findDll


Author: David Zimmer
Date: 03.07.12 - 3:14pm



added another micro utility to the malcode analyst pack today. findDll.exe is similar to listdlls | grep [match] except that it will include the process ID of the containing module and does not require grep installed. You can download a precompiled binary here

D:\>finddll Wininet
Scanning running processes for module: wininet
0x06C8 (1736)   SVCHOST.EXE     c:\windows\system32\wininet.dll 0x3D930000
0x04CC (1228)   SVCHOST.EXE     c:\windows\system32\wininet.dll 0x3D930000
0x0618 (1560)   Explorer.EXE    c:\windows\system32\wininet.dll 0x3D930000
0x0A70 (2672)   Skype.exe       c:\windows\system32\wininet.dll 0x3D930000
0x0DC4 (3524)   skypePM.exe     c:\windows\system32\wininet.dll 0x3D930000
0x0E94 (3732)   TrueCrypt.exe   c:\windows\system32\wininet.dll 0x3D930000
0x0CCC (3276)   vmware.exe      c:\windows\system32\wininet.dll 0x3D930000
0x13F4 (5108)   firefox.exe     c:\windows\system32\wininet.dll 0x3D930000





Comments: (0)

 
Leave Comment:
Name:
Email: (not shown)
Message: (Required)
Math Question: 71 + 33 = ? followed by the letter: B 



Twitter
RSS
About Me
More Blogs
Main Site
Posts: (All)
2020 ( 6 )
2019 ( 12 )
2017 ( 5 )
2016 ( 4 )
2015 ( 6 )
2014 ( 5 )
2013 ( 9 )
2012 (13)
     flash patching
     x64 Hooks
     micro hook
     jmp api+5 *2
     SysAnalyzer Updates
     InjDll runtime config
     C# Asm/Dsm Library
     Shellcode Hook Detection
     Updates II
     findDll
     Java Hacking
     Windows 8
     Win7 x64
2011 ( 19 )
2010 ( 11 )
2009 ( 1 )