VsGraphicsCaptureEngine.dll

Description: Visual Studio Graphics Capture Engine

Authors: © Microsoft Corporation. All rights reserved.

Version: 17.0.36015.10

Architecture: 64-bit

Operating System: Windows

SHA256: d32bb62446a5f758a31da4afe56c9bde

File Size: 113.5 KB

Uploaded At: Dec. 2, 2025, 2:41 p.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • CheckGraphicsTools (Ordinal: 1, Address: 0x6c50)
  • DllGetClassObject (Ordinal: 2, Address: 0x4210)
  • PixCapture_BeginCommunication (Ordinal: 3, Address: 0x95a0)
  • PixCapture_EndCommunication (Ordinal: 4, Address: 0x9b70)
  • PixCapture_ExitProcess (Ordinal: 5, Address: 0x9c10)
  • PixCapture_IsLegacyMachine (Ordinal: 6, Address: 0x9870)
  • PixCapture_RunAction (Ordinal: 7, Address: 0x9aa0)
  • PixCapture_RunExperiment (Ordinal: 8, Address: 0x9910)
  • PixCapture_SetResources (Ordinal: 9, Address: 0x98a0)
  • UpdateGraphicsTools (Ordinal: 10, Address: 0x6eb0)

Imported DLLs & Functions

ADVAPI32.dll
  • AddAccessAllowedAceEx (Address: 0x18000e020)
  • AddAce (Address: 0x18000e028)
  • CreateWellKnownSid (Address: 0x18000e000)
  • GetAce (Address: 0x18000e030)
  • GetAclInformation (Address: 0x18000e048)
  • GetFileSecurityW (Address: 0x18000e010)
  • GetLengthSid (Address: 0x18000e040)
  • InitializeAcl (Address: 0x18000e038)
  • MakeAbsoluteSD (Address: 0x18000e050)
  • RegCloseKey (Address: 0x18000e060)
  • RegOpenKeyExW (Address: 0x18000e068)
  • RegQueryValueExW (Address: 0x18000e058)
  • SetFileSecurityW (Address: 0x18000e008)
  • SetSecurityDescriptorDacl (Address: 0x18000e018)
api-ms-win-crt-heap-l1-1-0.dll
  • _callnewh (Address: 0x18000e3d8)
  • free (Address: 0x18000e3d0)
  • malloc (Address: 0x18000e3c8)
api-ms-win-crt-runtime-l1-1-0.dll
  • _cexit (Address: 0x18000e440)
  • _configure_narrow_argv (Address: 0x18000e408)
  • _crt_atexit (Address: 0x18000e450)
  • _errno (Address: 0x18000e3f8)
  • _execute_onexit_table (Address: 0x18000e448)
  • _initialize_narrow_environment (Address: 0x18000e410)
  • _initialize_onexit_table (Address: 0x18000e418)
  • _initterm (Address: 0x18000e430)
  • _initterm_e (Address: 0x18000e428)
  • _invalid_parameter_noinfo (Address: 0x18000e3f0)
  • _invalid_parameter_noinfo_noreturn (Address: 0x18000e400)
  • _register_onexit_function (Address: 0x18000e420)
  • _seh_filter_dll (Address: 0x18000e3e8)
  • terminate (Address: 0x18000e438)
api-ms-win-crt-stdio-l1-1-0.dll
  • __stdio_common_vswprintf (Address: 0x18000e460)
  • __stdio_common_vswprintf_s (Address: 0x18000e468)
api-ms-win-crt-string-l1-1-0.dll
  • _wcsicmp (Address: 0x18000e480)
  • wcscat_s (Address: 0x18000e478)
  • wcscpy_s (Address: 0x18000e488)
  • wcsnlen (Address: 0x18000e498)
  • wcstok_s (Address: 0x18000e4a0)
  • wmemcpy_s (Address: 0x18000e490)
KERNEL32.dll
  • CloseHandle (Address: 0x18000e270)
  • ConnectNamedPipe (Address: 0x18000e0c0)
  • CopyFileW (Address: 0x18000e148)
  • CreateEventW (Address: 0x18000e108)
  • CreateFileW (Address: 0x18000e268)
  • CreateNamedPipeW (Address: 0x18000e0c8)
  • CreateProcessW (Address: 0x18000e120)
  • CreateSemaphoreW (Address: 0x18000e128)
  • CreateThread (Address: 0x18000e1c0)
  • DecodePointer (Address: 0x18000e1a0)
  • DeleteCriticalSection (Address: 0x18000e1f8)
  • DeleteFileW (Address: 0x18000e260)
  • EnterCriticalSection (Address: 0x18000e208)
  • FindResourceExW (Address: 0x18000e2a0)
  • FindResourceW (Address: 0x18000e138)
  • FlushFileBuffers (Address: 0x18000e0d8)
  • FreeLibrary (Address: 0x18000e228)
  • GetAppContainerNamedObjectPath (Address: 0x18000e0e0)
  • GetCurrentProcess (Address: 0x18000e0a8)
  • GetCurrentProcessId (Address: 0x18000e290)
  • GetCurrentThreadId (Address: 0x18000e250)
  • GetEnvironmentVariableW (Address: 0x18000e168)
  • GetFileAttributesExW (Address: 0x18000e150)
  • GetFileAttributesW (Address: 0x18000e238)
  • GetFileSizeEx (Address: 0x18000e1c8)
  • GetLastError (Address: 0x18000e2a8)
  • GetLocalTime (Address: 0x18000e110)
  • GetModuleFileNameW (Address: 0x18000e220)
  • GetModuleHandleA (Address: 0x18000e230)
  • GetModuleHandleW (Address: 0x18000e190)
  • GetOverlappedResult (Address: 0x18000e0e8)
  • GetProcAddress (Address: 0x18000e200)
  • GetProcessHeap (Address: 0x18000e1e0)
  • GetSystemDirectoryW (Address: 0x18000e298)
  • GetSystemTimeAsFileTime (Address: 0x18000e080)
  • GetTempFileNameW (Address: 0x18000e2b0)
  • GetTempPathW (Address: 0x18000e288)
  • HeapAlloc (Address: 0x18000e1e8)
  • HeapDestroy (Address: 0x18000e188)
  • HeapFree (Address: 0x18000e1d8)
  • HeapReAlloc (Address: 0x18000e160)
  • HeapSize (Address: 0x18000e170)
  • InitializeCriticalSection (Address: 0x18000e1f0)
  • InitializeCriticalSectionAndSpinCount (Address: 0x18000e130)
  • InitializeCriticalSectionEx (Address: 0x18000e180)
  • InitializeSListHead (Address: 0x18000e078)
  • IsDebuggerPresent (Address: 0x18000e090)
  • IsProcessorFeaturePresent (Address: 0x18000e098)
  • LeaveCriticalSection (Address: 0x18000e210)
  • LoadLibraryExW (Address: 0x18000e218)
  • LoadLibraryW (Address: 0x18000e158)
  • LoadResource (Address: 0x18000e248)
  • LockResource (Address: 0x18000e240)
  • MultiByteToWideChar (Address: 0x18000e278)
  • OpenProcess (Address: 0x18000e178)
  • OutputDebugStringW (Address: 0x18000e100)
  • QueryFullProcessImageNameW (Address: 0x18000e140)
  • QueryPerformanceCounter (Address: 0x18000e088)
  • RaiseException (Address: 0x18000e198)
  • ReadFile (Address: 0x18000e258)
  • ReleaseSemaphore (Address: 0x18000e0f8)
  • SetEvent (Address: 0x18000e0f0)
  • SetFilePointerEx (Address: 0x18000e1d0)
  • SetThreadLocale (Address: 0x18000e118)
  • SetUnhandledExceptionFilter (Address: 0x18000e0b0)
  • SizeofResource (Address: 0x18000e280)
  • Sleep (Address: 0x18000e1a8)
  • TerminateProcess (Address: 0x18000e0a0)
  • UnhandledExceptionFilter (Address: 0x18000e0b8)
  • WaitForSingleObject (Address: 0x18000e1b8)
  • WaitNamedPipeW (Address: 0x18000e0d0)
  • WriteFile (Address: 0x18000e1b0)
MSVCP140.dll
  • ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x18000e2c0)
ntdll.dll
  • RtlCaptureContext (Address: 0x18000e4b0)
  • RtlLookupFunctionEntry (Address: 0x18000e4b8)
  • RtlVirtualUnwind (Address: 0x18000e4c0)
ole32.dll
  • CoCreateInstance (Address: 0x18000e4e0)
  • CoInitializeEx (Address: 0x18000e4d0)
  • CoTaskMemFree (Address: 0x18000e4d8)
  • CoUninitialize (Address: 0x18000e4e8)
OLEAUT32.dll
  • SysAllocString (Address: 0x18000e2e0)
  • SysAllocStringByteLen (Address: 0x18000e2f0)
  • SysAllocStringLen (Address: 0x18000e2e8)
  • SysFreeString (Address: 0x18000e2d8)
  • SysStringByteLen (Address: 0x18000e300)
  • SysStringLen (Address: 0x18000e2f8)
  • VariantClear (Address: 0x18000e2d0)
SHELL32.dll
  • SHGetKnownFolderPath (Address: 0x18000e310)
VCRUNTIME140_1.dll
  • __CxxFrameHandler4 (Address: 0x18000e398)
VCRUNTIME140.dll
  • __C_specific_handler (Address: 0x18000e368)
  • __current_exception (Address: 0x18000e348)
  • __current_exception_context (Address: 0x18000e340)
  • __std_exception_copy (Address: 0x18000e370)
  • __std_exception_destroy (Address: 0x18000e378)
  • __std_terminate (Address: 0x18000e380)
  • __std_type_info_compare (Address: 0x18000e358)
  • __std_type_info_destroy_list (Address: 0x18000e328)
  • _CxxThrowException (Address: 0x18000e338)
  • _purecall (Address: 0x18000e350)
  • memcpy (Address: 0x18000e388)
  • memmove (Address: 0x18000e320)
  • memset (Address: 0x18000e330)
  • wcsstr (Address: 0x18000e360)
VERSION.dll
  • GetFileVersionInfoExW (Address: 0x18000e3b0)
  • GetFileVersionInfoSizeExW (Address: 0x18000e3a8)
  • VerQueryValueW (Address: 0x18000e3b8)
vsdebugeng.dll
  • Proc387497D446792B6386776489669D2D7B (Address: 0x18000e518)
  • Proc6D698C640DFDABA88B6B6A8B78565B1C (Address: 0x18000e508)
  • ProcDkmInitializeThread (Address: 0x18000e528)
  • ProcDkmString0 (Address: 0x18000e4f8)
  • ProcDkmUninitializeThread (Address: 0x18000e520)
  • ProcDkmVariant0 (Address: 0x18000e500)
  • ProcDkmVariant1 (Address: 0x18000e510)