pdm.dll

Description: Process Debug Manager

Authors: © Microsoft Corporation. All rights reserved.

Version: 16.0.81.0

Architecture: 64-bit

Operating System: Windows

SHA256: 1ab9719df32a2d00bf8814512457d576

File Size: 609.6 KB

Uploaded At: Dec. 1, 2025, 7:49 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x2ef90)
  • DllGetClassObject (Ordinal: 2, Address: 0x2efd0)
  • DllRegisterServer (Ordinal: 3, Address: 0x2f110)
  • DllUnregisterServer (Ordinal: 4, Address: 0x2f120)

Imported DLLs & Functions

ADVAPI32.dll
  • AddAce (Address: 0x180062070)
  • CopySid (Address: 0x180062040)
  • EqualSid (Address: 0x180062100)
  • GetAclInformation (Address: 0x180062018)
  • GetLengthSid (Address: 0x180062088)
  • GetSecurityDescriptorControl (Address: 0x180062038)
  • GetSecurityDescriptorDacl (Address: 0x180062010)
  • GetSecurityDescriptorGroup (Address: 0x180062020)
  • GetSecurityDescriptorOwner (Address: 0x180062060)
  • GetSecurityDescriptorSacl (Address: 0x180062000)
  • GetSidIdentifierAuthority (Address: 0x1800620e0)
  • GetSidLengthRequired (Address: 0x180062030)
  • GetSidSubAuthority (Address: 0x180062028)
  • GetSidSubAuthorityCount (Address: 0x1800620f0)
  • GetTokenInformation (Address: 0x180062048)
  • InitializeAcl (Address: 0x180062080)
  • InitializeSecurityDescriptor (Address: 0x180062078)
  • InitializeSid (Address: 0x180062058)
  • IsValidSid (Address: 0x180062068)
  • MakeAbsoluteSD (Address: 0x180062090)
  • OpenProcessToken (Address: 0x1800620e8)
  • RegCloseKey (Address: 0x1800620c8)
  • RegCreateKeyExW (Address: 0x1800620a8)
  • RegDeleteKeyW (Address: 0x1800620a0)
  • RegDeleteValueW (Address: 0x1800620c0)
  • RegEnumKeyExW (Address: 0x1800620b0)
  • RegEnumKeyW (Address: 0x1800620f8)
  • RegOpenKeyExW (Address: 0x1800620d0)
  • RegQueryInfoKeyW (Address: 0x180062098)
  • RegQueryValueExW (Address: 0x1800620d8)
  • RegSetValueExW (Address: 0x1800620b8)
  • SetSecurityDescriptorDacl (Address: 0x180062008)
  • SetSecurityDescriptorSacl (Address: 0x180062050)
KERNEL32.dll
  • CloseHandle (Address: 0x180062440)
  • CreateEventW (Address: 0x1800621d8)
  • CreateFileMappingW (Address: 0x180062198)
  • CreateFileW (Address: 0x180062388)
  • CreateMutexW (Address: 0x180062110)
  • CreateSemaphoreW (Address: 0x1800623f0)
  • CreateThread (Address: 0x180062138)
  • DecodePointer (Address: 0x180062430)
  • DeleteCriticalSection (Address: 0x180062420)
  • DuplicateHandle (Address: 0x1800621c8)
  • EncodePointer (Address: 0x180062148)
  • EnterCriticalSection (Address: 0x180062478)
  • ExitProcess (Address: 0x1800622b0)
  • FindClose (Address: 0x1800622f8)
  • FindFirstFileExA (Address: 0x180062300)
  • FindNextFileA (Address: 0x180062308)
  • FindResourceExW (Address: 0x1800623c8)
  • FindResourceW (Address: 0x1800623b8)
  • FlushFileBuffers (Address: 0x180062378)
  • FormatMessageA (Address: 0x1800624a0)
  • FormatMessageW (Address: 0x1800624b0)
  • FreeEnvironmentStringsW (Address: 0x180062340)
  • FreeLibrary (Address: 0x180062348)
  • FreeLibraryAndExitThread (Address: 0x180062130)
  • GetACP (Address: 0x1800622d8)
  • GetCommandLineA (Address: 0x180062328)
  • GetCommandLineW (Address: 0x180062330)
  • GetComputerNameW (Address: 0x180062488)
  • GetConsoleCP (Address: 0x180062360)
  • GetConsoleMode (Address: 0x180062368)
  • GetCPInfo (Address: 0x180062320)
  • GetCurrentProcess (Address: 0x1800621b0)
  • GetCurrentProcessId (Address: 0x180062128)
  • GetCurrentThread (Address: 0x1800621f8)
  • GetCurrentThreadId (Address: 0x180062118)
  • GetEnvironmentStringsW (Address: 0x180062338)
  • GetFileAttributesW (Address: 0x180062200)
  • GetFileType (Address: 0x1800622e8)
  • GetLastError (Address: 0x180062450)
  • GetModuleFileNameA (Address: 0x1800622c0)
  • GetModuleFileNameW (Address: 0x180062268)
  • GetModuleHandleExW (Address: 0x1800622b8)
  • GetModuleHandleW (Address: 0x1800623a0)
  • GetOEMCP (Address: 0x180062318)
  • GetProcAddress (Address: 0x1800623a8)
  • GetProcessHeap (Address: 0x180062418)
  • GetStartupInfoW (Address: 0x180062248)
  • GetStdHandle (Address: 0x1800622e0)
  • GetStringTypeW (Address: 0x1800622f0)
  • GetSystemInfo (Address: 0x180062290)
  • GetSystemTimeAsFileTime (Address: 0x180062258)
  • GetThreadLocale (Address: 0x180062140)
  • GetTickCount (Address: 0x1800621a8)
  • GetVersion (Address: 0x180062498)
  • GlobalAlloc (Address: 0x180062160)
  • GlobalFree (Address: 0x180062168)
  • GlobalLock (Address: 0x180062170)
  • GlobalUnlock (Address: 0x180062178)
  • HeapAlloc (Address: 0x180062438)
  • HeapDestroy (Address: 0x180062428)
  • HeapFree (Address: 0x180062480)
  • HeapReAlloc (Address: 0x180062448)
  • HeapSize (Address: 0x180062458)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180062288)
  • InitializeCriticalSectionEx (Address: 0x180062460)
  • InitializeSListHead (Address: 0x180062260)
  • InterlockedFlushSList (Address: 0x180062278)
  • IsDebuggerPresent (Address: 0x180062240)
  • IsProcessorFeaturePresent (Address: 0x180062238)
  • IsValidCodePage (Address: 0x180062310)
  • LCMapStringW (Address: 0x1800622d0)
  • LeaveCriticalSection (Address: 0x180062468)
  • LoadLibraryExA (Address: 0x1800624b8)
  • LoadLibraryExW (Address: 0x180062158)
  • LoadLibraryW (Address: 0x180062398)
  • LoadResource (Address: 0x1800623c0)
  • LocalFree (Address: 0x1800624a8)
  • LockResource (Address: 0x1800623d0)
  • lstrcmpiW (Address: 0x180062150)
  • MapViewOfFile (Address: 0x1800621a0)
  • MultiByteToWideChar (Address: 0x1800623b0)
  • OpenEventW (Address: 0x1800621c0)
  • OpenFileMappingW (Address: 0x180062180)
  • OpenProcess (Address: 0x1800621d0)
  • OutputDebugStringW (Address: 0x180062380)
  • ProcessIdToSessionId (Address: 0x180062490)
  • QueryPerformanceCounter (Address: 0x180062250)
  • RaiseException (Address: 0x1800623f8)
  • RegisterWaitForSingleObject (Address: 0x1800621b8)
  • ReleaseMutex (Address: 0x180062120)
  • ReleaseSemaphore (Address: 0x180062470)
  • RtlCaptureContext (Address: 0x180062208)
  • RtlLookupFunctionEntry (Address: 0x180062210)
  • RtlPcToFileHeader (Address: 0x180062270)
  • RtlUnwindEx (Address: 0x1800624c0)
  • RtlVirtualUnwind (Address: 0x180062218)
  • SetEvent (Address: 0x1800621e0)
  • SetFilePointerEx (Address: 0x180062370)
  • SetLastError (Address: 0x180062280)
  • SetStdHandle (Address: 0x180062350)
  • SetUnhandledExceptionFilter (Address: 0x180062228)
  • SizeofResource (Address: 0x1800623d8)
  • Sleep (Address: 0x180062190)
  • TerminateProcess (Address: 0x180062230)
  • TlsAlloc (Address: 0x180062400)
  • TlsFree (Address: 0x1800623e0)
  • TlsGetValue (Address: 0x1800623e8)
  • TlsSetValue (Address: 0x180062410)
  • UnhandledExceptionFilter (Address: 0x180062220)
  • UnmapViewOfFile (Address: 0x180062188)
  • UnregisterWaitEx (Address: 0x1800621e8)
  • VirtualAlloc (Address: 0x180062298)
  • VirtualProtect (Address: 0x1800622a0)
  • VirtualQuery (Address: 0x1800622a8)
  • WaitForMultipleObjects (Address: 0x1800621f0)
  • WaitForSingleObject (Address: 0x180062408)
  • WideCharToMultiByte (Address: 0x1800622c8)
  • WriteConsoleW (Address: 0x180062390)
  • WriteFile (Address: 0x180062358)
ole32.dll
  • CLSIDFromString (Address: 0x1800626d8)
  • CoCreateInstance (Address: 0x180062668)
  • CoGetObjectContext (Address: 0x180062660)
  • CoInitializeEx (Address: 0x1800626a0)
  • CoMarshalInterface (Address: 0x1800626c8)
  • CoQueryProxyBlanket (Address: 0x180062680)
  • CoRegisterClassObject (Address: 0x180062650)
  • CoRegisterMessageFilter (Address: 0x180062690)
  • CoRegisterPSClsid (Address: 0x180062688)
  • CoReleaseMarshalData (Address: 0x1800626d0)
  • CoSetProxyBlanket (Address: 0x180062658)
  • CoTaskMemAlloc (Address: 0x180062678)
  • CoTaskMemFree (Address: 0x1800626a8)
  • CoTaskMemRealloc (Address: 0x1800626b0)
  • CoUninitialize (Address: 0x180062698)
  • CoUnmarshalInterface (Address: 0x1800626c0)
  • CoWaitForMultipleHandles (Address: 0x1800626e0)
  • CreateStreamOnHGlobal (Address: 0x1800626b8)
  • StringFromGUID2 (Address: 0x180062670)
OLEAUT32.dll
  • SafeArrayGetDim (Address: 0x1800624f0)
  • SafeArrayGetLBound (Address: 0x180062508)
  • SafeArrayGetUBound (Address: 0x180062500)
  • SafeArrayPtrOfIndex (Address: 0x180062538)
  • SysAllocString (Address: 0x180062520)
  • SysAllocStringByteLen (Address: 0x1800624e8)
  • SysAllocStringLen (Address: 0x1800624d8)
  • SysFreeString (Address: 0x180062528)
  • SysStringByteLen (Address: 0x1800624e0)
  • SysStringLen (Address: 0x1800624d0)
  • VarBstrCat (Address: 0x180062540)
  • VariantChangeType (Address: 0x180062550)
  • VariantClear (Address: 0x180062518)
  • VariantCopy (Address: 0x180062510)
  • VariantCopyInd (Address: 0x180062530)
  • VariantInit (Address: 0x1800624f8)
  • VarUI4FromStr (Address: 0x180062548)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x180062578)
  • CStdStubBuffer_Connect (Address: 0x1800625c0)
  • CStdStubBuffer_CountRefs (Address: 0x180062588)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x180062568)
  • CStdStubBuffer_DebugServerRelease (Address: 0x1800625a0)
  • CStdStubBuffer_Disconnect (Address: 0x1800625a8)
  • CStdStubBuffer_Invoke (Address: 0x1800625d8)
  • CStdStubBuffer_IsIIDSupported (Address: 0x1800625b8)
  • CStdStubBuffer_QueryInterface (Address: 0x180062590)
  • IUnknown_AddRef_Proxy (Address: 0x180062560)
  • IUnknown_QueryInterface_Proxy (Address: 0x1800625b0)
  • IUnknown_Release_Proxy (Address: 0x180062580)
  • NdrCStdStubBuffer_Release (Address: 0x1800625d0)
  • NdrDllGetClassObject (Address: 0x1800625c8)
  • NdrOleAllocate (Address: 0x180062598)
  • NdrOleFree (Address: 0x180062570)
USER32.dll
  • CharNextW (Address: 0x1800625e8)
  • CreateWindowExW (Address: 0x180062610)
  • DefWindowProcW (Address: 0x180062630)
  • DestroyWindow (Address: 0x180062620)
  • GetWindowLongPtrW (Address: 0x1800625f8)
  • IsWindow (Address: 0x180062640)
  • MsgWaitForMultipleObjects (Address: 0x180062638)
  • PostMessageW (Address: 0x180062628)
  • RegisterClassW (Address: 0x1800625f0)
  • SendMessageW (Address: 0x180062608)
  • SetWindowLongPtrW (Address: 0x180062618)
  • UnregisterClassW (Address: 0x180062600)