 |
  |
|
| 首页 | 技术文章 | 软件下载 | 博客 | 论坛 | 精品教程 | 黑客动画 | 视频资源 | 在线服务 | 黑客游戏 | | ||||
 |
|
|||||||
|
||||||||
|
|||||
| hezhi病毒分析报告 | |||||
作者:未知 文章来源:黑客动画吧 点击数: 更新时间:2006-3-18  |
|||||
|
00412DEC E8 3B050000 CALL CLSPACK.0041332C \\这里是五层加密的地方 00412DF1 E8 F9040000 CALL CLSPACK.004132EF 00412DF6 E8 C3040000 CALL CLSPACK.004132BE \\跟前面的五次解密顺序相反 00412DFB 60 PUSHAD 00412DFC E8 92030000 CALL CLSPACK.00413193 00412E01 61 POPAD 00412E02 60 PUSHAD 00412E03 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412E09 6A 00 PUSH 0 00412E0B 6A 00 PUSH 0 00412E0D 52 PUSH EDX 00412E0E 53 PUSH EBX 00412E0F FF97 892A0000 CALL DWORD PTR DS:[EDI+2A89] 00412E15 83F8 00 CMP EAX,0 00412E18 61 POPAD 00412E19 0F84 CB000000 JE CLSPACK.00412EEA 00412E1F 60 PUSHAD 00412E20 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412E26 6A 00 PUSH 0 00412E28 8D87 9C2E0000 LEA EAX,DWORD PTR DS:[EDI+2E9C] 00412E2E 50 PUSH EAX 00412E2F 51 PUSH ECX 00412E30 8D87 4E3F0000 LEA EAX,DWORD PTR DS:[EDI+3F4E] 00412E36 50 PUSH EAX 00412E37 53 PUSH EBX 00412E38 FF97 7D2A0000 CALL DWORD PTR DS:[EDI+2A7D] 00412E3E 83F8 00 CMP EAX,0 00412E41 61 POPAD 00412E42 0F84 A2000000 JE CLSPACK.00412EEA 00412E48 60 PUSHAD 00412E49 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412E4F 6A 00 PUSH 0 00412E51 6A 00 PUSH 0 00412E53 FFB7 902E0000 PUSH DWORD PTR DS:[EDI+2E90] 00412E59 53 PUSH EBX 00412E5A FF97 892A0000 CALL DWORD PTR DS:[EDI+2A89] 00412E60 83F8 00 CMP EAX,0 00412E63 61 POPAD 00412E64 0F84 80000000 JE CLSPACK.00412EEA 00412E6A 60 PUSHAD 00412E6B 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412E71 6A 00 PUSH 0 00412E73 8D87 9C2E0000 LEA EAX,DWORD PTR DS:[EDI+2E9C] 00412E79 , ; 50 PUSH EAX 00412E7A 68 00040000 PUSH 400 00412E7F 8D87 4A310000 LEA EAX,DWORD PTR DS:[EDI+314A] 00412E85 50 PUSH EAX 00412E86 53 PUSH EBX 00412E87 FF97 7D2A0000 CALL DWORD PTR DS:[EDI+2A7D] 00412E8D 83F8 00 CMP EAX,0 00412E90 61 POPAD 00412E91 74 57 JE SHORT CLSPACK.00412EEA 00412E93 60 PUSHAD 00412E94 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412E9A 6A 00 PUSH 0 00412E9C 6A 00 PUSH 0 00412E9E FFB7 8C2E0000 PUSH DWORD PTR DS:[EDI+2E8C] 00412EA4 53 PUSH EBX 00412EA5 FF97 892A0000 CALL DWORD PTR DS:[EDI+2A89] 00412EAB 83F8 00 CMP EAX,0 00412EAE 61 POPAD 00412EAF 74 39 JE SHORT CLSPACK.00412EEA 00412EB1 E8 0A050000 CALL CLSPACK.004133C0 00412EB6 E8 D20C0000 CALL CLSPACK.00413B8D 00412EBB E8 35030000 CALL CLSPACK.004131F5 00412EC0 60 PUSHAD 00412EC1 8B9F 882E0000 MOV EBX,DWORD PTR DS:[EDI+2E88] 00412EC7 6A 00 PUSH 0 00412EC9 8D87 9C2E0000 LEA EAX,DWORD PTR DS:[EDI+2E9C] 00412ECF 50 PUSH EAX 00412ED0 FFB7 AE300000 PUSH DWORD PTR DS:[EDI+30AE] 00412ED6 8D87 4A310000 LEA EAX,DWORD PTR DS:[EDI+314A] 00412EDC 50 PUSH EAX 00412EDD 53 PUSH EBX 00412EDE FF97 7D2A0000 CALL DWORD PTR DS:[EDI+2A7D] 00412EE4 83F8 00 CMP EAX,0 00412EE7 61 POPAD 00412EE8 74 00 JE SHORT CLSPACK.00412EEA 00412EEA 8B87 B8290000 MOV EAX,DWORD PTR DS:[EDI+29B8] 00412EF0 83E8 2C SUB EAX,2C 00412EF3 83C0 14 ADD EAX,14 00412EF6 50 PUSH EAX 00412EF7 8B87 B8290000 MOV EAX,DWORD PTR DS:[EDI+29B8] 00412EFD 83E8 2C SUB EAX,2C 00412F00 83C0 0C ADD EAX,0C 00412F03 50 PUSH EAX 00412F04 8B87 B8290000 上一页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] 下一页 |
|||||
| 文章录入:IceRiver 责任编辑:admin | |||||
| 【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 | |||||
 网友评论:(只显示最新5条。评论内容只代表网友观点,与本站立场无关!) |
 |
|
| 关于我们 - 版权声明 - 帮助(?) - 广告服务 - 联系我们 - 友情链接 - 用户注册 - | Powered by ICE RIVER - STUDIO |
|
|
| » CnXHacker.CoM |  |
© CopyRight 2002-2006, CnXHacker.CoM™, Inc. All Rights Reserved. |
