Import table
advapi32.dll
LsaQueryInformationPolicy, LsaFreeMemory, OpenSCManagerW, OpenServiceW, QueryServiceStatus, StartServiceW, CloseServiceHandle, RegisterEventSourceW, ReportEventW, DeregisterEventSource, RegGetValueW, RegSetKeyValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryInfoKeyW, SystemFunction036, LsaOpenPolicy, AllocateAndInitializeSid, BuildTrusteeWithSidW, BuildSecurityDescriptorW, GetSecurityDescriptorLength, FreeSid, RegEnumValueW, RegDeleteValueW, RegSetValueExW, RegCreateKeyExW, RegEnumKeyExW, RegDeleteKeyW, RegNotifyChangeKeyValue, OpenProcessToken, RegQueryValueExW, CryptDeriveKey, CryptGenRandom, CryptDecrypt, CryptEncrypt, CryptExportKey, CryptImportKey, CryptGetProvParam, CryptGetUserKey, CryptGenKey, CryptGetHashParam, CheckTokenMembership, GetTokenInformation, GetWindowsAccountDomainSid, CreateWellKnownSid, RegisterServiceCtrlHandlerExW, SetServiceStatus, CryptAcquireContextW, CryptReleaseContext, CryptVerifySignatureW, CryptCreateHash, CryptHashData, CryptSignHashW, CryptDestroyHash, CryptDestroyKey, RegCloseKey, RegOpenKeyExW, EqualSid, CopySid, CryptContextAddRef, GetUserNameW, OpenThreadToken, SetThreadToken, TraceMessage, UnregisterTraceGuids, RegisterTraceGuidsW, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags
api-ms-win-core-debug-l1-1-1.dll
DebugBreak
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-1.dll
GetLastError, SetUnhandledExceptionFilter, UnhandledExceptionFilter, SetLastError
api-ms-win-core-file-l1-2-0.dll
DeleteFileW, WriteFile, ReadFile, GetFileSize, CompareFileTime, CreateFileW
api-ms-win-core-file-l1-2-1.dll
DeleteFileW, CompareFileTime, GetFileSize, CreateFileW, ReadFile, WriteFile
api-ms-win-core-file-l2-1-0.dll
CopyFileExW
api-ms-win-core-file-l2-1-1.dll
CopyFileExW
api-ms-win-core-handle-l1-1-0.dll
DuplicateHandle, CloseHandle
api-ms-win-core-heap-l1-2-0.dll
HeapReAlloc, GetProcessHeap, HeapFree, HeapAlloc
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree, LocalAlloc
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedIncrement, InterlockedCompareExchange, InterlockedExchange, InterlockedDecrement
api-ms-win-core-libraryloader-l1-1-1.dll
FreeLibrary, GetProcAddress, LoadStringW, LoadLibraryExW, DisableThreadLibraryCalls, GetModuleHandleExW, GetModuleHandleW
api-ms-win-core-localization-obsolete-l1-1-0.dll
CompareStringA
api-ms-win-core-localization-obsolete-l1-2-0.dll
CompareStringA
api-ms-win-core-processthreads-l1-1-1.dll
SwitchToThread, TerminateProcess, GetCurrentThread, SetThreadToken, GetCurrentThreadId, GetCurrentProcessId, OpenThreadToken, GetCurrentProcess
api-ms-win-core-processthreads-l1-1-2.dll
SwitchToThread, TerminateProcess, GetCurrentProcess, GetCurrentThreadId, GetCurrentProcessId, OpenThreadToken, SetThreadToken, GetCurrentThread
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegOpenKeyExW, RegCloseKey, RegCreateKeyExW, RegDeleteKeyExW, RegQueryValueExW, RegSetValueExW, RegEnumKeyExW
api-ms-win-core-string-l1-1-0.dll
WideCharToMultiByte, CompareStringW, MultiByteToWideChar
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrlenW, lstrcmpW
api-ms-win-core-synch-l1-2-0.dll
CreateEventW, InitializeCriticalSectionAndSpinCount, SetEvent, WaitForSingleObject, OpenEventW, DeleteCriticalSection, Sleep, EnterCriticalSection, LeaveCriticalSection, ResetEvent
api-ms-win-core-sysinfo-l1-2-0.dll
GetTickCount, GetSystemDirectoryW, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetTickCount, GetSystemDirectoryW, GetSystemTimeAsFileTime
api-ms-win-core-threadpool-legacy-l1-1-0.dll
ChangeTimerQueueTimer, CreateTimerQueueTimer, DeleteTimerQueueTimer, UnregisterWaitEx
api-ms-win-core-threadpool-private-l1-1-0.dll
RegisterWaitForSingleObjectEx
api-ms-win-core-timezone-l1-1-0.dll
SystemTimeToFileTime, FileTimeToSystemTime
api-ms-win-security-base-l1-1-0.dll
FreeSid, AllocateAndInitializeSid, GetTokenInformation, CreateWellKnownSid, GetSecurityDescriptorLength, CheckTokenMembership, GetWindowsAccountDomainSid
api-ms-win-security-base-l1-2-0.dll
FreeSid, AllocateAndInitializeSid, GetSecurityDescriptorLength, CheckTokenMembership, GetTokenInformation, CreateWellKnownSid, GetWindowsAccountDomainSid
api-ms-win-security-grouppolicy-l1-1-0.dll
RegisterGPNotificationInternal, UnregisterGPNotificationInternal
api-ms-win-service-core-l1-1-0.dll
SetServiceStatus, RegisterServiceCtrlHandlerExW
api-ms-win-service-management-l1-1-0.dll
OpenSCManagerW, CloseServiceHandle, StartServiceW, OpenServiceW
api-ms-win-service-winsvc-l1-1-0.dll
QueryServiceStatus
authz.dll
AuthzInitializeResourceManager, AuthzInitializeContextFromToken, AuthzInitializeContextFromSid, AuthzAddSidsToContext, AuthzAccessCheck, AuthzFreeContext, AuthzFreeResourceManager
crypt32.dll
CryptExportPublicKeyInfo, CryptStringToBinaryW, CryptBinaryToStringW, CryptImportPublicKeyInfo, CertComparePublicKeyInfo, CertCompareIntegerBlob, CertVerifyTimeValidity, CertEnumCertificatesInStore, CertSaveStore, CertCloseStore, CertDuplicateStore, CertOpenSystemStoreW, CertFreeCertificateContext, CertAddCertificateContextToStore, CertDeleteCertificateFromStore, CertFindCertificateInStore, CertDuplicateCertificateContext, CertCreateCertificateContext, CertSetCertificateContextProperty, CertGetCertificateContextProperty, CryptDecodeObject, CryptSignAndEncodeCertificate, CertVerifyValidityNesting, CryptEncodeObject, CertVerifySubjectCertificateContext, CertCompareCertificate, CertOpenStore
iphlpapi.dll
GetAdaptersAddresses
kernel32.dll
InterlockedCompareExchange, LoadLibraryExA, InterlockedExchange, Sleep, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapAlloc, HeapReAlloc, HeapFree, lstrlenW, WideCharToMultiByte, CompareStringW, MultiByteToWideChar, DebugBreak, RegQueryValueExW, RegCloseKey, RegOpenKeyExW, DeleteFileW, CopyFileW, CloseHandle, CreateEventW, lstrlenA, LocalFree, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetCurrentThread, RegDeleteKeyExW, RegEnumKeyExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, LoadLibraryW, GetSystemDirectoryW, CompareFileTime, lstrcmpW, WaitForSingleObject, SetEvent, OpenEventW, InterlockedDecrement, InterlockedIncrement, DuplicateHandle, UnregisterWaitEx, ResetEvent, RegisterWaitForSingleObject, FileTimeToSystemTime, SystemTimeToFileTime, SwitchToThread, CreateTimerQueueTimer, DeleteTimerQueueTimer, GetModuleHandleW, GetFileSize, ReadFile, FreeLibrary, GetLastError, GetProcAddress, DelayLoadFailureHook, DisableThreadLibraryCalls, CompareStringA, WriteFile, CreateFileW, InterlockedExchangeAdd, DeviceIoControl, PostQueuedCompletionStatus, DeleteTimerQueueEx, CreateTimerQueue, GetQueuedCompletionStatus, CreateThread, CreateIoCompletionPort, GetSystemInfo, QueueUserWorkItem, WaitForMultipleObjects, SetEndOfFile, SetFilePointer, GetFileSizeEx, GetVersionExW, CreateDirectoryW, SetLastError, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, OpenFileMappingW, CancelWaitableTimer, SetWaitableTimer, CreateWaitableTimerW, LoadLibraryA, OpenProcess, LoadLibraryExW
msvcrt.dll
DllMain
ntdll.dll
EtwGetTraceEnableFlags, EtwGetTraceEnableLevel, EtwGetTraceLoggerHandle, EtwRegisterTraceGuidsW, EtwUnregisterTraceGuids, NtClose, RtlOpenCurrentUser, EtwTraceMessage, RtlHashUnicodeString, RtlInitUnicodeString
ole32.dll
CoCreateInstance, CoUninitialize, CoInitializeEx
p2pgraph.dll
PeerGraphGetProperties, PeerGraphSetProperties, PeerGraphDeleteRecord, PeerGraphEnumRecords, PeerGraphValidateDeferredRecords, PeerGraphStartup, PeerGraphShutdown, PeerGraphUniversalTimeToPeerTime, PeerGraphPeerTimeToUniversalTime, PeerGraphGetNodeInfo, PeerGraphEnumNodes, PeerGraphEnumConnections, PeerGraphSendData, PeerGraphCloseDirectConnection, PeerGraphOpenDirectConnection, PeerGraphConnect, PeerGraphListen, PeerGraphExportDatabase, PeerGraphSearchRecords, PeerGraphUpdateRecord, PeerGraphAddRecord, PeerGraphGetRecord, PeerGraphRegisterEvent, PeerGraphGetStatus, PeerGraphGetEventData, PeerGraphUnregisterEvent, PeerGraphEndEnumeration, PeerGraphGetNextItem, PeerGraphGetItemCount, pMemoryHelper, PeerGraphFreeData, PeerGraphOpen, PeerGraphCreate, PeerGraphImportDatabase, PeerGraphDelete, PeerGraphClose, PeerGraphSuspendTimers, PeerGraphForceStopPresencePrivate
rpcrt4.dll
RpcServerUseProtseqW, RpcServerUseProtseqEpW, RpcServerRegisterAuthInfoW, RpcServerRegisterIfEx, RpcEpRegisterW, RpcErrorStartEnumeration, RpcErrorGetNextRecord, RpcErrorEndEnumeration, RpcStringBindingComposeW, RpcBindingFromStringBindingW, RpcBindingSetAuthInfoExW, RpcBindingFree, RpcServerUnregisterIfEx, RpcServerInqBindings, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcBindingVectorFree, I_RpcBindingInqTransportType, RpcBindingInqAuthClientW, RpcImpersonateClient, RpcRevertToSelf, NdrServerCall2, RpcStringFreeW, UuidToStringW, UuidCreate, I_RpcExceptionFilter, NdrClientCall2, RpcRaiseException, RpcSsContextLockExclusive, RpcServerInqCallAttributesW
secur32.dll
GetUserNameExW
shell32.dll
SHGetFolderPathAndSubDirW, SHGetFolderPathW
sqmapi.dll
SqmReadSharedMachineId, SqmSetMachineId, SqmCreateNewId, SqmAddToStream, SqmSetAppId, SqmEndSession, SqmSet, SqmGetSession
user32.dll
LoadStringW
userenv.dll
RegisterGPNotification, UnregisterGPNotification
ws2_32.dll
WSAAddressToStringW, WSAAddressToStringA, WSAStringToAddressA, WSAStringToAddressW, getaddrinfo, freeaddrinfo, WSASendTo, WSALookupServiceBeginW, WSALookupServiceNextW, WSALookupServiceEnd, WSASetServiceW, WSASocketW, WSAIoctl
Export table
GroupServiceMain
IMServiceMain
InitSecurityInterfaceW
PnrpAutoSVCServiceMain
SvchostPushServiceGlobals
SVCServiceMain
