ScreenShot
| Created | 2023.12.15 15:14 | Machine | s1_win7_x6403 |
| Filename | Mpclient.dll | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 22 detected (malicious, high confidence, Jaik, Rozena, Vdxq, FileRepMalware, Misc, Outbreak, Malgent, Detected, SigCompromised, MEDIATEKINC, ai score=83, unsafe, R014H0DLE23, H0Bz8OO6O3T) | ||
| md5 | 6ecc1d52fba67fdcade83bbdc9576477 | ||
| sha256 | ee04724662bb9fab4a290c3152a80880c92711f4d999cb7429d6fdee10aaeddd | ||
| ssdeep | 3072:zKIGcd/2RapPif65K05LfrwbHyDaO+OtCh6Rs99AjS9IW6GXD/YdhR/ujpuX6gXG:zUcAlwxfr1G1Ok0R09A2KW6ysXvxfL3c | ||
| imphash | dcfee58a3d5f8da2a88f4ee7b3dcb6a3 | ||
| impfuzzy | 24:2FvukMlcpVWcZtlS17MYlJBl3eDoooodjv9FZEpOovbOPZHu9QYP:m2cpV5ZtlS17MSp0oa9FZP3MP | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 22 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks if process is being debugged by a debugger |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10022000 VirtualFree
0x10022004 VirtualAlloc
0x10022008 GetCurrentDirectoryA
0x1002200c Sleep
0x10022010 CopyFileA
0x10022014 FreeConsole
0x10022018 CreateThread
0x1002201c CreateFileW
0x10022020 CloseHandle
0x10022024 GetConsoleMode
0x10022028 WideCharToMultiByte
0x1002202c EnterCriticalSection
0x10022030 LeaveCriticalSection
0x10022034 InitializeCriticalSectionEx
0x10022038 DeleteCriticalSection
0x1002203c EncodePointer
0x10022040 DecodePointer
0x10022044 MultiByteToWideChar
0x10022048 LCMapStringEx
0x1002204c GetStringTypeW
0x10022050 GetCPInfo
0x10022054 IsProcessorFeaturePresent
0x10022058 UnhandledExceptionFilter
0x1002205c SetUnhandledExceptionFilter
0x10022060 GetCurrentProcess
0x10022064 TerminateProcess
0x10022068 QueryPerformanceCounter
0x1002206c GetCurrentProcessId
0x10022070 GetCurrentThreadId
0x10022074 GetSystemTimeAsFileTime
0x10022078 InitializeSListHead
0x1002207c IsDebuggerPresent
0x10022080 GetStartupInfoW
0x10022084 GetModuleHandleW
0x10022088 RtlUnwind
0x1002208c RaiseException
0x10022090 InterlockedFlushSList
0x10022094 GetLastError
0x10022098 SetLastError
0x1002209c InitializeCriticalSectionAndSpinCount
0x100220a0 TlsAlloc
0x100220a4 TlsGetValue
0x100220a8 TlsSetValue
0x100220ac TlsFree
0x100220b0 FreeLibrary
0x100220b4 GetProcAddress
0x100220b8 LoadLibraryExW
0x100220bc QueryPerformanceFrequency
0x100220c0 ExitProcess
0x100220c4 GetModuleHandleExW
0x100220c8 GetModuleFileNameW
0x100220cc HeapAlloc
0x100220d0 HeapFree
0x100220d4 GetStdHandle
0x100220d8 GetFileType
0x100220dc CompareStringW
0x100220e0 LCMapStringW
0x100220e4 GetLocaleInfoW
0x100220e8 IsValidLocale
0x100220ec GetUserDefaultLCID
0x100220f0 EnumSystemLocalesW
0x100220f4 HeapReAlloc
0x100220f8 FindClose
0x100220fc FindFirstFileExW
0x10022100 FindNextFileW
0x10022104 IsValidCodePage
0x10022108 GetACP
0x1002210c GetOEMCP
0x10022110 GetCommandLineA
0x10022114 GetCommandLineW
0x10022118 GetEnvironmentStringsW
0x1002211c FreeEnvironmentStringsW
0x10022120 SetEnvironmentVariableW
0x10022124 GetProcessHeap
0x10022128 SetFilePointerEx
0x1002212c SetStdHandle
0x10022130 HeapSize
0x10022134 FlushFileBuffers
0x10022138 WriteFile
0x1002213c GetConsoleOutputCP
0x10022140 WriteConsoleW
WININET.dll
0x10022148 InternetOpenW
0x1002214c InternetOpenUrlA
0x10022150 InternetCloseHandle
0x10022154 InternetReadFile
EAT(Export Address Table) Library
0x10002d40 MpAddDynamicSignatureFile
0x10002d40 MpAllocMemory
0x10002d40 MpAmsiCloseSession
0x10002d40 MpAmsiNotify
0x10002d40 MpAmsiScan
0x10002d40 MpAsrSetHipsUserExclusion
0x10002d40 MpChangeCapability
0x10002d40 MpCheckAccessForClipboardOperation
0x10002d40 MpCheckAccessForClipboardOperationEx
0x10002d40 MpCheckAccessForClipboardOperationEx2
0x10002d40 MpCheckAccessForDragDropOperation
0x10002d40 MpCheckAccessForDragDropOperation2
0x10002d40 MpCheckAccessForPrintOperation
0x10002d40 MpCheckAccessForPrintOperation2
0x10002d40 MpCleanControl
0x10002d40 MpCleanOpen
0x10002d40 MpCleanPrecheckStart
0x10002d40 MpCleanStart
0x10002d40 MpClientUtilExportFunctions
0x10002d40 MpClose
0x10002d40 MpConfigClose
0x10002d40 MpConfigDelValue
0x10002d40 MpConfigGetValue
0x10002d40 MpConfigGetValueAlloc
0x10002d40 MpConfigInitialize
0x10002d40 MpConfigIteratorClose
0x10002d40 MpConfigIteratorEnum
0x10002d40 MpConfigIteratorEnumV2
0x10002d40 MpConfigIteratorOpen
0x10002d40 MpConfigOpen
0x10002d40 MpConfigQueryProtection
0x10002d40 MpConfigRefresh
0x10002d40 MpConfigRegisterForNotifications
0x10002d40 MpConfigSetValue
0x10002d40 MpConfigUninitialize
0x10002d40 MpConfigUnregisterNotifications
0x10002d40 MpConveyDlpBypass
0x10002d40 MpConveySampleSubmissionResult
0x10002d40 MpConveyUserChoiceForDlpNotification
0x10002d40 MpConveyUserChoiceForDlpNotificationEx
0x10002d40 MpConveyUserChoiceForSampleList
0x10002d40 MpCreateComInstance
0x10002d40 MpDbgAllocMemory
0x10002d40 MpDebugExportFunctions
0x10002d40 MpDefenderIsPrintAccessCheckNeeded
0x10002d40 MpDefenderPrintAccessCheck
0x10002d40 MpDefenderPrintDataProvide
0x10002d40 MpDelegateCopyFile
0x10002d40 MpDeleteAsrHistory
0x10002d40 MpDetectionEnumerate
0x10002d40 MpDetectionQuery
0x10002d40 MpDeviceControlAuthenticateNetworkShare
0x10002d40 MpDeviceControlValidateDataDuplicationRemoteLocationConfiguration
0x10002d40 MpDlpCheckAccessForBuffer
0x10002d40 MpDlpDelegateEnforcement
0x10002d40 MpDlpGetEvidenceFileUrl
0x10002d40 MpDlpGetOperationEnforcmentMode
0x10002d40 MpDlpInitializeEnforcementMode
0x10002d40 MpDlpNotifyCloseDocumentFile
0x10002d40 MpDlpNotifyPostOpenDocumentFile
0x10002d40 MpDlpNotifyPostSaveAsDocument
0x10002d40 MpDlpNotifyPostStartPrint
0x10002d40 MpDlpNotifyPreOpenDocumentFile
0x10002d40 MpDlpNotifyPrePrint
0x10002d40 MpDlpNotifyPreSaveAsDocument
0x10002d40 MpDynamicSignatureEnumerate
0x10002d40 MpDynamicSignatureOpen
0x10002d40 MpElevateCleanHandle
0x10002d40 MpElevationHandleAcquire
0x10002d40 MpElevationHandleActivate
0x10002d40 MpElevationHandleAttach
0x10002d40 MpElevationHandleOpen
0x10002d40 MpErrorMessageFormat
0x10002d40 MpFastMemoryScan
0x10002d40 MpFastMemoryScanOpen
0x10002d40 MpFlushLowfiCache
0x10002d40 MpForcedReboot
0x10002d40 MpFreeFileTrustExtraInfo
0x10002d40 MpFreeMemory
0x10002d40 MpFreeTSModeInfo
0x10002d40 MpGenerateSignature
0x10002d40 MpGenerateSignatureEx
0x10002d40 MpGenerateThreatReport
0x10002d40 MpGetASRPerRuleExclusions
0x10002d40 MpGetAsrBlockedActionInfos
0x10002d40 MpGetAsrBlockedActions
0x10002d40 MpGetAsrBlockedProcesses
0x10002d40 MpGetCallistoDetections
0x10002d40 MpGetCopyAcceleratorProcessStatus
0x10002d40 MpGetDevMode
0x10002d40 MpGetDeviceControlSecurityPolicies
0x10002d40 MpGetDeviceControlStatus
0x10002d40 MpGetDlpEvents
0x10002d40 MpGetEngineVersion
0x10002d40 MpGetFCValue
0x10002d40 MpGetHIPSRuleInfo
0x10002d40 MpGetMAPSConnectivityStatusInfo
0x10002d40 MpGetNpSupportFile
0x10002d40 MpGetRunningMode
0x10002d40 MpGetSACInfo
0x10002d40 MpGetSampleChunk
0x10002d40 MpGetSampleListRequiringConsent
0x10002d40 MpGetTDTFeatureStatus
0x10002d40 MpGetTDTFeatureStatusEx
0x10002d40 MpGetTPStateInfo
0x10002d40 MpGetTSModeInfo
0x10002d40 MpGetTaskSchedulerStrings
0x10002d40 MpGetThreatExecutionInfo
0x10002d40 MpHandleClose
0x10002d40 MpIsDeviceControlAvailable
0x10002d40 MpIsGivenRunningModeSupported
0x10002d40 MpIsRtpAutoEnable
0x10002d40 MpManagerDisable
0x10002d40 MpManagerEnable
0x10002d40 MpManagerOpen
0x10002d40 MpManagerStatusQuery
0x10002d40 MpManagerStatusQueryEx
0x10002d40 MpManagerVersionQuery
0x10002d40 MpManagerXBGMDisable
0x10002d40 MpManagerXBGMEnable
0x10002d40 MpMemoryScanStart
0x10002d40 MpNetworkCapture
0x10002d40 MpNotificationRegister
0x10002d40 MpOfflineScanInstall
0x10002d40 MpOfflineScanStatusQuery
0x10002d40 MpOpen
0x10002d40 MpProductGenuineCheck
0x10002d40 MpQuarantineRequest
0x10002d40 MpQueryDefaultFolderGuardList
0x10002d40 MpQueryEngineConfigDword
0x10002d40 MpQueryFileTrustByHandle
0x10002d40 MpQueryFileTrustByHandle2
0x10002d40 MpRemapCallistoDetections
0x10002d40 MpRemoveDynamicSignatureFile
0x10002d40 MpReportClipboardOwner
0x10002d40 MpRequestSnooze
0x10002d40 MpRollbackPlatform
0x10002d40 MpSampleQuery
0x10002d40 MpSampleSubmit
0x10002d40 MpScanControl
0x10002d40 MpScanResult
0x10002d40 MpScanStart
0x10002d40 MpScanStartEx
0x10002d40 MpSendBrowserHeartbeat
0x10002d40 MpServiceLogMessage
0x10002d40 MpSetBreakTheGlassStatus
0x10002d40 MpSetTPState
0x10002d40 MpSetUacElevationDefaultWindowHandle
0x10002d40 MpShowDlpDetailsDialog
0x10002d40 MpShutdownCopyAcceleratorProcess
0x10002d40 MpSmartLockerEnable
0x10002d40 MpTelemetryAddToAverageDWORD
0x10002d40 MpTelemetryAddToStreamDWORD
0x10002d40 MpTelemetryAddToStreamDWORD64
0x10002d40 MpTelemetryAddToStreamString
0x10002d40 MpTelemetryIncrementDWORD
0x10002d40 MpTelemetryInitialize
0x10002d40 MpTelemetryIsOptIn
0x10002d40 MpTelemetryLiteralAddToAverageDWORD
0x10002d40 MpTelemetryLiteralAddToStreamDWORD
0x10002d40 MpTelemetryLiteralAddToStreamDWORD64
0x10002d40 MpTelemetryLiteralAddToStreamString
0x10002d40 MpTelemetryLiteralIncrementDWORD
0x10002d40 MpTelemetryLiteralSetDWORD
0x10002d40 MpTelemetryLiteralSetDWORD64
0x10002d40 MpTelemetryLiteralSetIfMaxDWORD
0x10002d40 MpTelemetryLiteralSetIfMinDWORD
0x10002d40 MpTelemetryLiteralSetString
0x10002d40 MpTelemetrySetConsent
0x10002d40 MpTelemetrySetDWORD
0x10002d40 MpTelemetrySetDWORD64
0x10002d40 MpTelemetrySetIfMaxDWORD
0x10002d40 MpTelemetrySetIfMinDWORD
0x10002d40 MpTelemetrySetString
0x10002d40 MpTelemetryUninitialize
0x10002d40 MpTelemetryUpdateUserConsent
0x10002d40 MpTelemetryUpload
0x10002d40 MpThreatAction
0x10002d40 MpThreatEnumerate
0x10002d40 MpThreatHistoryRequest
0x10002d40 MpThreatLocalizedInfoQuery
0x10002d40 MpThreatOpen
0x10002d40 MpThreatQuery
0x10002d40 MpThreatRollup
0x10002d40 MpTriggerErrorHeartbeatReport
0x10002d40 MpTriggerHeartbeatOnUninstall
0x10002d40 MpTriggerStatusRefreshNotification
0x10002d40 MpUnblockEngine
0x10002d40 MpUnblockPlatform
0x10002d40 MpUnblockSignatures
0x10002d40 MpUpdateBrowserActiveTab
0x10002d40 MpUpdateControl
0x10002d40 MpUpdateDevMode
0x10002d40 MpUpdateEngine
0x10002d40 MpUpdatePlatform
0x10002d40 MpUpdateStart
0x10002d40 MpUpdateStartEx
0x10002d40 MpUpdateTSMode
0x10002d40 MpUpdateTSModeEx
0x10002d50 MpUtilsExportFunctions
0x10002d40 MpWDEnable
0x10002d40 MpXBGMEnable
0x10002d40 MpXBGMFreeEvent
0x10002d40 MpXBGMGetData
0x10002d40 MpXBGMPutData
0x10002d40 MpXBGMUpdateIV
0x10002d40 MputAddToAverageDWORD64Rpc
0x10002d40 MputAddToAverageDWORDRpc
0x10002d40 MputIncrementDWORD64Rpc
0x10002d40 MputIncrementDWORDRpc
0x10002d40 MputSetBoolRpc
0x10002d40 MputSetDWORD64Rpc
0x10002d40 MputSetDWORDRpc
0x10002d40 MputSetIfMaxDWORD64Rpc
0x10002d40 MputSetIfMaxDWORDRpc
0x10002d40 MputSetIfMinDWORD64Rpc
0x10002d40 MputSetIfMinDWORDRpc
0x10002d40 MputSetStringRpc
0x10002d40 WDEnable
0x10002d40 WDStatus
KERNEL32.dll
0x10022000 VirtualFree
0x10022004 VirtualAlloc
0x10022008 GetCurrentDirectoryA
0x1002200c Sleep
0x10022010 CopyFileA
0x10022014 FreeConsole
0x10022018 CreateThread
0x1002201c CreateFileW
0x10022020 CloseHandle
0x10022024 GetConsoleMode
0x10022028 WideCharToMultiByte
0x1002202c EnterCriticalSection
0x10022030 LeaveCriticalSection
0x10022034 InitializeCriticalSectionEx
0x10022038 DeleteCriticalSection
0x1002203c EncodePointer
0x10022040 DecodePointer
0x10022044 MultiByteToWideChar
0x10022048 LCMapStringEx
0x1002204c GetStringTypeW
0x10022050 GetCPInfo
0x10022054 IsProcessorFeaturePresent
0x10022058 UnhandledExceptionFilter
0x1002205c SetUnhandledExceptionFilter
0x10022060 GetCurrentProcess
0x10022064 TerminateProcess
0x10022068 QueryPerformanceCounter
0x1002206c GetCurrentProcessId
0x10022070 GetCurrentThreadId
0x10022074 GetSystemTimeAsFileTime
0x10022078 InitializeSListHead
0x1002207c IsDebuggerPresent
0x10022080 GetStartupInfoW
0x10022084 GetModuleHandleW
0x10022088 RtlUnwind
0x1002208c RaiseException
0x10022090 InterlockedFlushSList
0x10022094 GetLastError
0x10022098 SetLastError
0x1002209c InitializeCriticalSectionAndSpinCount
0x100220a0 TlsAlloc
0x100220a4 TlsGetValue
0x100220a8 TlsSetValue
0x100220ac TlsFree
0x100220b0 FreeLibrary
0x100220b4 GetProcAddress
0x100220b8 LoadLibraryExW
0x100220bc QueryPerformanceFrequency
0x100220c0 ExitProcess
0x100220c4 GetModuleHandleExW
0x100220c8 GetModuleFileNameW
0x100220cc HeapAlloc
0x100220d0 HeapFree
0x100220d4 GetStdHandle
0x100220d8 GetFileType
0x100220dc CompareStringW
0x100220e0 LCMapStringW
0x100220e4 GetLocaleInfoW
0x100220e8 IsValidLocale
0x100220ec GetUserDefaultLCID
0x100220f0 EnumSystemLocalesW
0x100220f4 HeapReAlloc
0x100220f8 FindClose
0x100220fc FindFirstFileExW
0x10022100 FindNextFileW
0x10022104 IsValidCodePage
0x10022108 GetACP
0x1002210c GetOEMCP
0x10022110 GetCommandLineA
0x10022114 GetCommandLineW
0x10022118 GetEnvironmentStringsW
0x1002211c FreeEnvironmentStringsW
0x10022120 SetEnvironmentVariableW
0x10022124 GetProcessHeap
0x10022128 SetFilePointerEx
0x1002212c SetStdHandle
0x10022130 HeapSize
0x10022134 FlushFileBuffers
0x10022138 WriteFile
0x1002213c GetConsoleOutputCP
0x10022140 WriteConsoleW
WININET.dll
0x10022148 InternetOpenW
0x1002214c InternetOpenUrlA
0x10022150 InternetCloseHandle
0x10022154 InternetReadFile
EAT(Export Address Table) Library
0x10002d40 MpAddDynamicSignatureFile
0x10002d40 MpAllocMemory
0x10002d40 MpAmsiCloseSession
0x10002d40 MpAmsiNotify
0x10002d40 MpAmsiScan
0x10002d40 MpAsrSetHipsUserExclusion
0x10002d40 MpChangeCapability
0x10002d40 MpCheckAccessForClipboardOperation
0x10002d40 MpCheckAccessForClipboardOperationEx
0x10002d40 MpCheckAccessForClipboardOperationEx2
0x10002d40 MpCheckAccessForDragDropOperation
0x10002d40 MpCheckAccessForDragDropOperation2
0x10002d40 MpCheckAccessForPrintOperation
0x10002d40 MpCheckAccessForPrintOperation2
0x10002d40 MpCleanControl
0x10002d40 MpCleanOpen
0x10002d40 MpCleanPrecheckStart
0x10002d40 MpCleanStart
0x10002d40 MpClientUtilExportFunctions
0x10002d40 MpClose
0x10002d40 MpConfigClose
0x10002d40 MpConfigDelValue
0x10002d40 MpConfigGetValue
0x10002d40 MpConfigGetValueAlloc
0x10002d40 MpConfigInitialize
0x10002d40 MpConfigIteratorClose
0x10002d40 MpConfigIteratorEnum
0x10002d40 MpConfigIteratorEnumV2
0x10002d40 MpConfigIteratorOpen
0x10002d40 MpConfigOpen
0x10002d40 MpConfigQueryProtection
0x10002d40 MpConfigRefresh
0x10002d40 MpConfigRegisterForNotifications
0x10002d40 MpConfigSetValue
0x10002d40 MpConfigUninitialize
0x10002d40 MpConfigUnregisterNotifications
0x10002d40 MpConveyDlpBypass
0x10002d40 MpConveySampleSubmissionResult
0x10002d40 MpConveyUserChoiceForDlpNotification
0x10002d40 MpConveyUserChoiceForDlpNotificationEx
0x10002d40 MpConveyUserChoiceForSampleList
0x10002d40 MpCreateComInstance
0x10002d40 MpDbgAllocMemory
0x10002d40 MpDebugExportFunctions
0x10002d40 MpDefenderIsPrintAccessCheckNeeded
0x10002d40 MpDefenderPrintAccessCheck
0x10002d40 MpDefenderPrintDataProvide
0x10002d40 MpDelegateCopyFile
0x10002d40 MpDeleteAsrHistory
0x10002d40 MpDetectionEnumerate
0x10002d40 MpDetectionQuery
0x10002d40 MpDeviceControlAuthenticateNetworkShare
0x10002d40 MpDeviceControlValidateDataDuplicationRemoteLocationConfiguration
0x10002d40 MpDlpCheckAccessForBuffer
0x10002d40 MpDlpDelegateEnforcement
0x10002d40 MpDlpGetEvidenceFileUrl
0x10002d40 MpDlpGetOperationEnforcmentMode
0x10002d40 MpDlpInitializeEnforcementMode
0x10002d40 MpDlpNotifyCloseDocumentFile
0x10002d40 MpDlpNotifyPostOpenDocumentFile
0x10002d40 MpDlpNotifyPostSaveAsDocument
0x10002d40 MpDlpNotifyPostStartPrint
0x10002d40 MpDlpNotifyPreOpenDocumentFile
0x10002d40 MpDlpNotifyPrePrint
0x10002d40 MpDlpNotifyPreSaveAsDocument
0x10002d40 MpDynamicSignatureEnumerate
0x10002d40 MpDynamicSignatureOpen
0x10002d40 MpElevateCleanHandle
0x10002d40 MpElevationHandleAcquire
0x10002d40 MpElevationHandleActivate
0x10002d40 MpElevationHandleAttach
0x10002d40 MpElevationHandleOpen
0x10002d40 MpErrorMessageFormat
0x10002d40 MpFastMemoryScan
0x10002d40 MpFastMemoryScanOpen
0x10002d40 MpFlushLowfiCache
0x10002d40 MpForcedReboot
0x10002d40 MpFreeFileTrustExtraInfo
0x10002d40 MpFreeMemory
0x10002d40 MpFreeTSModeInfo
0x10002d40 MpGenerateSignature
0x10002d40 MpGenerateSignatureEx
0x10002d40 MpGenerateThreatReport
0x10002d40 MpGetASRPerRuleExclusions
0x10002d40 MpGetAsrBlockedActionInfos
0x10002d40 MpGetAsrBlockedActions
0x10002d40 MpGetAsrBlockedProcesses
0x10002d40 MpGetCallistoDetections
0x10002d40 MpGetCopyAcceleratorProcessStatus
0x10002d40 MpGetDevMode
0x10002d40 MpGetDeviceControlSecurityPolicies
0x10002d40 MpGetDeviceControlStatus
0x10002d40 MpGetDlpEvents
0x10002d40 MpGetEngineVersion
0x10002d40 MpGetFCValue
0x10002d40 MpGetHIPSRuleInfo
0x10002d40 MpGetMAPSConnectivityStatusInfo
0x10002d40 MpGetNpSupportFile
0x10002d40 MpGetRunningMode
0x10002d40 MpGetSACInfo
0x10002d40 MpGetSampleChunk
0x10002d40 MpGetSampleListRequiringConsent
0x10002d40 MpGetTDTFeatureStatus
0x10002d40 MpGetTDTFeatureStatusEx
0x10002d40 MpGetTPStateInfo
0x10002d40 MpGetTSModeInfo
0x10002d40 MpGetTaskSchedulerStrings
0x10002d40 MpGetThreatExecutionInfo
0x10002d40 MpHandleClose
0x10002d40 MpIsDeviceControlAvailable
0x10002d40 MpIsGivenRunningModeSupported
0x10002d40 MpIsRtpAutoEnable
0x10002d40 MpManagerDisable
0x10002d40 MpManagerEnable
0x10002d40 MpManagerOpen
0x10002d40 MpManagerStatusQuery
0x10002d40 MpManagerStatusQueryEx
0x10002d40 MpManagerVersionQuery
0x10002d40 MpManagerXBGMDisable
0x10002d40 MpManagerXBGMEnable
0x10002d40 MpMemoryScanStart
0x10002d40 MpNetworkCapture
0x10002d40 MpNotificationRegister
0x10002d40 MpOfflineScanInstall
0x10002d40 MpOfflineScanStatusQuery
0x10002d40 MpOpen
0x10002d40 MpProductGenuineCheck
0x10002d40 MpQuarantineRequest
0x10002d40 MpQueryDefaultFolderGuardList
0x10002d40 MpQueryEngineConfigDword
0x10002d40 MpQueryFileTrustByHandle
0x10002d40 MpQueryFileTrustByHandle2
0x10002d40 MpRemapCallistoDetections
0x10002d40 MpRemoveDynamicSignatureFile
0x10002d40 MpReportClipboardOwner
0x10002d40 MpRequestSnooze
0x10002d40 MpRollbackPlatform
0x10002d40 MpSampleQuery
0x10002d40 MpSampleSubmit
0x10002d40 MpScanControl
0x10002d40 MpScanResult
0x10002d40 MpScanStart
0x10002d40 MpScanStartEx
0x10002d40 MpSendBrowserHeartbeat
0x10002d40 MpServiceLogMessage
0x10002d40 MpSetBreakTheGlassStatus
0x10002d40 MpSetTPState
0x10002d40 MpSetUacElevationDefaultWindowHandle
0x10002d40 MpShowDlpDetailsDialog
0x10002d40 MpShutdownCopyAcceleratorProcess
0x10002d40 MpSmartLockerEnable
0x10002d40 MpTelemetryAddToAverageDWORD
0x10002d40 MpTelemetryAddToStreamDWORD
0x10002d40 MpTelemetryAddToStreamDWORD64
0x10002d40 MpTelemetryAddToStreamString
0x10002d40 MpTelemetryIncrementDWORD
0x10002d40 MpTelemetryInitialize
0x10002d40 MpTelemetryIsOptIn
0x10002d40 MpTelemetryLiteralAddToAverageDWORD
0x10002d40 MpTelemetryLiteralAddToStreamDWORD
0x10002d40 MpTelemetryLiteralAddToStreamDWORD64
0x10002d40 MpTelemetryLiteralAddToStreamString
0x10002d40 MpTelemetryLiteralIncrementDWORD
0x10002d40 MpTelemetryLiteralSetDWORD
0x10002d40 MpTelemetryLiteralSetDWORD64
0x10002d40 MpTelemetryLiteralSetIfMaxDWORD
0x10002d40 MpTelemetryLiteralSetIfMinDWORD
0x10002d40 MpTelemetryLiteralSetString
0x10002d40 MpTelemetrySetConsent
0x10002d40 MpTelemetrySetDWORD
0x10002d40 MpTelemetrySetDWORD64
0x10002d40 MpTelemetrySetIfMaxDWORD
0x10002d40 MpTelemetrySetIfMinDWORD
0x10002d40 MpTelemetrySetString
0x10002d40 MpTelemetryUninitialize
0x10002d40 MpTelemetryUpdateUserConsent
0x10002d40 MpTelemetryUpload
0x10002d40 MpThreatAction
0x10002d40 MpThreatEnumerate
0x10002d40 MpThreatHistoryRequest
0x10002d40 MpThreatLocalizedInfoQuery
0x10002d40 MpThreatOpen
0x10002d40 MpThreatQuery
0x10002d40 MpThreatRollup
0x10002d40 MpTriggerErrorHeartbeatReport
0x10002d40 MpTriggerHeartbeatOnUninstall
0x10002d40 MpTriggerStatusRefreshNotification
0x10002d40 MpUnblockEngine
0x10002d40 MpUnblockPlatform
0x10002d40 MpUnblockSignatures
0x10002d40 MpUpdateBrowserActiveTab
0x10002d40 MpUpdateControl
0x10002d40 MpUpdateDevMode
0x10002d40 MpUpdateEngine
0x10002d40 MpUpdatePlatform
0x10002d40 MpUpdateStart
0x10002d40 MpUpdateStartEx
0x10002d40 MpUpdateTSMode
0x10002d40 MpUpdateTSModeEx
0x10002d50 MpUtilsExportFunctions
0x10002d40 MpWDEnable
0x10002d40 MpXBGMEnable
0x10002d40 MpXBGMFreeEvent
0x10002d40 MpXBGMGetData
0x10002d40 MpXBGMPutData
0x10002d40 MpXBGMUpdateIV
0x10002d40 MputAddToAverageDWORD64Rpc
0x10002d40 MputAddToAverageDWORDRpc
0x10002d40 MputIncrementDWORD64Rpc
0x10002d40 MputIncrementDWORDRpc
0x10002d40 MputSetBoolRpc
0x10002d40 MputSetDWORD64Rpc
0x10002d40 MputSetDWORDRpc
0x10002d40 MputSetIfMaxDWORD64Rpc
0x10002d40 MputSetIfMaxDWORDRpc
0x10002d40 MputSetIfMinDWORD64Rpc
0x10002d40 MputSetIfMinDWORDRpc
0x10002d40 MputSetStringRpc
0x10002d40 WDEnable
0x10002d40 WDStatus