Windows.Management.Service.dll
Description: Windows Management Service DLL
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6456
Architecture: 64-bit
Operating System: Windows NT
SHA256: df242dbb85f340367acaf61fb8ad8b0a
File Size: 841.5 KB
Uploaded At: Dec. 1, 2025, 7:43 a.m.
Views: 4
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- DllCanUnloadNow (Ordinal: 1, Address: 0xb7e0)
- DllGetActivationFactory (Ordinal: 2, Address: 0xb840)
- DllGetClassObject (Ordinal: 3, Address: 0xba20)
- ServiceMain (Ordinal: 4, Address: 0xb780)
Imported DLLs & Functions
api-ms-win-core-com-l1-1-0.dll
- CoAddRefServerProcess (Address: 0x1800a7538)
- CoCreateFreeThreadedMarshaler (Address: 0x1800a74a8)
- CoCreateGuid (Address: 0x1800a74b0)
- CoCreateInstance (Address: 0x1800a74c0)
- CoDecrementMTAUsage (Address: 0x1800a7500)
- CoDisconnectContext (Address: 0x1800a74f0)
- CoGetInterfaceAndReleaseStream (Address: 0x1800a74d8)
- CoInitializeEx (Address: 0x1800a7520)
- CoMarshalInterface (Address: 0x1800a7508)
- CoRegisterClassObject (Address: 0x1800a74a0)
- CoReleaseMarshalData (Address: 0x1800a74e8)
- CoReleaseServerProcess (Address: 0x1800a7530)
- CoResumeClassObjects (Address: 0x1800a74f8)
- CoRevokeClassObject (Address: 0x1800a7528)
- CoTaskMemAlloc (Address: 0x1800a74e0)
- CoTaskMemFree (Address: 0x1800a74d0)
- CoTaskMemRealloc (Address: 0x1800a7518)
- CoWaitForMultipleHandles (Address: 0x1800a7540)
- CreateStreamOnHGlobal (Address: 0x1800a74c8)
- IIDFromString (Address: 0x1800a7510)
- StringFromGUID2 (Address: 0x1800a74b8)
api-ms-win-core-com-l1-1-1.dll
- RoGetAgileReference (Address: 0x1800a7550)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x1800a7560)
- IsDebuggerPresent (Address: 0x1800a7568)
- OutputDebugStringW (Address: 0x1800a7570)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x1800a7580)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x1800a7590)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x1800a75b0)
- RaiseException (Address: 0x1800a75c0)
- SetLastError (Address: 0x1800a75a8)
- SetUnhandledExceptionFilter (Address: 0x1800a75b8)
- UnhandledExceptionFilter (Address: 0x1800a75a0)
api-ms-win-core-file-l1-1-0.dll
- CreateDirectoryW (Address: 0x1800a7610)
- CreateFileW (Address: 0x1800a75f0)
- DeleteFileW (Address: 0x1800a75e0)
- GetDriveTypeW (Address: 0x1800a7608)
- GetFileAttributesW (Address: 0x1800a7618)
- GetFileSizeEx (Address: 0x1800a75d0)
- GetLogicalDriveStringsW (Address: 0x1800a7600)
- ReadFile (Address: 0x1800a75d8)
- SetFilePointerEx (Address: 0x1800a75f8)
- WriteFile (Address: 0x1800a75e8)
api-ms-win-core-file-l2-1-0.dll
- MoveFileExW (Address: 0x1800a7628)
api-ms-win-core-firmware-l1-1-0.dll
- GetFirmwareEnvironmentVariableW (Address: 0x1800a7638)
- SetFirmwareEnvironmentVariableW (Address: 0x1800a7640)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x1800a7650)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x1800a7660)
- HeapAlloc (Address: 0x1800a7670)
- HeapFree (Address: 0x1800a7668)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x1800a7688)
- LocalFree (Address: 0x1800a7680)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x1800a7698)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- WTSGetActiveConsoleSessionId (Address: 0x1800a76a8)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x1800a76b8)
- FreeLibrary (Address: 0x1800a76c8)
- FreeLibraryAndExitThread (Address: 0x1800a76c0)
- GetModuleFileNameA (Address: 0x1800a76e8)
- GetModuleHandleExW (Address: 0x1800a76f0)
- GetModuleHandleW (Address: 0x1800a76d8)
- GetProcAddress (Address: 0x1800a76e0)
- LoadLibraryExW (Address: 0x1800a76d0)
api-ms-win-core-libraryloader-l1-2-1.dll
- LoadLibraryW (Address: 0x1800a7700)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x1800a7710)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x1800a7720)
api-ms-win-core-processthreads-l1-1-0.dll
- CreateProcessAsUserW (Address: 0x1800a7748)
- CreateProcessW (Address: 0x1800a7738)
- CreateThread (Address: 0x1800a7750)
- ExitThread (Address: 0x1800a7770)
- GetCurrentProcess (Address: 0x1800a7768)
- GetCurrentProcessId (Address: 0x1800a7730)
- GetCurrentThreadId (Address: 0x1800a7778)
- GetExitCodeProcess (Address: 0x1800a7740)
- OpenProcessToken (Address: 0x1800a7758)
- TerminateProcess (Address: 0x1800a7760)
api-ms-win-core-processthreads-l1-1-1.dll
- IsProcessorFeaturePresent (Address: 0x1800a7788)
- OpenProcess (Address: 0x1800a7790)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x1800a77a0)
- QueryPerformanceFrequency (Address: 0x1800a77a8)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x1800a77b8)
- RegCopyTreeW (Address: 0x1800a77c8)
- RegCreateKeyExW (Address: 0x1800a77d8)
- RegDeleteTreeW (Address: 0x1800a77c0)
- RegDeleteValueW (Address: 0x1800a77f8)
- RegEnumValueW (Address: 0x1800a77e8)
- RegGetValueW (Address: 0x1800a77e0)
- RegOpenKeyExW (Address: 0x1800a77d0)
- RegSetValueExW (Address: 0x1800a77f0)
api-ms-win-core-registry-l1-1-1.dll
- RegSetKeyValueW (Address: 0x1800a7808)
api-ms-win-core-registry-l2-1-0.dll
- RegDeleteKeyW (Address: 0x1800a7818)
api-ms-win-core-rtlsupport-l1-1-0.dll
- RtlCaptureContext (Address: 0x1800a7838)
- RtlLookupFunctionEntry (Address: 0x1800a7828)
- RtlVirtualUnwind (Address: 0x1800a7830)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathFileExistsW (Address: 0x1800a7848)
api-ms-win-core-string-l1-1-0.dll
- MultiByteToWideChar (Address: 0x1800a7860)
- WideCharToMultiByte (Address: 0x1800a7858)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x1800a7870)
- AcquireSRWLockShared (Address: 0x1800a78e0)
- CreateEventExW (Address: 0x1800a7880)
- CreateEventW (Address: 0x1800a7908)
- CreateMutexExW (Address: 0x1800a78d8)
- CreateSemaphoreExW (Address: 0x1800a78e8)
- DeleteCriticalSection (Address: 0x1800a78f0)
- EnterCriticalSection (Address: 0x1800a78d0)
- InitializeCriticalSectionAndSpinCount (Address: 0x1800a78b0)
- InitializeCriticalSectionEx (Address: 0x1800a7888)
- InitializeSRWLock (Address: 0x1800a78f8)
- LeaveCriticalSection (Address: 0x1800a7890)
- OpenSemaphoreW (Address: 0x1800a7900)
- ReleaseMutex (Address: 0x1800a78a0)
- ReleaseSemaphore (Address: 0x1800a78c0)
- ReleaseSRWLockExclusive (Address: 0x1800a78c8)
- ReleaseSRWLockShared (Address: 0x1800a78a8)
- ResetEvent (Address: 0x1800a7910)
- SetEvent (Address: 0x1800a78b8)
- TryEnterCriticalSection (Address: 0x1800a7918)
- WaitForSingleObject (Address: 0x1800a7878)
- WaitForSingleObjectEx (Address: 0x1800a7898)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceBeginInitialize (Address: 0x1800a7938)
- InitOnceComplete (Address: 0x1800a7928)
- InitOnceExecuteOnce (Address: 0x1800a7930)
- Sleep (Address: 0x1800a7940)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTime (Address: 0x1800a7960)
- GetSystemTimeAsFileTime (Address: 0x1800a7958)
- GetTickCount (Address: 0x1800a7950)
- GetTickCount64 (Address: 0x1800a7968)
api-ms-win-core-sysinfo-l1-2-0.dll
- SetSystemTime (Address: 0x1800a7978)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x1800a79a0)
- CreateThreadpoolTimer (Address: 0x1800a7988)
- SetThreadpoolTimer (Address: 0x1800a7990)
- WaitForThreadpoolTimerCallbacks (Address: 0x1800a7998)
api-ms-win-core-timezone-l1-1-0.dll
- FileTimeToSystemTime (Address: 0x1800a79b0)
- SystemTimeToFileTime (Address: 0x1800a79b8)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x1800a79c8)
- EncodePointer (Address: 0x1800a79d0)
api-ms-win-core-winrt-error-l1-1-0.dll
- GetRestrictedErrorInfo (Address: 0x1800a79f8)
- RoOriginateError (Address: 0x1800a79f0)
- RoOriginateErrorW (Address: 0x1800a79e8)
- RoTransformError (Address: 0x1800a79e0)
- SetRestrictedErrorInfo (Address: 0x1800a7a00)
api-ms-win-core-winrt-error-l1-1-1.dll
- IsErrorPropagationEnabled (Address: 0x1800a7a18)
- RoGetMatchingRestrictedErrorInfo (Address: 0x1800a7a10)
- RoReportFailedDelegate (Address: 0x1800a7a20)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x1800a7a48)
- RoGetActivationFactory (Address: 0x1800a7a50)
- RoInitialize (Address: 0x1800a7a38)
- RoRegisterActivationFactories (Address: 0x1800a7a58)
- RoRevokeActivationFactories (Address: 0x1800a7a40)
- RoUninitialize (Address: 0x1800a7a30)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x1800a7ab0)
- WindowsCreateStringReference (Address: 0x1800a7a98)
- WindowsDeleteString (Address: 0x1800a7a80)
- WindowsDeleteStringBuffer (Address: 0x1800a7a68)
- WindowsDuplicateString (Address: 0x1800a7a90)
- WindowsGetStringLen (Address: 0x1800a7ab8)
- WindowsGetStringRawBuffer (Address: 0x1800a7a78)
- WindowsIsStringEmpty (Address: 0x1800a7aa0)
- WindowsPreallocateStringBuffer (Address: 0x1800a7a88)
- WindowsPromoteStringBuffer (Address: 0x1800a7a70)
- WindowsStringHasEmbeddedNull (Address: 0x1800a7aa8)
api-ms-win-crt-math-l1-1-0.dll
- ceilf (Address: 0x1800a7ac8)
api-ms-win-crt-private-l1-1-0.dll
- __C_specific_handler (Address: 0x1800a7b60)
- __CxxFrameHandler3 (Address: 0x1800a7b68)
- __CxxFrameHandler4 (Address: 0x1800a7bf0)
- __std_terminate (Address: 0x1800a7be8)
- _CxxThrowException (Address: 0x1800a7b70)
- _o___std_exception_copy (Address: 0x1800a7be0)
- _o___std_exception_destroy (Address: 0x1800a7bd8)
- _o___std_type_info_destroy_list (Address: 0x1800a7bd0)
- _o___stdio_common_vsnprintf_s (Address: 0x1800a7bc8)
- _o___stdio_common_vsprintf_s (Address: 0x1800a7bc0)
- _o___stdio_common_vswprintf (Address: 0x1800a7bb8)
- _o___stdio_common_vswscanf (Address: 0x1800a7bb0)
- _o__callnewh (Address: 0x1800a7ba8)
- _o__cexit (Address: 0x1800a7ba0)
- _o__configure_narrow_argv (Address: 0x1800a7b98)
- _o__crt_atexit (Address: 0x1800a7b90)
- _o__errno (Address: 0x1800a7b88)
- _o__execute_onexit_table (Address: 0x1800a7b80)
- _o__get_errno (Address: 0x1800a7b78)
- _o__initialize_narrow_environment (Address: 0x1800a7ad8)
- _o__initialize_onexit_table (Address: 0x1800a7ae0)
- _o__invalid_parameter_noinfo (Address: 0x1800a7ae8)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x1800a7af0)
- _o__purecall (Address: 0x1800a7af8)
- _o__register_onexit_function (Address: 0x1800a7b00)
- _o__seh_filter_dll (Address: 0x1800a7b08)
- _o__set_errno (Address: 0x1800a7b10)
- _o__wcsicmp (Address: 0x1800a7b18)
- _o__wcsnicmp (Address: 0x1800a7b20)
- _o_free (Address: 0x1800a7b30)
- _o_isalnum (Address: 0x1800a7b38)
- _o_malloc (Address: 0x1800a7b40)
- _o_terminate (Address: 0x1800a7b48)
- _o_toupper (Address: 0x1800a7b50)
- _o_wcstol (Address: 0x1800a7b58)
- memchr (Address: 0x1800a7bf8)
- memcmp (Address: 0x1800a7c00)
- memcpy (Address: 0x1800a7c08)
- memmove (Address: 0x1800a7b28)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x1800a7c20)
- _initterm_e (Address: 0x1800a7c18)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x1800a7c40)
- wcscmp (Address: 0x1800a7c38)
- wcsnlen (Address: 0x1800a7c30)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x1800a7c68)
- EventProviderEnabled (Address: 0x1800a7c58)
- EventRegister (Address: 0x1800a7c60)
- EventSetInformation (Address: 0x1800a7c50)
- EventUnregister (Address: 0x1800a7c78)
- EventWriteTransfer (Address: 0x1800a7c70)
api-ms-win-security-base-l1-1-0.dll
- DuplicateTokenEx (Address: 0x1800a7c90)
- GetTokenInformation (Address: 0x1800a7ca0)
- ImpersonateLoggedOnUser (Address: 0x1800a7c98)
- RevertToSelf (Address: 0x1800a7c88)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x1800a7cb0)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x1800a7cc0)
- SetServiceStatus (Address: 0x1800a7cc8)
api-ms-win-service-core-l1-1-4.dll
- GetServiceDirectory (Address: 0x1800a7cd8)
api-ms-win-service-management-l1-1-0.dll
- CloseServiceHandle (Address: 0x1800a7cf8)
- OpenSCManagerW (Address: 0x1800a7d00)
- OpenServiceW (Address: 0x1800a7ce8)
- StartServiceW (Address: 0x1800a7cf0)
api-ms-win-service-management-l2-1-0.dll
- QueryServiceStatusEx (Address: 0x1800a7d10)
api-ms-win-shcore-registry-l1-1-0.dll
- SHDeleteValueW (Address: 0x1800a7d20)
- SHSetValueW (Address: 0x1800a7d28)
api-ms-win-shcore-taskpool-l1-1-0.dll
- SHTaskPoolAllowThreadReuse (Address: 0x1800a7d38)
- SHTaskPoolQueueTask (Address: 0x1800a7d40)
combase.dll
- (Address: 0x1800a7d50)
- (Address: 0x1800a7d58)
- (Address: 0x1800a7d60)
- (Address: 0x1800a7d68)
dmEnrollEngine.DLL
- (Address: 0x1800a7d78)
dsreg.dll
- DsrBeginDeviceAndResourceAccountJoin (Address: 0x1800a7d88)
- DsrBeginDeviceUnjoin (Address: 0x1800a7db8)
- DsrBeginDiscover (Address: 0x1800a7db0)
- DsrBeginPreprovisionedDeviceJoin (Address: 0x1800a7da8)
- DsrFreeDiscoveryMetadata (Address: 0x1800a7da0)
- DsrFreeJoinInfo (Address: 0x1800a7d98)
- DsrGetJoinInfo (Address: 0x1800a7d90)
msvcp_win.dll
- _Cnd_broadcast (Address: 0x1800a7ec8)
- _Cnd_destroy_in_situ (Address: 0x1800a7ed0)
- _Cnd_init_in_situ (Address: 0x1800a7e48)
- _Cnd_wait (Address: 0x1800a7eb8)
- _Mtx_destroy_in_situ (Address: 0x1800a7e88)
- _Mtx_init_in_situ (Address: 0x1800a7eb0)
- _Mtx_lock (Address: 0x1800a7e98)
- _Mtx_unlock (Address: 0x1800a7ec0)
- ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z (Address: 0x1800a7dd0)
- ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z (Address: 0x1800a7e50)
- ?__ExceptionPtrCreate@@YAXPEAX@Z (Address: 0x1800a7e40)
- ?__ExceptionPtrCurrentException@@YAXPEAX@Z (Address: 0x1800a7ea0)
- ?__ExceptionPtrDestroy@@YAXPEAX@Z (Address: 0x1800a7e90)
- ?__ExceptionPtrRethrow@@YAXPEBX@Z (Address: 0x1800a7ea8)
- ?__ExceptionPtrToBool@@YA_NPEBX@Z (Address: 0x1800a7e80)
- ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z (Address: 0x1800a7ef0)
- ?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z (Address: 0x1800a7e28)
- ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z (Address: 0x1800a7e30)
- ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x1800a7e18)
- ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ (Address: 0x1800a7ee8)
- ?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z (Address: 0x1800a7e58)
- ?_Incref@facet@locale@std@@UEAAXXZ (Address: 0x1800a7ee0)
- ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z (Address: 0x1800a7f28)
- ?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ (Address: 0x1800a7e20)
- ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800a7e08)
- ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z (Address: 0x1800a7f48)
- ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800a7f50)
- ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800a7e00)
- ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800a7df0)
- ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ (Address: 0x1800a7df8)
- ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z (Address: 0x1800a7f40)
- ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z (Address: 0x1800a7e10)
- ?_ReportUnobservedException@details@Concurrency@@YAXXZ (Address: 0x1800a7de0)
- ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ (Address: 0x1800a7f38)
- ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z (Address: 0x1800a7de8)
- ?_Throw_C_error@std@@YAXH@Z (Address: 0x1800a7e70)
- ?_Xbad_function_call@std@@YAXXZ (Address: 0x1800a7e68)
- ?_XGetLastError@std@@YAXXZ (Address: 0x1800a7e78)
- ?_Xinvalid_argument@std@@YAXPEBD@Z (Address: 0x1800a7e60)
- ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x1800a7f30)
- ?_Xout_of_range@std@@YAXPEBD@Z (Address: 0x1800a7dc8)
- ??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z (Address: 0x1800a7f08)
- ??0task_continuation_context@Concurrency@@AEAA@XZ (Address: 0x1800a7e38)
- ??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ (Address: 0x1800a7f10)
- ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z (Address: 0x1800a7f18)
- ??Bid@locale@std@@QEAA_KXZ (Address: 0x1800a7ed8)
- ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ (Address: 0x1800a7dd8)
- ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A (Address: 0x1800a7f20)
- ?in@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAG3AEAPEAG@Z (Address: 0x1800a7ef8)
- ?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z (Address: 0x1800a7f00)
ncrypt.dll
- NCryptEnumKeys (Address: 0x1800a7f78)
- NCryptFreeBuffer (Address: 0x1800a7f70)
- NCryptFreeObject (Address: 0x1800a7f88)
- NCryptGetProperty (Address: 0x1800a7f60)
- NCryptOpenKey (Address: 0x1800a7f80)
- NCryptOpenStorageProvider (Address: 0x1800a7f68)
- NCryptSetProperty (Address: 0x1800a7f90)
ntdll.dll
- NtQueryWnfStateData (Address: 0x1800a7fb0)
- RtlAcquirePrivilege (Address: 0x1800a7fc0)
- RtlAdjustPrivilege (Address: 0x1800a7fc8)
- RtlIsStateSeparationEnabled (Address: 0x1800a7fd8)
- RtlPublishWnfStateData (Address: 0x1800a7fa0)
- RtlReleasePrivilege (Address: 0x1800a7fb8)
- RtlSubscribeWnfStateChangeNotification (Address: 0x1800a7fd0)
- RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x1800a7fa8)
omadmapi.dll
- (Address: 0x1800a7ff0)
- (Address: 0x1800a7ff8)
- (Address: 0x1800a8000)
- (Address: 0x1800a7fe8)
profapi.dll
- (Address: 0x1800a8010)
RPCRT4.dll
- RpcStringFreeW (Address: 0x1800a7400)
- UuidCreate (Address: 0x1800a7408)
- UuidToStringW (Address: 0x1800a7410)
USERENV.dll
- CreateEnvironmentBlock (Address: 0x1800a7428)
- DestroyEnvironmentBlock (Address: 0x1800a7420)
- ExpandEnvironmentStringsForUserW (Address: 0x1800a7430)
WINHTTP.dll
- WinHttpAddRequestHeaders (Address: 0x1800a7460)
- WinHttpCloseHandle (Address: 0x1800a7440)
- WinHttpConnect (Address: 0x1800a7490)
- WinHttpCrackUrl (Address: 0x1800a7480)
- WinHttpOpen (Address: 0x1800a7458)
- WinHttpOpenRequest (Address: 0x1800a7478)
- WinHttpQueryDataAvailable (Address: 0x1800a7448)
- WinHttpQueryHeaders (Address: 0x1800a7468)
- WinHttpReadData (Address: 0x1800a7470)
- WinHttpReceiveResponse (Address: 0x1800a7450)
- WinHttpSendRequest (Address: 0x1800a7488)