API tools faq
paste
Guest User

Untitled

a guest
Feb 16th, 2019
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.53 KB | None | 0 0
raw download clone embed print report
  1. main 011BD409 PUSH OFFSET 013D1DC8 ESP=02987400
  2. main 011BD40E CALL 00EBA116 ECX=6D8E2A60, EDX=6D8E0000, EBX=00000000, ESP=02986938, EBP=02986954, ESI=02986948, EDI=6D8E2A60
  3. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D8C31F0, EDX=6D8C0000, EDI=6D8C31F0
  4. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D8A5910, EDX=6D8A0000, EDI=6D8A5910
  5. main <ModuleEntryPoint> MOV EDI,EDI ECX=77671F90, EDX=77670000, ESP=029864C0, EBP=029864DC, ESI=029864D0, EDI=77671F90
  6. main <ModuleEntryPoint> MOV EDI,EDI ECX=721D1540, EDX=721C0000, ESP=029864E8, EBP=02986504, ESI=029864F8, EDI=721D1540
  7. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D891930, EDX=6D890000, ESP=02986938, EBP=02986954, ESI=02986948, EDI=6D891930
  8. main <ModuleEntryPoint> MOV EDI,EDI ECX=710E6AD0, EDX=710D0000, ESP=02986CA0, EBP=02986CBC, ESI=02986CB0, EDI=710E6AD0
  9. main <ModuleEntryPoint> MOV EDI,EDI ECX=71121960, EDX=71120000, ESP=02986CD8, EBP=02986CF4, ESI=02986CE8, EDI=71121960
  10. main <ModuleEntryPoint> MOV EDI,EDI ECX=7094CCD0, EDX=70790000, ESP=02985CA8, EBP=02985CC4, ESI=02985CB8, EDI=7094CCD0
  11. main <ModuleEntryPoint> MOV EDI,EDI ECX=700D3CB0, EDX=700D0000, ESP=02986038, EBP=02986054, ESI=02986048, EDI=700D3CB0
  12. main <ModuleEntryPoint> MOV EDI,EDI ECX=70198C80, EDX=70150000, ESP=02986080, EBP=0298609C, ESI=02986090, EDI=70198C80
  13. main <ModuleEntryPoint> MOV EDI,EDI
  14. 2. (0 <ModuleEntryPoint> MOV EDI,EDI
  15. resou 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  16. main <ModuleEntryPoint> MOV EDI,EDI ECX=6272F290, EDX=62700000, ESP=02986A78, EBP=02986A94, ESI=02986A88, EDI=6272F290
  17. main <ModuleEntryPoint> MOV EDI,EDI ECX=71459B40, EDX=71450000, ESP=029861F8, EBP=02986214, ESI=02986208, EDI=71459B40
  18. main <ModuleEntryPoint> MOV EDI,EDI ECX=733FC810, EDX=73390000, EDI=733FC810
  19. main <ModuleEntryPoint> MOV EDI,EDI ECX=622E2EE0, EDX=622C0000, ESP=02986220, EBP=0298623C, ESI=02986230, EDI=622E2EE0
  20. main <ModuleEntryPoint> MOV EDI,EDI ECX=62271F00, EDX=62270000, ESP=02986150, EBP=0298616C, ESI=02986160, EDI=62271F00
  21. main 62271F00 MOV EDI,EDI ECX=62261A70, EDX=62260000, EDI=62261A70
  22. main 62261A70 MOV EDI,EDI ECX=6228D2C0, EDX=62280000, ESP=02986178, EBP=02986194, ESI=02986188, EDI=6228D2C0
  23. main 6228D2C0 MOV EDI,EDI ECX=621A0270, EDX=62160000, ESP=02986458, EBP=02986474, ESI=02986468, EDI=621A0270
  24. main 621A0270 MOV EDI,EDI ECX=62134440, EDX=62130000, ESP=02986148, EBP=02986164, ESI=02986158, EDI=62134440
  25. main <ModuleEntryPoint> MOV EDI,EDI ECX=62154320, EDX=62150000, ESP=02986170, EBP=0298618C, ESI=02986180, EDI=62154320
  26. main <ModuleEntryPoint> MOV EDI,EDI ECX=62121970, EDX=62120000, ESP=02986160, EBP=0298617C, ESI=02986170, EDI=62121970
  27. main <ModuleEntryPoint> MOV EDI,EDI ECX=76210620, EDX=761F0000, ESP=02985970, EBP=0298598C, ESI=02985980, EDI=76210620
  28. main <ModuleEntryPoint> MOV EDI,EDI ECX=705B20A0, EDX=705B0000, ESP=029857A8, EBP=029857C4, ESI=029857B8, EDI=705B20A0
  29. main <ModuleEntryPoint> MOV EDI,EDI ECX=706F3B10, EDX=706F0000, ESP=029857D8, EBP=029857F4, ESI=029857E8, EDI=706F3B10
  30. main <ModuleEntryPoint> MOV EDI,EDI
  31. 22. ( <ModuleEntryPoint> MOV EDI,EDI ECX=62099080, EDX=62040000, ESP=1C43EF18, EBP=1C43EF34, ESI=1C43EF28, EDI=62099080
  32. 22. ( <ModuleEntryPoint> MOV EDI,EDI
  33. conne 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  34. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  35. netwo 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  36. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  37. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  38. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  39. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  40. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  41. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  42. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  43. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  44. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  45. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  46. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  47. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  48. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  49. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  50. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  51. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  52. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  53. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  54. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  55. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  56. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  57. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  58. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  59. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  60. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  61. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  62. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  63. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  64. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  65. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  66. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  67. main 19C457F0 MOV EDI,EDI ECX=5AD5D0B0, EDX=5AD50000, EDI=5AD5D0B0
  68. main 5AD5D0B0 MOV EDI,EDI ECX=5E389E70, EDX=5E380000, ESP=02986530, EBP=0298654C, ESI=02986540, EDI=5E389E70
  69. main 5E389E70 MOV EDI,EDI EAX=01FF8000, ECX=779B7BA0, EDX=02986E41, EBX=0000ECD8, ESP=02986FA0, EBP=029870E0, ESI=1960D888, EDI=00030000
  70. main 778E4207 INT3
  71. main 778E4208 MOV BYTE PTR DS:[779B6378],0
  72. netwo 7790A8FC RETN 0C
  73. Worke 7791E9C0 REPE SCAS DWORD PTR ES:[EDI] EAX=00000000, ECX=00000021, EDX=2CCAF791, EBX=00000080, ESP=2CCAF790, EBP=2CCAF8C4, ESI=00000000, EDI=2CCAF790
  74. Worke 779293DB MOV DWORD PTR SS:[EBP-4],-2
  75. Worke 779293E2 MOV EAX,DWORD PTR SS:[EBP-78] EAX=01E8C000
  76. Worke 779293E5 MOV ECX,0FFFD ECX=0000FFFD
  77. Worke 779293EA AND WORD PTR DS:[EAX+0FCA],CX
  78. Worke 779293F1 JMP 778CC171
  79. Worke 778CC171 XOR EAX,EAX EAX=00000000
  80. Worke 778CC173 LEA ESP,[EBP-0B0] ESP=2CCAF814
  81. Worke 778CC179 CALL 7791E5A0 ESP=2CCAF810
  82. Worke 7791E5A0 MOV ECX,DWORD PTR SS:[EBP-1C] ECX=6B5CF76B
  83. Worke 7791E5A3 XOR ECX,EBP ECX=47960FAF
  84. Worke 7791E5A5 CALL 7790CA10 ESP=2CCAF80C
  85. Worke 7790CA10 CMP ECX,DWORD PTR DS:[779BD360]
  86. Worke 7790CA16 JNE SHORT 7790CA1B
  87. Worke 7790CA18 RETN 0 ESP=2CCAF810
  88. Worke 7791E5AA JMP 7791E541
  89. Worke 7791E541 MOV ECX,DWORD PTR SS:[EBP-10] ECX=2CCAF97C
  90. Worke 7791E544 MOV DWORD PTR FS:[0],ECX
  91. Worke 7791E54B POP ECX ECX=778CC17E, ESP=2CCAF814
  92. Worke 7791E54C POP EDI ESP=2CCAF818, EDI=6B5CF76B
  93. Worke 7791E54D POP EDI ESP=2CCAF81C, EDI=00040000
  94. Worke 7791E54E POP ESI ESP=2CCAF820, ESI=00000002
  95. Worke 7791E54F POP EBX EBX=779B58D0, ESP=2CCAF824
  96. Worke 7791E550 MOV ESP,EBP ESP=2CCAF8C4
  97. Worke 7791E552 POP EBP ESP=2CCAF8C8, EBP=2CCAF8E0
  98. Worke 7791E553 PUSH ECX ESP=2CCAF8C4
  99. Worke 7791E554 RETN ESP=2CCAF8C8
  100. Worke 778CC17E RETN 10 ESP=2CCAF8DC
  101. Worke 77954E9F POP ECX ECX=C0000374, ESP=2CCAF8E0
  102. Worke 77954EA0 POP EBP ESP=2CCAF8E4, EBP=2CCAF98C
  103. Worke 77954EA1 RETN ESP=2CCAF8E8
  104. Worke 779784DF ADD ESP,10 ESP=2CCAF8F8
  105. Worke 779784E2 CMP DWORD PTR SS:[EBP+8],0
  106. Worke 779784E6 JE SHORT 779784FD
  107. Worke 779784E8 AND DWORD PTR SS:[EBP-4],00000000
  108. Worke 779784EC INT3 EAX=2CCAF91C, ECX=00000001, EDX=00000000, EBX=00000000, ESI=779784F3, EDI=00000000
  109. Worke 77978529 JMP SHORT 77978561 EAX=00000000, ESP=2CCAF440
  110. Worke 7790CD67 JE SHORT 7790CD77
  111. Worke 7790CD77 CLD
  112. Worke 7790CD78 MOV ECX,DWORD PTR SS:[ARG.1] ECX=2CCAF498
  113. Worke 7790CD7C MOV EBX,DWORD PTR SS:[ARG.RETADDR] EBX=2CCAF448
  114. Worke 7790CD7F PUSH ECX ESP=2CCAF43C
  115. Worke 7790CD80 PUSH EBX ESP=2CCAF438
  116. Worke 7790CD81 CALL 77903B08 ESP=2CCAF434
  117. Worke 77903B08 MOV EDI,EDI
  118. Worke 77903B0A PUSH EBP ESP=2CCAF430
  119. Worke 77903B0B MOV EBP,ESP EBP=2CCAF430
  120. Worke 77903B0D AND ESP,FFFFFFF8
  121. Worke 77903B10 SUB ESP,7C ESP=2CCAF3B4
  122. Worke 77903B13 MOV EAX,DWORD PTR DS:[779BD360] EAX=47960FAF
  123. Worke 77903B18 XOR EAX,ESP EAX=6B5CFC1B
  124. Worke 77903B1A MOV DWORD PTR SS:[LOCAL.1],EAX
  125. Worke 77903B1E PUSH EBX ESP=2CCAF3B0
  126. Worke 77903B1F PUSH ESI ESP=2CCAF3AC
  127. Worke 77903B20 MOV ESI,DWORD PTR SS:[ARG.1] ESI=2CCAF448
  128. Worke 77903B23 XOR EBX,EBX EBX=00000000
  129. Worke 77903B25 PUSH EDI ESP=2CCAF3A8
  130. Worke 77903B26 MOV EDI,DWORD PTR SS:[ARG.2] EDI=2CCAF498
  131. Worke 77903B29 CMP DWORD PTR DS:[ESI],C0000006
  132. Worke 77903B2F JE SHORT 77903B41
  133. Worke 77903B31 MOV ECX,DWORD PTR DS:[ESI+0C] ECX=77978529
  134. Worke 77903B34 CALL 77903E6A ESP=2CCAF3A4
  135. Worke 77903E6A CMP ECX,7791F01B
  136. Worke 77903E70 SETE AL EAX=2CCAF91C, ECX=00000001, ESP=2CCAF8F8, EBP=2CCAF98C, ESI=779784F3, EDI=00000000
  137. -------- Logging stopped
  138.  
  139. main 011BD409 PUSH OFFSET 013D1DC8 ESP=02617588
  140. main 011BD40E CALL 00EBA116 ECX=6D8E2A60, EDX=6D8E0000, EBX=00000000, ESP=02616AC0, EBP=02616ADC, ESI=02616AD0, EDI=6D8E2A60
  141. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D8C31F0, EDX=6D8C0000, EDI=6D8C31F0
  142. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D8A5910, EDX=6D8A0000, EDI=6D8A5910
  143. main <ModuleEntryPoint> MOV EDI,EDI ECX=77671F90, EDX=77670000, ESP=02616648, EBP=02616664, ESI=02616658, EDI=77671F90
  144. main <ModuleEntryPoint> MOV EDI,EDI ECX=721D1540, EDX=721C0000, ESP=02616670, EBP=0261668C, ESI=02616680, EDI=721D1540
  145. main <ModuleEntryPoint> MOV EDI,EDI ECX=6D891930, EDX=6D890000, ESP=02616AC0, EBP=02616ADC, ESI=02616AD0, EDI=6D891930
  146. main <ModuleEntryPoint> MOV EDI,EDI ECX=710E6AD0, EDX=710D0000, ESP=02616E28, EBP=02616E44, ESI=02616E38, EDI=710E6AD0
  147. main <ModuleEntryPoint> MOV EDI,EDI ECX=71121960, EDX=71120000, ESP=02616E60, EBP=02616E7C, ESI=02616E70, EDI=71121960
  148. main <ModuleEntryPoint> MOV EDI,EDI ECX=7094CCD0, EDX=70790000, ESP=02615E30, EBP=02615E4C, ESI=02615E40, EDI=7094CCD0
  149. main <ModuleEntryPoint> MOV EDI,EDI ECX=700D3CB0, EDX=700D0000, ESP=026161C0, EBP=026161DC, ESI=026161D0, EDI=700D3CB0
  150. main <ModuleEntryPoint> MOV EDI,EDI ECX=70198C80, EDX=70150000, ESP=02616208, EBP=02616224, ESI=02616218, EDI=70198C80
  151. main <ModuleEntryPoint> MOV EDI,EDI
  152. 2. (0 <ModuleEntryPoint> MOV EDI,EDI
  153. resou 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  154. main <ModuleEntryPoint> MOV EDI,EDI ECX=6272F290, EDX=62700000, ESP=02616C00, EBP=02616C1C, ESI=02616C10, EDI=6272F290
  155. main <ModuleEntryPoint> MOV EDI,EDI ECX=71459B40, EDX=71450000, ESP=02616380, EBP=0261639C, ESI=02616390, EDI=71459B40
  156. main <ModuleEntryPoint> MOV EDI,EDI ECX=733FC810, EDX=73390000, EDI=733FC810
  157. main <ModuleEntryPoint> MOV EDI,EDI ECX=622E2EE0, EDX=622C0000, ESP=026163A8, EBP=026163C4, ESI=026163B8, EDI=622E2EE0
  158. main <ModuleEntryPoint> MOV EDI,EDI ECX=62271F00, EDX=62270000, ESP=026162D8, EBP=026162F4, ESI=026162E8, EDI=62271F00
  159. main 62271F00 MOV EDI,EDI ECX=62261A70, EDX=62260000, EDI=62261A70
  160. main 62261A70 MOV EDI,EDI ECX=6228D2C0, EDX=62280000, ESP=02616300, EBP=0261631C, ESI=02616310, EDI=6228D2C0
  161. main 6228D2C0 MOV EDI,EDI ECX=621A0270, EDX=62160000, ESP=026165E0, EBP=026165FC, ESI=026165F0, EDI=621A0270
  162. main 621A0270 MOV EDI,EDI ECX=62134440, EDX=62130000, ESP=026162D0, EBP=026162EC, ESI=026162E0, EDI=62134440
  163. main <ModuleEntryPoint> MOV EDI,EDI ECX=62154320, EDX=62150000, ESP=026162F8, EBP=02616314, ESI=02616308, EDI=62154320
  164. main <ModuleEntryPoint> MOV EDI,EDI ECX=62121970, EDX=62120000, ESP=026162E8, EBP=02616304, ESI=026162F8, EDI=62121970
  165. main <ModuleEntryPoint> MOV EDI,EDI ECX=76210620, EDX=761F0000, ESP=02615AF8, EBP=02615B14, ESI=02615B08, EDI=76210620
  166. main <ModuleEntryPoint> MOV EDI,EDI ECX=705B20A0, EDX=705B0000, ESP=02615930, EBP=0261594C, ESI=02615940, EDI=705B20A0
  167. main <ModuleEntryPoint> MOV EDI,EDI ECX=706F3B10, EDX=706F0000, ESP=02615960, EBP=0261597C, ESI=02615970, EDI=706F3B10
  168. main <ModuleEntryPoint> MOV EDI,EDI
  169. 22. ( <ModuleEntryPoint> MOV EDI,EDI ECX=62099080, EDX=62040000, ESP=1C3DEF48, EBP=1C3DEF64, ESI=1C3DEF58, EDI=62099080
  170. 22. ( <ModuleEntryPoint> MOV EDI,EDI
  171. conne 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  172. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  173. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  174. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  175. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  176. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  177. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  178. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  179. netwo 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  180. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  181. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  182. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  183. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  184. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  185. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  186. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  187. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  188. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  189. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  190. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  191. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  192. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  193. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  194. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  195. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  196. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  197. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  198. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  199. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  200. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  201. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  202. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  203. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  204. Worke 770F18A2 MOV ECX,DWORD PTR SS:[LOCAL.1]
  205. -------- End of session
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!