API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 6th, 2016
625
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 5.82 KB | None | 0 0
raw download clone embed print report
  1. A few functions from the "new" Razor911.dll
  2. -------------------------------------------
  3. BOOL sub_10001490()
  4. {
  5.   HWND v0; // eax@1
  6.   LPVOID v1; // ST4C_4@1
  7.   __m128i v2; // xmm0@2
  8.   void *v3; // esi@8
  9.   HWND hWnd; // [sp+18h] [bp-68h]@1
  10.   struct tagRECT Rect; // [sp+20h] [bp-60h]@1
  11.   struct tagMSG Msg; // [sp+30h] [bp-50h]@2
  12.   WNDCLASSEXW v8; // [sp+50h] [bp-30h]@1
  13.  
  14.   v8.cbSize = 48;
  15.   v8.style = 64;
  16.   v8.lpfnWndProc = (WNDPROC)sub_10001440;
  17.   v8.cbClsExtra = 0;
  18.   v8.cbWndExtra = 0;
  19.   v8.hInstance = GetModuleHandleW(0);
  20.   v8.lpszClassName = L"Razor1911";
  21.   *(_OWORD *)&v8.hIcon = 0i64;
  22.   v8.hIconSm = 0;
  23.   RegisterClassExW(&v8);
  24.   v0 = GetDesktopWindow();
  25.   GetClientRect(v0, &Rect);
  26.   hWnd = CreateWindowExW(
  27.            0,
  28.            L"Razor1911",
  29.            L"Razor 1911",
  30.            0x80000000,
  31.            (Rect.right - Rect.left - 800) >> 1,
  32.            (Rect.bottom - Rect.top - 300) >> 1,
  33.            800,
  34.            300,
  35.            0,
  36.            0,
  37.            v8.hInstance,
  38.            0);
  39.   v1 = sub_10004C58(0x58u);
  40.   *(_BYTE *)v1 = 1;
  41.   *((_DWORD *)v1 + 6) = 0;
  42.   *((_DWORD *)v1 + 7) = 0;
  43.   *((_DWORD *)v1 + 8) = 0;
  44.   *((_DWORD *)v1 + 11) = 0;
  45.   *((_DWORD *)v1 + 12) = 0;
  46.   *((_DWORD *)v1 + 14) = 0;
  47.   *((_DWORD *)v1 + 15) = 0;
  48.   *((_DWORD *)v1 + 16) = 0;
  49.   *((_DWORD *)v1 + 21) = 0;
  50.   QueryPerformanceFrequency((LARGE_INTEGER *)v1 + 1);
  51.   lpMem = v1;
  52.   if ( !sub_100017D0(hWnd) )
  53.   {
  54.     Msg.pt.y = 0;
  55.     *(_OWORD *)&Msg.hwnd = 0i64;
  56.     _mm_storel_epi64((__m128i *)&Msg.time, 0i64);
  57.     v2 = _mm_srli_si128(0i64, 4);
  58.     if ( _mm_cvtsi128_si32(v2) != 18 )
  59.     {
  60.       do
  61.       {
  62.         if ( PeekMessageW(&Msg, 0, 0, 0, 1u) )
  63.         {
  64.           TranslateMessage(&Msg);
  65.           DispatchMessageW(&Msg);
  66.         }
  67.         else if ( sub_10001B20(*(double *)&v2.m128i_i64[0]) )
  68.         {
  69.           DestroyWindow(hWnd);
  70.         }
  71.       }
  72.       while ( Msg.message != 18 );
  73.     }
  74.   }
  75.   v3 = lpMem;
  76.   if ( lpMem )
  77.   {
  78.     sub_10001730((int)lpMem);
  79.     sub_10004C53(v3);
  80.   }
  81.   return UnregisterClassW(L"Razor1911", v8.hInstance);
  82. }
  83. -------------------------------------------
  84. int __thiscall sub_10001730(int this)
  85. {
  86.   int v1; // esi@1
  87.   void *v2; // ecx@1
  88.   int result; // eax@3
  89.   int v4; // ecx@5
  90.   int v5; // ecx@7
  91.   int v6; // ecx@9
  92.   int v7; // ecx@11
  93.   int v8; // ecx@13
  94.   int v9; // ecx@15
  95.  
  96.   v1 = this;
  97.   v2 = *(void **)(this + 84);
  98.   if ( v2 )
  99.     sub_10002450(v2);
  100.   result = *(_DWORD *)(v1 + 48);
  101.   if ( result )
  102.     result = DeleteObject(*(HGDIOBJ *)(v1 + 48));
  103.   v4 = *(_DWORD *)(v1 + 64);
  104.   if ( v4 )
  105.   {
  106.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v4 + 8))(*(_DWORD *)(v1 + 64));
  107.     *(_DWORD *)(v1 + 64) = 0;
  108.   }
  109.   v5 = *(_DWORD *)(v1 + 60);
  110.   if ( v5 )
  111.   {
  112.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v5 + 8))(*(_DWORD *)(v1 + 60));
  113.     *(_DWORD *)(v1 + 60) = 0;
  114.   }
  115.   v6 = *(_DWORD *)(v1 + 56);
  116.   if ( v6 )
  117.   {
  118.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v6 + 8))(*(_DWORD *)(v1 + 56));
  119.     *(_DWORD *)(v1 + 56) = 0;
  120.   }
  121.   v7 = *(_DWORD *)(v1 + 44);
  122.   if ( v7 )
  123.   {
  124.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v7 + 8))(*(_DWORD *)(v1 + 44));
  125.     *(_DWORD *)(v1 + 44) = 0;
  126.   }
  127.   v8 = *(_DWORD *)(v1 + 32);
  128.   if ( v8 )
  129.   {
  130.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v8 + 8))(*(_DWORD *)(v1 + 32));
  131.     *(_DWORD *)(v1 + 32) = 0;
  132.   }
  133.   v9 = *(_DWORD *)(v1 + 28);
  134.   if ( v9 )
  135.   {
  136.     result = (*(int (__stdcall **)(_DWORD))(*(_DWORD *)v9 + 8))(*(_DWORD *)(v1 + 28));
  137.     *(_DWORD *)(v1 + 28) = 0;
  138.   }
  139.   return result;
  140. }
  141. ------------------------------------------- WOW, cosmetic changes ;P
  142. char *__stdcall sub_100011F0(int a1, int a2, int a3, LPCVOID lpBaseAddress)
  143. {
  144.   char *v4; // esi@3
  145.   char v5; // al@10
  146.   int v7; // [sp+0h] [bp-B8h]@1
  147.   SIZE_T NumberOfBytesRead; // [sp+4h] [bp-B4h]@4
  148.   __int64 v9; // [sp+8h] [bp-B0h]@1
  149.   __int64 v10; // [sp+10h] [bp-A8h]@1
  150.   __int64 v11; // [sp+18h] [bp-A0h]@1
  151.   __int64 v12; // [sp+20h] [bp-98h]@1
  152.   __int64 v13; // [sp+28h] [bp-90h]@1
  153.   __int64 v14; // [sp+30h] [bp-88h]@1
  154.   __int64 v15; // [sp+38h] [bp-80h]@1
  155.   __int64 v16; // [sp+40h] [bp-78h]@1
  156.   DWORD Buffer[4]; // [sp+48h] [bp-70h]@4
  157.   int v18; // [sp+58h] [bp-60h]@4
  158.   LPVOID v19; // [sp+5Ch] [bp-5Ch]@13
  159.   char *v20; // [sp+60h] [bp-58h]@7
  160.  
  161.   v16 = qword_10016288;
  162.   v15 = qword_10016280;
  163.   v14 = qword_10016278;
  164.   v7 = 1;
  165.   v13 = qword_10016270;
  166.   v12 = qword_10016268;
  167.   v11 = qword_10016260;
  168.   v10 = qword_10016258;
  169.   v9 = qword_10016250;
  170.   if ( a2 == 43869 )
  171.   {
  172.     if ( a3 == 2 )
  173.     {
  174.       v4 = (char *)sub_10007541(1u, 0x14u);
  175.       *((_WORD *)v4 + 8) = 101;
  176.       *((_DWORD *)v4 + 3) = 7864421;
  177.       *((_DWORD *)v4 + 2) = 3014742;
  178.       *((_DWORD *)v4 + 1) = 4784193;
  179.       *(_DWORD *)v4 = 5505095;
  180.     }
  181.     else
  182.     {
  183.       v4 = 0;
  184.       if ( a3 == 1 )
  185.       {
  186.         hProcess = (HANDLE)lpBaseAddress;
  187.         hWnd = 0;
  188.         v5 = GetProcessId((HANDLE)lpBaseAddress);
  189.         sub_10001080((int *)Buffer, (int)"v7_%04d", v5 ^ 0xD3);
  190.         CreateEventA(0, 1, 1, (LPCSTR)Buffer);
  191.         v4 = (char *)100;
  192.       }
  193.     }
  194.   }
  195.   else if ( a2 == 43860 )
  196.   {
  197.     v4 = (char *)hWnd;
  198.     hWnd = (HWND)lpBaseAddress;
  199.     CreateThread(0, 0x1000u, (LPTHREAD_START_ROUTINE)sub_100013F0, (LPVOID)lpBaseAddress, 0, Buffer);
  200.   }
  201.   else
  202.   {
  203.     v4 = (char *)1;
  204.     if ( a2 == 43858 )
  205.     {
  206.       ReadProcessMemory(hProcess, lpBaseAddress, Buffer, 0x40u, &NumberOfBytesRead);
  207.       v4 = 0;
  208.       switch ( v18 )
  209.       {
  210.         case 100:
  211.           WriteProcessMemory(hProcess, v19, &v7, 4u, &NumberOfBytesRead);
  212.           break;
  213.         case 51:
  214.           v4 = &v20[(_DWORD)v19];
  215.           break;
  216.         case 18:
  217.           WriteProcessMemory(hProcess, v20, &v9, 0x40u, &NumberOfBytesRead);
  218.           break;
  219.       }
  220.     }
  221.   }
  222.   sub_10004917();
  223.   return v4;
  224. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!