CertProvider.dll

Description:

Authors:

Version:

Architecture: 64-bit

Operating System:

SHA256: 757c2c9bd1f41d38a7c24f84f033b4b3

File Size: 4.1 MB

Uploaded At: March 4, 2026, 4:37 p.m.

Views: 6

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

CertProvider_free (Ordinal: 1, Address: 0x23ae0)
CertProvider_info (Ordinal: 2, Address: 0x23b50)
CertProvider_init (Ordinal: 3, Address: 0x23b60)
CertProvider_run (Ordinal: 4, Address: 0x23be0)
CertProvider_rundll (Ordinal: 5, Address: 0x23ca0)
CertProvider_start (Ordinal: 6, Address: 0x23ce0)
CertProvider_status (Ordinal: 7, Address: 0x23d20)
CertProvider_stop (Ordinal: 8, Address: 0x23fa0)
DllRegisterServer (Ordinal: 9, Address: 0x24010)
DllUnregisterServer (Ordinal: 10, Address: 0x24060)
Run (Ordinal: 11, Address: 0x24080)
ServiceMain (Ordinal: 12, Address: 0x240c0)
Start (Ordinal: 13, Address: 0x24100)

Imported DLLs & Functions

ADVAPI32.dll

GetUserNameA (Address: 0x2b517ea40)
RegCloseKey (Address: 0x2b517ea48)
RegCreateKeyExA (Address: 0x2b517ea50)
RegDeleteKeyA (Address: 0x2b517ea58)
RegDeleteValueA (Address: 0x2b517ea60)
RegEnumKeyExA (Address: 0x2b517ea68)
RegEnumValueA (Address: 0x2b517ea70)
RegOpenKeyExA (Address: 0x2b517ea78)
RegQueryValueExA (Address: 0x2b517ea80)
RegSetValueExA (Address: 0x2b517ea88)

GDI32.dll

BitBlt (Address: 0x2b517ea98)
CreateCompatibleBitmap (Address: 0x2b517eaa0)
CreateCompatibleDC (Address: 0x2b517eaa8)
DeleteDC (Address: 0x2b517eab0)
DeleteObject (Address: 0x2b517eab8)
GetDeviceCaps (Address: 0x2b517eac8)
GetDIBits (Address: 0x2b517eac0)
SelectObject (Address: 0x2b517ead0)

IPHLPAPI.DLL

GetAdaptersAddresses (Address: 0x2b517eae0)
GetAdaptersInfo (Address: 0x2b517eae8)

KERNEL32.dll

__C_specific_handler (Address: 0x2b517eeb0)
AddVectoredExceptionHandler (Address: 0x2b517eaf8)
CloseHandle (Address: 0x2b517eb00)
CopyFileA (Address: 0x2b517eb08)
CreateDirectoryA (Address: 0x2b517eb10)
CreateEventA (Address: 0x2b517eb18)
CreateFileA (Address: 0x2b517eb20)
CreateFileW (Address: 0x2b517eb28)
CreateHardLinkW (Address: 0x2b517eb30)
CreatePipe (Address: 0x2b517eb38)
CreateProcessA (Address: 0x2b517eb40)
CreateSemaphoreA (Address: 0x2b517eb48)
CreateThread (Address: 0x2b517eb50)
CreateToolhelp32Snapshot (Address: 0x2b517eb58)
CreateWaitableTimerW (Address: 0x2b517eb60)
DeleteCriticalSection (Address: 0x2b517eb68)
DeleteFileA (Address: 0x2b517eb70)
DeleteFileW (Address: 0x2b517eb78)
DeleteProcThreadAttributeList (Address: 0x2b517eb80)
DisableThreadLibraryCalls (Address: 0x2b517eb88)
DuplicateHandle (Address: 0x2b517eb90)
EnterCriticalSection (Address: 0x2b517eb98)
FileTimeToSystemTime (Address: 0x2b517eba0)
FindFirstVolumeW (Address: 0x2b517eba8)
FindNextVolumeW (Address: 0x2b517ebb0)
FindVolumeClose (Address: 0x2b517ebb8)
FlushFileBuffers (Address: 0x2b517ebc0)
FormatMessageA (Address: 0x2b517ebc8)
FreeLibrary (Address: 0x2b517ebd0)
GetCurrentProcess (Address: 0x2b517ebd8)
GetCurrentProcessId (Address: 0x2b517ebe0)
GetCurrentThread (Address: 0x2b517ebe8)
GetCurrentThreadId (Address: 0x2b517ebf0)
GetDiskFreeSpaceExW (Address: 0x2b517ebf8)
GetExitCodeProcess (Address: 0x2b517ec00)
GetFileAttributesW (Address: 0x2b517ec08)
GetFileInformationByHandle (Address: 0x2b517ec10)
GetFileSizeEx (Address: 0x2b517ec18)
GetFileType (Address: 0x2b517ec20)
GetFullPathNameW (Address: 0x2b517ec28)
GetHandleInformation (Address: 0x2b517ec30)
GetLastError (Address: 0x2b517ec38)
GetModuleFileNameA (Address: 0x2b517ec40)
GetModuleHandleA (Address: 0x2b517ec48)
GetModuleHandleW (Address: 0x2b517ec50)
GetProcAddress (Address: 0x2b517ec58)
GetProcessAffinityMask (Address: 0x2b517ec60)
GetProcessHeap (Address: 0x2b517ec68)
GetProcessTimes (Address: 0x2b517ec70)
GetStdHandle (Address: 0x2b517ec78)
GetSystemTimeAdjustment (Address: 0x2b517ec80)
GetSystemTimeAsFileTime (Address: 0x2b517ec88)
GetTempPathA (Address: 0x2b517ec90)
GetTempPathW (Address: 0x2b517ec98)
GetThreadContext (Address: 0x2b517eca0)
GetThreadPriority (Address: 0x2b517eca8)
GetThreadTimes (Address: 0x2b517ecb0)
GetTickCount (Address: 0x2b517ecb8)
GetTickCount64 (Address: 0x2b517ecc0)
GetVolumeInformationW (Address: 0x2b517ecc8)
GlobalAlloc (Address: 0x2b517ecd0)
GlobalLock (Address: 0x2b517ecd8)
GlobalUnlock (Address: 0x2b517ece0)
HeapAlloc (Address: 0x2b517ece8)
HeapFree (Address: 0x2b517ecf0)
InitializeCriticalSection (Address: 0x2b517ecf8)
InitializeProcThreadAttributeList (Address: 0x2b517ed00)
IsDBCSLeadByteEx (Address: 0x2b517ed08)
IsDebuggerPresent (Address: 0x2b517ed10)
LeaveCriticalSection (Address: 0x2b517ed18)
LoadLibraryA (Address: 0x2b517ed20)
LoadLibraryW (Address: 0x2b517ed28)
LocalFree (Address: 0x2b517ed30)
MoveFileExW (Address: 0x2b517ed38)
MultiByteToWideChar (Address: 0x2b517ed40)
OpenProcess (Address: 0x2b517ed48)
OutputDebugStringA (Address: 0x2b517ed50)
PeekNamedPipe (Address: 0x2b517ed58)
Process32First (Address: 0x2b517ed60)
Process32Next (Address: 0x2b517ed68)
QueryPerformanceCounter (Address: 0x2b517ed70)
QueryPerformanceFrequency (Address: 0x2b517ed78)
RaiseException (Address: 0x2b517ed80)
ReadFile (Address: 0x2b517ed88)
ReleaseSemaphore (Address: 0x2b517ed90)
RemoveDirectoryW (Address: 0x2b517ed98)
RemoveVectoredExceptionHandler (Address: 0x2b517eda0)
ResetEvent (Address: 0x2b517eda8)
ResumeThread (Address: 0x2b517edb0)
RtlCaptureContext (Address: 0x2b517edb8)
RtlLookupFunctionEntry (Address: 0x2b517edc0)
RtlUnwindEx (Address: 0x2b517edc8)
RtlVirtualUnwind (Address: 0x2b517edd0)
SetConsoleCtrlHandler (Address: 0x2b517edd8)
SetEndOfFile (Address: 0x2b517ede0)
SetEvent (Address: 0x2b517ede8)
SetFilePointer (Address: 0x2b517edf0)
SetHandleInformation (Address: 0x2b517edf8)
SetLastError (Address: 0x2b517ee00)
SetProcessAffinityMask (Address: 0x2b517ee08)
SetSystemTime (Address: 0x2b517ee10)
SetThreadContext (Address: 0x2b517ee18)
SetThreadPriority (Address: 0x2b517ee20)
SetWaitableTimer (Address: 0x2b517ee28)
Sleep (Address: 0x2b517ee30)
SleepEx (Address: 0x2b517ee38)
SuspendThread (Address: 0x2b517ee40)
TerminateProcess (Address: 0x2b517ee48)
TlsAlloc (Address: 0x2b517ee50)
TlsGetValue (Address: 0x2b517ee58)
TlsSetValue (Address: 0x2b517ee60)
TryEnterCriticalSection (Address: 0x2b517ee68)
UpdateProcThreadAttribute (Address: 0x2b517ee70)
VirtualProtect (Address: 0x2b517ee78)
VirtualQuery (Address: 0x2b517ee80)
WaitForMultipleObjects (Address: 0x2b517ee88)
WaitForSingleObject (Address: 0x2b517ee90)
WaitForSingleObjectEx (Address: 0x2b517ee98)
WideCharToMultiByte (Address: 0x2b517eea0)
WriteFile (Address: 0x2b517eea8)

msvcrt.dll

___lc_codepage_func (Address: 0x2b517eec0)
___mb_cur_max_func (Address: 0x2b517eec8)
__iob_func (Address: 0x2b517eed0)
_amsg_exit (Address: 0x2b517eed8)
_beginthreadex (Address: 0x2b517eee0)
_close (Address: 0x2b517eee8)
_close (Address: 0x2b517f228)
_endthreadex (Address: 0x2b517eef0)
_environ (Address: 0x2b517eef8)
_errno (Address: 0x2b517ef00)
_fdopen (Address: 0x2b517f220)
_filelengthi64 (Address: 0x2b517ef08)
_fileno (Address: 0x2b517ef10)
_fileno (Address: 0x2b517f218)
_findclose (Address: 0x2b517ef18)
_fstat64 (Address: 0x2b517ef20)
_get_osfhandle (Address: 0x2b517ef28)
_getcwd (Address: 0x2b517ef30)
_getpid (Address: 0x2b517f210)
_gmtime64 (Address: 0x2b517ef38)
_initterm (Address: 0x2b517ef40)
_localtime64 (Address: 0x2b517ef48)
_lock (Address: 0x2b517ef50)
_lseeki64 (Address: 0x2b517ef58)
_pclose (Address: 0x2b517ef60)
_popen (Address: 0x2b517ef68)
_putenv_s (Address: 0x2b517ef70)
_read (Address: 0x2b517f208)
_setjmp (Address: 0x2b517ef78)
_strdup (Address: 0x2b517ef80)
_strdup (Address: 0x2b517f200)
_telli64 (Address: 0x2b517ef88)
_ultoa (Address: 0x2b517ef90)
_unlock (Address: 0x2b517ef98)
_wchdir (Address: 0x2b517efa0)
_wchmod (Address: 0x2b517efa8)
_wfindfirst64 (Address: 0x2b517efb0)
_wfindnext64 (Address: 0x2b517efb8)
_wfopen (Address: 0x2b517efc0)
_wfullpath (Address: 0x2b517efc8)
_wgetcwd (Address: 0x2b517efd0)
_wmkdir (Address: 0x2b517efd8)
_wopen (Address: 0x2b517efe0)
_write (Address: 0x2b517f1f8)
_wstat64 (Address: 0x2b517efe8)
_wutime64 (Address: 0x2b517eff0)
abort (Address: 0x2b517eff8)
calloc (Address: 0x2b517f000)
exit (Address: 0x2b517f008)
fclose (Address: 0x2b517f010)
fflush (Address: 0x2b517f018)
fgetpos (Address: 0x2b517f020)
fgets (Address: 0x2b517f028)
fopen (Address: 0x2b517f030)
fprintf (Address: 0x2b517f038)
fputc (Address: 0x2b517f040)
fputs (Address: 0x2b517f048)
fread (Address: 0x2b517f050)
free (Address: 0x2b517f058)
fsetpos (Address: 0x2b517f060)
fwrite (Address: 0x2b517f068)
getc (Address: 0x2b517f070)
getenv (Address: 0x2b517f078)
getwc (Address: 0x2b517f080)
islower (Address: 0x2b517f088)
isspace (Address: 0x2b517f090)
isupper (Address: 0x2b517f098)
iswctype (Address: 0x2b517f0a0)
isxdigit (Address: 0x2b517f0a8)
localeconv (Address: 0x2b517f0b0)
longjmp (Address: 0x2b517f1f0)
malloc (Address: 0x2b517f0b8)
memchr (Address: 0x2b517f0c0)
memcmp (Address: 0x2b517f0c8)
memcpy (Address: 0x2b517f0d0)
memmove (Address: 0x2b517f0d8)
memset (Address: 0x2b517f0e0)
printf (Address: 0x2b517f0e8)
putc (Address: 0x2b517f0f0)
putwc (Address: 0x2b517f0f8)
rand (Address: 0x2b517f100)
realloc (Address: 0x2b517f108)
remove (Address: 0x2b517f110)
setlocale (Address: 0x2b517f118)
setvbuf (Address: 0x2b517f120)
signal (Address: 0x2b517f128)
strchr (Address: 0x2b517f130)
strcmp (Address: 0x2b517f138)
strcoll (Address: 0x2b517f140)
strerror (Address: 0x2b517f148)
strftime (Address: 0x2b517f150)
strlen (Address: 0x2b517f158)
strncmp (Address: 0x2b517f160)
strtol (Address: 0x2b517f168)
strtoul (Address: 0x2b517f170)
strxfrm (Address: 0x2b517f178)
tolower (Address: 0x2b517f180)
toupper (Address: 0x2b517f188)
towlower (Address: 0x2b517f190)
towupper (Address: 0x2b517f198)
ungetc (Address: 0x2b517f1a0)
ungetwc (Address: 0x2b517f1a8)
vfprintf (Address: 0x2b517f1b0)
wcscat (Address: 0x2b517f1b8)
wcscmp (Address: 0x2b517f1c0)
wcscoll (Address: 0x2b517f1c8)
wcscpy (Address: 0x2b517f1d0)
wcsftime (Address: 0x2b517f1d8)
wcslen (Address: 0x2b517f1e0)
wcsxfrm (Address: 0x2b517f1e8)

SHELL32.dll

SHFileOperationA (Address: 0x2b517f238)

USER32.dll

CloseClipboard (Address: 0x2b517f248)
EmptyClipboard (Address: 0x2b517f250)
GetClipboardData (Address: 0x2b517f258)
GetDC (Address: 0x2b517f260)
GetSystemMetrics (Address: 0x2b517f268)
OpenClipboard (Address: 0x2b517f270)
ReleaseDC (Address: 0x2b517f278)
SetClipboardData (Address: 0x2b517f280)

WINHTTP.dll

WinHttpCloseHandle (Address: 0x2b517f290)
WinHttpConnect (Address: 0x2b517f298)
WinHttpOpen (Address: 0x2b517f2a0)
WinHttpOpenRequest (Address: 0x2b517f2a8)
WinHttpQueryDataAvailable (Address: 0x2b517f2b0)
WinHttpQueryHeaders (Address: 0x2b517f2b8)
WinHttpReadData (Address: 0x2b517f2c0)
WinHttpReceiveResponse (Address: 0x2b517f2c8)
WinHttpSendRequest (Address: 0x2b517f2d0)
WinHttpSetOption (Address: 0x2b517f2d8)

WS2_32.dll

__WSAFDIsSet (Address: 0x2b517f300)
closesocket (Address: 0x2b517f308)
connect (Address: 0x2b517f310)
freeaddrinfo (Address: 0x2b517f318)
getaddrinfo (Address: 0x2b517f320)
gethostbyname (Address: 0x2b517f328)
getsockopt (Address: 0x2b517f330)
htonl (Address: 0x2b517f338)
htons (Address: 0x2b517f340)
inet_addr (Address: 0x2b517f348)
inet_ntoa (Address: 0x2b517f350)
inet_ntop (Address: 0x2b517f358)
inet_pton (Address: 0x2b517f360)
ioctlsocket (Address: 0x2b517f368)
ntohl (Address: 0x2b517f370)
recv (Address: 0x2b517f378)
recvfrom (Address: 0x2b517f380)
select (Address: 0x2b517f388)
send (Address: 0x2b517f390)
sendto (Address: 0x2b517f398)
setsockopt (Address: 0x2b517f3a0)
socket (Address: 0x2b517f3a8)
WSACleanup (Address: 0x2b517f2e8)
WSAGetLastError (Address: 0x2b517f2f0)
WSAStartup (Address: 0x2b517f2f8)