mofd.dll
Description: WMI
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.4474
Architecture: 32-bit
Operating System: Windows NT
SHA256: 7b2d9e6e375d186612cfbd89fe668b17
File Size: 196.0 KB
Uploaded At: Dec. 1, 2025, 8:11 a.m.
Views: 14
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- CompileFileViaDLL (Ordinal: 1, Address: 0x23500)
- CreateBMOFViaDLL (Ordinal: 2, Address: 0x23710)
- DllCanUnloadNow (Ordinal: 3, Address: 0xe260)
- DllGetClassObject (Ordinal: 4, Address: 0xe0d0)
- DllRegisterServer (Ordinal: 5, Address: 0xe2c0)
- DllUnregisterServer (Ordinal: 6, Address: 0xe340)
Imported DLLs & Functions
api-ms-win-core-console-l1-1-0.dll
- GetConsoleOutputCP (Address: 0x1002c000)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x1002c00c)
- OutputDebugStringA (Address: 0x1002c008)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x1002c014)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x1002c01c)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x1002c030)
- RaiseException (Address: 0x1002c02c)
- SetUnhandledExceptionFilter (Address: 0x1002c024)
- UnhandledExceptionFilter (Address: 0x1002c028)
api-ms-win-core-file-l1-1-0.dll
- CreateFileW (Address: 0x1002c044)
- DeleteFileW (Address: 0x1002c048)
- GetFullPathNameW (Address: 0x1002c040)
- GetTempFileNameW (Address: 0x1002c04c)
- ReadFile (Address: 0x1002c038)
- SetFilePointer (Address: 0x1002c050)
- WriteFile (Address: 0x1002c03c)
api-ms-win-core-file-l1-2-0.dll
- GetTempPathW (Address: 0x1002c058)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1002c060)
api-ms-win-core-heap-l2-1-0.dll
- LocalFree (Address: 0x1002c068)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x1002c094)
- FindResourceExW (Address: 0x1002c088)
- FreeLibrary (Address: 0x1002c090)
- GetModuleFileNameW (Address: 0x1002c08c)
- GetModuleHandleW (Address: 0x1002c074)
- GetProcAddress (Address: 0x1002c070)
- LoadLibraryExW (Address: 0x1002c084)
- LoadResource (Address: 0x1002c07c)
- LoadStringW (Address: 0x1002c078)
- SizeofResource (Address: 0x1002c080)
api-ms-win-core-localization-l1-2-0.dll
- LCMapStringW (Address: 0x1002c09c)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x1002c0a8)
- GetStdHandle (Address: 0x1002c0a4)
api-ms-win-core-processthreads-l1-1-0.dll
- CreateProcessW (Address: 0x1002c0b8)
- GetCurrentProcess (Address: 0x1002c0c8)
- GetCurrentProcessId (Address: 0x1002c0c0)
- GetCurrentThread (Address: 0x1002c0b0)
- GetCurrentThreadId (Address: 0x1002c0c4)
- OpenProcessToken (Address: 0x1002c0b4)
- OpenThreadToken (Address: 0x1002c0cc)
- TerminateProcess (Address: 0x1002c0bc)
api-ms-win-core-processthreads-l1-1-1.dll
- OpenProcess (Address: 0x1002c0d4)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x1002c0dc)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x1002c104)
- RegCreateKeyExW (Address: 0x1002c0e8)
- RegDeleteKeyExW (Address: 0x1002c100)
- RegDeleteValueW (Address: 0x1002c0f0)
- RegEnumKeyExW (Address: 0x1002c0fc)
- RegOpenKeyExW (Address: 0x1002c0e4)
- RegQueryInfoKeyW (Address: 0x1002c0f8)
- RegQueryValueExW (Address: 0x1002c0ec)
- RegSetValueExW (Address: 0x1002c0f4)
api-ms-win-core-string-l1-1-0.dll
- CompareStringW (Address: 0x1002c110)
- GetStringTypeExW (Address: 0x1002c118)
- MultiByteToWideChar (Address: 0x1002c10c)
- WideCharToMultiByte (Address: 0x1002c114)
api-ms-win-core-string-l2-1-0.dll
- CharLowerBuffW (Address: 0x1002c120)
- CharNextW (Address: 0x1002c124)
api-ms-win-core-string-obsolete-l1-1-0.dll
- lstrcmpiW (Address: 0x1002c12c)
- lstrcmpW (Address: 0x1002c130)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x1002c138)
- DeleteCriticalSection (Address: 0x1002c14c)
- EnterCriticalSection (Address: 0x1002c140)
- InitializeCriticalSection (Address: 0x1002c144)
- LeaveCriticalSection (Address: 0x1002c13c)
- ReleaseSRWLockExclusive (Address: 0x1002c148)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x1002c15c)
- SleepConditionVariableSRW (Address: 0x1002c158)
- WakeAllConditionVariable (Address: 0x1002c154)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemDirectoryW (Address: 0x1002c164)
- GetSystemTimeAsFileTime (Address: 0x1002c170)
- GetTickCount (Address: 0x1002c168)
- GetVersionExW (Address: 0x1002c16c)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- GetTraceEnableFlags (Address: 0x1002c180)
- GetTraceEnableLevel (Address: 0x1002c178)
- GetTraceLoggerHandle (Address: 0x1002c188)
- RegisterTraceGuidsW (Address: 0x1002c184)
- TraceMessage (Address: 0x1002c18c)
- UnregisterTraceGuids (Address: 0x1002c17c)
api-ms-win-security-base-l1-1-0.dll
- AdjustTokenPrivileges (Address: 0x1002c194)
- ImpersonateSelf (Address: 0x1002c198)
- RevertToSelf (Address: 0x1002c19c)
msvcrt.dll
- __CxxFrameHandler3 (Address: 0x1002c1a4)
- __dllonexit (Address: 0x1002c1f4)
- _amsg_exit (Address: 0x1002c230)
- _close (Address: 0x1002c1d0)
- _CxxThrowException (Address: 0x1002c1b4)
- _errno (Address: 0x1002c21c)
- _except_handler4_common (Address: 0x1002c278)
- _initterm (Address: 0x1002c1e4)
- _lock (Address: 0x1002c1e8)
- _onexit (Address: 0x1002c1f8)
- _open (Address: 0x1002c1d8)
- _purecall (Address: 0x1002c260)
- _resetstkoflw (Address: 0x1002c268)
- _ui64tow_s (Address: 0x1002c234)
- _unlock (Address: 0x1002c1ec)
- _vsnwprintf (Address: 0x1002c28c)
- _waccess (Address: 0x1002c244)
- _wcsdup (Address: 0x1002c204)
- _wcserror (Address: 0x1002c294)
- _wcsicmp (Address: 0x1002c274)
- _wcsnicmp (Address: 0x1002c270)
- _wfopen (Address: 0x1002c258)
- _wfullpath (Address: 0x1002c1e0)
- _write (Address: 0x1002c1d4)
- _wsplitpath_s (Address: 0x1002c1dc)
- _wtoi (Address: 0x1002c208)
- _wtol (Address: 0x1002c20c)
- _XcptFilter (Address: 0x1002c1a8)
- ??0exception@@QAE@ABQBD@Z (Address: 0x1002c1c8)
- ??0exception@@QAE@ABQBDH@Z (Address: 0x1002c1c4)
- ??0exception@@QAE@ABV0@@Z (Address: 0x1002c1c0)
- ??1exception@@UAE@XZ (Address: 0x1002c1bc)
- ??1type_info@@UAE@XZ (Address: 0x1002c224)
- ?terminate@@YAXXZ (Address: 0x1002c220)
- ?what@exception@@UBEPBDXZ (Address: 0x1002c1b8)
- calloc (Address: 0x1002c25c)
- fclose (Address: 0x1002c24c)
- ferror (Address: 0x1002c240)
- fread (Address: 0x1002c248)
- free (Address: 0x1002c290)
- fseek (Address: 0x1002c254)
- ftell (Address: 0x1002c250)
- fwrite (Address: 0x1002c1f0)
- iswspace (Address: 0x1002c280)
- iswxdigit (Address: 0x1002c228)
- malloc (Address: 0x1002c264)
- mbstowcs (Address: 0x1002c23c)
- memcmp (Address: 0x1002c214)
- memcpy (Address: 0x1002c1b0)
- memcpy_s (Address: 0x1002c288)
- memmove (Address: 0x1002c1ac)
- memset (Address: 0x1002c298)
- printf (Address: 0x1002c200)
- realloc (Address: 0x1002c1cc)
- swscanf (Address: 0x1002c210)
- towupper (Address: 0x1002c218)
- wcschr (Address: 0x1002c27c)
- wcsncmp (Address: 0x1002c284)
- wcsncpy_s (Address: 0x1002c238)
- wcsrchr (Address: 0x1002c26c)
- wcstok (Address: 0x1002c22c)
- wcstombs (Address: 0x1002c1fc)
wbemcomn.dll
- _ThrowMemoryException_ (Address: 0x1002c360)
- ??0CFlexArray@@QAE@HH@Z (Address: 0x1002c30c)
- ??0CMRCICompression@@QAE@XZ (Address: 0x1002c2fc)
- ??0Registry@@QAE@PBGK@Z (Address: 0x1002c2e4)
- ??0WString@@QAE@PBG@Z (Address: 0x1002c324)
- ??0WString@@QAE@XZ (Address: 0x1002c2f4)
- ??1CFlexArray@@QAE@XZ (Address: 0x1002c310)
- ??1CMRCICompression@@QAE@XZ (Address: 0x1002c318)
- ??1CVar@@QAE@XZ (Address: 0x1002c33c)
- ??1Registry@@QAE@XZ (Address: 0x1002c2e8)
- ??4WString@@QAEAAV0@PBG@Z (Address: 0x1002c2cc)
- ?AddEnvironmentValue@CWbemInstallObject@@SGJPBG0@Z (Address: 0x1002c2a0)
- ?CleanUp@CWbemInstallObject@@SGXXZ (Address: 0x1002c2c8)
- ?CoCreateInstance@CWbemInstallObject@@SGJABU_GUID@@PAUIUnknown@@K0PAPAX@Z (Address: 0x1002c2f8)
- ?DeleteString@WString@@AAEXPAG@Z (Address: 0x1002c35c)
- ?ExpandEnvironmentStringsW@CWbemInstallObject@@SGKPBGPAGK@Z (Address: 0x1002c304)
- ?FlushRepository@CWbemInstallObject@@SGJXZ (Address: 0x1002c2c4)
- ?GetAt@CFlexArray@@QBEPAXH@Z (Address: 0x1002c314)
- ?GetMultiStr@Registry@@QAEPAGPBGAAK@Z (Address: 0x1002c2ec)
- ?GetRepositoryFolder@CWbemInstallObject@@SGPBGXZ (Address: 0x1002c308)
- ?GetText@CVar@@QAEPAGJJPBG@Z (Address: 0x1002c340)
- ?Init@CVar@@AAEXXZ (Address: 0x1002c334)
- ?InsertAt@CFlexArray@@QAEHHPAX@Z (Address: 0x1002c344)
- ?IsOffline@CWbemInstallObject@@SG_NXZ (Address: 0x1002c36c)
- ?LocaleName_To_LCID@CMUILocale@@SGJPBGPA_NPAK@Z (Address: 0x1002c330)
- ?Mrci1Decompress@CBaseMrciCompression@@QAEIPAEI0I@Z (Address: 0x1002c300)
- ?Mrci1MaxCompress@CBaseMrciCompression@@QAEIPAEI0I@Z (Address: 0x1002c34c)
- ?ms_XXX_Locale_To_LCID@CMUILocale@@SGJPBGPAK@Z (Address: 0x1002c32c)
- ?RemoveAt@CFlexArray@@QAEHH@Z (Address: 0x1002c348)
- ?SetAutoRecoverFolder@CWbemInstallObject@@SGXPBG@Z (Address: 0x1002c2b4)
- ?SetBinaryPath@CWbemInstallObject@@SGXPBG@Z (Address: 0x1002c2ac)
- ?SetMultiStr@Registry@@QAEHPBGPAGK@Z (Address: 0x1002c2f0)
- ?SetOffline@CWbemInstallObject@@SGX_N@Z (Address: 0x1002c2a8)
- ?SetRegistryPathCIMOM@CWbemInstallObject@@SGXPBG@Z (Address: 0x1002c2bc)
- ?SetRegistryPathWbem@CWbemInstallObject@@SGXPBG@Z (Address: 0x1002c2b8)
- ?SetRepositoryFolder@CWbemInstallObject@@SGXPBG@Z (Address: 0x1002c2b0)
- ?SetStr@Registry@@QAEHPBG0@Z (Address: 0x1002c350)
- ?SetVariant@CVar@@QAEHPAUtagVARIANT@@H@Z (Address: 0x1002c338)
- ?Shutdown@CWbemInstallObject@@SGXXZ (Address: 0x1002c2a4)
- ?WbemMemAlloc@CWin32DefaultArena@@SAPAXK@Z (Address: 0x1002c368)
- ?WbemMemFree@CWin32DefaultArena@@SAHPAX@Z (Address: 0x1002c364)
- ?Write@CMemoryLog@@QAEXJ@Z (Address: 0x1002c358)
- bAreWeLocal (Address: 0x1002c320)
- CopyFileToAutorecover (Address: 0x1002c2e0)
- ExtractMachineName (Address: 0x1002c31c)
- GetMemLogObject (Address: 0x1002c354)
- RegisterDLL (Address: 0x1002c2d0)
- RegisterDllAppid (Address: 0x1002c2d4)
- RemoveFileFromAutoRecoverFolder (Address: 0x1002c2c0)
- UnRegisterDLL (Address: 0x1002c2d8)
- UnregisterDllAppid (Address: 0x1002c2dc)
- WbemVariantChangeType (Address: 0x1002c328)