Up ] Docs Home ]

Format of Cloaking caller registers

 Back ] Next ]
Offset Size Description

00h

DWORD

EDI

04h

DWORD

ESI

08h

DWORD

EBP

0Ch

DWORD

reserved (ESP from PUSHAD instruction)

10h

DWORD

EBX

14h

DWORD

EDX

18h

DWORD

ECX

1Ch

DWORD

EAX

20h

DWORD

error code

24h

DWORD

EIP

28h

WORD

CS

2Ah

WORD

padding

2Ch

DWORD

EFLAGS

30h

DWORD

ESP

34h

WORD

SS

36h

WORD

padding

--remainder not available if protected-mode ring3 trap---

38h

WORD

ES

3Ah

WORD

padding

3Ch

WORD

DS

3Eh

WORD

padding

40h

WORD

FS

42h

WORD

padding

44h

WORD

GS

46h

WORD

padding