1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
digraph used {
node [
style = filled
shape = "record"
fillcolor = "lightskyblue"
];
"0x01000000" [
fillcolor = "red"
label = "{ <fi> 0x01000000 | { ÿ0x01000000\lÿ0x01000001\lÿ0x01000003\lÿ0x01000006\lÿ0x0100000a\l|ÿpush ebp\l mov ebp, esp\l sub esp, (8)0x00000018\l cmp dword [ebp + (8)0x00000008], (8)0x00000001\l j(le,ng) byte (8)0x00000019\l } | <fo> 0x0100000c }"
];
"0x0100000c" [
label = "{ <fi> 0x0100000c | { ÿ0x0100000c\lÿ0x0100000f\lÿ0x01000012\lÿ0x01000015\lÿ0x01000017\lÿ0x01000018\lÿ0x0100001d\lÿ0x01000020\lÿ0x01000023\l|ÿadd esp, (8)0xfffffff4\l mov eax, dword [ebp + (8)0x0000000c]\l add eax, (8)0x00000004\l mov edx, dword [eax]\l push edx\l call dword (32)0xfffffffc\l add esp, (8)0x00000010\l mov dword [ebp + (8)0xfffffffc], eax\l jmp byte (8)0x00000007\l } | <fo> 0x01000025 }"
];
"0x0100002c" [
fillcolor = "red"
label = "{ <fi> 0x0100002c | { ÿ0x0100002c\lÿ0x0100002d\l|ÿnop\l mov dword [ebp + (8)0xfffffff8], (32)0x00000001\l } | <fo> 0x01000034 }"
];
"0x01000034" [
fillcolor = "red"
label = "{ <fi> 0x01000034 | { ÿ0x01000034\lÿ0x01000037\lÿ0x01000039\lÿ0x0100003b\lÿ0x0100003e\l|ÿmov edx, dword [ebp + (8)0xfffffffc]\l mov eax, edx\l shr1 eax\l cmp dword [ebp + (8)0xfffffff8], eax\l j(b,nae) byte (8)0x00000002\l } | <fo> 0x01000040 }"
];
"0x01000040" [
fillcolor = "red"
label = "{ <fi> 0x01000040 | { ÿ0x01000040\l|ÿjmp byte (8)0x0000002e\l } | <fo> 0x01000042 }"
];
"0x01000070" [
fillcolor = "red"
label = "{ <fi> 0x01000070 | { ÿ0x01000070\lÿ0x01000072\l|ÿxor eax, eax\l jmp byte (8)0x00000000\l } | <fo> 0x01000074 }"
];
"0x01000074" [
fillcolor = "red"
label = "{ <fi> 0x01000074 | { ÿ0x01000074\lÿ0x01000075\l|ÿleave\l ret\l } | <fo> 0x01000076 }"
];
"0x01000042" [
label = "{ <fi> 0x01000042 | { ÿ0x01000042\lÿ0x01000045\lÿ0x01000048\lÿ0x0100004a\lÿ0x0100004c\lÿ0x0100004e\l|ÿmov eax, dword [ebp + (8)0xfffffffc]\l lea ecx, dword [ebp + (8)0xfffffff8]\l xor edx, edx\l div dword [ecx]\l test edx, edx\l j(ne,nz) byte (8)0x00000014\l } | <fo> 0x01000050 }"
];
"0x01000050" [
label = "{ <fi> 0x01000050 | { ÿ0x01000050\lÿ0x01000053\lÿ0x01000056\lÿ0x01000057\lÿ0x0100005c\lÿ0x01000061\l|ÿadd esp, (8)0xfffffff8\l mov eax, dword [ebp + (8)0xfffffff8]\l push eax\l push (32)0x00000000\l call dword (32)0xfffffffc\l add esp, (8)0x00000010\l } | <fo> 0x01000064 }"
];
"0x01000064" [
label = "{ <fi> 0x01000064 | { ÿ0x01000064\lÿ0x01000067\l|ÿinc dword [ebp + (8)0xfffffff8]\l jmp byte (8)0xffffffcb\l } | <fo> 0x01000069 }"
];
"0x01000025" [
label = "{ <fi> 0x01000025 | { ÿ0x01000025\l|ÿmov dword [ebp + (8)0xfffffffc], (32)0x000000c8\l } | <fo> 0x0100002c }"
];
"0x01000000":fo -> "0x0100000c":fi [concentrate=true] [color="seagreen"];
"0x01000000":fo -> "0x01000025":fi [concentrate=true] [color="maroon3"];
"0x0100000c":fo -> "0x0100002c":fi [concentrate=true];
"0x0100002c":fo -> "0x01000034":fi [concentrate=true] [color="seagreen"];
"0x01000034":fo -> "0x01000040":fi [concentrate=true] [color="seagreen"];
"0x01000034":fo -> "0x01000042":fi [concentrate=true] [color="maroon3"];
"0x01000040":fo -> "0x01000070":fi [concentrate=true];
"0x01000070":fo -> "0x01000074":fi [concentrate=true];
"0x01000042":fo -> "0x01000050":fi [concentrate=true] [color="seagreen"];
"0x01000042":fo -> "0x01000064":fi [concentrate=true] [color="maroon3"];
"0x01000050":fo -> "0x01000064":fi [concentrate=true] [color="seagreen"];
"0x01000064":fo -> "0x01000034":fi [concentrate=true];
"0x01000025":fo -> "0x0100002c":fi [concentrate=true] [color="seagreen"];
}
|
