ifs_hook.dll

Description:

Authors:

Version:

Architecture: 32-bit

Operating System:

SHA256: 9b04a77eae89969f26a93eecd1941804

File Size: 1.5 MB

Uploaded At: Jan. 23, 2026, 4:23 a.m.

Views: 22

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

__layeredfs_version (Ordinal: 1, Address: 0x125ee0)
init (Ordinal: 2, Address: 0x42c0)

Imported DLLs & Functions

KERNEL32.dll

AddVectoredExceptionHandler (Address: 0x693822d8)
CloseHandle (Address: 0x693822dc)
CreateDirectoryA (Address: 0x693822e0)
CreateEventA (Address: 0x693822e4)
CreateFileW (Address: 0x693822e8)
CreateSemaphoreA (Address: 0x693822ec)
CreateToolhelp32Snapshot (Address: 0x693822f0)
DeleteCriticalSection (Address: 0x693822f4)
DuplicateHandle (Address: 0x693822f8)
EnterCriticalSection (Address: 0x693822fc)
FindClose (Address: 0x69382300)
FindFirstFileA (Address: 0x69382304)
FindNextFileA (Address: 0x69382308)
FlushInstructionCache (Address: 0x6938230c)
FreeLibrary (Address: 0x69382310)
GetCurrentProcess (Address: 0x69382314)
GetCurrentProcessId (Address: 0x69382318)
GetCurrentThread (Address: 0x6938231c)
GetCurrentThreadId (Address: 0x69382320)
GetFileAttributesA (Address: 0x69382324)
GetFileTime (Address: 0x69382328)
GetHandleInformation (Address: 0x6938232c)
GetLastError (Address: 0x69382330)
GetModuleFileNameA (Address: 0x69382334)
GetModuleHandleA (Address: 0x69382338)
GetModuleHandleW (Address: 0x6938233c)
GetProcAddress (Address: 0x69382340)
GetProcessAffinityMask (Address: 0x69382344)
GetSystemTime (Address: 0x69382348)
GetSystemTimeAsFileTime (Address: 0x6938234c)
GetThreadContext (Address: 0x69382350)
GetThreadPriority (Address: 0x69382354)
GetTickCount (Address: 0x69382358)
HeapAlloc (Address: 0x6938235c)
HeapCreate (Address: 0x69382360)
HeapDestroy (Address: 0x69382364)
HeapFree (Address: 0x69382368)
HeapReAlloc (Address: 0x6938236c)
InitializeCriticalSection (Address: 0x69382370)
IsDBCSLeadByteEx (Address: 0x69382374)
IsDebuggerPresent (Address: 0x69382378)
LeaveCriticalSection (Address: 0x6938237c)
LoadLibraryA (Address: 0x69382380)
LoadLibraryW (Address: 0x69382384)
MultiByteToWideChar (Address: 0x69382388)
OpenProcess (Address: 0x6938238c)
OpenThread (Address: 0x69382390)
OutputDebugStringA (Address: 0x69382394)
QueryPerformanceCounter (Address: 0x69382398)
QueryPerformanceFrequency (Address: 0x6938239c)
RaiseException (Address: 0x693823a0)
ReleaseSemaphore (Address: 0x693823a4)
RemoveVectoredExceptionHandler (Address: 0x693823a8)
ResetEvent (Address: 0x693823ac)
ResumeThread (Address: 0x693823b0)
SetEvent (Address: 0x693823b4)
SetLastError (Address: 0x693823b8)
SetProcessAffinityMask (Address: 0x693823bc)
SetThreadContext (Address: 0x693823c0)
SetThreadPriority (Address: 0x693823c4)
Sleep (Address: 0x693823c8)
SuspendThread (Address: 0x693823cc)
Thread32First (Address: 0x693823d0)
Thread32Next (Address: 0x693823d4)
TlsAlloc (Address: 0x693823d8)
TlsGetValue (Address: 0x693823dc)
TlsSetValue (Address: 0x693823e0)
TryEnterCriticalSection (Address: 0x693823e4)
VirtualAlloc (Address: 0x693823e8)
VirtualFree (Address: 0x693823ec)
VirtualProtect (Address: 0x693823f0)
VirtualQuery (Address: 0x693823f4)
WaitForMultipleObjects (Address: 0x693823f8)
WaitForSingleObject (Address: 0x693823fc)
WideCharToMultiByte (Address: 0x69382400)

msvcrt.dll

__argc (Address: 0x69382408)
__mb_cur_max (Address: 0x6938240c)
__p___argv (Address: 0x69382410)
__setusermatherr (Address: 0x69382414)
_aligned_free (Address: 0x69382418)
_aligned_malloc (Address: 0x6938241c)
_amsg_exit (Address: 0x69382420)
_assert (Address: 0x69382424)
_beginthreadex (Address: 0x69382428)
_close (Address: 0x6938256c)
_endthreadex (Address: 0x6938242c)
_errno (Address: 0x69382430)
_fdopen (Address: 0x69382568)
_filelengthi64 (Address: 0x69382434)
_fileno (Address: 0x69382438)
_fileno (Address: 0x69382564)
_fstat64 (Address: 0x6938243c)
_initterm (Address: 0x69382440)
_iob (Address: 0x69382444)
_lock (Address: 0x69382448)
_lseeki64 (Address: 0x6938244c)
_read (Address: 0x69382560)
_setjmp3 (Address: 0x69382450)
_strdup (Address: 0x6938255c)
_stricmp (Address: 0x6938253c)
_strnicmp (Address: 0x69382540)
_ultoa (Address: 0x69382454)
_unlock (Address: 0x69382458)
_wfopen (Address: 0x6938245c)
_write (Address: 0x69382558)
abort (Address: 0x69382460)
atoi (Address: 0x69382464)
calloc (Address: 0x69382468)
exit (Address: 0x6938246c)
fclose (Address: 0x69382470)
fflush (Address: 0x69382474)
fgetpos (Address: 0x69382478)
fopen (Address: 0x6938247c)
fprintf (Address: 0x69382480)
fputc (Address: 0x69382484)
fputs (Address: 0x69382488)
fread (Address: 0x6938248c)
free (Address: 0x69382490)
fseek (Address: 0x69382494)
fsetpos (Address: 0x69382498)
ftell (Address: 0x6938249c)
fwrite (Address: 0x693824a0)
getc (Address: 0x693824a4)
getwc (Address: 0x693824a8)
islower (Address: 0x693824ac)
isspace (Address: 0x693824b0)
isupper (Address: 0x693824b4)
iswctype (Address: 0x693824b8)
isxdigit (Address: 0x693824bc)
localeconv (Address: 0x693824c0)
longjmp (Address: 0x69382554)
malloc (Address: 0x693824c4)
memchr (Address: 0x693824c8)
memcmp (Address: 0x693824cc)
memcpy (Address: 0x693824d0)
memmove (Address: 0x693824d4)
memset (Address: 0x693824d8)
printf (Address: 0x693824dc)
putc (Address: 0x693824e0)
putwc (Address: 0x693824e4)
realloc (Address: 0x693824e8)
setlocale (Address: 0x693824ec)
setvbuf (Address: 0x693824f0)
strchr (Address: 0x693824f4)
strcmp (Address: 0x693824f8)
strcoll (Address: 0x693824fc)
strerror (Address: 0x69382500)
strftime (Address: 0x69382504)
strlen (Address: 0x69382508)
strncmp (Address: 0x6938250c)
strstr (Address: 0x69382510)
strtol (Address: 0x69382514)
strtoul (Address: 0x69382518)
strxfrm (Address: 0x6938251c)
tolower (Address: 0x69382520)
toupper (Address: 0x69382524)
towlower (Address: 0x69382528)
towupper (Address: 0x6938252c)
ungetc (Address: 0x69382530)
ungetwc (Address: 0x69382534)
vfprintf (Address: 0x69382538)
wcscoll (Address: 0x69382544)
wcsftime (Address: 0x69382548)
wcslen (Address: 0x6938254c)
wcsxfrm (Address: 0x69382550)