RtlExitUserProcess

Terminate a userland process, this is a kind of controlled zwTerminateProcess.

.text:77F1E12B ; int __stdcall RtlExitUserProcess(NTSTATUS ExitStatus)
.text:77F1E12B                 public _RtlExitUserProcess@4
.text:77F1E12B _RtlExitUserProcess@4 proc near         ; CODE XREF: RtlExitUserThread(x)+3Cp
.text:77F1E12B                                         ; DATA XREF: .text:off_77EF61D8o
.text:77F1E12B
.text:77F1E12B ExitStatus      = dword ptr  8
.text:77F1E12B
.text:77F1E12B                 mov     edi, edi
.text:77F1E12D                 push    ebp
.text:77F1E12E                 mov     ebp, esp
.text:77F1E130                 push    ebx
.text:77F1E131                 push    esi
.text:77F1E132                 push    edi
.text:77F1E133                 push    0
.text:77F1E135                 call    _EtwShutdownProcess@4 ; EtwShutdownProcess(x)
.text:77F1E13A                 mov     edi, offset _LdrpLoaderLock
.text:77F1E13F                 push    edi             ; CriticalSectionObject
.text:77F1E140                 call    _RtlEnterCriticalSection@4 ; RtlEnterCriticalSection(x)
.text:77F1E145                 mov     esi, offset _FastPebLock
.text:77F1E14A                 push    esi             ; CriticalSectionObject
.text:77F1E14B                 call    _RtlEnterCriticalSection@4 ; RtlEnterCriticalSection(x)
.text:77F1E150                 mov     eax, large fs:18h
.text:77F1E156                 mov     eax, [eax+30h]
.text:77F1E159                 push    dword ptr [eax+18h] ; HeapHandle
.text:77F1E15C                 call    _RtlLockHeap@4  ; RtlLockHeap(x)
.text:77F1E161                 mov     ebx, [ebp+ExitStatus]
.text:77F1E164                 push    ebx             ; ExitStatus
.text:77F1E165                 push    0               ; ProcessHandle
.text:77F1E167                 call    _ZwTerminateProcess@8 ; ZwTerminateProcess(x,x)
.text:77F1E16C                 mov     [ebp+ExitStatus], eax
.text:77F1E16F                 mov     eax, large fs:18h
.text:77F1E175                 mov     eax, [eax+30h]
.text:77F1E178                 push    dword ptr [eax+18h] ; HeapHandle
.text:77F1E17B                 call    _RtlUnlockHeap@4 ; RtlUnlockHeap(x)
.text:77F1E180                 push    esi             ; CriticalSectionObject
.text:77F1E181                 call    _RtlLeaveCriticalSection@4 ; RtlLeaveCriticalSection(x)
.text:77F1E186                 push    edi             ; CriticalSectionObject
.text:77F1E187                 call    _RtlLeaveCriticalSection@4 ; RtlLeaveCriticalSection(x)
.text:77F1E18C                 cmp     [ebp+ExitStatus], 0
.text:77F1E190                 push    ebx             ; int
.text:77F1E191                 jl      short loc_77F1E1AE
.text:77F1E193                 push    0FFFFFFFFh      ; SourceHandle
.text:77F1E195                 call    _RtlReportSilentProcessExit@8 ; RtlReportSilentProcessExit(x,x)
.text:77F1E19A                 call    _LdrShutdownProcess@0 ; LdrShutdownProcess()
.text:77F1E19F                 push    ebx             ; ExitStatus
.text:77F1E1A0                 push    0FFFFFFFFh      ; ProcessHandle
.text:77F1E1A2                 call    _ZwTerminateProcess@8 ; ZwTerminateProcess(x,x)
.text:77F1E1A7
.text:77F1E1A7 loc_77F1E1A7:                           ; CODE XREF: RtlExitUserProcess(x)+8Aj
.text:77F1E1A7                 pop     edi
.text:77F1E1A8                 pop     esi
.text:77F1E1A9                 pop     ebx
.text:77F1E1AA                 pop     ebp
.text:77F1E1AB                 retn    4
.text:77F1E1AE ; ---------------------------------------------------------------------------
.text:77F1E1AE
.text:77F1E1AE loc_77F1E1AE:                           ; CODE XREF: RtlExitUserProcess(x)+66j
.text:77F1E1AE                 push    0FFFFFFFEh      ; ThreadHandle
.text:77F1E1B0                 call    _ZwTerminateThread@8 ; ZwTerminateThread(x,x)
.text:77F1E1B5                 jmp     short loc_77F1E1A7
.text:77F1E1B5 _RtlExitUserProcess@4 endp