E6545ED479BCE68A2739ADBBB328201D1EA95CA1
PE256 588ED15AD2C6A93F8C7389078A03F2AF988F697C15220ADC7E4AB0ACFC9DFE11

DLL Exports:

Function Name Ordinal Type
ParametersBlock 2 Exported Function
StubDllEntry 3 Exported Function
InjectThread 1 Exported Function
ntdllLdrInitializeThunk 4 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: TTDLoader.DLL
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.19041.1 (WinBuild.160101.0800)
  • Product Version: 10.0.19041.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/71
  • VirusTotal Link: https://www.virustotal.com/gui/file/aedd5f47b9cabfaa279b81b4bc025ef6cf2b29720eb7b5bc5896aaa48ddab3f0/detection/

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe 32
C:\Program Files (x86)\Windows Kits\10\Redist\10.0.19041.0\ucrt\DLLs\x86\api-ms-win-core-profile-l1-1-0.dll 29
C:\Windows\system32\69fe178f-26e7-43a9-aa7d-2b616b672dde_eventlogservice.dll 47
C:\Windows\system32\AppVClientPS.dll 29
C:\Windows\system32\AppVSentinel.dll 40
C:\Windows\system32\AppVTerminator.dll 40
C:\Windows\system32\avrt.dll 32
C:\Windows\system32\backgroundTaskHost.exe 50
C:\Windows\system32\bootstr.dll 47
C:\Windows\system32\BOOTVID.DLL 35
C:\Windows\system32\computelibeventlog.dll 36
C:\Windows\system32\DefaultDeviceManager.dll 36
C:\Windows\system32\DeviceCensus.exe 27
C:\WINDOWS\system32\DeviceCensus.exe 27
C:\Windows\system32\dllhost.exe 36
C:\Windows\system32\downlevel\api-ms-win-base-util-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-com-l1-1-0.dll 33
C:\Windows\system32\downlevel\api-ms-win-core-comm-l1-1-0.dll 52
C:\Windows\system32\downlevel\api-ms-win-core-console-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-datetime-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-datetime-l1-1-1.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-debug-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-debug-l1-1-1.dll 40
C:\Windows\system32\downlevel\api-ms-win-core-delayload-l1-1-0.dll 49
C:\Windows\system32\downlevel\api-ms-win-core-errorhandling-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-errorhandling-l1-1-1.dll 54
C:\Windows\system32\downlevel\api-ms-win-core-fibers-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-fibers-l1-1-1.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-file-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-file-l1-2-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-file-l1-2-1.dll 46
C:\Windows\system32\downlevel\API-MS-Win-core-file-l2-1-0.dll 47
C:\Windows\system32\downlevel\API-MS-Win-core-file-l2-1-1.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-handle-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-heap-l1-1-0.dll 46
C:\Windows\system32\downlevel\API-MS-Win-Core-Heap-Obsolete-L1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-interlocked-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-io-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-io-l1-1-1.dll 41
C:\Windows\system32\downlevel\api-ms-win-core-kernel32-legacy-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-kernel32-legacy-l1-1-1.dll 44
C:\Windows\system32\downlevel\API-MS-Win-Core-Kernel32-Private-L1-1-0.dll 50
C:\Windows\system32\downlevel\API-MS-Win-Core-Kernel32-Private-L1-1-1.dll 41
C:\Windows\system32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-localization-l1-2-0.dll 36
C:\Windows\system32\downlevel\api-ms-win-core-localization-l1-2-1.dll 44
C:\Windows\system32\downlevel\API-MS-Win-core-localization-obsolete-l1-2-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-memory-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-memory-l1-1-1.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-memory-l1-1-2.dll 49
C:\Windows\system32\downlevel\api-ms-win-core-namedpipe-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-privateprofile-l1-1-0.dll 49
C:\Windows\system32\downlevel\api-ms-win-core-privateprofile-l1-1-1.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-processenvironment-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-processenvironment-l1-2-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-processthreads-l1-1-0.dll 33
C:\Windows\system32\downlevel\api-ms-win-core-processthreads-l1-1-1.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-processthreads-l1-1-2.dll 50
C:\Windows\system32\downlevel\api-ms-win-core-processtopology-obsolete-l1-1-0.dll 40
C:\Windows\system32\downlevel\api-ms-win-core-profile-l1-1-0.dll 49
C:\Windows\system32\downlevel\api-ms-win-core-realtime-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-registry-l1-1-0.dll 35
C:\Windows\system32\downlevel\api-ms-win-core-registry-l2-1-0.dll 36
C:\Windows\system32\downlevel\api-ms-win-core-rtlsupport-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-shlwapi-legacy-l1-1-0.dll 35
C:\Windows\system32\downlevel\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-shutdown-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-stringansi-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-string-l1-1-0.dll 49
C:\Windows\system32\downlevel\API-MS-Win-core-string-l2-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll 41
C:\Windows\system32\downlevel\API-MS-Win-core-string-obsolete-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-synch-l1-1-0.dll 41
C:\Windows\system32\downlevel\api-ms-win-core-synch-l1-2-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-sysinfo-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-sysinfo-l1-2-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-sysinfo-l1-2-1.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-threadpool-l1-2-0.dll 36
C:\Windows\system32\downlevel\api-ms-win-core-threadpool-legacy-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-threadpool-private-l1-1-0.dll 46
C:\Windows\system32\downlevel\api-ms-win-core-timezone-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-url-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-core-util-l1-1-0.dll 41
C:\Windows\system32\downlevel\api-ms-win-core-version-l1-1-0.dll 40
C:\Windows\system32\downlevel\api-ms-win-core-wow64-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-core-xstate-l1-1-0.dll 50
C:\Windows\system32\downlevel\API-MS-Win-core-xstate-l2-1-0.dll 49
C:\Windows\system32\downlevel\api-ms-win-crt-conio-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-crt-convert-l1-1-0.dll 41
C:\Windows\system32\downlevel\api-ms-win-crt-environment-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-crt-filesystem-l1-1-0.dll 41
C:\Windows\system32\downlevel\api-ms-win-crt-heap-l1-1-0.dll 50
C:\Windows\system32\downlevel\api-ms-win-crt-locale-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-crt-math-l1-1-0.dll 36
C:\Windows\system32\downlevel\api-ms-win-crt-multibyte-l1-1-0.dll 30
C:\Windows\system32\downlevel\api-ms-win-crt-process-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-crt-runtime-l1-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-crt-stdio-l1-1-0.dll 38
C:\Windows\system32\downlevel\api-ms-win-crt-string-l1-1-0.dll 29
C:\Windows\system32\downlevel\api-ms-win-crt-time-l1-1-0.dll 55
C:\Windows\system32\downlevel\api-ms-win-crt-utility-l1-1-0.dll 44
C:\Windows\system32\downlevel\API-MS-Win-devices-config-L1-1-0.dll 29
C:\Windows\system32\downlevel\API-MS-Win-devices-config-L1-1-1.dll 29
C:\Windows\system32\downlevel\API-MS-Win-Eventing-ClassicProvider-L1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-eventing-consumer-l1-1-0.dll 46
C:\Windows\system32\downlevel\API-MS-Win-Eventing-Controller-L1-1-0.dll 41
C:\Windows\system32\downlevel\API-MS-Win-Eventing-Legacy-L1-1-0.dll 49
C:\Windows\system32\downlevel\API-MS-Win-Eventing-Provider-L1-1-0.dll 49
C:\Windows\system32\downlevel\API-MS-Win-EventLog-Legacy-L1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-security-base-l1-1-0.dll 30
C:\Windows\system32\downlevel\api-ms-win-security-cryptoapi-l1-1-0.dll 43
C:\Windows\system32\downlevel\API-MS-Win-Security-Lsalookup-L2-1-0.dll 46
C:\Windows\system32\downlevel\API-MS-Win-Security-Lsalookup-L2-1-1.dll 47
C:\Windows\system32\downlevel\API-MS-Win-security-lsapolicy-l1-1-0.dll 47
C:\Windows\system32\downlevel\API-MS-Win-security-provider-L1-1-0.dll 49
C:\Windows\system32\downlevel\api-ms-win-security-sddl-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-service-core-l1-1-0.dll 44
C:\Windows\system32\downlevel\api-ms-win-service-core-l1-1-1.dll 43
C:\Windows\system32\downlevel\api-ms-win-service-management-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-service-management-l2-1-0.dll 43
C:\Windows\system32\downlevel\api-ms-win-service-private-l1-1-0.dll 32
C:\Windows\system32\downlevel\api-ms-win-service-private-l1-1-1.dll 35
C:\Windows\system32\downlevel\api-ms-win-service-winsvc-l1-1-0.dll 47
C:\Windows\system32\downlevel\api-ms-win-shcore-stream-l1-1-0.dll 40
C:\Windows\system32\drivers\UMDF\SDFLauncher.dll 32
C:\Windows\system32\DriverStore\FileRepository\sdflauncher.inf_amd64_1ea082c6cf8f6982\SDFLauncher.dll 32
C:\Windows\system32\dsrole.dll 36
C:\Windows\system32\IME\IMETC\IMTCTRLN.DLL 30
C:\Windows\system32\IME\SHARED\IMEDICAPICCPS.DLL 27
C:\Windows\system32\IME\SHARED\IMESEARCHPS.DLL 35
C:\Windows\system32\kd.dll 40
C:\Windows\system32\kd_02_1af4.dll 41
C:\Windows\system32\kd_07_1415.dll 32
C:\Windows\system32\kdnet_uart16550.dll 36
C:\Windows\system32\kdstub.dll 27
C:\Windows\system32\ksuser.dll 41
C:\Windows\system32\microsoft-windows-battery-events.dll 38
C:\Windows\system32\microsoft-windows-hal-events.dll 30
C:\Windows\system32\microsoft-windows-sleepstudy-events.dll 43
C:\Windows\system32\msdmo.dll 27
C:\Windows\system32\NDKPing.exe 29
C:\Windows\system32\oobe\FirstLogonAnim.exe 35
C:\Windows\system32\pcwum.dll 30
C:\Windows\system32\prproc.exe 41
C:\Windows\system32\psapi.dll 41
C:\Windows\system32\ResetEngine.exe 40
C:\WINDOWS\system32\ResetEngine.exe 32
C:\WINDOWS\system32\ScriptRunner.exe 30
C:\Windows\system32\setupetw.dll 46
C:\Windows\system32\sfc.dll 46
C:\Windows\system32\SlideToShutDown.exe 29
C:\Windows\system32\smphost.dll 22
C:\Windows\system32\spwizres.dll 38
C:\Windows\system32\streamci.dll 29
C:\Windows\system32\UtilityVmSysprep.dll 29
C:\Windows\system32\uxlibres.dll 43
C:\Windows\system32\VmApplicationHealthMonitorProxy.dll 27
C:\Windows\system32\wbem\Microsoft.AppV.AppVClientWmi.dll 33
C:\Windows\system32\winnsi.dll 27
C:\Windows\system32\wshhyperv.dll 35
C:\Windows\system32\wshunix.dll 35
C:\Windows\system32\wuauclt.exe 30
C:\Windows\SysWOW64\AppVClientPS.dll 35
C:\Windows\SysWOW64\AppVSentinel.dll 38
C:\Windows\SysWOW64\AppVTerminator.dll 35
C:\Windows\SysWOW64\avrt.dll 38
C:\Windows\SysWOW64\backgroundTaskHost.exe 41
C:\Windows\SysWOW64\BOOTVID.DLL 30
C:\Windows\SysWOW64\CameraSettingsUIHost.exe 29
C:\Windows\SysWOW64\DefaultDeviceManager.dll 29
C:\Windows\SysWOW64\dllhost.exe 35
C:\Windows\SysWOW64\downlevel\api-ms-win-base-util-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-com-l1-1-0.dll 40
C:\Windows\SysWOW64\downlevel\api-ms-win-core-comm-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-console-l1-1-0.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-core-datetime-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-datetime-l1-1-1.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-debug-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-debug-l1-1-1.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-core-delayload-l1-1-0.dll 40
C:\Windows\SysWOW64\downlevel\api-ms-win-core-errorhandling-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-errorhandling-l1-1-1.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-fibers-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-fibers-l1-1-1.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-file-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-file-l1-2-0.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-core-file-l1-2-1.dll 47
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-file-l2-1-0.dll 47
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-file-l2-1-1.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-handle-l1-1-0.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-core-heap-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\API-MS-Win-Core-Heap-Obsolete-L1-1-0.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-core-interlocked-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-io-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-io-l1-1-1.dll 41
C:\Windows\SysWOW64\downlevel\api-ms-win-core-kernel32-legacy-l1-1-0.dll 52
C:\Windows\SysWOW64\downlevel\api-ms-win-core-kernel32-legacy-l1-1-1.dll 52
C:\Windows\SysWOW64\downlevel\API-MS-Win-Core-Kernel32-Private-L1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\API-MS-Win-Core-Kernel32-Private-L1-1-1.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-localization-l1-2-0.dll 38
C:\Windows\SysWOW64\downlevel\api-ms-win-core-localization-l1-2-1.dll 43
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-localization-obsolete-l1-2-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-memory-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-memory-l1-1-1.dll 41
C:\Windows\SysWOW64\downlevel\api-ms-win-core-memory-l1-1-2.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-core-namedpipe-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-privateprofile-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-privateprofile-l1-1-1.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processenvironment-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processenvironment-l1-2-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processthreads-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processthreads-l1-1-1.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processthreads-l1-1-2.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-processtopology-obsolete-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-profile-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-realtime-l1-1-0.dll 38
C:\Windows\SysWOW64\downlevel\api-ms-win-core-registry-l1-1-0.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-core-registry-l2-1-0.dll 38
C:\Windows\SysWOW64\downlevel\api-ms-win-core-rtlsupport-l1-1-0.dll 41
C:\Windows\SysWOW64\downlevel\api-ms-win-core-shlwapi-legacy-l1-1-0.dll 35
C:\Windows\SysWOW64\downlevel\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-shutdown-l1-1-0.dll 41
C:\Windows\SysWOW64\downlevel\api-ms-win-core-stringansi-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-string-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-string-l2-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll 49
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-string-obsolete-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-synch-l1-1-0.dll 38
C:\Windows\SysWOW64\downlevel\api-ms-win-core-synch-l1-2-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-sysinfo-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-core-sysinfo-l1-2-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-sysinfo-l1-2-1.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-threadpool-l1-2-0.dll 32
C:\Windows\SysWOW64\downlevel\api-ms-win-core-threadpool-legacy-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-threadpool-private-l1-1-0.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-core-timezone-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-url-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-core-util-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-core-version-l1-1-0.dll 40
C:\Windows\SysWOW64\downlevel\api-ms-win-core-wow64-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-core-xstate-l1-1-0.dll 49
C:\Windows\SysWOW64\downlevel\API-MS-Win-core-xstate-l2-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-conio-l1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-convert-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-environment-l1-1-0.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-filesystem-l1-1-0.dll 38
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-heap-l1-1-0.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-locale-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-math-l1-1-0.dll 30
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-multibyte-l1-1-0.dll 32
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-process-l1-1-0.dll 49
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-runtime-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-stdio-l1-1-0.dll 32
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-string-l1-1-0.dll 29
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-time-l1-1-0.dll 50
C:\Windows\SysWOW64\downlevel\api-ms-win-crt-utility-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\API-MS-Win-devices-config-L1-1-0.dll 33
C:\Windows\SysWOW64\downlevel\API-MS-Win-devices-config-L1-1-1.dll 30
C:\Windows\SysWOW64\downlevel\API-MS-Win-Eventing-ClassicProvider-L1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-eventing-consumer-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\API-MS-Win-Eventing-Controller-L1-1-0.dll 40
C:\Windows\SysWOW64\downlevel\API-MS-Win-Eventing-Legacy-L1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\API-MS-Win-Eventing-Provider-L1-1-0.dll 40
C:\Windows\SysWOW64\downlevel\API-MS-Win-EventLog-Legacy-L1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-security-base-l1-1-0.dll 30
C:\Windows\SysWOW64\downlevel\api-ms-win-security-cryptoapi-l1-1-0.dll 41
C:\Windows\SysWOW64\downlevel\API-MS-Win-Security-Lsalookup-L2-1-0.dll 49
C:\Windows\SysWOW64\downlevel\API-MS-Win-Security-Lsalookup-L2-1-1.dll 44
C:\Windows\SysWOW64\downlevel\API-MS-Win-security-lsapolicy-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\API-MS-Win-security-provider-L1-1-0.dll 47
C:\Windows\SysWOW64\downlevel\api-ms-win-security-sddl-l1-1-0.dll 44
C:\Windows\SysWOW64\downlevel\api-ms-win-service-core-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-service-core-l1-1-1.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-service-management-l1-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-service-management-l2-1-0.dll 46
C:\Windows\SysWOW64\downlevel\api-ms-win-service-private-l1-1-0.dll 41
C:\Windows\SysWOW64\downlevel\api-ms-win-service-private-l1-1-1.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-service-winsvc-l1-1-0.dll 43
C:\Windows\SysWOW64\downlevel\api-ms-win-shcore-stream-l1-1-0.dll 47
C:\Windows\SysWOW64\dsrole.dll 29
C:\Windows\SysWOW64\fltLib.dll 29
C:\Windows\SysWOW64\IME\IMETC\IMTCTRLN.DLL 32
C:\Windows\SysWOW64\IME\SHARED\imecfmps.dll 33
C:\Windows\SysWOW64\IME\SHARED\IMEDICAPICCPS.DLL 32
C:\Windows\SysWOW64\IME\SHARED\IMESEARCHPS.DLL 38
C:\Windows\SysWOW64\ksuser.dll 36
C:\Windows\SysWOW64\LocationFrameworkPS.dll 35
C:\Windows\SysWOW64\pcwum.dll 36
C:\Windows\SysWOW64\psapi.dll 36
C:\Windows\SysWOW64\sfc.dll 46
C:\Windows\SysWOW64\smphost.dll 24
C:\Windows\SysWOW64\ttdloader.dll 54
C:\Windows\SysWOW64\uxlibres.dll 46
C:\Windows\SysWOW64\wbem\Microsoft.AppV.AppVClientWmi.dll 29
C:\Windows\SysWOW64\winnsi.dll 35
C:\Windows\SysWOW64\wshhyperv.dll 32
C:\Windows\SysWOW64\wshunix.dll 35

Possible Misuse

The following table contains possible examples of ttdloader.dll being misused. While ttdloader.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_tttracer_mod_load.yml - '\ttdloader.dll' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.