WMI.dll

Description:

Authors:

Version:

Architecture: 32-bit

Operating System:

SHA256: e0ccc94c1f94be1c77da53bea26bc41e

File Size: 110.5 KB

Uploaded At: April 27, 2026, 9:41 a.m.

Views: 33

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess, CreateRemoteThread, WriteProcessMemory, VirtualAllocEx

Exported Functions

  • InjectDLL (Ordinal: 1, Address: 0x1050)

Imported DLLs & Functions

KERNEL32.dll
  • CloseHandle (Address: 0x1001401c)
  • CreateFileW (Address: 0x10014030)
  • CreateRemoteThread (Address: 0x10014028)
  • DecodePointer (Address: 0x10014138)
  • DeleteCriticalSection (Address: 0x1001407c)
  • DisableThreadLibraryCalls (Address: 0x10014018)
  • EncodePointer (Address: 0x1001409c)
  • EnterCriticalSection (Address: 0x10014074)
  • ExitProcess (Address: 0x100140a4)
  • FindClose (Address: 0x100140c0)
  • FindFirstFileExW (Address: 0x100140c4)
  • FindNextFileW (Address: 0x100140c8)
  • FlsAlloc (Address: 0x100140f4)
  • FlsFree (Address: 0x10014100)
  • FlsGetValue (Address: 0x100140f8)
  • FlsSetValue (Address: 0x100140fc)
  • FlushFileBuffers (Address: 0x10014128)
  • FreeEnvironmentStringsW (Address: 0x100140f0)
  • FreeLibrary (Address: 0x10014094)
  • GetACP (Address: 0x100140d0)
  • GetCommandLineA (Address: 0x100140dc)
  • GetCommandLineW (Address: 0x100140e0)
  • GetConsoleMode (Address: 0x10014134)
  • GetConsoleOutputCP (Address: 0x10014130)
  • GetCPInfo (Address: 0x100140d8)
  • GetCurrentProcess (Address: 0x1001403c)
  • GetCurrentProcessId (Address: 0x1001404c)
  • GetCurrentThreadId (Address: 0x10014050)
  • GetEnvironmentStringsW (Address: 0x100140ec)
  • GetFileAttributesA (Address: 0x10014014)
  • GetFileType (Address: 0x100140bc)
  • GetLastError (Address: 0x10014010)
  • GetModuleFileNameW (Address: 0x100140ac)
  • GetModuleHandleA (Address: 0x10014008)
  • GetModuleHandleExW (Address: 0x100140a8)
  • GetModuleHandleW (Address: 0x10014064)
  • GetOEMCP (Address: 0x100140d4)
  • GetProcAddress (Address: 0x10014020)
  • GetProcessHeap (Address: 0x10014110)
  • GetStartupInfoW (Address: 0x10014060)
  • GetStdHandle (Address: 0x100140b8)
  • GetStringTypeW (Address: 0x10014118)
  • GetSystemTimeAsFileTime (Address: 0x10014054)
  • HeapAlloc (Address: 0x100140b4)
  • HeapFree (Address: 0x100140b0)
  • HeapReAlloc (Address: 0x10014124)
  • HeapSize (Address: 0x10014120)
  • InitializeCriticalSectionAndSpinCount (Address: 0x10014080)
  • InitializeCriticalSectionEx (Address: 0x10014104)
  • InitializeSListHead (Address: 0x10014058)
  • InterlockedFlushSList (Address: 0x10014068)
  • IsDebuggerPresent (Address: 0x1001405c)
  • IsProcessorFeaturePresent (Address: 0x10014044)
  • IsValidCodePage (Address: 0x100140cc)
  • LCMapStringW (Address: 0x1001410c)
  • LeaveCriticalSection (Address: 0x10014078)
  • LoadLibraryExW (Address: 0x10014098)
  • MultiByteToWideChar (Address: 0x100140e4)
  • OpenProcess (Address: 0x1001400c)
  • QueryPerformanceCounter (Address: 0x10014048)
  • RaiseException (Address: 0x100140a0)
  • RtlUnwind (Address: 0x1001406c)
  • SetFilePointerEx (Address: 0x10014114)
  • SetLastError (Address: 0x10014070)
  • SetStdHandle (Address: 0x1001411c)
  • SetUnhandledExceptionFilter (Address: 0x10014038)
  • TerminateProcess (Address: 0x10014040)
  • TlsAlloc (Address: 0x10014084)
  • TlsFree (Address: 0x10014090)
  • TlsGetValue (Address: 0x10014088)
  • TlsSetValue (Address: 0x1001408c)
  • UnhandledExceptionFilter (Address: 0x10014034)
  • VirtualAllocEx (Address: 0x10014024)
  • VirtualFreeEx (Address: 0x1001402c)
  • VirtualProtect (Address: 0x10014108)
  • WaitForSingleObject (Address: 0x10014004)
  • WideCharToMultiByte (Address: 0x100140e8)
  • WriteConsoleW (Address: 0x1001413c)
  • WriteFile (Address: 0x1001412c)
  • WriteProcessMemory (Address: 0x10014000)