1. Alexander Hanel Avatar Alexander Hanel
  2. Untitled project
  3. reiat
  4. Issues

Functions

Issue #5 new
Alexander Hanel repo owner created an issue

Current implementation is only to ignore Calls to GetModuleHandle. This logic needs to be re-evaluated. 

seg000:00A31B8F
seg000:00A31B8F                 push    ebp
seg000:00A31B90                 mov     ebp, esp
seg000:00A31B92                 mov     eax, ds:dword_A576C8
seg000:00A31B97                 test    eax, eax
seg000:00A31B99                 jnz     short loc_A31BB1
seg000:00A31B9B                 push    offset aCreatethread ; "CreateThread"
seg000:00A31BA0                 call    _GetModuleBase_Kernel32
seg000:00A31BA5                 push    eax
seg000:00A31BA6                 call    ds:GetProcAddress
seg000:00A31BAC                 mov     ds:dword_A576C8, eax
seg000:00A31BB1
seg000:00A31BB1 loc_A31BB1:                             ; CODE XREF: sub_A31B8F+A?j
seg000:00A31BB1                 push    [ebp+arg_C]
seg000:00A31BB4                 push    [ebp+arg_8]
seg000:00A31BB7                 push    [ebp+arg_4]
seg000:00A31BBA                 push    [ebp+arg_0]
seg000:00A31BBD                 push    0
seg000:00A31BBF                 push    0
seg000:00A31BC1                 call    eax ; dword_A576C8
seg000:00A31BC3                 pop     ebp
seg000:00A31BC4                 retn    10h
seg000:00A31BC4 sub_A31B8F      endp
seg000:00A31BC4

Also, renaming this function as a wrapper function would be cool.

Comments (0)

  1. Log in to comment
Assignee
Type
bug
Priority
major
Status
new
Votes
0
Watchers
1
Jira Software: the preferred issue tracker for Bitbucket. Join the team!