-
-
[旧帖] 求助这是什么壳? 0.00雪花
-
发表于: 2013-8-16 09:27
-
006EC496 > 9C pushfd
006EC497 883C24 mov byte ptr [esp], bh
006EC49A 60 pushad
006EC49B 57 push edi
006EC49C C74424 24 1C3FF>mov dword ptr [esp+24], 37F13F1C
006EC4A4 E8 44EDFFFF call 006EB1ED
006EC4A9 ^ E9 B048FFFF jmp 006E0D5E
006EC4AE - FF25 64715700 jmp dword ptr [<&KERNEL32.LoadLibrar>; kernel32.LoadLibraryA
006EC4B4 8D6424 30 lea esp, dword ptr [esp+30]
006EC4B8 ^ 0F85 123CFFFF jnz 006E00D0
006EC4BE 66:0FABD1 bts cx, dx
006EC4C2 80F9 4A cmp cl, 4A
006EC4C5 80C1 B0 add cl, 0B0
006EC4C8 89F9 mov ecx, edi
006EC4CA 0FBDF1 bsr esi, ecx
006EC4CD 29D9 sub ecx, ebx
006EC4CF 66:FFC6 inc si
006EC4D2 89E6 mov esi, esp
006EC4D4 F9 stc
006EC4D5 38DF cmp bh, bl
006EC4D7 80FA BF cmp dl, 0BF
006EC4DA 83EF 04 sub edi, 4
006EC4DD 60 pushad
006EC4DE FF37 push dword ptr [edi]
006EC4E0 8F4424 1C pop dword ptr [esp+1C]
006EC497 883C24 mov byte ptr [esp], bh
006EC49A 60 pushad
006EC49B 57 push edi
006EC49C C74424 24 1C3FF>mov dword ptr [esp+24], 37F13F1C
006EC4A4 E8 44EDFFFF call 006EB1ED
006EC4A9 ^ E9 B048FFFF jmp 006E0D5E
006EC4AE - FF25 64715700 jmp dword ptr [<&KERNEL32.LoadLibrar>; kernel32.LoadLibraryA
006EC4B4 8D6424 30 lea esp, dword ptr [esp+30]
006EC4B8 ^ 0F85 123CFFFF jnz 006E00D0
006EC4BE 66:0FABD1 bts cx, dx
006EC4C2 80F9 4A cmp cl, 4A
006EC4C5 80C1 B0 add cl, 0B0
006EC4C8 89F9 mov ecx, edi
006EC4CA 0FBDF1 bsr esi, ecx
006EC4CD 29D9 sub ecx, ebx
006EC4CF 66:FFC6 inc si
006EC4D2 89E6 mov esi, esp
006EC4D4 F9 stc
006EC4D5 38DF cmp bh, bl
006EC4D7 80FA BF cmp dl, 0BF
006EC4DA 83EF 04 sub edi, 4
006EC4DD 60 pushad
006EC4DE FF37 push dword ptr [edi]
006EC4E0 8F4424 1C pop dword ptr [esp+1C]
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
|
|
|
|
|
|
|
|
|
