ztrace_maps.dll
- File Path:
C:\Windows\system32\ztrace_maps.dll
- Description: ZTrace Event Resources
Hashes
| Type |
Hash |
| MD5 |
355912A706861F396D126B797ABDDA5F |
| SHA1 |
15806D9C1B83FE112B009A1066561EE1681EC730 |
| SHA256 |
A3ED1B1C9D0D669B7D5B760D30EF9260FFDF1D26F1DBBCF7A91ADF6C1A4E363C |
| SHA384 |
F24F956CB4E8EEF4884CC4E499A77C06BCAA70B0FD93DDCF57172D0936EFB147463D833700AD6B5B33E80A46AAAD6310 |
| SHA512 |
61CE44B85E2BF8716CF4253E22DA9326109519F6DED52C75CCC29AD2BE3098DB384A6BA30F9963531214A2A25B8614712F448056814B5BEC4763BFA0FD158A06 |
| SSDEEP |
768:8scyJL+0ckjC19hVwnzipPnyd0Tm1+e8C:o4L+ujCxqnzipPnW0fC |
| IMP |
F4CE4A99F4AA4A7CA7FE6C5ACBC36E55 |
| PESHA1 |
DB04786BBE3DBEB06A8DEA2B3911C746CEC7AF7A |
| PE256 |
4BA2FAE30B3B78D11EBD5C01AE9B5CC6F736E3237C492D298486DC25F53F611F |
DLL Exports:
| Function Name |
Ordinal |
Type |
ZTraceReportOriginationNoThis |
13 |
Exported Function |
ZTraceReportPropagation |
14 |
Exported Function |
ZTraceReportOrigination |
11 |
Exported Function |
ZTraceReportOriginationC |
12 |
Exported Function |
ZTraceReportPropagationC |
15 |
Exported Function |
ZTraceTestForceClose |
18 |
Exported Function |
ZTraceTestInit |
19 |
Exported Function |
ZTraceReportPropagationNoThis |
16 |
Exported Function |
ZTraceTestCopyTrace |
17 |
Exported Function |
ZTraceReportIgnoreNoThis |
10 |
Exported Function |
ZTraceHelper |
3 |
Exported Function |
ZTraceHelperNoThis |
4 |
Exported Function |
ZTraceClose |
1 |
Exported Function |
ZTraceEnabledHelper |
2 |
Exported Function |
ZTraceHelperV |
5 |
Exported Function |
ZTraceReportIgnore |
8 |
Exported Function |
ZTraceReportIgnoreC |
9 |
Exported Function |
ZTraceHelperVC |
6 |
Exported Function |
ZTraceInit |
7 |
Exported Function |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: ztrace_maps.dll
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.1 (WinBuild.160101.0800)
- Product Version: 10.0.19041.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/71
- VirusTotal Link: https://www.virustotal.com/gui/file/a3ed1b1c9d0d669b7d5b760d30ef9260ffdf1d26f1dbbcf7a91adf6c1a4e363c/detection/
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.