00775B8C /$ 53 PUSH EBX00775B8D |. 56 PUSH ESI0077

1. 00775B8C /$ 53 PUSH EBX
2. 00775B8D |. 56 PUSH ESI
3. 00775B8E |. 57 PUSH EDI
4. 00775B8F |. 55 PUSH EBP
5. 00775B90 |. 51 PUSH ECX
6. 00775B91 |. BB 38060C01 MOV EBX,ezcatalo.010C0638
7. 00775B96 |. BE 48000C01 MOV ESI,ezcatalo.010C0048
8. 00775B9B |. 807B 28 00 CMP BYTE PTR DS:[EBX+0x28],0x0
9. 00775B9F |. 75 16 JNZ SHORT ezcatalo.00775BB7
10. 00775BA1 |. 833E 00 CMP DWORD PTR DS:[ESI],0x0
11. 00775BA4 |. 74 11 JE SHORT ezcatalo.00775BB7
12. 00775BA6 |> 8B06 /MOV EAX,DWORD PTR DS:[ESI]
13. 00775BA8 |. 890424 |MOV DWORD PTR SS:[ESP],EAX
14. 00775BAB |. 33C0 |XOR EAX,EAX
15. 00775BAD |. 8906 |MOV DWORD PTR DS:[ESI],EAX
16. 00775BAF |. FF1424 |CALL DWORD PTR SS:[ESP]
17. 00775BB2 |. 833E 00 |CMP DWORD PTR DS:[ESI],0x0
18. 00775BB5 |.^ 75 EF \JNZ SHORT ezcatalo.00775BA6
19. 00775BB7 |> 833D 04800801>CMP DWORD PTR DS:[0x1088004],0x0
20. 00775BBE |. 74 11 JE SHORT ezcatalo.00775BD1
21. 00775BC0 |. E8 AFFEFFFF CALL ezcatalo.00775A74
22. 00775BC5 |. E8 36FFFFFF CALL ezcatalo.00775B00
23. 00775BCA |. 33C0 XOR EAX,EAX
24. 00775BCC |. A3 04800801 MOV DWORD PTR DS:[0x1088004],EAX
25. 00775BD1 |> 807B 28 02 /CMP BYTE PTR DS:[EBX+0x28],0x2
26. 00775BD5 |. 75 0E |JNZ SHORT ezcatalo.00775BE5
27. 00775BD7 |. 833D 00800801>|CMP DWORD PTR DS:[0x1088000],0x0
28. 00775BDE |. 75 05 |JNZ SHORT ezcatalo.00775BE5
29. 00775BE0 |. 33C0 |XOR EAX,EAX
30. 00775BE2 |. 8943 0C |MOV DWORD PTR DS:[EBX+0xC],EAX
31. 00775BE5 |> E8 DEFCFFFF |CALL ezcatalo.007758C8
32. 00775BEA |. 807B 28 01 |CMP BYTE PTR DS:[EBX+0x28],0x1
33. 00775BEE |. 76 09 |JBE SHORT ezcatalo.00775BF9
34. 00775BF0 |. 833D 00800801>|CMP DWORD PTR DS:[0x1088000],0x0
35. 00775BF7 |. 74 23 |JE SHORT ezcatalo.00775C1C
36. 00775BF9 |> 8B7B 10 |MOV EDI,DWORD PTR DS:[EBX+0x10]
37. 00775BFC |. 85FF |TEST EDI,EDI
38. 00775BFE |. 74 1C |JE SHORT ezcatalo.00775C1C
39. 00775C00 |. 8BC7 |MOV EAX,EDI
40. 00775C02 |. E8 01230000 |CALL ezcatalo.00777F08
41. 00775C07 |. 8B6B 10 |MOV EBP,DWORD PTR DS:[EBX+0x10]
42. 00775C0A |. 8B75 10 |MOV ESI,DWORD PTR SS:[EBP+0x10]
43. 00775C0D |. 3B75 04 |CMP ESI,DWORD PTR SS:[EBP+0x4]
44. 00775C10 |. 74 0A |JE SHORT ezcatalo.00775C1C
45. 00775C12 |. 85F6 |TEST ESI,ESI
46. 00775C14 |. 74 06 |JE SHORT ezcatalo.00775C1C
47. 00775C16 |. 56 |PUSH ESI ; /hLibModule
48. 00775C17 |. E8 00B8FFFF |CALL <JMP.&kernel32.FreeLibrary> ; \FreeLibrary
49. 00775C1C |> E8 7FFCFFFF |CALL ezcatalo.007758A0
50. 00775C21 |. 807B 28 01 |CMP BYTE PTR DS:[EBX+0x28],0x1
51. 00775C25 |. 75 03 |JNZ SHORT ezcatalo.00775C2A
52. 00775C27 |. FF53 24 |CALL DWORD PTR DS:[EBX+0x24]
53. 00775C2A |> 807B 28 00 |CMP BYTE PTR DS:[EBX+0x28],0x0
54. 00775C2E |. 74 05 |JE SHORT ezcatalo.00775C35
55. 00775C30 |. E8 9BFEFFFF |CALL ezcatalo.00775AD0
56. 00775C35 |> 833B 00 |CMP DWORD PTR DS:[EBX],0x0
57. 00775C38 |. 75 1A |JNZ SHORT ezcatalo.00775C54
58. 00775C3A |. 833D 28000C01>|CMP DWORD PTR DS:[0x10C0028],0x0
59. 00775C41 |. 74 06 |JE SHORT ezcatalo.00775C49
60. 00775C43 |. FF15 28000C01 |CALL DWORD PTR DS:[0x10C0028]
61. 00775C49 |> A1 00800801 |MOV EAX,DWORD PTR DS:[0x1088000]
62. 00775C4E |. 50 |PUSH EAX ; /ExitCode => 0x0
63. 00775C4F |. E8 A0B7FFFF |CALL <JMP.&kernel32.ExitProcess> ; \ExitProcess
64. 00775C54 |> 8B03 |MOV EAX,DWORD PTR DS:[EBX]
65. 00775C56 |. 8BF0 |MOV ESI,EAX
66. 00775C58 |. 8BFB |MOV EDI,EBX
67. 00775C5A |. B9 0B000000 |MOV ECX,0xB
68. 00775C5F |. F3:A5 |REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI]
69. 00775C61 \.^ E9 6BFFFFFF \JMP ezcatalo.00775BD1
70. 00775C66 . 5A POP EDX
71. 00775C67 . 5D POP EBP
72. 00775C68 . 5F POP EDI
73. 00775C69 . 5E POP ESI
74. 00775C6A . 5B POP EBX
75. 00775C6B . C3 RETN