Used IDA to open it, turned out to be a .NET exe. Opened it using Dotnet IL Editor instead.
Main code:
Seems like the only API call needed is SendMessage.
ldc.i4.m1 means push -1 to stack, so the API call is SendMessage(-1,a,b,2).SendMessage belongs to
user32.dll:
Second argument,
a is 0x04000003:
Third argument,
b is 0x04000004:
So the only API call needed turned out to be
user32!SendMessage(-1,0x04000003,0x04000004,2).
No comments:
Post a Comment