API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 15th, 2018
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.23 KB | None | 0 0
raw download clone embed print report
  1. char sub_4E8D00()
  2. {
  3. HMODULE v0; // eax
  4. HMODULE v1; // edi
  5. int v2; // esi
  6. _DWORD *v3; // ecx
  7. unsigned int v4; // ebx
  8. int v5; // eax
  9. int v6; // edx
  10. int v7; // esi
  11. int v9; // ST00_4
  12. int v10; // eax
  13. int v11; // ST04_4
  14. int v12; // ST08_4
  15. int v13; // ST0C_4
  16. int v14; // ST10_4
  17. DWORD NumberOfBytesWritten; // [esp+Ch] [ebp-18h]
  18. int Buffer; // [esp+10h] [ebp-14h]
  19. int v17; // [esp+14h] [ebp-10h]
  20. int v18; // [esp+18h] [ebp-Ch]
  21. int v19; // [esp+1Ch] [ebp-8h]
  22. char v20; // [esp+23h] [ebp-1h]
  23.  
  24. v20 = 0;
  25. v0 = GetModuleHandleA_2("ntdll");
  26. v1 = v0;
  27. v2 = 0;
  28. v3 = (_DWORD *)((char *)v0 + *(_DWORD *)((char *)v0 + *((_DWORD *)v0 + 15) + 120));
  29. v4 = v3[6];
  30. v5 = (int)v0 + v3[8];
  31. v17 = (int)v1 + v3[7];
  32. v6 = (int)v1 + v3[9];
  33. v19 = v5;
  34. v18 = v6;
  35. if ( v4 )
  36. {
  37. while ( !(unsigned __int8)sub_5354E0((char *)v1 + *(_DWORD *)(v5 + 4 * v2)) )
  38. {
  39. v5 = v19;
  40. if ( ++v2 >= v4 )
  41. goto LABEL_4;
  42. }
  43. v7 = (int)v1 + *(_DWORD *)(v17 + 4 * *(unsigned __int16 *)(v18 + 2 * v2));
  44. }
  45. else
  46. {
  47. LABEL_4:
  48. v7 = 0;
  49. }
  50. if ( !v7 )
  51. {
  52. sub_13633B0(&unk_1BA46A8);
  53. unk_1BA4690 |= 0x40000u;
  54. goto LABEL_19;
  55. }
  56. if ( *(_DWORD *)v7 != unk_1742264
  57. || *(_DWORD *)(v7 + 4) != *((_DWORD *)&unk_1742264 + 1)
  58. || *(_WORD *)(v7 + 8) != *((_WORD *)&unk_1742264 + 4) )
  59. {
  60. if ( (unsigned __int8)sub_535570(v7) )
  61. v7 += 23;
  62. v10 = *(_DWORD *)(v7++ + 1);
  63. if ( v10 != unk_1742264
  64. || *(_DWORD *)(v7 + 4) != *((_DWORD *)&unk_1742264 + 1)
  65. || *(_WORD *)(v7 + 8) != *((_WORD *)&unk_1742264 + 4) )
  66. {
  67. sub_13633B0(&unk_1BA46A8);
  68. unk_1BA4690 |= 0x20000u;
  69. goto LABEL_19;
  70. }
  71. }
  72. unk_1B9C7DC = v7 + 10;
  73. Buffer = (int)((char *)&loc_4B6C4F - v7 - 13);
  74. unk_1BAB008 = v7 + 10 + *(_DWORD *)(v7 + 10) + 4;
  75. v9 = (*(&loc_136337C + 1))(v7 + 10, &Buffer, 4, &NumberOfBytesWritten);
  76. if ( !(*(int (__stdcall **)(int, int, int, int, int))((char *)&loc_1363342 + 2))(v9, v11, v12, v13, v14)
  77. || NumberOfBytesWritten != 4 )
  78. {
  79. sub_13633B0(&unk_1BA46A8);
  80. unk_1BA4690 |= 0x10000u;
  81. LABEL_19:
  82. (*(void (__stdcall **)(void *))&algn_13633A7[5])(&unk_1BA46A8);
  83. return v20;
  84. }
  85. return 1;
  86. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!