seliaste/lief-iat-reconstruction
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lief-iat-reconstruction/rsc/000155f2e0360f6ff6cd.exe_iat_wave2.json
Seliaste 8729f0d385 Added a new test file
2026-03-25 15:04:27 +01:00

1 line
No EOL
8.5 KiB
JSON
Raw Blame History

{"entry": "0x40835b", "calls": [{"adress": "0x408269", "name": "KERNEL32.DLL!GetVersion"}, {"adress": "0x40c329", "name": "KERNEL32.DLL!HeapCreate"}, {"adress": "0x40d1fd", "name": "NTDLL.DLL!RtlAllocateHeap"}, {"adress": "0x40b00c", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x40b014", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x40b01c", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x40b024", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x40adc2", "name": "KERNEL32.DLL!TlsAlloc"}, {"adress": "0x40d8e9", "name": "NTDLL.DLL!RtlAllocateHeap"}, {"adress": "0x40d903", "name": "KERNEL32.DLL!VirtualAlloc"}, {"adress": "0x40d98f", "name": "KERNEL32.DLL!VirtualAlloc"}, {"adress": "0x40b102", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x40adea", "name": "KERNEL32.DLL!TlsSetValue"}, {"adress": "0x40adfb", "name": "KERNEL32.DLL!GetCurrentThreadId"}, {"adress": "0x4082c0", "name": "KERNEL32.DLL!GetCommandLineA"}, {"adress": "0x40c201", "name": "KERNEL32.DLL!GetEnvironmentStringsW"}, {"adress": "0x40c279", "name": "KERNEL32.DLL!WideCharToMultiByte"}, {"adress": "0x408cc1", "name": "NTDLL.DLL!RtlAllocateHeap"}, {"adress": "0x40c29b", "name": "KERNEL32.DLL!WideCharToMultiByte"}, {"adress": "0x40c2b4", "name": "KERNEL32.DLL!FreeEnvironmentStringsW"}, {"adress": "0x40bd2e", "name": "KERNEL32.DLL!GetStartupInfoA"}, {"adress": "0x40be4a", "name": "KERNEL32.DLL!GetFileType"}, {"adress": "0x40be3c", "name": "KERNEL32.DLL!GetStdHandle"}, {"adress": "0x40be81", "name": "KERNEL32.DLL!SetHandleCount"}, {"adress": "0x40b0d1", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x40b0ec", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x409ef9", "name": "KERNEL32.DLL!GetACP"}, {"adress": "0x409d6e", "name": "KERNEL32.DLL!GetCPInfo"}, {"adress": "0x409f84", "name": "KERNEL32.DLL!GetCPInfo"}, {"adress": "0x40d067", "name": "KERNEL32.DLL!GetStringTypeW"}, {"adress": "0x40d0ed", "name": "KERNEL32.DLL!MultiByteToWideChar"}, {"adress": "0x40d143", "name": "KERNEL32.DLL!MultiByteToWideChar"}, {"adress": "0x40d155", "name": "KERNEL32.DLL!GetStringTypeW"}, {"adress": "0x40b9ed", "name": "KERNEL32.DLL!LCMapStringW"}, {"adress": "0x40ba8a", "name": "KERNEL32.DLL!MultiByteToWideChar"}, {"adress": "0x40bae2", "name": "KERNEL32.DLL!MultiByteToWideChar"}, {"adress": "0x40baf8", "name": "KERNEL32.DLL!LCMapStringW"}, {"adress": "0x40bb93", "name": "KERNEL32.DLL!LCMapStringW"}, {"adress": "0x40bbb8", "name": "KERNEL32.DLL!WideCharToMultiByte"}, {"adress": "0x40bfbc", "name": "KERNEL32.DLL!GetModuleFileNameA"}, {"adress": "0x408d0a", "name": "KERNEL32.DLL!HeapFree"}, {"adress": "0x40b3d1", "name": "KERNEL32.DLL!GetModuleHandleA"}, {"adress": "0x40b3e1", "name": "KERNEL32.DLL!GetProcAddress"}, {"adress": "0x40b3ed", "name": "KERNEL32.DLL!IsProcessorFeaturePresent"}, {"adress": "0x40de75", "name": "NTDLL.DLL!RtlAllocateHeap"}, {"adress": "0x40d1bc", "name": "KERNEL32.DLL!SetUnhandledExceptionFilter"}, {"adress": "0x406e40", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x417c47", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x418173", "name": "USER32.DLL!GetCursorPos"}, {"adress": "0x4183eb", "name": "KERNEL32.DLL!TlsAlloc"}, {"adress": "0x418401", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x418471", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x4184c6", "name": "KERNEL32.DLL!GlobalAlloc"}, {"adress": "0x41851d", "name": "KERNEL32.DLL!GlobalLock"}, {"adress": "0x418566", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x41839e", "name": "KERNEL32.DLL!LocalAlloc"}, {"adress": "0x4185dc", "name": "KERNEL32.DLL!TlsGetValue"}, {"adress": "0x41862b", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x41863e", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x418654", "name": "KERNEL32.DLL!LocalAlloc"}, {"adress": "0x4186a2", "name": "KERNEL32.DLL!TlsSetValue"}, {"adress": "0x418f2b", "name": "KERNEL32.DLL!GetVersion"}, {"adress": "0x418f50", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x418fe6", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x418ff8", "name": "NTDLL.DLL!RtlInitializeCriticalSection"}, {"adress": "0x419001", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x419033", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x418666", "name": "KERNEL32.DLL!LocalReAlloc"}, {"adress": "0x417e13", "name": "KERNEL32.DLL!GetCurrentThread"}, {"adress": "0x417e1c", "name": "KERNEL32.DLL!GetCurrentThreadId"}, {"adress": "0x418849", "name": "KERNEL32.DLL!TlsGetValue"}, {"adress": "0x413cce", "name": "USER32.DLL!RegisterClipboardFormatA"}, {"adress": "0x4194a6", "name": "KERNEL32.DLL!GetVersion"}, {"adress": "0x4194e3", "name": "KERNEL32.DLL!GetProcessVersion"}, {"adress": "0x416321", "name": "USER32.DLL!GetSystemMetrics"}, {"adress": "0x416328", "name": "USER32.DLL!GetSystemMetrics"}, {"adress": "0x419461", "name": "USER32.DLL!GetSystemMetrics"}, {"adress": "0x41946b", "name": "USER32.DLL!GetSystemMetrics"}, {"adress": "0x416341", "name": "USER32.DLL!GetDC"}, {"adress": "0x416352", "name": "GDI32.DLL!GetDeviceCaps"}, {"adress": "0x41635a", "name": "GDI32.DLL!GetDeviceCaps"}, {"adress": "0x416362", "name": "USER32.DLL!ReleaseDC"}, {"adress": "0x4162dc", "name": "USER32.DLL!GetSysColor"}, {"adress": "0x4162e3", "name": "USER32.DLL!GetSysColor"}, {"adress": "0x4162ea", "name": "USER32.DLL!GetSysColor"}, {"adress": "0x4162f1", "name": "USER32.DLL!GetSysColor"}, {"adress": "0x4162f8", "name": "USER32.DLL!GetSysColor"}, {"adress": "0x416305", "name": "USER32.DLL!GetSysColorBrush"}, {"adress": "0x41630c", "name": "USER32.DLL!GetSysColorBrush"}, {"adress": "0x419511", "name": "USER32.DLL!LoadCursorA"}, {"adress": "0x41951c", "name": "USER32.DLL!LoadCursorA"}, {"adress": "0x41960b", "name": "KERNEL32.DLL!GetOEMCP"}, {"adress": "0x419612", "name": "KERNEL32.DLL!GetCPInfo"}, {"adress": "0x418d4b", "name": "KERNEL32.DLL!SetErrorMode"}, {"adress": "0x418d52", "name": "KERNEL32.DLL!SetErrorMode"}, {"adress": "0x418dd6", "name": "KERNEL32.DLL!GetModuleFileNameA"}, {"adress": "0x418f0b", "name": "KERNEL32.DLL!lstrcpyn"}, {"adress": "0x413b53", "name": "USER32.DLL!LoadStringA"}, {"adress": "0x418e77", "name": "KERNEL32.DLL!lstrcpy"}, {"adress": "0x418ea4", "name": "KERNEL32.DLL!lstrcat"}, {"adress": "0x419013", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x410d4c", "name": "WS2_32.DLL!WSAStartup"}, {"adress": "0x4186df", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x41870d", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x4083cf", "name": "NTDLL.DLL!ntdll_Offset_39930"}, {"adress": "0x4187b9", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x4183c0", "name": "KERNEL32.DLL!LocalFree"}, {"adress": "0x418775", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x418785", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x41878e", "name": "KERNEL32.DLL!LocalFree"}, {"adress": "0x4187a4", "name": "KERNEL32.DLL!TlsSetValue"}, {"adress": "0x4187ff", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x418f83", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x418f95", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x418417", "name": "KERNEL32.DLL!TlsFree"}, {"adress": "0x41843f", "name": "KERNEL32.DLL!GlobalHandle"}, {"adress": "0x418448", "name": "KERNEL32.DLL!GlobalUnlock"}, {"adress": "0x41844f", "name": "KERNEL32.DLL!GlobalFree"}, {"adress": "0x418459", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x406e68", "name": "NTDLL.DLL!RtlEnterCriticalSection"}, {"adress": "0x406e7f", "name": "NTDLL.DLL!RtlLeaveCriticalSection"}, {"adress": "0x406e58", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x417ca8", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40d1ce", "name": "KERNEL32.DLL!SetUnhandledExceptionFilter"}, {"adress": "0x40b05c", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40b077", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40b07f", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40b087", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40b08f", "name": "NTDLL.DLL!RtlDeleteCriticalSection"}, {"adress": "0x40ae20", "name": "KERNEL32.DLL!TlsFree"}, {"adress": "0x40c382", "name": "KERNEL32.DLL!VirtualFree"}, {"adress": "0x40c38d", "name": "KERNEL32.DLL!VirtualFree"}, {"adress": "0x40c39a", "name": "KERNEL32.DLL!HeapFree"}, {"adress": "0x40c3b8", "name": "KERNEL32.DLL!HeapFree"}, {"adress": "0x40c3c0", "name": "KERNEL32.DLL!HeapDestroy"}]}
Reference in a new issue View git blame Copy permalink