Category:Digital-Forensics/Computer-Forensics/Anti-Reverse-Engineering/Anti-Disassembly/Jmp-Same-Target

From aldeid
Jump to navigation Jump to search
You are here
Jump instruction with same target

Description

Byte code 
┌────┬────┬────┬────┬────┬────┬────┬────┬────┐
│ 74 │ 03 │ 75 │ 01 │ E8 │ 58 │ C3 │ 90 │ 90 │  
└────┴────┴────┴────┴────┴────┴────┴────┴────┘
Wrong interpretation 
┌─────────┬─────────┬────────────────────────┐
│ JZ      │JNZ      │ CALL ...               │
└─────────┴─────────┴────────────────────────┘

74 03               jz      short near ptr loc_4011C4+1
75 01               jnz     short near ptr loc_4011C4+1
                    loc_4011C4:                     ; CODE XREF: sub_4011C0
                                                    ; sub_4011C0+2j
E8 58 C3 90 90      call    near ptr 90D0D521h
Good interpretation 
┌─────────┬─────────┬────┬────┬────┬─────────┐
│ JZ      │JNZ      │    │POP │RET │         │
└─────────┴─────────┴────┴────┴────┴─────────┘
      │        │           ▲
      └────────┴───────────┘

74 03               jz      short near ptr loc_4011C5
75 01               jnz     short near ptr loc_4011C5
            ; -------------------------------------------------------------------
E8                  db 0E8h
            ; -------------------------------------------------------------------
                    loc_4011C5:                   ; CODE XREF: sub_4011C0
                                                  ; sub_4011C0+2j
58                  pop     eax
C3                  retn

This category currently contains no pages or media.

Retrieved from "https://www.aldeid.com/w/index.php?title=Category:Digital-Forensics/Computer-Forensics/Anti-Reverse-Engineering/Anti-Disassembly/Jmp-Same-Target&oldid=30903"