Hi. I'd like to check on what address a jump was taken.
Here's some code:

...
0E253322 83C4 08 ADD ESP,8
0E253325 81C4 04100000 ADD ESP,1004
0E25332B C3 RETN
0E25332C B0 FF MOV AL,0FF <- it jumps here
0E25332E 8D4C24 04 LEA ECX,[DWORD SS:ESP+4]
0E253332 51 PUSH ECX
0E253333 8D5424 04 LEA EDX,[DWORD SS:ESP+4]
...

What I mean is, I'd like to check what the address to the jump to 0E25332C is. (last jump)

Any ideas?
Answers are greatly appreciated.

Eliana

There are a few ways. But simply try to trace from there to the next RETN code, step into this code which leads to the previous section, then go one line up and you see the call.

if you put in this line E25332C and right click -find references and have no results,, put a bP in E25332C and when stop, look the first line of the stack for see the adress of returning of the previosu call.

With this info you can put a bp here and trace till jump.

Ricardo Narvaja

Great! Thank you for your answers It has helped me alot! I tried to use "Find ref." as ricnar456 said, and it worked. Thanks again

Eliana