首页
社区
课程
招聘
[旧帖] [求助]请问碰到这种PE分析结果该怎么办呀? 0.00雪花
发表于: 2007-5-8 17:07 4119

[旧帖] [求助]请问碰到这种PE分析结果该怎么办呀? 0.00雪花

2007-5-8 17:07
4119
Import Module 007: kernel32.dll

Addr:0017AD76 hint(0000) Name: 拷贝字符串
Addr:0017AD82 hint(0000) Name: lstrcmpA
Addr:0017AD8E hint(0000) Name: 写ini文件
Addr:0017ADAC hint(0000) Name: 写文件
Addr:0017ADB8 hint(0000) Name: WideCharToMultiByte
Addr:0017ADCE hint(0000) Name: WaitForSingleObject
Addr:0017ADE4 hint(0000) Name: VirtualQuery
Addr:0017ADF4 hint(0000) Name: 页面分配内存
Addr:0017AE04 hint(0000) Name: Sleep
Addr:0017AE0C hint(0000) Name: SizeofResource
Addr:0017AE1E hint(0000) Name: SetThreadLocale
Addr:0017AE30 hint(0000) Name: 设置文件指针
Addr:0017AE42 hint(0000) Name: SetEvent
Addr:0017AE4E hint(0000) Name: SetErrorMode
Addr:0017AE5E hint(0000) Name: SetEndOfFile
Addr:0017AE6E hint(0000) Name: SearchPathA
Addr:0017AE7C hint(0000) Name: ResetEvent
Addr:0017AE8A hint(0000) Name: ReleaseMutex
Addr:0017AE9A hint(0000) Name: ReadFile
Addr:0017AEA6 hint(0000) Name: OpenFileMappingA
Addr:0017AEBA hint(0000) Name: MultiByteToWideChar
Addr:0017AED0 hint(0000) Name: MulDiv
Addr:0017AEDA hint(0000) Name: LockResource
Addr:0017AEEA hint(0000) Name: LoadResource
Addr:0017AEFA hint(0000) Name: 装载dll
Addr:0017AF0A hint(0000) Name: LeaveCriticalSection
Addr:0017AF22 hint(0000) Name: IsDBCSLeadByte
Addr:0017AF34 hint(0000) Name: InitializeCriticalSection
Addr:0017AF50 hint(0000) Name: 全局解锁内存
Addr:0017AF60 hint(0000) Name: GlobalReAlloc
Addr:0017AF70 hint(0000) Name: GlobalMemoryStatus
Addr:0017AF86 hint(0000) Name: GlobalHandle
Addr:0017AF96 hint(0000) Name: 全局锁定内存
Addr:0017AFA4 hint(0000) Name: GlobalFree
Addr:0017AFB2 hint(0000) Name: GlobalFindAtomA
Addr:0017AFC4 hint(0000) Name: GlobalDeleteAtom
Addr:0017AFD8 hint(0000) Name: 全局分配内存
Addr:0017AFE6 hint(0000) Name: GlobalAddAtomA
Addr:0017AFF8 hint(0000) Name: GetVersionExA
Addr:0017B008 hint(0000) Name: 得到windows版本
Addr:0017B016 hint(0000) Name: GetTickCount
Addr:0017B026 hint(0000) Name: GetThreadLocale
Addr:0017B038 hint(0000) Name: GetSystemInfo
Addr:0017B048 hint(0000) Name: GetStringTypeExA
Addr:0017B05C hint(0000) Name: GetStdHandle
Addr:0017B06C hint(0000) Name: GetProfileStringA
Addr:0017B080 hint(0000) Name: GetProcAddress
Addr:0017B092 hint(0000) Name: 读ini文件
Addr:0017B0AE hint(0000) Name: 得到模块句柄
Addr:0017B0C2 hint(0000) Name: 得到模块名称
Addr:0017B0D8 hint(0000) Name: GetLocaleInfoA
Addr:0017B0EA hint(0000) Name: GetLocalTime
Addr:0017B0FA hint(0000) Name: GetLastError
Addr:0017B10A hint(0000) Name: GetFullPathNameA
Addr:0017B11E hint(0000) Name: GetDiskFreeSpaceA
Addr:0017B132 hint(0000) Name: GetDateFormatA
Addr:0017B144 hint(0000) Name: GetCurrentThreadId
Addr:0017B15A hint(0000) Name: GetCurrentProcessId
Addr:0017B170 hint(0000) Name: GetCurrentDirectoryA
Addr:0017B188 hint(0000) Name: GetCPInfo
Addr:0017B194 hint(0000) Name: GetACP
Addr:0017B19E hint(0000) Name: FreeResource
Addr:0017B1AE hint(0000) Name: InterlockedIncrement
Addr:0017B1C6 hint(0000) Name: InterlockedExchange
Addr:0017B1DC hint(0000) Name: InterlockedDecrement
Addr:0017B1F4 hint(0000) Name: 释放dll
Addr:0017B202 hint(0000) Name: FormatMessageA
Addr:0017B214 hint(0000) Name: FindResourceA
Addr:0017B224 hint(0000) Name: FindFirstFileA
Addr:0017B236 hint(0000) Name: FindClose
Addr:0017B242 hint(0000) Name: FatalAppExitA
Addr:0017B252 hint(0000) Name: EnumCalendarInfoA
Addr:0017B266 hint(0000) Name: EnterCriticalSection
Addr:0017B27E hint(0000) Name: DeleteCriticalSection
Addr:0017B296 hint(0000) Name: CreateThread
Addr:0017B2A6 hint(0000) Name: CreateMutexA
Addr:0017B2B6 hint(0000) Name: 解密最喜欢看到的
Addr:0017B2C4 hint(0000) Name: CreateEventA
Addr:0017B2D4 hint(0000) Name: CompareStringA
Addr:0017B2E6 hint(0000) Name: 关闭句柄

以上是我在弄一个销售管理软件时遇到的,是用Delph写的,看到这些后就不知道怎么办了,用OD搜前面的Addr:0017B2B6 hint(0000) Name: 解密最喜欢看到的说没有这个地址,帮帮忙啊,大哥大姐们~~

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 0
支持
分享
最新回复 (2)
雪    币: 207
活跃值: (10)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
2
另外,PE分析结果前面的ADDR和后面的数字是什么?
小弟不懂就来问了,大家不要笑话我哦~~~~
2007-5-8 17:25
0
雪    币: 207
活跃值: (10)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
3
没人碰到过这种情况吗?
2007-5-9 11:02
0
游客
登录 | 注册 方可回帖
返回
//