ToolsInjectionHelper64.dll
Description:
Authors:
Version:
Architecture: 64-bit
Operating System:
SHA256: 92493a76d7efdc65d292430a4dbd9b07
File Size: 866.0 KB
Uploaded At: Dec. 1, 2025, 2:54 p.m.
Views: 6
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: WriteProcessMemory, OpenProcess, VirtualAllocEx
Exported Functions
- DetourFinishHelperProcess (Ordinal: 1, Address: 0x32290)
- FakeEntryPoint (Ordinal: 2, Address: 0xe190)
- GetExportTable (Ordinal: 3, Address: 0xe1f0)
Imported DLLs & Functions
ADVAPI32.dll
- InitializeSecurityDescriptor (Address: 0x1800a4020)
- RegCloseKey (Address: 0x1800a4010)
- RegOpenKeyExA (Address: 0x1800a4008)
- RegQueryValueExA (Address: 0x1800a4000)
- SetSecurityDescriptorDacl (Address: 0x1800a4018)
KERNEL32.dll
- AreFileApisANSI (Address: 0x1800a4300)
- CloseHandle (Address: 0x1800a4398)
- CompareStringEx (Address: 0x1800a43f8)
- CompareStringW (Address: 0x1800a44b8)
- CreateDirectoryA (Address: 0x1800a4120)
- CreateEventW (Address: 0x1800a4418)
- CreateFileA (Address: 0x1800a4128)
- CreateFileMappingA (Address: 0x1800a41f0)
- CreateFileW (Address: 0x1800a42d8)
- CreateMutexA (Address: 0x1800a4198)
- CreatePipe (Address: 0x1800a4038)
- CreateProcessW (Address: 0x1800a40b0)
- CreateSemaphoreA (Address: 0x1800a41e8)
- CreateSemaphoreW (Address: 0x1800a4320)
- CreateThread (Address: 0x1800a4328)
- DecodePointer (Address: 0x1800a43e0)
- DeleteCriticalSection (Address: 0x1800a4058)
- DeleteFileA (Address: 0x1800a4278)
- DuplicateHandle (Address: 0x1800a4390)
- EncodePointer (Address: 0x1800a43d8)
- EnterCriticalSection (Address: 0x1800a4048)
- EnumSystemLocalesW (Address: 0x1800a44e0)
- ExitProcess (Address: 0x1800a4290)
- ExitThread (Address: 0x1800a4470)
- FileTimeToSystemTime (Address: 0x1800a4210)
- FindClose (Address: 0x1800a4130)
- FindFirstFileA (Address: 0x1800a4138)
- FindFirstFileExW (Address: 0x1800a4510)
- FindNextFileA (Address: 0x1800a4140)
- FindNextFileW (Address: 0x1800a42f8)
- FlushFileBuffers (Address: 0x1800a42e0)
- FlushInstructionCache (Address: 0x1800a43b8)
- FormatMessageA (Address: 0x1800a41e0)
- FormatMessageW (Address: 0x1800a42f0)
- FreeEnvironmentStringsW (Address: 0x1800a4548)
- FreeLibrary (Address: 0x1800a40c0)
- FreeLibraryAndExitThread (Address: 0x1800a4478)
- GetACP (Address: 0x1800a4520)
- GetCommandLineA (Address: 0x1800a4530)
- GetCommandLineW (Address: 0x1800a4538)
- GetConsoleMode (Address: 0x1800a44f0)
- GetConsoleOutputCP (Address: 0x1800a44e8)
- GetCPInfo (Address: 0x1800a4400)
- GetCurrentDirectoryW (Address: 0x1800a42d0)
- GetCurrentProcess (Address: 0x1800a4068)
- GetCurrentProcessId (Address: 0x1800a4070)
- GetCurrentThread (Address: 0x1800a4080)
- GetCurrentThreadId (Address: 0x1800a4088)
- GetDateFormatW (Address: 0x1800a44a8)
- GetEnvironmentStringsW (Address: 0x1800a4540)
- GetEnvironmentVariableW (Address: 0x1800a43c0)
- GetExitCodeProcess (Address: 0x1800a4298)
- GetFileAttributesW (Address: 0x1800a43b0)
- GetFileSizeEx (Address: 0x1800a4148)
- GetFileType (Address: 0x1800a44a0)
- GetLastError (Address: 0x1800a4240)
- GetLocaleInfoEx (Address: 0x1800a43f0)
- GetLocaleInfoW (Address: 0x1800a44c8)
- GetModuleFileNameA (Address: 0x1800a4108)
- GetModuleFileNameW (Address: 0x1800a4110)
- GetModuleHandleA (Address: 0x1800a41d0)
- GetModuleHandleExA (Address: 0x1800a4200)
- GetModuleHandleExW (Address: 0x1800a4480)
- GetModuleHandleW (Address: 0x1800a40c8)
- GetNativeSystemInfo (Address: 0x1800a42c8)
- GetOEMCP (Address: 0x1800a4528)
- GetProcAddress (Address: 0x1800a40d0)
- GetProcessHeap (Address: 0x1800a4550)
- GetProcessId (Address: 0x1800a4338)
- GetProcessTimes (Address: 0x1800a41a0)
- GetStartupInfoW (Address: 0x1800a4448)
- GetStdHandle (Address: 0x1800a4498)
- GetStringTypeW (Address: 0x1800a43c8)
- GetSystemInfo (Address: 0x1800a41b0)
- GetSystemTimeAsFileTime (Address: 0x1800a41f8)
- GetTempFileNameA (Address: 0x1800a4288)
- GetTempPathA (Address: 0x1800a4280)
- GetThreadContext (Address: 0x1800a4230)
- GetThreadId (Address: 0x1800a40b8)
- GetTickCount (Address: 0x1800a41b8)
- GetTimeFormatW (Address: 0x1800a44b0)
- GetTimeZoneInformation (Address: 0x1800a4508)
- GetUserDefaultLCID (Address: 0x1800a44d8)
- HeapAlloc (Address: 0x1800a4490)
- HeapFree (Address: 0x1800a4488)
- HeapReAlloc (Address: 0x1800a4500)
- HeapSize (Address: 0x1800a4378)
- InitializeCriticalSection (Address: 0x1800a4040)
- InitializeCriticalSectionAndSpinCount (Address: 0x1800a4408)
- InitializeCriticalSectionEx (Address: 0x1800a43d0)
- InitializeSListHead (Address: 0x1800a4420)
- InterlockedFlushSList (Address: 0x1800a4458)
- InterlockedPushEntrySList (Address: 0x1800a4450)
- IsDebuggerPresent (Address: 0x1800a43a0)
- IsProcessorFeaturePresent (Address: 0x1800a4440)
- IsValidCodePage (Address: 0x1800a4518)
- IsValidLocale (Address: 0x1800a44d0)
- IsWow64Process (Address: 0x1800a42c0)
- LCMapStringEx (Address: 0x1800a43e8)
- LCMapStringW (Address: 0x1800a44c0)
- LeaveCriticalSection (Address: 0x1800a4050)
- LoadLibraryA (Address: 0x1800a40e8)
- LoadLibraryExA (Address: 0x1800a40d8)
- LoadLibraryExW (Address: 0x1800a40e0)
- LoadLibraryW (Address: 0x1800a40f0)
- LocalFree (Address: 0x1800a41d8)
- MapViewOfFileEx (Address: 0x1800a41c0)
- MultiByteToWideChar (Address: 0x1800a4308)
- OpenProcess (Address: 0x1800a42a0)
- OutputDebugStringA (Address: 0x1800a4218)
- QueryFullProcessImageNameA (Address: 0x1800a40f8)
- QueryPerformanceCounter (Address: 0x1800a4170)
- QueryPerformanceFrequency (Address: 0x1800a4178)
- RaiseException (Address: 0x1800a4118)
- ReadConsoleW (Address: 0x1800a4380)
- ReadFile (Address: 0x1800a43a8)
- ReadProcessMemory (Address: 0x1800a42b0)
- ReleaseMutex (Address: 0x1800a4188)
- ReleaseSemaphore (Address: 0x1800a4180)
- RemoveDirectoryA (Address: 0x1800a4150)
- ResetEvent (Address: 0x1800a4360)
- ResumeThread (Address: 0x1800a4228)
- RtlCaptureContext (Address: 0x1800a4310)
- RtlLookupFunctionEntry (Address: 0x1800a4428)
- RtlPcToFileHeader (Address: 0x1800a4460)
- RtlUnwind (Address: 0x1800a4558)
- RtlUnwindEx (Address: 0x1800a4468)
- RtlVirtualUnwind (Address: 0x1800a4430)
- SetEndOfFile (Address: 0x1800a4158)
- SetEnvironmentVariableW (Address: 0x1800a44f8)
- SetEvent (Address: 0x1800a4358)
- SetFilePointer (Address: 0x1800a4160)
- SetFilePointerEx (Address: 0x1800a42e8)
- SetLastError (Address: 0x1800a4030)
- SetNamedPipeHandleState (Address: 0x1800a4340)
- SetStdHandle (Address: 0x1800a4388)
- SetThreadContext (Address: 0x1800a4238)
- SetUnhandledExceptionFilter (Address: 0x1800a4318)
- Sleep (Address: 0x1800a4060)
- SuspendThread (Address: 0x1800a4220)
- SwitchToThread (Address: 0x1800a41a8)
- SystemTimeToTzSpecificLocalTime (Address: 0x1800a4208)
- TerminateProcess (Address: 0x1800a4078)
- TerminateThread (Address: 0x1800a4330)
- TlsAlloc (Address: 0x1800a4090)
- TlsFree (Address: 0x1800a40a8)
- TlsGetValue (Address: 0x1800a4098)
- TlsSetValue (Address: 0x1800a40a0)
- TransactNamedPipe (Address: 0x1800a4348)
- UnhandledExceptionFilter (Address: 0x1800a4438)
- UnmapViewOfFile (Address: 0x1800a41c8)
- VirtualAlloc (Address: 0x1800a4248)
- VirtualAllocEx (Address: 0x1800a42a8)
- VirtualFree (Address: 0x1800a4258)
- VirtualProtect (Address: 0x1800a4250)
- VirtualProtectEx (Address: 0x1800a4268)
- VirtualQuery (Address: 0x1800a4260)
- VirtualQueryEx (Address: 0x1800a4270)
- WaitForMultipleObjects (Address: 0x1800a4368)
- WaitForSingleObject (Address: 0x1800a4190)
- WaitForSingleObjectEx (Address: 0x1800a4410)
- WaitNamedPipeW (Address: 0x1800a4350)
- WideCharToMultiByte (Address: 0x1800a4100)
- WriteConsoleW (Address: 0x1800a4370)
- WriteFile (Address: 0x1800a4168)
- WriteProcessMemory (Address: 0x1800a42b8)
ole32.dll
- CoCreateGuid (Address: 0x1800a4598)
USER32.dll
- MessageBoxA (Address: 0x1800a4570)
- RegisterClassA (Address: 0x1800a4568)
- RegisterClassExA (Address: 0x1800a4580)
- RegisterClassExW (Address: 0x1800a4578)
- RegisterClassW (Address: 0x1800a4588)