wdc.dll

Description: Performance Monitor

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.1

Architecture: 64-bit

Operating System: Windows NT

SHA256: 3210f5298a80624394d845423fda0ac1

File Size: 722.5 KB

Uploaded At: Dec. 1, 2025, 7:42 a.m.

Views: 3

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • WdcParseLegacyFile (Ordinal: 1, Address: 0x71f30)
  • WdcRunTaskAsInteractiveUser (Ordinal: 2, Address: 0x72550)
  • DllCanUnloadNow (Ordinal: 3, Address: 0x25f40)
  • DllGetClassObject (Ordinal: 4, Address: 0x20f70)
  • DllRegisterServer (Ordinal: 5, Address: 0x26010)
  • DllUnregisterServer (Ordinal: 6, Address: 0x26010)

Imported DLLs & Functions

ADVAPI32.dll
  • AdjustTokenPrivileges (Address: 0x180086fa0)
  • AllocateAndInitializeSid (Address: 0x1800870a0)
  • CheckTokenMembership (Address: 0x180087098)
  • CloseServiceHandle (Address: 0x180087008)
  • CloseThreadWaitChainSession (Address: 0x180087040)
  • CloseTrace (Address: 0x180087078)
  • ControlService (Address: 0x180086ff8)
  • ConvertSecurityDescriptorToStringSecurityDescriptorW (Address: 0x1800870c0)
  • ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x180087080)
  • CreateWellKnownSid (Address: 0x1800870a8)
  • EnableTraceEx (Address: 0x180087050)
  • EnumServicesStatusExW (Address: 0x180086ff0)
  • EventRegister (Address: 0x180086fd8)
  • EventUnregister (Address: 0x180086fc8)
  • EventWriteTransfer (Address: 0x1800870b0)
  • FreeSid (Address: 0x180087090)
  • GetSecurityDescriptorDacl (Address: 0x1800870e0)
  • GetSecurityDescriptorGroup (Address: 0x180087100)
  • GetSecurityDescriptorOwner (Address: 0x1800870f0)
  • GetSecurityDescriptorSacl (Address: 0x1800870d0)
  • GetThreadWaitChain (Address: 0x180087030)
  • I_QueryTagInformation (Address: 0x180086fd0)
  • IsValidSid (Address: 0x180086fe0)
  • MakeAbsoluteSD (Address: 0x180087108)
  • MapGenericMask (Address: 0x1800870b8)
  • OpenProcessToken (Address: 0x180087088)
  • OpenSCManagerW (Address: 0x180087020)
  • OpenServiceW (Address: 0x180087018)
  • OpenThreadWaitChainSession (Address: 0x180087038)
  • OpenTraceW (Address: 0x180087060)
  • ProcessTrace (Address: 0x180087048)
  • QueryServiceConfigW (Address: 0x180086fe8)
  • QueryServiceStatus (Address: 0x180087010)
  • QueryTraceW (Address: 0x180087070)
  • RegCloseKey (Address: 0x180086fa8)
  • RegEnumValueW (Address: 0x180086fb8)
  • RegGetValueW (Address: 0x180087110)
  • RegisterWaitChainCOMCallback (Address: 0x180087028)
  • RegOpenKeyExW (Address: 0x180086fc0)
  • RegQueryValueExW (Address: 0x180086fb0)
  • SetSecurityDescriptorDacl (Address: 0x1800870d8)
  • SetSecurityDescriptorGroup (Address: 0x1800870f8)
  • SetSecurityDescriptorOwner (Address: 0x1800870e8)
  • SetSecurityDescriptorSacl (Address: 0x1800870c8)
  • StartServiceW (Address: 0x180087000)
  • StartTraceW (Address: 0x180087058)
  • StopTraceW (Address: 0x180087068)
api-ms-win-core-appcompat-l1-1-1.dll
  • BaseFreeAppCompatDataForProcess (Address: 0x180087b20)
  • BaseReadAppCompatDataForProcess (Address: 0x180087b18)
COMCTL32.dll
  • (Address: 0x180087120)
  • (Address: 0x180087128)
  • (Address: 0x180087130)
  • (Address: 0x180087138)
  • (Address: 0x180087140)
credui.dll
  • CredUIPromptForCredentialsW (Address: 0x180087b30)
DUser.dll
  • ForwardGadgetMessage (Address: 0x180087150)
GDI32.dll
  • BitBlt (Address: 0x180087160)
  • CreateCompatibleBitmap (Address: 0x180087188)
  • CreateCompatibleDC (Address: 0x180087190)
  • CreateDIBSection (Address: 0x1800871c8)
  • CreateFontIndirectW (Address: 0x1800871d8)
  • CreatePen (Address: 0x1800871b0)
  • CreateSolidBrush (Address: 0x180087180)
  • DeleteObject (Address: 0x1800871e8)
  • EndDoc (Address: 0x1800871b8)
  • EndPage (Address: 0x1800871c0)
  • GetDeviceCaps (Address: 0x1800871e0)
  • GetStockObject (Address: 0x1800871a0)
  • LineTo (Address: 0x180087178)
  • MoveToEx (Address: 0x1800871f0)
  • Polygon (Address: 0x180087168)
  • Polyline (Address: 0x180087198)
  • SelectObject (Address: 0x1800871a8)
  • SetROP2 (Address: 0x180087170)
  • StartDocW (Address: 0x1800871d0)
  • StartPage (Address: 0x1800871f8)
IPHLPAPI.DLL
  • GetAdaptersAddresses (Address: 0x180087228)
  • GetExtendedTcpTable (Address: 0x180087218)
  • GetExtendedUdpTable (Address: 0x180087220)
  • GetIfEntry2 (Address: 0x180087238)
  • GetPerTcp6ConnectionEStats (Address: 0x180087210)
  • GetPerTcpConnectionEStats (Address: 0x180087208)
  • NhGetInterfaceNameFromDeviceGuid (Address: 0x180087230)
  • SetPerTcp6ConnectionEStats (Address: 0x180087240)
  • SetPerTcpConnectionEStats (Address: 0x180087248)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x180087278)
  • ActivateActCtx (Address: 0x180087458)
  • CancelSynchronousIo (Address: 0x1800874a0)
  • CloseHandle (Address: 0x180087440)
  • CreateActCtxW (Address: 0x180087470)
  • CreateEventW (Address: 0x1800874f8)
  • CreateFileMappingW (Address: 0x180087378)
  • CreateFileW (Address: 0x1800874c8)
  • CreateMutexW (Address: 0x180087398)
  • CreateThread (Address: 0x180087430)
  • DeactivateActCtx (Address: 0x180087450)
  • DebugBreak (Address: 0x1800873b0)
  • DelayLoadFailureHook (Address: 0x180087400)
  • DeleteCriticalSection (Address: 0x180087420)
  • DeleteFileW (Address: 0x180087528)
  • DeviceIoControl (Address: 0x1800872f0)
  • DuplicateHandle (Address: 0x1800873f0)
  • EnterCriticalSection (Address: 0x1800874d8)
  • ExpandEnvironmentStringsW (Address: 0x180087578)
  • FileTimeToLocalFileTime (Address: 0x180087530)
  • FileTimeToSystemTime (Address: 0x180087538)
  • FindActCtxSectionStringW (Address: 0x180087468)
  • FindClose (Address: 0x1800875f8)
  • FindFirstFileW (Address: 0x1800875e8)
  • FindNextFileW (Address: 0x1800875f0)
  • FindResourceExW (Address: 0x1800872e8)
  • FindResourceW (Address: 0x1800875c0)
  • FormatMessageW (Address: 0x1800875b0)
  • FreeLibrary (Address: 0x180087560)
  • FreeResource (Address: 0x1800875e0)
  • GetActiveProcessorGroupCount (Address: 0x180087308)
  • GetCommandLineW (Address: 0x180087550)
  • GetComputerNameW (Address: 0x180087570)
  • GetCurrentProcess (Address: 0x180087620)
  • GetCurrentProcessId (Address: 0x180087630)
  • GetCurrentThread (Address: 0x1800873b8)
  • GetCurrentThreadId (Address: 0x180087510)
  • GetDateFormatW (Address: 0x180087540)
  • GetDiskFreeSpaceExW (Address: 0x1800872a0)
  • GetErrorMode (Address: 0x1800873d8)
  • GetFileAttributesW (Address: 0x180087520)
  • GetFileSize (Address: 0x180087618)
  • GetLastError (Address: 0x180087438)
  • GetLocaleInfoW (Address: 0x180087518)
  • GetLocalTime (Address: 0x180087568)
  • GetLogicalDriveStringsW (Address: 0x180087298)
  • GetModuleFileNameW (Address: 0x180087478)
  • GetModuleHandleExW (Address: 0x180087480)
  • GetModuleHandleW (Address: 0x1800872e0)
  • GetNumberFormatW (Address: 0x1800873c8)
  • GetPhysicallyInstalledSystemMemory (Address: 0x1800872a8)
  • GetProcAddress (Address: 0x180087498)
  • GetProcessHeap (Address: 0x180087598)
  • GetProcessorSystemCycleTime (Address: 0x180087300)
  • GetProcessTimes (Address: 0x180087328)
  • GetSystemTimeAsFileTime (Address: 0x1800873e8)
  • GetSystemWindowsDirectoryW (Address: 0x180087370)
  • GetTempFileNameW (Address: 0x180087608)
  • GetTempPathW (Address: 0x180087600)
  • GetTickCount (Address: 0x180087260)
  • GetTimeFormatW (Address: 0x180087548)
  • GetVersionExW (Address: 0x1800872f8)
  • GlobalAlloc (Address: 0x1800874a8)
  • GlobalFree (Address: 0x1800874c0)
  • GlobalLock (Address: 0x1800874b0)
  • GlobalUnlock (Address: 0x1800874b8)
  • HeapAlloc (Address: 0x180087590)
  • HeapFree (Address: 0x1800875a0)
  • HeapReAlloc (Address: 0x1800875b8)
  • HeapSetInformation (Address: 0x180087410)
  • HeapSize (Address: 0x180087258)
  • InitializeCriticalSection (Address: 0x180087610)
  • IsWow64Process (Address: 0x1800872d8)
  • K32EnumDeviceDrivers (Address: 0x180087368)
  • K32EnumProcessModulesEx (Address: 0x180087360)
  • K32GetDeviceDriverBaseNameW (Address: 0x180087358)
  • K32GetDeviceDriverFileNameW (Address: 0x180087350)
  • K32GetModuleBaseNameW (Address: 0x180087348)
  • K32GetModuleFileNameExW (Address: 0x1800872d0)
  • LeaveCriticalSection (Address: 0x1800874f0)
  • LoadLibraryW (Address: 0x180087460)
  • LoadResource (Address: 0x1800875c8)
  • LocalAlloc (Address: 0x180087588)
  • LocalFree (Address: 0x180087558)
  • LockResource (Address: 0x1800875d0)
  • lstrlenW (Address: 0x180087318)
  • MapViewOfFile (Address: 0x180087340)
  • MulDiv (Address: 0x1800873d0)
  • OpenProcess (Address: 0x180087330)
  • OutputDebugStringA (Address: 0x180087490)
  • OutputDebugStringW (Address: 0x1800875a8)
  • ProcessIdToSessionId (Address: 0x180087628)
  • QueryActCtxW (Address: 0x180087488)
  • QueryDosDeviceW (Address: 0x180087290)
  • QueryFullProcessImageNameW (Address: 0x180087320)
  • QueryPerformanceCounter (Address: 0x1800873e0)
  • QueryPerformanceFrequency (Address: 0x180087408)
  • ReadFile (Address: 0x1800874d0)
  • ReadProcessMemory (Address: 0x180087288)
  • ReleaseMutex (Address: 0x180087390)
  • ReleaseSRWLockExclusive (Address: 0x180087270)
  • ResetEvent (Address: 0x180087500)
  • ResolveDelayLoadedAPI (Address: 0x1800872b0)
  • SetErrorMode (Address: 0x180087638)
  • SetEvent (Address: 0x1800874e0)
  • SetLastError (Address: 0x180087448)
  • SetProcessWorkingSetSize (Address: 0x180087380)
  • SetThreadPriority (Address: 0x1800873c0)
  • SetUnhandledExceptionFilter (Address: 0x1800872c8)
  • SizeofResource (Address: 0x1800875d8)
  • Sleep (Address: 0x180087268)
  • SleepConditionVariableSRW (Address: 0x1800872b8)
  • TerminateProcess (Address: 0x180087310)
  • TerminateThread (Address: 0x1800873f8)
  • TlsAlloc (Address: 0x180087418)
  • TlsFree (Address: 0x180087428)
  • TlsGetValue (Address: 0x1800873a0)
  • TlsSetValue (Address: 0x180087338)
  • TryEnterCriticalSection (Address: 0x1800873a8)
  • UnhandledExceptionFilter (Address: 0x1800872c0)
  • UnmapViewOfFile (Address: 0x180087388)
  • WaitForMultipleObjects (Address: 0x180087508)
  • WaitForSingleObject (Address: 0x1800874e8)
  • WakeAllConditionVariable (Address: 0x180087280)
  • WriteFile (Address: 0x180087580)
msvcrt.dll
  • __C_specific_handler (Address: 0x180087c28)
  • __CxxFrameHandler3 (Address: 0x180087ba0)
  • __dllonexit (Address: 0x180087b80)
  • _amsg_exit (Address: 0x180087bf0)
  • _callnewh (Address: 0x180087c18)
  • _initterm (Address: 0x180087bc0)
  • _lock (Address: 0x180087bb0)
  • _onexit (Address: 0x180087b40)
  • _purecall (Address: 0x180087c10)
  • _unlock (Address: 0x180087ba8)
  • _vsnwprintf (Address: 0x180087c00)
  • _wcsicmp (Address: 0x180087b70)
  • _wcsnicmp (Address: 0x180087c08)
  • _wtoi (Address: 0x180087c20)
  • _XcptFilter (Address: 0x180087be8)
  • ??1type_info@@UEAA@XZ (Address: 0x180087bb8)
  • ceil (Address: 0x180087b98)
  • floor (Address: 0x180087b60)
  • free (Address: 0x180087bf8)
  • iswdigit (Address: 0x180087c38)
  • malloc (Address: 0x180087c30)
  • mbstowcs (Address: 0x180087bc8)
  • memcpy (Address: 0x180087b58)
  • memmove (Address: 0x180087b50)
  • memset (Address: 0x180087b48)
  • towlower (Address: 0x180087bd0)
  • wcschr (Address: 0x180087b90)
  • wcscmp (Address: 0x180087c40)
  • wcsrchr (Address: 0x180087be0)
  • wcsstr (Address: 0x180087bd8)
  • wcstok (Address: 0x180087b78)
  • wcstombs (Address: 0x180087b68)
  • wcstoul (Address: 0x180087b88)
ntdll.dll
  • NtOpenFile (Address: 0x180087ce8)
  • NtQueryInformationProcess (Address: 0x180087c70)
  • NtQueryInformationThread (Address: 0x180087ca0)
  • NtQueryInformationToken (Address: 0x180087ce0)
  • NtQueryObject (Address: 0x180087ca8)
  • NtQuerySystemInformation (Address: 0x180087cf0)
  • NtQuerySystemInformationEx (Address: 0x180087c50)
  • NtQuerySystemTime (Address: 0x180087c58)
  • NtResumeProcess (Address: 0x180087c98)
  • NtSuspendProcess (Address: 0x180087c90)
  • RtlCaptureContext (Address: 0x180087cc8)
  • RtlInitUnicodeString (Address: 0x180087cc0)
  • RtlIpv4AddressToStringW (Address: 0x180087cb0)
  • RtlIpv6AddressToStringExW (Address: 0x180087c88)
  • RtlIpv6AddressToStringW (Address: 0x180087cb8)
  • RtlLookupFunctionEntry (Address: 0x180087cd0)
  • RtlNtStatusToDosError (Address: 0x180087c60)
  • RtlVirtualUnwind (Address: 0x180087cd8)
  • WinSqmAddToAverageDWORD (Address: 0x180087c80)
  • WinSqmAddToStream (Address: 0x180087c78)
  • WinSqmIncrementDWORD (Address: 0x180087c68)
ODBC32.dll
  • (Address: 0x180087648)
  • (Address: 0x180087660)
  • (Address: 0x180087658)
  • (Address: 0x180087650)
ole32.dll
  • CoCreateInstance (Address: 0x180087d20)
  • CoCreateInstanceEx (Address: 0x180087d00)
  • CoGetActivationState (Address: 0x180087d28)
  • CoGetCallState (Address: 0x180087d30)
  • CoInitialize (Address: 0x180087d88)
  • CoInitializeEx (Address: 0x180087d78)
  • CoSetProxyBlanket (Address: 0x180087d68)
  • CoTaskMemAlloc (Address: 0x180087d58)
  • CoTaskMemFree (Address: 0x180087d80)
  • CoTaskMemRealloc (Address: 0x180087d10)
  • CoUninitialize (Address: 0x180087d18)
  • CreateOleAdviseHolder (Address: 0x180087d70)
  • CreateStreamOnHGlobal (Address: 0x180087d08)
  • GetHGlobalFromStream (Address: 0x180087d38)
  • ReadClassStm (Address: 0x180087d48)
  • StringFromCLSID (Address: 0x180087d40)
  • StringFromGUID2 (Address: 0x180087d60)
  • WriteClassStm (Address: 0x180087d50)
OLEAUT32.dll
  • SafeArrayAccessData (Address: 0x180087690)
  • SafeArrayCreate (Address: 0x180087678)
  • SafeArrayDestroy (Address: 0x180087670)
  • SafeArrayUnaccessData (Address: 0x180087698)
  • SysAllocString (Address: 0x1800876c8)
  • SysAllocStringLen (Address: 0x1800876a8)
  • SysFreeString (Address: 0x1800876c0)
  • SysStringByteLen (Address: 0x1800876a0)
  • SystemTimeToVariantTime (Address: 0x1800876d0)
  • VariantChangeType (Address: 0x1800876b0)
  • VariantClear (Address: 0x180087688)
  • VariantCopy (Address: 0x1800876d8)
  • VariantInit (Address: 0x1800876b8)
  • VariantTimeToSystemTime (Address: 0x180087680)
pdh.dll
  • PdhAddEnglishCounterW (Address: 0x180087dc0)
  • PdhCloseQuery (Address: 0x180087db8)
  • PdhCollectQueryData (Address: 0x180087db0)
  • PdhExpandWildCardPathW (Address: 0x180087d98)
  • PdhGetFormattedCounterArrayW (Address: 0x180087da0)
  • PdhGetFormattedCounterValue (Address: 0x180087dc8)
  • PdhOpenQueryW (Address: 0x180087da8)
pdhui.dll
  • PdhUiBrowseCountersExHW (Address: 0x180087dd8)
PLA.dll
  • PlaDeleteReport (Address: 0x180087708)
  • PlaExpandTaskArguments (Address: 0x180087700)
  • PlaGetLegacyAlertActionsFlagsFromString (Address: 0x1800876e8)
  • PlaGetLegacyAlertActionsStringFromFlags (Address: 0x1800876f0)
  • PlaGetServerCapabilities (Address: 0x1800876f8)
Secur32.dll
  • GetUserNameExW (Address: 0x180087780)
SHELL32.dll
  • (Address: 0x180087720)
  • CommandLineToArgvW (Address: 0x180087728)
  • DragQueryFileW (Address: 0x180087758)
  • SHBrowseForFolderW (Address: 0x180087748)
  • ShellExecuteExW (Address: 0x180087730)
  • ShellExecuteW (Address: 0x180087718)
  • SHGetMalloc (Address: 0x180087738)
  • SHGetPathFromIDListW (Address: 0x180087750)
  • SHGetSpecialFolderLocation (Address: 0x180087740)
SHLWAPI.dll
  • (Address: 0x180087770)
  • AssocQueryStringW (Address: 0x180087768)
USER32.dll
  • AppendMenuW (Address: 0x180087a00)
  • BeginPaint (Address: 0x1800879d0)
  • CallWindowProcW (Address: 0x180087890)
  • CharLowerW (Address: 0x1800877a8)
  • CheckDlgButton (Address: 0x180087840)
  • CheckMenuItem (Address: 0x180087918)
  • CheckMenuRadioItem (Address: 0x1800879e8)
  • CheckRadioButton (Address: 0x180087888)
  • CloseClipboard (Address: 0x180087970)
  • CloseDesktop (Address: 0x180087940)
  • CloseWindowStation (Address: 0x1800877b8)
  • CreateWindowExW (Address: 0x1800879b0)
  • DefWindowProcW (Address: 0x1800878d0)
  • DeleteMenu (Address: 0x180087a08)
  • DestroyIcon (Address: 0x180087978)
  • DestroyMenu (Address: 0x180087930)
  • DestroyWindow (Address: 0x1800879a8)
  • DialogBoxParamW (Address: 0x180087848)
  • EmptyClipboard (Address: 0x180087a48)
  • EnableMenuItem (Address: 0x180087920)
  • EnableWindow (Address: 0x180087818)
  • EndDialog (Address: 0x180087830)
  • EndPaint (Address: 0x1800879d8)
  • EnumDesktopsW (Address: 0x1800877c0)
  • EnumDesktopWindows (Address: 0x180087aa0)
  • EnumWindowStationsW (Address: 0x1800877b0)
  • FillRect (Address: 0x1800879b8)
  • FlashWindow (Address: 0x1800878d8)
  • GetClassNameW (Address: 0x180087980)
  • GetClientRect (Address: 0x180087810)
  • GetClipboardData (Address: 0x180087968)
  • GetDC (Address: 0x180087898)
  • GetDlgItem (Address: 0x1800877f8)
  • GetDlgItemTextW (Address: 0x180087860)
  • GetFocus (Address: 0x180087a60)
  • GetKeyState (Address: 0x1800878f8)
  • GetMenu (Address: 0x1800879f0)
  • GetMenuItemCount (Address: 0x180087938)
  • GetMenuItemID (Address: 0x1800879f8)
  • GetMenuStringW (Address: 0x180087948)
  • GetMessagePos (Address: 0x180087a40)
  • GetParent (Address: 0x180087880)
  • GetProcessWindowStation (Address: 0x1800877d0)
  • GetScrollPos (Address: 0x180087a38)
  • GetSubMenu (Address: 0x180087910)
  • GetSysColor (Address: 0x180087a58)
  • GetSystemMetrics (Address: 0x180087998)
  • GetThreadDesktop (Address: 0x180087a90)
  • GetWindow (Address: 0x180087988)
  • GetWindowLongPtrW (Address: 0x180087828)
  • GetWindowLongW (Address: 0x180087a68)
  • GetWindowRect (Address: 0x180087900)
  • GetWindowTextW (Address: 0x180087858)
  • GetWindowThreadProcessId (Address: 0x180087a80)
  • GhostWindowFromHungWindow (Address: 0x180087798)
  • HungWindowFromGhostWindow (Address: 0x1800877a0)
  • InvalidateRect (Address: 0x1800879c8)
  • IsClipboardFormatAvailable (Address: 0x180087960)
  • IsDlgButtonChecked (Address: 0x180087838)
  • IsHungAppWindow (Address: 0x180087a78)
  • IsWindowEnabled (Address: 0x1800878e0)
  • IsWindowVisible (Address: 0x180087a70)
  • KillTimer (Address: 0x1800878b8)
  • LoadBitmapW (Address: 0x1800878a0)
  • LoadCursorW (Address: 0x1800878f0)
  • LoadIconW (Address: 0x1800877e8)
  • LoadImageW (Address: 0x1800877e0)
  • LoadMenuW (Address: 0x180087908)
  • LoadStringW (Address: 0x1800877f0)
  • MapWindowPoints (Address: 0x180087790)
  • MessageBeep (Address: 0x180087990)
  • OpenClipboard (Address: 0x180087958)
  • OpenDesktopW (Address: 0x180087a88)
  • OpenWindowStationW (Address: 0x1800877d8)
  • PostMessageW (Address: 0x180087878)
  • PostThreadMessageW (Address: 0x1800878b0)
  • PtInRect (Address: 0x180087a30)
  • RegisterClassW (Address: 0x1800879c0)
  • RegisterClipboardFormatW (Address: 0x1800878c8)
  • ReleaseDC (Address: 0x180087a20)
  • RemoveMenu (Address: 0x180087a28)
  • SendDlgItemMessageW (Address: 0x180087870)
  • SendMessageTimeoutW (Address: 0x1800878a8)
  • SendMessageW (Address: 0x180087800)
  • SetActiveWindow (Address: 0x180087950)
  • SetClipboardData (Address: 0x180087a50)
  • SetCursor (Address: 0x1800878e8)
  • SetDlgItemTextW (Address: 0x180087868)
  • SetFocus (Address: 0x180087850)
  • SetProcessWindowStation (Address: 0x1800877c8)
  • SetRect (Address: 0x180087a10)
  • SetThreadDesktop (Address: 0x180087a98)
  • SetTimer (Address: 0x1800878c0)
  • SetWindowLongPtrW (Address: 0x180087820)
  • SetWindowPos (Address: 0x180087a18)
  • SetWindowTextW (Address: 0x180087808)
  • ShowWindow (Address: 0x1800879a0)
  • TrackPopupMenuEx (Address: 0x180087928)
  • UpdateWindow (Address: 0x1800879e0)
UTILDLL.dll
  • CachedGetUserFromSid (Address: 0x180087ab0)
UxTheme.dll
  • SetWindowTheme (Address: 0x180087ac0)
VERSION.dll
  • GetFileVersionInfoSizeW (Address: 0x180087ae0)
  • GetFileVersionInfoW (Address: 0x180087ad8)
  • VerQueryValueW (Address: 0x180087ad0)
wevtapi.dll
  • EvtClose (Address: 0x180087e18)
  • EvtCreateRenderContext (Address: 0x180087de8)
  • EvtNext (Address: 0x180087e10)
  • EvtOpenPublisherMetadata (Address: 0x180087df0)
  • EvtOpenSession (Address: 0x180087df8)
  • EvtRender (Address: 0x180087e08)
  • EvtSubscribe (Address: 0x180087e00)
WINSTA.dll
  • WinStationGetProcessSid (Address: 0x180087af0)
WTSAPI32.dll
  • WTSFreeMemory (Address: 0x180087b00)
  • WTSQuerySessionInformationW (Address: 0x180087b08)