radarrs.dll

Description: Microsoft Windows Resource Exhaustion Resolver

Version: 10.0.19041.1

Architecture: 32-bit

Operating System: Windows NT

SHA256: 5eef771095a35acd4a5b8b8957f985e9

File Size: 62.0 KB

Uploaded At: Dec. 1, 2025, 8:03 a.m.

Views: 15

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

WdiDiagnosticModuleMain (Ordinal: 1, Address: 0x3bb0)
WdiGetDiagnosticModuleInterfaceVersion (Ordinal: 2, Address: 0x3b50)
WdiHandleInstance (Ordinal: 3, Address: 0x3ca0)

Imported DLLs & Functions

ADVAPI32.dll

AdjustTokenPrivileges (Address: 0x1000e034)
CheckTokenMembership (Address: 0x1000e04c)
CloseServiceHandle (Address: 0x1000e038)
DuplicateTokenEx (Address: 0x1000e004)
EnumServicesStatusExW (Address: 0x1000e028)
EventWrite (Address: 0x1000e048)
GetTraceEnableFlags (Address: 0x1000e010)
GetTraceEnableLevel (Address: 0x1000e014)
GetTraceLoggerHandle (Address: 0x1000e00c)
LookupPrivilegeValueW (Address: 0x1000e030)
OpenProcessToken (Address: 0x1000e02c)
OpenSCManagerW (Address: 0x1000e03c)
OpenServiceW (Address: 0x1000e020)
QueryServiceConfigW (Address: 0x1000e024)
RegCloseKey (Address: 0x1000e008)
RegisterTraceGuidsW (Address: 0x1000e018)
RegOpenKeyExW (Address: 0x1000e000)
RegQueryValueExW (Address: 0x1000e040)
TraceMessage (Address: 0x1000e044)
UnregisterTraceGuids (Address: 0x1000e01c)

COMCTL32.dll

(Address: 0x1000e054)

KERNEL32.dll

ActivateActCtx (Address: 0x1000e0b8)
CloseHandle (Address: 0x1000e108)
CompareStringW (Address: 0x1000e088)
CreateActCtxW (Address: 0x1000e0b4)
CreateDirectoryW (Address: 0x1000e084)
CreateFileW (Address: 0x1000e098)
CreateProcessW (Address: 0x1000e104)
DeactivateActCtx (Address: 0x1000e0c0)
DeleteCriticalSection (Address: 0x1000e080)
DeleteFileW (Address: 0x1000e0a4)
DisableThreadLibraryCalls (Address: 0x1000e074)
EnterCriticalSection (Address: 0x1000e068)
ExpandEnvironmentStringsW (Address: 0x1000e08c)
GetCurrentProcess (Address: 0x1000e0e8)
GetCurrentProcessId (Address: 0x1000e0ac)
GetCurrentThreadId (Address: 0x1000e0d4)
GetLastError (Address: 0x1000e090)
GetModuleFileNameW (Address: 0x1000e0bc)
GetModuleHandleW (Address: 0x1000e0c8)
GetProcessHeap (Address: 0x1000e0a8)
GetProcessId (Address: 0x1000e114)
GetProcessTimes (Address: 0x1000e05c)
GetSystemTimeAsFileTime (Address: 0x1000e0d8)
GetTempFileNameW (Address: 0x1000e0b0)
GetTempPathW (Address: 0x1000e094)
GetTickCount (Address: 0x1000e0dc)
GetVersionExW (Address: 0x1000e09c)
HeapAlloc (Address: 0x1000e0fc)
HeapCreate (Address: 0x1000e064)
HeapDestroy (Address: 0x1000e07c)
HeapFree (Address: 0x1000e0f8)
InitializeCriticalSection (Address: 0x1000e070)
IsWow64Process (Address: 0x1000e100)
K32GetModuleFileNameExW (Address: 0x1000e0f4)
LeaveCriticalSection (Address: 0x1000e06c)
LocalAlloc (Address: 0x1000e110)
LocalFree (Address: 0x1000e10c)
OpenProcess (Address: 0x1000e0f0)
ProcessIdToSessionId (Address: 0x1000e0a0)
QueryPerformanceCounter (Address: 0x1000e0d0)
QueryPerformanceFrequency (Address: 0x1000e078)
ReleaseActCtx (Address: 0x1000e0cc)
RemoveDirectoryW (Address: 0x1000e11c)
SetLastError (Address: 0x1000e118)
SetUnhandledExceptionFilter (Address: 0x1000e0e4)
Sleep (Address: 0x1000e0c4)
TerminateProcess (Address: 0x1000e0ec)
TryEnterCriticalSection (Address: 0x1000e060)
UnhandledExceptionFilter (Address: 0x1000e0e0)

msvcrt.dll

_amsg_exit (Address: 0x1000e1dc)
_except_handler4_common (Address: 0x1000e1c4)
_initterm (Address: 0x1000e1c8)
_vsnwprintf (Address: 0x1000e1e8)
_XcptFilter (Address: 0x1000e1e0)
free (Address: 0x1000e1d8)
malloc (Address: 0x1000e1cc)
memset (Address: 0x1000e1d4)
wcsrchr (Address: 0x1000e1d0)
wcstoul (Address: 0x1000e1e4)

ntdll.dll

EtwEventRegister (Address: 0x1000e1fc)
EtwEventUnregister (Address: 0x1000e200)
EtwEventWrite (Address: 0x1000e1f0)
NtOpenEvent (Address: 0x1000e210)
NtQueryEvent (Address: 0x1000e208)
RtlAllocateAndInitializeSid (Address: 0x1000e1f4)
RtlEqualUnicodeString (Address: 0x1000e20c)
RtlFreeSid (Address: 0x1000e1f8)
RtlInitUnicodeString (Address: 0x1000e214)
RtlNtStatusToDosError (Address: 0x1000e204)

ole32.dll

CoCreateInstance (Address: 0x1000e220)
CoInitialize (Address: 0x1000e224)
CoUninitialize (Address: 0x1000e21c)

OLEAUT32.dll

SysAllocString (Address: 0x1000e128)
SysFreeString (Address: 0x1000e124)

RstrtMgr.DLL

RmEndSession (Address: 0x1000e138)
RmGetList (Address: 0x1000e134)
RmRegisterResources (Address: 0x1000e144)
RmReserveHeap (Address: 0x1000e13c)
RmRestart (Address: 0x1000e140)
RmShutdown (Address: 0x1000e130)
RmStartSession (Address: 0x1000e148)

SHELL32.dll

Shell_NotifyIconW (Address: 0x1000e150)

SHLWAPI.dll

(Address: 0x1000e158)
(Address: 0x1000e15c)
StrRChrW (Address: 0x1000e160)

USER32.dll

DefWindowProcW (Address: 0x1000e1a0)
DestroyIcon (Address: 0x1000e17c)
DestroyWindow (Address: 0x1000e19c)
DispatchMessageW (Address: 0x1000e198)
EnumWindows (Address: 0x1000e168)
GetMessageW (Address: 0x1000e1a4)
GetWindow (Address: 0x1000e16c)
GetWindowLongW (Address: 0x1000e174)
GetWindowThreadProcessId (Address: 0x1000e170)
KillTimer (Address: 0x1000e188)
LoadIconW (Address: 0x1000e178)
LoadStringW (Address: 0x1000e180)
PeekMessageW (Address: 0x1000e190)
PostQuitMessage (Address: 0x1000e184)
SetTimer (Address: 0x1000e194)
TranslateMessage (Address: 0x1000e18c)

VERSION.dll

GetFileVersionInfoExW (Address: 0x1000e1b4)
GetFileVersionInfoSizeExW (Address: 0x1000e1b0)
GetFileVersionInfoSizeW (Address: 0x1000e1b8)
GetFileVersionInfoW (Address: 0x1000e1ac)
VerQueryValueW (Address: 0x1000e1bc)

wdi.dll

WdiGetParameterByIndex (Address: 0x1000e234)
WdiGetParameterByName (Address: 0x1000e238)
WdiGetParameterCount (Address: 0x1000e22c)
WdiGetParameterData (Address: 0x1000e230)

wer.dll

WerpGetReportConsent (Address: 0x1000e258)
WerpSetCallBack (Address: 0x1000e240)
WerReportAddFile (Address: 0x1000e248)
WerReportCloseHandle (Address: 0x1000e24c)
WerReportCreate (Address: 0x1000e254)
WerReportSetParameter (Address: 0x1000e244)
WerReportSubmit (Address: 0x1000e250)