rdpencom.dll
Description: RDPSRAPI COM Objects
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.3636
Architecture: 32-bit
Operating System: Windows NT
SHA256: 4eddf4cfa7862170997394c66ee6f91d
File Size: 348.0 KB
Uploaded At: Dec. 1, 2025, 8:03 a.m.
Views: 17
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0x119f0)
- DllGetClassObject (Ordinal: 2, Address: 0x11a10)
- DllRegisterServer (Ordinal: 3, Address: 0x11a20)
- DllUnregisterServer (Ordinal: 4, Address: 0x11a80)
Imported DLLs & Functions
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x10049100)
api-ms-win-core-com-l1-1-0.dll
- CLSIDFromProgID (Address: 0x10049120)
- CLSIDFromString (Address: 0x1004910c)
- CoCreateInstance (Address: 0x10049108)
- CoGetClassObject (Address: 0x10049128)
- CoTaskMemAlloc (Address: 0x1004911c)
- CoTaskMemFree (Address: 0x10049118)
- CoTaskMemRealloc (Address: 0x10049110)
- CreateStreamOnHGlobal (Address: 0x10049114)
- StringFromGUID2 (Address: 0x10049124)
api-ms-win-core-debug-l1-1-0.dll
- OutputDebugStringA (Address: 0x10049130)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x10049138)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x10049140)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x10049150)
- RaiseException (Address: 0x1004914c)
- SetLastError (Address: 0x10049148)
- SetUnhandledExceptionFilter (Address: 0x10049158)
- UnhandledExceptionFilter (Address: 0x10049154)
api-ms-win-core-file-l1-1-0.dll
- CreateFileW (Address: 0x10049164)
- WriteFile (Address: 0x10049160)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1004916c)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x10049178)
- HeapAlloc (Address: 0x10049174)
- HeapFree (Address: 0x1004917c)
api-ms-win-core-heap-l2-1-0.dll
- GlobalAlloc (Address: 0x10049184)
api-ms-win-core-heap-obsolete-l1-1-0.dll
- GlobalLock (Address: 0x1004918c)
- GlobalUnlock (Address: 0x10049190)
api-ms-win-core-interlocked-l1-1-0.dll
- InterlockedPopEntrySList (Address: 0x1004919c)
- InterlockedPushEntrySList (Address: 0x10049198)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- MulDiv (Address: 0x100491a4)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x100491c0)
- FindResourceExW (Address: 0x100491bc)
- FreeLibrary (Address: 0x100491c8)
- GetModuleFileNameW (Address: 0x100491d4)
- GetModuleHandleExA (Address: 0x100491d0)
- GetModuleHandleExW (Address: 0x100491c4)
- GetModuleHandleW (Address: 0x100491d8)
- GetProcAddress (Address: 0x100491b8)
- LoadLibraryExA (Address: 0x100491b0)
- LoadLibraryExW (Address: 0x100491cc)
- LoadResource (Address: 0x100491ac)
- SizeofResource (Address: 0x100491b4)
api-ms-win-core-libraryloader-l1-2-1.dll
- LoadLibraryW (Address: 0x100491e0)
api-ms-win-core-memory-l1-1-0.dll
- VirtualAlloc (Address: 0x100491ec)
- VirtualFree (Address: 0x100491e8)
- VirtualQuery (Address: 0x100491f0)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x10049200)
- GetCurrentProcessId (Address: 0x10049204)
- GetCurrentThread (Address: 0x10049210)
- GetCurrentThreadId (Address: 0x100491fc)
- OpenProcessToken (Address: 0x1004920c)
- OpenThreadToken (Address: 0x100491f8)
- TerminateProcess (Address: 0x10049208)
api-ms-win-core-processthreads-l1-1-1.dll
- FlushInstructionCache (Address: 0x10049218)
- IsProcessorFeaturePresent (Address: 0x10049220)
- OpenProcess (Address: 0x1004921c)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x10049228)
api-ms-win-core-psapi-l1-1-0.dll
- K32EnumProcessModules (Address: 0x10049230)
- K32GetModuleBaseNameW (Address: 0x10049234)
- K32GetModuleFileNameExW (Address: 0x10049238)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x10049250)
- RegCreateKeyExW (Address: 0x10049240)
- RegDeleteValueW (Address: 0x10049244)
- RegEnumKeyExW (Address: 0x1004925c)
- RegOpenKeyExW (Address: 0x10049254)
- RegQueryInfoKeyW (Address: 0x1004924c)
- RegQueryValueExW (Address: 0x10049248)
- RegSetValueExW (Address: 0x10049258)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathFindFileNameW (Address: 0x10049264)
api-ms-win-core-string-l1-1-0.dll
- MultiByteToWideChar (Address: 0x1004926c)
api-ms-win-core-string-l2-1-0.dll
- CharNextW (Address: 0x10049274)
api-ms-win-core-string-obsolete-l1-1-0.dll
- lstrcmpiW (Address: 0x1004927c)
- lstrcmpW (Address: 0x10049280)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x10049298)
- DeleteCriticalSection (Address: 0x10049294)
- EnterCriticalSection (Address: 0x10049288)
- InitializeCriticalSection (Address: 0x10049290)
- LeaveCriticalSection (Address: 0x1004928c)
- OpenEventW (Address: 0x100492a0)
- ReleaseSRWLockExclusive (Address: 0x1004929c)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x100492ac)
- SleepConditionVariableSRW (Address: 0x100492a8)
- WakeAllConditionVariable (Address: 0x100492b0)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x100492bc)
- GetTickCount (Address: 0x100492b8)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x100492c8)
- EncodePointer (Address: 0x100492c4)
api-ms-win-core-version-l1-1-0.dll
- GetFileVersionInfoExW (Address: 0x100492d0)
- GetFileVersionInfoSizeExW (Address: 0x100492d8)
- VerQueryValueW (Address: 0x100492d4)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- GetTraceEnableFlags (Address: 0x100492f4)
- GetTraceEnableLevel (Address: 0x100492e0)
- GetTraceLoggerHandle (Address: 0x100492f0)
- RegisterTraceGuidsW (Address: 0x100492e8)
- TraceMessage (Address: 0x100492e4)
- UnregisterTraceGuids (Address: 0x100492ec)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x10049308)
- EventRegister (Address: 0x100492fc)
- EventUnregister (Address: 0x10049300)
- EventWriteTransfer (Address: 0x10049304)
api-ms-win-ntuser-rectangle-l1-1-0.dll
- CopyRect (Address: 0x10049310)
- EqualRect (Address: 0x10049324)
- IntersectRect (Address: 0x10049314)
- IsRectEmpty (Address: 0x10049328)
- OffsetRect (Address: 0x10049318)
- PtInRect (Address: 0x10049330)
- SetRect (Address: 0x1004932c)
- SetRectEmpty (Address: 0x1004931c)
- UnionRect (Address: 0x10049320)
api-ms-win-security-base-l1-1-0.dll
- GetTokenInformation (Address: 0x10049338)
CRYPT32.dll
- CryptBinaryToStringW (Address: 0x10049000)
CRYPTSP.dll
- CryptAcquireContextW (Address: 0x10049014)
- CryptCreateHash (Address: 0x10049018)
- CryptDestroyHash (Address: 0x1004901c)
- CryptGenRandom (Address: 0x10049020)
- CryptGetHashParam (Address: 0x10049010)
- CryptHashData (Address: 0x10049008)
- CryptReleaseContext (Address: 0x1004900c)
msvcrt.dll
- __dllonexit (Address: 0x10049350)
- _aligned_free (Address: 0x100493a8)
- _aligned_malloc (Address: 0x100493a4)
- _amsg_exit (Address: 0x1004937c)
- _callnewh (Address: 0x10049388)
- _errno (Address: 0x10049370)
- _except_handler4_common (Address: 0x10049374)
- _initterm (Address: 0x10049378)
- _lock (Address: 0x10049368)
- _onexit (Address: 0x10049360)
- _purecall (Address: 0x1004939c)
- _resetstkoflw (Address: 0x100493b0)
- _unlock (Address: 0x10049354)
- _vsnwprintf (Address: 0x1004934c)
- _wcsicmp (Address: 0x10049358)
- _wcsicoll (Address: 0x10049340)
- _XcptFilter (Address: 0x10049380)
- calloc (Address: 0x100493ac)
- free (Address: 0x10049394)
- malloc (Address: 0x10049390)
- mbstowcs (Address: 0x10049344)
- memcmp (Address: 0x100493b4)
- memcpy (Address: 0x100493b8)
- memcpy_s (Address: 0x100493a0)
- memmove (Address: 0x10049348)
- memset (Address: 0x100493bc)
- realloc (Address: 0x1004936c)
- swprintf_s (Address: 0x10049398)
- wcscat_s (Address: 0x1004935c)
- wcscpy_s (Address: 0x10049384)
- wcsncpy_s (Address: 0x1004938c)
- wcsrchr (Address: 0x10049364)
OLEAUT32.dll
- DispCallFunc (Address: 0x10049070)
- LoadRegTypeLib (Address: 0x10049028)
- LoadTypeLib (Address: 0x10049030)
- OleCreateFontIndirect (Address: 0x10049068)
- OleCreatePropertyFrame (Address: 0x10049074)
- RegisterTypeLib (Address: 0x10049084)
- SafeArrayAccessData (Address: 0x10049078)
- SafeArrayCreate (Address: 0x1004903c)
- SafeArrayDestroy (Address: 0x10049038)
- SafeArrayLock (Address: 0x10049048)
- SafeArrayUnaccessData (Address: 0x10049080)
- SafeArrayUnlock (Address: 0x1004902c)
- SysAllocString (Address: 0x10049088)
- SysAllocStringByteLen (Address: 0x10049058)
- SysAllocStringLen (Address: 0x10049044)
- SysFreeString (Address: 0x10049034)
- SysStringByteLen (Address: 0x10049040)
- SysStringLen (Address: 0x1004907c)
- UnRegisterTypeLib (Address: 0x1004906c)
- VarBstrCat (Address: 0x10049064)
- VarBstrCmp (Address: 0x1004904c)
- VariantChangeType (Address: 0x10049060)
- VariantClear (Address: 0x1004905c)
- VariantCopy (Address: 0x1004908c)
- VariantInit (Address: 0x10049050)
- VarUI4FromStr (Address: 0x10049054)
RDPBASE.dll
- GetSupportedSSELevel_SSE (Address: 0x100490c4)
- MemCopyAligned_SSE (Address: 0x100490a4)
- MemMoveReverseAligned_SSE (Address: 0x100490a8)
- PAL_System_AtomicDecrement (Address: 0x100490b4)
- PAL_System_AtomicIncrement (Address: 0x100490b0)
- PAL_System_CritSecEnter (Address: 0x10049098)
- PAL_System_CritSecInit (Address: 0x1004909c)
- PAL_System_CritSecLeave (Address: 0x10049094)
- PAL_System_CritSecTerminate (Address: 0x100490a0)
- RDPBASE_CreateInstance (Address: 0x100490ac)
- RDPENCHLPREG_ReadValueDWORD (Address: 0x100490cc)
- TsAddRectsToRegion (Address: 0x100490d4)
- TSAlloc (Address: 0x100490bc)
- TsCreateRegion (Address: 0x100490b8)
- TsDestroyRegion (Address: 0x100490c8)
- TSFree (Address: 0x100490c0)
- TsGetRegionRectCount (Address: 0x100490d8)
- TsGetRegionRects (Address: 0x100490dc)
- TsSetRegionFromRects (Address: 0x100490d0)
RDPCORE.dll
- RDPAPI_CreateInstance (Address: 0x100490e4)
RDPSERVERBASE.dll
- RDPSERVERBASE_CreateInstance (Address: 0x100490ec)
WS2_32.dll
- closesocket (Address: 0x100490f4)
- GetHostNameW (Address: 0x100490f8)