msv1_0.dll
Description: Microsoft Authentication Package v1.0
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6328
Architecture: 32-bit
Operating System: Windows NT
SHA256: 91a01889abc92a3f1513b8dfb85b007b
File Size: 447.9 KB
Uploaded At: Dec. 1, 2025, 8:01 a.m.
Views: 16
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- SpInitialize (Ordinal: 1, Address: 0x19890)
- MsvIsLocalhostAliases (Ordinal: 2, Address: 0xa7b0)
- SpLsaModeInitialize (Ordinal: 3, Address: 0x29dc0)
- SpUserModeInitialize (Ordinal: 4, Address: 0x16330)
- DllMain (Ordinal: 5, Address: 0x2e350)
- LsaApCallPackage (Ordinal: 6, Address: 0x16700)
- LsaApCallPackagePassthrough (Ordinal: 7, Address: 0x47020)
- LsaApCallPackageUntrusted (Ordinal: 8, Address: 0x15ab0)
- LsaApInitializePackage (Ordinal: 9, Address: 0x18010)
- LsaApLogonTerminated (Ordinal: 10, Address: 0x257c0)
- LsaApLogonUserEx2 (Ordinal: 11, Address: 0x1e8a0)
- Msv1_0ExportSubAuthenticationRoutine (Ordinal: 12, Address: 0x4b0d0)
- Msv1_0SubAuthenticationPresent (Ordinal: 13, Address: 0x4b160)
- MsvGetLogonAttemptCount (Ordinal: 14, Address: 0x4a010)
- MsvIsIpAddressLocal (Ordinal: 15, Address: 0x29b00)
- MsvSamLogoff (Ordinal: 16, Address: 0x326d0)
- MsvSamValidate (Ordinal: 17, Address: 0x2a240)
- MsvValidateTarget (Ordinal: 18, Address: 0x4a020)
- SpInstanceInit (Ordinal: 32, Address: 0x155e0)
Imported DLLs & Functions
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x4d167080)
- IsDebuggerPresent (Address: 0x4d16707c)
- OutputDebugStringW (Address: 0x4d167078)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x4d167088)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x4d167090)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x4d1670a4)
- SetLastError (Address: 0x4d167098)
- SetUnhandledExceptionFilter (Address: 0x4d1670a0)
- UnhandledExceptionFilter (Address: 0x4d16709c)
api-ms-win-core-file-l1-1-0.dll
- CompareFileTime (Address: 0x4d1670bc)
- CreateFileW (Address: 0x4d1670b0)
- FlushFileBuffers (Address: 0x4d1670ac)
- SetFilePointer (Address: 0x4d1670b8)
- WriteFile (Address: 0x4d1670b4)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x4d1670c4)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x4d1670cc)
- HeapAlloc (Address: 0x4d1670d0)
- HeapFree (Address: 0x4d1670d4)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x4d1670dc)
- LocalFree (Address: 0x4d1670e0)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x4d1670e8)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x4d1670f4)
- FreeLibrary (Address: 0x4d167100)
- GetModuleFileNameA (Address: 0x4d1670fc)
- GetModuleFileNameW (Address: 0x4d16710c)
- GetModuleHandleExW (Address: 0x4d1670f0)
- GetModuleHandleW (Address: 0x4d167110)
- GetProcAddress (Address: 0x4d1670f8)
- LoadLibraryExA (Address: 0x4d167104)
- LoadLibraryExW (Address: 0x4d167108)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageA (Address: 0x4d167118)
- FormatMessageW (Address: 0x4d16711c)
api-ms-win-core-memory-l1-1-0.dll
- VirtualAlloc (Address: 0x4d167128)
- VirtualProtect (Address: 0x4d167124)
- VirtualQuery (Address: 0x4d16712c)
api-ms-win-core-privateprofile-l1-1-0.dll
- GetProfileIntW (Address: 0x4d167134)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x4d16713c)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x4d16714c)
- GetCurrentProcessId (Address: 0x4d167158)
- GetCurrentThread (Address: 0x4d16715c)
- GetCurrentThreadId (Address: 0x4d167150)
- SetThreadStackGuarantee (Address: 0x4d167154)
- SetThreadToken (Address: 0x4d167144)
- TerminateProcess (Address: 0x4d167148)
api-ms-win-core-processthreads-l1-1-1.dll
- GetProcessMitigationPolicy (Address: 0x4d16716c)
- IsProcessorFeaturePresent (Address: 0x4d167168)
- OpenProcess (Address: 0x4d167164)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x4d167174)
api-ms-win-core-psapi-l1-1-0.dll
- QueryFullProcessImageNameW (Address: 0x4d16717c)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x4d167188)
- RegDeleteValueW (Address: 0x4d167184)
- RegNotifyChangeKeyValue (Address: 0x4d167190)
- RegOpenKeyExA (Address: 0x4d16718c)
- RegOpenKeyExW (Address: 0x4d167198)
- RegQueryValueExA (Address: 0x4d167194)
- RegQueryValueExW (Address: 0x4d16719c)
api-ms-win-core-rtlsupport-l1-2-0.dll
- RtlCompareMemory (Address: 0x4d1671a4)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x4d1671bc)
- AcquireSRWLockShared (Address: 0x4d1671f0)
- CreateEventW (Address: 0x4d1671e4)
- CreateMutexExW (Address: 0x4d1671b0)
- CreateSemaphoreExW (Address: 0x4d1671ec)
- DeleteCriticalSection (Address: 0x4d1671d0)
- EnterCriticalSection (Address: 0x4d1671e0)
- InitializeCriticalSection (Address: 0x4d1671fc)
- InitializeCriticalSectionEx (Address: 0x4d1671c8)
- InitializeSRWLock (Address: 0x4d1671d8)
- LeaveCriticalSection (Address: 0x4d1671cc)
- OpenEventW (Address: 0x4d1671ac)
- OpenSemaphoreW (Address: 0x4d1671e8)
- ReleaseMutex (Address: 0x4d1671b8)
- ReleaseSemaphore (Address: 0x4d1671dc)
- ReleaseSRWLockExclusive (Address: 0x4d1671f8)
- ReleaseSRWLockShared (Address: 0x4d1671f4)
- SetEvent (Address: 0x4d1671b4)
- TryAcquireSRWLockExclusive (Address: 0x4d1671d4)
- WaitForSingleObject (Address: 0x4d1671c0)
- WaitForSingleObjectEx (Address: 0x4d1671c4)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x4d167204)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetComputerNameExW (Address: 0x4d167224)
- GetLocalTime (Address: 0x4d167220)
- GetSystemInfo (Address: 0x4d167210)
- GetSystemTimeAsFileTime (Address: 0x4d167214)
- GetTickCount (Address: 0x4d167218)
- GetTickCount64 (Address: 0x4d16720c)
- GetVersionExW (Address: 0x4d167228)
- GetWindowsDirectoryW (Address: 0x4d16721c)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x4d16723c)
- CreateThreadpoolTimer (Address: 0x4d167234)
- SetThreadpoolTimer (Address: 0x4d167238)
- WaitForThreadpoolTimerCallbacks (Address: 0x4d167230)
api-ms-win-core-threadpool-legacy-l1-1-0.dll
- UnregisterWaitEx (Address: 0x4d167244)
api-ms-win-core-threadpool-private-l1-1-0.dll
- RegisterWaitForSingleObjectEx (Address: 0x4d16724c)
api-ms-win-crt-private-l1-1-0.dll
- __CxxFrameHandler3 (Address: 0x4d1672f0)
- __std_terminate (Address: 0x4d1672ec)
- _CxxThrowException (Address: 0x4d1672b0)
- _except_handler4_common (Address: 0x4d1672ac)
- _o___std_exception_copy (Address: 0x4d1672e0)
- _o___std_exception_destroy (Address: 0x4d1672dc)
- _o___std_type_info_destroy_list (Address: 0x4d1672d8)
- _o___stdio_common_vsnprintf_s (Address: 0x4d1672d4)
- _o___stdio_common_vsnwprintf_s (Address: 0x4d1672d0)
- _o___stdio_common_vsprintf_s (Address: 0x4d1672cc)
- _o___stdio_common_vswprintf (Address: 0x4d1672c8)
- _o___stdio_common_vswprintf_s (Address: 0x4d1672c4)
- _o__callnewh (Address: 0x4d1672c0)
- _o__cexit (Address: 0x4d1672bc)
- _o__configure_narrow_argv (Address: 0x4d1672b8)
- _o__crt_atexit (Address: 0x4d1672b4)
- _o__errno (Address: 0x4d167254)
- _o__execute_onexit_table (Address: 0x4d167258)
- _o__initialize_narrow_environment (Address: 0x4d16725c)
- _o__initialize_onexit_table (Address: 0x4d167260)
- _o__invalid_parameter_noinfo (Address: 0x4d167264)
- _o__purecall (Address: 0x4d167268)
- _o__register_onexit_function (Address: 0x4d16726c)
- _o__seh_filter_dll (Address: 0x4d167270)
- _o__ultow (Address: 0x4d167274)
- _o__wcsicmp (Address: 0x4d16727c)
- _o__wcsnicmp (Address: 0x4d167280)
- _o__wsplitpath_s (Address: 0x4d167284)
- _o_free (Address: 0x4d167288)
- _o_malloc (Address: 0x4d16728c)
- _o_strcpy_s (Address: 0x4d167290)
- _o_toupper (Address: 0x4d167294)
- _o_towupper (Address: 0x4d167298)
- _o_wcscat_s (Address: 0x4d16729c)
- _o_wcscpy_s (Address: 0x4d1672a0)
- _o_wcsncat_s (Address: 0x4d1672a4)
- _o_wcsncpy_s (Address: 0x4d1672a8)
- memcmp (Address: 0x4d1672f4)
- memcpy (Address: 0x4d1672f8)
- memmove (Address: 0x4d167278)
- wcschr (Address: 0x4d1672e8)
- wcsrchr (Address: 0x4d1672e4)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x4d167304)
- _initterm_e (Address: 0x4d167300)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x4d167314)
- strncmp (Address: 0x4d167310)
- wcsncmp (Address: 0x4d16730c)
api-ms-win-eventing-provider-l1-1-0.dll
- EventProviderEnabled (Address: 0x4d167320)
- EventRegister (Address: 0x4d167328)
- EventSetInformation (Address: 0x4d16732c)
- EventUnregister (Address: 0x4d16731c)
- EventWriteTransfer (Address: 0x4d167324)
api-ms-win-security-activedirectoryclient-l1-1-0.dll
- DsBindWithSpnExW (Address: 0x4d167334)
- DsCrackNamesW (Address: 0x4d16733c)
- DsFreeNameResultW (Address: 0x4d167340)
- DsUnBindW (Address: 0x4d167338)
api-ms-win-security-base-l1-1-0.dll
- AdjustTokenPrivileges (Address: 0x4d167360)
- CheckTokenMembership (Address: 0x4d16735c)
- GetLengthSid (Address: 0x4d167348)
- GetTokenInformation (Address: 0x4d167354)
- ImpersonateAnonymousToken (Address: 0x4d16734c)
- IsValidSid (Address: 0x4d167358)
- RevertToSelf (Address: 0x4d167350)
api-ms-win-service-private-l1-1-0.dll
- I_QueryTagInformation (Address: 0x4d167368)
bcrypt.dll
- BCryptCloseAlgorithmProvider (Address: 0x4d1673a8)
- BCryptCreateHash (Address: 0x4d167380)
- BCryptDecrypt (Address: 0x4d16737c)
- BCryptDestroyHash (Address: 0x4d167370)
- BCryptDestroyKey (Address: 0x4d167394)
- BCryptDuplicateKey (Address: 0x4d16738c)
- BCryptEncrypt (Address: 0x4d167388)
- BCryptExportKey (Address: 0x4d1673a4)
- BCryptFinishHash (Address: 0x4d1673a0)
- BCryptGenerateSymmetricKey (Address: 0x4d167384)
- BCryptGenRandom (Address: 0x4d167378)
- BCryptHashData (Address: 0x4d167374)
- BCryptImportKey (Address: 0x4d167390)
- BCryptKeyDerivation (Address: 0x4d167398)
- BCryptOpenAlgorithmProvider (Address: 0x4d16739c)
ntdll.dll
- DbgPrint (Address: 0x4d167454)
- EtwEventActivityIdControl (Address: 0x4d167460)
- EtwEventEnabled (Address: 0x4d1674f4)
- EtwEventRegister (Address: 0x4d167488)
- EtwEventUnregister (Address: 0x4d167484)
- EtwEventWrite (Address: 0x4d1674f8)
- EtwEventWriteTransfer (Address: 0x4d167428)
- EtwGetTraceEnableFlags (Address: 0x4d1673fc)
- EtwGetTraceEnableLevel (Address: 0x4d1673f4)
- EtwGetTraceLoggerHandle (Address: 0x4d1673f8)
- EtwLogTraceEvent (Address: 0x4d1673d8)
- EtwRegisterTraceGuidsW (Address: 0x4d1673f0)
- EtwTraceMessage (Address: 0x4d16753c)
- EtwUnregisterTraceGuids (Address: 0x4d167400)
- NtAllocateLocallyUniqueId (Address: 0x4d167404)
- NtClose (Address: 0x4d167510)
- NtCreateEvent (Address: 0x4d167430)
- NtCreateKey (Address: 0x4d16744c)
- NtDeleteValueKey (Address: 0x4d167448)
- NtDuplicateObject (Address: 0x4d1674a8)
- NtDuplicateToken (Address: 0x4d1674bc)
- NtFilterToken (Address: 0x4d167508)
- NtOpenEvent (Address: 0x4d167410)
- NtOpenKey (Address: 0x4d167468)
- NtOpenProcess (Address: 0x4d1674c4)
- NtOpenProcessToken (Address: 0x4d167494)
- NtOpenThreadToken (Address: 0x4d167440)
- NtQueryInformationProcess (Address: 0x4d1674c0)
- NtQueryInformationToken (Address: 0x4d16749c)
- NtQuerySystemInformation (Address: 0x4d167464)
- NtQuerySystemTime (Address: 0x4d1673b8)
- NtQueryValueKey (Address: 0x4d16745c)
- NtSetInformationThread (Address: 0x4d167524)
- NtSetSecurityObject (Address: 0x4d1674a0)
- NtSetValueKey (Address: 0x4d167458)
- NtWaitForSingleObject (Address: 0x4d167438)
- RtlAcquireResourceExclusive (Address: 0x4d1673ec)
- RtlAcquireResourceShared (Address: 0x4d16751c)
- RtlAddAccessAllowedAce (Address: 0x4d1674a4)
- RtlAllocateAndInitializeSid (Address: 0x4d167520)
- RtlAllocateHeap (Address: 0x4d1674fc)
- RtlAppendUnicodeStringToString (Address: 0x4d167408)
- RtlAppendUnicodeToString (Address: 0x4d16740c)
- RtlAvlInsertNodeEx (Address: 0x4d16743c)
- RtlAvlRemoveNode (Address: 0x4d167540)
- RtlCheckTokenMembershipEx (Address: 0x4d167424)
- RtlConvertSharedToExclusive (Address: 0x4d167434)
- RtlCopySid (Address: 0x4d16742c)
- RtlCopyUnicodeString (Address: 0x4d16741c)
- RtlCreateAcl (Address: 0x4d1674ac)
- RtlCreateSecurityDescriptor (Address: 0x4d1674b0)
- RtlCreateServiceSid (Address: 0x4d16746c)
- RtlDeleteElementGenericTable (Address: 0x4d1674c8)
- RtlDeleteResource (Address: 0x4d167444)
- RtlDowncaseUnicodeString (Address: 0x4d1673d4)
- RtlDuplicateUnicodeString (Address: 0x4d167538)
- RtlEnterCriticalSection (Address: 0x4d1674d0)
- RtlEqualDomainName (Address: 0x4d167420)
- RtlEqualSid (Address: 0x4d1673dc)
- RtlEqualString (Address: 0x4d1674ec)
- RtlEqualUnicodeString (Address: 0x4d16752c)
- RtlEraseUnicodeString (Address: 0x4d1673b4)
- RtlExtendedMagicDivide (Address: 0x4d1674e4)
- RtlFreeHeap (Address: 0x4d167500)
- RtlFreeOemString (Address: 0x4d167478)
- RtlFreeSid (Address: 0x4d16750c)
- RtlFreeUnicodeString (Address: 0x4d167528)
- RtlGetElementGenericTable (Address: 0x4d1674dc)
- RtlGetNtProductType (Address: 0x4d167418)
- RtlIdentifierAuthoritySid (Address: 0x4d1673c4)
- RtlImageNtHeader (Address: 0x4d167504)
- RtlImpersonateSelf (Address: 0x4d1673b0)
- RtlInitializeCriticalSection (Address: 0x4d16747c)
- RtlInitializeGenericTable (Address: 0x4d1674b8)
- RtlInitializeResource (Address: 0x4d1673e8)
- RtlInitializeSid (Address: 0x4d1673bc)
- RtlInitString (Address: 0x4d167530)
- RtlInitUnicodeString (Address: 0x4d167534)
- RtlInsertElementGenericTable (Address: 0x4d1674d4)
- RtlIntegerToChar (Address: 0x4d1673e4)
- RtlIntegerToUnicodeString (Address: 0x4d167450)
- RtlIpv6StringToAddressExW (Address: 0x4d1674b4)
- RtlLeaveCriticalSection (Address: 0x4d1674d8)
- RtlLengthRequiredSid (Address: 0x4d1673d0)
- RtlLengthSid (Address: 0x4d1673cc)
- RtlLookupElementGenericTable (Address: 0x4d1674e0)
- RtlNtStatusToDosError (Address: 0x4d167490)
- RtlNumberGenericTableElements (Address: 0x4d1674cc)
- RtlOemStringToUnicodeString (Address: 0x4d16748c)
- RtlPrefixUnicodeString (Address: 0x4d167544)
- RtlReleaseResource (Address: 0x4d167514)
- RtlRunDecodeUnicodeString (Address: 0x4d167518)
- RtlSetDaclSecurityDescriptor (Address: 0x4d167498)
- RtlSubAuthorityCountSid (Address: 0x4d1673c8)
- RtlSubAuthoritySid (Address: 0x4d1673c0)
- RtlSystemTimeToLocalTime (Address: 0x4d1674e8)
- RtlTimeToTimeFields (Address: 0x4d1674f0)
- RtlUpcaseUnicodeString (Address: 0x4d167414)
- RtlUpcaseUnicodeStringToOemString (Address: 0x4d167480)
- RtlUpperChar (Address: 0x4d167470)
- WinSqmIncrementDWORD (Address: 0x4d1673e0)
- WinSqmSetDWORD (Address: 0x4d167474)
NtlmShared.dll
- MsvpCachePasswordsToCredential (Address: 0x4d16703c)
- MsvpCalculateNtlm2ChallengeNew (Address: 0x4d167004)
- MsvpCalculateNtlm2SessionKeysNew (Address: 0x4d167040)
- MsvpCompareCredentials (Address: 0x4d167024)
- MsvpComputeSaltedHashedPassword (Address: 0x4d167038)
- MsvpCredentialToCachePasswords (Address: 0x4d16702c)
- MsvpDecryptDpapiMasterKey (Address: 0x4d167020)
- MsvpDeriveSecureCredKey (Address: 0x4d167028)
- MsvpGMSACred (Address: 0x4d167034)
- MsvpLm20GetNtlm3ChallengeResponse (Address: 0x4d16701c)
- MsvpLm3Response (Address: 0x4d167008)
- MsvpLm3ResponseNew (Address: 0x4d167048)
- MsvpMakeSecretPasswordNT5 (Address: 0x4d16700c)
- MsvpPasswordValidate (Address: 0x4d16704c)
- MsvpPutClearOwfsInPrimaryCredential (Address: 0x4d167044)
- MsvpUpdateSharedConfiguration (Address: 0x4d167030)
- MsvpValidateSupplementalCreds (Address: 0x4d167000)
- NtLmAlterRtlEqualUnicodeString (Address: 0x4d167018)
- NtlmSharedFree (Address: 0x4d167010)
- NtlmSharedInit (Address: 0x4d167014)
RPCRT4.dll
- I_RpcMapWin32Status (Address: 0x4d16705c)
- MesBufferHandleReset (Address: 0x4d167068)
- MesDecodeBufferHandleCreate (Address: 0x4d167070)
- MesEncodeDynBufferHandleCreate (Address: 0x4d167064)
- MesHandleFree (Address: 0x4d167060)
- NdrMesTypeAlignSize2 (Address: 0x4d167054)
- NdrMesTypeDecode2 (Address: 0x4d167058)
- NdrMesTypeEncode2 (Address: 0x4d16706c)