00661014 > B8 00000000 mov eax, 0
00661019 60 pushad
0066101A 0BC0 or eax, eax
0066101C 74 68 je short 00661086
0066101E E8 00000000 call 00661023
00661023 58 pop eax
00661024 05 53000000 add eax, 53
00661029 8038 E9 cmp byte ptr [eax], 0E9
0066102C 75 13 jnz short 00661041
0066102E 61 popad
0066102F EB 45 jmp short 00661076
00661031 DB2D 37106600 fld tbyte ptr [661037]
00661037 FFFF ??? ; 未知命令
00661039 FFFF ??? ; 未知命令
0066103B FFFF ??? ; 未知命令
0066103D FFFF ??? ; 未知命令
0066103F 3D 40E80000 cmp eax, 0E840
00661044 0000 add byte ptr [eax], al
00661046 58 pop eax
00661047 25 00F0FFFF and eax, FFFFF000
0066104C 33FF xor edi, edi
0066104E 66:BB 195A mov bx, 5A19
00661052 66:83C3 34 add bx, 34
00661056 66:3918 cmp word ptr [eax], bx
00661059 75 12 jnz short 0066106D
0066105B 0FB750 3C movzx edx, word ptr [eax+3C]
一个刚刚出炉的新程序,peid无法识别啊,加载脚本根本就不运行
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课