Import table
advapi32.dll
GetTokenInformation, RegisterTraceGuidsW, UnregisterTraceGuids, TraceEvent, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryValueExW, ControlTraceW, StartTraceW, EnableTrace, ControlService, RegDeleteKeyW, RegSetValueExW, CreateServiceW, RegOpenKeyExW, RegCreateKeyExW, DeleteService, RegCloseKey, LookupPrivilegeValueW, AdjustTokenPrivileges, QueryServiceStatus, OpenSCManagerW, OpenServiceW, StartServiceW, QueryServiceStatusEx, CloseServiceHandle, GetTraceEnableLevel, GetTraceLoggerHandle, LookupAccountSidW, OpenProcessToken, OpenThreadToken, SetThreadToken
kernel32.dll
OpenProcess, GetWindowsDirectoryW, GetSystemDirectoryW, ExpandEnvironmentStringsW, CreateFileW, SetFilePointer, ReadFile, GetFileAttributesExW, GetUserDefaultLangID, InitializeCriticalSection, Sleep, InterlockedCompareExchange, GetCurrentProcessId, TerminateThread, PostQueuedCompletionStatus, QueryDosDeviceW, CreateIoCompletionPort, GetModuleFileNameW, CopyFileW, CreateProcessW, DeleteFileW, DeviceIoControl, OpenThread, WriteFile, FreeLibrary, LoadLibraryW, QueryPerformanceFrequency, GetSystemWindowsDirectoryW, GetVersionExW, InterlockedDecrement, QueryPerformanceCounter, GetCurrentThreadId, GetQueuedCompletionStatus, MultiByteToWideChar, LocalAlloc, LocalFree, GetLongPathNameA, HeapFree, GetProcessHeap, UnmapViewOfFile, InterlockedIncrement, MapViewOfFile, CreateFileMappingW, HeapAlloc, CreateWaitableTimerW, CancelWaitableTimer, CreateThread, FlushFileBuffers, SetWaitableTimer, GetTickCount, WaitForMultipleObjects, GetCurrentProcess, GetSystemInfo, GetProcAddress, GetModuleHandleW, WaitForSingleObject, SetEvent, LeaveCriticalSection, EnterCriticalSection, CreateEventW, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, GetLastError, ResetEvent, CloseHandle, GetEnvironmentStringsW, GetSystemTimeAsFileTime, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, HeapReAlloc, GetConsoleCP, GetConsoleMode, SetStdHandle, WriteConsoleW, GetOverlappedResult, FreeEnvironmentStringsW, GetModuleFileNameA, GetStartupInfoW, GetFileType, SetHandleCount, HeapDestroy, HeapCreate, WideCharToMultiByte, InterlockedExchange, GetStringTypeW, GetCommandLineA, RaiseException, RtlUnwind, LCMapStringW, GetCPInfo, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapSize, ExitProcess, IsProcessorFeaturePresent, GetStdHandle, GetLocaleInfoW, GetACP, GetOEMCP, IsValidCodePage, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, SetLastError
ole32.dll
CoUninitialize, CoCreateGuid, CoInitializeEx
psapi.dll
GetModuleFileNameExW
sbte.dll
SBCSScanFileTrace, SBCSQueryThreatDataW, SBCSScanRegistryTrace, SBCSAddUserKnownEntity, SBCSRemoveFileCacheEntry, SBCSQuarantineFile2W
sfc.dll
SfcIsFileProtected
shell32.dll
SHGetFolderPathW
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
Export table
SBAPAddAllowedPid
SBAPAddBlockedPid
SBAPClearCache
SBAPGetAllAllowedPids
SBAPGetAllBlockedPids
SBAPGetCacheCount
SBAPGetMonitorAction
SBAPGetMonitorActive
SBAPIsAllowedPid
SBAPIsBlockedPid
SBAPIsETWRunning
SBAPIsStarted
SBAPRemoveAllAllowedPids
SBAPRemoveAllBlockedPids
SBAPRemoveAllowedPid
SBAPRemoveBlockedPid
SBAPSetExtensionList
SBAPSetLoggerCallback
SBAPSetMonitorAction
SBAPSetMonitorActive
SBAPSetNotifyCallback
SBAPSetPromptCallback
SBAPSetReportCallback
SBAPSetUserKnownEntityCallback
SBAPSimulateMessage
SBAPStart
SBAPStartETW
SBAPStartVolumeWatcher
SBAPStop
SBAPStopETW
SBAPStopVolumeWatcher
SBAPUninstallDriver
