Binsec/Codex Analysis

Disassembly Results

0x0000118d 55 push ebp
0x0000118e 89 e5 mov ebp, esp
0x00001190 83 ec 10 sub esp, 0x10
0x00001193 e8 00 01 00 00 call 0x1298
0x00001198 05 40 2e 00 00 add eax, 0x2e40
0x0000119d 8b 45 08 mov eax, [ebp + 0x8]
0x000011a0 8b 40 04 mov eax, [eax + 0x4]
0x000011a3 89 45 f4 mov [ebp + 0xfffffff4], eax
0x000011a6 8b 45 f4 mov eax, [ebp + 0xfffffff4]
0x000011a9 89 45 fc mov [ebp + 0xfffffffc], eax
0x000011ac 8b 45 08 mov eax, [ebp + 0x8]
0x000011af 8b 00 mov eax, [eax]
0x000011b1 89 45 f0 mov [ebp + 0xfffffff0], eax
0x000011b4 c7 45 f8 00 00 00 00 mov [ebp + 0xfffffff8], 0x0
0x000011bb eb 12 jmp 0x11cf
0x000011bd 8b 45 fc mov eax, [ebp + 0xfffffffc]
0x000011c0 8b 50 04 mov edx, [eax + 0x4]
0x000011c3 8b 45 f8 mov eax, [ebp + 0xfffffff8]
0x000011c6 01 d0 add eax, edx
0x000011c8 c6 00 00 mov [eax], 0x0
0x000011cb 83 45 f8 01 add [ebp + 0xfffffff8], 0x1
0x000011cf 8b 45 f8 mov eax, [ebp + 0xfffffff8]
0x000011d2 3b 45 f0 cmp eax, [ebp + 0xfffffff0]
0x000011d5 7c e6 jl 0x11bd
0x000011d7 8b 45 fc mov eax, [ebp + 0xfffffffc]
0x000011da 8b 00 mov eax, [eax]
0x000011dc 89 45 fc mov [ebp + 0xfffffffc], eax
0x000011df 8b 45 fc mov eax, [ebp + 0xfffffffc]
0x000011e2 3b 45 f4 cmp eax, [ebp + 0xfffffff4]
0x000011e5 75 cd jnz 0x11b4
0x000011e7 90 nop
0x000011e8 90 nop
0x000011e9 c9 leave
0x000011ea c3 ret
0x000011eb 8d 4c 24 04 lea ecx, [esp + 0x4]
0x000011ef 83 e4 f0 and esp, 0xfffffff0
0x000011f2 ff 71 fc push [ecx + 0xfffffffc]
0x000011f5 55 push ebp
0x000011f6 89 e5 mov ebp, esp
0x000011f8 53 push ebx
0x000011f9 51 push ecx
0x000011fa 83 ec 10 sub esp, 0x10
0x000011fd e8 8e fe ff ff call 0x1090
0x00001202 81 c3 d6 2d 00 00 add ebx, 0x2dd6
0x00001208 83 ec 0c sub esp, 0xc
0x0000120b 6a 08 push 0x8
0x0000120d e8 2e fe ff ff call 0x1040
0x00001212 83 c4 10 add esp, 0x10
0x00001215 89 45 f0 mov [ebp + 0xfffffff0], eax
0x00001218 8b 45 f0 mov eax, [ebp + 0xfffffff0]
0x0000121b c7 00 14 00 00 00 mov [eax], 0x14
0x00001221 8b 45 f0 mov eax, [ebp + 0xfffffff0]
0x00001224 c7 40 04 00 00 00 00 mov [eax + 0x4], 0x0
0x0000122b c7 45 f4 00 00 00 00 mov [ebp + 0xfffffff4], 0x0
0x00001232 eb 41 jmp 0x1275
0x00001234 83 ec 0c sub esp, 0xc
0x00001237 6a 08 push 0x8
0x00001239 e8 02 fe ff ff call 0x1040
0x0000123e 83 c4 10 add esp, 0x10
0x00001241 89 45 ec mov [ebp + 0xffffffec], eax
0x00001244 8b 45 f0 mov eax, [ebp + 0xfffffff0]
0x00001247 8b 00 mov eax, [eax]
0x00001249 83 ec 0c sub esp, 0xc
0x0000124c 50 push eax
0x0000124d e8 ee fd ff ff call 0x1040
0x00001252 83 c4 10 add esp, 0x10
0x00001255 89 c2 mov edx, eax
0x00001257 8b 45 ec mov eax, [ebp + 0xffffffec]
0x0000125a 89 50 04 mov [eax + 0x4], edx
0x0000125d 8b 45 f0 mov eax, [ebp + 0xfffffff0]
0x00001260 8b 50 04 mov edx, [eax + 0x4]
0x00001263 8b 45 ec mov eax, [ebp + 0xffffffec]
0x00001266 89 10 mov [eax], edx
0x00001268 8b 45 f0 mov eax, [ebp + 0xfffffff0]
0x0000126b 8b 55 ec mov edx, [ebp + 0xffffffec]
0x0000126e 89 50 04 mov [eax + 0x4], edx
0x00001271 83 45 f4 01 add [ebp + 0xfffffff4], 0x1
0x00001275 83 7d f4 09 cmp [ebp + 0xfffffff4], 0x9
0x00001279 7e b9 jle 0x1234
0x0000127b 83 ec 0c sub esp, 0xc
0x0000127e ff 75 f0 push [ebp + 0xfffffff0]
0x00001281 e8 07 ff ff ff call 0x118d
0x00001286 83 c4 10 add esp, 0x10
0x00001289 b8 00 00 00 00 mov eax, 0x0
0x0000128e 8d 65 f8 lea esp, [ebp + 0xfffffff8]
0x00001291 59 pop ecx
0x00001292 5b pop ebx
0x00001293 5d pop ebp
0x00001294 8d 61 fc lea esp, [ecx + 0xfffffffc]
0x00001297 c3 ret
0x00001298 8b 04 24 mov eax, [esp]
0x0000129b c3 ret
0x0000129c 53 push ebx
0x0000129d 83 ec 08 sub esp, 0x8
0x000012a0 e8 eb fd ff ff call 0x1090
0x000012a5 81 c3 33 2d 00 00 add ebx, 0x2d33
0x000012ab 83 c4 08 add esp, 0x8
0x000012ae 5b pop ebx
0x000012af c3 ret

DBA blocks

Explanation will appear here.

Analysis Result


  

  

  
Alarms

  

  Phase: _none_
-alarm- invalid_load_access, 0, 1, 0x000011da


ptr_arith, 26, 4, 0x000011a0
0x000011c0 0x000011c6
0x000011e2


-total alarm count-,5