CapabilityAccessHandlers.dll

Description: Capability Access Manager - Handlers' Shared DLL

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.4355

Architecture: 64-bit

Operating System: Windows NT

SHA256: 5ae2a04fa1939147e857d2c25689d319

File Size: 63.5 KB

Uploaded At: Dec. 1, 2025, 7:23 a.m.

Views: 17

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllCanUnloadNow (Ordinal: 1, Address: 0x15d0)
  • DllGetClassObject (Ordinal: 2, Address: 0x1620)

Imported DLLs & Functions

api-ms-win-appmodel-runtime-l1-1-0.dll
  • GetPackageFamilyName (Address: 0x18000b948)
api-ms-win-core-com-l1-1-0.dll
  • CLSIDFromString (Address: 0x18000b958)
  • CoCreateInstance (Address: 0x18000b980)
  • CoTaskMemAlloc (Address: 0x18000b978)
  • CoTaskMemFree (Address: 0x18000b960)
  • StringFromCLSID (Address: 0x18000b970)
  • StringFromGUID2 (Address: 0x18000b968)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x18000b9a0)
  • IsDebuggerPresent (Address: 0x18000b990)
  • OutputDebugStringW (Address: 0x18000b998)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x18000b9b0)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x18000b9c0)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x18000b9d0)
  • RaiseException (Address: 0x18000b9f0)
  • SetLastError (Address: 0x18000b9e8)
  • SetUnhandledExceptionFilter (Address: 0x18000b9e0)
  • UnhandledExceptionFilter (Address: 0x18000b9d8)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x18000ba00)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x18000ba18)
  • HeapAlloc (Address: 0x18000ba20)
  • HeapFree (Address: 0x18000ba10)
api-ms-win-core-heap-l2-1-0.dll
  • LocalAlloc (Address: 0x18000ba30)
  • LocalFree (Address: 0x18000ba38)
api-ms-win-core-interlocked-l1-1-0.dll
  • InitializeSListHead (Address: 0x18000ba48)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x18000ba60)
  • GetModuleFileNameA (Address: 0x18000ba58)
  • GetModuleHandleExW (Address: 0x18000ba78)
  • GetModuleHandleW (Address: 0x18000ba70)
  • GetProcAddress (Address: 0x18000ba68)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x18000ba88)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x18000baa8)
  • GetCurrentProcessId (Address: 0x18000ba98)
  • GetCurrentThreadId (Address: 0x18000bab8)
  • OpenProcessToken (Address: 0x18000baa0)
  • TerminateProcess (Address: 0x18000bab0)
api-ms-win-core-processthreads-l1-1-1.dll
  • IsProcessorFeaturePresent (Address: 0x18000bad0)
  • OpenProcess (Address: 0x18000bac8)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x18000bae0)
api-ms-win-core-psapi-l1-1-0.dll
  • K32EnumProcesses (Address: 0x18000baf0)
api-ms-win-core-registry-l1-1-0.dll
  • RegCloseKey (Address: 0x18000bb10)
  • RegGetValueW (Address: 0x18000bb00)
  • RegOpenKeyExW (Address: 0x18000bb08)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x18000bb30)
  • RtlLookupFunctionEntry (Address: 0x18000bb28)
  • RtlVirtualUnwind (Address: 0x18000bb20)
api-ms-win-core-string-l1-1-0.dll
  • CompareStringOrdinal (Address: 0x18000bb40)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x18000bb90)
  • AcquireSRWLockShared (Address: 0x18000bb80)
  • CreateMutexExW (Address: 0x18000bba0)
  • CreateSemaphoreExW (Address: 0x18000bb60)
  • OpenSemaphoreW (Address: 0x18000bb50)
  • ReleaseMutex (Address: 0x18000bb70)
  • ReleaseSemaphore (Address: 0x18000bb58)
  • ReleaseSRWLockExclusive (Address: 0x18000bb98)
  • ReleaseSRWLockShared (Address: 0x18000bb88)
  • WaitForSingleObject (Address: 0x18000bb68)
  • WaitForSingleObjectEx (Address: 0x18000bb78)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceExecuteOnce (Address: 0x18000bbb0)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x18000bbc0)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x18000bbd8)
  • EncodePointer (Address: 0x18000bbd0)
api-ms-win-core-winrt-error-l1-1-0.dll
  • RoOriginateError (Address: 0x18000bbe8)
api-ms-win-core-winrt-l1-1-0.dll
  • RoGetActivationFactory (Address: 0x18000bbf8)
api-ms-win-core-winrt-string-l1-1-0.dll
  • WindowsCreateStringReference (Address: 0x18000bc08)
api-ms-win-crt-private-l1-1-0.dll
  • __C_specific_handler (Address: 0x18000bc80)
  • __CxxFrameHandler3 (Address: 0x18000bc88)
  • __CxxFrameHandler4 (Address: 0x18000bcd8)
  • _CxxThrowException (Address: 0x18000bc90)
  • _o___std_exception_copy (Address: 0x18000bcd0)
  • _o___std_exception_destroy (Address: 0x18000bcc8)
  • _o___std_type_info_destroy_list (Address: 0x18000bcc0)
  • _o___stdio_common_vsnprintf_s (Address: 0x18000bcb0)
  • _o___stdio_common_vswprintf (Address: 0x18000bca8)
  • _o__callnewh (Address: 0x18000bca0)
  • _o__cexit (Address: 0x18000bc98)
  • _o__configure_narrow_argv (Address: 0x18000bcb8)
  • _o__crt_atexit (Address: 0x18000bc60)
  • _o__errno (Address: 0x18000bc18)
  • _o__execute_onexit_table (Address: 0x18000bc20)
  • _o__initialize_narrow_environment (Address: 0x18000bc28)
  • _o__initialize_onexit_table (Address: 0x18000bc30)
  • _o__invalid_parameter_noinfo (Address: 0x18000bc38)
  • _o__purecall (Address: 0x18000bc40)
  • _o__register_onexit_function (Address: 0x18000bc48)
  • _o__seh_filter_dll (Address: 0x18000bc50)
  • _o_free (Address: 0x18000bc68)
  • _o_malloc (Address: 0x18000bc70)
  • _o_memcpy_s (Address: 0x18000bc78)
  • memcpy (Address: 0x18000bc58)
api-ms-win-crt-runtime-l1-1-0.dll
  • _initterm (Address: 0x18000bce8)
  • _initterm_e (Address: 0x18000bcf0)
api-ms-win-crt-string-l1-1-0.dll
  • memset (Address: 0x18000bd00)
api-ms-win-devices-config-l1-1-1.dll
  • CM_Get_Device_Interface_PropertyW (Address: 0x18000bd10)
api-ms-win-devices-query-l1-1-0.dll
  • DevFreeObjectProperties (Address: 0x18000bd20)
  • DevFreeObjects (Address: 0x18000bd30)
  • DevGetObjectProperties (Address: 0x18000bd28)
  • DevGetObjects (Address: 0x18000bd38)
api-ms-win-devices-query-l1-1-1.dll
  • DevGetObjectPropertiesEx (Address: 0x18000bd48)
api-ms-win-security-base-l1-1-0.dll
  • DuplicateTokenEx (Address: 0x18000bd68)
  • EqualSid (Address: 0x18000bd58)
  • GetTokenInformation (Address: 0x18000bd60)
api-ms-win-security-base-l1-2-0.dll
  • CheckTokenCapability (Address: 0x18000bd78)
api-ms-win-security-capability-l1-1-0.dll
  • CapabilityCheck (Address: 0x18000bd88)
api-ms-win-security-sddl-l1-1-0.dll
  • ConvertSidToStringSidW (Address: 0x18000bda0)
  • ConvertStringSidToSidW (Address: 0x18000bd98)
ntdll.dll
  • NtSetInformationProcess (Address: 0x18000bdc8)
  • RtlDeriveCapabilitySidsFromName (Address: 0x18000bdb0)
  • RtlGUIDFromString (Address: 0x18000bdc0)
  • RtlInitUnicodeString (Address: 0x18000bdb8)