You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

32 lines
3.7 KiB

5 years ago
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>IDA - llauncher_dump.i64 (llauncher_dump.exe) C:\Users\xerox\Desktop\amlegit.com\files\llauncher\llauncher_dump.i64</title>
</head>
<body bgcolor="#ffffff">
<span style="white-space: pre; font-family: Consolas; color: blue; background: #ffffff">
<span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD1A </span><span style="color:navy">lea rdx, aExportload </span><span style="color:gray">; &quot;ExportLoad&quot;
</span><span style="color:black">.text:00007FF7D93BAD21 </span><span style="color:navy">lea rcx, InjectModuleHandle </span>; handle to inject.dll
<span style="color:black">.text:00007FF7D93BAD28 </span><span style="color:navy">push export_map_addr
</span><span style="color:black">.text:00007FF7D93BAD29 </span><span style="color:navy">call </span>GetProcAddress_Wrapper_0 ; GetProcAddress(InjectHandle, &quot;ExportLoad&quot;);
<span style="color:black">.text:00007FF7D93BAD2E
.text:00007FF7D93BAD2E </span><span style="color:navy">loc_7FF7D93BAD2E: </span><span style="color:#8080ff">; DATA XREF: sub_7FF7D954B379-8B56A↓o
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:olive">; sub_7FF7D953050F+19↓o
</span><span style="color:black">.text:00007FF7D93BAD2E </span><span style="color:navy">mov export_loader_addr, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD31 </span><span style="color:navy">lea rdx, aExportmap </span><span style="color:gray">; &quot;ExportMap&quot;
</span><span style="color:black">.text:00007FF7D93BAD38 </span><span style="color:navy">lea rcx, InjectModuleHandle
</span><span style="color:black">.text:00007FF7D93BAD3F </span><span style="color:navy">call </span>GetProcAddress_Wrapper_1 ; GetProcAddress(InjectHandle, &quot;ExportMap&quot;);
<span style="color:black">.text:00007FF7D93BAD44 </span><span style="color:navy">int </span><span style="color:green">3 </span>; Trap to Debugger
<span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:gray">; ---------------------------------------------------------------------------
</span><span style="color:black">.text:00007FF7D93BAD45 </span><span style="color:navy">mov export_map_addr, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD48 </span><span style="color:navy">test export_loader_addr, export_loader_addr
</span><span style="color:black">.text:00007FF7D93BAD4B </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed </span>; if(!GetProcAddress(InjectHandle, &quot;ExportLoad&quot;))
<span style="color:black">.text:00007FF7D93BAD51
.text:00007FF7D93BAD51 </span><span style="color:navy">loc_7FF7D93BAD51: </span><span style="color:olive">; DATA XREF: sub_7FF7D94AAA89+10F799↓o
</span><span style="color:black">.text:00007FF7D93BAD51 </span><span style="color:navy">test get_proc_result, get_proc_result
</span><span style="color:black">.text:00007FF7D93BAD54 </span><span style="color:navy">jz </span><span style="color:gray">get_import_failed </span>; if(!GetProcAddress(InjectHandle, &quot;ExportMap&quot;))
</span></body></html>