msimg64.new

Description:

Authors:

Version:

Architecture: 64-bit

Operating System:

SHA256: be28c6f652f8097408344f431f6d784a

File Size: 1.3 MB

Uploaded At: March 28, 2026, 8:45 p.m.

Views: 12

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: VirtualAllocEx, WriteProcessMemory

Exported Functions

  • DllInitialize (Ordinal: 1, Address: 0x20a0)
  • DriverProc (Ordinal: 2, Address: 0x1e10)
  • InstallNTDSProvider (Ordinal: 3, Address: 0x20d0)
  • LpkDllInitialize (Ordinal: 4, Address: 0x20d0)
  • LpkDrawTextEx (Ordinal: 5, Address: 0x20d0)
  • LpkEditControl (Ordinal: 6, Address: 0x20d0)
  • LpkExtTextOut (Ordinal: 7, Address: 0x20d0)
  • LpkGetCharacterPlacement (Ordinal: 8, Address: 0x20d0)
  • LpkGetTextExtentExPoint (Ordinal: 9, Address: 0x20d0)
  • LpkInitialize (Ordinal: 10, Address: 0x20d0)
  • LpkPSMTextOut (Ordinal: 11, Address: 0x20d0)
  • LpkTabbedTextOut (Ordinal: 12, Address: 0x20d0)
  • LpkUseGDIWidthCache (Ordinal: 13, Address: 0x20d0)
  • NSPStartup (Ordinal: 14, Address: 0x20d0)
  • RemoveNTDSProvider (Ordinal: 15, Address: 0x20d0)
  • vSetDdrawflag (Ordinal: 16, Address: 0x2090)
  • widMessage (Ordinal: 17, Address: 0x1e60)
  • wodMessage (Ordinal: 18, Address: 0x1eb0)
  • AlphaBlend (Ordinal: 19, Address: 0x1f00)
  • GradientFill (Ordinal: 20, Address: 0x2040)
  • TransparentBlt (Ordinal: 21, Address: 0x1fa0)

Imported DLLs & Functions

KERNEL32.dll
  • CloseHandle (Address: 0x18000a0c0)
  • CreateFileW (Address: 0x18000a258)
  • DecodePointer (Address: 0x18000a128)
  • DeleteCriticalSection (Address: 0x18000a160)
  • DisableThreadLibraryCalls (Address: 0x18000a080)
  • EncodePointer (Address: 0x18000a120)
  • EnterCriticalSection (Address: 0x18000a078)
  • ExitProcess (Address: 0x18000a1c8)
  • FlsAlloc (Address: 0x18000a1b0)
  • FlsFree (Address: 0x18000a1a8)
  • FlsGetValue (Address: 0x18000a1a0)
  • FlsSetValue (Address: 0x18000a0d0)
  • FlushFileBuffers (Address: 0x18000a250)
  • FreeEnvironmentStringsW (Address: 0x18000a208)
  • GetACP (Address: 0x18000a188)
  • GetCommandLineA (Address: 0x18000a0d8)
  • GetConsoleCP (Address: 0x18000a170)
  • GetConsoleMode (Address: 0x18000a178)
  • GetCPInfo (Address: 0x18000a180)
  • GetCurrentProcess (Address: 0x18000a050)
  • GetCurrentProcessId (Address: 0x18000a228)
  • GetCurrentThreadId (Address: 0x18000a098)
  • GetEnvironmentStringsW (Address: 0x18000a210)
  • GetFileType (Address: 0x18000a150)
  • GetLastError (Address: 0x18000a0b8)
  • GetModuleFileNameA (Address: 0x18000a200)
  • GetModuleFileNameW (Address: 0x18000a1f0)
  • GetModuleHandleW (Address: 0x18000a008)
  • GetOEMCP (Address: 0x18000a190)
  • GetProcAddress (Address: 0x18000a028)
  • GetStartupInfoW (Address: 0x18000a158)
  • GetStdHandle (Address: 0x18000a148)
  • GetStringTypeW (Address: 0x18000a1f8)
  • GetSystemDirectoryW (Address: 0x18000a060)
  • GetSystemTimeAsFileTime (Address: 0x18000a230)
  • GetTickCount (Address: 0x18000a220)
  • GetVersion (Address: 0x18000a1d8)
  • HeapAlloc (Address: 0x18000a0a0)
  • HeapCreate (Address: 0x18000a1e0)
  • HeapDestroy (Address: 0x18000a1e8)
  • HeapFree (Address: 0x18000a0a8)
  • HeapReAlloc (Address: 0x18000a0c8)
  • HeapSetInformation (Address: 0x18000a1d0)
  • HeapSize (Address: 0x18000a238)
  • InitializeCriticalSection (Address: 0x18000a058)
  • InitializeCriticalSectionAndSpinCount (Address: 0x18000a138)
  • IsDebuggerPresent (Address: 0x18000a090)
  • IsValidCodePage (Address: 0x18000a198)
  • LCMapStringW (Address: 0x18000a1b8)
  • LeaveCriticalSection (Address: 0x18000a068)
  • LoadLibraryW (Address: 0x18000a018)
  • lstrcatW (Address: 0x18000a088)
  • MultiByteToWideChar (Address: 0x18000a070)
  • QueryPerformanceCounter (Address: 0x18000a218)
  • RaiseException (Address: 0x18000a0e0)
  • ReadProcessMemory (Address: 0x18000a020)
  • RtlCaptureContext (Address: 0x18000a118)
  • RtlLookupFunctionEntry (Address: 0x18000a110)
  • RtlPcToFileHeader (Address: 0x18000a0e8)
  • RtlUnwindEx (Address: 0x18000a130)
  • RtlVirtualUnwind (Address: 0x18000a108)
  • SetFilePointer (Address: 0x18000a048)
  • SetHandleCount (Address: 0x18000a140)
  • SetLastError (Address: 0x18000a0b0)
  • SetStdHandle (Address: 0x18000a248)
  • SetUnhandledExceptionFilter (Address: 0x18000a100)
  • Sleep (Address: 0x18000a1c0)
  • TerminateProcess (Address: 0x18000a0f0)
  • UnhandledExceptionFilter (Address: 0x18000a0f8)
  • VirtualAllocEx (Address: 0x18000a030)
  • VirtualProtect (Address: 0x18000a038)
  • VirtualQuery (Address: 0x18000a000)
  • WideCharToMultiByte (Address: 0x18000a010)
  • WriteConsoleW (Address: 0x18000a240)
  • WriteFile (Address: 0x18000a168)
  • WriteProcessMemory (Address: 0x18000a040)