PBlackout.exe Advanced info...

[RobinC]

Sup everyone.
Today i will show you some info about PBlackout.exe...

Short info:
Entrypoint:008F1000
File Offset:00301400
Linker Info:9.0

Simple dissambled:

the important adresses:

00CF1000: 51 PUSH ECX
00CF1001: B906000000 MOV ECX, 00000006H
00CF1006: 85C9 TEST ECX, ECX
00CF1008: 7428 JZ CF1032H
00CF100A: 01C8 ADD EAX, ECX
00CF100C: D3E0 SHL EAX, CL
00CF100E: 0545455304 ADD EAX, 04534545H
00CF1013: 50 PUSH EAX
00CF1014: E800000000 CALL 00CF1019H
00CF1019: 83042416 ADD [ESP], 00000016H
00CF101D: 8B0424 MOV EAX, [ESP]
00CF1020: 83C009 ADD EAX, 00000009H
00CF1023: C780CAFFFFFF00000000 MOV [EAX-00000036H], 00000000H
00CF102D: FFE0 JMP EAX
00CF102F: 49 DEC ECX
00CF1030: EBD4 JMP CF1006H
00CF1032: 59 POP ECX
00CF1033: E9CE000000 JMP 00CF1106H
00CF1038: 55 PUSH EBP
00CF1039: 89E5 MOV EBP, ESP
00CF103B: 81EC1C080000 SUB ESP, 0000081CH
00CF1041: 60 PUSHAD
00CF1042: C745FA00000000 MOV [EBP-06H], 00000000H
00CF1049: C785E8FBFFFF00000000 MOV [EBP-00000418H], 00000000H
00CF1053: 31DB XOR EBX, EBX
00CF1055: 8B85E8FBFFFF MOV EAX, [EBP-00000418H]
00CF105B: 40 INC EAX
00CF105C: 8985E8FBFFFF MOV [EBP-00000418H], EAX
00CF1062: 81BDE8FBFFFF00040000 CMP [EBP-00000418H], 00000400H
00CF106C: 7418 JZ CF1086H
00CF106E: 8B85ECFBFFFF MOV EAX, [EBP-00000414H]
00CF1074: 8D8DF0FBFFFF LEA ECX, [EBP-00000410H]
00CF107A: 88040B MOV [EBX+ECX], AL
00CF107D: FF85ECFBFFFF INC [EBP-00000414H]
00CF1083: 43 INC EBX
00CF1084: EBCF JMP CF1055H
00CF1086: 8D85E4F7FFFF LEA EAX, [EBP-0000081CH]
00CF108C: 8B5D08 MOV EBX, [EBP+08H]
00CF108F: C785E4FBFFFF00000000 MOV [EBP-0000041CH], 00000000H
00CF1099: 8B8DE4FBFFFF MOV ECX, [EBP-0000041CH]
00CF109F: D1C3 ROL EBX, 01H
00CF10A1: 8818 MOV [EAX], BL
00CF10A3: 41 INC ECX
00CF10A4: 898DE4FBFFFF MOV [EBP-0000041CH], ECX
00CF10AA: 81BDE4FBFFFF00040000 CMP [EBP-0000041CH], 00000400H
00CF10B4: 75E3 JNZ CF1099H
00CF10B6: C785E4FBFFFF00000000 MOV [EBP-0000041CH], 00000000H
00CF10C0: 8DBDF0FBFFFF LEA EDI, [EBP-00000410H]
00CF10C6: 8DB5E4F7FFFF LEA ESI, [EBP-0000081CH]
00CF10CC: 8A0E MOV CL, [ESI]
00CF10CE: BBF4010000 MOV EBX, 000001F4H
00CF10D3: B8AB375478 MOV EAX, 785437ABH
00CF10D8: D3D0 RCL EAX, CL
00CF10DA: 8A0F MOV CL, [EDI]
00CF10DC: D3D0 RCL EAX, CL
00CF10DE: 0145FA ADD [EBP-06H], EAX
00CF10E1: 4B DEC EBX
00CF10E2: 75F4 JNZ CF10D8H
00CF10E4: 0FAFC3 IMUL EAX, EBX
00CF10E7: 47 INC EDI
00CF10E8: 46 INC ESI
00CF10E9: 8B8DE4FBFFFF MOV ECX, [EBP-0000041CH]
00CF10EF: 41 INC ECX
00CF10F0: 898DE4FBFFFF MOV [EBP-0000041CH], ECX
00CF10F6: 81F900040000 CMP ECX, 00000400H
00CF10FC: 75CE JNZ CF10CCH
00CF10FE: 61 POPAD
00CF10FF: 8B45FA MOV EAX, [EBP-06H]
00CF1102: C9 LEAVE
00CF1103: C20400 RETN 0004H
00CF1106: 83EC04 SUB ESP, 00000004H
00CF1109: 50 PUSH EAX
00CF110A: 53 PUSH EBX
00CF110B: E801000000 CALL 00CF1111H
00CF1110: CC INT 3
00CF1111: 58 POP EAX
00CF1112: 89C3 MOV EBX, EAX
00CF1114: 40 INC EAX
00CF1115: 2D00900F00 SUB EAX, 000F9000H
00CF111A: 2D160C6B00 SUB EAX, 006B0C16H
00CF111F: 05050B6B00 ADD EAX, 006B0B05H
00CF1124: 803BCC CMP BYTE PTR [EBX], FFFFFFCCH
00CF1127: 7519 JNZ CF1142H
00CF1129: C60300 MOV BYTE PTR [EBX], 00H
00CF112C: BB00100000 MOV EBX, 00001000H
00CF1131: 68F3D5606B PUSH 6B60D5F3H
00CF1136: 68554AA06C PUSH 6CA04A55H
00CF113B: 53 PUSH EBX
00CF113C: 50 PUSH EAX
00CF113D: E80A000000 CALL 00CF114CH
00CF1142: 83C000 ADD EAX, 00000000H
00CF1145: 89442408 MOV [ESP+08H], EAX
00CF1149: 5B POP EBX
00CF114A: 58 POP EAX
00CF114B: C3 RET
00CF114C: 55 PUSH EBP
00CF114D: 89E5 MOV EBP, ESP
00CF114F: 50 PUSH EAX
00CF1150: 53 PUSH EBX
00CF1151: 51 PUSH ECX
00CF1152: 56 PUSH ESI
00CF1153: 8B7508 MOV ESI, [EBP+08H]
00CF1156: 8B4D0C MOV ECX, [EBP+0CH]
00CF1159: C1E902 SHR ECX, 02H
00CF115C: 8B4510 MOV EAX, [EBP+10H]
00CF115F: 8B5D14 MOV EBX, [EBP+14H]
00CF1162: 85C9 TEST ECX, ECX
00CF1164: 740A JZ CF1170H
00CF1166: 3106 XOR [ESI], EAX
00CF1168: 011E ADD [ESI], EBX
00CF116A: 83C604 ADD ESI, 00000004H
00CF116D: 49 DEC ECX
00CF116E: EBF2 JMP CF1162H
00CF1170: 5E POP ESI
00CF1171: 59 POP ECX
00CF1172: 5B POP EBX
00CF1173: 58 POP EAX
00CF1174: C9 LEAVE
00CF1175: C21000 RETN 0010H
00CF1178: 0157A5 ADD [EDI-5BH], EDX
00CF117B: C9 LEAVE
00CF117C: 4F DEC EDI
00CF117D: 2D00FB7090 SUB EAX, 9070FB00H
00CF1182: E988622136 JMP 36F0740FH
00CF1187: 6220 BOUND ESP, [EAX]
00CF1189: 13F2 ADC ESI, EDX
00CF118B: 47 INC EDI
00CF118C: 6B671A45 IMUL ESP, [EDI+1AH], 45H
00CF1190: 123A ADC BH, [EDX]
00CF1192: 87AC175A6B72BD XCHG EBP, [EDI+EDX-428D94A6H]
00CF1199: 7413 JZ CF11AEH
00CF119B: 2455 AND AL, 55H
00CF119D: BE6501033C MOV ESI, 3C030165H
00CF11A2: BA165F929F MOV EDX, 9F925F16H
00CF11A7: 31F2 XOR EDX, ESI
00CF11A9: 81C6CB331E72 ADD ESI, 721E33CBH
00CF11AF: 29EA SUB EDX, EBP
00CF11B1: 81F50E39EB63 XOR EBP, 63EB390EH
00CF11B7: 52 PUSH EDX
00CF11B8: 812C24BF2BAA7E SUB [ESP], 7EAA2BBFH
00CF11BF: 58 POP EAX
00CF11C0: 55 PUSH EBP
00CF11C1: 89E5 MOV EBP, ESP
00CF11C3: 81C504000000 ADD EBP, 00000004H
00CF11C9: 83ED04 SUB EBP, 00000004H
00CF11CC: 872C24 XCHG EBP, [ESP]
00CF11CF: 5C POP ESP
00CF11D0: 891424 MOV [ESP], EDX
00CF11D3: 6813379916 PUSH 16993713H
00CF11D8: 5B POP EBX
00CF11D9: 81C3B4115046 ADD EBX, 465011B4H
00CF11DF: 81EB081D3FDE SUB EBX, DE3F1D08H
00CF11E5: 89DA MOV EDX, EBX
00CF11E7: 29C3 SUB EBX, EAX
00CF11E9: 057F707347 ADD EAX, 4773707FH
00CF11EE: 01D0 ADD EAX, EDX
00CF11F0: 2D7F707347 SUB EAX, 4773707FH
00CF11F5: 5A POP EDX
00CF11F6: 35C2FB2BED XOR EAX, ED2BFBC2H
00CF11FB: 0000 ADD [EAX], AL
00CF11FD: 0000 ADD [EAX], AL
00CF11FF: 005043 ADD [EAX+43H], DL
00CF1202: 45 INC EBP
00CF1203: 49 DEC ECX
00CF1204: 0200 ADD AL, [EAX]
00CF1206: 0000 ADD [EAX], AL
00CF1208: D152D1 RCL [EDX-2FH], 01H
00CF120B: 52 PUSH EDX
00CF120C: F005BD15F0F1 LOCK ADD EAX, F1F015BDH
00CF1212: BC1514730D MOV ESP, 0D731415H
00CF1217: 16 PUSH SS
00CF1218: CACB03 RETF 03CBH
00CF121B: 0009 ADD [ECX], CL
00CF121D: 050000DF2C ADD EAX, 2CDF0000H
00CF1222: 68FBC27C35 PUSH 357CC2FBH
00CF1227: 843A TEST BH, [EDX]
00CF1229: 9F LAHF
00CF122A: 25F3CF9495 AND EAX, 9594CFF3H
00CF122F: D99E82062D71 FSTP REAL4 PTR [ESI+712D0682H]
00CF1235: 92 XCHG EDX, EAX
00CF1236: 75F7 JNZ CF122FH
00CF1238: 8C832A273E70 MOV [EBX+703E272AH], ES
00CF123E: 89ED MOV EBP, EBP
00CF1240: 1E PUSH DS
00CF1241: 8DACC861E220CB LEA EBP, [EAX+ECX*8-34DF1D9FH]
00CF1248: A4 MOVSB
00CF1249: 36CB RETF
00CF124B: 44 INC ESP
00CF124C: 2E85F1 TEST ESI, ECX
00CF124F: C1811DDC42E35A ROL [ECX-1CBD23E3H], 5AH
00CF1256: FE45DE INC BYTE PTR [EBP-22H]
00CF1259: 63FA ARPL EDI, EDX
00CF125B: DEAE16A3F9DE FISUBR WORD PTR [ESI-21065CEAH]
00CF1261: 207AF1 AND [EDX-0FH], BH
00CF1264: 118DF5034089 ADC [EBP-76BFFC0BH], ECX
00CF126A: 0074C1A2 ADD [ECX+EAX*8-5EH], DH
00CF126E: 148F ADC AL, 8FH
00CF1270: 3A7EC3 CMP BH, [ESI-3DH]
00CF1273: F9 STC
00CF1274: 7C26 JL CF129CH
00CF1276: 8C69C0 MOV [ECX-40H], GS
00CF1279: D8C4 FADD ST(0), ST(4)
00CF127B: A4 MOVSB
00CF127C: 8BAF42D14BE9 MOV EBP, [EDI-16B42EBEH]
00CF1282: 326734 XOR AH, [EDI+34H]
00CF1285: 45 INC EBP
00CF1286: C1F89A SAR EAX, 9AH
00CF1289: 59 POP ECX
00CF128A: 3F AAS
00CF128B: 706E JO CF12FBH
00CF128D: 6C INSB
00CF128E: 9A0A6FE9627C7F CALL FAR 7F7C:62E96F0AH
00CF1295: E572 IN EAX, 72H
00CF1297: 830310 ADD [EBX], 00000010H
00CF129A: FE0D8814AF17 DEC [17AF1488H]
00CF12A0: 7D1F JNL CF12C1H
00CF12A2: 16 PUSH SS
00CF12A3: 864E5E XCHG CL, [ESI+5EH]
00CF12A6: A4 MOVSB
00CF12A7: 4D DEC EBP
00CF12A8: E82C275298 CALL 992139D9H
00CF12AD: F8 CLC
00CF12AE: B233 MOV DL, 33H
00CF12B0: 95 XCHG EBP, EAX
00CF12B1: FA CLI
00CF12B2: 1E PUSH DS
00CF12B3: C45245 LES EDX, [EDX+45H]
00CF12B6: 8C256CC566A6 MOV [A666C56CH], FS
00CF12BC: F2A1A1B7090E REPNZ MOV EAX, [E09B7A1H]
00CF12C2: 797A JNS CF133EH
00CF12C4: D6 SETALC
00CF12C5: 25055F09B1 AND EAX, B1095F05H
00CF12CA: 97 XCHG EDI, EAX
00CF12CB: 13A877DE9E2E ADC EBP, [EAX+2E9EDE77H]
00CF12D1: 65DDEA FUCOMP ST(2)
00CF12D4: 5D POP EBP
00CF12D5: B0BA MOV AL, BAH
00CF12D7: 69AE42D30D8FC7ECBDB1 IMUL EBP, [ESI-70F22CBEH], B1BDECC7H
00CF12E1: DB0F INVALID
00CF12E3: 82F970 AND CL, 70H
00CF12E6: 0E PUSH CS
00CF12E7: 7983 JNS CF126CH
00CF12E9: 62DA BOUND EBX, EDX
00CF12EB: 8C09 MOV [ECX], CS
00CF12ED: AB STOSD
00CF12EE: A1783D00F2 MOV EAX, [F2003D78H]
00CF12F3: F5 CMC
00CF12F4: A30E23D635 MOV [35D6230EH], EAX
00CF12F9: 3837 CMP [EDI], DH
00CF12FB: A89D TEST AL, 9DH
00CF12FD: A7 CMPSD
00CF12FE: 3BE5 CMP ESP, EBP
00CF1300: 76E8 JBE CF12EAH
00CF1302: 4F DEC EDI
00CF1303: 8E1A MOV DS, [EDX]
00CF1305: 3222 XOR AH, [EDX]
00CF1307: A0B2CA7235 MOV AL, [3572CAB2H]
00CF130C: E7C2 OUT C2H, EAX
00CF130E: 91 XCHG ECX, EAX
00CF130F: 0E PUSH CS
00CF1310: 6C INSB
00CF1311: 51 PUSH ECX
00CF1312: 819F1DE8709ADC54869F SBB [EDI-658F17E3H], 9F8654DCH
00CF131C: D88EFBD924A5 FMUL REAL4 PTR [ESI-5ADB2605H]
00CF1322: 2C30 SUB AL, 30H
00CF1324: 7A0C JPE CF1332H
00CF1326: AC LODSB
00CF1327: C419 LES EBX, [ECX]
00CF1329: C3 RET
00CF132A: 2D56D5326B SUB EAX, 6B32D556H
00CF132F: 91 XCHG ECX, EAX
00CF1330: 5A POP EDX
00CF1331: 64E2BE LOOP CF12F2H
00CF1334: E430 IN AL, 30H
00CF1336: EB7E JMP CF12B6H
00CF1338: 7245 JB CF137FH
00CF133A: 8815D7391423 MOV [231439D7H], DL
00CF1340: 58 POP EAX
00CF1341: 86BEF7C701E3 XCHG BH, [ESI-1CFE3809H]
00CF1347: 13F9 ADC EDI, ECX
00CF1349: 3B3E CMP EDI, [ESI]
00CF134B: 17 POP SS
00CF134C: 1AFB SBB BH, BL
00CF134E: 8B8E5F3904F6 MOV ECX, [ESI-09FBC6A1H]
00CF1354: 7685 JBE CF12DBH
00CF1356: F247 REPNZ INC EDI
00CF1358: 84FE TEST BH, DH
00CF135A: 719F JNO CF12FBH
00CF135C: 9C PUSHFD
00CF135D: A7 CMPSD
00CF135E: BED140EDAD MOV ESI, ADED40D1H
00CF1363: 93 XCHG EBX, EAX
00CF1364: 8AA7A5C8318E MOV AH, [EDI-71CE375BH]
00CF136A: 13EC ADC EBP, ESP
00CF136C: DBDA FCMOVNU ST(0), ST(2)
00CF136E: 0931 OR [ECX], ESI
00CF1370: EBE0 JMP CF1352H
00CF1372: 7DFA JNL CF136EH
00CF1374: 99 CDQ
00CF1375: BD28BCB508 MOV EBP, 08B5BC28H
00CF137A: 27 DAA
00CF137B: 865C6AAC XCHG BL, [EDX+EBP*2-54H]
00CF137F: 5C POP ESP
00CF1380: BC61EA8205 MOV ESP, 0582EA61H
00CF1385: 60 PUSHAD
00CF1386: 8FDE INVALID
00CF1388: 10827EEF228B ADC [EDX-74DD1082H], AL
00CF138E: 7C78 JL CF1408H
00CF1390: 671BA5B683 SBB ESP, [DI-7C4AH]
00CF1395: 40 INC EAX
00CF1396: E401 IN AL, 01H
00CF1398: BA849D05A3 MOV EDX, A3059D84H
00CF139D: EE OUT DX, AL
00CF139E: A35B8A6855 MOV [55688A5BH], EAX
00CF13A3: 1E PUSH DS
00CF13A4: BB77944E5B MOV EBX, 5B4E9477H
00CF13A9: E0D3 LOOPNZ CF137EH
00CF13AB: 325DAA XOR BL, [EBP-56H]
00CF13AE: D4A9 AAM A9H
00CF13B0: 7CFC JL CF13AEH
00CF13B2: D4E7 AAM E7H
00CF13B4: 5C POP ESP
00CF13B5: 17 POP SS
00CF13B6: B78E MOV BH, 8EH
00CF13B8: D0DC RCR AH, 01H
00CF13BA: A4 MOVSB
00CF13BB: 03D3 ADD EDX, EBX
00CF13BD: 358C38920F XOR EAX, 0F92388CH
00CF13C2: 7DC8 JNL CF138CH
00CF13C4: 5F POP EDI
00CF13C5: 800D90A709D7F2 OR BYTE PTR [D709A790H], FFFFFFF2H
00CF13CC: 61 POPAD
00CF13CD: A167B8DB82 MOV EAX, [82DBB867H]
00CF13D2: A28DE28C77 MOV [778CE28DH], AL
00CF13D7: 93 XCHG EBX, EAX
00CF13D8: 62D2 BOUND EDX, EDX
00CF13DA: CB RETF
00CF13DB: 3A9EC8319D1C CMP BL, [ESI+1C9D31C8H]
00CF13E1: F5 CMC
00CF13E2: FD STD
00CF13E3: A9E34A3DDA TEST EAX, DA3D4AE3H
00CF13E8: A6 CMPSB
00CF13E9: B506 MOV CH, 06H
00CF13EB: 41 INC ECX
00CF13EC: 5E POP ESI
00CF13ED: 7084 JO CF1373H
00CF13EF: EBA4 JMP CF1395H
00CF13F1: AC LODSB
00CF13F2: 17 POP SS
00CF13F3: FA CLI
00CF13F4: 6F OUTSD
00CF13F5: D120 SHL [EAX], 01H
00CF13F7: AC LODSB
00CF13F8: 76F2 JBE CF13ECH
00CF13FA: 6D INSD
00CF13FB: F2FFB9B2B3F4B9 INVALID
00CF1402: 65AC LODSB
00CF1404: 04F0 ADD AL, F0H
00CF1406: 04ED ADD AL, EDH
00CF1408: 42 INC EDX
00CF1409: 43 INC EBX
00CF140A: 1E PUSH DS
00CF140B: B37B MOV BL, 7BH
00CF140D: 674B DEC EBX
00CF140F: 02CD ADD CL, CH
00CF1411: 5A POP EDX
00CF1412: CE INTO
00CF1413: 1053AA ADC [EBX-56H], DL
00CF1416: 3201 XOR AL, [ECX]
00CF1418: BD8A460D9F MOV EBP, 9F0D468AH
00CF141D: 47 INC EDI
00CF141E: 72BF JB CF13DFH
00CF1420: 5C POP ESP
00CF1421: EF OUT DX, EAX
00CF1422: 05D0329FAE ADD EAX, AE9F32D0H
00CF1427: 52 PUSH EDX
00CF1428: F8 CLC
00CF1429: 41 INC ECX
00CF142A: EC IN AL, DX
00CF142B: 8A29 MOV CH, [ECX]
00CF142D: D472 AAM 72H
00CF142F: 54 PUSH ESP
00CF1430: 3E92 XCHG EDX, EAX
00CF1432: 4D DEC EBP
00CF1433: 353861E713 XOR EAX, 13E76138H
00CF1438: DB7DE3 FSTP REAL10 PTR [EBP-1DH]
00CF143B: 61 POPAD
00CF143C: 729A JB CF13D8H
00CF143E: 5A POP EDX
00CF143F: D939 FNSTCW [ECX]
00CF1441: 95 XCHG EBP, EAX
00CF1442: 8B6711 MOV ESP, [EDI+11H]
00CF1445: 058990FCE9 ADD EAX, E9FC9089H
00CF144A: 59 POP ECX
00CF144B: 038143557DA2 ADD EAX, [ECX-5D82AABDH]
00CF1451: DDF6 INVALID
00CF1453: 76FA JBE CF144FH
00CF1455: D96A48 FLDCW [EDX+48H]
00CF1458: C53D131D0577 LDS EDI, [77051D13H]
00CF145E: 38FD CMP CH, BH
00CF1460: AF SCASD
00CF1461: C29757 RETN 5797H
00CF1464: 4A DEC EDX
00CF1465: C9 LEAVE
00CF1466: AC LODSB
00CF1467: 98 CWDE
00CF1468: 9D POPFD
00CF1469: 3C86 CMP AL, 86H
00CF146B: 024342 ADD AL, [EBX+42H]
00CF146E: 5C POP ESP
00CF146F: CE INTO
00CF1470: 0040B6 ADD [EAX-4AH], AL
00CF1473: CC INT 3
00CF1474: 3409 XOR AL, 09H
00CF1476: 72C8 JB CF1440H
00CF1478: 215123 AND [ECX+23H], EDX
00CF147B: 93 XCHG EBX, EAX
00CF147C: 5F POP EDI
00CF147D: 2AFA SUB BH, DL
00CF147F: F6D4 NOT AH
00CF1481: 1BA2941591D6 SBB ESP, [EDX-296EEA6CH]
00CF1487: 3F AAS
00CF1488: AC LODSB
00CF1489: 1B2E SBB EBP, [ESI]
00CF148B: 31BC9C2F5B1EBA XOR [ESP+EBX*4-45E1A4D1H], EDI
00CF1492: 50 PUSH EAX
00CF1493: 01AFE12A86AE ADD [EDI-5179D51FH], EBP
00CF1499: 2864B2CF SUB [EDX+ESI*4-31H], AH
00CF149D: F21930 REPNZ SBB [EAX], ESI
00CF14A0: D1E7 SHL EDI, 01H
00CF14A2: 43 INC EBX
00CF14A3: 40 INC EAX
00CF14A4: BBD1310987 MOV EBX, 870931D1H
00CF14A9: 355E729C00 XOR EAX, 009C725EH
00CF14AE: 49 DEC ECX
00CF14AF: B7F3 MOV BH, F3H
00CF14B1: 28D9 SUB CL, BL
00CF14B3: DA4ECA FIMUL DWORD PTR [ESI-36H]
00CF14B6: DBDC FCMOVNU ST(0), ST(4)
00CF14B8: CDE0 INT E0H
00CF14BA: 40 INC EAX
00CF14BB: CF IRETD
00CF14BC: A2D9913596 MOV [963591D9H], AL
00CF14C1: 7915 JNS CF14D8H
00CF14C3: 59 POP ECX
00CF14C4: A5 MOVSD
00CF14C5: FD STD
00CF14C6: C7DC2456C0B8 INVALID
00CF14CC: 307CB422 XOR [ESP+ESI*4+22H], BH
00CF14D0: FE9E01BB55B2 CALL BYTE PTR [ESI-4DAA44FFH]
00CF14D6: 1ADF SBB BL, BH
00CF14D8: CE INTO
00CF14D9: F5 CMC
00CF14DA: 39DF CMP EDI, EBX
00CF14DC: B393 MOV BL, 93H
00CF14DE: F650C3 NOT BYTE PTR [EAX-3DH]
00CF14E1: C7C0B4563947 MOV EAX, 473956B4H
00CF14E7: 1A53EF SBB DL, [EBX-11H]
00CF14EA: AE SCASB
00CF14EB: B309 MOV BL, 09H
00CF14ED: 50 PUSH EAX
00CF14EE: 61 POPAD
00CF14EF: AA STOSB
00CF14F0: 1DFE9F6D75 SBB EAX, 756D9FFEH
00CF14F5: 1847B6 SBB [EDI-4AH], AL
00CF14F8: 2442 AND AL, 42H
00CF14FA: C9 LEAVE
00CF14FB: 3524C1DBE0 XOR EAX, E0DBC124H
00CF1500: F1 ICEBP
00CF1501: D21F RCR [EDI], CL
00CF1503: 02C7 ADD AL, BH
00CF1505: 2549F48AC6 AND EAX, C68AF449H
00CF150A: 65C7709C3C00BE2B INVALID
00CF1512: 331C0F XOR EBX, [EDI+ECX]
00CF1515: 7DF6 JNL CF150DH
00CF1517: 53 PUSH EBX
00CF1518: 871E XCHG EBX, [ESI]
00CF151A: 42 INC EDX
00CF151B: 41 INC ECX
00CF151C: 6319 ARPL EBX, [ECX]
00CF151E: B353 MOV BL, 53H
00CF1520: 203D715D617A AND [7A615D71H], BH
00CF1526: C5BD707FB23B LDS EDI, [EBP+3BB27F70H]
00CF152C: 758F JNZ CF14BDH
00CF152E: 769B JBE CF14CBH
00CF1530: 880E MOV [ESI], CL
00CF1532: 50 PUSH EAX
00CF1533: B75F MOV BH, 5FH
00CF1535: 782F JS CF1566H
00CF1537: EE OUT DX, AL
00CF1538: 255C6F45EC AND EAX, EC456F5CH
00CF153D: E532 IN EAX, 32H
00CF153F: 55 PUSH EBP
00CF1540: 9E SAHF
00CF1541: A6 CMPSB
00CF1542: 1155C6 ADC [EBP-3AH], EDX
00CF1545: 1ACB SBB CL, BL
00CF1547: 5F POP EDI
00CF1548: F7F3 DIV EBX
00CF154A: 01E8 ADD EAX, EBP
00CF154C: C0364E INVALID
00CF154F: 0E PUSH CS
00CF1550: E4F5 IN AL, F5H
00CF1552: CB RETF
00CF1553: 007B8E ADD [EBX-72H], BH
00CF1556: FE353CA06123 PUSH [2361A03CH]
00CF155C: DA18 FICOMP DWORD PTR [EAX]
00CF155E: 48 DEC EAX
00CF155F: C3 RET
00CF1560: 1E PUSH DS
00CF1561: 10F4 ADC AH, DH
00CF1563: F3A948BD9FEF REP TEST EAX, EF9FBD48H
00CF1569: 11AA22EA2CEA ADC [EDX-15D315DEH], EBP
00CF156F: CA4843 RETF 4348H
00CF1572: CAA042 RETF 42A0H
00CF1575: 6C INSB
00CF1576: 8836 MOV [ESI], DH
00CF1578: CB RETF
00CF1579: 7771 JNBE CF15ECH
00CF157B: 95 XCHG EBP, EAX
00CF157C: 208463358F2090 AND AL, [EBX+*2]
00CF1583: 90 NOP
00CF1584: 41 INC ECX
00CF1585: E693 OUT 93H, AL
00CF1587: DEDC INVALID
00CF1589: 63F8 ARPL EDI, EAX
00CF158B: CB RETF
00CF158C: A7 CMPSD
00CF158D: C7EBEFB04347 INVALID
00CF1593: 50 PUSH EAX
00CF1594: 4D DEC EBP
00CF1595: 21949E3FEDD9FB AND [ESI+EBX*4-042612C1H], EDX
00CF159C: 47 INC EDI
00CF159D: A2A3642AFA MOV [FA2A64A3H], AL
00CF15A2: C9 LEAVE
00CF15A3: 7C1A JL CF15BFH
00CF15A5: 0C58 OR AL, 58H
00CF15A7: 98 CWDE
00CF15A8: D306 ROL DWORD PTR [ESI], CL
00CF15AA: D500 AAD 00H
00CF15AC: 00A68BD03FE5 ADD [ESI-1AC02F75H], AH
00CF15B2: 3CD9 CMP AL, D9H
00CF15B4: 64F227 REPNZ DAA
00CF15B7: A904053963 TEST EAX, 63390504H
00CF15BC: EF OUT DX, EAX
00CF15BD: A91C391BE0 TEST EAX, E01B391CH
00CF15C2: EF OUT DX, EAX
00CF15C3: CB RETF
00CF15C4: 886868 MOV [EAX+68H], CH
00CF15C7: 5A POP EDX
00CF15C8: DD37 FSAVE [EDI]
00CF15CA: 45 INC EBP
00CF15CB: CC INT 3
00CF15CC: 818D2780D9574A5D1229 OR [EBP+57D98027H], 29125D4AH
00CF15D6: BE8AF33E61 MOV ESI, 613EF38AH
00CF15DB: 48 DEC EAX
00CF15DC: ED IN EAX, DX
00CF15DD: 22846DF98058C0 AND AL, [EBP+EBP*2-3FA77F07H]
00CF15E4: 0955B6 OR [EBP-4AH], EDX
00CF15E7: 42 INC EDX
00CF15E8: FC CLD
00CF15E9: 60 PUSHAD
00CF15EA: 8B614E MOV ESP, [ECX+4EH]
00CF15ED: 07 POP ES
00CF15EE: 45 INC EBP
00CF15EF: 3C9C CMP AL, 9CH
00CF15F1: D6 SETALC
00CF15F2: 73AB JNB CF159FH
00CF15F4: E96D69FF23 JMP 24CE7F66H
00CF15F9: FFA50E55CCF7 JMP [EBP-0833AAF2H]
00CF15FF: F2D6 REPNZ SETALC
00CF1601: D079CC SAR BYTE PTR [ECX-34H], 01H
00CF1604: 41 INC ECX
00CF1605: 397C3BB4 CMP [EBX+EDI-4CH], EDI
00CF1609: 90 NOP
00CF160A: F8 CLC
00CF160B: 7F66 JNLE CF1673H
00CF160D: E3D4 JECXZ CF15E3H
00CF160F: 7B21 JNP CF1632H
00CF1611: 6D INSD
00CF1612: 79FA JNS CF160EH
00CF1614: 871B XCHG EBX, [EBX]
00CF1616: 639342D989DE ARPL EDX, [EBX-217626BEH]
00CF161C: D0FB SAR BL, 01H
00CF161E: BC3825BAAA MOV ESP, AABA2538H
00CF1623: 4D DEC EBP
00CF1624: AA STOSB
00CF1625: 46 INC ESI
00CF1626: 0F9C6AC9 SETL BYTE PTR [EDX-37H]
00CF162A: 6F OUTSD
00CF162B: DFA69F41469C FBLD TBYTE PTR [ESI-63B9BE61H]
00CF1631: 36C22FE3 RETN E32FH
00CF1635: 310CB8 XOR [EAX+EDI*4], ECX
00CF1638: 16 PUSH SS
00CF1639: 6958DA88BFEDCA IMUL EBX, [EAX-26H], CAEDBF88H
00CF1640: B2D0 MOV DL, D0H
00CF1642: 0385432D1E42 ADD EAX, [EBP+421E2D43H]
00CF1648: F0C5C4 LOCK LDS EAX, ESP
00CF164B: D4D1 AAM D1H
00CF164D: 47 INC EDI
00CF164E: 3918 CMP [EAX], EBX
00CF1650: 037BFD ADD EDI, [EBX-03H]
00CF1653: 35FD95239E XOR EAX, 9E2395FDH
00CF1658: 56 PUSH ESI
00CF1659: 9D POPFD
00CF165A: 64A3E4840E31 MOV FS:[310E84E4H], EAX
00CF1660: FEED JMP CH
00CF1662: 17 POP SS
00CF1663: 0A10 OR DL, [EAX]
00CF1665: B4D3 MOV AH, D3H
00CF1667: 9E SAHF
00CF1668: 98 CWDE
00CF1669: 1302 ADC EAX, [EDX]
00CF166B: 4A DEC EDX
00CF166C: 23A3CD87D94A AND ESP, [EBX+4AD987CDH]
00CF1672: BC66A507B6 MOV ESP, B607A566H
00CF1677: E9AEF24354 JMP 5513092AH
00CF167C: 2B12 SUB EDX, [EDX]
00CF167E: 0A8B46A2AFD2 OR CL, [EBX-2D505DBAH]
00CF1684: 4D DEC EBP
00CF1685: 026A87 ADD CH, [EDX-79H]
00CF1688: E8A1E16888 CALL 8937F82EH
00CF168D: AE SCASB
00CF168E: 79AC JNS CF163CH
00CF1690: 5C POP ESP
00CF1691: 636A4B ARPL EBP, [EDX+4BH]
00CF1694: E7E9 OUT E9H, EAX
00CF1696: E7DE OUT DEH, EAX
00CF1698: 5B POP EBX
00CF1699: 53 PUSH EBX
00CF169A: 99 CDQ
00CF169B: 5C POP ESP
00CF169C: AB STOSD
00CF169D: 46 INC ESI
00CF169E: 57 PUSH EDI
00CF169F: E43D IN AL, 3DH
00CF16A1: 98 CWDE
00CF16A2: 7E28 JLE CF16CCH
00CF16A4: 45 INC EBP
00CF16A5: 91 XCHG ECX, EAX
00CF16A6: F9 STC
00CF16A7: 3BF8 CMP EDI, EAX
00CF16A9: A0DDC47F8A MOV AL, [8A7FC4DDH]
00CF16AE: 2C64 SUB AL, 64H
00CF16B0: 51 PUSH ECX
00CF16B1: 53 PUSH EBX
00CF16B2: 6E OUTSB
00CF16B3: CD3E INT 3EH
00CF16B5: 764F JBE CF1706H
00CF16B7: 53 PUSH EBX
00CF16B8: 53 PUSH EBX
00CF16B9: B4FB MOV AH, FBH
00CF16BB: 9B WAIT
00CF16BC: A7 CMPSD
00CF16BD: 76BB JBE CF167AH
00CF16BF: EB6C JMP CF172DH
00CF16C1: 7ABE JPE CF1681H
00CF16C3: A7 CMPSD
00CF16C4: A6 CMPSB
00CF16C5: E3BA JECXZ CF1681H
00CF16C7: 3CBD CMP AL, BDH
00CF16C9: E626 OUT 26H, AL
00CF16CB: 2C2A SUB AL, 2AH
00CF16CD: 44 INC ESP
00CF16CE: 37 AAA
00CF16CF: CC INT 3
00CF16D0: B630 MOV DH, 30H
00CF16D2: 79D0 JNS CF16A4H
00CF16D4: A0A4AE21DC MOV AL, [DC21AEA4H]
00CF16D9: B170 MOV CL, 70H
00CF16DB: 5F POP EDI
00CF16DC: 9F LAHF
00CF16DD: FB STI
00CF16DE: 683A935017 PUSH 1750933AH
00CF16E3: 43 INC EBX
00CF16E4: A25D6BF41B MOV [1BF46B5DH], AL
00CF16E9: 1F POP DS
00CF16EA: 07 POP ES
00CF16EB: 3EDA7DA4 FIDIVR DWORD PTR DS:[EBP-5CH]
00CF16EF: 34F0 XOR AL, F0H
00CF16F1: 320C54 XOR CL, [ESP+EDX*2]
00CF16F4: B2D0 MOV DL, D0H
00CF16F6: 7D76 JNL CF176EH
00CF16F8: 109201136F05 ADC [EDX+056F1301H], DL
00CF16FE: E92E9DC89C JMP 9D97B431H
00CF1703: 3F AAS
00CF1704: B97946E24A MOV ECX, 4AE24679H
00CF1709: 68E2FF5AAE PUSH AE5AFFE2H
00CF170E: 62DB BOUND EBX, EBX
00CF1710: F2EAC7B85D480FAC REPNZ JMP FAR AC0F:485DB8C7H
00CF1718: 632CE8 ARPL EBP, [EAX+EBP*8]
00CF171B: 1F POP DS
00CF171C: 16 PUSH SS
00CF171D: CF IRETD
00CF171E: 45 INC EBP
00CF171F: 17 POP SS
00CF1720: 57 PUSH EDI
00CF1721: 7DBE JNL CF16E1H
00CF1723: AC LODSB
00CF1724: 97 XCHG EDI, EAX
00CF1725: D4A6 AAM A6H
00CF1727: 136ABD ADC EBP, [EDX-43H]
00CF172A: 22748EA9 AND DH, [ESI+ECX*4-57H]
00CF172E: 13DD ADC EBX, EBP
00CF1730: F63F IDIV BYTE PTR [EDI]
00CF1732: 44 INC ESP
00CF1733: D6 SETALC
00CF1734: 50 PUSH EAX
00CF1735: 3385CDC8AFEC XOR EAX, [EBP-13503733H]
00CF173B: EAA5B4FCFDB556 JMP FAR 56B5:FDFCB4A5H
00CF1742: 7450 JZ CF1794H
00CF1744: 57 PUSH EDI
00CF1745: BD510E0115 MOV EBP, 15010E51H
00CF174A: EAB96A8AAC3767 JMP FAR 6737:AC8A6AB9H
00CF1751: B529 MOV CH, 29H
00CF1753: 9B WAIT
00CF1754: B2F6 MOV DL, F6H
00CF1756: 47 INC EDI
00CF1757: 5D POP EBP
00CF1758: 02D2 ADD DL, DL
00CF175A: 6463EA ARPL EBP, EDX
00CF175D: 0BF8 OR EDI, EAX
00CF175F: D8742BF4 FDIV REAL4 PTR [EBX+EBP-0CH]
00CF1763: 823D98AF2D83EB AND BYTE PTR [832DAF98H], FFFFFFEBH
00CF176A: 97 XCHG EDI, EAX
00CF176B: 7ACB JPE CF1738H
00CF176D: 9D POPFD
00CF176E: 97 XCHG EDI, EAX
00CF176F: F8 CLC
00CF1770: 189B748D5B4F SBB [EBX+4F5B8D74H], BL
00CF1776: 797F JNS CF16F7H
00CF1778: C533 LDS ESI, [EBX]
00CF177A: CDF4 INT F4H
00CF177C: 60 PUSHAD
00CF177D: 74E2 JZ CF1761H
00CF177F: 57 PUSH EDI
00CF1780: DADF FCMOVU ST(0), ST(7)
00CF1782: 06 PUSH ES
00CF1783: 5E POP ESI
00CF1784: 93 XCHG EBX, EAX
00CF1785: AA STOSB
00CF1786: EB95 JMP CF171DH
00CF1788: 33F6 XOR ESI, ESI
00CF178A: 284243 SUB [EDX+43H], AL
00CF178D: 51 PUSH ECX
00CF178E: 70BB JO CF174BH
00CF1790: D2C9 ROR CL, CL
00CF1792: 8CE6 MOV ESI, FS
00CF1794: B3CE MOV BL, CEH
00CF1796: CDD4 INT D4H
00CF1798: CAC08A RETF 8AC0H
00CF179B: 19154EA3CC5D SBB [5DCCA34EH], EDX
00CF17A1: 1019 ADC [ECX], BL
00CF17A3: 9B WAIT
00CF17A4: 3B4103 CMP EAX, [ECX+03H]
00CF17A7: E6F7 OUT F7H, AL
00CF17A9: 45 INC EBP
00CF17AA: 48 DEC EAX
00CF17AB: 8FB63774FDA1 INVALID
00CF17B1: 07 POP ES
00CF17B2: F8 CLC
00CF17B3: D29ED59103AD RCR [ESI-52FC6E2BH], CL
00CF17B9: DE47A3 FIADD WORD PTR [EDI-5DH]
00CF17BC: CDD6 INT D6H
00CF17BE: 90 NOP
00CF17BF: CE INTO
00CF17C0: 95 XCHG EBP, EAX
00CF17C1: 3C0A CMP AL, 0AH
00CF17C3: 22A357C5C065 AND AH, [EBX+65C0C557H]
00CF17C9: B8D1FB26DC MOV EAX, DC26FBD1H
00CF17CE: 6E OUTSB
00CF17CF: 87FC XCHG EDI, ESP
00CF17D1: F0F8 LOCK CLC
00CF17D3: 333A XOR EDI, [EDX]
00CF17D5: B3D5 MOV BL, D5H
00CF17D7: D6 SETALC
00CF17D8: 5D POP EBP
00CF17D9: 52 PUSH EDX
00CF17DA: 1BE1 SBB ESP, ECX
00CF17DC: CAB090 RETF 90B0H
00CF17DF: 90 NOP
00CF17E0: B5D2 MOV CH, D2H
00CF17E2: 09B59EAB1A0B OR [EBP+0B1AAB9EH], ESI
00CF17E8: 644C DEC ESP
00CF17EA: 351579F8A6 XOR EAX, A6F87915H
00CF17EF: A5 MOVSD
00CF17F0: ED IN EAX, DX
00CF17F1: D6 SETALC
00CF17F2: 10E7 ADC BH, AH
00CF17F4: E6C3 OUT C3H, AL
00CF17F6: 8700 XCHG EAX, [EAX]
00CF17F8: 61 POPAD
00CF17F9: BED5508BA1 MOV ESI, A18B50D5H
00CF17FE: 8DB825AF2089 LEA EDI, [EAX-76DF50DBH]
00CF1804: 1A0E SBB CL, [ESI]
00CF1806: 219135293FD3 AND [ECX-2CC0D6CBH], EDX
00CF180C: 7D6A JNL CF1878H
00CF180E: 67A28D19 MOV [198DH], AL
00CF1812: 69531FA8D48D0F IMUL EDX, [EBX+1FH], 0F8DD4A8H
00CF1819: 846E24 TEST CH, [ESI+24H]
00CF181C: 807D906E CMP BYTE PTR [EBP-70H], 6EH
00CF1820: 9D POPFD
00CF1821: EE OUT DX, AL
00CF1822: 2AB37A1C8E2F SUB DH, [EBX+2F8E1C7AH]
00CF1828: F1 ICEBP
00CF1829: 80CEEE OR DH, FFFFFFEEH
00CF182C: A5 MOVSD
00CF182D: 819E4F00259569527FA6 SBB [ESI-6ADAFFB1H], A67F5269H
00CF1837: BABE385C92 MOV EDX, 925C38BEH
00CF183C: 632A ARPL EBP, [EDX]
00CF183E: E93E1BDA3E JMP 3FA93381H
00CF1843: 3CD5 CMP AL, D5H
00CF1845: E5EA IN EAX, EAH
00CF1847: F8 CLC
00CF1848: 98 CWDE
00CF1849: 3EF2CA5378 REPNZ RETF 7853H

I WONT Continue because its to much :-P

When PBlackout terminates hackshield:


00406740: 0810 OR [EAX], DL
00406742: 8B18 MOV EBX, [EAX]
00406744: 7264 JB 4067AAH
00406746: 1B7C0D74 SBB EDI, [EBP+ECX+74H]
0040674A: FA CLI
0040674B: 55 PUSH EBP
0040674C: 09D1 OR ECX, EDX
0040674E: 9E SAHF
0040674F: 68863D3A93 PUSH 933A3D86H
00406754: 98 CWDE
00406755: 69289CC2EB3A IMUL EBP, [EAX], 3AEBC29CH
0040675B: 09D4 OR ESP, EDX
0040675D: BA13180CBF MOV EDX, BF0C1813H
00406762: A6 CMPSB
00406763: 1810 SBB [EAX], DL
00406765: 60 PUSHAD
00406766: A19504D250 MOV EAX, [50D20495H]
0040676B: DD90DB9D9A45 FST REAL8 PTR [EAX+459A9DDBH]
00406771: F396 REP XCHG ESI, EAX
00406773: 8B926367AA0C MOV EDX, [EDX+0CAA6763H]
00406779: 59 POP ECX
0040677A: 17 POP SS
0040677B: 58 POP EAX
0040677C: DCBA9864CADF FDIVR REAL8 PTR [EDX-20359B68H]
00406782: 5C POP ESP
00406783: 42 INC EDX
00406784: EC IN AL, DX
00406785: EAE9E414EAA634 JMP FAR 34A6:EA14E4E9H
0040678C: 8431 TEST DH, [ECX]
0040678E: 17 POP SS
0040678F: E86C06E528 CALL 29256E00H
00406794: A2FB9BEE9B MOV [9BEE9BFBH], AL
00406799: 18BC0D403C12D0 SBB [EBP+ECX-2FEDC3C0H], BH
004067A0: 7CD1 JL 406773H
004067A2: 02E8 ADD CH, AL
004067A4: 64DF4691 FILD WORD PTR FS:[ESI-6FH]
004067A8: BA37F87811 MOV EDX, 1178F837H
004067AD: A6 CMPSB
004067AE: 3B47C5 CMP EAX, [EDI-3BH]
004067B1: D19830B83AD8 RCR [EAX-27C547D0H], 01H

The end :-)

[kill3rrr123]

Just what do we do with these addresses? It looks like you can do something with Cheat Engine..

[Lehsyrus]

Just what do we do with these addresses? It looks like you can do something with Cheat Engine..

It's simply the client disassembled into an ASM format.

[RobinC]

It's simply the client disassembled into an ASM format.

Jamaica ---> WEED <33
Love Ya

[PheonX]

what application are you use ?
IDA or olly ?

[EiKzLoM12]

It's simply the client disassembled into an ASM format.

what do we do with this adressess? What do you mean Simply disassembled into ASM Format?

[Lehsyrus]

what do we do with this adressess? What do you mean Simply disassembled into ASM Format?

If you do not know at least that much then there is nothing you can do with it.