Microsoft.Uev.AgentWmi.dll

Description: Microsoft.Uev.AgentWmi DLL

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.5915

Architecture: 64-bit

Operating System: Windows NT

SHA256: e2ff2794d172bc0440e41c6ed1163e20

File Size: 1.5 MB

Uploaded At: Dec. 1, 2025, 7:51 a.m.

Views: 6

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x8570)
  • DllGetClassObject (Ordinal: 2, Address: 0x85b0)
  • DllInstall (Ordinal: 3, Address: 0x8900)
  • DllRegisterServer (Ordinal: 4, Address: 0x86f0)
  • DllUnregisterServer (Ordinal: 5, Address: 0x8840)

Imported DLLs & Functions

ACTIVEDS.dll
  • (Address: 0x18010a0e0)
ADVAPI32.dll
  • CreateWellKnownSid (Address: 0x18010a188)
  • EqualSid (Address: 0x18010a190)
  • EventRegister (Address: 0x18010a0f8)
  • EventSetInformation (Address: 0x18010a128)
  • EventUnregister (Address: 0x18010a178)
  • EventWriteTransfer (Address: 0x18010a0f0)
  • GetNamedSecurityInfoW (Address: 0x18010a180)
  • GetTokenInformation (Address: 0x18010a168)
  • OpenProcessToken (Address: 0x18010a170)
  • RegCloseKey (Address: 0x18010a130)
  • RegCreateKeyExW (Address: 0x18010a140)
  • RegDeleteKeyExW (Address: 0x18010a118)
  • RegDeleteTreeW (Address: 0x18010a108)
  • RegDeleteValueW (Address: 0x18010a160)
  • RegEnumKeyExW (Address: 0x18010a148)
  • RegEnumValueW (Address: 0x18010a110)
  • RegGetValueW (Address: 0x18010a198)
  • RegOpenKeyExW (Address: 0x18010a158)
  • RegQueryInfoKeyW (Address: 0x18010a138)
  • RegQueryValueExW (Address: 0x18010a100)
  • RegSetKeyValueW (Address: 0x18010a120)
  • RegSetValueExW (Address: 0x18010a150)
KERNEL32.dll
  • AcquireSRWLockExclusive (Address: 0x18010a450)
  • AcquireSRWLockShared (Address: 0x18010a200)
  • AreFileApisANSI (Address: 0x18010a2f8)
  • CloseHandle (Address: 0x18010a3e0)
  • CloseThreadpoolTimer (Address: 0x18010a220)
  • CopyFileW (Address: 0x18010a2f0)
  • CreateDirectoryW (Address: 0x18010a1d0)
  • CreateEventA (Address: 0x18010a3d0)
  • CreateFileW (Address: 0x18010a2a0)
  • CreateMutexExW (Address: 0x18010a2e0)
  • CreateSemaphoreExW (Address: 0x18010a4f0)
  • CreateThreadpoolTimer (Address: 0x18010a208)
  • DebugBreak (Address: 0x18010a2d0)
  • DecodePointer (Address: 0x18010a420)
  • DeleteCriticalSection (Address: 0x18010a3c8)
  • DeleteFileW (Address: 0x18010a280)
  • DeviceIoControl (Address: 0x18010a1c8)
  • EncodePointer (Address: 0x18010a418)
  • EnterCriticalSection (Address: 0x18010a350)
  • ExpandEnvironmentStringsW (Address: 0x18010a2a8)
  • FindClose (Address: 0x18010a1e8)
  • FindFirstFileW (Address: 0x18010a1f8)
  • FindNextFileW (Address: 0x18010a1f0)
  • FindResourceExW (Address: 0x18010a388)
  • FormatMessageA (Address: 0x18010a300)
  • FormatMessageW (Address: 0x18010a328)
  • FreeLibrary (Address: 0x18010a3a8)
  • GetComputerNameExW (Address: 0x18010a290)
  • GetCurrentDirectoryW (Address: 0x18010a1a8)
  • GetCurrentProcess (Address: 0x18010a438)
  • GetCurrentProcessId (Address: 0x18010a470)
  • GetCurrentThreadId (Address: 0x18010a478)
  • GetExitCodeProcess (Address: 0x18010a248)
  • GetFileAttributesExW (Address: 0x18010a1b0)
  • GetFileAttributesW (Address: 0x18010a298)
  • GetFileSize (Address: 0x18010a270)
  • GetFileTime (Address: 0x18010a260)
  • GetLastError (Address: 0x18010a378)
  • GetLocaleInfoW (Address: 0x18010a408)
  • GetLocalTime (Address: 0x18010a2e8)
  • GetLongPathNameW (Address: 0x18010a238)
  • GetModuleFileNameA (Address: 0x18010a4e8)
  • GetModuleFileNameW (Address: 0x18010a358)
  • GetModuleHandleExW (Address: 0x18010a4a8)
  • GetModuleHandleW (Address: 0x18010a3a0)
  • GetProcAddress (Address: 0x18010a398)
  • GetProcessHeap (Address: 0x18010a2d8)
  • GetProcessMitigationPolicy (Address: 0x18010a1e0)
  • GetStringTypeW (Address: 0x18010a3f8)
  • GetSystemTimeAsFileTime (Address: 0x18010a480)
  • GetTempPathW (Address: 0x18010a230)
  • GetThreadLocale (Address: 0x18010a360)
  • GetTickCount (Address: 0x18010a488)
  • HeapAlloc (Address: 0x18010a308)
  • HeapFree (Address: 0x18010a4c0)
  • InitializeCriticalSection (Address: 0x18010a3c0)
  • InitializeCriticalSectionEx (Address: 0x18010a400)
  • IsDebuggerPresent (Address: 0x18010a2c8)
  • LeaveCriticalSection (Address: 0x18010a368)
  • LoadLibraryExW (Address: 0x18010a3b8)
  • LoadResource (Address: 0x18010a390)
  • LocalAlloc (Address: 0x18010a1d8)
  • LocalFree (Address: 0x18010a3f0)
  • LocalLock (Address: 0x18010a2b8)
  • LocalUnlock (Address: 0x18010a268)
  • lstrcmpiW (Address: 0x18010a3b0)
  • lstrlenA (Address: 0x18010a240)
  • MoveFileExW (Address: 0x18010a278)
  • MultiByteToWideChar (Address: 0x18010a370)
  • OpenEventA (Address: 0x18010a338)
  • OpenProcess (Address: 0x18010a258)
  • OpenSemaphoreW (Address: 0x18010a310)
  • OutputDebugStringA (Address: 0x18010a490)
  • OutputDebugStringW (Address: 0x18010a320)
  • ProcessIdToSessionId (Address: 0x18010a4a0)
  • QueryPerformanceCounter (Address: 0x18010a468)
  • RaiseException (Address: 0x18010a380)
  • ReadFile (Address: 0x18010a2c0)
  • ReleaseMutex (Address: 0x18010a330)
  • ReleaseSemaphore (Address: 0x18010a4b0)
  • ReleaseSRWLockExclusive (Address: 0x18010a448)
  • ReleaseSRWLockShared (Address: 0x18010a210)
  • RemoveDirectoryW (Address: 0x18010a1c0)
  • ResetEvent (Address: 0x18010a4e0)
  • SetEvent (Address: 0x18010a3d8)
  • SetFileAttributesW (Address: 0x18010a288)
  • SetFileTime (Address: 0x18010a1b8)
  • SetLastError (Address: 0x18010a4b8)
  • SetThreadLocale (Address: 0x18010a348)
  • SetThreadpoolTimer (Address: 0x18010a218)
  • SetUnhandledExceptionFilter (Address: 0x18010a430)
  • SizeofResource (Address: 0x18010a340)
  • Sleep (Address: 0x18010a410)
  • SleepConditionVariableSRW (Address: 0x18010a460)
  • SystemTimeToFileTime (Address: 0x18010a250)
  • TerminateProcess (Address: 0x18010a440)
  • TlsAlloc (Address: 0x18010a4d0)
  • TlsFree (Address: 0x18010a498)
  • TlsGetValue (Address: 0x18010a4c8)
  • TlsSetValue (Address: 0x18010a4d8)
  • UnhandledExceptionFilter (Address: 0x18010a428)
  • WaitForSingleObject (Address: 0x18010a4f8)
  • WaitForSingleObjectEx (Address: 0x18010a318)
  • WaitForThreadpoolTimerCallbacks (Address: 0x18010a228)
  • WakeAllConditionVariable (Address: 0x18010a458)
  • WideCharToMultiByte (Address: 0x18010a3e8)
  • WriteFile (Address: 0x18010a2b0)
msvcrt.dll
  • ___lc_codepage_func (Address: 0x18010a7e0)
  • ___lc_collate_cp_func (Address: 0x18010a700)
  • ___lc_handle_func (Address: 0x18010a7e8)
  • ___mb_cur_max_func (Address: 0x18010a7d8)
  • __C_specific_handler (Address: 0x18010a888)
  • __crtCompareStringA (Address: 0x18010a7a8)
  • __crtCompareStringW (Address: 0x18010a7b0)
  • __crtLCMapStringA (Address: 0x18010a798)
  • __crtLCMapStringW (Address: 0x18010a7a0)
  • __CxxFrameHandler3 (Address: 0x18010a910)
  • __dllonexit (Address: 0x18010a6c0)
  • __mb_cur_max (Address: 0x18010a730)
  • __pctype_func (Address: 0x18010a7f8)
  • __uncaught_exception (Address: 0x18010a788)
  • _amsg_exit (Address: 0x18010a6d8)
  • _callnewh (Address: 0x18010a840)
  • _CxxThrowException (Address: 0x18010a830)
  • _errno (Address: 0x18010a818)
  • _fseeki64 (Address: 0x18010a678)
  • _Getdays (Address: 0x18010a760)
  • _Getmonths (Address: 0x18010a758)
  • _Gettnames (Address: 0x18010a728)
  • _initterm (Address: 0x18010a6d0)
  • _ismbblead (Address: 0x18010a7d0)
  • _lock (Address: 0x18010a810)
  • _onexit (Address: 0x18010a6b8)
  • _purecall (Address: 0x18010a8e8)
  • _Strftime (Address: 0x18010a720)
  • _stricmp (Address: 0x18010a628)
  • _unlock (Address: 0x18010a808)
  • _vsnprintf_s (Address: 0x18010a668)
  • _vsnwprintf (Address: 0x18010a918)
  • _W_Getdays (Address: 0x18010a750)
  • _W_Getmonths (Address: 0x18010a748)
  • _W_Gettnames (Address: 0x18010a740)
  • _wcsdup (Address: 0x18010a7c0)
  • _Wcsftime (Address: 0x18010a738)
  • _wcsicmp (Address: 0x18010a5d0)
  • _wcsnicmp (Address: 0x18010a8d8)
  • _wfopen_s (Address: 0x18010a600)
  • _wfsopen (Address: 0x18010a640)
  • _wsetlocale (Address: 0x18010a790)
  • _wtoi (Address: 0x18010a630)
  • _XcptFilter (Address: 0x18010a6e0)
  • ??_V@YAXPEAX@Z (Address: 0x18010a908)
  • ??0bad_cast@@QEAA@AEBV0@@Z (Address: 0x18010a8b0)
  • ??0bad_cast@@QEAA@PEBD@Z (Address: 0x18010a8b8)
  • ??0exception@@QEAA@AEBQEBD@Z (Address: 0x18010a898)
  • ??0exception@@QEAA@AEBQEBDH@Z (Address: 0x18010a858)
  • ??0exception@@QEAA@AEBV0@@Z (Address: 0x18010a890)
  • ??0exception@@QEAA@XZ (Address: 0x18010a838)
  • ??1bad_cast@@UEAA@XZ (Address: 0x18010a8c0)
  • ??1exception@@UEAA@XZ (Address: 0x18010a8a0)
  • ??1type_info@@UEAA@XZ (Address: 0x18010a6b0)
  • ??3@YAXPEAX@Z (Address: 0x18010a650)
  • ??8type_info@@QEBAHAEBV0@@Z (Address: 0x18010a7b8)
  • ?name@type_info@@QEBAPEBDXZ (Address: 0x18010a878)
  • ?terminate@@YAXXZ (Address: 0x18010a6c8)
  • ?what@exception@@UEBAPEBDXZ (Address: 0x18010a8a8)
  • abort (Address: 0x18010a780)
  • calloc (Address: 0x18010a848)
  • fclose (Address: 0x18010a690)
  • feof (Address: 0x18010a620)
  • ferror (Address: 0x18010a618)
  • fflush (Address: 0x18010a698)
  • fgetc (Address: 0x18010a688)
  • fgetpos (Address: 0x18010a660)
  • fputc (Address: 0x18010a6a0)
  • fread (Address: 0x18010a610)
  • free (Address: 0x18010a8e0)
  • fseek (Address: 0x18010a6a8)
  • fsetpos (Address: 0x18010a608)
  • ftell (Address: 0x18010a5f8)
  • fwrite (Address: 0x18010a680)
  • isalnum (Address: 0x18010a6f0)
  • isdigit (Address: 0x18010a6e8)
  • islower (Address: 0x18010a7c8)
  • isspace (Address: 0x18010a718)
  • isupper (Address: 0x18010a7f0)
  • ldexp (Address: 0x18010a770)
  • ldiv (Address: 0x18010a880)
  • localeconv (Address: 0x18010a868)
  • malloc (Address: 0x18010a8d0)
  • mbstowcs_s (Address: 0x18010a5f0)
  • memchr (Address: 0x18010a708)
  • memcmp (Address: 0x18010a6f8)
  • memcpy (Address: 0x18010a828)
  • memcpy_s (Address: 0x18010a900)
  • memmove (Address: 0x18010a820)
  • memmove_s (Address: 0x18010a850)
  • memset (Address: 0x18010a768)
  • realloc (Address: 0x18010a778)
  • setlocale (Address: 0x18010a800)
  • setvbuf (Address: 0x18010a658)
  • sprintf_s (Address: 0x18010a860)
  • strchr (Address: 0x18010a5e0)
  • strcspn (Address: 0x18010a870)
  • strerror (Address: 0x18010a638)
  • swprintf_s (Address: 0x18010a670)
  • time (Address: 0x18010a5e8)
  • tolower (Address: 0x18010a710)
  • towlower (Address: 0x18010a5d8)
  • ungetc (Address: 0x18010a648)
  • wcscat_s (Address: 0x18010a8f0)
  • wcscmp (Address: 0x18010a920)
  • wcscpy_s (Address: 0x18010a8f8)
  • wcsncpy_s (Address: 0x18010a8c8)
ntdll.dll
  • RtlCaptureContext (Address: 0x18010a930)
  • RtlLookupFunctionEntry (Address: 0x18010a940)
  • RtlVirtualUnwind (Address: 0x18010a938)
ole32.dll
  • CLSIDFromProgID (Address: 0x18010a990)
  • CLSIDFromString (Address: 0x18010a998)
  • CoCreateGuid (Address: 0x18010a9a0)
  • CoCreateInstance (Address: 0x18010a9a8)
  • CoImpersonateClient (Address: 0x18010a950)
  • CoInitializeEx (Address: 0x18010a978)
  • CoTaskMemAlloc (Address: 0x18010a988)
  • CoTaskMemFree (Address: 0x18010a960)
  • CoTaskMemRealloc (Address: 0x18010a958)
  • CoUninitialize (Address: 0x18010a970)
  • OleRun (Address: 0x18010a968)
  • StringFromGUID2 (Address: 0x18010a980)
OLEAUT32.dll
  • LoadTypeLib (Address: 0x18010a560)
  • RegisterTypeLib (Address: 0x18010a570)
  • SafeArrayAccessData (Address: 0x18010a548)
  • SafeArrayCreateVector (Address: 0x18010a518)
  • SafeArrayGetLBound (Address: 0x18010a520)
  • SafeArrayGetUBound (Address: 0x18010a528)
  • SafeArrayPutElement (Address: 0x18010a508)
  • SafeArrayUnaccessData (Address: 0x18010a540)
  • SysAllocString (Address: 0x18010a578)
  • SysAllocStringByteLen (Address: 0x18010a510)
  • SysAllocStringLen (Address: 0x18010a590)
  • SysFreeString (Address: 0x18010a568)
  • SysStringByteLen (Address: 0x18010a598)
  • SysStringLen (Address: 0x18010a580)
  • UnRegisterTypeLib (Address: 0x18010a558)
  • VariantChangeType (Address: 0x18010a538)
  • VariantClear (Address: 0x18010a550)
  • VariantInit (Address: 0x18010a530)
  • VarUI4FromStr (Address: 0x18010a588)
SHELL32.dll
  • SHGetKnownFolderPath (Address: 0x18010a5a8)
USER32.dll
  • CharNextW (Address: 0x18010a5c0)
  • UnregisterClassA (Address: 0x18010a5b8)