MSPhotography.dll

Description: MS Photography DLL

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.3636

Architecture: 64-bit

Operating System: Windows NT

SHA256: 30ddae278eaf26055b994a9d2801d03b

File Size: 1.6 MB

Uploaded At: Dec. 1, 2025, 7:34 a.m.

Views: 4

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllGetActivationFactory (Ordinal: 1, Address: 0x1ce0)
  • DllCanUnloadNow (Ordinal: 2, Address: 0x1ec0)
  • DllGetClassObject (Ordinal: 3, Address: 0x1f10)

Imported DLLs & Functions

api-ms-win-core-com-l1-1-0.dll
  • CoCreateFreeThreadedMarshaler (Address: 0x180173e70)
  • CoCreateInstance (Address: 0x180173e50)
  • CoMarshalInterface (Address: 0x180173e68)
  • CoReleaseMarshalData (Address: 0x180173e58)
  • CoTaskMemAlloc (Address: 0x180173e80)
  • CoTaskMemFree (Address: 0x180173e88)
  • CoWaitForMultipleHandles (Address: 0x180173e78)
  • CreateStreamOnHGlobal (Address: 0x180173e60)
api-ms-win-core-com-l1-1-1.dll
  • RoGetAgileReference (Address: 0x180173e98)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x180173eb0)
  • IsDebuggerPresent (Address: 0x180173ea8)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x180173ec0)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x180173ed0)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x180173ee8)
  • RaiseException (Address: 0x180173ef8)
  • SetLastError (Address: 0x180173f00)
  • SetUnhandledExceptionFilter (Address: 0x180173ef0)
  • UnhandledExceptionFilter (Address: 0x180173ee0)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x180173f10)
api-ms-win-core-heap-l2-1-0.dll
  • LocalFree (Address: 0x180173f20)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x180173f30)
  • FreeLibrary (Address: 0x180173f38)
  • GetModuleFileNameW (Address: 0x180173f40)
  • GetModuleHandleExW (Address: 0x180173f48)
api-ms-win-core-memory-l1-1-0.dll
  • CreateFileMappingW (Address: 0x180173f60)
  • MapViewOfFile (Address: 0x180173f58)
  • UnmapViewOfFile (Address: 0x180173f68)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x180173f88)
  • GetCurrentProcessId (Address: 0x180173fa8)
  • GetCurrentThreadId (Address: 0x180173f98)
  • OpenProcessToken (Address: 0x180173f80)
  • TerminateProcess (Address: 0x180173f78)
  • TlsGetValue (Address: 0x180173fa0)
  • TlsSetValue (Address: 0x180173f90)
api-ms-win-core-processthreads-l1-1-1.dll
  • IsProcessorFeaturePresent (Address: 0x180173fb8)
  • OpenProcess (Address: 0x180173fc0)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x180173fd0)
  • QueryPerformanceFrequency (Address: 0x180173fd8)
api-ms-win-core-registry-l1-1-0.dll
  • RegGetValueW (Address: 0x180173fe8)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x180174000)
  • RtlLookupFunctionEntry (Address: 0x180173ff8)
  • RtlVirtualUnwind (Address: 0x180174008)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x180174030)
  • AcquireSRWLockShared (Address: 0x180174090)
  • CreateEventExW (Address: 0x180174068)
  • CreateEventW (Address: 0x180174058)
  • CreateMutexW (Address: 0x1801740a0)
  • DeleteCriticalSection (Address: 0x180174040)
  • EnterCriticalSection (Address: 0x180174018)
  • InitializeCriticalSection (Address: 0x180174070)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180174038)
  • InitializeCriticalSectionEx (Address: 0x180174098)
  • InitializeSRWLock (Address: 0x1801740a8)
  • LeaveCriticalSection (Address: 0x180174020)
  • ReleaseMutex (Address: 0x180174088)
  • ReleaseSRWLockExclusive (Address: 0x180174050)
  • ReleaseSRWLockShared (Address: 0x180174028)
  • ResetEvent (Address: 0x180174080)
  • SetEvent (Address: 0x180174048)
  • WaitForMultipleObjectsEx (Address: 0x180174078)
  • WaitForSingleObjectEx (Address: 0x180174060)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceExecuteOnce (Address: 0x1801740c0)
  • Sleep (Address: 0x1801740d0)
  • SleepConditionVariableSRW (Address: 0x1801740c8)
  • WakeAllConditionVariable (Address: 0x1801740b8)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x1801740e0)
  • GetTickCount (Address: 0x1801740f0)
  • GetTickCount64 (Address: 0x1801740e8)
api-ms-win-core-sysinfo-l1-2-0.dll
  • GetNativeSystemInfo (Address: 0x180174100)
api-ms-win-core-threadpool-l1-2-0.dll
  • CloseThreadpoolWork (Address: 0x180174110)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x180174120)
  • EncodePointer (Address: 0x180174128)
api-ms-win-core-winrt-error-l1-1-0.dll
  • GetRestrictedErrorInfo (Address: 0x180174150)
  • RoOriginateError (Address: 0x180174138)
  • RoOriginateErrorW (Address: 0x180174148)
  • RoTransformError (Address: 0x180174140)
  • SetRestrictedErrorInfo (Address: 0x180174158)
api-ms-win-core-winrt-error-l1-1-1.dll
  • IsErrorPropagationEnabled (Address: 0x180174170)
  • RoGetMatchingRestrictedErrorInfo (Address: 0x180174178)
  • RoReportFailedDelegate (Address: 0x180174168)
api-ms-win-core-winrt-l1-1-0.dll
  • RoActivateInstance (Address: 0x180174188)
  • RoGetActivationFactory (Address: 0x180174190)
api-ms-win-core-winrt-string-l1-1-0.dll
  • WindowsCreateString (Address: 0x1801741c8)
  • WindowsCreateStringReference (Address: 0x1801741b8)
  • WindowsDeleteString (Address: 0x1801741a0)
  • WindowsDuplicateString (Address: 0x1801741b0)
  • WindowsGetStringRawBuffer (Address: 0x1801741a8)
  • WindowsIsStringEmpty (Address: 0x1801741c0)
  • WindowsStringHasEmbeddedNull (Address: 0x1801741d0)
api-ms-win-eventing-classicprovider-l1-1-0.dll
  • GetTraceEnableFlags (Address: 0x1801741f8)
  • GetTraceEnableLevel (Address: 0x180174200)
  • GetTraceLoggerHandle (Address: 0x1801741e8)
  • RegisterTraceGuidsW (Address: 0x1801741f0)
  • TraceMessage (Address: 0x1801741e0)
  • UnregisterTraceGuids (Address: 0x180174208)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventRegister (Address: 0x180174218)
  • EventSetInformation (Address: 0x180174230)
  • EventUnregister (Address: 0x180174220)
  • EventWriteTransfer (Address: 0x180174228)
api-ms-win-security-base-l1-1-0.dll
  • GetTokenInformation (Address: 0x180174240)
msvcrt.dll
  • __C_specific_handler (Address: 0x180174328)
  • __CxxFrameHandler3 (Address: 0x180174318)
  • __dllonexit (Address: 0x1801742c8)
  • _aligned_free (Address: 0x180174260)
  • _aligned_malloc (Address: 0x180174338)
  • _amsg_exit (Address: 0x180174358)
  • _callnewh (Address: 0x180174268)
  • _CxxThrowException (Address: 0x180174298)
  • _initterm (Address: 0x180174330)
  • _lock (Address: 0x1801742d8)
  • _onexit (Address: 0x180174310)
  • _purecall (Address: 0x180174380)
  • _unlock (Address: 0x1801742d0)
  • _wcslwr_s (Address: 0x180174378)
  • _XcptFilter (Address: 0x180174360)
  • ??_V@YAXPEAX@Z (Address: 0x1801742f8)
  • ??0exception@@QEAA@AEBQEBD@Z (Address: 0x180174270)
  • ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x180174278)
  • ??0exception@@QEAA@AEBV0@@Z (Address: 0x180174280)
  • ??1exception@@UEAA@XZ (Address: 0x180174288)
  • ??1type_info@@UEAA@XZ (Address: 0x1801742c0)
  • ??3@YAXPEAX@Z (Address: 0x180174340)
  • ?terminate@@YAXXZ (Address: 0x1801742b8)
  • ?what@exception@@UEBAPEBDXZ (Address: 0x180174290)
  • acosf (Address: 0x180174390)
  • atan2 (Address: 0x180174398)
  • atan2f (Address: 0x1801743a0)
  • atanf (Address: 0x1801743a8)
  • ceil (Address: 0x1801743b0)
  • ceilf (Address: 0x1801743b8)
  • cosf (Address: 0x1801743c0)
  • exp (Address: 0x1801743c8)
  • expf (Address: 0x1801743d0)
  • floor (Address: 0x1801743d8)
  • floorf (Address: 0x1801743e0)
  • free (Address: 0x180174350)
  • log (Address: 0x1801743e8)
  • logf (Address: 0x1801743f0)
  • malloc (Address: 0x180174348)
  • memcmp (Address: 0x1801743f8)
  • memcpy (Address: 0x1801742a0)
  • memmove (Address: 0x1801742a8)
  • memmove_s (Address: 0x180174308)
  • memset (Address: 0x180174400)
  • powf (Address: 0x180174408)
  • printf (Address: 0x180174250)
  • qsort (Address: 0x1801742b0)
  • rand (Address: 0x1801742e0)
  • realloc (Address: 0x180174300)
  • sin (Address: 0x180174410)
  • sinf (Address: 0x180174418)
  • sqrt (Address: 0x180174420)
  • sqrtf (Address: 0x180174320)
  • srand (Address: 0x1801742e8)
  • strcmp (Address: 0x180174428)
  • strncpy_s (Address: 0x180174258)
  • strnlen (Address: 0x180174388)
  • vswprintf_s (Address: 0x180174370)
  • wcsncpy_s (Address: 0x1801742f0)
  • wcsstr (Address: 0x180174368)
RTWorkQ.DLL
  • RtwqCancelDeadline (Address: 0x180173e30)
  • RtwqSetDeadline (Address: 0x180173e40)
  • RtwqSetLongRunning (Address: 0x180173e38)