miasm
Reverse engineering framework
Classes | Functions | Variables
miasm.os_dep.win_api_x86_32 Namespace Reference

Classes

class  c_winobjs
 
class  find_data_mngr
 
class  FLS
 
class  handle_generator
 
class  hobj
 
class  mdl
 
class  startupinfo
 
class  systeminfo
 
class  whandle
 
class  win32_find_data
 

Functions

def kernel32_HeapAlloc (jitter)
 
def kernel32_HeapFree (jitter)
 
def kernel32_GlobalAlloc (jitter)
 
def kernel32_LocalFree (jitter)
 
def kernel32_LocalAlloc (jitter)
 
def msvcrt_new (jitter)
 
def msvcrt_delete (jitter)
 
def kernel32_GlobalFree (jitter)
 
def kernel32_IsDebuggerPresent (jitter)
 
def kernel32_CreateToolhelp32Snapshot (jitter)
 
def kernel32_GetCurrentProcess (jitter)
 
def kernel32_GetCurrentProcessId (jitter)
 
def kernel32_Process32First (jitter)
 
def kernel32_Process32Next (jitter)
 
def kernel32_GetTickCount (jitter)
 
def kernel32_GetVersion (jitter)
 
def kernel32_GetVersionEx (jitter, str_size, encode_str)
 
def kernel32_GetPriorityClass (jitter)
 
def kernel32_SetPriorityClass (jitter)
 
def kernel32_CloseHandle (jitter)
 
def kernel32_EncodePointer (jitter)
 
def kernel32_DecodePointer (jitter)
 
def user32_GetForegroundWindow (jitter)
 
def user32_FindWindowA (jitter)
 
def user32_GetTopWindow (jitter)
 
def user32_BlockInput (jitter)
 
def advapi32_CryptAcquireContext (jitter, funcname, get_str)
 
def advapi32_CryptAcquireContextA (jitter)
 
def advapi32_CryptAcquireContextW (jitter)
 
def advapi32_CryptCreateHash (jitter)
 
def advapi32_CryptHashData (jitter)
 
def advapi32_CryptGetHashParam (jitter)
 
def advapi32_CryptReleaseContext (jitter)
 
def advapi32_CryptDeriveKey (jitter)
 
def advapi32_CryptDestroyHash (jitter)
 
def advapi32_CryptDecrypt (jitter)
 
def kernel32_CreateFile (jitter, funcname, get_str)
 
def kernel32_CreateFileA (jitter)
 
def kernel32_CreateFileW (jitter)
 
def kernel32_ReadFile (jitter)
 
def kernel32_GetFileSize (jitter)
 
def kernel32_GetFileSizeEx (jitter)
 
def kernel32_FlushInstructionCache (jitter)
 
def kernel32_VirtualProtect (jitter)
 
def kernel32_VirtualAlloc (jitter)
 
def kernel32_VirtualFree (jitter)
 
def user32_GetWindowLongA (jitter)
 
def user32_SetWindowLongA (jitter)
 
def kernel32_GetModuleFileName (jitter, funcname, set_str)
 
def kernel32_GetModuleFileNameA (jitter)
 
def kernel32_GetModuleFileNameW (jitter)
 
def kernel32_CreateMutex (jitter, funcname, get_str)
 
def kernel32_CreateMutexA (jitter)
 
def kernel32_CreateMutexW (jitter)
 
def shell32_SHGetSpecialFolderLocation (jitter)
 
def kernel32_SHGetPathFromIDList (jitter, funcname, set_str)
 
def shell32_SHGetPathFromIDListW (jitter)
 
def shell32_SHGetPathFromIDListA (jitter)
 
def kernel32_GetLastError (jitter)
 
def kernel32_SetLastError (jitter)
 
def kernel32_RestoreLastError (jitter)
 
def kernel32_LoadLibrary (jitter, get_str)
 
def kernel32_LoadLibraryA (jitter)
 
def kernel32_LoadLibraryW (jitter)
 
def kernel32_LoadLibraryEx (jitter, get_str)
 
def kernel32_LoadLibraryExA (jitter)
 
def kernel32_LoadLibraryExW (jitter)
 
def kernel32_GetProcAddress (jitter)
 
def kernel32_GetModuleHandle (jitter, funcname, get_str)
 
def kernel32_GetModuleHandleA (jitter)
 
def kernel32_GetModuleHandleW (jitter)
 
def kernel32_VirtualLock (jitter)
 
def kernel32_GetSystemInfo (jitter)
 
def kernel32_IsWow64Process (jitter)
 
def kernel32_GetCommandLine (jitter, set_str)
 
def kernel32_GetCommandLineA (jitter)
 
def kernel32_GetCommandLineW (jitter)
 
def shell32_CommandLineToArgvW (jitter)
 
def cryptdll_MD5Init (jitter)
 
def cryptdll_MD5Update (jitter)
 
def cryptdll_MD5Final (jitter)
 
def ntdll_RtlInitAnsiString (jitter)
 
def ntdll_RtlHashUnicodeString (jitter)
 
def kernel32_RtlMoveMemory (jitter)
 
def ntdll_RtlAnsiCharToUnicodeChar (jitter)
 
def ntdll_RtlFindCharInUnicodeString (jitter)
 
def ntdll_RtlComputeCrc32 (jitter)
 
def ntdll_RtlExtendedIntegerMultiply (jitter)
 
def ntdll_RtlLargeIntegerAdd (jitter)
 
def ntdll_RtlLargeIntegerShiftRight (jitter)
 
def ntdll_RtlEnlargedUnsignedMultiply (jitter)
 
def ntdll_RtlLargeIntegerSubtract (jitter)
 
def ntdll_RtlCompareMemory (jitter)
 
def user32_GetMessagePos (jitter)
 
def kernel32_Sleep (jitter)
 
def ntdll_ZwUnmapViewOfSection (jitter)
 
def kernel32_IsBadReadPtr (jitter)
 
def ntoskrnl_KeInitializeEvent (jitter)
 
def ntoskrnl_RtlGetVersion (jitter)
 
def ntoskrnl_RtlVerifyVersionInfo (jitter)
 
def hal_ExAcquireFastMutex (jitter)
 
def mdl2ad (n)
 
def ad2mdl (ad)
 
def ntoskrnl_IoAllocateMdl (jitter)
 
def ntoskrnl_MmProbeAndLockPages (jitter)
 
def ntoskrnl_MmMapLockedPagesSpecifyCache (jitter)
 
def ntoskrnl_MmProtectMdlSystemAddress (jitter)
 
def ntoskrnl_MmUnlockPages (jitter)
 
def ntoskrnl_IoFreeMdl (jitter)
 
def hal_ExReleaseFastMutex (jitter)
 
def ntoskrnl_RtlQueryRegistryValues (jitter)
 
def ntoskrnl_ExAllocatePoolWithTagPriority (jitter)
 
def my_lstrcmp (jitter, funcname, get_str)
 
def msvcrt_wcscmp (jitter)
 
def msvcrt__wcsicmp (jitter)
 
def msvcrt__wcsnicmp (jitter)
 
def msvcrt_wcsncpy (jitter)
 
def kernel32_lstrcmpA (jitter)
 
def kernel32_lstrcmpiA (jitter)
 
def kernel32_lstrcmpW (jitter)
 
def kernel32_lstrcmpiW (jitter)
 
def kernel32_lstrcmpi (jitter)
 
def my_strcpy (jitter, funcname, get_str, set_str)
 
def kernel32_lstrcpyW (jitter)
 
def kernel32_lstrcpyA (jitter)
 
def kernel32_lstrcpy (jitter)
 
def msvcrt__mbscpy (jitter)
 
def msvcrt_wcscpy (jitter)
 
def kernel32_lstrcpyn (jitter)
 
def my_strlen (jitter, funcname, get_str, mylen)
 
def kernel32_lstrlenA (jitter)
 
def kernel32_lstrlenW (jitter)
 
def kernel32_lstrlen (jitter)
 
def my_lstrcat (jitter, funcname, get_str, set_str)
 
def kernel32_lstrcatA (jitter)
 
def kernel32_lstrcatW (jitter)
 
def kernel32_GetUserGeoID (jitter)
 
def my_GetVolumeInformation (jitter, funcname, get_str, set_str)
 
def kernel32_GetVolumeInformationA (jitter)
 
def kernel32_GetVolumeInformationW (jitter)
 
def kernel32_MultiByteToWideChar (jitter)
 
def kernel32_WideCharToMultiByte (jitter)
 
def my_GetEnvironmentVariable (jitter, funcname, get_str, set_str, mylen)
 
def kernel32_GetEnvironmentVariableA (jitter)
 
def kernel32_GetEnvironmentVariableW (jitter)
 
def my_GetSystemDirectory (jitter, funcname, set_str)
 
def kernel32_GetSystemDirectoryA (jitter)
 
def kernel32_GetSystemDirectoryW (jitter)
 
def my_CreateDirectory (jitter, funcname, get_str)
 
def kernel32_CreateDirectoryW (jitter)
 
def kernel32_CreateDirectoryA (jitter)
 
def my_CreateEvent (jitter, funcname, get_str)
 
def kernel32_CreateEventA (jitter)
 
def kernel32_CreateEventW (jitter)
 
def kernel32_WaitForSingleObject (jitter)
 
def kernel32_SetFileAttributesA (jitter)
 
def ntdll_RtlMoveMemory (jitter)
 
def ntdll_ZwQuerySystemInformation (jitter)
 
def ntdll_ZwProtectVirtualMemory (jitter)
 
def ntdll_ZwAllocateVirtualMemory (jitter)
 
def ntdll_ZwFreeVirtualMemory (jitter)
 
def ntdll_RtlInitString (jitter)
 
def ntdll_RtlAnsiStringToUnicodeString (jitter)
 
def ntdll_LdrLoadDll (jitter)
 
def ntdll_RtlFreeUnicodeString (jitter)
 
def ntdll_LdrGetProcedureAddress (jitter)
 
def ntdll_memset (jitter)
 
def msvcrt_memset (jitter)
 
def msvcrt_strrchr (jitter)
 
def msvcrt_wcsrchr (jitter)
 
def msvcrt_memcpy (jitter)
 
def msvcrt_realloc (jitter)
 
def msvcrt_memcmp (jitter)
 
def shlwapi_PathFindExtensionA (jitter)
 
def shlwapi_PathRemoveFileSpecW (jitter)
 
def shlwapi_PathIsPrefixW (jitter)
 
def shlwapi_PathIsDirectoryW (jitter)
 
def shlwapi_PathIsFileSpec (jitter, funcname, get_str)
 
def shlwapi_PathGetDriveNumber (jitter, funcname, get_str)
 
def shlwapi_PathGetDriveNumberA (jitter)
 
def shlwapi_PathGetDriveNumberW (jitter)
 
def shlwapi_PathIsFileSpecA (jitter)
 
def shlwapi_PathIsFileSpecW (jitter)
 
def shlwapi_StrToIntA (jitter)
 
def shlwapi_StrToInt64Ex (jitter, funcname, get_str)
 
def shlwapi_StrToInt64ExA (jitter)
 
def shlwapi_StrToInt64ExW (jitter)
 
def user32_IsCharAlpha (jitter, funcname, get_str)
 
def user32_IsCharAlphaA (jitter)
 
def user32_IsCharAlphaW (jitter)
 
def user32_IsCharAlphaNumericA (jitter)
 
def get_fmt_args (jitter, fmt, cur_arg, get_str)
 
def msvcrt_sprintf_str (jitter, get_str)
 
def msvcrt_sprintf (jitter)
 
def msvcrt_swprintf (jitter)
 
def msvcrt_fprintf (jitter)
 
def shlwapi_StrCmpNIA (jitter)
 
def advapi32_RegCreateKeyW (jitter)
 
def kernel32_GetCurrentDirectoryA (jitter)
 
def advapi32_RegOpenKeyEx (jitter, funcname, get_str)
 
def advapi32_RegOpenKeyExA (jitter)
 
def advapi32_RegOpenKeyExW (jitter)
 
def advapi32_RegSetValue (jitter, funcname, get_str)
 
def advapi32_RegSetValueEx (jitter, funcname, get_str)
 
def advapi32_RegCloseKey (jitter)
 
def advapi32_RegSetValueExA (jitter)
 
def advapi32_RegSetValueExW (jitter)
 
def advapi32_RegSetValueA (jitter)
 
def advapi32_RegSetValueW (jitter)
 
def kernel32_GetThreadLocale (jitter)
 
def kernel32_SetCurrentDirectory (jitter, get_str)
 
def kernel32_SetCurrentDirectoryW (jitter)
 
def kernel32_SetCurrentDirectoryA (jitter)
 
def msvcrt_wcscat (jitter)
 
def kernel32_GetLocaleInfo (jitter, funcname, set_str)
 
def kernel32_GetLocaleInfoA (jitter)
 
def kernel32_GetLocaleInfoW (jitter)
 
def kernel32_TlsAlloc (jitter)
 
def kernel32_TlsFree (jitter)
 
def kernel32_TlsSetValue (jitter)
 
def kernel32_TlsGetValue (jitter)
 
def user32_GetKeyboardType (jitter)
 
def kernel32_GetStartupInfo (jitter, funcname, set_str)
 
def kernel32_GetStartupInfoA (jitter)
 
def kernel32_GetStartupInfoW (jitter)
 
def kernel32_GetCurrentThreadId (jitter)
 
def kernel32_InitializeCriticalSection (jitter)
 
def user32_GetSystemMetrics (jitter)
 
def wsock32_WSAStartup (jitter)
 
def get_current_filetime ()
 
def unixtime_to_filetime (unixtime)
 
def filetime_to_unixtime (filetime)
 
def datetime_to_systemtime (curtime)
 
def kernel32_GetSystemTimeAsFileTime (jitter)
 
def kernel32_GetLocalTime (jitter)
 
def kernel32_GetSystemTime (jitter)
 
def kernel32_CreateFileMapping (jitter, funcname, get_str)
 
def kernel32_CreateFileMappingA (jitter)
 
def kernel32_CreateFileMappingW (jitter)
 
def kernel32_MapViewOfFile (jitter)
 
def kernel32_UnmapViewOfFile (jitter)
 
def kernel32_GetDriveType (jitter, funcname, get_str)
 
def kernel32_GetDriveTypeA (jitter)
 
def kernel32_GetDriveTypeW (jitter)
 
def kernel32_GetDiskFreeSpace (jitter, funcname, get_str)
 
def kernel32_GetDiskFreeSpaceA (jitter)
 
def kernel32_GetDiskFreeSpaceW (jitter)
 
def kernel32_VirtualQuery (jitter)
 
def kernel32_GetProcessAffinityMask (jitter)
 
def msvcrt_rand (jitter)
 
def msvcrt_srand (jitter)
 
def msvcrt_wcslen (jitter)
 
def kernel32_SetFilePointer (jitter)
 
def kernel32_SetFilePointerEx (jitter)
 
def kernel32_SetEndOfFile (jitter)
 
def kernel32_FlushFileBuffers (jitter)
 
def kernel32_WriteFile (jitter)
 
def user32_IsCharUpperA (jitter)
 
def user32_IsCharLowerA (jitter)
 
def kernel32_GetSystemDefaultLangID (jitter)
 
def msvcrt_malloc (jitter)
 
def msvcrt_free (jitter)
 
def msvcrt_fseek (jitter)
 
def msvcrt_ftell (jitter)
 
def msvcrt_rewind (jitter)
 
def msvcrt_fread (jitter)
 
def msvcrt_fwrite (jitter)
 
def msvcrt_fclose (jitter)
 
def msvcrt_atexit (jitter)
 
def user32_MessageBoxA (jitter)
 
def kernel32_myGetTempPath (jitter, set_str)
 
def kernel32_GetTempPathA (jitter)
 
def kernel32_GetTempPathW (jitter)
 
def kernel32_GetTempFileNameA (jitter)
 
def my_FindFirstFile (jitter, pfilepattern, pfindfiledata, get_win_str, encode_str)
 
def kernel32_FindFirstFileA (jitter)
 
def kernel32_FindFirstFileW (jitter)
 
def kernel32_FindFirstFileExA (jitter)
 
def kernel32_FindFirstFileExW (jitter)
 
def my_FindNextFile (jitter, encode_str)
 
def kernel32_GetNativeSystemInfo (jitter)
 
def raw2guid (r)
 
def int2base (x, base)
 
def msvcrt__ultow (jitter)
 
def msvcrt_myfopen (jitter, get_str)
 
def msvcrt__wfopen (jitter)
 
def msvcrt_fopen (jitter)
 
def msvcrt_strlen (jitter)
 
def kernel32_QueryPerformanceCounter (jitter)
 
def kernel32_InitializeCriticalSectionEx (jitter)
 
def kernel32_EnterCriticalSection (jitter)
 
def kernel32_LeaveCriticalSection (jitter)
 
def kernel32_GetProcessHeap (jitter)
 
def kernel32_GetStdHandle (jitter)
 
def kernel32_GetFileType (jitter)
 
def kernel32_IsProcessorFeaturePresent (jitter)
 
def kernel32_GetACP (jitter)
 
def kernel32_IsValidCodePage (jitter)
 
def kernel32_GetCPInfo (jitter)
 
def kernel32_GetStringTypeW (jitter)
 

Variables

 log = logging.getLogger("win_api_x86_32")
 
 console_handler = logging.StreamHandler()
 
int DATE_1601_TO_1970 = 116444736000000000
 
int MAX_PATH = 260
 
dictionary ACCESS_DICT
 
 ACCESS_DICT_INV = dict((x[1], x[0]) for x in viewitems(ACCESS_DICT))
 
 winobjs = c_winobjs()
 
list process_list
 
def kernel32_GetVersionExA
 
def kernel32_GetVersionExW
 
int temp_num = 0
 
def kernel32_FindNextFileA = lambda jitter: my_FindNextFile(jitter, encode_win_str_a)
 
def kernel32_FindNextFileW = lambda jitter: my_FindNextFile(jitter, encode_win_str_w)
 
 digs = string.digits + string.ascii_lowercase
 
 fls = FLS()
 
int STD_INPUT_HANDLE = 0xfffffff6
 
int STD_OUTPUT_HANDLE = 0xfffffff5
 
int STD_ERROR_HANDLE = 0xfffffff4
 
int FILE_TYPE_UNKNOWN = 0x0000
 
int FILE_TYPE_CHAR = 0x0002
 
dictionary VALID_CODE_PAGES
 

Function Documentation

◆ ad2mdl()

def miasm.os_dep.win_api_x86_32.ad2mdl (   ad)
Here is the caller graph for this function:

◆ advapi32_CryptAcquireContext()

def miasm.os_dep.win_api_x86_32.advapi32_CryptAcquireContext (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ advapi32_CryptAcquireContextA()

def miasm.os_dep.win_api_x86_32.advapi32_CryptAcquireContextA (   jitter)
Here is the call graph for this function:

◆ advapi32_CryptAcquireContextW()

def miasm.os_dep.win_api_x86_32.advapi32_CryptAcquireContextW (   jitter)
Here is the call graph for this function:

◆ advapi32_CryptCreateHash()

def miasm.os_dep.win_api_x86_32.advapi32_CryptCreateHash (   jitter)

◆ advapi32_CryptDecrypt()

def miasm.os_dep.win_api_x86_32.advapi32_CryptDecrypt (   jitter)

◆ advapi32_CryptDeriveKey()

def miasm.os_dep.win_api_x86_32.advapi32_CryptDeriveKey (   jitter)

◆ advapi32_CryptDestroyHash()

def miasm.os_dep.win_api_x86_32.advapi32_CryptDestroyHash (   jitter)

◆ advapi32_CryptGetHashParam()

def miasm.os_dep.win_api_x86_32.advapi32_CryptGetHashParam (   jitter)

◆ advapi32_CryptHashData()

def miasm.os_dep.win_api_x86_32.advapi32_CryptHashData (   jitter)

◆ advapi32_CryptReleaseContext()

def miasm.os_dep.win_api_x86_32.advapi32_CryptReleaseContext (   jitter)

◆ advapi32_RegCloseKey()

def miasm.os_dep.win_api_x86_32.advapi32_RegCloseKey (   jitter)

◆ advapi32_RegCreateKeyW()

def miasm.os_dep.win_api_x86_32.advapi32_RegCreateKeyW (   jitter)
Here is the call graph for this function:

◆ advapi32_RegOpenKeyEx()

def miasm.os_dep.win_api_x86_32.advapi32_RegOpenKeyEx (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ advapi32_RegOpenKeyExA()

def miasm.os_dep.win_api_x86_32.advapi32_RegOpenKeyExA (   jitter)
Here is the call graph for this function:

◆ advapi32_RegOpenKeyExW()

def miasm.os_dep.win_api_x86_32.advapi32_RegOpenKeyExW (   jitter)
Here is the call graph for this function:

◆ advapi32_RegSetValue()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValue (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ advapi32_RegSetValueA()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValueA (   jitter)
Here is the call graph for this function:

◆ advapi32_RegSetValueEx()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValueEx (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ advapi32_RegSetValueExA()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValueExA (   jitter)
Here is the call graph for this function:

◆ advapi32_RegSetValueExW()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValueExW (   jitter)
Here is the call graph for this function:

◆ advapi32_RegSetValueW()

def miasm.os_dep.win_api_x86_32.advapi32_RegSetValueW (   jitter)
Here is the call graph for this function:

◆ cryptdll_MD5Final()

def miasm.os_dep.win_api_x86_32.cryptdll_MD5Final (   jitter)

◆ cryptdll_MD5Init()

def miasm.os_dep.win_api_x86_32.cryptdll_MD5Init (   jitter)

◆ cryptdll_MD5Update()

def miasm.os_dep.win_api_x86_32.cryptdll_MD5Update (   jitter)
Here is the call graph for this function:

◆ datetime_to_systemtime()

def miasm.os_dep.win_api_x86_32.datetime_to_systemtime (   curtime)
Here is the caller graph for this function:

◆ filetime_to_unixtime()

def miasm.os_dep.win_api_x86_32.filetime_to_unixtime (   filetime) 
Convert filetime to unixtime
# https://msdn.microsoft.com/en-us/library/ms724228

◆ get_current_filetime()

def miasm.os_dep.win_api_x86_32.get_current_filetime ( ) 
Get current filetime
https://msdn.microsoft.com/en-us/library/ms724228
Here is the caller graph for this function:

◆ get_fmt_args()

def miasm.os_dep.win_api_x86_32.get_fmt_args (   jitter,
  fmt,
  cur_arg,
  get_str 
)
Here is the caller graph for this function:

◆ hal_ExAcquireFastMutex()

def miasm.os_dep.win_api_x86_32.hal_ExAcquireFastMutex (   jitter)

◆ hal_ExReleaseFastMutex()

def miasm.os_dep.win_api_x86_32.hal_ExReleaseFastMutex (   jitter)

◆ int2base()

def miasm.os_dep.win_api_x86_32.int2base (   x,
  base 
)
Here is the caller graph for this function:

◆ kernel32_CloseHandle()

def miasm.os_dep.win_api_x86_32.kernel32_CloseHandle (   jitter)

◆ kernel32_CreateDirectoryA()

def miasm.os_dep.win_api_x86_32.kernel32_CreateDirectoryA (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateDirectoryW()

def miasm.os_dep.win_api_x86_32.kernel32_CreateDirectoryW (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateEventA()

def miasm.os_dep.win_api_x86_32.kernel32_CreateEventA (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateEventW()

def miasm.os_dep.win_api_x86_32.kernel32_CreateEventW (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateFile()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFile (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_CreateFileA()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFileA (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateFileMapping()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFileMapping (   jitter,
  funcname,
  get_str 
)
Here is the caller graph for this function:

◆ kernel32_CreateFileMappingA()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFileMappingA (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateFileMappingW()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFileMappingW (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateFileW()

def miasm.os_dep.win_api_x86_32.kernel32_CreateFileW (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateMutex()

def miasm.os_dep.win_api_x86_32.kernel32_CreateMutex (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_CreateMutexA()

def miasm.os_dep.win_api_x86_32.kernel32_CreateMutexA (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateMutexW()

def miasm.os_dep.win_api_x86_32.kernel32_CreateMutexW (   jitter)
Here is the call graph for this function:

◆ kernel32_CreateToolhelp32Snapshot()

def miasm.os_dep.win_api_x86_32.kernel32_CreateToolhelp32Snapshot (   jitter)

◆ kernel32_DecodePointer()

def miasm.os_dep.win_api_x86_32.kernel32_DecodePointer (   jitter) 
    PVOID DecodePointer(
       PVOID Ptr
    );

    The function returns the decoded pointer.

◆ kernel32_EncodePointer()

def miasm.os_dep.win_api_x86_32.kernel32_EncodePointer (   jitter) 
    PVOID EncodePointer(
        _In_ PVOID Ptr
    );

    Encoding globally available pointers helps protect them from being
    exploited. The EncodePointer function obfuscates the pointer value
    with a secret so that it cannot be predicted by an external agent.
    The secret used by EncodePointer is different for each process.

    A pointer must be decoded before it can be used.

◆ kernel32_EnterCriticalSection()

def miasm.os_dep.win_api_x86_32.kernel32_EnterCriticalSection (   jitter) 
void EnterCriticalSection(
  LPCRITICAL_SECTION lpCriticalSection
);

◆ kernel32_FindFirstFileA()

def miasm.os_dep.win_api_x86_32.kernel32_FindFirstFileA (   jitter)
Here is the call graph for this function:

◆ kernel32_FindFirstFileExA()

def miasm.os_dep.win_api_x86_32.kernel32_FindFirstFileExA (   jitter)
Here is the call graph for this function:

◆ kernel32_FindFirstFileExW()

def miasm.os_dep.win_api_x86_32.kernel32_FindFirstFileExW (   jitter)
Here is the call graph for this function:

◆ kernel32_FindFirstFileW()

def miasm.os_dep.win_api_x86_32.kernel32_FindFirstFileW (   jitter)
Here is the call graph for this function:

◆ kernel32_FlushFileBuffers()

def miasm.os_dep.win_api_x86_32.kernel32_FlushFileBuffers (   jitter)

◆ kernel32_FlushInstructionCache()

def miasm.os_dep.win_api_x86_32.kernel32_FlushInstructionCache (   jitter)

◆ kernel32_GetACP()

def miasm.os_dep.win_api_x86_32.kernel32_GetACP (   jitter) 
UINT GetACP();

◆ kernel32_GetCommandLine()

def miasm.os_dep.win_api_x86_32.kernel32_GetCommandLine (   jitter,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_GetCommandLineA()

def miasm.os_dep.win_api_x86_32.kernel32_GetCommandLineA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetCommandLineW()

def miasm.os_dep.win_api_x86_32.kernel32_GetCommandLineW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetCPInfo()

def miasm.os_dep.win_api_x86_32.kernel32_GetCPInfo (   jitter) 
BOOL GetCPInfo(
  UINT     CodePage,
  LPCPINFO lpCPInfo
);

◆ kernel32_GetCurrentDirectoryA()

def miasm.os_dep.win_api_x86_32.kernel32_GetCurrentDirectoryA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetCurrentProcess()

def miasm.os_dep.win_api_x86_32.kernel32_GetCurrentProcess (   jitter)

◆ kernel32_GetCurrentProcessId()

def miasm.os_dep.win_api_x86_32.kernel32_GetCurrentProcessId (   jitter)

◆ kernel32_GetCurrentThreadId()

def miasm.os_dep.win_api_x86_32.kernel32_GetCurrentThreadId (   jitter)

◆ kernel32_GetDiskFreeSpace()

def miasm.os_dep.win_api_x86_32.kernel32_GetDiskFreeSpace (   jitter,
  funcname,
  get_str 
)
Here is the caller graph for this function:

◆ kernel32_GetDiskFreeSpaceA()

def miasm.os_dep.win_api_x86_32.kernel32_GetDiskFreeSpaceA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetDiskFreeSpaceW()

def miasm.os_dep.win_api_x86_32.kernel32_GetDiskFreeSpaceW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetDriveType()

def miasm.os_dep.win_api_x86_32.kernel32_GetDriveType (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_GetDriveTypeA()

def miasm.os_dep.win_api_x86_32.kernel32_GetDriveTypeA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetDriveTypeW()

def miasm.os_dep.win_api_x86_32.kernel32_GetDriveTypeW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetEnvironmentVariableA()

def miasm.os_dep.win_api_x86_32.kernel32_GetEnvironmentVariableA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetEnvironmentVariableW()

def miasm.os_dep.win_api_x86_32.kernel32_GetEnvironmentVariableW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetFileSize()

def miasm.os_dep.win_api_x86_32.kernel32_GetFileSize (   jitter)

◆ kernel32_GetFileSizeEx()

def miasm.os_dep.win_api_x86_32.kernel32_GetFileSizeEx (   jitter)

◆ kernel32_GetFileType()

def miasm.os_dep.win_api_x86_32.kernel32_GetFileType (   jitter) 
DWORD GetFileType(
  HANDLE hFile
);

◆ kernel32_GetLastError()

def miasm.os_dep.win_api_x86_32.kernel32_GetLastError (   jitter)

◆ kernel32_GetLocaleInfo()

def miasm.os_dep.win_api_x86_32.kernel32_GetLocaleInfo (   jitter,
  funcname,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_GetLocaleInfoA()

def miasm.os_dep.win_api_x86_32.kernel32_GetLocaleInfoA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetLocaleInfoW()

def miasm.os_dep.win_api_x86_32.kernel32_GetLocaleInfoW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetLocalTime()

def miasm.os_dep.win_api_x86_32.kernel32_GetLocalTime (   jitter)
Here is the call graph for this function:

◆ kernel32_GetModuleFileName()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleFileName (   jitter,
  funcname,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_GetModuleFileNameA()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleFileNameA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetModuleFileNameW()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleFileNameW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetModuleHandle()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleHandle (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_GetModuleHandleA()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleHandleA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetModuleHandleW()

def miasm.os_dep.win_api_x86_32.kernel32_GetModuleHandleW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetNativeSystemInfo()

def miasm.os_dep.win_api_x86_32.kernel32_GetNativeSystemInfo (   jitter)

◆ kernel32_GetPriorityClass()

def miasm.os_dep.win_api_x86_32.kernel32_GetPriorityClass (   jitter)

◆ kernel32_GetProcAddress()

def miasm.os_dep.win_api_x86_32.kernel32_GetProcAddress (   jitter)

◆ kernel32_GetProcessAffinityMask()

def miasm.os_dep.win_api_x86_32.kernel32_GetProcessAffinityMask (   jitter)

◆ kernel32_GetProcessHeap()

def miasm.os_dep.win_api_x86_32.kernel32_GetProcessHeap (   jitter) 
HANDLE GetProcessHeap();

◆ kernel32_GetStartupInfo()

def miasm.os_dep.win_api_x86_32.kernel32_GetStartupInfo (   jitter,
  funcname,
  set_str 
) 
    void GetStartupInfo(
      LPSTARTUPINFOW lpStartupInfo
    );

    Retrieves the contents of the STARTUPINFO structure that was specified
    when the calling process was created.
    
    https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getstartupinfow
Here is the caller graph for this function:

◆ kernel32_GetStartupInfoA()

def miasm.os_dep.win_api_x86_32.kernel32_GetStartupInfoA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetStartupInfoW()

def miasm.os_dep.win_api_x86_32.kernel32_GetStartupInfoW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetStdHandle()

def miasm.os_dep.win_api_x86_32.kernel32_GetStdHandle (   jitter) 
HANDLE WINAPI GetStdHandle(
  _In_ DWORD nStdHandle
);

STD_INPUT_HANDLE (DWORD)-10
The standard input device. Initially, this is the console input buffer, CONIN$.

STD_OUTPUT_HANDLE (DWORD)-11
The standard output device. Initially, this is the active console screen buffer, CONOUT$.

STD_ERROR_HANDLE (DWORD)-12
The standard error device. Initially, this is the active console screen buffer, CONOUT$.

◆ kernel32_GetStringTypeW()

def miasm.os_dep.win_api_x86_32.kernel32_GetStringTypeW (   jitter) 
    BOOL GetStringTypeW(
      DWORD                         dwInfoType,
      _In_NLS_string_(cchSrc)LPCWCH lpSrcStr,
      int                           cchSrc,
      LPWORD                        lpCharType
    );

    Retrieves character type information for the characters in the specified
    Unicode source string. For each character in the string, the function
    sets one or more bits in the corresponding 16-bit element of the output
    array. Each bit identifies a given character type, for example, letter,
    digit, or neither.

◆ kernel32_GetSystemDefaultLangID()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemDefaultLangID (   jitter)

◆ kernel32_GetSystemDirectoryA()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemDirectoryA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetSystemDirectoryW()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemDirectoryW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetSystemInfo()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemInfo (   jitter)

◆ kernel32_GetSystemTime()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemTime (   jitter)
Here is the call graph for this function:

◆ kernel32_GetSystemTimeAsFileTime()

def miasm.os_dep.win_api_x86_32.kernel32_GetSystemTimeAsFileTime (   jitter)
Here is the call graph for this function:

◆ kernel32_GetTempFileNameA()

def miasm.os_dep.win_api_x86_32.kernel32_GetTempFileNameA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetTempPathA()

def miasm.os_dep.win_api_x86_32.kernel32_GetTempPathA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetTempPathW()

def miasm.os_dep.win_api_x86_32.kernel32_GetTempPathW (   jitter)
Here is the call graph for this function:

◆ kernel32_GetThreadLocale()

def miasm.os_dep.win_api_x86_32.kernel32_GetThreadLocale (   jitter)

◆ kernel32_GetTickCount()

def miasm.os_dep.win_api_x86_32.kernel32_GetTickCount (   jitter)

◆ kernel32_GetUserGeoID()

def miasm.os_dep.win_api_x86_32.kernel32_GetUserGeoID (   jitter)

◆ kernel32_GetVersion()

def miasm.os_dep.win_api_x86_32.kernel32_GetVersion (   jitter)

◆ kernel32_GetVersionEx()

def miasm.os_dep.win_api_x86_32.kernel32_GetVersionEx (   jitter,
  str_size,
  encode_str 
)

◆ kernel32_GetVolumeInformationA()

def miasm.os_dep.win_api_x86_32.kernel32_GetVolumeInformationA (   jitter)
Here is the call graph for this function:

◆ kernel32_GetVolumeInformationW()

def miasm.os_dep.win_api_x86_32.kernel32_GetVolumeInformationW (   jitter)
Here is the call graph for this function:

◆ kernel32_GlobalAlloc()

def miasm.os_dep.win_api_x86_32.kernel32_GlobalAlloc (   jitter)

◆ kernel32_GlobalFree()

def miasm.os_dep.win_api_x86_32.kernel32_GlobalFree (   jitter)

◆ kernel32_HeapAlloc()

def miasm.os_dep.win_api_x86_32.kernel32_HeapAlloc (   jitter)

◆ kernel32_HeapFree()

def miasm.os_dep.win_api_x86_32.kernel32_HeapFree (   jitter)

◆ kernel32_InitializeCriticalSection()

def miasm.os_dep.win_api_x86_32.kernel32_InitializeCriticalSection (   jitter)

◆ kernel32_InitializeCriticalSectionEx()

def miasm.os_dep.win_api_x86_32.kernel32_InitializeCriticalSectionEx (   jitter) 
  LPCRITICAL_SECTION lpCriticalSection,
  DWORD              dwSpinCount,
  DWORD              Flags

◆ kernel32_IsBadReadPtr()

def miasm.os_dep.win_api_x86_32.kernel32_IsBadReadPtr (   jitter)

◆ kernel32_IsDebuggerPresent()

def miasm.os_dep.win_api_x86_32.kernel32_IsDebuggerPresent (   jitter)

◆ kernel32_IsProcessorFeaturePresent()

def miasm.os_dep.win_api_x86_32.kernel32_IsProcessorFeaturePresent (   jitter) 
BOOL IsProcessorFeaturePresent(
  DWORD ProcessorFeature
);

◆ kernel32_IsValidCodePage()

def miasm.os_dep.win_api_x86_32.kernel32_IsValidCodePage (   jitter) 
BOOL IsValidCodePage(
  UINT CodePage
);

◆ kernel32_IsWow64Process()

def miasm.os_dep.win_api_x86_32.kernel32_IsWow64Process (   jitter)

◆ kernel32_LeaveCriticalSection()

def miasm.os_dep.win_api_x86_32.kernel32_LeaveCriticalSection (   jitter) 
void LeaveCriticalSection(
  LPCRITICAL_SECTION lpCriticalSection
);

◆ kernel32_LoadLibrary()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibrary (   jitter,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_LoadLibraryA()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibraryA (   jitter)
Here is the call graph for this function:

◆ kernel32_LoadLibraryEx()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibraryEx (   jitter,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_LoadLibraryExA()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibraryExA (   jitter)
Here is the call graph for this function:

◆ kernel32_LoadLibraryExW()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibraryExW (   jitter)
Here is the call graph for this function:

◆ kernel32_LoadLibraryW()

def miasm.os_dep.win_api_x86_32.kernel32_LoadLibraryW (   jitter)
Here is the call graph for this function:

◆ kernel32_LocalAlloc()

def miasm.os_dep.win_api_x86_32.kernel32_LocalAlloc (   jitter)

◆ kernel32_LocalFree()

def miasm.os_dep.win_api_x86_32.kernel32_LocalFree (   jitter)

◆ kernel32_lstrcatA()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcatA (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcatW()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcatW (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcmpA()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcmpA (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcmpi()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcmpi (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcmpiA()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcmpiA (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcmpiW()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcmpiW (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcmpW()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcmpW (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcpy()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcpy (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcpyA()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcpyA (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcpyn()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcpyn (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrcpyW()

def miasm.os_dep.win_api_x86_32.kernel32_lstrcpyW (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrlen()

def miasm.os_dep.win_api_x86_32.kernel32_lstrlen (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrlenA()

def miasm.os_dep.win_api_x86_32.kernel32_lstrlenA (   jitter)
Here is the call graph for this function:

◆ kernel32_lstrlenW()

def miasm.os_dep.win_api_x86_32.kernel32_lstrlenW (   jitter)
Here is the call graph for this function:

◆ kernel32_MapViewOfFile()

def miasm.os_dep.win_api_x86_32.kernel32_MapViewOfFile (   jitter)

◆ kernel32_MultiByteToWideChar()

def miasm.os_dep.win_api_x86_32.kernel32_MultiByteToWideChar (   jitter)

◆ kernel32_myGetTempPath()

def miasm.os_dep.win_api_x86_32.kernel32_myGetTempPath (   jitter,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_Process32First()

def miasm.os_dep.win_api_x86_32.kernel32_Process32First (   jitter)

◆ kernel32_Process32Next()

def miasm.os_dep.win_api_x86_32.kernel32_Process32Next (   jitter)

◆ kernel32_QueryPerformanceCounter()

def miasm.os_dep.win_api_x86_32.kernel32_QueryPerformanceCounter (   jitter)

◆ kernel32_ReadFile()

def miasm.os_dep.win_api_x86_32.kernel32_ReadFile (   jitter)

◆ kernel32_RestoreLastError()

def miasm.os_dep.win_api_x86_32.kernel32_RestoreLastError (   jitter)
Here is the call graph for this function:

◆ kernel32_RtlMoveMemory()

def miasm.os_dep.win_api_x86_32.kernel32_RtlMoveMemory (   jitter)

◆ kernel32_SetCurrentDirectory()

def miasm.os_dep.win_api_x86_32.kernel32_SetCurrentDirectory (   jitter,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_SetCurrentDirectoryA()

def miasm.os_dep.win_api_x86_32.kernel32_SetCurrentDirectoryA (   jitter)
Here is the call graph for this function:

◆ kernel32_SetCurrentDirectoryW()

def miasm.os_dep.win_api_x86_32.kernel32_SetCurrentDirectoryW (   jitter)
Here is the call graph for this function:

◆ kernel32_SetEndOfFile()

def miasm.os_dep.win_api_x86_32.kernel32_SetEndOfFile (   jitter)

◆ kernel32_SetFileAttributesA()

def miasm.os_dep.win_api_x86_32.kernel32_SetFileAttributesA (   jitter)

◆ kernel32_SetFilePointer()

def miasm.os_dep.win_api_x86_32.kernel32_SetFilePointer (   jitter)

◆ kernel32_SetFilePointerEx()

def miasm.os_dep.win_api_x86_32.kernel32_SetFilePointerEx (   jitter)

◆ kernel32_SetLastError()

def miasm.os_dep.win_api_x86_32.kernel32_SetLastError (   jitter)
Here is the caller graph for this function:

◆ kernel32_SetPriorityClass()

def miasm.os_dep.win_api_x86_32.kernel32_SetPriorityClass (   jitter)

◆ kernel32_SHGetPathFromIDList()

def miasm.os_dep.win_api_x86_32.kernel32_SHGetPathFromIDList (   jitter,
  funcname,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kernel32_Sleep()

def miasm.os_dep.win_api_x86_32.kernel32_Sleep (   jitter)

◆ kernel32_TlsAlloc()

def miasm.os_dep.win_api_x86_32.kernel32_TlsAlloc (   jitter)

◆ kernel32_TlsFree()

def miasm.os_dep.win_api_x86_32.kernel32_TlsFree (   jitter)

◆ kernel32_TlsGetValue()

def miasm.os_dep.win_api_x86_32.kernel32_TlsGetValue (   jitter)

◆ kernel32_TlsSetValue()

def miasm.os_dep.win_api_x86_32.kernel32_TlsSetValue (   jitter)

◆ kernel32_UnmapViewOfFile()

def miasm.os_dep.win_api_x86_32.kernel32_UnmapViewOfFile (   jitter)

◆ kernel32_VirtualAlloc()

def miasm.os_dep.win_api_x86_32.kernel32_VirtualAlloc (   jitter)
Here is the call graph for this function:

◆ kernel32_VirtualFree()

def miasm.os_dep.win_api_x86_32.kernel32_VirtualFree (   jitter)

◆ kernel32_VirtualLock()

def miasm.os_dep.win_api_x86_32.kernel32_VirtualLock (   jitter)

◆ kernel32_VirtualProtect()

def miasm.os_dep.win_api_x86_32.kernel32_VirtualProtect (   jitter)

◆ kernel32_VirtualQuery()

def miasm.os_dep.win_api_x86_32.kernel32_VirtualQuery (   jitter)

◆ kernel32_WaitForSingleObject()

def miasm.os_dep.win_api_x86_32.kernel32_WaitForSingleObject (   jitter)

◆ kernel32_WideCharToMultiByte()

def miasm.os_dep.win_api_x86_32.kernel32_WideCharToMultiByte (   jitter) 
    int WideCharToMultiByte(
      UINT                               CodePage,
      DWORD                              dwFlags,
      _In_NLS_string_(cchWideChar)LPCWCH lpWideCharStr,
      int                                cchWideChar,
      LPSTR                              lpMultiByteStr,
      int                                cbMultiByte,
      LPCCH                              lpDefaultChar,
      LPBOOL                             lpUsedDefaultChar
    );

◆ kernel32_WriteFile()

def miasm.os_dep.win_api_x86_32.kernel32_WriteFile (   jitter)

◆ mdl2ad()

def miasm.os_dep.win_api_x86_32.mdl2ad (   n)
Here is the caller graph for this function:

◆ msvcrt__mbscpy()

def miasm.os_dep.win_api_x86_32.msvcrt__mbscpy (   jitter)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ msvcrt__ultow()

def miasm.os_dep.win_api_x86_32.msvcrt__ultow (   jitter)
Here is the call graph for this function:

◆ msvcrt__wcsicmp()

def miasm.os_dep.win_api_x86_32.msvcrt__wcsicmp (   jitter)
Here is the call graph for this function:

◆ msvcrt__wcsnicmp()

def miasm.os_dep.win_api_x86_32.msvcrt__wcsnicmp (   jitter)
Here is the call graph for this function:

◆ msvcrt__wfopen()

def miasm.os_dep.win_api_x86_32.msvcrt__wfopen (   jitter)
Here is the call graph for this function:

◆ msvcrt_atexit()

def miasm.os_dep.win_api_x86_32.msvcrt_atexit (   jitter)

◆ msvcrt_delete()

def miasm.os_dep.win_api_x86_32.msvcrt_delete (   jitter)

◆ msvcrt_fclose()

def miasm.os_dep.win_api_x86_32.msvcrt_fclose (   jitter)

◆ msvcrt_fopen()

def miasm.os_dep.win_api_x86_32.msvcrt_fopen (   jitter)
Here is the call graph for this function:

◆ msvcrt_fprintf()

def miasm.os_dep.win_api_x86_32.msvcrt_fprintf (   jitter)
Here is the call graph for this function:

◆ msvcrt_fread()

def miasm.os_dep.win_api_x86_32.msvcrt_fread (   jitter)

◆ msvcrt_free()

def miasm.os_dep.win_api_x86_32.msvcrt_free (   jitter)

◆ msvcrt_fseek()

def miasm.os_dep.win_api_x86_32.msvcrt_fseek (   jitter)

◆ msvcrt_ftell()

def miasm.os_dep.win_api_x86_32.msvcrt_ftell (   jitter)

◆ msvcrt_fwrite()

def miasm.os_dep.win_api_x86_32.msvcrt_fwrite (   jitter)

◆ msvcrt_malloc()

def miasm.os_dep.win_api_x86_32.msvcrt_malloc (   jitter)

◆ msvcrt_memcmp()

def miasm.os_dep.win_api_x86_32.msvcrt_memcmp (   jitter)
Here is the call graph for this function:

◆ msvcrt_memcpy()

def miasm.os_dep.win_api_x86_32.msvcrt_memcpy (   jitter)

◆ msvcrt_memset()

def miasm.os_dep.win_api_x86_32.msvcrt_memset (   jitter)
Here is the call graph for this function:

◆ msvcrt_myfopen()

def miasm.os_dep.win_api_x86_32.msvcrt_myfopen (   jitter,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ msvcrt_new()

def miasm.os_dep.win_api_x86_32.msvcrt_new (   jitter)

◆ msvcrt_rand()

def miasm.os_dep.win_api_x86_32.msvcrt_rand (   jitter)

◆ msvcrt_realloc()

def miasm.os_dep.win_api_x86_32.msvcrt_realloc (   jitter)

◆ msvcrt_rewind()

def miasm.os_dep.win_api_x86_32.msvcrt_rewind (   jitter)

◆ msvcrt_sprintf()

def miasm.os_dep.win_api_x86_32.msvcrt_sprintf (   jitter)
Here is the call graph for this function:

◆ msvcrt_sprintf_str()

def miasm.os_dep.win_api_x86_32.msvcrt_sprintf_str (   jitter,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ msvcrt_srand()

def miasm.os_dep.win_api_x86_32.msvcrt_srand (   jitter)

◆ msvcrt_strlen()

def miasm.os_dep.win_api_x86_32.msvcrt_strlen (   jitter)
Here is the call graph for this function:

◆ msvcrt_strrchr()

def miasm.os_dep.win_api_x86_32.msvcrt_strrchr (   jitter)
Here is the call graph for this function:

◆ msvcrt_swprintf()

def miasm.os_dep.win_api_x86_32.msvcrt_swprintf (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcscat()

def miasm.os_dep.win_api_x86_32.msvcrt_wcscat (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcscmp()

def miasm.os_dep.win_api_x86_32.msvcrt_wcscmp (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcscpy()

def miasm.os_dep.win_api_x86_32.msvcrt_wcscpy (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcslen()

def miasm.os_dep.win_api_x86_32.msvcrt_wcslen (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcsncpy()

def miasm.os_dep.win_api_x86_32.msvcrt_wcsncpy (   jitter)
Here is the call graph for this function:

◆ msvcrt_wcsrchr()

def miasm.os_dep.win_api_x86_32.msvcrt_wcsrchr (   jitter)
Here is the call graph for this function:

◆ my_CreateDirectory()

def miasm.os_dep.win_api_x86_32.my_CreateDirectory (   jitter,
  funcname,
  get_str 
)
Here is the caller graph for this function:

◆ my_CreateEvent()

def miasm.os_dep.win_api_x86_32.my_CreateEvent (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_FindFirstFile()

def miasm.os_dep.win_api_x86_32.my_FindFirstFile (   jitter,
  pfilepattern,
  pfindfiledata,
  get_win_str,
  encode_str 
)
Here is the caller graph for this function:

◆ my_FindNextFile()

def miasm.os_dep.win_api_x86_32.my_FindNextFile (   jitter,
  encode_str 
)

◆ my_GetEnvironmentVariable()

def miasm.os_dep.win_api_x86_32.my_GetEnvironmentVariable (   jitter,
  funcname,
  get_str,
  set_str,
  mylen 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_GetSystemDirectory()

def miasm.os_dep.win_api_x86_32.my_GetSystemDirectory (   jitter,
  funcname,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_GetVolumeInformation()

def miasm.os_dep.win_api_x86_32.my_GetVolumeInformation (   jitter,
  funcname,
  get_str,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_lstrcat()

def miasm.os_dep.win_api_x86_32.my_lstrcat (   jitter,
  funcname,
  get_str,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_lstrcmp()

def miasm.os_dep.win_api_x86_32.my_lstrcmp (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_strcpy()

def miasm.os_dep.win_api_x86_32.my_strcpy (   jitter,
  funcname,
  get_str,
  set_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ my_strlen()

def miasm.os_dep.win_api_x86_32.my_strlen (   jitter,
  funcname,
  get_str,
  mylen 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ntdll_LdrGetProcedureAddress()

def miasm.os_dep.win_api_x86_32.ntdll_LdrGetProcedureAddress (   jitter)
Here is the call graph for this function:

◆ ntdll_LdrLoadDll()

def miasm.os_dep.win_api_x86_32.ntdll_LdrLoadDll (   jitter)
Here is the call graph for this function:

◆ ntdll_memset()

def miasm.os_dep.win_api_x86_32.ntdll_memset (   jitter)
Here is the call graph for this function:

◆ ntdll_RtlAnsiCharToUnicodeChar()

def miasm.os_dep.win_api_x86_32.ntdll_RtlAnsiCharToUnicodeChar (   jitter)

◆ ntdll_RtlAnsiStringToUnicodeString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlAnsiStringToUnicodeString (   jitter)
Here is the call graph for this function:

◆ ntdll_RtlCompareMemory()

def miasm.os_dep.win_api_x86_32.ntdll_RtlCompareMemory (   jitter)

◆ ntdll_RtlComputeCrc32()

def miasm.os_dep.win_api_x86_32.ntdll_RtlComputeCrc32 (   jitter)

◆ ntdll_RtlEnlargedUnsignedMultiply()

def miasm.os_dep.win_api_x86_32.ntdll_RtlEnlargedUnsignedMultiply (   jitter)

◆ ntdll_RtlExtendedIntegerMultiply()

def miasm.os_dep.win_api_x86_32.ntdll_RtlExtendedIntegerMultiply (   jitter)

◆ ntdll_RtlFindCharInUnicodeString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlFindCharInUnicodeString (   jitter)

◆ ntdll_RtlFreeUnicodeString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlFreeUnicodeString (   jitter)

◆ ntdll_RtlHashUnicodeString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlHashUnicodeString (   jitter)

◆ ntdll_RtlInitAnsiString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlInitAnsiString (   jitter)
Here is the call graph for this function:

◆ ntdll_RtlInitString()

def miasm.os_dep.win_api_x86_32.ntdll_RtlInitString (   jitter)
Here is the call graph for this function:

◆ ntdll_RtlLargeIntegerAdd()

def miasm.os_dep.win_api_x86_32.ntdll_RtlLargeIntegerAdd (   jitter)

◆ ntdll_RtlLargeIntegerShiftRight()

def miasm.os_dep.win_api_x86_32.ntdll_RtlLargeIntegerShiftRight (   jitter)

◆ ntdll_RtlLargeIntegerSubtract()

def miasm.os_dep.win_api_x86_32.ntdll_RtlLargeIntegerSubtract (   jitter)

◆ ntdll_RtlMoveMemory()

def miasm.os_dep.win_api_x86_32.ntdll_RtlMoveMemory (   jitter)

◆ ntdll_ZwAllocateVirtualMemory()

def miasm.os_dep.win_api_x86_32.ntdll_ZwAllocateVirtualMemory (   jitter)
Here is the call graph for this function:

◆ ntdll_ZwFreeVirtualMemory()

def miasm.os_dep.win_api_x86_32.ntdll_ZwFreeVirtualMemory (   jitter)

◆ ntdll_ZwProtectVirtualMemory()

def miasm.os_dep.win_api_x86_32.ntdll_ZwProtectVirtualMemory (   jitter)

◆ ntdll_ZwQuerySystemInformation()

def miasm.os_dep.win_api_x86_32.ntdll_ZwQuerySystemInformation (   jitter)

◆ ntdll_ZwUnmapViewOfSection()

def miasm.os_dep.win_api_x86_32.ntdll_ZwUnmapViewOfSection (   jitter)

◆ ntoskrnl_ExAllocatePoolWithTagPriority()

def miasm.os_dep.win_api_x86_32.ntoskrnl_ExAllocatePoolWithTagPriority (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_IoAllocateMdl()

def miasm.os_dep.win_api_x86_32.ntoskrnl_IoAllocateMdl (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_IoFreeMdl()

def miasm.os_dep.win_api_x86_32.ntoskrnl_IoFreeMdl (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_KeInitializeEvent()

def miasm.os_dep.win_api_x86_32.ntoskrnl_KeInitializeEvent (   jitter)

◆ ntoskrnl_MmMapLockedPagesSpecifyCache()

def miasm.os_dep.win_api_x86_32.ntoskrnl_MmMapLockedPagesSpecifyCache (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_MmProbeAndLockPages()

def miasm.os_dep.win_api_x86_32.ntoskrnl_MmProbeAndLockPages (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_MmProtectMdlSystemAddress()

def miasm.os_dep.win_api_x86_32.ntoskrnl_MmProtectMdlSystemAddress (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_MmUnlockPages()

def miasm.os_dep.win_api_x86_32.ntoskrnl_MmUnlockPages (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_RtlGetVersion()

def miasm.os_dep.win_api_x86_32.ntoskrnl_RtlGetVersion (   jitter)
Here is the call graph for this function:

◆ ntoskrnl_RtlQueryRegistryValues()

def miasm.os_dep.win_api_x86_32.ntoskrnl_RtlQueryRegistryValues (   jitter)

◆ ntoskrnl_RtlVerifyVersionInfo()

def miasm.os_dep.win_api_x86_32.ntoskrnl_RtlVerifyVersionInfo (   jitter)

◆ raw2guid()

def miasm.os_dep.win_api_x86_32.raw2guid (   r)

◆ shell32_CommandLineToArgvW()

def miasm.os_dep.win_api_x86_32.shell32_CommandLineToArgvW (   jitter)
Here is the call graph for this function:

◆ shell32_SHGetPathFromIDListA()

def miasm.os_dep.win_api_x86_32.shell32_SHGetPathFromIDListA (   jitter)
Here is the call graph for this function:

◆ shell32_SHGetPathFromIDListW()

def miasm.os_dep.win_api_x86_32.shell32_SHGetPathFromIDListW (   jitter)
Here is the call graph for this function:

◆ shell32_SHGetSpecialFolderLocation()

def miasm.os_dep.win_api_x86_32.shell32_SHGetSpecialFolderLocation (   jitter)

◆ shlwapi_PathFindExtensionA()

def miasm.os_dep.win_api_x86_32.shlwapi_PathFindExtensionA (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathGetDriveNumber()

def miasm.os_dep.win_api_x86_32.shlwapi_PathGetDriveNumber (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ shlwapi_PathGetDriveNumberA()

def miasm.os_dep.win_api_x86_32.shlwapi_PathGetDriveNumberA (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathGetDriveNumberW()

def miasm.os_dep.win_api_x86_32.shlwapi_PathGetDriveNumberW (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathIsDirectoryW()

def miasm.os_dep.win_api_x86_32.shlwapi_PathIsDirectoryW (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathIsFileSpec()

def miasm.os_dep.win_api_x86_32.shlwapi_PathIsFileSpec (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ shlwapi_PathIsFileSpecA()

def miasm.os_dep.win_api_x86_32.shlwapi_PathIsFileSpecA (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathIsFileSpecW()

def miasm.os_dep.win_api_x86_32.shlwapi_PathIsFileSpecW (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathIsPrefixW()

def miasm.os_dep.win_api_x86_32.shlwapi_PathIsPrefixW (   jitter)
Here is the call graph for this function:

◆ shlwapi_PathRemoveFileSpecW()

def miasm.os_dep.win_api_x86_32.shlwapi_PathRemoveFileSpecW (   jitter)
Here is the call graph for this function:

◆ shlwapi_StrCmpNIA()

def miasm.os_dep.win_api_x86_32.shlwapi_StrCmpNIA (   jitter)
Here is the call graph for this function:

◆ shlwapi_StrToInt64Ex()

def miasm.os_dep.win_api_x86_32.shlwapi_StrToInt64Ex (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ shlwapi_StrToInt64ExA()

def miasm.os_dep.win_api_x86_32.shlwapi_StrToInt64ExA (   jitter)
Here is the call graph for this function:

◆ shlwapi_StrToInt64ExW()

def miasm.os_dep.win_api_x86_32.shlwapi_StrToInt64ExW (   jitter)
Here is the call graph for this function:

◆ shlwapi_StrToIntA()

def miasm.os_dep.win_api_x86_32.shlwapi_StrToIntA (   jitter)
Here is the call graph for this function:

◆ unixtime_to_filetime()

def miasm.os_dep.win_api_x86_32.unixtime_to_filetime (   unixtime) 
Convert unixtime to filetime
https://msdn.microsoft.com/en-us/library/ms724228

◆ user32_BlockInput()

def miasm.os_dep.win_api_x86_32.user32_BlockInput (   jitter)

◆ user32_FindWindowA()

def miasm.os_dep.win_api_x86_32.user32_FindWindowA (   jitter)
Here is the call graph for this function:

◆ user32_GetForegroundWindow()

def miasm.os_dep.win_api_x86_32.user32_GetForegroundWindow (   jitter)

◆ user32_GetKeyboardType()

def miasm.os_dep.win_api_x86_32.user32_GetKeyboardType (   jitter)

◆ user32_GetMessagePos()

def miasm.os_dep.win_api_x86_32.user32_GetMessagePos (   jitter)

◆ user32_GetSystemMetrics()

def miasm.os_dep.win_api_x86_32.user32_GetSystemMetrics (   jitter)

◆ user32_GetTopWindow()

def miasm.os_dep.win_api_x86_32.user32_GetTopWindow (   jitter)

◆ user32_GetWindowLongA()

def miasm.os_dep.win_api_x86_32.user32_GetWindowLongA (   jitter)

◆ user32_IsCharAlpha()

def miasm.os_dep.win_api_x86_32.user32_IsCharAlpha (   jitter,
  funcname,
  get_str 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ user32_IsCharAlphaA()

def miasm.os_dep.win_api_x86_32.user32_IsCharAlphaA (   jitter)
Here is the call graph for this function:

◆ user32_IsCharAlphaNumericA()

def miasm.os_dep.win_api_x86_32.user32_IsCharAlphaNumericA (   jitter)
Here is the call graph for this function:

◆ user32_IsCharAlphaW()

def miasm.os_dep.win_api_x86_32.user32_IsCharAlphaW (   jitter)
Here is the call graph for this function:

◆ user32_IsCharLowerA()

def miasm.os_dep.win_api_x86_32.user32_IsCharLowerA (   jitter)

◆ user32_IsCharUpperA()

def miasm.os_dep.win_api_x86_32.user32_IsCharUpperA (   jitter)

◆ user32_MessageBoxA()

def miasm.os_dep.win_api_x86_32.user32_MessageBoxA (   jitter)
Here is the call graph for this function:

◆ user32_SetWindowLongA()

def miasm.os_dep.win_api_x86_32.user32_SetWindowLongA (   jitter)

◆ wsock32_WSAStartup()

def miasm.os_dep.win_api_x86_32.wsock32_WSAStartup (   jitter)

Variable Documentation

◆ ACCESS_DICT

dictionary miasm.os_dep.win_api_x86_32.ACCESS_DICT
Initial value:
1 = {0x0: 0,
2  0x1: 0,
3  0x2: PAGE_READ,
4  0x4: PAGE_READ | PAGE_WRITE,
5  0x10: PAGE_EXEC,
6  0x20: PAGE_EXEC | PAGE_READ,
7  0x40: PAGE_EXEC | PAGE_READ | PAGE_WRITE,
8  0x80: PAGE_EXEC | PAGE_READ | PAGE_WRITE,
9  # 0x80: PAGE_EXECUTE_WRITECOPY
10  0x100: 0
11  }

◆ ACCESS_DICT_INV

miasm.os_dep.win_api_x86_32.ACCESS_DICT_INV = dict((x[1], x[0]) for x in viewitems(ACCESS_DICT))

◆ console_handler

miasm.os_dep.win_api_x86_32.console_handler = logging.StreamHandler()

◆ DATE_1601_TO_1970

int miasm.os_dep.win_api_x86_32.DATE_1601_TO_1970 = 116444736000000000

◆ digs

miasm.os_dep.win_api_x86_32.digs = string.digits + string.ascii_lowercase

◆ FILE_TYPE_CHAR

int miasm.os_dep.win_api_x86_32.FILE_TYPE_CHAR = 0x0002

◆ FILE_TYPE_UNKNOWN

int miasm.os_dep.win_api_x86_32.FILE_TYPE_UNKNOWN = 0x0000

◆ fls

miasm.os_dep.win_api_x86_32.fls = FLS()

◆ kernel32_FindNextFileA

def miasm.os_dep.win_api_x86_32.kernel32_FindNextFileA = lambda jitter: my_FindNextFile(jitter, encode_win_str_a)

◆ kernel32_FindNextFileW

def miasm.os_dep.win_api_x86_32.kernel32_FindNextFileW = lambda jitter: my_FindNextFile(jitter, encode_win_str_w)

◆ kernel32_GetVersionExA

def miasm.os_dep.win_api_x86_32.kernel32_GetVersionExA
Initial value:
1 = lambda jitter: kernel32_GetVersionEx(jitter, 128,
2  encode_win_str_a)

◆ kernel32_GetVersionExW

def miasm.os_dep.win_api_x86_32.kernel32_GetVersionExW
Initial value:
1 = lambda jitter: kernel32_GetVersionEx(jitter, 256,
2  encode_win_str_w)

◆ log

miasm.os_dep.win_api_x86_32.log = logging.getLogger("win_api_x86_32")

◆ MAX_PATH

int miasm.os_dep.win_api_x86_32.MAX_PATH = 260

◆ process_list

list miasm.os_dep.win_api_x86_32.process_list

◆ STD_ERROR_HANDLE

int miasm.os_dep.win_api_x86_32.STD_ERROR_HANDLE = 0xfffffff4

◆ STD_INPUT_HANDLE

int miasm.os_dep.win_api_x86_32.STD_INPUT_HANDLE = 0xfffffff6

◆ STD_OUTPUT_HANDLE

int miasm.os_dep.win_api_x86_32.STD_OUTPUT_HANDLE = 0xfffffff5

◆ temp_num

int miasm.os_dep.win_api_x86_32.temp_num = 0

◆ VALID_CODE_PAGES

dictionary miasm.os_dep.win_api_x86_32.VALID_CODE_PAGES
Initial value:
1 = {
2  37,437,500,708,709,710,720,737,775,850,852,855,857,858,860,861,862,863,864,865,866,869,870,874,875,
3  932,936,949,950,1026,1047,1140,1141,1142,1143,1144,1145,1146,1147,1148,1149,1200,1201,1250,1251,1252,
4  1253,1254,1255,1256,1257,1258,1361,10000,10001,10002,10003,10004,10005,10006,10007,10008,10010,10017,
5  10021,10029,10079,10081,10082,12000,12001,20000,20001,20002,20003,20004,20005,20105,20106,20107,20108,
6  20127,20261,20269,20273,20277,20278,20280,20284,20285,20290,20297,20420,20423,20424,20833,20838,20866,
7  20871,20880,20905,20924,20932,20936,20949,21025,21027,21866,28591,28592,28593,28594,28595,28596,28597,
8  28598,28599,28603,28605,29001,38598,50220,50221,50222,50225,50227,50229,50930,50931,50933,50935,50936,
9  50937,50939,51932,51936,51949,51950,52936,54936,57002,57003,57004,57005,57006,57007,57008,57009,57010,
10  57011,65000,65001
11 }

◆ winobjs

miasm.os_dep.win_api_x86_32.winobjs = c_winobjs()
miasm.os_dep.win_api_x86_32.kernel32_GetVersionEx
def kernel32_GetVersionEx(jitter, str_size, encode_str)
Definition: win_api_x86_32.py:379