瞬移=007647E0
push ecx=00764D29
00764790 - 76 34 - jna 007647c6
00764792 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
00764798 - 81 c1 a0 05 00 00 - add ecx,000005a0
0076479E - e8 ad 02 cc ff - call 00424a50
007647A3 - 39 45 08 - cmp [ebp+08],eax
007647A6 - 76 1e - jna 007647c6
007647A8 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
007647AE - 81 c1 a0 05 00 00 - add ecx,000005a0
007647B4 - e8 97 02 cc ff - call 00424a50
007647B9 - 8b 4d 08 - mov ecx,[ebp+08]
007647BC - 2b c8 - sub ecx,eax
007647BE - 89 8d dc fc ff ff - mov [ebp-00000324],ecx
007647C4 - eb 0a - jmp 007647d0
007647C6 - c7 85 dc fc ff ff 00 00 00 00 - mov [ebp-00000324],00000000
007647D0 - 8b 95 dc fc ff ff - mov edx,[ebp-00000324]
007647D6 - 89 55 f8 - mov [ebp-08],edx
007647D9 - 81 7d f8 f4 01 00 00 - cmp [ebp-08],000001f4
007647E0 - 76 07 - jna 007647e9
007647E2 - c7 45 f8 f4 01 00 00 - mov [ebp-08],000001f4
007647E9 - 8b 45 08 - mov eax,[ebp+08]
007647EC - 50 - push eax
007647ED - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
007647F3 - 81 c1 a0 05 00 00 - add ecx,000005a0
007647F9 - e8 72 30 d2 ff - call 00487870
007647FE - 8d 8d e0 fd ff ff - lea ecx,[ebp-00000220]
00764804 - e8 37 f5 00 00 - call 00773d40
00764809 - c6 45 ff 00 - mov byte ptr [ebp-01],00
0076480D - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
00764813 - 8b 11 - mov edx,[ecx]
00764815 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
0076481B - 8b 42 58 - mov eax,[edx+58]
0076481E - ff d0 - call eax
00764820 - 0f b6 c8 - movzx ecx,al
00764823 - 85 c9 - test ecx,ecx
00764825 - 0f 84 e1 01 00 00 - je 00764a0c
0076482B - 8b 95 e0 fc ff ff - mov edx,[ebp-00000320]
00764831 - 8b 02 - mov eax,[edx]
00764833 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
00764839 - 8b 50 68 - mov edx,[eax+68]
0076483C - ff d2 - call edx
0076483E - 89 85 dc fd ff ff - mov [ebp-00000224],eax
00764844 - 83 bd dc fd ff ff 00 - cmp dword ptr [ebp-00000224],00
0076484B - 75 12 - jne 0076485f
0076484D - 6a 00 - push 00
0076484F - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
00764855 - e8 96 fa 00 00 - call 007742f0
0076485A - e9 ad 01 00 00 - jmp 00764a0c
0076485F - 8b 85 e0 fc ff ff - mov eax,[ebp-00000320]
00764865 - 8b 8d dc fd ff ff - mov ecx,[ebp-00000224]
0076486B - 3b 48 44 - cmp ecx,[eax+44]
0076486E - 75 6d - jne 007648dd
00764870 - 8b 95 e0 fc ff ff - mov edx,[ebp-00000320]
00764876 - 81 c2 10 06 00 00 - add edx,00000610
0076487C - 52 - push edx
0076487D - 8d 8d e0 fd ff ff - lea ecx,[ebp-00000220]
00764883 - e8 48 fb 00 00 - call 007743d0
00764888 - c6 45 ff 01 - mov byte ptr [ebp-01],01
0076488C - 51 - push ecx
0076488D - d9 05 20 a0 cd 00 - fld dword ptr [00cda020] : [3F000000]
00764893 - d9 1c 24 - fstp dword ptr [esp]
00764896 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
0076489C - 81 c1 ac 06 00 00 - add ecx,000006ac
007648A2 - e8 09 02 cc ff - call 00424ab0
007648A7 - 51 - push ecx
007648A8 - d9 05 cc 5c cf 00 - fld dword ptr [00cf5ccc] : [(float)6000.0000]
007648AE - d9 1c 24 - fstp dword ptr [esp]
007648B1 - 8b 8d e0 fc ff ff - mov ecx,[ebp-00000320]
007648B7 - 81 c1 88 06 00 00 - add ecx,00000688
007648BD - e8 ee 01 cc ff - call 00424ab0
007648C2 - 68 bf 63 00 00 - push 000063bf
007648C7 - b9 90 a5 e0 00 - mov ecx,00e0a590 : [00000000]
007648CC - e8 4f f6 e0 ff - call 00573f20
007648D1 - 8b c8 - mov ecx,eax
007648D3 - e8 e8 e3 e0 ff - call 00572cc0
007648D8 - e9 2f 01 00 00 - jmp 00764a0c
007648DD - 8b 85 e0 fc ff ff - mov eax,[ebp-00000320]
007648E3 - 8b 8d dc fd ff ff - mov ecx,[ebp-00000224]
007648E9 - 3b 48 48 - cmp ecx,[eax+48]
007648EC - 75 44 - jne 00764932
007648EE - 8b 95 e0 fc ff ff - mov edx,[ebp-00000320]
007648F4 - 81 c2 10 06 00 00 - add edx,00000610
007648FA - 52 - push edx
007648FB - 8d 8d e0 fd ff ff - lea ecx,[ebp-00000220]
00764901 - e8 ca fa 00 00 - call 007743d0
00764906 - c6 45 ff 01 - mov byte ptr [ebp-01],01
逆向过程
最新推荐文章于 2022-05-18 12:58:02 发布
这篇博客详细解析了一段汇编代码,涉及指令如瞬移、比较、加法、调用函数等,可能属于软件逆向工程的范畴,通过分析这些指令的执行流程,理解程序中的计算逻辑和控制流程。
摘要由CSDN通过智能技术生成