[收藏本方案]

AcProtect 1.41 外壳分析[39]

[入库:2005年8月19日] [更新:2007年3月24日]

本文简介:选择自 bmd2chen 的 blog
首页 上页 下页 尾页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] [44] [45] [46] [47] [48] [49] [50] [51] [52] [53] [54] [55] [56] [57] [58] [59] [60] [61] [62] [63] [64] [65] [66] [67] [68] [69]

daffff call <sub_getprocaddress> ; \getprocaddressfun 0058e6f3 b8 fdfb4000 mov eax,0040fbfd 0058e6f8 ba 2bfd4000 mov edx,0040fd2b ; /createfilea 0058e6fd e8 28daffff call <sub_getprocaddress> ; \getprocaddressfun 0058e702 b8 09fc4000 mov eax,0040fc09 0058e707 ba 2ffd4000 mov edx,0040fd2f ; /terminateprocess 0058e70c e8 19daffff call <sub_getprocaddress> ; \getprocaddressfun 0058e711 b8 1afc4000 mov eax,0040fc1a 0058e716 ba 47fd4000 mov edx,0040fd47 ; /isdebuggerpresent 0058e71b e8 0adaffff call <sub_getprocaddress> ; \getprocaddressfun 0058e720 b8 2cfc4000 mov eax,0040fc2c 0058e725 ba 4bfd4000 mov edx,0040fd4b ; /openprocess 0058e72a e8 fbd9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e72f b8 38fc4000 mov eax,0040fc38 0058e734 ba 4ffd4000 mov edx,0040fd4f ; /readfile 0058e739 e8 ecd9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e73e b8 41fc4000 mov eax,0040fc41 0058e743 ba 53fd4000 mov edx,0040fd53 ; /writefile 0058e748 e8 ddd9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e74d b8 4bfc4000 mov eax,0040fc4b 0058e752 ba 57fd4000 mov edx,0040fd57 ; /freelibrary 0058e757 e8 ced9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e75c b8 57fc4000 mov eax,0040fc57 0058e761 ba 5bfd4000 mov edx,0040fd5b ; /gettemppatha 0058e766 e8 bfd9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e76b b8 64fc4000 mov eax,0040fc64 0058e770 ba 5ffd4000 mov edx,0040fd5f ; /unhandledexceptionfilter 0058e775 e8 b0d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e77a b8 7dfc4000 mov eax,0040fc7d 0058e77f ba 67fd4000 mov edx,0040fd67 ; /getthreadcontext 0058e784 e8 a1d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e789 b8 8efc4000 mov eax,0040fc8e 0058e78e ba 6bfd4000 mov edx,0040fd6b ; /setthreadcontext 0058e793 e8 92d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e798 b8 9ffc4000 mov eax,0040fc9f 0058e79d ba 6ffd4000 mov edx,0040fd6f ; /getcurrentthread 0058e7a2 e8 83d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e7a7 b8 a7fd4000 mov eax,0040fda7 0058e7ac ba a3fd4000 mov edx,0040fda3 ; /setfilepointer 0058e7b1 e8 74d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e7b6 b8 d7fd4000 mov eax,0040fdd7 0058e7bb ba 73fd4000 mov edx,0040fd73 ; /getmodulefilenamea 0058e7c0 e8 65d9ffff call <sub_getprocaddress> ; \getprocaddressfun 0058e7c5 b8 eafd4000 mov eax,0040fdea 0058e7ca ba 77fd4000 mov edx,0040fd77 ; /getfilesize 0058e7c

首页 上页 下页 尾页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] [40] [41] [42] [43] [44] [45] [46] [47] [48] [49] [50] [51] [52] [53] [54] [55] [56] [57] [58] [59] [60] [61] [62] [63] [64] [65] [66] [67] [68] [69]
本文关键:AcProtect 1.41 外壳分析
  相关方案
Google
 

本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)

go top