Imports and Exports
[ POST ] https://api.malcore.io/api/impexp
Gather imports and exports out of binary files
Query Params
filename1file
Headers
apiKeystring
Request
curl -X POST https://api.malcore.io/api/impexp \
-F "[email protected]" \
-H "apiKey: myapikey" \
Response
🟢 200
{
"results": {
"imports": {
"import_location": {
"ncrypt.dll": [
{
"name": "BCryptGenRandom",
"address": "0x4fa39c"
}
],
"ucrtbase.dll": [
{
"name": "strrchr",
"address": "0x4fa19c"
},
{
"name": "memcpy",
"address": "0x4fa1a0"
},
{
"name": "getenv",
"address": "0x4fa208"
}
],
"crypt32.dll": [
{
"name": "CertGetCertificateContextProperty",
"address": "0x4fa04c"
},
{
"name": "CertCloseStore",
"address": "0x4fa064"
}
],
"kernel32.dll": [
{
"name": "QueryPerformanceCounter",
"address": "0x4fa06c"
},
{
"name": "QueryPerformanceFrequency",
"address": "0x4fa070"
},
{
"name": "OpenProcessToken",
"address": "0x4fa030"
}
],
"advapi32.dll": [
{
"name": "CryptExportKey",
"address": "0x4fa000"
},
{
"name": "AdjustTokenPrivileges",
"address": "0x4fa004"
},
{
"name": "CryptReleaseContext",
"address": "0x4fa044"
}
],
"user32.dll": [
{
"name": "GetUserObjectInformationW",
"address": "0x4fa18c"
},
]
},
"raw_discovered_imports": [
[
"0x4fa06c",
"QueryPerformanceCounter"
],
[
[
"0x4fa060",
"CertOpenStore"
],
[
"0x4fa064",
"CertCloseStore"
]
],
"import_hashes": [
[
"AdjustTokenPrivileges",
"0x330a1f75"
],
[
"WSASetLastError",
"0x5dc69bdd"
]
]
},
"exports": ""
}
}
🔴 400
{}Last updated