dwmapi.dll

Description:

Authors:

Version:

Architecture: 64-bit

Operating System:

SHA256: cf49d1e2d3c063c100d06ca6adfdcd6c

File Size: 2.2 MB

Uploaded At: May 16, 2026, 3:23 p.m.

Views: 24

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: VirtualAllocEx, CreateRemoteThread, WriteProcessMemory

Exported Functions

DwmEnableBlurBehindWindow (Ordinal: 1, Address: 0x781b0)
DwmEnableBlurBehindWindow_Stub (Ordinal: 2, Address: 0x781b0)
DwmExtendFrameIntoClientArea (Ordinal: 3, Address: 0x781b0)
DwmExtendFrameIntoClientArea_Stub (Ordinal: 4, Address: 0x781b0)
DwmFlush (Ordinal: 5, Address: 0x781d0)
DwmFlush_Stub (Ordinal: 6, Address: 0x781d0)
DwmGetColorizationColor (Ordinal: 7, Address: 0x781b0)
DwmGetColorizationColor_Stub (Ordinal: 8, Address: 0x781b0)
DwmGetWindowAttribute (Ordinal: 9, Address: 0x781b0)
DwmGetWindowAttribute_Stub (Ordinal: 10, Address: 0x781b0)
DwmIsCompositionEnabled (Ordinal: 11, Address: 0x781c0)
DwmIsCompositionEnabled_Stub (Ordinal: 12, Address: 0x781c0)
DwmSetWindowAttribute (Ordinal: 13, Address: 0x781b0)
DwmSetWindowAttribute_Stub (Ordinal: 14, Address: 0x781b0)

Imported DLLs & Functions

ADVAPI32.dll

ConvertSidToStringSidA (Address: 0x180234060)
CryptAcquireContextA (Address: 0x180234058)
CryptAcquireContextW (Address: 0x180234008)
CryptDecrypt (Address: 0x180234010)
CryptDestroyKey (Address: 0x180234000)
CryptGenRandom (Address: 0x180234068)
CryptImportKey (Address: 0x180234020)
CryptReleaseContext (Address: 0x180234078)
CryptSetKeyParam (Address: 0x180234018)
GetTokenInformation (Address: 0x180234080)
GetUserNameW (Address: 0x180234050)
OpenProcessToken (Address: 0x180234070)
RegCloseKey (Address: 0x180234028)
RegCreateKeyExW (Address: 0x180234038)
RegSetValueExW (Address: 0x180234048)
SetEntriesInAclW (Address: 0x180234030)
SetNamedSecurityInfoW (Address: 0x180234040)

GDI32.dll

CreateFontW (Address: 0x1802340a0)
DeleteObject (Address: 0x180234098)
GetStockObject (Address: 0x180234090)

imagehlp.dll

MapFileAndCheckSumW (Address: 0x180234520)

KERNEL32.dll

AcquireSRWLockExclusive (Address: 0x1802342f0)
CloseHandle (Address: 0x180234210)
CreateDirectoryA (Address: 0x180234188)
CreateFileA (Address: 0x1802341a0)
CreateFileW (Address: 0x1802340f0)
CreateRemoteThread (Address: 0x180234130)
DecodePointer (Address: 0x1802343b0)
DeleteCriticalSection (Address: 0x1802343a0)
DisableThreadLibraryCalls (Address: 0x1802341c8)
EncodePointer (Address: 0x1802343a8)
EnterCriticalSection (Address: 0x180234388)
EnumSystemLocalesW (Address: 0x180234488)
ExitProcess (Address: 0x180234430)
FindClose (Address: 0x1802340e0)
FindFirstFileA (Address: 0x180234160)
FindFirstFileExW (Address: 0x180234270)
FindFirstFileW (Address: 0x1802340b8)
FindNextFileA (Address: 0x180234168)
FindNextFileW (Address: 0x1802340c8)
FlsAlloc (Address: 0x180234448)
FlsFree (Address: 0x180234460)
FlsGetValue (Address: 0x180234450)
FlsSetValue (Address: 0x180234458)
FlushFileBuffers (Address: 0x1802344a0)
FlushInstructionCache (Address: 0x1802342a8)
FreeConsole (Address: 0x1802341b8)
FreeEnvironmentStringsW (Address: 0x180234238)
FreeLibrary (Address: 0x1802342d0)
GetACP (Address: 0x180234260)
GetCommandLineA (Address: 0x180234250)
GetCommandLineW (Address: 0x180234248)
GetConsoleMode (Address: 0x180234418)
GetConsoleOutputCP (Address: 0x180234428)
GetCPInfo (Address: 0x1802343c0)
GetCurrentProcess (Address: 0x180234220)
GetCurrentProcessId (Address: 0x180234200)
GetCurrentThread (Address: 0x1802341f0)
GetCurrentThreadId (Address: 0x180234280)
GetEnvironmentStringsW (Address: 0x180234240)
GetEnvironmentVariableA (Address: 0x1802341d0)
GetEnvironmentVariableW (Address: 0x180234148)
GetFileAttributesW (Address: 0x1802340f8)
GetFileSize (Address: 0x180234118)
GetFileSizeEx (Address: 0x180234490)
GetFileType (Address: 0x180234410)
GetLastError (Address: 0x180234100)
GetLocaleInfoW (Address: 0x180234470)
GetLocalTime (Address: 0x180234190)
GetModuleFileNameA (Address: 0x1802341d8)
GetModuleFileNameW (Address: 0x1802340d8)
GetModuleHandleA (Address: 0x1802341e8)
GetModuleHandleExW (Address: 0x1802340d0)
GetModuleHandleW (Address: 0x1802342d8)
GetOEMCP (Address: 0x180234258)
GetProcAddress (Address: 0x1802341e0)
GetProcessHeap (Address: 0x180234228)
GetStartupInfoW (Address: 0x180234348)
GetStdHandle (Address: 0x180234440)
GetStringTypeW (Address: 0x180234380)
GetSystemFirmwareTable (Address: 0x180234230)
GetSystemTimeAsFileTime (Address: 0x180234358)
GetThreadContext (Address: 0x180234298)
GetTickCount (Address: 0x1802341f8)
GetUserDefaultLCID (Address: 0x180234480)
HeapAlloc (Address: 0x180234108)
HeapFree (Address: 0x180234438)
HeapReAlloc (Address: 0x180234180)
HeapSize (Address: 0x180234170)
InitializeCriticalSectionAndSpinCount (Address: 0x1802343e8)
InitializeCriticalSectionEx (Address: 0x180234398)
InitializeSListHead (Address: 0x180234360)
InitOnceBeginInitialize (Address: 0x180234370)
InitOnceComplete (Address: 0x180234378)
InterlockedFlushSList (Address: 0x1802343e0)
IsDebuggerPresent (Address: 0x180234340)
IsProcessorFeaturePresent (Address: 0x180234338)
IsValidCodePage (Address: 0x180234268)
IsValidLocale (Address: 0x180234478)
IsWow64Process (Address: 0x180234140)
LCMapStringEx (Address: 0x1802343b8)
LCMapStringW (Address: 0x180234468)
LeaveCriticalSection (Address: 0x180234390)
LoadLibraryA (Address: 0x1802341c0)
LoadLibraryExW (Address: 0x1802342e0)
LoadLibraryW (Address: 0x1802341b0)
LocalFree (Address: 0x180234208)
MultiByteToWideChar (Address: 0x180234218)
QueryPerformanceCounter (Address: 0x180234350)
RaiseException (Address: 0x1802343d8)
ReadConsoleW (Address: 0x180234420)
ReadFile (Address: 0x1802340b0)
ReleaseSRWLockExclusive (Address: 0x1802342e8)
ResumeThread (Address: 0x180234290)
RtlCaptureContext (Address: 0x180234308)
RtlLookupFunctionEntry (Address: 0x180234310)
RtlPcToFileHeader (Address: 0x1802343d0)
RtlUnwind (Address: 0x1802344b0)
RtlUnwindEx (Address: 0x1802343c8)
RtlVirtualUnwind (Address: 0x180234318)
SetEndOfFile (Address: 0x180234278)
SetFilePointer (Address: 0x180234198)
SetFilePointerEx (Address: 0x180234498)
SetLastError (Address: 0x1802342c8)
SetStdHandle (Address: 0x1802344a8)
SetThreadContext (Address: 0x1802342a0)
SetUnhandledExceptionFilter (Address: 0x180234328)
SleepConditionVariableSRW (Address: 0x180234300)
SuspendThread (Address: 0x180234288)
TerminateProcess (Address: 0x180234330)
TlsAlloc (Address: 0x1802343f0)
TlsFree (Address: 0x180234408)
TlsGetValue (Address: 0x1802343f8)
TlsSetValue (Address: 0x180234400)
TryAcquireSRWLockExclusive (Address: 0x180234368)
UnhandledExceptionFilter (Address: 0x180234320)
VerifyVersionInfoW (Address: 0x180234158)
VerSetConditionMask (Address: 0x180234150)
VirtualAlloc (Address: 0x1802342b0)
VirtualAllocEx (Address: 0x180234110)
VirtualFree (Address: 0x1802342c0)
VirtualFreeEx (Address: 0x180234138)
VirtualProtect (Address: 0x1802342b8)
VirtualQuery (Address: 0x180234120)
WaitForSingleObject (Address: 0x1802340e8)
WakeAllConditionVariable (Address: 0x1802342f8)
WideCharToMultiByte (Address: 0x180234128)
WriteConsoleW (Address: 0x180234178)
WriteFile (Address: 0x1802341a8)
WriteProcessMemory (Address: 0x1802340c0)

USER32.dll

CallWindowProcW (Address: 0x1802344c8)
SendMessageW (Address: 0x1802344c0)
SetWindowLongPtrW (Address: 0x1802344d0)

WINHTTP.dll

WinHttpCloseHandle (Address: 0x1802344e0)
WinHttpConnect (Address: 0x1802344f0)
WinHttpOpen (Address: 0x1802344f8)
WinHttpOpenRequest (Address: 0x180234508)
WinHttpQueryHeaders (Address: 0x180234510)
WinHttpReceiveResponse (Address: 0x180234500)
WinHttpSendRequest (Address: 0x1802344e8)