-
-
Save heatd/977bce7e6ebab5f132734d492852bdc4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [pfalcato@PC-PEDRO-ARCH Onyx]$ readpe -i /mnt/Windows/System32/drivers/iaStorAVC.sys | |
| Imported functions | |
| Library | |
| Name: storport.sys | |
| Functions | |
| Function | |
| Hint: 7 | |
| Name: StorPortDebugPrint | |
| Function | |
| Hint: 8 | |
| Name: StorPortDeviceBusy | |
| Function | |
| Hint: 44 | |
| Name: StorPortResumeDevice | |
| Function | |
| Hint: 26 | |
| Name: StorPortPauseDevice | |
| Function | |
| Hint: 21 | |
| Name: StorPortInitialize | |
| Function | |
| Hint: 42 | |
| Name: StorPortRegistryWrite | |
| Function | |
| Hint: 41 | |
| Name: StorPortRegistryRead | |
| Function | |
| Hint: 12 | |
| Name: StorPortFreeRegistryBuffer | |
| Function | |
| Hint: 3 | |
| Name: StorPortAllocateRegistryBuffer | |
| Function | |
| Hint: 47 | |
| Name: StorPortStallExecution | |
| Function | |
| Hint: 40 | |
| Name: StorPortReady | |
| Function | |
| Hint: 19 | |
| Name: StorPortGetUncachedExtension | |
| Function | |
| Hint: 16 | |
| Name: StorPortGetPhysicalAddress | |
| Function | |
| Hint: 17 | |
| Name: StorPortGetScatterGatherList | |
| Function | |
| Hint: 14 | |
| Name: StorPortGetDeviceBase | |
| Function | |
| Hint: 45 | |
| Name: StorPortSetBusDataByOffset | |
| Function | |
| Hint: 13 | |
| Name: StorPortGetBusData | |
| Function | |
| Hint: 46 | |
| Name: StorPortSetDeviceQueueDepth | |
| Function | |
| Hint: 10 | |
| Name: StorPortExtendedFunction | |
| Function | |
| Hint: 24 | |
| Name: StorPortNotification | |
| Library | |
| Name: NTOSKRNL.exe | |
| Functions | |
| Function | |
| Hint: 0 | |
| Name: KeBugCheckEx | |
| Library | |
| Name: ntoskrnl.exe | |
| Functions | |
| Function | |
| Hint: 1091 | |
| Name: KeRegisterBugCheckReasonCallback | |
| Function | |
| Hint: 965 | |
| Name: KeDeregisterBugCheckReasonCallback | |
| Function | |
| Hint: 88 | |
| Name: DbgPrintEx | |
| Function | |
| Hint: 1255 | |
| Name: MmIsAddressValid | |
| Function | |
| Hint: 945 | |
| Name: KeBugCheck | |
| Function | |
| Hint: 1929 | |
| Name: RtlGetVersion | |
| Function | |
| Hint: 1248 | |
| Name: MmGetPhysicalAddress | |
| Function | |
| Hint: 2639 | |
| Name: _vsnwprintf | |
| Function | |
| Hint: 2461 | |
| Name: ZwOpenEvent | |
| Function | |
| Hint: 577 | |
| Name: InitSafeBootMode | |
| Function | |
| Hint: 2682 | |
| Name: sprintf_s | |
| Function | |
| Hint: 1096 | |
| Name: KeReleaseInStackQueuedSpinLock | |
| Function | |
| Hint: 922 | |
| Name: KeAcquireInStackQueuedSpinLock | |
| Function | |
| Hint: 1707 | |
| Name: PsSetCreateProcessNotifyRoutineEx | |
| Function | |
| Hint: 717 | |
| Name: IoGetRequestorProcessId | |
| Function | |
| Hint: 709 | |
| Name: IoGetIoPriorityHint | |
| Function | |
| Hint: 1145 | |
| Name: KeSetSystemAffinityThread | |
| Function | |
| Hint: 2690 | |
| Name: strcmp | |
| Function | |
| Hint: 2714 | |
| Name: vsprintf_s | |
| Function | |
| Hint: 985 | |
| Name: KeFlushQueuedDpcs | |
| Function | |
| Hint: 1556 | |
| Name: PoUnregisterPowerSettingCallback | |
| Function | |
| Hint: 1537 | |
| Name: PoRegisterPowerSettingCallback | |
| Function | |
| Hint: 115 | |
| Name: EtwWrite | |
| Function | |
| Hint: 2686 | |
| Name: sscanf_s | |
| Function | |
| Hint: 392 | |
| Name: _purecall | |
| Function | |
| Hint: 432 | |
| Name: strncmp | |
| Function | |
| Hint: 188 | |
| Name: KeLowerIrql | |
| Function | |
| Hint: 217 | |
| Name: KfRaiseIrql | |
| Function | |
| Hint: 411 | |
| Name: atol | |
| Function | |
| Hint: 208 | |
| Name: KeSetEvent | |
| Function | |
| Hint: 216 | |
| Name: KeWaitForSingleObject | |
| Function | |
| Hint: 388 | |
| Name: __chkstk | |
| Function | |
| Hint: 431 | |
| Name: strncat | |
| Function | |
| Hint: 302 | |
| Name: RtlCompareMemory | |
| Function | |
| Hint: 72 | |
| Name: IoAllocateWorkItem | |
| Function | |
| Hint: 101 | |
| Name: IoFreeWorkItem | |
| Function | |
| Hint: 2674 | |
| Name: memcpy_s | |
| Function | |
| Hint: 2692 | |
| Name: strcpy_s | |
| Function | |
| Hint: 2698 | |
| Name: strncpy_s | |
| Function | |
| Hint: 2616 | |
| Name: _snprintf_s | |
| Function | |
| Hint: 763 | |
| Name: IoQueueWorkItemEx | |
| Function | |
| Hint: 114 | |
| Name: EtwUnregister | |
| Function | |
| Hint: 327 | |
| Name: RtlInitUnicodeString | |
| Function | |
| Hint: 228 | |
| Name: MmGetSystemRoutineAddress | |
| Function | |
| Hint: 155 | |
| Name: IoWMIRegistrationControl | |
| Function | |
| Hint: 325 | |
| Name: RtlInitAnsiString | |
| Function | |
| Hint: 291 | |
| Name: RtlAnsiStringToUnicodeString | |
| Function | |
| Hint: 171 | |
| Name: KeClearEvent | |
| Function | |
| Hint: 210 | |
| Name: KeSetPriorityThread | |
| Function | |
| Hint: 215 | |
| Name: KeWaitForMultipleObjects | |
| Function | |
| Hint: 167 | |
| Name: KeAcquireSpinLockRaiseToDpc | |
| Function | |
| Hint: 199 | |
| Name: KeReleaseSpinLock | |
| Function | |
| Hint: 60 | |
| Name: ExSystemTimeToLocalTime | |
| Function | |
| Hint: 289 | |
| Name: PsCreateSystemThread | |
| Function | |
| Hint: 290 | |
| Name: PsTerminateSystemThread | |
| Function | |
| Hint: 2703 | |
| Name: strtok_s | |
| Function | |
| Hint: 363 | |
| Name: ZwClose | |
| Function | |
| Hint: 403 | |
| Name: _vsnprintf | |
| Function | |
| Hint: 122 | |
| Name: IoQueueWorkItem | |
| Function | |
| Hint: 178 | |
| Name: KeInitializeEvent | |
| Function | |
| Hint: 433 | |
| Name: strncpy | |
| Function | |
| Hint: 172 | |
| Name: KeDelayExecutionThread | |
| Function | |
| Hint: 428 | |
| Name: sprintf | |
| Function | |
| Hint: 374 | |
| Name: ZwOpenKey | |
| Function | |
| Hint: 369 | |
| Name: ZwEnumerateKey | |
| Function | |
| Hint: 370 | |
| Name: ZwEnumerateValueKey | |
| Function | |
| Hint: 379 | |
| Name: ZwQueryKey | |
| Function | |
| Hint: 257 | |
| Name: ObfDereferenceObject | |
| Function | |
| Hint: 69 | |
| Name: IoAllocateErrorLogEntry | |
| Function | |
| Hint: 161 | |
| Name: IoWriteErrorLogEntry | |
| Function | |
| Hint: 436 | |
| Name: strstr | |
| Function | |
| Hint: 232 | |
| Name: MmMapIoSpace | |
| Function | |
| Hint: 245 | |
| Name: MmUnmapIoSpace | |
| Function | |
| Hint: 381 | |
| Name: ZwQueryValueKey | |
| Function | |
| Hint: 70 | |
| Name: IoAllocateIrp | |
| Function | |
| Hint: 76 | |
| Name: IoBuildDeviceIoControlRequest | |
| Function | |
| Hint: 162 | |
| Name: IofCallDriver | |
| Function | |
| Hint: 99 | |
| Name: IoFreeIrp | |
| Function | |
| Hint: 24 | |
| Name: ExCreateCallback | |
| Function | |
| Hint: 51 | |
| Name: ExRegisterCallback | |
| Function | |
| Hint: 61 | |
| Name: ExUnregisterCallback | |
| Function | |
| Hint: 387 | |
| Name: __C_specific_handler | |
| Function | |
| Hint: 177 | |
| Name: KeInitializeDpc | |
| Function | |
| Hint: 186 | |
| Name: KeInsertQueueDpc | |
| Function | |
| Hint: 191 | |
| Name: KeQueryTimeIncrement | |
| Function | |
| Hint: 253 | |
| Name: ObReferenceObjectByHandle | |
| Function | |
| Hint: 1994 | |
| Name: RtlIsNtDdiVersionAvailable | |
| Function | |
| Hint: 110 | |
| Name: EtwRegister | |
| Library | |
| Name: HAL.DLL | |
| Functions | |
| Function | |
| Hint: 1 | |
| Name: KeQueryPerformanceCounter |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment