Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 008CD915 Main CALL DWORD PTR [<&KERNEL32.EncodePointer>]
- RtlEncodePointer MOV EDI,EDI
- 7725D042 Main PUSH EBP
- 7725D043 Main MOV EBP,ESP ; EBP=0115F910
- 7725D045 Main PUSH ECX
- 7725D046 Main PUSH 0
- 7725D048 Main PUSH 4
- 7725D04A Main LEA EAX,DWORD PTR [EBP-4] ; EAX=0115F90C
- 7725D04D Main PUSH EAX
- 7725D04E Main PUSH 24
- 7725D050 Main PUSH -1
- 7725D052 Main CALL ntdll.ZwQueryInformationProcess
- ZwQueryInformatio>MOV EAX,19 ; EAX=00000019
- 7726E745 Main CALL ntdll.7726E74A
- 7726E74A Main POP EDX ; EDX=7726E74A
- 7726E74B Main CMP BYTE PTR [EDX+14],4B
- 7726E74F Main JNZ SHORT ntdll.7726E75F
- 7726E75F Main MOV EDX,ntdll.77282CF0 ; EDX=77282CF0
- 7726E764 Main CALL EDX
- 77282CF0 Main JMP DWORD PTR [Wow64Transition]
- 62857000 Main JMP FAR 0033:62857009 ; EAX=008CD978, ECX=00000000, EDX=00000000, EBX=00F6E000, EBP=00000000, ESI=00000000, EDI=00000000
- RtlUserThreadStar>MOV DWORD PTR [ESP+4],EAX ; EAX=00000000, EBX=00800000, EBP=0115F0C8, EDI=00F71000
- 7726E85C Main RET 28 ; EBP=0115F0B0
- 7726E85C Main RET 28 ; EBP=0115EB48
- 7726E85C Main RET 28 ; EBP=0115E308
- 7726E85C Main RET 28 ; EBX=7730F9A0, EBP=0115F8B0, EDI=00000000
- Process terminated, exit code 0
- 7726E89C Main RET 8
- Run trace closed
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
