;-----------------------------------------------------------------------------;
; Author: Ty Miller @ Threat Intelligence
; Compatible: Windows 7, 2008, Vista, 2003, XP, 2000, NT4
; Version: 1.0 (2nd December 2011)
;-----------------------------------------------------------------------------;
[BITS 32]

; Input: None
; Output: EAX holds pointer to the start of buffer 0x1000 bytes, EBX holds value 0x1000
; Clobbers: EAX, EBX, ECX, EDX

  mov ebx,0x1000	 ; setup our flags and buffer size in ebx
allocate_memory:         ; Alloc a buffer for the request and response data
  push byte 0x40         ; PAGE_EXECUTE_READWRITE - don't need execute but may as well
  push ebx               ; MEM_COMMIT
  push ebx               ; size of memory to be allocated (4096 bytes)
  push byte 0            ; NULL as we dont care where the allocation is
  push 0xE553A458        ; hash( "kernel32.dll", "VirtualAlloc" )
  call ebp               ; VirtualAlloc( NULL, dwLength, MEM_COMMIT, PAGE_EXECUTE_READWRITE );