ASM

1. Registers in x86 Assembly

Common Use

Size

Description

eax

General accumulator

32-bit

Holds operation results, return values

ebx

Base register

32-bit

Often used as an index or scratch register

ecx

Counter

32-bit

Used in loops and iteration

edx

Data

32-bit

Used in division and system calls

esi

Source Index

32-bit

Used for traversing source buffers

edi

Destination Index

32-bit

Used for writing into destination buffers

2. Register Subsets (Bytes)

Each 32-bit register can be split:

32-bit

16-bit

High Byte

Low Byte

eax

ax

ah

al

ebx

bx

bh

bl

al, bl: used to hold 1 byte (great for XOR operations)
Used when processing byte-by-byte payloads

3. Core Assembly Instructions

Instruction

Meaning

Example

mov

Move value/data

mov eax, 5

add

Add

add eax, ebx

sub

Subtract

sub eax, 2

xor

Exclusive OR (XOR)

xor al, bl

cmp

Compare values

cmp eax, ebx

je

Jump if equal

je label

jne

Jump if not equal

jne label

jl

Jump if less

jl label

jg

Jump if greater

jg label

jmp

Unconditional jump

jmp loop_start

dec

Decrease by 1

dec ecx

loop

Loop with ECX counter

loop decode_loop

push

Push onto stack

push eax

pop

Pop from stack

pop ebx

4. XOR Concept (Cyber Gold)

XOR is a bitwise operation:
- 1 ^ 1 = 0
- 1 ^ 0 = 1
- 0 ^ 1 = 1
- 0 ^ 0 = 0
Perfect for encryption/decryption
Reversible: value ^ key ^ key = value
Often used to hide payloads, strings, shellcode

5. Special Characters.

Carácter

ASCII Decimal

En C

10

salto de línea

13

retorno de carro

9

tabulación

0

null terminator

PreviousMalware Developer NextAssembly Template Pack for Malware Development (32-bit x86 NASM)

Last updated 26 days ago

ASM

1. Registers in x86 Assembly

Common Use

Size

Description

eax

General accumulator

32-bit

Holds operation results, return values

ebx

Base register

32-bit

Often used as an index or scratch register

ecx

Counter

32-bit

Used in loops and iteration

edx

Data

32-bit

Used in division and system calls

esi

Source Index

32-bit

Used for traversing source buffers

edi

Destination Index

32-bit

Used for writing into destination buffers

2. Register Subsets (Bytes)

Each 32-bit register can be split:

32-bit

16-bit

High Byte

Low Byte

eax

ax

ah

al

ebx

bx

bh

bl

al, bl: used to hold 1 byte (great for XOR operations)
Used when processing byte-by-byte payloads

3. Core Assembly Instructions

Instruction

Meaning

Example

mov

Move value/data

mov eax, 5

add

Add

add eax, ebx

sub

Subtract

sub eax, 2

xor

Exclusive OR (XOR)

xor al, bl

cmp

Compare values

cmp eax, ebx

je

Jump if equal

je label

jne

Jump if not equal

jne label

jl

Jump if less

jl label

jg

Jump if greater

jg label

jmp

Unconditional jump

jmp loop_start

dec

Decrease by 1

dec ecx

loop

Loop with ECX counter

loop decode_loop

push

Push onto stack

push eax

pop

Pop from stack

pop ebx

4. XOR Concept (Cyber Gold)

XOR is a bitwise operation:
- 1 ^ 1 = 0
- 1 ^ 0 = 1
- 0 ^ 1 = 1
- 0 ^ 0 = 0
Perfect for encryption/decryption
Reversible: value ^ key ^ key = value
Often used to hide payloads, strings, shellcode

5. Special Characters.

Carácter

ASCII Decimal

En C

10

salto de línea

13

retorno de carro

9

tabulación

0

null terminator

PreviousMalware Developer NextAssembly Template Pack for Malware Development (32-bit x86 NASM)

Last updated 26 days ago