Registers

The microprocessor has a set of internal memory scratchpads called registers. These are divided into categories and sub-functions. For 32-bit designs, the general-purpose registers, or rather multipurpose registers, (E is for extended) are EAX, EBX, ECX, EDX, EBP, ESI, EDI, and ESP. Their 16-bit counterparts are AX, BX, CX, DX, BP, SI, DI, and SP

Four of them have the following 8-bit subdivisions, where H means High and L means Low:

AX = AH,AL
BX = BH,BL
CX = CH,CL
DX = DH,DL

For 64-bit programming, the general-purpose registers are RAX, RBX, RCX, RDX, RBP, RSI, RDI, and RSP:

RAX (addressable as EAX/AX/AH/AL) plays the standard role of an accumulator. It is also used as the placeholder for the return value of a function call. All registers ...

Get Windows Malware Analysis Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Malware Analysis Essentials by Victor Marak

Registers

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly