Back to Index
Previous: sub_02CDAA78
Next: sub_02CDAB44
Labelmas.sub_02CDAAC8
02CDAAC8 /$ PUSH EBP
02CDAAC9 |. MOV EBP,ESP
02CDAACB |. PUSH ECX
02CDAACC |. PUSH EBX
02CDAACD |. PUSH ESI
02CDAACE |. PUSH EDI
02CDAACF |. MOV EDI,DWORD PTR SS:[EBP+C]
02CDAAD2 |. PUSH 0 ; /hTemplateFile = NULL
02CDAAD4 |. PUSH 80 ; |Attributes = NORMAL
02CDAAD9 |. PUSH 2 ; |Mode = CREATE_ALWAYS
02CDAADB |. PUSH 0 ; |pSecurity = NULL
02CDAADD |. PUSH 0 ; |ShareMode = 0
02CDAADF |. PUSH C0000000 ; |Access = GENERIC_READ|GENERIC_WRITE
02CDAAE4 |. MOV EAX,DWORD PTR SS:[EBP+8] ; |
02CDAAE7 |. PUSH EAX ; |FileName
02CDAAE8 |. CALL <JMP.&KERNEL32.CreateFileA> ; \CreateFileA
02CDAAED |. MOV EBX,EAX
02CDAAEF |. TEST EAX,EAX
02CDAAF1 |. JE SHORT Labelmas.02CDAB2A
02CDAAF3 |. CALL Labelmas.02CDAA78
02CDAAF8 |. MOV ESI,EAX
02CDAAFA |. LEA EAX,DWORD PTR SS:[EBP-4]
02CDAAFD |. PUSH 0
02CDAAFF |. PUSH EAX
02CDAB00 |. PUSH ESI
02CDAB01 |. CALL Labelmas.02CD2A2C
02CDAB06 |. POP ECX ; |
02CDAB07 |. PUSH EAX ; |nBytesToWrite
02CDAB08 |. PUSH ESI ; |Buffer
02CDAB09 |. PUSH EBX ; |hFile
02CDAB0A |. CALL <JMP.&KERNEL32.WriteFile> ; \WriteFile
02CDAB0F |. PUSH 0
02CDAB11 |. LEA EDX,DWORD PTR SS:[EBP-4]
02CDAB14 |. PUSH EDX
02CDAB15 |. PUSH EDI
02CDAB16 |. CALL Labelmas.02CD2A2C
02CDAB1B |. POP ECX ; |
02CDAB1C |. PUSH EAX ; |nBytesToWrite
02CDAB1D |. PUSH EDI ; |Buffer
02CDAB1E |. PUSH EBX ; |hFile
02CDAB1F |. CALL <JMP.&KERNEL32.WriteFile> ; \WriteFile
02CDAB24 |. PUSH EBX ; /hObject
02CDAB25 |. CALL <JMP.&KERNEL32.CloseHandle> ; \CloseHandle
02CDAB2A |> POP EDI
02CDAB2B |. POP ESI
02CDAB2C |. POP EBX
02CDAB2D |. POP ECX
02CDAB2E |. POP EBP
02CDAB2F \. RETN
02CDAB30 /. PUSH EBP
02CDAB31 |. MOV EBP,ESP
02CDAB33 |. MOV EAX,DWORD PTR SS:[EBP+C]
02CDAB36 |. MOV DWORD PTR DS:[EAX],1
02CDAB3C |. XOR EAX,EAX
02CDAB3E |. POP EBP
02CDAB3F \. RETN 8
02CDAB42 NOP
02CDAB43 NOP
Converted to HTML using
olly2html.pl
0.1 by Joe Stewart