📄 imp_xp.txt
字号:
; Syntax for each function in a thunk (the separator is a TAB)
; ------------------------------------------------------------
; Flag RVA ModuleName Ordinal Name
;
; Details for <Valid> parameter:
; ------------------------------
; Flag: 0 = valid: no -> - Name contains the address of the redirected API (you can set
; it to zero if you edit it).
; - Ordinal is not considered but you should let '0000' as value.
; - ModuleName is not considered but you should let '?' as value.
;
; 1 = valid: yes -> All next parameters on the line will be considered.
; Function imported by ordinal must have no name (the 4th TAB must
; be there though).
;
; 2 = Equivalent to 0 but it is for the loader.
;
; 3 = Equivalent to 1 but it is for the loader.
;
; 4 = Equivalent to 0 with (R) tag.
;
; 5 = Equivalent to 1 with (R) tag.
;
; And finally, edit this file as your own risk! :-)
Target: G:\MyPrj\PE\book\Lab\DeShell\APIRedir\bin\e_BoxEdit1.exe
OEP: 0000C627 IATRVA: 0003C000 IATSize: 000006DC
FThunk: 0003C000 NbFunc: 0000000E
1 0003C000 advapi32.dll 01CC RegCreateKeyA
1 0003C004 advapi32.dll 01C9 RegCloseKey
1 0003C008 advapi32.dll 01D5 RegEnumKeyA
1 0003C00C advapi32.dll 01E1 RegOpenKeyA
1 0003C010 advapi32.dll 01D0 RegDeleteKeyA
1 0003C014 advapi32.dll 01CD RegCreateKeyExA
1 0003C018 advapi32.dll 01E2 RegOpenKeyExA
1 0003C01C advapi32.dll 01EC RegQueryValueExA
1 0003C020 advapi32.dll 01F9 RegSetValueExA
1 0003C024 advapi32.dll 01D2 RegDeleteValueA
1 0003C028 advapi32.dll 01F8 RegSetValueA
1 0003C02C advapi32.dll 01EB RegQueryValueA
1 0003C030 advapi32.dll 00EF GetFileSecurityA
1 0003C034 advapi32.dll 0223 SetFileSecurityA
FThunk: 0003C03C NbFunc: 00000004
1 0003C03C comctl32.dll 0029 ImageList_AddMasked
1 0003C040 comctl32.dll 0011 InitCommonControls
1 0003C044 comctl32.dll 002D ImageList_Destroy
1 0003C048 comctl32.dll 002C ImageList_Create
FThunk: 0003C050 NbFunc: 0000004F
1 0003C050 gdi32.dll 020D SelectObject
1 0003C054 gdi32.dll 0215 SetBkMode
1 0003C058 gdi32.dll 0233 SetPolyFillMode
1 0003C05C gdi32.dll 0234 SetROP2
1 0003C060 gdi32.dll 0237 SetStretchBltMode
1 0003C064 gdi32.dll 022A SetMapMode
1 0003C068 gdi32.dll 023E SetViewportOrgEx
1 0003C06C gdi32.dll 01D4 OffsetViewportOrgEx
1 0003C070 gdi32.dll 023D SetViewportExtEx
1 0003C074 gdi32.dll 0207 ScaleViewportExtEx
1 0003C078 gdi32.dll 0242 SetWindowOrgEx
1 0003C07C gdi32.dll 0241 SetWindowExtEx
1 0003C080 gdi32.dll 0208 ScaleWindowExtEx
1 0003C084 gdi32.dll 020B SelectClipRgn
1 0003C088 gdi32.dll 00D8 ExcludeClipRect
1 0003C08C gdi32.dll 01C8 IntersectClipRect
1 0003C090 gdi32.dll 01D0 MoveToEx
1 0003C094 gdi32.dll 01CC LineTo
1 0003C098 gdi32.dll 0239 SetTextAlign
1 0003C09C gdi32.dll 0166 GetCurrentPositionEx
1 0003C0A0 gdi32.dll 0090 DeleteObject
1 0003C0A4 gdi32.dll 004C CreateRectRgn
1 0003C0A8 gdi32.dll 01FF RestoreDC
1 0003C0AC gdi32.dll 01C0 GetViewportExtEx
1 0003C0B0 gdi32.dll 01C3 GetWindowExtEx
1 0003C0B4 gdi32.dll 0051 CreateSolidBrush
1 0003C0B8 gdi32.dll 0047 CreatePatternBrush
1 0003C0BC gdi32.dll 01F0 PtVisible
1 0003C0C0 gdi32.dll 01F4 RectVisible
1 0003C0C4 gdi32.dll 024D TextOutA
1 0003C0C8 gdi32.dll 00DE ExtTextOutA
1 0003C0CC gdi32.dll 00D5 Escape
1 0003C0D0 gdi32.dll 01B5 GetTextExtentPoint32A
1 0003C0D4 gdi32.dll 01BD GetTextMetricsA
1 0003C0D8 gdi32.dll 0249 StretchDIBits
1 0003C0DC gdi32.dll 002D CreateCompatibleBitmap
1 0003C0E0 gdi32.dll 0159 GetCharWidthA
1 0003C0E4 gdi32.dll 003A CreateFontA
1 0003C0E8 gdi32.dll 004D CreateRectRgnIndirect
1 0003C0EC gdi32.dll 003B CreateFontIndirectA
1 0003C0F0 gdi32.dll 01B0 GetTextColor
1 0003C0F4 gdi32.dll 014D GetBkColor
1 0003C0F8 gdi32.dll 0194 GetNearestColor
1 0003C0FC gdi32.dll 01A7 GetStretchBltMode
1 0003C100 gdi32.dll 019F GetPolyFillMode
1 0003C104 gdi32.dll 01AC GetTextAlign
1 0003C108 gdi32.dll 014E GetBkMode
1 0003C10C gdi32.dll 01A0 GetROP2
1 0003C110 gdi32.dll 01BA GetTextFaceA
1 0003C114 gdi32.dll 01C4 GetWindowOrgEx
1 0003C118 gdi32.dll 018E GetMapMode
1 0003C11C gdi32.dll 0235 SetRectRgn
1 0003C120 gdi32.dll 0022 CombineRgn
1 0003C124 gdi32.dll 0206 SaveDC
1 0003C128 gdi32.dll 01CA LPtoDP
1 0003C12C gdi32.dll 008D DeleteDC
1 0003C130 gdi32.dll 002F CreateDCA
1 0003C134 gdi32.dll 020F SetAbortProc
1 0003C138 gdi32.dll 0244 StartDocA
1 0003C13C gdi32.dll 0247 StartPage
1 0003C140 gdi32.dll 0099 EndPage
1 0003C144 gdi32.dll 0097 EndDoc
1 0003C148 gdi32.dll 0001 AbortDoc
1 0003C14C gdi32.dll 01C1 GetViewportOrgEx
1 0003C150 gdi32.dll 0048 CreatePen
1 0003C154 gdi32.dll 0052 DPtoLP
1 0003C158 gdi32.dll 01F5 Rectangle
1 0003C15C gdi32.dll 01A6 GetStockObject
1 0003C160 gdi32.dll 01DC PatBlt
1 0003C164 gdi32.dll 0196 GetObjectA
1 0003C168 gdi32.dll 0214 SetBkColor
1 0003C16C gdi32.dll 023B SetTextColor
1 0003C170 gdi32.dll 0161 GetClipBox
1 0003C174 gdi32.dll 016C GetDeviceCaps
1 0003C178 gdi32.dll 0028 CreateBitmap
1 0003C17C gdi32.dll 002E CreateCompatibleDC
1 0003C180 gdi32.dll 0034 CreateDIBitmap
1 0003C184 gdi32.dll 01B7 GetTextExtentPointA
1 0003C188 gdi32.dll 0013 BitBlt
FThunk: 0003C190 NbFunc: 0000007E
1 0003C190 kernel32.dll 022D LCMapStringA
1 0003C194 kernel32.dll 022E LCMapStringW
1 0003C198 kernel32.dll 01A9 GetStringTypeA
1 0003C19C kernel32.dll 01AC GetStringTypeW
1 0003C1A0 kernel32.dll 021E IsBadReadPtr
1 0003C1A4 kernel32.dll 021B IsBadCodePtr
1 0003C1A8 kernel32.dll 032C SetUnhandledExceptionFilter
1 0003C1AC kernel32.dll 031B SetStdHandle
1 0003C1B0 kernel32.dll 0036 CompareStringA
1 0003C1B4 kernel32.dll 0037 CompareStringW
1 0003C1B8 kernel32.dll 02F8 SetEnvironmentVariableA
1 0003C1BC kernel32.dll 0221 IsBadWritePtr
1 0003C1C0 kernel32.dll 01A1 GetProfileStringA
1 0003C1C4 kernel32.dll 0364 VirtualAlloc
1 0003C1C8 kernel32.dll 0367 VirtualFree
1 0003C1CC kernel32.dll 01FE HeapCreate
1 0003C1D0 kernel32.dll 0200 HeapDestroy
1 0003C1D4 kernel32.dll 01D5 GetVersionExA
1 0003C1D8 kernel32.dll 014A GetEnvironmentVariableA
1 0003C1DC kernel32.dll 0158 GetFileType
1 0003C1E0 kernel32.dll 01A8 GetStdHandle
1 0003C1E4 kernel32.dll 024E LockResource
1 0003C1E8 kernel32.dll 0149 GetEnvironmentStringsW
1 0003C1EC kernel32.dll 0147 GetEnvironmentStrings
1 0003C1F0 kernel32.dll 00E9 FreeEnvironmentStringsW
1 0003C1F4 kernel32.dll 00E8 FreeEnvironmentStringsA
1 0003C1F8 kernel32.dll 0351 UnhandledExceptionFilter
1 0003C1FC kernel32.dll 01CE GetTimeZoneInformation
1 0003C200 kernel32.dll 00F0 GetACP
1 0003C204 kernel32.dll 0208 HeapSize
1 0003C208 kernel32.dll 0206 HeapReAlloc
1 0003C20C kernel32.dll 0290 RaiseException
1 0003C210 kernel32.dll 0340 TerminateProcess
1 0003C214 kernel32.dll 0202 HeapFree
1 0003C218 kernel32.dll 01FC HeapAlloc
1 0003C21C kernel32.dll 00B0 ExitProcess
1 0003C220 kernel32.dll 0103 GetCommandLineA
1 0003C224 kernel32.dll 01A6 GetStartupInfoA
1 0003C228 kernel32.dll 02BE RtlUnwind
1 0003C22C kernel32.dll 01CB GetTickCount
1 0003C230 kernel32.dll 00BC FileTimeToLocalFileTime
1 0003C234 kernel32.dll 00BD FileTimeToSystemTime
1 0003C238 kernel32.dll 02FA SetErrorMode
1 0003C23C kernel32.dll 033D SystemTimeToFileTime
1 0003C240 kernel32.dll 0243 LocalFileTimeToFileTime
1 0003C244 kernel32.dll 0155 GetFileSize
1 0003C248 kernel32.dll 0184 GetOEMCP
1 0003C24C kernel32.dll 00F7 GetCPInfo
1 0003C250 kernel32.dll 019B GetProcessVersion
1 0003C254 kernel32.dll 0133 GetCurrentDirectoryA
1 0003C258 kernel32.dll 0347 TlsGetValue
1 0003C25C kernel32.dll 0248 LocalReAlloc
1 0003C260 kernel32.dll 0348 TlsSetValue
1 0003C264 kernel32.dll 0090 EnterCriticalSection
1 0003C268 kernel32.dll 01F2 GlobalReAlloc
1 0003C26C kernel32.dll 023A LeaveCriticalSection
1 0003C270 kernel32.dll 0346 TlsFree
1 0003C274 kernel32.dll 01EE GlobalHandle
1 0003C278 kernel32.dll 007B DeleteCriticalSection
1 0003C27C kernel32.dll 0345 TlsAlloc
1 0003C280 kernel32.dll 020F InitializeCriticalSection
1 0003C284 kernel32.dll 0241 LocalAlloc
1 0003C288 kernel32.dll 0337 SizeofResource
1 0003C28C kernel32.dll 01EA GlobalFlags
1 0003C290 kernel32.dll 01A4 GetShortPathNameA
1 0003C294 kernel32.dll 01C6 GetThreadLocale
1 0003C298 kernel32.dll 01AA GetStringTypeExA
1 0003C29C kernel32.dll 01D7 GetVolumeInformationA
1 0003C2A0 kernel32.dll 00CA FindFirstFileA
1 0003C2A4 kernel32.dll 00C6 FindClose
1 0003C2A8 kernel32.dll 007D DeleteFileA
1 0003C2AC kernel32.dll 0257 MoveFileA
1 0003C2B0 kernel32.dll 02F7 SetEndOfFile
1 0003C2B4 kernel32.dll 0352 UnlockFile
1 0003C2B8 kernel32.dll 024C LockFile
1 0003C2BC kernel32.dll 00E0 FlushFileBuffers
1 0003C2C0 kernel32.dll 0300 SetFilePointer
1 0003C2C4 kernel32.dll 0385 WriteFile
1 0003C2C8 kernel32.dll 029D ReadFile
1 0003C2CC kernel32.dll 004E CreateFileA
1 0003C2D0 kernel32.dll 0135 GetCurrentProcess
1 0003C2D4 kernel32.dll 008D DuplicateHandle
1 0003C2D8 kernel32.dll 00E5 FormatMessageA
1 0003C2DC kernel32.dll 0245 LocalFree
1 0003C2E0 kernel32.dll 0378 WideCharToMultiByte
1 0003C2E4 kernel32.dll 0217 InterlockedIncrement
1 0003C2E8 kernel32.dll 0213 InterlockedDecrement
1 0003C2EC kernel32.dll 02B8 RestoreLastError
1 0003C2F0 kernel32.dll 025D MulDiv
1 0003C2F4 kernel32.dll 025E MultiByteToWideChar
1 0003C2F8 kernel32.dll 0162 GetLastError
1 0003C2FC kernel32.dll 013F GetDiskFreeSpaceA
1 0003C300 kernel32.dll 0157 GetFileTime
1 0003C304 kernel32.dll 0304 SetFileTime
1 0003C308 kernel32.dll 015B GetFullPathNameA
1 0003C30C kernel32.dll 01C0 GetTempFileNameA
1 0003C310 kernel32.dll 03A9 lstrcpyn
1 0003C314 kernel32.dll 0150 GetFileAttributesA
1 0003C318 kernel32.dll 023B LoadLibraryA
1 0003C31C kernel32.dll 00EA FreeLibrary
1 0003C320 kernel32.dll 01D4 GetVersion
1 0003C324 kernel32.dll 039D lstrcat
1 0003C328 kernel32.dll 01EC GlobalGetAtomNameA
1 0003C32C kernel32.dll 01E7 GlobalFindAtomA
1 0003C330 kernel32.dll 03A6 lstrcpy
1 0003C334 kernel32.dll 016F GetModuleHandleA
1 0003C338 kernel32.dll 0191 GetProcAddress
1 0003C33C kernel32.dll 03AC lstrlen
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -