-
-
[求助]UPX 0.89.6 - 1.02 / 1.05 - 2.90 -> Markus & Laszlo [Overlay]
-
发表于: 2009-4-10 19:03 5117
-
OD载入
0044E1A0 > $ 60 PUSHAD
0044E1A1 . BE 00F04000 MOV ESI,蒸汽.0040F000
0044E1A6 . 8DBE 0020FFFF LEA EDI,DWORD PTR DS:[ESI+FFFF2000]
0044E1AC . 57 PUSH EDI
0044E1AD . EB 0B JMP SHORT 蒸汽.0044E1BA
0044E1AF 90 NOP
0044E1B0 > 8A06 MOV AL,BYTE PTR DS:[ESI]
0044E1B2 . 46 INC ESI
0044E1B3 . 8807 MOV BYTE PTR DS:[EDI],AL
0044E1B5 . 47 INC EDI
0044E1B6 > 01DB ADD EBX,EBX
0044E1B8 . 75 07 JNZ SHORT 蒸汽.0044E1C1
0044E1BA > 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1BC . 83EE FC SUB ESI,-4
0044E1BF . 11DB ADC EBX,EBX
0044E1C1 >^ 72 ED JB SHORT 蒸汽.0044E1B0
0044E1C3 > B8 01000000 MOV EAX,1
0044E1C8 > 01DB ADD EBX,EBX
0044E1CA . 75 07 JNZ SHORT 蒸汽.0044E1D3
0044E1CC . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1CE . 83EE FC SUB ESI,-4
0044E1D1 . 11DB ADC EBX,EBX
0044E1D3 > 11C0 ADC EAX,EAX
0044E1D5 . 01DB ADD EBX,EBX
0044E1D7 . 73 0B JNB SHORT 蒸汽.0044E1E4
0044E1D9 . 75 28 JNZ SHORT 蒸汽.0044E203
0044E1DB . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1DD . 83EE FC SUB ESI,-4
0044E1E0 . 11DB ADC EBX,EBX
0044E1E2 . 72 1F JB SHORT 蒸汽.0044E203
0044E1E4 > 48 DEC EAX
0044E1E5 . 01DB ADD EBX,EBX
0044E1E7 . 75 07 JNZ SHORT 蒸汽.0044E1F0
0044E1E9 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1EB . 83EE FC SUB ESI,-4
0044E1EE . 11DB ADC EBX,EBX
0044E1F0 > 11C0 ADC EAX,EAX
0044E1F2 .^ EB D4 JMP SHORT 蒸汽.0044E1C8
0044E1F4 > 01DB ADD EBX,EBX
0044E1F6 . 75 07 JNZ SHORT 蒸汽.0044E1FF
0044E1F8 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1FA . 83EE FC SUB ESI,-4
0044E1FD . 11DB ADC EBX,EBX
0044E1FF > 11C9 ADC ECX,ECX
0044E201 . EB 52 JMP SHORT 蒸汽.0044E255
0044E203 > 31C9 XOR ECX,ECX
0044E205 . 83E8 03 SUB EAX,3
0044E208 . 72 11 JB SHORT 蒸汽.0044E21B
0044E20A . C1E0 08 SHL EAX,8
0044E20D . 8A06 MOV AL,BYTE PTR DS:[ESI]
0044E20F . 46 INC ESI
0044E210 . 83F0 FF XOR EAX,FFFFFFFF
0044E213 . 74 75 JE SHORT 蒸汽.0044E28A
0044E215 . D1F8 SAR EAX,1
0044E217 . 89C5 MOV EBP,EAX
0044E219 . EB 0B JMP SHORT 蒸汽.0044E226
0044E21B > 01DB ADD EBX,EBX
0044E21D . 75 07 JNZ SHORT 蒸汽.0044E226
0044E21F . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E221 . 83EE FC SUB ESI,-4
0044E224 . 11DB ADC EBX,EBX
0044E226 >^ 72 CC JB SHORT 蒸汽.0044E1F4
0044E228 . 41 INC ECX
0044E229 . 01DB ADD EBX,EBX
0044E22B . 75 07 JNZ SHORT 蒸汽.0044E234
0044E22D . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E22F . 83EE FC SUB ESI,-4
0044E232 . 11DB ADC EBX,EBX
0044E234 >^ 72 BE JB SHORT 蒸汽.0044E1F4
0044E236 > 01DB ADD EBX,EBX
0044E238 . 75 07 JNZ SHORT 蒸汽.0044E241
0044E23A . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E23C . 83EE FC SUB ESI,-4
0044E23F . 11DB ADC EBX,EBX
0044E241 > 11C9 ADC ECX,ECX
0044E243 . 01DB ADD EBX,EBX
0044E245 .^ 73 EF JNB SHORT 蒸汽.0044E236
0044E247 . 75 09 JNZ SHORT 蒸汽.0044E252
0044E249 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E24B . 83EE FC SUB ESI,-4
0044E24E . 11DB ADC EBX,EBX
0044E250 .^ 73 E4 JNB SHORT 蒸汽.0044E236
0044E252 > 83C1 02 ADD ECX,2
0044E255 > 81FD 00FBFFFF CMP EBP,-500
0044E25B . 83D1 02 ADC ECX,2
0044E25E . 8D142F LEA EDX,DWORD PTR DS:[EDI+EBP]
0044E261 . 83FD FC CMP EBP,-4
0044E264 . 76 0E JBE SHORT 蒸汽.0044E274
0044E266 > 8A02 MOV AL,BYTE PTR DS:[EDX]
0044E268 . 42 INC EDX
0044E269 . 8807 MOV BYTE PTR DS:[EDI],AL
0044E26B . 47 INC EDI
0044E26C . 49 DEC ECX
0044E26D .^ 75 F7 JNZ SHORT 蒸汽.0044E266
0044E26F .^ E9 42FFFFFF JMP 蒸汽.0044E1B6
0044E274 > 8B02 MOV EAX,DWORD PTR DS:[EDX]
0044E276 . 83C2 04 ADD EDX,4
0044E279 . 8907 MOV DWORD PTR DS:[EDI],EAX
0044E27B . 83C7 04 ADD EDI,4
0044E27E . 83E9 04 SUB ECX,4
0044E281 .^ 77 F1 JA SHORT 蒸汽.0044E274
0044E283 . 01CF ADD EDI,ECX
0044E285 .^ E9 2CFFFFFF JMP 蒸汽.0044E1B6
0044E28A > 5E POP ESI
0044E28B . 89F7 MOV EDI,ESI
0044E28D . B9 0C000000 MOV ECX,0C
0044E292 > 8A07 MOV AL,BYTE PTR DS:[EDI]
0044E294 . 47 INC EDI
0044E295 . 2C E8 SUB AL,0E8
0044E297 > 3C 01 CMP AL,1
0044E299 .^ 77 F7 JA SHORT 蒸汽.0044E292
0044E29B . 803F 01 CMP BYTE PTR DS:[EDI],1
0044E29E .^ 75 F2 JNZ SHORT 蒸汽.0044E292
0044E2A0 . 8B07 MOV EAX,DWORD PTR DS:[EDI]
0044E2A2 . 8A5F 04 MOV BL,BYTE PTR DS:[EDI+4]
0044E2A5 . 66:C1E8 08 SHR AX,8
0044E2A9 . C1C0 10 ROL EAX,10
0044E2AC . 86C4 XCHG AH,AL
0044E2AE . 29F8 SUB EAX,EDI
0044E2B0 . 80EB E8 SUB BL,0E8
0044E2B3 . 01F0 ADD EAX,ESI
0044E2B5 . 8907 MOV DWORD PTR DS:[EDI],EAX
0044E2B7 . 83C7 05 ADD EDI,5
0044E2BA . 88D8 MOV AL,BL
0044E2BC .^ E2 D9 LOOPD SHORT 蒸汽.0044E297
0044E2BE . 8DBE 00C00400 LEA EDI,DWORD PTR DS:[ESI+4C000]
0044E2C4 > 8B07 MOV EAX,DWORD PTR DS:[EDI]
0044E2C6 . 09C0 OR EAX,EAX
0044E2C8 . 74 3C JE SHORT 蒸汽.0044E306
0044E2CA . 8B5F 04 MOV EBX,DWORD PTR DS:[EDI+4]
0044E2CD . 8D8430 64ED04>LEA EAX,DWORD PTR DS:[EAX+ESI+4ED64]
0044E2D4 . 01F3 ADD EBX,ESI
0044E2D6 . 50 PUSH EAX
0044E2D7 . 83C7 08 ADD EDI,8
0044E2DA . FF96 A0ED0400 CALL DWORD PTR DS:[ESI+4EDA0]
0044E2E0 . 95 XCHG EAX,EBP
0044E2E1 > 8A07 MOV AL,BYTE PTR DS:[EDI]
0044E2E3 . 47 INC EDI
0044E2E4 . 08C0 OR AL,AL
0044E2E6 .^ 74 DC JE SHORT 蒸汽.0044E2C4
0044E2E8 . 89F9 MOV ECX,EDI
0044E2EA . 57 PUSH EDI
0044E2EB . 48 DEC EAX
0044E2EC . F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0044E2EE . 55 PUSH EBP
0044E2EF . FF96 A4ED0400 CALL DWORD PTR DS:[ESI+4EDA4]
0044E2F5 . 09C0 OR EAX,EAX
0044E2F7 . 74 07 JE SHORT 蒸汽.0044E300
0044E2F9 . 8903 MOV DWORD PTR DS:[EBX],EAX
0044E2FB . 83C3 04 ADD EBX,4
0044E2FE .^ EB E1 JMP SHORT 蒸汽.0044E2E1
0044E300 > FF96 B4ED0400 CALL DWORD PTR DS:[ESI+4EDB4]
0044E306 > 8BAE A8ED0400 MOV EBP,DWORD PTR DS:[ESI+4EDA8]
0044E30C . 8DBE 00F0FFFF LEA EDI,DWORD PTR DS:[ESI-1000]
0044E312 . BB 00100000 MOV EBX,1000
0044E317 . 50 PUSH EAX
0044E318 . 54 PUSH ESP
0044E319 . 6A 04 PUSH 4
0044E31B . 53 PUSH EBX
0044E31C . 57 PUSH EDI
0044E31D . FFD5 CALL EBP
0044E31F . 8D87 F7010000 LEA EAX,DWORD PTR DS:[EDI+1F7]
0044E325 . 8020 7F AND BYTE PTR DS:[EAX],7F
0044E328 . 8060 28 7F AND BYTE PTR DS:[EAX+28],7F
0044E32C . 58 POP EAX
0044E32D . 50 PUSH EAX
0044E32E . 54 PUSH ESP
0044E32F . 50 PUSH EAX
0044E330 . 53 PUSH EBX
0044E331 . 57 PUSH EDI
0044E332 . FFD5 CALL EBP
0044E334 . 58 POP EAX
0044E335 . 61 POPAD
0044E336 . 8D4424 80 LEA EAX,DWORD PTR SS:[ESP-80]
0044E33A > 6A 00 PUSH 0
0044E33C . 39C4 CMP ESP,EAX
0044E33E .^ 75 FA JNZ SHORT 蒸汽.0044E33A
0044E340 . 83EC 80 SUB ESP,-80
0044E343 .- E9 4A30FBFF JMP 蒸汽.00401392 //断点到这
F8
00401392 50 PUSH EAX //这里DUMP出去,运行不了
00401393 53 PUSH EBX
00401394 51 PUSH ECX
00401395 52 PUSH EDX
00401396 2BDB SUB EBX,EBX
00401398 56 PUSH ESI
00401399 57 PUSH EDI
0040139A ^ 0F84 05FEFFFF JE 蒸汽.004011A5
004013A0 1E PUSH DS
004013A1 2E:07 POP ES ; 段寄存器更改
004013A3 300D 0F85B5FD XOR BYTE PTR DS:[FDB5850F],CL
004013A9 FFFF ??? ; 未知命令
004013AB ^ 0F83 75FEFFFF JNB 蒸汽.00401226
004013B1 8EDC MOV DS,SP ; 段寄存器更改
004013B3 FC CLD
004013B4 04 60 ADD AL,60
004013B6 FF09 DEC DWORD PTR DS:[ECX]
004013B8 F9 STC
004013B9 0F82 12000000 JB 蒸汽.004013D1
004013BF DAF1 FIDIV ECX ; 非法使用寄存器
004013C1 49 DEC ECX
004013C2 5E POP ESI
004013C3 833B 00 CMP DWORD PTR DS:[EBX],0
004013C6 F8 CLC
004013C7 ^ 0F83 8CFEFFFF JNB 蒸汽.00401259
004013CD 26:69F7 7B0F851>IMUL ESI,EDI,17850F7B ; 多余的前缀
004013D4 FFFF ??? ; 未知命令
004013D6 FF0F DEC DWORD PTR DS:[EDI]
004013D8 8223 00 AND BYTE PTR DS:[EBX],0
004013DB 0000 ADD BYTE PTR DS:[EAX],AL
004013DD FB STI
004013DE C0FD 88 SAR CH,88 ; 移位常量超出 1..31 的范围
004013E1 90 NOP
004013E2 53 PUSH EBX
004013E3 59 POP ECX
004013E4 ^ 0F83 9FFEFFFF JNB 蒸汽.00401289
004013EA 311E XOR DWORD PTR DS:[ESI],EBX
004013EC 24 07 AND AL,7
004013EE 2C 5F SUB AL,5F
004013F0 5E POP ESI
004013F1 5A POP EDX
004013F2 59 POP ECX
004013F3 5B POP EBX
004013F4 58 POP EAX
004013F5 F8 CLC
004013F6 0F83 14000000 JNB 蒸汽.00401410
004013FC A0 14BAB5E8 MOV AL,BYTE PTR DS:[E8B5BA14]
00401401 1B00 SBB EAX,DWORD PTR DS:[EAX]
00401403 0000 ADD BYTE PTR DS:[EAX],AL
00401405 ^ E9 E5FFFFFF JMP 蒸汽.004013EF
0040140A 05 BCFE9889 ADD EAX,8998FEBC
0040140F A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401410 E9 3C280000 JMP 蒸汽.00403C51
00401415 ^ 77 D2 JA SHORT 蒸汽.004013E9
00401417 89BD 02C345B9 MOV DWORD PTR SS:[EBP+B945C302],EDI
0040141D 36:AE SCAS BYTE PTR ES:[EDI]
0040141F EB 0D JMP SHORT 蒸汽.0040142E
00401421 79 2B JNS SHORT 蒸汽.0040144E
00401423 3E:8630 XCHG BYTE PTR DS:[EAX],DH
00401426 E1 7A LOOPDE SHORT 蒸汽.004014A2
00401428 00BD 328E0DF1 ADD BYTE PTR SS:[EBP+F10D8E32],BH
0040142E AB STOS DWORD PTR ES:[EDI]
0040142F 0386 C72A3E8A ADD EAX,DWORD PTR DS:[ESI+8A3E2AC7]
00401435 AC LODS BYTE PTR DS:[ESI]
00401436 B1 65 MOV CL,65
00401438 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
00401439 39AB CD0399FC CMP DWORD PTR DS:[EBX+FC9903CD],EBP
0040143F 8B82 AD2C3BF6 MOV EAX,DWORD PTR DS:[EDX+F63B2CAD]
00401445 BB AA3DD5FD MOV EBX,FDD53DAA
0040144A F762 D6 MUL DWORD PTR DS:[EDX-2A]
0040144D AD LODS DWORD PTR DS:[ESI]
0040144E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040144F 7A 05 JPE SHORT 蒸汽.00401456
00401451 ^ 72 B0 JB SHORT 蒸汽.00401403
00401453 D5 DA AAD 0DA
00401455 389B FC70AEA7 CMP BYTE PTR DS:[EBX+A7AE70FC],BL
0040145B BA 8221EC05 MOV EDX,5EC2182
00401460 D2B1 AA4D0DF6 SAL BYTE PTR DS:[ECX+F60D4DAA],CL
00401466 AF SCAS DWORD PTR ES:[EDI]
00401467 FD STD
00401468 7B AE JPO SHORT 蒸汽.00401418
0040146A 25 B20DB0AA AND EAX,AAB00DB2
0040146F 3D 0D28ACA5 CMP EAX,A5AC280D
00401474 51 PUSH ECX
00401475 FF2A JMP FAR FWORD PTR DS:[EDX] ; 远跳转
00401477 6A 8A PUSH -76
00401479 ^ 7E 97 JLE SHORT 蒸汽.00401412
0040147B FE44B6 DA INC BYTE PTR DS:[ESI+ESI*4-26]
0040147F 43 INC EBX
00401480 05 ADA8EE9D ADD EAX,9DEEA8AD
00401485 1333 ADC ESI,DWORD PTR DS:[EBX]
00401487 8505 70AA7143 TEST DWORD PTR DS:[4371AA70],EAX
0040148D AE SCAS BYTE PTR ES:[EDI]
0040148E 97 XCHG EAX,EDI
0040148F 7B 82 JPO SHORT 蒸汽.00401413
00401491 21B2 FB63ADB7 AND DWORD PTR DS:[EDX+B7AD63FB],ESI
00401497 7A 82 JPE SHORT 蒸汽.0040141B
00401499 B0 6F MOV AL,6F
0040149B ^ 7C B3 JL SHORT 蒸汽.00401450
0040149D FC CLD
0040149E 92 XCHG EAX,EDX
0040149F 5B POP EBX
004014A0 DB98 6C3ED738 FISTP DWORD PTR DS:[EAX+38D73E6C]
004014A6 94 XCHG EAX,ESP
004014A7 06 PUSH ES
004014A8 DFB5 DA43E838 FBSTP TBYTE PTR SS:[EBP+38E843DA]
004014AE F3: PREFIX REP: ; 多余的前缀
004014AF 86E8 XCHG AL,CH
004014B1 B0 F2 MOV AL,0F2
004014B3 8805 71B8FD7B MOV BYTE PTR DS:[7BFDB871],AL
004014B9 AE SCAS BYTE PTR ES:[EDI]
004014BA 25 93D3AC1D AND EAX,1DACD393
004014BF 8B81 23B4CD6A MOV EAX,DWORD PTR DS:[ECX+6ACDB423]
004014C5 BD A77A8208 MOV EBP,8827AA7
004014CA 2B3F SUB EDI,DWORD PTR DS:[EDI]
004014CC 8A06 MOV AL,BYTE PTR DS:[ESI]
004014CE F1 INT1
004014CF FD STD
004014D0 45 INC EBP
004014D1 B6 92 MOV DH,92
004014D3 5E POP ESI
004014D4 0D 93053ED7 OR EAX,D73E0593
004014D9 389406 DFB532BE CMP BYTE PTR DS:[ESI+EAX+BE32B5DF],DL
004014E0 8638 XCHG BYTE PTR DS:[EAX],BH
004014E2 05 872BAEA7 ADD EAX,A7AE2B87
004014E7 7A 02 JPE SHORT 蒸汽.004014EB
004014E9 22BB 79F7BDFA AND BH,BYTE PTR DS:[EBX+FABDF779]
004014EF 9F LAHF
004014F0 81AD A7FA8585 F>SUB DWORD PTR SS:[EBP+8585FAA7],AD2A62FB
004014FA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004014FB 7A 6D JPE SHORT 蒸汽.0040156A
004014FD 84AB 520DF9AB TEST BYTE PTR DS:[EBX+ABF90D52],CH
00401503 3B6B B0 CMP EBP,DWORD PTR DS:[EBX-50]
00401506 3296 850AB8FD XOR DL,BYTE PTR DS:[ESI+FDB80A85]
0040150C 7B AE JPO SHORT 蒸汽.004014BC
0040150E 25 3F03D929 AND EAX,29D9033F
00401513 2829 SUB BYTE PTR DS:[ECX],CH
00401515 282B SUB BYTE PTR DS:[EBX],CH
00401517 3E:86F6 XCHG DH,DH ; 多余的前缀
0040151A 92 XCHG EAX,EDX
0040151B 6A 00 PUSH 0
0040151D 0000 ADD BYTE PTR DS:[EAX],AL
0040151F 0000 ADD BYTE PTR DS:[EAX],AL
00401521 0000 ADD BYTE PTR DS:[EAX],AL
00401523 0000 ADD BYTE PTR DS:[EAX],AL
00401525 0000 ADD BYTE PTR DS:[EAX],AL
00401527 0000 ADD BYTE PTR DS:[EAX],AL
00401529 0000 ADD BYTE PTR DS:[EAX],AL
0040152B 0000 ADD BYTE PTR DS:[EAX],AL
0040152D 0000 ADD BYTE PTR DS:[EAX],AL
0040152F 0082 AD927D6D ADD BYTE PTR DS:[EDX+6D7D92AD],AL
00401535 AA STOS BYTE PTR ES:[EDI]
00401536 07 POP ES ; 段寄存器更改
00401537 D9DD FSTP EBP ; 非法使用寄存器
00401539 0A6B E5 OR CH,BYTE PTR DS:[EBX-1B]
0040153C 8306 E1 ADD DWORD PTR DS:[ESI],-1F
0040153F C6 ??? ; 未知命令
00401540 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401541 B5 23 MOV CH,23
00401543 92 XCHG EAX,EDX
00401544 0D F2CB7E0D OR EAX,0D7ECBF2
00401549 7F 2B JG SHORT 蒸汽.00401576
0040154B 5D POP EBP
0040154C 8537 TEST DWORD PTR DS:[EDI],ESI
0040154E FC CLD
0040154F 8E8E DDB7BBC2 MOV CS,WORD PTR DS:[ESI+C2BBB7DD] ; 不允许段 CS
00401555 E8 F39E8A2B CALL 2BCAB44D
0040155A 95 XCHG EAX,EBP
0040155B 3E:D7 XLAT BYTE PTR DS:[EBX+AL]
0040155D 3894FC 6E46AA7A CMP BYTE PTR SS:[ESP+EDI*8+7AAA466E],DL
00401564 8200 FE ADD BYTE PTR DS:[EAX],-2
00401567 D10F ROR DWORD PTR DS:[EDI],1
00401569 331479 XOR EDX,DWORD PTR DS:[ECX+EDI*2]
0040156C 81AD 107F83AD A>SUB DWORD PTR SS:[EBP+AD837F10],2381CAA7
00401576 B0 AD MOV AL,0AD
00401578 5D POP EBP
00401579 37 AAA
0040157A 05 770B0BA0 ADD EAX,A00B0B77
0040157F 04 DF ADD AL,0DF
00401581 9D POPFD
00401582 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401583 90 NOP
00401584 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401585 1D E87AD515 SBB EAX,15D57AE8
0040158A 287B 82 SUB BYTE PTR DS:[EBX-7E],BH
0040158D AD LODS DWORD PTR DS:[ESI]
0040158E 117E D5 ADC DWORD PTR DS:[ESI-2B],EDI
00401591 17 POP SS ; 段寄存器更改
00401592 A9 07071AA6 TEST EAX,A61A0707
00401597 7A 81 JPE SHORT 蒸汽.0040151A
00401599 16 PUSH SS
0040159A A8 7A TEST AL,7A
0040159C 822D F87997CD 1>SUB BYTE PTR DS:[CD9779F8],17
004015A3 BB 8238A0FE MOV EBX,FEA03882
004015A8 81AD 1D8749F3 A>SUB DWORD PTR SS:[EBP+F349871D],EE033BA3
004015B2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004015B3 63B9 B0A77A0D ARPL WORD PTR DS:[ECX+D7AA7B0],DI
004015B9 ^ E3 C3 JECXZ SHORT 蒸汽.0040157E
004015BB EA C2AD117D D51>JMP FAR 17D5:7D11ADC2 ; 远跳转
004015C2 A0 D28184E5 MOV AL,BYTE PTR DS:[E58481D2]
004015C7 6285 ADA703C7 BOUND EAX,QWORD PTR SS:[EBP+C703A7AD]
004015CD A1 B7FC7FB0 MOV EAX,DWORD PTR DS:[B07FFCB7]
004015D2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004015D3 7A 0F JPE SHORT 蒸汽.004015E4
004015D5 F3: PREFIX REP: ; 多余的前缀
004015D6 8BCE MOV ECX,ESI
004015D8 D23A SAR BYTE PTR DS:[EDX],CL
004015DA ED IN EAX,DX ; I/O 命令
004015DB 56 PUSH ESI
004015DC EC IN AL,DX ; I/O 命令
004015DD B5 F7 MOV CH,0F7
004015DF D10B ROR DWORD PTR DS:[EBX],1
004015E1 0B8C7A 97C517BB OR ECX,DWORD PTR DS:[EDX+EDI*2+BB17C597]
004015E8 8232 68 XOR BYTE PTR DS:[EDX],68
004015EB 8A06 MOV AL,BYTE PTR DS:[ESI]
004015ED 97 XCHG EAX,EDI
004015EE AA STOS BYTE PTR ES:[EDI]
004015EF 7A 82 JPE SHORT 蒸汽.00401573
004015F1 3025 5F8ABC2C XOR BYTE PTR DS:[2CBC8A5F],AH
004015F7 5A POP EDX
004015F8 84AD A705C789 TEST BYTE PTR SS:[EBP+89C705A7],CH
004015FE 29F8 SUB EAX,EDI
00401600 6253 5F BOUND EDX,QWORD PTR DS:[EBX+5F]
00401603 15 0437ED82 ADC EAX,82ED3704
00401608 91 XCHG EAX,ECX
00401609 326B 7D XOR CH,BYTE PTR DS:[EBX+7D]
0040160C 82AD 2A7386BC 3>SUB BYTE PTR SS:[EBP+BC86732A],33
00401613 35 84ADA7B5 XOR EAX,B5A7AD84
00401618 C7 ??? ; 未知命令
00401619 A1 B70733B0 MOV EAX,DWORD PTR DS:[B03307B7]
0040161E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040161F 7A D2 JPE SHORT 蒸汽.004015F3
00401621 95 XCHG EAX,EBP
00401622 D89C82 ADE23DDB FCOMP DWORD PTR DS:[EDX+EAX*4+DB3DE2AD]
00401629 36:ED IN EAX,DX ; I/O 命令
0040162B ^ 72 91 JB SHORT 蒸汽.004015BE
0040162D 31AF 7B82AD11 XOR DWORD PTR DS:[EDI+11AD827B],EBP
00401633 ^ 7D D5 JGE SHORT 蒸汽.0040160A
00401635 17 POP SS ; 段寄存器更改
00401636 A0 04DF9500 MOV AL,BYTE PTR DS:[95DF04]
0040163B A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
0040163C C7 ??? ; 未知命令
0040163D B5 F7 MOV CH,0F7
0040163F D181 842B7381 ROL DWORD PTR DS:[ECX+81732B84],1
00401645 BD 2BF884AD MOV EBP,AD84F82B
0040164A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040164B 05 F7A535C0 ADD EAX,C035A5F7
00401650 6A 01 PUSH 1
00401652 F8 CLC
00401653 ^ 79 F7 JNS SHORT 蒸汽.0040164C
00401655 B5 FD MOV CH,0FD
00401657 D181 C3BFEAC2 ROL DWORD PTR DS:[ECX+C2EABFC3],1
0040165D AD LODS DWORD PTR DS:[ESI]
0040165E 2C 3B SUB AL,3B
00401660 91 XCHG EAX,ECX
00401661 310A XOR DWORD PTR DS:[EDX],ECX
00401663 ^ 7D 82 JGE SHORT 蒸汽.004015E7
00401665 AD LODS DWORD PTR DS:[ESI]
00401666 32C0 XOR AL,AL
00401668 8AE6 MOV AH,DH
0040166A EC IN AL,DX ; I/O 命令
0040166B 6291 32FE7C82 BOUND EDX,QWORD PTR DS:[ECX+827CFE32]
00401671 AD LODS DWORD PTR DS:[ESI]
00401672 28B9 276542FD SUB BYTE PTR DS:[ECX+FD426527],BH
00401678 91 XCHG EAX,ECX
00401679 32F2 XOR DH,DL
0040167B ^ 7C 82 JL SHORT 蒸汽.004015FF
0040167D AD LODS DWORD PTR DS:[ESI]
0040167E 34 00 XOR AL,0
00401680 EE OUT DX,AL ; I/O 命令
00401681 AB STOS DWORD PTR ES:[EDI]
00401682 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401683 7A 05 JPE SHORT 蒸汽.0040168A
00401685 ^ 74 AC JE SHORT 蒸汽.00401633
00401687 CA EAB1 RETF 0B1EA ; 远返回
0040168A A8 7A TEST AL,7A
0040168C 82ACBD 8EF2EDA7>SUB BYTE PTR SS:[EBP+EDI*4+A7EDF28E],-1
00401694 42 INC EDX
00401695 23B441 C7A940FC AND ESI,DWORD PTR DS:[ECX+EAX*2+FC40A9C7>
0040169C C2 AD90 RETN 90AD
0040169F B9 84ADA705 MOV ECX,5A7AD84
004016A4 8830 MOV BYTE PTR DS:[EAX],DH
004016A6 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
004016A7 ^ 7F D2 JG SHORT 蒸汽.0040167B
004016A9 3A2D EB81ADA7 CMP CH,BYTE PTR DS:[A7AD81EB]
004016AF E3 12 JECXZ SHORT 蒸汽.004016C3
004016B1 2F DAS
004016B2 E8 7AD2ACBD CALL BDECE931
004016B7 2AF2 SUB DH,DL
004016B9 ED IN EAX,DX ; I/O 命令
004016BA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016BB 07 POP ES ; 段寄存器更改
004016BC 07 POP ES ; 段寄存器更改
004016BD 1E PUSH DS
004016BE A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016BF 7A 81 JPE SHORT 蒸汽.00401642
004016C1 FE ??? ; 未知命令
004016C2 34 00 XOR AL,0
004016C4 EE OUT DX,AL ; I/O 命令
004016C5 AB STOS DWORD PTR ES:[EDI]
004016C6 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016C7 7A D2 JPE SHORT 蒸汽.0040169B
004016C9 95 XCHG EAX,EBP
004016CA CA 9A82 RETF 829A ; 远返回
004016CD AD LODS DWORD PTR DS:[ESI]
004016CE 2A3F SUB BH,BYTE PTR DS:[EDI]
004016D0 96 XCHG EAX,ESI
004016D1 3A2D E780ADA7 CMP CH,BYTE PTR DS:[A7AD80E7]
004016D7 CE INTO
004016D8 D2ACBD 8AF2EDA7 SHR BYTE PTR SS:[EBP+EDI*4+A7EDF28A],CL
004016DF 07 POP ES ; 段寄存器更改
004016E0 07 POP ES ; 段寄存器更改
004016E1 1AA6 7A811634 SBB AH,BYTE PTR DS:[ESI+3416817A]
004016E7 FC CLD
004016E8 C2 ADF7 RETN 0F7AD
004016EB 6282 CDA77A81 BOUND EAX,QWORD PTR DS:[EDX+817AA7CD]
004016F1 E4 2A IN AL,2A ; I/O 命令
004016F3 E8 8AB934F9 CALL F974D082
004016F8 86AC1D 83D995E1 XCHG BYTE PTR SS:[EBP+EBX+E195D983],CH
004016FF ^ 78 81 JS SHORT 蒸汽.00401682
00401701 AD LODS DWORD PTR DS:[ESI]
00401702 2BE8 SUB EBP,EAX
00401704 8AB5 32C28630 MOV DH,BYTE PTR SS:[EBP+3086C232]
0040170A 6C INS BYTE PTR ES:[EDI],DX ; I/O 命令
0040170B 8F ??? ; 未知命令
0040170C BB 0AB003C7 MOV EBX,C703B00A
00401711 99 CDQ
00401712 B7 08 MOV BH,8
00401714 29AF A77A03ED SUB DWORD PTR DS:[EDI+ED037AA7],EBP
0040171A B4 89 MOV AH,89
0040171C C0B0 B6FF1DAF A>SAL BYTE PTR DS:[EAX+AF1DFFB6],0A7 ; 移位常量超出 1..31 的范围
00401723 7A BD JPE SHORT 蒸汽.004016E2
00401725 ^ 70 B7 JO SHORT 蒸汽.004016DE
00401727 0815 AFA77AD2 OR BYTE PTR DS:[D27AA7AF],DL
0040172D 95 XCHG EAX,EBP
0040172E CC INT3
0040172F 9B WAIT
00401730 82AD 326BDBE8 9>SUB BYTE PTR SS:[EBP+E8DB6B32],-66
00401737 F0:8E74ED 76 LOCK MOV SEG?,WORD PTR SS:[EBP+EBP*8+76] ; 未定义的段寄存器
0040173C F62E IMUL BYTE PTR DS:[ESI]
0040173E E8 7A6B4AA9 CALL A98A82BD
00401743 7A 82 JPE SHORT 蒸汽.004016C7
00401745 AC LODS BYTE PTR DS:[ESI]
00401746 1D 830575B0 SBB EAX,B0750583
0040174B 07 POP ES ; 段寄存器更改
0040174C C7 ??? ; 未知命令
0040174D 99 CDQ
0040174E FFCA DEC EDX
00401750 D895 949982AD FCOM DWORD PTR SS:[EBP+AD829994]
00401756 2A3F SUB BH,BYTE PTR DS:[EDI]
00401758 92 XCHG EAX,EDX
00401759 3268 EF XOR CH,BYTE PTR DS:[EAX-11]
0040175C 95 XCHG EAX,EBP
0040175D 0390 63A2ADA7 ADD EDX,DWORD PTR DS:[EAX+A7ADA263]
00401763 D349 F3 ROR DWORD PTR DS:[ECX-D],CL
00401766 A3 D303EEA7 MOV DWORD PTR DS:[A7EE03D3],EAX
0040176B 63F3 ARPL BX,SI
0040176D AE SCAS BYTE PTR ES:[EDI]
0040176E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040176F 7A 81 JPE SHORT 蒸汽.004016F2
00401771 23A0 6355CEA7 AND ESP,DWORD PTR DS:[EAX+A7CE5563]
00401777 7A 0D JPE SHORT 蒸汽.00401786
00401779 F3: PREFIX REP: ; 多余的前缀
0040177A 93 XCHG EAX,EBX
0040177B D4 85 AAM 85
0040177D 73 31 JNB SHORT 蒸汽.004017B0
0040177F F0:7A E9 LOCK JPE SHORT 蒸汽.0040176B ; 不允许锁定前缀
00401782 97 XCHG EAX,EDI
00401783 04 C7 ADD AL,0C7
00401785 A1 30D826BD MOV EAX,DWORD PTR DS:[BD26D830]
0040178A 2A2F SUB CH,BYTE PTR DS:[EDI]
0040178C 82AD A7058004 3>SUB BYTE PTR SS:[EBP+48005A7],31
00401793 F8 CLC
00401794 8A95 DE9A82AD MOV DL,BYTE PTR SS:[EBP+AD829ADE]
0040179A 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
0040179B ^ 7F A6 JG SHORT 蒸汽.00401743
0040179D F9 STC
0040179E 28BB 820435EF SUB BYTE PTR DS:[EBX+EF350482],BH
004017A4 88AE 8FC0CAAD MOV BYTE PTR DS:[ESI+ADCAC08F],CH
004017AA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004017AB D307 ROL DWORD PTR DS:[EDI],CL
004017AD 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
004017AE 01EF ADD EDI,EBP
004017B0 93 XCHG EAX,EBX
004017B1 15 E8FBC2AD ADC EAX,ADC2FBE8
004017B6 FE ??? ; 未知命令
004017B7 62B6 F5A77ADB BOUND ESI,QWORD PTR DS:[ESI+DB7AA7F5]
004017BD 3268 D4 XOR CH,BYTE PTR DS:[EAX-2C]
004017C0 F7B9 34C02605 IDIV DWORD PTR DS:[ECX+526C034]
004017C6 F8 CLC
004017C7 6296 CCA77ADB BOUND EDX,QWORD PTR DS:[ESI+DB7AA7CC]
004017CD 06 PUSH ES
004017CE 33B9 0F331479 XOR EDI,DWORD PTR DS:[ECX+7914330F]
004017D4 81AD F8070716 A>SUB DWORD PTR SS:[EBP+160707F8],FE817AA5
004017DE 2A41 86 SUB AL,BYTE PTR DS:[ECX-7A]
004017E1 95 XCHG EAX,EBP
004017E2 A2 9982ADA6 MOV BYTE PTR DS:[A6AD8299],AL
004017E7 F0:8A3A LOCK MOV BH,BYTE PTR DS:[EDX] ; 不允许锁定前缀
004017EA 2D E37FADA7 SUB EAX,A7AD7FE3
004017EF CB RETF ; 远返回
004017F0 6A A9 PUSH -57
004017F2 C6 ??? ; 未知命令
004017F3 7A 82 JPE SHORT 蒸汽.00401777
004017F5 306C8B 0F XOR BYTE PTR DS:[EBX+ECX*4+F],CH
004017F9 3310 XOR EDX,DWORD PTR DS:[EAX]
004017FB ^ 78 81 JS SHORT 蒸汽.0040177E
004017FD AD LODS DWORD PTR DS:[ESI]
004017FE FB STI
004017FF E2 02 LOOPD SHORT 蒸汽.00401803
00401801 AE SCAS BYTE PTR ES:[EDI]
00401802 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401803 7A EC JPE SHORT 蒸汽.004017F1
00401805 AF SCAS DWORD PTR ES:[EDI]
00401806 FA CLI
00401807 CD EA INT 0EA
00401809 AD LODS DWORD PTR DS:[ESI]
0040180A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040180B 7A C2 JPE SHORT 蒸汽.004017CF
0040180D FD STD
0040180E A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
0040180F 90 NOP
00401810 A2 1DE87A05 MOV BYTE PTR DS:[57AE81D],AL
00401815 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401816 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401817 04 C7 ADD AL,0C7
00401819 B5 1B MOV CH,1B
0040181B 92 XCHG EAX,EDX
0040181C 0FFB ??? ; 未知命令
0040181E ^ 7F CE JG SHORT 蒸汽.004017EE
00401820 D304FE ROL DWORD PTR DS:[ESI+EDI*8],CL
00401823 CA 81C3 RETF 0C381 ; 远返回
00401826 B3 EA MOV BL,0EA
00401828 C2 ADA6 RETN 0A6AD
0040182B F0:8AACBD 82F2E>LOCK MOV CH,BYTE PTR SS:[EBP+EDI*4+A7EDF>; 不允许锁定前缀
00401833 7D 79 JGE SHORT 蒸汽.004018AE
00401835 - E9 1C6F912F JMP 2FD18756
0040183A F9 STC
0040183B ^ 79 81 JNS SHORT 蒸汽.004017BE
0040183D AD LODS DWORD PTR DS:[ESI]
0040183E ^ E0 D7 LOOPDNE SHORT 蒸汽.00401817
00401840 26:23B441 C7A9C>AND ESI,DWORD PTR ES:[ECX+EAX*2+FBC8A9C7>
00401848 C2 AD90 RETN 90AD
0040184B 0D 82ADA707 OR EAX,7A7AD82
00401850 07 POP ES ; 段寄存器更改
00401851 1AA6 7A81FE34 SBB AH,BYTE PTR DS:[ESI+34FE817A]
00401857 00EA ADD DL,CH
00401859 AA STOS BYTE PTR ES:[EDI]
0040185A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040185B 7A D2 JPE SHORT 蒸汽.0040182F
0040185D 95 XCHG EAX,EBP
0040185E 26:99 CDQ ; 多余的前缀
00401860 82AD 34C026FE 3>SUB BYTE PTR SS:[EBP+FE26C034],34
00401867 00EA ADD DL,CH
00401869 AA STOS BYTE PTR ES:[EDI]
0040186A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040186B 7A D2 JPE SHORT 蒸汽.0040183F
0040186D 95 XCHG EAX,EBP
0040186E 26:99 CDQ ; 多余的前缀
00401870 82AD 2A3F923A 2>SUB BYTE PTR SS:[EBP+3A923F2A],2D
00401877 E3 7F JECXZ SHORT 蒸汽.004018F8
00401879 AD LODS DWORD PTR DS:[ESI]
0040187A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040187B CB RETF ; 远返回
0040187C 81C3 ABEAC2AD ADD EBX,ADC2EAAB
00401882 E2 3D LOOPD SHORT 蒸汽.004018C1
00401884 F7B6 6EC07EAE DIV DWORD PTR DS:[ESI+AE7EC06E]
0040188A 28BB 8298FAE2 SUB BYTE PTR DS:[EBX+E2FA9882],BH
00401890 76 2E JBE SHORT 蒸汽.004018C0
00401892 E8 7AD2ACBD CALL BDECEB11
00401897 7A F2 JPE SHORT 蒸汽.0040188B
00401899 ED IN EAX,DX ; I/O 命令
0040189A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040189B B5 45 MOV CH,45
0040189D 23B1 41C7A97C AND ESI,DWORD PTR DS:[ECX+7CA9C741]
004018A3 FB STI
004018A4 C2 AD92 RETN 92AD
004018A7 B4 EA MOV AH,0EA
004018A9 95 XCHG EAX,EBP
004018AA AB STOS DWORD PTR ES:[EDI]
004018AB 7A 82 JPE SHORT 蒸汽.0040182F
004018AD AC LODS BYTE PTR DS:[ESI]
004018AE ^ 78 B6 JS SHORT 蒸汽.00401866
004018B0 45 INC EBP
004018B1 37 AAA
004018B2 ED IN EAX,DX ; I/O 命令
004018B3 6A F7 PUSH -9
004018B5 D86E C0 FSUBR DWORD PTR DS:[ESI-40]
004018B8 7E 56 JLE SHORT 蒸汽.00401910
004018BA 28BB 8298CA41 SUB BYTE PTR DS:[EBX+41CA9882],BH
004018C0 C7 ??? ; 未知命令
004018C1 A9 34FBC2AD TEST EAX,ADC2FB34
004018C6 92 XCHG EAX,EDX
004018C7 94 XCHG EAX,ESP
004018C8 49 DEC ECX
004018C9 F3: PREFIX REP: ; 多余的前缀
004018CA A3 D702EEA7 MOV DWORD PTR DS:[A7EE02D7],EAX
004018CF 65:92 XCHG EAX,EDX ; 多余的前缀
004018D1 ^ 74 ED JE SHORT 蒸汽.004018C0
004018D3 76 0E JBE SHORT 蒸汽.004018E3
004018D5 2E:E8 7A6DC36E CALL 6F038655 ; 多余的前缀
004018DB C07E E6 27 SAR BYTE PTR DS:[ESI-1A],27 ; 移位常量超出 1..31 的范围
004018DF BB 82E60473 MOV EBX,7304E682
004018E4 F6B6 A6F07A96 DIV BYTE PTR DS:[ESI+967AF0A6]
004018EA 05 9A82AD00 ADD EAX,0AD829A
004018EF B4 DF MOV AH,0DF
004018F1 A9 1D8E0DF3 TEST EAX,F30D8E1D
004018F6 97 XCHG EAX,EDI
004018F7 6382 ADA77A03 ARPL WORD PTR DS:[EDX+37AA7AD],AX
004018FD B2 CB MOV DL,0CB
004018FF 7E 09 JLE SHORT 蒸汽.0040190A
00401901 AE SCAS BYTE PTR ES:[EDI]
00401902 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401903 79 52 JNS SHORT 蒸汽.00401957
00401905 99 CDQ
00401906 B9 E49215D8 MOV ECX,D81592E4
0040190B FA CLI
0040190C C2 ADA6 RETN 0A6AD
0040190F F0:7E 01 LOCK JLE SHORT 蒸汽.00401913 ; 不允许锁定前缀
00401912 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401913 90 NOP
00401914 2E:1E PUSH DS ; 多余的前缀
00401916 E8 7A6AAA9F CALL 9FEA8395
0040191B 7A 81 JPE SHORT 蒸汽.0040189E
0040191D 0D 06AE4209 OR EAX,942AE06
00401922 71 3D JNO SHORT 蒸汽.00401961
00401924 92 XCHG EAX,EDX
00401925 AD LODS DWORD PTR DS:[ESI]
00401926 32BF A6B9FAAD XOR BH,BYTE PTR DS:[EDI+ADFAB9A6]
0040192C 5D POP EBP
0040192D 04 33 ADD AL,33
0040192F EF OUT DX,EAX ; I/O 命令
00401930 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401931 B9 E23DD921 MOV ECX,21D93DE2
00401936 AD LODS DWORD PTR DS:[ESI]
00401937 05 D0E93083 ADD EAX,8330E9D0
0040193C 0D B432F7A6 OR EAX,A6F732B4
00401941 C12A 73 SHR DWORD PTR DS:[EDX],73 ; 移位常量超出 1..31 的范围
00401944 8621 XCHG BYTE PTR DS:[ECX],AH
00401946 AD LODS DWORD PTR DS:[ESI]
00401947 FD STD
00401948 7A B3 JPE SHORT 蒸汽.004018FD
0040194A 1C 86 SBB AL,86
0040194C 8124B4 79F9D5A6 AND DWORD PTR SS:[ESP+ESI*4],A6D5F979
00401953 D2A6 0601FEC0 SHL BYTE PTR DS:[ESI+C0FE0106],CL
00401959 B3 1C MOV BL,1C
0040195B 86D9 XCHG CL,BL
0040195D AC LODS BYTE PTR DS:[ESI]
0040195E 1E PUSH DS
0040195F 7F 6A JG SHORT 蒸汽.004019CB
00401961 A2 B67A8206 MOV BYTE PTR DS:[6827AB6],AL
00401966 0106 ADD DWORD PTR DS:[ESI],EAX
00401968 C8 D53099 ENTER 30D5,99
0040196C 0BF4 OR ESI,ESP
0040196E DB03 FILD DWORD PTR DS:[EBX]
00401970 C8 DD32C1 ENTER 32DD,0C1
00401974 BA 360697BD MOV EDX,BD970636
00401979 70 31 JO SHORT 蒸汽.004019AC
0040197B D9A2 21B6CDD5 FLDENV (28-BYTE) PTR DS:[EDX+D5CDB621]
00401981 00A7 4B0BF4E3 ADD BYTE PTR DS:[EDI+E3F40B4B],AH
00401987 FD STD
00401988 46 INC ESI
00401989 BA 30C2B20C MOV EDX,0CB2C230
0040198E 06 PUSH ES
0040198F D6 SALC
00401990 45 INC EBP
00401991 01FE ADD ESI,EDI
00401993 05 F6D1B3D1 ADD EAX,D1B3D1F6
00401998 EC IN AL,DX ; I/O 命令
00401999 ED IN EAX,DX ; I/O 命令
0040199A 117C81 24 ADC DWORD PTR DS:[ECX+EAX*4+24],EDI
0040199E D079 D8 SAR BYTE PTR DS:[ECX-28],1
004019A1 CD 32 INT 32
004019A3 73 05 JNB SHORT 蒸汽.004019AA
004019A5 ^ 72 B4 JB SHORT 蒸汽.0040195B
004019A7 FF81 22F4E222 INC DWORD PTR DS:[ECX+22E2F422]
004019AD B3 A7 MOV BL,0A7
004019AF 7A EC JPE SHORT 蒸汽.0040199D
004019B1 B5 A6 MOV CH,0A6
004019B3 F1 INT1
004019B4 AA STOS BYTE PTR ES:[EDI]
004019B5 AC LODS BYTE PTR DS:[ESI]
004019B6 FE ??? ; 未知命令
004019B7 9A 0572B403 C9D>CALL FAR D1C9:03B47205 ; 远调用
004019BE 2C 3B SUB AL,3B
004019C0 F7B8 FE79F8D5 IDIV DWORD PTR DS:[EAX+D5F879FE]
004019C6 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
004019C7 D1A6 060166AC SHL DWORD PTR DS:[ESI+AC660106],1
004019CD 38049F CMP BYTE PTR DS:[EDI+EBX*4],AL
004019D0 9A 00127C81 24D>CALL FAR D024:817C1200 ; 远调用
004019D7 ^ 79 D8 JNS SHORT 蒸汽.004019B1
004019D9 CD 2A INT 2A
004019DB 3F AAS
004019DC 8E36 MOV SEG?,WORD PTR DS:[ESI] ; 未定义的段寄存器
004019DE EF OUT DX,EAX ; I/O 命令
004019DF A2 076E1D92 MOV BYTE PTR DS:[921D6E07],AL
004019E4 8125 CC79F8D5 A>AND DWORD PTR DS:[D5F879CC],4A6D1A6
004019EE A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004019EF F1 INT1
004019F0 AA STOS BYTE PTR ES:[EDI]
004019F1 AC LODS BYTE PTR DS:[ESI]
004019F2 FE ??? ; 未知命令
004019F3 9E SAHF
004019F4 05 72B8AD42 ADD EAX,42ADB872
004019F9 99 CDQ
004019FA C5FD LDS EDI,EBP ; 非法使用寄存器
004019FC A9 ADAA3D0B TEST EAX,0B3DAAAD
00401A01 F5 CMC
00401A02 D305 C6D1BBE4 ROL DWORD PTR DS:[E4BBD1C6],CL
00401A08 8203 FF ADD BYTE PTR DS:[EBX],-1
00401A0B 03C9 ADD ECX,ECX
00401A0D E5 8F IN EAX,8F ; I/O 命令
00401A0F 8E81 ADA7FE46 MOV ES,WORD PTR DS:[ECX+46FEA7AD] ; 段寄存器更改
00401A15 BA 3242E10B MOV EDX,0BE14232
00401A1A 033E ADD EDI,DWORD PTR DS:[ESI]
00401A1C D7 XLAT BYTE PTR DS:[EBX+AL]
00401A1D 3894FE 6EDAFAD0 CMP BYTE PTR DS:[ESI+EDI*8+D0FADA6E],DL
00401A24 0D 23B0D10D OR EAX,0DD1B023
00401A29 2BB405 D0E132C2 SUB ESI,DWORD PTR SS:[EBP+EAX+C232E1D0]
00401A30 8638 XCHG BYTE PTR DS:[EAX],BH
00401A32 C703 C7A933C1 MOV DWORD PTR DS:[EBX],C133A9C7
00401A38 A2 36ED820D MOV BYTE PTR DS:[D82ED36],AL
00401A3D F4 HLT ; 特权命令
00401A3E C3 RETN
00401A3F 03C7 ADD EAX,EDI
00401A41 B9 32C1B2E8 MOV ECX,E8B2C132
00401A46 6F OUTS DX,DWORD PTR ES:[EDI] ; I/O 命令
00401A47 04 CF ADD AL,0CF
00401A49 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401A4A 1B80 AD6EF065 SBB EAX,DWORD PTR DS:[EAX+65F06EAD]
00401A50 8738 XCHG DWORD PTR DS:[EAX],EDI
00401A52 EE OUT DX,AL ; I/O 命令
00401A53 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401A54 AD LODS DWORD PTR DS:[ESI]
00401A55 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
00401A56 31C0 XOR EAX,EAX
00401A58 72 39 JB SHORT 蒸汽.00401A93
00401A5A AE SCAS BYTE PTR ES:[EDI]
00401A5B FD STD
00401A5C 7A B7 JPE SHORT 蒸汽.00401A15
00401A5E B6 01 MOV DH,1
00401A60 F7B4A7 7A81D22C DIV DWORD PTR DS:[EDI+2CD2817A]
00401A67 86A4ED A7E48507 XCHG BYTE PTR SS:[EBP+EBP*8+785E4A7],AH
00401A6E ^ E1 CF LOOPDE SHORT 蒸汽.00401A3F
00401A70 8E20 MOV FS,WORD PTR DS:[EAX] ; 段寄存器更改
00401A72 CB RETF ; 远返回
00401A73 FD STD
00401A74 FFA9 A88906AB JMP FAR FWORD PTR DS:[ECX+AB0689A8] ; 远跳转
00401A7A AD LODS DWORD PTR DS:[ESI]
00401A7B 7A 82 JPE SHORT 蒸汽.004019FF
00401A7D BC 5D7E0DFB MOV ESP,FB0D7E5D
00401A82 B3 FD MOV BL,0FD
00401A84 E7 BD OUT 0BD,EAX ; I/O 命令
00401A86 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401A87 ^ 79 CF JNS SHORT 蒸汽.00401A58
00401A89 A9 7B5B8BF2 TEST EAX,F28B5B7B
00401A8E AF SCAS DWORD PTR ES:[EDI]
00401A8F BD 05F3B382 MOV EBP,82B3F305
00401A94 6D INS DWORD PTR ES:[EDI],DX ; I/O 命令
00401A95 8633 XCHG BYTE PTR DS:[EBX],DH
00401A97 C08A 3088820D 7>ROR BYTE PTR DS:[EDX+D828830],76 ; 移位常量超出 1..31 的范围
00401A9E 79 63 JNS SHORT 蒸汽.00401B03
00401AA0 05 8FA9FD6A ADD EAX,6AFDA98F
00401AA5 AE SCAS BYTE PTR ES:[EDI]
00401AA6 30C9 XOR CL,CL
00401AA8 9A 210BC3F6 C4E>CALL FAR EFC4:F6C30B21 ; 远调用
00401AAF EE OUT DX,AL ; I/O 命令
00401AB0 8BF5 MOV ESI,EBP
00401AB2 B6 FE MOV DH,0FE
00401AB4 DDB2 A77A6D4D FSAVE (108-BYTE) PTR DS:[EDX+4D6D7AA7]
00401ABA 69E8 8AB0D0CF IMUL EBP,EAX,CFD0B08A
00401AC0 8E36 MOV SEG?,WORD PTR DS:[ESI] ; 未定义的段寄存器
00401AC2 BE 65163BED MOV ESI,ED3B1665
00401AC7 62D9 BOUND EBX,ECX ; 非法使用寄存器
00401AC9 FD STD
00401ACA 34 C0 XOR AL,0C0
00401ACC 66:FE ??? ; 未知命令
00401ACE 34 C0 XOR AL,0C0
00401AD0 62FE BOUND EDI,ESI ; 非法使用寄存器
00401AD2 34 C0 XOR AL,0C0
00401AD4 5E POP ESI
00401AD5 FE8F C79CADA7 DEC BYTE PTR DS:[EDI+A7AD9CC7]
00401ADB D181 23907AF7 ROL DWORD PTR DS:[ECX+F77A9023],1
00401AE1 91 XCHG EAX,ECX
00401AE2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401AE3 F0:62AD 1D576A2>LOCK BOUND EBP,QWORD PTR SS:[EBP+286A571>; 不允许锁定前缀
00401AEA AF SCAS DWORD PTR ES:[EDI]
00401AEB 7A 82 JPE SHORT 蒸汽.00401A6F
00401AED 306CA3 0B XOR BYTE PTR DS:[EBX+B],CH
00401AF1 F4 HLT ; 特权命令
00401AF2 AB STOS DWORD PTR ES:[EDI]
00401AF3 FF42 BD INC DWORD PTR DS:[EDX-43]
00401AF6 2BBE 88ADA73B SUB EDI,DWORD PTR DS:[ESI+3BA7AD88]
00401AFC EF OUT DX,EAX ; I/O 命令
00401AFD B5 AA MOV CH,0AA
00401AFF FD STD
00401B00 EF OUT DX,EAX ; I/O 命令
00401B01 B9 AA4188B3 MOV ECX,B38841AA
00401B06 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B07 7A 82 JPE SHORT 蒸汽.00401A8B
00401B09 96 XCHG EAX,ESI
00401B0A F3: PREFIX REP: ; 多余的前缀
00401B0B ^ 79 81 JNS SHORT 蒸汽.00401A8E
00401B0D AD LODS DWORD PTR DS:[ESI]
00401B0E D1CF ROR EDI,1
00401B10 8E38 MOV SEG?,WORD PTR DS:[EAX] ; 未定义的段寄存器
00401B12 ED IN EAX,DX ; I/O 命令
00401B13 820D FBB34188 A>OR BYTE PTR DS:[8841B3FB],FFFFFFAE
00401B1A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B1B 7A 82 JPE SHORT 蒸汽.00401A9F
00401B1D 3089 824396AB XOR BYTE PTR DS:[ECX+AB964382],CL
00401B23 4D DEC EBP
00401B24 6A D7 PUSH -29
00401B26 F4 HLT ; 特权命令
00401B27 860B XCHG BYTE PTR DS:[EBX],CL
00401B29 F3:AF REPE SCAS DWORD PTR ES:[EDI]
00401B2B 63AB ACA77A0D ARPL WORD PTR DS:[EBX+D7AA7AC],BP
00401B31 FB STI
00401B32 B3 FD MOV BL,0FD
00401B34 7B CE JPO SHORT 蒸汽.00401B04
00401B36 1A9D 052BA47B SBB BL,BYTE PTR SS:[EBP+7BA42B05]
00401B3C 91 XCHG EAX,ECX
00401B3D 31E0 XOR EAX,ESP
00401B3F ^ 7F 82 JG SHORT 蒸汽.00401AC3
00401B41 AD LODS DWORD PTR DS:[ESI]
00401B42 B6 30 MOV DH,30
00401B44 8530 TEST DWORD PTR DS:[EAX],ESI
00401B46 0D 8B82ACF5 OR EAX,F5AC828B
00401B4B 76 55 JBE SHORT 蒸汽.00401BA2
00401B4D 8EB1 BF8AF02A MOV SEG?,WORD PTR DS:[ECX+2AF08ABF] ; 未定义的段寄存器
00401B53 3C 8A CMP AL,8A
00401B55 36:F5 CMC ; 多余的前缀
00401B57 866D 87 XCHG BYTE PTR SS:[EBP-79],CH
00401B5A 33C8 XOR ECX,EAX
00401B5C 8A38 MOV BH,BYTE PTR DS:[EAX]
00401B5E ED IN EAX,DX ; I/O 命令
00401B5F 8279 7F CD CMP BYTE PTR DS:[ECX+7F],-33
00401B63 ^ 79 81 JNS SHORT 蒸汽.00401AE6
00401B65 AE SCAS BYTE PTR ES:[EDI]
00401B66 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B67 3B6B BE CMP EBP,DWORD PTR DS:[EBX-42]
00401B6A DA42 91 FIADD DWORD PTR DS:[EDX-6F]
00401B6D 3267 7F XOR AH,BYTE PTR DS:[EDI+7F]
00401B70 82AD 30C186E0 6>SUB BYTE PTR SS:[EBP+E086C130],67
00401B77 B4 C8 MOV AH,0C8
00401B79 B1 30 MOV CL,30
00401B7B C08E 36ED82F6 B>ROR BYTE PTR DS:[ESI+F682ED36],0B2 ; 移位常量超出 1..31 的范围
00401B82 117D DA ADC DWORD PTR SS:[EBP-26],EDI
00401B85 98 CWDE
00401B86 B2 05 MOV DL,5
00401B88 C8 C59E53 ENTER 9EC5,53
00401B8C 9D POPFD
00401B8D 6D INS DWORD PTR ES:[EDI],DX ; I/O 命令
00401B8E 2B5B 89 SUB EBX,DWORD PTR DS:[EBX-77]
00401B91 36:AE SCAS BYTE PTR ES:[EDI]
00401B93 6343 AC ARPL WORD PTR DS:[EBX-54],AX
00401B96 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B97 7A 05 JPE SHORT 蒸汽.00401B9E
00401B99 2BA47B 9131807F SUB ESP,DWORD PTR DS:[EBX+EDI*2+7F803191>
00401BA0 82AD 2AF872AE B>SUB BYTE PTR SS:[EBP+AE72F82A],-4A
00401BA7 FF0E DEC DWORD PTR DS:[ESI]
00401BA9 AE SCAS BYTE PTR ES:[EDI]
00401BAA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401BAB 7A 0D JPE SHORT 蒸汽.00401BBA
00401BAD FC CLD
00401BAE D3B3 CFA51D9D SAL DWORD PTR DS:[EBX+9D1DA5CF],CL
00401BB4 0D F4D705D8 OR EAX,D805D7F4
00401BB9 D5 E2 AAD 0E2
00401BBB 4A DEC EDX
00401BBC F6C5 30 TEST CH,30
00401BBF D07A 21 SAR BYTE PTR DS:[EDX+21],1
00401BC2 B0 A5 MOV AL,0A5
00401BC4 44 INC ESP
00401BC5 F630 DIV BYTE PTR DS:[EAX]
00401BC7 C072 99 AD SAL BYTE PTR DS:[EDX-67],0AD ; 移位常量超出 1..31 的范围
00401BCB A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401BCC 4C DEC ESP
00401BCD 37 AAA
00401BCE F5 CMC
00401BCF 6A 05 PUSH 5
00401BD1 2B98 7BF70FA7 SUB EBX,DWORD PTR DS:[EAX+A70FF77B]
00401BD7 F0:92 LOCK XCHG EAX,EDX ; 锁定前缀
00401BD9 38ED CMP CH,CH
00401BDB 72 0B JB SHORT 蒸汽.00401BE8
00401BDD F4 HLT ; 特权命令
00401BDE DBD1 FCMOVNBE ST,ST(1)
00401BE0 D895 189482AD FCOM DWORD PTR SS:[EBP+AD829418]
00401BE6 32C9 XOR CL,CL
00401BE8 B2 36 MOV DL,36
00401BEA ED IN EAX,DX ; I/O 命令
00401BEB 8A0D F4DBFD46 MOV CL,BYTE PTR DS:[46FDDBF4]
00401BF1 BA E23B0BF3 MOV EDX,F30B3BE2
00401BF6 9F LAHF
00401BF7 EE OUT DX,AL ; I/O 命令
00401BF8 8D38 LEA EDI,DWORD PTR DS:[EAX]
00401BFA 69A6 C7A5F003 C>IMUL ESP,DWORD PTR DS:[ESI+3F0A5C7],8493>
00401C04 0D 04D4A5D7 OR EAX,D7A5D404
00401C09 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401C0A 31D0 XOR EAX,EDX
00401C0C 72 39 JB SHORT 蒸汽.00401C47
00401C0E FE ??? ; 未知命令
00401C0F A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401C10 BB 02A0F09B MOV EBX,9BF0A002
00401C15 38EE CMP DH,CH
00401C17 A2 BD6E1C8D MOV BYTE PTR DS:[8D1C6EBD],AL
00401C1C 0BF3 OR ESI,EBX
00401C1E 9F LAHF
00401C1F EE OUT DX,AL ; I/O 命令
00401C20 8AD8 MOV BL,AL
00401C22 6F OUTS DX,DWORD PTR ES:[EDI] ; I/O 命令
00401C23 C40B LES ECX,FWORD PTR DS:[EBX] ; 段寄存器更改
00401C25 FB STI
00401C26 97 XCHG EAX,EDI
00401C27 66:87D8 XCHG AX,BX
00401C2A 77 04 JA SHORT 蒸汽.00401C30
00401C2C D7 XLAT BYTE PTR DS:[EBX+AL]
00401C2D 9D POPFD
00401C2E 2BF8 SUB EDI,EAX
00401C30 ^ 72 AE JB SHORT 蒸汽.00401BE0
00401C32 B6 FE MOV DH,0FE
00401C34 B0 B1 MOV AL,0B1
有个大大说是双重壳
0044E1A0 > $ 60 PUSHAD
0044E1A1 . BE 00F04000 MOV ESI,蒸汽.0040F000
0044E1A6 . 8DBE 0020FFFF LEA EDI,DWORD PTR DS:[ESI+FFFF2000]
0044E1AC . 57 PUSH EDI
0044E1AD . EB 0B JMP SHORT 蒸汽.0044E1BA
0044E1AF 90 NOP
0044E1B0 > 8A06 MOV AL,BYTE PTR DS:[ESI]
0044E1B2 . 46 INC ESI
0044E1B3 . 8807 MOV BYTE PTR DS:[EDI],AL
0044E1B5 . 47 INC EDI
0044E1B6 > 01DB ADD EBX,EBX
0044E1B8 . 75 07 JNZ SHORT 蒸汽.0044E1C1
0044E1BA > 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1BC . 83EE FC SUB ESI,-4
0044E1BF . 11DB ADC EBX,EBX
0044E1C1 >^ 72 ED JB SHORT 蒸汽.0044E1B0
0044E1C3 > B8 01000000 MOV EAX,1
0044E1C8 > 01DB ADD EBX,EBX
0044E1CA . 75 07 JNZ SHORT 蒸汽.0044E1D3
0044E1CC . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1CE . 83EE FC SUB ESI,-4
0044E1D1 . 11DB ADC EBX,EBX
0044E1D3 > 11C0 ADC EAX,EAX
0044E1D5 . 01DB ADD EBX,EBX
0044E1D7 . 73 0B JNB SHORT 蒸汽.0044E1E4
0044E1D9 . 75 28 JNZ SHORT 蒸汽.0044E203
0044E1DB . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1DD . 83EE FC SUB ESI,-4
0044E1E0 . 11DB ADC EBX,EBX
0044E1E2 . 72 1F JB SHORT 蒸汽.0044E203
0044E1E4 > 48 DEC EAX
0044E1E5 . 01DB ADD EBX,EBX
0044E1E7 . 75 07 JNZ SHORT 蒸汽.0044E1F0
0044E1E9 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1EB . 83EE FC SUB ESI,-4
0044E1EE . 11DB ADC EBX,EBX
0044E1F0 > 11C0 ADC EAX,EAX
0044E1F2 .^ EB D4 JMP SHORT 蒸汽.0044E1C8
0044E1F4 > 01DB ADD EBX,EBX
0044E1F6 . 75 07 JNZ SHORT 蒸汽.0044E1FF
0044E1F8 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E1FA . 83EE FC SUB ESI,-4
0044E1FD . 11DB ADC EBX,EBX
0044E1FF > 11C9 ADC ECX,ECX
0044E201 . EB 52 JMP SHORT 蒸汽.0044E255
0044E203 > 31C9 XOR ECX,ECX
0044E205 . 83E8 03 SUB EAX,3
0044E208 . 72 11 JB SHORT 蒸汽.0044E21B
0044E20A . C1E0 08 SHL EAX,8
0044E20D . 8A06 MOV AL,BYTE PTR DS:[ESI]
0044E20F . 46 INC ESI
0044E210 . 83F0 FF XOR EAX,FFFFFFFF
0044E213 . 74 75 JE SHORT 蒸汽.0044E28A
0044E215 . D1F8 SAR EAX,1
0044E217 . 89C5 MOV EBP,EAX
0044E219 . EB 0B JMP SHORT 蒸汽.0044E226
0044E21B > 01DB ADD EBX,EBX
0044E21D . 75 07 JNZ SHORT 蒸汽.0044E226
0044E21F . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E221 . 83EE FC SUB ESI,-4
0044E224 . 11DB ADC EBX,EBX
0044E226 >^ 72 CC JB SHORT 蒸汽.0044E1F4
0044E228 . 41 INC ECX
0044E229 . 01DB ADD EBX,EBX
0044E22B . 75 07 JNZ SHORT 蒸汽.0044E234
0044E22D . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E22F . 83EE FC SUB ESI,-4
0044E232 . 11DB ADC EBX,EBX
0044E234 >^ 72 BE JB SHORT 蒸汽.0044E1F4
0044E236 > 01DB ADD EBX,EBX
0044E238 . 75 07 JNZ SHORT 蒸汽.0044E241
0044E23A . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E23C . 83EE FC SUB ESI,-4
0044E23F . 11DB ADC EBX,EBX
0044E241 > 11C9 ADC ECX,ECX
0044E243 . 01DB ADD EBX,EBX
0044E245 .^ 73 EF JNB SHORT 蒸汽.0044E236
0044E247 . 75 09 JNZ SHORT 蒸汽.0044E252
0044E249 . 8B1E MOV EBX,DWORD PTR DS:[ESI]
0044E24B . 83EE FC SUB ESI,-4
0044E24E . 11DB ADC EBX,EBX
0044E250 .^ 73 E4 JNB SHORT 蒸汽.0044E236
0044E252 > 83C1 02 ADD ECX,2
0044E255 > 81FD 00FBFFFF CMP EBP,-500
0044E25B . 83D1 02 ADC ECX,2
0044E25E . 8D142F LEA EDX,DWORD PTR DS:[EDI+EBP]
0044E261 . 83FD FC CMP EBP,-4
0044E264 . 76 0E JBE SHORT 蒸汽.0044E274
0044E266 > 8A02 MOV AL,BYTE PTR DS:[EDX]
0044E268 . 42 INC EDX
0044E269 . 8807 MOV BYTE PTR DS:[EDI],AL
0044E26B . 47 INC EDI
0044E26C . 49 DEC ECX
0044E26D .^ 75 F7 JNZ SHORT 蒸汽.0044E266
0044E26F .^ E9 42FFFFFF JMP 蒸汽.0044E1B6
0044E274 > 8B02 MOV EAX,DWORD PTR DS:[EDX]
0044E276 . 83C2 04 ADD EDX,4
0044E279 . 8907 MOV DWORD PTR DS:[EDI],EAX
0044E27B . 83C7 04 ADD EDI,4
0044E27E . 83E9 04 SUB ECX,4
0044E281 .^ 77 F1 JA SHORT 蒸汽.0044E274
0044E283 . 01CF ADD EDI,ECX
0044E285 .^ E9 2CFFFFFF JMP 蒸汽.0044E1B6
0044E28A > 5E POP ESI
0044E28B . 89F7 MOV EDI,ESI
0044E28D . B9 0C000000 MOV ECX,0C
0044E292 > 8A07 MOV AL,BYTE PTR DS:[EDI]
0044E294 . 47 INC EDI
0044E295 . 2C E8 SUB AL,0E8
0044E297 > 3C 01 CMP AL,1
0044E299 .^ 77 F7 JA SHORT 蒸汽.0044E292
0044E29B . 803F 01 CMP BYTE PTR DS:[EDI],1
0044E29E .^ 75 F2 JNZ SHORT 蒸汽.0044E292
0044E2A0 . 8B07 MOV EAX,DWORD PTR DS:[EDI]
0044E2A2 . 8A5F 04 MOV BL,BYTE PTR DS:[EDI+4]
0044E2A5 . 66:C1E8 08 SHR AX,8
0044E2A9 . C1C0 10 ROL EAX,10
0044E2AC . 86C4 XCHG AH,AL
0044E2AE . 29F8 SUB EAX,EDI
0044E2B0 . 80EB E8 SUB BL,0E8
0044E2B3 . 01F0 ADD EAX,ESI
0044E2B5 . 8907 MOV DWORD PTR DS:[EDI],EAX
0044E2B7 . 83C7 05 ADD EDI,5
0044E2BA . 88D8 MOV AL,BL
0044E2BC .^ E2 D9 LOOPD SHORT 蒸汽.0044E297
0044E2BE . 8DBE 00C00400 LEA EDI,DWORD PTR DS:[ESI+4C000]
0044E2C4 > 8B07 MOV EAX,DWORD PTR DS:[EDI]
0044E2C6 . 09C0 OR EAX,EAX
0044E2C8 . 74 3C JE SHORT 蒸汽.0044E306
0044E2CA . 8B5F 04 MOV EBX,DWORD PTR DS:[EDI+4]
0044E2CD . 8D8430 64ED04>LEA EAX,DWORD PTR DS:[EAX+ESI+4ED64]
0044E2D4 . 01F3 ADD EBX,ESI
0044E2D6 . 50 PUSH EAX
0044E2D7 . 83C7 08 ADD EDI,8
0044E2DA . FF96 A0ED0400 CALL DWORD PTR DS:[ESI+4EDA0]
0044E2E0 . 95 XCHG EAX,EBP
0044E2E1 > 8A07 MOV AL,BYTE PTR DS:[EDI]
0044E2E3 . 47 INC EDI
0044E2E4 . 08C0 OR AL,AL
0044E2E6 .^ 74 DC JE SHORT 蒸汽.0044E2C4
0044E2E8 . 89F9 MOV ECX,EDI
0044E2EA . 57 PUSH EDI
0044E2EB . 48 DEC EAX
0044E2EC . F2:AE REPNE SCAS BYTE PTR ES:[EDI]
0044E2EE . 55 PUSH EBP
0044E2EF . FF96 A4ED0400 CALL DWORD PTR DS:[ESI+4EDA4]
0044E2F5 . 09C0 OR EAX,EAX
0044E2F7 . 74 07 JE SHORT 蒸汽.0044E300
0044E2F9 . 8903 MOV DWORD PTR DS:[EBX],EAX
0044E2FB . 83C3 04 ADD EBX,4
0044E2FE .^ EB E1 JMP SHORT 蒸汽.0044E2E1
0044E300 > FF96 B4ED0400 CALL DWORD PTR DS:[ESI+4EDB4]
0044E306 > 8BAE A8ED0400 MOV EBP,DWORD PTR DS:[ESI+4EDA8]
0044E30C . 8DBE 00F0FFFF LEA EDI,DWORD PTR DS:[ESI-1000]
0044E312 . BB 00100000 MOV EBX,1000
0044E317 . 50 PUSH EAX
0044E318 . 54 PUSH ESP
0044E319 . 6A 04 PUSH 4
0044E31B . 53 PUSH EBX
0044E31C . 57 PUSH EDI
0044E31D . FFD5 CALL EBP
0044E31F . 8D87 F7010000 LEA EAX,DWORD PTR DS:[EDI+1F7]
0044E325 . 8020 7F AND BYTE PTR DS:[EAX],7F
0044E328 . 8060 28 7F AND BYTE PTR DS:[EAX+28],7F
0044E32C . 58 POP EAX
0044E32D . 50 PUSH EAX
0044E32E . 54 PUSH ESP
0044E32F . 50 PUSH EAX
0044E330 . 53 PUSH EBX
0044E331 . 57 PUSH EDI
0044E332 . FFD5 CALL EBP
0044E334 . 58 POP EAX
0044E335 . 61 POPAD
0044E336 . 8D4424 80 LEA EAX,DWORD PTR SS:[ESP-80]
0044E33A > 6A 00 PUSH 0
0044E33C . 39C4 CMP ESP,EAX
0044E33E .^ 75 FA JNZ SHORT 蒸汽.0044E33A
0044E340 . 83EC 80 SUB ESP,-80
0044E343 .- E9 4A30FBFF JMP 蒸汽.00401392 //断点到这
F8
00401392 50 PUSH EAX //这里DUMP出去,运行不了
00401393 53 PUSH EBX
00401394 51 PUSH ECX
00401395 52 PUSH EDX
00401396 2BDB SUB EBX,EBX
00401398 56 PUSH ESI
00401399 57 PUSH EDI
0040139A ^ 0F84 05FEFFFF JE 蒸汽.004011A5
004013A0 1E PUSH DS
004013A1 2E:07 POP ES ; 段寄存器更改
004013A3 300D 0F85B5FD XOR BYTE PTR DS:[FDB5850F],CL
004013A9 FFFF ??? ; 未知命令
004013AB ^ 0F83 75FEFFFF JNB 蒸汽.00401226
004013B1 8EDC MOV DS,SP ; 段寄存器更改
004013B3 FC CLD
004013B4 04 60 ADD AL,60
004013B6 FF09 DEC DWORD PTR DS:[ECX]
004013B8 F9 STC
004013B9 0F82 12000000 JB 蒸汽.004013D1
004013BF DAF1 FIDIV ECX ; 非法使用寄存器
004013C1 49 DEC ECX
004013C2 5E POP ESI
004013C3 833B 00 CMP DWORD PTR DS:[EBX],0
004013C6 F8 CLC
004013C7 ^ 0F83 8CFEFFFF JNB 蒸汽.00401259
004013CD 26:69F7 7B0F851>IMUL ESI,EDI,17850F7B ; 多余的前缀
004013D4 FFFF ??? ; 未知命令
004013D6 FF0F DEC DWORD PTR DS:[EDI]
004013D8 8223 00 AND BYTE PTR DS:[EBX],0
004013DB 0000 ADD BYTE PTR DS:[EAX],AL
004013DD FB STI
004013DE C0FD 88 SAR CH,88 ; 移位常量超出 1..31 的范围
004013E1 90 NOP
004013E2 53 PUSH EBX
004013E3 59 POP ECX
004013E4 ^ 0F83 9FFEFFFF JNB 蒸汽.00401289
004013EA 311E XOR DWORD PTR DS:[ESI],EBX
004013EC 24 07 AND AL,7
004013EE 2C 5F SUB AL,5F
004013F0 5E POP ESI
004013F1 5A POP EDX
004013F2 59 POP ECX
004013F3 5B POP EBX
004013F4 58 POP EAX
004013F5 F8 CLC
004013F6 0F83 14000000 JNB 蒸汽.00401410
004013FC A0 14BAB5E8 MOV AL,BYTE PTR DS:[E8B5BA14]
00401401 1B00 SBB EAX,DWORD PTR DS:[EAX]
00401403 0000 ADD BYTE PTR DS:[EAX],AL
00401405 ^ E9 E5FFFFFF JMP 蒸汽.004013EF
0040140A 05 BCFE9889 ADD EAX,8998FEBC
0040140F A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401410 E9 3C280000 JMP 蒸汽.00403C51
00401415 ^ 77 D2 JA SHORT 蒸汽.004013E9
00401417 89BD 02C345B9 MOV DWORD PTR SS:[EBP+B945C302],EDI
0040141D 36:AE SCAS BYTE PTR ES:[EDI]
0040141F EB 0D JMP SHORT 蒸汽.0040142E
00401421 79 2B JNS SHORT 蒸汽.0040144E
00401423 3E:8630 XCHG BYTE PTR DS:[EAX],DH
00401426 E1 7A LOOPDE SHORT 蒸汽.004014A2
00401428 00BD 328E0DF1 ADD BYTE PTR SS:[EBP+F10D8E32],BH
0040142E AB STOS DWORD PTR ES:[EDI]
0040142F 0386 C72A3E8A ADD EAX,DWORD PTR DS:[ESI+8A3E2AC7]
00401435 AC LODS BYTE PTR DS:[ESI]
00401436 B1 65 MOV CL,65
00401438 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
00401439 39AB CD0399FC CMP DWORD PTR DS:[EBX+FC9903CD],EBP
0040143F 8B82 AD2C3BF6 MOV EAX,DWORD PTR DS:[EDX+F63B2CAD]
00401445 BB AA3DD5FD MOV EBX,FDD53DAA
0040144A F762 D6 MUL DWORD PTR DS:[EDX-2A]
0040144D AD LODS DWORD PTR DS:[ESI]
0040144E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040144F 7A 05 JPE SHORT 蒸汽.00401456
00401451 ^ 72 B0 JB SHORT 蒸汽.00401403
00401453 D5 DA AAD 0DA
00401455 389B FC70AEA7 CMP BYTE PTR DS:[EBX+A7AE70FC],BL
0040145B BA 8221EC05 MOV EDX,5EC2182
00401460 D2B1 AA4D0DF6 SAL BYTE PTR DS:[ECX+F60D4DAA],CL
00401466 AF SCAS DWORD PTR ES:[EDI]
00401467 FD STD
00401468 7B AE JPO SHORT 蒸汽.00401418
0040146A 25 B20DB0AA AND EAX,AAB00DB2
0040146F 3D 0D28ACA5 CMP EAX,A5AC280D
00401474 51 PUSH ECX
00401475 FF2A JMP FAR FWORD PTR DS:[EDX] ; 远跳转
00401477 6A 8A PUSH -76
00401479 ^ 7E 97 JLE SHORT 蒸汽.00401412
0040147B FE44B6 DA INC BYTE PTR DS:[ESI+ESI*4-26]
0040147F 43 INC EBX
00401480 05 ADA8EE9D ADD EAX,9DEEA8AD
00401485 1333 ADC ESI,DWORD PTR DS:[EBX]
00401487 8505 70AA7143 TEST DWORD PTR DS:[4371AA70],EAX
0040148D AE SCAS BYTE PTR ES:[EDI]
0040148E 97 XCHG EAX,EDI
0040148F 7B 82 JPO SHORT 蒸汽.00401413
00401491 21B2 FB63ADB7 AND DWORD PTR DS:[EDX+B7AD63FB],ESI
00401497 7A 82 JPE SHORT 蒸汽.0040141B
00401499 B0 6F MOV AL,6F
0040149B ^ 7C B3 JL SHORT 蒸汽.00401450
0040149D FC CLD
0040149E 92 XCHG EAX,EDX
0040149F 5B POP EBX
004014A0 DB98 6C3ED738 FISTP DWORD PTR DS:[EAX+38D73E6C]
004014A6 94 XCHG EAX,ESP
004014A7 06 PUSH ES
004014A8 DFB5 DA43E838 FBSTP TBYTE PTR SS:[EBP+38E843DA]
004014AE F3: PREFIX REP: ; 多余的前缀
004014AF 86E8 XCHG AL,CH
004014B1 B0 F2 MOV AL,0F2
004014B3 8805 71B8FD7B MOV BYTE PTR DS:[7BFDB871],AL
004014B9 AE SCAS BYTE PTR ES:[EDI]
004014BA 25 93D3AC1D AND EAX,1DACD393
004014BF 8B81 23B4CD6A MOV EAX,DWORD PTR DS:[ECX+6ACDB423]
004014C5 BD A77A8208 MOV EBP,8827AA7
004014CA 2B3F SUB EDI,DWORD PTR DS:[EDI]
004014CC 8A06 MOV AL,BYTE PTR DS:[ESI]
004014CE F1 INT1
004014CF FD STD
004014D0 45 INC EBP
004014D1 B6 92 MOV DH,92
004014D3 5E POP ESI
004014D4 0D 93053ED7 OR EAX,D73E0593
004014D9 389406 DFB532BE CMP BYTE PTR DS:[ESI+EAX+BE32B5DF],DL
004014E0 8638 XCHG BYTE PTR DS:[EAX],BH
004014E2 05 872BAEA7 ADD EAX,A7AE2B87
004014E7 7A 02 JPE SHORT 蒸汽.004014EB
004014E9 22BB 79F7BDFA AND BH,BYTE PTR DS:[EBX+FABDF779]
004014EF 9F LAHF
004014F0 81AD A7FA8585 F>SUB DWORD PTR SS:[EBP+8585FAA7],AD2A62FB
004014FA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004014FB 7A 6D JPE SHORT 蒸汽.0040156A
004014FD 84AB 520DF9AB TEST BYTE PTR DS:[EBX+ABF90D52],CH
00401503 3B6B B0 CMP EBP,DWORD PTR DS:[EBX-50]
00401506 3296 850AB8FD XOR DL,BYTE PTR DS:[ESI+FDB80A85]
0040150C 7B AE JPO SHORT 蒸汽.004014BC
0040150E 25 3F03D929 AND EAX,29D9033F
00401513 2829 SUB BYTE PTR DS:[ECX],CH
00401515 282B SUB BYTE PTR DS:[EBX],CH
00401517 3E:86F6 XCHG DH,DH ; 多余的前缀
0040151A 92 XCHG EAX,EDX
0040151B 6A 00 PUSH 0
0040151D 0000 ADD BYTE PTR DS:[EAX],AL
0040151F 0000 ADD BYTE PTR DS:[EAX],AL
00401521 0000 ADD BYTE PTR DS:[EAX],AL
00401523 0000 ADD BYTE PTR DS:[EAX],AL
00401525 0000 ADD BYTE PTR DS:[EAX],AL
00401527 0000 ADD BYTE PTR DS:[EAX],AL
00401529 0000 ADD BYTE PTR DS:[EAX],AL
0040152B 0000 ADD BYTE PTR DS:[EAX],AL
0040152D 0000 ADD BYTE PTR DS:[EAX],AL
0040152F 0082 AD927D6D ADD BYTE PTR DS:[EDX+6D7D92AD],AL
00401535 AA STOS BYTE PTR ES:[EDI]
00401536 07 POP ES ; 段寄存器更改
00401537 D9DD FSTP EBP ; 非法使用寄存器
00401539 0A6B E5 OR CH,BYTE PTR DS:[EBX-1B]
0040153C 8306 E1 ADD DWORD PTR DS:[ESI],-1F
0040153F C6 ??? ; 未知命令
00401540 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401541 B5 23 MOV CH,23
00401543 92 XCHG EAX,EDX
00401544 0D F2CB7E0D OR EAX,0D7ECBF2
00401549 7F 2B JG SHORT 蒸汽.00401576
0040154B 5D POP EBP
0040154C 8537 TEST DWORD PTR DS:[EDI],ESI
0040154E FC CLD
0040154F 8E8E DDB7BBC2 MOV CS,WORD PTR DS:[ESI+C2BBB7DD] ; 不允许段 CS
00401555 E8 F39E8A2B CALL 2BCAB44D
0040155A 95 XCHG EAX,EBP
0040155B 3E:D7 XLAT BYTE PTR DS:[EBX+AL]
0040155D 3894FC 6E46AA7A CMP BYTE PTR SS:[ESP+EDI*8+7AAA466E],DL
00401564 8200 FE ADD BYTE PTR DS:[EAX],-2
00401567 D10F ROR DWORD PTR DS:[EDI],1
00401569 331479 XOR EDX,DWORD PTR DS:[ECX+EDI*2]
0040156C 81AD 107F83AD A>SUB DWORD PTR SS:[EBP+AD837F10],2381CAA7
00401576 B0 AD MOV AL,0AD
00401578 5D POP EBP
00401579 37 AAA
0040157A 05 770B0BA0 ADD EAX,A00B0B77
0040157F 04 DF ADD AL,0DF
00401581 9D POPFD
00401582 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401583 90 NOP
00401584 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401585 1D E87AD515 SBB EAX,15D57AE8
0040158A 287B 82 SUB BYTE PTR DS:[EBX-7E],BH
0040158D AD LODS DWORD PTR DS:[ESI]
0040158E 117E D5 ADC DWORD PTR DS:[ESI-2B],EDI
00401591 17 POP SS ; 段寄存器更改
00401592 A9 07071AA6 TEST EAX,A61A0707
00401597 7A 81 JPE SHORT 蒸汽.0040151A
00401599 16 PUSH SS
0040159A A8 7A TEST AL,7A
0040159C 822D F87997CD 1>SUB BYTE PTR DS:[CD9779F8],17
004015A3 BB 8238A0FE MOV EBX,FEA03882
004015A8 81AD 1D8749F3 A>SUB DWORD PTR SS:[EBP+F349871D],EE033BA3
004015B2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004015B3 63B9 B0A77A0D ARPL WORD PTR DS:[ECX+D7AA7B0],DI
004015B9 ^ E3 C3 JECXZ SHORT 蒸汽.0040157E
004015BB EA C2AD117D D51>JMP FAR 17D5:7D11ADC2 ; 远跳转
004015C2 A0 D28184E5 MOV AL,BYTE PTR DS:[E58481D2]
004015C7 6285 ADA703C7 BOUND EAX,QWORD PTR SS:[EBP+C703A7AD]
004015CD A1 B7FC7FB0 MOV EAX,DWORD PTR DS:[B07FFCB7]
004015D2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004015D3 7A 0F JPE SHORT 蒸汽.004015E4
004015D5 F3: PREFIX REP: ; 多余的前缀
004015D6 8BCE MOV ECX,ESI
004015D8 D23A SAR BYTE PTR DS:[EDX],CL
004015DA ED IN EAX,DX ; I/O 命令
004015DB 56 PUSH ESI
004015DC EC IN AL,DX ; I/O 命令
004015DD B5 F7 MOV CH,0F7
004015DF D10B ROR DWORD PTR DS:[EBX],1
004015E1 0B8C7A 97C517BB OR ECX,DWORD PTR DS:[EDX+EDI*2+BB17C597]
004015E8 8232 68 XOR BYTE PTR DS:[EDX],68
004015EB 8A06 MOV AL,BYTE PTR DS:[ESI]
004015ED 97 XCHG EAX,EDI
004015EE AA STOS BYTE PTR ES:[EDI]
004015EF 7A 82 JPE SHORT 蒸汽.00401573
004015F1 3025 5F8ABC2C XOR BYTE PTR DS:[2CBC8A5F],AH
004015F7 5A POP EDX
004015F8 84AD A705C789 TEST BYTE PTR SS:[EBP+89C705A7],CH
004015FE 29F8 SUB EAX,EDI
00401600 6253 5F BOUND EDX,QWORD PTR DS:[EBX+5F]
00401603 15 0437ED82 ADC EAX,82ED3704
00401608 91 XCHG EAX,ECX
00401609 326B 7D XOR CH,BYTE PTR DS:[EBX+7D]
0040160C 82AD 2A7386BC 3>SUB BYTE PTR SS:[EBP+BC86732A],33
00401613 35 84ADA7B5 XOR EAX,B5A7AD84
00401618 C7 ??? ; 未知命令
00401619 A1 B70733B0 MOV EAX,DWORD PTR DS:[B03307B7]
0040161E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040161F 7A D2 JPE SHORT 蒸汽.004015F3
00401621 95 XCHG EAX,EBP
00401622 D89C82 ADE23DDB FCOMP DWORD PTR DS:[EDX+EAX*4+DB3DE2AD]
00401629 36:ED IN EAX,DX ; I/O 命令
0040162B ^ 72 91 JB SHORT 蒸汽.004015BE
0040162D 31AF 7B82AD11 XOR DWORD PTR DS:[EDI+11AD827B],EBP
00401633 ^ 7D D5 JGE SHORT 蒸汽.0040160A
00401635 17 POP SS ; 段寄存器更改
00401636 A0 04DF9500 MOV AL,BYTE PTR DS:[95DF04]
0040163B A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
0040163C C7 ??? ; 未知命令
0040163D B5 F7 MOV CH,0F7
0040163F D181 842B7381 ROL DWORD PTR DS:[ECX+81732B84],1
00401645 BD 2BF884AD MOV EBP,AD84F82B
0040164A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040164B 05 F7A535C0 ADD EAX,C035A5F7
00401650 6A 01 PUSH 1
00401652 F8 CLC
00401653 ^ 79 F7 JNS SHORT 蒸汽.0040164C
00401655 B5 FD MOV CH,0FD
00401657 D181 C3BFEAC2 ROL DWORD PTR DS:[ECX+C2EABFC3],1
0040165D AD LODS DWORD PTR DS:[ESI]
0040165E 2C 3B SUB AL,3B
00401660 91 XCHG EAX,ECX
00401661 310A XOR DWORD PTR DS:[EDX],ECX
00401663 ^ 7D 82 JGE SHORT 蒸汽.004015E7
00401665 AD LODS DWORD PTR DS:[ESI]
00401666 32C0 XOR AL,AL
00401668 8AE6 MOV AH,DH
0040166A EC IN AL,DX ; I/O 命令
0040166B 6291 32FE7C82 BOUND EDX,QWORD PTR DS:[ECX+827CFE32]
00401671 AD LODS DWORD PTR DS:[ESI]
00401672 28B9 276542FD SUB BYTE PTR DS:[ECX+FD426527],BH
00401678 91 XCHG EAX,ECX
00401679 32F2 XOR DH,DL
0040167B ^ 7C 82 JL SHORT 蒸汽.004015FF
0040167D AD LODS DWORD PTR DS:[ESI]
0040167E 34 00 XOR AL,0
00401680 EE OUT DX,AL ; I/O 命令
00401681 AB STOS DWORD PTR ES:[EDI]
00401682 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401683 7A 05 JPE SHORT 蒸汽.0040168A
00401685 ^ 74 AC JE SHORT 蒸汽.00401633
00401687 CA EAB1 RETF 0B1EA ; 远返回
0040168A A8 7A TEST AL,7A
0040168C 82ACBD 8EF2EDA7>SUB BYTE PTR SS:[EBP+EDI*4+A7EDF28E],-1
00401694 42 INC EDX
00401695 23B441 C7A940FC AND ESI,DWORD PTR DS:[ECX+EAX*2+FC40A9C7>
0040169C C2 AD90 RETN 90AD
0040169F B9 84ADA705 MOV ECX,5A7AD84
004016A4 8830 MOV BYTE PTR DS:[EAX],DH
004016A6 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
004016A7 ^ 7F D2 JG SHORT 蒸汽.0040167B
004016A9 3A2D EB81ADA7 CMP CH,BYTE PTR DS:[A7AD81EB]
004016AF E3 12 JECXZ SHORT 蒸汽.004016C3
004016B1 2F DAS
004016B2 E8 7AD2ACBD CALL BDECE931
004016B7 2AF2 SUB DH,DL
004016B9 ED IN EAX,DX ; I/O 命令
004016BA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016BB 07 POP ES ; 段寄存器更改
004016BC 07 POP ES ; 段寄存器更改
004016BD 1E PUSH DS
004016BE A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016BF 7A 81 JPE SHORT 蒸汽.00401642
004016C1 FE ??? ; 未知命令
004016C2 34 00 XOR AL,0
004016C4 EE OUT DX,AL ; I/O 命令
004016C5 AB STOS DWORD PTR ES:[EDI]
004016C6 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004016C7 7A D2 JPE SHORT 蒸汽.0040169B
004016C9 95 XCHG EAX,EBP
004016CA CA 9A82 RETF 829A ; 远返回
004016CD AD LODS DWORD PTR DS:[ESI]
004016CE 2A3F SUB BH,BYTE PTR DS:[EDI]
004016D0 96 XCHG EAX,ESI
004016D1 3A2D E780ADA7 CMP CH,BYTE PTR DS:[A7AD80E7]
004016D7 CE INTO
004016D8 D2ACBD 8AF2EDA7 SHR BYTE PTR SS:[EBP+EDI*4+A7EDF28A],CL
004016DF 07 POP ES ; 段寄存器更改
004016E0 07 POP ES ; 段寄存器更改
004016E1 1AA6 7A811634 SBB AH,BYTE PTR DS:[ESI+3416817A]
004016E7 FC CLD
004016E8 C2 ADF7 RETN 0F7AD
004016EB 6282 CDA77A81 BOUND EAX,QWORD PTR DS:[EDX+817AA7CD]
004016F1 E4 2A IN AL,2A ; I/O 命令
004016F3 E8 8AB934F9 CALL F974D082
004016F8 86AC1D 83D995E1 XCHG BYTE PTR SS:[EBP+EBX+E195D983],CH
004016FF ^ 78 81 JS SHORT 蒸汽.00401682
00401701 AD LODS DWORD PTR DS:[ESI]
00401702 2BE8 SUB EBP,EAX
00401704 8AB5 32C28630 MOV DH,BYTE PTR SS:[EBP+3086C232]
0040170A 6C INS BYTE PTR ES:[EDI],DX ; I/O 命令
0040170B 8F ??? ; 未知命令
0040170C BB 0AB003C7 MOV EBX,C703B00A
00401711 99 CDQ
00401712 B7 08 MOV BH,8
00401714 29AF A77A03ED SUB DWORD PTR DS:[EDI+ED037AA7],EBP
0040171A B4 89 MOV AH,89
0040171C C0B0 B6FF1DAF A>SAL BYTE PTR DS:[EAX+AF1DFFB6],0A7 ; 移位常量超出 1..31 的范围
00401723 7A BD JPE SHORT 蒸汽.004016E2
00401725 ^ 70 B7 JO SHORT 蒸汽.004016DE
00401727 0815 AFA77AD2 OR BYTE PTR DS:[D27AA7AF],DL
0040172D 95 XCHG EAX,EBP
0040172E CC INT3
0040172F 9B WAIT
00401730 82AD 326BDBE8 9>SUB BYTE PTR SS:[EBP+E8DB6B32],-66
00401737 F0:8E74ED 76 LOCK MOV SEG?,WORD PTR SS:[EBP+EBP*8+76] ; 未定义的段寄存器
0040173C F62E IMUL BYTE PTR DS:[ESI]
0040173E E8 7A6B4AA9 CALL A98A82BD
00401743 7A 82 JPE SHORT 蒸汽.004016C7
00401745 AC LODS BYTE PTR DS:[ESI]
00401746 1D 830575B0 SBB EAX,B0750583
0040174B 07 POP ES ; 段寄存器更改
0040174C C7 ??? ; 未知命令
0040174D 99 CDQ
0040174E FFCA DEC EDX
00401750 D895 949982AD FCOM DWORD PTR SS:[EBP+AD829994]
00401756 2A3F SUB BH,BYTE PTR DS:[EDI]
00401758 92 XCHG EAX,EDX
00401759 3268 EF XOR CH,BYTE PTR DS:[EAX-11]
0040175C 95 XCHG EAX,EBP
0040175D 0390 63A2ADA7 ADD EDX,DWORD PTR DS:[EAX+A7ADA263]
00401763 D349 F3 ROR DWORD PTR DS:[ECX-D],CL
00401766 A3 D303EEA7 MOV DWORD PTR DS:[A7EE03D3],EAX
0040176B 63F3 ARPL BX,SI
0040176D AE SCAS BYTE PTR ES:[EDI]
0040176E A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040176F 7A 81 JPE SHORT 蒸汽.004016F2
00401771 23A0 6355CEA7 AND ESP,DWORD PTR DS:[EAX+A7CE5563]
00401777 7A 0D JPE SHORT 蒸汽.00401786
00401779 F3: PREFIX REP: ; 多余的前缀
0040177A 93 XCHG EAX,EBX
0040177B D4 85 AAM 85
0040177D 73 31 JNB SHORT 蒸汽.004017B0
0040177F F0:7A E9 LOCK JPE SHORT 蒸汽.0040176B ; 不允许锁定前缀
00401782 97 XCHG EAX,EDI
00401783 04 C7 ADD AL,0C7
00401785 A1 30D826BD MOV EAX,DWORD PTR DS:[BD26D830]
0040178A 2A2F SUB CH,BYTE PTR DS:[EDI]
0040178C 82AD A7058004 3>SUB BYTE PTR SS:[EBP+48005A7],31
00401793 F8 CLC
00401794 8A95 DE9A82AD MOV DL,BYTE PTR SS:[EBP+AD829ADE]
0040179A 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
0040179B ^ 7F A6 JG SHORT 蒸汽.00401743
0040179D F9 STC
0040179E 28BB 820435EF SUB BYTE PTR DS:[EBX+EF350482],BH
004017A4 88AE 8FC0CAAD MOV BYTE PTR DS:[ESI+ADCAC08F],CH
004017AA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004017AB D307 ROL DWORD PTR DS:[EDI],CL
004017AD 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
004017AE 01EF ADD EDI,EBP
004017B0 93 XCHG EAX,EBX
004017B1 15 E8FBC2AD ADC EAX,ADC2FBE8
004017B6 FE ??? ; 未知命令
004017B7 62B6 F5A77ADB BOUND ESI,QWORD PTR DS:[ESI+DB7AA7F5]
004017BD 3268 D4 XOR CH,BYTE PTR DS:[EAX-2C]
004017C0 F7B9 34C02605 IDIV DWORD PTR DS:[ECX+526C034]
004017C6 F8 CLC
004017C7 6296 CCA77ADB BOUND EDX,QWORD PTR DS:[ESI+DB7AA7CC]
004017CD 06 PUSH ES
004017CE 33B9 0F331479 XOR EDI,DWORD PTR DS:[ECX+7914330F]
004017D4 81AD F8070716 A>SUB DWORD PTR SS:[EBP+160707F8],FE817AA5
004017DE 2A41 86 SUB AL,BYTE PTR DS:[ECX-7A]
004017E1 95 XCHG EAX,EBP
004017E2 A2 9982ADA6 MOV BYTE PTR DS:[A6AD8299],AL
004017E7 F0:8A3A LOCK MOV BH,BYTE PTR DS:[EDX] ; 不允许锁定前缀
004017EA 2D E37FADA7 SUB EAX,A7AD7FE3
004017EF CB RETF ; 远返回
004017F0 6A A9 PUSH -57
004017F2 C6 ??? ; 未知命令
004017F3 7A 82 JPE SHORT 蒸汽.00401777
004017F5 306C8B 0F XOR BYTE PTR DS:[EBX+ECX*4+F],CH
004017F9 3310 XOR EDX,DWORD PTR DS:[EAX]
004017FB ^ 78 81 JS SHORT 蒸汽.0040177E
004017FD AD LODS DWORD PTR DS:[ESI]
004017FE FB STI
004017FF E2 02 LOOPD SHORT 蒸汽.00401803
00401801 AE SCAS BYTE PTR ES:[EDI]
00401802 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401803 7A EC JPE SHORT 蒸汽.004017F1
00401805 AF SCAS DWORD PTR ES:[EDI]
00401806 FA CLI
00401807 CD EA INT 0EA
00401809 AD LODS DWORD PTR DS:[ESI]
0040180A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040180B 7A C2 JPE SHORT 蒸汽.004017CF
0040180D FD STD
0040180E A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
0040180F 90 NOP
00401810 A2 1DE87A05 MOV BYTE PTR DS:[57AE81D],AL
00401815 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401816 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401817 04 C7 ADD AL,0C7
00401819 B5 1B MOV CH,1B
0040181B 92 XCHG EAX,EDX
0040181C 0FFB ??? ; 未知命令
0040181E ^ 7F CE JG SHORT 蒸汽.004017EE
00401820 D304FE ROL DWORD PTR DS:[ESI+EDI*8],CL
00401823 CA 81C3 RETF 0C381 ; 远返回
00401826 B3 EA MOV BL,0EA
00401828 C2 ADA6 RETN 0A6AD
0040182B F0:8AACBD 82F2E>LOCK MOV CH,BYTE PTR SS:[EBP+EDI*4+A7EDF>; 不允许锁定前缀
00401833 7D 79 JGE SHORT 蒸汽.004018AE
00401835 - E9 1C6F912F JMP 2FD18756
0040183A F9 STC
0040183B ^ 79 81 JNS SHORT 蒸汽.004017BE
0040183D AD LODS DWORD PTR DS:[ESI]
0040183E ^ E0 D7 LOOPDNE SHORT 蒸汽.00401817
00401840 26:23B441 C7A9C>AND ESI,DWORD PTR ES:[ECX+EAX*2+FBC8A9C7>
00401848 C2 AD90 RETN 90AD
0040184B 0D 82ADA707 OR EAX,7A7AD82
00401850 07 POP ES ; 段寄存器更改
00401851 1AA6 7A81FE34 SBB AH,BYTE PTR DS:[ESI+34FE817A]
00401857 00EA ADD DL,CH
00401859 AA STOS BYTE PTR ES:[EDI]
0040185A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040185B 7A D2 JPE SHORT 蒸汽.0040182F
0040185D 95 XCHG EAX,EBP
0040185E 26:99 CDQ ; 多余的前缀
00401860 82AD 34C026FE 3>SUB BYTE PTR SS:[EBP+FE26C034],34
00401867 00EA ADD DL,CH
00401869 AA STOS BYTE PTR ES:[EDI]
0040186A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040186B 7A D2 JPE SHORT 蒸汽.0040183F
0040186D 95 XCHG EAX,EBP
0040186E 26:99 CDQ ; 多余的前缀
00401870 82AD 2A3F923A 2>SUB BYTE PTR SS:[EBP+3A923F2A],2D
00401877 E3 7F JECXZ SHORT 蒸汽.004018F8
00401879 AD LODS DWORD PTR DS:[ESI]
0040187A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040187B CB RETF ; 远返回
0040187C 81C3 ABEAC2AD ADD EBX,ADC2EAAB
00401882 E2 3D LOOPD SHORT 蒸汽.004018C1
00401884 F7B6 6EC07EAE DIV DWORD PTR DS:[ESI+AE7EC06E]
0040188A 28BB 8298FAE2 SUB BYTE PTR DS:[EBX+E2FA9882],BH
00401890 76 2E JBE SHORT 蒸汽.004018C0
00401892 E8 7AD2ACBD CALL BDECEB11
00401897 7A F2 JPE SHORT 蒸汽.0040188B
00401899 ED IN EAX,DX ; I/O 命令
0040189A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
0040189B B5 45 MOV CH,45
0040189D 23B1 41C7A97C AND ESI,DWORD PTR DS:[ECX+7CA9C741]
004018A3 FB STI
004018A4 C2 AD92 RETN 92AD
004018A7 B4 EA MOV AH,0EA
004018A9 95 XCHG EAX,EBP
004018AA AB STOS DWORD PTR ES:[EDI]
004018AB 7A 82 JPE SHORT 蒸汽.0040182F
004018AD AC LODS BYTE PTR DS:[ESI]
004018AE ^ 78 B6 JS SHORT 蒸汽.00401866
004018B0 45 INC EBP
004018B1 37 AAA
004018B2 ED IN EAX,DX ; I/O 命令
004018B3 6A F7 PUSH -9
004018B5 D86E C0 FSUBR DWORD PTR DS:[ESI-40]
004018B8 7E 56 JLE SHORT 蒸汽.00401910
004018BA 28BB 8298CA41 SUB BYTE PTR DS:[EBX+41CA9882],BH
004018C0 C7 ??? ; 未知命令
004018C1 A9 34FBC2AD TEST EAX,ADC2FB34
004018C6 92 XCHG EAX,EDX
004018C7 94 XCHG EAX,ESP
004018C8 49 DEC ECX
004018C9 F3: PREFIX REP: ; 多余的前缀
004018CA A3 D702EEA7 MOV DWORD PTR DS:[A7EE02D7],EAX
004018CF 65:92 XCHG EAX,EDX ; 多余的前缀
004018D1 ^ 74 ED JE SHORT 蒸汽.004018C0
004018D3 76 0E JBE SHORT 蒸汽.004018E3
004018D5 2E:E8 7A6DC36E CALL 6F038655 ; 多余的前缀
004018DB C07E E6 27 SAR BYTE PTR DS:[ESI-1A],27 ; 移位常量超出 1..31 的范围
004018DF BB 82E60473 MOV EBX,7304E682
004018E4 F6B6 A6F07A96 DIV BYTE PTR DS:[ESI+967AF0A6]
004018EA 05 9A82AD00 ADD EAX,0AD829A
004018EF B4 DF MOV AH,0DF
004018F1 A9 1D8E0DF3 TEST EAX,F30D8E1D
004018F6 97 XCHG EAX,EDI
004018F7 6382 ADA77A03 ARPL WORD PTR DS:[EDX+37AA7AD],AX
004018FD B2 CB MOV DL,0CB
004018FF 7E 09 JLE SHORT 蒸汽.0040190A
00401901 AE SCAS BYTE PTR ES:[EDI]
00401902 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401903 79 52 JNS SHORT 蒸汽.00401957
00401905 99 CDQ
00401906 B9 E49215D8 MOV ECX,D81592E4
0040190B FA CLI
0040190C C2 ADA6 RETN 0A6AD
0040190F F0:7E 01 LOCK JLE SHORT 蒸汽.00401913 ; 不允许锁定前缀
00401912 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401913 90 NOP
00401914 2E:1E PUSH DS ; 多余的前缀
00401916 E8 7A6AAA9F CALL 9FEA8395
0040191B 7A 81 JPE SHORT 蒸汽.0040189E
0040191D 0D 06AE4209 OR EAX,942AE06
00401922 71 3D JNO SHORT 蒸汽.00401961
00401924 92 XCHG EAX,EDX
00401925 AD LODS DWORD PTR DS:[ESI]
00401926 32BF A6B9FAAD XOR BH,BYTE PTR DS:[EDI+ADFAB9A6]
0040192C 5D POP EBP
0040192D 04 33 ADD AL,33
0040192F EF OUT DX,EAX ; I/O 命令
00401930 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401931 B9 E23DD921 MOV ECX,21D93DE2
00401936 AD LODS DWORD PTR DS:[ESI]
00401937 05 D0E93083 ADD EAX,8330E9D0
0040193C 0D B432F7A6 OR EAX,A6F732B4
00401941 C12A 73 SHR DWORD PTR DS:[EDX],73 ; 移位常量超出 1..31 的范围
00401944 8621 XCHG BYTE PTR DS:[ECX],AH
00401946 AD LODS DWORD PTR DS:[ESI]
00401947 FD STD
00401948 7A B3 JPE SHORT 蒸汽.004018FD
0040194A 1C 86 SBB AL,86
0040194C 8124B4 79F9D5A6 AND DWORD PTR SS:[ESP+ESI*4],A6D5F979
00401953 D2A6 0601FEC0 SHL BYTE PTR DS:[ESI+C0FE0106],CL
00401959 B3 1C MOV BL,1C
0040195B 86D9 XCHG CL,BL
0040195D AC LODS BYTE PTR DS:[ESI]
0040195E 1E PUSH DS
0040195F 7F 6A JG SHORT 蒸汽.004019CB
00401961 A2 B67A8206 MOV BYTE PTR DS:[6827AB6],AL
00401966 0106 ADD DWORD PTR DS:[ESI],EAX
00401968 C8 D53099 ENTER 30D5,99
0040196C 0BF4 OR ESI,ESP
0040196E DB03 FILD DWORD PTR DS:[EBX]
00401970 C8 DD32C1 ENTER 32DD,0C1
00401974 BA 360697BD MOV EDX,BD970636
00401979 70 31 JO SHORT 蒸汽.004019AC
0040197B D9A2 21B6CDD5 FLDENV (28-BYTE) PTR DS:[EDX+D5CDB621]
00401981 00A7 4B0BF4E3 ADD BYTE PTR DS:[EDI+E3F40B4B],AH
00401987 FD STD
00401988 46 INC ESI
00401989 BA 30C2B20C MOV EDX,0CB2C230
0040198E 06 PUSH ES
0040198F D6 SALC
00401990 45 INC EBP
00401991 01FE ADD ESI,EDI
00401993 05 F6D1B3D1 ADD EAX,D1B3D1F6
00401998 EC IN AL,DX ; I/O 命令
00401999 ED IN EAX,DX ; I/O 命令
0040199A 117C81 24 ADC DWORD PTR DS:[ECX+EAX*4+24],EDI
0040199E D079 D8 SAR BYTE PTR DS:[ECX-28],1
004019A1 CD 32 INT 32
004019A3 73 05 JNB SHORT 蒸汽.004019AA
004019A5 ^ 72 B4 JB SHORT 蒸汽.0040195B
004019A7 FF81 22F4E222 INC DWORD PTR DS:[ECX+22E2F422]
004019AD B3 A7 MOV BL,0A7
004019AF 7A EC JPE SHORT 蒸汽.0040199D
004019B1 B5 A6 MOV CH,0A6
004019B3 F1 INT1
004019B4 AA STOS BYTE PTR ES:[EDI]
004019B5 AC LODS BYTE PTR DS:[ESI]
004019B6 FE ??? ; 未知命令
004019B7 9A 0572B403 C9D>CALL FAR D1C9:03B47205 ; 远调用
004019BE 2C 3B SUB AL,3B
004019C0 F7B8 FE79F8D5 IDIV DWORD PTR DS:[EAX+D5F879FE]
004019C6 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
004019C7 D1A6 060166AC SHL DWORD PTR DS:[ESI+AC660106],1
004019CD 38049F CMP BYTE PTR DS:[EDI+EBX*4],AL
004019D0 9A 00127C81 24D>CALL FAR D024:817C1200 ; 远调用
004019D7 ^ 79 D8 JNS SHORT 蒸汽.004019B1
004019D9 CD 2A INT 2A
004019DB 3F AAS
004019DC 8E36 MOV SEG?,WORD PTR DS:[ESI] ; 未定义的段寄存器
004019DE EF OUT DX,EAX ; I/O 命令
004019DF A2 076E1D92 MOV BYTE PTR DS:[921D6E07],AL
004019E4 8125 CC79F8D5 A>AND DWORD PTR DS:[D5F879CC],4A6D1A6
004019EE A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
004019EF F1 INT1
004019F0 AA STOS BYTE PTR ES:[EDI]
004019F1 AC LODS BYTE PTR DS:[ESI]
004019F2 FE ??? ; 未知命令
004019F3 9E SAHF
004019F4 05 72B8AD42 ADD EAX,42ADB872
004019F9 99 CDQ
004019FA C5FD LDS EDI,EBP ; 非法使用寄存器
004019FC A9 ADAA3D0B TEST EAX,0B3DAAAD
00401A01 F5 CMC
00401A02 D305 C6D1BBE4 ROL DWORD PTR DS:[E4BBD1C6],CL
00401A08 8203 FF ADD BYTE PTR DS:[EBX],-1
00401A0B 03C9 ADD ECX,ECX
00401A0D E5 8F IN EAX,8F ; I/O 命令
00401A0F 8E81 ADA7FE46 MOV ES,WORD PTR DS:[ECX+46FEA7AD] ; 段寄存器更改
00401A15 BA 3242E10B MOV EDX,0BE14232
00401A1A 033E ADD EDI,DWORD PTR DS:[ESI]
00401A1C D7 XLAT BYTE PTR DS:[EBX+AL]
00401A1D 3894FE 6EDAFAD0 CMP BYTE PTR DS:[ESI+EDI*8+D0FADA6E],DL
00401A24 0D 23B0D10D OR EAX,0DD1B023
00401A29 2BB405 D0E132C2 SUB ESI,DWORD PTR SS:[EBP+EAX+C232E1D0]
00401A30 8638 XCHG BYTE PTR DS:[EAX],BH
00401A32 C703 C7A933C1 MOV DWORD PTR DS:[EBX],C133A9C7
00401A38 A2 36ED820D MOV BYTE PTR DS:[D82ED36],AL
00401A3D F4 HLT ; 特权命令
00401A3E C3 RETN
00401A3F 03C7 ADD EAX,EDI
00401A41 B9 32C1B2E8 MOV ECX,E8B2C132
00401A46 6F OUTS DX,DWORD PTR ES:[EDI] ; I/O 命令
00401A47 04 CF ADD AL,0CF
00401A49 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401A4A 1B80 AD6EF065 SBB EAX,DWORD PTR DS:[EAX+65F06EAD]
00401A50 8738 XCHG DWORD PTR DS:[EAX],EDI
00401A52 EE OUT DX,AL ; I/O 命令
00401A53 A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401A54 AD LODS DWORD PTR DS:[ESI]
00401A55 6E OUTS DX,BYTE PTR ES:[EDI] ; I/O 命令
00401A56 31C0 XOR EAX,EAX
00401A58 72 39 JB SHORT 蒸汽.00401A93
00401A5A AE SCAS BYTE PTR ES:[EDI]
00401A5B FD STD
00401A5C 7A B7 JPE SHORT 蒸汽.00401A15
00401A5E B6 01 MOV DH,1
00401A60 F7B4A7 7A81D22C DIV DWORD PTR DS:[EDI+2CD2817A]
00401A67 86A4ED A7E48507 XCHG BYTE PTR SS:[EBP+EBP*8+785E4A7],AH
00401A6E ^ E1 CF LOOPDE SHORT 蒸汽.00401A3F
00401A70 8E20 MOV FS,WORD PTR DS:[EAX] ; 段寄存器更改
00401A72 CB RETF ; 远返回
00401A73 FD STD
00401A74 FFA9 A88906AB JMP FAR FWORD PTR DS:[ECX+AB0689A8] ; 远跳转
00401A7A AD LODS DWORD PTR DS:[ESI]
00401A7B 7A 82 JPE SHORT 蒸汽.004019FF
00401A7D BC 5D7E0DFB MOV ESP,FB0D7E5D
00401A82 B3 FD MOV BL,0FD
00401A84 E7 BD OUT 0BD,EAX ; I/O 命令
00401A86 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401A87 ^ 79 CF JNS SHORT 蒸汽.00401A58
00401A89 A9 7B5B8BF2 TEST EAX,F28B5B7B
00401A8E AF SCAS DWORD PTR ES:[EDI]
00401A8F BD 05F3B382 MOV EBP,82B3F305
00401A94 6D INS DWORD PTR ES:[EDI],DX ; I/O 命令
00401A95 8633 XCHG BYTE PTR DS:[EBX],DH
00401A97 C08A 3088820D 7>ROR BYTE PTR DS:[EDX+D828830],76 ; 移位常量超出 1..31 的范围
00401A9E 79 63 JNS SHORT 蒸汽.00401B03
00401AA0 05 8FA9FD6A ADD EAX,6AFDA98F
00401AA5 AE SCAS BYTE PTR ES:[EDI]
00401AA6 30C9 XOR CL,CL
00401AA8 9A 210BC3F6 C4E>CALL FAR EFC4:F6C30B21 ; 远调用
00401AAF EE OUT DX,AL ; I/O 命令
00401AB0 8BF5 MOV ESI,EBP
00401AB2 B6 FE MOV DH,0FE
00401AB4 DDB2 A77A6D4D FSAVE (108-BYTE) PTR DS:[EDX+4D6D7AA7]
00401ABA 69E8 8AB0D0CF IMUL EBP,EAX,CFD0B08A
00401AC0 8E36 MOV SEG?,WORD PTR DS:[ESI] ; 未定义的段寄存器
00401AC2 BE 65163BED MOV ESI,ED3B1665
00401AC7 62D9 BOUND EBX,ECX ; 非法使用寄存器
00401AC9 FD STD
00401ACA 34 C0 XOR AL,0C0
00401ACC 66:FE ??? ; 未知命令
00401ACE 34 C0 XOR AL,0C0
00401AD0 62FE BOUND EDI,ESI ; 非法使用寄存器
00401AD2 34 C0 XOR AL,0C0
00401AD4 5E POP ESI
00401AD5 FE8F C79CADA7 DEC BYTE PTR DS:[EDI+A7AD9CC7]
00401ADB D181 23907AF7 ROL DWORD PTR DS:[ECX+F77A9023],1
00401AE1 91 XCHG EAX,ECX
00401AE2 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401AE3 F0:62AD 1D576A2>LOCK BOUND EBP,QWORD PTR SS:[EBP+286A571>; 不允许锁定前缀
00401AEA AF SCAS DWORD PTR ES:[EDI]
00401AEB 7A 82 JPE SHORT 蒸汽.00401A6F
00401AED 306CA3 0B XOR BYTE PTR DS:[EBX+B],CH
00401AF1 F4 HLT ; 特权命令
00401AF2 AB STOS DWORD PTR ES:[EDI]
00401AF3 FF42 BD INC DWORD PTR DS:[EDX-43]
00401AF6 2BBE 88ADA73B SUB EDI,DWORD PTR DS:[ESI+3BA7AD88]
00401AFC EF OUT DX,EAX ; I/O 命令
00401AFD B5 AA MOV CH,0AA
00401AFF FD STD
00401B00 EF OUT DX,EAX ; I/O 命令
00401B01 B9 AA4188B3 MOV ECX,B38841AA
00401B06 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B07 7A 82 JPE SHORT 蒸汽.00401A8B
00401B09 96 XCHG EAX,ESI
00401B0A F3: PREFIX REP: ; 多余的前缀
00401B0B ^ 79 81 JNS SHORT 蒸汽.00401A8E
00401B0D AD LODS DWORD PTR DS:[ESI]
00401B0E D1CF ROR EDI,1
00401B10 8E38 MOV SEG?,WORD PTR DS:[EAX] ; 未定义的段寄存器
00401B12 ED IN EAX,DX ; I/O 命令
00401B13 820D FBB34188 A>OR BYTE PTR DS:[8841B3FB],FFFFFFAE
00401B1A A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B1B 7A 82 JPE SHORT 蒸汽.00401A9F
00401B1D 3089 824396AB XOR BYTE PTR DS:[ECX+AB964382],CL
00401B23 4D DEC EBP
00401B24 6A D7 PUSH -29
00401B26 F4 HLT ; 特权命令
00401B27 860B XCHG BYTE PTR DS:[EBX],CL
00401B29 F3:AF REPE SCAS DWORD PTR ES:[EDI]
00401B2B 63AB ACA77A0D ARPL WORD PTR DS:[EBX+D7AA7AC],BP
00401B31 FB STI
00401B32 B3 FD MOV BL,0FD
00401B34 7B CE JPO SHORT 蒸汽.00401B04
00401B36 1A9D 052BA47B SBB BL,BYTE PTR SS:[EBP+7BA42B05]
00401B3C 91 XCHG EAX,ECX
00401B3D 31E0 XOR EAX,ESP
00401B3F ^ 7F 82 JG SHORT 蒸汽.00401AC3
00401B41 AD LODS DWORD PTR DS:[ESI]
00401B42 B6 30 MOV DH,30
00401B44 8530 TEST DWORD PTR DS:[EAX],ESI
00401B46 0D 8B82ACF5 OR EAX,F5AC828B
00401B4B 76 55 JBE SHORT 蒸汽.00401BA2
00401B4D 8EB1 BF8AF02A MOV SEG?,WORD PTR DS:[ECX+2AF08ABF] ; 未定义的段寄存器
00401B53 3C 8A CMP AL,8A
00401B55 36:F5 CMC ; 多余的前缀
00401B57 866D 87 XCHG BYTE PTR SS:[EBP-79],CH
00401B5A 33C8 XOR ECX,EAX
00401B5C 8A38 MOV BH,BYTE PTR DS:[EAX]
00401B5E ED IN EAX,DX ; I/O 命令
00401B5F 8279 7F CD CMP BYTE PTR DS:[ECX+7F],-33
00401B63 ^ 79 81 JNS SHORT 蒸汽.00401AE6
00401B65 AE SCAS BYTE PTR ES:[EDI]
00401B66 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B67 3B6B BE CMP EBP,DWORD PTR DS:[EBX-42]
00401B6A DA42 91 FIADD DWORD PTR DS:[EDX-6F]
00401B6D 3267 7F XOR AH,BYTE PTR DS:[EDI+7F]
00401B70 82AD 30C186E0 6>SUB BYTE PTR SS:[EBP+E086C130],67
00401B77 B4 C8 MOV AH,0C8
00401B79 B1 30 MOV CL,30
00401B7B C08E 36ED82F6 B>ROR BYTE PTR DS:[ESI+F682ED36],0B2 ; 移位常量超出 1..31 的范围
00401B82 117D DA ADC DWORD PTR SS:[EBP-26],EDI
00401B85 98 CWDE
00401B86 B2 05 MOV DL,5
00401B88 C8 C59E53 ENTER 9EC5,53
00401B8C 9D POPFD
00401B8D 6D INS DWORD PTR ES:[EDI],DX ; I/O 命令
00401B8E 2B5B 89 SUB EBX,DWORD PTR DS:[EBX-77]
00401B91 36:AE SCAS BYTE PTR ES:[EDI]
00401B93 6343 AC ARPL WORD PTR DS:[EBX-54],AX
00401B96 A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401B97 7A 05 JPE SHORT 蒸汽.00401B9E
00401B99 2BA47B 9131807F SUB ESP,DWORD PTR DS:[EBX+EDI*2+7F803191>
00401BA0 82AD 2AF872AE B>SUB BYTE PTR SS:[EBP+AE72F82A],-4A
00401BA7 FF0E DEC DWORD PTR DS:[ESI]
00401BA9 AE SCAS BYTE PTR ES:[EDI]
00401BAA A7 CMPS DWORD PTR DS:[ESI],DWORD PTR ES:[ED>
00401BAB 7A 0D JPE SHORT 蒸汽.00401BBA
00401BAD FC CLD
00401BAE D3B3 CFA51D9D SAL DWORD PTR DS:[EBX+9D1DA5CF],CL
00401BB4 0D F4D705D8 OR EAX,D805D7F4
00401BB9 D5 E2 AAD 0E2
00401BBB 4A DEC EDX
00401BBC F6C5 30 TEST CH,30
00401BBF D07A 21 SAR BYTE PTR DS:[EDX+21],1
00401BC2 B0 A5 MOV AL,0A5
00401BC4 44 INC ESP
00401BC5 F630 DIV BYTE PTR DS:[EAX]
00401BC7 C072 99 AD SAL BYTE PTR DS:[EDX-67],0AD ; 移位常量超出 1..31 的范围
00401BCB A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401BCC 4C DEC ESP
00401BCD 37 AAA
00401BCE F5 CMC
00401BCF 6A 05 PUSH 5
00401BD1 2B98 7BF70FA7 SUB EBX,DWORD PTR DS:[EAX+A70FF77B]
00401BD7 F0:92 LOCK XCHG EAX,EDX ; 锁定前缀
00401BD9 38ED CMP CH,CH
00401BDB 72 0B JB SHORT 蒸汽.00401BE8
00401BDD F4 HLT ; 特权命令
00401BDE DBD1 FCMOVNBE ST,ST(1)
00401BE0 D895 189482AD FCOM DWORD PTR SS:[EBP+AD829418]
00401BE6 32C9 XOR CL,CL
00401BE8 B2 36 MOV DL,36
00401BEA ED IN EAX,DX ; I/O 命令
00401BEB 8A0D F4DBFD46 MOV CL,BYTE PTR DS:[46FDDBF4]
00401BF1 BA E23B0BF3 MOV EDX,F30B3BE2
00401BF6 9F LAHF
00401BF7 EE OUT DX,AL ; I/O 命令
00401BF8 8D38 LEA EDI,DWORD PTR DS:[EAX]
00401BFA 69A6 C7A5F003 C>IMUL ESP,DWORD PTR DS:[ESI+3F0A5C7],8493>
00401C04 0D 04D4A5D7 OR EAX,D7A5D404
00401C09 A5 MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ES>
00401C0A 31D0 XOR EAX,EDX
00401C0C 72 39 JB SHORT 蒸汽.00401C47
00401C0E FE ??? ; 未知命令
00401C0F A6 CMPS BYTE PTR DS:[ESI],BYTE PTR ES:[EDI]
00401C10 BB 02A0F09B MOV EBX,9BF0A002
00401C15 38EE CMP DH,CH
00401C17 A2 BD6E1C8D MOV BYTE PTR DS:[8D1C6EBD],AL
00401C1C 0BF3 OR ESI,EBX
00401C1E 9F LAHF
00401C1F EE OUT DX,AL ; I/O 命令
00401C20 8AD8 MOV BL,AL
00401C22 6F OUTS DX,DWORD PTR ES:[EDI] ; I/O 命令
00401C23 C40B LES ECX,FWORD PTR DS:[EBX] ; 段寄存器更改
00401C25 FB STI
00401C26 97 XCHG EAX,EDI
00401C27 66:87D8 XCHG AX,BX
00401C2A 77 04 JA SHORT 蒸汽.00401C30
00401C2C D7 XLAT BYTE PTR DS:[EBX+AL]
00401C2D 9D POPFD
00401C2E 2BF8 SUB EDI,EAX
00401C30 ^ 72 AE JB SHORT 蒸汽.00401BE0
00401C32 B6 FE MOV DH,0FE
00401C34 B0 B1 MOV AL,0B1
有个大大说是双重壳
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
赞赏
|
|
|---|---|
|
|
.......
|
|
|
00401392 50 PUSH EAX //这里DUMP出去,运行不了
00401393 53 PUSH EBX 00401394 51 PUSH ECX 00401395 52 PUSH EDX 00401396 2BDB SUB EBX,EBX 00401398 56 PUSH ESI 00401399 57 PUSH EDI 0040139A ^ 0F84 05FEFFFF JE 蒸汽.004011A5 SUB EBX,EBX使ZF标志置位,后面的JE跳转就跳走了。 想要大家帮忙看,楼主还是把程序打包发附件上来吧。 |
|
|
他的文章
赞赏
雪币:
留言:
