Useful WinAPI function calls in Assembly

 

In some cases you need to call WinAPI functions in assembly (whatever you are planning for) I will share some of the useful function calls here. They are very handy when you are trying writing for example a Dropper (for very low executable size). Maybe you are not a security person ? Allright, they are useful for understanding assembly/winapi together :)

Typed a lot, lets see what's in here:

WinAPI Sleep Function

sleep_ready:

    sub rsp, 28h

    mov rcx, 2000 ; the sleep number in ms 

    call Sleep

    mov ecx, eax

    add rsp, 28h

    ret

WinAPI MessageBox Function

msgbox_ready:

    sub rsp, 28h      ; 32 byte for 4 arguments, 8 byte for 'call' it self

    mov rcx, 0        ; hWnd = HWND_DESKTOP

    lea rdx, msg      ; LPCSTR lpText

    lea r8,  titles   ; LPCSTR lpCaption

    mov r9d, 0        ; uType = MB_OK

    call MessageBoxA

    mov ecx, eax

    add rsp, 28h

    ret

The functions above will get complete over time after the post published!

And of course, don't forget to extern them:

extrn MessageBoxA: PROC

extrn ExitProcess: PROC

extrn Sleep: PROC

And for sure:

includelib libcmt.lib

includelib libvcruntime.lib

includelib libucrt.lib

includelib legacy_stdio_definitions.lib

For dudes who stucked at building step:

Open Developer Command Prompt for VS [Whatever your version is] and type:

ml64 main.asm /link /subsystem:console /defaultlib:kernel32.lib /defaultlib:user32.lib /defaultlib:shell32.lib /entry:main