typedef struct _IMAGE_DELAYLOAD_DESCRIPTOR {
union {
DWORD AllAttributes;
struct {
DWORD RvaBased : 1; // Delay load version 2
DWORD ReservedAttributes : 31;
} DUMMYSTRUCTNAME;
} Attributes;
DWORD DllNameRVA; // RVA to the name of the target library (NULL-terminate ASCII string)
DWORD ModuleHandleRVA; // RVA to the HMODULE caching location (PHMODULE)
DWORD ImportAddressTableRVA; // RVA to the start of the IAT (PIMAGE_THUNK_DATA)
DWORD ImportNameTableRVA; // RVA to the start of the name table (PIMAGE_THUNK_DATA::AddressOfData)
DWORD BoundImportAddressTableRVA; // RVA to an optional bound IAT
DWORD UnloadInformationTableRVA; // RVA to an optional unload info table
DWORD TimeDateStamp; // 0 if not bound,
// Otherwise, date/time of the target DLL
} IMAGE_DELAYLOAD_DESCRIPTOR, *PIMAGE_DELAYLOAD_DESCRIPTOR; 
a00+b0=ab0
name=4020a0 虛拟位址
4020a0-400000基位址-2000延遲位址+延遲實體位址=0aa0 name實體位址
後面就是
data e00+12c=f2c 檔案位置 存放dll 句柄
下一個位置計算是 f24
ImportNameTableRVA 的name
綁定的延遲導入表 位址表 rva 就在它後面一個
從此山高路遠,縱馬揚鞭。願往後旅途,三冬暖,春不寒,天黑有燈,下雨有傘。此生盡興,不負勇往。