PhoneService.dll - Online Dependency Analysis & Download - DLLView

PhoneService.dll

Description: The service used to manage phone calls and other telephony related functionality

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.5848

Architecture: 64-bit

Operating System: Windows NT

SHA256: fa10d52b1020747b28ce1fdf42447f37

File Size: 932.5 KB

Uploaded At: Dec. 1, 2025, 7:36 a.m.

Views: 4

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

CreateInProcPhoneService (Ordinal: 1, Address: 0x4bf0)
ServiceMain (Ordinal: 2, Address: 0x7090)
SvchostPushServiceGlobals (Ordinal: 3, Address: 0x7080)

Imported DLLs & Functions

api-ms-win-appmodel-runtime-l1-1-1.dll

GetApplicationUserModelIdFromToken (Address: 0x1800c2fe8)
ParseApplicationUserModelId (Address: 0x1800c2fe0)

api-ms-win-core-com-l1-1-0.dll

CLSIDFromString (Address: 0x1800c3078)
CoCreateFreeThreadedMarshaler (Address: 0x1800c3020)
CoCreateGuid (Address: 0x1800c3060)
CoCreateInstance (Address: 0x1800c3070)
CoDecrementMTAUsage (Address: 0x1800c3010)
CoFreeUnusedLibrariesEx (Address: 0x1800c3040)
CoGetApartmentType (Address: 0x1800c3030)
CoIncrementMTAUsage (Address: 0x1800c3018)
CoMarshalInterface (Address: 0x1800c3000)
CoReleaseMarshalData (Address: 0x1800c3008)
CoTaskMemAlloc (Address: 0x1800c3058)
CoTaskMemFree (Address: 0x1800c3048)
CoWaitForMultipleHandles (Address: 0x1800c3028)
CreateStreamOnHGlobal (Address: 0x1800c2ff8)
PropVariantClear (Address: 0x1800c3038)
StringFromCLSID (Address: 0x1800c3050)
StringFromGUID2 (Address: 0x1800c3068)

api-ms-win-core-com-l1-1-1.dll

RoGetAgileReference (Address: 0x1800c3088)

api-ms-win-core-debug-l1-1-0.dll

DebugBreak (Address: 0x1800c3098)
IsDebuggerPresent (Address: 0x1800c30a8)
OutputDebugStringW (Address: 0x1800c30a0)

api-ms-win-core-delayload-l1-1-0.dll

DelayLoadFailureHook (Address: 0x1800c30b8)

api-ms-win-core-delayload-l1-1-1.dll

ResolveDelayLoadedAPI (Address: 0x1800c30c8)

api-ms-win-core-errorhandling-l1-1-0.dll

GetLastError (Address: 0x1800c30e0)
RaiseException (Address: 0x1800c30f8)
SetLastError (Address: 0x1800c30f0)
SetUnhandledExceptionFilter (Address: 0x1800c30d8)
UnhandledExceptionFilter (Address: 0x1800c30e8)

api-ms-win-core-file-l1-1-0.dll

CompareFileTime (Address: 0x1800c3118)
FindClose (Address: 0x1800c3108)
FindFirstFileExW (Address: 0x1800c3110)
FindNextFileW (Address: 0x1800c3120)

api-ms-win-core-handle-l1-1-0.dll

CloseHandle (Address: 0x1800c3138)
DuplicateHandle (Address: 0x1800c3130)

api-ms-win-core-heap-l1-1-0.dll

GetProcessHeap (Address: 0x1800c3158)
HeapAlloc (Address: 0x1800c3150)
HeapFree (Address: 0x1800c3148)

api-ms-win-core-heap-l2-1-0.dll

LocalAlloc (Address: 0x1800c3168)
LocalFree (Address: 0x1800c3170)

api-ms-win-core-kernel32-legacy-l1-1-0.dll

RegisterWaitForSingleObject (Address: 0x1800c3180)

api-ms-win-core-libraryloader-l1-2-0.dll

DisableThreadLibraryCalls (Address: 0x1800c31c0)
FreeLibrary (Address: 0x1800c31b8)
GetModuleFileNameA (Address: 0x1800c31b0)
GetModuleHandleExW (Address: 0x1800c3198)
GetModuleHandleW (Address: 0x1800c31a0)
GetProcAddress (Address: 0x1800c31a8)
LoadLibraryExW (Address: 0x1800c3190)
LoadStringW (Address: 0x1800c31c8)

api-ms-win-core-localization-l1-2-0.dll

FormatMessageW (Address: 0x1800c31e0)
GetUserDefaultLangID (Address: 0x1800c31d8)

api-ms-win-core-processthreads-l1-1-0.dll

CreateThread (Address: 0x1800c3200)
GetCurrentProcess (Address: 0x1800c3218)
GetCurrentProcessId (Address: 0x1800c3230)
GetCurrentThread (Address: 0x1800c3248)
GetCurrentThreadId (Address: 0x1800c3220)
OpenProcessToken (Address: 0x1800c3208)
OpenThread (Address: 0x1800c3240)
OpenThreadToken (Address: 0x1800c3238)
ResumeThread (Address: 0x1800c3228)
SetThreadToken (Address: 0x1800c3210)
SuspendThread (Address: 0x1800c31f0)
TerminateProcess (Address: 0x1800c31f8)

api-ms-win-core-processthreads-l1-1-1.dll

OpenProcess (Address: 0x1800c3258)

api-ms-win-core-profile-l1-1-0.dll

QueryPerformanceCounter (Address: 0x1800c3268)

api-ms-win-core-registry-l1-1-0.dll

RegCloseKey (Address: 0x1800c3298)
RegCreateKeyExW (Address: 0x1800c32a8)
RegEnumValueW (Address: 0x1800c3278)
RegGetValueW (Address: 0x1800c3290)
RegLoadMUIStringW (Address: 0x1800c3288)
RegNotifyChangeKeyValue (Address: 0x1800c32b0)
RegOpenKeyExW (Address: 0x1800c32c0)
RegQueryInfoKeyW (Address: 0x1800c3280)
RegQueryValueExW (Address: 0x1800c32a0)
RegSetValueExW (Address: 0x1800c32b8)

api-ms-win-core-rtlsupport-l1-1-0.dll

RtlCaptureContext (Address: 0x1800c32d8)
RtlCaptureStackBackTrace (Address: 0x1800c32e8)
RtlLookupFunctionEntry (Address: 0x1800c32d0)
RtlVirtualUnwind (Address: 0x1800c32e0)

api-ms-win-core-shlwapi-legacy-l1-1-0.dll

PathGetCharTypeW (Address: 0x1800c32f8)

api-ms-win-core-shlwapi-obsolete-l1-1-0.dll

QISearch (Address: 0x1800c3308)

api-ms-win-core-string-l1-1-0.dll

MultiByteToWideChar (Address: 0x1800c3318)

api-ms-win-core-synch-l1-1-0.dll

AcquireSRWLockExclusive (Address: 0x1800c33a8)
AcquireSRWLockShared (Address: 0x1800c33c0)
CreateEventExW (Address: 0x1800c3358)
CreateEventW (Address: 0x1800c3368)
CreateMutexExW (Address: 0x1800c33c8)
CreateSemaphoreExW (Address: 0x1800c3328)
DeleteCriticalSection (Address: 0x1800c3398)
EnterCriticalSection (Address: 0x1800c3378)
InitializeCriticalSection (Address: 0x1800c33a0)
InitializeCriticalSectionEx (Address: 0x1800c3370)
InitializeSRWLock (Address: 0x1800c33b0)
LeaveCriticalSection (Address: 0x1800c3380)
OpenEventW (Address: 0x1800c3390)
OpenSemaphoreW (Address: 0x1800c3350)
ReleaseMutex (Address: 0x1800c3388)
ReleaseSemaphore (Address: 0x1800c3338)
ReleaseSRWLockExclusive (Address: 0x1800c33d0)
ReleaseSRWLockShared (Address: 0x1800c33b8)
ResetEvent (Address: 0x1800c3340)
SetEvent (Address: 0x1800c3360)
WaitForSingleObject (Address: 0x1800c3330)
WaitForSingleObjectEx (Address: 0x1800c3348)

api-ms-win-core-synch-l1-2-0.dll

InitOnceExecuteOnce (Address: 0x1800c3400)
Sleep (Address: 0x1800c33e0)
SleepConditionVariableSRW (Address: 0x1800c33f0)
WakeAllConditionVariable (Address: 0x1800c33e8)
WakeConditionVariable (Address: 0x1800c33f8)

api-ms-win-core-sysinfo-l1-1-0.dll

GetSystemTimeAsFileTime (Address: 0x1800c3410)
GetTickCount (Address: 0x1800c3420)
GetTickCount64 (Address: 0x1800c3418)

api-ms-win-core-threadpool-l1-2-0.dll

CloseThreadpoolTimer (Address: 0x1800c3460)
CloseThreadpoolWork (Address: 0x1800c3470)
CreateThreadpoolTimer (Address: 0x1800c3448)
CreateThreadpoolWork (Address: 0x1800c3468)
FreeLibraryWhenCallbackReturns (Address: 0x1800c3430)
SetThreadpoolTimer (Address: 0x1800c3440)
SubmitThreadpoolWork (Address: 0x1800c3450)
WaitForThreadpoolTimerCallbacks (Address: 0x1800c3458)
WaitForThreadpoolWorkCallbacks (Address: 0x1800c3438)

api-ms-win-core-threadpool-legacy-l1-1-0.dll

UnregisterWaitEx (Address: 0x1800c3480)

api-ms-win-core-winrt-error-l1-1-0.dll

GetRestrictedErrorInfo (Address: 0x1800c3498)
RoOriginateError (Address: 0x1800c34a0)
RoOriginateErrorW (Address: 0x1800c34b0)
RoTransformError (Address: 0x1800c34a8)
SetRestrictedErrorInfo (Address: 0x1800c3490)

api-ms-win-core-winrt-error-l1-1-1.dll

IsErrorPropagationEnabled (Address: 0x1800c34c8)
RoGetMatchingRestrictedErrorInfo (Address: 0x1800c34d0)
RoReportFailedDelegate (Address: 0x1800c34c0)

api-ms-win-core-winrt-l1-1-0.dll

RoActivateInstance (Address: 0x1800c34e8)
RoGetActivationFactory (Address: 0x1800c34f0)
RoInitialize (Address: 0x1800c34f8)
RoUninitialize (Address: 0x1800c34e0)

api-ms-win-core-winrt-string-l1-1-0.dll

WindowsCreateString (Address: 0x1800c3520)
WindowsCreateStringReference (Address: 0x1800c3510)
WindowsDeleteString (Address: 0x1800c3518)
WindowsDuplicateString (Address: 0x1800c3528)
WindowsGetStringRawBuffer (Address: 0x1800c3508)

api-ms-win-eventing-provider-l1-1-0.dll

EventProviderEnabled (Address: 0x1800c3550)
EventRegister (Address: 0x1800c3538)
EventSetInformation (Address: 0x1800c3548)
EventUnregister (Address: 0x1800c3540)
EventWriteTransfer (Address: 0x1800c3558)

api-ms-win-power-setting-l1-1-0.dll

PowerSettingRegisterNotification (Address: 0x1800c3568)
PowerSettingUnregisterNotification (Address: 0x1800c3570)

api-ms-win-security-accesshlpr-l1-1-0.dll

BuildSecurityDescriptorForSharingAccess (Address: 0x1800c3580)
FreeTransientObjectSecurityDescriptor (Address: 0x1800c3590)
QueryTransientObjectSecurityDescriptor (Address: 0x1800c3588)

api-ms-win-security-base-l1-1-0.dll

AllocateAndInitializeSid (Address: 0x1800c35d0)
GetSecurityDescriptorDacl (Address: 0x1800c35a0)
GetTokenInformation (Address: 0x1800c35c8)
MakeAbsoluteSD (Address: 0x1800c35b8)
MakeSelfRelativeSD (Address: 0x1800c35a8)
RevertToSelf (Address: 0x1800c35c0)
SetSecurityDescriptorDacl (Address: 0x1800c35b0)

api-ms-win-security-capability-l1-1-0.dll

RpcClientCapabilityCheck (Address: 0x1800c35e0)

api-ms-win-security-provider-l1-1-0.dll

GetExplicitEntriesFromAclW (Address: 0x1800c35f0)
SetEntriesInAclW (Address: 0x1800c35f8)

api-ms-win-security-sddl-l1-1-0.dll

ConvertSidToStringSidW (Address: 0x1800c3610)
ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x1800c3608)

api-ms-win-service-core-l1-1-0.dll

RegisterServiceCtrlHandlerExW (Address: 0x1800c3620)
SetServiceStatus (Address: 0x1800c3628)

api-ms-win-service-management-l1-1-0.dll

CloseServiceHandle (Address: 0x1800c3648)
OpenSCManagerW (Address: 0x1800c3640)
OpenServiceW (Address: 0x1800c3638)

api-ms-win-shell-namespace-l1-1-0.dll

SHCreateItemFromParsingName (Address: 0x1800c3658)

combase.dll

(Address: 0x1800c3668)

msvcrt.dll

__C_specific_handler (Address: 0x1800c3710)
__CxxFrameHandler3 (Address: 0x1800c36f0)
__dllonexit (Address: 0x1800c3690)
_amsg_exit (Address: 0x1800c3758)
_callnewh (Address: 0x1800c3708)
_errno (Address: 0x1800c3740)
_initterm (Address: 0x1800c3760)
_itow_s (Address: 0x1800c36d8)
_lock (Address: 0x1800c3768)
_onexit (Address: 0x1800c36b0)
_purecall (Address: 0x1800c3780)
_unlock (Address: 0x1800c3770)
_vsnprintf_s (Address: 0x1800c36a0)
_vsnwprintf (Address: 0x1800c3778)
_vsnwprintf_s (Address: 0x1800c3738)
_wcsicmp (Address: 0x1800c3688)
_wtoi (Address: 0x1800c36f8)
_XcptFilter (Address: 0x1800c3720)
free (Address: 0x1800c3678)
malloc (Address: 0x1800c3680)
memcmp (Address: 0x1800c3750)
memcpy (Address: 0x1800c3730)
memcpy_s (Address: 0x1800c3748)
memmove (Address: 0x1800c3728)
memmove_s (Address: 0x1800c36e0)
memset (Address: 0x1800c36b8)
pow (Address: 0x1800c3718)
realloc (Address: 0x1800c36d0)
swscanf_s (Address: 0x1800c36c8)
toupper (Address: 0x1800c36a8)
wcschr (Address: 0x1800c36e8)
wcscmp (Address: 0x1800c3790)
wcscpy_s (Address: 0x1800c36c0)
wcscspn (Address: 0x1800c3700)
wcsncmp (Address: 0x1800c3698)
wcstok_s (Address: 0x1800c3788)

ntdll.dll

NtQueryWnfStateData (Address: 0x1800c37a8)
RtlGetDeviceFamilyInfoEnum (Address: 0x1800c37a0)
RtlPublishWnfStateData (Address: 0x1800c37c0)
RtlSubscribeWnfStateChangeNotification (Address: 0x1800c37b0)
RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x1800c37b8)

PhoneUtil.dll

AsyncWorkDispatcher_CreateInstance (Address: 0x1800c2e28)
CauseCode_IsCodeRegistered (Address: 0x1800c2ec0)
ComparePhoneNumbers (Address: 0x1800c2f30)
ConvertPhoneNumberToUINT64 (Address: 0x1800c2e78)
CreateBrandingInfo (Address: 0x1800c2df8)
CreateCellularApiLineConfig (Address: 0x1800c2e10)
CreateDialAssist (Address: 0x1800c2e58)
CreatePerUserSecurityPolicy (Address: 0x1800c2e98)
CreatePerUserSecurityToken (Address: 0x1800c2eb0)
CreatePerUserSecurityTokenForRpcClient (Address: 0x1800c2e00)
CreateUdmDataSessionForSignedInUserContext (Address: 0x1800c2e60)
DuplicateSidIfValid (Address: 0x1800c2ea8)
Get3GPPInCallToneDefault (Address: 0x1800c2e18)
Get3GPPInCallToneForTypeAndMcc (Address: 0x1800c2e30)
Get3GPPInCallToneTypeString (Address: 0x1800c2e38)
GetAdjustCDMACallTimeSetting (Address: 0x1800c2ed0)
GetCchTailMin (Address: 0x1800c2e80)
GetCountryCodeFromOperatorNum (Address: 0x1800c2e48)
GetDialableNumber (Address: 0x1800c2f38)
GetDialableNumberAndDTMF (Address: 0x1800c2f00)
GetDtmfInCallToneTypeString (Address: 0x1800c2ee0)
GetMethodFromPropId (Address: 0x1800c2e88)
GetRpcClientUser (Address: 0x1800c2eb8)
GetSignedInUserForAppActivation (Address: 0x1800c2ed8)
GetTelUriFromDialString (Address: 0x1800c2e08)
GetUserContextTokenForUser (Address: 0x1800c2e68)
GetZerothCellularPhoneLineId (Address: 0x1800c2f28)
ImpersonateSignedInUser (Address: 0x1800c2e90)
IsCellularVoiceCapableDevice (Address: 0x1800c2f20)
IsDialableCharEx (Address: 0x1800c2e70)
IsNumberDialable (Address: 0x1800c2ea0)
IsTTYEnabled (Address: 0x1800c2ee8)
MaskPhoneNumber (Address: 0x1800c2f40)
MaskString (Address: 0x1800c2e50)
OneShotTimer_CreateInstance (Address: 0x1800c2f18)
Phone_FmtText_GlobalFormat (Address: 0x1800c2f10)
PhoneLineIdToString (Address: 0x1800c2e40)
RemoveMetadataFromNumber (Address: 0x1800c2ef8)
StringToPhoneLineId (Address: 0x1800c2f08)
StripNonDtmfChars (Address: 0x1800c2ef0)
UrlEscapeString (Address: 0x1800c2e20)
ValidPhoneNumberInplaceStripInvalidCharacters (Address: 0x1800c2ec8)

PIMSTORE.dll

FindMatchingContactEx (Address: 0x1800c2de0)
GetActiveOutlookApp (Address: 0x1800c2de8)

RPCRT4.dll

I_RpcBindingInqLocalClientPID (Address: 0x1800c2f50)
NdrClientCall3 (Address: 0x1800c2f98)
NdrServerCall2 (Address: 0x1800c2f90)
NdrServerCallAll (Address: 0x1800c2f80)
RpcExceptionFilter (Address: 0x1800c2fa0)
RpcServerInterfaceGroupActivate (Address: 0x1800c2f78)
RpcServerInterfaceGroupClose (Address: 0x1800c2f70)
RpcServerInterfaceGroupCreateW (Address: 0x1800c2f68)
RpcServerInterfaceGroupDeactivate (Address: 0x1800c2f88)
RpcServerUseProtseqEpW (Address: 0x1800c2f58)
RpcServerUseProtseqW (Address: 0x1800c2f60)

UserDataPlatformHelperUtil.dll

?_InitializeSecureRpcBinding@SecureRpcClient@Comms@@IEAAJPEBG0@Z (Address: 0x1800c2fd0)
??0SecureRpcClient@Comms@@QEAA@XZ (Address: 0x1800c2fc8)
??1SecureRpcClient@Comms@@UEAA@XZ (Address: 0x1800c2fb8)
GetQueryProcessHandle (Address: 0x1800c2fb0)
GetRpcClientThreadToken (Address: 0x1800c2fc0)