Win32.dll
Description:
Authors:
Version:
Architecture: 64-bit
Operating System:
SHA256: 2d730b4bcd3d9f03143c541c78b16c09
File Size: 57.3 KB
Uploaded At: Dec. 1, 2025, 2:50 p.m.
Views: 6
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- __gcc_deregister_frame (Ordinal: 1, Address: 0x1020)
- __gcc_register_frame (Ordinal: 2, Address: 0x1000)
- boot_Win32 (Ordinal: 3, Address: 0x7990)
- free_childdir (Ordinal: 4, Address: 0x7960)
- free_childenv (Ordinal: 5, Address: 0x7980)
- g_osver (Ordinal: 6, Address: 0xf000)
- g_osver_ex (Ordinal: 7, Address: 0x9010)
- get_childdir (Ordinal: 8, Address: 0x77d0)
- get_childenv (Ordinal: 9, Address: 0x7970)
- get_unicode_env (Ordinal: 10, Address: 0x6080)
- my_ansipath (Ordinal: 11, Address: 0x6730)
- my_longpathW (Ordinal: 12, Address: 0x61e0)
- sv_to_wstr (Ordinal: 13, Address: 0x4b90)
- w32_AbortSystemShutdown (Ordinal: 14, Address: 0x1c50)
- w32_CopyFile (Ordinal: 15, Address: 0x4220)
- w32_CreateDirectory (Ordinal: 16, Address: 0x4f00)
- w32_CreateFile (Ordinal: 17, Address: 0x5010)
- w32_DomainName (Ordinal: 18, Address: 0x2f40)
- w32_ExpandEnvironmentStrings (Ordinal: 19, Address: 0x5310)
- w32_FormatMessage (Ordinal: 20, Address: 0x3110)
- w32_FreeLibrary (Ordinal: 21, Address: 0x1ee0)
- w32_FsType (Ordinal: 22, Address: 0x4910)
- w32_GetACP (Ordinal: 23, Address: 0x3600)
- w32_GetANSIPathName (Ordinal: 24, Address: 0x6f80)
- w32_GetArchName (Ordinal: 25, Address: 0x2720)
- w32_GetChipArch (Ordinal: 26, Address: 0x27b0)
- w32_GetChipName (Ordinal: 27, Address: 0x28d0)
- w32_GetConsoleCP (Ordinal: 28, Address: 0x36b0)
- w32_GetConsoleOutputCP (Ordinal: 29, Address: 0x3760)
- w32_GetCurrentProcessId (Ordinal: 30, Address: 0x33e0)
- w32_GetCurrentThreadId (Ordinal: 31, Address: 0x3490)
- w32_GetCwd (Ordinal: 32, Address: 0x7830)
- w32_GetFileVersion (Ordinal: 33, Address: 0x3a40)
- w32_GetFolderPath (Ordinal: 34, Address: 0x7050)
- w32_GetFullPathName (Ordinal: 35, Address: 0x6a00)
- w32_GetLastError (Ordinal: 36, Address: 0x2cd0)
- w32_GetLongPathName (Ordinal: 37, Address: 0x6600)
- w32_GetNextAvailDrive (Ordinal: 38, Address: 0x2b90)
- w32_GetOEMCP (Ordinal: 39, Address: 0x3810)
- w32_GetOSVersion (Ordinal: 40, Address: 0x4520)
- w32_GetProcAddress (Ordinal: 41, Address: 0x1830)
- w32_GetProcessPrivileges (Ordinal: 42, Address: 0x3d70)
- w32_GetProductInfo (Ordinal: 43, Address: 0x2380)
- w32_GetShortPathName (Ordinal: 44, Address: 0x5510)
- w32_GetSystemMetrics (Ordinal: 45, Address: 0x3540)
- w32_GetTickCount (Ordinal: 46, Address: 0x3260)
- w32_GuidGen (Ordinal: 47, Address: 0x29f0)
- w32_HttpGetFile (Ordinal: 48, Address: 0x5620)
- w32_InitiateSystemShutdown (Ordinal: 49, Address: 0x1950)
- w32_IsAdminUser (Ordinal: 50, Address: 0x10a0)
- w32_IsDeveloperModeEnabled (Ordinal: 51, Address: 0x25a0)
- w32_IsWin95 (Ordinal: 52, Address: 0x22c0)
- w32_IsWinNT (Ordinal: 53, Address: 0x2200)
- w32_LoadLibrary (Ordinal: 54, Address: 0x1e10)
- w32_LoginName (Ordinal: 55, Address: 0x53f0)
- w32_LookupAccountName (Ordinal: 56, Address: 0x1400)
- w32_LookupAccountSID (Ordinal: 57, Address: 0x1610)
- w32_MsgBox (Ordinal: 58, Address: 0x4c90)
- w32_NodeName (Ordinal: 59, Address: 0x2e20)
- w32_OutputDebugString (Ordinal: 60, Address: 0x4e20)
- w32_RegisterServer (Ordinal: 61, Address: 0x1fc0)
- w32_SetChildShowWindow (Ordinal: 62, Address: 0x1030)
- w32_SetConsoleCP (Ordinal: 63, Address: 0x38c0)
- w32_SetConsoleOutputCP (Ordinal: 64, Address: 0x3980)
- w32_SetCwd (Ordinal: 65, Address: 0x68c0)
- w32_SetLastError (Ordinal: 66, Address: 0x2d80)
- w32_Sleep (Ordinal: 67, Address: 0x3330)
- w32_Spawn (Ordinal: 68, Address: 0x6d30)
- w32_UnregisterServer (Ordinal: 69, Address: 0x20e0)
- wstr_to_ansipath (Ordinal: 70, Address: 0x7780)
- wstr_to_sv (Ordinal: 71, Address: 0x5180)
Imported DLLs & Functions
ADVAPI32.dll
- AbortSystemShutdownA (Address: 0x47c8416d0)
- AdjustTokenPrivileges (Address: 0x47c8416d8)
- AllocateAndInitializeSid (Address: 0x47c8416e0)
- EqualSid (Address: 0x47c8416e8)
- FreeSid (Address: 0x47c8416f0)
- GetTokenInformation (Address: 0x47c8416f8)
- GetUserNameW (Address: 0x47c841700)
- InitiateSystemShutdownA (Address: 0x47c841708)
- IsValidSid (Address: 0x47c841710)
- LookupAccountNameA (Address: 0x47c841718)
- LookupAccountSidA (Address: 0x47c841720)
- LookupPrivilegeNameA (Address: 0x47c841728)
- LookupPrivilegeValueA (Address: 0x47c841730)
- OpenProcessToken (Address: 0x47c841738)
- OpenThreadToken (Address: 0x47c841740)
- RegCloseKey (Address: 0x47c841748)
- RegOpenKeyExA (Address: 0x47c841750)
- RegQueryValueExW (Address: 0x47c841758)
KERNEL32.dll
- CloseHandle (Address: 0x47c841768)
- CopyFileA (Address: 0x47c841770)
- CreateDirectoryA (Address: 0x47c841778)
- CreateDirectoryW (Address: 0x47c841780)
- CreateFileA (Address: 0x47c841788)
- CreateFileW (Address: 0x47c841790)
- CreateProcessA (Address: 0x47c841798)
- DeleteFileW (Address: 0x47c8417a0)
- ExpandEnvironmentStringsW (Address: 0x47c8417a8)
- FindClose (Address: 0x47c8417b0)
- FindFirstFileW (Address: 0x47c8417b8)
- FormatMessageA (Address: 0x47c8417c0)
- FormatMessageW (Address: 0x47c8417c8)
- FreeLibrary (Address: 0x47c8417d0)
- GetACP (Address: 0x47c8417d8)
- GetComputerNameA (Address: 0x47c8417e0)
- GetConsoleCP (Address: 0x47c8417e8)
- GetConsoleOutputCP (Address: 0x47c8417f0)
- GetCurrentDirectoryW (Address: 0x47c8417f8)
- GetCurrentProcess (Address: 0x47c841800)
- GetCurrentProcessId (Address: 0x47c841808)
- GetCurrentThread (Address: 0x47c841810)
- GetCurrentThreadId (Address: 0x47c841818)
- GetDriveTypeA (Address: 0x47c841820)
- GetFullPathNameW (Address: 0x47c841828)
- GetLastError (Address: 0x47c841830)
- GetModuleHandleA (Address: 0x47c841838)
- GetModuleHandleW (Address: 0x47c841840)
- GetOEMCP (Address: 0x47c841848)
- GetProcAddress (Address: 0x47c841850)
- GetShortPathNameW (Address: 0x47c841858)
- GetSystemInfo (Address: 0x47c841860)
- GetTickCount (Address: 0x47c841868)
- GetVersionExA (Address: 0x47c841870)
- GetVolumeInformationA (Address: 0x47c841878)
- LoadLibraryA (Address: 0x47c841880)
- MultiByteToWideChar (Address: 0x47c841888)
- OpenProcess (Address: 0x47c841890)
- OutputDebugStringA (Address: 0x47c841898)
- OutputDebugStringW (Address: 0x47c8418a0)
- SetConsoleCP (Address: 0x47c8418a8)
- SetConsoleOutputCP (Address: 0x47c8418b0)
- SetLastError (Address: 0x47c8418b8)
- Sleep (Address: 0x47c8418c0)
- WideCharToMultiByte (Address: 0x47c8418c8)
- WriteFile (Address: 0x47c8418d0)
msys-2.0.dll
- __chk_fail (Address: 0x47c8415f8)
- __cxa_atexit (Address: 0x47c841600)
- __errno (Address: 0x47c841608)
- __locale_ctype_ptr (Address: 0x47c841610)
- __memcpy_chk (Address: 0x47c841618)
- __sprintf_chk (Address: 0x47c841620)
- __stack_chk_fail (Address: 0x47c841628)
- __stack_chk_guard (Address: 0x47c841630)
- _impure_ptr (Address: 0x47c841638)
- calloc (Address: 0x47c841640)
- chdir (Address: 0x47c841648)
- cygwin_internal (Address: 0x47c841650)
- dll_dllcrt0 (Address: 0x47c841658)
- free (Address: 0x47c841660)
- getenv (Address: 0x47c841668)
- malloc (Address: 0x47c841670)
- msys_detach_dll (Address: 0x47c841678)
- posix_memalign (Address: 0x47c841680)
- realloc (Address: 0x47c841688)
- strlen (Address: 0x47c841690)
- strrchr (Address: 0x47c841698)
- toupper (Address: 0x47c8416a0)
- towupper (Address: 0x47c8416a8)
- wcscpy (Address: 0x47c8416b0)
- wcslen (Address: 0x47c8416b8)
- wcsncpy (Address: 0x47c8416c0)
msys-perl5_36.dll
- Perl_croak (Address: 0x47c8419e8)
- Perl_croak_nocontext (Address: 0x47c8419f0)
- Perl_hv_common_key_len (Address: 0x47c8419f8)
- Perl_mg_get (Address: 0x47c841a00)
- Perl_more_bodies (Address: 0x47c841a08)
- Perl_more_sv (Address: 0x47c841a10)
- Perl_newRV_noinc (Address: 0x47c841a18)
- Perl_newSV (Address: 0x47c841a20)
- Perl_newSViv (Address: 0x47c841a28)
- Perl_newSVnv (Address: 0x47c841a30)
- Perl_newSVpv (Address: 0x47c841a38)
- Perl_newSVpvn (Address: 0x47c841a40)
- Perl_newSVpvn_flags (Address: 0x47c841a48)
- Perl_newXS (Address: 0x47c841a50)
- Perl_safesysfree (Address: 0x47c841a58)
- Perl_safesysmalloc (Address: 0x47c841a60)
- Perl_safesysrealloc (Address: 0x47c841a68)
- Perl_stack_grow (Address: 0x47c841a70)
- Perl_sv_2bool_flags (Address: 0x47c841a78)
- Perl_sv_2iv_flags (Address: 0x47c841a80)
- Perl_sv_2mortal (Address: 0x47c841a88)
- Perl_sv_2pv_flags (Address: 0x47c841a90)
- Perl_sv_2uv_flags (Address: 0x47c841a98)
- Perl_sv_backoff (Address: 0x47c841aa0)
- Perl_sv_free2 (Address: 0x47c841aa8)
- Perl_sv_grow (Address: 0x47c841ab0)
- Perl_sv_magic (Address: 0x47c841ab8)
- Perl_sv_newmortal (Address: 0x47c841ac0)
- Perl_sv_setiv (Address: 0x47c841ac8)
- Perl_sv_setpv (Address: 0x47c841ad0)
- Perl_sv_setpvn (Address: 0x47c841ad8)
- Perl_warn (Address: 0x47c841ae0)
- Perl_warn_nocontext (Address: 0x47c841ae8)
- Perl_xs_handshake (Address: 0x47c841af0)
NETAPI32.dll
- NetApiBufferFree (Address: 0x47c8418e0)
- NetWkstaGetInfo (Address: 0x47c8418e8)
ole32.dll
- CoCreateGuid (Address: 0x47c8418f8)
- CoTaskMemFree (Address: 0x47c841900)
- StringFromCLSID (Address: 0x47c841908)
SHELL32.dll
- SHGetFolderPathW (Address: 0x47c841918)
- SHGetSpecialFolderPathW (Address: 0x47c841920)
USER32.dll
- GetActiveWindow (Address: 0x47c841930)
- GetSystemMetrics (Address: 0x47c841938)
- MessageBoxW (Address: 0x47c841940)
USERENV.dll
- CreateEnvironmentBlock (Address: 0x47c841950)
- DestroyEnvironmentBlock (Address: 0x47c841958)
VERSION.dll
- GetFileVersionInfoA (Address: 0x47c841968)
- GetFileVersionInfoSizeA (Address: 0x47c841970)
- VerQueryValueA (Address: 0x47c841978)
WINHTTP.dll
- WinHttpCloseHandle (Address: 0x47c841988)
- WinHttpConnect (Address: 0x47c841990)
- WinHttpCrackUrl (Address: 0x47c841998)
- WinHttpGetProxyForUrl (Address: 0x47c8419a0)
- WinHttpOpen (Address: 0x47c8419a8)
- WinHttpOpenRequest (Address: 0x47c8419b0)
- WinHttpQueryHeaders (Address: 0x47c8419b8)
- WinHttpReadData (Address: 0x47c8419c0)
- WinHttpReceiveResponse (Address: 0x47c8419c8)
- WinHttpSendRequest (Address: 0x47c8419d0)
- WinHttpSetOption (Address: 0x47c8419d8)