Unable to place hook. Unable to hook.

[RazviOverflow]

I have submitted a sample to CAPE community (https://capesandbox.com/analysis/331258/) that at some point during execution performs several GetCommandLineA() calls. I was expecting to see that particular call (or GetCommandLineW()) in the behavioral analysis. However, it is not there.

Inspecting the analysis logs, there is an explicit error about the API call:

2022-11-09 14:04:25,796 [root] WARNING: b'Unable to place hook on GetCommandLineW'
2022-11-09 14:04:25,812 [root] WARNING: b'Unable to hook GetCommandLineW'

I will dig into this trying to find out where the issue arises from, but it could happen with other API calls.

[kevoreilly]

Thank you for reporting this issue - now fixed in https://github.com/kevoreilly/capemon/commit/4a336c99d5610253fd4324e1ff97f3a621fe8491

I have added a hook for GetCommandLineA too, the main repo is updated with the compiled monitors.