¿Para qué sirve la dll NtlmShared.dll?
NTLM Shared FunctionalityDependencias de la dll NtlmShared.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\NtlmShared.dll
File Type: DLL
Image has the following dependencies:
api-ms-win-core-crt-l1-1-0.dll
api-ms-win-core-crt-l2-1-0.dll
ntdll.dll
bcrypt.dll
api-ms-win-core-libraryloader-l1-2-0.dll
api-ms-win-core-synch-l1-1-0.dll
api-ms-win-core-heap-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-threadpool-l1-2-0.dll
api-ms-win-core-processthreads-l1-1-0.dll
api-ms-win-core-localization-l1-2-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-util-l1-1-0.dll
api-ms-win-core-profile-l1-1-0.dll
api-ms-win-core-sysinfo-l1-1-0.dll
cryptdll.dll
api-ms-win-core-heap-l2-1-0.dll
api-ms-win-core-delayload-l1-1-1.dll
api-ms-win-core-delayload-l1-1-0.dll
Image has the following delay load dependencies:
CRYPTBASE.dll
CRYPTSP.dll
Summary
1000 .data
1000 .didat
1000 .pdata
3000 .rdata
1000 .reloc
1000 .rsrc
A000 .text
Funciones que tiene la dll NtlmShared.dll
1 0 00002730 MsvpCachePasswordsToCredential
2 1 000016B0 MsvpCalculateNtlm2Challenge
3 2 000017C0 MsvpCalculateNtlm2SessionKeys
4 3 000018C0 MsvpCalculateNtlm3Owf
5 4 00002640 MsvpCompareCredentials
6 5 00002080 MsvpComputeSaltedHashedPassword
7 6 000026F0 MsvpCredentialToCachePasswords
8 7 00002790 MsvpDecryptDpapiMasterKey
9 8 000023E0 MsvpDeriveSecureCredKey
10 9 000082E0 MsvpGMSACred
11 A 00001E60 MsvpLm20GetNtlm3ChallengeResponse
12 B 00001A00 MsvpLm3Response
13 C 00008B00 MsvpLm3ValidateResponse
14 D 00002200 MsvpMakeSecretPasswordNT5
15 E 00001C30 MsvpNtlm3Response
16 F 00008BD0 MsvpNtlm3ValidateResponse
17 10 00008E00 MsvpPasswordValidate
18 11 000022A0 MsvpPutClearOwfsInPrimaryCredential
19 12 000086B0 MsvpUpdateSharedConfiguration
20 13 00009450 MsvpValidateSupplementalCreds
21 14 00009470 MsvpValidateSupplementalCredsBuffer
22 15 00008720 NtLmAlterRtlEqualUnicodeString
23 16 00008630 NtlmSharedAllocate
24 17 00008670 NtlmSharedAllocatePrivateHeap
25 18 000085B0 NtlmSharedCleanup
26 19 00008650 NtlmSharedFree
27 1A 00008690 NtlmSharedFreePrivateHeap
28 1B 000082F0 NtlmSharedInit
Información avanzada sobre funciones que tiene la dll NtlmShared.dll
Microsoft (R) COFF/PE Dumper Version 14.16.27034.0
Copyright (C) Microsoft Corporation. All rights reserved.
Dump of file C:\Windows\System32\NtlmShared.dll
File Type: DLL
Section contains the following exports for NtlmShared.dll
00000000 characteristics
746DA3D4 time date stamp
0.00 version
1 ordinal base
28 number of functions
28 number of names
ordinal hint RVA name
1 0 00002730 MsvpCachePasswordsToCredential
2 1 000016B0 MsvpCalculateNtlm2Challenge
3 2 000017C0 MsvpCalculateNtlm2SessionKeys
4 3 000018C0 MsvpCalculateNtlm3Owf
5 4 00002640 MsvpCompareCredentials
6 5 00002080 MsvpComputeSaltedHashedPassword
7 6 000026F0 MsvpCredentialToCachePasswords
8 7 00002790 MsvpDecryptDpapiMasterKey
9 8 000023E0 MsvpDeriveSecureCredKey
10 9 000082E0 MsvpGMSACred
11 A 00001E60 MsvpLm20GetNtlm3ChallengeResponse
12 B 00001A00 MsvpLm3Response
13 C 00008B00 MsvpLm3ValidateResponse
14 D 00002200 MsvpMakeSecretPasswordNT5
15 E 00001C30 MsvpNtlm3Response
16 F 00008BD0 MsvpNtlm3ValidateResponse
17 10 00008E00 MsvpPasswordValidate
18 11 000022A0 MsvpPutClearOwfsInPrimaryCredential
19 12 000086B0 MsvpUpdateSharedConfiguration
20 13 00009450 MsvpValidateSupplementalCreds
21 14 00009470 MsvpValidateSupplementalCredsBuffer
22 15 00008720 NtLmAlterRtlEqualUnicodeString
23 16 00008630 NtlmSharedAllocate
24 17 00008670 NtlmSharedAllocatePrivateHeap
25 18 000085B0 NtlmSharedCleanup
26 19 00008650 NtlmSharedFree
27 1A 00008690 NtlmSharedFreePrivateHeap
28 1B 000082F0 NtlmSharedInit
Summary
1000 .data
1000 .didat
1000 .pdata
3000 .rdata
1000 .reloc
1000 .rsrc
A000 .text
Integridad de la dll NtlmShared.dll
Algorithm Hash Path
--------- ---- ----
SHA256 62DE61059EF368F60F71C5C36101C1C8F035ECED8EA3F987DB1752AFC1FFC8C4 C:\Windows\System32\NtlmShared.dll
Detalles sobre el fichero dll NtlmShared.dll
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\NtlmShared.dll
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32
PSChildName : NtlmShared.dll
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\NtlmShared.dll
InternalName: NtlmShared.dll
OriginalFilename: NtlmShared.dll
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
FileDescription: NTLM Shared Functionality
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Inglés (Estados Unidos)
BaseName : NtlmShared
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-security-ntlmshared_31bf3856ad364e35_10.0.19041.1_none_734900fc110387
b6\NtlmShared.dll}
LinkType : HardLink
Name : NtlmShared.dll
Length : 68912
DirectoryName : C:\Windows\System32
Directory : C:\Windows\System32
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\NtlmShared.dll
Extension : .dll
CreationTime : 07/12/2019 10:08:49
CreationTimeUtc : 07/12/2019 9:08:49
LastAccessTime : 03/12/2020 13:51:04
LastAccessTimeUtc : 03/12/2020 12:51:04
LastWriteTime : 07/12/2019 10:08:49
LastWriteTimeUtc : 07/12/2019 9:08:49
Attributes : Archive
Procesos que utilizan la dll NtlmShared.dll
svchost