API tools faq
paste
Advertisement
Guest User

Sophos Hitman 911

a guest
Jan 13th, 2017
585
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.76 KB | None | 0 0
raw download clone embed print report
  1. Intruder
  2.  
  3. PID 4344
  4. Application C:\Program Files (x86)\Internet Explorer\iexplore.exe
  5. Description Internet Explorer 11
  6.  
  7. Detour Report
  8. # Address Owner Disassembly
  9. -- ---------- ------------------------ ------------------------
  10. GdipCreateBitmapFromFile
  11. 1 0x74515EA6 gdiplus.dll JMP 0x74ee7ea1
  12. 2 0x74EE7EA1 SOPHOS~1.DLL
  13.  
  14. GetFileVersionInfoSizeW
  15. 1 0x74EC19D9 VERSION.dll JMP 0x74ee457c
  16. 2 0x74EE457C SOPHOS~1.DLL
  17.  
  18. GetFileVersionInfoW
  19. 1 0x74EC19F4 VERSION.dll JMP 0x74ee455e
  20. 2 0x74EE455E SOPHOS~1.DLL
  21.  
  22. CreateActCtxW
  23. 1 0x752391E7 kernel32.dll JMP 0x74ee8f40
  24. 2 0x74EE8F40 SOPHOS~1.DLL
  25.  
  26. FreeLibrary
  27. 1 0x75233468 kernel32.dll JMP 0x74ee953d
  28. 2 0x74EE953D SOPHOS~1.DLL
  29.  
  30. LoadLibraryExW
  31. 1 0x752348FD kernel32.dll JMP 0x74ee9608
  32. 2 0x74EE9608 SOPHOS~1.DLL
  33.  
  34. QueueUserWorkItem
  35. 1 0x7524CA70 kernel32.dll PUSH DWORD 0x70ec0022
  36. RET
  37. 2 0x70EC0022 (anonymous; rooksdol.dll)
  38.  
  39. ReplaceFile
  40. 1 0x75250DFC kernel32.dll JMP 0x74ee8fbe
  41. 2 0x74EE8FBE SOPHOS~1.DLL
  42.  
  43. SetUnhandledExceptionFilter
  44. 1 0x75238769 kernel32.dll PUSH DWORD 0x71ae0022
  45. RET
  46. 2 0x71AE0022 (anonymous; SOPHOS~1.DLL)
  47.  
  48. SHExtractIconsW
  49. 1 0x756D57F3 SHELL32.dll JMP 0x74ee490d
  50. 2 0x74EE490D SOPHOS~1.DLL
  51.  
  52. connect
  53. 1 0x761868F5 WS2_32.dll JMP 0x719f0022
  54. 2 0x719F0022 (anonymous; RapportGH.dll)
  55.  
  56. getaddrinfo
  57. 1 0x76184296 WS2_32.dll JMP 0x70f90022
  58. 2 0x70F90022 (anonymous; rooksdol.dll)
  59.  
  60. GetAddrInfoExW
  61. 1 0x7618A6DB WS2_32.dll JMP 0x71010022
  62. 2 0x71010022 (anonymous; rooksdol.dll)
  63.  
  64. sendto
  65. 1 0x761834B5 WS2_32.dll JMP 0x718d0022
  66. 2 0x718D0022 (anonymous; RapportGH.dll)
  67.  
  68. WSAConnect
  69. 1 0x7618BCD5 WS2_32.dll JMP 0x71990022
  70. 2 0x71990022 (anonymous; RapportGH.dll)
  71.  
  72. WSAConnectByList
  73. 1 0x7619C07D WS2_32.dll JMP 0x71950022
  74. 2 0x71950022 (anonymous; RapportGH.dll)
  75.  
  76. WSAConnectByNameW
  77. 1 0x7619C5CF WS2_32.dll JMP 0x71910022
  78. 2 0x71910022 (anonymous; RapportGH.dll)
  79.  
  80. WSAIoctl
  81. 1 0x76182FE7 WS2_32.dll PUSH DWORD 0x71850022
  82. RET
  83. 2 0x71850022 (anonymous; rooksdol.dll)
  84.  
  85. DdeInitializeW
  86. 1 0x7638ABD1 USER32.dll PUSH DWORD 0x71580022
  87. RET
  88. 2 0x71580022 (anonymous; rooksdol.dll)
  89.  
  90. GetClipboardData
  91. 1 0x763A9FA4 USER32.dll PUSH DWORD 0x71540022
  92. RET
  93. 2 0x71540022 (anonymous; rooksdol.dll)
  94.  
  95. GetMessageA
  96. 1 0x76367BD3 USER32.dll PUSH DWORD 0x70f40022
  97. RET
  98. 2 0x70F40022 (anonymous; rooksdol.dll)
  99.  
  100. GetMessageW
  101. 1 0x763678E2 USER32.dll PUSH DWORD 0x70f00022
  102. RET
  103. 2 0x70F00022 (anonymous; rooksdol.dll)
  104.  
  105. PeekMessageW
  106. 1 0x763705D2 USER32.dll PUSH DWORD 0x71810022
  107. RET
  108. 2 0x71810022 (anonymous; rooksbas.dll)
  109.  
  110. RegisterClassA
  111. 1 0x7637541E USER32.dll PUSH DWORD 0x716e0022
  112. RET
  113. 2 0x716E0022 (anonymous; rooksdol.dll)
  114.  
  115. RegisterClassExW
  116. 1 0x7636B185 USER32.dll PUSH DWORD 0x71a50022
  117. RET
  118. 2 0x71A50022 (anonymous; rooksdol.dll)
  119.  
  120. RegisterClassW
  121. 1 0x76368A65 USER32.dll PUSH DWORD 0x71a20022
  122. RET
  123. 2 0x71A20022 (anonymous; rooksdol.dll)
  124.  
  125. TranslateMessage
  126. 1 0x76367809 USER32.dll PUSH DWORD 0x714e0022
  127. RET
  128. 2 0x714E0022 (anonymous; rooksdol.dll)
  129.  
  130. HttpAddRequestHeadersA
  131. 1 0x767A64D0 WININET.dll PUSH DWORD 0x714a0022
  132. RET
  133. 2 0x714A0022 winhttp.dll
  134.  
  135. HttpOpenRequestA *
  136. 1 0x76831470 WININET.dll PUSH DWORD 0x71460022
  137. RET
  138. 2 0x71460022 webio.dll
  139.  
  140. HttpOpenRequestW *
  141. 1 0x767A5D10 WININET.dll PUSH DWORD 0x71420022
  142. RET
  143. 2 0x71420022 webio.dll
  144.  
  145. HttpSendRequestA
  146. 1 0x7682AF60 WININET.dll PUSH DWORD 0x713e0022
  147. RET
  148. 2 0x713E0022 (anonymous; rooksdol.dll)
  149.  
  150. HttpSendRequestExA
  151. 1 0x768AA8D0 WININET.dll PUSH DWORD 0x713a0022
  152. RET
  153. 2 0x713A0022 (anonymous; rooksdol.dll)
  154.  
  155. HttpSendRequestExW
  156. 1 0x76822B30 WININET.dll PUSH DWORD 0x71360022
  157. RET
  158. 2 0x71360022 (anonymous; rooksdol.dll)
  159.  
  160. HttpSendRequestW
  161. 1 0x767A8A40 WININET.dll PUSH DWORD 0x71320022
  162. RET
  163. 2 0x71320022 (anonymous; rooksdol.dll)
  164.  
  165. InternetCloseHandle
  166. 1 0x767A1E70 WININET.dll PUSH DWORD 0x712e0022
  167. RET
  168. 2 0x712E0022 (anonymous; rooksdol.dll)
  169.  
  170. InternetConnectA
  171. 1 0x768313E0 WININET.dll PUSH DWORD 0x712a0022
  172. RET
  173. 2 0x712A0022 (anonymous; rooksdol.dll)
  174.  
  175. InternetConnectW
  176. 1 0x767A99A0 WININET.dll PUSH DWORD 0x71260022
  177. RET
  178. 2 0x71260022 (anonymous; rooksdol.dll)
  179.  
  180. InternetGetCookieExA
  181. 1 0x768AE800 WININET.dll PUSH DWORD 0x71220022
  182. RET
  183. 2 0x71220022 (anonymous; rooksdol.dll)
  184.  
  185. InternetGetCookieExW
  186. 1 0x76812010 WININET.dll PUSH DWORD 0x711e0022
  187. RET
  188. 2 0x711E0022 (anonymous; rooksdol.dll)
  189.  
  190. InternetOpenA
  191. 1 0x767BE1D0 WININET.dll PUSH DWORD 0x711a0022
  192. RET
  193. 2 0x711A0022 (anonymous; rooksdol.dll)
  194.  
  195. InternetOpenW
  196. 1 0x767BE760 WININET.dll PUSH DWORD 0x71160022
  197. RET
  198. 2 0x71160022 (anonymous; rooksdol.dll)
  199.  
  200. InternetQueryDataAvailable
  201. 1 0x767B7E30 WININET.dll PUSH DWORD 0x71120022
  202. RET
  203. 2 0x71120022 (anonymous; rooksdol.dll)
  204.  
  205. InternetSetStatusCallback
  206. 1 0x767BFD50 WININET.dll PUSH DWORD 0x710e0022
  207. RET
  208. 2 0x710E0022 (anonymous; rooksdol.dll)
  209.  
  210. InternetWriteFile
  211. 1 0x76822CB0 WININET.dll PUSH DWORD 0x710a0022
  212. RET
  213. 2 0x710A0022 (anonymous; rooksdol.dll)
  214.  
  215. BitBlt
  216. 1 0x76BA5EA5 GDI32.dll PUSH DWORD 0x71660022
  217. RET
  218. 2 0x71660022 (anonymous; rooksdol.dll)
  219.  
  220. CoCreateInstanceEx
  221. 1 0x77019CFE ole32.dll JMP 0x71620022
  222. 2 0x71620022 (anonymous; rooksdol.dll)
  223.  
  224. StgOpenStorageEx
  225. 1 0x77046CDA ole32.dll JMP 0x74ed546b
  226. 2 0x74ED546B SOPHOS~1.DLL
  227.  
  228. CoInternetCombineUrlEx
  229. 1 0x7719C9C0 urlmon.dll PUSH DWORD 0x715e0022
  230. RET
  231. 2 0x715E0022 (anonymous; rooksdol.dll)
  232.  
  233. WinVerifyTrust
  234. 1 0x773F273A WINTRUST.dll PUSH DWORD 0x71060022
  235. RET
  236. 2 0x71060022 (anonymous; rooksdol.dll)
  237.  
  238. NtMapViewOfSection
  239. 1 0x7787FC60 ntdll.dll JMP 0x71890022
  240. 2 0x71890022 (anonymous; rooksdol.dll)
  241.  
  242.  
  243. Thumbprint
  244. 5766f23574c441cd17770a583ce91d97c0c49e7e3b2588eb3d4c57d2b959c6d8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!