WSDApi.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
getfile.zip
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
getfile.zip
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
getfile.zip
-
Size
10.7MB
-
MD5
7298c4ec45422f533ad50ec0b67608fa
-
SHA1
12246427d70eb9456b7133bbd61811791e7dd0c8
-
SHA256
c7f48de54e1a8c78a78012f5b62d2ea755e6b5f400185c5f7edf6dfc679c2ae1
-
SHA512
ac9d900674357cfb0fc576cab2388f1afe7dc0a97ccf629d057270ae490370190fccea7bb1b5adbdaddcb88d07a12d55c89761e6f554202ba8258afca290f26e
-
SSDEEP
196608:R3Jvu4ouTsJg96OgIeiKcAA/PG7Tt9w2Hn2WscxwTFUnO3938zfBstzKn7XlT8VY:TjTsY6BIejZA3Ks2HnhyTJ3AfatzK7VZ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 7 IoCs
Checks for missing Authenticode signature.
resource unpack001/0VCartoonizer_Trial.exe unpack001/WSDApi.dll unpack001/WsmSvc.dll unpack001/wsecedit.dll unpack001/wsp_fs.dll unpack001/wsp_health.dll unpack001/wsp_sr.dll
Files
-
getfile.zip.zip
-
0VCartoonizer_Trial.exe.exe windows:6 windows x86 arch:x86
1aae8bf580c846f39c71c05898e57e88
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler
Sections
.text Size: 7.6MB - Virtual size: 7.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7.3MB - Virtual size: 7.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 677KB - Virtual size: 870KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 383KB - Virtual size: 382KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.symtab Size: 512B - Virtual size: 4B
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
WSDApi.dll.dll windows:10 windows x64 arch:x64
41cb8788b6b067087aa4e1fb215e80e8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
_callnewh
memset
iswdigit
_XcptFilter
memcpy
strcmp
_stricmp
_onexit
vfwprintf_s
fwprintf_s
_wfsopen
strncmp
memcmp
_wcserror
_get_errno
fclose
__dllonexit
wcstok_s
_strnicmp
_wtol
_amsg_exit
_initterm
_lock
memmove_s
free
_vsnprintf
time
tolower
__C_specific_handler
wcsstr
wcsncmp
towlower
_wcsdup
_purecall
_localtime64
_time64
_vsnwprintf
memcpy_s
_wcsnicmp
wcschr
malloc
_wcsicmp
_unlock
wcscmp
ntdll
EtwGetTraceLoggerHandle
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwTraceMessage
RtlIpv6StringToAddressExW
RtlIpv4StringToAddressExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwGetTraceEnableLevel
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
LoadLibraryExW
DisableThreadLibraryCalls
api-ms-win-core-threadpool-l1-2-0
StartThreadpoolIo
CloseThreadpoolWork
CreateThreadpoolIo
TrySubmitThreadpoolCallback
WaitForThreadpoolWorkCallbacks
CreateThreadpoolWork
SubmitThreadpoolWork
SetThreadpoolThreadMinimum
CloseThreadpoolWait
CreateThreadpoolTimer
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolIo
WaitForThreadpoolIoCallbacks
CancelThreadpoolIo
CloseThreadpool
CreateThreadpool
WaitForThreadpoolTimerCallbacks
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
SetThreadpoolThreadMaximum
CloseThreadpoolTimer
CreateThreadpoolCleanupGroup
SetThreadpoolTimer
WaitForThreadpoolWaitCallbacks
api-ms-win-core-synch-l1-1-0
ReleaseSemaphore
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseMutex
ReleaseSRWLockExclusive
ResetEvent
WaitForSingleObject
SetEvent
WaitForSingleObjectEx
OpenSemaphoreW
CreateEventW
CreateSemaphoreExW
CreateMutexExW
InitializeCriticalSection
InitializeSRWLock
CreateWaitableTimerExW
CancelWaitableTimer
SetWaitableTimer
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SleepEx
AcquireSRWLockExclusive
WaitForMultipleObjectsEx
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
GetTickCount64
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
OutputDebugStringW
DebugBreak
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-heap-l1-1-0
HeapAlloc
GetProcessHeap
HeapFree
rpcrt4
UuidCreate
UuidFromStringA
ws2_32
ntohs
bind
closesocket
shutdown
WSAStringToAddressW
htons
WSAIoctl
socket
setsockopt
GetAddrInfoW
FreeAddrInfoW
WSAAddressToStringW
WSAGetLastError
WSASocketW
WSASendTo
WSADuplicateSocketW
WSARecvFrom
WSACleanup
WSAStartup
getsockname
api-ms-win-eventing-provider-l1-1-0
EventActivityIdControl
EventRegister
EventSetInformation
EventWriteTransfer
EventUnregister
api-ms-win-core-synch-l1-2-0
InitOnceBeginInitialize
WakeAllConditionVariable
InitOnceComplete
Sleep
SleepConditionVariableSRW
api-ms-win-core-io-l1-1-0
CancelIoEx
api-ms-win-core-heap-l2-1-0
GlobalFree
api-ms-win-core-io-l1-1-1
CancelIo
api-ms-win-core-registry-l1-1-0
RegOpenKeyExA
RegCloseKey
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
iphlpapi
CancelMibChangeNotify2
GetBestRoute2
GetAdaptersAddresses
ConvertInterfaceGuidToLuid
NotifyUnicastIpAddressChange
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
QueueUserWorkItem
nsi
NsiGetParameter
api-ms-win-core-threadpool-private-l1-1-0
RegisterWaitForSingleObjectEx
webservices
WsWriteChars
WsWriteEndAttribute
WsSetWriterPosition
WsGetWriterPosition
WsMoveWriter
WsWriteStartElement
WsWriteBytes
WsWriteEndElement
WsMoveReader
WsWriteXmlnsAttribute
WsWriteEndStartElement
WsWriteValue
WsWriteCharsUtf8
WsWriteText
WsReadStartElement
WsEndWriterCanonicalization
WsSetOutputToBuffer
WsGetWriterProperty
WsFreeReader
WsCopyNode
WsGetReaderNode
WsSetOutput
WsCreateWriter
WsSetInputToBuffer
WsCreateReader
WsFreeHeap
WsStartWriterCanonicalization
WsCreateXmlBuffer
WsCreateHeap
WsFreeWriter
WsWriteStartAttribute
WsReadBytes
WsReadChars
WsEndReaderCanonicalization
WsStartReaderCanonicalization
WsReadEndAttribute
WsReadStartAttribute
WsFindAttribute
WsSkipNode
WsReadNode
WsSetInput
WsReadEndElement
WsReadToStartElement
firewallapi
FWGetConfig
FWQueryFirewallRules
IcfChangeNotificationDestroy
IsFirewallInCoExistanceMode
IcfChangeNotificationCreate
FWOpenPolicyStore
IcfAddrChangeNotificationCreate
FWFreeFirewallRules
FWClosePolicyStore
FWGetGlobalConfig
FWResetIndicatedTupleInUse
FWIndicateTupleInUse
api-ms-win-core-com-l1-1-0
CoInitializeEx
CoUninitialize
CoCreateInstance
CoWaitForMultipleHandles
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
WSDAddFirewallCheck
WSDAllocateLinkedMemory
WSDAttachLinkedMemory
WSDCancelNetworkChangeNotify
WSDCompareEndpoints
WSDCopyEndpoint
WSDCopyNameList
WSDCreateDeviceHost
WSDCreateDeviceHost2
WSDCreateDeviceHostAdvanced
WSDCreateDeviceProxy
WSDCreateDeviceProxy2
WSDCreateDeviceProxyAdvanced
WSDCreateDiscoveryProvider
WSDCreateDiscoveryProvider2
WSDCreateDiscoveryPublisher
WSDCreateDiscoveryPublisher2
WSDCreateHttpAddress
WSDCreateHttpMessageParameters
WSDCreateHttpTransport
WSDCreateMetadataAgent
WSDCreateOutboundAttachment
WSDCreateUdpAddress
WSDCreateUdpMessageParameters
WSDCreateUdpTransport
WSDDetachLinkedMemory
WSDFreeLinkedMemory
WSDGenerateFault
WSDGenerateFaultEx
WSDGenerateRandomDelay
WSDGetConfigurationOption
WSDNotifyNetworkChange
WSDProcessFault
WSDRemoveFirewallCheck
WSDSetConfigurationOption
WSDUriDecode
WSDUriEncode
WSDXMLAddChild
WSDXMLAddSibling
WSDXMLBuildAnyForSingleElement
WSDXMLCleanupElement
WSDXMLCompareNames
WSDXMLCreateContext
WSDXMLGetNameFromBuiltinNamespace
WSDXMLGetValueFromAny
Sections
.text Size: 572KB - Virtual size: 572KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 640B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WsmSvc.dll.dll windows:10 windows x64 arch:x64
93ded39c2ac2ef2a72a3742b2609a1e1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
WsmSvc.pdb
Imports
msvcrt
_unlock
_onexit
strcmp
memset
__CxxFrameHandler3
swscanf_s
_wcsrev
iswalnum
fwprintf
_lock
wcscpy_s
??1type_info@@UEAA@XZ
_i64tow_s
fclose
fopen_s
?terminate@@YAXXZ
__C_specific_handler
_initterm
malloc
free
strchr
ldiv
_amsg_exit
_XcptFilter
_CxxThrowException
_fpclass
_HUGE
wcstod
_scwprintf
wcsspn
rand
srand
_vsnwprintf
_itow_s
wcschr
swprintf_s
_wcsicmp
_ultow_s
wcstoul
memmove_s
memmove
wcscspn
wcspbrk
??0exception@@QEAA@AEBV0@@Z
wcsstr
wcsrchr
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@XZ
memcpy
memcmp
time
rand_s
__iob_func
isdigit
_vsnprintf
_scprintf
isspace
_strnicmp
_wtoi
_wtof
_atoi64
_wtoi64
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_vsnprintf_s
strncmp
_purecall
memcpy_s
wcsncmp
_wcsnicmp
iswxdigit
tolower
iswdigit
iswspace
__dllonexit
wcscmp
api-ms-win-core-errorhandling-l1-1-0
SetLastError
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
oleaut32
SysAllocString
SysStringLen
SysAllocStringLen
VarCmp
VariantClear
GetErrorInfo
VariantInit
SysFreeString
crypt32
CertAddEnhancedKeyUsageIdentifier
CertFreeCertificateContext
CryptBinaryToStringW
CertGetCertificateContextProperty
CertCreateSelfSignCertificate
CertStrToNameW
CertGetIntendedKeyUsage
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertCloseStore
CryptDecodeObjectEx
CertFindExtension
CryptStringToBinaryA
CertCreateCertificateContext
CertGetEnhancedKeyUsage
CryptAcquireCertificatePrivateKey
CertFindCertificateInStore
CryptStringToBinaryW
CertOpenStore
CertFreeCertificateChain
CertGetNameStringW
api-ms-win-security-base-l1-1-0
CreateWellKnownSid
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
IsValidSid
RevertToSelf
CopySid
GetLengthSid
AdjustTokenPrivileges
MakeSelfRelativeSD
ImpersonateSelf
SetSecurityDescriptorSacl
EqualSid
AddAccessAllowedAceEx
GetSecurityDescriptorDacl
SetSecurityDescriptorGroup
GetSecurityDescriptorLength
InitializeSecurityDescriptor
InitializeAcl
AccessCheckAndAuditAlarmW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetKernelObjectSecurity
GetTokenInformation
SetSecurityDescriptorDacl
SetKernelObjectSecurity
DuplicateTokenEx
IsWellKnownSid
GetAce
ImpersonateLoggedOnUser
MapGenericMask
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-threadpool-legacy-l1-1-0
CreateTimerQueueTimer
DeleteTimerQueueTimer
UnregisterWaitEx
QueueUserWorkItem
api-ms-win-core-heap-obsolete-l1-1-0
GlobalFree
LocalAlloc
LocalFree
api-ms-win-core-libraryloader-l1-1-0
GetModuleHandleW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetModuleFileNameA
DisableThreadLibraryCalls
GetModuleHandleExW
api-ms-win-core-registry-l1-1-0
RegEnumValueW
RegQueryValueExW
RegGetValueW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCopyTreeW
RegSetKeySecurity
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegDeleteKeyExW
RegDeleteTreeW
api-ms-win-eventing-classicprovider-l1-1-0
GetTraceLoggerHandle
TraceMessage
GetTraceEnableLevel
GetTraceEnableFlags
UnregisterTraceGuids
RegisterTraceGuidsW
api-ms-win-core-synch-l1-1-0
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ResetEvent
ReleaseSemaphore
ReleaseMutex
InitializeCriticalSectionAndSpinCount
CreateEventW
DeleteCriticalSection
WaitForSingleObjectEx
InitializeCriticalSectionEx
SetEvent
OpenSemaphoreW
WaitForMultipleObjectsEx
WaitForSingleObject
ReleaseSRWLockShared
LeaveCriticalSection
CreateMutexExW
EnterCriticalSection
OpenEventW
TryEnterCriticalSection
CreateSemaphoreExW
api-ms-win-core-kernel32-legacy-l1-1-0
UnregisterWait
RegisterWaitForSingleObject
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapSize
HeapReAlloc
GetProcessHeap
HeapDestroy
HeapFree
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
OpenThreadToken
ExitProcess
OpenProcessToken
GetCurrentProcessId
GetCurrentThreadId
CreateThread
GetCurrentProcess
SetThreadToken
OpenThread
TerminateProcess
api-ms-win-core-synch-l1-2-0
SleepConditionVariableSRW
Sleep
WakeAllConditionVariable
SleepConditionVariableCS
InitializeConditionVariable
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemDirectoryW
GetVersionExW
GetSystemDirectoryA
GetSystemInfo
GetComputerNameExW
GetLocalTime
GetTickCount
GetSystemTimeAsFileTime
GetTickCount64
GetSystemTime
miutils
RtlInterlockedCompareWait
RtlReleaseFastLockExclusive
RtlQueueAcquireFastLockShared
RtlTryAcquireFastLockExclusive
RtlQueueAcquireFastLockExclusive
RCClass_New
OSC_Batch_Strdup
Instance_New
Instance_InitDynamic
Instance_SetResourceURI
ClassCache_AddClass
OSC_Batch_Destroy
OSC_Batch_Get
MiErrorCategoryFromWindowsError
ClassCache_Delete
ClassCache_New
Instance_GetResourceURI
RtlTryAcquireFastLockShared
RtlReleaseFastLockShared
ClassCache_GetClass
RtlInterlockedWakeAll
api-ms-win-core-localization-l1-2-0
SetThreadUILanguage
GetThreadLocale
GetLocaleInfoW
GetThreadUILanguage
FindNLSString
SetThreadPreferredUILanguages
FormatMessageW
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolIoCallbacks
CloseThreadpoolIo
CloseThreadpoolCleanupGroupMembers
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
StartThreadpoolIo
CloseThreadpoolCleanupGroup
FreeLibraryWhenCallbackReturns
CreateThreadpoolWait
CreateThreadpoolCleanupGroup
CreateThreadpoolIo
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolTimer
CancelThreadpoolIo
CloseThreadpoolWork
CreateThreadpoolTimer
rpcrt4
UuidFromStringW
UuidCreate
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
api-ms-win-core-timezone-l1-1-0
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
dsrole
DsRoleGetPrimaryDomainInformation
DsRoleFreeMemory
api-ms-win-core-localization-obsolete-l1-1-0
EnumUILanguagesW
GetUserDefaultUILanguage
api-ms-win-eventing-provider-l1-1-0
EventActivityIdControl
api-ms-win-core-interlocked-l1-1-0
QueryDepthSList
InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead
InterlockedPopEntrySList
api-ms-win-core-processenvironment-l1-1-0
SetEnvironmentVariableW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
api-ms-win-security-lsapolicy-l1-1-0
LsaOpenPolicy
LsaQueryInformationPolicy
LsaRemoveAccountRights
LsaFreeMemory
LsaAddAccountRights
LsaClose
api-ms-win-core-file-l1-1-0
CreateFileW
CompareFileTime
LocalFileTimeToFileTime
GetFullPathNameW
ntdll
NtCompareTokens
RtlFreeSid
RtlAllocateAndInitializeSid
RtlCreateUnicodeStringFromAsciiz
RtlInitString
RtlFreeUnicodeString
RtlNtStatusToDosError
EtwEventRegister
EtwEventUnregister
EtwEventWrite
NtAllocateLocallyUniqueId
RtlInitUnicodeString
EtwEventWriteTransfer
EtwEventEnabled
EtwEventProviderEnabled
api-ms-win-core-sysinfo-l1-2-0
VerSetConditionMask
api-ms-win-security-credentials-l1-1-0
CredWriteW
CredReadW
CredDeleteW
CredFree
api-ms-win-core-job-l2-1-0
SetInformationJobObject
OpenJobObjectW
AssignProcessToJobObject
QueryInformationJobObject
CreateJobObjectW
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-psapi-l1-1-0
K32GetProcessMemoryInfo
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-downlevel-advapi32-l4-1-0
LsaManageSidNameMapping
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
pcwum
PerfSetCounterRefValue
PerfCreateInstance
PerfDeleteInstance
PerfSetCounterSetInfo
PerfStartProvider
PerfStopProvider
mi
mi_clientFT_V1
MI_Application_InitializeV1
Exports
Exports
??0?$AutoCleanup@V?$AutoDelete@D@@PEAD@@QEAA@PEAD@Z
??0?$AutoCleanup@V?$AutoDelete@G@@PEAG@@QEAA@PEAG@Z
??0?$AutoCleanup@V?$AutoDelete@UIPRange@CWSManIPFilter@@@@PEAUIPRange@CWSManIPFilter@@@@QEAA@PEAUIPRange@CWSManIPFilter@@@Z
??0?$AutoCleanup@V?$AutoDelete@U_SID@@@@PEAU_SID@@@@QEAA@PEAU_SID@@@Z
??0?$AutoCleanup@V?$AutoDelete@U_WSMAN_STREAM_ID_SET@@@@PEAU_WSMAN_STREAM_ID_SET@@@@QEAA@PEAU_WSMAN_STREAM_ID_SET@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$Handle@VISubscription@@@@@@PEAV?$Handle@VISubscription@@@@@@QEAA@PEAV?$Handle@VISubscription@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SafeMap_Iterator@VStringKeyCI@@K@@@@PEAV?$SafeMap_Iterator@VStringKeyCI@@K@@@@QEAA@PEAV?$SafeMap_Iterator@VStringKeyCI@@K@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@PEAV?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@QEAA@PEAV?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SafeSet@PEAVCCertMapping@@@@@@PEAV?$SafeSet@PEAVCCertMapping@@@@@@QEAA@PEAV?$SafeSet@PEAVCCertMapping@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SafeSet@PEAVCShellUriSettings@@@@@@PEAV?$SafeSet@PEAVCShellUriSettings@@@@@@QEAA@PEAV?$SafeSet@PEAVCShellUriSettings@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@PEAV?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@QEAA@PEAV?$SafeSet_Iterator@PEAVCListenerOperation@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SimpleStack@VCListenerOperation@@@@@@PEAV?$SimpleStack@VCListenerOperation@@@@@@QEAA@PEAV?$SimpleStack@VCListenerOperation@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$SimpleStack@VShellHostEntry@@@@@@PEAV?$SimpleStack@VShellHostEntry@@@@@@QEAA@PEAV?$SimpleStack@VShellHostEntry@@@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@@PEAV?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@@QEAA@PEAV?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$set@Usockaddr_storage@@VSockAddrLessFunctor@CListenerSettings@@V?$transport_allocator@Usockaddr_storage@@@@@std@@@@PEAV?$set@Usockaddr_storage@@VSockAddrLessFunctor@CListenerSettings@@V?$transport_allocator@Usockaddr_storage@@@@@std@@@@QEAA@PEAV?$set@Usockaddr_storage@@VSockAddrLessFunctor@CListenerSettings@@V?$transport_allocator@Usockaddr_storage@@@@@std@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$vector@PEAVHandleImpl@Client@WSMan@@V?$transport_allocator@PEAVHandleImpl@Client@WSMan@@@@@std@@@@PEAV?$vector@PEAVHandleImpl@Client@WSMan@@V?$transport_allocator@PEAVHandleImpl@Client@WSMan@@@@@std@@@@QEAA@PEAV?$vector@PEAVHandleImpl@Client@WSMan@@V?$transport_allocator@PEAVHandleImpl@Client@WSMan@@@@@std@@@Z
??0?$AutoCleanup@V?$AutoDelete@V?$vector@PEAVIServiceConfigObserver@@V?$transport_allocator@PEAVIServiceConfigObserver@@@@@std@@@@PEAV?$vector@PEAVIServiceConfigObserver@@V?$transport_allocator@PEAVIServiceConfigObserver@@@@@std@@@@QEAA@PEAV?$vector@PEAVIServiceConfigObserver@@V?$transport_allocator@PEAVIServiceConfigObserver@@@@@std@@@Z
??0?$AutoCleanup@V?$AutoDelete@VAdminSid@CSecurity@@@@PEAVAdminSid@CSecurity@@@@QEAA@PEAVAdminSid@CSecurity@@@Z
??0?$AutoCleanup@V?$AutoDelete@VBlockedRecord@@@@PEAVBlockedRecord@@@@QEAA@PEAVBlockedRecord@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCBaseConfigCache@@@@PEAVCBaseConfigCache@@@@QEAA@PEAVCBaseConfigCache@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCCertMapping@@@@PEAVCCertMapping@@@@QEAA@PEAVCCertMapping@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCConfigChangeSource@@@@PEAVCConfigChangeSource@@@@QEAA@PEAVCConfigChangeSource@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCListenerSettings@@@@PEAVCListenerSettings@@@@QEAA@PEAVCListenerSettings@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCObserverConfigChangeErrors@@@@PEAVCObserverConfigChangeErrors@@@@QEAA@PEAVCObserverConfigChangeErrors@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCServiceWatcher@CServiceConfigCache@@@@PEAVCServiceWatcher@CServiceConfigCache@@@@QEAA@PEAVCServiceWatcher@CServiceConfigCache@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCShellUriSettings@@@@PEAVCShellUriSettings@@@@QEAA@PEAVCShellUriSettings@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCWSManEPR@@@@PEAVCWSManEPR@@@@QEAA@PEAVCWSManEPR@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCWSManResource@@@@PEAVCWSManResource@@@@QEAA@PEAVCWSManResource@@@Z
??0?$AutoCleanup@V?$AutoDelete@VCertHash@@@@PEAVCertHash@@@@QEAA@PEAVCertHash@@@Z
??0?$AutoCleanup@V?$AutoDelete@VConfigUpdate@@@@PEAVConfigUpdate@@@@QEAA@PEAVConfigUpdate@@@Z
??0?$AutoCleanup@V?$AutoDelete@VEnumSinkEx@@@@PEAVEnumSinkEx@@@@QEAA@PEAVEnumSinkEx@@@Z
??0?$AutoCleanup@V?$AutoDelete@VEnumSinkEx@@@@PEAVEnumSinkEx@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VEventHandler@WSMan@@@@PEAVEventHandler@WSMan@@@@QEAA@PEAVEventHandler@WSMan@@@Z
??0?$AutoCleanup@V?$AutoDelete@VExpiredOperationIdRecord@@@@PEAVExpiredOperationIdRecord@@@@QEAA@PEAVExpiredOperationIdRecord@@@Z
??0?$AutoCleanup@V?$AutoDelete@VGPApiManager@@@@PEAVGPApiManager@@@@QEAA@PEAVGPApiManager@@@Z
??0?$AutoCleanup@V?$AutoDelete@VGeneralSinkEx@@@@PEAVGeneralSinkEx@@@@QEAA@PEAVGeneralSinkEx@@@Z
??0?$AutoCleanup@V?$AutoDelete@VGeneralSinkEx@@@@PEAVGeneralSinkEx@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VIChannelObserverFactory@@@@PEAVIChannelObserverFactory@@@@QEAA@PEAVIChannelObserverFactory@@@Z
??0?$AutoCleanup@V?$AutoDelete@VIQueryDASHSMASHInterface@@@@PEAVIQueryDASHSMASHInterface@@@@QEAA@PEAVIQueryDASHSMASHInterface@@@Z
??0?$AutoCleanup@V?$AutoDelete@VIQueryDASHSMASHInterface@@@@PEAVIQueryDASHSMASHInterface@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VISpecification@@@@PEAVISpecification@@@@QEAA@PEAVISpecification@@@Z
??0?$AutoCleanup@V?$AutoDelete@VISpecification@@@@PEAVISpecification@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VInteractiveSid@CSecurity@@@@PEAVInteractiveSid@CSecurity@@@@QEAA@PEAVInteractiveSid@CSecurity@@@Z
??0?$AutoCleanup@V?$AutoDelete@VIpHlpApiDllLoader@@@@PEAVIpHlpApiDllLoader@@@@QEAA@PEAVIpHlpApiDllLoader@@@Z
??0?$AutoCleanup@V?$AutoDelete@VMachineName@@@@PEAVMachineName@@@@QEAA@PEAVMachineName@@@Z
??0?$AutoCleanup@V?$AutoDelete@VNetworkServiceSid@CSecurity@@@@PEAVNetworkServiceSid@CSecurity@@@@QEAA@PEAVNetworkServiceSid@CSecurity@@@Z
??0?$AutoCleanup@V?$AutoDelete@VNtDsApiDllLoader@@@@PEAVNtDsApiDllLoader@@@@QEAA@PEAVNtDsApiDllLoader@@@Z
??0?$AutoCleanup@V?$AutoDelete@VOptionValue@SessionOptions@Client@WSMan@@@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@QEAA@PEAVOptionValue@SessionOptions@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoDelete@VPacketCreator@@@@PEAVPacketCreator@@@@QEAA@PEAVPacketCreator@@@Z
??0?$AutoCleanup@V?$AutoDelete@VPacketParser@@@@PEAVPacketParser@@@@QEAA@PEAVPacketParser@@@Z
??0?$AutoCleanup@V?$AutoDelete@VResources@Locale@@@@PEAVResources@Locale@@@@QEAA@PEAVResources@Locale@@@Z
??0?$AutoCleanup@V?$AutoDelete@VRunAsConfiguration@@@@PEAVRunAsConfiguration@@@@QEAA@PEAVRunAsConfiguration@@@Z
??0?$AutoCleanup@V?$AutoDelete@VSafeBufferWrite@@@@PEAVSafeBufferWrite@@@@QEAA@PEAVSafeBufferWrite@@@Z
??0?$AutoCleanup@V?$AutoDelete@VSecurityEntry@Catalog@@@@PEAVSecurityEntry@Catalog@@@@QEAA@PEAVSecurityEntry@Catalog@@@Z
??0?$AutoCleanup@V?$AutoDelete@VSendPacketArgs@RobustConnectionBuffer@@@@PEAVSendPacketArgs@RobustConnectionBuffer@@@@QEAA@PEAVSendPacketArgs@RobustConnectionBuffer@@@Z
??0?$AutoCleanup@V?$AutoDelete@VServiceSoapProcessor@@@@PEAVServiceSoapProcessor@@@@QEAA@PEAVServiceSoapProcessor@@@Z
??0?$AutoCleanup@V?$AutoDelete@VShell32DllLoader@@@@PEAVShell32DllLoader@@@@QEAA@PEAVShell32DllLoader@@@Z
??0?$AutoCleanup@V?$AutoDelete@VShlWApiDllLoader@@@@PEAVShlWApiDllLoader@@@@QEAA@PEAVShlWApiDllLoader@@@Z
??0?$AutoCleanup@V?$AutoDelete@VSubscriptionEnumerator@@@@PEAVSubscriptionEnumerator@@@@QEAA@PEAVSubscriptionEnumerator@@@Z
??0?$AutoCleanup@V?$AutoDelete@VSubscriptionManager@@@@PEAVSubscriptionManager@@@@QEAA@PEAVSubscriptionManager@@@Z
??0?$AutoCleanup@V?$AutoDelete@VTSTRBUFFER@@@@PEAVTSTRBUFFER@@@@QEAA@PEAVTSTRBUFFER@@@Z
??0?$AutoCleanup@V?$AutoDelete@VTSTRBUFFER@@@@PEAVTSTRBUFFER@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VUniqueStringOverflow@@@@PEAVUniqueStringOverflow@@@@QEAA@PEAVUniqueStringOverflow@@@Z
??0?$AutoCleanup@V?$AutoDelete@VUser32DllLoader@@@@PEAVUser32DllLoader@@@@QEAA@PEAVUser32DllLoader@@@Z
??0?$AutoCleanup@V?$AutoDelete@VWSMANCONFIGTABLE_IDENTITY@@@@PEAVWSMANCONFIGTABLE_IDENTITY@@@@QEAA@PEAVWSMANCONFIGTABLE_IDENTITY@@@Z
??0?$AutoCleanup@V?$AutoDelete@VWSManMemCryptManager@@@@PEAVWSManMemCryptManager@@@@QEAA@PEAVWSManMemCryptManager@@@Z
??0?$AutoCleanup@V?$AutoDelete@VWmiEnumContext@@@@PEAVWmiEnumContext@@@@QEAA@PEAVWmiEnumContext@@@Z
??0?$AutoCleanup@V?$AutoDelete@VWmiEnumContext@@@@PEAVWmiEnumContext@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDelete@VXmlReader@@@@PEAVXmlReader@@@@QEAA@PEAVXmlReader@@@Z
??0?$AutoCleanup@V?$AutoDeleteVector@$$CBG@@PEBG@@QEAA@PEBG@Z
??0?$AutoCleanup@V?$AutoDeleteVector@D@@PEAD@@QEAA@PEAD@Z
??0?$AutoCleanup@V?$AutoDeleteVector@E@@PEAE@@QEAA@PEAE@Z
??0?$AutoCleanup@V?$AutoDeleteVector@E@@PEAE@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@G@@PEAG@@QEAA@PEAG@Z
??0?$AutoCleanup@V?$AutoDeleteVector@G@@PEAG@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@H@@PEAH@@QEAA@PEAH@Z
??0?$AutoCleanup@V?$AutoDeleteVector@PEAG@@PEAPEAG@@QEAA@PEAPEAG@Z
??0?$AutoCleanup@V?$AutoDeleteVector@PEAG@@PEAPEAG@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@PEBG@@PEAPEBG@@QEAA@PEAPEBG@Z
??0?$AutoCleanup@V?$AutoDeleteVector@PEBG@@PEAPEBG@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@U_CONFIG_UPDATE@@@@PEAU_CONFIG_UPDATE@@@@QEAA@PEAU_CONFIG_UPDATE@@@Z
??0?$AutoCleanup@V?$AutoDeleteVector@U_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@PEAU_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@QEAA@PEAU_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@Z
??0?$AutoCleanup@V?$AutoDeleteVector@U_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@PEAU_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@U_WINRS_RUN_COMMAND_ARG@@@@PEAU_WINRS_RUN_COMMAND_ARG@@@@QEAA@PEAU_WINRS_RUN_COMMAND_ARG@@@Z
??0?$AutoCleanup@V?$AutoDeleteVector@U_WINRS_RUN_COMMAND_ARG@@@@PEAU_WINRS_RUN_COMMAND_ARG@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoDeleteVector@U_WSMAN_OPTION@@@@PEAU_WSMAN_OPTION@@@@QEAA@PEAU_WSMAN_OPTION@@@Z
??0?$AutoCleanup@V?$AutoDeleteVector@X@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@V?$AutoFree@E@@PEAE@@QEAA@PEAE@Z
??0?$AutoCleanup@V?$AutoLocklessItemRecycle@VPacket@@@@PEAVPacket@@@@QEAA@PEAVPacket@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostAdminManager@@@@PEAUIAppHostAdminManager@@@@QEAA@PEAUIAppHostAdminManager@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostChildElementCollection@@@@PEAUIAppHostChildElementCollection@@@@QEAA@PEAUIAppHostChildElementCollection@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostConfigException@@@@PEAUIAppHostConfigException@@@@QEAA@PEAUIAppHostConfigException@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostElement@@@@PEAUIAppHostElement@@@@QEAA@PEAUIAppHostElement@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostElementCollection@@@@PEAUIAppHostElementCollection@@@@QEAA@PEAUIAppHostElementCollection@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostProperty@@@@PEAUIAppHostProperty@@@@QEAA@PEAUIAppHostProperty@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIAppHostPropertyCollection@@@@PEAUIAppHostPropertyCollection@@@@QEAA@PEAUIAppHostPropertyCollection@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIClientSecurity@@@@PEAUIClientSecurity@@@@QEAA@PEAUIClientSecurity@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIClientSecurity@@@@PEAUIClientSecurity@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIEnumWbemClassObject@@@@PEAUIEnumWbemClassObject@@@@QEAA@PEAUIEnumWbemClassObject@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIEnumWbemClassObject@@@@PEAUIEnumWbemClassObject@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIErrorInfo@@@@PEAUIErrorInfo@@@@QEAA@PEAUIErrorInfo@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIErrorInfo@@@@PEAUIErrorInfo@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIUnknown@@@@PEAUIUnknown@@@@QEAA@PEAUIUnknown@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIUnknown@@@@PEAUIUnknown@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemClassObject@@@@PEAUIWbemClassObject@@@@QEAA@PEAUIWbemClassObject@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemClassObject@@@@PEAUIWbemClassObject@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemContext@@@@PEAUIWbemContext@@@@QEAA@PEAUIWbemContext@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemContext@@@@PEAUIWbemContext@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemLocator@@@@PEAUIWbemLocator@@@@QEAA@PEAUIWbemLocator@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemLocator@@@@PEAUIWbemLocator@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemObjectTextSrc@@@@PEAUIWbemObjectTextSrc@@@@QEAA@PEAUIWbemObjectTextSrc@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemObjectTextSrc@@@@PEAUIWbemObjectTextSrc@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemPath@@@@PEAUIWbemPath@@@@QEAA@PEAUIWbemPath@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemPath@@@@PEAUIWbemPath@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemPathKeyList@@@@PEAUIWbemPathKeyList@@@@QEAA@PEAUIWbemPathKeyList@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemPathKeyList@@@@PEAUIWbemPathKeyList@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemQualifierSet@@@@PEAUIWbemQualifierSet@@@@QEAA@PEAUIWbemQualifierSet@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemQualifierSet@@@@PEAUIWbemQualifierSet@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemQuery@@@@PEAUIWbemQuery@@@@QEAA@PEAUIWbemQuery@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemQuery@@@@PEAUIWbemQuery@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@UIWbemServices@@@@PEAUIWbemServices@@@@QEAA@PEAUIWbemServices@@@Z
??0?$AutoCleanup@V?$AutoRelease@UIWbemServices@@@@PEAUIWbemServices@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VApplication@Client@WSMan@@@@PEAVApplication@Client@WSMan@@@@QEAA@PEAVApplication@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCBaseConfigCache@@@@PEAVCBaseConfigCache@@@@QEAA@PEAVCBaseConfigCache@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCClientConfigSettings@@@@PEAVCClientConfigSettings@@@@QEAA@PEAVCClientConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCCommonConfigSettings@@@@PEAVCCommonConfigSettings@@@@QEAA@PEAVCCommonConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCConfigCacheMap@CBaseConfigCache@@@@PEAVCConfigCacheMap@CBaseConfigCache@@@@QEAA@PEAVCConfigCacheMap@CBaseConfigCache@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCConfigManager@@@@PEAVCConfigManager@@@@QEAA@PEAVCConfigManager@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCRemoteOperation@@@@PEAVCRemoteOperation@@@@QEAA@PEAVCRemoteOperation@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCRemoteSession@@@@PEAVCRemoteSession@@@@QEAA@PEAVCRemoteSession@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCRequestContext@@@@PEAVCRequestContext@@@@QEAA@PEAVCRequestContext@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCServiceCommonConfigSettings@@@@PEAVCServiceCommonConfigSettings@@@@QEAA@PEAVCServiceCommonConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCServiceConfigCache@@@@PEAVCServiceConfigCache@@@@QEAA@PEAVCServiceConfigCache@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCServiceConfigSettings@@@@PEAVCServiceConfigSettings@@@@QEAA@PEAVCServiceConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWSManEPR@@@@PEAVCWSManEPR@@@@QEAA@PEAVCWSManEPR@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWSManEPR@@@@PEAVCWSManEPR@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VCWSManGroupPolicyCache@@@@PEAVCWSManGroupPolicyCache@@@@QEAA@PEAVCWSManGroupPolicyCache@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWSManGroupPolicyManager@@@@PEAVCWSManGroupPolicyManager@@@@QEAA@PEAVCWSManGroupPolicyManager@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWSManObject@@@@PEAVCWSManObject@@@@QEAA@PEAVCWSManObject@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWSManResource@@@@PEAVCWSManResource@@@@QEAA@PEAVCWSManResource@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWinRSPluginConfigCache@@@@PEAVCWinRSPluginConfigCache@@@@QEAA@PEAVCWinRSPluginConfigCache@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCWinRSPluginConfigCache@@@@PEAVCWinRSPluginConfigCache@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VCWinRSPluginConfigSettings@@@@PEAVCWinRSPluginConfigSettings@@@@QEAA@PEAVCWinRSPluginConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCommand@Client@WSMan@@@@PEAVCommand@Client@WSMan@@@@QEAA@PEAVCommand@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VConfigNotification@@@@PEAVConfigNotification@@@@QEAA@PEAVConfigNotification@@@Z
??0?$AutoCleanup@V?$AutoRelease@VConnectShellOperation@Client@WSMan@@@@PEAVConnectShellOperation@Client@WSMan@@@@QEAA@PEAVConnectShellOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VCreateShellOperation@Client@WSMan@@@@PEAVCreateShellOperation@Client@WSMan@@@@QEAA@PEAVCreateShellOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VDeleteShellOperation@Client@WSMan@@@@PEAVDeleteShellOperation@Client@WSMan@@@@QEAA@PEAVDeleteShellOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VDisconnectOperation@Client@WSMan@@@@PEAVDisconnectOperation@Client@WSMan@@@@QEAA@PEAVDisconnectOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VEnumSinkEx@@@@PEAVEnumSinkEx@@@@QEAA@PEAVEnumSinkEx@@@Z
??0?$AutoCleanup@V?$AutoRelease@VEnumSinkEx@@@@PEAVEnumSinkEx@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VGeneralSinkEx@@@@PEAVGeneralSinkEx@@@@QEAA@PEAVGeneralSinkEx@@@Z
??0?$AutoCleanup@V?$AutoRelease@VGeneralSinkEx@@@@PEAVGeneralSinkEx@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VIISConfigSettings@@@@PEAVIISConfigSettings@@@@QEAA@PEAVIISConfigSettings@@@Z
??0?$AutoCleanup@V?$AutoRelease@VIPCSoapProcessor@@@@PEAVIPCSoapProcessor@@@@QEAA@PEAVIPCSoapProcessor@@@Z
??0?$AutoCleanup@V?$AutoRelease@VIRequestContext@@@@PEAVIRequestContext@@@@QEAA@PEAVIRequestContext@@@Z
??0?$AutoCleanup@V?$AutoRelease@VIRequestContext@@@@PEAVIRequestContext@@@@QEAA@XZ
??0?$AutoCleanup@V?$AutoRelease@VISubscription@@@@PEAVISubscription@@@@QEAA@PEAVISubscription@@@Z
??0?$AutoCleanup@V?$AutoRelease@VInboundRequestDetails@@@@PEAVInboundRequestDetails@@@@QEAA@PEAVInboundRequestDetails@@@Z
??0?$AutoCleanup@V?$AutoRelease@VReceiveOperation@Client@WSMan@@@@PEAVReceiveOperation@Client@WSMan@@@@QEAA@PEAVReceiveOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VReconnectOperation@Client@WSMan@@@@PEAVReconnectOperation@Client@WSMan@@@@QEAA@PEAVReconnectOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VSendOperation@Client@WSMan@@@@PEAVSendOperation@Client@WSMan@@@@QEAA@PEAVSendOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VShell@Client@WSMan@@@@PEAVShell@Client@WSMan@@@@QEAA@PEAVShell@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VShellInfo@@@@PEAVShellInfo@@@@QEAA@PEAVShellInfo@@@Z
??0?$AutoCleanup@V?$AutoRelease@VSignalOperation@Client@WSMan@@@@PEAVSignalOperation@Client@WSMan@@@@QEAA@PEAVSignalOperation@Client@WSMan@@@Z
??0?$AutoCleanup@V?$AutoRelease@VUserRecord@@@@PEAVUserRecord@@@@QEAA@PEAVUserRecord@@@Z
??0?$AutoCleanup@V?$AutoRelease@VWSManHttpListener@@@@PEAVWSManHttpListener@@@@QEAA@PEAVWSManHttpListener@@@Z
??0?$AutoCleanup@V?$AutoReleaseEx@VHostMappingTableEntry@@@@PEAVHostMappingTableEntry@@@@QEAA@PEAVHostMappingTableEntry@@@Z
??0?$AutoCleanup@V?$AutoReleaseEx@VShell@Client@WSMan@@@@PEAVShell@Client@WSMan@@@@QEAA@PEAVShell@Client@WSMan@@@Z
??0?$AutoCleanup@VAutoBstr@@PEAG@@QEAA@PEAG@Z
??0?$AutoCleanup@VAutoBstr@@PEAG@@QEAA@XZ
??0?$AutoCleanup@VAutoBstrNoAlloc@@PEAG@@QEAA@PEAG@Z
??0?$AutoCleanup@VAutoBstrNoAlloc@@PEAG@@QEAA@XZ
??0?$AutoCleanup@VAutoCertContext@@PEBU_CERT_CONTEXT@@@@QEAA@PEBU_CERT_CONTEXT@@@Z
??0?$AutoCleanup@VAutoCertContext@@PEBU_CERT_CONTEXT@@@@QEAA@XZ
??0?$AutoCleanup@VAutoChainContext@@PEBU_CERT_CHAIN_CONTEXT@@@@QEAA@PEBU_CERT_CHAIN_CONTEXT@@@Z
??0?$AutoCleanup@VAutoChainContext@@PEBU_CERT_CHAIN_CONTEXT@@@@QEAA@XZ
??0?$AutoCleanup@VAutoCoTaskMemFree@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoCoTaskMemFree@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoFwXmlCloseParser@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoFwXmlCloseParser@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoHandle@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoHandle@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoImpersonateUser@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoImpersonateUser@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoLibrary@@PEAUHINSTANCE__@@@@QEAA@PEAUHINSTANCE__@@@Z
??0?$AutoCleanup@VAutoLibrary@@PEAUHINSTANCE__@@@@QEAA@XZ
??0?$AutoCleanup@VAutoLocalFree@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoLocalFree@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoMIClass@@PEAU_MI_Class@@@@QEAA@PEAU_MI_Class@@@Z
??0?$AutoCleanup@VAutoMIClass@@PEAU_MI_Class@@@@QEAA@XZ
??0?$AutoCleanup@VAutoMIInstance@@PEAU_MI_Instance@@@@QEAA@PEAU_MI_Instance@@@Z
??0?$AutoCleanup@VAutoMIInstance@@PEAU_MI_Instance@@@@QEAA@XZ
??0?$AutoCleanup@VAutoObject@@PEAUWSMAN_OBJECT@@@@QEAA@PEAUWSMAN_OBJECT@@@Z
??0?$AutoCleanup@VAutoObject@@PEAUWSMAN_OBJECT@@@@QEAA@XZ
??0?$AutoCleanup@VAutoRegKey@@PEAUHKEY__@@@@QEAA@PEAUHKEY__@@@Z
??0?$AutoCleanup@VAutoRegKey@@PEAUHKEY__@@@@QEAA@XZ
??0?$AutoCleanup@VAutoSecurityDescriptor@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoSecurityDescriptor@@PEAX@@QEAA@XZ
??0?$AutoCleanup@VAutoWaitHandle@@PEAX@@QEAA@PEAX@Z
??0?$AutoCleanup@VAutoWaitHandle@@PEAX@@QEAA@XZ
??0?$AutoDelete@D@@QEAA@XZ
??0?$AutoDelete@G@@QEAA@PEAG@Z
??0?$AutoDelete@G@@QEAA@XZ
??0?$AutoDelete@UIPRange@CWSManIPFilter@@@@QEAA@XZ
??0?$AutoDelete@U_SID@@@@QEAA@PEAU_SID@@@Z
??0?$AutoDelete@U_WSMAN_STREAM_ID_SET@@@@QEAA@PEAU_WSMAN_STREAM_ID_SET@@@Z
??0?$AutoDelete@V?$Handle@VISubscription@@@@@@QEAA@PEAV?$Handle@VISubscription@@@@@Z
??0?$AutoDelete@V?$SafeMap_Iterator@VStringKeyCI@@K@@@@QEAA@XZ
??0?$AutoDelete@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@QEAA@XZ
??0?$AutoDelete@V?$SafeSet@PEAVCCertMapping@@@@@@QEAA@PEAV?$SafeSet@PEAVCCertMapping@@@@@Z
??0?$AutoDelete@V?$SafeSet@PEAVCCertMapping@@@@@@QEAA@XZ
??0?$AutoDelete@V?$SafeSet@PEAVCShellUriSettings@@@@@@QEAA@PEAV?$SafeSet@PEAVCShellUriSettings@@@@@Z
??0?$AutoDelete@V?$SafeSet@PEAVCShellUriSettings@@@@@@QEAA@XZ
??0?$AutoDelete@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@QEAA@XZ
??0?$AutoDelete@V?$SimpleStack@VCListenerOperation@@@@@@QEAA@XZ
??0?$AutoDelete@V?$SimpleStack@VShellHostEntry@@@@@@QEAA@XZ
??0?$AutoDelete@V?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@@QEAA@PEAV?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@Z
??0?$AutoDelete@V?$set@PEAVCListenerSettings@@VCListenerSettingsLessFunctor@CServiceConfigSettings@@V?$transport_allocator@PEAVCListenerSettings@@@@@std@@@@QEAA@XZ
??0?$AutoDelete@V?$set@Usockaddr_storage@@VSockAddrLessFunctor@CListenerSettings@@V?$transport_allocator@Usockaddr_storage@@@@@std@@@@QEAA@XZ
??0?$AutoDelete@V?$vector@PEAVHandleImpl@Client@WSMan@@V?$transport_allocator@PEAVHandleImpl@Client@WSMan@@@@@std@@@@QEAA@XZ
??0?$AutoDelete@V?$vector@PEAVIServiceConfigObserver@@V?$transport_allocator@PEAVIServiceConfigObserver@@@@@std@@@@QEAA@XZ
??0?$AutoDelete@VAdminSid@CSecurity@@@@QEAA@PEAVAdminSid@CSecurity@@@Z
??0?$AutoDelete@VBlockedRecord@@@@QEAA@XZ
??0?$AutoDelete@VCBaseConfigCache@@@@QEAA@PEAVCBaseConfigCache@@@Z
??0?$AutoDelete@VCCertMapping@@@@QEAA@PEAVCCertMapping@@@Z
??0?$AutoDelete@VCConfigChangeSource@@@@QEAA@XZ
??0?$AutoDelete@VCListenerSettings@@@@QEAA@PEAVCListenerSettings@@@Z
??0?$AutoDelete@VCObserverConfigChangeErrors@@@@QEAA@XZ
??0?$AutoDelete@VCServiceWatcher@CServiceConfigCache@@@@QEAA@PEAVCServiceWatcher@CServiceConfigCache@@@Z
??0?$AutoDelete@VCServiceWatcher@CServiceConfigCache@@@@QEAA@XZ
??0?$AutoDelete@VCShellUriSettings@@@@QEAA@PEAVCShellUriSettings@@@Z
??0?$AutoDelete@VCWSManEPR@@@@QEAA@PEAVCWSManEPR@@@Z
??0?$AutoDelete@VCWSManResource@@@@QEAA@PEAVCWSManResource@@@Z
??0?$AutoDelete@VCWSManResource@@@@QEAA@XZ
??0?$AutoDelete@VCertHash@@@@QEAA@PEAVCertHash@@@Z
??0?$AutoDelete@VCertHash@@@@QEAA@XZ
??0?$AutoDelete@VConfigUpdate@@@@QEAA@PEAVConfigUpdate@@@Z
??0?$AutoDelete@VConfigUpdate@@@@QEAA@XZ
??0?$AutoDelete@VEnumSinkEx@@@@QEAA@PEAVEnumSinkEx@@@Z
??0?$AutoDelete@VEnumSinkEx@@@@QEAA@XZ
??0?$AutoDelete@VEventHandler@WSMan@@@@QEAA@PEAVEventHandler@WSMan@@@Z
??0?$AutoDelete@VExpiredOperationIdRecord@@@@QEAA@PEAVExpiredOperationIdRecord@@@Z
??0?$AutoDelete@VGPApiManager@@@@QEAA@XZ
??0?$AutoDelete@VGeneralSinkEx@@@@QEAA@PEAVGeneralSinkEx@@@Z
??0?$AutoDelete@VGeneralSinkEx@@@@QEAA@XZ
??0?$AutoDelete@VIChannelObserverFactory@@@@QEAA@PEAVIChannelObserverFactory@@@Z
??0?$AutoDelete@VIChannelObserverFactory@@@@QEAA@XZ
??0?$AutoDelete@VIQueryDASHSMASHInterface@@@@QEAA@PEAVIQueryDASHSMASHInterface@@@Z
??0?$AutoDelete@VIQueryDASHSMASHInterface@@@@QEAA@XZ
??0?$AutoDelete@VISpecification@@@@QEAA@PEAVISpecification@@@Z
??0?$AutoDelete@VISpecification@@@@QEAA@XZ
??0?$AutoDelete@VInteractiveSid@CSecurity@@@@QEAA@PEAVInteractiveSid@CSecurity@@@Z
??0?$AutoDelete@VIpHlpApiDllLoader@@@@QEAA@PEAVIpHlpApiDllLoader@@@Z
??0?$AutoDelete@VMachineName@@@@QEAA@PEAVMachineName@@@Z
??0?$AutoDelete@VNetworkServiceSid@CSecurity@@@@QEAA@PEAVNetworkServiceSid@CSecurity@@@Z
??0?$AutoDelete@VNtDsApiDllLoader@@@@QEAA@PEAVNtDsApiDllLoader@@@Z
??0?$AutoDelete@VOptionValue@SessionOptions@Client@WSMan@@@@QEAA@PEAVOptionValue@SessionOptions@Client@WSMan@@@Z
??0?$AutoDelete@VPacketCreator@@@@QEAA@PEAVPacketCreator@@@Z
??0?$AutoDelete@VPacketCreator@@@@QEAA@XZ
??0?$AutoDelete@VPacketParser@@@@QEAA@XZ
??0?$AutoDelete@VResources@Locale@@@@QEAA@PEAVResources@Locale@@@Z
??0?$AutoDelete@VRunAsConfiguration@@@@QEAA@PEAVRunAsConfiguration@@@Z
??0?$AutoDelete@VSafeBufferWrite@@@@QEAA@PEAVSafeBufferWrite@@@Z
??0?$AutoDelete@VSecurityEntry@Catalog@@@@QEAA@PEAVSecurityEntry@Catalog@@@Z
??0?$AutoDelete@VSendPacketArgs@RobustConnectionBuffer@@@@QEAA@PEAVSendPacketArgs@RobustConnectionBuffer@@@Z
??0?$AutoDelete@VServiceSoapProcessor@@@@QEAA@XZ
??0?$AutoDelete@VShell32DllLoader@@@@QEAA@PEAVShell32DllLoader@@@Z
??0?$AutoDelete@VShlWApiDllLoader@@@@QEAA@PEAVShlWApiDllLoader@@@Z
??0?$AutoDelete@VSubscriptionEnumerator@@@@QEAA@XZ
??0?$AutoDelete@VSubscriptionManager@@@@QEAA@PEAVSubscriptionManager@@@Z
??0?$AutoDelete@VTSTRBUFFER@@@@QEAA@PEAVTSTRBUFFER@@@Z
??0?$AutoDelete@VTSTRBUFFER@@@@QEAA@XZ
??0?$AutoDelete@VUniqueStringOverflow@@@@QEAA@XZ
??0?$AutoDelete@VUser32DllLoader@@@@QEAA@PEAVUser32DllLoader@@@Z
??0?$AutoDelete@VWSMANCONFIGTABLE_IDENTITY@@@@QEAA@PEAVWSMANCONFIGTABLE_IDENTITY@@@Z
??0?$AutoDelete@VWSManMemCryptManager@@@@QEAA@PEAVWSManMemCryptManager@@@Z
??0?$AutoDelete@VWmiEnumContext@@@@QEAA@PEAVWmiEnumContext@@@Z
??0?$AutoDelete@VWmiEnumContext@@@@QEAA@XZ
??0?$AutoDelete@VXmlReader@@@@QEAA@PEAVXmlReader@@@Z
??0?$AutoDelete@VXmlReader@@@@QEAA@XZ
??0?$AutoDeleteVector@$$CBG@@QEAA@XZ
??0?$AutoDeleteVector@D@@QEAA@PEAD@Z
??0?$AutoDeleteVector@D@@QEAA@XZ
??0?$AutoDeleteVector@E@@QEAA@PEAE@Z
??0?$AutoDeleteVector@E@@QEAA@XZ
??0?$AutoDeleteVector@G@@QEAA@PEAG@Z
??0?$AutoDeleteVector@G@@QEAA@XZ
??0?$AutoDeleteVector@H@@QEAA@PEAH@Z
??0?$AutoDeleteVector@PEAG@@QEAA@PEAPEAG@Z
??0?$AutoDeleteVector@PEAG@@QEAA@XZ
??0?$AutoDeleteVector@PEBG@@QEAA@PEAPEBG@Z
??0?$AutoDeleteVector@PEBG@@QEAA@XZ
??0?$AutoDeleteVector@U_CONFIG_UPDATE@@@@QEAA@XZ
??0?$AutoDeleteVector@U_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@QEAA@PEAU_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@Z
??0?$AutoDeleteVector@U_WINRS_CREATE_SHELL_ENVIRONMENT_VARIABLE@@@@QEAA@XZ
??0?$AutoDeleteVector@U_WINRS_RUN_COMMAND_ARG@@@@QEAA@PEAU_WINRS_RUN_COMMAND_ARG@@@Z
??0?$AutoDeleteVector@U_WINRS_RUN_COMMAND_ARG@@@@QEAA@XZ
??0?$AutoDeleteVector@U_WSMAN_OPTION@@@@QEAA@PEAU_WSMAN_OPTION@@@Z
??0?$AutoDeleteVector@U_WSMAN_OPTION@@@@QEAA@XZ
??0?$AutoDeleteVector@X@@QEAA@PEAX@Z
??0?$AutoDeleteVector@X@@QEAA@XZ
??0?$AutoFree@E@@QEAA@PEAE@Z
??0?$AutoFree@E@@QEAA@XZ
??0?$AutoLocklessItemRecycle@VPacket@@@@QEAA@PEAVPacket@@@Z
??0?$AutoLocklessItemRecycle@VPacket@@@@QEAA@XZ
??0?$AutoRelease@UIAppHostAdminManager@@@@QEAA@PEAUIAppHostAdminManager@@@Z
??0?$AutoRelease@UIAppHostChildElementCollection@@@@QEAA@XZ
??0?$AutoRelease@UIAppHostConfigException@@@@QEAA@PEAUIAppHostConfigException@@@Z
??0?$AutoRelease@UIAppHostElement@@@@QEAA@PEAUIAppHostElement@@@Z
??0?$AutoRelease@UIAppHostElement@@@@QEAA@XZ
??0?$AutoRelease@UIAppHostElementCollection@@@@QEAA@XZ
??0?$AutoRelease@UIAppHostProperty@@@@QEAA@XZ
??0?$AutoRelease@UIAppHostPropertyCollection@@@@QEAA@XZ
??0?$AutoRelease@UIClientSecurity@@@@QEAA@PEAUIClientSecurity@@@Z
??0?$AutoRelease@UIClientSecurity@@@@QEAA@XZ
??0?$AutoRelease@UIEnumWbemClassObject@@@@QEAA@PEAUIEnumWbemClassObject@@@Z
??0?$AutoRelease@UIEnumWbemClassObject@@@@QEAA@XZ
??0?$AutoRelease@UIErrorInfo@@@@QEAA@PEAUIErrorInfo@@@Z
??0?$AutoRelease@UIErrorInfo@@@@QEAA@XZ
??0?$AutoRelease@UIUnknown@@@@QEAA@PEAUIUnknown@@@Z
??0?$AutoRelease@UIUnknown@@@@QEAA@XZ
??0?$AutoRelease@UIWbemClassObject@@@@QEAA@PEAUIWbemClassObject@@@Z
??0?$AutoRelease@UIWbemClassObject@@@@QEAA@XZ
??0?$AutoRelease@UIWbemContext@@@@QEAA@PEAUIWbemContext@@@Z
??0?$AutoRelease@UIWbemContext@@@@QEAA@XZ
??0?$AutoRelease@UIWbemLocator@@@@QEAA@PEAUIWbemLocator@@@Z
??0?$AutoRelease@UIWbemLocator@@@@QEAA@XZ
??0?$AutoRelease@UIWbemObjectTextSrc@@@@QEAA@PEAUIWbemObjectTextSrc@@@Z
??0?$AutoRelease@UIWbemObjectTextSrc@@@@QEAA@XZ
??0?$AutoRelease@UIWbemPath@@@@QEAA@PEAUIWbemPath@@@Z
??0?$AutoRelease@UIWbemPath@@@@QEAA@XZ
??0?$AutoRelease@UIWbemPathKeyList@@@@QEAA@PEAUIWbemPathKeyList@@@Z
??0?$AutoRelease@UIWbemPathKeyList@@@@QEAA@XZ
??0?$AutoRelease@UIWbemQualifierSet@@@@QEAA@PEAUIWbemQualifierSet@@@Z
??0?$AutoRelease@UIWbemQualifierSet@@@@QEAA@XZ
??0?$AutoRelease@UIWbemQuery@@@@QEAA@PEAUIWbemQuery@@@Z
??0?$AutoRelease@UIWbemQuery@@@@QEAA@XZ
??0?$AutoRelease@UIWbemServices@@@@QEAA@PEAUIWbemServices@@@Z
??0?$AutoRelease@UIWbemServices@@@@QEAA@XZ
??0?$AutoRelease@VApplication@Client@WSMan@@@@QEAA@XZ
??0?$AutoRelease@VCBaseConfigCache@@@@QEAA@PEAVCBaseConfigCache@@@Z
??0?$AutoRelease@VCClientConfigSettings@@@@QEAA@PEAVCClientConfigSettings@@@Z
??0?$AutoRelease@VCClientConfigSettings@@@@QEAA@XZ
??0?$AutoRelease@VCCommonConfigSettings@@@@QEAA@PEAVCCommonConfigSettings@@@Z
??0?$AutoRelease@VCCommonConfigSettings@@@@QEAA@XZ
??0?$AutoRelease@VCConfigCacheMap@CBaseConfigCache@@@@QEAA@PEAVCConfigCacheMap@CBaseConfigCache@@@Z
??0?$AutoRelease@VCConfigCacheMap@CBaseConfigCache@@@@QEAA@XZ
??0?$AutoRelease@VCConfigManager@@@@QEAA@PEAVCConfigManager@@@Z
??0?$AutoRelease@VCConfigManager@@@@QEAA@XZ
??0?$AutoRelease@VCRemoteOperation@@@@QEAA@PEAVCRemoteOperation@@@Z
??0?$AutoRelease@VCRemoteSession@@@@QEAA@PEAVCRemoteSession@@@Z
??0?$AutoRelease@VCRemoteSession@@@@QEAA@XZ
??0?$AutoRelease@VCRequestContext@@@@QEAA@PEAVCRequestContext@@@Z
??0?$AutoRelease@VCRequestContext@@@@QEAA@XZ
??0?$AutoRelease@VCServiceCommonConfigSettings@@@@QEAA@PEAVCServiceCommonConfigSettings@@@Z
??0?$AutoRelease@VCServiceCommonConfigSettings@@@@QEAA@XZ
??0?$AutoRelease@VCServiceConfigCache@@@@QEAA@PEAVCServiceConfigCache@@@Z
??0?$AutoRelease@VCServiceConfigCache@@@@QEAA@XZ
??0?$AutoRelease@VCServiceConfigSettings@@@@QEAA@PEAVCServiceConfigSettings@@@Z
??0?$AutoRelease@VCServiceConfigSettings@@@@QEAA@XZ
??0?$AutoRelease@VCWSManEPR@@@@QEAA@PEAVCWSManEPR@@@Z
??0?$AutoRelease@VCWSManEPR@@@@QEAA@XZ
??0?$AutoRelease@VCWSManGroupPolicyCache@@@@QEAA@PEAVCWSManGroupPolicyCache@@@Z
??0?$AutoRelease@VCWSManGroupPolicyManager@@@@QEAA@PEAVCWSManGroupPolicyManager@@@Z
??0?$AutoRelease@VCWSManObject@@@@QEAA@PEAVCWSManObject@@@Z
??0?$AutoRelease@VCWSManResource@@@@QEAA@PEAVCWSManResource@@@Z
??0?$AutoRelease@VCWSManResource@@@@QEAA@XZ
??0?$AutoRelease@VCWinRSPluginConfigCache@@@@QEAA@PEAVCWinRSPluginConfigCache@@@Z
??0?$AutoRelease@VCWinRSPluginConfigCache@@@@QEAA@XZ
??0?$AutoRelease@VCWinRSPluginConfigSettings@@@@QEAA@PEAVCWinRSPluginConfigSettings@@@Z
??0?$AutoRelease@VCommand@Client@WSMan@@@@QEAA@PEAVCommand@Client@WSMan@@@Z
??0?$AutoRelease@VConfigNotification@@@@QEAA@PEAVConfigNotification@@@Z
??0?$AutoRelease@VConnectShellOperation@Client@WSMan@@@@QEAA@PEAVConnectShellOperation@Client@WSMan@@@Z
??0?$AutoRelease@VCreateShellOperation@Client@WSMan@@@@QEAA@PEAVCreateShellOperation@Client@WSMan@@@Z
??0?$AutoRelease@VDeleteShellOperation@Client@WSMan@@@@QEAA@PEAVDeleteShellOperation@Client@WSMan@@@Z
??0?$AutoRelease@VDisconnectOperation@Client@WSMan@@@@QEAA@PEAVDisconnectOperation@Client@WSMan@@@Z
??0?$AutoRelease@VEnumSinkEx@@@@QEAA@PEAVEnumSinkEx@@@Z
??0?$AutoRelease@VEnumSinkEx@@@@QEAA@XZ
??0?$AutoRelease@VGeneralSinkEx@@@@QEAA@PEAVGeneralSinkEx@@@Z
??0?$AutoRelease@VGeneralSinkEx@@@@QEAA@XZ
??0?$AutoRelease@VIISConfigSettings@@@@QEAA@XZ
??0?$AutoRelease@VIPCSoapProcessor@@@@QEAA@PEAVIPCSoapProcessor@@@Z
??0?$AutoRelease@VIRequestContext@@@@QEAA@PEAVIRequestContext@@@Z
??0?$AutoRelease@VIRequestContext@@@@QEAA@XZ
??0?$AutoRelease@VISubscription@@@@QEAA@PEAVISubscription@@@Z
??0?$AutoRelease@VInboundRequestDetails@@@@QEAA@XZ
??0?$AutoRelease@VReceiveOperation@Client@WSMan@@@@QEAA@PEAVReceiveOperation@Client@WSMan@@@Z
??0?$AutoRelease@VReconnectOperation@Client@WSMan@@@@QEAA@PEAVReconnectOperation@Client@WSMan@@@Z
??0?$AutoRelease@VSendOperation@Client@WSMan@@@@QEAA@PEAVSendOperation@Client@WSMan@@@Z
??0?$AutoRelease@VShell@Client@WSMan@@@@QEAA@PEAVShell@Client@WSMan@@@Z
??0?$AutoRelease@VShellInfo@@@@QEAA@XZ
??0?$AutoRelease@VSignalOperation@Client@WSMan@@@@QEAA@PEAVSignalOperation@Client@WSMan@@@Z
??0?$AutoRelease@VUserRecord@@@@QEAA@XZ
??0?$AutoRelease@VWSManHttpListener@@@@QEAA@PEAVWSManHttpListener@@@Z
??0?$AutoReleaseEx@VHostMappingTableEntry@@@@QEAA@XZ
??0?$AutoReleaseEx@VShell@Client@WSMan@@@@QEAA@PEAVShell@Client@WSMan@@@Z
??0?$ILoader@VAdminSid@CSecurity@@@@QEAA@P8AdminSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VEventHandler@WSMan@@@@QEAA@P8EventHandler@WSMan@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VInteractiveSid@CSecurity@@@@QEAA@P8InteractiveSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VIpHlpApiDllLoader@@@@QEAA@P8IpHlpApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VMachineName@@@@QEAA@P8MachineName@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VNetworkServiceSid@CSecurity@@@@QEAA@P8NetworkServiceSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VNtDsApiDllLoader@@@@QEAA@P8NtDsApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VResources@Locale@@@@QEAA@P8Resources@Locale@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VShell32DllLoader@@@@QEAA@P8Shell32DllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VShlWApiDllLoader@@@@QEAA@P8ShlWApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VSubscriptionManager@@@@QEAA@P8SubscriptionManager@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VUser32DllLoader@@@@QEAA@P8User32DllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$ILoader@VWSManMemCryptManager@@@@QEAA@P8WSManMemCryptManager@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$Loader@VAdminSid@CSecurity@@$00@@QEAA@XZ
??0?$Loader@VEventHandler@WSMan@@$00@@QEAA@XZ
??0?$Loader@VInteractiveSid@CSecurity@@$00@@QEAA@XZ
??0?$Loader@VIpHlpApiDllLoader@@$00@@QEAA@XZ
??0?$Loader@VMachineName@@$00@@QEAA@XZ
??0?$Loader@VNetworkServiceSid@CSecurity@@$00@@QEAA@XZ
??0?$Loader@VNtDsApiDllLoader@@$00@@QEAA@XZ
??0?$Loader@VResources@Locale@@$0A@@@QEAA@XZ
??0?$Loader@VShell32DllLoader@@$00@@QEAA@XZ
??0?$Loader@VShlWApiDllLoader@@$00@@QEAA@XZ
??0?$Loader@VUser32DllLoader@@$00@@QEAA@XZ
??0?$Loader@VWSManMemCryptManager@@$00@@QEAA@XZ
??0?$LoaderSerializer@VAdminSid@CSecurity@@$00@@QEAA@P8AdminSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VEventHandler@WSMan@@$00@@QEAA@P8EventHandler@WSMan@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VInteractiveSid@CSecurity@@$00@@QEAA@P8InteractiveSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VIpHlpApiDllLoader@@$00@@QEAA@P8IpHlpApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VMachineName@@$00@@QEAA@P8MachineName@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VNetworkServiceSid@CSecurity@@$00@@QEAA@P8NetworkServiceSid@CSecurity@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VNtDsApiDllLoader@@$00@@QEAA@P8NtDsApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VResources@Locale@@$0A@@@QEAA@P8Resources@Locale@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VShell32DllLoader@@$00@@QEAA@P8Shell32DllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VShlWApiDllLoader@@$00@@QEAA@P8ShlWApiDllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VSubscriptionManager@@$01@@QEAA@P8SubscriptionManager@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VUser32DllLoader@@$00@@QEAA@P8User32DllLoader@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$LoaderSerializer@VWSManMemCryptManager@@$00@@QEAA@P8WSManMemCryptManager@@EAA_NAEAVIRequestContext@@@Z1@Z
??0?$PacketElement@K@PacketParser@@QEAA@XZ
??0?$PacketElement@PEAU_FWXML_ELEMENT@@@PacketParser@@QEAA@XZ
??0?$PacketElement@PEBG@PacketParser@@QEAA@XZ
??0?$PacketElement@_K@PacketParser@@QEAA@XZ
??0?$SafeMap@PEAVCCertMapping@@UEmpty@@V?$SafeSet_Iterator@PEAVCCertMapping@@@@@@QEAA@XZ
??0?$SafeMap@PEAVCListenerOperation@@UEmpty@@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@QEAA@XZ
??0?$SafeMap@PEAVCShellUriSettings@@UEmpty@@V?$SafeSet_Iterator@PEAVCShellUriSettings@@@@@@QEAA@XZ
??0?$SafeMap@PEAXUEmpty@@V?$SafeSet_Iterator@PEAX@@@@QEAA@XZ
??0?$SafeMap@UPluginKey@@KV?$SafeMap_Iterator@UPluginKey@@K@@@@QEAA@XZ
??0?$SafeMap@UUserKey@@PEAVBlockedRecord@@V?$SafeMap_Iterator@UUserKey@@PEAVBlockedRecord@@@@@@QEAA@XZ
??0?$SafeMap@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@V?$SafeMap_Iterator@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@@@@@QEAA@XZ
??0?$SafeMap@VKey@Locale@@KV?$SafeMap_Iterator@VKey@Locale@@K@@@@QEAA@XZ
??0?$SafeMap@VStringKeyCI@@KV?$SafeMap_Iterator@VStringKeyCI@@K@@@@QEAA@XZ
??0?$SafeMap@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@V?$SafeMap_Iterator@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@@@@@QEAA@XZ
??0?$SafeMap@VStringKeyStore@@PEAVExpiredOperationIdRecord@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVExpiredOperationIdRecord@@@@@@QEAA@XZ
??0?$SafeMap@VStringKeyStore@@PEAVServerFullDuplexChannel@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVServerFullDuplexChannel@@@@@@QEAA@XZ
??0?$SafeMap@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@QEAA@XZ
??0?$SafeMap@_KPEAVSendPacketArgs@RobustConnectionBuffer@@V?$SafeMap_Iterator@_KPEAVSendPacketArgs@RobustConnectionBuffer@@@@@@QEAA@XZ
??0?$SafeMap_Iterator@PEAVCCertMapping@@UEmpty@@@@QEAA@AEAV?$SafeMap@PEAVCCertMapping@@UEmpty@@V?$SafeMap_Iterator@PEAVCCertMapping@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Iterator@PEAVCListenerOperation@@UEmpty@@@@QEAA@AEAV?$SafeMap@PEAVCListenerOperation@@UEmpty@@V?$SafeMap_Iterator@PEAVCListenerOperation@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Iterator@PEAVCShellUriSettings@@UEmpty@@@@QEAA@AEAV?$SafeMap@PEAVCShellUriSettings@@UEmpty@@V?$SafeMap_Iterator@PEAVCShellUriSettings@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Iterator@PEAXUEmpty@@@@QEAA@AEAV?$SafeMap@PEAXUEmpty@@V?$SafeMap_Iterator@PEAXUEmpty@@@@@@_N@Z
??0?$SafeMap_Iterator@UPluginKey@@K@@QEAA@AEAV?$SafeMap@UPluginKey@@KV?$SafeMap_Iterator@UPluginKey@@K@@@@_N@Z
??0?$SafeMap_Iterator@UUserKey@@PEAVBlockedRecord@@@@QEAA@AEAV?$SafeMap@UUserKey@@PEAVBlockedRecord@@V?$SafeMap_Iterator@UUserKey@@PEAVBlockedRecord@@@@@@_N@Z
??0?$SafeMap_Iterator@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@@@QEAA@AEAV?$SafeMap@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@V?$SafeMap_Iterator@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@@@@@_N@Z
??0?$SafeMap_Iterator@VKey@Locale@@K@@QEAA@AEAV?$SafeMap@VKey@Locale@@KV?$SafeMap_Iterator@VKey@Locale@@K@@@@_N@Z
??0?$SafeMap_Iterator@VStringKeyCI@@K@@QEAA@AEAV?$SafeMap@VStringKeyCI@@KV?$SafeMap_Iterator@VStringKeyCI@@K@@@@_N@Z
??0?$SafeMap_Iterator@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@@@QEAA@AEAV?$SafeMap@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@V?$SafeMap_Iterator@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@@@@@_N@Z
??0?$SafeMap_Iterator@VStringKeyStore@@PEAVExpiredOperationIdRecord@@@@QEAA@AEAV?$SafeMap@VStringKeyStore@@PEAVExpiredOperationIdRecord@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVExpiredOperationIdRecord@@@@@@_N@Z
??0?$SafeMap_Iterator@VStringKeyStore@@PEAVServerFullDuplexChannel@@@@QEAA@AEAV?$SafeMap@VStringKeyStore@@PEAVServerFullDuplexChannel@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVServerFullDuplexChannel@@@@@@_N@Z
??0?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@QEAA@AEAV?$SafeMap@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@_N@Z
??0?$SafeMap_Iterator@_KPEAVSendPacketArgs@RobustConnectionBuffer@@@@QEAA@AEAV?$SafeMap@_KPEAVSendPacketArgs@RobustConnectionBuffer@@V?$SafeMap_Iterator@_KPEAVSendPacketArgs@RobustConnectionBuffer@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCCertMapping@@UEmpty@@V?$SafeMap_Iterator@PEAVCCertMapping@@UEmpty@@@@@@QEAA@AEBV?$SafeMap@PEAVCCertMapping@@UEmpty@@V?$SafeMap_Iterator@PEAVCCertMapping@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCCertMapping@@UEmpty@@V?$SafeSet_Iterator@PEAVCCertMapping@@@@@@QEAA@AEBV?$SafeMap@PEAVCCertMapping@@UEmpty@@V?$SafeSet_Iterator@PEAVCCertMapping@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCListenerOperation@@UEmpty@@V?$SafeMap_Iterator@PEAVCListenerOperation@@UEmpty@@@@@@QEAA@AEBV?$SafeMap@PEAVCListenerOperation@@UEmpty@@V?$SafeMap_Iterator@PEAVCListenerOperation@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCListenerOperation@@UEmpty@@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@QEAA@AEBV?$SafeMap@PEAVCListenerOperation@@UEmpty@@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCShellUriSettings@@UEmpty@@V?$SafeMap_Iterator@PEAVCShellUriSettings@@UEmpty@@@@@@QEAA@AEBV?$SafeMap@PEAVCShellUriSettings@@UEmpty@@V?$SafeMap_Iterator@PEAVCShellUriSettings@@UEmpty@@@@@@_N@Z
??0?$SafeMap_Lock@PEAVCShellUriSettings@@UEmpty@@V?$SafeSet_Iterator@PEAVCShellUriSettings@@@@@@QEAA@AEBV?$SafeMap@PEAVCShellUriSettings@@UEmpty@@V?$SafeSet_Iterator@PEAVCShellUriSettings@@@@@@_N@Z
??0?$SafeMap_Lock@PEAXUEmpty@@V?$SafeMap_Iterator@PEAXUEmpty@@@@@@QEAA@AEBV?$SafeMap@PEAXUEmpty@@V?$SafeMap_Iterator@PEAXUEmpty@@@@@@_N@Z
??0?$SafeMap_Lock@PEAXUEmpty@@V?$SafeSet_Iterator@PEAX@@@@QEAA@AEBV?$SafeMap@PEAXUEmpty@@V?$SafeSet_Iterator@PEAX@@@@_N@Z
??0?$SafeMap_Lock@UPluginKey@@KV?$SafeMap_Iterator@UPluginKey@@K@@@@QEAA@AEBV?$SafeMap@UPluginKey@@KV?$SafeMap_Iterator@UPluginKey@@K@@@@_N@Z
??0?$SafeMap_Lock@UUserKey@@PEAVBlockedRecord@@V?$SafeMap_Iterator@UUserKey@@PEAVBlockedRecord@@@@@@QEAA@AEBV?$SafeMap@UUserKey@@PEAVBlockedRecord@@V?$SafeMap_Iterator@UUserKey@@PEAVBlockedRecord@@@@@@_N@Z
??0?$SafeMap_Lock@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@V?$SafeMap_Iterator@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@@@@@QEAA@AEBV?$SafeMap@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@V?$SafeMap_Iterator@VCertThumbprintKey@@VCertThumbprintMappedSet@CServiceConfigSettings@@@@@@_N@Z
??0?$SafeMap_Lock@VKey@Locale@@KV?$SafeMap_Iterator@VKey@Locale@@K@@@@QEAA@AEBV?$SafeMap@VKey@Locale@@KV?$SafeMap_Iterator@VKey@Locale@@K@@@@_N@Z
??0?$SafeMap_Lock@VStringKeyCI@@KV?$SafeMap_Iterator@VStringKeyCI@@K@@@@QEAA@AEBV?$SafeMap@VStringKeyCI@@KV?$SafeMap_Iterator@VStringKeyCI@@K@@@@_N@Z
??0?$SafeMap_Lock@VStringKeyCI@@UEmpty@@V?$SafeSet_Iterator@VStringKeyCI@@@@@@QEAA@AEBV?$SafeMap@VStringKeyCI@@UEmpty@@V?$SafeSet_Iterator@VStringKeyCI@@@@@@_N@Z
??0?$SafeMap_Lock@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@V?$SafeMap_Iterator@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@@@@@QEAA@AEBV?$SafeMap@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@V?$SafeMap_Iterator@VStringKeyCI@@UUSER_CONTEXT_INFO@WSManHttpListener@@@@@@_N@Z
??0?$SafeMap_Lock@VStringKeyStore@@PEAVExpiredOperationIdRecord@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVExpiredOperationIdRecord@@@@@@QEAA@AEBV?$SafeMap@VStringKeyStore@@PEAVExpiredOperationIdRecord@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVExpiredOperationIdRecord@@@@@@_N@Z
??0?$SafeMap_Lock@VStringKeyStore@@PEAVServerFullDuplexChannel@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVServerFullDuplexChannel@@@@@@QEAA@AEBV?$SafeMap@VStringKeyStore@@PEAVServerFullDuplexChannel@@V?$SafeMap_Iterator@VStringKeyStore@@PEAVServerFullDuplexChannel@@@@@@_N@Z
??0?$SafeMap_Lock@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@QEAA@AEBV?$SafeMap@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@V?$SafeMap_Iterator@W4WSManSessionOption@@PEAVOptionValue@SessionOptions@Client@WSMan@@@@@@_N@Z
??0?$SafeMap_Lock@_KPEAVSendPacketArgs@RobustConnectionBuffer@@V?$SafeMap_Iterator@_KPEAVSendPacketArgs@RobustConnectionBuffer@@@@@@QEAA@AEBV?$SafeMap@_KPEAVSendPacketArgs@RobustConnectionBuffer@@V?$SafeMap_Iterator@_KPEAVSendPacketArgs@RobustConnectionBuffer@@@@@@_N@Z
??0?$SafeSet@PEAVCCertMapping@@@@QEAA@XZ
??0?$SafeSet@PEAVCListenerOperation@@@@QEAA@XZ
??0?$SafeSet@PEAVCShellUriSettings@@@@QEAA@XZ
??0?$SafeSet@PEAX@@QEAA@XZ
??0?$SafeSet_Iterator@PEAVCCertMapping@@@@QEAA@AEAV?$SafeMap@PEAVCCertMapping@@UEmpty@@V?$SafeSet_Iterator@PEAVCCertMapping@@@@@@_N@Z
??0?$SafeSet_Iterator@PEAVCCertMapping@@@@QEAA@AEAV?$SafeSet@PEAVCCertMapping@@@@@Z
??0?$SafeSet_Iterator@PEAVCListenerOperation@@@@QEAA@AEAV?$SafeMap@PEAVCListenerOperation@@UEmpty@@V?$SafeSet_Iterator@PEAVCListenerOperation@@@@@@_N@Z
??0?$SafeSet_Iterator@PEAVCListenerOperation@@@@QEAA@AEAV?$SafeSet@PEAVCListenerOperation@@@@@Z
??0?$SafeSet_Iterator@PEAVCShellUriSettings@@@@QEAA@AEAV?$SafeMap@PEAVCShellUriSettings@@UEmpty@@V?$SafeSet_Iterator@PEAVCShellUriSettings@@@@@@_N@Z
??0?$SafeSet_Iterator@PEAX@@QEAA@AEAV?$SafeMap@PEAXUEmpty@@V?$SafeSet_Iterator@PEAX@@@@_N@Z
??0?$SimpleQueue@T_LARGE_INTEGER@@@@QEAA@XZ
??0AutoBstr@@QEAA@PEAG@Z
??0AutoBstr@@QEAA@XZ
??0AutoBstrNoAlloc@@QEAA@PEAG@Z
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 823KB - Virtual size: 823KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 896B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
updateagent.dll.dll windows:10 windows x64 arch:x64
e3c7d95997ab4d12bca5e3fe968ab5dd
Code Sign
33:00:00:02:ed:2c:45:e4:c1:45:cf:48:44:00:00:00:00:02:edCertificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/12/2020, 21:29Not After02/12/2021, 21:29SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2011, 18:41Not After19/10/2026, 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
b7:06:4a:21:61:fc:c9:6d:31:57:7d:5a:77:70:35:89:95:36:42:6f:97:09:e3:69:5e:2a:3d:00:87:ae:59:a0Signer
Actual PE Digestb7:06:4a:21:61:fc:c9:6d:31:57:7d:5a:77:70:35:89:95:36:42:6f:97:09:e3:69:5e:2a:3d:00:87:ae:59:a0Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL
PDB Paths
UpdateAgent.pdb
Imports
msvcrt
swprintf_s
_wcsnicmp
wcsstr
wcstok_s
_itoa_s
_vsnprintf_s
??_V@YAXPEAX@Z
towlower
_wtoi
wcsncmp
wcscpy_s
_vscwprintf
towupper
iswctype
swscanf_s
fclose
_wfopen
fgetws
feof
_wtof
_wcstoui64
?terminate@@YAXXZ
_vsnprintf
_strnicmp
wcstoul
isdigit
memcmp
memset
strcmp
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
__C_specific_handler
_initterm
free
_amsg_exit
_XcptFilter
memmove
memcpy
_snprintf_s
__CxxFrameHandler3
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@XZ
_callnewh
malloc
strncmp
sprintf_s
strrchr
wcscmp
wcsrchr
strchr
_wsplitpath_s
tolower
strtol
wcschr
_errno
_set_errno
_purecall
??3@YAXPEAX@Z
vswprintf_s
isspace
iswspace
strncpy_s
_wcsicmp
memcpy_s
_vsnwprintf
_ui64tow_s
wprintf
ntdll
RtlDeleteSecurityObject
RtlGetDaclSecurityDescriptor
RtlFindAceByType
RtlCreateSecurityDescriptor
RtlSetGroupSecurityDescriptor
NtOpenThreadToken
RtlCopySid
RtlGetGroupSecurityDescriptor
RtlAllocateAndInitializeSid
RtlGetOwnerSecurityDescriptor
RtlQueryInformationAcl
RtlGetSaclSecurityDescriptor
RtlSetDaclSecurityDescriptor
NtDuplicateToken
RtlMakeSelfRelativeSD
RtlGetControlSecurityDescriptor
RtlSetOwnerSecurityDescriptor
NtOpenProcessToken
RtlValidSid
RtlLengthSecurityDescriptor
NtAdjustPrivilegesToken
RtlValidAcl
NtQueryVolumeInformationFile
NtQueryPerformanceCounter
RtlDuplicateUnicodeString
RtlSetEnvironmentVariable
NtSetInformationProcess
NtShutdownSystem
RtlGetVersion
RtlAdjustPrivilege
NtYieldExecution
NtQueryKey
NtDeleteKey
NtEnumerateKey
RtlGetLengthWithoutLastFullDosOrNtPathElement
NtEnumerateValueKey
RtlGetAce
RtlpApplyLengthFunction
RtlAddAccessAllowedAceEx
NtReadFile
RtlNewSecurityObjectEx
NtDeleteFile
NtSetSecurityObject
NtDelayExecution
NtDeleteValueKey
RtlAddAce
NtQueryAttributesFile
NtFlushBuffersFile
NtDuplicateObject
NtFsControlFile
NtQueryInformationFile
RtlCreateAcl
NtCreateKey
RtlDestroyEnvironment
NtQueryDirectoryFile
NtQuerySecurityObject
NtSetValueKey
NtOpenFile
RtlDosPathNameToRelativeNtPathName_U_WithStatus
NtSetEaFile
RtlReleaseRelativeName
NtQueryEaFile
NtWaitForSingleObject
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
RtlEqualUnicodeString
RtlCreateEnvironment
RtlDeleteCriticalSection
RtlEnterCriticalSection
RtlInitializeCriticalSection
RtlLeaveCriticalSection
NtQuerySystemTime
RtlSetControlSecurityDescriptor
RtlAnsiCharToUnicodeChar
RtlUnicodeToMultiByteN
RtlIsTextUnicode
RtlUnicodeToMultiByteSize
RtlConvertSidToUnicodeString
NtQueryInformationToken
RtlAddAccessAllowedAce
RtlCreateEnvironmentEx
RtlExpandEnvironmentStrings_U
NtSetInformationThread
RtlNtStatusToDosError
NtSetInformationFile
RtlCompareUnicodeString
NtUnloadKey2
NtFlushKey
NtLoadKey2
NtQueryLicenseValue
NtQuerySystemInformation
RtlInitUnicodeStringEx
RtlLengthSid
RtlInitUnicodeString
RtlReAllocateHeap
RtlUpcaseUnicodeChar
RtlDowncaseUnicodeChar
DbgPrintEx
VerSetConditionMask
RtlCreateUnicodeStringFromAsciiz
NtQueryValueKey
DbgPrint
NtCreateFile
RtlFreeHeap
NtClose
RtlQueryEnvironmentVariable_U
LdrLoadDll
RtlDosPathNameToNtPathName_U
LdrUnloadDll
LdrGetDllHandle
NtOpenKey
NtWriteFile
LdrGetProcedureAddress
NtQueryObject
RtlTimeToTimeFields
RtlNtStatusToDosErrorNoTeb
RtlRaiseStatus
RtlCreateHeap
RtlAllocateHeap
RtlDestroyHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlSetSaclSecurityDescriptor
api-ms-win-security-base-l1-1-0
IsValidSid
RevertToSelf
GetTokenInformation
AddAccessAllowedAce
GetLengthSid
AddAccessAllowedAceEx
InitializeAcl
InitializeSecurityDescriptor
FreeSid
CopySid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
EqualSid
IsValidAcl
AdjustTokenPrivileges
CheckTokenMembership
api-ms-win-core-file-l1-1-0
CreateDirectoryW
ReadFile
FindFirstFileW
GetFileSizeEx
SetFileTime
GetShortPathNameW
SetEndOfFile
GetLogicalDrives
GetVolumeInformationW
FindFirstFileExW
GetFullPathNameW
SetFilePointer
FindClose
CreateFileW
GetFileAttributesW
FlushFileBuffers
SetFileAttributesW
RemoveDirectoryW
GetFileInformationByHandle
GetDiskFreeSpaceW
FindNextFileW
WriteFile
DeleteFileA
GetFileSize
SetFilePointerEx
GetLogicalDriveStringsW
GetTempFileNameW
GetLongPathNameW
GetDiskFreeSpaceExW
GetFinalPathNameByHandleW
CreateFileA
DeleteFileW
GetFileType
GetDriveTypeW
api-ms-win-core-registry-l1-1-0
RegSetKeySecurity
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegGetValueW
RegEnumValueW
RegOpenKeyExW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
CompareStringOrdinal
api-ms-win-core-heap-l1-1-0
HeapWalk
HeapReAlloc
HeapValidate
GetProcessHeap
HeapSize
HeapFree
HeapCompact
HeapCreate
HeapAlloc
HeapDestroy
api-ms-win-core-synch-l1-1-0
CreateSemaphoreExW
InitializeSRWLock
OpenSemaphoreW
CreateEventW
ReleaseSemaphore
InitializeCriticalSection
OpenEventW
DeleteCriticalSection
WaitForSingleObjectEx
ReleaseMutex
SetEvent
CreateMutexA
EnterCriticalSection
WaitForMultipleObjectsEx
ResetEvent
WaitForSingleObject
AcquireSRWLockExclusive
CreateMutexW
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockExclusive
CreateMutexExW
LeaveCriticalSection
api-ms-win-core-com-l1-1-0
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CLSIDFromString
CoGetMalloc
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentProcessId
CreateProcessA
GetProcessId
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetPriorityClass
GetCurrentThread
CreateProcessW
OpenProcessToken
SetPriorityClass
CreateThread
ExitProcess
OpenThreadToken
GetCurrentProcess
api-ms-win-core-libraryloader-l1-1-0
DisableThreadLibraryCalls
GetModuleFileNameW
GetModuleHandleExW
FreeLibrary
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetModuleFileNameA
LoadLibraryExA
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineW
ExpandEnvironmentStringsW
GetCurrentDirectoryW
GetEnvironmentVariableW
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
api-ms-win-eventing-provider-l1-1-0
EventWriteString
EventRegister
EventWriteTransfer
EventUnregister
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
GetSystemTime
GetComputerNameExW
GetTickCount64
GetLocalTime
GetVersionExA
GetWindowsDirectoryW
GetSystemDirectoryW
GlobalMemoryStatusEx
GetSystemWindowsDirectoryW
GetVersion
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-file-l1-2-0
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
GetTempPathW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetErrorMode
RaiseException
SetErrorMode
GetLastError
SetLastError
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
LocalFree
GlobalSize
GlobalLock
api-ms-win-core-kernel32-legacy-l1-1-0
CopyFileW
MoveFileW
WaitForMultipleObjects
GlobalMemoryStatus
CreateFileMappingA
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
WakeAllConditionVariable
SleepConditionVariableSRW
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
crypt32
CertVerifyCertificateChainPolicy
CryptStringToBinaryW
CryptHashCertificate2
rpcrt4
I_RpcMapWin32Status
UuidFromStringW
RpcStringFreeW
UuidToStringW
UuidCreate
oleaut32
SysAllocString
SystemTimeToVariantTime
SysFreeString
VariantTimeToSystemTime
bcrypt
BCryptHashData
BCryptCreateHash
BCryptGetProperty
BCryptCloseAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptOpenAlgorithmProvider
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW
DebugBreak
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
api-ms-win-core-file-l2-1-0
CopyFileExW
MoveFileExW
GetFileInformationByHandleEx
api-ms-win-core-version-l1-1-0
GetFileVersionInfoSizeExW
GetFileVersionInfoExW
VerQueryValueW
api-ms-win-core-io-l1-1-0
GetOverlappedResult
DeviceIoControl
api-ms-win-core-shutdown-l1-1-0
InitiateSystemShutdownExW
wintrust
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-registry-l2-1-0
RegDeleteKeyW
api-ms-win-core-heap-l2-1-0
GlobalAlloc
GlobalFree
api-ms-win-security-provider-l1-1-0
SetSecurityInfo
xmllite
CreateXmlReader
api-ms-win-core-localization-obsolete-l1-2-0
LCIDToLocaleName
api-ms-win-core-localization-l1-2-0
ResolveLocaleName
FormatMessageW
GetLocaleInfoW
api-ms-win-core-memory-l1-1-0
VirtualFree
VirtualProtect
VirtualAlloc
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
api-ms-win-core-privateprofile-l1-1-0
GetPrivateProfileStringW
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpW
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
api-ms-win-core-shlwapi-legacy-l1-1-0
PathMatchSpecW
api-ms-win-shcore-stream-l1-1-0
SHCreateMemStream
api-ms-win-eventing-controller-l1-1-0
EnableTraceEx2
ControlTraceW
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureStackBackTrace
api-ms-win-devices-config-l1-1-1
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_PropertyW
CM_Get_Device_Interface_List_SizeW
api-ms-win-core-errorhandling-l1-1-2
RaiseFailFastException
api-ms-win-security-cryptoapi-l1-1-0
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptDestroyHash
CryptReleaseContext
Exports
Exports
CreateDeploymentSession
CreateDeploymentSessionEx
CreateOfflineDeploymentSession
UA_CommitActionList
UA_CreateActionList
UA_CreateDownloadList
UA_CreateDownloadListFromActionList
UA_CreatePackageListFromDownloadList
UA_InstallActionList
UA_ReleaseDownloadList
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 673KB - Virtual size: 672KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 31KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wsecedit.dll.dll windows:10 windows x64 arch:x64
968ee6f44c63a9a71c37418f0cefc3dc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
wsecedit.pdb
Imports
mfc42u
ord6351
ord337
ord3531
ord3911
ord1056
ord4523
ord3419
ord3397
ord4602
ord2902
ord4485
ord6738
ord655
ord1059
ord4582
ord1749
ord2393
ord4424
ord6102
ord2586
ord4741
ord3743
ord1774
ord6801
ord2425
ord2024
ord4543
ord2592
ord4746
ord3805
ord3774
ord310
ord826
ord4027
ord2922
ord5980
ord2898
ord567
ord1005
ord6543
ord6223
ord3872
ord3754
ord1043
ord629
ord599
ord6734
ord4481
ord2909
ord372
ord2518
ord3598
ord1035
ord3867
ord996
ord3894
ord1441
ord371
ord877
ord5602
ord3440
ord5807
ord1977
ord5905
ord464
ord5880
ord1658
ord4328
ord3256
ord6823
ord5912
ord4548
ord1949
ord663
ord1066
ord2753
ord4550
ord1123
ord6054
ord5066
ord3180
ord4599
ord3920
ord3652
ord1443
ord1830
ord4553
ord5226
ord5244
ord4720
ord5426
ord4968
ord5123
ord5083
ord4967
ord4996
ord5487
ord6531
ord6533
ord4131
ord4127
ord4130
ord3953
ord6612
ord4257
ord4262
ord6395
ord2422
ord2023
ord4542
ord2589
ord4743
ord3751
ord832
ord2593
ord4747
ord3501
ord3806
ord912
ord6385
ord408
ord904
ord2106
ord4722
ord4699
ord1906
ord551
ord999
ord549
ord3517
ord3868
ord336
ord851
ord1646
ord6577
ord6238
ord2776
ord2461
ord613
ord1036
ord2133
ord6379
ord6455
ord6457
ord5990
ord1082
ord288
ord812
ord1544
ord1586
ord1555
ord1583
ord1585
ord355
ord1477
ord1553
ord1416
ord1491
ord1577
ord2329
ord1033
ord3892
ord3535
ord5712
ord1778
ord6440
ord2371
ord6418
ord6767
ord2384
ord2328
ord6226
ord6614
ord2094
ord4721
ord5245
ord5702
ord624
ord5229
ord3761
ord4217
ord6328
ord6147
ord5077
ord4557
ord339
ord2857
ord2801
ord621
ord1286
ord2845
ord2784
ord2859
ord6813
ord4836
ord2559
ord2515
ord6071
ord4191
ord1388
ord5615
ord2412
ord3468
ord5722
ord5724
ord4368
ord5065
ord5730
ord5711
ord6053
ord3534
ord4983
ord4770
ord3916
ord1426
ord2752
ord4214
ord1063
ord659
ord5584
ord5585
ord5583
ord5304
ord5114
ord5382
ord5352
ord5246
ord5709
ord5227
ord5687
ord5406
ord6437
ord4365
ord1777
ord4752
ord5663
ord2399
ord5586
ord6812
ord4694
ord4017
ord4789
ord2670
ord2060
ord6814
ord3933
ord5484
ord1736
ord5683
ord2140
ord5699
ord3049
ord3243
ord3362
ord4815
ord3231
ord3366
ord3052
ord3166
ord3046
ord4082
ord4083
ord4077
ord3164
ord4371
ord4988
ord4771
ord2049
ord5804
ord6821
ord4161
ord2459
ord2121
ord2876
ord6184
ord5815
ord6832
ord6880
ord1287
ord5979
ord2979
ord6050
ord2846
ord6632
ord4436
ord1442
ord1284
ord1264
ord2474
ord1657
ord1067
ord665
ord1259
ord1262
ord2411
ord6708
ord6705
ord6216
ord5887
ord1003
ord561
ord6021
ord2783
ord2676
ord1677
ord2975
ord2781
ord1498
ord2517
ord2457
ord1405
ord1463
ord1647
ord1537
ord2178
ord1479
ord1122
ord2629
ord3740
ord2906
ord3790
ord3830
ord286
ord1574
ord2427
ord2408
ord1499
ord2856
ord4521
ord287
ord4473
ord867
ord911
ord822
ord3177
ord2661
ord852
ord1126
ord620
ord626
ord1040
ord5725
msvcrt
_purecall
malloc
_wtol
free
_wfindfirst
_findclose
wcsncpy_s
vswprintf_s
_wsetlocale
_snwprintf_s
_vsnwprintf
memcpy_s
_vsnprintf_s
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_wcslwr
memmove_s
_wchdir
_wcsnicmp
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBD@Z
wcstoul
wcsnlen
_callnewh
_CxxThrowException
_XcptFilter
_amsg_exit
_initterm
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
??0exception@@QEAA@AEBV0@@Z
swprintf_s
_onexit
__RTDynamicCast
memcmp
memcpy
wcschr
wcscat_s
wcscpy_s
_wfindnext
_wcsicmp
__C_specific_handler
__CxxFrameHandler3
?terminate@@YAXXZ
_wtoi
memset
atl
ord21
ord16
ord32
ord15
kernel32
TryEnterCriticalSection
CreateDirectoryW
LockResource
LoadResource
SizeofResource
FindResourceW
GetUserDefaultLangID
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentProcess
GetCurrentThread
CreateFileW
ExpandEnvironmentStringsW
GetThreadUILanguage
GetTempFileNameW
GetTempPathW
MultiByteToWideChar
SetFilePointer
ReadFile
CreateThread
CloseHandle
OutputDebugStringW
GetModuleHandleW
LoadLibraryExW
GetFileAttributesW
GlobalUnlock
GlobalLock
GetWindowsDirectoryW
GetSystemWindowsDirectoryW
CompareStringW
LocalUnlock
LocalLock
lstrlenW
LocalAlloc
InitializeCriticalSection
FreeLibrary
FindClose
FindFirstFileW
FormatMessageW
SetCurrentDirectoryW
DeleteFileW
GlobalAlloc
DeleteCriticalSection
GlobalFree
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
lstrcmpW
LocalFree
GetProcAddress
LoadLibraryW
GetLastError
QueryActCtxW
DeactivateActCtx
FindActCtxSectionStringW
GetModuleFileNameW
OutputDebugStringA
GetModuleHandleExW
SetLastError
ActivateActCtx
CreateActCtxW
GetExitCodeThread
LocalReAlloc
GetConsoleOutputCP
WritePrivateProfileSectionW
WritePrivateProfileStringW
TlsSetValue
GetCurrentThreadId
GetModuleFileNameA
DebugBreak
IsDebuggerPresent
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseSemaphore
ReleaseMutex
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
WaitForSingleObjectEx
InitializeCriticalSectionEx
WaitForSingleObject
OpenSemaphoreW
CreateThreadpoolTimer
GetCurrentProcessId
CreateMutexExW
CreateSemaphoreExW
CreateEventW
SetEvent
Sleep
WideCharToMultiByte
CreateProcessW
CopyFileW
GetVersionExW
FreeLibraryAndExitThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
WriteFile
ReleaseActCtx
ResolveDelayLoadedAPI
DelayLoadFailureHook
user32
WinHelpW
GetWindowRect
IsWindowVisible
GetDlgItem
GetParent
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
LoadIconW
EnableWindow
SendMessageW
SetWindowTextW
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
LoadImageW
PostThreadMessageW
RegisterClipboardFormatW
MessageBoxW
LoadStringW
CreateWindowExW
DrawTextW
DestroyIcon
IsWindow
RedrawWindow
SetClipboardData
EmptyClipboard
SetCursor
SendDlgItemMessageW
DrawFocusRect
GetSysColor
GetSysColorBrush
FrameRect
InflateRect
SetScrollRange
MoveWindow
DestroyWindow
SetWindowLongPtrW
SetWindowPos
GetSystemMetrics
GetClientRect
SetScrollInfo
ChildWindowFromPointEx
GetWindowLongW
ScrollWindow
SetScrollPos
GetScrollInfo
DefWindowProcW
SetFocus
GetFocus
GetWindowLongPtrW
GetDlgCtrlID
MapWindowPoints
GetMessagePos
IsWindowEnabled
MapDialogRect
RegisterClassW
LoadCursorW
ShowWindow
BringWindowToTop
ReleaseDC
GetDC
PostMessageW
SystemParametersInfoW
GetWindow
PtInRect
oleaut32
SysAllocString
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
VariantInit
SysFreeString
SafeArrayUnaccessData
VariantClear
SafeArrayAccessData
ole32
CoUninitialize
CoCreateInstance
CoInitialize
CoSetProxyBlanket
CoTaskMemFree
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
advapi32
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
IsTextUnicode
RegQueryValueExW
LookupPrivilegeDisplayNameW
GetSecurityDescriptorControl
GetSecurityDescriptorLength
MakeSelfRelativeSD
RegQueryInfoKeyW
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
LookupAccountNameW
ConvertSidToStringSidW
CreateWellKnownSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
IsValidSecurityDescriptor
LookupAccountSidW
LsaOpenPolicy
LsaQueryInformationPolicy
GetLengthSid
CopySid
LsaFreeMemory
LsaClose
IsValidSid
GetSidSubAuthorityCount
AddAccessAllowedAce
MakeAbsoluteSD
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetAce
GetSecurityDescriptorGroup
SetSecurityDescriptorGroup
InitializeAcl
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorDacl
MapGenericMask
LsaLookupSids
GetSidSubAuthority
GetSidIdentifierAuthority
gdi32
SetTextColor
SetBkColor
SetMapMode
GetTextColor
GetBkColor
CreateFontIndirectW
DeleteObject
GetTextExtentPoint32W
SelectObject
SetBkMode
shell32
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
shlwapi
ord487
ord439
StrToIntW
scecli
SceRollbackTransaction
SceGetObjectChildren
SceFreeMemory
SceLookupPrivRightName
SceCreateDirectory
SceWriteSecurityProfileInfo
SceAddToNameStatusList
SceOpenProfile
SceStartTransaction
SceAnalyzeSystem
SceConfigureSystem
SceGetScpProfileDescription
SceGetServerProductType
SceUpdateObjectInfo
SceAddToNameList
SceSvcGetInformationTemplate
SceSvcQueryInfo
SceSvcFree
SceUpdateSecurityProfile
SceSvcUpdateInfo
SceSvcSetInformationTemplate
SceCompareNameList
SceEnumerateServices
SceCompareSecurityDescriptors
SceGetObjectSecurity
SceCopyBaseProfile
SceAppendSecurityProfileInfo
SceCloseProfile
SceGetSecurityProfileInfo
SceFreeProfileMemory
SceCommitTransaction
SceSvcConvertTextToSD
netutils
NetApiBufferFree
logoncli
DsGetDcNameW
setupapi
SetupOpenInfFileW
SetupGetLineTextW
SetupFindNextLine
SetupCloseInfFile
SetupFindFirstLineW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
InvokeCAPEACLEditor
TranslateAceMasksAndCondition
Sections
.text Size: 384KB - Virtual size: 383KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 220KB - Virtual size: 219KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 783KB - Virtual size: 783KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wsp_fs.dll.dll regsvr32 windows:10 windows x64 arch:x64
730bc281970e377cf715915182b6b624
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
wsp_fs.pdb
Imports
ntdll
RtlVirtualUnwind
RtlUnwindEx
RtlPcToFileHeader
RtlNtStatusToDosError
NtQuerySystemInformation
RtlCaptureContext
RtlRemoveVectoredExceptionHandler
RtlLookupFunctionEntry
RtlIpv4StringToAddressExW
RtlIpv6StringToAddressExW
RtlEnumerateGenericTableAvl
RtlEnumerateGenericTableWithoutSplayingAvl
RtlInsertElementGenericTableAvl
RtlLookupElementGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlInitializeGenericTableAvl
api-ms-win-core-sysinfo-l1-1-0
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetComputerNameExW
GetTickCount64
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameW
LoadStringW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetModuleFileNameA
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventUnregister
EventWriteTransfer
EventActivityIdControl
EventSetInformation
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-processthreads-l1-1-0
SetThreadToken
GetStartupInfoW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
OpenThreadToken
ExitProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsFree
OpenProcessToken
TerminateProcess
TlsSetValue
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-heap-l1-1-0
HeapReAlloc
HeapSize
HeapFree
HeapAlloc
GetProcessHeap
api-ms-win-core-synch-l1-1-0
ReleaseSRWLockShared
CreateMutexExW
AcquireSRWLockShared
CreateEventW
OpenSemaphoreW
SetEvent
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
AcquireSRWLockExclusive
EnterCriticalSection
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
ResetEvent
CreateSemaphoreExW
InitializeSRWLock
ReleaseSemaphore
ReleaseMutex
WaitForSingleObject
api-ms-win-core-processenvironment-l1-1-0
GetEnvironmentStringsW
GetCommandLineA
FreeEnvironmentStringsW
GetCommandLineW
SetStdHandle
GetStdHandle
GetEnvironmentVariableW
api-ms-win-core-file-l1-1-0
FindClose
FindNextVolumeW
FindFirstVolumeW
CreateFileW
SetFilePointerEx
GetFileAttributesW
CreateDirectoryW
FindNextFileW
GetVolumeInformationW
GetFileType
WriteFile
RemoveDirectoryW
FlushFileBuffers
GetVolumePathNameW
GetDiskFreeSpaceExW
FindVolumeClose
FindFirstFileW
FindFirstFileExW
GetDriveTypeW
api-ms-win-core-string-l1-1-0
GetStringTypeW
CompareStringOrdinal
WideCharToMultiByte
CompareStringEx
MultiByteToWideChar
CompareStringW
api-ms-win-core-localization-l1-2-0
GetCPInfo
GetOEMCP
LCMapStringEx
FormatMessageA
FormatMessageW
GetACP
IsValidCodePage
EnumSystemLocalesW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
api-ms-win-core-console-l1-1-0
WriteConsoleW
GetConsoleCP
GetConsoleMode
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-interlocked-l1-1-0
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead
api-ms-win-core-fibers-l1-1-0
FlsSetValue
FlsAlloc
FlsGetValue
FlsFree
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-security-base-l1-1-0
GetTokenInformation
DuplicateTokenEx
IsValidAcl
GetAclInformation
GetAce
AddAce
InitializeAcl
GetLengthSid
AddAccessAllowedAceEx
AddAccessDeniedAceEx
DeleteAce
FreeSid
IsValidSid
EqualSid
MakeAbsoluteSD
CopySid
ImpersonateLoggedOnUser
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
ConvertStringSidToSidW
api-ms-win-security-lsalookup-l2-1-0
LookupAccountSidW
LookupAccountNameW
api-ms-win-security-provider-l1-1-0
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
netapi32
NetApiBufferFree
DsGetDcNameW
clusapi
GetClusterFromResource
CloseClusterNetInterface
CloseClusterNetwork
CloseClusterResource
CloseClusterGroup
MoveClusterGroup
DestroyCluster
CloseClusterNode
CloseCluster
ClusterOpenEnumEx
GetClusterNodeKey
OpenClusterNode
ClusterGetEnumCount
ClusterCloseEnum
OpenClusterResource
ClusterEnum
ClusterOpenEnum
OpenCluster
ClusterRegCloseKey
GetClusterResourceKey
GetClusterKey
ClusterRegSetValue
ClusterRegQueryValue
GetClusterNotifyV2
RegisterClusterResourceTypeNotifyV2
CreateClusterNotifyPortV2
CCHlpCreateClusterNameInAD
CCHlpConfigureNode
CreateCluster
CCHlpGetDNSHostLabel
GetNodeClusterState
DeleteClusterResourceType
ClusterResourceTypeControl
GetClusterNetInterfaceState
ClusterNetInterfaceControl
OpenClusterNetInterfaceEx
GetClusterNetworkState
ClusterNetworkControl
SetClusterNetworkName
OpenClusterNetworkEx
EvictClusterNodeEx
ResumeClusterNodeEx
PauseClusterNodeEx
GetClusterNodeState
ClusterNodeControl
OpenClusterNodeEx
CreateClusterResource
SetClusterGroupNodeList
SetClusterGroupName
CancelClusterGroupOperation
MoveClusterGroupEx
OnlineClusterGroupEx
OfflineClusterGroupEx
DeleteClusterGroup
DestroyClusterGroup
GetClusterGroupState
ClusterGroupControl
OpenClusterGroupEx
RemoveClusterResourceNode
AddClusterResourceNode
FailClusterResource
RestartClusterResource
SetClusterResourceDependencyExpression
GetClusterResourceDependencyExpression
RemoveClusterResourceDependency
AddClusterResourceDependency
ChangeClusterResourceGroup
OnlineClusterResourceEx
OfflineClusterResourceEx
DeleteClusterResource
GetClusterResourceState
SetClusterResourceName
ClusterResourceControl
OpenClusterResourceEx
ClusterUpgradeFunctionalLevel
CCHlpAddNodeUpdateCluster
CCHlpGetClusterServiceSecret
CreateClusterResourceType
CreateClusterGroupEx
SetClusterName
SetClusterQuorumResource
RemoveResourceFromClusterSharedVolumes
AddResourceToClusterSharedVolumes
ClusterControl
GetClusterQuorumResource
GetClusterInformation
AddClusterNode
OpenClusterEx
CloseClusterNotifyPort
ClusterNetworkCloseEnum
ClusterResourceTypeCloseEnum
ClusterResourceCloseEnum
ClusterGroupCloseEnum
ClusterCloseEnumEx
ClusterNodeCloseEnumEx
ClusterGroupCloseEnumEx
ClusterResourceCloseEnumEx
ClusterResourceGetEnumCountEx
ClusterResourceEnumEx
ClusterResourceOpenEnumEx
ClusterGroupGetEnumCountEx
ClusterGroupEnumEx
ClusterGroupOpenEnumEx
ClusterGroupGetEnumCount
ClusterGroupEnum
ClusterGroupOpenEnum
ClusterNetworkGetEnumCount
ClusterNetworkEnum
ClusterNetworkOpenEnum
ClusterResourceGetEnumCount
ClusterResourceEnum
ClusterResourceOpenEnum
ClusterResourceTypeGetEnumCount
ClusterResourceTypeEnum
ClusterResourceTypeOpenEnum
ClusterNodeGetEnumCountEx
ClusterNodeEnumEx
ClusterNodeOpenEnumEx
ClusterGetEnumCountEx
ClusterEnumEx
mispace
WspProviderEnter
WspEnumerateRemoteInstances
WspProviderExit
WspIsRemoteInstance
WspGetRemoteInstance
WspInvokeRemoteMethod
WspReferencesOfRemoteInstance
WspGetSubsystemFilter
WspFreeString
WspPackObjectId
WspUnpackObjectId
ws2_32
FreeAddrInfoW
GetAddrInfoW
htons
WSAGetLastError
WSAStringToAddressW
WSAAddressToStringW
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceExecuteOnce
InitOnceInitialize
api-ms-win-core-registry-l1-1-0
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-threadpool-l1-2-0
CreateThreadpoolTimer
CreateThreadpoolWork
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolWork
CreateThreadpoolCleanupGroup
SetThreadpoolTimer
SubmitThreadpoolWork
CloseThreadpoolTimer
WaitForThreadpoolWorkCallbacks
WaitForThreadpoolTimerCallbacks
CloseThreadpoolCleanupGroup
api-ms-win-core-com-l1-1-0
CoUninitialize
CoCreateInstanceEx
CoInitializeEx
CoCreateInstance
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
crypt32
CryptUnprotectMemory
CryptProtectMemory
dsrole
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation
api-ms-win-core-file-l1-2-0
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW
iphlpapi
IcmpCreateFile
IcmpSendEcho
Icmp6SendEcho2
Icmp6CreateFile
IcmpCloseHandle
oleaut32
SysAllocString
SysFreeString
dnsapi
DnsFlushResolverCacheEntry_W
api-ms-win-core-threadpool-legacy-l1-1-0
DeleteTimerQueueEx
api-ms-win-core-heap-obsolete-l1-1-0
LocalSize
cryptsp
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
sscore
SsCoreUninitialize
ntdsapi
DsBindWithCredW
DsUnBindW
mi
mi_clientFT_V1
MI_Application_InitializeV1
wldap32
ord14
ord13
ord18
ord140
ord97
ord224
ord73
ord79
ord26
ord41
ord203
ord145
ord142
ord88
api-ms-win-security-activedirectoryclient-l1-1-0
DsCrackNamesW
DsFreeNameResultW
DsFreePasswordCredentials
resutils
ResUtilGetResourceName
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetProviderClassID
MI_Main
PreShutdown
SetShutdownCallback
SmpUnload
Sections
.text Size: 983KB - Virtual size: 982KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 913KB - Virtual size: 913KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 121KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wsp_health.dll.dll regsvr32 windows:10 windows x64 arch:x64
eccc5a573f94b0d139256f42c310993b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
wsp_health.pdb
Imports
api-ms-win-core-sysinfo-l1-1-0
GetTickCount64
GetComputerNameExW
GetSystemTimeAsFileTime
GetSystemDirectoryW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
SetLastError
RaiseException
UnhandledExceptionFilter
GetLastError
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
FreeLibrary
LoadLibraryExW
LoadStringW
GetModuleHandleW
GetModuleFileNameW
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventActivityIdControl
EventUnregister
EventWriteTransfer
EventSetInformation
api-ms-win-core-processthreads-l1-1-0
TlsGetValue
TlsAlloc
GetCurrentThreadId
TlsSetValue
GetCurrentThread
GetStartupInfoW
TerminateProcess
OpenThreadToken
GetCurrentProcess
ExitProcess
OpenProcessToken
GetCurrentProcessId
TlsFree
SetThreadToken
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-heap-l1-1-0
HeapReAlloc
HeapAlloc
GetProcessHeap
HeapFree
HeapSize
api-ms-win-core-synch-l1-1-0
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseSemaphore
CreateSemaphoreExW
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OpenSemaphoreW
ReleaseMutex
ReleaseSRWLockShared
AcquireSRWLockShared
InitializeSRWLock
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
EnterCriticalSection
InitializeCriticalSection
CreateMutexExW
InitializeCriticalSectionEx
api-ms-win-core-processenvironment-l1-1-0
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetStdHandle
api-ms-win-core-file-l1-1-0
FindFirstFileExW
FindNextFileW
SetFilePointerEx
FileTimeToLocalFileTime
FindClose
CreateFileW
GetFileType
WriteFile
FlushFileBuffers
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
CompareStringW
CompareStringEx
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
api-ms-win-core-localization-l1-2-0
GetOEMCP
GetCPInfo
LCMapStringEx
FormatMessageW
GetACP
LCMapStringW
GetLocaleInfoW
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
FormatMessageA
IsValidLocale
api-ms-win-core-console-l1-1-0
GetConsoleCP
GetConsoleMode
WriteConsoleW
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-interlocked-l1-1-0
InterlockedPopEntrySList
InitializeSListHead
InterlockedPushEntrySList
InterlockedFlushSList
api-ms-win-core-fibers-l1-1-0
FlsGetValue
FlsFree
FlsSetValue
FlsAlloc
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
ntdll
RtlInitializeGenericTableAvl
NtQuerySystemInformation
RtlIpv4StringToAddressExW
RtlIpv6StringToAddressExW
RtlDeleteElementGenericTableAvl
RtlLookupElementGenericTableAvl
RtlInsertElementGenericTableAvl
RtlEnumerateGenericTableWithoutSplayingAvl
RtlEnumerateGenericTableAvl
RtlNtStatusToDosError
RtlRemoveVectoredExceptionHandler
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-security-base-l1-1-0
GetTokenInformation
DuplicateTokenEx
ImpersonateLoggedOnUser
GetLengthSid
IsValidSid
CopySid
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-security-lsalookup-l2-1-0
LookupAccountSidW
api-ms-win-security-provider-l1-1-0
GetSecurityInfo
mispace
WspGetSubsystemFilter
WspReferencesOfRemoteInstance
WspPackObjectId
WspUnpackObjectId
WspInvokeRemoteMethod
WspGetRemoteInstance
WspProviderEnter
WspEnumerateRemoteInstances
WspGetClassName
WspProviderExit
WspFreeString
WspIsRemoteInstance
api-ms-win-core-synch-l1-2-0
InitOnceInitialize
InitOnceExecuteOnce
Sleep
api-ms-win-core-registry-l1-1-0
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-threadpool-l1-2-0
CreateThreadpoolTimer
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolCleanupGroup
CreateThreadpoolCleanupGroup
CloseThreadpoolWork
CreateThreadpoolWork
api-ms-win-core-com-l1-1-0
CoInitializeEx
CoCreateInstance
CoCreateInstanceEx
CoUninitialize
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
crypt32
CryptUnprotectMemory
CryptProtectMemory
oleaut32
SysFreeString
SysAllocString
clusapi
EvictClusterNodeEx
ResumeClusterNodeEx
PauseClusterNodeEx
GetClusterNodeState
ClusterNodeControl
OpenClusterNodeEx
CreateClusterResource
SetClusterGroupNodeList
SetClusterGroupName
CancelClusterGroupOperation
MoveClusterGroupEx
OnlineClusterGroupEx
OfflineClusterGroupEx
DeleteClusterGroup
DestroyClusterGroup
GetClusterGroupState
ClusterGroupControl
OpenClusterGroupEx
RemoveClusterResourceNode
AddClusterResourceNode
FailClusterResource
RestartClusterResource
SetClusterResourceDependencyExpression
GetClusterResourceDependencyExpression
RemoveClusterResourceDependency
AddClusterResourceDependency
ChangeClusterResourceGroup
OnlineClusterResourceEx
OfflineClusterResourceEx
DeleteClusterResource
GetClusterResourceState
SetClusterResourceName
ClusterResourceControl
OpenClusterResourceEx
ClusterUpgradeFunctionalLevel
CCHlpAddNodeUpdateCluster
CCHlpGetClusterServiceSecret
DestroyCluster
CreateClusterResourceType
CreateClusterGroupEx
SetClusterName
SetClusterQuorumResource
RemoveResourceFromClusterSharedVolumes
AddResourceToClusterSharedVolumes
ClusterControl
GetClusterQuorumResource
GetClusterInformation
AddClusterNode
OpenClusterEx
CloseClusterNotifyPort
ClusterNetworkCloseEnum
ClusterResourceTypeCloseEnum
ClusterResourceCloseEnum
ClusterGroupCloseEnum
ClusterCloseEnumEx
ClusterNodeCloseEnumEx
ClusterGroupCloseEnumEx
ClusterResourceCloseEnumEx
ClusterResourceGetEnumCountEx
ClusterResourceEnumEx
ClusterResourceOpenEnumEx
ClusterGroupGetEnumCountEx
ClusterGroupEnumEx
ClusterGroupOpenEnumEx
ClusterGroupGetEnumCount
OpenClusterNetworkEx
ClusterGroupOpenEnum
ClusterNetworkGetEnumCount
ClusterNetworkEnum
ClusterNetworkOpenEnum
ClusterResourceGetEnumCount
ClusterResourceEnum
ClusterResourceOpenEnum
ClusterResourceTypeGetEnumCount
ClusterResourceTypeEnum
ClusterResourceTypeOpenEnum
ClusterNodeGetEnumCountEx
ClusterNodeEnumEx
ClusterNodeOpenEnumEx
ClusterGetEnumCountEx
ClusterEnumEx
ClusterOpenEnumEx
CloseCluster
CloseClusterNode
CloseClusterGroup
CloseClusterResource
CloseClusterNetwork
CloseClusterNetInterface
SetClusterNetworkName
GetClusterNetInterfaceState
ClusterResourceTypeControl
DeleteClusterResourceType
GetNodeClusterState
CCHlpGetDNSHostLabel
CreateCluster
ClusterNetworkControl
GetClusterNetworkState
CCHlpConfigureNode
OpenClusterNetInterfaceEx
CCHlpCreateClusterNameInAD
CreateClusterNotifyPortV2
RegisterClusterResourceTypeNotifyV2
ClusterCloseEnum
GetClusterNotifyV2
ClusterRegQueryValue
ClusterRegSetValue
GetClusterNodeKey
OpenClusterNode
ClusterGetEnumCount
ClusterOpenEnum
ClusterEnum
MoveClusterGroup
GetClusterFromResource
OpenClusterResource
GetClusterKey
GetClusterResourceKey
ClusterRegCloseKey
ClusterGroupEnum
ClusterNetInterfaceControl
api-ms-win-core-threadpool-legacy-l1-1-0
DeleteTimerQueueEx
api-ms-win-core-heap-obsolete-l1-1-0
LocalSize
cryptsp
CryptGenRandom
CryptAcquireContextW
CryptReleaseContext
sscore
SsCoreUninitialize
ws2_32
WSAGetLastError
htons
WSAAddressToStringW
WSAStringToAddressW
resutils
ResUtilGetResourceName
mi
mi_clientFT_V1
MI_Application_InitializeV1
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetProviderClassID
MI_Main
PreShutdown
SetShutdownCallback
SmpUnload
Sections
.text Size: 780KB - Virtual size: 780KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 800KB - Virtual size: 800KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 102KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wsp_sr.dll.dll regsvr32 windows:10 windows x64 arch:x64
4f7302012ba21175a8a20059d7ce3580
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
wsp_sr.pdb
Imports
msvcrt
_wcsdup
__crtLCMapStringW
_get_current_locale
_free_locale
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
__C_specific_handler
abort
memset
_ismbblead
___mb_cur_max_func
calloc
___lc_codepage_func
___lc_handle_func
__pctype_func
__uncaught_exception
setlocale
_errno
memmove
memcpy
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
__ExceptionPtrCurrentException
__ExceptionPtrRethrow
__ExceptionPtrToBool
__ExceptionPtrAssign
__ExceptionPtrCopy
__ExceptionPtrDestroy
__ExceptionPtrCreate
??0exception@@QEAA@XZ
_wcstoui64
wcstoul
wcsstr
_wcsicmp
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
_purecall
??3@YAXPEAX@Z
__CxxFrameHandler3
_onexit
__dllonexit
_initterm
_amsg_exit
_XcptFilter
malloc
free
_unlock
_lock
swprintf_s
toupper
api-ms-win-core-sysinfo-l1-1-0
GetSystemDirectoryW
GetTickCount
GetComputerNameExW
GetSystemTimeAsFileTime
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
LoadLibraryExW
api-ms-win-core-synch-l1-2-0
WakeAllConditionVariable
SleepConditionVariableSRW
Sleep
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
GetCurrentProcessId
CreateThread
GetCurrentThreadId
TerminateProcess
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
mispace
WspInvokeRemoteMethod
WspProviderEnter
WspIsRemoteInstance
WspGetRemoteInstance
WspFreeString
WspGetSubsystemFilter
WspProviderExit
WspEnumerateRemoteInstances
WspReferencesOfRemoteInstance
WspUnpackObjectId
WspPackObjectId
api-ms-win-core-synch-l1-1-0
WaitForSingleObject
InitializeSRWLock
CreateEventW
SetEvent
ReleaseSRWLockExclusive
InitializeCriticalSectionEx
AcquireSRWLockShared
ReleaseSRWLockShared
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
AcquireSRWLockExclusive
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-eventing-controller-l1-1-0
ControlTraceW
StartTraceW
StopTraceW
EnableTraceEx2
api-ms-win-eventing-consumer-l1-1-0
OpenTraceW
CloseTrace
ProcessTrace
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-localization-l1-2-0
FormatMessageA
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
ntdll
RtlStringFromGUID
RtlInitUnicodeString
RtlFreeUnicodeString
RtlGUIDFromString
mi
MI_Application_InitializeV1
mi_clientFT_V1
clusapi
GetClusterNotifyV2
CloseCluster
RegisterClusterResourceTypeNotifyV2
OpenCluster
CreateClusterNotifyPortV2
GetNodeClusterState
GetClusterInformation
CloseClusterNotifyPort
tdh
TdhFormatProperty
TdhGetPropertySize
TdhGetEventInformation
TdhGetEventMapInformation
TdhGetProperty
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetProviderClassID
MI_Main
PreShutdown
SetShutdownCallback
SmpUnload
Sections
.text Size: 226KB - Virtual size: 226KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 560KB - Virtual size: 559KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 75KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 49KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ