Windows.StateRepositoryUpgrade.dll

Description: Windows StateRepository Upgrade

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.6456

Architecture: 32-bit

Operating System: Windows NT

SHA256: 7adf9d4c4452aa8b313c7bd1dc3ef7c0

File Size: 227.5 KB

Uploaded At: Dec. 1, 2025, 8:07 a.m.

Views: 12

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • StateRepository_Migrate (Ordinal: 1, Address: 0x138c0)

Imported DLLs & Functions

api-ms-win-appmodel-runtime-l1-1-1.dll
  • GetApplicationUserModelIdFromToken (Address: 0x1002d0a0)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x1002d0ac)
  • IsDebuggerPresent (Address: 0x1002d0b0)
  • OutputDebugStringW (Address: 0x1002d0a8)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x1002d0b8)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x1002d0c0)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x1002d0c8)
  • RaiseException (Address: 0x1002d0d8)
  • SetLastError (Address: 0x1002d0d0)
  • SetUnhandledExceptionFilter (Address: 0x1002d0cc)
  • UnhandledExceptionFilter (Address: 0x1002d0d4)
api-ms-win-core-file-l1-1-0.dll
  • CreateFileW (Address: 0x1002d0e8)
  • GetFileAttributesW (Address: 0x1002d0e4)
  • WriteFile (Address: 0x1002d0e0)
api-ms-win-core-file-l1-2-0.dll
  • GetTempPathW (Address: 0x1002d0f0)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x1002d0f8)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x1002d108)
  • HeapAlloc (Address: 0x1002d104)
  • HeapFree (Address: 0x1002d100)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x1002d114)
  • LocalFree (Address: 0x1002d110)
api-ms-win-core-libraryloader-l1-2-0.dll
  • FreeLibrary (Address: 0x1002d120)
  • GetModuleFileNameA (Address: 0x1002d12c)
  • GetModuleHandleExW (Address: 0x1002d130)
  • GetModuleHandleW (Address: 0x1002d128)
  • GetProcAddress (Address: 0x1002d124)
  • LoadLibraryExW (Address: 0x1002d11c)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x1002d138)
api-ms-win-core-path-l1-1-0.dll
  • PathCchCombine (Address: 0x1002d140)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x1002d150)
  • GetCurrentProcessId (Address: 0x1002d168)
  • GetCurrentThread (Address: 0x1002d158)
  • GetCurrentThreadId (Address: 0x1002d160)
  • OpenProcessToken (Address: 0x1002d148)
  • OpenThreadToken (Address: 0x1002d154)
  • ProcessIdToSessionId (Address: 0x1002d14c)
  • SetThreadToken (Address: 0x1002d15c)
  • TerminateProcess (Address: 0x1002d164)
api-ms-win-core-processthreads-l1-1-1.dll
  • OpenProcess (Address: 0x1002d170)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x1002d178)
api-ms-win-core-psapi-l1-1-0.dll
  • QueryFullProcessImageNameW (Address: 0x1002d180)
api-ms-win-core-realtime-l1-1-0.dll
  • QueryUnbiasedInterruptTime (Address: 0x1002d188)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x1002d190)
  • RegCreateKeyExW (Address: 0x1002d19c)
  • RegDeleteTreeW (Address: 0x1002d198)
  • RegOpenKeyExW (Address: 0x1002d194)
  • RegQueryValueExW (Address: 0x1002d1a0)
  • RegSetValueExW (Address: 0x1002d1a4)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureStackBackTrace (Address: 0x1002d1ac)
api-ms-win-core-string-l1-1-0.dll
  • CompareStringOrdinal (Address: 0x1002d1b8)
  • MultiByteToWideChar (Address: 0x1002d1b4)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x1002d1c8)
  • AcquireSRWLockShared (Address: 0x1002d1cc)
  • CreateMutexExW (Address: 0x1002d1f8)
  • CreateSemaphoreExW (Address: 0x1002d1ec)
  • DeleteCriticalSection (Address: 0x1002d1e0)
  • EnterCriticalSection (Address: 0x1002d1f4)
  • InitializeCriticalSectionEx (Address: 0x1002d1f0)
  • LeaveCriticalSection (Address: 0x1002d1e8)
  • OpenSemaphoreW (Address: 0x1002d1dc)
  • ReleaseMutex (Address: 0x1002d1d0)
  • ReleaseSemaphore (Address: 0x1002d1e4)
  • ReleaseSRWLockExclusive (Address: 0x1002d1c0)
  • ReleaseSRWLockShared (Address: 0x1002d1c4)
  • WaitForSingleObject (Address: 0x1002d1d4)
  • WaitForSingleObjectEx (Address: 0x1002d1d8)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceBeginInitialize (Address: 0x1002d200)
  • InitOnceComplete (Address: 0x1002d208)
  • Sleep (Address: 0x1002d204)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetLocalTime (Address: 0x1002d214)
  • GetSystemTimeAsFileTime (Address: 0x1002d210)
  • GetTickCount (Address: 0x1002d218)
api-ms-win-core-threadpool-l1-2-0.dll
  • CloseThreadpoolTimer (Address: 0x1002d228)
  • CreateThreadpoolTimer (Address: 0x1002d224)
  • SetThreadpoolTimer (Address: 0x1002d220)
  • WaitForThreadpoolTimerCallbacks (Address: 0x1002d22c)
api-ms-win-core-windowserrorreporting-l1-1-1.dll
  • WerRegisterCustomMetadata (Address: 0x1002d234)
api-ms-win-core-winrt-l1-1-0.dll
  • RoGetActivationFactory (Address: 0x1002d23c)
api-ms-win-core-winrt-string-l1-1-0.dll
  • WindowsCreateStringReference (Address: 0x1002d244)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventActivityIdControl (Address: 0x1002d25c)
  • EventProviderEnabled (Address: 0x1002d260)
  • EventRegister (Address: 0x1002d250)
  • EventSetInformation (Address: 0x1002d254)
  • EventUnregister (Address: 0x1002d24c)
  • EventWriteTransfer (Address: 0x1002d258)
api-ms-win-security-base-l1-1-0.dll
  • CopySid (Address: 0x1002d270)
  • CreateWellKnownSid (Address: 0x1002d278)
  • EqualSid (Address: 0x1002d268)
  • GetLengthSid (Address: 0x1002d274)
  • GetTokenInformation (Address: 0x1002d26c)
api-ms-win-security-lsalookup-l1-1-0.dll
  • LsaLookupClose (Address: 0x1002d284)
  • LsaLookupFreeMemory (Address: 0x1002d288)
  • LsaLookupGetDomainInfo (Address: 0x1002d280)
  • LsaLookupOpenLocalPolicy (Address: 0x1002d28c)
api-ms-win-security-lsalookup-l2-1-0.dll
  • LookupAccountSidW (Address: 0x1002d294)
api-ms-win-security-sddl-l1-1-0.dll
  • ConvertSidToStringSidW (Address: 0x1002d29c)
msvcrt.dll
  • __CxxFrameHandler3 (Address: 0x1002d2f0)
  • __dllonexit (Address: 0x1002d2dc)
  • _amsg_exit (Address: 0x1002d2fc)
  • _callnewh (Address: 0x1002d2ec)
  • _except_handler4_common (Address: 0x1002d2e4)
  • _initterm (Address: 0x1002d2d0)
  • _lock (Address: 0x1002d2d4)
  • _onexit (Address: 0x1002d2e0)
  • _purecall (Address: 0x1002d2c0)
  • _unlock (Address: 0x1002d2d8)
  • _vsnprintf (Address: 0x1002d2b4)
  • _vsnwprintf (Address: 0x1002d2f4)
  • _XcptFilter (Address: 0x1002d2c8)
  • free (Address: 0x1002d2c4)
  • malloc (Address: 0x1002d2cc)
  • memcmp (Address: 0x1002d2a4)
  • memcpy (Address: 0x1002d2f8)
  • memcpy_s (Address: 0x1002d2bc)
  • memmove (Address: 0x1002d2e8)
  • memmove_s (Address: 0x1002d2a8)
  • memset (Address: 0x1002d300)
  • realloc (Address: 0x1002d2b0)
  • toupper (Address: 0x1002d2b8)
  • wcschr (Address: 0x1002d2ac)
ntdll.dll
  • NtQueryInformationFile (Address: 0x1002d34c)
  • NtQueryInformationProcess (Address: 0x1002d344)
  • NtQueryInformationThread (Address: 0x1002d330)
  • RtlAcquireSRWLockExclusive (Address: 0x1002d31c)
  • RtlAcquireSRWLockShared (Address: 0x1002d354)
  • RtlAllocateHeap (Address: 0x1002d350)
  • RtlCompareUnicodeString (Address: 0x1002d32c)
  • RtlConvertSidToUnicodeString (Address: 0x1002d30c)
  • RtlDeleteCriticalSection (Address: 0x1002d33c)
  • RtlDeriveCapabilitySidsFromName (Address: 0x1002d358)
  • RtlDetermineDosPathNameType_U (Address: 0x1002d368)
  • RtlEnterCriticalSection (Address: 0x1002d338)
  • RtlExpandEnvironmentStrings (Address: 0x1002d324)
  • RtlFreeHeap (Address: 0x1002d364)
  • RtlFreeUnicodeString (Address: 0x1002d308)
  • RtlGetDeviceFamilyInfoEnum (Address: 0x1002d360)
  • RtlInitializeCriticalSection (Address: 0x1002d340)
  • RtlInitializeGenericTableAvl (Address: 0x1002d314)
  • RtlInitUnicodeString (Address: 0x1002d35c)
  • RtlInsertElementGenericTableAvl (Address: 0x1002d318)
  • RtlLeaveCriticalSection (Address: 0x1002d334)
  • RtlLookupElementGenericTableAvl (Address: 0x1002d310)
  • RtlNtStatusToDosErrorNoTeb (Address: 0x1002d348)
  • RtlReleaseSRWLockExclusive (Address: 0x1002d320)
  • RtlReleaseSRWLockShared (Address: 0x1002d328)
StateRepository.Core.dll
  • sqlite3_bind_blob (Address: 0x1002d03c)
  • sqlite3_bind_int (Address: 0x1002d044)
  • sqlite3_bind_int64 (Address: 0x1002d040)
  • sqlite3_bind_text16 (Address: 0x1002d000)
  • sqlite3_changes (Address: 0x1002d074)
  • sqlite3_clear_bindings (Address: 0x1002d048)
  • sqlite3_close (Address: 0x1002d084)
  • sqlite3_column_blob (Address: 0x1002d028)
  • sqlite3_column_bytes (Address: 0x1002d030)
  • sqlite3_column_int (Address: 0x1002d038)
  • sqlite3_column_int64 (Address: 0x1002d034)
  • sqlite3_column_text16 (Address: 0x1002d02c)
  • sqlite3_config (Address: 0x1002d014)
  • sqlite3_db_filename (Address: 0x1002d06c)
  • sqlite3_db_handle (Address: 0x1002d04c)
  • sqlite3_db_status (Address: 0x1002d068)
  • sqlite3_errcode (Address: 0x1002d060)
  • sqlite3_errmsg (Address: 0x1002d080)
  • sqlite3_exec (Address: 0x1002d050)
  • sqlite3_expanded_sql (Address: 0x1002d00c)
  • sqlite3_finalize (Address: 0x1002d020)
  • sqlite3_free (Address: 0x1002d05c)
  • sqlite3_get_autocommit (Address: 0x1002d078)
  • sqlite3_last_insert_rowid (Address: 0x1002d070)
  • sqlite3_log (Address: 0x1002d07c)
  • sqlite3_next_stmt (Address: 0x1002d064)
  • sqlite3_prepare_v2 (Address: 0x1002d058)
  • sqlite3_reset (Address: 0x1002d01c)
  • sqlite3_shutdown (Address: 0x1002d088)
  • sqlite3_snprintf (Address: 0x1002d010)
  • sqlite3_sql (Address: 0x1002d024)
  • sqlite3_status (Address: 0x1002d008)
  • sqlite3_step (Address: 0x1002d018)
  • sqlite3_stmt_busy (Address: 0x1002d054)
  • sqlite3_vfs_unregister (Address: 0x1002d004)
Windows.StateRepository.dll
  • StateRepository_DataAccessLayer_DatabaseCache_Add (Address: 0x1002d094)
  • StateRepository_DataAccessLayer_DatabaseCache_Get (Address: 0x1002d098)
  • StateRepository_Service_UpdateStatus (Address: 0x1002d090)