DingtalkCustomAction.dll

Description:

Authors:

Version:

Architecture: 64-bit

Operating System:

SHA256: c32f0139befe2b9d6eb01b6be72b2cbb

File Size: 165.1 KB

Uploaded At: Dec. 2, 2025, 2:41 p.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • CheckAndNotifyDingtalkExit (Ordinal: 1, Address: 0x17d0)

Imported DLLs & Functions

KERNEL32.dll
  • CloseHandle (Address: 0x180018068)
  • CreateEventW (Address: 0x180018158)
  • CreateFileW (Address: 0x1800180e0)
  • CreateToolhelp32Snapshot (Address: 0x1800180c0)
  • DeleteCriticalSection (Address: 0x180018050)
  • EncodePointer (Address: 0x1800181f0)
  • EnterCriticalSection (Address: 0x180018128)
  • ExitProcess (Address: 0x180018228)
  • FindClose (Address: 0x180018250)
  • FindFirstFileExW (Address: 0x180018258)
  • FindNextFileW (Address: 0x180018260)
  • FindResourceExW (Address: 0x180018090)
  • FindResourceW (Address: 0x1800180b0)
  • FlushFileBuffers (Address: 0x180018100)
  • FreeEnvironmentStringsW (Address: 0x1800182a8)
  • FreeLibrary (Address: 0x180018218)
  • GetACP (Address: 0x180018270)
  • GetCommandLineA (Address: 0x180018288)
  • GetCommandLineW (Address: 0x180018290)
  • GetConsoleMode (Address: 0x1800180e8)
  • GetConsoleOutputCP (Address: 0x1800180f0)
  • GetCPInfo (Address: 0x180018280)
  • GetCurrentProcess (Address: 0x1800181a8)
  • GetCurrentProcessId (Address: 0x1800181b8)
  • GetCurrentThreadId (Address: 0x180018058)
  • GetEnvironmentStringsW (Address: 0x1800182a0)
  • GetFileType (Address: 0x180018248)
  • GetLastError (Address: 0x180018010)
  • GetModuleFileNameW (Address: 0x180018238)
  • GetModuleHandleExW (Address: 0x180018230)
  • GetModuleHandleW (Address: 0x180018160)
  • GetOEMCP (Address: 0x180018278)
  • GetProcAddress (Address: 0x180018168)
  • GetProcessHeap (Address: 0x180018040)
  • GetStartupInfoW (Address: 0x180018198)
  • GetStdHandle (Address: 0x180018240)
  • GetStringTypeW (Address: 0x180018110)
  • GetSystemDefaultLangID (Address: 0x180018060)
  • GetSystemTimeAsFileTime (Address: 0x1800181c0)
  • HeapAlloc (Address: 0x180018020)
  • HeapDestroy (Address: 0x180018018)
  • HeapFree (Address: 0x180018030)
  • HeapReAlloc (Address: 0x180018028)
  • HeapSize (Address: 0x180018038)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180018138)
  • InitializeCriticalSectionEx (Address: 0x180018048)
  • InitializeSListHead (Address: 0x1800181c8)
  • InterlockedFlushSList (Address: 0x1800181e0)
  • IsDebuggerPresent (Address: 0x180018120)
  • IsProcessorFeaturePresent (Address: 0x1800181a0)
  • IsValidCodePage (Address: 0x180018268)
  • LCMapStringW (Address: 0x1800182b0)
  • LeaveCriticalSection (Address: 0x180018130)
  • LoadLibraryExW (Address: 0x180018220)
  • LoadResource (Address: 0x180018098)
  • LockResource (Address: 0x1800180a0)
  • MultiByteToWideChar (Address: 0x1800180b8)
  • OpenProcess (Address: 0x180018088)
  • OutputDebugStringW (Address: 0x180018000)
  • Process32FirstW (Address: 0x1800180c8)
  • Process32NextW (Address: 0x1800180d0)
  • QueryPerformanceCounter (Address: 0x1800181b0)
  • RaiseException (Address: 0x180018008)
  • ResetEvent (Address: 0x180018148)
  • RtlCaptureContext (Address: 0x180018170)
  • RtlLookupFunctionEntry (Address: 0x180018178)
  • RtlPcToFileHeader (Address: 0x1800181d0)
  • RtlUnwindEx (Address: 0x1800181d8)
  • RtlVirtualUnwind (Address: 0x180018180)
  • SetEvent (Address: 0x180018140)
  • SetFilePointerEx (Address: 0x180018118)
  • SetLastError (Address: 0x1800181e8)
  • SetStdHandle (Address: 0x180018108)
  • SetUnhandledExceptionFilter (Address: 0x180018190)
  • SizeofResource (Address: 0x1800180a8)
  • Sleep (Address: 0x180018078)
  • TerminateProcess (Address: 0x180018080)
  • TlsAlloc (Address: 0x1800181f8)
  • TlsFree (Address: 0x180018210)
  • TlsGetValue (Address: 0x180018200)
  • TlsSetValue (Address: 0x180018208)
  • UnhandledExceptionFilter (Address: 0x180018188)
  • WaitForSingleObject (Address: 0x180018070)
  • WaitForSingleObjectEx (Address: 0x180018150)
  • WideCharToMultiByte (Address: 0x180018298)
  • WriteConsoleW (Address: 0x1800180d8)
  • WriteFile (Address: 0x1800180f8)
msi.dll
  • (Address: 0x180018328)
  • (Address: 0x180018320)
USER32.dll
  • EnumWindows (Address: 0x1800182c8)
  • GetDlgItem (Address: 0x180018310)
  • GetPropW (Address: 0x1800182d0)
  • KillTimer (Address: 0x180018300)
  • MessageBoxW (Address: 0x1800182f0)
  • SendMessageTimeoutW (Address: 0x1800182d8)
  • SendMessageW (Address: 0x1800182c0)
  • SetTimer (Address: 0x180018308)
  • SetWindowsHookExW (Address: 0x1800182e8)
  • SetWindowTextW (Address: 0x1800182f8)
  • UnhookWindowsHookEx (Address: 0x1800182e0)