UserMgrProxy.dll
Description: UserMgrProxy
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6328
Architecture: 64-bit
Operating System: Windows NT
SHA256: c48cda65643ef02d83776707f3c02075
File Size: 316.0 KB
Uploaded At: Dec. 1, 2025, 7:41 a.m.
Views: 4
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0xc990)
- DllGetActivationFactory (Ordinal: 2, Address: 0x9ac0)
- DllGetClassObject (Ordinal: 3, Address: 0xc200)
Imported DLLs & Functions
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x180036958)
api-ms-win-core-com-l1-1-0.dll
- CoCopyProxy (Address: 0x180036990)
- CoCreateFreeThreadedMarshaler (Address: 0x1800369a0)
- CoCreateInstance (Address: 0x1800369b8)
- CoGetStandardMarshal (Address: 0x1800369b0)
- CoImpersonateClient (Address: 0x180036970)
- CoReleaseMarshalData (Address: 0x180036998)
- CoRevertToSelf (Address: 0x180036978)
- CoSetProxyBlanket (Address: 0x180036988)
- CoSwitchCallContext (Address: 0x1800369c0)
- CoTaskMemAlloc (Address: 0x180036968)
- CoTaskMemFree (Address: 0x1800369a8)
- CoWaitForMultipleHandles (Address: 0x180036980)
api-ms-win-core-com-l1-1-1.dll
- RoGetAgileReference (Address: 0x1800369d0)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
- CStdStubBuffer2_Connect (Address: 0x180036a18)
- CStdStubBuffer2_CountRefs (Address: 0x180036a50)
- CStdStubBuffer2_Disconnect (Address: 0x180036a30)
- CStdStubBuffer2_QueryInterface (Address: 0x180036a10)
- NdrProxyForwardingFunction3 (Address: 0x180036a08)
- NdrProxyForwardingFunction4 (Address: 0x180036a00)
- NdrProxyForwardingFunction5 (Address: 0x180036ac0)
- ObjectStublessClient10 (Address: 0x1800369f8)
- ObjectStublessClient11 (Address: 0x180036a58)
- ObjectStublessClient12 (Address: 0x180036a68)
- ObjectStublessClient13 (Address: 0x180036a20)
- ObjectStublessClient14 (Address: 0x180036a60)
- ObjectStublessClient15 (Address: 0x180036a78)
- ObjectStublessClient16 (Address: 0x180036a90)
- ObjectStublessClient17 (Address: 0x180036a88)
- ObjectStublessClient18 (Address: 0x180036a48)
- ObjectStublessClient19 (Address: 0x180036a80)
- ObjectStublessClient20 (Address: 0x180036a70)
- ObjectStublessClient21 (Address: 0x180036a98)
- ObjectStublessClient22 (Address: 0x180036a38)
- ObjectStublessClient23 (Address: 0x180036aa0)
- ObjectStublessClient24 (Address: 0x180036ab8)
- ObjectStublessClient25 (Address: 0x180036aa8)
- ObjectStublessClient26 (Address: 0x180036ab0)
- ObjectStublessClient3 (Address: 0x180036a40)
- ObjectStublessClient6 (Address: 0x1800369e8)
- ObjectStublessClient7 (Address: 0x180036a28)
- ObjectStublessClient8 (Address: 0x1800369e0)
- ObjectStublessClient9 (Address: 0x1800369f0)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x180036ad8)
- IsDebuggerPresent (Address: 0x180036ad0)
- OutputDebugStringW (Address: 0x180036ae0)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x180036af0)
- RaiseException (Address: 0x180036af8)
- SetLastError (Address: 0x180036b08)
- SetUnhandledExceptionFilter (Address: 0x180036b00)
- UnhandledExceptionFilter (Address: 0x180036b10)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x180036b20)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x180036b40)
- HeapAlloc (Address: 0x180036b38)
- HeapFree (Address: 0x180036b30)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x180036b60)
- LocalFree (Address: 0x180036b58)
- LocalReAlloc (Address: 0x180036b50)
api-ms-win-core-libraryloader-l1-2-0.dll
- FreeLibrary (Address: 0x180036b80)
- GetModuleFileNameA (Address: 0x180036b90)
- GetModuleHandleExW (Address: 0x180036b78)
- GetModuleHandleW (Address: 0x180036b70)
- GetProcAddress (Address: 0x180036b98)
- LoadLibraryExA (Address: 0x180036ba0)
- LoadLibraryExW (Address: 0x180036b88)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x180036bb0)
api-ms-win-core-memory-l1-1-0.dll
- VirtualProtect (Address: 0x180036bc8)
- VirtualQuery (Address: 0x180036bc0)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x180036bd8)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x180036bf8)
- GetCurrentProcessId (Address: 0x180036bf0)
- GetCurrentThread (Address: 0x180036c00)
- GetCurrentThreadId (Address: 0x180036be8)
- OpenProcessToken (Address: 0x180036c10)
- OpenThreadToken (Address: 0x180036c08)
- TerminateProcess (Address: 0x180036c18)
api-ms-win-core-processthreads-l1-1-1.dll
- OpenProcess (Address: 0x180036c28)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x180036c38)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x180036c50)
- RegGetValueW (Address: 0x180036c48)
api-ms-win-core-string-l1-1-0.dll
- CompareStringOrdinal (Address: 0x180036c60)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x180036cd8)
- AcquireSRWLockShared (Address: 0x180036ca0)
- CreateEventExW (Address: 0x180036cc0)
- CreateMutexExW (Address: 0x180036cf8)
- CreateSemaphoreExW (Address: 0x180036c80)
- DeleteCriticalSection (Address: 0x180036c78)
- EnterCriticalSection (Address: 0x180036c90)
- InitializeCriticalSectionEx (Address: 0x180036cf0)
- InitializeSRWLock (Address: 0x180036cd0)
- LeaveCriticalSection (Address: 0x180036ca8)
- OpenSemaphoreW (Address: 0x180036cb0)
- ReleaseMutex (Address: 0x180036cb8)
- ReleaseSemaphore (Address: 0x180036ce8)
- ReleaseSRWLockExclusive (Address: 0x180036c88)
- ReleaseSRWLockShared (Address: 0x180036ce0)
- SetEvent (Address: 0x180036c98)
- WaitForSingleObject (Address: 0x180036cc8)
- WaitForSingleObjectEx (Address: 0x180036c70)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceExecuteOnce (Address: 0x180036d08)
- Sleep (Address: 0x180036d10)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemInfo (Address: 0x180036d28)
- GetSystemTimeAsFileTime (Address: 0x180036d30)
- GetTickCount (Address: 0x180036d20)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x180036d40)
- CreateThreadpoolTimer (Address: 0x180036d48)
- SetThreadpoolTimer (Address: 0x180036d58)
- WaitForThreadpoolTimerCallbacks (Address: 0x180036d50)
api-ms-win-core-threadpool-legacy-l1-1-0.dll
- QueueUserWorkItem (Address: 0x180036d68)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x180036d80)
- EncodePointer (Address: 0x180036d78)
api-ms-win-core-winrt-error-l1-1-0.dll
- GetRestrictedErrorInfo (Address: 0x180036d98)
- RoOriginateError (Address: 0x180036da0)
- RoOriginateErrorW (Address: 0x180036da8)
- RoTransformError (Address: 0x180036db0)
- SetRestrictedErrorInfo (Address: 0x180036d90)
api-ms-win-core-winrt-error-l1-1-1.dll
- IsErrorPropagationEnabled (Address: 0x180036dc8)
- RoGetMatchingRestrictedErrorInfo (Address: 0x180036dd0)
- RoReportFailedDelegate (Address: 0x180036dc0)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x180036de8)
- RoGetActivationFactory (Address: 0x180036de0)
- RoInitialize (Address: 0x180036df0)
- RoUninitialize (Address: 0x180036df8)
api-ms-win-core-winrt-string-l1-1-0.dll
- HSTRING_UserFree (Address: 0x180036e08)
- HSTRING_UserFree64 (Address: 0x180036e10)
- HSTRING_UserMarshal (Address: 0x180036e38)
- HSTRING_UserMarshal64 (Address: 0x180036e28)
- HSTRING_UserSize (Address: 0x180036e48)
- HSTRING_UserSize64 (Address: 0x180036e40)
- HSTRING_UserUnmarshal (Address: 0x180036e30)
- HSTRING_UserUnmarshal64 (Address: 0x180036e50)
- WindowsCompareStringOrdinal (Address: 0x180036e78)
- WindowsCreateString (Address: 0x180036e70)
- WindowsCreateStringReference (Address: 0x180036e58)
- WindowsDeleteString (Address: 0x180036e20)
- WindowsDuplicateString (Address: 0x180036e60)
- WindowsGetStringRawBuffer (Address: 0x180036e18)
- WindowsIsStringEmpty (Address: 0x180036e68)
- WindowsStringHasEmbeddedNull (Address: 0x180036e80)
api-ms-win-security-base-l1-1-0.dll
- CreateWellKnownSid (Address: 0x180036ea8)
- EqualSid (Address: 0x180036ea0)
- GetAce (Address: 0x180036e90)
- GetTokenInformation (Address: 0x180036e98)
api-ms-win-security-base-l1-2-0.dll
- CheckTokenMembershipEx (Address: 0x180036eb8)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertSidToStringSidW (Address: 0x180036ec8)
combase.dll
- (Address: 0x180036ed8)
msvcrt.dll
- __C_specific_handler (Address: 0x180036fb8)
- __CxxFrameHandler3 (Address: 0x180036fa0)
- __dllonexit (Address: 0x180036f90)
- _amsg_exit (Address: 0x180036ef8)
- _callnewh (Address: 0x180036ef0)
- _CxxThrowException (Address: 0x180036f08)
- _get_errno (Address: 0x180036f80)
- _initterm (Address: 0x180036fc0)
- _lock (Address: 0x180036fa8)
- _onexit (Address: 0x180036f58)
- _purecall (Address: 0x180036f10)
- _set_errno (Address: 0x180036f78)
- _unlock (Address: 0x180036f98)
- _vscwprintf (Address: 0x180036f88)
- _vsnprintf_s (Address: 0x180036f40)
- _vsnwprintf (Address: 0x180036fe8)
- _XcptFilter (Address: 0x180036f60)
- ??0exception@@QEAA@AEBQEBD@Z (Address: 0x180036ee8)
- ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x180036f20)
- ??0exception@@QEAA@AEBV0@@Z (Address: 0x180036f50)
- ??0exception@@QEAA@XZ (Address: 0x180036f28)
- ??1exception@@UEAA@XZ (Address: 0x180036f38)
- ??1type_info@@UEAA@XZ (Address: 0x180036f48)
- ??3@YAXPEAX@Z (Address: 0x180036fb0)
- ?terminate@@YAXXZ (Address: 0x180036ff0)
- ?what@exception@@UEBAPEBDXZ (Address: 0x180036f68)
- free (Address: 0x180036fd0)
- malloc (Address: 0x180036fc8)
- memcmp (Address: 0x180036f30)
- memcpy (Address: 0x180036f00)
- memcpy_s (Address: 0x180036fe0)
- memmove (Address: 0x180036fd8)
- memmove_s (Address: 0x180036f18)
- memset (Address: 0x180036ff8)
- wcschr (Address: 0x180036f70)
ntdll.dll
- NtQuerySecurityObject (Address: 0x180037028)
- NtSetSecurityObject (Address: 0x180037018)
- RtlAddAccessAllowedAce (Address: 0x180037080)
- RtlAddAce (Address: 0x180037048)
- RtlAllocateHeap (Address: 0x180037060)
- RtlCapabilityCheck (Address: 0x1800370a0)
- RtlCaptureContext (Address: 0x180037098)
- RtlCreateAcl (Address: 0x180037058)
- RtlCreateSecurityDescriptor (Address: 0x180037020)
- RtlFreeHeap (Address: 0x180037030)
- RtlGetAce (Address: 0x180037050)
- RtlGetDaclSecurityDescriptor (Address: 0x180037078)
- RtlInitUnicodeString (Address: 0x180037040)
- RtlIsMultiSessionSku (Address: 0x180037008)
- RtlLengthSid (Address: 0x180037068)
- RtlLookupFunctionEntry (Address: 0x180037090)
- RtlNtStatusToDosError (Address: 0x180037010)
- RtlQueryInformationAcl (Address: 0x180037070)
- RtlSetDaclSecurityDescriptor (Address: 0x180037038)
- RtlVirtualUnwind (Address: 0x180037088)
OLEAUT32.dll
- SysAllocString (Address: 0x180036860)
- SysFreeString (Address: 0x180036868)
- VariantClear (Address: 0x180036850)
- VariantInit (Address: 0x180036858)
RPCRT4.dll
- CStdStubBuffer_AddRef (Address: 0x1800368f0)
- CStdStubBuffer_Connect (Address: 0x1800368a8)
- CStdStubBuffer_CountRefs (Address: 0x1800368e0)
- CStdStubBuffer_DebugServerQueryInterface (Address: 0x180036900)
- CStdStubBuffer_DebugServerRelease (Address: 0x1800368d0)
- CStdStubBuffer_Disconnect (Address: 0x180036940)
- CStdStubBuffer_Invoke (Address: 0x180036918)
- CStdStubBuffer_IsIIDSupported (Address: 0x1800368b0)
- CStdStubBuffer_QueryInterface (Address: 0x1800368d8)
- I_RpcExceptionFilter (Address: 0x180036878)
- IUnknown_AddRef_Proxy (Address: 0x180036908)
- IUnknown_QueryInterface_Proxy (Address: 0x1800368c0)
- IUnknown_Release_Proxy (Address: 0x1800368e8)
- NdrClientCall3 (Address: 0x1800368c8)
- NdrCStdStubBuffer_Release (Address: 0x180036938)
- NdrCStdStubBuffer2_Release (Address: 0x180036920)
- NdrDllCanUnloadNow (Address: 0x180036930)
- NdrDllGetClassObject (Address: 0x180036928)
- NdrOleAllocate (Address: 0x180036948)
- NdrOleFree (Address: 0x1800368f8)
- NdrStubCall3 (Address: 0x1800368b8)
- NdrStubForwardingFunction (Address: 0x180036910)
- RpcBindingFree (Address: 0x180036880)
- RpcBindingFromStringBindingW (Address: 0x180036898)
- RpcBindingSetAuthInfoExW (Address: 0x180036888)
- RpcStringBindingComposeW (Address: 0x1800368a0)
- RpcStringFreeW (Address: 0x180036890)