-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwindows_json.json
1 lines (1 loc) · 30.3 KB
/
windows_json.json
1
[{"name":"entry0","offset":4503472,"ninstr":93,"nargs":0,"nlocals":9,"size":437,"stack":128,"type":"fcn","blocks":[{"offset":4503472,"size":25,"jump":4503505,"fail":4503497,"ops":[{"offset":4503472,"val":88,"esil":"88,rsp,-=,88,0x8000000000000000,-,!,63,$o,^,of,:=,63,$s,sf,:=,$z,zf,:=,$p,pf,:=,64,$b,cf,:=,3,$b,af,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"sub rsp, 0x58","disasm":"sub rsp, 0x58","bytes":"4883ec58","family":"cpu","type":"sub","reloc":false,"type_num":18,"type2_num":0,"flags":["entry0","rip"]},{"offset":4503476,"esil":"rbx,0x70,rsp,+,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov qword [rsp + 0x70], rbx","disasm":"mov qword [rsp + 0x70], rbx","bytes":"48895c2470","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503481,"esil":"rdi,0x78,rsp,+,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov qword [rsp + 0x78], rdi","disasm":"mov qword [rsp + 0x78], rdi","bytes":"48897c2478","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503486,"ptr":4194304,"val":23117,"esil":"23117,0x4b7c7,rip,-,[2],==,$z,zf,:=,16,$b,cf,:=,$p,pf,:=,15,$s,sf,:=,23117,0x8000,-,!,15,$o,^,of,:=,3,$b,af,:=","refptr":2,"fcn_addr":4503472,"fcn_last":4503900,"size":9,"opcode":"cmp word [rip - 0x4b7c7], 0x5a4d","disasm":"cmp word [0x00400000], 0x5a4d","bytes":"66813d3948fbff4d5a","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503495,"esil":"zf,?{,4503505,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"je 0x44b7d1","disasm":"je 0x44b7d1","bytes":"7408","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503505,"fail":4503497,"refs":[{"addr":4503505,"type":"CODE","perm":"--x"}]}]},{"offset":4503497,"size":8,"jump":4503629,"ops":[{"offset":4503497,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0},{"offset":4503499,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503503,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb7c","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503505,"size":25,"jump":4503538,"fail":4503530,"ops":[{"offset":4503505,"ptr":4194364,"esil":"32,0x4b79c,rip,-,[4],~,rax,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"movsxd rax, dword [rip - 0x4b79c]","disasm":"movsxd rax, dword [0x0040003c]","bytes":"4863056448fbff","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"xrefs":[{"addr":4503495,"type":"CODE","perm":"--x"}]},{"offset":4503512,"ptr":4194304,"esil":"0x4b7df,rip,-,rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rcx, [rip - 0x4b7df]","disasm":"lea rcx, [0x00400000]","bytes":"488d0d2148fbff","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0},{"offset":4503519,"esil":"rcx,rax,+=,63,$o,of,:=,63,$s,sf,:=,$z,zf,:=,63,$c,cf,:=,$p,pf,:=,3,$c,af,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503906,"size":3,"opcode":"add rax, rcx","disasm":"add rax, rcx","bytes":"4803c1","family":"cpu","type":"add","reloc":false,"type_num":17,"type2_num":0},{"offset":4503522,"val":17744,"esil":"17744,rax,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,17744,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"cmp dword [rax], 0x4550","disasm":"cmp dword [rax], 0x4550","bytes":"813850450000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503528,"esil":"zf,?{,4503538,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"je 0x44b7f2","disasm":"je 0x44b7f2","bytes":"7408","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503538,"fail":4503530,"refs":[{"addr":4503538,"type":"CODE","perm":"--x"}]}]},{"offset":4503530,"size":8,"jump":4503629,"ops":[{"offset":4503530,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0},{"offset":4503532,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503536,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb5b","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503538,"size":12,"jump":4503600,"fail":4503550,"ops":[{"offset":4503538,"esil":"0x18,rax,+,[2],rcx,=","refptr":2,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"movzx ecx, word [rax + 0x18]","disasm":"movzx ecx, word [rax + 0x18]","bytes":"0fb74818","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"xrefs":[{"addr":4503528,"type":"CODE","perm":"--x"}]},{"offset":4503542,"ptr":267,"val":267,"esil":"267,ecx,==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,267,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"cmp ecx, 0x10b","disasm":"cmp ecx, 0x10b","bytes":"81f90b010000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503548,"esil":"zf,?{,4503600,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"je 0x44b830","disasm":"je 0x44b830","bytes":"7432","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503600,"fail":4503550,"refs":[{"addr":4503600,"type":"CODE","perm":"--x"}]}]},{"offset":4503550,"size":8,"jump":4503566,"fail":4503558,"ops":[{"offset":4503550,"ptr":523,"val":523,"esil":"523,ecx,==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,523,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"cmp ecx, 0x20b","disasm":"cmp ecx, 0x20b","bytes":"81f90b020000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503556,"esil":"zf,?{,4503566,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"je 0x44b80e","disasm":"je 0x44b80e","bytes":"7408","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503566,"fail":4503558,"refs":[{"addr":4503566,"type":"CODE","perm":"--x"}]}]},{"offset":4503558,"size":8,"jump":4503629,"ops":[{"offset":4503558,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0},{"offset":4503560,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503564,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb3f","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503566,"size":9,"jump":4503583,"fail":4503575,"ops":[{"offset":4503566,"val":14,"esil":"14,0x84,rax,+,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,14,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"cmp dword [rax + 0x84], 0xe","disasm":"cmp dword [rax + 0x84], 0xe","bytes":"83b8840000000e","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0,"xrefs":[{"addr":4503556,"type":"CODE","perm":"--x"}]},{"offset":4503573,"esil":"cf,zf,|,!,?{,4503583,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"ja 0x44b81f","disasm":"ja 0x44b81f","bytes":"7708","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503583,"fail":4503575,"refs":[{"addr":4503583,"type":"CODE","perm":"--x"}]}]},{"offset":4503575,"size":8,"jump":4503629,"ops":[{"offset":4503575,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0},{"offset":4503577,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503581,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb2e","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503583,"size":17,"jump":4503629,"ops":[{"offset":4503583,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0,"xrefs":[{"addr":4503573,"type":"CODE","perm":"--x"}]},{"offset":4503585,"esil":"ebx,0xf8,rax,+,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,ebx,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"cmp dword [rax + 0xf8], ebx","disasm":"cmp dword [rax + 0xf8], ebx","bytes":"3998f8000000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503591,"esil":"zf,!,bl,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503906,"size":3,"opcode":"setne bl","disasm":"setne bl","bytes":"0f95c3","family":"cpu","type":"cmov","reloc":false,"type_num":2147483657,"type2_num":0},{"offset":4503594,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503598,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb1d","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503600,"size":6,"jump":4503614,"fail":4503606,"ops":[{"offset":4503600,"val":14,"esil":"14,0x74,rax,+,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,14,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"cmp dword [rax + 0x74], 0xe","disasm":"cmp dword [rax + 0x74], 0xe","bytes":"8378740e","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0,"xrefs":[{"addr":4503548,"type":"CODE","perm":"--x"}]},{"offset":4503604,"esil":"cf,zf,|,!,?{,4503614,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"ja 0x44b83e","disasm":"ja 0x44b83e","bytes":"7708","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503614,"fail":4503606,"refs":[{"addr":4503614,"type":"CODE","perm":"--x"}]}]},{"offset":4503606,"size":8,"jump":4503629,"ops":[{"offset":4503606,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0},{"offset":4503608,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503612,"esil":"0x44b84d,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b84d","disasm":"jmp 0x44b84d","bytes":"eb0f","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503629,"refs":[{"addr":4503629,"type":"CODE","perm":"--x"}]}]},{"offset":4503614,"size":15,"jump":4503629,"ops":[{"offset":4503614,"esil":"ebx,rbx,^,0xffffffff,&,rbx,=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"xor ebx, ebx","disasm":"xor ebx, ebx","bytes":"33db","family":"cpu","type":"xor","reloc":false,"type_num":28,"type2_num":0,"xrefs":[{"addr":4503604,"type":"CODE","perm":"--x"}]},{"offset":4503616,"esil":"ebx,0xe8,rax,+,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,ebx,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"cmp dword [rax + 0xe8], ebx","disasm":"cmp dword [rax + 0xe8], ebx","bytes":"3998e8000000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0},{"offset":4503622,"esil":"zf,!,bl,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503906,"size":3,"opcode":"setne bl","disasm":"setne bl","bytes":"0f95c3","family":"cpu","type":"cmov","reloc":false,"type_num":2147483657,"type2_num":0},{"offset":4503625,"esil":"ebx,0x60,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x60], ebx","disasm":"mov dword [rsp + 0x60], ebx","bytes":"895c2460","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0}]},{"offset":4503629,"size":77,"jump":4503719,"fail":4503706,"ops":[{"offset":4503629,"val":1,"esil":"1,rcx,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov ecx, 1","disasm":"mov ecx, 1","bytes":"b901000000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"xrefs":[{"addr":4503503,"type":"CODE","perm":"--x"},{"addr":4503536,"type":"CODE","perm":"--x"},{"addr":4503564,"type":"CODE","perm":"--x"},{"addr":4503581,"type":"CODE","perm":"--x"},{"addr":4503598,"type":"CODE","perm":"--x"},{"addr":4503612,"type":"CODE","perm":"--x"}]},{"offset":4503634,"ptr":4510704,"esil":"0x1b98,rip,+,[8],rip,8,rsp,-=,rsp,=[8],rip,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"call qword [rip + 0x1b98]","disasm":"call qword [sym.imp.msvcrt.dll___set_app_type]","bytes":"ff15981b0000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0,"refs":[{"addr":4510704,"type":"CALL","perm":"--x"}]},{"offset":4503640,"ptr":4632488,"esil":"18446744073709551615,0x1f745,rip,+,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503898,"size":11,"opcode":"mov qword [rip + 0x1f745], 0xffffffffffffffff","disasm":"mov qword [0x0046afa8], 0xffffffffffffffff","bytes":"48c70545f70100ffffffff","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4632488,"type":"DATA","perm":"r--"}]},{"offset":4503651,"ptr":4632496,"esil":"18446744073709551615,0x1f742,rip,+,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503898,"size":11,"opcode":"mov qword [rip + 0x1f742], 0xffffffffffffffff","disasm":"mov qword [0x0046afb0], 0xffffffffffffffff","bytes":"48c70542f70100ffffffff","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4632496,"type":"DATA","perm":"r--"}]},{"offset":4503662,"ptr":4510696,"esil":"0x1b73,rip,+,[8],rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"mov rcx, qword [rip + 0x1b73]","disasm":"mov rcx, qword [sym.imp.msvcrt.dll__fmode]","bytes":"488b0d731b0000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4510696,"type":"DATA","perm":"r--"}]},{"offset":4503669,"ptr":4624268,"esil":"0x1d711,rip,+,[4],rax,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"mov eax, dword [rip + 0x1d711]","disasm":"mov eax, dword [0x00468f8c]","bytes":"8b0511d70100","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4624268,"type":"DATA","perm":"r--"}]},{"offset":4503675,"esil":"eax,rcx,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"mov dword [rcx], eax","disasm":"mov dword [rcx], eax","bytes":"8901","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503677,"ptr":4510688,"esil":"0x1b5c,rip,+,[8],rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"mov rcx, qword [rip + 0x1b5c]","disasm":"mov rcx, qword [sym.imp.msvcrt.dll__commode]","bytes":"488b0d5c1b0000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4510688,"type":"DATA","perm":"r--"}]},{"offset":4503684,"ptr":4624264,"esil":"0x1d6fe,rip,+,[4],rax,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"mov eax, dword [rip + 0x1d6fe]","disasm":"mov eax, dword [0x00468f88]","bytes":"8b05fed60100","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4624264,"type":"DATA","perm":"r--"}]},{"offset":4503690,"esil":"eax,rcx,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"mov dword [rcx], eax","disasm":"mov dword [rcx], eax","bytes":"8901","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503692,"esil":"4503984,rip,8,rsp,-=,rsp,=[8],rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"call 0x44b9b0","disasm":"call fcn.0044b9b0","bytes":"e81f010000","family":"cpu","type":"call","reloc":false,"type_num":3,"type2_num":0,"jump":4503984,"fail":4503697,"refs":[{"addr":4503984,"type":"CALL","perm":"--x"}]},{"offset":4503697,"ptr":4622752,"val":0,"esil":"0,0x1d108,rip,+,[4],==,$z,zf,:=,32,$b,cf,:=,$p,pf,:=,31,$s,sf,:=,0,0x80000000,-,!,31,$o,^,of,:=,3,$b,af,:=","refptr":4,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"cmp dword [rip + 0x1d108], 0","disasm":"cmp dword [0x004689a0], 0","bytes":"833d08d1010000","family":"cpu","type":"cmp","reloc":false,"type_num":15,"type2_num":0,"refs":[{"addr":4622752,"type":"DATA","perm":"r--"}]},{"offset":4503704,"esil":"zf,!,?{,4503719,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jne 0x44b8a7","disasm":"jne 0x44b8a7","bytes":"750d","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503719,"fail":4503706,"refs":[{"addr":4503719,"type":"CODE","perm":"--x"}]}]},{"offset":4503706,"size":13,"jump":4503719,"ops":[{"offset":4503706,"ptr":4503984,"esil":"0x10f,rip,+,rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rcx, [rip + 0x10f]","disasm":"lea rcx, [fcn.0044b9b0]","bytes":"488d0d0f010000","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0,"refs":[{"addr":4503984,"type":"DATA","perm":"r--"}]},{"offset":4503713,"ptr":4510680,"esil":"0x1b31,rip,+,[8],rip,8,rsp,-=,rsp,=[8],rip,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"call qword [rip + 0x1b31]","disasm":"call qword [sym.imp.msvcrt.dll___setusermatherr]","bytes":"ff15311b0000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0,"refs":[{"addr":4510680,"type":"CALL","perm":"--x"}]}]},{"offset":4503719,"size":132,"jump":4503859,"fail":4503851,"ops":[{"offset":4503719,"ptr":4510824,"esil":"0x1bba,rip,+,rdx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rdx, [rip + 0x1bba]","disasm":"lea rdx, [0x0044d468]","bytes":"488d15ba1b0000","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0,"refs":[{"addr":4510824,"type":"DATA","perm":"r--"}],"xrefs":[{"addr":4503704,"type":"CODE","perm":"--x"}]},{"offset":4503726,"ptr":4510816,"esil":"0x1bab,rip,+,rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rcx, [rip + 0x1bab]","disasm":"lea rcx, [0x0044d460]","bytes":"488d0dab1b0000","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0,"refs":[{"addr":4510816,"type":"DATA","perm":"r--"}]},{"offset":4503733,"esil":"4503972,rip,8,rsp,-=,rsp,=[8],rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"call 0x44b9a4","disasm":"call sub.msvcrt.dll__initterm","bytes":"e8ea000000","family":"cpu","type":"call","reloc":false,"type_num":3,"type2_num":0,"jump":4503972,"fail":4503738,"refs":[{"addr":4503972,"type":"CALL","perm":"--x"}]},{"offset":4503738,"ptr":4624260,"esil":"0x1d6c3,rip,+,[4],r11,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"mov r11d, dword [rip + 0x1d6c3]","disasm":"mov r11d, dword [0x00468f84]","bytes":"448b1dc3d60100","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4624260,"type":"DATA","perm":"r--"}]},{"offset":4503745,"esil":"r11d,0x68,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov dword [rsp + 0x68], r11d","disasm":"mov dword [rsp + 0x68], r11d","bytes":"44895c2468","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503750,"esil":"0x68,rsp,+,rax,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"lea rax, [rsp + 0x68]","disasm":"lea rax, [rsp + 0x68]","bytes":"488d442468","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0},{"offset":4503755,"esil":"rax,0x20,rsp,+,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov qword [rsp + 0x20], rax","disasm":"mov qword [rsp + 0x20], rax","bytes":"4889442420","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503760,"ptr":4624256,"esil":"0x1d6a9,rip,+,[4],r9,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"mov r9d, dword [rip + 0x1d6a9]","disasm":"mov r9d, dword [0x00468f80]","bytes":"448b0da9d60100","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4624256,"type":"DATA","perm":"r--"}]},{"offset":4503767,"esil":"0x38,rsp,+,r8,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"lea r8, [rsp + 0x38]","disasm":"lea r8, [rsp + 0x38]","bytes":"4c8d442438","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0},{"offset":4503772,"esil":"0x40,rsp,+,rdx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"lea rdx, [rsp + 0x40]","disasm":"lea rdx, [rsp + 0x40]","bytes":"488d542440","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0},{"offset":4503777,"esil":"0x30,rsp,+,rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"lea rcx, [rsp + 0x30]","disasm":"lea rcx, [rsp + 0x30]","bytes":"488d4c2430","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0},{"offset":4503782,"ptr":4510664,"esil":"0x1adc,rip,+,[8],rip,8,rsp,-=,rsp,=[8],rip,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"call qword [rip + 0x1adc]","disasm":"call qword [sym.imp.msvcrt.dll___getmainargs]","bytes":"ff15dc1a0000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0,"refs":[{"addr":4510664,"type":"CALL","perm":"--x"}]},{"offset":4503788,"ptr":4510808,"esil":"0x1b65,rip,+,rdx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rdx, [rip + 0x1b65]","disasm":"lea rdx, [0x0044d458]","bytes":"488d15651b0000","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0,"refs":[{"addr":4510808,"type":"DATA","perm":"r--"}]},{"offset":4503795,"ptr":4510720,"esil":"0x1b06,rip,+,rcx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"lea rcx, [rip + 0x1b06]","disasm":"lea rcx, [0x0044d400]","bytes":"488d0d061b0000","family":"cpu","type":"lea","reloc":false,"type_num":33,"type2_num":0,"refs":[{"addr":4510720,"type":"DATA","perm":"r--"}]},{"offset":4503802,"esil":"4503972,rip,8,rsp,-=,rsp,=[8],rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"call 0x44b9a4","disasm":"call sub.msvcrt.dll__initterm","bytes":"e8a5000000","family":"cpu","type":"call","reloc":false,"type_num":3,"type2_num":0,"jump":4503972,"fail":4503807,"refs":[{"addr":4503972,"type":"CALL","perm":"--x"}]},{"offset":4503807,"esil":"0x38,rsp,+,[8],r11,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov r11, qword [rsp + 0x38]","disasm":"mov r11, qword [rsp + 0x38]","bytes":"4c8b5c2438","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503812,"ptr":4510648,"esil":"0x1aad,rip,+,[8],rax,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503902,"size":7,"opcode":"mov rax, qword [rip + 0x1aad]","disasm":"mov rax, qword [sym.imp.msvcrt.dll___initenv]","bytes":"488b05ad1a0000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"refs":[{"addr":4510648,"type":"DATA","perm":"r--"}]},{"offset":4503819,"esil":"r11,rax,=[8]","refptr":8,"fcn_addr":4503472,"fcn_last":4503906,"size":3,"opcode":"mov qword [rax], r11","disasm":"mov qword [rax], r11","bytes":"4c8918","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503822,"esil":"0x38,rsp,+,[8],r8,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov r8, qword [rsp + 0x38]","disasm":"mov r8, qword [rsp + 0x38]","bytes":"4c8b442438","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503827,"esil":"0x40,rsp,+,[8],rdx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov rdx, qword [rsp + 0x40]","disasm":"mov rdx, qword [rsp + 0x40]","bytes":"488b542440","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503832,"esil":"0x30,rsp,+,[4],rcx,=","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov ecx, dword [rsp + 0x30]","disasm":"mov ecx, dword [rsp + 0x30]","bytes":"8b4c2430","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503836,"esil":"4490560,rip,8,rsp,-=,rsp,=[8],rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"call 0x448540","disasm":"call fcn.00448540","bytes":"e81fccffff","family":"cpu","type":"call","reloc":false,"type_num":3,"type2_num":0,"jump":4490560,"fail":4503841,"refs":[{"addr":4490560,"type":"CALL","perm":"--x"}]},{"offset":4503841,"esil":"eax,rdi,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"mov edi, eax","disasm":"mov edi, eax","bytes":"8bf8","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503843,"esil":"eax,0x34,rsp,+,=[4]","refptr":4,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"mov dword [rsp + 0x34], eax","disasm":"mov dword [rsp + 0x34], eax","bytes":"89442434","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503847,"esil":"0,ebx,ebx,&,==,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"test ebx, ebx","disasm":"test ebx, ebx","bytes":"85db","family":"cpu","type":"acmp","reloc":false,"type_num":16,"type2_num":0},{"offset":4503849,"esil":"zf,!,?{,4503859,rip,=,}","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jne 0x44b933","disasm":"jne 0x44b933","bytes":"7508","family":"cpu","type":"cjmp","reloc":false,"type_num":2147483649,"type2_num":0,"jump":4503859,"fail":4503851,"refs":[{"addr":4503859,"type":"CODE","perm":"--x"}]}]},{"offset":4503851,"size":8,"jump":4503859,"ops":[{"offset":4503851,"esil":"eax,rcx,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"mov ecx, eax","disasm":"mov ecx, eax","bytes":"8bc8","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503853,"ptr":4510656,"esil":"0x1a8d,rip,+,[8],rip,8,rsp,-=,rsp,=[8],rip,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"call qword [rip + 0x1a8d]","disasm":"call qword [sym.imp.msvcrt.dll_exit]","bytes":"ff158d1a0000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0,"refs":[{"addr":4510656,"type":"CALL","perm":"--x"}]}]},{"offset":4503859,"size":8,"jump":4503892,"ops":[{"offset":4503859,"ptr":4510528,"esil":"0x1a07,rip,+,[8],rip,8,rsp,-=,rsp,=[8],rip,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503903,"size":6,"opcode":"call qword [rip + 0x1a07]","disasm":"call qword [sym.imp.msvcrt.dll__cexit]","bytes":"ff15071a0000","family":"cpu","type":"ircall","reloc":false,"type_num":402653188,"type2_num":0,"refs":[{"addr":4510528,"type":"CALL","perm":"--x"}],"xrefs":[{"addr":4503849,"type":"CODE","perm":"--x"}]},{"offset":4503865,"esil":"0x44b954,rip,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"jmp 0x44b954","disasm":"jmp 0x44b954","bytes":"eb19","family":"cpu","type":"jmp","reloc":false,"type_num":1,"type2_num":0,"jump":4503892,"refs":[{"addr":4503892,"type":"CODE","perm":"--x"}]}]},{"offset":4503892,"size":17,"ops":[{"offset":4503892,"esil":"edi,rax,=","refptr":0,"fcn_addr":4503472,"fcn_last":4503907,"size":2,"opcode":"mov eax, edi","disasm":"mov eax, edi","bytes":"8bc7","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0,"xrefs":[{"addr":4503865,"type":"CODE","perm":"--x"}]},{"offset":4503894,"esil":"0x70,rsp,+,[8],rbx,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov rbx, qword [rsp + 0x70]","disasm":"mov rbx, qword [rsp + 0x70]","bytes":"488b5c2470","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503899,"esil":"0x78,rsp,+,[8],rdi,=","refptr":8,"fcn_addr":4503472,"fcn_last":4503904,"size":5,"opcode":"mov rdi, qword [rsp + 0x78]","disasm":"mov rdi, qword [rsp + 0x78]","bytes":"488b7c2478","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4503904,"val":88,"esil":"88,rsp,+=,63,$o,of,:=,63,$s,sf,:=,$z,zf,:=,63,$c,cf,:=,$p,pf,:=,3,$c,af,:=","refptr":0,"fcn_addr":4503472,"fcn_last":4503905,"size":4,"opcode":"add rsp, 0x58","disasm":"add rsp, 0x58","bytes":"4883c458","family":"cpu","type":"add","reloc":false,"type_num":17,"type2_num":0},{"offset":4503908,"esil":"rsp,[8],rip,=,8,rsp,+=","refptr":0,"fcn_addr":4503472,"fcn_last":4503908,"size":1,"opcode":"ret","disasm":"ret","bytes":"c3","family":"cpu","type":"ret","reloc":false,"type_num":5,"type2_num":0}]}]}]