VsGraphicsCaptureEngine.dll

Description: Visual Studio Graphics Capture Engine

Authors: © Microsoft Corporation. All rights reserved.

Version: 17.0.36015.10

Architecture: Unknown (0x1c4)

Operating System: Windows

SHA256: ea7ee5ff11e4b57f486cb21ea9191955

File Size: 98.5 KB

Uploaded At: Dec. 2, 2025, 2:41 p.m.

Views: 4

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • CheckGraphicsTools (Ordinal: 1, Address: 0x59e1)
  • DllGetClassObject (Ordinal: 2, Address: 0x38d1)
  • PixCapture_BeginCommunication (Ordinal: 3, Address: 0x7621)
  • PixCapture_EndCommunication (Ordinal: 4, Address: 0x79a1)
  • PixCapture_ExitProcess (Ordinal: 5, Address: 0x7a21)
  • PixCapture_IsLegacyMachine (Ordinal: 6, Address: 0x7741)
  • PixCapture_RunAction (Ordinal: 7, Address: 0x78f1)
  • PixCapture_RunExperiment (Ordinal: 8, Address: 0x77d1)
  • PixCapture_SetResources (Ordinal: 9, Address: 0x7781)
  • UpdateGraphicsTools (Ordinal: 10, Address: 0x5b81)

Imported DLLs & Functions

ADVAPI32.dll
  • AddAccessAllowedAceEx (Address: 0x1000b01c)
  • AddAce (Address: 0x1000b020)
  • CreateWellKnownSid (Address: 0x1000b00c)
  • GetAce (Address: 0x1000b024)
  • GetAclInformation (Address: 0x1000b030)
  • GetFileSecurityW (Address: 0x1000b014)
  • GetLengthSid (Address: 0x1000b02c)
  • InitializeAcl (Address: 0x1000b028)
  • MakeAbsoluteSD (Address: 0x1000b034)
  • RegCloseKey (Address: 0x1000b004)
  • RegOpenKeyExW (Address: 0x1000b008)
  • RegQueryValueExW (Address: 0x1000b000)
  • SetFileSecurityW (Address: 0x1000b010)
  • SetSecurityDescriptorDacl (Address: 0x1000b018)
api-ms-win-crt-heap-l1-1-0.dll
  • _callnewh (Address: 0x1000b1d8)
  • free (Address: 0x1000b1d4)
  • malloc (Address: 0x1000b1dc)
api-ms-win-crt-runtime-l1-1-0.dll
  • _cexit (Address: 0x1000b210)
  • _configure_narrow_argv (Address: 0x1000b1e4)
  • _crt_atexit (Address: 0x1000b214)
  • _errno (Address: 0x1000b1f4)
  • _execute_onexit_table (Address: 0x1000b1fc)
  • _initialize_narrow_environment (Address: 0x1000b1e8)
  • _initialize_onexit_table (Address: 0x1000b1ec)
  • _initterm (Address: 0x1000b204)
  • _initterm_e (Address: 0x1000b200)
  • _invalid_parameter_noinfo (Address: 0x1000b1f0)
  • _register_onexit_function (Address: 0x1000b1f8)
  • _seh_filter_dll (Address: 0x1000b20c)
  • terminate (Address: 0x1000b208)
api-ms-win-crt-stdio-l1-1-0.dll
  • __stdio_common_vswprintf (Address: 0x1000b21c)
  • __stdio_common_vswprintf_s (Address: 0x1000b220)
api-ms-win-crt-string-l1-1-0.dll
  • _wcsicmp (Address: 0x1000b22c)
  • wcscat_s (Address: 0x1000b230)
  • wcscpy_s (Address: 0x1000b234)
  • wcslen (Address: 0x1000b228)
  • wcsnlen (Address: 0x1000b23c)
  • wcstok_s (Address: 0x1000b240)
  • wmemcpy_s (Address: 0x1000b238)
KERNEL32.dll
  • CloseHandle (Address: 0x1000b120)
  • ConnectNamedPipe (Address: 0x1000b054)
  • CopyFileW (Address: 0x1000b094)
  • CreateEventW (Address: 0x1000b078)
  • CreateFileW (Address: 0x1000b11c)
  • CreateNamedPipeW (Address: 0x1000b058)
  • CreateProcessW (Address: 0x1000b084)
  • CreateSemaphoreW (Address: 0x1000b088)
  • CreateThread (Address: 0x1000b114)
  • DecodePointer (Address: 0x1000b0c4)
  • DeleteCriticalSection (Address: 0x1000b0e8)
  • DeleteFileW (Address: 0x1000b128)
  • EnterCriticalSection (Address: 0x1000b0f0)
  • FindResourceExW (Address: 0x1000b138)
  • FindResourceW (Address: 0x1000b0a8)
  • FlushFileBuffers (Address: 0x1000b060)
  • FreeLibrary (Address: 0x1000b108)
  • GetAppContainerNamedObjectPath (Address: 0x1000b064)
  • GetCurrentProcessId (Address: 0x1000b130)
  • GetCurrentThreadId (Address: 0x1000b100)
  • GetEnvironmentVariableW (Address: 0x1000b0a4)
  • GetFileAttributesExW (Address: 0x1000b098)
  • GetFileAttributesW (Address: 0x1000b110)
  • GetFileSizeEx (Address: 0x1000b118)
  • GetLastError (Address: 0x1000b13c)
  • GetLocalTime (Address: 0x1000b07c)
  • GetModuleFileNameW (Address: 0x1000b104)
  • GetModuleHandleA (Address: 0x1000b03c)
  • GetModuleHandleW (Address: 0x1000b0c8)
  • GetOverlappedResult (Address: 0x1000b068)
  • GetProcAddress (Address: 0x1000b0ec)
  • GetProcessHeap (Address: 0x1000b0dc)
  • GetSystemDirectoryW (Address: 0x1000b134)
  • GetSystemTimeAsFileTime (Address: 0x1000b048)
  • GetTempFileNameW (Address: 0x1000b10c)
  • GetTempPathW (Address: 0x1000b0ac)
  • HeapAlloc (Address: 0x1000b0e0)
  • HeapDestroy (Address: 0x1000b0b8)
  • HeapFree (Address: 0x1000b0d8)
  • HeapReAlloc (Address: 0x1000b0b0)
  • HeapSize (Address: 0x1000b0b4)
  • InitializeCriticalSection (Address: 0x1000b0e4)
  • InitializeCriticalSectionAndSpinCount (Address: 0x1000b08c)
  • InitializeCriticalSectionEx (Address: 0x1000b0bc)
  • InitializeSListHead (Address: 0x1000b044)
  • IsDebuggerPresent (Address: 0x1000b040)
  • IsProcessorFeaturePresent (Address: 0x1000b050)
  • LeaveCriticalSection (Address: 0x1000b0f4)
  • LoadLibraryExW (Address: 0x1000b0f8)
  • LoadLibraryW (Address: 0x1000b09c)
  • LoadResource (Address: 0x1000b144)
  • LockResource (Address: 0x1000b12c)
  • MultiByteToWideChar (Address: 0x1000b124)
  • OpenProcess (Address: 0x1000b0a0)
  • OutputDebugStringW (Address: 0x1000b074)
  • QueryFullProcessImageNameW (Address: 0x1000b090)
  • QueryPerformanceCounter (Address: 0x1000b04c)
  • RaiseException (Address: 0x1000b0c0)
  • ReadFile (Address: 0x1000b148)
  • ReleaseSemaphore (Address: 0x1000b070)
  • SetEvent (Address: 0x1000b06c)
  • SetFilePointerEx (Address: 0x1000b0fc)
  • SetThreadLocale (Address: 0x1000b080)
  • SizeofResource (Address: 0x1000b140)
  • Sleep (Address: 0x1000b0cc)
  • WaitForSingleObject (Address: 0x1000b0d4)
  • WaitNamedPipeW (Address: 0x1000b05c)
  • WriteFile (Address: 0x1000b0d0)
MSVCP140.dll
  • ?_Xlength_error@std@@YAXPBD@Z (Address: 0x1000b150)
ole32.dll
  • CoCreateInstance (Address: 0x1000b254)
  • CoInitializeEx (Address: 0x1000b248)
  • CoTaskMemFree (Address: 0x1000b24c)
  • CoUninitialize (Address: 0x1000b250)
OLEAUT32.dll
  • SysAllocString (Address: 0x1000b160)
  • SysAllocStringByteLen (Address: 0x1000b168)
  • SysAllocStringLen (Address: 0x1000b164)
  • SysFreeString (Address: 0x1000b15c)
  • SysStringByteLen (Address: 0x1000b170)
  • SysStringLen (Address: 0x1000b16c)
  • VariantClear (Address: 0x1000b158)
SHELL32.dll
  • SHGetKnownFolderPath (Address: 0x1000b178)
VCRUNTIME140.dll
  • __C_specific_handler (Address: 0x1000b1b4)
  • __current_exception (Address: 0x1000b19c)
  • __current_exception_context (Address: 0x1000b198)
  • __CxxFrameHandler3 (Address: 0x1000b1bc)
  • __std_exception_copy (Address: 0x1000b1a8)
  • __std_exception_destroy (Address: 0x1000b1b0)
  • __std_terminate (Address: 0x1000b1b8)
  • __std_type_info_compare (Address: 0x1000b1a4)
  • __std_type_info_destroy_list (Address: 0x1000b18c)
  • _CxxThrowException (Address: 0x1000b194)
  • _purecall (Address: 0x1000b1a0)
  • memcmp (Address: 0x1000b184)
  • memcpy (Address: 0x1000b188)
  • memmove (Address: 0x1000b180)
  • memset (Address: 0x1000b190)
  • wcsstr (Address: 0x1000b1ac)
VERSION.dll
  • GetFileVersionInfoExW (Address: 0x1000b1c8)
  • GetFileVersionInfoSizeExW (Address: 0x1000b1cc)
  • VerQueryValueW (Address: 0x1000b1c4)
vsdebugeng.dll
  • Proc387497D446792B6386776489669D2D7B (Address: 0x1000b25c)
  • Proc6D698C640DFDABA88B6B6A8B78565B1C (Address: 0x1000b26c)
  • ProcDkmInitializeThread (Address: 0x1000b274)
  • ProcDkmString0 (Address: 0x1000b260)
  • ProcDkmUninitializeThread (Address: 0x1000b270)
  • ProcDkmVariant0 (Address: 0x1000b264)
  • ProcDkmVariant1 (Address: 0x1000b268)