004E7108 55 push ebp
004E7109 8BEC mov ebp, esp
004E710B 81C498FDFFFF add esp, $FFFFFD98
004E7111 53 push ebx
004E7112 33C9 xor ecx, ecx
004E7114 898D9CFDFFFF mov [ebp+$FFFFFD9C], ecx
004E711A 898D98FDFFFF mov [ebp+$FFFFFD98], ecx
004E7120 898DA4FDFFFF mov [ebp+$FFFFFDA4], ecx
004E7126 898DA0FDFFFF mov [ebp+$FFFFFDA0], ecx
004E712C 898DACFEFFFF mov [ebp+$FFFFFEAC], ecx
004E7132 898DA8FEFFFF mov [ebp+$FFFFFEA8], ecx
004E7138 8945FC mov [ebp-$04], eax
004E713B 33C0 xor eax, eax
004E713D 55 push ebp
* Possible String Reference to: '橐?爰[嬪]?
|
004E713E 68BA734E00 push $004E73BA
***** TRY
|
004E7143 64FF30 push dword ptr fs:[eax]
004E7146 648920 mov fs:[eax], esp
004E7149 33C0 xor eax, eax
004E714B 8945F8 mov [ebp-$08], eax
004E714E 33C0 xor eax, eax
004E7150 55 push ebp
* Possible String Reference to: '?玉腽?
|
004E7151 6893724E00 push $004E7293
***** TRY
|
004E7156 64FF30 push dword ptr fs:[eax]
004E7159 648920 mov fs:[eax], esp
004E715C 68FFFF0000 push $0000FFFF
004E7161 8D95A8FEFFFF lea edx, [ebp+$FFFFFEA8]
* Reference to TApplication instance
|
004E7167 A1F46C4F00 mov eax, dword ptr [$004F6CF4]
004E716C 8B00 mov eax, [eax]
* Reference to: Forms.TApplication.GetExeName(TApplication):AnsiString;
|
004E716E E8F1ADF9FF call 00481F64
004E7173 8B85A8FEFFFF mov eax, [ebp+$FFFFFEA8]
004E7179 8D95ACFEFFFF lea edx, [ebp+$FFFFFEAC]
* Reference to: SysUtils.ExtractFilePath(AnsiString):AnsiString;
|
004E717F E82C2BF2FF call 00409CB0
004E7184 8D85ACFEFFFF lea eax, [ebp+$FFFFFEAC]
* Possible String Reference to: 'finance.exe'
|
004E718A BAD0734E00 mov edx, $004E73D0
* Reference to: System.@LStrCat;
|
004E718F E880DDF1FF call 00404F14
004E7194 8B8DACFEFFFF mov ecx, [ebp+$FFFFFEAC]
004E719A B201 mov dl, $01
* Reference to class TFileStream
|
004E719C A108B44100 mov eax, dword ptr [$0041B408]
* Reference to: Classes.TFileStream.Create(TFileStream;boolean;AnsiString;Word);overload;
|
004E71A1 E8EA90F3FF call 00420290
004E71A6 8945F8 mov [ebp-$08], eax
004E71A9 8D95A0FDFFFF lea edx, [ebp+$FFFFFDA0]
004E71AF 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.edtRegister : TEdit
|
004E71B2 8B8014030000 mov eax, [eax+$0314]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
004E71B8 E8FBA7F7FF call 004619B8
004E71BD 8B85A0FDFFFF mov eax, [ebp+$FFFFFDA0]
004E71C3 8D95A4FDFFFF lea edx, [ebp+$FFFFFDA4]
* Reference to: SysUtils.Trim(AnsiString):AnsiString;overload;
|
004E71C9 E8A622F2FF call 00409474
004E71CE 8B95A4FDFFFF mov edx, [ebp+$FFFFFDA4]
004E71D4 8D85A8FDFFFF lea eax, [ebp+$FFFFFDA8]
004E71DA B9FF000000 mov ecx, $000000FF
* Reference to: System.@LStrToString;
|
004E71DF E804DDF1FF call 00404EE8
004E71E4 8D95A8FDFFFF lea edx, [ebp+$FFFFFDA8]
004E71EA 8D85B3FEFFFF lea eax, [ebp+$FFFFFEB3]
004E71F0 B128 mov cl, $28
* Reference to: System.@PStrNCpy(PShortString;PShortString;Byte);
|
004E71F2 E871BFF1FF call 00403168
004E71F7 C785E4FEFFFF64000000 mov dword ptr [ebp+$FFFFFEE4], $00000064
004E7201 C745E8B0726891 mov dword ptr [ebp-$18], $916872B0
004E7208 C745ECED7CBF3F mov dword ptr [ebp-$14], $3FBF7CED
004E720F 33C0 xor eax, eax
004E7211 8945F0 mov [ebp-$10], eax
004E7214 C745F454E11B41 mov dword ptr [ebp-$0C], $411BE154
004E721B C785DCFEFFFF003EA59C mov dword ptr [ebp+$FFFFFEDC], $9CA53E00
004E7225 C785E0FEFFFFE774A642 mov dword ptr [ebp+$FFFFFEE0], $42A674E7
004E722F 8D9598FDFFFF lea edx, [ebp+$FFFFFD98]
004E7235 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.edtRegisterSN : TEdit
|
004E7238 8B8018030000 mov eax, [eax+$0318]
* Reference to: Controls.TControl.GetText(TControl):TCaption;
|
004E723E E875A7F7FF call 004619B8
004E7243 8B8598FDFFFF mov eax, [ebp+$FFFFFD98]
004E7249 8D959CFDFFFF lea edx, [ebp+$FFFFFD9C]
* Reference to: SysUtils.Trim(AnsiString):AnsiString;overload;
|
004E724F E82022F2FF call 00409474
004E7254 8B959CFDFFFF mov edx, [ebp+$FFFFFD9C]
004E725A 8D85E8FEFFFF lea eax, [ebp+$FFFFFEE8]
004E7260 B9FF000000 mov ecx, $000000FF
* Reference to: System.@LStrToString;
|
004E7265 E87EDCF1FF call 00404EE8
004E726A 8D95B3FEFFFF lea edx, [ebp+$FFFFFEB3]
004E7270 B945010000 mov ecx, $00000145
004E7275 8B45F8 mov eax, [ebp-$08]
004E7278 8B18 mov ebx, [eax]
* Reference to method TFileStream.Write(Longint,Longint)
|
004E727A FF5310 call dword ptr [ebx+$10]
004E727D 33C0 xor eax, eax
004E727F 5A pop edx
004E7280 59 pop ecx
004E7281 59 pop ecx
004E7282 648910 mov fs:[eax], edx
****** FINALLY
|
004E7285 689A724E00 push $004E729A
004E728A 8B45F8 mov eax, [ebp-$08]
* Reference to: System.TObject.Free(TObject);
|
004E728D E8A6CBF1FF call 00403E38
004E7292 C3 ret
* Reference to: System.@HandleFinally;
|
004E7293 E934D3F1FF jmp 004045CC
004E7298 EBF0 jmp 004E728A
****** END
|
* Reference to TfrmExcelentPickGold instance
|
004E729A A100674F00 mov eax, dword ptr [$004F6700]
004E729F 8B00 mov eax, [eax]
* Reference to : TfrmExcelentPickGold.GetRegUser()
|
004E72A1 E8AA2B0000 call 004E9E50
004E72A6 84C0 test al, al
004E72A8 0F84C2000000 jz 004E7370
* Reference to TfrmExcelentPickGold instance
|
004E72AE A100674F00 mov eax, dword ptr [$004F6700]
004E72B3 8B00 mov eax, [eax]
* Reference to : TfrmExcelentPickGold.CheckReg()
|
004E72B5 E82E2A0000 call 004E9CE8
004E72BA 84C0 test al, al
004E72BC 0F84AE000000 jz 004E7370
* Reference to TfrmExcelentPickGold instance
|
004E72C2 A100674F00 mov eax, dword ptr [$004F6700]
004E72C7 8B00 mov eax, [eax]
* Reference to field TfrmExcelentPickGold.OFFS_0390 : Byte
|
004E72C9 C6809003000001 mov byte ptr [eax+$0390], $01
004E72D0 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.lblRegister : TLabel
|
004E72D3 8B8024030000 mov eax, [eax+$0324]
* Possible String Reference to: '已注册'
|
004E72D9 BAE4734E00 mov edx, $004E73E4
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
004E72DE E805A7F7FF call 004619E8
004E72E3 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.edtRegister : TEdit
|
004E72E6 8B8014030000 mov eax, [eax+$0314]
004E72EC 33D2 xor edx, edx
004E72EE 8B08 mov ecx, [eax]
* Reference to method TEdit.SetEnabled(Boolean)
|
004E72F0 FF5164 call dword ptr [ecx+$64]
004E72F3 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.edtRegisterSN : TEdit
|
004E72F6 8B8018030000 mov eax, [eax+$0318]
004E72FC 33D2 xor edx, edx
004E72FE 8B08 mov ecx, [eax]
* Reference to method TEdit.SetEnabled(Boolean)
|
004E7300 FF5164 call dword ptr [ecx+$64]
004E7303 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.bbtnRegister : TBitBtn
|
004E7306 8B801C030000 mov eax, [eax+$031C]
004E730C 33D2 xor edx, edx
004E730E 8B08 mov ecx, [eax]
* Possible reference to virtual method TBitBtn.OFFS_64
|
004E7310 FF5164 call dword ptr [ecx+$64]
004E7313 8B45FC mov eax, [ebp-$04]
* Reference to control TfrmRegister.bbtnClose : TBitBtn
|
004E7316 8B8020030000 mov eax, [eax+$0320]
004E731C 33D2 xor edx, edx
004E731E 8B08 mov ecx, [eax]
* Possible reference to virtual method TBitBtn.OFFS_64
|
004E7320 FF5164 call dword ptr [ecx+$64]
004E7323 33C0 xor eax, eax
|
004E7325 E86EBCFFFF call 004E2F98
* Reference to : TfrmRegister._PROC_004E70A4()
|
004E732A E875FDFFFF call 004E70A4
* Reference to TfrmExcelentPickGold instance
|
004E732F A100674F00 mov eax, dword ptr [$004F6700]
004E7334 8B00 mov eax, [eax]
* Reference to control TfrmExcelentPickGold.dtp : TDateTimePicker
|
004E7336 8B8020030000 mov eax, [eax+$0320]
004E733C B201 mov dl, $01
004E733E 8B08 mov ecx, [eax]
* Reference to method TDateTimePicker.SetEnabled(Boolean)
|
004E7340 FF5164 call dword ptr [ecx+$64]
* Reference to TfrmExcelentPickGold instance
|
004E7343 A100674F00 mov eax, dword ptr [$004F6700]
004E7348 8B00 mov eax, [eax]
* Reference to control TfrmExcelentPickGold.btnCaculate : TBitBtn
|
004E734A 8B8024030000 mov eax, [eax+$0324]
004E7350 B201 mov dl, $01
004E7352 8B08 mov ecx, [eax]
* Possible reference to virtual method TBitBtn.OFFS_64
|
004E7354 FF5164 call dword ptr [ecx+$64]
* Reference to TfrmExcelentPickGold instance
|
004E7357 A100674F00 mov eax, dword ptr [$004F6700]
004E735C 8B00 mov eax, [eax]
* Possible String Reference to: 'XXXXXXXXXXXXX-XXXXXXXX
| X--XXXXX'
|
004E735E BAF4734E00 mov edx, $004E73F4
* Reference to: Controls.TControl.SetText(TControl;TCaption);
|
004E7363 E880A6F7FF call 004619E8
004E7368 8B45FC mov eax, [ebp-$04]
* Reference to: Forms.TCustomForm.Close(TCustomForm);
|
004E736B E8A46EF9FF call 0047E214
004E7370 33C0 xor eax, eax
004E7372 5A pop edx
004E7373 59 pop ecx
004E7374 59 pop ecx
004E7375 648910 mov fs:[eax], edx
****** FINALLY
|
* Possible String Reference to: '[嬪]?
|
004E7378 68C1734E00 push $004E73C1
004E737D 8D8598FDFFFF lea eax, [ebp+$FFFFFD98]
* Reference to: System.@LStrClr(void;void);
|
004E7383 E8C4D8F1FF call 00404C4C
004E7388 8D859CFDFFFF lea eax, [ebp+$FFFFFD9C]
* Reference to: System.@LStrClr(void;void);
|
004E738E E8B9D8F1FF call 00404C4C
004E7393 8D85A0FDFFFF lea eax, [ebp+$FFFFFDA0]
* Reference to: System.@LStrClr(void;void);
|
004E7399 E8AED8F1FF call 00404C4C
004E739E 8D85A4FDFFFF lea eax, [ebp+$FFFFFDA4]
* Reference to: System.@LStrClr(void;void);
|
004E73A4 E8A3D8F1FF call 00404C4C
004E73A9 8D85A8FEFFFF lea eax, [ebp+$FFFFFEA8]
004E73AF BA02000000 mov edx, $00000002
* Reference to: System.@LStrArrayClr(void;void;Integer);
|
004E73B4 E8B7D8F1FF call 00404C70
004E73B9 C3 ret
* Reference to: System.@HandleFinally;
|
004E73BA E90DD2F1FF jmp 004045CC
004E73BF EBBC jmp 004E737D
****** END
|
004E73C1 5B pop ebx
004E73C2 8BE5 mov esp, ebp
004E73C4 5D pop ebp
004E73C5 C3 ret
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
