cdp.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
cdp.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
cdp.dll
-
Size
4.2MB
-
MD5
5ceb2e4279e3e648dcf191ebaadc24e6
-
SHA1
13d4ec7554297ef3985d865a6fa123cfb1fbb6d2
-
SHA256
083d5b488efafd6fdf31ab1f647d86b2c6af0ec82cc47e73f1ff513b60c82dde
-
SHA512
3d12a9ccea4e1ccea51e8510c96791fd3a77586ed0f3a99feee93b261d5a0a1151a4f73dff604dc40f745c612d387727a07381f06cb81ad4133995a5f69b81da
-
SSDEEP
98304:bJZXsICdiEcGE3i3tgBvsyNiImRB3irK5D:bcICbc1egBvsTB3irw
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cdp.dll
Files
-
cdp.dll.dll regsvr32 windows:10 windows x86 arch:x86
7208c354aeea94283e7343467de272c8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__localtime32_s
_o__mkgmtime32
_o__mktime32
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__stricmp
_o__strnicmp
_o__strtoui64
_o__wcsicmp
_o_atoi
memmove
_o_ceil
_o_free
_o_iswspace
_o_malloc
_o_modf
_o_rand
_o_realloc
_o_strcpy_s
_o_strftime
_o_strncpy_s
_o_strtol
_o_strtoul
_o_terminate
_o_tolower
_o_toupper
_o_wcstoul
_o__gmtime32_s
_except_handler4_common
_o__get_errno
strstr
_o__execute_onexit_table
_o__errno
_o__dtest
_o__difftime32
_o__crt_atexit
_o__configure_narrow_argv
_o__CIpow
_o__cexit
__CxxFrameHandler3
__std_terminate
__std_type_info_compare
strchr
wcschr
_CxxThrowException
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsscanf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
memchr
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
memset
strncmp
strpbrk
wcsncmp
combase
CStdStubBuffer_AddRef
ord4
ord12
ord6
ord14
ord17
ord2
ord16
CStdStubBuffer_DebugServerQueryInterface
ord10
ord13
ord11
ord9
CStdStubBuffer_Invoke
ord154
ord24
ord23
CStdStubBuffer_QueryInterface
CStdStubBuffer2_Connect
CStdStubBuffer_DebugServerRelease
ord7
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
ord3
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
ord32
ord20
CStdStubBuffer2_CountRefs
ord21
ord26
ord25
ord27
ord19
ord22
CStdStubBuffer2_Disconnect
ord5
ord34
ord33
ord18
CStdStubBuffer_CountRefs
CStdStubBuffer2_QueryInterface
ord8
ord15
rpcrt4
NdrClientCall4
IUnknown_QueryInterface_Proxy
NdrStubCall2
NdrStubForwardingFunction
RpcServerInqCallAttributesW
UuidFromStringW
NdrOleAllocate
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleFree
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
GetModuleHandleA
GetProcAddress
DisableThreadLibraryCalls
FindStringOrdinal
GetModuleHandleExW
FreeLibrary
FindResourceExW
GetModuleFileNameA
LockResource
LoadResource
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
SetThreadToken
TerminateProcess
OpenProcessToken
OpenThreadToken
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetVersionExW
GetLocalTime
GetSystemTime
GetComputerNameExW
GetSystemTimeAsFileTime
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
DebugBreak
IsDebuggerPresent
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
SetLastError
GetLastError
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
shcore
ord190
SHCreateMemStream
IStream_Write
IStream_Reset
IStream_WriteStr
IStream_Read
IStream_Size
IStream_ReadStr
msvcp_win
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
_Thrd_sleep
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?setf@ios_base@std@@QAEHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setf@ios_base@std@@QAEHHH@Z
?_Xinvalid_argument@std@@YAXPBD@Z
_Thrd_detach
_Cnd_wait
_Cnd_do_broadcast_at_thread_exit
_Cnd_broadcast
_Thrd_hardware_concurrency
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?id@?$collate@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??0_Locinfo@std@@QAE@PBD@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??1_Lockit@std@@QAE@XZ
??1_Locinfo@std@@QAE@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
_Thrd_id
_Strcoll
_Strxfrm
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
_Unlock_shared_ptr_spin_lock
_Lock_shared_ptr_spin_lock
_Thrd_join
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Syserror_map@std@@YAPBDH@Z
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
_Mtx_unlock
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG0@Z
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE_JPBG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
_Mtx_trylock
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Random_device@std@@YAIXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
_Mtx_init_in_situ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
_Mtx_destroy_in_situ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Xlength_error@std@@YAXPBD@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??7ios_base@std@@QBE_NXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z
?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
_Cnd_signal
_Query_perf_counter
_Query_perf_frequency
_Cnd_timedwait
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_current_owns
_Cnd_register_at_thread_exit
?__ExceptionPtrToBool@@YA_NPBX@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Cnd_unregister_at_thread_exit
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?good@ios_base@std@@QBE_NXZ
?uncaught_exception@std@@YA_NXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Xtime_get_ticks
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEHXZ
_Thrd_yield
?_Xbad_function_call@std@@YAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
api-ms-win-crt-time-l1-1-0
clock
_time32
umpdc
Pdcv2ActivationClientRegister
Pdcv2ActivationClientActivate
Pdcv2ActivationClientUnregister
Pdcv2ActivationClientDeactivate
ntdll
RtlPublishWnfStateData
NtOpenSemaphore
RtlFreeUnicodeString
RtlGetTokenNamedObjectPath
NtCreateSemaphore
RtlInitUnicodeString
RtlSidDominates
RtlGetDeviceFamilyInfoEnum
RtlIsMultiUsersInSessionSku
NtOpenMutant
RtlNtStatusToDosError
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlSubscribeWnfStateChangeNotification
NtCreateWnfStateName
NtDeleteWnfStateName
api-ms-win-core-winrt-string-l1-1-0
HSTRING_UserFree
HSTRING_UserMarshal
HSTRING_UserSize
WindowsCreateString
WindowsCreateStringReference
HSTRING_UserUnmarshal
WindowsDeleteString
WindowsGetStringRawBuffer
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
api-ms-win-core-winrt-error-l1-1-1
RoGetMatchingRestrictedErrorInfo
api-ms-win-core-localization-l1-2-0
GetLocaleInfoEx
FormatMessageW
GetSystemPreferredUILanguages
api-ms-win-core-com-l1-1-0
CoImpersonateClient
CLSIDFromString
CoCreateInstance
PropVariantClear
StringFromCLSID
CoRevertToSelf
CoTaskMemFree
CoWaitForMultipleHandles
CoCreateFreeThreadedMarshaler
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemRealloc
CoSwitchCallContext
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-winrt-error-l1-1-0
RoOriginateError
SetRestrictedErrorInfo
api-ms-win-core-synch-l1-1-0
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
WaitForSingleObject
ReleaseMutex
CreateSemaphoreExW
CreateEventExW
SetEvent
CreateEventW
OpenSemaphoreW
ReleaseSRWLockShared
InitializeCriticalSection
CreateMutexExW
AcquireSRWLockShared
ReleaseSemaphore
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
CreateMutexW
OpenMutexW
ReleaseSRWLockExclusive
ResetEvent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitializeSRWLock
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-threadpool-l1-2-0
SetThreadpoolThreadMaximum
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
SubmitThreadpoolWork
CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
SetThreadpoolThreadMinimum
CreateThreadpool
CloseThreadpool
WaitForThreadpoolWorkCallbacks
CreateThreadpoolWait
SetThreadpoolTimer
CloseThreadpoolWork
FreeLibraryWhenCallbackReturns
CloseThreadpoolTimer
api-ms-win-core-winrt-l1-1-0
RoActivateInstance
RoInitialize
RoUninitialize
RoGetActivationFactory
api-ms-win-core-registry-l1-1-0
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegGetValueW
RegSetValueExW
RegCreateKeyExA
RegCreateKeyExW
RegGetValueA
RegNotifyChangeKeyValue
RegCloseKey
api-ms-win-core-synch-l1-2-0
InitOnceBeginInitialize
Sleep
InitOnceComplete
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventRegister
EventWriteTransfer
EventProviderEnabled
EventUnregister
api-ms-win-appmodel-runtime-l1-1-0
GetCurrentPackageInfo
api-ms-win-appmodel-runtime-l1-1-1
GetApplicationUserModelIdFromToken
GetPackageFamilyNameFromToken
api-ms-win-core-sysinfo-l2-1-0
GetUserNameW
api-ms-win-security-base-l1-1-0
CreateWellKnownSid
CopySid
GetLengthSid
ImpersonateLoggedOnUser
RevertToSelf
GetTokenInformation
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-file-l1-1-0
FindNextFileW
DeleteFileW
ReadFile
RemoveDirectoryW
CreateDirectoryW
CreateFileW
FindFirstFileW
GetFullPathNameW
SetFilePointerEx
WriteFile
SetFilePointer
SetEndOfFile
GetFileAttributesW
GetFileSizeEx
CreateDirectoryA
FlushFileBuffers
FindClose
api-ms-win-core-file-l1-2-0
CreateFile2
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-core-file-l2-1-0
GetFileInformationByHandleEx
MoveFileExW
api-ms-win-core-path-l1-1-0
PathAllocCombine
PathCchSkipRoot
api-ms-win-core-com-l1-1-1
RoGetAgileReference
crypt32
CertOpenStore
CertCreateCertificateContext
CryptProtectData
CryptUnprotectData
CertGetCertificateContextProperty
CertGetNameStringW
CertDeleteCertificateFromStore
CertCreateSelfSignCertificate
CertFreeCertificateContext
CertAddCertificateContextToStore
CertSaveStore
CertDuplicateCertificateContext
CertCloseStore
CertFindCertificateInStore
CertStrToNameW
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
api-ms-win-core-io-l1-1-0
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CancelIoEx
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-devices-query-l1-1-0
DevCloseObjectQuery
DevCreateObjectQuery
propsys
PSPropertyBag_WriteStr
PSCreateMemoryPropertyStore
PSPropertyBag_WriteUnknown
api-ms-win-core-heap-obsolete-l1-1-0
LocalSize
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
kernelbase
BaseFormatObjectAttributes
dsreg
DsrGetJoinInfo
DsrFreeJoinInfo
api-ms-win-security-capability-l1-1-0
CapabilityCheck
RpcClientCapabilityCheck
Exports
Exports
CDPAccountFromWebAccount
CDPAcquireNetworkingInternal
CDPCreateAFSRegistrationClientInternal
CDPCreateAFSUserSettingsInternal
CDPCreateAccountInternalForUser
CDPCreateAccountInternalWithStableUserId
CDPCreateAccountProviderInternal
CDPCreateActivity
CDPCreateActivityAsset
CDPCreateActivityInternal
CDPCreateActivityStoreInfoInternal
CDPCreateActivityStoreInfoWatcher
CDPCreateActivityStoreInfoWatcherForUser
CDPCreateActivityStoreInfoWatcherInternal
CDPCreateActivityStoreReader
CDPCreateActivityStoreReaderForUser
CDPCreateActivityStoreReaderInternal
CDPCreateAllDevicesQuery
CDPCreateAllDevicesQueryForUser
CDPCreateAnonymousAccount
CDPCreateAnonymousAccountInternal
CDPCreateAppControlClient
CDPCreateAppControlClientInternal
CDPCreateAppId
CDPCreateAppRegistrationManager
CDPCreateAppRegistrationManagerForUser
CDPCreateAppRegistrationManagerInternal
CDPCreateAzureActiveDirectoryAccount
CDPCreateBeaconControl
CDPCreateBeaconControlInternal
CDPCreateBinaryClient
CDPCreateBinaryClientInternal
CDPCreateBinaryHost
CDPCreateBinaryHostInternal
CDPCreateBinaryHostWithSettings
CDPCreateCallbackNotifierInternal
CDPCreateCloudNotification
CDPCreateComObjectInternal
CDPCreateCrossPlatformAppId
CDPCreateCrossPlatformAppIdFromAppId
CDPCreateCurrentCrossPlatformAppId
CDPCreateDedupedDevice
CDPCreateDedupedDeviceQuery
CDPCreateDedupedDeviceQueryForUser
CDPCreateDedupedDeviceQueryInternal
CDPCreateDedupedDeviceQueryParameters
CDPCreateDeviceInternal
CDPCreateDeviceQuery
CDPCreateDeviceQueryForSessionInternal
CDPCreateDeviceQueryForUser
CDPCreateDeviceQueryInternal
CDPCreateDeviceQueryWithIdentity
CDPCreateDirectNotificationHost
CDPCreateEmptyAccountSettings
CDPCreateEnvironmentManagerInternal
CDPCreateHttpRequestInternal
CDPCreateMessagingHost
CDPCreateMessagingHostInternal
CDPCreateMicrosoftAccount
CDPCreateOrGetDdsRegistrationUserObjectInternal
CDPCreatePlatformSettingsInternal
CDPCreateRemoteUserInternal
CDPCreateResource
CDPCreateResourceCollection
CDPCreateSettingsInteropInternal
CDPCreateTask
CDPCreateTaskInternal
CDPCreateTelemetryTask
CDPCreateTelemetryTaskInternal
CDPCreateTestActivityAsset
CDPCreateUserInternal
CDPCreateUserNotificationClientInternal
CDPCreateUserServiceNotificationClient
CDPCreateUserServiceNotificationClientForUser
CDPCreateUuid
CDPFixAccounts
CDPGetAFCInitializer
CDPGetAccountProviderInternal
CDPGetAccountsNeedAttention
CDPGetAccountsSettings
CDPGetActivityStore
CDPGetActivityStoreForAccount
CDPGetActivityStoreForAccountInternal
CDPGetActivityStoreForStoreInfo
CDPGetActivityStoreForStoreInfoAndUser
CDPGetActivityStoreForStoreInfoInternal
CDPGetActivityStoreForUser
CDPGetActivityStoreInternal
CDPGetCloudNotificationProviderInternal
CDPGetCoreInitializer
CDPGetDeviceCache
CDPGetDeviceCacheInternal
CDPGetHost
CDPGetLogger
CDPGetNearShareAuthorizationPolicyOfInteractiveUser
CDPGetRelayInitializer
CDPGetResourceHandler
CDPGetResourceManager
CDPGetSDKAuthorizationPolicyOfInteractiveUser
CDPGetSGSocket
CDPGetSystemAppId
CDPGetUserActivitySettings
CDPGetUserActivitySettingsForUser
CDPGetUserActivitySettingsInternal
CDPGetUserCollectionInternal
CDPInitialize
CDPInitializeForService
CDPInitializeSGPowerOnPacket
CDPInitializeUserService
CDPInitializeUserServicePhase2
CDPIsEnabled
CDPPreShutdown
CDPRegisterActivityConflictResolverInternal
CDPReleaseNetworkingInternal
CDPResume
CDPSetAccountProviderInternal
CDPSetAppControlHostCallback
CDPSetExtendedLocalDeviceStatus
CDPSetResourceConfigProvider
CDPSetServicePid
CDPShutdown
CDPShutdownBluetooth
CDPStartCCSPolling
CDPStopCCSPolling
CDPSuspend
CDPUninitializeUserService
CDPWriteAccountSettings
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo
Sections
.text Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 644B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 216KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ