Maxim

Correct hence I added one as seen above. Its failing when calling it on deployment_va.Value which should be correct as far I understand your POC. Thanks very much.

@kkent030315 do you have an idea what could be the reason for the crash after calling DllMain on deployment_va.Value? Technically it should be fine when call DllMain on deployment_va.Value but...

Firstly thanks for your suggestions, I adopted it and tried it out now using the following: ```c #include "lazy_imports.hpp" #include BOOL WINAPI DllMain( _In_ HINSTANCE hinstDLL, _In_ DWORD fdwReason, _In_...

> Yes it should crash because you are referencing 2nd (and 3rd) parameters in your DllMain which did not provided. CreateRemoteThread can only pass one context parameter. You are right,...

I have no crashes anymore but the sample MessageBox (removed the sprintf as well to be sure) does still not pop up, the code I used: ```c #include "lazy_imports.hpp" #include...

I see so the above implementation is not correct? How would I go about the correct way? As far I understand LPTHREAD_START_ROUTINE is a function pointer so when I set...

So I cannot pass a function like I did as it will exceed 1 argument, I see and understand. Would there be a way to call it with more arguments...

Firstly, marry xmas! Secondly, thanks again for that detailed writeup! I implemented it as you have suggested, however the sample MessageBox does still not popup, also the allocated RWX memory...

I think it needs more then that as I updated the pattern yet i dont see anything, no crashes tho if can help and wanna some $ send over your...