FileTracker32.dll

Description: FileTracker

Authors: © Microsoft Corporation. All rights reserved.

Version: 17.0.36015.10

Architecture: 32-bit

Operating System: Windows

SHA256: c1923e7e363a7c6cd3ca94e3d3df9055

File Size: 244.1 KB

Uploaded At: Dec. 2, 2025, 2:44 p.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: WriteProcessMemory, OpenProcess, VirtualAllocEx

Exported Functions

  • (Ordinal: 1, Address: 0x14220)
  • StartTrackingContext (Ordinal: 2, Address: 0xf7e0)
  • StartTrackingContextWithRoot (Ordinal: 3, Address: 0xf880)
  • EndTrackingContext (Ordinal: 4, Address: 0xf910)
  • StopTrackingAndCleanup (Ordinal: 5, Address: 0xf950)
  • SuspendTracking (Ordinal: 6, Address: 0xf990)
  • ResumeTracking (Ordinal: 7, Address: 0xf9c0)
  • WriteAllTLogs (Ordinal: 8, Address: 0xfa00)
  • WriteContextTLogs (Ordinal: 9, Address: 0xfa90)
  • SetThreadCount (Ordinal: 10, Address: 0xfb90)

Imported DLLs & Functions

KERNEL32.dll
  • CloseHandle (Address: 0x10038130)
  • CompareFileTime (Address: 0x10038150)
  • CopyFileA (Address: 0x10038030)
  • CopyFileExA (Address: 0x10038038)
  • CopyFileExW (Address: 0x1003803c)
  • CopyFileW (Address: 0x10038034)
  • CreateDirectoryA (Address: 0x10038088)
  • CreateDirectoryW (Address: 0x10038084)
  • CreateEventW (Address: 0x1003812c)
  • CreateFile2 (Address: 0x1003802c)
  • CreateFileA (Address: 0x10038024)
  • CreateFileW (Address: 0x10038028)
  • CreateHardLinkA (Address: 0x10038058)
  • CreateHardLinkW (Address: 0x1003805c)
  • CreateProcessA (Address: 0x10038060)
  • CreateProcessW (Address: 0x10038064)
  • CreateThread (Address: 0x10038068)
  • DecodePointer (Address: 0x10038158)
  • DeleteCriticalSection (Address: 0x1003811c)
  • DeleteFileA (Address: 0x10038090)
  • DeleteFileW (Address: 0x1003808c)
  • DeleteProcThreadAttributeList (Address: 0x10038204)
  • DisableThreadLibraryCalls (Address: 0x1003809c)
  • EncodePointer (Address: 0x1003818c)
  • EnterCriticalSection (Address: 0x1003801c)
  • ExitProcess (Address: 0x10038098)
  • FindClose (Address: 0x100381bc)
  • FindFirstFileExW (Address: 0x100381c0)
  • FindFirstFileW (Address: 0x10038240)
  • FindNextFileW (Address: 0x100381c4)
  • FindResourceExW (Address: 0x100380dc)
  • FindResourceW (Address: 0x100380d8)
  • FlushFileBuffers (Address: 0x100381a4)
  • FlushInstructionCache (Address: 0x10038230)
  • FormatMessageW (Address: 0x1003824c)
  • FreeEnvironmentStringsA (Address: 0x10038118)
  • FreeEnvironmentStringsW (Address: 0x1003810c)
  • FreeLibrary (Address: 0x10038198)
  • GetACP (Address: 0x100381cc)
  • GetCommandLineA (Address: 0x100381d8)
  • GetCommandLineW (Address: 0x100380fc)
  • GetConsoleCP (Address: 0x100381a8)
  • GetConsoleMode (Address: 0x100381ac)
  • GetConsoleOutputCP (Address: 0x10038254)
  • GetCPInfo (Address: 0x100381d4)
  • GetCurrentProcess (Address: 0x10038168)
  • GetCurrentProcessId (Address: 0x100380a4)
  • GetCurrentThread (Address: 0x100380c8)
  • GetCurrentThreadId (Address: 0x100380e8)
  • GetEnvironmentStrings (Address: 0x10038114)
  • GetEnvironmentStringsW (Address: 0x10038108)
  • GetEnvironmentVariableA (Address: 0x10038110)
  • GetEnvironmentVariableW (Address: 0x10038018)
  • GetExitCodeProcess (Address: 0x10038218)
  • GetFileAttributesA (Address: 0x10038070)
  • GetFileAttributesExA (Address: 0x10038078)
  • GetFileAttributesExW (Address: 0x10038074)
  • GetFileAttributesW (Address: 0x1003806c)
  • GetFileType (Address: 0x100380b0)
  • GetFinalPathNameByHandleW (Address: 0x100380b8)
  • GetFullPathNameW (Address: 0x10038244)
  • GetLastError (Address: 0x100380ac)
  • GetLocaleInfoW (Address: 0x100381b4)
  • GetModuleFileNameA (Address: 0x10038104)
  • GetModuleFileNameW (Address: 0x100380c4)
  • GetModuleHandleExW (Address: 0x100381a0)
  • GetModuleHandleW (Address: 0x1003817c)
  • GetOEMCP (Address: 0x100381d0)
  • GetProcAddress (Address: 0x10038128)
  • GetProcessHeap (Address: 0x10038014)
  • GetProcessId (Address: 0x100380bc)
  • GetStartupInfoW (Address: 0x10038178)
  • GetStdHandle (Address: 0x100381b8)
  • GetStringTypeW (Address: 0x100381dc)
  • GetSystemTimeAsFileTime (Address: 0x10038140)
  • GetThreadContext (Address: 0x1003822c)
  • GetUserDefaultUILanguage (Address: 0x10038250)
  • HeapAlloc (Address: 0x10038010)
  • HeapDestroy (Address: 0x10038000)
  • HeapFree (Address: 0x1003800c)
  • HeapReAlloc (Address: 0x10038008)
  • HeapSize (Address: 0x10038004)
  • InitializeCriticalSection (Address: 0x100380f8)
  • InitializeCriticalSectionAndSpinCount (Address: 0x10038190)
  • InitializeCriticalSectionEx (Address: 0x10038154)
  • InitializeProcThreadAttributeList (Address: 0x100381f8)
  • InitializeSListHead (Address: 0x10038170)
  • InterlockedFlushSList (Address: 0x10038184)
  • IsDebuggerPresent (Address: 0x10038174)
  • IsProcessorFeaturePresent (Address: 0x1003816c)
  • IsValidCodePage (Address: 0x100381c8)
  • IsWow64Process (Address: 0x1003823c)
  • LCMapStringW (Address: 0x100381b0)
  • LeaveCriticalSection (Address: 0x10038020)
  • LoadLibraryExW (Address: 0x1003819c)
  • LoadLibraryW (Address: 0x100380c0)
  • LoadResource (Address: 0x100380d4)
  • LocalFree (Address: 0x10038248)
  • LockResource (Address: 0x100380d0)
  • MoveFileA (Address: 0x10038048)
  • MoveFileExA (Address: 0x10038040)
  • MoveFileExW (Address: 0x10038044)
  • MoveFileW (Address: 0x1003804c)
  • MultiByteToWideChar (Address: 0x10038120)
  • OpenProcess (Address: 0x100381fc)
  • OutputDebugStringA (Address: 0x100381f4)
  • OutputDebugStringW (Address: 0x100381ec)
  • QueryPerformanceCounter (Address: 0x100380ec)
  • QueryPerformanceFrequency (Address: 0x100380f0)
  • RaiseException (Address: 0x10038188)
  • ReadConsoleW (Address: 0x1003815c)
  • ReadFile (Address: 0x10038148)
  • ReadProcessMemory (Address: 0x10038210)
  • RemoveDirectoryA (Address: 0x10038080)
  • RemoveDirectoryW (Address: 0x1003807c)
  • ReplaceFileW (Address: 0x10038054)
  • ResetEvent (Address: 0x10038138)
  • ResumeThread (Address: 0x100380a8)
  • RtlUnwind (Address: 0x10038180)
  • SetDllDirectoryW (Address: 0x10038100)
  • SetEndOfFile (Address: 0x10038258)
  • SetEnvironmentVariableW (Address: 0x100380a0)
  • SetEvent (Address: 0x1003813c)
  • SetFileInformationByHandle (Address: 0x10038050)
  • SetFilePointer (Address: 0x1003814c)
  • SetFilePointerEx (Address: 0x100381e4)
  • SetLastError (Address: 0x100380b4)
  • SetStdHandle (Address: 0x100381e0)
  • SetThreadContext (Address: 0x10038234)
  • SetUnhandledExceptionFilter (Address: 0x10038164)
  • SizeofResource (Address: 0x100380cc)
  • SuspendThread (Address: 0x10038228)
  • TerminateProcess (Address: 0x10038094)
  • TlsAlloc (Address: 0x100380f4)
  • TlsFree (Address: 0x10038194)
  • TlsGetValue (Address: 0x100380e0)
  • TlsSetValue (Address: 0x100380e4)
  • UnhandledExceptionFilter (Address: 0x10038160)
  • UpdateProcThreadAttribute (Address: 0x10038200)
  • VirtualAlloc (Address: 0x10038224)
  • VirtualAllocEx (Address: 0x1003820c)
  • VirtualFree (Address: 0x10038220)
  • VirtualProtect (Address: 0x1003821c)
  • VirtualProtectEx (Address: 0x10038208)
  • VirtualQuery (Address: 0x10038238)
  • VirtualQueryEx (Address: 0x10038214)
  • WaitForSingleObject (Address: 0x10038134)
  • WideCharToMultiByte (Address: 0x10038124)
  • WriteConsoleW (Address: 0x100381e8)
  • WriteFile (Address: 0x10038144)
  • WriteProcessMemory (Address: 0x100381f0)