API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 14th, 2017
192
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.77 KB | None | 0 0
raw download clone embed print report
  1. VirtualAlloc:
  2. 00007FFEF0CADFE0 40 53 push rbx
  3. 00007FFEF0CADFE2 48 83 EC 30 sub rsp,30h
  4. 00007FFEF0CADFE6 33 DB xor ebx,ebx
  5. 00007FFEF0CADFE8 48 89 54 24 48 mov qword ptr [rsp+48h],rdx
  6. 00007FFEF0CADFED 48 89 4C 24 40 mov qword ptr [rsp+40h],rcx
  7. 00007FFEF0CADFF2 48 85 C9 test rcx,rcx
  8. 00007FFEF0CADFF5 74 0F je VirtualAlloc+26h (07FFEF0CAE006h)
  9. 00007FFEF0CADFF7 8B 05 9B 41 1D 00 mov eax,dword ptr [SysInfo+18h (07FFEF0E82198h)]
  10. 00007FFEF0CADFFD 48 3B C8 cmp rcx,rax
  11. 00007FFEF0CAE000 0F 82 7A 57 04 00 jb _guard_dispatch_icall_nop+1DE80h (07FFEF0CF3780h)
  12. 00007FFEF0CAE006 41 83 E0 C0 and r8d,0FFFFFFC0h
  13. 00007FFEF0CAE00A 44 89 4C 24 28 mov dword ptr [rsp+28h],r9d
  14. 00007FFEF0CAE00F 44 89 44 24 20 mov dword ptr [rsp+20h],r8d
  15. 00007FFEF0CAE014 4C 8D 4C 24 48 lea r9,[rsp+48h]
  16. 00007FFEF0CAE019 45 33 C0 xor r8d,r8d
  17. 00007FFEF0CAE01C 48 8D 54 24 40 lea rdx,[rsp+40h]
  18. 00007FFEF0CAE021 48 83 C9 FF or rcx,0FFFFFFFFFFFFFFFFh
  19. 00007FFEF0CAE025 FF 15 2D B2 11 00 call qword ptr [__imp_NtAllocateVirtualMemory (07FFEF0DC9258h)]
  20. 00007FFEF0CAE02B 85 C0 test eax,eax
  21. 00007FFEF0CAE02D 78 0E js VirtualAlloc+5Dh (07FFEF0CAE03Dh)
  22. 00007FFEF0CAE02F 48 8B 5C 24 40 mov rbx,qword ptr [rsp+40h]
  23. 00007FFEF0CAE034 48 8B C3 mov rax,rbx
  24. 00007FFEF0CAE037 48 83 C4 30 add rsp,30h
  25. 00007FFEF0CAE03B 5B pop rbx
  26. 00007FFEF0CAE03C C3 ret
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!