WmiDcPrv.dll

Description: WMI

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.3636

Architecture: 32-bit

Operating System: Windows NT

SHA256: 18c48464a01c1ba083d73d010c55ad4f

File Size: 138.0 KB

Uploaded At: Dec. 1, 2025, 8:11 a.m.

Views: 11

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x5ee0)
  • DllGetClassObject (Ordinal: 2, Address: 0x5db0)
  • DllRegisterServer (Ordinal: 3, Address: 0x6210)
  • DllUnregisterServer (Ordinal: 4, Address: 0x6250)

Imported DLLs & Functions

api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x1002101c)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x10021024)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x10021034)
  • SetUnhandledExceptionFilter (Address: 0x10021030)
  • UnhandledExceptionFilter (Address: 0x1002102c)
api-ms-win-core-file-l1-1-0.dll
  • CompareFileTime (Address: 0x1002103c)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x10021044)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x1002105c)
  • HeapAlloc (Address: 0x10021050)
  • HeapCreate (Address: 0x10021058)
  • HeapDestroy (Address: 0x1002104c)
  • HeapFree (Address: 0x10021054)
api-ms-win-core-heap-l2-1-0.dll
  • GlobalAlloc (Address: 0x10021068)
  • GlobalFree (Address: 0x1002106c)
  • LocalFree (Address: 0x10021064)
api-ms-win-core-heap-obsolete-l1-1-0.dll
  • GlobalLock (Address: 0x10021074)
  • GlobalUnlock (Address: 0x10021078)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x1002108c)
  • GetModuleFileNameW (Address: 0x10021080)
  • GetProcAddress (Address: 0x10021088)
  • LoadLibraryExW (Address: 0x10021084)
api-ms-win-core-localization-l1-2-0.dll
  • LCMapStringW (Address: 0x10021094)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x100210a8)
  • GetCurrentProcessId (Address: 0x100210a4)
  • GetCurrentThread (Address: 0x100210a0)
  • GetCurrentThreadId (Address: 0x100210bc)
  • GetProcessTimes (Address: 0x100210b0)
  • OpenThreadToken (Address: 0x100210ac)
  • SetThreadToken (Address: 0x1002109c)
  • SwitchToThread (Address: 0x100210b4)
  • TerminateProcess (Address: 0x100210b8)
api-ms-win-core-processthreads-l1-1-1.dll
  • OpenProcess (Address: 0x100210c4)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x100210cc)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x100210dc)
  • RegCreateKeyExW (Address: 0x100210e0)
  • RegDeleteKeyExW (Address: 0x100210e8)
  • RegGetKeySecurity (Address: 0x100210e4)
  • RegOpenKeyExW (Address: 0x100210ec)
  • RegQueryValueExW (Address: 0x100210d4)
  • RegSetValueExW (Address: 0x100210d8)
api-ms-win-core-string-l1-1-0.dll
  • GetStringTypeExW (Address: 0x100210f4)
api-ms-win-core-synch-l1-1-0.dll
  • CreateMutexW (Address: 0x1002110c)
  • DeleteCriticalSection (Address: 0x10021104)
  • EnterCriticalSection (Address: 0x10021100)
  • InitializeCriticalSectionAndSpinCount (Address: 0x10021108)
  • LeaveCriticalSection (Address: 0x10021110)
  • ReleaseMutex (Address: 0x100210fc)
api-ms-win-core-synch-l1-2-0.dll
  • Sleep (Address: 0x10021118)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x10021124)
  • GetTickCount (Address: 0x10021120)
api-ms-win-core-timezone-l1-1-0.dll
  • FileTimeToSystemTime (Address: 0x1002112c)
  • SystemTimeToFileTime (Address: 0x10021130)
api-ms-win-security-base-l1-1-0.dll
  • AllocateAndInitializeSid (Address: 0x10021140)
  • CopySid (Address: 0x10021144)
  • EqualSid (Address: 0x1002113c)
  • FreeSid (Address: 0x10021150)
  • GetLengthSid (Address: 0x10021148)
  • GetSecurityDescriptorOwner (Address: 0x10021138)
  • GetTokenInformation (Address: 0x1002114c)
  • RevertToSelf (Address: 0x10021154)
FastProx.dll
  • ?AddRef@CWbemCallSecurity@@UAGKXZ (Address: 0x10021014)
  • ?GetThreadSecurity@CWbemCallSecurity@@UAGJW4tag_WMI_THREAD_SECURITY_ORIGIN@@PAPAU_IWmiThreadSecHandle@@@Z (Address: 0x10021008)
  • ?New@CWbemCallSecurity@@SGPAV1@XZ (Address: 0x10021004)
  • ?QueryInterface@CWbemCallSecurity@@UAGJABU_GUID@@PAPAX@Z (Address: 0x1002100c)
  • ?Release@CWbemCallSecurity@@UAGKXZ (Address: 0x10021010)
  • ?SetThreadSecurity@CWbemCallSecurity@@UAGJPAU_IWmiThreadSecHandle@@@Z (Address: 0x10021000)
msvcrt.dll
  • __CxxFrameHandler3 (Address: 0x1002115c)
  • __dllonexit (Address: 0x10021194)
  • _amsg_exit (Address: 0x10021168)
  • _CxxThrowException (Address: 0x10021184)
  • _except_handler4_common (Address: 0x10021164)
  • _initterm (Address: 0x10021174)
  • _lock (Address: 0x10021178)
  • _onexit (Address: 0x1002118c)
  • _purecall (Address: 0x1002119c)
  • _unlock (Address: 0x10021190)
  • _vsnwprintf (Address: 0x100211a0)
  • _XcptFilter (Address: 0x1002117c)
  • ??1type_info@@UAE@XZ (Address: 0x10021180)
  • ??8type_info@@QBEHABV0@@Z (Address: 0x10021198)
  • ?terminate@@YAXXZ (Address: 0x10021188)
  • free (Address: 0x1002116c)
  • malloc (Address: 0x10021170)
  • memcpy (Address: 0x10021160)
  • memset (Address: 0x100211a4)
wbemcomn.dll
  • _ThrowMemoryException_ (Address: 0x100211b0)
  • BreakOnDbgAndRenterLoop (Address: 0x100211ac)