From db5eb6b4f78ba5614d5f46c652e31a0d01e0c934 Mon Sep 17 00:00:00 2001
From: Nikolaos Totosis <n0t@spamhaus.com>
Date: Tue, 11 Jun 2024 17:37:21 +0300
Subject: [PATCH] Add support for xmmword ref during dissasm.

---
 malduck/disasm.py    | 1 +
 tests/test_disasm.py | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/malduck/disasm.py b/malduck/disasm.py
index 2ca1191..f0bf2d7 100644
--- a/malduck/disasm.py
+++ b/malduck/disasm.py
@@ -29,6 +29,7 @@ class Operand:
         2: "word",
         4: "dword",
         8: "qword",
+        16: "xmmword"
     }
 
     def __init__(self, op: X86Op, x64: bool) -> None:
diff --git a/tests/test_disasm.py b/tests/test_disasm.py
index cf06b2f..d908040 100644
--- a/tests/test_disasm.py
+++ b/tests/test_disasm.py
@@ -21,6 +21,8 @@ class TestDisasm(object):
         b"\xe8\x00\x00\x00\x00",
         # movxz eax, byte [0x400000]
         b"\x0f\xb6\x05\x00\x00\x04\x00",
+        # movups xmmword ptr [esi+0Ch], xmm0
+        b"\x0f\x11\x46\x0c"
     ))
 
     def setup_method(self):
@@ -60,6 +62,10 @@ def test_insns(self):
         assert insn7.op2.reg is None
         assert insn7.op2 == (None, None, None, 0x400000)
 
+        insn8 = self.insns[7]
+        assert insn8.op2.reg == "xmm0"
+        assert insn8.op1.mem == ("xmmword", "esi", None, None, 0x0C)
+
     def test_equal(self):
         assert next(disasm(b"hAAAA", 0)).mnem == "push"
         assert next(disasm(b"hAAAA", 0)).op1.value == 0x41414141