2025 AIS3 Pre-Exam Reverse 題解
這次主要做Reverse的題目
AIS3 Tiny Server - Reverse
ida反編譯後用strings 看一下
有明顯的 flag correct 的字串以及Wrong Flag的樣式,追過去看會來到sub_2110,
主要是這段,當將p_s丟進sub_1E20時回傳值會決定是對的還是錯的,因此可以確定sub_1E20是一個flag checker
_BOOL4 __cdecl sub_1E20(int a1)
{
unsigned int v1; // ecx
char v2; // si
char v3; // al
int i; // eax
char v5; // dl
_BYTE v7[10]; // [esp+7h] [ebp-49h] BYREF
_DWORD v8[11]; // [esp+12h] [ebp-3Eh]
__int16 v9; // [esp+3Eh] [ebp-12h]
v1 = 0;
v2 = 51;
v9 = 20;
v3 = 114;
v8[0] = 1480073267;
v8[1] = 1197221906;
v8[2] = 254628393;
v8[3] = 920154;
v8[4] = 1343445007;
v8[5] = 874076697;
v8[6] = 1127428440;
v8[7] = 1510228243;
v8[8] = 743978009;
v8[9] = 54940467;
v8[10] = 1246382110;
qmemcpy(v7, "rikki_l0v3", sizeof(v7));
while ( 1 )
{
*((_BYTE *)v8 + v1++) = v2 ^ v3;
if ( v1 == 45 )
break;
v2 = *((_BYTE *)v8 + v1);
v3 = v7[v1 % 0xA];
}
for ( i = 0; i != 45; ++i )
{
v5 = *(_BYTE *)(a1 + i);
if ( !v5 || v5 != *((_BYTE *)v8 + i) )
return 0;
}
return *(_BYTE *)(a1 + 45) == 0;
}xor加密可以寫出下面的解密script解出他想要的flag
def decrypt_sub_1E20():
v8_ints = [
1480073267,
1197221906,
254628393,
920154,
1343445007,
874076697,
1127428440,
1510228243,
743978009,
54940467,
1246382110
]
orig = bytearray(45)
idx = 0
for val in v8_ints:
orig[idx:idx+4] = val.to_bytes(4, byteorder='little')
idx += 4
orig[44] = 20
key = b"rikki_l0v3"
result = bytearray(45)
v2 = 51
v3 = 114
for i in range(45):
result[i] = v2 ^ v3
if i == 44:
break
v2 = orig[i+1]
v3 = key[(i+1) % len(key)]
try:
return result.decode('ascii')
except UnicodeDecodeError:
return result.hex()
if __name__ == "__main__":
plaintext = decrypt_sub_1E20()
print(plaintext)
:flags:AIS3{w0w_a_f1ag_check3r_1n_serv3r_1s_c00l!!!}
web flag checker
F12 看一下原始碼
這段出現了flag checker 的邏輯
接下來在index.wsam中有flag checker的函式內容
(func $flagchecker (;9;) (export "flagchecker") (param $var0 i32) (result i32)
(local $var1 i32)
(local $var2 i32)
(local $var3 i32)
(local $var4 i32)
(local $var5 i32)
(local $var6 i32)
(local $var7 i64)
(local $var8 i32)
(local $var9 i32)
(local $var10 i32)
(local $var11 i32)
(local $var12 i64)
(local $var13 i64)
(local $var14 i64)
(local $var15 i64)
(local $var16 i64)
(local $var17 i32)
(local $var18 i32)
(local $var19 i32)
(local $var20 i32)
(local $var21 i32)
(local $var22 i32)
(local $var23 i32)
(local $var24 i32)
(local $var25 i32)
(local $var26 i32)
(local $var27 i32)
(local $var28 i32)
(local $var29 i32)
(local $var30 i32)
(local $var31 i32)
(local $var32 i32)
(local $var33 i32)
(local $var34 i32)
(local $var35 i32)
(local $var36 i32)
(local $var37 i32)
(local $var38 i32)
(local $var39 i32)
(local $var40 i32)
(local $var41 i64)
(local $var42 i32)
(local $var43 i32)
(local $var44 i32)
(local $var45 i32)
(local $var46 i32)
(local $var47 i32)
(local $var48 i32)
(local $var49 i64)
(local $var50 i32)
(local $var51 i64)
(local $var52 i32)
(local $var53 i32)
(local $var54 i32)
(local $var55 i32)
(local $var56 i32)
(local $var57 i32)
(local $var58 i32)
(local $var59 i64)
(local $var60 i32)
(local $var61 i32)
(local $var62 i32)
(local $var63 i32)
(local $var64 i32)
(local $var65 i32)
(local $var66 i32)
(local $var67 i32)
(local $var68 i32)
(local $var69 i32)
(local $var70 i32)
global.get $global0
local.set $var1
i32.const 96
local.set $var2
local.get $var1
local.get $var2
i32.sub
local.set $var3
local.get $var3
global.set $global0
local.get $var3
local.get $var0
i32.store offset=88
i32.const -39934163
local.set $var4
local.get $var3
local.get $var4
i32.store offset=84
i32.const 64
local.set $var5
local.get $var3
local.get $var5
i32.add
local.set $var6
i64.const 0
local.set $var7
local.get $var6
local.get $var7
i64.store
i32.const 56
local.set $var8
local.get $var3
local.get $var8
i32.add
local.set $var9
local.get $var9
local.get $var7
i64.store
i32.const 48
local.set $var10
local.get $var3
local.get $var10
i32.add
local.set $var11
local.get $var11
local.get $var7
i64.store
local.get $var3
local.get $var7
i64.store offset=40
local.get $var3
local.get $var7
i64.store offset=32
i64.const 7577352992956835434
local.set $var12
local.get $var3
local.get $var12
i64.store offset=32
i64.const 7148661717033493303
local.set $var13
local.get $var3
local.get $var13
i64.store offset=40
i64.const -7081446828746089091
local.set $var14
local.get $var3
local.get $var14
i64.store offset=48
i64.const -7479441386887439825
local.set $var15
local.get $var3
local.get $var15
i64.store offset=56
i64.const 8046961146294847270
local.set $var16
local.get $var3
local.get $var16
i64.store offset=64
local.get $var3
i32.load offset=88
local.set $var17
i32.const 0
local.set $var18
local.get $var17
local.get $var18
i32.ne
local.set $var19
i32.const 1
local.set $var20
local.get $var19
local.get $var20
i32.and
local.set $var21
block $label2
block $label1
block $label0
local.get $var21
i32.eqz
br_if $label0
local.get $var3
i32.load offset=88
local.set $var22
local.get $var22
call $func13
local.set $var23
i32.const 40
local.set $var24
local.get $var23
local.get $var24
i32.ne
local.set $var25
i32.const 1
local.set $var26
local.get $var25
local.get $var26
i32.and
local.set $var27
local.get $var27
i32.eqz
br_if $label1
end $label0
i32.const 0
local.set $var28
local.get $var3
local.get $var28
i32.store offset=92
br $label2
end $label1
local.get $var3
i32.load offset=88
local.set $var29
local.get $var3
local.get $var29
i32.store offset=28
i32.const 0
local.set $var30
local.get $var3
local.get $var30
i32.store offset=24
block $label3
loop $label5
local.get $var3
i32.load offset=24
local.set $var31
i32.const 5
local.set $var32
local.get $var31
local.get $var32
i32.lt_s
local.set $var33
i32.const 1
local.set $var34
local.get $var33
local.get $var34
i32.and
local.set $var35
local.get $var35
i32.eqz
br_if $label3
local.get $var3
i32.load offset=28
local.set $var36
local.get $var3
i32.load offset=24
local.set $var37
i32.const 3
local.set $var38
local.get $var37
local.get $var38
i32.shl
local.set $var39
local.get $var36
local.get $var39
i32.add
local.set $var40
local.get $var40
i64.load
local.set $var41
local.get $var3
local.get $var41
i64.store offset=16
local.get $var3
i32.load offset=24
local.set $var42
i32.const 6
local.set $var43
local.get $var42
local.get $var43
i32.mul
local.set $var44
i32.const -39934163
local.set $var45
local.get $var45
local.get $var44
i32.shr_u
local.set $var46
i32.const 63
local.set $var47
local.get $var46
local.get $var47
i32.and
local.set $var48
local.get $var3
local.get $var48
i32.store offset=12
local.get $var3
i64.load offset=16
local.set $var49
local.get $var3
i32.load offset=12
local.set $var50
local.get $var49
local.get $var50
call $func8
local.set $var51
local.get $var3
i32.load offset=24
local.set $var52
i32.const 32
local.set $var53
local.get $var3
local.get $var53
i32.add
local.set $var54
local.get $var54
local.set $var55
i32.const 3
local.set $var56
local.get $var52
local.get $var56
i32.shl
local.set $var57
local.get $var55
local.get $var57
i32.add
local.set $var58
local.get $var58
i64.load
local.set $var59
local.get $var51
local.get $var59
i64.ne
local.set $var60
i32.const 1
local.set $var61
local.get $var60
local.get $var61
i32.and
local.set $var62
block $label4
local.get $var62
i32.eqz
br_if $label4
i32.const 0
local.set $var63
local.get $var3
local.get $var63
i32.store offset=92
br $label2
end $label4
local.get $var3
i32.load offset=24
local.set $var64
i32.const 1
local.set $var65
local.get $var64
local.get $var65
i32.add
local.set $var66
local.get $var3
local.get $var66
i32.store offset=24
br $label5
end $label5
end $label3
i32.const 1
local.set $var67
local.get $var3
local.get $var67
i32.store offset=92
end $label2
local.get $var3
i32.load offset=92
local.set $var68
i32.const 96
local.set $var69
local.get $var3
local.get $var69
i32.add
local.set $var70
local.get $var70
global.set $global0
local.get $var68
return
)
給chatgpt整理分析以上的加密方式為
magic = 0xFD9EA72D計算旋轉位數expected[0] = 0x69282A668AEF666A; expected[1] = 0x633525F4D7372337; expected[2] = 0x9DB9A5A0DCC5DD7D; expected[3] = 0x9833AFAFB8381A2F; expected[4] = 0x6FAC8C8726464726;
是經過旋轉之後預期的flag接下來把使用者輸入的每一個chunk取出來進行rot
for (int i = 0; i < 5; i++) { uint64_t chunk = *(uint64_t*)(input + i*8); uint32_t r = (magic >> (i*6)) & 63; uint64_t rot = (chunk << r) | (chunk >> (64 - r)); if (rot != expected[i]) { result = 0; goto done; } } result = 1;
總結可以寫出解密的script
expected = [
0x69282A668AEF666A,
0x633525F4D7372337,
0x9DB9A5A0DCC5DD7D,
0x9833AFAFB8381A2F,
0x6FAC8C8726464726
]
magic = 0xFD9EA72D
mask64 = (1 << 64) - 1
def rotr(x, r):
return ((x >> r) | ((x << (64 - r)) & mask64)) & mask64
flag_bytes = []
for i, exp in enumerate(expected):
r = (magic >> (6 * i)) & 0x3F
chunk = rotr(exp, r)
for j in range(8):
flag_bytes.append((chunk >> (8 * j)) & 0xFF)
flag = bytes(flag_bytes).decode('ascii')
print(flag)
:flags:AIS3{W4SM_R3v3rsing_w17h_g0_4pp_39229dd}
A_simple_snake_game
是一個貪吃蛇遊戲,用ida 反編譯後找一下主要加密函式,找到了draw_text函式
void __userpurge SnakeGame::Screen::drawText(_DWORD *a1@<ecx>, #220 *this, int a3, int a4)
{
unsigned int v4; // eax
int v5; // eax
int v6; // eax
int Error; // eax
int v8; // eax
char v9; // [esp+23h] [ebp-F5h]
char lpuexcpt; // [esp+24h] [ebp-F4h]
struct _Unwind_Exception *lpuexcpta; // [esp+24h] [ebp-F4h]
struct _Unwind_Exception *lpuexcptb; // [esp+24h] [ebp-F4h]
_DWORD v14[10]; // [esp+6Dh] [ebp-ABh] BYREF
__int16 v15; // [esp+95h] [ebp-83h]
char v16; // [esp+97h] [ebp-81h]
int v17; // [esp+98h] [ebp-80h]
int v18; // [esp+9Ch] [ebp-7Ch]
int v19; // [esp+A0h] [ebp-78h]
int v20; // [esp+A4h] [ebp-74h]
int v21; // [esp+A8h] [ebp-70h]
_BYTE v22[24]; // [esp+ACh] [ebp-6Ch] BYREF
int v23; // [esp+C4h] [ebp-54h]
int v24; // [esp+C8h] [ebp-50h]
int v25; // [esp+CCh] [ebp-4Ch]
int v26; // [esp+D0h] [ebp-48h]
int v27; // [esp+D4h] [ebp-44h]
_BYTE v28[27]; // [esp+D8h] [ebp-40h] BYREF
char v29; // [esp+F3h] [ebp-25h] BYREF
int TextureFromSurface; // [esp+F4h] [ebp-24h]
int v31; // [esp+F8h] [ebp-20h]
unsigned int i; // [esp+FCh] [ebp-1Ch]
if ( (int)this <= 11451419 || a3 <= 19810 )
{
SnakeGame::Screen::createText[abi:cxx11](a1, this, a3);
v27 = 0xFFFFFF;
v8 = std::string::c_str(v28);
a1[3] = TTF_RenderText_Solid(a1[5], v8, 0xFFFFFF);
a1[4] = SDL_CreateTextureFromSurface(a1[1], a1[3]);
v23 = 400;
v24 = 565;
v25 = 320;
v26 = 30;
SDL_RenderCopy(a1[1], a1[4]);
std::string::~string(v28);
}
else
{
v14[0] = -831958911;
v14[1] = -1047254091;
v14[2] = -1014295699;
v14[3] = -620220219;
v14[4] = 2001515017;
v14[5] = -317711271;
v14[6] = 1223368792;
v14[7] = 1697251023;
v14[8] = 496855031;
v14[9] = -569364828;
v15 = 26365;
v16 = 40;
std::allocator<char>::allocator(&v29);
std::string::basic_string(v14, 43, &v29);
std::allocator<char>::~allocator(&v29);
for ( i = 0; ; ++i )
{
v4 = std::string::length(v22);
if ( i >= v4 )
break;
lpuexcpt = *(_BYTE *)std::string::operator[](i);
v9 = SnakeGame::hex_array1[i];
*(_BYTE *)std::string::operator[](i) = v9 ^ lpuexcpt;
}
v21 = 0xFFFFFF;
v5 = std::string::c_str(v22);
v31 = TTF_RenderText_Solid(a1[5], v5, v21);
if ( v31 )
{
TextureFromSurface = SDL_CreateTextureFromSurface(a1[1], v31);
if ( TextureFromSurface )
{
v17 = 200;
v18 = 565;
v19 = 590;
v20 = 30;
SDL_RenderCopy(a1[1], TextureFromSurface);
SDL_FreeSurface(v31);
SDL_DestroyTexture(TextureFromSurface);
}
else
{
lpuexcptb = (struct _Unwind_Exception *)std::operator<<<std::char_traits<char>>(
&std::cerr,
"SDL_CreateTextureFromSurface: ");
Error = SDL_GetError();
std::operator<<<std::char_traits<char>>(lpuexcptb, Error);
std::ostream::operator<<(std::endl<char,std::char_traits<char>>);
SDL_FreeSurface(v31);
}
}
else
{
lpuexcpta = (struct _Unwind_Exception *)std::operator<<<std::char_traits<char>>(
&std::cerr,
"TTF_RenderText_Solid: ");
v6 = SDL_GetError();
std::operator<<<std::char_traits<char>>(lpuexcpta, v6);
std::ostream::operator<<(std::endl<char,std::char_traits<char>>);
}
std::string::~string(v22);
}
}看起來是進到else條件後會出現flag文字,並且是用XOR加解密
可以寫出下面的解密script
import struct
v14 = [
-831958911, -1047254091, -1014295699, -620220219,
2001515017, -317711271, 1223368792, 1697251023,
496855031, -569364828
]
raw_bytes = b''.join(struct.pack('<I', x & 0xFFFFFFFF) for x in v14)
raw_bytes += struct.pack('<H', 26365)
raw_bytes += struct.pack('B', 40)
key = bytes([
0x0C, 0x19, 0x3A, 0xFD, 0xCE, 0x68, 0xDC, 0xF2, 0x0C, 0x47,
0xD4, 0x86, 0xAB, 0x57, 0x39, 0xB5, 0x3A, 0x8D, 0x13, 0x47,
0x3F, 0x7F, 0x71, 0x98, 0x6D, 0x13, 0xB4, 0x01, 0x90, 0x9C,
0x46, 0x3A, 0xC6, 0x33, 0xC2, 0x7F, 0xDD, 0x71, 0x78, 0x9F,
0x93, 0x22, 0x55, 0x15
])
decrypted = bytes(raw_bytes[i] ^ key[i] for i in range(43))
print("flag:", decrypted)
:flags:AIS3{CH3aT_Eng1n3?_0fcau53_I_bo_1T_by_hAnD}
verysafe_image_encrypter
ida 反編譯之後無法辨識,用DIE看一下
發現有加了壓縮殼,並且看起來是自製的殼,因此先利用x64dbg去看哪裡是OEP 並用scylla dump 出脫殼程式
在找OEP之前可以先用CFF explore 把ASLR關掉
F9執行到這邊後會執行到popad 的下一行jmp dword ptr ss:[esp-24]
jmp之後跳到這邊
在經過一次jmp之後會到這邊
這邊看起來非常像原本程式的OEP,因此401170可以先猜測為OEP
使用scylla dump 出來 參考:https://feifeitan.cn/index.php/archives/216/
將dump 出來的用ida反編譯後會得到原本的程式碼
經過分析後主要圖片加密功能會sub_4018EA中的sub_401520
int __cdecl sub_4018EA(char a1)
{
int v1; // eax
int v3; // [esp+0h] [ebp-88h] BYREF
int v4; // [esp+18h] [ebp-70h]
char v5[4]; // [esp+1Ch] [ebp-6Ch] BYREF
int v6; // [esp+20h] [ebp-68h]
int (__cdecl *v7)(int, int, int, int, int, int); // [esp+34h] [ebp-54h]
int *v8; // [esp+38h] [ebp-50h]
int *v9; // [esp+3Ch] [ebp-4Ch]
void *v10; // [esp+40h] [ebp-48h]
int *v11; // [esp+44h] [ebp-44h]
char v12[16]; // [esp+58h] [ebp-30h] BYREF
char *v13; // [esp+68h] [ebp-20h]
char *v14; // [esp+6Ch] [ebp-1Ch]
char *v15; // [esp+78h] [ebp-10h]
int savedregs; // [esp+88h] [ebp+0h] BYREF
v15 = &a1;
v7 = sub_4CCCF0;
v8 = &dword_4CE4D4;
v9 = &savedregs;
v10 = &loc_4019D0;
v11 = &v3;
sub_40C590(v5);
sub_40A8B0();
v14 = aInputImagePng;
v13 = aEncryptedImage;
v6 = -1;
sub_401580(v12, aInputImagePng);
v12[15] = 114;
sub_401520(v12, 114);
v6 = 1;
sub_40177D(v13, v12);
v1 = sub_4C87B0(&dword_4D27C0, (char *)dword_4D303C);
sub_4C87B0(v1, v13);
sub_47DFC0(sub_4C6890);
v4 = 0;
sub_4B0FB8(v12);
sub_40C860(v5);
return v4;
}bool __cdecl sub_401520(int a1, char a2)
{
bool result; // al
_BYTE *v3; // eax
_BYTE *v4; // eax
unsigned int i; // [esp+2Ch] [ebp-Ch]
for ( i = 0; ; ++i )
{
result = i < sub_4315C4(a1);
if ( !result )
break;
v3 = (_BYTE *)sub_4B1020(i);
*v3 ^= a2;
v4 = (_BYTE *)sub_4B1020(i);
*v4 += 4;
}
return result;
}很簡單可以看出來他將圖片的每個byte經過0x72的xor之後+4
因此可以用以下的script解密出來
def decrypt(data: bytes, key: int) -> bytes:
return bytes(((c - 4) & 0xFF) ^ key for c in data)
if __name__ == "__main__":
key = ord('r')
with open('./encrypted_image.png', 'rb') as f:
cipher = f.read()
plain = decrypt(cipher, key)
print(''.join(f'{b:02x}' for b in plain))
將解密出來的16進位丟到cyberchef之後就會得到下面的照片
:flags:AIS3{rwx_53gm3nttt_s0_5AS}
BabyUnicorn
顯示用pwntools 的disassembly 看一下 shellcode
??? note “BabyUnicorn Shellcode Assembly”
0: 83 fe 20 cmp esi, 0x20
3: 0f 84 a3 03 00 00 je 0x3ac
9: 83 fe 0d cmp esi, 0xd
c: 0f 84 13 04 00 00 je 0x425
12: 83 fe 15 cmp esi, 0x15
15: 0f 84 49 04 00 00 je 0x464
1b: 83 fe 5a cmp esi, 0x5a
1e: 0f 84 c1 04 00 00 je 0x4e5
24: 83 fe 3d cmp esi, 0x3d
27: 0f 84 e7 04 00 00 je 0x514
2d: 83 fe 36 cmp esi, 0x36
30: 0f 84 70 04 00 00 je 0x4a6
36: 83 fe 31 cmp esi, 0x31
39: 0f 84 46 05 00 00 je 0x585
3f: 83 fe 0f cmp esi, 0xf
42: 0f 84 7f 05 00 00 je 0x5c7
48: 83 fe 50 cmp esi, 0x50
4b: 0f 84 a4 05 00 00 je 0x5f5
51: 83 fe 59 cmp esi, 0x59
54: 0f 84 fc 04 00 00 je 0x556
5a: 83 fe 4a cmp esi, 0x4a
5d: 0f 84 c1 05 00 00 je 0x624
63: 83 fe 06 cmp esi, 0x6
66: 0f 84 e4 05 00 00 je 0x650
6c: 83 fe 0c cmp esi, 0xc
6f: 0f 84 39 06 00 00 je 0x6ae
75: 83 fe 16 cmp esi, 0x16
78: 0f 84 01 06 00 00 je 0x67f
7e: 83 fe 2b cmp esi, 0x2b
81: 0f 84 56 06 00 00 je 0x6dd
87: 83 fe 34 cmp esi, 0x34
8a: 0f 84 7c 06 00 00 je 0x70c
90: 83 fe 55 cmp esi, 0x55
93: 0f 84 ce 06 00 00 je 0x767
99: 83 fe 17 cmp esi, 0x17
9c: 0f 84 96 06 00 00 je 0x738
a2: 83 fe 0e cmp esi, 0xe
a5: 0f 84 ac 0c 00 00 je 0xd57
ab: 83 fe 11 cmp esi, 0x11
ae: 0f 84 79 0c 00 00 je 0xd2d
b4: 83 fe 4f cmp esi, 0x4f
b7: 0f 84 44 0c 00 00 je 0xd01
bd: 83 fe 47 cmp esi, 0x47
c0: 0f 84 0c 0c 00 00 je 0xcd2
c6: 83 fe 2f cmp esi, 0x2f
c9: 0f 84 d4 0b 00 00 je 0xca3
cf: 83 fe 30 cmp esi, 0x30
d2: 0f 84 9c 0b 00 00 je 0xc74
d8: 83 fe 04 cmp esi, 0x4
db: 0f 84 67 0b 00 00 je 0xc48
e1: 83 fe 2c cmp esi, 0x2c
e4: 0f 84 2f 0b 00 00 je 0xc19
ea: 83 fe 40 cmp esi, 0x40
ed: 0f 84 5b 0f 00 00 je 0x104e
f3: 83 fe 1a cmp esi, 0x1a
f6: 0f 84 23 0f 00 00 je 0x101f
fc: 83 fe 38 cmp esi, 0x38
ff: 0f 84 eb 0e 00 00 je 0xff0
105: 83 fe 32 cmp esi, 0x32
108: 0f 84 b3 0e 00 00 je 0xfc1
10e: 83 fe 46 cmp esi, 0x46
111: 0f 84 7b 0e 00 00 je 0xf92
117: 83 fe 43 cmp esi, 0x43
11a: 0f 84 46 0e 00 00 je 0xf66
120: 83 fe 39 cmp esi, 0x39
123: 0f 84 0e 0e 00 00 je 0xf37
129: 83 fe 53 cmp esi, 0x53
12c: 0f 84 d6 0d 00 00 je 0xf08
132: 83 fe 23 cmp esi, 0x23
135: 0f 84 9e 0d 00 00 je 0xed9
13b: 83 fe 37 cmp esi, 0x37
13e: 0f 84 66 0d 00 00 je 0xeaa
144: 83 fe 2a cmp esi, 0x2a
147: 0f 84 2e 0d 00 00 je 0xe7b
14d: 83 fe 29 cmp esi, 0x29
150: 0f 84 f6 0c 00 00 je 0xe4c
156: 83 fe 1e cmp esi, 0x1e
159: 0f 84 b4 0c 00 00 je 0xe13
15f: 83 fe 51 cmp esi, 0x51
162: 0f 84 7c 0c 00 00 je 0xde4
168: 83 fe 27 cmp esi, 0x27
16b: 0f 84 44 0c 00 00 je 0xdb5
171: 83 fe 63 cmp esi, 0x63
174: 0f 84 0c 0c 00 00 je 0xd86
17a: 83 fe 52 cmp esi, 0x52
17d: 0f 84 9e 14 00 00 je 0x1621
183: 83 fe 60 cmp esi, 0x60
186: 0f 84 66 14 00 00 je 0x15f2
18c: 83 fe 44 cmp esi, 0x44
18f: 0f 84 2e 14 00 00 je 0x15c3
195: 83 fe 2e cmp esi, 0x2e
198: 0f 84 f9 13 00 00 je 0x1597
19e: 83 fe 07 cmp esi, 0x7
1a1: 0f 84 c4 13 00 00 je 0x156b
1a7: 83 fe 21 cmp esi, 0x21
1aa: 0f 84 8c 13 00 00 je 0x153c
1b0: 83 fe 45 cmp esi, 0x45
1b3: 0f 84 54 13 00 00 je 0x150d
1b9: 83 fe 33 cmp esi, 0x33
1bc: 0f 84 1c 13 00 00 je 0x14de
1c2: 83 fe 5e cmp esi, 0x5e
1c5: 0f 84 e7 12 00 00 je 0x14b2
1cb: 83 fe 2d cmp esi, 0x2d
1ce: 0f 84 af 12 00 00 je 0x1483
1d4: 83 fe 08 cmp esi, 0x8
1d7: 0f 84 77 12 00 00 je 0x1454
1dd: 83 fe 61 cmp esi, 0x61
1e0: 0f 84 41 12 00 00 je 0x1427
1e6: 83 fe 02 cmp esi, 0x2
1e9: 0f 84 09 12 00 00 je 0x13f8
1ef: 83 fe 4b cmp esi, 0x4b
1f2: 0f 84 d1 11 00 00 je 0x13c9
1f8: 83 fe 22 cmp esi, 0x22
1fb: 0f 84 99 11 00 00 je 0x139a
201: 83 fe 3b cmp esi, 0x3b
204: 0f 84 61 11 00 00 je 0x136b
20a: 83 fe 3c cmp esi, 0x3c
20d: 0f 84 29 11 00 00 je 0x133c
213: 83 fe 25 cmp esi, 0x25
216: 0f 84 f1 10 00 00 je 0x130d
21c: 83 fe 4c cmp esi, 0x4c
21f: 0f 84 bb 10 00 00 je 0x12e0
225: 83 fe 19 cmp esi, 0x19
228: 0f 84 83 10 00 00 je 0x12b1
22e: 83 fe 12 cmp esi, 0x12
231: 0f 84 4b 10 00 00 je 0x1282
237: 83 fe 1c cmp esi, 0x1c
23a: 0f 84 13 10 00 00 je 0x1253
240: 83 fe 5c cmp esi, 0x5c
243: 0f 84 db 0f 00 00 je 0x1224
249: 83 fe 03 cmp esi, 0x3
24c: 0f 84 a3 0f 00 00 je 0x11f5
252: 83 fe 62 cmp esi, 0x62
255: 0f 84 6b 0f 00 00 je 0x11c6
25b: 83 fe 4e cmp esi, 0x4e
25e: 0f 84 33 0f 00 00 je 0x1197
264: 83 fe 4d cmp esi, 0x4d
267: 0f 84 fb 0e 00 00 je 0x1168
26d: 83 fe 42 cmp esi, 0x42
270: 0f 84 c3 0e 00 00 je 0x1139
276: 83 fe 3f cmp esi, 0x3f
279: 0f 84 8b 0e 00 00 je 0x110a
27f: 83 fe 58 cmp esi, 0x58
282: 0f 84 53 0e 00 00 je 0x10db
288: 83 fe 54 cmp esi, 0x54
28b: 0f 84 1b 0e 00 00 je 0x10ac
291: 83 fe 05 cmp esi, 0x5
294: 0f 84 e3 0d 00 00 je 0x107d
29a: 83 fe 10 cmp esi, 0x10
29d: 0f 84 d8 07 00 00 je 0xa7b
2a3: 83 fe 64 cmp esi, 0x64
2a6: 0f 84 a0 07 00 00 je 0xa4c
2ac: 83 fe 1d cmp esi, 0x1d
2af: 0f 84 68 07 00 00 je 0xa1d
2b5: 83 fe 13 cmp esi, 0x13
2b8: 0f 84 30 07 00 00 je 0x9ee
2be: 83 fe 0b cmp esi, 0xb
2c1: 0f 84 f8 06 00 00 je 0x9bf
2c7: 83 fe 01 cmp esi, 0x1
2ca: 0f 84 c0 06 00 00 je 0x990
2d0: 83 fe 3a cmp esi, 0x3a
2d3: 0f 84 88 06 00 00 je 0x961
2d9: 83 fe 48 cmp esi, 0x48
2dc: 0f 84 50 06 00 00 je 0x932
2e2: 83 fe 49 cmp esi, 0x49
2e5: 0f 84 18 06 00 00 je 0x903
2eb: 83 fe 1b cmp esi, 0x1b
2ee: 0f 84 e0 05 00 00 je 0x8d4
2f4: 83 fe 56 cmp esi, 0x56
2f7: 0f 84 a8 05 00 00 je 0x8a5
2fd: 83 fe 26 cmp esi, 0x26
300: 0f 84 70 05 00 00 je 0x876
306: 83 fe 14 cmp esi, 0x14
309: 0f 84 38 05 00 00 je 0x847
30f: 83 fe 0a cmp esi, 0xa
312: 0f 84 03 05 00 00 je 0x81b
318: 83 fe 09 cmp esi, 0x9
31b: 0f 84 ce 04 00 00 je 0x7ef
321: 83 fe 1f cmp esi, 0x1f
324: 0f 84 96 04 00 00 je 0x7c0
32a: 83 fe 3e cmp esi, 0x3e
32d: 0f 84 ba 08 00 00 je 0xbed
333: 83 fe 5b cmp esi, 0x5b
336: 0f 84 82 08 00 00 je 0xbbe
33c: 83 fe 5d cmp esi, 0x5d
33f: 0f 84 4a 08 00 00 je 0xb8f
345: 83 fe 28 cmp esi, 0x28
348: 0f 84 12 08 00 00 je 0xb60
34e: 83 fe 35 cmp esi, 0x35
351: 0f 84 da 07 00 00 je 0xb31
357: 83 fe 41 cmp esi, 0x41
35a: 0f 84 a5 07 00 00 je 0xb05
360: 83 fe 57 cmp esi, 0x57
363: 0f 84 6d 07 00 00 je 0xad6
369: 83 fe 5f cmp esi, 0x5f
36c: 0f 84 38 07 00 00 je 0xaaa
372: 83 fe 18 cmp esi, 0x18
375: 0f 84 1b 04 00 00 je 0x796
37b: 83 fe 24 cmp esi, 0x24
37e: 75 6d jne 0x3ed
380: 8d 74 24 fa lea esi, [esp-0x6]
384: b9 26 00 00 00 mov ecx, 0x26
389: bf 2f 00 00 00 mov edi, 0x2f
38e: 89 c8 mov eax, ecx
390: 99 cdq
391: f7 ff idiv edi
393: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
398: 30 04 0e xor BYTE PTR [esi+ecx*1], al
39b: 83 c1 01 add ecx, 0x1
39e: 83 f9 4d cmp ecx, 0x4d
3a1: 75 eb jne 0x38e
3a3: cd 51 int 0x51
3a5: be 1b 00 00 00 mov esi, 0x1b
3aa: eb 41 jmp 0x3ed
3ac: 8d 74 24 15 lea esi, [esp+0x15]
3b0: b9 0b 00 00 00 mov ecx, 0xb
3b5: bf 5d 41 4c ae mov edi, 0xae4c415d
3ba: 8d 74 26 00 lea esi, [esi+eiz*1+0x0]
3be: 89 c8 mov eax, ecx
3c0: f7 ef imul edi
3c2: 8d 04 0a lea eax, [edx+ecx*1]
3c5: 89 ca mov edx, ecx
3c7: c1 fa 1f sar edx, 0x1f
3ca: c1 f8 05 sar eax, 0x5
3cd: 29 d0 sub eax, edx
3cf: 89 ca mov edx, ecx
3d1: 6b c0 2f imul eax, eax, 0x2f
3d4: 29 c2 sub edx, eax
3d6: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
3db: 30 04 0e xor BYTE PTR [esi+ecx*1], al
3de: 83 c1 01 add ecx, 0x1
3e1: 83 f9 17 cmp ecx, 0x17
3e4: 75 d8 jne 0x3be
3e6: cd 2b int 0x2b
3e8: be 64 00 00 00 mov esi, 0x64
3ed: 89 74 24 04 mov DWORD PTR [esp+0x4], esi
3f1: 8d 74 24 20 lea esi, [esp+0x20]
3f5: c7 04 24 68 70 40 00 mov DWORD PTR [esp], 0x407068
3fc: e8 e5 f9 ff ff call 0xfffffde6
401: 0f be 06 movsx eax, BYTE PTR [esi]
404: c7 04 24 6c 70 40 00 mov DWORD PTR [esp], 0x40706c
40b: 83 c6 01 add esi, 0x1
40e: 89 44 24 04 mov DWORD PTR [esp+0x4], eax
412: e8 cf f9 ff ff call 0xfffffde6
417: 39 f3 cmp ebx, esi
419: 75 e6 jne 0x401
41b: 8d 65 f4 lea esp, [ebp-0xc]
41e: 31 c0 xor eax, eax
420: 5b pop ebx
421: 5e pop esi
422: 5f pop edi
423: 5d pop ebp
424: c3 ret
425: 8d 74 24 0d lea esi, [esp+0xd]
429: b9 13 00 00 00 mov ecx, 0x13
42e: bf 5d 41 4c ae mov edi, 0xae4c415d
433: 89 c8 mov eax, ecx
435: f7 ef imul edi
437: 8d 04 0a lea eax, [edx+ecx*1]
43a: 89 ca mov edx, ecx
43c: c1 fa 1f sar edx, 0x1f
43f: c1 f8 05 sar eax, 0x5
442: 29 d0 sub eax, edx
444: 89 ca mov edx, ecx
446: 6b c0 2f imul eax, eax, 0x2f
449: 29 c2 sub edx, eax
44b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
450: 30 04 0e xor BYTE PTR [esi+ecx*1], al
453: 83 c1 01 add ecx, 0x1
456: 83 f9 27 cmp ecx, 0x27
459: 75 d8 jne 0x433
45b: cd 23 int 0x23
45d: be 50 00 00 00 mov esi, 0x50
462: eb 89 jmp 0x3ed
464: 8d 74 24 14 lea esi, [esp+0x14]
468: b9 0c 00 00 00 mov ecx, 0xc
46d: bf 5d 41 4c ae mov edi, 0xae4c415d
472: 89 c8 mov eax, ecx
474: f7 ef imul edi
476: 8d 04 0a lea eax, [edx+ecx*1]
479: 89 ca mov edx, ecx
47b: c1 fa 1f sar edx, 0x1f
47e: c1 f8 05 sar eax, 0x5
481: 29 d0 sub eax, edx
483: 89 ca mov edx, ecx
485: 6b c0 2f imul eax, eax, 0x2f
488: 29 c2 sub edx, eax
48a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
48f: 30 04 0e xor BYTE PTR [esi+ecx*1], al
492: 83 c1 01 add ecx, 0x1
495: 83 f9 19 cmp ecx, 0x19
498: 75 d8 jne 0x472
49a: cd 08 int 0x8
49c: be 47 00 00 00 mov esi, 0x47
4a1: e9 47 ff ff ff jmp 0x3ed
4a6: b9 1f 00 00 00 mov ecx, 0x1f
4ab: be 5d 41 4c ae mov esi, 0xae4c415d
4b0: 89 c8 mov eax, ecx
4b2: 89 cf mov edi, ecx
4b4: f7 ee imul esi
4b6: 8d 04 0a lea eax, [edx+ecx*1]
4b9: 89 ca mov edx, ecx
4bb: c1 fa 1f sar edx, 0x1f
4be: c1 f8 05 sar eax, 0x5
4c1: 29 d0 sub eax, edx
4c3: 6b c0 2f imul eax, eax, 0x2f
4c6: 29 c7 sub edi, eax
4c8: 0f b6 44 3c 20 movzx eax, BYTE PTR [esp+edi*1+0x20]
4cd: 30 44 0c 01 xor BYTE PTR [esp+ecx*1+0x1], al
4d1: 83 c1 01 add ecx, 0x1
4d4: 83 f9 3f cmp ecx, 0x3f
4d7: 75 d7 jne 0x4b0
4d9: cd 12 int 0x12
4db: be 21 00 00 00 mov esi, 0x21
4e0: e9 08 ff ff ff jmp 0x3ed
4e5: 8d 74 24 1c lea esi, [esp+0x1c]
4e9: b9 04 00 00 00 mov ecx, 0x4
4ee: bf 2f 00 00 00 mov edi, 0x2f
4f3: 89 c8 mov eax, ecx
4f5: 99 cdq
4f6: f7 ff idiv edi
4f8: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
4fd: 30 04 0e xor BYTE PTR [esi+ecx*1], al
500: 83 c1 01 add ecx, 0x1
503: 83 f9 09 cmp ecx, 0x9
506: 75 eb jne 0x4f3
508: cd 3a int 0x3a
50a: be 1d 00 00 00 mov esi, 0x1d
50f: e9 d9 fe ff ff jmp 0x3ed
514: 8d 74 24 06 lea esi, [esp+0x6]
518: b9 1a 00 00 00 mov ecx, 0x1a
51d: bf 5d 41 4c ae mov edi, 0xae4c415d
522: 89 c8 mov eax, ecx
524: f7 ef imul edi
526: 8d 04 0a lea eax, [edx+ecx*1]
529: 89 ca mov edx, ecx
52b: c1 fa 1f sar edx, 0x1f
52e: c1 f8 05 sar eax, 0x5
531: 29 d0 sub eax, edx
533: 89 ca mov edx, ecx
535: 6b c0 2f imul eax, eax, 0x2f
538: 29 c2 sub edx, eax
53a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
53f: 30 04 0e xor BYTE PTR [esi+ecx*1], al
542: 83 c1 01 add ecx, 0x1
545: 83 f9 35 cmp ecx, 0x35
548: 75 d8 jne 0x522
54a: cd 4f int 0x4f
54c: be 60 00 00 00 mov esi, 0x60
551: e9 97 fe ff ff jmp 0x3ed
556: 8d 74 24 19 lea esi, [esp+0x19]
55a: b9 07 00 00 00 mov ecx, 0x7
55f: bf 2f 00 00 00 mov edi, 0x2f
564: 89 c8 mov eax, ecx
566: 99 cdq
567: f7 ff idiv edi
569: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
56e: 30 04 0e xor BYTE PTR [esi+ecx*1], al
571: 83 c1 01 add ecx, 0x1
574: 83 f9 0f cmp ecx, 0xf
577: 75 eb jne 0x564
579: cd 5d int 0x5d
57b: be 3d 00 00 00 mov esi, 0x3d
580: e9 68 fe ff ff jmp 0x3ed
585: 8d 74 24 0e lea esi, [esp+0xe]
589: b9 12 00 00 00 mov ecx, 0x12
58e: bf 5d 41 4c ae mov edi, 0xae4c415d
593: 89 c8 mov eax, ecx
595: f7 ef imul edi
597: 8d 04 0a lea eax, [edx+ecx*1]
59a: 89 ca mov edx, ecx
59c: c1 fa 1f sar edx, 0x1f
59f: c1 f8 05 sar eax, 0x5
5a2: 29 d0 sub eax, edx
5a4: 89 ca mov edx, ecx
5a6: 6b c0 2f imul eax, eax, 0x2f
5a9: 29 c2 sub edx, eax
5ab: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
5b0: 30 04 0e xor BYTE PTR [esi+ecx*1], al
5b3: 83 c1 01 add ecx, 0x1
5b6: 83 f9 25 cmp ecx, 0x25
5b9: 75 d8 jne 0x593
5bb: cd 13 int 0x13
5bd: be 09 00 00 00 mov esi, 0x9
5c2: e9 26 fe ff ff jmp 0x3ed
5c7: 8d 74 24 15 lea esi, [esp+0x15]
5cb: b9 0b 00 00 00 mov ecx, 0xb
5d0: bf 2f 00 00 00 mov edi, 0x2f
5d5: 89 c8 mov eax, ecx
5d7: 99 cdq
5d8: f7 ff idiv edi
5da: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
5df: 30 04 0e xor BYTE PTR [esi+ecx*1], al
5e2: 83 c1 01 add ecx, 0x1
5e5: 83 f9 17 cmp ecx, 0x17
5e8: 75 eb jne 0x5d5
5ea: cc int3
5eb: be 3a 00 00 00 mov esi, 0x3a
5f0: e9 f8 fd ff ff jmp 0x3ed
5f5: 8d 74 24 0e lea esi, [esp+0xe]
5f9: b9 12 00 00 00 mov ecx, 0x12
5fe: bf 2f 00 00 00 mov edi, 0x2f
603: 89 c8 mov eax, ecx
605: 99 cdq
606: f7 ff idiv edi
608: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
60d: 30 04 0e xor BYTE PTR [esi+ecx*1], al
610: 83 c1 01 add ecx, 0x1
613: 83 f9 25 cmp ecx, 0x25
616: 75 eb jne 0x603
618: cd 44 int 0x44
61a: be 26 00 00 00 mov esi, 0x26
61f: e9 c9 fd ff ff jmp 0x3ed
624: b9 1b 00 00 00 mov ecx, 0x1b
629: be 2f 00 00 00 mov esi, 0x2f
62e: 89 c8 mov eax, ecx
630: 99 cdq
631: f7 fe idiv esi
633: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
638: 30 44 0c 05 xor BYTE PTR [esp+ecx*1+0x5], al
63c: 83 c1 01 add ecx, 0x1
63f: 83 f9 37 cmp ecx, 0x37
642: 75 ea jne 0x62e
644: cd 0b int 0xb
646: be 33 00 00 00 mov esi, 0x33
64b: e9 9d fd ff ff jmp 0x3ed
650: 8d 74 24 03 lea esi, [esp+0x3]
654: b9 1d 00 00 00 mov ecx, 0x1d
659: bf 2f 00 00 00 mov edi, 0x2f
65e: 89 c8 mov eax, ecx
660: 99 cdq
661: f7 ff idiv edi
663: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
668: 30 04 0e xor BYTE PTR [esi+ecx*1], al
66b: 83 c1 01 add ecx, 0x1
66e: 83 f9 3b cmp ecx, 0x3b
671: 75 eb jne 0x65e
673: cd 2d int 0x2d
675: be 11 00 00 00 mov esi, 0x11
67a: e9 6e fd ff ff jmp 0x3ed
67f: 8d 74 24 f5 lea esi, [esp-0xb]
683: b9 2b 00 00 00 mov ecx, 0x2b
688: bf 2f 00 00 00 mov edi, 0x2f
68d: 89 c8 mov eax, ecx
68f: 99 cdq
690: f7 ff idiv edi
692: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
697: 30 04 0e xor BYTE PTR [esi+ecx*1], al
69a: 83 c1 01 add ecx, 0x1
69d: 83 f9 57 cmp ecx, 0x57
6a0: 75 eb jne 0x68d
6a2: cd 4c int 0x4c
6a4: be 13 00 00 00 mov esi, 0x13
6a9: e9 3f fd ff ff jmp 0x3ed
6ae: 8d 74 24 fc lea esi, [esp-0x4]
6b2: b9 24 00 00 00 mov ecx, 0x24
6b7: bf 2f 00 00 00 mov edi, 0x2f
6bc: 89 c8 mov eax, ecx
6be: 99 cdq
6bf: f7 ff idiv edi
6c1: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
6c6: 30 04 0e xor BYTE PTR [esi+ecx*1], al
6c9: 83 c1 01 add ecx, 0x1
6cc: 83 f9 49 cmp ecx, 0x49
6cf: 75 eb jne 0x6bc
6d1: cd 5b int 0x5b
6d3: be 0d 00 00 00 mov esi, 0xd
6d8: e9 10 fd ff ff jmp 0x3ed
6dd: 8d 4c 24 13 lea ecx, [esp+0x13]
6e1: be 0d 00 00 00 mov esi, 0xd
6e6: bf 2f 00 00 00 mov edi, 0x2f
6eb: 89 f0 mov eax, esi
6ed: 99 cdq
6ee: f7 ff idiv edi
6f0: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
6f5: 30 04 31 xor BYTE PTR [ecx+esi*1], al
6f8: 83 c6 01 add esi, 0x1
6fb: 83 fe 1b cmp esi, 0x1b
6fe: 75 eb jne 0x6eb
700: cd 50 int 0x50
702: be 3b 00 00 00 mov esi, 0x3b
707: e9 e1 fc ff ff jmp 0x3ed
70c: b9 2d 00 00 00 mov ecx, 0x2d
711: be 2f 00 00 00 mov esi, 0x2f
716: 89 c8 mov eax, ecx
718: 99 cdq
719: f7 fe idiv esi
71b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
720: 30 44 0c f3 xor BYTE PTR [esp+ecx*1-0xd], al
724: 83 c1 01 add ecx, 0x1
727: 83 f9 5b cmp ecx, 0x5b
72a: 75 ea jne 0x716
72c: cd 49 int 0x49
72e: be 29 00 00 00 mov esi, 0x29
733: e9 b5 fc ff ff jmp 0x3ed
738: 8d 4c 24 0f lea ecx, [esp+0xf]
73c: be 11 00 00 00 mov esi, 0x11
741: bf 2f 00 00 00 mov edi, 0x2f
746: 89 f0 mov eax, esi
748: 99 cdq
749: f7 ff idiv edi
74b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
750: 30 04 31 xor BYTE PTR [ecx+esi*1], al
753: 83 c6 01 add esi, 0x1
756: 83 fe 23 cmp esi, 0x23
759: 75 eb jne 0x746
75b: cd 01 int 0x1
75d: be 30 00 00 00 mov esi, 0x30
762: e9 86 fc ff ff jmp 0x3ed
767: 8d 74 24 03 lea esi, [esp+0x3]
76b: b9 1d 00 00 00 mov ecx, 0x1d
770: bf 2f 00 00 00 mov edi, 0x2f
775: 89 c8 mov eax, ecx
777: 99 cdq
778: f7 ff idiv edi
77a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
77f: 30 04 0e xor BYTE PTR [esi+ecx*1], al
782: 83 c1 01 add ecx, 0x1
785: 83 f9 3b cmp ecx, 0x3b
788: 75 eb jne 0x775
78a: cd 48 int 0x48
78c: be 14 00 00 00 mov esi, 0x14
791: e9 57 fc ff ff jmp 0x3ed
796: 8d 4c 24 08 lea ecx, [esp+0x8]
79a: bf 2f 00 00 00 mov edi, 0x2f
79f: 89 f0 mov eax, esi
7a1: 99 cdq
7a2: f7 ff idiv edi
7a4: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
7a9: 30 04 31 xor BYTE PTR [ecx+esi*1], al
7ac: 83 c6 01 add esi, 0x1
7af: 83 fe 31 cmp esi, 0x31
7b2: 75 eb jne 0x79f
7b4: cd 58 int 0x58
7b6: be 4e 00 00 00 mov esi, 0x4e
7bb: e9 2d fc ff ff jmp 0x3ed
7c0: 8d 74 24 03 lea esi, [esp+0x3]
7c4: b9 1d 00 00 00 mov ecx, 0x1d
7c9: bf 2f 00 00 00 mov edi, 0x2f
7ce: 89 c8 mov eax, ecx
7d0: 99 cdq
7d1: f7 ff idiv edi
7d3: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
7d8: 30 04 0e xor BYTE PTR [esi+ecx*1], al
7db: 83 c1 01 add ecx, 0x1
7de: 83 f9 3b cmp ecx, 0x3b
7e1: 75 eb jne 0x7ce
7e3: cd 31 int 0x31
7e5: be 4b 00 00 00 mov esi, 0x4b
7ea: e9 fe fb ff ff jmp 0x3ed
7ef: b9 2e 00 00 00 mov ecx, 0x2e
7f4: be 2f 00 00 00 mov esi, 0x2f
7f9: 89 c8 mov eax, ecx
7fb: 99 cdq
7fc: f7 fe idiv esi
7fe: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
803: 30 44 0c f2 xor BYTE PTR [esp+ecx*1-0xe], al
807: 83 c1 01 add ecx, 0x1
80a: 83 f9 5d cmp ecx, 0x5d
80d: 75 ea jne 0x7f9
80f: cd 3c int 0x3c
811: be 52 00 00 00 mov esi, 0x52
816: e9 d2 fb ff ff jmp 0x3ed
81b: b9 03 00 00 00 mov ecx, 0x3
820: be 2f 00 00 00 mov esi, 0x2f
825: 89 c8 mov eax, ecx
827: 99 cdq
828: f7 fe idiv esi
82a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
82f: 30 44 0c 1d xor BYTE PTR [esp+ecx*1+0x1d], al
833: 83 c1 01 add ecx, 0x1
836: 83 f9 07 cmp ecx, 0x7
839: 75 ea jne 0x825
83b: cd 1c int 0x1c
83d: be 4d 00 00 00 mov esi, 0x4d
842: e9 a6 fb ff ff jmp 0x3ed
847: 8d 4c 24 f7 lea ecx, [esp-0x9]
84b: be 29 00 00 00 mov esi, 0x29
850: bf 2f 00 00 00 mov edi, 0x2f
855: 89 f0 mov eax, esi
857: 99 cdq
858: f7 ff idiv edi
85a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
85f: 30 04 31 xor BYTE PTR [ecx+esi*1], al
862: 83 c6 01 add esi, 0x1
865: 83 fe 53 cmp esi, 0x53
868: 75 eb jne 0x855
86a: cd 06 int 0x6
86c: be 2a 00 00 00 mov esi, 0x2a
871: e9 77 fb ff ff jmp 0x3ed
876: 8d 74 24 17 lea esi, [esp+0x17]
87a: b9 09 00 00 00 mov ecx, 0x9
87f: bf 2f 00 00 00 mov edi, 0x2f
884: 89 c8 mov eax, ecx
886: 99 cdq
887: f7 ff idiv edi
889: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
88e: 30 04 0e xor BYTE PTR [esi+ecx*1], al
891: 83 c1 01 add ecx, 0x1
894: 83 f9 13 cmp ecx, 0x13
897: 75 eb jne 0x884
899: cd 35 int 0x35
89b: be 4a 00 00 00 mov esi, 0x4a
8a0: e9 48 fb ff ff jmp 0x3ed
8a5: 8d 74 24 fc lea esi, [esp-0x4]
8a9: b9 24 00 00 00 mov ecx, 0x24
8ae: bf 2f 00 00 00 mov edi, 0x2f
8b3: 89 c8 mov eax, ecx
8b5: 99 cdq
8b6: f7 ff idiv edi
8b8: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
8bd: 30 04 0e xor BYTE PTR [esi+ecx*1], al
8c0: 83 c1 01 add ecx, 0x1
8c3: 83 f9 49 cmp ecx, 0x49
8c6: 75 eb jne 0x8b3
8c8: cd 54 int 0x54
8ca: be 38 00 00 00 mov esi, 0x38
8cf: e9 19 fb ff ff jmp 0x3ed
8d4: 8d 4c 24 18 lea ecx, [esp+0x18]
8d8: be 08 00 00 00 mov esi, 0x8
8dd: bf 2f 00 00 00 mov edi, 0x2f
8e2: 89 f0 mov eax, esi
8e4: 99 cdq
8e5: f7 ff idiv edi
8e7: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
8ec: 30 04 31 xor BYTE PTR [ecx+esi*1], al
8ef: 83 c6 01 add esi, 0x1
8f2: 83 fe 11 cmp esi, 0x11
8f5: 75 eb jne 0x8e2
8f7: cd 2f int 0x2f
8f9: be 0f 00 00 00 mov esi, 0xf
8fe: e9 ea fa ff ff jmp 0x3ed
903: 8d 74 24 fc lea esi, [esp-0x4]
907: b9 24 00 00 00 mov ecx, 0x24
90c: bf 2f 00 00 00 mov edi, 0x2f
911: 89 c8 mov eax, ecx
913: 99 cdq
914: f7 ff idiv edi
916: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
91b: 30 04 0e xor BYTE PTR [esi+ecx*1], al
91e: 83 c1 01 add ecx, 0x1
921: 83 f9 49 cmp ecx, 0x49
924: 75 eb jne 0x911
926: cd 43 int 0x43
928: be 43 00 00 00 mov esi, 0x43
92d: e9 bb fa ff ff jmp 0x3ed
932: 8d 4c 24 12 lea ecx, [esp+0x12]
936: be 0e 00 00 00 mov esi, 0xe
93b: bf 2f 00 00 00 mov edi, 0x2f
940: 89 f0 mov eax, esi
942: 99 cdq
943: f7 ff idiv edi
945: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
94a: 30 04 31 xor BYTE PTR [ecx+esi*1], al
94d: 83 c6 01 add esi, 0x1
950: 83 fe 1d cmp esi, 0x1d
953: 75 eb jne 0x940
955: cd 0a int 0xa
957: be 57 00 00 00 mov esi, 0x57
95c: e9 8c fa ff ff jmp 0x3ed
961: 8d 4c 24 1e lea ecx, [esp+0x1e]
965: be 02 00 00 00 mov esi, 0x2
96a: bf 2f 00 00 00 mov edi, 0x2f
96f: 89 f0 mov eax, esi
971: 99 cdq
972: f7 ff idiv edi
974: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
979: 30 04 31 xor BYTE PTR [ecx+esi*1], al
97c: 83 c6 01 add esi, 0x1
97f: 83 fe 05 cmp esi, 0x5
982: 75 eb jne 0x96f
984: cd 04 int 0x4
986: be 28 00 00 00 mov esi, 0x28
98b: e9 5d fa ff ff jmp 0x3ed
990: 8d 74 24 1c lea esi, [esp+0x1c]
994: b9 04 00 00 00 mov ecx, 0x4
999: bf 2f 00 00 00 mov edi, 0x2f
99e: 89 c8 mov eax, ecx
9a0: 99 cdq
9a1: f7 ff idiv edi
9a3: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
9a8: 30 04 0e xor BYTE PTR [esi+ecx*1], al
9ab: 83 c1 01 add ecx, 0x1
9ae: 83 f9 09 cmp ecx, 0x9
9b1: 75 eb jne 0x99e
9b3: cd 52 int 0x52
9b5: be 44 00 00 00 mov esi, 0x44
9ba: e9 2e fa ff ff jmp 0x3ed
9bf: 8d 4c 24 18 lea ecx, [esp+0x18]
9c3: be 08 00 00 00 mov esi, 0x8
9c8: bf 2f 00 00 00 mov edi, 0x2f
9cd: 89 f0 mov eax, esi
9cf: 99 cdq
9d0: f7 ff idiv edi
9d2: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
9d7: 30 04 31 xor BYTE PTR [ecx+esi*1], al
9da: 83 c6 01 add esi, 0x1
9dd: 83 fe 11 cmp esi, 0x11
9e0: 75 eb jne 0x9cd
9e2: cd 4b int 0x4b
9e4: be 10 00 00 00 mov esi, 0x10
9e9: e9 ff f9 ff ff jmp 0x3ed
9ee: 8d 4c 24 13 lea ecx, [esp+0x13]
9f2: be 0d 00 00 00 mov esi, 0xd
9f7: bf 2f 00 00 00 mov edi, 0x2f
9fc: 89 f0 mov eax, esi
9fe: 99 cdq
9ff: f7 ff idiv edi
a01: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
a06: 30 04 31 xor BYTE PTR [ecx+esi*1], al
a09: 83 c6 01 add esi, 0x1
a0c: 83 fe 1b cmp esi, 0x1b
a0f: 75 eb jne 0x9fc
a11: cd 56 int 0x56
a13: be 51 00 00 00 mov esi, 0x51
a18: e9 d0 f9 ff ff jmp 0x3ed
a1d: 8d 4c 24 1e lea ecx, [esp+0x1e]
a21: be 02 00 00 00 mov esi, 0x2
a26: bf 2f 00 00 00 mov edi, 0x2f
a2b: 89 f0 mov eax, esi
a2d: 99 cdq
a2e: f7 ff idiv edi
a30: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
a35: 30 04 31 xor BYTE PTR [ecx+esi*1], al
a38: 83 c6 01 add esi, 0x1
a3b: 83 fe 05 cmp esi, 0x5
a3e: 75 eb jne 0xa2b
a40: cd 5e int 0x5e
a42: be 2f 00 00 00 mov esi, 0x2f
a47: e9 a1 f9 ff ff jmp 0x3ed
a4c: 8d 4c 24 0a lea ecx, [esp+0xa]
a50: be 16 00 00 00 mov esi, 0x16
a55: bf 2f 00 00 00 mov edi, 0x2f
a5a: 89 f0 mov eax, esi
a5c: 99 cdq
a5d: f7 ff idiv edi
a5f: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
a64: 30 04 31 xor BYTE PTR [ecx+esi*1], al
a67: 83 c6 01 add esi, 0x1
a6a: 83 fe 2d cmp esi, 0x2d
a6d: 75 eb jne 0xa5a
a6f: cd 5a int 0x5a
a71: be 5a 00 00 00 mov esi, 0x5a
a76: e9 72 f9 ff ff jmp 0x3ed
a7b: 8d 4c 24 08 lea ecx, [esp+0x8]
a7f: be 18 00 00 00 mov esi, 0x18
a84: bf 2f 00 00 00 mov edi, 0x2f
a89: 89 f0 mov eax, esi
a8b: 99 cdq
a8c: f7 ff idiv edi
a8e: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
a93: 30 04 31 xor BYTE PTR [ecx+esi*1], al
a96: 83 c6 01 add esi, 0x1
a99: 83 fe 31 cmp esi, 0x31
a9c: 75 eb jne 0xa89
a9e: cd 37 int 0x37
aa0: be 18 00 00 00 mov esi, 0x18
aa5: e9 43 f9 ff ff jmp 0x3ed
aaa: b9 27 00 00 00 mov ecx, 0x27
aaf: be 2f 00 00 00 mov esi, 0x2f
ab4: 89 c8 mov eax, ecx
ab6: 99 cdq
ab7: f7 fe idiv esi
ab9: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
abe: 30 44 0c f9 xor BYTE PTR [esp+ecx*1-0x7], al
ac2: 83 c1 01 add ecx, 0x1
ac5: 83 f9 4f cmp ecx, 0x4f
ac8: 75 ea jne 0xab4
aca: cd 25 int 0x25
acc: be 3c 00 00 00 mov esi, 0x3c
ad1: e9 17 f9 ff ff jmp 0x3ed
ad6: 8d 4c 24 f7 lea ecx, [esp-0x9]
ada: be 29 00 00 00 mov esi, 0x29
adf: bf 2f 00 00 00 mov edi, 0x2f
ae4: 89 f0 mov eax, esi
ae6: 99 cdq
ae7: f7 ff idiv edi
ae9: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
aee: 30 04 31 xor BYTE PTR [ecx+esi*1], al
af1: 83 c6 01 add esi, 0x1
af4: 83 fe 53 cmp esi, 0x53
af7: 75 eb jne 0xae4
af9: cd 57 int 0x57
afb: be 02 00 00 00 mov esi, 0x2
b00: e9 e8 f8 ff ff jmp 0x3ed
b05: b9 21 00 00 00 mov ecx, 0x21
b0a: be 2f 00 00 00 mov esi, 0x2f
b0f: 89 c8 mov eax, ecx
b11: 99 cdq
b12: f7 fe idiv esi
b14: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
b19: 30 44 0c ff xor BYTE PTR [esp+ecx*1-0x1], al
b1d: 83 c1 01 add ecx, 0x1
b20: 83 f9 43 cmp ecx, 0x43
b23: 75 ea jne 0xb0f
b25: cd 53 int 0x53
b27: be 59 00 00 00 mov esi, 0x59
b2c: e9 bc f8 ff ff jmp 0x3ed
b31: 8d 74 24 fc lea esi, [esp-0x4]
b35: b9 24 00 00 00 mov ecx, 0x24
b3a: bf 2f 00 00 00 mov edi, 0x2f
b3f: 89 c8 mov eax, ecx
b41: 99 cdq
b42: f7 ff idiv edi
b44: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
b49: 30 04 0e xor BYTE PTR [esi+ecx*1], al
b4c: 83 c1 01 add ecx, 0x1
b4f: 83 f9 49 cmp ecx, 0x49
b52: 75 eb jne 0xb3f
b54: cd 46 int 0x46
b56: be 24 00 00 00 mov esi, 0x24
b5b: e9 8d f8 ff ff jmp 0x3ed
b60: 8d 4c 24 0a lea ecx, [esp+0xa]
b64: be 16 00 00 00 mov esi, 0x16
b69: bf 2f 00 00 00 mov edi, 0x2f
b6e: 89 f0 mov eax, esi
b70: 99 cdq
b71: f7 ff idiv edi
b73: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
b78: 30 04 31 xor BYTE PTR [ecx+esi*1], al
b7b: 83 c6 01 add esi, 0x1
b7e: 83 fe 2d cmp esi, 0x2d
b81: 75 eb jne 0xb6e
b83: cd 30 int 0x30
b85: be 40 00 00 00 mov esi, 0x40
b8a: e9 5e f8 ff ff jmp 0x3ed
b8f: 8d 74 24 14 lea esi, [esp+0x14]
b93: b9 0c 00 00 00 mov ecx, 0xc
b98: bf 2f 00 00 00 mov edi, 0x2f
b9d: 89 c8 mov eax, ecx
b9f: 99 cdq
ba0: f7 ff idiv edi
ba2: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
ba7: 30 04 0e xor BYTE PTR [esi+ecx*1], al
baa: 83 c1 01 add ecx, 0x1
bad: 83 f9 19 cmp ecx, 0x19
bb0: 75 eb jne 0xb9d
bb2: cd 62 int 0x62
bb4: be 41 00 00 00 mov esi, 0x41
bb9: e9 2f f8 ff ff jmp 0x3ed
bbe: 8d 74 24 fc lea esi, [esp-0x4]
bc2: b9 24 00 00 00 mov ecx, 0x24
bc7: bf 2f 00 00 00 mov edi, 0x2f
bcc: 89 c8 mov eax, ecx
bce: 99 cdq
bcf: f7 ff idiv edi
bd1: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
bd6: 30 04 0e xor BYTE PTR [esi+ecx*1], al
bd9: 83 c1 01 add ecx, 0x1
bdc: 83 f9 49 cmp ecx, 0x49
bdf: 75 eb jne 0xbcc
be1: cd 63 int 0x63
be3: be 12 00 00 00 mov esi, 0x12
be8: e9 00 f8 ff ff jmp 0x3ed
bed: b9 22 00 00 00 mov ecx, 0x22
bf2: be 2f 00 00 00 mov esi, 0x2f
bf7: 89 c8 mov eax, ecx
bf9: 99 cdq
bfa: f7 fe idiv esi
bfc: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
c01: 30 44 0c fe xor BYTE PTR [esp+ecx*1-0x2], al
c05: 83 c1 01 add ecx, 0x1
c08: 83 f9 45 cmp ecx, 0x45
c0b: 75 ea jne 0xbf7
c0d: cd 45 int 0x45
c0f: be 2c 00 00 00 mov esi, 0x2c
c14: e9 d4 f7 ff ff jmp 0x3ed
c19: 8d 74 24 0d lea esi, [esp+0xd]
c1d: b9 13 00 00 00 mov ecx, 0x13
c22: bf 2f 00 00 00 mov edi, 0x2f
c27: 89 c8 mov eax, ecx
c29: 99 cdq
c2a: f7 ff idiv edi
c2c: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
c31: 30 04 0e xor BYTE PTR [esi+ecx*1], al
c34: 83 c1 01 add ecx, 0x1
c37: 83 f9 27 cmp ecx, 0x27
c3a: 75 eb jne 0xc27
c3c: cd 09 int 0x9
c3e: be 63 00 00 00 mov esi, 0x63
c43: e9 a5 f7 ff ff jmp 0x3ed
c48: b9 0a 00 00 00 mov ecx, 0xa
c4d: be 2f 00 00 00 mov esi, 0x2f
c52: 89 c8 mov eax, ecx
c54: 99 cdq
c55: f7 fe idiv esi
c57: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
c5c: 30 44 0c 16 xor BYTE PTR [esp+ecx*1+0x16], al
c60: 83 c1 01 add ecx, 0x1
c63: 83 f9 15 cmp ecx, 0x15
c66: 75 ea jne 0xc52
c68: cd 26 int 0x26
c6a: be 53 00 00 00 mov esi, 0x53
c6f: e9 79 f7 ff ff jmp 0x3ed
c74: 8d 74 24 f5 lea esi, [esp-0xb]
c78: b9 2b 00 00 00 mov ecx, 0x2b
c7d: bf 2f 00 00 00 mov edi, 0x2f
c82: 89 c8 mov eax, ecx
c84: 99 cdq
c85: f7 ff idiv edi
c87: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
c8c: 30 04 0e xor BYTE PTR [esi+ecx*1], al
c8f: 83 c1 01 add ecx, 0x1
c92: 83 f9 57 cmp ecx, 0x57
c95: 75 eb jne 0xc82
c97: cd 33 int 0x33
c99: be 20 00 00 00 mov esi, 0x20
c9e: e9 4a f7 ff ff jmp 0x3ed
ca3: 8d 4c 24 18 lea ecx, [esp+0x18]
ca7: be 08 00 00 00 mov esi, 0x8
cac: bf 2f 00 00 00 mov edi, 0x2f
cb1: 89 f0 mov eax, esi
cb3: 99 cdq
cb4: f7 ff idiv edi
cb6: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
cbb: 30 04 31 xor BYTE PTR [ecx+esi*1], al
cbe: 83 c6 01 add esi, 0x1
cc1: 83 fe 11 cmp esi, 0x11
cc4: 75 eb jne 0xcb1
cc6: cd 5c int 0x5c
cc8: be 54 00 00 00 mov esi, 0x54
ccd: e9 1b f7 ff ff jmp 0x3ed
cd2: 8d 4c 24 f8 lea ecx, [esp-0x8]
cd6: be 28 00 00 00 mov esi, 0x28
cdb: bf 2f 00 00 00 mov edi, 0x2f
ce0: 89 f0 mov eax, esi
ce2: 99 cdq
ce3: f7 ff idiv edi
ce5: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
cea: 30 04 31 xor BYTE PTR [ecx+esi*1], al
ced: 83 c6 01 add esi, 0x1
cf0: 83 fe 51 cmp esi, 0x51
cf3: 75 eb jne 0xce0
cf5: cd 17 int 0x17
cf7: be 05 00 00 00 mov esi, 0x5
cfc: e9 ec f6 ff ff jmp 0x3ed
d01: b9 05 00 00 00 mov ecx, 0x5
d06: be 2f 00 00 00 mov esi, 0x2f
d0b: 89 c8 mov eax, ecx
d0d: 99 cdq
d0e: f7 fe idiv esi
d10: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
d15: 30 44 0c 1b xor BYTE PTR [esp+ecx*1+0x1b], al
d19: 83 c1 01 add ecx, 0x1
d1c: 83 f9 0b cmp ecx, 0xb
d1f: 75 ea jne 0xd0b
d21: cd 1a int 0x1a
d23: be 0c 00 00 00 mov esi, 0xc
d28: e9 c0 f6 ff ff jmp 0x3ed
d2d: 8d 4c 24 0f lea ecx, [esp+0xf]
d31: bf 2f 00 00 00 mov edi, 0x2f
d36: 89 f0 mov eax, esi
d38: 99 cdq
d39: f7 ff idiv edi
d3b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
d40: 30 04 31 xor BYTE PTR [ecx+esi*1], al
d43: 83 c6 01 add esi, 0x1
d46: 83 fe 23 cmp esi, 0x23
d49: 75 eb jne 0xd36
d4b: cd 07 int 0x7
d4d: be 0b 00 00 00 mov esi, 0xb
d52: e9 96 f6 ff ff jmp 0x3ed
d57: 8d 74 24 f6 lea esi, [esp-0xa]
d5b: b9 2a 00 00 00 mov ecx, 0x2a
d60: bf 2f 00 00 00 mov edi, 0x2f
d65: 89 c8 mov eax, ecx
d67: 99 cdq
d68: f7 ff idiv edi
d6a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
d6f: 30 04 0e xor BYTE PTR [esi+ecx*1], al
d72: 83 c1 01 add ecx, 0x1
d75: 83 f9 55 cmp ecx, 0x55
d78: 75 eb jne 0xd65
d7a: cd 39 int 0x39
d7c: be 46 00 00 00 mov esi, 0x46
d81: e9 67 f6 ff ff jmp 0x3ed
d86: 8d 4c 24 f8 lea ecx, [esp-0x8]
d8a: be 28 00 00 00 mov esi, 0x28
d8f: bf 2f 00 00 00 mov edi, 0x2f
d94: 89 f0 mov eax, esi
d96: 99 cdq
d97: f7 ff idiv edi
d99: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
d9e: 30 04 31 xor BYTE PTR [ecx+esi*1], al
da1: 83 c6 01 add esi, 0x1
da4: 83 fe 51 cmp esi, 0x51
da7: 75 eb jne 0xd94
da9: cd 05 int 0x5
dab: be 4c 00 00 00 mov esi, 0x4c
db0: e9 38 f6 ff ff jmp 0x3ed
db5: 8d 74 24 06 lea esi, [esp+0x6]
db9: b9 1a 00 00 00 mov ecx, 0x1a
dbe: bf 2f 00 00 00 mov edi, 0x2f
dc3: 89 c8 mov eax, ecx
dc5: 99 cdq
dc6: f7 ff idiv edi
dc8: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
dcd: 30 04 0e xor BYTE PTR [esi+ecx*1], al
dd0: 83 c1 01 add ecx, 0x1
dd3: 83 f9 35 cmp ecx, 0x35
dd6: 75 eb jne 0xdc3
dd8: cd 18 int 0x18
dda: be 5b 00 00 00 mov esi, 0x5b
ddf: e9 09 f6 ff ff jmp 0x3ed
de4: 8d 4c 24 0b lea ecx, [esp+0xb]
de8: be 15 00 00 00 mov esi, 0x15
ded: bf 2f 00 00 00 mov edi, 0x2f
df2: 89 f0 mov eax, esi
df4: 99 cdq
df5: f7 ff idiv edi
df7: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
dfc: 30 04 31 xor BYTE PTR [ecx+esi*1], al
dff: 83 c6 01 add esi, 0x1
e02: 83 fe 2b cmp esi, 0x2b
e05: 75 eb jne 0xdf2
e07: cd 4d int 0x4d
e09: be 0a 00 00 00 mov esi, 0xa
e0e: e9 da f5 ff ff jmp 0x3ed
e13: 8d 4c 24 13 lea ecx, [esp+0x13]
e17: c7 44 24 1c 0d 00 00 00 mov DWORD PTR [esp+0x1c], 0xd
e1f: 8b 44 24 1c mov eax, DWORD PTR [esp+0x1c]
e23: bf 2f 00 00 00 mov edi, 0x2f
e28: 99 cdq
e29: f7 ff idiv edi
e2b: 8b 7c 24 1c mov edi, DWORD PTR [esp+0x1c]
e2f: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
e34: 30 04 39 xor BYTE PTR [ecx+edi*1], al
e37: 89 f8 mov eax, edi
e39: 83 c0 01 add eax, 0x1
e3c: 83 f8 1b cmp eax, 0x1b
e3f: 89 44 24 1c mov DWORD PTR [esp+0x1c], eax
e43: 75 da jne 0xe1f
e45: cd 14 int 0x14
e47: e9 a1 f5 ff ff jmp 0x3ed
e4c: 8d 4c 24 08 lea ecx, [esp+0x8]
e50: be 18 00 00 00 mov esi, 0x18
e55: bf 2f 00 00 00 mov edi, 0x2f
e5a: 89 f0 mov eax, esi
e5c: 99 cdq
e5d: f7 ff idiv edi
e5f: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
e64: 30 04 31 xor BYTE PTR [ecx+esi*1], al
e67: 83 c6 01 add esi, 0x1
e6a: 83 fe 31 cmp esi, 0x31
e6d: 75 eb jne 0xe5a
e6f: cd 3d int 0x3d
e71: be 07 00 00 00 mov esi, 0x7
e76: e9 72 f5 ff ff jmp 0x3ed
e7b: 8d 74 24 0c lea esi, [esp+0xc]
e7f: b9 14 00 00 00 mov ecx, 0x14
e84: bf 2f 00 00 00 mov edi, 0x2f
e89: 89 c8 mov eax, ecx
e8b: 99 cdq
e8c: f7 ff idiv edi
e8e: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
e93: 30 04 0e xor BYTE PTR [esi+ecx*1], al
e96: 83 c1 01 add ecx, 0x1
e99: 83 f9 29 cmp ecx, 0x29
e9c: 75 eb jne 0xe89
e9e: cd 19 int 0x19
ea0: be 36 00 00 00 mov esi, 0x36
ea5: e9 43 f5 ff ff jmp 0x3ed
eaa: 8d 74 24 fc lea esi, [esp-0x4]
eae: b9 24 00 00 00 mov ecx, 0x24
eb3: bf 2f 00 00 00 mov edi, 0x2f
eb8: 89 c8 mov eax, ecx
eba: 99 cdq
ebb: f7 ff idiv edi
ebd: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
ec2: 30 04 0e xor BYTE PTR [esi+ecx*1], al
ec5: 83 c1 01 add ecx, 0x1
ec8: 83 f9 49 cmp ecx, 0x49
ecb: 75 eb jne 0xeb8
ecd: cd 1f int 0x1f
ecf: be 0e 00 00 00 mov esi, 0xe
ed4: e9 14 f5 ff ff jmp 0x3ed
ed9: 8d 74 24 14 lea esi, [esp+0x14]
edd: b9 0c 00 00 00 mov ecx, 0xc
ee2: bf 2f 00 00 00 mov edi, 0x2f
ee7: 89 c8 mov eax, ecx
ee9: 99 cdq
eea: f7 ff idiv edi
eec: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
ef1: 30 04 0e xor BYTE PTR [esi+ecx*1], al
ef4: 83 c1 01 add ecx, 0x1
ef7: 83 f9 19 cmp ecx, 0x19
efa: 75 eb jne 0xee7
efc: cd 34 int 0x34
efe: be 01 00 00 00 mov esi, 0x1
f03: e9 e5 f4 ff ff jmp 0x3ed
f08: 8d 74 24 f6 lea esi, [esp-0xa]
f0c: b9 2a 00 00 00 mov ecx, 0x2a
f11: bf 2f 00 00 00 mov edi, 0x2f
f16: 89 c8 mov eax, ecx
f18: 99 cdq
f19: f7 ff idiv edi
f1b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
f20: 30 04 0e xor BYTE PTR [esi+ecx*1], al
f23: 83 c1 01 add ecx, 0x1
f26: 83 f9 55 cmp ecx, 0x55
f29: 75 eb jne 0xf16
f2b: cd 2c int 0x2c
f2d: be 1a 00 00 00 mov esi, 0x1a
f32: e9 b6 f4 ff ff jmp 0x3ed
f37: 8d 74 24 0c lea esi, [esp+0xc]
f3b: b9 14 00 00 00 mov ecx, 0x14
f40: bf 2f 00 00 00 mov edi, 0x2f
f45: 89 c8 mov eax, ecx
f47: 99 cdq
f48: f7 ff idiv edi
f4a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
f4f: 30 04 0e xor BYTE PTR [esi+ecx*1], al
f52: 83 c1 01 add ecx, 0x1
f55: 83 f9 29 cmp ecx, 0x29
f58: 75 eb jne 0xf45
f5a: cd 0f int 0xf
f5c: be 04 00 00 00 mov esi, 0x4
f61: e9 87 f4 ff ff jmp 0x3ed
f66: b9 23 00 00 00 mov ecx, 0x23
f6b: be 2f 00 00 00 mov esi, 0x2f
f70: 89 c8 mov eax, ecx
f72: 99 cdq
f73: f7 fe idiv esi
f75: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
f7a: 30 44 0c fd xor BYTE PTR [esp+ecx*1-0x3], al
f7e: 83 c1 01 add ecx, 0x1
f81: 83 f9 47 cmp ecx, 0x47
f84: 75 ea jne 0xf70
f86: cd 28 int 0x28
f88: be 49 00 00 00 mov esi, 0x49
f8d: e9 5b f4 ff ff jmp 0x3ed
f92: 8d 74 24 f4 lea esi, [esp-0xc]
f96: b9 2c 00 00 00 mov ecx, 0x2c
f9b: bf 2f 00 00 00 mov edi, 0x2f
fa0: 89 c8 mov eax, ecx
fa2: 99 cdq
fa3: f7 ff idiv edi
fa5: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
faa: 30 04 0e xor BYTE PTR [esi+ecx*1], al
fad: 83 c1 01 add ecx, 0x1
fb0: 83 f9 59 cmp ecx, 0x59
fb3: 75 eb jne 0xfa0
fb5: cd 60 int 0x60
fb7: be 45 00 00 00 mov esi, 0x45
fbc: e9 2c f4 ff ff jmp 0x3ed
fc1: 8d 74 24 0d lea esi, [esp+0xd]
fc5: b9 13 00 00 00 mov ecx, 0x13
fca: bf 2f 00 00 00 mov edi, 0x2f
fcf: 89 c8 mov eax, ecx
fd1: 99 cdq
fd2: f7 ff idiv edi
fd4: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
fd9: 30 04 0e xor BYTE PTR [esi+ecx*1], al
fdc: 83 c1 01 add ecx, 0x1
fdf: 83 f9 27 cmp ecx, 0x27
fe2: 75 eb jne 0xfcf
fe4: cd 24 int 0x24
fe6: be 3f 00 00 00 mov esi, 0x3f
feb: e9 fd f3 ff ff jmp 0x3ed
ff0: 8d 4c 24 0b lea ecx, [esp+0xb]
ff4: be 15 00 00 00 mov esi, 0x15
ff9: bf 2f 00 00 00 mov edi, 0x2f
ffe: 89 f0 mov eax, esi
1000: 99 cdq
1001: f7 ff idiv edi
1003: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1008: 30 04 31 xor BYTE PTR [ecx+esi*1], al
100b: 83 c6 01 add esi, 0x1
100e: 83 fe 2b cmp esi, 0x2b
1011: 75 eb jne 0xffe
1013: cd 15 int 0x15
1015: be 5c 00 00 00 mov esi, 0x5c
101a: e9 ce f3 ff ff jmp 0x3ed
101f: 8d 4c 24 f8 lea ecx, [esp-0x8]
1023: be 28 00 00 00 mov esi, 0x28
1028: bf 2f 00 00 00 mov edi, 0x2f
102d: 89 f0 mov eax, esi
102f: 99 cdq
1030: f7 ff idiv edi
1032: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1037: 30 04 31 xor BYTE PTR [ecx+esi*1], al
103a: 83 c6 01 add esi, 0x1
103d: 83 fe 51 cmp esi, 0x51
1040: 75 eb jne 0x102d
1042: cd 59 int 0x59
1044: be 5e 00 00 00 mov esi, 0x5e
1049: e9 9f f3 ff ff jmp 0x3ed
104e: 8d 4c 24 12 lea ecx, [esp+0x12]
1052: be 0e 00 00 00 mov esi, 0xe
1057: bf 2f 00 00 00 mov edi, 0x2f
105c: 89 f0 mov eax, esi
105e: 99 cdq
105f: f7 ff idiv edi
1061: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1066: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1069: 83 c6 01 add esi, 0x1
106c: 83 fe 1d cmp esi, 0x1d
106f: 75 eb jne 0x105c
1071: cd 0e int 0xe
1073: be 16 00 00 00 mov esi, 0x16
1078: e9 70 f3 ff ff jmp 0x3ed
107d: 8d 74 24 19 lea esi, [esp+0x19]
1081: b9 07 00 00 00 mov ecx, 0x7
1086: bf 2f 00 00 00 mov edi, 0x2f
108b: 89 c8 mov eax, ecx
108d: 99 cdq
108e: f7 ff idiv edi
1090: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1095: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1098: 83 c1 01 add ecx, 0x1
109b: 83 f9 0f cmp ecx, 0xf
109e: 75 eb jne 0x108b
10a0: cd 42 int 0x42
10a2: be 37 00 00 00 mov esi, 0x37
10a7: e9 41 f3 ff ff jmp 0x3ed
10ac: 8d 74 24 15 lea esi, [esp+0x15]
10b0: b9 0b 00 00 00 mov ecx, 0xb
10b5: bf 2f 00 00 00 mov edi, 0x2f
10ba: 89 c8 mov eax, ecx
10bc: 99 cdq
10bd: f7 ff idiv edi
10bf: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
10c4: 30 04 0e xor BYTE PTR [esi+ecx*1], al
10c7: 83 c1 01 add ecx, 0x1
10ca: 83 f9 17 cmp ecx, 0x17:q
10cd: 75 eb jne 0x10ba
10cf: 0f a2 cpuid
10d1: be 2e 00 00 00 mov esi, 0x2e
10d6: e9 12 f3 ff ff jmp 0x3ed
10db: 8d 4c 24 08 lea ecx, [esp+0x8]
10df: be 18 00 00 00 mov esi, 0x18
10e4: bf 2f 00 00 00 mov edi, 0x2f
10e9: 89 f0 mov eax, esi
10eb: 99 cdq
10ec: f7 ff idiv edi
10ee: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
10f3: 30 04 31 xor BYTE PTR [ecx+esi*1], al
10f6: 83 c6 01 add esi, 0x1
10f9: 83 fe 31 cmp esi, 0x31
10fc: 75 eb jne 0x10e9
10fe: cd 3b int 0x3b
1100: be 1f 00 00 00 mov esi, 0x1f
1105: e9 e3 f2 ff ff jmp 0x3ed
110a: 8d 4c 24 0a lea ecx, [esp+0xa]
110e: be 16 00 00 00 mov esi, 0x16
1113: bf 2f 00 00 00 mov edi, 0x2f
1118: 89 f0 mov eax, esi
111a: 99 cdq
111b: f7 ff idiv edi
111d: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1122: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1125: 83 c6 01 add esi, 0x1
1128: 83 fe 2d cmp esi, 0x2d
112b: 75 eb jne 0x1118
112d: cd 16 int 0x16
112f: be 25 00 00 00 mov esi, 0x25
1134: e9 b4 f2 ff ff jmp 0x3ed
1139: 8d 74 24 f4 lea esi, [esp-0xc]
113d: b9 2c 00 00 00 mov ecx, 0x2c
1142: bf 2f 00 00 00 mov edi, 0x2f
1147: 89 c8 mov eax, ecx
1149: 99 cdq
114a: f7 ff idiv edi
114c: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1151: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1154: 83 c1 01 add ecx, 0x1
1157: 83 f9 59 cmp ecx, 0x59
115a: 75 eb jne 0x1147
115c: cd 0c int 0xc
115e: be 48 00 00 00 mov esi, 0x48
1163: e9 85 f2 ff ff jmp 0x3ed
1168: 8d 74 24 03 lea esi, [esp+0x3]
116c: b9 1d 00 00 00 mov ecx, 0x1d
1171: bf 2f 00 00 00 mov edi, 0x2f
1176: 89 c8 mov eax, ecx
1178: 99 cdq
1179: f7 ff idiv edi
117b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1180: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1183: 83 c1 01 add ecx, 0x1
1186: 83 f9 3b cmp ecx, 0x3b
1189: 75 eb jne 0x1176
118b: cd 64 int 0x64
118d: be 17 00 00 00 mov esi, 0x17
1192: e9 56 f2 ff ff jmp 0x3ed
1197: 8d 74 24 fa lea esi, [esp-0x6]
119b: b9 26 00 00 00 mov ecx, 0x26
11a0: bf 2f 00 00 00 mov edi, 0x2f
11a5: 89 c8 mov eax, ecx
11a7: 99 cdq
11a8: f7 ff idiv edi
11aa: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
11af: 30 04 0e xor BYTE PTR [esi+ecx*1], al
11b2: 83 c1 01 add ecx, 0x1
11b5: 83 f9 4d cmp ecx, 0x4d
11b8: 75 eb jne 0x11a5
11ba: cd 22 int 0x22
11bc: be 3e 00 00 00 mov esi, 0x3e
11c1: e9 27 f2 ff ff jmp 0x3ed
11c6: 8d 4c 24 0f lea ecx, [esp+0xf]
11ca: be 11 00 00 00 mov esi, 0x11
11cf: bf 2f 00 00 00 mov edi, 0x2f
11d4: 89 f0 mov eax, esi
11d6: 99 cdq
11d7: f7 ff idiv edi
11d9: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
11de: 30 04 31 xor BYTE PTR [ecx+esi*1], al
11e1: 83 c6 01 add esi, 0x1
11e4: 83 fe 23 cmp esi, 0x23
11e7: 75 eb jne 0x11d4
11e9: cd 29 int 0x29
11eb: be 58 00 00 00 mov esi, 0x58
11f0: e9 f8 f1 ff ff jmp 0x3ed
11f5: 8d 74 24 1a lea esi, [esp+0x1a]
11f9: b9 06 00 00 00 mov ecx, 0x6
11fe: bf 2f 00 00 00 mov edi, 0x2f
1203: 89 c8 mov eax, ecx
1205: 99 cdq
1206: f7 ff idiv edi
1208: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
120d: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1210: 83 c1 01 add ecx, 0x1
1213: 83 f9 0d cmp ecx, 0xd
1216: 75 eb jne 0x1203
1218: cd 27 int 0x27
121a: be 56 00 00 00 mov esi, 0x56
121f: e9 c9 f1 ff ff jmp 0x3ed
1224: 8d 4c 24 f7 lea ecx, [esp-0x9]
1228: be 29 00 00 00 mov esi, 0x29
122d: bf 2f 00 00 00 mov edi, 0x2f
1232: 89 f0 mov eax, esi
1234: 99 cdq
1235: f7 ff idiv edi
1237: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
123c: 30 04 31 xor BYTE PTR [ecx+esi*1], al
123f: 83 c6 01 add esi, 0x1
1242: 83 fe 53 cmp esi, 0x53
1245: 75 eb jne 0x1232
1247: cd 20 int 0x20
1249: be 55 00 00 00 mov esi, 0x55
124e: e9 9a f1 ff ff jmp 0x3ed
1253: 8d 4c 24 08 lea ecx, [esp+0x8]
1257: be 18 00 00 00 mov esi, 0x18
125c: bf 2f 00 00 00 mov edi, 0x2f
1261: 89 f0 mov eax, esi
1263: 99 cdq
1264: f7 ff idiv edi
1266: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
126b: 30 04 31 xor BYTE PTR [ecx+esi*1], al
126e: 83 c6 01 add esi, 0x1
1271: 83 fe 31 cmp esi, 0x31
1274: 75 eb jne 0x1261
1276: cd 1b int 0x1b
1278: be 62 00 00 00 mov esi, 0x62
127d: e9 6b f1 ff ff jmp 0x3ed
1282: 8d 4c 24 0b lea ecx, [esp+0xb]
1286: be 15 00 00 00 mov esi, 0x15
128b: bf 2f 00 00 00 mov edi, 0x2f
1290: 89 f0 mov eax, esi
1292: 99 cdq
1293: f7 ff idiv edi
1295: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
129a: 30 04 31 xor BYTE PTR [ecx+esi*1], al
129d: 83 c6 01 add esi, 0x1
12a0: 83 fe 2b cmp esi, 0x2b
12a3: 75 eb jne 0x1290
12a5: cd 40 int 0x40
12a7: be 2d 00 00 00 mov esi, 0x2d
12ac: e9 3c f1 ff ff jmp 0x3ed
12b1: 8d 4c 24 13 lea ecx, [esp+0x13]
12b5: be 0d 00 00 00 mov esi, 0xd
12ba: bf 2f 00 00 00 mov edi, 0x2f
12bf: 89 f0 mov eax, esi
12c1: 99 cdq
12c2: f7 ff idiv edi
12c4: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
12c9: 30 04 31 xor BYTE PTR [ecx+esi*1], al
12cc: 83 c6 01 add esi, 0x1
12cf: 83 fe 1b cmp esi, 0x1b
12d2: 75 eb jne 0x12bf
12d4: cd 4e int 0x4e
12d6: be 35 00 00 00 mov esi, 0x35
12db: e9 0d f1 ff ff jmp 0x3ed
12e0: b9 20 00 00 00 mov ecx, 0x20
12e5: 89 e6 mov esi, esp
12e7: bf 2f 00 00 00 mov edi, 0x2f
12ec: 89 c8 mov eax, ecx
12ee: 99 cdq
12ef: f7 ff idiv edi
12f1: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
12f6: 30 04 0e xor BYTE PTR [esi+ecx*1], al
12f9: 83 c1 01 add ecx, 0x1
12fc: 83 f9 41 cmp ecx, 0x41
12ff: 75 eb jne 0x12ec
1301: cd 0d int 0xd
1303: be 39 00 00 00 mov esi, 0x39
1308: e9 e0 f0 ff ff jmp 0x3ed
130d: 8d 74 24 06 lea esi, [esp+0x6]
1311: b9 1a 00 00 00 mov ecx, 0x1a
1316: bf 2f 00 00 00 mov edi, 0x2f
131b: 89 c8 mov eax, ecx
131d: 99 cdq
131e: f7 ff idiv edi
1320: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1325: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1328: 83 c1 01 add ecx, 0x1
132b: 83 f9 35 cmp ecx, 0x35
132e: 75 eb jne 0x131b
1330: cd 41 int 0x41
1332: be 5f 00 00 00 mov esi, 0x5f
1337: e9 b1 f0 ff ff jmp 0x3ed
133c: 8d 4c 24 08 lea ecx, [esp+0x8]
1340: be 18 00 00 00 mov esi, 0x18
1345: bf 2f 00 00 00 mov edi, 0x2f
134a: 89 f0 mov eax, esi
134c: 99 cdq
134d: f7 ff idiv edi
134f: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1354: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1357: 83 c6 01 add esi, 0x1
135a: 83 fe 31 cmp esi, 0x31
135d: 75 eb jne 0x134a
135f: cd 1e int 0x1e
1361: be 42 00 00 00 mov esi, 0x42
1366: e9 82 f0 ff ff jmp 0x3ed
136b: 8d 74 24 03 lea esi, [esp+0x3]
136f: b9 1d 00 00 00 mov ecx, 0x1d
1374: bf 2f 00 00 00 mov edi, 0x2f
1379: 89 c8 mov eax, ecx
137b: 99 cdq
137c: f7 ff idiv edi
137e: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1383: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1386: 83 c1 01 add ecx, 0x1
1389: 83 f9 3b cmp ecx, 0x3b
138c: 75 eb jne 0x1379
138e: cd 55 int 0x55
1390: be 32 00 00 00 mov esi, 0x32
1395: e9 53 f0 ff ff jmp 0x3ed
139a: 8d 74 24 17 lea esi, [esp+0x17]
139e: b9 09 00 00 00 mov ecx, 0x9
13a3: bf 2f 00 00 00 mov edi, 0x2f
13a8: 89 c8 mov eax, ecx
13aa: 99 cdq
13ab: f7 ff idiv edi
13ad: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
13b2: 30 04 0e xor BYTE PTR [esi+ecx*1], al
13b5: 83 c1 01 add ecx, 0x1
13b8: 83 f9 13 cmp ecx, 0x13
13bb: 75 eb jne 0x13a8
13bd: cd 5f int 0x5f
13bf: be 2b 00 00 00 mov esi, 0x2b
13c4: e9 24 f0 ff ff jmp 0x3ed
13c9: 8d 74 24 1a lea esi, [esp+0x1a]
13cd: b9 06 00 00 00 mov ecx, 0x6
13d2: bf 2f 00 00 00 mov edi, 0x2f
13d7: 89 c8 mov eax, ecx
13d9: 99 cdq
13da: f7 ff idiv edi
13dc: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
13e1: 30 04 0e xor BYTE PTR [esi+ecx*1], al
13e4: 83 c1 01 add ecx, 0x1
13e7: 83 f9 0d cmp ecx, 0xd
13ea: 75 eb jne 0x13d7
13ec: cd 32 int 0x32
13ee: be 06 00 00 00 mov esi, 0x6
13f3: e9 f5 ef ff ff jmp 0x3ed
13f8: 8d 4c 24 f8 lea ecx, [esp-0x8]
13fc: be 28 00 00 00 mov esi, 0x28
1401: bf 2f 00 00 00 mov edi, 0x2f
1406: 89 f0 mov eax, esi
1408: 99 cdq
1409: f7 ff idiv edi
140b: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1410: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1413: 83 c6 01 add esi, 0x1
1416: 83 fe 51 cmp esi, 0x51
1419: 75 eb jne 0x1406
141b: cd 61 int 0x61
141d: be 27 00 00 00 mov esi, 0x27
1422: e9 c6 ef ff ff jmp 0x3ed
1427: b9 20 00 00 00 mov ecx, 0x20
142c: 89 e6 mov esi, esp
142e: bf 2f 00 00 00 mov edi, 0x2f
1433: 89 c8 mov eax, ecx
1435: 99 cdq
1436: f7 ff idiv edi
1438: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
143d: 30 04 0e xor BYTE PTR [esi+ecx*1], al
1440: 83 c1 01 add ecx, 0x1
1443: 83 f9 41 cmp ecx, 0x41
1446: 75 eb jne 0x1433
1448: cd 10 int 0x10
144a: be 5d 00 00 00 mov esi, 0x5d
144f: e9 99 ef ff ff jmp 0x3ed
1454: 8d 74 24 f5 lea esi, [esp-0xb]
1458: b9 2b 00 00 00 mov ecx, 0x2b
145d: bf 2f 00 00 00 mov edi, 0x2f
1462: 89 c8 mov eax, ecx
1464: 99 cdq
1465: f7 ff idiv edi
1467: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
146c: 30 04 0e xor BYTE PTR [esi+ecx*1], al
146f: 83 c1 01 add ecx, 0x1
1472: 83 f9 57 cmp ecx, 0x57
1475: 75 eb jne 0x1462
1477: cd 38 int 0x38
1479: be 31 00 00 00 mov esi, 0x31
147e: e9 6a ef ff ff jmp 0x3ed
1483: 8d 4c 24 08 lea ecx, [esp+0x8]
1487: be 18 00 00 00 mov esi, 0x18
148c: bf 2f 00 00 00 mov edi, 0x2f
1491: 89 f0 mov eax, esi
1493: 99 cdq
1494: f7 ff idiv edi
1496: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
149b: 30 04 31 xor BYTE PTR [ecx+esi*1], al
149e: 83 c6 01 add esi, 0x1
14a1: 83 fe 31 cmp esi, 0x31
14a4: 75 eb jne 0x1491
14a6: cd 36 int 0x36
14a8: be 23 00 00 00 mov esi, 0x23
14ad: e9 3b ef ff ff jmp 0x3ed
14b2: b9 17 00 00 00 mov ecx, 0x17
14b7: be 2f 00 00 00 mov esi, 0x2f
14bc: 89 c8 mov eax, ecx
14be: 99 cdq
14bf: f7 fe idiv esi
14c1: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
14c6: 30 44 0c 09 xor BYTE PTR [esp+ecx*1+0x9], al
14ca: 83 c1 01 add ecx, 0x1
14cd: 83 f9 2f cmp ecx, 0x2f
14d0: 75 ea jne 0x14bc
14d2: cd 21 int 0x21
14d4: be 4f 00 00 00 mov esi, 0x4f
14d9: e9 0f ef ff ff jmp 0x3ed
14de: 8d 4c 24 08 lea ecx, [esp+0x8]
14e2: be 18 00 00 00 mov esi, 0x18
14e7: bf 2f 00 00 00 mov edi, 0x2f
14ec: 89 f0 mov eax, esi
14ee: 99 cdq
14ef: f7 ff idiv edi
14f1: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
14f6: 30 04 31 xor BYTE PTR [ecx+esi*1], al
14f9: 83 c6 01 add esi, 0x1
14fc: 83 fe 31 cmp esi, 0x31
14ff: 75 eb jne 0x14ec
1501: cd 4a int 0x4a
1503: be 34 00 00 00 mov esi, 0x34
1508: e9 e0 ee ff ff jmp 0x3ed
150d: 8d 4c 24 1e lea ecx, [esp+0x1e]
1511: be 02 00 00 00 mov esi, 0x2
1516: bf 2f 00 00 00 mov edi, 0x2f
151b: 89 f0 mov eax, esi
151d: 99 cdq
151e: f7 ff idiv edi
1520: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1525: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1528: 83 c6 01 add esi, 0x1
152b: 83 fe 05 cmp esi, 0x5
152e: 75 eb jne 0x151b
1530: cd 2a int 0x2a
1532: be 19 00 00 00 mov esi, 0x19
1537: e9 b1 ee ff ff jmp 0x3ed
153c: 8d 4c 24 0f lea ecx, [esp+0xf]
1540: be 11 00 00 00 mov esi, 0x11
1545: bf 2f 00 00 00 mov edi, 0x2f
154a: 89 f0 mov eax, esi
154c: 99 cdq
154d: f7 ff idiv edi
154f: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1554: 30 04 31 xor BYTE PTR [ecx+esi*1], al
1557: 83 c6 01 add esi, 0x1
155a: 83 fe 23 cmp esi, 0x23
155d: 75 eb jne 0x154a
155f: cd 47 int 0x47
1561: be 08 00 00 00 mov esi, 0x8
1566: e9 82 ee ff ff jmp 0x3ed
156b: b9 0f 00 00 00 mov ecx, 0xf
1570: be 2f 00 00 00 mov esi, 0x2f
1575: 89 c8 mov eax, ecx
1577: 99 cdq
1578: f7 fe idiv esi
157a: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
157f: 30 44 0c 11 xor BYTE PTR [esp+ecx*1+0x11], al
1583: 83 c1 01 add ecx, 0x1
1586: 83 f9 1f cmp ecx, 0x1f
1589: 75 ea jne 0x1575
158b: cd 3e int 0x3e
158d: be 15 00 00 00 mov esi, 0x15
1592: e9 56 ee ff ff jmp 0x3ed
1597: b9 19 00 00 00 mov ecx, 0x19
159c: be 2f 00 00 00 mov esi, 0x2f
15a1: 89 c8 mov eax, ecx
15a3: 99 cdq
15a4: f7 fe idiv esi
15a6: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
15ab: 30 44 0c 07 xor BYTE PTR [esp+ecx*1+0x7], al
15af: 83 c1 01 add ecx, 0x1
15b2: 83 f9 33 cmp ecx, 0x33
15b5: 75 ea jne 0x15a1
15b7: cd 1d int 0x1d
15b9: be 03 00 00 00 mov esi, 0x3
15be: e9 2a ee ff ff jmp 0x3ed
15c3: 8d 4c 24 12 lea ecx, [esp+0x12]
15c7: be 0e 00 00 00 mov esi, 0xe
15cc: bf 2f 00 00 00 mov edi, 0x2f
15d1: 89 f0 mov eax, esi
15d3: 99 cdq
15d4: f7 ff idiv edi
15d6: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
15db: 30 04 31 xor BYTE PTR [ecx+esi*1], al
15de: 83 c6 01 add esi, 0x1
15e1: 83 fe 1d cmp esi, 0x1d
15e4: 75 eb jne 0x15d1
15e6: cd 2e int 0x2e
15e8: be 61 00 00 00 mov esi, 0x61
15ed: e9 fb ed ff ff jmp 0x3ed
15f2: 8d 4c 24 1e lea ecx, [esp+0x1e]
15f6: be 02 00 00 00 mov esi, 0x2
15fb: bf 2f 00 00 00 mov edi, 0x2f
1600: 89 f0 mov eax, esi
1602: 99 cdq
1603: f7 ff idiv edi
1605: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
160a: 30 04 31 xor BYTE PTR [ecx+esi*1], al
160d: 83 c6 01 add esi, 0x1
1610: 83 fe 05 cmp esi, 0x5
1613: 75 eb jne 0x1600
1615: cd 11 int 0x11
1617: be 1c 00 00 00 mov esi, 0x1c
161c: e9 cc ed ff ff jmp 0x3ed
1621: 8d 4c 24 0b lea ecx, [esp+0xb]
1625: be 15 00 00 00 mov esi, 0x15
162a: bf 2f 00 00 00 mov edi, 0x2f
162f: 89 f0 mov eax, esi
1631: 99 cdq
1632: f7 ff idiv edi
1634: 0f b6 44 14 20 movzx eax, BYTE PTR [esp+edx*1+0x20]
1639: 30 04 31 xor BYTE PTR [ecx+esi*1], al
163c: 83 c6 01 add esi, 0x1
163f: 83 fe 2b cmp esi, 0x2b
1642: 75 eb jne 0x162f
1644: cd 3f int 0x3f
1646: be 22 00 00 00 mov esi, 0x22
164b: e9 .byte 0xe9
```
主要可以知道的是shellcode 會根據ESI的狀態跳到對應的地方並且進行區間跟自己的xor
因此我們需要先抓所有eip所變化的所有狀態
```python
def hook_exception(uc, exception_type, user_data):
global ck,cmp_collet
if ck == 1 and exception_type == 0x2d:
#uc.emu_stop()
return 0
if exception_type == 0x2d:
ck = 1
EIP = ADDRESS_CODE
ESI = exception_type
print(f"[STATE] ESI ← 0x{exception_type:02X}")
cmp_collet=False
uc.reg_write(UC_X86_REG_EIP, EIP)
uc.reg_write(UC_X86_REG_ESI, ESI)
return 0先把ESI的每個狀態輸出出來
??? note “Unicorn esi” [STATE] ESI ← 0x61 [STATE] ESI ← 0x10 [STATE] ESI ← 0x37 [STATE] ESI ← 0x1F [STATE] ESI ← 0x31 [STATE] ESI ← 0x13 [STATE] ESI ← 0x56 [STATE] ESI ← 0x54 [STATE] ESI ← 0x2D [STATE] ESI ← 0x36 [STATE] ESI ← 0x12 [STATE] ESI ← 0x40 [STATE] ESI ← 0x0E [STATE] ESI ← 0x39 [STATE] ESI ← 0x0F [STATE] ESI ← 0x03 [STATE] ESI ← 0x27 [STATE] ESI ← 0x18 [STATE] ESI ← 0x58 [STATE] ESI ← 0x3B [STATE] ESI ← 0x55 [STATE] ESI ← 0x48 [STATE] ESI ← 0x0A [STATE] ESI ← 0x1C [STATE] ESI ← 0x1B [STATE] ESI ← 0x2F [STATE] ESI ← 0x5C [STATE] ESI ← 0x20 [STATE] ESI ← 0x2B [STATE] ESI ← 0x50 [STATE] ESI ← 0x44 [STATE] ESI ← 0x2E [STATE] ESI ← 0x1D [STATE] ESI ← 0x5E [STATE] ESI ← 0x21 [STATE] ESI ← 0x47 [STATE] ESI ← 0x17 [STATE] ESI ← 0x01 [STATE] ESI ← 0x52 [STATE] ESI ← 0x3F [STATE] ESI ← 0x16 [STATE] ESI ← 0x4C [STATE] ESI ← 0x0D [STATE] ESI ← 0x23 [STATE] ESI ← 0x34 [STATE] ESI ← 0x49 [STATE] ESI ← 0x43 [STATE] ESI ← 0x28 [STATE] ESI ← 0x30 [STATE] ESI ← 0x33 [STATE] ESI ← 0x4A [STATE] ESI ← 0x0B [STATE] ESI ← 0x4B [STATE] ESI ← 0x32 [STATE] ESI ← 0x24 [STATE] ESI ← 0x51 [STATE] ESI ← 0x4D [STATE] ESI ← 0x64 [STATE] ESI ← 0x5A [STATE] ESI ← 0x3A [STATE] ESI ← 0x04 [STATE] ESI ← 0x26 [STATE] ESI ← 0x35 [STATE] ESI ← 0x46 [STATE] ESI ← 0x60 [STATE] ESI ← 0x11 [STATE] ESI ← 0x07 [STATE] ESI ← 0x3E [STATE] ESI ← 0x45 [STATE] ESI ← 0x2A [STATE] ESI ← 0x19 [STATE] ESI ← 0x4E [STATE] ESI ← 0x22 [STATE] ESI ← 0x5F [STATE] ESI ← 0x25 [STATE] ESI ← 0x41 [STATE] ESI ← 0x53 [STATE] ESI ← 0x2C [STATE] ESI ← 0x09 [STATE] ESI ← 0x3C [STATE] ESI ← 0x1E [STATE] ESI ← 0x14
接下來要取得xor會從哪裡到哪裡,在shellcode中是使用mov esi XXX 以及cmp ecx YYY ,代表XXX 到YYY 進行xor
def hook_mov_esi(uc, address, size, user_data):
# 读出当前指令的机器码
global cmp_collet
mc = uc.mem_read(address, size)
# 机器码前 1 字节是 0xBE (mov esi, imm32),后面 4 字节是 little-endian 的 imm32
if mc[0] == 0xBE:
imm = int.from_bytes(mc[1:5], 'little')
print(f"[HOOK MOV] @0x{address:08x}: mov esi, {hex(imm)}")
cmp_collet = False
if mc[0] == 0xB9:
imm = int.from_bytes(mc[1:5], 'little')
print(f"[HOOK MOV] @0x{address:08x}: mov esi, {hex(imm)}")
cmp_collet = False
if mc[0] == 0xBF:
imm = int.from_bytes(mc[1:5], 'little')
if(imm != 0x2f):
print(f"[HOOK MOV] @0x{address:08x}: mov esi, {hex(imm)}")
cmp_collet = False
def hook_cmp_esi(uc, address, size, user_data):
global cmp_collet
mc = uc.mem_read(address, size)
if(cmp_collet == True):
return 0
# cmp esi, imm8 的编码是 0x83 0xFE imm8
if mc[0] == 0x83 and mc[1] == 0xFE:
imm8 = mc[2]
print(f"[HOOK CMP] @0x{address:08x}: cmp esi, {hex(imm8)}")
cmp_collet = True
return 0
if mc[0] == 0x83 and mc[1] == 0xf9:
imm8 = mc[2]
print(f"[HOOK CMP] @0x{address:08x}: cmp esi, {hex(imm8)}")
cmp_collet = True
return 0
mu.hook_add(UC_HOOK_CODE, hook_mov_esi, None, 1, 0, UC_X86_INS_CPUID)
mu.hook_add(UC_HOOK_CODE, hook_cmp_esi, None, 0x1000380, ADDRESS_CODE + CODE_SIZE, UC_X86_INS_CPUID)??? note “Unicorn cmp mov”python [HOOK MOV] @0x010013fc: mov esi, 0x28 [HOOK CMP] @0x01001416: cmp esi, 0x51 [STATE] ESI ← 0x61 [HOOK MOV] @0x01001427: mov esi, 0x20 [HOOK CMP] @0x01001443: cmp esi, 0x41 [STATE] ESI ← 0x10 [HOOK MOV] @0x01000a7f: mov esi, 0x18 [HOOK CMP] @0x01000a99: cmp esi, 0x31 [STATE] ESI ← 0x37 [HOOK MOV] @0x01000eae: mov esi, 0x24 [HOOK CMP] @0x01000ec8: cmp esi, 0x49 [STATE] ESI ← 0x1F [HOOK MOV] @0x010007c4: mov esi, 0x1d [HOOK CMP] @0x010007de: cmp esi, 0x3b [STATE] ESI ← 0x31 [HOOK MOV] @0x01000589: mov esi, 0x12 [HOOK MOV] @0x0100058e: mov esi, 0xae4c415d [HOOK CMP] @0x010005b6: cmp esi, 0x25 [STATE] ESI ← 0x13 [HOOK MOV] @0x010009f2: mov esi, 0xd [HOOK CMP] @0x01000a0c: cmp esi, 0x1b [STATE] ESI ← 0x56 [HOOK MOV] @0x010008a9: mov esi, 0x24 [HOOK CMP] @0x010008c3: cmp esi, 0x49 [STATE] ESI ← 0x54 [HOOK MOV] @0x010010b0: mov esi, 0xb [HOOK CMP] @0x010010ca: cmp esi, 0x17 [HOOK MOV] @0x010010d1: mov esi, 0x2e [HOOK MOV] @0x01000654: mov esi, 0x1d [HOOK CMP] @0x0100066e: cmp esi, 0x3b [STATE] ESI ← 0x2D [HOOK MOV] @0x01001487: mov esi, 0x18 [HOOK CMP] @0x010014a1: cmp esi, 0x31 [STATE] ESI ← 0x36 [HOOK MOV] @0x010004a6: mov esi, 0x1f [HOOK MOV] @0x010004ab: mov esi, 0xae4c415d [HOOK CMP] @0x010004d4: cmp esi, 0x3f [STATE] ESI ← 0x12 [HOOK MOV] @0x01001286: mov esi, 0x15 [HOOK CMP] @0x010012a0: cmp esi, 0x2b [STATE] ESI ← 0x40 [HOOK MOV] @0x01001052: mov esi, 0xe [HOOK CMP] @0x0100106c: cmp esi, 0x1d [STATE] ESI ← 0x0E [HOOK MOV] @0x01000d5b: mov esi, 0x2a [HOOK CMP] @0x01000d75: cmp esi, 0x55 [STATE] ESI ← 0x39 [HOOK MOV] @0x01000f3b: mov esi, 0x14 [HOOK CMP] @0x01000f55: cmp esi, 0x29 [STATE] ESI ← 0x0F [HOOK MOV] @0x010005cb: mov esi, 0xb [HOOK CMP] @0x010005e5: cmp esi, 0x17 [STATE] ESI ← 0x03 [HOOK MOV] @0x010011f9: mov esi, 0x6 [HOOK CMP] @0x01001213: cmp esi, 0xd [STATE] ESI ← 0x27 [HOOK MOV] @0x01000db9: mov esi, 0x1a [HOOK CMP] @0x01000dd3: cmp esi, 0x35 [STATE] ESI ← 0x18 [HOOK CMP] @0x010007af: cmp esi, 0x31 [STATE] ESI ← 0x58 [HOOK MOV] @0x010010df: mov esi, 0x18 [HOOK CMP] @0x010010f9: cmp esi, 0x31 [STATE] ESI ← 0x3B [HOOK MOV] @0x0100136f: mov esi, 0x1d [HOOK CMP] @0x01001389: cmp esi, 0x3b [STATE] ESI ← 0x55 [HOOK MOV] @0x0100076b: mov esi, 0x1d [HOOK CMP] @0x01000785: cmp esi, 0x3b [STATE] ESI ← 0x48 [HOOK MOV] @0x01000936: mov esi, 0xe [HOOK CMP] @0x01000950: cmp esi, 0x1d [STATE] ESI ← 0x0A [HOOK MOV] @0x0100081b: mov esi, 0x3 [HOOK MOV] @0x01000820: mov esi, 0x2f [HOOK CMP] @0x01000836: cmp esi, 0x7 [STATE] ESI ← 0x1C [HOOK MOV] @0x01001257: mov esi, 0x18 [HOOK CMP] @0x01001271: cmp esi, 0x31 [STATE] ESI ← 0x1B [HOOK MOV] @0x010008d8: mov esi, 0x8 [HOOK CMP] @0x010008f2: cmp esi, 0x11 [STATE] ESI ← 0x2F [HOOK MOV] @0x01000ca7: mov esi, 0x8 [HOOK CMP] @0x01000cc1: cmp esi, 0x11 [STATE] ESI ← 0x5C [HOOK MOV] @0x01001228: mov esi, 0x29 [HOOK CMP] @0x01001242: cmp esi, 0x53 [STATE] ESI ← 0x20 [HOOK MOV] @0x010003b0: mov esi, 0xb [HOOK MOV] @0x010003b5: mov esi, 0xae4c415d [HOOK CMP] @0x010003e1: cmp esi, 0x17 [STATE] ESI ← 0x2B [HOOK MOV] @0x010006e1: mov esi, 0xd [HOOK CMP] @0x010006fb: cmp esi, 0x1b [STATE] ESI ← 0x50 [HOOK MOV] @0x010005f9: mov esi, 0x12 [HOOK CMP] @0x01000613: cmp esi, 0x25 [STATE] ESI ← 0x44 [HOOK MOV] @0x010015c7: mov esi, 0xe [HOOK CMP] @0x010015e1: cmp esi, 0x1d [STATE] ESI ← 0x2E [HOOK MOV] @0x01001597: mov esi, 0x19 [HOOK MOV] @0x0100159c: mov esi, 0x2f [HOOK CMP] @0x010015b2: cmp esi, 0x33 [STATE] ESI ← 0x1D [HOOK MOV] @0x01000a21: mov esi, 0x2 [HOOK CMP] @0x01000a3b: cmp esi, 0x5 [STATE] ESI ← 0x5E [HOOK MOV] @0x010014b2: mov esi, 0x17 [HOOK MOV] @0x010014b7: mov esi, 0x2f [HOOK CMP] @0x010014cd: cmp esi, 0x2f [STATE] ESI ← 0x21 [HOOK MOV] @0x01001540: mov esi, 0x11 [HOOK CMP] @0x0100155a: cmp esi, 0x23 [STATE] ESI ← 0x47 [HOOK MOV] @0x01000cd6: mov esi, 0x28 [HOOK CMP] @0x01000cf0: cmp esi, 0x51 [STATE] ESI ← 0x17 [HOOK MOV] @0x0100073c: mov esi, 0x11 [HOOK CMP] @0x01000756: cmp esi, 0x23 [STATE] ESI ← 0x01 [HOOK MOV] @0x01000994: mov esi, 0x4 [HOOK CMP] @0x010009ae: cmp esi, 0x9 [STATE] ESI ← 0x52 [HOOK MOV] @0x01001625: mov esi, 0x15 [HOOK CMP] @0x0100163f: cmp esi, 0x2b [STATE] ESI ← 0x3F [HOOK MOV] @0x0100110e: mov esi, 0x16 [HOOK CMP] @0x01001128: cmp esi, 0x2d [STATE] ESI ← 0x16 [HOOK MOV] @0x01000683: mov esi, 0x2b [HOOK CMP] @0x0100069d: cmp esi, 0x57 [STATE] ESI ← 0x4C [HOOK MOV] @0x010012e0: mov esi, 0x20 [HOOK CMP] @0x010012fc: cmp esi, 0x41 [STATE] ESI ← 0x0D [HOOK MOV] @0x01000429: mov esi, 0x13 [HOOK MOV] @0x0100042e: mov esi, 0xae4c415d [HOOK CMP] @0x01000456: cmp esi, 0x27 [STATE] ESI ← 0x23 [HOOK MOV] @0x01000edd: mov esi, 0xc [HOOK CMP] @0x01000ef7: cmp esi, 0x19 [STATE] ESI ← 0x34 [HOOK MOV] @0x0100070c: mov esi, 0x2d [HOOK MOV] @0x01000711: mov esi, 0x2f [HOOK CMP] @0x01000727: cmp esi, 0x5b [STATE] ESI ← 0x49 [HOOK MOV] @0x01000907: mov esi, 0x24 [HOOK CMP] @0x01000921: cmp esi, 0x49 [STATE] ESI ← 0x43 [HOOK MOV] @0x01000f66: mov esi, 0x23 [HOOK MOV] @0x01000f6b: mov esi, 0x2f [HOOK CMP] @0x01000f81: cmp esi, 0x47 [STATE] ESI ← 0x28 [HOOK MOV] @0x01000b64: mov esi, 0x16 [HOOK CMP] @0x01000b7e: cmp esi, 0x2d [STATE] ESI ← 0x30 [HOOK MOV] @0x01000c78: mov esi, 0x2b [HOOK CMP] @0x01000c92: cmp esi, 0x57 [STATE] ESI ← 0x33 [HOOK MOV] @0x010014e2: mov esi, 0x18 [HOOK CMP] @0x010014fc: cmp esi, 0x31 [STATE] ESI ← 0x4A [HOOK MOV] @0x01000624: mov esi, 0x1b [HOOK MOV] @0x01000629: mov esi, 0x2f [HOOK CMP] @0x0100063f: cmp esi, 0x37 [STATE] ESI ← 0x0B [HOOK MOV] @0x010009c3: mov esi, 0x8 [HOOK CMP] @0x010009dd: cmp esi, 0x11 [STATE] ESI ← 0x4B [HOOK MOV] @0x010013cd: mov esi, 0x6 [HOOK CMP] @0x010013e7: cmp esi, 0xd [STATE] ESI ← 0x32 [HOOK MOV] @0x01000fc5: mov esi, 0x13 [HOOK CMP] @0x01000fdf: cmp esi, 0x27 [STATE] ESI ← 0x24 [HOOK MOV] @0x01000384: mov esi, 0x26 [HOOK CMP] @0x0100039e: cmp esi, 0x4d [STATE] ESI ← 0x51 [HOOK MOV] @0x01000de8: mov esi, 0x15 [HOOK CMP] @0x01000e02: cmp esi, 0x2b [STATE] ESI ← 0x4D [HOOK MOV] @0x0100116c: mov esi, 0x1d [HOOK CMP] @0x01001186: cmp esi, 0x3b [STATE] ESI ← 0x64 [HOOK MOV] @0x01000a50: mov esi, 0x16 [HOOK CMP] @0x01000a6a: cmp esi, 0x2d [STATE] ESI ← 0x5A [HOOK MOV] @0x010004e9: mov esi, 0x4 [HOOK CMP] @0x01000503: cmp esi, 0x9 [STATE] ESI ← 0x3A [HOOK MOV] @0x01000965: mov esi, 0x2 [HOOK CMP] @0x0100097f: cmp esi, 0x5 [STATE] ESI ← 0x04 [HOOK MOV] @0x01000c48: mov esi, 0xa [HOOK MOV] @0x01000c4d: mov esi, 0x2f [HOOK CMP] @0x01000c63: cmp esi, 0x15 [STATE] ESI ← 0x26 [HOOK MOV] @0x0100087a: mov esi, 0x9 [HOOK CMP] @0x01000894: cmp esi, 0x13 [STATE] ESI ← 0x35 [HOOK MOV] @0x01000b35: mov esi, 0x24 [HOOK CMP] @0x01000b4f: cmp esi, 0x49 [STATE] ESI ← 0x46 [HOOK MOV] @0x01000f96: mov esi, 0x2c [HOOK CMP] @0x01000fb0: cmp esi, 0x59 [STATE] ESI ← 0x60 [HOOK MOV] @0x010015f6: mov esi, 0x2 [HOOK CMP] @0x01001610: cmp esi, 0x5 [STATE] ESI ← 0x11 [HOOK CMP] @0x01000d46: cmp esi, 0x23 [STATE] ESI ← 0x07 [HOOK MOV] @0x0100156b: mov esi, 0xf [HOOK MOV] @0x01001570: mov esi, 0x2f [HOOK CMP] @0x01001586: cmp esi, 0x1f [STATE] ESI ← 0x3E [HOOK MOV] @0x01000bed: mov esi, 0x22 [HOOK MOV] @0x01000bf2: mov esi, 0x2f [HOOK CMP] @0x01000c08: cmp esi, 0x45 [STATE] ESI ← 0x45 [HOOK MOV] @0x01001511: mov esi, 0x2 [HOOK CMP] @0x0100152b: cmp esi, 0x5 [STATE] ESI ← 0x2A [HOOK MOV] @0x01000e7f: mov esi, 0x14 [HOOK CMP] @0x01000e99: cmp esi, 0x29 [STATE] ESI ← 0x19 [HOOK MOV] @0x010012b5: mov esi, 0xd [HOOK CMP] @0x010012cf: cmp esi, 0x1b [STATE] ESI ← 0x4E [HOOK MOV] @0x0100119b: mov esi, 0x26 [HOOK CMP] @0x010011b5: cmp esi, 0x4d [STATE] ESI ← 0x22 [HOOK MOV] @0x0100139e: mov esi, 0x9 [HOOK CMP] @0x010013b8: cmp esi, 0x13 [STATE] ESI ← 0x5F [HOOK MOV] @0x01000aaa: mov esi, 0x27 [HOOK MOV] @0x01000aaf: mov esi, 0x2f [HOOK CMP] @0x01000ac5: cmp esi, 0x4f [STATE] ESI ← 0x25 [HOOK MOV] @0x01001311: mov esi, 0x1a [HOOK CMP] @0x0100132b: cmp esi, 0x35 [STATE] ESI ← 0x41 [HOOK MOV] @0x01000b05: mov esi, 0x21 [HOOK MOV] @0x01000b0a: mov esi, 0x2f [HOOK CMP] @0x01000b20: cmp esi, 0x43 [STATE] ESI ← 0x53 [HOOK MOV] @0x01000f0c: mov esi, 0x2a [HOOK CMP] @0x01000f26: cmp esi, 0x55 [STATE] ESI ← 0x2C [HOOK MOV] @0x01000c1d: mov esi, 0x13 [HOOK CMP] @0x01000c37: cmp esi, 0x27 [STATE] ESI ← 0x09 [HOOK MOV] @0x010007ef: mov esi, 0x2e [HOOK MOV] @0x010007f4: mov esi, 0x2f [HOOK CMP] @0x0100080a: cmp esi, 0x5d [STATE] ESI ← 0x3C [HOOK MOV] @0x01001340: mov esi, 0x18 [HOOK CMP] @0x0100135a: cmp esi, 0x31 [STATE] ESI ← 0x1E [STATE] ESI ← 0x14 [HOOK MOV] @0x0100084b: mov esi, 0x29 [HOOK CMP] @0x01000865: cmp esi, 0x53 [HOOK MOV] @0x01000654: mov esi, 0x1d [HOOK CMP] @0x0100066e: cmp esi, 0x3b [HOOK MOV] @0x01000675: mov esi, 0x11
再來要知道他是怎麼進行XOR加密的
def hook_xor_insn(uc, address, size, user_data):
mc = uc.mem_read(address, size)
if mc.startswith(b'\x30\x04'):
eip = address
ecx = uc.reg_read(UC_X86_REG_ECX)
esi = uc.reg_read(UC_X86_REG_ESI)
dest = ecx + esi
old = uc.mem_read(dest, 1)[0]
al = uc.reg_read(UC_X86_REG_EAX) & 0xff
result = old ^ al
print(f"[XOR @0x{eip:x}] MEM[0x{dest:x}] 0x{old:02x} ^ AL(0x{al:02x}) → 0x{result:02x}")
after = uc.mem_read(dest,1)[0]
print(f" 寫入後 MEM = 0x{after:02x}")
def hook_mem_write(uc, access, addr, size, value, user_data):
print(f"[WRITE] @0x{addr:x} ← 0x{value:02x}")
mu.hook_add(UC_HOOK_CODE, hook_xor_insn,None , 1,0,UC_X86_INS_CPUID)
mu.hook_add(UC_HOOK_MEM_WRITE, hook_mem_write)
??? note “Unicorn XOE dump” Unicorn CHAL By:ShallowFeather Enter the flag: --- Starting emulation --- [HOOK MOV] @0x010013fc: mov esi, 0x28 [XOR @0x1001410] MEM[0x2003f20] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01001416: cmp esi, 0x51 [XOR @0x1001410] MEM[0x2003f21] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1001410] MEM[0x2003f22] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x33 [XOR @0x1001410] MEM[0x2003f23] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1001410] MEM[0x2003f24] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1001410] MEM[0x2003f25] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x33 [XOR @0x1001410] MEM[0x2003f26] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1001410] MEM[0x2003f27] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1001410] MEM[0x2003f28] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1001410] MEM[0x2003f29] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1001410] MEM[0x2003f2a] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x03 [XOR @0x1001410] MEM[0x2003f2b] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2b ← 0x01 [XOR @0x1001410] MEM[0x2003f2c] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1001410] MEM[0x2003f2d] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2d ← 0x03 [XOR @0x1001410] MEM[0x2003f2e] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1001410] MEM[0x2003f2f] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1001410] MEM[0x2003f30] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x30 [XOR @0x1001410] MEM[0x2003f31] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x30 [XOR @0x1001410] MEM[0x2003f32] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x30 [XOR @0x1001410] MEM[0x2003f33] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x30 [XOR @0x1001410] MEM[0x2003f34] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x30 [XOR @0x1001410] MEM[0x2003f35] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f35 ← 0x30 [XOR @0x1001410] MEM[0x2003f36] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x30 [XOR @0x1001410] MEM[0x2003f37] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x30 [XOR @0x1001410] MEM[0x2003f38] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f38 ← 0x30 [XOR @0x1001410] MEM[0x2003f39] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f39 ← 0x30 [XOR @0x1001410] MEM[0x2003f3a] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3a ← 0x30 [XOR @0x1001410] MEM[0x2003f3b] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3b ← 0x30 [XOR @0x1001410] MEM[0x2003f3c] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1001410] MEM[0x2003f3d] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3d ← 0x30 [XOR @0x1001410] MEM[0x2003f3e] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x30 [XOR @0x1001410] MEM[0x2003f3f] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3f ← 0x30 [XOR @0x1001410] MEM[0x2003f40] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f40 ← 0x30 [XOR @0x1001410] MEM[0x2003f41] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f41 ← 0x30 [XOR @0x1001410] MEM[0x2003f42] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f42 ← 0x30 [XOR @0x1001410] MEM[0x2003f43] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f43 ← 0x30 [XOR @0x1001410] MEM[0x2003f44] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f44 ← 0x30 [XOR @0x1001410] MEM[0x2003f45] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f45 ← 0x30 [XOR @0x1001410] MEM[0x2003f46] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f46 ← 0x30 [XOR @0x1001410] MEM[0x2003f47] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f47 ← 0x30 [XOR @0x1001410] MEM[0x2003f48] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f48 ← 0x30 [STATE] ESI ← 0x61 [HOOK MOV] @0x01001427: mov esi, 0x20 [XOR @0x100143d] MEM[0x2003f20] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x01001443: cmp esi, 0x41 [XOR @0x100143d] MEM[0x2003f21] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x02 [XOR @0x100143d] MEM[0x2003f22] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x03 [XOR @0x100143d] MEM[0x2003f23] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x01 [XOR @0x100143d] MEM[0x2003f24] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x02 [XOR @0x100143d] MEM[0x2003f25] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100143d] MEM[0x2003f26] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x01 [XOR @0x100143d] MEM[0x2003f27] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x33 [XOR @0x100143d] MEM[0x2003f28] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x31 [XOR @0x100143d] MEM[0x2003f29] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x02 [XOR @0x100143d] MEM[0x2003f2a] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x03 [XOR @0x100143d] MEM[0x2003f2b] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x01 [XOR @0x100143d] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x100143d] MEM[0x2003f2d] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x03 [XOR @0x100143d] MEM[0x2003f2e] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x30 [XOR @0x100143d] MEM[0x2003f2f] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x31 [XOR @0x100143d] MEM[0x2003f30] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x32 [XOR @0x100143d] MEM[0x2003f31] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f31 ← 0x33 [XOR @0x100143d] MEM[0x2003f32] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f32 ← 0x31 [XOR @0x100143d] MEM[0x2003f33] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x32 [XOR @0x100143d] MEM[0x2003f34] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f34 ← 0x33 [XOR @0x100143d] MEM[0x2003f35] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x31 [XOR @0x100143d] MEM[0x2003f36] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f36 ← 0x03 [XOR @0x100143d] MEM[0x2003f37] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f37 ← 0x01 [XOR @0x100143d] MEM[0x2003f38] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f38 ← 0x32 [XOR @0x100143d] MEM[0x2003f39] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f39 ← 0x33 [XOR @0x100143d] MEM[0x2003f3a] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f3a ← 0x31 [XOR @0x100143d] MEM[0x2003f3b] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f3b ← 0x32 [XOR @0x100143d] MEM[0x2003f3c] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f3c ← 0x33 [XOR @0x100143d] MEM[0x2003f3d] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f3d ← 0x00 [XOR @0x100143d] MEM[0x2003f3e] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f3e ← 0x01 [XOR @0x100143d] MEM[0x2003f3f] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f3f ← 0x02 [XOR @0x100143d] MEM[0x2003f40] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f40 ← 0x03 [STATE] ESI ← 0x10 [HOOK MOV] @0x01000a7f: mov esi, 0x18 [XOR @0x1000a93] MEM[0x2003f20] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x01000a99: cmp esi, 0x31 [XOR @0x1000a93] MEM[0x2003f21] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1000a93] MEM[0x2003f22] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f22 ← 0x32 [XOR @0x1000a93] MEM[0x2003f23] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x33 [XOR @0x1000a93] MEM[0x2003f24] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x31 [XOR @0x1000a93] MEM[0x2003f25] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1000a93] MEM[0x2003f26] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1000a93] MEM[0x2003f27] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x31 [XOR @0x1000a93] MEM[0x2003f28] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x32 [XOR @0x1000a93] MEM[0x2003f29] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1000a93] MEM[0x2003f2a] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000a93] MEM[0x2003f2b] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x31 [XOR @0x1000a93] MEM[0x2003f2c] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1000a93] MEM[0x2003f2d] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1000a93] MEM[0x2003f2e] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x00 [XOR @0x1000a93] MEM[0x2003f2f] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x01 [XOR @0x1000a93] MEM[0x2003f30] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x02 [XOR @0x1000a93] MEM[0x2003f31] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x33 [XOR @0x1000a93] MEM[0x2003f32] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x31 [XOR @0x1000a93] MEM[0x2003f33] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x32 [XOR @0x1000a93] MEM[0x2003f34] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x33 [XOR @0x1000a93] MEM[0x2003f35] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x31 [XOR @0x1000a93] MEM[0x2003f36] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x03 [XOR @0x1000a93] MEM[0x2003f37] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f37 ← 0x32 [XOR @0x1000a93] MEM[0x2003f38] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f38 ← 0x03 [STATE] ESI ← 0x37 [HOOK MOV] @0x01000eae: mov esi, 0x24 [XOR @0x1000ec2] MEM[0x2003f20] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01000ec8: cmp esi, 0x49 [XOR @0x1000ec2] MEM[0x2003f21] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f22] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000ec2] MEM[0x2003f23] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f23 ← 0x03 [XOR @0x1000ec2] MEM[0x2003f24] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f25] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1000ec2] MEM[0x2003f26] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1000ec2] MEM[0x2003f27] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x31 [XOR @0x1000ec2] MEM[0x2003f28] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x32 [XOR @0x1000ec2] MEM[0x2003f29] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1000ec2] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000ec2] MEM[0x2003f2b] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000ec2] MEM[0x2003f2c] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1000ec2] MEM[0x2003f2d] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x31 [XOR @0x1000ec2] MEM[0x2003f2e] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1000ec2] MEM[0x2003f2f] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x00 [XOR @0x1000ec2] MEM[0x2003f30] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f31] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x33 [XOR @0x1000ec2] MEM[0x2003f32] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x00 [XOR @0x1000ec2] MEM[0x2003f33] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x00 [XOR @0x1000ec2] MEM[0x2003f34] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f35] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x02 [XOR @0x1000ec2] MEM[0x2003f36] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x31 [XOR @0x1000ec2] MEM[0x2003f37] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f38] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f38 ← 0x32 [XOR @0x1000ec2] MEM[0x2003f39] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f39 ← 0x30 [XOR @0x1000ec2] MEM[0x2003f3a] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f3a ← 0x31 [XOR @0x1000ec2] MEM[0x2003f3b] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000ec2] MEM[0x2003f3c] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f3c ← 0x00 [XOR @0x1000ec2] MEM[0x2003f3d] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f3d ← 0x00 [XOR @0x1000ec2] MEM[0x2003f3e] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f3e ← 0x01 [XOR @0x1000ec2] MEM[0x2003f3f] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f3f ← 0x03 [XOR @0x1000ec2] MEM[0x2003f40] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f40 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f41] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f41 ← 0x01 [XOR @0x1000ec2] MEM[0x2003f42] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f42 ← 0x31 [XOR @0x1000ec2] MEM[0x2003f43] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f43 ← 0x02 [XOR @0x1000ec2] MEM[0x2003f44] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f44 ← 0x00 [STATE] ESI ← 0x1F [HOOK MOV] @0x010007c4: mov esi, 0x1d [XOR @0x10007d8] MEM[0x2003f20] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x010007de: cmp esi, 0x3b [XOR @0x10007d8] MEM[0x2003f21] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x00 [XOR @0x10007d8] MEM[0x2003f22] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x01 [XOR @0x10007d8] MEM[0x2003f23] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10007d8] MEM[0x2003f24] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x00 [XOR @0x10007d8] MEM[0x2003f25] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x32 [XOR @0x10007d8] MEM[0x2003f26] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x02 [XOR @0x10007d8] MEM[0x2003f27] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x31 [XOR @0x10007d8] MEM[0x2003f28] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x02 [XOR @0x10007d8] MEM[0x2003f29] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x02 [XOR @0x10007d8] MEM[0x2003f2a] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x03 [XOR @0x10007d8] MEM[0x2003f2b] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x02 [XOR @0x10007d8] MEM[0x2003f2c] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x33 [XOR @0x10007d8] MEM[0x2003f2d] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x31 [XOR @0x10007d8] MEM[0x2003f2e] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x03 [XOR @0x10007d8] MEM[0x2003f2f] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x00 [XOR @0x10007d8] MEM[0x2003f30] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x01 [XOR @0x10007d8] MEM[0x2003f31] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x33 [XOR @0x10007d8] MEM[0x2003f32] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x03 [XOR @0x10007d8] MEM[0x2003f33] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x00 [XOR @0x10007d8] MEM[0x2003f34] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x00 [XOR @0x10007d8] MEM[0x2003f35] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f35 ← 0x00 [XOR @0x10007d8] MEM[0x2003f36] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f36 ← 0x31 [XOR @0x10007d8] MEM[0x2003f37] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f37 ← 0x33 [XOR @0x10007d8] MEM[0x2003f38] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f38 ← 0x30 [XOR @0x10007d8] MEM[0x2003f39] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f39 ← 0x01 [XOR @0x10007d8] MEM[0x2003f3a] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3a ← 0x33 [XOR @0x10007d8] MEM[0x2003f3b] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f3b ← 0x31 [XOR @0x10007d8] MEM[0x2003f3c] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x03 [XOR @0x10007d8] MEM[0x2003f3d] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f3d ← 0x02 [STATE] ESI ← 0x31 [HOOK MOV] @0x01000589: mov esi, 0x12 [HOOK MOV] @0x0100058e: mov esi, 0xae4c415d [XOR @0x10005b0] MEM[0x2003f20] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x010005b6: cmp esi, 0x25 [XOR @0x10005b0] MEM[0x2003f21] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x00 [XOR @0x10005b0] MEM[0x2003f22] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x01 [XOR @0x10005b0] MEM[0x2003f23] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10005b0] MEM[0x2003f24] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x31 [XOR @0x10005b0] MEM[0x2003f25] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x01 [XOR @0x10005b0] MEM[0x2003f26] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f26 ← 0x32 [XOR @0x10005b0] MEM[0x2003f27] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10005b0] MEM[0x2003f28] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10005b0] MEM[0x2003f29] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x33 [XOR @0x10005b0] MEM[0x2003f2a] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x00 [XOR @0x10005b0] MEM[0x2003f2b] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x00 [XOR @0x10005b0] MEM[0x2003f2c] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x32 [XOR @0x10005b0] MEM[0x2003f2d] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x32 [XOR @0x10005b0] MEM[0x2003f2e] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x02 [XOR @0x10005b0] MEM[0x2003f2f] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x01 [XOR @0x10005b0] MEM[0x2003f30] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x30 [XOR @0x10005b0] MEM[0x2003f31] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x31 [XOR @0x10005b0] MEM[0x2003f32] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f32 ← 0x03 [STATE] ESI ← 0x13 [HOOK MOV] @0x010009f2: mov esi, 0xd [XOR @0x1000a06] MEM[0x2003f20] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x01000a0c: cmp esi, 0x1b [XOR @0x1000a06] MEM[0x2003f21] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x02 [XOR @0x1000a06] MEM[0x2003f22] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x00 [XOR @0x1000a06] MEM[0x2003f23] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x32 [XOR @0x1000a06] MEM[0x2003f24] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x00 [XOR @0x1000a06] MEM[0x2003f25] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x02 [XOR @0x1000a06] MEM[0x2003f26] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x32 [XOR @0x1000a06] MEM[0x2003f27] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000a06] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1000a06] MEM[0x2003f29] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1000a06] MEM[0x2003f2a] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000a06] MEM[0x2003f2b] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x30 [XOR @0x1000a06] MEM[0x2003f2c] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1000a06] MEM[0x2003f2d] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f2d ← 0x01 [STATE] ESI ← 0x56 [HOOK MOV] @0x010008a9: mov esi, 0x24 [XOR @0x10008bd] MEM[0x2003f20] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x010008c3: cmp esi, 0x49 [XOR @0x10008bd] MEM[0x2003f21] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x32 [XOR @0x10008bd] MEM[0x2003f22] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x30 [XOR @0x10008bd] MEM[0x2003f23] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10008bd] MEM[0x2003f24] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x30 [XOR @0x10008bd] MEM[0x2003f25] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x02 [XOR @0x10008bd] MEM[0x2003f26] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x32 [XOR @0x10008bd] MEM[0x2003f27] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10008bd] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10008bd] MEM[0x2003f29] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x02 [XOR @0x10008bd] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x10008bd] MEM[0x2003f2b] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2b ← 0x02 [XOR @0x10008bd] MEM[0x2003f2c] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x01 [XOR @0x10008bd] MEM[0x2003f2d] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x31 [XOR @0x10008bd] MEM[0x2003f2e] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f2e ← 0x00 [XOR @0x10008bd] MEM[0x2003f2f] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x31 [XOR @0x10008bd] MEM[0x2003f30] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x32 [XOR @0x10008bd] MEM[0x2003f31] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x03 [XOR @0x10008bd] MEM[0x2003f32] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f32 ← 0x33 [XOR @0x10008bd] MEM[0x2003f33] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x31 [XOR @0x10008bd] MEM[0x2003f34] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f34 ← 0x02 [XOR @0x10008bd] MEM[0x2003f35] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f35 ← 0x33 [XOR @0x10008bd] MEM[0x2003f36] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f36 ← 0x33 [XOR @0x10008bd] MEM[0x2003f37] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f37 ← 0x32 [XOR @0x10008bd] MEM[0x2003f38] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f38 ← 0x01 [XOR @0x10008bd] MEM[0x2003f39] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x01 [XOR @0x10008bd] MEM[0x2003f3a] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f3a ← 0x02 [XOR @0x10008bd] MEM[0x2003f3b] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f3b ← 0x03 [XOR @0x10008bd] MEM[0x2003f3c] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f3c ← 0x00 [XOR @0x10008bd] MEM[0x2003f3d] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f3d ← 0x31 [XOR @0x10008bd] MEM[0x2003f3e] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f3e ← 0x30 [XOR @0x10008bd] MEM[0x2003f3f] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f3f ← 0x01 [XOR @0x10008bd] MEM[0x2003f40] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f40 ← 0x32 [XOR @0x10008bd] MEM[0x2003f41] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f41 ← 0x32 [XOR @0x10008bd] MEM[0x2003f42] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f42 ← 0x03 [XOR @0x10008bd] MEM[0x2003f43] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f43 ← 0x03 [XOR @0x10008bd] MEM[0x2003f44] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f44 ← 0x01 [STATE] ESI ← 0x54 [HOOK MOV] @0x010010b0: mov esi, 0xb [XOR @0x10010c4] MEM[0x2003f20] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x010010ca: cmp esi, 0x17 [XOR @0x10010c4] MEM[0x2003f21] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x33 [XOR @0x10010c4] MEM[0x2003f22] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x01 [XOR @0x10010c4] MEM[0x2003f23] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10010c4] MEM[0x2003f24] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x01 [XOR @0x10010c4] MEM[0x2003f25] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x30 [XOR @0x10010c4] MEM[0x2003f26] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x31 [XOR @0x10010c4] MEM[0x2003f27] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x03 [XOR @0x10010c4] MEM[0x2003f28] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x00 [XOR @0x10010c4] MEM[0x2003f29] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x00 [XOR @0x10010c4] MEM[0x2003f2a] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x00 [XOR @0x10010c4] MEM[0x2003f2b] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x31 [HOOK MOV] @0x010010d1: mov esi, 0x2e [HOOK MOV] @0x01000654: mov esi, 0x1d [XOR @0x1000668] MEM[0x2003f20] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x0100066e: cmp esi, 0x3b [XOR @0x1000668] MEM[0x2003f21] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f21 ← 0x03 [XOR @0x1000668] MEM[0x2003f22] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x00 [XOR @0x1000668] MEM[0x2003f23] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x30 [XOR @0x1000668] MEM[0x2003f24] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1000668] MEM[0x2003f25] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x33 [XOR @0x1000668] MEM[0x2003f26] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x32 [XOR @0x1000668] MEM[0x2003f27] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x02 [XOR @0x1000668] MEM[0x2003f28] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x30 [XOR @0x1000668] MEM[0x2003f29] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f29 ← 0x30 [XOR @0x1000668] MEM[0x2003f2a] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x30 [XOR @0x1000668] MEM[0x2003f2b] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x01 [XOR @0x1000668] MEM[0x2003f2c] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2c ← 0x01 [XOR @0x1000668] MEM[0x2003f2d] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x31 [XOR @0x1000668] MEM[0x2003f2e] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x00 [XOR @0x1000668] MEM[0x2003f2f] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x31 [XOR @0x1000668] MEM[0x2003f30] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000668] MEM[0x2003f31] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f31 ← 0x03 [XOR @0x1000668] MEM[0x2003f32] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f32 ← 0x32 [XOR @0x1000668] MEM[0x2003f33] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f33 ← 0x32 [XOR @0x1000668] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x1000668] MEM[0x2003f35] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x03 [XOR @0x1000668] MEM[0x2003f36] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f36 ← 0x00 [XOR @0x1000668] MEM[0x2003f37] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x01 [XOR @0x1000668] MEM[0x2003f38] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f38 ← 0x33 [XOR @0x1000668] MEM[0x2003f39] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x03 [XOR @0x1000668] MEM[0x2003f3a] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f3a ← 0x32 [XOR @0x1000668] MEM[0x2003f3b] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000668] MEM[0x2003f3c] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1000668] MEM[0x2003f3d] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f3d ← 0x30 [STATE] ESI ← 0x2D [HOOK MOV] @0x01001487: mov esi, 0x18 [XOR @0x100149b] MEM[0x2003f20] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x010014a1: cmp esi, 0x31 [XOR @0x100149b] MEM[0x2003f21] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x00 [XOR @0x100149b] MEM[0x2003f22] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x32 [XOR @0x100149b] MEM[0x2003f23] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x03 [XOR @0x100149b] MEM[0x2003f24] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x03 [XOR @0x100149b] MEM[0x2003f25] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100149b] MEM[0x2003f26] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x02 [XOR @0x100149b] MEM[0x2003f27] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f27 ← 0x03 [XOR @0x100149b] MEM[0x2003f28] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f28 ← 0x02 [XOR @0x100149b] MEM[0x2003f29] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f29 ← 0x02 [XOR @0x100149b] MEM[0x2003f2a] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2a ← 0x33 [XOR @0x100149b] MEM[0x2003f2b] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x02 [XOR @0x100149b] MEM[0x2003f2c] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2c ← 0x00 [XOR @0x100149b] MEM[0x2003f2d] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x01 [XOR @0x100149b] MEM[0x2003f2e] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x30 [XOR @0x100149b] MEM[0x2003f2f] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x01 [XOR @0x100149b] MEM[0x2003f30] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x02 [XOR @0x100149b] MEM[0x2003f31] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f31 ← 0x03 [XOR @0x100149b] MEM[0x2003f32] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x32 [XOR @0x100149b] MEM[0x2003f33] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x32 [XOR @0x100149b] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x100149b] MEM[0x2003f35] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f35 ← 0x03 [XOR @0x100149b] MEM[0x2003f36] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x00 [XOR @0x100149b] MEM[0x2003f37] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f37 ← 0x33 [XOR @0x100149b] MEM[0x2003f38] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f38 ← 0x33 [STATE] ESI ← 0x36 [HOOK MOV] @0x010004a6: mov esi, 0x1f [HOOK MOV] @0x010004ab: mov esi, 0xae4c415d [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x010004d4: cmp esi, 0x3f [WRITE] @0x2003f21 ← 0x32 [WRITE] @0x2003f22 ← 0x00 [WRITE] @0x2003f23 ← 0x00 [WRITE] @0x2003f24 ← 0x00 [WRITE] @0x2003f25 ← 0x02 [WRITE] @0x2003f26 ← 0x32 [WRITE] @0x2003f27 ← 0x33 [WRITE] @0x2003f28 ← 0x32 [WRITE] @0x2003f29 ← 0x32 [WRITE] @0x2003f2a ← 0x33 [WRITE] @0x2003f2b ← 0x02 [WRITE] @0x2003f2c ← 0x00 [WRITE] @0x2003f2d ← 0x01 [WRITE] @0x2003f2e ← 0x30 [WRITE] @0x2003f2f ← 0x01 [WRITE] @0x2003f30 ← 0x31 [WRITE] @0x2003f31 ← 0x31 [WRITE] @0x2003f32 ← 0x32 [WRITE] @0x2003f33 ← 0x32 [WRITE] @0x2003f34 ← 0x02 [WRITE] @0x2003f35 ← 0x01 [WRITE] @0x2003f36 ← 0x32 [WRITE] @0x2003f37 ← 0x00 [WRITE] @0x2003f38 ← 0x01 [WRITE] @0x2003f39 ← 0x31 [WRITE] @0x2003f3a ← 0x01 [WRITE] @0x2003f3b ← 0x31 [WRITE] @0x2003f3c ← 0x30 [WRITE] @0x2003f3d ← 0x31 [WRITE] @0x2003f3e ← 0x00 [WRITE] @0x2003f3f ← 0x00 [STATE] ESI ← 0x12 [HOOK MOV] @0x01001286: mov esi, 0x15 [XOR @0x100129a] MEM[0x2003f20] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x010012a0: cmp esi, 0x2b [XOR @0x100129a] MEM[0x2003f21] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x00 [XOR @0x100129a] MEM[0x2003f22] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x00 [XOR @0x100129a] MEM[0x2003f23] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x01 [XOR @0x100129a] MEM[0x2003f24] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x31 [XOR @0x100129a] MEM[0x2003f25] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100129a] MEM[0x2003f26] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x03 [XOR @0x100129a] MEM[0x2003f27] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x03 [XOR @0x100129a] MEM[0x2003f28] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x03 [XOR @0x100129a] MEM[0x2003f29] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x32 [XOR @0x100129a] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x100129a] MEM[0x2003f2b] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x30 [XOR @0x100129a] MEM[0x2003f2c] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f2c ← 0x32 [XOR @0x100129a] MEM[0x2003f2d] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x02 [XOR @0x100129a] MEM[0x2003f2e] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x33 [XOR @0x100129a] MEM[0x2003f2f] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x00 [XOR @0x100129a] MEM[0x2003f30] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x01 [XOR @0x100129a] MEM[0x2003f31] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x01 [XOR @0x100129a] MEM[0x2003f32] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x02 [XOR @0x100129a] MEM[0x2003f33] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x02 [XOR @0x100129a] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x100129a] MEM[0x2003f35] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f35 ← 0x01 [STATE] ESI ← 0x40 [HOOK MOV] @0x01001052: mov esi, 0xe [XOR @0x1001066] MEM[0x2003f20] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x0100106c: cmp esi, 0x1d [XOR @0x1001066] MEM[0x2003f21] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1001066] MEM[0x2003f22] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x01 [XOR @0x1001066] MEM[0x2003f23] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1001066] MEM[0x2003f24] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1001066] MEM[0x2003f25] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1001066] MEM[0x2003f26] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1001066] MEM[0x2003f27] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x02 [XOR @0x1001066] MEM[0x2003f28] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1001066] MEM[0x2003f29] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1001066] MEM[0x2003f2a] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x32 [XOR @0x1001066] MEM[0x2003f2b] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f2b ← 0x01 [XOR @0x1001066] MEM[0x2003f2c] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1001066] MEM[0x2003f2d] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1001066] MEM[0x2003f2e] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x03 [STATE] ESI ← 0x0E [HOOK MOV] @0x01000d5b: mov esi, 0x2a [XOR @0x1000d6f] MEM[0x2003f20] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x01000d75: cmp esi, 0x55 [XOR @0x1000d6f] MEM[0x2003f21] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f22] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f23] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f24] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1000d6f] MEM[0x2003f25] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f26] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f27] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1000d6f] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1000d6f] MEM[0x2003f29] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f2a] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x32 [XOR @0x1000d6f] MEM[0x2003f2b] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x00 [XOR @0x1000d6f] MEM[0x2003f2c] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x30 [XOR @0x1000d6f] MEM[0x2003f2d] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x02 [XOR @0x1000d6f] MEM[0x2003f2e] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x02 [XOR @0x1000d6f] MEM[0x2003f2f] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x32 [XOR @0x1000d6f] MEM[0x2003f30] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f31] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1000d6f] MEM[0x2003f32] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f33] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f33 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f34] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x30 [XOR @0x1000d6f] MEM[0x2003f35] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f35 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f36] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f36 ← 0x03 [XOR @0x1000d6f] MEM[0x2003f37] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f38] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f38 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f39] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f39 ← 0x01 [XOR @0x1000d6f] MEM[0x2003f3a] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x01 [XOR @0x1000d6f] MEM[0x2003f3b] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f3b ← 0x32 [XOR @0x1000d6f] MEM[0x2003f3c] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1000d6f] MEM[0x2003f3d] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f3d ← 0x30 [XOR @0x1000d6f] MEM[0x2003f3e] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x01 [XOR @0x1000d6f] MEM[0x2003f3f] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f3f ← 0x01 [XOR @0x1000d6f] MEM[0x2003f40] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f40 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f41] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f41 ← 0x02 [XOR @0x1000d6f] MEM[0x2003f42] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f42 ← 0x33 [XOR @0x1000d6f] MEM[0x2003f43] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f43 ← 0x02 [XOR @0x1000d6f] MEM[0x2003f44] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f44 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f45] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f45 ← 0x30 [XOR @0x1000d6f] MEM[0x2003f46] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f46 ← 0x32 [XOR @0x1000d6f] MEM[0x2003f47] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f47 ← 0x03 [XOR @0x1000d6f] MEM[0x2003f48] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f48 ← 0x32 [XOR @0x1000d6f] MEM[0x2003f49] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f49 ← 0x00 [XOR @0x1000d6f] MEM[0x2003f4a] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f4a ← 0x30 [STATE] ESI ← 0x39 [HOOK MOV] @0x01000f3b: mov esi, 0x14 [XOR @0x1000f4f] MEM[0x2003f20] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01000f55: cmp esi, 0x29 [XOR @0x1000f4f] MEM[0x2003f21] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000f4f] MEM[0x2003f22] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000f4f] MEM[0x2003f23] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000f4f] MEM[0x2003f24] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1000f4f] MEM[0x2003f25] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1000f4f] MEM[0x2003f26] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1000f4f] MEM[0x2003f27] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x31 [XOR @0x1000f4f] MEM[0x2003f28] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1000f4f] MEM[0x2003f29] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x31 [XOR @0x1000f4f] MEM[0x2003f2a] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000f4f] MEM[0x2003f2b] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x01 [XOR @0x1000f4f] MEM[0x2003f2c] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x30 [XOR @0x1000f4f] MEM[0x2003f2d] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x00 [XOR @0x1000f4f] MEM[0x2003f2e] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2e ← 0x31 [XOR @0x1000f4f] MEM[0x2003f2f] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1000f4f] MEM[0x2003f30] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1000f4f] MEM[0x2003f31] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000f4f] MEM[0x2003f32] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x32 [XOR @0x1000f4f] MEM[0x2003f33] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x03 [XOR @0x1000f4f] MEM[0x2003f34] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f34 ← 0x02 [STATE] ESI ← 0x0F [HOOK MOV] @0x010005cb: mov esi, 0xb [XOR @0x10005df] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x010005e5: cmp esi, 0x17 [XOR @0x10005df] MEM[0x2003f21] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x30 [XOR @0x10005df] MEM[0x2003f22] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x02 [XOR @0x10005df] MEM[0x2003f23] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x31 [XOR @0x10005df] MEM[0x2003f24] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x02 [XOR @0x10005df] MEM[0x2003f25] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x00 [XOR @0x10005df] MEM[0x2003f26] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x01 [XOR @0x10005df] MEM[0x2003f27] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x03 [XOR @0x10005df] MEM[0x2003f28] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x02 [XOR @0x10005df] MEM[0x2003f29] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x33 [XOR @0x10005df] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x10005df] MEM[0x2003f2b] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x02 [STATE] ESI ← 0x03 [HOOK MOV] @0x010011f9: mov esi, 0x6 [XOR @0x100120d] MEM[0x2003f20] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01001213: cmp esi, 0xd [XOR @0x100120d] MEM[0x2003f21] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x33 [XOR @0x100120d] MEM[0x2003f22] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x00 [XOR @0x100120d] MEM[0x2003f23] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x02 [XOR @0x100120d] MEM[0x2003f24] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x31 [XOR @0x100120d] MEM[0x2003f25] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x02 [XOR @0x100120d] MEM[0x2003f26] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x31 [STATE] ESI ← 0x27 [HOOK MOV] @0x01000db9: mov esi, 0x1a [XOR @0x1000dcd] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000dd3: cmp esi, 0x35 [XOR @0x1000dcd] MEM[0x2003f21] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f21 ← 0x01 [XOR @0x1000dcd] MEM[0x2003f22] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x30 [XOR @0x1000dcd] MEM[0x2003f23] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x32 [XOR @0x1000dcd] MEM[0x2003f24] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x30 [XOR @0x1000dcd] MEM[0x2003f25] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1000dcd] MEM[0x2003f26] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1000dcd] MEM[0x2003f27] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1000dcd] MEM[0x2003f28] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1000dcd] MEM[0x2003f29] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x31 [XOR @0x1000dcd] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000dcd] MEM[0x2003f2b] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000dcd] MEM[0x2003f2c] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000dcd] MEM[0x2003f2d] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f2d ← 0x03 [XOR @0x1000dcd] MEM[0x2003f2e] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1000dcd] MEM[0x2003f2f] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1000dcd] MEM[0x2003f30] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1000dcd] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000dcd] MEM[0x2003f32] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x32 [XOR @0x1000dcd] MEM[0x2003f33] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x03 [XOR @0x1000dcd] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x1000dcd] MEM[0x2003f35] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f35 ← 0x30 [XOR @0x1000dcd] MEM[0x2003f36] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x02 [XOR @0x1000dcd] MEM[0x2003f37] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x30 [XOR @0x1000dcd] MEM[0x2003f38] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f38 ← 0x33 [XOR @0x1000dcd] MEM[0x2003f39] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x31 [XOR @0x1000dcd] MEM[0x2003f3a] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x02 [STATE] ESI ← 0x18 [XOR @0x10007a9] MEM[0x2003f20] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x010007af: cmp esi, 0x31 [XOR @0x10007a9] MEM[0x2003f21] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x30 [XOR @0x10007a9] MEM[0x2003f22] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x32 [XOR @0x10007a9] MEM[0x2003f23] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x00 [XOR @0x10007a9] MEM[0x2003f24] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x00 [XOR @0x10007a9] MEM[0x2003f25] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x33 [XOR @0x10007a9] MEM[0x2003f26] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x30 [XOR @0x10007a9] MEM[0x2003f27] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x00 [XOR @0x10007a9] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10007a9] MEM[0x2003f29] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x33 [XOR @0x10007a9] MEM[0x2003f2a] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x00 [XOR @0x10007a9] MEM[0x2003f2b] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x30 [XOR @0x10007a9] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x10007a9] MEM[0x2003f2d] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x33 [XOR @0x10007a9] MEM[0x2003f2e] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x31 [XOR @0x10007a9] MEM[0x2003f2f] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x33 [XOR @0x10007a9] MEM[0x2003f30] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x03 [XOR @0x10007a9] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x10007a9] MEM[0x2003f32] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x02 [XOR @0x10007a9] MEM[0x2003f33] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x03 [XOR @0x10007a9] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x10007a9] MEM[0x2003f35] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x30 [XOR @0x10007a9] MEM[0x2003f36] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x02 [XOR @0x10007a9] MEM[0x2003f37] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f37 ← 0x33 [XOR @0x10007a9] MEM[0x2003f38] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f38 ← 0x03 [STATE] ESI ← 0x58 [HOOK MOV] @0x010010df: mov esi, 0x18 [XOR @0x10010f3] MEM[0x2003f20] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x010010f9: cmp esi, 0x31 [XOR @0x10010f3] MEM[0x2003f21] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x01 [XOR @0x10010f3] MEM[0x2003f22] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x30 [XOR @0x10010f3] MEM[0x2003f23] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x32 [XOR @0x10010f3] MEM[0x2003f24] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x30 [XOR @0x10010f3] MEM[0x2003f25] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x03 [XOR @0x10010f3] MEM[0x2003f26] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x31 [XOR @0x10010f3] MEM[0x2003f27] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f27 ← 0x01 [XOR @0x10010f3] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10010f3] MEM[0x2003f29] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x31 [XOR @0x10010f3] MEM[0x2003f2a] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x33 [XOR @0x10010f3] MEM[0x2003f2b] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f2b ← 0x32 [XOR @0x10010f3] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x10010f3] MEM[0x2003f2d] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x03 [XOR @0x10010f3] MEM[0x2003f2e] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x03 [XOR @0x10010f3] MEM[0x2003f2f] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x30 [XOR @0x10010f3] MEM[0x2003f30] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f30 ← 0x31 [XOR @0x10010f3] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x10010f3] MEM[0x2003f32] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x32 [XOR @0x10010f3] MEM[0x2003f33] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x03 [XOR @0x10010f3] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x10010f3] MEM[0x2003f35] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x30 [XOR @0x10010f3] MEM[0x2003f36] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x02 [XOR @0x10010f3] MEM[0x2003f37] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f37 ← 0x33 [XOR @0x10010f3] MEM[0x2003f38] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f38 ← 0x02 [STATE] ESI ← 0x3B [HOOK MOV] @0x0100136f: mov esi, 0x1d [XOR @0x1001383] MEM[0x2003f20] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01001389: cmp esi, 0x3b [XOR @0x1001383] MEM[0x2003f21] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1001383] MEM[0x2003f22] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x31 [XOR @0x1001383] MEM[0x2003f23] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x32 [XOR @0x1001383] MEM[0x2003f24] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1001383] MEM[0x2003f25] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x30 [XOR @0x1001383] MEM[0x2003f26] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x33 [XOR @0x1001383] MEM[0x2003f27] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1001383] MEM[0x2003f28] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1001383] MEM[0x2003f29] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x03 [XOR @0x1001383] MEM[0x2003f2a] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x30 [XOR @0x1001383] MEM[0x2003f2b] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x00 [XOR @0x1001383] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1001383] MEM[0x2003f2d] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1001383] MEM[0x2003f2e] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1001383] MEM[0x2003f2f] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1001383] MEM[0x2003f30] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1001383] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1001383] MEM[0x2003f32] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x02 [XOR @0x1001383] MEM[0x2003f33] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x03 [XOR @0x1001383] MEM[0x2003f34] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x33 [XOR @0x1001383] MEM[0x2003f35] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x02 [XOR @0x1001383] MEM[0x2003f36] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x30 [XOR @0x1001383] MEM[0x2003f37] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f37 ← 0x03 [XOR @0x1001383] MEM[0x2003f38] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f38 ← 0x31 [XOR @0x1001383] MEM[0x2003f39] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f39 ← 0x30 [XOR @0x1001383] MEM[0x2003f3a] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f3a ← 0x03 [XOR @0x1001383] MEM[0x2003f3b] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f3b ← 0x31 [XOR @0x1001383] MEM[0x2003f3c] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f3c ← 0x00 [XOR @0x1001383] MEM[0x2003f3d] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f3d ← 0x30 [STATE] ESI ← 0x55 [HOOK MOV] @0x0100076b: mov esi, 0x1d [XOR @0x100077f] MEM[0x2003f20] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01000785: cmp esi, 0x3b [XOR @0x100077f] MEM[0x2003f21] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x01 [XOR @0x100077f] MEM[0x2003f22] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x30 [XOR @0x100077f] MEM[0x2003f23] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x32 [XOR @0x100077f] MEM[0x2003f24] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x30 [XOR @0x100077f] MEM[0x2003f25] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100077f] MEM[0x2003f26] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x31 [XOR @0x100077f] MEM[0x2003f27] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x01 [XOR @0x100077f] MEM[0x2003f28] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x31 [XOR @0x100077f] MEM[0x2003f29] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x31 [XOR @0x100077f] MEM[0x2003f2a] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2a ← 0x33 [XOR @0x100077f] MEM[0x2003f2b] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x32 [XOR @0x100077f] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x100077f] MEM[0x2003f2d] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x03 [XOR @0x100077f] MEM[0x2003f2e] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x03 [XOR @0x100077f] MEM[0x2003f2f] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x30 [XOR @0x100077f] MEM[0x2003f30] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x31 [XOR @0x100077f] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x100077f] MEM[0x2003f32] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x02 [XOR @0x100077f] MEM[0x2003f33] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x02 [XOR @0x100077f] MEM[0x2003f34] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x03 [XOR @0x100077f] MEM[0x2003f35] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f35 ← 0x30 [XOR @0x100077f] MEM[0x2003f36] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f36 ← 0x00 [XOR @0x100077f] MEM[0x2003f37] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f37 ← 0x00 [XOR @0x100077f] MEM[0x2003f38] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f38 ← 0x00 [XOR @0x100077f] MEM[0x2003f39] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f39 ← 0x31 [XOR @0x100077f] MEM[0x2003f3a] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f3a ← 0x32 [XOR @0x100077f] MEM[0x2003f3b] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f3b ← 0x00 [XOR @0x100077f] MEM[0x2003f3c] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x33 [XOR @0x100077f] MEM[0x2003f3d] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f3d ← 0x02 [STATE] ESI ← 0x48 [HOOK MOV] @0x01000936: mov esi, 0xe [XOR @0x100094a] MEM[0x2003f20] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01000950: cmp esi, 0x1d [XOR @0x100094a] MEM[0x2003f21] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x31 [XOR @0x100094a] MEM[0x2003f22] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x01 [XOR @0x100094a] MEM[0x2003f23] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x33 [XOR @0x100094a] MEM[0x2003f24] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x32 [XOR @0x100094a] MEM[0x2003f25] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x01 [XOR @0x100094a] MEM[0x2003f26] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x32 [XOR @0x100094a] MEM[0x2003f27] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x31 [XOR @0x100094a] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x100094a] MEM[0x2003f29] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x31 [XOR @0x100094a] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x100094a] MEM[0x2003f2b] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x03 [XOR @0x100094a] MEM[0x2003f2c] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x30 [XOR @0x100094a] MEM[0x2003f2d] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x03 [XOR @0x100094a] MEM[0x2003f2e] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x30 [STATE] ESI ← 0x0A [HOOK MOV] @0x0100081b: mov esi, 0x3 [HOOK MOV] @0x01000820: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000836: cmp esi, 0x7 [WRITE] @0x2003f21 ← 0x03 [WRITE] @0x2003f22 ← 0x00 [WRITE] @0x2003f23 ← 0x01 [STATE] ESI ← 0x1C [HOOK MOV] @0x01001257: mov esi, 0x18 [XOR @0x100126b] MEM[0x2003f20] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01001271: cmp esi, 0x31 [XOR @0x100126b] MEM[0x2003f21] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x32 [XOR @0x100126b] MEM[0x2003f22] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x32 [XOR @0x100126b] MEM[0x2003f23] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x01 [XOR @0x100126b] MEM[0x2003f24] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x01 [XOR @0x100126b] MEM[0x2003f25] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100126b] MEM[0x2003f26] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x33 [XOR @0x100126b] MEM[0x2003f27] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x30 [XOR @0x100126b] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x100126b] MEM[0x2003f29] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x33 [XOR @0x100126b] MEM[0x2003f2a] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x00 [XOR @0x100126b] MEM[0x2003f2b] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x01 [XOR @0x100126b] MEM[0x2003f2c] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x30 [XOR @0x100126b] MEM[0x2003f2d] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x33 [XOR @0x100126b] MEM[0x2003f2e] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x02 [XOR @0x100126b] MEM[0x2003f2f] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x33 [XOR @0x100126b] MEM[0x2003f30] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x03 [XOR @0x100126b] MEM[0x2003f31] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x01 [XOR @0x100126b] MEM[0x2003f32] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x32 [XOR @0x100126b] MEM[0x2003f33] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f33 ← 0x02 [XOR @0x100126b] MEM[0x2003f34] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f34 ← 0x03 [XOR @0x100126b] MEM[0x2003f35] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x30 [XOR @0x100126b] MEM[0x2003f36] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x00 [XOR @0x100126b] MEM[0x2003f37] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x30 [XOR @0x100126b] MEM[0x2003f38] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f38 ← 0x32 [STATE] ESI ← 0x1B [HOOK MOV] @0x010008d8: mov esi, 0x8 [XOR @0x10008ec] MEM[0x2003f20] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x010008f2: cmp esi, 0x11 [XOR @0x10008ec] MEM[0x2003f21] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x01 [XOR @0x10008ec] MEM[0x2003f22] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x32 [XOR @0x10008ec] MEM[0x2003f23] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x00 [XOR @0x10008ec] MEM[0x2003f24] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x31 [XOR @0x10008ec] MEM[0x2003f25] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x30 [XOR @0x10008ec] MEM[0x2003f26] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x31 [XOR @0x10008ec] MEM[0x2003f27] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x03 [XOR @0x10008ec] MEM[0x2003f28] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x32 [STATE] ESI ← 0x2F [HOOK MOV] @0x01000ca7: mov esi, 0x8 [XOR @0x1000cbb] MEM[0x2003f20] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x01000cc1: cmp esi, 0x11 [XOR @0x1000cbb] MEM[0x2003f21] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1000cbb] MEM[0x2003f22] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x32 [XOR @0x1000cbb] MEM[0x2003f23] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x01 [XOR @0x1000cbb] MEM[0x2003f24] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x01 [XOR @0x1000cbb] MEM[0x2003f25] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1000cbb] MEM[0x2003f26] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x33 [XOR @0x1000cbb] MEM[0x2003f27] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000cbb] MEM[0x2003f28] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x31 [STATE] ESI ← 0x5C [HOOK MOV] @0x01001228: mov esi, 0x29 [XOR @0x100123c] MEM[0x2003f20] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x01001242: cmp esi, 0x53 [XOR @0x100123c] MEM[0x2003f21] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x02 [XOR @0x100123c] MEM[0x2003f22] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x32 [XOR @0x100123c] MEM[0x2003f23] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x01 [XOR @0x100123c] MEM[0x2003f24] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x01 [XOR @0x100123c] MEM[0x2003f25] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x03 [XOR @0x100123c] MEM[0x2003f26] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x00 [XOR @0x100123c] MEM[0x2003f27] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x32 [XOR @0x100123c] MEM[0x2003f28] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x03 [XOR @0x100123c] MEM[0x2003f29] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x32 [XOR @0x100123c] MEM[0x2003f2a] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x01 [XOR @0x100123c] MEM[0x2003f2b] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x02 [XOR @0x100123c] MEM[0x2003f2c] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x30 [XOR @0x100123c] MEM[0x2003f2d] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x01 [XOR @0x100123c] MEM[0x2003f2e] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2e ← 0x01 [XOR @0x100123c] MEM[0x2003f2f] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x01 [XOR @0x100123c] MEM[0x2003f30] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f30 ← 0x02 [XOR @0x100123c] MEM[0x2003f31] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x03 [XOR @0x100123c] MEM[0x2003f32] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x02 [XOR @0x100123c] MEM[0x2003f33] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f33 ← 0x03 [XOR @0x100123c] MEM[0x2003f34] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f34 ← 0x02 [XOR @0x100123c] MEM[0x2003f35] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f35 ← 0x31 [XOR @0x100123c] MEM[0x2003f36] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x02 [XOR @0x100123c] MEM[0x2003f37] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f37 ← 0x33 [XOR @0x100123c] MEM[0x2003f38] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f38 ← 0x30 [XOR @0x100123c] MEM[0x2003f39] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f39 ← 0x32 [XOR @0x100123c] MEM[0x2003f3a] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f3a ← 0x30 [XOR @0x100123c] MEM[0x2003f3b] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f3b ← 0x31 [XOR @0x100123c] MEM[0x2003f3c] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f3c ← 0x31 [XOR @0x100123c] MEM[0x2003f3d] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f3d ← 0x31 [XOR @0x100123c] MEM[0x2003f3e] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f3e ← 0x31 [XOR @0x100123c] MEM[0x2003f3f] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f3f ← 0x33 [XOR @0x100123c] MEM[0x2003f40] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f40 ← 0x30 [XOR @0x100123c] MEM[0x2003f41] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f41 ← 0x33 [XOR @0x100123c] MEM[0x2003f42] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f42 ← 0x02 [XOR @0x100123c] MEM[0x2003f43] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f43 ← 0x33 [XOR @0x100123c] MEM[0x2003f44] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f44 ← 0x31 [XOR @0x100123c] MEM[0x2003f45] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f45 ← 0x03 [XOR @0x100123c] MEM[0x2003f46] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f46 ← 0x02 [XOR @0x100123c] MEM[0x2003f47] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f47 ← 0x30 [XOR @0x100123c] MEM[0x2003f48] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f48 ← 0x30 [XOR @0x100123c] MEM[0x2003f49] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f49 ← 0x33 [STATE] ESI ← 0x20 [HOOK MOV] @0x010003b0: mov esi, 0xb [HOOK MOV] @0x010003b5: mov esi, 0xae4c415d [XOR @0x10003db] MEM[0x2003f20] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x010003e1: cmp esi, 0x17 [XOR @0x10003db] MEM[0x2003f21] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x32 [XOR @0x10003db] MEM[0x2003f22] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x33 [XOR @0x10003db] MEM[0x2003f23] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x00 [XOR @0x10003db] MEM[0x2003f24] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x00 [XOR @0x10003db] MEM[0x2003f25] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x01 [XOR @0x10003db] MEM[0x2003f26] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x03 [XOR @0x10003db] MEM[0x2003f27] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10003db] MEM[0x2003f28] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x00 [XOR @0x10003db] MEM[0x2003f29] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x30 [XOR @0x10003db] MEM[0x2003f2a] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x30 [XOR @0x10003db] MEM[0x2003f2b] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x00 [STATE] ESI ← 0x2B [HOOK MOV] @0x010006e1: mov esi, 0xd [XOR @0x10006f5] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x010006fb: cmp esi, 0x1b [XOR @0x10006f5] MEM[0x2003f21] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x33 [XOR @0x10006f5] MEM[0x2003f22] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x32 [XOR @0x10006f5] MEM[0x2003f23] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10006f5] MEM[0x2003f24] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x03 [XOR @0x10006f5] MEM[0x2003f25] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x03 [XOR @0x10006f5] MEM[0x2003f26] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f26 ← 0x00 [XOR @0x10006f5] MEM[0x2003f27] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x32 [XOR @0x10006f5] MEM[0x2003f28] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10006f5] MEM[0x2003f29] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f29 ← 0x32 [XOR @0x10006f5] MEM[0x2003f2a] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f2a ← 0x03 [XOR @0x10006f5] MEM[0x2003f2b] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x30 [XOR @0x10006f5] MEM[0x2003f2c] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x02 [XOR @0x10006f5] MEM[0x2003f2d] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x31 [STATE] ESI ← 0x50 [HOOK MOV] @0x010005f9: mov esi, 0x12 [XOR @0x100060d] MEM[0x2003f20] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x01000613: cmp esi, 0x25 [XOR @0x100060d] MEM[0x2003f21] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f21 ← 0x30 [XOR @0x100060d] MEM[0x2003f22] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x30 [XOR @0x100060d] MEM[0x2003f23] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x33 [XOR @0x100060d] MEM[0x2003f24] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f24 ← 0x01 [XOR @0x100060d] MEM[0x2003f25] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x30 [XOR @0x100060d] MEM[0x2003f26] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x30 [XOR @0x100060d] MEM[0x2003f27] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f27 ← 0x00 [XOR @0x100060d] MEM[0x2003f28] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x01 [XOR @0x100060d] MEM[0x2003f29] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x03 [XOR @0x100060d] MEM[0x2003f2a] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x32 [XOR @0x100060d] MEM[0x2003f2b] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f2b ← 0x01 [XOR @0x100060d] MEM[0x2003f2c] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x33 [XOR @0x100060d] MEM[0x2003f2d] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x02 [XOR @0x100060d] MEM[0x2003f2e] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2e ← 0x31 [XOR @0x100060d] MEM[0x2003f2f] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x32 [XOR @0x100060d] MEM[0x2003f30] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f30 ← 0x00 [XOR @0x100060d] MEM[0x2003f31] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f31 ← 0x30 [XOR @0x100060d] MEM[0x2003f32] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x33 [STATE] ESI ← 0x44 [HOOK MOV] @0x010015c7: mov esi, 0xe [XOR @0x10015db] MEM[0x2003f20] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x010015e1: cmp esi, 0x1d [XOR @0x10015db] MEM[0x2003f21] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x02 [XOR @0x10015db] MEM[0x2003f22] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x30 [XOR @0x10015db] MEM[0x2003f23] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f23 ← 0x03 [XOR @0x10015db] MEM[0x2003f24] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x32 [XOR @0x10015db] MEM[0x2003f25] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x33 [XOR @0x10015db] MEM[0x2003f26] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x32 [XOR @0x10015db] MEM[0x2003f27] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f27 ← 0x31 [XOR @0x10015db] MEM[0x2003f28] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x03 [XOR @0x10015db] MEM[0x2003f29] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x30 [XOR @0x10015db] MEM[0x2003f2a] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x02 [XOR @0x10015db] MEM[0x2003f2b] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x33 [XOR @0x10015db] MEM[0x2003f2c] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x03 [XOR @0x10015db] MEM[0x2003f2d] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x33 [XOR @0x10015db] MEM[0x2003f2e] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x00 [STATE] ESI ← 0x2E [HOOK MOV] @0x01001597: mov esi, 0x19 [HOOK MOV] @0x0100159c: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x010015b2: cmp esi, 0x33 [WRITE] @0x2003f21 ← 0x32 [WRITE] @0x2003f22 ← 0x01 [WRITE] @0x2003f23 ← 0x32 [WRITE] @0x2003f24 ← 0x03 [WRITE] @0x2003f25 ← 0x02 [WRITE] @0x2003f26 ← 0x01 [WRITE] @0x2003f27 ← 0x01 [WRITE] @0x2003f28 ← 0x30 [WRITE] @0x2003f29 ← 0x32 [WRITE] @0x2003f2a ← 0x31 [WRITE] @0x2003f2b ← 0x02 [WRITE] @0x2003f2c ← 0x00 [WRITE] @0x2003f2d ← 0x31 [WRITE] @0x2003f2e ← 0x30 [WRITE] @0x2003f2f ← 0x02 [WRITE] @0x2003f30 ← 0x33 [WRITE] @0x2003f31 ← 0x00 [WRITE] @0x2003f32 ← 0x33 [WRITE] @0x2003f33 ← 0x03 [WRITE] @0x2003f34 ← 0x02 [WRITE] @0x2003f35 ← 0x31 [WRITE] @0x2003f36 ← 0x33 [WRITE] @0x2003f37 ← 0x01 [WRITE] @0x2003f38 ← 0x31 [WRITE] @0x2003f39 ← 0x00 [STATE] ESI ← 0x1D [HOOK MOV] @0x01000a21: mov esi, 0x2 [XOR @0x1000a35] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000a3b: cmp esi, 0x5 [XOR @0x1000a35] MEM[0x2003f21] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000a35] MEM[0x2003f22] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x02 [STATE] ESI ← 0x5E [HOOK MOV] @0x010014b2: mov esi, 0x17 [HOOK MOV] @0x010014b7: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x010014cd: cmp esi, 0x2f [WRITE] @0x2003f21 ← 0x31 [WRITE] @0x2003f22 ← 0x02 [WRITE] @0x2003f23 ← 0x02 [WRITE] @0x2003f24 ← 0x32 [WRITE] @0x2003f25 ← 0x33 [WRITE] @0x2003f26 ← 0x30 [WRITE] @0x2003f27 ← 0x30 [WRITE] @0x2003f28 ← 0x03 [WRITE] @0x2003f29 ← 0x02 [WRITE] @0x2003f2a ← 0x02 [WRITE] @0x2003f2b ← 0x00 [WRITE] @0x2003f2c ← 0x33 [WRITE] @0x2003f2d ← 0x00 [WRITE] @0x2003f2e ← 0x33 [WRITE] @0x2003f2f ← 0x00 [WRITE] @0x2003f30 ← 0x03 [WRITE] @0x2003f31 ← 0x30 [WRITE] @0x2003f32 ← 0x00 [WRITE] @0x2003f33 ← 0x33 [WRITE] @0x2003f34 ← 0x02 [WRITE] @0x2003f35 ← 0x31 [WRITE] @0x2003f36 ← 0x33 [WRITE] @0x2003f37 ← 0x01 [STATE] ESI ← 0x21 [HOOK MOV] @0x01001540: mov esi, 0x11 [XOR @0x1001554] MEM[0x2003f20] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x0100155a: cmp esi, 0x23 [XOR @0x1001554] MEM[0x2003f21] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1001554] MEM[0x2003f22] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x31 [XOR @0x1001554] MEM[0x2003f23] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1001554] MEM[0x2003f24] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x03 [XOR @0x1001554] MEM[0x2003f25] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1001554] MEM[0x2003f26] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1001554] MEM[0x2003f27] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1001554] MEM[0x2003f28] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x03 [XOR @0x1001554] MEM[0x2003f29] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1001554] MEM[0x2003f2a] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1001554] MEM[0x2003f2b] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x31 [XOR @0x1001554] MEM[0x2003f2c] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1001554] MEM[0x2003f2d] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2d ← 0x31 [XOR @0x1001554] MEM[0x2003f2e] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x00 [XOR @0x1001554] MEM[0x2003f2f] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1001554] MEM[0x2003f30] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f30 ← 0x30 [XOR @0x1001554] MEM[0x2003f31] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f31 ← 0x32 [STATE] ESI ← 0x47 [HOOK MOV] @0x01000cd6: mov esi, 0x28 [XOR @0x1000cea] MEM[0x2003f20] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01000cf0: cmp esi, 0x51 [XOR @0x1000cea] MEM[0x2003f21] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x02 [XOR @0x1000cea] MEM[0x2003f22] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x01 [XOR @0x1000cea] MEM[0x2003f23] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000cea] MEM[0x2003f24] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f24 ← 0x03 [XOR @0x1000cea] MEM[0x2003f25] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1000cea] MEM[0x2003f26] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1000cea] MEM[0x2003f27] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000cea] MEM[0x2003f28] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1000cea] MEM[0x2003f29] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x33 [XOR @0x1000cea] MEM[0x2003f2a] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x33 [XOR @0x1000cea] MEM[0x2003f2b] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000cea] MEM[0x2003f2c] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000cea] MEM[0x2003f2d] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x00 [XOR @0x1000cea] MEM[0x2003f2e] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1000cea] MEM[0x2003f2f] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x31 [XOR @0x1000cea] MEM[0x2003f30] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x03 [XOR @0x1000cea] MEM[0x2003f31] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000cea] MEM[0x2003f32] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x32 [XOR @0x1000cea] MEM[0x2003f33] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f33 ← 0x31 [XOR @0x1000cea] MEM[0x2003f34] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x02 [XOR @0x1000cea] MEM[0x2003f35] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x01 [XOR @0x1000cea] MEM[0x2003f36] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f36 ← 0x02 [XOR @0x1000cea] MEM[0x2003f37] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f37 ← 0x02 [XOR @0x1000cea] MEM[0x2003f38] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f38 ← 0x30 [XOR @0x1000cea] MEM[0x2003f39] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f39 ← 0x32 [XOR @0x1000cea] MEM[0x2003f3a] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f3a ← 0x01 [XOR @0x1000cea] MEM[0x2003f3b] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000cea] MEM[0x2003f3c] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1000cea] MEM[0x2003f3d] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3d ← 0x33 [XOR @0x1000cea] MEM[0x2003f3e] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3e ← 0x33 [XOR @0x1000cea] MEM[0x2003f3f] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f3f ← 0x03 [XOR @0x1000cea] MEM[0x2003f40] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f40 ← 0x02 [XOR @0x1000cea] MEM[0x2003f41] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f41 ← 0x32 [XOR @0x1000cea] MEM[0x2003f42] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f42 ← 0x31 [XOR @0x1000cea] MEM[0x2003f43] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f43 ← 0x03 [XOR @0x1000cea] MEM[0x2003f44] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f44 ← 0x02 [XOR @0x1000cea] MEM[0x2003f45] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f45 ← 0x30 [XOR @0x1000cea] MEM[0x2003f46] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f46 ← 0x01 [XOR @0x1000cea] MEM[0x2003f47] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f47 ← 0x32 [XOR @0x1000cea] MEM[0x2003f48] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f48 ← 0x02 [STATE] ESI ← 0x17 [HOOK MOV] @0x0100073c: mov esi, 0x11 [XOR @0x1000750] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000756: cmp esi, 0x23 [XOR @0x1000750] MEM[0x2003f21] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x30 [XOR @0x1000750] MEM[0x2003f22] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x30 [XOR @0x1000750] MEM[0x2003f23] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x02 [XOR @0x1000750] MEM[0x2003f24] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f24 ← 0x02 [XOR @0x1000750] MEM[0x2003f25] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x02 [XOR @0x1000750] MEM[0x2003f26] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x33 [XOR @0x1000750] MEM[0x2003f27] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x00 [XOR @0x1000750] MEM[0x2003f28] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x33 [XOR @0x1000750] MEM[0x2003f29] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1000750] MEM[0x2003f2a] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000750] MEM[0x2003f2b] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x02 [XOR @0x1000750] MEM[0x2003f2c] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x31 [XOR @0x1000750] MEM[0x2003f2d] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1000750] MEM[0x2003f2e] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x33 [XOR @0x1000750] MEM[0x2003f2f] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1000750] MEM[0x2003f30] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1000750] MEM[0x2003f31] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x30 [STATE] ESI ← 0x01 [HOOK MOV] @0x01000994: mov esi, 0x4 [XOR @0x10009a8] MEM[0x2003f20] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x010009ae: cmp esi, 0x9 [XOR @0x10009a8] MEM[0x2003f21] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x32 [XOR @0x10009a8] MEM[0x2003f22] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x03 [XOR @0x10009a8] MEM[0x2003f23] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10009a8] MEM[0x2003f24] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x31 [STATE] ESI ← 0x52 [HOOK MOV] @0x01001625: mov esi, 0x15 [XOR @0x1001639] MEM[0x2003f20] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x0100163f: cmp esi, 0x2b [XOR @0x1001639] MEM[0x2003f21] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x30 [XOR @0x1001639] MEM[0x2003f22] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f22 ← 0x01 [XOR @0x1001639] MEM[0x2003f23] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x32 [XOR @0x1001639] MEM[0x2003f24] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x03 [XOR @0x1001639] MEM[0x2003f25] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1001639] MEM[0x2003f26] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1001639] MEM[0x2003f27] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1001639] MEM[0x2003f28] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x00 [XOR @0x1001639] MEM[0x2003f29] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x01 [XOR @0x1001639] MEM[0x2003f2a] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x03 [XOR @0x1001639] MEM[0x2003f2b] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x00 [XOR @0x1001639] MEM[0x2003f2c] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2c ← 0x03 [XOR @0x1001639] MEM[0x2003f2d] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x02 [XOR @0x1001639] MEM[0x2003f2e] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1001639] MEM[0x2003f2f] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x31 [XOR @0x1001639] MEM[0x2003f30] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1001639] MEM[0x2003f31] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1001639] MEM[0x2003f32] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x00 [XOR @0x1001639] MEM[0x2003f33] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f33 ← 0x33 [XOR @0x1001639] MEM[0x2003f34] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x31 [XOR @0x1001639] MEM[0x2003f35] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f35 ← 0x31 [STATE] ESI ← 0x3F [HOOK MOV] @0x0100110e: mov esi, 0x16 [XOR @0x1001122] MEM[0x2003f20] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01001128: cmp esi, 0x2d [XOR @0x1001122] MEM[0x2003f21] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1001122] MEM[0x2003f22] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x31 [XOR @0x1001122] MEM[0x2003f23] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1001122] MEM[0x2003f24] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f24 ← 0x02 [XOR @0x1001122] MEM[0x2003f25] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x30 [XOR @0x1001122] MEM[0x2003f26] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x30 [XOR @0x1001122] MEM[0x2003f27] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1001122] MEM[0x2003f28] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x33 [XOR @0x1001122] MEM[0x2003f29] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1001122] MEM[0x2003f2a] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x01 [XOR @0x1001122] MEM[0x2003f2b] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1001122] MEM[0x2003f2c] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1001122] MEM[0x2003f2d] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1001122] MEM[0x2003f2e] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x32 [XOR @0x1001122] MEM[0x2003f2f] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x01 [XOR @0x1001122] MEM[0x2003f30] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x00 [XOR @0x1001122] MEM[0x2003f31] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x03 [XOR @0x1001122] MEM[0x2003f32] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x02 [XOR @0x1001122] MEM[0x2003f33] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f33 ← 0x00 [XOR @0x1001122] MEM[0x2003f34] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1001122] MEM[0x2003f35] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x31 [XOR @0x1001122] MEM[0x2003f36] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x02 [STATE] ESI ← 0x16 [HOOK MOV] @0x01000683: mov esi, 0x2b [XOR @0x1000697] MEM[0x2003f20] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x0100069d: cmp esi, 0x57 [XOR @0x1000697] MEM[0x2003f21] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1000697] MEM[0x2003f22] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x31 [XOR @0x1000697] MEM[0x2003f23] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000697] MEM[0x2003f24] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1000697] MEM[0x2003f25] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x02 [XOR @0x1000697] MEM[0x2003f26] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1000697] MEM[0x2003f27] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1000697] MEM[0x2003f28] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x00 [XOR @0x1000697] MEM[0x2003f29] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x00 [XOR @0x1000697] MEM[0x2003f2a] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000697] MEM[0x2003f2b] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x31 [XOR @0x1000697] MEM[0x2003f2c] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1000697] MEM[0x2003f2d] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000697] MEM[0x2003f2e] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2e ← 0x32 [XOR @0x1000697] MEM[0x2003f2f] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1000697] MEM[0x2003f30] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000697] MEM[0x2003f31] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f31 ← 0x02 [XOR @0x1000697] MEM[0x2003f32] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x30 [XOR @0x1000697] MEM[0x2003f33] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x30 [XOR @0x1000697] MEM[0x2003f34] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x33 [XOR @0x1000697] MEM[0x2003f35] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x33 [XOR @0x1000697] MEM[0x2003f36] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x32 [XOR @0x1000697] MEM[0x2003f37] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f37 ← 0x32 [XOR @0x1000697] MEM[0x2003f38] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f38 ← 0x03 [XOR @0x1000697] MEM[0x2003f39] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f39 ← 0x01 [XOR @0x1000697] MEM[0x2003f3a] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x33 [XOR @0x1000697] MEM[0x2003f3b] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f3b ← 0x01 [XOR @0x1000697] MEM[0x2003f3c] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f3c ← 0x33 [XOR @0x1000697] MEM[0x2003f3d] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f3d ← 0x32 [XOR @0x1000697] MEM[0x2003f3e] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f3e ← 0x00 [XOR @0x1000697] MEM[0x2003f3f] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f3f ← 0x02 [XOR @0x1000697] MEM[0x2003f40] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f40 ← 0x31 [XOR @0x1000697] MEM[0x2003f41] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f41 ← 0x00 [XOR @0x1000697] MEM[0x2003f42] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f42 ← 0x31 [XOR @0x1000697] MEM[0x2003f43] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f43 ← 0x01 [XOR @0x1000697] MEM[0x2003f44] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f44 ← 0x33 [XOR @0x1000697] MEM[0x2003f45] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f45 ← 0x30 [XOR @0x1000697] MEM[0x2003f46] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f46 ← 0x30 [XOR @0x1000697] MEM[0x2003f47] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f47 ← 0x33 [XOR @0x1000697] MEM[0x2003f48] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f48 ← 0x31 [XOR @0x1000697] MEM[0x2003f49] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f49 ← 0x03 [XOR @0x1000697] MEM[0x2003f4a] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f4a ← 0x00 [XOR @0x1000697] MEM[0x2003f4b] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f4b ← 0x33 [STATE] ESI ← 0x4C [HOOK MOV] @0x010012e0: mov esi, 0x20 [XOR @0x10012f6] MEM[0x2003f20] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x010012fc: cmp esi, 0x41 [XOR @0x10012f6] MEM[0x2003f21] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x32 [XOR @0x10012f6] MEM[0x2003f22] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x00 [XOR @0x10012f6] MEM[0x2003f23] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x01 [XOR @0x10012f6] MEM[0x2003f24] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x00 [XOR @0x10012f6] MEM[0x2003f25] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x32 [XOR @0x10012f6] MEM[0x2003f26] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x31 [XOR @0x10012f6] MEM[0x2003f27] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10012f6] MEM[0x2003f28] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10012f6] MEM[0x2003f29] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f29 ← 0x03 [XOR @0x10012f6] MEM[0x2003f2a] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x00 [XOR @0x10012f6] MEM[0x2003f2b] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x02 [XOR @0x10012f6] MEM[0x2003f2c] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x32 [XOR @0x10012f6] MEM[0x2003f2d] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x01 [XOR @0x10012f6] MEM[0x2003f2e] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2e ← 0x32 [XOR @0x10012f6] MEM[0x2003f2f] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x30 [XOR @0x10012f6] MEM[0x2003f30] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x00 [XOR @0x10012f6] MEM[0x2003f31] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f31 ← 0x02 [XOR @0x10012f6] MEM[0x2003f32] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f32 ← 0x31 [XOR @0x10012f6] MEM[0x2003f33] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x30 [XOR @0x10012f6] MEM[0x2003f34] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x01 [XOR @0x10012f6] MEM[0x2003f35] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x02 [XOR @0x10012f6] MEM[0x2003f36] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f36 ← 0x02 [XOR @0x10012f6] MEM[0x2003f37] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x03 [XOR @0x10012f6] MEM[0x2003f38] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f38 ← 0x00 [XOR @0x10012f6] MEM[0x2003f39] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x01 [XOR @0x10012f6] MEM[0x2003f3a] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f3a ← 0x31 [XOR @0x10012f6] MEM[0x2003f3b] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f3b ← 0x33 [XOR @0x10012f6] MEM[0x2003f3c] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f3c ← 0x32 [XOR @0x10012f6] MEM[0x2003f3d] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f3d ← 0x00 [XOR @0x10012f6] MEM[0x2003f3e] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x30 [XOR @0x10012f6] MEM[0x2003f3f] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f3f ← 0x02 [XOR @0x10012f6] MEM[0x2003f40] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f40 ← 0x33 [STATE] ESI ← 0x0D [HOOK MOV] @0x01000429: mov esi, 0x13 [HOOK MOV] @0x0100042e: mov esi, 0xae4c415d [XOR @0x1000450] MEM[0x2003f20] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000456: cmp esi, 0x27 [XOR @0x1000450] MEM[0x2003f21] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x33 [XOR @0x1000450] MEM[0x2003f22] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000450] MEM[0x2003f23] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x03 [XOR @0x1000450] MEM[0x2003f24] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x03 [XOR @0x1000450] MEM[0x2003f25] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x32 [XOR @0x1000450] MEM[0x2003f26] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x30 [XOR @0x1000450] MEM[0x2003f27] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1000450] MEM[0x2003f28] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x02 [XOR @0x1000450] MEM[0x2003f29] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x31 [XOR @0x1000450] MEM[0x2003f2a] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000450] MEM[0x2003f2b] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000450] MEM[0x2003f2c] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x30 [XOR @0x1000450] MEM[0x2003f2d] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x32 [XOR @0x1000450] MEM[0x2003f2e] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2e ← 0x32 [XOR @0x1000450] MEM[0x2003f2f] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x01 [XOR @0x1000450] MEM[0x2003f30] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1000450] MEM[0x2003f31] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1000450] MEM[0x2003f32] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x01 [XOR @0x1000450] MEM[0x2003f33] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x00 [STATE] ESI ← 0x23 [HOOK MOV] @0x01000edd: mov esi, 0xc [XOR @0x1000ef1] MEM[0x2003f20] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01000ef7: cmp esi, 0x19 [XOR @0x1000ef1] MEM[0x2003f21] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f21 ← 0x01 [XOR @0x1000ef1] MEM[0x2003f22] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x30 [XOR @0x1000ef1] MEM[0x2003f23] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f23 ← 0x02 [XOR @0x1000ef1] MEM[0x2003f24] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f24 ← 0x02 [XOR @0x1000ef1] MEM[0x2003f25] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1000ef1] MEM[0x2003f26] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1000ef1] MEM[0x2003f27] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1000ef1] MEM[0x2003f28] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x03 [XOR @0x1000ef1] MEM[0x2003f29] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x33 [XOR @0x1000ef1] MEM[0x2003f2a] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x02 [XOR @0x1000ef1] MEM[0x2003f2b] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x31 [XOR @0x1000ef1] MEM[0x2003f2c] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x30 [STATE] ESI ← 0x34 [HOOK MOV] @0x0100070c: mov esi, 0x2d [HOOK MOV] @0x01000711: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01000727: cmp esi, 0x5b [WRITE] @0x2003f21 ← 0x01 [WRITE] @0x2003f22 ← 0x30 [WRITE] @0x2003f23 ← 0x03 [WRITE] @0x2003f24 ← 0x32 [WRITE] @0x2003f25 ← 0x00 [WRITE] @0x2003f26 ← 0x03 [WRITE] @0x2003f27 ← 0x01 [WRITE] @0x2003f28 ← 0x00 [WRITE] @0x2003f29 ← 0x32 [WRITE] @0x2003f2a ← 0x02 [WRITE] @0x2003f2b ← 0x03 [WRITE] @0x2003f2c ← 0x32 [WRITE] @0x2003f2d ← 0x31 [WRITE] @0x2003f2e ← 0x00 [WRITE] @0x2003f2f ← 0x30 [WRITE] @0x2003f30 ← 0x01 [WRITE] @0x2003f31 ← 0x01 [WRITE] @0x2003f32 ← 0x00 [WRITE] @0x2003f33 ← 0x01 [WRITE] @0x2003f34 ← 0x01 [WRITE] @0x2003f35 ← 0x03 [WRITE] @0x2003f36 ← 0x03 [WRITE] @0x2003f37 ← 0x00 [WRITE] @0x2003f38 ← 0x03 [WRITE] @0x2003f39 ← 0x01 [WRITE] @0x2003f3a ← 0x32 [WRITE] @0x2003f3b ← 0x32 [WRITE] @0x2003f3c ← 0x00 [WRITE] @0x2003f3d ← 0x32 [WRITE] @0x2003f3e ← 0x30 [WRITE] @0x2003f3f ← 0x30 [WRITE] @0x2003f40 ← 0x03 [WRITE] @0x2003f41 ← 0x30 [WRITE] @0x2003f42 ← 0x32 [WRITE] @0x2003f43 ← 0x31 [WRITE] @0x2003f44 ← 0x01 [WRITE] @0x2003f45 ← 0x01 [WRITE] @0x2003f46 ← 0x31 [WRITE] @0x2003f47 ← 0x32 [WRITE] @0x2003f48 ← 0x00 [WRITE] @0x2003f49 ← 0x31 [WRITE] @0x2003f4a ← 0x00 [WRITE] @0x2003f4b ← 0x02 [WRITE] @0x2003f4c ← 0x00 [WRITE] @0x2003f4d ← 0x02 [STATE] ESI ← 0x49 [HOOK MOV] @0x01000907: mov esi, 0x24 [XOR @0x100091b] MEM[0x2003f20] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x01000921: cmp esi, 0x49 [XOR @0x100091b] MEM[0x2003f21] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x00 [XOR @0x100091b] MEM[0x2003f22] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f22 ← 0x01 [XOR @0x100091b] MEM[0x2003f23] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f23 ← 0x31 [XOR @0x100091b] MEM[0x2003f24] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x32 [XOR @0x100091b] MEM[0x2003f25] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x31 [XOR @0x100091b] MEM[0x2003f26] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f26 ← 0x03 [XOR @0x100091b] MEM[0x2003f27] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x03 [XOR @0x100091b] MEM[0x2003f28] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x00 [XOR @0x100091b] MEM[0x2003f29] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x30 [XOR @0x100091b] MEM[0x2003f2a] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2a ← 0x02 [XOR @0x100091b] MEM[0x2003f2b] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x02 [XOR @0x100091b] MEM[0x2003f2c] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x32 [XOR @0x100091b] MEM[0x2003f2d] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x30 [XOR @0x100091b] MEM[0x2003f2e] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x31 [XOR @0x100091b] MEM[0x2003f2f] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x02 [XOR @0x100091b] MEM[0x2003f30] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x30 [XOR @0x100091b] MEM[0x2003f31] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x02 [XOR @0x100091b] MEM[0x2003f32] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x03 [XOR @0x100091b] MEM[0x2003f33] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x01 [XOR @0x100091b] MEM[0x2003f34] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x31 [XOR @0x100091b] MEM[0x2003f35] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f35 ← 0x01 [XOR @0x100091b] MEM[0x2003f36] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x01 [XOR @0x100091b] MEM[0x2003f37] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x32 [XOR @0x100091b] MEM[0x2003f38] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f38 ← 0x33 [XOR @0x100091b] MEM[0x2003f39] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x30 [XOR @0x100091b] MEM[0x2003f3a] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f3a ← 0x30 [XOR @0x100091b] MEM[0x2003f3b] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f3b ← 0x02 [XOR @0x100091b] MEM[0x2003f3c] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x02 [XOR @0x100091b] MEM[0x2003f3d] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f3d ← 0x31 [XOR @0x100091b] MEM[0x2003f3e] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f3e ← 0x31 [XOR @0x100091b] MEM[0x2003f3f] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f3f ← 0x01 [XOR @0x100091b] MEM[0x2003f40] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f40 ← 0x02 [XOR @0x100091b] MEM[0x2003f41] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f41 ← 0x31 [XOR @0x100091b] MEM[0x2003f42] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f42 ← 0x00 [XOR @0x100091b] MEM[0x2003f43] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f43 ← 0x02 [XOR @0x100091b] MEM[0x2003f44] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f44 ← 0x31 [STATE] ESI ← 0x43 [HOOK MOV] @0x01000f66: mov esi, 0x23 [HOOK MOV] @0x01000f6b: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01000f81: cmp esi, 0x47 [WRITE] @0x2003f21 ← 0x31 [WRITE] @0x2003f22 ← 0x00 [WRITE] @0x2003f23 ← 0x00 [WRITE] @0x2003f24 ← 0x00 [WRITE] @0x2003f25 ← 0x31 [WRITE] @0x2003f26 ← 0x32 [WRITE] @0x2003f27 ← 0x03 [WRITE] @0x2003f28 ← 0x02 [WRITE] @0x2003f29 ← 0x30 [WRITE] @0x2003f2a ← 0x00 [WRITE] @0x2003f2b ← 0x02 [WRITE] @0x2003f2c ← 0x31 [WRITE] @0x2003f2d ← 0x01 [WRITE] @0x2003f2e ← 0x31 [WRITE] @0x2003f2f ← 0x02 [WRITE] @0x2003f30 ← 0x30 [WRITE] @0x2003f31 ← 0x33 [WRITE] @0x2003f32 ← 0x31 [WRITE] @0x2003f33 ← 0x02 [WRITE] @0x2003f34 ← 0x33 [WRITE] @0x2003f35 ← 0x31 [WRITE] @0x2003f36 ← 0x01 [WRITE] @0x2003f37 ← 0x30 [WRITE] @0x2003f38 ← 0x02 [WRITE] @0x2003f39 ← 0x31 [WRITE] @0x2003f3a ← 0x01 [WRITE] @0x2003f3b ← 0x00 [WRITE] @0x2003f3c ← 0x32 [WRITE] @0x2003f3d ← 0x02 [WRITE] @0x2003f3e ← 0x00 [WRITE] @0x2003f3f ← 0x03 [WRITE] @0x2003f40 ← 0x31 [WRITE] @0x2003f41 ← 0x00 [WRITE] @0x2003f42 ← 0x01 [WRITE] @0x2003f43 ← 0x32 [STATE] ESI ← 0x28 [HOOK MOV] @0x01000b64: mov esi, 0x16 [XOR @0x1000b78] MEM[0x2003f20] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x02 [HOOK CMP] @0x01000b7e: cmp esi, 0x2d [XOR @0x1000b78] MEM[0x2003f21] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x01 [XOR @0x1000b78] MEM[0x2003f22] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000b78] MEM[0x2003f23] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1000b78] MEM[0x2003f24] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x01 [XOR @0x1000b78] MEM[0x2003f25] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f25 ← 0x31 [XOR @0x1000b78] MEM[0x2003f26] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1000b78] MEM[0x2003f27] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1000b78] MEM[0x2003f28] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x02 [XOR @0x1000b78] MEM[0x2003f29] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f29 ← 0x33 [XOR @0x1000b78] MEM[0x2003f2a] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1000b78] MEM[0x2003f2b] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x02 [XOR @0x1000b78] MEM[0x2003f2c] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f2c ← 0x30 [XOR @0x1000b78] MEM[0x2003f2d] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1000b78] MEM[0x2003f2e] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x00 [XOR @0x1000b78] MEM[0x2003f2f] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f2f ← 0x03 [XOR @0x1000b78] MEM[0x2003f30] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1000b78] MEM[0x2003f31] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000b78] MEM[0x2003f32] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x31 [XOR @0x1000b78] MEM[0x2003f33] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f33 ← 0x33 [XOR @0x1000b78] MEM[0x2003f34] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x33 [XOR @0x1000b78] MEM[0x2003f35] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x33 [XOR @0x1000b78] MEM[0x2003f36] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x01 [STATE] ESI ← 0x30 [HOOK MOV] @0x01000c78: mov esi, 0x2b [XOR @0x1000c8c] MEM[0x2003f20] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01000c92: cmp esi, 0x57 [XOR @0x1000c8c] MEM[0x2003f21] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f22] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x00 [XOR @0x1000c8c] MEM[0x2003f23] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f24] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f25] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f25 ← 0x30 [XOR @0x1000c8c] MEM[0x2003f26] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x00 [XOR @0x1000c8c] MEM[0x2003f27] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000c8c] MEM[0x2003f28] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x03 [XOR @0x1000c8c] MEM[0x2003f29] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x03 [XOR @0x1000c8c] MEM[0x2003f2a] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1000c8c] MEM[0x2003f2b] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000c8c] MEM[0x2003f2c] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1000c8c] MEM[0x2003f2d] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x30 [XOR @0x1000c8c] MEM[0x2003f2e] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x31 [XOR @0x1000c8c] MEM[0x2003f2f] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f2f ← 0x31 [XOR @0x1000c8c] MEM[0x2003f30] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000c8c] MEM[0x2003f31] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f32] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x00 [XOR @0x1000c8c] MEM[0x2003f33] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f33 ← 0x02 [XOR @0x1000c8c] MEM[0x2003f34] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f35] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x02 [XOR @0x1000c8c] MEM[0x2003f36] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f37] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f37 ← 0x32 [XOR @0x1000c8c] MEM[0x2003f38] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f38 ← 0x03 [XOR @0x1000c8c] MEM[0x2003f39] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f39 ← 0x33 [XOR @0x1000c8c] MEM[0x2003f3a] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x00 [XOR @0x1000c8c] MEM[0x2003f3b] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f3b ← 0x32 [XOR @0x1000c8c] MEM[0x2003f3c] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f3c ← 0x31 [XOR @0x1000c8c] MEM[0x2003f3d] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f3d ← 0x31 [XOR @0x1000c8c] MEM[0x2003f3e] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x00 [XOR @0x1000c8c] MEM[0x2003f3f] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f3f ← 0x31 [XOR @0x1000c8c] MEM[0x2003f40] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f40 ← 0x00 [XOR @0x1000c8c] MEM[0x2003f41] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f41 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f42] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f42 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f43] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f43 ← 0x03 [XOR @0x1000c8c] MEM[0x2003f44] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f44 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f45] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f45 ← 0x30 [XOR @0x1000c8c] MEM[0x2003f46] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f46 ← 0x30 [XOR @0x1000c8c] MEM[0x2003f47] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f47 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f48] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f48 ← 0x31 [XOR @0x1000c8c] MEM[0x2003f49] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f49 ← 0x01 [XOR @0x1000c8c] MEM[0x2003f4a] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f4a ← 0x30 [XOR @0x1000c8c] MEM[0x2003f4b] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f4b ← 0x33 [STATE] ESI ← 0x33 [HOOK MOV] @0x010014e2: mov esi, 0x18 [XOR @0x10014f6] MEM[0x2003f20] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x010014fc: cmp esi, 0x31 [XOR @0x10014f6] MEM[0x2003f21] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x32 [XOR @0x10014f6] MEM[0x2003f22] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x00 [XOR @0x10014f6] MEM[0x2003f23] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x03 [XOR @0x10014f6] MEM[0x2003f24] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x30 [XOR @0x10014f6] MEM[0x2003f25] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x01 [XOR @0x10014f6] MEM[0x2003f26] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x00 [XOR @0x10014f6] MEM[0x2003f27] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x01 [XOR @0x10014f6] MEM[0x2003f28] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x03 [XOR @0x10014f6] MEM[0x2003f29] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x32 [XOR @0x10014f6] MEM[0x2003f2a] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x30 [XOR @0x10014f6] MEM[0x2003f2b] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x31 [XOR @0x10014f6] MEM[0x2003f2c] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x02 [XOR @0x10014f6] MEM[0x2003f2d] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f2d ← 0x00 [XOR @0x10014f6] MEM[0x2003f2e] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x01 [XOR @0x10014f6] MEM[0x2003f2f] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x00 [XOR @0x10014f6] MEM[0x2003f30] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x03 [XOR @0x10014f6] MEM[0x2003f31] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x30 [XOR @0x10014f6] MEM[0x2003f32] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x30 [XOR @0x10014f6] MEM[0x2003f33] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f33 ← 0x31 [XOR @0x10014f6] MEM[0x2003f34] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x01 [XOR @0x10014f6] MEM[0x2003f35] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f35 ← 0x00 [XOR @0x10014f6] MEM[0x2003f36] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x01 [XOR @0x10014f6] MEM[0x2003f37] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x31 [XOR @0x10014f6] MEM[0x2003f38] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f38 ← 0x31 [STATE] ESI ← 0x4A [HOOK MOV] @0x01000624: mov esi, 0x1b [HOOK MOV] @0x01000629: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x0100063f: cmp esi, 0x37 [WRITE] @0x2003f21 ← 0x03 [WRITE] @0x2003f22 ← 0x31 [WRITE] @0x2003f23 ← 0x03 [WRITE] @0x2003f24 ← 0x01 [WRITE] @0x2003f25 ← 0x01 [WRITE] @0x2003f26 ← 0x31 [WRITE] @0x2003f27 ← 0x00 [WRITE] @0x2003f28 ← 0x00 [WRITE] @0x2003f29 ← 0x03 [WRITE] @0x2003f2a ← 0x00 [WRITE] @0x2003f2b ← 0x01 [WRITE] @0x2003f2c ← 0x33 [WRITE] @0x2003f2d ← 0x31 [WRITE] @0x2003f2e ← 0x00 [WRITE] @0x2003f2f ← 0x30 [WRITE] @0x2003f30 ← 0x30 [WRITE] @0x2003f31 ← 0x30 [WRITE] @0x2003f32 ← 0x32 [WRITE] @0x2003f33 ← 0x31 [WRITE] @0x2003f34 ← 0x30 [WRITE] @0x2003f35 ← 0x03 [WRITE] @0x2003f36 ← 0x30 [WRITE] @0x2003f37 ← 0x32 [WRITE] @0x2003f38 ← 0x30 [WRITE] @0x2003f39 ← 0x32 [WRITE] @0x2003f3a ← 0x31 [WRITE] @0x2003f3b ← 0x32 [STATE] ESI ← 0x0B [HOOK MOV] @0x010009c3: mov esi, 0x8 [XOR @0x10009d7] MEM[0x2003f20] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x010009dd: cmp esi, 0x11 [XOR @0x10009d7] MEM[0x2003f21] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x00 [XOR @0x10009d7] MEM[0x2003f22] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x31 [XOR @0x10009d7] MEM[0x2003f23] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10009d7] MEM[0x2003f24] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x32 [XOR @0x10009d7] MEM[0x2003f25] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x30 [XOR @0x10009d7] MEM[0x2003f26] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x31 [XOR @0x10009d7] MEM[0x2003f27] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10009d7] MEM[0x2003f28] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f28 ← 0x30 [STATE] ESI ← 0x4B [HOOK MOV] @0x010013cd: mov esi, 0x6 [XOR @0x10013e1] MEM[0x2003f20] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x010013e7: cmp esi, 0xd [XOR @0x10013e1] MEM[0x2003f21] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x30 [XOR @0x10013e1] MEM[0x2003f22] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x01 [XOR @0x10013e1] MEM[0x2003f23] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x01 [XOR @0x10013e1] MEM[0x2003f24] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x32 [XOR @0x10013e1] MEM[0x2003f25] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f25 ← 0x31 [XOR @0x10013e1] MEM[0x2003f26] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x02 [STATE] ESI ← 0x32 [HOOK MOV] @0x01000fc5: mov esi, 0x13 [XOR @0x1000fd9] MEM[0x2003f20] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01000fdf: cmp esi, 0x27 [XOR @0x1000fd9] MEM[0x2003f21] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000fd9] MEM[0x2003f22] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000fd9] MEM[0x2003f23] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1000fd9] MEM[0x2003f24] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x00 [XOR @0x1000fd9] MEM[0x2003f25] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1000fd9] MEM[0x2003f26] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f26 ← 0x30 [XOR @0x1000fd9] MEM[0x2003f27] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1000fd9] MEM[0x2003f28] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f28 ← 0x02 [XOR @0x1000fd9] MEM[0x2003f29] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x32 [XOR @0x1000fd9] MEM[0x2003f2a] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1000fd9] MEM[0x2003f2b] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x01 [XOR @0x1000fd9] MEM[0x2003f2c] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000fd9] MEM[0x2003f2d] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x31 [XOR @0x1000fd9] MEM[0x2003f2e] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2e ← 0x31 [XOR @0x1000fd9] MEM[0x2003f2f] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x31 [XOR @0x1000fd9] MEM[0x2003f30] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x33 [XOR @0x1000fd9] MEM[0x2003f31] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000fd9] MEM[0x2003f32] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x02 [XOR @0x1000fd9] MEM[0x2003f33] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f33 ← 0x01 [STATE] ESI ← 0x24 [HOOK MOV] @0x01000384: mov esi, 0x26 [XOR @0x1000398] MEM[0x2003f20] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x0100039e: cmp esi, 0x4d [XOR @0x1000398] MEM[0x2003f21] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1000398] MEM[0x2003f22] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x33 [XOR @0x1000398] MEM[0x2003f23] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x30 [XOR @0x1000398] MEM[0x2003f24] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x30 [XOR @0x1000398] MEM[0x2003f25] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x32 [XOR @0x1000398] MEM[0x2003f26] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x30 [XOR @0x1000398] MEM[0x2003f27] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1000398] MEM[0x2003f28] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x02 [XOR @0x1000398] MEM[0x2003f29] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x33 [XOR @0x1000398] MEM[0x2003f2a] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000398] MEM[0x2003f2b] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000398] MEM[0x2003f2c] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1000398] MEM[0x2003f2d] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000398] MEM[0x2003f2e] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1000398] MEM[0x2003f2f] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2f ← 0x01 [XOR @0x1000398] MEM[0x2003f30] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f30 ← 0x30 [XOR @0x1000398] MEM[0x2003f31] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x03 [XOR @0x1000398] MEM[0x2003f32] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x31 [XOR @0x1000398] MEM[0x2003f33] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x01 [XOR @0x1000398] MEM[0x2003f34] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f34 ← 0x02 [XOR @0x1000398] MEM[0x2003f35] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f35 ← 0x31 [XOR @0x1000398] MEM[0x2003f36] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f36 ← 0x31 [XOR @0x1000398] MEM[0x2003f37] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x31 [XOR @0x1000398] MEM[0x2003f38] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f38 ← 0x31 [XOR @0x1000398] MEM[0x2003f39] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f39 ← 0x02 [XOR @0x1000398] MEM[0x2003f3a] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f3a ← 0x32 [XOR @0x1000398] MEM[0x2003f3b] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f3b ← 0x03 [XOR @0x1000398] MEM[0x2003f3c] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1000398] MEM[0x2003f3d] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3d ← 0x33 [XOR @0x1000398] MEM[0x2003f3e] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x31 [XOR @0x1000398] MEM[0x2003f3f] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f3f ← 0x00 [XOR @0x1000398] MEM[0x2003f40] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f40 ← 0x31 [XOR @0x1000398] MEM[0x2003f41] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f41 ← 0x00 [XOR @0x1000398] MEM[0x2003f42] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f42 ← 0x03 [XOR @0x1000398] MEM[0x2003f43] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f43 ← 0x31 [XOR @0x1000398] MEM[0x2003f44] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f44 ← 0x32 [XOR @0x1000398] MEM[0x2003f45] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f45 ← 0x00 [XOR @0x1000398] MEM[0x2003f46] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f46 ← 0x03 [STATE] ESI ← 0x51 [HOOK MOV] @0x01000de8: mov esi, 0x15 [XOR @0x1000dfc] MEM[0x2003f20] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000e02: cmp esi, 0x2b [XOR @0x1000dfc] MEM[0x2003f21] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000dfc] MEM[0x2003f22] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000dfc] MEM[0x2003f23] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x01 [XOR @0x1000dfc] MEM[0x2003f24] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1000dfc] MEM[0x2003f25] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1000dfc] MEM[0x2003f26] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x33 [XOR @0x1000dfc] MEM[0x2003f27] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x33 [XOR @0x1000dfc] MEM[0x2003f28] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1000dfc] MEM[0x2003f29] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1000dfc] MEM[0x2003f2a] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000dfc] MEM[0x2003f2b] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x03 [XOR @0x1000dfc] MEM[0x2003f2c] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1000dfc] MEM[0x2003f2d] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x02 [XOR @0x1000dfc] MEM[0x2003f2e] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2e ← 0x32 [XOR @0x1000dfc] MEM[0x2003f2f] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1000dfc] MEM[0x2003f30] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x30 [XOR @0x1000dfc] MEM[0x2003f31] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f31 ← 0x00 [XOR @0x1000dfc] MEM[0x2003f32] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x00 [XOR @0x1000dfc] MEM[0x2003f33] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x30 [XOR @0x1000dfc] MEM[0x2003f34] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x03 [XOR @0x1000dfc] MEM[0x2003f35] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x01 [STATE] ESI ← 0x4D [HOOK MOV] @0x0100116c: mov esi, 0x1d [XOR @0x1001180] MEM[0x2003f20] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01001186: cmp esi, 0x3b [XOR @0x1001180] MEM[0x2003f21] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1001180] MEM[0x2003f22] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1001180] MEM[0x2003f23] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x30 [XOR @0x1001180] MEM[0x2003f24] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1001180] MEM[0x2003f25] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1001180] MEM[0x2003f26] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x02 [XOR @0x1001180] MEM[0x2003f27] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1001180] MEM[0x2003f28] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1001180] MEM[0x2003f29] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f29 ← 0x01 [XOR @0x1001180] MEM[0x2003f2a] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1001180] MEM[0x2003f2b] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1001180] MEM[0x2003f2c] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1001180] MEM[0x2003f2d] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x32 [XOR @0x1001180] MEM[0x2003f2e] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f2e ← 0x01 [XOR @0x1001180] MEM[0x2003f2f] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1001180] MEM[0x2003f30] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1001180] MEM[0x2003f31] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f31 ← 0x00 [XOR @0x1001180] MEM[0x2003f32] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f32 ← 0x03 [XOR @0x1001180] MEM[0x2003f33] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x01 [XOR @0x1001180] MEM[0x2003f34] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1001180] MEM[0x2003f35] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f35 ← 0x31 [XOR @0x1001180] MEM[0x2003f36] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f36 ← 0x03 [XOR @0x1001180] MEM[0x2003f37] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f37 ← 0x32 [XOR @0x1001180] MEM[0x2003f38] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f38 ← 0x33 [XOR @0x1001180] MEM[0x2003f39] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f39 ← 0x03 [XOR @0x1001180] MEM[0x2003f3a] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f3a ← 0x03 [XOR @0x1001180] MEM[0x2003f3b] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f3b ← 0x02 [XOR @0x1001180] MEM[0x2003f3c] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f3c ← 0x01 [XOR @0x1001180] MEM[0x2003f3d] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f3d ← 0x01 [STATE] ESI ← 0x64 [HOOK MOV] @0x01000a50: mov esi, 0x16 [XOR @0x1000a64] MEM[0x2003f20] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01000a6a: cmp esi, 0x2d [XOR @0x1000a64] MEM[0x2003f21] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x03 [XOR @0x1000a64] MEM[0x2003f22] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x31 [XOR @0x1000a64] MEM[0x2003f23] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x33 [XOR @0x1000a64] MEM[0x2003f24] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x31 [XOR @0x1000a64] MEM[0x2003f25] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1000a64] MEM[0x2003f26] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f26 ← 0x03 [XOR @0x1000a64] MEM[0x2003f27] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x00 [XOR @0x1000a64] MEM[0x2003f28] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x00 [XOR @0x1000a64] MEM[0x2003f29] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x01 [XOR @0x1000a64] MEM[0x2003f2a] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x00 [XOR @0x1000a64] MEM[0x2003f2b] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x32 [XOR @0x1000a64] MEM[0x2003f2c] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x30 [XOR @0x1000a64] MEM[0x2003f2d] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2d ← 0x03 [XOR @0x1000a64] MEM[0x2003f2e] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f2e ← 0x33 [XOR @0x1000a64] MEM[0x2003f2f] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1000a64] MEM[0x2003f30] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1000a64] MEM[0x2003f31] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1000a64] MEM[0x2003f32] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f32 ← 0x32 [XOR @0x1000a64] MEM[0x2003f33] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x00 [XOR @0x1000a64] MEM[0x2003f34] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x31 [XOR @0x1000a64] MEM[0x2003f35] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f35 ← 0x02 [XOR @0x1000a64] MEM[0x2003f36] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x03 [STATE] ESI ← 0x5A [HOOK MOV] @0x010004e9: mov esi, 0x4 [XOR @0x10004fd] MEM[0x2003f20] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01000503: cmp esi, 0x9 [XOR @0x10004fd] MEM[0x2003f21] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x02 [XOR @0x10004fd] MEM[0x2003f22] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x32 [XOR @0x10004fd] MEM[0x2003f23] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f23 ← 0x33 [XOR @0x10004fd] MEM[0x2003f24] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x31 [STATE] ESI ← 0x3A [HOOK MOV] @0x01000965: mov esi, 0x2 [XOR @0x1000979] MEM[0x2003f20] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x0100097f: cmp esi, 0x5 [XOR @0x1000979] MEM[0x2003f21] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1000979] MEM[0x2003f22] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x03 [STATE] ESI ← 0x04 [HOOK MOV] @0x01000c48: mov esi, 0xa [HOOK MOV] @0x01000c4d: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01000c63: cmp esi, 0x15 [WRITE] @0x2003f21 ← 0x03 [WRITE] @0x2003f22 ← 0x33 [WRITE] @0x2003f23 ← 0x30 [WRITE] @0x2003f24 ← 0x02 [WRITE] @0x2003f25 ← 0x32 [WRITE] @0x2003f26 ← 0x32 [WRITE] @0x2003f27 ← 0x31 [WRITE] @0x2003f28 ← 0x32 [WRITE] @0x2003f29 ← 0x01 [WRITE] @0x2003f2a ← 0x31 [STATE] ESI ← 0x26 [HOOK MOV] @0x0100087a: mov esi, 0x9 [XOR @0x100088e] MEM[0x2003f20] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x02 [HOOK CMP] @0x01000894: cmp esi, 0x13 [XOR @0x100088e] MEM[0x2003f21] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x32 [XOR @0x100088e] MEM[0x2003f22] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x01 [XOR @0x100088e] MEM[0x2003f23] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x00 [XOR @0x100088e] MEM[0x2003f24] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x01 [XOR @0x100088e] MEM[0x2003f25] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x01 [XOR @0x100088e] MEM[0x2003f26] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x01 [XOR @0x100088e] MEM[0x2003f27] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x00 [XOR @0x100088e] MEM[0x2003f28] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x03 [XOR @0x100088e] MEM[0x2003f29] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x33 [STATE] ESI ← 0x35 [HOOK MOV] @0x01000b35: mov esi, 0x24 [XOR @0x1000b49] MEM[0x2003f20] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000b4f: cmp esi, 0x49 [XOR @0x1000b49] MEM[0x2003f21] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1000b49] MEM[0x2003f22] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000b49] MEM[0x2003f23] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1000b49] MEM[0x2003f24] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x30 [XOR @0x1000b49] MEM[0x2003f25] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1000b49] MEM[0x2003f26] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1000b49] MEM[0x2003f27] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f27 ← 0x33 [XOR @0x1000b49] MEM[0x2003f28] 0x03 ^ AL(0x00) → 0x03 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x03 [XOR @0x1000b49] MEM[0x2003f29] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x31 [XOR @0x1000b49] MEM[0x2003f2a] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1000b49] MEM[0x2003f2b] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x02 [XOR @0x1000b49] MEM[0x2003f2c] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000b49] MEM[0x2003f2d] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000b49] MEM[0x2003f2e] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x02 [XOR @0x1000b49] MEM[0x2003f2f] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x03 [XOR @0x1000b49] MEM[0x2003f30] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1000b49] MEM[0x2003f31] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x00 [XOR @0x1000b49] MEM[0x2003f32] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f32 ← 0x01 [XOR @0x1000b49] MEM[0x2003f33] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x03 [XOR @0x1000b49] MEM[0x2003f34] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f34 ← 0x00 [XOR @0x1000b49] MEM[0x2003f35] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f35 ← 0x33 [XOR @0x1000b49] MEM[0x2003f36] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f36 ← 0x01 [XOR @0x1000b49] MEM[0x2003f37] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x30 [XOR @0x1000b49] MEM[0x2003f38] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f38 ← 0x32 [XOR @0x1000b49] MEM[0x2003f39] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f39 ← 0x01 [XOR @0x1000b49] MEM[0x2003f3a] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f3a ← 0x00 [XOR @0x1000b49] MEM[0x2003f3b] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000b49] MEM[0x2003f3c] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f3c ← 0x01 [XOR @0x1000b49] MEM[0x2003f3d] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f3d ← 0x00 [XOR @0x1000b49] MEM[0x2003f3e] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f3e ← 0x32 [XOR @0x1000b49] MEM[0x2003f3f] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f3f ← 0x00 [XOR @0x1000b49] MEM[0x2003f40] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f40 ← 0x02 [XOR @0x1000b49] MEM[0x2003f41] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f41 ← 0x01 [XOR @0x1000b49] MEM[0x2003f42] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f42 ← 0x33 [XOR @0x1000b49] MEM[0x2003f43] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f43 ← 0x03 [XOR @0x1000b49] MEM[0x2003f44] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f44 ← 0x33 [STATE] ESI ← 0x46 [HOOK MOV] @0x01000f96: mov esi, 0x2c [XOR @0x1000faa] MEM[0x2003f20] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000fb0: cmp esi, 0x59 [XOR @0x1000faa] MEM[0x2003f21] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x30 [XOR @0x1000faa] MEM[0x2003f22] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1000faa] MEM[0x2003f23] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x01 [XOR @0x1000faa] MEM[0x2003f24] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x00 [XOR @0x1000faa] MEM[0x2003f25] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x02 [XOR @0x1000faa] MEM[0x2003f26] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x30 [XOR @0x1000faa] MEM[0x2003f27] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x33 [XOR @0x1000faa] MEM[0x2003f28] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1000faa] MEM[0x2003f29] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x01 [XOR @0x1000faa] MEM[0x2003f2a] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x02 [XOR @0x1000faa] MEM[0x2003f2b] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f2b ← 0x03 [XOR @0x1000faa] MEM[0x2003f2c] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x03 [XOR @0x1000faa] MEM[0x2003f2d] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x03 [XOR @0x1000faa] MEM[0x2003f2e] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2e ← 0x01 [XOR @0x1000faa] MEM[0x2003f2f] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f2f ← 0x00 [XOR @0x1000faa] MEM[0x2003f30] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000faa] MEM[0x2003f31] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000faa] MEM[0x2003f32] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f32 ← 0x01 [XOR @0x1000faa] MEM[0x2003f33] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f33 ← 0x31 [XOR @0x1000faa] MEM[0x2003f34] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1000faa] MEM[0x2003f35] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x32 [XOR @0x1000faa] MEM[0x2003f36] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x30 [XOR @0x1000faa] MEM[0x2003f37] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f37 ← 0x31 [XOR @0x1000faa] MEM[0x2003f38] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f38 ← 0x00 [XOR @0x1000faa] MEM[0x2003f39] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f39 ← 0x31 [XOR @0x1000faa] MEM[0x2003f3a] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f3a ← 0x31 [XOR @0x1000faa] MEM[0x2003f3b] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000faa] MEM[0x2003f3c] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f3c ← 0x30 [XOR @0x1000faa] MEM[0x2003f3d] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f3d ← 0x31 [XOR @0x1000faa] MEM[0x2003f3e] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f3e ← 0x01 [XOR @0x1000faa] MEM[0x2003f3f] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f3f ← 0x30 [XOR @0x1000faa] MEM[0x2003f40] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f40 ← 0x33 [XOR @0x1000faa] MEM[0x2003f41] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f41 ← 0x00 [XOR @0x1000faa] MEM[0x2003f42] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f42 ← 0x03 [XOR @0x1000faa] MEM[0x2003f43] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f43 ← 0x30 [XOR @0x1000faa] MEM[0x2003f44] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f44 ← 0x33 [XOR @0x1000faa] MEM[0x2003f45] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f45 ← 0x03 [XOR @0x1000faa] MEM[0x2003f46] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f46 ← 0x33 [XOR @0x1000faa] MEM[0x2003f47] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f47 ← 0x02 [XOR @0x1000faa] MEM[0x2003f48] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f48 ← 0x32 [XOR @0x1000faa] MEM[0x2003f49] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f49 ← 0x32 [XOR @0x1000faa] MEM[0x2003f4a] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f4a ← 0x32 [XOR @0x1000faa] MEM[0x2003f4b] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f4b ← 0x01 [XOR @0x1000faa] MEM[0x2003f4c] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f4c ← 0x32 [STATE] ESI ← 0x60 [HOOK MOV] @0x010015f6: mov esi, 0x2 [XOR @0x100160a] MEM[0x2003f20] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x01001610: cmp esi, 0x5 [XOR @0x100160a] MEM[0x2003f21] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x31 [XOR @0x100160a] MEM[0x2003f22] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x02 [STATE] ESI ← 0x11 [XOR @0x1000d40] MEM[0x2003f20] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x01000d46: cmp esi, 0x23 [XOR @0x1000d40] MEM[0x2003f21] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x30 [XOR @0x1000d40] MEM[0x2003f22] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x33 [XOR @0x1000d40] MEM[0x2003f23] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000d40] MEM[0x2003f24] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1000d40] MEM[0x2003f25] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x32 [XOR @0x1000d40] MEM[0x2003f26] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1000d40] MEM[0x2003f27] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x33 [XOR @0x1000d40] MEM[0x2003f28] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f28 ← 0x30 [XOR @0x1000d40] MEM[0x2003f29] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x30 [XOR @0x1000d40] MEM[0x2003f2a] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2a ← 0x31 [XOR @0x1000d40] MEM[0x2003f2b] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x33 [XOR @0x1000d40] MEM[0x2003f2c] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2c ← 0x32 [XOR @0x1000d40] MEM[0x2003f2d] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f2d ← 0x02 [XOR @0x1000d40] MEM[0x2003f2e] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f2e ← 0x31 [XOR @0x1000d40] MEM[0x2003f2f] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1000d40] MEM[0x2003f30] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000d40] MEM[0x2003f31] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x02 [STATE] ESI ← 0x07 [HOOK MOV] @0x0100156b: mov esi, 0xf [HOOK MOV] @0x01001570: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x01001586: cmp esi, 0x1f [WRITE] @0x2003f21 ← 0x02 [WRITE] @0x2003f22 ← 0x31 [WRITE] @0x2003f23 ← 0x01 [WRITE] @0x2003f24 ← 0x03 [WRITE] @0x2003f25 ← 0x33 [WRITE] @0x2003f26 ← 0x33 [WRITE] @0x2003f27 ← 0x03 [WRITE] @0x2003f28 ← 0x01 [WRITE] @0x2003f29 ← 0x30 [WRITE] @0x2003f2a ← 0x00 [WRITE] @0x2003f2b ← 0x02 [WRITE] @0x2003f2c ← 0x01 [WRITE] @0x2003f2d ← 0x32 [WRITE] @0x2003f2e ← 0x00 [WRITE] @0x2003f2f ← 0x32 [STATE] ESI ← 0x3E [HOOK MOV] @0x01000bed: mov esi, 0x22 [HOOK MOV] @0x01000bf2: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x01000c08: cmp esi, 0x45 [WRITE] @0x2003f21 ← 0x32 [WRITE] @0x2003f22 ← 0x02 [WRITE] @0x2003f23 ← 0x02 [WRITE] @0x2003f24 ← 0x30 [WRITE] @0x2003f25 ← 0x31 [WRITE] @0x2003f26 ← 0x01 [WRITE] @0x2003f27 ← 0x31 [WRITE] @0x2003f28 ← 0x33 [WRITE] @0x2003f29 ← 0x31 [WRITE] @0x2003f2a ← 0x32 [WRITE] @0x2003f2b ← 0x00 [WRITE] @0x2003f2c ← 0x01 [WRITE] @0x2003f2d ← 0x31 [WRITE] @0x2003f2e ← 0x32 [WRITE] @0x2003f2f ← 0x30 [WRITE] @0x2003f30 ← 0x30 [WRITE] @0x2003f31 ← 0x32 [WRITE] @0x2003f32 ← 0x30 [WRITE] @0x2003f33 ← 0x30 [WRITE] @0x2003f34 ← 0x30 [WRITE] @0x2003f35 ← 0x01 [WRITE] @0x2003f36 ← 0x01 [WRITE] @0x2003f37 ← 0x03 [WRITE] @0x2003f38 ← 0x00 [WRITE] @0x2003f39 ← 0x30 [WRITE] @0x2003f3a ← 0x00 [WRITE] @0x2003f3b ← 0x01 [WRITE] @0x2003f3c ← 0x00 [WRITE] @0x2003f3d ← 0x01 [WRITE] @0x2003f3e ← 0x33 [WRITE] @0x2003f3f ← 0x00 [WRITE] @0x2003f40 ← 0x03 [WRITE] @0x2003f41 ← 0x30 [WRITE] @0x2003f42 ← 0x02 [STATE] ESI ← 0x45 [HOOK MOV] @0x01001511: mov esi, 0x2 [XOR @0x1001525] MEM[0x2003f20] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x0100152b: cmp esi, 0x5 [XOR @0x1001525] MEM[0x2003f21] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x30 [XOR @0x1001525] MEM[0x2003f22] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f22 ← 0x32 [STATE] ESI ← 0x2A [HOOK MOV] @0x01000e7f: mov esi, 0x14 [XOR @0x1000e93] MEM[0x2003f20] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x01000e99: cmp esi, 0x29 [XOR @0x1000e93] MEM[0x2003f21] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x31 [XOR @0x1000e93] MEM[0x2003f22] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x33 [XOR @0x1000e93] MEM[0x2003f23] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x01 [XOR @0x1000e93] MEM[0x2003f24] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x30 [XOR @0x1000e93] MEM[0x2003f25] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1000e93] MEM[0x2003f26] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1000e93] MEM[0x2003f27] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000e93] MEM[0x2003f28] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x33 [XOR @0x1000e93] MEM[0x2003f29] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x30 [XOR @0x1000e93] MEM[0x2003f2a] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x01 [XOR @0x1000e93] MEM[0x2003f2b] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x00 [XOR @0x1000e93] MEM[0x2003f2c] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000e93] MEM[0x2003f2d] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000e93] MEM[0x2003f2e] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1000e93] MEM[0x2003f2f] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x00 [XOR @0x1000e93] MEM[0x2003f30] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f30 ← 0x03 [XOR @0x1000e93] MEM[0x2003f31] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1000e93] MEM[0x2003f32] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f32 ← 0x03 [XOR @0x1000e93] MEM[0x2003f33] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x32 [XOR @0x1000e93] MEM[0x2003f34] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f34 ← 0x02 [STATE] ESI ← 0x19 [HOOK MOV] @0x010012b5: mov esi, 0xd [XOR @0x10012c9] MEM[0x2003f20] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x010012cf: cmp esi, 0x1b [XOR @0x10012c9] MEM[0x2003f21] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x01 [XOR @0x10012c9] MEM[0x2003f22] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x33 [XOR @0x10012c9] MEM[0x2003f23] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f23 ← 0x02 [XOR @0x10012c9] MEM[0x2003f24] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f24 ← 0x01 [XOR @0x10012c9] MEM[0x2003f25] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f25 ← 0x02 [XOR @0x10012c9] MEM[0x2003f26] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x33 [XOR @0x10012c9] MEM[0x2003f27] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x32 [XOR @0x10012c9] MEM[0x2003f28] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x32 [XOR @0x10012c9] MEM[0x2003f29] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f29 ← 0x31 [XOR @0x10012c9] MEM[0x2003f2a] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x02 [XOR @0x10012c9] MEM[0x2003f2b] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x00 [XOR @0x10012c9] MEM[0x2003f2c] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x32 [XOR @0x10012c9] MEM[0x2003f2d] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x01 [STATE] ESI ← 0x4E [HOOK MOV] @0x0100119b: mov esi, 0x26 [XOR @0x10011af] MEM[0x2003f20] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x010011b5: cmp esi, 0x4d [XOR @0x10011af] MEM[0x2003f21] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f21 ← 0x03 [XOR @0x10011af] MEM[0x2003f22] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f22 ← 0x01 [XOR @0x10011af] MEM[0x2003f23] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x30 [XOR @0x10011af] MEM[0x2003f24] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f24 ← 0x33 [XOR @0x10011af] MEM[0x2003f25] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x03 [XOR @0x10011af] MEM[0x2003f26] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x01 [XOR @0x10011af] MEM[0x2003f27] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f27 ← 0x30 [XOR @0x10011af] MEM[0x2003f28] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x32 [XOR @0x10011af] MEM[0x2003f29] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x32 [XOR @0x10011af] MEM[0x2003f2a] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2a ← 0x01 [XOR @0x10011af] MEM[0x2003f2b] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f2b ← 0x01 [XOR @0x10011af] MEM[0x2003f2c] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x02 [XOR @0x10011af] MEM[0x2003f2d] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x32 [XOR @0x10011af] MEM[0x2003f2e] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x33 [XOR @0x10011af] MEM[0x2003f2f] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f2f ← 0x01 [XOR @0x10011af] MEM[0x2003f30] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f30 ← 0x33 [XOR @0x10011af] MEM[0x2003f31] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x03 [XOR @0x10011af] MEM[0x2003f32] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f32 ← 0x31 [XOR @0x10011af] MEM[0x2003f33] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x33 [XOR @0x10011af] MEM[0x2003f34] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x03 [XOR @0x10011af] MEM[0x2003f35] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f35 ← 0x03 [XOR @0x10011af] MEM[0x2003f36] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x33 [XOR @0x10011af] MEM[0x2003f37] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f37 ← 0x30 [XOR @0x10011af] MEM[0x2003f38] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f38 ← 0x01 [XOR @0x10011af] MEM[0x2003f39] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f39 ← 0x03 [XOR @0x10011af] MEM[0x2003f3a] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f3a ← 0x03 [XOR @0x10011af] MEM[0x2003f3b] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f3b ← 0x30 [XOR @0x10011af] MEM[0x2003f3c] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f3c ← 0x33 [XOR @0x10011af] MEM[0x2003f3d] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f3d ← 0x02 [XOR @0x10011af] MEM[0x2003f3e] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f3e ← 0x30 [XOR @0x10011af] MEM[0x2003f3f] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f3f ← 0x33 [XOR @0x10011af] MEM[0x2003f40] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f40 ← 0x33 [XOR @0x10011af] MEM[0x2003f41] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f41 ← 0x31 [XOR @0x10011af] MEM[0x2003f42] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f42 ← 0x01 [XOR @0x10011af] MEM[0x2003f43] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f43 ← 0x33 [XOR @0x10011af] MEM[0x2003f44] 0x33 ^ AL(0x30) → 0x03 寫入後 MEM = 0x33 [WRITE] @0x2003f44 ← 0x03 [XOR @0x10011af] MEM[0x2003f45] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f45 ← 0x30 [XOR @0x10011af] MEM[0x2003f46] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f46 ← 0x31 [STATE] ESI ← 0x22 [HOOK MOV] @0x0100139e: mov esi, 0x9 [XOR @0x10013b2] MEM[0x2003f20] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f20 ← 0x31 [HOOK CMP] @0x010013b8: cmp esi, 0x13 [XOR @0x10013b2] MEM[0x2003f21] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f21 ← 0x02 [XOR @0x10013b2] MEM[0x2003f22] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f22 ← 0x00 [XOR @0x10013b2] MEM[0x2003f23] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x32 [XOR @0x10013b2] MEM[0x2003f24] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x01 [XOR @0x10013b2] MEM[0x2003f25] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f25 ← 0x30 [XOR @0x10013b2] MEM[0x2003f26] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f26 ← 0x00 [XOR @0x10013b2] MEM[0x2003f27] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x03 [XOR @0x10013b2] MEM[0x2003f28] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x31 [XOR @0x10013b2] MEM[0x2003f29] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x03 [STATE] ESI ← 0x5F [HOOK MOV] @0x01000aaa: mov esi, 0x27 [HOOK MOV] @0x01000aaf: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x33 [HOOK CMP] @0x01000ac5: cmp esi, 0x4f [WRITE] @0x2003f21 ← 0x30 [WRITE] @0x2003f22 ← 0x32 [WRITE] @0x2003f23 ← 0x00 [WRITE] @0x2003f24 ← 0x00 [WRITE] @0x2003f25 ← 0x02 [WRITE] @0x2003f26 ← 0x02 [WRITE] @0x2003f27 ← 0x03 [WRITE] @0x2003f28 ← 0x02 [WRITE] @0x2003f29 ← 0x33 [WRITE] @0x2003f2a ← 0x33 [WRITE] @0x2003f2b ← 0x01 [WRITE] @0x2003f2c ← 0x02 [WRITE] @0x2003f2d ← 0x30 [WRITE] @0x2003f2e ← 0x31 [WRITE] @0x2003f2f ← 0x02 [WRITE] @0x2003f30 ← 0x31 [WRITE] @0x2003f31 ← 0x30 [WRITE] @0x2003f32 ← 0x02 [WRITE] @0x2003f33 ← 0x32 [WRITE] @0x2003f34 ← 0x01 [WRITE] @0x2003f35 ← 0x33 [WRITE] @0x2003f36 ← 0x02 [WRITE] @0x2003f37 ← 0x32 [WRITE] @0x2003f38 ← 0x30 [WRITE] @0x2003f39 ← 0x33 [WRITE] @0x2003f3a ← 0x01 [WRITE] @0x2003f3b ← 0x02 [WRITE] @0x2003f3c ← 0x32 [WRITE] @0x2003f3d ← 0x31 [WRITE] @0x2003f3e ← 0x32 [WRITE] @0x2003f3f ← 0x01 [WRITE] @0x2003f40 ← 0x03 [WRITE] @0x2003f41 ← 0x02 [WRITE] @0x2003f42 ← 0x00 [WRITE] @0x2003f43 ← 0x31 [WRITE] @0x2003f44 ← 0x31 [WRITE] @0x2003f45 ← 0x01 [WRITE] @0x2003f46 ← 0x03 [WRITE] @0x2003f47 ← 0x03 [STATE] ESI ← 0x25 [HOOK MOV] @0x01001311: mov esi, 0x1a [XOR @0x1001325] MEM[0x2003f20] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f20 ← 0x32 [HOOK CMP] @0x0100132b: cmp esi, 0x35 [XOR @0x1001325] MEM[0x2003f21] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f21 ← 0x32 [XOR @0x1001325] MEM[0x2003f22] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f22 ← 0x00 [XOR @0x1001325] MEM[0x2003f23] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1001325] MEM[0x2003f24] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f24 ← 0x32 [XOR @0x1001325] MEM[0x2003f25] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x03 [XOR @0x1001325] MEM[0x2003f26] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f26 ← 0x01 [XOR @0x1001325] MEM[0x2003f27] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f27 ← 0x01 [XOR @0x1001325] MEM[0x2003f28] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f28 ← 0x02 [XOR @0x1001325] MEM[0x2003f29] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1001325] MEM[0x2003f2a] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2a ← 0x02 [XOR @0x1001325] MEM[0x2003f2b] 0x01 ^ AL(0x01) → 0x00 寫入後 MEM = 0x01 [WRITE] @0x2003f2b ← 0x00 [XOR @0x1001325] MEM[0x2003f2c] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2c ← 0x01 [XOR @0x1001325] MEM[0x2003f2d] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2d ← 0x33 [XOR @0x1001325] MEM[0x2003f2e] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1001325] MEM[0x2003f2f] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f2f ← 0x30 [XOR @0x1001325] MEM[0x2003f30] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x03 [XOR @0x1001325] MEM[0x2003f31] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1001325] MEM[0x2003f32] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x30 [XOR @0x1001325] MEM[0x2003f33] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f33 ← 0x30 [XOR @0x1001325] MEM[0x2003f34] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x01 [XOR @0x1001325] MEM[0x2003f35] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x01 [XOR @0x1001325] MEM[0x2003f36] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f36 ← 0x30 [XOR @0x1001325] MEM[0x2003f37] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x32 [XOR @0x1001325] MEM[0x2003f38] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f38 ← 0x01 [XOR @0x1001325] MEM[0x2003f39] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f39 ← 0x01 [XOR @0x1001325] MEM[0x2003f3a] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x02 [STATE] ESI ← 0x41 [HOOK MOV] @0x01000b05: mov esi, 0x21 [HOOK MOV] @0x01000b0a: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x30 [HOOK CMP] @0x01000b20: cmp esi, 0x43 [WRITE] @0x2003f21 ← 0x32 [WRITE] @0x2003f22 ← 0x31 [WRITE] @0x2003f23 ← 0x00 [WRITE] @0x2003f24 ← 0x33 [WRITE] @0x2003f25 ← 0x00 [WRITE] @0x2003f26 ← 0x02 [WRITE] @0x2003f27 ← 0x33 [WRITE] @0x2003f28 ← 0x30 [WRITE] @0x2003f29 ← 0x30 [WRITE] @0x2003f2a ← 0x03 [WRITE] @0x2003f2b ← 0x32 [WRITE] @0x2003f2c ← 0x03 [WRITE] @0x2003f2d ← 0x33 [WRITE] @0x2003f2e ← 0x33 [WRITE] @0x2003f2f ← 0x02 [WRITE] @0x2003f30 ← 0x32 [WRITE] @0x2003f31 ← 0x31 [WRITE] @0x2003f32 ← 0x03 [WRITE] @0x2003f33 ← 0x30 [WRITE] @0x2003f34 ← 0x03 [WRITE] @0x2003f35 ← 0x32 [WRITE] @0x2003f36 ← 0x00 [WRITE] @0x2003f37 ← 0x02 [WRITE] @0x2003f38 ← 0x02 [WRITE] @0x2003f39 ← 0x33 [WRITE] @0x2003f3a ← 0x01 [WRITE] @0x2003f3b ← 0x31 [WRITE] @0x2003f3c ← 0x01 [WRITE] @0x2003f3d ← 0x33 [WRITE] @0x2003f3e ← 0x00 [WRITE] @0x2003f3f ← 0x30 [WRITE] @0x2003f40 ← 0x00 [WRITE] @0x2003f41 ← 0x32 [STATE] ESI ← 0x53 [HOOK MOV] @0x01000f0c: mov esi, 0x2a [XOR @0x1000f20] MEM[0x2003f20] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f20 ← 0x02 [HOOK CMP] @0x01000f26: cmp esi, 0x55 [XOR @0x1000f20] MEM[0x2003f21] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x33 [XOR @0x1000f20] MEM[0x2003f22] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x03 [XOR @0x1000f20] MEM[0x2003f23] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f23 ← 0x02 [XOR @0x1000f20] MEM[0x2003f24] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1000f20] MEM[0x2003f25] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f25 ← 0x02 [XOR @0x1000f20] MEM[0x2003f26] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f26 ← 0x31 [XOR @0x1000f20] MEM[0x2003f27] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x30 [XOR @0x1000f20] MEM[0x2003f28] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f28 ← 0x32 [XOR @0x1000f20] MEM[0x2003f29] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f29 ← 0x03 [XOR @0x1000f20] MEM[0x2003f2a] 0x03 ^ AL(0x02) → 0x01 寫入後 MEM = 0x03 [WRITE] @0x2003f2a ← 0x01 [XOR @0x1000f20] MEM[0x2003f2b] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f2b ← 0x03 [XOR @0x1000f20] MEM[0x2003f2c] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f2c ← 0x33 [XOR @0x1000f20] MEM[0x2003f2d] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000f20] MEM[0x2003f2e] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1000f20] MEM[0x2003f2f] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f2f ← 0x03 [XOR @0x1000f20] MEM[0x2003f30] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f30 ← 0x31 [XOR @0x1000f20] MEM[0x2003f31] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x02 [XOR @0x1000f20] MEM[0x2003f32] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f32 ← 0x02 [XOR @0x1000f20] MEM[0x2003f33] 0x30 ^ AL(0x30) → 0x00 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x00 [XOR @0x1000f20] MEM[0x2003f34] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f34 ← 0x00 [XOR @0x1000f20] MEM[0x2003f35] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f35 ← 0x03 [XOR @0x1000f20] MEM[0x2003f36] 0x00 ^ AL(0x02) → 0x02 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x02 [XOR @0x1000f20] MEM[0x2003f37] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f37 ← 0x00 [XOR @0x1000f20] MEM[0x2003f38] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f38 ← 0x02 [XOR @0x1000f20] MEM[0x2003f39] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f39 ← 0x33 [XOR @0x1000f20] MEM[0x2003f3a] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f3a ← 0x02 [XOR @0x1000f20] MEM[0x2003f3b] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f3b ← 0x33 [XOR @0x1000f20] MEM[0x2003f3c] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f3c ← 0x01 [XOR @0x1000f20] MEM[0x2003f3d] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f3d ← 0x31 [XOR @0x1000f20] MEM[0x2003f3e] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f3e ← 0x33 [XOR @0x1000f20] MEM[0x2003f3f] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f3f ← 0x32 [XOR @0x1000f20] MEM[0x2003f40] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f40 ← 0x33 [XOR @0x1000f20] MEM[0x2003f41] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f41 ← 0x33 [XOR @0x1000f20] MEM[0x2003f42] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f42 ← 0x31 [XOR @0x1000f20] MEM[0x2003f43] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f43 ← 0x02 [XOR @0x1000f20] MEM[0x2003f44] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f44 ← 0x03 [XOR @0x1000f20] MEM[0x2003f45] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f45 ← 0x32 [XOR @0x1000f20] MEM[0x2003f46] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f46 ← 0x30 [XOR @0x1000f20] MEM[0x2003f47] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f47 ← 0x32 [XOR @0x1000f20] MEM[0x2003f48] 0x32 ^ AL(0x02) → 0x30 寫入後 MEM = 0x32 [WRITE] @0x2003f48 ← 0x30 [XOR @0x1000f20] MEM[0x2003f49] 0x32 ^ AL(0x03) → 0x31 寫入後 MEM = 0x32 [WRITE] @0x2003f49 ← 0x31 [XOR @0x1000f20] MEM[0x2003f4a] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f4a ← 0x00 [STATE] ESI ← 0x2C [HOOK MOV] @0x01000c1d: mov esi, 0x13 [XOR @0x1000c31] MEM[0x2003f20] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f20 ← 0x02 [HOOK CMP] @0x01000c37: cmp esi, 0x27 [XOR @0x1000c31] MEM[0x2003f21] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f21 ← 0x33 [XOR @0x1000c31] MEM[0x2003f22] 0x03 ^ AL(0x03) → 0x00 寫入後 MEM = 0x03 [WRITE] @0x2003f22 ← 0x00 [XOR @0x1000c31] MEM[0x2003f23] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f23 ← 0x00 [XOR @0x1000c31] MEM[0x2003f24] 0x33 ^ AL(0x00) → 0x33 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x33 [XOR @0x1000c31] MEM[0x2003f25] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x00 [XOR @0x1000c31] MEM[0x2003f26] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x02 [XOR @0x1000c31] MEM[0x2003f27] 0x30 ^ AL(0x02) → 0x32 寫入後 MEM = 0x30 [WRITE] @0x2003f27 ← 0x32 [XOR @0x1000c31] MEM[0x2003f28] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x01 [XOR @0x1000c31] MEM[0x2003f29] 0x03 ^ AL(0x01) → 0x02 寫入後 MEM = 0x03 [WRITE] @0x2003f29 ← 0x02 [XOR @0x1000c31] MEM[0x2003f2a] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x30 [XOR @0x1000c31] MEM[0x2003f2b] 0x03 ^ AL(0x33) → 0x30 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x30 [XOR @0x1000c31] MEM[0x2003f2c] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f2c ← 0x01 [XOR @0x1000c31] MEM[0x2003f2d] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2d ← 0x32 [XOR @0x1000c31] MEM[0x2003f2e] 0x30 ^ AL(0x33) → 0x03 寫入後 MEM = 0x30 [WRITE] @0x2003f2e ← 0x03 [XOR @0x1000c31] MEM[0x2003f2f] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f2f ← 0x32 [XOR @0x1000c31] MEM[0x2003f30] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f30 ← 0x33 [XOR @0x1000c31] MEM[0x2003f31] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f31 ← 0x01 [XOR @0x1000c31] MEM[0x2003f32] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f32 ← 0x30 [XOR @0x1000c31] MEM[0x2003f33] 0x00 ^ AL(0x30) → 0x30 寫入後 MEM = 0x00 [WRITE] @0x2003f33 ← 0x30 [STATE] ESI ← 0x09 [HOOK MOV] @0x010007ef: mov esi, 0x2e [HOOK MOV] @0x010007f4: mov esi, 0x2f [WRITE] @0x2003f20 ← 0x02 [HOOK CMP] @0x0100080a: cmp esi, 0x5d [WRITE] @0x2003f21 ← 0x31 [WRITE] @0x2003f22 ← 0x31 [WRITE] @0x2003f23 ← 0x31 [WRITE] @0x2003f24 ← 0x02 [WRITE] @0x2003f25 ← 0x02 [WRITE] @0x2003f26 ← 0x00 [WRITE] @0x2003f27 ← 0x32 [WRITE] @0x2003f28 ← 0x33 [WRITE] @0x2003f29 ← 0x31 [WRITE] @0x2003f2a ← 0x01 [WRITE] @0x2003f2b ← 0x31 [WRITE] @0x2003f2c ← 0x30 [WRITE] @0x2003f2d ← 0x02 [WRITE] @0x2003f2e ← 0x01 [WRITE] @0x2003f2f ← 0x33 [WRITE] @0x2003f30 ← 0x00 [WRITE] @0x2003f31 ← 0x01 [WRITE] @0x2003f32 ← 0x31 [WRITE] @0x2003f33 ← 0x01 [WRITE] @0x2003f34 ← 0x01 [WRITE] @0x2003f35 ← 0x02 [WRITE] @0x2003f36 ← 0x00 [WRITE] @0x2003f37 ← 0x00 [WRITE] @0x2003f38 ← 0x02 [WRITE] @0x2003f39 ← 0x31 [WRITE] @0x2003f3a ← 0x33 [WRITE] @0x2003f3b ← 0x00 [WRITE] @0x2003f3c ← 0x01 [WRITE] @0x2003f3d ← 0x30 [WRITE] @0x2003f3e ← 0x03 [WRITE] @0x2003f3f ← 0x31 [WRITE] @0x2003f40 ← 0x02 [WRITE] @0x2003f41 ← 0x31 [WRITE] @0x2003f42 ← 0x00 [WRITE] @0x2003f43 ← 0x02 [WRITE] @0x2003f44 ← 0x01 [WRITE] @0x2003f45 ← 0x33 [WRITE] @0x2003f46 ← 0x03 [WRITE] @0x2003f47 ← 0x31 [WRITE] @0x2003f48 ← 0x01 [WRITE] @0x2003f49 ← 0x30 [WRITE] @0x2003f4a ← 0x30 [WRITE] @0x2003f4b ← 0x31 [WRITE] @0x2003f4c ← 0x03 [WRITE] @0x2003f4d ← 0x01 [WRITE] @0x2003f4e ← 0x01 [STATE] ESI ← 0x3C [HOOK MOV] @0x01001340: mov esi, 0x18 [XOR @0x1001354] MEM[0x2003f20] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f20 ← 0x00 [HOOK CMP] @0x0100135a: cmp esi, 0x31 [XOR @0x1001354] MEM[0x2003f21] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1001354] MEM[0x2003f22] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x02 [XOR @0x1001354] MEM[0x2003f23] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x31 [XOR @0x1001354] MEM[0x2003f24] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f24 ← 0x03 [XOR @0x1001354] MEM[0x2003f25] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f25 ← 0x32 [XOR @0x1001354] MEM[0x2003f26] 0x00 ^ AL(0x03) → 0x03 寫入後 MEM = 0x00 [WRITE] @0x2003f26 ← 0x03 [XOR @0x1001354] MEM[0x2003f27] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f27 ← 0x03 [XOR @0x1001354] MEM[0x2003f28] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1001354] MEM[0x2003f29] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x00 [XOR @0x1001354] MEM[0x2003f2a] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x01 [XOR @0x1001354] MEM[0x2003f2b] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x33 [XOR @0x1001354] MEM[0x2003f2c] 0x30 ^ AL(0x01) → 0x31 寫入後 MEM = 0x30 [WRITE] @0x2003f2c ← 0x31 [XOR @0x1001354] MEM[0x2003f2d] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x31 [XOR @0x1001354] MEM[0x2003f2e] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f2e ← 0x02 [XOR @0x1001354] MEM[0x2003f2f] 0x33 ^ AL(0x31) → 0x02 寫入後 MEM = 0x33 [WRITE] @0x2003f2f ← 0x02 [XOR @0x1001354] MEM[0x2003f30] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f30 ← 0x01 [XOR @0x1001354] MEM[0x2003f31] 0x01 ^ AL(0x30) → 0x31 寫入後 MEM = 0x01 [WRITE] @0x2003f31 ← 0x31 [XOR @0x1001354] MEM[0x2003f32] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f32 ← 0x01 [XOR @0x1001354] MEM[0x2003f33] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x30 [XOR @0x1001354] MEM[0x2003f34] 0x01 ^ AL(0x03) → 0x02 寫入後 MEM = 0x01 [WRITE] @0x2003f34 ← 0x02 [XOR @0x1001354] MEM[0x2003f35] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f35 ← 0x03 [XOR @0x1001354] MEM[0x2003f36] 0x00 ^ AL(0x01) → 0x01 寫入後 MEM = 0x00 [WRITE] @0x2003f36 ← 0x01 [XOR @0x1001354] MEM[0x2003f37] 0x00 ^ AL(0x00) → 0x00 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x00 [XOR @0x1001354] MEM[0x2003f38] 0x02 ^ AL(0x00) → 0x02 寫入後 MEM = 0x02 [WRITE] @0x2003f38 ← 0x02 [STATE] ESI ← 0x1E [WRITE] @0x2003f1c ← 0x0d [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x31 [WRITE] @0x2003f1c ← 0x0e [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f21 ← 0x02 [WRITE] @0x2003f1c ← 0x0f [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x00 [WRITE] @0x2003f1c ← 0x10 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f23 ← 0x30 [WRITE] @0x2003f1c ← 0x11 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f24 ← 0x32 [WRITE] @0x2003f1c ← 0x12 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f25 ← 0x33 [WRITE] @0x2003f1c ← 0x13 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f26 ← 0x33 [WRITE] @0x2003f1c ← 0x14 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f27 ← 0x01 [WRITE] @0x2003f1c ← 0x15 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f28 ← 0x32 [WRITE] @0x2003f1c ← 0x16 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f29 ← 0x01 [WRITE] @0x2003f1c ← 0x17 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x00) → 0x31 寫入後 MEM = 0x31 [WRITE] @0x2003f2a ← 0x01 [WRITE] @0x2003f1c ← 0x18 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x31 [WRITE] @0x2003f1c ← 0x19 [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x31) → 0x00 寫入後 MEM = 0x31 [WRITE] @0x2003f2c ← 0x00 [WRITE] @0x2003f1c ← 0x1a [XOR @0x1000e34] MEM[0x2003f31] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x02 [WRITE] @0x2003f1c ← 0x1b [STATE] ESI ← 0x14 [HOOK MOV] @0x0100084b: mov esi, 0x29 [XOR @0x100085f] MEM[0x2003f20] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f20 ← 0x01 [HOOK CMP] @0x01000865: cmp esi, 0x53 [XOR @0x100085f] MEM[0x2003f21] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f21 ← 0x32 [XOR @0x100085f] MEM[0x2003f22] 0x00 ^ AL(0x31) → 0x31 寫入後 MEM = 0x00 [WRITE] @0x2003f22 ← 0x31 [XOR @0x100085f] MEM[0x2003f23] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f23 ← 0x33 [XOR @0x100085f] MEM[0x2003f24] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f24 ← 0x33 [XOR @0x100085f] MEM[0x2003f25] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f25 ← 0x32 [XOR @0x100085f] MEM[0x2003f26] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f26 ← 0x32 [XOR @0x100085f] MEM[0x2003f27] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f27 ← 0x33 [XOR @0x100085f] MEM[0x2003f28] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f28 ← 0x03 [XOR @0x100085f] MEM[0x2003f29] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f29 ← 0x32 [XOR @0x100085f] MEM[0x2003f2a] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f2a ← 0x32 [XOR @0x100085f] MEM[0x2003f2b] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f2b ← 0x03 [XOR @0x100085f] MEM[0x2003f2c] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f2c ← 0x32 [XOR @0x100085f] MEM[0x2003f2d] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f2d ← 0x31 [XOR @0x100085f] MEM[0x2003f2e] 0x02 ^ AL(0x03) → 0x01 寫入後 MEM = 0x02 [WRITE] @0x2003f2e ← 0x01 [XOR @0x100085f] MEM[0x2003f2f] 0x02 ^ AL(0x32) → 0x30 寫入後 MEM = 0x02 [WRITE] @0x2003f2f ← 0x30 [XOR @0x100085f] MEM[0x2003f30] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f30 ← 0x33 [XOR @0x100085f] MEM[0x2003f31] 0x31 ^ AL(0x03) → 0x32 寫入後 MEM = 0x31 [WRITE] @0x2003f31 ← 0x32 [XOR @0x100085f] MEM[0x2003f32] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f32 ← 0x33 [XOR @0x100085f] MEM[0x2003f33] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f33 ← 0x01 [XOR @0x100085f] MEM[0x2003f34] 0x02 ^ AL(0x01) → 0x03 寫入後 MEM = 0x02 [WRITE] @0x2003f34 ← 0x03 [XOR @0x100085f] MEM[0x2003f35] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f35 ← 0x33 [XOR @0x100085f] MEM[0x2003f36] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f36 ← 0x32 [XOR @0x100085f] MEM[0x2003f37] 0x00 ^ AL(0x32) → 0x32 寫入後 MEM = 0x00 [WRITE] @0x2003f37 ← 0x32 [XOR @0x100085f] MEM[0x2003f38] 0x02 ^ AL(0x33) → 0x31 寫入後 MEM = 0x02 [WRITE] @0x2003f38 ← 0x31 [XOR @0x100085f] MEM[0x2003f39] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f39 ← 0x30 [XOR @0x100085f] MEM[0x2003f3a] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f3a ← 0x30 [XOR @0x100085f] MEM[0x2003f3b] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f3b ← 0x33 [XOR @0x100085f] MEM[0x2003f3c] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f3c ← 0x33 [XOR @0x100085f] MEM[0x2003f3d] 0x30 ^ AL(0x32) → 0x02 寫入後 MEM = 0x30 [WRITE] @0x2003f3d ← 0x02 [XOR @0x100085f] MEM[0x2003f3e] 0x03 ^ AL(0x31) → 0x32 寫入後 MEM = 0x03 [WRITE] @0x2003f3e ← 0x32 [XOR @0x100085f] MEM[0x2003f3f] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f3f ← 0x01 [XOR @0x100085f] MEM[0x2003f40] 0x02 ^ AL(0x30) → 0x32 寫入後 MEM = 0x02 [WRITE] @0x2003f40 ← 0x32 [XOR @0x100085f] MEM[0x2003f41] 0x31 ^ AL(0x33) → 0x02 寫入後 MEM = 0x31 [WRITE] @0x2003f41 ← 0x02 [XOR @0x100085f] MEM[0x2003f42] 0x00 ^ AL(0x33) → 0x33 寫入後 MEM = 0x00 [WRITE] @0x2003f42 ← 0x33 [XOR @0x100085f] MEM[0x2003f43] 0x02 ^ AL(0x02) → 0x00 寫入後 MEM = 0x02 [WRITE] @0x2003f43 ← 0x00 [XOR @0x100085f] MEM[0x2003f44] 0x01 ^ AL(0x32) → 0x33 寫入後 MEM = 0x01 [WRITE] @0x2003f44 ← 0x33 [XOR @0x100085f] MEM[0x2003f45] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f45 ← 0x32 [XOR @0x100085f] MEM[0x2003f46] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f46 ← 0x31 [XOR @0x100085f] MEM[0x2003f47] 0x31 ^ AL(0x02) → 0x33 寫入後 MEM = 0x31 [WRITE] @0x2003f47 ← 0x33 [XOR @0x100085f] MEM[0x2003f48] 0x01 ^ AL(0x33) → 0x32 寫入後 MEM = 0x01 [WRITE] @0x2003f48 ← 0x32 [XOR @0x100085f] MEM[0x2003f49] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f49 ← 0x30 [HOOK MOV] @0x01000654: mov esi, 0x1d [XOR @0x1000668] MEM[0x2003f20] 0x01 ^ AL(0x02) → 0x03 寫入後 MEM = 0x01 [WRITE] @0x2003f20 ← 0x03 [HOOK CMP] @0x0100066e: cmp esi, 0x3b [XOR @0x1000668] MEM[0x2003f21] 0x32 ^ AL(0x32) → 0x00 寫入後 MEM = 0x32 [WRITE] @0x2003f21 ← 0x00 [XOR @0x1000668] MEM[0x2003f22] 0x31 ^ AL(0x01) → 0x30 寫入後 MEM = 0x31 [WRITE] @0x2003f22 ← 0x30 [XOR @0x1000668] MEM[0x2003f23] 0x33 ^ AL(0x32) → 0x01 寫入後 MEM = 0x33 [WRITE] @0x2003f23 ← 0x01 [XOR @0x1000668] MEM[0x2003f24] 0x33 ^ AL(0x02) → 0x31 寫入後 MEM = 0x33 [WRITE] @0x2003f24 ← 0x31 [XOR @0x1000668] MEM[0x2003f25] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f25 ← 0x01 [XOR @0x1000668] MEM[0x2003f26] 0x32 ^ AL(0x00) → 0x32 寫入後 MEM = 0x32 [WRITE] @0x2003f26 ← 0x32 [XOR @0x1000668] MEM[0x2003f27] 0x33 ^ AL(0x33) → 0x00 寫入後 MEM = 0x33 [WRITE] @0x2003f27 ← 0x00 [XOR @0x1000668] MEM[0x2003f28] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f28 ← 0x31 [XOR @0x1000668] MEM[0x2003f29] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f29 ← 0x03 [XOR @0x1000668] MEM[0x2003f2a] 0x32 ^ AL(0x33) → 0x01 寫入後 MEM = 0x32 [WRITE] @0x2003f2a ← 0x01 [XOR @0x1000668] MEM[0x2003f2b] 0x03 ^ AL(0x32) → 0x31 寫入後 MEM = 0x03 [WRITE] @0x2003f2b ← 0x31 [XOR @0x1000668] MEM[0x2003f2c] 0x32 ^ AL(0x30) → 0x02 寫入後 MEM = 0x32 [WRITE] @0x2003f2c ← 0x02 [XOR @0x1000668] MEM[0x2003f2d] 0x31 ^ AL(0x30) → 0x01 寫入後 MEM = 0x31 [WRITE] @0x2003f2d ← 0x01 [XOR @0x1000668] MEM[0x2003f2e] 0x01 ^ AL(0x31) → 0x30 寫入後 MEM = 0x01 [WRITE] @0x2003f2e ← 0x30 [XOR @0x1000668] MEM[0x2003f2f] 0x30 ^ AL(0x03) → 0x33 寫入後 MEM = 0x30 [WRITE] @0x2003f2f ← 0x33 [XOR @0x1000668] MEM[0x2003f30] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f30 ← 0x32 [XOR @0x1000668] MEM[0x2003f31] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f31 ← 0x33 [XOR @0x1000668] MEM[0x2003f32] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f32 ← 0x30 [XOR @0x1000668] MEM[0x2003f33] 0x01 ^ AL(0x00) → 0x01 寫入後 MEM = 0x01 [WRITE] @0x2003f33 ← 0x01 [XOR @0x1000668] MEM[0x2003f34] 0x03 ^ AL(0x30) → 0x33 寫入後 MEM = 0x03 [WRITE] @0x2003f34 ← 0x33 [XOR @0x1000668] MEM[0x2003f35] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f35 ← 0x32 [XOR @0x1000668] MEM[0x2003f36] 0x32 ^ AL(0x31) → 0x03 寫入後 MEM = 0x32 [WRITE] @0x2003f36 ← 0x03 [XOR @0x1000668] MEM[0x2003f37] 0x32 ^ AL(0x01) → 0x33 寫入後 MEM = 0x32 [WRITE] @0x2003f37 ← 0x33 [XOR @0x1000668] MEM[0x2003f38] 0x31 ^ AL(0x32) → 0x03 寫入後 MEM = 0x31 [WRITE] @0x2003f38 ← 0x03 [XOR @0x1000668] MEM[0x2003f39] 0x30 ^ AL(0x00) → 0x30 寫入後 MEM = 0x30 [WRITE] @0x2003f39 ← 0x30 [XOR @0x1000668] MEM[0x2003f3a] 0x30 ^ AL(0x31) → 0x01 寫入後 MEM = 0x30 [WRITE] @0x2003f3a ← 0x01 [XOR @0x1000668] MEM[0x2003f3b] 0x33 ^ AL(0x03) → 0x30 寫入後 MEM = 0x33 [WRITE] @0x2003f3b ← 0x30 [XOR @0x1000668] MEM[0x2003f3c] 0x33 ^ AL(0x01) → 0x32 寫入後 MEM = 0x33 [WRITE] @0x2003f3c ← 0x32 [XOR @0x1000668] MEM[0x2003f3d] 0x02 ^ AL(0x31) → 0x33 寫入後 MEM = 0x02 [WRITE] @0x2003f3d ← 0x33 [HOOK MOV] @0x01000675: mov esi, 0x11 [WRITE] @0x2003f04 ← 0x11 [WRITE] @0x2003f00 ← 0x407068
根據以上可以總結
每次eip 會有0xaa 到0xbb的變動長度進行xor,進行的方式為
for i in range(0xbb): flag[i] = flag[i] ^ f[(0xaa + i)%47]結束後將eip更新
其中有一段特別的XOR加密,是從0x0d + i 的數值去做xor加密
for i in range(0xbb): flag[i] = flag[i] ^ 0x0d+i
??? note “special case” [WRITE] @0x2003f1c ← 0x0d [WRITE] @0x2003f20 ← 0x32 [WRITE] @0x2003f1c ← 0x0e [WRITE] @0x2003f21 ← 0x02 [WRITE] @0x2003f1c ← 0x0f [WRITE] @0x2003f22 ← 0x30 [WRITE] @0x2003f1c ← 0x10 [WRITE] @0x2003f23 ← 0x00 [WRITE] @0x2003f1c ← 0x11 [WRITE] @0x2003f24 ← 0x01 [WRITE] @0x2003f1c ← 0x12 [WRITE] @0x2003f25 ← 0x02 [WRITE] @0x2003f1c ← 0x13 [WRITE] @0x2003f26 ← 0x30 [WRITE] @0x2003f1c ← 0x14 [WRITE] @0x2003f27 ← 0x03 [WRITE] @0x2003f1c ← 0x15 [WRITE] @0x2003f28 ← 0x02 [WRITE] @0x2003f1c ← 0x16 [WRITE] @0x2003f29 ← 0x00 [WRITE] @0x2003f1c ← 0x17 [WRITE] @0x2003f2a ← 0x33 [WRITE] @0x2003f1c ← 0x18 [WRITE] @0x2003f2b ← 0x03 [WRITE] @0x2003f1c ← 0x19 [WRITE] @0x2003f2c ← 0x31 [WRITE] @0x2003f1c ← 0x1a [WRITE] @0x2003f2d ← 0x30 [WRITE] @0x2003f1c ← 0x1b
- 剩下的也是進行第一點的加密方式
綜合以上 可以寫出下面的解密script
step = [
(0x28,0x51),(0x20,0x41),(0x18,0x31),(0x24,0x49),(0x1d,0x3b),(0x12,0x25),
(0x0d,0x1b),(0x24,0x49),(0x0b,0x17),(0x1d,0x3b),(0x18,0x31),(0x1f,0x3f),
(0x15,0x2b),(0x0e,0x1d),(0x2a,0x55),(0x14,0x29),(0x0b,0x17),(0x06,0x0d),
(0x1a,0x35),(0x18,0x31),(0x18,0x31),(0x1d,0x3b),(0x1d,0x3b),(0x0e,0x1d),
(0x03,0x07),(0x18,0x31),(0x08,0x11),(0x08,0x11),(0x29,0x53),(0x0b,0x17),
(0x0d,0x1b),(0x12,0x25),(0x0e,0x1d),(0x19,0x33),(0x02,0x05),(0x17,0x2f),
(0x11,0x23),(0x28,0x51),(0x11,0x23),(0x04,0x09),(0x15,0x2b),(0x16,0x2d),
(0x2b,0x57),(0x20,0x41),(0x13,0x27),(0x0c,0x19),(0x2d,0x5b),(0x24,0x49),
(0x23,0x47),(0x16,0x2d),(0x2b,0x57),(0x18,0x31),(0x1b,0x37),(0x08,0x11),
(0x06,0x0d),(0x13,0x27),(0x26,0x4d),(0x15,0x2b),(0x1d,0x3b),(0x16,0x2d),
(0x04,0x09),(0x02,0x05),(0x0a,0x15),(0x09,0x13),(0x24,0x49),(0x2c,0x59),
(0x02,0x05),(0x11,0x23),(0x0f,0x1f),(0x22,0x45),(0x02,0x05),(0x14,0x29),
(0x0d,0x1b),(0x26,0x4d),(0x09,0x13),(0x27,0x4f),(0x1a,0x35),(0x21,0x43),
(0x2a,0x55),(0x13,0x27),(0x2e,0x5d),(0x18,0x31)
]
step2 = [
(0x29, 0x53),
(0x1d, 0x3b)
]
cipher_bytes = bytes([
0x5a,0x60,0x61,0x0f,0x08,0x29,0x42,0x32,0x25,0x23,0x42,0x68,0x4b,0x41,
0x63,0x55,0x37,0x43,0x6a,0x50,0x40,0x6f,0x2e,0x66,0x49,0x7f,0x09,0x66,
0x79,0x7c,0x37,0x18,0x5d,0x35,0x46,0x41,0x37,0x0f,0x19,0x1c,0x30,0x79,
0x29,0x69,0x0a,0x46,0x3b
])
def decrypt(first: int, length: int, data: bytearray) -> None:
now = first
for i in range(length - 1, -1, -1):
j = (now + i) % 47
data[i] ^= data[j]
def undo_xor_segment(data: bytearray) -> None:
for k in range((0x1b - 0x0d) - 1, -1, -1):
data[k] ^= data[k + 0x0d]
def main():
buf = bytearray(cipher_bytes)
for a, b in reversed(step2):
decrypt(a, b - a, buf)
undo_xor_segment(buf)
for a, b in reversed(step):
decrypt(a, b - a, buf)
print(buf)
if __name__ == "__main__":
main()
:flags:AIS3{UniCorn_2.1.3_fk_s1ow_BUT_this_chal_cool?}
AntiDbg++++
賽後解