Analog.Shell.Broker.dll

Description: Analog.Shell.Broker DLL

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.5794

Architecture: 64-bit

Operating System: Windows NT

SHA256: e6c4c2b65c7b43cfca85e17efe4aba1a

File Size: 222.0 KB

Uploaded At: Dec. 1, 2025, 7:22 a.m.

Views: 21

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x4700)
  • DllGetActivationFactory (Ordinal: 2, Address: 0x4330)
  • DllGetClassObject (Ordinal: 3, Address: 0x4520)
  • DllMain (Ordinal: 4, Address: 0x46b0)
  • DllRegisterServer (Ordinal: 5, Address: 0x4680)
  • DllUnregisterServer (Ordinal: 6, Address: 0x4650)

Imported DLLs & Functions

api-ms-win-appmodel-runtime-l1-1-0.dll
  • GetApplicationUserModelId (Address: 0x180028ad8)
api-ms-win-core-apiquery-l1-1-0.dll
  • ApiSetQueryApiSetPresence (Address: 0x180028ae8)
api-ms-win-core-com-l1-1-0.dll
  • CoCreateFreeThreadedMarshaler (Address: 0x180028b00)
  • CoImpersonateClient (Address: 0x180028b20)
  • CoRevertToSelf (Address: 0x180028b18)
  • CoTaskMemAlloc (Address: 0x180028af8)
  • CoTaskMemFree (Address: 0x180028b10)
  • CoWaitForMultipleHandles (Address: 0x180028b08)
api-ms-win-core-com-l1-1-1.dll
  • RoGetAgileReference (Address: 0x180028b30)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
  • CStdStubBuffer2_Connect (Address: 0x180028b50)
  • CStdStubBuffer2_CountRefs (Address: 0x180028b68)
  • CStdStubBuffer2_Disconnect (Address: 0x180028b88)
  • CStdStubBuffer2_QueryInterface (Address: 0x180028bb0)
  • NdrProxyForwardingFunction3 (Address: 0x180028ba8)
  • NdrProxyForwardingFunction4 (Address: 0x180028bd0)
  • NdrProxyForwardingFunction5 (Address: 0x180028be0)
  • ObjectStublessClient10 (Address: 0x180028bc8)
  • ObjectStublessClient11 (Address: 0x180028b60)
  • ObjectStublessClient12 (Address: 0x180028b48)
  • ObjectStublessClient13 (Address: 0x180028ba0)
  • ObjectStublessClient14 (Address: 0x180028b40)
  • ObjectStublessClient15 (Address: 0x180028b78)
  • ObjectStublessClient16 (Address: 0x180028bc0)
  • ObjectStublessClient17 (Address: 0x180028c08)
  • ObjectStublessClient18 (Address: 0x180028b70)
  • ObjectStublessClient19 (Address: 0x180028bb8)
  • ObjectStublessClient20 (Address: 0x180028b58)
  • ObjectStublessClient21 (Address: 0x180028b90)
  • ObjectStublessClient22 (Address: 0x180028bd8)
  • ObjectStublessClient23 (Address: 0x180028b80)
  • ObjectStublessClient3 (Address: 0x180028c00)
  • ObjectStublessClient6 (Address: 0x180028be8)
  • ObjectStublessClient7 (Address: 0x180028b98)
  • ObjectStublessClient8 (Address: 0x180028bf0)
  • ObjectStublessClient9 (Address: 0x180028bf8)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x180028c18)
  • IsDebuggerPresent (Address: 0x180028c20)
  • OutputDebugStringW (Address: 0x180028c28)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x180028c38)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x180028c48)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x180028c58)
  • RaiseException (Address: 0x180028c70)
  • SetLastError (Address: 0x180028c78)
  • SetUnhandledExceptionFilter (Address: 0x180028c68)
  • UnhandledExceptionFilter (Address: 0x180028c60)
api-ms-win-core-errorhandling-l1-1-2.dll
  • RaiseFailFastException (Address: 0x180028c88)
api-ms-win-core-file-l1-1-0.dll
  • GetDiskFreeSpaceExW (Address: 0x180028c98)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x180028ca8)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x180028cc0)
  • HeapAlloc (Address: 0x180028cc8)
  • HeapFree (Address: 0x180028cb8)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x180028cd8)
  • LocalFree (Address: 0x180028ce0)
api-ms-win-core-interlocked-l1-1-0.dll
  • InitializeSListHead (Address: 0x180028cf0)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
  • MoveFileW (Address: 0x180028d00)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x180028d28)
  • GetModuleFileNameA (Address: 0x180028d10)
  • GetModuleHandleExW (Address: 0x180028d18)
  • GetModuleHandleW (Address: 0x180028d30)
  • GetProcAddress (Address: 0x180028d20)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x180028d40)
api-ms-win-core-processenvironment-l1-1-0.dll
  • ExpandEnvironmentStringsW (Address: 0x180028d50)
api-ms-win-core-processthreads-l1-1-0.dll
  • CreateThread (Address: 0x180028d88)
  • GetCurrentProcess (Address: 0x180028d90)
  • GetCurrentProcessId (Address: 0x180028d78)
  • GetCurrentThread (Address: 0x180028d70)
  • GetCurrentThreadId (Address: 0x180028da0)
  • OpenProcessToken (Address: 0x180028d68)
  • OpenThread (Address: 0x180028d80)
  • OpenThreadToken (Address: 0x180028da8)
  • ProcessIdToSessionId (Address: 0x180028d98)
  • SuspendThread (Address: 0x180028db0)
  • TerminateProcess (Address: 0x180028d60)
api-ms-win-core-processthreads-l1-1-1.dll
  • GetThreadContext (Address: 0x180028dd0)
  • IsProcessorFeaturePresent (Address: 0x180028dc8)
  • OpenProcess (Address: 0x180028dc0)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x180028de0)
api-ms-win-core-psapi-l1-1-0.dll
  • K32GetPerformanceInfo (Address: 0x180028df0)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x180028e00)
  • RegEnumValueW (Address: 0x180028e10)
  • RegGetValueW (Address: 0x180028e18)
  • RegOpenKeyExW (Address: 0x180028e08)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x180028e38)
  • RtlLookupFunctionEntry (Address: 0x180028e30)
  • RtlVirtualUnwind (Address: 0x180028e28)
api-ms-win-core-shutdown-l1-1-0.dll
  • InitiateSystemShutdownExW (Address: 0x180028e48)
api-ms-win-core-string-l1-1-0.dll
  • CompareStringOrdinal (Address: 0x180028e60)
  • MultiByteToWideChar (Address: 0x180028e58)
api-ms-win-core-string-l2-1-1.dll
  • SHLoadIndirectString (Address: 0x180028e70)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x180028ee0)
  • AcquireSRWLockShared (Address: 0x180028f00)
  • CreateEventExW (Address: 0x180028e88)
  • CreateMutexExW (Address: 0x180028f08)
  • CreateSemaphoreExW (Address: 0x180028e98)
  • DeleteCriticalSection (Address: 0x180028ec0)
  • EnterCriticalSection (Address: 0x180028ea0)
  • InitializeCriticalSectionEx (Address: 0x180028eb8)
  • InitializeSRWLock (Address: 0x180028ee8)
  • LeaveCriticalSection (Address: 0x180028eb0)
  • OpenSemaphoreW (Address: 0x180028ef0)
  • ReleaseMutex (Address: 0x180028ed8)
  • ReleaseSemaphore (Address: 0x180028ea8)
  • ReleaseSRWLockExclusive (Address: 0x180028ec8)
  • ReleaseSRWLockShared (Address: 0x180028ef8)
  • SetEvent (Address: 0x180028e80)
  • WaitForSingleObject (Address: 0x180028ed0)
  • WaitForSingleObjectEx (Address: 0x180028e90)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceBeginInitialize (Address: 0x180028f20)
  • InitOnceComplete (Address: 0x180028f28)
  • InitOnceExecuteOnce (Address: 0x180028f18)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x180028f38)
api-ms-win-core-threadpool-l1-2-0.dll
  • CloseThreadpoolTimer (Address: 0x180028f58)
  • CreateThreadpoolTimer (Address: 0x180028f60)
  • SetThreadpoolTimer (Address: 0x180028f48)
  • WaitForThreadpoolTimerCallbacks (Address: 0x180028f50)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x180028f70)
  • EncodePointer (Address: 0x180028f78)
api-ms-win-core-winrt-error-l1-1-0.dll
  • GetRestrictedErrorInfo (Address: 0x180028f98)
  • RoOriginateError (Address: 0x180028fa0)
  • RoOriginateErrorW (Address: 0x180028f88)
  • RoTransformError (Address: 0x180028fa8)
  • SetRestrictedErrorInfo (Address: 0x180028f90)
api-ms-win-core-winrt-error-l1-1-1.dll
  • RoOriginateLanguageException (Address: 0x180028fb8)
api-ms-win-core-winrt-l1-1-0.dll
  • RoActivateInstance (Address: 0x180028fc8)
  • RoGetActivationFactory (Address: 0x180028fd0)
api-ms-win-core-winrt-propertysetprivate-l1-1-1.dll
  • RoCreatePropertySetSerializer (Address: 0x180028fe0)
api-ms-win-core-winrt-robuffer-l1-1-0.dll
  • RoGetBufferMarshaler (Address: 0x180028ff0)
api-ms-win-core-winrt-string-l1-1-0.dll
  • HSTRING_UserFree (Address: 0x180029010)
  • HSTRING_UserFree64 (Address: 0x180029020)
  • HSTRING_UserMarshal (Address: 0x180029028)
  • HSTRING_UserMarshal64 (Address: 0x180029008)
  • HSTRING_UserSize (Address: 0x180029030)
  • HSTRING_UserSize64 (Address: 0x180029018)
  • HSTRING_UserUnmarshal (Address: 0x180029088)
  • HSTRING_UserUnmarshal64 (Address: 0x180029000)
  • WindowsCreateString (Address: 0x180029040)
  • WindowsCreateStringReference (Address: 0x180029048)
  • WindowsDeleteString (Address: 0x180029050)
  • WindowsDeleteStringBuffer (Address: 0x180029060)
  • WindowsDuplicateString (Address: 0x180029038)
  • WindowsGetStringRawBuffer (Address: 0x180029068)
  • WindowsIsStringEmpty (Address: 0x180029078)
  • WindowsPreallocateStringBuffer (Address: 0x180029080)
  • WindowsPromoteStringBuffer (Address: 0x180029058)
  • WindowsStringHasEmbeddedNull (Address: 0x180029070)
api-ms-win-crt-private-l1-1-0.dll
  • __C_specific_handler (Address: 0x180029100)
  • __CxxFrameHandler3 (Address: 0x180029108)
  • __CxxFrameHandler4 (Address: 0x180029180)
  • __std_terminate (Address: 0x180029170)
  • _CxxThrowException (Address: 0x180029110)
  • _o___std_exception_copy (Address: 0x180029160)
  • _o___std_exception_destroy (Address: 0x180029158)
  • _o___std_type_info_destroy_list (Address: 0x180029150)
  • _o___stdio_common_vsnprintf_s (Address: 0x180029148)
  • _o___stdio_common_vswprintf (Address: 0x180029140)
  • _o__callnewh (Address: 0x180029120)
  • _o__cexit (Address: 0x180029118)
  • _o__configure_narrow_argv (Address: 0x180029178)
  • _o__crt_atexit (Address: 0x180029168)
  • _o__errno (Address: 0x180029138)
  • _o__execute_onexit_table (Address: 0x180029130)
  • _o__initialize_narrow_environment (Address: 0x180029098)
  • _o__initialize_onexit_table (Address: 0x1800290a0)
  • _o__invalid_parameter_noinfo (Address: 0x1800290a8)
  • _o__invalid_parameter_noinfo_noreturn (Address: 0x1800290b0)
  • _o__purecall (Address: 0x1800290b8)
  • _o__register_onexit_function (Address: 0x1800290c0)
  • _o__seh_filter_dll (Address: 0x1800290c8)
  • _o__wcstoui64 (Address: 0x1800290d8)
  • _o_free (Address: 0x1800290e0)
  • _o_iswspace (Address: 0x1800290e8)
  • _o_malloc (Address: 0x1800290f0)
  • _o_realloc (Address: 0x1800290f8)
  • memcmp (Address: 0x180029188)
  • memcpy (Address: 0x180029190)
  • memmove (Address: 0x1800290d0)
  • wcsrchr (Address: 0x180029128)
api-ms-win-crt-runtime-l1-1-0.dll
  • _initterm (Address: 0x1800291a8)
  • _initterm_e (Address: 0x1800291a0)
api-ms-win-crt-string-l1-1-0.dll
  • memset (Address: 0x1800291c0)
  • wcsspn (Address: 0x1800291b8)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventRegister (Address: 0x1800291d0)
  • EventSetInformation (Address: 0x1800291d8)
  • EventUnregister (Address: 0x1800291e8)
  • EventWriteTransfer (Address: 0x1800291e0)
api-ms-win-ntuser-sysparams-l1-1-0.dll
  • GetSystemMetrics (Address: 0x180029200)
  • SystemParametersInfoW (Address: 0x1800291f8)
api-ms-win-power-setting-l1-1-0.dll
  • PowerGetActiveScheme (Address: 0x180029220)
  • PowerSetActiveScheme (Address: 0x180029210)
  • PowerWriteACValueIndex (Address: 0x180029228)
  • PowerWriteDCValueIndex (Address: 0x180029218)
api-ms-win-security-base-l1-1-0.dll
  • AdjustTokenPrivileges (Address: 0x180029270)
  • AllocateAndInitializeSid (Address: 0x180029250)
  • CopySid (Address: 0x180029268)
  • EqualSid (Address: 0x180029248)
  • GetAce (Address: 0x180029240)
  • GetLengthSid (Address: 0x180029238)
  • GetTokenInformation (Address: 0x180029260)
  • IsValidSid (Address: 0x180029258)
api-ms-win-security-lsalookup-l2-1-0.dll
  • LookupAccountNameW (Address: 0x180029280)
  • LookupPrivilegeValueW (Address: 0x180029288)
api-ms-win-security-provider-l1-1-0.dll
  • GetNamedSecurityInfoW (Address: 0x1800292a8)
  • SetEntriesInAclW (Address: 0x1800292a0)
  • SetNamedSecurityInfoW (Address: 0x180029298)
api-ms-win-security-sddl-l1-1-0.dll
  • ConvertSidToStringSidW (Address: 0x1800292b8)
  • ConvertStringSidToSidW (Address: 0x1800292c0)
CoreMessaging.dll
  • CoreUICreate (Address: 0x1800289d8)
  • MsgBufferShare (Address: 0x1800289c8)
  • MsgRelease (Address: 0x1800289d0)
CoreUIComponents.dll
  • CoreUIFactoryCreate (Address: 0x1800289e8)
msvcp_win.dll
  • ?_Xbad_function_call@std@@YAXXZ (Address: 0x1800292d0)
  • ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x1800292d8)
OLEAUT32.dll
  • SysFreeString (Address: 0x180028a00)
  • SysStringLen (Address: 0x1800289f8)
POWRPROF.dll
  • PowerReadACValueIndex (Address: 0x180028a10)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x180028ab0)
  • CStdStubBuffer_Connect (Address: 0x180028a38)
  • CStdStubBuffer_CountRefs (Address: 0x180028a60)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x180028a88)
  • CStdStubBuffer_DebugServerRelease (Address: 0x180028ab8)
  • CStdStubBuffer_Disconnect (Address: 0x180028a50)
  • CStdStubBuffer_Invoke (Address: 0x180028a70)
  • CStdStubBuffer_IsIIDSupported (Address: 0x180028a90)
  • CStdStubBuffer_QueryInterface (Address: 0x180028a58)
  • IUnknown_AddRef_Proxy (Address: 0x180028a80)
  • IUnknown_QueryInterface_Proxy (Address: 0x180028aa0)
  • IUnknown_Release_Proxy (Address: 0x180028ac8)
  • NdrCStdStubBuffer_Release (Address: 0x180028a20)
  • NdrCStdStubBuffer2_Release (Address: 0x180028a68)
  • NdrDllCanUnloadNow (Address: 0x180028a40)
  • NdrDllGetClassObject (Address: 0x180028a48)
  • NdrDllRegisterProxy (Address: 0x180028a28)
  • NdrDllUnregisterProxy (Address: 0x180028a30)
  • NdrOleAllocate (Address: 0x180028ac0)
  • NdrOleFree (Address: 0x180028aa8)
  • NdrStubCall3 (Address: 0x180028a98)
  • NdrStubForwardingFunction (Address: 0x180028a78)