OSProvider.dll

Description: DISM OS Services Provider

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.3636

Architecture: 64-bit

Operating System: Windows NT

SHA256: ae9b66a6e0b1949890241c67037cef2c

File Size: 151.0 KB

Uploaded At: Dec. 1, 2025, 7:46 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DLLGetDISMProviderCLSID (Ordinal: 1, Address: 0x12c0)
  • DllCanUnloadNow (Ordinal: 2, Address: 0x12f0)
  • DllGetClassObject (Ordinal: 3, Address: 0x1330)
  • DllRegisterServer (Ordinal: 4, Address: 0x1470)
  • DllUnregisterServer (Ordinal: 5, Address: 0x1570)

Imported DLLs & Functions

ADVAPI32.dll
  • AdjustTokenPrivileges (Address: 0x180016ac0)
  • LookupPrivilegeValueW (Address: 0x180016ac8)
  • OpenProcessToken (Address: 0x180016ad0)
  • RegCloseKey (Address: 0x180016af0)
  • RegCreateKeyExW (Address: 0x180016a98)
  • RegFlushKey (Address: 0x180016aa8)
  • RegLoadKeyW (Address: 0x180016ab8)
  • RegOpenKeyExW (Address: 0x180016ae0)
  • RegQueryInfoKeyW (Address: 0x180016ae8)
  • RegQueryValueExW (Address: 0x180016ad8)
  • RegSetValueExW (Address: 0x180016aa0)
  • RegUnLoadKeyW (Address: 0x180016ab0)
KERNEL32.dll
  • CloseHandle (Address: 0x180016ca8)
  • CreateFileMappingW (Address: 0x180016cc0)
  • CreateFileW (Address: 0x180016c68)
  • DeleteCriticalSection (Address: 0x180016b18)
  • DisableThreadLibraryCalls (Address: 0x180016b00)
  • EnterCriticalSection (Address: 0x180016b58)
  • FindResourceExW (Address: 0x180016be0)
  • FormatMessageW (Address: 0x180016c80)
  • FreeLibrary (Address: 0x180016bb8)
  • GetCurrentProcess (Address: 0x180016ba0)
  • GetCurrentProcessId (Address: 0x180016b78)
  • GetCurrentThreadId (Address: 0x180016b70)
  • GetEnvironmentVariableW (Address: 0x180016bc0)
  • GetFileAttributesW (Address: 0x180016b98)
  • GetFileInformationByHandle (Address: 0x180016c70)
  • GetFullPathNameW (Address: 0x180016c60)
  • GetLastError (Address: 0x180016b28)
  • GetModuleFileNameW (Address: 0x180016b30)
  • GetModuleHandleExW (Address: 0x180016cd8)
  • GetModuleHandleW (Address: 0x180016b48)
  • GetProcAddress (Address: 0x180016b38)
  • GetProcessHeap (Address: 0x180016c08)
  • GetSystemInfo (Address: 0x180016ce0)
  • GetSystemTimeAsFileTime (Address: 0x180016c50)
  • GetSystemWindowsDirectoryW (Address: 0x180016cb0)
  • GetThreadLocale (Address: 0x180016b08)
  • GetTickCount (Address: 0x180016c58)
  • GetVersionExW (Address: 0x180016ca0)
  • HeapAlloc (Address: 0x180016c00)
  • HeapDestroy (Address: 0x180016c10)
  • HeapFree (Address: 0x180016bf8)
  • HeapReAlloc (Address: 0x180016bf0)
  • HeapSize (Address: 0x180016be8)
  • InitializeCriticalSection (Address: 0x180016b50)
  • LeaveCriticalSection (Address: 0x180016b60)
  • LoadLibraryExW (Address: 0x180016b40)
  • LoadResource (Address: 0x180016bd8)
  • LocalFree (Address: 0x180016c78)
  • LockResource (Address: 0x180016bd0)
  • MapViewOfFile (Address: 0x180016cb8)
  • MultiByteToWideChar (Address: 0x180016b80)
  • OpenProcess (Address: 0x180016ba8)
  • OutputDebugStringW (Address: 0x180016b88)
  • QueryPerformanceCounter (Address: 0x180016c48)
  • RaiseException (Address: 0x180016b20)
  • ReadFile (Address: 0x180016c88)
  • RtlCaptureContext (Address: 0x180016c18)
  • RtlLookupFunctionEntry (Address: 0x180016c20)
  • RtlVirtualUnwind (Address: 0x180016c28)
  • SearchPathW (Address: 0x180016cd0)
  • SetEnvironmentVariableW (Address: 0x180016bb0)
  • SetFilePointer (Address: 0x180016c90)
  • SetLastError (Address: 0x180016c98)
  • SetThreadLocale (Address: 0x180016b10)
  • SetThreadUILanguage (Address: 0x180016b68)
  • SetUnhandledExceptionFilter (Address: 0x180016c38)
  • SizeofResource (Address: 0x180016bc8)
  • Sleep (Address: 0x180016b90)
  • TerminateProcess (Address: 0x180016c40)
  • UnhandledExceptionFilter (Address: 0x180016c30)
  • UnmapViewOfFile (Address: 0x180016cc8)
msvcrt.dll
  • __C_specific_handler (Address: 0x180016ee0)
  • __CxxFrameHandler3 (Address: 0x180016ee8)
  • __dllonexit (Address: 0x180016e10)
  • _amsg_exit (Address: 0x180016e38)
  • _callnewh (Address: 0x180016e50)
  • _CxxThrowException (Address: 0x180016e48)
  • _initterm (Address: 0x180016e30)
  • _lock (Address: 0x180016e20)
  • _onexit (Address: 0x180016e08)
  • _purecall (Address: 0x180016e90)
  • _unlock (Address: 0x180016e18)
  • _vscwprintf (Address: 0x180016eb0)
  • _vsnwprintf (Address: 0x180016de0)
  • _wcsicmp (Address: 0x180016eb8)
  • _wcslwr_s (Address: 0x180016ea0)
  • _wcsnicmp (Address: 0x180016dd0)
  • _XcptFilter (Address: 0x180016e40)
  • ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x180016e70)
  • ??0exception@@QEAA@AEBV0@@Z (Address: 0x180016e68)
  • ??1exception@@UEAA@XZ (Address: 0x180016e60)
  • ??1type_info@@UEAA@XZ (Address: 0x180016e00)
  • ?terminate@@YAXXZ (Address: 0x180016e28)
  • ?what@exception@@UEBAPEBDXZ (Address: 0x180016e58)
  • free (Address: 0x180016ed0)
  • malloc (Address: 0x180016e78)
  • memcmp (Address: 0x180016df0)
  • memcpy (Address: 0x180016df8)
  • memcpy_s (Address: 0x180016e88)
  • memmove_s (Address: 0x180016e80)
  • memset (Address: 0x180016de8)
  • towupper (Address: 0x180016db8)
  • vswprintf_s (Address: 0x180016ea8)
  • wcscat_s (Address: 0x180016ec8)
  • wcschr (Address: 0x180016dc0)
  • wcscpy_s (Address: 0x180016ed8)
  • wcsncmp (Address: 0x180016dd8)
  • wcsncpy_s (Address: 0x180016ec0)
  • wcsrchr (Address: 0x180016dc8)
  • wcsstr (Address: 0x180016e98)
ntdll.dll
  • NtQueryInformationProcess (Address: 0x180016f10)
  • NtQueryOpenSubKeysEx (Address: 0x180016f18)
  • NtUnloadKey2 (Address: 0x180016f08)
  • RtlAllocateHeap (Address: 0x180016ef8)
  • RtlFreeHeap (Address: 0x180016f00)
  • RtlInitUnicodeString (Address: 0x180016f20)
OLE32.dll
  • CoCreateInstance (Address: 0x180016cf8)
  • CoTaskMemFree (Address: 0x180016d00)
  • ProgIDFromCLSID (Address: 0x180016d08)
  • StringFromGUID2 (Address: 0x180016cf0)
OLEAUT32.dll
  • CreateErrorInfo (Address: 0x180016d70)
  • LoadRegTypeLib (Address: 0x180016d60)
  • LoadTypeLib (Address: 0x180016d30)
  • RegisterTypeLib (Address: 0x180016d38)
  • SetErrorInfo (Address: 0x180016d68)
  • SysAllocString (Address: 0x180016d28)
  • SysAllocStringByteLen (Address: 0x180016d58)
  • SysAllocStringLen (Address: 0x180016d48)
  • SysFreeString (Address: 0x180016d18)
  • SysStringByteLen (Address: 0x180016d50)
  • SysStringLen (Address: 0x180016d40)
  • UnRegisterTypeLib (Address: 0x180016d20)
USER32.dll
  • CharNextW (Address: 0x180016d80)
  • LoadStringW (Address: 0x180016d88)
VERSION.dll
  • GetFileVersionInfoExW (Address: 0x180016d98)
  • GetFileVersionInfoSizeExW (Address: 0x180016da8)
  • VerQueryValueW (Address: 0x180016da0)