invagent.dll

Description: Inventory Agent

Version: 10.0.19041.6392

Architecture: 64-bit

Operating System: Windows NT

SHA256: 45b1d954608437b7997b8aa26889dcb1

File Size: 614.4 KB

Uploaded At: Dec. 1, 2025, 7:29 a.m.

Views: 7

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

GetDetailedAppInventoryReport (Ordinal: 1, Address: 0xc220)
GetFileSigningInfoTC (Ordinal: 2, Address: 0xde50)
RunUpdate (Ordinal: 3, Address: 0xd890)
RunUpdateTC (Ordinal: 4, Address: 0xce00)
DllCanUnloadNow (Ordinal: 5, Address: 0x169a0)
DllGetClassObject (Ordinal: 6, Address: 0x16420)
DllRegisterServer (Ordinal: 7, Address: 0x16f10)
DllUnregisterServer (Ordinal: 8, Address: 0x17470)

Imported DLLs & Functions

ADVAPI32.dll

CloseServiceHandle (Address: 0x18006b108)
ControlServiceExW (Address: 0x18006b0f8)
ControlTraceW (Address: 0x18006b138)
CreateProcessAsUserW (Address: 0x18006b0b0)
CryptAcquireContextW (Address: 0x18006b0d8)
CryptCreateHash (Address: 0x18006b0d0)
CryptDestroyHash (Address: 0x18006b0c0)
CryptGetHashParam (Address: 0x18006b0a0)
CryptHashData (Address: 0x18006b0c8)
CryptReleaseContext (Address: 0x18006b0b8)
EnableTrace (Address: 0x18006b120)
EnableTraceEx2 (Address: 0x18006b128)
EventRegister (Address: 0x18006b1c8)
EventSetInformation (Address: 0x18006b0a8)
EventUnregister (Address: 0x18006b1c0)
EventWriteTransfer (Address: 0x18006b1a8)
InitializeSecurityDescriptor (Address: 0x18006b210)
OpenSCManagerW (Address: 0x18006b118)
OpenServiceW (Address: 0x18006b110)
OpenThreadToken (Address: 0x18006b140)
QueryServiceStatusEx (Address: 0x18006b100)
RegCloseKey (Address: 0x18006b1d8)
RegCreateKeyExW (Address: 0x18006b188)
RegDeleteKeyExW (Address: 0x18006b170)
RegDeleteKeyValueW (Address: 0x18006b1f0)
RegDeleteKeyW (Address: 0x18006b180)
RegDeleteTreeW (Address: 0x18006b1a0)
RegDeleteValueW (Address: 0x18006b1e0)
RegEnumKeyExW (Address: 0x18006b198)
RegEnumValueW (Address: 0x18006b0e0)
RegFlushKey (Address: 0x18006b160)
RegGetValueW (Address: 0x18006b1f8)
RegLoadAppKeyW (Address: 0x18006b168)
RegLoadKeyW (Address: 0x18006b158)
RegOpenKeyExW (Address: 0x18006b1b8)
RegOpenKeyW (Address: 0x18006b1e8)
RegQueryInfoKeyW (Address: 0x18006b1b0)
RegSaveKeyExW (Address: 0x18006b190)
RegSetKeySecurity (Address: 0x18006b200)
RegSetKeyValueW (Address: 0x18006b178)
RegSetValueExW (Address: 0x18006b1d0)
RegUnLoadKeyW (Address: 0x18006b150)
SetEntriesInAclW (Address: 0x18006b218)
SetSecurityDescriptorDacl (Address: 0x18006b208)
SetSecurityDescriptorOwner (Address: 0x18006b148)
StartServiceW (Address: 0x18006b0f0)
StartTraceW (Address: 0x18006b130)
TraceEvent (Address: 0x18006b0e8)

AEINV.dll

CreateSoftwareInventory (Address: 0x18006b238)
GetAppInventory (Address: 0x18006b240)
GetCachedAppInventory (Address: 0x18006b230)
GetDetailedAppInventory (Address: 0x18006b228)

AEPIC.dll

PicFreeFileInfo (Address: 0x18006b250)
PicRetrieveFileInfo (Address: 0x18006b258)

api-ms-win-core-featurestaging-l1-1-0.dll

GetFeatureEnabledState (Address: 0x18006b7a8)
RecordFeatureUsage (Address: 0x18006b7a0)
SubscribeFeatureStateChangeNotification (Address: 0x18006b790)
UnsubscribeFeatureStateChangeNotification (Address: 0x18006b798)

bcrypt.dll

BCryptCloseAlgorithmProvider (Address: 0x18006b7e0)
BCryptCreateHash (Address: 0x18006b7c8)
BCryptDestroyHash (Address: 0x18006b7d8)
BCryptFinishHash (Address: 0x18006b7b8)
BCryptGetProperty (Address: 0x18006b7e8)
BCryptHashData (Address: 0x18006b7c0)
BCryptOpenAlgorithmProvider (Address: 0x18006b7d0)

CRYPT32.dll

CertDuplicateCertificateContext (Address: 0x18006b280)
CertFreeCertificateContext (Address: 0x18006b268)
CertGetCertificateContextProperty (Address: 0x18006b278)
CertGetNameStringW (Address: 0x18006b270)

devinv.dll

CreateDeviceInventory (Address: 0x18006b7f8)

KERNEL32.dll

AcquireSRWLockExclusive (Address: 0x18006b4c8)
AcquireSRWLockShared (Address: 0x18006b478)
CloseHandle (Address: 0x18006b4b0)
CloseThreadpoolTimer (Address: 0x18006b4d0)
CreateActCtxW (Address: 0x18006b298)
CreateEventW (Address: 0x18006b440)
CreateFileMappingW (Address: 0x18006b368)
CreateFileW (Address: 0x18006b628)
CreateMutexExW (Address: 0x18006b480)
CreateMutexW (Address: 0x18006b648)
CreateProcessW (Address: 0x18006b5a0)
CreateSemaphoreExW (Address: 0x18006b550)
CreateSemaphoreW (Address: 0x18006b3c8)
CreateThread (Address: 0x18006b348)
CreateThreadpoolTimer (Address: 0x18006b498)
CreateWaitableTimerW (Address: 0x18006b560)
DebugBreak (Address: 0x18006b450)
DecodePointer (Address: 0x18006b300)
DelayLoadFailureHook (Address: 0x18006b328)
DeleteCriticalSection (Address: 0x18006b470)
DeleteFileW (Address: 0x18006b3f8)
DeviceIoControl (Address: 0x18006b3c0)
EncodePointer (Address: 0x18006b308)
EnterCriticalSection (Address: 0x18006b538)
ExitProcess (Address: 0x18006b350)
ExpandEnvironmentStringsW (Address: 0x18006b400)
FileTimeToLocalFileTime (Address: 0x18006b3a0)
FileTimeToSystemTime (Address: 0x18006b3a8)
FindClose (Address: 0x18006b640)
FindFirstFileW (Address: 0x18006b630)
FindNextFileW (Address: 0x18006b638)
FormatMessageW (Address: 0x18006b4f0)
FreeLibrary (Address: 0x18006b420)
GetCommandLineW (Address: 0x18006b650)
GetCurrentProcess (Address: 0x18006b290)
GetCurrentProcessId (Address: 0x18006b468)
GetCurrentThread (Address: 0x18006b410)
GetCurrentThreadId (Address: 0x18006b500)
GetExitCodeProcess (Address: 0x18006b598)
GetFileAttributesW (Address: 0x18006b5e0)
GetFileSize (Address: 0x18006b370)
GetLastError (Address: 0x18006b4e8)
GetModuleFileNameA (Address: 0x18006b558)
GetModuleFileNameW (Address: 0x18006b658)
GetModuleHandleExA (Address: 0x18006b438)
GetModuleHandleExW (Address: 0x18006b528)
GetModuleHandleW (Address: 0x18006b458)
GetProcAddress (Address: 0x18006b488)
GetProcessHeap (Address: 0x18006b460)
GetStringTypeW (Address: 0x18006b320)
GetSystemDirectoryA (Address: 0x18006b430)
GetSystemDirectoryW (Address: 0x18006b620)
GetSystemFirmwareTable (Address: 0x18006b378)
GetSystemTime (Address: 0x18006b340)
GetSystemTimeAsFileTime (Address: 0x18006b2c0)
GetSystemWindowsDirectoryW (Address: 0x18006b5f8)
GetTempFileNameW (Address: 0x18006b5f0)
GetTempPathW (Address: 0x18006b5e8)
GetTickCount (Address: 0x18006b408)
GetVolumeInformationByHandleW (Address: 0x18006b3b8)
HeapAlloc (Address: 0x18006b490)
HeapFree (Address: 0x18006b548)
HeapReAlloc (Address: 0x18006b618)
HeapSize (Address: 0x18006b338)
InitializeCriticalSection (Address: 0x18006b3f0)
InitializeCriticalSectionEx (Address: 0x18006b518)
InitOnceBeginInitialize (Address: 0x18006b2e0)
InitOnceComplete (Address: 0x18006b2e8)
InitOnceExecuteOnce (Address: 0x18006b2b8)
IsDebuggerPresent (Address: 0x18006b448)
K32EnumProcesses (Address: 0x18006b398)
K32EnumProcessModules (Address: 0x18006b388)
K32GetModuleFileNameExW (Address: 0x18006b380)
LeaveCriticalSection (Address: 0x18006b520)
LoadLibraryA (Address: 0x18006b428)
LoadLibraryExW (Address: 0x18006b5b0)
LoadLibraryW (Address: 0x18006b610)
LocalAlloc (Address: 0x18006b5a8)
LocaleNameToLCID (Address: 0x18006b3b0)
LocalFree (Address: 0x18006b5d0)
MapViewOfFile (Address: 0x18006b5d8)
MoveFileExW (Address: 0x18006b5b8)
MultiByteToWideChar (Address: 0x18006b310)
OpenProcess (Address: 0x18006b390)
OpenSemaphoreW (Address: 0x18006b4b8)
OpenWaitableTimerW (Address: 0x18006b3d8)
OutputDebugStringA (Address: 0x18006b580)
OutputDebugStringW (Address: 0x18006b4d8)
QueryActCtxW (Address: 0x18006b2a0)
QueryPerformanceCounter (Address: 0x18006b2c8)
QueryThreadCycleTime (Address: 0x18006b418)
ReleaseActCtx (Address: 0x18006b2a8)
ReleaseMutex (Address: 0x18006b4f8)
ReleaseSemaphore (Address: 0x18006b530)
ReleaseSRWLockExclusive (Address: 0x18006b4e0)
ReleaseSRWLockShared (Address: 0x18006b4a0)
ResolveDelayLoadedAPI (Address: 0x18006b330)
RtlCaptureContext (Address: 0x18006b5c0)
RtlCompareMemory (Address: 0x18006b2b0)
RtlLookupFunctionEntry (Address: 0x18006b578)
RtlVirtualUnwind (Address: 0x18006b360)
SetEvent (Address: 0x18006b3d0)
SetLastError (Address: 0x18006b540)
SetNamedPipeHandleState (Address: 0x18006b590)
SetThreadpoolTimer (Address: 0x18006b4a8)
SetUnhandledExceptionFilter (Address: 0x18006b2d0)
SetWaitableTimer (Address: 0x18006b568)
Sleep (Address: 0x18006b5c8)
SleepConditionVariableSRW (Address: 0x18006b2f0)
TerminateProcess (Address: 0x18006b3e8)
UnhandledExceptionFilter (Address: 0x18006b2d8)
UnmapViewOfFile (Address: 0x18006b358)
VerifyVersionInfoW (Address: 0x18006b600)
VerSetConditionMask (Address: 0x18006b608)
WaitForMultipleObjects (Address: 0x18006b3e0)
WaitForSingleObject (Address: 0x18006b508)
WaitForSingleObjectEx (Address: 0x18006b4c0)
WaitForThreadpoolTimerCallbacks (Address: 0x18006b510)
WaitNamedPipeW (Address: 0x18006b570)
WakeAllConditionVariable (Address: 0x18006b2f8)
WideCharToMultiByte (Address: 0x18006b318)
WriteFile (Address: 0x18006b588)

msvcrt.dll

___lc_codepage_func (Address: 0x18006b930)
___lc_collate_cp_func (Address: 0x18006b918)
___lc_handle_func (Address: 0x18006b910)
___mb_cur_max_func (Address: 0x18006b928)
__C_specific_handler (Address: 0x18006b9f8)
__crtCompareStringW (Address: 0x18006b920)
__crtLCMapStringW (Address: 0x18006b908)
__CxxFrameHandler3 (Address: 0x18006b8d8)
__dllonexit (Address: 0x18006b9a8)
__pctype_func (Address: 0x18006b938)
__uncaught_exception (Address: 0x18006b9a0)
_amsg_exit (Address: 0x18006b9e0)
_CxxThrowException (Address: 0x18006b9f0)
_errno (Address: 0x18006b820)
_initterm (Address: 0x18006b9c8)
_lock (Address: 0x18006b9b8)
_mktime64 (Address: 0x18006b988)
_onexit (Address: 0x18006b980)
_purecall (Address: 0x18006ba60)
_snwscanf_s (Address: 0x18006b8e0)
_strnicmp (Address: 0x18006ba28)
_unlock (Address: 0x18006b9b0)
_vscwprintf (Address: 0x18006b898)
_vsnprintf (Address: 0x18006ba08)
_vsnprintf_s (Address: 0x18006ba40)
_vsnwprintf (Address: 0x18006ba70)
_vsnwprintf_s (Address: 0x18006ba00)
_wcsicmp (Address: 0x18006b828)
_wcslwr (Address: 0x18006b858)
_wcsnicmp (Address: 0x18006b838)
_wctime64 (Address: 0x18006b8b0)
_wmkdir (Address: 0x18006b8c0)
_wsplitpath_s (Address: 0x18006b998)
_wtoi (Address: 0x18006b860)
_wtoi64 (Address: 0x18006b8a8)
_XcptFilter (Address: 0x18006b9e8)
??0bad_cast@@QEAA@AEBV0@@Z (Address: 0x18006b878)
??0bad_cast@@QEAA@PEBD@Z (Address: 0x18006b888)
??0exception@@QEAA@AEBQEBD@Z (Address: 0x18006ba18)
??0exception@@QEAA@AEBQEBDH@Z (Address: 0x18006b900)
??0exception@@QEAA@AEBV0@@Z (Address: 0x18006ba48)
??0exception@@QEAA@XZ (Address: 0x18006ba50)
??1bad_cast@@UEAA@XZ (Address: 0x18006b880)
??1exception@@UEAA@XZ (Address: 0x18006ba58)
??1type_info@@UEAA@XZ (Address: 0x18006b978)
?terminate@@YAXXZ (Address: 0x18006b9c0)
?what@exception@@UEBAPEBDXZ (Address: 0x18006ba20)
abort (Address: 0x18006b968)
calloc (Address: 0x18006b948)
free (Address: 0x18006b9d8)
iswalpha (Address: 0x18006b8b8)
malloc (Address: 0x18006b9d0)
memcmp (Address: 0x18006b950)
memcpy (Address: 0x18006b8f8)
memcpy_s (Address: 0x18006ba68)
memmove (Address: 0x18006b960)
memmove_s (Address: 0x18006ba38)
memset (Address: 0x18006b940)
realloc (Address: 0x18006b870)
setlocale (Address: 0x18006b8f0)
sprintf_s (Address: 0x18006b830)
strchr (Address: 0x18006b818)
strcmp (Address: 0x18006b970)
strcpy_s (Address: 0x18006b840)
strerror (Address: 0x18006b958)
strncmp (Address: 0x18006b850)
strnlen (Address: 0x18006b8c8)
strrchr (Address: 0x18006ba30)
tolower (Address: 0x18006b890)
towlower (Address: 0x18006b8a0)
wcscat_s (Address: 0x18006ba78)
wcschr (Address: 0x18006b990)
wcscmp (Address: 0x18006ba80)
wcscpy_s (Address: 0x18006b808)
wcsncmp (Address: 0x18006ba10)
wcsrchr (Address: 0x18006b810)
wcsstr (Address: 0x18006b848)
wcstombs (Address: 0x18006b868)
wcstoul (Address: 0x18006b8d0)
wprintf (Address: 0x18006b8e8)

ntdll.dll

EtwEventRegister (Address: 0x18006bb10)
EtwEventUnregister (Address: 0x18006bb20)
EtwEventWrite (Address: 0x18006bb18)
EtwTraceMessage (Address: 0x18006baa0)
LdrResSearchResource (Address: 0x18006bac0)
NtLoadKeyEx (Address: 0x18006bbc8)
NtQueryInformationProcess (Address: 0x18006ba98)
NtQueryInformationToken (Address: 0x18006bb70)
NtQueryKey (Address: 0x18006bc08)
NtQueryLicenseValue (Address: 0x18006baa8)
RtlAdjustPrivilege (Address: 0x18006bc30)
RtlAllocateAndInitializeSid (Address: 0x18006bc20)
RtlAllocateHeap (Address: 0x18006bc48)
RtlAnsiStringToUnicodeString (Address: 0x18006baf8)
RtlAppendUnicodeStringToString (Address: 0x18006bbe8)
RtlAppendUnicodeToString (Address: 0x18006bbf0)
RtlComputeCrc32 (Address: 0x18006bb68)
RtlDeleteCriticalSection (Address: 0x18006bb58)
RtlDosPathNameToNtPathName_U_WithStatus (Address: 0x18006bbb0)
RtlDosPathNameToRelativeNtPathName_U (Address: 0x18006bbd0)
RtlEnterCriticalSection (Address: 0x18006bb48)
RtlEqualString (Address: 0x18006bb50)
RtlFreeHeap (Address: 0x18006bc38)
RtlFreeSid (Address: 0x18006bc18)
RtlFreeUnicodeString (Address: 0x18006bbe0)
RtlGetNativeSystemInformation (Address: 0x18006bae8)
RtlGetVersion (Address: 0x18006ba90)
RtlImageDirectoryEntryToData (Address: 0x18006bab0)
RtlInitAnsiString (Address: 0x18006bb40)
RtlInitializeCriticalSection (Address: 0x18006bb30)
RtlInitString (Address: 0x18006bb08)
RtlInitUnicodeString (Address: 0x18006bba8)
RtlInitUnicodeStringEx (Address: 0x18006bbd8)
RtlLeaveCriticalSection (Address: 0x18006bb28)
RtlMultiByteToUnicodeN (Address: 0x18006bb38)
RtlNtStatusToDosError (Address: 0x18006bc28)
RtlRandomEx (Address: 0x18006bc00)
RtlReAllocateHeap (Address: 0x18006bc40)
RtlReleaseRelativeName (Address: 0x18006bbc0)
RtlSecondsSince1970ToTime (Address: 0x18006bb60)
RtlStringFromGUID (Address: 0x18006bbf8)
RtlTimeToTimeFields (Address: 0x18006bac8)
RtlUpcaseUnicodeChar (Address: 0x18006baf0)
RtlVerifyVersionInfo (Address: 0x18006bab8)
RtlxAnsiStringToUnicodeSize (Address: 0x18006bb00)
WinSqmIsOptedInEx (Address: 0x18006bc10)
ZwClose (Address: 0x18006bbb8)
ZwCreateFile (Address: 0x18006bb88)
ZwCreateSection (Address: 0x18006bb78)
ZwEnumerateKey (Address: 0x18006bb98)
ZwMapViewOfSection (Address: 0x18006bad0)
ZwOpenKey (Address: 0x18006bba0)
ZwQueryInformationFile (Address: 0x18006bb80)
ZwQuerySystemInformation (Address: 0x18006bae0)
ZwQueryValueKey (Address: 0x18006bb90)
ZwUnmapViewOfSection (Address: 0x18006bad8)

ole32.dll

CoCreateInstance (Address: 0x18006bc80)
CoImpersonateClient (Address: 0x18006bc88)
CoInitializeEx (Address: 0x18006bc58)
CoRevertToSelf (Address: 0x18006bc90)
CoTaskMemAlloc (Address: 0x18006bc70)
CoTaskMemFree (Address: 0x18006bc68)
CoUninitialize (Address: 0x18006bc60)
PropVariantClear (Address: 0x18006bc78)

OLEAUT32.dll

SysAllocString (Address: 0x18006b688)
SysFreeString (Address: 0x18006b698)
SysStringByteLen (Address: 0x18006b690)
SysStringLen (Address: 0x18006b680)
VariantChangeType (Address: 0x18006b668)
VariantClear (Address: 0x18006b670)
VariantInit (Address: 0x18006b678)

RPCRT4.dll

UuidCreate (Address: 0x18006b6a8)

SHELL32.dll

CommandLineToArgvW (Address: 0x18006b6b8)
SHFileOperationW (Address: 0x18006b6c0)
SHGetKnownFolderPath (Address: 0x18006b6c8)

SHLWAPI.dll

PathFileExistsW (Address: 0x18006b6d8)
PathFindFileNameW (Address: 0x18006b6e8)
PathUnExpandEnvStringsW (Address: 0x18006b6e0)

wer.dll

WerReportAddFile (Address: 0x18006bcb8)
WerReportCloseHandle (Address: 0x18006bca8)
WerReportCreate (Address: 0x18006bca0)
WerReportSetParameter (Address: 0x18006bcb0)
WerReportSubmit (Address: 0x18006bcc0)

WINHTTP.dll

WinHttpCloseHandle (Address: 0x18006b6f8)
WinHttpConnect (Address: 0x18006b728)
WinHttpOpen (Address: 0x18006b708)
WinHttpOpenRequest (Address: 0x18006b730)
WinHttpQueryDataAvailable (Address: 0x18006b720)
WinHttpReadData (Address: 0x18006b700)
WinHttpReceiveResponse (Address: 0x18006b710)
WinHttpSendRequest (Address: 0x18006b718)

WINTRUST.dll

CryptCATAdminAcquireContext (Address: 0x18006b768)
CryptCATAdminCalcHashFromFileHandle (Address: 0x18006b740)
CryptCATAdminEnumCatalogFromHash (Address: 0x18006b760)
CryptCATAdminReleaseCatalogContext (Address: 0x18006b770)
CryptCATAdminReleaseContext (Address: 0x18006b778)
CryptCATCatalogInfoFromContext (Address: 0x18006b780)
WinVerifyTrust (Address: 0x18006b758)
WTHelperGetProvSignerFromChain (Address: 0x18006b748)
WTHelperProvDataFromStateData (Address: 0x18006b750)