You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
3.7 KiB
32 lines
3.7 KiB
5 years ago
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
||
|
<title>IDA - llauncher_dump.i64 (llauncher_dump.exe) C:\Users\xerox\Desktop\amlegit.com\files\llauncher\llauncher_dump.i64</title>
|
||
|
</head>
|
||
|
<body bgcolor="#ffffff">
|
||
|
<span style="white-space: pre; font-family: Consolas; color: blue; background: #ffffff">
|
||
|
|
||
|
<span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:gray">; ---------------------------------------------------------------------------
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:navy">lea rdx, aExportload </span><span style="color:gray">; "ExportLoad"
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD21 </span><span style="color:navy">lea rcx, InjectModuleHandle </span>; handle to inject.dll
|
||
|
<span style="color:black">.text:00007FF7D93BAD28 </span><span style="color:navy">push export_map_addr
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD29 </span><span style="color:navy">call </span>GetProcAddress_Wrapper_0 ; GetProcAddress(InjectHandle, "ExportLoad");
|
||
|
<span style="color:black">.text:00007FF7D93BAD2E
|
||
|
.text:00007FF7D93BAD2E </span><span style="color:navy">loc_7FF7D93BAD2E: </span><span style="color:#8080ff">; DATA XREF: sub_7FF7D954B379-8B56A↓o
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:olive">; sub_7FF7D953050F+19↓o
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:navy">mov export_loader_addr, get_proc_result
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD31 </span><span style="color:navy">lea rdx, aExportmap </span><span style="color:gray">; "ExportMap"
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD38 </span><span style="color:navy">lea rcx, InjectModuleHandle
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD3F </span><span style="color:navy">call </span>GetProcAddress_Wrapper_1 ; GetProcAddress(InjectHandle, "ExportMap");
|
||
|
<span style="color:black">.text:00007FF7D93BAD44 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
|
||
|
<span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:gray">; ---------------------------------------------------------------------------
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:navy">mov export_map_addr, get_proc_result
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD48 </span><span style="color:navy">test export_loader_addr, export_loader_addr
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD4B </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed </span>; if(!GetProcAddress(InjectHandle, "ExportLoad"))
|
||
|
<span style="color:black">.text:00007FF7D93BAD51
|
||
|
.text:00007FF7D93BAD51 </span><span style="color:navy">loc_7FF7D93BAD51: </span><span style="color:olive">; DATA XREF: sub_7FF7D94AAA89+10F799↓o
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD51 </span><span style="color:navy">test get_proc_result, get_proc_result
|
||
|
</span><span style="color:black">.text:00007FF7D93BAD54 </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed </span>; if(!GetProcAddress(InjectHandle, "ExportMap"))
|
||
|
</span></body></html>
|