WmiDcPrv.dll

Description: WMI

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.3636

Architecture: 64-bit

Operating System: Windows NT

SHA256: e8d4d7ba1c0e6161e8ab5744e4c2d563

File Size: 189.5 KB

Uploaded At: Dec. 1, 2025, 7:51 a.m.

Views: 5

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x19e0)
  • DllGetClassObject (Ordinal: 2, Address: 0x18a0)
  • DllRegisterServer (Ordinal: 3, Address: 0x1e20)
  • DllUnregisterServer (Ordinal: 4, Address: 0x1e70)

Imported DLLs & Functions

api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x180021520)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x180021530)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x180021550)
  • SetUnhandledExceptionFilter (Address: 0x180021548)
  • UnhandledExceptionFilter (Address: 0x180021540)
api-ms-win-core-file-l1-1-0.dll
  • CompareFileTime (Address: 0x180021560)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x180021570)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x1800215a0)
  • HeapAlloc (Address: 0x180021588)
  • HeapCreate (Address: 0x180021598)
  • HeapDestroy (Address: 0x180021580)
  • HeapFree (Address: 0x180021590)
api-ms-win-core-heap-l2-1-0.dll
  • GlobalAlloc (Address: 0x1800215b8)
  • GlobalFree (Address: 0x1800215c0)
  • LocalFree (Address: 0x1800215b0)
api-ms-win-core-heap-obsolete-l1-1-0.dll
  • GlobalLock (Address: 0x1800215d0)
  • GlobalUnlock (Address: 0x1800215d8)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x1800215e8)
  • GetModuleFileNameW (Address: 0x1800215f0)
  • GetProcAddress (Address: 0x180021600)
  • LoadLibraryExW (Address: 0x1800215f8)
api-ms-win-core-localization-l1-2-0.dll
  • LCMapStringW (Address: 0x180021610)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x180021660)
  • GetCurrentProcessId (Address: 0x180021628)
  • GetCurrentThread (Address: 0x180021630)
  • GetCurrentThreadId (Address: 0x180021658)
  • GetProcessTimes (Address: 0x180021640)
  • OpenThreadToken (Address: 0x180021620)
  • SetThreadToken (Address: 0x180021638)
  • SwitchToThread (Address: 0x180021648)
  • TerminateProcess (Address: 0x180021650)
api-ms-win-core-processthreads-l1-1-1.dll
  • OpenProcess (Address: 0x180021670)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x180021680)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x1800216b8)
  • RegCreateKeyExW (Address: 0x180021698)
  • RegDeleteKeyExW (Address: 0x1800216a0)
  • RegGetKeySecurity (Address: 0x1800216a8)
  • RegOpenKeyExW (Address: 0x1800216c0)
  • RegQueryValueExW (Address: 0x1800216b0)
  • RegSetValueExW (Address: 0x180021690)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x1800216e0)
  • RtlLookupFunctionEntry (Address: 0x1800216d8)
  • RtlVirtualUnwind (Address: 0x1800216d0)
api-ms-win-core-string-l1-1-0.dll
  • GetStringTypeExW (Address: 0x1800216f0)
api-ms-win-core-synch-l1-1-0.dll
  • CreateMutexW (Address: 0x180021700)
  • DeleteCriticalSection (Address: 0x180021710)
  • EnterCriticalSection (Address: 0x180021720)
  • InitializeCriticalSectionAndSpinCount (Address: 0x180021718)
  • LeaveCriticalSection (Address: 0x180021728)
  • ReleaseMutex (Address: 0x180021708)
api-ms-win-core-synch-l1-2-0.dll
  • Sleep (Address: 0x180021738)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x180021748)
  • GetTickCount (Address: 0x180021750)
api-ms-win-core-timezone-l1-1-0.dll
  • FileTimeToSystemTime (Address: 0x180021760)
  • SystemTimeToFileTime (Address: 0x180021768)
api-ms-win-security-base-l1-1-0.dll
  • AllocateAndInitializeSid (Address: 0x180021790)
  • CopySid (Address: 0x180021798)
  • EqualSid (Address: 0x180021780)
  • FreeSid (Address: 0x180021788)
  • GetLengthSid (Address: 0x1800217a8)
  • GetSecurityDescriptorOwner (Address: 0x180021778)
  • GetTokenInformation (Address: 0x1800217a0)
  • RevertToSelf (Address: 0x1800217b0)
FastProx.dll
  • ?AddRef@CWbemCallSecurity@@UEAAKXZ (Address: 0x1800214e8)
  • ?GetThreadSecurity@CWbemCallSecurity@@UEAAJW4tag_WMI_THREAD_SECURITY_ORIGIN@@PEAPEAU_IWmiThreadSecHandle@@@Z (Address: 0x180021510)
  • ?New@CWbemCallSecurity@@SAPEAV1@XZ (Address: 0x1800214f0)
  • ?QueryInterface@CWbemCallSecurity@@UEAAJAEBU_GUID@@PEAPEAX@Z (Address: 0x180021500)
  • ?Release@CWbemCallSecurity@@UEAAKXZ (Address: 0x180021508)
  • ?SetThreadSecurity@CWbemCallSecurity@@UEAAJPEAU_IWmiThreadSecHandle@@@Z (Address: 0x1800214f8)
msvcrt.dll
  • __C_specific_handler (Address: 0x1800217f0)
  • __CxxFrameHandler3 (Address: 0x1800217c0)
  • __dllonexit (Address: 0x180021810)
  • _amsg_exit (Address: 0x1800217d0)
  • _CxxThrowException (Address: 0x180021808)
  • _initterm (Address: 0x180021820)
  • _lock (Address: 0x180021840)
  • _onexit (Address: 0x180021800)
  • _purecall (Address: 0x180021830)
  • _unlock (Address: 0x180021818)
  • _vsnwprintf (Address: 0x180021838)
  • _XcptFilter (Address: 0x1800217c8)
  • ??1type_info@@UEAA@XZ (Address: 0x1800217f8)
  • ??8type_info@@QEBAHAEBV0@@Z (Address: 0x180021828)
  • free (Address: 0x1800217d8)
  • malloc (Address: 0x1800217e0)
  • memcpy (Address: 0x1800217e8)
  • memset (Address: 0x180021848)
wbemcomn.dll
  • _ThrowMemoryException_ (Address: 0x180021860)
  • BreakOnDbgAndRenterLoop (Address: 0x180021858)