VsGraphicsCaptureEngine.dll

Description: Visual Studio Graphics Capture Engine

Authors: © Microsoft Corporation. All rights reserved.

Version: 17.0.36015.10

Architecture: 32-bit

Operating System: Windows

SHA256: ea0f62afd7eaf4cf4877ff29a7a124e2

File Size: 96.0 KB

Uploaded At: Dec. 2, 2025, 2:41 p.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • CheckGraphicsTools (Ordinal: 1, Address: 0xcc50)
  • DllGetClassObject (Ordinal: 2, Address: 0xaa70)
  • PixCapture_BeginCommunication (Ordinal: 3, Address: 0xe8f0)
  • PixCapture_EndCommunication (Ordinal: 4, Address: 0xecb0)
  • PixCapture_ExitProcess (Ordinal: 5, Address: 0xed30)
  • PixCapture_IsLegacyMachine (Ordinal: 6, Address: 0xea20)
  • PixCapture_RunAction (Ordinal: 7, Address: 0xebf0)
  • PixCapture_RunExperiment (Ordinal: 8, Address: 0xeaa0)
  • PixCapture_SetResources (Ordinal: 9, Address: 0xea50)
  • UpdateGraphicsTools (Ordinal: 10, Address: 0xcd80)

Imported DLLs & Functions

ADVAPI32.dll
  • AddAccessAllowedAceEx (Address: 0x1001501c)
  • AddAce (Address: 0x10015020)
  • CreateWellKnownSid (Address: 0x1001500c)
  • GetAce (Address: 0x10015024)
  • GetAclInformation (Address: 0x10015030)
  • GetFileSecurityW (Address: 0x10015014)
  • GetLengthSid (Address: 0x1001502c)
  • InitializeAcl (Address: 0x10015028)
  • MakeAbsoluteSD (Address: 0x10015034)
  • RegCloseKey (Address: 0x10015004)
  • RegOpenKeyExW (Address: 0x10015008)
  • RegQueryValueExW (Address: 0x10015000)
  • SetFileSecurityW (Address: 0x10015010)
  • SetSecurityDescriptorDacl (Address: 0x10015018)
api-ms-win-crt-heap-l1-1-0.dll
  • _callnewh (Address: 0x100151e4)
  • free (Address: 0x100151e8)
  • malloc (Address: 0x100151e0)
api-ms-win-crt-runtime-l1-1-0.dll
  • _cexit (Address: 0x10015218)
  • _configure_narrow_argv (Address: 0x10015200)
  • _crt_atexit (Address: 0x1001521c)
  • _errno (Address: 0x100151f0)
  • _execute_onexit_table (Address: 0x10015220)
  • _initialize_narrow_environment (Address: 0x10015204)
  • _initialize_onexit_table (Address: 0x10015214)
  • _initterm (Address: 0x1001520c)
  • _initterm_e (Address: 0x10015208)
  • _invalid_parameter_noinfo (Address: 0x100151f4)
  • _invalid_parameter_noinfo_noreturn (Address: 0x100151f8)
  • _register_onexit_function (Address: 0x10015224)
  • _seh_filter_dll (Address: 0x100151fc)
  • terminate (Address: 0x10015210)
api-ms-win-crt-stdio-l1-1-0.dll
  • __stdio_common_vswprintf (Address: 0x10015230)
  • __stdio_common_vswprintf_s (Address: 0x1001522c)
api-ms-win-crt-string-l1-1-0.dll
  • _wcsicmp (Address: 0x1001524c)
  • wcscat_s (Address: 0x10015248)
  • wcscpy_s (Address: 0x1001523c)
  • wcsnlen (Address: 0x10015244)
  • wcstok_s (Address: 0x10015238)
  • wmemcpy_s (Address: 0x10015240)
KERNEL32.dll
  • CloseHandle (Address: 0x1001512c)
  • ConnectNamedPipe (Address: 0x10015060)
  • CopyFileW (Address: 0x100150a4)
  • CreateEventW (Address: 0x10015084)
  • CreateFileW (Address: 0x10015128)
  • CreateNamedPipeW (Address: 0x10015064)
  • CreateProcessW (Address: 0x10015090)
  • CreateSemaphoreW (Address: 0x10015094)
  • CreateThread (Address: 0x10015120)
  • DecodePointer (Address: 0x100150cc)
  • DeleteCriticalSection (Address: 0x100150f8)
  • DeleteFileW (Address: 0x10015134)
  • EnterCriticalSection (Address: 0x10015100)
  • FindResourceExW (Address: 0x10015140)
  • FindResourceW (Address: 0x100150bc)
  • FlushFileBuffers (Address: 0x1001506c)
  • FreeLibrary (Address: 0x10015118)
  • GetAppContainerNamedObjectPath (Address: 0x10015070)
  • GetCurrentProcess (Address: 0x10015054)
  • GetCurrentProcessId (Address: 0x10015138)
  • GetCurrentThreadId (Address: 0x10015110)
  • GetEnvironmentVariableW (Address: 0x100150b0)
  • GetFileAttributesExW (Address: 0x100150a8)
  • GetFileAttributesW (Address: 0x10015154)
  • GetFileSizeEx (Address: 0x10015124)
  • GetLastError (Address: 0x10015144)
  • GetLocalTime (Address: 0x10015088)
  • GetModuleFileNameW (Address: 0x10015114)
  • GetModuleHandleA (Address: 0x1001509c)
  • GetModuleHandleW (Address: 0x100150d8)
  • GetOverlappedResult (Address: 0x10015074)
  • GetProcAddress (Address: 0x100150fc)
  • GetProcessHeap (Address: 0x100150ec)
  • GetSystemDirectoryW (Address: 0x1001513c)
  • GetSystemTimeAsFileTime (Address: 0x10015040)
  • GetTempFileNameW (Address: 0x1001511c)
  • GetTempPathW (Address: 0x100150b4)
  • HeapAlloc (Address: 0x100150f0)
  • HeapDestroy (Address: 0x100150d4)
  • HeapFree (Address: 0x100150e8)
  • HeapReAlloc (Address: 0x100150c0)
  • HeapSize (Address: 0x100150d0)
  • InitializeCriticalSection (Address: 0x100150f4)
  • InitializeCriticalSectionAndSpinCount (Address: 0x10015098)
  • InitializeCriticalSectionEx (Address: 0x100150c4)
  • InitializeSListHead (Address: 0x1001503c)
  • IsDebuggerPresent (Address: 0x10015048)
  • IsProcessorFeaturePresent (Address: 0x1001504c)
  • LeaveCriticalSection (Address: 0x10015104)
  • LoadLibraryExW (Address: 0x10015108)
  • LoadLibraryW (Address: 0x100150ac)
  • LoadResource (Address: 0x1001514c)
  • LockResource (Address: 0x10015150)
  • MultiByteToWideChar (Address: 0x10015130)
  • OpenProcess (Address: 0x100150b8)
  • OutputDebugStringW (Address: 0x10015080)
  • QueryFullProcessImageNameW (Address: 0x100150a0)
  • QueryPerformanceCounter (Address: 0x10015044)
  • RaiseException (Address: 0x100150c8)
  • ReadFile (Address: 0x10015158)
  • ReleaseSemaphore (Address: 0x1001507c)
  • SetEvent (Address: 0x10015078)
  • SetFilePointerEx (Address: 0x1001510c)
  • SetThreadLocale (Address: 0x1001508c)
  • SetUnhandledExceptionFilter (Address: 0x10015058)
  • SizeofResource (Address: 0x10015148)
  • Sleep (Address: 0x100150dc)
  • TerminateProcess (Address: 0x10015050)
  • UnhandledExceptionFilter (Address: 0x1001505c)
  • WaitForSingleObject (Address: 0x100150e4)
  • WaitNamedPipeW (Address: 0x10015068)
  • WriteFile (Address: 0x100150e0)
MSVCP140.dll
  • ?_Xlength_error@std@@YAXPBD@Z (Address: 0x10015160)
ole32.dll
  • CoCreateInstance (Address: 0x10015254)
  • CoInitializeEx (Address: 0x10015258)
  • CoTaskMemFree (Address: 0x1001525c)
  • CoUninitialize (Address: 0x10015260)
OLEAUT32.dll
  • SysAllocString (Address: 0x10015170)
  • SysAllocStringByteLen (Address: 0x10015178)
  • SysAllocStringLen (Address: 0x10015174)
  • SysFreeString (Address: 0x1001516c)
  • SysStringByteLen (Address: 0x10015180)
  • SysStringLen (Address: 0x1001517c)
  • VariantClear (Address: 0x10015168)
SHELL32.dll
  • SHGetKnownFolderPath (Address: 0x10015188)
VCRUNTIME140.dll
  • __current_exception (Address: 0x100151a4)
  • __current_exception_context (Address: 0x100151a0)
  • __CxxFrameHandler3 (Address: 0x100151c4)
  • __std_exception_copy (Address: 0x100151b8)
  • __std_exception_destroy (Address: 0x100151bc)
  • __std_terminate (Address: 0x100151c0)
  • __std_type_info_compare (Address: 0x100151b0)
  • __std_type_info_destroy_list (Address: 0x10015194)
  • _CxxThrowException (Address: 0x1001519c)
  • _except_handler4_common (Address: 0x100151a8)
  • _purecall (Address: 0x100151ac)
  • memcpy (Address: 0x100151c8)
  • memmove (Address: 0x10015190)
  • memset (Address: 0x10015198)
  • wcsstr (Address: 0x100151b4)
VERSION.dll
  • GetFileVersionInfoExW (Address: 0x100151d4)
  • GetFileVersionInfoSizeExW (Address: 0x100151d8)
  • VerQueryValueW (Address: 0x100151d0)
vsdebugeng.dll
  • Proc387497D446792B6386776489669D2D7B (Address: 0x10015268)
  • Proc6D698C640DFDABA88B6B6A8B78565B1C (Address: 0x10015270)
  • ProcDkmInitializeThread (Address: 0x1001526c)
  • ProcDkmString0 (Address: 0x10015278)
  • ProcDkmUninitializeThread (Address: 0x1001527c)
  • ProcDkmVariant0 (Address: 0x10015274)
  • ProcDkmVariant1 (Address: 0x10015280)