Last active
February 27, 2019 17:26
-
-
Save sangsoo-horangi/64efd03c9992446b1520aac1230a9318 to your computer and use it in GitHub Desktop.
You can get Plain API Function's name Through the decrypt routine.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Kernel32.dll | |
| CloseHandle | |
| CreateFileA | |
| CreateMutexA | |
| HeapReAlloc | |
| CreateToolhelp32Snapshot | |
| DeviceIoControl | |
| GetCurrentThread | |
| GetLongPathNameA | |
| GetModuleFileNameA | |
| GetNativeSystemInfo | |
| GetProcessHeap | |
| GetSystemInfo | |
| GetThreadContext | |
| HeapAlloc | |
| HeapFree | |
| IsBadReadPtr | |
| Module32First | |
| Module32Next | |
| ReleaseMutex | |
| SetErrorMode | |
| VirtualAlloc | |
| VirtualFree | |
| VirtualProtect | |
| WaitForSingleObject | |
| Advapi32.dll | |
| AllocateAndInitializeSid | |
| CheckTokenMembership | |
| FreeSid | |
| RegCloseKey | |
| RegOpenKeyExA | |
| RegQueryValueExA | |
| Shell32.dll | |
| ShellExecuteExA | |
| LookupPrivileageValueA | |
| AdjustTokenPrivileges | |
| CloseServiceHandle | |
| LookupPrivilegeValueA | |
| OpenProcessToken | |
| OpenSCManagerA | |
| OpenServiceA | |
| QueryServiceStartEx | |
| user32.dll | |
| FindWindowA | |
| SwitchToThisWindow | |
| CreateWindowExA | |
| DestroyWindow | |
| DispatchMessageA | |
| GetMessageA | |
| GetSystemMetrics | |
| LoadImageA | |
| SendMessageA | |
| SetTimer | |
| SetWindowTextA | |
| ShowWindow | |
| TranslateMessage | |
| Ole32.dll | |
| CoCreateInstance | |
| CoInitializeEx | |
| CreateStreamOnHGlobal |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment