00401000 > $ 60 pushad ; (initial cpu selection)
00401001 . E8 03000000 call 00401009
00401006 E9 db E9
00401007 EB db EB
00401008 04 db 04
00401009 /$ 5D pop ebp
0040100A |. 45 inc ebp
0040100B |. 55 push ebp
0040100C \. C3 retn
0040100D E8 db E8
0040100E 01 db 01
0040100F 00 db 00
00401010 00 db 00
00401011 . 00EB add bl, ch
00401013 . 5D pop ebp
00401014 . BB EDFFFFFF mov ebx, -13
00401019 . 03DD add ebx, ebp
0040101B . 81EB 00400000 sub ebx, 4000
00401021 . 61 popad
00401022 .- E9 2FA50700 jmp 0047B556
直接到
0047B556 60 pushad
0047B557 E8 00000000 call 0047B55C
0047B55C 83C4 04 add esp, 4
0047B55F 8B6C24 FC mov ebp, dword ptr [esp-4]
0047B563 E8 80020000 call 0047B7E8
0047B568 E8 69240000 call 0047D9D6
0047B56D 837C24 28 01 cmp dword ptr [esp+28], 1
0047B572 75 0C jnz short 0047B580
0047B574 8B4424 24 mov eax, dword ptr [esp+24]
0047B578 8985 95450000 mov dword ptr [ebp+4595], eax
0047B57E EB 0C jmp short 0047B58C
0047B580 8B85 91450000 mov eax, dword ptr [ebp+4591]
0047B586 8985 95450000 mov dword ptr [ebp+4595], eax
0047B58C E8 0A0D0000 call 0047C29B
0047B591 EB 03 jmp short 0047B596
0047B593 24 00 and al, 0
0047B595 00E8 add al, ch
0047B597 1923 sbb dword ptr [ebx], esp
0047B599 0000 add byte ptr [eax], al
0047B59B 8DB5 7E530000 lea esi, dword ptr [ebp+537E]
0047B5A1 8D9D 0C030000 lea ebx, dword ptr [ebp+30C]
0047B5A7 33FF xor edi, edi
0047B5A9 EB 03 jmp short 0047B5AE
0047B5AB 3C 00 cmp al, 0
0047B5AD 00EB add bl, ch
0047B5AF 032D 0000EB1B add ebp, dword ptr [1BEB0000]
0047B5B5 8B85 95450000 mov eax, dword ptr [ebp+4595]
0047B5BB FF7437 04 push dword ptr [edi+esi+4]
0047B5BF 010424 add dword ptr [esp], eax
希望有大侠帮助下,谢谢各位了
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
^_
