能力值:
( LV2,RANK:10 )
|
-
-
2 楼
0043F7FE 50 push eax
0043F7FF 83C7 08 add edi,8
0043F802 FF96 4CF50300 call dword ptr ds:[esi+3F54C]
0043F808 95 xchg eax,ebp
0043F809 8A07 mov al,byte ptr ds:[edi]
0043F80B 47 inc edi
0043F80C 08C0 or al,al
0043F80E ^ 74 DC je short PeerCM.0043F7EC
0043F810 89F9 mov ecx,edi
0043F812 57 push edi
0043F813 48 dec eax
0043F814 F2:AE repne scas byte ptr es:[edi]
0043F816 55 push ebp
0043F817 FF96 50F50300 call dword ptr ds:[esi+3F550]
0043F81D 09C0 or eax,eax
0043F81F 74 07 je short PeerCM.0043F828
0043F821 8903 mov dword ptr ds:[ebx],eax
0043F823 83C3 04 add ebx,4
0043F826 ^ EB E1 jmp short PeerCM.0043F809
0043F828 FF96 54F50300 call dword ptr ds:[esi+3F554]
0043F82E 61 popad
0043F82F - E9 1055FCFF jmp PeerCM.00404D44 跳到入口点
|
能力值:
( LV2,RANK:10 )
|
-
-
3 楼
有毒,要试的大牛请小心.
释放文件并加载入系统.
kell.dat
Acon.dat
inetsrv.exe
病毒模块 MainFunc.dll 注入进程运行
|
|
|