appinfo.dll

Description: Application Information Service

Version: 10.0.19041.5794

Architecture: 64-bit

Operating System: Windows NT

SHA256: 7962bc34b24b4bec3d4e86567e8d60fd

File Size: 212.5 KB

Uploaded At: Dec. 1, 2025, 7:22 a.m.

Views: 23

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

AiDisableDesktopRpcInterface (Ordinal: 1, Address: 0x243f0)
AiEnableDesktopRpcInterface (Ordinal: 2, Address: 0x3c30)
ServiceMain (Ordinal: 3, Address: 0x2f70)
SvchostPushServiceGlobals (Ordinal: 4, Address: 0x2f60)

Imported DLLs & Functions

api-ms-win-appmodel-runtime-internal-l1-1-1.dll

GetPackageStatus (Address: 0x180027008)

api-ms-win-appmodel-runtime-l1-1-0.dll

GetApplicationUserModelId (Address: 0x180027020)
GetPackagesByPackageFamily (Address: 0x180027018)
PackageFamilyNameFromFullName (Address: 0x180027028)

api-ms-win-appmodel-runtime-l1-1-1.dll

GetApplicationUserModelIdFromToken (Address: 0x180027040)
GetPackageFullNameFromToken (Address: 0x180027038)
ParseApplicationUserModelId (Address: 0x180027048)

api-ms-win-core-apiquery-l1-1-0.dll

ApiSetQueryApiSetPresence (Address: 0x180027058)

api-ms-win-core-appcompat-l1-1-1.dll

BaseFreeAppCompatDataForProcess (Address: 0x180027068)
BaseReadAppCompatDataForProcess (Address: 0x180027070)

api-ms-win-core-debug-l1-1-0.dll

DebugBreak (Address: 0x180027088)
IsDebuggerPresent (Address: 0x180027090)
OutputDebugStringW (Address: 0x180027080)

api-ms-win-core-delayload-l1-1-0.dll

DelayLoadFailureHook (Address: 0x1800270a0)

api-ms-win-core-delayload-l1-1-1.dll

ResolveDelayLoadedAPI (Address: 0x1800270b0)

api-ms-win-core-errorhandling-l1-1-0.dll

GetLastError (Address: 0x1800270e0)
RaiseException (Address: 0x1800270c8)
SetLastError (Address: 0x1800270d8)
SetUnhandledExceptionFilter (Address: 0x1800270c0)
UnhandledExceptionFilter (Address: 0x1800270d0)

api-ms-win-core-file-l1-1-0.dll

CreateFileW (Address: 0x1800270f0)
GetFileAttributesW (Address: 0x180027108)
GetFullPathNameW (Address: 0x180027100)
GetLongPathNameW (Address: 0x1800270f8)

api-ms-win-core-file-l1-2-0.dll

GetTempPathW (Address: 0x180027118)

api-ms-win-core-handle-l1-1-0.dll

CloseHandle (Address: 0x180027130)
DuplicateHandle (Address: 0x180027128)

api-ms-win-core-heap-l1-1-0.dll

GetProcessHeap (Address: 0x180027148)
HeapAlloc (Address: 0x180027140)
HeapFree (Address: 0x180027150)

api-ms-win-core-heap-l2-1-0.dll

LocalAlloc (Address: 0x180027168)
LocalFree (Address: 0x180027160)

api-ms-win-core-kernel32-legacy-l1-1-0.dll

UnregisterWait (Address: 0x180027178)

api-ms-win-core-kernel32-private-l1-1-0.dll

CheckElevation (Address: 0x180027188)
CheckElevationEnabled (Address: 0x180027190)

api-ms-win-core-libraryloader-l1-2-0.dll

GetModuleFileNameA (Address: 0x1800271a8)
GetModuleHandleExW (Address: 0x1800271b0)
GetModuleHandleW (Address: 0x1800271b8)
GetProcAddress (Address: 0x1800271a0)

api-ms-win-core-localization-l1-2-0.dll

FormatMessageW (Address: 0x1800271c8)

api-ms-win-core-memory-l1-1-0.dll

CreateFileMappingW (Address: 0x1800271d8)
MapViewOfFile (Address: 0x1800271e8)
ReadProcessMemory (Address: 0x1800271e0)
UnmapViewOfFile (Address: 0x1800271f0)

api-ms-win-core-processenvironment-l1-1-0.dll

GetEnvironmentVariableW (Address: 0x180027200)

api-ms-win-core-processthreads-l1-1-0.dll

CreateProcessAsUserW (Address: 0x180027220)
DeleteProcThreadAttributeList (Address: 0x180027228)
GetCurrentProcess (Address: 0x180027230)
GetCurrentProcessId (Address: 0x180027280)
GetCurrentThreadId (Address: 0x180027278)
GetExitCodeProcess (Address: 0x180027240)
GetProcessId (Address: 0x180027218)
GetProcessIdOfThread (Address: 0x180027238)
GetThreadId (Address: 0x180027260)
InitializeProcThreadAttributeList (Address: 0x180027210)
OpenProcessToken (Address: 0x180027250)
OpenThread (Address: 0x180027270)
ResumeThread (Address: 0x180027258)
TerminateProcess (Address: 0x180027268)
UpdateProcThreadAttribute (Address: 0x180027248)

api-ms-win-core-processthreads-l1-1-1.dll

OpenProcess (Address: 0x180027290)

api-ms-win-core-profile-l1-1-0.dll

QueryPerformanceCounter (Address: 0x1800272a0)

api-ms-win-core-psapi-l1-1-0.dll

QueryFullProcessImageNameW (Address: 0x1800272b0)

api-ms-win-core-psm-key-l1-1-0.dll

PsmGetKeyFromToken (Address: 0x1800272c0)

api-ms-win-core-registry-l1-1-0.dll

RegCloseKey (Address: 0x1800272d0)
RegGetValueW (Address: 0x1800272e8)
RegOpenKeyExW (Address: 0x1800272e0)
RegQueryValueExW (Address: 0x1800272d8)

api-ms-win-core-rtlsupport-l1-1-0.dll

RtlCaptureContext (Address: 0x180027300)
RtlLookupFunctionEntry (Address: 0x1800272f8)
RtlVirtualUnwind (Address: 0x180027308)

api-ms-win-core-sidebyside-l1-1-0.dll

CreateActCtxW (Address: 0x180027320)
QueryActCtxSettingsW (Address: 0x180027318)
ReleaseActCtx (Address: 0x180027328)

api-ms-win-core-synch-l1-1-0.dll

AcquireSRWLockExclusive (Address: 0x180027380)
AcquireSRWLockShared (Address: 0x1800273a0)
CreateEventW (Address: 0x1800273b0)
CreateMutexExW (Address: 0x180027350)
CreateMutexW (Address: 0x180027390)
CreateSemaphoreExW (Address: 0x180027340)
DeleteCriticalSection (Address: 0x1800273c0)
EnterCriticalSection (Address: 0x180027360)
InitializeCriticalSectionEx (Address: 0x180027378)
LeaveCriticalSection (Address: 0x180027358)
OpenSemaphoreW (Address: 0x180027368)
ReleaseMutex (Address: 0x180027338)
ReleaseSemaphore (Address: 0x180027398)
ReleaseSRWLockExclusive (Address: 0x1800273b8)
ReleaseSRWLockShared (Address: 0x180027348)
SetEvent (Address: 0x180027388)
WaitForSingleObject (Address: 0x1800273a8)
WaitForSingleObjectEx (Address: 0x180027370)

api-ms-win-core-synch-l1-2-0.dll

InitOnceBeginInitialize (Address: 0x1800273d8)
InitOnceComplete (Address: 0x1800273e0)
Sleep (Address: 0x1800273e8)
SleepConditionVariableSRW (Address: 0x1800273f0)
WakeAllConditionVariable (Address: 0x1800273d0)

api-ms-win-core-sysinfo-l1-1-0.dll

GetSystemDirectoryW (Address: 0x180027408)
GetSystemTimeAsFileTime (Address: 0x180027400)
GetTickCount (Address: 0x180027410)

api-ms-win-core-threadpool-l1-2-0.dll

CloseThreadpoolTimer (Address: 0x180027428)
CreateThreadpoolTimer (Address: 0x180027438)
SetThreadpoolTimer (Address: 0x180027430)
WaitForThreadpoolTimerCallbacks (Address: 0x180027420)

api-ms-win-core-version-l1-1-0.dll

GetFileVersionInfoExW (Address: 0x180027450)
GetFileVersionInfoSizeExW (Address: 0x180027448)
VerQueryValueW (Address: 0x180027458)

api-ms-win-core-winrt-l1-1-0.dll

RoActivateInstance (Address: 0x180027468)

api-ms-win-core-winrt-string-l1-1-0.dll

WindowsCreateStringReference (Address: 0x180027478)

api-ms-win-core-wow64-l1-1-1.dll

GetSystemWow64DirectoryW (Address: 0x180027488)

api-ms-win-eventing-provider-l1-1-0.dll

EventActivityIdControl (Address: 0x180027498)
EventRegister (Address: 0x1800274a0)
EventSetInformation (Address: 0x1800274b0)
EventUnregister (Address: 0x1800274a8)
EventWriteTransfer (Address: 0x1800274b8)

api-ms-win-security-base-l1-1-0.dll

CheckTokenMembership (Address: 0x180027510)
CreateRestrictedToken (Address: 0x1800274f8)
EqualSid (Address: 0x1800274e8)
GetSidLengthRequired (Address: 0x1800274e0)
GetSidSubAuthority (Address: 0x180027500)
GetTokenInformation (Address: 0x1800274c8)
ImpersonateLoggedOnUser (Address: 0x1800274d0)
InitializeSid (Address: 0x1800274d8)
IsTokenRestricted (Address: 0x1800274f0)
RevertToSelf (Address: 0x180027508)
SetTokenInformation (Address: 0x180027518)

api-ms-win-service-core-l1-1-0.dll

RegisterServiceCtrlHandlerExW (Address: 0x180027530)
SetServiceStatus (Address: 0x180027528)

msvcrt.dll

__C_specific_handler (Address: 0x180027590)
__CxxFrameHandler3 (Address: 0x1800275d8)
__dllonexit (Address: 0x180027608)
_amsg_exit (Address: 0x180027550)
_callnewh (Address: 0x180027618)
_initterm (Address: 0x180027540)
_lock (Address: 0x1800275f0)
_onexit (Address: 0x180027560)
_purecall (Address: 0x1800275e0)
_ui64tow_s (Address: 0x180027600)
_unlock (Address: 0x1800275f8)
_vsnwprintf (Address: 0x180027628)
_wcsicmp (Address: 0x180027578)
_wcsnicmp (Address: 0x180027568)
_XcptFilter (Address: 0x180027558)
bsearch (Address: 0x180027570)
free (Address: 0x180027610)
malloc (Address: 0x180027548)
memcmp (Address: 0x1800275a8)
memcpy (Address: 0x1800275a0)
memcpy_s (Address: 0x180027620)
memmove (Address: 0x1800275e8)
memmove_s (Address: 0x180027580)
memset (Address: 0x180027630)
swprintf_s (Address: 0x1800275c8)
wcscat_s (Address: 0x1800275b8)
wcschr (Address: 0x1800275b0)
wcscpy_s (Address: 0x1800275d0)
wcsnlen (Address: 0x1800275c0)
wcsrchr (Address: 0x180027588)
wcsstr (Address: 0x180027598)

ntdll.dll

EtwEventRegister (Address: 0x1800277a8)
EtwEventUnregister (Address: 0x1800277b8)
EtwEventWrite (Address: 0x1800277b0)
EtwGetTraceEnableFlags (Address: 0x1800277c8)
EtwGetTraceEnableLevel (Address: 0x180027800)
EtwGetTraceLoggerHandle (Address: 0x1800277e0)
EtwRegisterTraceGuidsW (Address: 0x180027808)
EtwTraceMessage (Address: 0x1800277d0)
EtwUnregisterTraceGuids (Address: 0x1800277c0)
LdrOpenImageFileOptionsKey (Address: 0x1800276b0)
LdrQueryImageFileKeyOption (Address: 0x180027688)
LdrResSearchResource (Address: 0x180027740)
NtClose (Address: 0x180027650)
NtDuplicateObject (Address: 0x180027660)
NtDuplicateToken (Address: 0x180027790)
NtOpenProcess (Address: 0x180027698)
NtOpenProcessToken (Address: 0x180027798)
NtOpenThreadToken (Address: 0x1800276d8)
NtQueryInformationProcess (Address: 0x180027778)
NtQueryInformationToken (Address: 0x1800276a8)
NtQuerySecurityObject (Address: 0x180027758)
NtQuerySystemInformation (Address: 0x180027788)
NtReadVirtualMemory (Address: 0x180027648)
NtSetInformationToken (Address: 0x180027770)
NtSetSecurityObject (Address: 0x180027748)
RtlAcquireSRWLockExclusive (Address: 0x180027810)
RtlAcquireSRWLockShared (Address: 0x1800276d0)
RtlAllocateAndInitializeSid (Address: 0x1800277f0)
RtlAllocateHeap (Address: 0x180027690)
RtlCreateEnvironmentEx (Address: 0x1800276f8)
RtlCreateServiceSid (Address: 0x180027750)
RtlDeregisterWait (Address: 0x180027668)
RtlDeregisterWaitEx (Address: 0x180027780)
RtlDeriveCapabilitySidsFromName (Address: 0x1800276c8)
RtlDestroyEnvironment (Address: 0x1800276e8)
RtlDosPathNameToRelativeNtPathName_U_WithStatus (Address: 0x180027718)
RtlEqualSid (Address: 0x1800276e0)
RtlEqualUnicodeString (Address: 0x180027700)
RtlExpandEnvironmentStrings (Address: 0x1800276c0)
RtlFindAceByType (Address: 0x1800277e8)
RtlFreeSid (Address: 0x1800277f8)
RtlFreeUnicodeString (Address: 0x180027710)
RtlImageNtHeaderEx (Address: 0x180027658)
RtlInitializeSRWLock (Address: 0x1800277d8)
RtlInitUnicodeString (Address: 0x1800276a0)
RtlInitUnicodeStringEx (Address: 0x180027738)
RtlNtPathNameToDosPathName (Address: 0x180027708)
RtlNtStatusToDosError (Address: 0x180027670)
RtlNtStatusToDosErrorNoTeb (Address: 0x1800277a0)
RtlpEnsureBufferSize (Address: 0x180027720)
RtlPrefixUnicodeString (Address: 0x180027730)
RtlQueryEnvironmentVariable (Address: 0x1800276f0)
RtlQueryPackageClaims (Address: 0x1800276b8)
RtlRegisterWait (Address: 0x180027678)
RtlReleaseRelativeName (Address: 0x180027728)
RtlReleaseSRWLockExclusive (Address: 0x180027768)
RtlReleaseSRWLockShared (Address: 0x180027640)
RtlRemovePrivileges (Address: 0x180027680)
RtlSetEnvironmentVar (Address: 0x180027760)

RPCRT4.dll

I_RpcBindingInqLocalClientPID (Address: 0x180026f98)
Ndr64AsyncServerCallAll (Address: 0x180026fb8)
NdrAsyncServerCall (Address: 0x180026fd8)
NdrServerCall2 (Address: 0x180026fb0)
NdrServerCallAll (Address: 0x180026fc0)
RpcAsyncCompleteCall (Address: 0x180026fa0)
RpcBindingVectorFree (Address: 0x180026ff0)
RpcEpRegisterW (Address: 0x180026fd0)
RpcEpUnregister (Address: 0x180026ff8)
RpcImpersonateClient (Address: 0x180026fa8)
RpcRevertToSelf (Address: 0x180026fe0)
RpcServerInqBindings (Address: 0x180026fc8)
RpcServerRegisterIfEx (Address: 0x180026fe8)
RpcServerUnregisterIf (Address: 0x180026f88)
RpcServerUseProtseqW (Address: 0x180026f90)