Created
September 1, 2018 06:06
-
-
Save pinksawtooth/424fdf9061f56a0e8d4260feabbd79d1 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ShellcodeHashSearcher: 0x00000043: hash_ror13AddUpperDllnameHash32:0x4b6f1152 kernel32.dll!lstrlenA | |
| ShellcodeHashSearcher: 0x00000083: hash_ror13AddUpperDllnameHash32:0x399f1068 kernel32.dll!lstrcatW | |
| ShellcodeHashSearcher: 0x00000091: hash_ror13AddUpperDllnameHash32:0x7e296212 kernel32.dll!CloseHandle | |
| ShellcodeHashSearcher: 0x0000009f: hash_ror13AddUpperDllnameHash32:0x7131fdc3 kernel32.dll!VirtualFree | |
| ShellcodeHashSearcher: 0x000000ad: hash_ror13AddUpperDllnameHash32:0xffdb946b kernel32.dll!VirtualAlloc | |
| ShellcodeHashSearcher: 0x000000bb: hash_ror13AddUpperDllnameHash32:0xe7729032 kernel32.dll!VirtualProtect | |
| ShellcodeHashSearcher: 0x000000c9: hash_ror13AddUpperDllnameHash32:0x5a3a18a5 kernel32.dll!LoadLibraryA | |
| ShellcodeHashSearcher: 0x000000d9: hash_ror13AddUpperDllnameHash32:0x415e131b kernel32.dll!GetModuleHandleA | |
| ShellcodeHashSearcher: 0x000000e7: hash_ror13AddUpperDllnameHash32:0xea39c6c1 kernel32.dll!GetProcAddress | |
| ShellcodeHashSearcher: 0x000000f5: hash_ror13AddUpperDllnameHash32:0x163ab6c5 kernel32.dll!GetProcessHeap | |
| ShellcodeHashSearcher: 0x00000103: hash_ror13AddUpperDllnameHash32:0x3c31a3c4 kernel32.dll!WaitForSingleObject | |
| ShellcodeHashSearcher: 0x00000111: hash_ror13AddUpperDllnameHash32:0x3e054b78 kernel32.dll!GetVersion | |
| ShellcodeHashSearcher: 0x0000011f: hash_ror13AddUpperDllnameHash32:0x38579a82 kernel32.dll!CreateThread | |
| ShellcodeHashSearcher: 0x0000012d: hash_ror13AddUpperDllnameHash32:0x56364336 kernel32.dll!WriteFile | |
| ShellcodeHashSearcher: 0x0000013b: hash_ror13AddUpperDllnameHash32:0xea2be1bc kernel32.dll!CreateFileA | |
| ShellcodeHashSearcher: 0x00000149: hash_ror13AddUpperDllnameHash32:0xc9b6944a kernel32.dll!GetTempPathA | |
| ShellcodeHashSearcher: 0x00000157: hash_ror13AddUpperDllnameHash32:0x55d7ec4f kernel32.dll!GetTempFileNameA | |
| ShellcodeHashSearcher: 0x00000168: hash_ror13AddUpperDllnameHash32:0x271143d8 kernel32.dll!GetSystemDirectoryA | |
| ShellcodeHashSearcher: 0x00000179: hash_ror13AddUpperDllnameHash32:0x4979c49f kernel32.dll!CreateProcessInternalW | |
| ShellcodeHashSearcher: 0x0000018a: hash_ror13AddUpperDllnameHash32:0x1a5c758b kernel32.dll!GetExitCodeProcess | |
| ShellcodeHashSearcher: 0x0000019b: hash_ror13AddUpperDllnameHash32:0x5280aa04 kernel32.dll!CreateToolhelp32Snapshot | |
| ShellcodeHashSearcher: 0x000001ac: hash_ror13AddUpperDllnameHash32:0xa07584be kernel32.dll!Process32First | |
| ShellcodeHashSearcher: 0x000001bd: hash_ror13AddUpperDllnameHash32:0xb5a22f61 kernel32.dll!Process32Next | |
| ShellcodeHashSearcher: 0x000001ce: hash_ror13AddUpperDllnameHash32:0x397f1352 kernel32.dll!lstrcmpA | |
| ShellcodeHashSearcher: 0x000001df: hash_ror13AddUpperDllnameHash32:0xae4eeeaa ntdll.dll!RtlFreeHeap | |
| ShellcodeHashSearcher: 0x000001f0: hash_ror13AddUpperDllnameHash32:0xeb8e0118 ntdll.dll!RtlAllocateHeap | |
| ShellcodeHashSearcher: 0x00000201: hash_ror13AddUpperDllnameHash32:0x5ae068b6 ntdll.dll!RtlReAllocateHeap | |
| ShellcodeHashSearcher: 0x00000212: hash_ror13AddUpperDllnameHash32:0xe2ef8c58 ntdll.dll!RtlGetLastWin32Error | |
| ShellcodeHashSearcher: 0x00000223: hash_ror13AddUpperDllnameHash32:0x0afb4562 ntdll.dll!memcpy | |
| ShellcodeHashSearcher: 0x00000234: hash_ror13AddUpperDllnameHash32:0x0aa3495d ntdll.dll!memset | |
| ShellcodeHashSearcher: 0x00000245: hash_ror13AddUpperDllnameHash32:0x84e81810 ntdll.dll!sprintf | |
| ShellcodeHashSearcher: 0x00000256: hash_ror13AddUpperDllnameHash32:0xbaa5bafc ole32.dll!CoInitialize | |
| ShellcodeHashSearcher: 0x00000267: hash_ror13AddUpperDllnameHash32:0x94c3d707 user32.dll!GetForegroundWindow | |
| ShellcodeHashSearcher: 0x00000278: hash_ror13AddUpperDllnameHash32:0xe0c453c1 shell32.dll!ShellExecuteExA | |
| ShellcodeHashSearcher: 0x0000029e: hash_ror13AddUpperDllnameHash32:0x7a2a9286 advapi32.dll!OpenProcessToken | |
| ShellcodeHashSearcher: 0x000002a8: hash_ror13AddUpperDllnameHash32:0xfce759d1 advapi32.dll!GetTokenInformation | |
| ShellcodeHashSearcher: 0x000002b9: hash_ror13AddUpperDllnameHash32:0x8469b002 advapi32.dll!CreateProcessAsUserA | |
| ShellcodeHashSearcher: 0x000002ca: hash_ror13AddUpperDllnameHash32:0x6e2ab3c7 winhttp.dll!WinHttpCrackUrl | |
| ShellcodeHashSearcher: 0x000002db: hash_ror13AddUpperDllnameHash32:0x3eb9d04a winhttp.dll!WinHttpOpen | |
| ShellcodeHashSearcher: 0x000002ec: hash_ror13AddUpperDllnameHash32:0x78ff248d winhttp.dll!WinHttpCloseHandle | |
| ShellcodeHashSearcher: 0x000002fd: hash_ror13AddUpperDllnameHash32:0x6e42111b winhttp.dll!WinHttpConnect | |
| ShellcodeHashSearcher: 0x0000030e: hash_ror13AddUpperDllnameHash32:0xfcec444d winhttp.dll!WinHttpOpenRequest | |
| ShellcodeHashSearcher: 0x0000031f: hash_ror13AddUpperDllnameHash32:0x05ebeb0e winhttp.dll!WinHttpSendRequest | |
| ShellcodeHashSearcher: 0x00000330: hash_ror13AddUpperDllnameHash32:0x4bd9e6ea winhttp.dll!WinHttpReceiveResponse | |
| ShellcodeHashSearcher: 0x00000341: hash_ror13AddUpperDllnameHash32:0xbd429e01 winhttp.dll!WinHttpQueryHeaders | |
| ShellcodeHashSearcher: 0x00000352: hash_ror13AddUpperDllnameHash32:0x2006c89b winhttp.dll!WinHttpReadData | |
| ShellcodeHashSearcher: 0x00000042: hash_ror13AddUpperDllnameHash32:0x4b6f1152 kernel32.dll!lstrlenA | |
| ShellcodeHashSearcher: 0x00000082: hash_ror13AddUpperDllnameHash32:0x399f1068 kernel32.dll!lstrcatW | |
| ShellcodeHashSearcher: 0x00000090: hash_ror13AddUpperDllnameHash32:0x7e296212 kernel32.dll!CloseHandle | |
| ShellcodeHashSearcher: 0x0000009e: hash_ror13AddUpperDllnameHash32:0x7131fdc3 kernel32.dll!VirtualFree | |
| ShellcodeHashSearcher: 0x000000ac: hash_ror13AddUpperDllnameHash32:0xffdb946b kernel32.dll!VirtualAlloc | |
| ShellcodeHashSearcher: 0x000000ba: hash_ror13AddUpperDllnameHash32:0xe7729032 kernel32.dll!VirtualProtect | |
| ShellcodeHashSearcher: 0x000000c8: hash_ror13AddUpperDllnameHash32:0x5a3a18a5 kernel32.dll!LoadLibraryA | |
| ShellcodeHashSearcher: 0x000000d8: hash_ror13AddUpperDllnameHash32:0x415e131b kernel32.dll!GetModuleHandleA | |
| ShellcodeHashSearcher: 0x000000e6: hash_ror13AddUpperDllnameHash32:0xea39c6c1 kernel32.dll!GetProcAddress | |
| ShellcodeHashSearcher: 0x000000f4: hash_ror13AddUpperDllnameHash32:0x163ab6c5 kernel32.dll!GetProcessHeap | |
| ShellcodeHashSearcher: 0x00000102: hash_ror13AddUpperDllnameHash32:0x3c31a3c4 kernel32.dll!WaitForSingleObject | |
| ShellcodeHashSearcher: 0x00000110: hash_ror13AddUpperDllnameHash32:0x3e054b78 kernel32.dll!GetVersion | |
| ShellcodeHashSearcher: 0x0000011e: hash_ror13AddUpperDllnameHash32:0x38579a82 kernel32.dll!CreateThread | |
| ShellcodeHashSearcher: 0x0000012c: hash_ror13AddUpperDllnameHash32:0x56364336 kernel32.dll!WriteFile | |
| ShellcodeHashSearcher: 0x0000013a: hash_ror13AddUpperDllnameHash32:0xea2be1bc kernel32.dll!CreateFileA | |
| ShellcodeHashSearcher: 0x00000148: hash_ror13AddUpperDllnameHash32:0xc9b6944a kernel32.dll!GetTempPathA | |
| ShellcodeHashSearcher: 0x00000156: hash_ror13AddUpperDllnameHash32:0x55d7ec4f kernel32.dll!GetTempFileNameA | |
| ShellcodeHashSearcher: 0x00000167: hash_ror13AddUpperDllnameHash32:0x271143d8 kernel32.dll!GetSystemDirectoryA | |
| ShellcodeHashSearcher: 0x00000178: hash_ror13AddUpperDllnameHash32:0x4979c49f kernel32.dll!CreateProcessInternalW | |
| ShellcodeHashSearcher: 0x00000189: hash_ror13AddUpperDllnameHash32:0x1a5c758b kernel32.dll!GetExitCodeProcess | |
| ShellcodeHashSearcher: 0x0000019a: hash_ror13AddUpperDllnameHash32:0x5280aa04 kernel32.dll!CreateToolhelp32Snapshot | |
| ShellcodeHashSearcher: 0x000001ab: hash_ror13AddUpperDllnameHash32:0xa07584be kernel32.dll!Process32First | |
| ShellcodeHashSearcher: 0x000001bc: hash_ror13AddUpperDllnameHash32:0xb5a22f61 kernel32.dll!Process32Next | |
| ShellcodeHashSearcher: 0x000001cd: hash_ror13AddUpperDllnameHash32:0x397f1352 kernel32.dll!lstrcmpA | |
| ShellcodeHashSearcher: 0x000001de: hash_ror13AddUpperDllnameHash32:0xae4eeeaa ntdll.dll!RtlFreeHeap | |
| ShellcodeHashSearcher: 0x000001ef: hash_ror13AddUpperDllnameHash32:0xeb8e0118 ntdll.dll!RtlAllocateHeap | |
| ShellcodeHashSearcher: 0x00000200: hash_ror13AddUpperDllnameHash32:0x5ae068b6 ntdll.dll!RtlReAllocateHeap | |
| ShellcodeHashSearcher: 0x00000211: hash_ror13AddUpperDllnameHash32:0xe2ef8c58 ntdll.dll!RtlGetLastWin32Error | |
| ShellcodeHashSearcher: 0x00000222: hash_ror13AddUpperDllnameHash32:0x0afb4562 ntdll.dll!memcpy | |
| ShellcodeHashSearcher: 0x00000233: hash_ror13AddUpperDllnameHash32:0x0aa3495d ntdll.dll!memset | |
| ShellcodeHashSearcher: 0x00000244: hash_ror13AddUpperDllnameHash32:0x84e81810 ntdll.dll!sprintf | |
| ShellcodeHashSearcher: 0x00000255: hash_ror13AddUpperDllnameHash32:0xbaa5bafc ole32.dll!CoInitialize | |
| ShellcodeHashSearcher: 0x00000266: hash_ror13AddUpperDllnameHash32:0x94c3d707 user32.dll!GetForegroundWindow | |
| ShellcodeHashSearcher: 0x00000277: hash_ror13AddUpperDllnameHash32:0xe0c453c1 shell32.dll!ShellExecuteExA | |
| ShellcodeHashSearcher: 0x0000029d: hash_ror13AddUpperDllnameHash32:0x7a2a9286 advapi32.dll!OpenProcessToken | |
| ShellcodeHashSearcher: 0x000002a7: hash_ror13AddUpperDllnameHash32:0xfce759d1 advapi32.dll!GetTokenInformation | |
| ShellcodeHashSearcher: 0x000002b8: hash_ror13AddUpperDllnameHash32:0x8469b002 advapi32.dll!CreateProcessAsUserA | |
| ShellcodeHashSearcher: 0x000002c9: hash_ror13AddUpperDllnameHash32:0x6e2ab3c7 winhttp.dll!WinHttpCrackUrl | |
| ShellcodeHashSearcher: 0x000002da: hash_ror13AddUpperDllnameHash32:0x3eb9d04a winhttp.dll!WinHttpOpen | |
| ShellcodeHashSearcher: 0x000002eb: hash_ror13AddUpperDllnameHash32:0x78ff248d winhttp.dll!WinHttpCloseHandle | |
| ShellcodeHashSearcher: 0x000002fc: hash_ror13AddUpperDllnameHash32:0x6e42111b winhttp.dll!WinHttpConnect | |
| ShellcodeHashSearcher: 0x0000030d: hash_ror13AddUpperDllnameHash32:0xfcec444d winhttp.dll!WinHttpOpenRequest | |
| ShellcodeHashSearcher: 0x0000031e: hash_ror13AddUpperDllnameHash32:0x05ebeb0e winhttp.dll!WinHttpSendRequest | |
| ShellcodeHashSearcher: 0x0000032f: hash_ror13AddUpperDllnameHash32:0x4bd9e6ea winhttp.dll!WinHttpReceiveResponse | |
| ShellcodeHashSearcher: 0x00000340: hash_ror13AddUpperDllnameHash32:0xbd429e01 winhttp.dll!WinHttpQueryHeaders | |
| ShellcodeHashSearcher: 0x00000351: hash_ror13AddUpperDllnameHash32:0x2006c89b winhttp.dll!WinHttpReadData |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment