libmwemu 0.24.1

x86 32/64bits and system internals emulator, for securely emulating malware and other stuff.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

use crate::emu;

pub fn ReadProcessMemory(emu: &mut emu::Emu) {
    let hndl = emu.regs().rcx;
    let addr = emu.regs().rdx;
    let buff = emu.regs().r8;
    let size = emu.regs().r9;
    let bytes = emu
        .maps
        .read_qword(emu.regs().rsp + 0x20)
        .expect("kernel32!ReadProcessMemory cannot read bytes");

    log_red!(
        emu,
        "kernel32!ReadProcessMemory hndl: {} from: 0x{:x} to: 0x{:x} sz: {}",
        hndl,
        addr,
        buff,
        size
    );

    emu.maps.write_qword(bytes, size);
    emu.maps.memset(buff, 0x90, size as usize);

    emu.regs_mut().rax = 1;
}