The Windows API

The Windows API is a broad set of functionality that governs the way that malware interacts with the Microsoft libraries. The Windows API is so extensive that developers of Windows-only applications have little need for third-party libraries.

The Windows API uses certain terms, names, and conventions that you should become familiar with before turning to specific functions.

Types and Hungarian Notation

Much of the Windows API uses its own names to represent C types. For example, the DWORD and WORD types represent 32-bit and 16-bit unsigned integers. Standard C types like int, short, and unsigned int are not normally used.

Windows generally uses Hungarian notation for API function identifiers. This notation uses a prefix naming scheme ...

Get Practical Malware Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Malware Analysis by Michael Sikorski, Andrew Honig

The Windows API

Types and Hungarian Notation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly