LogSession.dll

Description: LogSession

Authors: Copyright 2008 - 10 Adobe Systems Incorporated. All rights reserved.

Version: 2.1.2.1640

Architecture: 32-bit

Operating System: Windows

SHA256: 68599516f8ec98e5504cb39b528067f6

File Size: 493.7 KB

Uploaded At: Dec. 2, 2025, 2:29 p.m.

Views: 7

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: WriteProcessMemory

Exported Functions

  • UTAddToGroup (Ordinal: 1, Address: 0x33280)
  • UTAddToSession (Ordinal: 2, Address: 0x33140)
  • UTCloseSession (Ordinal: 3, Address: 0x332e0)
  • UTGetDemographic (Ordinal: 4, Address: 0x33490)
  • UTGetNonDefaultDemographic (Ordinal: 5, Address: 0x33540)
  • UTGetOptIn (Ordinal: 6, Address: 0x33330)
  • UTInitialize (Ordinal: 7, Address: 0x33070)
  • UTLogEvent (Ordinal: 8, Address: 0x331a0)
  • UTNewDataGroup (Ordinal: 9, Address: 0x33210)
  • UTOptInGet (Ordinal: 10, Address: 0x333e0)
  • UTOptInSet (Ordinal: 11, Address: 0x33440)
  • UTSetDemographic (Ordinal: 12, Address: 0x334f0)
  • UTSetNonDefaultDemographic (Ordinal: 13, Address: 0x335a0)
  • UTSetOptIn (Ordinal: 14, Address: 0x33390)
  • UTSetSerializationState (Ordinal: 15, Address: 0x33600)
  • UTStartSession (Ordinal: 16, Address: 0x330d0)

Imported DLLs & Functions

ADVAPI32.dll
  • CryptAcquireContextA (Address: 0x1005f000)
  • CryptCreateHash (Address: 0x1005f00c)
  • CryptDestroyHash (Address: 0x1005f008)
  • CryptGetHashParam (Address: 0x1005f014)
  • CryptHashData (Address: 0x1005f004)
  • CryptReleaseContext (Address: 0x1005f010)
  • RegCloseKey (Address: 0x1005f01c)
  • RegCreateKeyExW (Address: 0x1005f034)
  • RegDeleteKeyW (Address: 0x1005f02c)
  • RegDeleteValueW (Address: 0x1005f028)
  • RegEnumValueW (Address: 0x1005f024)
  • RegOpenKeyExW (Address: 0x1005f020)
  • RegQueryValueExW (Address: 0x1005f030)
  • RegSetValueExW (Address: 0x1005f018)
KERNEL32.dll
  • CloseHandle (Address: 0x1005f044)
  • CompareFileTime (Address: 0x1005f054)
  • CompareStringW (Address: 0x1005f0d8)
  • CopyFileW (Address: 0x1005f060)
  • CreateFileA (Address: 0x1005f128)
  • CreateFileW (Address: 0x1005f040)
  • CreateProcessW (Address: 0x1005f04c)
  • CreateThread (Address: 0x1005f18c)
  • DecodePointer (Address: 0x1005f16c)
  • DeleteCriticalSection (Address: 0x1005f0b8)
  • DeleteFileW (Address: 0x1005f084)
  • EncodePointer (Address: 0x1005f168)
  • EnterCriticalSection (Address: 0x1005f0b4)
  • EnumSystemLocalesA (Address: 0x1005f134)
  • ExitProcess (Address: 0x1005f1d4)
  • ExitThread (Address: 0x1005f184)
  • ExpandEnvironmentStringsW (Address: 0x1005f0a8)
  • FileTimeToLocalFileTime (Address: 0x1005f080)
  • FindClose (Address: 0x1005f068)
  • FindFirstFileW (Address: 0x1005f048)
  • FindNextFileW (Address: 0x1005f070)
  • FindResourceExW (Address: 0x1005f090)
  • FindResourceW (Address: 0x1005f118)
  • FlushFileBuffers (Address: 0x1005f124)
  • FreeEnvironmentStringsW (Address: 0x1005f06c)
  • FreeLibrary (Address: 0x1005f10c)
  • GetACP (Address: 0x1005f0e0)
  • GetCommandLineA (Address: 0x1005f1a8)
  • GetConsoleCP (Address: 0x1005f148)
  • GetConsoleMode (Address: 0x1005f144)
  • GetCPInfo (Address: 0x1005f17c)
  • GetCurrentProcess (Address: 0x1005f0f0)
  • GetCurrentProcessId (Address: 0x1005f190)
  • GetCurrentThreadId (Address: 0x1005f188)
  • GetDateFormatA (Address: 0x1005f198)
  • GetDiskFreeSpaceW (Address: 0x1005f064)
  • GetEnvironmentStringsW (Address: 0x1005f058)
  • GetExitCodeThread (Address: 0x1005f088)
  • GetFileAttributesExW (Address: 0x1005f078)
  • GetFileTime (Address: 0x1005f074)
  • GetFileType (Address: 0x1005f1a0)
  • GetLastError (Address: 0x1005f104)
  • GetLocaleInfoA (Address: 0x1005f0c4)
  • GetLocaleInfoW (Address: 0x1005f120)
  • GetModuleFileNameA (Address: 0x1005f0f8)
  • GetModuleFileNameW (Address: 0x1005f0a4)
  • GetModuleHandleW (Address: 0x1005f1d0)
  • GetOEMCP (Address: 0x1005f1e4)
  • GetProcAddress (Address: 0x1005f100)
  • GetProcessHeap (Address: 0x1005f110)
  • GetStartupInfoW (Address: 0x1005f1e0)
  • GetStdHandle (Address: 0x1005f1a4)
  • GetStringTypeW (Address: 0x1005f164)
  • GetSystemDirectoryA (Address: 0x1005f108)
  • GetSystemInfo (Address: 0x1005f0cc)
  • GetSystemTimeAsFileTime (Address: 0x1005f180)
  • GetTickCount (Address: 0x1005f140)
  • GetTimeFormatA (Address: 0x1005f194)
  • GetTimeZoneInformation (Address: 0x1005f11c)
  • GetUserDefaultLCID (Address: 0x1005f138)
  • GetVersionExA (Address: 0x1005f07c)
  • GlobalMemoryStatusEx (Address: 0x1005f0c8)
  • HeapAlloc (Address: 0x1005f178)
  • HeapCreate (Address: 0x1005f1c8)
  • HeapDestroy (Address: 0x1005f1cc)
  • HeapFree (Address: 0x1005f174)
  • HeapReAlloc (Address: 0x1005f12c)
  • HeapSize (Address: 0x1005f13c)
  • InitializeCriticalSection (Address: 0x1005f0ac)
  • InitializeCriticalSectionAndSpinCount (Address: 0x1005f1dc)
  • InterlockedCompareExchange (Address: 0x1005f15c)
  • InterlockedDecrement (Address: 0x1005f158)
  • InterlockedExchange (Address: 0x1005f160)
  • InterlockedIncrement (Address: 0x1005f154)
  • IsDebuggerPresent (Address: 0x1005f1c0)
  • IsProcessorFeaturePresent (Address: 0x1005f1c4)
  • IsValidCodePage (Address: 0x1005f1e8)
  • IsValidLocale (Address: 0x1005f130)
  • LCMapStringW (Address: 0x1005f1b4)
  • LeaveCriticalSection (Address: 0x1005f0b0)
  • LoadLibraryA (Address: 0x1005f0fc)
  • LoadLibraryW (Address: 0x1005f05c)
  • LoadResource (Address: 0x1005f098)
  • LockResource (Address: 0x1005f0a0)
  • lstrlenW (Address: 0x1005f0bc)
  • MoveFileExW (Address: 0x1005f050)
  • MultiByteToWideChar (Address: 0x1005f094)
  • QueryPerformanceCounter (Address: 0x1005f200)
  • RaiseException (Address: 0x1005f1ac)
  • ReadFile (Address: 0x1005f150)
  • RtlUnwind (Address: 0x1005f1b0)
  • SetEndOfFile (Address: 0x1005f0d0)
  • SetEnvironmentVariableA (Address: 0x1005f114)
  • SetEnvironmentVariableW (Address: 0x1005f0d4)
  • SetFilePointer (Address: 0x1005f14c)
  • SetHandleCount (Address: 0x1005f1d8)
  • SetLastError (Address: 0x1005f1fc)
  • SetStdHandle (Address: 0x1005f0dc)
  • SetUnhandledExceptionFilter (Address: 0x1005f0f4)
  • SizeofResource (Address: 0x1005f09c)
  • Sleep (Address: 0x1005f170)
  • SuspendThread (Address: 0x1005f08c)
  • TerminateProcess (Address: 0x1005f1b8)
  • TlsAlloc (Address: 0x1005f1ec)
  • TlsFree (Address: 0x1005f1f8)
  • TlsGetValue (Address: 0x1005f1f0)
  • TlsSetValue (Address: 0x1005f1f4)
  • UnhandledExceptionFilter (Address: 0x1005f1bc)
  • VerLanguageNameW (Address: 0x1005f0c0)
  • VirtualProtect (Address: 0x1005f0ec)
  • WideCharToMultiByte (Address: 0x1005f0e4)
  • WriteConsoleW (Address: 0x1005f19c)
  • WriteFile (Address: 0x1005f03c)
  • WriteProcessMemory (Address: 0x1005f0e8)
ole32.dll
  • CoCreateGuid (Address: 0x1005f258)
  • CoTaskMemFree (Address: 0x1005f254)
SETUPAPI.dll
  • SetupDiEnumDeviceInfo (Address: 0x1005f20c)
  • SetupDiGetClassDevsA (Address: 0x1005f210)
  • SetupDiGetDeviceRegistryPropertyA (Address: 0x1005f208)
SHELL32.dll
  • SHCreateDirectoryExW (Address: 0x1005f21c)
  • SHFileOperationW (Address: 0x1005f218)
  • SHGetFolderPathW (Address: 0x1005f220)
SHLWAPI.dll
  • PathFileExistsW (Address: 0x1005f228)
  • PathIsDirectoryW (Address: 0x1005f22c)
USER32.dll
  • EnumDisplayMonitors (Address: 0x1005f23c)
  • GetMonitorInfoA (Address: 0x1005f234)
  • GetSystemMetrics (Address: 0x1005f238)
VERSION.dll
  • GetFileVersionInfoSizeW (Address: 0x1005f244)
  • GetFileVersionInfoW (Address: 0x1005f24c)
  • VerQueryValueW (Address: 0x1005f248)