X86 encode near call relative offset

Question

Let\'s say I\'ve the following set of instructions:

00E79E00  | E8 AE580000   CALL    someprocess.00E7F6B3
00E79E05  | 85C0          TEST    EAX, EAX
(output tak         


        

Answer 1

You just take the address of the next instruction (00E79E05) and add the 32-bit signed offset from the instruction (58AE, little endian, remember?)

00E79E05
+   58AE
--------
00E7F6B3