Hello I would like to understand this code below, If u can explain to me I would be grateful:
jmp ds:off_100011A4[edi*4]
Why the use of this "ds" and this off_100011A4? and what means this code below:
off_100011A4 dd offset loc_10001125
dd offset loc_10001125
dd offset loc_1000113A
dd offset loc_1000112C
dd offset loc_10001133
dd offset loc_1000113A
The instruction is an unconditional jump to an address. The address is calculated by taking the content of the EDI register and multiplied by 4. The multiplication is to due to 4 is the size of pointers on x86 platforms.
DS indicates that the offset refers to the data section. Specifying the data segment, means that the computed offset mentioned earlier, is summed with the base offset of the data segment. The data segment represents where user variables are stored.