pdm.dll

Description: Process Debug Manager

Authors: © Microsoft Corporation. All rights reserved.

Version: 16.0.81.0

Architecture: 32-bit

Operating System: Windows

SHA256: 35543b1d2b626bbd54cbfbe003c52ab5

File Size: 481.6 KB

Uploaded At: Dec. 1, 2025, 8:10 a.m.

Views: 13

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x30ed0)
  • DllGetClassObject (Ordinal: 2, Address: 0x30f00)
  • DllRegisterServer (Ordinal: 3, Address: 0x30f10)
  • DllUnregisterServer (Ordinal: 4, Address: 0x30f20)

Imported DLLs & Functions

ADVAPI32.dll
  • AddAce (Address: 0x1006f038)
  • CopySid (Address: 0x1006f020)
  • EqualSid (Address: 0x1006f080)
  • GetAclInformation (Address: 0x1006f00c)
  • GetLengthSid (Address: 0x1006f044)
  • GetSecurityDescriptorControl (Address: 0x1006f01c)
  • GetSecurityDescriptorDacl (Address: 0x1006f008)
  • GetSecurityDescriptorGroup (Address: 0x1006f010)
  • GetSecurityDescriptorOwner (Address: 0x1006f030)
  • GetSecurityDescriptorSacl (Address: 0x1006f000)
  • GetSidIdentifierAuthority (Address: 0x1006f070)
  • GetSidLengthRequired (Address: 0x1006f018)
  • GetSidSubAuthority (Address: 0x1006f014)
  • GetSidSubAuthorityCount (Address: 0x1006f078)
  • GetTokenInformation (Address: 0x1006f024)
  • InitializeAcl (Address: 0x1006f040)
  • InitializeSecurityDescriptor (Address: 0x1006f03c)
  • InitializeSid (Address: 0x1006f02c)
  • IsValidSid (Address: 0x1006f034)
  • MakeAbsoluteSD (Address: 0x1006f048)
  • OpenProcessToken (Address: 0x1006f074)
  • RegCloseKey (Address: 0x1006f064)
  • RegCreateKeyExW (Address: 0x1006f054)
  • RegDeleteKeyW (Address: 0x1006f050)
  • RegDeleteValueW (Address: 0x1006f060)
  • RegEnumKeyExW (Address: 0x1006f058)
  • RegEnumKeyW (Address: 0x1006f07c)
  • RegOpenKeyExW (Address: 0x1006f068)
  • RegQueryInfoKeyW (Address: 0x1006f04c)
  • RegQueryValueExW (Address: 0x1006f06c)
  • RegSetValueExW (Address: 0x1006f05c)
  • SetSecurityDescriptorDacl (Address: 0x1006f004)
  • SetSecurityDescriptorSacl (Address: 0x1006f028)
KERNEL32.dll
  • CloseHandle (Address: 0x1006f210)
  • CreateEventW (Address: 0x1006f0ec)
  • CreateFileMappingW (Address: 0x1006f0cc)
  • CreateFileW (Address: 0x1006f1b4)
  • CreateMutexW (Address: 0x1006f088)
  • CreateSemaphoreW (Address: 0x1006f1e8)
  • CreateThread (Address: 0x1006f09c)
  • DecodePointer (Address: 0x1006f208)
  • DeleteCriticalSection (Address: 0x1006f200)
  • DuplicateHandle (Address: 0x1006f0e4)
  • EncodePointer (Address: 0x1006f0a4)
  • EnterCriticalSection (Address: 0x1006f22c)
  • ExitProcess (Address: 0x1006f14c)
  • FindClose (Address: 0x1006f170)
  • FindFirstFileExA (Address: 0x1006f174)
  • FindNextFileA (Address: 0x1006f178)
  • FindResourceExW (Address: 0x1006f1d4)
  • FindResourceW (Address: 0x1006f1cc)
  • FlushFileBuffers (Address: 0x1006f1ac)
  • FormatMessageA (Address: 0x1006f240)
  • FormatMessageW (Address: 0x1006f248)
  • FreeEnvironmentStringsW (Address: 0x1006f194)
  • FreeLibrary (Address: 0x1006f19c)
  • FreeLibraryAndExitThread (Address: 0x1006f098)
  • GetACP (Address: 0x1006f160)
  • GetCommandLineA (Address: 0x1006f188)
  • GetCommandLineW (Address: 0x1006f18c)
  • GetComputerNameW (Address: 0x1006f234)
  • GetConsoleCP (Address: 0x1006f1a0)
  • GetConsoleMode (Address: 0x1006f1a4)
  • GetCPInfo (Address: 0x1006f184)
  • GetCurrentProcess (Address: 0x1006f0d8)
  • GetCurrentProcessId (Address: 0x1006f094)
  • GetCurrentThread (Address: 0x1006f0fc)
  • GetCurrentThreadId (Address: 0x1006f08c)
  • GetEnvironmentStringsW (Address: 0x1006f190)
  • GetFileAttributesW (Address: 0x1006f100)
  • GetFileType (Address: 0x1006f168)
  • GetLastError (Address: 0x1006f218)
  • GetModuleFileNameA (Address: 0x1006f154)
  • GetModuleFileNameW (Address: 0x1006f12c)
  • GetModuleHandleExW (Address: 0x1006f150)
  • GetModuleHandleW (Address: 0x1006f1c0)
  • GetOEMCP (Address: 0x1006f180)
  • GetProcAddress (Address: 0x1006f1c4)
  • GetProcessHeap (Address: 0x1006f1fc)
  • GetStartupInfoW (Address: 0x1006f118)
  • GetStdHandle (Address: 0x1006f164)
  • GetStringTypeW (Address: 0x1006f16c)
  • GetSystemInfo (Address: 0x1006f13c)
  • GetSystemTimeAsFileTime (Address: 0x1006f120)
  • GetThreadLocale (Address: 0x1006f0a0)
  • GetTickCount (Address: 0x1006f0d4)
  • GetVersion (Address: 0x1006f23c)
  • GlobalAlloc (Address: 0x1006f0b0)
  • GlobalFree (Address: 0x1006f0b4)
  • GlobalLock (Address: 0x1006f0b8)
  • GlobalUnlock (Address: 0x1006f0bc)
  • HeapAlloc (Address: 0x1006f20c)
  • HeapDestroy (Address: 0x1006f204)
  • HeapFree (Address: 0x1006f230)
  • HeapReAlloc (Address: 0x1006f214)
  • HeapSize (Address: 0x1006f21c)
  • InitializeCriticalSectionAndSpinCount (Address: 0x1006f138)
  • InitializeCriticalSectionEx (Address: 0x1006f220)
  • InitializeSListHead (Address: 0x1006f124)
  • InterlockedFlushSList (Address: 0x1006f130)
  • IsDebuggerPresent (Address: 0x1006f114)
  • IsProcessorFeaturePresent (Address: 0x1006f110)
  • IsValidCodePage (Address: 0x1006f17c)
  • LCMapStringW (Address: 0x1006f15c)
  • LeaveCriticalSection (Address: 0x1006f224)
  • LoadLibraryExA (Address: 0x1006f24c)
  • LoadLibraryExW (Address: 0x1006f0ac)
  • LoadLibraryW (Address: 0x1006f1bc)
  • LoadResource (Address: 0x1006f1d0)
  • LocalFree (Address: 0x1006f244)
  • LockResource (Address: 0x1006f1d8)
  • lstrcmpiW (Address: 0x1006f0a8)
  • MapViewOfFile (Address: 0x1006f0d0)
  • MultiByteToWideChar (Address: 0x1006f1c8)
  • OpenEventW (Address: 0x1006f0e0)
  • OpenFileMappingW (Address: 0x1006f0c0)
  • OpenProcess (Address: 0x1006f0e8)
  • OutputDebugStringW (Address: 0x1006f1b0)
  • ProcessIdToSessionId (Address: 0x1006f238)
  • QueryPerformanceCounter (Address: 0x1006f11c)
  • RaiseException (Address: 0x1006f1ec)
  • RegisterWaitForSingleObject (Address: 0x1006f0dc)
  • ReleaseMutex (Address: 0x1006f090)
  • ReleaseSemaphore (Address: 0x1006f228)
  • RtlUnwind (Address: 0x1006f128)
  • SetEvent (Address: 0x1006f0f0)
  • SetFilePointerEx (Address: 0x1006f1a8)
  • SetLastError (Address: 0x1006f134)
  • SetStdHandle (Address: 0x1006f198)
  • SetUnhandledExceptionFilter (Address: 0x1006f108)
  • SizeofResource (Address: 0x1006f1dc)
  • Sleep (Address: 0x1006f0c8)
  • TerminateProcess (Address: 0x1006f10c)
  • TlsAlloc (Address: 0x1006f1f0)
  • TlsFree (Address: 0x1006f1e0)
  • TlsGetValue (Address: 0x1006f1e4)
  • TlsSetValue (Address: 0x1006f1f8)
  • UnhandledExceptionFilter (Address: 0x1006f104)
  • UnmapViewOfFile (Address: 0x1006f0c4)
  • UnregisterWaitEx (Address: 0x1006f0f4)
  • VirtualAlloc (Address: 0x1006f140)
  • VirtualProtect (Address: 0x1006f144)
  • VirtualQuery (Address: 0x1006f148)
  • WaitForMultipleObjects (Address: 0x1006f0f8)
  • WaitForSingleObject (Address: 0x1006f1f4)
  • WideCharToMultiByte (Address: 0x1006f158)
  • WriteConsoleW (Address: 0x1006f1b8)
  • WriteFile (Address: 0x1006f250)
ole32.dll
  • CLSIDFromString (Address: 0x1006f35c)
  • CoCreateInstance (Address: 0x1006f324)
  • CoGetObjectContext (Address: 0x1006f320)
  • CoInitializeEx (Address: 0x1006f340)
  • CoMarshalInterface (Address: 0x1006f354)
  • CoQueryProxyBlanket (Address: 0x1006f330)
  • CoRegisterClassObject (Address: 0x1006f318)
  • CoRegisterMessageFilter (Address: 0x1006f338)
  • CoRegisterPSClsid (Address: 0x1006f334)
  • CoReleaseMarshalData (Address: 0x1006f358)
  • CoSetProxyBlanket (Address: 0x1006f31c)
  • CoTaskMemAlloc (Address: 0x1006f32c)
  • CoTaskMemFree (Address: 0x1006f344)
  • CoTaskMemRealloc (Address: 0x1006f348)
  • CoUninitialize (Address: 0x1006f33c)
  • CoUnmarshalInterface (Address: 0x1006f350)
  • CoWaitForMultipleHandles (Address: 0x1006f360)
  • CreateStreamOnHGlobal (Address: 0x1006f34c)
  • StringFromGUID2 (Address: 0x1006f328)
OLEAUT32.dll
  • SafeArrayGetDim (Address: 0x1006f268)
  • SafeArrayGetLBound (Address: 0x1006f274)
  • SafeArrayGetUBound (Address: 0x1006f270)
  • SafeArrayPtrOfIndex (Address: 0x1006f28c)
  • SysAllocString (Address: 0x1006f280)
  • SysAllocStringByteLen (Address: 0x1006f264)
  • SysAllocStringLen (Address: 0x1006f25c)
  • SysFreeString (Address: 0x1006f284)
  • SysStringByteLen (Address: 0x1006f260)
  • SysStringLen (Address: 0x1006f258)
  • VarBstrCat (Address: 0x1006f290)
  • VariantChangeType (Address: 0x1006f298)
  • VariantClear (Address: 0x1006f27c)
  • VariantCopy (Address: 0x1006f278)
  • VariantCopyInd (Address: 0x1006f288)
  • VariantInit (Address: 0x1006f26c)
  • VarUI4FromStr (Address: 0x1006f294)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x1006f2ac)
  • CStdStubBuffer_Connect (Address: 0x1006f2d0)
  • CStdStubBuffer_CountRefs (Address: 0x1006f2b4)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x1006f2a4)
  • CStdStubBuffer_DebugServerRelease (Address: 0x1006f2c0)
  • CStdStubBuffer_Disconnect (Address: 0x1006f2c4)
  • CStdStubBuffer_Invoke (Address: 0x1006f2dc)
  • CStdStubBuffer_IsIIDSupported (Address: 0x1006f2cc)
  • CStdStubBuffer_QueryInterface (Address: 0x1006f2b8)
  • IUnknown_AddRef_Proxy (Address: 0x1006f2a0)
  • IUnknown_QueryInterface_Proxy (Address: 0x1006f2c8)
  • IUnknown_Release_Proxy (Address: 0x1006f2b0)
  • NdrCStdStubBuffer_Release (Address: 0x1006f2d8)
  • NdrDllGetClassObject (Address: 0x1006f2d4)
  • NdrOleAllocate (Address: 0x1006f2bc)
  • NdrOleFree (Address: 0x1006f2a8)
USER32.dll
  • CharNextW (Address: 0x1006f2e4)
  • CreateWindowExW (Address: 0x1006f2f8)
  • DefWindowProcW (Address: 0x1006f304)
  • DestroyWindow (Address: 0x1006f2fc)
  • GetWindowLongW (Address: 0x1006f308)
  • IsWindow (Address: 0x1006f310)
  • MsgWaitForMultipleObjects (Address: 0x1006f30c)
  • PostMessageW (Address: 0x1006f300)
  • RegisterClassW (Address: 0x1006f2ec)
  • SendMessageW (Address: 0x1006f2f4)
  • SetWindowLongW (Address: 0x1006f2e8)
  • UnregisterClassW (Address: 0x1006f2f0)