ScreenShot
| Created | 2024.08.19 10:50 | Machine | s1_win7_x6401 |
| Filename | explorer.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | d08504a4718a999e104aef407bb43123 | ||
| sha256 | 171b3ec192254af967ca5094420ee3014f6c2687d6e1e7dffdfd5be80761443a | ||
| ssdeep | 49152:tkamLlBJK997NwT2KMCYg0sfWCfHvX/Rhvybrz7k8PVu/7j4+Qxz59BmDYM5cK3V:aTIn5Prf64UfAZDG9bw8a0so | ||
| imphash | f832a3210ce364d59c55c2105020ae3d | ||
| impfuzzy | 768:Nh6W3N5GJO+3mCjI5lwfvtuULsCFBuy7VBiX16RzQVcwiMosw:b61O+3mCc5lwfvQULsCFBu8i82ov | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (11cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | HermeticWiper_Zero | HermeticWiper | binaries (upload) |
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| warning | PhysicalDrive_20181001 | (no description) | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
msvcp_win.dll
0x14035a808 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14035a810 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14035a818 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14035a820 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14035a828 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14035a830 ?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14035a838 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035a840 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14035a848 ?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14035a850 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035a858 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035a860 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x14035a868 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035a870 ?_Winerror_map@std@@YAHH@Z
0x14035a878 ?_Syserror_map@std@@YAPEBDH@Z
0x14035a880 ?_ReportUnobservedException@details@Concurrency@@YAXXZ
0x14035a888 _Cnd_wait
0x14035a890 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14035a898 ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
0x14035a8a0 ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
0x14035a8a8 ?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
0x14035a8b0 ?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8b8 ?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
0x14035a8c0 ?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8c8 ?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8d0 ?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
0x14035a8d8 ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
0x14035a8e0 ?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8e8 ?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
0x14035a8f0 ?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14035a8f8 ?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
0x14035a900 ?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
0x14035a908 ?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
0x14035a910 ?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
0x14035a918 ?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
0x14035a920 ?tolower@?$ctype@G@std@@QEBAGG@Z
0x14035a928 ?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
0x14035a930 ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
0x14035a938 ?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
0x14035a940 _Wcscoll
0x14035a948 _Wcsxfrm
0x14035a950 ?id@?$collate@G@std@@2V0locale@2@A
0x14035a958 ??Bid@locale@std@@QEAA_KXZ
0x14035a960 ?id@?$ctype@G@std@@2V0locale@2@A
0x14035a968 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14035a970 ??0facet@locale@std@@IEAA@_K@Z
0x14035a978 ??1facet@locale@std@@MEAA@XZ
0x14035a980 ??0_Lockit@std@@QEAA@H@Z
0x14035a988 ??0_Locinfo@std@@QEAA@PEBD@Z
0x14035a990 ?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
0x14035a998 ??1_Lockit@std@@QEAA@XZ
0x14035a9a0 ??1_Locinfo@std@@QEAA@XZ
0x14035a9a8 ?is@?$ctype@G@std@@QEBA_NFG@Z
0x14035a9b0 ?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14035a9b8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14035a9c0 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x14035a9c8 ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035a9d0 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x14035a9d8 ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035a9e0 ?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
0x14035a9e8 ?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a9f0 ?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a9f8 ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035aa00 ?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
0x14035aa08 ?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
0x14035aa10 ?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
0x14035aa18 ?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
0x14035aa20 ?uncaught_exception@std@@YA_NXZ
0x14035aa28 ?good@ios_base@std@@QEBA_NXZ
0x14035aa30 ?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
0x14035aa38 ?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
0x14035aa40 ?width@ios_base@std@@QEBA_JXZ
0x14035aa48 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035aa50 ?flags@ios_base@std@@QEBAHXZ
0x14035aa58 ?_Xbad_alloc@std@@YAXXZ
0x14035aa60 ?_Xout_of_range@std@@YAXPEBD@Z
0x14035aa68 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14035aa70 ?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
0x14035aa78 ?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
0x14035aa80 ?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
0x14035aa88 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14035aa90 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14035aa98 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14035aaa0 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14035aaa8 ?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aab0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14035aab8 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
0x14035aac0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aac8 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aad0 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14035aad8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aae0 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14035aae8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14035aaf0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14035aaf8 _Thrd_yield
0x14035ab00 ?_Xbad_function_call@std@@YAXXZ
0x14035ab08 ?__ExceptionPtrCreate@@YAXPEAX@Z
0x14035ab10 ?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
0x14035ab18 ?__ExceptionPtrDestroy@@YAXPEAX@Z
0x14035ab20 ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
0x14035ab28 ?width@ios_base@std@@QEAA_J_J@Z
0x14035ab30 ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
0x14035ab38 ?__ExceptionPtrCurrentException@@YAXPEAX@Z
0x14035ab40 ?__ExceptionPtrRethrow@@YAXPEBX@Z
0x14035ab48 ?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
0x14035ab50 _Thrd_detach
0x14035ab58 ?_Throw_C_error@std@@YAXH@Z
0x14035ab60 ?_Throw_Cpp_error@std@@YAXH@Z
0x14035ab68 _Thrd_join
0x14035ab70 _Thrd_id
0x14035ab78 ?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
0x14035ab80 _Cnd_do_broadcast_at_thread_exit
0x14035ab88 ?_Incref@facet@locale@std@@UEAAXXZ
0x14035ab90 _Mtx_lock
0x14035ab98 _Mtx_unlock
0x14035aba0 ?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-crt-runtime-l1-1-0.dll
0x14035a0b0 _c_exit
0x14035a0b8 _initterm_e
0x14035a0c0 _initterm
0x14035a0c8 _set_error_mode
0x14035a0d0 _register_thread_local_exe_atexit_callback
api-ms-win-crt-string-l1-1-0.dll
0x14035a0e0 wcsncmp
0x14035a0e8 wcscspn
0x14035a0f0 memset
0x14035a0f8 strncmp
0x14035a100 wcscmp
api-ms-win-crt-time-l1-1-0.dll
0x14035a110 _time64
api-ms-win-crt-private-l1-1-0.dll
0x140359e78 _o_free
0x140359e80 _o_iswspace
0x140359e88 _o_lround
0x140359e90 _o_lroundf
0x140359e98 _o_malloc
0x140359ea0 _o_memcpy_s
0x140359ea8 _o_pow
0x140359eb0 _o_realloc
0x140359eb8 _o_sqrt
0x140359ec0 _o_terminate
0x140359ec8 _o_wcscat_s
0x140359ed0 _o_wcscpy_s
0x140359ed8 _o_wcsncpy_s
0x140359ee0 _o_wcstol
0x140359ee8 _o_wcstoll
0x140359ef0 __C_specific_handler
0x140359ef8 __current_exception
0x140359f00 __current_exception_context
0x140359f08 __CxxFrameHandler3
0x140359f10 _o__ltow_s
0x140359f18 _o_ceilf
0x140359f20 _o_ceil
0x140359f28 __C_specific_handler_noexcept
0x140359f30 _o__localtime64
0x140359f38 _o__wcsnicmp
0x140359f40 _o__wcslwr_s
0x140359f48 _o__wcsicmp
0x140359f50 _o_fmod
0x140359f58 _o_exit
0x140359f60 _o__itow_s
0x140359f68 _o__itoa_s
0x140359f70 _o__set_new_mode
0x140359f78 _o__set_fmode
0x140359f80 _o__set_errno
0x140359f88 _o__set_app_type
0x140359f90 _o__seh_filter_exe
0x140359f98 _o__register_onexit_function
0x140359fa0 _o__recalloc
0x140359fa8 _o__purecall
0x140359fb0 _o_abort
0x140359fb8 _o__mktime64
0x140359fc0 _o_floorf
0x140359fc8 _o_floor
0x140359fd0 _o__wtoi
0x140359fd8 _o__invalid_parameter_noinfo_noreturn
0x140359fe0 _o__invalid_parameter_noinfo
0x140359fe8 _o__initialize_wide_environment
0x140359ff0 _o__initialize_onexit_table
0x140359ff8 _o__get_wide_winmain_command_line
0x14035a000 _o__get_errno
0x14035a008 _o__exit
0x14035a010 _o__errno
0x14035a018 _o__difftime64
0x14035a020 _o__crt_atexit
0x14035a028 _o__configure_wide_argv
0x14035a030 _o__configthreadlocale
0x14035a038 _o__cexit
0x14035a040 _o__beginthreadex
0x14035a048 _o___stdio_common_vswprintf
0x14035a050 _o___stdio_common_vsnwprintf_s
0x14035a058 _o___stdio_common_vsnprintf_s
0x14035a060 _o___std_exception_destroy
0x14035a068 _o___std_exception_copy
0x14035a070 _o___p__commode
0x14035a078 _o____lc_codepage_func
0x14035a080 wcsrchr
0x14035a088 wcsstr
0x14035a090 __std_terminate
0x14035a098 __CxxFrameHandler4
0x14035a0a0 _CxxThrowException
AEPIC.dll
0x140358708 PicFreeFileInfo
0x140358710 PicRetrieveFileInfo
TWINAPI.dll
0x140358c40 None
api-ms-win-core-job-l2-1-0.dll
0x140359530 OpenJobObjectW
0x140359538 AssignProcessToJobObject
0x140359540 CreateJobObjectW
0x140359548 QueryInformationJobObject
0x140359550 SetInformationJobObject
api-ms-win-core-windowserrorreporting-l1-1-3.dll
0x140359db8 RegisterApplicationRestart
api-ms-win-core-url-l1-1-0.dll
0x140359d60 PathIsURLW
0x140359d68 HashData
0x140359d70 UrlUnescapeW
api-ms-win-core-windowserrorreporting-l1-1-1.dll
0x140359da0 WerRegisterCustomMetadata
0x140359da8 WerUnregisterCustomMetadata
api-ms-win-core-kernel32-private-l1-1-0.dll
0x1403595b0 CheckElevation
0x1403595b8 CheckElevationEnabled
api-ms-win-core-registryuserspecific-l1-1-0.dll
0x140359988 SHRegGetBoolUSValueW
0x140359990 SHRegGetUSValueW
api-ms-win-core-com-private-l1-1-0.dll
0x1403592f0 CoRevokeInitializeSpy
0x1403592f8 CoRegisterInitializeSpy
0x140359300 CoRegisterMessageFilter
api-ms-win-core-atoms-l1-1-0.dll
0x1403591a0 GlobalGetAtomNameW
api-ms-win-core-sidebyside-l1-1-0.dll
0x140359a68 ActivateActCtx
0x140359a70 CreateActCtxW
0x140359a78 DeactivateActCtx
0x140359a80 ReleaseActCtx
ntdll.dll
0x14035abb0 NtDeviceIoControlFile
0x14035abb8 NtQueryWnfStateData
0x14035abc0 NtSetInformationProcess
0x14035abc8 NtQueryInformationProcess
0x14035abd0 RtlCaptureContext
0x14035abd8 WinSqmAddToStream
0x14035abe0 NtClose
0x14035abe8 RtlGetVersion
0x14035abf0 ZwQuerySystemInformation
0x14035abf8 ZwQueryValueKey
0x14035ac00 ZwOpenKey
0x14035ac08 ZwClose
0x14035ac10 RtlReAllocateHeap
0x14035ac18 ZwEnumerateValueKey
0x14035ac20 ZwCreateFile
0x14035ac28 NtQueryInformationFile
0x14035ac30 RtlAppendUnicodeToString
0x14035ac38 RtlAnsiStringToUnicodeString
0x14035ac40 RtlImageDirectoryEntryToData
0x14035ac48 ZwUnmapViewOfSection
0x14035ac50 RtlNtPathNameToDosPathName
0x14035ac58 RtlUpcaseUnicodeChar
0x14035ac60 ZwCreateSection
0x14035ac68 RtlxAnsiStringToUnicodeSize
0x14035ac70 ZwQueryInformationProcess
0x14035ac78 RtlpEnsureBufferSize
0x14035ac80 RtlGetNativeSystemInformation
0x14035ac88 RtlVerifyVersionInfo
0x14035ac90 ZwQueryDirectoryFile
0x14035ac98 ZwSetInformationProcess
0x14035aca0 RtlInitUnicodeStringEx
0x14035aca8 ZwMapViewOfSection
0x14035acb0 RtlFormatCurrentUserKeyPath
0x14035acb8 ZwEnumerateKey
0x14035acc0 RtlInitString
0x14035acc8 ZwOpenFile
0x14035acd0 ZwQueryInformationFile
0x14035acd8 LdrResSearchResource
0x14035ace0 RtlReleaseSRWLockShared
0x14035ace8 RtlAcquireSRWLockShared
0x14035acf0 RtlReleaseSRWLockExclusive
0x14035acf8 RtlAcquireSRWLockExclusive
0x14035ad00 RtlInitUnicodeString
0x14035ad08 RtlUnsubscribeWnfNotificationWaitForCompletion
0x14035ad10 RtlSubscribeWnfStateChangeNotification
0x14035ad18 RtlQueryWnfStateData
0x14035ad20 RtlFlushHeaps
0x14035ad28 NtSetSystemInformation
0x14035ad30 RtlPublishWnfStateData
0x14035ad38 RtlGetDeviceFamilyInfoEnum
0x14035ad40 RtlNtStatusToDosError
0x14035ad48 RtlLookupFunctionEntry
0x14035ad50 RtlVirtualUnwind
0x14035ad58 strchr
0x14035ad60 memmove_s
0x14035ad68 RtlDosPathNameToNtPathName_U_WithStatus
0x14035ad70 RtlFreeUnicodeString
0x14035ad78 wcschr
0x14035ad80 RtlAllocateHeap
0x14035ad88 RtlFreeHeap
0x14035ad90 RtlCompareUnicodeString
0x14035ad98 NtOpenProcessToken
0x14035ada0 NtQueryInformationToken
0x14035ada8 NtOpenThreadToken
0x14035adb0 wcsspn
0x14035adb8 WinSqmIsOptedIn
0x14035adc0 memcpy
0x14035adc8 memcmp
0x14035add0 memmove
0x14035add8 RtlAppendUnicodeStringToString
0x14035ade0 RtlRunOnceExecuteOnce
0x14035ade8 RtlCopyUnicodeString
0x14035adf0 RtlUpcaseUnicodeString
0x14035adf8 RtlNtStatusToDosErrorNoTeb
0x14035ae00 NtSetThreadExecutionState
0x14035ae08 NtPowerInformation
0x14035ae10 VerSetConditionMask
0x14035ae18 RtlQueryResourcePolicy
0x14035ae20 RtlQueryUnbiasedInterruptTime
0x14035ae28 NtQuerySystemInformation
0x14035ae30 RtlGetNtSystemRoot
0x14035ae38 NtOpenFile
api-ms-win-core-libraryloader-l1-2-0.dll
0x1403595d8 GetProcAddress
0x1403595e0 SizeofResource
0x1403595e8 FreeLibrary
0x1403595f0 LockResource
0x1403595f8 LoadResource
0x140359600 FindResourceExW
0x140359608 GetModuleHandleW
0x140359610 GetModuleHandleExW
0x140359618 LoadLibraryExW
0x140359620 GetModuleFileNameA
0x140359628 LoadStringW
0x140359630 GetModuleHandleA
0x140359638 FindStringOrdinal
0x140359640 GetModuleFileNameW
api-ms-win-core-synch-l1-2-0.dll
0x140359bf8 InitOnceComplete
0x140359c00 InitOnceBeginInitialize
0x140359c08 Sleep
0x140359c10 InitOnceExecuteOnce
api-ms-win-core-synch-l1-1-0.dll
0x140359b08 LeaveCriticalSection
0x140359b10 ReleaseSRWLockShared
0x140359b18 CreateMutexExW
0x140359b20 ReleaseSemaphore
0x140359b28 AcquireSRWLockShared
0x140359b30 EnterCriticalSection
0x140359b38 SleepEx
0x140359b40 DeleteCriticalSection
0x140359b48 InitializeCriticalSectionEx
0x140359b50 OpenMutexW
0x140359b58 OpenEventW
0x140359b60 WaitForSingleObject
0x140359b68 ReleaseMutex
0x140359b70 SetEvent
0x140359b78 TryEnterCriticalSection
0x140359b80 CreateEventW
0x140359b88 CreateEventExW
0x140359b90 WaitForSingleObjectEx
0x140359b98 InitializeSRWLock
0x140359ba0 InitializeCriticalSection
0x140359ba8 InitializeCriticalSectionAndSpinCount
0x140359bb0 ReleaseSRWLockExclusive
0x140359bb8 TryAcquireSRWLockShared
0x140359bc0 CreateSemaphoreExW
0x140359bc8 WaitForMultipleObjectsEx
0x140359bd0 AcquireSRWLockExclusive
0x140359bd8 CreateMutexW
0x140359be0 ResetEvent
0x140359be8 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140359478 HeapFree
0x140359480 HeapAlloc
0x140359488 GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0.dll
0x140359388 UnhandledExceptionFilter
0x140359390 SetUnhandledExceptionFilter
0x140359398 SetErrorMode
0x1403593a0 GetLastError
0x1403593a8 SetLastError
0x1403593b0 RaiseException
api-ms-win-core-file-l1-1-0.dll
0x1403593d0 GetFileAttributesExW
0x1403593d8 GetFileAttributesW
0x1403593e0 FindFirstFileW
0x1403593e8 FindNextFileW
0x1403593f0 FindClose
0x1403593f8 GetLongPathNameW
0x140359400 DeleteFileW
0x140359408 CompareFileTime
0x140359410 CreateFileW
0x140359418 WriteFile
api-ms-win-eventing-provider-l1-1-0.dll
0x14035a178 EventEnabled
0x14035a180 EventWriteTransfer
0x14035a188 EventRegister
0x14035a190 EventSetInformation
0x14035a198 EventUnregister
0x14035a1a0 EventActivityIdControl
0x14035a1a8 EventWrite
api-ms-win-core-threadpool-l1-2-0.dll
0x140359c80 CloseThreadpoolTimer
0x140359c88 CreateThreadpoolWork
0x140359c90 WaitForThreadpoolTimerCallbacks
0x140359c98 CreateThreadpoolTimer
0x140359ca0 CreateThreadpoolIo
0x140359ca8 StartThreadpoolIo
0x140359cb0 CancelThreadpoolIo
0x140359cb8 WaitForThreadpoolIoCallbacks
0x140359cc0 CloseThreadpoolIo
0x140359cc8 TrySubmitThreadpoolCallback
0x140359cd0 CloseThreadpoolWait
0x140359cd8 SubmitThreadpoolWork
0x140359ce0 SetThreadpoolTimer
0x140359ce8 WaitForThreadpoolWaitCallbacks
0x140359cf0 SetThreadpoolWait
0x140359cf8 CreateThreadpoolWait
api-ms-win-core-processthreads-l1-1-0.dll
0x140359788 GetCurrentThread
0x140359790 OpenProcessToken
0x140359798 GetCurrentProcess
0x1403597a0 GetCurrentThreadId
0x1403597a8 SetThreadPriorityBoost
0x1403597b0 GetCurrentProcessId
0x1403597b8 ProcessIdToSessionId
0x1403597c0 QueueUserAPC
0x1403597c8 TlsSetValue
0x1403597d0 TlsAlloc
0x1403597d8 TerminateProcess
0x1403597e0 GetThreadPriority
0x1403597e8 TlsGetValue
0x1403597f0 CreateProcessW
0x1403597f8 OpenThreadToken
0x140359800 TlsFree
0x140359808 CreateThread
0x140359810 SetPriorityClass
0x140359818 GetExitCodeProcess
0x140359820 SetThreadPriority
0x140359828 GetProcessId
0x140359830 OpenThread
0x140359838 UpdateProcThreadAttribute
0x140359840 ResumeThread
0x140359848 GetPriorityClass
0x140359850 InitializeProcThreadAttributeList
0x140359858 DeleteProcThreadAttributeList
0x140359860 SetProcessShutdownParameters
0x140359868 ExitProcess
0x140359870 GetStartupInfoW
api-ms-win-core-localization-l1-2-0.dll
0x140359668 FormatMessageW
0x140359670 FormatMessageA
0x140359678 GetCalendarInfoW
0x140359680 GetThreadUILanguage
0x140359688 GetLocaleInfoEx
0x140359690 GetLocaleInfoW
0x140359698 GetGeoInfoW
api-ms-win-core-debug-l1-1-0.dll
0x140359348 IsDebuggerPresent
0x140359350 DebugBreak
0x140359358 OutputDebugStringW
api-ms-win-core-handle-l1-1-0.dll
0x140359460 DuplicateHandle
0x140359468 CloseHandle
OLEAUT32.dll
0x140358840 SafeArrayDestroy
0x140358848 VarUI4FromStr
0x140358850 SysAllocString
0x140358858 SysFreeString
0x140358860 SafeArrayUnaccessData
0x140358868 SafeArrayCreate
0x140358870 VariantInit
0x140358878 VariantClear
0x140358880 SysStringLen
0x140358888 SysAllocStringByteLen
0x140358890 SafeArrayAccessData
api-ms-win-shcore-taskpool-l1-1-0.dll
0x14035a520 SHTaskPoolGetUniqueContext
0x14035a528 SHTaskPoolQueueTask
api-ms-win-shcore-sysinfo-l1-1-0.dll
0x14035a508 SetCurrentProcessExplicitAppUserModelID
0x14035a510 IsOS
api-ms-win-core-com-l1-1-0.dll
0x1403591d8 StringFromIID
0x1403591e0 CoCreateGuid
0x1403591e8 CLSIDFromString
0x1403591f0 CoCreateFreeThreadedMarshaler
0x1403591f8 CoTaskMemFree
0x140359200 CoFreeUnusedLibraries
0x140359208 CoRegisterClassObject
0x140359210 CoUninitialize
0x140359218 CoInitializeSecurity
0x140359220 CoEnableCallCancellation
0x140359228 CoDisableCallCancellation
0x140359230 CoCancelCall
0x140359238 IIDFromString
0x140359240 CoReleaseMarshalData
0x140359248 CoGetInterfaceAndReleaseStream
0x140359250 CoMarshalInterThreadInterfaceInStream
0x140359258 CreateStreamOnHGlobal
0x140359260 StringFromCLSID
0x140359268 CoTaskMemRealloc
0x140359270 CoInitializeEx
0x140359278 CoRevokeClassObject
0x140359280 PropVariantClear
0x140359288 CoGetApartmentType
0x140359290 StringFromGUID2
0x140359298 CoGetCallContext
0x1403592a0 CoGetObjectContext
0x1403592a8 CoTaskMemAlloc
0x1403592b0 CoWaitForMultipleHandles
0x1403592b8 CoGetMalloc
0x1403592c0 CoGetStdMarshalEx
0x1403592c8 CoSetProxyBlanket
0x1403592d0 CoCreateInstance
api-ms-win-core-shlwapi-obsolete-l1-1-0.dll
0x140359a10 StrToIntW
0x140359a18 StrChrW
0x140359a20 StrCmpNIW
0x140359a28 StrCmpW
0x140359a30 StrCmpIW
0x140359a38 StrChrIW
0x140359a40 StrCmpNICW
0x140359a48 QISearch
0x140359a50 StrCmpICW
0x140359a58 StrCmpICA
api-ms-win-shcore-obsolete-l1-1-0.dll
0x14035a440 SHStrDupW
api-ms-win-core-registry-l1-1-0.dll
0x1403598f8 RegQueryInfoKeyW
0x140359900 RegNotifyChangeKeyValue
0x140359908 RegQueryValueExW
0x140359910 RegDeleteKeyExW
0x140359918 RegCloseKey
0x140359920 RegDeleteTreeW
0x140359928 RegSetValueExW
0x140359930 RegOpenCurrentUser
0x140359938 RegCreateKeyExW
0x140359940 RegOpenKeyExW
0x140359948 RegEnumValueW
0x140359950 RegDeleteValueW
0x140359958 RegEnumKeyExW
0x140359960 RegGetValueW
0x140359968 RegLoadMUIStringW
api-ms-win-shcore-comhelpers-l1-1-0.dll
0x14035a418 IUnknown_Set
0x14035a420 IUnknown_QueryService
0x14035a428 IUnknown_SetSite
0x14035a430 IUnknown_GetSite
api-ms-win-core-heap-l2-1-0.dll
0x140359498 GlobalAlloc
0x1403594a0 GlobalFree
0x1403594a8 LocalFree
0x1403594b0 LocalAlloc
0x1403594b8 LocalReAlloc
api-ms-win-core-processthreads-l1-1-1.dll
0x140359880 OpenProcess
0x140359888 IsProcessorFeaturePresent
0x140359890 GetProcessMitigationPolicy
api-ms-win-core-datetime-l1-1-0.dll
0x140359320 GetDateFormatW
api-ms-win-core-sysinfo-l1-1-0.dll
0x140359c20 GetTickCount64
0x140359c28 GetSystemDirectoryW
0x140359c30 GetSystemTime
0x140359c38 GetTickCount
0x140359c40 GetWindowsDirectoryW
0x140359c48 GetSystemTimeAsFileTime
0x140359c50 GetVersionExW
0x140359c58 GetLocalTime
api-ms-win-core-datetime-l1-1-1.dll
0x140359330 GetDateFormatEx
0x140359338 GetTimeFormatEx
api-ms-win-core-processenvironment-l1-1-0.dll
0x140359750 ExpandEnvironmentStringsW
0x140359758 GetCommandLineW
0x140359760 GetCurrentDirectoryW
0x140359768 GetEnvironmentVariableW
0x140359770 SetEnvironmentVariableW
0x140359778 SearchPathW
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
0x1403599a0 PathRemoveBlanksW
0x1403599a8 PathGetArgsW
0x1403599b0 PathIsFileSpecW
0x1403599b8 PathFindFileNameW
0x1403599c0 PathCommonPrefixW
0x1403599c8 PathFindExtensionW
0x1403599d0 PathRemoveFileSpecW
0x1403599d8 PathParseIconLocationW
0x1403599e0 SHExpandEnvironmentStringsW
0x1403599e8 PathQuoteSpacesW
0x1403599f0 PathCombineW
0x1403599f8 PathGetDriveNumberW
0x140359a00 PathFileExistsW
api-ms-win-shcore-registry-l1-1-0.dll
0x14035a460 SHSetValueW
0x14035a468 SHGetValueW
0x14035a470 SHEnumKeyExW
0x14035a478 SHDeleteValueW
0x14035a480 SHRegGetValueW
0x14035a488 SHDeleteKeyW
0x14035a490 SHQueryInfoKeyW
api-ms-win-core-string-l1-1-0.dll
0x140359a90 CompareStringW
0x140359a98 MultiByteToWideChar
0x140359aa0 CompareStringOrdinal
0x140359aa8 WideCharToMultiByte
api-ms-win-core-winrt-string-l1-1-0.dll
0x140359e20 WindowsPromoteStringBuffer
0x140359e28 WindowsCompareStringOrdinal
0x140359e30 WindowsCreateString
0x140359e38 WindowsDeleteStringBuffer
0x140359e40 WindowsSubstringWithSpecifiedLength
0x140359e48 WindowsPreallocateStringBuffer
0x140359e50 WindowsGetStringRawBuffer
0x140359e58 WindowsDeleteString
0x140359e60 WindowsCreateStringReference
0x140359e68 WindowsDuplicateString
api-ms-win-shcore-thread-l1-1-0.dll
0x14035a538 SHCreateThreadRef
0x14035a540 SHSetThreadRef
0x14035a548 SHGetThreadRef
0x14035a550 SHCreateThread
0x14035a558 SetProcessReference
api-ms-win-core-libraryloader-l1-2-1.dll
0x140359650 FindResourceW
0x140359658 LoadLibraryW
api-ms-win-security-base-l1-1-0.dll
0x14035a358 SetKernelObjectSecurity
0x14035a360 EqualSid
0x14035a368 AllocateAndInitializeSid
0x14035a370 FreeSid
0x14035a378 CreateWellKnownSid
0x14035a380 GetTokenInformation
0x14035a388 CopySid
0x14035a390 GetSecurityDescriptorDacl
0x14035a398 IsValidSid
0x14035a3a0 InitializeAcl
0x14035a3a8 GetAclInformation
0x14035a3b0 GetAce
0x14035a3b8 MakeAbsoluteSD
0x14035a3c0 GetLengthSid
0x14035a3c8 DeleteAce
0x14035a3d0 AddAce
0x14035a3d8 CheckTokenMembership
0x14035a3e0 DuplicateToken
api-ms-win-core-psapi-l1-1-0.dll
0x1403598c8 K32EnumProcessModules
0x1403598d0 K32GetModuleFileNameExW
0x1403598d8 K32GetModuleBaseNameW
0x1403598e0 QueryFullProcessImageNameW
0x1403598e8 K32EnumProcesses
api-ms-win-core-version-l1-1-0.dll
0x140359d80 GetFileVersionInfoSizeExW
0x140359d88 GetFileVersionInfoExW
0x140359d90 VerQueryValueW
api-ms-win-eventing-classicprovider-l1-1-0.dll
0x14035a120 UnregisterTraceGuids
0x14035a128 RegisterTraceGuidsW
0x14035a130 TraceMessage
0x14035a138 GetTraceEnableFlags
0x14035a140 GetTraceLoggerHandle
0x14035a148 GetTraceEnableLevel
api-ms-win-core-localization-obsolete-l1-2-0.dll
0x1403596c8 GetUserDefaultUILanguage
api-ms-win-core-string-l2-1-1.dll
0x140359ad0 SHLoadIndirectString
api-ms-win-core-processthreads-l1-1-3.dll
0x1403598a0 SetProcessInformation
0x1403598a8 SetThreadDescription
api-ms-win-core-registry-l1-1-1.dll
0x140359978 RegSetKeyValueW
api-ms-win-core-winrt-l1-1-0.dll
0x140359df8 RoUninitialize
0x140359e00 RoGetActivationFactory
0x140359e08 RoActivateInstance
0x140359e10 RoInitialize
api-ms-win-core-com-l1-1-1.dll
0x1403592e0 RoGetAgileReference
api-ms-win-core-winrt-error-l1-1-0.dll
0x140359dc8 RoTransformError
0x140359dd0 RoOriginateError
0x140359dd8 SetRestrictedErrorInfo
api-ms-win-core-winrt-error-l1-1-1.dll
0x140359de8 RoGetMatchingRestrictedErrorInfo
api-ms-win-core-path-l1-1-0.dll
0x140359718 PathCchRemoveFileSpec
0x140359720 PathCchCombine
0x140359728 PathCchAppend
0x140359730 PathAllocCombine
0x140359738 PathCchAddExtension
0x140359740 PathCchSkipRoot
api-ms-win-shcore-unicodeansi-l1-1-0.dll
0x14035a568 SHAnsiToUnicode
api-ms-win-core-heap-obsolete-l1-1-0.dll
0x1403594c8 GlobalLock
0x1403594d0 GlobalUnlock
api-ms-win-core-string-obsolete-l1-1-0.dll
0x140359ae0 lstrlenW
0x140359ae8 lstrcmpiW
api-ms-win-core-memory-l1-1-0.dll
0x1403596d8 VirtualProtect
0x1403596e0 UnmapViewOfFile
0x1403596e8 MapViewOfFile
0x1403596f0 CreateFileMappingW
0x1403596f8 OpenFileMappingW
0x140359700 VirtualAlloc
0x140359708 VirtualFree
api-ms-win-core-commandlinetoargv-l1-1-0.dll
0x140359310 CommandLineToArgvW
api-ms-win-shcore-scaling-l1-1-1.dll
0x14035a4b0 GetDpiForMonitor
0x14035a4b8 None
api-ms-win-core-largeinteger-l1-1-0.dll
0x1403595c8 MulDiv
api-ms-win-shcore-stream-l1-1-0.dll
0x14035a4c8 SHOpenRegStream2W
0x14035a4d0 SHCreateMemStream
0x14035a4d8 SHCreateStreamOnFileEx
0x14035a4e0 SHCreateStreamOnFileW
0x14035a4e8 IStream_Read
0x14035a4f0 IStream_Write
0x14035a4f8 IStream_Reset
api-ms-win-core-file-l1-2-0.dll
0x140359428 GetTempPathW
api-ms-win-shcore-path-l1-1-0.dll
0x14035a450 None
api-ms-win-core-threadpool-legacy-l1-1-0.dll
0x140359d08 UnregisterWaitEx
0x140359d10 CreateTimerQueueTimer
0x140359d18 DeleteTimerQueueTimer
0x140359d20 ChangeTimerQueueTimer
api-ms-win-core-sysinfo-l1-2-0.dll
0x140359c68 GetProductInfo
0x140359c70 GetNativeSystemInfo
api-ms-win-core-localization-l1-2-3.dll
0x1403596b8 GetUserDefaultGeoName
USERENV.dll
0x140359010 DeriveAppContainerSidFromAppContainerName
0x140359018 GetProfileType
api-ms-win-core-timezone-l1-1-0.dll
0x140359d30 FileTimeToSystemTime
0x140359d38 SystemTimeToFileTime
0x140359d40 GetDynamicTimeZoneInformation
0x140359d48 GetTimeZoneInformation
0x140359d50 SystemTimeToTzSpecificLocalTime
api-ms-win-core-io-l1-1-0.dll
0x1403594f8 GetQueuedCompletionStatus
0x140359500 CreateIoCompletionPort
0x140359508 DeviceIoControl
0x140359510 CancelIoEx
api-ms-win-core-file-l2-1-0.dll
0x140359438 GetFileInformationByHandleEx
0x140359440 ReadDirectoryChangesW
api-ms-win-core-kernel32-legacy-l1-1-0.dll
0x140359560 GetComputerNameW
0x140359568 RegisterWaitForSingleObject
0x140359570 GetSystemPowerStatus
api-ms-win-core-profile-l1-1-0.dll
0x1403598b8 QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0.dll
0x1403594e0 InitializeSListHead
0x1403594e8 InterlockedPushEntrySList
api-ms-win-stateseparation-helpers-l1-1-0.dll
0x14035a720 GetPersistedRegistryLocationW
api-ms-win-security-lsalookup-l2-1-0.dll
0x14035a3f0 LookupAccountNameW
api-ms-win-core-string-l2-1-0.dll
0x140359ab8 CharNextW
0x140359ac0 CharLowerBuffW
api-ms-win-service-management-l2-1-0.dll
0x14035a400 QueryServiceConfigW
0x14035a408 NotifyServiceStatusChangeW
api-ms-win-shcore-registry-l1-1-1.dll
0x14035a4a0 SHRegGetValueFromHKCUHKLM
api-ms-win-core-errorhandling-l1-1-2.dll
0x1403593c0 RaiseFailFastException
api-ms-win-core-stringansi-l1-1-0.dll
0x140359af8 CharNextA
api-ms-win-power-base-l1-1-0.dll
0x14035a268 GetPwrCapabilities
0x14035a270 CallNtPowerInformation
api-ms-win-core-apiquery-l1-1-0.dll
0x140359190 ApiSetQueryApiSetPresence
api-ms-win-shlwapi-winrt-storage-l1-1-1.dll
0x14035a680 None
0x14035a688 None
0x14035a690 None
0x14035a698 AssocQueryStringW
0x14035a6a0 SHCreateWorkerWindowW
0x14035a6a8 None
0x14035a6b0 SHIsChildOrSelf
0x14035a6b8 SHPinDllOfCLSID
0x14035a6c0 None
0x14035a6c8 ShellMessageBoxW
0x14035a6d0 None
0x14035a6d8 None
0x14035a6e0 IUnknown_GetWindow
0x14035a6e8 StrRetToStrW
0x14035a6f0 StrRetToBufW
0x14035a6f8 None
0x14035a700 None
0x14035a708 None
0x14035a710 PathRemoveArgsW
api-ms-win-ntuser-sysparams-l1-1-0.dll
0x14035a218 EnumDisplayDevicesW
0x14035a220 EnumDisplayMonitors
0x14035a228 GetMonitorInfoW
0x14035a230 QueryDisplayConfig
0x14035a238 SystemParametersInfoW
0x14035a240 GetDisplayConfigBufferSizes
0x14035a248 GetSystemMetrics
api-ms-win-ntuser-rectangle-l1-1-0.dll
0x14035a1b8 IsRectEmpty
0x14035a1c0 InflateRect
0x14035a1c8 CopyRect
0x14035a1d0 SubtractRect
0x14035a1d8 SetRect
0x14035a1e0 OffsetRect
0x14035a1e8 IntersectRect
0x14035a1f0 EqualRect
0x14035a1f8 PtInRect
0x14035a200 SetRectEmpty
0x14035a208 UnionRect
api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
0x14035a2f8 NotifyWinEvent
0x14035a300 SetWinEventHook
0x14035a308 UnhookWinEvent
api-ms-win-shell-namespace-l1-1-0.dll
0x14035a5e0 ILRemoveLastID
0x14035a5e8 ILClone
0x14035a5f0 SHParseDisplayName
0x14035a5f8 SHBindToFolderIDListParent
0x14035a600 ILGetSize
0x14035a608 ILCloneFirst
0x14035a610 ILCombine
0x14035a618 SHCreateItemFromIDList
0x14035a620 SHGetNameFromIDList
0x14035a628 SHCreateItemFromParsingName
0x14035a630 SHGetIDListFromObject
0x14035a638 ILFree
0x14035a640 ILIsParent
0x14035a648 ILFindLastID
0x14035a650 SHBindToParent
0x14035a658 SHBindToObject
0x14035a660 ILIsEqual
dxgi.dll
0x14035a7f8 DXGIDeclareAdapterRemovalSupport
api-ms-win-rtcore-ntuser-wmpointer-l1-1-0.dll
0x14035a318 GetPointerInfo
0x14035a320 GetCurrentInputMessageSource
0x14035a328 EnableMouseInPointer
0x14035a330 GetPointerType
0x14035a338 GetPointerDevices
api-ms-win-storage-exports-internal-l1-1-0.dll
0x14035a730 SetThreadFlags
0x14035a738 GetThreadFlags
0x14035a740 SHGetKnownFolderIDList
0x14035a748 SHGetFolderPathEx
api-ms-win-rtcore-ntuser-synch-l1-1-0.dll
0x14035a2e0 MsgWaitForMultipleObjectsEx
0x14035a2e8 MsgWaitForMultipleObjects
api-ms-win-appmodel-runtime-l1-1-0.dll
0x140359140 GetPackagesByPackageFamily
0x140359148 GetPackageFullName
api-ms-win-rtcore-ntuser-wmpointer-l1-1-2.dll
0x14035a348 SetWindowFeedbackSetting
api-ms-win-rtcore-ntuser-clipboard-l1-1-0.dll
0x14035a290 RegisterClipboardFormatW
api-ms-win-shell-dataobject-l1-1-1.dll
0x14035a5d0 DragQueryFileW
api-ms-win-rtcore-ntuser-private-l1-1-0.dll
0x14035a2b8 GetWindowBand
0x14035a2c0 CreateWindowInBand
api-ms-win-rtcore-ntuser-powermanagement-l1-1-0.dll
0x14035a2a0 UnregisterPowerSettingNotification
0x14035a2a8 RegisterPowerSettingNotification
api-ms-win-shell-changenotify-l1-1-1.dll
0x14035a588 SHChangeNotification_Unlock
0x14035a590 SHChangeNotifyRegister
0x14035a598 SHHandleUpdateImage
0x14035a5a0 SHChangeNotification_Lock
0x14035a5a8 SHChangeNotifyRegisterThread
0x14035a5b0 SHChangeNotifyDeregister
PROPSYS.dll
0x1403588a0 InitVariantFromGUIDAsString
0x1403588a8 InitVariantFromResource
0x1403588b0 PSCreateMemoryPropertyStore
0x1403588b8 PropVariantToBoolean
0x1403588c0 PSPropertyBag_WriteStr
0x1403588c8 PropVariantToUInt32
0x1403588d0 PSPropertyBag_WriteDWORD
0x1403588d8 PropVariantToStringAlloc
0x1403588e0 PSGetPropertyFromPropertyStorage
api-ms-win-shell-changenotify-l1-1-0.dll
0x14035a578 SHChangeNotify
api-ms-win-shell-dataobject-l1-1-0.dll
0x14035a5c0 SHCreateDataObject
api-ms-win-appmodel-runtime-l1-1-1.dll
0x140359158 FindPackagesByPackageFamily
0x140359160 ParseApplicationUserModelId
WTSAPI32.dll
0x140359128 WTSUnRegisterSessionNotification
0x140359130 WTSRegisterSessionNotification
GDI32.dll
0x140358720 StretchBlt
0x140358728 ExcludeClipRect
0x140358730 SetStretchBltMode
0x140358738 Rectangle
0x140358740 GetCurrentObject
0x140358748 GetDeviceCaps
0x140358750 GetStockObject
0x140358758 SetRectRgn
0x140358760 OffsetRgn
0x140358768 CombineRgn
0x140358770 SelectClipRgn
0x140358778 DeleteObject
0x140358780 GetObjectW
0x140358788 DeleteDC
0x140358790 CreateCompatibleDC
0x140358798 SelectObject
0x1403587a0 GetClipBox
0x1403587a8 CreateFontIndirectW
0x1403587b0 CreateRectRgn
0x1403587b8 GetClipRgn
0x1403587c0 SetTextColor
0x1403587c8 SetTextAlign
0x1403587d0 GetTextMetricsW
0x1403587d8 ExtTextOutW
0x1403587e0 GetTextExtentPoint32W
0x1403587e8 CreateRectRgnIndirect
0x1403587f0 GetGlyphOutlineW
0x1403587f8 GetOutlineTextMetricsW
KERNEL32.dll
0x140358808 GetModuleHandleExA
0x140358810 IsBadWritePtr
0x140358818 RtlCompareMemory
0x140358820 HeapDestroy
0x140358828 HeapReAlloc
0x140358830 HeapSize
WININET.dll
0x140359118 InternetCrackUrlW
SHCORE.dll
0x140358930 None
0x140358938 None
0x140358940 None
0x140358948 None
0x140358950 None
0x140358958 None
0x140358960 None
0x140358968 None
0x140358970 None
0x140358978 None
0x140358980 None
0x140358988 SHUnicodeToAnsi
0x140358990 None
0x140358998 None
0x1403589a0 None
0x1403589a8 None
0x1403589b0 None
0x1403589b8 None
0x1403589c0 None
0x1403589c8 None
SHELL32.dll
0x1403589d8 None
0x1403589e0 None
0x1403589e8 None
0x1403589f0 None
0x1403589f8 None
0x140358a00 Shell_GetCachedImageIndexW
0x140358a08 None
0x140358a10 None
0x140358a18 None
0x140358a20 None
0x140358a28 SHAppBarMessage
0x140358a30 None
0x140358a38 None
0x140358a40 None
0x140358a48 None
0x140358a50 SHGetLocalizedName
0x140358a58 SHGetPropertyStoreForWindow
0x140358a60 None
0x140358a68 None
0x140358a70 SHEvaluateSystemCommandTemplate
0x140358a78 None
0x140358a80 ExtractIconExW
0x140358a88 None
0x140358a90 None
0x140358a98 Shell_NotifyIconW
0x140358aa0 Shell_NotifyIconGetRect
0x140358aa8 None
0x140358ab0 SHGetStockIconInfo
0x140358ab8 DuplicateIcon
0x140358ac0 ShellExecuteW
0x140358ac8 None
0x140358ad0 None
0x140358ad8 None
0x140358ae0 SHEnableServiceObject
0x140358ae8 None
0x140358af0 None
0x140358af8 SHAddToRecentDocs
0x140358b00 None
0x140358b08 SHUpdateRecycleBinIcon
0x140358b10 None
0x140358b18 SHFileOperationW
0x140358b20 SHGetPathFromIDListW
0x140358b28 None
0x140358b30 None
0x140358b38 None
0x140358b40 SHCreateItemInKnownFolder
0x140358b48 None
0x140358b50 None
0x140358b58 None
0x140358b60 None
0x140358b68 ShellExecuteExW
0x140358b70 None
0x140358b78 None
0x140358b80 None
0x140358b88 None
0x140358b90 None
0x140358b98 None
0x140358ba0 None
0x140358ba8 None
0x140358bb0 None
0x140358bb8 None
0x140358bc0 None
0x140358bc8 None
SHLWAPI.dll
0x140358bd8 None
0x140358be0 None
0x140358be8 PathIsDirectoryW
0x140358bf0 None
0x140358bf8 None
0x140358c00 None
0x140358c08 AssocQueryKeyW
0x140358c10 ChrCmpIW
0x140358c18 PathIsRelativeW
0x140358c20 AssocCreate
UxTheme.dll
0x140359028 OpenThemeData
0x140359030 GetThemeBool
0x140359038 GetThemeBackgroundExtent
0x140359040 IsThemePartDefined
0x140359048 GetThemeMargins
0x140359050 None
0x140359058 BufferedPaintSetAlpha
0x140359060 None
0x140359068 GetThemePartSize
0x140359070 OpenThemeDataForDpi
0x140359078 IsThemeActive
0x140359080 GetBufferedPaintBits
0x140359088 GetThemeInt
0x140359090 GetThemeColor
0x140359098 GetThemeMetric
0x1403590a0 SetWindowTheme
0x1403590a8 GetWindowTheme
0x1403590b0 BufferedPaintUnInit
0x1403590b8 EndBufferedPaint
0x1403590c0 BeginBufferedPaint
0x1403590c8 BufferedPaintInit
0x1403590d0 CloseThemeData
0x1403590d8 DrawThemeParentBackground
0x1403590e0 DrawThemeBackground
0x1403590e8 None
0x1403590f0 GetThemeFont
0x1403590f8 DrawThemeTextEx
0x140359100 IsCompositionActive
0x140359108 IsAppThemed
dwmapi.dll
0x14035a770 None
0x14035a778 DwmEnableBlurBehindWindow
0x14035a780 DwmGetWindowAttribute
0x14035a788 None
0x14035a790 None
0x14035a798 None
0x14035a7a0 DwmRegisterThumbnail
0x14035a7a8 None
0x14035a7b0 DwmQueryThumbnailSourceSize
0x14035a7b8 None
0x14035a7c0 DwmUpdateThumbnailProperties
0x14035a7c8 DwmIsCompositionEnabled
0x14035a7d0 DwmUnregisterThumbnail
0x14035a7d8 None
0x14035a7e0 None
0x14035a7e8 DwmSetWindowAttribute
USER32.dll
0x140358c50 CalculatePopupWindowPosition
0x140358c58 CopyIcon
0x140358c60 GetLastInputInfo
0x140358c68 GetCursorFrameInfo
0x140358c70 AdjustWindowRect
0x140358c78 GetDpiForWindow
0x140358c80 SetWindowCompositionAttribute
0x140358c88 SetGestureConfig
0x140358c90 LoadImageW
0x140358c98 CheckMenuItem
0x140358ca0 EnableMenuItem
0x140358ca8 GetDoubleClickTime
0x140358cb0 SetMenuDefaultItem
0x140358cb8 TrackPopupMenuEx
0x140358cc0 DeleteMenu
0x140358cc8 FillRect
0x140358cd0 DrawTextW
0x140358cd8 IsWindowUnicode
0x140358ce0 LoadAcceleratorsW
0x140358ce8 ChangeWindowMessageFilterEx
0x140358cf0 TranslateAcceleratorW
0x140358cf8 MonitorFromWindow
0x140358d00 SetMenuItemInfoW
0x140358d08 SetCursor
0x140358d10 RemoveMenu
0x140358d18 ReleaseCapture
0x140358d20 LoadCursorW
0x140358d28 None
0x140358d30 GetSystemMetricsForDpi
0x140358d38 DrawIconEx
0x140358d40 DestroyIcon
0x140358d48 CopyImage
0x140358d50 GetSysColor
0x140358d58 GetCaretBlinkTime
0x140358d60 InjectKeyboardInput
0x140358d68 MapVirtualKeyExW
0x140358d70 InjectMouseInput
0x140358d78 LockWorkStation
0x140358d80 TileWindows
0x140358d88 GetCapture
0x140358d90 SendInput
0x140358d98 SetDesktopColorTransform
0x140358da0 UnregisterClassA
0x140358da8 None
0x140358db0 MonitorFromRect
0x140358db8 GetGuiResources
0x140358dc0 IsHungAppWindow
0x140358dc8 None
0x140358dd0 CascadeWindows
0x140358dd8 HungWindowFromGhostWindow
0x140358de0 LoadIconW
0x140358de8 IsIconic
0x140358df0 DestroyMenu
0x140358df8 LoadMenuW
0x140358e00 GetSubMenu
0x140358e08 CreateIconIndirect
0x140358e10 SetCapture
0x140358e18 GetMenuDefaultItem
0x140358e20 CreatePopupMenu
0x140358e28 GetMenuItemInfoW
0x140358e30 MonitorFromPoint
0x140358e38 ReplyMessage
0x140358e40 GetAsyncKeyState
0x140358e48 ModifyMenuW
0x140358e50 GetSystemMenu
0x140358e58 GetSysColorBrush
0x140358e60 SetLayeredWindowAttributes
0x140358e68 GetIconInfoExW
0x140358e70 GetIconInfo
0x140358e78 GetClassWord
0x140358e80 GetClassLongW
0x140358e88 GetPhysicalCursorPos
0x140358e90 GetCursorInfo
0x140358e98 ShowWindowAsync
0x140358ea0 SwitchToThisWindow
0x140358ea8 ReleaseDC
0x140358eb0 InsertMenuW
0x140358eb8 BringWindowToTop
0x140358ec0 None
0x140358ec8 GhostWindowFromHungWindow
0x140358ed0 EndTask
0x140358ed8 IsTopLevelWindow
0x140358ee0 GetMenuState
0x140358ee8 SetScrollInfo
0x140358ef0 GetScrollInfo
0x140358ef8 SetScrollPos
0x140358f00 GetMenuStringW
0x140358f08 InternalGetWindowText
0x140358f10 GetLayeredWindowAttributes
0x140358f18 DrawTextExW
0x140358f20 IsProcessDPIAware
0x140358f28 SetThreadDpiAwarenessContext
0x140358f30 GetLastActivePopup
0x140358f38 GetWindowCompositionAttribute
0x140358f40 GetWindowProcessHandle
0x140358f48 GetClassLongPtrW
0x140358f50 UpdateLayeredWindow
0x140358f58 None
0x140358f60 UnregisterHotKey
0x140358f68 GetDC
0x140358f70 UnregisterClassW
0x140358f78 None
0x140358f80 WindowFromDC
0x140358f88 GetMenuInfo
0x140358f90 SetMenuInfo
0x140358f98 GetDpiForSystem
0x140358fa0 GetWindowDpiAwarenessContext
0x140358fa8 AreDpiAwarenessContextsEqual
0x140358fb0 CharLowerW
0x140358fb8 IsCharAlphaNumericW
0x140358fc0 RegisterHotKey
0x140358fc8 GetMenuItemCount
0x140358fd0 DefWindowProcA
0x140358fd8 SendDlgItemMessageW
0x140358fe0 EndDialog
0x140358fe8 ExitWindowsEx
0x140358ff0 TrackMouseEvent
0x140358ff8 AdjustWindowRectEx
0x140359000 GetKeyState
SspiCli.dll
0x140358c30 GetUserNameExW
api-ms-win-core-delayload-l1-1-1.dll
0x140359378 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x140359368 DelayLoadFailureHook
api-ms-win-core-localization-l1-2-2.dll
0x1403596a8 LCIDToLocaleName
api-ms-win-core-kernel32-legacy-l1-1-1.dll
0x140359580 PowerSetRequest
0x140359588 PowerCreateRequest
0x140359590 VerifyVersionInfoW
api-ms-win-oobe-notification-l1-1-0.dll
0x14035a258 OOBEComplete
api-ms-win-core-file-l2-1-2.dll
0x140359450 CopyFileW
api-ms-win-core-kernel32-legacy-l1-1-2.dll
0x1403595a0 SetTermsrvAppInstallMode
api-ms-win-shell-shdirectory-l1-1-0.dll
0x14035a670 None
api-ms-win-eventing-controller-l1-1-0.dll
0x14035a158 StopTraceW
0x14035a160 StartTraceW
0x14035a168 EnableTraceEx2
api-ms-win-core-job-l1-1-0.dll
0x140359520 IsProcessInJob
RPCRT4.dll
0x1403588f0 RpcStringBindingComposeW
0x1403588f8 RpcBindingFromStringBindingW
0x140358900 I_RpcExceptionFilter
0x140358908 RpcBindingSetAuthInfoExW
0x140358910 RpcStringFreeW
0x140358918 RpcBindingFree
0x140358920 NdrClientCall3
api-ms-win-appmodel-runtime-l1-1-3.dll
0x140359170 GetStagedPackagePathByFullName2
api-ms-win-core-biptcltapi-l1-1-7.dll
0x1403591b0 BiPtQueryWorkItem
0x1403591b8 BiPtFreeMemory
0x1403591c0 BiPtAssociateApplicationEntryPoint
0x1403591c8 BiPtEnumerateWorkItemsForPackageName
api-ms-win-appmodel-unlock-l1-1-0.dll
0x140359180 IsDeveloperModeEnabled
api-ms-win-rtcore-ntuser-shell-l1-1-0.dll
0x14035a2d0 GetShellWindow
api-ms-win-ro-typeresolution-l1-1-1.dll
0x14035a280 RoCreatePropertySetSerializer
combase.dll
0x14035a758 GetErrorInfo
0x14035a760 SetErrorInfo
EAT(Export Address Table) Library
0x1403e0dd8 g_trayTriageBlock
msvcp_win.dll
0x14035a808 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14035a810 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14035a818 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14035a820 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14035a828 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14035a830 ?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14035a838 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035a840 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14035a848 ?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14035a850 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035a858 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035a860 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x14035a868 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035a870 ?_Winerror_map@std@@YAHH@Z
0x14035a878 ?_Syserror_map@std@@YAPEBDH@Z
0x14035a880 ?_ReportUnobservedException@details@Concurrency@@YAXXZ
0x14035a888 _Cnd_wait
0x14035a890 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14035a898 ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
0x14035a8a0 ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
0x14035a8a8 ?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
0x14035a8b0 ?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8b8 ?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
0x14035a8c0 ?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8c8 ?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8d0 ?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
0x14035a8d8 ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
0x14035a8e0 ?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a8e8 ?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
0x14035a8f0 ?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14035a8f8 ?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
0x14035a900 ?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
0x14035a908 ?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
0x14035a910 ?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
0x14035a918 ?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
0x14035a920 ?tolower@?$ctype@G@std@@QEBAGG@Z
0x14035a928 ?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
0x14035a930 ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
0x14035a938 ?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
0x14035a940 _Wcscoll
0x14035a948 _Wcsxfrm
0x14035a950 ?id@?$collate@G@std@@2V0locale@2@A
0x14035a958 ??Bid@locale@std@@QEAA_KXZ
0x14035a960 ?id@?$ctype@G@std@@2V0locale@2@A
0x14035a968 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14035a970 ??0facet@locale@std@@IEAA@_K@Z
0x14035a978 ??1facet@locale@std@@MEAA@XZ
0x14035a980 ??0_Lockit@std@@QEAA@H@Z
0x14035a988 ??0_Locinfo@std@@QEAA@PEBD@Z
0x14035a990 ?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
0x14035a998 ??1_Lockit@std@@QEAA@XZ
0x14035a9a0 ??1_Locinfo@std@@QEAA@XZ
0x14035a9a8 ?is@?$ctype@G@std@@QEBA_NFG@Z
0x14035a9b0 ?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14035a9b8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14035a9c0 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x14035a9c8 ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035a9d0 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x14035a9d8 ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035a9e0 ?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
0x14035a9e8 ?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a9f0 ?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
0x14035a9f8 ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
0x14035aa00 ?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
0x14035aa08 ?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
0x14035aa10 ?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
0x14035aa18 ?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
0x14035aa20 ?uncaught_exception@std@@YA_NXZ
0x14035aa28 ?good@ios_base@std@@QEBA_NXZ
0x14035aa30 ?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
0x14035aa38 ?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
0x14035aa40 ?width@ios_base@std@@QEBA_JXZ
0x14035aa48 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14035aa50 ?flags@ios_base@std@@QEBAHXZ
0x14035aa58 ?_Xbad_alloc@std@@YAXXZ
0x14035aa60 ?_Xout_of_range@std@@YAXPEBD@Z
0x14035aa68 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14035aa70 ?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
0x14035aa78 ?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
0x14035aa80 ?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
0x14035aa88 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14035aa90 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14035aa98 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14035aaa0 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14035aaa8 ?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aab0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14035aab8 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
0x14035aac0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aac8 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aad0 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14035aad8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14035aae0 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14035aae8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14035aaf0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14035aaf8 _Thrd_yield
0x14035ab00 ?_Xbad_function_call@std@@YAXXZ
0x14035ab08 ?__ExceptionPtrCreate@@YAXPEAX@Z
0x14035ab10 ?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
0x14035ab18 ?__ExceptionPtrDestroy@@YAXPEAX@Z
0x14035ab20 ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
0x14035ab28 ?width@ios_base@std@@QEAA_J_J@Z
0x14035ab30 ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
0x14035ab38 ?__ExceptionPtrCurrentException@@YAXPEAX@Z
0x14035ab40 ?__ExceptionPtrRethrow@@YAXPEBX@Z
0x14035ab48 ?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
0x14035ab50 _Thrd_detach
0x14035ab58 ?_Throw_C_error@std@@YAXH@Z
0x14035ab60 ?_Throw_Cpp_error@std@@YAXH@Z
0x14035ab68 _Thrd_join
0x14035ab70 _Thrd_id
0x14035ab78 ?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
0x14035ab80 _Cnd_do_broadcast_at_thread_exit
0x14035ab88 ?_Incref@facet@locale@std@@UEAAXXZ
0x14035ab90 _Mtx_lock
0x14035ab98 _Mtx_unlock
0x14035aba0 ?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-crt-runtime-l1-1-0.dll
0x14035a0b0 _c_exit
0x14035a0b8 _initterm_e
0x14035a0c0 _initterm
0x14035a0c8 _set_error_mode
0x14035a0d0 _register_thread_local_exe_atexit_callback
api-ms-win-crt-string-l1-1-0.dll
0x14035a0e0 wcsncmp
0x14035a0e8 wcscspn
0x14035a0f0 memset
0x14035a0f8 strncmp
0x14035a100 wcscmp
api-ms-win-crt-time-l1-1-0.dll
0x14035a110 _time64
api-ms-win-crt-private-l1-1-0.dll
0x140359e78 _o_free
0x140359e80 _o_iswspace
0x140359e88 _o_lround
0x140359e90 _o_lroundf
0x140359e98 _o_malloc
0x140359ea0 _o_memcpy_s
0x140359ea8 _o_pow
0x140359eb0 _o_realloc
0x140359eb8 _o_sqrt
0x140359ec0 _o_terminate
0x140359ec8 _o_wcscat_s
0x140359ed0 _o_wcscpy_s
0x140359ed8 _o_wcsncpy_s
0x140359ee0 _o_wcstol
0x140359ee8 _o_wcstoll
0x140359ef0 __C_specific_handler
0x140359ef8 __current_exception
0x140359f00 __current_exception_context
0x140359f08 __CxxFrameHandler3
0x140359f10 _o__ltow_s
0x140359f18 _o_ceilf
0x140359f20 _o_ceil
0x140359f28 __C_specific_handler_noexcept
0x140359f30 _o__localtime64
0x140359f38 _o__wcsnicmp
0x140359f40 _o__wcslwr_s
0x140359f48 _o__wcsicmp
0x140359f50 _o_fmod
0x140359f58 _o_exit
0x140359f60 _o__itow_s
0x140359f68 _o__itoa_s
0x140359f70 _o__set_new_mode
0x140359f78 _o__set_fmode
0x140359f80 _o__set_errno
0x140359f88 _o__set_app_type
0x140359f90 _o__seh_filter_exe
0x140359f98 _o__register_onexit_function
0x140359fa0 _o__recalloc
0x140359fa8 _o__purecall
0x140359fb0 _o_abort
0x140359fb8 _o__mktime64
0x140359fc0 _o_floorf
0x140359fc8 _o_floor
0x140359fd0 _o__wtoi
0x140359fd8 _o__invalid_parameter_noinfo_noreturn
0x140359fe0 _o__invalid_parameter_noinfo
0x140359fe8 _o__initialize_wide_environment
0x140359ff0 _o__initialize_onexit_table
0x140359ff8 _o__get_wide_winmain_command_line
0x14035a000 _o__get_errno
0x14035a008 _o__exit
0x14035a010 _o__errno
0x14035a018 _o__difftime64
0x14035a020 _o__crt_atexit
0x14035a028 _o__configure_wide_argv
0x14035a030 _o__configthreadlocale
0x14035a038 _o__cexit
0x14035a040 _o__beginthreadex
0x14035a048 _o___stdio_common_vswprintf
0x14035a050 _o___stdio_common_vsnwprintf_s
0x14035a058 _o___stdio_common_vsnprintf_s
0x14035a060 _o___std_exception_destroy
0x14035a068 _o___std_exception_copy
0x14035a070 _o___p__commode
0x14035a078 _o____lc_codepage_func
0x14035a080 wcsrchr
0x14035a088 wcsstr
0x14035a090 __std_terminate
0x14035a098 __CxxFrameHandler4
0x14035a0a0 _CxxThrowException
AEPIC.dll
0x140358708 PicFreeFileInfo
0x140358710 PicRetrieveFileInfo
TWINAPI.dll
0x140358c40 None
api-ms-win-core-job-l2-1-0.dll
0x140359530 OpenJobObjectW
0x140359538 AssignProcessToJobObject
0x140359540 CreateJobObjectW
0x140359548 QueryInformationJobObject
0x140359550 SetInformationJobObject
api-ms-win-core-windowserrorreporting-l1-1-3.dll
0x140359db8 RegisterApplicationRestart
api-ms-win-core-url-l1-1-0.dll
0x140359d60 PathIsURLW
0x140359d68 HashData
0x140359d70 UrlUnescapeW
api-ms-win-core-windowserrorreporting-l1-1-1.dll
0x140359da0 WerRegisterCustomMetadata
0x140359da8 WerUnregisterCustomMetadata
api-ms-win-core-kernel32-private-l1-1-0.dll
0x1403595b0 CheckElevation
0x1403595b8 CheckElevationEnabled
api-ms-win-core-registryuserspecific-l1-1-0.dll
0x140359988 SHRegGetBoolUSValueW
0x140359990 SHRegGetUSValueW
api-ms-win-core-com-private-l1-1-0.dll
0x1403592f0 CoRevokeInitializeSpy
0x1403592f8 CoRegisterInitializeSpy
0x140359300 CoRegisterMessageFilter
api-ms-win-core-atoms-l1-1-0.dll
0x1403591a0 GlobalGetAtomNameW
api-ms-win-core-sidebyside-l1-1-0.dll
0x140359a68 ActivateActCtx
0x140359a70 CreateActCtxW
0x140359a78 DeactivateActCtx
0x140359a80 ReleaseActCtx
ntdll.dll
0x14035abb0 NtDeviceIoControlFile
0x14035abb8 NtQueryWnfStateData
0x14035abc0 NtSetInformationProcess
0x14035abc8 NtQueryInformationProcess
0x14035abd0 RtlCaptureContext
0x14035abd8 WinSqmAddToStream
0x14035abe0 NtClose
0x14035abe8 RtlGetVersion
0x14035abf0 ZwQuerySystemInformation
0x14035abf8 ZwQueryValueKey
0x14035ac00 ZwOpenKey
0x14035ac08 ZwClose
0x14035ac10 RtlReAllocateHeap
0x14035ac18 ZwEnumerateValueKey
0x14035ac20 ZwCreateFile
0x14035ac28 NtQueryInformationFile
0x14035ac30 RtlAppendUnicodeToString
0x14035ac38 RtlAnsiStringToUnicodeString
0x14035ac40 RtlImageDirectoryEntryToData
0x14035ac48 ZwUnmapViewOfSection
0x14035ac50 RtlNtPathNameToDosPathName
0x14035ac58 RtlUpcaseUnicodeChar
0x14035ac60 ZwCreateSection
0x14035ac68 RtlxAnsiStringToUnicodeSize
0x14035ac70 ZwQueryInformationProcess
0x14035ac78 RtlpEnsureBufferSize
0x14035ac80 RtlGetNativeSystemInformation
0x14035ac88 RtlVerifyVersionInfo
0x14035ac90 ZwQueryDirectoryFile
0x14035ac98 ZwSetInformationProcess
0x14035aca0 RtlInitUnicodeStringEx
0x14035aca8 ZwMapViewOfSection
0x14035acb0 RtlFormatCurrentUserKeyPath
0x14035acb8 ZwEnumerateKey
0x14035acc0 RtlInitString
0x14035acc8 ZwOpenFile
0x14035acd0 ZwQueryInformationFile
0x14035acd8 LdrResSearchResource
0x14035ace0 RtlReleaseSRWLockShared
0x14035ace8 RtlAcquireSRWLockShared
0x14035acf0 RtlReleaseSRWLockExclusive
0x14035acf8 RtlAcquireSRWLockExclusive
0x14035ad00 RtlInitUnicodeString
0x14035ad08 RtlUnsubscribeWnfNotificationWaitForCompletion
0x14035ad10 RtlSubscribeWnfStateChangeNotification
0x14035ad18 RtlQueryWnfStateData
0x14035ad20 RtlFlushHeaps
0x14035ad28 NtSetSystemInformation
0x14035ad30 RtlPublishWnfStateData
0x14035ad38 RtlGetDeviceFamilyInfoEnum
0x14035ad40 RtlNtStatusToDosError
0x14035ad48 RtlLookupFunctionEntry
0x14035ad50 RtlVirtualUnwind
0x14035ad58 strchr
0x14035ad60 memmove_s
0x14035ad68 RtlDosPathNameToNtPathName_U_WithStatus
0x14035ad70 RtlFreeUnicodeString
0x14035ad78 wcschr
0x14035ad80 RtlAllocateHeap
0x14035ad88 RtlFreeHeap
0x14035ad90 RtlCompareUnicodeString
0x14035ad98 NtOpenProcessToken
0x14035ada0 NtQueryInformationToken
0x14035ada8 NtOpenThreadToken
0x14035adb0 wcsspn
0x14035adb8 WinSqmIsOptedIn
0x14035adc0 memcpy
0x14035adc8 memcmp
0x14035add0 memmove
0x14035add8 RtlAppendUnicodeStringToString
0x14035ade0 RtlRunOnceExecuteOnce
0x14035ade8 RtlCopyUnicodeString
0x14035adf0 RtlUpcaseUnicodeString
0x14035adf8 RtlNtStatusToDosErrorNoTeb
0x14035ae00 NtSetThreadExecutionState
0x14035ae08 NtPowerInformation
0x14035ae10 VerSetConditionMask
0x14035ae18 RtlQueryResourcePolicy
0x14035ae20 RtlQueryUnbiasedInterruptTime
0x14035ae28 NtQuerySystemInformation
0x14035ae30 RtlGetNtSystemRoot
0x14035ae38 NtOpenFile
api-ms-win-core-libraryloader-l1-2-0.dll
0x1403595d8 GetProcAddress
0x1403595e0 SizeofResource
0x1403595e8 FreeLibrary
0x1403595f0 LockResource
0x1403595f8 LoadResource
0x140359600 FindResourceExW
0x140359608 GetModuleHandleW
0x140359610 GetModuleHandleExW
0x140359618 LoadLibraryExW
0x140359620 GetModuleFileNameA
0x140359628 LoadStringW
0x140359630 GetModuleHandleA
0x140359638 FindStringOrdinal
0x140359640 GetModuleFileNameW
api-ms-win-core-synch-l1-2-0.dll
0x140359bf8 InitOnceComplete
0x140359c00 InitOnceBeginInitialize
0x140359c08 Sleep
0x140359c10 InitOnceExecuteOnce
api-ms-win-core-synch-l1-1-0.dll
0x140359b08 LeaveCriticalSection
0x140359b10 ReleaseSRWLockShared
0x140359b18 CreateMutexExW
0x140359b20 ReleaseSemaphore
0x140359b28 AcquireSRWLockShared
0x140359b30 EnterCriticalSection
0x140359b38 SleepEx
0x140359b40 DeleteCriticalSection
0x140359b48 InitializeCriticalSectionEx
0x140359b50 OpenMutexW
0x140359b58 OpenEventW
0x140359b60 WaitForSingleObject
0x140359b68 ReleaseMutex
0x140359b70 SetEvent
0x140359b78 TryEnterCriticalSection
0x140359b80 CreateEventW
0x140359b88 CreateEventExW
0x140359b90 WaitForSingleObjectEx
0x140359b98 InitializeSRWLock
0x140359ba0 InitializeCriticalSection
0x140359ba8 InitializeCriticalSectionAndSpinCount
0x140359bb0 ReleaseSRWLockExclusive
0x140359bb8 TryAcquireSRWLockShared
0x140359bc0 CreateSemaphoreExW
0x140359bc8 WaitForMultipleObjectsEx
0x140359bd0 AcquireSRWLockExclusive
0x140359bd8 CreateMutexW
0x140359be0 ResetEvent
0x140359be8 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140359478 HeapFree
0x140359480 HeapAlloc
0x140359488 GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0.dll
0x140359388 UnhandledExceptionFilter
0x140359390 SetUnhandledExceptionFilter
0x140359398 SetErrorMode
0x1403593a0 GetLastError
0x1403593a8 SetLastError
0x1403593b0 RaiseException
api-ms-win-core-file-l1-1-0.dll
0x1403593d0 GetFileAttributesExW
0x1403593d8 GetFileAttributesW
0x1403593e0 FindFirstFileW
0x1403593e8 FindNextFileW
0x1403593f0 FindClose
0x1403593f8 GetLongPathNameW
0x140359400 DeleteFileW
0x140359408 CompareFileTime
0x140359410 CreateFileW
0x140359418 WriteFile
api-ms-win-eventing-provider-l1-1-0.dll
0x14035a178 EventEnabled
0x14035a180 EventWriteTransfer
0x14035a188 EventRegister
0x14035a190 EventSetInformation
0x14035a198 EventUnregister
0x14035a1a0 EventActivityIdControl
0x14035a1a8 EventWrite
api-ms-win-core-threadpool-l1-2-0.dll
0x140359c80 CloseThreadpoolTimer
0x140359c88 CreateThreadpoolWork
0x140359c90 WaitForThreadpoolTimerCallbacks
0x140359c98 CreateThreadpoolTimer
0x140359ca0 CreateThreadpoolIo
0x140359ca8 StartThreadpoolIo
0x140359cb0 CancelThreadpoolIo
0x140359cb8 WaitForThreadpoolIoCallbacks
0x140359cc0 CloseThreadpoolIo
0x140359cc8 TrySubmitThreadpoolCallback
0x140359cd0 CloseThreadpoolWait
0x140359cd8 SubmitThreadpoolWork
0x140359ce0 SetThreadpoolTimer
0x140359ce8 WaitForThreadpoolWaitCallbacks
0x140359cf0 SetThreadpoolWait
0x140359cf8 CreateThreadpoolWait
api-ms-win-core-processthreads-l1-1-0.dll
0x140359788 GetCurrentThread
0x140359790 OpenProcessToken
0x140359798 GetCurrentProcess
0x1403597a0 GetCurrentThreadId
0x1403597a8 SetThreadPriorityBoost
0x1403597b0 GetCurrentProcessId
0x1403597b8 ProcessIdToSessionId
0x1403597c0 QueueUserAPC
0x1403597c8 TlsSetValue
0x1403597d0 TlsAlloc
0x1403597d8 TerminateProcess
0x1403597e0 GetThreadPriority
0x1403597e8 TlsGetValue
0x1403597f0 CreateProcessW
0x1403597f8 OpenThreadToken
0x140359800 TlsFree
0x140359808 CreateThread
0x140359810 SetPriorityClass
0x140359818 GetExitCodeProcess
0x140359820 SetThreadPriority
0x140359828 GetProcessId
0x140359830 OpenThread
0x140359838 UpdateProcThreadAttribute
0x140359840 ResumeThread
0x140359848 GetPriorityClass
0x140359850 InitializeProcThreadAttributeList
0x140359858 DeleteProcThreadAttributeList
0x140359860 SetProcessShutdownParameters
0x140359868 ExitProcess
0x140359870 GetStartupInfoW
api-ms-win-core-localization-l1-2-0.dll
0x140359668 FormatMessageW
0x140359670 FormatMessageA
0x140359678 GetCalendarInfoW
0x140359680 GetThreadUILanguage
0x140359688 GetLocaleInfoEx
0x140359690 GetLocaleInfoW
0x140359698 GetGeoInfoW
api-ms-win-core-debug-l1-1-0.dll
0x140359348 IsDebuggerPresent
0x140359350 DebugBreak
0x140359358 OutputDebugStringW
api-ms-win-core-handle-l1-1-0.dll
0x140359460 DuplicateHandle
0x140359468 CloseHandle
OLEAUT32.dll
0x140358840 SafeArrayDestroy
0x140358848 VarUI4FromStr
0x140358850 SysAllocString
0x140358858 SysFreeString
0x140358860 SafeArrayUnaccessData
0x140358868 SafeArrayCreate
0x140358870 VariantInit
0x140358878 VariantClear
0x140358880 SysStringLen
0x140358888 SysAllocStringByteLen
0x140358890 SafeArrayAccessData
api-ms-win-shcore-taskpool-l1-1-0.dll
0x14035a520 SHTaskPoolGetUniqueContext
0x14035a528 SHTaskPoolQueueTask
api-ms-win-shcore-sysinfo-l1-1-0.dll
0x14035a508 SetCurrentProcessExplicitAppUserModelID
0x14035a510 IsOS
api-ms-win-core-com-l1-1-0.dll
0x1403591d8 StringFromIID
0x1403591e0 CoCreateGuid
0x1403591e8 CLSIDFromString
0x1403591f0 CoCreateFreeThreadedMarshaler
0x1403591f8 CoTaskMemFree
0x140359200 CoFreeUnusedLibraries
0x140359208 CoRegisterClassObject
0x140359210 CoUninitialize
0x140359218 CoInitializeSecurity
0x140359220 CoEnableCallCancellation
0x140359228 CoDisableCallCancellation
0x140359230 CoCancelCall
0x140359238 IIDFromString
0x140359240 CoReleaseMarshalData
0x140359248 CoGetInterfaceAndReleaseStream
0x140359250 CoMarshalInterThreadInterfaceInStream
0x140359258 CreateStreamOnHGlobal
0x140359260 StringFromCLSID
0x140359268 CoTaskMemRealloc
0x140359270 CoInitializeEx
0x140359278 CoRevokeClassObject
0x140359280 PropVariantClear
0x140359288 CoGetApartmentType
0x140359290 StringFromGUID2
0x140359298 CoGetCallContext
0x1403592a0 CoGetObjectContext
0x1403592a8 CoTaskMemAlloc
0x1403592b0 CoWaitForMultipleHandles
0x1403592b8 CoGetMalloc
0x1403592c0 CoGetStdMarshalEx
0x1403592c8 CoSetProxyBlanket
0x1403592d0 CoCreateInstance
api-ms-win-core-shlwapi-obsolete-l1-1-0.dll
0x140359a10 StrToIntW
0x140359a18 StrChrW
0x140359a20 StrCmpNIW
0x140359a28 StrCmpW
0x140359a30 StrCmpIW
0x140359a38 StrChrIW
0x140359a40 StrCmpNICW
0x140359a48 QISearch
0x140359a50 StrCmpICW
0x140359a58 StrCmpICA
api-ms-win-shcore-obsolete-l1-1-0.dll
0x14035a440 SHStrDupW
api-ms-win-core-registry-l1-1-0.dll
0x1403598f8 RegQueryInfoKeyW
0x140359900 RegNotifyChangeKeyValue
0x140359908 RegQueryValueExW
0x140359910 RegDeleteKeyExW
0x140359918 RegCloseKey
0x140359920 RegDeleteTreeW
0x140359928 RegSetValueExW
0x140359930 RegOpenCurrentUser
0x140359938 RegCreateKeyExW
0x140359940 RegOpenKeyExW
0x140359948 RegEnumValueW
0x140359950 RegDeleteValueW
0x140359958 RegEnumKeyExW
0x140359960 RegGetValueW
0x140359968 RegLoadMUIStringW
api-ms-win-shcore-comhelpers-l1-1-0.dll
0x14035a418 IUnknown_Set
0x14035a420 IUnknown_QueryService
0x14035a428 IUnknown_SetSite
0x14035a430 IUnknown_GetSite
api-ms-win-core-heap-l2-1-0.dll
0x140359498 GlobalAlloc
0x1403594a0 GlobalFree
0x1403594a8 LocalFree
0x1403594b0 LocalAlloc
0x1403594b8 LocalReAlloc
api-ms-win-core-processthreads-l1-1-1.dll
0x140359880 OpenProcess
0x140359888 IsProcessorFeaturePresent
0x140359890 GetProcessMitigationPolicy
api-ms-win-core-datetime-l1-1-0.dll
0x140359320 GetDateFormatW
api-ms-win-core-sysinfo-l1-1-0.dll
0x140359c20 GetTickCount64
0x140359c28 GetSystemDirectoryW
0x140359c30 GetSystemTime
0x140359c38 GetTickCount
0x140359c40 GetWindowsDirectoryW
0x140359c48 GetSystemTimeAsFileTime
0x140359c50 GetVersionExW
0x140359c58 GetLocalTime
api-ms-win-core-datetime-l1-1-1.dll
0x140359330 GetDateFormatEx
0x140359338 GetTimeFormatEx
api-ms-win-core-processenvironment-l1-1-0.dll
0x140359750 ExpandEnvironmentStringsW
0x140359758 GetCommandLineW
0x140359760 GetCurrentDirectoryW
0x140359768 GetEnvironmentVariableW
0x140359770 SetEnvironmentVariableW
0x140359778 SearchPathW
api-ms-win-core-shlwapi-legacy-l1-1-0.dll
0x1403599a0 PathRemoveBlanksW
0x1403599a8 PathGetArgsW
0x1403599b0 PathIsFileSpecW
0x1403599b8 PathFindFileNameW
0x1403599c0 PathCommonPrefixW
0x1403599c8 PathFindExtensionW
0x1403599d0 PathRemoveFileSpecW
0x1403599d8 PathParseIconLocationW
0x1403599e0 SHExpandEnvironmentStringsW
0x1403599e8 PathQuoteSpacesW
0x1403599f0 PathCombineW
0x1403599f8 PathGetDriveNumberW
0x140359a00 PathFileExistsW
api-ms-win-shcore-registry-l1-1-0.dll
0x14035a460 SHSetValueW
0x14035a468 SHGetValueW
0x14035a470 SHEnumKeyExW
0x14035a478 SHDeleteValueW
0x14035a480 SHRegGetValueW
0x14035a488 SHDeleteKeyW
0x14035a490 SHQueryInfoKeyW
api-ms-win-core-string-l1-1-0.dll
0x140359a90 CompareStringW
0x140359a98 MultiByteToWideChar
0x140359aa0 CompareStringOrdinal
0x140359aa8 WideCharToMultiByte
api-ms-win-core-winrt-string-l1-1-0.dll
0x140359e20 WindowsPromoteStringBuffer
0x140359e28 WindowsCompareStringOrdinal
0x140359e30 WindowsCreateString
0x140359e38 WindowsDeleteStringBuffer
0x140359e40 WindowsSubstringWithSpecifiedLength
0x140359e48 WindowsPreallocateStringBuffer
0x140359e50 WindowsGetStringRawBuffer
0x140359e58 WindowsDeleteString
0x140359e60 WindowsCreateStringReference
0x140359e68 WindowsDuplicateString
api-ms-win-shcore-thread-l1-1-0.dll
0x14035a538 SHCreateThreadRef
0x14035a540 SHSetThreadRef
0x14035a548 SHGetThreadRef
0x14035a550 SHCreateThread
0x14035a558 SetProcessReference
api-ms-win-core-libraryloader-l1-2-1.dll
0x140359650 FindResourceW
0x140359658 LoadLibraryW
api-ms-win-security-base-l1-1-0.dll
0x14035a358 SetKernelObjectSecurity
0x14035a360 EqualSid
0x14035a368 AllocateAndInitializeSid
0x14035a370 FreeSid
0x14035a378 CreateWellKnownSid
0x14035a380 GetTokenInformation
0x14035a388 CopySid
0x14035a390 GetSecurityDescriptorDacl
0x14035a398 IsValidSid
0x14035a3a0 InitializeAcl
0x14035a3a8 GetAclInformation
0x14035a3b0 GetAce
0x14035a3b8 MakeAbsoluteSD
0x14035a3c0 GetLengthSid
0x14035a3c8 DeleteAce
0x14035a3d0 AddAce
0x14035a3d8 CheckTokenMembership
0x14035a3e0 DuplicateToken
api-ms-win-core-psapi-l1-1-0.dll
0x1403598c8 K32EnumProcessModules
0x1403598d0 K32GetModuleFileNameExW
0x1403598d8 K32GetModuleBaseNameW
0x1403598e0 QueryFullProcessImageNameW
0x1403598e8 K32EnumProcesses
api-ms-win-core-version-l1-1-0.dll
0x140359d80 GetFileVersionInfoSizeExW
0x140359d88 GetFileVersionInfoExW
0x140359d90 VerQueryValueW
api-ms-win-eventing-classicprovider-l1-1-0.dll
0x14035a120 UnregisterTraceGuids
0x14035a128 RegisterTraceGuidsW
0x14035a130 TraceMessage
0x14035a138 GetTraceEnableFlags
0x14035a140 GetTraceLoggerHandle
0x14035a148 GetTraceEnableLevel
api-ms-win-core-localization-obsolete-l1-2-0.dll
0x1403596c8 GetUserDefaultUILanguage
api-ms-win-core-string-l2-1-1.dll
0x140359ad0 SHLoadIndirectString
api-ms-win-core-processthreads-l1-1-3.dll
0x1403598a0 SetProcessInformation
0x1403598a8 SetThreadDescription
api-ms-win-core-registry-l1-1-1.dll
0x140359978 RegSetKeyValueW
api-ms-win-core-winrt-l1-1-0.dll
0x140359df8 RoUninitialize
0x140359e00 RoGetActivationFactory
0x140359e08 RoActivateInstance
0x140359e10 RoInitialize
api-ms-win-core-com-l1-1-1.dll
0x1403592e0 RoGetAgileReference
api-ms-win-core-winrt-error-l1-1-0.dll
0x140359dc8 RoTransformError
0x140359dd0 RoOriginateError
0x140359dd8 SetRestrictedErrorInfo
api-ms-win-core-winrt-error-l1-1-1.dll
0x140359de8 RoGetMatchingRestrictedErrorInfo
api-ms-win-core-path-l1-1-0.dll
0x140359718 PathCchRemoveFileSpec
0x140359720 PathCchCombine
0x140359728 PathCchAppend
0x140359730 PathAllocCombine
0x140359738 PathCchAddExtension
0x140359740 PathCchSkipRoot
api-ms-win-shcore-unicodeansi-l1-1-0.dll
0x14035a568 SHAnsiToUnicode
api-ms-win-core-heap-obsolete-l1-1-0.dll
0x1403594c8 GlobalLock
0x1403594d0 GlobalUnlock
api-ms-win-core-string-obsolete-l1-1-0.dll
0x140359ae0 lstrlenW
0x140359ae8 lstrcmpiW
api-ms-win-core-memory-l1-1-0.dll
0x1403596d8 VirtualProtect
0x1403596e0 UnmapViewOfFile
0x1403596e8 MapViewOfFile
0x1403596f0 CreateFileMappingW
0x1403596f8 OpenFileMappingW
0x140359700 VirtualAlloc
0x140359708 VirtualFree
api-ms-win-core-commandlinetoargv-l1-1-0.dll
0x140359310 CommandLineToArgvW
api-ms-win-shcore-scaling-l1-1-1.dll
0x14035a4b0 GetDpiForMonitor
0x14035a4b8 None
api-ms-win-core-largeinteger-l1-1-0.dll
0x1403595c8 MulDiv
api-ms-win-shcore-stream-l1-1-0.dll
0x14035a4c8 SHOpenRegStream2W
0x14035a4d0 SHCreateMemStream
0x14035a4d8 SHCreateStreamOnFileEx
0x14035a4e0 SHCreateStreamOnFileW
0x14035a4e8 IStream_Read
0x14035a4f0 IStream_Write
0x14035a4f8 IStream_Reset
api-ms-win-core-file-l1-2-0.dll
0x140359428 GetTempPathW
api-ms-win-shcore-path-l1-1-0.dll
0x14035a450 None
api-ms-win-core-threadpool-legacy-l1-1-0.dll
0x140359d08 UnregisterWaitEx
0x140359d10 CreateTimerQueueTimer
0x140359d18 DeleteTimerQueueTimer
0x140359d20 ChangeTimerQueueTimer
api-ms-win-core-sysinfo-l1-2-0.dll
0x140359c68 GetProductInfo
0x140359c70 GetNativeSystemInfo
api-ms-win-core-localization-l1-2-3.dll
0x1403596b8 GetUserDefaultGeoName
USERENV.dll
0x140359010 DeriveAppContainerSidFromAppContainerName
0x140359018 GetProfileType
api-ms-win-core-timezone-l1-1-0.dll
0x140359d30 FileTimeToSystemTime
0x140359d38 SystemTimeToFileTime
0x140359d40 GetDynamicTimeZoneInformation
0x140359d48 GetTimeZoneInformation
0x140359d50 SystemTimeToTzSpecificLocalTime
api-ms-win-core-io-l1-1-0.dll
0x1403594f8 GetQueuedCompletionStatus
0x140359500 CreateIoCompletionPort
0x140359508 DeviceIoControl
0x140359510 CancelIoEx
api-ms-win-core-file-l2-1-0.dll
0x140359438 GetFileInformationByHandleEx
0x140359440 ReadDirectoryChangesW
api-ms-win-core-kernel32-legacy-l1-1-0.dll
0x140359560 GetComputerNameW
0x140359568 RegisterWaitForSingleObject
0x140359570 GetSystemPowerStatus
api-ms-win-core-profile-l1-1-0.dll
0x1403598b8 QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0.dll
0x1403594e0 InitializeSListHead
0x1403594e8 InterlockedPushEntrySList
api-ms-win-stateseparation-helpers-l1-1-0.dll
0x14035a720 GetPersistedRegistryLocationW
api-ms-win-security-lsalookup-l2-1-0.dll
0x14035a3f0 LookupAccountNameW
api-ms-win-core-string-l2-1-0.dll
0x140359ab8 CharNextW
0x140359ac0 CharLowerBuffW
api-ms-win-service-management-l2-1-0.dll
0x14035a400 QueryServiceConfigW
0x14035a408 NotifyServiceStatusChangeW
api-ms-win-shcore-registry-l1-1-1.dll
0x14035a4a0 SHRegGetValueFromHKCUHKLM
api-ms-win-core-errorhandling-l1-1-2.dll
0x1403593c0 RaiseFailFastException
api-ms-win-core-stringansi-l1-1-0.dll
0x140359af8 CharNextA
api-ms-win-power-base-l1-1-0.dll
0x14035a268 GetPwrCapabilities
0x14035a270 CallNtPowerInformation
api-ms-win-core-apiquery-l1-1-0.dll
0x140359190 ApiSetQueryApiSetPresence
api-ms-win-shlwapi-winrt-storage-l1-1-1.dll
0x14035a680 None
0x14035a688 None
0x14035a690 None
0x14035a698 AssocQueryStringW
0x14035a6a0 SHCreateWorkerWindowW
0x14035a6a8 None
0x14035a6b0 SHIsChildOrSelf
0x14035a6b8 SHPinDllOfCLSID
0x14035a6c0 None
0x14035a6c8 ShellMessageBoxW
0x14035a6d0 None
0x14035a6d8 None
0x14035a6e0 IUnknown_GetWindow
0x14035a6e8 StrRetToStrW
0x14035a6f0 StrRetToBufW
0x14035a6f8 None
0x14035a700 None
0x14035a708 None
0x14035a710 PathRemoveArgsW
api-ms-win-ntuser-sysparams-l1-1-0.dll
0x14035a218 EnumDisplayDevicesW
0x14035a220 EnumDisplayMonitors
0x14035a228 GetMonitorInfoW
0x14035a230 QueryDisplayConfig
0x14035a238 SystemParametersInfoW
0x14035a240 GetDisplayConfigBufferSizes
0x14035a248 GetSystemMetrics
api-ms-win-ntuser-rectangle-l1-1-0.dll
0x14035a1b8 IsRectEmpty
0x14035a1c0 InflateRect
0x14035a1c8 CopyRect
0x14035a1d0 SubtractRect
0x14035a1d8 SetRect
0x14035a1e0 OffsetRect
0x14035a1e8 IntersectRect
0x14035a1f0 EqualRect
0x14035a1f8 PtInRect
0x14035a200 SetRectEmpty
0x14035a208 UnionRect
api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
0x14035a2f8 NotifyWinEvent
0x14035a300 SetWinEventHook
0x14035a308 UnhookWinEvent
api-ms-win-shell-namespace-l1-1-0.dll
0x14035a5e0 ILRemoveLastID
0x14035a5e8 ILClone
0x14035a5f0 SHParseDisplayName
0x14035a5f8 SHBindToFolderIDListParent
0x14035a600 ILGetSize
0x14035a608 ILCloneFirst
0x14035a610 ILCombine
0x14035a618 SHCreateItemFromIDList
0x14035a620 SHGetNameFromIDList
0x14035a628 SHCreateItemFromParsingName
0x14035a630 SHGetIDListFromObject
0x14035a638 ILFree
0x14035a640 ILIsParent
0x14035a648 ILFindLastID
0x14035a650 SHBindToParent
0x14035a658 SHBindToObject
0x14035a660 ILIsEqual
dxgi.dll
0x14035a7f8 DXGIDeclareAdapterRemovalSupport
api-ms-win-rtcore-ntuser-wmpointer-l1-1-0.dll
0x14035a318 GetPointerInfo
0x14035a320 GetCurrentInputMessageSource
0x14035a328 EnableMouseInPointer
0x14035a330 GetPointerType
0x14035a338 GetPointerDevices
api-ms-win-storage-exports-internal-l1-1-0.dll
0x14035a730 SetThreadFlags
0x14035a738 GetThreadFlags
0x14035a740 SHGetKnownFolderIDList
0x14035a748 SHGetFolderPathEx
api-ms-win-rtcore-ntuser-synch-l1-1-0.dll
0x14035a2e0 MsgWaitForMultipleObjectsEx
0x14035a2e8 MsgWaitForMultipleObjects
api-ms-win-appmodel-runtime-l1-1-0.dll
0x140359140 GetPackagesByPackageFamily
0x140359148 GetPackageFullName
api-ms-win-rtcore-ntuser-wmpointer-l1-1-2.dll
0x14035a348 SetWindowFeedbackSetting
api-ms-win-rtcore-ntuser-clipboard-l1-1-0.dll
0x14035a290 RegisterClipboardFormatW
api-ms-win-shell-dataobject-l1-1-1.dll
0x14035a5d0 DragQueryFileW
api-ms-win-rtcore-ntuser-private-l1-1-0.dll
0x14035a2b8 GetWindowBand
0x14035a2c0 CreateWindowInBand
api-ms-win-rtcore-ntuser-powermanagement-l1-1-0.dll
0x14035a2a0 UnregisterPowerSettingNotification
0x14035a2a8 RegisterPowerSettingNotification
api-ms-win-shell-changenotify-l1-1-1.dll
0x14035a588 SHChangeNotification_Unlock
0x14035a590 SHChangeNotifyRegister
0x14035a598 SHHandleUpdateImage
0x14035a5a0 SHChangeNotification_Lock
0x14035a5a8 SHChangeNotifyRegisterThread
0x14035a5b0 SHChangeNotifyDeregister
PROPSYS.dll
0x1403588a0 InitVariantFromGUIDAsString
0x1403588a8 InitVariantFromResource
0x1403588b0 PSCreateMemoryPropertyStore
0x1403588b8 PropVariantToBoolean
0x1403588c0 PSPropertyBag_WriteStr
0x1403588c8 PropVariantToUInt32
0x1403588d0 PSPropertyBag_WriteDWORD
0x1403588d8 PropVariantToStringAlloc
0x1403588e0 PSGetPropertyFromPropertyStorage
api-ms-win-shell-changenotify-l1-1-0.dll
0x14035a578 SHChangeNotify
api-ms-win-shell-dataobject-l1-1-0.dll
0x14035a5c0 SHCreateDataObject
api-ms-win-appmodel-runtime-l1-1-1.dll
0x140359158 FindPackagesByPackageFamily
0x140359160 ParseApplicationUserModelId
WTSAPI32.dll
0x140359128 WTSUnRegisterSessionNotification
0x140359130 WTSRegisterSessionNotification
GDI32.dll
0x140358720 StretchBlt
0x140358728 ExcludeClipRect
0x140358730 SetStretchBltMode
0x140358738 Rectangle
0x140358740 GetCurrentObject
0x140358748 GetDeviceCaps
0x140358750 GetStockObject
0x140358758 SetRectRgn
0x140358760 OffsetRgn
0x140358768 CombineRgn
0x140358770 SelectClipRgn
0x140358778 DeleteObject
0x140358780 GetObjectW
0x140358788 DeleteDC
0x140358790 CreateCompatibleDC
0x140358798 SelectObject
0x1403587a0 GetClipBox
0x1403587a8 CreateFontIndirectW
0x1403587b0 CreateRectRgn
0x1403587b8 GetClipRgn
0x1403587c0 SetTextColor
0x1403587c8 SetTextAlign
0x1403587d0 GetTextMetricsW
0x1403587d8 ExtTextOutW
0x1403587e0 GetTextExtentPoint32W
0x1403587e8 CreateRectRgnIndirect
0x1403587f0 GetGlyphOutlineW
0x1403587f8 GetOutlineTextMetricsW
KERNEL32.dll
0x140358808 GetModuleHandleExA
0x140358810 IsBadWritePtr
0x140358818 RtlCompareMemory
0x140358820 HeapDestroy
0x140358828 HeapReAlloc
0x140358830 HeapSize
WININET.dll
0x140359118 InternetCrackUrlW
SHCORE.dll
0x140358930 None
0x140358938 None
0x140358940 None
0x140358948 None
0x140358950 None
0x140358958 None
0x140358960 None
0x140358968 None
0x140358970 None
0x140358978 None
0x140358980 None
0x140358988 SHUnicodeToAnsi
0x140358990 None
0x140358998 None
0x1403589a0 None
0x1403589a8 None
0x1403589b0 None
0x1403589b8 None
0x1403589c0 None
0x1403589c8 None
SHELL32.dll
0x1403589d8 None
0x1403589e0 None
0x1403589e8 None
0x1403589f0 None
0x1403589f8 None
0x140358a00 Shell_GetCachedImageIndexW
0x140358a08 None
0x140358a10 None
0x140358a18 None
0x140358a20 None
0x140358a28 SHAppBarMessage
0x140358a30 None
0x140358a38 None
0x140358a40 None
0x140358a48 None
0x140358a50 SHGetLocalizedName
0x140358a58 SHGetPropertyStoreForWindow
0x140358a60 None
0x140358a68 None
0x140358a70 SHEvaluateSystemCommandTemplate
0x140358a78 None
0x140358a80 ExtractIconExW
0x140358a88 None
0x140358a90 None
0x140358a98 Shell_NotifyIconW
0x140358aa0 Shell_NotifyIconGetRect
0x140358aa8 None
0x140358ab0 SHGetStockIconInfo
0x140358ab8 DuplicateIcon
0x140358ac0 ShellExecuteW
0x140358ac8 None
0x140358ad0 None
0x140358ad8 None
0x140358ae0 SHEnableServiceObject
0x140358ae8 None
0x140358af0 None
0x140358af8 SHAddToRecentDocs
0x140358b00 None
0x140358b08 SHUpdateRecycleBinIcon
0x140358b10 None
0x140358b18 SHFileOperationW
0x140358b20 SHGetPathFromIDListW
0x140358b28 None
0x140358b30 None
0x140358b38 None
0x140358b40 SHCreateItemInKnownFolder
0x140358b48 None
0x140358b50 None
0x140358b58 None
0x140358b60 None
0x140358b68 ShellExecuteExW
0x140358b70 None
0x140358b78 None
0x140358b80 None
0x140358b88 None
0x140358b90 None
0x140358b98 None
0x140358ba0 None
0x140358ba8 None
0x140358bb0 None
0x140358bb8 None
0x140358bc0 None
0x140358bc8 None
SHLWAPI.dll
0x140358bd8 None
0x140358be0 None
0x140358be8 PathIsDirectoryW
0x140358bf0 None
0x140358bf8 None
0x140358c00 None
0x140358c08 AssocQueryKeyW
0x140358c10 ChrCmpIW
0x140358c18 PathIsRelativeW
0x140358c20 AssocCreate
UxTheme.dll
0x140359028 OpenThemeData
0x140359030 GetThemeBool
0x140359038 GetThemeBackgroundExtent
0x140359040 IsThemePartDefined
0x140359048 GetThemeMargins
0x140359050 None
0x140359058 BufferedPaintSetAlpha
0x140359060 None
0x140359068 GetThemePartSize
0x140359070 OpenThemeDataForDpi
0x140359078 IsThemeActive
0x140359080 GetBufferedPaintBits
0x140359088 GetThemeInt
0x140359090 GetThemeColor
0x140359098 GetThemeMetric
0x1403590a0 SetWindowTheme
0x1403590a8 GetWindowTheme
0x1403590b0 BufferedPaintUnInit
0x1403590b8 EndBufferedPaint
0x1403590c0 BeginBufferedPaint
0x1403590c8 BufferedPaintInit
0x1403590d0 CloseThemeData
0x1403590d8 DrawThemeParentBackground
0x1403590e0 DrawThemeBackground
0x1403590e8 None
0x1403590f0 GetThemeFont
0x1403590f8 DrawThemeTextEx
0x140359100 IsCompositionActive
0x140359108 IsAppThemed
dwmapi.dll
0x14035a770 None
0x14035a778 DwmEnableBlurBehindWindow
0x14035a780 DwmGetWindowAttribute
0x14035a788 None
0x14035a790 None
0x14035a798 None
0x14035a7a0 DwmRegisterThumbnail
0x14035a7a8 None
0x14035a7b0 DwmQueryThumbnailSourceSize
0x14035a7b8 None
0x14035a7c0 DwmUpdateThumbnailProperties
0x14035a7c8 DwmIsCompositionEnabled
0x14035a7d0 DwmUnregisterThumbnail
0x14035a7d8 None
0x14035a7e0 None
0x14035a7e8 DwmSetWindowAttribute
USER32.dll
0x140358c50 CalculatePopupWindowPosition
0x140358c58 CopyIcon
0x140358c60 GetLastInputInfo
0x140358c68 GetCursorFrameInfo
0x140358c70 AdjustWindowRect
0x140358c78 GetDpiForWindow
0x140358c80 SetWindowCompositionAttribute
0x140358c88 SetGestureConfig
0x140358c90 LoadImageW
0x140358c98 CheckMenuItem
0x140358ca0 EnableMenuItem
0x140358ca8 GetDoubleClickTime
0x140358cb0 SetMenuDefaultItem
0x140358cb8 TrackPopupMenuEx
0x140358cc0 DeleteMenu
0x140358cc8 FillRect
0x140358cd0 DrawTextW
0x140358cd8 IsWindowUnicode
0x140358ce0 LoadAcceleratorsW
0x140358ce8 ChangeWindowMessageFilterEx
0x140358cf0 TranslateAcceleratorW
0x140358cf8 MonitorFromWindow
0x140358d00 SetMenuItemInfoW
0x140358d08 SetCursor
0x140358d10 RemoveMenu
0x140358d18 ReleaseCapture
0x140358d20 LoadCursorW
0x140358d28 None
0x140358d30 GetSystemMetricsForDpi
0x140358d38 DrawIconEx
0x140358d40 DestroyIcon
0x140358d48 CopyImage
0x140358d50 GetSysColor
0x140358d58 GetCaretBlinkTime
0x140358d60 InjectKeyboardInput
0x140358d68 MapVirtualKeyExW
0x140358d70 InjectMouseInput
0x140358d78 LockWorkStation
0x140358d80 TileWindows
0x140358d88 GetCapture
0x140358d90 SendInput
0x140358d98 SetDesktopColorTransform
0x140358da0 UnregisterClassA
0x140358da8 None
0x140358db0 MonitorFromRect
0x140358db8 GetGuiResources
0x140358dc0 IsHungAppWindow
0x140358dc8 None
0x140358dd0 CascadeWindows
0x140358dd8 HungWindowFromGhostWindow
0x140358de0 LoadIconW
0x140358de8 IsIconic
0x140358df0 DestroyMenu
0x140358df8 LoadMenuW
0x140358e00 GetSubMenu
0x140358e08 CreateIconIndirect
0x140358e10 SetCapture
0x140358e18 GetMenuDefaultItem
0x140358e20 CreatePopupMenu
0x140358e28 GetMenuItemInfoW
0x140358e30 MonitorFromPoint
0x140358e38 ReplyMessage
0x140358e40 GetAsyncKeyState
0x140358e48 ModifyMenuW
0x140358e50 GetSystemMenu
0x140358e58 GetSysColorBrush
0x140358e60 SetLayeredWindowAttributes
0x140358e68 GetIconInfoExW
0x140358e70 GetIconInfo
0x140358e78 GetClassWord
0x140358e80 GetClassLongW
0x140358e88 GetPhysicalCursorPos
0x140358e90 GetCursorInfo
0x140358e98 ShowWindowAsync
0x140358ea0 SwitchToThisWindow
0x140358ea8 ReleaseDC
0x140358eb0 InsertMenuW
0x140358eb8 BringWindowToTop
0x140358ec0 None
0x140358ec8 GhostWindowFromHungWindow
0x140358ed0 EndTask
0x140358ed8 IsTopLevelWindow
0x140358ee0 GetMenuState
0x140358ee8 SetScrollInfo
0x140358ef0 GetScrollInfo
0x140358ef8 SetScrollPos
0x140358f00 GetMenuStringW
0x140358f08 InternalGetWindowText
0x140358f10 GetLayeredWindowAttributes
0x140358f18 DrawTextExW
0x140358f20 IsProcessDPIAware
0x140358f28 SetThreadDpiAwarenessContext
0x140358f30 GetLastActivePopup
0x140358f38 GetWindowCompositionAttribute
0x140358f40 GetWindowProcessHandle
0x140358f48 GetClassLongPtrW
0x140358f50 UpdateLayeredWindow
0x140358f58 None
0x140358f60 UnregisterHotKey
0x140358f68 GetDC
0x140358f70 UnregisterClassW
0x140358f78 None
0x140358f80 WindowFromDC
0x140358f88 GetMenuInfo
0x140358f90 SetMenuInfo
0x140358f98 GetDpiForSystem
0x140358fa0 GetWindowDpiAwarenessContext
0x140358fa8 AreDpiAwarenessContextsEqual
0x140358fb0 CharLowerW
0x140358fb8 IsCharAlphaNumericW
0x140358fc0 RegisterHotKey
0x140358fc8 GetMenuItemCount
0x140358fd0 DefWindowProcA
0x140358fd8 SendDlgItemMessageW
0x140358fe0 EndDialog
0x140358fe8 ExitWindowsEx
0x140358ff0 TrackMouseEvent
0x140358ff8 AdjustWindowRectEx
0x140359000 GetKeyState
SspiCli.dll
0x140358c30 GetUserNameExW
api-ms-win-core-delayload-l1-1-1.dll
0x140359378 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x140359368 DelayLoadFailureHook
api-ms-win-core-localization-l1-2-2.dll
0x1403596a8 LCIDToLocaleName
api-ms-win-core-kernel32-legacy-l1-1-1.dll
0x140359580 PowerSetRequest
0x140359588 PowerCreateRequest
0x140359590 VerifyVersionInfoW
api-ms-win-oobe-notification-l1-1-0.dll
0x14035a258 OOBEComplete
api-ms-win-core-file-l2-1-2.dll
0x140359450 CopyFileW
api-ms-win-core-kernel32-legacy-l1-1-2.dll
0x1403595a0 SetTermsrvAppInstallMode
api-ms-win-shell-shdirectory-l1-1-0.dll
0x14035a670 None
api-ms-win-eventing-controller-l1-1-0.dll
0x14035a158 StopTraceW
0x14035a160 StartTraceW
0x14035a168 EnableTraceEx2
api-ms-win-core-job-l1-1-0.dll
0x140359520 IsProcessInJob
RPCRT4.dll
0x1403588f0 RpcStringBindingComposeW
0x1403588f8 RpcBindingFromStringBindingW
0x140358900 I_RpcExceptionFilter
0x140358908 RpcBindingSetAuthInfoExW
0x140358910 RpcStringFreeW
0x140358918 RpcBindingFree
0x140358920 NdrClientCall3
api-ms-win-appmodel-runtime-l1-1-3.dll
0x140359170 GetStagedPackagePathByFullName2
api-ms-win-core-biptcltapi-l1-1-7.dll
0x1403591b0 BiPtQueryWorkItem
0x1403591b8 BiPtFreeMemory
0x1403591c0 BiPtAssociateApplicationEntryPoint
0x1403591c8 BiPtEnumerateWorkItemsForPackageName
api-ms-win-appmodel-unlock-l1-1-0.dll
0x140359180 IsDeveloperModeEnabled
api-ms-win-rtcore-ntuser-shell-l1-1-0.dll
0x14035a2d0 GetShellWindow
api-ms-win-ro-typeresolution-l1-1-1.dll
0x14035a280 RoCreatePropertySetSerializer
combase.dll
0x14035a758 GetErrorInfo
0x14035a760 SetErrorInfo
EAT(Export Address Table) Library
0x1403e0dd8 g_trayTriageBlock