mswsock.dll
Description: Microsoft Windows Sockets 2.0 Service Provider
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.5915
Architecture: 64-bit
Operating System: Windows NT
SHA256: c9e2f1db19b8cf9de4fec0425c43cf22
File Size: 409.2 KB
Uploaded At: Dec. 1, 2025, 7:34 a.m.
Views: 9
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- AcceptEx (Ordinal: 1, Address: 0x27e40)
- EnumProtocolsA (Ordinal: 2, Address: 0x28450)
- EnumProtocolsW (Ordinal: 3, Address: 0x284e0)
- GetAcceptExSockaddrs (Ordinal: 4, Address: 0x28000)
- GetAddressByNameA (Ordinal: 5, Address: 0x29ab0)
- GetAddressByNameW (Ordinal: 6, Address: 0x29cf0)
- GetNameByTypeA (Ordinal: 7, Address: 0x29ea0)
- GetNameByTypeW (Ordinal: 8, Address: 0x29fd0)
- GetServiceA (Ordinal: 9, Address: 0x2a7e0)
- GetServiceW (Ordinal: 10, Address: 0x2a890)
- GetSocketErrorMessageW (Ordinal: 11, Address: 0x2b9e0)
- GetTypeByNameA (Ordinal: 12, Address: 0x2a320)
- GetTypeByNameW (Ordinal: 13, Address: 0x2a3b0)
- MigrateWinsockConfiguration (Ordinal: 14, Address: 0x30960)
- MigrateWinsockConfigurationEx (Ordinal: 15, Address: 0x309a0)
- NPLoadNameSpaces (Ordinal: 16, Address: 0x2c840)
- NSPStartup (Ordinal: 17, Address: 0xcc00)
- SetServiceA (Ordinal: 18, Address: 0x2b440)
- SetServiceW (Ordinal: 19, Address: 0x2b670)
- StartWsdpService (Ordinal: 20, Address: 0x1e5a0)
- StopWsdpService (Ordinal: 21, Address: 0x1e8e0)
- Tcpip4_WSHAddressToString (Ordinal: 22, Address: 0xf5b0)
- Tcpip4_WSHEnumProtocols (Ordinal: 23, Address: 0x34bc0)
- Tcpip4_WSHGetBroadcastSockaddr (Ordinal: 24, Address: 0x34db0)
- Tcpip4_WSHGetProviderGuid (Ordinal: 25, Address: 0x34e00)
- Tcpip4_WSHGetSockaddrType (Ordinal: 26, Address: 0xf0d0)
- Tcpip4_WSHGetSocketInformation (Ordinal: 27, Address: 0xeb20)
- Tcpip4_WSHGetWSAProtocolInfo (Ordinal: 28, Address: 0x34e50)
- Tcpip4_WSHGetWildcardSockaddr (Ordinal: 29, Address: 0x100b0)
- Tcpip4_WSHGetWinsockMapping (Ordinal: 30, Address: 0x34ec0)
- Tcpip4_WSHIoctl (Ordinal: 31, Address: 0x34f30)
- Tcpip4_WSHJoinLeaf (Ordinal: 32, Address: 0x34f40)
- Tcpip4_WSHNotify (Ordinal: 33, Address: 0x35030)
- Tcpip4_WSHOpenSocket (Ordinal: 34, Address: 0x35080)
- Tcpip4_WSHOpenSocket2 (Ordinal: 35, Address: 0xeec0)
- Tcpip4_WSHSetSocketInformation (Ordinal: 36, Address: 0x10360)
- Tcpip4_WSHStringToAddress (Ordinal: 37, Address: 0x11650)
- Tcpip6_WSHAddressToString (Ordinal: 38, Address: 0x10170)
- Tcpip6_WSHEnumProtocols (Ordinal: 39, Address: 0x350c0)
- Tcpip6_WSHGetProviderGuid (Ordinal: 40, Address: 0x352b0)
- Tcpip6_WSHGetSockaddrType (Ordinal: 41, Address: 0xecf0)
- Tcpip6_WSHGetSocketInformation (Ordinal: 42, Address: 0xeb20)
- Tcpip6_WSHGetWSAProtocolInfo (Ordinal: 43, Address: 0x35300)
- Tcpip6_WSHGetWildcardSockaddr (Ordinal: 44, Address: 0x116d0)
- Tcpip6_WSHGetWinsockMapping (Ordinal: 45, Address: 0x35370)
- Tcpip6_WSHIoctl (Ordinal: 46, Address: 0x34f30)
- Tcpip6_WSHJoinLeaf (Ordinal: 47, Address: 0x353e0)
- Tcpip6_WSHNotify (Ordinal: 48, Address: 0x35500)
- Tcpip6_WSHOpenSocket (Ordinal: 49, Address: 0x35550)
- Tcpip6_WSHOpenSocket2 (Ordinal: 50, Address: 0xeb70)
- Tcpip6_WSHSetSocketInformation (Ordinal: 51, Address: 0x10360)
- Tcpip6_WSHStringToAddress (Ordinal: 52, Address: 0x10ba0)
- TransmitFile (Ordinal: 53, Address: 0x28380)
- WSARecvEx (Ordinal: 54, Address: 0x2d560)
- WSPStartup (Ordinal: 55, Address: 0xa3c0)
- dn_expand (Ordinal: 56, Address: 0x26240)
- getnetbyname (Ordinal: 57, Address: 0x1e9c0)
- inet_network (Ordinal: 58, Address: 0x1e9f0)
- rcmd (Ordinal: 59, Address: 0x1ea00)
- rexec (Ordinal: 60, Address: 0x1ea00)
- rresvport (Ordinal: 61, Address: 0x1ea00)
- s_perror (Ordinal: 62, Address: 0x2c0b0)
- sethostname (Ordinal: 63, Address: 0x1ea30)
Imported DLLs & Functions
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x180054388)
api-ms-win-core-crt-l1-1-0.dll
- __C_specific_handler (Address: 0x180054438)
- _stricmp (Address: 0x180054418)
- _vsnwprintf_s (Address: 0x1800543d0)
- _wcsicmp (Address: 0x1800543f8)
- _wcsnicmp (Address: 0x1800543c0)
- atoi (Address: 0x180054400)
- isdigit (Address: 0x180054408)
- memcmp (Address: 0x180054398)
- memcpy (Address: 0x1800543a8)
- memmove (Address: 0x1800543b0)
- memset (Address: 0x1800543b8)
- strlen (Address: 0x1800543f0)
- wcschr (Address: 0x180054410)
- wcscmp (Address: 0x1800543a0)
- wcscpy_s (Address: 0x1800543d8)
- wcslen (Address: 0x1800543e8)
- wcsncat_s (Address: 0x180054428)
- wcsncpy_s (Address: 0x180054430)
- wcsstr (Address: 0x1800543c8)
- wcstol (Address: 0x1800543e0)
- wcstoul (Address: 0x180054420)
api-ms-win-core-crt-l2-1-0.dll
- _initterm (Address: 0x180054460)
- _initterm_e (Address: 0x180054458)
- hgets (Address: 0x180054448)
- hwprintf (Address: 0x180054450)
api-ms-win-core-debug-l1-1-0.dll
- OutputDebugStringA (Address: 0x180054470)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x180054480)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x180054490)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x1800544a8)
- SetLastError (Address: 0x1800544b0)
- SetUnhandledExceptionFilter (Address: 0x1800544b8)
- UnhandledExceptionFilter (Address: 0x1800544a0)
api-ms-win-core-file-l1-1-0.dll
- CreateFileA (Address: 0x1800544c8)
- SetFilePointer (Address: 0x1800544d0)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1800544e8)
- DuplicateHandle (Address: 0x1800544e0)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x180054508)
- HeapAlloc (Address: 0x180054500)
- HeapFree (Address: 0x1800544f8)
api-ms-win-core-heap-l2-1-0.dll
- LocalFree (Address: 0x180054518)
api-ms-win-core-io-l1-1-0.dll
- CreateIoCompletionPort (Address: 0x180054528)
- GetOverlappedResult (Address: 0x180054530)
- PostQueuedCompletionStatus (Address: 0x180054538)
api-ms-win-core-libraryloader-l1-2-0.dll
- FreeLibrary (Address: 0x180054548)
- FreeLibraryAndExitThread (Address: 0x180054558)
- GetModuleFileNameW (Address: 0x180054560)
- GetModuleHandleExA (Address: 0x180054570)
- GetProcAddress (Address: 0x180054568)
- LoadLibraryExW (Address: 0x180054550)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x180054580)
api-ms-win-core-memory-l1-1-0.dll
- VirtualAlloc (Address: 0x180054590)
- VirtualFree (Address: 0x180054598)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsA (Address: 0x1800545b0)
- ExpandEnvironmentStringsW (Address: 0x1800545a8)
- GetEnvironmentVariableW (Address: 0x1800545b8)
api-ms-win-core-processthreads-l1-1-0.dll
- CreateThread (Address: 0x180054600)
- GetCurrentProcess (Address: 0x1800545e8)
- GetCurrentProcessId (Address: 0x1800545d0)
- GetCurrentThread (Address: 0x180054630)
- GetCurrentThreadId (Address: 0x180054608)
- OpenProcessToken (Address: 0x1800545e0)
- ResumeThread (Address: 0x180054610)
- SetThreadPriority (Address: 0x180054618)
- TerminateProcess (Address: 0x1800545f0)
- TerminateThread (Address: 0x180054628)
- TlsAlloc (Address: 0x1800545f8)
- TlsFree (Address: 0x1800545c8)
- TlsGetValue (Address: 0x180054620)
- TlsSetValue (Address: 0x1800545d8)
api-ms-win-core-processthreads-l1-1-1.dll
- OpenProcess (Address: 0x180054640)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x180054650)
api-ms-win-core-realtime-l1-1-0.dll
- QueryUnbiasedInterruptTime (Address: 0x180054660)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x180054698)
- RegCreateKeyExW (Address: 0x180054678)
- RegDeleteKeyExW (Address: 0x180054670)
- RegEnumKeyExW (Address: 0x180054680)
- RegOpenKeyExA (Address: 0x1800546c0)
- RegOpenKeyExW (Address: 0x180054690)
- RegQueryInfoKeyW (Address: 0x1800546b0)
- RegQueryValueExA (Address: 0x1800546a8)
- RegQueryValueExW (Address: 0x1800546b8)
- RegSetValueExA (Address: 0x1800546a0)
- RegSetValueExW (Address: 0x180054688)
api-ms-win-core-rtlsupport-l1-1-0.dll
- RtlCaptureContext (Address: 0x1800546d8)
- RtlLookupFunctionEntry (Address: 0x1800546e0)
- RtlVirtualUnwind (Address: 0x1800546d0)
api-ms-win-core-string-l1-1-0.dll
- MultiByteToWideChar (Address: 0x1800546f0)
- WideCharToMultiByte (Address: 0x1800546f8)
api-ms-win-core-string-obsolete-l1-1-0.dll
- lstrcmpW (Address: 0x180054708)
api-ms-win-core-synch-l1-1-0.dll
- CreateEventA (Address: 0x180054720)
- CreateEventW (Address: 0x180054778)
- DeleteCriticalSection (Address: 0x180054758)
- EnterCriticalSection (Address: 0x180054740)
- InitializeCriticalSection (Address: 0x180054768)
- InitializeCriticalSectionAndSpinCount (Address: 0x180054748)
- LeaveCriticalSection (Address: 0x180054738)
- OpenEventW (Address: 0x180054718)
- SetEvent (Address: 0x180054770)
- SleepEx (Address: 0x180054760)
- WaitForMultipleObjectsEx (Address: 0x180054750)
- WaitForSingleObject (Address: 0x180054728)
- WaitForSingleObjectEx (Address: 0x180054730)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x180054788)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x180054798)
- GetTickCount (Address: 0x1800547a0)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x1800547b8)
- EncodePointer (Address: 0x1800547b0)
api-ms-win-security-base-l1-1-0.dll
- GetTokenInformation (Address: 0x1800547c8)
ntdll.dll
- EtwGetTraceEnableFlags (Address: 0x1800547f8)
- EtwGetTraceEnableLevel (Address: 0x180054820)
- EtwGetTraceLoggerHandle (Address: 0x180054800)
- EtwRegisterTraceGuidsW (Address: 0x180054830)
- EtwTraceMessageVa (Address: 0x1800547e8)
- EtwUnregisterTraceGuids (Address: 0x1800547e0)
- NtAlertThread (Address: 0x180054938)
- NtCancelIoFile (Address: 0x180054998)
- NtClearEvent (Address: 0x1800549c0)
- NtClose (Address: 0x180054900)
- NtCreateEvent (Address: 0x1800547d8)
- NtCreateFile (Address: 0x1800549d0)
- NtCreateIoCompletion (Address: 0x1800548b8)
- NtDelayExecution (Address: 0x180054958)
- NtDeviceIoControlFile (Address: 0x180054990)
- NtLoadDriver (Address: 0x180054918)
- NtOpenKey (Address: 0x180054908)
- NtQueryEvent (Address: 0x1800548c0)
- NtQueryInformationFile (Address: 0x1800548a0)
- NtQuerySystemTime (Address: 0x180054848)
- NtQueryValueKey (Address: 0x180054968)
- NtQueueApcThread (Address: 0x180054920)
- NtReadFile (Address: 0x180054988)
- NtRemoveIoCompletion (Address: 0x180054840)
- NtSetEvent (Address: 0x1800549a0)
- NtSetInformationFile (Address: 0x1800548d8)
- NtSetInformationObject (Address: 0x1800548c8)
- NtSetInformationThread (Address: 0x1800548f8)
- NtSetIoCompletion (Address: 0x180054828)
- NtWaitForMultipleObjects (Address: 0x180054880)
- NtWaitForSingleObject (Address: 0x180054980)
- RtlAdjustPrivilege (Address: 0x180054940)
- RtlAllocateHeap (Address: 0x1800548f0)
- RtlAnsiStringToUnicodeString (Address: 0x180054878)
- RtlAppendUnicodeStringToString (Address: 0x180054838)
- RtlDeleteCriticalSection (Address: 0x180054970)
- RtlDestroyHeap (Address: 0x180054810)
- RtlDosPathNameToNtPathName_U_WithStatus (Address: 0x1800548a8)
- RtlFreeAnsiString (Address: 0x180054850)
- RtlFreeHeap (Address: 0x1800548e0)
- RtlFreeUnicodeString (Address: 0x180054870)
- RtlGetNtProductType (Address: 0x1800549c8)
- RtlImpersonateSelf (Address: 0x180054948)
- RtlInitAnsiString (Address: 0x180054868)
- RtlInitializeCriticalSectionAndSpinCount (Address: 0x180054860)
- RtlInitString (Address: 0x180054960)
- RtlInitUnicodeString (Address: 0x180054910)
- RtlIntegerToUnicodeString (Address: 0x180054808)
- RtlIpv4AddressToStringExW (Address: 0x180054818)
- RtlIpv4AddressToStringW (Address: 0x180054898)
- RtlIpv4StringToAddressExW (Address: 0x1800548e8)
- RtlIpv4StringToAddressW (Address: 0x180054930)
- RtlIpv6AddressToStringExW (Address: 0x1800547f0)
- RtlIpv6StringToAddressExW (Address: 0x1800549b0)
- RtlIpv6StringToAddressW (Address: 0x180054928)
- RtlNtStatusToDosError (Address: 0x1800549b8)
- RtlQueryRegistryValuesEx (Address: 0x1800549a8)
- RtlRaiseStatus (Address: 0x180054950)
- RtlRegisterSecureMemoryCacheCallback (Address: 0x180054890)
- RtlStringFromGUID (Address: 0x180054858)
- RtlUnicodeStringToAnsiString (Address: 0x180054888)
- RtlUTF8ToUnicodeN (Address: 0x1800548b0)
- ShipAssert (Address: 0x1800548d0)
- WinSqmIsOptedIn (Address: 0x180054978)
RPCRT4.dll
- RpcStringFreeW (Address: 0x180054240)
- UuidCreate (Address: 0x180054258)
- UuidFromStringW (Address: 0x180054250)
- UuidToStringW (Address: 0x180054248)
WS2_32.dll
- closesocket (Address: 0x180054270)
- gethostname (Address: 0x180054300)
- getnameinfo (Address: 0x1800542b8)
- getservbyname (Address: 0x1800542e0)
- getservbyport (Address: 0x1800542e8)
- htons (Address: 0x1800542c0)
- inet_addr (Address: 0x180054308)
- ntohs (Address: 0x180054268)
- setsockopt (Address: 0x180054330)
- WahCreateHandleContextTable (Address: 0x1800542f8)
- WahDestroyHandleContextTable (Address: 0x180054318)
- WahEnumerateHandleContexts (Address: 0x180054350)
- WahInsertHandleContext (Address: 0x180054298)
- WahReferenceContextByHandle (Address: 0x1800542a0)
- WahRemoveHandleContext (Address: 0x180054320)
- WPUGetProviderPathEx (Address: 0x180054368)
- WSACleanup (Address: 0x1800542d8)
- WSAEnumProtocolsW (Address: 0x1800542d0)
- WSAGetLastError (Address: 0x180054288)
- WSAIoctl (Address: 0x1800542c8)
- WSAIsBlocking (Address: 0x180054328)
- WSAProviderConfigChange (Address: 0x180054290)
- WSARecv (Address: 0x180054310)
- WSASetLastError (Address: 0x1800542f0)
- WSASocketW (Address: 0x180054278)
- WSAStartup (Address: 0x180054280)
- WSCDeinstallProviderEx (Address: 0x180054360)
- WSCEnumProtocols (Address: 0x1800542b0)
- WSCEnumProtocolsEx (Address: 0x180054358)
- WSCGetProviderPath (Address: 0x1800542a8)
- WSCInstallProviderEx (Address: 0x180054340)
- WSCUpdateProvider (Address: 0x180054348)
- WSCUpdateProvider32 (Address: 0x180054338)
- WSCUpdateProviderEx (Address: 0x180054378)
- WSCWriteProviderOrderEx (Address: 0x180054370)