API tools faq
paste
Advertisement
Riremito

HSCRC5 v5.7.16.581

Riremito
Mar 6th, 2015
743
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.18 KB | None | 0 0
raw download clone embed print report
  1. 0EAB04B3 - 55 - push ebp
  2. 0EAB04B4 - 8B EC - mov ebp,esp
  3. 0EAB04B6 - 6A FF - push -01
  4. 0EAB04B8 - 68 D00B5711 - push EHSvc.dll+130BD0
  5. 0EAB04BD - 68 38185211 - push EHSvc.dll+E1838
  6. 0EAB04C2 - 64 A1 00000000 - mov eax,fs:[00000000]
  7. 0EAB04C8 - 50 - push eax
  8. 0EAB04C9 - 64 89 25 00000000 - mov fs:[00000000],esp
  9. 0EAB04D0 - 83 EC 20 - sub esp,20
  10. 0EAB04D3 - 53 - push ebx
  11. 0EAB04D4 - 56 - push esi
  12. 0EAB04D5 - 57 - push edi
  13. 0EAB04D6 - 89 65 E8 - mov [ebp-18],esp
  14. 0EAB04D9 - 33 FF - xor edi,edi
  15. 0EAB04DB - 33 F6 - xor esi,esi
  16. 0EAB04DD - 89 75 E0 - mov [ebp-20],esi
  17. 0EAB04E0 - 33 DB - xor ebx,ebx
  18. 0EAB04E2 - 89 5D D8 - mov [ebp-28],ebx
  19. 0EAB04E5 - B8 FFFFFF0F - mov eax,0FFFFFFF
  20. 0EAB04EA - 89 45 E4 - mov [ebp-1C],eax
  21. 0EAB04ED - 89 7D FC - mov [ebp-04],edi
  22. 0EAB04F0 - 8B 4D 08 - mov ecx,[ebp+08]
  23. 0EAB04F3 - 3B CF - cmp ecx,edi
  24. 0EAB04F5 - 74 12 - je 0EAB0509
  25. 0EAB04F7 - 8B 55 0C - mov edx,[ebp+0C]
  26. 0EAB04FA - 85 D2 - test edx,edx
  27. 0EAB04FC - 74 0B - je 0EAB0509
  28. 0EAB04FE - 8B F1 - mov esi,ecx
  29. 0EAB0500 - 89 75 E0 - mov [ebp-20],esi
  30. 0EAB0503 - 8D 1C 11 - lea ebx,[ecx+edx]
  31. 0EAB0506 - 89 5D D8 - mov [ebp-28],ebx
  32. 0EAB0509 - 8B 0C FD 48405A11 - mov ecx,[edi*8+EHSvc.dll+164048]
  33. 0EAB0510 - 85 C9 - test ecx,ecx
  34. 0EAB0512 - 0F84 80000000 - je 0EAB0598
  35. 0EAB0518 - 85 F6 - test esi,esi
  36. 0EAB051A - 74 26 - je 0EAB0542
  37. 0EAB051C - 85 DB - test ebx,ebx
  38. 0EAB051E - 74 22 - je 0EAB0542
  39. 0EAB0520 - 3B CE - cmp ecx,esi
  40. 0EAB0522 - 72 04 - jb 0EAB0528
  41. 0EAB0524 - 3B CB - cmp ecx,ebx
  42. 0EAB0526 - 76 1A - jna 0EAB0542
  43. 0EAB0528 - C7 45 FC FFFFFFFF - mov [ebp-04],FFFFFFFF
  44. 0EAB052F - 33 C0 - xor eax,eax
  45. 0EAB0531 - 8B 4D F0 - mov ecx,[ebp-10]
  46. 0EAB0534 - 64 89 0D 00000000 - mov fs:[00000000],ecx
  47. 0EAB053B - 5F - pop edi
  48. 0EAB053C - 5E - pop esi
  49. 0EAB053D - 5B - pop ebx
  50. 0EAB053E - 8B E5 - mov esp,ebp
  51. 0EAB0540 - 5D - pop ebp
  52. 0EAB0541 - C3 - ret
  53. 0EAB0542 - 89 4D D4 - mov [ebp-2C],ecx
  54. 0EAB0545 - 8B 34 FD 4C405A11 - mov esi,[edi*8+EHSvc.dll+16404C]
  55. 0EAB054C - 89 75 D0 - mov [ebp-30],esi
  56. 0EAB054F - 85 F6 - test esi,esi
  57. 0EAB0551 - 75 08 - jne 0EAB055B
  58. 0EAB0553 - BE 40000000 - mov esi,00000040
  59. 0EAB0558 - 89 75 D0 - mov [ebp-30],esi
  60. 0EAB055B - 8B D6 - mov edx,esi
  61. 0EAB055D - 4E - dec esi
  62. 0EAB055E - 89 75 D0 - mov [ebp-30],esi
  63. 0EAB0561 - 85 D2 - test edx,edx
  64. 0EAB0563 - 74 24 - je 0EAB0589
  65. 0EAB0565 - C1 E8 08 - shr eax,08
  66. 0EAB0568 - 89 45 E4 - mov [ebp-1C],eax
  67. 0EAB056B - 8B D0 - mov edx,eax
  68. 0EAB056D - 81 E2 FF000000 - and edx,000000FF
  69. 0EAB0573 - 33 DB - xor ebx,ebx
  70. 0EAB0575 - 8A 19 - mov bl,[ecx]
  71. 0EAB0577 - 33 D3 - xor edx,ebx
  72. 0EAB0579 - 33 04 95 74405A11 - xor eax,[edx*4+EHSvc.dll+164074]
  73. 0EAB0580 - 89 45 E4 - mov [ebp-1C],eax
  74. 0EAB0583 - 41 - inc ecx
  75. 0EAB0584 - 89 4D D4 - mov [ebp-2C],ecx
  76. 0EAB0587 - EB D2 - jmp 0EAB055B
  77. 0EAB0589 - 47 - inc edi
  78. 0EAB058A - 89 7D DC - mov [ebp-24],edi
  79. 0EAB058D - 8B 5D D8 - mov ebx,[ebp-28]
  80. 0EAB0590 - 8B 75 E0 - mov esi,[ebp-20]
  81. 0EAB0593 - E9 71FFFFFF - jmp 0EAB0509
  82. 0EAB0598 - C7 45 FC FFFFFFFF - mov [ebp-04],FFFFFFFF
  83. 0EAB059F - 8B 4D F0 - mov ecx,[ebp-10]
  84. 0EAB05A2 - 64 89 0D 00000000 - mov fs:[00000000],ecx
  85. 0EAB05A9 - 5F - pop edi
  86. 0EAB05AA - 5E - pop esi
  87. 0EAB05AB - 5B - pop ebx
  88. 0EAB05AC - 8B E5 - mov esp,ebp
  89. 0EAB05AE - 5D - pop ebp
  90. 0EAB05AF - C3 - ret
  91. 0EAB05B0 - B8 01000000 - mov eax,00000001
  92. 0EAB05B5 - C3 - ret
  93. 0EAB05B6 - 8B 65 E8 - mov esp,[ebp-18]
  94. 0EAB05B9 - C7 45 FC FFFFFFFF - mov [ebp-04],FFFFFFFF
  95. 0EAB05C0 - 8B 45 E4 - mov eax,[ebp-1C]
  96. 0EAB05C3 - 8B 4D F0 - mov ecx,[ebp-10]
  97. 0EAB05C6 - 64 89 0D 00000000 - mov fs:[00000000],ecx
  98. 0EAB05CD - 5F - pop edi
  99. 0EAB05CE - 5E - pop esi
  100. 0EAB05CF - 5B - pop ebx
  101. 0EAB05D0 - 8B E5 - mov esp,ebp
  102. 0EAB05D2 - 5D - pop ebp
  103. 0EAB05D3 - C3 - ret
  104.  
  105. EHSvc.dll+164048: -> EHSvc.dll+15450 decrypt
  106. EHSvc.dll+9B218 0000006B
  107. EHSvc.dll+A5FBC 000000D7
  108. EHSvc.dll+9B52D 0000023F
  109. EHSvc.dll+634F0 00000050
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!