Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- KR -> JP
- 69A148 // GetCommandLineA
- 00821CD8 - 6A 00 - push 00
- 00821CDA - E8 D934FFFF - call 008151B8 : [->kernel32.GetModuleHandleA]
- 00821CDF - FF 35 147E8200 - push [00827E14] : [1DB10106]
- 00821CE5 - 58 - pop eax
- 00821CE6 - 8B 05 247E8200 - mov eax,[00827E24] : [00212068]
- 00821CEC - C3 - ret
- 69A164 // LockResource
- 00821CC8 - 55 - push ebp
- 00821CC9 - 8B EC - mov ebp,esp
- 00821CCB - 8B 05 247E8200 - mov eax,[00827E24] : [00212068]
- 00821CD1 - 8B 45 08 - mov eax,[ebp+08]
- 00821CD4 - 5D - pop ebp
- 00821CD5 - C2 0400 - ret 0004
- 69A1E0 // GetCurrentProcessId
- 00821CC0 - A1 207E8200 - mov eax,[00827E20] : [000004E4]
- 00821CC5 - C3 - ret
- 69A1E4 // GetCurrentProcess
- 00821CB8 - A1 187E8200 - mov eax,[00827E18] : [FFFFFFFF]
- 00821CBD - C3 - ret
- 69A1EC // GetProcAddress
- 008217A4 - 55 - push ebp
- 008217A5 - 8B EC - mov ebp,esp
- 008217A7 - 8B 55 0C - mov edx,[ebp+0C]
- 008217AA - 8B 45 08 - mov eax,[ebp+08]
- 008217AD - 8B 0D 84648200 - mov ecx,[00826484] : [00826304]
- 008217B3 - 8B 09 - mov ecx,[ecx]
- 008217B5 - 3B C8 - cmp ecx,eax
- 008217B7 - 75 09 - jne 008217C2
- 008217B9 - 8B 04 95 D8638200 - mov eax,[edx*4+008263D8]
- 008217C0 - EB 07 - jmp 008217C9
- 008217C2 - 52 - push edx
- 008217C3 - 50 - push eax
- 008217C4 - E8 F739FFFF - call 008151C0 : [->kernel32.GetProcAddress]
- 008217C9 - 5D - pop ebp
- 008217CA - C2 0800 - ret 0008
- 69A294 // GetModuleHandleA
- 00821C64 - 55 - push ebp
- 00821C65 - 8B EC - mov ebp,esp
- 00821C67 - 8B 45 08 - mov eax,[ebp+08]
- 00821C6A - 85 C0 - test eax,eax
- 00821C6C - 75 13 - jne 00821C81
- 00821C6E - 81 3D A47A8200 00004000 - cmp [00827AA4],00400000 : [00905A4D]
- 00821C78 - 75 07 - jne 00821C81
- 00821C7A - A1 A47A8200 - mov eax,[00827AA4] : [00400000]
- 00821C7F - EB 06 - jmp 00821C87
- 00821C81 - 50 - push eax
- 00821C82 - E8 3135FFFF - call 008151B8 : [->kernel32.GetModuleHandleA]
- 00821C87 - 5D - pop ebp
- 00821C88 - C2 0400 - ret 0004
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
