//BP 402000

var temp
//mov temp,"123"
//gpa "MessageBoxA", "user32.dll"
//gpa "MessageBoxA", "user32.dll"
//mov eax,$RESULT

push eax
push ebx
push ecx


alloc 1000
mov eax,$RESULT
mov temp,eax
mov [eax+200-37-0d],"id=%x   ؼID=%x   ¼=%s   ¼=%x   "
mov ebx,eax
add ebx,1bc
FIND ebx,0000
cmp $RESULT,0
je exit
mov [$RESULT],0a0d//дس


mov [eax+150],"Notepad"
mov [eax+160],"Edit"
gpa "SendMessageA","user32.dll"
mov [eax+100],$RESULT
cmp $RESULT,0
je erroe
gpa "wsprintfA","user32.dll"
mov [eax+104],$RESULT
cmp $RESULT,0
je erroe
gpa "FindWindowA","user32.dll"
mov [eax+108],$RESULT
cmp $RESULT,0
je erroe
gpa "FindWindowExA","user32.dll"
mov [eax+10c],$RESULT
cmp $RESULT,0
je erroe
mov [temp+200-10],#5151313635363633373933330A0D00AB60FF75B0E800000000582500F0FFFF8BD881C3000100008D128B0A8988140100008B4A048988180100008B4DFC89881C0100005989882001000050536A008D885001000051FF53085B8943305850536A008D8860010000516A00FFB030010000FF530C5B894330585053FFB01C010000FFB020010000FFB018010000FFB0140100008D88BC010000518D485051FF530483C4185B588D7050505333C0F8AC08C074116A01506802010000FF7330FF135B58EBE55B588B4310E800000000908B0C2483C1152BC183E804890183042413C361E987432200#

alloc 200
mov eax,$RESULT
mov ebx,eax
mov [eax],"notepad.exe"
EXEC
pushad
mov ebx,eax
add ebx,50
push ebx
add ebx,50
push ebx
push 0
push 0
push 0
push 0
push 0
push 0
push eax
push 0
call CreateProcessA   //±
popad

ENDE

FIND 401000,#FF55FC5F5E895DF4#
cmp $RESULT,0
je exit
mov eax,$RESULT
mov [temp+110],eax //صַ

mov ebx,temp
add ebx,200
sub eax,14
sub ebx,eax


sub ebx,5
mov [eax],#e9#,1
mov [eax+1],ebx

msg "鿴±"
pop ecx
pop ebx
pop eax
run
ret
erroe:
msg "ȡַʧ!"
pop ecx
pop ebx
pop eax

ret


exit:
msg VMEԳ
ret