UserDataAccountApis.dll

Description: DLL for UserDataAccountsRT

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.4355

Architecture: 32-bit

Operating System: Windows NT

SHA256: 0ffe74118db8f1aff24b54c9e2077a78

File Size: 323.5 KB

Uploaded At: Dec. 1, 2025, 8:05 a.m.

Views: 17

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x13190)
  • DllGetActivationFactory (Ordinal: 2, Address: 0x13150)
  • DllGetClassObject (Ordinal: 3, Address: 0x13170)

Imported DLLs & Functions

api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x1004c024)
  • IsDebuggerPresent (Address: 0x1004c01c)
  • OutputDebugStringW (Address: 0x1004c020)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x1004c02c)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x1004c034)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x1004c04c)
  • RaiseException (Address: 0x1004c048)
  • SetLastError (Address: 0x1004c044)
  • SetUnhandledExceptionFilter (Address: 0x1004c03c)
  • UnhandledExceptionFilter (Address: 0x1004c040)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x1004c054)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x1004c05c)
  • HeapAlloc (Address: 0x1004c064)
  • HeapFree (Address: 0x1004c060)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x1004c06c)
  • LocalFree (Address: 0x1004c070)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x1004c080)
  • FreeLibrary (Address: 0x1004c088)
  • GetModuleFileNameA (Address: 0x1004c07c)
  • GetModuleHandleExW (Address: 0x1004c078)
  • GetModuleHandleW (Address: 0x1004c08c)
  • GetProcAddress (Address: 0x1004c084)
api-ms-win-core-libraryloader-l1-2-1.dll
  • LoadLibraryW (Address: 0x1004c094)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x1004c09c)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x1004c0b0)
  • GetCurrentProcessId (Address: 0x1004c0a8)
  • GetCurrentThread (Address: 0x1004c0bc)
  • GetCurrentThreadId (Address: 0x1004c0a4)
  • OpenProcessToken (Address: 0x1004c0b8)
  • OpenThreadToken (Address: 0x1004c0c0)
  • SetThreadToken (Address: 0x1004c0b4)
  • TerminateProcess (Address: 0x1004c0ac)
api-ms-win-core-processthreads-l1-1-1.dll
  • OpenProcess (Address: 0x1004c0c8)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x1004c0d0)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x1004c114)
  • AcquireSRWLockShared (Address: 0x1004c11c)
  • CreateEventExW (Address: 0x1004c108)
  • CreateEventW (Address: 0x1004c0f8)
  • CreateMutexExW (Address: 0x1004c110)
  • CreateSemaphoreExW (Address: 0x1004c104)
  • DeleteCriticalSection (Address: 0x1004c0dc)
  • EnterCriticalSection (Address: 0x1004c120)
  • InitializeCriticalSectionEx (Address: 0x1004c0e0)
  • InitializeSRWLock (Address: 0x1004c0d8)
  • LeaveCriticalSection (Address: 0x1004c0e4)
  • OpenSemaphoreW (Address: 0x1004c0f4)
  • ReleaseMutex (Address: 0x1004c0e8)
  • ReleaseSemaphore (Address: 0x1004c100)
  • ReleaseSRWLockExclusive (Address: 0x1004c118)
  • ReleaseSRWLockShared (Address: 0x1004c10c)
  • SetEvent (Address: 0x1004c0f0)
  • WaitForSingleObject (Address: 0x1004c0fc)
  • WaitForSingleObjectEx (Address: 0x1004c0ec)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceBeginInitialize (Address: 0x1004c134)
  • InitOnceComplete (Address: 0x1004c128)
  • InitOnceExecuteOnce (Address: 0x1004c12c)
  • Sleep (Address: 0x1004c130)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x1004c140)
  • GetTickCount (Address: 0x1004c13c)
  • GetTickCount64 (Address: 0x1004c144)
api-ms-win-core-threadpool-l1-2-0.dll
  • CloseThreadpoolWait (Address: 0x1004c154)
  • CloseThreadpoolWork (Address: 0x1004c158)
  • CreateThreadpoolWait (Address: 0x1004c14c)
  • CreateThreadpoolWork (Address: 0x1004c160)
  • FreeLibraryWhenCallbackReturns (Address: 0x1004c164)
  • SetThreadpoolWait (Address: 0x1004c150)
  • SubmitThreadpoolWork (Address: 0x1004c15c)
  • WaitForThreadpoolWaitCallbacks (Address: 0x1004c168)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x1004c170)
  • EncodePointer (Address: 0x1004c174)
api-ms-win-core-winrt-propertysetprivate-l1-1-1.dll
  • RoCreatePropertySetSerializer (Address: 0x1004c17c)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventActivityIdControl (Address: 0x1004c190)
  • EventRegister (Address: 0x1004c194)
  • EventSetInformation (Address: 0x1004c188)
  • EventUnregister (Address: 0x1004c18c)
  • EventWriteTransfer (Address: 0x1004c184)
api-ms-win-service-management-l1-1-0.dll
  • CloseServiceHandle (Address: 0x1004c1a0)
  • OpenSCManagerW (Address: 0x1004c19c)
  • OpenServiceW (Address: 0x1004c1a4)
api-ms-win-service-winsvc-l1-1-0.dll
  • QueryServiceStatus (Address: 0x1004c1ac)
api-ms-win-shcore-stream-winrt-l1-1-0.dll
  • CreateStreamOverRandomAccessStream (Address: 0x1004c1b4)
msvcrt.dll
  • __CxxFrameHandler3 (Address: 0x1004c1c8)
  • __dllonexit (Address: 0x1004c1d0)
  • _amsg_exit (Address: 0x1004c1e4)
  • _callnewh (Address: 0x1004c1ec)
  • _except_handler4_common (Address: 0x1004c1c4)
  • _initterm (Address: 0x1004c1e0)
  • _lock (Address: 0x1004c1dc)
  • _onexit (Address: 0x1004c214)
  • _purecall (Address: 0x1004c20c)
  • _unlock (Address: 0x1004c1d8)
  • _vsnwprintf (Address: 0x1004c1cc)
  • _XcptFilter (Address: 0x1004c1e8)
  • free (Address: 0x1004c1f8)
  • malloc (Address: 0x1004c1fc)
  • memcmp (Address: 0x1004c1d4)
  • memcpy (Address: 0x1004c1bc)
  • memcpy_s (Address: 0x1004c210)
  • memmove (Address: 0x1004c1c0)
  • memmove_s (Address: 0x1004c200)
  • memset (Address: 0x1004c218)
  • realloc (Address: 0x1004c1f0)
  • wcscpy_s (Address: 0x1004c208)
  • wcsncmp (Address: 0x1004c204)
  • wcstoul (Address: 0x1004c1f4)
ntdll.dll
  • RtlQueryWnfStateData (Address: 0x1004c220)
  • RtlSubscribeWnfStateChangeNotification (Address: 0x1004c224)
  • RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x1004c228)
UserDataPlatformHelperUtil.dll
  • GenerateUserModeServiceName (Address: 0x1004c014)
  • GetUserContextFromHandle (Address: 0x1004c008)
  • GetUserTokenFromContext (Address: 0x1004c00c)
  • IsCommsSystemService (Address: 0x1004c004)
  • RunServicesInProc (Address: 0x1004c010)
  • StartAndWaitForServiceForUser (Address: 0x1004c000)