DiagnosticInvoker.dll

Description: Microsoft Windows operating system.

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.4355

Architecture: 64-bit

Operating System: Windows NT

SHA256: fc5a556d4f74cd4693db7e8c6d7ae75e

File Size: 103.0 KB

Uploaded At: Dec. 1, 2025, 7:26 a.m.

Views: 8

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

  • DllGetActivationFactory (Ordinal: 1, Address: 0x4db0)
  • DllCanUnloadNow (Ordinal: 2, Address: 0x4c10)
  • DllGetClassObject (Ordinal: 3, Address: 0x4c80)

Imported DLLs & Functions

api-ms-win-core-com-l1-1-0.dll
  • CoCreateFreeThreadedMarshaler (Address: 0x180012a28)
  • CoCreateInstance (Address: 0x180012a60)
  • CoGetCallContext (Address: 0x180012a30)
  • CoGetInterfaceAndReleaseStream (Address: 0x180012a58)
  • CoMarshalInterface (Address: 0x180012a50)
  • CoReleaseMarshalData (Address: 0x180012a40)
  • CoTaskMemAlloc (Address: 0x180012a38)
  • CreateStreamOnHGlobal (Address: 0x180012a48)
api-ms-win-core-com-l1-1-1.dll
  • RoGetAgileReference (Address: 0x180012a70)
api-ms-win-core-com-midlproxystub-l1-1-0.dll
  • CStdStubBuffer2_Connect (Address: 0x180012aa0)
  • CStdStubBuffer2_CountRefs (Address: 0x180012aa8)
  • CStdStubBuffer2_Disconnect (Address: 0x180012a80)
  • CStdStubBuffer2_QueryInterface (Address: 0x180012ab8)
  • NdrProxyForwardingFunction3 (Address: 0x180012ad8)
  • NdrProxyForwardingFunction4 (Address: 0x180012ae0)
  • NdrProxyForwardingFunction5 (Address: 0x180012a98)
  • ObjectStublessClient10 (Address: 0x180012ac0)
  • ObjectStublessClient3 (Address: 0x180012ad0)
  • ObjectStublessClient6 (Address: 0x180012ac8)
  • ObjectStublessClient7 (Address: 0x180012ab0)
  • ObjectStublessClient8 (Address: 0x180012a88)
  • ObjectStublessClient9 (Address: 0x180012a90)
api-ms-win-core-debug-l1-1-0.dll
  • DebugBreak (Address: 0x180012af8)
  • IsDebuggerPresent (Address: 0x180012af0)
  • OutputDebugStringW (Address: 0x180012b00)
api-ms-win-core-errorhandling-l1-1-0.dll
  • GetLastError (Address: 0x180012b30)
  • RaiseException (Address: 0x180012b28)
  • SetLastError (Address: 0x180012b20)
  • SetUnhandledExceptionFilter (Address: 0x180012b10)
  • UnhandledExceptionFilter (Address: 0x180012b18)
api-ms-win-core-handle-l1-1-0.dll
  • CloseHandle (Address: 0x180012b40)
api-ms-win-core-heap-l1-1-0.dll
  • GetProcessHeap (Address: 0x180012b50)
  • HeapAlloc (Address: 0x180012b58)
  • HeapFree (Address: 0x180012b60)
api-ms-win-core-interlocked-l1-1-0.dll
  • InitializeSListHead (Address: 0x180012b70)
api-ms-win-core-libraryloader-l1-2-0.dll
  • DisableThreadLibraryCalls (Address: 0x180012b80)
  • GetModuleFileNameA (Address: 0x180012b88)
  • GetModuleHandleExW (Address: 0x180012b90)
  • GetModuleHandleW (Address: 0x180012ba0)
  • GetProcAddress (Address: 0x180012b98)
api-ms-win-core-localization-l1-2-0.dll
  • FormatMessageW (Address: 0x180012bb0)
api-ms-win-core-processthreads-l1-1-0.dll
  • GetCurrentProcess (Address: 0x180012bc0)
  • GetCurrentProcessId (Address: 0x180012bd0)
  • GetCurrentThreadId (Address: 0x180012be0)
  • OpenProcessToken (Address: 0x180012bc8)
  • TerminateProcess (Address: 0x180012bd8)
api-ms-win-core-processthreads-l1-1-1.dll
  • IsProcessorFeaturePresent (Address: 0x180012bf8)
  • OpenProcess (Address: 0x180012bf0)
api-ms-win-core-profile-l1-1-0.dll
  • QueryPerformanceCounter (Address: 0x180012c08)
  • QueryPerformanceFrequency (Address: 0x180012c10)
api-ms-win-core-registry-l1-1-0.dll
  • RegOpenKeyExW (Address: 0x180012c20)
  • RegQueryValueExW (Address: 0x180012c28)
api-ms-win-core-rtlsupport-l1-1-0.dll
  • RtlCaptureContext (Address: 0x180012c40)
  • RtlLookupFunctionEntry (Address: 0x180012c48)
  • RtlVirtualUnwind (Address: 0x180012c38)
api-ms-win-core-synch-l1-1-0.dll
  • AcquireSRWLockExclusive (Address: 0x180012c88)
  • AcquireSRWLockShared (Address: 0x180012c70)
  • CreateMutexExW (Address: 0x180012ca0)
  • CreateSemaphoreExW (Address: 0x180012c80)
  • OpenSemaphoreW (Address: 0x180012ca8)
  • ReleaseMutex (Address: 0x180012c58)
  • ReleaseSemaphore (Address: 0x180012c68)
  • ReleaseSRWLockExclusive (Address: 0x180012c90)
  • ReleaseSRWLockShared (Address: 0x180012c78)
  • WaitForSingleObject (Address: 0x180012c60)
  • WaitForSingleObjectEx (Address: 0x180012c98)
api-ms-win-core-synch-l1-2-0.dll
  • InitOnceExecuteOnce (Address: 0x180012cb8)
api-ms-win-core-sysinfo-l1-1-0.dll
  • GetSystemTimeAsFileTime (Address: 0x180012cd0)
  • GetTickCount64 (Address: 0x180012cc8)
api-ms-win-core-util-l1-1-0.dll
  • DecodePointer (Address: 0x180012ce0)
  • EncodePointer (Address: 0x180012ce8)
api-ms-win-core-winrt-error-l1-1-0.dll
  • GetRestrictedErrorInfo (Address: 0x180012d08)
  • RoOriginateError (Address: 0x180012d10)
  • RoOriginateErrorW (Address: 0x180012cf8)
  • RoTransformError (Address: 0x180012d00)
  • SetRestrictedErrorInfo (Address: 0x180012d18)
api-ms-win-core-winrt-error-l1-1-1.dll
  • IsErrorPropagationEnabled (Address: 0x180012d30)
  • RoGetMatchingRestrictedErrorInfo (Address: 0x180012d28)
  • RoReportFailedDelegate (Address: 0x180012d38)
api-ms-win-core-winrt-l1-1-0.dll
  • RoActivateInstance (Address: 0x180012d50)
  • RoGetActivationFactory (Address: 0x180012d48)
api-ms-win-core-winrt-string-l1-1-0.dll
  • HSTRING_UserFree (Address: 0x180012db0)
  • HSTRING_UserFree64 (Address: 0x180012dc0)
  • HSTRING_UserMarshal (Address: 0x180012dc8)
  • HSTRING_UserMarshal64 (Address: 0x180012da8)
  • HSTRING_UserSize (Address: 0x180012dd0)
  • HSTRING_UserSize64 (Address: 0x180012db8)
  • HSTRING_UserUnmarshal (Address: 0x180012da0)
  • HSTRING_UserUnmarshal64 (Address: 0x180012d98)
  • WindowsCreateString (Address: 0x180012d78)
  • WindowsCreateStringReference (Address: 0x180012d60)
  • WindowsDeleteString (Address: 0x180012d70)
  • WindowsDuplicateString (Address: 0x180012d68)
  • WindowsGetStringRawBuffer (Address: 0x180012d80)
  • WindowsIsStringEmpty (Address: 0x180012d90)
  • WindowsStringHasEmbeddedNull (Address: 0x180012d88)
api-ms-win-crt-private-l1-1-0.dll
  • __C_specific_handler (Address: 0x180012e38)
  • __CxxFrameHandler3 (Address: 0x180012e40)
  • __CxxFrameHandler4 (Address: 0x180012eb8)
  • __std_terminate (Address: 0x180012eb0)
  • _CxxThrowException (Address: 0x180012e48)
  • _o___std_exception_copy (Address: 0x180012ea0)
  • _o___std_exception_destroy (Address: 0x180012e98)
  • _o___std_type_info_destroy_list (Address: 0x180012e90)
  • _o___stdio_common_vsnprintf_s (Address: 0x180012e78)
  • _o___stdio_common_vsprintf_s (Address: 0x180012e70)
  • _o___stdio_common_vswprintf (Address: 0x180012e68)
  • _o__callnewh (Address: 0x180012e60)
  • _o__cexit (Address: 0x180012e58)
  • _o__configure_narrow_argv (Address: 0x180012e50)
  • _o__crt_atexit (Address: 0x180012ea8)
  • _o__errno (Address: 0x180012e88)
  • _o__execute_onexit_table (Address: 0x180012e80)
  • _o__initialize_narrow_environment (Address: 0x180012de0)
  • _o__initialize_onexit_table (Address: 0x180012de8)
  • _o__invalid_parameter_noinfo (Address: 0x180012df0)
  • _o__purecall (Address: 0x180012df8)
  • _o__register_onexit_function (Address: 0x180012e00)
  • _o__seh_filter_dll (Address: 0x180012e08)
  • _o_calloc (Address: 0x180012e18)
  • _o_free (Address: 0x180012e20)
  • _o_malloc (Address: 0x180012e28)
  • _o_terminate (Address: 0x180012e30)
  • memcmp (Address: 0x180012ec0)
  • memcpy (Address: 0x180012e10)
api-ms-win-crt-runtime-l1-1-0.dll
  • _initterm (Address: 0x180012ed0)
  • _initterm_e (Address: 0x180012ed8)
api-ms-win-crt-string-l1-1-0.dll
  • memset (Address: 0x180012ee8)
api-ms-win-eventing-provider-l1-1-0.dll
  • EventRegister (Address: 0x180012f00)
  • EventSetInformation (Address: 0x180012f08)
  • EventUnregister (Address: 0x180012f10)
  • EventWriteTransfer (Address: 0x180012ef8)
api-ms-win-security-base-l1-1-0.dll
  • DuplicateTokenEx (Address: 0x180012f20)
  • GetTokenInformation (Address: 0x180012f28)
api-ms-win-security-capability-l1-1-0.dll
  • CapabilityCheck (Address: 0x180012f38)
api-ms-win-shcore-taskpool-l1-1-0.dll
  • SHTaskPoolAllowThreadReuse (Address: 0x180012f48)
  • SHTaskPoolQueueTask (Address: 0x180012f50)
ntdll.dll
  • RtlGetDeviceFamilyInfoEnum (Address: 0x180012f60)
RPCRT4.dll
  • CStdStubBuffer_AddRef (Address: 0x180012940)
  • CStdStubBuffer_Connect (Address: 0x180012990)
  • CStdStubBuffer_CountRefs (Address: 0x180012950)
  • CStdStubBuffer_DebugServerQueryInterface (Address: 0x180012930)
  • CStdStubBuffer_DebugServerRelease (Address: 0x180012968)
  • CStdStubBuffer_Disconnect (Address: 0x180012970)
  • CStdStubBuffer_Invoke (Address: 0x1800129a0)
  • CStdStubBuffer_IsIIDSupported (Address: 0x180012988)
  • CStdStubBuffer_QueryInterface (Address: 0x180012958)
  • IUnknown_AddRef_Proxy (Address: 0x1800129c8)
  • IUnknown_QueryInterface_Proxy (Address: 0x180012978)
  • IUnknown_Release_Proxy (Address: 0x180012948)
  • NdrClientCall3 (Address: 0x1800129d8)
  • NdrCStdStubBuffer_Release (Address: 0x1800129a8)
  • NdrCStdStubBuffer2_Release (Address: 0x1800129d0)
  • NdrDllCanUnloadNow (Address: 0x1800129b0)
  • NdrDllGetClassObject (Address: 0x1800129b8)
  • NdrOleAllocate (Address: 0x180012960)
  • NdrOleFree (Address: 0x180012938)
  • NdrRpcSmClientAllocate (Address: 0x1800129e8)
  • NdrRpcSmClientFree (Address: 0x180012a18)
  • NdrServerCall2 (Address: 0x1800129e0)
  • NdrServerCallAll (Address: 0x180012a10)
  • NdrStubCall3 (Address: 0x180012980)
  • NdrStubForwardingFunction (Address: 0x180012998)
  • RpcBindingFree (Address: 0x1800129f0)
  • RpcBindingFromStringBindingW (Address: 0x180012a00)
  • RpcStringBindingComposeW (Address: 0x180012a08)
  • RpcStringFreeW (Address: 0x1800129f8)
  • UuidCreate (Address: 0x1800129c0)