Description:   Version 2 HFile = CreateFileA (strFileName, #GENERIC_READ, #FILE_SHARE_READ, 0, #OPEN_EXISTING, #FILE_ATTRIBUTE_NORMAL, 0) If true (hFile = -1) Return (false) If it is over PFileBuff = 0 NFileSize = GetFileSize (hFile, 0) If true (nFileSize = 0) Return (false) If it is over PFileBuff = VirtualAlloc (0, nFileSize, #MEM_COMMIT, #PAGE_EXECUTE_READWRITE) DwReadSize = 0 If true (ReadFile (hFile, pFileBuff, nFileSize, dwReadSize, 0) = false) Return (false) If it is over PBase = pFileBuff 'whether the judgment is PE P strong turn array [1] = forced conversion (pIDH, pFileBuff) If (pIDH.e_magic = 23117) Return (false) If it is over PTMP = PFileBuff read memory integer type (-1, PFileBuff60) P strong turn array [2] = forced conversion (pINH, PTMP) If (pINH.Signature = 17744) Return (false) If it is over DwMemSize = nFileSize PAllocMem = pFileBuff Forced conversion (pIDH, P strong turn array [1]) Forced conversion (pINH, P strong turn array [2]) Return to (true)