SenseSubAuth.dll

Description: Sense Sub-Authentication Package DLL.

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.8804.27858.1000

Architecture: 64-bit

Operating System: Windows NT

SHA256: 0b8cae9c850325c2fdc67409162e6329

File Size: 365.4 KB

Uploaded At: Dec. 1, 2025, 7:38 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • Msv1_0SubAuthenticationFilterEx (Ordinal: 1, Address: 0x6520)
  • Msv1_0SubAuthenticationInitialize (Ordinal: 2, Address: 0x65a0)
  • Msv1_0SubAuthenticationUninitialize (Ordinal: 3, Address: 0x65c0)
  • Msv1_0SubAuthenticationFilter (Ordinal: 4, Address: 0x65e0)
  • Msv1_0SubAuthenticationRoutineGeneric (Ordinal: 5, Address: 0x65f0)

Imported DLLs & Functions

ADVAPI32.dll
  • ConvertSidToStringSidW (Address: 0x180038010)
  • ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x180038000)
  • ConvertStringSidToSidW (Address: 0x180038018)
  • EqualSid (Address: 0x180038008)
  • EventRegister (Address: 0x180038038)
  • EventSetInformation (Address: 0x180038028)
  • EventUnregister (Address: 0x180038030)
  • EventWriteTransfer (Address: 0x180038020)
api-ms-win-core-libraryloader-l1-2-0.dll
  • GetModuleHandleExA (Address: 0x1800384c0)
api-ms-win-core-synch-l1-1-0.dll
  • CreateEventA (Address: 0x1800384d0)
  • OpenEventA (Address: 0x1800384e8)
  • ResetEvent (Address: 0x1800384d8)
  • SetEvent (Address: 0x1800384e0)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x180038090)
  • AcquireSRWLockShared (Address: 0x180038098)
  • CloseHandle (Address: 0x180038378)
  • CloseThreadpoolTimer (Address: 0x1800380c8)
  • CreateFileW (Address: 0x180038358)
  • CreateMutexExW (Address: 0x180038100)
  • CreateSemaphoreExW (Address: 0x1800380f8)
  • CreateThreadpoolTimer (Address: 0x1800380b0)
  • DebugBreak (Address: 0x180038388)
  • DecodePointer (Address: 0x180038178)
  • DeleteCriticalSection (Address: 0x180038168)
  • EncodePointer (Address: 0x180038170)
  • EnterCriticalSection (Address: 0x180038150)
  • EnumSystemLocalesW (Address: 0x1800382c0)
  • ExitProcess (Address: 0x180038260)
  • FindClose (Address: 0x1800382d0)
  • FindFirstFileExW (Address: 0x1800382d8)
  • FindNextFileW (Address: 0x1800382e0)
  • FlsAlloc (Address: 0x180038280)
  • FlsFree (Address: 0x180038298)
  • FlsGetValue (Address: 0x180038288)
  • FlsSetValue (Address: 0x180038290)
  • FlushFileBuffers (Address: 0x180038338)
  • FormatMessageW (Address: 0x180038070)
  • FreeEnvironmentStringsW (Address: 0x180038318)
  • FreeLibrary (Address: 0x180038250)
  • GetACP (Address: 0x1800382f0)
  • GetCommandLineA (Address: 0x180038300)
  • GetCommandLineW (Address: 0x180038308)
  • GetComputerNameExW (Address: 0x180038370)
  • GetComputerNameW (Address: 0x180038398)
  • GetConsoleMode (Address: 0x180038350)
  • GetConsoleOutputCP (Address: 0x180038348)
  • GetCPInfo (Address: 0x180038190)
  • GetCurrentProcess (Address: 0x1800381e0)
  • GetCurrentProcessId (Address: 0x180038108)
  • GetCurrentThreadId (Address: 0x180038048)
  • GetEnvironmentStringsW (Address: 0x180038310)
  • GetFileType (Address: 0x180038278)
  • GetLastError (Address: 0x180038188)
  • GetLocaleInfoW (Address: 0x1800382a8)
  • GetModuleFileNameA (Address: 0x180038050)
  • GetModuleFileNameW (Address: 0x180038268)
  • GetModuleHandleExW (Address: 0x180038060)
  • GetModuleHandleW (Address: 0x180038058)
  • GetOEMCP (Address: 0x1800382f8)
  • GetProcAddress (Address: 0x180038068)
  • GetProcessHeap (Address: 0x180038118)
  • GetStartupInfoW (Address: 0x1800381d0)
  • GetStdHandle (Address: 0x180038270)
  • GetStringTypeW (Address: 0x180038148)
  • GetSystemTimeAsFileTime (Address: 0x1800381f8)
  • GetUserDefaultLCID (Address: 0x1800382b8)
  • HeapAlloc (Address: 0x180038128)
  • HeapFree (Address: 0x180038120)
  • HeapReAlloc (Address: 0x1800382c8)
  • HeapSize (Address: 0x180038330)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180038228)
  • InitializeCriticalSectionEx (Address: 0x180038160)
  • InitializeSListHead (Address: 0x180038200)
  • InitOnceBeginInitialize (Address: 0x1800380a0)
  • InitOnceComplete (Address: 0x1800380a8)
  • InterlockedFlushSList (Address: 0x180038220)
  • IsDebuggerPresent (Address: 0x180038390)
  • IsProcessorFeaturePresent (Address: 0x1800381d8)
  • IsValidCodePage (Address: 0x1800382e8)
  • IsValidLocale (Address: 0x1800382b0)
  • LCMapStringEx (Address: 0x180038180)
  • LCMapStringW (Address: 0x1800382a0)
  • LeaveCriticalSection (Address: 0x180038158)
  • LoadLibraryExW (Address: 0x180038258)
  • LoadLibraryW (Address: 0x180038110)
  • LocalFree (Address: 0x1800380d0)
  • MultiByteToWideChar (Address: 0x180038140)
  • OpenProcess (Address: 0x180038368)
  • OpenSemaphoreW (Address: 0x180038130)
  • OutputDebugStringW (Address: 0x180038380)
  • QueryPerformanceCounter (Address: 0x1800381f0)
  • RaiseException (Address: 0x180038210)
  • ReleaseMutex (Address: 0x1800380e8)
  • ReleaseSemaphore (Address: 0x1800380f0)
  • ReleaseSRWLockExclusive (Address: 0x180038080)
  • ReleaseSRWLockShared (Address: 0x180038088)
  • RtlCaptureContext (Address: 0x1800381a8)
  • RtlLookupFunctionEntry (Address: 0x1800381b0)
  • RtlPcToFileHeader (Address: 0x180038208)
  • RtlUnwindEx (Address: 0x180038218)
  • RtlVirtualUnwind (Address: 0x1800381b8)
  • SetFilePointerEx (Address: 0x180038320)
  • SetLastError (Address: 0x180038138)
  • SetStdHandle (Address: 0x180038328)
  • SetThreadpoolTimer (Address: 0x1800380b8)
  • SetUnhandledExceptionFilter (Address: 0x1800381c8)
  • SleepConditionVariableSRW (Address: 0x1800381a0)
  • TerminateProcess (Address: 0x1800381e8)
  • TlsAlloc (Address: 0x180038230)
  • TlsFree (Address: 0x180038248)
  • TlsGetValue (Address: 0x180038238)
  • TlsSetValue (Address: 0x180038240)
  • UnhandledExceptionFilter (Address: 0x1800381c0)
  • WaitForSingleObject (Address: 0x1800380e0)
  • WaitForSingleObjectEx (Address: 0x1800380d8)
  • WaitForThreadpoolTimerCallbacks (Address: 0x1800380c0)
  • WakeAllConditionVariable (Address: 0x180038198)
  • WideCharToMultiByte (Address: 0x180038078)
  • WriteConsoleW (Address: 0x180038360)
  • WriteFile (Address: 0x180038340)
ntdll.dll
  • NtQueryInformationProcess (Address: 0x1800384f8)
NTDSAPI.dll
  • DsCrackSpnW (Address: 0x1800383a8)
RPCRT4.dll
  • NdrServerCall2 (Address: 0x1800383c0)
  • NdrServerCallAll (Address: 0x1800383b8)
  • RpcBindingFree (Address: 0x1800383d0)
  • RpcBindingFromStringBindingW (Address: 0x180038408)
  • RpcExceptionFilter (Address: 0x180038418)
  • RpcMgmtStopServerListening (Address: 0x180038400)
  • RpcServerInqCallAttributesW (Address: 0x1800383c8)
  • RpcServerListen (Address: 0x1800383e0)
  • RpcServerRegisterIf2 (Address: 0x1800383e8)
  • RpcServerUnregisterIf (Address: 0x1800383f0)
  • RpcServerUseProtseqEpW (Address: 0x1800383f8)
  • RpcStringBindingComposeW (Address: 0x180038410)
  • RpcStringFreeW (Address: 0x1800383d8)
WLDAP32.dll
  • (Address: 0x180038428)
  • (Address: 0x180038430)
  • (Address: 0x180038438)
  • (Address: 0x180038440)
  • (Address: 0x180038448)
  • (Address: 0x180038450)
  • (Address: 0x180038458)
  • (Address: 0x180038460)
  • (Address: 0x180038468)
  • (Address: 0x180038470)
  • (Address: 0x180038478)
  • (Address: 0x180038480)
  • (Address: 0x180038488)
  • (Address: 0x180038490)
  • (Address: 0x180038498)
  • (Address: 0x1800384a0)
  • (Address: 0x1800384a8)
  • (Address: 0x1800384b0)