| filename | advapi32.dll | |
|---|---|---|
| size | 640512 (0x9c600) | |
| md5 | d67472125471784de7147946eda25feb | |
| type | PE32 executable (DLL) (console) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xe0 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 149 | 30729 | 11 |
| 1 | 0 | 659 |
| 147 | 30729 | 27 |
| 146 | 30729 | 1 |
| 132 | 30729 | 18 |
| 131 | 30729 | 128 |
| 148 | 30729 | 1 |
| 145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
| name | va | vsize | raw size | flags | |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x71ec5 | 0x72000 | R-X CODE | |
| .data | 0x73000 | 0x3588 | 0x2e00 | RW- IDATA | |
| .rsrc | 0x77000 | 0x23140 | 0x23200 | R-- IDATA | |
| .reloc | 0x9b000 | 0x4050 | 0x4200 | R-- IDATA DISCARDABLE |
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| msvcrt.dll | 1228 | iswctype | |
| msvcrt.dll | 1031 | _wcstoui64 | |
| msvcrt.dll | 404 | _ftol2 | |
| msvcrt.dll | 1337 | tolower | |
| msvcrt.dll | 926 | _ultow | |
| msvcrt.dll | 1382 | wcstok | |
| msvcrt.dll | 1213 | isalnum | |
| msvcrt.dll | 1222 | isspace | |
| msvcrt.dll | 342 | _errno | |
| msvcrt.dll | 1253 | mbstowcs | |
| msvcrt.dll | 345 | _except_handler4_common | |
| msvcrt.dll | 1361 | wcschr | |
| msvcrt.dll | 1376 | wcsrchr | |
| msvcrt.dll | 1262 | memset | |
| msvcrt.dll | 1260 | memmove | |
| msvcrt.dll | 1007 | _wcsicmp | |
| msvcrt.dll | 974 | _vsnwprintf | |
| msvcrt.dll | 1258 | memcpy | |
| msvcrt.dll | 1365 | wcscpy_s | |
| msvcrt.dll | 862 | _stricmp | |
| msvcrt.dll | 1299 | strchr | |
| msvcrt.dll | 1316 | strrchr | |
| msvcrt.dll | 1318 | strstr | |
| msvcrt.dll | 968 | _vsnprintf | |
| msvcrt.dll | 1385 | wcstombs | |
| msvcrt.dll | 1380 | wcsstr | |
| msvcrt.dll | 1326 | swprintf_s | |
| msvcrt.dll | 1373 | wcsncpy_s | |
| msvcrt.dll | 1371 | wcsncmp | |
| msvcrt.dll | 1328 | swscanf_s | |
| msvcrt.dll | 1017 | _wcsnicmp | |
| msvcrt.dll | 1387 | wcstoul | |
| msvcrt.dll | 1360 | wcscat_s | |
| ntdll.dll | 1132 | RtlRunOnceExecuteOnce | |
| ntdll.dll | 122 | LdrLoadDll | |
| ntdll.dll | 115 | LdrGetProcedureAddress | |
| ntdll.dll | 1130 | RtlRunOnceBeginInitialize | |
| ntdll.dll | 147 | LdrUnloadDll | |
| ntdll.dll | 347 | NtOpenKey | |
| ntdll.dll | 431 | NtQueryValueKey | |
| ntdll.dll | 356 | NtOpenProcessToken | |
| ntdll.dll | 402 | NtQueryInformationToken | |
| ntdll.dll | 213 | NtClose | |
| ntdll.dll | 910 | RtlImageNtHeader | |
| ntdll.dll | 59 | EtwEventWriteEx | |
| ntdll.dll | 1 | ||
| ntdll.dll | 839 | RtlFreeAnsiString | |
| ntdll.dll | 860 | RtlGetCurrentTransaction | |
| ntdll.dll | 32 | DbgPrint | |
| ntdll.dll | 780 | RtlEnterCriticalSection | |
| ntdll.dll | 1005 | RtlLeaveCriticalSection | |
| ntdll.dll | 989 | RtlIsTextUnicode | |
| ntdll.dll | 1219 | RtlUnicodeStringToAnsiString | |
| ntdll.dll | 1226 | RtlUnicodeToMultiByteSize | |
| ntdll.dll | 1008 | RtlLengthSid | |
| ntdll.dll | 682 | RtlCopyUnicodeString | |
| ntdll.dll | 1053 | RtlOemStringToUnicodeString | |
| ntdll.dll | 916 | RtlInitAnsiString | |
| ntdll.dll | 617 | RtlAnsiStringToUnicodeString | |
| ntdll.dll | 846 | RtlFreeUnicodeString | |
| ntdll.dll | 925 | RtlInitUnicodeString | |
| ntdll.dll | 760 | RtlDosPathNameToNtPathName_U | |
| ntdll.dll | 841 | RtlFreeHeap | |
| ntdll.dll | 612 | RtlAllocateHeap | |
| ntdll.dll | 1045 | RtlNtStatusToDosError | |
| ntdll.dll | 731 | RtlDeleteCriticalSection | |
| ntdll.dll | 932 | RtlInitializeCriticalSection | |
| ntdll.dll | 651 | RtlCompareMemory | |
| ntdll.dll | 1311 | RtlxUnicodeStringToAnsiSize | |
| ntdll.dll | 161 | NlsMbCodePageTag | |
| ntdll.dll | 1028 | RtlMakeSelfRelativeSD | |
| ntdll.dll | 926 | RtlInitUnicodeStringEx | |
| ntdll.dll | 1309 | RtlxAnsiStringToUnicodeSize | |
| ntdll.dll | 500 | NtSetInformationThread | |
| ntdll.dll | 364 | NtOpenThreadToken | |
| ntdll.dll | 1094 | RtlRandom | |
| ntdll.dll | 428 | NtQuerySystemTime | |
| ntdll.dll | 883 | RtlGetNtProductType | |
| ntdll.dll | 896 | RtlGetThreadPreferredUILanguages | |
| ntdll.dll | 1191 | RtlSubAuthoritySid | |
| ntdll.dll | 1190 | RtlSubAuthorityCountSid | |
| ntdll.dll | 679 | RtlCopySid | |
| ntdll.dll | 1221 | RtlUnicodeStringToInteger | |
| ntdll.dll | 667 | RtlConvertSidToUnicodeString | |
| ntdll.dll | 611 | RtlAllocateHandle | |
| ntdll.dll | 992 | RtlIsValidIndexHandle | |
| ntdll.dll | 840 | RtlFreeHandle | |
| ntdll.dll | 792 | RtlEqualSid | |
| ntdll.dll | 501 | NtSetInformationToken | |
| ntdll.dll | 587 | RtlAddAccessAllowedAceEx | |
| ntdll.dll | 844 | RtlFreeSid | |
| ntdll.dll | 610 | RtlAllocateAndInitializeSid | |
| ntdll.dll | 219 | NtCompareTokens | |
| ntdll.dll | 276 | NtDuplicateToken | |
| ntdll.dll | 1161 | RtlSetOwnerSecurityDescriptor | |
| ntdll.dll | 700 | RtlCreateSecurityDescriptor | |
| ntdll.dll | 786 | RtlEnumerateGenericTableWithoutSplaying | |
| ntdll.dll | 984 | RtlIsGenericTableEmpty | |
| ntdll.dll | 399 | NtQueryInformationProcess | |
| ntdll.dll | 409 | NtQueryKey | |
| ntdll.dll | 874 | RtlGetLastNtStatus | |
| ntdll.dll | 271 | NtDeviceIoControlFile | |
| ntdll.dll | 344 | NtOpenFile | |
| ntdll.dll | 803 | RtlExpandEnvironmentStrings_U | |
| ntdll.dll | 769 | RtlDuplicateUnicodeString | |
| ntdll.dll | 706 | RtlCreateUnicodeString | |
| ntdll.dll | 57 | EtwEventWrite | |
| ntdll.dll | 55 | EtwEventRegister | |
| ntdll.dll | 233 | NtCreateKey | |
| ntdll.dll | 523 | NtSetValueKey | |
| ntdll.dll | 732 | RtlDeleteElementGenericTable | |
| ntdll.dll | 267 | NtDeleteKey | |
| ntdll.dll | 622 | RtlAppendUnicodeToString | |
| ntdll.dll | 946 | RtlInsertElementGenericTable | |
| ntdll.dll | 939 | RtlInitializeHandleTable | |
| ntdll.dll | 56 | EtwEventUnregister | |
| ntdll.dll | 747 | RtlDestroyHandleTable | |
| ntdll.dll | 280 | NtEnumerateKey | |
| ntdll.dll | 953 | RtlIntegerToUnicodeString | |
| ntdll.dll | 621 | RtlAppendUnicodeStringToString | |
| ntdll.dll | 1189 | RtlStringFromGUID | |
| ntdll.dll | 835 | RtlFormatCurrentUserKeyPath | |
| ntdll.dll | 937 | RtlInitializeGenericTable | |
| ntdll.dll | 1023 | RtlLookupElementGenericTable | |
| ntdll.dll | 1085 | RtlQueryRegistryValues | |
| ntdll.dll | 1047 | RtlNumberGenericTableElements | |
| ntdll.dll | 1256 | RtlValidSid | |
| ntdll.dll | 848 | RtlGUIDFromString | |
| ntdll.dll | 1238 | RtlUpcaseUnicodeChar | |
| ntdll.dll | 433 | NtQueryVolumeInformationFile | |
| ntdll.dll | 1061 | RtlPrefixUnicodeString | |
| ntdll.dll | 423 | NtQuerySymbolicLinkObject | |
| ntdll.dll | 362 | NtOpenSymbolicLinkObject | |
| ntdll.dll | 754 | RtlDetermineDosPathNameType_U | |
| ntdll.dll | 396 | NtQueryInformationFile | |
| ntdll.dll | 869 | RtlGetFullPathName_U | |
| ntdll.dll | 1046 | RtlNtStatusToDosErrorNoTeb | |
| ntdll.dll | 1225 | RtlUnicodeToMultiByteN | |
| ntdll.dll | 1033 | RtlMultiByteToUnicodeN | |
| ntdll.dll | 615 | RtlAnsiCharToUnicodeChar | |
| ntdll.dll | 756 | RtlDllShutdownInProgress | |
| ntdll.dll | 227 | NtCreateEvent | |
| ntdll.dll | 536 | NtTerminateThread | |
| ntdll.dll | 556 | NtWaitForSingleObject | |
| ntdll.dll | 488 | NtSetEvent | |
| ntdll.dll | 212 | NtClearEvent | |
| ntdll.dll | 262 | NtDelayExecution | |
| ntdll.dll | 801 | RtlExitUserThread | |
| ntdll.dll | 1103 | RtlRegisterThreadWithCsrss | |
| ntdll.dll | 208 | NtCancelIoFile | |
| ntdll.dll | 554 | NtWaitForMultipleObjects | |
| ntdll.dll | 275 | NtDuplicateObject | |
| ntdll.dll | 1109 | RtlReleaseRelativeName | |
| ntdll.dll | 229 | NtCreateFile | |
| ntdll.dll | 762 | RtlDosPathNameToRelativeNtPathName_U | |
| ntdll.dll | 1158 | RtlSetLastWin32Error | |
| ntdll.dll | 540 | NtTraceControl | |
| ntdll.dll | 76 | EtwSendNotification | |
| ntdll.dll | 50 | EtwDeliverDataBlock | |
| ntdll.dll | 51 | EtwEnumerateProcessRegGuids | |
| ntdll.dll | 515 | NtSetSystemInformation | |
| ntdll.dll | 1089 | RtlQueryTimeZoneInformation | |
| ntdll.dll | 1080 | RtlQueryPerformanceFrequency | |
| ntdll.dll | 84 | EtwpGetCpuSpeed | |
| ntdll.dll | 426 | NtQuerySystemInformation | |
| ntdll.dll | 416 | NtQueryPerformanceCounter | |
| ntdll.dll | 929 | RtlInitializeBitMap | |
| ntdll.dll | 880 | RtlGetNativeSystemInformation | |
| ntdll.dll | 954 | RtlInterlockedClearBitRun | |
| ntdll.dll | 683 | RtlCreateAcl | |
| ntdll.dll | 541 | NtTraceEvent | |
| ntdll.dll | 1073 | RtlQueryHeapInformation | |
| ntdll.dll | 752 | RtlDestroyQueryDebugBuffer | |
| ntdll.dll | 1082 | RtlQueryProcessDebugInformation | |
| ntdll.dll | 698 | RtlCreateQueryDebugBuffer | |
| ntdll.dll | 608 | RtlAdjustPrivilege | |
| ntdll.dll | 914 | RtlImpersonateSelf | |
| ntdll.dll | 71 | EtwProcessPrivateLoggerRequest | |
| ntdll.dll | 370 | NtPowerInformation | |
| ntdll.dll | 966 | RtlIpv4AddressToStringW | |
| ntdll.dll | 974 | RtlIpv6AddressToStringW | |
| ntdll.dll | 917 | RtlInitAnsiStringEx | |
| ntdll.dll | 654 | RtlCompareUnicodeString | |
| ntdll.dll | 707 | RtlCreateUnicodeStringFromAsciiz | |
| ntdll.dll | 455 | NtRenameKey | |
| ntdll.dll | 323 | NtLoadKeyEx | |
| ntdll.dll | 945 | RtlInitializeSid | |
| ntdll.dll | 831 | RtlFirstFreeAce | |
| ntdll.dll | 1253 | RtlValidAcl | |
| ntdll.dll | 592 | RtlAddAce | |
| ntdll.dll | 598 | RtlAddAuditAccessObjectAce | |
| ntdll.dll | 591 | RtlAddAccessDeniedObjectAce | |
| ntdll.dll | 590 | RtlAddAccessDeniedAceEx | |
| ntdll.dll | 597 | RtlAddAuditAccessAceEx | |
| ntdll.dll | 588 | RtlAddAccessAllowedObjectAce | |
| ntdll.dll | 854 | RtlGetControlSecurityDescriptor | |
| ntdll.dll | 890 | RtlGetSaclSecurityDescriptor | |
| ntdll.dll | 861 | RtlGetDaclSecurityDescriptor | |
| ntdll.dll | 872 | RtlGetGroupSecurityDescriptor | |
| ntdll.dll | 885 | RtlGetOwnerSecurityDescriptor | |
| ntdll.dll | 575 | RtlAbsoluteToSelfRelativeSD | |
| ntdll.dll | 1165 | RtlSetSaclSecurityDescriptor | |
| ntdll.dll | 1148 | RtlSetDaclSecurityDescriptor | |
| ntdll.dll | 1154 | RtlSetGroupSecurityDescriptor | |
| ntdll.dll | 681 | RtlCopyString | |
| ntdll.dll | 1198 | RtlTimeToSecondsSince1970 | |
| ntdll.dll | 1112 | RtlReleaseSRWLockShared | |
| ntdll.dll | 582 | RtlAcquireSRWLockShared | |
| ntdll.dll | 1111 | RtlReleaseSRWLockExclusive | |
| ntdll.dll | 581 | RtlAcquireSRWLockExclusive | |
| ntdll.dll | 401 | NtQueryInformationThread | |
| ntdll.dll | 944 | RtlInitializeSRWLock | |
| ntdll.dll | 794 | RtlEqualUnicodeString | |
| ntdll.dll | 413 | NtQueryObject | |
| ntdll.dll | 412 | NtQueryMutant | |
| ntdll.dll | 199 | NtAlpcQueryInformation | |
| ntdll.dll | 586 | RtlAddAccessAllowedAce | |
| ntdll.dll | 234 | NtCreateKeyTransacted | |
| ntdll.dll | 1055 | RtlOpenCurrentUser | |
| ntdll.dll | 349 | NtOpenKeyTransacted | |
| ntdll.dll | 411 | NtQueryMultipleValueKey | |
| ntdll.dll | 348 | NtOpenKeyEx | |
| ntdll.dll | 350 | NtOpenKeyTransactedEx | |
| ntdll.dll | 1254 | RtlValidRelativeSecurityDescriptor | |
| ntdll.dll | 457 | NtReplaceKey | |
| ntdll.dll | 474 | NtSaveKey | |
| ntdll.dll | 476 | NtSaveMergedKeys | |
| ntdll.dll | 421 | NtQuerySecurityObject | |
| ntdll.dll | 68 | EtwLogTraceEvent | |
| ntdll.dll | 902 | RtlGetVersion | |
| ntdll.dll | 438 | NtReadFile | |
| ntdll.dll | 561 | NtWriteFile | |
| ntdll.dll | 1096 | RtlReAllocateHeap | |
| ntdll.dll | 1007 | RtlLengthSecurityDescriptor | |
| ntdll.dll | 1255 | RtlValidSecurityDescriptor | |
| KERNELBASE.dll | 138 | EnumUILanguagesW | |
| KERNELBASE.dll | 332 | GetUserDefaultUILanguage | |
| KERNELBASE.dll | 306 | GetSystemDefaultUILanguage | |
| KERNELBASE.dll | 27 | AreFileApisANSI | |
| API-MS-WIN-Service-Core-L1-1-0.dll | RegisterServiceCtrlHandlerExW | ||
| API-MS-WIN-Service-Core-L1-1-0.dll | 2 | StartServiceCtrlDispatcherW | |
| API-MS-WIN-Service-Core-L1-1-0.dll | 1 | SetServiceStatus | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 11 | I_ScRpcBindW | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 25 | StartServiceCtrlDispatcherA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 24 | StartServiceA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 23 | RegisterServiceCtrlHandlerW | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 22 | RegisterServiceCtrlHandlerExA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 21 | RegisterServiceCtrlHandlerA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 20 | QueryServiceStatus | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 19 | QueryServiceConfigA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 18 | QueryServiceConfig2A | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 17 | OpenServiceA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 16 | OpenSCManagerA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 15 | NotifyServiceStatusChangeA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 4 | CreateServiceA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 3 | ControlServiceExA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 2 | ControlService | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 1 | ChangeServiceConfigA | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | ChangeServiceConfig2A | ||
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 10 | I_ScRpcBindA | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 1 | ControlServiceExW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 4 | OpenSCManagerW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 5 | OpenServiceW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 2 | CreateServiceW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 3 | DeleteService | |
| API-MS-WIN-Service-Management-L1-1-0.dll | CloseServiceHandle | ||
| API-MS-WIN-Service-Management-L1-1-0.dll | 6 | StartServiceW | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 3 | QueryServiceConfig2W | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 2 | NotifyServiceStatusChangeW | |
| API-MS-WIN-Service-Management-L2-1-0.dll | ChangeServiceConfig2W | ||
| API-MS-WIN-Service-Management-L2-1-0.dll | 1 | ChangeServiceConfigW | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 4 | QueryServiceConfigW | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 5 | QueryServiceObjectSecurity | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 6 | QueryServiceStatusEx | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 7 | SetServiceObjectSecurity | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 34 | RegSaveKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 22 | RegNotifyChangeKeyValue | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 27 | RegQueryInfoKeyA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 28 | RegQueryInfoKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 29 | RegQueryValueExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 20 | RegLoadMUIStringA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 33 | RegSaveKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 30 | RegQueryValueExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 15 | RegGetKeySecurity | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 35 | RegSetKeySecurity | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 31 | RegRestoreKeyA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 32 | RegRestoreKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 37 | RegSetValueExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 18 | RegLoadKeyA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 19 | RegLoadKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 25 | RegOpenKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 3 | RegDeleteKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 4 | RegDeleteKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 7 | RegDeleteValueA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 8 | RegDeleteValueW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 10 | RegEnumKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 11 | RegEnumKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 12 | RegEnumValueA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 13 | RegEnumValueW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 16 | RegGetValueA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 17 | RegGetValueW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 1 | RegCreateKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 2 | RegCreateKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 14 | RegFlushKey | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 23 | RegOpenCurrentUser | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 24 | RegOpenKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 9 | RegDisablePredefinedCacheEx | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 21 | RegLoadMUIStringW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 26 | RegOpenUserClassesRoot | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 36 | RegSetValueExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 38 | RegUnLoadKeyA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 39 | RegUnLoadKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 6 | RegDeleteTreeW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 5 | RegDeleteTreeA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | RegCloseKey | ||
| API-MS-Win-Core-NamedPipe-L1-1-0.dll | 6 | ImpersonateNamedPipeClient | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 5 | CreateThread | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 12 | GetCurrentThread | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 42 | TerminateProcess | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 10 | GetCurrentProcess | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 16 | GetPriorityClass | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 27 | OpenThread | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 13 | GetCurrentThreadId | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 39 | SetThreadToken | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 28 | OpenThreadToken | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 26 | OpenProcessToken | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 1 | CreateProcessAsUserW | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 11 | GetCurrentProcessId | |
| API-MS-Win-Core-ProcessThreads-L1-1-0.dll | 17 | GetProcessId | |
| API-MS-Win-Security-Base-L1-1-0.dll | 55 | GetSidLengthRequired | |
| API-MS-Win-Security-Base-L1-1-0.dll | 56 | GetSidSubAuthority | |
| API-MS-Win-Security-Base-L1-1-0.dll | 57 | GetSidSubAuthorityCount | |
| API-MS-Win-Security-Base-L1-1-0.dll | 59 | GetWindowsAccountDomainSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 60 | ImpersonateAnonymousToken | |
| API-MS-Win-Security-Base-L1-1-0.dll | 61 | ImpersonateLoggedOnUser | |
| API-MS-Win-Security-Base-L1-1-0.dll | 62 | ImpersonateSelf | |
| API-MS-Win-Security-Base-L1-1-0.dll | 63 | InitializeAcl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 64 | InitializeSecurityDescriptor | |
| API-MS-Win-Security-Base-L1-1-0.dll | 65 | InitializeSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 66 | IsTokenRestricted | |
| API-MS-Win-Security-Base-L1-1-0.dll | 67 | IsValidAcl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 68 | IsValidRelativeSecurityDescriptor | |
| API-MS-Win-Security-Base-L1-1-0.dll | 69 | IsValidSecurityDescriptor | |
| API-MS-Win-Security-Base-L1-1-0.dll | 71 | IsWellKnownSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 72 | MakeAbsoluteSD | |
| API-MS-Win-Security-Base-L1-1-0.dll | 73 | MakeAbsoluteSD2 | |
| API-MS-Win-Security-Base-L1-1-0.dll | 54 | GetSidIdentifierAuthority | |
| API-MS-Win-Security-Base-L1-1-0.dll | 75 | MapGenericMask | |
| API-MS-Win-Security-Base-L1-1-0.dll | 80 | PrivilegeCheck | |
| API-MS-Win-Security-Base-L1-1-0.dll | 82 | QuerySecurityAccessMask | |
| API-MS-Win-Security-Base-L1-1-0.dll | 83 | RevertToSelf | |
| API-MS-Win-Security-Base-L1-1-0.dll | 84 | SetAclInformation | |
| API-MS-Win-Security-Base-L1-1-0.dll | 86 | SetKernelObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 87 | SetPrivateObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 88 | SetPrivateObjectSecurityEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 36 | EqualDomainSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 89 | SetSecurityAccessMask | |
| API-MS-Win-Security-Base-L1-1-0.dll | 90 | SetSecurityDescriptorControl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 91 | SetSecurityDescriptorDacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 92 | SetSecurityDescriptorGroup | |
| API-MS-Win-Security-Base-L1-1-0.dll | 93 | SetSecurityDescriptorOwner | |
| API-MS-Win-Security-Base-L1-1-0.dll | 94 | SetSecurityDescriptorRMControl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 95 | SetSecurityDescriptorSacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 96 | SetTokenInformation | |
| API-MS-Win-Security-Base-L1-1-0.dll | 53 | GetSecurityDescriptorSacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 52 | GetSecurityDescriptorRMControl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 51 | GetSecurityDescriptorOwner | |
| API-MS-Win-Security-Base-L1-1-0.dll | 50 | GetSecurityDescriptorLength | |
| API-MS-Win-Security-Base-L1-1-0.dll | 49 | GetSecurityDescriptorGroup | |
| API-MS-Win-Security-Base-L1-1-0.dll | 48 | GetSecurityDescriptorDacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 47 | GetSecurityDescriptorControl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 46 | GetPrivateObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 45 | GetLengthSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 44 | GetKernelObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 42 | GetAclInformation | |
| API-MS-Win-Security-Base-L1-1-0.dll | 41 | GetAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 40 | FreeSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 39 | FindFirstFreeAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 74 | MakeSelfRelativeSD | |
| API-MS-Win-Security-Base-L1-1-0.dll | 38 | EqualSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 70 | IsValidSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 1 | AccessCheckAndAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 3 | AccessCheckByTypeAndAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 6 | AccessCheckByTypeResultListAndAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 5 | AccessCheckByTypeResultListAndAuditAlarmByHandleW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 78 | ObjectOpenAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 79 | ObjectPrivilegeAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 76 | ObjectCloseAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 77 | ObjectDeleteAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 81 | PrivilegedServiceAuditAlarmW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 85 | SetFileSecurityW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 43 | GetFileSecurityW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 26 | CopySid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 58 | GetTokenInformation | |
| API-MS-Win-Security-Base-L1-1-0.dll | AccessCheck | ||
| API-MS-Win-Security-Base-L1-1-0.dll | 2 | AccessCheckByType | |
| API-MS-Win-Security-Base-L1-1-0.dll | 4 | AccessCheckByTypeResultList | |
| API-MS-Win-Security-Base-L1-1-0.dll | 7 | AddAccessAllowedAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 8 | AddAccessAllowedAceEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 9 | AddAccessAllowedObjectAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 10 | AddAccessDeniedAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 11 | AddAccessDeniedAceEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 12 | AddAccessDeniedObjectAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 13 | AddAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 14 | AddAuditAccessAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 15 | AddAuditAccessAceEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 16 | AddAuditAccessObjectAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 18 | AdjustTokenGroups | |
| API-MS-Win-Security-Base-L1-1-0.dll | 19 | AdjustTokenPrivileges | |
| API-MS-Win-Security-Base-L1-1-0.dll | 20 | AllocateAndInitializeSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 21 | AllocateLocallyUniqueId | |
| API-MS-Win-Security-Base-L1-1-0.dll | 22 | AreAllAccessesGranted | |
| API-MS-Win-Security-Base-L1-1-0.dll | 23 | AreAnyAccessesGranted | |
| API-MS-Win-Security-Base-L1-1-0.dll | 24 | CheckTokenMembership | |
| API-MS-Win-Security-Base-L1-1-0.dll | 25 | ConvertToAutoInheritPrivateObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 27 | CreatePrivateObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 28 | CreatePrivateObjectSecurityEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 29 | CreatePrivateObjectSecurityWithMultipleInheritance | |
| API-MS-Win-Security-Base-L1-1-0.dll | 30 | CreateRestrictedToken | |
| API-MS-Win-Security-Base-L1-1-0.dll | 31 | CreateWellKnownSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 32 | DeleteAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 33 | DestroyPrivateObjectSecurity | |
| API-MS-Win-Security-Base-L1-1-0.dll | 34 | DuplicateToken | |
| API-MS-Win-Security-Base-L1-1-0.dll | 35 | DuplicateTokenEx | |
| API-MS-Win-Security-Base-L1-1-0.dll | 37 | EqualPrefixSid | |
| KERNEL32.dll | 1259 | VirtualAllocEx | |
| KERNEL32.dll | 1261 | VirtualFree | |
| KERNEL32.dll | 895 | OpenProcess | |
| KERNEL32.dll | 704 | GlobalMemoryStatusEx | |
| KERNEL32.dll | 361 | GetActiveProcessorCount | |
| KERNEL32.dll | 626 | GetSystemInfo | |
| KERNEL32.dll | 221 | DeviceIoControl | |
| KERNEL32.dll | 635 | GetSystemWindowsDirectoryW | |
| KERNEL32.dll | 678 | GetVolumeInformationW | |
| KERNEL32.dll | 467 | GetDriveTypeW | |
| KERNEL32.dll | 518 | GetLogicalDriveStringsW | |
| KERNEL32.dll | 1015 | ReleaseMutex | |
| KERNEL32.dll | 724 | HeapSize | |
| KERNEL32.dll | 399 | GetComputerNameW | |
| KERNEL32.dll | 284 | ExpandEnvironmentStringsA | |
| KERNEL32.dll | 981 | RegKrnInitialize | |
| KERNEL32.dll | 530 | GetModuleFileNameW | |
| KERNEL32.dll | 846 | LocalUnlock | |
| KERNEL32.dll | 842 | LocalLock | |
| KERNEL32.dll | 396 | GetComputerNameA | |
| KERNEL32.dll | 1112 | SetEvent | |
| KERNEL32.dll | 232 | DuplicateHandle | |
| KERNEL32.dll | 159 | CreateMutexW | |
| KERNEL32.dll | 960 | ReadProcessMemory | |
| KERNEL32.dll | 202 | DecodePointer | |
| KERNEL32.dll | 234 | EncodePointer | |
| KERNEL32.dll | 355 | FreeLibraryAndExitThread | |
| KERNEL32.dll | 782 | IsWow64Process | |
| KERNEL32.dll | 570 | GetPrivateProfileIntW | |
| KERNEL32.dll | 1037 | ResetEvent | |
| KERNEL32.dll | 722 | HeapReAlloc | |
| KERNEL32.dll | 630 | GetSystemTime | |
| KERNEL32.dll | 156 | CreateMutexA | |
| KERNEL32.dll | 739 | InitializeCriticalSection | |
| KERNEL32.dll | 1304 | Wow64RevertWow64FsRedirection | |
| KERNEL32.dll | 851 | LockResource | |
| KERNEL32.dll | 1200 | SizeofResource | |
| KERNEL32.dll | 1300 | Wow64DisableWow64FsRedirection | |
| KERNEL32.dll | 830 | LoadLibraryExW | |
| KERNEL32.dll | 494 | GetFileSize | |
| KERNEL32.dll | 228 | DosDateTimeToFileTime | |
| KERNEL32.dll | 291 | FileTimeToDosDateTime | |
| KERNEL32.dll | 496 | GetFileTime | |
| KERNEL32.dll | 1111 | SetErrorMode | |
| KERNEL32.dll | 325 | FindNextFileW | |
| KERNEL32.dll | 308 | FindFirstFileExW | |
| KERNEL32.dll | 1122 | SetFileInformationByHandle | |
| KERNEL32.dll | 118 | CopyFileW | |
| KERNEL32.dll | 1349 | lstrcmpiA | |
| KERNEL32.dll | 495 | GetFileSizeEx | |
| KERNEL32.dll | 1137 | SetLastError | |
| KERNEL32.dll | 840 | LocalFree | |
| KERNEL32.dll | 836 | LocalAlloc | |
| KERNEL32.dll | 843 | LocalReAlloc | |
| KERNEL32.dll | 1298 | WideCharToMultiByte | |
| KERNEL32.dll | 1359 | lstrlenW | |
| KERNEL32.dll | 870 | MultiByteToWideChar | |
| KERNEL32.dll | 398 | GetComputerNameExW | |
| KERNEL32.dll | 579 | GetProcAddress | |
| KERNEL32.dll | 828 | LoadLibraryA | |
| KERNEL32.dll | 83 | CloseHandle | |
| KERNEL32.dll | 166 | CreateProcessInternalA | |
| KERNEL32.dll | 354 | FreeLibrary | |
| KERNEL32.dll | 512 | GetLastError | |
| KERNEL32.dll | 831 | LoadLibraryW | |
| KERNEL32.dll | 825 | LeaveCriticalSection | |
| KERNEL32.dll | 238 | EnterCriticalSection | |
| KERNEL32.dll | 980 | RegKrnGetGlobalState | |
| KERNEL32.dll | 1204 | SleepEx | |
| KERNEL32.dll | 658 | GetTickCount | |
| KERNEL32.dll | 715 | HeapAlloc | |
| KERNEL32.dll | 584 | GetProcessHeap | |
| KERNEL32.dll | 144 | CreateFileW | |
| KERNEL32.dll | 505 | GetFullPathNameW | |
| KERNEL32.dll | 719 | HeapFree | |
| KERNEL32.dll | 488 | GetFileAttributesW | |
| KERNEL32.dll | 1051 | SearchPathW | |
| KERNEL32.dll | 206 | DelayLoadFailureHook | |
| KERNEL32.dll | 745 | InterlockedCompareExchange | |
| KERNEL32.dll | 829 | LoadLibraryExA | |
| KERNEL32.dll | 932 | QueryPerformanceCounter | |
| KERNEL32.dll | 632 | GetSystemTimeAsFileTime | |
| KERNEL32.dll | 1236 | UnhandledExceptionFilter | |
| KERNEL32.dll | 1187 | SetUnhandledExceptionFilter | |
| KERNEL32.dll | 134 | CreateEventW | |
| KERNEL32.dll | 657 | GetThreadUILanguage | |
| KERNEL32.dll | 1350 | lstrcmpiW | |
| KERNEL32.dll | 391 | GetCommandLineW | |
| KERNEL32.dll | 1347 | lstrcmpW | |
| KERNEL32.dll | 1201 | Sleep | |
| KERNEL32.dll | 533 | GetModuleHandleExW | |
| KERNEL32.dll | 1318 | WriteFile | |
| KERNEL32.dll | 285 | ExpandEnvironmentStringsW | |
| KERNEL32.dll | 866 | MoveFileW | |
| KERNEL32.dll | 214 | DeleteFileW | |
| KERNEL32.dll | 485 | GetFileAttributesExW | |
| KERNEL32.dll | 1124 | SetFilePointer | |
| KERNEL32.dll | 903 | OutputDebugStringW | |
| KERNEL32.dll | 513 | GetLocalTime | |
| KERNEL32.dll | 350 | FormatMessageW | |
| KERNEL32.dll | 534 | GetModuleHandleW | |
| KERNEL32.dll | 141 | CreateFileMappingW | |
| KERNEL32.dll | 957 | ReadFile | |
| KERNEL32.dll | 854 | MapViewOfFile | |
| KERNEL32.dll | 1239 | UnmapViewOfFile | |
| KERNEL32.dll | 97 | CompareFileTime | |
| KERNEL32.dll | 525 | GetLongPathNameW | |
| KERNEL32.dll | 833 | LoadResource | |
| KERNEL32.dll | 333 | FindResourceExW | |
| KERNEL32.dll | 682 | GetVolumePathNameW | |
| KERNEL32.dll | 209 | DeleteCriticalSection | |
| KERNEL32.dll | 1274 | WaitForSingleObject | |
| KERNEL32.dll | 302 | FindClose | |
| KERNEL32.dll | 493 | GetFileMUIPath | |
| KERNEL32.dll | 747 | InterlockedDecrement | |
| KERNEL32.dll | 751 | InterlockedIncrement | |
| KERNEL32.dll | 748 | InterlockedExchange | |
| KERNEL32.dll | 1262 | VirtualFreeEx | |
| KERNEL32.dll | 462 | GetDiskFreeSpaceExW | |
| KERNEL32.dll | 623 | GetSystemDirectoryW | |
| KERNEL32.dll | 502 | GetFullPathNameA | |
| KERNEL32.dll | 566 | GetOverlappedResult | |
| RPCRT4.dll | 348 | RpcBindingCreateW | |
| RPCRT4.dll | 507 | UuidCreate | |
| RPCRT4.dll | 364 | RpcBindingSetAuthInfoA | |
| RPCRT4.dll | 383 | RpcEpResolveBinding | |
| RPCRT4.dll | 82 | I_RpcSNCHOption | |
| RPCRT4.dll | 512 | UuidFromStringW | |
| RPCRT4.dll | 516 | UuidToStringW | |
| RPCRT4.dll | 394 | RpcExceptionFilter | |
| RPCRT4.dll | 367 | RpcBindingSetAuthInfoW | |
| RPCRT4.dll | 483 | RpcSsDestroyClientContext | |
| RPCRT4.dll | 62 | I_RpcMapWin32Status | |
| RPCRT4.dll | 45 | I_RpcExceptionFilter | |
| RPCRT4.dll | 149 | NdrClientCall2 | |
| RPCRT4.dll | 366 | RpcBindingSetAuthInfoExW | |
| RPCRT4.dll | 494 | RpcStringBindingComposeW | |
| RPCRT4.dll | 351 | RpcBindingFromStringBindingW | |
| RPCRT4.dll | 498 | RpcStringFreeW | |
| RPCRT4.dll | 349 | RpcBindingFree | |
| RPCRT4.dll | 365 | RpcBindingSetAuthInfoExA | |
| RPCRT4.dll | 431 | RpcRaiseException | |
| RPCRT4.dll | 345 | RpcBindingBind |
StringTable 040904B0
| CompanyName | Microsoft Corporation |
| FileDescription | Advanced Windows 32 Base API |
| FileVersion | 6.1.7601.18247 (win7sp1_gdr.130828-1532) |
| InternalName | advapi32.dll |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | advapi32.dll |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 6.1.7601.18247 |
VS_FIXEDFILEINFO
| FileVersion | 6.1.7601.18247 |
| ProductVersion | 6.1.7601.18247 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 0x40004 |
| FileType | 2 |
| FileSubtype | 0 |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK