NoxShield.dll

Description:

Authors:

Version:

Architecture: 32-bit

Operating System:

SHA256: a6f2a0e13746965c859591d2c902f697

File Size: 1.7 MB

Uploaded At: May 23, 2026, 9:43 p.m.

Views: 14

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • NoxShield_Init (Ordinal: 1, Address: 0x5ad0)
  • NoxShield_Version (Ordinal: 2, Address: 0x5af0)

Imported DLLs & Functions

ADVAPI32.dll
  • CloseServiceHandle (Address: 0x1011200c)
  • CryptAcquireContextW (Address: 0x10112028)
  • CryptCreateHash (Address: 0x10112018)
  • CryptDestroyHash (Address: 0x10112010)
  • CryptGenRandom (Address: 0x1011201c)
  • CryptGetHashParam (Address: 0x10112020)
  • CryptHashData (Address: 0x10112014)
  • CryptReleaseContext (Address: 0x10112024)
  • OpenSCManagerA (Address: 0x10112008)
  • OpenServiceA (Address: 0x10112004)
  • RegCloseKey (Address: 0x10112000)
  • RegOpenKeyExA (Address: 0x10112030)
  • RegQueryValueExA (Address: 0x1011202c)
bcrypt.dll
  • BCryptCloseAlgorithmProvider (Address: 0x10112474)
  • BCryptDecrypt (Address: 0x1011247c)
  • BCryptDestroyKey (Address: 0x10112480)
  • BCryptEncrypt (Address: 0x10112478)
  • BCryptGenerateSymmetricKey (Address: 0x10112488)
  • BCryptGenRandom (Address: 0x10112484)
  • BCryptGetProperty (Address: 0x1011246c)
  • BCryptOpenAlgorithmProvider (Address: 0x10112468)
  • BCryptSetProperty (Address: 0x10112470)
GDI32.dll
  • BitBlt (Address: 0x1011206c)
  • CreateCompatibleBitmap (Address: 0x10112074)
  • CreateCompatibleDC (Address: 0x10112068)
  • CreateDIBSection (Address: 0x10112040)
  • CreateFontA (Address: 0x10112064)
  • CreateSolidBrush (Address: 0x10112060)
  • DeleteDC (Address: 0x1011205c)
  • DeleteObject (Address: 0x10112058)
  • GetDIBits (Address: 0x10112038)
  • SelectObject (Address: 0x10112054)
  • SetBkMode (Address: 0x10112050)
  • SetBrushOrgEx (Address: 0x1011203c)
  • SetStretchBltMode (Address: 0x10112048)
  • SetTextColor (Address: 0x10112044)
  • StretchBlt (Address: 0x1011204c)
  • TextOutA (Address: 0x10112070)
gdiplus.dll
  • GdipAlloc (Address: 0x101124a4)
  • GdipCloneBrush (Address: 0x101124b8)
  • GdipCloneImage (Address: 0x101124d8)
  • GdipCreateBitmapFromHBITMAP (Address: 0x10112490)
  • GdipCreateFromHDC (Address: 0x101124c4)
  • GdipCreateLineBrushI (Address: 0x10112494)
  • GdipCreateSolidFill (Address: 0x101124ac)
  • GdipDeleteBrush (Address: 0x101124bc)
  • GdipDeleteGraphics (Address: 0x101124c8)
  • GdipDisposeImage (Address: 0x101124c0)
  • GdipFillEllipseI (Address: 0x101124d4)
  • GdipFillRectangleI (Address: 0x101124d0)
  • GdipFree (Address: 0x101124a8)
  • GdipGetImageEncoders (Address: 0x101124a0)
  • GdipGetImageEncodersSize (Address: 0x1011249c)
  • GdiplusShutdown (Address: 0x101124b4)
  • GdiplusStartup (Address: 0x101124b0)
  • GdipSaveImageToStream (Address: 0x10112498)
  • GdipSetSmoothingMode (Address: 0x101124cc)
IPHLPAPI.DLL
  • IcmpCloseHandle (Address: 0x1011207c)
  • IcmpCreateFile (Address: 0x10112080)
  • IcmpSendEcho (Address: 0x10112084)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x10112184)
  • AcquireSRWLockShared (Address: 0x10112188)
  • CheckRemoteDebuggerPresent (Address: 0x101121c8)
  • CloseHandle (Address: 0x1011212c)
  • CompareFileTime (Address: 0x10112208)
  • CompareStringEx (Address: 0x1011228c)
  • CompareStringW (Address: 0x101120a0)
  • CreateDirectoryA (Address: 0x101121b0)
  • CreateEventW (Address: 0x10112138)
  • CreateFileMappingA (Address: 0x101121f8)
  • CreateFileW (Address: 0x10112128)
  • CreateMutexA (Address: 0x101121b8)
  • CreateThread (Address: 0x1011213c)
  • CreateToolhelp32Snapshot (Address: 0x101121cc)
  • DecodePointer (Address: 0x101122ac)
  • DeleteCriticalSection (Address: 0x101122bc)
  • DeleteFileW (Address: 0x101120d0)
  • DisableThreadLibraryCalls (Address: 0x10112144)
  • EncodePointer (Address: 0x101122b0)
  • EnterCriticalSection (Address: 0x101122c8)
  • EnumSystemLocalesW (Address: 0x1011208c)
  • ExitProcess (Address: 0x1011215c)
  • ExitThread (Address: 0x101120b8)
  • FileTimeToSystemTime (Address: 0x10112258)
  • FindClose (Address: 0x1011220c)
  • FindFirstFileExW (Address: 0x101122ec)
  • FindFirstFileW (Address: 0x10112210)
  • FindNextFileW (Address: 0x10112214)
  • FindResourceA (Address: 0x101121e8)
  • FlsAlloc (Address: 0x10112260)
  • FlsFree (Address: 0x101120c0)
  • FlsGetValue (Address: 0x101120c8)
  • FlsSetValue (Address: 0x101120c4)
  • FlushFileBuffers (Address: 0x10112100)
  • FlushInstructionCache (Address: 0x101121a0)
  • FormatMessageA (Address: 0x101122dc)
  • FreeEnvironmentStringsW (Address: 0x10112308)
  • FreeLibrary (Address: 0x101120b0)
  • FreeLibraryAndExitThread (Address: 0x10112328)
  • GetACP (Address: 0x101122f4)
  • GetCommandLineA (Address: 0x101122fc)
  • GetCommandLineW (Address: 0x10112300)
  • GetConsoleMode (Address: 0x101120f4)
  • GetConsoleOutputCP (Address: 0x101120f8)
  • GetCPInfo (Address: 0x10112288)
  • GetCurrentDirectoryW (Address: 0x101122e0)
  • GetCurrentProcess (Address: 0x10112154)
  • GetCurrentProcessId (Address: 0x10112158)
  • GetCurrentThread (Address: 0x10112220)
  • GetCurrentThreadId (Address: 0x10112140)
  • GetDateFormatW (Address: 0x101120d8)
  • GetDriveTypeW (Address: 0x10112124)
  • GetEnvironmentStringsW (Address: 0x10112304)
  • GetEnvironmentVariableA (Address: 0x101121ac)
  • GetExitCodeProcess (Address: 0x101121ec)
  • GetExitCodeThread (Address: 0x101122d0)
  • GetFileAttributesA (Address: 0x101121fc)
  • GetFileAttributesExW (Address: 0x1011221c)
  • GetFileAttributesW (Address: 0x10112218)
  • GetFileInformationByHandle (Address: 0x10112120)
  • GetFileSizeEx (Address: 0x101120e4)
  • GetFileType (Address: 0x1011211c)
  • GetFullPathNameW (Address: 0x10112190)
  • GetLastError (Address: 0x10112178)
  • GetLocaleInfoEx (Address: 0x101122b4)
  • GetLocaleInfoW (Address: 0x10112098)
  • GetLocalTime (Address: 0x10112160)
  • GetLogicalProcessorInformationEx (Address: 0x101122cc)
  • GetModuleFileNameA (Address: 0x10112168)
  • GetModuleFileNameW (Address: 0x10112108)
  • GetModuleHandleA (Address: 0x1011216c)
  • GetModuleHandleExA (Address: 0x101121d8)
  • GetModuleHandleExW (Address: 0x10112324)
  • GetModuleHandleW (Address: 0x10112254)
  • GetOEMCP (Address: 0x101122f8)
  • GetPrivateProfileIntA (Address: 0x10112170)
  • GetPrivateProfileStringA (Address: 0x10112174)
  • GetProcAddress (Address: 0x1011231c)
  • GetProcessHeap (Address: 0x10112238)
  • GetProcessTimes (Address: 0x10112150)
  • GetStartupInfoW (Address: 0x1011227c)
  • GetStdHandle (Address: 0x101120ec)
  • GetStringTypeW (Address: 0x10112290)
  • GetSystemInfo (Address: 0x1011223c)
  • GetSystemTime (Address: 0x101121a4)
  • GetSystemTimeAsFileTime (Address: 0x10112250)
  • GetSystemTimePreciseAsFileTime (Address: 0x101122a4)
  • GetTempPathW (Address: 0x101120e0)
  • GetThreadPriority (Address: 0x10112228)
  • GetTickCount (Address: 0x10112164)
  • GetTimeFormatW (Address: 0x101120a4)
  • GetTimeZoneInformation (Address: 0x101120a8)
  • GetUserDefaultLCID (Address: 0x10112090)
  • HeapAlloc (Address: 0x10112230)
  • HeapFree (Address: 0x10112234)
  • HeapReAlloc (Address: 0x101120cc)
  • HeapSize (Address: 0x10112314)
  • InitializeCriticalSectionEx (Address: 0x101122c0)
  • InitializeSListHead (Address: 0x10112278)
  • InitOnceExecuteOnce (Address: 0x10112148)
  • InterlockedFlushSList (Address: 0x10112268)
  • InterlockedPushEntrySList (Address: 0x1011226c)
  • IsDebuggerPresent (Address: 0x101121c4)
  • IsProcessorFeaturePresent (Address: 0x10112284)
  • IsThreadAFiber (Address: 0x101120dc)
  • IsValidCodePage (Address: 0x101122f0)
  • IsValidLocale (Address: 0x10112094)
  • K32GetModuleBaseNameA (Address: 0x10112248)
  • K32GetModuleInformation (Address: 0x1011224c)
  • LCMapStringEx (Address: 0x101122a8)
  • LCMapStringW (Address: 0x1011209c)
  • LeaveCriticalSection (Address: 0x101122c4)
  • LoadLibraryA (Address: 0x10112194)
  • LoadLibraryExW (Address: 0x101120ac)
  • LoadResource (Address: 0x101121dc)
  • LocalFree (Address: 0x101122b8)
  • LockResource (Address: 0x101121e0)
  • MapViewOfFile (Address: 0x101121f4)
  • Module32First (Address: 0x101121d0)
  • Module32Next (Address: 0x101121d4)
  • MultiByteToWideChar (Address: 0x101121bc)
  • OpenProcess (Address: 0x101121f0)
  • OutputDebugStringW (Address: 0x10112320)
  • PeekNamedPipe (Address: 0x10112118)
  • Process32First (Address: 0x10112200)
  • Process32Next (Address: 0x10112204)
  • QueryFullProcessImageNameA (Address: 0x10112244)
  • QueryPerformanceCounter (Address: 0x10112198)
  • QueryPerformanceFrequency (Address: 0x1011219c)
  • RaiseException (Address: 0x10112274)
  • ReadConsoleW (Address: 0x101120e8)
  • ReadFile (Address: 0x101120bc)
  • ReleaseMutex (Address: 0x101121b4)
  • ReleaseSRWLockExclusive (Address: 0x1011217c)
  • ReleaseSRWLockShared (Address: 0x10112180)
  • ResumeThread (Address: 0x101120b4)
  • RtlUnwind (Address: 0x10112270)
  • SetConsoleCtrlHandler (Address: 0x101122e8)
  • SetCurrentDirectoryW (Address: 0x101120d4)
  • SetEndOfFile (Address: 0x10112310)
  • SetEnvironmentVariableW (Address: 0x1011230c)
  • SetEvent (Address: 0x10112130)
  • SetFilePointerEx (Address: 0x101120f0)
  • SetFileTime (Address: 0x10112110)
  • SetLastError (Address: 0x10112264)
  • SetStdHandle (Address: 0x101122e4)
  • SetThreadPriority (Address: 0x10112224)
  • SetUnhandledExceptionFilter (Address: 0x10112280)
  • SizeofResource (Address: 0x101121e4)
  • Sleep (Address: 0x1011214c)
  • SleepConditionVariableSRW (Address: 0x10112294)
  • SwitchToThread (Address: 0x101122d4)
  • SystemTimeToFileTime (Address: 0x1011225c)
  • SystemTimeToTzSpecificLocalTime (Address: 0x10112114)
  • SystemTimeToTzSpecificLocalTimeEx (Address: 0x101121a8)
  • TerminateProcess (Address: 0x101121c0)
  • TryAcquireSRWLockExclusive (Address: 0x101122a0)
  • TzSpecificLocalTimeToSystemTime (Address: 0x1011210c)
  • UnhandledExceptionFilter (Address: 0x10112104)
  • VirtualProtect (Address: 0x1011218c)
  • VirtualQuery (Address: 0x10112240)
  • WaitForSingleObject (Address: 0x10112134)
  • WaitForSingleObjectEx (Address: 0x101122d8)
  • WakeAllConditionVariable (Address: 0x10112298)
  • WakeConditionVariable (Address: 0x1011229c)
  • WideCharToMultiByte (Address: 0x1011222c)
  • WriteConsoleW (Address: 0x10112318)
  • WriteFile (Address: 0x101120fc)
MSIMG32.dll
  • AlphaBlend (Address: 0x10112330)
ole32.dll
  • CoCreateInstance (Address: 0x101124e0)
  • CoInitializeEx (Address: 0x101124e8)
  • CoSetProxyBlanket (Address: 0x101124ec)
  • CoUninitialize (Address: 0x101124f0)
  • CreateStreamOnHGlobal (Address: 0x101124e4)
OLEAUT32.dll
  • CreateErrorInfo (Address: 0x10112348)
  • GetErrorInfo (Address: 0x10112354)
  • SetErrorInfo (Address: 0x1011234c)
  • SysAllocString (Address: 0x1011235c)
  • SysAllocStringByteLen (Address: 0x10112358)
  • SysFreeString (Address: 0x10112344)
  • SysStringByteLen (Address: 0x10112340)
  • VariantChangeType (Address: 0x10112350)
  • VariantClear (Address: 0x1011233c)
  • VariantInit (Address: 0x10112338)
USER32.dll
  • BeginPaint (Address: 0x10112370)
  • CallNextHookEx (Address: 0x101123fc)
  • ClientToScreen (Address: 0x10112428)
  • CreateWindowExA (Address: 0x101123ec)
  • CreateWindowExW (Address: 0x10112410)
  • DefWindowProcA (Address: 0x101123b4)
  • DefWindowProcW (Address: 0x101123a8)
  • DestroyWindow (Address: 0x101123e8)
  • DispatchMessageA (Address: 0x101123c4)
  • DrawTextA (Address: 0x10112398)
  • EndPaint (Address: 0x1011236c)
  • EnumWindows (Address: 0x101123d4)
  • FillRect (Address: 0x1011240c)
  • FindWindowA (Address: 0x10112388)
  • GetActiveWindow (Address: 0x101123e0)
  • GetAsyncKeyState (Address: 0x10112378)
  • GetClassNameA (Address: 0x101123d0)
  • GetClientRect (Address: 0x10112364)
  • GetCursorPos (Address: 0x1011237c)
  • GetDC (Address: 0x10112390)
  • GetForegroundWindow (Address: 0x101123f8)
  • GetMessageA (Address: 0x101123cc)
  • GetSystemMetrics (Address: 0x1011239c)
  • GetWindowRect (Address: 0x10112384)
  • GetWindowTextA (Address: 0x101123d8)
  • GetWindowThreadProcessId (Address: 0x101123f0)
  • InvalidateRect (Address: 0x10112368)
  • IsIconic (Address: 0x10112420)
  • IsWindow (Address: 0x10112414)
  • IsWindowVisible (Address: 0x101123e4)
  • KillTimer (Address: 0x101123a0)
  • LoadCursorA (Address: 0x10112374)
  • MessageBoxA (Address: 0x101123f4)
  • MessageBoxW (Address: 0x101123bc)
  • PeekMessageA (Address: 0x101123b8)
  • PrintWindow (Address: 0x10112380)
  • RegisterClassExA (Address: 0x101123ac)
  • RegisterClassW (Address: 0x10112408)
  • ReleaseDC (Address: 0x1011238c)
  • SetTimer (Address: 0x101123a4)
  • SetWindowPos (Address: 0x1011241c)
  • SetWindowsHookExA (Address: 0x101123c0)
  • SetWindowsHookExW (Address: 0x10112404)
  • SetWindowTextA (Address: 0x101123dc)
  • ShowWindow (Address: 0x10112424)
  • TranslateMessage (Address: 0x101123c8)
  • UnhookWindowsHookEx (Address: 0x10112400)
  • UnregisterClassA (Address: 0x101123b0)
  • UpdateLayeredWindow (Address: 0x10112418)
  • UpdateWindow (Address: 0x10112394)
WS2_32.dll
  • __WSAFDIsSet (Address: 0x10112460)
  • closesocket (Address: 0x10112430)
  • connect (Address: 0x10112434)
  • freeaddrinfo (Address: 0x1011245c)
  • getaddrinfo (Address: 0x10112458)
  • ioctlsocket (Address: 0x10112438)
  • recv (Address: 0x1011243c)
  • select (Address: 0x10112440)
  • send (Address: 0x10112444)
  • setsockopt (Address: 0x10112448)
  • socket (Address: 0x1011244c)
  • WSAGetLastError (Address: 0x10112454)
  • WSAStartup (Address: 0x10112450)