You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

237 lines
34 KiB

5 years ago
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>IDA - llauncher_dump.i64 (llauncher_dump.exe) C:\Users\xerox\Desktop\amlegit.com\files\llauncher\llauncher_dump.i64</title>
</head>
<body bgcolor="#ffffff">
<span style="white-space: pre; font-family: Consolas; color: blue; background: #ffffff">
<span style="color:black">.text:00007FF7D93BAC80
.text:00007FF7D93BAC80 </span><span style="color:gray">; =============== S U B R O U T I N E =======================================
</span><span style="color:black">.text:00007FF7D93BAC80
.text:00007FF7D93BAC80 </span><span style="color:gray">; Attributes: noreturn bp-based frame
</span><span style="color:black">.text:00007FF7D93BAC80
.text:00007FF7D93BAC80 </span>load_driver <span style="color:black">proc near </span><span style="color:green">; CODE XREF: sub_7FF7D93BB220+66↓p
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:#8080ff">; DATA XREF: .vmp1:00007FF7D9CB5F14↓o
</span><span style="color:black">.text:00007FF7D93BAC80
.text:00007FF7D93BAC80 </span><span style="color:green">arg_0 </span><span style="color:navy">= qword ptr </span><span style="color:#008040">20h
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:green">arg_8 </span><span style="color:navy">= qword ptr </span><span style="color:#008040">28h
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:green">arg_10 </span><span style="color:navy">= qword ptr </span><span style="color:#008040">30h
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:green">arg_18 </span><span style="color:navy">= qword ptr </span><span style="color:#008040">38h
</span><span style="color:black">.text:00007FF7D93BAC80
.text:00007FF7D93BAC80 </span><span style="color:navy">get_proc_result = rax
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:navy">export_map_addr = rdi
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:navy">export_loader_addr = rsi
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:navy">; __unwind { // sub_7FF7D93BD226
</span><span style="color:black">.text:00007FF7D93BAC80 </span><span style="color:navy">mov [rsp-</span><span style="color:green">18h</span><span style="color:navy">+</span><span style="color:green">arg_0</span><span style="color:navy">], rbx
</span><span style="color:black">.text:00007FF7D93BAC85 </span><span style="color:navy">push rbp
</span><span style="color:black">.text:00007FF7D93BAC86 </span><span style="color:navy">push export_loader_addr
</span><span style="color:black">.text:00007FF7D93BAC87 </span><span style="color:navy">push export_map_addr
</span><span style="color:black">.text:00007FF7D93BAC88 </span><span style="color:navy">mov rbp, rsp
</span><span style="color:black">.text:00007FF7D93BAC8B </span><span style="color:navy">sub rsp, </span><span style="color:green">20h
</span><span style="color:black">.text:00007FF7D93BAC8F </span>; 6: sub_7FF7D95BBA6F(a1);
<span style="color:black">.text:00007FF7D93BAC8F </span><span style="color:navy">mov rbx, rcx
</span><span style="color:black">.text:00007FF7D93BAC92 </span>; 5: v2 = &amp;v1;
<span style="color:black">.text:00007FF7D93BAC92 </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAC96
.text:00007FF7D93BAC96 </span><span style="color:navy">loc_7FF7D93BAC96: </span><span style="color:olive">; DATA XREF: sub_7FF7D959D1A6-1C17C↓o
</span><span style="color:black">.text:00007FF7D93BAC96 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAC9A </span><span style="color:navy">mov edx, </span><span style="color:green">11h
</span><span style="color:black">.text:00007FF7D93BAC9F </span><span style="color:navy">lea rcx, aLoadingDriver </span><span style="color:gray">; &quot;Loading driver...&quot;
</span><span style="color:black">.text:00007FF7D93BACA6 </span><span style="color:navy">call sub_7FF7D95BBA6F
</span><span style="color:black">.text:00007FF7D93BACAB </span>; 7: __debugbreak();
<span style="color:black">.text:00007FF7D93BACAB </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BACAC </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BACAC </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BACB0 </span><span style="color:navy">mov edx, </span><span style="color:green">1
</span><span style="color:black">.text:00007FF7D93BACB5 </span><span style="color:navy">lea rcx, aI </span><span style="color:gray">; &quot;i&quot;
</span><span style="color:black">.text:00007FF7D93BACBC </span><span style="color:navy">call sub_7FF7D940B132
</span><span style="color:black">.text:00007FF7D93BACC1 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BACC2 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BACC2 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BACC6 </span><span style="color:navy">lea r8, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BACCA </span><span style="color:navy">lea rdx, [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BACCE </span><span style="color:navy">mov rcx, rbx
</span><span style="color:black">.text:00007FF7D93BACD1 </span><span style="color:navy">call sub_7FF7D93BB040
</span><span style="color:black">.text:00007FF7D93BACD6 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BACD6
.text:00007FF7D93BACD6 </span><span style="color:navy">loc_7FF7D93BACD6: </span><span style="color:olive">; DATA XREF: sub_7FF7D95E4FFB+1↓o
</span><span style="color:black">.text:00007FF7D93BACD6 </span><span style="color:olive">; sub_7FF7D95ED6E8-E95B5↓o
</span><span style="color:black">.text:00007FF7D93BACD6 </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BACDA </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BACDE </span><span style="color:navy">mov edx, </span><span style="color:green">12h
</span><span style="color:black">.text:00007FF7D93BACE3 </span><span style="color:navy">lea rcx, aGettingExports </span><span style="color:gray">; &quot;Getting exports...&quot;
</span><span style="color:black">.text:00007FF7D93BACEA </span><span style="color:navy">push rbx
</span><span style="color:black">.text:00007FF7D93BACEB
.text:00007FF7D93BACEB </span><span style="color:navy">loc_7FF7D93BACEB: </span><span style="color:olive">; DATA XREF: sub_7FF7D94757CA-1297F↓o
</span><span style="color:black">.text:00007FF7D93BACEB </span><span style="color:navy">call sub_7FF7D95592BA
</span><span style="color:black">.text:00007FF7D93BACF0 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BACF4
.text:00007FF7D93BACF4 </span><span style="color:navy">loc_7FF7D93BACF4: </span><span style="color:olive">; DATA XREF: sub_7FF7D94468AE+1674B7↓o
</span><span style="color:black">.text:00007FF7D93BACF4 </span><span style="color:navy">mov edx, </span><span style="color:green">1
</span><span style="color:black">.text:00007FF7D93BACF9 </span><span style="color:navy">lea rcx, aD </span><span style="color:gray">; &quot;d&quot;
</span><span style="color:black">.text:00007FF7D93BAD00 </span><span style="color:navy">push get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD01 </span><span style="color:navy">call sub_7FF7D95056A0
</span><span style="color:black">.text:00007FF7D93BAD06
.text:00007FF7D93BAD06 </span><span style="color:navy">loc_7FF7D93BAD06: </span><span style="color:olive">; DATA XREF: sub_7FF7D942142B+1BEC8↓o
</span><span style="color:black">.text:00007FF7D93BAD06 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD0A </span><span style="color:navy">lea r8, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAD0E </span><span style="color:navy">lea rdx, [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAD12 </span><span style="color:navy">mov rcx, rbx
</span><span style="color:black">.text:00007FF7D93BAD15 </span><span style="color:navy">call sub_7FF7D93BB040
</span><span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:navy">lea rdx, aExportload </span><span style="color:gray">; &quot;ExportLoad&quot;
</span><span style="color:black">.text:00007FF7D93BAD21 </span><span style="color:navy">lea rcx, InjectModuleHandle </span>; handle to inject.dll
<span style="color:black">.text:00007FF7D93BAD28 </span><span style="color:navy">push export_map_addr
</span><span style="color:black">.text:00007FF7D93BAD29 </span><span style="color:navy">call </span>GetProcAddress_Wrapper_0 ; GetProcAddress(InjectHandle, &quot;ExportLoad&quot;);
<span style="color:black">.text:00007FF7D93BAD2E
.text:00007FF7D93BAD2E </span><span style="color:navy">loc_7FF7D93BAD2E: </span><span style="color:#8080ff">; DATA XREF: sub_7FF7D954B379-8B56A↓o
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:olive">; sub_7FF7D953050F+19↓o
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:navy">mov export_loader_addr, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD31 </span><span style="color:navy">lea rdx, aExportmap </span><span style="color:gray">; &quot;ExportMap&quot;
</span><span style="color:black">.text:00007FF7D93BAD38 </span><span style="color:navy">lea rcx, InjectModuleHandle
</span><span style="color:black">.text:00007FF7D93BAD3F </span><span style="color:navy">call </span>GetProcAddress_Wrapper_1 ; GetProcAddress(InjectHandle, &quot;ExportMap&quot;);
<span style="color:black">.text:00007FF7D93BAD44 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:navy">mov export_map_addr, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD48 </span><span style="color:navy">test export_loader_addr, export_loader_addr
</span><span style="color:black">.text:00007FF7D93BAD4B </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed </span>; if(!GetProcAddress(InjectHandle, &quot;ExportLoad&quot;))
<span style="color:black">.text:00007FF7D93BAD51
.text:00007FF7D93BAD51 </span><span style="color:navy">loc_7FF7D93BAD51: </span><span style="color:olive">; DATA XREF: sub_7FF7D94AAA89+10F799↓o
</span><span style="color:black">.text:00007FF7D93BAD51 </span><span style="color:navy">test get_proc_result, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD54 </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed
</span><span style="color:black">.text:00007FF7D93BAD5A </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAD5E </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD62 </span><span style="color:navy">mov edx, </span><span style="color:green">1Ch
</span><span style="color:black">.text:00007FF7D93BAD67
.text:00007FF7D93BAD67 </span><span style="color:navy">loc_7FF7D93BAD67: </span><span style="color:olive">; DATA XREF: sub_7FF7D95ECD37-A8861↓o
</span><span style="color:black">.text:00007FF7D93BAD67 </span><span style="color:olive">; .vmp0:loc_7FF7D94B4A3E↓o
</span><span style="color:black">.text:00007FF7D93BAD67 </span><span style="color:navy">lea rcx, aLoadingVulnera </span><span style="color:gray">; &quot;Loading vulnerable driver...&quot;
</span><span style="color:black">.text:00007FF7D93BAD6E </span><span style="color:navy">push rbx
</span><span style="color:black">.text:00007FF7D93BAD6F </span><span style="color:navy">call </span>print_wrapper
<span style="color:black">.text:00007FF7D93BAD74 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD78 </span><span style="color:navy">mov edx, </span><span style="color:green">1
</span><span style="color:black">.text:00007FF7D93BAD7D
.text:00007FF7D93BAD7D </span><span style="color:navy">loc_7FF7D93BAD7D: </span><span style="color:olive">; DATA XREF: sub_7FF7D94503B6-30DA4↓o
</span><span style="color:black">.text:00007FF7D93BAD7D </span><span style="color:navy">lea rcx, aD </span><span style="color:gray">; &quot;d&quot;
</span><span style="color:black">.text:00007FF7D93BAD84 </span><span style="color:navy">call sub_7FF7D9478BE0
</span><span style="color:black">.text:00007FF7D93BAD89 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAD8A </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD8A </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD8E </span><span style="color:navy">lea r8, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAD92 </span><span style="color:navy">lea rdx, [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAD96 </span><span style="color:navy">mov rcx, rbx
</span><span style="color:black">.text:00007FF7D93BAD99 </span><span style="color:navy">call sub_7FF7D93BB040
</span><span style="color:black">.text:00007FF7D93BAD9E </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD9E </span><span style="color:navy">call export_loader_addr </span>; ExportLoad()
<span style="color:black">.text:00007FF7D93BADA0 </span><span style="color:navy">test al, al
</span><span style="color:black">.text:00007FF7D93BADA2 </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BADA6 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BADAA </span><span style="color:navy">jnz short </span><span style="color:gray">loaded_intel_driver </span>; if(!ExportLoad())
<span style="color:black">.text:00007FF7D93BADAC </span><span style="color:navy">mov edx, </span><span style="color:green">20h </span><span style="color:gray">; &#039; &#039;
</span><span style="color:black">.text:00007FF7D93BADB1 </span><span style="color:navy">lea rcx, aFailedToLoadVu </span><span style="color:gray">; &quot;Failed to load vulnerable driver&quot;
</span><span style="color:black">.text:00007FF7D93BADB8 </span><span style="color:navy">call sub_7FF7D958DEFC
</span><span style="color:black">.text:00007FF7D93BADBD </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BADBE </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BADBE </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BADC2 </span><span style="color:navy">jmp loc_7FF7D93BAE6D
</span><span style="color:black">.text:00007FF7D93BADC7 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BADC7
.text:00007FF7D93BADC7 </span><span style="color:gray">loaded_intel_driver</span><span style="color:navy">: </span><span style="color:green">; CODE XREF: load_driver+12A↑j
</span><span style="color:black">.text:00007FF7D93BADC7 </span><span style="color:navy">mov edx, </span><span style="color:green">21
</span><span style="color:black">.text:00007FF7D93BADCC
.text:00007FF7D93BADCC </span><span style="color:navy">loc_7FF7D93BADCC: </span><span style="color:olive">; DATA XREF: .vmp0:00007FF7D95F9431↓o
</span><span style="color:black">.text:00007FF7D93BADCC </span><span style="color:navy">lea rcx, aMappingOurDriv </span><span style="color:gray">; &quot;Mapping our driver...&quot;
</span><span style="color:black">.text:00007FF7D93BADD3 </span><span style="color:navy">push rdx
</span><span style="color:black">.text:00007FF7D93BADD4 </span><span style="color:navy">call sub_7FF7D955E32D
</span><span style="color:black">.text:00007FF7D93BADD9 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BADDD </span><span style="color:navy">mov edx, </span><span style="color:green">1
</span><span style="color:black">.text:00007FF7D93BADE2 </span><span style="color:navy">lea rcx, aD </span><span style="color:gray">; &quot;d&quot;
</span><span style="color:black">.text:00007FF7D93BADE9
.text:00007FF7D93BADE9 </span><span style="color:navy">loc_7FF7D93BADE9: </span><span style="color:olive">; DATA XREF: sub_7FF7D95A4C59:loc_7FF7D9592C44↓o
</span><span style="color:black">.text:00007FF7D93BADE9 </span><span style="color:navy">call sub_7FF7D952ADCD
</span><span style="color:black">.text:00007FF7D93BADEE </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BADEF </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BADEF </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BADF3 </span><span style="color:navy">lea r8, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BADF7 </span><span style="color:navy">lea rdx, [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BADFB </span><span style="color:navy">mov rcx, rbx
</span><span style="color:black">.text:00007FF7D93BADFE </span><span style="color:navy">call sub_7FF7D93BB040
</span><span style="color:black">.text:00007FF7D93BAE03 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE03 </span><span style="color:navy">lea rcx, aDriverSys </span><span style="color:gray">; &quot;driver.sys&quot;
</span><span style="color:black">.text:00007FF7D93BAE0A </span><span style="color:navy">call export_map_addr
</span><span style="color:black">.text:00007FF7D93BAE0C </span><span style="color:navy">test al, al
</span><span style="color:black">.text:00007FF7D93BAE0E
.text:00007FF7D93BAE0E </span><span style="color:navy">loc_7FF7D93BAE0E: </span><span style="color:olive">; DATA XREF: sub_7FF7D957BEA6-FC4D7↓o
</span><span style="color:black">.text:00007FF7D93BAE0E </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAE12 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE16 </span><span style="color:navy">jnz short </span><span style="color:gray">mapped_driver_success
</span><span style="color:black">.text:00007FF7D93BAE18 </span><span style="color:navy">mov edx, </span><span style="color:green">18h
</span><span style="color:black">.text:00007FF7D93BAE1D </span><span style="color:navy">lea rcx, aFailedToMapOur </span><span style="color:gray">; &quot;Failed to map our driver&quot;
</span><span style="color:black">.text:00007FF7D93BAE24
.text:00007FF7D93BAE24 </span><span style="color:navy">loc_7FF7D93BAE24: </span><span style="color:#8080ff">; DATA XREF: sub_7FF7D94FF131-2DECE↓o
</span><span style="color:black">.text:00007FF7D93BAE24 </span><span style="color:navy">push export_loader_addr
</span><span style="color:black">.text:00007FF7D93BAE25 </span><span style="color:navy">call sub_7FF7D954EE11
</span><span style="color:black">.text:00007FF7D93BAE2A </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE2E </span><span style="color:navy">jmp short loc_7FF7D93BAE6D
</span><span style="color:black">.text:00007FF7D93BAE30 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE30
.text:00007FF7D93BAE30 </span><span style="color:gray">mapped_driver_success</span><span style="color:navy">: </span><span style="color:green">; CODE XREF: load_driver+196↑j
</span><span style="color:black">.text:00007FF7D93BAE30 </span><span style="color:navy">mov edx, </span><span style="color:green">1Ah
</span><span style="color:black">.text:00007FF7D93BAE35
.text:00007FF7D93BAE35 </span><span style="color:navy">loc_7FF7D93BAE35: </span><span style="color:olive">; DATA XREF: sub_7FF7D9567ABC-7F50C↓o
</span><span style="color:black">.text:00007FF7D93BAE35 </span><span style="color:olive">; sub_7FF7D95A8564-271A↓o
</span><span style="color:black">.text:00007FF7D93BAE35 </span><span style="color:navy">lea rcx, aDriverLoadedSu </span><span style="color:gray">; &quot;Driver loaded successfully&quot;
</span><span style="color:black">.text:00007FF7D93BAE3C
.text:00007FF7D93BAE3C </span><span style="color:navy">loc_7FF7D93BAE3C: </span><span style="color:olive">; DATA XREF: sub_7FF7D9471582+10↓o
</span><span style="color:black">.text:00007FF7D93BAE3C </span><span style="color:navy">call sub_7FF7D95B77C9
</span><span style="color:black">.text:00007FF7D93BAE41 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAE42 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE42 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE46 </span><span style="color:navy">lea rcx, aS </span><span style="color:gray">; &quot;s&quot;
</span><span style="color:black">.text:00007FF7D93BAE4D </span><span style="color:navy">jmp short loc_7FF7D93BAE74
</span><span style="color:black">.text:00007FF7D93BAE4F </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE4F
.text:00007FF7D93BAE4F </span><span style="color:gray">get_import_failed</span><span style="color:navy">: </span><span style="color:green">; CODE XREF: load_driver+CB↑j
</span><span style="color:black">.text:00007FF7D93BAE4F </span><span style="color:green">; load_driver+D4↑j
</span><span style="color:black">.text:00007FF7D93BAE4F </span><span style="color:navy">lea get_proc_result, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAE53 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_18</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE57
.text:00007FF7D93BAE57 </span><span style="color:navy">loc_7FF7D93BAE57: </span><span style="color:olive">; DATA XREF: sub_7FF7D9529E62+78856↓o
</span><span style="color:black">.text:00007FF7D93BAE57 </span><span style="color:navy">mov edx, </span><span style="color:green">15h
</span><span style="color:black">.text:00007FF7D93BAE5C </span><span style="color:navy">lea rcx, aFailedToGetExp </span><span style="color:gray">; &quot;Failed to get exports&quot;
</span><span style="color:black">.text:00007FF7D93BAE63 </span><span style="color:navy">call sub_7FF7D95DC54A
</span><span style="color:black">.text:00007FF7D93BAE68 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAE69 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE69 </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE6D
.text:00007FF7D93BAE6D </span><span style="color:navy">loc_7FF7D93BAE6D: </span><span style="color:green">; CODE XREF: load_driver+142↑j
</span><span style="color:black">.text:00007FF7D93BAE6D </span><span style="color:green">; load_driver+1AE↑j
</span><span style="color:black">.text:00007FF7D93BAE6D </span><span style="color:olive">; DATA XREF: ...
</span><span style="color:black">.text:00007FF7D93BAE6D </span><span style="color:navy">lea rcx, aE </span><span style="color:gray">; &quot;e&quot;
</span><span style="color:black">.text:00007FF7D93BAE74
.text:00007FF7D93BAE74 </span><span style="color:navy">loc_7FF7D93BAE74: </span><span style="color:green">; CODE XREF: load_driver+1CD↑j
</span><span style="color:black">.text:00007FF7D93BAE74 </span><span style="color:navy">mov edx, </span><span style="color:green">1
</span><span style="color:black">.text:00007FF7D93BAE79 </span><span style="color:navy">call sub_7FF7D959401E
</span><span style="color:black">.text:00007FF7D93BAE7E </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAE7F </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE7F </span><span style="color:navy">mov [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">], get_proc_result
</span><span style="color:black">.text:00007FF7D93BAE83 </span><span style="color:navy">lea r8, [rbp+</span><span style="color:green">arg_8</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAE87 </span><span style="color:navy">lea rdx, [rbp+</span><span style="color:green">arg_10</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAE8B </span><span style="color:navy">mov rcx, rbx
</span><span style="color:black">.text:00007FF7D93BAE8E </span><span style="color:navy">call sub_7FF7D93BB040
</span><span style="color:black">.text:00007FF7D93BAE93 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAE93 </span><span style="color:navy">mov rbx, [rsp+</span><span style="color:green">20h</span><span style="color:navy">+</span><span style="color:green">arg_0</span><span style="color:navy">]
</span><span style="color:black">.text:00007FF7D93BAE98 </span><span style="color:navy">add rsp, </span><span style="color:green">20h
</span><span style="color:black">.text:00007FF7D93BAE9C
.text:00007FF7D93BAE9C </span><span style="color:navy">loc_7FF7D93BAE9C: </span><span style="color:#8080ff">; DATA XREF: sub_7FF7D954BA34+37E22↓o
</span><span style="color:black">.text:00007FF7D93BAE9C </span><span style="color:navy">pop export_map_addr
</span><span style="color:black">.text:00007FF7D93BAE9D </span><span style="color:navy">pop export_loader_addr
</span><span style="color:black">.text:00007FF7D93BAE9E </span><span style="color:navy">pop rbp
</span><span style="color:black">.text:00007FF7D93BAE9F </span><span style="color:navy">retn
</span><span style="color:black">.text:00007FF7D93BAE9F </span><span style="color:navy">; } // starts at 7FF7D93BAC80
</span><span style="color:black">.text:00007FF7D93BAE9F </span>load_driver <span style="color:black">endp
.text:00007FF7D93BAE9F
</span></body></html>