IvankoEanko
commented
1 month ago error of calculation r11 register, that's why jae didn't execute
000000014032BE46 | 6641:FFCB | dec r11w |
000000014032BE4A | F7D2 | not edx |
000000014032BE4C | 48:FFC1 | inc rcx |
000000014032BE4F | FFC5 | inc ebp |
000000014032BE51 | 81F2 9231205D | xor edx,5D203192 |
000000014032BE57 | F7DA | neg edx |
000000014032BE59 | 4C:8D8C69 3C473EE4 | lea r9,qword ptr ds:[rcx+rbp*2-1BC1B8C4] |
000000014032BE61 | 6641:0FAFC9 | imul cx,r9w |
000000014032BE66 | 6644:899C4C 7A0F41D6 | mov word ptr ss:[rsp+rcx*2-29BEF086],r11w |
000000014032BE6F | 13D0 | adc edx,eax |
000000014032BE71 | 4C:89844C 7A0F41D6 | mov qword ptr ss:[rsp+rcx*2-29BEF086],r8 |
000000014032BE79 | 6644:0FABD9 | bts cx,r11w |
000000014032BE7E | BE A3AB128B | mov esi,8B12ABA3 |
000000014032BE83 | 0F83 6A3DF3FF | jae hello.14025FBF3 |dec r11w causes exception. how it could be possible?
my debugger executed this branch, but unicorn didn't.