GetProcAddress API Alternative

March 14, 2020
Delphi, Alternative, Export, GetProcAddress, LoadLibrary, PE Header

In the past two days, I released examples about how to enumerate DLL export table through the PE Header. We will see one concreate example of using the UntEnumDLLExport.pas library to dynamically load API without using the famous Windows API > GetProcAddress() This technique is quite known and often used by some Malware, to mask which API’s they are dynamically loading and avoid Antivirus detection. To do so, we still need to use LoadLibrary() first to load a DLL in memory and retrieve it address, then iterate through loaded DLL export table and catch target function address. ...