VideoHandlers.pdb
Static task
static1
1 signatures
General
-
Target
x64_x32_installer__v3.1.2.zip
-
Size
33.7MB
-
MD5
ae8760438eeca38471bedd2ffa4d0357
-
SHA1
eed01692a1c66172fbb500e35316372f4c5c936a
-
SHA256
1bf22a113f4564200456a7f38b49950857398f0a80159a94ec7b998b24952e7b
-
SHA512
414c95bb193c1ca362d4774410e45f6e9d9b824141563a207b52557e97cfaae002adfff80e2fd6664cb5e2436a052d35fce86ce3f8922aa7f95f7bb307adf3b0
-
SSDEEP
786432:jmojwbAyYd5T2Px/i41R5oJMoJucE8VZIWRgstPrR1yZ+JO1g1z:jmojwXB5OTEeiyDHb6g5
Score
3/10
Malware Config
Signatures
-
Unsigned PE 18 IoCs
Checks for missing Authenticode signature.
resource unpack001/WmpDui/VideoHandlers.dll unpack001/WmpDui/WmpDui.dll unpack001/WmpDui/vmdevicehost.dll unpack001/WmpDui/wmploc.DLL unpack001/clusapi/clusapi.dll unpack001/clusapi/fdprint.dll unpack001/clusapi/pmcsnap.dll unpack001/clusapi/pnrpnsp.dll unpack001/mbussdapi/McpManagementProxy.dll unpack001/mbussdapi/mbussdapi.dll unpack001/mbussdapi/netprovfw.dll unpack001/mbussdapi/rdpcore.dll unpack001/mbussdapi/srmclient.dll unpack001/rasman/EnterpriseAppMgmtSvc.dll unpack001/rasman/authfwcfg.dll unpack001/rasman/avifil32.dll unpack001/rasman/energy.dll unpack001/rasman/rasman.dll
Files
-
x64_x32_installer__v3.1.2.zip.zip
Password: 1234
-
WmpDui/VideoHandlers.dll.dll windows:10 windows x64 arch:x64
Password: 1234
d8665a89cb65b8d90996d9f921641fab
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o_bsearch_s
_o_free
_o_malloc
_o_qsort
_o_realloc
_o_strncpy_s
_o_terminate
__C_specific_handler
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o__crt_atexit
_o___std_exception_copy
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__execute_onexit_table
_o__errno
_o___stdio_common_vswprintf
__std_terminate
_CxxThrowException
__CxxFrameHandler4
_o___stdio_common_vsnprintf_s
__CxxFrameHandler3
memcpy
api-ms-win-crt-string-l1-1-0
memset
strnlen
wcsnlen
wcsncmp
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetProcAddress
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameA
api-ms-win-core-synch-l1-1-0
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObject
InitializeCriticalSectionEx
CreateSemaphoreExW
ReleaseMutex
SetEvent
ResetEvent
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
ReleaseSRWLockShared
DeleteCriticalSection
InitializeCriticalSection
ReleaseSemaphore
CreateEventW
CreateEventExW
CreateMutexExW
InitializeSRWLock
OpenSemaphoreW
WaitForSingleObjectEx
api-ms-win-core-heap-l1-1-0
HeapFree
GetProcessHeap
HeapAlloc
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetLastError
RaiseException
GetLastError
SetUnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TlsSetValue
TlsGetValue
CreateThread
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventUnregister
EventWriteTransfer
EventRegister
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateString
WindowsCompareStringOrdinal
WindowsCreateStringReference
WindowsDeleteString
WindowsConcatString
WindowsGetStringRawBuffer
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
api-ms-win-core-com-l1-1-0
CoInitializeEx
CoTaskMemFree
CoGetMalloc
CoTaskMemRealloc
CoDecrementMTAUsage
CoWaitForMultipleHandles
CoIncrementMTAUsage
CoUninitialize
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoCreateInstance
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-shcore-registry-l1-1-0
SHGetValueW
SHSetValueW
api-ms-win-core-winrt-l1-1-0
RoInitialize
RoActivateInstance
RoGetActivationFactory
RoUninitialize
api-ms-win-shcore-thread-l1-1-0
SHCreateThread
api-ms-win-core-winrt-error-l1-1-1
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
IsErrorPropagationEnabled
api-ms-win-core-winrt-error-l1-1-0
RoOriginateError
RoTransformError
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegSetKeySecurity
RegGetValueW
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceBeginInitialize
api-ms-win-shcore-scaling-l1-1-1
ord244
ntdll
RtlUnsubscribeWnfStateChangeNotification
NtPowerInformation
RtlSubscribeWnfStateChangeNotification
api-ms-win-power-setting-l1-1-0
PowerReadDCValue
PowerWriteDCValueIndex
PowerSetActiveScheme
PowerGetActiveScheme
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-featurestaging-l1-1-0
GetFeatureEnabledState
UnsubscribeFeatureStateChangeNotification
RecordFeatureUsage
SubscribeFeatureStateChangeNotification
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolTimer
api-ms-win-storage-exports-internal-l1-1-0
SHGetKnownFolderIDList
api-ms-win-rtcore-ntuser-window-l1-1-0
TranslateMessage
SendMessageW
UnregisterClassW
DestroyWindow
GetMessageW
GetWindowRect
AllowSetForegroundWindow
PostQuitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
DispatchMessageW
d3d11
D3D11CreateDevice
api-ms-win-ntuser-sysparams-l1-1-0
QueryDisplayConfig
GetDisplayConfigBufferSizes
EnumDisplayDevicesW
DisplayConfigGetDeviceInfo
api-ms-win-ntuser-rectangle-l1-1-0
PtInRect
IntersectRect
msvcp_win
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
GetSetting
NotifyVideoHandler
Sections
.text Size: 141KB - Virtual size: 141KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 136B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WmpDui/WMVSDECD.DLL.dll regsvr32 windows:10 windows x64 arch:x64
Password: 1234
5df7e5d90b454fbbf0c0a1171fe68de8
Code Sign
33:00:00:02:32:41:fb:59:99:6d:cc:4d:ff:00:00:00:00:02:32Certificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02/05/2019, 21:24Not After02/05/2020, 21:24SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
d0:73:91:3e:b5:51:0e:96:be:8a:38:7f:89:bd:7e:17:18:af:cc:28:0a:ce:b7:8f:ad:9c:99:3a:31:bf:06:78Signer
Actual PE Digestd0:73:91:3e:b5:51:0e:96:be:8a:38:7f:89:bd:7e:17:18:af:cc:28:0a:ce:b7:8f:ad:9c:99:3a:31:bf:06:78Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
WMVSDECD.pdb
Imports
msvcrt
abort
printf
_beginthreadex
_lock
__C_specific_handler
_initterm
_unlock
_amsg_exit
__dllonexit
_XcptFilter
free
_callnewh
_onexit
_purecall
malloc
_vsnwprintf
sprintf_s
strcat_s
memcpy
puts
memcmp
memset
mfplat
MFTRegister
MFTUnregister
api-ms-win-core-synch-l1-1-0
SetEvent
ReleaseSRWLockExclusive
ReleaseSemaphore
CreateEventW
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
LoadLibraryExW
LoadLibraryExA
FreeLibrary
GetProcAddress
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegSetValueExA
RegDeleteTreeW
RegQueryValueExW
RegOpenKeyExW
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventRegister
EventWriteTransfer
api-ms-win-core-registry-l2-1-0
RegSetValueA
RegOpenKeyW
RegCreateKeyW
api-ms-win-core-synch-l1-2-0
SignalObjectAndWait
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
GetExitCodeThread
GetCurrentProcess
SetThreadPriority
TerminateProcess
GetThreadPriority
GetCurrentProcessId
GetCurrentThreadId
CreateThread
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
GetVersion
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetLastError
ws2_32
ntohl
htonl
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
CreateSemaphoreW
api-ms-win-core-kernel32-legacy-l1-1-0
GetSystemPowerStatus
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-heap-l2-1-0
LocalFree
msdmo
DMOUnregister
MoInitMediaType
DMORegister
MoCopyMediaType
MoFreeMediaType
api-ms-win-ntuser-rectangle-l1-1-0
IsRectEmpty
api-ms-win-core-memory-l1-1-0
VirtualQuery
VirtualProtect
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
api-ms-win-core-processtopology-obsolete-l1-1-0
GetProcessAffinityMask
SetThreadAffinityMask
Exports
Exports
CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 261KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.no_bbt Size: 1024B - Virtual size: 633B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 964B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WmpDui/WmpDui.dll.dll windows:10 windows x64 arch:x64
Password: 1234
aa89fff9644c3a9f5ba2213a06bd55d7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
WMPDUI.pdb
Imports
msvcrt
ceil
cosf
floor
log10f
memcpy
memmove
memset
pow
_resetstkoflw
_wcsicmp
_beginthreadex
_purecall
_onexit
__dllonexit
_unlock
_lock
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_XcptFilter
qsort
_wcsnicmp
sinf
ntdll
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
kernel32
TlsSetValue
GetModuleFileNameA
LoadLibraryA
WaitForMultipleObjectsEx
GetExitCodeThread
ResetEvent
InitializeCriticalSection
GetSystemInfo
TlsFree
FlushInstructionCache
DecodePointer
EncodePointer
LoadLibraryExA
VirtualAlloc
VirtualFree
DelayLoadFailureHook
ResolveDelayLoadedAPI
MulDiv
GetVersionExA
GetProcAddress
GetModuleHandleW
DisableThreadLibraryCalls
TlsGetValue
SetLastError
GetLastError
FreeLibrary
QueryPerformanceFrequency
TlsAlloc
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
FindAtomW
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetAtomNameW
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
SetEvent
CloseHandle
CreateEventA
WaitForSingleObject
InitializeSListHead
InterlockedPushEntrySList
QueryDepthSList
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedPopEntrySList
InterlockedFlushSList
DeleteAtom
AddAtomW
user32
PostThreadMessageA
DrawTextW
WindowFromDC
TranslateMessage
GetKeyboardState
GetParent
EndPaint
BeginPaint
GetPointerType
PostMessageA
GetMessagePos
GetCursorInfo
TrackMouseEvent
SetCapture
InvalidateRect
GetDC
GetWindowLongPtrW
CallWindowProcA
SetWindowLongPtrA
GetWindowDC
ReleaseCapture
ChildWindowFromPointEx
GetCapture
ScreenToClient
GetCursorPos
SetFocus
GetFocus
GetWindowRect
ReleaseDC
GetDoubleClickTime
PtInRect
GetKeyState
GetSystemMetrics
OffsetRect
UnionRect
IsRectEmpty
IntersectRect
MsgWaitForMultipleObjectsEx
FillRect
CallWindowProcW
DefWindowProcA
SetWindowLongPtrW
GetWindowLongPtrA
WaitMessage
PeekMessageW
PeekMessageA
GetMessageW
GetMessageA
SetRectEmpty
SendMessageA
SystemParametersInfoA
GetMonitorInfoW
ClientToScreen
GetClientRect
IsWindow
DispatchMessageA
SendMessageW
GetMessageTime
RegisterWindowMessageA
gdi32
CreateRectRgn
CreateDCA
GetObjectType
GetDIBits
GetSystemPaletteEntries
CombineRgn
CreatePolygonRgn
SelectClipRgn
StretchDIBits
SetViewportOrgEx
GetObjectA
OffsetRgn
GetViewportOrgEx
GetRandomRgn
SetBrushOrgEx
GetBrushOrgEx
GetCurrentObject
GetDeviceCaps
SaveDC
ModifyWorldTransform
GetTextExtentExPointW
GetTextExtentPoint32W
CreateFontIndirectW
ExtTextOutW
TextOutW
GdiFlush
CreateDIBSection
GetClipBox
SetRectRgn
BitBlt
ExtSelectClipRgn
IntersectClipRect
GetClipRgn
GetWorldTransform
RealizePalette
SelectPalette
SetWorldTransform
SetGraphicsMode
GetWindowExtEx
GetViewportExtEx
DeleteDC
PatBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
CreateSolidBrush
DeleteObject
RestoreDC
GetPixel
advapi32
GetTraceEnableLevel
RegisterTraceGuidsA
GetTraceEnableFlags
GetTraceLoggerHandle
UnregisterTraceGuids
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
TraceEvent
Exports
Exports
AddGadgetMessageHandler
AddLayeredRef
AdjustClipInsideRef
AttachWndProcA
AttachWndProcW
AutoTrace
BuildAnimation
BuildDropTarget
BuildInterpolation
CacheDWriteRenderTarget
ChangeCurrentAnimationScenario
ClearPushedOpacitiesFromGadgetTree
ClearTopmostVisual
CreateAction
CreateGadget
CustomGadgetHitTestQuery
DUserBuildGadget
DUserCastClass
DUserCastDirect
DUserCastHandle
DUserDeleteGadget
DUserFindClass
DUserFlushDeferredMessages
DUserFlushMessages
DUserGetAlphaPRID
DUserGetGutsData
DUserGetRectPRID
DUserGetRotatePRID
DUserGetScalePRID
DUserInstanceOf
DUserPostEvent
DUserPostMethod
DUserRegisterGuts
DUserRegisterStub
DUserRegisterSuper
DUserSendEvent
DUserSendMethod
DUserStopAnimation
DUserStopPVLAnimation
DeleteHandle
DestroyPendingDCVisuals
DetachGadgetVisuals
DetachWndProc
DisableContainerHwnd
DllMain
DrawGadgetTree
EnsureAnimationsEnabled
EnsureGadgetTransInitialized
EnumGadgets
FindGadgetFromPoint
FindGadgetMessages
FindStdColor
FireGadgetMessages
ForwardGadgetMessage
FreeGdiDxInteropStagingBuffer
GadgetTransCompositionChanged
GadgetTransSettingChanged
GetActionTimeslice
GetCachedDWriteRenderTarget
GetDUserModule
GetDebug
GetFinalAnimatingPosition
GetGadget
GetGadgetAnimation
GetGadgetBitmap
GetGadgetBufferInfo
GetGadgetCenterPoint
GetGadgetFlags
GetGadgetFocus
GetGadgetLayerInfo
GetGadgetMessageFilter
GetGadgetProperty
GetGadgetRect
GetGadgetRgn
GetGadgetRootInfo
GetGadgetRotation
GetGadgetScale
GetGadgetSize
GetGadgetStyle
GetGadgetTicket
GetGadgetVisual
GetMessageExA
GetMessageExW
GetStdColorBrushF
GetStdColorBrushI
GetStdColorF
GetStdColorI
GetStdColorName
GetStdColorPenF
GetStdColorPenI
GetStdPalette
InitGadgetComponent
InitGadgets
InvalidateGadget
InvalidateLayeredDescendants
IsGadgetParentChainStyle
IsInsideContext
IsStartDelete
LookupGadgetTicket
MapGadgetPoints
PeekMessageExA
PeekMessageExW
RegisterGadgetMessage
RegisterGadgetMessageString
RegisterGadgetProperty
ReleaseDetachedObjects
ReleaseLayeredRef
ReleaseMouseCapture
RemoveClippingImmunityFromVisual
RemoveGadgetMessageHandler
RemoveGadgetProperty
ResetDUserDevice
ScheduleGadgetTransitions
SetActionTimeslice
SetAtlasingHints
SetGadgetBufferInfo
SetGadgetCenterPoint
SetGadgetFillF
SetGadgetFillI
SetGadgetFlags
SetGadgetFocus
SetGadgetFocusEx
SetGadgetLayerInfo
SetGadgetMessageFilter
SetGadgetOrder
SetGadgetParent
SetGadgetProperty
SetGadgetRect
SetGadgetRootInfo
SetGadgetRotation
SetGadgetScale
SetGadgetStyle
SetHardwareDeviceUsage
SetMinimumDCompVersion
SetRestoreCachedLayeredRefFlag
SetTransitionVisualProperties
SetWindowResizeFlag
UnregisterGadgetMessage
UnregisterGadgetMessageString
UnregisterGadgetProperty
UtilBuildFont
UtilDrawBlendRect
UtilDrawOutlineRect
UtilGetColor
UtilSetBackground
WaitMessageEx
Sections
.text Size: 260KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 432B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WmpDui/vmdevicehost.dll.dll windows:10 windows x64 arch:x64
Password: 1234
55df1397ebb86b43492d3f28e84cef4c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
VmDeviceHost.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
__std_terminate
memmove
_o_abort
_o_free
_o_malloc
_o_terminate
_o_wcstod
_o_wcstoull
__CxxFrameHandler3
_CxxThrowException
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
__C_specific_handler
__CxxFrameHandler4
memcpy
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
api-ms-win-crt-string-l1-1-0
wcsncmp
memset
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
GetProcAddress
api-ms-win-core-synch-l1-1-0
CreateMutexExW
SetEvent
DeleteCriticalSection
AcquireSRWLockShared
ResetEvent
ReleaseSRWLockShared
LeaveCriticalSection
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
WaitForSingleObject
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
InitializeSRWLock
EnterCriticalSection
CreateSemaphoreExW
AcquireSRWLockExclusive
ReleaseMutex
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceBeginInitialize
SignalObjectAndWait
InitOnceExecuteOnce
WakeAllConditionVariable
SleepConditionVariableSRW
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
OpenProcessToken
GetCurrentThreadId
GetCurrentProcessId
GetExitCodeThread
TerminateProcess
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlCaptureContext
RtlCaptureStackBackTrace
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventWrite
EventRegister
EventSetInformation
EventUnregister
EventEnabled
api-ms-win-core-registry-l1-1-0
RegGetValueW
RegCloseKey
RegOpenKeyExW
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
api-ms-win-core-errorhandling-l1-1-2
RaiseFailFastException
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-psapi-l1-1-0
K32GetModuleInformation
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-com-l1-1-0
CoUninitialize
CoInitializeEx
CoEnableCallCancellation
CoCancelCall
CoDisableCallCancellation
CoTaskMemFree
CoInitializeSecurity
rpcrt4
UuidCompare
oleaut32
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayAccessData
api-ms-win-security-base-l1-1-0
MakeAbsoluteSD
InitializeSid
SetSecurityDescriptorGroup
GetTokenInformation
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetSidLengthRequired
GetSidSubAuthority
SetSecurityDescriptorOwner
GetLengthSid
GetSecurityDescriptorDacl
api-ms-win-security-provider-l1-1-0
GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-security-sddl-l1-1-0
ConvertStringSidToSidW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
CloseThreadpoolTimer
SetThreadpoolTimer
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-memory-l1-1-0
MapViewOfFile
VirtualQuery
UnmapViewOfFile
Exports
Exports
HdvCreateDeviceInstance
HdvCreateGuestMemoryAperture
HdvCreateSectionBackedMmioRange
HdvDeliverGuestInterrupt
HdvDestroyGuestMemoryAperture
HdvDestroySectionBackedMmioRange
HdvInitializeDeviceHost
HdvInitializeDeviceHostForProxy
HdvProxyDeviceHost
HdvReadGuestMemory
HdvRegisterDoorbell
HdvRegisterDoorbellPage
HdvTeardownDeviceHost
HdvUnregisterDoorbell
HdvUnregisterDoorbellPage
HdvWriteGuestMemory
Sections
.text Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WmpDui/wmploc.DLL.dll windows:10 windows x64 arch:x64
Password: 1234
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
.rdata Size: 512B - Virtual size: 208B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
clusapi/Faultrep.dll.dll windows:10 windows x64 arch:x64
Password: 1234
dc1921f8ab88e7ef1205a0a0e1989251
Code Sign
33:00:00:03:8b:79:45:c1:8b:0e:b6:87:ec:00:00:00:00:03:8bCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before05/05/2022, 19:23Not After04/05/2023, 19:23SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:aa:f8:30:da:c5:1c:01:cd:58:94:43:f8:0f:a1:fe:76:d0:dc:77:1a:59:b7:f8:2e:e5:8d:7b:8d:7b:0c:70Signer
Actual PE Digest33:aa:f8:30:da:c5:1c:01:cd:58:94:43:f8:0f:a1:fe:76:d0:dc:77:1a:59:b7:f8:2e:e5:8d:7b:8d:7b:0c:70Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
FaultRep.pdb
Imports
msvcrt
__dllonexit
_unlock
memcpy_s
_lock
??1exception@@UEAA@XZ
_amsg_exit
_callnewh
srand
time
rand
memmove
__C_specific_handler
_purecall
_XcptFilter
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
free
_onexit
_vsnprintf_s
_vsnwprintf
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
memcpy
memcmp
_initterm
malloc
__CxxFrameHandler3
memset
_local_unwind
realloc
_CxxThrowException
wcscmp
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
GetModuleFileNameA
FreeLibrary
GetModuleHandleExW
GetModuleFileNameW
LoadLibraryExW
FreeLibraryAndExitThread
GetModuleHandleW
DisableThreadLibraryCalls
LoadStringW
api-ms-win-core-synch-l1-1-0
ResetEvent
CreateMutexExW
CreateSemaphoreExW
InitializeSRWLock
InitializeCriticalSectionEx
ReleaseSemaphore
OpenSemaphoreW
WaitForSingleObjectEx
CreateEventW
ReleaseSRWLockShared
AcquireSRWLockExclusive
CreateMutexW
SetEvent
ReleaseSRWLockExclusive
WaitForSingleObject
AcquireSRWLockShared
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenEventW
OpenMutexW
ReleaseMutex
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetErrorMode
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
SetLastError
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
GetCurrentProcess
GetThreadId
DeleteProcThreadAttributeList
GetCurrentProcessId
CreateRemoteThread
SetThreadPriority
GetCurrentThread
GetThreadPriority
OpenProcessToken
CreateProcessW
GetExitCodeProcess
OpenThread
GetCurrentThreadId
GetProcessId
CreateThread
GetProcessTimes
GetExitCodeThread
api-ms-win-core-localization-l1-2-0
LCMapStringW
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventUnregister
EventProviderEnabled
EventRegister
EventSetInformation
EventWrite
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
GetTickCount64
GetSystemDirectoryW
GetSystemInfo
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-wow64-l1-1-1
GetSystemWow64DirectoryW
IsWow64Process2
GetSystemWow64Directory2W
ntdll
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockExclusive
wcscpy_s
NtCreateFile
NtDeviceIoControlFile
NtAllocateVirtualMemory
NtFreeVirtualMemory
RtlAdjustPrivilege
NtQueryInformationThread
_wcstoui64
DbgPrint
isspace
RtlSetThreadErrorMode
RtlFreeHeap
RtlAllocateHeap
tolower
RtlQueryWnfStateData
memmove_s
ZwQueryInformationThread
RtlNtStatusToDosError
RtlDecodeSystemPointer
NtClearEvent
NtWaitForMultipleObjects
RtlSetCurrentTransaction
RtlGetCurrentTransaction
RtlGetNtSystemRoot
RtlDetermineDosPathNameType_U
NtQueryValueKey
RtlInitUnicodeStringEx
NtOpenKey
wcsstr
RtlReleasePebLock
wcsncmp
RtlTryAcquirePebLock
RtlGetUnloadEventTraceEx
EtwCheckCoverage
NtSetInformationProcess
towlower
NtResumeProcess
NtSuspendThread
NtResumeThread
NtSuspendProcess
RtlSubAuthorityCountSid
RtlIdentifierAuthoritySid
NtSetSystemInformation
RtlWakeAllConditionVariable
PssNtFreeSnapshot
ZwQueryWnfStateNameInformation
ZwUpdateWnfStateData
EtwEventWriteNoRegistration
NtQuerySystemInformation
NtOpenEvent
NtWaitForSingleObject
RtlAllocateAndInitializeSid
RtlInitUnicodeString
NtAlpcConnectPort
NtAlpcSendWaitReceivePort
RtlFreeSid
RtlQueryResourcePolicy
NtOpenProcess
PssNtCaptureSnapshot
NtClose
RtlCompareUnicodeString
RtlNtStatusToDosErrorNoTeb
NtQueryInformationToken
NtQueryLicenseValue
RtlImageNtHeaderEx
NtQueryEvent
NtSetInformationFile
RtlSecondsSince1970ToTime
swprintf_s
wcscat_s
wcsncpy_s
RtlCompareMemory
NtSystemDebugControl
RtlWerpReportException
RtlCreateProcessReflection
NtQueryInformationProcess
wcstoul
_errno
wcsrchr
toupper
_wtoi
wcschr
iswspace
_wcsicmp
_wcsnicmp
_vscwprintf
DbgPrintEx
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
RtlSleepConditionVariableSRW
kernelbase
CreateProcessAsUserW
LocalAlloc
api-ms-win-service-private-l1-1-0
I_QueryTagInformation
dbghelp
StackWalk64
SymFunctionTableAccess64
SymCleanup
MiniDumpWriteDump
SymInitialize
SymGetModuleInfoW64
SymGetModuleBase64
api-ms-win-core-windowserrorreporting-l1-1-0
WerGetFlags
GetApplicationRecoveryCallback
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
rpcrt4
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
NdrOleAllocate
UuidToStringW
UuidCreate
CStdStubBuffer_DebugServerRelease
RpcStringFreeW
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient6
ObjectStublessClient4
ObjectStublessClient3
ObjectStublessClient5
api-ms-win-core-com-l1-1-0
CoUnmarshalInterface
CoSetProxyBlanket
CoTaskMemAlloc
CoRevertToSelf
CoImpersonateClient
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx
api-ms-win-core-processthreads-l1-1-1
GetThreadContext
OpenProcess
api-ms-win-core-file-l1-1-0
GetFileAttributesW
FindClose
CreateFileW
GetLogicalDriveStringsW
GetLongPathNameW
GetFinalPathNameByHandleW
SetFileInformationByHandle
DeleteFileW
ReadFile
SetFilePointerEx
SetEndOfFile
SetFileAttributesW
GetDriveTypeW
FlushFileBuffers
CreateDirectoryW
GetTempFileNameW
FindFirstFileW
CompareFileTime
FindNextFileW
QueryDosDeviceW
WriteFile
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
LookupAccountSidW
api-ms-win-security-base-l1-1-0
DuplicateToken
CreateWellKnownSid
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
IsValidSid
GetLengthSid
CopySid
AdjustTokenPrivileges
AdjustTokenGroups
ImpersonateLoggedOnUser
RevertToSelf
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolWait
CreateThreadpoolWait
SetThreadpoolWait
CreateThreadpoolTimer
WaitForThreadpoolWaitCallbacks
SetThreadpoolTimer
api-ms-win-core-psapi-l1-1-0
K32GetModuleFileNameExW
K32GetProcessImageFileNameW
K32EnumProcesses
QueryFullProcessImageNameW
K32GetMappedFileNameW
K32EnumProcessModules
api-ms-win-core-file-l2-1-0
MoveFileExW
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
FileTimeToSystemTime
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-errorhandling-l1-1-3
SetThreadErrorMode
api-ms-win-core-memory-l1-1-0
VirtualFreeEx
CreateFileMappingW
VirtualAlloc
VirtualFree
WriteProcessMemory
MapViewOfFile
VirtualAllocEx
ReadProcessMemory
VirtualQueryEx
UnmapViewOfFile
VirtualQuery
api-ms-win-core-processsnapshot-l1-1-0
PssQuerySnapshot
PssWalkMarkerCreate
PssWalkMarkerFree
PssFreeSnapshot
PssDuplicateSnapshot
api-ms-win-core-file-l1-2-0
GetTempPathW
api-ms-win-core-processenvironment-l1-1-0
SearchPathW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
api-ms-win-core-winrt-l1-1-0
RoUninitialize
RoInitialize
RoGetActivationFactory
api-ms-win-core-debug-l1-1-1
CheckRemoteDebuggerPresent
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
api-ms-win-core-registry-l1-1-0
RegGetKeySecurity
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetKeySecurity
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegGetValueW
api-ms-win-core-wow64-l1-1-0
IsWow64Process
api-ms-win-service-management-l1-1-0
OpenSCManagerW
CloseServiceHandle
OpenServiceW
StartServiceW
api-ms-win-core-registry-l1-1-1
RegSetKeyValueW
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-version-l1-1-0
GetFileVersionInfoSizeExW
GetFileVersionInfoExW
VerQueryValueW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyA
RegDeleteKeyW
api-ms-win-eventlog-legacy-l1-1-0
ReportEventW
DeregisterEventSource
RegisterEventSourceW
api-ms-win-core-toolhelp-l1-1-0
Thread32First
Process32FirstW
Process32NextW
Thread32Next
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
api-ms-win-shcore-obsolete-l1-1-0
CommandLineToArgvW
api-ms-win-core-shlwapi-obsolete-l1-1-0
StrStrIW
api-ms-win-security-trustee-l1-1-0
BuildSecurityDescriptorW
api-ms-win-core-localization-obsolete-l1-2-0
GetUserDefaultUILanguage
Exports
Exports
AddERExcludedApplicationA
AddERExcludedApplicationW
BasepReportFault
CancelHangReporting
CheckForReadOnlyResourceFilter
CheckPerUserCrossProcessThrottle
DllCanUnloadNow
DllGetClassObject
ReportCoreHang
ReportFault
ReportHang
UpdatePerUserLastCrossProcessCollectionTime
WerReportHang
WerpGetDebugger
WerpInitiateCrashReporting
WerpLaunchAeDebug
Sections
.text Size: 284KB - Virtual size: 284KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 86KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 960B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
clusapi/clusapi.dll.dll windows:10 windows x64 arch:x64
Password: 1234
32d1f60f6d07763ef20671aa9fa8fb16
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
ClusApi.pdb
Imports
rpcrt4
UuidFromStringW
UuidCreate
RpcAsyncInitializeHandle
RpcMgmtSetComTimeout
RpcAsyncCancelCall
NdrClientCall3
Ndr64AsyncClientCall
RpcEpResolveBinding
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcErrorGetNextRecord
RpcErrorStartEnumeration
RpcBindingFree
RpcErrorEndEnumeration
RpcSmDestroyClientContext
RpcBindingReset
RpcStringFreeW
RpcAsyncCompleteCall
RpcBindingSetAuthInfoExW
ntdll
RtlIpv6StringToAddressExW
RtlInitString
RtlValidSecurityDescriptor
RtlAllocateHeap
RtlMakeSelfRelativeSD
RtlLengthSecurityDescriptor
RtlInitUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlIpv4AddressToStringExW
RtlUnicodeStringToAnsiString
NtQuerySystemInformation
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlFreeHeap
RtlNtStatusToDosError
EtwEventRegister
EtwEventWrite
EtwEventEnabled
RtlIpv4StringToAddressW
RtlIpv6AddressToStringExW
RtlIpv4StringToAddressExW
EtwEventUnregister
EtwEventWriteString
api-ms-win-core-localization-l1-2-0
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
GetUserDefaultLCID
FormatMessageW
LCMapStringW
api-ms-win-core-processthreads-l1-1-0
GetStartupInfoW
GetCurrentThreadId
TlsGetValue
TlsSetValue
TlsFree
OpenProcessToken
SetThreadToken
CreateThread
ExitThread
ExitProcess
TlsAlloc
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetCurrentThread
GetExitCodeThread
OpenThreadToken
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetModuleFileNameA
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
LoadStringW
GetProcAddress
FreeLibraryAndExitThread
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
OutputDebugStringA
api-ms-win-core-errorhandling-l1-1-0
GetLastError
RaiseException
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
api-ms-win-core-synch-l1-1-0
SetEvent
CreateEventW
WaitForMultipleObjectsEx
ResetEvent
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSectionEx
EnterCriticalSection
WaitForSingleObjectEx
CreateMutexExW
OpenSemaphoreW
InitializeCriticalSectionAndSpinCount
ReleaseMutex
ReleaseSemaphore
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateSemaphoreExW
InitializeSRWLock
InitializeCriticalSection
LeaveCriticalSection
TryAcquireSRWLockExclusive
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-threadpool-l1-2-0
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventWriteTransfer
EventUnregister
EventRegister
api-ms-win-core-sysinfo-l1-1-0
GetComputerNameExW
GetSystemTimeAsFileTime
GetTickCount64
GetSystemTime
api-ms-win-security-base-l1-1-0
FreeSid
IsValidSid
RevertToSelf
CreateWellKnownSid
ImpersonateLoggedOnUser
DuplicateToken
InitializeAcl
GetAce
IsValidAcl
AdjustTokenPrivileges
ImpersonateSelf
InitializeSecurityDescriptor
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorDacl
GetLengthSid
AreAnyAccessesGranted
GetTokenInformation
MapGenericMask
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetSecurityDescriptorLength
AddAccessAllowedAce
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceExecuteOnce
api-ms-win-core-string-l1-1-0
GetStringTypeW
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
api-ms-win-core-file-l1-1-0
SetFilePointerEx
GetFileSizeEx
FindNextFileW
GetFileType
FlushFileBuffers
CreateFileW
FindFirstFileExW
GetVolumePathNameW
FindClose
WriteFile
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-file-l1-2-0
GetVolumeNameForVolumeMountPointW
api-ms-win-core-registry-l1-1-0
RegFlushKey
RegRestoreKeyW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyExW
RegGetKeySecurity
RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegSaveKeyExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumKeyExW
RegQueryValueExW
bcrypt
BCryptHashData
BCryptCreateHash
BCryptFinishHash
BCryptDestroyHash
api-ms-win-core-realtime-l1-1-1
QueryInterruptTime
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-sysinfo-l1-2-0
GetSystemTimePreciseAsFileTime
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-processenvironment-l1-1-0
FreeEnvironmentStringsW
GetCommandLineA
GetStdHandle
GetCommandLineW
GetEnvironmentStringsW
SetStdHandle
api-ms-win-core-console-l1-1-0
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
InterlockedFlushSList
api-ms-win-core-fibers-l1-1-0
FlsSetValue
FlsFree
FlsAlloc
FlsGetValue
api-ms-win-core-util-l1-1-0
EncodePointer
api-ms-win-core-kernel32-legacy-l1-1-0
RegisterWaitForSingleObject
UnregisterWait
GetComputerNameW
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
api-ms-win-security-lsapolicy-l1-1-0
LsaQueryInformationPolicy
LsaOpenPolicy
LsaClose
LsaFreeMemory
api-ms-win-security-activedirectoryclient-l1-1-0
DsCrackNamesW
DsFreePasswordCredentials
DsMakePasswordCredentialsW
DsFreeNameResultW
DsUnBindW
kernelbase
ResolveDelayLoadedAPI
dnsapi
DnsValidateName_W
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
AddClusterGroupDependency
AddClusterGroupSetDependency
AddClusterGroupToGroupSetDependency
AddClusterNode
AddClusterResourceDependency
AddClusterResourceNode
AddClusterStorageNode
AddCrossClusterGroupSetDependency
AddResourceToClusterSharedVolumes
AddResourceToClusterSharedVolumesEx
BackupClusterDatabase
CCHlpAddNodeUpdateCluster
CCHlpConfigureNode
CCHlpCreateClusterNameCOIfNotExists
CCHlpCreateClusterNameInAD
CCHlpGetClusterServiceSecret
CCHlpGetDNSHostLabel
CCHlpRestoreClusterVirtualObjectToInitialState
CanResourceBeDependent
CancelClusterGroupOperation
ChangeClusterResourceGroup
ChangeClusterResourceGroupEx
CloseCluster
CloseClusterGroup
CloseClusterGroupSet
CloseClusterNetInterface
CloseClusterNetwork
CloseClusterNode
CloseClusterNotifyPort
CloseClusterResource
CluFreeFaultDomainInfo
CluFreeGuidArrayPtr
CluFreeStr
CluGetDriveInfo
CluGetFaultDomainObject
CluGetFaultDomainObjects
CluRemoveFaultDomainObject
ClusterAddGroupToAffinityRule
ClusterAddGroupToGroupSet
ClusterAddGroupToGroupSetWithDomains
ClusterAffinityRuleControl
ClusterCaptureLiveDump
ClusterChangeVMSettings
ClusterCloseEnum
ClusterCloseEnumEx
ClusterControl
ClusterCreateAffinityRule
ClusterCreateClusterStorageEnclosure
ClusterCreateFaultDomain
ClusterCreateFaultDomainFromXML
ClusterCreateVMReservation
ClusterCreateVMReservationWithDomains
ClusterEnum
ClusterEnumEx
ClusterFreeMemory
ClusterFreeMrrResponse
ClusterFreeVMReservation
ClusterGetClusterStorageEnclosureObject
ClusterGetClusterStorageEnclosureObjects
ClusterGetDriveInfo
ClusterGetEnumCount
ClusterGetEnumCountEx
ClusterGetFaultDomainObject
ClusterGetFaultDomainObjects
ClusterGetFaultDomainState
ClusterGetFaultDomainXML
ClusterGetPlacementScore
ClusterGroupCloseEnum
ClusterGroupCloseEnumEx
ClusterGroupControl
ClusterGroupEnum
ClusterGroupEnumEx
ClusterGroupGetEnumCount
ClusterGroupGetEnumCountEx
ClusterGroupOpenEnum
ClusterGroupOpenEnumEx
ClusterGroupSetCloseEnum
ClusterGroupSetControl
ClusterGroupSetEnum
ClusterGroupSetGetEnumCount
ClusterGroupSetOpenEnum
ClusterNetInterfaceCloseEnum
ClusterNetInterfaceControl
ClusterNetInterfaceEnum
ClusterNetInterfaceOpenEnum
ClusterNetworkCloseEnum
ClusterNetworkControl
ClusterNetworkEnum
ClusterNetworkGetEnumCount
ClusterNetworkHealthFreeInterfaceConnections
ClusterNetworkHealthFreeNodeConnections
ClusterNetworkHealthGetInterfaceConnections
ClusterNetworkHealthGetNodeConnections
ClusterNetworkOpenEnum
ClusterNodeCloseEnum
ClusterNodeCloseEnumEx
ClusterNodeControl
ClusterNodeEnum
ClusterNodeEnumEx
ClusterNodeGetEnumCount
ClusterNodeGetEnumCountEx
ClusterNodeOpenEnum
ClusterNodeOpenEnumEx
ClusterNodeReplacement
ClusterOpenEnum
ClusterOpenEnumEx
ClusterRegBatchAddCommand
ClusterRegBatchCloseNotification
ClusterRegBatchReadCommand
ClusterRegCloseBatch
ClusterRegCloseBatchEx
ClusterRegCloseBatchNotifyPort
ClusterRegCloseKey
ClusterRegCloseReadBatch
ClusterRegCloseReadBatchEx
ClusterRegCloseReadBatchReply
ClusterRegCreateBatch
ClusterRegCreateBatchNotifyPort
ClusterRegCreateKey
ClusterRegCreateKeyForceSync
ClusterRegCreateReadBatch
ClusterRegDeleteKey
ClusterRegDeleteKeyForceSync
ClusterRegDeleteValue
ClusterRegDeleteValueForceSync
ClusterRegEnumKey
ClusterRegEnumValue
ClusterRegGetBatchNotification
ClusterRegGetKeySecurity
ClusterRegOpenKey
ClusterRegQueryAllValues
ClusterRegQueryInfoKey
ClusterRegQueryValue
ClusterRegReadBatchAddCommand
ClusterRegReadBatchReplyNextCommand
ClusterRegSetKeySecurity
ClusterRegSetValue
ClusterRegSetValueForceSync
ClusterRegSyncDatabase
ClusterRemoveAffinityRule
ClusterRemoveClusterStorageEnclosure
ClusterRemoveFaultDomain
ClusterRemoveGroupFromAffinityRule
ClusterRemoveGroupFromGroupSet
ClusterResourceCloseEnum
ClusterResourceCloseEnumEx
ClusterResourceControl
ClusterResourceControlAsUser
ClusterResourceEnum
ClusterResourceEnumEx
ClusterResourceGetEnumCount
ClusterResourceGetEnumCountEx
ClusterResourceOpenEnum
ClusterResourceOpenEnumEx
ClusterResourceTypeCloseEnum
ClusterResourceTypeControl
ClusterResourceTypeControlAsUser
ClusterResourceTypeEnum
ClusterResourceTypeGetEnumCount
ClusterResourceTypeOpenEnum
ClusterSendReceiveMrr
ClusterSendReceiveMrrAsUser
ClusterSetAccountAccess
ClusterSetClusterStorageEnclosure
ClusterSetFaultDomain
ClusterSetNodeFaultDomain
ClusterSharedVolumeClearBackupState
ClusterSharedVolumeSetSnapshotState
ClusterStmFindDisk
ClusterUpgradeFunctionalLevel
ClusterUpgradeFunctionalLevelEx
CreateCluster
CreateClusterAvailabilitySet
CreateClusterGroup
CreateClusterGroupEx
CreateClusterGroupSet
CreateClusterManagementPoint
CreateClusterNameAccount
CreateClusterNotifyPort
CreateClusterNotifyPortV2
CreateClusterResource
CreateClusterResourceType
CreateClusterResourceWithId
DeleteClusterGroup
DeleteClusterGroupSet
DeleteClusterResource
DeleteClusterResourceType
DestroyCluster
DestroyClusterGroup
DetermineCNOResTypeFromCluster
DetermineCNOResTypeFromNodelist
DetermineClusterCloudTypeFromCluster
DetermineClusterCloudTypeFromNodelist
EvictClusterNode
EvictClusterNodeEx
FailClusterResource
FreeClusFaultDomainInfo
FreeClusFaultDomainInfoArray
FreeClusFaultDomainXML
FreeClusStorageEnclosureInfo
FreeClusStorageEnclosureInfoArray
GetClusterFromGroup
GetClusterFromNetInterface
GetClusterFromNetwork
GetClusterFromNode
GetClusterFromResource
GetClusterGroupKey
GetClusterGroupState
GetClusterInformation
GetClusterKey
GetClusterNetInterface
GetClusterNetInterfaceKey
GetClusterNetInterfaceState
GetClusterNetworkId
GetClusterNetworkKey
GetClusterNetworkState
GetClusterNodeId
GetClusterNodeKey
GetClusterNodeState
GetClusterNotify
GetClusterNotifyV2
GetClusterQuorumResource
GetClusterResourceDependencyExpression
GetClusterResourceKey
GetClusterResourceNetworkName
GetClusterResourceState
GetClusterResourceTypeKey
GetClusterSharedVolumeNameForFile
GetNodeCloudTypeDW
GetNodeClusterState
GetNotifyEventHandle
InitializeClusFaultDomainInfo
InitializeClusFaultDomainInfoArray
InitializeClusStorageEnclosureInfo
InitializeClusStorageEnclosureInfoArray
IsFileOnClusterSharedVolume
MoveClusterGroup
MoveClusterGroupEx
OfflineClusterGroup
OfflineClusterGroupEx
OfflineClusterResource
OfflineClusterResourceEx
OnlineClusterGroup
OnlineClusterGroupEx
OnlineClusterResource
OnlineClusterResourceEx
OpenCluster
OpenClusterEx
OpenClusterEx2
OpenClusterGroup
OpenClusterGroupEx
OpenClusterGroupSet
OpenClusterNetInterface
OpenClusterNetInterfaceEx
OpenClusterNetwork
OpenClusterNetworkEx
OpenClusterNode
OpenClusterNodeById
OpenClusterNodeEx
OpenClusterResource
OpenClusterResourceEx
PauseClusterNode
PauseClusterNodeEx
RegisterClusterNotify
RegisterClusterNotifyV2
RegisterClusterResourceTypeNotifyV2
RemoveClusterGroupDependency
RemoveClusterGroupSetDependency
RemoveClusterGroupToGroupSetDependency
RemoveClusterNameAccount
RemoveClusterResourceDependency
RemoveClusterResourceNode
RemoveClusterStorageNode
RemoveCrossClusterGroupSetDependency
RemoveResourceFromClusterSharedVolumes
RestartClusterResource
RestoreClusterDatabase
ResumeClusterNode
ResumeClusterNodeEx
SetClusterGroupName
SetClusterGroupNodeList
SetClusterGroupSetDependencyExpression
SetClusterName
SetClusterNetworkName
SetClusterNetworkPriorityOrder
SetClusterQuorumResource
SetClusterResourceDependencyExpression
SetClusterResourceName
SetClusterServiceAccountPassword
SetGroupDependencyExpression
Sections
.text Size: 645KB - Virtual size: 645KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 333KB - Virtual size: 332KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 760B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
clusapi/fdprint.dll.dll regsvr32 windows:10 windows x64 arch:x64
Password: 1234
8aa7811f04fa4220310211242657bee6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
fdprint.pdb
Imports
msvcrt
_purecall
__C_specific_handler
_vsnwprintf
memcpy_s
_vsnprintf_s
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
memmove_s
wcschr
wcstok_s
__CxxFrameHandler3
malloc
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
_XcptFilter
_amsg_exit
free
_initterm
_lock
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
??3@YAXPEAX@Z
memcmp
memset
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
NtQueryInformationToken
kernel32
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
InitializeSRWLock
CreateSemaphoreExW
LeaveCriticalSection
CreateMutexExW
GetCurrentProcessId
CompareStringOrdinal
GetTickCount
QueryPerformanceCounter
Sleep
DisableThreadLibraryCalls
FormatMessageW
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleExW
GetModuleFileNameA
DebugBreak
GetModuleHandleW
GetProcAddress
GetLastError
IsDebuggerPresent
OutputDebugStringW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
SetLastError
SetEvent
CloseHandle
ReleaseSemaphore
ReleaseMutex
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
WaitForSingleObjectEx
EnterCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
WaitForSingleObject
OpenSemaphoreW
CreateThreadpoolTimer
DeactivateActCtx
ActivateActCtx
LoadLibraryW
FindActCtxSectionStringW
CreateActCtxW
GetModuleFileNameW
QueryActCtxW
OutputDebugStringA
lstrcmpiW
LoadLibraryExW
FreeLibrary
LocalFree
WritePrivateProfileStringW
DeleteFileW
GetTempPathW
CreateDirectoryW
SetFileAttributesW
RemoveDirectoryW
CheckElevationEnabled
GetCurrentProcess
GetSystemDirectoryW
GetExitCodeProcess
CreateEventW
QueueUserWorkItem
advapi32
EventUnregister
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
EventWriteTransfer
OpenProcessToken
TraceMessage
EventRegister
gdi32
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
user32
LoadStringW
GetSystemMetrics
DestroyIcon
InsertMenuItemW
CreatePopupMenu
GetMenuDefaultItem
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
DialogBoxParamW
GetDlgItem
SendMessageW
SetFocus
ShowWindow
EndDialog
EnableWindow
SetTimer
ReleaseDC
GetDC
ole32
PropVariantClear
CoCreateInstance
CoInitialize
CoCreateGuid
StringFromGUID2
CoUninitialize
FreePropVariantArray
CoTaskMemAlloc
CoInitializeEx
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CLSIDFromString
PropVariantCopy
oleaut32
VariantInit
VariantClear
SysAllocString
SysStringLen
SysFreeString
propsys
PropVariantToGUID
InitPropVariantFromStringAsVector
InitPropVariantFromCLSID
PropVariantToBoolean
InitPropVariantFromGUIDAsString
shlwapi
ord197
ord388
ord16
StrCmpNIW
winspool.drv
EnumPrintersW
ord204
ord203
OpenPrinterW
ClosePrinter
GetPrinterDriverDirectoryW
GetPrinterDataExW
EnumPortsW
XcvDataW
EnumFormsW
GetPrinterW
setupapi
SetupDiGetCustomDevicePropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDevicePropertyW
SetupDiDestroyDeviceInfoList
bcrypt
BCryptHashData
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptCreateHash
BCryptFinishHash
shell32
SHInvokePrinterCommandW
ShellExecuteExW
SHGetKnownFolderPath
CommandLineToArgvW
ord100
SHGetFolderLocation
SHGetItemFromObject
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
InvokeTaskW
Sections
.text Size: 163KB - Virtual size: 162KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 952B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
clusapi/pmcsnap.dll.dll regsvr32 windows:10 windows x64 arch:x64
84a861b28d936fb2b6188a1533a5b6bd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
pmcsnap.pdb
Imports
msvcrt
wcschr
memset
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
??3@YAXPEAX@Z
free
_amsg_exit
_XcptFilter
memmove
memcpy
__CxxFrameHandler3
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
malloc
_wtoi
wcsstr
wcstol
_errno
__C_specific_handler
wcstok_s
_vsnwprintf
_wcsicmp
_wcsnicmp
_purecall
??_V@YAXPEAX@Z
_initterm
wcscmp
kernel32
FormatMessageW
LocalFree
GetFileAttributesW
GetComputerNameExW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCurrentThreadId
CloseHandle
DeleteCriticalSection
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventW
WaitForSingleObject
WaitForMultipleObjects
ResetEvent
ActivateActCtx
DeactivateActCtx
LoadLibraryW
FindActCtxSectionStringW
CreateActCtxW
SetLastError
GetModuleHandleExW
QueryActCtxW
OutputDebugStringA
GetProcAddress
DeleteFileW
GetSystemDirectoryW
FreeLibrary
lstrcmpiW
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
GetModuleFileNameW
GetLastError
DisableThreadLibraryCalls
HeapFree
SetThreadpoolTimer
InitializeCriticalSection
VirtualQuery
FreeLibraryAndExitThread
CreateThread
FindResourceW
SizeofResource
LoadResource
LockResource
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetProcessMitigationPolicy
LocalAlloc
HeapAlloc
GetDateFormatW
GetProcessHeap
ole32
StringFromCLSID
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
GetHGlobalFromStream
CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
advapi32
EventRegister
RegEnumValueW
RegOpenKeyExW
RegCloseKey
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
TraceMessage
EventWriteTransfer
EventUnregister
EventSetInformation
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
user32
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindow
GetWindowLongW
DialogBoxParamW
IsDlgButtonChecked
CheckDlgButton
KillTimer
SetTimer
SetCursor
LoadCursorW
SetWindowLongPtrW
EndDialog
DestroyWindow
CreateDialogParamW
SetWindowTextW
SetFocus
ShowWindow
IsWindowVisible
SendMessageW
GetParent
GetDlgItem
SetWindowPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
PostMessageW
GetWindowRect
EnableWindow
LoadImageW
DestroyIcon
RegisterClipboardFormatW
LoadBitmapW
LoadIconW
GetWindowLongPtrW
MessageBoxW
IsWindowEnabled
gdi32
DeleteObject
winspool.drv
DeleteFormW
ConfigurePortW
DeletePortW
DeletePrinterDriverExW
GetPrinterDataExW
SetPrinterDataExW
SetPrinterDataW
SetPrinterW
ClosePrinter
OpenPrinterW
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
ntdll
WinSqmSetDWORD
TpReleaseAlpcCompletion
TpWaitForAlpcCompletion
TpReleaseIoCompletion
TpWaitForIoCompletion
TpReleaseTimer
TpReleasePool
TpCallbackMayRunLong
TpSetWait
TpSimpleTryPost
RtlNtStatusToDosError
TpAllocWork
TpPostWork
TpAllocWait
TpAllocTimer
TpSetTimer
TpAllocIoCompletion
TpStartAsyncIoOperation
TpAllocAlpcCompletion
TpWaitForWork
TpReleaseWork
TpWaitForWait
TpReleaseWait
TpWaitForTimer
oleaut32
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
shell32
SHGetFolderPathW
SHSetLocalizedName
ord102
ShellExecuteExW
SHGetKnownFolderIDList
SHCreateItemFromIDList
ord155
ShellExecuteW
shlwapi
ord12
ord209
ord211
ord208
PathRemoveFileSpecW
ord219
ord210
ord174
ord256
gpedit
BrowseForGPO
netapi32
NetWkstaGetInfo
NetApiBufferFree
puiapi
XMLAPI_GetAttributeLong
XMLAPI_SetAttributeLong
STRAPI_TrimString
STRAPI_FormatMsg
STRAPI_FormatMsgV
XMLAPI_GetAttributeString
STRAPI_LoadString
PUIAPI_CreateInstance
STRAPI_GetPrinterStatusString
STRAPI_ConvertCase
STRBUF_Destroy
STRAPI_GUID2String
STRAPI_Format
PUIAPI_ShowDriverPackageRemovalUI
PUIAPI_GetPrinter
STRBUF_AppendString
STRBUF_CreateBSTR
STRBUF_MultiCat
XMLAPI_SetAttributeString
STRBUF_Create
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 428KB - Virtual size: 427KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 271KB - Virtual size: 271KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
clusapi/pnrpnsp.dll.dll windows:10 windows x64 arch:x64
f1136eac0f92127a1f9879204ad29ca4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
pnrpnsp.pdb
Imports
msvcrt
_onexit
__dllonexit
_unlock
_lock
_initterm
malloc
memmove
memcpy
free
_amsg_exit
_XcptFilter
iswdigit
_wcsnicmp
_purecall
iswalpha
wcschr
__C_specific_handler
towlower
memset
ntdll
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtQueueApcThread
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
api-ms-win-core-synch-l1-1-0
CreateEventW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
OpenEventW
WaitForMultipleObjectsEx
ResetEvent
SetEvent
WaitForSingleObject
EnterCriticalSection
DeleteCriticalSection
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-debug-l1-1-0
DebugBreak
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SwitchToThread
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
api-ms-win-security-base-l1-1-0
CreateWellKnownSid
api-ms-win-core-io-l1-1-0
PostQueuedCompletionStatus
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
api-ms-win-core-threadpool-private-l1-1-0
RegisterWaitForSingleObjectEx
api-ms-win-core-heap-l1-1-0
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
NSPStartup
Sections
.text Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 396B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mbussdapi/McpManagementProxy.dll.dll regsvr32 windows:10 windows x64 arch:x64
5205866b226d328a00560258b15ca67f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
McpManagementProxy.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__cexit
_o__configure_narrow_argv
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__seh_filter_dll
memcmp
__C_specific_handler
_o___std_type_info_destroy_list
api-ms-win-crt-string-l1-1-0
memset
rpcrt4
NdrDllRegisterProxy
CStdStubBuffer_Invoke
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
NdrStubCall3
CStdStubBuffer_IsIIDSupported
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
NdrCStdStubBuffer2_Release
CStdStubBuffer_CountRefs
NdrOleFree
NdrDllUnregisterProxy
NdrDllGetClassObject
NdrOleAllocate
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
api-ms-win-core-com-midlproxystub-l1-1-0
CStdStubBuffer2_Connect
CStdStubBuffer2_Disconnect
ObjectStublessClient10
ObjectStublessClient9
ObjectStublessClient4
ObjectStublessClient8
ObjectStublessClient3
CStdStubBuffer2_CountRefs
ObjectStublessClient11
ObjectStublessClient7
NdrProxyForwardingFunction3
ObjectStublessClient6
ObjectStublessClient12
ObjectStublessClient5
CStdStubBuffer2_QueryInterface
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 468B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 924B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mbussdapi/mbussdapi.dll.dll windows:10 windows x64 arch:x64
4e275b55feedc7804e601582de7f5721
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
MbUssdApi.pdb
Imports
msvcrt
_errno
__CxxFrameHandler3
_onexit
__dllonexit
realloc
_callnewh
_unlock
?terminate@@YAXXZ
toupper
__C_specific_handler
_CxxThrowException
_initterm
malloc
_amsg_exit
_XcptFilter
_wcsicmp
ceil
??0exception@@QEAA@AEBV0@@Z
memcpy
??0exception@@QEAA@XZ
rand
??1type_info@@UEAA@XZ
srand
rand_s
memmove
_purecall
_lock
free
??1exception@@UEAA@XZ
memset
api-ms-win-eventing-classicprovider-l1-1-0
RegisterTraceGuidsW
TraceMessage
GetTraceEnableLevel
GetTraceEnableFlags
UnregisterTraceGuids
GetTraceLoggerHandle
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
DisableThreadLibraryCalls
GetProcAddress
api-ms-win-core-winrt-error-l1-1-0
GetRestrictedErrorInfo
RoTransformError
RoOriginateErrorW
RoOriginateError
RoTransformErrorW
SetRestrictedErrorInfo
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-synch-l1-1-0
ReleaseSemaphore
WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
CreateMutexExW
OpenSemaphoreW
CreateEventW
CreateSemaphoreExW
EnterCriticalSection
AcquireSRWLockShared
InitializeCriticalSection
DeleteCriticalSection
SetEvent
LeaveCriticalSection
AcquireSRWLockExclusive
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceExecuteOnce
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateString
WindowsGetStringRawBuffer
WindowsCreateStringReference
WindowsStringHasEmbeddedNull
WindowsGetStringLen
WindowsIsStringEmpty
WindowsDeleteString
api-ms-win-core-com-l1-1-0
CoImpersonateClient
CoIncrementMTAUsage
CoCreateInstance
CreateStreamOnHGlobal
CoMarshalInterface
CoReleaseMarshalData
CoTaskMemFree
CoTaskMemAlloc
CoGetCallContext
CLSIDFromString
CoRevertToSelf
StringFromCLSID
CoCreateFreeThreadedMarshaler
CoDecrementMTAUsage
oleaut32
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
api-ms-win-core-winrt-error-l1-1-1
RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo
IsErrorPropagationEnabled
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
RoInitialize
RoUninitialize
api-ms-win-core-com-l1-1-1
RoGetAgileReference
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-processthreads-l1-1-0
CreateThread
GetCurrentProcess
GetCurrentProcessId
OpenProcessToken
TerminateProcess
GetCurrentThreadId
GetCurrentThread
OpenThreadToken
api-ms-win-security-base-l1-1-0
DuplicateTokenEx
GetTokenInformation
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
ntdll
_vsnwprintf
_vsnprintf_s
memmove_s
memcpy_s
RtlLoadString
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
api-ms-win-core-debug-l1-1-0
OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
DebugBreak
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
HeapAlloc
mobilenetworking
GetPersistentRegPath
api-ms-win-core-registry-l1-1-0
RegGetValueW
api-ms-win-devices-query-l1-1-0
DevFreeObjectProperties
DevGetObjectProperties
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventProviderEnabled
EventWriteTransfer
EventRegister
EventSetInformation
api-ms-win-core-heap-l2-1-0
LocalAlloc
api-ms-win-appmodel-runtime-l1-1-0
GetPackageFamilyName
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
Sections
.text Size: 58KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mbussdapi/netprovfw.dll.dll windows:10 windows x64 arch:x64
ecb10cf3606157d3cfdfefe5dcf03fc8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
netprovfw.pdb
Imports
api-ms-win-core-crt-l1-1-0
_wcsicmp
__C_specific_handler
wcscspn
_vsnwprintf_s
_ltow_s
memcpy
memset
api-ms-win-core-crt-l2-1-0
_initterm_e
_initterm
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
DisableThreadLibraryCalls
GetModuleHandleExW
FreeLibraryAndExitThread
LoadLibraryExW
FreeLibrary
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegLoadKeyW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegQueryValueExW
RegDeleteTreeW
RegUnLoadKeyW
RegGetValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegGetValueA
api-ms-win-core-heap-l2-1-0
LocalAlloc
GlobalFree
LocalFree
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
api-ms-win-core-synch-l1-1-0
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
WaitForSingleObject
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlCompareMemory
RtlVirtualUnwind
api-ms-win-core-version-l1-1-0
GetFileVersionInfoExW
VerQueryValueW
GetFileVersionInfoSizeExW
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
TerminateProcess
OpenThreadToken
SetThreadStackGuarantee
GetCurrentThread
CreateThread
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-security-base-l1-1-0
CheckTokenMembership
ImpersonateSelf
RevertToSelf
GetTokenInformation
AdjustTokenPrivileges
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetLocalTime
GetTickCount
GetVersionExW
GetSystemTimeAsFileTime
GetWindowsDirectoryW
ntdll
RtlLengthSid
RtlNtStatusToDosError
RtlGetNtProductType
RtlFreeHeap
RtlImageNtHeader
RtlAllocateHeap
RtlAllocateAndInitializeSid
NtOpenThreadToken
NtClose
RtlFreeSid
RtlInitUnicodeString
api-ms-win-core-memory-l1-1-0
VirtualProtect
VirtualAlloc
VirtualQuery
api-ms-win-core-file-l1-1-0
SetFilePointer
GetFileAttributesW
ReadFile
GetFileSize
CreateFileW
CreateDirectoryW
FlushFileBuffers
WriteFile
api-ms-win-core-file-l2-1-0
MoveFileExW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
NetCaptureProvisioningPackage
NetCreateProvisioningPackage
NetRequestProvisioningPackageInstall
NetpAnalyzeProvisioningPackage
NetpCreateProvisioningPackage
NetpProvCheckOfflineLsaPolicyUpdate
NetpProvContinueProvisioningPackageInstall
NetpProvDomainJoinLicensingCheck
NetpProvFreeLdapLsaDomainInfo
NetpRequestProvisioningPackageInstall
NetpRequestProvisioningPackageInstallForIMC
NetpRequestProvisioningPackageInstallForOfflineServicing
Sections
.text Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 228B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mbussdapi/rdpcore.dll.dll windows:10 windows x64 arch:x64
93efba2fa14efe7e30314282d466bbe4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
RdpCore.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__purecall
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
_o__strnicmp
_o__wcsicmp
_o__wcsnicmp
memmove
_o__wfopen_s
_o_calloc
_o_fclose
_o_free
_o_fwrite
_o_isalpha
_o_log
_o_malloc
_o_memcpy_s
_o_pow
_o_qsort
_o_rand
_o_realloc
_o_sqrt
_o_strncpy_s
_o_wcscat_s
_o_wcscpy_s
_o_wcstombs
_o_wcstoul
__C_specific_handler
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__ftime64
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o__execute_onexit_table
_o__errno
_o__invalid_parameter_noinfo
__CxxFrameHandler4
_o__crt_atexit
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
wcsrchr
wcschr
__std_terminate
__CxxFrameHandler3
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_CxxThrowException
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
wcscmp
memset
wcsnlen
strnlen
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExA
GetProcAddress
GetModuleFileNameA
DisableThreadLibraryCalls
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
TlsGetValue
TlsFree
TlsSetValue
OpenThreadToken
TlsAlloc
GetCurrentThread
OpenProcessToken
TerminateProcess
CreateThread
ProcessIdToSessionId
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
api-ms-win-core-sysinfo-l1-1-0
GetVersionExW
GetSystemTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetTickCount
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
DebugBreak
OutputDebugStringW
api-ms-win-core-errorhandling-l1-1-0
SetErrorMode
UnhandledExceptionFilter
SetLastError
GetLastError
RaiseException
SetUnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-1
OpenProcess
IsProcessorFeaturePresent
rdpbase
PAL_System_SemaphoreAlloc
PAL_System_SemaphoreAcquire
PAL_System_SemaphoreRelease
PAL_System_HandleFree
RdpTiledSurface_CreateInstance
DrawBox
GridBA_CreateInstance
RDPENCHLP_TraceWindowInfo
RDPENCHLP_IsSessionActive
RDPAPI_GetLongCounter
RDPENCHLP_IsGreaterThanOrEqWin8
GetSupportedSSELevel_SSE
MemMoveReverseAligned_SSE
MemCopyAligned_SSE
RDPENCHLP_IsSessionRemote
TSAlloc
TSFree
PAL_System_CritSecLeave
PAL_System_CritSecEnter
PAL_System_CritSecInit
PAL_System_CritSecTerminate
TRC_TraceBufferW
?RdpPerfLoggerStaticTerminate@@YAXXZ
PAL_System_SwitchToThread
PAL_System_Sleep
PAL_System_ThreadGetId
PAL_System_GetNumberOfProcessors
PAL_System_AtomicIncrement
PAL_System_AtomicDecrement
RdpX_GetActivityIdPrefix
RDPENCHLP_GetInputDesktopName
TSCreateCoreEvents
RDPAPI_GetGenericCounter
RDPBASE_CreateInstance
RgnlibBA_CreateInstance
PAL_System_AtomicCompareAndExchange
rdpserverbase
RDPSERVERBASE_CreateInstance
?GetGraphicsSourceContext@RdpSurface@@QEAAJPEAPEAUIRdpGFXSourceUpdateContext@@@Z
?GetEncodingPixelMap@RdpSurface@@QEAAJPEAPEAVPixelMap@@@Z
?GetGfxPipeSettingBOOL@@YAJPEAGHPEAH@Z
CCompressedUpdateContext_CreateInstance
?GetTileNext@Tiler@@QEAAJPEAURdpRect@@@Z
?GetTileFirst@Tiler@@QEAAJPEBURdpRect@@PEAU2@@Z
CUpdateContext_CreateInstance
?GetGfxPipeSettingUINT@@YAJPEAGIPEAI@Z
?Initialize@Tiler@@QEAAJPEBURdpRect@@0@Z
d3d11
D3D11CreateDevice
dxgi
CreateDXGIFactory1
msacm32
acmDriverOpen
acmDriverEnum
acmStreamClose
acmDriverClose
acmStreamSize
acmStreamOpen
acmFormatTagDetailsW
acmStreamConvert
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamPrepareHeader
avrt
AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
oleaut32
SysAllocString
VariantClear
SysFreeString
VariantInit
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
LoadLibraryA
api-ms-win-security-base-l1-1-0
SetTokenInformation
GetTokenInformation
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-synch-l1-1-0
CreateMutexExW
OpenEventW
WaitForMultipleObjectsEx
CreateSemaphoreExW
ResetEvent
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
OpenSemaphoreW
AcquireSRWLockShared
SetWaitableTimer
CreateWaitableTimerExW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
SetEvent
CreateEventW
ReleaseSemaphore
ReleaseMutex
ReleaseSRWLockShared
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
api-ms-win-core-synch-l1-2-0
SleepConditionVariableCS
InitializeConditionVariable
InitOnceExecuteOnce
Sleep
WakeAllConditionVariable
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
api-ms-win-core-file-l1-1-0
ReadFile
CreateDirectoryW
DeleteFileW
GetTempFileNameW
WriteFile
FindClose
SetFilePointerEx
FindFirstFileW
FindNextFileW
CreateFileW
GetFileInformationByHandle
GetFileAttributesW
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
api-ms-win-core-winrt-l1-1-0
RoActivateInstance
RoGetActivationFactory
api-ms-win-core-winrt-string-l1-1-0
WindowsDeleteString
WindowsCreateStringReference
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapFree
GetProcessHeap
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-kernel32-legacy-l1-1-0
PulseEvent
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpW
api-ms-win-ntuser-rectangle-l1-1-0
CopyRect
IsRectEmpty
UnionRect
SetRect
SetRectEmpty
OffsetRect
PtInRect
IntersectRect
InflateRect
EqualRect
api-ms-win-ntuser-sysparams-l1-1-0
EnumDisplayMonitors
EnumDisplayDevicesW
GetSystemMetrics
GetMonitorInfoW
EnumDisplaySettingsW
EnumDisplaySettingsExW
SystemParametersInfoW
api-ms-win-core-heap-l2-1-0
GlobalFree
GlobalAlloc
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-psapi-l1-1-0
K32GetModuleFileNameExW
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-atoms-l1-1-0
GlobalDeleteAtom
GlobalAddAtomW
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
GlobalLock
GlobalSize
api-ms-win-rtcore-ole32-clipboard-l1-1-0
OleIsCurrentClipboard
OleSetClipboard
OleGetClipboard
api-ms-win-core-localization-l1-2-0
GetCPInfo
IsDBCSLeadByte
FormatMessageW
api-ms-win-core-path-l1-1-0
PathCchCanonicalize
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-stringansi-l1-1-0
CharNextA
CharPrevA
api-ms-win-crt-math-l1-1-0
sqrtf
Exports
Exports
RDPAPI_CreateInstance
Sections
.text Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
mbussdapi/srmclient.dll.dll windows:10 windows x64 arch:x64
f40e5737916817fcaecff52fce9aac45
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
srmclient.pdb
Imports
msvcrt
_itow_s
_wtoi
_wcsicmp
_vsnwprintf
swscanf
wcschr
_wcsnicmp
wcstol
_wcstoui64
iswspace
_ui64tow_s
wcscspn
iswalpha
_wtoi64
memcmp
memcpy
memmove
towlower
wcsrchr
wcsncmp
_snwscanf_s
_vsnprintf
memset
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
iswdigit
_i64tow_s
_wtol
wcstoul
__CxxFrameHandler3
wcsstr
_callnewh
malloc
free
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_purecall
realloc
__C_specific_handler
_errno
wcscmp
atl
ord21
ord16
ord15
ord32
ord58
ord30
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
WinSqmSetDWORD
WinSqmIsOptedIn
RtlInitializeSid
RtlInitUnicodeString
RtlNtStatusToDosError
NtCreateFile
RtlDosPathNameToRelativeNtPathName_U
RtlAcquireResourceExclusive
RtlInitializeResource
RtlReleaseResource
RtlAcquireResourceShared
RtlDeleteResource
NtOpenFile
RtlFreeHeap
NtQueryInformationFile
RtlSetLastWin32ErrorAndNtStatusFromNtStatus
RtlCreateSystemVolumeInformationFolder
RtlCompareMemory
RtlDosPathNameToNtPathName_U
RtlFreeUnicodeString
ole32
CoGetInterfaceAndReleaseStream
CoUninitialize
CoInitializeEx
CoTaskMemRealloc
CLSIDFromString
CoCreateGuid
StringFromGUID2
GetHGlobalFromStream
CoCreateInstanceEx
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal
CoImpersonateClient
CoSetProxyBlanket
CoRevertToSelf
oleaut32
SysFreeString
VariantClear
SysAllocString
VariantCopy
VariantTimeToSystemTime
SafeArrayGetVartype
SafeArrayGetLBound
SafeArrayGetElement
SysStringLen
VariantInit
SafeArrayCreateVector
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCopy
VariantChangeType
GetErrorInfo
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
SysAllocStringLen
SafeArrayGetUBound
kernel32
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLastError
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
Sleep
GetComputerNameW
GetFileSize
CloseHandle
CreateFileW
SetEndOfFile
WriteFile
ReadFile
VirtualQuery
DeleteCriticalSection
GetSystemInfo
ReOpenFile
GetVolumePathNamesForVolumeNameW
GetFileInformationByHandle
GetVolumeNameForVolumeMountPointW
SetFileTime
MoveFileW
GetFileType
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
OutputDebugStringW
GetCommandLineW
FreeLibrary
GetDriveTypeW
FlushFileBuffers
GetFileTime
GetOverlappedResult
SetThreadpoolWait
DeleteFileW
CreateThreadpoolWait
GetCurrentThread
SetFileInformationByHandle
WaitForThreadpoolWaitCallbacks
CreateEventW
SetFileAttributesW
CloseThreadpoolWait
OpenProcess
DuplicateHandle
LocalAlloc
WaitForSingleObject
SetThreadPriority
WaitForMultipleObjects
DeviceIoControl
GetFileSizeEx
GetFileInformationByHandleEx
FindNextVolumeMountPointW
FindVolumeMountPointClose
FindFirstVolumeMountPointW
InitializeCriticalSectionAndSpinCount
GetVolumePathNameW
GetVolumeInformationW
FormatMessageW
GlobalUnlock
GlobalLock
GetDateFormatW
GetTimeFormatW
CheckRemoteDebuggerPresent
DebugBreak
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadLibraryExW
SystemTimeToFileTime
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CompareFileTime
GetSystemTime
LocalFree
CreateThread
GetFileAttributesW
CreateDirectoryW
VirtualProtect
PrivCopyFileExW
DisableThreadLibraryCalls
InitializeCriticalSection
LeaveCriticalSection
VirtualAlloc
ExpandEnvironmentStringsW
EnterCriticalSection
advapi32
LookupAccountSidW
RegisterEventSourceW
ReportEventW
RegCloseKey
SetSecurityInfo
ConvertSidToStringSidW
GetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenThreadToken
RegOpenKeyExW
SetThreadToken
OpenProcessToken
DeregisterEventSource
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
api-ms-win-security-base-l1-1-0
InitializeAcl
GetTokenInformation
MapGenericMask
GetLengthSid
GetAclInformation
GetAce
AllocateAndInitializeSid
CreateWellKnownSid
CopySid
FreeSid
CheckTokenMembership
api-ms-win-security-base-l1-2-0
AddResourceAttributeAce
user32
LoadStringW
shlwapi
ord12
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
rpcrt4
I_RpcBindingInqLocalClientPID
authz
AuthzReportSecurityEventFromParams
vssapi
CreateVssBackupComponentsInternal
VssFreeSnapshotPropertiesInternal
netapi32
NetGetJoinInformation
NetApiBufferFree
DsGetDcNameW
clusapi
OpenCluster
ClusterRegCreateKey
ClusterRegDeleteKey
CloseCluster
ClusterRegEnumKey
GetNodeClusterState
GetClusterKey
ClusterRegQueryValue
ClusterRegCloseKey
ClusterRegSetValue
ClusterRegOpenKey
xmllite
CreateXmlReader
CreateXmlWriterOutputWithEncodingName
CreateXmlWriter
activeds
ord3
mpr
WNetGetUniversalNameW
srmtrace
ord6
ord1
ord10
ord5
ord11
ord9
ord7
ord8
ord3
Exports
Exports
DllCanUnloadNow
DllGetClassObject
Sections
.text Size: 857KB - Virtual size: 857KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 417KB - Virtual size: 417KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
rasman/EnterpriseAppMgmtSvc.dll.dll windows:10 windows x64 arch:x64
402696d88e9577a33f3bd7bd5d63a0c5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
EnterpriseAppMgmtSvc.pdb
Imports
msvcrt
toupper
_wtol
_errno
_wtoi64
wcstok_s
wcstoul
_wtoi
towupper
memmove_s
wcsrchr
swprintf_s
realloc
_wsplitpath_s
_wcsicmp
_wcsnicmp
_purecall
wcschr
swscanf_s
wcscmp
_vscwprintf
wcsncmp
wcsncpy_s
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
wcscpy_s
memcmp
memset
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_XcptFilter
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
memmove
__CxxFrameHandler3
??3@YAXPEAX@Z
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
LoadLibraryExW
GetProcAddress
DisableThreadLibraryCalls
GetModuleHandleW
LoadLibraryExA
GetModuleHandleExW
GetModuleFileNameA
api-ms-win-core-heap-l1-1-0
HeapAlloc
GetProcessHeap
HeapFree
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
OpenProcessToken
GetCurrentThread
OpenThreadToken
api-ms-win-core-com-l1-1-0
CoRevokeClassObject
CoInitializeEx
CoUninitialize
StringFromCLSID
CoGetApartmentType
CoSetProxyBlanket
StringFromGUID2
CoTaskMemAlloc
CoRegisterClassObject
CoTaskMemFree
CoCreateInstance
CoDisconnectContext
CoImpersonateClient
CoResumeClassObjects
CoCreateGuid
CLSIDFromString
CoRevertToSelf
CreateStreamOnHGlobal
api-ms-win-core-localization-l1-2-0
FormatMessageW
oleaut32
GetErrorInfo
SysFreeString
SysStringByteLen
VarBstrCat
VariantInit
SysAllocStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen
VariantClear
api-ms-win-core-errorhandling-l1-1-0
RaiseException
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventRegister
EventProviderEnabled
EventSetInformation
EventWriteTransfer
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
rpcrt4
UuidFromStringW
I_RpcBindingInqLocalClientPID
RpcServerInqCallAttributesW
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceComplete
InitOnceBeginInitialize
api-ms-win-security-base-l1-1-0
DuplicateTokenEx
AllocateAndInitializeSid
GetTokenInformation
IsWellKnownSid
CopySid
AdjustTokenPrivileges
GetLengthSid
FreeSid
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-core-threadpool-l1-2-0
SetThreadpoolTimer
CreateThreadpoolTimer
CreateThreadpoolCleanupGroup
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CloseThreadpool
SetThreadpoolThreadMaximum
CloseThreadpoolCleanupGroupMembers
SubmitThreadpoolWork
CreateThreadpool
CloseThreadpoolCleanupGroup
CreateThreadpoolWork
CloseThreadpoolWork
api-ms-win-eventing-classicprovider-l1-1-0
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
api-ms-win-core-synch-l1-1-0
AcquireSRWLockShared
CreateEventW
CreateSemaphoreExW
ReleaseSemaphore
SetEvent
InitializeCriticalSectionEx
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSRWLockExclusive
CreateMutexExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
InitializeSRWLock
api-ms-win-service-core-l1-1-0
SetServiceStatus
RegisterServiceCtrlHandlerExW
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
GetSystemInfo
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
ntdll
RtlFreeHeap
RtlAllocateHeap
RtlNtStatusToDosError
NtSetInformationFile
RtlInitUnicodeString
RtlCompareUnicodeString
RtlConvertSidToUnicodeString
RtlFreeUnicodeString
RtlLookupElementGenericTableAvl
RtlInsertElementGenericTableAvl
RtlInitializeGenericTableAvl
RtlEnumerateGenericTableWithoutSplayingAvl
RtlDeleteElementGenericTableAvl
NtAccessCheck
RtlRandomEx
RtlIsStateSeparationEnabled
RtlReleaseSRWLockShared
RtlAcquireSRWLockShared
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
WinSqmIncrementDWORD
WinSqmAddToStreamEx
WinSqmStartSession
WinSqmEndSession
combase
ord67
ord66
ord68
ord69
ord167
dsclient
DSFreeString
DSCreateSharedFileToken
DSCopyFromSharedFile
api-ms-win-downlevel-shlwapi-l1-1-0
PathCreateFromUrlW
api-ms-win-appmodel-unlock-l1-1-0
IsSideloadingEnabled
ext-ms-win-shell32-shellfolders-l1-1-0
SHGetKnownFolderPath
api-ms-win-core-file-l1-1-0
GetFileAttributesW
SetFileAttributesW
GetFileInformationByHandle
RemoveDirectoryW
SetFileInformationByHandle
GetLongPathNameW
GetFinalPathNameByHandleW
GetFullPathNameW
ReadFile
CreateFileW
FindNextFileW
CreateDirectoryW
DeleteFileW
GetFileSize
FindFirstFileW
CompareFileTime
SetFilePointer
FindClose
api-ms-win-core-path-l1-1-0
PathCchCombine
PathAllocCombine
PathAllocCanonicalize
crypt32
CertGetCertificateChain
CertAddEncodedCertificateToStore
CertFreeCertificateContext
CertNameToStrW
CertCloseStore
CertOpenStore
CryptImportPublicKeyInfoEx2
CertGetNameStringW
CryptMsgGetParam
CryptQueryObject
CertCreateCertificateContext
CertFreeCertificateChain
CertFreeCTLContext
CryptMsgClose
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
RoInitialize
RoUninitialize
RoActivateInstance
api-ms-win-core-file-l2-1-2
CopyFileW
api-ms-win-core-string-l2-1-1
SHLoadIndirectString
api-ms-win-core-file-l2-1-0
CopyFileExW
CreateHardLinkW
GetFileInformationByHandleEx
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegOpenCurrentUser
RegDeleteTreeW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyExW
RegGetValueW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
api-ms-win-core-winrt-error-l1-1-0
SetRestrictedErrorInfo
RoTransformError
RoOriginateError
api-ms-win-core-file-l1-2-0
GetTempPathW
api-ms-win-core-winrt-error-l1-1-1
RoGetMatchingRestrictedErrorInfo
api-ms-win-security-provider-l1-1-0
SetEntriesInAclW
SetNamedSecurityInfoW
winhttp
WinHttpCrackUrl
api-ms-win-core-url-l1-1-0
UrlUnescapeW
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
WideCharToMultiByte
CompareStringW
api-ms-win-core-shlwapi-legacy-l1-1-0
PathFindExtensionW
xmllite
CreateXmlReaderInputWithEncodingName
CreateXmlReader
bcrypt
BCryptCreateHash
BCryptDestroyHash
BCryptFinishHash
BCryptDestroyKey
BCryptHashData
api-ms-win-core-processenvironment-l1-1-0
GetCurrentDirectoryW
GetEnvironmentVariableW
api-ms-win-stateseparation-helpers-l1-1-0
GetPersistedRegistryLocationW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyW
urlmon
CreateUri
api-ms-win-core-sysinfo-l1-2-0
GetNativeSystemInfo
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-memory-l1-1-0
VirtualProtect
VirtualQuery
cryptxml
CryptXmlVerifySignature
CryptXmlGetDocContext
CryptXmlGetSignature
CryptXmlGetStatus
CryptXmlOpenToDecode
CryptXmlClose
CryptXmlGetReference
omadmapi
ord78
api-ms-win-downlevel-shlwapi-l2-1-0
SHCreateStreamOnFileW
api-ms-win-appmodel-runtime-l1-1-0
PackageFamilyNameFromFullName
api-ms-win-appmodel-runtime-internal-l1-1-2
ProductIdFromPackageFamilyName
api-ms-win-core-registry-l1-1-1
RegSetKeyValueW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 414KB - Virtual size: 413KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 376B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
rasman/authfwcfg.dll.dll windows:10 windows x64 arch:x64
698eda7c7b72c637420872a2e143b13d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
authfwcfg.pdb
Imports
msvcrt
wcscpy_s
_wcsicmp
_purecall
??3@YAXPEAX@Z
_vsnwprintf
wcstok_s
?what@exception@@UEBAPEBDXZ
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
memcmp
isdigit
isalnum
memset
abort
_wsetlocale
__crtLCMapStringW
_wcsdup
memchr
tolower
isspace
__uncaught_exception
_unlock
_lock
setlocale
calloc
__pctype_func
_ismbblead
___lc_codepage_func
___lc_handle_func
_errno
___mb_cur_max_func
memmove
memcpy
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
localeconv
ldexp
_wcsnicmp
??_V@YAXPEAX@Z
_itow_s
iswdigit
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
free
malloc
_vsnprintf
__CxxFrameHandler3
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
UnregisterTraceGuids
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
LoadStringW
bcrypt
BCryptGetFipsAlgorithmMode
api-ms-win-core-com-l1-1-0
CoUninitialize
CoCreateInstance
CoInitializeEx
CoCreateGuid
StringFromGUID2
oleaut32
VariantInit
VariantClear
SysAllocString
SysFreeString
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
GetStringTypeW
api-ms-win-core-datetime-l1-1-0
GetTimeFormatW
GetDateFormatW
api-ms-win-core-sysinfo-l1-1-0
GetVersionExW
GetComputerNameExW
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-security-base-l1-1-0
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
ntdll
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
RtlIpv4AddressToStringW
RtlIpv6AddressToStringW
WinSqmAddToStream
ws2_32
htonl
api-ms-win-core-synch-l1-1-0
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
netsh.exe
RegisterContext
RegisterHelper
PrintMessageFromModule
PrintError
PrintMessage
MatchTagsInCmdLine
MatchToken
fwpolicyiomgr
FwCopyPortsContents
firewallapi
FWSetFirewallRule
FWRestoreGPODefaults
FWRestoreDefaults
FWExportPolicy
FWImportPolicy
FWClosePolicyStore
FwBstrToPorts
FWFreeFirewallRule
FWFreeConnectionSecurityRule
FWEnumPhase2SAs
FWEnumPhase1SAs
FWFreeAuthenticationSets
FWCopyAuthenticationSet
FWEnumAuthenticationSets
FWFreeCryptoSets
FWCopyCryptoSet
FWFreeConnectionSecurityRules
FWCopyConnectionSecurityRule
FWEnumConnectionSecurityRules
FWFreeFirewallRules
FWCopyFirewallRule
FWEnumFirewallRules
FWGetGlobalConfig
FWOpenPolicyStore
FWStatusMessageFromStatusCode
FWDeletePhase2SAs
FWDeletePhase1SAs
FWFreePhase2SAs
FWFreePhase1SAs
FWDeleteFirewallRule
FWAddFirewallRule
FWVerifyFirewallRule
FWEnumMainModeRules
FWSetMainModeRule
FWDeleteMainModeRule
FWFreeMainModeRules
FWAddMainModeRule
FWVerifyMainModeRule
FwGetAddressesAsString
FWSetCryptoSet
FwCopyWFAddressesContents
FWSetConnectionSecurityRule
FWEnumCryptoSets
FWDeleteCryptoSet
FWDeleteAuthenticationSet
FWDeleteConnectionSecurityRule
FWAddConnectionSecurityRule
FWAddAuthenticationSet
FWAddCryptoSet
FWFreeAuthenticationSet
FwFreeAddresses
FWVerifyConnectionSecurityRule
FWVerifyAuthenticationSet
FwStringToAddresses
FWFreeProducts
FWEnumProducts
FwIsRemoteManagementEnabled
FWGetConfig
FWFreeCryptoSet
FWVerifyCryptoSet
FWSetGlobalConfig
FWSetConfig
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
GetResourceString
InitHelperDll
Sections
.text Size: 466KB - Virtual size: 466KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
rasman/avifil32.dll.dll windows:10 windows x64 arch:x64
07cf3d19b6c6c3014fd51640b41028d5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
avifil32.pdb
Imports
msvcrt
memcpy
memmove
memcmp
mbstowcs
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
free
_callnewh
malloc
_purecall
atoi
_vsnwprintf
memset
msvfw32
ICOpen
ICLocate
ICGetInfo
ICCompressorFree
ICClose
ICCompressorChoose
ICDecompress
ICCompress
ICGetDisplayFormat
ICSendMessage
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
GlobalLock
GlobalHandle
GlobalReAlloc
GlobalSize
api-ms-win-core-string-obsolete-l1-1-0
lstrlenW
lstrlenA
lstrcmpW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
GlobalFree
GlobalAlloc
api-ms-win-core-largeinteger-l1-1-0
MulDiv
api-ms-win-core-libraryloader-l1-2-0
LoadStringW
DisableThreadLibraryCalls
api-ms-win-core-com-l1-1-0
CoGetMalloc
CoCreateInstance
CoGetMarshalSizeMax
CoMarshalInterface
CoUnmarshalInterface
CreateStreamOnHGlobal
api-ms-win-core-errorhandling-l1-1-0
GetLastError
UnhandledExceptionFilter
SetErrorMode
SetUnhandledExceptionFilter
api-ms-win-core-string-l2-1-0
CharPrevW
api-ms-win-core-registry-l1-1-0
RegQueryValueExA
RegCloseKey
api-ms-win-core-registry-l2-1-0
RegOpenKeyA
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
api-ms-win-core-synch-l1-1-0
ResetEvent
EnterCriticalSection
LeaveCriticalSection
CreateEventW
DeleteCriticalSection
InitializeCriticalSection
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
api-ms-win-core-file-l1-1-0
CreateFileW
ReadFile
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
GetFileSize
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-io-l1-1-0
GetOverlappedResult
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
gdi32
CreatePalette
CreateHalftonePalette
msacm32
acmStreamPrepareHeader
acmStreamSize
acmFormatSuggest
acmStreamOpen
acmStreamConvert
acmFormatDetailsW
acmFormatChooseW
acmFormatTagDetailsW
acmGetVersion
acmStreamClose
acmMetrics
acmStreamUnprepareHeader
ole32
OleInitialize
OleSetClipboard
OleUninitialize
ReleaseStgMedium
OleGetClipboard
OleFlushClipboard
user32
SetDlgItemTextW
MessageBeep
IsDlgButtonChecked
EndDialog
SendMessageW
MessageBoxW
ReleaseDC
TranslateMessage
PeekMessageW
DispatchMessageW
GetDC
GetDlgItemInt
DestroyWindow
SetRect
SetRectEmpty
GetDlgItem
CheckDlgButton
SetDlgItemInt
DialogBoxParamW
EnableWindow
IsRectEmpty
SendDlgItemMessageW
winmm
mmioWrite
mmioSeek
mmioClose
mmioRead
mmioOpenW
Exports
Exports
AVIBuildFilter
AVIBuildFilterA
AVIBuildFilterW
AVIClearClipboard
AVIFileAddRef
AVIFileCreateStream
AVIFileCreateStreamA
AVIFileCreateStreamW
AVIFileEndRecord
AVIFileExit
AVIFileGetStream
AVIFileInfo
AVIFileInfoA
AVIFileInfoW
AVIFileInit
AVIFileOpen
AVIFileOpenA
AVIFileOpenW
AVIFileReadData
AVIFileRelease
AVIFileWriteData
AVIGetFromClipboard
AVIMakeCompressedStream
AVIMakeFileFromStreams
AVIMakeStreamFromClipboard
AVIPutFileOnClipboard
AVISave
AVISaveA
AVISaveOptions
AVISaveOptionsFree
AVISaveV
AVISaveVA
AVISaveVW
AVISaveW
AVIStreamAddRef
AVIStreamBeginStreaming
AVIStreamCreate
AVIStreamEndStreaming
AVIStreamFindSample
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamInfo
AVIStreamInfoA
AVIStreamInfoW
AVIStreamLength
AVIStreamOpenFromFile
AVIStreamOpenFromFileA
AVIStreamOpenFromFileW
AVIStreamRead
AVIStreamReadData
AVIStreamReadFormat
AVIStreamRelease
AVIStreamSampleToTime
AVIStreamSetFormat
AVIStreamStart
AVIStreamTimeToSample
AVIStreamWrite
AVIStreamWriteData
CreateEditableStream
DllCanUnloadNow
DllGetClassObject
EditStreamClone
EditStreamCopy
EditStreamCut
EditStreamPaste
EditStreamSetInfo
EditStreamSetInfoA
EditStreamSetInfoW
EditStreamSetName
EditStreamSetNameA
EditStreamSetNameW
IID_IAVIEditStream
IID_IAVIFile
IID_IAVIStream
IID_IGetFrame
Sections
.text Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
rasman/energy.dll.dll windows:10 windows x64 arch:x64
5a6c1bb2d4cdfc861b6d3485be83e4ca
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
energy.pdb
Imports
msvcrt
__dllonexit
_unlock
_lock
__C_specific_handler
_errno
_initterm
_amsg_exit
wcsnlen
floor
??1type_info@@UEAA@XZ
setlocale
__crtLCMapStringW
memmove
_XcptFilter
__uncaught_exception
__pctype_func
memcmp
_CxxThrowException
__CxxFrameHandler3
wcstoul
_wcsicmp
___lc_handle_func
___lc_codepage_func
swprintf_s
iswprint
malloc
??0exception@@QEAA@AEBQEBDH@Z
_wcsnicmp
_vsnwprintf
calloc
memcpy
_onexit
___mb_cur_max_func
_wcsdup
_ismbblead
memset
abort
sprintf_s
free
?terminate@@YAXXZ
localeconv
__doserrno
_wfopen_s
fclose
fwprintf_s
toupper
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_purecall
strcspn
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
_wsetlocale
wcscmp
api-ms-win-core-processtopology-obsolete-l1-1-0
GetActiveProcessorCount
api-ms-win-ole32-ie-l1-1-0
CoInitialize
api-ms-win-core-kernel32-legacy-l1-1-0
GetSystemPowerStatus
ntdll
RtlLookupFunctionEntry
RtlCaptureContext
RtlCopySid
RtlVirtualUnwind
NtQueryWnfStateData
NtPowerInformation
RtlAdjustPrivilege
RtlNtStatusToDosError
RtlGetPersistedStateLocation
RtlLengthSid
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventProviderEnabled
EventWriteTransfer
EventSetInformation
EventWrite
EventUnregister
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-synch-l1-1-0
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
CreateEventW
WaitForSingleObject
DeleteCriticalSection
api-ms-win-core-file-l1-1-0
FileTimeToLocalFileTime
FindClose
FindNextFileW
CompareFileTime
FindFirstFileW
CreateFileW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree
api-ms-win-core-registry-l1-1-0
RegCreateKeyExW
RegGetValueW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetTickCount
GetVersionExW
GetComputerNameExW
GetSystemTimeAsFileTime
rpcrt4
UuidCreate
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
GetProcAddress
LoadStringW
DisableThreadLibraryCalls
LoadLibraryExW
FreeLibrary
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapCreate
HeapFree
HeapDestroy
GetProcessHeap
api-ms-win-eventing-consumer-l1-1-0
ProcessTrace
CloseTrace
OpenTraceW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
api-ms-win-core-path-l1-1-0
PathCchRemoveBackslash
PathCchAppend
api-ms-win-power-setting-l1-1-0
PowerGetActiveScheme
api-ms-win-security-lsalookup-l2-1-0
LookupAccountSidW
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-eventing-controller-l1-1-0
ControlTraceW
EnableTraceEx2
TraceSetInformation
StartTraceW
api-ms-win-core-synch-l1-2-0
SleepConditionVariableSRW
Sleep
WakeAllConditionVariable
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-eventing-tdh-l1-1-0
TdhUnloadManifest
TdhGetProperty
TdhGetEventInformation
TdhGetPropertySize
powrprof
PowerReadACValueIndex
PowerReadDCValueIndex
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
oleaut32
SysAllocString
VariantClear
GetErrorInfo
SysFreeString
Exports
Exports
EnergyWizard_Analyze
EnergyWizard_CancelTrace
EnergyWizard_CollectTrace
EnergyWizard_CreateEnergyWizard
EnergyWizard_DefaultTraceDuration
EnergyWizard_DestroyEnergyWizard
EnergyWizard_GetLogEntryCounts
EnergyWizard_SaveReport
EnergyWizard_SqmAnalysis
EnergyWizard_TransformReport
SaveBatteryReport
SaveSleepStudyReport
SaveSystemSleepDiagnosticsReport
SendScreenOnTelemetry
TransformBatteryReport
TransformSleepStudyReport
TransformSystemSleepDiagnosticsReport
Sections
.text Size: 449KB - Virtual size: 449KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
rasman/rasman.dll.dll windows:10 windows x64 arch:x64
4f573a1390f1b967aeba48945ce76e33
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
rasman.pdb
Imports
msvcrt
memset
malloc
_amsg_exit
memmove
_XcptFilter
memcpy_s
__C_specific_handler
_initterm
strstr
free
_wcsicmp
_strlwr
memcpy
_vsnwprintf
_strdup
strcmp
ntdll
NtQueryInformationToken
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-synch-l1-1-0
WaitForSingleObjectEx
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateEventA
LeaveCriticalSection
SetEvent
WaitForSingleObject
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
GetCurrentProcess
CreateThread
OpenProcessToken
GetCurrentThreadId
GetCurrentProcessId
OpenThreadToken
TerminateProcess
api-ms-win-core-libraryloader-l1-2-0
FreeLibraryAndExitThread
GetProcAddress
GetModuleHandleExW
FreeLibrary
DisableThreadLibraryCalls
GetModuleHandleExA
LoadLibraryExA
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
UnregisterTraceGuids
GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags
api-ms-win-core-heap-l2-1-0
GlobalAlloc
LocalAlloc
GlobalFree
LocalFree
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineA
ExpandEnvironmentStringsW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetVersionExW
GetTickCount
api-ms-win-core-kernel32-legacy-l1-1-0
GetComputerNameW
api-ms-win-core-string-l1-1-0
CompareStringW
api-ms-win-core-sysinfo-l1-2-0
GetProductInfo
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-psapi-ansi-l1-1-0
K32GetModuleBaseNameA
api-ms-win-core-string-obsolete-l1-1-0
lstrlenW
Exports
Exports
IsRasmanProcess
RasActivateRoute
RasActivateRouteEx
RasActivateRouteEx2
RasAddConnectionPort
RasAddNotification
RasAddNotificationEx
RasAllocInterfaceLuidIndex
RasAllocateRoute
RasApplyPostConnectActions
RasBundleClearStatistics
RasBundleClearStatisticsEx
RasBundleGetPort
RasBundleGetStatistics
RasBundleGetStatisticsEx
RasClearPortUserData
RasCompressionGetInfo
RasCompressionSetInfo
RasConnectionEnum
RasConnectionGetStatistics
RasCreateConnection
RasDeAllocateRoute
RasDeleteIkev2PskPolicy
RasDestroyConnection
RasDeviceConnect
RasDeviceEnum
RasDeviceGetInfo
RasDeviceSetInfo
RasDeviceSetInfoSafe
RasDoIke
RasEnableIpSec
RasEnumConnectionPorts
RasEnumLanNets
RasFindPrerequisiteEntry
RasFreeBuffer
RasFreeInterfaceLuidIndex
RasGetAutoTriggerData
RasGetBuffer
RasGetCalledIdInfo
RasGetConnectInfo
RasGetConnectionParams
RasGetConnectionUserData
RasGetCustomScriptDll
RasGetDevConfig
RasGetDevConfigEx
RasGetDeviceConfigInfo
RasGetDeviceName
RasGetDeviceNameW
RasGetDialMachineEventContext
RasGetDialParams
RasGetEapUIData
RasGetEapUserInfo
RasGetFramingCapabilities
RasGetHConnFromEntry
RasGetHportFromConnection
RasGetInfo
RasGetInfoEx
RasGetKey
RasGetNdiswanDriverCaps
RasGetNotificationEntry
RasGetNumPortOpen
RasGetPortDialParams
RasGetPortUserData
RasGetProtocolInfo
RasGetTimeSinceLastActivity
RasGetTriggerAuthData
RasGetUnicodeDeviceName
RasGetUserCredentials
RasInitialize
RasInitializeNoWait
RasIsPulseDial
RasIsTrustedCustomDll
RasLinkGetStatistics
RasNQMEnterNotify
RasPlumbIkev2PskPolicy
RasPortBundle
RasPortCancelReceive
RasPortClearStatistics
RasPortClose
RasPortConnectComplete
RasPortDisconnect
RasPortEnum
RasPortEnumProtocols
RasPortFree
RasPortGetBundle
RasPortGetBundledPort
RasPortGetFramingEx
RasPortGetInfo
RasPortGetProtocolCompression
RasPortGetStatistics
RasPortGetStatisticsEx
RasPortListen
RasPortOpen
RasPortOpenEx
RasPortReceive
RasPortReceiveEx
RasPortReserve
RasPortRetrieveUserData
RasPortSend
RasPortSetFraming
RasPortSetFramingEx
RasPortSetInfo
RasPortSetProtocolCompression
RasPortStoreUserData
RasProtocolCallback
RasProtocolChangePassword
RasProtocolEnum
RasProtocolGetInfo
RasProtocolRetry
RasProtocolStart
RasProtocolStarted
RasProtocolStop
RasProtocolUpdateConnection
RasRPCBind
RasRefConnection
RasReferenceCustomCount
RasReferenceRasman
RasRegisterPnPEvent
RasRegisterPnPHandler
RasRegisterRedialCallback
RasRemoveNotificationEx
RasRequestNotification
RasRpcConnect
RasRpcConnectServer
RasRpcDeleteEntry
RasRpcDeviceEnum
RasRpcDisconnect
RasRpcDisconnectServer
RasRpcEnumConnections
RasRpcGetCountryInfo
RasRpcGetDevConfig
RasRpcGetErrorString
RasRpcGetInstalledProtocols
RasRpcGetInstalledProtocolsEx
RasRpcGetSystemDirectory
RasRpcGetUserPreferences
RasRpcGetVersion
RasRpcPortEnum
RasRpcPortGetInfo
RasRpcRemoteGetSystemDirectory
RasRpcRemoteGetUserPreferences
RasRpcRemoteRasDeleteEntry
RasRpcRemoteSetUserPreferences
RasRpcSetUserPreferences
RasRpcUnloadDll
RasSecurityDialogGetInfo
RasSecurityDialogReceive
RasSecurityDialogSend
RasSendCreds
RasSendNotification
RasSendProtocolResultToRasman
RasServerPortClose
RasSetAddressDisable
RasSetAdvConnectionParams
RasSetCachedCredentials
RasSetCalledIdInfo
RasSetCommSettings
RasSetConnectionParams
RasSetConnectionUserData
RasSetDevConfig
RasSetDeviceConfigInfo
RasSetDialMachineEventHandle
RasSetDialParams
RasSetEapInfo
RasSetEapUIData
RasSetEapUserInfo
RasSetEncPassword
RasSetIPAddresses
RasSetKey
RasSetPortUserData
RasSetRouterUsage
RasSetTriggerAuthData
RasSetTunnelEndPoints
RasSetVpnClientConnectionType
RasSignalActionRequired
RasSignalMonitorThreadExit
RasSignalNewConnection
RasStartProtocolRenegotiation
RasStartRasAutoIfRequired
RasUpdateAutoTriggerRegKeys
RasUpdateAutoTriggerRegKeysEx
RasUpdateDefaultRouteSettings
RasUpdateQoSPolicies
RasVpnIkeGetNewTunnelId
RasVpnIkeGetPCscf
RasmanUninitialize
Sections
.text Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 336B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 376B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
x64__installer__v3.1.2.msi.msi