API tools faq
paste
Advertisement
Riremito

Untitled

Riremito
Feb 22nd, 2015
526
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.97 KB | None | 0 0
raw download clone embed print report
  1. CreateWindowExW
  2.  
  3.  
  4. USER32.LoadCursorW+12D - E9 0788C2FD - jmp msimg32.CWEx
  5. USER32.CreateWindowExW - EB F9 - jmp USER32.LoadCursorW+12D
  6. USER32.CreateWindowExW+2- 55 - push ebp
  7. USER32.CreateWindowExW+3- 8B EC - mov ebp,esp
  8. USER32.CreateWindowExW+5- 68 00000040 - push 40000000
  9.  
  10. msimg32.CWEx - 55 - push ebp
  11. msimg32.CWEx+1- 8B EC - mov ebp,esp
  12. msimg32.CWEx+3- 56 - push esi
  13. msimg32.CWEx+4- 57 - push edi
  14. msimg32.CWEx+5- 8B 7D 0C - mov edi,[ebp+0C]
  15. msimg32.CWEx+8- B9 889A1E75 - mov ecx,msimg32.dll+9A88
  16. msimg32.CWEx+D- 8B C7 - mov eax,edi
  17. msimg32.CWEx+F- 90 - nop
  18. msimg32.CWEx+10- 66 8B 10 - mov dx,[eax]
  19. msimg32.CWEx+13- 66 3B 11 - cmp dx,[ecx]
  20. msimg32.CWEx+16- 75 1E - jne msimg32.CWEx+36
  21. msimg32.CWEx+18- 66 85 D2 - test dx,dx
  22. msimg32.CWEx+1B- 74 15 - je msimg32.CWEx+32
  23. msimg32.CWEx+1D- 66 8B 50 02 - mov dx,[eax+02]
  24. msimg32.CWEx+21- 66 3B 51 02 - cmp dx,[ecx+02]
  25. msimg32.CWEx+25- 75 0F - jne msimg32.CWEx+36
  26. msimg32.CWEx+27- 83 C0 04 - add eax,04
  27. msimg32.CWEx+2A- 83 C1 04 - add ecx,04
  28. msimg32.CWEx+2D- 66 85 D2 - test dx,dx
  29. msimg32.CWEx+30- 75 DE - jne msimg32.CWEx+10
  30. msimg32.CWEx+32- 33 C0 - xor eax,eax
  31. msimg32.CWEx+34- EB 05 - jmp msimg32.CWEx+3B
  32. msimg32.CWEx+36- 1B C0 - sbb eax,eax
  33. msimg32.CWEx+38- 83 D8 FF - sbb eax,-01
  34. msimg32.CWEx+3B- 8B 75 10 - mov esi,[ebp+10]
  35. msimg32.CWEx+3E- 85 C0 - test eax,eax
  36. msimg32.CWEx+40- 75 78 - jne msimg32.CWEx+BA
  37. msimg32.CWEx+42- B9 A49A1E75 - mov ecx,msimg32.dll+9AA4
  38. msimg32.CWEx+47- 8B C6 - mov eax,esi
  39. msimg32.CWEx+49- 8D A4 24 00000000 - lea esp,[esp+00000000]
  40. msimg32.CWEx+50- 66 8B 10 - mov dx,[eax]
  41. msimg32.CWEx+53- 66 3B 11 - cmp dx,[ecx]
  42. msimg32.CWEx+56- 75 1E - jne msimg32.CWEx+76
  43. msimg32.CWEx+58- 66 85 D2 - test dx,dx
  44. msimg32.CWEx+5B- 74 15 - je msimg32.CWEx+72
  45. msimg32.CWEx+5D- 66 8B 50 02 - mov dx,[eax+02]
  46. msimg32.CWEx+61- 66 3B 51 02 - cmp dx,[ecx+02]
  47. msimg32.CWEx+65- 75 0F - jne msimg32.CWEx+76
  48. msimg32.CWEx+67- 83 C0 04 - add eax,04
  49. msimg32.CWEx+6A- 83 C1 04 - add ecx,04
  50. msimg32.CWEx+6D- 66 85 D2 - test dx,dx
  51. msimg32.CWEx+70- 75 DE - jne msimg32.CWEx+50
  52. msimg32.CWEx+72- 33 C0 - xor eax,eax
  53. msimg32.CWEx+74- EB 05 - jmp msimg32.CWEx+7B
  54. msimg32.CWEx+76- 1B C0 - sbb eax,eax
  55. msimg32.CWEx+78- 83 D8 FF - sbb eax,-01
  56. msimg32.CWEx+7B- 85 C0 - test eax,eax
  57. msimg32.CWEx+7D- 75 3B - jne msimg32.CWEx+BA
  58. msimg32.CWEx+7F- 8B 45 34 - mov eax,[ebp+34]
  59. msimg32.CWEx+82- 8B 4D 30 - mov ecx,[ebp+30]
  60. msimg32.CWEx+85- 8B 55 2C - mov edx,[ebp+2C]
  61. msimg32.CWEx+88- 50 - push eax
  62. msimg32.CWEx+89- 8B 45 28 - mov eax,[ebp+28]
  63. msimg32.CWEx+8C- 51 - push ecx
  64. msimg32.CWEx+8D- 8B 4D 24 - mov ecx,[ebp+24]
  65. msimg32.CWEx+90- 52 - push edx
  66. msimg32.CWEx+91- 8B 55 20 - mov edx,[ebp+20]
  67. msimg32.CWEx+94- 50 - push eax
  68. msimg32.CWEx+95- 8B 45 1C - mov eax,[ebp+1C]
  69. msimg32.CWEx+98- 51 - push ecx
  70. msimg32.CWEx+99- 8B 4D 18 - mov ecx,[ebp+18]
  71. msimg32.CWEx+9C- 52 - push edx
  72. msimg32.CWEx+9D- 8B 55 14 - mov edx,[ebp+14]
  73. msimg32.CWEx+A0- 50 - push eax
  74. msimg32.CWEx+A1- 8B 45 08 - mov eax,[ebp+08]
  75. msimg32.CWEx+A4- 51 - push ecx
  76. msimg32.CWEx+A5- 52 - push edx
  77. msimg32.CWEx+A6- 56 - push esi
  78. msimg32.CWEx+A7- 57 - push edi
  79. msimg32.CWEx+A8- 50 - push eax
  80. msimg32.CWEx+A9- FF 15 14811E75 - call dword ptr [msimg32._imp__CreateWindowExW]
  81. msimg32.CWEx+AF- 5F - pop edi
  82. msimg32.CWEx+B0- A3 A0CB1E75 - mov [msimg32.hWndUW],eax
  83. msimg32.CWEx+B5- 5E - pop esi
  84. msimg32.CWEx+B6- 5D - pop ebp
  85. msimg32.CWEx+B7- C2 3000 - ret 0030
  86. msimg32.CWEx+BA- 8B 4D 34 - mov ecx,[ebp+34]
  87. msimg32.CWEx+BD- 8B 55 30 - mov edx,[ebp+30]
  88. msimg32.CWEx+C0- 8B 45 2C - mov eax,[ebp+2C]
  89. msimg32.CWEx+C3- 51 - push ecx
  90. msimg32.CWEx+C4- 8B 4D 28 - mov ecx,[ebp+28]
  91. msimg32.CWEx+C7- 52 - push edx
  92. msimg32.CWEx+C8- 8B 55 24 - mov edx,[ebp+24]
  93. msimg32.CWEx+CB- 50 - push eax
  94. msimg32.CWEx+CC- 8B 45 20 - mov eax,[ebp+20]
  95. msimg32.CWEx+CF- 51 - push ecx
  96. msimg32.CWEx+D0- 8B 4D 1C - mov ecx,[ebp+1C]
  97. msimg32.CWEx+D3- 52 - push edx
  98. msimg32.CWEx+D4- 8B 55 18 - mov edx,[ebp+18]
  99. msimg32.CWEx+D7- 50 - push eax
  100. msimg32.CWEx+D8- 8B 45 14 - mov eax,[ebp+14]
  101. msimg32.CWEx+DB- 51 - push ecx
  102. msimg32.CWEx+DC- 8B 4D 08 - mov ecx,[ebp+08]
  103. msimg32.CWEx+DF- 52 - push edx
  104. msimg32.CWEx+E0- 50 - push eax
  105. msimg32.CWEx+E1- 56 - push esi
  106. msimg32.CWEx+E2- 57 - push edi
  107. msimg32.CWEx+E3- 51 - push ecx
  108. msimg32.CWEx+E4- FF 15 8CCB1E75 - call dword ptr [msimg32._CWEx]
  109. msimg32.CWEx+EA- 5F - pop edi
  110. msimg32.CWEx+EB- 5E - pop esi
  111. msimg32.CWEx+EC- 5D - pop ebp
  112. msimg32.CWEx+ED- C2 3000 - ret 0030
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!