Import table
advapi32.dll
StartServiceW, SetServiceStatus, I_ScSetServiceBitsW, SystemFunction029, MD5Init, MD5Update, MD5Final, RegQueryValueExW, SystemFunction007, SystemFunction001, RegQueryInfoKeyW, LsaDelete, LsaCreateSecret, LsaQuerySecret, LsaSetSecret, LsaSetInformationPolicy, RegDeleteKeyW, RegCreateKeyExW, CryptAcquireContextW, CryptGenRandom, CryptReleaseContext, LookupAccountSidW, GetSidSubAuthorityCount, GetSidSubAuthority, RegOpenKeyW, LsaOpenSecret, ChangeServiceConfigW, RegNotifyChangeKeyValue, EnumDependentServicesW, ControlService, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, QueryServiceStatus, CloseServiceHandle, RegConnectRegistryW, SetThreadToken, RevertToSelf, OpenThreadToken, RegisterEventSourceW, ReportEventW, DeregisterEventSource, LsaOpenPolicy, ConvertStringSecurityDescriptorToSecurityDescriptorW, LsaQueryInformationPolicy, LsaFreeMemory, LsaClose, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegisterServiceCtrlHandlerExW
api-ms-win-core-apiquery-l1-1-0.dll
ApiSetQueryApiSetPresence
api-ms-win-core-debug-l1-1-1.dll
OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-1.dll
SetLastError, GetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter
api-ms-win-core-file-l1-2-0.dll
CreateFileW, DefineDosDeviceW, QueryDosDeviceW
api-ms-win-core-handle-l1-1-0.dll
CloseHandle
api-ms-win-core-heap-l1-2-0.dll
HeapAlloc, HeapFree, GetProcessHeap
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalReAlloc, LocalAlloc, LocalFree, LocalUnlock, LocalLock
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedExchange, InterlockedCompareExchange, InterlockedDecrement, InterlockedIncrement
api-ms-win-core-io-l1-1-1.dll
CreateIoCompletionPort, GetQueuedCompletionStatus, PostQueuedCompletionStatus
api-ms-win-core-kernel32-legacy-l1-1-0.dll
AddLocalAlternateComputerNameW, DnsHostnameToComputerNameW
api-ms-win-core-kernel32-private-l1-1-0.dll
SetLocalPrimaryComputerNameW, RemoveLocalAlternateComputerNameW, DosPathToSessionPathW, EnumerateLocalComputerNamesW
api-ms-win-core-processthreads-l1-1-1.dll
CreateThread, GetCurrentProcessId, GetCurrentProcess, TerminateProcess, OpenThreadToken, SetThreadToken, GetCurrentThread, GetCurrentThreadId
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegCloseKey, RegOpenKeyExW, RegQueryInfoKeyW, RegQueryValueExW, RegSetValueExW, RegNotifyChangeKeyValue
api-ms-win-core-string-obsolete-l1-1-0.dll
lstrcmpW
api-ms-win-core-synch-l1-2-0.dll
EnterCriticalSection, SetEvent, InitializeCriticalSection, LeaveCriticalSection, WaitForSingleObject, ResetEvent, OpenEventW, WaitForMultipleObjectsEx, Sleep, DeleteCriticalSection, CreateEventW
api-ms-win-core-sysinfo-l1-2-0.dll
GetSystemTimeAsFileTime, GetTickCount, SetComputerNameExW, GetVersion, GetLocalTime, GetComputerNameExW, GetVersionExW, GlobalMemoryStatusEx
api-ms-win-core-threadpool-l1-2-0.dll
SetThreadpoolTimer, CreateThreadpoolCleanupGroup, CloseThreadpoolCleanupGroup, WaitForThreadpoolTimerCallbacks, CloseThreadpoolTimer, CloseThreadpoolCleanupGroupMembers, TrySubmitThreadpoolCallback
api-ms-win-eventing-classicprovider-l1-1-0.dll
RegisterTraceGuidsW, GetTraceEnableLevel, GetTraceLoggerHandle, TraceMessage, UnregisterTraceGuids, GetTraceEnableFlags
api-ms-win-eventing-provider-l1-1-0.dll
EventUnregister, EventRegister, EventWrite
api-ms-win-security-activedirectoryclient-l1-1-0.dll
DsBindWithSpnExW, DsMakePasswordCredentialsW, DsCrackNamesW, DsFreeNameResultW, DsUnBindW, DsGetDomainControllerInfoW, DsFreeDomainControllerInfoW, DsFreePasswordCredentials
api-ms-win-security-base-l1-2-0.dll
CheckTokenMembership, CreateWellKnownSid, RevertToSelf
api-ms-win-security-lsalookup-l1-1-1.dll
LsaLookupGetDomainInfo, LsaLookupOpenLocalPolicy, LsaLookupClose, LsaLookupFreeMemory
api-ms-win-service-core-l1-1-0.dll
SetServiceStatus, RegisterServiceCtrlHandlerExW
api-ms-win-service-core-l1-1-1.dll
RegisterServiceCtrlHandlerExW, SetServiceStatus
api-ms-win-service-private-l1-1-0.dll
I_ScSetServiceBitsW
iphlpapi.dll
CancelMibChangeNotify2, GetIfEntry2, NotifyIpInterfaceChange
kernel32.dll
SetLastError, ResetEvent, WaitForSingleObject, DeleteCriticalSection, CloseHandle, InitializeCriticalSection, CreateEventW, LocalFree, lstrcmpW, SetEvent, EnterCriticalSection, GetLastError, LeaveCriticalSection, WaitForMultipleObjects, LocalLock, LocalUnlock, LocalReAlloc, GlobalMemoryStatus, GetVersion, DosPathToSessionPathW, GetLocalTime, RegQueryInfoKeyW, GetComputerNameExW, LocalAlloc, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, Sleep, LoadLibraryExA, InterlockedCompareExchange, FreeLibrary, GetProcAddress, DelayLoadFailureHook, DnsHostnameToComputerNameW, AddLocalAlternateComputerNameW, RemoveLocalAlternateComputerNameW, SetLocalPrimaryComputerNameW, EnumerateLocalComputerNamesW, GetVersionExW, SetComputerNameExW, InterlockedExchange, HeapFree, HeapAlloc, GetCurrentThread, QueryDosDeviceW, OpenEventW, SetUnhandledExceptionFilter, CreateFileW, DefineDosDeviceW, GlobalFree, LoadLibraryW, GetComputerNameW, GetSystemWindowsDirectoryW, LoadLibraryA, FlushFileBuffers, SetFilePointer, WideCharToMultiByte, GetWindowsDirectoryW, GetFileAttributesW, CreateDirectoryW, GetFileSize, WriteFile, MoveFileExW, ReadFile
msvcrt.dll
DllMain
netapi32.dll
DsGetDcNameWithAccountW, NetApiBufferFree, I_NetListTraverse, I_NetListCanonicalize, I_NetNameCanonicalize, I_NetPathType, NetUnregisterDomainNameChangeNotification, NetRegisterDomainNameChangeNotification, DsRoleGetPrimaryDomainInformation, DsRoleFreeMemory, DsGetDcNameW, NetApiBufferAllocate, NetUserGetInfo, I_NetServerReqChallenge, I_NetServerAuthenticate, NetUseDel, NetUseAdd, Netbios, NetLocalGroupAddMember, NetLocalGroupDelMember, DsEnumerateDomainTrustsW, I_NetNameCompare, I_NetNameValidate, NetUserAdd, NetUserSetInfo, NetpIsRemote, I_NetPathCanonicalize
netjoin.dll
NetpQueryService, NetpCrackNamesStatus2Win32Error, NetpGetMachineAccountName, NetpSeparateUserAndDomain, NetpControlServices, NetpAvoidNetlogonSpnSet, NetSetuppOpenLog, NetSetuppCloseLog, NetpManageIPCConnect, NetpLogPrintHelper, NetpGetListOfJoinableOUs, NetpChangeMachineName, NetpGetJoinInformation, NetpValidateName, NetpGetLsaPrimaryDomain, NetpUnJoinDomain, NetpIsSetupInProgress, NetpGetNewMachineName, NetpDoDomainJoin, NetpMachineValidToJoin
netutils.dll
NetApiBufferAllocate, NetpwPathType, NetpwPathCanonicalize, NetpwNameCanonicalize, NetpwListCanonicalize, NetpwListTraverse, NetApiBufferFree
ntdll.dll
NtCreateEvent, RtlInitializeGenericTable, RtlLookupElementGenericTable, RtlInsertElementGenericTable, RtlEnumerateGenericTable, RtlDeleteElementGenericTable, RtlCompareMemory, RtlInitString, RtlMapSecurityErrorToNtStatus, NtCreateFile, RtlIntegerToUnicodeString, RtlAppendUnicodeStringToString, RtlRunDecodeUnicodeString, RtlRunEncodeUnicodeString, NtQueryVolumeInformationFile, RtlQueryRegistryValues, RtlGetNtProductType, NtOpenThreadToken, NtQueryInformationToken, RtlCompareUnicodeString, NtClose, NtDeviceIoControlFile, NtFsControlFile, RtlInitUnicodeString, NtOpenFile, RtlCopyLuid, RtlAcquireResourceShared, RtlDeleteResource, DbgPrint, RtlInitializeResource, RtlNtStatusToDosError, RtlDeregisterWaitEx, RtlDeregisterWait, RtlAcquireResourceExclusive, RtlReleaseResource, RtlRegisterWait, NtAccessCheckAndAuditAlarm, RtlAdjustPrivilege, RtlCompareMemoryUlong, RtlCopySid, RtlDeleteSecurityObject, RtlLengthSid, RtlSetSaclSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlSetOwnerSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAce, RtlCreateAcl, RtlNewSecurityObject, NtOpenProcessToken, WinSqmIsOptedIn, WinSqmSetDWORD, RtlInitializeSid, RtlSubAuthoritySid, RtlEqualSid, RtlFreeUnicodeString, RtlConvertSidToUnicodeString, RtlFreeOemString, RtlUnicodeStringToOemString, RtlDowncaseUnicodeString, NtQueryInformationProcess, NtQueryLicenseValue, RtlIpv4AddressToStringW, RtlIpv6AddressToStringW, RtlIpv4StringToAddressW, RtlIpv6StringToAddressW, RtlIpv4AddressToStringExW, RtlIpv6AddressToStringExW, RtlQueryRegistryValuesEx
ntdsapi.dll
DsFreeNameResultW, DsMakePasswordCredentialsW, DsBindWithCredW, DsCrackNamesW, DsFreePasswordCredentials, DsUnBindW
rpcrt4.dll
RpcBindingFree, RpcStringBindingParseW, RpcBindingToStringBindingW, RpcBindingServerFromClient, RpcServerRegisterIfEx, RpcServerUseProtseqEpW, RpcServerUnregisterIf, RpcImpersonateClient, RpcRevertToSelf, I_RpcBindingIsClientLocal, NdrServerCall2, RpcStringFreeW, RpcAsyncCompleteCall, RpcServerInqBindings, RpcAsyncAbortCall, NdrClientCall2, NdrAsyncClientCall, I_RpcExceptionFilter, RpcMgmtSetComTimeout, NdrAsyncServerCall, RpcBindingSetAuthInfoExW, RpcMgmtInqServerPrincNameW, RpcEpResolveBinding, RpcBindingFromStringBindingW, RpcStringBindingComposeW, UuidToStringW, UuidCompare, RpcAsyncInitializeHandle, RpcAsyncCancelCall, RpcEpRegisterW, RpcServerUseProtseqW, RpcBindingVectorFree, RpcServerTestCancel, RpcServerUnregisterIfEx, I_RpcMapWin32Status, RpcEpUnregister, RpcServerInqCallAttributesW
samlib.dll
SamCloseHandle, SamSetInformationUser, SamQueryInformationUser, SamOpenUser, SamFreeMemory, SamLookupNamesInDomain, SamOpenDomain, SamConnect
secur32.dll
LsaCallAuthenticationPackage, LsaDeregisterLogonProcess, LsaConnectUntrusted, LsaLookupAuthenticationPackage, LsaFreeReturnBuffer
user32.dll
UnregisterDeviceNotification, RegisterDeviceNotificationW
winbrand.dll
BrandingFormatString
Export table
ServiceMain
SvchostPushServiceGlobals
