-
-
[求助]IDA反汇编后得到的这些汇编指令什么意思?
-
发表于:
2009-9-20 11:23
8599
-
[求助]IDA反汇编后得到的这些汇编指令什么意思?
第一组:
--------------------
pusha
pushf
pusha
pushf
popa
popf
call loc_407000
----------------------------
第二组
-------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset unk_403550
push 0E4F6h
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 68h
push ebx
jmp loc_405000" vertical_order: 0
push offset loc_4017A4
call sub_401000" vertical_order: 2
-------------------------------------------------------------------
第三组
---------------------------------------------------------------
push ebx
mov ebx, eax
mov eax, [ebx+4]
or eax, eax
jz short loc_40410A" vertical_order: 0
mov eax, [eax]
or eax, eax
jz short loc_40411C"
mov [ebx+4], eax
mov edx, [ebx]
inc dword ptr [edx+10h]
jmp short loc_40411C"
mov edx, [ebx]
mov eax, [edx]
mov [ebx+4], eax
or eax, eax
jz short loc_40411C"
mov dword ptr [edx+10h], 1"
pop ebx
我看不懂啊,那位高手帮我看看,谢谢阿?
这三组分别是,同一蠕虫的三个变种
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
