[Asm] 纯文本查看 复制代码
loginui.dll + 0x3F570 = 登陆按钮事件
6D2CF570 | 55 | push ebp | 登录按钮事件 ecx = edi = arg.1 4个参数
6D2CF571 | 8B EC | mov ebp,esp |
6D2CF573 | 6A FF | push FFFFFFFF |
6D2CF575 | 68 F6 63 31 6D | push <loginui.sub_6D3163F6> |
6D2CF57A | 64 A1 00 00 00 00 | mov eax,dword ptr fs:[0] |
6D2CF580 | 50 | push eax |
6D2CF581 | 81 EC 80 00 00 00 | sub esp,80 |
6D2CF587 | A1 E0 14 34 6D | mov eax,dword ptr ds:[6D3414E0] |
6D2CF58C | 33 C5 | xor eax,ebp |
6D2CF58E | 89 45 F0 | mov dword ptr ss:[ebp-10],eax |
6D2CF591 | 53 | push ebx |
6D2CF592 | 56 | push esi |
6D2CF593 | 57 | push edi |
6D2CF594 | 50 | push eax |
6D2CF595 | 8D 45 F4 | lea eax,dword ptr ss:[ebp-C] |
6D2CF598 | 64 A3 00 00 00 00 | mov dword ptr fs:[0],eax |
6D2CF59E | 8B F9 | mov edi,ecx |
6D2CF5A0 | 33 DB | xor ebx,ebx |
6D2CF5A2 | 89 5D A0 | mov dword ptr ss:[ebp-60],ebx |
6D2CF5A5 | 8B 4F 74 | mov ecx,dword ptr ds:[edi+74] |
6D2CF5A8 | FF 15 48 FA 31 6D | call dword ptr ds:[<&QStackedWidget::currentWidget>] | 获取控件
6D2CF5AE | 3B 47 78 | cmp eax,dword ptr ds:[edi+78] |
6D2CF5B1 | 8D 45 A4 | lea eax,dword ptr ss:[ebp-5C] |
6D2CF5B4 | 50 | push eax |
6D2CF5B5 | 75 63 | jne loginui.6D2CF61A |
6D2CF5B7 | 8B 8F 84 00 00 00 | mov ecx,dword ptr ds:[edi+84] |
6D2CF5BD | FF 15 70 FA 31 6D | call dword ptr ds:[<&QLineEdit::text>] |
6D2CF5C3 | 50 | push eax |
6D2CF5C4 | 8D 8F 90 00 00 00 | lea ecx,dword ptr ds:[edi+90] | [edi+90]:QArrayData::shared_null
6D2CF5CA | FF 15 44 F5 31 6D | call dword ptr ds:[<&QCommandLineOption::operator=>] |
6D2CF5D0 | 8D 4D A4 | lea ecx,dword ptr ss:[ebp-5C] |
6D2CF5D3 | FF 15 AC F5 31 6D | call dword ptr ds:[<&QXmlStreamStringRef::~QXmlStreamStringRe |
6D2CF5D9 | 8D 8F 90 00 00 00 | lea ecx,dword ptr ds:[edi+90] | [edi+90]:QArrayData::shared_null
6D2CF5DF | FF 15 08 F5 31 6D | call dword ptr ds:[<&QVector<QPoint>::isEmpty>] |
6D2CF5E5 | 84 C0 | test al,al |
6D2CF5E7 | 74 1A | je loginui.6D2CF603 |
6D2CF5E9 | 8B 8F 84 00 00 00 | mov ecx,dword ptr ds:[edi+84] |
6D2CF5EF | FF 15 80 FA 31 6D | call dword ptr ds:[<&QWidget::setFocus>] |
6D2CF5F5 | 6A 03 | push 3 |
6D2CF5F7 | 8B CF | mov ecx,edi |
6D2CF5F9 | E8 E2 19 00 00 | call <loginui.sub_6D2D0FE0> |
6D2CF5FE | E9 E4 04 00 00 | jmp loginui.6D2CFAE7 |
6D2CF603 | 6A 00 | push 0 |
6D2CF605 | 8B CF | mov ecx,edi |
6D2CF607 | E8 24 1B 00 00 | call <loginui.sub_6D2D1130> |
6D2CF60C | 6A 07 | push 7 |
6D2CF60E | 8B CF | mov ecx,edi |
6D2CF610 | E8 CB 19 00 00 | call <loginui.sub_6D2D0FE0> |
6D2CF615 | E9 CD 04 00 00 | jmp loginui.6D2CFAE7 |
6D2CF61A | 8B 4F 3C | mov ecx,dword ptr ds:[edi+3C] |
6D2CF61D | 8B 35 70 FA 31 6D | mov esi,dword ptr ds:[<&QLineEdit::text>] |
6D2CF623 | FF D6 | call esi | 获取账号
6D2CF625 | 8D 8F 88 00 00 00 | lea ecx,dword ptr ds:[edi+88] | [edi+88] = username
6D2CF62B | 50 | push eax |
6D2CF62C | FF 15 44 F5 31 6D | call dword ptr ds:[<&QCommandLineOption::operator=>] |
6D2CF632 | 8D 4D A4 | lea ecx,dword ptr ss:[ebp-5C] |
6D2CF635 | FF 15 AC F5 31 6D | call dword ptr ds:[<&QXmlStreamStringRef::~QXmlStreamStringRe |
6D2CF63B | 8B 4F 40 | mov ecx,dword ptr ds:[edi+40] |
6D2CF63E | 8D 45 A4 | lea eax,dword ptr ss:[ebp-5C] |
6D2CF641 | 50 | push eax |
6D2CF642 | FF D6 | call esi | 获取密码
6D2CF644 | 50 | push eax |
6D2CF645 | 8D 8F 8C 00 00 00 | lea ecx,dword ptr ds:[edi+8C] | [edi+8c] = password
6D2CF64B | FF 15 44 F5 31 6D | call dword ptr ds:[<&QCommandLineOption::operator=>] |
6D2CF651 | 8D 4D A4 | lea ecx,dword ptr ss:[ebp-5C] |
6D2CF654 | FF 15 AC F5 31 6D | call dword ptr ds:[<&QXmlStreamStringRef::~QXmlStreamStringRe |
6D2CF65A | 8D 8F 88 00 00 00 | lea ecx,dword ptr ds:[edi+88] |
6D2CF660 | FF 15 08 F5 31 6D | call dword ptr ds:[<&QVector<QPoint>::isEmpty>] | 判断用户名是否为空
6D2CF666 | 84 C0 | test al,al |
6D2CF668 | 74 17 | je loginui.6D2CF681 | 不为空则跳转
6D2CF66A | 8B 4F 3C | mov ecx,dword ptr ds:[edi+3C] |
6D2CF66D | FF 15 80 FA 31 6D | call dword ptr ds:[<&QWidget::setFocus>] | 让帐号框获得焦点
6D2CF673 | 6A 05 | push 5 | 错误代码 4 = 帐号不能为空
6D2CF675 | 8B CF | mov ecx,edi |
6D2CF677 | E8 64 19 00 00 | call <loginui.sub_6D2D0FE0> | 设置错误信息
6D2CF67C | E9 66 04 00 00 | jmp loginui.6D2CFAE7 | end
6D2CF681 | 8D 8F 8C 00 00 00 | lea ecx,dword ptr ds:[edi+8C] |
6D2CF687 | FF 15 08 F5 31 6D | call dword ptr ds:[<&QVector<QPoint>::isEmpty>] | 判断密码是否为空
6D2CF68D | 84 C0 | test al,al |
6D2CF68F | 74 17 | je loginui.6D2CF6A8 | 不为空则跳转
6D2CF691 | 8B 4F 40 | mov ecx,dword ptr ds:[edi+40] |
6D2CF694 | FF 15 80 FA 31 6D | call dword ptr ds:[<&QWidget::setFocus>] | 让密码框获得焦点
6D2CF69A | 6A 05 | push 5 | 错误代码 5 = 密码不能为空
6D2CF69C | 8B CF | mov ecx,edi |
6D2CF69E | E8 3D 19 00 00 | call <loginui.sub_6D2D0FE0> | 设置错误信息
6D2CF6A3 | E9 3F 04 00 00 | jmp loginui.6D2CFAE7 | end
6D2CF6A8 | 8B 4F 34 | mov ecx,dword ptr ds:[edi+34] |
6D2CF6AB | FF 15 1C F4 31 6D | call dword ptr ds:[<&QTimer::start>] | 计时器开始
6D2CF6B1 | 8B CF | mov ecx,edi | 本类对象
6D2CF6B3 | E8 F8 F7 FF FF | call <loginui.sub_6D2CEEB0> | 修改登录按钮文字为 "登录中...."
6D2CF6B8 | 8B 4F 50 | mov ecx,dword ptr ds:[edi+50] |
6D2CF6BB | FF 15 64 F8 31 6D | call dword ptr ds:[<&QDataWidgetMapper::toFirst>] |
6D2CF6C1 | 8D 85 74 FF FF FF | lea eax,dword ptr ss:[ebp-8C] |
6D2CF6C7 | 50 | push eax |
6D2CF6C8 | E8 F3 B2 FE FF | call <loginui.sub_6D2BA9C0> |
6D2CF6CD | 83 C4 04 | add esp,4 |
6D2CF6D0 | 83 BD 74 FF FF FF 00 | cmp dword ptr ss:[ebp-8C],0 |
6D2CF6D7 | C7 45 FC 00 00 00 00 | mov dword ptr ss:[ebp-4],0 |
6D2CF6DE | 0F 84 F8 03 00 00 | je loginui.6D2CFADC |
6D2CF6E4 | 6A 01 | push 1 |
6D2CF6E6 | 8D 4D 88 | lea ecx,dword ptr ss:[ebp-78] |
6D2CF6E9 | FF 15 14 F4 31 6D | call dword ptr ds:[<&QCryptographicHash::QCryptographicHash>] |
6D2CF6EF | 8D 45 A4 | lea eax,dword ptr ss:[ebp-5C] |
6D2CF6F2 | C6 45 FC 01 | mov byte ptr ss:[ebp-4],1 |
6D2CF6F6 | 50 | push eax |
6D2CF6F7 | 8D 8F 8C 00 00 00 | lea ecx,dword ptr ds:[edi+8C] |
6D2CF6FD | FF 15 34 F5 31 6D | call dword ptr ds:[<&QString::toUtf8>] | 密码转为utf-8
6D2CF703 | 50 | push eax | 密码
6D2CF704 | 8D 4D 88 | lea ecx,dword ptr ss:[ebp-78] |
6D2CF707 | C6 45 FC 02 | mov byte ptr ss:[ebp-4],2 |
6D2CF70B | FF 15 0C F4 31 6D | call dword ptr ds:[<&QCryptographicHash::addData>] | 将密码添加到算法中去
6D2CF711 | 8D 4D A4 | lea ecx,dword ptr ss:[ebp-5C] |
6D2CF714 | C6 45 FC 01 | mov byte ptr ss:[ebp-4],1 |
6D2CF718 | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CF71E | 33 F6 | xor esi,esi |
6D2CF720 | 80 BF 97 00 00 00 00 | cmp byte ptr ds:[edi+97],0 |
6D2CF727 | 75 19 | jne loginui.6D2CF742 |
6D2CF729 | 80 BF 98 00 00 00 00 | cmp byte ptr ds:[edi+98],0 |
6D2CF730 | 75 10 | jne loginui.6D2CF742 |
6D2CF732 | 80 BF 96 00 00 00 00 | cmp byte ptr ds:[edi+96],0 |
6D2CF739 | 74 16 | je loginui.6D2CF751 |
6D2CF73B | BE 04 00 00 00 | mov esi,4 |
6D2CF740 | EB 0F | jmp loginui.6D2CF751 |
6D2CF742 | 80 BF 95 00 00 00 00 | cmp byte ptr ds:[edi+95],0 |
6D2CF749 | B8 04 00 00 00 | mov eax,4 |
6D2CF74E | 0F 45 F0 | cmovne esi,eax |
6D2CF751 | 8B 4F 44 | mov ecx,dword ptr ds:[edi+44] |
6D2CF754 | FF 15 5C FA 31 6D | call dword ptr ds:[<&QAbstractButton::isChecked>] | 检查按钮是否被检测
6D2CF75A | 84 C0 | test al,al |
6D2CF75C | 74 03 | je loginui.6D2CF761 |
6D2CF75E | 83 CE 01 | or esi,1 |
6D2CF761 | 8D 45 A4 | lea eax,dword ptr ss:[ebp-5C] |
6D2CF764 | 50 | push eax | 密码
6D2CF765 | 8D 8F 88 00 00 00 | lea ecx,dword ptr ds:[edi+88] | 帐号
6D2CF76B | FF 15 34 F5 31 6D | call dword ptr ds:[<&QString::toUtf8>] | 帐号转utf-8
6D2CF771 | 8B C8 | mov ecx,eax | 帐号
6D2CF773 | C6 45 FC 03 | mov byte ptr ss:[ebp-4],3 |
6D2CF777 | FF 15 48 F5 31 6D | call dword ptr ds:[<&QByteArray::begin>] | 取帐号首地址
6D2CF77D | 50 | push eax | 帐号首地址
6D2CF77E | 8D 4D D8 | lea ecx,dword ptr ss:[ebp-28] |
6D2CF781 | E8 FA 6B FC FF | call <loginui.sub_6D296380> | ???
6D2CF786 | 50 | push eax |
6D2CF787 | C6 45 FC 04 | mov byte ptr ss:[ebp-4],4 |
6D2CF78B | E8 60 D9 FF FF | call <loginui.sub_6D2CD0F0> | ???
6D2CF790 | 83 C4 04 | add esp,4 |
6D2CF793 | 89 45 94 | mov dword ptr ss:[ebp-6C],eax |
6D2CF796 | 8D 4D D8 | lea ecx,dword ptr ss:[ebp-28] |
6D2CF799 | E8 F2 6C FC FF | call <loginui.sub_6D296490> | delete
6D2CF79E | 8D 4D A4 | lea ecx,dword ptr ss:[ebp-5C] | 取帐号
6D2CF7A1 | C6 45 FC 01 | mov byte ptr ss:[ebp-4],1 |
6D2CF7A5 | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CF7AB | 68 D0 00 00 00 | push D0 |
6D2CF7B0 | E8 33 84 02 00 | call <loginui.operator new> |
6D2CF7B5 | 83 C4 04 | add esp,4 |
6D2CF7B8 | 89 45 A4 | mov dword ptr ss:[ebp-5C],eax | 帐号
6D2CF7BB | C6 45 FC 05 | mov byte ptr ss:[ebp-4],5 |
6D2CF7BF | 85 C0 | test eax,eax |
6D2CF7C1 | 0F 84 DF 00 00 00 | je loginui.6D2CF8A6 |
6D2CF7C7 | 68 A9 63 32 6D | push loginui.6D3263A9 |
6D2CF7CC | 8D 4D D8 | lea ecx,dword ptr ss:[ebp-28] | 帐号
6D2CF7CF | E8 AC 6B FC FF | call <loginui.sub_6D296380> | ???
6D2CF7D4 | 8D 45 84 | lea eax,dword ptr ss:[ebp-7C] |
6D2CF7D7 | C6 45 FC 06 | mov byte ptr ss:[ebp-4],6 |
6D2CF7DB | 50 | push eax |
6D2CF7DC | 8D 4D 88 | lea ecx,dword ptr ss:[ebp-78] | 密码
6D2CF7DF | C7 45 A0 01 00 00 00 | mov dword ptr ss:[ebp-60],1 |
6D2CF7E6 | FF 15 08 F4 31 6D | call dword ptr ds:[<&QCryptographicHash::result>] | 获取密码md5
6D2CF7EC | 8D 8D 7C FF FF FF | lea ecx,dword ptr ss:[ebp-84] |
6D2CF7F2 | C7 45 FC 07 00 00 00 | mov dword ptr ss:[ebp-4],7 |
6D2CF7F9 | 51 | push ecx |
6D2CF7FA | 8B C8 | mov ecx,eax | 密码md5
6D2CF7FC | C7 45 A0 03 00 00 00 | mov dword ptr ss:[ebp-60],3 |
6D2CF803 | FF 15 10 F5 31 6D | call dword ptr ds:[<&QByteArray::toHex>] | 密码md5转为hax
6D2CF809 | 8B C8 | mov ecx,eax |
6D2CF80B | C7 45 FC 08 00 00 00 | mov dword ptr ss:[ebp-4],8 |
6D2CF812 | C7 45 A0 07 00 00 00 | mov dword ptr ss:[ebp-60],7 |
6D2CF819 | FF 15 48 F5 31 6D | call dword ptr ds:[<&QByteArray::begin>] | 获取密码md5首地址
6D2CF81F | 50 | push eax | md5 首地址
6D2CF820 | 8D 4D C0 | lea ecx,dword ptr ss:[ebp-40] |
6D2CF823 | E8 58 6B FC FF | call <loginui.sub_6D296380> | ???
6D2CF828 | 8D 45 80 | lea eax,dword ptr ss:[ebp-80] |
6D2CF82B | C7 45 FC 09 00 00 00 | mov dword ptr ss:[ebp-4],9 |
6D2CF832 | 50 | push eax |
6D2CF833 | 8D 8F 88 00 00 00 | lea ecx,dword ptr ds:[edi+88] | 帐号
6D2CF839 | C7 45 A0 0F 00 00 00 | mov dword ptr ss:[ebp-60],F |
6D2CF840 | FF 15 34 F5 31 6D | call dword ptr ds:[<&QString::toUtf8>] | 帐号转utf-8
6D2CF846 | 8B C8 | mov ecx,eax | 帐号
6D2CF848 | C7 45 FC 0A 00 00 00 | mov dword ptr ss:[ebp-4],A |
6D2CF84F | C7 45 A0 1F 00 00 00 | mov dword ptr ss:[ebp-60],1F |
6D2CF856 | FF 15 48 F5 31 6D | call dword ptr ds:[<&QByteArray::begin>] | 取帐号首地址
6D2CF85C | 50 | push eax | 帐号首地址
6D2CF85D | 8D 4D A8 | lea ecx,dword ptr ss:[ebp-58] |
6D2CF860 | E8 1B 6B FC FF | call <loginui.sub_6D296380> | ???
6D2CF865 | 8B 4F 20 | mov ecx,dword ptr ds:[edi+20] |
6D2CF868 | 8D 45 D8 | lea eax,dword ptr ss:[ebp-28] |
6D2CF86B | 50 | push eax | 帐号
6D2CF86C | 6A 00 | push 0 |
6D2CF86E | 6A 00 | push 0 |
6D2CF870 | BB 3F 00 00 00 | mov ebx,3F | 3F:'?'
6D2CF875 | C7 45 FC 0B 00 00 00 | mov dword ptr ss:[ebp-4],B |
6D2CF87C | 56 | push esi |
6D2CF87D | 89 5D A0 | mov dword ptr ss:[ebp-60],ebx |
6D2CF880 | E8 DB 25 00 00 | call <loginui.sub_6D2D1E60> | ???
6D2CF885 | 8B 4D A4 | mov ecx,dword ptr ss:[ebp-5C] | 帐号
6D2CF888 | 50 | push eax |
6D2CF889 | 6A 00 | push 0 |
6D2CF88B | 8D 45 C0 | lea eax,dword ptr ss:[ebp-40] |
6D2CF88E | 50 | push eax | 密码md5
6D2CF88F | 8D 45 A8 | lea eax,dword ptr ss:[ebp-58] |
6D2CF892 | 50 | push eax | 帐号首地址
6D2CF893 | FF 75 94 | push dword ptr ss:[ebp-6C] | 1
6D2CF896 | 33 C0 | xor eax,eax | 清空eax
6D2CF898 | 38 47 28 | cmp byte ptr ds:[edi+28],al |
6D2CF89B | 0F 94 C0 | sete al |
6D2CF89E | 50 | push eax |
6D2CF89F | E8 1C 4D FF FF | call <loginui.sub_6D2C45C0> | 可疑函数
6D2CF8A4 | EB 02 | jmp loginui.6D2CF8A8 |
6D2CF8A6 | 33 C0 | xor eax,eax |
6D2CF8A8 | 89 45 A4 | mov dword ptr ss:[ebp-5C],eax | 帐号
6D2CF8AB | 89 45 98 | mov dword ptr ss:[ebp-68],eax | 帐号
6D2CF8AE | C7 45 9C 00 00 00 00 | mov dword ptr ss:[ebp-64],0 |
6D2CF8B5 | 50 | push eax |
6D2CF8B6 | 8D 4D 94 | lea ecx,dword ptr ss:[ebp-6C] | 帐号
6D2CF8B9 | C7 45 FC 12 00 00 00 | mov dword ptr ss:[ebp-4],12 |
6D2CF8C0 | E8 BB BA FE FF | call <loginui.sub_6D2BB380> | delete
6D2CF8C5 | 8B 55 9C | mov edx,dword ptr ss:[ebp-64] |
6D2CF8C8 | 8B 08 | mov ecx,dword ptr ds:[eax] |
6D2CF8CA | 89 4D 9C | mov dword ptr ss:[ebp-64],ecx |
6D2CF8CD | 89 10 | mov dword ptr ds:[eax],edx |
6D2CF8CF | 8B 75 94 | mov esi,dword ptr ss:[ebp-6C] |
6D2CF8D2 | 85 F6 | test esi,esi |
6D2CF8D4 | 74 2C | je loginui.6D2CF902 |
6D2CF8D6 | 8D 4E 04 | lea ecx,dword ptr ds:[esi+4] |
6D2CF8D9 | 83 C8 FF | or eax,FFFFFFFF |
6D2CF8DC | F0 0F C1 01 | lock xadd dword ptr ds:[ecx],eax |
6D2CF8E0 | 83 F8 01 | cmp eax,1 |
6D2CF8E3 | 75 1D | jne loginui.6D2CF902 |
6D2CF8E5 | 8B 06 | mov eax,dword ptr ds:[esi] |
6D2CF8E7 | 8B CE | mov ecx,esi |
6D2CF8E9 | FF 50 04 | call dword ptr ds:[eax+4] |
6D2CF8EC | 8D 46 08 | lea eax,dword ptr ds:[esi+8] |
6D2CF8EF | 83 C9 FF | or ecx,FFFFFFFF |
6D2CF8F2 | F0 0F C1 08 | lock xadd dword ptr ds:[eax],ecx |
6D2CF8F6 | 83 F9 01 | cmp ecx,1 |
6D2CF8F9 | 75 07 | jne loginui.6D2CF902 |
6D2CF8FB | 8B 06 | mov eax,dword ptr ds:[esi] |
6D2CF8FD | 8B CE | mov ecx,esi |
6D2CF8FF | FF 50 08 | call dword ptr ds:[eax+8] |
6D2CF902 | 8B 45 A4 | mov eax,dword ptr ss:[ebp-5C] |
6D2CF905 | 50 | push eax |
6D2CF906 | 50 | push eax |
6D2CF907 | 8D 45 98 | lea eax,dword ptr ss:[ebp-68] |
6D2CF90A | 50 | push eax |
6D2CF90B | E8 90 7D FE FF | call <loginui.sub_6D2B76A0> |
6D2CF910 | 83 C4 0C | add esp,C |
6D2CF913 | C7 45 FC 13 00 00 00 | mov dword ptr ss:[ebp-4],13 |
6D2CF91A | F6 C3 20 | test bl,20 |
6D2CF91D | 74 0B | je loginui.6D2CF92A |
6D2CF91F | 8D 4D A8 | lea ecx,dword ptr ss:[ebp-58] |
6D2CF922 | 83 E3 DF | and ebx,FFFFFFDF |
6D2CF925 | E8 66 6B FC FF | call <loginui.sub_6D296490> | delete
6D2CF92A | C6 45 FC 15 | mov byte ptr ss:[ebp-4],15 |
6D2CF92E | F6 C3 10 | test bl,10 |
6D2CF931 | 74 0F | je loginui.6D2CF942 |
6D2CF933 | 83 E3 EF | and ebx,FFFFFFEF |
6D2CF936 | 8D 4D 80 | lea ecx,dword ptr ss:[ebp-80] |
6D2CF939 | 89 5D A0 | mov dword ptr ss:[ebp-60],ebx |
6D2CF93C | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CF942 | F6 C3 08 | test bl,8 |
6D2CF945 | 74 0B | je loginui.6D2CF952 |
6D2CF947 | 8D 4D C0 | lea ecx,dword ptr ss:[ebp-40] |
6D2CF94A | 83 E3 F7 | and ebx,FFFFFFF7 |
6D2CF94D | E8 3E 6B FC FF | call <loginui.sub_6D296490> | delete
6D2CF952 | C6 45 FC 17 | mov byte ptr ss:[ebp-4],17 |
6D2CF956 | F6 C3 04 | test bl,4 |
6D2CF959 | 74 12 | je loginui.6D2CF96D |
6D2CF95B | 83 E3 FB | and ebx,FFFFFFFB |
6D2CF95E | 8D 8D 7C FF FF FF | lea ecx,dword ptr ss:[ebp-84] |
6D2CF964 | 89 5D A0 | mov dword ptr ss:[ebp-60],ebx |
6D2CF967 | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CF96D | C6 45 FC 18 | mov byte ptr ss:[ebp-4],18 |
6D2CF971 | F6 C3 02 | test bl,2 |
6D2CF974 | 74 0F | je loginui.6D2CF985 |
6D2CF976 | 83 E3 FD | and ebx,FFFFFFFD |
6D2CF979 | 8D 4D 84 | lea ecx,dword ptr ss:[ebp-7C] |
6D2CF97C | 89 5D A0 | mov dword ptr ss:[ebp-60],ebx |
6D2CF97F | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CF985 | F6 C3 01 | test bl,1 |
6D2CF988 | 74 08 | je loginui.6D2CF992 |
6D2CF98A | 8D 4D D8 | lea ecx,dword ptr ss:[ebp-28] |
6D2CF98D | E8 FE 6A FC FF | call <loginui.sub_6D296490> | delete
6D2CF992 | C7 45 8C 00 00 00 00 | mov dword ptr ss:[ebp-74],0 |
6D2CF999 | C7 45 90 00 00 00 00 | mov dword ptr ss:[ebp-70],0 |
6D2CF9A0 | 80 7F 28 00 | cmp byte ptr ds:[edi+28],0 |
6D2CF9A4 | C6 45 FC 1A | mov byte ptr ss:[ebp-4],1A |
6D2CF9A8 | 0F 85 89 00 00 00 | jne loginui.6D2CFA37 |
6D2CF9AE | 8B 4F 1C | mov ecx,dword ptr ds:[edi+1C] |
6D2CF9B1 | 8D 45 8C | lea eax,dword ptr ss:[ebp-74] |
6D2CF9B4 | 50 | push eax |
6D2CF9B5 | E8 46 57 00 00 | call <loginui.sub_6D2D5100> |
6D2CF9BA | 84 C0 | test al,al |
6D2CF9BC | 74 79 | je loginui.6D2CFA37 |
6D2CF9BE | 8B 55 8C | mov edx,dword ptr ss:[ebp-74] |
6D2CF9C1 | 85 D2 | test edx,edx |
6D2CF9C3 | 74 72 | je loginui.6D2CFA37 |
6D2CF9C5 | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CF9C8 | 8B 4A 10 | mov ecx,dword ptr ds:[edx+10] |
6D2CF9CB | 89 48 10 | mov dword ptr ds:[eax+10],ecx |
6D2CF9CE | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CF9D1 | 8B 4A 14 | mov ecx,dword ptr ds:[edx+14] |
6D2CF9D4 | 89 48 14 | mov dword ptr ds:[eax+14],ecx |
6D2CF9D7 | 8B 4D 8C | mov ecx,dword ptr ss:[ebp-74] |
6D2CF9DA | 8B 55 98 | mov edx,dword ptr ss:[ebp-68] |
6D2CF9DD | 8D 41 38 | lea eax,dword ptr ds:[ecx+38] |
6D2CF9E0 | 8D 72 38 | lea esi,dword ptr ds:[edx+38] |
6D2CF9E3 | 3B F0 | cmp esi,eax |
6D2CF9E5 | 74 12 | je loginui.6D2CF9F9 |
6D2CF9E7 | 6A FF | push FFFFFFFF |
6D2CF9E9 | 6A 00 | push 0 |
6D2CF9EB | 50 | push eax |
6D2CF9EC | 8B CE | mov ecx,esi |
6D2CF9EE | E8 FD 76 FC FF | call <loginui.sub_6D2970F0> |
6D2CF9F3 | 8B 55 98 | mov edx,dword ptr ss:[ebp-68] |
6D2CF9F6 | 8B 4D 8C | mov ecx,dword ptr ss:[ebp-74] |
6D2CF9F9 | 8B 41 18 | mov eax,dword ptr ds:[ecx+18] |
6D2CF9FC | 89 42 18 | mov dword ptr ds:[edx+18],eax |
6D2CF9FF | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CFA02 | 8B 49 1C | mov ecx,dword ptr ds:[ecx+1C] |
6D2CFA05 | 89 48 1C | mov dword ptr ds:[eax+1C],ecx |
6D2CFA08 | 8B 55 8C | mov edx,dword ptr ss:[ebp-74] |
6D2CFA0B | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CFA0E | 8B 4A 70 | mov ecx,dword ptr ds:[edx+70] |
6D2CFA11 | 89 48 70 | mov dword ptr ds:[eax+70],ecx |
6D2CFA14 | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CFA17 | 8B 4A 74 | mov ecx,dword ptr ds:[edx+74] |
6D2CFA1A | 89 48 74 | mov dword ptr ds:[eax+74],ecx |
6D2CFA1D | 8B 55 8C | mov edx,dword ptr ss:[ebp-74] |
6D2CFA20 | 8B 4D 98 | mov ecx,dword ptr ss:[ebp-68] |
6D2CFA23 | 83 C2 7C | add edx,7C |
6D2CFA26 | 83 C1 7C | add ecx,7C |
6D2CFA29 | 3B CA | cmp ecx,edx |
6D2CFA2B | 74 0A | je loginui.6D2CFA37 |
6D2CFA2D | 6A FF | push FFFFFFFF |
6D2CFA2F | 6A 00 | push 0 |
6D2CFA31 | 52 | push edx |
6D2CFA32 | E8 B9 76 FC FF | call <loginui.sub_6D2970F0> |
6D2CFA37 | 8D 8F 90 00 00 00 | lea ecx,dword ptr ds:[edi+90] | [edi+90]:QArrayData::shared_null
6D2CFA3D | FF 15 08 F5 31 6D | call dword ptr ds:[<&QVector<QPoint>::isEmpty>] |
6D2CFA43 | 84 C0 | test al,al |
6D2CFA45 | 75 38 | jne loginui.6D2CFA7F |
6D2CFA47 | 8D 45 94 | lea eax,dword ptr ss:[ebp-6C] |
6D2CFA4A | 50 | push eax |
6D2CFA4B | 8D 8F 90 00 00 00 | lea ecx,dword ptr ds:[edi+90] | [edi+90]:QArrayData::shared_null
6D2CFA51 | FF 15 34 F5 31 6D | call dword ptr ds:[<&QString::toUtf8>] |
6D2CFA57 | 8B 75 98 | mov esi,dword ptr ss:[ebp-68] |
6D2CFA5A | 8B C8 | mov ecx,eax |
6D2CFA5C | C6 45 FC 1B | mov byte ptr ss:[ebp-4],1B |
6D2CFA60 | FF 15 48 F5 31 6D | call dword ptr ds:[<&QByteArray::begin>] |
6D2CFA66 | 50 | push eax |
6D2CFA67 | 8D 8E B4 00 00 00 | lea ecx,dword ptr ds:[esi+B4] |
6D2CFA6D | E8 DE E8 FC FF | call <loginui.sub_6D29E350> |
6D2CFA72 | 8D 4D 94 | lea ecx,dword ptr ss:[ebp-6C] |
6D2CFA75 | C6 45 FC 1A | mov byte ptr ss:[ebp-4],1A |
6D2CFA79 | FF 15 E0 F5 31 6D | call dword ptr ds:[<&QBitArray::~QBitArray>] |
6D2CFA7F | 8B B5 74 FF FF FF | mov esi,dword ptr ss:[ebp-8C] |
6D2CFA85 | 83 EC 08 | sub esp,8 |
6D2CFA88 | 8B 45 98 | mov eax,dword ptr ss:[ebp-68] |
6D2CFA8B | 8B CC | mov ecx,esp |
6D2CFA8D | 89 01 | mov dword ptr ds:[ecx],eax |
6D2CFA8F | 8B 55 9C | mov edx,dword ptr ss:[ebp-64] |
6D2CFA92 | 89 51 04 | mov dword ptr ds:[ecx+4],edx |
6D2CFA95 | 85 D2 | test edx,edx |
6D2CFA97 | 74 0C | je loginui.6D2CFAA5 |
6D2CFA99 | 83 C2 04 | add edx,4 |
6D2CFA9C | B8 01 00 00 00 | mov eax,1 |
6D2CFAA1 | F0 0F C1 02 | lock xadd dword ptr ds:[edx],eax |
6D2CFAA5 | 8B 06 | mov eax,dword ptr ds:[esi] |
6D2CFAA7 | 8B CE | mov ecx,esi |
6D2CFAA9 | FF 50 08 | call dword ptr ds:[eax+8] | 可疑函数
6D2CFAAC | 8B 4F 70 | mov ecx,dword ptr ds:[edi+70] |
6D2CFAAF | 6A 01 | push 1 |
6D2CFAB1 | FF 15 A0 FA 31 6D | call dword ptr ds:[<&QWidget::setDisabled>] | 禁用控件部分事件
6D2CFAB7 | 8D 4D 8C | lea ecx,dword ptr ss:[ebp-74] |
6D2CFABA | C6 45 FC 19 | mov byte ptr ss:[ebp-4],19 |
6D2CFABE | E8 4D 17 FD FF | call <loginui.sub_6D2A1210> | ???
6D2CFAC3 | 8D 4D 98 | lea ecx,dword ptr ss:[ebp-68] |
6D2CFAC6 | C6 45 FC 01 | mov byte ptr ss:[ebp-4],1 |
6D2CFACA | E8 41 17 FD FF | call <loginui.sub_6D2A1210> | ???
6D2CFACF | 8D 4D 88 | lea ecx,dword ptr ss:[ebp-78] |
6D2CFAD2 | C6 45 FC 00 | mov byte ptr ss:[ebp-4],0 |
6D2CFAD6 | FF 15 10 F4 31 6D | call dword ptr ds:[<&QCryptographicHash::~QCryptographicHash> |
6D2CFADC | 8D 8D 74 FF FF FF | lea ecx,dword ptr ss:[ebp-8C] |
6D2CFAE2 | E8 09 A1 FE FF | call <loginui.sub_6D2B9BF0> | ???
6D2CFAE7 | 8B 4D F4 | mov ecx,dword ptr ss:[ebp-C] |
6D2CFAEA | 64 89 0D 00 00 00 00 | mov dword ptr fs:[0],ecx |
6D2CFAF1 | 59 | pop ecx |
6D2CFAF2 | 5F | pop edi |
6D2CFAF3 | 5E | pop esi |
6D2CFAF4 | 5B | pop ebx |
6D2CFAF5 | 8B 4D F0 | mov ecx,dword ptr ss:[ebp-10] |
6D2CFAF8 | 33 CD | xor ecx,ebp |
6D2CFAFA | E8 D3 80 02 00 | call loginui.6D2F7BD2 | ???
6D2CFAFF | 8B E5 | mov esp,ebp |
6D2CFB01 | 5D | pop ebp |
6D2CFB02 | C3 | ret |
[复制链接]
发表于 2018-4-18 17:21
|
发表于 2018-4-19 16:25
