Iv'e just recently scratched the surface of assembly language and debugging. I have the following code:
Address Hex dump Command Comments
006E3689 . E8 C5F9FFFF CALL 006E3053
->006E368E E9 DB E9
->006E368F 35 DB 35 ; CHAR '5'
->006E3690 80 DB 80
->006E3691 . 0000D490 DD 90D40000
006E3695 /> E8 72040000 CALL 006E3B0C
And further down...
Address Hex dump Command Comments
006EB6C8 /. 6A 58 PUSH 58
006EB6CA |. 68 A0372A00 PUSH 2A37A0
006EB6CF ^ E9 C17FFFFF JMP 006E3695
Now before I compiled the codes indicted by -> were actually all included in a JMP 006EB6C8 which of course just jumped down to the second set of code, pushed a couple things and returned back to the top.
Now this code is still functional but I am unsure why the code changed(using Ollydbg) when I compiled, but more importantly(I believe) is how the code knows to jump and how far. My research so far has told me E9 is a opcode for jump, but Iv'e haven't been able to find information on 35 and 80.
I'm assuming the 0000D490 is some sort of offset, but I cant find any math that adds up the the 006EB6C8 address.
I am puzzled why OllyDbg doesn't disassemble that jump for you. Anyway, E9 is a jmp near, as you have figured out. It takes a 4 byte offset from the start of the next instruction. As such, your instruction is actually E9 35 80 00 00 which means jump to address of next instruction + 00008035 (x86 uses little endian byte order). The address of the next instruction is of course 006E3693, so the jump takes you to 006E3693 + 00008035 = 006EB6C8 which is what you have originally written.