水晶分班5.21-分析记录
水晶分班5.21-分析记录
目录
程序信息
版本"5.21 <2024.9.7>"
PE32
操作系统: Windows(2000)[I386, 32 位, GUI]
链接程序: Turbo Linker(2.25*,Delphi)[GUI32]
编译器: Embarcadero Delphi(XE)[Enterprise]
语言: Object Pascal (Delphi)
Delphi程序分析:
x64dbg插件--SwissArmyKnife --》加载ida map文件
注册按钮事件-TfrmZc_btnZcClick_008C41B4
_DWORD *__fastcall TfrmZc_btnZcClick(int a1)
{
// [COLLAPSED LOCAL DECLARATIONS. PRESS NUMPAD "+" TO EXPAND]
v3[1] = &loc_8C4351;
v3[0] = __readfsdword(0);
__writefsdword(0, v3);
Controls::TControl::GetText(*(a1 + 904), &v11);
if ( v11 )
{
Controls::TControl::GetText(*(a1 + 904), &zcm);
check_8C3D4C(zcm, out);
System::__linkproc__ UStrAsg(&zcm_number_wstr_9074CC, *out);
if ( zcm_number_wstr_9074CC )
{
if ( TApplication_MessageBox(
*Application,
L"确认是您的电脑吗?若不是,请不要输入注册码。每一个注册码都有机器台数限制。",
L"确认是要注册的电脑吗?",
0x121u) == 1 )
{
// TLabel
TControl_SetText(*(a1 + 916), 0); // 官方网址
MG_MD5_81D008(zcm_number_wstr_9074CC, 0, v7);
hexstr_81D094(v7, &v8);
System::__linkproc__ UStrAsg(&sn_9074D0, v8);
System::__linkproc__ UStrCat3(&zm_9074D4, TCPUIDInfo_MGMD5_9074C4, sn_9074D0);
MG_MD5_81D008(TCPUIDInfo_MGMD5_9074C4, 0, v7);
hexstr_81D094(v7, &v6);
System::__linkproc__ UStrAsg(&sn2_9074C8, v6);
TForm1_saveIni();
System::__linkproc__ UStrCat3(&v4, L"http://www.myzan.cn/fbser/zcfb.asp?zm=", zm_9074D4);
System::__linkproc__ WStrFromUStr(&v5, v4);
TWebBrowser_Navigate(*(*gvar_00900480 + 1304), v5);
TCustomForm_Close(a1);
}
}
else
{
TControl_SetText(*(a1 + 916), L"请输入正确的注册码");
}
}
__writefsdword(0, v3[0]);
v3[2] = &loc_8C4358;
free_407530(&v4);
System::__linkproc__ WStrClr(&v5);
free_407530(&v6);
free_407530(&v8);
free_407530(&zcm);
free_407530(out);
return free_407530(&v11);
}
浏览器回调-TForm1_WebBrowserZcDocumentComplete_008D6EDC
int __fastcall TForm1_WebBrowserZcDocumentComplete(int a1, int a2, __int32 a3, int a4)
{
// [COLLAPSED LOCAL DECLARATIONS. PRESS NUMPAD "+" TO EXPAND]
_InterlockedExchange(&v17, a3);
v10 = &savedregs;
v9[1] = &loc_8D6FEB;
v9[0] = __readfsdword(0);
__writefsdword(0, v9);
v8[2] = &savedregs;
v8[1] = &loc_8D6FB8;
v8[0] = __readfsdword(0);
__writefsdword(0, v8);
Olectrls::TOleControl::GetOleObject(*(dword_90751C + 1304));
Variants::__linkproc__ DispInvoke(v14, v13, &word_8D7014, &unk_8D700C);
Variants::__linkproc__ DispInvoke(v15, v14, v6, &unk_8D6FFC);
Variants::__linkproc__ DispInvoke(v16, v15, v7, v8[0]);
System::Variants::__linkproc__ VarToUStr(ptr_sn_target_00900040, v16);
MG_MD5_81D008(*ptr_sn_008FFA08, 1, a3a);
hexstr_81D094(a3a, &v12);
System::__linkproc__ UStrEqual(v12, *ptr_sn_target_00900040);
if ( v4 )
{
isregister_907520 = 1;
TfrmZc_reshowZc(*gvar_008FFEC8);
}
__writefsdword(0, v8[0]);
__writefsdword(0, v9[0]);
v10 = &loc_8D6FF2;
free_407530(&v12);
return System::__linkproc__ FinalizeArray(v13, RTTI_4012C0_Variant_Variant, 4, v10);
}
启动时检验-TForm1_FormShow_008D71B0
int __fastcall TForm1_FormShow(int a1)
{
// [COLLAPSED LOCAL DECLARATIONS. PRESS NUMPAD "+" TO EXPAND]
v13 = &loc_8D75E5;
v12 = __readfsdword(0);
__writefsdword(0, &v12);
System::__linkproc__ UStrAsg(&dword_9075D8, L"5.21 <2024.9.7>");
Extctrls::TTimer::SetInterval(*(a1 + 1316), 0x2328u);
LOBYTE(v2) = 1;
Vcl::Forms::TTitleBar::SetAlignment(*(a1 + 1316), v2);
System::__linkproc__ UStrCat3(&v26, dword_8D762C, dword_9075D8);
TControl_SetText(*(a1 + 1428), v26);
System::__linkproc__ UStrCatN(&v25, 3, v3, dword_9075D8, asc_8D7738);
Comctrls::TCustomStatusBar::SetSimpleText(*(a1 + 1040), v25);
LOBYTE(v4) = 1;
v5 = TCPUIDInfo_Create(VMT_8C4688_TCPUIDInfo, v4);
TCPUIDInfo_GetCPUIDstr(v5, &a1a);
MG_MD5_81D008(a1a, 0, a3);
hexstr_81D094(a3, &v22);
System::__linkproc__ WStrFromUStr(&v23, v22);
Strutils::LeftStr(v23, 20, &v24);
System::__linkproc__ UStrFromWStr(PTR_TCPUIDInfo_MGMD5_008FFB54, v24);
System::TObject::Free(v5);
isregister_907520 = 0;
TForm1_loadIni();
dword_9075CC = 0;
if ( *ptr_sn_008FFA08 )
{
MG_MD5_81D008(*PTR_TCPUIDInfo_MGMD5_008FFB54, 0, a3);
hexstr_81D094(a3, &v19);
System::__linkproc__ UStrEqual(*ptr_sn2_008FFE00, v19);
if ( v6 )
{
System::__linkproc__ UStrCat3(gvar_008FFD84[0], *PTR_TCPUIDInfo_MGMD5_008FFB54, *ptr_sn_008FFA08);
System::__linkproc__ UStrCat3(&v17, L"http://www.myzan.cn/fbser/zcfb.asp?zm=", *gvar_008FFD84[0]);
System::__linkproc__ WStrFromUStr(&v18, v17);
TWebBrowser_Navigate(*(a1 + 1304), v18);
}
}
System::ParamStr(1);
if ( v27 )
{
LOBYTE(v7) = 1;
if ( System::Sysutils::FileExists(v27, v7, v8) )
{
TForm1_loadDataFile(a1, v27, v16);
goto LABEL_12;
}
}
LOBYTE(v7) = 1;
if ( System::Sysutils::FileExists(*dword_907524, v7, v8) )
{
TControl_SetText(*(*gvar_00900650 + 936), *dword_907524);
Controls::TControl::SetVisible(*(*gvar_00900650 + 932), 1);
v12 = 35;
(*(**(*gvar_00900650 + 908) + 152))(*(*gvar_00900650 + 908), 517, 147, 35, 51);
TControl_SetText(*(*gvar_00900650 + 908), 0);
TControl_SetText(*(*gvar_00900650 + 928), dword_8D77B4);
Controls::TControl::SetTop(*(*gvar_00900650 + 928), 205);
Controls::TControl::SetLeft(*(*gvar_00900650 + 928), 517);
v12 = 60;
(*(**(*gvar_00900650 + 904) + 152))(*(*gvar_00900650 + 904), 8, 280, 60, 60);
Controls::TControl::SetLeft(*(*gvar_00900650 + 924), 5);
Controls::TControl::SetTop(*(*gvar_00900650 + 924), 260);
Controls::TControl::SetLeft(*(*gvar_00900650 + 912), 531);
Controls::TControl::SetTop(*(*gvar_00900650 + 912), 171);
byte_907521 = 0;
(*(**gvar_00900650 + 276))(*gvar_00900650);
if ( byte_907521 )
goto LABEL_12;
}
else
{
byte_907521 = 0;
(*(**gvar_00900650 + 276))(*gvar_00900650);
if ( byte_907521 )
goto LABEL_12;
}
TCustomForm_Close(a1);
LABEL_12:
WICImage = Vcl::Graphics::TPicture::GetWICImage(*(*(a1 + 960) + 432));
Imglist::TCustomImageList::GetBitmap(*(a1 + 1048), 0, WICImage);
Controls::TControl::SetLeft(*(a1 + 956), *(*(a1 + 912) + 72) - 1);
v15 = *(*(a1 + 908) + 76) - 27;
v10 = System::__linkproc__ TRUNC(v15 / 2.0);
Controls::TControl::SetTop(*(a1 + 956), v10);
if ( dword_90761C == 1 )
Extctrls::TImage::SetPicture(*(a1 + 1440), *(*(a1 + 1452) + 432));
else
Extctrls::TImage::SetPicture(*(a1 + 1440), *(*(a1 + 1448) + 432));
__writefsdword(0, v13);
v14 = &loc_8D75EC;
unknown_libname_2139(v16, 2);
System::__linkproc__ WStrClr(&v18);
unknown_libname_2139(&v19, 2);
free_407530(&v22);
System::__linkproc__ WStrArrayClr(&v23, 2);
return unknown_libname_2139(&v25, 3);
}
MG_MD5_81D008
仅对初始向量进行了魔改
mg_md5.py
# https://blog.csdn.net/qq_41369057/article/details/131242900
import binascii
SV = [0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee, 0xf57c0faf,
0x4787c62a, 0xa8304613, 0xfd469501, 0x698098d8, 0x8b44f7af,
0xffff5bb1, 0x895cd7be, 0x6b901122, 0xfd987193, 0xa679438e,
0x49b40821, 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8, 0x21e1cde6,
0xc33707d6, 0xf4d50d87, 0x455a14ed, 0xa9e3e905, 0xfcefa3f8,
0x676f02d9, 0x8d2a4c8a, 0xfffa3942, 0x8771f681, 0x6d9d6122,
0xfde5380c, 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05, 0xd9d4d039,
0xe6db99e5, 0x1fa27cf8, 0xc4ac5665, 0xf4292244, 0x432aff97,
0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92, 0xffeff47d,
0x85845dd1, 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391]
# 根据ascil编码把字符转成对应的二进制
def binvalue(val, bitsize):
binval = bin(val)[2:] if isinstance(val, int) else bin(ord(val))[2:]
if len(binval) > bitsize:
raise ("binary value larger than the expected size")
while len(binval) < bitsize:
binval = "0" + binval
return binval
def string_to_bit_array(text):
array = list()
for char in text:
binval = binvalue(char, 8)
array.extend([int(x) for x in list(binval)])
return array
# 循环左移
def leftCircularShift(k, bits):
bits = bits % 32
k = k % (2 ** 32)
upper = (k << bits) % (2 ** 32)
result = upper | (k >> (32 - (bits)))
return (result)
# 分块
def blockDivide(block, chunks):
result = []
size = len(block) // chunks
for i in range(0, chunks):
result.append(int.from_bytes(
block[i * size:(i + 1) * size], byteorder="little"))
return result
# F函数作用于“比特位”上
# if x then y else z
def F(X, Y, Z):
return ((X & Y) | ((~X) & Z))
# if z then x else y
def G(X, Y, Z):
return ((X & Z) | (Y & (~Z)))
# if X = Y then Z else ~Z
def H(X, Y, Z):
return (X ^ Y ^ Z)
def I(X, Y, Z):
return (Y ^ (X | (~Z)))
# 四个F函数
def FF(a, b, c, d, M, s, t):
result = b + leftCircularShift((a + F(b, c, d) + M + t), s)
return result&0xffffffff
def GG(a, b, c, d, M, s, t):
result = b + leftCircularShift((a + G(b, c, d) + M + t), s)
return result&0xffffffff
def HH(a, b, c, d, M, s, t):
result = b + leftCircularShift((a + H(b, c, d) + M + t), s)
return result&0xffffffff
def II(a, b, c, d, M, s, t):
result = b + leftCircularShift((a + I(b, c, d) + M + t), s)
return result&0xffffffff
# 数据转换
def fmt8(num):
bighex = "{0:08x}".format(num)
binver = binascii.unhexlify(bighex)
result = "{0:08x}".format(int.from_bytes(binver, byteorder='little'))
return (result)
# 计算比特长度
def bitlen(bitstring):
return len(bitstring) * 8
# 参数2为1时: [-8:] ‘87201220’ 大端序hex 转int
# MG_MD5_81D008
def MG_MD5(msg: bytes, type: int = 0)->bytes:
if type != 0 and len(msg) >= 8:
A = int.from_bytes(bytes.fromhex(msg[-8:]), 'big')
else:
A = 0x98453542
# print(f'[-]A:{A:#08x}')
# 计算比特长度,如果内容过长,64个比特放不下。就取低64bit。
msgLen = bitlen(msg) % (2 ** 64)
# 先填充一个0x80,其实是先填充一个1,后面跟对应个数的0,因为一个明文的编码至少需要8比特,所以直接填充 0b10000000即0x80
msg = msg + b'\x80' # 0x80 = 1000 0000
# 似乎各种编码,即使是一个字母,都至少得1个字节,即8bit才能表示,所以不会出现原文55bit,pad1就满足的情况?可是不对呀,要是二进制文件呢?
# 填充0到满足要求为止。
zeroPad = (448 - (msgLen + 8) % 512) % 512
zeroPad //= 8
msg = msg + b'\x00' * zeroPad + msgLen.to_bytes(8, byteorder='little')
# 计算循环轮数,512个为一轮
msgLen = bitlen(msg)
iterations = msgLen // 512
# 初始化变量
# 算法魔改的第一个点,也是最明显的点
'''
*a1 = 0x98453542;
}
a1[1] = 0x12AD5C12;
a1[2] = 0x2423AA21;
a1[3] = 0x25433546;
'''
# A = 0x67452301
# B = 0xefcdab89
# C = 0x98badcfe
# D = 0x10325476
A = A
B = 0x12AD5C12
C = 0x2423AA21
D = 0x25433546
# MD5的主体就是对abcd进行n次的迭代,所以得有个初始值,可以随便选,也可以用默认的魔数,这个改起来毫无风险,所以大家爱魔改它,甚至改这个都不算魔改。
# main loop
for i in range(0, iterations):
a = A
b = B
c = C
d = D
block = msg[i * 64:(i + 1) * 64]
# 明文的处理,顺便调整了一下端序
M = blockDivide(block, 16)
# Rounds
a = FF(a, b, c, d, M[0], 7, SV[0])
d = FF(d, a, b, c, M[1], 12, SV[1])
c = FF(c, d, a, b, M[2], 17, SV[2])
b = FF(b, c, d, a, M[3], 22, SV[3])
a = FF(a, b, c, d, M[4], 7, SV[4])
d = FF(d, a, b, c, M[5], 12, SV[5])
c = FF(c, d, a, b, M[6], 17, SV[6])
b = FF(b, c, d, a, M[7], 22, SV[7])
a = FF(a, b, c, d, M[8], 7, SV[8])
d = FF(d, a, b, c, M[9], 12, SV[9])
c = FF(c, d, a, b, M[10], 17, SV[10])
b = FF(b, c, d, a, M[11], 22, SV[11])
a = FF(a, b, c, d, M[12], 7, SV[12])
d = FF(d, a, b, c, M[13], 12, SV[13])
c = FF(c, d, a, b, M[14], 17, SV[14])
b = FF(b, c, d, a, M[15], 22, SV[15])
a = GG(a, b, c, d, M[1], 5, SV[16])
d = GG(d, a, b, c, M[6], 9, SV[17])
c = GG(c, d, a, b, M[11], 14, SV[18])
b = GG(b, c, d, a, M[0], 20, SV[19])
a = GG(a, b, c, d, M[5], 5, SV[20])
d = GG(d, a, b, c, M[10], 9, SV[21])
c = GG(c, d, a, b, M[15], 14, SV[22])
b = GG(b, c, d, a, M[4], 20, SV[23])
a = GG(a, b, c, d, M[9], 5, SV[24])
d = GG(d, a, b, c, M[14], 9, SV[25])
c = GG(c, d, a, b, M[3], 14, SV[26])
b = GG(b, c, d, a, M[8], 20, SV[27])
a = GG(a, b, c, d, M[13], 5, SV[28])
d = GG(d, a, b, c, M[2], 9, SV[29])
c = GG(c, d, a, b, M[7], 14, SV[30])
b = GG(b, c, d, a, M[12], 20, SV[31])
a = HH(a, b, c, d, M[5], 4, SV[32])
d = HH(d, a, b, c, M[8], 11, SV[33])
c = HH(c, d, a, b, M[11], 16, SV[34])
b = HH(b, c, d, a, M[14], 23, SV[35])
a = HH(a, b, c, d, M[1], 4, SV[36])
d = HH(d, a, b, c, M[4], 11, SV[37])
c = HH(c, d, a, b, M[7], 16, SV[38])
b = HH(b, c, d, a, M[10], 23, SV[39])
a = HH(a, b, c, d, M[13], 4, SV[40])
d = HH(d, a, b, c, M[0], 11, SV[41])
c = HH(c, d, a, b, M[3], 16, SV[42])
b = HH(b, c, d, a, M[6], 23, SV[43])
a = HH(a, b, c, d, M[9], 4, SV[44])
d = HH(d, a, b, c, M[12], 11, SV[45])
c = HH(c, d, a, b, M[15], 16, SV[46])
b = HH(b, c, d, a, M[2], 23, SV[47])
a = II(a, b, c, d, M[0], 6, SV[48])
d = II(d, a, b, c, M[7], 10, SV[49])
c = II(c, d, a, b, M[14], 15, SV[50])
b = II(b, c, d, a, M[5], 21, SV[51])
a = II(a, b, c, d, M[12], 6, SV[52])
d = II(d, a, b, c, M[3], 10, SV[53])
c = II(c, d, a, b, M[10], 15, SV[54])
b = II(b, c, d, a, M[1], 21, SV[55])
a = II(a, b, c, d, M[8], 6, SV[56])
d = II(d, a, b, c, M[15], 10, SV[57])
c = II(c, d, a, b, M[6], 15, SV[58])
b = II(b, c, d, a, M[13], 21, SV[59])
a = II(a, b, c, d, M[4], 6, SV[60])
d = II(d, a, b, c, M[11], 10, SV[61])
c = II(c, d, a, b, M[2], 15, SV[62])
b = II(b, c, d, a, M[9], 21, SV[63])
A = (A + a) % (2 ** 32)
B = (B + b) % (2 ** 32)
C = (C + c) % (2 ** 32)
D = (D + d) % (2 ** 32)
result=A.to_bytes(4,'little')+B.to_bytes(4,'little')+B.to_bytes(4,'little')+D.to_bytes(4,'little')
# result = fmt8(A) + fmt8(B) + fmt8(C) + fmt8(D)
return result
def MG_MD5_81D008(data:str,type:int=0):
data=data.encode('utf-16-le')
sz=len(data)//2
mg=MG_MD5(data[:sz],type)
print('L"%s"==>%s'%(data.decode('utf-16-le'),mg.hex()))
return mg
if __name__ == "__main__":
MG_MD5_81D008('12345678')
"""
L"12345678"==>633955de634ab9af634ab9af87201220
"""
ps
TForm1_FormShow 中
if ( *ptr_sn_008FFA08 )
{
MG_MD5_81D008(*PTR_TCPUIDInfo_MGMD5_008FFB54, 0, a3);
hexstr_81D094(a3, &v19);
System::__linkproc__ UStrEqual(*ptr_sn2_008FFE00, v19);
if ( v6 )
{
System::__linkproc__ UStrCat3(gvar_008FFD84[0], *PTR_TCPUIDInfo_MGMD5_008FFB54, *ptr_sn_008FFA08);
System::__linkproc__ UStrCat3(&v17, L"http://www.myzan.cn/fbser/zcfb.asp?zm=", *gvar_008FFD84[0]);
System::__linkproc__ WStrFromUStr(&v18, v17);
TWebBrowser_Navigate(*(a1 + 1304), v18);
}
}
汇编
.text:008D72C2 054 83 38 00 cmp dword ptr [eax], 0
.text:008D72C5 054 74 75 jz short loc_8D733C
.text:008D72C7 054 8D 4D D8 lea ecx, [ebp+a3] ; a3
.text:008D72CA 054 A1 54 FB 8F 00 mov eax, PTR_TCPUIDInfo_MGMD5_008FFB54
.text:008D72CF 054 8B 00 mov eax, [eax] ; a1
.text:008D72D1 054 33 D2 xor edx, edx ; char
.text:008D72D3 054 E8 30 5D F4 FF call MG_MD5_81D008
.text:008D72D8 054 8D 45 D8 lea eax, [ebp+a3]
.text:008D72DB 054 8D 55 D0 lea edx, [ebp+var_30]
.text:008D72DE 054 E8 B1 5D F4 FF call hexstr_81D094
.text:008D72E3 054 8B 55 D0 mov edx, [ebp+var_30]
.text:008D72E6 054 A1 00 FE 8F 00 mov eax, ptr_sn2_008FFE00
.text:008D72EB 054 8B 00 mov eax, [eax]
.text:008D72ED 054 E8 8E 15 B3 FF call @System@@UStrEqual$qqrv ; System::__linkproc__ UStrEqual(void)
.text:008D72F2 054 75 48 jnz short loc_8D733C
.text:008D72F4 054 8B 0D 08 FA 8F 00 mov ecx, ptr_sn_008FFA08
.text:008D72FA 054 8B 09 mov ecx, [ecx]
.text:008D72FC 054 8B 15 54 FB 8F 00 mov edx, PTR_TCPUIDInfo_MGMD5_008FFB54
.text:008D7302 054 8B 12 mov edx, [edx]
.text:008D7304 054 A1 84 FD 8F 00 mov eax, gvar_008FFD84
.text:008D7309 054 E8 DA 13 B3 FF call @System@@UStrCat3$qqrr20System@UnicodeStringx20System@UnicodeStringt2 ; System::__linkproc__ UStrCat3(System::UnicodeString &,System::UnicodeString,System::UnicodeString)
.text:008D730E 054 8B 0D 84 FD 8F 00 mov ecx, gvar_008FFD84
.text:008D7314 054 8B 09 mov ecx, [ecx]
.text:008D7316 054 8D 45 C8 lea eax, [ebp+var_38]
.text:008D7319 054 BA 58 77 8D 00 mov edx, offset aHttpWwwMyzanCn_0 ; "http://www.myzan.cn/fbser/zcfb.asp?zm="
.text:008D731E 054 E8 C5 13 B3 FF call @System@@UStrCat3$qqrr20System@UnicodeStringx20System@UnicodeStringt2 ; System::__linkproc__ UStrCat3(System::UnicodeString &,System::UnicodeString,System::UnicodeString)
.text:008D7323 054 8B 55 C8 mov edx, [ebp+var_38]
.text:008D7326 054 8D 45 CC lea eax, [ebp+var_34]
.text:008D7329 054 E8 5A 12 B3 FF call @System@@WStrFromUStr$qqrr17System@WideStringx20System@UnicodeString ; System::__linkproc__ WStrFromUStr(System::WideString &,System::UnicodeString)
.text:008D732E 054 8B 55 CC mov edx, [ebp+var_34]
.text:008D7331 054 8B 83 18 05 00 00 mov eax, [ebx+518h] ; 'TForm1.WebBrowserZc:TWebBrowser'
.text:008D7337 054 E8 48 48 F4 FF call TWebBrowser_Navigate ; BDS2008-RADxe10 Component Library & Packages
替换为
isregister_907520 = 1;
TfrmZc_reshowZc(*gvar_008FFEC8);
对应汇编
008D72C2 | C605 20759000 01 | mov byte ptr ds:[0x907520],0x1 |
008D72C9 | A1 C8FE8F00 | mov eax,dword ptr ds:[0x8FFEC8] |
008D72CE | 8B00 | mov eax,dword ptr ds:[eax] |
008D72D0 | E8 73D1FEFF | call <水晶分班._Unit123.TfrmZc.reshowZc_008C4448> |
浙公网安备 33010602011771号