Import table
api-ms-win-core-debug-l1-1-0.dll
IsDebuggerPresent, DebugBreak
api-ms-win-core-errorhandling-l1-1-0.dll
GetLastError, RaiseException, UnhandledExceptionFilter, SetUnhandledExceptionFilter
api-ms-win-core-file-l1-1-0.dll
CreateFileW, GetVolumePathNameW, GetDriveTypeW
api-ms-win-core-handle-l1-1-0.dll
CloseHandle
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedExchange, InterlockedIncrement, InterlockedCompareExchange, InterlockedDecrement
api-ms-win-core-io-l1-1-0.dll
DeviceIoControl
api-ms-win-core-libraryloader-l1-1-0.dll
FreeLibrary, GetProcAddress, LoadLibraryExA
api-ms-win-core-localregistry-l1-1-0.dll
RegEnumValueW, RegOpenKeyExW, RegSetValueExW, RegDeleteValueW, RegNotifyChangeKeyValue, RegCloseKey
api-ms-win-core-misc-l1-1-0.dll
LocalFree, Sleep, lstrcmpW, LocalAlloc, FormatMessageW
api-ms-win-core-processthreads-l1-1-0.dll
CreateThread, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, TerminateProcess, GetCurrentThreadId, OpenThreadToken
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-string-l1-1-0.dll
MultiByteToWideChar, CompareStringW
api-ms-win-core-synch-l1-1-0.dll
SetEvent, CreateEventW, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, WaitForSingleObject, DeleteCriticalSection
api-ms-win-core-sysinfo-l1-1-0.dll
GetSystemTime, GetSystemInfo, GetComputerNameExW, GetSystemTimeAsFileTime, GetVersionExW, GetTickCount
api-ms-win-security-base-l1-1-0.dll
GetFileSecurityW, IsValidSecurityDescriptor, RevertToSelf, ImpersonateSelf, GetSecurityDescriptorLength, GetAce, EqualSid, GetAclInformation, AddAccessAllowedAceEx, GetLengthSid, GetSecurityDescriptorDacl, CreateWellKnownSid, CheckTokenMembership, SetFileSecurityW
api-ms-win-service-core-l1-1-0.dll
SetServiceStatus, RegisterServiceCtrlHandlerExW
api-ms-win-service-management-l1-1-0.dll
OpenServiceW, OpenSCManagerW, CloseServiceHandle
api-ms-win-service-management-l2-1-0.dll
QueryServiceStatusEx, QueryServiceConfigW
api-ms-win-service-winsvc-l1-1-0.dll
QueryServiceStatus
browser.dll
I_BrowserServerEnumForXactsrv
cfgmgr32.dll
CMP_RegisterNotification, CMP_UnregisterNotification, CM_MapCrToWin32Err
iphlpapi.dll
GetAdaptersAddresses, CancelMibChangeNotify2, NotifyUnicastIpAddressChange
kernel32.dll
LoadLibraryW, WaitForMultipleObjects, DnsHostnameToComputerNameW, GetTimeZoneInformation, SetConsoleCtrlHandler, DelayLoadFailureHook, VerifyVersionInfoW, GetVolumeNameForVolumeMountPointW
msvcrt.dll
DllMain
ntdll.dll
RtlFreeHeap, RtlInitAnsiString, RtlAnsiStringToUnicodeString, RtlAdjustPrivilege, RtlInitString, NtQuerySystemTime, RtlTimeToSecondsSince1970, WinSqmSetDWORD, NtWaitForSingleObject, NtLoadDriver, NtUnloadDriver, RtlUpcaseUnicodeString, RtlIpv4AddressToStringExW, RtlIpv6AddressToStringExW, EtwUnregisterTraceGuids, EtwRegisterTraceGuidsW, EtwGetTraceLoggerHandle, EtwGetTraceEnableLevel, EtwGetTraceEnableFlags, RtlUpcaseUnicodeChar, RtlDosPathNameToNtPathName_U, NtQueryVolumeInformationFile, NtQueryInformationFile, RtlNewSecurityObjectEx, NtOpenSymbolicLinkObject, NtQuerySymbolicLinkObject, RtlSetDaclSecurityDescriptor, RtlMakeSelfRelativeSD, NtOpenKey, NtQueryValueKey, NtCreateEvent, NlsMbOemCodePageTag, RtlDeleteSecurityObject, NtClose, RtlxUnicodeStringToOemSize, RtlUnicodeStringToOemString, RtlCopyUnicodeString, NtOpenFile, RtlUpcaseUnicodeStringToOemString, RtlGetNtProductType, RtlDeleteRegistryValue, RtlCreateEnvironment, RtlSetEnvironmentVariable, RtlIntegerToUnicodeString, RtlDestroyEnvironment, NtQuerySystemInformation, RtlLengthSecurityDescriptor, RtlQueryEnvironmentVariable_U, RtlFreeUnicodeString, RtlValidSecurityDescriptor, RtlQueryRegistryValues, RtlCheckRegistryKey, RtlCreateRegistryKey, RtlWriteRegistryValue, VerSetConditionMask, RtlInitializeResource, RtlNtStatusToDosError, RtlAcquireResourceShared, RtlDeleteResource, RtlAcquireResourceExclusive, RtlReleaseResource, NtCreateFile, NtFsControlFile, NtAccessCheckAndAuditAlarm, RtlCopySid, RtlLengthSid, RtlSetSaclSecurityDescriptor, RtlAddAce, RtlCreateAcl, RtlNewSecurityObject, NtOpenProcessToken, RtlCompareMemoryUlong, NtSetInformationThread, NtAdjustPrivilegesToken, NtDuplicateToken, RtlUnicodeStringToInteger, RtlInitUnicodeString, EtwTraceMessage, RtlValidRelativeSecurityDescriptor, RtlCopySecurityDescriptor, RtlCreateSecurityDescriptor, RtlSetOwnerSecurityDescriptor, RtlSetGroupSecurityDescriptor, NtOpenThreadToken, RtlOemStringToUnicodeString, RtlUnicodeToOemN, RtlSetSecurityObject
rpcrt4.dll
RpcServerInqCallAttributesW, RpcEpUnregister, RpcBindingVectorFree, RpcEpRegisterW, RpcServerInqBindings, RpcAsyncCompleteCall, RpcRevertToSelfEx, RpcAsyncAbortCall, RpcServerTestCancel, NdrServerCall2, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerUnregisterIf, RpcBindingServerFromClient, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcBindingFree, NdrAsyncServerCall, RpcRevertToSelf, RpcImpersonateClient, UuidCreate, RpcStringFreeW
slc.dll
SLGetWindowsInformationDWORD
userenv.dll
RegisterGPNotification, UnregisterGPNotification
ws2_32.dll
GetAddrInfoW, FreeAddrInfoW
Export table
ServiceMain
SvchostPushServiceGlobals
