00765BE0 /$ 56 push esi
00765BE1 |. 57 push edi
00765BE2 |. 8B7C24 0C mov edi, dword ptr [esp+C]
00765BE6 |. 8BF1 mov esi, ecx
00765BE8 |. C707 00000000 mov dword ptr [edi], 0
00765BEE |. 8B46 1C mov eax, dword ptr [esi+1C]
00765BF1 |. 85C0 test eax, eax
00765BF3 |. 7E 15 jle short 00765C0A
00765BF5 |. 56 push esi ; /pCriticalSection
00765BF6 |. FF15 E4D07A00 call dword ptr [<&KERNEL32.EnterCriti>; \EnterCriticalSection
00765BFC |. 8B46 1C mov eax, dword ptr [esi+1C]
00765BFF |. 85C0 test eax, eax
00765C01 |. 7F 0E jg short 00765C11
00765C03 |. 56 push esi ; /pCriticalSection
00765C04 |. FF15 DCD07A00 call dword ptr [<&KERNEL32.LeaveCriti>; \LeaveCriticalSection
00765C0A |> 5F pop edi
00765C0B |. 33C0 xor eax, eax
00765C0D |. 5E pop esi
00765C0E |. C2 0400 retn 4
00765C11 |> 8B46 28 mov eax, dword ptr [esi+28]
00765C14 |. 53 push ebx
00765C15 |. 8B58 04 mov ebx, dword ptr [eax+4]
00765C18 |. 8B00 mov eax, dword ptr [eax]
00765C1A |. 8907 mov dword ptr [edi], eax
00765C1C |. 8B7E 28 mov edi, dword ptr [esi+28]
00765C1F |. 8B46 1C mov eax, dword ptr [esi+1C]
00765C22 |. 8B4F 08 mov ecx, dword ptr [edi+8]
00765C25 |. 48 dec eax
00765C26 |. 56 push esi ; /pCriticalSection
00765C27 |. 894E 28 mov dword ptr [esi+28], ecx ; |
00765C2A |. 8946 1C mov dword ptr [esi+1C], eax ; |
00765C2D |. FF15 DCD07A00 call dword ptr [<&KERNEL32.LeaveCriti>; \LeaveCriticalSection
00765C33 |. 57 push edi
00765C34 |. E8 67340400 call <jmp.&MSVCR71.operator delete>
00765C39 |. 83C4 04 add esp, 4
00765C3C |. 8BC3 mov eax, ebx
00765C3E |. 5B pop ebx
00765C3F |. 5F pop edi
00765C40 |. 5E pop esi
00765C41 \. C2 0400 retn 4
请逆向高手帮忙解释一下,独自看了好久不是太明白。。
[课程]FART 脱壳王!加量不加价!FART作者讲授!
