-
关注Ta
-
- 注册时间 2012-04-23
- 最后登录 2015-01-30
-
- 发帖382
- 在线315小时
- 精华0
- DB2177
- 威望80
- 保证金0
- 桃子0
- 鲜花0
- 鸡蛋0
-
访问TA的空间加好友用道具
|
 开始分析中 刚刚下载的【0908欧阳幻息】全自动刷宝石2.0 我不知道你们下载的是那个版本,所以我随机下载的 例图:  可以看到是易语言编译,不是静态编译的 所以有两个krnln.fnr和spec.fne ::0040F1F2:: FC CLD ::0040F1F3:: DBE3 FINIT ::0040F1F5:: E8 00FBFFFF CALL 0040ECFA ::0040F1FA:: 68 74EE4000 PUSH 40EE74 ::0040F1FF:: B8 03000000 MOV EAX,3 ::0040F204:: E8 46000000 CALL 0040F24F 调用12号服务 ::0040F209:: 83C4 04 ADD ESP,4 ::0040F20C:: E8 CDF1FFFF CALL 0040E3DE ::0040F211:: E8 02F2FFFF CALL 0040E418 ::0040F216:: E8 E0F1FFFF CALL 0040E3FB ::0040F21B:: E8 E6F8FFFF CALL 0040EB06 ::0040F220:: 68 01000152 PUSH 52010001 窗体单元1(父窗体) ::0040F225:: E8 1F000000 CALL 0040F249 创建窗口(调用11号服务) ::0040F22A:: 83C4 04 ADD ESP,4 ::0040F22D:: 6A 00 PUSH 0 ::0040F22F:: E8 0F000000 CALL 0040F243 进入窗口消息循环(调用10号服务) ::0040F234:: E8 04000000 CALL 0040F23D 结束当前程序进程(调用9号服务) ::0040F239:: 83C4 04 ADD ESP,4 ::0040F23C:: C3 RETN - ::00408B94:: 55 PUSH EBP
::00408B95:: 8BEC MOV EBP,ESP
::00408B97:: 81EC 14000000 SUB ESP,14
::00408B9D:: C745 FC 00000000 MOV DWORD PTR [EBP-4],0
::00408BA4:: 6A FF PUSH -1
::00408BA6:: 6A 12 PUSH 12
::00408BA8:: 68 1B000116 PUSH 1601001B 自动建房(未知数据类型)
::00408BAD:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::00408BB2:: E8 C2660000 CALL 0040F279 取窗体对象属性(调用4号服务)
::00408BB7:: 83C4 10 ADD ESP,10
::00408BBA:: 8945 F4 MOV [EBP-C],EAX
::00408BBD:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::00408BC1:: 0F85 22000000 JNZ 00408BE9
::00408BC7:: 6A 00 PUSH 0
::00408BC9:: 68 00000000 PUSH 0
::00408BCE:: 6A FF PUSH -1
::00408BD0:: 6A 12 PUSH 12
::00408BD2:: 68 1B000116 PUSH 1601001B 自动建房(未知数据类型)
::00408BD7:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::00408BDC:: E8 9E660000 CALL 0040F27F 修改窗体对象属性(调用5号服务)
::00408BE1:: 83C4 18 ADD ESP,18
::00408BE4:: E9 1D000000 JMP 00408C06
::00408BE9:: 6A 00 PUSH 0
::00408BEB:: 68 01000000 PUSH 1
::00408BF0:: 6A FF PUSH -1
::00408BF2:: 6A 12 PUSH 12
::00408BF4:: 68 1B000116 PUSH 1601001B 自动建房(未知数据类型)
::00408BF9:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::00408BFE:: E8 7C660000 CALL 0040F27F 修改窗体对象属性(调用5号服务)
::00408C03:: 83C4 18 ADD ESP,18
::00408C06:: 6A FF PUSH -1
::00408C08:: 6A 12 PUSH 12
::00408C0A:: 68 1B000116 PUSH 1601001B 自动建房(未知数据类型)
::00408C0F:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::00408C14:: E8 60660000 CALL 0040F279 取窗体对象属性(调用4号服务)
::00408C19:: 83C4 10 ADD ESP,10
::00408C1C:: 8945 F4 MOV [EBP-C],EAX
::00408C1F:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::00408C23:: 0F85 32090000 JNZ 0040955B
::00408C29:: E8 31090000 CALL 0040955F
::00408C2E:: 8945 FC MOV [EBP-4],EAX
::00408C31:: 6A FF PUSH -1
::00408C33:: 6A 12 PUSH 12
::00408C35:: 68 1B000116 PUSH 1601001B 自动建房(未知数据类型)
::00408C3A:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::00408C3F:: E8 35660000 CALL 0040F279 取窗体对象属性(调用4号服务)
::00408C44:: 83C4 10 ADD ESP,10
::00408C47:: 8945 F4 MOV [EBP-C],EAX
::00408C4A:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::00408C4E:: 0F85 07090000 JNZ 0040955B
::00408C54:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408C5B:: 6A 00 PUSH 0
::00408C5D:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408C60:: 68 0A000000 PUSH A
::00408C65:: E8 4D090000 CALL 004095B7
::00408C6A:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408C71:: 6A 00 PUSH 0
::00408C73:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408C76:: 68 41000000 PUSH 41
::00408C7B:: 68 35000000 PUSH 35
::00408C80:: 6A 01 PUSH 1
::00408C82:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408C85:: E8 3B0C0000 CALL 004098C5
::00408C8A:: 8945 F0 MOV [EBP-10],EAX
::00408C8D:: 817D F0 D0D0D000 CMP DWORD PTR [EBP-10],D0D0D0
::00408C94:: 0F85 FB060000 JNZ 00409395
::00408C9A:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408C9F:: 6A 00 PUSH 0
::00408CA1:: 68 F4010000 PUSH 1F4
::00408CA6:: 68 01000000 PUSH 1
::00408CAB:: BB 1C000000 MOV EBX,1C
::00408CB0:: B8 01000000 MOV EAX,1
::00408CB5:: E8 B9650000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408CBA:: 83C4 10 ADD ESP,10
::00408CBD:: 6A 01 PUSH 1
::00408CBF:: 68 01000000 PUSH 1
::00408CC4:: 6A 01 PUSH 1
::00408CC6:: 68 01000000 PUSH 1
::00408CCB:: 6A 01 PUSH 1
::00408CCD:: 68 76000000 PUSH 76
::00408CD2:: 6A 01 PUSH 1
::00408CD4:: 68 B1020000 PUSH 2B1
::00408CD9:: 6A 01 PUSH 1
::00408CDB:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408CDE:: E8 6B100000 CALL 00409D4E
::00408CE3:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408CE8:: 6A 00 PUSH 0
::00408CEA:: 68 F4010000 PUSH 1F4
::00408CEF:: 68 01000000 PUSH 1
::00408CF4:: BB 1C000000 MOV EBX,1C
::00408CF9:: B8 01000000 MOV EAX,1
::00408CFE:: E8 70650000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408D03:: 83C4 10 ADD ESP,10
::00408D06:: 6A 01 PUSH 1
::00408D08:: 68 01000000 PUSH 1
::00408D0D:: 6A 01 PUSH 1
::00408D0F:: 68 01000000 PUSH 1
::00408D14:: 6A 01 PUSH 1
::00408D16:: 68 AA000000 PUSH AA
::00408D1B:: 6A 01 PUSH 1
::00408D1D:: 68 F3000000 PUSH F3
::00408D22:: 6A 01 PUSH 1
::00408D24:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408D27:: E8 22100000 CALL 00409D4E
::00408D2C:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408D31:: 6A 00 PUSH 0
::00408D33:: 68 F4010000 PUSH 1F4
::00408D38:: 68 01000000 PUSH 1
::00408D3D:: BB 1C000000 MOV EBX,1C
::00408D42:: B8 01000000 MOV EAX,1
::00408D47:: E8 27650000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408D4C:: 83C4 10 ADD ESP,10
::00408D4F:: 6A 01 PUSH 1
::00408D51:: 68 01000000 PUSH 1
::00408D56:: 6A 01 PUSH 1
::00408D58:: 68 01000000 PUSH 1
::00408D5D:: 6A 01 PUSH 1
::00408D5F:: 68 C2010000 PUSH 1C2
::00408D64:: 6A 01 PUSH 1
::00408D66:: 68 04010000 PUSH 104
::00408D6B:: 6A 01 PUSH 1
::00408D6D:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408D70:: E8 D90F0000 CALL 00409D4E
::00408D75:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408D7A:: 6A 00 PUSH 0
::00408D7C:: 68 F4010000 PUSH 1F4
::00408D81:: 68 01000000 PUSH 1
::00408D86:: BB 1C000000 MOV EBX,1C
::00408D8B:: B8 01000000 MOV EAX,1
::00408D90:: E8 DE640000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408D95:: 83C4 10 ADD ESP,10
::00408D98:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408D9F:: 6A 00 PUSH 0
::00408DA1:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408DA4:: 6A 01 PUSH 1
::00408DA6:: 68 03000000 PUSH 3
::00408DAB:: 68 51000000 PUSH 51
::00408DB0:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408DB3:: E8 EF180000 CALL 0040A6A7
::00408DB8:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408DBD:: 6A 00 PUSH 0
::00408DBF:: 68 32000000 PUSH 32
::00408DC4:: 68 01000000 PUSH 1
::00408DC9:: BB 1C000000 MOV EBX,1C
::00408DCE:: B8 01000000 MOV EAX,1
::00408DD3:: E8 9B640000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408DD8:: 83C4 10 ADD ESP,10
::00408DDB:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408DE2:: 6A 00 PUSH 0
::00408DE4:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408DE7:: 6A 01 PUSH 1
::00408DE9:: 68 04000000 PUSH 4
::00408DEE:: 68 51000000 PUSH 51
::00408DF3:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408DF6:: E8 AC180000 CALL 0040A6A7
::00408DFB:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408E00:: 6A 00 PUSH 0
::00408E02:: 68 64000000 PUSH 64
::00408E07:: 68 01000000 PUSH 1
::00408E0C:: BB 1C000000 MOV EBX,1C
::00408E11:: B8 01000000 MOV EAX,1
::00408E16:: E8 58640000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408E1B:: 83C4 10 ADD ESP,10
::00408E1E:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408E25:: 6A 00 PUSH 0
::00408E27:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408E2A:: 6A 01 PUSH 1
::00408E2C:: 68 03000000 PUSH 3
::00408E31:: 68 51000000 PUSH 51
::00408E36:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408E39:: E8 69180000 CALL 0040A6A7
::00408E3E:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408E43:: 6A 00 PUSH 0
::00408E45:: 68 32000000 PUSH 32
::00408E4A:: 68 01000000 PUSH 1
::00408E4F:: BB 1C000000 MOV EBX,1C
::00408E54:: B8 01000000 MOV EAX,1
::00408E59:: E8 15640000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408E5E:: 83C4 10 ADD ESP,10
::00408E61:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408E68:: 6A 00 PUSH 0
::00408E6A:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408E6D:: 6A 01 PUSH 1
::00408E6F:: 68 04000000 PUSH 4
::00408E74:: 68 51000000 PUSH 51
::00408E79:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408E7C:: E8 26180000 CALL 0040A6A7
::00408E81:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408E86:: 6A 00 PUSH 0
::00408E88:: 68 64000000 PUSH 64
::00408E8D:: 68 01000000 PUSH 1
::00408E92:: BB 1C000000 MOV EBX,1C
::00408E97:: B8 01000000 MOV EAX,1
::00408E9C:: E8 D2630000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408EA1:: 83C4 10 ADD ESP,10
::00408EA4:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408EAB:: 6A 00 PUSH 0
::00408EAD:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408EB0:: 6A 01 PUSH 1
::00408EB2:: 68 03000000 PUSH 3
::00408EB7:: 68 51000000 PUSH 51
::00408EBC:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408EBF:: E8 E3170000 CALL 0040A6A7
::00408EC4:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408EC9:: 6A 00 PUSH 0
::00408ECB:: 68 32000000 PUSH 32
::00408ED0:: 68 01000000 PUSH 1
::00408ED5:: BB 1C000000 MOV EBX,1C
::00408EDA:: B8 01000000 MOV EAX,1
::00408EDF:: E8 8F630000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408EE4:: 83C4 10 ADD ESP,10
::00408EE7:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00408EEE:: 6A 00 PUSH 0
::00408EF0:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00408EF3:: 6A 01 PUSH 1
::00408EF5:: 68 04000000 PUSH 4
::00408EFA:: 68 51000000 PUSH 51
::00408EFF:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408F02:: E8 A0170000 CALL 0040A6A7
::00408F07:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408F0C:: 6A 00 PUSH 0
::00408F0E:: 68 64000000 PUSH 64
::00408F13:: 68 01000000 PUSH 1
::00408F18:: BB 1C000000 MOV EBX,1C
::00408F1D:: B8 01000000 MOV EAX,1
::00408F22:: E8 4C630000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408F27:: 83C4 10 ADD ESP,10
::00408F2A:: 6A 01 PUSH 1
::00408F2C:: 68 01000000 PUSH 1
::00408F31:: 6A 01 PUSH 1
::00408F33:: 68 01000000 PUSH 1
::00408F38:: 6A 01 PUSH 1
::00408F3A:: 68 EA010000 PUSH 1EA
::00408F3F:: 6A 01 PUSH 1
::00408F41:: 68 43010000 PUSH 143
::00408F46:: 6A 01 PUSH 1
::00408F48:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408F4B:: E8 FE0D0000 CALL 00409D4E
::00408F50:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408F55:: 6A 00 PUSH 0
::00408F57:: 68 F4010000 PUSH 1F4
::00408F5C:: 68 01000000 PUSH 1
::00408F61:: BB 1C000000 MOV EBX,1C
::00408F66:: B8 01000000 MOV EAX,1
::00408F6B:: E8 03630000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408F70:: 83C4 10 ADD ESP,10
::00408F73:: 6A 01 PUSH 1
::00408F75:: 68 01000000 PUSH 1
::00408F7A:: 6A 01 PUSH 1
::00408F7C:: 68 01000000 PUSH 1
::00408F81:: 6A 01 PUSH 1
::00408F83:: 68 D6010000 PUSH 1D6
::00408F88:: 6A 01 PUSH 1
::00408F8A:: 68 60010000 PUSH 160
::00408F8F:: 6A 01 PUSH 1
::00408F91:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408F94:: E8 B50D0000 CALL 00409D4E
::00408F99:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408F9E:: 6A 00 PUSH 0
::00408FA0:: 68 DC050000 PUSH 5DC
::00408FA5:: 68 01000000 PUSH 1
::00408FAA:: BB 1C000000 MOV EBX,1C
::00408FAF:: B8 01000000 MOV EAX,1
::00408FB4:: E8 BA620000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00408FB9:: 83C4 10 ADD ESP,10
::00408FBC:: 6A 01 PUSH 1
::00408FBE:: 68 01000000 PUSH 1
::00408FC3:: 6A 01 PUSH 1
::00408FC5:: 68 01000000 PUSH 1
::00408FCA:: 6A 01 PUSH 1
::00408FCC:: 68 BA010000 PUSH 1BA
::00408FD1:: 6A 01 PUSH 1
::00408FD3:: 68 31000000 PUSH 31
::00408FD8:: 6A 01 PUSH 1
::00408FDA:: FF75 FC PUSH DWORD PTR [EBP-4]
::00408FDD:: E8 6C0D0000 CALL 00409D4E
::00408FE2:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00408FE7:: 6A 00 PUSH 0
::00408FE9:: 68 F4010000 PUSH 1F4
::00408FEE:: 68 01000000 PUSH 1
::00408FF3:: BB 1C000000 MOV EBX,1C
::00408FF8:: B8 01000000 MOV EAX,1
::00408FFD:: E8 71620000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409002:: 83C4 10 ADD ESP,10
::00409005:: 6A 01 PUSH 1
::00409007:: 68 01000000 PUSH 1
::0040900C:: 6A 01 PUSH 1
::0040900E:: 68 01000000 PUSH 1
::00409013:: 6A 01 PUSH 1
::00409015:: 68 55000000 PUSH 55
::0040901A:: 6A 01 PUSH 1
::0040901C:: 68 C7010000 PUSH 1C7
::00409021:: 6A 01 PUSH 1
::00409023:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409026:: E8 230D0000 CALL 00409D4E
::0040902B:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409030:: 6A 00 PUSH 0
::00409032:: 68 F4010000 PUSH 1F4
::00409037:: 68 01000000 PUSH 1
::0040903C:: BB 1C000000 MOV EBX,1C
::00409041:: B8 01000000 MOV EAX,1
::00409046:: E8 28620000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040904B:: 83C4 10 ADD ESP,10
::0040904E:: 6A 01 PUSH 1
::00409050:: 68 01000000 PUSH 1
::00409055:: 6A 01 PUSH 1
::00409057:: 68 01000000 PUSH 1
::0040905C:: 6A 01 PUSH 1
::0040905E:: 68 9D000000 PUSH 9D
::00409063:: 6A 01 PUSH 1
::00409065:: 68 C0010000 PUSH 1C0
::0040906A:: 6A 01 PUSH 1
::0040906C:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040906F:: E8 DA0C0000 CALL 00409D4E
::00409074:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409079:: 6A 00 PUSH 0
::0040907B:: 68 F4010000 PUSH 1F4
::00409080:: 68 01000000 PUSH 1
::00409085:: BB 1C000000 MOV EBX,1C
::0040908A:: B8 01000000 MOV EAX,1
::0040908F:: E8 DF610000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409094:: 83C4 10 ADD ESP,10
::00409097:: 6A 01 PUSH 1
::00409099:: 68 01000000 PUSH 1
::0040909E:: 6A 01 PUSH 1
::004090A0:: 68 01000000 PUSH 1
::004090A5:: 6A 01 PUSH 1
::004090A7:: 68 EA000000 PUSH EA
::004090AC:: 6A 01 PUSH 1
::004090AE:: 68 08020000 PUSH 208
::004090B3:: 6A 01 PUSH 1
::004090B5:: FF75 FC PUSH DWORD PTR [EBP-4]
::004090B8:: E8 910C0000 CALL 00409D4E
::004090BD:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004090C2:: 6A 00 PUSH 0
::004090C4:: 68 F4010000 PUSH 1F4
::004090C9:: 68 01000000 PUSH 1
::004090CE:: BB 1C000000 MOV EBX,1C
::004090D3:: B8 01000000 MOV EAX,1
::004090D8:: E8 96610000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::004090DD:: 83C4 10 ADD ESP,10
::004090E0:: 6A 01 PUSH 1
::004090E2:: 68 01000000 PUSH 1
::004090E7:: 6A 01 PUSH 1
::004090E9:: 68 01000000 PUSH 1
::004090EE:: 6A 01 PUSH 1
::004090F0:: 68 FB010000 PUSH 1FB
::004090F5:: 6A 01 PUSH 1
::004090F7:: 68 1A020000 PUSH 21A
::004090FC:: 6A 01 PUSH 1
::004090FE:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409101:: E8 480C0000 CALL 00409D4E
::00409106:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040910B:: 6A 00 PUSH 0
::0040910D:: 68 DC050000 PUSH 5DC
::00409112:: 68 01000000 PUSH 1
::00409117:: BB 1C000000 MOV EBX,1C
::0040911C:: B8 01000000 MOV EAX,1
::00409121:: E8 4D610000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409126:: 83C4 10 ADD ESP,10
::00409129:: 6A 01 PUSH 1
::0040912B:: 68 01000000 PUSH 1
::00409130:: 6A 01 PUSH 1
::00409132:: 68 01000000 PUSH 1
::00409137:: 6A 01 PUSH 1
::00409139:: 68 52000000 PUSH 52
::0040913E:: 6A 01 PUSH 1
::00409140:: 68 5F010000 PUSH 15F
::00409145:: 6A 01 PUSH 1
::00409147:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040914A:: E8 FF0B0000 CALL 00409D4E
::0040914F:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409154:: 6A 00 PUSH 0
::00409156:: 68 F4010000 PUSH 1F4
::0040915B:: 68 01000000 PUSH 1
::00409160:: BB 1C000000 MOV EBX,1C
::00409165:: B8 01000000 MOV EAX,1
::0040916A:: E8 04610000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040916F:: 83C4 10 ADD ESP,10
::00409172:: 6A 01 PUSH 1
::00409174:: 68 01000000 PUSH 1
::00409179:: 6A 01 PUSH 1
::0040917B:: 68 01000000 PUSH 1
::00409180:: 6A 01 PUSH 1
::00409182:: 68 52000000 PUSH 52
::00409187:: 6A 01 PUSH 1
::00409189:: 68 DF010000 PUSH 1DF
::0040918E:: 6A 01 PUSH 1
::00409190:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409193:: E8 B60B0000 CALL 00409D4E
::00409198:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040919D:: 6A 00 PUSH 0
::0040919F:: 68 F4010000 PUSH 1F4
::004091A4:: 68 01000000 PUSH 1
::004091A9:: BB 1C000000 MOV EBX,1C
::004091AE:: B8 01000000 MOV EAX,1
::004091B3:: E8 BB600000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::004091B8:: 83C4 10 ADD ESP,10
::004091BB:: 6A 01 PUSH 1
::004091BD:: 68 01000000 PUSH 1
::004091C2:: 6A 01 PUSH 1
::004091C4:: 68 01000000 PUSH 1
::004091C9:: 6A 01 PUSH 1
::004091CB:: 68 52000000 PUSH 52
::004091D0:: 6A 01 PUSH 1
::004091D2:: 68 5D020000 PUSH 25D
::004091D7:: 6A 01 PUSH 1
::004091D9:: FF75 FC PUSH DWORD PTR [EBP-4]
::004091DC:: E8 6D0B0000 CALL 00409D4E
::004091E1:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004091E6:: 6A 00 PUSH 0
::004091E8:: 68 F4010000 PUSH 1F4
::004091ED:: 68 01000000 PUSH 1
::004091F2:: BB 1C000000 MOV EBX,1C
::004091F7:: B8 01000000 MOV EAX,1
::004091FC:: E8 72600000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409201:: 83C4 10 ADD ESP,10
::00409204:: 6A 01 PUSH 1
::00409206:: 68 01000000 PUSH 1
::0040920B:: 6A 01 PUSH 1
::0040920D:: 68 01000000 PUSH 1
::00409212:: 6A 01 PUSH 1
::00409214:: 68 52000000 PUSH 52
::00409219:: 6A 01 PUSH 1
::0040921B:: 68 DF020000 PUSH 2DF
::00409220:: 6A 01 PUSH 1
::00409222:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409225:: E8 240B0000 CALL 00409D4E
::0040922A:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040922F:: 6A 00 PUSH 0
::00409231:: 68 F4010000 PUSH 1F4
::00409236:: 68 01000000 PUSH 1
::0040923B:: BB 1C000000 MOV EBX,1C
::00409240:: B8 01000000 MOV EAX,1
::00409245:: E8 29600000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040924A:: 83C4 10 ADD ESP,10
::0040924D:: 6A 01 PUSH 1
::0040924F:: 68 01000000 PUSH 1
::00409254:: 6A 01 PUSH 1
::00409256:: 68 01000000 PUSH 1
::0040925B:: 6A 01 PUSH 1
::0040925D:: 68 44000000 PUSH 44
::00409262:: 6A 01 PUSH 1
::00409264:: 68 34000000 PUSH 34
::00409269:: 6A 01 PUSH 1
::0040926B:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040926E:: E8 DB0A0000 CALL 00409D4E
::00409273:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409278:: 6A 00 PUSH 0
::0040927A:: 68 F4010000 PUSH 1F4
::0040927F:: 68 01000000 PUSH 1
::00409284:: BB 1C000000 MOV EBX,1C
::00409289:: B8 01000000 MOV EAX,1
::0040928E:: E8 E05F0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409293:: 83C4 10 ADD ESP,10
::00409296:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040929D:: 6A 00 PUSH 0
::0040929F:: FF75 F8 PUSH DWORD PTR [EBP-8]
::004092A2:: 68 2F010000 PUSH 12F
::004092A7:: 68 D1010000 PUSH 1D1
::004092AC:: 6A 01 PUSH 1
::004092AE:: FF75 FC PUSH DWORD PTR [EBP-4]
::004092B1:: E8 0F060000 CALL 004098C5
::004092B6:: 8945 F0 MOV [EBP-10],EAX
::004092B9:: 817D F0 E8EFFC00 CMP DWORD PTR [EBP-10],FCEFE8
::004092C0:: 0F85 CF000000 JNZ 00409395
::004092C6:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::004092CD:: 6A 00 PUSH 0
::004092CF:: FF75 F8 PUSH DWORD PTR [EBP-8]
::004092D2:: 6A 01 PUSH 1
::004092D4:: 68 03000000 PUSH 3
::004092D9:: 68 0D000000 PUSH D
::004092DE:: FF75 FC PUSH DWORD PTR [EBP-4]
::004092E1:: E8 C1130000 CALL 0040A6A7
::004092E6:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004092EB:: 6A 00 PUSH 0
::004092ED:: 68 32000000 PUSH 32
::004092F2:: 68 01000000 PUSH 1
::004092F7:: BB 1C000000 MOV EBX,1C
::004092FC:: B8 01000000 MOV EAX,1
::00409301:: E8 6D5F0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409306:: 83C4 10 ADD ESP,10
::00409309:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00409310:: 6A 00 PUSH 0
::00409312:: FF75 F8 PUSH DWORD PTR [EBP-8]
::00409315:: 6A 01 PUSH 1
::00409317:: 68 04000000 PUSH 4
::0040931C:: 68 0D000000 PUSH D
::00409321:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409324:: E8 7E130000 CALL 0040A6A7
::00409329:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040932E:: 6A 00 PUSH 0
::00409330:: 68 64000000 PUSH 64
::00409335:: 68 01000000 PUSH 1
::0040933A:: BB 1C000000 MOV EBX,1C
::0040933F:: B8 01000000 MOV EAX,1
::00409344:: E8 2A5F0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409349:: 83C4 10 ADD ESP,10
::0040934C:: 6A 01 PUSH 1
::0040934E:: 68 01000000 PUSH 1
::00409353:: 6A 01 PUSH 1
::00409355:: 68 01000000 PUSH 1
::0040935A:: 6A 01 PUSH 1
::0040935C:: 68 4B020000 PUSH 24B
::00409361:: 6A 01 PUSH 1
::00409363:: 68 4A000000 PUSH 4A
::00409368:: 6A 01 PUSH 1
::0040936A:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040936D:: E8 DC090000 CALL 00409D4E
::00409372:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409377:: 6A 00 PUSH 0
::00409379:: 68 DC050000 PUSH 5DC
::0040937E:: 68 01000000 PUSH 1
::00409383:: BB 1C000000 MOV EBX,1C
::00409388:: B8 01000000 MOV EAX,1
::0040938D:: E8 E15E0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409392:: 83C4 10 ADD ESP,10
::00409395:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040939C:: 6A 00 PUSH 0
::0040939E:: FF75 F8 PUSH DWORD PTR [EBP-8]
::004093A1:: 68 6D000000 PUSH 6D
::004093A6:: 68 82000000 PUSH 82
::004093AB:: 6A 01 PUSH 1
::004093AD:: FF75 FC PUSH DWORD PTR [EBP-4]
::004093B0:: E8 10050000 CALL 004098C5
::004093B5:: 8945 F0 MOV [EBP-10],EAX
::004093B8:: 817D F0 B7C8E300 CMP DWORD PTR [EBP-10],E3C8B7
::004093BF:: 0F85 49000000 JNZ 0040940E
::004093C5:: 6A 01 PUSH 1
::004093C7:: 68 01000000 PUSH 1
::004093CC:: 6A 01 PUSH 1
::004093CE:: 68 01000000 PUSH 1
::004093D3:: 6A 01 PUSH 1
::004093D5:: 68 16000000 PUSH 16
::004093DA:: 6A 01 PUSH 1
::004093DC:: 68 30000000 PUSH 30
::004093E1:: 6A 01 PUSH 1
::004093E3:: FF75 FC PUSH DWORD PTR [EBP-4]
::004093E6:: E8 63090000 CALL 00409D4E
::004093EB:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004093F0:: 6A 00 PUSH 0
::004093F2:: 68 AC0D0000 PUSH DAC
::004093F7:: 68 01000000 PUSH 1
::004093FC:: BB 1C000000 MOV EBX,1C
::00409401:: B8 01000000 MOV EAX,1
::00409406:: E8 685E0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040940B:: 83C4 10 ADD ESP,10
::0040940E:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00409415:: 6A 00 PUSH 0
::00409417:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040941A:: 68 31010000 PUSH 131
::0040941F:: 68 C2010000 PUSH 1C2
::00409424:: 6A 01 PUSH 1
::00409426:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409429:: E8 97040000 CALL 004098C5
::0040942E:: 8945 F0 MOV [EBP-10],EAX
::00409431:: 817D F0 E8EFFC00 CMP DWORD PTR [EBP-10],FCEFE8
::00409438:: 0F85 CF000000 JNZ 0040950D
::0040943E:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00409445:: 6A 00 PUSH 0
::00409447:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040944A:: 6A 01 PUSH 1
::0040944C:: 68 03000000 PUSH 3
::00409451:: 68 0D000000 PUSH D
::00409456:: FF75 FC PUSH DWORD PTR [EBP-4]
::00409459:: E8 49120000 CALL 0040A6A7
::0040945E:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409463:: 6A 00 PUSH 0
::00409465:: 68 32000000 PUSH 32
::0040946A:: 68 01000000 PUSH 1
::0040946F:: BB 1C000000 MOV EBX,1C
::00409474:: B8 01000000 MOV EAX,1
::00409479:: E8 F55D0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040947E:: 83C4 10 ADD ESP,10
::00409481:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::00409488:: 6A 00 PUSH 0
::0040948A:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040948D:: 6A 01 PUSH 1
::0040948F:: 68 04000000 PUSH 4
::00409494:: 68 0D000000 PUSH D
::00409499:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040949C:: E8 06120000 CALL 0040A6A7
::004094A1:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004094A6:: 6A 00 PUSH 0
::004094A8:: 68 64000000 PUSH 64
::004094AD:: 68 01000000 PUSH 1
::004094B2:: BB 1C000000 MOV EBX,1C
::004094B7:: B8 01000000 MOV EAX,1
::004094BC:: E8 B25D0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::004094C1:: 83C4 10 ADD ESP,10
::004094C4:: 6A 01 PUSH 1
::004094C6:: 68 01000000 PUSH 1
::004094CB:: 6A 01 PUSH 1
::004094CD:: 68 01000000 PUSH 1
::004094D2:: 6A 01 PUSH 1
::004094D4:: 68 4B020000 PUSH 24B
::004094D9:: 6A 01 PUSH 1
::004094DB:: 68 4A000000 PUSH 4A
::004094E0:: 6A 01 PUSH 1
::004094E2:: FF75 FC PUSH DWORD PTR [EBP-4]
::004094E5:: E8 64080000 CALL 00409D4E
::004094EA:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::004094EF:: 6A 00 PUSH 0
::004094F1:: 68 D0070000 PUSH 7D0
::004094F6:: 68 01000000 PUSH 1
::004094FB:: BB 1C000000 MOV EBX,1C
::00409500:: B8 01000000 MOV EAX,1
::00409505:: E8 695D0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040950A:: 83C4 10 ADD ESP,10
::0040950D:: 6A 01 PUSH 1
::0040950F:: 68 01000000 PUSH 1
::00409514:: 6A 01 PUSH 1
::00409516:: 68 01000000 PUSH 1
::0040951B:: 6A 01 PUSH 1
::0040951D:: 68 52000000 PUSH 52
::00409522:: 6A 01 PUSH 1
::00409524:: 68 34000000 PUSH 34
::00409529:: 6A 01 PUSH 1
::0040952B:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040952E:: E8 1B080000 CALL 00409D4E
::00409533:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::00409538:: 6A 00 PUSH 0
::0040953A:: 68 2C010000 PUSH 12C
::0040953F:: 68 01000000 PUSH 1
::00409544:: BB 1C000000 MOV EBX,1C
::00409549:: B8 01000000 MOV EAX,1
::0040954E:: E8 205D0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::00409553:: 83C4 10 ADD ESP,10
::00409556:: E9 D6F6FFFF JMP 00408C31
::0040955B:: 8BE5 MOV ESP,EBP
::0040955D:: 5D POP EBP
::0040955E:: C3 RETN
- ::0040B140:: 55 PUSH EBP
::0040B141:: 8BEC MOV EBP,ESP
::0040B143:: 81EC 10000000 SUB ESP,10
::0040B149:: EB 10 JMP SHORT 0040B15B
::0040B14B:: 56 PUSH ESI
::0040B14C:: 4D DEC EBP
::0040B14D:: 50 PUSH EAX
::0040B14E:: 72 6F JB SHORT 0040B1BF
::0040B150:: 74 65 JE SHORT 0040B1B7
::0040B152:: 637420 62 ARPL [EAX+62],ESI
::0040B156:: 65:67:696E 00 6A01B8A7 IMUL EBP,GS:[BP],A7B8016A
::0040B15F:: 3240 00 XOR AL,[EAX]
::0040B162:: 8945 FC MOV [EBP-4],EAX
::0040B165:: 8D45 FC LEA EAX,[EBP-4]
::0040B168:: 50 PUSH EAX
::0040B169:: 6A 01 PUSH 1
::0040B16B:: B8 A7324000 MOV EAX,4032A7 PopKart Client(常量)
::0040B170:: 8945 F8 MOV [EBP-8],EAX
::0040B173:: 8D45 F8 LEA EAX,[EBP-8]
::0040B176:: 50 PUSH EAX
::0040B177:: 6A 01 PUSH 1
::0040B179:: B8 B6324000 MOV EAX,4032B6 KartRider.exe(常量)
::0040B17E:: 8945 F4 MOV [EBP-C],EAX
::0040B181:: 8D45 F4 LEA EAX,[EBP-C]
::0040B184:: 50 PUSH EAX
::0040B185:: E8 19020000 CALL 0040B3A3
::0040B18A:: 8945 F0 MOV [EBP-10],EAX
::0040B18D:: 8B5D F4 MOV EBX,[EBP-C]
::0040B190:: 85DB TEST EBX,EBX
::0040B192:: 74 09 JE SHORT 0040B19D
::0040B194:: 53 PUSH EBX
::0040B195:: E8 BB400000 CALL 0040F255 销毁从堆上分配到的内存(调用8号服务)
::0040B19A:: 83C4 04 ADD ESP,4
::0040B19D:: 8B5D F8 MOV EBX,[EBP-8]
::0040B1A0:: 85DB TEST EBX,EBX
::0040B1A2:: 74 09 JE SHORT 0040B1AD
::0040B1A4:: 53 PUSH EBX
::0040B1A5:: E8 AB400000 CALL 0040F255 销毁从堆上分配到的内存(调用8号服务)
::0040B1AA:: 83C4 04 ADD ESP,4
::0040B1AD:: 8B5D FC MOV EBX,[EBP-4]
::0040B1B0:: 85DB TEST EBX,EBX
::0040B1B2:: 74 09 JE SHORT 0040B1BD
::0040B1B4:: 53 PUSH EBX
::0040B1B5:: E8 9B400000 CALL 0040F255 销毁从堆上分配到的内存(调用8号服务)
::0040B1BA:: 83C4 04 ADD ESP,4
::0040B1BD:: 8B45 F0 MOV EAX,[EBP-10]
::0040B1C0:: A3 28069F00 MOV [9F0628],EAX
::0040B1C5:: C745 FC 00000000 MOV DWORD PTR [EBP-4],0
::0040B1CC:: 6A 00 PUSH 0
::0040B1CE:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040B1D1:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040B1D8:: 6A 00 PUSH 0
::0040B1DA:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040B1DD:: C745 F4 00000000 MOV DWORD PTR [EBP-C],0
::0040B1E4:: 6A 00 PUSH 0
::0040B1E6:: FF75 F4 PUSH DWORD PTR [EBP-C]
::0040B1E9:: 68 71000000 PUSH 71
::0040B1EE:: 68 C6E34000 PUSH 40E3C6
::0040B1F3:: E8 FE160000 CALL 0040C8F6
::0040B1F8:: C745 FC 00000000 MOV DWORD PTR [EBP-4],0
::0040B1FF:: 6A 00 PUSH 0
::0040B201:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040B204:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040B20B:: 6A 00 PUSH 0
::0040B20D:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040B210:: C745 F4 00000000 MOV DWORD PTR [EBP-C],0
::0040B217:: 6A 00 PUSH 0
::0040B219:: FF75 F4 PUSH DWORD PTR [EBP-C]
::0040B21C:: 68 70000000 PUSH 70
::0040B221:: 68 D2E34000 PUSH 40E3D2
::0040B226:: E8 CB160000 CALL 0040C8F6
::0040B22B:: EB 0E JMP SHORT 0040B23B
::0040B22D:: 56 PUSH ESI
::0040B22E:: 4D DEC EBP
::0040B22F:: 50 PUSH EAX
::0040B230:: 72 6F JB SHORT 0040B2A1
::0040B232:: 74 65 JE SHORT 0040B299
::0040B234:: 637420 65 ARPL [EAX+65],ESI
::0040B238:: 6E OUTS DX,BYTE PTR ES:[EDI]
::0040B239:: 64:008B E55DC38B ADD FS:[EBX+8BC35DE5],CL
::0040B240:: 54 PUSH ESP
::0040B241:: 24 04 AND AL,4
::0040B243:: 8B4C24 08 MOV ECX,[ESP+8]
::0040B247:: 85D2 TEST EDX,EDX
::0040B249:: 75 0D JNZ SHORT 0040B258
::0040B24B:: 33C0 XOR EAX,EAX
::0040B24D:: 85C9 TEST ECX,ECX
::0040B24F:: 74 06 JE SHORT 0040B257
::0040B251:: 8039 00 CMP BYTE PTR [ECX],0
::0040B254:: 74 01 JE SHORT 0040B257
::0040B256:: 48 DEC EAX
::0040B257:: C3 RETN
- ::0040D5D0:: 55 PUSH EBP
::0040D5D1:: 8BEC MOV EBP,ESP
::0040D5D3:: 81EC 14000000 SUB ESP,14
::0040D5D9:: C745 FC 00000000 MOV DWORD PTR [EBP-4],0
::0040D5E0:: 6A FF PUSH -1
::0040D5E2:: 6A 12 PUSH 12
::0040D5E4:: 68 1A000116 PUSH 1601001A 自动刷球(未知数据类型)
::0040D5E9:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::0040D5EE:: E8 861C0000 CALL 0040F279 取窗体对象属性(调用4号服务)
::0040D5F3:: 83C4 10 ADD ESP,10
::0040D5F6:: 8945 F4 MOV [EBP-C],EAX
::0040D5F9:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::0040D5FD:: 0F85 22000000 JNZ 0040D625
::0040D603:: 6A 00 PUSH 0
::0040D605:: 68 00000000 PUSH 0
::0040D60A:: 6A FF PUSH -1
::0040D60C:: 6A 12 PUSH 12
::0040D60E:: 68 1A000116 PUSH 1601001A 自动刷球(未知数据类型)
::0040D613:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::0040D618:: E8 621C0000 CALL 0040F27F 修改窗体对象属性(调用5号服务)
::0040D61D:: 83C4 18 ADD ESP,18
::0040D620:: E9 1D000000 JMP 0040D642
::0040D625:: 6A 00 PUSH 0
::0040D627:: 68 01000000 PUSH 1
::0040D62C:: 6A FF PUSH -1
::0040D62E:: 6A 12 PUSH 12
::0040D630:: 68 1A000116 PUSH 1601001A 自动刷球(未知数据类型)
::0040D635:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::0040D63A:: E8 401C0000 CALL 0040F27F 修改窗体对象属性(调用5号服务)
::0040D63F:: 83C4 18 ADD ESP,18
::0040D642:: 6A FF PUSH -1
::0040D644:: 6A 12 PUSH 12
::0040D646:: 68 1A000116 PUSH 1601001A 自动刷球(未知数据类型)
::0040D64B:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::0040D650:: E8 241C0000 CALL 0040F279 取窗体对象属性(调用4号服务)
::0040D655:: 83C4 10 ADD ESP,10
::0040D658:: 8945 F4 MOV [EBP-C],EAX
::0040D65B:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::0040D65F:: 0F85 54020000 JNZ 0040D8B9
::0040D665:: E8 F5BEFFFF CALL 0040955F
::0040D66A:: 8945 FC MOV [EBP-4],EAX
::0040D66D:: 6A FF PUSH -1
::0040D66F:: 6A 12 PUSH 12
::0040D671:: 68 1A000116 PUSH 1601001A 自动刷球(未知数据类型)
::0040D676:: 68 01000152 PUSH 52010001 窗体单元1(父窗体)
::0040D67B:: E8 F91B0000 CALL 0040F279 取窗体对象属性(调用4号服务)
::0040D680:: 83C4 10 ADD ESP,10
::0040D683:: 8945 F4 MOV [EBP-C],EAX
::0040D686:: 837D F4 01 CMP DWORD PTR [EBP-C],1
::0040D68A:: 0F85 29020000 JNZ 0040D8B9
::0040D690:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D697:: 6A 00 PUSH 0
::0040D699:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D69C:: 68 52000000 PUSH 52
::0040D6A1:: C745 F4 00000000 MOV DWORD PTR [EBP-C],0
::0040D6A8:: 6A 00 PUSH 0
::0040D6AA:: FF75 F4 PUSH DWORD PTR [EBP-C]
::0040D6AD:: E8 0B020000 CALL 0040D8BD
::0040D6B2:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D6B7:: 6A 00 PUSH 0
::0040D6B9:: 68 05000000 PUSH 5
::0040D6BE:: 68 01000000 PUSH 1
::0040D6C3:: BB 7C060000 MOV EBX,67C
::0040D6C8:: E8 A01B0000 CALL 0040F26D 调用核心支持库命令(调用3号服务)
::0040D6CD:: 83C4 10 ADD ESP,10
::0040D6D0:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D6D7:: 6A 00 PUSH 0
::0040D6D9:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D6DC:: 68 52000000 PUSH 52
::0040D6E1:: C745 F4 00000000 MOV DWORD PTR [EBP-C],0
::0040D6E8:: 6A 00 PUSH 0
::0040D6EA:: FF75 F4 PUSH DWORD PTR [EBP-C]
::0040D6ED:: E8 6E050000 CALL 0040DC60
::0040D6F2:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D6F7:: 6A 00 PUSH 0
::0040D6F9:: 68 05000000 PUSH 5
::0040D6FE:: 68 01000000 PUSH 1
::0040D703:: BB 7C060000 MOV EBX,67C
::0040D708:: E8 601B0000 CALL 0040F26D 调用核心支持库命令(调用3号服务)
::0040D70D:: 83C4 10 ADD ESP,10
::0040D710:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D717:: 6A 00 PUSH 0
::0040D719:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D71C:: 6A 01 PUSH 1
::0040D71E:: 68 03000000 PUSH 3
::0040D723:: 68 11000000 PUSH 11
::0040D728:: E8 D6080000 CALL 0040E003
::0040D72D:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D732:: 6A 00 PUSH 0
::0040D734:: 68 05000000 PUSH 5
::0040D739:: 68 01000000 PUSH 1
::0040D73E:: BB 1C000000 MOV EBX,1C
::0040D743:: B8 01000000 MOV EAX,1
::0040D748:: E8 261B0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040D74D:: 83C4 10 ADD ESP,10
::0040D750:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D757:: 6A 00 PUSH 0
::0040D759:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D75C:: 6A 01 PUSH 1
::0040D75E:: 68 04000000 PUSH 4
::0040D763:: 68 11000000 PUSH 11
::0040D768:: E8 96080000 CALL 0040E003
::0040D76D:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D772:: 6A 00 PUSH 0
::0040D774:: 68 05000000 PUSH 5
::0040D779:: 68 01000000 PUSH 1
::0040D77E:: BB 1C000000 MOV EBX,1C
::0040D783:: B8 01000000 MOV EAX,1
::0040D788:: E8 E61A0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040D78D:: 83C4 10 ADD ESP,10
::0040D790:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D797:: 6A 00 PUSH 0
::0040D799:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D79C:: 6A 01 PUSH 1
::0040D79E:: 68 03000000 PUSH 3
::0040D7A3:: 68 24000000 PUSH 24
::0040D7A8:: E8 56080000 CALL 0040E003
::0040D7AD:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D7B2:: 6A 00 PUSH 0
::0040D7B4:: 68 05000000 PUSH 5
::0040D7B9:: 68 01000000 PUSH 1
::0040D7BE:: BB 1C000000 MOV EBX,1C
::0040D7C3:: B8 01000000 MOV EAX,1
::0040D7C8:: E8 A61A0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040D7CD:: 83C4 10 ADD ESP,10
::0040D7D0:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D7D7:: 6A 00 PUSH 0
::0040D7D9:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D7DC:: 6A 01 PUSH 1
::0040D7DE:: 68 04000000 PUSH 4
::0040D7E3:: 68 24000000 PUSH 24
::0040D7E8:: E8 16080000 CALL 0040E003
::0040D7ED:: 68 01030080 PUSH 80000301 整数型(基本数据类型)
::0040D7F2:: 6A 00 PUSH 0
::0040D7F4:: 68 05000000 PUSH 5
::0040D7F9:: 68 01000000 PUSH 1
::0040D7FE:: BB 1C000000 MOV EBX,1C
::0040D803:: B8 01000000 MOV EAX,1
::0040D808:: E8 661A0000 CALL 0040F273 调用其他支持库命令(调用2号服务)
::0040D80D:: 83C4 10 ADD ESP,10
::0040D810:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D817:: 6A 00 PUSH 0
::0040D819:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D81C:: 68 33000000 PUSH 33
::0040D821:: 68 82000000 PUSH 82
::0040D826:: 6A 01 PUSH 1
::0040D828:: FF75 FC PUSH DWORD PTR [EBP-4]
::0040D82B:: E8 95C0FFFF CALL 004098C5
::0040D830:: 8945 F0 MOV [EBP-10],EAX
::0040D833:: 817D F0 F9090300 CMP DWORD PTR [EBP-10],309F9
::0040D83A:: 0F85 74000000 JNZ 0040D8B4
::0040D840:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D847:: 6A 00 PUSH 0
::0040D849:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D84C:: 6A 01 PUSH 1
::0040D84E:: 68 03000000 PUSH 3
::0040D853:: 68 26000000 PUSH 26
::0040D858:: E8 A6070000 CALL 0040E003
::0040D85D:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D864:: 6A 00 PUSH 0
::0040D866:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D869:: 6A 01 PUSH 1
::0040D86B:: 68 03000000 PUSH 3
::0040D870:: 68 11000000 PUSH 11
::0040D875:: E8 89070000 CALL 0040E003
::0040D87A:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D881:: 6A 00 PUSH 0
::0040D883:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D886:: 6A 01 PUSH 1
::0040D888:: 68 04000000 PUSH 4
::0040D88D:: 68 11000000 PUSH 11
::0040D892:: E8 6C070000 CALL 0040E003
::0040D897:: C745 F8 00000000 MOV DWORD PTR [EBP-8],0
::0040D89E:: 6A 00 PUSH 0
::0040D8A0:: FF75 F8 PUSH DWORD PTR [EBP-8]
::0040D8A3:: 6A 01 PUSH 1
::0040D8A5:: 68 04000000 PUSH 4
::0040D8AA:: 68 26000000 PUSH 26
::0040D8AF:: E8 4F070000 CALL 0040E003
::0040D8B4:: E9 B4FDFFFF JMP 0040D66D
::0040D8B9:: 8BE5 MOV ESP,EBP
::0040D8BB:: 5D POP EBP
::0040D8BC:: C3 RETN
至于什么ftp啊 QQ邮箱啊 163邮箱盗号这类命令我是没看见哦 老话:是挂三分毒,或许你用过别的辅助,导致留下了某些dll文件~! 不要一用了这个就是只认这个盗号·!  Ps:  好了,分析就到此结束, 可能代码多了点
|
