ztrace_maps.dll

File Path: C:\Windows\SysWOW64\ztrace_maps.dll
Description: ZTrace Event Resources

Hashes

Type	Hash
MD5	`7F738E8066AA78DD2BE2E732C7F2BC47`
SHA1	`03BAEDBF262DED7D8F42510A18D0379D82ABE9D0`
SHA256	`86FC1C8A7645F08776E39D50FA4990FE12EEB78C339BF7E1E0C11BC88774AD5D`
SHA384	`C368A29F4152422D252F0585FB1CC406CA4FBD53694DFC857ABFCC40E713DBCF0BA1B7D1894FACBE935FBBB821A5122A`
SHA512	`6F983A1652F215AC700C45AD183BAFD8DB8E8F90550651CE606F2A0AA7409F79F5FC490B36ABFDB60DC6B482B33FB53AB06958FD12A5BA8229E1C07D63593253`
SSDEEP	`384:a89ZRLW8kDIZl7gSA8BzRvwJ2jiN0hKoDKippWzqWfpf2T1MTe8CxFj:a89ZkDILgSfV4bN0M2pKTm1+e8CL`
IMP	`0A13985DE0735C67A542CF6CD0292BF0`
PESHA1	`FC62A6AB19AF6BDA0CEA948BC9E9A10503752627`
PE256	`483A1929874C8A490A1260BF0CAAE012609607F434E31B60C2AEC551A93BCAB7`

DLL Exports:

Function Name	Ordinal	Type
`ZTraceReportOriginationNoThis`	13	Exported Function
`ZTraceReportPropagation`	14	Exported Function
`ZTraceReportOrigination`	11	Exported Function
`ZTraceReportOriginationC`	12	Exported Function
`ZTraceReportPropagationC`	15	Exported Function
`ZTraceTestForceClose`	18	Exported Function
`ZTraceTestInit`	19	Exported Function
`ZTraceReportPropagationNoThis`	16	Exported Function
`ZTraceTestCopyTrace`	17	Exported Function
`ZTraceReportIgnoreNoThis`	10	Exported Function
`ZTraceHelper`	3	Exported Function
`ZTraceHelperNoThis`	4	Exported Function
`ZTraceClose`	1	Exported Function
`ZTraceEnabledHelper`	2	Exported Function
`ZTraceHelperV`	5	Exported Function
`ZTraceReportIgnore`	8	Exported Function
`ZTraceReportIgnoreC`	9	Exported Function
`ZTraceHelperVC`	6	Exported Function
`ZTraceInit`	7	Exported Function

Signature

Status: Signature verified.
Serial: 3300000266BD1580EFA75CD6D3000000000266
Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

Original Filename: ztrace_maps.dll
Product Name: Microsoft Windows Operating System
Company Name: Microsoft Corporation
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Language: English (United States)
Legal Copyright: Microsoft Corporation. All rights reserved.
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/71
VirusTotal Link: https://www.virustotal.com/gui/file/86fc1c8a7645f08776e39d50fa4990fe12eeb78c339bf7e1e0c11bc88774ad5d/detection/

File Similarity (ssdeep match)

File	Score
C:\Windows\system32\ztrace_maps.dll	38

MIT License. Copyright (c) 2020-2021 Strontic.