荣誉值:0
信誉值:0
注册日期:2013-01-28 23:32 |
---------------------------------------------------------------------------------------------------
10001850 DecodeNew:
10001850 6AFF push FFFFFFFFh
10001852 6808290010 push L10002908
10001857 64A100000000 mov eax,fs:[00000000h]
1000185D 50 push eax
1000185E 64892500000000 mov fs:[00000000h],esp
10001865 83EC44 sub esp,00000044h
10001868 53 push ebx
10001869 55 push ebp
1000186A 56 push esi
1000186B 57 push edi
1000186C 8D4C2410 lea ecx,[esp+10h]
10001870 E87B0A0000 call jmp_MFC42.DLL!MFC42.540
10001875 8D4C2414 lea ecx,[esp+14h]
10001879 C744245C00000000 mov dword ptr [esp+5Ch],00000000h
10001881 E86A0A0000 call jmp_MFC42.DLL!MFC42.540
10001886 8D4C2418 lea ecx,[esp+18h]
1000188A C644245C01 mov byte ptr [esp+5Ch],01h
1000188F E85C0A0000 call jmp_MFC42.DLL!MFC42.540
10001894 8D4C241C lea ecx,[esp+1Ch]
10001898 C644245C02 mov byte ptr [esp+5Ch],02h
1000189D E84E0A0000 call jmp_MFC42.DLL!MFC42.540
100018A2 8B742464 mov esi,[esp+64h]
100018A6 BB03000000 mov ebx,00000003h
100018AB 56 push esi
100018AC 8D4C2420 lea ecx,[esp+20h]
100018B0 885C2460 mov [esp+60h],bl
100018B4 E8310A0000 call jmp_MFC42.DLL!MFC42.860
100018B9 8B44241C mov eax,[esp+1Ch]
100018BD 8B68F8 mov ebp,[eax-08h]
100018C0 3BEB cmp ebp,ebx
100018C2 896C2444 mov [esp+44h],ebp
100018C6 7D43 jge L1000190B
100018C8 8D4C241C lea ecx,[esp+1Ch]
100018CC C644245C02 mov byte ptr [esp+5Ch],02h
100018D1 E8A2090000 call jmp_MFC42.DLL!MFC42.800
100018D6 8D4C2418 lea ecx,[esp+18h]
100018DA C644245C01 mov byte ptr [esp+5Ch],01h
100018DF E894090000 call jmp_MFC42.DLL!MFC42.800
100018E4 8D4C2414 lea ecx,[esp+14h]
100018E8 C644245C00 mov byte ptr [esp+5Ch],00h
100018ED E886090000 call jmp_MFC42.DLL!MFC42.800
100018F2 8D4C2410 lea ecx,[esp+10h]
100018F6 C744245CFFFFFFFF mov dword ptr [esp+5Ch],FFFFFFFFh
100018FE E875090000 call jmp_MFC42.DLL!MFC42.800
10001903 83C8FF or eax,FFFFFFFFh
10001906 E929030000 jmp L10001C34
1000190B L1000190B:
1000190B 68D0410010 push SSZ100041D0_7109234685
10001910 8D4C241C lea ecx,[esp+1Ch]
10001914 E8D1090000 call jmp_MFC42.DLL!MFC42.860
10001919 56 push esi
1000191A 8B4C241C mov ecx,[esp+1Ch]
1000191E 8B51F8 mov edx,[ecx-08h]
10001921 8D4C2414 lea ecx,[esp+14h]
10001925 89542468 mov [esp+68h],edx
10001929 E8BC090000 call jmp_MFC42.DLL!MFC42.860
1000192E 83FD01 cmp ebp,00000001h
10001931 C744242001000000 mov dword ptr [esp+20h],00000001h
10001939 0F8C84020000 jl L10001BC3
1000193F L1000193F:
1000193F 683C430010 push L1000433C
10001944 8D4C2418 lea ecx,[esp+18h]
10001948 E89D090000 call jmp_MFC42.DLL!MFC42.860
1000194D 6A01 push 00000001h
1000194F 8D542428 lea edx,[esp+28h]
10001953 8B442414 mov eax,[esp+14h]
10001957 8B78F8 mov edi,[eax-08h]
1000195A 8D4FFF lea ecx,[edi-01h]
1000195D 51 push ecx
1000195E 52 push edx
1000195F 8D4C241C lea ecx,[esp+1Ch]
10001963 E894090000 call jmp_MFC42.DLL!MFC42.4278
10001968 8B00 mov eax,[eax]
1000196A 8D4C2418 lea ecx,[esp+18h]
1000196E 50 push eax
1000196F C644246004 mov byte ptr [esp+60h],04h
10001974 E87D090000 call jmp_MFC42.DLL!MFC42.2784
10001979 8BF0 mov esi,eax
1000197B 8D4C2424 lea ecx,[esp+24h]
1000197F 46 inc esi
10001980 885C245C mov [esp+5Ch],bl
10001984 E8EF080000 call jmp_MFC42.DLL!MFC42.800
10001989 83C7FE add edi,FFFFFFFEh
1000198C 6A01 push 00000001h
1000198E 8D44242C lea eax,[esp+2Ch]
10001992 57 push edi
10001993 50 push eax
10001994 8D4C241C lea ecx,[esp+1Ch]
10001998 E85F090000 call jmp_MFC42.DLL!MFC42.4278
1000199D 8B00 mov eax,[eax]
1000199F 8D4C2418 lea ecx,[esp+18h]
100019A3 50 push eax
100019A4 C644246005 mov byte ptr [esp+60h],05h
100019A9 E848090000 call jmp_MFC42.DLL!MFC42.2784
100019AE 8BF8 mov edi,eax
100019B0 8D4C2428 lea ecx,[esp+28h]
100019B4 47 inc edi
100019B5 885C245C mov [esp+5Ch],bl
100019B9 E8BA080000 call jmp_MFC42.DLL!MFC42.800
100019BE 85F6 test esi,esi
100019C0 0F8EC5020000 jle L10001C8B
100019C6 85FF test edi,edi
100019C8 0F8EBD020000 jle L10001C8B
100019CE 8B442464 mov eax,[esp+64h]
100019D2 2BF7 sub esi,edi
100019D4 83FE01 cmp esi,00000001h
100019D7 7D02 jge L100019DB
100019D9 03F0 add esi,eax
100019DB L100019DB:
100019DB 03F6 add esi,esi
100019DD 3BF0 cmp esi,eax
100019DF 7E02 jle L100019E3
100019E1 2BF0 sub esi,eax
100019E3 L100019E3:
100019E3 4E dec esi
100019E4 6A01 push 00000001h
100019E6 8D4C2434 lea ecx,[esp+34h]
100019EA 56 push esi
100019EB 51 push ecx
100019EC 8D4C2424 lea ecx,[esp+24h]
100019F0 E807090000 call jmp_MFC42.DLL!MFC42.4278
100019F5 8D542410 lea edx,[esp+10h]
100019F9 C644245C06 mov byte ptr [esp+5Ch],06h
100019FE 52 push edx
100019FF 50 push eax
10001A00 8D442434 lea eax,[esp+34h]
10001A04 50 push eax
10001A05 E8D4080000 call jmp_MFC42.DLL!MFC42.922
10001A0A 50 push eax
10001A0B 8D4C2414 lea ecx,[esp+14h]
10001A0F C644246007 mov byte ptr [esp+60h],07h
10001A14 E853080000 call jmp_MFC42.DLL!MFC42.858
10001A19 8D4C242C lea ecx,[esp+2Ch]
10001A1D C644245C06 mov byte ptr [esp+5Ch],06h
10001A22 E851080000 call jmp_MFC42.DLL!MFC42.800
10001A27 8D4C2430 lea ecx,[esp+30h]
10001A2B 885C245C mov [esp+5Ch],bl
10001A2F E844080000 call jmp_MFC42.DLL!MFC42.800
10001A34 8B4C2410 mov ecx,[esp+10h]
10001A38 8B41F8 mov eax,[ecx-08h]
10001A3B 83F802 cmp eax,00000002h
10001A3E 0F8CE7000000 jl L10001B2B
10001A44 8D68FE lea ebp,[eax-02h]
10001A47 L10001A47:
10001A47 8D5501 lea edx,[ebp+01h]
10001A4A 6A01 push 00000001h
10001A4C 8D442438 lea eax,[esp+38h]
10001A50 52 push edx
10001A51 50 push eax
10001A52 8D4C241C lea ecx,[esp+1Ch]
10001A56 E8A1080000 call jmp_MFC42.DLL!MFC42.4278
10001A5B 8B00 mov eax,[eax]
10001A5D 8D4C2418 lea ecx,[esp+18h]
10001A61 50 push eax
10001A62 C644246008 mov byte ptr [esp+60h],08h
10001A67 E88A080000 call jmp_MFC42.DLL!MFC42.2784
10001A6C 8BF0 mov esi,eax
10001A6E 8D4C2434 lea ecx,[esp+34h]
10001A72 46 inc esi
10001A73 885C245C mov [esp+5Ch],bl
10001A77 E8FC070000 call jmp_MFC42.DLL!MFC42.800
10001A7C 6A01 push 00000001h
10001A7E 8D4C243C lea ecx,[esp+3Ch]
10001A82 55 push ebp
10001A83 51 push ecx
10001A84 8D4C241C lea ecx,[esp+1Ch]
10001A88 E86F080000 call jmp_MFC42.DLL!MFC42.4278
10001A8D 8B00 mov eax,[eax]
10001A8F 8D4C2418 lea ecx,[esp+18h]
10001A93 50 push eax
10001A94 C644246009 mov byte ptr [esp+60h],09h
10001A99 E858080000 call jmp_MFC42.DLL!MFC42.2784
10001A9E 8BF8 mov edi,eax
10001AA0 8D4C2438 lea ecx,[esp+38h]
10001AA4 47 inc edi
10001AA5 885C245C mov [esp+5Ch],bl
10001AA9 E8CA070000 call jmp_MFC42.DLL!MFC42.800
10001AAE 85F6 test esi,esi
10001AB0 0F8E93010000 jle L10001C49
10001AB6 85FF test edi,edi
10001AB8 0F8E8B010000 jle L10001C49
10001ABE 2BF7 sub esi,edi
10001AC0 83FE01 cmp esi,00000001h
10001AC3 7D04 jge L10001AC9
10001AC5 03742464 add esi,[esp+64h]
10001AC9 L10001AC9:
10001AC9 4E dec esi
10001ACA 6A01 push 00000001h
10001ACC 8D542444 lea edx,[esp+44h]
10001AD0 56 push esi
10001AD1 52 push edx
10001AD2 8D4C2424 lea ecx,[esp+24h]
10001AD6 E821080000 call jmp_MFC42.DLL!MFC42.4278
10001ADB 8D4C2414 lea ecx,[esp+14h]
10001ADF 8D54243C lea edx,[esp+3Ch]
10001AE3 51 push ecx
10001AE4 50 push eax
10001AE5 52 push edx
10001AE6 C64424680A mov byte ptr [esp+68h],0Ah
10001AEB E8EE070000 call jmp_MFC42.DLL!MFC42.922
10001AF0 50 push eax
10001AF1 8D4C2418 lea ecx,[esp+18h]
10001AF5 C64424600B mov byte ptr [esp+60h],0Bh
10001AFA E86D070000 call jmp_MFC42.DLL!MFC42.858
10001AFF 8D4C243C lea ecx,[esp+3Ch]
10001B03 C644245C0A mov byte ptr [esp+5Ch],0Ah
10001B08 E86B070000 call jmp_MFC42.DLL!MFC42.800
10001B0D 8D4C2440 lea ecx,[esp+40h]
10001B11 885C245C mov [esp+5Ch],bl
10001B15 E85E070000 call jmp_MFC42.DLL!MFC42.800
10001B1A 4D dec ebp
10001B1B 8D4502 lea eax,[ebp+02h]
10001B1E 83F802 cmp eax,00000002h
10001B21 0F8D20FFFFFF jge L10001A47
10001B27 8B6C2444 mov ebp,[esp+44h]
10001B2B L10001B2B:
10001B2B 8B4C2414 mov ecx,[esp+14h]
10001B2F 8D542450 lea edx,[esp+50h]
10001B33 8B41F8 mov eax,[ecx-08h]
10001B36 8D4C2414 lea ecx,[esp+14h]
10001B3A 48 dec eax
10001B3B 50 push eax
10001B3C 6A00 push 00000000h
10001B3E 52 push edx
10001B3F E8B8070000 call jmp_MFC42.DLL!MFC42.4278
10001B44 8BF0 mov esi,eax
10001B46 8D44244C lea eax,[esp+4Ch]
10001B4A 6A01 push 00000001h
10001B4C 50 push eax
10001B4D 8D4C241C lea ecx,[esp+1Ch]
10001B51 C64424640C mov byte ptr [esp+64h],0Ch
10001B56 E877070000 call jmp_MFC42.DLL!MFC42.5710
10001B5B 56 push esi
10001B5C 8D4C244C lea ecx,[esp+4Ch]
10001B60 50 push eax
10001B61 51 push ecx
10001B62 C64424680D mov byte ptr [esp+68h],0Dh
10001B67 E872070000 call jmp_MFC42.DLL!MFC42.922
10001B6C 50 push eax
10001B6D 8D4C2418 lea ecx,[esp+18h]
10001B71 C64424600E mov byte ptr [esp+60h],0Eh
10001B76 E8F1060000 call jmp_MFC42.DLL!MFC42.858
10001B7B 8D4C2448 lea ecx,[esp+48h]
10001B7F C644245C0D mov byte ptr [esp+5Ch],0Dh
10001B84 E8EF060000 call jmp_MFC42.DLL!MFC42.800
10001B89 8D4C244C lea ecx,[esp+4Ch]
10001B8D C644245C0C mov byte ptr [esp+5Ch],0Ch
10001B92 E8E1060000 call jmp_MFC42.DLL!MFC42.800
10001B97 8D4C2450 lea ecx,[esp+50h]
10001B9B 885C245C mov [esp+5Ch],bl
10001B9F E8D4060000 call jmp_MFC42.DLL!MFC42.800
10001BA4 8D542414 lea edx,[esp+14h]
10001BA8 8D4C2410 lea ecx,[esp+10h]
10001BAC 52 push edx
10001BAD E8BA060000 call jmp_MFC42.DLL!MFC42.858
10001BB2 8B442420 mov eax,[esp+20h]
10001BB6 40 inc eax
10001BB7 3BC5 cmp eax,ebp
10001BB9 89442420 mov [esp+20h],eax
10001BBD 0F8E7CFDFFFF jle L1000193F
10001BC3 L10001BC3:
10001BC3 8B742414 mov esi,[esp+14h]
10001BC7 8B5C2468 mov ebx,[esp+68h]
10001BCB 33C9 xor ecx,ecx
10001BCD 8B46F8 mov eax,[esi-08h]
10001BD0 85C0 test eax,eax
10001BD2 7E14 jle L10001BE8
10001BD4 8BFE mov edi,esi
10001BD6 8BC3 mov eax,ebx
10001BD8 2BFB sub edi,ebx
10001BDA L10001BDA:
10001BDA 8A1407 mov dl,[edi+eax]
10001BDD 41 inc ecx
10001BDE 8810 mov [eax],dl
10001BE0 8B56F8 mov edx,[esi-08h]
10001BE3 40 inc eax
10001BE4 3BCA cmp ecx,edx
10001BE6 7CF2 jl L10001BDA
10001BE8 L10001BE8:
10001BE8 68C8000000 push 000000C8h
10001BED C6041900 mov byte ptr [ecx+ebx],00h
10001BF1 FF1504300010 call [KERNEL32.dll!Sleep]
10001BF7 8D4C241C lea ecx,[esp+1Ch]
10001BFB C644245C02 mov byte ptr [esp+5Ch],02h
10001C00 E873060000 call jmp_MFC42.DLL!MFC42.800
10001C05 8D4C2418 lea ecx,[esp+18h]
10001C09 C644245C01 mov byte ptr [esp+5Ch],01h
10001C0E E865060000 call jmp_MFC42.DLL!MFC42.800
10001C13 8D4C2414 lea ecx,[esp+14h]
10001C17 C644245C00 mov byte ptr [esp+5Ch],00h
10001C1C E857060000 call jmp_MFC42.DLL!MFC42.800
10001C21 8D4C2410 lea ecx,[esp+10h]
10001C25 C744245CFFFFFFFF mov dword ptr [esp+5Ch],FFFFFFFFh
10001C2D E846060000 call jmp_MFC42.DLL!MFC42.800
10001C32 33C0 xor eax,eax
10001C34 L10001C34:
10001C34 8B4C2454 mov ecx,[esp+54h]
10001C38 5F pop edi
10001C39 5E pop esi
10001C3A 5D pop ebp
10001C3B 5B pop ebx
10001C3C 64890D00000000 mov fs:[00000000h],ecx
10001C43 83C450 add esp,00000050h
10001C46 C20800 retn 0008h | | |
