WdacWmiProv.dll

Description: WDAC WMI Providers

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.1

Architecture: 64-bit

Operating System: Windows NT

SHA256: 661594953e5eedbaff99080204865fa3

File Size: 143.0 KB

Uploaded At: Dec. 1, 2025, 7:51 a.m.

Views: 5

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x1330)
  • DllGetClassObject (Ordinal: 2, Address: 0x1370)
  • DllMain (Ordinal: 3, Address: 0x1010)
  • DllRegisterServer (Ordinal: 4, Address: 0x1280)
  • DllUnregisterServer (Ordinal: 5, Address: 0x12e0)
  • GetProviderClassID (Ordinal: 6, Address: 0x10b0)
  • MI_Main (Ordinal: 7, Address: 0x1780)

Imported DLLs & Functions

ADVAPI32.dll
  • RegCloseKey (Address: 0x18001bdc0)
  • RegCreateKeyExW (Address: 0x18001bde0)
  • RegDeleteTreeW (Address: 0x18001bdd8)
  • RegDeleteValueW (Address: 0x18001bdd0)
  • RegEnumKeyW (Address: 0x18001bdb8)
  • RegEnumValueW (Address: 0x18001bdb0)
  • RegGetValueW (Address: 0x18001bdc8)
  • RegOpenKeyExW (Address: 0x18001bde8)
  • RegSetValueExW (Address: 0x18001bda8)
KERNEL32.dll
  • CloseHandle (Address: 0x18001bee0)
  • CreateEventW (Address: 0x18001bed8)
  • CreateMutexW (Address: 0x18001bef0)
  • DelayLoadFailureHook (Address: 0x18001be28)
  • DeleteFileW (Address: 0x18001be10)
  • DisableThreadLibraryCalls (Address: 0x18001be60)
  • FormatMessageW (Address: 0x18001bea8)
  • FreeLibrary (Address: 0x18001be68)
  • GetCurrentProcess (Address: 0x18001bf00)
  • GetCurrentProcessId (Address: 0x18001be48)
  • GetCurrentThreadId (Address: 0x18001bef8)
  • GetFileAttributesW (Address: 0x18001bec8)
  • GetLastError (Address: 0x18001be80)
  • GetModuleFileNameW (Address: 0x18001bdf8)
  • GetProcAddress (Address: 0x18001be88)
  • GetProcessHeap (Address: 0x18001be90)
  • GetSystemDirectoryW (Address: 0x18001be70)
  • GetSystemTimeAsFileTime (Address: 0x18001be40)
  • GetTempFileNameW (Address: 0x18001be18)
  • GetTempPathW (Address: 0x18001be08)
  • GetThreadUILanguage (Address: 0x18001beb8)
  • GetTickCount (Address: 0x18001be38)
  • HeapAlloc (Address: 0x18001be98)
  • HeapFree (Address: 0x18001bea0)
  • LoadLibraryA (Address: 0x18001be00)
  • LoadLibraryExW (Address: 0x18001be78)
  • LocaleNameToLCID (Address: 0x18001beb0)
  • QueryPerformanceCounter (Address: 0x18001be50)
  • ReleaseMutex (Address: 0x18001be30)
  • ResolveDelayLoadedAPI (Address: 0x18001be20)
  • RtlCaptureContext (Address: 0x18001bf10)
  • RtlLookupFunctionEntry (Address: 0x18001bf18)
  • RtlVirtualUnwind (Address: 0x18001bf20)
  • SetEvent (Address: 0x18001bee8)
  • SetThreadUILanguage (Address: 0x18001bec0)
  • SetUnhandledExceptionFilter (Address: 0x18001bf30)
  • Sleep (Address: 0x18001bf08)
  • TerminateProcess (Address: 0x18001be58)
  • UnhandledExceptionFilter (Address: 0x18001bf28)
  • WaitForSingleObject (Address: 0x18001bed0)
mi.dll
  • mi_clientFT_V1 (Address: 0x18001bf58)
msvcrt.dll
  • __C_specific_handler (Address: 0x18001bf68)
  • _amsg_exit (Address: 0x18001bf78)
  • _initterm (Address: 0x18001bf70)
  • _purecall (Address: 0x18001bf98)
  • _ui64tow_s (Address: 0x18001bfd0)
  • _ultow_s (Address: 0x18001bf90)
  • _vsnwprintf (Address: 0x18001bfc8)
  • _vsnwprintf_s (Address: 0x18001bfe0)
  • _wcsicmp (Address: 0x18001bfd8)
  • _wfopen (Address: 0x18001bff0)
  • _XcptFilter (Address: 0x18001bf80)
  • fclose (Address: 0x18001bfe8)
  • free (Address: 0x18001c008)
  • fwprintf (Address: 0x18001bff8)
  • iswspace (Address: 0x18001bfb8)
  • malloc (Address: 0x18001c018)
  • memcpy (Address: 0x18001c000)
  • memset (Address: 0x18001c020)
  • swprintf_s (Address: 0x18001c010)
  • tolower (Address: 0x18001bf88)
  • toupper (Address: 0x18001bfb0)
  • wcsrchr (Address: 0x18001bfa8)
  • wcsstr (Address: 0x18001bfc0)
  • wcstoul (Address: 0x18001bfa0)
USER32.dll
  • LoadStringW (Address: 0x18001bf40)
  • MessageBoxW (Address: 0x18001bf48)