diagER.dll

Description: Diagnostic ER Module

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.6218

Architecture: 64-bit

Operating System: Windows NT

SHA256: 5ed5421c32e438204459a2e33e2c33eb

File Size: 53.9 KB

Uploaded At: Dec. 1, 2025, 7:50 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • ??0CDwWinER@@QEAA@AEBV0@@Z (Ordinal: 1, Address: 0x1220)
  • ??0CDwWinER@@QEAA@PEBGH@Z (Ordinal: 2, Address: 0x24f0)
  • ??0CWfpER@@QEAA@AEBV0@@Z (Ordinal: 3, Address: 0x10f0)
  • ??0CWfpER@@QEAA@PEBGW4_DIAG_REPORT_TYPE@@H@Z (Ordinal: 4, Address: 0x1600)
  • ??0IDiagER@@QEAA@AEBV0@@Z (Ordinal: 5, Address: 0x1060)
  • ??0IDiagER@@QEAA@PEBGH@Z (Ordinal: 6, Address: 0x4180)
  • ??1CDwWinER@@UEAA@XZ (Ordinal: 7, Address: 0x29f0)
  • ??1CWfpER@@UEAA@XZ (Ordinal: 8, Address: 0x1a20)
  • ??1IDiagER@@UEAA@XZ (Ordinal: 9, Address: 0x47b0)
  • ??4CDiagERFactory@@QEAAAEAV0@$$QEAV0@@Z (Ordinal: 10, Address: 0x14f0)
  • ??4CDiagERFactory@@QEAAAEAV0@AEBV0@@Z (Ordinal: 11, Address: 0x14f0)
  • ??4CDwWinER@@QEAAAEAV0@AEBV0@@Z (Ordinal: 12, Address: 0x13b0)
  • ??4CWfpER@@QEAAAEAV0@AEBV0@@Z (Ordinal: 13, Address: 0x1150)
  • ??4IDiagER@@QEAAAEAV0@AEBV0@@Z (Ordinal: 14, Address: 0x10b0)
  • ??_7CDwWinER@@6B@ (Ordinal: 15, Address: 0x7198)
  • ??_7CWfpER@@6B@ (Ordinal: 16, Address: 0x7168)
  • ??_7IDiagER@@6B@ (Ordinal: 17, Address: 0x71c8)
  • ?AddBucketingParameters@CDwWinER@@UEAAKPEAPEBGI@Z (Ordinal: 18, Address: 0x2b90)
  • ?AddBucketingParameters@CWfpER@@UEAAKPEAPEBGI@Z (Ordinal: 19, Address: 0x1db0)
  • ?AddBucketingParameters@IDiagER@@UEAAKPEAPEBGI@Z (Ordinal: 20, Address: 0x4370)
  • ?AddFiles@CDwWinER@@UEAAKPEAPEBGI@Z (Ordinal: 21, Address: 0x2e80)
  • ?AddFiles@CWfpER@@UEAAKPEAPEBGI@Z (Ordinal: 22, Address: 0x1f60)
  • ?AddFiles@IDiagER@@UEAAKPEAPEBGI@Z (Ordinal: 23, Address: 0x4540)
  • ?CreateInstance@CDiagERFactory@@SAKPEBGW4_DIAG_REPORT_TYPE@@HPEAPEAVIDiagER@@@Z (Ordinal: 24, Address: 0x4a70)
  • DiagERAddBucketingParameters (Ordinal: 25, Address: 0x4ea0)
  • DiagERAddFiles (Ordinal: 26, Address: 0x5010)
  • DiagERInitialize (Ordinal: 27, Address: 0x4ca0)
  • DiagERSetHeader (Ordinal: 28, Address: 0x4dc0)
  • DiagERSubmit (Ordinal: 29, Address: 0x5100)
  • DiagERSubmitEx (Ordinal: 30, Address: 0x51b0)
  • DiagERTerminate (Ordinal: 31, Address: 0x5280)
  • ?GetErrorReporter@CDiagERFactory@@SAPEAVIDiagER@@XZ (Ordinal: 32, Address: 0x4a60)
  • ?Initialize@CDwWinER@@UEAAKXZ (Ordinal: 33, Address: 0x25d0)
  • ?Initialize@CWfpER@@UEAAKXZ (Ordinal: 34, Address: 0x16d0)
  • ?ReleaseInstance@CDiagERFactory@@SAXXZ (Ordinal: 35, Address: 0x4c60)
  • ?SetHeader@CDwWinER@@UEAAKPEBG@Z (Ordinal: 36, Address: 0x2a30)
  • ?SetHeader@CWfpER@@UEAAKPEBG@Z (Ordinal: 37, Address: 0x1c40)
  • ?SetHeader@IDiagER@@UEAAKPEBG@Z (Ordinal: 38, Address: 0x42a0)
  • ?Submit@CDwWinER@@UEAAKK@Z (Ordinal: 39, Address: 0x3160)
  • ?Submit@CWfpER@@UEAAKK@Z (Ordinal: 40, Address: 0x21b0)
  • g_Kernel32 (Ordinal: 41, Address: 0xb010)
  • g_Shell32 (Ordinal: 42, Address: 0xb008)
  • g_WerApi (Ordinal: 43, Address: 0xb000)
  • ?m_diagER@CDiagERFactory@@0PEAVIDiagER@@EA (Ordinal: 44, Address: 0xb608)

Imported DLLs & Functions

ADVAPI32.dll
  • RegCloseKey (Address: 0x1800074d8)
  • RegCreateKeyExW (Address: 0x1800074e8)
  • RegDeleteKeyExW (Address: 0x1800074e0)
  • RegDeleteValueW (Address: 0x180007500)
  • RegOpenKeyExW (Address: 0x1800074f8)
  • RegSetValueExW (Address: 0x1800074f0)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x180007588)
  • CloseHandle (Address: 0x1800075d8)
  • CopyFileExW (Address: 0x180007848)
  • CopyFileW (Address: 0x1800075e0)
  • CreateDirectoryW (Address: 0x1800075e8)
  • CreateEventW (Address: 0x180007740)
  • CreateFileMappingW (Address: 0x180007540)
  • CreateFileW (Address: 0x1800076d8)
  • CreateProcessA (Address: 0x180007830)
  • CreateProcessW (Address: 0x180007818)
  • CreateThread (Address: 0x1800077a8)
  • DebugBreak (Address: 0x180007728)
  • DeleteCriticalSection (Address: 0x180007800)
  • DeleteFileW (Address: 0x180007780)
  • DuplicateHandle (Address: 0x180007718)
  • EnterCriticalSection (Address: 0x180007628)
  • ExitProcess (Address: 0x180007808)
  • ExpandEnvironmentStringsW (Address: 0x180007660)
  • FindClose (Address: 0x1800076c8)
  • FindFirstFileW (Address: 0x180007608)
  • FindNextFileW (Address: 0x180007648)
  • FreeLibrary (Address: 0x180007820)
  • GetCommandLineW (Address: 0x180007638)
  • GetComputerNameExW (Address: 0x180007700)
  • GetCurrentProcess (Address: 0x180007650)
  • GetCurrentProcessId (Address: 0x180007548)
  • GetCurrentThreadId (Address: 0x1800076e8)
  • GetDiskFreeSpaceExW (Address: 0x180007768)
  • GetDiskFreeSpaceW (Address: 0x180007670)
  • GetDriveTypeW (Address: 0x180007520)
  • GetExitCodeProcess (Address: 0x180007510)
  • GetFileAttributesW (Address: 0x1800076e0)
  • GetFileSize (Address: 0x1800077f8)
  • GetFileType (Address: 0x180007838)
  • GetFullPathNameW (Address: 0x180007640)
  • GetLastError (Address: 0x1800075b0)
  • GetLocaleInfoW (Address: 0x1800076d0)
  • GetLogicalDrives (Address: 0x180007600)
  • GetLogicalDriveStringsW (Address: 0x180007738)
  • GetModuleFileNameW (Address: 0x1800075c0)
  • GetOverlappedResult (Address: 0x1800077c0)
  • GetPrivateProfileStringW (Address: 0x180007748)
  • GetProcAddress (Address: 0x1800077e0)
  • GetProcessHeap (Address: 0x180007810)
  • GetShortPathNameW (Address: 0x180007668)
  • GetSystemInfo (Address: 0x1800077a0)
  • GetSystemTimeAsFileTime (Address: 0x180007550)
  • GetTempFileNameW (Address: 0x180007828)
  • GetTempPathW (Address: 0x1800075c8)
  • GetTickCount (Address: 0x180007530)
  • GetUserDefaultLangID (Address: 0x1800075b8)
  • GetVersionExA (Address: 0x180007770)
  • GetVersionExW (Address: 0x1800076f8)
  • GetVolumeInformationW (Address: 0x1800075f8)
  • GetWindowsDirectoryW (Address: 0x1800077d8)
  • GlobalAlloc (Address: 0x180007778)
  • GlobalFree (Address: 0x180007788)
  • GlobalLock (Address: 0x1800077e8)
  • GlobalMemoryStatus (Address: 0x180007840)
  • GlobalSize (Address: 0x180007758)
  • GlobalUnlock (Address: 0x1800075a0)
  • HeapAlloc (Address: 0x1800077b8)
  • HeapCompact (Address: 0x1800077c8)
  • HeapCreate (Address: 0x180007610)
  • HeapDestroy (Address: 0x1800077d0)
  • HeapFree (Address: 0x180007618)
  • HeapReAlloc (Address: 0x180007790)
  • HeapValidate (Address: 0x180007720)
  • HeapWalk (Address: 0x180007708)
  • InitializeCriticalSection (Address: 0x1800076a0)
  • LeaveCriticalSection (Address: 0x180007698)
  • LoadLibraryExA (Address: 0x180007850)
  • LoadLibraryExW (Address: 0x180007518)
  • MapViewOfFile (Address: 0x180007538)
  • MoveFileExW (Address: 0x1800077f0)
  • OpenEventW (Address: 0x1800076f0)
  • OpenProcess (Address: 0x1800075a8)
  • QueryPerformanceCounter (Address: 0x180007528)
  • RaiseException (Address: 0x180007798)
  • ReadFile (Address: 0x1800075f0)
  • ReleaseSRWLockExclusive (Address: 0x180007590)
  • RemoveDirectoryW (Address: 0x180007688)
  • ResetEvent (Address: 0x1800077b0)
  • RtlCaptureContext (Address: 0x180007558)
  • RtlLookupFunctionEntry (Address: 0x180007560)
  • RtlVirtualUnwind (Address: 0x180007568)
  • SetEndOfFile (Address: 0x1800076b8)
  • SetErrorMode (Address: 0x1800076a8)
  • SetEvent (Address: 0x180007760)
  • SetFileAttributesW (Address: 0x180007730)
  • SetFilePointer (Address: 0x1800076b0)
  • SetFileTime (Address: 0x180007690)
  • SetLastError (Address: 0x180007620)
  • SetUnhandledExceptionFilter (Address: 0x180007578)
  • Sleep (Address: 0x180007750)
  • TerminateProcess (Address: 0x180007680)
  • UnhandledExceptionFilter (Address: 0x180007570)
  • UnmapViewOfFile (Address: 0x180007710)
  • VirtualAlloc (Address: 0x180007678)
  • VirtualFree (Address: 0x180007630)
  • VirtualProtect (Address: 0x180007598)
  • VirtualQuery (Address: 0x180007580)
  • WaitForMultipleObjectsEx (Address: 0x1800076c0)
  • WaitForSingleObject (Address: 0x1800075d0)
  • WriteFile (Address: 0x180007658)
msvcrt.dll
  • __C_specific_handler (Address: 0x180007908)
  • __CxxFrameHandler3 (Address: 0x180007958)
  • __dllonexit (Address: 0x180007928)
  • _amsg_exit (Address: 0x1800078f8)
  • _callnewh (Address: 0x1800078d0)
  • _CxxThrowException (Address: 0x180007940)
  • _initterm (Address: 0x180007900)
  • _lock (Address: 0x180007918)
  • _onexit (Address: 0x180007930)
  • _purecall (Address: 0x180007950)
  • _unlock (Address: 0x180007920)
  • _vsnwprintf (Address: 0x1800078f0)
  • _wfopen (Address: 0x1800078e0)
  • _XcptFilter (Address: 0x1800078d8)
  • ??1type_info@@UEAA@XZ (Address: 0x180007938)
  • ?terminate@@YAXXZ (Address: 0x180007910)
  • fclose (Address: 0x1800078e8)
  • free (Address: 0x1800078c0)
  • fwprintf (Address: 0x1800078c8)
  • malloc (Address: 0x1800078b8)
  • memset (Address: 0x180007960)
  • wcsrchr (Address: 0x180007948)
ntdll.dll
  • RtlAllocateHeap (Address: 0x180007970)
  • RtlFreeHeap (Address: 0x180007978)
SHELL32.dll
  • ExtractIconExW (Address: 0x180007868)
  • ShellExecuteExW (Address: 0x180007860)
USER32.dll
  • CharNextW (Address: 0x180007878)
WDSCORE.dll
  • ConstructPartialMsgVW (Address: 0x180007890)
  • CurrentIP (Address: 0x180007898)
  • WdsSetupLogDestroy (Address: 0x1800078a8)
  • WdsSetupLogInit (Address: 0x1800078a0)
  • WdsSetupLogMessageW (Address: 0x180007888)