Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [Enable]
- /* KMS v1.2.330 */
- Alloc(MemoryDump,60000000)
- LoadBinary(MemoryDump,legit.CEM)
- Define(MSStart,00400000)
- Define(MSEnd,019F0000)
- /*--------------------*/
- Alloc(CRC1Hook,128)
- Label(CRC1Org)
- Label(CRC1Ret)
- CRC1Hook:
- cmp esi,MSStart
- jb CRC1Org
- cmp esi,MSEnd
- ja CRC1Org
- sub esi,MSStart
- add esi,MemoryDump
- CRC1Org:
- movzx ebx,byte ptr [esi+01]
- shl eax,08
- jmp CRC1Ret
- 0061857C: // 0F B6 06 8B ? C1
- db 90 90
- jmp CRC1Hook
- CRC1Ret:
- Alloc(CRC3Hook,128)
- Label(CRC3Org)
- Label(CRC3Ret)
- CRC3Hook:
- cmp esi,MSStart
- jb CRC3Org
- cmp esi,MSEnd
- ja CRC3Org
- sub esi,MSStart
- add esi,MemoryDump
- CRC3Org:
- shr ecx,02
- and edx,03
- jmp CRC3Ret
- 015735F8-9: // C1 E9 ? 83 E2 ? 83 F9 ? 72 ? F3 - 1res
- jmp CRC3Hook
- nop
- CRC3Ret:
- Alloc(CRC5Hook,128)
- Label(CRC5Org)
- Label(CRC5Ret)
- CRC5Hook:
- cmp ebx,MSStart
- jb CRC5Org
- cmp ebx,MSEnd
- ja CRC5Org
- push ebx
- sub ebx,MSStart
- movzx ebp,byte ptr [ebx+MemoryDump]
- mov esi,edx
- pop ebx
- jmp CRC5Ret
- CRC5Org:
- movzx ebp,byte ptr [ebx]
- mov esi,edx
- jmp CRC5Ret
- 0153BB07: // 0F B6 2B 8B
- jmp CRC5Hook
- CRC5Ret:
- /*
- I tested this disabled
- it's nothing?
- Alloc(CRC2Hook,128)
- Label(CRC2Org)
- Label(CRC2Ret)
- CRC2Hook:
- cmp eax,MSStart
- jb CRC2Org
- cmp eax,MSEnd
- ja CRC2Org
- sub eax,MSStart
- add eax,MemoryDump
- CRC2Org:
- mov al,[eax]
- sub ebx,ebx
- and ecx,00000040
- jmp CRC2Ret
- 01C93114:
- jmp CRC2Hook
- db 90 90 90 90 90
- CRC2Ret:
- */
- [disable]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
