;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: 48-377D-7114-93 SRI International, 1 computer, std, 11/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : E9347478D6295525D538A30764C4F8D7
; File Name : u:\work\e9347478d6295525d538a30764c4f8d7_orig.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00002758 ( 10072.)
; Section size in file : 00002800 ( 10240.)
; Offset to raw data for section: 00000400
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable DLL 32bit
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
CODE segment para public 'CODE' use32
assume cs:CODE
;org 401000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION CloseHandle. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION CreateFileA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION ExitProcess. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetFileType. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetFileSize. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetStdHandle. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION MessageBoxA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION RaiseException. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION ReadFile. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION RtlUnwind. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION SetEndOfFile. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION SetFilePointer. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION WriteFile. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetCommandLineA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetLastError. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetModuleFileNameA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetModuleHandleA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION TlsGetValue. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION TlsSetValue. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LocalAlloc. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LocalFree. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION VirtualAlloc. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION VirtualFree. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION InitializeCriticalSection. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION EnterCriticalSection. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LeaveCriticalSection. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION DeleteCriticalSection. PRESS KEYPAD "+" TO EXPAND]
align 4
; =============== S U B R O U T I N E =======================================
sub_4010DC proc near ; CODE XREF: sub_401134+6�p
push ebx
push esi
mov esi, offset dword_405430
cmp dword ptr [esi], 0
jnz short loc_401122
push 644h ; uBytes
push 0 ; uFlags
call LocalAlloc ; LocalAlloc
mov ecx, eax
test ecx, ecx
jnz short loc_4010FF
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_4010FF: ; CODE XREF: sub_4010DC+1C�j
mov eax, ds:dword_40542C
mov [ecx], eax
mov ds:dword_40542C, ecx
xor edx, edx
loc_40110E: ; CODE XREF: sub_4010DC+44�j
mov eax, edx
add eax, eax
lea eax, [ecx+eax*8+4]
mov ebx, [esi]
mov [eax], ebx
mov [esi], eax
inc edx
cmp edx, 64h
jnz short loc_40110E
loc_401122: ; CODE XREF: sub_4010DC+A�j
mov eax, [esi]
mov edx, [eax]
mov [esi], edx
pop esi
pop ebx
retn
sub_4010DC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40112C proc near ; CODE XREF: sub_40173C+33�p
; sub_40173C+3D�p ...
mov [eax], eax
mov [eax+4], eax
retn
sub_40112C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401134 proc near ; CODE XREF: sub_401170+53�p
; sub_4011D4+6F�p ...
push ebx
push esi
mov esi, edx
mov ebx, eax
call sub_4010DC
test eax, eax
jnz short loc_401148
xor eax, eax
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401148: ; CODE XREF: sub_401134+D�j
mov edx, [esi]
mov [eax+8], edx
mov edx, [esi+4]
mov [eax+0Ch], edx
mov edx, [ebx]
mov [eax], edx
mov [eax+4], ebx
mov [edx+4], eax
mov [ebx], eax
mov al, 1
pop esi
pop ebx
retn
sub_401134 endp
; =============== S U B R O U T I N E =======================================
sub_401164 proc near ; CODE XREF: sub_401170+21�p
; sub_401170+3E�p ...
mov edx, [eax+4]
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
retn
sub_401164 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401170 proc near ; CODE XREF: sub_4014FC+6C�p
; sub_40158C+62�p ...
push ebx
push esi
push edi
mov esi, ecx
mov edi, eax
mov ebx, [edi]
mov eax, [edx]
mov [esi], eax
mov eax, [edx+4]
mov [esi+4], eax
loc_401183: ; CODE XREF: sub_401170+4D�j
mov eax, [ebx+8]
mov edx, eax
add edx, [ebx+0Ch]
cmp edx, [esi]
jnz short loc_4011A3
mov eax, ebx
call sub_401164
mov eax, [ebx+8]
mov [esi], eax
mov eax, [ebx+0Ch]
add [esi+4], eax
jmp short loc_4011B9
; ---------------------------------------------------------------------------
loc_4011A3: ; CODE XREF: sub_401170+1D�j
mov edx, [esi]
add edx, [esi+4]
cmp eax, edx
jnz short loc_4011B9
mov eax, ebx
call sub_401164
mov eax, [ebx+0Ch]
add [esi+4], eax
loc_4011B9: ; CODE XREF: sub_401170+31�j
; sub_401170+3A�j
mov ebx, [ebx]
cmp edi, ebx
jnz short loc_401183
mov edx, esi
mov eax, edi
call sub_401134
test al, al
jnz short loc_4011D0
xor eax, eax
mov [esi], eax
loc_4011D0: ; CODE XREF: sub_401170+5A�j
pop edi
pop esi
pop ebx
retn
sub_401170 endp
; =============== S U B R O U T I N E =======================================
sub_4011D4 proc near ; CODE XREF: sub_4016B0+7A�p
; sub_401A8C+8A�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov ebx, eax
mov edi, ebx
loc_4011DF: ; CODE XREF: sub_4011D4+84�j
mov esi, [edx]
mov eax, [ebx+8]
cmp esi, eax
jb short loc_401254
mov ecx, esi
add ecx, [edx+4]
mov ebp, eax
add ebp, [ebx+0Ch]
cmp ecx, ebp
ja short loc_401254
cmp esi, eax
jnz short loc_401215
mov eax, [edx+4]
add [ebx+8], eax
mov eax, [edx+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_401250
mov eax, ebx
call sub_401164
jmp short loc_401250
; ---------------------------------------------------------------------------
loc_401215: ; CODE XREF: sub_4011D4+24�j
mov ecx, [edx]
mov esi, [edx+4]
add ecx, esi
mov edi, eax
add edi, [ebx+0Ch]
cmp ecx, edi
jnz short loc_40122A
sub [ebx+0Ch], esi
jmp short loc_401250
; ---------------------------------------------------------------------------
loc_40122A: ; CODE XREF: sub_4011D4+4F�j
mov ecx, [edx]
add ecx, [edx+4]
mov [esp+18h+var_18], ecx
sub edi, ecx
mov [esp+18h+var_14], edi
mov edx, [edx]
sub edx, eax
mov [ebx+0Ch], edx
mov edx, esp
mov eax, ebx
call sub_401134
test al, al
jnz short loc_401250
xor eax, eax
jmp short loc_40125C
; ---------------------------------------------------------------------------
loc_401250: ; CODE XREF: sub_4011D4+36�j
; sub_4011D4+3F�j ...
mov al, 1
jmp short loc_40125C
; ---------------------------------------------------------------------------
loc_401254: ; CODE XREF: sub_4011D4+12�j
; sub_4011D4+20�j
mov ebx, [ebx]
cmp edi, ebx
jnz short loc_4011DF
xor eax, eax
loc_40125C: ; CODE XREF: sub_4011D4+7A�j
; sub_4011D4+7E�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4011D4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401264 proc near ; CODE XREF: sub_4014FC+5C�p
push ebx
push esi
push edi
mov ebx, edx
mov esi, eax
cmp esi, 100000h
jge short loc_40127A
mov esi, 100000h
jmp short loc_401286
; ---------------------------------------------------------------------------
loc_40127A: ; CODE XREF: sub_401264+D�j
add esi, 0FFFFh
and esi, 0FFFF0000h
loc_401286: ; CODE XREF: sub_401264+14�j
mov [ebx+4], esi
push 1 ; flProtect
push 2000h ; flAllocationType
push esi ; dwSize
push 0 ; lpAddress
call VirtualAlloc ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jz short loc_4012C3
mov edx, ebx
mov eax, offset dword_405434
call sub_401134
test al, al
jnz short loc_4012C3
push 8000h ; dwFreeType
push 0 ; dwSize
mov eax, [ebx]
push eax ; lpAddress
call VirtualFree ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_4012C3: ; CODE XREF: sub_401264+3A�j
; sub_401264+4A�j
pop edi
pop esi
pop ebx
retn
sub_401264 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4012C8 proc near ; CODE XREF: sub_40158C+4C�p
; sub_40158C+93�p
push ebx
push esi
push edi
push ebp
mov ebx, ecx
mov esi, edx
mov ebp, eax
mov dword ptr [ebx+4], 100000h
push 4 ; flProtect
push 2000h ; flAllocationType
push 100000h ; dwSize
push ebp ; lpAddress
call VirtualAlloc ; VirtualAlloc
mov edi, eax
mov [ebx], edi
test edi, edi
jnz short loc_401312
add esi, 0FFFFh
and esi, 0FFFF0000h
mov [ebx+4], esi
push 4 ; flProtect
push 2000h ; flAllocationType
push esi ; dwSize
push ebp ; lpAddress
call VirtualAlloc ; VirtualAlloc
mov [ebx], eax
loc_401312: ; CODE XREF: sub_4012C8+29�j
cmp dword ptr [ebx], 0
jz short loc_40133A
mov edx, ebx
mov eax, offset dword_405434
call sub_401134
test al, al
jnz short loc_40133A
push 8000h ; dwFreeType
push 0 ; dwSize
mov eax, [ebx]
push eax ; lpAddress
call VirtualFree ; VirtualFree
xor eax, eax
mov [ebx], eax
loc_40133A: ; CODE XREF: sub_4012C8+4D�j
; sub_4012C8+5D�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4012C8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401340 proc near ; CODE XREF: sub_4014FC+7E�p
; sub_40158C+7A�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF0h
mov [esp+20h+var_1C], ecx
mov [esp+20h+var_20], edx
mov [esp+20h+var_18], 0FFFFFFFFh
xor ebp, ebp
mov edi, eax
mov eax, [esp+20h+var_20]
add eax, edi
mov [esp+20h+var_14], eax
mov ebx, ds:dword_405434
jmp short loc_4013B6
; ---------------------------------------------------------------------------
loc_40136B: ; CODE XREF: sub_401340+7C�j
mov esi, [ebx+8]
cmp edi, esi
ja short loc_4013B4
mov eax, esi
add eax, [ebx+0Ch]
cmp eax, [esp+20h+var_14]
ja short loc_4013B4
cmp esi, [esp+20h+var_18]
jnb short loc_401387
mov [esp+20h+var_18], esi
loc_401387: ; CODE XREF: sub_401340+41�j
mov eax, esi
add eax, [ebx+0Ch]
cmp ebp, eax
jnb short loc_401392
mov ebp, eax
loc_401392: ; CODE XREF: sub_401340+4E�j
push 8000h ; dwFreeType
push 0 ; dwSize
push esi ; lpAddress
call VirtualFree ; VirtualFree
test eax, eax
jnz short loc_4013AD
mov ds:dword_405410, 1
loc_4013AD: ; CODE XREF: sub_401340+61�j
mov eax, ebx
call sub_401164
loc_4013B4: ; CODE XREF: sub_401340+30�j
; sub_401340+3B�j
mov ebx, [ebx]
loc_4013B6: ; CODE XREF: sub_401340+29�j
cmp ebx, offset dword_405434
jnz short loc_40136B
mov eax, [esp+20h+var_1C]
xor edx, edx
mov [eax], edx
test ebp, ebp
jz short loc_4013DF
mov eax, [esp+20h+var_1C]
mov edx, [esp+20h+var_18]
mov [eax], edx
sub ebp, [esp+20h+var_18]
mov eax, [esp+20h+var_1C]
mov [eax+4], ebp
loc_4013DF: ; CODE XREF: sub_401340+88�j
add esp, 10h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401340 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4013E8 proc near ; CODE XREF: sub_4014FC+2D�p
; sub_40158C+E6�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF4h
mov [esp+1Ch+var_18], ecx
mov [esp+1Ch+var_1C], edx
mov edx, eax
mov ebp, edx
and ebp, 0FFFFF000h
add edx, [esp+1Ch+var_1C]
add edx, 0FFFh
and edx, 0FFFFF000h
mov [esp+1Ch+var_14], edx
mov eax, [esp+1Ch+var_18]
mov [eax], ebp
mov eax, [esp+1Ch+var_14]
sub eax, ebp
mov edx, [esp+1Ch+var_18]
mov [edx+4], eax
mov esi, ds:dword_405434
jmp short loc_40146A
; ---------------------------------------------------------------------------
loc_40142E: ; CODE XREF: sub_4013E8+88�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebp, ebx
jbe short loc_40143C
mov ebx, ebp
loc_40143C: ; CODE XREF: sub_4013E8+50�j
cmp edi, [esp+1Ch+var_14]
jbe short loc_401446
mov edi, [esp+1Ch+var_14]
loc_401446: ; CODE XREF: sub_4013E8+58�j
cmp edi, ebx
jbe short loc_401468
push 4 ; flProtect
push 1000h ; flAllocationType
sub edi, ebx
push edi ; dwSize
push ebx ; lpAddress
call VirtualAlloc ; VirtualAlloc
test eax, eax
jnz short loc_401468
mov eax, [esp+1Ch+var_18]
xor edx, edx
mov [eax], edx
jmp short loc_401472
; ---------------------------------------------------------------------------
loc_401468: ; CODE XREF: sub_4013E8+60�j
; sub_4013E8+74�j
mov esi, [esi]
loc_40146A: ; CODE XREF: sub_4013E8+44�j
cmp esi, offset dword_405434
jnz short loc_40142E
loc_401472: ; CODE XREF: sub_4013E8+7E�j
add esp, 0Ch
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4013E8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40147C proc near ; CODE XREF: sub_4016B0+2E�p
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
push ecx
mov ebx, eax
mov esi, ebx
add esi, 0FFFh
and esi, 0FFFFF000h
mov [esp+14h+var_14], esi
mov ebp, ebx
add ebp, edx
and ebp, 0FFFFF000h
mov eax, [esp+14h+var_14]
mov [ecx], eax
mov eax, ebp
sub eax, [esp+14h+var_14]
mov [ecx+4], eax
mov esi, ds:dword_405434
jmp short loc_4014EB
; ---------------------------------------------------------------------------
loc_4014B3: ; CODE XREF: sub_40147C+75�j
mov ebx, [esi+8]
mov edi, [esi+0Ch]
add edi, ebx
cmp ebx, [esp+14h+var_14]
jnb short loc_4014C3
mov ebx, [esp+14h+var_14]
loc_4014C3: ; CODE XREF: sub_40147C+42�j
cmp ebp, edi
jnb short loc_4014C9
mov edi, ebp
loc_4014C9: ; CODE XREF: sub_40147C+49�j
cmp edi, ebx
jbe short loc_4014E9
push 4000h ; dwFreeType
sub edi, ebx
push edi ; dwSize
push ebx ; lpAddress
call VirtualFree ; VirtualFree
test eax, eax
jnz short loc_4014E9
mov ds:dword_405410, 2
loc_4014E9: ; CODE XREF: sub_40147C+4F�j
; sub_40147C+61�j
mov esi, [esi]
loc_4014EB: ; CODE XREF: sub_40147C+35�j
cmp esi, offset dword_405434
jnz short loc_4014B3
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_40147C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4014FC proc near ; CODE XREF: sub_401C7C+B�p
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
mov edi, eax
mov ebp, offset dword_405444
add edi, 3FFFh
and edi, 0FFFFC000h
loc_401518: ; CODE XREF: sub_4014FC+75�j
mov ebx, [ebp+0]
jmp short loc_401550
; ---------------------------------------------------------------------------
loc_40151D: ; CODE XREF: sub_4014FC+56�j
cmp edi, [ebx+0Ch]
jg short loc_40154E
mov ecx, esi
mov edx, edi
mov eax, [ebx+8]
call sub_4013E8
cmp dword ptr [esi], 0
jz short loc_401583
mov eax, [esi+4]
add [ebx+8], eax
mov eax, [esi+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_401583
mov eax, ebx
call sub_401164
jmp short loc_401583
; ---------------------------------------------------------------------------
loc_40154E: ; CODE XREF: sub_4014FC+24�j
mov ebx, [ebx]
loc_401550: ; CODE XREF: sub_4014FC+1F�j
cmp ebx, ebp
jnz short loc_40151D
mov edx, esi
mov eax, edi
call sub_401264
cmp dword ptr [esi], 0
jz short loc_401583
mov ecx, esp
mov edx, esi
mov eax, ebp
call sub_401170
cmp [esp+18h+var_18], 0
jnz short loc_401518
mov ecx, esp
mov edx, [esi+4]
mov eax, [esi]
call sub_401340
xor eax, eax
mov [esi], eax
loc_401583: ; CODE XREF: sub_4014FC+35�j
; sub_4014FC+47�j ...
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_4014FC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40158C proc near ; CODE XREF: sub_401CA8+10�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFECh
mov [esp+24h+var_24], ecx
mov edi, edx
mov esi, eax
mov ebp, offset dword_405444
add edi, 3FFFh
and edi, 0FFFFC000h
loc_4015AB: ; CODE XREF: sub_40158C+6C�j
; sub_40158C+B3�j
mov ebx, [ebp+0]
jmp short loc_4015B2
; ---------------------------------------------------------------------------
loc_4015B0: ; CODE XREF: sub_40158C+2D�j
mov ebx, [ebx]
loc_4015B2: ; CODE XREF: sub_40158C+22�j
cmp ebx, ebp
jz short loc_4015BB
cmp esi, [ebx+8]
jnz short loc_4015B0
loc_4015BB: ; CODE XREF: sub_40158C+28�j
cmp esi, [ebx+8]
jnz short loc_401617
cmp edi, [ebx+0Ch]
jle loc_40165F
lea ecx, [esp+24h+var_20]
mov edx, edi
sub edx, [ebx+0Ch]
mov eax, [ebx+8]
add eax, [ebx+0Ch]
call sub_4012C8
cmp [esp+24h+var_20], 0
jz short loc_401617
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_401170
cmp [esp+24h+var_18], 0
jnz short loc_4015AB
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_401340
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp loc_4016A7
; ---------------------------------------------------------------------------
loc_401617: ; CODE XREF: sub_40158C+32�j
; sub_40158C+56�j
lea ecx, [esp+24h+var_20]
mov edx, edi
mov eax, esi
call sub_4012C8
cmp [esp+24h+var_20], 0
jz short loc_40165F
lea ecx, [esp+24h+var_18]
lea edx, [esp+24h+var_20]
mov eax, ebp
call sub_401170
cmp [esp+24h+var_18], 0
jnz loc_4015AB
lea ecx, [esp+24h+var_18]
mov edx, [esp+24h+var_1C]
mov eax, [esp+24h+var_20]
call sub_401340
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
jmp short loc_4016A7
; ---------------------------------------------------------------------------
loc_40165F: ; CODE XREF: sub_40158C+37�j
; sub_40158C+9D�j
mov ebp, [ebx+8]
cmp esi, ebp
jnz short loc_4016A0
cmp edi, [ebx+0Ch]
jg short loc_4016A0
mov ecx, [esp+24h+var_24]
mov edx, edi
mov eax, ebp
call sub_4013E8
mov eax, [esp+24h+var_24]
cmp dword ptr [eax], 0
jz short loc_4016A7
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
add [ebx+8], eax
mov eax, [esp+24h+var_24]
mov eax, [eax+4]
sub [ebx+0Ch], eax
cmp dword ptr [ebx+0Ch], 0
jnz short loc_4016A7
mov eax, ebx
call sub_401164
jmp short loc_4016A7
; ---------------------------------------------------------------------------
loc_4016A0: ; CODE XREF: sub_40158C+D8�j
; sub_40158C+DD�j
mov eax, [esp+24h+var_24]
xor edx, edx
mov [eax], edx
loc_4016A7: ; CODE XREF: sub_40158C+86�j
; sub_40158C+D1�j ...
add esp, 14h
pop ebp
pop edi
pop esi
pop ebx
retn
sub_40158C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4016B0 proc near ; CODE XREF: sub_401A8C+40�p
; sub_401A8C+51�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFECh
mov edi, ecx
mov [esp+20h+var_20], edx
lea ebx, [eax+3FFFh]
and ebx, 0FFFFC000h
mov esi, [esp+20h+var_20]
add esi, eax
and esi, 0FFFFC000h
cmp ebx, esi
jnb short loc_401731
mov ecx, edi
mov edx, esi
sub edx, ebx
mov eax, ebx
call sub_40147C
lea ecx, [esp+20h+var_1C]
mov edx, edi
mov eax, offset dword_405444
call sub_401170
mov ebx, [esp+20h+var_1C]
test ebx, ebx
jz short loc_40171A
lea ecx, [esp+20h+var_14]
mov edx, [esp+20h+var_18]
mov eax, ebx
call sub_401340
mov eax, [esp+20h+var_14]
mov [esp+20h+var_1C], eax
mov eax, [esp+20h+var_10]
mov [esp+20h+var_18], eax
loc_40171A: ; CODE XREF: sub_4016B0+49�j
cmp [esp+20h+var_1C], 0
jz short loc_401735
lea edx, [esp+20h+var_1C]
mov eax, offset dword_405444
call sub_4011D4
jmp short loc_401735
; ---------------------------------------------------------------------------
loc_401731: ; CODE XREF: sub_4016B0+24�j
xor eax, eax
mov [edi], eax
loc_401735: ; CODE XREF: sub_4016B0+6F�j
; sub_4016B0+7F�j
add esp, 14h
pop edi
pop esi
pop ebx
retn
sub_4016B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40173C proc near ; CODE XREF: sub_401DF8+14�p
; sub_401F80+19�p ...
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 004026E4 SIZE 00000036 BYTES
push ebp
mov ebp, esp
xor edx, edx
push ebp
push offset loc_4017F2
push dword ptr fs:[edx]
mov fs:[edx], esp
push offset CriticalSection ; lpCriticalSection
call InitializeCriticalSection ; InitializeCriticalSection
cmp ds:byte_40502A, 0
jz short loc_40176A
push offset CriticalSection ; lpCriticalSection
call EnterCriticalSection
loc_40176A: ; CODE XREF: sub_40173C+22�j
mov eax, offset dword_405434
call sub_40112C
mov eax, offset dword_405444
call sub_40112C
mov eax, offset dword_405470
call sub_40112C
push 0FF8h ; uBytes
push 0 ; uFlags
call LocalAlloc ; LocalAlloc
mov ds:hMem, eax
cmp ds:hMem, 0
jz short loc_4017D1
mov eax, 3
loc_4017A7: ; CODE XREF: sub_40173C+7D�j
mov edx, ds:hMem
xor ecx, ecx
mov [edx+eax*4-0Ch], ecx
inc eax
cmp eax, 401h
jnz short loc_4017A7
mov eax, offset dword_405454
mov [eax+4], eax
mov [eax], eax
mov ds:dword_405460, eax
mov ds:byte_40540D, 1
loc_4017D1: ; CODE XREF: sub_40173C+64�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4017F9
loc_4017DE: ; CODE XREF: sub_40173C+BB�j
cmp ds:byte_40502A, 0
jz short loc_4017F1
push offset CriticalSection ; lpCriticalSection
call LeaveCriticalSection
loc_4017F1: ; CODE XREF: sub_40173C+A9�j
retn
; ---------------------------------------------------------------------------
loc_4017F2: ; DATA XREF: sub_40173C+6�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4017DE
; ---------------------------------------------------------------------------
loc_4017F9: ; CODE XREF: sub_40173C:loc_4017F1�j
; DATA XREF: sub_40173C+9D�o
mov al, ds:byte_40540D
pop ebp
retn
sub_40173C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401800 proc near ; CODE XREF: sub_402EEC-60�p
push ebp
mov ebp, esp
push ebx
cmp ds:byte_40540D, 0
jz loc_4018DF
xor edx, edx
push ebp
push offset loc_4018D8
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_40502A, 0
jz short loc_401832
push offset CriticalSection ; lpCriticalSection
call EnterCriticalSection
loc_401832: ; CODE XREF: sub_401800+26�j
mov ds:byte_40540D, 0
mov eax, ds:hMem
push eax ; hMem
call LocalFree ; LocalFree
xor eax, eax
mov ds:hMem, eax
mov ebx, ds:dword_405434
jmp short loc_401865
; ---------------------------------------------------------------------------
loc_401853: ; CODE XREF: sub_401800+6B�j
push 8000h ; dwFreeType
push 0 ; dwSize
mov eax, [ebx+8]
push eax ; lpAddress
call VirtualFree ; VirtualFree
mov ebx, [ebx]
loc_401865: ; CODE XREF: sub_401800+51�j
cmp ebx, offset dword_405434
jnz short loc_401853
mov eax, offset dword_405434
call sub_40112C
mov eax, offset dword_405444
call sub_40112C
mov eax, offset dword_405470
call sub_40112C
mov eax, ds:dword_40542C
test eax, eax
jz short loc_4018AB
loc_401894: ; CODE XREF: sub_401800+A9�j
mov edx, [eax]
mov ds:dword_40542C, edx
push eax ; hMem
call LocalFree ; LocalFree
mov eax, ds:dword_40542C
test eax, eax
jnz short loc_401894
loc_4018AB: ; CODE XREF: sub_401800+92�j
pop large dword ptr fs:0
add esp, 8
push offset loc_4018DF
loc_4018BA: ; CODE XREF: sub_401800+DD�j
cmp ds:byte_40502A, 0
jz short loc_4018CD
push offset CriticalSection ; lpCriticalSection
call LeaveCriticalSection
loc_4018CD: ; CODE XREF: sub_401800+C1�j
push offset CriticalSection ; lpCriticalSection
call DeleteCriticalSection
retn
; ---------------------------------------------------------------------------
loc_4018D8: ; DATA XREF: sub_401800+14�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4018BA
; ---------------------------------------------------------------------------
loc_4018DF: ; CODE XREF: sub_401800+B�j
; DATA XREF: sub_401800+B5�o
pop ebx
pop ebp
retn
sub_401800 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4018E4 proc near ; CODE XREF: sub_4019E4:loc_401A45�p
; sub_401A54+23�p ...
push ebx
cmp eax, ds:dword_405460
jnz short loc_4018F6
mov edx, [eax+4]
mov ds:dword_405460, edx
loc_4018F6: ; CODE XREF: sub_4018E4+7�j
mov edx, [eax+4]
mov ecx, [eax+8]
cmp ecx, 1000h
jg short loc_40192E
cmp eax, edx
jnz short loc_401918
shr ecx, 2
mov eax, ds:hMem
xor edx, edx
mov [eax+ecx*4-0Ch], edx
jmp short loc_401935
; ---------------------------------------------------------------------------
loc_401918: ; CODE XREF: sub_4018E4+22�j
shr ecx, 2
mov ebx, ds:hMem
mov [ebx+ecx*4-0Ch], edx
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
pop ebx
retn
; ---------------------------------------------------------------------------
loc_40192E: ; CODE XREF: sub_4018E4+1E�j
mov eax, [eax]
mov [edx], eax
mov [eax+4], edx
loc_401935: ; CODE XREF: sub_4018E4+32�j
pop ebx
retn
sub_4018E4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401938 proc near ; CODE XREF: sub_401A8C+D�p
mov edx, ds:dword_405470
jmp short loc_401950
; ---------------------------------------------------------------------------
loc_401940: ; CODE XREF: sub_401938+1E�j
mov ecx, [edx+8]
cmp eax, ecx
jb short loc_40194E
add ecx, [edx+0Ch]
cmp eax, ecx
jb short loc_401964
loc_40194E: ; CODE XREF: sub_401938+D�j
mov edx, [edx]
loc_401950: ; CODE XREF: sub_401938+6�j
cmp edx, offset dword_405470
jnz short loc_401940
mov ds:dword_405410, 3
xor edx, edx
loc_401964: ; CODE XREF: sub_401938+14�j
mov eax, edx
retn
sub_401938 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401968 proc near ; CODE XREF: sub_401A8C+67�p
; sub_401BF0+68�p
push ebx
mov ecx, edx
sub ecx, 4
lea ebx, [ecx+eax]
cmp edx, 10h
jl short loc_401985
mov dword ptr [ebx], 80000007h
mov edx, ecx
call sub_401B24
pop ebx
retn
; ---------------------------------------------------------------------------
loc_401985: ; CODE XREF: sub_401968+C�j
cmp edx, 4
jl short loc_401996
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
mov [ebx], ecx
loc_401996: ; CODE XREF: sub_401968+20�j
pop ebx
retn
sub_401968 endp
; =============== S U B R O U T I N E =======================================
sub_401998 proc near ; CODE XREF: sub_4019BC+D�p
; sub_401BA4+36�p ...
inc ds:dword_4053F4
mov edx, eax
sub edx, 4
mov edx, [edx]
and edx, 7FFFFFFCh
sub edx, 4
add ds:dword_4053F8, edx
call sub_401F80
retn
sub_401998 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4019BC proc near ; CODE XREF: sub_401A8C+81�p
cmp edx, 0Ch
jl short loc_4019CF
or edx, 2
mov [eax], edx
add eax, 4
call sub_401998
retn
; ---------------------------------------------------------------------------
loc_4019CF: ; CODE XREF: sub_4019BC+3�j
cmp edx, 4
jl short loc_4019DE
mov ecx, edx
or ecx, 80000002h
mov [eax], ecx
loc_4019DE: ; CODE XREF: sub_4019BC+16�j
add eax, edx
and dword ptr [eax], 0FFFFFFFEh
retn
sub_4019BC endp
; =============== S U B R O U T I N E =======================================
sub_4019E4 proc near ; CODE XREF: sub_401BF0+36�p
push ebx
push esi
mov edx, eax
sub edx, 4
mov edx, [edx]
mov ecx, edx
and ecx, 80000002h
cmp ecx, 80000002h
jz short loc_401A07
mov ds:dword_405410, 4
loc_401A07: ; CODE XREF: sub_4019E4+17�j
mov ebx, edx
and ebx, 7FFFFFFCh
sub eax, ebx
mov ecx, eax
xor edx, [ecx]
test edx, 0FFFFFFFEh
jz short loc_401A27
mov ds:dword_405410, 5
loc_401A27: ; CODE XREF: sub_4019E4+37�j
test byte ptr [ecx], 1
jz short loc_401A4C
mov edx, eax
sub edx, 0Ch
mov esi, [edx+8]
sub eax, esi
cmp esi, [eax+8]
jz short loc_401A45
mov ds:dword_405410, 6
loc_401A45: ; CODE XREF: sub_4019E4+55�j
call sub_4018E4
add ebx, esi
loc_401A4C: ; CODE XREF: sub_4019E4+46�j
mov eax, ebx
pop esi
pop ebx
retn
sub_4019E4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401A54 proc near ; CODE XREF: sub_401BF0+4F�p
push ebx
push esi
push edi
mov ebx, eax
xor edi, edi
mov eax, [ebx]
test eax, 80000000h
jz short loc_401A6F
and eax, 7FFFFFFCh
add edi, eax
add ebx, eax
mov eax, [ebx]
loc_401A6F: ; CODE XREF: sub_401A54+E�j
test al, 2
jnz short loc_401A86
mov esi, ebx
mov eax, esi
call sub_4018E4
mov eax, [esi+8]
add edi, eax
add ebx, eax
and dword ptr [ebx], 0FFFFFFFEh
loc_401A86: ; CODE XREF: sub_401A54+1D�j
mov eax, edi
pop edi
pop esi
pop ebx
retn
sub_401A54 endp
; =============== S U B R O U T I N E =======================================
sub_401A8C proc near ; CODE XREF: sub_401B24+5A�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov edi, edx
mov esi, eax
mov eax, esi
call sub_401938
mov ebx, eax
mov ebp, [ebx+8]
mov eax, ebp
add eax, [ebx+0Ch]
mov edx, eax
lea ecx, [edi+esi]
sub edx, ecx
cmp edx, 0Ch
jg short loc_401AB8
mov edi, eax
sub edi, esi
loc_401AB8: ; CODE XREF: sub_401A8C+26�j
mov eax, esi
sub eax, ebp
cmp eax, 0Ch
jge short loc_401AD3
mov ecx, esp
mov edx, esi
sub edx, [ebx+8]
add edx, edi
mov eax, ebp
call sub_4016B0
jmp short loc_401AE2
; ---------------------------------------------------------------------------
loc_401AD3: ; CODE XREF: sub_401A8C+33�j
mov ecx, esp
mov edx, edi
sub edx, 4
lea eax, [esi+4]
call sub_4016B0
loc_401AE2: ; CODE XREF: sub_401A8C+45�j
mov ebp, [esp+18h+var_18]
test ebp, ebp
jnz short loc_401AED
xor eax, eax
jmp short loc_401B1D
; ---------------------------------------------------------------------------
loc_401AED: ; CODE XREF: sub_401A8C+5B�j
mov edx, ebp
sub edx, esi
mov eax, esi
call sub_401968
mov eax, ebp
add eax, [esp+18h+var_14]
mov edx, [ebx+8]
add edx, [ebx+0Ch]
cmp eax, edx
jnb short loc_401B12
lea edx, [edi+esi]
sub edx, eax
call sub_4019BC
loc_401B12: ; CODE XREF: sub_401A8C+7A�j
mov edx, esp
mov eax, ebx
call sub_4011D4
mov al, 1
loc_401B1D: ; CODE XREF: sub_401A8C+5F�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401A8C endp
; =============== S U B R O U T I N E =======================================
sub_401B24 proc near ; CODE XREF: sub_401968+16�p
; sub_401D04+BB�p ...
push ebx
push esi
push edi
mov esi, edx
mov edi, eax
mov ebx, edi
mov [ebx+8], esi
mov eax, ebx
add eax, esi
sub eax, 0Ch
mov [eax+8], esi
cmp esi, 1000h
jg short loc_401B72
mov edx, esi
shr edx, 2
mov eax, ds:hMem
mov eax, [eax+edx*4-0Ch]
test eax, eax
jnz short loc_401B64
mov eax, ds:hMem
mov [eax+edx*4-0Ch], ebx
mov [ebx+4], ebx
mov [ebx], ebx
jmp short loc_401B9E
; ---------------------------------------------------------------------------
loc_401B64: ; CODE XREF: sub_401B24+2E�j
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
jmp short loc_401B9E
; ---------------------------------------------------------------------------
loc_401B72: ; CODE XREF: sub_401B24+1C�j
cmp esi, 3C00h
jl short loc_401B87
mov edx, esi
mov eax, edi
call sub_401A8C
test al, al
jnz short loc_401B9E
loc_401B87: ; CODE XREF: sub_401B24+54�j
mov eax, ds:dword_405460
mov ds:dword_405460, ebx
mov edx, [eax]
mov [ebx+4], eax
mov [ebx], edx
mov [eax], ebx
mov [edx+4], ebx
loc_401B9E: ; CODE XREF: sub_401B24+3E�j
; sub_401B24+4C�j ...
pop edi
pop esi
pop ebx
retn
sub_401B24 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401BA4 proc near ; CODE XREF: sub_401BF0+F�p
; sub_401F80+100�p ...
cmp ds:dword_405464, 0
jle short locret_401BED
cmp ds:dword_405464, 0Ch
jge short loc_401BC2
mov ds:dword_405410, 7
jmp short locret_401BED
; ---------------------------------------------------------------------------
loc_401BC2: ; CODE XREF: sub_401BA4+10�j
mov eax, ds:dword_405464
or eax, 2
mov edx, ds:dword_405468
mov [edx], eax
mov eax, ds:dword_405468
add eax, 4
call sub_401998
xor eax, eax
mov ds:dword_405468, eax
xor eax, eax
mov ds:dword_405464, eax
locret_401BED: ; CODE XREF: sub_401BA4+7�j
; sub_401BA4+1C�j
retn
sub_401BA4 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_401BF0 proc near ; CODE XREF: sub_401C7C+18�p
; sub_401CA8+1D�p
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
push ebx
push esi
push edi
add esp, 0FFFFFFF0h
mov esi, eax
lea edi, [esp+1Ch+var_1C]
movsd
movsd
mov edi, esp
call sub_401BA4
lea ecx, [esp+1Ch+var_14]
mov edx, edi
mov eax, offset dword_405470
call sub_401170
mov ebx, [esp+1Ch+var_14]
test ebx, ebx
jnz short loc_401C20
xor eax, eax
jmp short loc_401C72
; ---------------------------------------------------------------------------
loc_401C20: ; CODE XREF: sub_401BF0+2A�j
mov eax, [edi]
cmp ebx, eax
jnb short loc_401C30
call sub_4019E4
sub [edi], eax
add [edi+4], eax
loc_401C30: ; CODE XREF: sub_401BF0+34�j
mov eax, [edi]
add eax, [edi+4]
mov esi, ebx
add esi, [esp+1Ch+var_10]
cmp eax, esi
jnb short loc_401C47
call sub_401A54
add [edi+4], eax
loc_401C47: ; CODE XREF: sub_401BF0+4D�j
mov eax, [edi]
add eax, [edi+4]
cmp esi, eax
jnz short loc_401C61
sub eax, 4
mov edx, 4
call sub_401968
sub dword ptr [edi+4], 4
loc_401C61: ; CODE XREF: sub_401BF0+5E�j
mov eax, [edi]
mov ds:dword_405468, eax
mov eax, [edi+4]
mov ds:dword_405464, eax
mov al, 1
loc_401C72: ; CODE XREF: sub_401BF0+2E�j
add esp, 10h
pop edi
pop esi
pop ebx
retn
sub_401BF0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401C7C proc near ; CODE XREF: sub_401D04+57�p
var_C = dword ptr -0Ch
push ebx
add esp, 0FFFFFFF8h
mov ebx, eax
mov edx, esp
lea eax, [ebx+4]
call sub_4014FC
cmp [esp+0Ch+var_C], 0
jz short loc_401C9D
mov eax, esp
call sub_401BF0
test al, al
jnz short loc_401CA1
loc_401C9D: ; CODE XREF: sub_401C7C+14�j
xor eax, eax
jmp short loc_401CA3
; ---------------------------------------------------------------------------
loc_401CA1: ; CODE XREF: sub_401C7C+1F�j
mov al, 1
loc_401CA3: ; CODE XREF: sub_401C7C+23�j
pop ecx
pop edx
pop ebx
retn
sub_401C7C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401CA8 proc near ; CODE XREF: sub_402124+199�p
var_10 = dword ptr -10h
push ebx
push esi
add esp, 0FFFFFFF8h
mov esi, edx
mov ebx, eax
mov ecx, esp
lea edx, [esi+4]
mov eax, ebx
call sub_40158C
cmp [esp+10h+var_10], 0
jz short loc_401CCE
mov eax, esp
call sub_401BF0
test al, al
jnz short loc_401CD2
loc_401CCE: ; CODE XREF: sub_401CA8+19�j
xor eax, eax
jmp short loc_401CD4
; ---------------------------------------------------------------------------
loc_401CD2: ; CODE XREF: sub_401CA8+24�j
mov al, 1
loc_401CD4: ; CODE XREF: sub_401CA8+28�j
pop ecx
pop edx
pop esi
pop ebx
retn
sub_401CA8 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401CDC proc near ; CODE XREF: sub_401D04+4A�p
xor edx, edx
shr eax, 2
cmp eax, 400h
ja short loc_401CFE
loc_401CE8: ; CODE XREF: sub_401CDC+20�j
mov edx, ds:hMem
mov edx, [edx+eax*4-0Ch]
test edx, edx
jnz short loc_401CFE
inc eax
cmp eax, 401h
jnz short loc_401CE8
loc_401CFE: ; CODE XREF: sub_401CDC+A�j
; sub_401CDC+18�j
mov eax, edx
retn
sub_401CDC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_401D04 proc near ; CODE XREF: sub_401DF8+14B�p
push ebx
push esi
push edi
push ebp
mov esi, eax
mov edi, offset dword_405460
mov ebp, offset dword_405464
loc_401D14: ; CODE XREF: sub_401D04+6A�j
mov ebx, ds:dword_405458
cmp esi, [ebx+8]
jle loc_401DA7
mov ebx, [edi]
mov eax, [ebx+8]
cmp esi, eax
jle short loc_401DA7
mov [ebx+8], esi
loc_401D2F: ; CODE XREF: sub_401D04+31�j
mov ebx, [ebx+4]
cmp esi, [ebx+8]
jg short loc_401D2F
mov edx, [edi]
mov [edx+8], eax
cmp ebx, [edi]
jz short loc_401D44
mov [edi], ebx
jmp short loc_401DA7
; ---------------------------------------------------------------------------
loc_401D44: ; CODE XREF: sub_401D04+3A�j
cmp esi, 1000h
jg short loc_401D59
mov eax, esi
call sub_401CDC
mov ebx, eax
test ebx, ebx
jnz short loc_401DA7
loc_401D59: ; CODE XREF: sub_401D04+46�j
mov eax, esi
call sub_401C7C
test al, al
jnz short loc_401D6B
xor eax, eax
jmp loc_401DF3
; ---------------------------------------------------------------------------
loc_401D6B: ; CODE XREF: sub_401D04+5E�j
cmp esi, [ebp+0]
jg short loc_401D14
sub [ebp+0], esi
cmp dword ptr [ebp+0], 0Ch
jge short loc_401D81
add esi, [ebp+0]
xor eax, eax
mov [ebp+0], eax
loc_401D81: ; CODE XREF: sub_401D04+73�j
mov eax, ds:dword_405468
add ds:dword_405468, esi
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_4053F4
sub esi, 4
add ds:dword_4053F8, esi
jmp short loc_401DF3
; ---------------------------------------------------------------------------
loc_401DA7: ; CODE XREF: sub_401D04+19�j
; sub_401D04+26�j ...
mov eax, ebx
call sub_4018E4
mov edx, [ebx+8]
mov eax, edx
sub eax, esi
cmp eax, 0Ch
jl short loc_401DC6
mov edx, ebx
add edx, esi
xchg eax, edx
call sub_401B24
jmp short loc_401DD8
; ---------------------------------------------------------------------------
loc_401DC6: ; CODE XREF: sub_401D04+B4�j
mov esi, edx
cmp ebx, [edi]
jnz short loc_401DD1
mov eax, [ebx+4]
mov [edi], eax
loc_401DD1: ; CODE XREF: sub_401D04+C6�j
mov eax, ebx
add eax, esi
and dword ptr [eax], 0FFFFFFFEh
loc_401DD8: ; CODE XREF: sub_401D04+C0�j
mov eax, ebx
mov edx, esi
or edx, 2
mov [eax], edx
add eax, 4
inc ds:dword_4053F4
sub esi, 4
add ds:dword_4053F8, esi
loc_401DF3: ; CODE XREF: sub_401D04+62�j
; sub_401D04+A1�j
pop ebp
pop edi
pop esi
pop ebx
retn
sub_401D04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401DF8 proc near ; CODE XREF: sub_4022F4+5C�p
; sub_4023B8+4�p
; DATA XREF: ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
push ebx
push esi
push edi
mov ebx, eax
cmp ds:byte_40540D, 0
jnz short loc_401E1F
call sub_40173C
test al, al
jnz short loc_401E1F
xor eax, eax
mov [ebp+var_4], eax
jmp loc_401F73
; ---------------------------------------------------------------------------
loc_401E1F: ; CODE XREF: sub_401DF8+12�j
; sub_401DF8+1B�j
xor esi, esi
push ebp
push offset loc_401F6C
push dword ptr fs:[esi]
mov fs:[esi], esp
cmp ds:byte_40502A, 0
jz short loc_401E40
push offset CriticalSection ; lpCriticalSection
call EnterCriticalSection
loc_401E40: ; CODE XREF: sub_401DF8+3C�j
add ebx, 7
and ebx, 0FFFFFFFCh
cmp ebx, 0Ch
jge short loc_401E50
mov ebx, 0Ch
loc_401E50: ; CODE XREF: sub_401DF8+51�j
cmp ebx, 1000h
jg loc_401EEF
mov eax, ebx
test eax, eax
jns short loc_401E65
add eax, 3
loc_401E65: ; CODE XREF: sub_401DF8+68�j
sar eax, 2
mov edx, ds:hMem
mov edx, [edx+eax*4-0Ch]
test edx, edx
jz short loc_401EEF
mov ecx, edx
mov eax, ecx
add eax, ebx
and dword ptr [eax], 0FFFFFFFEh
mov eax, [edx+4]
cmp edx, eax
jnz short loc_401EA0
mov eax, ebx
test eax, eax
jns short loc_401E8F
add eax, 3
loc_401E8F: ; CODE XREF: sub_401DF8+92�j
sar eax, 2
mov esi, ds:hMem
xor edi, edi
mov [esi+eax*4-0Ch], edi
jmp short loc_401EC6
; ---------------------------------------------------------------------------
loc_401EA0: ; CODE XREF: sub_401DF8+8C�j
mov esi, ebx
test esi, esi
jns short loc_401EA9
add esi, 3
loc_401EA9: ; CODE XREF: sub_401DF8+AC�j
sar esi, 2
mov edi, ds:hMem
mov [edi+esi*4-0Ch], eax
mov esi, [edx]
mov [ebp+var_8], esi
mov esi, [ebp+var_8]
mov [esi+4], eax
mov esi, [ebp+var_8]
mov [eax], esi
loc_401EC6: ; CODE XREF: sub_401DF8+A6�j
mov eax, ecx
mov edx, [edx+8]
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_4053F4
sub ebx, 4
add ds:dword_4053F8, ebx
call sub_4027CC
jmp loc_401F73
; ---------------------------------------------------------------------------
loc_401EEF: ; CODE XREF: sub_401DF8+5E�j
; sub_401DF8+7C�j
cmp ebx, ds:dword_405464
jg short loc_401F41
sub ds:dword_405464, ebx
cmp ds:dword_405464, 0Ch
jge short loc_401F13
add ebx, ds:dword_405464
xor eax, eax
mov ds:dword_405464, eax
loc_401F13: ; CODE XREF: sub_401DF8+10C�j
mov eax, ds:dword_405468
add ds:dword_405468, ebx
mov edx, ebx
or edx, 2
mov [eax], edx
add eax, 4
mov [ebp+var_4], eax
inc ds:dword_4053F4
sub ebx, 4
add ds:dword_4053F8, ebx
call sub_4027CC
jmp short loc_401F73
; ---------------------------------------------------------------------------
loc_401F41: ; CODE XREF: sub_401DF8+FD�j
mov eax, ebx
call sub_401D04
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_401F73
loc_401F58: ; CODE XREF: sub_401DF8+179�j
cmp ds:byte_40502A, 0
jz short loc_401F6B
push offset CriticalSection ; lpCriticalSection
call LeaveCriticalSection
loc_401F6B: ; CODE XREF: sub_401DF8+167�j
retn
; ---------------------------------------------------------------------------
loc_401F6C: ; DATA XREF: sub_401DF8+2A�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_401F58
; ---------------------------------------------------------------------------
loc_401F73: ; CODE XREF: sub_401DF8+22�j
; sub_401DF8+F2�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_401DF8 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401F80 proc near ; CODE XREF: sub_401998+1C�p
; sub_4022F4+89�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov ebx, eax
xor eax, eax
mov ds:dword_405410, eax
cmp ds:byte_40540D, 0
jnz short loc_401FB8
call sub_40173C
test al, al
jnz short loc_401FB8
mov ds:dword_405410, 8
mov [ebp+var_4], 8
jmp loc_402119
; ---------------------------------------------------------------------------
loc_401FB8: ; CODE XREF: sub_401F80+17�j
; sub_401F80+20�j
xor ecx, ecx
push ebp
push offset loc_402112
push dword ptr fs:[ecx]
mov fs:[ecx], esp
cmp ds:byte_40502A, 0
jz short loc_401FD9
push offset CriticalSection ; lpCriticalSection
call EnterCriticalSection
loc_401FD9: ; CODE XREF: sub_401F80+4D�j
mov esi, ebx
sub esi, 4
mov ebx, [esi]
test bl, 2
jnz short loc_401FF4
mov ds:dword_405410, 9
jmp loc_4020E9
; ---------------------------------------------------------------------------
loc_401FF4: ; CODE XREF: sub_401F80+63�j
dec ds:dword_4053F4
mov eax, ebx
and eax, 7FFFFFFCh
sub eax, 4
sub ds:dword_4053F8, eax
test bl, 1
jz short loc_402054
mov eax, esi
sub eax, 0Ch
mov edx, [eax+8]
cmp edx, 0Ch
jl short loc_402024
test edx, 80000003h
jz short loc_402033
loc_402024: ; CODE XREF: sub_401F80+9A�j
mov ds:dword_405410, 0Ah
jmp loc_4020E9
; ---------------------------------------------------------------------------
loc_402033: ; CODE XREF: sub_401F80+A2�j
mov eax, esi
sub eax, edx
cmp edx, [eax+8]
jz short loc_40204B
mov ds:dword_405410, 0Ah
jmp loc_4020E9
; ---------------------------------------------------------------------------
loc_40204B: ; CODE XREF: sub_401F80+BA�j
add ebx, edx
mov esi, eax
call sub_4018E4
loc_402054: ; CODE XREF: sub_401F80+8D�j
and ebx, 7FFFFFFCh
mov eax, esi
add eax, ebx
mov edi, eax
cmp edi, ds:dword_405468
jnz short loc_402094
sub ds:dword_405468, ebx
add ds:dword_405464, ebx
cmp ds:dword_405464, 3C00h
jle short loc_402085
call sub_401BA4
loc_402085: ; CODE XREF: sub_401F80+FE�j
xor eax, eax
mov [ebp+var_4], eax
call sub_4027CC
jmp loc_402119
; ---------------------------------------------------------------------------
loc_402094: ; CODE XREF: sub_401F80+E6�j
mov edx, [eax]
test dl, 2
jz short loc_4020B7
and edx, 7FFFFFFCh
cmp edx, 4
jge short loc_4020B2
mov ds:dword_405410, 0Bh
jmp short loc_4020E9
; ---------------------------------------------------------------------------
loc_4020B2: ; CODE XREF: sub_401F80+124�j
or dword ptr [eax], 1
jmp short loc_4020E0
; ---------------------------------------------------------------------------
loc_4020B7: ; CODE XREF: sub_401F80+119�j
mov eax, edi
cmp dword ptr [eax+4], 0
jz short loc_4020CA
cmp dword ptr [eax], 0
jz short loc_4020CA
cmp dword ptr [eax+8], 0Ch
jge short loc_4020D6
loc_4020CA: ; CODE XREF: sub_401F80+13D�j
; sub_401F80+142�j
mov ds:dword_405410, 0Bh
jmp short loc_4020E9
; ---------------------------------------------------------------------------
loc_4020D6: ; CODE XREF: sub_401F80+148�j
mov edx, [eax+8]
add ebx, edx
call sub_4018E4
loc_4020E0: ; CODE XREF: sub_401F80+135�j
mov edx, ebx
mov eax, esi
call sub_401B24
loc_4020E9: ; CODE XREF: sub_401F80+6F�j
; sub_401F80+AE�j ...
mov eax, ds:dword_405410
mov [ebp+var_4], eax
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_402119
loc_4020FE: ; CODE XREF: sub_401F80+197�j
cmp ds:byte_40502A, 0
jz short loc_402111
push offset CriticalSection ; lpCriticalSection
call LeaveCriticalSection
loc_402111: ; CODE XREF: sub_401F80+185�j
retn
; ---------------------------------------------------------------------------
loc_402112: ; DATA XREF: sub_401F80+3B�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4020FE
; ---------------------------------------------------------------------------
loc_402119: ; CODE XREF: sub_401F80+33�j
; sub_401F80+10F�j ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_401F80 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402124 proc near ; CODE XREF: sub_4022F4+4C�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
push ebx
push esi
push edi
push ebp
add esp, 0FFFFFFF8h
mov esi, edx
add esi, 7
and esi, 0FFFFFFFCh
cmp esi, 0Ch
jge short loc_40213D
mov esi, 0Ch
loc_40213D: ; CODE XREF: sub_402124+12�j
mov ebp, eax
sub ebp, 4
mov edi, [ebp+0]
and edi, 7FFFFFFCh
mov eax, ebp
add eax, edi
mov ebx, eax
cmp edi, esi
jb loc_4021DC
mov edx, edi
sub edx, esi
mov [esp+18h+var_18], edx
cmp ebx, ds:dword_405468
jnz short loc_4021A0
mov eax, [esp+18h+var_18]
sub ds:dword_405468, eax
mov eax, [esp+18h+var_18]
add ds:dword_405464, eax
cmp ds:dword_405464, 0Ch
jge loc_4022D3
mov eax, [esp+18h+var_18]
add ds:dword_405468, eax
mov eax, [esp+18h+var_18]
sub ds:dword_405464, eax
mov esi, edi
jmp loc_4022D3
; ---------------------------------------------------------------------------
loc_4021A0: ; CODE XREF: sub_402124+42�j
mov ebx, eax
test byte ptr [ebx], 2
jnz short loc_4021B4
mov eax, ebx
mov edx, [eax+8]
add [esp+18h+var_18], edx
call sub_4018E4
loc_4021B4: ; CODE XREF: sub_402124+81�j
cmp [esp+18h+var_18], 0Ch
jl short loc_4021D5
mov ebx, ebp
add ebx, esi
mov eax, [esp+18h+var_18]
or eax, 2
mov [ebx], eax
mov eax, ebx
add eax, 4
call sub_401998
jmp loc_4022D3
; ---------------------------------------------------------------------------
loc_4021D5: ; CODE XREF: sub_402124+94�j
mov esi, edi
jmp loc_4022D3
; ---------------------------------------------------------------------------
loc_4021DC: ; CODE XREF: sub_402124+2F�j
; sub_402124+1A6�j
mov eax, esi
sub eax, edi
mov [esp+18h+var_14], eax
cmp ebx, ds:dword_405468
jnz short loc_402253
mov eax, ds:dword_405464
cmp eax, [esp+18h+var_14]
jl short loc_40224A
mov eax, [esp+18h+var_14]
sub ds:dword_405464, eax
mov eax, [esp+18h+var_14]
add ds:dword_405468, eax
cmp ds:dword_405464, 0Ch
jge short loc_40222C
mov eax, ds:dword_405464
add ds:dword_405468, eax
add esi, ds:dword_405464
xor eax, eax
mov ds:dword_405464, eax
loc_40222C: ; CODE XREF: sub_402124+EE�j
mov eax, esi
sub eax, edi
add ds:dword_4053F8, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
jmp loc_4022EC
; ---------------------------------------------------------------------------
loc_40224A: ; CODE XREF: sub_402124+D1�j
call sub_401BA4
mov ebx, ebp
add ebx, edi
loc_402253: ; CODE XREF: sub_402124+C6�j
test byte ptr [ebx], 2
jnz short loc_4022A5
mov edx, ebx
mov eax, edx
mov ecx, [eax+8]
mov [esp+18h+var_18], ecx
mov ecx, [esp+18h+var_18]
cmp ecx, [esp+18h+var_14]
jnb short loc_402279
add edx, [esp+18h+var_18]
mov ebx, edx
mov eax, [esp+18h+var_18]
sub [esp+18h+var_14], eax
jmp short loc_4022A5
; ---------------------------------------------------------------------------
loc_402279: ; CODE XREF: sub_402124+145�j
call sub_4018E4
mov eax, [esp+18h+var_14]
sub [esp+18h+var_18], eax
cmp [esp+18h+var_18], 0Ch
jl short loc_402299
mov eax, ebp
add eax, esi
mov edx, [esp+18h+var_18]
call sub_401B24
jmp short loc_4022D3
; ---------------------------------------------------------------------------
loc_402299: ; CODE XREF: sub_402124+165�j
add esi, [esp+18h+var_18]
mov ebx, ebp
add ebx, esi
and dword ptr [ebx], 0FFFFFFFEh
jmp short loc_4022D3
; ---------------------------------------------------------------------------
loc_4022A5: ; CODE XREF: sub_402124+132�j
; sub_402124+153�j
mov eax, [ebx]
test eax, 80000000h
jz short loc_4022CF
and eax, 7FFFFFFCh
add eax, ebx
mov ebx, eax
mov edx, [esp+18h+var_14]
mov eax, ebx
call sub_401CA8
test al, al
jz short loc_4022CF
mov ebx, ebp
add ebx, edi
jmp loc_4021DC
; ---------------------------------------------------------------------------
loc_4022CF: ; CODE XREF: sub_402124+188�j
; sub_402124+1A0�j
xor eax, eax
jmp short loc_4022EC
; ---------------------------------------------------------------------------
loc_4022D3: ; CODE XREF: sub_402124+5D�j
; sub_402124+77�j ...
mov eax, esi
sub eax, edi
add ds:dword_4053F8, eax
mov eax, [ebp+0]
and eax, 80000003h
or esi, eax
mov [ebp+0], esi
mov al, 1
loc_4022EC: ; CODE XREF: sub_402124+121�j
; sub_402124+1AD�j
pop ecx
pop edx
pop ebp
pop edi
pop esi
pop ebx
retn
sub_402124 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4022F4 proc near ; DATA XREF: DATA:0040400C�o
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov esi, edx
mov ebx, eax
cmp ds:byte_40540D, 0
jnz short loc_40231B
call sub_40173C
test al, al
jnz short loc_40231B
xor eax, eax
mov [ebp+var_4], eax
jmp loc_4023AD
; ---------------------------------------------------------------------------
loc_40231B: ; CODE XREF: sub_4022F4+12�j
; sub_4022F4+1B�j
xor edx, edx
push ebp
push offset loc_4023A6
push dword ptr fs:[edx]
mov fs:[edx], esp
cmp ds:byte_40502A, 0
jz short loc_40233C
push offset CriticalSection ; lpCriticalSection
call EnterCriticalSection
loc_40233C: ; CODE XREF: sub_4022F4+3C�j
mov edx, esi
mov eax, ebx
call sub_402124
test al, al
jz short loc_40234E
mov [ebp+var_4], ebx
jmp short loc_402385
; ---------------------------------------------------------------------------
loc_40234E: ; CODE XREF: sub_4022F4+53�j
mov eax, esi
call sub_401DF8
mov edi, eax
mov eax, ebx
sub eax, 4
mov eax, [eax]
and eax, 7FFFFFFCh
sub eax, 4
cmp esi, eax
jge short loc_40236C
mov eax, esi
loc_40236C: ; CODE XREF: sub_4022F4+74�j
test edi, edi
jz short loc_402382
mov ecx, eax
mov edx, edi
mov eax, ebx
call sub_402438
mov eax, ebx
call sub_401F80
loc_402382: ; CODE XREF: sub_4022F4+7A�j
mov [ebp+var_4], edi
loc_402385: ; CODE XREF: sub_4022F4+58�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4023AD
loc_402392: ; CODE XREF: sub_4022F4+B7�j
cmp ds:byte_40502A, 0
jz short loc_4023A5
push offset CriticalSection ; lpCriticalSection
call LeaveCriticalSection
loc_4023A5: ; CODE XREF: sub_4022F4+A5�j
retn
; ---------------------------------------------------------------------------
loc_4023A6: ; DATA XREF: sub_4022F4+2A�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_402392
; ---------------------------------------------------------------------------
loc_4023AD: ; CODE XREF: sub_4022F4+22�j
; sub_4022F4:loc_4023A5�j
; DATA XREF: ...
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
pop ecx
pop ebp
retn
sub_4022F4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4023B8 proc near ; CODE XREF: sub_402A60+8�p
; sub_403470+B8�p
test eax, eax
jz short locret_4023C6
call ds:off_404004
or eax, eax
jz short loc_4023C7
locret_4023C6: ; CODE XREF: sub_4023B8+2�j
retn
; ---------------------------------------------------------------------------
loc_4023C7: ; CODE XREF: sub_4023B8+C�j
mov al, 1
jmp loc_4023E8
sub_4023B8 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4023D0 proc near ; CODE XREF: sub_402A10+1A�p
; sub_402A30+20�p ...
test eax, eax
jz short locret_4023DE
call ds:off_404008
or eax, eax
jnz short loc_4023DF
locret_4023DE: ; CODE XREF: sub_4023D0+2�j
retn
; ---------------------------------------------------------------------------
loc_4023DF: ; CODE XREF: sub_4023D0+C�j
mov al, 2
jmp loc_4023E8
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
loc_4023E8: ; CODE XREF: sub_4023B8+11�j
; sub_4023D0+11�j
and eax, 7Fh
mov ecx, ds:dword_405004
test ecx, ecx
jz short loc_4023F8
pop edx
call ecx ; dword_405004
loc_4023F8: ; CODE XREF: sub_4023D0+23�j
dec eax
mov al, byte_402411[eax]
jns short loc_40240C
call sub_4029CC
loc_402406: ; CODE XREF: CODE:00402423�j
mov eax, [eax+4]
loc_40240C: ; CODE XREF: sub_4023D0+2F�j
jmp sub_402F01
sub_4023D0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
byte_402411 db 0CBh ; DATA XREF: sub_4023D0+29�r
db 0CCh
; ---------------------------------------------------------------------------
enter 0FFFFD7C9h, 0CFh
enter 0FFFFCECDh, 0DBh
fmul st, st(2)
fstp1 st(2)
fcomp st(5)
fcompp st(7), st
loopne loc_402406
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402428 proc near ; CODE XREF: CODE:loc_402D5B�j
; sub_403027:loc_402D80�j ...
push eax
call sub_4029CC
pop dword ptr [eax+4]
retn
sub_402428 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402438 proc near ; CODE XREF: sub_4022F4+82�p
; sub_402A84+1C�p ...
push esi
push edi
mov esi, eax
mov edi, edx
mov eax, ecx
cmp edi, esi
jg short loc_402457
jz short loc_402475
sar ecx, 2
js short loc_402475
rep movsd
mov ecx, eax
and ecx, 3
rep movsb
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_402457: ; CODE XREF: sub_402438+A�j
lea esi, [esi+ecx-4]
lea edi, [edi+ecx-4]
sar ecx, 2
js short loc_402475
std
rep movsd
mov ecx, eax
and ecx, 3
add esi, 3
add edi, 3
rep movsb
cld
loc_402475: ; CODE XREF: sub_402438+C�j
; sub_402438+11�j ...
pop edi
pop esi
retn
sub_402438 endp
; =============== S U B R O U T I N E =======================================
sub_402478 proc near ; CODE XREF: sub_4024E4+3A�p
var_108 = byte ptr -108h
push ebx
push esi
add esp, 0FFFFFF00h
mov ebx, eax
jmp short loc_402485
; ---------------------------------------------------------------------------
loc_402484: ; CODE XREF: sub_402478+15�j
inc ebx
loc_402485: ; CODE XREF: sub_402478+A�j
; sub_402478+25�j
mov al, [ebx]
test al, al
jz short loc_40248F
cmp al, 20h
jbe short loc_402484
loc_40248F: ; CODE XREF: sub_402478+11�j
cmp byte ptr [ebx], 22h
jnz short loc_40249F
cmp byte ptr [ebx+1], 22h
jnz short loc_40249F
add ebx, 2
jmp short loc_402485
; ---------------------------------------------------------------------------
loc_40249F: ; CODE XREF: sub_402478+1A�j
; sub_402478+20�j
xor esi, esi
jmp short loc_4024C6
; ---------------------------------------------------------------------------
loc_4024A3: ; CODE XREF: sub_402478+52�j
cmp al, 22h
jnz short loc_4024C1
inc ebx
jmp short loc_4024AF
; ---------------------------------------------------------------------------
loc_4024AA: ; CODE XREF: sub_402478+3F�j
mov [esp+esi+108h+var_108], al
inc esi
inc ebx
loc_4024AF: ; CODE XREF: sub_402478+30�j
mov al, [ebx]
test al, al
jz short loc_4024B9
cmp al, 22h
jnz short loc_4024AA
loc_4024B9: ; CODE XREF: sub_402478+3B�j
cmp byte ptr [ebx], 0
jz short loc_4024C6
inc ebx
jmp short loc_4024C6
; ---------------------------------------------------------------------------
loc_4024C1: ; CODE XREF: sub_402478+2D�j
mov [esp+esi+108h+var_108], al
inc esi
inc ebx
loc_4024C6: ; CODE XREF: sub_402478+29�j
; sub_402478+44�j ...
mov al, [ebx]
cmp al, 20h
ja short loc_4024A3
mov eax, edx
mov edx, esp
mov ecx, esi
call sub_402A84
mov eax, ebx
add esp, 100h
pop esi
pop ebx
retn
sub_402478 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4024E4 proc near ; CODE XREF: sub_4035D8+7E�p
Filename = byte ptr -114h
push ebx
push esi
push edi
add esp, 0FFFFFEF8h
mov esi, edx
mov ebx, eax
test ebx, ebx
jnz short loc_402513
push 105h ; nSize
lea eax, [esp+118h+Filename]
push eax ; lpFilename
push 0 ; hModule
call GetModuleFileNameA ; GetModuleFileNameA
mov ecx, eax
mov edx, esp
mov eax, esi
call sub_402A84
jmp short loc_402531
; ---------------------------------------------------------------------------
loc_402513: ; CODE XREF: sub_4024E4+F�j
call GetCommandLineA ; GetCommandLineA
mov edi, eax
loc_40251A: ; CODE XREF: sub_4024E4+4B�j
mov edx, esi
mov eax, edi
call sub_402478
mov edi, eax
test ebx, ebx
jz short loc_402531
cmp dword ptr [esi], 0
jz short loc_402531
dec ebx
jmp short loc_40251A
; ---------------------------------------------------------------------------
loc_402531: ; CODE XREF: sub_4024E4+2D�j
; sub_4024E4+43�j ...
add esp, 108h
pop edi
pop esi
pop ebx
retn
sub_4024E4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40253C proc near ; CODE XREF: sub_4035D8-F99�p
; CODE:0040289D�p ...
fninit
wait
fldcw ds:word_404010
retn
sub_40253C endp
; ---------------------------------------------------------------------------
align 4
loc_402548: ; CODE XREF: CODE:004026D8�j
test eax, eax
jz short locret_402553
mov ecx, [eax]
mov dl, 1
call dword ptr [ecx-4]
locret_402553: ; CODE XREF: CODE:0040254A�j
retn
; =============== S U B R O U T I N E =======================================
sub_402554 proc near ; CODE XREF: sub_4035D8-F78�p
cmp ds:byte_404000, 0
jz short locret_402573
push eax
push eax
push edx
push esp ; lpArguments
push 2 ; nNumberOfArguments
push 0 ; dwExceptionFlags
push 0EEDFAD4h ; dwExceptionCode
call RaiseException ; RaiseException
add esp, 8
pop eax
locret_402573: ; CODE XREF: sub_402554+7�j
retn
sub_402554 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_402588
loc_402574: ; CODE XREF: sub_402588+B�j
push esp ; lpArguments
push 1 ; nNumberOfArguments
push 0 ; dwExceptionFlags
push 0EEDFAD0h ; dwExceptionCode
call RaiseException ; RaiseException
add esp, 4
pop eax
retn
; END OF FUNCTION CHUNK FOR sub_402588
; =============== S U B R O U T I N E =======================================
sub_402588 proc near ; CODE XREF: sub_4035D8-F22�p
; FUNCTION CHUNK AT 00402574 SIZE 00000014 BYTES
cmp ds:byte_404000, 1
jbe short locret_402598
push eax
push ebx
jmp loc_402574
; ---------------------------------------------------------------------------
locret_402598: ; CODE XREF: sub_402588+7�j
retn
sub_402588 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40259C proc near ; CODE XREF: sub_4025BC+C�p
test ecx, ecx
jz short locret_4025B9
mov eax, [ecx+1]
cmp byte ptr [ecx], 0E9h
jz short loc_4025B4
cmp byte ptr [ecx], 0EBh
jnz short locret_4025B9
movsx eax, al
inc ecx
inc ecx
jmp short loc_4025B7
; ---------------------------------------------------------------------------
loc_4025B4: ; CODE XREF: sub_40259C+A�j
add ecx, 5
loc_4025B7: ; CODE XREF: sub_40259C+16�j
add ecx, eax
locret_4025B9: ; CODE XREF: sub_40259C+2�j
; sub_40259C+F�j
retn
sub_40259C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4025BC proc near ; CODE XREF: sub_40173C+FCD�p
cmp ds:byte_404000, 1
jbe short locret_4025E1
push eax
push edx
push ecx
call sub_40259C
push ecx
push esp ; lpArguments
push 1 ; nNumberOfArguments
push 0 ; dwExceptionFlags
push 0EEDFAD1h ; dwExceptionCode
call RaiseException ; RaiseException
pop ecx
pop ecx
pop edx
pop eax
locret_4025E1: ; CODE XREF: sub_4025BC+7�j
retn
sub_4025BC endp
; ---------------------------------------------------------------------------
align 4
cmp ds:byte_404000, 1
jbe short locret_4025FE
push edx
push esp
push 1
push 0
push 0EEDFAD2h
call RaiseException ; RaiseException
pop edx
locret_4025FE: ; CODE XREF: CODE:004025EB�j
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402600 proc near ; CODE XREF: CODE:loc_4028E3�p
cmp ds:byte_404000, 1
jbe short locret_40261C
push eax
push edx
push esp ; lpArguments
push 2 ; nNumberOfArguments
push 0 ; dwExceptionFlags
push 0EEDFAD3h ; dwExceptionCode
call RaiseException ; RaiseException
pop edx
pop eax
locret_40261C: ; CODE XREF: sub_402600+7�j
retn
sub_402600 endp
; ---------------------------------------------------------------------------
align 10h
; START OF FUNCTION CHUNK FOR sub_4035D8
loc_402620: ; CODE XREF: sub_4035D8:loc_40368F�j
mov eax, [esp-4+arg_0]
test dword ptr [eax+4], 6
jnz loc_4026DD
cmp dword ptr [eax], 0EEDFACEh
mov edx, [eax+18h]
mov ecx, [eax+14h]
jz short loc_40266E
call sub_40253C
mov edx, ds:dword_405008
test edx, edx
jz loc_4026DD
call edx ; dword_405008
test eax, eax
jz loc_4026DD
mov edx, [esp-4+arg_8]
call sub_402554
mov edx, eax
mov eax, [esp-4+arg_0]
mov ecx, [eax+0Ch]
loc_40266E: ; CODE XREF: sub_4035D8-F9B�j
or dword ptr [eax+4], 2
push ebx
xor ebx, ebx
push esi
push edi
push ebp
mov ebx, fs:[ebx]
push ebx
push eax
push edx
push ecx
mov edx, [esp+1Ch+arg_4]
push 0
push eax
push offset loc_402691
push edx
call RtlUnwind ; RtlUnwind
loc_402691: ; DATA XREF: sub_4035D8-F52�o
mov edi, [esp+2Ch+var_4]
call sub_4029CC
push dword ptr [eax+0]
mov [eax+0], esp
mov ebp, [edi+8]
mov ebx, [edi+4]
mov dword ptr [edi+4], offset sub_4026BD
add ebx, 5
call sub_402588
jmp ebx
; END OF FUNCTION CHUNK FOR sub_4035D8
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4026BD proc near ; DATA XREF: sub_4035D8-F2C�o
jmp loc_4026E4
sub_4026BD endp
; ---------------------------------------------------------------------------
call sub_4029CC
mov ecx, [eax+0]
mov edx, [ecx]
mov [eax+0], edx
mov eax, [ecx+8]
jmp loc_402548
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4035D8
loc_4026DD: ; CODE XREF: sub_4035D8-FAD�j
; sub_4035D8-F8C�j ...
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_4035D8
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_40173C
loc_4026E4: ; CODE XREF: sub_40173C:loc_4017F2�j
; sub_401800:loc_4018D8�j ...
mov eax, [esp+4]
mov edx, [esp+arg_0]
test dword ptr [eax+4], 6
jz short loc_402714
mov ecx, [edx+4]
mov dword ptr [edx+4], offset loc_402714
push ebx
push esi
push edi
push ebp
mov ebp, [edx+8]
add ecx, 5
call sub_4025BC
call ecx
pop ebp
pop edi
pop esi
pop ebx
loc_402714: ; CODE XREF: sub_40173C+FB7�j
; DATA XREF: sub_40173C+FBC�o
mov eax, 1
retn
; END OF FUNCTION CHUNK FOR sub_40173C
; ---------------------------------------------------------------------------
align 4
dword_40271C dd 68ED3155h, 40274Ch, 75FF64h, 658964h, 0E74F685h, 8B4E0A78h
; DATA XREF: sub_402954+27�o
dd 554EB72Ch, 2EBF979h, 0D3FF2FDBh, 0C931D231h, 1B847EBh
dd 0C3000000h, 0FFFDEBE8h, 24448BFFh, 24548B04h, 440F708h
dd 6, 4883E475h, 6A0204h, 27746850h, 0E8520040h, 0FFFFE8D8h
dd 424448Bh, 508B088Bh, 0CEF98118h, 750EEDFAh, 14408B05h
dd 408B03EBh, 64ED310Ch, 6400658Bh, 5D00458Fh, 408DC3h
dd 22BE8h, 908B00h, 8B000000h, 88890Ah, 8B000000h, 91E80842h
dd 5AFFFFFDh, 2C24648Bh, 6459C031h, 5D580889h, 0FFFE1BE8h
dd 0C3E2FFFFh
; =============== S U B R O U T I N E =======================================
sub_4027CC proc near ; CODE XREF: sub_401DF8+ED�p
; sub_401DF8+142�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
xor edx, edx
mov ecx, [esp+arg_4]
mov eax, [esp+arg_0]
add ecx, 5
mov fs:[edx], eax
call ecx
retn 0Ch
sub_4027CC endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4027E4 proc near ; CODE XREF: CODE:00402887�p
mov [esp+0], edx
jmp sub_402F01
sub_4027E4 endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
align 10h
loc_4027F0: ; CODE XREF: CODE:004028CE�j
; CODE:004028DA�j
push ebp
mov ebp, esp
mov edx, [ebp+8]
mov eax, [edx]
cmp eax, 0C0000092h
jg short loc_40282B
jz short loc_40285D
cmp eax, 0C000008Eh
jg short loc_40281D
jz short loc_402861
sub eax, 0C0000005h
jz short loc_40286D
sub eax, 87h
jz short loc_402855
dec eax
jz short loc_402869
jmp short loc_40287D
; ---------------------------------------------------------------------------
loc_40281D: ; CODE XREF: CODE:00402806�j
add eax, 3FFFFF71h
sub eax, 2
jb short loc_40285D
jz short loc_402859
jmp short loc_40287D
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: CODE:004027FD�j
cmp eax, 0C0000096h
jg short loc_402843
jz short loc_402871
sub eax, 0C0000093h
jz short loc_402869
dec eax
jz short loc_402851
dec eax
jz short loc_402865
jmp short loc_40287D
; ---------------------------------------------------------------------------
loc_402843: ; CODE XREF: CODE:00402830�j
sub eax, 0C00000FDh
jz short loc_402879
sub eax, 3Dh
jz short loc_402875
jmp short loc_40287D
; ---------------------------------------------------------------------------
loc_402851: ; CODE XREF: CODE:0040283C�j
mov al, 0C8h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402855: ; CODE XREF: CODE:00402816�j
mov al, 0C9h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402859: ; CODE XREF: CODE:00402827�j
mov al, 0CDh
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: CODE:004027FF�j
; CODE:00402825�j
mov al, 0CFh
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402861: ; CODE XREF: CODE:00402808�j
mov al, 0C8h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402865: ; CODE XREF: CODE:0040283F�j
mov al, 0D7h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402869: ; CODE XREF: CODE:00402819�j
; CODE:00402839�j
mov al, 0CEh
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_40286D: ; CODE XREF: CODE:0040280F�j
mov al, 0D8h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402871: ; CODE XREF: CODE:00402832�j
mov al, 0DAh
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402875: ; CODE XREF: CODE:0040284D�j
mov al, 0D9h
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_402879: ; CODE XREF: CODE:00402848�j
mov al, 0CAh
jmp short loc_40287F
; ---------------------------------------------------------------------------
loc_40287D: ; CODE XREF: CODE:0040281B�j
; CODE:00402829�j ...
mov al, 0D9h
loc_40287F: ; CODE XREF: CODE:00402853�j
; CODE:00402857�j ...
and eax, 0FFh
mov edx, [edx+0Ch]
call sub_4027E4
pop ebp
retn 4
; ---------------------------------------------------------------------------
loc_402890: ; DATA XREF: sub_40290C+D�o
mov eax, [esp+4]
test dword ptr [eax+4], 6
jnz short loc_402908
call sub_40253C
mov edx, [esp+8]
push 0
push eax
push offset loc_4028B4
push edx
call RtlUnwind ; RtlUnwind
loc_4028B4: ; DATA XREF: CODE:004028A9�o
mov ebx, [esp+4]
cmp dword ptr [ebx], 0EEDFACEh
mov edx, [ebx+14h]
mov eax, [ebx+18h]
jz short loc_4028E3
mov edx, ds:dword_405008
test edx, edx
jz loc_4027F0
mov eax, ebx
call edx ; dword_405008
test eax, eax
jz loc_4027F0
mov edx, [ebx+0Ch]
loc_4028E3: ; CODE XREF: CODE:004028C4�j
call sub_402600
mov ecx, ds:dword_405000
test ecx, ecx
jz short loc_4028F4
call ecx ; dword_405000
loc_4028F4: ; CODE XREF: CODE:004028F0�j
mov ecx, [esp+4]
mov eax, 0D9h
mov edx, [ecx+14h]
mov [esp], edx
jmp sub_402F01
; ---------------------------------------------------------------------------
loc_402908: ; CODE XREF: CODE:0040289B�j
xor eax, eax
retn
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40290C proc near ; CODE XREF: sub_402954�p
xor edx, edx
lea eax, [ebp-0Ch]
mov ecx, fs:[edx]
mov fs:[edx], eax
mov [eax], ecx
mov dword ptr [eax+4], offset loc_402890
mov [eax+8], ebp
mov ds:dword_405480, eax
retn
sub_40290C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_40292C proc near ; CODE XREF: sub_402EEC-52�p
; sub_402EEC:loc_402EAA�p
xor edx, edx
mov eax, ds:dword_405480
mov ecx, fs:[edx]
cmp eax, ecx
jnz short loc_402943
mov eax, [eax]
mov fs:[edx], eax
retn
; ---------------------------------------------------------------------------
loc_402941: ; CODE XREF: sub_40292C+1E�j
mov ecx, [ecx]
loc_402943: ; CODE XREF: sub_40292C+D�j
cmp ecx, 0FFFFFFFFh
jz short locret_402950
cmp [ecx], eax
jnz short loc_402941
mov eax, [eax]
mov [ecx], eax
locret_402950: ; CODE XREF: sub_40292C+1A�j
retn
sub_40292C endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402954 proc near ; CODE XREF: start+6�p
call sub_40290C
push 0 ; lpModuleName
call GetModuleHandleA ; GetModuleHandleA
mov ds:dword_40500C, eax
call GetCommandLineA ; GetCommandLineA
mov ds:dword_405014, eax
mov ds:dword_405010, 0Ah
mov eax, offset dword_40271C
retn
sub_402954 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402984 proc near ; CODE XREF: sub_4029CC:loc_4029E7�p
push ebx
cmp ds:TlsIndex, 0
jge short loc_402998
mov eax, 0E2h
call sub_402F01
loc_402998: ; CODE XREF: sub_402984+8�j
push 8 ; uBytes
push 40h ; uFlags
call LocalAlloc ; LocalAlloc
mov ebx, eax
test ebx, ebx
jnz short loc_4029B6
mov eax, 0E2h
call sub_402F01
jmp short loc_4029C2
; ---------------------------------------------------------------------------
loc_4029B6: ; CODE XREF: sub_402984+24�j
push ebx ; lpTlsValue
mov eax, ds:TlsIndex
push eax ; dwTlsIndex
call TlsSetValue ; TlsSetValue
loc_4029C2: ; CODE XREF: sub_402984+30�j
mov ds:dword_405484, ebx
pop ebx
retn
sub_402984 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_4029CC proc near ; CODE XREF: sub_4023D0+31�p
; sub_402428+1�p ...
mov cl, ds:byte_405028
mov eax, ds:TlsIndex
test cl, cl
jnz short loc_402A04
mov edx, large fs:2Ch
mov eax, [edx+eax*4]
retn
; ---------------------------------------------------------------------------
loc_4029E7: ; CODE XREF: sub_4029CC+40�j
call sub_402984
mov eax, ds:TlsIndex
push eax ; dwTlsIndex
call TlsGetValue ; TlsGetValue
test eax, eax
jz short loc_4029FD
retn
; ---------------------------------------------------------------------------
loc_4029FD: ; CODE XREF: sub_4029CC+2E�j
mov eax, ds:dword_405484
retn
; ---------------------------------------------------------------------------
loc_402A04: ; CODE XREF: sub_4029CC+E�j
push eax ; dwTlsIndex
call TlsGetValue ; TlsGetValue
test eax, eax
jz short loc_4029E7
retn
sub_4029CC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402A10 proc near ; CODE XREF: sub_402A84+23�p
; sub_403278+70�p ...
mov edx, [eax]
test edx, edx
jz short locret_402A2F
mov dword ptr [eax], 0
mov ecx, [edx-8]
dec ecx
jl short locret_402A2F
mov [edx-8], ecx
jnz short locret_402A2F
lea eax, [edx-8]
call sub_4023D0
locret_402A2F: ; CODE XREF: sub_402A10+4�j
; sub_402A10+10�j ...
retn
sub_402A10 endp
; =============== S U B R O U T I N E =======================================
sub_402A30 proc near ; CODE XREF: sub_4035D8+F7�p
push ebx
push esi
mov ebx, eax
mov esi, edx
loc_402A36: ; CODE XREF: sub_402A30+29�j
mov edx, [ebx]
test edx, edx
jz short loc_402A55
mov dword ptr [ebx], 0
mov ecx, [edx-8]
dec ecx
jl short loc_402A55
mov [edx-8], ecx
jnz short loc_402A55
lea eax, [edx-8]
call sub_4023D0
loc_402A55: ; CODE XREF: sub_402A30+A�j
; sub_402A30+16�j ...
add ebx, 4
dec esi
jnz short loc_402A36
pop esi
pop ebx
retn
sub_402A30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_402A60 proc near ; CODE XREF: sub_402A84+B�p
test eax, eax
jle short loc_402A80
push eax
add eax, 9
call sub_4023B8
add eax, 8
pop edx
mov [eax-4], edx
mov dword ptr [eax-8], 1
mov byte ptr [eax+edx], 0
retn
; ---------------------------------------------------------------------------
loc_402A80: ; CODE XREF: sub_402A60+2�j
xor eax, eax
retn
sub_402A60 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402A84 proc near ; CODE XREF: sub_402478+5A�p
; sub_4024E4+28�p ...
push ebx
push esi
push edi
mov ebx, eax
mov esi, edx
mov edi, ecx
mov eax, edi
call sub_402A60
mov ecx, edi
mov edi, eax
test esi, esi
jz short loc_402AA5
mov edx, eax
mov eax, esi
call sub_402438
loc_402AA5: ; CODE XREF: sub_402A84+16�j
mov eax, ebx
call sub_402A10
mov [ebx], edi
pop edi
pop esi
pop ebx
retn
sub_402A84 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402AB4 proc near ; CODE XREF: sub_403278+67�p
push edi
push eax
push ecx
mov edi, edx
xor eax, eax
repne scasb
jnz short loc_402AC1
not ecx
loc_402AC1: ; CODE XREF: sub_402AB4+9�j
pop eax
add ecx, eax
pop eax
pop edi
jmp sub_402A84
sub_402AB4 endp
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_402ACC proc near ; CODE XREF: sub_403278+14�p
test eax, eax
jz short locret_402AD9
mov edx, [eax-8]
inc edx
jle short locret_402AD9
mov [eax-8], edx
locret_402AD9: ; CODE XREF: sub_402ACC+2�j
; sub_402ACC+8�j
retn
sub_402ACC endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402ADC proc near ; CODE XREF: sub_403278+44�p
; sub_403314+E�p ...
test eax, eax
jz short loc_402AE2
retn
; ---------------------------------------------------------------------------
byte_402AE1 db 0 ; DATA XREF: sub_402ADC:loc_402AE2�o
; ---------------------------------------------------------------------------
loc_402AE2: ; CODE XREF: sub_402ADC+2�j
mov eax, offset byte_402AE1
retn
sub_402ADC endp
; =============== S U B R O U T I N E =======================================
sub_402AE8 proc near ; DATA XREF: CODE:00402B86�o
xor edx, edx
mov [eax+10h], edx
mov [eax+0Ch], edx
push edx ; lpOverlapped
lea edx, [eax+10h]
push edx ; lpNumberOfBytesRead
push dword ptr [eax+8] ; nNumberOfBytesToRead
push dword ptr [eax+14h] ; lpBuffer
push dword ptr [eax] ; hFile
call ReadFile ; ReadFile
test eax, eax
jz short loc_402B09
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_402B09: ; CODE XREF: sub_402AE8+1C�j
call GetLastError
retn
sub_402AE8 endp
; =============== S U B R O U T I N E =======================================
sub_402B0F proc near ; DATA XREF: CODE:00402BBD�o
; CODE:loc_402C7C�o
xor eax, eax
retn
sub_402B0F endp
; =============== S U B R O U T I N E =======================================
sub_402B12 proc near ; DATA XREF: CODE:loc_402BAF�o
; CODE:00402CB7�o
NumberOfBytesWritten= dword ptr -4
push ecx
mov edx, [eax+0Ch]
test edx, edx
jle short loc_402B34
xor ecx, ecx
mov [eax+0Ch], ecx
push ecx ; lpOverlapped
lea ecx, [esp+8+NumberOfBytesWritten]
push ecx ; lpNumberOfBytesWritten
push edx ; nNumberOfBytesToWrite
push dword ptr [eax+14h] ; lpBuffer
push dword ptr [eax] ; hFile
call WriteFile ; WriteFile
test eax, eax
jz short loc_402B38
loc_402B34: ; CODE XREF: sub_402B12+6�j
xor eax, eax
loc_402B36: ; CODE XREF: sub_402B12+2B�j
pop ecx
retn
; ---------------------------------------------------------------------------
loc_402B38: ; CODE XREF: sub_402B12+20�j
call GetLastError
jmp short loc_402B36
sub_402B12 endp
; ---------------------------------------------------------------------------
loc_402B3F: ; DATA XREF: CODE:loc_402BB6�o
push dword ptr [eax]
mov dword ptr [eax+4], 0D7B0h
call CloseHandle ; CloseHandle
dec eax
jnz short loc_402B51
retn
; ---------------------------------------------------------------------------
loc_402B51: ; CODE XREF: CODE:00402B4E�j
call GetLastError
retn
; ---------------------------------------------------------------------------
loc_402B57: ; DATA XREF: sub_402CE5+21�o
push esi
mov esi, eax
xor eax, eax
mov [esi+0Ch], eax
mov [esi+10h], eax
mov eax, [esi+4]
sub eax, 0D7B1h
jz short loc_402B77
dec eax
jz short loc_402B8F
dec eax
jz short loc_402BA0
jmp loc_402CC0
; ---------------------------------------------------------------------------
loc_402B77: ; CODE XREF: CODE:00402B6A�j
mov eax, 80000000h
mov edx, 2
mov ecx, 3
mov dword ptr [esi+1Ch], offset sub_402AE8
jmp short loc_402BB6
; ---------------------------------------------------------------------------
loc_402B8F: ; CODE XREF: CODE:00402B6D�j
mov eax, 40000000h
mov edx, 1
mov ecx, 2
jmp short loc_402BAF
; ---------------------------------------------------------------------------
loc_402BA0: ; CODE XREF: CODE:00402B70�j
mov eax, 0C0000000h
mov edx, 1
mov ecx, 3
loc_402BAF: ; CODE XREF: CODE:00402B9E�j
mov dword ptr [esi+1Ch], offset sub_402B12
loc_402BB6: ; CODE XREF: CODE:00402B8D�j
mov dword ptr [esi+24h], offset loc_402B3F
mov dword ptr [esi+20h], offset sub_402B0F
cmp byte ptr [esi+48h], 0
jz loc_402C7C
push 0
push 80h
push ecx
push 0
push edx
push eax
lea eax, [esi+48h]
push eax
call CreateFileA ; CreateFileA
cmp eax, 0FFFFFFFFh
jz loc_402CD7
mov [esi], eax
cmp dword ptr [esi+4], 0D7B3h
jnz loc_402C9E
dec dword ptr [esi+4]
push 0
push dword ptr [esi]
call GetFileSize ; GetFileSize
inc eax
jz loc_402CD7
sub eax, 81h
jnb short loc_402C17
xor eax, eax
loc_402C17: ; CODE XREF: CODE:00402C13�j
push 0
push 0
push eax
push dword ptr [esi]
call SetFilePointer ; SetFilePointer
inc eax
jz loc_402CD7
push 0
mov edx, esp
push 0
push edx
push 80h
lea edx, [esi+14Ch]
push edx
push dword ptr [esi]
call ReadFile ; ReadFile
pop edx
dec eax
jnz loc_402CD7
xor eax, eax
loc_402C4E: ; CODE XREF: CODE:00402C5D�j
cmp eax, edx
jnb short loc_402C9E
cmp byte ptr [esi+eax+14Ch], 1Ah
jz short loc_402C5F
inc eax
jmp short loc_402C4E
; ---------------------------------------------------------------------------
loc_402C5F: ; CODE XREF: CODE:00402C5A�j
push 2
push 0
sub eax, edx
push eax
push dword ptr [esi]
call SetFilePointer ; SetFilePointer
inc eax
jz short loc_402CD7
push dword ptr [esi]
call SetEndOfFile ; SetEndOfFile
dec eax
jnz short loc_402CD7
jmp short loc_402C9E
; ---------------------------------------------------------------------------
loc_402C7C: ; CODE XREF: CODE:00402BC8�j
mov dword ptr [esi+24h], offset sub_402B0F
cmp dword ptr [esi+4], 0D7B2h
jz short loc_402C90
push 0FFFFFFF6h
jmp short loc_402C92
; ---------------------------------------------------------------------------
loc_402C90: ; CODE XREF: CODE:00402C8A�j
push 0FFFFFFF5h
loc_402C92: ; CODE XREF: CODE:00402C8E�j
call GetStdHandle ; GetStdHandle
cmp eax, 0FFFFFFFFh
jz short loc_402CD7
mov [esi], eax
loc_402C9E: ; CODE XREF: CODE:00402BF5�j
; CODE:00402C50�j ...
cmp dword ptr [esi+4], 0D7B1h
jz short loc_402CBE
push dword ptr [esi]
call GetFileType ; GetFileType
test eax, eax
jz short loc_402CC2
cmp eax, 2
jnz short loc_402CBE
mov dword ptr [esi+20h], offset sub_402B12
loc_402CBE: ; CODE XREF: CODE:00402CA5�j
; CODE:00402CB5�j
xor eax, eax
loc_402CC0: ; CODE XREF: CODE:00402B72�j
; CODE:00402CD5�j ...
pop esi
retn
; ---------------------------------------------------------------------------
loc_402CC2: ; CODE XREF: CODE:00402CB0�j
push dword ptr [esi]
call CloseHandle ; CloseHandle
mov dword ptr [esi+4], 0D7B0h
mov eax, 69h
jmp short loc_402CC0
; ---------------------------------------------------------------------------
loc_402CD7: ; CODE XREF: CODE:00402BE6�j
; CODE:00402C08�j ...
mov dword ptr [esi+4], 0D7B0h
call GetLastError
jmp short loc_402CC0
; =============== S U B R O U T I N E =======================================
sub_402CE5 proc near ; CODE XREF: sub_4030D4+80�p
; sub_4030D4+8F�p
lea ecx, [eax+14Ch]
mov [eax+14h], ecx
xor ecx, ecx
mov [eax], ecx
mov dword ptr [eax+4], 0D7B0h
mov dword ptr [eax+8], 80h
mov [eax+0Ch], ecx
mov [eax+10h], ecx
mov dword ptr [eax+18h], offset loc_402B57
mov [eax+1Ch], ecx
mov [eax+20h], ecx
mov [eax+24h], ecx
lea eax, [eax+48h]
test edx, edx
jz short loc_402D38
mov ch, 82h
loc_402D1F: ; CODE XREF: sub_402CE5+50�j
mov cl, [edx]
inc edx
mov [eax], cl
inc eax
test cl, cl
jz short locret_402D3A
mov cl, [edx]
inc edx
mov [eax], cl
inc eax
test cl, cl
jz short locret_402D3A
dec ch
jnz short loc_402D1F
dec eax
loc_402D38: ; CODE XREF: sub_402CE5+36�j
mov [eax], ch
locret_402D3A: ; CODE XREF: sub_402CE5+42�j
; sub_402CE5+4C�j
retn
sub_402CE5 endp
; ---------------------------------------------------------------------------
mov edx, [eax+4]
cmp edx, 0D7B2h
jnz short loc_402D4E
call dword ptr [eax+1Ch]
test eax, eax
jnz short loc_402D5B
locret_402D4D: ; CODE XREF: CODE:00402D54�j
retn
; ---------------------------------------------------------------------------
loc_402D4E: ; CODE XREF: CODE:00402D44�j
cmp edx, 0D7B1h
jz short locret_402D4D
mov eax, 67h
loc_402D5B: ; CODE XREF: CODE:00402D4B�j
jmp sub_402428
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_403027
loc_402D60: ; CODE XREF: sub_403027+F�j
mov edx, [eax+4]
cmp edx, 0D7B2h
jnz short loc_402D73
call dword ptr [eax+20h]
test eax, eax
jnz short loc_402D80
locret_402D72: ; CODE XREF: sub_403027-2AE�j
retn
; ---------------------------------------------------------------------------
loc_402D73: ; CODE XREF: sub_403027-2BE�j
cmp edx, 0D7B1h
jz short locret_402D72
mov eax, 67h
loc_402D80: ; CODE XREF: sub_403027-2B7�j
jmp sub_402428
; END OF FUNCTION CHUNK FOR sub_403027
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_402D88 proc near ; CODE XREF: sub_402EEC-6F�p
; sub_402EEC-65�p ...
push ebx
mov ebx, eax
mov edx, [eax+4]
sub edx, 0D7B1h
jz short loc_402DA4
cmp edx, 2
ja short loc_402DB4
call dword ptr [eax+1Ch]
test eax, eax
jnz short loc_402DAD
mov eax, ebx
loc_402DA4: ; CODE XREF: sub_402D88+C�j
call dword ptr [ebx+24h]
test eax, eax
jnz short loc_402DAD
loc_402DAB: ; CODE XREF: sub_402D88+2A�j
; sub_402D88+31�j
pop ebx
retn
; ---------------------------------------------------------------------------
loc_402DAD: ; CODE XREF: sub_402D88+18�j
; sub_402D88+21�j ...
call sub_402428
jmp short loc_402DAB
; ---------------------------------------------------------------------------
loc_402DB4: ; CODE XREF: sub_402D88+11�j
cmp eax, offset dword_405030
jz short loc_402DAB
mov eax, 67h
jmp short loc_402DAD
sub_402D88 endp
; ---------------------------------------------------------------------------
align 4
; START OF FUNCTION CHUNK FOR sub_402EEC
loc_402DC4: ; CODE XREF: sub_402EEC+C�j
; sub_402F01+6�j
mov ds:uExitCode, eax
cmp ds:byte_405028, 0
jz short loc_402DE9
cmp ds:byte_40540C, 1
jb loc_402E9F
jz short loc_402DE9
or eax, eax
jz loc_402EAA
loc_402DE9: ; CODE XREF: sub_402EEC-11C�j
; sub_402EEC-10D�j ...
mov eax, ds:dword_40501C
or eax, eax
jz short loc_402DFE
xor edx, edx
mov ds:dword_40501C, edx
call eax
jmp short loc_402DE9
; ---------------------------------------------------------------------------
loc_402DFE: ; CODE XREF: sub_402EEC-FC�j
cmp ds:dword_405020, 0
jz short loc_402E78
mov eax, ds:uExitCode
mov ebx, offset aAt00000000 ; " at 00000000"
mov ecx, 0Ah
loc_402E16: ; CODE XREF: sub_402EEC-CA�j
xor edx, edx
div ecx
add dl, 30h
mov [ebx], dl
dec ebx
test eax, eax
jnz short loc_402E16
mov ebx, 404030h
mov eax, ds:dword_405020
sub eax, offset nullsub_1
loc_402E33: ; CODE XREF: sub_402EEC-A8�j
mov edx, eax
and edx, 0Fh
mov dl, byte_402EDC[edx]
mov [ebx], dl
dec ebx
shr eax, 4
jnz short loc_402E33
cmp ds:byte_405029, 0
jnz short loc_402E64
push 0 ; uType
push offset Caption ; "Error"
push offset Text ; "Runtime error "
push 0 ; hWnd
call MessageBoxA ; MessageBoxA
jmp short loc_402E78
; ---------------------------------------------------------------------------
loc_402E64: ; CODE XREF: sub_402EEC-9F�j
mov eax, offset dword_4051FC
mov edx, offset Text ; "Runtime error "
call sub_4030A4
call sub_403027
loc_402E78: ; CODE XREF: sub_402EEC-E7�j
; sub_402EEC-8A�j
mov eax, offset dword_405030
call sub_402D88
mov eax, offset dword_4051FC
call sub_402D88
call sub_401800
cmp ds:byte_40540C, 0
jnz short loc_402EAA
call sub_40292C
loc_402E9F: ; CODE XREF: sub_402EEC-113�j
push ds:uExitCode ; uExitCode
call ExitProcess ; ExitProcess
; ---------------------------------------------------------------------------
loc_402EAA: ; CODE XREF: sub_402EEC-109�j
; sub_402EEC-54�j
call sub_40292C
mov ds:byte_40540C, 0
mov eax, ds:uExitCode
neg eax
sbb eax, eax
inc eax
mov edi, ds:dword_405408
mov esi, ds:dword_405404
mov ebx, ds:dword_405400
mov ebp, ds:dword_4053FC
leave
retn 0Ch
; END OF FUNCTION CHUNK FOR sub_402EEC
; ---------------------------------------------------------------------------
byte_402EDC db 30h ; DATA XREF: sub_402EEC-B4�r
; ---------------------------------------------------------------------------
xor [edx], esi
xor esi, ds:39383736h[esi]
inc ecx
inc edx
inc ebx
inc esp
inc ebp
inc esi
; =============== S U B R O U T I N E =======================================
sub_402EEC proc near ; CODE XREF: start+15�p
; FUNCTION CHUNK AT 00402DC4 SIZE 00000118 BYTES
xor eax, eax
jmp short $+2
xor edx, edx
mov ds:dword_405020, edx
jmp loc_402DC4
sub_402EEC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
xor eax, eax
jmp short $+2
; =============== S U B R O U T I N E =======================================
sub_402F01 proc near ; CODE XREF: sub_4023D0:loc_40240C�j
; sub_4027E4+3�j ...
pop ds:dword_405020
jmp loc_402DC4
sub_402F01 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_402F0C proc near ; CODE XREF: CODE:00402F4C�j
; sub_402F4E+5�j ...
push ebx
push esi
mov esi, eax
mov ebx, edx
mov edx, [esi+4]
sub edx, 0D7B0h
jz short loc_402F27
cmp edx, 3
ja short loc_402F3B
call sub_402D88
loc_402F27: ; CODE XREF: sub_402F0C+F�j
mov eax, esi
mov [esi+4], ebx
call dword ptr [esi+18h]
test eax, eax
jz short loc_402F38
call sub_402428
loc_402F38: ; CODE XREF: sub_402F0C+25�j
; sub_402F0C+39�j
pop esi
pop ebx
retn
; ---------------------------------------------------------------------------
loc_402F3B: ; CODE XREF: sub_402F0C+14�j
mov eax, 66h
call sub_402428
jmp short loc_402F38
sub_402F0C endp
; ---------------------------------------------------------------------------
mov edx, 0D7B1h
jmp short sub_402F0C
; =============== S U B R O U T I N E =======================================
sub_402F4E proc near ; CODE XREF: sub_402F5C+45�p
; CODE:0040306B�p
mov edx, 0D7B2h
jmp short sub_402F0C
sub_402F4E endp
; ---------------------------------------------------------------------------
mov edx, 0D7B3h
jmp short sub_402F0C
; =============== S U B R O U T I N E =======================================
sub_402F5C proc near ; CODE XREF: sub_402FC7+16�p
; sub_402FC7+2F�j ...
push esi
push edi
mov esi, edx
cmp dword ptr [eax+4], 0D7B2h
jnz short loc_402F97
loc_402F69: ; CODE XREF: sub_402F5C+31�j
; sub_402F5C+54�j
mov edi, [eax+14h]
add edi, [eax+0Ch]
mov edx, [eax+8]
sub edx, [eax+0Ch]
cmp edx, ecx
jg short loc_402F8F
add [eax+0Ch], edx
sub ecx, edx
push eax
push ecx
mov ecx, edx
rep movsb
call dword ptr [eax+1Ch]
test eax, eax
jnz short loc_402FBE
pop ecx
pop eax
jmp short loc_402F69
; ---------------------------------------------------------------------------
loc_402F8F: ; CODE XREF: sub_402F5C+1B�j
add [eax+0Ch], ecx
rep movsb
loc_402F94: ; CODE XREF: sub_402F5C+60�j
; sub_402F5C+69�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_402F97: ; CODE XREF: sub_402F5C+B�j
cmp eax, offset dword_4051FC
jnz short loc_402FB2
push ecx
push edx
push eax
call sub_402F4E
pop eax
pop edx
pop ecx
cmp dword ptr [eax+4], 0D7B2h
jz short loc_402F69
loc_402FB2: ; CODE XREF: sub_402F5C+40�j
mov eax, 69h
call sub_402428
jmp short loc_402F94
; ---------------------------------------------------------------------------
loc_402FBE: ; CODE XREF: sub_402F5C+2D�j
call sub_402428
pop ecx
pop eax
jmp short loc_402F94
sub_402F5C endp
; =============== S U B R O U T I N E =======================================
sub_402FC7 proc near ; CODE XREF: CODE:00403017�p
; CODE:00403091�p ...
mov ecx, edx
loc_402FC9: ; CODE XREF: sub_402FC7+2B�j
mov edx, offset dword_404038
cmp ecx, 40h
jle short loc_402FF4
sub ecx, 40h
push eax
push ecx
mov ecx, 40h
call sub_402F5C
call sub_4029CC
cmp dword ptr [eax+4], 0
jnz short loc_402FFD
pop ecx
pop eax
jmp short loc_402FC9
; ---------------------------------------------------------------------------
loc_402FF4: ; CODE XREF: sub_402FC7+A�j
test ecx, ecx
jg sub_402F5C
retn
; ---------------------------------------------------------------------------
loc_402FFD: ; CODE XREF: sub_402FC7+27�j
pop ecx
pop eax
retn
sub_402FC7 endp
; ---------------------------------------------------------------------------
xor ecx, ecx
mov cl, [edx]
inc edx
jmp sub_402F5C
; ---------------------------------------------------------------------------
push ebx
xor ebx, ebx
mov bl, [edx]
sub ecx, ebx
jle short loc_40301E
push eax
push edx
mov edx, ecx
call sub_402FC7
pop edx
pop eax
loc_40301E: ; CODE XREF: CODE:00403011�j
mov ecx, ebx
pop ebx
inc edx
jmp sub_402F5C
; =============== S U B R O U T I N E =======================================
sub_403027 proc near ; CODE XREF: sub_402EEC-79�p
; FUNCTION CHUNK AT 00402D60 SIZE 00000025 BYTES
mov edx, offset asc_404078 ; "\r\n‹À"
mov ecx, 2
call sub_402F5C
jmp loc_402D60
sub_403027 endp
; ---------------------------------------------------------------------------
cmp dword ptr [eax+4], 0D7B2h
jnz short loc_403062
loc_403044: ; CODE XREF: CODE:00403060�j
; CODE:00403079�j
mov ecx, [eax+0Ch]
cmp ecx, [eax+8]
jge short loc_403055
add ecx, [eax+14h]
mov [ecx], dl
inc dword ptr [eax+0Ch]
retn
; ---------------------------------------------------------------------------
loc_403055: ; CODE XREF: CODE:0040304A�j
push eax
push edx
call dword ptr [eax+1Ch]
test eax, eax
jnz short loc_403085
pop edx
pop eax
jmp short loc_403044
; ---------------------------------------------------------------------------
loc_403062: ; CODE XREF: CODE:00403042�j
cmp eax, offset dword_4051FC
jnz short loc_40307B
push edx
push eax
call sub_402F4E
pop eax
pop edx
cmp dword ptr [eax+4], 0D7B2h
jz short loc_403044
loc_40307B: ; CODE XREF: CODE:00403067�j
mov eax, 69h
jmp sub_402428
; ---------------------------------------------------------------------------
loc_403085: ; CODE XREF: CODE:0040305C�j
call sub_402428
pop edx
pop eax
retn
; ---------------------------------------------------------------------------
push edx
lea edx, [ecx-1]
call sub_402FC7
mov edx, esp
mov ecx, 1
call sub_402F5C
pop edx
retn
; =============== S U B R O U T I N E =======================================
sub_4030A4 proc near ; CODE XREF: sub_402EEC-7E�p
xor ecx, ecx
jmp short $+2
push esi
push edi
mov esi, eax
push ecx
mov edi, edx
or ecx, 0FFFFFFFFh
mov al, 0
repne scasb
not ecx
dec ecx
mov edi, edx
pop edx
sub edx, ecx
mov eax, esi
push ecx
call sub_402FC7
pop ecx
mov eax, esi
mov edx, edi
pop edi
pop esi
jmp sub_402F5C
sub_4030A4 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4030D4 proc near ; CODE XREF: start+B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
xor eax, eax
push ebp
push offset loc_403176
push dword ptr fs:[eax]
mov fs:[eax], esp
mov eax, ds:TlsIndex
shl eax, 2
mov ds:dword_4053CC, eax
xor eax, eax
mov ds:uExitCode, eax
xor eax, eax
mov ds:dword_40501C, eax
xor eax, eax
mov ds:dword_405020, eax
call sub_4029CC
xor edx, edx
mov [eax+4], edx
xor eax, eax
mov ds:dword_405024, eax
mov ds:byte_40502B, 2
mov ds:byte_40502C, 2
mov ds:byte_40502D, 3
mov ds:word_4053D4, 0
mov ds:word_4053E4, 1
call sub_40253C
mov eax, offset dword_405030
mov edx, offset dword_403184
call sub_402CE5
mov eax, offset dword_4051FC
mov edx, offset dword_403184
call sub_402CE5
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_40317D
loc_403175: ; CODE XREF: sub_4030D4+A7�j
retn
; ---------------------------------------------------------------------------
loc_403176: ; DATA XREF: sub_4030D4+9�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_403175
; ---------------------------------------------------------------------------
loc_40317D: ; CODE XREF: sub_4030D4:loc_403175�j
; DATA XREF: sub_4030D4+9C�o
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4030D4 endp
; ---------------------------------------------------------------------------
align 4
dword_403184 dd 0 ; sub_4030D4+8A�o
; [00000006 BYTES: COLLAPSED FUNCTION CloseHandle_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION CreateFileA_0. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION DeleteFileA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION FileTimeToDosDateTime. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION FileTimeToLocalFileTime. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION FindClose. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION FindFirstFileA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION FindResourceA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION FreeLibrary. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION FreeResource. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetProcAddress. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION GetTempFileNameA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION GetTempPathA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION LoadLibraryA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION LoadResource. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION LockResource. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION SizeofResource. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION WriteFile_0. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION DispatchMessageA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION GetActiveWindow. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION MessageBoxA_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000006 BYTES: COLLAPSED FUNCTION PeekMessageA. PRESS KEYPAD "+" TO EXPAND]
align 4
; [00000006 BYTES: COLLAPSED FUNCTION TranslateMessage. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_403240 proc near ; CODE XREF: sub_403470+130�p
xor eax, eax
retn
sub_403240 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_403244 proc near ; CODE XREF: sub_4035D8:loc_403646�p
push ebx
add esp, 0FFFFFFE4h
mov ebx, esp
jmp short loc_40325E
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_403244+2A�j
cmp dword ptr [ebx+4], 12h
jz short loc_40325E
push ebx ; lpMsg
call TranslateMessage ; TranslateMessage
push ebx ; lpMsg
call DispatchMessageA ; DispatchMessageA
loc_40325E: ; CODE XREF: sub_403244+6�j
; sub_403244+C�j
push 1 ; wRemoveMsg
push 0 ; wMsgFilterMax
push 0 ; wMsgFilterMin
push 0 ; hWnd
push ebx ; lpMsg
call PeekMessageA ; PeekMessageA
test eax, eax
jnz short loc_40324C
add esp, 1Ch
pop ebx
retn
sub_403244 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403278 proc near ; CODE XREF: sub_403470+8F�p
PathName = byte ptr -20Ch
TempFileName = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFDF4h
push ebx
push esi
push edi
mov ebx, edx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
call sub_402ACC
xor eax, eax
push ebp
push offset loc_403303
push dword ptr fs:[eax]
mov fs:[eax], esp
lea eax, [ebp+PathName]
push eax ; lpBuffer
push 104h ; nBufferLength
call GetTempPathA ; GetTempPathA
lea eax, [ebp+TempFileName]
push eax ; lpTempFileName
push 0 ; uUnique
mov eax, [ebp+var_4]
call sub_402ADC
push eax ; lpPrefixString
lea eax, [ebp+PathName]
push eax ; lpPathName
call GetTempFileNameA ; GetTempFileNameA
test eax, eax
jz short loc_4032E6
mov eax, ebx
lea edx, [ebp+TempFileName]
mov ecx, 104h
call sub_402AB4
jmp short loc_4032ED
; ---------------------------------------------------------------------------
loc_4032E6: ; CODE XREF: sub_403278+58�j
mov eax, ebx
call sub_402A10
loc_4032ED: ; CODE XREF: sub_403278+6C�j
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_40330A
loc_4032FA: ; CODE XREF: sub_403278+90�j
lea eax, [ebp+var_4]
call sub_402A10
retn
; ---------------------------------------------------------------------------
loc_403303: ; DATA XREF: sub_403278+1C�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4032FA
; ---------------------------------------------------------------------------
loc_40330A: ; CODE XREF: sub_403278+8A�j
; DATA XREF: sub_403278+7D�o
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_403278 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_403314 proc near ; CODE XREF: sub_4035D8+5B�p
push ebx
mov ebx, eax
cmp ds:hModule, 0
jnz short loc_403332
mov eax, ebx
call sub_402ADC
push eax ; lpLibFileName
call LoadLibraryA ; LoadLibraryA
mov ds:hModule, eax
loc_403332: ; CODE XREF: sub_403314+A�j
cmp ds:hModule, 0
setnz al
and eax, 7Fh
test eax, eax
jz short loc_403363
push offset ProcName ; "GGSfxExecutePack"
mov eax, ds:hModule
push eax ; hModule
call GetProcAddress ; GetProcAddress
mov ebx, eax
mov ds:dword_405488, ebx
test ebx, ebx
setnz al
and eax, 7Fh
loc_403363: ; CODE XREF: sub_403314+2D�j
pop ebx
retn
sub_403314 endp
; ---------------------------------------------------------------------------
align 4
; char ProcName[]
ProcName db 'GGSfxExecutePack',0 ; DATA XREF: sub_403314+2F�o
align 4
; =============== S U B R O U T I N E =======================================
sub_40337C proc near ; CODE XREF: sub_4035D8+92�p
xor eax, eax
mov ds:dword_405488, eax
cmp ds:hModule, 0
jz short locret_40339E
mov eax, ds:hModule
push eax ; hLibModule
call FreeLibrary ; FreeLibrary
xor eax, eax
mov ds:hModule, eax
locret_40339E: ; CODE XREF: sub_40337C+E�j
retn
sub_40337C endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_4033A0 proc near ; CODE XREF: sub_403470+96�p
push ebx
mov ebx, eax
push 0 ; hTemplateFile
push 80h ; dwFlagsAndAttributes
push 2 ; dwCreationDisposition
push 0 ; lpSecurityAttributes
push 0 ; dwShareMode
push 0C0000000h ; dwDesiredAccess
mov eax, ebx
call sub_402ADC
push eax ; lpFileName
call CreateFileA_0
pop ebx
retn
sub_4033A0 endp
; =============== S U B R O U T I N E =======================================
; int __fastcall sub_4033C4(DWORD nNumberOfBytesToWrite, LPCVOID lpBuffer)
sub_4033C4 proc near ; CODE XREF: sub_403470+110�p
NumberOfBytesWritten= dword ptr -10h
push ebx
push esi
push edi
push ecx
mov edi, ecx
mov esi, edx
mov ebx, eax
push 0 ; lpOverlapped
lea eax, [esp+14h+NumberOfBytesWritten]
push eax ; lpNumberOfBytesWritten
push edi ; nNumberOfBytesToWrite
push esi ; lpBuffer
push ebx ; hFile
call WriteFile_0
test eax, eax
jnz short loc_4033E8
mov [esp+10h+NumberOfBytesWritten], 0FFFFFFFFh
loc_4033E8: ; CODE XREF: sub_4033C4+1B�j
mov eax, [esp+10h+NumberOfBytesWritten]
pop edx
pop edi
pop esi
pop ebx
retn
sub_4033C4 endp
; =============== S U B R O U T I N E =======================================
sub_4033F0 proc near ; CODE XREF: sub_403470+129�p
push eax ; hObject
call CloseHandle_0
retn
sub_4033F0 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4033F8 proc near
FindFileData = _WIN32_FIND_DATAA ptr -14Ch
LocalFileTime = _FILETIME ptr -0Ch
FatTime = word ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFEB4h
push ebx
mov ebx, eax
lea eax, [ebp+FindFileData]
push eax ; lpFindFileData
mov eax, ebx
call sub_402ADC
push eax ; lpFileName
call FindFirstFileA ; FindFirstFileA
cmp eax, 0FFFFFFFFh
jz short loc_403451
push eax ; hFindFile
call FindClose ; FindClose
test byte ptr [ebp+FindFileData.dwFileAttributes], 10h
jnz short loc_403451
lea eax, [ebp+LocalFileTime]
push eax ; lpLocalFileTime
lea eax, [ebp+FindFileData.ftLastWriteTime]
push eax ; lpFileTime
call FileTimeToLocalFileTime ; FileTimeToLocalFileTime
lea eax, [ebp+FatTime]
push eax ; lpFatTime
lea eax, [ebp+FatTime+2]
push eax ; lpFatDate
lea eax, [ebp+LocalFileTime]
push eax ; lpFileTime
call FileTimeToDosDateTime ; FileTimeToDosDateTime
test eax, eax
jnz short loc_403458
loc_403451: ; CODE XREF: sub_4033F8+23�j
; sub_4033F8+32�j
mov dword ptr [ebp+FatTime], 0FFFFFFFFh
loc_403458: ; CODE XREF: sub_4033F8+57�j
mov eax, dword ptr [ebp+FatTime]
pop ebx
mov esp, ebp
pop ebp
retn
sub_4033F8 endp
; ---------------------------------------------------------------------------
db 53h ; S
db 8Bh ; ‹
db 0D8h ; Ø
db 8Bh ; ‹
db 0C3h ; Ã
db 0E8h ; è
db 8Eh ; Ž
db 0FFh
db 0FFh
db 0FFh
db 40h ; @
db 0Fh
db 95h ; •
db 0C0h ; À
db 5Bh ; [
db 0C3h ; Ã
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403470 proc near ; CODE XREF: sub_4035D8+29�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
lpBuffer = dword ptr -14h
nNumberOfBytesToWrite= dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
add esp, 0FFFFFFE4h
push ebx
push esi
push edi
mov ebx, eax
mov eax, ebx
call sub_402A10
xor eax, eax
push ebp
push offset loc_4035B9
push dword ptr fs:[eax]
mov fs:[eax], esp
push 0Ah ; lpType
push offset Name ; "ENG"
mov eax, ds:dword_40500C
push eax ; hModule
call FindResourceA ; FindResourceA
mov esi, eax
test esi, esi
jnz short loc_4034B2
call sub_4027CC
jmp loc_4035C0
; ---------------------------------------------------------------------------
loc_4034B2: ; CODE XREF: sub_403470+36�j
push esi ; hResInfo
mov eax, ds:dword_40500C
push eax ; hModule
call LoadResource ; LoadResource
mov edi, eax
test edi, edi
jnz short loc_4034CE
call sub_4027CC
jmp loc_4035C0
; ---------------------------------------------------------------------------
loc_4034CE: ; CODE XREF: sub_403470+52�j
push edi ; hResData
call LockResource ; LockResource
mov [ebp+var_4], eax
push esi ; hResInfo
mov eax, ds:dword_40500C
push eax ; hModule
call SizeofResource ; SizeofResource
mov [ebp+var_8], eax
cmp [ebp+var_8], 7530h
jle loc_40359E
xor eax, eax
mov [ebp+var_18], eax
mov edx, ebx
mov eax, offset dword_4035D4
call sub_403278
mov eax, [ebx]
call sub_4033A0
mov [ebp+var_C], eax
mov esi, [ebp+var_8]
cmp esi, 0F000h
jle short loc_403522
mov [ebp+nNumberOfBytesToWrite], 0F000h
jmp short loc_403525
; ---------------------------------------------------------------------------
loc_403522: ; CODE XREF: sub_403470+A7�j
mov [ebp+nNumberOfBytesToWrite], esi
loc_403525: ; CODE XREF: sub_403470+B0�j
mov eax, [ebp+nNumberOfBytesToWrite]
call sub_4023B8
mov [ebp+lpBuffer], eax
test esi, esi
jz short loc_40358B
loc_403534: ; CODE XREF: sub_403470+119�j
cmp esi, [ebp+nNumberOfBytesToWrite]
jle short loc_40353E
mov ebx, [ebp+nNumberOfBytesToWrite]
jmp short loc_403540
; ---------------------------------------------------------------------------
loc_40353E: ; CODE XREF: sub_403470+C7�j
mov ebx, esi
loc_403540: ; CODE XREF: sub_403470+CC�j
cmp [ebp+var_18], 0
jl short loc_403578
test ebx, ebx
jl short loc_403578
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jle short loc_403578
cmp ebx, [ebp+var_1C]
jge short loc_403561
mov [ebp+var_1C], ebx
loc_403561: ; CODE XREF: sub_403470+EC�j
mov edx, [ebp+lpBuffer]
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_1C]
call sub_402438
mov eax, [ebp+var_1C]
add [ebp+var_18], eax
loc_403578: ; CODE XREF: sub_403470+D4�j
; sub_403470+D8�j ...
mov edx, [ebp+lpBuffer] ; lpBuffer
mov ecx, ebx ; nNumberOfBytesToWrite
mov eax, [ebp+var_C]
call sub_4033C4
sub esi, ebx
test esi, esi
jnz short loc_403534
loc_40358B: ; CODE XREF: sub_403470+C2�j
mov edx, [ebp+nNumberOfBytesToWrite]
mov eax, [ebp+lpBuffer]
call sub_4023D0
mov eax, [ebp+var_C]
call sub_4033F0
loc_40359E: ; CODE XREF: sub_403470+7D�j
mov eax, edi
call sub_403240
push edi ; hResData
call FreeResource ; FreeResource
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4035C0
loc_4035B8: ; CODE XREF: sub_403470+14E�j
retn
; ---------------------------------------------------------------------------
loc_4035B9: ; DATA XREF: sub_403470+15�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4035B8
; ---------------------------------------------------------------------------
loc_4035C0: ; CODE XREF: sub_403470+3D�j
; sub_403470+59�j ...
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_403470 endp
; ---------------------------------------------------------------------------
align 4
; char Name[]
Name db 'ENG',0 ; DATA XREF: sub_403470+22�o
dd 0FFFFFFFFh, 2
dword_4035D4 dd 5347h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4035D8 proc near ; CODE XREF: start+10�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 00402620 SIZE 0000009D BYTES
; FUNCTION CHUNK AT 004026DD SIZE 00000006 BYTES
push ebp
mov ebp, esp
push 0
push 0
push ebx
push esi
push edi
xor eax, eax
push ebp
push offset loc_4036D5
push dword ptr fs:[eax]
mov fs:[eax], esp
xor eax, eax
push ebp
push offset loc_40368F
push dword ptr fs:[eax]
mov fs:[eax], esp
lea eax, [ebp+var_4]
call sub_403470
cmp [ebp+var_4], 0
jnz short loc_403630
push 10h ; uType
push offset aResourceNotFou ; "Resource not found"
push offset aThisProgramIsD ; "This program is designed for internal u"...
call GetActiveWindow ; GetActiveWindow
push eax ; hWnd
call MessageBoxA_0
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp loc_4036BA
; ---------------------------------------------------------------------------
loc_403630: ; CODE XREF: sub_4035D8+32�j
mov eax, [ebp+var_4]
call sub_403314
test eax, eax
jnz short loc_403646
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_4036BA
; ---------------------------------------------------------------------------
loc_403646: ; CODE XREF: sub_4035D8+62�j
call sub_403244
mov eax, ds:dword_40500C
push eax
lea edx, [ebp+var_8]
xor eax, eax
call sub_4024E4
mov eax, [ebp+var_8]
call sub_402ADC
push eax
call ds:dword_405488
call sub_40337C
mov eax, [ebp+var_4]
call sub_402ADC
push eax ; lpFileName
call DeleteFileA ; DeleteFileA
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
jmp short loc_4036BA
; ---------------------------------------------------------------------------
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
loc_40368F: ; DATA XREF: sub_4035D8+1B�o
jmp loc_402620
; ---------------------------------------------------------------------------
dd 0E8FC458Bh, 0FFFFFDC4h, 0E74C084h, 0E8FC458Bh, 0FFFFF434h
dd 0FAEAE850h, 0E9E8FFFFh, 0EBFFFFF0h, 0F0E2E805h
db 2 dup(0FFh)
; ---------------------------------------------------------------------------
loc_4036BA: ; CODE XREF: sub_4035D8+53�j
; sub_4035D8+6C�j ...
xor eax, eax
pop edx
pop ecx
pop ecx
mov fs:[eax], edx
push offset loc_4036DC
loc_4036C7: ; CODE XREF: sub_4035D8+102�j
lea eax, [ebp+var_8]
mov edx, 2
call sub_402A30
retn
; ---------------------------------------------------------------------------
loc_4036D5: ; DATA XREF: sub_4035D8+D�o
jmp loc_4026E4
; ---------------------------------------------------------------------------
jmp short loc_4036C7
; ---------------------------------------------------------------------------
loc_4036DC: ; CODE XREF: sub_4035D8+FC�j
; DATA XREF: sub_4035D8+EA�o
pop edi
pop esi
pop ebx
pop ecx
pop ecx
pop ebp
retn
sub_4035D8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; char aResourceNotFou[]
aResourceNotFou db 'Resource not found',0 ; DATA XREF: sub_4035D8+36�o
align 4
; char aThisProgramIsD[]
aThisProgramIsD db 'This program is designed for internal use only.',0Dh,'GSfx Wizard 1.'
; DATA XREF: sub_4035D8+3B�o
db '1',0
; [0000001E BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
align 100h
CODE ends
; Section 2. (virtual address 00004000)
; Virtual size : 0000007C ( 124.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00002C00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
DATA segment para public 'DATA' use32
assume cs:DATA
;org 404000h
byte_404000 db 0 ; DATA XREF: sub_402554�r sub_402588�r ...
db 8Dh, 40h, 0
off_404004 dd offset sub_401DF8 ; DATA XREF: sub_4023B8+4�r
off_404008 dd offset sub_401F80 ; DATA XREF: sub_4023D0+4�r
dd offset sub_4022F4
word_404010 dw 1332h ; DATA XREF: sub_40253C+3�r
dw 0C08Bh
; char Text[]
Text db 'Runtime error ' ; DATA XREF: sub_402EEC-96�o
; sub_402EEC-83�o
aAt00000000 db ' at 00000000',0 ; DATA XREF: sub_402EEC-E0�o
; char Caption[]
Caption db 'Error',0 ; DATA XREF: sub_402EEC-9B�o
dword_404038 dd 10h dup(20202020h)asc_404078 db 0Dh,0Ah ; DATA XREF: sub_403027�o
db '‹À',0
align 200h
DATA ends
; Section 3. (virtual address 00005000)
; Virtual size : 00000490 ( 1168.)
; Section size in file : 00000000 ( 0.)
; Offset to raw data for section: 00002E00
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
BSS segment para public '' use32
assume cs:BSS
;org 405000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
dword_405000 dd ? dword_405004 dd ? dword_405008 dd ? ; CODE:004028C6�r
; HMODULE dword_40500C
dword_40500C dd ? ; sub_403470+27�r ...
dword_405010 dd ? dword_405014 dd ? ; UINT uExitCode
uExitCode dd ? ; DATA XREF: sub_402EEC:loc_402DC4�w
; sub_402EEC-E5�r ...
dword_40501C dd ? ; sub_402EEC-F8�w ...
dword_405020 dd ? ; sub_402EEC-C3�r ...
dword_405024 dd ? byte_405028 db ? ; DATA XREF: sub_4029CC�r
; sub_402EEC-123�r
byte_405029 db ? ; DATA XREF: sub_402EEC-A6�r
byte_40502A db ? ; DATA XREF: sub_40173C+1B�r
; sub_40173C:loc_4017DE�r ...
byte_40502B db ? ; DATA XREF: sub_4030D4+4A�w
byte_40502C db ? ; DATA XREF: sub_4030D4+51�w
byte_40502D db ? ; DATA XREF: sub_4030D4+58�w
align 10h
dword_405030 dd 73h dup(?) ; sub_402EEC:loc_402E78�o ...
dword_4051FC dd 73h dup(?) ; sub_402EEC-6A�o ...
; DWORD TlsIndex
TlsIndex dd ? ; DATA XREF: sub_402984+1�r
; sub_402984+33�r ...
dword_4053CC dd ? dd ?
word_4053D4 dw ? ; DATA XREF: sub_4030D4+5F�w
align 4
dd 3 dup(?)
word_4053E4 dw ? ; DATA XREF: sub_4030D4+68�w
align 4
dd 3 dup(?)
dword_4053F4 dd ? ; sub_401D04+92�w ...
dword_4053F8 dd ? ; sub_401D04+9B�w ...
dword_4053FC dd ? dword_405400 dd ? dword_405404 dd ? dword_405408 dd ? byte_40540C db ? ; DATA XREF: sub_402EEC-11A�r
; sub_402EEC-5B�r ...
byte_40540D db ? ; DATA XREF: sub_40173C+8E�w
; sub_40173C:loc_4017F9�r ...
align 10h
dword_405410 dd ? ; sub_40147C+63�w ...
; struct _RTL_CRITICAL_SECTION CriticalSection
CriticalSection _RTL_CRITICAL_SECTION <?> ; DATA XREF: sub_40173C+11�o
; sub_40173C+24�o ...
; HLOCAL dword_40542C
dword_40542C dd ? ; sub_4010DC+2A�w ...
dword_405430 dd ? dword_405434 dd ? ; sub_4012C8+51�o ...
dd 3 dup(?)
dword_405444 dd 4 dup(?) ; sub_40158C+E�o ...
dword_405454 dd ? dword_405458 dd ? align 10h
dword_405460 dd ? ; sub_4018E4+1�r ...
dword_405464 dd ? dword_405468 dd ? ; sub_401BA4+2E�r ...
; HLOCAL hMem
hMem dd ? ; DATA XREF: sub_40173C+58�w
; sub_40173C+5D�r ...
dword_405470 dd ? ; sub_401800+81�o ...
align 10h
dword_405480 dd ? ; sub_40292C+2�r
dword_405484 dd ? ; sub_4029CC:loc_4029FD�r
dword_405488 dd ? ; sub_40337C+2�w ...
; HMODULE hModule
hModule dd ? ; DATA XREF: sub_403314+3�r
; sub_403314+19�w ...
align 200h
BSS ends
;
; Imports from kernel32.dll
;
; Section 4. (virtual address 00006000)
; Virtual size : 000004B4 ( 1204.)
; Section size in file : 00000600 ( 1536.)
; Offset to raw data for section: 00002E00
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Externs
; _idata
; void __stdcall DeleteCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn __imp_DeleteCriticalSection:dword ; DATA XREF: DeleteCriticalSection�r
; void __stdcall LeaveCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn __imp_LeaveCriticalSection:dword ; DATA XREF: LeaveCriticalSection�r
; void __stdcall EnterCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn __imp_EnterCriticalSection:dword ; DATA XREF: EnterCriticalSection�r
; void __stdcall InitializeCriticalSection(LPCRITICAL_SECTION lpCriticalSection)
extrn __imp_InitializeCriticalSection:dword
; DATA XREF: InitializeCriticalSection�r
; BOOL __stdcall VirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType)
extrn __imp_VirtualFree:dword ; DATA XREF: VirtualFree�r
; LPVOID __stdcall VirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect)
extrn __imp_VirtualAlloc:dword ; DATA XREF: VirtualAlloc�r
; HLOCAL __stdcall LocalFree(HLOCAL hMem)
extrn __imp_LocalFree:dword ; DATA XREF: LocalFree�r
; HLOCAL __stdcall LocalAlloc(UINT uFlags, SIZE_T uBytes)
extrn __imp_LocalAlloc:dword ; DATA XREF: LocalAlloc�r
; BOOL __stdcall TlsSetValue(DWORD dwTlsIndex, LPVOID lpTlsValue)
extrn __imp_TlsSetValue:dword ; DATA XREF: TlsSetValue�r
; LPVOID __stdcall TlsGetValue(DWORD dwTlsIndex)
extrn __imp_TlsGetValue:dword ; DATA XREF: TlsGetValue�r
; HMODULE __stdcall GetModuleHandleA(LPCSTR lpModuleName)
extrn __imp_GetModuleHandleA:dword ; DATA XREF: GetModuleHandleA�r
; DWORD __stdcall GetModuleFileNameA(HMODULE hModule, LPCH lpFilename, DWORD nSize)
extrn __imp_GetModuleFileNameA:dword ; DATA XREF: GetModuleFileNameA�r
; DWORD __stdcall GetLastError()
extrn __imp_GetLastError:dword ; DATA XREF: GetLastError�r
; LPSTR __stdcall GetCommandLineA()
extrn __imp_GetCommandLineA:dword ; DATA XREF: GetCommandLineA�r
; BOOL __stdcall WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped)
extrn __imp_WriteFile:dword ; DATA XREF: WriteFile�r
; DWORD __stdcall SetFilePointer(HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod)
extrn __imp_SetFilePointer:dword ; DATA XREF: SetFilePointer�r
; BOOL __stdcall SetEndOfFile(HANDLE hFile)
extrn __imp_SetEndOfFile:dword ; DATA XREF: SetEndOfFile�r
extrn __imp_RtlUnwind:dword ; DATA XREF: RtlUnwind�r
; BOOL __stdcall ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped)
extrn __imp_ReadFile:dword ; DATA XREF: ReadFile�r
; void __stdcall RaiseException(DWORD dwExceptionCode, DWORD dwExceptionFlags, DWORD nNumberOfArguments, const ULONG_PTR *lpArguments)
extrn __imp_RaiseException:dword ; DATA XREF: RaiseException�r
; HANDLE __stdcall GetStdHandle(DWORD nStdHandle)
extrn __imp_GetStdHandle:dword ; DATA XREF: GetStdHandle�r
; DWORD __stdcall GetFileSize(HANDLE hFile, LPDWORD lpFileSizeHigh)
extrn __imp_GetFileSize:dword ; DATA XREF: GetFileSize�r
; DWORD __stdcall GetFileType(HANDLE hFile)
extrn __imp_GetFileType:dword ; DATA XREF: GetFileType�r
; void __stdcall ExitProcess(UINT uExitCode)
extrn __imp_ExitProcess:dword ; DATA XREF: ExitProcess�r
; HANDLE __stdcall CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile)
extrn __imp_CreateFileA:dword ; DATA XREF: CreateFileA�r
; BOOL __stdcall CloseHandle(HANDLE hObject)
extrn __imp_CloseHandle:dword ; DATA XREF: CloseHandle�r
;
; Imports from user32.dll
;
; int __stdcall MessageBoxA(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType)
extrn __imp_MessageBoxA:dword ; DATA XREF: MessageBoxA�r
;
; Imports from kernel32.dll
;
; BOOL __stdcall WriteFile_0(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped)
extrn __imp_WriteFile_0:dword ; DATA XREF: WriteFile_0�r
; DWORD __stdcall SizeofResource(HMODULE hModule, HRSRC hResInfo)
extrn __imp_SizeofResource:dword ; DATA XREF: SizeofResource�r
; LPVOID __stdcall LockResource(HGLOBAL hResData)
extrn __imp_LockResource:dword ; DATA XREF: LockResource�r
; HGLOBAL __stdcall LoadResource(HMODULE hModule, HRSRC hResInfo)
extrn __imp_LoadResource:dword ; DATA XREF: LoadResource�r
; HMODULE __stdcall LoadLibraryA(LPCSTR lpLibFileName)
extrn __imp_LoadLibraryA:dword ; DATA XREF: LoadLibraryA�r
; DWORD __stdcall GetTempPathA(DWORD nBufferLength, LPSTR lpBuffer)
extrn __imp_GetTempPathA:dword ; DATA XREF: GetTempPathA�r
; UINT __stdcall GetTempFileNameA(LPCSTR lpPathName, LPCSTR lpPrefixString, UINT uUnique, LPSTR lpTempFileName)
extrn __imp_GetTempFileNameA:dword ; DATA XREF: GetTempFileNameA�r
; FARPROC __stdcall GetProcAddress(HMODULE hModule, LPCSTR lpProcName)
extrn __imp_GetProcAddress:dword ; DATA XREF: GetProcAddress�r
; BOOL __stdcall FreeResource(HGLOBAL hResData)
extrn __imp_FreeResource:dword ; DATA XREF: FreeResource�r
; BOOL __stdcall FreeLibrary(HMODULE hLibModule)
extrn __imp_FreeLibrary:dword ; DATA XREF: FreeLibrary�r
; HRSRC __stdcall FindResourceA(HMODULE hModule, LPCSTR lpName, LPCSTR lpType)
extrn __imp_FindResourceA:dword ; DATA XREF: FindResourceA�r
; HANDLE __stdcall FindFirstFileA(LPCSTR lpFileName, LPWIN32_FIND_DATAA lpFindFileData)
extrn __imp_FindFirstFileA:dword ; DATA XREF: FindFirstFileA�r
; BOOL __stdcall FindClose(HANDLE hFindFile)
extrn __imp_FindClose:dword ; DATA XREF: FindClose�r
; BOOL __stdcall FileTimeToLocalFileTime(const FILETIME *lpFileTime, LPFILETIME lpLocalFileTime)
extrn __imp_FileTimeToLocalFileTime:dword
; DATA XREF: FileTimeToLocalFileTime�r
; BOOL __stdcall FileTimeToDosDateTime(const FILETIME *lpFileTime, LPWORD lpFatDate, LPWORD lpFatTime)
extrn __imp_FileTimeToDosDateTime:dword ; DATA XREF: FileTimeToDosDateTime�r
; BOOL __stdcall DeleteFileA(LPCSTR lpFileName)
extrn __imp_DeleteFileA:dword ; DATA XREF: DeleteFileA�r
; HANDLE __stdcall CreateFileA_0(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile)
extrn __imp_CreateFileA_0:dword ; DATA XREF: CreateFileA_0�r
; BOOL __stdcall CloseHandle_0(HANDLE hObject)
extrn __imp_CloseHandle_0:dword ; DATA XREF: CloseHandle_0�r
;
; Imports from user32.dll
;
; BOOL __stdcall TranslateMessage(const MSG *lpMsg)
extrn __imp_TranslateMessage:dword ; DATA XREF: TranslateMessage�r
; BOOL __stdcall PeekMessageA(LPMSG lpMsg, HWND hWnd, UINT wMsgFilterMin, UINT wMsgFilterMax, UINT wRemoveMsg)
extrn __imp_PeekMessageA:dword ; DATA XREF: PeekMessageA�r
; int __stdcall MessageBoxA_0(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType)
extrn __imp_MessageBoxA_0:dword ; DATA XREF: MessageBoxA_0�r
; HWND __stdcall GetActiveWindow()
extrn __imp_GetActiveWindow:dword ; DATA XREF: GetActiveWindow�r
; LRESULT __stdcall DispatchMessageA(const MSG *lpMsg)
extrn __imp_DispatchMessageA:dword ; DATA XREF: DispatchMessageA�r
; Section 5. (virtual address 00007000)
; Virtual size : 00000008 ( 8.)
; Section size in file : 00000000 ( 0.)
; Offset to raw data for section: 00003400
; Flags C0000000: Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Regular
; Segment permissions: Read/Write
_tls segment para public '' use32
assume cs:_tls
;org 407000h
assume es:nothing, ss:nothing, ds:CODE, fs:nothing, gs:nothing
TlsStart dd 2 dup(?) ; DATA XREF: .rdata:TlsDirectory�o
TlsEnd dd 7Eh dup(?) ; DATA XREF: .rdata:TlsEnd_ptr�o
_tls ends
; Section 6. (virtual address 00008000)
; Virtual size : 00000018 ( 24.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00003400
; Flags 50000040: Data Shareable Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 408000h
TlsDirectory dd offset TlsStart
TlsEnd_ptr dd offset TlsEnd
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsSizeOfZeroFill
TlsSizeOfZeroFill dd 0 ; DATA XREF: .rdata:TlsCallbacks_ptr�o
TlsCharacteristics dd 0
align 200h
_rdata ends
end start