dab.dll

Description: Desktop Activity Broker DLL

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.3636

Architecture: 64-bit

Operating System: Windows NT

SHA256: c186104ada2b99e3fca286f3b0ad4180

File Size: 148.0 KB

Uploaded At: Dec. 1, 2025, 7:25 a.m.

Views: 10

Exported Functions

  • DabInitialize (Ordinal: 1, Address: 0x81a0)
  • DabPowerStateChanged (Ordinal: 2, Address: 0x147a0)
  • DabSessionStateChanged (Ordinal: 3, Address: 0x7830)
  • DabTerminate (Ordinal: 4, Address: 0x147b0)

Imported DLLs & Functions

ADVAPI32.dll
  • AllocateAndInitializeSid (Address: 0x18001c8a0)
  • CheckTokenMembership (Address: 0x18001c8c0)
  • CloseTrace (Address: 0x18001c858)
  • ControlTraceW (Address: 0x18001c850)
  • CopySid (Address: 0x18001c8c8)
  • EnableTraceEx2 (Address: 0x18001c840)
  • EqualSid (Address: 0x18001c8b8)
  • FreeSid (Address: 0x18001c8a8)
  • GetLengthSid (Address: 0x18001c8d8)
  • GetTokenInformation (Address: 0x18001c8b0)
  • OpenProcessToken (Address: 0x18001c8d0)
  • OpenThreadToken (Address: 0x18001c870)
  • OpenTraceW (Address: 0x18001c848)
  • ProcessTrace (Address: 0x18001c860)
  • RegCloseKey (Address: 0x18001c888)
  • RegCreateKeyExW (Address: 0x18001c8e0)
  • RegDeleteKeyExW (Address: 0x18001c838)
  • RegDeleteTreeW (Address: 0x18001c830)
  • RegEnumKeyExW (Address: 0x18001c890)
  • RegGetValueW (Address: 0x18001c898)
  • RegOpenKeyExW (Address: 0x18001c878)
  • RegQueryValueExW (Address: 0x18001c880)
  • StartTraceW (Address: 0x18001c868)
api-ms-win-core-apiquery-l1-1-0.dll
  • ApiSetQueryApiSetPresence (Address: 0x18001cb60)
api-ms-win-core-debug-l1-1-0.dll
  • IsDebuggerPresent (Address: 0x18001cb70)
api-ms-win-core-delayload-l1-1-0.dll
  • DelayLoadFailureHook (Address: 0x18001cb80)
api-ms-win-core-delayload-l1-1-1.dll
  • ResolveDelayLoadedAPI (Address: 0x18001cb90)
api-ms-win-core-errorhandling-l1-1-0.dll
  • SetUnhandledExceptionFilter (Address: 0x18001cba0)
  • UnhandledExceptionFilter (Address: 0x18001cba8)
api-ms-win-core-interlocked-l1-1-0.dll
  • InitializeSListHead (Address: 0x18001cbb8)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x18001cbc8)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x18001cbe8)
  • GetCurrentProcessId (Address: 0x18001cbd8)
  • GetCurrentThreadId (Address: 0x18001cbf0)
  • TerminateProcess (Address: 0x18001cbe0)
api-ms-win-core-processthreads-l1-1-1.dll
  • IsProcessorFeaturePresent (Address: 0x18001cc00)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x18001cc10)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x18001cc20)
  • RtlLookupFunctionEntry (Address: 0x18001cc28)
  • RtlVirtualUnwind (Address: 0x18001cc30)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x18001cc40)
api-ms-win-core-timezone-l1-1-1.dll
  • LocalFileTimeToLocalSystemTime (Address: 0x18001cc50)
  • LocalSystemTimeToLocalFileTime (Address: 0x18001cc58)
api-ms-win-crt-private-l1-1-0.dll
  • __C_specific_handler (Address: 0x18001ccb8)
  • _o___std_type_info_destroy_list (Address: 0x18001cce8)
  • _o___stdio_common_vswprintf (Address: 0x18001ccd8)
  • _o__cexit (Address: 0x18001ccd0)
  • _o__configure_narrow_argv (Address: 0x18001ccc8)
  • _o__execute_onexit_table (Address: 0x18001ccc0)
  • _o__initialize_narrow_environment (Address: 0x18001cc68)
  • _o__initialize_onexit_table (Address: 0x18001cc70)
  • _o__itow_s (Address: 0x18001cc78)
  • _o__seh_filter_dll (Address: 0x18001cc80)
  • _o__wcsicmp (Address: 0x18001cc90)
  • _o__wtoi (Address: 0x18001cc98)
  • _o_bsearch (Address: 0x18001cca0)
  • _o_free (Address: 0x18001cca8)
  • _o_rand_s (Address: 0x18001ccb0)
  • memcmp (Address: 0x18001ccf0)
  • memcpy (Address: 0x18001cc88)
  • wcschr (Address: 0x18001cce0)
api-ms-win-crt-runtime-l1-1-0.dll
  • _initterm (Address: 0x18001cd08)
  • _initterm_e (Address: 0x18001cd00)
api-ms-win-crt-string-l1-1-0.dll
  • memset (Address: 0x18001cd18)
api-ms-win-power-setting-l1-1-0.dll
  • PowerSettingRegisterNotification (Address: 0x18001cd28)
  • PowerSettingUnregisterNotification (Address: 0x18001cd30)
KERNEL32.dll
  • CallbackMayRunLong (Address: 0x18001ca88)
  • CancelWaitableTimer (Address: 0x18001ca80)
  • CloseHandle (Address: 0x18001c928)
  • CloseThreadpool (Address: 0x18001cac0)
  • CloseThreadpoolCleanupGroup (Address: 0x18001c940)
  • CloseThreadpoolCleanupGroupMembers (Address: 0x18001c948)
  • CloseThreadpoolTimer (Address: 0x18001ca70)
  • CloseThreadpoolWork (Address: 0x18001cac8)
  • CompareFileTime (Address: 0x18001c930)
  • CompareStringOrdinal (Address: 0x18001ca00)
  • CompareStringW (Address: 0x18001ca18)
  • CreateEventW (Address: 0x18001c908)
  • CreateFileMappingW (Address: 0x18001c988)
  • CreateFileW (Address: 0x18001c9a0)
  • CreateThread (Address: 0x18001c918)
  • CreateThreadpool (Address: 0x18001cab0)
  • CreateThreadpoolCleanupGroup (Address: 0x18001c958)
  • CreateThreadpoolTimer (Address: 0x18001ca58)
  • CreateThreadpoolWork (Address: 0x18001ca30)
  • CreateWaitableTimerExW (Address: 0x18001ca38)
  • EnterCriticalSection (Address: 0x18001ca08)
  • FileTimeToSystemTime (Address: 0x18001ca28)
  • FindResourceExW (Address: 0x18001c9b8)
  • FreeLibrary (Address: 0x18001c9e0)
  • GetCurrentThread (Address: 0x18001c920)
  • GetDynamicTimeZoneInformation (Address: 0x18001c978)
  • GetLastError (Address: 0x18001ca10)
  • GetProcAddress (Address: 0x18001c9e8)
  • GetProcessHeap (Address: 0x18001ca40)
  • GetSystemDirectoryW (Address: 0x18001c9c8)
  • GetSystemTime (Address: 0x18001c9d0)
  • GetTickCount64 (Address: 0x18001c950)
  • GetTimeZoneInformation (Address: 0x18001c9f0)
  • GetTimeZoneInformationForYear (Address: 0x18001cad0)
  • GetVersionExW (Address: 0x18001c998)
  • HeapAlloc (Address: 0x18001ca50)
  • HeapFree (Address: 0x18001caa0)
  • InitializeConditionVariable (Address: 0x18001c938)
  • InitOnceExecuteOnce (Address: 0x18001cab8)
  • LeaveCriticalSection (Address: 0x18001c9f8)
  • LoadLibraryExW (Address: 0x18001c9d8)
  • LoadResource (Address: 0x18001c9b0)
  • LockResource (Address: 0x18001c9c0)
  • MapViewOfFile (Address: 0x18001c980)
  • ResumeThread (Address: 0x18001c900)
  • SearchPathW (Address: 0x18001c9a8)
  • SetEvent (Address: 0x18001c910)
  • SetLastError (Address: 0x18001ca98)
  • SetThreadpoolThreadMaximum (Address: 0x18001ca78)
  • SetThreadpoolThreadMinimum (Address: 0x18001ca90)
  • SetThreadpoolTimer (Address: 0x18001ca60)
  • SetWaitableTimer (Address: 0x18001caa8)
  • SetWaitableTimerEx (Address: 0x18001ca68)
  • SleepConditionVariableSRW (Address: 0x18001c968)
  • SubmitThreadpoolWork (Address: 0x18001ca48)
  • SystemTimeToFileTime (Address: 0x18001c960)
  • SystemTimeToTzSpecificLocalTime (Address: 0x18001cad8)
  • TzSpecificLocalTimeToSystemTime (Address: 0x18001ca20)
  • UnmapViewOfFile (Address: 0x18001c990)
  • WaitForMultipleObjectsEx (Address: 0x18001c8f0)
  • WaitForSingleObject (Address: 0x18001c8f8)
  • WakeConditionVariable (Address: 0x18001c970)
ntdll.dll
  • EtwGetTraceEnableFlags (Address: 0x18001ce30)
  • EtwGetTraceEnableLevel (Address: 0x18001ce20)
  • EtwGetTraceLoggerHandle (Address: 0x18001ce28)
  • EtwRegisterTraceGuidsW (Address: 0x18001ce18)
  • EtwTraceMessage (Address: 0x18001cdd8)
  • EtwUnregisterTraceGuids (Address: 0x18001ce38)
  • NtCreateWnfStateName (Address: 0x18001cd50)
  • NtDeleteWnfStateName (Address: 0x18001cd58)
  • NtPowerInformation (Address: 0x18001cd98)
  • NtQueryWnfStateData (Address: 0x18001cda0)
  • NtSetThreadExecutionState (Address: 0x18001cd88)
  • RtlAbsoluteToSelfRelativeSD (Address: 0x18001cdf8)
  • RtlAcquireSRWLockExclusive (Address: 0x18001cdc8)
  • RtlAcquireSRWLockShared (Address: 0x18001cdc0)
  • RtlAddAccessAllowedAce (Address: 0x18001ce40)
  • RtlCopySid (Address: 0x18001cd70)
  • RtlCreateAcl (Address: 0x18001cdf0)
  • RtlCreateSecurityDescriptor (Address: 0x18001cde8)
  • RtlInitializeSRWLock (Address: 0x18001cde0)
  • RtlIsMultiSessionSku (Address: 0x18001cd90)
  • RtlLengthSecurityDescriptor (Address: 0x18001cd68)
  • RtlLengthSid (Address: 0x18001cd78)
  • RtlNtStatusToDosError (Address: 0x18001cd80)
  • RtlPublishWnfStateData (Address: 0x18001cda8)
  • RtlReleaseSRWLockExclusive (Address: 0x18001cdd0)
  • RtlReleaseSRWLockShared (Address: 0x18001cdb8)
  • RtlSetDaclSecurityDescriptor (Address: 0x18001cd48)
  • RtlSetOwnerSecurityDescriptor (Address: 0x18001cd60)
  • RtlSubscribeWnfStateChangeNotification (Address: 0x18001cdb0)
  • RtlTestAndPublishWnfStateData (Address: 0x18001ce08)
  • RtlTryAcquireSRWLockShared (Address: 0x18001cd40)
  • RtlUnsubscribeWnfNotificationWaitForCompletion (Address: 0x18001ce00)
  • RtlWaitForWnfMetaNotification (Address: 0x18001ce10)
RPCRT4.dll
  • NdrServerCall2 (Address: 0x18001cb30)
  • NdrServerCallAll (Address: 0x18001cb50)
  • RpcBindingVectorFree (Address: 0x18001cb18)
  • RpcImpersonateClient (Address: 0x18001cb38)
  • RpcRevertToSelf (Address: 0x18001cb40)
  • RpcServerInqCallAttributesW (Address: 0x18001cb48)
  • RpcServerRegisterIfEx (Address: 0x18001cae8)
  • RpcServerUnregisterIfEx (Address: 0x18001cb08)
  • RpcServerUseProtseqEpW (Address: 0x18001cb10)
  • RpcStringFreeW (Address: 0x18001cb20)
  • UuidEqual (Address: 0x18001caf0)
  • UuidFromStringW (Address: 0x18001cb00)
  • UuidIsNil (Address: 0x18001caf8)
  • UuidToStringW (Address: 0x18001cb28)