Indy
October 25th, 2011, 15:17
Hello.
One type of relocations handles the following code:
What it does?
One type of relocations handles the following code:
Code:
xor edi, edi
and ecx, 0FFFFFFF0h
mov eax, [ecx+0Ch]
mov esi, [ecx+4]
mov edx, [ecx+8]
mov [ebp+var_4], esi
mov esi, eax
shr esi, 1Bh
shld edi, esi, 17h
mov [ebp+var_8], edx
shl esi, 17h
and edx, 7FFFFFh
or esi, edx
mov edx, [ebp+var_4]
shr edx, 18h
xor ebx, ebx
or edi, ebx
shld edi, esi, 8
shl esi, 8
or esi, edx
mov edx, [ebp+var_4]
or edi, ebx
shld edi, esi, 0Ah
shr edx, 0Eh
and edx, 3FFh
shl esi, 0Ah
or esi, edx
or edi, ebx
shld edi, esi, 1
mov edx, eax
shr edx, 0Ch
and edx, 1
shl esi, 1
or esi, edx
or edi, ebx
shld edi, esi, 5
mov edx, eax
shr edx, 0Dh
and edx, 1Fh
or edi, ebx
shl esi, 5
or esi, edx
shld edi, esi, 9
mov edx, eax
or edi, ebx
shr edx, 12h
shr eax, 4
and edx, 1FFh
shl esi, 9
or esi, edx
mov edx, edi
and eax, 7Fh
shld edx, esi, 7
xor edi, edi
or edx, edi
shl esi, 7
or esi, eax
add esi, [ebp+arg_C]
adc edx, [ebp+arg_10]
mov eax, esi
mov edi, edx
shrd eax, edi, 16h
and eax, 3FFh
shr edi, 16h
mov edi, edx
shl edi, 0Ah
or eax, edi
mov edi, [ecx+4]
shl eax, 0Eh
and edi, 3FFFh
or eax, edi
mov [ecx+4], eax
mov eax, edx
shr eax, 8
xor eax, [ebp+var_8]
and eax, 7FFFFFh
xor eax, [ebp+var_8]
mov [ecx+8], eax
mov eax, edx
shr eax, 1Fh
and eax, 1
mov ebx, edx
shl eax, 9
mov edi, esi
shrd edi, ebx, 7
and edi, 1FFh
or eax, edi
shr ebx, 7
mov ebx, edx
mov edi, esi
shrd edi, ebx, 10h
shl eax, 5
and edi, 1Fh
or eax, edi
mov edi, esi
shrd edi, edx, 15h
shl eax, 1
and edi, 1
or eax, edi
shr edx, 15h
mov edx, [ecx+0Ch]
shl eax, 8
and esi, 7Fh
or eax, esi
and edx, 0F000080Fh
shl eax, 4
shr ebx, 10h
or eax, edx
mov edx, [ebp+arg_C]
mov [ecx+0Ch], eax
What it does?