CapabilityAccessManager.dll
Description: Capability Access Manager Service
Authors: © Microsoft Corporation. All rights reserved.
Version: 10.0.19041.6093
Architecture: 64-bit
Operating System: Windows NT
SHA256: f35bdf2be9b781b9ffb86ab9108c94e4
File Size: 397.0 KB
Uploaded At: Dec. 1, 2025, 7:23 a.m.
Views: 16
Security Warning
This file has been flagged as potentially dangerous.
Reason: Detected potentially dangerous functions used for process injection: OpenProcess
Exported Functions
- ServiceMain (Ordinal: 1, Address: 0x4f20)
- DllCanUnloadNow (Ordinal: 2, Address: 0x3c30)
- DllGetClassObject (Ordinal: 3, Address: 0x3cc0)
Imported DLLs & Functions
api-ms-win-core-apiquery-l1-1-0.dll
- ApiSetQueryApiSetPresence (Address: 0x18004d380)
api-ms-win-core-com-l1-1-0.dll
- CLSIDFromString (Address: 0x18004d390)
- CoAddRefServerProcess (Address: 0x18004d3f0)
- CoCreateFreeThreadedMarshaler (Address: 0x18004d398)
- CoCreateInstance (Address: 0x18004d3e0)
- CoDisconnectContext (Address: 0x18004d3d0)
- CoGetApartmentType (Address: 0x18004d3b0)
- CoImpersonateClient (Address: 0x18004d3a0)
- CoRegisterClassObject (Address: 0x18004d3d8)
- CoReleaseServerProcess (Address: 0x18004d3e8)
- CoResumeClassObjects (Address: 0x18004d3c8)
- CoRevertToSelf (Address: 0x18004d3a8)
- CoRevokeClassObject (Address: 0x18004d3c0)
- CoTaskMemAlloc (Address: 0x18004d3b8)
- CoTaskMemFree (Address: 0x18004d3f8)
- CoWaitForMultipleHandles (Address: 0x18004d400)
api-ms-win-core-debug-l1-1-0.dll
- DebugBreak (Address: 0x18004d420)
- IsDebuggerPresent (Address: 0x18004d410)
- OutputDebugStringW (Address: 0x18004d418)
api-ms-win-core-delayload-l1-1-0.dll
- DelayLoadFailureHook (Address: 0x18004d430)
api-ms-win-core-delayload-l1-1-1.dll
- ResolveDelayLoadedAPI (Address: 0x18004d440)
api-ms-win-core-errorhandling-l1-1-0.dll
- GetLastError (Address: 0x18004d460)
- RaiseException (Address: 0x18004d458)
- SetLastError (Address: 0x18004d450)
- SetUnhandledExceptionFilter (Address: 0x18004d470)
- UnhandledExceptionFilter (Address: 0x18004d468)
api-ms-win-core-handle-l1-1-0.dll
- CloseHandle (Address: 0x18004d480)
api-ms-win-core-heap-l1-1-0.dll
- GetProcessHeap (Address: 0x18004d498)
- HeapAlloc (Address: 0x18004d4a0)
- HeapFree (Address: 0x18004d490)
api-ms-win-core-heap-l2-1-0.dll
- LocalAlloc (Address: 0x18004d4b0)
- LocalFree (Address: 0x18004d4b8)
api-ms-win-core-interlocked-l1-1-0.dll
- InitializeSListHead (Address: 0x18004d4c8)
api-ms-win-core-libraryloader-l1-2-0.dll
- DisableThreadLibraryCalls (Address: 0x18004d4e8)
- GetModuleFileNameA (Address: 0x18004d4f0)
- GetModuleHandleExW (Address: 0x18004d4f8)
- GetModuleHandleW (Address: 0x18004d4e0)
- GetProcAddress (Address: 0x18004d4d8)
api-ms-win-core-localization-l1-2-0.dll
- FormatMessageW (Address: 0x18004d508)
api-ms-win-core-processthreads-l1-1-0.dll
- GetCurrentProcess (Address: 0x18004d518)
- GetCurrentProcessId (Address: 0x18004d540)
- GetCurrentThread (Address: 0x18004d538)
- GetCurrentThreadId (Address: 0x18004d528)
- OpenProcessToken (Address: 0x18004d520)
- OpenThreadToken (Address: 0x18004d548)
- TerminateProcess (Address: 0x18004d530)
api-ms-win-core-processthreads-l1-1-1.dll
- IsProcessorFeaturePresent (Address: 0x18004d560)
- OpenProcess (Address: 0x18004d558)
api-ms-win-core-profile-l1-1-0.dll
- QueryPerformanceCounter (Address: 0x18004d570)
api-ms-win-core-psapi-l1-1-0.dll
- K32GetProcessImageFileNameW (Address: 0x18004d588)
- QueryFullProcessImageNameW (Address: 0x18004d580)
api-ms-win-core-quirks-l1-1-0.dll
- QuirkIsEnabledForProcess (Address: 0x18004d598)
api-ms-win-core-registry-l1-1-0.dll
- RegCloseKey (Address: 0x18004d5d0)
- RegCreateKeyExW (Address: 0x18004d5b0)
- RegDeleteTreeW (Address: 0x18004d5e0)
- RegEnumKeyExW (Address: 0x18004d5c8)
- RegGetValueW (Address: 0x18004d5a8)
- RegOpenKeyExW (Address: 0x18004d5b8)
- RegQueryInfoKeyW (Address: 0x18004d5c0)
- RegSetValueExW (Address: 0x18004d5d8)
api-ms-win-core-rtlsupport-l1-1-0.dll
- RtlCaptureContext (Address: 0x18004d600)
- RtlLookupFunctionEntry (Address: 0x18004d5f8)
- RtlVirtualUnwind (Address: 0x18004d5f0)
api-ms-win-core-string-l1-1-0.dll
- CompareStringOrdinal (Address: 0x18004d610)
api-ms-win-core-synch-l1-1-0.dll
- AcquireSRWLockExclusive (Address: 0x18004d670)
- AcquireSRWLockShared (Address: 0x18004d688)
- CreateEventExW (Address: 0x18004d628)
- CreateEventW (Address: 0x18004d6b0)
- CreateMutexExW (Address: 0x18004d6a0)
- CreateSemaphoreExW (Address: 0x18004d668)
- DeleteCriticalSection (Address: 0x18004d6b8)
- EnterCriticalSection (Address: 0x18004d680)
- InitializeCriticalSectionAndSpinCount (Address: 0x18004d658)
- InitializeCriticalSectionEx (Address: 0x18004d648)
- InitializeSRWLock (Address: 0x18004d650)
- LeaveCriticalSection (Address: 0x18004d6a8)
- OpenSemaphoreW (Address: 0x18004d660)
- ReleaseMutex (Address: 0x18004d638)
- ReleaseSemaphore (Address: 0x18004d698)
- ReleaseSRWLockExclusive (Address: 0x18004d630)
- ReleaseSRWLockShared (Address: 0x18004d678)
- SetEvent (Address: 0x18004d690)
- WaitForSingleObject (Address: 0x18004d620)
- WaitForSingleObjectEx (Address: 0x18004d640)
api-ms-win-core-synch-l1-2-0.dll
- InitOnceBeginInitialize (Address: 0x18004d6d0)
- InitOnceComplete (Address: 0x18004d6c8)
- InitOnceExecuteOnce (Address: 0x18004d6d8)
api-ms-win-core-sysinfo-l1-1-0.dll
- GetSystemTimeAsFileTime (Address: 0x18004d6e8)
api-ms-win-core-threadpool-l1-2-0.dll
- CloseThreadpoolTimer (Address: 0x18004d720)
- CloseThreadpoolWait (Address: 0x18004d710)
- CreateThreadpoolTimer (Address: 0x18004d718)
- CreateThreadpoolWait (Address: 0x18004d700)
- SetThreadpoolTimer (Address: 0x18004d728)
- SetThreadpoolWait (Address: 0x18004d708)
- TrySubmitThreadpoolCallback (Address: 0x18004d730)
- WaitForThreadpoolTimerCallbacks (Address: 0x18004d6f8)
api-ms-win-core-util-l1-1-0.dll
- DecodePointer (Address: 0x18004d748)
- EncodePointer (Address: 0x18004d740)
api-ms-win-core-winrt-error-l1-1-0.dll
- RoOriginateError (Address: 0x18004d760)
- RoOriginateErrorW (Address: 0x18004d768)
- RoTransformError (Address: 0x18004d758)
api-ms-win-core-winrt-l1-1-0.dll
- RoActivateInstance (Address: 0x18004d798)
- RoGetActivationFactory (Address: 0x18004d7a0)
- RoInitialize (Address: 0x18004d790)
- RoRegisterActivationFactories (Address: 0x18004d788)
- RoRevokeActivationFactories (Address: 0x18004d778)
- RoUninitialize (Address: 0x18004d780)
api-ms-win-core-winrt-string-l1-1-0.dll
- WindowsCreateString (Address: 0x18004d7b0)
- WindowsCreateStringReference (Address: 0x18004d7b8)
- WindowsDeleteString (Address: 0x18004d7d0)
- WindowsDuplicateString (Address: 0x18004d7c0)
- WindowsGetStringRawBuffer (Address: 0x18004d7c8)
- WindowsIsStringEmpty (Address: 0x18004d7d8)
- WindowsStringHasEmbeddedNull (Address: 0x18004d7e0)
api-ms-win-crt-math-l1-1-0.dll
- ceilf (Address: 0x18004d7f0)
api-ms-win-crt-private-l1-1-0.dll
- __C_specific_handler (Address: 0x18004d878)
- __CxxFrameHandler3 (Address: 0x18004d880)
- __CxxFrameHandler4 (Address: 0x18004d8f0)
- __std_terminate (Address: 0x18004d8d8)
- _CxxThrowException (Address: 0x18004d888)
- _o___std_exception_copy (Address: 0x18004d8f8)
- _o___std_exception_destroy (Address: 0x18004d8e8)
- _o___std_type_info_destroy_list (Address: 0x18004d8e0)
- _o___stdio_common_vsnprintf_s (Address: 0x18004d8d0)
- _o___stdio_common_vswprintf (Address: 0x18004d8c0)
- _o__callnewh (Address: 0x18004d8b8)
- _o__cexit (Address: 0x18004d8b0)
- _o__configure_narrow_argv (Address: 0x18004d8a8)
- _o__crt_atexit (Address: 0x18004d8a0)
- _o__errno (Address: 0x18004d898)
- _o__execute_onexit_table (Address: 0x18004d890)
- _o__initialize_narrow_environment (Address: 0x18004d800)
- _o__initialize_onexit_table (Address: 0x18004d808)
- _o__invalid_parameter_noinfo (Address: 0x18004d810)
- _o__invalid_parameter_noinfo_noreturn (Address: 0x18004d818)
- _o__purecall (Address: 0x18004d820)
- _o__register_onexit_function (Address: 0x18004d828)
- _o__seh_filter_dll (Address: 0x18004d830)
- _o__wcsicmp (Address: 0x18004d840)
- _o__wcsnicmp (Address: 0x18004d848)
- _o_free (Address: 0x18004d850)
- _o_malloc (Address: 0x18004d858)
- _o_realloc (Address: 0x18004d860)
- _o_terminate (Address: 0x18004d868)
- _o_towlower (Address: 0x18004d870)
- memcmp (Address: 0x18004d900)
- memcpy (Address: 0x18004d908)
- memmove (Address: 0x18004d838)
- wcschr (Address: 0x18004d8c8)
api-ms-win-crt-runtime-l1-1-0.dll
- _initterm (Address: 0x18004d920)
- _initterm_e (Address: 0x18004d918)
api-ms-win-crt-string-l1-1-0.dll
- memset (Address: 0x18004d930)
api-ms-win-eventing-classicprovider-l1-1-0.dll
- GetTraceEnableFlags (Address: 0x18004d968)
- GetTraceEnableLevel (Address: 0x18004d960)
- GetTraceLoggerHandle (Address: 0x18004d958)
- RegisterTraceGuidsW (Address: 0x18004d950)
- TraceMessage (Address: 0x18004d940)
- UnregisterTraceGuids (Address: 0x18004d948)
api-ms-win-eventing-provider-l1-1-0.dll
- EventRegister (Address: 0x18004d978)
- EventSetInformation (Address: 0x18004d988)
- EventUnregister (Address: 0x18004d980)
- EventWriteTransfer (Address: 0x18004d990)
api-ms-win-security-lsalookup-l1-1-0.dll
- LsaLookupClose (Address: 0x18004d9a0)
- LsaLookupFreeMemory (Address: 0x18004d9b0)
- LsaLookupGetDomainInfo (Address: 0x18004d9b8)
- LsaLookupOpenLocalPolicy (Address: 0x18004d9a8)
api-ms-win-service-core-l1-1-0.dll
- RegisterServiceCtrlHandlerExW (Address: 0x18004d9c8)
- SetServiceStatus (Address: 0x18004d9d0)
combase.dll
- (Address: 0x18004d9e0)
- (Address: 0x18004d9e8)
- (Address: 0x18004d9f0)
- (Address: 0x18004d9f8)
- (Address: 0x18004da00)
- (Address: 0x18004da08)
msvcp_win.dll
- ?_Xlength_error@std@@YAXPEBD@Z (Address: 0x18004da18)
- ?_Xout_of_range@std@@YAXPEBD@Z (Address: 0x18004da20)
ntdll.dll
- NtQueryInformationToken (Address: 0x18004da30)
- RtlAllocateHeap (Address: 0x18004da50)
- RtlCapabilityCheck (Address: 0x18004da48)
- RtlCompareUnicodeString (Address: 0x18004da88)
- RtlDeriveCapabilitySidsFromName (Address: 0x18004da68)
- RtlEqualSid (Address: 0x18004da78)
- RtlFreeHeap (Address: 0x18004da38)
- RtlFreeSid (Address: 0x18004da70)
- RtlGetDeviceFamilyInfoEnum (Address: 0x18004da60)
- RtlGetPersistedStateLocation (Address: 0x18004da90)
- RtlInitUnicodeString (Address: 0x18004da40)
- RtlNtStatusToDosErrorNoTeb (Address: 0x18004da58)
- RtlPublishWnfStateData (Address: 0x18004da80)
- RtlQueryPackageClaims (Address: 0x18004da98)
RPCRT4.dll
- RpcServerInqCallAttributesW (Address: 0x18004d370)