uireng.dll

Description: UI Recording Engine Library

Version: 10.0.19041.4597

Architecture: 64-bit

Operating System: Windows NT

SHA256: d29f44b0fbbd04badc16d1b2099d35df

File Size: 284.0 KB

Uploaded At: Dec. 1, 2025, 7:41 a.m.

Views: 3

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

UirGetScreenComment (Ordinal: 1, Address: 0xce40)
UirInitializeEngine (Ordinal: 2, Address: 0xc8a0)
UirIsRecordingActive (Ordinal: 3, Address: 0xced0)
UirOutCreateOutputFile (Ordinal: 4, Address: 0xcf80)
UirPauseRecordingSession (Ordinal: 5, Address: 0xcbf0)
UirResumeRecordingSession (Ordinal: 6, Address: 0xcc80)
UirStartRecordingSession (Ordinal: 7, Address: 0xca50)
UirStopRecordingSession (Ordinal: 8, Address: 0xcb40)
UirUninitializeEngine (Ordinal: 9, Address: 0xc9a0)
UirUpdateRecordingSession (Ordinal: 10, Address: 0xcd10)

Imported DLLs & Functions

ADVAPI32.dll

CloseTrace (Address: 0x1800284f8)
ControlTraceW (Address: 0x1800284d0)
ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x180028500)
EnableTrace (Address: 0x1800284b8)
EnableTraceEx (Address: 0x1800284c8)
EventRegister (Address: 0x1800284a0)
EventUnregister (Address: 0x1800284a8)
EventWriteString (Address: 0x1800284e0)
FlushTraceW (Address: 0x1800284c0)
GetTraceEnableFlags (Address: 0x180028518)
GetTraceEnableLevel (Address: 0x180028520)
GetTraceLoggerHandle (Address: 0x180028528)
OpenTraceW (Address: 0x1800284e8)
ProcessTrace (Address: 0x1800284f0)
RegCloseKey (Address: 0x180028498)
RegisterTraceGuidsW (Address: 0x180028510)
RegOpenKeyExW (Address: 0x180028490)
RegOpenKeyW (Address: 0x1800284d8)
RegQueryValueExW (Address: 0x180028488)
StartTraceW (Address: 0x1800284b0)
TraceMessage (Address: 0x180028530)
UnregisterTraceGuids (Address: 0x180028508)

AEPIC.dll

PicFreeFileInfo (Address: 0x180028540)
PicRetrieveFileInfo (Address: 0x180028548)

GDI32.dll

BitBlt (Address: 0x1800285f0)
CreateCompatibleBitmap (Address: 0x1800285e8)
CreateCompatibleDC (Address: 0x180028578)
CreateDCW (Address: 0x180028558)
CreatePen (Address: 0x180028588)
CreateSolidBrush (Address: 0x180028568)
DeleteDC (Address: 0x1800285d8)
DeleteObject (Address: 0x180028580)
Ellipse (Address: 0x1800285d0)
ExcludeClipRect (Address: 0x180028570)
ExtCreatePen (Address: 0x1800285a8)
GetCurrentObject (Address: 0x1800285e0)
GetObjectW (Address: 0x180028560)
GetStockObject (Address: 0x180028598)
LineTo (Address: 0x1800285b8)
MoveToEx (Address: 0x1800285b0)
PolyBezier (Address: 0x1800285c0)
Rectangle (Address: 0x1800285a0)
SelectObject (Address: 0x180028590)
SetDCBrushColor (Address: 0x1800285c8)
StretchBlt (Address: 0x1800285f8)

gdiplus.dll

GdipAlloc (Address: 0x180028d38)
GdipCloneImage (Address: 0x180028d48)
GdipCreateBitmapFromHBITMAP (Address: 0x180028d40)
GdipDisposeImage (Address: 0x180028d08)
GdipFree (Address: 0x180028d10)
GdipGetImageEncoders (Address: 0x180028d00)
GdipGetImageEncodersSize (Address: 0x180028d18)
GdiplusShutdown (Address: 0x180028d28)
GdiplusStartup (Address: 0x180028d20)
GdipSaveImageToFile (Address: 0x180028d30)

HID.DLL

HidP_GetCaps (Address: 0x180028618)
HidP_GetLinkCollectionNodes (Address: 0x180028610)
HidP_GetUsages (Address: 0x180028628)
HidP_GetUsageValue (Address: 0x180028620)
HidP_GetValueCaps (Address: 0x180028608)

KERNEL32.dll

CloseHandle (Address: 0x1800286b8)
CreateDirectoryW (Address: 0x180028898)
CreateEventW (Address: 0x1800288f8)
CreateFileMappingW (Address: 0x180028858)
CreateFileW (Address: 0x1800287a0)
CreateMutexExW (Address: 0x1800286d0)
CreateSemaphoreExW (Address: 0x180028650)
CreateThread (Address: 0x180028778)
DebugBreak (Address: 0x1800286f0)
DeleteCriticalSection (Address: 0x180028930)
DeleteFileW (Address: 0x180028830)
DuplicateHandle (Address: 0x1800288d0)
EnterCriticalSection (Address: 0x180028708)
ExitProcess (Address: 0x180028720)
ExpandEnvironmentStringsW (Address: 0x180028768)
FileTimeToSystemTime (Address: 0x180028770)
FindClose (Address: 0x1800287f0)
FindFirstFileW (Address: 0x1800287f8)
FindNextFileW (Address: 0x180028808)
FindResourceW (Address: 0x180028840)
FormatMessageW (Address: 0x180028690)
FreeLibrary (Address: 0x1800288a0)
GetCurrentProcess (Address: 0x1800287d0)
GetCurrentProcessId (Address: 0x1800286d8)
GetCurrentThread (Address: 0x1800288e8)
GetCurrentThreadId (Address: 0x180028680)
GetDateFormatW (Address: 0x180028870)
GetDriveTypeW (Address: 0x180028810)
GetFileAttributesW (Address: 0x180028758)
GetFileSize (Address: 0x180028848)
GetLastError (Address: 0x180028698)
GetLongPathNameW (Address: 0x180028890)
GetModuleFileNameA (Address: 0x180028648)
GetModuleHandleExW (Address: 0x180028670)
GetModuleHandleW (Address: 0x1800286e8)
GetProcAddress (Address: 0x1800286c8)
GetProcessHeap (Address: 0x1800286e0)
GetProductInfo (Address: 0x180028638)
GetSystemDirectoryW (Address: 0x1800288c0)
GetSystemTimeAsFileTime (Address: 0x180028740)
GetThreadPriority (Address: 0x1800288e0)
GetTickCount (Address: 0x180028718)
GetTimeFormatW (Address: 0x180028878)
GetVersionExW (Address: 0x180028640)
GetWindowsDirectoryW (Address: 0x1800288a8)
HeapAlloc (Address: 0x1800286c0)
HeapFree (Address: 0x180028658)
HeapReAlloc (Address: 0x180028928)
InitializeConditionVariable (Address: 0x180028900)
InitializeCriticalSection (Address: 0x180028700)
IsDebuggerPresent (Address: 0x1800286f8)
K32GetModuleFileNameExW (Address: 0x180028730)
LeaveCriticalSection (Address: 0x180028710)
LoadLibraryExW (Address: 0x180028800)
LoadLibraryW (Address: 0x1800288b0)
LoadResource (Address: 0x180028838)
LocalFree (Address: 0x180028738)
LockResource (Address: 0x180028828)
MapViewOfFile (Address: 0x180028860)
MoveFileExW (Address: 0x180028798)
MultiByteToWideChar (Address: 0x180028820)
OpenProcess (Address: 0x180028728)
OpenSemaphoreW (Address: 0x1800286b0)
OutputDebugStringW (Address: 0x1800286a0)
QueryFullProcessImageNameW (Address: 0x180028750)
QueryPerformanceCounter (Address: 0x1800287e0)
ReadFile (Address: 0x180028888)
ReadProcessMemory (Address: 0x180028748)
RegisterWaitForSingleObject (Address: 0x180028790)
ReleaseMutex (Address: 0x180028688)
ReleaseSemaphore (Address: 0x180028668)
RemoveDirectoryW (Address: 0x180028760)
ResetEvent (Address: 0x1800288d8)
ResumeThread (Address: 0x1800288b8)
RtlCaptureContext (Address: 0x1800287a8)
RtlLookupFunctionEntry (Address: 0x1800287b0)
RtlVirtualUnwind (Address: 0x1800287b8)
SearchPathW (Address: 0x1800288c8)
SetEvent (Address: 0x1800288f0)
SetLastError (Address: 0x180028660)
SetThreadPriority (Address: 0x180028908)
SetUnhandledExceptionFilter (Address: 0x1800287c8)
SizeofResource (Address: 0x180028880)
Sleep (Address: 0x180028780)
SleepConditionVariableCS (Address: 0x180028920)
SystemTimeToTzSpecificLocalTime (Address: 0x180028868)
TerminateProcess (Address: 0x1800287d8)
UnhandledExceptionFilter (Address: 0x1800287c0)
UnmapViewOfFile (Address: 0x180028818)
UnregisterWait (Address: 0x180028788)
WaitForMultipleObjects (Address: 0x180028938)
WaitForSingleObject (Address: 0x180028678)
WaitForSingleObjectEx (Address: 0x1800286a8)
WakeAllConditionVariable (Address: 0x180028918)
WakeConditionVariable (Address: 0x180028910)
WideCharToMultiByte (Address: 0x180028850)
WriteFile (Address: 0x1800287e8)

msdrm.dll

DRMIsWindowProtected (Address: 0x180028d58)

MSIMG32.dll

AlphaBlend (Address: 0x180028948)

msvcrt.dll

__C_specific_handler (Address: 0x180028e18)
__CxxFrameHandler3 (Address: 0x180028dd8)
__dllonexit (Address: 0x180028df8)
_amsg_exit (Address: 0x180028e28)
_callnewh (Address: 0x180028e38)
_CxxThrowException (Address: 0x180028d78)
_initterm (Address: 0x180028e20)
_itow_s (Address: 0x180028dc8)
_lock (Address: 0x180028e08)
_onexit (Address: 0x180028df0)
_purecall (Address: 0x180028e50)
_snwscanf_s (Address: 0x180028e98)
_unlock (Address: 0x180028e00)
_vscwprintf (Address: 0x180028ea0)
_vsnprintf (Address: 0x180028e58)
_vsnprintf_s (Address: 0x180028e68)
_vsnwprintf (Address: 0x180028e90)
_wcsicmp (Address: 0x180028e60)
_wcsnicmp (Address: 0x180028d98)
_wcstoui64 (Address: 0x180028dc0)
_wcsupr (Address: 0x180028da8)
_wtoi (Address: 0x180028d80)
_XcptFilter (Address: 0x180028e30)
??0exception@@QEAA@AEBV0@@Z (Address: 0x180028e70)
??0exception@@QEAA@XZ (Address: 0x180028e78)
??1exception@@UEAA@XZ (Address: 0x180028e80)
??1type_info@@UEAA@XZ (Address: 0x180028de8)
?terminate@@YAXXZ (Address: 0x180028e10)
free (Address: 0x180028e48)
malloc (Address: 0x180028e40)
memcpy (Address: 0x180028d68)
memcpy_s (Address: 0x180028e88)
memmove (Address: 0x180028d70)
memset (Address: 0x180028de0)
wcschr (Address: 0x180028d88)
wcscmp (Address: 0x180028ea8)
wcscpy_s (Address: 0x180028dd0)
wcsrchr (Address: 0x180028da0)
wcsstr (Address: 0x180028db0)
wcstol (Address: 0x180028d90)
wcstoul (Address: 0x180028db8)

ntdll.dll

NtApphelpCacheControl (Address: 0x180028ed8)
NtClose (Address: 0x180028ee8)
NtQueryInformationProcess (Address: 0x180028f08)
NtQueryValueKey (Address: 0x180028ee0)
RtlAllocateHeap (Address: 0x180028ef8)
RtlAppendUnicodeStringToString (Address: 0x180028f20)
RtlAppendUnicodeToString (Address: 0x180028f28)
RtlDosPathNameToNtPathName_U_WithStatus (Address: 0x180028ec0)
RtlFormatCurrentUserKeyPath (Address: 0x180028f30)
RtlFreeHeap (Address: 0x180028ef0)
RtlFreeUnicodeString (Address: 0x180028eb8)
RtlGetFullPathName_UEx (Address: 0x180028ec8)
RtlInitUnicodeString (Address: 0x180028ed0)
RtlInitUnicodeStringEx (Address: 0x180028f00)
ZwClose (Address: 0x180028f10)
ZwCreateFile (Address: 0x180028f38)
ZwOpenKey (Address: 0x180028f18)

ole32.dll

CLSIDFromString (Address: 0x180028f78)
CoCreateGuid (Address: 0x180028f70)
CoCreateInstance (Address: 0x180028f48)
CoInitialize (Address: 0x180028f60)
CoInitializeEx (Address: 0x180028f58)
CoUninitialize (Address: 0x180028f68)
StringFromGUID2 (Address: 0x180028f50)

OLEACC.dll

GetRoleTextW (Address: 0x180028958)

OLEAUT32.dll

SysAllocString (Address: 0x180028978)
SysFreeString (Address: 0x180028968)
SysStringLen (Address: 0x180028970)
VariantClear (Address: 0x180028988)
VariantInit (Address: 0x180028980)

RPCRT4.dll

NdrServerCall2 (Address: 0x1800289b8)
NdrServerCallAll (Address: 0x180028998)
RpcServerListen (Address: 0x1800289b0)
RpcServerRegisterIf2 (Address: 0x1800289a8)
RpcServerUseProtseqEpW (Address: 0x1800289a0)

SHELL32.dll

CommandLineToArgvW (Address: 0x1800289c8)
ShellExecuteW (Address: 0x1800289d0)
SHFileOperationW (Address: 0x1800289d8)

SHLWAPI.dll

PathCombineW (Address: 0x1800289e8)
PathFindFileNameW (Address: 0x1800289f0)
PathRemoveBlanksW (Address: 0x180028a00)
PathRemoveExtensionW (Address: 0x180028a08)
SHCreateStreamOnFileEx (Address: 0x1800289f8)

USER32.dll

BeginPaint (Address: 0x180028a68)
CallNextHookEx (Address: 0x180028a18)
ClientToScreen (Address: 0x180028c20)
CloseDesktop (Address: 0x180028c30)
CopyImage (Address: 0x180028bb0)
CreateDesktopW (Address: 0x180028c18)
CreateDialogParamW (Address: 0x180028c58)
CreateWindowExW (Address: 0x180028a48)
DefWindowProcW (Address: 0x180028a50)
DestroyWindow (Address: 0x180028a30)
DispatchMessageW (Address: 0x180028ab8)
DrawIcon (Address: 0x180028b08)
EnableWindow (Address: 0x180028bc8)
EndPaint (Address: 0x180028a60)
EnumWindows (Address: 0x180028cb8)
FillRect (Address: 0x180028ba0)
FindWindowExW (Address: 0x180028c80)
FindWindowW (Address: 0x180028c00)
GetAsyncKeyState (Address: 0x180028b70)
GetClassNameW (Address: 0x180028b28)
GetClientRect (Address: 0x180028a70)
GetCursorInfo (Address: 0x180028ae8)
GetCursorPos (Address: 0x180028c68)
GetDC (Address: 0x180028af8)
GetDesktopWindow (Address: 0x180028b00)
GetDlgItem (Address: 0x180028be0)
GetDoubleClickTime (Address: 0x180028b88)
GetGUIThreadInfo (Address: 0x180028ae0)
GetIconInfo (Address: 0x180028b10)
GetKeyNameTextW (Address: 0x180028b50)
GetKeyState (Address: 0x180028b48)
GetMessageW (Address: 0x180028ac8)
GetParent (Address: 0x180028b38)
GetPointerDevices (Address: 0x180028a28)
GetProcessDefaultLayout (Address: 0x180028bf8)
GetRawInputData (Address: 0x180028a58)
GetRawInputDeviceInfoW (Address: 0x180028a20)
GetSystemMetrics (Address: 0x180028b80)
GetThreadDesktop (Address: 0x180028c38)
GetWindowInfo (Address: 0x180028b60)
GetWindowLongPtrW (Address: 0x180028b40)
GetWindowLongW (Address: 0x180028c98)
GetWindowRect (Address: 0x180028b20)
GetWindowTextLengthW (Address: 0x180028c60)
GetWindowTextW (Address: 0x180028bc0)
GetWindowThreadProcessId (Address: 0x180028ad8)
InternalGetWindowText (Address: 0x180028b30)
InvalidateRect (Address: 0x180028c70)
IsDialogMessageW (Address: 0x180028c28)
IsHungAppWindow (Address: 0x180028b90)
IsRectEmpty (Address: 0x180028c10)
LoadCursorW (Address: 0x180028b18)
LoadIconW (Address: 0x180028c08)
LoadImageW (Address: 0x180028b78)
MapVirtualKeyW (Address: 0x180028b58)
MsgWaitForMultipleObjectsEx (Address: 0x180028a80)
PeekMessageW (Address: 0x180028a88)
PhysicalToLogicalPointForPerMonitorDPI (Address: 0x180028cb0)
PostThreadMessageW (Address: 0x180028ab0)
PtInRect (Address: 0x180028b68)
RegisterClassExW (Address: 0x180028a40)
RegisterRawInputDevices (Address: 0x180028a38)
RegisterWindowMessageW (Address: 0x180028aa8)
ReleaseCapture (Address: 0x180028bd0)
ReleaseDC (Address: 0x180028af0)
SendMessageW (Address: 0x180028c48)
SetCapture (Address: 0x180028bf0)
SetLayeredWindowAttributes (Address: 0x180028a78)
SetProcessDefaultLayout (Address: 0x180028c50)
SetThreadDesktop (Address: 0x180028c40)
SetTimer (Address: 0x180028a90)
SetWindowLongPtrW (Address: 0x180028ba8)
SetWindowPos (Address: 0x180028bb8)
SetWindowsHookExW (Address: 0x180028cc0)
SetWinEventHook (Address: 0x180028c90)
ShowWindow (Address: 0x180028a98)
ShowWindowAsync (Address: 0x180028ca0)
SwitchDesktop (Address: 0x180028be8)
SystemParametersInfoW (Address: 0x180028bd8)
TranslateMessage (Address: 0x180028ac0)
UnhookWindowsHookEx (Address: 0x180028aa0)
UnhookWinEvent (Address: 0x180028ca8)
UnregisterClassW (Address: 0x180028b98)
UpdateWindow (Address: 0x180028c78)
WindowFromPhysicalPoint (Address: 0x180028c88)
WindowFromPoint (Address: 0x180028ad0)

VERSION.dll

GetFileVersionInfoSizeW (Address: 0x180028cd8)
GetFileVersionInfoW (Address: 0x180028cd0)
VerQueryValueW (Address: 0x180028ce0)

XmlLite.dll

CreateXmlWriter (Address: 0x180028cf0)