Monday, April 9, 2012

[MASM] Call API's Dynamically


This Snippet is used for calling the API's Dynamically to avoid some detections from Antivirus
This Snippet is just example you can modify as your wish
Lean and Code

;Author:SubhashDasyam
;Website:http://www.subhashdasyam.com
;email:luk@inbox.com
;Complete Dynamically calling the API without Directly loading the DLL's :) 
;Code starts
.386
.model flat, stdcall
option casemap:none ;case sensitive
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
.data

    Msg   db "Mess",0
    age   db "age",0
    Box   db "BoxA",0
    sTest db "MessageBoxA API Call",0
    sDemo db "Demo",0
    sLib1 db "us",0
    sLib2 db "er",0
    sLib3 db "32",0 
    
    
.data?
  sLib              dd ?
  hLib       dd ?
  Func       dd ?
  Result      db ?

.code

start:
    invoke lstrcat,addr Result,addr Msg ;from kernel32
    invoke lstrcat,addr Result,addr age ;from kernel32
    invoke lstrcat,addr Result,addr Box
    invoke lstrcat,addr sLib,addr sLib1
    invoke lstrcat,addr sLib,addr sLib2
    invoke lstrcat,addr sLib,addr sLib3
    invoke LoadLibrary,addr sLib ;LoadLibrary getting sLib = User32
    mov hLib, eax
    invoke GetProcAddress,hLib,addr Result 
    mov Func, eax
    push 0
    push offset sDemo
    push offset sTest
    push 0
    call Func ;Calling the Function Dynamically The MessageBoxA :) 
    invoke ExitProcess,0
end start

Filed Under :

0 comments for "[MASM] Call API's Dynamically"

Post a Comment

background