[spam][crazy] bomb malware
Karl
gmkarl at gmail.com
Tue Dec 14 03:45:01 PST 2021
// call EDX as a function. EDX is the 4th 32-bit register, i.e. cpu
working-memory.
080480d9 ff d2 CALL EDX
// this is where the jump statement from 080480cd ends up. So, this
is the start of the while loop, and the code immediately above isn't
executed until this is.
LAB_080480db
XREF[1]: 080480cd(j)
// copy PTR_DAT_0804e024 into EAX.
080480db a1 24 e0 MOV EAX,[PTR_DAT_0804e024]
= 0804e00c
04 08
I'm a little confused on whether [ADDR] dereferences the data pointed
to by the address or not, in this notation. I think I'll look it up.
More information about the cypherpunks
mailing list