-
-
[旧帖] [求助]大侠看过来 0.00雪花
-
发表于: 2009-4-29 20:05
-
大侠请看在那个地方下断点才行呢?
005B79B4 /. 55 PUSH EBP
005B79B5 |. 8BEC MOV EBP,ESP
005B79B7 |. B9 08000000 MOV ECX,8
005B79BC |> 6A 00 /PUSH 0
005B79BE |. 6A 00 |PUSH 0
005B79C0 |. 49 |DEC ECX
005B79C1 |.^ 75 F9 \JNZ SHORT unpacked.005B79BC
005B79C3 |. 53 PUSH EBX
005B79C4 |. 56 PUSH ESI
005B79C5 |. 8BD8 MOV EBX,EAX
005B79C7 |. 33C0 XOR EAX,EAX
005B79C9 |. 55 PUSH EBP
005B79CA |. 68 4B7C5B00 PUSH unpacked.005B7C4B
005B79CF |. 64:FF30 PUSH DWORD PTR FS:[EAX]
005B79D2 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
005B79D5 |. 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
005B79D8 |. 8B83 50030000 MOV EAX,DWORD PTR DS:[EBX+350]
005B79DE |. E8 D1FDF8FF CALL unpacked.005477B4
005B79E3 |. 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
005B79E6 |. 8B83 54030000 MOV EAX,DWORD PTR DS:[EBX+354]
005B79EC |. E8 C3FDF8FF CALL unpacked.005477B4
005B79F1 |. 837D F0 00 CMP DWORD PTR SS:[EBP-10],0
005B79F5 |. 75 1D JNZ SHORT unpacked.005B7A14
005B79F7 |. 6A 20 PUSH 20
005B79F9 |. B9 587C5B00 MOV ECX,unpacked.005B7C58
005B79FE |. BA 607C5B00 MOV EDX,unpacked.005B7C60
005B7A03 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7A08 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7A0A |. E8 8DA4ECFF CALL unpacked.00481E9C
005B7A0F |. E9 02020000 JMP unpacked.005B7C16
005B7A14 |> 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
005B7A17 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A1D |. E8 92FDF8FF CALL unpacked.005477B4
005B7A22 |. 837D EC 00 CMP DWORD PTR SS:[EBP-14],0
005B7A26 |. 75 1D JNZ SHORT unpacked.005B7A45
005B7A28 |. 6A 20 PUSH 20
005B7A2A |. B9 587C5B00 MOV ECX,unpacked.005B7C58
005B7A2F |. BA 747C5B00 MOV EDX,unpacked.005B7C74
005B7A34 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7A39 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7A3B |. E8 5CA4ECFF CALL unpacked.00481E9C
005B7A40 |. E9 D1010000 JMP unpacked.005B7C16
005B7A45 |> 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
005B7A48 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A4E |. E8 61FDF8FF CALL unpacked.005477B4
005B7A53 |. 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
005B7A56 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A5C |. E8 53FDF8FF CALL unpacked.005477B4
005B7A61 |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
005B7A64 |. B8 907C5B00 MOV EAX,unpacked.005B7C90 ; iy-BC7
005B7A69 |. E8 FED6E4FF CALL unpacked.0040516C
005B7A6E |. 85C0 TEST EAX,EAX
005B7A70 |. 0F8E 88010000 JLE unpacked.005B7BFE
005B7A76 |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
005B7A79 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A7F |. E8 30FDF8FF CALL unpacked.005477B4
005B7A84 |. 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
005B7A87 |. B8 A07C5B00 MOV EAX,unpacked.005B7CA0 ; V
005B7A8C |. E8 DBD6E4FF CALL unpacked.0040516C
005B7A91 |. 85C0 TEST EAX,EAX
005B7A93 |. 0F8E 65010000 JLE unpacked.005B7BFE
005B7A99 |. 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
005B7A9C |. 8B83 50030000 MOV EAX,DWORD PTR DS:[EBX+350]
005B7AA2 |. E8 0DFDF8FF CALL unpacked.005477B4
005B7AA7 |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
005B7AAA |. 50 PUSH EAX
005B7AAB |. 8D55 DC LEA EDX,DWORD PTR SS:[EBP-24]
005B7AAE |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7AB4 |. E8 FBFCF8FF CALL unpacked.005477B4
005B7AB9 |. 8B45 DC MOV EAX,DWORD PTR SS:[EBP-24]
005B7ABC |. 50 PUSH EAX
005B7ABD |. 8B15 70636000 MOV EDX,DWORD PTR DS:[606370] ; unpacked.00607FA8
005B7AC3 |. 8B12 MOV EDX,DWORD PTR DS:[EDX]
005B7AC5 |. 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
005B7AC8 |. B9 AC7C5B00 MOV ECX,unpacked.005B7CAC ; \Data\sy7d.id
005B7ACD |. E8 A2D3E4FF CALL unpacked.00404E74
005B7AD2 |. 8B45 D8 MOV EAX,DWORD PTR SS:[EBP-28]
005B7AD5 |. 5A POP EDX
005B7AD6 |. 59 POP ECX
005B7AD7 |. E8 E0E7FFFF CALL unpacked.005B62BC
005B7ADC |. 68 C47C5B00 PUSH unpacked.005B7CC4 ; True
005B7AE1 |. A1 54676000 MOV EAX,DWORD PTR DS:[606754]
005B7AE6 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7AE8 |. B9 D47C5B00 MOV ECX,unpacked.005B7CD4 ; BackID
005B7AED |. BA E47C5B00 MOV EDX,unpacked.005B7CE4 ; PSet
005B7AF2 |. 8B30 MOV ESI,DWORD PTR DS:[EAX]
005B7AF4 |. FF56 04 CALL DWORD PTR DS:[ESI+4]
005B7AF7 |. 6A 20 PUSH 20
005B7AF9 |. B9 587C5B00 MOV ECX,unpacked.005B7C58 ; 提示
005B7AFE |. BA EC7C5B00 MOV EDX,unpacked.005B7CEC ; 注册成功。谢谢您的注册。
005B7B03 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7B08 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B0A |. E8 8DA3ECFF CALL unpacked.00481E9C
005B7B0F |. A1 D4636000 MOV EAX,DWORD PTR DS:[6063D4]
005B7B14 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B16 |. 8B80 30040000 MOV EAX,DWORD PTR DS:[EAX+430]
005B7B1C |. 33D2 XOR EDX,EDX
005B7B1E |. E8 69B9EBFF CALL unpacked.0047348C
005B7B23 |. A1 D4636000 MOV EAX,DWORD PTR DS:[6063D4]
005B7B28 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B2A |. BA 107D5B00 MOV EDX,unpacked.005B7D10 ; 阿凡提巧选七星彩
005B7B2F |. E8 1C97EAFF CALL unpacked.00461250
005B7B34 |. 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
005B7B37 |. 50 PUSH EAX
005B7B38 |. B9 01000000 MOV ECX,1
005B7B3D |. BA 0C000000 MOV EDX,0C
005B7B42 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005B7B45 |. E8 3ED5E4FF CALL unpacked.00405088
005B7B4A |. 8B45 D4 MOV EAX,DWORD PTR SS:[EBP-2C]
005B7B4D |. 50 PUSH EAX
005B7B4E |. 8D45 D0 LEA EAX,DWORD PTR SS:[EBP-30]
005B7B51 |. 50 PUSH EAX
005B7B52 |. B9 01000000 MOV ECX,1
005B7B57 |. BA 08000000 MOV EDX,8
005B7B5C |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
005B7B5F |. E8 24D5E4FF CALL unpacked.00405088
005B7B64 |. 8B55 D0 MOV EDX,DWORD PTR SS:[EBP-30]
005B7B67 |. 58 POP EAX
005B7B68 |. E8 07D4E4FF CALL unpacked.00404F74
005B7B6D |. 0F85 82000000 JNZ unpacked.005B7BF5
005B7B73 |. A1 58616000 MOV EAX,DWORD PTR DS:[606158]
005B7B78 |. C600 01 MOV BYTE PTR DS:[EAX],1
005B7B7B |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
005B7B7E |. E8 CDE6FFFF CALL unpacked.005B6250
005B7B83 |. 8D45 CC LEA EAX,DWORD PTR SS:[EBP-34]
005B7B86 |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7B8B |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7B8E |. E8 E1D2E4FF CALL unpacked.00404E74
005B7B93 |. 8B45 CC MOV EAX,DWORD PTR SS:[EBP-34]
005B7B96 |. E8 6926E5FF CALL unpacked.0040A204
005B7B9B |. 84C0 TEST AL,AL
005B7B9D |. 74 18 JE SHORT unpacked.005B7BB7
005B7B9F |. 8D45 C8 LEA EAX,DWORD PTR SS:[EBP-38]
005B7BA2 |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7BA7 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7BAA |. E8 C5D2E4FF CALL unpacked.00404E74
005B7BAF |. 8B45 C8 MOV EAX,DWORD PTR SS:[EBP-38]
005B7BB2 |. E8 5D26E5FF CALL unpacked.0040A214
005B7BB7 |> 6A 00 PUSH 0
005B7BB9 |. 8D45 C4 LEA EAX,DWORD PTR SS:[EBP-3C]
005B7BBC |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7BC1 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7BC4 |. E8 ABD2E4FF CALL unpacked.00404E74
005B7BC9 |. 8B45 C4 MOV EAX,DWORD PTR SS:[EBP-3C]
005B7BCC |. E8 57D4E4FF CALL unpacked.00405028
005B7BD1 |. 50 PUSH EAX
005B7BD2 |. 8B15 70636000 MOV EDX,DWORD PTR DS:[606370] ; unpacked.00607FA8
005B7BD8 |. 8B12 MOV EDX,DWORD PTR DS:[EDX]
005B7BDA |. 8D45 C0 LEA EAX,DWORD PTR SS:[EBP-40]
005B7BDD |. B9 AC7C5B00 MOV ECX,unpacked.005B7CAC ; \Data\sy7d.id
005B7BE2 |. E8 8DD2E4FF CALL unpacked.00404E74
005B7BE7 |. 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
005B7BEA |. E8 39D4E4FF CALL unpacked.00405028
005B7BEF |. 50 PUSH EAX ; |ExistingFileName
005B7BF0 |. E8 03F9E4FF CALL <JMP.&kernel32.CopyFileA> ; \CopyFileA
005B7BF5 |> 8BC3 MOV EAX,EBX
005B7BF7 |. E8 C868ECFF CALL unpacked.0047E4C4
005B7BFC |. EB 18 JMP SHORT unpacked.005B7C16
005B7BFE |> 6A 20 PUSH 20
005B7C00 |. B9 587C5B00 MOV ECX,unpacked.005B7C58 ; 提示
005B7C05 |. BA 347D5B00 MOV EDX,unpacked.005B7D34 ; 您的注册码不正确,请重新输入。
005B7C0A |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B79B4 /. 55 PUSH EBP
005B79B5 |. 8BEC MOV EBP,ESP
005B79B7 |. B9 08000000 MOV ECX,8
005B79BC |> 6A 00 /PUSH 0
005B79BE |. 6A 00 |PUSH 0
005B79C0 |. 49 |DEC ECX
005B79C1 |.^ 75 F9 \JNZ SHORT unpacked.005B79BC
005B79C3 |. 53 PUSH EBX
005B79C4 |. 56 PUSH ESI
005B79C5 |. 8BD8 MOV EBX,EAX
005B79C7 |. 33C0 XOR EAX,EAX
005B79C9 |. 55 PUSH EBP
005B79CA |. 68 4B7C5B00 PUSH unpacked.005B7C4B
005B79CF |. 64:FF30 PUSH DWORD PTR FS:[EAX]
005B79D2 |. 64:8920 MOV DWORD PTR FS:[EAX],ESP
005B79D5 |. 8D55 F8 LEA EDX,DWORD PTR SS:[EBP-8]
005B79D8 |. 8B83 50030000 MOV EAX,DWORD PTR DS:[EBX+350]
005B79DE |. E8 D1FDF8FF CALL unpacked.005477B4
005B79E3 |. 8D55 F0 LEA EDX,DWORD PTR SS:[EBP-10]
005B79E6 |. 8B83 54030000 MOV EAX,DWORD PTR DS:[EBX+354]
005B79EC |. E8 C3FDF8FF CALL unpacked.005477B4
005B79F1 |. 837D F0 00 CMP DWORD PTR SS:[EBP-10],0
005B79F5 |. 75 1D JNZ SHORT unpacked.005B7A14
005B79F7 |. 6A 20 PUSH 20
005B79F9 |. B9 587C5B00 MOV ECX,unpacked.005B7C58
005B79FE |. BA 607C5B00 MOV EDX,unpacked.005B7C60
005B7A03 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7A08 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7A0A |. E8 8DA4ECFF CALL unpacked.00481E9C
005B7A0F |. E9 02020000 JMP unpacked.005B7C16
005B7A14 |> 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14]
005B7A17 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A1D |. E8 92FDF8FF CALL unpacked.005477B4
005B7A22 |. 837D EC 00 CMP DWORD PTR SS:[EBP-14],0
005B7A26 |. 75 1D JNZ SHORT unpacked.005B7A45
005B7A28 |. 6A 20 PUSH 20
005B7A2A |. B9 587C5B00 MOV ECX,unpacked.005B7C58
005B7A2F |. BA 747C5B00 MOV EDX,unpacked.005B7C74
005B7A34 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7A39 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7A3B |. E8 5CA4ECFF CALL unpacked.00481E9C
005B7A40 |. E9 D1010000 JMP unpacked.005B7C16
005B7A45 |> 8D55 FC LEA EDX,DWORD PTR SS:[EBP-4]
005B7A48 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A4E |. E8 61FDF8FF CALL unpacked.005477B4
005B7A53 |. 8D55 E8 LEA EDX,DWORD PTR SS:[EBP-18]
005B7A56 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A5C |. E8 53FDF8FF CALL unpacked.005477B4
005B7A61 |. 8B55 E8 MOV EDX,DWORD PTR SS:[EBP-18]
005B7A64 |. B8 907C5B00 MOV EAX,unpacked.005B7C90 ; iy-BC7
005B7A69 |. E8 FED6E4FF CALL unpacked.0040516C
005B7A6E |. 85C0 TEST EAX,EAX
005B7A70 |. 0F8E 88010000 JLE unpacked.005B7BFE
005B7A76 |. 8D55 E4 LEA EDX,DWORD PTR SS:[EBP-1C]
005B7A79 |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7A7F |. E8 30FDF8FF CALL unpacked.005477B4
005B7A84 |. 8B55 E4 MOV EDX,DWORD PTR SS:[EBP-1C]
005B7A87 |. B8 A07C5B00 MOV EAX,unpacked.005B7CA0 ; V
005B7A8C |. E8 DBD6E4FF CALL unpacked.0040516C
005B7A91 |. 85C0 TEST EAX,EAX
005B7A93 |. 0F8E 65010000 JLE unpacked.005B7BFE
005B7A99 |. 8D55 E0 LEA EDX,DWORD PTR SS:[EBP-20]
005B7A9C |. 8B83 50030000 MOV EAX,DWORD PTR DS:[EBX+350]
005B7AA2 |. E8 0DFDF8FF CALL unpacked.005477B4
005B7AA7 |. 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
005B7AAA |. 50 PUSH EAX
005B7AAB |. 8D55 DC LEA EDX,DWORD PTR SS:[EBP-24]
005B7AAE |. 8B83 58030000 MOV EAX,DWORD PTR DS:[EBX+358]
005B7AB4 |. E8 FBFCF8FF CALL unpacked.005477B4
005B7AB9 |. 8B45 DC MOV EAX,DWORD PTR SS:[EBP-24]
005B7ABC |. 50 PUSH EAX
005B7ABD |. 8B15 70636000 MOV EDX,DWORD PTR DS:[606370] ; unpacked.00607FA8
005B7AC3 |. 8B12 MOV EDX,DWORD PTR DS:[EDX]
005B7AC5 |. 8D45 D8 LEA EAX,DWORD PTR SS:[EBP-28]
005B7AC8 |. B9 AC7C5B00 MOV ECX,unpacked.005B7CAC ; \Data\sy7d.id
005B7ACD |. E8 A2D3E4FF CALL unpacked.00404E74
005B7AD2 |. 8B45 D8 MOV EAX,DWORD PTR SS:[EBP-28]
005B7AD5 |. 5A POP EDX
005B7AD6 |. 59 POP ECX
005B7AD7 |. E8 E0E7FFFF CALL unpacked.005B62BC
005B7ADC |. 68 C47C5B00 PUSH unpacked.005B7CC4 ; True
005B7AE1 |. A1 54676000 MOV EAX,DWORD PTR DS:[606754]
005B7AE6 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7AE8 |. B9 D47C5B00 MOV ECX,unpacked.005B7CD4 ; BackID
005B7AED |. BA E47C5B00 MOV EDX,unpacked.005B7CE4 ; PSet
005B7AF2 |. 8B30 MOV ESI,DWORD PTR DS:[EAX]
005B7AF4 |. FF56 04 CALL DWORD PTR DS:[ESI+4]
005B7AF7 |. 6A 20 PUSH 20
005B7AF9 |. B9 587C5B00 MOV ECX,unpacked.005B7C58 ; 提示
005B7AFE |. BA EC7C5B00 MOV EDX,unpacked.005B7CEC ; 注册成功。谢谢您的注册。
005B7B03 |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
005B7B08 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B0A |. E8 8DA3ECFF CALL unpacked.00481E9C
005B7B0F |. A1 D4636000 MOV EAX,DWORD PTR DS:[6063D4]
005B7B14 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B16 |. 8B80 30040000 MOV EAX,DWORD PTR DS:[EAX+430]
005B7B1C |. 33D2 XOR EDX,EDX
005B7B1E |. E8 69B9EBFF CALL unpacked.0047348C
005B7B23 |. A1 D4636000 MOV EAX,DWORD PTR DS:[6063D4]
005B7B28 |. 8B00 MOV EAX,DWORD PTR DS:[EAX]
005B7B2A |. BA 107D5B00 MOV EDX,unpacked.005B7D10 ; 阿凡提巧选七星彩
005B7B2F |. E8 1C97EAFF CALL unpacked.00461250
005B7B34 |. 8D45 D4 LEA EAX,DWORD PTR SS:[EBP-2C]
005B7B37 |. 50 PUSH EAX
005B7B38 |. B9 01000000 MOV ECX,1
005B7B3D |. BA 0C000000 MOV EDX,0C
005B7B42 |. 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
005B7B45 |. E8 3ED5E4FF CALL unpacked.00405088
005B7B4A |. 8B45 D4 MOV EAX,DWORD PTR SS:[EBP-2C]
005B7B4D |. 50 PUSH EAX
005B7B4E |. 8D45 D0 LEA EAX,DWORD PTR SS:[EBP-30]
005B7B51 |. 50 PUSH EAX
005B7B52 |. B9 01000000 MOV ECX,1
005B7B57 |. BA 08000000 MOV EDX,8
005B7B5C |. 8B45 F8 MOV EAX,DWORD PTR SS:[EBP-8]
005B7B5F |. E8 24D5E4FF CALL unpacked.00405088
005B7B64 |. 8B55 D0 MOV EDX,DWORD PTR SS:[EBP-30]
005B7B67 |. 58 POP EAX
005B7B68 |. E8 07D4E4FF CALL unpacked.00404F74
005B7B6D |. 0F85 82000000 JNZ unpacked.005B7BF5
005B7B73 |. A1 58616000 MOV EAX,DWORD PTR DS:[606158]
005B7B78 |. C600 01 MOV BYTE PTR DS:[EAX],1
005B7B7B |. 8D45 F4 LEA EAX,DWORD PTR SS:[EBP-C]
005B7B7E |. E8 CDE6FFFF CALL unpacked.005B6250
005B7B83 |. 8D45 CC LEA EAX,DWORD PTR SS:[EBP-34]
005B7B86 |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7B8B |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7B8E |. E8 E1D2E4FF CALL unpacked.00404E74
005B7B93 |. 8B45 CC MOV EAX,DWORD PTR SS:[EBP-34]
005B7B96 |. E8 6926E5FF CALL unpacked.0040A204
005B7B9B |. 84C0 TEST AL,AL
005B7B9D |. 74 18 JE SHORT unpacked.005B7BB7
005B7B9F |. 8D45 C8 LEA EAX,DWORD PTR SS:[EBP-38]
005B7BA2 |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7BA7 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7BAA |. E8 C5D2E4FF CALL unpacked.00404E74
005B7BAF |. 8B45 C8 MOV EAX,DWORD PTR SS:[EBP-38]
005B7BB2 |. E8 5D26E5FF CALL unpacked.0040A214
005B7BB7 |> 6A 00 PUSH 0
005B7BB9 |. 8D45 C4 LEA EAX,DWORD PTR SS:[EBP-3C]
005B7BBC |. B9 2C7D5B00 MOV ECX,unpacked.005B7D2C ; sy7d.id
005B7BC1 |. 8B55 F4 MOV EDX,DWORD PTR SS:[EBP-C]
005B7BC4 |. E8 ABD2E4FF CALL unpacked.00404E74
005B7BC9 |. 8B45 C4 MOV EAX,DWORD PTR SS:[EBP-3C]
005B7BCC |. E8 57D4E4FF CALL unpacked.00405028
005B7BD1 |. 50 PUSH EAX
005B7BD2 |. 8B15 70636000 MOV EDX,DWORD PTR DS:[606370] ; unpacked.00607FA8
005B7BD8 |. 8B12 MOV EDX,DWORD PTR DS:[EDX]
005B7BDA |. 8D45 C0 LEA EAX,DWORD PTR SS:[EBP-40]
005B7BDD |. B9 AC7C5B00 MOV ECX,unpacked.005B7CAC ; \Data\sy7d.id
005B7BE2 |. E8 8DD2E4FF CALL unpacked.00404E74
005B7BE7 |. 8B45 C0 MOV EAX,DWORD PTR SS:[EBP-40]
005B7BEA |. E8 39D4E4FF CALL unpacked.00405028
005B7BEF |. 50 PUSH EAX ; |ExistingFileName
005B7BF0 |. E8 03F9E4FF CALL <JMP.&kernel32.CopyFileA> ; \CopyFileA
005B7BF5 |> 8BC3 MOV EAX,EBX
005B7BF7 |. E8 C868ECFF CALL unpacked.0047E4C4
005B7BFC |. EB 18 JMP SHORT unpacked.005B7C16
005B7BFE |> 6A 20 PUSH 20
005B7C00 |. B9 587C5B00 MOV ECX,unpacked.005B7C58 ; 提示
005B7C05 |. BA 347D5B00 MOV EDX,unpacked.005B7D34 ; 您的注册码不正确,请重新输入。
005B7C0A |. A1 08666000 MOV EAX,DWORD PTR DS:[606608]
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
