添加沙箱功能和API钩子支持

- 在沙箱中实现了新的功能，包括内存分配和API钩子初始化
- 更新了沙箱类，增加了对WFP引擎的支持
- 添加了多个API的实现，如GetLastError、InitializeCriticalSection等
- 修改了主函数以使用新的沙箱功能，替换了恶意软件扫描功能
- 更新了项目文件以包含新的源文件和API实现
- 改进了错误处理和日志记录功能

ai_anti_malware/sandbox_callbacks.cpp

@@ -5,6 +5,7 @@ void handleCodeRun(uc_engine* uc, uint64_t address, uint32_t size,
     uint64_t currentRip = 0;
     uint64_t currentRsp = 0;
     uint64_t currentRax = 0;
+    static uint64_t lastRip = 0;
     auto* sandbox = static_cast<Sandbox*>(userData);
     if (!sandbox) return;
 
@@ -61,12 +62,15 @@ void handleCodeRun(uc_engine* uc, uint64_t address, uint32_t size,
         for (auto item : module->export_function) {
             const auto vmAddress = module->base + item->function_address;
             if (vmAddress == currentRip) {
-                printf("[%s] call function %s at file address: %llx\n",
-                       module->name, item->name, address);
+                printf(
+                    "[%s] call function %s at file address: %llx lastRip: "
+                    "%llx\n",
+                    module->name, item->name, address, lastRip);
                 sandbox->EmulateApi(uc, vmAddress, currentRip, item->name);
             }
         }
     }
+    lastRip = currentRip;
     if (LOG_LEVEL > 0) {
         // 使用Capstone反汇编
         cs_insn* instruction;