wscsvc.dll
Description: Windows Security Center Service
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.5794
Architecture: 64-bit
Operating System: Windows NT
SHA256: 04fd9e62191671c397b1beb7163bb99f
File Size: 345.6 KB
Uploaded At: Dec. 1, 2025, 7:45 a.m.
Views: 5
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- ServiceMain (Ordinal: 1, Address: 0x3f20)
- SvchostPushServiceGlobals (Ordinal: 2, Address: 0xfb60)
Imported DLLs & Functions
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x180041bf8)
- IsDebuggerPresent (Address: 0x180041c08)
- OutputDebugStringW (Address: 0x180041c00)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x180041c18)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x180041c28)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x180041c38)
- SetLastError (Address: 0x180041c40)
- SetUnhandledExceptionFilter (Address: 0x180041c48)
- UnhandledExceptionFilter (Address: 0x180041c50)
api-ms-win-core-file-l1-1-0.dll
- GetFileAttributesW (Address: 0x180041c68)
- GetFileSizeEx (Address: 0x180041c60)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x180041c80)
- DuplicateHandle (Address: 0x180041c78)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x180041c90)
- HeapAlloc (Address: 0x180041ca0)
- HeapFree (Address: 0x180041c98)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x180041cb0)
- LocalFree (Address: 0x180041cb8)
api-ms-win-core-kernel32-legacy-l1-1-0.dll
- UnregisterWait (Address: 0x180041cc8)
api-ms-win-core-libraryloader-l1-2-0.dll
- FreeLibrary (Address: 0x180041cf0)
- GetModuleFileNameA (Address: 0x180041d00)
- GetModuleFileNameW (Address: 0x180041cf8)
- GetModuleHandleExW (Address: 0x180041d08)
- GetModuleHandleW (Address: 0x180041ce8)
- GetProcAddress (Address: 0x180041ce0)
- LoadLibraryExW (Address: 0x180041cd8)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x180041d18)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x180041d28)
api-ms-win-core-processthreads-l1-1-0.dll
- CreateThread (Address: 0x180041d40)
- GetCurrentProcess (Address: 0x180041d48)
- GetCurrentProcessId (Address: 0x180041d38)
- GetCurrentThreadId (Address: 0x180041d50)
- OpenThreadToken (Address: 0x180041d58)
- TerminateProcess (Address: 0x180041d60)
api-ms-win-core-processthreads-l1-1-1.dll
- GetProcessMitigationPolicy (Address: 0x180041d70)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x180041d80)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x180041da0)
- RegCreateKeyExW (Address: 0x180041dc0)
- RegDeleteKeyExW (Address: 0x180041db0)
- RegDeleteValueW (Address: 0x180041dd0)
- RegEnumKeyExW (Address: 0x180041d98)
- RegEnumValueW (Address: 0x180041dc8)
- RegGetValueW (Address: 0x180041d90)
- RegNotifyChangeKeyValue (Address: 0x180041de8)
- RegOpenKeyExW (Address: 0x180041de0)
- RegQueryInfoKeyW (Address: 0x180041dd8)
- RegQueryValueExW (Address: 0x180041da8)
- RegSetValueExW (Address: 0x180041db8)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x180041e48)
- AcquireSRWLockShared (Address: 0x180041e90)
- CancelWaitableTimer (Address: 0x180041e68)
- CreateEventW (Address: 0x180041e18)
- CreateMutexExW (Address: 0x180041e80)
- CreateSemaphoreExW (Address: 0x180041e38)
- DeleteCriticalSection (Address: 0x180041e98)
- EnterCriticalSection (Address: 0x180041e30)
- InitializeCriticalSection (Address: 0x180041e58)
- InitializeCriticalSectionAndSpinCount (Address: 0x180041e40)
- InitializeCriticalSectionEx (Address: 0x180041df8)
- LeaveCriticalSection (Address: 0x180041e10)
- OpenSemaphoreW (Address: 0x180041e60)
- ReleaseMutex (Address: 0x180041e00)
- ReleaseSemaphore (Address: 0x180041e28)
- ReleaseSRWLockExclusive (Address: 0x180041e08)
- ReleaseSRWLockShared (Address: 0x180041e70)
- SetEvent (Address: 0x180041ea0)
- SetWaitableTimer (Address: 0x180041e78)
- WaitForMultipleObjectsEx (Address: 0x180041e88)
- WaitForSingleObject (Address: 0x180041e20)
- WaitForSingleObjectEx (Address: 0x180041e50)
api-ms-win-core-synch-l1-2-0.dll
- Sleep (Address: 0x180041eb0)
api-ms-win-core-synch-l1-2-1.dll
- CreateWaitableTimerW (Address: 0x180041ec8)
- WaitForMultipleObjects (Address: 0x180041ec0)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x180041ee0)
- GetTickCount (Address: 0x180041ee8)
- GetTickCount64 (Address: 0x180041ed8)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x180041ef8)
- CreateThreadpoolTimer (Address: 0x180041f10)
- SetThreadpoolTimer (Address: 0x180041f00)
- WaitForThreadpoolTimerCallbacks (Address: 0x180041f08)
api-ms-win-core-util-l1-1-0.dll
- EncodePointer (Address: 0x180041f20)
api-ms-win-core-version-l1-1-0.dll
- VerQueryValueW (Address: 0x180041f30)
api-ms-win-core-version-l1-1-1.dll
- GetFileVersionInfoSizeW (Address: 0x180041f48)
- GetFileVersionInfoW (Address: 0x180041f40)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- TraceMessage (Address: 0x180041f58)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x180041f78)
- EventRegister (Address: 0x180041f90)
- EventSetInformation (Address: 0x180041f80)
- EventUnregister (Address: 0x180041f68)
- EventWrite (Address: 0x180041f88)
- EventWriteTransfer (Address: 0x180041f70)
api-ms-win-security-base-l1-1-0.dll
- AllocateAndInitializeSid (Address: 0x180041fb0)
- CheckTokenMembership (Address: 0x180041fa8)
- FreeSid (Address: 0x180041fa0)
- GetSidSubAuthority (Address: 0x180041fb8)
- GetSidSubAuthorityCount (Address: 0x180041fc8)
- GetTokenInformation (Address: 0x180041fc0)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x180041fe0)
- SetServiceStatus (Address: 0x180041fd8)
FirewallAPI.dll
- FwActivate (Address: 0x180041ad0)
- FwAnalyzeFirewallPolicy (Address: 0x180041ad8)
- FWChangeNotificationCreate (Address: 0x180041ac0)
- FWChangeNotificationDestroy (Address: 0x180041ac8)
KERNEL32.dll
- CompareFileTime (Address: 0x180041b40)
- CreateFileMappingW (Address: 0x180041af0)
- CreateFileW (Address: 0x180041af8)
- CreateProcessW (Address: 0x180041b58)
- GetCurrentThread (Address: 0x180041b48)
- GetExitCodeProcess (Address: 0x180041b30)
- GetPrivateProfileStringW (Address: 0x180041b50)
- GetSystemDirectoryW (Address: 0x180041b38)
- GetSystemTime (Address: 0x180041b18)
- GetUserDefaultLangID (Address: 0x180041b28)
- MapViewOfFile (Address: 0x180041ae8)
- OpenProcess (Address: 0x180041b08)
- QueryFullProcessImageNameW (Address: 0x180041b00)
- SystemTimeToFileTime (Address: 0x180041b10)
- UnmapViewOfFile (Address: 0x180041b20)
msvcrt.dll
- __C_specific_handler (Address: 0x180042010)
- __CxxFrameHandler3 (Address: 0x180042110)
- __dllonexit (Address: 0x1800420a8)
- _amsg_exit (Address: 0x1800420b0)
- _callnewh (Address: 0x180042038)
- _CxxThrowException (Address: 0x180042048)
- _initterm (Address: 0x1800420c0)
- _lock (Address: 0x1800420d0)
- _onexit (Address: 0x1800420a0)
- _purecall (Address: 0x1800420f0)
- _ultow_s (Address: 0x180042068)
- _unlock (Address: 0x1800420d8)
- _vscwprintf (Address: 0x180042008)
- _vsnprintf_s (Address: 0x180041ff8)
- _vsnwprintf (Address: 0x180042100)
- _wcsicmp (Address: 0x180042028)
- _XcptFilter (Address: 0x180042098)
- ??_V@YAXPEAX@Z (Address: 0x180042108)
- ??0exception@@QEAA@AEBQEBD@Z (Address: 0x180042080)
- ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x180042088)
- ??0exception@@QEAA@AEBV0@@Z (Address: 0x180042000)
- ??0exception@@QEAA@XZ (Address: 0x1800420e0)
- ??1exception@@UEAA@XZ (Address: 0x1800420e8)
- ??1type_info@@UEAA@XZ (Address: 0x180042058)
- ??3@YAXPEAX@Z (Address: 0x180042118)
- ?terminate@@YAXXZ (Address: 0x1800420c8)
- ?what@exception@@UEBAPEBDXZ (Address: 0x180042090)
- free (Address: 0x1800420b8)
- malloc (Address: 0x180042030)
- memcmp (Address: 0x180042040)
- memcpy (Address: 0x180042060)
- memcpy_s (Address: 0x1800420f8)
- memmove (Address: 0x180042078)
- memmove_s (Address: 0x180041ff0)
- memset (Address: 0x180042050)
- wcscmp (Address: 0x180042070)
- wcsnlen (Address: 0x180042018)
- wcstok_s (Address: 0x180042020)
netutils.dll
- NetApiBufferFree (Address: 0x180042128)
ntdll.dll
- EtwEventRegister (Address: 0x180042178)
- EtwEventUnregister (Address: 0x180042170)
- EtwEventWrite (Address: 0x1800421b8)
- EtwGetTraceEnableFlags (Address: 0x180042190)
- EtwGetTraceEnableLevel (Address: 0x180042198)
- EtwGetTraceLoggerHandle (Address: 0x1800421a0)
- EtwRegisterTraceGuidsW (Address: 0x180042188)
- EtwTraceMessage (Address: 0x1800421c0)
- EtwUnregisterTraceGuids (Address: 0x180042180)
- NtQueryInformationProcess (Address: 0x1800421c8)
- RtlCaptureContext (Address: 0x180042168)
- RtlLookupFunctionEntry (Address: 0x180042160)
- RtlNtStatusToDosErrorNoTeb (Address: 0x1800421a8)
- RtlPublishWnfStateData (Address: 0x1800421b0)
- RtlVirtualUnwind (Address: 0x180042158)
- ShipAssertMsgA (Address: 0x180042150)
- WinSqmAddToStream (Address: 0x180042148)
- WinSqmIsOptedIn (Address: 0x180042138)
- WinSqmSetDWORD (Address: 0x180042140)
RPCRT4.dll
- NdrServerCall2 (Address: 0x180041b70)
- NdrServerCallAll (Address: 0x180041be8)
- RpcBindingVectorFree (Address: 0x180041b68)
- RpcEpRegisterW (Address: 0x180041b88)
- RpcEpUnregister (Address: 0x180041be0)
- RpcImpersonateClient (Address: 0x180041bb0)
- RpcRaiseException (Address: 0x180041ba8)
- RpcRevertToSelf (Address: 0x180041ba0)
- RpcServerInqBindings (Address: 0x180041b90)
- RpcServerInqCallAttributesW (Address: 0x180041bc0)
- RpcServerInqDefaultPrincNameW (Address: 0x180041bb8)
- RpcServerListen (Address: 0x180041b98)
- RpcServerRegisterAuthInfoW (Address: 0x180041bd0)
- RpcServerRegisterIfEx (Address: 0x180041bc8)
- RpcServerUnregisterIfEx (Address: 0x180041b80)
- RpcServerUseProtseqW (Address: 0x180041bd8)
- RpcStringFreeW (Address: 0x180041b78)