Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Intruder
- PID 4344
- Application C:\Program Files (x86)\Internet Explorer\iexplore.exe
- Description Internet Explorer 11
- Detour Report
- # Address Owner Disassembly
- -- ---------- ------------------------ ------------------------
- GdipCreateBitmapFromFile
- 1 0x74515EA6 gdiplus.dll JMP 0x74ee7ea1
- 2 0x74EE7EA1 SOPHOS~1.DLL
- GetFileVersionInfoSizeW
- 1 0x74EC19D9 VERSION.dll JMP 0x74ee457c
- 2 0x74EE457C SOPHOS~1.DLL
- GetFileVersionInfoW
- 1 0x74EC19F4 VERSION.dll JMP 0x74ee455e
- 2 0x74EE455E SOPHOS~1.DLL
- CreateActCtxW
- 1 0x752391E7 kernel32.dll JMP 0x74ee8f40
- 2 0x74EE8F40 SOPHOS~1.DLL
- FreeLibrary
- 1 0x75233468 kernel32.dll JMP 0x74ee953d
- 2 0x74EE953D SOPHOS~1.DLL
- LoadLibraryExW
- 1 0x752348FD kernel32.dll JMP 0x74ee9608
- 2 0x74EE9608 SOPHOS~1.DLL
- QueueUserWorkItem
- 1 0x7524CA70 kernel32.dll PUSH DWORD 0x70ec0022
- RET
- 2 0x70EC0022 (anonymous; rooksdol.dll)
- ReplaceFile
- 1 0x75250DFC kernel32.dll JMP 0x74ee8fbe
- 2 0x74EE8FBE SOPHOS~1.DLL
- SetUnhandledExceptionFilter
- 1 0x75238769 kernel32.dll PUSH DWORD 0x71ae0022
- RET
- 2 0x71AE0022 (anonymous; SOPHOS~1.DLL)
- SHExtractIconsW
- 1 0x756D57F3 SHELL32.dll JMP 0x74ee490d
- 2 0x74EE490D SOPHOS~1.DLL
- connect
- 1 0x761868F5 WS2_32.dll JMP 0x719f0022
- 2 0x719F0022 (anonymous; RapportGH.dll)
- getaddrinfo
- 1 0x76184296 WS2_32.dll JMP 0x70f90022
- 2 0x70F90022 (anonymous; rooksdol.dll)
- GetAddrInfoExW
- 1 0x7618A6DB WS2_32.dll JMP 0x71010022
- 2 0x71010022 (anonymous; rooksdol.dll)
- sendto
- 1 0x761834B5 WS2_32.dll JMP 0x718d0022
- 2 0x718D0022 (anonymous; RapportGH.dll)
- WSAConnect
- 1 0x7618BCD5 WS2_32.dll JMP 0x71990022
- 2 0x71990022 (anonymous; RapportGH.dll)
- WSAConnectByList
- 1 0x7619C07D WS2_32.dll JMP 0x71950022
- 2 0x71950022 (anonymous; RapportGH.dll)
- WSAConnectByNameW
- 1 0x7619C5CF WS2_32.dll JMP 0x71910022
- 2 0x71910022 (anonymous; RapportGH.dll)
- WSAIoctl
- 1 0x76182FE7 WS2_32.dll PUSH DWORD 0x71850022
- RET
- 2 0x71850022 (anonymous; rooksdol.dll)
- DdeInitializeW
- 1 0x7638ABD1 USER32.dll PUSH DWORD 0x71580022
- RET
- 2 0x71580022 (anonymous; rooksdol.dll)
- GetClipboardData
- 1 0x763A9FA4 USER32.dll PUSH DWORD 0x71540022
- RET
- 2 0x71540022 (anonymous; rooksdol.dll)
- GetMessageA
- 1 0x76367BD3 USER32.dll PUSH DWORD 0x70f40022
- RET
- 2 0x70F40022 (anonymous; rooksdol.dll)
- GetMessageW
- 1 0x763678E2 USER32.dll PUSH DWORD 0x70f00022
- RET
- 2 0x70F00022 (anonymous; rooksdol.dll)
- PeekMessageW
- 1 0x763705D2 USER32.dll PUSH DWORD 0x71810022
- RET
- 2 0x71810022 (anonymous; rooksbas.dll)
- RegisterClassA
- 1 0x7637541E USER32.dll PUSH DWORD 0x716e0022
- RET
- 2 0x716E0022 (anonymous; rooksdol.dll)
- RegisterClassExW
- 1 0x7636B185 USER32.dll PUSH DWORD 0x71a50022
- RET
- 2 0x71A50022 (anonymous; rooksdol.dll)
- RegisterClassW
- 1 0x76368A65 USER32.dll PUSH DWORD 0x71a20022
- RET
- 2 0x71A20022 (anonymous; rooksdol.dll)
- TranslateMessage
- 1 0x76367809 USER32.dll PUSH DWORD 0x714e0022
- RET
- 2 0x714E0022 (anonymous; rooksdol.dll)
- HttpAddRequestHeadersA
- 1 0x767A64D0 WININET.dll PUSH DWORD 0x714a0022
- RET
- 2 0x714A0022 winhttp.dll
- HttpOpenRequestA *
- 1 0x76831470 WININET.dll PUSH DWORD 0x71460022
- RET
- 2 0x71460022 webio.dll
- HttpOpenRequestW *
- 1 0x767A5D10 WININET.dll PUSH DWORD 0x71420022
- RET
- 2 0x71420022 webio.dll
- HttpSendRequestA
- 1 0x7682AF60 WININET.dll PUSH DWORD 0x713e0022
- RET
- 2 0x713E0022 (anonymous; rooksdol.dll)
- HttpSendRequestExA
- 1 0x768AA8D0 WININET.dll PUSH DWORD 0x713a0022
- RET
- 2 0x713A0022 (anonymous; rooksdol.dll)
- HttpSendRequestExW
- 1 0x76822B30 WININET.dll PUSH DWORD 0x71360022
- RET
- 2 0x71360022 (anonymous; rooksdol.dll)
- HttpSendRequestW
- 1 0x767A8A40 WININET.dll PUSH DWORD 0x71320022
- RET
- 2 0x71320022 (anonymous; rooksdol.dll)
- InternetCloseHandle
- 1 0x767A1E70 WININET.dll PUSH DWORD 0x712e0022
- RET
- 2 0x712E0022 (anonymous; rooksdol.dll)
- InternetConnectA
- 1 0x768313E0 WININET.dll PUSH DWORD 0x712a0022
- RET
- 2 0x712A0022 (anonymous; rooksdol.dll)
- InternetConnectW
- 1 0x767A99A0 WININET.dll PUSH DWORD 0x71260022
- RET
- 2 0x71260022 (anonymous; rooksdol.dll)
- InternetGetCookieExA
- 1 0x768AE800 WININET.dll PUSH DWORD 0x71220022
- RET
- 2 0x71220022 (anonymous; rooksdol.dll)
- InternetGetCookieExW
- 1 0x76812010 WININET.dll PUSH DWORD 0x711e0022
- RET
- 2 0x711E0022 (anonymous; rooksdol.dll)
- InternetOpenA
- 1 0x767BE1D0 WININET.dll PUSH DWORD 0x711a0022
- RET
- 2 0x711A0022 (anonymous; rooksdol.dll)
- InternetOpenW
- 1 0x767BE760 WININET.dll PUSH DWORD 0x71160022
- RET
- 2 0x71160022 (anonymous; rooksdol.dll)
- InternetQueryDataAvailable
- 1 0x767B7E30 WININET.dll PUSH DWORD 0x71120022
- RET
- 2 0x71120022 (anonymous; rooksdol.dll)
- InternetSetStatusCallback
- 1 0x767BFD50 WININET.dll PUSH DWORD 0x710e0022
- RET
- 2 0x710E0022 (anonymous; rooksdol.dll)
- InternetWriteFile
- 1 0x76822CB0 WININET.dll PUSH DWORD 0x710a0022
- RET
- 2 0x710A0022 (anonymous; rooksdol.dll)
- BitBlt
- 1 0x76BA5EA5 GDI32.dll PUSH DWORD 0x71660022
- RET
- 2 0x71660022 (anonymous; rooksdol.dll)
- CoCreateInstanceEx
- 1 0x77019CFE ole32.dll JMP 0x71620022
- 2 0x71620022 (anonymous; rooksdol.dll)
- StgOpenStorageEx
- 1 0x77046CDA ole32.dll JMP 0x74ed546b
- 2 0x74ED546B SOPHOS~1.DLL
- CoInternetCombineUrlEx
- 1 0x7719C9C0 urlmon.dll PUSH DWORD 0x715e0022
- RET
- 2 0x715E0022 (anonymous; rooksdol.dll)
- WinVerifyTrust
- 1 0x773F273A WINTRUST.dll PUSH DWORD 0x71060022
- RET
- 2 0x71060022 (anonymous; rooksdol.dll)
- NtMapViewOfSection
- 1 0x7787FC60 ntdll.dll JMP 0x71890022
- 2 0x71890022 (anonymous; rooksdol.dll)
- Thumbprint
- 5766f23574c441cd17770a583ce91d97c0c49e7e3b2588eb3d4c57d2b959c6d8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement