invagent.dll

Description: Inventory Agent

Version: 10.0.19645.1048

Architecture: 64-bit

Operating System: Windows NT

SHA256: 0dab9f20368900cb725ea054f310d367

File Size: 569.4 KB

Uploaded At: Dec. 1, 2025, 7:46 a.m.

Views: 6

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

GetDetailedAppInventoryReport (Ordinal: 1, Address: 0xb2f0)
GetFileSigningInfoTC (Ordinal: 2, Address: 0xbe60)
RunUpdate (Ordinal: 3, Address: 0xbe50)
RunUpdateTC (Ordinal: 4, Address: 0xb970)
DllCanUnloadNow (Ordinal: 5, Address: 0xcfb0)
DllGetClassObject (Ordinal: 6, Address: 0xce80)
DllRegisterServer (Ordinal: 7, Address: 0xcfe0)
DllUnregisterServer (Ordinal: 8, Address: 0xcff0)

Imported DLLs & Functions

ADVAPI32.dll

CloseServiceHandle (Address: 0x18005ea08)
ControlServiceExW (Address: 0x18005e940)
ControlTraceW (Address: 0x18005e9d8)
CreateProcessAsUserW (Address: 0x18005e8f8)
CryptAcquireContextW (Address: 0x18005e928)
CryptCreateHash (Address: 0x18005e920)
CryptDestroyHash (Address: 0x18005e908)
CryptGetHashParam (Address: 0x18005e910)
CryptHashData (Address: 0x18005e918)
CryptReleaseContext (Address: 0x18005e900)
EnableTrace (Address: 0x18005e9f0)
EnableTraceEx2 (Address: 0x18005e9e8)
EventRegister (Address: 0x18005e8b0)
EventUnregister (Address: 0x18005e8a8)
EventWriteTransfer (Address: 0x18005e970)
InitializeSecurityDescriptor (Address: 0x18005e958)
OpenSCManagerW (Address: 0x18005e9f8)
OpenServiceW (Address: 0x18005ea00)
OpenThreadToken (Address: 0x18005e9d0)
QueryServiceStatusEx (Address: 0x18005e948)
RegCloseKey (Address: 0x18005e8c0)
RegCreateKeyExW (Address: 0x18005e978)
RegDeleteKeyExW (Address: 0x18005e990)
RegDeleteKeyValueW (Address: 0x18005e8d8)
RegDeleteKeyW (Address: 0x18005e980)
RegDeleteTreeW (Address: 0x18005e9c8)
RegDeleteValueW (Address: 0x18005e8c8)
RegEnumKeyExW (Address: 0x18005e9a8)
RegEnumValueW (Address: 0x18005e8f0)
RegFlushKey (Address: 0x18005e9a0)
RegGetValueW (Address: 0x18005e8e0)
RegLoadAppKeyW (Address: 0x18005e998)
RegLoadKeyW (Address: 0x18005e9b0)
RegOpenKeyExW (Address: 0x18005e8a0)
RegOpenKeyW (Address: 0x18005e8d0)
RegQueryInfoKeyW (Address: 0x18005e898)
RegSaveKeyExW (Address: 0x18005e968)
RegSetKeySecurity (Address: 0x18005e8e8)
RegSetKeyValueW (Address: 0x18005e988)
RegSetValueExW (Address: 0x18005e8b8)
RegUnLoadKeyW (Address: 0x18005e9b8)
SetEntriesInAclW (Address: 0x18005e960)
SetSecurityDescriptorDacl (Address: 0x18005e950)
SetSecurityDescriptorOwner (Address: 0x18005e9c0)
StartServiceW (Address: 0x18005e938)
StartTraceW (Address: 0x18005e9e0)
TraceEvent (Address: 0x18005e930)

AEINV.dll

CreateSoftwareInventory (Address: 0x18005ea18)
GetAppInventory (Address: 0x18005ea20)
GetCachedAppInventory (Address: 0x18005ea30)
GetDetailedAppInventory (Address: 0x18005ea28)

AEPIC.dll

PicFreeFileInfo (Address: 0x18005ea48)
PicRetrieveFileInfo (Address: 0x18005ea40)

bcrypt.dll

BCryptCloseAlgorithmProvider (Address: 0x18005ef50)
BCryptCreateHash (Address: 0x18005ef80)
BCryptDestroyHash (Address: 0x18005ef78)
BCryptFinishHash (Address: 0x18005ef58)
BCryptGetProperty (Address: 0x18005ef68)
BCryptHashData (Address: 0x18005ef70)
BCryptOpenAlgorithmProvider (Address: 0x18005ef60)

CRYPT32.dll

CertDuplicateCertificateContext (Address: 0x18005ea58)
CertFreeCertificateContext (Address: 0x18005ea60)
CertGetCertificateContextProperty (Address: 0x18005ea70)
CertGetNameStringW (Address: 0x18005ea68)

devinv.dll

CreateDeviceInventory (Address: 0x18005ef90)

KERNEL32.dll

AcquireSRWLockExclusive (Address: 0x18005eb28)
AcquireSRWLockShared (Address: 0x18005edd8)
CloseHandle (Address: 0x18005eb10)
CloseThreadpoolTimer (Address: 0x18005eb30)
CreateActCtxW (Address: 0x18005edb8)
CreateEventW (Address: 0x18005eb78)
CreateFileMappingW (Address: 0x18005ec80)
CreateFileW (Address: 0x18005ed98)
CreateMutexExW (Address: 0x18005ede0)
CreateMutexW (Address: 0x18005ed70)
CreateProcessW (Address: 0x18005ed40)
CreateSemaphoreExW (Address: 0x18005eda8)
CreateSemaphoreW (Address: 0x18005ecf0)
CreateThread (Address: 0x18005ec58)
CreateThreadpoolTimer (Address: 0x18005eaf0)
CreateWaitableTimerW (Address: 0x18005ed10)
DebugBreak (Address: 0x18005eb88)
DecodePointer (Address: 0x18005ec10)
DelayLoadFailureHook (Address: 0x18005ec38)
DeleteCriticalSection (Address: 0x18005edc0)
DeleteFileW (Address: 0x18005ea88)
DeviceIoControl (Address: 0x18005ece8)
EncodePointer (Address: 0x18005ec18)
EnterCriticalSection (Address: 0x18005ebf0)
ExitProcess (Address: 0x18005ec60)
ExpandEnvironmentStringsW (Address: 0x18005ea80)
FileTimeToLocalFileTime (Address: 0x18005ecc0)
FileTimeToSystemTime (Address: 0x18005ecc8)
FindClose (Address: 0x18005ed78)
FindFirstFileW (Address: 0x18005ed88)
FindNextFileW (Address: 0x18005ed80)
FormatMessageW (Address: 0x18005eb50)
FreeLibrary (Address: 0x18005ea90)
GetCommandLineW (Address: 0x18005ed68)
GetCurrentProcess (Address: 0x18005eaa0)
GetCurrentProcessId (Address: 0x18005ebf8)
GetCurrentThread (Address: 0x18005eb68)
GetCurrentThreadId (Address: 0x18005ebb8)
GetExitCodeProcess (Address: 0x18005ed38)
GetFileAttributesW (Address: 0x18005ee00)
GetFileSize (Address: 0x18005ec88)
GetLastError (Address: 0x18005eb48)
GetModuleFileNameA (Address: 0x18005edb0)
GetModuleFileNameW (Address: 0x18005ed60)
GetModuleHandleExA (Address: 0x18005ed20)
GetModuleHandleExW (Address: 0x18005ebe0)
GetModuleHandleW (Address: 0x18005eb90)
GetProcAddress (Address: 0x18005ede8)
GetProcessHeap (Address: 0x18005eb98)
GetStringTypeW (Address: 0x18005ec30)
GetSystemDirectoryW (Address: 0x18005ec98)
GetSystemFirmwareTable (Address: 0x18005ec90)
GetSystemTime (Address: 0x18005ec50)
GetSystemTimeAsFileTime (Address: 0x18005eae8)
GetSystemWindowsDirectoryW (Address: 0x18005ec08)
GetTempFileNameW (Address: 0x18005ee10)
GetTempPathW (Address: 0x18005ee08)
GetTickCount (Address: 0x18005eb60)
GetVolumeInformationByHandleW (Address: 0x18005ece0)
HeapAlloc (Address: 0x18005edf8)
HeapFree (Address: 0x18005ed90)
HeapReAlloc (Address: 0x18005ecd8)
HeapSize (Address: 0x18005ec48)
InitializeCriticalSection (Address: 0x18005ec68)
InitializeCriticalSectionEx (Address: 0x18005ebd0)
InitOnceExecuteOnce (Address: 0x18005eaf8)
IsDebuggerPresent (Address: 0x18005eb80)
K32EnumProcesses (Address: 0x18005ecb8)
K32EnumProcessModules (Address: 0x18005eca8)
K32GetModuleFileNameExW (Address: 0x18005eca0)
LeaveCriticalSection (Address: 0x18005ebd8)
LoadLibraryExA (Address: 0x18005ec40)
LoadLibraryExW (Address: 0x18005ed50)
LoadLibraryW (Address: 0x18005edd0)
LocalAlloc (Address: 0x18005ed48)
LocaleNameToLCID (Address: 0x18005ecd0)
LocalFree (Address: 0x18005eaa8)
MapViewOfFile (Address: 0x18005ec78)
MoveFileExW (Address: 0x18005ed58)
MultiByteToWideChar (Address: 0x18005ec20)
OpenProcess (Address: 0x18005ecb0)
OpenSemaphoreW (Address: 0x18005eb18)
OpenWaitableTimerW (Address: 0x18005ed00)
OutputDebugStringA (Address: 0x18005ed28)
OutputDebugStringW (Address: 0x18005eb38)
QueryActCtxW (Address: 0x18005eba0)
QueryPerformanceCounter (Address: 0x18005eae0)
QueryThreadCycleTime (Address: 0x18005eb70)
ReleaseActCtx (Address: 0x18005eba8)
ReleaseMutex (Address: 0x18005eb58)
ReleaseSemaphore (Address: 0x18005ebe8)
ReleaseSRWLockExclusive (Address: 0x18005eb40)
ReleaseSRWLockShared (Address: 0x18005eb00)
RtlCaptureContext (Address: 0x18005eab8)
RtlCompareMemory (Address: 0x18005ebb0)
RtlLookupFunctionEntry (Address: 0x18005eac0)
RtlVirtualUnwind (Address: 0x18005eac8)
SetEvent (Address: 0x18005ecf8)
SetLastError (Address: 0x18005edf0)
SetThreadpoolTimer (Address: 0x18005eb08)
SetUnhandledExceptionFilter (Address: 0x18005ead8)
SetWaitableTimer (Address: 0x18005ed18)
Sleep (Address: 0x18005eab0)
SleepConditionVariableSRW (Address: 0x18005ec00)
TerminateProcess (Address: 0x18005ea98)
UnhandledExceptionFilter (Address: 0x18005ead0)
UnmapViewOfFile (Address: 0x18005ec70)
VerifyVersionInfoW (Address: 0x18005edc8)
VerSetConditionMask (Address: 0x18005eda0)
WaitForMultipleObjects (Address: 0x18005ed08)
WaitForSingleObject (Address: 0x18005ebc0)
WaitForSingleObjectEx (Address: 0x18005eb20)
WaitForThreadpoolTimerCallbacks (Address: 0x18005ebc8)
WakeAllConditionVariable (Address: 0x18005ee18)
WideCharToMultiByte (Address: 0x18005ec28)
WriteFile (Address: 0x18005ed30)

msvcrt.dll

___lc_codepage_func (Address: 0x18005eff8)
___lc_collate_cp_func (Address: 0x18005f010)
___lc_handle_func (Address: 0x18005f000)
___mb_cur_max_func (Address: 0x18005f008)
__C_specific_handler (Address: 0x18005f1c0)
__crtCompareStringW (Address: 0x18005efb0)
__crtLCMapStringW (Address: 0x18005efa8)
__CxxFrameHandler3 (Address: 0x18005f040)
__dllonexit (Address: 0x18005f138)
__pctype_func (Address: 0x18005efe8)
__uncaught_exception (Address: 0x18005efd0)
_amsg_exit (Address: 0x18005f180)
_CxxThrowException (Address: 0x18005f1a0)
_errno (Address: 0x18005f100)
_initterm (Address: 0x18005f168)
_ismbblead (Address: 0x18005eff0)
_lock (Address: 0x18005f158)
_mktime64 (Address: 0x18005f048)
_onexit (Address: 0x18005f130)
_purecall (Address: 0x18005f200)
_snwscanf_s (Address: 0x18005f028)
_unlock (Address: 0x18005f140)
_vscwprintf (Address: 0x18005f068)
_vsnprintf (Address: 0x18005f0d0)
_vsnprintf_s (Address: 0x18005f1e0)
_vsnwprintf (Address: 0x18005f210)
_vsnwprintf_s (Address: 0x18005f1c8)
_wcsdup (Address: 0x18005efb8)
_wcsicmp (Address: 0x18005f108)
_wcslwr (Address: 0x18005f0b0)
_wcsnicmp (Address: 0x18005f0c0)
_wctime64 (Address: 0x18005f050)
_wmkdir (Address: 0x18005f150)
_wsetlocale (Address: 0x18005efa0)
_wsplitpath_s (Address: 0x18005f148)
_wtoi (Address: 0x18005f0a0)
_wtoi64 (Address: 0x18005f058)
_XcptFilter (Address: 0x18005f188)
??0bad_cast@@QEAA@AEBV0@@Z (Address: 0x18005f088)
??0bad_cast@@QEAA@PEBD@Z (Address: 0x18005f078)
??0exception@@QEAA@AEBQEBD@Z (Address: 0x18005f1b8)
??0exception@@QEAA@AEBQEBDH@Z (Address: 0x18005f1b0)
??0exception@@QEAA@AEBV0@@Z (Address: 0x18005f1e8)
??0exception@@QEAA@XZ (Address: 0x18005f1f0)
??1bad_cast@@UEAA@XZ (Address: 0x18005f080)
??1exception@@UEAA@XZ (Address: 0x18005f1f8)
??1type_info@@UEAA@XZ (Address: 0x18005f128)
?terminate@@YAXXZ (Address: 0x18005f160)
?what@exception@@UEBAPEBDXZ (Address: 0x18005f1a8)
abort (Address: 0x18005efc8)
calloc (Address: 0x18005efe0)
free (Address: 0x18005f178)
iswalpha (Address: 0x18005f0e0)
malloc (Address: 0x18005f170)
memcmp (Address: 0x18005efd8)
memcpy (Address: 0x18005f198)
memcpy_s (Address: 0x18005f208)
memmove (Address: 0x18005f190)
memmove_s (Address: 0x18005f1d8)
memset (Address: 0x18005efc0)
realloc (Address: 0x18005f090)
setlocale (Address: 0x18005f018)
sprintf_s (Address: 0x18005f110)
strchr (Address: 0x18005f0f8)
strcmp (Address: 0x18005f120)
strcpy_s (Address: 0x18005f0c8)
strncmp (Address: 0x18005f0a8)
strnlen (Address: 0x18005f038)
tolower (Address: 0x18005f070)
towlower (Address: 0x18005f060)
wcscat_s (Address: 0x18005f118)
wcschr (Address: 0x18005f0d8)
wcscmp (Address: 0x18005f218)
wcscpy_s (Address: 0x18005f0e8)
wcsncmp (Address: 0x18005f1d0)
wcsrchr (Address: 0x18005f0f0)
wcsstr (Address: 0x18005f0b8)
wcstombs (Address: 0x18005f098)
wcstoul (Address: 0x18005f030)
wprintf (Address: 0x18005f020)

ntdll.dll

EtwEventRegister (Address: 0x18005f2a0)
EtwEventUnregister (Address: 0x18005f2b0)
EtwEventWrite (Address: 0x18005f2a8)
EtwTraceMessage (Address: 0x18005f268)
LdrResSearchResource (Address: 0x18005f248)
NtLoadKeyEx (Address: 0x18005f348)
NtQueryInformationProcess (Address: 0x18005f270)
NtQueryInformationToken (Address: 0x18005f358)
NtQueryKey (Address: 0x18005f398)
NtQueryLicenseValue (Address: 0x18005f260)
RtlAdjustPrivilege (Address: 0x18005f3c0)
RtlAllocateAndInitializeSid (Address: 0x18005f3b0)
RtlAllocateHeap (Address: 0x18005f3d8)
RtlAnsiStringToUnicodeString (Address: 0x18005f288)
RtlAppendUnicodeStringToString (Address: 0x18005f378)
RtlAppendUnicodeToString (Address: 0x18005f380)
RtlComputeCrc32 (Address: 0x18005f350)
RtlDeleteCriticalSection (Address: 0x18005f338)
RtlDosPathNameToNtPathName_U_WithStatus (Address: 0x18005f2f8)
RtlDosPathNameToRelativeNtPathName_U (Address: 0x18005f360)
RtlEnterCriticalSection (Address: 0x18005f328)
RtlEqualString (Address: 0x18005f330)
RtlFreeHeap (Address: 0x18005f3c8)
RtlFreeSid (Address: 0x18005f3a8)
RtlFreeUnicodeString (Address: 0x18005f370)
RtlGetNativeSystemInformation (Address: 0x18005f228)
RtlImageDirectoryEntryToData (Address: 0x18005f258)
RtlInitAnsiString (Address: 0x18005f320)
RtlInitializeCriticalSection (Address: 0x18005f310)
RtlInitString (Address: 0x18005f298)
RtlInitUnicodeString (Address: 0x18005f2f0)
RtlInitUnicodeStringEx (Address: 0x18005f368)
RtlLeaveCriticalSection (Address: 0x18005f308)
RtlMultiByteToUnicodeN (Address: 0x18005f318)
RtlNtStatusToDosError (Address: 0x18005f3b8)
RtlRandomEx (Address: 0x18005f390)
RtlReAllocateHeap (Address: 0x18005f3d0)
RtlReleaseRelativeName (Address: 0x18005f340)
RtlSecondsSince1970ToTime (Address: 0x18005f2b8)
RtlStringFromGUID (Address: 0x18005f388)
RtlTimeToTimeFields (Address: 0x18005f278)
RtlUpcaseUnicodeChar (Address: 0x18005f280)
RtlVerifyVersionInfo (Address: 0x18005f250)
RtlxAnsiStringToUnicodeSize (Address: 0x18005f290)
WinSqmIsOptedInEx (Address: 0x18005f3a0)
ZwClose (Address: 0x18005f300)
ZwCreateFile (Address: 0x18005f2d0)
ZwCreateSection (Address: 0x18005f2c0)
ZwEnumerateKey (Address: 0x18005f2e0)
ZwMapViewOfSection (Address: 0x18005f240)
ZwOpenKey (Address: 0x18005f2e8)
ZwQueryInformationFile (Address: 0x18005f2c8)
ZwQuerySystemInformation (Address: 0x18005f230)
ZwQueryValueKey (Address: 0x18005f2d8)
ZwUnmapViewOfSection (Address: 0x18005f238)

ole32.dll

CoCreateInstance (Address: 0x18005f410)
CoImpersonateClient (Address: 0x18005f3f0)
CoInitializeEx (Address: 0x18005f408)
CoRevertToSelf (Address: 0x18005f400)
CoTaskMemFree (Address: 0x18005f3f8)
CoUninitialize (Address: 0x18005f3e8)

OLEAUT32.dll

SysAllocString (Address: 0x18005ee30)
SysFreeString (Address: 0x18005ee40)
SysStringByteLen (Address: 0x18005ee28)
SysStringLen (Address: 0x18005ee38)
VariantChangeType (Address: 0x18005ee58)
VariantClear (Address: 0x18005ee50)
VariantInit (Address: 0x18005ee48)

RPCRT4.dll

UuidCreate (Address: 0x18005ee68)

SHELL32.dll

CommandLineToArgvW (Address: 0x18005ee88)
SHFileOperationW (Address: 0x18005ee80)
SHGetKnownFolderPath (Address: 0x18005ee78)

SHLWAPI.dll

PathFileExistsW (Address: 0x18005eea0)
PathFindFileNameW (Address: 0x18005ee98)
PathUnExpandEnvStringsW (Address: 0x18005eea8)

wer.dll

WerReportAddFile (Address: 0x18005f428)
WerReportCloseHandle (Address: 0x18005f438)
WerReportCreate (Address: 0x18005f420)
WerReportSetParameter (Address: 0x18005f440)
WerReportSubmit (Address: 0x18005f430)

WINHTTP.dll

WinHttpCloseHandle (Address: 0x18005eed0)
WinHttpConnect (Address: 0x18005eef0)
WinHttpOpen (Address: 0x18005eeb8)
WinHttpOpenRequest (Address: 0x18005eec0)
WinHttpQueryDataAvailable (Address: 0x18005eee8)
WinHttpReadData (Address: 0x18005eed8)
WinHttpReceiveResponse (Address: 0x18005eee0)
WinHttpSendRequest (Address: 0x18005eec8)

WINTRUST.dll

CryptCATAdminAcquireContext (Address: 0x18005ef10)
CryptCATAdminCalcHashFromFileHandle (Address: 0x18005ef38)
CryptCATAdminEnumCatalogFromHash (Address: 0x18005ef18)
CryptCATAdminReleaseCatalogContext (Address: 0x18005ef08)
CryptCATAdminReleaseContext (Address: 0x18005ef00)
CryptCATCatalogInfoFromContext (Address: 0x18005ef40)
WinVerifyTrust (Address: 0x18005ef20)
WTHelperGetProvSignerFromChain (Address: 0x18005ef30)
WTHelperProvDataFromStateData (Address: 0x18005ef28)