Here’s an over-engineered way to automatically resolve API hashes (used in shellcode) via emulation and tainting: https://gist.github.com/williballenthin/1cb2512b726d3bbc955746f69eaed0da

https://asciinema.org/a/uxzaceQ20DFYLJ0APL8sDuh0U