hvsicontainerservice.dll
Description: Microsoft Defender Application Guard Container Service
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.5794
Architecture: 64-bit
Operating System: Windows NT
SHA256: 9c54cc79b018ee4e912e7fb3d221ff7c
File Size: 1.2 MB
Uploaded At: Dec. 1, 2025, 8:12 a.m.
Views: 16
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0xa260)
- DllGetClassObject (Ordinal: 2, Address: 0xa220)
- GetProxyDllInfo (Ordinal: 3, Address: 0xa200)
- ServiceMain (Ordinal: 4, Address: 0xa340)
- SvchostPushServiceGlobals (Ordinal: 5, Address: 0xa330)
Imported DLLs & Functions
api-ms-win-appmodel-identity-l1-2-0.dll
- AppContainerDeriveSidFromMoniker (Address: 0x1800f1fb0)
- AppContainerRegisterSid (Address: 0x1800f1fb8)
api-ms-win-core-com-l1-1-0.dll
- CoCreateGuid (Address: 0x1800f2020)
- CoCreateInstance (Address: 0x1800f2000)
- CoDecrementMTAUsage (Address: 0x1800f2008)
- CoDisconnectContext (Address: 0x1800f2010)
- CoFreeUnusedLibrariesEx (Address: 0x1800f1fe0)
- CoGetMalloc (Address: 0x1800f1fd0)
- CoImpersonateClient (Address: 0x1800f2048)
- CoIncrementMTAUsage (Address: 0x1800f1ff8)
- CoInitializeEx (Address: 0x1800f2018)
- CoQueryClientBlanket (Address: 0x1800f2040)
- CoRegisterClassObject (Address: 0x1800f2038)
- CoResumeClassObjects (Address: 0x1800f1ff0)
- CoRevertToSelf (Address: 0x1800f2050)
- CoRevokeClassObject (Address: 0x1800f1fe8)
- CoTaskMemAlloc (Address: 0x1800f1fc8)
- CoTaskMemFree (Address: 0x1800f1fd8)
- CoUninitialize (Address: 0x1800f2030)
- StringFromGUID2 (Address: 0x1800f2028)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
- ObjectStublessClient10 (Address: 0x1800f2098)
- ObjectStublessClient11 (Address: 0x1800f20f0)
- ObjectStublessClient12 (Address: 0x1800f2100)
- ObjectStublessClient13 (Address: 0x1800f20a8)
- ObjectStublessClient14 (Address: 0x1800f20f8)
- ObjectStublessClient15 (Address: 0x1800f20c0)
- ObjectStublessClient16 (Address: 0x1800f2060)
- ObjectStublessClient17 (Address: 0x1800f2108)
- ObjectStublessClient18 (Address: 0x1800f20d0)
- ObjectStublessClient19 (Address: 0x1800f2090)
- ObjectStublessClient20 (Address: 0x1800f20c8)
- ObjectStublessClient21 (Address: 0x1800f2068)
- ObjectStublessClient22 (Address: 0x1800f20e8)
- ObjectStublessClient23 (Address: 0x1800f20b8)
- ObjectStublessClient24 (Address: 0x1800f2088)
- ObjectStublessClient3 (Address: 0x1800f20e0)
- ObjectStublessClient4 (Address: 0x1800f20d8)
- ObjectStublessClient5 (Address: 0x1800f20a0)
- ObjectStublessClient6 (Address: 0x1800f2080)
- ObjectStublessClient7 (Address: 0x1800f20b0)
- ObjectStublessClient8 (Address: 0x1800f2078)
- ObjectStublessClient9 (Address: 0x1800f2070)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x1800f2128)
- IsDebuggerPresent (Address: 0x1800f2120)
- OutputDebugStringW (Address: 0x1800f2118)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x1800f2140)
- RaiseException (Address: 0x1800f2148)
- SetLastError (Address: 0x1800f2138)
- SetUnhandledExceptionFilter (Address: 0x1800f2150)
- UnhandledExceptionFilter (Address: 0x1800f2158)
api-ms-win-core-file-l1-1-0.dll
- CreateDirectoryW (Address: 0x1800f21a8)
- CreateFileW (Address: 0x1800f2168)
- DeleteFileW (Address: 0x1800f21e0)
- FindClose (Address: 0x1800f21c8)
- FindFirstFileW (Address: 0x1800f2170)
- FindNextFileW (Address: 0x1800f21d8)
- FlushFileBuffers (Address: 0x1800f21c0)
- GetDiskFreeSpaceExW (Address: 0x1800f2190)
- GetDriveTypeW (Address: 0x1800f2180)
- GetFileAttributesW (Address: 0x1800f2188)
- GetFileSizeEx (Address: 0x1800f21d0)
- GetFinalPathNameByHandleW (Address: 0x1800f2178)
- GetVolumeInformationW (Address: 0x1800f2198)
- ReadFile (Address: 0x1800f21b0)
- SetFileAttributesW (Address: 0x1800f21a0)
- WriteFile (Address: 0x1800f21b8)
api-ms-win-core-file-l1-2-0.dll
- GetTempPathW (Address: 0x1800f21f0)
api-ms-win-core-file-l2-1-2.dll
- CopyFileW (Address: 0x1800f2200)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1800f2210)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x1800f2228)
- HeapAlloc (Address: 0x1800f2248)
- HeapDestroy (Address: 0x1800f2240)
- HeapFree (Address: 0x1800f2220)
- HeapReAlloc (Address: 0x1800f2238)
- HeapSize (Address: 0x1800f2230)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x1800f2258)
- LocalFree (Address: 0x1800f2260)
api-ms-win-core-heap-obsolete-l1-1-0.dll
- LocalSize (Address: 0x1800f2270)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x1800f2280)
api-ms-win-core-job-l2-1-0.dll
- QueryInformationJobObject (Address: 0x1800f2290)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- GetComputerNameW (Address: 0x1800f22b0)
- MoveFileW (Address: 0x1800f22a0)
- RegisterWaitForSingleObject (Address: 0x1800f22b8)
- UnregisterWait (Address: 0x1800f22a8)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x1800f22e8)
- FreeLibrary (Address: 0x1800f2300)
- GetModuleFileNameA (Address: 0x1800f22d8)
- GetModuleFileNameW (Address: 0x1800f22f0)
- GetModuleHandleExW (Address: 0x1800f22f8)
- GetModuleHandleW (Address: 0x1800f22d0)
- GetProcAddress (Address: 0x1800f22e0)
- LoadLibraryExA (Address: 0x1800f22c8)
api-ms-win-core-libraryloader-l1-2-1.dll
- LoadLibraryW (Address: 0x1800f2310)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x1800f2320)
- IdnToAscii (Address: 0x1800f2328)
api-ms-win-core-memory-l1-1-0.dll
- VirtualProtect (Address: 0x1800f2340)
- VirtualQuery (Address: 0x1800f2338)
api-ms-win-core-path-l1-1-0.dll
- PathCchAddBackslash (Address: 0x1800f2370)
- PathCchAppend (Address: 0x1800f2358)
- PathCchCombine (Address: 0x1800f2360)
- PathCchCombineEx (Address: 0x1800f2350)
- PathCchRemoveFileSpec (Address: 0x1800f2368)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x1800f2388)
- GetEnvironmentVariableW (Address: 0x1800f2380)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x1800f23c8)
- GetCurrentProcessId (Address: 0x1800f23d8)
- GetCurrentThread (Address: 0x1800f23f8)
- GetCurrentThreadId (Address: 0x1800f23e8)
- OpenProcessToken (Address: 0x1800f23c0)
- OpenThreadToken (Address: 0x1800f23f0)
- ProcessIdToSessionId (Address: 0x1800f23e0)
- SetPriorityClass (Address: 0x1800f23a0)
- TerminateProcess (Address: 0x1800f2398)
- TlsAlloc (Address: 0x1800f23d0)
- TlsFree (Address: 0x1800f23b0)
- TlsGetValue (Address: 0x1800f23b8)
- TlsSetValue (Address: 0x1800f23a8)
api-ms-win-core-processthreads-l1-1-1.dll
- GetProcessMitigationPolicy (Address: 0x1800f2418)
- IsProcessorFeaturePresent (Address: 0x1800f2410)
- OpenProcess (Address: 0x1800f2408)
api-ms-win-core-processthreads-l1-1-2.dll
- SetProtectedPolicy (Address: 0x1800f2428)
api-ms-win-core-processtopology-obsolete-l1-1-0.dll
- GetActiveProcessorCount (Address: 0x1800f2438)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x1800f2448)
api-ms-win-core-realtime-l1-1-0.dll
- QueryUnbiasedInterruptTime (Address: 0x1800f2458)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x1800f2470)
- RegCreateKeyExW (Address: 0x1800f24a0)
- RegEnumKeyExW (Address: 0x1800f24b8)
- RegEnumValueW (Address: 0x1800f2468)
- RegGetValueW (Address: 0x1800f2490)
- RegLoadKeyW (Address: 0x1800f24c0)
- RegNotifyChangeKeyValue (Address: 0x1800f2488)
- RegOpenKeyExW (Address: 0x1800f24b0)
- RegQueryInfoKeyW (Address: 0x1800f24a8)
- RegQueryValueExW (Address: 0x1800f2498)
- RegSetValueExW (Address: 0x1800f2478)
- RegUnLoadKeyW (Address: 0x1800f2480)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathCanonicalizeW (Address: 0x1800f24d0)
- PathFileExistsW (Address: 0x1800f24f8)
- PathFindFileNameW (Address: 0x1800f24e8)
- PathGetDriveNumberW (Address: 0x1800f2508)
- PathIsRelativeW (Address: 0x1800f2520)
- PathIsUNCServerShareW (Address: 0x1800f2518)
- PathIsUNCServerW (Address: 0x1800f2510)
- PathSkipRootW (Address: 0x1800f2500)
- PathStripPathW (Address: 0x1800f24e0)
- PathStripToRootW (Address: 0x1800f24f0)
- PathUnquoteSpacesW (Address: 0x1800f24d8)
api-ms-win-core-string-l1-1-0.dll
- MultiByteToWideChar (Address: 0x1800f2530)
- WideCharToMultiByte (Address: 0x1800f2538)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x1800f25b0)
- AcquireSRWLockShared (Address: 0x1800f2568)
- CreateEventExW (Address: 0x1800f2578)
- CreateEventW (Address: 0x1800f2548)
- CreateMutexExW (Address: 0x1800f2570)
- CreateSemaphoreExW (Address: 0x1800f25d0)
- DeleteCriticalSection (Address: 0x1800f2560)
- EnterCriticalSection (Address: 0x1800f2550)
- InitializeCriticalSection (Address: 0x1800f2558)
- InitializeCriticalSectionAndSpinCount (Address: 0x1800f2580)
- InitializeCriticalSectionEx (Address: 0x1800f25e8)
- InitializeSRWLock (Address: 0x1800f25b8)
- LeaveCriticalSection (Address: 0x1800f25f0)
- OpenSemaphoreW (Address: 0x1800f25a0)
- ReleaseMutex (Address: 0x1800f25d8)
- ReleaseSemaphore (Address: 0x1800f2598)
- ReleaseSRWLockExclusive (Address: 0x1800f25c0)
- ReleaseSRWLockShared (Address: 0x1800f2590)
- ResetEvent (Address: 0x1800f25c8)
- SetEvent (Address: 0x1800f2588)
- WaitForSingleObject (Address: 0x1800f25e0)
- WaitForSingleObjectEx (Address: 0x1800f25a8)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceBeginInitialize (Address: 0x1800f2620)
- InitOnceComplete (Address: 0x1800f2610)
- InitOnceExecuteOnce (Address: 0x1800f2628)
- Sleep (Address: 0x1800f2600)
- WaitOnAddress (Address: 0x1800f2618)
- WakeByAddressAll (Address: 0x1800f2608)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemDirectoryW (Address: 0x1800f2650)
- GetSystemInfo (Address: 0x1800f2658)
- GetSystemTimeAsFileTime (Address: 0x1800f2660)
- GetTickCount64 (Address: 0x1800f2648)
- GetVersionExW (Address: 0x1800f2638)
- GetWindowsDirectoryW (Address: 0x1800f2640)
api-ms-win-core-sysinfo-l1-2-1.dll
- DnsHostnameToComputerNameExW (Address: 0x1800f2678)
- GetPhysicallyInstalledSystemMemory (Address: 0x1800f2670)
api-ms-win-core-systemtopology-l1-1-0.dll
- GetNumaHighestNodeNumber (Address: 0x1800f2690)
- GetNumaNodeProcessorMaskEx (Address: 0x1800f2688)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x1800f26e0)
- CloseThreadpoolWait (Address: 0x1800f26f0)
- CloseThreadpoolWork (Address: 0x1800f26b0)
- CreateThreadpoolTimer (Address: 0x1800f26a0)
- CreateThreadpoolWait (Address: 0x1800f26e8)
- CreateThreadpoolWork (Address: 0x1800f26d0)
- SetThreadpoolTimer (Address: 0x1800f26a8)
- SetThreadpoolWait (Address: 0x1800f26b8)
- SubmitThreadpoolWork (Address: 0x1800f26c8)
- WaitForThreadpoolTimerCallbacks (Address: 0x1800f26f8)
- WaitForThreadpoolWaitCallbacks (Address: 0x1800f26d8)
- WaitForThreadpoolWorkCallbacks (Address: 0x1800f26c0)
api-ms-win-core-threadpool-legacy-l1-1-0.dll
- CreateTimerQueueTimer (Address: 0x1800f2718)
- DeleteTimerQueueTimer (Address: 0x1800f2710)
- QueueUserWorkItem (Address: 0x1800f2720)
- UnregisterWaitEx (Address: 0x1800f2708)
api-ms-win-core-threadpool-private-l1-1-0.dll
- RegisterWaitForSingleObjectEx (Address: 0x1800f2730)
api-ms-win-core-timezone-l1-1-0.dll
- FileTimeToSystemTime (Address: 0x1800f2748)
- SystemTimeToFileTime (Address: 0x1800f2740)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x1800f2760)
- EncodePointer (Address: 0x1800f2758)
api-ms-win-core-winrt-error-l1-1-0.dll
- RoOriginateError (Address: 0x1800f2778)
- RoOriginateErrorW (Address: 0x1800f2770)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x1800f2788)
- RoRegisterActivationFactories (Address: 0x1800f2790)
- RoRevokeActivationFactories (Address: 0x1800f2798)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x1800f27d0)
- WindowsCreateStringReference (Address: 0x1800f27c8)
- WindowsDeleteString (Address: 0x1800f27a8)
- WindowsGetStringRawBuffer (Address: 0x1800f27c0)
- WindowsIsStringEmpty (Address: 0x1800f27b0)
- WindowsStringHasEmbeddedNull (Address: 0x1800f27b8)
api-ms-win-crt-math-l1-1-0.dll
- ceilf (Address: 0x1800f27e0)
api-ms-win-crt-private-l1-1-0.dll
- __C_specific_handler (Address: 0x1800f28a0)
- __CxxFrameHandler3 (Address: 0x1800f28a8)
- __CxxFrameHandler4 (Address: 0x1800f2968)
- __std_terminate (Address: 0x1800f2960)
- __std_type_info_compare (Address: 0x1800f2958)
- _CxxThrowException (Address: 0x1800f28b0)
- _o___std_exception_copy (Address: 0x1800f2950)
- _o___std_exception_destroy (Address: 0x1800f2948)
- _o___std_type_info_destroy_list (Address: 0x1800f2940)
- _o___stdio_common_vsnprintf_s (Address: 0x1800f2938)
- _o___stdio_common_vswprintf (Address: 0x1800f2930)
- _o___stdio_common_vswprintf_s (Address: 0x1800f2928)
- _o__aligned_free (Address: 0x1800f2920)
- _o__aligned_malloc (Address: 0x1800f2918)
- _o__beginthreadex (Address: 0x1800f2908)
- _o__callnewh (Address: 0x1800f2900)
- _o__cexit (Address: 0x1800f28f8)
- _o__configure_narrow_argv (Address: 0x1800f28f0)
- _o__crt_atexit (Address: 0x1800f28e8)
- _o__errno (Address: 0x1800f28e0)
- _o__execute_onexit_table (Address: 0x1800f28d8)
- _o__initialize_narrow_environment (Address: 0x1800f28d0)
- _o__initialize_onexit_table (Address: 0x1800f28c8)
- _o__invalid_parameter_noinfo (Address: 0x1800f28c0)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x1800f28b8)
- _o__localtime64 (Address: 0x1800f2910)
- _o__purecall (Address: 0x1800f27f0)
- _o__register_onexit_function (Address: 0x1800f27f8)
- _o__seh_filter_dll (Address: 0x1800f2800)
- _o__wcsicmp (Address: 0x1800f2808)
- _o__wcsnicmp (Address: 0x1800f2810)
- _o__wtoi (Address: 0x1800f2818)
- _o__wtol (Address: 0x1800f2820)
- _o_abort (Address: 0x1800f2828)
- _o_free (Address: 0x1800f2830)
- _o_iswxdigit (Address: 0x1800f2840)
- _o_malloc (Address: 0x1800f2848)
- _o_terminate (Address: 0x1800f2850)
- _o_towlower (Address: 0x1800f2858)
- _o_wcscat_s (Address: 0x1800f2860)
- _o_wcscpy_s (Address: 0x1800f2868)
- _o_wcsftime (Address: 0x1800f2870)
- _o_wcsncpy_s (Address: 0x1800f2878)
- _o_wcstod (Address: 0x1800f2880)
- _o_wcstok_s (Address: 0x1800f2888)
- _o_wcstoul (Address: 0x1800f2890)
- _o_wcstoull (Address: 0x1800f2898)
- memcmp (Address: 0x1800f2970)
- memcpy (Address: 0x1800f2978)
- memmove (Address: 0x1800f2838)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x1800f2988)
- _initterm_e (Address: 0x1800f2990)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x1800f29a0)
- wcscmp (Address: 0x1800f29b8)
- wcsncmp (Address: 0x1800f29a8)
- wcsnlen (Address: 0x1800f29b0)
api-ms-win-crt-time-l1-1-0.dll
- _time64 (Address: 0x1800f29c8)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- GetTraceEnableFlags (Address: 0x1800f29e0)
- GetTraceEnableLevel (Address: 0x1800f2a00)
- GetTraceLoggerHandle (Address: 0x1800f29d8)
- RegisterTraceGuidsW (Address: 0x1800f29f0)
- TraceMessage (Address: 0x1800f29f8)
- UnregisterTraceGuids (Address: 0x1800f29e8)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x1800f2a28)
- EventRegister (Address: 0x1800f2a30)
- EventSetInformation (Address: 0x1800f2a18)
- EventUnregister (Address: 0x1800f2a20)
- EventWriteTransfer (Address: 0x1800f2a10)
api-ms-win-security-base-l1-1-0.dll
- AddAccessAllowedAce (Address: 0x1800f2a88)
- AdjustTokenPrivileges (Address: 0x1800f2a78)
- AllocateAndInitializeSid (Address: 0x1800f2b10)
- CopySid (Address: 0x1800f2a50)
- CreatePrivateObjectSecurityWithMultipleInheritance (Address: 0x1800f2a58)
- CreateWellKnownSid (Address: 0x1800f2a70)
- DestroyPrivateObjectSecurity (Address: 0x1800f2ab8)
- DuplicateTokenEx (Address: 0x1800f2af8)
- EqualSid (Address: 0x1800f2a68)
- FreeSid (Address: 0x1800f2b00)
- GetAce (Address: 0x1800f2a40)
- GetLengthSid (Address: 0x1800f2af0)
- GetSecurityDescriptorControl (Address: 0x1800f2a98)
- GetSecurityDescriptorLength (Address: 0x1800f2ab0)
- GetSidLengthRequired (Address: 0x1800f2a48)
- GetSidSubAuthority (Address: 0x1800f2b18)
- GetTokenInformation (Address: 0x1800f2ad8)
- ImpersonateLoggedOnUser (Address: 0x1800f2ae8)
- ImpersonateSelf (Address: 0x1800f2a80)
- InitializeAcl (Address: 0x1800f2b20)
- InitializeSecurityDescriptor (Address: 0x1800f2ac8)
- InitializeSid (Address: 0x1800f2a60)
- IsValidSecurityDescriptor (Address: 0x1800f2ac0)
- IsValidSid (Address: 0x1800f2b08)
- MakeSelfRelativeSD (Address: 0x1800f2aa0)
- RevertToSelf (Address: 0x1800f2ae0)
- SetSecurityDescriptorDacl (Address: 0x1800f2ad0)
- SetSecurityDescriptorGroup (Address: 0x1800f2aa8)
- SetSecurityDescriptorOwner (Address: 0x1800f2a90)
api-ms-win-security-credentials-l1-1-0.dll
- CredDeleteW (Address: 0x1800f2b48)
- CredEnumerateW (Address: 0x1800f2b50)
- CredFree (Address: 0x1800f2b40)
- CredReadW (Address: 0x1800f2b30)
- CredWriteW (Address: 0x1800f2b38)
api-ms-win-security-cryptoapi-l1-1-0.dll
- CryptAcquireContextW (Address: 0x1800f2b70)
- CryptGenRandom (Address: 0x1800f2b68)
- CryptReleaseContext (Address: 0x1800f2b60)
api-ms-win-security-lsalookup-l2-1-0.dll
- LookupPrivilegeValueW (Address: 0x1800f2b80)
api-ms-win-security-provider-l1-1-0.dll
- SetEntriesInAclW (Address: 0x1800f2b98)
- SetNamedSecurityInfoW (Address: 0x1800f2b90)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertSidToStringSidW (Address: 0x1800f2bb0)
- ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x1800f2ba8)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x1800f2bc0)
- SetServiceStatus (Address: 0x1800f2bc8)
api-ms-win-service-management-l1-1-0.dll
- CloseServiceHandle (Address: 0x1800f2bd8)
- OpenSCManagerW (Address: 0x1800f2be0)
- OpenServiceW (Address: 0x1800f2be8)
- StartServiceW (Address: 0x1800f2bf0)
api-ms-win-service-management-l2-1-0.dll
- QueryServiceStatusEx (Address: 0x1800f2c00)
api-ms-win-shcore-path-l1-1-0.dll
- (Address: 0x1800f2c10)
api-ms-win-shcore-taskpool-l1-1-0.dll
- SHTaskPoolQueueTask (Address: 0x1800f2c20)
bcrypt.dll
- BCryptCloseAlgorithmProvider (Address: 0x1800f2c58)
- BCryptCreateHash (Address: 0x1800f2c38)
- BCryptDestroyHash (Address: 0x1800f2c40)
- BCryptFinishHash (Address: 0x1800f2c60)
- BCryptGetProperty (Address: 0x1800f2c30)
- BCryptHashData (Address: 0x1800f2c50)
- BCryptOpenAlgorithmProvider (Address: 0x1800f2c48)
combase.dll
- (Address: 0x1800f2c70)
- (Address: 0x1800f2c78)
- (Address: 0x1800f2c80)
- (Address: 0x1800f2c88)
CRYPT32.dll
- CryptBinaryToStringW (Address: 0x1800f1d08)
ext-ms-win-hyperv-computenetwork-l1-1-0.dll
- HcnCloseEndpoint (Address: 0x1800f2ca8)
- HcnCloseNetwork (Address: 0x1800f2ca0)
- HcnCreateEndpoint (Address: 0x1800f2cd8)
- HcnDeleteEndpoint (Address: 0x1800f2cc8)
- HcnEnumerateEndpoints (Address: 0x1800f2cb8)
- HcnEnumerateNetworks (Address: 0x1800f2cc0)
- HcnOpenEndpoint (Address: 0x1800f2cb0)
- HcnOpenNetwork (Address: 0x1800f2cf0)
- HcnQueryEndpointProperties (Address: 0x1800f2cd0)
- HcnQueryNetworkProperties (Address: 0x1800f2ce8)
- HcnRegisterServiceCallback (Address: 0x1800f2c98)
- HcnUnregisterServiceCallback (Address: 0x1800f2ce0)
FirewallAPI.dll
- NetworkIsolationGetEnterpriseIdAsync (Address: 0x1800f1d20)
- NetworkIsolationGetEnterpriseIdClose (Address: 0x1800f1d18)
HvsiSettingsProvider.dll
- GatherSubProviderSettings (Address: 0x1800f1d40)
- GetSubProviderAttribute (Address: 0x1800f1d30)
- RegisterChangeNotifications (Address: 0x1800f1d48)
- UnregisterChangeNotifications (Address: 0x1800f1d38)
IPHLPAPI.DLL
- CancelMibChangeNotify2 (Address: 0x1800f1d68)
- GetAdaptersAddresses (Address: 0x1800f1d60)
- NotifyRouteChange2 (Address: 0x1800f1d58)
MPR.dll
- WNetGetResourceInformationW (Address: 0x1800f1d78)
msvcp_win.dll
- _Close_dir (Address: 0x1800f2e58)
- _Cnd_broadcast (Address: 0x1800f2e90)
- _Cnd_destroy_in_situ (Address: 0x1800f2d00)
- _Cnd_do_broadcast_at_thread_exit (Address: 0x1800f2e70)
- _Cnd_init_in_situ (Address: 0x1800f2d18)
- _Cnd_register_at_thread_exit (Address: 0x1800f2e88)
- _Cnd_timedwait (Address: 0x1800f2d38)
- _Cnd_unregister_at_thread_exit (Address: 0x1800f2d08)
- _Cnd_wait (Address: 0x1800f2ec0)
- _File_size (Address: 0x1800f2e18)
- _Mtx_current_owns (Address: 0x1800f2d40)
- _Mtx_destroy_in_situ (Address: 0x1800f2ed0)
- _Mtx_init_in_situ (Address: 0x1800f2d10)
- _Mtx_lock (Address: 0x1800f2ea0)
- _Mtx_unlock (Address: 0x1800f2ea8)
- _Open_dir (Address: 0x1800f2e40)
- _Read_dir (Address: 0x1800f2e68)
- _Stat (Address: 0x1800f2e20)
- _Thrd_id (Address: 0x1800f2e08)
- _Thrd_join (Address: 0x1800f2e00)
- _To_wide (Address: 0x1800f2d28)
- _Xtime_get_ticks (Address: 0x1800f2e60)
- ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z (Address: 0x1800f2d20)
- ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z (Address: 0x1800f2e30)
- ?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z (Address: 0x1800f2e78)
- ?__ExceptionPtrCreate@@YAXPEAX@Z (Address: 0x1800f2e50)
- ?__ExceptionPtrCurrentException@@YAXPEAX@Z (Address: 0x1800f2e48)
- ?__ExceptionPtrDestroy@@YAXPEAX@Z (Address: 0x1800f2e28)
- ?__ExceptionPtrRethrow@@YAXPEBX@Z (Address: 0x1800f2d68)
- ?__ExceptionPtrToBool@@YA_NPEBX@Z (Address: 0x1800f2eb0)
- ?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z (Address: 0x1800f2dc0)
- ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z (Address: 0x1800f2ec8)
- ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x1800f2d90)
- ?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z (Address: 0x1800f2d88)
- ?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ (Address: 0x1800f2dd8)
- ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800f2da8)
- ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z (Address: 0x1800f2da0)
- ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800f2dd0)
- ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800f2dc8)
- ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800f2de8)
- ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800f2de0)
- ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z (Address: 0x1800f2d78)
- ?_ReportUnobservedException@details@Concurrency@@YAXXZ (Address: 0x1800f2d70)
- ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x1800f2d50)
- ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z (Address: 0x1800f2eb8)
- ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z (Address: 0x1800f2d80)
- ?_Syserror_map@std@@YAPEBDH@Z (Address: 0x1800f2d48)
- ?_Throw_C_error@std@@YAXH@Z (Address: 0x1800f2e98)
- ?_Throw_Cpp_error@std@@YAXH@Z (Address: 0x1800f2df8)
- ?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z (Address: 0x1800f2e80)
- ?_Winerror_map@std@@YAHH@Z (Address: 0x1800f2db8)
- ?_Winerror_message@std@@YAKKPEADK@Z (Address: 0x1800f2df0)
- ?_Xbad_function_call@std@@YAXXZ (Address: 0x1800f2d98)
- ?_XGetLastError@std@@YAXXZ (Address: 0x1800f2d60)
- ?_Xinvalid_argument@std@@YAXPEBD@Z (Address: 0x1800f2d30)
- ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x1800f2e10)
- ?_Xout_of_range@std@@YAXPEBD@Z (Address: 0x1800f2e38)
- ??0task_continuation_context@Concurrency@@AEAA@XZ (Address: 0x1800f2d58)
- ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ (Address: 0x1800f2db0)
nlaapi.dll
- NlaGetCaptivePortalHosts (Address: 0x1800f2ee0)
ntdll.dll
- NtQueryInformationProcess (Address: 0x1800f2fb0)
- NtQuerySystemInformation (Address: 0x1800f2f38)
- NtSetInformationProcess (Address: 0x1800f2fd8)
- NtSetSystemInformation (Address: 0x1800f2fd0)
- RtlAcquirePrivilege (Address: 0x1800f2fc8)
- RtlAcquireResourceExclusive (Address: 0x1800f2ef8)
- RtlAcquireResourceShared (Address: 0x1800f2f50)
- RtlAcquireSRWLockExclusive (Address: 0x1800f2fa8)
- RtlCaptureContext (Address: 0x1800f2ef0)
- RtlDeleteResource (Address: 0x1800f2f60)
- RtlEqualUnicodeString (Address: 0x1800f2fc0)
- RtlFindNextForwardRunClear (Address: 0x1800f2f88)
- RtlInitializeResource (Address: 0x1800f2f58)
- RtlInitializeSRWLock (Address: 0x1800f2f98)
- RtlInitUnicodeString (Address: 0x1800f2f08)
- RtlIpv4AddressToStringExW (Address: 0x1800f2f30)
- RtlIpv6AddressToStringExW (Address: 0x1800f2f28)
- RtlLookupFunctionEntry (Address: 0x1800f2f18)
- RtlNtStatusToDosError (Address: 0x1800f2fb8)
- RtlNumberOfSetBits (Address: 0x1800f2f90)
- RtlNumberOfSetBitsUlongPtr (Address: 0x1800f2fe0)
- RtlPublishWnfStateData (Address: 0x1800f2f48)
- RtlReleasePrivilege (Address: 0x1800f2f68)
- RtlReleaseResource (Address: 0x1800f2f00)
- RtlReleaseSRWLockExclusive (Address: 0x1800f2fa0)
- RtlRunOnceBeginInitialize (Address: 0x1800f2f80)
- RtlRunOnceComplete (Address: 0x1800f2f78)
- RtlSubscribeWnfStateChangeNotification (Address: 0x1800f2f20)
- RtlUnsubscribeWnfStateChangeNotification (Address: 0x1800f2f40)
- RtlUpcaseUnicodeChar (Address: 0x1800f2f70)
- RtlVirtualUnwind (Address: 0x1800f2f10)
OLEAUT32.dll
- BSTR_UserFree (Address: 0x1800f1db8)
- BSTR_UserFree64 (Address: 0x1800f1dd0)
- BSTR_UserMarshal (Address: 0x1800f1da8)
- BSTR_UserMarshal64 (Address: 0x1800f1de0)
- BSTR_UserSize (Address: 0x1800f1d90)
- BSTR_UserSize64 (Address: 0x1800f1dd8)
- BSTR_UserUnmarshal (Address: 0x1800f1da0)
- BSTR_UserUnmarshal64 (Address: 0x1800f1db0)
- SysAllocString (Address: 0x1800f1df0)
- SysAllocStringByteLen (Address: 0x1800f1d98)
- SysAllocStringLen (Address: 0x1800f1dc8)
- SysFreeString (Address: 0x1800f1dc0)
- SysStringByteLen (Address: 0x1800f1e00)
- SysStringLen (Address: 0x1800f1e08)
- VarBstrCat (Address: 0x1800f1df8)
- VarBstrCmp (Address: 0x1800f1d88)
- VariantClear (Address: 0x1800f1de8)
RPCRT4.dll
- CStdStubBuffer_AddRef (Address: 0x1800f1ea8)
- CStdStubBuffer_Connect (Address: 0x1800f1e30)
- CStdStubBuffer_CountRefs (Address: 0x1800f1e98)
- CStdStubBuffer_DebugServerQueryInterface (Address: 0x1800f1eb8)
- CStdStubBuffer_DebugServerRelease (Address: 0x1800f1e68)
- CStdStubBuffer_Disconnect (Address: 0x1800f1e58)
- CStdStubBuffer_Invoke (Address: 0x1800f1ed0)
- CStdStubBuffer_IsIIDSupported (Address: 0x1800f1e48)
- CStdStubBuffer_QueryInterface (Address: 0x1800f1e90)
- IUnknown_AddRef_Proxy (Address: 0x1800f1ec0)
- IUnknown_QueryInterface_Proxy (Address: 0x1800f1e50)
- IUnknown_Release_Proxy (Address: 0x1800f1ea0)
- NdrCStdStubBuffer_Release (Address: 0x1800f1ed8)
- NdrDllCanUnloadNow (Address: 0x1800f1e80)
- NdrDllGetClassObject (Address: 0x1800f1e70)
- NdrOleAllocate (Address: 0x1800f1e88)
- NdrOleFree (Address: 0x1800f1eb0)
- NdrServerCall2 (Address: 0x1800f1e40)
- NdrServerCallAll (Address: 0x1800f1e60)
- RpcServerInqCallAttributesW (Address: 0x1800f1e18)
- RpcServerRegisterIfEx (Address: 0x1800f1e28)
- RpcServerUnregisterIf (Address: 0x1800f1e38)
- RpcServerUseProtseqEpW (Address: 0x1800f1e20)
- RpcStringFreeW (Address: 0x1800f1ec8)
- UuidFromStringW (Address: 0x1800f1e78)
- UuidToStringW (Address: 0x1800f1ee0)
SHELL32.dll
- SHGetFolderPathAndSubDirW (Address: 0x1800f1ef0)
- SHGetKnownFolderPath (Address: 0x1800f1ef8)
- SHSetLocalizedName (Address: 0x1800f1f00)
USERENV.dll
- CreateAppContainerProfile (Address: 0x1800f1f10)
- ExpandEnvironmentStringsForUserW (Address: 0x1800f1f18)
- GetAllUsersProfileDirectoryW (Address: 0x1800f1f20)
vmcompute.dll
- ActivateLayer (Address: 0x1800f2ff8)
- ApplyRegistryChangesToLayer (Address: 0x1800f3000)
- CreateBaseImageVHDWithFolders (Address: 0x1800f30d0)
- CreateDifferencingVHD (Address: 0x1800f30c0)
- CreateSandboxLayer (Address: 0x1800f3060)
- DeactivateLayer (Address: 0x1800f3008)
- DestroyLayer (Address: 0x1800f2ff0)
- GetLayerMountPath (Address: 0x1800f30a0)
- GrantVmAccess (Address: 0x1800f3068)
- HcsCloseComputeSystem (Address: 0x1800f3028)
- HcsCloseProcess (Address: 0x1800f3020)
- HcsCreateComputeSystem (Address: 0x1800f3070)
- HcsCreateProcess (Address: 0x1800f3050)
- HcsGetComputeSystemProperties (Address: 0x1800f3030)
- HcsGetProcessProperties (Address: 0x1800f3040)
- HcsGetWorkerProcessJob (Address: 0x1800f3078)
- HcsModifyComputeSystem (Address: 0x1800f3018)
- HcsModifyComputeSystemWithUserToken (Address: 0x1800f30c8)
- HcsModifyProcess (Address: 0x1800f3048)
- HcsOpenComputeSystem (Address: 0x1800f3010)
- HcsPauseComputeSystem (Address: 0x1800f30e8)
- HcsRegisterComputeSystemCallback (Address: 0x1800f3080)
- HcsRegisterProcessCallback (Address: 0x1800f30d8)
- HcsResumeComputeSystem (Address: 0x1800f3098)
- HcsSaveComputeSystem (Address: 0x1800f30b0)
- HcsShutdownComputeSystem (Address: 0x1800f30a8)
- HcsStartComputeSystem (Address: 0x1800f3088)
- HcsSubmitWerReport (Address: 0x1800f3058)
- HcsTerminateComputeSystem (Address: 0x1800f3090)
- HcsUnregisterComputeSystemCallback (Address: 0x1800f30e0)
- HcsUnregisterProcessCallback (Address: 0x1800f3038)
- ProcessImage (Address: 0x1800f30b8)
wcimage.dll
- WcCreateContainerImageFromWim (Address: 0x1800f30f8)
WIMGAPI.DLL
- WIMCloseHandle (Address: 0x1800f1f38)
- WIMCreateFile (Address: 0x1800f1f40)
- WIMGetImageInformation (Address: 0x1800f1f30)
WS2_32.dll
- closesocket (Address: 0x1800f1f78)
- connect (Address: 0x1800f1f60)
- WSAGetLastError (Address: 0x1800f1f58)
- WSARecv (Address: 0x1800f1f50)
- WSASend (Address: 0x1800f1f80)
- WSASocketW (Address: 0x1800f1f68)
- WSAStartup (Address: 0x1800f1f70)
WTSAPI32.dll
- WTSEnumerateSessionsW (Address: 0x1800f1f98)
- WTSFreeMemory (Address: 0x1800f1f90)
- WTSQueryUserToken (Address: 0x1800f1fa0)