0051EFF9 E8 321BF4FF call 脱壳.00460B30
0051EFFE 8B15 58625200 mov edx,dword ptr ds:[526258] ; 脱壳.00527F2C
0051F004 8902 mov dword ptr ds:[edx],eax
0051F006 A1 58625200 mov eax,dword ptr ds:[526258]
0051F00B 8B00 mov eax,dword ptr ds:[eax]
0051F00D 8B10 mov edx,dword ptr ds:[eax]
0051F00F FF92 E8000000 call dword ptr ds:[edx+E8]
0051F015 E9 F1000000 jmp 脱壳.0051F10B
0051F01A DD45 D0 fld qword ptr ss:[ebp-30]
0051F01D DC65 D8 fsub qword ptr ss:[ebp-28]
0051F020 DD5D C8 fstp qword ptr ss:[ebp-38]
0051F023 9B wait
0051F024 D905 B4F25100 fld dword ptr ds:[51F2B4]
0051F02A DC65 C8 fsub qword ptr ss:[ebp-38]
0051F02D E8 223DEEFF call 脱壳.00402D54
0051F032 8B55 FC mov edx,dword ptr ss:[ebp-4]
0051F035 8982 98030000 mov dword ptr ds:[edx+398],eax ; 这里信息窗口出现试用日期eax=1E
0051F03B DD45 C8 fld qword ptr ss:[ebp-38]
0051F03E D81D B4F25100 fcomp dword ptr ds:[51F2B4]
0051F044 DFE0 fstsw ax ; 信息窗口看到ax=001E,修改这里,使1E=3E8
0051F046 9E sahf
0051F047 77 0E ja short 脱壳.0051F057
0051F049 DD45 C8 fld qword ptr ss:[ebp-38]
0051F04C D81D B8F25100 fcomp dword ptr ds:[51F2B8]
0051F052 DFE0 fstsw ax
0051F054 9E sahf
0051F055 73 3E jnb short 脱壳.0051F095 ; 跳转
0051F057 B8 C4F25100 mov eax,脱壳.0051F2C4 ; 已超过试用期,请先注册(20元)\n联系电话0754-5852402 1335677963
0051F05C E8 171FF2FF call 脱壳.00440F78
0051F061 8B4D FC mov ecx,dword ptr ss:[ebp-4]
0051F064 B2 01 mov dl,1
0051F066 A1 D46E5100 mov eax,dword ptr ds:[516ED4]
0051F06B E8 C01AF4FF call 脱壳.00460B30
0051F070 8B15 AC685200 mov edx,dword ptr ds:[5268AC] ; 脱壳.00527EF4
0051F076 8902 mov dword ptr ds:[edx],eax
0051F078 A1 AC685200 mov eax,dword ptr ds:[5268AC]
0051F07D 8B00 mov eax,dword ptr ds:[eax]
0051F07F 8B10 mov edx,dword ptr ds:[eax]
0051F081 FF92 E8000000 call dword ptr ds:[edx+E8]
0051F087 A1 E8675200 mov eax,dword ptr ds:[5267E8]
0051F08C 8B00 mov eax,dword ptr ds:[eax]
0051F08E E8 C992F4FF call 脱壳.0046835C
0051F093 EB 76 jmp short 脱壳.0051F10B
0051F095 68 0CF35100 push 脱壳.0051F30C ; 试用期剩
0051F09A 8B45 FC mov eax,dword ptr ss:[ebp-4]
0051F09D DB80 98030000 fild dword ptr ds:[eax+398] ; 这里信息窗口看到“ds:[00EB3EBC]=000003E8 (十进制 1000.)”
0051F0A3 83C4 F4 add esp,-0C
0051F0A6 DB3C24 fstp tbyte ptr ss:[esp]
0051F0A9 9B wait
0051F0AA 8D85 88FDFFFF lea eax,dword ptr ss:[ebp-278]
0051F0B0 E8 AFBDEEFF call 脱壳.0040AE64
0051F0B5 FFB5 88FDFFFF push dword ptr ss:[ebp-278] ; 这里信息窗口看到“堆栈 ss:[0012F948]=00EC86FC, (ASCII "1000")”
0051F0BB 68 20F35100 push 脱壳.0051F320 ; 天,请尽快注册(30元)
0051F0C0 68 3CF35100 push 脱壳.0051F33C
0051F0C5 68 48F35100 push 脱壳.0051F348
0051F0CA 8D85 8CFDFFFF lea eax,dword ptr ss:[ebp-274]
0051F0D0 BA 05000000 mov edx,5
0051F0D5 E8 0E5CEEFF call 脱壳.00404CE8
0051F0DA 8B85 8CFDFFFF mov eax,dword ptr ss:[ebp-274]
0051F0E0 E8 931EF2FF call 脱壳.00440F78 ; 这里弹出试用期的窗口
0051F0E5 8B4D FC mov ecx,dword ptr ss:[ebp-4]
0051F0E8 B2 01 mov dl,1
0051F0EA A1 D46E5100 mov eax,dword ptr ds:[516ED4]
0051F0EF E8 3C1AF4FF call 脱壳.00460B30
0051F0F4 8B15 AC685200 mov edx,dword ptr ds:[5268AC] ; 脱壳.00527EF4
0051F0FA 8902 mov dword ptr ds:[edx],eax
0051F0FC A1 AC685200 mov eax,dword ptr ds:[5268AC]
0051F101 8B00 mov eax,dword ptr ds:[eax]
0051F103 8B10 mov edx,dword ptr ds:[eax]
0051F105 FF92 E8000000 call dword ptr ds:[edx+E8] ; 这里弹出注册窗口,信息窗口看到“ds:[00517008]=00464E1C (脱壳.00464E1C)”
这样修改后,请问要怎么保存为可执行文件?
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
