daxexec.dll
Description: daxexec
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6392
Architecture: 32-bit
Operating System: Windows NT
SHA256: ed60217ccf61900f462dfb145a9c7624
File Size: 502.0 KB
Uploaded At: Dec. 1, 2025, 7:54 a.m.
Views: 5
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- AddLookaside (Ordinal: 1, Address: 0x15940)
- AddProcessToHeliumContainer (Ordinal: 2, Address: 0x1a540)
- CheckAppXPackageBreakaway (Ordinal: 3, Address: 0x1a210)
- CheckApplicationInCurrentPackage (Ordinal: 4, Address: 0x1a440)
- CloseAppExecutionAlias (Ordinal: 5, Address: 0x1bf30)
- CloseJitvSilo (Ordinal: 6, Address: 0x45720)
- CompleteAppExecutionAliasProcessCreation (Ordinal: 7, Address: 0x1a310)
- CreateAppExecutionAlias (Ordinal: 8, Address: 0x1bf20)
- CreateDesktopAppXActivationInfo (Ordinal: 9, Address: 0x1c520)
- CreateDesktopAppXLocalCacheStructure (Ordinal: 10, Address: 0x21c90)
- CreateDesktopAppXTombstoneFile (Ordinal: 11, Address: 0x21ca0)
- CreateJitvSilo (Ordinal: 12, Address: 0x45660)
- CurrentThreadIsInVirtualizationContext (Ordinal: 13, Address: 0x45b30)
- DetokenizeDesktopAppXOfflineRegistry (Ordinal: 14, Address: 0x27830)
- DisableDesktopAppXDebuggingForPackage (Ordinal: 15, Address: 0x472f0)
- DllCanUnloadNow (Ordinal: 16, Address: 0x137e0)
- DllGetActivationFactory (Ordinal: 17, Address: 0x137c0)
- DllGetClassObject (Ordinal: 18, Address: 0x13770)
- DoesPackageHaveElevationCapability (Ordinal: 19, Address: 0x2afd0)
- DoesPackageHaveUIAccessCapability (Ordinal: 20, Address: 0x2aff0)
- DoesPluginSupportCentennial (Ordinal: 21, Address: 0x46840)
- EnableDesktopAppXDebuggingForPackage (Ordinal: 22, Address: 0x471f0)
- EnsureDesktopAppXPackageShutdown (Ordinal: 23, Address: 0x1a320)
- EnterPackageVirtualizationContext (Ordinal: 24, Address: 0x459e0)
- FreeAppExecutionAliasInfo (Ordinal: 25, Address: 0x1bf30)
- FreeAppExecutionAliasInfoWithLicenseRundown (Ordinal: 26, Address: 0x1bf40)
- FreeDesktopAppXActivationInfo (Ordinal: 27, Address: 0x1c5d0)
- FreeDesktopAppXLaunchContext (Ordinal: 28, Address: 0x1a1f0)
- GetAppExecutionAliasApplicationUserModelId (Ordinal: 29, Address: 0x1bf10)
- GetAppExecutionAliasExecutable (Ordinal: 30, Address: 0x1bf10)
- GetAppExecutionAliasPackageFamilyName (Ordinal: 31, Address: 0x1bf10)
- GetAppExecutionAliasPackageFullName (Ordinal: 32, Address: 0x1bf10)
- GetApplicationExecutableRelativePath (Ordinal: 33, Address: 0x2abd0)
- GetDesktopAppXComRootHandle (Ordinal: 34, Address: 0x2bfb0)
- LeavePackageVirtualizationContext (Ordinal: 35, Address: 0x45aa0)
- LoadAppExecutionAliasInfo (Ordinal: 36, Address: 0x1bf10)
- MigrateWritablePackageRootData (Ordinal: 37, Address: 0x21fe0)
- OpenAppExecutionAlias (Ordinal: 38, Address: 0x1bf00)
- OpenAppExecutionAliasForUser (Ordinal: 39, Address: 0x1bf10)
- PerformAppxLicenseRundown (Ordinal: 40, Address: 0x1a3e0)
- PersistAppExecutionAliasToFile (Ordinal: 41, Address: 0x1bf00)
- PostCreateProcessDesktopAppXActivation (Ordinal: 42, Address: 0x19f10)
- PrepareDesktopAppXActivation (Ordinal: 43, Address: 0x197b0)
- RegisterDesktopAppXPackageFamily (Ordinal: 44, Address: 0x2a0c0)
- RegisterDesktopAppXPackageFamilyIfNecessary (Ordinal: 45, Address: 0x2a300)
- RemoveDesktopAppXMetadataForFolder (Ordinal: 46, Address: 0x21c20)
- RemoveLookaside (Ordinal: 47, Address: 0x159a0)
- SetDesktopAppXMetadataForFolder (Ordinal: 48, Address: 0x21ad0)
- SetDesktopAppXMetadataForPackage (Ordinal: 49, Address: 0x21a80)
- TryActivateDesktopAppXApplication (Ordinal: 50, Address: 0x46290)
- VerifyFileIsTrustedAndInPackage (Ordinal: 51, Address: 0x1a550)
Imported DLLs & Functions
api-ms-win-appmodel-identity-l1-2-0.dll
- AppContainerDeriveSidFromMoniker (Address: 0x100740a0)
api-ms-win-appmodel-state-l1-2-0.dll
- CloseState (Address: 0x100740a8)
- GetPublisherRootFolder (Address: 0x100740b8)
- GetSecureSystemAppDataFolder (Address: 0x100740b0)
- GetStateFolder (Address: 0x100740bc)
- GetSystemAppDataFolder (Address: 0x100740b4)
- OpenStateExplicit (Address: 0x100740ac)
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x100740c4)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
- CStdStubBuffer2_Connect (Address: 0x100740d0)
- CStdStubBuffer2_CountRefs (Address: 0x100740e0)
- CStdStubBuffer2_Disconnect (Address: 0x100740e8)
- CStdStubBuffer2_QueryInterface (Address: 0x100740cc)
- NdrProxyForwardingFunction3 (Address: 0x100740e4)
- NdrProxyForwardingFunction4 (Address: 0x100740d4)
- NdrProxyForwardingFunction5 (Address: 0x100740dc)
- ObjectStublessClient3 (Address: 0x100740ec)
- ObjectStublessClient6 (Address: 0x100740d8)
api-ms-win-core-console-l1-1-0.dll
- SetConsoleCtrlHandler (Address: 0x100740f4)
api-ms-win-core-console-l1-2-0.dll
- AttachConsole (Address: 0x10074100)
- FreeConsole (Address: 0x100740fc)
api-ms-win-core-console-l2-1-0.dll
- GenerateConsoleCtrlEvent (Address: 0x10074108)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x10074110)
- IsDebuggerPresent (Address: 0x10074114)
- OutputDebugStringW (Address: 0x10074118)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x10074120)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x10074128)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x10074130)
- RaiseException (Address: 0x1007413c)
- SetLastError (Address: 0x10074134)
- SetUnhandledExceptionFilter (Address: 0x10074140)
- UnhandledExceptionFilter (Address: 0x10074138)
api-ms-win-core-file-l1-1-0.dll
- CreateDirectoryW (Address: 0x10074194)
- CreateFileW (Address: 0x10074170)
- DeleteFileW (Address: 0x10074184)
- FindClose (Address: 0x1007416c)
- FindFirstFileExW (Address: 0x10074160)
- FindFirstFileW (Address: 0x10074154)
- FindNextFileW (Address: 0x1007415c)
- FlushFileBuffers (Address: 0x1007418c)
- GetFileAttributesW (Address: 0x10074148)
- GetFileInformationByHandle (Address: 0x10074188)
- GetFileSizeEx (Address: 0x10074158)
- GetFinalPathNameByHandleW (Address: 0x10074174)
- GetLongPathNameW (Address: 0x10074164)
- GetVolumeInformationW (Address: 0x10074190)
- GetVolumePathNameW (Address: 0x10074150)
- ReadFile (Address: 0x10074178)
- RemoveDirectoryW (Address: 0x1007417c)
- SetFileAttributesW (Address: 0x10074180)
- SetFileInformationByHandle (Address: 0x1007414c)
- WriteFile (Address: 0x10074168)
api-ms-win-core-file-l2-1-0.dll
- GetFileInformationByHandleEx (Address: 0x1007419c)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x100741a4)
- DuplicateHandle (Address: 0x100741a8)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x100741c0)
- HeapAlloc (Address: 0x100741c4)
- HeapDestroy (Address: 0x100741b0)
- HeapFree (Address: 0x100741b4)
- HeapReAlloc (Address: 0x100741b8)
- HeapSize (Address: 0x100741bc)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x100741d0)
- LocalFree (Address: 0x100741cc)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x100741d8)
api-ms-win-core-io-l1-1-0.dll
- DeviceIoControl (Address: 0x100741e0)
api-ms-win-core-job-l2-1-0.dll
- AssignProcessToJobObject (Address: 0x100741e8)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x100741fc)
- FreeLibrary (Address: 0x10074200)
- GetModuleFileNameA (Address: 0x100741f0)
- GetModuleFileNameW (Address: 0x10074208)
- GetModuleHandleExW (Address: 0x100741f8)
- GetModuleHandleW (Address: 0x100741f4)
- GetProcAddress (Address: 0x10074204)
api-ms-win-core-libraryloader-l1-2-1.dll
- LoadLibraryW (Address: 0x10074210)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x10074218)
api-ms-win-core-memory-l1-1-0.dll
- CreateFileMappingW (Address: 0x10074224)
- MapViewOfFile (Address: 0x10074228)
- UnmapViewOfFile (Address: 0x10074220)
api-ms-win-core-path-l1-1-0.dll
- PathAllocCanonicalize (Address: 0x10074240)
- PathAllocCombine (Address: 0x10074234)
- PathCchRemoveBackslash (Address: 0x10074230)
- PathCchSkipRoot (Address: 0x10074238)
- PathIsUNCEx (Address: 0x1007423c)
api-ms-win-core-processenvironment-l1-1-0.dll
- ExpandEnvironmentStringsW (Address: 0x10074250)
- GetCurrentDirectoryA (Address: 0x10074248)
- GetCurrentDirectoryW (Address: 0x1007424c)
api-ms-win-core-processthreads-l1-1-0.dll
- CreateProcessAsUserW (Address: 0x10074270)
- GetCurrentProcess (Address: 0x10074290)
- GetCurrentProcessId (Address: 0x1007428c)
- GetCurrentThread (Address: 0x10074298)
- GetCurrentThreadId (Address: 0x10074274)
- GetProcessId (Address: 0x1007426c)
- OpenProcessToken (Address: 0x10074278)
- OpenThread (Address: 0x10074260)
- OpenThreadToken (Address: 0x10074268)
- ProcessIdToSessionId (Address: 0x10074258)
- SetThreadToken (Address: 0x10074264)
- SuspendThread (Address: 0x1007425c)
- TerminateProcess (Address: 0x10074288)
- TlsAlloc (Address: 0x10074280)
- TlsFree (Address: 0x10074294)
- TlsGetValue (Address: 0x10074284)
- TlsSetValue (Address: 0x1007427c)
api-ms-win-core-processthreads-l1-1-1.dll
- IsProcessorFeaturePresent (Address: 0x100742a0)
- OpenProcess (Address: 0x100742a4)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x100742ac)
api-ms-win-core-psapi-l1-1-0.dll
- QueryFullProcessImageNameW (Address: 0x100742b4)
api-ms-win-core-psm-key-l1-1-0.dll
- PsmGetApplicationNameFromKey (Address: 0x100742bc)
- PsmGetPackageFullNameFromKey (Address: 0x100742c0)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x100742cc)
- RegCreateKeyExW (Address: 0x100742dc)
- RegDeleteTreeW (Address: 0x100742d8)
- RegGetValueW (Address: 0x100742c8)
- RegOpenCurrentUser (Address: 0x100742d4)
- RegOpenKeyExW (Address: 0x100742e4)
- RegQueryInfoKeyW (Address: 0x100742d0)
- RegSetValueExW (Address: 0x100742e0)
api-ms-win-core-registry-l2-1-0.dll
- RegOpenKeyW (Address: 0x100742ec)
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
- PathIsRelativeW (Address: 0x100742f8)
- PathUnExpandEnvStringsW (Address: 0x100742f4)
api-ms-win-core-shlwapi-obsolete-l1-1-0.dll
- StrIsIntlEqualW (Address: 0x10074300)
api-ms-win-core-string-l1-1-0.dll
- CompareStringOrdinal (Address: 0x10074308)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x1007435c)
- AcquireSRWLockShared (Address: 0x10074354)
- CreateEventExW (Address: 0x10074310)
- CreateEventW (Address: 0x10074318)
- CreateMutexExW (Address: 0x10074350)
- CreateSemaphoreExW (Address: 0x10074320)
- DeleteCriticalSection (Address: 0x10074334)
- EnterCriticalSection (Address: 0x10074338)
- InitializeCriticalSectionAndSpinCount (Address: 0x1007434c)
- InitializeCriticalSectionEx (Address: 0x10074330)
- InitializeSRWLock (Address: 0x10074314)
- LeaveCriticalSection (Address: 0x1007433c)
- OpenSemaphoreW (Address: 0x10074344)
- ReleaseMutex (Address: 0x1007432c)
- ReleaseSemaphore (Address: 0x10074324)
- ReleaseSRWLockExclusive (Address: 0x10074360)
- ReleaseSRWLockShared (Address: 0x10074348)
- ResetEvent (Address: 0x1007431c)
- SetEvent (Address: 0x10074358)
- WaitForSingleObject (Address: 0x10074328)
- WaitForSingleObjectEx (Address: 0x10074340)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceBeginInitialize (Address: 0x10074368)
- InitOnceComplete (Address: 0x10074374)
- InitOnceExecuteOnce (Address: 0x10074370)
- Sleep (Address: 0x1007436c)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemDirectoryW (Address: 0x10074388)
- GetSystemInfo (Address: 0x10074380)
- GetSystemTimeAsFileTime (Address: 0x1007437c)
- GetTickCount (Address: 0x10074384)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x10074390)
- CreateThreadpoolTimer (Address: 0x10074394)
- SetThreadpoolTimer (Address: 0x10074398)
- WaitForThreadpoolTimerCallbacks (Address: 0x1007439c)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x100743a4)
- EncodePointer (Address: 0x100743a8)
api-ms-win-core-windowserrorreporting-l1-1-0.dll
- GetApplicationRestartSettings (Address: 0x100743b0)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x100743b8)
- RoGetActivationFactory (Address: 0x100743bc)
api-ms-win-core-wow64-l1-1-0.dll
- Wow64DisableWow64FsRedirection (Address: 0x100743c8)
- Wow64RevertWow64FsRedirection (Address: 0x100743c4)
api-ms-win-crt-private-l1-1-0.dll
- __CxxFrameHandler3 (Address: 0x1007446c)
- __std_terminate (Address: 0x10074468)
- __std_type_info_compare (Address: 0x10074464)
- _CxxThrowException (Address: 0x10074418)
- _except_handler4_common (Address: 0x10074414)
- _o___std_exception_copy (Address: 0x1007445c)
- _o___std_exception_destroy (Address: 0x10074458)
- _o___std_type_info_destroy_list (Address: 0x10074454)
- _o___stdio_common_vsnprintf_s (Address: 0x10074450)
- _o___stdio_common_vswprintf (Address: 0x1007444c)
- _o__aligned_free (Address: 0x10074448)
- _o__aligned_malloc (Address: 0x10074444)
- _o__callnewh (Address: 0x10074440)
- _o__cexit (Address: 0x1007443c)
- _o__configure_narrow_argv (Address: 0x10074438)
- _o__crt_atexit (Address: 0x10074434)
- _o__errno (Address: 0x10074430)
- _o__execute_onexit_table (Address: 0x1007442c)
- _o__initialize_narrow_environment (Address: 0x10074428)
- _o__initialize_onexit_table (Address: 0x10074424)
- _o__invalid_parameter_noinfo (Address: 0x10074420)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x1007441c)
- _o__purecall (Address: 0x100743d0)
- _o__register_onexit_function (Address: 0x100743d4)
- _o__seh_filter_dll (Address: 0x100743d8)
- _o__ui64tow_s (Address: 0x100743dc)
- _o__wcsicmp (Address: 0x100743e0)
- _o__wcsnicmp (Address: 0x100743e4)
- _o__wtoi (Address: 0x100743e8)
- _o_calloc (Address: 0x100743f0)
- _o_ceil (Address: 0x100743f4)
- _o_free (Address: 0x100743f8)
- _o_malloc (Address: 0x100743fc)
- _o_terminate (Address: 0x10074400)
- _o_toupper (Address: 0x10074404)
- _o_wcscat_s (Address: 0x10074408)
- _o_wcsncat_s (Address: 0x1007440c)
- _o_wcsncpy_s (Address: 0x10074410)
- memcmp (Address: 0x10074470)
- memcpy (Address: 0x10074474)
- memmove (Address: 0x100743ec)
- wcschr (Address: 0x10074460)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x10074480)
- _initterm_e (Address: 0x1007447c)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x1007448c)
- wcsncmp (Address: 0x10074490)
- wcsnlen (Address: 0x10074488)
api-ms-win-eventing-provider-l1-1-0.dll
- EventActivityIdControl (Address: 0x10074498)
- EventProviderEnabled (Address: 0x100744a0)
- EventRegister (Address: 0x100744a8)
- EventSetInformation (Address: 0x100744ac)
- EventUnregister (Address: 0x1007449c)
- EventWriteTransfer (Address: 0x100744a4)
api-ms-win-security-base-private-l1-1-1.dll
- CreateAppContainerToken (Address: 0x100744b4)
api-ms-win-security-capability-l1-1-0.dll
- CapabilityCheck (Address: 0x100744bc)
api-ms-win-security-lsalookup-l2-1-0.dll
- LookupPrivilegeValueW (Address: 0x100744c4)
api-ms-win-security-sddl-l1-1-0.dll
- ConvertSecurityDescriptorToStringSecurityDescriptorW (Address: 0x100744cc)
- ConvertSidToStringSidW (Address: 0x100744d0)
- ConvertStringSecurityDescriptorToSecurityDescriptorW (Address: 0x100744d4)
api-ms-win-shcore-taskpool-l1-1-0.dll
- SHTaskPoolGetUniqueContext (Address: 0x100744e0)
- SHTaskPoolQueueTask (Address: 0x100744dc)
api-ms-win-shell-shellfolders-l1-1-0.dll
- SHGetKnownFolderPath (Address: 0x100744e8)
AppXDeploymentClient.dll
- (Address: 0x10074000)
container.dll
- _WcCleanupContainer@8 (Address: 0x100744fc)
- _WcGetComRegistryRoot@8 (Address: 0x100744f8)
- _WcGetContainerIdentifier@8 (Address: 0x10074500)
- _WcIsContainerQuiescent@8 (Address: 0x100744f0)
- _WcRegisterForContainerTerminationNotification@16 (Address: 0x10074508)
- _WcReleaseContainerTerminationNotification@4 (Address: 0x1007450c)
- ?CreateContainer@container@@YGXPAXABUContainer@DefinitionFile@1@_N0@Z (Address: 0x10074504)
- ?GetContainerIdentifierString@container@@YG?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAX@Z (Address: 0x100744f4)
FLTLIB.DLL
- FilterAttach (Address: 0x1007401c)
- FilterConnectCommunicationPort (Address: 0x10074010)
- FilterInstanceClose (Address: 0x10074008)
- FilterInstanceCreate (Address: 0x1007400c)
- FilterLoad (Address: 0x10074018)
- FilterSendMessage (Address: 0x10074014)
msvcp_win.dll
- _Close_dir (Address: 0x100745a4)
- _File_size (Address: 0x10074580)
- _Lstat (Address: 0x10074590)
- _Make_dir (Address: 0x1007457c)
- _Mtx_destroy_in_situ (Address: 0x10074598)
- _Mtx_init_in_situ (Address: 0x10074594)
- _Open_dir (Address: 0x1007459c)
- _Query_perf_counter (Address: 0x100745d0)
- _Query_perf_frequency (Address: 0x100745cc)
- _Read_dir (Address: 0x100745a0)
- _Remove_dir (Address: 0x10074584)
- _Stat (Address: 0x1007458c)
- _Thrd_sleep (Address: 0x100745c0)
- _Thrd_yield (Address: 0x100745c4)
- _Unlink (Address: 0x10074588)
- _Xtime_get_ticks (Address: 0x100745c8)
- ?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z (Address: 0x10074570)
- ?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ (Address: 0x10074538)
- ?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ (Address: 0x1007452c)
- ?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ (Address: 0x10074518)
- ?_Syserror_map@std@@YAPBDH@Z (Address: 0x1007456c)
- ?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ (Address: 0x10074534)
- ?_Winerror_map@std@@YAHH@Z (Address: 0x10074574)
- ?_Winerror_message@std@@YAKKPADK@Z (Address: 0x10074578)
- ?_Xbad_function_call@std@@YAXXZ (Address: 0x100745a8)
- ?_Xlength_error@std@@YAXPBD@Z (Address: 0x100745d4)
- ?_Xout_of_range@std@@YAXPBD@Z (Address: 0x100745b4)
- ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ (Address: 0x10074560)
- ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z (Address: 0x10074564)
- ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ (Address: 0x1007455c)
- ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ (Address: 0x100745bc)
- ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ (Address: 0x100745b8)
- ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ (Address: 0x1007451c)
- ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z (Address: 0x100745b0)
- ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z (Address: 0x10074568)
- ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z (Address: 0x100745ac)
- ?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ (Address: 0x10074520)
- ?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXH@Z (Address: 0x10074514)
- ?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEXABVlocale@2@@Z (Address: 0x10074554)
- ?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAG_J@Z (Address: 0x10074550)
- ?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z (Address: 0x10074524)
- ?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JXZ (Address: 0x10074544)
- ?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z (Address: 0x1007453c)
- ?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE_JPBG_J@Z (Address: 0x10074558)
- ?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEHXZ (Address: 0x10074528)
- ?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ (Address: 0x10074548)
- ?uncaught_exception@std@@YA_NXZ (Address: 0x10074530)
- ?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z (Address: 0x1007454c)
- ?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z (Address: 0x10074540)
ntdll.dll
- EtwEventRegister (Address: 0x1007468c)
- EtwEventUnregister (Address: 0x1007467c)
- EtwEventWrite (Address: 0x10074680)
- EtwEventWriteNoRegistration (Address: 0x100746e8)
- NtAlpcConnectPort (Address: 0x100746d0)
- NtAlpcSendWaitReceivePort (Address: 0x100746cc)
- NtClose (Address: 0x100746dc)
- NtCreateFile (Address: 0x10074704)
- NtCreateJobObject (Address: 0x1007465c)
- NtCreateKey (Address: 0x100745e8)
- NtCreateKeyTransacted (Address: 0x10074620)
- NtCreateMutant (Address: 0x10074660)
- NtDeleteFile (Address: 0x10074618)
- NtDeleteKey (Address: 0x1007463c)
- NtDeleteValueKey (Address: 0x100745fc)
- NtDuplicateObject (Address: 0x100745f4)
- NtDuplicateToken (Address: 0x10074738)
- NtEnumerateKey (Address: 0x10074638)
- NtEnumerateValueKey (Address: 0x10074634)
- NtFlushKey (Address: 0x1007461c)
- NtMakeTemporaryObject (Address: 0x10074658)
- NtNotifyChangeKey (Address: 0x10074614)
- NtNotifyChangeMultipleKeys (Address: 0x10074628)
- NtOpenEvent (Address: 0x100746e4)
- NtOpenFile (Address: 0x10074700)
- NtOpenJobObject (Address: 0x10074690)
- NtOpenKey (Address: 0x10074630)
- NtOpenKeyEx (Address: 0x1007462c)
- NtOpenKeyTransacted (Address: 0x100746f4)
- NtOpenKeyTransactedEx (Address: 0x10074744)
- NtOpenMutant (Address: 0x10074668)
- NtOpenProcess (Address: 0x100746c8)
- NtQueryAttributesFile (Address: 0x100745f8)
- NtQueryDirectoryFile (Address: 0x10074740)
- NtQueryDirectoryFileEx (Address: 0x10074600)
- NtQueryFullAttributesFile (Address: 0x1007470c)
- NtQueryInformationFile (Address: 0x100745f0)
- NtQueryInformationProcess (Address: 0x100746a0)
- NtQueryInformationToken (Address: 0x1007473c)
- NtQueryKey (Address: 0x1007464c)
- NtQueryMultipleValueKey (Address: 0x10074648)
- NtQueryObject (Address: 0x10074664)
- NtQuerySecurityAttributesToken (Address: 0x10074694)
- NtQuerySecurityObject (Address: 0x10074688)
- NtQuerySystemInformation (Address: 0x100746d8)
- NtQueryValueKey (Address: 0x100746f8)
- NtRenameKey (Address: 0x100745dc)
- NtSetInformationFile (Address: 0x10074624)
- NtSetInformationJobObject (Address: 0x10074650)
- NtSetInformationKey (Address: 0x100745ec)
- NtSetSecurityObject (Address: 0x10074610)
- NtSetValueKey (Address: 0x100746a4)
- NtTerminateJobObject (Address: 0x10074654)
- NtTerminateProcess (Address: 0x10074728)
- NtWaitForMultipleObjects (Address: 0x100746bc)
- NtWaitForSingleObject (Address: 0x100746e0)
- PssNtCaptureSnapshot (Address: 0x100746c4)
- PssNtFreeSnapshot (Address: 0x100746c0)
- RtlAcquireSRWLockExclusive (Address: 0x10074750)
- RtlAdjustPrivilege (Address: 0x10074724)
- RtlAllocateAndInitializeSid (Address: 0x100746d4)
- RtlAllocateHeap (Address: 0x100746b8)
- RtlCompareUnicodeString (Address: 0x10074640)
- RtlCopySid (Address: 0x10074684)
- RtlCreateSecurityDescriptor (Address: 0x10074670)
- RtlCreateServiceSid (Address: 0x1007472c)
- RtlDeriveCapabilitySidsFromName (Address: 0x100746fc)
- RtlDosPathNameToNtPathName_U_WithStatus (Address: 0x10074678)
- RtlEqualSid (Address: 0x100746ac)
- RtlExpandEnvironmentStrings (Address: 0x10074710)
- RtlFindAceByType (Address: 0x100746a8)
- RtlFindNextForwardRunClear (Address: 0x10074604)
- RtlFreeHeap (Address: 0x100746b4)
- RtlFreeSid (Address: 0x10074720)
- RtlGetDaclSecurityDescriptor (Address: 0x10074674)
- RtlGetLastNtStatus (Address: 0x1007469c)
- RtlInitializeSRWLock (Address: 0x1007460c)
- RtlInitUnicodeString (Address: 0x10074708)
- RtlLengthSid (Address: 0x100746b0)
- RtlNtStatusToDosError (Address: 0x10074718)
- RtlNtStatusToDosErrorNoTeb (Address: 0x10074644)
- RtlNumberOfSetBits (Address: 0x10074608)
- RtlQueryEnvironmentVariable (Address: 0x10074714)
- RtlQueryResourcePolicy (Address: 0x10074758)
- RtlReleaseSRWLockExclusive (Address: 0x10074754)
- RtlRunOnceBeginInitialize (Address: 0x10074734)
- RtlRunOnceComplete (Address: 0x100745e4)
- RtlRunOnceExecuteOnce (Address: 0x10074730)
- RtlSetDaclSecurityDescriptor (Address: 0x1007466c)
- RtlSleepConditionVariableSRW (Address: 0x10074748)
- RtlUpcaseUnicodeChar (Address: 0x100745e0)
- RtlValidSid (Address: 0x10074698)
- RtlWakeAllConditionVariable (Address: 0x1007474c)
- RtlWow64IsWowGuestMachineSupported (Address: 0x1007471c)
- wcsstr (Address: 0x1007475c)
- ZwQueryWnfStateNameInformation (Address: 0x100746f0)
- ZwUpdateWnfStateData (Address: 0x100746ec)
profapi.dll
- (Address: 0x10074764)
- (Address: 0x10074768)
RPCRT4.dll
- CStdStubBuffer_AddRef (Address: 0x10074040)
- CStdStubBuffer_Connect (Address: 0x1007403c)
- CStdStubBuffer_CountRefs (Address: 0x10074030)
- CStdStubBuffer_DebugServerQueryInterface (Address: 0x10074064)
- CStdStubBuffer_DebugServerRelease (Address: 0x10074024)
- CStdStubBuffer_Disconnect (Address: 0x1007404c)
- CStdStubBuffer_Invoke (Address: 0x10074078)
- CStdStubBuffer_IsIIDSupported (Address: 0x1007407c)
- CStdStubBuffer_QueryInterface (Address: 0x1007402c)
- I_RpcExceptionFilter (Address: 0x1007405c)
- IUnknown_AddRef_Proxy (Address: 0x10074074)
- IUnknown_QueryInterface_Proxy (Address: 0x1007406c)
- IUnknown_Release_Proxy (Address: 0x10074034)
- NdrAsyncClientCall (Address: 0x10074038)
- NdrCStdStubBuffer_Release (Address: 0x10074090)
- NdrCStdStubBuffer2_Release (Address: 0x10074080)
- NdrDllCanUnloadNow (Address: 0x10074094)
- NdrDllGetClassObject (Address: 0x10074098)
- NdrOleAllocate (Address: 0x10074028)
- NdrOleFree (Address: 0x10074044)
- NdrStubCall2 (Address: 0x1007408c)
- NdrStubForwardingFunction (Address: 0x10074084)
- RpcAsyncCancelCall (Address: 0x10074088)
- RpcAsyncCompleteCall (Address: 0x10074058)
- RpcAsyncInitializeHandle (Address: 0x10074070)
- RpcBindingFree (Address: 0x10074048)
- RpcBindingFromStringBindingW (Address: 0x10074068)
- RpcBindingSetAuthInfoExW (Address: 0x10074054)
- RpcStringBindingComposeW (Address: 0x10074060)
- RpcStringFreeW (Address: 0x10074050)