findDll Author: David Zimmer Date: 03.07.12 - 3:14pm
added another micro utility to the malcode analyst pack today.
findDll.exe is similar to listdlls | grep [match] except that it will
include the process ID of the containing module and does not require grep installed. You can download a precompiled binary here
D:\>finddll Wininet
Scanning running processes for module: wininet
0x06C8 (1736) SVCHOST.EXE c:\windows\system32\wininet.dll 0x3D930000
0x04CC (1228) SVCHOST.EXE c:\windows\system32\wininet.dll 0x3D930000
0x0618 (1560) Explorer.EXE c:\windows\system32\wininet.dll 0x3D930000
0x0A70 (2672) Skype.exe c:\windows\system32\wininet.dll 0x3D930000
0x0DC4 (3524) skypePM.exe c:\windows\system32\wininet.dll 0x3D930000
0x0E94 (3732) TrueCrypt.exe c:\windows\system32\wininet.dll 0x3D930000
0x0CCC (3276) vmware.exe c:\windows\system32\wininet.dll 0x3D930000
0x13F4 (5108) firefox.exe c:\windows\system32\wininet.dll 0x3D930000
Comments: (0)
|