Description: Description:
This stuff is out of my junior high. Over the surface of the world is a Free beholder.
In order to facilitate the resale, others I tinker with it a network authentication.
A few days ago boring OD load analysis, only to find the man s technology is pretty crappy.
OD loading:
The head displayed information is as follows:
004716D8> F9 STC
004716D9 72 14 JB SHORT duck soft disregard .004716 EF
004716DB BA 8550D643 MOV EDX, 43D65085
004716E0 F5 CMC
004716E1 2049 83 AND BYTE PTR DS: [ECX-7D], CL
004716E4 A0 1D9AF36E MOV AL, BYTE PTR DS: [6EF39A1D]
004716E9 9C PUSHFD
004716EA A1 93ACCAA5 MOV EAX, DWORD PTR DS: [A5CAAC93]
Copy the code
The inference is easy language to compile the flowers instructions. ESP s law can be used to skip.
Step-by-step advance, came to this step when ESP turned red:
To Search:
File list (Check if you may need any files):
Filename | Size | Date |
---|
鸭软免杀机(过全世界 | 已加强壳).exe |