What is the point of this assembly

Question

I am reversing some malware and I came across this in my disassembly:

│           0x0040f5ec      8bd8           mov ebx, eax
│           0x0040f5ee      85db           test ebx, ebx
│       ┌─< 0x0040f5f0      7507           jne 0x40f5f9
│       │   0x0040f5f2      8bc6           mov eax, esi
│      ┌──< 0x0040f5f4      e9b3000000     jmp 0x40f6ac
│      │└─> 0x0040f5f9      57             push edi

As I understand it, testing a register with itself will always set the zero flag. JNE will then check the zero flag and jump if it's not set. If this is the case, why do we have the JNE jump right after testing a register against itself? Under what circumstances would it be executed?

Am I misunderstanding the TEST or JNE ops, or is there something else that I'm missing?

Thanks for any help and sorry if this is a stupid question.

Answer 1

Some comments to make it a bit easier:

       0x0040f5ec      8bd8           mov ebx, eax    ;  
       0x0040f5ee      85db           test ebx, ebx   ;  if ( eax == 0 )
   ┌─< 0x0040f5f0      7507           jne 0x40f5f9    ;  {
   │   0x0040f5f2      8bc6           mov eax, esi    ;      eax = esi;
  ┌──< 0x0040f5f4      e9b3000000     jmp 0x40f6ac    ;  } else {
  │└─> 0x0040f5f9      57             push edi        ;      // call some method

https://en.wikipedia.org/wiki/TEST_(x86_instruction)

Answer 2

test performs an and operation. so if ebx contained a 3, anded with 3 is 3 which is not zero. But if ebx contained a 0 then 0 anded with 0 is zero. jne is based on the zero flag which is according to intel docs affected by a test instruction.

EDIT.

Disassembly of section .text:

0000000000000000 <.text>:
   0:   85 db                   test   %ebx,%ebx
   2:   3b 1c 25 00 00 00 00    cmp    0x0,%ebx

it is two bytes of instruction to use test to compare for zero or not. So that is likely why you will see test reg,reg then a jump if equal or not vs a compare with zero.