Выделение памяти средствами FASM

Sashok · 8 мар 2010

Здравствуйте.Подскажите пожалуста можно ли в пограмме на FASM
(и если можно то каким способом) выделить (динамически) память не используя API ,и не используя стек.

Rockphorr · 8 мар 2010

Sashok
динамическое выделение памяти реализуется с помощью обращения к ОС
в дос прерывание 21h
в винде апи разного уровня

Mika0x65 · 8 мар 2010

Что значит "Не используя API"? И откуда такое требование? Можно выделить память, использовав секцию данных. В этом случае API все равно будет вызвано, но менее явно -- загрузчиком исполняемого файла.

И вообще, это не зависит от компилятора/ассемблера. Все, что можно сделать на C/C++/etc, можно сделать и на FASM.

Clerk · 8 мар 2010

Sashok

выделить (динамически) память не используя API
Нажмите, чтобы раскрыть...

Написать менеджер памяти:

Код (Text):

; o Менеджер расширяемых буферов.

; o Indy Clerk

; o Mutation Independent.

MM_INITIALIZE equ 0

comment '

typedef NTSTATUS (*PENTRY)(

);'

MM_UNINITIALIZE equ 1

comment '

typedef NTSTATUS (*PENTRY)(

);'

MM_ALLOCATE equ 2

comment '

typedef NTSTATUS (*PENTRY)(

IN ULONG SizeOfBufferReserve,

IN HANDLE ThreadId OPTIONAL,

OUT PVOID *Buffer,

OUT PHANDLE BufferHandle

);'

MM_FREE equ 3

comment '

typedef NTSTATUS (*PENTRY)(

IN HANDLE BufferHandle

);'

MmEntry::

; ~~~~~~~~~~~~~~~~~ Autogenerated dump ~~~~~~~~~~~~~~~~~~~~~~

db 085h, 0C0h, 00Fh, 084h, 01Ch, 004h, 000h, 000h, 048h, 00Fh

db 084h, 096h, 006h, 000h, 000h, 048h, 00Fh, 084h, 06Fh, 005h

db 000h, 000h, 048h, 00Fh, 084h, 0F5h, 005h, 000h, 000h, 0B8h

db 001h, 000h, 000h, 0C0h, 0C3h, 059h, 055h, 050h, 0E8h, 01Fh

db 000h, 000h, 000h, 050h, 064h, 0FFh, 035h, 000h, 000h, 000h

db 000h, 064h, 089h, 025h, 000h, 000h, 000h, 000h, 0FFh, 0E1h

db 059h, 064h, 08Fh, 005h, 000h, 000h, 000h, 000h, 08Dh, 064h

db 024h, 00Ch, 0FFh, 0E1h, 0E8h, 012h, 000h, 000h, 000h, 08Bh

db 044h, 024h, 004h, 08Bh, 064h, 024h, 008h, 08Bh, 000h, 08Bh

db 06Ch, 024h, 00Ch, 0FFh, 064h, 024h, 008h, 058h, 0C3h, 055h

db 08Bh, 0ECh, 08Bh, 055h, 008h, 0B8h, 07Bh, 000h, 000h, 0C0h

db 066h, 081h, 03Ah, 04Dh, 05Ah, 075h, 02Ah, 003h, 052h, 03Ch

db 081h, 03Ah, 050h, 045h, 000h, 000h, 075h, 01Fh, 066h, 081h

db 07Ah, 014h, 0E0h, 000h, 075h, 017h, 066h, 081h, 07Ah, 004h

db 04Ch, 001h, 075h, 00Fh, 066h, 0F7h, 042h, 016h, 000h, 001h

db 074h, 007h, 08Bh, 04Dh, 00Ch, 033h, 0C0h, 089h, 011h, 0C9h

db 0C2h, 008h, 000h, 055h, 08Bh, 0ECh, 053h, 08Bh, 04Dh, 008h

db 08Bh, 055h, 00Ch, 033h, 0DBh, 08Ah, 004h, 00Bh, 038h, 004h

db 013h, 075h, 005h, 043h, 084h, 0C0h, 075h, 0F3h, 05Bh, 0C9h

db 0C2h, 008h, 000h, 055h, 08Bh, 0ECh, 083h, 0C4h, 0F4h, 053h

db 056h, 057h, 0E8h, 0D9h, 000h, 000h, 000h, 0E8h, 04Fh, 0FFh

db 0FFh, 0FFh, 064h, 0A1h, 030h, 000h, 000h, 000h, 08Bh, 05Dh

db 008h, 08Bh, 040h, 00Ch, 085h, 0DBh, 08Bh, 040h, 00Ch, 075h

db 005h, 08Bh, 000h, 08Bh, 058h, 018h, 08Dh, 045h, 0F8h, 050h

db 053h, 0E8h, 06Dh, 0FFh, 0FFh, 0FFh, 085h, 0C0h, 08Bh, 055h

db 0F8h, 00Fh, 085h, 0B8h, 000h, 000h, 000h, 08Bh, 042h, 078h

db 085h, 0C0h, 00Fh, 084h, 0ADh, 000h, 000h, 000h, 003h, 0C3h

db 089h, 045h, 0FCh, 08Bh, 070h, 020h, 085h, 0F6h, 00Fh, 084h

db 0A4h, 000h, 000h, 000h, 08Bh, 040h, 018h, 085h, 0C0h, 00Fh

db 084h, 099h, 000h, 000h, 000h, 089h, 045h, 0F4h, 003h, 0F3h

db 033h, 0FFh, 0FCh, 08Bh, 006h, 003h, 0C3h, 083h, 07Dh, 010h

db 000h, 074h, 024h, 057h, 08Bh, 0F8h, 0B9h, 004h, 001h, 000h

db 000h, 08Bh, 0D7h, 033h, 0C0h, 0F2h, 0AEh, 0F7h, 0D1h, 05Fh

db 081h, 0C1h, 004h, 001h, 000h, 000h, 051h, 052h, 0FFh, 075h

db 014h, 0FFh, 055h, 010h, 039h, 045h, 00Ch, 0EBh, 009h, 050h

db 0FFh, 075h, 00Ch, 0E8h, 03Dh, 0FFh, 0FFh, 0FFh, 075h, 030h

db 08Bh, 04Dh, 0FCh, 08Bh, 041h, 024h, 003h, 0C3h, 00Fh, 0B7h

db 03Ch, 078h, 00Bh, 0FFh, 074h, 009h, 03Bh, 079h, 010h, 072h

db 003h, 02Bh, 079h, 010h, 047h, 08Bh, 071h, 01Ch, 003h, 0F3h

db 08Bh, 00Ch, 0BEh, 085h, 0C9h, 08Bh, 055h, 018h, 074h, 029h

db 003h, 0CBh, 033h, 0C0h, 089h, 00Ah, 0EBh, 015h, 083h, 0C6h

db 004h, 047h, 0FFh, 04Dh, 0F4h, 075h, 08Eh, 0B8h, 07Ah, 000h

db 000h, 0C0h, 0EBh, 005h, 0E8h, 0B4h, 0FEh, 0FFh, 0FFh, 0E8h

db 08Ah, 0FEh, 0FFh, 0FFh, 05Fh, 05Eh, 05Bh, 0C9h, 0C2h, 014h

db 000h, 0B8h, 07Bh, 000h, 000h, 0C0h, 0EBh, 0EDh, 0B8h, 0FFh

db 000h, 000h, 0C0h, 0EBh, 0E6h, 055h, 08Bh, 0ECh, 083h, 0C4h

db 0ECh, 056h, 057h, 0E8h, 062h, 000h, 000h, 000h, 0E8h, 04Ah

db 0FEh, 0FFh, 0FFh, 08Dh, 04Dh, 0FCh, 033h, 0C0h, 051h, 08Dh

db 055h, 0ECh, 050h, 050h, 052h, 050h, 02Dh, 0AEh, 08Bh, 093h

db 0BCh, 089h, 045h, 0ECh, 005h, 01Dh, 0F9h, 003h, 032h, 089h

db 045h, 0F0h, 035h, 01Bh, 008h, 033h, 007h, 089h, 045h, 0F4h

db 035h, 017h, 056h, 071h, 072h, 089h, 045h, 0F8h, 0E8h, 0B6h

db 0FEh, 0FFh, 0FFh, 085h, 0C0h, 08Bh, 075h, 010h, 075h, 029h

db 08Bh, 07Dh, 014h, 0ADh, 057h, 0FFh, 075h, 00Ch, 0FFh, 075h

db 0FCh, 050h, 0FFh, 075h, 008h, 0E8h, 09Bh, 0FEh, 0FFh, 0FFh

db 085h, 0C0h, 075h, 011h, 0ADh, 083h, 0C7h, 004h, 085h, 0C0h

db 075h, 0E4h, 033h, 0C0h, 0EBh, 005h, 0E8h, 026h, 0FEh, 0FFh

db 0FFh, 0E8h, 0FCh, 0FDh, 0FFh, 0FFh, 05Fh, 05Eh, 0C9h, 0C2h

db 010h, 000h, 0E8h, 016h, 0FEh, 0FFh, 0FFh, 055h, 08Bh, 0ECh

db 083h, 0C4h, 0FCh, 053h, 056h, 057h, 08Bh, 045h, 008h, 08Bh

db 008h, 08Bh, 050h, 004h, 083h, 079h, 004h, 000h, 064h, 08Bh

db 01Dh, 030h, 000h, 000h, 000h, 00Fh, 085h, 01Ah, 001h, 000h

db 000h, 033h, 0C0h, 0F0h, 00Fh, 0B1h, 083h, 0F4h, 00Fh, 000h

db 000h, 08Bh, 079h, 00Ch, 00Fh, 084h, 007h, 001h, 000h, 000h

db 08Bh, 0D8h, 081h, 039h, 005h, 000h, 000h, 0C0h, 08Bh, 033h

db 074h, 061h, 081h, 039h, 004h, 000h, 000h, 080h, 074h, 01Fh

db 081h, 039h, 096h, 000h, 000h, 0C0h, 08Dh, 043h, 00Ah, 00Fh

db 085h, 0E4h, 000h, 000h, 000h, 03Bh, 0C7h, 00Fh, 085h, 0DCh

db 000h, 000h, 000h, 0FFh, 082h, 0B8h, 000h, 000h, 000h, 0EBh

db 02Bh, 085h, 0F6h, 00Fh, 084h, 0CCh, 000h, 000h, 000h, 083h

db 0FEh, 001h, 074h, 00Ah, 03Bh, 0F7h, 00Fh, 085h, 0BFh, 000h

db 000h, 000h, 0EBh, 014h, 08Dh, 043h, 004h, 03Bh, 0C7h, 077h

db 00Bh, 083h, 0C0h, 008h, 03Bh, 0C7h, 00Fh, 087h, 0ABh, 000h

db 000h, 000h, 089h, 03Bh, 081h, 0A2h, 0C0h, 000h, 000h, 000h

db 0FFh, 0FEh, 0FFh, 0FFh, 0E9h, 082h, 000h, 000h, 000h, 08Bh

db 071h, 018h, 083h, 079h, 010h, 002h, 08Dh, 04Bh, 034h, 00Fh

db 085h, 08Ah, 000h, 000h, 000h, 051h, 0FFh, 053h, 020h, 083h

db 07Bh, 04Ch, 000h, 074h, 079h, 0B9h, 0C8h, 000h, 000h, 000h

db 08Dh, 07Bh, 050h, 08Bh, 047h, 004h, 085h, 0C0h, 074h, 065h

db 03Bh, 0C6h, 077h, 061h, 025h, 000h, 0F0h, 0FFh, 0FFh, 005h

db 000h, 020h, 000h, 000h, 03Bh, 0C6h, 072h, 053h, 08Bh, 017h

db 085h, 0D2h, 074h, 009h, 064h, 039h, 015h, 024h, 000h, 000h

db 000h, 075h, 049h, 083h, 07Fh, 00Ch, 000h, 074h, 043h, 06Ah

db 040h, 08Dh, 04Dh, 0FCh, 068h, 000h, 010h, 000h, 000h, 08Dh

db 057h, 004h, 051h, 081h, 047h, 004h, 000h, 010h, 000h, 000h

db 06Ah, 000h, 0C7h, 045h, 0FCh, 000h, 010h, 000h, 000h, 052h

db 06Ah, 0FFh, 0FFh, 053h, 010h, 085h, 0C0h, 075h, 01Bh, 0FFh

db 04Fh, 00Ch, 08Dh, 04Bh, 034h, 051h, 0FFh, 053h, 024h, 0B8h

db 0FFh, 0FFh, 0FFh, 0FFh, 05Fh, 05Eh, 05Bh, 0C9h, 0C2h, 004h

db 000h, 083h, 0C7h, 014h, 0E2h, 08Fh, 08Dh, 04Bh, 034h, 051h

db 0FFh, 053h, 024h, 033h, 0C0h, 05Fh, 05Eh, 05Bh, 0C9h, 0C2h

db 004h, 000h, 055h, 08Bh, 0ECh, 083h, 0C4h, 0F8h, 053h, 033h

db 0C0h, 08Bh, 05Dh, 008h, 06Ah, 004h, 08Dh, 04Dh, 00Ch, 068h

db 000h, 020h, 000h, 000h, 08Dh, 055h, 0FCh, 051h, 089h, 045h

db 0FCh, 050h, 052h, 06Ah, 0FFh, 0FFh, 053h, 004h, 085h, 0C0h

db 075h, 04Ah, 06Ah, 040h, 08Dh, 04Dh, 0F8h, 068h, 000h, 010h

db 000h, 000h, 08Dh, 055h, 0FCh, 051h, 050h, 0C7h, 045h, 0F8h

db 000h, 010h, 000h, 000h, 052h, 06Ah, 0FFh, 0FFh, 053h, 004h

db 085h, 0C0h, 08Bh, 055h, 010h, 075h, 02Ch, 08Bh, 05Dh, 014h

db 083h, 0FAh, 0FEh, 075h, 007h, 064h, 08Bh, 015h, 024h, 000h

db 000h, 000h, 08Bh, 04Dh, 00Ch, 0FFh, 075h, 0FCh, 0C1h, 0E9h

db 00Ch, 089h, 013h, 0FFh, 075h, 0FCh, 049h, 08Fh, 043h, 008h

db 089h, 04Bh, 00Ch, 08Fh, 043h, 004h, 05Bh, 0C9h, 0C2h, 010h

db 000h, 08Dh, 04Dh, 0F8h, 050h, 08Dh, 055h, 0FCh, 068h, 000h

db 080h, 000h, 000h, 051h, 052h, 0C7h, 045h, 0F8h, 000h, 000h

db 000h, 000h, 06Ah, 0FFh, 0FFh, 053h, 008h, 058h, 0EBh, 0DEh

db 055h, 08Bh, 0ECh, 081h, 0C4h, 008h, 0FFh, 0FFh, 0FFh, 053h

db 056h, 057h, 033h, 0C0h, 064h, 08Bh, 01Dh, 030h, 000h, 000h

db 000h, 0F0h, 00Fh, 0B1h, 083h, 0F4h, 00Fh, 000h, 000h, 08Dh

db 04Dh, 0BCh, 074h, 007h, 033h, 0C0h, 0E9h, 0DCh, 000h, 000h

db 000h, 051h, 033h, 0C0h, 08Dh, 0BDh, 010h, 0FFh, 0FFh, 0FFh

db 0FCh, 057h, 02Dh, 039h, 004h, 08Ah, 008h, 0ABh, 035h, 0B3h

db 05Eh, 055h, 02Fh, 0ABh, 005h, 060h, 080h, 059h, 021h, 0ABh

db 02Dh, 030h, 02Ch, 003h, 06Ch, 0ABh, 035h, 0F8h, 018h, 055h

db 0EDh, 0ABh, 005h, 008h, 06Fh, 0DBh, 0F8h, 0ABh, 02Dh, 013h

db 031h, 007h, 0B9h, 0ABh, 035h, 059h, 01Dh, 053h, 025h, 0ABh

db 005h, 02Eh, 0FFh, 02Ch, 044h, 0ABh, 033h, 0C0h, 0ABh, 050h

db 050h, 0E8h, 02Fh, 0FDh, 0FFh, 0FFh, 085h, 0C0h, 00Fh, 085h

db 089h, 000h, 000h, 000h, 06Ah, 004h, 08Dh, 08Dh, 008h, 0FFh

db 0FFh, 0FFh, 068h, 000h, 010h, 000h, 000h, 08Dh, 095h, 00Ch

db 0FFh, 0FFh, 0FFh, 051h, 089h, 085h, 00Ch, 0FFh, 0FFh, 0FFh

db 050h, 0C7h, 085h, 008h, 0FFh, 0FFh, 0FFh, 000h, 010h, 000h

db 000h, 052h, 06Ah, 0FFh, 0FFh, 055h, 0C0h, 085h, 0C0h, 08Dh

db 055h, 0E4h, 075h, 057h, 052h, 0FFh, 055h, 0C8h, 085h, 0C0h

db 075h, 061h, 0E8h, 067h, 0FDh, 0FFh, 0FFh, 050h, 06Ah, 001h

db 0FFh, 055h, 0D8h, 085h, 0C0h, 0FCh, 074h, 044h, 0B9h, 013h

db 000h, 000h, 000h, 089h, 045h, 0E0h, 08Bh, 0BDh, 00Ch, 0FFh

db 0FFh, 0FFh, 08Dh, 075h, 0B0h, 033h, 0C0h, 08Bh, 0D7h, 089h

db 045h, 0B0h, 0C7h, 045h, 0B4h, 068h, 000h, 001h, 000h, 0C7h

db 045h, 0B8h, 000h, 09Dh, 0F4h, 0C3h, 0F3h, 0A5h, 0F0h, 00Fh

db 0B1h, 093h, 0F4h, 00Fh, 000h, 000h, 075h, 012h, 033h, 0C0h

db 08Dh, 04Ah, 004h, 0C7h, 002h, 001h, 000h, 000h, 000h, 0FFh

db 0D1h, 05Fh, 05Eh, 05Bh, 0C9h, 0C3h, 08Dh, 045h, 0E4h, 068h

db 001h, 000h, 000h, 0C0h, 050h, 0FFh, 055h, 0CCh, 058h, 050h

db 08Dh, 08Dh, 008h, 0FFh, 0FFh, 0FFh, 068h, 000h, 080h, 000h

db 000h, 08Dh, 095h, 00Ch, 0FFh, 0FFh, 0FFh, 051h, 052h, 06Ah

db 0FFh, 0FFh, 055h, 0C4h, 058h, 0EBh, 0D2h, 055h, 08Bh, 0ECh

db 081h, 0C4h, 0C8h, 0FEh, 0FFh, 0FFh, 08Bh, 04Dh, 008h, 06Ah

db 000h, 08Dh, 095h, 0C8h, 0FEh, 0FFh, 0FFh, 068h, 038h, 001h

db 000h, 000h, 052h, 06Ah, 002h, 0FFh, 011h, 08Bh, 04Dh, 00Ch

db 085h, 0C0h, 08Bh, 055h, 0FCh, 075h, 002h, 089h, 011h, 0C9h

db 0C2h, 008h, 000h, 055h, 08Bh, 0ECh, 053h, 056h, 057h, 033h

db 0C0h, 064h, 08Bh, 01Dh, 030h, 000h, 000h, 000h, 0F0h, 00Fh

db 0B1h, 083h, 0F4h, 00Fh, 000h, 000h, 075h, 007h, 0B8h, 001h

db 000h, 000h, 0C0h, 0EBh, 066h, 08Bh, 0D8h, 08Dh, 043h, 034h

db 050h, 0FFh, 053h, 020h, 085h, 0C0h, 075h, 059h, 0B9h, 0C8h

db 000h, 000h, 000h, 08Dh, 073h, 050h, 039h, 046h, 004h, 074h

db 00Ch, 083h, 0C6h, 014h, 0E2h, 0F6h, 0B8h, 09Ah, 000h, 000h

db 0C0h, 0EBh, 037h, 08Dh, 07Bh, 00Ch, 056h, 0FFh, 075h, 00Ch

db 0FFh, 075h, 008h, 057h, 0E8h, 0B5h, 0FDh, 0FFh, 0FFh, 085h

db 0C0h, 075h, 023h, 08Dh, 046h, 010h, 050h, 057h, 0E8h, 06Eh

db 0FFh, 0FFh, 0FFh, 085h, 0C0h, 08Bh, 04Eh, 004h, 075h, 012h

db 0FFh, 076h, 010h, 08Bh, 07Dh, 014h, 08Bh, 055h, 010h, 08Fh

db 007h, 089h, 00Ah, 0FFh, 043h, 04Ch, 033h, 0C0h, 08Dh, 04Bh

db 034h, 050h, 051h, 0FFh, 053h, 024h, 058h, 05Fh, 05Eh, 05Bh

db 0C9h, 0C2h, 010h, 000h, 055h, 08Bh, 0ECh, 083h, 0C4h, 0FCh

db 053h, 056h, 057h, 033h, 0C0h, 064h, 08Bh, 01Dh, 030h, 000h

db 000h, 000h, 0F0h, 00Fh, 0B1h, 083h, 0F4h, 00Fh, 000h, 000h

db 075h, 007h, 0B8h, 001h, 000h, 000h, 0C0h, 0EBh, 062h, 08Bh

db 0D8h, 08Dh, 043h, 034h, 050h, 0FFh, 053h, 020h, 085h, 0C0h

db 08Bh, 073h, 04Ch, 075h, 052h, 085h, 0F6h, 074h, 055h, 0B9h

db 0C8h, 000h, 000h, 000h, 08Dh, 07Bh, 050h, 08Bh, 055h, 008h

db 08Bh, 047h, 004h, 085h, 0C0h, 074h, 008h, 039h, 057h, 010h

db 074h, 00Ah, 04Eh, 074h, 03Bh, 083h, 0C7h, 014h, 0E2h, 0ECh

db 0EBh, 034h, 08Dh, 04Dh, 0FCh, 08Dh, 057h, 008h, 068h, 000h

db 080h, 000h, 000h, 051h, 052h, 0C7h, 045h, 0FCh, 000h, 000h

db 000h, 000h, 06Ah, 0FFh, 0FFh, 053h, 014h, 033h, 0C0h, 0FCh

db 0FFh, 04Bh, 04Ch, 0ABh, 0ABh, 0ABh, 0ABh, 0ABh, 08Dh, 04Bh

db 034h, 050h, 051h, 0FFh, 053h, 024h, 058h, 05Fh, 05Eh, 05Bh

db 0C9h, 0C2h, 004h, 000h, 0B8h, 008h, 000h, 000h, 0C0h, 0EBh

db 0E9h, 055h, 08Bh, 0ECh, 083h, 0C4h, 0F8h, 053h, 056h, 033h

db 0C0h, 064h, 08Bh, 035h, 030h, 000h, 000h, 000h, 0F0h, 00Fh

db 0B1h, 086h, 0F4h, 00Fh, 000h, 000h, 075h, 007h, 0B8h, 001h

db 000h, 000h, 0C0h, 0EBh, 050h, 08Bh, 0D8h, 08Dh, 043h, 034h

db 050h, 0FFh, 053h, 020h, 085h, 0C0h, 075h, 043h, 039h, 043h

db 04Ch, 08Dh, 04Bh, 034h, 074h, 007h, 0B8h, 001h, 000h, 000h

db 0C0h, 0EBh, 038h, 08Bh, 0C3h, 033h, 0D2h, 089h, 05Dh, 0FCh

db 0F0h, 00Fh, 0B1h, 096h, 0F4h, 00Fh, 000h, 000h, 051h, 0FFh

db 053h, 01Ch, 0FFh, 073h, 030h, 0FFh, 053h, 02Ch, 08Dh, 04Dh

db 0F8h, 08Dh, 055h, 0FCh, 068h, 000h, 080h, 000h, 000h, 051h

db 052h, 0C7h, 045h, 0F8h, 000h, 000h, 000h, 000h, 06Ah, 0FFh

db 0FFh, 053h, 014h, 033h, 0C0h, 05Eh, 05Bh, 0C9h, 0C3h, 08Dh

db 04Bh, 034h, 050h, 051h, 0FFh, 053h, 024h, 058h, 0EBh, 0F1h

; ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 0x726 ~~~~~~~~~~~~~~~~~~~~~~~~~

edemko · 8 мар 2010

Код (Text):

Address Hex dump Command Comments

00000000 85C0 test eax,eax

00000002 0F84 1C040000 je 00000424

00000008 48 dec eax

00000009 0F84 96060000 je 000006A5

0000000F 48 dec eax

00000010 0F84 6F050000 je 00000585

00000016 48 dec eax

00000017 0F84 F5050000 je 00000612

0000001D B8 010000C0 mov eax,C0000001

00000022 C3 retn

00000023 59 pop ecx

00000024 55 push ebp

00000025 50 push eax

00000026 E8 1F000000 call 0000004A

0000002B 50 push eax

0000002C 64:FF35 0000000 push [dword fs:0]

00000033 64:8925 0000000 mov [dword fs:0],esp

0000003A FFE1 jmp ecx

0000003C 59 pop ecx

0000003D 64:8F05 0000000 pop [dword fs:0]

00000044 8D6424 0C lea esp,[esp+0C]

00000048 FFE1 jmp ecx

0000004A E8 12000000 call 00000061

0000004F 8B4424 04 mov eax,[dword ss:esp+4]

00000053 8B6424 08 mov esp,[dword ss:esp+8]

00000057 8B00 mov eax,[dword ds:eax]

00000059 8B6C24 0C mov ebp,[dword ss:esp+0C]

0000005D FF6424 08 jmp near [dword ss:esp+8]

00000061 58 pop eax

00000062 C3 retn

00000063 55 push ebp

00000064 8BEC mov ebp,esp

00000066 8B55 08 mov edx,[dword ss:ebp+8]

00000069 B8 7B0000C0 mov eax,C000007B

0000006E 66:813A 4D5A cmp [word ds:edx],5A4D

00000073 75 2A jne short 0000009F

00000075 0352 3C add edx,[dword ds:edx+3C]

00000078 813A 50450000 cmp [dword ds:edx],4550

0000007E 75 1F jne short 0000009F

00000080 66:817A 14 E000 cmp [word ds:edx+14],0E0

00000086 75 17 jne short 0000009F

00000088 66:817A 04 4C01 cmp [word ds:edx+4],14C

0000008E 75 0F jne short 0000009F

00000090 66:F742 16 0001 test [word ds:edx+16],0100

00000096 74 07 je short 0000009F

00000098 8B4D 0C mov ecx,[dword ss:ebp+0C]

0000009B 33C0 xor eax,eax

0000009D 8911 mov [dword ds:ecx],edx

0000009F C9 leave

000000A0 C2 0800 retn 8

000000A3 55 push ebp

000000A4 8BEC mov ebp,esp

000000A6 53 push ebx

000000A7 8B4D 08 mov ecx,[dword ss:ebp+8]

000000AA 8B55 0C mov edx,[dword ss:ebp+0C]

000000AD 33DB xor ebx,ebx

000000AF 8A040B mov al,[byte ds:ecx+ebx]

000000B2 380413 cmp [byte ds:edx+ebx],al

000000B5 75 05 jne short 000000BC

000000B7 43 inc ebx

000000B8 84C0 test al,al

000000BA ^ 75 F3 jne short 000000AF

000000BC 5B pop ebx

000000BD C9 leave

000000BE C2 0800 retn 8

000000C1 55 push ebp

000000C2 8BEC mov ebp,esp

000000C4 83C4 F4 add esp,-0C

000000C7 53 push ebx

000000C8 56 push esi

000000C9 57 push edi

000000CA E8 D9000000 call 000001A8

000000CF E8 4FFFFFFF call 00000023

000000D4 64:A1 30000000 mov eax,[dword fs:30]

000000DA 8B5D 08 mov ebx,[dword ss:ebp+8]

000000DD 8B40 0C mov eax,[dword ds:eax+0C]

000000E0 85DB test ebx,ebx

000000E2 8B40 0C mov eax,[dword ds:eax+0C]

000000E5 75 05 jne short 000000EC

000000E7 8B00 mov eax,[dword ds:eax]

000000E9 8B58 18 mov ebx,[dword ds:eax+18]

000000EC 8D45 F8 lea eax,[ebp-8]

000000EF 50 push eax

000000F0 53 push ebx

000000F1 E8 6DFFFFFF call 00000063

000000F6 85C0 test eax,eax

000000F8 8B55 F8 mov edx,[dword ss:ebp-8]

000000FB 0F85 B8000000 jne 000001B9

00000101 8B42 78 mov eax,[dword ds:edx+78]

00000104 85C0 test eax,eax

00000106 0F84 AD000000 je 000001B9

0000010C 03C3 add eax,ebx

0000010E 8945 FC mov [dword ss:ebp-4],eax

00000111 8B70 20 mov esi,[dword ds:eax+20]

00000114 85F6 test esi,esi

00000116 0F84 A4000000 je 000001C0

0000011C 8B40 18 mov eax,[dword ds:eax+18]

0000011F 85C0 test eax,eax

00000121 0F84 99000000 je 000001C0

00000127 8945 F4 mov [dword ss:ebp-0C],eax

0000012A 03F3 add esi,ebx

0000012C 33FF xor edi,edi

0000012E FC cld

0000012F 8B06 mov eax,[dword ds:esi]

00000131 03C3 add eax,ebx

00000133 837D 10 00 cmp [dword ss:ebp+10],0

00000137 74 24 je short 0000015D

00000139 57 push edi

0000013A 8BF8 mov edi,eax

0000013C B9 04010000 mov ecx,104

00000141 8BD7 mov edx,edi

00000143 33C0 xor eax,eax

00000145 F2:AE repne scas [byte es:edi]

00000147 F7D1 not ecx

00000149 5F pop edi

0000014A 81C1 04010000 add ecx,104

00000150 51 push ecx

00000151 52 push edx

00000152 FF75 14 push [dword ss:ebp+14]

00000155 FF55 10 call near [dword ss:ebp+10]

00000158 3945 0C cmp [dword ss:ebp+0C],eax

0000015B EB 09 jmp short 00000166

0000015D 50 push eax

0000015E FF75 0C push [dword ss:ebp+0C]

00000161 E8 3DFFFFFF call 000000A3

00000166 75 30 jne short 00000198

00000168 8B4D FC mov ecx,[dword ss:ebp-4]

0000016B 8B41 24 mov eax,[dword ds:ecx+24]

0000016E 03C3 add eax,ebx

00000170 0FB73C78 movzx edi,[word ds:edi*2+eax]

00000174 0BFF or edi,edi

00000176 74 09 je short 00000181

00000178 3B79 10 cmp edi,[dword ds:ecx+10]

0000017B 72 03 jb short 00000180

0000017D 2B79 10 sub edi,[dword ds:ecx+10]

00000180 47 inc edi

00000181 8B71 1C mov esi,[dword ds:ecx+1C]

00000184 03F3 add esi,ebx

00000186 8B0CBE mov ecx,[dword ds:edi*4+esi]

00000189 85C9 test ecx,ecx

0000018B 8B55 18 mov edx,[dword ss:ebp+18]

0000018E 74 29 je short 000001B9

00000190 03CB add ecx,ebx

00000192 33C0 xor eax,eax

00000194 890A mov [dword ds:edx],ecx

00000196 EB 15 jmp short 000001AD

00000198 83C6 04 add esi,4

0000019B 47 inc edi

0000019C FF4D F4 dec [dword ss:ebp-0C]

0000019F ^ 75 8E jne short 0000012F

000001A1 B8 7A0000C0 mov eax,C000007A

000001A6 EB 05 jmp short 000001AD

000001A8 E8 B4FEFFFF call 00000061

000001AD E8 8AFEFFFF call 0000003C

000001B2 5F pop edi

000001B3 5E pop esi

000001B4 5B pop ebx

000001B5 C9 leave

000001B6 C2 1400 retn 14

000001B9 B8 7B0000C0 mov eax,C000007B

000001BE ^ EB ED jmp short 000001AD

000001C0 B8 FF0000C0 mov eax,C00000FF

000001C5 ^ EB E6 jmp short 000001AD

000001C7 55 push ebp

000001C8 8BEC mov ebp,esp

000001CA 83C4 EC add esp,-14

000001CD 56 push esi

000001CE 57 push edi

000001CF E8 62000000 call 00000236

000001D4 E8 4AFEFFFF call 00000023

000001D9 8D4D FC lea ecx,[ebp-4]

000001DC 33C0 xor eax,eax

000001DE 51 push ecx

000001DF 8D55 EC lea edx,[ebp-14]

000001E2 50 push eax

000001E3 50 push eax

000001E4 52 push edx

000001E5 50 push eax

000001E6 2D AE8B93BC sub eax,BC938BAE

000001EB 8945 EC mov [dword ss:ebp-14],eax

000001EE 05 1DF90332 add eax,3203F91D

000001F3 8945 F0 mov [dword ss:ebp-10],eax

000001F6 35 1B083307 xor eax,0733081B

000001FB 8945 F4 mov [dword ss:ebp-0C],eax

000001FE 35 17567172 xor eax,72715617

00000203 8945 F8 mov [dword ss:ebp-8],eax

00000206 E8 B6FEFFFF call 000000C1

0000020B 85C0 test eax,eax

0000020D 8B75 10 mov esi,[dword ss:ebp+10]

00000210 75 29 jne short 0000023B

00000212 8B7D 14 mov edi,[dword ss:ebp+14]

00000215 AD lods [dword ds:esi]

00000216 57 push edi

00000217 FF75 0C push [dword ss:ebp+0C]

0000021A FF75 FC push [dword ss:ebp-4]

0000021D 50 push eax

0000021E FF75 08 push [dword ss:ebp+8]

00000221 E8 9BFEFFFF call 000000C1

00000226 85C0 test eax,eax

00000228 75 11 jne short 0000023B

0000022A AD lods [dword ds:esi]

0000022B 83C7 04 add edi,4

0000022E 85C0 test eax,eax

00000230 ^ 75 E4 jne short 00000216

00000232 33C0 xor eax,eax

00000234 EB 05 jmp short 0000023B

00000236 E8 26FEFFFF call 00000061

0000023B E8 FCFDFFFF call 0000003C

00000240 5F pop edi

00000241 5E pop esi

00000242 C9 leave

00000243 C2 1000 retn 10

00000246 E8 16FEFFFF call 00000061

0000024B 55 push ebp

0000024C 8BEC mov ebp,esp

0000024E 83C4 FC add esp,-4

00000251 53 push ebx

00000252 56 push esi

00000253 57 push edi

00000254 8B45 08 mov eax,[dword ss:ebp+8]

00000257 8B08 mov ecx,[dword ds:eax]

00000259 8B50 04 mov edx,[dword ds:eax+4]

0000025C 8379 04 00 cmp [dword ds:ecx+4],0

00000260 64:8B1D 3000000 mov ebx,[dword fs:30]

00000267 0F85 1A010000 jne 00000387

0000026D 33C0 xor eax,eax

0000026F F0:0FB183 F40F0 lock cmpxchg [dword ds:ebx+0FF4],eax

00000277 8B79 0C mov edi,[dword ds:ecx+0C]

0000027A 0F84 07010000 je 00000387

00000280 8BD8 mov ebx,eax

00000282 8139 050000C0 cmp [dword ds:ecx],C0000005

00000288 8B33 mov esi,[dword ds:ebx]

0000028A 74 61 je short 000002ED

0000028C 8139 04000080 cmp [dword ds:ecx],80000004

00000292 74 1F je short 000002B3

00000294 8139 960000C0 cmp [dword ds:ecx],C0000096

0000029A 8D43 0A lea eax,[ebx+0A]

0000029D 0F85 E4000000 jne 00000387

000002A3 3BC7 cmp eax,edi

000002A5 0F85 DC000000 jne 00000387

000002AB FF82 B8000000 inc [dword ds:edx+0B8]

000002B1 EB 2B jmp short 000002DE

000002B3 85F6 test esi,esi

000002B5 0F84 CC000000 je 00000387

000002BB 83FE 01 cmp esi,1

000002BE 74 0A je short 000002CA

000002C0 3BF7 cmp esi,edi

000002C2 0F85 BF000000 jne 00000387

000002C8 EB 14 jmp short 000002DE

000002CA 8D43 04 lea eax,[ebx+4]

000002CD 3BC7 cmp eax,edi

000002CF 77 0B ja short 000002DC

000002D1 83C0 08 add eax,8

000002D4 3BC7 cmp eax,edi

000002D6 0F87 AB000000 ja 00000387

000002DC 893B mov [dword ds:ebx],edi

000002DE 81A2 C0000000 F and [dword ds:edx+0C0],FFFFFEFF

000002E8 E9 82000000 jmp 0000036F

000002ED 8B71 18 mov esi,[dword ds:ecx+18]

000002F0 8379 10 02 cmp [dword ds:ecx+10],2

000002F4 8D4B 34 lea ecx,[ebx+34]

000002F7 0F85 8A000000 jne 00000387

000002FD 51 push ecx

000002FE FF53 20 call near [dword ds:ebx+20]

00000301 837B 4C 00 cmp [dword ds:ebx+4C],0

00000305 74 79 je short 00000380

00000307 B9 C8000000 mov ecx,0C8

0000030C 8D7B 50 lea edi,[ebx+50]

0000030F 8B47 04 mov eax,[dword ds:edi+4]

00000312 85C0 test eax,eax

00000314 74 65 je short 0000037B

00000316 3BC6 cmp eax,esi

00000318 77 61 ja short 0000037B

0000031A 25 00F0FFFF and eax,FFFFF000

0000031F 05 00200000 add eax,2000

00000324 3BC6 cmp eax,esi

00000326 72 53 jb short 0000037B

00000328 8B17 mov edx,[dword ds:edi]

0000032A 85D2 test edx,edx

0000032C 74 09 je short 00000337

0000032E 64:3915 2400000 cmp [dword fs:24],edx

00000335 75 49 jne short 00000380

00000337 837F 0C 00 cmp [dword ds:edi+0C],0

0000033B 74 43 je short 00000380

0000033D 6A 40 push 40

0000033F 8D4D FC lea ecx,[ebp-4]

00000342 68 00100000 push 1000

00000347 8D57 04 lea edx,[edi+4]

0000034A 51 push ecx

0000034B 8147 04 0010000 add [dword ds:edi+4],1000

00000352 6A 00 push 0

00000354 C745 FC 0010000 mov [dword ss:ebp-4],1000

0000035B 52 push edx

0000035C 6A FF push -1

0000035E FF53 10 call near [dword ds:ebx+10]

00000361 85C0 test eax,eax

00000363 75 1B jne short 00000380

00000365 FF4F 0C dec [dword ds:edi+0C]

00000368 8D4B 34 lea ecx,[ebx+34]

0000036B 51 push ecx

0000036C FF53 24 call near [dword ds:ebx+24]

0000036F B8 FFFFFFFF mov eax,-1

00000374 5F pop edi

00000375 5E pop esi

00000376 5B pop ebx

00000377 C9 leave

00000378 C2 0400 retn 4

0000037B 83C7 14 add edi,14

0000037E E2 8F loop short 0000030F

00000380 8D4B 34 lea ecx,[ebx+34]

00000383 51 push ecx

00000384 FF53 24 call near [dword ds:ebx+24]

00000387 33C0 xor eax,eax

00000389 5F pop edi

0000038A 5E pop esi

0000038B 5B pop ebx

0000038C C9 leave

0000038D C2 0400 retn 4

00000390 55 push ebp

00000391 8BEC mov ebp,esp

00000393 83C4 F8 add esp,-8

00000396 53 push ebx

00000397 33C0 xor eax,eax

00000399 8B5D 08 mov ebx,[dword ss:ebp+8]

0000039C 6A 04 push 4

0000039E 8D4D 0C lea ecx,[ebp+0C]

000003A1 68 00200000 push 2000

000003A6 8D55 FC lea edx,[ebp-4]

000003A9 51 push ecx

000003AA 8945 FC mov [dword ss:ebp-4],eax

000003AD 50 push eax

000003AE 52 push edx

000003AF 6A FF push -1

000003B1 FF53 04 call near [dword ds:ebx+4]

000003B4 85C0 test eax,eax

000003B6 75 4A jne short 00000402

000003B8 6A 40 push 40

000003BA 8D4D F8 lea ecx,[ebp-8]

000003BD 68 00100000 push 1000

000003C2 8D55 FC lea edx,[ebp-4]

000003C5 51 push ecx

000003C6 50 push eax

000003C7 C745 F8 0010000 mov [dword ss:ebp-8],1000

000003CE 52 push edx

000003CF 6A FF push -1

000003D1 FF53 04 call near [dword ds:ebx+4]

000003D4 85C0 test eax,eax

000003D6 8B55 10 mov edx,[dword ss:ebp+10]

000003D9 75 2C jne short 00000407

000003DB 8B5D 14 mov ebx,[dword ss:ebp+14]

000003DE 83FA FE cmp edx,-2

000003E1 75 07 jne short 000003EA

000003E3 64:8B15 2400000 mov edx,[dword fs:24]

000003EA 8B4D 0C mov ecx,[dword ss:ebp+0C]

000003ED FF75 FC push [dword ss:ebp-4]

000003F0 C1E9 0C shr ecx,0C

000003F3 8913 mov [dword ds:ebx],edx

000003F5 FF75 FC push [dword ss:ebp-4]

000003F8 49 dec ecx

000003F9 8F43 08 pop [dword ds:ebx+8]

000003FC 894B 0C mov [dword ds:ebx+0C],ecx

000003FF 8F43 04 pop [dword ds:ebx+4]

00000402 5B pop ebx

00000403 C9 leave

00000404 C2 1000 retn 10

00000407 8D4D F8 lea ecx,[ebp-8]

0000040A 50 push eax

0000040B 8D55 FC lea edx,[ebp-4]

0000040E 68 00800000 push 8000

00000413 51 push ecx

00000414 52 push edx

00000415 C745 F8 0000000 mov [dword ss:ebp-8],0

0000041C 6A FF push -1

0000041E FF53 08 call near [dword ds:ebx+8]

00000421 58 pop eax

00000422 ^ EB DE jmp short 00000402

00000424 55 push ebp

00000425 8BEC mov ebp,esp

00000427 81C4 08FFFFFF add esp,-0F8

0000042D 53 push ebx

0000042E 56 push esi

0000042F 57 push edi

00000430 33C0 xor eax,eax

00000432 64:8B1D 3000000 mov ebx,[dword fs:30]

00000439 F0:0FB183 F40F0 lock cmpxchg [dword ds:ebx+0FF4],eax

00000441 8D4D BC lea ecx,[ebp-44]

00000444 74 07 je short 0000044D

00000446 33C0 xor eax,eax

00000448 E9 DC000000 jmp 00000529

0000044D 51 push ecx

0000044E 33C0 xor eax,eax

00000450 8DBD 10FFFFFF lea edi,[ebp-0F0]

00000456 FC cld

00000457 57 push edi

00000458 2D 39048A08 sub eax,88A0439

0000045D AB stos [dword es:edi]

0000045E 35 B35E552F xor eax,2F555EB3

00000463 AB stos [dword es:edi]

00000464 05 60805921 add eax,21598060

00000469 AB stos [dword es:edi]

0000046A 2D 302C036C sub eax,6C032C30

0000046F AB stos [dword es:edi]

00000470 35 F81855ED xor eax,ED5518F8

00000475 AB stos [dword es:edi]

00000476 05 086FDBF8 add eax,F8DB6F08

0000047B AB stos [dword es:edi]

0000047C 2D 133107B9 sub eax,B9073113

00000481 AB stos [dword es:edi]

00000482 35 591D5325 xor eax,25531D59

00000487 AB stos [dword es:edi]

00000488 05 2EFF2C44 add eax,442CFF2E

0000048D AB stos [dword es:edi]

0000048E 33C0 xor eax,eax

00000490 AB stos [dword es:edi]

00000491 50 push eax

00000492 50 push eax

00000493 E8 2FFDFFFF call 000001C7

00000498 85C0 test eax,eax

0000049A 0F85 89000000 jne 00000529

000004A0 6A 04 push 4

000004A2 8D8D 08FFFFFF lea ecx,[ebp-0F8]

000004A8 68 00100000 push 1000

000004AD 8D95 0CFFFFFF lea edx,[ebp-0F4]

000004B3 51 push ecx

000004B4 8985 0CFFFFFF mov [dword ss:ebp-0F4],eax

000004BA 50 push eax

000004BB C785 08FFFFFF 0 mov [dword ss:ebp-0F8],1000

000004C5 52 push edx

000004C6 6A FF push -1

000004C8 FF55 C0 call near [dword ss:ebp-40]

000004CB 85C0 test eax,eax

000004CD 8D55 E4 lea edx,[ebp-1C]

000004D0 75 57 jne short 00000529

000004D2 52 push edx

000004D3 FF55 C8 call near [dword ss:ebp-38]

000004D6 85C0 test eax,eax

000004D8 75 61 jne short 0000053B

000004DA E8 67FDFFFF call 00000246

000004DF 50 push eax

000004E0 6A 01 push 1

000004E2 FF55 D8 call near [dword ss:ebp-28]

000004E5 85C0 test eax,eax

000004E7 FC cld

000004E8 74 44 je short 0000052E

000004EA B9 13000000 mov ecx,13

000004EF 8945 E0 mov [dword ss:ebp-20],eax

000004F2 8BBD 0CFFFFFF mov edi,[dword ss:ebp-0F4]

000004F8 8D75 B0 lea esi,[ebp-50]

000004FB 33C0 xor eax,eax

000004FD 8BD7 mov edx,edi

000004FF 8945 B0 mov [dword ss:ebp-50],eax

00000502 C745 B4 6800010 mov [dword ss:ebp-4C],10068

00000509 C745 B8 009DF4C mov [dword ss:ebp-48],C3F49D00

00000510 F3:A5 rep movs [dword es:edi],[dword ds:esi]

00000512 F0:0FB193 F40F0 lock cmpxchg [dword ds:ebx+0FF4],edx

0000051A 75 12 jne short 0000052E

0000051C 33C0 xor eax,eax

0000051E 8D4A 04 lea ecx,[edx+4]

00000521 C702 01000000 mov [dword ds:edx],1

00000527 FFD1 call ecx

00000529 5F pop edi

0000052A 5E pop esi

0000052B 5B pop ebx

0000052C C9 leave

0000052D C3 retn

0000052E 8D45 E4 lea eax,[ebp-1C]

00000531 68 010000C0 push C0000001

00000536 50 push eax

00000537 FF55 CC call near [dword ss:ebp-34]

0000053A 58 pop eax

0000053B 50 push eax

0000053C 8D8D 08FFFFFF lea ecx,[ebp-0F8]

00000542 68 00800000 push 8000

00000547 8D95 0CFFFFFF lea edx,[ebp-0F4]

0000054D 51 push ecx

0000054E 52 push edx

0000054F 6A FF push -1

00000551 FF55 C4 call near [dword ss:ebp-3C]

00000554 58 pop eax

00000555 ^ EB D2 jmp short 00000529

00000557 55 push ebp

00000558 8BEC mov ebp,esp

0000055A 81C4 C8FEFFFF add esp,-138

00000560 8B4D 08 mov ecx,[dword ss:ebp+8]

00000563 6A 00 push 0

00000565 8D95 C8FEFFFF lea edx,[ebp-138]

0000056B 68 38010000 push 138

00000570 52 push edx

00000571 6A 02 push 2

00000573 FF11 call near [dword ds:ecx]

00000575 8B4D 0C mov ecx,[dword ss:ebp+0C]

00000578 85C0 test eax,eax

0000057A 8B55 FC mov edx,[dword ss:ebp-4]

0000057D 75 02 jne short 00000581

0000057F 8911 mov [dword ds:ecx],edx

00000581 C9 leave

00000582 C2 0800 retn 8

00000585 55 push ebp

00000586 8BEC mov ebp,esp

00000588 53 push ebx

00000589 56 push esi

0000058A 57 push edi

0000058B 33C0 xor eax,eax

0000058D 64:8B1D 3000000 mov ebx,[dword fs:30]

00000594 F0:0FB183 F40F0 lock cmpxchg [dword ds:ebx+0FF4],eax

0000059C 75 07 jne short 000005A5

0000059E B8 010000C0 mov eax,C0000001

000005A3 EB 66 jmp short 0000060B

000005A5 8BD8 mov ebx,eax

000005A7 8D43 34 lea eax,[ebx+34]

000005AA 50 push eax

000005AB FF53 20 call near [dword ds:ebx+20]

000005AE 85C0 test eax,eax

000005B0 75 59 jne short 0000060B

000005B2 B9 C8000000 mov ecx,0C8

000005B7 8D73 50 lea esi,[ebx+50]

000005BA 3946 04 cmp [dword ds:esi+4],eax

000005BD 74 0C je short 000005CB

000005BF 83C6 14 add esi,14

000005C2 E2 F6 loop short 000005BA

000005C4 B8 9A0000C0 mov eax,C000009A

000005C9 EB 37 jmp short 00000602

000005CB 8D7B 0C lea edi,[ebx+0C]

000005CE 56 push esi

000005CF FF75 0C push [dword ss:ebp+0C]

000005D2 FF75 08 push [dword ss:ebp+8]

000005D5 57 push edi

000005D6 E8 B5FDFFFF call 00000390

000005DB 85C0 test eax,eax

000005DD 75 23 jne short 00000602

000005DF 8D46 10 lea eax,[esi+10]

000005E2 50 push eax

000005E3 57 push edi

000005E4 E8 6EFFFFFF call 00000557

000005E9 85C0 test eax,eax

000005EB 8B4E 04 mov ecx,[dword ds:esi+4]

000005EE 75 12 jne short 00000602

000005F0 FF76 10 push [dword ds:esi+10]

000005F3 8B7D 14 mov edi,[dword ss:ebp+14]

000005F6 8B55 10 mov edx,[dword ss:ebp+10]

000005F9 8F07 pop [dword ds:edi]

000005FB 890A mov [dword ds:edx],ecx

000005FD FF43 4C inc [dword ds:ebx+4C]

00000600 33C0 xor eax,eax

00000602 8D4B 34 lea ecx,[ebx+34]

00000605 50 push eax

00000606 51 push ecx

00000607 FF53 24 call near [dword ds:ebx+24]

0000060A 58 pop eax

0000060B 5F pop edi

0000060C 5E pop esi

0000060D 5B pop ebx

0000060E C9 leave

0000060F C2 1000 retn 10

00000612 55 push ebp

00000613 8BEC mov ebp,esp

00000615 83C4 FC add esp,-4

00000618 53 push ebx

00000619 56 push esi

0000061A 57 push edi

0000061B 33C0 xor eax,eax

0000061D 64:8B1D 3000000 mov ebx,[dword fs:30]

00000624 F0:0FB183 F40F0 lock cmpxchg [dword ds:ebx+0FF4],eax

0000062C 75 07 jne short 00000635

0000062E B8 010000C0 mov eax,C0000001

00000633 EB 62 jmp short 00000697

00000635 8BD8 mov ebx,eax

00000637 8D43 34 lea eax,[ebx+34]

0000063A 50 push eax

0000063B FF53 20 call near [dword ds:ebx+20]

0000063E 85C0 test eax,eax

00000640 8B73 4C mov esi,[dword ds:ebx+4C]

00000643 75 52 jne short 00000697

00000645 85F6 test esi,esi

00000647 74 55 je short 0000069E

00000649 B9 C8000000 mov ecx,0C8

0000064E 8D7B 50 lea edi,[ebx+50]

00000651 8B55 08 mov edx,[dword ss:ebp+8]

00000654 8B47 04 mov eax,[dword ds:edi+4]

00000657 85C0 test eax,eax

00000659 74 08 je short 00000663

0000065B 3957 10 cmp [dword ds:edi+10],edx

0000065E 74 0A je short 0000066A

00000660 4E dec esi

00000661 74 3B je short 0000069E

00000663 83C7 14 add edi,14

00000666 E2 EC loop short 00000654

00000668 EB 34 jmp short 0000069E

0000066A 8D4D FC lea ecx,[ebp-4]

0000066D 8D57 08 lea edx,[edi+8]

00000670 68 00800000 push 8000

00000675 51 push ecx

00000676 52 push edx

00000677 C745 FC 0000000 mov [dword ss:ebp-4],0

0000067E 6A FF push -1

00000680 FF53 14 call near [dword ds:ebx+14]

00000683 33C0 xor eax,eax

00000685 FC cld

00000686 FF4B 4C dec [dword ds:ebx+4C]

00000689 AB stos [dword es:edi]

0000068A AB stos [dword es:edi]

0000068B AB stos [dword es:edi]

0000068C AB stos [dword es:edi]

0000068D AB stos [dword es:edi]

0000068E 8D4B 34 lea ecx,[ebx+34]

00000691 50 push eax

00000692 51 push ecx

00000693 FF53 24 call near [dword ds:ebx+24]

00000696 58 pop eax

00000697 5F pop edi

00000698 5E pop esi

00000699 5B pop ebx

0000069A C9 leave

0000069B C2 0400 retn 4

0000069E B8 080000C0 mov eax,C0000008

000006A3 ^ EB E9 jmp short 0000068E

000006A5 55 push ebp

000006A6 8BEC mov ebp,esp

000006A8 83C4 F8 add esp,-8

000006AB 53 push ebx

000006AC 56 push esi

000006AD 33C0 xor eax,eax

000006AF 64:8B35 3000000 mov esi,[dword fs:30]

000006B6 F0:0FB186 F40F0 lock cmpxchg [dword ds:esi+0FF4],eax

000006BE 75 07 jne short 000006C7

000006C0 B8 010000C0 mov eax,C0000001

000006C5 EB 50 jmp short 00000717

000006C7 8BD8 mov ebx,eax

000006C9 8D43 34 lea eax,[ebx+34]

000006CC 50 push eax

000006CD FF53 20 call near [dword ds:ebx+20]

000006D0 85C0 test eax,eax

000006D2 75 43 jne short 00000717

000006D4 3943 4C cmp [dword ds:ebx+4C],eax

000006D7 8D4B 34 lea ecx,[ebx+34]

000006DA 74 07 je short 000006E3

000006DC B8 010000C0 mov eax,C0000001

000006E1 EB 38 jmp short 0000071B

000006E3 8BC3 mov eax,ebx

000006E5 33D2 xor edx,edx

000006E7 895D FC mov [dword ss:ebp-4],ebx

000006EA F0:0FB196 F40F0 lock cmpxchg [dword ds:esi+0FF4],edx

000006F2 51 push ecx

000006F3 FF53 1C call near [dword ds:ebx+1C]

000006F6 FF73 30 push [dword ds:ebx+30]

000006F9 FF53 2C call near [dword ds:ebx+2C]

000006FC 8D4D F8 lea ecx,[ebp-8]

000006FF 8D55 FC lea edx,[ebp-4]

00000702 68 00800000 push 8000

00000707 51 push ecx

00000708 52 push edx

00000709 C745 F8 0000000 mov [dword ss:ebp-8],0

00000710 6A FF push -1

00000712 FF53 14 call near [dword ds:ebx+14]

00000715 33C0 xor eax,eax

00000717 5E pop esi

00000718 5B pop ebx

00000719 C9 leave

0000071A C3 retn

0000071B 8D4B 34 lea ecx,[ebx+34]

0000071E 50 push eax

0000071F 51 push ecx

00000720 FF53 24 call near [dword ds:ebx+24]

00000723 58 pop eax

00000724 ^ EB F1 jmp short 00000717

Clerk · 8 мар 2010

edemko
Спасибо, ну у меня сурцы есть xD.

Asterix · 8 мар 2010

выдранные Win32 API для работы с хипом ?

Clerk · 8 мар 2010

Asterix
ппц.. ну что за придурки.)

Asterix · 8 мар 2010

придурки код в виде дампов постят

Clerk · 8 мар 2010

Asterix
1. Уже несколько месяцев на васме сурцы лежат.
2. Пермутирующий код постят в виде дампов. Он ведь пермутирующий, ну вы поняли.
3. Чисто ради интереса и накопления опыта реверсите, привыкле всё готовое на блюдечке иметь.

Sashok · 8 мар 2010

Rockphorr
Спасибо вам большое,я думаю это всё что мне нужно было узнать.

wasm_test · 8 мар 2010

Бабули, сворачиваем лавочку, сплетни про Путина и Лужкова в другом месте. Ой, щас же Медведев.. Ну все равно.
А молочко подорожало на целых 10 копеек еще в прошлом месяце

Войти или зарегистрироваться

Выделение памяти средствами FASM

Sashok New Member

Rockphorr Well-Known Member

Mika0x65 New Member

Clerk Забанен

edemko New Member

Clerk Забанен

Asterix New Member

Clerk Забанен

Asterix New Member

Clerk Забанен

Sashok New Member

wasm_test wasm test user

Войти или зарегистрироваться

Выделение памяти средствами FASM

Sashok New Member

Rockphorr Well-Known Member

Mika0x65 New Member

Clerk Забанен

edemko New Member

Clerk Забанен

Asterix New Member

Clerk Забанен

Asterix New Member

Clerk Забанен

Sashok New Member

wasm_test wasm test user

Быстрый поиск