-
-
[求助]一个软件想求机器码怎么来的
-
发表于: 2014-6-27 11:32
-
链接: http://pan.baidu.com/s/1pJI38hX 密码: 4ksl
软件主图,我等下上传.
好像每次取的机器码加密出来数字都不一样的,看来作者经过加密处理的
00404F9D 56 push esi
00404F9E 51 push ecx
00404F9F E8 2C7A0200 call MyqqEx(+.0042C9D0 ; 这个call进去有怀疑,高手帮忙分析下,是不是取机器码的call并且经过加密处理.可以直接下硬件断点到这里...
0042C9D0 55 push ebp
0042C9D1 8BEC mov ebp,esp
0042C9D3 83E4 F8 and esp,0xFFFFFFF8
0042C9D6 6A FF push -0x1
0042C9D8 68 56BC5500 push MyqqEx(+.0055BC56
0042C9DD 64:A1 00000000 mov eax,dword ptr fs:[0]
0042C9E3 50 push eax
0042C9E4 81EC 800C0000 sub esp,0xC80
0042C9EA A1 64C75A00 mov eax,dword ptr ds:[0x5AC764]
0042C9EF 33C4 xor eax,esp
0042C9F1 898424 780C0000 mov dword ptr ss:[esp+0xC78],eax
0042C9F8 53 push ebx
0042C9F9 56 push esi
0042C9FA 57 push edi
0042C9FB A1 64C75A00 mov eax,dword ptr ds:[0x5AC764]
0042CA00 33C4 xor eax,esp
0042CA02 50 push eax
0042CA03 8D8424 900C0000 lea eax,dword ptr ss:[esp+0xC90]
0042CA0A 64:A3 00000000 mov dword ptr fs:[0],eax
0042CA10 8B45 08 mov eax,dword ptr ss:[ebp+0x8]
0042CA13 33DB xor ebx,ebx
0042CA15 68 DC050000 push 0x5DC
0042CA1A 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CA21 53 push ebx
0042CA22 51 push ecx
0042CA23 894424 2C mov dword ptr ss:[esp+0x2C],eax
0042CA27 895C24 28 mov dword ptr ss:[esp+0x28],ebx
0042CA2B E8 90821000 call MyqqEx(+.00534CC0
0042CA30 83C4 0C add esp,0xC
0042CA33 68 DC050000 push 0x5DC
0042CA38 8D9424 A8060000 lea edx,dword ptr ss:[esp+0x6A8]
0042CA3F 53 push ebx
0042CA40 52 push edx
0042CA41 E8 7A821000 call MyqqEx(+.00534CC0
0042CA46 83C4 0C add esp,0xC
0042CA49 8DB424 C8000000 lea esi,dword ptr ss:[esp+0xC8]
0042CA50 889C24 C4000000 mov byte ptr ss:[esp+0xC4],bl
0042CA57 889C24 C5000000 mov byte ptr ss:[esp+0xC5],bl
0042CA5E 889C24 C6000000 mov byte ptr ss:[esp+0xC6],bl
0042CA65 C68424 C7000000>mov byte ptr ss:[esp+0xC7],0x7
0042CA6D E8 3EFEFFFF call MyqqEx(+.0042C8B0
0042CA72 8BF0 mov esi,eax
0042CA74 83C6 04 add esi,0x4
0042CA77 8D8434 C4000000 lea eax,dword ptr ss:[esp+esi+0xC4]
0042CA7E 50 push eax
0042CA7F E8 ACF7FFFF call MyqqEx(+.0042C230
0042CA84 83C4 04 add esp,0x4
0042CA87 03F0 add esi,eax
0042CA89 33FF xor edi,edi
0042CA8B EB 03 jmp XMyqqEx(+.0042CA90
0042CA8D 8D49 00 lea ecx,dword ptr ds:[ecx]
0042CA90 E8 8E4A1000 call MyqqEx(+.00531523
0042CA95 88443C 4C mov byte ptr ss:[esp+edi+0x4C],al
0042CA99 47 inc edi
0042CA9A 83FF 10 cmp edi,0x10
0042CA9D ^ 7C F1 jl XMyqqEx(+.0042CA90
0042CA9F 8B4C24 50 mov ecx,dword ptr ss:[esp+0x50]
0042CAA3 8B5424 54 mov edx,dword ptr ss:[esp+0x54]
0042CAA7 8B4424 4C mov eax,dword ptr ss:[esp+0x4C]
0042CAAB 8B7C24 58 mov edi,dword ptr ss:[esp+0x58]
0042CAAF 894C24 3C mov dword ptr ss:[esp+0x3C],ecx
0042CAB3 898C24 A8060000 mov dword ptr ss:[esp+0x6A8],ecx
0042CABA 56 push esi
0042CABB 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CAC2 895424 44 mov dword ptr ss:[esp+0x44],edx
0042CAC6 899424 B0060000 mov dword ptr ss:[esp+0x6B0],edx
0042CACD 51 push ecx
0042CACE 8D5424 38 lea edx,dword ptr ss:[esp+0x38]
0042CAD2 894424 40 mov dword ptr ss:[esp+0x40],eax
0042CAD6 898424 AC060000 mov dword ptr ss:[esp+0x6AC],eax
0042CADD 52 push edx
0042CADE 8D8424 C0060000 lea eax,dword ptr ss:[esp+0x6C0]
0042CAE5 C74424 3C 10000>mov dword ptr ss:[esp+0x3C],0x10
0042CAED 895C24 40 mov dword ptr ss:[esp+0x40],ebx
0042CAF1 897C24 50 mov dword ptr ss:[esp+0x50],edi
0042CAF5 885C24 54 mov byte ptr ss:[esp+0x54],bl
0042CAF9 89BC24 BC060000 mov dword ptr ss:[esp+0x6BC],edi
0042CB00 E8 5BA1FEFF call MyqqEx(+.00416C60
0042CB05 83C0 10 add eax,0x10
0042CB08 894424 1C mov dword ptr ss:[esp+0x1C],eax
0042CB0C 8B45 0C mov eax,dword ptr ss:[ebp+0xC]
0042CB0F 8D4C24 24 lea ecx,dword ptr ss:[esp+0x24]
0042CB13 05 80700000 add eax,0x7080
0042CB18 51 push ecx
0042CB19 BE 7C925800 mov esi,MyqqEx(+.0058927C ; %Y-%m-%d
0042CB1E 8D7C24 18 lea edi,dword ptr ss:[esp+0x18]
0042CB22 894424 28 mov dword ptr ss:[esp+0x28],eax
0042CB26 895C24 2C mov dword ptr ss:[esp+0x2C],ebx
0042CB2A E8 B156FEFF call MyqqEx(+.004121E0
0042CB2F 899C24 980C0000 mov dword ptr ss:[esp+0xC98],ebx
0042CB36 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB3A 8379 FC 01 cmp dword ptr ds:[ecx-0x4],0x1
0042CB3E 7E 0F jle XMyqqEx(+.0042CB4F
0042CB40 8B51 F4 mov edx,dword ptr ds:[ecx-0xC]
0042CB43 52 push edx
0042CB44 8BCF mov ecx,edi
0042CB46 E8 455AFDFF call MyqqEx(+.00402590
0042CB4B 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB4F 8D5424 5C lea edx,dword ptr ss:[esp+0x5C]
0042CB53 E8 D890FEFF call MyqqEx(+.00415C30
0042CB58 8B4424 14 mov eax,dword ptr ss:[esp+0x14]
0042CB5C 8B48 F8 mov ecx,dword ptr ds:[eax-0x8]
0042CB5F 51 push ecx
0042CB60 50 push eax
0042CB61 E8 EC441000 call MyqqEx(+.00531052
0042CB66 83C4 08 add esp,0x8
0042CB69 3BC3 cmp eax,ebx
0042CB6B 0F8C 6E010000 jl MyqqEx(+.0042CCDF
0042CB71 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB75 3B41 F8 cmp eax,dword ptr ds:[ecx-0x8]
0042CB78 0F8F 61010000 jg MyqqEx(+.0042CCDF
0042CB7E 8941 F4 mov dword ptr ds:[ecx-0xC],eax
0042CB81 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB85 881C08 mov byte ptr ds:[eax+ecx],bl
0042CB88 68 CB5D5800 push MyqqEx(+.00585DCB
0042CB8D 8D4C24 1C lea ecx,dword ptr ss:[esp+0x1C]
0042CB91 E8 AA5CFDFF call MyqqEx(+.00402840
0042CB96 8D4424 5C lea eax,dword ptr ss:[esp+0x5C]
0042CB9A C68424 980C0000>mov byte ptr ss:[esp+0xC98],0x1
0042CBA2 8D70 01 lea esi,dword ptr ds:[eax+0x1]
0042CBA5 8A08 mov cl,byte ptr ds:[eax]
0042CBA7 40 inc eax
0042CBA8 3ACB cmp cl,bl
0042CBAA ^ 75 F9 jnz XMyqqEx(+.0042CBA5
0042CBAC 2BC6 sub eax,esi
0042CBAE 50 push eax
0042CBAF 8D5424 60 lea edx,dword ptr ss:[esp+0x60]
0042CBB3 52 push edx
0042CBB4 8D4C24 20 lea ecx,dword ptr ss:[esp+0x20]
0042CBB8 E8 E362FDFF call MyqqEx(+.00402EA0
0042CBBD 8B4424 18 mov eax,dword ptr ss:[esp+0x18]
0042CBC1 51 push ecx
0042CBC2 83C0 F0 add eax,-0x10
0042CBC5 896424 30 mov dword ptr ss:[esp+0x30],esp
0042CBC9 8BF4 mov esi,esp
0042CBCB 50 push eax
0042CBCC 8D5C24 64 lea ebx,dword ptr ss:[esp+0x64]
0042CBD0 E8 9B54FDFF call MyqqEx(+.00402070
0042CBD5 83C0 10 add eax,0x10
0042CBD8 83C4 04 add esp,0x4
0042CBDB 8906 mov dword ptr ds:[esi],eax
0042CBDD E8 EE97FEFF call MyqqEx(+.004163D0
0042CBE2 8B4C24 64 mov ecx,dword ptr ss:[esp+0x64]
0042CBE6 8B4424 60 mov eax,dword ptr ss:[esp+0x60]
0042CBEA 8B5424 68 mov edx,dword ptr ss:[esp+0x68]
0042CBEE 83C4 04 add esp,0x4
0042CBF1 68 DC050000 push 0x5DC
0042CBF6 894C24 40 mov dword ptr ss:[esp+0x40],ecx
0042CBFA 894424 3C mov dword ptr ss:[esp+0x3C],eax
0042CBFE 8B4424 6C mov eax,dword ptr ss:[esp+0x6C]
0042CC02 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CC09 6A 00 push 0x0
0042CC0B 51 push ecx
0042CC0C C74424 3C 10000>mov dword ptr ss:[esp+0x3C],0x10
0042CC14 C74424 40 01000>mov dword ptr ss:[esp+0x40],0x1
0042CC1C 895424 4C mov dword ptr ss:[esp+0x4C],edx
0042CC20 894424 50 mov dword ptr ss:[esp+0x50],eax
0042CC24 C64424 54 00 mov byte ptr ss:[esp+0x54],0x0
0042CC29 E8 92801000 call MyqqEx(+.00534CC0
0042CC2E 8B5424 28 mov edx,dword ptr ss:[esp+0x28]
0042CC32 83C4 0C add esp,0xC
0042CC35 52 push edx
0042CC36 8D8424 A8060000 lea eax,dword ptr ss:[esp+0x6A8]
0042CC3D 50 push eax
0042CC3E 8D4C24 38 lea ecx,dword ptr ss:[esp+0x38]
0042CC42 51 push ecx
0042CC43 8D8424 D0000000 lea eax,dword ptr ss:[esp+0xD0]
0042CC4A E8 11A0FEFF call MyqqEx(+.00416C60
0042CC4F 8B7424 20 mov esi,dword ptr ss:[esp+0x20]
0042CC53 8D9424 C4000000 lea edx,dword ptr ss:[esp+0xC4]
0042CC5A 52 push edx
0042CC5B 56 push esi
0042CC5C 8BD8 mov ebx,eax
0042CC5E E8 AD9BFEFF call MyqqEx(+.00416810
0042CC63 C68424 A00C0000>mov byte ptr ss:[esp+0xCA0],0x0
0042CC6B 8B4424 20 mov eax,dword ptr ss:[esp+0x20]
0042CC6F 83C0 F0 add eax,-0x10
0042CC72 83C4 08 add esp,0x8
0042CC75 8D48 0C lea ecx,dword ptr ds:[eax+0xC]
0042CC78 83CA FF or edx,0xFFFFFFFF
0042CC7B F0:0FC111 lock xadd dword ptr ds:[ecx],edx
0042CC7F 4A dec edx
0042CC80 85D2 test edx,edx
0042CC82 7F 0A jg XMyqqEx(+.0042CC8E
0042CC84 8B08 mov ecx,dword ptr ds:[eax]
0042CC86 8B11 mov edx,dword ptr ds:[ecx]
0042CC88 50 push eax
0042CC89 8B42 04 mov eax,dword ptr ds:[edx+0x4]
0042CC8C FFD0 call eax
0042CC8E C78424 980C0000>mov dword ptr ss:[esp+0xC98],-0x1
0042CC99 8B4424 14 mov eax,dword ptr ss:[esp+0x14]
0042CC9D 83C0 F0 add eax,-0x10
0042CCA0 8D48 0C lea ecx,dword ptr ds:[eax+0xC]
0042CCA3 83CA FF or edx,0xFFFFFFFF
0042CCA6 F0:0FC111 lock xadd dword ptr ds:[ecx],edx
0042CCAA 4A dec edx
0042CCAB 85D2 test edx,edx
0042CCAD 7F 0A jg XMyqqEx(+.0042CCB9
0042CCAF 8B08 mov ecx,dword ptr ds:[eax]
0042CCB1 8B11 mov edx,dword ptr ds:[ecx]
0042CCB3 50 push eax
0042CCB4 8B42 04 mov eax,dword ptr ds:[edx+0x4]
0042CCB7 FFD0 call eax
0042CCB9 8BC6 mov eax,esi
0042CCBB 8B8C24 900C0000 mov ecx,dword ptr ss:[esp+0xC90]
0042CCC2 64:890D 0000000>mov dword ptr fs:[0],ecx
0042CCC9 59 pop ecx
0042CCCA 5F pop edi
0042CCCB 5E pop esi
0042CCCC 5B pop ebx
0042CCCD 8B8C24 780C0000 mov ecx,dword ptr ss:[esp+0xC78]
0042CCD4 33CC xor ecx,esp
0042CCD6 E8 6D3D1000 call MyqqEx(+.00530A48
0042CCDB 8BE5 mov esp,ebp
0042CCDD 5D pop ebp
0042CCDE C3 retn
软件主图,我等下上传.
好像每次取的机器码加密出来数字都不一样的,看来作者经过加密处理的
00404F9D 56 push esi
00404F9E 51 push ecx
00404F9F E8 2C7A0200 call MyqqEx(+.0042C9D0 ; 这个call进去有怀疑,高手帮忙分析下,是不是取机器码的call并且经过加密处理.可以直接下硬件断点到这里...
0042C9D0 55 push ebp
0042C9D1 8BEC mov ebp,esp
0042C9D3 83E4 F8 and esp,0xFFFFFFF8
0042C9D6 6A FF push -0x1
0042C9D8 68 56BC5500 push MyqqEx(+.0055BC56
0042C9DD 64:A1 00000000 mov eax,dword ptr fs:[0]
0042C9E3 50 push eax
0042C9E4 81EC 800C0000 sub esp,0xC80
0042C9EA A1 64C75A00 mov eax,dword ptr ds:[0x5AC764]
0042C9EF 33C4 xor eax,esp
0042C9F1 898424 780C0000 mov dword ptr ss:[esp+0xC78],eax
0042C9F8 53 push ebx
0042C9F9 56 push esi
0042C9FA 57 push edi
0042C9FB A1 64C75A00 mov eax,dword ptr ds:[0x5AC764]
0042CA00 33C4 xor eax,esp
0042CA02 50 push eax
0042CA03 8D8424 900C0000 lea eax,dword ptr ss:[esp+0xC90]
0042CA0A 64:A3 00000000 mov dword ptr fs:[0],eax
0042CA10 8B45 08 mov eax,dword ptr ss:[ebp+0x8]
0042CA13 33DB xor ebx,ebx
0042CA15 68 DC050000 push 0x5DC
0042CA1A 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CA21 53 push ebx
0042CA22 51 push ecx
0042CA23 894424 2C mov dword ptr ss:[esp+0x2C],eax
0042CA27 895C24 28 mov dword ptr ss:[esp+0x28],ebx
0042CA2B E8 90821000 call MyqqEx(+.00534CC0
0042CA30 83C4 0C add esp,0xC
0042CA33 68 DC050000 push 0x5DC
0042CA38 8D9424 A8060000 lea edx,dword ptr ss:[esp+0x6A8]
0042CA3F 53 push ebx
0042CA40 52 push edx
0042CA41 E8 7A821000 call MyqqEx(+.00534CC0
0042CA46 83C4 0C add esp,0xC
0042CA49 8DB424 C8000000 lea esi,dword ptr ss:[esp+0xC8]
0042CA50 889C24 C4000000 mov byte ptr ss:[esp+0xC4],bl
0042CA57 889C24 C5000000 mov byte ptr ss:[esp+0xC5],bl
0042CA5E 889C24 C6000000 mov byte ptr ss:[esp+0xC6],bl
0042CA65 C68424 C7000000>mov byte ptr ss:[esp+0xC7],0x7
0042CA6D E8 3EFEFFFF call MyqqEx(+.0042C8B0
0042CA72 8BF0 mov esi,eax
0042CA74 83C6 04 add esi,0x4
0042CA77 8D8434 C4000000 lea eax,dword ptr ss:[esp+esi+0xC4]
0042CA7E 50 push eax
0042CA7F E8 ACF7FFFF call MyqqEx(+.0042C230
0042CA84 83C4 04 add esp,0x4
0042CA87 03F0 add esi,eax
0042CA89 33FF xor edi,edi
0042CA8B EB 03 jmp XMyqqEx(+.0042CA90
0042CA8D 8D49 00 lea ecx,dword ptr ds:[ecx]
0042CA90 E8 8E4A1000 call MyqqEx(+.00531523
0042CA95 88443C 4C mov byte ptr ss:[esp+edi+0x4C],al
0042CA99 47 inc edi
0042CA9A 83FF 10 cmp edi,0x10
0042CA9D ^ 7C F1 jl XMyqqEx(+.0042CA90
0042CA9F 8B4C24 50 mov ecx,dword ptr ss:[esp+0x50]
0042CAA3 8B5424 54 mov edx,dword ptr ss:[esp+0x54]
0042CAA7 8B4424 4C mov eax,dword ptr ss:[esp+0x4C]
0042CAAB 8B7C24 58 mov edi,dword ptr ss:[esp+0x58]
0042CAAF 894C24 3C mov dword ptr ss:[esp+0x3C],ecx
0042CAB3 898C24 A8060000 mov dword ptr ss:[esp+0x6A8],ecx
0042CABA 56 push esi
0042CABB 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CAC2 895424 44 mov dword ptr ss:[esp+0x44],edx
0042CAC6 899424 B0060000 mov dword ptr ss:[esp+0x6B0],edx
0042CACD 51 push ecx
0042CACE 8D5424 38 lea edx,dword ptr ss:[esp+0x38]
0042CAD2 894424 40 mov dword ptr ss:[esp+0x40],eax
0042CAD6 898424 AC060000 mov dword ptr ss:[esp+0x6AC],eax
0042CADD 52 push edx
0042CADE 8D8424 C0060000 lea eax,dword ptr ss:[esp+0x6C0]
0042CAE5 C74424 3C 10000>mov dword ptr ss:[esp+0x3C],0x10
0042CAED 895C24 40 mov dword ptr ss:[esp+0x40],ebx
0042CAF1 897C24 50 mov dword ptr ss:[esp+0x50],edi
0042CAF5 885C24 54 mov byte ptr ss:[esp+0x54],bl
0042CAF9 89BC24 BC060000 mov dword ptr ss:[esp+0x6BC],edi
0042CB00 E8 5BA1FEFF call MyqqEx(+.00416C60
0042CB05 83C0 10 add eax,0x10
0042CB08 894424 1C mov dword ptr ss:[esp+0x1C],eax
0042CB0C 8B45 0C mov eax,dword ptr ss:[ebp+0xC]
0042CB0F 8D4C24 24 lea ecx,dword ptr ss:[esp+0x24]
0042CB13 05 80700000 add eax,0x7080
0042CB18 51 push ecx
0042CB19 BE 7C925800 mov esi,MyqqEx(+.0058927C ; %Y-%m-%d
0042CB1E 8D7C24 18 lea edi,dword ptr ss:[esp+0x18]
0042CB22 894424 28 mov dword ptr ss:[esp+0x28],eax
0042CB26 895C24 2C mov dword ptr ss:[esp+0x2C],ebx
0042CB2A E8 B156FEFF call MyqqEx(+.004121E0
0042CB2F 899C24 980C0000 mov dword ptr ss:[esp+0xC98],ebx
0042CB36 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB3A 8379 FC 01 cmp dword ptr ds:[ecx-0x4],0x1
0042CB3E 7E 0F jle XMyqqEx(+.0042CB4F
0042CB40 8B51 F4 mov edx,dword ptr ds:[ecx-0xC]
0042CB43 52 push edx
0042CB44 8BCF mov ecx,edi
0042CB46 E8 455AFDFF call MyqqEx(+.00402590
0042CB4B 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB4F 8D5424 5C lea edx,dword ptr ss:[esp+0x5C]
0042CB53 E8 D890FEFF call MyqqEx(+.00415C30
0042CB58 8B4424 14 mov eax,dword ptr ss:[esp+0x14]
0042CB5C 8B48 F8 mov ecx,dword ptr ds:[eax-0x8]
0042CB5F 51 push ecx
0042CB60 50 push eax
0042CB61 E8 EC441000 call MyqqEx(+.00531052
0042CB66 83C4 08 add esp,0x8
0042CB69 3BC3 cmp eax,ebx
0042CB6B 0F8C 6E010000 jl MyqqEx(+.0042CCDF
0042CB71 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB75 3B41 F8 cmp eax,dword ptr ds:[ecx-0x8]
0042CB78 0F8F 61010000 jg MyqqEx(+.0042CCDF
0042CB7E 8941 F4 mov dword ptr ds:[ecx-0xC],eax
0042CB81 8B4C24 14 mov ecx,dword ptr ss:[esp+0x14]
0042CB85 881C08 mov byte ptr ds:[eax+ecx],bl
0042CB88 68 CB5D5800 push MyqqEx(+.00585DCB
0042CB8D 8D4C24 1C lea ecx,dword ptr ss:[esp+0x1C]
0042CB91 E8 AA5CFDFF call MyqqEx(+.00402840
0042CB96 8D4424 5C lea eax,dword ptr ss:[esp+0x5C]
0042CB9A C68424 980C0000>mov byte ptr ss:[esp+0xC98],0x1
0042CBA2 8D70 01 lea esi,dword ptr ds:[eax+0x1]
0042CBA5 8A08 mov cl,byte ptr ds:[eax]
0042CBA7 40 inc eax
0042CBA8 3ACB cmp cl,bl
0042CBAA ^ 75 F9 jnz XMyqqEx(+.0042CBA5
0042CBAC 2BC6 sub eax,esi
0042CBAE 50 push eax
0042CBAF 8D5424 60 lea edx,dword ptr ss:[esp+0x60]
0042CBB3 52 push edx
0042CBB4 8D4C24 20 lea ecx,dword ptr ss:[esp+0x20]
0042CBB8 E8 E362FDFF call MyqqEx(+.00402EA0
0042CBBD 8B4424 18 mov eax,dword ptr ss:[esp+0x18]
0042CBC1 51 push ecx
0042CBC2 83C0 F0 add eax,-0x10
0042CBC5 896424 30 mov dword ptr ss:[esp+0x30],esp
0042CBC9 8BF4 mov esi,esp
0042CBCB 50 push eax
0042CBCC 8D5C24 64 lea ebx,dword ptr ss:[esp+0x64]
0042CBD0 E8 9B54FDFF call MyqqEx(+.00402070
0042CBD5 83C0 10 add eax,0x10
0042CBD8 83C4 04 add esp,0x4
0042CBDB 8906 mov dword ptr ds:[esi],eax
0042CBDD E8 EE97FEFF call MyqqEx(+.004163D0
0042CBE2 8B4C24 64 mov ecx,dword ptr ss:[esp+0x64]
0042CBE6 8B4424 60 mov eax,dword ptr ss:[esp+0x60]
0042CBEA 8B5424 68 mov edx,dword ptr ss:[esp+0x68]
0042CBEE 83C4 04 add esp,0x4
0042CBF1 68 DC050000 push 0x5DC
0042CBF6 894C24 40 mov dword ptr ss:[esp+0x40],ecx
0042CBFA 894424 3C mov dword ptr ss:[esp+0x3C],eax
0042CBFE 8B4424 6C mov eax,dword ptr ss:[esp+0x6C]
0042CC02 8D8C24 C8000000 lea ecx,dword ptr ss:[esp+0xC8]
0042CC09 6A 00 push 0x0
0042CC0B 51 push ecx
0042CC0C C74424 3C 10000>mov dword ptr ss:[esp+0x3C],0x10
0042CC14 C74424 40 01000>mov dword ptr ss:[esp+0x40],0x1
0042CC1C 895424 4C mov dword ptr ss:[esp+0x4C],edx
0042CC20 894424 50 mov dword ptr ss:[esp+0x50],eax
0042CC24 C64424 54 00 mov byte ptr ss:[esp+0x54],0x0
0042CC29 E8 92801000 call MyqqEx(+.00534CC0
0042CC2E 8B5424 28 mov edx,dword ptr ss:[esp+0x28]
0042CC32 83C4 0C add esp,0xC
0042CC35 52 push edx
0042CC36 8D8424 A8060000 lea eax,dword ptr ss:[esp+0x6A8]
0042CC3D 50 push eax
0042CC3E 8D4C24 38 lea ecx,dword ptr ss:[esp+0x38]
0042CC42 51 push ecx
0042CC43 8D8424 D0000000 lea eax,dword ptr ss:[esp+0xD0]
0042CC4A E8 11A0FEFF call MyqqEx(+.00416C60
0042CC4F 8B7424 20 mov esi,dword ptr ss:[esp+0x20]
0042CC53 8D9424 C4000000 lea edx,dword ptr ss:[esp+0xC4]
0042CC5A 52 push edx
0042CC5B 56 push esi
0042CC5C 8BD8 mov ebx,eax
0042CC5E E8 AD9BFEFF call MyqqEx(+.00416810
0042CC63 C68424 A00C0000>mov byte ptr ss:[esp+0xCA0],0x0
0042CC6B 8B4424 20 mov eax,dword ptr ss:[esp+0x20]
0042CC6F 83C0 F0 add eax,-0x10
0042CC72 83C4 08 add esp,0x8
0042CC75 8D48 0C lea ecx,dword ptr ds:[eax+0xC]
0042CC78 83CA FF or edx,0xFFFFFFFF
0042CC7B F0:0FC111 lock xadd dword ptr ds:[ecx],edx
0042CC7F 4A dec edx
0042CC80 85D2 test edx,edx
0042CC82 7F 0A jg XMyqqEx(+.0042CC8E
0042CC84 8B08 mov ecx,dword ptr ds:[eax]
0042CC86 8B11 mov edx,dword ptr ds:[ecx]
0042CC88 50 push eax
0042CC89 8B42 04 mov eax,dword ptr ds:[edx+0x4]
0042CC8C FFD0 call eax
0042CC8E C78424 980C0000>mov dword ptr ss:[esp+0xC98],-0x1
0042CC99 8B4424 14 mov eax,dword ptr ss:[esp+0x14]
0042CC9D 83C0 F0 add eax,-0x10
0042CCA0 8D48 0C lea ecx,dword ptr ds:[eax+0xC]
0042CCA3 83CA FF or edx,0xFFFFFFFF
0042CCA6 F0:0FC111 lock xadd dword ptr ds:[ecx],edx
0042CCAA 4A dec edx
0042CCAB 85D2 test edx,edx
0042CCAD 7F 0A jg XMyqqEx(+.0042CCB9
0042CCAF 8B08 mov ecx,dword ptr ds:[eax]
0042CCB1 8B11 mov edx,dword ptr ds:[ecx]
0042CCB3 50 push eax
0042CCB4 8B42 04 mov eax,dword ptr ds:[edx+0x4]
0042CCB7 FFD0 call eax
0042CCB9 8BC6 mov eax,esi
0042CCBB 8B8C24 900C0000 mov ecx,dword ptr ss:[esp+0xC90]
0042CCC2 64:890D 0000000>mov dword ptr fs:[0],ecx
0042CCC9 59 pop ecx
0042CCCA 5F pop edi
0042CCCB 5E pop esi
0042CCCC 5B pop ebx
0042CCCD 8B8C24 780C0000 mov ecx,dword ptr ss:[esp+0xC78]
0042CCD4 33CC xor ecx,esp
0042CCD6 E8 6D3D1000 call MyqqEx(+.00530A48
0042CCDB 8BE5 mov esp,ebp
0042CCDD 5D pop ebp
0042CCDE C3 retn
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
